summaryrefslogtreecommitdiffstats
path: root/routers/web
Commit message (Collapse)AuthorAgeFilesLines
* Fix sort order for organization home and user profile page (#31921) (#31922)yp053272024-09-022-0/+8
| | | Backport #31921
* Fix search team (#31923) (#31942)Giteabot2024-08-301-1/+6
| | | | | | | Backport #31923 by @lunny Fix #20658 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Don't return 500 if mirror url contains special chars (#31859) (#31895)Lunny Xiao2024-08-221-2/+4
| | | Backport #31859
* add CfTurnstileSitekey context data to all captcha templates (#31874) (#31876)Giteabot2024-08-202-0/+4
| | | | | | | | | | | | Backport #31874 by @bohde In the OpenID flows, the "CfTurnstileSitekey" wasn't populated, which caused those flows to fail if using Turnstile as the Captcha implementation. This adds the missing context variables, allowing Turnstile to be used in the OpenID flows. Co-authored-by: Rowan Bohde <rowan.bohde@gmail.com>
* Fix raw wiki links (#31825) (#31845)Giteabot2024-08-172-10/+68
| | | | | | | | | | | | | | | | | | | | | Backport #31825 by @Zettat123 Fix #31395 This regression is introduced by #30273. To find out how GitHub handles this case, I did [some tests](https://github.com/go-gitea/gitea/issues/31395#issuecomment-2278929115). I use redirect in this PR instead of checking if the corresponding `.md` file exists when rendering the link because GitHub also uses redirect. With this PR, there is no need to resolve the raw wiki link when rendering a wiki page. If a wiki link points to a raw file, access will be redirected to the raw link. --------- Co-authored-by: Zettat123 <zettat123@gmail.com> Co-authored-by: yp05327 <576951401@qq.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Avoid returning without written ctx when posting PR (#31843) (#31848)Giteabot2024-08-161-4/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Backport #31843 by @wolfogre Fix #31625. If `pull_service.NewPullRequest` return an error which misses each `if` check, `CompareAndPullRequestPost` will return immediately, since it doesn't write the HTTP response, a 200 response with empty body will be sent to clients. ```go if err := pull_service.NewPullRequest(ctx, repo, pullIssue, labelIDs, attachments, pullRequest, assigneeIDs); err != nil { if repo_model.IsErrUserDoesNotHaveAccessToRepo(err) { ctx.Error(http.StatusBadRequest, "UserDoesNotHaveAccessToRepo", err.Error()) } else if git.IsErrPushRejected(err) { // ... ctx.JSONError(flashError) } else if errors.Is(err, user_model.ErrBlockedUser) { // ... ctx.JSONError(flashError) } else if errors.Is(err, issues_model.ErrMustCollaborator) { // ... ctx.JSONError(flashError) } return } ``` Not sure what kind of error can cause it to happen, so this PR just expose it. And we can fix it when users report that creating PRs failed with error responses. It's all my guess since I cannot reproduce the problem, but even if it's not related, the code here needs to be improved. Co-authored-by: Jason Song <i@wolfogre.com>
* Add missing repository type filter parameters to pager (#31832) (#31837)Giteabot2024-08-164-0/+61
| | | | | | | | | | | | | Backport #31832 by @yp05327 Fix #31807 ps: the newly added params's value will be changed. When the first time you selected the filter, the values of params will be `0` or `1` But in pager it will be `true` or `false`. So do we have `boolToInt` function? Co-authored-by: yp05327 <576951401@qq.com>
* Show lock owner instead of repo owner on LFS setting page (#31788) (#31817)Giteabot2024-08-111-0/+5
| | | | | | | | | | | | | | | | | Backport #31788 by @wolfogre Fix #31784. Before: <img width="1648" alt="image" src="https://github.com/user-attachments/assets/03f32545-4a85-42ed-bafc-2b193a5d8023"> After: <img width="1653" alt="image" src="https://github.com/user-attachments/assets/e5bcaf93-49cb-421f-aac1-5122bc488b02"> Co-authored-by: Jason Song <i@wolfogre.com>
* Fix wiki revision pagination (#31760) (#31772)Giteabot2024-08-041-0/+1
| | | | | | | Backport #31760 by @lunny Fix #31755 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix the display of project type for deleted projects (#31732) (#31734)Giteabot2024-07-301-1/+1
| | | | | | | | | | Backport #31732 by @yp05327 Fix: #31727 After: ![image](https://github.com/user-attachments/assets/1dfb4b31-3bd6-47f7-b126-650f33f453e2) Co-authored-by: yp05327 <576951401@qq.com>
* Add permission check when creating PR (#31033) (#31720)yp053272024-07-291-0/+10
| | | | | Backport #31033 user should be a collaborator of the base repo to create a PR
* Fix rendered wiki page link (#31398) (#31407)wxiaoguang2024-06-193-7/+7
| | | | | Backport #31398 Fix #31395
* Allow downloading attachments of draft releases (#31369) (#31380)Giteabot2024-06-161-2/+3
