summaryrefslogtreecommitdiffstats
path: root/models/gpg_key.go
Commit message (Collapse)AuthorAgeFilesLines
* Move keys to models/asymkey (#17917)Lunny Xiao2021-12-101-272/+0
| | | | | | | | | | | | | | | | | | | * Move keys to models/keys * Rename models/keys -> models/asymkey * change the missed package name * Fix package alias * Fix test * Fix docs * Fix test * Fix test * merge
* Move user related model into models/user (#17781)Lunny Xiao2021-11-241-4/+4
| | | | | | | | | | | | | * Move user related model into models/user * Fix lint for windows * Fix windows lint * Fix windows lint * Move some tests in models * Merge
* Move EmailAddress & UserRedirect into models/user/ (#17607)Lunny Xiao2021-11-111-5/+6
| | | | | | | | | | | | | | | | | | | | | * Move EmailAddress into models/user/ * Fix test * rename user_mail to user_email * Fix test * Move UserRedirect into models/user/ * Fix lint & test * Fix lint * Fix lint * remove nolint comment * Fix lint
* Move login related structs and functions to models/login (#17093)Lunny Xiao2021-09-241-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Move login related structs and functions to models/login * Fix test * Fix lint * Fix lint * Fix lint of windows * Fix lint * Fix test * Fix test * Only load necessary fixtures when preparing unit tests envs * Fix lint * Fix test * Fix test * Fix error log * Fix error log * Fix error log * remove unnecessary change * fix error log * merge main branch
* DBContext is just a Context (#17100)zeripath2021-09-231-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | * DBContext is just a Context This PR removes some of the specialness from the DBContext and makes it context This allows us to simplify the GetEngine code to wrap around any context in future and means that we can change our loadRepo(e Engine) functions to simply take contexts. Signed-off-by: Andrew Thornton <art27@cantab.net> * fix unit tests Signed-off-by: Andrew Thornton <art27@cantab.net> * another place that needs to set the initial context Signed-off-by: Andrew Thornton <art27@cantab.net> * avoid race Signed-off-by: Andrew Thornton <art27@cantab.net> * change attachment error Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move db related basic functions to models/db (#17075)Lunny Xiao2021-09-191-11/+16
| | | | | | | | | | | | | | | | | | | | | | | | | * Move db related basic functions to models/db * Fix lint * Fix lint * Fix test * Fix lint * Fix lint * revert unnecessary change * Fix test * Fix wrong replace string * Use *Context * Correct committer spelling and fix wrong replaced words Co-authored-by: zeripath <art27@cantab.net>
* Add `AbsoluteListOptions` (#17028)KN4CK3R2021-09-141-1/+1
| | | | This PR adds a `ListOptions` type which is not paged but uses absolute values. It is implemented as discussed in Discord. Extracted from #16510 to clean that PR.
* [API] generalize list header (#16551)65432021-08-121-0/+5
| | | | | | | | | | | | | * Add info about list endpoints to CONTRIBUTING.md * Let all list endpoints return X-Total-Count header * Add TODOs for GetCombinedCommitStatusByRef * Fix models/issue_stopwatch.go * Rrefactor models.ListDeployKeys * Introduce helper func and use them for SetLinkHeader related func
* Add option to provide signature for a token to verify key ownership (#14054)zeripath2021-07-131-699/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add option to provide signed token to verify key ownership Currently we will only allow a key to be matched to a user if it matches an activated email address. This PR provides a different mechanism - if the user provides a signature for automatically generated token (based on the timestamp, user creation time, user ID, username and primary email. * Ensure verified keys can act for all active emails for the user * Add code to mark keys as verified * Slight UI adjustments * Slight UI adjustments 2 * Simplify signature verification slightly * fix postgres test * add api routes * handle swapped primary-keys * Verify the no-reply address for verified keys * Only add email addresses that are activated to keys * Fix committer shortcut properly * Restructure gpg_keys.go * Use common Verification Token code Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix various documentation, user-facing, and source comment typos (#16367)luzpaz2021-07-081-2/+2
| | | | | * Fix various doc, user-facing, and source comment typos Found via `codespell -q 3 -S ./options/locale,./vendor -L ba,pullrequest,pullrequests,readby`
* Always store primary email address into email_address table and also the ↵Lunny Xiao2021-06-081-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | state (#15956) * Always store primary email address into email_address table and also the state * Add lower_email to not convert email to lower as what's added * Fix fixture * Fix tests * Use BeforeInsert to save lower email * Fix v180 migration * fix tests * Fix test * Remove wrong submited codes * Fix test * Fix test * Fix test * Add test for v181 migration * remove change user's email to lower * Revert change on user's email column * Fix lower email * Fix test * Fix test
* chore(models): rewrite code format. (#14754)Bo-Yi Wu2021-03-141-36/+36
| | | | | | | | | | | | | | | * chore: rewrite format. * chore: update format Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> * chore: update format Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> * chore: Adjacent parameters with the same type should be grouped together * chore: update format.
