summaryrefslogtreecommitdiffstats
path: root/models
Commit message (Collapse)AuthorAgeFilesLines
* Add Allow-/Block-List for Migrate & Mirrors (#13610)65432020-11-281-0/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add black list and white list support for migrating repositories * fix fmt * fix lint * fix vendor * fix modules.txt * clean diff * specify log message * use blocklist/allowlist * allways use lowercase to match url * Apply allow/block * Settings: use existing "migrations" section * convert domains lower case * dont store unused value * Block private addresses for migration by default * fix lint * use proposed-upstream func to detect private IP addr * a nit * add own error for blocked migration, add tests, imprufe api * fix test * fix-if-localhost-is-ipv4 * rename error & error message * rename setting options * Apply suggestions from code review Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add block on official review requests branch protection (#13705)a10121127962020-11-283-24/+61
| | | | | Signed-off-by: a1012112796 <1012112796@qq.com> Co-authored-by: Lauris BH <lauris@nix.lv>
* ui: show 'owner' tag for real owner (#13689)a10121127962020-11-281-0/+21
| | | | | | | | | | | | | | | | | * ui: show 'owner' tag for real owner Signed-off-by: a1012112796 <1012112796@qq.com> * Update custom/conf/app.example.ini * simplify logic fix logic fix a small bug about original author * remove system manager tag Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lauris BH <lauris@nix.lv>
* Handle and propagate errors when checking if paths are Dirs, Files or Exist ↵zeripath2020-11-274-21/+91
| | | | | | | | | | | | | | | | | | | | | | | | | | (#13186) * Ensure errors from IsDir propagate * Handle errors when checking IsFile * Handle and propagate errors from IsExist * Update modules/templates/static.go * Update modules/templates/static.go * Return after ctx.ServerError * Apply suggestions from code review * Fix tests The previous merge managed to break repo_form.go Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lauris BH <lauris@nix.lv>
* [API] Add more filters to issues search (#13514)65432020-11-231-0/+9
| | | | | | | | | | | * Add time filter for issue search * Add limit option for paggination * Add Filter for: Created by User, Assigned to User, Mentioning User * update swagger * Add Tests for limit, before & since
* Don't show a dropdown menu when only 1 merge option is available (#13660) ↵Jimmy Praet2020-11-221-0/+18
| | | | (#13670)
* skip email validation on empty string (#13627)65432020-11-202-17/+35
| | | | - move validation into its own function - use a session for UpdateUserSetting
* Add email validity check (#13475)Chris Shyi2020-11-144-1/+52
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Improve error feedback for duplicate deploy keys Instead of a generic HTTP 500 error page, a flash message is rendered with the deploy key page template so inform the user that a key with the intended title already exists. * API returns 422 error when key with name exists * Add email validity checking Add email validity checking for the following routes: [Web interface] 1. User registration 2. User creation by admin 3. Adding an email through user settings [API] 1. POST /admin/users 2. PATCH /admin/users/:username 3. POST /user/emails * Add further tests * Add signup email tests * Add email validity check for linking existing account * Address PR comments * Remove unneeded DB session * Move email check to updateUser Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Include OriginalAuthor in Reaction constraint (#13505)zeripath2020-11-103-7/+47
| | | | | | | | | | | | | | | | | When migrating repositories with reactions with deleted users, the original author id may be -1. This means that it is possible to end up attempting to create multiple reactions with the same [ Type, IssueID, CommentID, UserID, OriginalAuthorID ] thus breaking the constraints. On SQLite this appears to cause a deadlock but on other dbs this will cause the migration to fail. This PR extends the constraint to include the original author username in the constraint. Fix #13271 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Some improvements for v156 (#13497)Lunny Xiao2020-11-101-7/+12
|
* Comments on review should have the same sha (#13448)zeripath2020-11-093-0/+124
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * When replying to an outdated comment it should not appear on the files page This happened because the comment took the latest commitID as its base instead of the reviewID that it was replying to. There was also no way of creating an already outdated comment - and a reply to a review on an outdated line should be outdated. Signed-off-by: Andrew Thornton <art27@cantab.net> * fix test Signed-off-by: Andrew Thornton <art27@cantab.net> * Fix broken migration Signed-off-by: Andrew Thornton <art27@cantab.net> * fix mssql Signed-off-by: Andrew Thornton <art27@cantab.net> * Create temporary table because ... well MSSQL ... Signed-off-by: Andrew Thornton <art27@cantab.net> * Create temporary table because ... well MSSQL ... Signed-off-by: Andrew Thornton <art27@cantab.net> * Create temporary table because ... well MSSQL ... Signed-off-by: Andrew Thornton <art27@cantab.net> * fix mssql Signed-off-by: Andrew Thornton <art27@cantab.net> * move session within the batch Signed-off-by: Andrew Thornton <art27@cantab.net> * regen the sqlcmd each time round the loop Signed-off-by: Andrew Thornton <art27@cantab.net> * as per @lunny Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* [RFC] Make archival asynchronous (#11296)Kyle Evans2020-11-073-4/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Make archival asynchronous The prime benefit being sought here is for large archives to not clog up the rendering process and cause unsightly proxy timeouts. As a secondary benefit, archive-in-progress is moved out of the way into a /tmp file so that new archival requests for the same commit will not get fulfilled based on an archive that isn't yet finished. This asynchronous system is fairly primitive; request comes in, we'll spawn off a new goroutine to handle it, then we'll mark it as done. Status requests will see if the file exists in the final location, and report the archival as done when it exists. Fixes #11265 * Archive links: drop initial delay to three-quarters of a second Some, or perhaps even most, archives will not take all that long to archive. The archive process starts as soon as the download button is initially clicked, so in theory they could be done quite quickly. Drop the initial delay down to three-quarters of a second to make it more responsive in the common case of the archive being quickly created. * archiver: restructure a little bit to facilitate testing This introduces two sync.Cond pointers to the archiver package. If they're non-nil when we go to process a request, we'll wait until signalled (at all) to proceed. The tests will then create the sync.Cond so that it can signal at-will and sanity-check the state of the queue at different phases. The author believes that nil-checking these two sync.Cond pointers on every archive processing will introduce minimal overhead with no impact on maintainability. * gofmt nit: no space around binary + operator * services: archiver: appease golangci-lint, lock queueMutex Locking/unlocking the queueMutex is allowed, but not required, for Cond.Signal() and Cond.Broadcast(). The magic at play here is just a little too much for golangci-lint, as we take the address of queueMutex and this is mostly used in archiver.go; the variable still gets flagged as unused. * archiver: tests: fix several timing nits Once we've signaled a cond var, it may take some small amount of time for the goroutines released to hit the spot we're wanting them to be at. Give them an appropriate amount of time. * archiver: tests: no underscore in var name, ungh * archiver: tests: Test* is run in a separate context than TestMain We must setup the mutex/cond variables at the beginning of any test that's going to use it, or else these will be nil when the test is actually ran. * archiver: tests: hopefully final tweak Things got shuffled around such that we carefully build up and release requests from the queue, so we can validate the state of the queue at each step. Fix some assertions that no longer hold true as fallout. * repo: Download: restore some semblance of previous behavior When archival was made async, the GET endpoint was only useful if a previous POST had initiated the download. This commit restores the previous behavior, to an extent; we'll now submit the archive request there and return a "202 Accepted" to indicate that it's processing if we didn't manage to complete the request within ~2 seconds of submission. This lets a client directly GET the archive, and gives them some indication that they may attempt to GET it again at a later time. * archiver: tests: simplify a bit further We don't need to risk failure and use time.ParseDuration to get 2 * time.Second. else if isn't really necessary if the conditions are simple enough and lead to the same result. * archiver: tests: resolve potential source of flakiness Increase all timeouts to 10 seconds; these aren't hard-coded sleeps, so there's no guarantee we'll actually take that long. If we need longer to not have a false-positive, then so be it. While here, various assert.{Not,}Equal arguments are flipped around so that the wording in error output reflects reality, where the expected argument is second and actual third. * archiver: setup infrastructure for notifying consumers of completion This API will *not* allow consumers to subscribe to specific requests being completed, just *any* request being completed. The caller is responsible for determining if their request is satisfied and waiting again if needed. * repo: archive: make GET endpoint synchronous again If the request isn't complete, this endpoint will now submit the request and wait for completion using the new API. This may still be susceptible to timeouts for larger repos, but other endpoints now exist that the web interface will use to negotiate its way through larger archive processes. * archiver: tests: amend test to include WaitForCompletion() This is a trivial one, so go ahead and include it. * archiver: tests: fix test by calling NewContext() The mutex is otherwise uninitialized, so we need