aboutsummaryrefslogtreecommitdiffstats
path: root/services
Commit message (Collapse)AuthorAgeFilesLines
* Remove aws go sdk package dependency (#33029) (#33047)Giteabot2024-12-301-5/+5
| | | | | Backport #33029 by lunny Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix Agit pull request permission check (#32999) (#33005)Giteabot2024-12-281-1/+2
| | | | | | | | | | | | Backport #32999 by @a1012112796 user with read permission should also can create agit flow pull request. looks this logic was broken in https://github.com/go-gitea/gitea/pull/31033 this pull request try fix it and add test code. Signed-off-by: a1012112796 <1012112796@qq.com> Co-authored-by: a1012112796 <1012112796@qq.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Support for email addresses containing uppercase characters when activating ↵Giteabot2024-12-271-3/+6
| | | | | | | | | | user account (#32998) (#33001) Backport #32998 by Zettat123 Fix #32807 Co-authored-by: Zettat123 <zettat123@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* demilestone should not include milestone (#32923) (#32979)Giteabot2024-12-252-0/+12
| | | | | | | Backport #32923 by @lunny Fix #32887 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Use env GITEA_RUNNER_REGISTRATION_TOKEN as global runner token (#32946) (#32964)Giteabot2024-12-242-3/+128
| | | | | | | | | | Backport #32946 by wxiaoguang Fix #23703 When Gitea starts, it reads GITEA_RUNNER_REGISTRATION_TOKEN or GITEA_RUNNER_REGISTRATION_TOKEN_FILE to add registration token. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix repo avatar conflict (#32958) (#32960)Giteabot2024-12-233-3/+12
| | | | | | | Backport #32958 by wxiaoguang Continue even if the avatar deleting fails Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add more load functions to make sure the reference object loaded (#32901) ↵Giteabot2024-12-192-0/+9
| | | | | | | | | (#32912) Backport #32901 by @lunny Fix #32897 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix Arch package metadata introduced incorrect field (#32881) (#32882)Giteabot2024-12-181-1/+2
| | | | | | | | Backport #32881 by ExplodingDragon Incorrect content was introduced while generating the index, which has now been removed, and the missing fields have been added. Co-authored-by: Exploding Dragon <explodingfkl@gmail.com>
* Backport 1.23 (#32868)wxiaoguang2024-12-171-0/+6
| | | Co-authored-by: delvh <dev.lh@web.de>
* Refactor some LDAP code (#32849)wxiaoguang2024-12-155-34/+42
|
* Enable tenv and testifylint rules (#32852)TheFox0x72024-12-1516-46/+44
| | | | Enables tenv and testifylint linters closes: https://github.com/go-gitea/gitea/issues/32842
* Add missing two sync feed for refs/pull (#32815)Lunny Xiao2024-12-131-0/+12
| | | Fowllow #32659
* Detect whether action view branch was deleted (#32764)Lunny Xiao2024-12-121-1/+1
| | | | | Fix #32761 ![图片](https://github.com/user-attachments/assets/a5a7eef8-0fea-4242-b199-1b0b73d9bbdb)
* Make API "compare" accept commit IDs (#32801)wxiaoguang2024-12-121-23/+7
|
* Add label/author/assignee filters to the user/org home issue list (#32779)wxiaoguang2024-12-111-0/+13
| | | | | | | | | | Replace #26661, fix #25979 Not perfect, but usable and much better than before. Since it is quite complex, I am not quite sure whether there would be any regression, if any, I will fix in first time. I have tested the related pages many times: issue list, milestone issue list, project view, user issue list, org issue list.
* Use batch database operations instead of one by one to optimze api pulls ↵Lunny Xiao2024-12-111-0/+251
| | | | | | | | | | | | | | | | | | | | (#32680) Resolve #31492 The response time for the Pull Requests API has improved significantly, dropping from over `2000ms` to about `350ms` on my local machine. It's about `6` times faster. A key area for further optimization lies in batch-fetching data for `apiPullRequest.ChangedFiles, apiPullRequest.Additions, and apiPullRequest.Deletions`. Tests `TestAPIViewPulls` does exist and new tests added. - This PR also fixes some bugs in `GetDiff` functions. - This PR also fixes data inconsistent in test data. For a pull request, the head branch's reference should be equal to the reference in `pull/xxx/head`.
