summaryrefslogtreecommitdiffstats
path: root/routers
Commit message (Collapse)AuthorAgeFilesLines
* Implement ghost comment mitigation (#14349)65432021-01-171-0/+6
| | | | | | | | | | | | | * Implement ghost comment mitigation Adds a config option USER_DELETE_WITH_COMMENTS_MAX_DAYS to the [service] section. See https://codeberg.org/Codeberg/Discussion/issues/24 for the underlying issue. * cleanup * use setting module correctly * add to docs Co-authored-by: Moritz Marquardt <git@momar.de>
* Add edit, delete and reaction support to code review comments on issue page ↵Lauris BH2021-01-171-0/+19
| | | | (#14339)
* Add review requested filter on pull request overview (#13701)Jimmy Praet2021-01-173-26/+42
| | | | | | | | | | | | | * Add review requested filter on pull request overview #13682 fix formatting * add review_requested filter to /repos/issues/search API endpoint * only Approve and Reject status should supersede Request status * add support for team reviews * refactor: remove duplication of issue filtering conditions
* escape branch names in compare url (#14364)Jimmy Praet2021-01-171-5/+5
|
* Fix middlewares sequences (#14354)Lunny Xiao2021-01-161-5/+5
| | | Co-authored-by: 6543 <6543@obermui.de>
* KanBan: be able to set default board (#14147)65432021-01-153-19/+68
| | | | Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: zeripath <art27@cantab.net>
* Merge default and system webhooks under one menu (#14244)Lauris BH2021-01-154-49/+61
|
* Use IsProd instead of testing if it's equal. (#14336)Lunny Xiao2021-01-142-7/+6
| | | | Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net>
* Use ServerError provided by Context (#14333)Lunny Xiao2021-01-144-9/+9
| | | ... instead of InternalServerError by macaron
* Fix typo (#14332)Lunny Xiao2021-01-141-1/+1
|
* Use Request.URL.RequestURI() for fcgi (#14312) (#14314)Kyungmin Bae2021-01-131-6/+6
|
* Issues overview should not show issues from archived repos (#13220)Elena Neuschild2021-01-123-152/+319
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add lots of comments to user.Issues() * Answered some questions from comments * fix typo in comment * Refac user.Issues(): add func repoIDs * Refac user.Issues(): add func userRepoIDs * Refac user.Issues(): add func issueIDsFromSearch * Refac user.Issues(): improve error handling * Refac user.Issues(): add inline documentation and move variable declarations closer to their usages * Refac user.Issues(): add func repoIDMap * Refac user.Issues(): cleanup * Refac: Separate Issues from Pulls during routing * fix typo in comment * Adapt Unittests to Refactoring * Issue13171: Issue and PR Overviews now ignore archived Repositories * changed some verbatim SQL conditions to builder.Eq * models/issue.go: use OptionalBool properly Co-authored-by: 6543 <6543@obermui.de> * Use IsArchived rather than ExcludeArchivedRepos * fixed broken test after merge * added nil check * Added Unit Test securing Issue 13171 fix * Improved IsArchived filtering in issue.GetUserIssueStats * Removed unused func * Added grouping to avoid returning duplicate repo IDs Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Gitea <gitea@fake.local> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Display SVG files as images instead of text (#14101)Jonathan Tran2021-01-124-8/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Change to display SVG files as images * Remove unsafe styles from SVG CSP * Add integration test to test SVG headers * Add config setting to disable SVG rendering * Add test for img tag when loading SVG image * Remove the Raw view button for svg files since we don't fully support this * Fix copyright year * Rename and move config setting * Add setting to cheat sheet in docs * Fix so that comment matches cheat sheet * Add allowing styles in CSP based on pull request feedback * Re-enable raw button since we show SVG styles now * Change so that SVG files are editable * Add UI to toggle between source and rendered image for SVGs * Change to show blame button for SVG images * Fix to update ctx data * Add test for DetectContentType when file is longer than sniffLen Co-authored-by: Jonathan Tran <jon@allspice.io> Co-authored-by: Kyle D <kdumontnu@gmail.com>
* [Refactor] Passwort Hash/Set (#14282)65432021-01-104-8/+11
| | | | | | | | | * move SaltGeneration into HashPasswort and rename it to what it does * Migration: Where Password is Valid with Empty String delete it * prohibit empty password hash * let SetPassword("") unset pwd stuff
* Add option to change username to the admin panel (#14229)65432021-01-102-19/+27
| | | | | Co-authored-by: Bwko <bouwko@gmail.com> Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: zeripath <art27@cantab.net>
* Do not reload page after adding comments in Pull Request reviews (#13877)Jimmy Praet2021-01-082-0/+63
