Commit Graph

2002 Commits

Author SHA1 Message Date
Lunny Xiao b3b468444b Revert "make modules/structs as a spereate go mod (#7127)" (#7175)
This reverts commit 835b53fc25.
2019-06-10 15:55:58 -04:00
Lunny Xiao 835b53fc25
make modules/structs as a spereate go mod (#7127) 2019-06-10 23:20:49 +08:00
Lunny Xiao d93e6232e8
Move PushUpdate dependency from models to repofiles (#6763)
* remove push_update

* move models.PushUpdate to repofiles.PushUpdate
2019-06-10 19:35:13 +08:00
Richard Mahn 8de0b0a3f0 Fixes #2738 - Adds the /git/tags API endpoint (#7138)
* Fixes #2738 - /git/tags API

* proper URLs

* Adds function comments

* Updates swagger

* Removes newline from tag message

* Removes trailing newline from commit message

* Adds integration test

* Removed debugging

* Adds tests

* Fixes bug where multiple tags of same commit show wrong tag name

* Fix formatting

* Removes unused varaible

* Fix to annotated tag function names and response

* Update modules/git/repo_tag.go

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Uses TagPrefix

* Changes per review, better error handling for getting tag and commit IDs

* Fix to getting commit ID

* Fix to getting commit ID

* Fix to getting commit ID

* Fix to getting commit ID
2019-06-08 17:31:11 +03:00
Lunny Xiao 6fb31a5461
fix GCArgs load from ini (#7156) 2019-06-08 19:47:46 +08:00
Mario Lubenka 311ce2d1d0 Compare branches, commits and tags with each other (#6991)
* Supports tags when comparing commits or branches

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Hide headline when only comparing and don't load unused data

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Merges compare logics to allow comparing branches, commits and tags with eachother

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Display branch or tag instead of commit when used for comparing

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Show pull request form after click on button

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Transfers relevant pull.go changes from master to compare.go

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Fixes error when comparing forks against a commit or tag

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Removes console.log from JavaScript file

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Show icon next to commit reference when comparing branch or tag

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Updates css file

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Fixes import order

* Renames template variable

* Update routers/repo/compare.go

Co-Authored-By: zeripath <art27@cantab.net>

* Update from master

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Allow short-shas in compare

* Renames prInfo to compareInfo

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Check PR permissions only if compare is pull request

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adjusts comment

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Use compareInfo instead of prInfo
2019-06-07 16:29:29 -04:00
Lanre Adelowo de6539fc8c Add state param to milestone listing API (#7131)
* Support state params

* update tests

* fix tests

* add state=all support

* update tests

* update swagger

* update swagger
2019-06-06 08:37:45 +08:00
Rob Watson 8bf405986e Add Rust highlighting (#7125) 2019-06-04 17:01:47 -04:00
mrsdizzie 2ac2a5b0ba Refactor submodule URL parsing (#7100)
Use combination of url.Parse and regex to parse refURL rather than by
hand with indexes & attempt to check if refURL is from same instance and
adjust output to match.

Also now return empty string instead of our original
guess at URL if we are unable to parse it.

Fixes #1526
2019-06-03 23:11:19 +08:00
Lunny Xiao 83b90e4199 Use vfsgen instead of go-bindata (#7080)
* use vfsgen instead of go-bindata

* fix templates

* fix fmt

* vendor vsfgen
2019-06-03 00:43:47 +03:00
Mario Lubenka 8eba27c792 Repository avatar fallback configuration (#7087)
* Only show repository avatar in list when one was selected

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adds fallback configuration option for repository avatar

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Implements repository avatar fallback

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adds admin task for deleting generated repository avatars

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Solve linting issues

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Save avatar before updating database

* Linting

* Update models/repo.go

Co-Authored-By: zeripath <art27@cantab.net>
2019-06-02 14:40:12 +08:00
zeripath 356854fc5f Move serv hook functionality & drop GitLogger (#6993)
* Move hook functionality internally

