summaryrefslogtreecommitdiffstats
path: root/cmd
Commit message (Collapse)AuthorAgeFilesLines
* Fix ssh deploy and user key constraints (#1357) (#5939)zeripath2019-02-031-7/+8
| | | | | | | | | | | | | | | | 1. A key can either be an ssh user key or a deploy key. It cannot be both. 2. If a key is a user key - it can only be associated with one user. 3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different. 4. If a repository is deleted, its deploy keys must be deleted too. We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints: - [x] You should not be able to add the same user key as another user - [x] You should not be able to add a ssh user key which is being used as a deploy key - [x] You should not be able to add a ssh deploy key which is being used as a user key - [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode. - [x] If you delete a repository you must delete all its deploy keys. Fix #1357
* Fix notifications on pushing with deploy keys by setting hook environment ↵zeripath2019-02-031-0/+6
| | | | | | | | | | | | | variables (#5935) The gitea prerecieve and postrecieve hooks and the gitea PushUpdate function require that the PusherID and PusherName are real users. Previously, these environment variables were not being set when using a deploy key - the main result being that pushing to empty repositories meant that is_empty status was not changed. I've also added an integration test to ensure that the is_empty status is updated on pushing with a deploy key. There is a slight issue in that the deploy key is now considered a proxy for the owner - we don't have a way of separating out the deploy key from the owner at present. This can be fixed in another PR. Fix #3795 Signed-off-by: Andrew Thornton art27@cantab.net
* Fix #5866: Silence console logger in gitea serv (#5887)zeripath2019-02-031-0/+1
| | | | | | | By default, if `setting.NewContext()` prints out any warning logs, these are printed to the stdout breaking `git receive-pack` etc. meaning that even if there is a warning because of a minor problem in your app.ini but gitea starts despite this - you **CANNOT** push or pull over SSH. This PR disables the console logger whilst in `serv.go` Signed-off-by: Andrew Thornton <art27@cantab.net>
* Disallow empty titles (#5785)Lanre Adelowo2019-01-211-2/+3
| | | | | | | | | | | | * add util method and tests * make sure the title of an issue cannot be empty * wiki title cannot be empty * pull request title cannot be empty * update to make use of the new util methof
* Add flag to skip repository dumping (#5695)Zsombor2019-01-131-14/+22
|
* Allow for user specific themes (#5668)Lanre Adelowo2019-01-091-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | * add migration and basic UI for changing a user's theme * update user themem * use right text on button * load theme based on users' selection * load theme based on users' selection in pwa too * update sample config * delete older theme loading * implement AfterLoad to set users' theme properly * set up default theme when creating a user. This uses the installation wide theme * use flash messages for error * set default theme when creating a user from the cli * fix @lunny review
* Make sure argsSet verifies string isn't empty too (#4980)Lanre Adelowo2018-12-271-0/+5
|
* fix lfs version check warning log when using ssh protocol (#5501)Lunny Xiao2018-12-192-9/+25
|
* Remove a double slash in the HTTPS redirection when Let's Encrypt is enabled ↵Greg Karékinian2018-12-121-1/+4
| | | | | | | | | | | | | | | (#5537) Before: $ curl 0.0.0.0:3001 <a href="https://gitea.example.com:3000//">Found</a>. After: $ curl 0.0.0.0:3001 <a href="https://gitea.example.com:3000/">Found</a>. Fixes #5536
* fix detect force push failure on deletion of protected branches (#5522)Lunny Xiao2018-12-121-12/+12
|
* fix clone wiki failed via ssh (#5503)Lunny Xiao2018-12-111-4/+8
|
* Fix the Let's Encrypt handler by listening on a valid address (#5525)Greg Karékinian2018-12-111-1/+7
| | | | | | | | | | | | | | | | | | | * Fix the Let's Encrypt handler by listening on a valid address Also handle errors in the HTTP server go routine, return a fatal error when something goes wrong. Thanks to @gbl08ma for finding the actual bug Here is an example of the error handling: 2018/12/11 14:23:07 [....io/gitea/cmd/web.go:87 func1()] [E] Failed to start the Let's Encrypt handler on port 30: listen tcp 0.0.0.0:30: bind: permission denied Closes #5280 * Fix a typo
