aboutsummaryrefslogtreecommitdiffstats
path: root/models/user
Commit message (Collapse)AuthorAgeFilesLines
* Use db.WithTx/WithTx2 instead of TxContext when possible (#35130)Lunny Xiao3 days2-66/+49
|
* Send email on Workflow Run Success/Failure (#34982)NorthRealm9 days1-0/+5
| | | | | | | | | | | | | | | Closes #23725 ![1](https://github.com/user-attachments/assets/9bfa76ea-8c45-4155-a5d4-dc2f0667faa8) ![2](https://github.com/user-attachments/assets/49be7402-e5d5-486e-a1c2-8d3222540b13) /claim #23725 --------- Signed-off-by: NorthRealm <155140859+NorthRealm@users.noreply.github.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: ChristopherHX <christopher.homberger@web.de>
* Fix git commit committer parsing and add some tests (#35007)Lunny Xiao2025-07-102-10/+11
| | | | | | | | * Fix #34991 * Fix #34882 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* enforce explanation for necessary nolints and fix bugs (#34883)TheFox0x72025-06-271-1/+1
| | | | | | | Follows up https://github.com/go-gitea/gitea/pull/34851 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add post-installation redirect based on admin account status (#34493)Kerwin Bryant2025-06-211-0/+14
| | | | | | | | | | | | | | | | This PR adds a feature to direct users to appropriate pages after system installation: - If no admin credentials were provided during installation, redirect to the registration page with a prominent notice about creating the first administrative account - If admin credentials were already set, redirect directly to the login page ![4d396ad132d9b57fc4f45a62117177f1](https://github.com/user-attachments/assets/3a5d8700-9194-4d3b-a862-e64c8c347932) --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Run `gopls modernize` on codebase (#34751)silverwind2025-06-183-12/+5
| | | | Recent modernize fixes: https://github.com/golang/tools/commits/master/gopls/internal/analysis/modernize
* Fix GetUsersByEmails (#34643)wxiaoguang2025-06-072-16/+42
|
* Refactor some tests (#34580)wxiaoguang2025-06-031-11/+3
| | | | 1. use `test.MockVariableValue` as much as possible 2. avoid `time.Sleep` as much as possible
* Fix/improve avatar sync from LDAP (#34573)Râu Cao2025-06-021-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | This fixes 3 issues I encountered when debugging problems with our LDAP sync: 1. The comparison of the hashed image data in `IsUploadAvatarChanged` is wrong. It seems to be from before avatar hashing was changed and unified in #22289. This results in the function always returning `true` for any avatars, even if they weren't changed. 2. Even if there's no avatar to upload (i.e. no avatar available for the LDAP entry), the upload function would still be called for every single user, only to then fail, because the data isn't valid. This is unnecessary. 3. Another small issue is that the comparison function (and thus hashing of data) is called for every user, even if there is no avatar attribute configured at all for the LDAP source. Thus, I switched the condition nesting, so that no cycles are wasted when avatar sync isn't configured in the first place. I also added a trace log for when there is actually a new avatar being uploaded for an existing user, which is now only shown when that is actually the case. --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Do not mutate incoming options to RenderUserSearch and SearchUsers (#34544)Philip Peterson2025-05-272-20/+20
| | | | | | | | | | | This PR changes the `opts` argument in `SearchUsers()` to be passed by value instead of by pointer, as its mutations do not escape the function scope and are not used elsewhere. This simplifies reasoning about the function and avoids unnecessary pointer usage. This insight emerged during an initial attempt to refactor `RenderUserSearch()`, which currently intermixes multiple concerns. Co-authored-by: Philip Peterson <philip-peterson@users.noreply.github.com>
* Fix GetUsersByEmails (#34423)wxiaoguang2025-05-102-8/+20
| | | Fix #34418, fix #34353
* feat: add label 'state' to metric 'gitea_users' (#34326)Tobias Balle-Petersen2025-05-071-0/+5
| | | | | | | | | | | | | | | | | | This PR adds the label _state_ to the metric _gitea_users_. With the change, _gitea_users_ would be reported like this: ``` ... # HELP gitea_users Number of Users # TYPE gitea_users gauge gitea_users{state="active"} 20 gitea_users{state="inactive"} 10 ... ``` The metrics above would be from a Gitea instance with 30 user accounts. 20 of the accounts are active and 10 of the accounts are not active. Resolve #34325
* Cache GPG keys, emails and users when list commits (#34086)Lunny Xiao2025-04-091-14/+13
| | | | | | | | | | When list commits, some of the commits authors are the same at many situations. But current logic will always fetch the same GPG keys from database. This PR will cache the GPG keys, emails and users for the context so that reducing the database queries. --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Check user/org repo limit instead of doer (#34147)DrMaxNix2025-04-072-11/+46
| | | | | | | | | | | | This PR tries to finally fix the bug mentioned in #30011 and #15504, where the user repo limit is checked when creating a repo in an organization. Fix #30011 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: TheFox0x7 <thefox0x7@gmail.com>
* Return default avatar url when user id is zero rather than updating database ↵Lunny Xiao2025-04-021-1/+3
| | | | (#34094)
* Enable addtional linters (#34085)TheFox0x72025-04-012-6/+7
| | | | | | | | enable mirror, usestdlibbars and perfsprint part of: https://github.com/go-gitea/gitea/issues/34083 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Enable testifylint rules (#34075)TheFox0x72025-03-313-9/+9
| | | | enable testifylint rules disabled in: https://github.com/go-gitea/gitea/pull/34054
* enable staticcheck QFxxxx rules (#34064)TheFox0x72025-03-291-2/+3
|
* Fix some migration and repo name problems (#33986)wxiaoguang2025-03-241-5/+5
| | | | | | 1. Ignore empty inputs in `UnmarshalHandleDoubleEncode` 2. Ignore non-existing `stateEvent.User` in gitlab migration 3. Enable `release` and `wiki` units when they are selected in migration 4. Sanitize repo name for migration and new repo
* Add file tree to file view page (#32721)Kerwin Bryant2025-03-151-0/+3
| | | | | | | | | | | Resolve #29328 This pull request introduces a file tree on the left side when reviewing files of a repository. --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Small refactor to reduce unnecessary database queries and remove duplicated ↵Lunny Xiao2025-03-041-0/+4
| | | | functions (#33779)
* Refactor error system (#33771)wxiaoguang2025-03-031-1/+1
| | | It should not expose `util.SilentWrap` or construct it manually.