* Internalise serv logic

* Remove old internal paths

* finally remove the gitlogger

* Disallow push on archived repositories

* fix lint error

* Update modules/private/key.go

* Update routers/private/hook.go

* Update routers/private/hook.go

* Update routers/private/hook.go

* Updated routers/private/serv.go

* Fix LFS Locks over SSH

* rev-list needs to be run by the hook process

* fixup

* Improve git test

* Ensure that the lfs files are created with a different prefix

* Reduce the replication in git_test.go

* slight refactor

* Remove unnecessary "/"

* Restore ensureAnonymousClone

* Restore ensureAnonymousClone

* Run rev-list on server side

* Try passing in the alternative directories instead

* Mark test as skipped

* Improve git test

* Ensure that the lfs files are created with a different prefix
* Reduce the replication in git_test.go
* Remove unnecessary "/"
2019-06-01 23:00:21 +08:00
mrsdizzie de6ef14d04 Validate External Tracker URL Format (#7089)
* Validate External Tracker URL Format

Add some validation checks for external tracker URL format.

Fixes #7068

* Don't make {index} a hard requirement

* Fix Description

* make fmt

* move regex to package level

* fix copyright date
2019-05-31 10:21:15 +01:00
Robert A. Nowak 592924a34b Fix Erlang and Elixir highlight mappings (#7044) 2019-05-30 17:23:16 -04:00
Lunny Xiao 7d12ec2abd improve github downloader on migrations (#7049)
* improve github downloader on migrations

* fix tests

* fix  uppercase function parameters
2019-05-30 16:26:57 -04:00
Richard Mahn 43cf2f3b55 Fixes #7023 - API Org Visibility (#7028) 2019-05-30 13:57:55 -04:00
Richard Mahn 1831b3b571 Fixes #5960 - Adds API Endpoint for Repo Edit (#7006)
* Feature - #5960 - API Endpoint for Repo Editing

* Revert from merge

* Adds integration testing

* Updates to integration tests

* Revert changes

* Update year in file header

* Misspell fix

* XORM = test

* XORM = test

* revert XORM = file

* Makes RepoUnit.ID be pk and autoincr

* Fix to units

* revert header

* Remove print statement

* Adds other responses

* Improves swagger for creating repo

* Fixes import order

* Better Unit Type does not exist error

* Adds editable repo properties to the response repo structure

* Fix to api_repo_edit_test.go

* Fixes repo test

* Changes per review

* Fixes typo and standardizes comments in the EditRepoOption struct for swagger

* Fixes typo and standardizes comments in the EditRepoOption struct for swagger

* Actually can unarchive through the API

* Unlike delete, user doesn't have to be the owner of the org, just admin to the repo

* Fix to swagger comments for field name change

* Update to swagger docs

* Update swagger

* Changes allow_pull_requests to has_pull_requests
2019-05-30 11:09:05 -04:00
Sergey Dryabzhinsky 3fd18838aa Repository avatars (#6986)
* Repository avatars

- first variant of code from old work for gogs
- add migration 87
- add new option in app.ini
- add en-US locale string
- add new class in repository.less

* Add changed index.css, remove unused template name

* Update en-us doc about configuration options

* Add comments to new functions, add new option to docker app.ini

* Add comment for lint

* Remove variable, not needed

* Fix formatting

* Update swagger api template

* Check if avatar exists

* Fix avatar link/path checks

* Typo

* TEXT column can't have a default value

* Fixes:

- remove old avatar file on upload
- use ID in name of avatar file - users may upload same files
- add simple tests

* Fix fmt check

* Generate PNG instead of "static" GIF

* More informative comment

* Fix error message

* Update avatar upload checks:

- add file size check
- add new option
- update config docs
- add new string to en-us locale

* Fixes:

