summaryrefslogtreecommitdiffstats
path: root/routers/user
Commit message (Collapse)AuthorAgeFilesLines
* When must change password only show Signout (#11600) (#11637)guillep2k2020-05-271-0/+1
| | | | | | | | | | | | | | When "Must Change Password" simplify the navbar header to only show the signout button as all other links will redirect back. This prevents the notifications icon from showing preventing initialization of the event-source and hence preventing redirect_to being set, however in addition do not set the redirect_to cookie if we are looking at the /user/events page. Fix #11554 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
* Whenever the ctx.Session is updated, release it to save it before sending ↵zeripath2020-05-175-100/+163
| | | | | | | the redirect (#11456) Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv>
* Forcibly clean and destroy the session on logout (#11447)zeripath2020-05-171-5/+2
| | | | | Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Fix ref links in issue overviews for tags (#8742)Sijmen Schoon2020-05-141-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Properly generate ref URLs Tags used to not generate correct URLs (src/branch/tags/1.0.0 instead of src/tags/1.0.0). Also cleans up some code around it with the created helper functions. * Fix formatting and create migration * Add copyright head to utils_test * Use a raw query for the ref migration * Remove semicolon * Quote column and table names in migration SQL * Change || to CONCAT, since MSSQL does not support || * Make migration engine aware * Add missing import * Move ref EndName and URL to the issue service * Fix tests * Add test for commit refs * Update issue.go * Use the right command for building JavaScript bundles * Prepare for merge * Check for refs/* before prepending in migration * Update services/issue/issue_test.go * Update modules/git/utils_test.go Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: techknowlogick <matti@mdranta.net>
* Refactor Milestone related (#11225)65432020-05-121-3/+3
|
* ui: Replenish the missing ‘PageIsSignUp’ in sign up view (#11390)赵智超2020-05-121-0/+2
| | | Signed-off-by: a1012112796 <1012112796@qq.com>
* Add EventSource support (#11235)zeripath2020-05-071-2/+10
| | | | | | If the browser supports EventSource switch to use this instead of polling notifications. Signed-off-by: Andrew Thornton art27@cantab.net
* Refactor UpdateOAuth2Application (#11034)65432020-04-301-6/+2
| | | | | Following on from #11008 refactor UpdateOAuth2Application
* Don't allow registration via the web form, when ↵n0emis2020-04-291-2/+3
| | | | | | | AllowOnlyExternalRegistration is True (#11248) * Don't allow registration via the web form, when AllowOnlyExternalRegistration is True * Show Disabled Registration message if DisableRegistration or AllowOnlyExternalRegistration options are true
* On logout redirect to start page and clear redirect cookie (#11202)colorfulberry2020-04-251-0/+1
| | | | | when one user logout should clear redirect to value, otherwise switch the account will occur error. Co-authored-by: Lauris BH <lauris@nix.lv>
* Use AJAX for notifications table (#10961)zeripath2020-04-241-17/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Use AJAX for notifications table Signed-off-by: Andrew Thornton <art27@cantab.net> * move to separate js Signed-off-by: Andrew Thornton <art27@cantab.net> * placate golangci-lint Signed-off-by: Andrew Thornton <art27@cantab.net> * Add autoupdating notification count Signed-off-by: Andrew Thornton <art27@cantab.net> * Fix wipeall Signed-off-by: Andrew Thornton <art27@cantab.net> * placate tests Signed-off-by: Andrew Thornton <art27@cantab.net> * Try hidden Signed-off-by: Andrew Thornton <art27@cantab.net> * Try hide and hidden Signed-off-by: Andrew Thornton <art27@cantab.net> * More auto-update improvements Only run checker on pages that have a count Change starting checker to 10s with a back-off to 60s if there is no change Signed-off-by: Andrew Thornton <art27@cantab.net> * string comparison! Signed-off-by: Andrew Thornton <art27@cantab.net> * as per @silverwind Signed-off-by: Andrew Thornton <art27@cantab.net> * add configurability as per @6543 Signed-off-by: Andrew Thornton <art27@cantab.net> * Add documentation as per @6543 Signed-off-by: Andrew Thornton <art27@cantab.net> * Use CSRF header not query Signed-off-by: Andrew Thornton <art27@cantab.net> * Further JS improvements Fix @etzelia update notification table request Fix @silverwind comments Co-Authored-By: silverwind <me@silverwind.io> Signed-off-by: Andrew Thornton <art27@cantab.net> * Simplify the notification count fns Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: silverwind <me@silverwind.io>