to ensure that we're actually initializing it if we plan to test it. * archiver: tests: integrate new WaitForCompletion a little better We can use this to wait for archives to come in, rather than spinning and hoping with a timeout. * archiver: tests: combine numQueued declaration with next-instruction assignment * routers: repo: reap unused archiving flag from DownloadStatus() This had some planned usage before, indicating whether this request initiated the archival process or not. After several rounds of refactoring, this use was deemed not necessary for much of anything and got boiled down to !complete in all cases. * services: archiver: restructure to use a channel We now offer two forms of waiting for a request: - WaitForCompletion: wait for completion with no timeout - TimedWaitForCompletion: wait for completion with timeout In both cases, we wait for the given request's cchan to close; in the latter case, we do so with the caller-provided timeout. This completely removes the need for busy-wait loops in Download/InitiateDownload, as it's fairly clean to wait on a channel with timeout. * services: archiver: use defer to unlock now that we can This previously carried the lock into the goroutine, but an intermediate step just added the request to archiveInProgress outside of the new goroutine and removed the need for the goroutine to start out with it. * Revert "archiver: tests: combine numQueued declaration with next-instruction assignment" This reverts commit bcc52140238e16680f2e05e448e9be51372afdf5. Revert "archiver: tests: integrate new WaitForCompletion a little better" This reverts commit 9fc8bedb5667d24d3a3c7843dc28a229efffb1e6. Revert "archiver: tests: fix test by calling NewContext()" This reverts commit 709c35685eaaf261ebbb7d3420e3376a4ee8e7f2. Revert "archiver: tests: amend test to include WaitForCompletion()" This reverts commit 75261f56bc05d1fa8ff7e81dcbc0ccd93fdc9d50. * archiver: tests: first attempt at WaitForCompletion() tests * archiver: tests: slight improvement, less busy-loop Just wait for the requests to complete in order, instead of busy-waiting with a timeout. This is slightly less fragile. While here, reverse the arguments of a nearby assert.Equal() so that expected/actual are correct in any test output. * archiver: address lint nits * services: archiver: only close the channel once * services: archiver: use a struct{} for the wait channel This makes it obvious that the channel is only being used as a signal, rather than anything useful being piped through it. * archiver: tests: fix expectations Move the close of the channel into doArchive() itself; notably, before these goroutines move on to waiting on the Release cond. The tests are adjusted to reflect that we can't WaitForCompletion() after they've already completed, as WaitForCompletion() doesn't indicate that they've been released from the queue yet. * archiver: tests: set cchan to nil for comparison * archiver: move ctx.Error's back into the route handlers We shouldn't be setting this in a service, we should just be validating the request that we were handed. * services: archiver: use regex to match a hash This makes sure we don't try and use refName as a hash when it's clearly not one, e.g. heads/pull/foo. * routers: repo: remove the weird /archive/status endpoint We don't need to do this anymore, we can just continue POSTing to the archive/* endpoint until we're told the download's complete. This avoids a potential naming conflict, where a ref could start with "status/" * archiver: tests: bump reasonable timeout to 15s * archiver: tests: actually release timedReq * archiver: tests: run through inFlight instead of manually checking While we're here, add a test for manually re-processing an archive that's already been complete. Re-open the channel and mark it incomplete, so that doArchive can just mark it complete again. * initArchiveLinks: prevent default behavior from clicking * archiver: alias gitea's context, golang context import pending * archiver: simplify logic, just reconstruct slices While the previous logic was perhaps slightly more efficient, the new variant's readability is much improved. * archiver: don't block shutdown on waiting for archive The technique established launches a goroutine to do the wait, which will close a wait channel upon termination. For the timeout case, we also send back a value indicating whether the timeout was hit or not. The timeouts are expected to be relatively small, but still a multi- second delay to shutdown due to this could be unfortunate. * archiver: simplify shutdown logic We can just grab the shutdown channel from the graceful manager instead of constructing a channel to halt the caller and/or pass a result back. * Style issues * Fix mis-merge Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Lauris BH <lauris@nix.lv>
* updateSize when create a repo with init commit (#13441)a10121127962020-11-061-4/+4
| | | | | Signed-off-by: a1012112796 <1012112796@qq.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Revert "Replies to outdated code comments should also be outdated (#13217)" ↵Lunny Xiao2020-11-063-92/+0
| | | | | (#13439) This reverts commit 3cab3bee5750a12da9ef8a9ba5cbe3da00594921.