* Restrict permission check on repositories and fix some problems (#5314)Lunny Xiao2018-11-281-12/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * fix units permission problems * fix some bugs and merge LoadUnits to repoAssignment * refactor permission struct and add some copyright heads * remove unused codes * fix routes units check * improve permission check * add unit tests for permission * fix typo * fix tests * fix some routes * fix api permission check * improve permission check * fix some permission check * fix tests * fix tests * improve some permission check * fix some permission check * refactor AccessLevel * fix bug * fix tests * fix tests * fix tests * fix AccessLevel * rename CanAccess * fix tests * fix comment * fix bug * add missing unit for test repos * fix bug * rename some functions * fix routes check
* fix password variable shadowing (#5405)Lanre Adelowo2018-11-261-1/+2
|
* Don't force a password change for the admin user when creating an account ↵Lanre Adelowo2018-11-251-0/+6
| | | | | | | | via cli (#5391) * don't force a password change for the admin user * don't totally dicard -must-change-password flag if creating the first (admin) user via the cli. Use flag if present but make sure to default to not forcing a password update
* Create AuthorizedKeysCommand (#5236)zeripath2018-11-012-1/+90
|
* Add command for migrating database (#4954)Robert Ștefan2018-10-301-0/+52
|
* Generate random password (#5023)Lanre Adelowo2018-10-301-2/+32
| | | | | | | | * add random-password flag * run make fmt * add length cli flag rather than use a default value
* remove unused db init on commands serv, update, hooks (#5225)Lunny Xiao2018-10-301-1/+0
|
* Make gitea serv use api/internal (#4886)Antoine GIRARD2018-10-301-34/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Start to move to internal/private * Add GetPublicKeyByID * Add HasDeployKey * Add private.UpdateDeployKeyUpdated * Add private.GetUserByKeyID * Add private.AccessLevel * Add private.CheckUnitUser * Fix mistakes I made * Some cleaning + moving code to separate files * Fix error handling * Remove useless error handling for setup * lint: fix comment on exported func * fix copyright header * Fix order of args
* fix showing pull request link when delete a branch (#5166)Lunny Xiao2018-10-281-1/+1
|
* Add must-change-password flag to cli for creating a user (#4955)Lanre Adelowo2018-10-211-5/+17
| | | | | | | | | | * add support for an admin to force a user to change his/her password from thee cli * use BoolFlag instead * default to true * simplify by removing unnneccessary if/else
* Give user a link to create PR after push (#4716)Julien Tant2018-10-201-0/+43
| | | | | | | | * Give user a link to create PR after push * Forks now create PR in the base repository + make sure PR creation is allowed * fix code style
* refactor: err != nil check, just return error instead (#5093)Bo-Yi Wu2018-10-181-15/+4
|
* Add/remove/list oauth providers via cli (#4591)techknowlogick2018-09-121-0/+286
|
* add letsencrypt to Gitea (#4189)Fluf2018-08-211-0/+33
|
* cmd/serve: pprof cpu and memory profile dumps to disk (#4560)Jerry Jacobs2018-08-071-0/+16
|
* Add config path as an optional flag when changing pass via CLI (#4184)Fluf2018-06-091-0/+9
|
* LFS: make HTTP auth period configurable (#4035)Inon S2018-05-291-1/+1
| | | | | | | | | | | | | | * LFS: make HTTP auth period configurable * Formatting: Removed semicolon Due to automated fmt-check failure (drone.gitea.io) * applying code reviews * Applied code review comment: Change HTTPAuthExpiry to time.Duration * Updated config cheat sheet
* Add cli commands to regen hooks & keys (#3979)techknowlogick2018-05-171-0/+58
| | | | | | | | | | * Add cli commands to regen hooks & keys * make fmt * Allow passing path to config as an option * add docs
* Do not allow inactive users to access repositories using private keys (#3887)Lauris BH2018-05-021-0/+6
|
* Implements generator cli for secrets (#3531)Codruț Constantin Gușoi2018-02-181-0/+83
| | | Signed-off-by: Codruț Constantin Gușoi <codrut.gusoi@gmail.com>
