summaryrefslogtreecommitdiffstats
path: root/modules
Commit message (Collapse)AuthorAgeFilesLines
* Better builtin avatar generator (#17707)wxiaoguang2021-11-207-17/+1109
| | | | | | | This PR fixes the builtin avatar generator. 1. The random background color makes some images very dirty. So now we only use white background for avatars. 2. We use left-right mirror avatars to satisfy #14799 3. Fix a small padding error in the algorithm
* Add settings to allow different SMTP envelope from address (#17479)zeripath2021-11-191-7/+25
| | | | | | | | | | | * Add settings to allow different SMTP envelope from address Sometimes it may be advisable to hide or alias the from address on an SMTP mail envelope. This PR adds two new options to the mailer to allow setting of an overriding from address. Fix #17477 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move attachment into models/repo/ (#17650)Lunny Xiao2021-11-193-5/+7
| | | | | | | * Move attachment into models/repo/ * Fix test * Fix bug
* Use a standalone struct name for Organization (#17632)Lunny Xiao2021-11-195-21/+16
| | | | | | | | | | | | | | | | | | | | | * Use a standalone struct name for Organization * recover unnecessary change * make the code readable * Fix template failure * Fix template failure * Move HasMemberWithUserID to org * Fix test * Remove unnecessary user type check * Fix test Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Prevent double sanitize (#16386)KN4CK3R2021-11-193-64/+48
| | | | | | | | * Prevent double sanitize. * Use SanitizeReaderToWriter. At the moment `actualRender` uses `SanitizeReader` to sanitize the output. But `SanitizeReader` gets called in `markup.render` too so the output gets sanitized twice. I moved the `SanitizeReader` call into `RenderRaw` because this method does not use `markup.render`. I would like to remove the `RenderRaw`/`RenderRawString` methods too because they are only called from tests, the fuzzer and the `/markup/raw` api endpoint. This endpoint is not in use so I think we could remove them. If we really in the future need a method to render markdown without PostProcessing we could achieve this with a more flexible `renderer.NeedPostProcess` method.
* Prevent deadlock in TestPersistableChannelQueue (#17717)zeripath2021-11-191-0/+33
| | | | | | | | | | | | * Prevent deadlock in TestPersistableChannelQueue There is a potential deadlock in TestPersistableChannelQueue due to attempting to shutdown the test queue before it is ready. Signed-off-by: Andrew Thornton <art27@cantab.net> * prevent npe Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move user/org deletion to services (#17673)KN4CK3R2021-11-191-1/+2
|
* Simplify code for wrting SHA to name-rev (#17696)Gusted2021-11-181-17/+8
|
* Move task from modules to services (#17680)Lunny Xiao2021-11-182-273/+0
|
* Move user functions into user.go (#17659)Lunny Xiao2021-11-181-6/+7
| | | | | * Move user functions into user.go * Fix test
* Remove unnecessary variable assignments (#17695)Gusted2021-11-183-6/+2
| | | | | | | | | | * Remove unnecessary variable assignments As title * enable ineffassign Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fixed commit count. (#17698)KN4CK3R2021-11-171-7/+11
| | | | Added "Tag" label. Unified branch, tag and commit name.
* Add .gitattribute assisted language detection to blame, diff and render (#17590)zeripath2021-11-178-71/+134
| | | | | | | Use check attribute code to check the assigned language of a file and send that in to chroma as a hint for the language of the file. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move some functions into services/repository (#17677)Lunny Xiao2021-11-174-314/+0
|
* A better go code formatter, and now `make fmt` can run in Windows (#17684)wxiaoguang2021-11-1723-10/+21
| | | | * go build / format tools * re-format imports
* Fix bug when read mysql database max lifetime (#17682)Lunny Xiao2021-11-171-2/+2
|
* Multiple Escaping Improvements (#17551)zeripath2021-11-1613-50/+71
| | | | | | | | | | | | | | There are multiple places where Gitea does not properly escape URLs that it is building and there are multiple places where it builds urls when there is already a simpler function available to use this. This is an extensive PR attempting to fix these issues. 1. The first commit in this PR looks through all href, src and links in the Gitea codebase and has attempted to catch all the places where there is potentially incomplete escaping. 2. Whilst doing this we will prefer to use functions that create URLs over recreating them by hand. 3. All uses of strings should be directly escaped - even if they are not currently expected to contain escaping characters. The main benefit to doing this will be that we can consider relaxing the constraints on user names and reponames in future. 4. The next commit looks at escaping in the wiki and re-considers the urls that are used there. Using the improved escaping here wiki files containing '/'. (This implementation will currently still place all of the wiki files the root directory of the repo but this would not be difficult to change.) 5. The title generation in feeds is now properly escaped. 6. EscapePound is no longer needed - urls should be PathEscaped / QueryEscaped as necessary but then re-escaped with Escape when creating html with locales Signed-off-by: Andrew Thornton <art27@cantab.net> Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move migrations into services and base into modules/migration (#17663)Lunny Xiao2021-11-1640-7622/+20
| | | | | | | * Move migrtions into services and base into modules/migration * Fix imports * Fix lint