* Use test context in tests and new loop system in benchmarks (#33648)TheFox0x72025-02-202-6/+4
| | | | | | | | Replace all contexts in tests with go1.24 t.Context() --------- Co-authored-by: Giteabot <teabot@gitea.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix bug when get commit (#33602)Lunny Xiao2025-02-151-7/+11
| | | Fix #33595
* Improve commits list performance to reduce unnecessary database queries (#33528)Lunny Xiao2025-02-141-11/+68
| | | | | | When listing commits, Gitea attempts to retrieve the actual user based on the commit email. Querying users one by one from the database is inefficient. This PR optimizes the process by batch querying users by email, reducing the number of database queries.
* Add a option "--user-type bot" to admin user create, improve role display ↵mscherer2025-02-072-8/+10
| | | | | | | | | | | (#27885) Partially solve #13044 Fix #33295 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Support choose email when creating a commit via web UI (#33432)wxiaoguang2025-01-302-1/+11
| | | Initial PR for #24469
* Refactor user & avatar (#33433)wxiaoguang2025-01-306-41/+123
| | | | | 1. better GetPossibleUserByID logic 2. fix some function name & comment typos 3. do not re-generate avatar if one exists
* Refactor user package (#33423)wxiaoguang2025-01-294-49/+51
| | | and avoid global variables
* Refactor context flash msg and global variables (#33375)wxiaoguang2025-01-252-4/+19
| | | | | | 1. add `GetSiteCookieFlashMessage` to help to parse flash message 2. clarify `handleRepoHomeFeed` logic 3. remove unnecessary global variables, use `sync.OnceValue` instead 4. add some tests for `IsUsableUsername` and `IsUsableRepoName`
* Some small refactors (#33144)Lunny Xiao2025-01-101-0/+47
|
* Refactor older tests to use testify (#33140)TheFox0x72025-01-091-15/+9
| | | | | Refactor checks to use assert/require Use require.Eventually for waiting in elastic and meilisearch tests Use require to exit early instead of assert
* Refactor pagination (#33037)wxiaoguang2024-12-301-2/+0
| | | | | I am sure the simple approach should work, let's try it in 1.24 Follow #29834 and #29841
* Support for email addresses containing uppercase characters when activating ↵Zettat1232024-12-272-19/+35
| | | | | | | | | user account (#32998) Fix #32807 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Refactor "string truncate" (#32984)wxiaoguang2024-12-261-5/+5
|
* Move some errors to their own sub packages (#32880)Lunny Xiao2024-12-201-0/+15
|
* Enable tenv and testifylint rules (#32852)TheFox0x72024-12-153-12/+11
| | | | Enables tenv and testifylint linters closes: https://github.com/go-gitea/gitea/issues/32842
* Strict pagination check (#32548)Lunny Xiao2024-11-252-3/+3
|
* Fix GetInactiveUsers (#32540)Lunny Xiao2024-11-212-6/+26
| | | Fix #31480
* Allow code search by filename (#32210)Bruno Sofiato2024-10-111-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a large and complex PR, so let me explain in detail its changes. First, I had to create new index mappings for Bleve and ElasticSerach as the current ones do not support search by filename. This requires Gitea to recreate the code search indexes (I do not know if this is a breaking change, but I feel it deserves a heads-up). I've used [this approach](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/analysis-pathhierarchy-tokenizer.html) to model the filename index. It allows us to efficiently search for both the full path and the name of a file. Bleve, however, does not support this out-of-box, so I had to code a brand new [token filter](https://blevesearch.com/docs/Token-Filters/) to generate the search terms. I also did an overhaul in the `indexer_test.go` file. It now asserts the order of the expected results (this is important since matches based on the name of a file are more relevant than those based on its content). I've added new test scenarios that deal with searching by filename. They use a new repo included in the Gitea fixture. The screenshot below depicts how Gitea shows the search results. It shows results based on content in the same way as the current version does. In matches based on the filename, the first seven lines of the file contents are shown (BTW, this is how GitHub does it). ![image](https://github.com/user-attachments/assets/9d938d86-1a8d-4f89-8644-1921a473e858) Resolves #32096 --------- Signed-off-by: Bruno Sofiato <bruno.sofiato@gmail.com>
* Improve the maintainblity of the reserved username list (#32229)wxiaoguang2024-10-101-27/+29
|
* Move admin routers from /admin to /-/admin (#32189)Lunny Xiao2024-10-101-1/+0
| | | | | | | Resolve #32181 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix bug when a token is given public only (#32204)Lunny Xiao2024-10-081-0/+4
|
* Add support for searching users by email (#30908)yp053272024-10-041-1/+13
| | | | | | | Fix #30898 we have an option `SearchByEmail`, so enable it, then we can search user by email. Also added a test for it.
