summaryrefslogtreecommitdiffstats
path: root/routers
Commit message (Collapse)AuthorAgeFilesLines
...
* Refactor git command arguments and make all arguments to be safe to be used ↵wxiaoguang2022-10-238-11/+11
| | | | | | | (#21535) Follow #21464 Make all git command arguments strictly safe. Most changes are one-to-one replacing, keep all existing logic.
* Require authentication for OAuth token refresh (#21421)M Hickford2022-10-231-0/+29
| | | | | | | | | | | | | | According to the OAuth spec https://datatracker.ietf.org/doc/html/rfc6749#section-6 when "Refreshing an Access Token" > The authorization server MUST ... require client authentication for confidential clients Fixes #21418 Co-authored-by: Gusted <williamzijl7@hotmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Allow package version sorting (#21453)KN4CK3R2022-10-231-1/+6
|
* Add link to user profile in markdown mention only if user exists (#21533)Yarden Shoham2022-10-232-1/+9
| | | | | | | | | | | Previously mentioning a user would link to its profile, regardless of whether the user existed. This change tests if the user exists and only if it does - a link to its profile is added. * Fixes #3444 Signed-off-by: Yarden Shoham <hrsi88@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Remove deleted repos from searchresult (#21512)Raymond2022-10-221-0/+12
| | | | | | | | | | | This prevents a 500 response, because null pointer exceptions in rendering the template. This happends bc the repoId is not in the repoMap because it is delete fix #19076 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Added check for disabled Packages (#21540)rock2dust2022-10-221-0/+1
| | | | | | | | | | At the moment, If admin disable Packages, still show the Packages on the admin dashboard This patch added a check to hide the Packages entry Signed-off-by: baronbunny <its@baronbunny.cn> Signed-off-by: baronbunny <its@baronbunny.cn>
* Decouple HookTask from Repository (#17940)KN4CK3R2022-10-213-5/+4
| | | | | | | | | | | | | At the moment a repository reference is needed for webhooks. With the upcoming package PR we need to send webhooks without a repository reference. For example a package is uploaded to an organization. In theory this enables the usage of webhooks for future user actions. This PR removes the repository id from `HookTask` and changes how the hooks are processed (see `services/webhook/deliver.go`). In a follow up PR I want to remove the usage of the `UniqueQueue´ and replace it with a normal queue because there is no reason to be unique. Co-authored-by: 6543 <6543@obermui.de>
* move invite by mail to services package (#21513)65432022-10-201-6/+1
| | | | | | followup #20307 close #21511 -> make it easy to also add API equivalent later ...
* Suppress `ExternalLoginUserNotExist` error (#21504)KN4CK3R2022-10-192-2/+8
| | | | | | | | Fixes #21202 Closes #21276 An `ExternalLoginUser` is not mandatory if the current user account was created with/by the external login source.
* Add team member invite by email (#20307)KN4CK3R2022-10-192-23/+147
| | | | | | | | | | | | | | | | | | | | | | | Allows to add (not registered) team members by email. related #5353 Invite by mail: ![grafik](https://user-images.githubusercontent.com/1666336/178154779-adcc547f-c0b7-4a2a-a131-4e41a3d9d3ad.png) Pending invitations: ![grafik](https://user-images.githubusercontent.com/1666336/178154882-9d739bb8-2b04-46c1-a025-c1f4be26af98.png) Email: ![grafik](https://user-images.githubusercontent.com/1666336/178164716-f2f90893-7ba6-4a5e-a3db-42538a660258.png) Join form: ![grafik](https://user-images.githubusercontent.com/1666336/178154840-aaab983a-d922-4414-b01a-9b1a19c5cef7.png) Co-authored-by: Jack Hay <jjphay@gmail.com>
* Fix read system configuration bug when installing (#21489)Lunny Xiao2022-10-181-13/+5
| | | | | Fix https://github.com/go-gitea/gitea/pull/18058#issuecomment-1280944311 Co-authored-by: 6543 <6543@obermui.de>
* Add some api integration tests (#18872)KN4CK3R2022-10-181-1/+1
| | | | | | | | | | depends on #18871 Added some api integration tests to help testing of #18798. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add system setting table with cache and also add cache supports for user ↵Lunny Xiao2022-10-177-187/+257
| | | | setting (#18058)
* Return 404 when user is not found on avatar (#21476)Gusted2022-10-161-0/+4
| | | | - Instead of returning a 500 Internal Server when the user wasn't found, return 404 Not found
* Enforce grouped NuGet search results (#21442)KN4CK3R2022-10-171-13/+6
| | | | | | | | Fixes #21434 Added tests to enforce this behaviour. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Display total commit count in hook message (#21400)KN4CK3R2022-10-172-18/+20