* Fix gpg key deletion (#14561)Anton Khimich2021-02-041-1/+5
| | | | | | | | | | | | | | | | | | | * Fix GPG key deletion when user is deleted Per #14531, deleting a user account will delete the user's GPG keys from the `gpg_key` table but not from `gpg_key_import`, which causes an error when creating an account with the same email and attempting to re-add the same key. This commit deletes all entries from `gpg_key_import` that match any GPG key IDs belonging to the user. * Format added code in models/user.go * Create a new function for listing GPG keys and apply it Create a new function `listGPGKeys` and replace a previous use of `ListGPGKeys`. Thanks to @6543 for the patch. Co-authored-by: Anton Khimich <anton.khimicha@mail.utoronto.ca> Co-authored-by: 6543 <6543@obermui.de>
* Add configurable Trust Models (#11712)zeripath2020-09-201-25/+64
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add configurable Trust Models Gitea's default signature verification model differs from GitHub. GitHub uses signatures to verify that the committer is who they say they are - meaning that when GitHub makes a signed commit it must be the committer. The GitHub model prevents re-publishing of commits after revocation of a key and prevents re-signing of other people's commits to create a completely trusted repository signed by one key or a set of trusted keys. The default behaviour of Gitea in contrast is to always display the avatar and information related to a signature. This allows signatures to be decoupled from the committer. That being said, allowing arbitary users to present other peoples commits as theirs is not necessarily desired therefore we have a trust model whereby signatures from collaborators are marked trusted, signatures matching the commit line are marked untrusted and signatures that match a user in the db but not the committer line are marked unmatched. The problem with this model is that this conflicts with Github therefore we need to provide an option to allow users to choose the Github model should they wish to. Signed-off-by: Andrew Thornton <art27@cantab.net> * Adjust locale strings Signed-off-by: Andrew Thornton <art27@cantab.net> * as per @6543 Co-authored-by: 6543 <6543@obermui.de> * Update models/gpg_key.go * Add migration for repository Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Allow addition of gpg keyring with multiple keys (#12487)zeripath2020-08-211-59/+67
| | | | | | | Related #6778 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv>
* Keys should not verify revoked email addresses (#12486)zeripath2020-08-161-0/+3
| | | | | Fix #6778 Signed-off-by: Andrew Thornton <art27@cantab.net>
* UI: Update commit signature view (#12473)techknowlogick2020-08-131-1/+1
|
* Ensure Subkeys are verified (#12155)zeripath2020-07-061-1/+41
| | | | | | | | | | | | | When attempting to verify subkeys the email address verification step requires checking the emails however, these emails are not stored on subkeys but instead on the primary key. This PR will obtain the primaryKey and check against these emails too. Fix #12128 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Fix verification of subkeys of default gpg key (#11713)zeripath2020-06-031-0/+15
| | | | | | | | | | | | | | | | | * Fix verification of subkeys of default gpg key Fix #10309 Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove debug log * Update models/gpg_key.go * As per @6543 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Handle expected errors in AddGPGkey API (#11644)65432020-05-281-1/+1
| | | | | | | | | * handle GPG Parse & Email Errors * correct TEST * update Swagger * more Docu
* Show Signer in commit lists and add basic trust (#10425)zeripath2020-02-271-3/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Show Signer in commit lists and add basic trust Show the avatar of the signer in the commit list pages as we do not enforce that the signer is an author or committer. This makes it clearer who has signed the commit. Also display commits signed by non-members differently from members and in particular make it clear when a non-member signer is different from the committer to help reduce the risk of spoofing. Signed-off-by: Andrew Thornton <art27@cantab.net> * ensure orange text and background is available Signed-off-by: Andrew Thornton <art27@cantab.net> * Update gpg_key.go * Update models/gpg_key.go * Apply suggestions from code review * Require team collaborators to have access to UnitTypeCode * as per @6543 * fix position of sha as per @silverwind * as per @guillep2k
