summaryrefslogtreecommitdiffstats
path: root/modules
Commit message (Collapse)AuthorAgeFilesLines
* add a new internal hook to save ssh log (#15787)a10121127962021-05-213-0/+33
| | | | | | | | | | | | | | | | | | | | | | | | | * add a new internal hook to save ssh log as title, when a ssh error ocure like #15785. only when switch ``RUN_MODE`` to dev can we found which error is ocure. But this way is not a good idea for production envirment. this changes try save ssh error mesage to the log file like other log by a new internal hook. I think it's usefull for find error message in production envirment. Thanks. Signed-off-by: a1012112796 <1012112796@qq.com> * rename and fix nit * Update modules/private/hook.go Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Encrypt LDAP bind password in db with SECRET_KEY (#15547)zeripath2021-05-201-0/+1
| | | | | | | | | | | | | | | * Encrypt LDAP bind password in db with SECRET_KEY The LDAP source bind password are currently stored in plaintext in the db This PR simply encrypts them with the setting.SECRET_KEY. Fix #15460 Signed-off-by: Andrew Thornton <art27@cantab.net> * remove ui warning regarding unencrypted password Co-authored-by: silverwind <me@silverwind.io>
* git migration: don't prompt interactively for clone credentials (#15902)Norwin2021-05-171-2/+8
| | | | | | | * don't prompt interactively for clone credentials * apply GIT_TERMINAL_PROMPT=0 to all git cmds Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* GitHub: migrate draft releases too (#15884)65432021-05-152-34/+31
| | | | | * GitHub: migrate draft releases too * refactor
* Hold the event source when there are no listeners (#15725)zeripath2021-05-152-0/+35
| | | | | | | | | | * Hold the event source when there are no listeners The event source does not need to run when there are no listeners. Therefore pause it when there are none. * add some more logging Signed-off-by: Andrew Thornton <art27@cantab.net>
* Create a session on ReverseProxy and ensure that ReverseProxy users cannot ↵zeripath2021-05-151-5/+14
| | | | | | | | | | | | | | | change username (#15304) * Create a session on ReverseProxy and ensure that ReverseProxy users cannot change username ReverseProxy users should generate a session on reverse proxy username change. Also prevent ReverseProxy users from changing their username. Fix #2407 * add testcase Signed-off-by: Andrew Thornton <art27@cantab.net>
* Prevent double-login for Git HTTP and LFS and simplify login (#15303)zeripath2021-05-154-19/+170
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Prevent double-login for Git HTTP and LFS and simplify login There are a number of inconsistencies with our current methods for logging in for git and lfs. The first is that there is a double login process. This is particularly evident in 1.13 where there are no less than 4 hash checks for basic authentication due to the previous IsPasswordSet behaviour. This duplicated code had individual inconsistencies that were not helpful and caused confusion. This PR does the following: * Remove the specific login code from the git and lfs handlers except for the lfs special bearer token * Simplify the meaning of DisableBasicAuthentication to allow Token and Oauth2 sign-in. * The removal of the specific code from git and lfs means that these both now have the same login semantics and can - if not DisableBasicAuthentication - login from external services. Further it allows Oauth2 token authentication as per our standard mechanisms. * The change in the recovery handler prevents the service from re-attempting to login - primarily because this could easily cause a further panic and it is wasteful. * add test Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Andrew Thornton <art27@cantab.net>
* Multiple Queue improvements: LevelDB Wait on empty, shutdown empty shadow ↵zeripath2021-05-1523-409/+596
