aboutsummaryrefslogtreecommitdiffstats
path: root/routers
Commit message (Collapse)AuthorAgeFilesLines
* Match api migration behavior to web behavior (#23552) (#23572)release/v1.18Giteabot2023-03-191-1/+1
| | | | | | | | | | | | | | | | | | | | | | Backport #23552 by @atomaka When attempting to migrate a repository via the API endpoint comments are always included. This can create a problem if your source repository has issues or pull requests but you do not want to import them into Gitea that displays as something like: > Error 500: We were unable to perform the request due to server-side problems. 'comment references non existent IssueIndex 4 There are only two ways to resolve this: 1. Migrate using the web interface 2. Migrate using the API including at issues or pull requests. This PR matches the behavior of the API migration router to the web migration router. Co-authored-by: Andrew Tomaka <atomaka@atomaka.com> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Handle missing `README` in create repos API (#23387) (#23509)Zettat1232023-03-162-0/+22
| | | | | | | | | Backport #23387 Close #22934 In `/user/repos` API (and other APIs related to creating repos), user can specify a readme template for auto init. At present, if the specified template does not exist, a `500` will be returned . This PR improved the logic and will return a `400` instead of `500`.
* Make branches list page operations remember current page (#23420) (#23459)Giteabot2023-03-151-10/+7
| | | | | | | | | | | | | | | Backport #23420 by @wxiaoguang Close #23411 Always pass "page" query parameter to backend, and make backend respect it. The `ctx.FormInt("limit")` is never used, so removed. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Jason Song <i@wolfogre.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Redirect to the commit page after applying patch (#23056) & Fix commit name ↵zeripath2023-03-151-3/+7
| | | | | | | | | | | | | in Apply Patch page (#23086) (#23131) Backport #23056 Backport #23086 Fixes https://github.com/go-gitea/gitea/issues/22621 Fixes https://github.com/go-gitea/gitea/issues/22621#issuecomment-1439309200 Co-authored-by: yp05327 <576951401@qq.com>
* Fix cannot reopen after pushing commits to a closed PR (#23189) (#23322)sillyguodong2023-03-062-6/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Backport: #23189 Close: #22784 1. On GH, we can reopen a PR which was closed before after pushing commits. After reopening PR, we can see the commits that were pushed after closing PR in the time line. So the case of [issue](https://github.com/go-gitea/gitea/issues/22784) is a bug which needs to be fixed. 2. After closing a PR and pushing commits, `headBranchSha` is not equal to `sha`(which is the last commit ID string of reference). If the judgement exists, the button of reopen will not display. So, skip the judgement if the status of PR is closed. ![image](https://user-images.githubusercontent.com/33891828/222037529-651fccf9-0bba-433e-b2f0-79c17e0cc812.png) 3. Even if PR is already close, we should still insert comment record into DB when we push commits. So we should still call function `CreatePushPullComment()`. https://github.com/go-gitea/gitea/blob/067b0c2664d127c552ccdfd264257caca4907a77/services/pull/pull.go#L260-L282 So, I add a switch(`includeClosed`) to the `GetUnmergedPullRequestsByHeadInfo` func to control whether the status of PR must be open. In this case, by setting `includeClosed` to `true`, we can query the closed PR. ![image](https://user-images.githubusercontent.com/33891828/222621045-bb80987c-10c5-4eac-aa0c-1fb9c6aefb51.png) 4. In the loop of comments, I use the`latestCloseCommentID` variable to record the last occurrence of the close comment. In the go template, if the status of PR is closed, the comments whose type is `CommentTypePullRequestPush(29)` after `latestCloseCommentID` won't be rendered. ![image](https://user-images.githubusercontent.com/33891828/222058913-c91cf3e3-819b-40c5-8015-654b31eeccff.png) e.g. 1). The initial status of the PR is opened. ![image](https://user-images.githubusercontent.com/33891828/222453617-33c5093e-f712-4cd6-8489-9f87e2075869.png) 