| | | | | | | | | Fixes #21379 The commits are capped by `setting.UI.FeedMaxCommitNum` so `len(commits)` is not the correct number. So this PR adds a new `TotalCommits` field. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* [refactor] Use const for wiki DefaultBranch (#21466)65432022-10-151-4/+4
| | | | just a nit, that will make it easier to change things and we now have a single source of truth
* Add support for Chocolatey/NuGet v2 API (#21393)KN4CK3R2022-10-135-48/+600
| | | | | | | | Fixes #21294 This PR adds support for NuGet v2 API. Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix #21406: Hide repo information from file view/blame mode (#21420)Neel2022-10-131-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | # Summary The repo information such as description, stats and topics are getting displayed in the top-bar when viewing a file. This has been fixed to display the repo information only while navigating the repo and not while viewing or blaming a file from the repo ## Before fix Screenshot from the issue ![image](https://user-images.githubusercontent.com/47709856/195278543-9afbb735-7bd3-4f42-b3ba-da514c6989d2.png) ## After the fix - **Repo homepage** The repo description, topics and summary will be displayed ![image](https://user-images.githubusercontent.com/47709856/195443913-2ca967cd-6694-4a97-98d0-4d0750692b5d.png) - **When opening a file** The repo description, topic and summary has been conditionally hidden from the view <img width="1311" alt="image" src="https://user-images.githubusercontent.com/47709856/195278964-9479231c-62ad-4c0e-b438-2018f22289db.png"> - **When running blame on a file** > This was originally not part of the issue #21406. However the fix seems relevant for the blame view as well. <img width="1312" alt="image" src="https://user-images.githubusercontent.com/47709856/195279619-02010775-aec3-4c8d-a184-d2d838c797e8.png"> - **From within a directory** The repo description, topics and summary will not be displayed ![image](https://user-images.githubusercontent.com/47709856/195444080-ff5b2def-7e0f-47d7-b54a-7e9df5f9edd8.png) Supporting integration tests have also been added.
* Respect user's locale when rendering the date range in the repo activity ↵Yarden Shoham2022-10-131-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | page (#21410) # Description Previously, to make the date range understood by all, we used the format "2006-01-02" for the dates as it's locale-generic. This commit changes the rendering logic. Instead of rendering the date on the server, we send a formatted computer-readable timestamp. The client's javascript then renders it according to the user's locale. This approach is reusable across the codebase, any `<time></time>` tag with the data-format="date" attribute would get rendered according to the user's chosen locale. ## Previous View ![image](https://user-images.githubusercontent.com/20454870/195099143-e1c5df86-282a-42f1-898f-a36bb5fe7c2f.png) ## New View ### English ![image](https://user-images.githubusercontent.com/20454870/195099301-5cda4eab-4012-49d5-97e5-b1f9cada9c06.png) ### French ![image](https://user-images.githubusercontent.com/20454870/195099434-ce23e394-8d65-4c4c-8ac8-8b96bc9044f3.png) ### Portuguese ![image](https://user-images.githubusercontent.com/20454870/195099559-9a7aed28-944a-45ec-bedb-64403e3faede.png) ### Italian ![image](https://user-images.githubusercontent.com/20454870/195099661-17758d55-3fe0-4797-879b-d45de0ee8ba3.png) # References * #21380 * #21387 * #21396 Inspiration: I think either differentiating by class, or probably better by a custom attribute such as `data-format` or similar, is the best course of action. _Originally posted by @delvh in https://github.com/go-gitea/gitea/issues/21396#issuecomment-1274424788_ Resolves #21380 Signed-off-by: Yarden Shoham <hrsi88@gmail.com> Co-authored-by: silverwind <me@silverwind.io>
* Support instance-wide OAuth2 applications (#21335)qwerty2872022-10-123-5/+122
| | | | | | | Support OAuth2 applications created by admins on the admin panel, they aren't owned by anybody. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Lauris BH <lauris@nix.lv>
* Case-insensitive NuGet symbol file GUID (#21409)Hubert Wawrzyńczyk2022-10-122-2/+2
| | | | | | | NuGet symbol file lookup returned 404 on Visual Studio 2019 due to case-sensitive api router. The api router should accept case-insensitive GUID. Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add generic set type (#21408)KN4CK3R2022-10-124-35/+34