* Add option to increase provided OAuth2 token maximum size (#11180)zeripath2020-04-231-0/+4
| | | | | | | | | | | | | | | | | | | Some OAuth2 providers return quite large structured tokens >32767 bytes. Gitea currently has a fixed maximum of 32767 bytes for these and unfortunately due to the convoluted nature of the dependent libraries the error returned is rather opaque. Here we manage the error a little better - detecting the rather opaque github.com/gorilla/securecookie.errEncodedValueTooLong and converting it to a more readable error. Further we provide a configurable option to increase the maximum size of the provided OAuth2 tokens. Fix #9907 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Reject duplicate AccessToken names (#10994)65432020-04-131-0/+12
| | | | | | | | | | | | | | | | | | | * make sure duplicate token names cannot be used * add check to api routes too * add @lunny s suggestion * fix & don't forget User.ID * AccessTokenByNameExists() return error too * unique token for each test * fix lint Signed-off-by: 6543 <6543@obermui.de> Co-authored-by: Lanre Adelowo <yo@lanre.wtf>
* remove package code.gitea.io/gitea/modules/git import out of models (#11025)65432020-04-101-1/+2
|
* ui:Add flash notify for email preference seting success (#11027)赵智超2020-04-091-0/+1
| | | | | | | | | | | | | * Add flash notify for email preference seting success Signed-off-by: a1012112796 <1012112796@qq.com> * add review suggest changes Co-authored-by: Lauris BH <lauris@nix.lv> Co-Authored-By: Lauris BH <lauris@nix.lv> Co-authored-by: Lauris BH <lauris@nix.lv>
* add request review from specific reviewers feature in pull request (#10756)赵智超2020-04-061-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add request review feature in pull request add a way to notify specific reviewers to review like github , by add or delet a special type review . The acton is is similar to Assign , so many code reuse the function and items of Assignee, but the meaning and result is different. The Permission style is is similar to github, that only writer can add a review request from Reviewers, but the poster can recall and remove a review request after a reviwer has revied even if he don't have Write Premission. only manager , the poster and reviewer of a request review can remove it. The reviewers can be requested to review contain all readers for private repo , for public, contain all writers and watchers. The offical Review Request will block merge if Reject can block it. an other change: add ui otify for Assignees. Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com> Co-authored-by: Lauris BH <lauris@nix.lv> Signed-off-by: a1012112796 <1012112796@qq.com> * new change * add placeholder string * do some changes follow #10238 to add review requests num on lists also change icon for review requests to eye Co-authored-by: Lauris BH <lauris@nix.lv>
* Fix milestones too many SQL variables bug (#10880)Lunny Xiao2020-03-312-84/+63
| | | | | | | | | * Fix milestones too many SQL variables bug * Fix test * Don't display repositories with no milestone and fix tests * Remove unused code and add some comments
* Protect against NPEs in notifications list (#10879)zeripath2020-03-291-3/+18
| | | | | | | | | | | | Unfortunately there appears to be potential race with notifications being set before the associated issue has been committed. This PR adds protection in to the notifications list to log any failures and remove these notifications from the display. References #10815 - and prevents the panic but does not completely fix this. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Use ErrKeyUnableToVerify if fail to calc fingerprint in ssh-keygen (#10863)zeripath2020-03-281-0/+3
| | | | | | | | | * Use ErrKeyUnableToVerify if fail to calc fingerprint in ssh-keygen Fix #3985 Signed-off-by: Andrew Thornton <art27@cantab.net> * Pass up the unable to verify
* make avatar lookup occur at image request (#10540)zeripath2020-03-271-0/+25
| | | | | | | | | | | | | speed up page generation by making avatar lookup occur at the browser not at page generation * Protect against evil email address ".." * hash the complete email address Signed-off-by: Andrew Thornton <art27@cantab.net> Co-Authored-By: Lauris BH <lauris@nix.lv>
