summaryrefslogtreecommitdiffstats
path: root/routers/api
Commit message (Collapse)AuthorAgeFilesLines
* Move repository model into models/repo (#17933)Lunny Xiao2021-12-1019-79/+94
| | | | | | | | | | | | | | | * Some refactors related repository model * Move more methods out of repository * Move repository into models/repo * Fix test * Fix test * some improvements * Remove unnecessary function
* Make Requests Processes and create process hierarchy. Associate ↵zeripath2021-11-301-1/+1
| | | | | | | | | OpenRepository with context. (#17125) This PR registers requests with the process manager and manages hierarchy within the processes. Git repos are then associated with a context, (usually the request's context) - with sub commands using this context as their base context. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move more model into models/user (#17826)Lunny Xiao2021-11-281-1/+1
| | | | | | | | * Move more model into models/user * Remove unnecessary comment Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Move accessmode into models/perm (#17828)Lunny Xiao2021-11-2812-26/+36
|
* Fix database inconsistent when admin change user email (#17549)Lunny Xiao2021-11-252-4/+14
|
* Move user related model into models/user (#17781)Lunny Xiao2021-11-2425-151/+173
| | | | | | | | | | | | | * Move user related model into models/user * Fix lint for windows * Fix windows lint * Fix windows lint * Move some tests in models * Merge
* Move repofiles from modules/repofiles to services/repository/files (#17774)Lunny Xiao2021-11-245-26/+25
| | | | | | | | | * Move repofiles from modules to services * rename services/repository/repofiles -> services/repository/files * Fix test Co-authored-by: 6543 <6543@obermui.de>
* Remove unnecessary attributes of User struct (#17745)Lunny Xiao2021-11-226-11/+18
| | | | | | | | | | | | | | | * Remove unnecessary functions of User struct * Move more database methods out of user struct * Move more database methods out of user struct * Fix template failure * Fix bug * Remove finished FIXME * remove unnecessary code
* Support pagination of organizations on user settings pages (#16083)Lunny Xiao2021-11-221-8/+13
| | | | | | * Add pagination for user setting orgs * Use FindOrgs instead of GetOrgsByUserID * Remove unnecessary functions and fix test * remove unnecessary code
* Make `bind` error more readable (#17750)Gusted2021-11-221-1/+2
| | | | | - Add the related fieldNames into the response JSON, such that the developer can figure out what's going on. - Related: https://github.com/go-gitea/gitea/issues/17126#issuecomment-937848295
* Fix close issue but time watcher still running (#17643)Lunny Xiao2021-11-211-2/+3
| | | | | | | | | | | | | * Fix close issue but time watcher still running * refactor stopwatch codes * Fix test * Fix test * Fix typo * Fix test
* Extract constant names out for the ReverseProxy and Basic authentication ↵zeripath2021-11-201-1/+1
| | | | | | | | | methods (#17735) In order to reduce load on the GC extract out the constant names of the Basic and ReverseProxy methods. As mentioned in https://github.com/go-gitea/gitea/pull/15119#discussion_r730352176 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Use `hostmatcher` to replace `matchlist`, improve security (#17605)wxiaoguang2021-11-201-3/+1
| | | | | Use hostmacher to replace matchlist. And we introduce a better DialContext to do a full host/IP check, otherwise the attackers can still bypass the allow/block list by a 302 redirection.
