aboutsummaryrefslogtreecommitdiffstats
path: root/routers
Commit message (Collapse)AuthorAgeFilesLines
* Move user/org deletion to services (#17673)KN4CK3R2021-11-195-8/+12
|
* Add pagination to fork list (#17639)Gusted2021-11-181-2/+13
| | | | | - Resolves #14574 - Adds the necessary code to have pagination working in the forks list of a repo. The code is mostly in par with the stars/watcher implementation.
* Move task from modules to services (#17680)Lunny Xiao2021-11-182-2/+2
|
* Move user functions into user.go (#17659)Lunny Xiao2021-11-182-7/+7
| | | | | * Move user functions into user.go * Fix test
* Remove unnecessary variable assignments (#17695)Gusted2021-11-181-1/+0
| | | | | | | | | | * Remove unnecessary variable assignments As title * enable ineffassign Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fixed commit count. (#17698)KN4CK3R2021-11-173-15/+12
| | | | Added "Tag" label. Unified branch, tag and commit name.
* Add .gitattribute assisted language detection to blame, diff and render (#17590)zeripath2021-11-172-2/+54
| | | | | | | Use check attribute code to check the assigned language of a file and send that in to chroma as a hint for the language of the file. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Return 400 but not 500 when request archive with wrong format (#17691)Lunny Xiao2021-11-171-1/+5
|
* Move some functions into services/repository (#17677)Lunny Xiao2021-11-173-10/+9
|
* A better go code formatter, and now `make fmt` can run in Windows (#17684)wxiaoguang2021-11-175-3/+6
| | | | * go build / format tools * re-format imports
* Move user follow and openid into models/user/ (#17613)Lunny Xiao2021-11-175-19/+22
| | | | | | | | | | | | | | | | | | | | | | | * Move UserRedirect into models/user/ * Fix lint & test * Fix lint * Fix lint * remove nolint comment * Fix lint * Move user follow and openid into models/user * Ignore the lint * Ignore the lint * Fix test * ignore stutters lint on UserOpenID
* Allow admins to change user avatars (#17661)qwerty2872021-11-162-0/+33
| | | | | | | Adds the avatar change panel to the edit user page (bottom) and allows admins to change it this way Co-authored-by: Gusted <williamzijl7@hotmail.com> Co-authored-by: zeripath <art27@cantab.net>
* Multiple Escaping Improvements (#17551)zeripath2021-11-1634-200/+351
| | | | | | | | | | | | | | There are multiple places where Gitea does not properly escape URLs that it is building and there are multiple places where it builds urls when there is already a simpler function available to use this. This is an extensive PR attempting to fix these issues. 1. The first commit in this PR looks through all href, src and links in the Gitea codebase and has attempted to catch all the places where there is potentially incomplete escaping. 2. Whilst doing this we will prefer to use functions that create URLs over recreating them by hand. 3. All uses of strings should be directly escaped - even if they are not currently expected to contain escaping characters. The main benefit to doing this will be that we can consider relaxing the constraints on user names and reponames in future. 4. The next commit looks at escaping in the wiki and re-considers the urls that are used there. Using the improved escaping here wiki files containing '/'. (This implementation will currently still place all of the wiki files the root directory of the repo but this would not be difficult to change.) 5. The title generation in feeds is now properly escaped. 6. EscapePound is no longer needed - urls should be PathEscaped / QueryEscaped as necessary but then re-escaped with Escape when creating html with locales Signed-off-by: Andrew Thornton <art27@cantab.net> Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move migrations into services and base into modules/migration (#17663)Lunny Xiao2021-11-165-6/+6
| | | | | | | * Move migrtions into services and base into modules/migration * Fix imports * Fix lint
* Move some functions into services/repository (#17660)Lunny Xiao2021-11-167-15/+14
|
* Decouple unit test, remove intermediate `unittestbridge` package (#17662)wxiaoguang2021-11-167-33/+26
| | | Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix nil checking on typed interface (#17598)Gusted2021-11-151-8/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | * Fix nil checking on typed interface - Partially resoles #17596 - Resolves SA4023 errors. - Ensure correctly that typed interface are nil. * Remove unnecessary code `NewBleveIndexer` will never return nil, even on errors. * Patch `NewBleveIndexer` * Fix low-level functions * Remove deadcode * Fix GetSession * Close Elastic search when err isn't nil * Update elastic_search.go Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Remove unnecassary calls to `filepath.Join` (#17608)Gusted2021-11-152-2/+2
| | | | | | | | | | | - Partialy resolvess #17596 - Resolves `badCall` errors from go-critic `badCall: suspicious Join on 1 argument` - When only 1 argument is passed into `filepath.Join`, it won't do anything special other than `filepath.Clean(...)` will be applied over it. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: 6543 <6543@obermui.de>
* Correctly handle failed migrations (#17575)zeripath2021-11-132-0/+14
| | | | | | | | | | | | | | * Correctly handle failed migrations There is a bug in handling failed migrations whereby the migration task gets decoupled from the migration repository. This leads to a failure of the task to get deleted with the repository and also leads to the migration failed page resulting in a ISE. This PR removes the zeroing out of the task id from the migration but also makes the migration handler tolerate missing tasks much nicer. Fix #17571 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Decouple unit test code from business code (#17623)wxiaoguang2021-11-1217-62/+69
|
* Move EmailAddress & UserRedirect into models/user/ (#17607)Lunny Xiao2021-11-1111-44/+54
| | | | | | | | | | | | | | | | | | | | | * Move EmailAddress into models/user/ * Fix test * rename user_mail to user_email * Fix test * Move UserRedirect into models/user/ * Fix lint & test * Fix lint * Fix lint * remove nolint comment * Fix lint
* Refactor commentTags functionality (#17558)Gusted2021-11-111-35/+43
| | | | | | | | | | | | | | | | | | | | | | | | * feat: Allow multiple tags on comments - Allow for multiples tags(Currently Poster + {Owner, Writer}). - Utilize the Poster tag within the commentTag function and remove the checking from templates. - Use bitwise on CommentTags to enable specific tags. - Don't show poster tag(view_content.tmpl) on the initial issue comment. * Change parameters naming * Change function name * refactor variable wording * Merge 'master' branch into 'tags-comments' branch * Change naming * `tag` -> `role` Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Move oauth2 error to oauth2 service package (#17603)Lunny Xiao2021-11-111-2/+1
|
* Fix 500 when a comment was deleted which has a notification (#17550)Lunny Xiao2021-11-102-3/+3
| | | | | | | | | | * Fix 500 when a comment was deleted which has a notification * Tolerate missing Comment in other places too Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Move webhook into models/webhook/ (#17579)Lunny Xiao2021-11-107-188/+193
|
* Move unit into models/unit/ (#17576)Lunny Xiao2021-11-0929-236/+263
| | | | | * Move unit into models/unit/ * Rename unit.UnitType as unit.Type
* tune sqlite3 message (#17601)wxiaoguang2021-11-091-2/+2
|
* Fix 500 when review pull request with anonymous (#17594)Lunny Xiao2021-11-091-1/+5
|
* Fix bug on detect issue/comment writer (#17591)Lunny Xiao2021-11-091-1/+1
|
* Allow U2F 2FA without TOTP (#11573)Kamil Domański2021-11-082-25/+44
| | | | | | | This change enables the usage of U2F without being forced to enroll an TOTP authenticator. The `/user/auth/u2f` has been changed to hide the "use TOTP instead" bar if TOTP is not enrolled. Fixes #5410 Fixes #17495
* Avoid double imports (#17569)Gusted2021-11-081-2/+1
| | | | | Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix bug on admin subcommand (#17533)Lunny Xiao2021-11-071-2/+2
| | | | | | | * Fix bug on admin subcommand * Add signals for all initDB Co-authored-by: Lauris BH <lauris@nix.lv>
* Fix ipv6 parsing for builtin ssh server (#17561)Wim2021-11-061-1/+5
|
* Hide label comments if labels were added and removed immediately (#17455)qwerty2872021-11-042-12/+87
