summaryrefslogtreecommitdiffstats
path: root/templates/user
Commit message (Collapse)AuthorAgeFilesLines
* Refactor: Move login out of models (#16199)zeripath2021-07-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `models` does far too much. In particular it handles all `UserSignin`. It shouldn't be responsible for calling LDAP, SMTP or PAM for signing in. Therefore we should move this code out of `models`. This code has to depend on `models` - therefore it belongs in `services`. There is a package in `services` called `auth` and clearly this functionality belongs in there. Plan: - [x] Change `auth.Auth` to `auth.Method` - as they represent methods of authentication. - [x] Move `models.UserSignIn` into `auth` - [x] Move `models.ExternalUserLogin` - [x] Move most of the `LoginVia*` methods to `auth` or subpackages - [x] Move Resynchronize functionality to `auth` - Involved some restructuring of `models/ssh_key.go` to reduce the size of this massive file and simplify its files. - [x] Move the rest of the LDAP functionality in to the ldap subpackage - [x] Re-factor the login sources to express an interfaces `auth.Source`? - I've done this through some smaller interfaces Authenticator and Synchronizable - which would allow us to extend things in future - [x] Now LDAP is out of models - need to think about modules/auth/ldap and I think all of that functionality might just be moveable - [x] Similarly a lot Oauth2 functionality need not be in models too and should be moved to services/auth/source/oauth2 - [x] modules/auth/oauth2/oauth2.go uses xorm... This is naughty - probably need to move this into models. - [x] models/oauth2.go - mostly should be in modules/auth/oauth2 or services/auth/source/oauth2 - [x] More simplifications of login_source.go may need to be done - Allow wiring in of notify registration - *this can now easily be done - but I think we should do it in another PR* - see #16178 - More refactors...? - OpenID should probably become an auth Method but I think that can be left for another PR - Methods should also probably be cleaned up - again another PR I think. - SSPI still needs more refactors.* Rename auth.Auth auth.Method * Restructure ssh_key.go - move functions from models/user.go that relate to ssh_key to ssh_key - split ssh_key.go to try create clearer function domains for allow for future refactors here. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add fluid to ui container class to remove margin (#16396)Stanley Hu2021-07-202-2/+2
|
* Improve 2FA autofill (#16473)Jonathan Herlin2021-07-181-1/+1
| | | This improves the autofill suggestion on mobile devices and some password managers
* show tag name on dashboard items list (#16466)a10121127962021-07-171-1/+1
| | | | | fix #16458 Signed-off-by: a1012112796 <1012112796@qq.com>
* Update notification table with only latest data (#16445)zeripath2021-07-171-1/+1
| | | | | | | | | | When marking notifications read the results may be returned out of order or be delayed. This PR sends a sequence number to gitea so that the browser can ensure that only the results of the latest notification change are shown. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
* Fix activation of primary email addresses (#16385)Meano2021-07-131-1/+1
| | | | | | | | | | | | | | | | * fix: primary email cannot be activated * Primary email should be activated together with user account when 'RegisterEmailConfirm' is enabled. * To fix the existing error state. When 'RegisterEmailConfirm' is enabled, the admin should have permission to modify the activations status of user email. And the user should be allowed to send activation to primary email. * Only judge whether email is primary from email_address table. * Improve logging and refactor isEmailActive Co-authored-by: zeripath <art27@cantab.net>
* Add option to provide signature for a token to verify key ownership (#14054)zeripath2021-07-131-2/+58
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add option to provide signed token to verify key ownership Currently we will only allow a key to be matched to a user if it matches an activated email address. This PR provides a different mechanism - if the user provides a signature for automatically generated token (based on the timestamp, user creation time, user ID, username and primary email. * Ensure verified keys can act for all active emails for the user * Add code to mark keys as verified * Slight UI adjustments * Slight UI adjustments 2 * Simplify signature verification slightly * fix postgres test * add api routes * handle swapped primary-keys * Verify the no-reply address for verified keys * Only add email addresses that are activated to keys * Fix committer shortcut properly * Restructure gpg_keys.go * Use common Verification Token code Signed-off-by: Andrew Thornton <art27@cantab.net>
* Implemented head_commit for webhooks (#16282)KN4CK3R2021-06-291-1/+1
| | | | | | | * Removed Len field. * Added head_commit webhook field. * Added comment for returns.
