summaryrefslogtreecommitdiffstats
path: root/tests
Commit message (Collapse)AuthorAgeFilesLines
* Drop "unrolled/render" package (#23965)wxiaoguang2023-04-081-1/+1
| | | | | | | | | | | | None of the features of `unrolled/render` package is used. The Golang builtin "html/template" just works well. Then we can improve our HTML render to resolve the "$.root.locale.Tr" problem as much as possible. Next step: we can have a template render pool (by Clone), then we can inject global functions with dynamic context to every `Execute` calls. Then we can use `{{Locale.Tr ....}}` directly in all templates , no need to pass the `$.root.locale` again and again.
* Support "." char as user name for User/Orgs in RSS/ATOM/GPG/KEYS path ... ↵65432023-04-073-3/+16
| | | | | | | (#23874) - close #22301 workaround for https://github.com/go-chi/chi/issues/781
* Improve permission check of packages (#23879)yp053272023-04-061-0/+10
| | | | | | | | | | | | At first, we have one unified team unit permission which is called `Team.Authorize` in DB. But since https://github.com/go-gitea/gitea/pull/17811, we allowed different units to have different permission. The old code is only designed for the old version. So after #17811, if org users have write permission of other units, but have no permission of packages, they can also get write permission of packages. Co-authored-by: delvh <dev.lh@web.de>
* Use User.ID instead of User.Name in ActivityPub API for Person IRI (#23823)wxiaoguang2023-04-042-11/+11
| | | | | | | | Thanks to @trwnh Close #23802 The ActivityPub id is an HTTPS URI that should remain constant, even if the user changes their name.
* Display image size for multiarch container images (#23821)KN4CK3R2023-04-021-5/+17
| | | | | | | | Fixes #23771 Changes the display of different architectures for multiarch images to show the image size: ![grafik](https://user-images.githubusercontent.com/1666336/228781477-cc76c4d1-4728-434f-8a27-fc008790d924.png)
* Use different SVG for pending and running actions (#23836)Hester Gong2023-03-311-1/+5
| | | | | | | | | | | | | | Before: <img width="641" alt="截屏2023-03-31 11 12 17" src="https://user-images.githubusercontent.com/17645053/229013472-237701db-2c30-4477-a7b5-d40640361b14.png"> <img width="576" alt="截屏2023-03-31 11 10 48" src="https://user-images.githubusercontent.com/17645053/229013535-571aa8be-8e58-4d93-8641-9b8b5fd90108.png"> After: <img width="709" alt="截屏2023-03-31 11 05 44" src="https://user-images.githubusercontent.com/17645053/229012963-ccd1e9a7-8bea-4197-aa36-865eafbf8858.png"> <img width="528" alt="截屏2023-03-31 11 06 56" src="https://user-images.githubusercontent.com/17645053/229012971-a7313eb6-ecd2-4da3-89a7-c20be33f4611.png">
* Refactor internal API for git commands, use meaningful messages instead of ↵wxiaoguang2023-03-291-24/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | "Internal Server Error" (#23687) # Why this PR comes At first, I'd like to help users like #23636 (there are a lot) The unclear "Internal Server Error" is quite anonying, scare users, frustrate contributors, nobody knows what happens. So, it's always good to provide meaningful messages to end users (of course, do not leak sensitive information). When I started working on the "response message to end users", I found that the related code has a lot of technical debt. A lot of copy&paste code, unclear fields and usages. So I think it's good to make everything clear. # Tech Backgrounds Gitea has many sub-commands, some are used by admins, some are used by SSH servers or Git Hooks. Many sub-commands use "internal API" to communicate with Gitea web server. Before, Gitea server always use `StatusCode + Json "err" field` to return messages. * The CLI sub-commands: they expect to show all error related messages to site admin * The Serv/Hook sub-commands (for git clients): they could only show safe messages to end users, the error log could only be recorded by "SSHLog" to Gitea web server. In the old design, it assumes that: * If the