summaryrefslogtreecommitdiffstats
path: root/modules/context
Commit message (Collapse)AuthorAgeFilesLines
* Render access log template as text instead of HTML (#23013) (#23025)Yarden Shoham2023-02-211-1/+1
| | | | | | | Backport #23013 Fix https://github.com/go-gitea/gitea/pull/22906#discussion_r1112106675 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Prepend refs/heads/ to issue template refs (#20461) (#22427)zeripath2023-01-131-0/+3
| | | | | Backport #20461 Signed-off-by: Andrew Thornton <art27@cantab.net>
* refactor auth interface to return error when verify failure (#22119) (#22259)Lunny Xiao2022-12-292-2/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | backport #22119 This PR changed the Auth interface signature from `Verify(http *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) *user_model.User` to `Verify(http *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) (*user_model.User, error)`. There is a new return argument `error` which means the verification condition matched but verify process failed, we should stop the auth process. Before this PR, when return a `nil` user, we don't know the reason why it returned `nil`. If the match condition is not satisfied or it verified failure? For these two different results, we should have different handler. If the match condition is not satisfied, we should try next auth method and if there is no more auth method, it's an anonymous user. If the condition matched but verify failed, the auth process should be stop and return immediately. This will fix #20563 Co-authored-by: KN4CK3R <admin@oldschoolhack.me> Co-authored-by: Jason Song <i@wolfogre.com>
* Use complete SHA to create and query commit status (#22244) (#22257)Jason Song2022-12-282-5/+5
| | | | | | | | | | | | | Backport #22244. Fix #13485. Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Add support for HEAD requests in Maven registry (#21834) (#21929)KN4CK3R2022-11-251-5/+13
| | | | | Backport of #21834 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix setting HTTP headers after write (#21833) (#21877)KN4CK3R2022-11-221-23/+43
| | | | | Backport of #21833 Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Fix package access for admins and inactive users (#21580)KN4CK3R2022-10-241-3/+6
| | | | | | | | I noticed an admin is not allowed to upload packages for other users because `ctx.IsSigned` was not set. I added a check for `user.IsActive` and `user.ProhibitLogin` too because both was not checked. Tests enforce this now. Co-authored-by: Lauris BH <lauris@nix.lv>
* Redirect to new repository owner (#21398)KN4CK3R2022-10-111-1/+10
| | | | | | | Fixes #17655 If you rename `user1` to `user2` and visit `/user1` you get redirected to `/user2`. But if you visit `/user1/repo` you just get a 404 error. With this PR the user is redirected to `/user2/repo`.
* Add user/organization code search (#19977)Lauris BH2022-10-111-0/+1
| | | | | | | Fixes #19925 Screenshots: ![attels](https://user-images.githubusercontent.com/165205/173864718-fe789429-55bc-4cad-808c-9f02f335cddf.png)
* Tag list should include draft releases with existing tags (#21263)Jason Song2022-10-031-1/+3
| | | | | Before, a tag for a draft release disappeared in the tag list, fix #21262. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Respect `REQUIRE_SIGNIN_VIEW` for packages (#20873)KN4CK3R2022-09-211-33/+49
| | | | | | | | Fix #20863 When REQUIRE_SIGNIN_VIEW = true, even with public repositories, you can only see them after you login. The packages should not be accessed without login. Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Support Issue forms and PR forms (#20987)Jason Song2022-09-021-45/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * feat: extend issue template for yaml * feat: support yaml template * feat: render form to markdown * feat: support yaml template for pr * chore: rename to Fields * feat: template unmarshal * feat: split template * feat: render to markdown * feat: use full name as template file name * chore: remove useless file * feat: use dropdown of fomantic ui * feat: update input style * docs: more comments * fix: render text without render * chore: fix lint error * fix: support use description as about in markdown * fix: add field class in form * chore: generate swagger * feat: validate template * feat: support is_nummber and regex * test: fix broken unit