summaryrefslogtreecommitdiffstats
path: root/services
Commit message (Collapse)AuthorAgeFilesLines
* Prevent merge messages from being sorted to the top of email chains (#18566) ↵zeripath2022-02-042-4/+131
| | | | | | | | | | | | | | | (#18588) Backport #18566 Gitea will currrently resend the same message-id for the closed/merged/reopened messages for issues. This will cause the merged message to leap to the top of an email chain and become out of sync. This PR adds specific suffices for these actions. Fix #18560 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Detect conflicts with 3way merge (#18536) (#18537)zeripath2022-02-021-0/+13
| | | | | | | | | | | | | Backport #18536 Unforunately git apply --3way reports conflicts differently than standard patches resulting in conflicts being missed. Adjust the conflict detection code to account for this different error reporting. Fix #18514 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Use `ImagedProvider` for gplus oauth2 provider (#18504) (#18505)Gusted2022-02-011-3/+2
| | | | | - Bacport of #18504 Co-authored-by: 6543 <6543@obermui.de>
* GitLab reviews may not have the updated_at field set (#18450) (#18461)Aravinth Manivannan2022-01-303-33/+181
| | | | | | | | | | | | Fallback to created_at if that the case and to time.Now() if it is also missing. Fixes: #18434 Co-authored-by: Loïc Dachary <loic@dachary.org> Conflicts: services/migrations/gitlab.go trivial context conflict because var reviews became reviews := in 1.17
* Fix restore without topic failure (#18387) (#18400)Lunny Xiao2022-01-251-0/+3
| | | | Co-authored-by: zeripath <art27@cantab.net>
* Stop trimming preceding and suffixing spaces from editor filenames (#18334)v1.16.0-rc1zeripath2022-01-191-1/+1
| | | | | | | | | | | | | | * Stop trimming preceding and suffixing spaces from editor filenames In #5702 it was decided to trim preceding and suffixed spaces aswell as / from editing file filenames. This was because at this point in time the url-safety of Gitea was much poorer. We can now drop this requirement and file editing should work correctly. Fix #18176 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Restore propagation of ErrDependenciesLeft (#18325)zeripath2022-01-193-6/+9
| | | | | | | | | | | Unfortunately #17643 prevented all propagation of ErrDependenciesLeft meaning that dependency errors that prevent closing of issues get swallowed. This PR restores propagation of the error but instead swallows the error in the places where it needs to be swallowed. Fix #18223 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Use indirect comparison when showing pull requests (#18313)zeripath2022-01-181-1/+1
| | | | | | | | When generating the commits list and number of files changed for PRs and compare we should use "..." always not "..". Fix #18303 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Correctly upload LFS files (#18316)zeripath2022-01-182-0/+2
| | | | | | | | We need to use the cached .gitattributes file for checking if a file should be stored in the lfs. Fix #18297 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix CheckRepoStats and reuse it during migration (#18264)Aravinth Manivannan2022-01-171-0/+4
| | | | | | | | | | | | | | | | | | | The CheckRepoStats function missed the following counters: - label num_closed_issues & num_closed_pulls - milestone num_closed_issues & num_closed_pulls The update SQL statements for updating the repository num_closed_issues & num_closed_pulls fields were repeated in three functions (repo.CheckRepoStats, migrate.insertIssues and models.Issue.updateClosedNum) and were moved to a single helper. The UpdateRepoStats is implemented and called in the Finish migration method so that it happens immediately instead of wating for the CheckRepoStats to run. Signed-off-by: Loïc Dachary loic@dachary.org --- [source](https://lab.forgefriends.org/forgefriends/forgefriends/-/merge_requests/34)
* Support webauthn (#17957)Lunny Xiao2022-01-145-10/+16
| | | | | | | Migrate from U2F to Webauthn Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix NPE on try to get tag reference via API (#18245)65432022-01-121-1/+1
| | | | | * fix npe * rm gitRepo from Tag
* Fix various typos (#18219)luzpaz2022-01-108-10/+10
| | | | | Found via `codespell -q 3 -S ./options/locale,./vendor -L ba,pullrequest,pullrequests,readby,te,unknwon` Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Add warning for BIDI characters in page renders and in diffs (#17562)zeripath2022-01-072-22/+40
