aboutsummaryrefslogtreecommitdiffstats
path: root/routers/web/user
Commit message (Collapse)AuthorAgeFilesLines
* Fix disable 2fa bug (#32320)Lunny Xiao2024-10-231-3/+6
|
* Add `DISABLE_ORGANIZATIONS_PAGE` and `DISABLE_CODE_PAGE` settings for ↵Zettat1232024-10-221-22/+9
| | | | | | | | | | | | explore pages and fix an issue related to user search (#32288) These settings can allow users to only display the repositories explore page. Thanks to yp05327 and wxiaoguang ! --------- Co-authored-by: Giteabot <teabot@gitea.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Enhance USER_DISABLED_FEATURES to allow disabling change username or full ↵Zisu Zhang2024-10-051-1/+15
| | | | | | | | | | | | | | | name (#31959) Fix #31958 Enhanced `USER_DISABLED_FEATURES`(also `EXTERNAL_USER_DISABLE_FEATURES`) option in `[admin]` section. Added following values: - `change_username`: Disable change username - `change_full_name`: Disable change full name --- Progress: - [x] Update code - [x] Update translations
* Fix javascript error when an anonymous user visiting migration page (#32144)Lunny Xiao2024-10-021-53/+0
| | | | | | | | | | | | This PR fixes javascript errors when an anonymous user visits the migration page. It also makes task view checking more restrictive. The router moved from `/user/task/{id}/status` to `/username/reponame/-/migrate/status` because it's a migrate status. --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* bump to go 1.23 (#31855)techknowlogick2024-09-102-2/+2
|
* Remove urls from translations (#31950)Denys Konovalov2024-09-021-1/+1
| | | | | | | Part of #27700 Removes all URLs from translation strings to easy up changing them in the future and to exclude people injecting malicious URLs through translations. First measure as long as #24402 is out of scope.
* nix wording nit in todo code comment65432024-09-011-1/+1
|
* Fix sort order for organization home and user profile page (#31921)yp053272024-09-011-25/+5
| | | | | | | | | | | | | | | | | | | | | | Fix #31916 In #30876, `sortOrder` has been changed into a map, but it is only implemented in explore. ~~But it seems that size sort order has no effect from long long ago,~~ not directly caused by the PR above. I think it is still caused by #29231. In #29231, it merged the sort orders from `templates/explore/repo_search.tmpl` and `templates/admin/repo/search.tmpl`. In `templates/admin/repo/search.tmpl`, it contains size sort orders, but not in `templates/explore/repo_search.tmpl`, which is used in non-admin pages. So `order by size` is added from #29231, but the handler was not added. --------- Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add missing repository type filter parameters to pager (#31832)yp053272024-08-152-0/+30
| | | | | | | | | Fix #31807 ps: the newly added params's value will be changed. When the first time you selected the filter, the values of params will be `0` or `1` But in pager it will be `true` or `false`. So do we have `boolToInt` function?
* Hide the "Details" link of commit status when the user cannot access actions ↵Zettat1232024-07-282-0/+13
| | | | | | | | | | | | | | | (#30156) Fix #26685 If a commit status comes from Gitea Actions and the user cannot access the repo's actions unit (the user does not have the permission or the actions unit is disabled), a 404 page will occur after clicking the "Details" link. We should hide the "Details" link in this case. <img src="https://github.com/go-gitea/gitea/assets/15528715/68361714-b784-4bb5-baab-efde4221f466" width="400px" />
* add skip secondary authorization option for public oauth2 clients (#31454)Denys Konovalov2024-07-191-9/+11
|
* Allow disabling authentication related user features (#31535)Rowan Bohde2024-07-0911-0/+116