StatusCode is 500 (in some functions), then the "err" field is error log, shouldn't be exposed to git client. * If the StatusCode is 40x, then the "err" field could be exposed. And some functions always read the "err" no matter what the StatusCode is. The old code is not strict, and it's difficult to distinguish the messages clearly and then output them correctly. # This PR To help to remove duplicate code and make everything clear, this PR introduces `ResponseExtra` and `requestJSONResp`. * `ResponseExtra` is a struct which contains "extra" information of a internal API response, including StatusCode, UserMsg, Error * `requestJSONResp` is a generic function which can be used for all cases to help to simplify the calls. * Remove all `map["err"]`, always use `private.Response{Err}` to construct error messages. * User messages and error messages are separated clearly, the `fail` and `handleCliResponseExtra` will output correct messages. * Replace all `Internal Server Error` messages with meaningful (still safe) messages. This PR saves more than 300 lines, while makes the git client messages more clear. Many gitea-serv/git-hook related essential functions are covered by tests. --------- Co-authored-by: delvh <dev.lh@web.de>
* Implement Issue Config (#20956)JakobDev2023-03-281-0/+52
| | | | | | | | Closes #20955 This PR adds the possibility to disable blank Issues, when the Repo has templates. This can be done by creating the file `.gitea/issue_config.yaml` with the content `blank_issues_enabled` in the Repo.
* Make minio package support legacy MD5 checksum (#23768)wxiaoguang2023-03-281-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | A feedback from discord: https://discord.com/channels/322538954119184384/561007778139734027/1090185427115319386 Some storages like: * https://developers.cloudflare.com/r2/api/s3/api/ * https://www.backblaze.com/b2/docs/s3_compatible_api.html They do not support "x-amz-checksum-algorithm" header But minio recently uses that header with CRC32C by default. So we have to tell minio to use legacy MD5 checksum. I guess this needs to be backported because IIRC we 1.19 and 1.20 are using similar minio package. The minio package code for SendContentMD5 looks like this: <details> <img width="755" alt="image" src="https://user-images.githubusercontent.com/2114189/228186768-4f2f6f67-62b9-4aee-9251-5af714ad9674.png"> </details>
* Fix profile page email display, respect settings (#23747)wxiaoguang2023-03-271-19/+30
| | | | | | | | | | | | | Always respect the `setting.UI.ShowUserEmail` and `KeepEmailPrivate` setting. * It doesn't make sense to show user's own E-mail to themself. * Always hide the E-mail if KeepEmailPrivate=true, then the user could know how their profile page looks like for others. * Revert the `setting.UI.ShowUserEmail` change from #4981 . This setting is used to control the E-mail display, not only for the user list page. ps: the incorrect `<div .../>` tag on the profile page has been fixed by #23748 together, so this PR becomes simpler.
* Clean some legacy files and move some build files (#23699)wxiaoguang2023-03-251-1/+1
| | | | | | | | | | | | | | | | | | | * Clean the "tools" directory. The "tools" directory contains only two files, move them. * The "external_renderer.go" works like "cat" command to echo Stdin to Stdout , to help testing. * The `// gobuild: external_renderer` is incorrect, there should be no space: `//gobuild: external_renderer` * The `fmt.Print(os.Args[1])` is not a well-defined behavior, and it's never used. * The "watch.sh" is for "make watch", it's somewhat related to "build" * After this PR, there is no "tools" directory, the project root directory looks slightly simpler than before. * Remove the legacy "contrib/autoboot.sh", there is no "gogs_supervisord.sh" * Remove the legacy "contrib/mysql.sql", it's never mentioned anywhere. * Remove the legacy "contrib/pr/checkout.go", it has been broken for long time, and it introduces unnecessary dependencies of the main code base.
