| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Move some files into models' sub packages
* Move functions
* merge main branch
* Fix check
* fix check
* Fix some tests
* Fix lint
* Fix lint
* Revert lint changes
* Fix error comments
* Fix lint
Co-authored-by: 6543 <6543@obermui.de>
|
| |
|
|
| |
* Use base32 for 2FA scratch token
* rename Secure* to Crypto*, add comments
|
| | |
|
| |
|
|
|
|
| |
Although #17124 fixed the same issue for the feed, some other parts
with the same issue were found.
Co-authored-by: finga <finga@onders.org>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Move login related structs and functions to models/login
* Fix test
* Fix lint
* Fix lint
* Fix lint of windows
* Fix lint
* Fix test
* Fix test
* Only load necessary fixtures when preparing unit tests envs
* Fix lint
* Fix test
* Fix test
* Fix error log
* Fix error log
* Fix error log
* remove unnecessary change
* fix error log
* merge main branch
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* DBContext is just a Context
This PR removes some of the specialness from the DBContext and makes it context
This allows us to simplify the GetEngine code to wrap around any context in future
and means that we can change our loadRepo(e Engine) functions to simply take contexts.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix unit tests
Signed-off-by: Andrew Thornton <art27@cantab.net>
* another place that needs to set the initial context
Signed-off-by: Andrew Thornton <art27@cantab.net>
* avoid race
Signed-off-by: Andrew Thornton <art27@cantab.net>
* change attachment error
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Move db related basic functions to models/db
* Fix lint
* Fix lint
* Fix test
* Fix lint
* Fix lint
* revert unnecessary change
* Fix test
* Fix wrong replace string
* Use *Context
* Correct committer spelling and fix wrong replaced words
Co-authored-by: zeripath <art27@cantab.net>
|
| |
|
|
| |
This PR adds a `ListOptions` type which is not paged but uses absolute values. It is implemented as discussed in Discord.
Extracted from #16510 to clean that PR.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
One of the issues holding back performance of the API is the problem of hashing.
Whilst banning BASIC authentication with passwords will help, the API Token scheme
still requires a PBKDF2 hash - which means that heavy API use (using Tokens) can
still cause enormous numbers of hash computations.
A slight solution to this whilst we consider moving to using JWT based tokens and/or
a session orientated solution is to simply cache the successful tokens. This has some
security issues but this should be balanced by the security issues of load from
hashing.
Related #14668
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* Add info about list endpoints to CONTRIBUTING.md
* Let all list endpoints return X-Total-Count header
* Add TODOs for GetCombinedCommitStatusByRef
* Fix models/issue_stopwatch.go
* Rrefactor models.ListDeployKeys
* Introduce helper func and use them for SetLinkHeader related func
|
| |
|
|
|
|
|
|
|
|
|
| |
* Only check access tokens if they are likely to be tokens
Gitea will currently check every if every password is an access token even though
most passwords are not and cannot be access tokens.
By creation access tokens are 40 byte hexadecimal strings therefore only these should
be checked.
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Use single shared random string generation function
- Replace 3 functions that do the same with 1 shared one
- Use crypto/rand over math/rand for a stronger RNG
- Output only alphanumerical for URL compatibilty
Fixes: #15536
* use const string method
* Update modules/avatar/avatar.go
Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: a1012112796 <1012112796@qq.com>
|
| |
|
|
|
|
|
|
| |
* Delete Token accept names too
* better description
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
|
| |
|
| |
Co-authored-by: Lauris BH <lauris@nix.lv>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* make sure duplicate token names cannot be used
* add check to api routes too
* add @lunny s suggestion
* fix & don't forget User.ID
* AccessTokenByNameExists() return error too
* unique token for each test
* fix lint
Signed-off-by: 6543 <6543@obermui.de>
Co-authored-by: Lanre Adelowo <yo@lanre.wtf>
|
| |
|
|
|
|
| |
* fix a pagination bug
* fix pagination of ListAccessTokens
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* paginate results
* fixed deadlock
* prevented breaking change
* updated swagger
* go fmt
* fixed find topic
* go mod tidy
* go mod vendor with go1.13.5
* fixed repo find topics
* fixed unit test
* added Limit method to Engine struct; use engine variable when provided; fixed gitignore
* use ItemsPerPage for default pagesize; fix GetWatchers, getOrgUsersByOrgID and GetStargazers; fix GetAllCommits headers; reverted some changed behaviors
* set Page value on Home route
* improved memory allocations
* fixed response headers
* removed logfiles
* fixed import order
* import order
* improved swagger
* added function to get models.ListOptions from context
* removed pagesize diff on unit test
* fixed imports
* removed unnecessary struct field
* fixed go fmt
* scoped PR
* code improvements
* code improvements
* go mod tidy
* fixed import order
* fixed commit statuses session
* fixed files headers
* fixed headers; added pagination for notifications
* go mod tidy
* go fmt
* removed Private from user search options; added setting.UI.IssuePagingNum as default valeu on repo's issues list
* Apply suggestions from code review
Co-Authored-By: 6543 <6543@obermui.de>
Co-Authored-By: zeripath <art27@cantab.net>
* fixed build error
* CI.restart()
* fixed merge conflicts resolve
* fixed conflicts resolve
* improved FindTrackedTimesOptions.ToOptions() method
* added backwards compatibility on ListReleases request; fixed issue tracked time ToSession
* fixed build error; fixed swagger template
* fixed swagger template
* fixed ListReleases backwards compatibility
* added page to user search route
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* display ui time with customize time location
* fix lint
* rename UILocation to DefaultUILocation
* move time related functions to modules/timeutil
* fix tests
* fix tests
* fix build
* fix swagger
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* refactor struct's time to remove unnecessary memory usage
* use AsTimePtr simple code
* fix tests
* fix time compare
* fix template on gpg
* use AddDuration instead of Add
|
| | |
|
| |
|
|
|
|
|
|
| |
* use AfterLoad instead of AfterSet on Structs
* fix the comments on AfterLoad
* fix the comments on action AfterLoad
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* use created & updated instead BeforeInsert & BeforeUpdate
* fix vendor checksum
* only show generated SQL when development mode
* remove extra update column updated_unix
* remove trace config
|
| | |
|
| | |
|
| | |
|
| |\
| |
| |
| |
| |
| |
| |
| |
| | |
# Conflicts:
# models/git_diff.go
# models/issue.go
# models/org.go
# models/pull.go
# models/repo.go
|
| | |
| |
| |
| |
| |
| |
| | |
- Update import paths from github.com/go-gitea to code.gitea.io
- Fix import path for travis
See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
|
| |/ |
|
| | |
|
| |
|
|
| |
Unix() already uses UTC as timezone
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