* Allow Token API calls be authorized using the reverse-proxy header (#15119)Paweł Bogusławski2021-11-191-3/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * API calls authorized with HTTP header This mod allows API calls to be authorized with HTTP header when ENABLE_REVERSE_PROXY_AUTHENTICATION is enabled. Without it user authenticated by reverse proxy is able to access gitea UI but not API which is inconsistent. Author-Change-Id: IB#1107572 * Fixed API calls authorized with HTTP header Only reqBasicAuth is modified to allow reverse proxy auth as alternative and reqToken is left untouched. Fixes: dc952c063206d11504085ddea966f121e796a04c Author-Change-Id: IB#1107572 * Reverse proxy API auth separated in docs Related: https://github.com/go-gitea/gitea/pull/15119#discussion_r621322127 Author-Change-Id: IB#1107572 * Reverse proxy API auth separated in docs Related: https://github.com/go-gitea/gitea/pull/15119#discussion_r621322127 Author-Change-Id: IB#1107572 * Reverse proxy API auth separated Related: https://github.com/go-gitea/gitea/pull/15119#discussion_r621322127 Author-Change-Id: IB#1107572 * ReverseProxyAuth removed from swagger ReverseProxyAuth removed from swagger as in upstream's suggestion. Related: https://github.com/go-gitea/gitea/pull/15119#pullrequestreview-692180940 Author-Change-Id: IB#1107572 * ReverseProxyAuth API authorization fixed Related: https://github.com/go-gitea/gitea/pull/15119#issuecomment-868465099 Author-Change-Id: IB#1107572 * ReverseProxyAuth API authorization fixed Related: https://github.com/go-gitea/gitea/pull/15119#issuecomment-868465099 Author-Change-Id: IB#1107572
* Move attachment into models/repo/ (#17650)Lunny Xiao2021-11-191-5/+6
| | | | | | | * Move attachment into models/repo/ * Fix test * Fix bug
* Use a standalone struct name for Organization (#17632)Lunny Xiao2021-11-1911-26/+27
| | | | | | | | | | | | | | | | | | | | | * Use a standalone struct name for Organization * recover unnecessary change * make the code readable * Fix template failure * Fix template failure * Move HasMemberWithUserID to org * Fix test * Remove unnecessary user type check * Fix test Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Move user/org deletion to services (#17673)KN4CK3R2021-11-192-2/+4
|
* Move some functions into services/repository (#17677)Lunny Xiao2021-11-171-2/+2
|
* A better go code formatter, and now `make fmt` can run in Windows (#17684)wxiaoguang2021-11-171-1/+2
| | | | * go build / format tools * re-format imports
* Move user follow and openid into models/user/ (#17613)Lunny Xiao2021-11-171-2/+3
| | | | | | | | | | | | | | | | | | | | | | | * Move UserRedirect into models/user/ * Fix lint & test * Fix lint * Fix lint * remove nolint comment * Fix lint * Move user follow and openid into models/user * Ignore the lint * Ignore the lint * Fix test * ignore stutters lint on UserOpenID
* Multiple Escaping Improvements (#17551)zeripath2021-11-163-8/+12
| | | | | | | | | | | | | | There are multiple places where Gitea does not properly escape URLs that it is building and there are multiple places where it builds urls when there is already a simpler function available to use this. This is an extensive PR attempting to fix these issues. 1. The first commit in this PR looks through all href, src and links in the Gitea codebase and has attempted to catch all the places where there is potentially incomplete escaping. 2. Whilst doing this we will prefer to use functions that create URLs over recreating them by hand. 3. All uses of strings should be directly escaped - even if they are not currently expected to contain escaping characters. The main benefit to doing this will be that we can consider relaxing the constraints on user names and reponames in future. 4. The next commit looks at escaping in the wiki and re-considers the urls that are used there. Using the improved escaping here wiki files containing '/'. (This implementation will currently still place all of the wiki files the root directory of the repo but this would not be difficult to change.) 5. The title generation in feeds is now properly escaped. 6. EscapePound is no longer needed - urls should be PathEscaped / QueryEscaped as necessary but then re-escaped with Escape when creating html with locales Signed-off-by: Andrew Thornton <art27@cantab.net> Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move migrations into services and base into modules/migration (#17663)Lunny Xiao2021-11-161-2/+2
| | | | | | | * Move migrtions into services and base into modules/migration * Fix imports * Fix lint
* Move some functions into services/repository (#17660)Lunny Xiao2021-11-162-5/+5
|
* Decouple unit test, remove intermediate `unittestbridge` package (#17662)wxiaoguang2021-11-162-8/+6
| | | Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Decouple unit test code from business code (#17623)wxiaoguang2021-11-123-5/+7
|
* Move EmailAddress & UserRedirect into models/user/ (#17607)Lunny Xiao2021-11-114-21/+24
| | | | | | | | | | | | | | | | | | | | | * Move EmailAddress into models/user/ * Fix test * rename user_mail to user_email * Fix test * Move UserRedirect into models/user/ * Fix lint & test * Fix lint * Fix lint * remove nolint comment * Fix lint
