summaryrefslogtreecommitdiffstats
path: root/routers/admin
Commit message (Collapse)AuthorAgeFilesLines
* Ensure that search term and page are not lost on adoption page-turn (#14133) ↵zeripath2020-12-241-1/+10
| | | | | | | | | (#14143) Backport #14133 Fix #14111 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Validate email before inserting/updating (#13475) (#13666)65432020-11-222-0/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add email validity check (#13475) * Improve error feedback for duplicate deploy keys Instead of a generic HTTP 500 error page, a flash message is rendered with the deploy key page template so inform the user that a key with the intended title already exists. * API returns 422 error when key with name exists * Add email validity checking Add email validity checking for the following routes: [Web interface] 1. User registration 2. User creation by admin 3. Adding an email through user settings [API] 1. POST /admin/users 2. PATCH /admin/users/:username 3. POST /user/emails * Add further tests * Add signup email tests * Add email validity check for linking existing account * Address PR comments * Remove unneeded DB session * Move email check to updateUser Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io> * skip email validation on empty string (#13627) - move validation into its own function - use a session for UpdateUserSetting * rm TODO for backport Co-authored-by: Chris Shyi <chrisshyi13@gmail.com> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Remove PAM from auth dropdown when unavailable (#13276) (#13281)John Olheiser2020-10-231-8/+15
| | | Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Hide sync ssh keys button on admin dashboard if ssh disabled or builtin-ssh ↵Lunny Xiao2020-10-081-0/+1
| | | | | enabled (#13072) Co-authored-by: zeripath <art27@cantab.net>
* Only set the user password if the password field would have been shown (#12980)zeripath2020-09-291-1/+1
| | | | | | | | | POSTing to /admin/users/:id should only set the password if the the user IsLocal or IsOauth2 Fix #12952 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Adopt repositories (#12920)zeripath2020-09-251-1/+94
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Don't automatically delete repository files if they are present Prior to this PR Gitea would delete any repository files if they are present during creation or migration. This can in certain circumstances lead to data-loss and is slightly unpleasant. This PR provides a mechanism for Gitea to adopt repositories on creation and otherwise requires an explicit flag for deletion. PushCreate is slightly different - the create will cause adoption if that is allowed otherwise it will delete the data if that is allowed. Signed-off-by: Andrew Thornton <art27@cantab.net> * Update swagger Signed-off-by: Andrew Thornton <art27@cantab.net> * Fix tests and migrate overwrite Signed-off-by: Andrew Thornton <art27@cantab.net> * as per @lunny Only offer to adopt or overwrite if the user can do that. Allow the site administrator to adopt or overwrite in all circumstances Signed-off-by: Andrew Thornton <art27@cantab.net> * Use setting.Repository.DefaultBranch for the default branch Signed-off-by: Andrew Thornton <art27@cantab.net> * Always set setting.Repository.DefaultBranch Signed-off-by: Andrew Thornton <art27@cantab.net> * update swagger Signed-off-by: Andrew Thornton <art27@cantab.net> * update templates Signed-off-by: Andrew Thornton <art27@cantab.net> * ensure repo closed Signed-off-by: Andrew Thornton <art27@cantab.net> * Rewrite of adoption as per @6543 and @lunny Signed-off-by: Andrew Thornton <art27@cantab.net> * Apply suggestions from code review * update swagger Signed-off-by: Andrew Thornton <art27@cantab.net> * missing not Signed-off-by: Andrew Thornton <art27@cantab.net> * add modals and flash reporting Signed-off-by: Andrew Thornton <art27@cantab.net> * Make the unadopted page searchable Signed-off-by: Andrew Thornton <art27@cantab.net> * Add API Signed-off-by: Andrew Thornton <art27@cantab.net> * Fix swagger Signed-off-by: Andrew Thornton <art27@cantab.net> * fix swagger Signed-off-by: Andrew Thornton <art27@cantab.net> * Handle empty and non-master branched repositories Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net> * remove commented out code Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add check for LDAP group membership (#10869)John Olheiser2020-09-101-0/+5
| | | | | | | | | | | | | | This is a port of gogs/gogs#4398 The only changes made by myself are: Add locales Add some JS to the UI Otherwise all code credit goes to @aboron Resolves #10829 Signed-off-by: jolheiser <john.olheiser@gmail.com> Co-authored-by: zeripath <art27@cantab.net>