| | | | | | | | | | | | | | | | Fixed #8861 * use ajax on PR review page * handle review comments * extract duplicate code FetchCodeCommentsByLine was initially more or less copied from fetchCodeCommentsByReview. Now they both use a common findCodeComments function instead * use the Engine that was passed into the method Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Lauris BH <lauris@nix.lv>
* Fix session bug when introduce chi (#14287)Lunny Xiao2021-01-082-6/+23
| | | * Update go-chi session
* Add secure/httpOnly attributes to the lang cookie (#9690) (#14279)Timo Gurr2021-01-071-7/+9
|
* Some code improvements (#14266)Lunny Xiao2021-01-061-0/+6
|
* Check permission for the appropriate unit type (#14261)Jimmy Praet2021-01-061-2/+2
| | | | | | | | | * Check permission for the appropriate unit type Fixes false positives for "User created Issues in Repository which they no longer have access to" errors * change log level to Debug Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix windows build error (#14263)Lunny Xiao2021-01-061-1/+1
| | | | | | | | | | | * fix build * take flash error message back and fix more windows lint error * performance optimization * own step to check lint for windows Co-authored-by: 6543 <6543@obermui.de>
* Add option for administrator to reset user 2FA (#14243)65432021-01-051-0/+23
| | | | | | | * Frontend * Backend * only show 2FA-Reset option if posible
* Fix recovery middleware to render gitea style page. (#13857)Lunny Xiao2021-01-053-50/+121
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Some changes to fix recovery * Move Recovery to middlewares * Remove trace code * Fix lint * add session middleware and remove dependent on macaron for sso * Fix panic 500 page rendering * Fix bugs * Fix fmt * Fix vendor * recover unnecessary change * Fix lint and addd some comments about the copied codes. * Use util.StatDir instead of com.StatDir Co-authored-by: 6543 <6543@obermui.de>
* Issue and pull request filters on organization dashboard #14052 (#14072)Jimmy Praet2021-01-031-22/+31
|
* Add MirrorInterval to the API (#14163)Paul Barton2021-01-022-0/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Added MirrorInterval to the API * Remove MirrorInterval from CreateRepository * Removed Duplicate UpdateMirror Function * Updated Error Logging * Update Log Message for is not Mirror Co-authored-by: 6543 <6543@obermui.de> * Delete Debug Statement that snuck in Co-authored-by: zeripath <art27@cantab.net> * Add Check for If Interval is too small * Output to API Call * Add Error Object when time is Less than Min Interval * Frequency Error Message Co-authored-by: zeripath <art27@cantab.net> * Allow Zero Mirror Interval Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net>
* Fix dashboard issues labels filter bug (#14210)Lunny Xiao2021-01-011-0/+4
| | | Co-authored-by: zeripath <art27@cantab.net>
* Minimal OpenID Connect implementation (#14139)Johnny Oskarsson2021-01-021-4/+49
| | | | | | | | | | | | | | | | | | | | | | | | | This is "minimal" in the sense that only the Authorization Code Flow from OpenID Connect Core is implemented. No discovery, no configuration endpoint, and no user scope management. OpenID Connect is an extension to the (already implemented) OAuth 2.0 protocol, and essentially an `id_token` JWT is added to the access token endpoint response when using the Authorization Code Flow. I also added support for the "nonce" field since it is required to be used in the id_token if the client decides to include it in its initial request. In order to enable this extension an OAuth 2.0 scope containing "openid" is needed. Other OAuth 2.0 requests should not be impacted by this change. This minimal implementation is enough to enable single sign-on (SSO) for other sites, e.g. by using something like `mod_auth_openidc` to only allow access to a CI server if a user has logged into Gitea. Fixes: #1310 Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: zeripath <art27@cantab.net>
* Check for notExist on profile repository page (#14197)zeripath2020-12-311-0/+3
| | | Fix #14189
* Check for 'main' as potential default branch name (#14193)Chester Liu2020-12-301-2/+2
|
* Custom icons for OAuth sources (#14161)Timo Ley2020-12-281-0/+1
| | | | | | | | | | | | | * Add Icon URL to Backend * Template for Icon URL * Localization & Edit Icon URL * Improve Custom Icon URL * Removed not working else Co-authored-by: 6543 <6543@obermui.de>
* Team dashboards (#14159)Jimmy Praet2020-12-273-33/+47
|