* Replies to outdated code comments should also be outdated (#13217)zeripath2020-11-043-0/+92
| | | | | | | | | | | | | | | | | * When replying to an outdated comment it should not appear on the files page This happened because the comment took the latest commitID as its base instead of the reviewID that it was replying to. There was also no way of creating an already outdated comment - and a reply to a review on an outdated line should be outdated. Signed-off-by: Andrew Thornton <art27@cantab.net> * fix test Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Fix bug on release publisherid migrations (#13410)Lunny Xiao2020-11-031-1/+4
| | | Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Add the tag list page to the release page (#12096)a10121127962020-11-021-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add the tag list page to the release page * Add the tags list view * Add the delete tag way on ui * Not delete tag and clear message when delete a release Signed-off-by: a1012112796 <1012112796@qq.com> * Apply suggestions from code review Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: zeripath <art27@cantab.net> * fix ui * Add to header * ui * permission * ui * Update options/locale/locale_en-US.ini Co-authored-by: Lauris BH <lauris@nix.lv> * tweaks * monospace commit hashes * Add read permission check * fix permission * fix nit * Update web_src/less/_base.less Co-authored-by: silverwind <me@silverwind.io> * ui fixes * title tweaks * fix lint * fix test * fix test and some ui nits * Apply suggestions from code review Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: silverwind <me@silverwind.io>
* Fix reactions on code comments (#13390)Cirno the Strongest2020-11-021-0/+4
| | | Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* don't append key file if asked not to (#13368)Antoine GIRARD2020-10-311-1/+1
|
* Refactor Logger (#13294)zeripath2020-10-311-1/+1
| | | | | | Refactor Logger to make a logger interface and make it possible to wrap loggers for specific purposes. Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Delete tag API (#13358)John Olheiser2020-10-301-0/+16
| | | | | | | | | | | | | | | | | | | * Delete tag API Signed-off-by: jolheiser <john.olheiser@gmail.com> * Wording Signed-off-by: jolheiser <john.olheiser@gmail.com> * Add conflict response and fix API tests Signed-off-by: jolheiser <john.olheiser@gmail.com> * Fix other test Signed-off-by: jolheiser <john.olheiser@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Group Label Changed Comments in timeline (#13304)Pedro Alves2020-10-251-1/+3
| | | | | | | | | | | | | * Create function to group label comments * Combine multiple label additions into one * Group removed and added labels in the same comment * Fix indentation on comments.tmpl Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
* #12897 - add mastodon provider (#13293)Divyam Bhasin2020-10-251-0/+6
| | | | | | | | | | | | | | | | | | | | | | | * added mastodon provider to oauth code * changed go.mod and vendor/modules.txt to add updated goth * vendored mastodon and new goth * committing result of go mod tidy && go mod vendor * added pic and mastodon to oauth models * handled instance url * applied lafriks suggestion * Update web_src/js/index.js Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: techknowlogick <matti@mdranta.net>
* Ensure topics added using the API are added to the repository (#13285)zeripath2020-10-243-3/+100
| | | | | | | | * Ensure topics added using the API are added to the repository Fix #12426 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Store task errors following migrations and display them (#13246)zeripath2020-10-231-0/+21
| | | | | | | | | | | | | | | | | | * Store task errors following migrations and display them When migrate tasks fail store the error in the task table and ensure that they show on the status page. Fix #13242 Signed-off-by: Andrew Thornton <art27@cantab.net> * Update web_src/js/index.js * Hide the failed first Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Avatar autogeneration fixed (#13233)Paweł Bogusławski2020-10-232-7/+2
| | | | | | | | This mod fixes problem with initial avatar autogeneration and avatar autogneration after deleting previous avatar. Related: https://github.com/go-gitea/gitea/issues/13159 Fixes: 80a6b0f5bce15a641fc75f5f1ef6e42ef54424bc Author-Change-Id: IB#1105243
* Keep database transactions not too big (#13254)Lunny Xiao2020-10-221-41/+40