* Move some functions into services/repository (#17660)Lunny Xiao2021-11-1610-1258/+0
|
* Decouple unit test, remove intermediate `unittestbridge` package (#17662)wxiaoguang2021-11-1613-135/+79
| | | Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Add copy button to markdown code blocks (#17638)silverwind2021-11-162-13/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add copy button to markdown code blocks Done mostly in JS because I think it's better not to try getting buttons past the markup sanitizer. * add svg module tests * fix sanitizer regexp * remove outdated comment * vertically center button in issue comments as well * add comment to css * fix undefined on view file line copy * combine animation less files * Update modules/markup/markdown/markdown.go Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> * add test for different sizes * add cloneNode and add tests for it * use deep clone * remove useless optional chaining * remove the svg node cache * unify clipboard copy string and i18n * remove unused var * remove unused localization * minor css tweaks to the button * comment tweak * remove useless attribute Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix nil checking on typed interface (#17598)Gusted2021-11-153-7/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | * Fix nil checking on typed interface - Partially resoles #17596 - Resolves SA4023 errors. - Ensure correctly that typed interface are nil. * Remove unnecessary code `NewBleveIndexer` will never return nil, even on errors. * Patch `NewBleveIndexer` * Fix low-level functions * Remove deadcode * Fix GetSession * Close Elastic search when err isn't nil * Update elastic_search.go Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Remove unnecassary calls to `filepath.Join` (#17608)Gusted2021-11-151-1/+1
| | | | | | | | | | | - Partialy resolvess #17596 - Resolves `badCall` errors from go-critic `badCall: suspicious Join on 1 argument` - When only 1 argument is passed into `filepath.Join`, it won't do anything special other than `filepath.Clean(...)` will be applied over it. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: 6543 <6543@obermui.de>
* Add migration from GitBucket (#16767)KN4CK3R2021-11-144-106/+195
| | | | | | | | | | | | | This PR adds [GitBucket](https://gitbucket.github.io/) as migration source. Supported: - Milestones - Issues - Pull Requests - Comments - Reviews - Labels There is no public usable instance so no integration tests added.
* Correctly handle failed migrations (#17575)zeripath2021-11-132-3/+6
| | | | | | | | | | | | | | * Correctly handle failed migrations There is a bug in handling failed migrations whereby the migration task gets decoupled from the migration repository. This leads to a failure of the task to get deleted with the repository and also leads to the migration failed page resulting in a ISE. This PR removes the zeroing out of the task id from the migration but also makes the migration handler tolerate missing tasks much nicer. Fix #17571 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Decouple unit test code from business code (#17623)wxiaoguang2021-11-1226-57/+119
|
* Move EmailAddress & UserRedirect into models/user/ (#17607)Lunny Xiao2021-11-112-4/+6
| | | | | | | | | | | | | | | | | | | | | * Move EmailAddress into models/user/ * Fix test * rename user_mail to user_email * Fix test * Move UserRedirect into models/user/ * Fix lint & test * Fix lint * Fix lint * remove nolint comment * Fix lint
* Move webhook into models/webhook/ (#17579)Lunny Xiao2021-11-107-53/+58
|
* Move unit into models/unit/ (#17576)Lunny Xiao2021-11-097-43/+49
| | | | | * Move unit into models/unit/ * Rename unit.UnitType as unit.Type
* Avoid double imports (#17569)Gusted2021-11-082-5/+3
| | | | | Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix bug on admin subcommand (#17533)Lunny Xiao2021-11-071-4/+5
| | | | | | | * Fix bug on admin subcommand * Add signals for all initDB Co-authored-by: Lauris BH <lauris@nix.lv>
* Fix ipv6 parsing for builtin ssh server (#17561)Wim2021-11-061-1/+2
|
* Use correct defaultValue for stracktrace (#17552)Gusted2021-11-051-1/+1
|
* Fix zero created time bug on commit api (#17546)Lunny Xiao2021-11-051-4/+6
| | | Fix #17543
* Add QueryEscape to general funcmap (#17526)zeripath2021-11-021-0/+1
| | | | | | QueryEscape was only added to the text funcmap. Add this to the main template funcmap too. Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix email with + when active (#17518)Lunny Xiao2021-11-021-0/+1
| | | Co-authored-by: zeripath <art27@cantab.net>
* Make Repo Code Indexer an Unique Queue (#17515)zeripath2021-11-022-24/+12
| | | | | | | The functioning of the code indexer queue really only makes sense as an unique queue and doing this allows use to simplify the indexer data to simply delete the data if the repo is no longer in the db. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Only allow webhook to send requests to allowed hosts (#17482)wxiaoguang2021-11-015-19/+244
|
* Properly determine CSV delimiter (#17459)Richard Mahn2021-10-303-86/+633