* Add Approval Counts to pulls list (#10238)zeripath2020-03-061-0/+22
| | | | | | | | | * Add Approval Counts to pulls list Add simple approvals counts to pulls lists * Remove non-official counts * Add PR features to milestone_issues.tmpl
* Admin page for managing user e-mail activation (#10557)guillep2k2020-03-022-2/+70
| | | | | | | | | | | | | | | | | | | | | | | | * Implement mail activation admin panel * Add export comments * Fix another export comment * again... * And again! * Apply suggestions by @lunny * Add UI for user activated emails * Make new activation UI work * Fix lint * Prevent admin from self-deactivate; add modal Co-authored-by: zeripath <art27@cantab.net>
* Fix 404 after activating secondary email (#10547)Andreas Shimokawa2020-02-291-1/+1
|
* issue search on my related repositories (#9758)Brad Albright2020-02-291-26/+90
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * adding search capability to user's issues dashboard * global issue search * placement of search bar on issues dashboard * fixed some bugs in the issue dashboard search * added unit test because IssueIDs option was added to UserIssueStatsOptions * some renaming of fields in the issue dashboard code to be more clear; also trying to fix issue of searching the right repos based on the filter * added unit test fro GetRepoIDsForIssuesOptions; fixed search lost on pagination; using shown issue status for open/close count; removed some debugging * fix issue with all count showing incorrectly * removed todo comment left in by mistake * typo pulling wrong count * fxied all count being off when selecting repositories * setting the opts.IsClosed after pulling repos to search, this is done so that the list of repo ids to serach for the keyword is not limited, we need to get all the issue ids for the shown issue stats * added "accessibleRepositoryCondition" check on the query to pull the repo ids to search for issues, this is an added protection to ensure we don't search repos the user does not have access to * added code so that in the issues search, we won't use an in clause of issues ids that goes over 1000 * fixed unit test * using 950 as the limit for issue search, removed unneeded group by in GetRepoIDsForIssuesOptions, showing search on pulls dashboard page too (not just issues) Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Various fixes in login sources (#10428)guillep2k2020-02-233-0/+11
|
* Language statistics bar for repositories (#8037)Lauris BH2020-02-111-1/+0
| | | | | | | | | | | | | | | | | | * Implementation for calculating language statistics Impement saving code language statistics to database Implement rendering langauge stats Add primary laguage to show in repository list Implement repository stats indexer queue Add indexer test Refactor to use queue module * Do not timeout for queues
* Fix followers and following tabs in profile (#10202)Lauris BH2020-02-091-32/+24
|
* working part of #9998 (#10114)65432020-02-031-2/+6
| | | | Co-authored-by: zeripath <art27@cantab.net>
* API add/generalize pagination (#9452)SpaWn2KiLl2020-01-246-12/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * paginate results * fixed deadlock * prevented breaking change * updated swagger * go fmt * fixed find topic * go mod tidy * go mod vendor with go1.13.5 * fixed repo find topics * fixed unit test * added Limit method to Engine struct; use engine variable when provided; fixed gitignore * use ItemsPerPage for default pagesize; fix GetWatchers, getOrgUsersByOrgID and GetStargazers; fix GetAllCommits headers; reverted some changed behaviors * set Page value on Home route * improved memory allocations * fixed response headers * removed logfiles * fixed import order * import order * improved swagger * added function to get models.ListOptions from context * removed pagesize diff on unit test * fixed imports * removed unnecessary struct field * fixed go fmt * scoped PR * code improvements * code improvements * go mod tidy * fixed import order * fixed commit statuses session * fixed files headers * fixed headers; added pagination for notifications * go mod tidy * go fmt * removed Private from user search options; added setting.UI.IssuePagingNum as default valeu on repo's issues list * Apply suggestions from code review Co-Authored-By: 6543 <6543@obermui.de> Co-Authored-By: zeripath <art27@cantab.net> * fixed build error * CI.restart() * fixed merge conflicts resolve * fixed conflicts resolve * improved FindTrackedTimesOptions.ToOptions() method * added backwards compatibility on ListReleases request; fixed issue tracked time ToSession * fixed build error; fixed swagger template * fixed swagger template * fixed ListReleases backwards compatibility * added page to user search route Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net>