* API add/generalize pagination (#9452)SpaWn2KiLl2020-01-241-4/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * paginate results * fixed deadlock * prevented breaking change * updated swagger * go fmt * fixed find topic * go mod tidy * go mod vendor with go1.13.5 * fixed repo find topics * fixed unit test * added Limit method to Engine struct; use engine variable when provided; fixed gitignore * use ItemsPerPage for default pagesize; fix GetWatchers, getOrgUsersByOrgID and GetStargazers; fix GetAllCommits headers; reverted some changed behaviors * set Page value on Home route * improved memory allocations * fixed response headers * removed logfiles * fixed import order * import order * improved swagger * added function to get models.ListOptions from context * removed pagesize diff on unit test * fixed imports * removed unnecessary struct field * fixed go fmt * scoped PR * code improvements * code improvements * go mod tidy * fixed import order * fixed commit statuses session * fixed files headers * fixed headers; added pagination for notifications * go mod tidy * go fmt * removed Private from user search options; added setting.UI.IssuePagingNum as default valeu on repo's issues list * Apply suggestions from code review Co-Authored-By: 6543 <6543@obermui.de> Co-Authored-By: zeripath <art27@cantab.net> * fixed build error * CI.restart() * fixed merge conflicts resolve * fixed conflicts resolve * improved FindTrackedTimesOptions.ToOptions() method * added backwards compatibility on ListReleases request; fixed issue tracked time ToSession * fixed build error; fixed swagger template * fixed swagger template * fixed ListReleases backwards compatibility * added page to user search route Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net>
* Ensure default gpg settings not nil and found commits have reference to repo ↵zeripath2019-10-201-0/+2
| | | | | | | | | | (#8604) * Ensure defaultGPGSettings not nil * Ensure that coerced commits gain a reference to the repo * Add warning if trying to get defaultgpgsetting on an unattached commit
* Upgrade xorm to v0.8.0 (#8536)Lunny Xiao2019-10-171-1/+1
|
* Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631)zeripath2019-10-161-67/+292
| | | | | | | | | | | | | | | | | | | This PR fixes #7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however. ## Features - [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.) - [x] Verify commits signed with the default gpg as valid - [x] Signer, Committer and Author can all be different - [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon. - [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available - Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg - [x] Try to match the default key with a user on gitea - this is done at verification time - [x] Make things configurable? - app.ini configuration done - [x] when checking commits are signed need to check if they're actually verifiable too - [x] Add documentation I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
* Display ui time with customize time location (#7792)Lunny Xiao2019-08-151-14/+14
| | | | | | | | | | | | | | | | | | * display ui time with customize time location * fix lint * rename UILocation to DefaultUILocation * move time related functions to modules/timeutil * fix tests * fix tests * fix build * fix swagger
* Fix wrong GPG expire date (#6643)Antoine GIRARD2019-04-151-6/+11
| | | | | | * fix expire of gpg relative to key creation https://tools.ietf.org/html/rfc4880#section-5.2.3.6 * add test
* add .gpg url (match github behaviour) (#6610)Antoine GIRARD2019-04-141-18/+79
| | | | | | | | | | | | | | | | | | | | | | * add .gpg url (match github behaviour) * wildcard * test to export maximum data * working POC * add comment for old imported keys * cleaning * Update routers/user/profile.go Co-Authored-By: sapk <sapk@users.noreply.github.com> * add migration script * add integration tests
* Better logging (#6038) (#6095)zeripath2019-04-021-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Panic don't fatal on create new logger Fixes #5854 Signed-off-by: Andrew Thornton <art27@cantab.net> * partial broken * Update the logging infrastrcture Signed-off-by: Andrew Thornton <art27@cantab.net> * Reset the skip levels for Fatal and Error Signed-off-by: Andrew Thornton <art27@cantab.net> * broken ncsa * More log.Error fixes Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove nal * set log-levels to lowercase * Make console_test test all levels * switch to lowercased levels * OK now working * Fix vetting issues * Fix lint * Fix tests * change default logging to match current gitea * Improve log testing Signed-off-by: Andrew Thornton <art27@cantab.net> * reset error skip levels to 0 * Update documentation and access logger configuration * Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE * Fix broken level caching * Refactor the router log * Add Router logger * Add colorizing options * Adjust router colors * Only create logger if they will be used * update app.ini.sample * rename Attribute ColorAttribute * Change from white to green for function * Set fatal/error levels * Restore initial trace logger * Fix Trace arguments in modules/auth/auth.go * Properly handle XORMLogger * Improve admin/config page * fix fmt * Add auto-compression of old logs * Update error log levels * Remove the unnecessary skip argument from Error, Fatal and Critical * Add stacktrace support * Fix tests * Remove x/sync from