* Check passwords against HaveIBeenPwned (#12716)John Olheiser2020-09-081-0/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Implement pwn Signed-off-by: jolheiser <john.olheiser@gmail.com> * Update module Signed-off-by: jolheiser <john.olheiser@gmail.com> * Apply suggestions mrsdizzie Co-authored-by: mrsdizzie <info@mrsdizzie.com> * Add link to HIBP Signed-off-by: jolheiser <john.olheiser@gmail.com> * Add more details to admin command Signed-off-by: jolheiser <john.olheiser@gmail.com> * Add context to pwn Signed-off-by: jolheiser <john.olheiser@gmail.com> * Consistency and making some noise ;) Signed-off-by: jolheiser <john.olheiser@gmail.com> Co-authored-by: mrsdizzie <info@mrsdizzie.com> Co-authored-by: zeripath <art27@cantab.net>
* [Vendor] Switch go-version lib (#12719)65432020-09-051-1/+3
| | | | | | | | | | | | | | | | | | | | | * vendor: switch from "mcuadros/go-version" to "hashicorp/go-version" * Adapt P1 * simplify * fix lint * adapt * fix lint & rm old code * no deadlock * rm RWMutex and check GoVersion only 1-time * Copyright header Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Pause, Resume, Release&Reopen, Add and Remove Logging from command line (#11777)zeripath2020-07-051-1/+1
| | | | | | | | | | | | | | | | | | | | | | * Make LogDescriptions race safe * Add manager commands for pausing, resuming, adding and removing loggers Signed-off-by: Andrew Thornton <art27@cantab.net> * Placate lint * Ensure that file logger is run! * Add support for smtp and conn Signed-off-by: Andrew Thornton <art27@cantab.net> * Add release-and-reopen Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lauris BH <lauris@nix.lv>
* Multiple small admin dashboard fixes (#12153)zeripath2020-07-051-3/+6
| | | | | | | | | * Remove spurious spacing between Maintenance Operations and its table on dashboard * Prevent (EXTRA string) comments in Task headers * Redirect tasks started from monitor page back to monitor * Fix #12107 - redirects from process cancel should use AppSubUrl * When wrapping queues set the name correctly Signed-off-by: Andrew Thornton <art27@cantab.net>
* Refactor Cron and merge dashboard tasks (#10745)zeripath2020-05-161-59/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Refactor Cron and merge dashboard tasks * Merge Cron and Dashboard tasks * Make every cron task report a system notice on completion * Refactor the creation of these tasks * Ensure that execution counts of tasks is correct * Allow cron tasks to be started from the cron page * golangci-lint fixes * Enforce that only one task with the same name can be registered Signed-off-by: Andrew Thornton <art27@cantab.net> * fix name check Signed-off-by: Andrew Thornton <art27@cantab.net> * as per @guillep2k * as per @lafriks Signed-off-by: Andrew Thornton <art27@cantab.net> * Add git.CommandContext variants Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Users should not be able to prohibit their own login (#10970)赵智超2020-04-061-1/+7
| | | | | | | | | | | | | | | | * ui: limit managers prohibit themself to login Because I think it's crazy and not reasonale , that if a user can prohibit themself to login. so suggest limit this choice on ui Signed-off-by: a1012112796 <1012112796@qq.com> * skip self Prohibit Login in post event handle * fix comment Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: John Olheiser <john.olheiser@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Upgrade xorm to v1.0.0 (#10646)Lunny Xiao2020-03-221-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Upgrade xorm to v1.0.0 * small nit * Fix tests * Update xorm * Update xorm * fix go.sum * fix test * Fix bug when dump * Fix bug * update xorm to latest * Fix migration test * update xorm to latest * Fix import order * Use xorm tag
* System-wide webhooks (#10546)James Lakin2020-03-091-15/+34
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Create system webhook column (and migration) * Create system webhook DB methods Based on the default webhook ones * Modify router to handle system webhooks and default ones * Remove old unused admin nav template * Adjust orgRepoCtx to differentiate system and default webhook URLs * Assign IsSystemWebhook when creating webhooks * Correctly use booleans for IsSystemWebhook * Use system webhooks when preparing webhooks for payload * Add UI and locale changes * Use router params to differentiate admin hook pages * Fix deleting admin webhooks and rename method * Add clarity to webhook docs * Revert "Remove old unused admin nav template" This reverts commit 191a20a7389fe5f6256b0ad6aafd04b9b0e295c5. * Rename WebHooksNewPost to GiteaHooksNewPost for clarity * Reintroduce blank line lost during merge conflict Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Lauris BH <lauris@nix.lv>