| | | | | This PR adds a generic set type to get rid of maps used as sets. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Use Name instead of DisplayName in LFS Lock (#21415)KN4CK3R2022-10-111-1/+1
| | | | | Fixes #21268 Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Use ISO date format instead of hard-coded English date format for date range ↵Yarden Shoham2022-10-111-2/+2
| | | | | | | in repo activity page (#21396) January 2, 2006 -> 2006-01-02 Signed-off-by: Yarden Shoham <hrsi88@gmail.com>
* log real ip of requests from ssh (#21216)Lunny Xiao2022-10-111-0/+4
| | | | | | | | | | | Partially fix #21213. This PR will get client IP address from SSH_CONNECTION env which should be the first field of that. And deliver it to the internal API so Gitea routers could record the real IP from SSH requests. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net>
* Add user/organization code search (#19977)Lauris BH2022-10-116-66/+201
| | | | | | | Fixes #19925 Screenshots: ![attels](https://user-images.githubusercontent.com/165205/173864718-fe789429-55bc-4cad-808c-9f02f335cddf.png)
* Allow creation of OAuth2 applications for orgs (#18084)qwerty2872022-10-094-114/+283
| | | | | | | | | | Adds the settings pages to create OAuth2 apps also to the org settings and allows to create apps for orgs. Refactoring: the oauth2 related templates are shared for instance-wide/org/user, and the backend code uses `OAuth2CommonHandlers` to share code for instance-wide/org/user. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* npm package registry support for `bin` (#21372)eleith2022-10-081-0/+1
| | | | | | | | | | | | | | | | | | | | | Fix #21303 npm package.json supports binary packaging: https://docs.npmjs.com/cli/v8/configuring-npm/package-json#bin the npm registry documents that the binary references will be attached to the abbreviated version object: https://github.com/npm/registry/blob/master/docs/responses/package-metadata.md#abbreviated-version-object unfortunately their api documentation leaves this out: https://github.com/npm/registry/blob/master/docs/responses/package-metadata.md#abbreviated-version-objectdoc which is likely to be the reason this was left out in gitea's initial implementation this response is critical for npm to install the binary in the `.bin` folder so as to be included on the users default bin path, resulting in immediate access to any binaries provided by the package
* Show private data in feeds (#21369)KN4CK3R2022-10-071-1/+3
| | | Show private data in feeds for admins and matching users.
* Refactor parseTreeEntries, speed up tree list (#21368)wxiaoguang2022-10-081-2/+2
| | | | | Close #20315 (fix the panic when parsing invalid input), Speed up #20231 (use ls-tree without size field) Introduce ListEntriesRecursiveFast (ls-tree without size) and ListEntriesRecursiveWithSize (ls-tree with size)
* Add GET and DELETE endpoints for Docker blob uploads (#21367)KN4CK3R2022-10-072-3/+54
| | | | | | | | | | This PR adds support for https://docs.docker.com/registry/spec/api/#get-blob-upload https://docs.docker.com/registry/spec/api/#delete-blob-upload Both are not required by the OCI spec but some clients call these endpoints. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Make external issue tracker regexp configurable via API (#21338)Andrew Imeson2022-10-071-3/+4
| | | | | Fixes #21336 Signed-off-by: Andrew Imeson <andrew@andrewimeson.com>
* Set SemverCompatible to false for Conan packages (#21275)KN4CK3R2022-10-071-2/+1
| | | | | | | | Fixes #21250 Related #20414 Conan packages don't have to follow SemVer. The migration fixes the setting for all existing Conan and Generic (#20414) packages.
* Parse OAuth Authorization header when request omits client secret (#21351)M Hickford2022-10-071-2/+21
| | | | | | | | | | | | | This fixes error "unauthorized_client: invalid client secret" when client includes secret in Authorization header rather than request body. OAuth spec permits both. Sanity validation that client id and client secret in request are consistent with Authorization header. Improve error descriptions. Error codes remain the same. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: zeripath <art27@cantab.net>
* Add `stat` to `ToCommit` function for speed (#21337)Gennady Kovshenin2022-10-063-4/+11
| | | | | | | | | Calls to ToCommit are very slow due to fetching diffs, analyzing files. This patch lets us supply `stat` as false to speed fetching a commit when we don't need the diff. /v1/repo/commits has a default `stat` set as true now. Set to false to experience fetching thousands of commits per second instead of 2-5 per second.
