aboutsummaryrefslogtreecommitdiffstats
path: root/services
Commit message (Collapse)AuthorAgeFilesLines
* Refactor template & test related code (#32938)wxiaoguang20 hours8-27/+26
| | | Move some legacy code from "base" package to proper packages.
* Move some errors to their own sub packages (#32880)Lunny Xiao3 days21-110/+457
|
* Refactor pprof labels and process desc (#32909)wxiaoguang3 days11-55/+16
| | | | | | * Deprecate "gopid" in log, it is not useful and requires very hacky approach * Remove "git.Command.SetDescription" because it is not useful and only makes the logs too flexible
* Add more load functions to make sure the reference object loaded (#32901)Lunny Xiao4 days2-0/+9
| | | Fix #32897
* Fix Arch package metadata introduced incorrect field (#32881)Exploding Dragon5 days1-1/+2
| | | | | | Incorrect content was introduced while generating the index, which has now been removed, and the missing fields have been added. ![](https://github.com/user-attachments/assets/4fbb8884-337e-43b1-939f-a5ba687f7ffd)
* Move delete deploy keys into service layer (#32201)Lunny Xiao5 days3-14/+56
|
* Move RepoTransfer from models to models/repo sub package (#32506)Lunny Xiao5 days10-42/+81
| | | | | | | | | | | | | `RepoTransfer` now is at models, but if we want to move it into `repo` model, it will depend on `Team`. So this PR also makes repo model depend on org model to make it possible. Just refactor, no code change. - [x] Move `DeleteOrganization` from `models/organization` to service layer - [x] Move `AccessibleTeamReposEnv` to `models/repo` - [x] Move `RepoTransfer` from `models` to `models/repo` - [x] Merge `getUserTeamIDs` and `GetUserTeamIDs`, Merge `GetUserTeams` and `getUserTeams`. - [x] Remove `Team`'s `Repos []*repo_model.Repository` to avoid dependency recycle.
* Fix various trivial problems (#32861)wxiaoguang6 days1-0/+6
| | | | | | | | | | | | | | 1. add/improve comments to help future readers could understand the problem more easily. 2. add an error log to LDAP with username fallback 3. use `or` instead of `Iif` for "repo/branch_dropdown" (`Iif` was a mistake, but it doesn't really affect the UI) 4. add `tw-font-mono` style to container digest to match dockerhub 5. fix a bug in RepoBranchTagSelector: the form is not updated when there is no click to an item --------- Co-authored-by: delvh <dev.lh@web.de>
* Refactor some LDAP code (#32849)wxiaoguang8 days5-34/+42
|
* Enable tenv and testifylint rules (#32852)TheFox0x78 days16-46/+44
| | | | Enables tenv and testifylint linters closes: https://github.com/go-gitea/gitea/issues/32842
* Add missing two sync feed for refs/pull (#32815)Lunny Xiao10 days1-0/+12
| | | Fowllow #32659
* Detect whether action view branch was deleted (#32764)Lunny Xiao11 days1-1/+1
| | | | | Fix #32761 ![图片](https://github.com/user-attachments/assets/a5a7eef8-0fea-4242-b199-1b0b73d9bbdb)
* Make API "compare" accept commit IDs (#32801)wxiaoguang11 days1-23/+7
|
* Add label/author/assignee filters to the user/org home issue list (#32779)wxiaoguang12 days1-0/+13
| | | | | | | | | | Replace #26661, fix #25979 Not perfect, but usable and much better than before. Since it is quite complex, I am not quite sure whether there would be any regression, if any, I will fix in first time. I have tested the related pages many times: issue list, milestone issue list, project view, user issue list, org issue list.
* Use batch database operations instead of one by one to optimze api pulls ↵Lunny Xiao13 days1-0/+251
| | | | | | | | | | | | | | | | | | | | (#32680) Resolve #31492 The response time for the Pull Requests API has improved significantly, dropping from over `2000ms` to about `350ms` on my local machine. It's about `6` times faster. A key area for further optimization lies in batch-fetching data for `apiPullRequest.ChangedFiles, apiPullRequest.Additions, and apiPullRequest.Deletions`. Tests `TestAPIViewPulls` does exist and new tests added. - This PR also fixes some bugs in `GetDiff` functions. - This PR also fixes data inconsistent in test data. For a pull request, the head branch's reference should be equal to the reference in `pull/xxx/head`.