* Make allowed Visiblity modes configurable for Users (#16271)65432021-06-271-15/+15
| | | | | | | Now that #16069 is merged, some sites may wish to enforce that users are all public, limited or private, and/or disallow users from becoming private. This PR adds functionality and settings to constrain a user's ability to change their visibility. Co-authored-by: zeripath <art27@cantab.net>
* Add Visible modes function from Organisation to Users too (#16069)Sergey Dryabzhinsky2021-06-261-12/+47
| | | | | | | | | | | | | | | | | | You can limit or hide organisations. This pull make it also posible for users - new strings to translte - add checkbox to user profile form - add checkbox to admin user.edit form - filter explore page user search - filter api admin and public user searches - allow admins view "hidden" users - add app option DEFAULT_USER_VISIBILITY - rewrite many files to use Visibility field - check for teams intersection - fix context output - right fake 404 if not visible Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Andrew Thornton <art27@cantab.net>
* Add better errors for disabled account recovery (#15117)John Olheiser2021-06-251-1/+7
| | | | | | Signed-off-by: jolheiser <john.olheiser@gmail.com> Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
* Remove User.GetOrganizations() (#14032)65432021-06-181-1/+1
| | | as title
* Add asymmetric JWT signing (#16010)KN4CK3R2021-06-171-0/+7
| | | | | | | | | | | * Added asymmetric token signing. * Load signing key from settings. * Added optional kid parameter. * Updated documentation. * Add "kid" to token header.
* Add OpenID claims "profile" and "email". (#16141)KN4CK3R2021-06-141-0/+29
| | | | | | | | | | | | * Added OpenID claims "profile" and "email". * Splitted error. * Added scopes_supported and claims_supported. * Added more metadata. Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lauris BH <lauris@nix.lv>
* Remove remaining fontawesome usage in templates (#15952)silverwind2021-05-224-7/+7
| | | Can not remove the dependency yet because easymde depends on it.
* Issue sidebar and misc css fixes (#15524)silverwind2021-05-161-7/+13
| | | | | | | | | | | - Replace remaining font icons with SVG in issue sidebar - Rework issue due date display - Realign avatar in timeline - Fix font size in repo search and code explore - Consolidate active button styles - Fix loading form on arc-green - Align time tracker buttons vertically Fixes: https://github.com/go-gitea/gitea/issues/15896
* Create a session on ReverseProxy and ensure that ReverseProxy users cannot ↵zeripath2021-05-151-2/+2
| | | | | | | | | | | | | | | change username (#15304) * Create a session on ReverseProxy and ensure that ReverseProxy users cannot change username ReverseProxy users should generate a session on reverse proxy username change. Also prevent ReverseProxy users from changing their username. Fix #2407 * add testcase Signed-off-by: Andrew Thornton <art27@cantab.net>
* Allow only internal registration (#15795)65432021-05-092-5/+7
| | | | | * Add ALLOW_ONLY_INTERNAL_REGISTRATION into settings * OpenID respect setting too
* Use a generic markup class to display externally rendered files and diffs ↵65432021-05-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#15735) * creates and implements generic markup less class * How to give custom CSS to externally rendered html * Clarifies sources of CSS styling of markup * further clarification of sources of markup styling * rename _markdown to _markup * remove defunct import * fix orphaned reference * Update docs/content/doc/advanced/external-renderers.en-us.md * more renames markdown -> markup * do not suggest less customization * add back tokens * fix class whitespace, remove useless if-clause * remove unused csv-data rules * use named exports and rename functions * sort imports Co-authored-by: HarvsG <11440490+HarvsG@users.noreply.github.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: silverwind <me@silverwind.io>
* Feature/oauth userinfo (#15721)N. L. H2021-05-061-0/+1
| | | | | | | | | | | | | | | | | | | | | | * Implemented userinfo #8534 * Make lint happy * Add userinfo endpoint to openid-configuration * Give an error when uid equals 0 * Implemented BearerTokenErrorCode handling * instead of ctx.error use ctx.json so that clients parse error and error_description correctly * Removed unneeded if statement * Use switch instead of subsequent if statements Have a default for unknown errorcodes. Co-authored-by: Nils Hillmann <hillmann@nlh-software.de> Co-authored-by: nlhsoftware <nlhsoftware@noreply.localhost>
* Fixed several activation bugs (#15473)KN4CK3R2021-04-301-11/+9
| | | | | | | | | | | * Removed unneeded form tag. * Fixed typo. * Fixed NPE. * Use better error page. * Splitted GET and POST.