* Fix SSH auth lfs locks (#3152)Antoine GIRARD2018-01-271-2/+6
| | | | | | | | | | * Fix SSH auth LFS locks * Activate SSH/lock test * Remove debug * Follow @lunny recommendation for AfterLoad method
* General refactor of the cmd package (#3328)Morgan Bazalgette2018-01-126-79/+92
| | | | | | | | * General refactor of the cmd package * Address breakage in runCreateUser * Place "common" functions into cmd.go
* Cleanup models.User.HashPassword (#3334)Kim "BKC" Carlbäcker2018-01-121-2/+1
|
* Change EncodePasswd to HashPassword (#3329)Morgan Bazalgette2018-01-081-1/+1
| | | | | | * Change EncodePasswd to HashPassword * Create test+benchmark for HashPassword
* Add repo-sync-releases admin command (#3254)Sandro Santilli2017-12-311-0/+75
| | | | | | | | | | | | | | | | | | * Add repo-sync-releases admin command Will help recovering corrupted database, see #3247 * Load repos in chunks of 10, exit with error if unable to get a list, scan private repos, fix typo * Fix debug output about num releases * Introduce RepositoryListDefaultPageSize constant, set to 64 Use it from the new admin command * Use RepositoryListDefaultPageSize in more places * Document RepositoryListDefaultPageSize
* Add an option to allow redirect of http port 80 to https. (#1928)Mike Fellows2017-12-251-0/+23
| | | | | | | | | | | | | * Add an option to allow redirect of http port 80 to https. This is an "opt in" option (default is to not redirect). It will only redirect if protocol is https and the new REDIRECT_PORT_80 option is set to true. The Port to redirect in previous commit was hardcoded to 80, now it can be specified in the app.ini, defaulting to 80. The boolean option to turn redirection on has been changed to REDIRECT_OTHER_PORT to be logically consistent with the new port option. Signed-off-by: Mike Fellows <mike.fellows@shaw.ca>
* Improvements for supporting UI Location (#3146)Lunny Xiao2017-12-141-2/+3
| | | | | | * improvements for supporting UI Location * improved the comment
* fix run web with -p push failed (#3154)Lunny Xiao2017-12-131-0/+30
|
* Remove GetRepositoryByRef and add GetRepositoryByOwnerAndName (#3043)Lunny Xiao2017-12-021-11/+3
| | | | | | | | | | * remove GetRepositoryByRef and add GetRepositoryByOwnerAndName * fix tests * fix tests bug * some improvements
* Add external markup render support (#2570)Lunny Xiao2017-11-071-0/+3
| | | | | | | | | | | | | | | | | | | | | | * add external markup render support * bug fixed * refacotr codes and fix wrong error log * fix comments and add check to prevent leaks * add check for config file and improve the example * check file close error * use ioutil.TempFile instead uuid * correct Render -> Parser * improve warning when incorrect markup setting * fix typos
* Set session and indexers' data files rel to AppDataPath (#2192)Guillaume Dube2017-11-032-7/+4
| | | | | | | | | | * Set session and indexers' data files rel to AppDataPath The setting AppDataPath is now relative to the working directory. The session svc's PROVIDER_CONFIG now defaults to AppDataPath/data/sessions. The issue indexer's IssuePath now defaults to AppDataPath/indexers/issues.bleves. * fix bug
* improve force push detect when push (#2798)Lunny Xiao2017-10-281-1/+1
|
* improve protected branch to add whitelist support (#2451)Lunny Xiao2017-09-141-23/+25
| | | | | | | | | | | | | | | | | | | | * improve protected branch to add whitelist support * fix lint * fix style check * fix tests * fix description on UI and import * fix test * bug fixed * fix tests and languages * move isSliceInt64Eq to util pkg; improve function names & typo
* Only update needed columns when update user (#2296)Lunny Xiao2017-08-121-1/+1
| | | | | | * only update needed columns when update user * fix missing update_unix column
* Set TMPDIR enviroment variable for dump command (#1915)Jonas Östanbäck2017-06-081-0/+5
|
* feat: add check misspelling (#1877)Bo-Yi Wu2017-06-051-1/+1
|
* fix admin lost permission caused by #947Lunny Xiao2017-05-191-1/+1
|
* Add units to team (#947)Lunny Xiao2017-05-181-0/+8
| | | | | | | | | | | | | | | | | | * add units to team * fix lint * finish team setting backend * finished permission controll on routes * fix import blank line * add unit check on ssh/http pull and push and fix test failed * fix fixtures data * remove unused code