* Save initial signup information for users to aid in spam prevention (#31852)techknowlogick2024-09-093-9/+37
| | | | | | | | | | | | | | This will allow instance admins to view signup pattern patterns for public instances. It is modelled after discourse, mastodon, and MediaWiki's approaches. Note: This has privacy implications, but as the above-stated open-source projects take this approach, especially MediaWiki, which I have no doubt looked into this thoroughly, it is likely okay for us, too. However, I would be appreciative of any feedback on how this could be improved. --------- Co-authored-by: Giteabot <teabot@gitea.io>
* Support delete user email in admin panel (#31690)yp053272024-07-251-0/+1
| | | | | | | | | | | ![QQ_1721784609320](https://github.com/user-attachments/assets/23f08bf3-93f4-44d7-963d-10380ef8c1f1) ![QQ_1721784616403](https://github.com/user-attachments/assets/667cbd1e-5e21-4489-8d18-2a7be85190db) ![QQ_1721784626722](https://github.com/user-attachments/assets/495beb94-dfa2-481c-aa60-d5115cad1ae1) --------- Co-authored-by: Jason Song <i@wolfogre.com>
* allow synchronizing user status from OAuth2 login providers (#31572)Rowan Bohde2024-07-161-3/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This leverages the existing `sync_external_users` cron job to synchronize the `IsActive` flag on users who use an OAuth2 provider set to synchronize. This synchronization is done by checking for expired access tokens, and using the stored refresh token to request a new access token. If the response back from the OAuth2 provider is the `invalid_grant` error code, the user is marked as inactive. However, the user is able to reactivate their account by logging in the web browser through their OAuth2 flow. Also changed to support this is that a linked `ExternalLoginUser` is always created upon a login or signup via OAuth2. ### Notes on updating permissions Ideally, we would also refresh permissions from the configured OAuth provider (e.g., admin, restricted and group mappings) to match the implementation of LDAP. However, the OAuth library used for this `goth`, doesn't seem to support issuing a session via refresh tokens. The interface provides a [`RefreshToken` method](https://github.com/markbates/goth/blob/master/provider.go#L20), but the returned `oauth.Token` doesn't implement the `goth.Session` we would need to call `FetchUser`. Due to specific implementations, we would need to build a compatibility function for every provider, since they cast to concrete types (e.g. [Azure](https://github.com/markbates/goth/blob/master/providers/azureadv2/azureadv2.go#L132)) --------- Co-authored-by: Kyle D <kdumontnu@gmail.com>
* Allow disabling authentication related user features (#31535)Rowan Bohde2024-07-091-4/+6
| | | | | | | | | | | | | | | | | | | | We have some instances that only allow using an external authentication source for authentication. In this case, users changing their email, password, or linked OpenID connections will not have any effect, and we'd like to prevent showing that to them to prevent confusion. Included in this are several changes to support this: * A new setting to disable user managed authentication credentials (email, password & OpenID connections) * A new setting to disable user managed MFA (2FA codes & WebAuthn) * Fix an issue where some templates had separate logic for determining if a feature was disabled since it didn't check the globally disabled features * Hide more user setting pages in the navbar when their settings aren't enabled --------- Co-authored-by: Kyle D <kdumontnu@gmail.com>
* Use FullName in Emails to address the recipient if possible (#31527)65432024-07-082-0/+53
| | | | | | | | Before we had just the plain mail address as recipient. But now we provide additional Information for the Mail clients. --- *Sponsored by Kithara Software GmbH*
* Fix duplicate sub-path for avatars (#31365)wxiaoguang2024-06-152-2/+32
| | | | | | | | | | | Fix #31361, and add tests And this PR introduces an undocumented & debug-purpose-only config option: `USE_SUB_URL_PATH`. It does nothing for end users, it only helps the development of sub-path related problems. And also fix #31366 Co-authored-by: @ExplodingDragon