* Unified link creation. (#15619)KN4CK3R2021-04-302-8/+8
|
* add well-known config for OIDC (#15355)techknowlogick2021-04-151-0/+9
| | | | | | | | | | | | | | * add well-known config for OIDC * spacing per feedback * Update oidc_wellknown.tmpl * add id_token * Update oidc_wellknown.tmpl Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Disable Stars config option (#14653)Kyle D2021-04-152-9/+17
| | | | | | | * Add config option to disable stars * Replace "stars" with watched in user profile * Add documentation
* Use subdir for URL (#15446)KN4CK3R2021-04-141-1/+1
| | | | Fixes #15444
* Fix repository search (#15428)KN4CK3R2021-04-121-1/+1
| | | | Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Enforce tab indentation in templates (#15289)silverwind2021-04-108-191/+189
| | | | | | | | | | | | | | | | | | * Enforce tab indendation in templates This adds editorconfig-checker [1] to lint the template files so they conform the editorconfig files. I fixed all current identation issues using the fix mode of eclint [2] and some manual corrections. We can extend this linting to other files later, for now I'd like this PR to focus on HTML template files only. [1] https://github.com/editorconfig-checker/editorconfig-checker [2] https://github.com/jedmao/eclint * fix indendation Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Remove usage of JS globals (#15378)silverwind2021-04-091-3/+2
| | | | | | Refactor the exported globals in index.js to JS-initialized event handlers. Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add dashboard milestone search and repo milestone search by name (#14866)Roger Luo2021-04-081-28/+43
| | | | | Feature for issue #13845: - Add milestones search by name on dashboard milestones page. - Add milestones search by name on repo issue/milestones page.
* fix org navbar (#15173)Jimmy Praet2021-03-261-1/+2
|
* Update JS dependencies (#15033)silverwind2021-03-2213-16/+16
| | | | | | | | | | | | | * Update JS dependencies - Update all JS dependencies - For octicons, rename trashcan to trash - For svgo, migrate to v2 api, output seems to have slightly changed but icons look the same - For stylelint, update config, fix custom property duplicates - For monaco, drop legacy Edge support - For eslint, enable new rules, fix new issues - For less-loader, remove deprecated import syntax * update svgo usage in generate-images and rebuild logo.svg with it
* org dashboard: move teamselector left (#14954)Norwin2021-03-171-52/+53
| | | Co-authored-by: zeripath <art27@cantab.net>
* Fix a couple of issues with a feeds (#14897)zeripath2021-03-061-1/+2
| | | | | @CirnoT spotted a couple of issues with feeds on discord. This PR fixes both of these.
* Repository transfer has to be confirmed, if user can not create repo for new ↵65432021-03-011-1/+7
| | | | | | | owner (#14792) * make repo as "pending transfer" if on transfer start doer has no right to create repo in new destination * if new pending transfer ocured, create UI & Mail notifications
* Fix dashboard UI bugs and more (#14767)Mike L2021-02-251-4/+4
| | | | | | | | This PR fixes a few UI bugs I spontaneously encountered: - Fixes emojis in repo titles getting head-cut and tail-cut in dashboard feed due to introduction of 1.25 em emojis at 1 em line-height, by simply using the original 1 3/7 em value of `semantic.css` - Fixes regression (too long repo names should be capped to 70%) in #13828 due to flex children not respecting properties like `overflow: hidden;`, and removes a block of dead style code - Follow-up to #14761, removes extraneous code for top navbar and correct right margin for Font Awesome - Fixes color emphasis inversion in arc-green theme for top right buttons (edit, delete) on commit view boxes
* Fix double alert in oauth2 application edit view (#14764)a10121127962021-02-221-1/+0
| | | Signed-off-by: a1012112796 <1012112796@qq.com>
* fix link account ui (#14763)a10121127962021-02-211-12/+11
| | | | | Signed-off-by: a1012112796 <1012112796@qq.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Fix svg spacing (#14638)Kyle D2021-02-141-1/+1
| | | | | * Add right margin to icons in menu items * Reduce padding on user profile submenu to fit in one line by default (english)
* Fix truncated organization names (#14655)vnkmpf2021-02-122-12/+12
| | | | | | | * Fix truncated organization names Previous ellipsis implementation hid vertical overflow - image + descent line of letters. Organization visibility in select on dashboard was not always visible. This commit extracts classes which don't make collisions with other items on page.