* Support "merge upstream branch" (Sync fork) (#32741)wxiaoguang2024-12-062-1/+118
| | | | | | | | | Add basic "sync fork" support (GitHub-like) <details> ![image](https://github.com/user-attachments/assets/e71473f4-4518-48c7-b9e2-fedfcd564fc3) </details>
* GitHub like repo home page (#32213)yp053272024-12-061-8/+1
| | | | | | | Move some components (description, license, release, language stats) to sidebar --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Issue time estimate, meaningful time tracking (#23113)Illya Marchenko2024-12-053-0/+13
| | | | | | | | | | | | | Redesign the time tracker side bar, and add "time estimate" support (in "1d 2m" format) Closes #23112 --------- Co-authored-by: stuzer05 <stuzer05@gmail.com> Co-authored-by: Yarden Shoham <hrsi88@gmail.com> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add Arch package registry (#32692)KN4CK3R2024-12-045-5/+420
| | | | | | | | | | | | | | | | | | | | | | | Close #25037 Close #31037 This PR adds a Arch package registry usable with pacman. ![grafik](https://github.com/user-attachments/assets/81cdb0c2-02f9-4733-bee2-e48af6b45224) Rewrite of #25396 and #31037. You can follow [this tutorial](https://wiki.archlinux.org/title/Creating_packages) to build a package for testing. Docs PR: https://gitea.com/gitea/docs/pulls/111 Co-authored-by: [d1nch8g@ion.lc](mailto:d1nch8g@ion.lc) Co-authored-by: @ExplodingDragon --------- Co-authored-by: dancheg97 <dancheg97@fmnx.su> Co-authored-by: dragon <ExplodingFKL@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Use new mail package instead of an unmintained one (#32682)Lunny Xiao2024-12-058-60/+101
| | | Resolve #18664
* Fix delete branch perm checking (#32654)Lunny Xiao2024-12-041-6/+23
|
* Split mail sender sub package from mailer service package (#32618)Lunny Xiao2024-11-3013-398/+491
| | | | | | | | Move all mail sender related codes into a sub package of services/mailer. Just move, no code change. Then we just have dependencies on go-mail package in the new sub package. We can use other package to replace it because it's unmaintainable. ref #18664
* Move GetFeeds to service layer (#32526)Lunny Xiao2024-11-294-0/+180
| | | Move GetFeeds from models to service layer, no code change.
* Don't create action when syncing mirror pull refs (#32659)Lunny Xiao2024-11-281-0/+6
| | | Fix #27961
* Validate OAuth Redirect URIs (#32643)Rowan Bohde2024-11-281-1/+1
| | | | | | | This fixes a TODO in the code to validate the RedirectURIs when adding or editing an OAuth application in user settings. This also includes a refactor of the user settings tests to only create the DB once per top-level test to avoid reloading fixtures.
* Move team related functions to service layer (#32537)Lunny Xiao2024-11-2716-271/+1158
| | | | | There are still some functions under `models` after last big refactor about `models`. This change will move all team related functions to service layer with no code change.