2). Then I click the button of `Close`. PR is closed now. ![image](https://user-images.githubusercontent.com/33891828/222453694-25c588a9-c121-4897-9ae5-0b13cf33d20b.png) 3). I try to push a commit to this PR, even though its current status is closed. ![image](https://user-images.githubusercontent.com/33891828/222453916-361678fb-7321-410d-9e37-5a26e8095638.png) But in comments list, this commit do not display.This is as expected :) ![image](https://user-images.githubusercontent.com/33891828/222454169-7617a791-78d2-404e-be5e-77d555f93313.png) 4). Click the `Reopen` button, the commit which is pushed after closing PR display now. ![image](https://user-images.githubusercontent.com/33891828/222454533-897893b6-b96e-4701-b5cb-b1800f382b8f.png)
* Use beforeCommit instead of baseCommit (#22949) (#22996)Kyle D2023-02-211-6/+5
| | | | | | | Backport #22949 Fixes https://github.com/go-gitea/gitea/issues/22946 Probably related to https://github.com/go-gitea/gitea/issues/19530 Co-authored-by: Jonathan Tran <jonnytran@gmail.com>
* Add force_merge to merge request and fix checking mergable (#23010) (#23032)Jason Song2023-02-212-8/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | Backport #23010. Fix #23000. The bug was introduced in #22633, and it seems that it has been noticed: https://github.com/go-gitea/gitea/pull/22633#discussion_r1095395359 . However, #22633 did nothing wrong, the logic should be "check if they is admin only when `force` is true". So we should provide the `ForceMerge` when merging from UI. After this, an admin can also send a normal merge request with `ForceMerge` false. So it fixes a potential bug: if the admin doesn't want to do a force merge, they just see the green "Merge" button and click it. At the same time, the status of the PR changed, and it shouldn't be merged now, so the admin could send an unexpected force merge. In addition, I updated `ForceMerge *bool` to `ForceMerge bool`, I don't see the reason to use a pointer. And fixed the logic of CheckPullMergable to handle auto merge and force merge correctly.
* Provide the ability to set password hash algorithm parameters (#22942) (#22943)zeripath2023-02-196-6/+7
| | | | | | | | | | | | | | | | | | | | | | | | Backport #22942 This PR refactors and improves the password hashing code within gitea and makes it possible for server administrators to set the password hashing parameters In addition it takes the opportunity to adjust the settings for `pbkdf2` in order to make the hashing a little stronger. The majority of this work was inspired by PR #14751 and I would like to thank @boppy for their work on this. Thanks to @gusted for the suggestion to adjust the `pbkdf2` hashing parameters. Close #14751 --------- Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Notify on container image create (#22806) (#22965)Yarden Shoham2023-02-181-4/+22
| | | | | | | | | | | Backport #22806 Fixes #22791 --------- Signed-off-by: Yarden Shoham <hrsi88@gmail.com> Co-authored-by: KN4CK3R <admin@oldschoolhack.me> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* fix incorrect role labels for migrated issues and comments (#22914) (#22923)Yarden Shoham2023-02-161-4/+8
| | | | | | | | | | | | | | | | Backport #22914 Fix #22797. ## Reason If a comment was migrated from other platforms, this comment may have an original author and its poster is always not the original author. When the `roleDescriptor` func get the poster's role descriptor for a comment, it does not check if the comment has an original author. So the migrated comments' original authors might be marked as incorrect roles. Co-authored-by: Zettat123 <zettat123@gmail.com> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Improve trace logging for pulls and processes (#22633) (#22812)zeripath2023-02-131-28/+23
| | | | | | | | | | | | | | | | | | Backport #22633 Our trace logging is far from perfect and is difficult to follow. This PR: * Add trace logging for process manager add and remove. * Fixes an errant read file for git refs in getMergeCommit * Brings in the pullrequest `String` and `ColorFormat` methods introduced in #22568 * Adds a lot more logging in to testPR etc. Ref #22578 --------- Signed-off-by: Andrew Thornton <art27@cantab.net>
