aboutsummaryrefslogtreecommitdiffstats
path: root/modules
Commit message (Collapse)AuthorAgeFilesLines
* Add Status Updates whilst Gitea migrations are occurring (#15076)zeripath2021-06-165-8/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Add migrating message Signed-off-by: Andrew Thornton <art27@cantab.net> * simplify messenger Signed-off-by: Andrew Thornton <art27@cantab.net> * make messenger an interface Signed-off-by: Andrew Thornton <art27@cantab.net> * rename Signed-off-by: Andrew Thornton <art27@cantab.net> * prepare for merge Signed-off-by: Andrew Thornton <art27@cantab.net> * as per tech Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
* issue-keyword class is being incorrectly stripped off spans (#16163)zeripath2021-06-161-5/+2
| | | | | | Bluemonday sanitizer regexp rules are not additive, so the addition of the icons, emojis and chroma syntax policy has led to this being stripped. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Make command in authorized keys a template (#16003)zeripath2021-06-141-41/+49
| | | | | | | | Fix #15595 Replaces #15978 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add push to remote mirror repository (#15157)KN4CK3R2021-06-1417-232/+1004
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Added push mirror model. * Integrated push mirror into queue. * Moved methods into own file. * Added basic implementation. * Mirror wiki too. * Removed duplicated method. * Get url for different remotes. * Added migration. * Unified remote url access. * Add/Remove push mirror remotes. * Prevent hangs with missing credentials. * Moved code between files. * Changed sanitizer interface. * Added push mirror backend methods. * Only update the mirror remote. * Limit refs on push. * Added UI part. * Added missing table. * Delete mirror if repository gets removed. * Changed signature. Handle object errors. * Added upload method. * Added "upload" unit tests. * Added transfer adapter unit tests. * Send correct headers. * Added pushing of LFS objects. * Added more logging. * Simpler body handling. * Process files in batches to reduce HTTP calls. * Added created timestamp. * Fixed invalid column name. * Changed name to prevent xorm auto setting. * Remove table header im empty. * Strip exit code from error message. * Added docs page about mirroring. * Fixed date. * Fixed merge errors. * Moved test to integrations. * Added push mirror test. * Added test.
* small refactor for retry downloader (#16137)a10121127962021-06-131-134/+83
| | | Signed-off-by: a1012112796 <1012112796@qq.com>
* Set self-adjusting deadline for connection writing (#16068)zeripath2021-06-113-34/+65
| | | | | | | | | | | | | | | | | | | | | | | | | * Set self-adjusting deadline for connection writing In #16055 it appears that the simple 5s deadline doesn't work for large file writes. Now we can't - or at least shouldn't just set no deadline as go will happily let these connections block indefinitely. However, what seems reasonable is to set some minimum rate we expect for writing. This PR suggests the following algorithm: * Every write has a minimum timeout of 5s (adjustable at compile time.) * If there has been a previous write - then consider its previous deadline, add half of the minimum timeout + 2s per kb about to written. * If that new deadline is after the minimum timeout use that. Fix #16055 * Linearly increase timeout * Make PerWriteTimeout, PerWritePerKbTimeouts configurable Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
* Add sso.Group, context.Auth, context.APIAuth to allow auth special routes ↵Lunny Xiao2021-06-0911-1085/+44
| | | | | | | | | | | (#16086) * Add sso.Group, context.Auth, context.APIAuth to allow auth special routes * Remove unnecessary check * Rename sso -> auth * remove unused method of Auth interface
* Fix data URI scramble (#16098)KN4CK3R2021-06-074-19/+23
| | | | | | | * Removed unused method. * No prefix for data uris. * Added test to prevent regressions.