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | level queue, reduce goroutines etc (#15693) * move shutdownfns, terminatefns and hammerfns out of separate goroutines Coalesce the shutdownfns etc into a list of functions that get run at shutdown rather then have them run at goroutines blocked on selects. This may help reduce the background select/poll load in certain configurations. * The LevelDB queues can actually wait on empty instead of polling Slight refactor to cause leveldb queues to wait on empty instead of polling. * Shutdown the shadow level queue once it is empty * Remove bytefifo additional goroutine for readToChan as it can just be run in run * Remove additional removeWorkers goroutine for workers * Simplify the AtShutdown and AtTerminate functions and add Channel Flusher * Add shutdown flusher to CUQ * move persistable channel shutdown stuff to Shutdown Fn * Ensure that UPCQ has the correct config * handle shutdown during the flushing * reduce risk of race between zeroBoost and addWorkers * prevent double shutdown Signed-off-by: Andrew Thornton <art27@cantab.net>
* Close the gitrepo when deleting the repository (#15876)zeripath2021-05-141-0/+1
| | | | Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix LFS commit finder not working (#15856)KN4CK3R2021-05-143-9/+12
| | | | | | * Create a copy of the sha bytes. Co-authored-by: Andrew Thornton <art27@cantab.net>
* Add timeout to writing to responses (#15831)zeripath2021-05-141-0/+10
| | | | | | | | | | In #15826 it has become apparent that there are a few occasions when a response can hang during writing, and because there is no timeout go will happily just block interminably. This PR adds a fixed 5 second timeout to all writes to a connection. Fix #15826 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Stop calling WriteHeader in Write (#15862)zeripath2021-05-141-1/+1
| | | | | | | | | Fixes http: superfluous response.WriteHeader call from code.gitea.io/gitea/modules/context.(*Response).WriteHeader (response.go:67) * Looking again we don't need this writeHeader as all of our downstream implementations will always do it for us Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv>
* Allow custom highlight mapping beyond file extensions (#15808)mlpo2021-05-131-10/+17
| | | Co-authored-by: Lauris BH <lauris@nix.lv>
* fix truncate utf8 string (#15828)yan2021-05-132-4/+13
| | | | | * fix truncate utf8 string. * revoke truncated user info.
* Tagger can be empty, as can Commit and Author - tolerate this (#15835)zeripath2021-05-122-1/+4
| | | | | | | | | | | | | | Unfortunately some old repositories can have tags with empty Tagger, Commit or Author. Go-Git variants will always have empty values for these whereas the native git variant leaves them at nil. The simplest solution is just to always have these set to empty Signatures. v156 migration also makes the incorrect assumption that these cannot be empty. Therefore add some handling to this and add logging and adjust broken logging elsewhere in this migration. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Fix individual tests (addition to #15802) (#15818)KN4CK3R2021-05-121-0/+2
| | | | | | | | | | | | | | | | | | | | * Decouple TestAction_GetRepoLink and TestSizedAvatarLink. * Load database for TestCheckGPGUserEmail. * Load database for TestMakeIDsFromAPIAssigneesToAdd. * Load database for TestGetUserIDsByNames and TestGetMaileableUsersByIDs. * Load database for TestUser_ToUser. * Load database for TestRepository_EditWikiPage. * Include AppSubURL in test. * Prevent panic with empty slice. Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Queue manager FlushAll can loop rapidly - add delay (#15733)zeripath2021-05-121-6/+9
| | | | | | | | | | | | | * Queue manager FlushAll can loop rapidly - add delay Add delay within FlushAll to prevent rapid loop when workers are busy Signed-off-by: Andrew Thornton <art27@cantab.net> * as per lunny Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
* Add Active and ProhibitLogin to API (#15689)KN4CK3R2021-05-112-0/+6
| | | | | * Added active and prohibit_login. * Do not omit fields for normal users.