* Add dismiss review feature (#12674)a10121127962021-02-111-0/+7
| | | | | | | | | | | | | | | * Add dismiss review feature refs: https://github.blog/2016-10-12-dismissing-reviews-on-pull-requests/ https://developer.github.com/v3/pulls/reviews/#dismiss-a-review-for-a-pull-request * change modal ui and error message * Add unDismissReview api Signed-off-by: a1012112796 <1012112796@qq.com> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
* Truncated organisations name #14583 (#14615)vnkmpf2021-02-092-7/+7
| | | | | - truncate to max length 40 - add CSS ellipsis
* Fix captcha (#14488)Lunny Xiao2021-01-272-2/+2
| | | | Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lauris BH <lauris@nix.lv>
* Redirect on changed user and org name (#11649)Andrew Bezold2021-01-241-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add redirect for user * Add redirect for orgs * Add user redirect test * Appease linter * Add comment to DeleteUserRedirect function * Fix locale changes * Fix GetUserByParams * Fix orgAssignment * Remove debug logging * Add redirect prompt * Dont Export DeleteUserRedirect & only use it within a session * Unexport newUserRedirect * cleanup * Fix & Dedub API code * Format Template * Add Migration & rm dublicat * Refactor: unexport newRepoRedirect() & rm dedub del exec * if this fails we'll need to re-rename the user directory Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Enhance Ghost comment mitigation Settings (#14392)65432021-01-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | * refactor models.DeleteComment and delete related reactions too * use deleteComment for UserDeleteWithCommentsMaxDays in DeleteUser * nits * Use time.Duration as other time settings have * docs * Resolve Fixme & fix potential deadlock * Disabled by Default * Update Config Value Description * switch args * Update models/issue_comment.go Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
* ensure timeout error is shown on u2f timeout (#14417)zeripath2021-01-221-1/+1
| | | Signed-off-by: Andrew Thornton <art27@cantab.net>
* Implement ghost comment mitigation (#14349)65432021-01-171-0/+3
| | | | | | | | | | | | | * Implement ghost comment mitigation Adds a config option USER_DELETE_WITH_COMMENTS_MAX_DAYS to the [service] section. See https://codeberg.org/Codeberg/Discussion/issues/24 for the underlying issue. * cleanup * use setting module correctly * add to docs Co-authored-by: Moritz Marquardt <git@momar.de>
* Add review requested filter on pull request overview (#13701)Jimmy Praet2021-01-171-0/+6
| | | | | | | | | | | | | * Add review requested filter on pull request overview #13682 fix formatting * add review_requested filter to /repos/issues/search API endpoint * only Approve and Reject status should supersede Request status * add support for team reviews * refactor: remove duplication of issue filtering conditions
* Handle NotifyCreateRef as create branch in feeds (#14245)Cirno the Strongest2021-01-041-1/+5
| | | Co-authored-by: Lauris BH <lauris@nix.lv>
* Various UI fixes (#14239)Cirno the Strongest2021-01-041-1/+3
| | | | | | | | | | | | | | | * Fix #14238 * Fix #14235 * Fix #14237 * Fix #14234 * Use octicon to show private status of repo in admin dashboard * Fix #14232 * Fix #14236
* Issue and pull request filters on organization dashboard #14052 (#14072)Jimmy Praet2021-01-031-14/+12
|
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-26 12:49:52 +0000