* Fixed assert statements. (#16089)KN4CK3R2021-06-0723-106/+105
|
* Make commit info cancelable (#16032)zeripath2021-06-069-32/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Make modules/context.Context a context.Context Signed-off-by: Andrew Thornton <art27@cantab.net> * Simplify context calls Signed-off-by: Andrew Thornton <art27@cantab.net> * Set the base context for requests to the HammerContext Signed-off-by: Andrew Thornton <art27@cantab.net> * pass context into get-last-commit Signed-off-by: Andrew Thornton <art27@cantab.net> * Make commit_info cancellable Signed-off-by: Andrew Thornton <art27@cantab.net> * use context as context Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
* Fix regression of renderer (#16091)Lunny Xiao2021-06-062-24/+36
| | | | | * Fix regression of renderer * Fix render setting load twice bug
* Rewrite of the LFS server (#15523)KN4CK3R2021-06-061-2/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Restructured code. Moved static checks out of loop. * Restructured batch api. Add support for individual errors. * Let router decide if LFS is enabled. * Renamed methods. * Return correct status from verify handler. * Unified media type check in router. * Changed error code according to spec. * Moved checks into router. * Removed invalid v1 api methods. * Unified methods. * Display better error messages. * Added size parameter. Create meta object on upload. * Use object error on invalid size. * Skip upload if object exists. * Moved methods. * Suppress fields in response. * Changed error on accept. * Added tests. * Use ErrorResponse object. * Test against message property. * Add support for the old invalid lfs client. * Fixed the check because MinIO wraps the error. * Use individual repositories. Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lauris BH <lauris@nix.lv>
* Fix panic (#16072)zeripath2021-06-051-1/+1
| | | | | | | There is an incorrect casting in the wrapped queue. Fix #16071 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add Image Diff for SVG files (#14867)KN4CK3R2021-06-059-236/+213
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * Added type sniffer. * Switched content detection from base to typesniffer. * Added GuessContentType to Blob. * Moved image info logic to client. Added support for SVG images in diff. * Restore old blocked svg behaviour. * Added missing image formats. * Execute image diff only when container is visible. * add margin to spinner * improve BIN tag on image diffs * Default to render view. * Show image diff on incomplete diff. Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Lauris BH <lauris@nix.lv>
* Copy git data from disk when restore repository (#16066)Lunny Xiao2021-06-043-6/+11
|
* Encrypt migration credentials at rest (#15895)Norwin2021-05-312-4/+28
| | | | | | | | | | | | | | | | | | | | | | | | * encrypt migration credentials in task persistence Not sure this is the best approach, we could encrypt the entire `PayloadContent` instead. Also instead of clearing individual fields in payload content, we could just delete the task once it has (successfully) finished..? * remove credentials of past migrations * only run DB migration for completed tasks * fix binding * add omitempty * never serialize unencrypted credentials * fix import order Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix bug in reverse proxy (#16026)zeripath2021-05-311-1/+1
| | | | | | | | | | | Unfortunately go panics you try to cast a nil interface{} as another primitive therefore you need to check interfaces are not nil before casting. Fix #16025 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Make modules/context.Context a context.Context (#16031)zeripath2021-05-312-1/+24
| | | | | | | | | | | | | | | * Make modules/context.Context a context.Context Signed-off-by: Andrew Thornton <art27@cantab.net> * Simplify context calls Signed-off-by: Andrew Thornton <art27@cantab.net> * Set the base context for requests to the HammerContext Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Improve assets handler middleware (#15961)Lunny Xiao2021-05-303-124/+76
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Use route to serve assets but not middleware * Fix build error with bindata tag * convert path to absolute * fix build * reduce function stack * Add tests for assets * Remove test for assets because they are not generated * Use a http function to serve assets * Still use middleware to serve assets then less middleware stack for assets * Move serveContent to original position * remove unnecessary blank line change * Fix bug for /assets* requests * clean code Co-authored-by: zeripath <art27@cantab.net>
* Don't manipulate input params in email notification (#16011)Jimmy Praet2021-05-301-4/+0
|
* Fix get tag when migration (#16014)Lunny Xiao2021-05-291-1/+1
| | | Co-authored-by: zeripath <art27@cantab.net>
* Unified custom config creation (#16012)KN4CK3R2021-05-292-64/+35
| | | | | | | * Unified custom config creation. * Fixed log message. Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Allow Token/Basic auth on raw paths (#15987)zeripath2021-05-274-11/+15