* Fix 500 when a comment was deleted which has a notification (#17550)Lunny Xiao2021-11-102-3/+3
| | | | | | | | | | * Fix 500 when a comment was deleted which has a notification * Tolerate missing Comment in other places too Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Move webhook into models/webhook/ (#17579)Lunny Xiao2021-11-104-69/+71
|
* Move unit into models/unit/ (#17576)Lunny Xiao2021-11-099-97/+105
| | | | | * Move unit into models/unit/ * Rename unit.UnitType as unit.Type
* Avoid double imports (#17569)Gusted2021-11-081-2/+1
| | | | | Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Ensure that restricted users can access repos for which they are members ↵zeripath2021-10-281-1/+1
| | | | | | | | | | | | | | | | | (#17460) There is a small bug in the way that repo access is checked in repoAssignment: Accessibility is checked by checking if the user has a marked access to the repository instead of checking if the user has any team granted access. This PR changes this permissions check to use HasAccess() which does the correct test. There is also a fix in the release api ListReleases where it should return draft releases if the user is a member of a team with write access to the releases. The PR also adds a testcase. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add API to get/edit wiki (#17278)qwerty2872021-10-254-0/+554
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add API to get/edit wiki * Add swagger docs, various improvements * fmt * Fix lint and rm comment * Add page parameter * Add pagination to pages * Add tests * fmt * Update func names * Update error handling * Update type name * Fix lint * Don't delete Home * Update func name * Update routers/api/v1/repo/wiki.go Co-authored-by: delvh <dev.lh@web.de> * Remove unnecessary check * Fix lint * Use English strings * Update integrations/api_wiki_test.go Co-authored-by: delvh <dev.lh@web.de> * Update func and test names * Remove unsed check and avoid duplicated error reports * Improve error handling * Return after error * Document 404 error * Update swagger * Fix lint * Apply suggestions from code review Co-authored-by: delvh <dev.lh@web.de> * Document file encoding * fmt * Apply suggestions * Use convert * Fix integration test * simplify permissions * unify duplicate key Title/Name * improve types & return UTC timestamps * improve types pt.2 - add WikiPageMetaData.LastCommit - add WikiPageMetaData.HTMLURL - replace WikiPageMetaData.Updated with .LastCommit.Committer.Created also delete convert.ToWikiPage(), as it received too many arguments and only had one callsite anyway. sorry for bad advice earlier 🙃 * WikiPage.Content is base64 encoded * simplify error handling in wikiContentsByName() * update swagger * fix & DRY findWikiRepoCommit() error handling ListWikiPages() previously wrote error twice when repo wiki didn't exist * rename Content -> ContentBase64 * Fix test * Fix tests * Update var name * suburl -> sub_url Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: Norwin <git@nroo.de> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Update documents for Gitea behind reverse proxy. Fix some small bugs (some ↵wxiaoguang2021-10-152-2/+2
| | | | | | | | | | | URLs are generated without sub-path) (#17320) * Apache `ProxyPassReverse` only works for Location, Content-Location and URI headers on HTTP redirect responses, it causes more problems than it resolves. Now all URLs generated by Gitee have the correct prefix AppSubURL. We do not need to set `ProxyPassReverse`. * fix url param * use AppSubURL instead of AppURL in api/v1 Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add buttons to allow loading of incomplete diffs (#16829)zeripath2021-10-151-3/+3
| | | | | | | | | | | | | | | | | This PR adds two buttons to the stats and the end of the diffs list to load the (some of) the remaining incomplete diff sections. Contains #16775 Signed-off-by: Andrew Thornton <art27@cantab.net> ## Screenshots ### Show more button at the end of the diff ![Screenshot from 2021-09-04 11-12-37](https://user-images.githubusercontent.com/1824502/132091009-b1f6113e-2c04-4be5-8a04-b8ecea56887b.png) ### Show more button at the end of the diff stats box ![Screenshot from 2021-09-04 11-14-54](https://user-images.githubusercontent.com/1824502/132091063-86da5a6d-6628-4b82-bea9-3655cd9f40f6.png)
* [API] Add endpount to get user org permissions (#17232)Romain2021-10-123-1/+82
| | | | | | | | | | | | * Add endpoint * Add swagger response + generate swagger * Stop execution if user / org is not found * Add tests Co-authored-by: 6543 <6543@obermui.de>
* API pull's head/base have correct permission (#17214)pricly-yellow2021-10-071-4/+4
| | | | | | | | | | close #17181 * for all pull requests API return permissions of caller * for all webhook return empty permissions Signed-off-by: Danila Kryukov <pricly_yellow@dismail.de> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: 6543 <6543@obermui.de>
* API: don't allow merged PRs to be reopened (#17192)Norwin2021-10-022-1/+14