- use FileHEader field for check file size
- add new test - upload big image

* Fix formatting

* Update comments

* Update log message

* Removed wrong style - not needed

* Use Sync2 to migrate

* Update repos list view

- bigger avatar
- fix html blocks alignment

* A little adjust avatar size

* Use small icons for explore/repo list

* Use new cool avatar preparation func by @lafriks

* Missing changes for new function

* Remove unused import, move imports

* Missed new option definition in app.ini

Add file size check in user/profile avatar upload

* Use smaller field length for Avatar

* Use session to update repo DB data, update DeleteAvatar - use session too

* Fix err variable definition

* As suggested @lafriks - return as soon as possible, code readability
2019-05-29 22:22:26 -04:00
Bo-Yi Wu 743697a549
refactor: append, build variable and type switch (#4940)
* refactor: append, build variable and type switch

* fix: remove redundant space.
2019-05-28 23:45:54 +08:00
zeripath 31557b1274
Fix LFS Locks over SSH (#6999)
* Fix LFS Locks over SSH
* Mark test as skipped
2019-05-28 11:32:41 +01:00
zeripath 69d81b6569
Handle insecure and ports in go get (#7041)
* Handle insecure and ports in go get

* Fix IsExternalURL for non-standard ports
2019-05-27 22:08:38 +01:00
Lunny Xiao 063fa99159
when git version >= 2.18, git command could run with git wire protocol version 2 param if enabled (#7047) 2019-05-26 17:50:06 +08:00
Rob Watson daaae2aad5 migrations: ensure rollback on error (#7039) (#7040) 2019-05-25 22:18:27 +01:00
Lunny Xiao 355ab0c62c Fix wrong init dependency on markup extensions (#7038)
* fix wrong init dependency on markup extensions
2019-05-25 18:15:39 +01:00
Rob Watson df2557835b Improve handling of non-square avatars (#7025)
* Crop avatar before resizing (#1268)

Signed-off-by: Rob Watson <rfwatson@users.noreply.github.com>

* Fix spelling error

Signed-off-by: Rob Watson <rfwatson@users.noreply.github.com>
2019-05-25 14:46:14 +03:00
Marat Radchenko 844f9a4bd8 Fix /verify LFS handler expecting wrong content-type (#7015)
Fixes #6960

According to [spec][1], /verify requests must have `Accept: application/vnd.git-lfs+json`

Previous code works because `git-lfs` also [violates spec and doesn't send any Accept header at all][2]
For other clients that DO set `Accept: application/vnd.git-lfs+json`, addition of `Accept: application/vnd.git-lfs`
either forces them to violate the spec or is ignored, depending on order in what they create header list.

[1]: https://github.com/git-lfs/git-lfs/blob/master/docs/api/basic-transfers.md#verification
[2]: https://github.com/git-lfs/git-lfs/issues/3662
2019-05-24 22:21:00 +01:00
Vladimir Panteleev a98e085031 Show git-notes (#6984)
* Show git-notes

* Make git-notes heading text localizable

* Refactor git-notes data fetching to a separate function

* Display the author and time of git notes

* Move note bubble inside the commit bubble

* Revert "Move note bubble inside the commit bubble"

This reverts commit c0951fe0e3b4dea38064515546b1825c1bcf19e1.

* Add test for git-notes

* testing ui

* Polish CSS

* Apply suggestions from code review

Co-Authored-By: Lauris BH <lauris@nix.lv>
2019-05-24 10:52:05 +03:00
Lunny Xiao d5a98a2969 Add support of utf8mb4 for mysql (#6992) 2019-05-24 00:15:26 -04:00
zeripath 0d69dfb4ca
Do not attempt to return blob on submodule (#6996) 2019-05-21 22:32:52 +01:00
Lunny Xiao 02542a2c15 fix missing repo description when migrating (#7000) 2019-05-20 15:43:43 +03:00
zeripath 775a5a5b0f
Stop colorizing files by default (#6949) 2019-05-15 22:37:06 +01:00
Lunny Xiao 710245e81e
Refactor models.NewRepoContext to extract git related codes to modules/git (#6941)
* refactor models.NewRepoContext to extract git related codes to modules/git