| | | | | | | | | | | * Hide label comments if labels were added and removed immediately * Add comment and rename var * Fix unit test * Add test case Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Simplify Gothic to use our session store instead of creating a different ↵zeripath2021-11-031-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | store (#17507) * Simplify Gothic to use our session store instead of creating a different store We have been using xormstore to provide a separate session store for our OAuth2 logins however, this relies on using gorilla context and some doubling of our session storing. We can however, simplify and simply use our own chi-based session store. Thus removing a cookie and some of the weirdness with missing contexts. Signed-off-by: Andrew Thornton <art27@cantab.net> * as per review Signed-off-by: Andrew Thornton <art27@cantab.net> * as per review Signed-off-by: Andrew Thornton <art27@cantab.net> * Handle MaxTokenLength Signed-off-by: Andrew Thornton <art27@cantab.net> * oops Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lauris BH <lauris@nix.lv>
* Stop double encoding blame commit messages (#17498)zeripath2021-10-311-2/+1
| | | | | | | | | | | The call to html.EscapeString in routers/web/repo/blame.go:renderBlame is extraneous as the commit message is now rendered by the template. The template will correctly escape strings - therefore we are currently double escaping. This PR fixes this. Fix #17492 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Properly determine CSV delimiter (#17459)Richard Mahn2021-10-301-4/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fixes #16558 CSV delimiter determiner * Fixes #16558 - properly determine CSV delmiiter * Moves quoteString to a new function * Adds big test with lots of commas for tab delimited csv * Adds comments * Shortens the text of the test * Removes single quotes from regexp as only double quotes need to be searched * Fixes spelling * Fixes check of length as it probalby will only be 1e4, not greater * Makes sample size a const, properly removes truncated line * Makes sample size a const, properly removes truncated line * Fixes comment * Fixes comment * tests for FormatError() function * Adds logic to find the limiter before or after a quoted value * Simplifies regex * Error tests * Error tests * Update modules/csv/csv.go Co-authored-by: delvh <dev.lh@web.de> * Update modules/csv/csv.go Co-authored-by: delvh <dev.lh@web.de> * Adds comments * Update modules/csv/csv.go Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: delvh <dev.lh@web.de>
* Rename db Engines related functions (#17481)Lunny Xiao2021-10-302-2/+2
| | | | | * Rename db Engines related functions Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Run Migrate in Install rather than just SyncTables (#17475)zeripath2021-10-291-1/+2
| | | | | | | | | | | | | | | | | | * Run Migrate in Install rather than just SyncTables The underlying problem in #17328 appears to be that users are re-running the install page during upgrades. The function that tests and creates the db did not intend for this and thus instead the migration scripts being run - a simple sync tables occurs. This then causes a weird partially migrated DB which causes, in this release cycle, the duplicate column in task table error. It is likely the cause of some weird partial migration errors in other cycles too. This PR simply ensures that the migration scripts are also run at this point too. Fix #17328 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix mispelling of starred as stared (#17465)zeripath2021-10-281-1/+1
| | | | | | | | | | There was a recent spelling mistake added to the locale file where stared was used instead of starred. This PR changes this to starred. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Ensure that restricted users can access repos for which they are members ↵zeripath2021-10-281-1/+1
| | | | | | | | | | | | | | | | | (#17460) There is a small bug in the way that repo access is checked in repoAssignment: Accessibility is checked by checking if the user has a marked access to the repository instead of checking if the user has any team granted access. This PR changes this permissions check to use HasAccess() which does the correct test. There is also a fix in the release api ListReleases where it should return draft releases if the user is a member of a team with write access to the releases. The PR also adds a testcase. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add appearance section in settings (#17433)qwerty2872021-10-273-36/+70
| | | | | | | | | | | | | * Add appearance section in settings * Fix lint * Fix lint * Apply suggestions from code review Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lauris BH <lauris@nix.lv>
* Prevent panic in serv.go with Deploy Keys (#17434)zeripath2021-10-261-1/+1