tests * fix: ignore empty body of md template * fix: make multiple easymde editors work in one page * feat: better UI * fix: js error in pr form * chore: generate swagger * feat: support regex validation * chore: generate swagger * fix: refresh each markdown editor * chore: give up required validation * fix: correct issue template candidates * fix: correct checkboxes style * chore: ignore .hugo_build.lock in docs * docs: separate out a new doc for merge templates * docs: introduce syntax of yaml template * feat: show a alert for invalid templates * test: add case for a valid template * fix: correct attributes of required checkbox * fix: add class not-under-easymde for dropzone * fix: use more back-quotes * chore: remove translation in zh-CN * fix EasyMDE statusbar margin * fix: remove repeated blocks * fix: reuse regex for quotes Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Share HTML template renderers and create a watcher framework (#20218)zeripath2022-08-282-5/+9
| | | | | | | | | | | | | | | | | | | | | | | | | The recovery, API, Web and package frameworks all create their own HTML Renderers. This increases the memory requirements of Gitea unnecessarily with duplicate templates being kept in memory. Further the reloading framework in dev mode for these involves locking and recompiling all of the templates on each load. This will potentially hide concurrency issues and it is inefficient. This PR stores the templates renderer in the context and stores this context in the NormalRoutes, it then creates a fsnotify.Watcher framework to watch files. The watching framework is then extended to the mailer templates which were previously not being reloaded in dev. Then the locales are simplified to a similar structure. Fix #20210 Fix #20211 Fix #20217 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix download archiver of a commit (#20962)Lunny Xiao2022-08-261-0/+1
|
* Replace `ServeStream` with `ServeContent` (#20903)KN4CK3R2022-08-251-17/+1
| | | | | | | | | | | * Replace ServeStream with ServeContent. * Update modules/timeutil/timestamp.go Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Move some files into models' sub packages (#20262)Lunny Xiao2022-08-251-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | * Move some files into models' sub packages * Move functions * merge main branch * Fix check * fix check * Fix some tests * Fix lint * Fix lint * Revert lint changes * Fix error comments * Fix lint Co-authored-by: 6543 <6543@obermui.de>
* Fix disable download button (#20701)Lunny Xiao2022-08-081-1/+1
|
* Add new API endpoints for push mirrors management (#19841)Mohamed Sekour2022-07-301-1/+1
| | | | | | | | | | | - Add a new push mirror to specific repository - Sync now ( send all the changes to the configured push mirrors ) - Get list of all push mirrors of a repository - Get a push mirror by ID - Delete push mirror by ID Signed-off-by: Mohamed Sekour <mohamed.sekour@exfo.com> Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
* Extended permission checks. (#20517)KN4CK3R2022-07-281-1/+18
|
* Slightly simplify LastCommitCache (#20444)zeripath2022-07-251-0/+2
| | | | | | | | | | | The LastCommitCache code is a little complex and there is unnecessary duplication between the gogit and nogogit variants. This PR adds the LastCommitCache as a field to the git.Repository and pre-creates it in the ReferencesGit helpers etc. There has been some simplification and unification of the variant code. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add Cache-Control header to html and api responses, add no-transform (#20432)silverwind2022-07-232-0/+4
| | | | | | | | | | | | `no-transform` allegedly disables CloudFlare auto-minify and we did not set caching headers on html or api requests, which seems good to have regardless. Transformation is still allowed for asset requests. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Andrew Thornton <art27@cantab.net>
* Allow access to the Public Organization Member lists with minimal ↵a10121127962022-07-151-0/+15
| | | | | | | | | | | permissions (#20330) Examining Organization membership should not necessarily require sign-in if the organization is public and the members are public. Therefore we should adjust `/org/{org}/members` to not require login. Fix #7501 Signed-off-by: a1012112796 <1012112796@qq.com> Co-authored-by: zeripath <art27@cantab.net>