* Dump github/gitlab/gitea repository data to a local directory and restore to ↵Lunny Xiao2020-12-271-5/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | gitea (#12244) * Dump github/gitlab repository data to a local directory * Fix lint * Adjust directory structure * Allow migration special units * Allow migration ignore release assets * Fix lint * Add restore repository * stage the changes * Merge * Fix lint * Update the interface * Add some restore methods * Finish restore * Add comments * Fix restore * Add a token flag * Fix bug * Fix test * Fix test * Fix bug * Fix bug * Fix lint * Fix restore * refactor downloader * fmt * Fix bug isEnd detection on getIssues * Refactor maxPerPage * Remove unused codes * Remove unused codes * Fix bug * Fix restore * Fix dump * Uploader should not depend downloader * use release attachment name but not id * Fix restore bug * Fix lint * Fix restore bug * Add a method of DownloadFunc for base.Release to make uploader not depend on downloader * fix Release yml marshal * Fix trace information * Fix bug when dump & restore * Save relative path on yml file * Fix bug * Use relative path * Update docs * Use git service string but not int * Recognize clone addr to service type
* Disable SSH key deletion of externally managed Keys (#13985)zeripath2020-12-252-2/+29
| | | | | | | | | | | | | | | | * Disable SSH key addition and deletion when externally managed When a user has a login source which has SSH key management key addition and deletion using the UI should be disabled. Fix #13983 Signed-off-by: Andrew Thornton <art27@cantab.net> * Make only externally managed keys disabled Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* migrate from com.* to alternatives (#14103)65432020-12-2513-102/+88
| | | | | | | | | | | | | | | * remove github.com/unknwon/com from models * dont use "com.ToStr()" * replace "com.ToStr" with "fmt.Sprint" where its easy to do * more refactor * fix test * just "proxy" Copy func for now * as per @lunny
* Fix creating OAuth2 auth source from CLI (#14116)Daniil Pankratov2020-12-241-2/+11
| | | | | | | | Fix creation OAuth2 auth source from CLI. Fix #8356 Co-authored-by: Daniil Pankratov <daniil.pankratov@t-systems.com>
* Fix api doc response code (#14123)Norwin2020-12-241-1/+1
| | | | | Fixes #14120
* Ensure that search term and page are not lost on adoption page-turn (#14133)zeripath2020-12-241-1/+10
| | | | | | | Fix #14111 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix spelling avator -> avatar (#14115)Jimmy Praet2020-12-221-1/+1
|
* Inline manifest.json (#14038)silverwind2020-12-222-14/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * Inline manifest.json Improve performance by eliminating this separate request and just inline this small JSON in HTML directly as a data uri. Also update previously static app name scripts to use AppName. I've confirmed this as working via "Add to Homescreen" feature which offered to save the shortcut under the new app name. * prerender manifest data on startup * move to settings * restore setting.AppStartTime and use it on admin page * use double quotes because template.URL escapes everything * fix lint * move variable to global context variable * delete template file Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: zeripath <art27@cantab.net>
* Add user filter to issueTrackedTimes, enable usage for issue managers (#14081)Norwin2020-12-221-11/+37
| | | | | | | | | | | | | * add user filter to issueTrackedTimes fixes #14024 * update swagger * allow user filter for issue writers * improve swagger doc * return 404 on invalid user
* rework heatmap permissions (#14080)Norwin2020-12-223-3/+3
| | | | | | | | | | | | | | | | * now uses the same permission model as for the activity feed: only include activities in repos, that the doer has access to. this might be somewhat slower. * also improves handling of user.KeepActivityPrivate (still shows the heatmap to self & admins) * extend tests * adjust integration test to new behaviour * add access to actions for admins * extend heatmap unit tests
* Use the text of pull-request as the squash commit's message (#13071)Mura Li2020-12-211-1/+1
| | | | | | | | | | | Originally, it was filled by the commit messages of the involved commits. In this change, we use the headline comment of the pull request as the commit message when it is a squash merge. Thanks to @zeripath for suggesting the idea. Fixes #12365 Co-authored-by: Mura Li <typeless@users.noreply.github.com>
* Add mentionable teams to tributeValues and change team mention rules to gh's ↵a10121127962020-12-212-0/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | style (#13198) * Add mentionable teams to tributeValues Signed-off-by: a1012112796 <1012112796@qq.com> * Apply suggestions from code review Co-authored-by: silverwind <me@silverwind.io> * Change team mention rules to gh's style * use org's avator as team avator in ui Signed-off-by: a1012112796 <1012112796@qq.com> * Update modules/markup/html.go * Update models/issue.go Co-authored-by: Lauris BH <lauris@nix.lv> * Update models/issue.go * fix a small nit and update test code Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: 6543 <6543@obermui.de>