* fix imports

* refactor
2019-05-15 09:57:00 +08:00
zeripath e55c874dd2 Add work path CLI option (#6922)
Makes it possible to set the work path as a CLI option instead of
relying on environment variables which are somewhat opaque
2019-05-14 11:20:35 -04:00
Lunny Xiao 8b36f01f45 Move xorm logger bridge from log to models so that log module could be a standalone package (#6944)
* move xorm logger bridge from log to models so that log module could be a standalone package

* fix tests

* save logger on xorm log bridge
2019-05-14 10:04:07 +03:00
Lunny Xiao 6123840745 Remove macaron dependent on modules/log (#6933) 2019-05-13 22:55:52 -04:00
zeripath c0fc6cd9a8 rotate unusual logs and stop stacktracing (#6935) 2019-05-14 03:08:34 +03:00
Tamal Saha 34d06f4c6b Handle CORS requests (#6289) 2019-05-13 11:38:53 -04:00
zeripath ce8de35334 Remove local clones & make hooks run on merge/edit/upload (#6672)
* Add options to git.Clone to make it more capable

* Begin the process of removing the local copy and tidy up

* Remove Wiki LocalCopy Checkouts

* Remove the last LocalRepo helpers

* Remove WithTemporaryFile

* Enable push-hooks for these routes

* Ensure tests cope with hooks

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove Repository.LocalCopyPath()

* Move temporary repo to use the standard temporary path

* Fix the tests

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove LocalWikiPath

* Fix missing remove

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Use AppURL for Oauth user link (#6894)

* Use AppURL for Oauth user link

Fix #6843

* Update oauth.go

* Update oauth.go

* internal/ssh: ignore env command totally (#6825)

* ssh: ignore env command totally

* Remove commented code 

Needed fix described in issue #6889

* Escape the commit message on issues update and title in telegram hook (#6901)

* update sdk to latest (#6903)

* improve description of branch protection (fix #6886) (#6906)

The branch protection description text were not quite accurate.

* Fix logging documentation (#6904)

* ENABLE_MACARON_REDIRECT should be REDIRECT_MACARON_LOG

* Allow DISABLE_ROUTER_LOG to be set in the [log] section

* [skip ci] Updated translations via Crowdin

* Move sdk structs to modules/structs (#6905)

* move sdk structs to moduels/structs

* fix tests

* fix fmt

* fix swagger

* fix vendor
2019-05-11 11:29:17 -04:00
Lunny Xiao 34eee25bd4
Move sdk structs to modules/structs (#6905)
* move sdk structs to moduels/structs

* fix tests

* fix fmt

* fix swagger

* fix vendor
2019-05-11 18:21:34 +08:00
zeripath e3166744fe
Fix logging documentation (#6904)
* ENABLE_MACARON_REDIRECT should be REDIRECT_MACARON_LOG

* Allow DISABLE_ROUTER_LOG to be set in the [log] section
2019-05-11 10:13:57 +01:00
Antoine GIRARD 10ff527fae internal/ssh: ignore env command totally (#6825)
* ssh: ignore env command totally

* Remove commented code 

Needed fix described in issue #6889
2019-05-09 18:41:43 -04:00
Wim 4508380cf7 Show full name if DefaultShowFullName setting activated (#6710)
Adds a new key DEFAULT_SHOW_FULL_NAME (default false) to the [ui] section.
If enabled the full name will be shown (unless it's empty, then
the default username will be used)
2019-05-08 11:41:35 +03:00
Lunny Xiao 08069dc465
Improve migrations to support migrating milestones/labels/issues/comments/pullrequests (#6290)
* add migrations

* fix package dependency

* fix lints

* implements migrations except pull requests

* add releases

* migrating releases

* fix bug

* fix lint

* fix migrate releases

* fix tests

* add rollback

* pull request migtations

* fix import

* fix go module vendor

* add tests for upload to gitea

* more migrate options

* fix swagger-check

* fix misspell

* add options on migration UI

* fix log error

* improve UI options on migrating

* add support for username password when migrating from github

* fix tests

* remove comments and fix migrate limitation

* improve error handles

* migrate API will also support migrate milestones/labels/issues/pulls/releases

* fix tests and remove unused codes

* add DownloaderFactory and docs about how to create a new Downloader

* fix misspell

* fix migration docs

* Add hints about migrate options on migration page

* fix tests
2019-05-07 09:12:51 +08:00
Simon a2a006a5d5 Add GET requests to webhook (#6771)
* Add GET requests to webhook