* Ensure that 2fa is checked on reset-password (#9857)zeripath2020-01-191-8/+75
| | | | | | | | | | | | * Ensure that 2fa is checked on reset-password * Apply suggestions from code review Co-Authored-By: Lauris BH <lauris@nix.lv> * Properly manage scratch_code regeneration Co-authored-by: Lauris BH <lauris@nix.lv>
* Improve notification pager (#9821)Lunny Xiao2020-01-171-8/+14
| | | | Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
* Add setting to set default and global disabled repository units. (#8788)David Svantesson2020-01-171-0/+18
| | | | | | | | | | | | | | | | | | * Add possibility to global disable repo units. * Add Default Repo Unit app.ini setting. * Hide units * Hide disabled repo units * Minor fixes * Indicate disabled units in team settings. Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: zeripath <art27@cantab.net>
* Restricted users (#6274)Manush Dodunekov2020-01-132-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Restricted users (#4334): initial implementation * Add User.IsRestricted & UI to edit it * Pass user object instead of user id to places where IsRestricted flag matters * Restricted users: maintain access rows for all referenced repos (incl public) * Take logged in user & IsRestricted flag into account in org/repo listings, searches and accesses * Add basic repo access tests for restricted users Signed-off-by: Manush Dodunekov <manush@stendahls.se> * Mention restricted users in the faq Signed-off-by: Manush Dodunekov <manush@stendahls.se> * Revert unnecessary change `.isUserPartOfOrg` -> `.IsUserPartOfOrg` Signed-off-by: Manush Dodunekov <manush@stendahls.se> * Remove unnecessary `org.IsOrganization()` call Signed-off-by: Manush Dodunekov <manush@stendahls.se> * Revert to an `int64` keyed `accessMap` * Add type `userAccess` * Add convenience func updateUserAccess() * Turn accessMap into a `map[int64]userAccess` Signed-off-by: Manush Dodunekov <manush@stendahls.se> * or even better: `map[int64]*userAccess` * updateUserAccess(): use tighter syntax as suggested by lafriks * even tighter * Avoid extra loop * Don't disclose limited orgs to unauthenticated users * Don't assume block only applies to orgs * Use an array of `VisibleType` for filtering * fix yet another thinko * Ok - no need for u * Revert "Ok - no need for u" This reverts commit 5c3e886aabd5acd997a3b35687d322439732c200. Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com> Co-authored-by: Lauris BH <lauris@nix.lv>
* Fix access issues on milestone and issue overview pages. (#9603)David Svantesson2020-01-041-45/+35
| | | | | | * Fix access issues on milestone and issue overview pages. * Fix filter algorithm
* Only serve attachments when linked to issue/release and if accessible by ↵Antoine GIRARD2020-01-051-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | user (#9340) * test: add current attachement responses * refactor: check if attachement is linked and accessible by user * chore: clean TODO * fix: typo attachement -> attachment * revert un-needed go.sum change * refactor: move models logic to models * fix TestCreateIssueAttachment which was wrongly successful * fix unit tests with unittype added * fix unit tests with changes * use a valid uuid format for pgsql int. test * test: add unit test TestLinkedRepository * refactor: allow uploader to access unlinked attachement * add missing blank line * refactor: move to a separate function repo.GetAttachment * typo * test: remove err test return * refactor: use repo perm for access checking generally + 404 for all reject
* Fix error logged when repos qs is empty (#9591)guillep2k2020-01-031-12/+14
| | | | | | | | | | | * Fix error logged when repos qs is empty * Update routers/user/home.go Co-Authored-By: Lauris BH <lauris@nix.lv> Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: Lauris BH <lauris@nix.lv>
* [BugFix] use default avatar for ghost user (fix 500 error) (#9536)65432019-12-291-7/+13