* Added option to disable migrations (#13114)Paweł Bogusławski2020-12-214-2/+26
| | | | | | | | | | | | | | | | | | | | | | * Added option to disable migrations This patch introduces DISABLE_MIGRATIONS parameter in [repository] section of app.ini (by default set to false). If set to true it blocks access to repository migration feature. This mod hides also local repo import option in user editor if local repo importing or migrations is disabled. * Alter Example config DISABLE_MIGRATIONS set to false in example config to match its default value. * HTTP error 403 instead of 500 on denied access to migration * Parameter DISABLE_MIGRATIONS exposed via API Fixes: 04b04cf854bcb3ed7659442bcf79822bdebe29e9 Author-Change-Id: IB#1105130
* Show dropdown with all statuses for commit (#13977)Cirno the Strongest2020-12-205-2/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * Show dropdown with all statuses for commit * Use popups * Remove unnecessary change * Style popup * Use divided list * As per @silverwind * Refactor GetLastCommitStatus * Missing dropdown on repo home and commit page * Fix tests * Make status icon be a part of a link on PR list * Fix missing translation call * Indent fix Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Manually approve new registration (#13083)Jiri Vlasak2020-12-191-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | * Add register manual confirm settings option The new settings option is used when manually approving new registrations. * Enable manual confirmation of new registered user When manual registration confirmation is desired (by default `false`) create new user in the database that is *not active*. The user must then be activated manually. This change speeds up the process of adding new confirmed users for Gitea instances without external auth mechanism. (Currently the option is to manually create new user by admin.) * Update docs/content/doc/advanced/config-cheat-sheet.zh-cn.md Co-authored-by: a1012112796 <1012112796@qq.com> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: a1012112796 <1012112796@qq.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Show status check for merged PRs (#13975)Cirno the Strongest2020-12-181-0/+14
| | | | | | | | | | | * Show status check for merged PRs * Handle PRs with no commits * Styling Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: 6543 <6543@obermui.de>
* [Refactor] CombinedStatus and CommitStatus related functions & structs (#14026)65432020-12-186-50/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * RM unused struct * rename (*CommitStatus) loadRepo() -> loadAttributes() * move ToCommitStatus into its own file * use CommitStatusState instead of StatusState * move CombinedStatus convertion into convert package * let models.GetLatestCommitStatus use repoID direct and accept ListOptions * update swagger docs * fix tests * Fix swagger docs * rm page * fix swagger docs!!! * return json null * always return json * rename api.Status to api.CommitStatus * fix swagger docs * sec swagger fix
* Use native git variants by default with go-git variants as build tag (#13673)zeripath2020-12-173-144/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Move last commit cache back into modules/git Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove go-git from the interface for last commit cache Signed-off-by: Andrew Thornton <art27@cantab.net> * move cacheref to last_commit_cache Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove go-git from routers/private/hook Signed-off-by: Andrew Thornton <art27@cantab.net> * Move FindLFSFiles to pipeline Signed-off-by: Andrew Thornton <art27@cantab.net> * Make no-go-git variants Signed-off-by: Andrew Thornton <art27@cantab.net> * Submodule RefID Signed-off-by: Andrew Thornton <art27@cantab.net> * fix issue with GetCommitsInfo Signed-off-by: Andrew Thornton <art27@cantab.net> * fix GetLastCommitForPaths Signed-off-by: Andrew Thornton <art27@cantab.net> * Improve efficiency Signed-off-by: Andrew Thornton <art27@cantab.net> * More efficiency Signed-off-by: Andrew Thornton <art27@cantab.net> * even faster Signed-off-by: Andrew Thornton <art27@cantab.net> * Reduce duplication * As per @lunny Signed-off-by: Andrew Thornton <art27@cantab.net> * attempt to fix drone Signed-off-by: Andrew Thornton <art27@cantab.net> * fix test-tags Signed-off-by: Andrew Thornton <art27@cantab.net> * default to use no-go-git variants and add gogit build tag Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net> * as per @6543 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* HotFix: Hide private partisipation in Orgs (#13994)65432020-12-172-11/+39
| | | | | * HotFix: Hide private partisipation in Orgs * refactor & add node to fuc GetOrganizations
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-19 07:40:00 +0000