| | | | | | | | | | | | Fix #17514 Given the comments I've adjusted this somewhat. The numbers of characters detected are increased and include things like the use of U+300 to make à instead of à and non-breaking spaces. There is a button which can be used to escape the content to show it. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Gwyneth Morgan <gwymor@tilde.club> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add option to convert CRLF to LF line endings for sendmail (#18075)zeripath2022-01-061-2/+9
| | | | | | | | | | | | | It appears that several versions of sendmail require that the mail is sent to them with LF line endings instead of CRLF endings - which of course they will then convert back to CRLF line endings to comply with the SMTP standard. This PR adds another setting SENDMAIL_CONVERT_CRLF which will pass the message writer through a filter. This will filter out and convert CRLFs to LFs before writing them out to sendmail. Fix #18024 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add replay of webhooks. (#18191)KN4CK3R2022-01-051-0/+12
|
* refactoring nits (#18188)65432022-01-054-20/+22
| | | | | | | * no octal for time values * rm artifact from refactoring Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Team permission allow different unit has different permission (#17811)Lunny Xiao2022-01-051-2/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Team permission allow different unit has different permission * Finish the interface and the logic * Fix lint * Fix translation * align center for table cell content * Fix fixture * merge * Fix test * Add deprecated * Improve code * Add tooltip * Fix swagger * Fix newline * Fix tests * Fix tests * Fix test * Fix test * Max permission of external wiki and issues should be read * Move team units with limited max level below units table * Update label and column names * Some improvements * Fix lint * Some improvements * Fix template variables * Add permission docs * improve doc * Fix fixture * Fix bug * Fix some bug * fix * gofumpt * Integration test for migration (#18124) integrations: basic test for Gitea {dump,restore}-repo This is a first step for integration testing of DumpRepository and RestoreRepository. It: runs a Gitea server, dumps a repo via DumpRepository to the filesystem, restores the repo via RestoreRepository from the filesystem, dumps the restored repository to the filesystem, compares the first and second dump and expects them to be identical The verification is trivial and the goal is to add more tests for each topic of the dump. Signed-off-by: Loïc Dachary <loic@dachary.org> * Team permission allow different unit has different permission * Finish the interface and the logic * Fix lint * Fix translation * align center for table cell content * Fix fixture * merge * Fix test * Add deprecated * Improve code * Add tooltip * Fix swagger * Fix newline * Fix tests * Fix tests * Fix test * Fix test * Max permission of external wiki and issues should be read * Move team units with limited max level below units table * Update label and column names * Some improvements * Fix lint * Some improvements * Fix template variables * Add permission docs * improve doc * Fix fixture * Fix bug * Fix some bug * Fix bug Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Aravinth Manivannan <realaravinth@batsense.net>
* Increase Salt randomness (#18179)Gusted2022-01-041-1/+3
| | | | | | | | | | | - The current implementation of `RandomString` doesn't give you a most-possible unique randomness. It gives you 6*`length` instead of the possible 8*`length` bits(or as `length`x bytes) randomness. This is because `RandomString` is being limited to a max value of 63, this in order to represent the random byte as a letter/digit. - The recommendation of pbkdf2 is to use 64+ bit salt, which the `RandomString` doesn't give with a length of 10, instead of increasing 10 to a higher number, this patch adds a new function called `RandomBytes` which does give you the guarentee of 8*`length` randomness and thus corresponding of `length`x bytes randomness. - Use hexadecimal to store the bytes value in the database, as mentioned, it doesn't play nice in order to convert it to a string. This will always be a length of 32(with `length` being 16). - When we detect on `Authenticate`(source: db) that a user has the old format of salt, re-hash the password such that the user will have it's password hashed with increased salt. Thanks to @zeripath for working out the rouge edges from my first commit 😄. Co-authored-by: lafriks <lauris@nix.lv> Co-authored-by: zeripath <art27@cantab.net>
* Refactor auth package (#17962)Lunny Xiao2022-01-0228-143/+143
|
* Unify and simplify TrN for i18n (#18141)wxiaoguang2022-01-023-7/+0
| | | | | Refer: https://github.com/go-gitea/gitea/pull/18135#issuecomment-1003246099 Now we have a unique and simple `TrN`, and make the fix of PR #18135 also use the better `TrN` logic.