| | | | | | | | | | | | | | | | | | | | We have some instances that only allow using an external authentication source for authentication. In this case, users changing their email, password, or linked OpenID connections will not have any effect, and we'd like to prevent showing that to them to prevent confusion. Included in this are several changes to support this: * A new setting to disable user managed authentication credentials (email, password & OpenID connections) * A new setting to disable user managed MFA (2FA codes & WebAuthn) * Fix an issue where some templates had separate logic for determining if a feature was disabled since it didn't check the globally disabled features * Hide more user setting pages in the navbar when their settings aren't enabled --------- Co-authored-by: Kyle D <kdumontnu@gmail.com>
* Add Passkey login support (#31504)Anbraten2024-06-291-1/+3
| | | | | | | | | | | | | | | | closes #22015 After adding a passkey, you can now simply login with it directly by clicking `Sign in with a passkey`. ![Screenshot from 2024-06-26 12-18-17](https://github.com/go-gitea/gitea/assets/6918444/079013c0-ed70-481c-8497-4427344bcdfc) Note for testing. You need to run gitea using `https` to get the full passkeys experience. --------- Co-authored-by: silverwind <me@silverwind.io>
* Refactor names (#31405)wxiaoguang2024-06-196-19/+19
| | | | | | | This PR only does "renaming": * `Route` should be `Router` (and chi router is also called "router") * `Params` should be `PathParam` (to distingush it from URL query param, and to match `FormString`) * Use lower case for private functions to avoid exposing or abusing
* Remove sub-path from container registry realm (#31293)wxiaoguang2024-06-091-1/+7
| | | | Container registry requires that the "/v2" must be in the root, so the sub-path in AppURL should be removed
* Use repo as of renderctx's member rather than a repoPath on metas (#29222)Lunny Xiao2024-05-301-0/+1
| | | | Use a `gitrepo.Repository` in the markup's RenderContext but not store the repository's path.
* Initial support for colorblindness-friendly themes (#30625)wxiaoguang2024-04-241-1/+10
| | | | | | | Initial support for #25680 This PR only adds some simple styles from GitHub, it is big enough and it focuses on adding the necessary framework-level supports. More styles could be fine-tuned later.
* Clarify permission "HasAccess" behavior (#30585)wxiaoguang2024-04-201-2/+2
| | | | | | | | | | | | | | | Follow #30495 "HasAccess" behavior wasn't clear, to make it clear: * Use a new name `HasAnyUnitAccess`, it will be easier to review related code and permission problems. * Separate everyone access mode to a separate field, then all calls to HasAccess are reverted to old behavior before #30495. * Add new tests. --------- Co-authored-by: Giteabot <teabot@gitea.io>
* Expose fuzzy search for issues/pulls (#29701)65432024-04-181-2/+10
| | | | | | | | close #29685 --------- Signed-off-by: 6543 <6543@obermui.de> Co-authored-by: silverwind <me@silverwind.io>
* Clean up log messages (#30313)wxiaoguang2024-04-071-1/+0
| | | | | | `log.Xxx("%v")` is not ideal, this PR adds necessary context messages. Remove some unnecessary logs. Co-authored-by: Giteabot <teabot@gitea.io>
* Add setting to disable user features when user login type is not plain (#29615)Jack Hay2024-03-292-8/+9
| | | | | | | | | ## Changes - Adds setting `EXTERNAL_USER_DISABLE_FEATURES` to disable any supported user features when login type is not plain - In general, this is necessary for SSO implementations to avoid inconsistencies between the external account management and the linked account - Adds helper functions to encourage correct use
* Refactor StringsToInt64s (#29967)wxiaoguang2024-03-212-7/+3
| | | And close #27176
* Performance improvements for pull request list page (#29900)Lunny Xiao2024-03-211-0/+6
| | | | | | | | | | | This PR will avoid load pullrequest.Issue twice in pull request list page. It will reduce x times database queries for those WIP pull requests. Partially fix #29585 --------- Co-authored-by: Giteabot <teabot@gitea.io>
* Remove AddParamIfExist(AddParam) (#29841)wxiaoguang2024-03-165-20/+20
| | | | | | Follow #29834 Remove AddParamIfExist, use "AddParamString" instead, it should clearly know what is being added into the parameters.
