summaryrefslogtreecommitdiffstats
path: root/modules
Commit message (Collapse)AuthorAgeFilesLines
* Use path not filepath in template filenames (#21993)zeripath2022-12-021-3/+3
| | | | | | | | | | Paths in git are always separated by `/` not `\` - therefore we should `path` and not `filepath` Fix #21987 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Lauris BH <lauris@nix.lv>
* Util type to parse ref name (#21969)Jason Song2022-12-011-20/+37
| | | | | | | Provide a new type to make it easier to parse a ref name. Actually, it's picked up from #21937, to make the origin PR lighter. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Skip initing LFS storage if disabled (#21996)Jason Song2022-12-011-0/+4
| | | | | | | A complement to #21985. I overlooked it because the name of the switch is `StartServer`, not `Enabled`. I believe the weird name is a legacy, but renaming is out of scope.
* Skip initing disabled storages (#21985)Jason Song2022-11-303-26/+108
| | | | If `Attachment` or `Packages` are disabled, we don't have to init the storages for them.
* Normalize `AppURL` according to RFC 3986 (#21950)Saswat Padhi2022-11-291-8/+11
| | | | | | | | | | | Fixes #21865. Scheme-based normalization ([RFC 3986, section 6.2.3](https://www.rfc-editor.org/rfc/rfc3986#section-6.2.3)) was already implemented, but only for `defaultAppURL`. This PR implements the same for `AppURL`. Signed-off-by: Saswat Padhi <saswatpadhi@protonmail.com> Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Replace fmt.Sprintf with hex.EncodeToString (#21960)Jason Song2022-11-282-14/+14
| | | | | | | | | | | | | | | | | | | | | `hex.EncodeToString` has better performance than `fmt.Sprintf("%x", []byte)`, we should use it as much as possible. I'm not an extreme fan of performance, so I think there are some exceptions: - `fmt.Sprintf("%x", func(...)[N]byte())` - We can't slice the function return value directly, and it's not worth adding lines. ```diff func A()[20]byte { ... } - a := fmt.Sprintf("%x", A()) - a := hex.EncodeToString(A()[:]) // invalid + tmp := A() + a := hex.EncodeToString(tmp[:]) ``` - `fmt.Sprintf("%X", []byte)` - `strings.ToUpper(hex.EncodeToString(bytes))` has even worse performance.
* Implement FSFE REUSE for golang files (#21840)flynnnnnnnnnn2022-11-27726-1455/+734
| | | | | | | | | Change all license headers to comply with REUSE specification. Fix #16132 Co-authored-by: flynnnnnnnnnn <flynnnnnnnnnn@github> Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Correct the fallbacks for mailer configuration (#21945)zeripath2022-11-272-90/+92
| | | | | | | | | | | | | | | Unfortunately the fallback configuration code for [mailer] that were added in #18982 are incorrect. When you read a value from an ini section that key is added. This leads to a failure of the fallback mechanism. Further there is also a spelling mistake in the startTLS configuration. This PR restructures the mailer code to first map the deprecated settings on to the new ones - and then use ini.MapTo to map those on to the struct with additional validation as necessary. Ref #21744 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix typos (#21947)KN4CK3R2022-11-271-1/+1
| | | | | | | | | | | | | Two typos The `recieve` typo is also present in a translation. https://github.com/go-gitea/gitea/blob/5f38acd9a08958024e8bbf47bcc482c79d844e44/options/locale/locale_sv-SE.ini#L1760 Someone with a Crowdin account should fix that. ... and in a license file but I don't think we can change that because that's the official text. https://github.com/go-gitea/gitea/blob/5f38acd9a08958024e8bbf47bcc482c79d844e44/options/license/xinetd#L21
* Workaround for container registry push/pull errors (#21862)KN4CK3R2022-11-251-0/+7
| | | | | | | | | | | | | | | This PR addresses #19586 I added a mutex to the upload version creation which will prevent the push errors when two requests try to create these database entries. I'm not sure if this should be the final solution for this problem. I added a workaround to allow a reupload of missing blobs. Normally a reupload is skipped because the database knows the blob is already present. The workaround checks if the blob exists on the file system. This should not be needed anymore with the above fix so I marked this code to be removed with Gitea v1.20. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Add support for HEAD requests in Maven registry (#21834)KN4CK3R2022-11-241-5/+13