| | | | | | | | | | | | | | | | | | | | | | | | * remove since it is there for 3years * fix 500 error for ghost avatar * dont insert "-1" in any case to issue.poster_id * fix lint * Test: ghost avatar link * fix test * Revert "remove since it is there for 3years" This reverts commit fd9ad05159c84ba804b126d2a959963d82578b22. * Revert "dont insert "-1" in any case to issue.poster_id" This reverts commit 05469ab6d815a6cc6478a256018b9ed1a12749e0. Co-authored-by: zeripath <art27@cantab.net>
* Fix cache problem on dashboard (#9358)Lunny Xiao2019-12-151-0/+2
|
* Add /milestones endpoint (#8733)Brad Albright2019-12-152-3/+229
| | | | | Create a /milestones endpoint which basically serves as a dashboard view for milestones, very similar to the /issues or /pulls page. Closes #8232
* site admin could view org's members (#9346)Lunny Xiao2019-12-142-116/+2
|
* Only show part of members on orgnization dashboard and add paging for ↵Lunny Xiao2019-12-061-3/+26
| | | | | | | | | | orgnization members page (#9092) * Only show part of members on orgnization dashboard and add paging for orgnization members page * fix test * fix typo
* Fix Dashboard Issues/PR list (#9235)65432019-12-031-17/+25
| | | | | | * fix it * revert suggestion part
* Fix active issue (#9238)John Olheiser2019-12-031-3/+3
| | | Signed-off-by: jolheiser <john.olheiser@gmail.com>
* [UI] IssuePage multi repo select (#8741)65432019-12-011-52/+63
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Make repository list @ issues/PR page persist Will partially fix #6355 * Enable multiple selections in repo list @ issues/PR page Part of issue #6355 * Add RepoIDs to UserIssueStatsOptions to make "type" count correct when selecting one/multiple repos. * Replace variable "repo" with list "repos[]" and enable multiple selections of repositories from list by including/excluding RepoIDs in list. * * Remove redundant code * Add 'All' button Improves functionality of the page, so that backtracking is not necessary to reset the page * Remove redundant variable Completely replace 'RepoID' with 'RepoIDs' and remove redundant code * Add RepoIDs to label link * Revert part of code to previous version to troubleshoot build failure * Implement old and new pieces of code whilst adhering to multi select * Attempt to join the two versions Last commit passed tests but doesn't work in practice, this works in practice and hopefully passes the tests. * Update tests to desired state * Fix pagination implementation and tests * Pass repoIDs as `repos=[1,2,3...]` instead of several `repos[]=..` * Update tests file to reflect new functionality * Update template with new `repos` format * Implement new solution to show constant "total issues" count for "All" button * Correct behavior when passing zero to array * Comment out test url returning 404 This keeps returning 404 in the test despite working in practice, for the sake of running more tests I am commenting it out * Comment out another test url returning 404 Last attempt, if more tests crash I will uncomment the urls and request assistance. * Reenable tests and test fix * Re-enable tests * Make selecting "In your repositories" reset selection as passing IDs of repos belonging to other profiles causes breakage * Remove unnecessary (with multi-selection enable) code * Drop repo from repo map and total count if permission denied * Remove extra parenthesis * make template work again * find bug! * forgot the '#' at bugfixing * delete unused RepoID * compile regex only one time * make fmt * local variable = capital letter lower * check if repos query pattern is correct * pagination remove last , - make regex work again * use Replace instead of ReplaceAll; del delete * fix test * how did this test binary got in?!? dont forgot the "-p" at git add * ! * dont replace -> cut fisrt & last string Co-Authored-By: zeripath <art27@cantab.net> * jet another regex dont mind as long as it has the same result and is performatn ... Co-Authored-By: zeripath <art27@cantab.net> * dont use nonexisting repo for test * exclude /issues?type=created_by from test * add table to querys use same syntax in each query (table.colum) * add new issue for test * dont make a workaround or something else this need a refactor itself and is out of scope for this PR * fix misspell * CI.redo() * englisch txt update Co-Authored-By: zeripath <art27@cantab.net> * add sugestions * Tweak & Fix * CI.restart()