* Use data-tooltip-content for tippy tooltip (#23649)wxiaoguang2023-03-242-2/+2
| | | | | | | | | | | | | | | | | Follow: * #23574 * Remove all ".tooltip[data-content=...]" Major changes: * Remove "tooltip" class, use "[data-tooltip-content=...]" instead of ".tooltip[data-content=...]" * Remove legacy `data-position`, it's dead code since last Fomantic Tooltip -> Tippy Tooltip refactoring * Rename reaction attribute from `data-content` to `data-reaction-content` * Add comments for some `data-content`: `{{/* used by the form */}}` * Remove empty "ui" class * Use "text color" for SVG icons (a few)
* Return `repository` in npm package metadata endpoint (#23539)Zettat1232023-03-171-0/+8
| | | | | | | | Close #23444 Add `Repository` to npm package `Metadata` struct so the `repository` in `package.json` can be stored and be returned in the endpoint. Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Replace `repo.namedBlob` by `git.TreeEntry`. (#22898)Nick2023-03-154-5/+35
| | | | | | | | `namedBlob` turned out to be a poor imitation of a `TreeEntry`. Using the latter directly shortens this code. This partially undoes https://github.com/go-gitea/gitea/pull/23152/, which I found a merge conflict with, and also expands the test it added to cover the subtle README-in-a-subfolder case.
* Add Swift package registry (#22404)KN4CK3R2023-03-131-0/+326
| | | | | | This PR adds a [Swift](https://www.swift.org/) package registry. ![grafik](https://user-images.githubusercontent.com/1666336/211842523-07521cbd-8fb6-400f-820c-ee8048b05ae8.png)
* add path prefix to ObjectStorage.Iterator (#23332)FuXiaoHei2023-03-131-2/+2
| | | | | | | | | | | | Support to iterator subdirectory in ObjectStorage for ObjectStorage.Iterator method. It's required for https://github.com/go-gitea/gitea/pull/22738 to make artifact files cleanable. --------- Co-authored-by: Jason Song <i@wolfogre.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Split CI pipelines (#23385)John Olheiser2023-03-102-23/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - This PR attempts to split our various DB tests into separate pipelines. - It splits up some of the extra feature-related tests rather than having most of them in the MySQL test. - It disables the race detector for some of the pipelines as well, as it can cause slower runs and is mostly redundant when the pipelines just swap DBs. - It builds without SQLite support for any of the non-SQLite pipelines. - It moves the e2e test to using SQLite rather than PG (partially because I moved the minio tests to PG and that mucked up the test config, and partially because it avoids another running service) - It splits up the `go mod download` task in the Makefile from the tool installation, as the tools are only needed in the compliance pipeline. (Arguably even some of the tools aren't needed there, but that could be a follow-up PR) - SQLite is now the only arm64 pipeline, moving PG back to amd64 which can leverage autoscaler Should resolve #22010 - one thing that wasn't changed here but is mentioned in that issue, unit tests are needed in the same pipeline as an integration test in order to form a complete coverage report (at least as far as I could tell), so for now it remains in a pipeline with a DB integration test. Please let me know if I've inadvertently changed something that was how it was on purpose. --- I will say sometimes it's hard to pin down the average time, as a pipeline could be waiting for a runner for X minutes and that brings the total up by X minutes as well, but overall this does seem to be faster on average. --------- Signed-off-by: jolheiser <john.olheiser@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Test renderReadmeFile (#23185)Nick2023-03-0943-0/+171
| | | | | | | | | | | | | Add test coverage to the important features of [`routers.web.repo.renderReadmeFile`](https://github.com/go-gitea/gitea/blob/067b0c2664d127c552ccdfd264257caca4907a77/routers/web/repo/view.go#L273); namely that: - it can handle looking in docs/, .gitea/, and .github/ - it can handle choosing between multiple competing READMEs - it prefers the localized README to the markdown README to the plaintext README - it can handle broken symlinks when processing all the options - it uses the name of the symlink, not the name of the target of the symlink
* Refactor `setting.Database.UseXXX` to methods (#23354)Jason Song2023-03-073-9/+9
| | | | | | | | | | | Replace #23350. Refactor `setting.Database.UseMySQL` to `setting.Database.Type.IsMySQL()`. To avoid mismatching between `Type` and `UseXXX`. This refactor can fix the bug mentioned in #23350, so it should be backported.