* Support "merge upstream branch" (Sync fork) (#32741)wxiaoguang2024-12-062-1/+118
| | | | | | | | | Add basic "sync fork" support (GitHub-like) <details> ![image](https://github.com/user-attachments/assets/e71473f4-4518-48c7-b9e2-fedfcd564fc3) </details>
* GitHub like repo home page (#32213)yp053272024-12-061-8/+1
| | | | | | | Move some components (description, license, release, language stats) to sidebar --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Issue time estimate, meaningful time tracking (#23113)Illya Marchenko2024-12-053-0/+13
| | | | | | | | | | | | | Redesign the time tracker side bar, and add "time estimate" support (in "1d 2m" format) Closes #23112 --------- Co-authored-by: stuzer05 <stuzer05@gmail.com> Co-authored-by: Yarden Shoham <hrsi88@gmail.com> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add Arch package registry (#32692)KN4CK3R2024-12-045-5/+420
| | | | | | | | | | | | | | | | | | | | | | | Close #25037 Close #31037 This PR adds a Arch package registry usable with pacman. ![grafik](https://github.com/user-attachments/assets/81cdb0c2-02f9-4733-bee2-e48af6b45224) Rewrite of #25396 and #31037. You can follow [this tutorial](https://wiki.archlinux.org/title/Creating_packages) to build a package for testing. Docs PR: https://gitea.com/gitea/docs/pulls/111 Co-authored-by: [d1nch8g@ion.lc](mailto:d1nch8g@ion.lc) Co-authored-by: @ExplodingDragon --------- Co-authored-by: dancheg97 <dancheg97@fmnx.su> Co-authored-by: dragon <ExplodingFKL@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Use new mail package instead of an unmintained one (#32682)Lunny Xiao2024-12-058-60/+101
| | | Resolve #18664
* Fix delete branch perm checking (#32654)Lunny Xiao2024-12-041-6/+23
|
* Split mail sender sub package from mailer service package (#32618)Lunny Xiao2024-11-3013-398/+491
| | | | | | | | Move all mail sender related codes into a sub package of services/mailer. Just move, no code change. Then we just have dependencies on go-mail package in the new sub package. We can use other package to replace it because it's unmaintainable. ref #18664
* Move GetFeeds to service layer (#32526)Lunny Xiao2024-11-294-0/+180
| | | Move GetFeeds from models to service layer, no code change.
* Don't create action when syncing mirror pull refs (#32659)Lunny Xiao2024-11-281-0/+6
| | | Fix #27961
* Validate OAuth Redirect URIs (#32643)Rowan Bohde2024-11-281-1/+1
| | | | | | | This fixes a TODO in the code to validate the RedirectURIs when adding or editing an OAuth application in user settings. This also includes a refactor of the user settings tests to only create the DB once per top-level test to avoid reloading fixtures.
* Move team related functions to service layer (#32537)Lunny Xiao2024-11-2716-271/+1158
| | | | | There are still some functions under `models` after last big refactor about `models`. This change will move all team related functions to service layer with no code change.
* Add priority to protected branch (#32286)65432024-11-272-0/+5
| | | | | | | | | | | | | | | | | | | ## Solves Currently for rules to re-order them you have to alter the creation date. so you basicly have to delete and recreate them in the right order. This is more than just inconvinient ... ## Solution Add a new col for prioritization ## Demo WebUI Video https://github.com/user-attachments/assets/92182a31-9705-4ac5-b6e3-9bb74108cbd1 --- *Sponsored by Kithara Software GmbH*
* Introduce OrgList and add LoadTeams, optimaze Load teams for orgs (#32543)Lunny Xiao2024-11-261-5/+6
|
* Improve oauth2 scope token handling (#32633)wxiaoguang2024-11-262-9/+18
|
* Add github compatible tarball download API endpoints (#32572)Lunny Xiao2024-11-252-26/+33
| | | | Fix #29654 Fix #32481
* Refactor markup render system (#32612)wxiaoguang2024-11-244-15/+9
| | | | | | | | | | This PR removes (almost) all path tricks, and introduces "renderhelper" package. Now we can clearly see the rendering behaviors for comment/file/wiki, more details are in "renderhelper" tests. Fix #31411 , fix #18592, fix #25632 and maybe more problems. (ps: fix #32608 by the way)
* Fix get reviewers' bug (#32415)Lunny Xiao2024-11-225-56/+165
| | | | | | | | | | This PR rewrites `GetReviewer` function and move it to service layer. Reviewers should not be watchers, so that this PR removed all watchers from reviewers. When the repository is under an organization, the pull request unit read permission will be checked to resolve the bug of #32394 Fix #32394
* Refactor markup render system (#32589)wxiaoguang2024-11-223-20/+11