* Add priority to protected branch (#32286)65432024-11-272-0/+5
| | | | | | | | | | | | | | | | | | | ## Solves Currently for rules to re-order them you have to alter the creation date. so you basicly have to delete and recreate them in the right order. This is more than just inconvinient ... ## Solution Add a new col for prioritization ## Demo WebUI Video https://github.com/user-attachments/assets/92182a31-9705-4ac5-b6e3-9bb74108cbd1 --- *Sponsored by Kithara Software GmbH*
* Introduce OrgList and add LoadTeams, optimaze Load teams for orgs (#32543)Lunny Xiao2024-11-261-5/+6
|
* Improve oauth2 scope token handling (#32633)wxiaoguang2024-11-262-9/+18
|
* Add github compatible tarball download API endpoints (#32572)Lunny Xiao2024-11-252-26/+33
| | | | Fix #29654 Fix #32481
* Refactor markup render system (#32612)wxiaoguang2024-11-244-15/+9
| | | | | | | | | | This PR removes (almost) all path tricks, and introduces "renderhelper" package. Now we can clearly see the rendering behaviors for comment/file/wiki, more details are in "renderhelper" tests. Fix #31411 , fix #18592, fix #25632 and maybe more problems. (ps: fix #32608 by the way)
* Fix get reviewers' bug (#32415)Lunny Xiao2024-11-225-56/+165
| | | | | | | | | | This PR rewrites `GetReviewer` function and move it to service layer. Reviewers should not be watchers, so that this PR removed all watchers from reviewers. When the repository is under an organization, the pull request unit read permission will be checked to resolve the bug of #32394 Fix #32394
* Refactor markup render system (#32589)wxiaoguang2024-11-223-20/+11
| | | | This PR mainly moves some code and introduces `RenderContext.WithXxx` functions
* Enhancing Gitea OAuth2 Provider with Granular Scopes for Resource Access ↵Marcell Mars2024-11-224-16/+87
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#32573) Resolve #31609 This PR was initiated following my personal research to find the lightest possible Single Sign-On solution for self-hosted setups. The existing solutions often seemed too enterprise-oriented, involving many moving parts and services, demanding significant resources while promising planetary-scale capabilities. Others were adequate in supporting basic OAuth2 flows but lacked proper user management features, such as a change password UI. Gitea hits the sweet spot for me, provided it supports more granular access permissions for resources under users who accept the OAuth2 application. This PR aims to introduce granularity in handling user resources as nonintrusively and simply as possible. It allows third parties to inform users about their intent to not ask for the full access and instead request a specific, reduced scope. If the provided scopes are **only** the typical ones for OIDC/OAuth2—`openid`, `profile`, `email`, and `groups`—everything remains unchanged (currently full access to user's resources). Additionally, this PR supports processing scopes already introduced with [personal tokens](https://docs.gitea.com/development/oauth2-provider#scopes) (e.g. `read:user`, `write:issue`, `read:group`, `write:repository`...) Personal tokens define scopes around specific resources: user info, repositories, issues, packages, organizations, notifications, miscellaneous, admin, and activitypub, with access delineated by read and/or write permissions. The initial case I wanted to address was to have Gitea act as an OAuth2 Identity Provider. To achieve that, with this PR, I would only add `openid public-only` to provide access token to the third party to authenticate the Gitea's user but no further access to the API and users resources. Another example: if a third party wanted to interact solely with Issues, it would need to add `read:user` (for authorization) and `read:issue`/`write:issue` to manage Issues. My approach is based on my understanding of how scopes can be utilized, supported by examples like [Sample Use Cases: Scopes and Claims](https://auth0.com/docs/get-started/apis/scopes/sample-use-cases-scopes-and-claims) on auth0.com. I renamed `CheckOAuthAccessToken` to `GetOAuthAccessTokenScopeAndUserID` so now it returns AccessTokenScope and user's ID. In the case of additional scopes in `userIDFromToken` the default `all` would be reduced to whatever was asked via those scopes. The main difference is the opportunity to reduce the permissions from `all`, as is currently the case, to what is provided by the additional scopes described above. Screenshots: ![Screenshot_20241121_121405](https://github.com/user-attachments/assets/29deaed7-4333-4b02-8898-b822e6f2463e) ![Screenshot_20241121_120211](https://github.com/user-attachments/assets/7a4a4ef7-409c-4116-9d5f-2fe00eb37167) ![Screenshot_20241121_120119](https://github.com/user-attachments/assets/aa52c1a2-212d-4e64-bcdf-7122cee49eb6) ![Screenshot_20241121_120018](https://github.com/user-attachments/assets/9eac318c-e381-4ea9-9e2c-3a3f60319e47) --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* disable gravatar in test (#32529)Rowan Bohde2024-11-211-1/+2
| | | | | When running e2e tests on flaky networks, gravatar can cause a timeout and test failures. Turn off, and populate avatars on e2e test suite run to make them reliable.
* allow the actions user to login via the jwt token (#32527)Rowan Bohde2024-11-203-3/+86
| | | | | | | | | | | | | | | | We have some actions that leverage the Gitea API that began receiving 401 errors, with a message that the user was not found. These actions use the `ACTIONS_RUNTIME_TOKEN` env var in the actions job to authenticate with the Gitea API. The format of this env var in actions jobs changed with go-gitea/gitea/pull/28885 to be a JWT (with a corresponding update to `act_runner`) Since it was a JWT, the OAuth parsing logic attempted to parse it as an OAuth token, and would return user not found, instead of falling back to look up the running task and assigning it to the actions user. Make ACTIONS_RUNTIME_TOKEN in action runners could be used, attempting to parse Oauth JWTs. The code to parse potential old `ACTION_RUNTIME_TOKEN` was kept in case someone is running an older version of act_runner that doesn't support the Actions JWT.