| | | | | | | | Unfortunately there was a regression in #17373 which missed that the user is not for deploy keys. This leads to a panic when pushing with deploy keys. Fix #17412 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add API to get/edit wiki (#17278)qwerty2872021-10-254-0/+554
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add API to get/edit wiki * Add swagger docs, various improvements * fmt * Fix lint and rm comment * Add page parameter * Add pagination to pages * Add tests * fmt * Update func names * Update error handling * Update type name * Fix lint * Don't delete Home * Update func name * Update routers/api/v1/repo/wiki.go Co-authored-by: delvh <dev.lh@web.de> * Remove unnecessary check * Fix lint * Use English strings * Update integrations/api_wiki_test.go Co-authored-by: delvh <dev.lh@web.de> * Update func and test names * Remove unsed check and avoid duplicated error reports * Improve error handling * Return after error * Document 404 error * Update swagger * Fix lint * Apply suggestions from code review Co-authored-by: delvh <dev.lh@web.de> * Document file encoding * fmt * Apply suggestions * Use convert * Fix integration test * simplify permissions * unify duplicate key Title/Name * improve types & return UTC timestamps * improve types pt.2 - add WikiPageMetaData.LastCommit - add WikiPageMetaData.HTMLURL - replace WikiPageMetaData.Updated with .LastCommit.Committer.Created also delete convert.ToWikiPage(), as it received too many arguments and only had one callsite anyway. sorry for bad advice earlier 🙃 * WikiPage.Content is base64 encoded * simplify error handling in wikiContentsByName() * update swagger * fix & DRY findWikiRepoCommit() error handling ListWikiPages() previously wrote error twice when repo wiki didn't exist * rename Content -> ContentBase64 * Fix test * Fix tests * Update var name * suburl -> sub_url Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: Norwin <git@nroo.de> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix CSV render error (#17406)KN4CK3R2021-10-251-8/+15
| | | | | | | | | | | closed #17378 Both errors from #17378 were caused by #15175. Problem 1 (error with added file): `ToUTF8WithFallbackReader` creates a `MultiReader` from a `byte[2048]` and the remaining reader. `CreateReaderAndGuessDelimiter` tries to read 10000 bytes from this reader but only gets 2048 because that's the first reader in the `MultiReader`. Then the `if size < 1e4` thinks the input is at EOF and just returns that. Problem 2 (error with changed file): The blob reader gets defer closed. That was fine because the old version reads the whole file into memory. Now with the streaming version the close needs to defer after the method.
* Read expected buffer size (#17409)KN4CK3R2021-10-244-14/+15
| | | | | | * Read expected buffer size. * Changed name.
* Fix issue content history problems, improve UI (#17404)wxiaoguang2021-10-231-4/+6
| | | | | * Improve: make diff result better, make the HTML element fit the full height in the content history diff dialog * Bug fix: when edit the main issue, the poster is wrongly set to the issue poster
* Add groups scope/claim to OIDC/OAuth2 Provider (#17367)Nico Schieder2021-10-221-5/+50
| | | | | | | | | | | * Add groups scope/claim to OICD/OAuth2 Add support for groups claim as part of the OIDC/OAuth2 flow. Groups is a list of "org" and "org:team" strings to allow clients to authorize based on the groups a user is part of. Signed-off-by: Nico Schieder <code@nico-schieder.de> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Refactor update checker to use AppState (#17387)wxiaoguang2021-10-211-2/+3
| | | | | | | | We have the `AppState` module now, it can store app related data easily. We do not need to create separate tables for each feature. So the update checker can use `AppState` instead of a one-row dedicate table. And the code of update checker is moved from `models` to `modules`.
* Sync gitea app path for git hooks and authorized keys when starting (#17335)wxiaoguang2021-10-211-38/+60
| | | | | | | | | | | Gitea writes its own AppPath into git hook scripts. If Gitea's AppPath changes, then the git push will fail. This PR: * Introduce an AppState module, it can persist app states into database * During GlobalInit, Gitea will check if the current AppPath is the same as last one. If they don't match, Gitea will sync git hooks. * Refactor some code to make them more clear. * Also, "Detect if gitea binary's name changed" #11341 is related, we call models.RewriteAllPublicKeys to update ssh authorized_keys file