* Add restricted user filter to LDAP authentication (#10600)Lauris BH2020-03-051-0/+1
| | | | | | * Add restricted user filter to LDAP authentification * Fix unit test cases
* Admin page for managing user e-mail activation (#10557)guillep2k2020-03-021-0/+157
| | | | | | | | | | | | | | | | | | | | | | | | * Implement mail activation admin panel * Add export comments * Fix another export comment * again... * And again! * Apply suggestions by @lunny * Add UI for user activated emails * Make new activation UI work * Fix lint * Prevent admin from self-deactivate; add modal Co-authored-by: zeripath <art27@cantab.net>
* Change admin dashboard to POST (#10465)John Olheiser2020-02-251-11/+19
| | | | | | | | * Add form and convert to POST * Redirect for flash Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Various fixes in login sources (#10428)guillep2k2020-02-231-0/+3
|
* Movde dependents on macaron from modules/setting (#10050)Lunny Xiao2020-01-291-1/+8
| | | | Co-authored-by: Lauris BH <lauris@nix.lv>
* Queue: Make WorkerPools and Queues flushable (#10001)zeripath2020-01-281-4/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Make WorkerPools and Queues flushable Adds Flush methods to Queues and the WorkerPool Further abstracts the WorkerPool Adds a final step to Flush the queues in the defer from PrintCurrentTest Fixes an issue with Settings inheritance in queues Signed-off-by: Andrew Thornton <art27@cantab.net> * Change to for loop * Add IsEmpty and begin just making the queues composed WorkerPools * subsume workerpool into the queues and create a flushable interface * Add manager command * Move flushall to queue.Manager and add to testlogger * As per @guillep2k * as per @guillep2k * Just make queues all implement flushable and clean up the wrapped queue flushes * cope with no timeout Co-authored-by: Lauris BH <lauris@nix.lv>
* API add/generalize pagination (#9452)SpaWn2KiLl2020-01-242-5/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * paginate results * fixed deadlock * prevented breaking change * updated swagger * go fmt * fixed find topic * go mod tidy * go mod vendor with go1.13.5 * fixed repo find topics * fixed unit test * added Limit method to Engine struct; use engine variable when provided; fixed gitignore * use ItemsPerPage for default pagesize; fix GetWatchers, getOrgUsersByOrgID and GetStargazers; fix GetAllCommits headers; reverted some changed behaviors * set Page value on Home route * improved memory allocations * fixed response headers * removed logfiles * fixed import order * import order * improved swagger * added function to get models.ListOptions from context * removed pagesize diff on unit test * fixed imports * removed unnecessary struct field * fixed go fmt * scoped PR * code improvements * code improvements * go mod tidy * fixed import order * fixed commit statuses session * fixed files headers * fixed headers; added pagination for notifications * go mod tidy * go fmt * removed Private from user search options; added setting.UI.IssuePagingNum as default valeu on repo's issues list * Apply suggestions from code review Co-Authored-By: 6543 <6543@obermui.de> Co-Authored-By: zeripath <art27@cantab.net> * fixed build error * CI.restart() * fixed merge conflicts resolve * fixed conflicts resolve * improved FindTrackedTimesOptions.ToOptions() method * added backwards compatibility on ListReleases request; fixed issue tracked time ToSession * fixed build error; fixed swagger template * fixed swagger template * fixed ListReleases backwards compatibility * added page to user search route Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net>
* Refactor repository check and sync functions (#9854)Lunny Xiao2020-01-201-5/+7
| | | Move more general repository functions out of models/repo.go
* Add option to prevent LDAP from deactivating everything on empty search (#9879)zeripath2020-01-201-0/+1
| | | | | | | | | | | * Add option to prevent LDAP from deactivating everything on empty search * Update options/locale/locale_en-US.ini Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Restricted users (#6274)Manush Dodunekov2020-01-131-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Restricted users (#4334): initial implementation * Add User.IsRestricted & UI to edit it * Pass user object instead of user id to places where IsRestricted flag matters * Restricted users: maintain access rows for all referenced repos (incl public) * Take logged in user & IsRestricted flag into account in org/repo listings, searches and accesses * Add basic repo access tests for restricted users Signed-off-by: Manush Dodunekov <manush@stendahls.se> * Mention restricted users in the faq Signed-off-by: Manush Dodunekov <manush@stendahls.se> * Revert unnecessary change `.isUserPartOfOrg` -> `.IsUserPartOfOrg` Signed-off-by: Manush Dodunekov <manush@stendahls.se> * Remove unnecessary `org.IsOrganization()` call Signed-off-by: Manush Dodunekov <manush@stendahls.se> * Revert to an `int64` keyed `accessMap` * Add type `userAccess` * Add convenience func updateUserAccess() * Turn accessMap into a `map[int64]userAccess` Signed-off-by: Manush Dodunekov <manush@stendahls.se> * or even better: `map[int64]*userAccess` * updateUserAccess(): use tighter syntax as suggested by lafriks * even tighter * Avoid extra loop * Don't disclose limited orgs to unauthenticated users * Don't assume block only applies to orgs * Use an array of `VisibleType` for filtering * fix yet another thinko * Ok - no need for u * Revert "Ok - no need for u" This reverts commit 5c3e886aabd5acd997a3b35687d322439732c200. Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com> Co-authored-by: Lauris BH <lauris@nix.lv>
* [API] add GET /orgs endpoint (#9560)65432020-01-121-1/+2
| | | | | | | | | | | | | | * introduce `GET /orgs` * add TEST * show also other VisibleType's * update description * refactor a lot * SearchUserOptions by default return only public
* Add owner_name column for table repository for maintaince reason (#9717)Lunny Xiao2020-01-121-1/+1
| | | | | | | | | | | | | | * Add owner_name column for table repository for maintaince reason * refactor * Fix tests * fix test * fix bug when fork repository Co-authored-by: zeripath <art27@cantab.net>
* Graceful Queues: Issue Indexing and Tasks (#9363)zeripath2020-01-071-0/+127
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Queue: Add generic graceful queues with settings * Queue & Setting: Add worker pool implementation * Queue: Add worker settings * Queue: Make resizing worker pools * Queue: Add name variable to queues * Queue: Add monitoring * Queue: Improve logging * Issues: Gracefulise the issues indexer Remove the old now unused specific queues * Task: Move to generic queue and gracefulise * Issues: Standardise the issues indexer queue settings * Fix test * Queue: Allow Redis to connect to unix * Prevent deadlock during early shutdown of issue indexer * Add MaxWorker settings to queues * Merge branch 'master' into graceful-queues * Update modules/indexer/issues/indexer.go Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * Update modules/indexer/issues/indexer.go Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * Update modules/queue/queue_channel.go Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * Update modules/queue/queue_disk.go * Update modules/queue/queue_disk_channel.go Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * Rename queue.Description to queue.ManagedQueue as per @guillep2k * Cancel pool workers when removed * Remove dependency on queue from setting * Update modules/queue/queue_redis.go Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * As per @guillep2k add mutex locks on shutdown/terminate * move unlocking out of setInternal * Add warning if number of workers < 0 * Small changes as per @guillep2k * No redis host specified not found * Clean up documentation for queues * Update docs/content/doc/advanced/config-cheat-sheet.en-us.md * Update modules/indexer/issues/indexer_test.go * Ensure that persistable channel queue is added to manager * Rename QUEUE_NAME REDIS_QUEUE_NAME * Revert "Rename QUEUE_NAME REDIS_QUEUE_NAME" This reverts commit 1f83b4fc9b9dabda186257b38c265fe7012f90df. Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Graceful: Xorm, RepoIndexer, Cron and Others (#9282)zeripath2019-12-151-2/+3
| | | | | | | | | | | | * Change graceful to use a singleton obtained through GetManager instead of a global. * Graceful: Make TestPullRequests shutdownable * Graceful: Make the cron tasks graceful * Graceful: AddTestPullRequest run in graceful ctx * Graceful: SyncMirrors shutdown * Graceful: SetDefaultContext for Xorm to be HammerContext * Avoid starting graceful for migrate commands and checkout * Graceful: DeliverHooks now can be shutdown * Fix multiple syncing errors in modules/sync/UniqueQueue & Make UniqueQueue closable * Begin the process of making the repo indexer shutdown gracefully
* Graceful: Cancel Process on monitor pages & HammerTime (#9213)zeripath2019-11-301-1/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * Graceful: Create callbacks to with contexts * Graceful: Say when Gitea is completely finished * Graceful: Git and Process within HammerTime Force all git commands to terminate at HammerTime Force all process commands to terminate at HammerTime Move almost all git processes to run as git Commands * Graceful: Always Hammer after Shutdown * ProcessManager: Add cancel functionality * Fix tests * Make sure that process.Manager.Kill() cancels * Make threadsafe access to Processes and remove own unused Kill * Remove cmd from the process manager as it is no longer used * the default context is the correct context * get rid of double till