* Remove unnecessary code (#32560)Lunny Xiao2024-11-191-7/+0
| | | | PushMirrors only be used in the repository setting page. So it should not be loaded on every repository page.
* Use user.FullName in Oauth2 id_token response (#32542)Baltazár Radics2024-11-181-1/+1
| | | | This makes `/login/oauth/authorize` behave the same way as the `/login/oauth/userinfo` endpoint.
* Refactor push mirror find and add check for updating push mirror (#32539)Lunny Xiao2024-11-183-12/+11
| | | Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Refactor find forks and fix possible bugs that weak permissions check (#32528)Lunny Xiao2024-11-181-0/+24
| | | | | | | | | | | - Move models/GetForks to services/FindForks - Add doer as a parameter of FindForks to check permissions - Slight performance optimization for get forks API with batch loading of repository units - Add tests for forking repository to organizations --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix basic auth with webauthn (#32531)Lunny Xiao2024-11-161-0/+10
|
* Remove transaction for archive download (#32186)Lunny Xiao2024-11-152-26/+19
| | | | | | | Since there is a status column in the database, the transaction is unnecessary when downloading an archive. The transaction is blocking database operations, especially with SQLite. Replace #27563
* Reduce integration test overhead (#32475)Rowan Bohde2024-11-143-8/+1
| | | | | | | | | | | | | In profiling integration tests, I found a couple places where per-test overhead could be reduced: * Avoiding disk IO by synchronizing instead of deleting & copying test Git repository data. This saves ~100ms per test on my machine * When flushing queues in `PrintCurrentTest`, invoke `FlushWithContext` in a parallel. --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Trim title before insert/update to database to match the size requirements ↵Lunny Xiao2024-11-141-0/+1
| | | | | of database (#32498) Fix #32489
* Reimplement GetUserOrgsList to make it simple and clear (#32486)Lunny Xiao2024-11-141-1/+5
| | | | | | | | Reimplement GetUserOrgsList and also move some functions and test to org_list file. --------- Co-authored-by: Zettat123 <zettat123@gmail.com>
* Refactor render system (#32492)wxiaoguang2024-11-141-2/+1
| | | | | | | | | | | | | | | | | | | There were too many patches to the Render system, it's really difficult to make further improvements. This PR clears the legacy problems and fix TODOs. 1. Rename `RenderContext.Type` to `RenderContext.MarkupType` to clarify its usage. 2. Use `ContentMode` to replace `meta["mode"]` and `IsWiki`, to clarify the rendering behaviors. 3. Use "wiki" mode instead of "mode=gfm + wiki=true" 4. Merge `renderByType` and `renderByFile` 5. Add more comments ---- The problem of "mode=document": in many cases it is not set, so many non-comment places use comment's hard line break incorrectly
* Fix LFS route mock, realm, middleware names (#32488)wxiaoguang2024-11-134-21/+29
| | | | | | | | | | 1. move "internal-lfs" route mock to "common-lfs" 2. fine tune tests 3. fix "realm" strings, according to RFC: https://datatracker.ietf.org/doc/html/rfc2617: * realm = "realm" "=" realm-value * realm-value = quoted-string 4. clarify some names of the middlewares, rename `ignXxx` to `optXxx` to match `reqXxx`, and rename ambiguous `requireSignIn` to `reqGitSignIn`
* Disable Oauth check if oauth disabled (#32368)Lunny Xiao2024-11-121-1/+6
| | | | | | | | Fix #32367 --------- Co-authored-by: Giteabot <teabot@gitea.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Calculate `PublicOnly` for org membership only once (#32234)65432024-11-111-4/+3
| | | | | | | | | | Refactoring of #32211 this move the PublicOnly() filter calcuation next to the DB querys and let it be decided by the Doer --- *Sponsored by Kithara Software GmbH*
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-01 16:53:43 +0000