* Use correct README link to render the README (#23152)yp053272023-03-035-0/+21
| | | | | | | | | | | | | | | | | | | | | | | `renderReadmeFile` needs `readmeTreelink` as parameter but gets `treeLink`. The values of them look like as following: `treeLink`: `/{OwnerName}/{RepoName}/src/branch/{BranchName}` `readmeTreelink`: `/{OwnerName}/{RepoName}/src/branch/{BranchName}/{ReadmeFileName}` `path.Dir` in https://github.com/go-gitea/gitea/blob/8540fc45b11eff9a73753ca139f8ea5c38509bf5/routers/web/repo/view.go#L316 should convert `readmeTreelink` into `/{OwnerName}/{RepoName}/src/branch/{BranchName}` instead of the current `/{OwnerName}/{RepoName}/src/branch`. Fixes #23151 --------- Co-authored-by: Jason Song <i@wolfogre.com> Co-authored-by: John Olheiser <john.olheiser@gmail.com> Co-authored-by: silverwind <me@silverwind.io>
* Use context parameter in services/repository (#23186)Jason Song2023-02-282-2/+2
| | | | | | | | Use context parameter in `services/repository`. And use `cache.WithCacheContext(ctx)` to generate push action history feeds. Fix #23160
* Remove all package data after tests (#22984)KN4CK3R2023-02-2312-5/+46
| | | | | | | | Fixes #21020 --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: zeripath <art27@cantab.net>
* Use minio/sha256-simd for accelerated SHA256 (#23052)zeripath2023-02-223-3/+3
| | | | | | | | | | | | minio/sha256-simd provides additional acceleration for SHA256 using AVX512, SHA Extensions for x86 and ARM64 for ARM. It provides a drop-in replacement for crypto/sha256 and if the extensions are not available it falls back to standard crypto/sha256. --------- Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Fix hidden commit status on multiple checks (#22889)oliverpool2023-02-203-16/+78
| | | | | | | | | | | | | | Since #22632, when a commit status has multiple checks, no check is shown at all (hence no way to see the other checks). This PR fixes this by always adding a tag with the `.commit-statuses-trigger` to the DOM (the `.vm` is for vertical alignment). ![2023-02-13-120528](https://user-images.githubusercontent.com/3864879/218441846-1a79c169-2efd-46bb-9e75-d8b45d7cc8e3.png) --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Use beforeCommit instead of baseCommit (#22949)Kyle D2023-02-2016-3/+90
| | | | | | | | | | | | | | | | | Replaces: https://github.com/go-gitea/gitea/pull/22947 Fixes https://github.com/go-gitea/gitea/issues/22946 Probably related to https://github.com/go-gitea/gitea/issues/19530 Basically, many of the diffs were broken because they were comparing to the base commit, where a 3-dot diff should be comparing to the [last common ancestor](https://matthew-brett.github.io/pydagogue/git_diff_dots.html). This should have an integration test so that we don’t run into this issue again. --------- Co-authored-by: Jonathan Tran <jonnytran@gmail.com>
* Refactor the setting to make unit test easier (#22405)Lunny Xiao2023-02-203-8/+8
| | | | | | | | | | | | | | | | | | | | | | Some bugs caused by less unit tests in fundamental packages. This PR refactor `setting` package so that create a unit test will be easier than before. - All `LoadFromXXX` files has been splited as two functions, one is `InitProviderFromXXX` and `LoadCommonSettings`. The first functions will only include the code to create or new a ini file. The second function will load common settings. - It also renames all functions in setting from `newXXXService` to `loadXXXSetting` or `loadXXXFrom` to make the function name less confusing. - Move `XORMLog` to `SQLLog` because it's a better name for that. Maybe we should finally move these `loadXXXSetting` into the `XXXInit` function? Any idea? --------- Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: delvh <dev.lh@web.de>
* Rename `GetUnits` to `LoadUnits` (#22970)yp053272023-02-191-3/+3
