summaryrefslogtreecommitdiffstats
path: root/routers
Commit message (Collapse)AuthorAgeFilesLines
* Add Visible modes function from Organisation to Users too (#16069)Sergey Dryabzhinsky2021-06-2611-16/+131
| | | | | | | | | | | | | | | | | | You can limit or hide organisations. This pull make it also posible for users - new strings to translte - add checkbox to user profile form - add checkbox to admin user.edit form - filter explore page user search - filter api admin and public user searches - allow admins view "hidden" users - add app option DEFAULT_USER_VISIBILITY - rewrite many files to use Visibility field - check for teams intersection - fix context output - right fake 404 if not visible Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Andrew Thornton <art27@cantab.net>
* Let package git depend on setting but not opposite (#15241)Lunny Xiao2021-06-265-10/+14
| | | | | * Let package git depend on setting but not opposite * private some package variables
* Add better errors for disabled account recovery (#15117)John Olheiser2021-06-251-0/+1
| | | | | | Signed-off-by: jolheiser <john.olheiser@gmail.com> Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
* Use gitea logging module for git module (#16243)65432021-06-251-11/+1
| | | | | | remove log() func from gogs times and switch to proper logging Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Andrew Thornton <art27@cantab.net>
* Add tag protection (#15629)KN4CK3R2021-06-255-160/+401
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Added tag protection in hook. * Prevent UI tag creation if protected. * Added settings page. * Added tests. * Added suggestions. * Moved tests. * Use individual errors. * Removed unneeded methods. * Switched delete selector. * Changed method names. * No reason to be unique. * Allow editing of protected tags. * Removed unique key from migration. * Added docs page. * Changed date. * Respond with 404 to not found tags. * Replaced glob with regex pattern. * Added support for glob and regex pattern. * Updated documentation. * Changed white* to allow*. * Fixed edit button link. * Added cancel button. Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* API: Allow COMMENT reviews to not specify a body (#16229)sebastian-sauer2021-06-251-6/+16
| | | | | | | | | | | | | * Allow COMMENT reviews to not specify a body when using web ui there is no need to specify a body. so we don't need to specify a body if adding a COMMENT-review via our api. * Ensure comments or Body is provided and add some integration tests for reviewtype COMMENT. Signed-off-by: Sebastian Sauer <sauer.sebastian@gmail.com>
* Fix diff expansion is missing final line in a file (#16222)KN4CK3R2021-06-241-1/+5
| | | | | | * Fixed down offset. * Fixed wrong line count result.
* Rework repository archive (#14723)Lunny Xiao2021-06-235-36/+114
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Use storage to store archive files * Fix backend lint * Add archiver table on database * Finish archive download * Fix test * Add database migrations * Add status for archiver * Fix lint * Add queue * Add doctor to check and delete old archives * Improve archive queue * Fix tests * improve archive storage * Delete repo archives * Add missing fixture * fix fixture * Fix fixture * Fix test * Fix archiver cleaning * Fix bug * Add docs for repository archive storage * remove repo-archive configuration * Fix test * Fix test * Fix lint Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* [API] Add repoGetTag (#16166)65432021-06-232-34/+74
| | | | | | | | | | | * GetTag -> GetAnnotatedTag * API: Add repoGetTag * fix swagger docs * support "/" as tag name char Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* [API] GET / SET User Settings (#16169)65432021-06-234-0/+97
| | | | | | | | | | | | | | | | | | | | * API: GET/SET User Settings * linter * Apply suggestions from code review * Update modules/structs/user.go * lint * fix swagger * move User2UserSettings to convert * as per @zeripath "preferences" -> "settings" Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Small refactoring of modules/private (#15947)KN4CK3R2021-06-238-201/+181
| | | | | | | | | | | | | | | | | * Use correct variable name. * doer is never nil here. * Use status code constants. * Replaced generic map with concrete struct. * Fixed windows lint. * Removed unused method. * Changed error codes. Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* reqOrgMembership calls need to be preceded by reqToken (#16198)zeripath2021-06-211-3/+3
| | | | | | | | ReqOrgMembership calls need to be preceded by reqToken Fix #16192 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
* More efficiently parse shas for shaPostProcessor (#16101)zeripath2021-06-217-0/+16
| | | | | | | | | | | | | | | | * More efficiently parse shas for shaPostProcessor The shaPostProcessor currently repeatedly calls git rev-parse --verify on both backends which is fine if there is only one thing that matches a sha - however if there are multiple things then this becomes wildly inefficient. This PR provides functions for both backends which are much faster to use. Fix #16092 * Add ShaExistCache to RenderContext Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
* Fix some API bugs (#16184)65432021-06-182-2/+8
| | | | | * Repository object only count releases as releases (fix #16144) * EditOrg respect RepoAdminChangeTeamAccess option (fix #16013)
* Add asymmetric JWT signing (#16010)KN4CK3R2021-06-173-11/+51
| | | | | | | | | | | * Added asymmetric token signing. * Load signing key from settings. * Added optional kid parameter. * Updated documentation. * Add "kid" to token header.