vendors? * Add stderr option to console logger * Use filepath.ToSlash to protect against Windows in tests * Remove prefixed underscores from names in colors.go * Remove not implemented database logger This was removed from Gogs on 4 Mar 2016 but left in the configuration since then. * Ensure that log paths are relative to ROOT_PATH * use path.Join * rename jsonConfig to logConfig * Rename "config" to "jsonConfig" to make it clearer * Requested changes * Requested changes: XormLogger * Try to color the windows terminal If successful default to colorizing the console logs * fixup * Colorize initially too * update vendor * Colorize logs on default and remove if this is not a colorizing logger * Fix documentation * fix test * Use go-isatty to detect if on windows we are on msys or cygwin * Fix spelling mistake * Add missing vendors * More changes * Rationalise the ANSI writer protection * Adjust colors on advice from @0x5c * Make Flags a comma separated list * Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING * Ensure matching is done on the non-colored message - to simpify EXPRESSION
* move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364)Lunny Xiao2019-03-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * move code.gitea.io/git to code.gitea.io/gitea/modules/git * fix imports * fix fmt * fix misspell * remove wrong tests data * fix unit tests * fix tests * fix tests * fix tests * fix tests * fix tests * enable Debug to trace the failure tests * fix tests * fix tests * fix tests * fix tests * fix tests * comment commit count tests since git clone depth is 50 * fix tests * update from code.gitea.io/git * revert change to makefile
* Fix null pointer dereference in ParseCommitWithSignature (#4962)SagePtr2018-09-201-1/+1
|
* Don't write to log NoCommitterAccount (#3621)Morgan Bazalgette2018-03-041-1/+5
| | | | | | | | | | | * Don't write to log NoCommitterAccount It's way too verbose, and the information is also printed to the user already. Fixes #3602. * ignore err only if it's a ErrUserNotExist * Replace with IsErrUserNotExist
* Refactor struct's time to remove unnecessary memory usage (#3142)Lunny Xiao2017-12-111-22/+14
| | | | | | | | | | | | | | * refactor struct's time to remove unnecessary memory usage * use AsTimePtr simple code * fix tests * fix time compare * fix template on gpg * use AddDuration instead of Add
* GPG key email verification no longer case sensitive (#2661) (#2663)Julian Scholle2017-10-061-1/+2
| | | | | | | * GPG key email verification no longer case sensitive (#2661) * case insensitive GPG key email verification now cached (#2661) Signed-off-by: Julian Scholle <julian.scholle@googlemail.com>
* Replace deprecated Id method with ID (#2655)Ethan Koenig2017-10-051-1/+1
|
* Use AfterLoad instead of AfterSet on Structs (#2628)Lunny Xiao2017-10-011-11/+9
| | | | | | | | * use AfterLoad instead of AfterSet on Structs * fix the comments on AfterLoad * fix the comments on action AfterLoad
* Fix lint errors (#2547)Ethan Koenig2017-09-191-5/+1
|
* Only check at least one email gpg key (#2266)Antoine GIRARD2017-09-051-9/+27
| | | | | | | | | | | | | | | | | | | | | | * Only require one email (possibly not yet validated) * Update message error and check validation of commit * Add integrations tests * Complete integration for import * Add pre-check/optimization * Add some test (not finished) * Finish * Fix fixtures * Fix typo * Don't guess key ID
* remove unnecessary blank lines and wrong error logLunny Xiao2017-06-281-3/+1
|
* Refactor session close as xorm already does everything needed internally (#2020)Lauris BH2017-06-211-2/+2
|
* Fix GPG email checking to be case insensitive (#1988)Lauris BH2017-06-171-2/+2
|
* Switch to keybase go-crypto (for some elliptic curve key) + test (#1925)Antoine GIRARD2017-06-141-3/+3
| | | | | | | | | | | | * Switch to keybase go-crypto (for some elliptic curve key) + test * Use assert.NoError and add a little more context to failing test description * Use assert.(No)Error everywhere 🌈 and assert.Error in place of .Nil/.NotNil
* Rework SSH key management UI to add GPG (#1293)Antoine GIRARD2017-04-261-12/+21
| | | | | | | | | | | | | | | | | | | | | | | * Rework SSH key management UI to add GPG * Add more detail to gpg key display * Update CHANGELOG.md * Implement deletion UI * Implement adding gpg UI * Various fixes - Fix duplicate entry in locale - Re-generate hash before verification since they are consumed * Add missing translation * Split template * Catch not found/verified email error
* GPG commit validation (#1150)Antoine GIRARD2017-03-221-0/+186
| | | | | | | | | | | | * GPG commit validation * Add translation + some little fix * Move hash calc after retrieving of potential key + missing translation * Add some little test
* fix gpg wrong column typesLunny Xiao2017-03-201-2/+2
|
* Implement GPG api (#710)Antoine GIRARD2017-03-161-0/+276
* Implement GPG API * Better handle error * Apply review recommendation + simplify database operations * Remove useless comments