* services/repository: fix ListUnadoptedRepositories incorrect total count ↵singuliere2022-01-012-110/+156
| | | | | | | | | | | | | | | | (#17865) The total count returned by ListUnadoptedRepositories is incorrectly calculated. The code snippet within ListUnadoptedRepositories used to verify unadopted repositories is repeated three times in the function. It is moved in the checkUnadoptedRepositories function and a unit test is added to verify it works as expected. A unit test is added to verify the total count returned by ListUnadoptedRepositories is as expected. Signed-off-by: singuliere <singuliere@autistici.org>
* Reset the conflicted files list in testpatch (#18139)zeripath2021-12-311-0/+1
| | | | | | | | Although #18004 will seriously reduce the likelihood of finding conflicts in the first place - one bug was introduced whereby the conflicted files status was not being reset properly. This leads to conflicted PRs remaining conflicted when the conflict has been resolved. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Set HeadCommit when creating tags. (#18116)KN4CK3R2021-12-292-2/+15
| | | Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add issue hyperlinks in the webhook of wechatwork (#18102)zjjhot2021-12-251-2/+2
| | | Co-authored-by: zjj <2031381130@qq.com>
* Do not read or write git reference files directly (#18079)zeripath2021-12-231-2/+1
| | | | | | | | | | Git will and can pack references into packfiles and therefore if you write/read the files directly you will get false results. Instead you should use update-ref and show-ref. To that end I have created three new functions in git/repo_commit.go that will do this correctly. Related #17191 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add List-Unsubscribe header (#17804)mscherer2021-12-212-1/+2
| | | | | | Fixes #13283 Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Reset Session ID on login (#18018)zeripath2021-12-202-1/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Reset Session ID on login When logging in the SessionID should be reset and the session cleaned up. Signed-off-by: Andrew Thornton <art27@cantab.net> * with new session.RegenerateID function Signed-off-by: Andrew Thornton <art27@cantab.net> * update go-chi/session Signed-off-by: Andrew Thornton <art27@cantab.net> * Ensure that session id is changed after oauth data is set and between account linking pages too Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net> * as per review Signed-off-by: Andrew Thornton <art27@cantab.net>
* Simplify parameter types (#18006)Gusted2021-12-2011-17/+16
| | | Remove repeated type declarations in function definitions.
* Abort merge if head has been updated before pressing merge (#18032)zeripath2021-12-203-4/+19
| | | | | | | | | | | | | | | | | | | | | | | * Abort merge if head has been updated before pressing merge It is possible that a PR head may be pushed to between the merge page being shown and the merge button being pressed. Pass the current expected head in as a parameter and cancel the merge if it has changed. Fix #18028 Signed-off-by: Andrew Thornton <art27@cantab.net> * adjust swagger Signed-off-by: Andrew Thornton <art27@cantab.net> * fix test Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add support for ssh commit signing (#17743)Wim2021-12-191-6/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add support for ssh commit signing * Split out ssh verification to separate file * Show ssh key fingerprint on commit page * Update sshsig lib * Make sure we verify against correct namespace * Add ssh public key verification via ssh signatures When adding a public ssh key also validate that this user actually owns the key by signing a token with the private key. * Remove some gpg references and make verify key optional * Fix spaces indentation * Update options/locale/locale_en-US.ini Co-authored-by: Gusted <williamzijl7@hotmail.com> * Update templates/user/settings/keys_ssh.tmpl Co-authored-by: Gusted <williamzijl7@hotmail.com> * Update options/locale/locale_en-US.ini Co-authored-by: Gusted <williamzijl7@hotmail.com> * Update options/locale/locale_en-US.ini Co-authored-by: Gusted <williamzijl7@hotmail.com> * Update models/ssh_key_commit_verification.go Co-authored-by: Gusted <williamzijl7@hotmail.com> * Reword ssh/gpg_key_success message * Change Badsignature to NoKeyFound * Add sign/verify tests * Fix upstream api changes to user_model User * Match exact on SSH signature * Fix code review remarks Co-authored-by: Gusted <williamzijl7@hotmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Improve TestPatch to use git read-tree -m and implement git-merge-one-file ↵zeripath2021-12-192-5/+372