| | | | | Related #18543 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix vertical align of committer avatar rendered by email address (#21884)Xinyu Zhou2022-11-231-3/+3
| | | | | | | | Committer avatar rendered by `func AvatarByEmail` are not vertical align as `func Avatar` does. - Replace literals `ui avatar` and `ui avatar vm` with the constant `DefaultAvatarClass`
* Handle empty author names (#21902)zeripath2022-11-232-2/+8
| | | | | | | | | | | Although git does expect that author names should be of the form: `NAME <EMAIL>` some users have been able to create commits with: `<EMAIL>` Fix #21900 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Add option to enable CAPTCHA validation for login (#21638)Xinyu Zhou2022-11-222-0/+61
| | | | | | | | | | | | | | | | | Enable this to require captcha validation for user login. You also must enable `ENABLE_CAPTCHA`. Summary: - Consolidate CAPTCHA template - add CAPTCHA handle and context - add `REQUIRE_CAPTCHA_FOR_LOGIN` config and docs - Consolidate CAPTCHA set-up and verification code Partially resolved #6049 Signed-off-by: Xinyu Zhou <i@sourcehut.net> Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Andrew Thornton <art27@cantab.net>
* Prepend refs/heads/ to issue template refs (#20461)zeripath2022-11-222-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix #20456 At some point during the 1.17 cycle abbreviated refishs to issue branches started breaking. This is likely due serious inconsistencies in our management of refs throughout Gitea - which is a bug needing to be addressed in a different PR. (Likely more than one) We should try to use non-abbreviated `fullref`s as much as possible. That is where a user has inputted a abbreviated `refish` we should add `refs/heads/` if it is `branch` etc. I know people keep writing and merging PRs that remove prefixes from stored content but it is just wrong and it keeps causing problems like this. We should only remove the prefix at the time of presentation as the prefix is the only way of knowing umambiguously and permanently if the `ref` is referring to a `branch`, `tag` or `commit` / `SHA`. We need to make it so that every ref has the appropriate prefix, and probably also need to come up with some definitely unambiguous way of storing `SHA`s if they're used in a `ref` or `refish` field. We must not store a potentially ambiguous `refish` as a `ref`. (Especially when referring a `tag` - there is no reason why users cannot create a `branch` with the same short name as a `tag` and vice versa and any attempt to prevent this will fail. You can even create a `branch` and a `tag` that matches the `SHA` pattern.) To that end in order to fix this bug, when parsing issue templates check the provided `Ref` (here a `refish` because almost all users do not know or understand the subtly), if it does not start with `refs/` add the `BranchPrefix` to it. This allows people to make their templates refer to a `tag` but not to a `SHA` directly. (I don't think that is particularly unreasonable but if people disagree I can make the `refish` be checked to see if it matches the `SHA` pattern.) Next we need to handle the issue links that are already written. The links here are created with `git.RefURL` Here we see there is a bug introduced in #17551 whereby the provided `ref` argument can be double-escaped so we remove the incorrect external escape. (The escape added in #17551 is in the right place - unfortunately I missed that the calling function was doing the wrong thing.) Then within `RefURL()` we check if an unprefixed `ref` (therefore potentially a `refish`) matches the `SHA` pattern before assuming that is actually a `commit` - otherwise is assumed to be a `branch`. This will handle most of the problem cases excepting the very unusual cases where someone has deliberately written a `branch` to look like a `SHA1`. But please if something is called a `ref` or interpreted as a `ref` make it a full-ref before storing or using it. By all means if something is a `branch` assume the prefix is removed but always add it back in if you are using it as a `ref`. Stop storing abbreviated `branch` names and `tag` names - which are `refish` as a `ref`. It will keep on causing problems like this. Fix #20456 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Replace yaml.v2 with yaml.v3 (#21832)Jason Song2022-11-214-10/+9
| | | | I don't see why we have to use two versions of yaml. The difference between the two versions has nothing to do with our usage.