* Properly fix displaying virtual session provider in admin panel (#9137)zeripath2019-11-281-7/+7
| | | | | | | | | | | | | | | * Properly fix #7127 Although #7300 properly shadows the password from the virtual session provider, the template displaying the provider config still presumed that the config was JSON. This PR updates the template and properly hides the Virtual Session provider. Fixes #7127 * update per @silverwind's suggestion
* Add single sign-on support via SSPI on Windows (#8463)QuaSoft2019-11-231-0/+64
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add single sign-on support via SSPI on Windows * Ensure plugins implement interface * Ensure plugins implement interface * Move functions used only by the SSPI auth method to sspi_windows.go * Field SSPISeparatorReplacement of AuthenticationForm should not be required via binding, as binding will insist the field is non-empty even if another login type is selected * Fix breaking of oauth authentication on download links. Do not create new session with SSPI authentication on download links. * Update documentation for the new 'SPNEGO with SSPI' login source * Mention in documentation that ROOT_URL should contain the FQDN of the server * Make sure that Contexter is not checking for active login sources when the ORM engine is not initialized (eg. when installing) * Always initialize and free SSO methods, even if they are not enabled, as a method can be activated while the app is running (from Authentication sources) * Add option in SSPIConfig for removing of domains from logon names * Update helper text for StripDomainNames option * Make sure handleSignIn() is called after a new user object is created by SSPI auth method * Remove default value from text of form field helper Co-Authored-By: Lauris BH <lauris@nix.lv> * Remove default value from text of form field helper Co-Authored-By: Lauris BH <lauris@nix.lv> * Remove default value from text of form field helper Co-Authored-By: Lauris BH <lauris@nix.lv> * Only make a query to the DB to check if SSPI is enabled on handlers that need that information for templates * Remove code duplication * Log errors in ActiveLoginSources Co-Authored-By: Lauris BH <lauris@nix.lv> * Revert suffix of randomly generated E-mails for Reverse proxy authentication Co-Authored-By: Lauris BH <lauris@nix.lv> * Revert unneeded white-space change in template Co-Authored-By: Lauris BH <lauris@nix.lv> * Add copyright comments at the top of new files * Use loopback name for randomly generated emails * Add locale tag for the SSPISeparatorReplacement field with proper casing * Revert casing of SSPISeparatorReplacement field in locale file, moving it up, next to other form fields * Update docs/content/doc/features/authentication.en-us.md Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * Remove Priority() method and define the order in which SSO auth methods should be executed in one place * Log authenticated username only if it's not empty * Rephrase helper text for automatic creation of users * Return error if more than one active SSPI auth source is found * Change newUser() function to return error, letting caller log/handle the error * Move isPublicResource, isPublicPage and handleSignIn functions outside SSPI auth method to allow other SSO methods to reuse them if needed * Refactor initialization of the list containing SSO auth methods * Validate SSPI settings on POST * Change SSPI to only perform authentication on its own login page, API paths and download links. Leave Toggle middleware to redirect non authenticated users to login page * Make 'Default language' in SSPI config empty, unless changed by admin * Show error if admin tries to add a second authentication source of type SSPI * Simplify declaration of global variable * Rebuild gitgraph.js on Linux * Make sure config values containing only whitespace are not accepted
* Fix password checks on admin create/edit user (#9076)guillep2k2019-11-201-3/+14
| | | | | | * Fix password checks on admin create/edit user * Remove incorrect trimspace
* Add password requirement info on error (#9074)guillep2k2019-11-191-2/+2
| | | | | | | | | | | | | | * Add password requirement info on error * Move BuildComplexityError to the password pkg * Unexport complexity type * Fix extra line * Update modules/password/password.go Co-Authored-By: Lauris BH <lauris@nix.lv>
* Shadow password correctly for session config (#8984)zeripath2019-11-141-9/+17
| | | | | | | Fix #8718 This PR shadows passwords in session config correctly by detecting the VirtualProvider, unmarshalling the original config and then shadowing config within that.