| | | | | | | Same as https://github.com/go-gitea/gitea/pull/22967 --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Scoped labels (#22585)Brecht Van Lommel2023-02-183-15/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a new "exclusive" option per label. This makes it so that when the label is named `scope/name`, no other label with the same `scope/` prefix can be set on an issue. The scope is determined by the last occurence of `/`, so for example `scope/alpha/name` and `scope/beta/name` are considered to be in different scopes and can coexist. Exclusive scopes are not enforced by any database rules, however they are enforced when editing labels at the models level, automatically removing any existing labels in the same scope when either attaching a new label or replacing all labels. In menus use a circle instead of checkbox to indicate they function as radio buttons per scope. Issue filtering by label ensures that only a single scoped label is selected at a time. Clicking with alt key can be used to remove a scoped label, both when editing individual issues and batch editing. Label rendering refactor for consistency and code simplification: * Labels now consistently have the same shape, emojis and tooltips everywhere. This includes the label list and label assignment menus. * In label list, show description below label same as label menus. * Don't use exactly black/white text colors to look a bit nicer. * Simplify text color computation. There is no point computing luminance in linear color space, as this is a perceptual problem and sRGB is closer to perceptually linear. * Increase height of label assignment menus to show more labels. Showing only 3-4 labels at a time leads to a lot of scrolling. * Render all labels with a new RenderLabel template helper function. Label creation and editing in multiline modal menu: * Change label creation to open a modal menu like label editing. * Change menu layout to place name, description and colors on separate lines. * Don't color cancel button red in label editing modal menu. * Align text to the left in model menu for better readability and consistent with settings layout elsewhere. Custom exclusive scoped label rendering: * Display scoped label prefix and suffix with slightly darker and lighter background color respectively, and a slanted edge between them similar to the `/` symbol. * In menus exclusive labels are grouped with a divider line. --------- Co-authored-by: Yarden Shoham <hrsi88@gmail.com> Co-authored-by: Lauris BH <lauris@nix.lv>
* Add context cache as a request level cache (#22294)Lunny Xiao2023-02-156-11/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | To avoid duplicated load of the same data in an HTTP request, we can set a context cache to do that. i.e. Some pages may load a user from a database with the same id in different areas on the same page. But the code is hidden in two different deep logic. How should we share the user? As a result of this PR, now if both entry functions accept `context.Context` as the first parameter and we just need to refactor `GetUserByID` to reuse the user from the context cache. Then it will not be loaded twice on an HTTP request. But of course, sometimes we would like to reload an object from the database, that's why `RemoveContextData` is also exposed. The core context cache is here. It defines a new context ```go type cacheContext struct { ctx context.Context data map[any]map[any]any lock sync.RWMutex } var cacheContextKey = struct{}{} func WithCacheContext(ctx context.Context) context.Context { return context.WithValue(ctx, cacheContextKey, &cacheContext{ ctx: ctx, data: make(map[any]map[any]any), }) } ``` Then you can use the below 4 methods to read/write/del the data within the same context. ```go func GetContextData(ctx context.Context, tp, key any) any func SetContextData(ctx context.Context, tp, key, value any) func RemoveContextData(ctx context.Context, tp, key any) func GetWithContextCache[T any](ctx context.Context, cacheGroupKey string, cacheTargetID any, f func() (T, error)) (T, error) ``` Then let's take a look at how `system.GetString` implement it. ```go func GetSetting(ctx context.Context, key string) (string, error) { return cache.GetWithContextCache(ctx, contextCacheKey, key, func() (string, error) { return cache.GetString(genSettingCacheKey(key), func() (string, error) { res, err := GetSettingNoCache(ctx, key) if err != nil { return "", err } return res.SettingValue, nil }) }) } ``` First, it will check if context data include the setting object with the key. If not, it will query from the global cache which may be memory or a Redis cache. If not, it will get the object from the database. In the end, if the object gets from the global cache or database, it will be set into the context cache. An object stored in the context cache will only be destroyed after the context disappeared.