* make fmt

* Handle invalid http method on webhook

* Uppercase http method in webhook

* Rename v85.go to v86.go

* make fmt
2019-05-05 14:09:02 -04:00
Mario Lubenka 55a8e12d85 Number of commits ahead/behind in branch overview (#6695)
* Call Git API to determine divergence of a branch and its base branch

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Show commit divergance in branch list

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adds missing comment

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adds test for diverging commits

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Try comparing commits instead of branches

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Removes test as CI can't run it

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adjusts signature of percentage function to allow providing multiple integers as numerator

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Moves CountDivergingCommits function into repofiles module

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
2019-05-05 19:25:25 +03:00
ngourdon 7806deab96 add french specific rule for translating plural texts (#6846) 2019-05-04 23:44:43 +01:00
techknowlogick 46373e7657
Hash App token (#6724) 2019-05-04 11:45:34 -04:00
Lauris BH 1fa9662946
Git statistics in Activity tab (#4724)
* Initial implementation for git statistics in Activity tab

* Create top user by commit count endpoint

* Add UI and update src-d/go-git dependency

* Add coloring

* Fix typo

* Move git activity stats data extraction to git module

* Fix message

* Add git code stats test
2019-05-04 15:39:03 +03:00
Filip Navara dbb0c9658c Fix #6813: Allow git.GetTree to take both commit and tree names (#6816)
* Allow git.GetTree to take both commit and tree names, return full paths on entries listed through Tree.ListEntriesRecursive

Signed-off-by: Filip Navara <filip.navara@gmail.com>

* Fix the SHA returned on Git Tree APIs called with commit hash or symbolic name

Signed-off-by: Filip Navara <filip.navara@gmail.com>
2019-05-02 20:33:11 -04:00
zeripath ade88a877d Allow Recaptcha service url to be configured (#6820) 2019-05-02 16:09:39 +03:00
Filip Navara 55daee8d22 Remove `seen` map from `getLastCommitForPaths` (#6807)
Ensures correctly traversing the commit graph for all path and avoids
erroneously skipping some. Also preallocate some arrays to correct size
to prevent unnecessary reallocations.

Fixes #6708.

Signed-off-by: Filip Navara <filip.navara@gmail.com>
2019-04-30 16:27:41 +03:00
zeripath 8d0d7bc28d Make CustomPath, CustomConf and AppWorkPath configurable at build (#6631) 2019-04-29 14:08:21 -04:00
Nicola Scattaglia cde6079879 Restore IsWindows variable assignment (#6722) (#6790)
Signed-off-by: Nicola Scattaglia <scattaglia.nicola.work@gmail.com>
2019-04-28 22:48:46 +03:00
ngourdon d29d97d91c Set user search base field optional in DLDAP edit page (#6779) 2019-04-28 09:53:55 -04:00
zeripath f6eedd4dc8 UI: Detect and restore encoding and BOM in content (#6727)
* detect and remove a decoded BOM

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Restore the previous encoding and BOM

* On error keep as UTF-8

Signed-off-by: Andrew Thornton <art27@cantab.net>

* create remove BOM function

* Deal with LFSed content

* Update modules/repofiles/update.go

* Fix final LFS bug

* Keep LFS sections referring to opts.Content
2019-04-26 15:00:30 +03:00
techknowlogick ec2d489d15
OAuth2 token can be used in basic auth (#6747) 2019-04-25 18:42:50 -04:00
Lunny Xiao 199faadea3 Fix org visibility bug when git cloning (#6743)
* fix org visibility bug

* fix permission check

* add integration tests

* fix tests

* change test user name for easier maintainance and fix test

* fix test git repo name
2019-04-25 21:59:10 +03:00
James E. Blair dabee9b1a4 Handle redirects in git clone commands (#6688)
Add support for repo_redirect objects in the git smart http
handler so that when a user clones a repo that has been moved
or renamed, they are redirected to the new location.