* Allow disable RSS/Atom feed (#21622)Xinyu Zhou2022-11-212-2/+6
| | | | | | | This patch provide a mechanism to disable RSS/Atom feed. Signed-off-by: Xinyu Zhou <i@sourcehut.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: 6543 <6543@obermui.de>
* Support comma-delimited string as labels in issue template (#21831)Jason Song2022-11-196-128/+354
| | | | | | | | | | | | | | | The [labels in issue YAML templates](https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/syntax-for-issue-forms#top-level-syntax) can be a string array or a comma-delimited string, so a single string should be valid labels. The old codes committed in #20987 ignore this, that's why the warning is displayed: <img width="618" alt="image" src="https://user-images.githubusercontent.com/9418365/202112642-93dc72d0-71c3-40a2-9720-30fc2d48c97c.png"> Fixes #17877.
* Show syntax lexer name in file view/blame (#21814)silverwind2022-11-194-32/+78
| | | | | | | | | | | | | | | | | | | | | | Show which Chroma Lexer is used to highlight the file in the file header. It's useful for development to see what was detected, and I think it's not bad info to have for the user: <img width="233" alt="Screenshot 2022-11-14 at 22 31 16" src="https://user-images.githubusercontent.com/115237/201770854-44933dfc-70a4-487c-8457-1bb3cc43ea62.png"> <img width="226" alt="Screenshot 2022-11-14 at 22 36 06" src="https://user-images.githubusercontent.com/115237/201770856-9260ce6f-6c0f-442c-92b5-201e5b113188.png"> <img width="194" alt="Screenshot 2022-11-14 at 22 36 26" src="https://user-images.githubusercontent.com/115237/201770857-6f56591b-80ea-42cc-8ea5-21b9156c018b.png"> Also, I improved the way this header overflows on small screens: <img width="354" alt="Screenshot 2022-11-14 at 22 44 36" src="https://user-images.githubusercontent.com/115237/201774828-2ddbcde1-da15-403f-bf7a-6248449fa2c5.png"> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Add `context.Context` to more methods (#21546)KN4CK3R2022-11-1917-587/+525
| | | | | | | This PR adds a context parameter to a bunch of methods. Some helper `xxxCtx()` methods got replaced with the normal name now. Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Prevent dangling user redirects (#21856)Gusted2022-11-181-0/+3
| | | | | | - It's possible that the `user_redirect` table contains a user id that no longer exists. - Delete a user redirect upon deleting the user. - Add a check for these dangling user redirects to check-db-consistency.
* Fix setting HTTP headers after write (#21833)KN4CK3R2022-11-181-23/+43
| | | The headers can't be modified after it was send to the client.
* Ignore issue template with a special name (#21830)Jason Song2022-11-162-3/+46
| | | | | | | | | | | | | | A file in `ISSUE_TEMPLATE` with the name `config.yml` shouldn't be treated as a YAML template, it's for [configuring the template chooser](https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/configuring-issue-templates-for-your-repository#configuring-the-template-chooser). The old code tried to ignore the file, but it didn't work, caused by #20987. That's why the warning is displayed: <img width="415" alt="image" src="https://user-images.githubusercontent.com/9418365/202094067-804c42fe-0e9e-4fc5-bf01-d95fa336f54f.png"> Note that this PR is not an implementation of `config.yml`, there will be another one to do it.