* Refactor `i18n` to `locale` (#20153)Gusted2022-06-271-1/+1
| | | | | | | | | | | * Refactor `i18n` to `locale` - Currently we're using the `i18n` variable naming for the `locale` struct. This contains locale's specific information and cannot be used for general i18n purpose, therefore refactoring it to `locale` makes more sense. - Ref: https://github.com/go-gitea/gitea/pull/20096#discussion_r906699200 * Update routers/install/install.go
* Add more linters to improve code readability (#19989)Wim2022-06-204-5/+5
| | | | | | | | | | Add nakedret, unconvert, wastedassign, stylecheck and nolintlint linters to improve code readability - nakedret - https://github.com/alexkohler/nakedret - nakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length. - unconvert - https://github.com/mdempsky/unconvert - Remove unnecessary type conversions - wastedassign - https://github.com/sanposhiho/wastedassign - wastedassign finds wasted assignment statements. - notlintlint - Reports ill-formed or insufficient nolint directives - stylecheck - https://staticcheck.io/docs/checks/#ST - keep style consistent - excluded: [ST1003 - Poorly chosen identifier](https://staticcheck.io/docs/checks/#ST1003) and [ST1005 - Incorrectly formatted error string](https://staticcheck.io/docs/checks/#ST1005)
* Respond with a 401 on git push when password isn't changed yet (#20026)Wim2022-06-191-0/+5
| | | | | | | | | | If the user-agent starts with git and user must change password but hasn't return a 401 with the message. It must be a 401, git doesn't seem to show the contents of the error message when we return a 403 Fixes #19090
* Return 404 when tag is broken (#20017)Wim2022-06-181-0/+4
| | | Fixes #19979
* Remove tab/TabName usage where it's not needed (#19973)Lauris BH2022-06-151-1/+0
| | | `tab` query argument and `TabName` in context is used only in profile so remove it from all other places where it's not used anymore.
* Fix mirror template bug (#19959)Lunny Xiao2022-06-131-14/+6
| | | | | | * Fix mirror template bug Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: delvh <dev.lh@web.de>
* Move issues related files into models/issues (#19931)Lunny Xiao2022-06-131-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Move access and repo permission to models/perm/access * fix test * fix git test * Move functions sequence * Some improvements per @KN4CK3R and @delvh * Move issues related code to models/issues * Move some issues related sub package * Merge * Fix test * Fix test * Fix test * Fix test * Rename some files
* Move some code into models/git (#19879)Lunny Xiao2022-06-121-2/+3
| | | | | | | | | | | | | | | | | | | * Move access and repo permission to models/perm/access * fix test * Move some git related files into sub package models/git * Fix build * fix git test * move lfs to sub package * move more git related functions to models/git * Move functions sequence * Some improvements per @KN4CK3R and @delvh
* Move some repository related code into sub package (#19711)Lunny Xiao2022-06-061-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Move some repository related code into sub package * Move more repository functions out of models * Fix lint * Some performance optimization for webhooks and others * some refactors * Fix lint * Fix * Update modules/repository/delete.go Co-authored-by: delvh <dev.lh@web.de> * Fix test * Merge * Fix test * Fix test * Fix test * Fix test Co-authored-by: delvh <dev.lh@web.de>
* Prevent NPE on update mirror settings (#19864)zeripath2022-06-021-1/+1
| | | | | | | | | | | | | A `repo_model.Mirror` repository field (`.Repo`) will not automatically be set, but is used without checking in mirror_pull.go:UpdateAddress. This will cause an NPE. This PR changes UpdateAddress to use the helper function GetRepository() helping prevent future NPEs but also changes modules/context/repo.go to ensure that the Mirror.Repo is set. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Move almost all functions' parameter db.Engine to context.Context (#19748)Lunny Xiao2022-05-201-6/+8
| | | | * Move almost all functions' parameter db.Engine to context.Context * remove some unnecessary wrap functions
* Fix org package owner permissions (#19742)KN4CK3R2022-05-191-13/+21
| | | Old code did not respect owner visibility and the organization access calculation was wrong if the user was not a member.