This requires that the query string be included in the redirect
as well, so that is added.

Signed-off-by: James E. Blair <jeblair@redhat.com>
2019-04-25 08:51:40 +03:00
mrsdizzie 0064535ad2 Fix domain name pattern in email regex (#6739)
Fixes #6735
2019-04-24 21:53:41 -04:00
zeripath be666b03ee Trace Logging on Permission Denied & ColorFormat (#6618)
* Add log.ColorFormat and log.ColorFormatted

Structs can now implement log.ColorFormatted to provide their own
colored format when logged with `%-v` or additional flags.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add basic ColorFormat to repository and user

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add basic ColorFormat to access and unit

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add ColorFormat to permission and on trace log it

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add log.NewColoredIDValue to make ID value coloring consistent

Signed-off-by: Andrew Thornton <art27@cantab.net>

* formatting changes

* Add some better tracing to permission denied for read issues/pulls

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add Trace logging on permission denied

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove isTrace() check from deferred func

* Adjust repo and allow logging of team

* use FormatInt instead of Itoa

* Add blank line

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update access.go
2019-04-22 23:40:51 +03:00
Filip Navara b83114f140 Fix one performance/correctness regression in #6478 found on Rails repository. (#6686)
* Fix flaw in the commit history lookup that caused unnecessary traversal
when the repository contains a lot of merge commits.

Also return the merge commit as the changed one if the file or
directory was changed as part of the merge, eg. through conflict
resolution.

Signed-off-by: Filip Navara <filip.navara@gmail.com>

* Perform history simplification. If a file is present on multiple parents
in a merge commit follow only the first parent.
2019-04-21 16:49:06 +08:00
zeripath 3d5d2fa9d8
Unfortunately MemProvider Init does not actually Init properly (#6692)
* Unfortunately MemProvider Init does not actually Init properly

Worse all of its members are private and you cannot update them.
Simple fix copy it in to modules session.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix misspelling
2019-04-20 12:47:17 +01:00
zeripath b33f7f792b
Prevent creating empty sessions (#6677)
* Prevent creating empty sessions

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update modules/setting/session.go

* Remove unnecessary option

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add destory to list of ignored misspellings

* rename cookie.go -> virtual.go

* Delete old file

* Add test to ensure that sessions are not created without being logged in

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix tests

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update integrations/create_no_session_test.go
2019-04-20 07:44:50 +01:00
Mario Lubenka fcbac38d6f Unifies pagination template usage (#6531) (#6533) 2019-04-20 00:15:19 -04:00
Daniel Grier b9d1fb6de3 Add support for MS Teams webhooks (#6632) 2019-04-19 10:18:06 -04:00
Filip Navara 2af67f6044 Improve listing performance by using go-git (#6478)
* Use go-git for tree reading and commit info lookup.

Signed-off-by: Filip Navara <navara@emclient.com>

* Use TreeEntry.IsRegular() instead of ObjectType that was removed.

Signed-off-by: Filip Navara <navara@emclient.com>

* Use the treePath to optimize commit info search.

Signed-off-by: Filip Navara <navara@emclient.com>

* Extract the latest commit at treePath along with the other commits.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix listing commit info for a directory that was created in one commit and never modified after.

Signed-off-by: Filip Navara <navara@emclient.com>

* Avoid nearly all external 'git' invocations when doing directory listing (.editorconfig code path is still hit).

Signed-off-by: Filip Navara <navara@emclient.com>

* Use go-git for reading blobs.

Signed-off-by: Filip Navara <navara@emclient.com>

* Make SHA1 type alias for plumbing.Hash in go-git.