* [API] Add repoCreateTag (#16165)65432021-06-173-0/+65
| | | | | | | * Add API CreateTag * Add Test * API: expose Tag Message
* [API] expose repo.GetReviewers() & repo.GetAssignees() (#16168)65432021-06-175-9/+65
| | | | | | | * API: expose repo.GetReviewers() & repo.GetAssignees() * Add tests * fix unrelated swagger query type
* [API] ListReleases add filter for draft and pre-releases (#16175)65432021-06-171-3/+26
| | | | | | | | | | | * invent ctx.QueryOptionalBool * [API] ListReleases add draft and pre-release filter * Add X-Total-Count header * Add a release to fixtures * Add TEST for API ListReleases
* [API] Issue Search Add filter for MilestoneNames (#16173)65432021-06-171-1/+12
|
* Ensure settings for Service and Mailer are read on the install page (#15943)zeripath2021-06-161-0/+1
| | | | | | | | | | | | | | * Ensure settings for Service and Mailer are read on the install page NewContext does not set the mailer or service settings so add a new function that will run this. Fix #15894 Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net>
* [API] ListIssues add more filters (#16174)65432021-06-161-8/+75
| | | | | | | | | | | | | | | | | | | | * [API] ListIssues add more filters: optional filter repo issues by: - since - before - created_by - assigned_by - mentioned_by * Add Tests * Update routers/api/v1/repo/issue.go Co-authored-by: Lanre Adelowo <adelowomailbox@gmail.com> * Apply suggestions from code review Co-authored-by: Lanre Adelowo <adelowomailbox@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add Status Updates whilst Gitea migrations are occurring (#15076)zeripath2021-06-162-2/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Add migrating message Signed-off-by: Andrew Thornton <art27@cantab.net> * simplify messenger Signed-off-by: Andrew Thornton <art27@cantab.net> * make messenger an interface Signed-off-by: Andrew Thornton <art27@cantab.net> * rename Signed-off-by: Andrew Thornton <art27@cantab.net> * prepare for merge Signed-off-by: Andrew Thornton <art27@cantab.net> * as per tech Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
* Add subject-type filter to list notification API endpoints (#16177)65432021-06-163-41/+67
| | | Close #15886
* Add attachments for PR reviews (#16075)KN4CK3R2021-06-143-3/+13
| | | | | | | | | | | | | * First step for multiple dropzones per page. * Allow attachments on review comments. * Lint. * Fixed accidental initialize of the review textarea. * Initialize SimpleMDE textarea. Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add push to remote mirror repository (#15157)KN4CK3R2021-06-143-6/+114
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Added push mirror model. * Integrated push mirror into queue. * Moved methods into own file. * Added basic implementation. * Mirror wiki too. * Removed duplicated method. * Get url for different remotes. * Added migration. * Unified remote url access. * Add/Remove push mirror remotes. * Prevent hangs with missing credentials. * Moved code between files. * Changed sanitizer interface. * Added push mirror backend methods. * Only update the mirror remote. * Limit refs on push. * Added UI part. * Added missing table. * Delete mirror if repository gets removed. * Changed signature. Handle object errors. * Added upload method. * Added "upload" unit tests. * Added transfer adapter unit tests. * Send correct headers. * Added pushing of LFS objects. * Added more logging. * Simpler body handling. * Process files in batches to reduce HTTP calls. * Added created timestamp. * Fixed invalid column name. * Changed name to prevent xorm auto setting. * Remove table header im empty. * Strip exit code from error message. * Added docs page about mirroring. * Fixed date. * Fixed merge errors. * Moved test to integrations. * Added push mirror test. * Added test.