* Add `updated_at` field to PullReview API object (#21812)Yarden Shoham2022-11-152-0/+3
| | | | | | | | | * Closes #19997 Adds an `updated_at` time field to the `PullReview` API object to specify when the pull request review's state changed. Signed-off-by: Yarden Shoham <hrsi88@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Adjust gitea doctor --run storages to check all storage types (#21785)zeripath2022-11-153-24/+232
| | | | | | | | The doctor check `storages` currently only checks the attachment storage. This PR adds some basic garbage collection functionality for the other types of storage. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Prevent panic in doctor command when running default checks (#21791)zeripath2022-11-132-12/+24
| | | | | | | | | | | | | | | | There was a bug introduced in #21352 due to a change of behaviour caused by #19280. This causes a panic on running the default doctor checks because the panic introduced by #19280 assumes that the only way opts.StdOut and opts.Stderr can be set in RunOpts is deliberately. Unfortunately, when running a git.Command the provided RunOpts can be set, therefore if you share a common set of RunOpts these two values can be set by the previous commands. This PR stops using common RunOpts for the commands in that doctor check but secondly stops RunCommand variants from changing the provided RunOpts. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Allow detect whether it's in a database transaction for a context.Context ↵Lunny Xiao2022-11-123-4/+4
| | | | | | | | | | | | | | | | (#21756) Fix #19513 This PR introduce a new db method `InTransaction(context.Context)`, and also builtin check on `db.TxContext` and `db.WithTx`. There is also a new method `db.AutoTx` has been introduced but could be used by other PRs. `WithTx` will always open a new transaction, if a transaction exist in context, return an error. `AutoTx` will try to open a new transaction if no transaction exist in context. That means it will always enter a transaction if there is no error. Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: 6543 <6543@obermui.de>
* Adjust clone timeout error to suggest increasing timeout (#21769)zeripath2022-11-121-0/+4
| | | | | | | | | There are far too many error reports regarding timeouts from migrations. We should adjust error report to suggest increasing this timeout. Ref #20680 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add configuration for CORS allowed headers (#21747)Drew Noel2022-11-111-0/+2
| | | | | | | | | | This PR enhances the CORS middleware usage by allowing for the headers to be configured in `app.ini`. Fixes #21746 Co-authored-by: KN4CK3R <admin@oldschoolhack.me> Co-authored-by: John Olheiser <john.olheiser@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix dashboard ignored system setting cache (#21621)Lunny Xiao2022-11-105-129/+87
| | | | | | This is a performance regression from #18058 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Andrew Thornton <art27@cantab.net>
* Attempt clarify AppWorkPath etc. (#21656)zeripath2022-11-091-2/+2
| | | | | | | | | | Attempt clarify the AppWorkPath in the documentation by using different notation and adding a section to the start of the cheat sheet. Fix #21523 Signed-off-by: Andrew Thornton <art27@cantab.net> Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add package registry quota limits (#21584)KN4CK3R2022-11-092-1/+80
| | | | | | | | | | Related #20471 This PR adds global quota limits for the package registry. Settings for individual users/orgs can be added in a seperate PR using the settings table. Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Add attention blocks within quote blocks for `Note` and `Warning` (#21711)Yarden Shoham2022-11-093-0/+78
| | | | | | | | | | | | | | | | | | For each quote block, the first `**Note**` or `**Warning**` gets an icon prepended to it and its text is colored accordingly. GitHub does this (community/community#16925). [Initially requested on Discord.](https://discord.com/channels/322538954119184384/322538954119184384/1038816475638661181) ### Before ![image](https://user-images.githubusercontent.com/20454870/200408558-bd318302-6ff9-4d56-996f-9190e89013ec.png) ### After ![image](https://user-images.githubusercontent.com/20454870/200658863-1bac6461-dae7-4bf2-abd2-672d209574e4.png) Signed-off-by: Yarden Shoham <hrsi88@gmail.com> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: silverwind <me@silverwind.io>
* Move svg html render to modules/svg (#21716)Lunny Xiao2022-11-083-49/+77
| | | | | Also added more checks for the render function. Co-authored-by: silverwind <me@silverwind.io>
* Improve valid user name check (#20136)wxiaoguang2022-11-045-1/+66
| | | | | | | | | | | | | Close https://github.com/go-gitea/gitea/issues/21640 Before: Gitea can create users like ".xxx" or "x..y", which is not ideal, it's already a consensus that dot filenames have special meanings, and `a..b` is a confusing name when doing cross repo compare. After: stricter Co-authored-by: Jason Song <i@wolfogre.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: delvh <dev.lh@web.de>
* Fix token generation when using INTERNAL_TOKEN_URI (#21669)wxiaoguang2022-11-031-1/+11
| | | | | | | | | | | Fix https://github.com/go-gitea/gitea/issues/21666 Caused by https://github.com/go-gitea/gitea/pull/19663 Before: when install, the INTERNAL_TOKEN was always generated and saved. But the internal token may be already there by INTERNAL_TOKEN_URI After: INTERNAL_TOKEN_URI file must be non-empty. When install, skip internal token generation if the token exists.