| | | | | | | | | | | | | * Keep database transactions not too big * Fix #13255 Signed-off-by: Andrew Thornton <art27@cantab.net> * Only cache the last repo Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Andrew Thornton <art27@cantab.net>
* Enhance release list (#6025)Lanre Adelowo2020-10-212-0/+142
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * show author for releases created outside Gitea UI. Also show the number of commits behind the default branch for tags created outside the UI don't show the tag date again for tags pushed to the repo. Since it is already on the sidebar and looks like duplication * add migration for already existing tags * update as per review * fix build * add space * fix import statments * Update models/migrations/v113.go Co-Authored-By: zeripath <art27@cantab.net> * Update models/migrations/v114.go Co-authored-by: 6543 <6543@obermui.de> * Update services/release/release.go Co-authored-by: 6543 <6543@obermui.de> * impruve * remove dependency on models package * Close the gitrepos in a defer to ensure that they are closed. * gofmt Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Update heatmap fixtures to restore tests (#13224)65432020-10-202-2/+2
| | | | | * hotfix * update ...
* Add review request api (#11355)a10121127962020-10-206-5/+56
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add review request api * add : POST /repos/{owner}/{repo}/pulls/{index}/requested_reviewers * Remove : DELET /repos/{owner}/{repo}/pulls/{index}/requested_reviewers * fix some request review bug * block delet request review by models/DeleteReview() Signed-off-by: a1012112796 <1012112796@qq.com> * make fmt * fix bug * fix test code * fix typo * Apply suggestion from code review @jonasfranz * fix swagger ref * fix typo Co-authored-by: Lauris BH <lauris@nix.lv> * fix comment * Change response message * chang response so some simplfy * Add ErrIllLegalReviewRequest fix some nits * make fmt * Apply suggestions from code review Co-authored-by: silverwind <me@silverwind.io> * * Add team support * fix test * fix an known bug * fix nit * fix test * Apply suggestions from code review Co-authored-by: zeripath <art27@cantab.net> * update get api and add test Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: zeripath <art27@cantab.net>
* [Refactor] Move APIFormat functions into convert package (#12856)65432020-10-178-124/+11
| | | | | | | | | | | | | | | | | | | | | | | * USER APIFormat -> ToUser * Migrate more and mark APIFormat deprecated * models.Comment APIFormat() -> convert.ToComment * models.Release APIFormat() -> convert.ToRelease * models.Attachments APIFormat() -> convert.ToReleaseAttachments * models.CommitStatus APIFormat() -> convert.ToCommitStatus * finish migration to convert.ToUser * Move Test * Imprufe Test * fix test Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Improve users management through the CLI (#6001) (#10492)ydelafollye2020-10-151-0/+6
| | | | | | | | | | * Fix images in wiki edit preview (#11546) Make sure wiki editor sets wiki to true so gitea renders it as a wiki page. Also change the context data attr for edit form. This looks wrong but everywhere else in our code assumes the urlPrefix to be just the repo url when rendering and manually adds /wiki to the rendered url regardless. Fixes #11540
* Change order of possible-owner organizations to alphabetical (#13160)Elena Neuschild2020-10-151-1/+2
| | | | Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Avatars and Repo avatars support storing in minio (#12516)Lunny Xiao2020-10-148-367/+424
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Avatar support minio * Support repo avatar minio storage * Add missing migration * Fix bug * Fix test * Add test for minio store type on avatars and repo avatars; Add documents * Fix bug * Fix bug * Add back missed avatar link method * refactor codes * Simplify the codes * Code improvements * Fix lint * Fix test mysql * Fix test mysql * Fix test mysql * Fix settings * Fix test * fix test * Fix bug
* Show original author's reviews on pull summary box (#13127)赵智超2020-10-141-0/+14
| | | | | | | follow #12039, show original author's reviews by other way. fix #11705. Signed-off-by: a1012112796 <1012112796@qq.com>
* [Enhancement] Allow admin to merge pr with protected file changes (#12078)赵智超2020-10-134-0/+58