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fixes #16558 CSV delimiter determiner * Fixes #16558 - properly determine CSV delmiiter * Moves quoteString to a new function * Adds big test with lots of commas for tab delimited csv * Adds comments * Shortens the text of the test * Removes single quotes from regexp as only double quotes need to be searched * Fixes spelling * Fixes check of length as it probalby will only be 1e4, not greater * Makes sample size a const, properly removes truncated line * Makes sample size a const, properly removes truncated line * Fixes comment * Fixes comment * tests for FormatError() function * Adds logic to find the limiter before or after a quoted value * Simplifies regex * Error tests * Error tests * Update modules/csv/csv.go Co-authored-by: delvh <dev.lh@web.de> * Update modules/csv/csv.go Co-authored-by: delvh <dev.lh@web.de> * Adds comments * Update modules/csv/csv.go Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: delvh <dev.lh@web.de>
* Rename db Engines related functions (#17481)Lunny Xiao2021-10-303-4/+4
| | | | | * Rename db Engines related functions Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Ensure that restricted users can access repos for which they are members ↵zeripath2021-10-281-1/+1
| | | | | | | | | | | | | | | | | (#17460) There is a small bug in the way that repo access is checked in repoAssignment: Accessibility is checked by checking if the user has a marked access to the repository instead of checking if the user has any team granted access. This PR changes this permissions check to use HasAccess() which does the correct test. There is also a fix in the release api ListReleases where it should return draft releases if the user is a member of a team with write access to the releases. The PR also adds a testcase. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fixes #16559 - Do not trim leading spaces for tab delimited (#17442)Richard Mahn2021-10-262-8/+53
| | | | | | | | | | | * Fixes #16559 - Do not trim leading spaces for tab delimited * Adds back semicolon delimited test * Fixes linting * Adds nolint directive to test because uses strings starting with spaces Co-authored-by: zeripath <art27@cantab.net>
* Upgrade go-github to v39 (#17437)Lunny Xiao2021-10-262-2/+2
|
* In many cases user avatar link should be an absolute URL with http host (#17420)wxiaoguang2021-10-251-0/+1
|
* Add API to get/edit wiki (#17278)qwerty2872021-10-252-0/+107
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add API to get/edit wiki * Add swagger docs, various improvements * fmt * Fix lint and rm comment * Add page parameter * Add pagination to pages * Add tests * fmt * Update func names * Update error handling * Update type name * Fix lint * Don't delete Home * Update func name * Update routers/api/v1/repo/wiki.go Co-authored-by: delvh <dev.lh@web.de> * Remove unnecessary check * Fix lint * Use English strings * Update integrations/api_wiki_test.go Co-authored-by: delvh <dev.lh@web.de> * Update func and test names * Remove unsed check and avoid duplicated error reports * Improve error handling * Return after error * Document 404 error * Update swagger * Fix lint * Apply suggestions from code review Co-authored-by: delvh <dev.lh@web.de> * Document file encoding * fmt * Apply suggestions * Use convert * Fix integration test * simplify permissions * unify duplicate key Title/Name * improve types & return UTC timestamps * improve types pt.2 - add WikiPageMetaData.LastCommit - add WikiPageMetaData.HTMLURL - replace WikiPageMetaData.Updated with .LastCommit.Committer.Created also delete convert.ToWikiPage(), as it received too many arguments and only had one callsite anyway. sorry for bad advice earlier 🙃 * WikiPage.Content is base64 encoded * simplify error handling in wikiContentsByName() * update swagger * fix & DRY findWikiRepoCommit() error handling ListWikiPages() previously wrote error twice when repo wiki didn't exist * rename Content -> ContentBase64 * Fix test * Fix tests * Update var name * suburl -> sub_url Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: Norwin <git@nroo.de> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix CSV render error (#17406)KN4CK3R2021-10-251-14/+6
| | | | | | | | | | | closed #17378 Both errors from #17378 were caused by #15175. Problem 1 (error with added file): `ToUTF8WithFallbackReader` creates a `MultiReader` from a `byte[2048]` and the remaining reader. `CreateReaderAndGuessDelimiter` tries to read 10000 bytes from this reader but only gets 2048 because that's the first reader in the `MultiReader`. Then the `if size < 1e4` thinks the input is at EOF and just returns that. Problem 2 (error with changed file): The blob reader gets defer closed. That was fine because the old version reads the whole file into memory. Now with the streaming version the close needs to defer after the method.
* Read expected buffer size (#17409)KN4CK3R2021-10-246-11/+33
| | | | | | * Read expected buffer size. * Changed name.
* Fix issue markdown bugs (#17411)wxiaoguang2021-10-232-1/+5
| | | | * Bug fix: render Markdown http://AppURL/org/repo/issues/4?a=1&b=2#comment-123 test to HTML correctly, close #17394 * Bug fix: fix the positions of checkboxes in rendered HTML, close #17395
* Stop sanitizing full name in API (#17396)zeripath2021-10-221-2/+1
| | | | | | | | | | The API convert.toUser function makes the incorrect assumption that full names could be rendered as is without being escaped. It therefore runs the names through markup.Sanitize which leads to a double escape of user full names. This pr stops this. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Refactor update checker to use AppState (#17387)wxiaoguang2021-10-212-1/+100
| | | | | | | | We have the `AppState` module now, it can store app related data easily. We do not need to create separate tables for each feature. So the update checker can use `AppState` instead of a one-row dedicate table. And the code of update checker is moved from `models` to `modules`.