* Use import of OCI structs (#22765) (#22805)KN4CK3R2023-02-082-41/+59
| | | | | Backport of #22765 Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* upgrade golangcilint to v1.51.0 (#22764)Lunny Xiao2023-02-071-2/+4
| | | | | With the upgrade to go 1.20 golangci-lint no longer correctly works. We must therefore upgrade to the latest golangci-lint. Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Fix wrong hint when deleting a branch successfully from pull request UI ↵Yarden Shoham2023-02-011-1/+1
| | | | | | | | | (#22673) (#22698) Backport #22673 Fix #18785 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix missing message in git hook when pull requests disabled on fork (#22625) ↵John Olheiser2023-01-301-10/+13
| | | | | | | (#22658) Backport #22625 Co-authored-by: Brecht Van Lommel <brecht@blender.org>
* Prevent multiple `To` recipients (#22566) (#22569)Yarden Shoham2023-01-221-1/+1
| | | | | | | | | Backport #22566 Change the mailer interface to prevent the leaking of possible hidden email addresses when sending to multiple recipients. Co-authored-by: KN4CK3R <admin@oldschoolhack.me> Co-authored-by: Gusted <williamzijl7@hotmail.com>
* Fix invalid issue branch reference if not specified in template (#22513) ↵John Olheiser2023-01-191-1/+2
| | | | | | | (#22520) Backport #22513 Co-authored-by: Brecht Van Lommel <brecht@blender.org>
* Set disable_gravatar/enable_federated_avatar when offline mode is true ↵Jason Song2023-01-181-0/+27
| | | | | | | | (#22479) (#22496) Backport #22479. When offline mode is true, we should set `disable_gravatar` to `true` and `enable_federated_avatar` to `false` in system settings.
* Fix container blob mount (#22226) (#22476)John Olheiser2023-01-172-55/+83
| | | | | Backport #22226 Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Fix leaving organization bug on user settings -> orgs (#21983) (#22438)zeripath2023-01-161-2/+9
| | | | | | | | | | | | Backport #21983 Fix #21772 Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: 花墨 <shanee@live.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Prevent panic on looking at api "git" endpoints for empty repos (#22457) ↵zeripath2023-01-151-1/+1
| | | | | | | | | | | | | | (#22458) Backport #22457 The API endpoints for "git" can panic if they are called on an empty repo. We can simply allow empty repos for these endpoints without worry as they should just work. Fix #22452 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Prepend refs/heads/ to issue template refs (#20461) (#22427)zeripath2023-01-131-0/+4
| | | | | Backport #20461 Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix: update settings table on install (#22326) (#22327)John Olheiser2023-01-031-4/+7
| | | | | Backport #22326 Signed-off-by: jolheiser <john.olheiser@gmail.com>
* fix: code search title translation (#22285) (#22316)John Olheiser2023-01-031-1/+1
| | | | | | | Backport #22285 Signed-off-by: jolheiser <john.olheiser@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Lauris BH <lauris@nix.lv>
* Add `sync_on_commit` option for push mirrors api (#22271) (#22292)Chongyi Zheng2022-12-311-4/+5
| | | Backport of #22271
* Fix key signature error page (#22229) (#22230)Gusted2022-12-301-3/+9
| | | | | | | | | | | | | | | - Backport of #22229 - When the GPG key contains an error, such as an invalid signature or an email address that does not match the user.A page will be shown that says you must provide a signature for the token. - This page had two errors: one had the wrong translation key and the other tried to use an undefined variable [`.PaddedKeyID`](https://github.com/go-gitea/gitea/blob/e81ccc406bf723a5a58d685e7782f281736affd4/models/asymkey/gpg_key.go#L65-L72), which is a function implemented on the `GPGKey` struct, given that we don't have that, we use [`KeyID`](https://github.com/go-gitea/gitea/blob/e81ccc406bf723a5a58d685e7782f281736affd4/routers/web/user/setting/keys.go#L102) which is [the fingerprint of the publickey](https://pkg.go.dev/golang.org/x/crypto/openpgp/packet#PublicKey.KeyIdString) and is a valid way for opengpg to refer to a key.