* Fix new user form for non-local users (#8826)Lauris BH2019-11-041-9/+11
|
* Move some repositories' operations to a standalone service package (#8557)Lunny Xiao2019-10-261-1/+2
| | | | | | | | | | | | * Move some repositories' operations to a standalone service package * improve code * remove unused codes * add rollback when fork failed * add repo when return
* Fix password complexity regex for special characters (on master) (#8525)guillep2k2019-10-161-2/+2
| | | | | | | | | | | | | | | | | | | | * Fix extra space * Fix regular expression * Fix error template name * Simplify check code, fix default values, add test * Fix router tests * Fix fmt * Fix setting and lint * Move cleaning up code to test, improve comments * Tidy up variable declaration
* Password Complexity Checks (#6230)Maxim Tkachenko2019-10-141-1/+9
| | | | | | | | | Add password complexity checks. The default settings require a lowercase, uppercase, number and a special character within passwords. Co-Authored-By: T-M-A <maxim.tkachenko@gmail.com> Co-Authored-By: Lanre Adelowo <adelowomailbox@gmail.com> Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> Co-Authored-By: Lauris BH <lauris@nix.lv>
* Move all mail related codes from models to services/mailer (#7200)Lunny Xiao2019-09-242-3/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * move all mail related codes from models to modules/mailer * fix lint * use DBContext instead Engine * use WithContext not WithEngine * Use DBContext instead of Engine * don't use defer when sess.Close() * move DBContext to context.go and add some methods * move mailer from modules/ to services * fix lint * fix tests * fix fmt * add gitea copyright * fix tests * don't expose db functions * make code clear * add DefaultDBContext * fix build * fix bug
* Move database settings from models to setting (#7806)Lunny Xiao2019-08-241-2/+2
| | | | | | | | | | | | | | | | | | * move database settings from models to setting * update docs * fix checkout pr * fix tests * fix lint * remove unsupported tidb options * correct wrong variable name * remove tidb totally
* Use gitea forked macaron (#7933)Tamal Saha2019-08-235-7/+8
| | | Signed-off-by: Tamal Saha <tamal@appscode.com>
* Display ui time with customize time location (#7792)Lunny Xiao2019-08-151-1/+2
| | | | | | | | | | | | | | | | | | * display ui time with customize time location * fix lint * rename UILocation to DefaultUILocation * move time related functions to modules/timeutil * fix tests * fix tests * fix build * fix swagger
* Shadow the password on cache and session config on admin panel (#7300)Lunny Xiao2019-06-272-2/+135
| | | | | | | | * shadow the password on cache and session config on admin panel * add shadow password of mysql/postgres/couchbase * fix log import
* Fix error log when loading issues caused by a xorm bug (#7271)Lunny Xiao2019-06-231-1/+1
| | | | | | | | | | | | * fix error log when loading issues caused by a xorm bug * upgrade packages * fix fmt * fix Consistency * fix tests
* show lfs config on admin panel (#7220)Lunny Xiao2019-06-161-0/+1
|
* Add golangci (#6418)kolaente2019-06-121-4/+0
|
* Repository avatar fallback configuration (#7087)Mario Lubenka2019-06-021-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Only show repository avatar in list when one was selected Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com> * Adds fallback configuration option for repository avatar Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com> * Implements repository avatar fallback Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com> * Adds admin task for deleting generated repository avatars Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com> * Solve linting issues Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com> * Save avatar before updating database * Linting * Update models/repo.go Co-Authored-By: zeripath <art27@cantab.net>
* Refactor models.NewRepoContext to extract git related codes to modules/git ↵Lunny Xiao2019-05-151-1/+2
| | | | | | | | | | (#6941) * refactor models.NewRepoContext to extract git related codes to modules/git * fix imports * refactor
* fix config ui error about cache ttl (#6861)Lunny Xiao2019-05-061-0/+1
|