* Tag list should include draft releases with existing tags (#21263)Jason Song2022-10-031-3/+11
| | | | | Before, a tag for a draft release disappeared in the tag list, fix #21262. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Allow specifying SECRET_KEY_URI, similar to INTERNAL_TOKEN_URI (#19663)Clar Fon2022-10-021-0/+5
| | | | | | Only load SECRET_KEY and INTERNAL_TOKEN if they exist. Never write the config file if the keys do not exist, which was only a fallback for Gitea upgraded from < 1.5 Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add pages to view watched repos and subscribed issues/PRs (#17156)qwerty2872022-09-292-2/+213
| | | | | | | | | | | | | | | | | Adds GitHub-like pages to view watched repos and subscribed issues/PRs This is my second try to fix this, but it is better than the first since it doesn't uses a filter option which could be slow when accessing `/issues` or `/pulls` and it shows both pulls and issues (the first try is #17053). Closes #16111 Replaces and closes #17053 ![Screenshot](https://user-images.githubusercontent.com/80460567/134782937-3112f7da-425a-45b6-9511-5c9695aee896.png) Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add API endpoint to get changed files of a PR (#21177)qwerty2872022-09-293-0/+159
| | | | | | | | | | This adds an api endpoint `/files` to PRs that allows to get a list of changed files. built upon #18228, reviews there are included closes https://github.com/go-gitea/gitea/issues/654 Co-authored-by: Anton Bracke <anton@ju60.de> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Improve error descriptions for unauthorized_client (#21292)M Hickford2022-09-281-4/+4
| | | | | | | | | | | | | | | Fixes #21282 As suggested by the [OAuth RFC](https://www.rfc-editor.org/rfc/rfc6749) (quoted below), it's helpful to give more detail in the description > error_description OPTIONAL. Human-readable ASCII [[USASCII](https://www.rfc-editor.org/rfc/rfc6749#ref-USASCII)] text providing **additional information, used to assist the client developer in understanding the error that occurred.** Values for the "error_description" parameter MUST NOT include characters outside the set %x20-21 / %x23-5B / %x5D-7E.
* Do not allow organisation owners add themselves as collaborator (#20043)Wim2022-09-281-0/+13
| | | | | | We're already checking for repo owners, but we also need to check for organisation owners that try to add themselves as collaborator Closes #17966
* Better repo API unit checks (#21130)John Olheiser2022-09-281-8/+23
| | | | | | | | | | | | | | | | | | | | This PR would presumably Fix #20522 Fix #18773 Fix #19069 Fix #21077 Fix #13622 ----- 1. Check whether unit type is currently enabled 2. Check if it _will_ be enabled via opt 3. Allow modification as necessary Signed-off-by: jolheiser <john.olheiser@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: 6543 <6543@obermui.de>
* Make NuGet service index publicly accessible (#21242)KN4CK3R2022-09-241-26/+28
| | | | | | | | | | | | Addition to #20734, Fixes #20717 The `/index.json` endpoint needs to be accessible even if the registry is private. The NuGet client uses this endpoint without authentification. The old fix only works if the NuGet cli is used with `--source <name>` but not with `--source <url>/index.json`. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* NPM Package Registry search API endpoint (#20280)Jack Vine2022-09-243-0/+70
| | | | | | | | | | Close #20098, in the NPM registry API, implemented to match what's described by https://github.com/npm/registry/blob/master/docs/REGISTRY-API.md#get-v1search Currently have only implemented the bare minimum to work with the [Unity Package Manager](https://docs.unity3d.com/Manual/upm-ui.html). Co-authored-by: Jack Vine <jackv@jack-lemur-suse.cat-prometheus.ts.net> Co-authored-by: KN4CK3R <admin@oldschoolhack.me> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Use absolute links in feeds (#21229)KN4CK3R2022-09-211-31/+31
| | | | | | fixes #20864 Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* [API] teamSearch show teams with no members if user is admin (#21204)65432022-09-191-1/+5
| | | close #21176
* Fix CSV diff for added/deleted files (#21189)KN4CK3R2022-09-171-18/+18
| | | | | | | | Fixes #21184 Regression of #19552 Instead of using `GetBlobByPath` I use the already existing instances. We need more information from #19530 if that error is still present.
* Keep path when creating a new branch (#21153)JakobDev2022-09-151-1/+1
| | | | | If you are create a new new branch while viewing file or directory, you get redirected to the root of the repo. With this PR, you keep your current path instead of getting redirected to the repo root.
* Use correct branch for .editorconfig error (#21152)JakobDev2022-09-141-1/+1
| | | | | | | In #21088 I accidentally forgot to support multiple branches. It always checks the default branch, no matter on which branch you are working on. With this fix, it always shows the error from the current branch. Sorry for that.
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-15 17:28:45 +0000