| | | | | | | | | | | | | functionality (#18004) The current TestPatch conflict code uses a plain git apply which does not properly account for 3-way merging. However, we can improve things using `git read-tree -m` to do a three-way merge then follow the algorithm used in merge-one-file. We can also use `--patience` and/or `--histogram` to generate a nicer diff for applying patches too. Fix #13679 Fix #6417 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix rename notification bug (#18008)Lunny Xiao2021-12-171-0/+4
|
* Prevent hang in git cat-file if repository is not a valid repository and ↵zeripath2021-12-161-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | other fixes (#17991) This PR contains multiple fixes. The most important of which is: * Prevent hang in git cat-file if the repository is not a valid repository Unfortunately it appears that if git cat-file is run in an invalid repository it will hang until stdin is closed. This will result in deadlocked /pulls pages and dangling git cat-file calls if a broken repository is tried to be reviewed or pulls exists for a broken repository. Fix #14734 Fix #9271 Fix #16113 Otherwise there are a few small other fixes included which this PR was initially intending to fix: * Fix panic on partial compares due to missing PullRequestWorkInProgressPrefixes * Fix links on pulls pages due to regression from #17551 - by making most /issues routes match /pulls too - Fix #17983 * Fix links on feeds pages due to another regression from #17551 but also fix issue with syncing tags - Fix #17943 * Add missing locale entries for oauth group claims * Prevent NPEs if ColorFormat is called on nil users, repos or teams.
* Add Reindex buttons to repository settings page (#17494)zeripath2021-12-161-1/+2
| | | | | | | | | | This PR adds reindexing request buttons to the repository settings page. Fix #3796 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Refactor HTTP request context (#17979)wxiaoguang2021-12-151-0/+1
|
* Add missing `X-Total-Count` and fix some related bugs (#17968)qwerty2872021-12-155-3/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add missing `X-Total-Count` and fix some related bugs Adds `X-Total-Count` header to APIs that return a list but doesn't have it yet. Fixed bugs: * not returned after reporting error (https://github.com/qwerty287/gitea/blob/39eb82446c6fe5da3d79124e1f701f3795625b69/routers/api/v1/user/star.go#L70) * crash with index out of bounds, API issue/issueSubscriptions I also found various endpoints that return lists but do not apply/support pagination yet: ``` /repos/{owner}/{repo}/issues/{index}/labels /repos/{owner}/{repo}/issues/comments/{id}/reactions /repos/{owner}/{repo}/branch_protections /repos/{owner}/{repo}/contents /repos/{owner}/{repo}/hooks/git /repos/{owner}/{repo}/issue_templates /repos/{owner}/{repo}/releases/{id}/assets /repos/{owner}/{repo}/reviewers /repos/{owner}/{repo}/teams /user/emails /users/{username}/heatmap ``` If this is not expected, an new issue should be opened. Closes #13043 * fmt * Update routers/api/v1/repo/issue_subscription.go Co-authored-by: KN4CK3R <admin@oldschoolhack.me> * Use FindAndCount Co-authored-by: KN4CK3R <admin@oldschoolhack.me> Co-authored-by: 6543 <6543@obermui.de>
* Add Option to synchronize Admin & Restricted states from OIDC/OAuth2 along ↵zeripath2021-12-147-21/+93
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | with Setting Scopes (#16766) * Add setting to OAuth handlers to override local 2FA settings This PR adds a setting to OAuth and OpenID login sources to allow the source to override local 2FA requirements. Fix #13939 Signed-off-by: Andrew Thornton <art27@cantab.net> * Fix regression from #16544 Signed-off-by: Andrew Thornton <art27@cantab.net> * Add scopes settings Signed-off-by: Andrew Thornton <art27@cantab.net> * fix trace logging in auth_openid Signed-off-by: Andrew Thornton <art27@cantab.net> * add required claim options Signed-off-by: Andrew Thornton <art27@cantab.net> * Move UpdateExternalUser to externalaccount Signed-off-by: Andrew Thornton <art27@cantab.net> * Allow OAuth2/OIDC to set Admin/Restricted status Signed-off-by: Andrew Thornton <art27@cantab.net> * Allow use of the same group claim name for the prohibit login value Signed-off-by: Andrew Thornton <art27@cantab.net> * fixup! Move UpdateExternalUser to externalaccount * as per wxiaoguang Signed-off-by: Andrew Thornton <art27@cantab.net> * add label back in Signed-off-by: Andrew Thornton <art27@cantab.net> * adjust localisation Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Some repository refactors (#17950)Lunny Xiao2021-12-1216-27/+257