* Add mimetype mapping settings (#15133)Adam Szatyin2021-05-102-0/+32
| | | | | | | | | | | | | * Fix APK's Content-Type header * Fix case sensitive comparison * Add custom mime type mapping for downloadable files * Add documentation for MIME type mapping * Rename download.mimetype.mapping configuration to repository.mimetype_mapping Co-authored-by: zeripath <art27@cantab.net>
* Add err to log (#15813)John Olheiser2021-05-101-1/+1
| | | | Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Move restore repo to internal router and invoke from command to avoid open ↵Lunny Xiao2021-05-102-11/+101
| | | | | | | | | | | the same db file or queues files (#15790) * Move restore repo to internal router and invoke from command to avoid open the same db file or queues files * Follow @zeripath's review * set no timeout for resotre repo private request * make restore repo cancelable
* Use single shared random string generation function (#15741)silverwind2021-05-109-178/+87
| | | | | | | | | | | | | | | | | | * Use single shared random string generation function - Replace 3 functions that do the same with 1 shared one - Use crypto/rand over math/rand for a stronger RNG - Output only alphanumerical for URL compatibilty Fixes: #15536 * use const string method * Update modules/avatar/avatar.go Co-authored-by: a1012112796 <1012112796@qq.com> Co-authored-by: a1012112796 <1012112796@qq.com>
* On open repository open common cat file batch and batch-check (#15667)zeripath2021-05-1025-161/+451
| | | | | | | Use common git cat-file --batch and git cat-file --batch-check to significantly reduce calls to git. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix incorrect asset URL (#15805)silverwind2021-05-091-1/+1
| | | | Fixes another regression from https://github.com/go-gitea/gitea/pull/15219.
* Respect default merge message syntax when parsing item references (#15772)Steven2021-05-092-1/+8
| | | | | | | * Respect merge message structure for parsing item references Signed-off-by: JustusBunsi <61625851+justusbunsi@users.noreply.github.com> Co-authored-by: zeripath <art27@cantab.net>
* Add trace logging to SSO methods (#15803)zeripath2021-05-095-0/+20
| | | | | | It is currenly impossible to detect which "SSO" method is responsible for login. This PR adds some basic trace logging to these methods. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Tests should use test files (#15801)65432021-05-091-10/+5
|
* Allow only internal registration (#15795)65432021-05-091-0/+6
| | | | | * Add ALLOW_ONLY_INTERNAL_REGISTRATION into settings * OpenID respect setting too
* Fixed individual markdown tests. (#15802)KN4CK3R2021-05-091-0/+6
|
* Exponential Backoff for ByteFIFO (#15724)zeripath2021-05-081-29/+59
| | | | | | | | | | This PR is another in the vein of queue improvements. It suggests an exponential backoff for bytefifo queues to reduce the load from queue polling. This will mostly be useful for redis queues. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv>
* Rename StaticUrlPrefix to AssetUrlPrefix (#15779)silverwind2021-05-081-1/+1
| | | | Use a new name for this template/frontend variable to make it distinct from the server variable StaticURLPrefix.
* Fix URL of gitea emoji (#15770)silverwind2021-05-072-2/+2
| | | Fixes regression from #15219
* OAuth2 login: Set account link to "login" as default behavior (#15768)65432021-05-071-3/+3
|
* Set GIT_DIR correctly if it is not set (#15751)zeripath2021-05-071-3/+47
| | | | | | | * Set GIT_DIR correctly if it is not set * Expand out templates Signed-off-by: Andrew Thornton <art27@cantab.net>
* Drop back to use IsAnInteractiveSession for SVC (#15749)zeripath2021-05-071-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | * Drop back to use IsAnInteractiveSession for SVC There is an apparent permission change problem when using IsWindowsService to determine if the SVC manager should be used. This PR simply drops back to using IsAnInteractiveSession as this does not change behaviour. Fix #15454 Signed-off-by: Andrew Thornton <art27@cantab.net> * Yes staticcheck I know this is deprecated Signed-off-by: Andrew Thornton <art27@cantab.net> * Just leave me alone lint Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
* Fix bug where repositories appear unadopted (#15757)zeripath2021-05-071-1/+1