* Improve performance of dashboard list orgs (#16099)Lunny Xiao2021-06-141-3/+4
| | | | | | | | | | | | | * Improve performance of dashboard list orgs * Fix wrong error description * unexport queryUserOrgIDs method * SimpleOrg -> MinimalOrg * . Co-authored-by: 6543 <6543@obermui.de>
* Add OpenID claims "profile" and "email". (#16141)KN4CK3R2021-06-141-0/+29
| | | | | | | | | | | | * Added OpenID claims "profile" and "email". * Splitted error. * Added scopes_supported and claims_supported. * Added more metadata. Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lauris BH <lauris@nix.lv>
* Add sso.Group, context.Auth, context.APIAuth to allow auth special routes ↵Lunny Xiao2021-06-095-6/+14
| | | | | | | | | | | (#16086) * Add sso.Group, context.Auth, context.APIAuth to allow auth special routes * Remove unnecessary check * Rename sso -> auth * remove unused method of Auth interface
* Fix http path bug (#16117)Lunny Xiao2021-06-092-0/+62
| | | | | | | | | * Fix http path bug * Add missed request * add tests Co-authored-by: 6543 <6543@obermui.de>
* Refactor routers directory (#15800)Lunny Xiao2021-06-09101-782/+926
| | | | | | | | | | | * refactor routers directory * move func used for web and api to common * make corsHandler a function to prohibit side efects * rm unused func Co-authored-by: 6543 <6543@obermui.de>
* Merge all deleteBranch as one function and also fix bug when delete branch ↵Lunny Xiao2021-06-073-146/+39
| | | | | | | | | | | | | don't close related PRs (#16067) * Fix bug when delete branch don't close related PRs * Merge all deletebranch as one method * Add missed branch.go * fix comment Co-authored-by: Lauris BH <lauris@nix.lv>
* Fixed assert statements. (#16089)KN4CK3R2021-06-072-3/+3
|
* Make commit info cancelable (#16032)zeripath2021-06-062-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Make modules/context.Context a context.Context Signed-off-by: Andrew Thornton <art27@cantab.net> * Simplify context calls Signed-off-by: Andrew Thornton <art27@cantab.net> * Set the base context for requests to the HammerContext Signed-off-by: Andrew Thornton <art27@cantab.net> * pass context into get-last-commit Signed-off-by: Andrew Thornton <art27@cantab.net> * Make commit_info cancellable Signed-off-by: Andrew Thornton <art27@cantab.net> * use context as context Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
* Rewrite of the LFS server (#15523)KN4CK3R2021-06-061-7/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Restructured code. Moved static checks out of loop. * Restructured batch api. Add support for individual errors. * Let router decide if LFS is enabled. * Renamed methods. * Return correct status from verify handler. * Unified media type check in router. * Changed error code according to spec. * Moved checks into router. * Removed invalid v1 api methods. * Unified methods. * Display better error messages. * Added size parameter. Create meta object on upload. * Use object error on invalid size. * Skip upload if object exists. * Moved methods. * Suppress fields in response. * Changed error on accept. * Added tests. * Use ErrorResponse object. * Test against message property. * Add support for the old invalid lfs client. * Fixed the check because MinIO wraps the error. * Use individual repositories. Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lauris BH <lauris@nix.lv>
* Add Image Diff for SVG files (#14867)KN4CK3R2021-06-057-57/+78
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * Added type sniffer. * Switched content detection from base to typesniffer. * Added GuessContentType to Blob. * Moved image info logic to client. Added support for SVG images in diff. * Restore old blocked svg behaviour. * Added missing image formats. * Execute image diff only when container is visible. * add margin to spinner * improve BIN tag on image diffs * Default to render view. * Show image diff on incomplete diff. Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Lauris BH <lauris@nix.lv>
* Fix case change in ownernames (#16045)zeripath2021-06-022-1/+16
| | | | | | | If you change the case of a username the change needs to be propagated to their repositories. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix language switch for install page (#16043)a10121127962021-06-012-1/+10
| | | Signed-off-by: a1012112796 <1012112796@qq.com>
* Add missing SameSite settings for the i_like_gitea cookie (#16037)zeripath2021-05-313-0/+3
| | | | | | | | | | The i_like_gitea cookie appears to be missing the SameSite settings. I think they were present at some point but may have been removed in a merge. This PR ensures that they are set. Fix #15972 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Hide mirror passwords on repo settings page (#16022)zeripath2021-05-311-0/+6
| | | | | | | This PR simply hides mirror passwords from being displayed on the repo settings page. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Make modules/context.Context a context.Context (#16031)zeripath2021-05-3111-20/+20