* Add Webhook authorization header (#20926)oliverpool2022-11-032-23/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | _This is a different approach to #20267, I took the liberty of adapting some parts, see below_ ## Context In some cases, a weebhook endpoint requires some kind of authentication. The usual way is by sending a static `Authorization` header, with a given token. For instance: - Matrix expects a `Bearer <token>` (already implemented, by storing the header cleartext in the metadata - which is buggy on retry #19872) - TeamCity #18667 - Gitea instances #20267 - SourceHut https://man.sr.ht/graphql.md#authentication-strategies (this is my actual personal need :) ## Proposed solution Add a dedicated encrypt column to the webhook table (instead of storing it as meta as proposed in #20267), so that it gets available for all present and future hook types (especially the custom ones #19307). This would also solve the buggy matrix retry #19872. As a first step, I would recommend focusing on the backend logic and improve the frontend at a later stage. For now the UI is a simple `Authorization` field (which could be later customized with `Bearer` and `Basic` switches): ![2022-08-23-142911](https://user-images.githubusercontent.com/3864879/186162483-5b721504-eef5-4932-812e-eb96a68494cc.png) The header name is hard-coded, since I couldn't fine any usecase justifying otherwise. ## Questions - What do you think of this approach? @justusbunsi @Gusted @silverwind - ~~How are the migrations generated? Do I have to manually create a new file, or is there a command for that?~~ - ~~I started adding it to the API: should I complete it or should I drop it? (I don't know how much the API is actually used)~~ ## Done as well: - add a migration for the existing matrix webhooks and remove the `Authorization` logic there _Closes #19872_ Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Gusted <williamzijl7@hotmail.com> Co-authored-by: delvh <dev.lh@web.de>
* feat: notify doers of a merge when automerging (#21553)kolaente2022-11-038-2/+47
| | | | | | | | | | | | | | | | | | | | | | I found myself wondering whether a PR I scheduled for automerge was actually merged. It was, but I didn't receive a mail notification for it - that makes sense considering I am the doer and usually don't want to receive such notifications. But ideally I want to receive a notification when a PR was merged because I scheduled it for automerge. This PR implements exactly that. The implementation works, but I wonder if there's a way to avoid passing the "This PR was automerged" state down so much. I tried solving this via the database (checking if there's an automerge scheduled for this PR when sending the notification) but that did not work reliably, probably because sending the notification happens async and the entry might have already been deleted. My implementation might be the most straightforward but maybe not the most elegant. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Merge db.Iterate and IterateObjects (#21641)Lunny Xiao2022-10-314-13/+7
| | | These two functions are similiar, merge them.