| | | | | | | Fix bug where repositories with capital letters in their names appear unadopted. Fix #15755 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* fix some ui bug about draft release (#15137)a10121127962021-05-061-1/+4
| | | | | | | | | | | | | | | | | | | * fix some ui bug about draft release - should not show draft release in tag list because it will't create real tag - still show draft release without tag and commit message for draft release instead of 404 error - remove tag load for attachement links because it's useless Signed-off-by: a1012112796 <1012112796@qq.com> * add test code * fix test That's because has added a new release in relaese test database. * fix dropdown link for draft release
* Defer closing the gitrepo until the end of the wrapped context functions ↵zeripath2021-05-062-8/+41
| | | | | | | | | (#15653) There was a mistake in #15372 where deferral of gitrepo close occurs before it should. This PR fixes this. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Use route rather than use thus reducing the number of stack frames (#15301)zeripath2021-05-041-0/+6
| | | | | | | | | | | | Since the move to Chi the number of stack frames has proliferated somewhat catastrophically and we're up to 96 frames with multiple tests of the url outside of a trie which is inefficient. This PR reduces the number of stack frames by 6 through careful use of Route, moves Captcha into its own router so that it only fires on Captcha routes, similarly for avatars and repo-avatars. The robots.txt, / and apple-touch-icon.png are moved out of requiring Contexter. It moves access logger higher in the stack frame because there is no reason why it can't be higher. Extract from #15186 Contains #15292
* Fix setting redis db path (#15698)zeripath2021-05-031-3/+3
| | | | | | | | There is a bug setting the redis db in the common nosql manager whereby the db path always fails. This PR fixes this. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Prevent race in TestChannelQueue_Batch (#15703)zeripath2021-05-031-3/+3
| | | | | | | | There is a potential race in TestChannelQueue_Batch due to boost workers starting up This PR simply removes the boosts from this test. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Addition to (Add Location, Website and Description to API #15675) (#15690)KN4CK3R2021-05-023-9/+10
| | | | | | | | | * Use same name as other structs. * Sync with normal forms. * Edit description with API. * Workaround for nil value.
* Only use boost workers for leveldb shadow queues (#15696)zeripath2021-05-023-10/+48
| | | | | | | | | | | * The leveldb shadow queue of a persistable channel queue should always start with 0 workers and just use boost to add additional workers if necessary. * create a zero boost so that if there are no workers in a pool - boost to start the workers * actually set timeout appropriately on boosted workers Signed-off-by: Andrew Thornton <art27@cantab.net>
* Performance improvement for last commit cache and show-ref (#15455)zeripath2021-05-023-5/+30
| | | | | | | * Improve performance when there are multiple commits in the last commit cache * read refs directly if we can Signed-off-by: Andrew Thornton <art27@cantab.net>
* add cron job to delete old actions from database (#15688)a10121127962021-05-011-0/+15
| | | | | that's a way to save database storage space. Signed-off-by: a1012112796 <1012112796@qq.com>
* Add Location, Website and Biography to API (#15675)KN4CK3R2021-05-012-7/+16
|
* Delete references if repository gets deleted (#15681)KN4CK3R2021-04-301-9/+46
| | | | | | | * Remove DeletedBranch and LFSLocks. * Sort beans. Co-authored-by: zeripath <art27@cantab.net>
* Unified link creation. (#15619)KN4CK3R2021-04-301-3/+2
|
* Delete protected branch if repository gets removed (#15658)KN4CK3R2021-04-301-8/+26
| | | | | | | * Added missing error parameters. * Delete protected branch if repository gets removed. * Added doctor fix.
* add `/assets` as root dir of public files (#15219)a10121127962021-04-284-5/+4
| | | | | | | | | | | | | | | | | | | | | | | | | * add `/assets` as root dir of public files Signed-off-by: a1012112796 <1012112796@qq.com> * move serviceworker.js * make fmt * fix some link * fix test * Apply suggestions from code review Co-authored-by: silverwind <me@silverwind.io> * Apply suggestions from code review Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: zeripath <art27@cantab.net>