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * [Enhancement] Allow admin to merge pr with protected file changes As tilte, show protected message in diff page and merge box. Signed-off-by: a1012112796 <1012112796@qq.com> * remove unused ver * Update options/locale/locale_en-US.ini Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com> * Add TrN * Apply suggestions from code review * fix lint * Update options/locale/locale_en-US.ini Co-authored-by: zeripath <art27@cantab.net> * Apply suggestions from code review * move pr proteced files check to TestPatch * Call TestPatch when protected branches settings changed * Apply review suggestion @CirnoT * move to service @lunny * slightly restructure routers/private/hook.go Adds a lot of comments and simplifies the logic Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net> * skip duplicate protected files check * fix check logic * slight refactor of TestPatch Signed-off-by: Andrew Thornton <art27@cantab.net> * When checking for protected files changes in TestPatch use the temporary repository Signed-off-by: Andrew Thornton <art27@cantab.net> * fix introduced issue with hook Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove the check on PR index being greater than 0 as it unnecessary Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Provide self-registering storage system (#12978)zeripath2020-10-121-2/+0
| | | | | | | | | | | | | | | | | | | * Provide self-registering storage system Signed-off-by: Andrew Thornton <art27@cantab.net> * More simplification Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove old strings from setting Signed-off-by: Andrew Thornton <art27@cantab.net> * oops attachments not attachment Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* [API] If User is Admin, show 500 error message on PROD mode too (#13115)65432020-10-121-2/+2
| | | | | | | | | * API: show admin 500 error message on PROD mode too * a nit * dont miss InternalServerError Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database ↵65432020-10-128-25/+108
| | | | | | | | | | | (#13124) * Add timestamps to Star, Label, LanguageStat, Follow, Watch and Collaboration * Star do not need updated * LanguageStat do not need update (they wont change) * fix unit-test
* Add team support for review request (#12039)赵智超2020-10-129-137/+449
| | | | | | | | | | | Add team support for review request Block #11355 Signed-off-by: a1012112796 <1012112796@qq.com> Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Andrew Thornton <art27@cantab.net>
* Prohibit automatic downgrades (#13108)65432020-10-121-4/+9
| | | | | | | | Prohibit automatic downgrades by checking the version of the db and warning if the version number should be lower. Close #13107 Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
* Improve error feedback for duplicate deploy keys (#13112)Chris Shyi2020-10-121-1/+1
| | | | | | Instead of a generic HTTP 500 error page, a flash message is rendered with the deploy key page template to inform the user that a key with the intended title already exists. Fixes #13110
* Update golangci-lint to version 1.31.0 (#13102)kolaente2020-10-111-1/+1
| | | | | | | This PR updates golangci-lint to the latest version 1.31.0. The upgrade introduced a new check for which I've fixed or disabled most cases. Signed-off-by: kolaente <k@knt.li>
* Add ssh certificate support (#12281)Wim2020-10-102-4/+238
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add ssh certificate support * Add ssh certificate support to builtin ssh * Write trusted-user-ca-keys.pem based on configuration * Update app.example.ini * Update templates/user/settings/keys_principal.tmpl Co-authored-by: silverwind <me@silverwind.io> * Remove unused locale string * Update options/locale/locale_en-US.ini Co-authored-by: silverwind <me@silverwind.io> * Update options/locale/locale_en-US.ini Co-authored-by: silverwind <me@silverwind.io> * Update models/ssh_key.go Co-authored-by: silverwind <me@silverwind.io> * Add missing creation of SSH.Rootpath * Update cheatsheet, example and locale strings * Update models/ssh_key.go Co-authored-by: zeripath <art27@cantab.net> * Update models/ssh_key.go Co-authored-by: zeripath <art27@cantab.net> * Update models/ssh_key.go Co-authored-by: zeripath <art27@cantab.net> * Update models/ssh_key.go Co-authored-by: zeripath <art27@cantab.net> * Update models/ssh_key.go * Optimizations based on feedback * Validate CA keys for external sshd * Add filename option and change default filename Add a SSH_TRUSTED_USER_CA_KEYS_FILENAME option which default is RUN_USER/.ssh/gitea-trusted-user-ca-keys.pem