* Refactor code_indexer to use an SearchOptions struct for PerformSearch (#29724)65432024-03-161-1/+11
| | | | | | | | similar to how it's already done for the issue_indexer --- *Sponsored by Kithara Software GmbH*
* Refactor AddParam to AddParamIfExist (#29834)wxiaoguang2024-03-165-20/+20
| | | | | | | When read the code: `pager.AddParam(ctx, "search", "search")`, the question always comes: What is it doing? Where is the value from? Why "search" / "search" ? Now it is clear: `pager.AddParamIfExist("search", ctx.Data["search"])`
* Unify search boxes (#29530)Denys Konovalov2024-03-141-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Unify all but a few search boxes to use uniform style, uniform translations and shared templates where possible. Remove a few duplicated search templates, e. g. code search. <details><summary>Example after screenshots:</summary> ![grafik](https://github.com/go-gitea/gitea/assets/47871822/e20e7d6b-c6be-4a47-b132-672766f41421) ![grafik](https://github.com/go-gitea/gitea/assets/47871822/d5b11b9c-c12f-4a29-8fb0-24e5aa511d18) ![grafik](https://github.com/go-gitea/gitea/assets/47871822/d86bb444-36c7-426d-9cf1-c634963dffb1) ![grafik](https://github.com/go-gitea/gitea/assets/47871822/a76c0319-0518-484a-a840-563d02b61198) </details> Also includes #29700 Co-authored-by: 6543 <6543@obermui.de> --------- Co-authored-by: 6543 <m.huber@kithara.com> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Giteabot <teabot@gitea.io>
* Refactor to use optional.Option for issue index search option (#29739)65432024-03-131-10/+10
| | | Signed-off-by: 6543 <6543@obermui.de>
* Fix user router possbile panic (#29751)Lunny Xiao2024-03-131-2/+5
| | | regression from #28023
* Patch in exact search for meilisearch (#29671)65432024-03-091-2/+2
| | | | | | | | | | | | | | | | | | | meilisearch does not have an search option to contorl fuzzynes per query right now: - https://github.com/meilisearch/meilisearch/issues/1192 - https://github.com/orgs/meilisearch/discussions/377 - https://github.com/meilisearch/meilisearch/discussions/1096 so we have to create a workaround by post-filter the search result in gitea until this is addressed. For future works I added an option in backend only atm, to enable fuzzynes for issue indexer too. And also refactored the code so the fuzzy option is equal in logic to code indexer --- *Sponsored by Kithara Software GmbH*
* Fix 500 when deleting account with incorrect password or unsupported login ↵Lunny Xiao2024-03-081-2/+17
| | | | | | | | | type (#29579) Fix #26210 --------- Co-authored-by: Jason Song <i@wolfogre.com>
* Move some asymkey functions to service layer (#28894)Lunny Xiao2024-03-041-1/+1
| | | | After the moving, all models will not depend on `util.Rename` so that I can do next step refactoring.
* Add user blocking (#29028)KN4CK3R2024-03-042-1/+39
| | | | | | | | | | | | | | | | | | | | | | Fixes #17453 This PR adds the abbility to block a user from a personal account or organization to restrict how the blocked user can interact with the blocker. The docs explain what's the consequence of blocking a user. Screenshots: ![grafik](https://github.com/go-gitea/gitea/assets/1666336/4ed884f3-e06a-4862-afd3-3b8aa2488dc6) ![grafik](https://github.com/go-gitea/gitea/assets/1666336/ae6d4981-f252-4f50-a429-04f0f9f1cdf1) ![grafik](https://github.com/go-gitea/gitea/assets/1666336/ca153599-5b0f-4b4a-90fe-18bdfd6f0b6b) --------- Co-authored-by: Lauris BH <lauris@nix.lv>
* Allow options to disable user ssh keys configuration from the interface on ↵Lunny Xiao2024-03-041-0/+16
| | | | | | | | | | | app.ini (#29447) Follow #29275 Extract from #20549 Fix #24716 --------- Co-authored-by: delvh <dev.lh@web.de>
* Add an trailing slash to dashboard links (#29555)wxiaoguang2024-03-041-0/+17
| | | Fix #29533, and add some tests for "base/paginate.tmpl"
* Filter Repositories by type (#29231)Tim-Niclas Oelschläger2024-03-032-0/+50
| | | | | | | | | | | | | Filter Repositories by type (resolves #1170, #1318) before: ![image](https://github.com/go-gitea/gitea/assets/72873130/74e6be62-9010-4ab4-8f9b-bd8afbebb8fb) after: ![image](https://github.com/go-gitea/gitea/assets/72873130/e4d85ed6-7864-4150-8d72-5194dac1293f)