| | | | | | | | | | | | | | | * Make modules/context.Context a context.Context Signed-off-by: Andrew Thornton <art27@cantab.net> * Simplify context calls Signed-off-by: Andrew Thornton <art27@cantab.net> * Set the base context for requests to the HammerContext Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Close the dataRC reader sooner (#16023)zeripath2021-05-301-0/+5
| | | | | Fix #15932 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Improve assets handler middleware (#15961)Lunny Xiao2021-05-302-42/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Use route to serve assets but not middleware * Fix build error with bindata tag * convert path to absolute * fix build * reduce function stack * Add tests for assets * Remove test for assets because they are not generated * Use a http function to serve assets * Still use middleware to serve assets then less middleware stack for assets * Move serveContent to original position * remove unnecessary blank line change * Fix bug for /assets* requests * clean code Co-authored-by: zeripath <art27@cantab.net>
* Add links to toggle WIP status (#14677)Jimmy Praet2021-05-271-0/+2
| | | | | | | | | | * Add links to toggle PR WIP status * Allow PR author to toggle WIP status * refactors and restyling, remove links from translations Co-authored-by: Norwin <noerw@users.noreply.github.com> Co-authored-by: silverwind <me@silverwind.io>
* add a new internal hook to save ssh log (#15787)a10121127962021-05-212-0/+35
| | | | | | | | | | | | | | | | | | | | | | | | | * add a new internal hook to save ssh log as title, when a ssh error ocure like #15785. only when switch ``RUN_MODE`` to dev can we found which error is ocure. But this way is not a good idea for production envirment. this changes try save ssh error mesage to the log file like other log by a new internal hook. I think it's usefull for find error message in production envirment. Thanks. Signed-off-by: a1012112796 <1012112796@qq.com> * rename and fix nit * Update modules/private/hook.go Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* api: fix overly strict edit pr permissions (#15900)Norwin2021-05-191-1/+1
| | | | Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net>
* Restore token authentication for git http when 2FA active (#15915)zeripath2021-05-181-1/+1
| | | | | | | | | | There was a small regression in #15303 whereby token auth with 2FA active would be disallowed. This PR fixes this. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
* Prevent double-login for Git HTTP and LFS and simplify login (#15303)zeripath2021-05-153-107/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Prevent double-login for Git HTTP and LFS and simplify login There are a number of inconsistencies with our current methods for logging in for git and lfs. The first is that there is a double login process. This is particularly evident in 1.13 where there are no less than 4 hash checks for basic authentication due to the previous IsPasswordSet behaviour. This duplicated code had individual inconsistencies that were not helpful and caused confusion. This PR does the following: * Remove the specific login code from the git and lfs handlers except for the lfs special bearer token * Simplify the meaning of DisableBasicAuthentication to allow Token and Oauth2 sign-in. * The removal of the specific code from git and lfs means that these both now have the same login semantics and can - if not DisableBasicAuthentication - login from external services. Further it allows Oauth2 token authentication as per our standard mechanisms. * The change in the recovery handler prevents the service from re-attempting to login - primarily because this could easily cause a further panic and it is wasteful. * add test Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Andrew Thornton <art27@cantab.net>
* Close the gitrepo when deleting the repository (#15876)zeripath2021-05-143-0/+13
| | | | Signed-off-by: Andrew Thornton <art27@cantab.net>
* Restore PAM user autocreation functionality (#15825)zeripath2021-05-131-0/+2
| | | | | | | | | | | | | | | | | * Restore PAM user autocreation functionality PAM autoregistration of users currently fails due to email invalidity. This PR adds a new setting to PAM to allow an email domain to be set or just sets the email to the noreply address and if that fails falls back to uuid@localhost Fix #15702 Signed-off-by: Andrew Thornton <art27@cantab.net> * As per KN4CKER Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add mimetype mapping settings (#15133)Adam Szatyin2021-05-101-0/+8
| | | | | | | | | | | | | * Fix APK's Content-Type header * Fix case sensitive comparison * Add custom mime type mapping for downloadable files * Add documentation for MIME type mapping * Rename download.mimetype.mapping configuration to repository.mimetype_mapping Co-authored-by: zeripath <art27@cantab.net>