* Move helpers to be prefixed with `gt-` (#22879)zeripath2023-02-131-1/+1
| | | | | | | | | | | | | | | | | | | | As discussed in #22847 the helpers in helpers.less need to have a separate prefix as they are causing conflicts with fomantic styles This will allow us to have the `.gt-hidden { display:none !important; }` style that is needed to for the reverted PR. Of note in doing this I have noticed that there was already a conflict with at least one chroma style which this PR now avoids. I've also added in the `gt-hidden` style that matches the tailwind one and switched the code that needed it to use that. Signed-off-by: Andrew Thornton <art27@cantab.net> --------- Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add `/$count` endpoints for NuGet v2 (#22855)KN4CK3R2023-02-111-11/+20
| | | | | Fixes #22838 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Map OIDC groups to Orgs/Teams (#21441)KN4CK3R2023-02-081-48/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #19555 Test-Instructions: https://github.com/go-gitea/gitea/pull/21441#issuecomment-1419438000 This PR implements the mapping of user groups provided by OIDC providers to orgs teams in Gitea. The main part is a refactoring of the existing LDAP code to make it usable from different providers. Refactorings: - Moved the router auth code from module to service because of import cycles - Changed some model methods to take a `Context` parameter - Moved the mapping code from LDAP to a common location I've tested it with Keycloak but other providers should work too. The JSON mapping format is the same as for LDAP. ![grafik](https://user-images.githubusercontent.com/1666336/195634392-3fc540fc-b229-4649-99ac-91ae8e19df2d.png) --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Use import of OCI structs (#22765)KN4CK3R2023-02-061-8/+8
| | | | | | Fixes #22758 Otherwise we would need to rewrite the structs in `oci.go`.
* Add Chef package registry (#22554)KN4CK3R2023-02-061-0/+560
| | | | | | | | | | | | | This PR implements a [Chef registry](https://chef.io/) to manage cookbooks. This package type was a bit complicated because Chef uses RSA signed requests as authentication with the registry. ![grafik](https://user-images.githubusercontent.com/1666336/213747995-46819fd8-c3d6-45a2-afd4-a4c3c8505a4a.png) ![grafik](https://user-images.githubusercontent.com/1666336/213748145-d01c9e81-d4dd-41e3-a3cc-8241862c3166.png) Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Add Cargo package registry (#21888)KN4CK3R2023-02-052-2/+344
| | | | | | | | | | | | | | | | | | This PR implements a [Cargo registry](https://doc.rust-lang.org/cargo/) to manage Rust packages. This package type was a little bit more complicated because Cargo needs an additional Git repository to store its package index. Screenshots: ![grafik](https://user-images.githubusercontent.com/1666336/203102004-08d812ac-c066-4969-9bda-2fed818554eb.png) ![grafik](https://user-images.githubusercontent.com/1666336/203102141-d9970f14-dca6-4174-b17a-50ba1bd79087.png) ![grafik](https://user-images.githubusercontent.com/1666336/203102244-dc05743b-78b6-4d97-998e-ef76341a978f.png) --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Refactor git command package to improve security and maintainability (#22678)wxiaoguang2023-02-043-12/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR follows #21535 (and replace #22592) ## Review without space diff https://github.com/go-gitea/gitea/pull/22678/files?diff=split&w=1 ## Purpose of this PR 1. Make git module command completely safe (risky user inputs won't be passed as argument option anymore) 2. Avoid low-level mistakes like https://github.com/go-gitea/gitea/pull/22098#discussion_r1045234918 3. Remove deprecated and dirty `CmdArgCheck` function, hide the `CmdArg` type 4. Simplify code when using git command ## The main idea of this PR * Move the `git.CmdArg` to the `internal` package, then no other package except `git` could use it. Then developers could never do `AddArguments(git.CmdArg(userInput))` any more. * Introduce `git.ToTrustedCmdArgs`, it's for user-provided