* Fix incorrect relative/absolute URL usages (#29531)wxiaoguang2024-03-021-1/+1
| | | | Add two "HTMLURL" methods for PackageDescriptor. And rename "FullWebLink" to "VersionWebLink"
* remove util.OptionalBool and related functions (#29513)65432024-03-024-25/+24
| | | | | | and migrate affected code _last refactoring bits to replace **util.OptionalBool** with **optional.Option[bool]**_
* Allow options to disable user gpg keys configuration from the interface on ↵Lunny Xiao2024-03-021-0/+10
| | | | | | | | app.ini (#29486) Follow #29447 Fix #29454 Extract from #20549
* migrate some more "OptionalBool" to "Option[bool]" (#29479)65432024-02-294-10/+12
| | | | | | | | just some refactoring bits towards replacing **util.OptionalBool** with **optional.Option[bool]** --------- Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Let ctx.FormOptionalBool() return optional.Option[bool] (#29461)65432024-02-281-1/+2
| | | | just some refactoring bits towards replacing **util.OptionalBool** with **optional.Option[bool]**
* Allow to change primary email before account activation (#29412)wxiaoguang2024-02-271-2/+2
|
* Move context from modules to services (#29440)Lunny Xiao2024-02-2725-29/+28
| | | | | | | | | | | | | | | Since `modules/context` has to depend on `models` and many other packages, it should be moved from `modules/context` to `services/context` according to design principles. There is no logic code change on this PR, only move packages. - Move `code.gitea.io/gitea/modules/context` to `code.gitea.io/gitea/services/context` - Move `code.gitea.io/gitea/modules/contexttest` to `code.gitea.io/gitea/services/contexttest` because of depending on context - Move `code.gitea.io/gitea/modules/upload` to `code.gitea.io/gitea/services/context/upload` because of depending on context
* Allow options to disable user deletion from the interface on app.ini (#29275)Lunny Xiao2024-02-231-0/+6
| | | | | | | | | | | | | Extract from #20549 This PR added a new option on app.ini `[admin]USER_DISABLED_FEATURES` to allow the site administrator to disable users visiting deletion user interface or allow. This options are also potentially allowed to define more features in future PRs. --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Unify organizations header (#29248)Tim-Nicas Oelschläger2024-02-231-0/+1
| | | | | | | | | | | | | | | Unify organizations header before: ![image](https://github.com/go-gitea/gitea/assets/72873130/74474e0d-33c3-4bbf-9324-d130ea2c62f8) after: ![image](https://github.com/go-gitea/gitea/assets/72873130/1c65de0d-fa0f-4b17-ab8d-067de8c7113b) --------- Co-authored-by: silverwind <me@silverwind.io>
* Fix missing template for follow button in organization (#29215)Yarden Shoham2024-02-171-1/+1
| | | | | | | | | | | | | | | Leftover from https://github.com/go-gitea/gitea/pull/29005 # Before ![before](https://github.com/go-gitea/gitea/assets/20454870/24c74278-ccac-4dc6-bf26-713e90c07239) # After ![after](https://github.com/go-gitea/gitea/assets/20454870/f91d503b-87d4-4c17-a56c-9c0a81fd9082) --------- Signed-off-by: Yarden Shoham <git@yardenshoham.com>
* Fix broken following organization (#29005)yp053272024-02-171-2/+12
| | | | - following organization is broken from #28908 - add login check for the follow button in organization profile page
* Refactor locale&string&template related code (#29165)wxiaoguang2024-02-143-5/+5
| | | | | | Clarify when "string" should be used (and be escaped), and when "template.HTML" should be used (no need to escape) And help PRs like #29059 , to render the error messages correctly.
* bump to use go 1.22 (#29119)techknowlogick2024-02-141-4/+4
|
* Unify user update methods (#28733)KN4CK3R2024-02-042-101/+87
| | | | | | | | | | | Fixes #28660 Fixes an admin api bug related to `user.LoginSource` Fixed `/user/emails` response not identical to GitHub api This PR unifies the user update methods. The goal is to keep the logic only at one place (having audit logs in mind). For example, do the password checks only in one method not everywhere a password is updated. After that PR is merged, the user creation should be next.