| | | | | | | Backport #31369 by Zettat123 Fix #31362 Co-authored-by: Zettat123 <zettat123@gmail.com>
* Remove sub-path from container registry realm (#31293) (#31300)Giteabot2024-06-101-1/+7
| | | | | Backport #31293 by wxiaoguang Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix Activity Page Contributors dropdown (#31264) (#31269)Giteabot2024-06-061-6/+0
| | | | | | | Backport #31264 by wxiaoguang Fix #31261 Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix agit checkout command line hint & fix ShowMergeInstructions checking ↵Giteabot2024-06-031-7/+8
| | | | | | | | | | | | | | | | | (#31219) (#31222) Backport #31219 by @lunny Fix #31135 Before <img width="527" alt="图片" src="https://github.com/go-gitea/gitea/assets/81045/60c07b55-3db2-4a9a-98f1-0eb72d149df2"> After <img width="664" alt="图片" src="https://github.com/go-gitea/gitea/assets/81045/0670ff5d-9e0b-47ac-aba4-9db9131de3b3"> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Ignore FindRecentlyPushedNewBranches err (#31164) (#31171)wxiaoguang2024-05-301-2/+1
| | | Backport #31164
* Fix markup preview (#31158) (#31166)Giteabot2024-05-301-2/+3
| | | | | | | | | | | | Backport #31158 by @wxiaoguang Fix #31157 After: ![image](https://github.com/go-gitea/gitea/assets/2114189/4d918cce-cd0d-4601-9c81-4b32df1b0b38) Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add an immutable tarball link to archive download headers for Nix (#31139) ↵Giteabot2024-05-291-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#31145) Backport #31139 by @Mic92 This allows `nix flake metadata` and nix in general to lock a *branch* tarball link in a manner that causes it to fetch the correct commit even if the branch is updated with a newer version. For further context, Nix flakes are a feature that, among other things, allows for "inputs" that are "github:someuser/somerepo", "https://some-tarball-service/some-tarball.tar.gz", "sourcehut:~meow/nya" or similar. This feature allows our users to fetch tarballs of git-based inputs to their builds rather than using git to fetch them, saving significant download time. There is presently no gitea or forgejo specific fetcher in Nix, and we don't particularly wish to have one. Ideally (as a developer on a Nix implementation myself) we could just use the generic tarball fetcher and not add specific forgejo support, but to do so, we need additional metadata to know which commit a given *branch* tarball represents, which is the purpose of the Link header added here. The result of this patch is that a Nix user can specify `inputs.something.url = "https://forgejo-host/some/project/archive/main.tar.gz"` in flake.nix and get a link to some concrete tarball for the actual commit in the lock file, then when they run `nix flake update` in the future, they will get the latest commit in that branch. Example of it working locally: » nix flake metadata --refresh 'http://localhost:3000/api/v1/repos/jade/cats/archive/main.tar.gz?dir=configs/nix' Resolved URL: http://localhost:3000/api/v1/repos/jade/cats/archive/main.tar.gz?dir=configs/nix Locked URL: http://localhost:3000/api/v1/repos/jade/cats/archive/804ede182b6b66469b23ea4d21eece52766b7a06.tar.gz?dir=configs /nix&narHash=sha256-yP7KkDVfuixZzs0fsqhSETXFC0y8m6nmPLw2GrAMxKQ%3D Description: Computers with the nixos Path: /nix/store/s856c6yqghyan4v0zy6jj19ksv0q22nx-source Revision: 804ede182b6b66469b23ea4d21eece52766b7a06 Last modified: 2024-05-02 00:48:32 For details on the header value, see: https://github.com/nixos/nix/blob/56763ff918eb308db23080e560ed2ea3e00c80a7/doc/manual/src/protocols/tarball-fetcher.md Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com> Co-authored-by: Jade Lovelace <software@lfcode.ca> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add missed return after `ctx.ServerError` (#31130) (#31133)Giteabot2024-05-284-0/+4
| | | | | Backport #31130 by @lunny Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix possible ui 500 if workflow's job is nil (#31092) (#31098)Giteabot2024-05-271-0/+8
| | | | | | | Backport #31092 by @lunny Fix #31087 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix `View File` button link if branch deleted on pull request files pages ↵Giteabot2024-05-261-1/+1
| | | | (#31063) (#31077)
* Fix wrong display of recently pushed notification (#25812) (#31043)yp053272024-05-231-7/+19
| | | | | | | | | | | Backport #25812 ~~ps: removed some new codes in `tests/integration/pull_merge_test.go`~~ --------- Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* use existing oauth grant for public client (#31015) (#31042)Giteabot2024-05-211-2/+17