| | | | | | | | | | | | It appears that people have been using token authentication to navigate to raw paths and recent changes have broken this. Whilst ideally these paths would not be being used like this - it was not the intention to be a breaking change. This PR restores access to these paths. Fix #13772 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix setting of SameSite on cookies (#15989)zeripath2021-05-261-3/+3
| | | | | | | Fix #15972 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Use filepath.ToSlash and Join in indexer defaults and queues (#15971)zeripath2021-05-252-9/+8
| | | | | | | | | As revealed by #15964 there is inconsistent use of filepath Join and path Join for these directories. The best thing to do is to use filepath.Join but then ToSlash them for consistency. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Change default queue settings to be low go-routines (#15964)zeripath2021-05-242-5/+5
| | | | | | | | This PR suggests a change to the default configuration for queues: * Use a common DATADIR for the queues * Set starting workers to 0 and make boost a single worker Signed-off-by: Andrew Thornton <art27@cantab.net>
* Make tasklist checkboxes clickable (#15791)KN4CK3R2021-05-233-13/+14
| | | | Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Lauris BH <lauris@nix.lv>
* Double the avatar size factor (#15941)silverwind2021-05-211-2/+2
| | | | | | | | | | * Double the avatar size factor This results on finer Avatar rendering on Hi-DPI display. * fix test Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* add a new internal hook to save ssh log (#15787)a10121127962021-05-213-0/+33
| | | | | | | | | | | | | | | | | | | | | | | | | * add a new internal hook to save ssh log as title, when a ssh error ocure like #15785. only when switch ``RUN_MODE`` to dev can we found which error is ocure. But this way is not a good idea for production envirment. this changes try save ssh error mesage to the log file like other log by a new internal hook. I think it's usefull for find error message in production envirment. Thanks. Signed-off-by: a1012112796 <1012112796@qq.com> * rename and fix nit * Update modules/private/hook.go Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Encrypt LDAP bind password in db with SECRET_KEY (#15547)zeripath2021-05-201-0/+1
| | | | | | | | | | | | | | | * Encrypt LDAP bind password in db with SECRET_KEY The LDAP source bind password are currently stored in plaintext in the db This PR simply encrypts them with the setting.SECRET_KEY. Fix #15460 Signed-off-by: Andrew Thornton <art27@cantab.net> * remove ui warning regarding unencrypted password Co-authored-by: silverwind <me@silverwind.io>
* git migration: don't prompt interactively for clone credentials (#15902)Norwin2021-05-171-2/+8
| | | | | | | * don't prompt interactively for clone credentials * apply GIT_TERMINAL_PROMPT=0 to all git cmds Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* GitHub: migrate draft releases too (#15884)65432021-05-152-34/+31
| | | | | * GitHub: migrate draft releases too * refactor
* Hold the event source when there are no listeners (#15725)zeripath2021-05-152-0/+35
| | | | | | | | | | * Hold the event source when there are no listeners The event source does not need to run when there are no listeners. Therefore pause it when there are none. * add some more logging Signed-off-by: Andrew Thornton <art27@cantab.net>
* Create a session on ReverseProxy and ensure that ReverseProxy users cannot ↵zeripath2021-05-151-5/+14
| | | | | | | | | | | | | | | change username (#15304) * Create a session on ReverseProxy and ensure that ReverseProxy users cannot change username ReverseProxy users should generate a session on reverse proxy username change. Also prevent ReverseProxy users from changing their username. Fix #2407 * add testcase Signed-off-by: Andrew Thornton <art27@cantab.net>
* Prevent double-login for Git HTTP and LFS and simplify login (#15303)zeripath2021-05-154-19/+170
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Prevent double-login for Git HTTP and LFS and simplify login There are a number of inconsistencies with our current methods for logging in for git and lfs. The first is that there is a double login process. This is particularly evident in 1.13 where there are no less than 4 hash checks for basic authentication due to the previous IsPasswordSet behaviour. This duplicated code had individual inconsistencies that were not helpful and caused confusion. This PR does the following: * Remove the specific login code from the git and lfs handlers except for the lfs special bearer token * Simplify the meaning of DisableBasicAuthentication to allow Token and Oauth2 sign-in. * The removal of the specific code from git and lfs means that these both now have the same login semantics and can - if not DisableBasicAuthentication - login from external services. Further it allows Oauth2 token authentication as per our standard mechanisms. * The change in the recovery handler prevents the service from re-attempting to login - primarily because this could easily cause a further panic and it is wasteful. * add test Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Andrew Thornton <art27@cantab.net>
* Multiple Queue improvements: LevelDB Wait on empty, shutdown empty shadow ↵zeripath2021-05-1523-409/+596