and already trusted arguments. It's only used in a few cases, for example: use git arguments from config file, help unit test with some arguments. * Introduce `AddOptionValues` and `AddOptionFormat`, they make code more clear and simple: * Before: `AddArguments("-m").AddDynamicArguments(message)` * After: `AddOptionValues("-m", message)` * - * Before: `AddArguments(git.CmdArg(fmt.Sprintf("--author='%s <%s>'", sig.Name, sig.Email)))` * After: `AddOptionFormat("--author='%s <%s>'", sig.Name, sig.Email)` ## FAQ ### Why these changes were not done in #21535 ? #21535 is mainly a search&replace, it did its best to not change too much logic. Making the framework better needs a lot of changes, so this separate PR is needed as the second step. ### The naming of `AddOptionXxx` According to git's manual, the `--xxx` part is called `option`. ### How can it guarantee that `internal.CmdArg` won't be not misused? Go's specification guarantees that. Trying to access other package's internal package causes compilation error. And, `golangci-lint` also denies the git/internal package. Only the `git/command.go` can use it carefully. ### There is still a `ToTrustedCmdArgs`, will it still allow developers to make mistakes and pass untrusted arguments? Generally speaking, no. Because when using `ToTrustedCmdArgs`, the code will be very complex (see the changes for examples). Then developers and reviewers can know that something might be unreasonable. ### Why there was a `CmdArgCheck` and why it's removed? At the moment of #21535, to reduce unnecessary changes, `CmdArgCheck` was introduced as a hacky patch. Now, almost all code could be written as `cmd := NewCommand(); cmd.AddXxx(...)`, then there is no need for `CmdArgCheck` anymore. ### Why many codes for `signArg == ""` is deleted? Because in the old code, `signArg` could never be empty string, it's either `-S[key-id]` or `--no-gpg-sign`. So the `signArg == ""` is just dead code. --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Add some comments for recent code (#22725)wxiaoguang2023-02-021-0/+1
| | | | | | When using the main branch, I found that some changed code didn't have comments. This PR adds some comments.
* Fix group filter for ldap source sync (#22506)Pavel Ezhov2023-02-021-11/+88
| | | | | | | | | | | | | | | | | | | | | There are 2 separate flows of creating a user: authentication and source sync. When a group filter is defined, source sync ignores group filter, while authentication respects it. With this PR I've fixed this behavior, so both flows now apply this filter when searching users in LDAP in a unified way. - Unified LDAP group membership lookup for authentication and source sync flows - Replaced custom group membership lookup (used for authentication flow) with an existing listLdapGroupMemberships method (used for source sync flow) - Modified listLdapGroupMemberships and getUserAttributeListedInGroup in a way group lookup could be called separately - Added user filtering based on a group membership for a source sync - Added tests to cover this logic Co-authored-by: Pavel Ezhov <paejov@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Add Conda package registry (#22262)KN4CK3R2023-02-011-0/+274
| | | This PR adds a [Conda](https://conda.io/) package registry.
* Fix wrong hint when deleting a branch successfully from pull request UI (#22673)Lunny Xiao2023-01-311-1/+1
| | | Fix #18785
* Disable test for incoming email (#22686)KN4CK3R2023-01-311-1/+1
| | | | | | Disable this test for the moment because the used imap container image seems unstable which results in many failed CI builds. Co-authored-by: Jason Song <i@wolfogre.com>
* Check quota limits for container uploads (#22450)KN4CK3R2023-01-291-20/+50
| | | | The test coverage has revealed that container packages were not checked against the quota limits.
* Add API endpoint to get latest release (#21267)JakobDev2023-01-261-0/+18
| | | | | | This PR adds a new API endpoint to get the latest stable release of a repo, similar to [GitHub API](https://docs.github.com/en/rest/releases/releases#get-the-latest-release).