* refactor auth interface to return error when verify failure (#22119) (#22259)Lunny Xiao2022-12-294-17/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | backport #22119 This PR changed the Auth interface signature from `Verify(http *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) *user_model.User` to `Verify(http *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) (*user_model.User, error)`. There is a new return argument `error` which means the verification condition matched but verify process failed, we should stop the auth process. Before this PR, when return a `nil` user, we don't know the reason why it returned `nil`. If the match condition is not satisfied or it verified failure? For these two different results, we should have different handler. If the match condition is not satisfied, we should try next auth method and if there is no more auth method, it's an anonymous user. If the condition matched but verify failed, the auth process should be stop and return immediately. This will fix #20563 Co-authored-by: KN4CK3R <admin@oldschoolhack.me> Co-authored-by: Jason Song <i@wolfogre.com>
* Use complete SHA to create and query commit status (#22244) (#22257)Jason Song2022-12-283-1/+31
| | | | | | | | | | | | | Backport #22244. Fix #13485. Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Remove ReverseProxy authentication from the API (#22219) (#22251)Lunny Xiao2022-12-271-9/+3
| | | | | | | | | | | | | | | | | | | | | | | | backport from #22219 Since we changed the /api/v1/ routes to disallow session authentication we also removed their reliance on CSRF. However, we left the ReverseProxy authentication here - but this means that POSTs to the API are no longer protected by CSRF. Now, ReverseProxy authentication is a kind of session authentication, and is therefore inconsistent with the removal of session from the API. This PR proposes that we simply remove the ReverseProxy authentication from the API and therefore users of the API must explicitly use tokens or basic authentication. Replace #22077 Close #22221 Close #22077 Signed-off-by: Andrew Thornton <art27@cantab.net> Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
* Allow empty assignees on pull request edit (#22150) (#22214)KN4CK3R2022-12-221-0/+5
| | | | | Backport of #22150 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Normalize NuGet package version on upload (#22186) (#22200)KN4CK3R2022-12-212-20/+4
| | | | | Backport of #22186 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Ensure that plain files are rendered correctly even when containing ↵zeripath2022-12-191-16/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ambiguous characters (#22017) (#22160) Backport #22017 As recognised in #21841 the rendering of plain text files is somewhat incorrect when there are ambiguous characters as the html code is double escaped. In fact there are several more problems here. We have a residual isRenderedHTML which is actually simply escaping the file - not rendering it. This is badly named and gives the wrong impression. There is also unusual behaviour whether the file is called a Readme or not and there is no way to get to the source code if the file is called README. In reality what should happen is different depending on whether the file is being rendered a README at the bottom of the directory view or not. 1. If it is rendered as a README on a directory - it should simply be escaped and rendered as `<pre>` text. 2. If it is rendered as a file then it should be rendered as source code. This PR therefore does: 1. Rename IsRenderedHTML to IsPlainText 2. Readme files rendered at the bottom of the directory are rendered without line numbers 3. Otherwise plain text files are rendered as source code. Replace #21841 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix condition for is_internal (#22095) (#22132)KN4CK3R2022-12-141-2/+3
| | | | | | | | | | | Backport of #22095 I changed it to a static condition because it needs a new version of xorm which is only available in 1.19. This change is valid because `SearchLatestVersions` is never called to list internal versions and there will no change to this behaviour in <1.19. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Fix sorting admin user list by last login (#22081) (#22107)aceArt-GmbH2022-12-131-0/+4
|
* Fix permission check on issue/pull lock (#22113)Lunny Xiao2022-12-121-3/+2
| | | backport #22110
* Workaround for container registry push/pull errors (#21862) (#22068)KN4CK3R2022-12-103-4/+68
| | | | | Backport of #21862 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix ListBranches to handle empty case (#21921) (#22024)Lunny Xiao2022-12-041-26/+34
| | | | | | | | Fix #21910 Backport #21921 Co-authored-by: KN4CK3R <admin@oldschoolhack.me> Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Multiple improvements for comment edit diff (#21990) (#22007)silverwind2022-12-021-4/+9