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | level queue, reduce goroutines etc (#15693) * move shutdownfns, terminatefns and hammerfns out of separate goroutines Coalesce the shutdownfns etc into a list of functions that get run at shutdown rather then have them run at goroutines blocked on selects. This may help reduce the background select/poll load in certain configurations. * The LevelDB queues can actually wait on empty instead of polling Slight refactor to cause leveldb queues to wait on empty instead of polling. * Shutdown the shadow level queue once it is empty * Remove bytefifo additional goroutine for readToChan as it can just be run in run * Remove additional removeWorkers goroutine for workers * Simplify the AtShutdown and AtTerminate functions and add Channel Flusher * Add shutdown flusher to CUQ * move persistable channel shutdown stuff to Shutdown Fn * Ensure that UPCQ has the correct config * handle shutdown during the flushing * reduce risk of race between zeroBoost and addWorkers * prevent double shutdown Signed-off-by: Andrew Thornton <art27@cantab.net>
* Close the gitrepo when deleting the repository (#15876)zeripath2021-05-141-0/+1
| | | | Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix LFS commit finder not working (#15856)KN4CK3R2021-05-143-9/+12
| | | | | | * Create a copy of the sha bytes. Co-authored-by: Andrew Thornton <art27@cantab.net>
* Add timeout to writing to responses (#15831)zeripath2021-05-141-0/+10
| | | | | | | | | | In #15826 it has become apparent that there are a few occasions when a response can hang during writing, and because there is no timeout go will happily just block interminably. This PR adds a fixed 5 second timeout to all writes to a connection. Fix #15826 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Stop calling WriteHeader in Write (#15862)zeripath2021-05-141-1/+1
| | | | | | | | | Fixes http: superfluous response.WriteHeader call from code.gitea.io/gitea/modules/context.(*Response).WriteHeader (response.go:67) * Looking again we don't need this writeHeader as all of our downstream implementations will always do it for us Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv>
* Allow custom highlight mapping beyond file extensions (#15808)mlpo2021-05-131-10/+17
| | | Co-authored-by: Lauris BH <lauris@nix.lv>
* fix truncate utf8 string (#15828)yan2021-05-132-4/+13
| | | | | * fix truncate utf8 string. * revoke truncated user info.
* Tagger can be empty, as can Commit and Author - tolerate this (#15835)zeripath2021-05-122-1/+4
| | | | | | | | | | | | | | Unfortunately some old repositories can have tags with empty Tagger, Commit or Author. Go-Git variants will always have empty values for these whereas the native git variant leaves them at nil. The simplest solution is just to always have these set to empty Signatures. v156 migration also makes the incorrect assumption that these cannot be empty. Therefore add some handling to this and add logging and adjust broken logging elsewhere in this migration. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Fix individual tests (addition to #15802) (#15818)KN4CK3R2021-05-121-0/+2
| | | | | | | | | | | | | | | | | | | | * Decouple TestAction_GetRepoLink and TestSizedAvatarLink. * Load database for TestCheckGPGUserEmail. * Load database for TestMakeIDsFromAPIAssigneesToAdd. * Load database for TestGetUserIDsByNames and TestGetMaileableUsersByIDs. * Load database for TestUser_ToUser. * Load database for TestRepository_EditWikiPage. * Include AppSubURL in test. * Prevent panic with empty slice. Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Queue manager FlushAll can loop rapidly - add delay (#15733)zeripath2021-05-121-6/+9
| | | | | | | | | | | | | * Queue manager FlushAll can loop rapidly - add delay Add delay within FlushAll to prevent rapid loop when workers are busy Signed-off-by: Andrew Thornton <art27@cantab.net> * as per lunny Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
* Add Active and ProhibitLogin to API (#15689)KN4CK3R2021-05-112-0/+6
| | | | | * Added active and prohibit_login. * Do not omit fields for normal users.
* Add mimetype mapping settings (#15133)Adam Szatyin2021-05-102-0/+32
| | | | | | | | | | | | | * Fix APK's Content-Type header * Fix case sensitive comparison * Add custom mime type mapping for downloadable files * Add documentation for MIME type mapping * Rename download.mimetype.mapping configuration to repository.mimetype_mapping Co-authored-by: zeripath <art27@cantab.net>
* Add err to log (#15813)John Olheiser2021-05-101-1/+1
| | | | Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Move restore repo to internal router and invoke from command to avoid open ↵Lunny Xiao2021-05-102-11/+101
| | | | | | | | | | | the same db file or queues files (#15790) * Move restore repo to internal router and invoke from command to avoid open the same db file or queues files * Follow @zeripath's review * set no timeout for resotre repo private request * make restore repo cancelable
* Use single shared random string generation function (#15741)silverwind2021-05-109-178/+87
| | | | | | | | | | | | | | | | | | * Use single shared random string generation function - Replace 3 functions that do the same with 1 shared one - Use crypto/rand over math/rand for a stronger RNG - Output only alphanumerical for URL compatibilty Fixes: #15536 * use const string method * Update modules/avatar/avatar.go Co-authored-by: a1012112796 <1012112796@qq.com> Co-authored-by: a1012112796 <1012112796@qq.com>