* update #9066 Always show Password field on link account sign in page (#9147)Benno2019-11-241-0/+1
|
* Add single sign-on support via SSPI on Windows (#8463)QuaSoft2019-11-231-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add single sign-on support via SSPI on Windows * Ensure plugins implement interface * Ensure plugins implement interface * Move functions used only by the SSPI auth method to sspi_windows.go * Field SSPISeparatorReplacement of AuthenticationForm should not be required via binding, as binding will insist the field is non-empty even if another login type is selected * Fix breaking of oauth authentication on download links. Do not create new session with SSPI authentication on download links. * Update documentation for the new 'SPNEGO with SSPI' login source * Mention in documentation that ROOT_URL should contain the FQDN of the server * Make sure that Contexter is not checking for active login sources when the ORM engine is not initialized (eg. when installing) * Always initialize and free SSO methods, even if they are not enabled, as a method can be activated while the app is running (from Authentication sources) * Add option in SSPIConfig for removing of domains from logon names * Update helper text for StripDomainNames option * Make sure handleSignIn() is called after a new user object is created by SSPI auth method * Remove default value from text of form field helper Co-Authored-By: Lauris BH <lauris@nix.lv> * Remove default value from text of form field helper Co-Authored-By: Lauris BH <lauris@nix.lv> * Remove default value from text of form field helper Co-Authored-By: Lauris BH <lauris@nix.lv> * Only make a query to the DB to check if SSPI is enabled on handlers that need that information for templates * Remove code duplication * Log errors in ActiveLoginSources Co-Authored-By: Lauris BH <lauris@nix.lv> * Revert suffix of randomly generated E-mails for Reverse proxy authentication Co-Authored-By: Lauris BH <lauris@nix.lv> * Revert unneeded white-space change in template Co-Authored-By: Lauris BH <lauris@nix.lv> * Add copyright comments at the top of new files * Use loopback name for randomly generated emails * Add locale tag for the SSPISeparatorReplacement field with proper casing * Revert casing of SSPISeparatorReplacement field in locale file, moving it up, next to other form fields * Update docs/content/doc/features/authentication.en-us.md Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * Remove Priority() method and define the order in which SSO auth methods should be executed in one place * Log authenticated username only if it's not empty * Rephrase helper text for automatic creation of users * Return error if more than one active SSPI auth source is found * Change newUser() function to return error, letting caller log/handle the error * Move isPublicResource, isPublicPage and handleSignIn functions outside SSPI auth method to allow other SSO methods to reuse them if needed * Refactor initialization of the list containing SSO auth methods * Validate SSPI settings on POST * Change SSPI to only perform authentication on its own login page, API paths and download links. Leave Toggle middleware to redirect non authenticated users to login page * Make 'Default language' in SSPI config empty, unless changed by admin * Show error if admin tries to add a second authentication source of type SSPI * Simplify declaration of global variable * Rebuild gitgraph.js on Linux * Make sure config values containing only whitespace are not accepted
* Add password requirement info on error (#9074)guillep2k2019-11-193-4/+4
| | | | | | | | | | | | | | * Add password requirement info on error * Move BuildComplexityError to the password pkg * Unexport complexity type * Fix extra line * Update modules/password/password.go Co-Authored-By: Lauris BH <lauris@nix.lv>
* Improve notification (#8835)Lunny Xiao2019-11-121-0/+19
| | | | | | | | | | | | | | | | | | | | * Improve notifications * batch load user * Update notification only when read * Fix reorder * fix lint * fix test * fix lint * make function meaningful * fix comment
* Fix require external registration password (#8885)guillep2k2019-11-091-3/+3
| | | | | | * Fix require external registration password * Fix ctx on error condition by @jolheiser
* Fix password complexity check on registration (#8887)guillep2k2019-11-091-0/+5
| | | | | | * Fix registration password complexity * Fix integration to use a complex password ;)