| | | | | | | | | * some repository refactors * remove unnecessary code * Fix test * Remove unnecessary banner
* Prevent services/mailer/mailer_test.go tests from deleteing data directory ↵zeripath2021-12-101-7/+6
| | | | | | | | | | (#17941) Running `make test-backend` will delete `data/` due to reloading the configuration and resetting the appdatapath. This PR removes this unnecessary config reload but also adds extra code in to the unittest main to prevent its cleanup from deleting the wrong directory. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move keys to models/asymkey (#17917)Lunny Xiao2021-12-1016-30/+605
| | | | | | | | | | | | | | | | | | | * Move keys to models/keys * Rename models/keys -> models/asymkey * change the missed package name * Fix package alias * Fix test * Fix docs * Fix test * Fix test * merge
* Move repository model into models/repo (#17933)Lunny Xiao2021-12-1062-247/+287
| | | | | | | | | | | | | | | * Some refactors related repository model * Move more methods out of repository * Move repository into models/repo * Fix test * Fix test * some improvements * Remove unnecessary function
* Improve checkBranchName (#17901)zeripath2021-12-082-29/+26
| | | | | | | | | | | | The current implementation of checkBranchName is highly inefficient involving opening the repository, the listing all of the branch names checking them individually before then using using opened repo to get the tags. This PR avoids this by simply walking the references from show-ref instead of opening the repository (in the nogogit case). Signed-off-by: Andrew Thornton <art27@cantab.net>
* allways set a message-id on mails (#17900)Garionion2021-12-082-0/+55
| | | | | | | * allways set a message-id on mails * Add unit tests for mailer & Message-ID Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Move repo archiver to models/repo (#17913)Lunny Xiao2021-12-065-42/+79
| | | | | | | | | | | * Move repo archiver to models/repo * Move archiver service into services/repository/ * Fix imports * Fix test * Fix test
* Add migrate from Codebase (#16768)KN4CK3R2021-12-023-0/+807
| | | | | | | | | | This PR adds [Codebase](https://www.codebasehq.com/) as migration source. Supported: - Milestones - Issues - Pull Requests - Comments - Labels
* Refactor various strings (#17784)mscherer2021-12-025-9/+9
| | | | | | | | Fixes #16478 Co-authored-by: Gusted <williamzijl7@hotmail.com> Co-authored-by: Gusted <williamzijl7@hotmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Improve install code to avoid low-level mistakes. (#17779)wxiaoguang2021-12-011-0/+5
| | | | | | | | | | | | | | * Improve install code to avoid low-level mistakes. If a user tries to do a re-install in a Gitea database, they gets a warning and double check. When Gitea runs, it never create empty app.ini automatically. Also some small (related) refactoring: * Refactor db.InitEngine related logic make it more clean (especially for the install code) * Move some i18n strings out from setting.go to make the setting.go can be easily maintained. * Show errors in CLI code if an incorrect app.ini is used. * APP_DATA_PATH is created when installing, and checked when starting (no empty directory is created any more).
* Make Requests Processes and create process hierarchy. Associate ↵zeripath2021-11-3012-39/+39
| | | | | | | | | OpenRepository with context. (#17125) This PR registers requests with the process manager and manages hierarchy within the processes. Git repos are then associated with a context, (usually the request's context) - with sub commands using this context as their base context. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Make Co-committed-by and co-authored-by trailers optional (#17848)zeripath2021-11-291-1/+1
| | | | | | | | This PR adds another option to app.ini make co-committed-by and co-authored-by trailers optional on a per server basis. Fix #17194 Signed-off-by: Andrew Thornton <art27@cantab.net>