* Move access and repo permission to models/perm/access (#19350)Lunny Xiao2022-05-112-5/+11
| | | | | * Move access and repo permission to models/perm/access * Remove unnecessary code
* Repository level enable package or disable (#19323)Lunny Xiao2022-05-081-0/+1
|
* Only show accessible teams in dashboard dropdown list (#19642)Jimmy Praet2022-05-071-6/+0
| | | Fixes #19637
* Call MultipartForm.RemoveAll when request finishes (#19606)wxiaoguang2022-05-054-0/+16
|
* Only check for non-finished migrating task (#19601)Gusted2022-05-041-5/+5
| | | | | | | | | | * Only check for non-finished migrating task - Only check if a non-finished migrating task exists for a mirror before fetching the mirror details from the database. - Resolves #19600 - Regression: #19588 * Clarify function
* Don't fetch Mirror when it's migrating (#19588)Gusted2022-05-031-5/+14
| | | | | | | | | | - When a repository is still being migrated, don't try to fetch the Mirror from the database. Instead skip it. This allows to visit repositories that are still being migrated and were configured to be mirrored. - Resolves #19585 - Regression: #19295 Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Federation: return useful statistic information for nodeinfo (#19561)65432022-05-021-0/+2
| | | Add statistic information for total user count, active user count, issue count and comment count for `/nodeinfo`
* Add "Allow edits from maintainer" feature (#18002)qwerty2872022-04-282-4/+14
| | | | | | | | | | | | | | | | | Adds a feature [like GitHub has](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request-from-a-fork) (step 7). If you create a new PR from a forked repo, you can select (and change later, but only if you are the PR creator/poster) the "Allow edits from maintainers" option. Then users with write access to the base branch get more permissions on this branch: * use the update pull request button * push directly from the command line (`git push`) * edit/delete/upload files via web UI * use related API endpoints You can't merge PRs to this branch with this enabled, you'll need "full" code write permissions. This feature has a pretty big impact on the permission system. I might forgot changing some things or didn't find security vulnerabilities. In this case, please leave a review or comment on this PR. Closes #17728 Co-authored-by: 6543 <6543@obermui.de>
* more context for models (#19511)65432022-04-281-2/+2
| | | | | make more usage of context, to have more db transaction in one session (make diff of #9307 smaller)
* Use router param for filepath in GetRawFile (#19499)John Olheiser2022-04-261-0/+1
| | | | | | | | | | | | * Use router param for filepath Signed-off-by: jolheiser <john.olheiser@gmail.com> * Move TreePath back into RepoRefForAPI Signed-off-by: jolheiser <john.olheiser@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: 6543 <6543@obermui.de>
* RepoAssignment ensure to close before overwrite (#19449)65432022-04-212-45/+61
| | | | | | | * check if GitRepo already open and close if * only run RepoAssignment once * refactor context helper for api to open GitRepo
* Refactor CSRF protection modules, make sure CSRF tokens can be up-to-date. ↵wxiaoguang2022-04-085-178/+110
| | | | | | (#19337) Do a refactoring to the CSRF related code, remove most unnecessary functions. Parse the generated token's issue time, regenerate the token every a few minutes.
* Remove dependent on session auth for api/v1 routers (#19321)Lunny Xiao2022-04-081-22/+3
| | | | | | | | | | | * Remove dependent on session auth for api/v1 routers * Remove unnecessary session on API context * remove missed header * fix test * fix missed api/v1
* Never use /api/v1 from Gitea UI Pages (#19318)Lunny Xiao2022-04-073-16/+92
| | | | | | | | | | | | | Reusing `/api/v1` from Gitea UI Pages have pros and cons. Pros: 1) Less code copy Cons: 1) API/v1 have to support shared session with page requests. 2) You need to consider for each other when you want to change something about api/v1 or page. This PR moves all dependencies to API/v1 from UI Pages. Partially replace #16052
* Remove legacy unmaintained packages, refactor to support change default ↵wxiaoguang2022-04-031-4/+5
| | | | | | | | | | locale (#19308) Remove two unmaintained vendor packages `i18n` and `paginater`. Changes: * Rewrite `i18n` package with a more clear fallback mechanism. Fix an unstable `Tr` behavior, add more tests. * Refactor the legacy `Paginater` to `Paginator`, test cases are kept unchanged. Trivial enhancement (no breaking for end users): * Use the first locale in LANGS setting option as the default, add a log to prevent from surprising users.
* Remove legacy `unknwon/com` package (#19298)wxiaoguang2022-04-021-3/+12
| | | | | | | Follows: #19284 * The `CopyDir` is only used inside test code * Rewrite `ToSnakeCase` with more test cases * The `RedisCacher` only put strings into cache, here we use internal `toStr` to replace the legacy `ToStr` * The `UniqueQueue` can use string as ID directly, no need to call `ToStr`
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-05 17:18:48 +0000