Do not write a file when SSH_TRUSTED_USER_CA_KEYS is empty. Add some more documentation. * Remove unneeded principalkey functions * Add blank line * Apply suggestions from code review Co-authored-by: zeripath <art27@cantab.net> * Add SSH_AUTHORIZED_PRINCIPALS_ALLOW option This adds a SSH_AUTHORIZED_PRINCIPALS_ALLOW which is default email,username this means that users only can add the principals that match their email or username. To allow anything the admin need to set the option anything. This allows for a safe default in gitea which protects against malicious users using other user's prinicipals. (before that user could set it). This commit also has some small other fixes from the last code review. * Rewrite principal keys file on user deletion * Use correct rewrite method * Set correct AuthorizedPrincipalsBackup default setting * Rewrite principalsfile when adding principals * Add update authorized_principals option to admin dashboard * Handle non-primary emails Signed-off-by: Andrew Thornton <art27@cantab.net> * Add the command actually to the dashboard template * Update models/ssh_key.go Co-authored-by: silverwind <me@silverwind.io> * By default do not show principal options unless there are CA keys set or they are explicitly set Signed-off-by: Andrew Thornton <art27@cantab.net> * allow settings when enabled * Fix typos in TrustedUserCAKeys path * Allow every CASignatureAlgorithms algorithm As this depends on the content of TrustedUserCAKeys we should allow all signature algorithms as admins can choose the specific algorithm on their signing CA * Update models/ssh_key.go Co-authored-by: Lauris BH <lauris@nix.lv> * Fix linting issue Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Fix deadlock when deleting team user (#13092)zeripath2020-10-101-1/+1
| | | | | | | | | | | `models.getUserRepoPermission(...)` calls `HasOrgVisible` which uses `models.x` potentially outside of the transaction `e` provided as an argument to `getUserRepoPermission`. This PR switches to use `hasOrgVisible(e, ...)`. Fix #12983 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Disable DSA ssh keys by default (#13056)zeripath2020-10-091-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Disable DSA ssh keys by default OpenSSH has disabled DSA keys since version 7.0 As the docker runs openssh > v7.0 we should just disable DSA keys by default. Refers to #11417 Signed-off-by: Andrew Thornton <art27@cantab.net> * Just disable DSA keys by default Signed-off-by: Andrew Thornton <art27@cantab.net> * Appears we need to set the minimum key sizes too Signed-off-by: Andrew Thornton <art27@cantab.net> * Appears we need to set the minimum key sizes too Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove DSA type * Fix Tests Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lauris BH <lauris@nix.lv>
* (Re)Load issue labels when changing them (#13007)zeripath2020-10-052-0/+20
| | | | | | | | | | (Re)Load issue labels when labels are added or removed This means that the label state that the webhooks produce accurately matches the changes that they are reporting. Fix #10660 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Attachments: Add extension support, allow all types for releases (#12465)silverwind2020-10-051-46/+5
| | | | | | | | | | | | | | | | | | | | | * Attachments: Add extension support, allow all types for releases - Add support for file extensions, matching the `accept` attribute of `<input type="file">` - Add support for type wildcard mime types, e.g. `image/*` - Create repository.release.ALLOWED_TYPES setting (default unrestricted) - Change default for attachment.ALLOWED_TYPES to a list of extensions - Split out POST /attachments into two endpoints for issue/pr and releases to prevent circumvention of allowed types check Fixes: https://github.com/go-gitea/gitea/pull/10172 Fixes: https://github.com/go-gitea/gitea/issues/7266 Fixes: https://github.com/go-gitea/gitea/pull/12460 Ref: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/file#Unique_file_type_specifiers * rename function * extract GET routes out of RepoMustNotBeArchived Co-authored-by: Lauris BH <lauris@nix.lv>
* Refactor use TrimSuffix instead of TrimRight (#12993)65432020-10-011-1/+1
| | | | | | | * Refactor use TrimSuffix instead of TrimRight * TrimRight right * has #12990
* Add default storage configurations (#12813)Lunny Xiao2020-09-293-4/+9
| | | | Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>