| | | | | | | | | | | | | | Backport #21990 - Use explicit avatar size so when JS copies the HTML, the size gets copied with it - Replace icon font use with SVG - Improve styling and diff rendering - Sort lists in `svg.js` Fixes: https://github.com/go-gitea/gitea/issues/21924 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Prevent NPE if trying to restore an already restored deleted branch (#21940) ↵zeripath2022-11-251-0/+4
| | | | | | | | | | | | | | (#21944) Backport #21940 If a deleted-branch has already been restored, a request to restore it again will cause a NPE. This PR adds detection for this case, but also disables buttons when they're clicked in order to help prevent accidental repeat requests. Fix #21930 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add support for HEAD requests in Maven registry (#21834) (#21929)KN4CK3R2022-11-2517-32/+120
| | | | | Backport of #21834 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix setting HTTP headers after write (#21833) (#21877)KN4CK3R2022-11-224-31/+25
| | | | | Backport of #21833 Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Load GitRepo in API before deleting issue (#21720) (#21796)Jason Song2022-11-131-1/+1
| | | | | | | | | | | | | | Backport #21720. Fix #20921. The `ctx.Repo.GitRepo` has been used in deleting issues when the issue is a PR. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Lauris BH <lauris@nix.lv>
* Set last login when activating account (#21731) (#21755)Jason Song2022-11-111-0/+7
| | | | | | | | | | | | Backport #21731. Fix #21698. Set the last login time to the current time when activating the user successfully. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Revert unrelated changes for SMTP auth (#21767) (#21768)wxiaoguang2022-11-101-1/+1
| | | | | | | | | | | Backport #21767 The purpose of #18982 is to improve the SMTP mailer, but there were some unrelated changes made to the SMTP auth in https://github.com/go-gitea/gitea/pull/18982/commits/d60c43869420f5fc43ad19b454c9ae50dad65964 This PR reverts these unrelated changes, fix #21744 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix dashboard ignored system setting cache (#21621) (#21759)Lunny Xiao2022-11-101-2/+5
| | | | | | | | backport #21621 This is a performance regression from #18058 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Andrew Thornton <art27@cantab.net>
* Remove semver compatible flag and change pypi to an array of test cases ↵Wayne Starr2022-11-092-4/+47
| | | | | | | | | | | | (#21708) (#21730) Backport (#21708) This addresses #21707 and adds a second package test case for a non-semver compatible version (this might be overkill though since you could also edit the old package version to have an epoch in front and see the error, this just seemed more flexible for the future). Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Allow local package identifiers for PyPI packages (#21690) (#21727)Wayne Starr2022-11-091-2/+9
| | | | | | | | Backport (#21690) Fixes #21683 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Fix token generation when using INTERNAL_TOKEN_URI (#21669) (#21670)wxiaoguang2022-11-031-5/+9
| | | | | | | | | | | | Backport #21669 Fix https://github.com/go-gitea/gitea/issues/21666 Caused by https://github.com/go-gitea/gitea/pull/19663 Before: when install, the INTERNAL_TOKEN was always generated and saved. But the internal token may be already there by INTERNAL_TOKEN_URI After: INTERNAL_TOKEN_URI file must be non-empty. When install, skip internal token generation if the token exists.
* Sync git hooks when config file path changed (#21619) (#21626)Jason Song2022-10-301-3/+13
| | | | | | | | | | | Backport #21619 . A patch to #17335. Just like AppPath, Gitea writes its own CustomConf into git hook scripts too. If Gitea's CustomConf changes, then the git push may fail. Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: zeripath <art27@cantab.net>
* Fix 500 on PR files API (#21602) (#21607)qwerty2872022-10-261-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | Fixes an 500 error/panic if using the changed PR files API with pages that should return empty lists because there are no items anymore. `start-end` is then < 0 which ends in panic. Backport https://github.com/go-gitea/gitea/pull/21602 <!-- Please check the following: 1. Make sure you are targeting the `main` branch, pull requests on release branches are only allowed for bug fixes. 2. Read contributing guidelines: https://github.com/go-gitea/gitea/blob/main/CONTRIBUTING.md 3. Describe what your pull request does and which issue you're targeting (if any) --> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: delvh <dev.lh@web.de>
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-23 20:48:23 +0000