| | | | | | | | | | | Backport #31015 by @denyskon Do not try to create a new authorization grant when one exists already, thus preventing a DB-related authorization issue. Fix https://github.com/go-gitea/gitea/pull/30790#issuecomment-2118812426 Co-authored-by: Denys Konovalov <kontakt@denyskon.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Refactor sha1 and time-limited code (#31023) (#31030)Giteabot2024-05-211-1/+1
| | | | | Backport #31023 by wxiaoguang Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Return `access_denied` error when an OAuth2 request is denied (#30974) (#31029)Giteabot2024-05-201-0/+10
| | | | | | Backport #30974 by Zettat123 Co-authored-by: Zettat123 <zettat123@gmail.com> Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Fix "force private" logic (#31012) (#31021)Giteabot2024-05-201-1/+1
| | | | | Backport #31012 by wxiaoguang Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Improve reverse proxy documents and clarify the AppURL guessing behavior ↵Giteabot2024-05-191-1/+1
| | | | | | | | | | | | | | | (#31003) (#31020) Backport #31003 by wxiaoguang Fix #31002 1. Mention Make sure `Host` and `X-Fowarded-Proto` headers are correctly passed to Gitea 2. Clarify the basic requirements and move the "general configuration" to the top 3. Add a comment for the "container registry" 4. Use 1.21 behavior if the reverse proxy is not correctly configured Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Move reverproxyauth before session so the header will not be ignored even if ↵Giteabot2024-05-121-6/+6
| | | | | | | | | | user has login (#27821) (#30948) Backport #27821 by @lunny When a user logout and then login another user, the reverseproxy auth should be checked before session otherwise the old user is still login. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Check if reverse proxy is correctly configured (#30890) (#30935)Giteabot2024-05-103-0/+37
| | | | | | | | | Backport #30890 by wxiaoguang Follow #27011 Follow #30885 Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: silverwind <me@silverwind.io>
* Fix misspelling of mergable (#30896) (#30905)Giteabot2024-05-081-2/+2
| | | | | | | | Backport #30896 by @yp05327 https://github.com/go-gitea/gitea/pull/25812#issuecomment-2099833692 Follow #30573 Co-authored-by: yp05327 <576951401@qq.com>
* Fix various problems around projects board view (#30696) (#30902)Giteabot2024-05-085-83/+68
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Backport #30696 by @lunny # The problem The previous implementation will start multiple POST requests from the frontend when moving a column and another bug is moving the default column will never be remembered in fact. # What's changed - [x] This PR will allow the default column to move to a non-first position - [x] And it also uses one request instead of multiple requests when moving the columns - [x] Use a star instead of a pin as the icon for setting the default column action - [x] Inserted new column will be append to the end - [x] Fix #30701 the newly added issue will be append to the end of the default column - [x] Fix when deleting a column, all issues in it will be displayed from UI but database records exist. - [x] Add a limitation for columns in a project to 20. So the sorting will not be overflow because it's int8. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix wrong transfer hint (#30889) (#30900)Giteabot2024-05-081-2/+8
| | | | | | | Backport #30889 by @lunny Fix #30187 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Refactor AppURL usage (#30885) (#30891)wxiaoguang2024-05-081-1/+1
| | | | | | | Backport #30885 Fix #30883 Fix #29591 Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Repository explore alphabetically order respect owner name (#30882)65432024-05-071-2/+2
| | | | | similar to #30784 but only for the repo explore page is covered by #30876 for the main branch
* Make sure git version&feature are always prepared (#30877) (#30879)wxiaoguang2024-05-074-4/+4
| | | Backport #30877
* Improve grep search (#30843) (#30850)Giteabot2024-05-032-1/+36
| | | | | | | | Backport #30843 by wxiaoguang Reduce the context line number to 1, make "git grep" search respect the include/exclude patter, and fix #30785 Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Prevent automatic OAuth grants for public clients (#30790) (#30836)Giteabot2024-05-021-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Backport #30790 by archer-321 This commit forces the resource owner (user) to always approve OAuth 2.0 authorization requests if the client is public (e.g. native applications). As detailed in [RFC 6749 Section 10.2](https://www.rfc-editor.org/rfc/rfc6749.html#section-10.2), > The authorization server SHOULD NOT process repeated authorization requests automatically (without active resource owner interaction) without authenticating the client or relying on other measures to ensure that the repeated request comes from the original client and not an impersonator. With the implementation prior to this patch, attackers with access to the redirect URI (e.g., the loopback interface for `git-credential-oauth`) can get access to the user account without any user interaction if they can redirect the user to the `/login/oauth/authorize` endpoint somehow (e.g., with `xdg-open` on Linux). Fixes #25061. Co-authored-by: Archer <archer@beezig.eu> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Skip gzip for some well-known compressed file types (#30796) (#30813)Giteabot2024-05-021-1/+1