| | | | This PR mainly moves some code and introduces `RenderContext.WithXxx` functions
* Enhancing Gitea OAuth2 Provider with Granular Scopes for Resource Access ↵Marcell Mars2024-11-224-16/+87
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#32573) Resolve #31609 This PR was initiated following my personal research to find the lightest possible Single Sign-On solution for self-hosted setups. The existing solutions often seemed too enterprise-oriented, involving many moving parts and services, demanding significant resources while promising planetary-scale capabilities. Others were adequate in supporting basic OAuth2 flows but lacked proper user management features, such as a change password UI. Gitea hits the sweet spot for me, provided it supports more granular access permissions for resources under users who accept the OAuth2 application. This PR aims to introduce granularity in handling user resources as nonintrusively and simply as possible. It allows third parties to inform users about their intent to not ask for the full access and instead request a specific, reduced scope. If the provided scopes are **only** the typical ones for OIDC/OAuth2—`openid`, `profile`, `email`, and `groups`—everything remains unchanged (currently full access to user's resources). Additionally, this PR supports processing scopes already introduced with [personal tokens](https://docs.gitea.com/development/oauth2-provider#scopes) (e.g. `read:user`, `write:issue`, `read:group`, `write:repository`...) Personal tokens define scopes around specific resources: user info, repositories, issues, packages, organizations, notifications, miscellaneous, admin, and activitypub, with access delineated by read and/or write permissions. The initial case I wanted to address was to have Gitea act as an OAuth2 Identity Provider. To achieve that, with this PR, I would only add `openid public-only` to provide access token to the third party to authenticate the Gitea's user but no further access to the API and users resources. Another example: if a third party wanted to interact solely with Issues, it would need to add `read:user` (for authorization) and `read:issue`/`write:issue` to manage Issues. My approach is based on my understanding of how scopes can be utilized, supported by examples like [Sample Use Cases: Scopes and Claims](https://auth0.com/docs/get-started/apis/scopes/sample-use-cases-scopes-and-claims) on auth0.com. I renamed `CheckOAuthAccessToken` to `GetOAuthAccessTokenScopeAndUserID` so now it returns AccessTokenScope and user's ID. In the case of additional scopes in `userIDFromToken` the default `all` would be reduced to whatever was asked via those scopes. The main difference is the opportunity to reduce the permissions from `all`, as is currently the case, to what is provided by the additional scopes described above. Screenshots: ![Screenshot_20241121_121405](https://github.com/user-attachments/assets/29deaed7-4333-4b02-8898-b822e6f2463e) ![Screenshot_20241121_120211](https://github.com/user-attachments/assets/7a4a4ef7-409c-4116-9d5f-2fe00eb37167) ![Screenshot_20241121_120119](https://github.com/user-attachments/assets/aa52c1a2-212d-4e64-bcdf-7122cee49eb6) ![Screenshot_20241121_120018](https://github.com/user-attachments/assets/9eac318c-e381-4ea9-9e2c-3a3f60319e47) --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* disable gravatar in test (#32529)Rowan Bohde2024-11-211-1/+2
| | | | | When running e2e tests on flaky networks, gravatar can cause a timeout and test failures. Turn off, and populate avatars on e2e test suite run to make them reliable.
* allow the actions user to login via the jwt token (#32527)Rowan Bohde2024-11-203-3/+86
| | | | | | | | | | | | | | | | We have some actions that leverage the Gitea API that began receiving 401 errors, with a message that the user was not found. These actions use the `ACTIONS_RUNTIME_TOKEN` env var in the actions job to authenticate with the Gitea API. The format of this env var in actions jobs changed with go-gitea/gitea/pull/28885 to be a JWT (with a corresponding update to `act_runner`) Since it was a JWT, the OAuth parsing logic attempted to parse it as an OAuth token, and would return user not found, instead of falling back to look up the running task and assigning it to the actions user. Make ACTIONS_RUNTIME_TOKEN in action runners could be used, attempting to parse Oauth JWTs. The code to parse potential old `ACTION_RUNTIME_TOKEN` was kept in case someone is running an older version of act_runner that doesn't support the Actions JWT.