Signed-off-by: Filip Navara <navara@emclient.com>

* Make Signature type alias for object.Signature in go-git.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix GetCommitsInfo for repository with only one commit.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix PGP signature verification.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix issues with walking commit graph across merges.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix typo in condition.

Signed-off-by: Filip Navara <navara@emclient.com>

* Speed up loading branch list by keeping the repository reference (and thus all the loaded packfile indexes).

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix lising submodules.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix build

Signed-off-by: Filip Navara <navara@emclient.com>

* Add back commit cache because of name-rev

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix tests

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix code style

* Fix spelling

* Address PR feedback

Signed-off-by: Filip Navara <navara@emclient.com>

* Update vendor module list

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix getting trees by commit id

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix remaining unit test failures

* Fix GetTreeBySHA

* Avoid running `git name-rev` if not necessary

Signed-off-by: Filip Navara <navara@emclient.com>

* Move Branch code to git module

* Clean up GPG signature verification and fix it for tagged commits

* Address PR feedback (import formatting, copyright headers)

* Make blob lookup by SHA working

* Update tests to use public API

* Allow getting content from any type of object through the blob interface

* Change test to actually expect the object content that is in the GIT repository

* Change one more test to actually expect the object content that is in the GIT repository

* Add comments
2019-04-19 20:17:27 +08:00
techknowlogick 19ec2606e9 API OTP Context (#6674)
* API OTP Context

* Update api.go

* token

* token

* fix per discord

* copyright header

* remove check for token in OTP

* Update auth.go

* simplify

* Update api.go
2019-04-19 11:59:26 +03:00
techknowlogick 56da256853
Telegram webhook (#4227) 2019-04-18 22:45:02 -04:00
Richard Mahn 2262811e40 Fixes 4762 - Content API for Creating, Updating, Deleting Files (#6314) 2019-04-17 12:06:35 -04:00
Mura Li 2a9806bfc6 Pre-calculate the absolute path of git (#6575)
* Pre-caculate the absolute path of git

* Do not repeat string literals which has been defined somewhere

Also make it flexible to accept customized/user-defined value.
2019-04-17 14:11:37 +03:00
Segev Finer 34548369e1 Add API for manipulating Git hooks (#6436)
* Add API for manipulating Git hooks

Signed-off-by: Segev Finer <segev@codeocean.com>

* Replace code.gitea.io/sdk with PR branch temporarily for CI

* Switch back to code.gitea.io/sdk@master

* Return 403 instead of 404 on no permission to edit hooks in API

* Add tests for Git hooks API

* Update models/repo_list_test.go

Co-Authored-By: segevfiner <segev208@gmail.com>

* Update models/repo_list_test.go

Co-Authored-By: segevfiner <segev208@gmail.com>

* empty line
2019-04-17 01:31:08 -04:00
zeripath 827ab6b75a Add SUBJECT_PREFIX mailer config option (#6605)
* Add SUBJECT_PREFIX mailer config option

* Add space between subject prefix and subject (Change from Gogs)

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-04-17 00:56:40 -04:00
mrsdizzie 1bce1894f5 Use ctx.metas for SHA hash links (#6645)
Since #6273 was merged, we now have access to proper context metas
always. Update SHA generated links to use these instead of urlPrefix.

Update tests as well.

Fixes #4536.
2019-04-16 08:53:57 +01:00
Segev Finer ecfa5f1594 Fix forking an empty repository (#6637)
Fixes #6633

Signed-off-by: Segev Finer <segev@codeocean.com>
2019-04-15 16:48:35 -04:00
Jonas Franz 62d3f49c28 Add json tags for oauth2 form (#6627) 2019-04-15 11:54:50 -04:00
Jonas Franz 783cd64927 Add option to disable refresh token invalidation (#6584)
* Add option to disable refresh token invalidation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add integration tests and remove wrong todos

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix typo

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix tests and add documentation

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2019-04-12 15:50:21 +08:00
mrsdizzie 3ff0a126e1 Improve issue autolinks (#6273)
* Improve issue autolinks

Update autolinks to match what github does here:

Issue in same repo: #1
Issue in different repo: org/repo#1

Fixes #6264

* Use setting.AppURL when parsing URL

Using setting.AppURL here is a more reliable way of parsing the current
URL and what other functions in this file seem to use.