* Support scoped access tokens (#20908)Chongyi Zheng2023-01-1766-250/+347
| | | | | | | | | | | | | | | | | | | | | | | | | | | This PR adds the support for scopes of access tokens, mimicking the design of GitHub OAuth scopes. The changes of the core logic are in `models/auth` that `AccessToken` struct will have a `Scope` field. The normalized (no duplication of scope), comma-separated scope string will be stored in `access_token` table in the database. In `services/auth`, the scope will be stored in context, which will be used by `reqToken` middleware in API calls. Only OAuth2 tokens will have granular token scopes, while others like BasicAuth will default to scope `all`. A large amount of work happens in `routers/api/v1/api.go` and the corresponding `tests/integration` tests, that is adding necessary scopes to each of the API calls as they fit. - [x] Add `Scope` field to `AccessToken` - [x] Add access control to all API endpoints - [x] Update frontend & backend for when creating tokens - [x] Add a database migration for `scope` column (enable 'all' access to past tokens) I'm aiming to complete it before Gitea 1.19 release. Fixes #4300
* Fix container blob mount (#22226)KN4CK3R2023-01-161-15/+26
|
* Supports wildcard protected branch (#20825)Lunny Xiao2023-01-163-20/+29
| | | | | | | | | | | | | | | | | This PR introduce glob match for protected branch name. The separator is `/` and you can use `*` matching non-separator chars and use `**` across separator. It also supports input an exist or non-exist branch name as matching condition and branch name condition has high priority than glob rule. Should fix #2529 and #15705 screenshots <img width="1160" alt="image" src="https://user-images.githubusercontent.com/81045/205651179-ebb5492a-4ade-4bb4-a13c-965e8c927063.png"> Co-authored-by: zeripath <art27@cantab.net>
* Add support for incoming emails (#22056)KN4CK3R2023-01-142-0/+259
| | | | | | | | | | | | | | | | | | | | | | | | | | | | closes #13585 fixes #9067 fixes #2386 ref #6226 ref #6219 fixes #745 This PR adds support to process incoming emails to perform actions. Currently I added handling of replies and unsubscribing from issues/pulls. In contrast to #13585 the IMAP IDLE command is used instead of polling which results (in my opinion 😉) in cleaner code. Procedure: - When sending an issue/pull reply email, a token is generated which is present in the Reply-To and References header. - IMAP IDLE waits until a new email arrives - The token tells which action should be performed A possible signature and/or reply gets stripped from the content. I added a new service to the drone pipeline to test the receiving of incoming mails. If we keep this in, we may test our outgoing emails too in future. Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Improve utils of slices (#22379)Jason Song2023-01-111-1/+1
| | | | | | | | | | | | | | | | | | | - Move the file `compare.go` and `slice.go` to `slice.go`. - Fix `ExistsInSlice`, it's buggy - It uses `sort.Search`, so it assumes that the input slice is sorted. - It passes `func(i int) bool { return slice[i] == target })` to `sort.Search`, that's incorrect, check the doc of `sort.Search`. - Conbine `IsInt64InSlice(int64, []int64)` and `ExistsInSlice(string, []string)` to `SliceContains[T]([]T, T)`. - Conbine `IsSliceInt64Eq([]int64, []int64)` and `IsEqualSlice([]string, []string)` to `SliceSortedEqual[T]([]T, T)`. - Add `SliceEqual[T]([]T, T)` as a distinction from `SliceSortedEqual[T]([]T, T)`. - Redesign `RemoveIDFromList([]int64, int64) ([]int64, bool)` to `SliceRemoveAll[T]([]T, T) []T`. - Add `SliceContainsFunc[T]([]T, func(T) bool)` and `SliceRemoveAllFunc[T]([]T, func(T) bool)` for general use. - Add comments to explain why not `golang.org/x/exp/slices`. - Add unit tests.
* Move fuzz tests into tests/fuzz (#22376)Khaled Yakdan2023-01-091-0/+38
| | | | | | This puts the fuzz tests in the same directory as other tests and eases the integration in OSS-Fuzz Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Use context parameter in models/git (#22367)Jason Song2023-01-093-12/+12
| | | | | | | | | After #22362, we can feel free to use transactions without `db.DefaultContext`. And there are still lots of models using `db.DefaultContext`, I think we should refactor them carefully and one by one. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>