| | | | | | Backport #30796 by wxiaoguang Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: silverwind <me@silverwind.io>
* Fix bleve fuzziness (#30799) (#30804)Giteabot2024-05-011-1/+1
| | | | | | | | Backport #30799 by wxiaoguang Fix #30797 Fix #30317 Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix issue label rendering in the issue popup (#30763) (#30773)Giteabot2024-04-301-1/+4
| | | | | Backport #30763 by wxiaoguang Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Rename CodeIndexerEnabled to IsRepoIndexerEnabled (#30762) (#30767)Giteabot2024-04-292-3/+3
| | | | | | | | | | Backport #30762 by @wxiaoguang Fix #30761 Most places use `IsRepoIndexerEnabled` but not `CodeIndexerEnabled`, so it should always use `IsRepoIndexerEnabled` for consistency. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix all rounded borders, change affected tab menus to pills (#30707) (#30769)Giteabot2024-04-291-4/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Backport #30707 by @silverwind Fixes https://github.com/go-gitea/gitea/issues/30673, all 23 issues. Notes: - Tab bar menus had to change to pills because of unsolvable issue with the border-radius as tab bar renders a overlapping border onto the box below. And I think pills look better. - Added padding to code editor empty preview message - Hide monaco's built-in blue focus border, we don't need it and it never showed before either. - Label add menu is simplified, removing the nested segment. <img width="1322" alt="Screenshot 2024-04-25 at 22 26 19" src="https://github.com/go-gitea/gitea/assets/115237/7e394e0c-b7ad-417d-8e9f-12f1dea93ed1"> <img width="1326" alt="Screenshot 2024-04-25 at 22 28 00" src="https://github.com/go-gitea/gitea/assets/115237/66c8499f-aa9f-4d95-8cca-ef13dfa82c65"> <img width="997" alt="Screenshot 2024-04-25 at 22 36 53" src="https://github.com/go-gitea/gitea/assets/115237/07896102-c71d-4246-8173-c2bc2e1d3cae"> <img width="832" alt="Screenshot 2024-04-25 at 22 56 09" src="https://github.com/go-gitea/gitea/assets/115237/d83afc96-08ca-4adc-baf4-3d02804be57c"> <img width="361" alt="Screenshot 2024-04-25 at 22 57 12" src="https://github.com/go-gitea/gitea/assets/115237/c7371a68-00b5-47d8-84d0-ddc5268b2b2c"> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix nil dereference on error (#30740) (#30746)wxiaoguang2024-04-291-1/+1
| | | | | Backport #30740 manually Co-authored-by: Chongyi Zheng <git@zcy.dev>
* Prevent allow/reject reviews on merged/closed PRs (#30686)Kemal Zebari2024-04-271-0/+2
| | | Resolves #30675.
* Update misspell to 0.5.1 and add `misspellings.csv` (#30573)silverwind2024-04-274-5/+5
| | | | | | Misspell 0.5.0 supports passing a csv file to extend the list of misspellings, so I added some common ones from the codebase. There is at least one typo in a API response so we need to decided whether to revert that and then likely remove the dict entry.
* Fix code search input for different views (#30678)wxiaoguang2024-04-263-4/+0
| | | | | | Now only show the "code search" on the repo home page, because it only does global search. So do not show it when viewing file or directory to avoid misleading users (it doesn't search in a directory)
* Add route handler info for debugging purpose (#30705)wxiaoguang2024-04-261-1/+1
| | | Follow #30519
* Improve job commit description (#30579)yp053272024-04-261-12/+14
| | | | | | | | | | | | | | | | | | | | | Fix https://github.com/go-gitea/gitea/issues/30567 When job is a schedule: ![image](https://github.com/go-gitea/gitea/assets/18380374/b07e9d43-e8b7-4ee2-87b3-a7050c3a8ca5) When it is a normal one: ![image](https://github.com/go-gitea/gitea/assets/18380374/0d58dab9-74bb-421b-8952-0578cdf21a52) also add a 'space' behind `:` ![image](https://github.com/go-gitea/gitea/assets/18380374/4cebece0-bfe6-4ad9-b806-e5c49bb9be43) ![image](https://github.com/go-gitea/gitea/assets/18380374/02da7681-474b-4c0f-9dad-b6558f6cb484) --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Allow to save empty comment (#30706)wxiaoguang2024-04-261-19/+22
| | | Fix #29986
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-09 11:30:11 +0000