| | | | | | | | | | | | * api: dont open merged PRs * don't change base branch when already merged * don't allow any state change * also validate opening merged PRs in EditIssue Co-authored-by: John Olheiser <john.olheiser@gmail.com> Co-authored-by: 6543 <6543@obermui.de>
* Add nodeinfo endpoint for federation purposes (#16953)techknowlogick2021-09-283-0/+64
| | | | | | | | | | | | | | | | Nodeinfo is a way to expose certain metadata about a server for use of discovery regarding functionality of its federation capabilities. Two endpoints are required: 1. `/.well-known/nodeinfo` which informs client where it can find the location of the location of its metadata (including which version of the schema is used) 2. the endpoint which exposes the metadata in json format according to schema. Notes: * `openRegistrations` is a required field, but I propose to set to false as default in case someone writes a crawler to discover "open" gitea instances * to limit data leakage I also propose to not include the `usage` field (note it is required so it should be included, but left as empty). More info: https://github.com/jhass/nodeinfo https://github.com/jhass/nodeinfo/tree/main/schemas/2.1 http://nodeinfo.diaspora.software/protocol.html
* Don't return binary file changes in raw PR diffs by default (#17158)Norwin2021-09-271-1/+7
| | | | | | | | * return diffs without binary file content change * ?binary=true option to restore old behaviour Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: zeripath <art27@cantab.net>
* Support direct comparison (git diff a..b) as well merge comparison (a...b) ↵zeripath2021-09-271-3/+3
| | | | | | | | | | | | (#16635) This PR changes the compare page to make the "..." in the between branches a clickable link. This changes the comparison type from "..." to "..". Similarly it makes the initial compare icon clickable to switch the head and base branches. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Move login related structs and functions to models/login (#17093)Lunny Xiao2021-09-247-21/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Move login related structs and functions to models/login * Fix test * Fix lint * Fix lint * Fix lint of windows * Fix lint * Fix test * Fix test * Only load necessary fixtures when preparing unit tests envs * Fix lint * Fix test * Fix test * Fix error log * Fix error log * Fix error log * remove unnecessary change * fix error log * merge main branch
* refactor: move from io/ioutil to io and os package (#17109)Eng Zer Jun2021-09-221-2/+2
| | | | | | | | | The io/ioutil package has been deprecated as of Go 1.16, see https://golang.org/doc/go1.16#ioutil. This commit replaces the existing io/ioutil functions with their new definitions in io and os packages. Signed-off-by: Eng Zer Jun <engzerjun@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Merge endpoints for pull diff/patch (#17104)qwerty2872021-09-222-40/+14
| | | this merges the two API endpoints for the PR diff/patch in to one
* Add API to get commit diff/patch (#17095)qwerty2872021-09-202-0/+51
| | | | | | * Add API to get commit diff/patch * Add Tests Co-authored-by: 6543 <6543@obermui.de>
* Move db related basic functions to models/db (#17075)Lunny Xiao2021-09-193-11/+13
| | | | | | | | | | | | | | | | | | | | | | | | | * Move db related basic functions to models/db * Fix lint * Fix lint * Fix test * Fix lint * Fix lint * revert unnecessary change * Fix test * Fix wrong replace string * Use *Context * Correct committer spelling and fix wrong replaced words Co-authored-by: zeripath <art27@cantab.net>
* OpenAPI: correct documentation of issue listing parameters (#17060)Norwin2021-09-171-5/+5
| | | | | | | | * correct documentation of issue listing parameters * make generate-swagger Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add caller to cat-file batch calls (#17082)zeripath2021-09-171-6/+8
| | | | | | | | Some people still appear to report unclosed cat-files. This PR simply adds the caller to the process descriptor for the CatFileBatch and CatFileBatchCheck calls. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Notifications API: respond with updated notifications (#17064)Norwin2021-09-173-12/+23
| | | | | | | | | * notifications api: return updated notifications in response * make generate-swagger * openapi fix Co-authored-by: zeripath <art27@cantab.net>
* Use common sessioner for API and Web (#17027)zeripath2021-09-121-13/+3
| | | | | | | | * Use common sessioner for API and Web Instead of creating separate sessioner and doubly initialising the provider just use the same sessioner for the API and Web routes. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Support unprotected file patterns (#16395)Jimmy Praet2021-09-111-0/+5
| | | | | | | Fixes #16381 Note that changes to unprotected files via the web editor still cannot be pushed directly to the protected branch. I could easily add such support for edits and deletes if needed. But for adding, uploading or renaming unprotected files, it is not trivial. * Extract & Move GetAffectedFiles to modules/git
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-28 17:26:29 +0000