* Remove unnecessary code (#32560)Lunny Xiao2024-11-191-7/+0
| | | | PushMirrors only be used in the repository setting page. So it should not be loaded on every repository page.
* Use user.FullName in Oauth2 id_token response (#32542)Baltazár Radics2024-11-181-1/+1
| | | | This makes `/login/oauth/authorize` behave the same way as the `/login/oauth/userinfo` endpoint.
* Refactor push mirror find and add check for updating push mirror (#32539)Lunny Xiao2024-11-183-12/+11
| | | Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Refactor find forks and fix possible bugs that weak permissions check (#32528)Lunny Xiao2024-11-181-0/+24
| | | | | | | | | | | - Move models/GetForks to services/FindForks - Add doer as a parameter of FindForks to check permissions - Slight performance optimization for get forks API with batch loading of repository units - Add tests for forking repository to organizations --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix basic auth with webauthn (#32531)Lunny Xiao2024-11-161-0/+10
|
* Remove transaction for archive download (#32186)Lunny Xiao2024-11-152-26/+19
| | | | | | | Since there is a status column in the database, the transaction is unnecessary when downloading an archive. The transaction is blocking database operations, especially with SQLite. Replace #27563
* Reduce integration test overhead (#32475)Rowan Bohde2024-11-143-8/+1
| | | | | | | | | | | | | In profiling integration tests, I found a couple places where per-test overhead could be reduced: * Avoiding disk IO by synchronizing instead of deleting & copying test Git repository data. This saves ~100ms per test on my machine * When flushing queues in `PrintCurrentTest`, invoke `FlushWithContext` in a parallel. --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Trim title before insert/update to database to match the size requirements ↵Lunny Xiao2024-11-141-0/+1
| | | | | of database (#32498) Fix #32489
* Reimplement GetUserOrgsList to make it simple and clear (#32486)Lunny Xiao2024-11-141-1/+5
| | | | | | | | Reimplement GetUserOrgsList and also move some functions and test to org_list file. --------- Co-authored-by: Zettat123 <zettat123@gmail.com>
* Refactor render system (#32492)wxiaoguang2024-11-141-2/+1
| | | | | | | | | | | | | | | | | | | There were too many patches to the Render system, it's really difficult to make further improvements. This PR clears the legacy problems and fix TODOs. 1. Rename `RenderContext.Type` to `RenderContext.MarkupType` to clarify its usage. 2. Use `ContentMode` to replace `meta["mode"]` and `IsWiki`, to clarify the rendering behaviors. 3. Use "wiki" mode instead of "mode=gfm + wiki=true" 4. Merge `renderByType` and `renderByFile` 5. Add more comments ---- The problem of "mode=document": in many cases it is not set, so many non-comment places use comment's hard line break incorrectly
* Fix LFS route mock, realm, middleware names (#32488)wxiaoguang2024-11-134-21/+29
| | | | | | | | | | 1. move "internal-lfs" route mock to "common-lfs" 2. fine tune tests 3. fix "realm" strings, according to RFC: https://datatracker.ietf.org/doc/html/rfc2617: * realm = "realm" "=" realm-value * realm-value = quoted-string 4. clarify some names of the middlewares, rename `ignXxx` to `optXxx` to match `reqXxx`, and rename ambiguous `requireSignIn` to `reqGitSignIn`
* Disable Oauth check if oauth disabled (#32368)Lunny Xiao2024-11-121-1/+6
| | | | | | | | Fix #32367 --------- Co-authored-by: Giteabot <teabot@gitea.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Calculate `PublicOnly` for org membership only once (#32234)65432024-11-111-4/+3
| | | | | | | | | | Refactoring of #32211 this move the PublicOnly() filter calcuation next to the DB querys and let it be decided by the Doer --- *Sponsored by Kithara Software GmbH*
* Add `DEFAULT_MIRROR_REPO_UNITS` and `DEFAULT_TEMPLATE_REPO_UNITS` options ↵Zettat1232024-11-111-1/+6
| | | | | | | | | | | | | (#32416) Resolve #30350 The action unit of mirrors and templates should be disabled by default. This PR adds `DEFAULT_MIRROR_REPO_UNITS` and `DEFAULT_TEMPLATE_REPO_UNITS` options to allow users to specify default units for mirrors and templates. Thanks to @lng2020 for the [idea](https://github.com/go-gitea/gitea/issues/30350#issuecomment-2053942243)