* Deal with markdown template without metadata (#21639)Jason Song2022-10-312-10/+24
| | | | | | | | | | | | | | Fixed #21636. Related to #20987. A markdown template without metadata should not be treated as an invalid template. And this PR fixed another bug that non-template files(neither .md nor .yaml) are treated as yaml files. <img width="504" alt="image" src="https://user-images.githubusercontent.com/9418365/198968668-40082fa1-4f25-4d3e-9b73-1dbf6d1a7521.png">
* Keep languages defined in .gitattributes (#21403)KN4CK3R2022-10-292-19/+51
| | | | | | | | | | | | | Fixes #21377 This marks all "defined" languages in the `.gitattributes` file so they are not removed if they are not of type `programming` or `markup`. ![grafik](https://user-images.githubusercontent.com/1666336/194942021-1e641b60-bb8a-49c6-9a1c-413e7c4ba17d.png) Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Sync git hooks when config file path changed (#21619)Jason Song2022-10-281-1/+2
| | | | | | | | A patch to #17335. Just like AppPath, Gitea writes its own CustomConf into git hook scripts too. If Gitea's CustomConf changes, then the git push may fail. Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Allow disable sitemap (#21617)Xinyu Zhou2022-10-281-0/+2
| | | | | | | This patch provide a mechanism to disable [sitemap](https://github.com/go-gitea/gitea/pull/18407). Signed-off-by: Xinyu Zhou <i@sourcehut.net> Co-authored-by: 6543 <6543@obermui.de>
* Use right syntax for symbolic-ref command (#21577)Clar Fon2022-10-281-1/+1
| | | | | | | Follow-up to #21352: when testing this out, I found out that the syntax for the `symbolic-ref` command was different than originally assumed in that PR. Never got around to submitting a PR until now. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Revert: auto generate INTERNAL_TOKEN (#21608)wxiaoguang2022-10-281-0/+19
| | | | | | | | Follow #19663 Some users do cluster deployment, they still depend on this auto-generating behavior. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix `Timestamp.IsZero` (#21593)KN4CK3R2022-10-261-1/+1
| | | | | | | | | | Our implementation of `IsZero` can't work. An "empty" timestamp (= 0) calls `time.Unix(int64(ts), 0).IsZero()` which is always `false`. Only `time.Time{}.IsZero()` is `true`. We call this method ~~only at one place~~ and there the value (`UpdatedUnix`) should be always != 0 so this PR may not have consequences. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Replace all instances of fmt.Errorf(%v) with fmt.Errorf(%w) (#21551)delvh2022-10-2446-169/+169
| | | | | | | | | Found using `find . -type f -name '*.go' -print -exec vim {} -c ':%s/fmt\.Errorf(\(.*\)%v\(.*\)err/fmt.Errorf(\1%w\2err/g' -c ':wq' \;` Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix package access for admins and inactive users (#21580)KN4CK3R2022-10-241-3/+6
| | | | | | | | I noticed an admin is not allowed to upload packages for other users because `ctx.IsSigned` was not set. I added a check for `user.IsActive` and `user.ProhibitLogin` too because both was not checked. Tests enforce this now. Co-authored-by: Lauris BH <lauris@nix.lv>
* Record OAuth client type at registration (#21316)M Hickford2022-10-242-14/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The OAuth spec [defines two types of client](https://datatracker.ietf.org/doc/html/rfc6749#section-2.1), confidential and public. Previously Gitea assumed all clients to be confidential. > OAuth defines two client types, based on their ability to authenticate securely with the authorization server (i.e., ability to > maintain the confidentiality of their client credentials): > > confidential > Clients capable of maintaining the confidentiality of their credentials (e.g., client implemented on a secure server with > restricted access to the client credentials), or capable of secure client authentication using other means. > > **public > Clients incapable of maintaining the confidentiality of their credentials (e.g., clients executing on the device used by the resource owner, such as an installed native application or a web browser-based application), and incapable of secure client authentication via any other means.** > > The client type designation is based on the authorization server's definition of secure authentication and its acceptable exposure levels of client credentials. The authorization server SHOULD NOT make assumptions about the client type. https://datatracker.ietf.org/doc/html/rfc8252#section-8.4 > Authorization servers MUST record the client type in the client registration details in order to identify and process requests accordingly. Require PKCE for public clients: https://datatracker.ietf.org/doc/html/rfc8252#section-8.1 > Authorization servers SHOULD reject authorization requests from native apps that don't use PKCE by returning an error message Fixes #21299 Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Refactor git command arguments and make all arguments to be safe to be used ↵wxiaoguang2022-10-2334-244/+266
| | | | | | | (#21535) Follow #21464 Make all git command arguments strictly safe. Most changes are one-to-one replacing, keep all existing logic.