* Make ComposeMetas always return a valid context

* Add per repository markdown renderers for better context

* Update for use of context metas

Now that we include the user and repo name inside context metas, update
various code and tests for this new logic
2019-04-12 08:53:34 +03:00
Mura Li 3186ef554c Support search operators for commits search (#6479)
* Support searching commits with prefix syntax

For now, support auther: committer:
When more than one prefix is supplied is presented, the result is the union.
When different prefixes are supplied, the result is the intersection.

For example,
"author:alice author:bob"
=> the result is all commits authored by Alice OR Bob

"hello committer:alice"
=> the result is all commits committed by Alice AND has the keyword
'hello' in the message.

Note that there should NOT have any space after the colon(:) of the prefix.
For example,
"author:bill" => correct
"author: bill" => wrong

* Remove unneeded logging

* Add missing files of test repository

* Add missing repo_unit entries to test fixtures

* Update test cases

* Add tooltip for commits search button

* Update tooltip text

I have no idea about how to format it with line breaks.

* Make the usage example more real

* Add a test case

* Add new options struct for SearchCommits

* Prefer len(s) > 0 over s != ""

* Add NewSearchCommitsOptions
2019-04-12 10:28:44 +08:00
Lunny Xiao 2f53b5f88c fix mail notification when close/reopen issue (#6581) 2019-04-11 22:59:01 +01:00
zeripath 89cc7c646d
Prevent server 500 on compare branches with no common history (#6555)
* Prevent 500 if there is no common mergebase
* Prevent creation of PR with no history
2019-04-09 21:45:58 +01:00
zeripath 0af0b078f9 wrap the ServerError and NotFound and log from the caller (#6550) 2019-04-09 21:10:42 +03:00
silverwind 8e949db3b5 Render SHA1 links as code blocks (#6546) 2019-04-09 06:18:48 +03:00
Lunny Xiao e7d7dcb090 Issue indexer queue redis support (#6218)
* add redis queue

* finished indexer redis queue

* add redis vendor

* fix vet

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-Authored-By: lunny <xiaolunwen@gmail.com>

* switch to go mod

* Update required changes for new logging func signatures
2019-04-08 12:05:15 +03:00
Vasek Sraier 49b2f45f75 Cleaned permission checks for API -> site admin can now do anything (#6483)
* cleaned permission checks for API -> site admin can now do anything

Signed-off-by: Vasek Sraier <git@vakabus.cz>

* PR #6483: helper methods moved to context/context.go, added missing return

Signed-off-by: Vasek Sraier <git@vakabus.cz>

* PR #6483: added documentation to new exported helper functions in context/context.go

Signed-off-by: Vasek Sraier <git@vakabus.cz>
2019-04-08 01:49:34 +03:00
mrsdizzie 6293736d02 Use stricter boundaries for auto-link detection (#6522)
* Use stricter boundaries for auto-link detection

Currently autolinks use \W for boundary detection which creates many
situations of inserting links into places they don't belong (paths,
URLs, UUIDs, etc...)

This fixes that by replacing \W and only allowing these matches to touch
an open paren or bracket (matching what seems to be Github behavior) in
addition to whitespace and start of line. Similar for ending boundary as
well.

Fixes #6149
(and probably others)

* Update test

Replace incorrect test with a value that is a valid username, based on:

"Username should contain only alphanumeric, dash ('-'), underscore ('_')
and dot ('.') characters."

* Also allow for period at the end

Matching Github behavior

* Fix email regex to work properly with specificed boundaries

Create a specific capture group for email address and then use
FindStringSubmatchIndex to allow for non-matching patterns as
boundaries.

* Add Tests

Add tests for new behavior -- including tests for email addresses which
were absent before.
2019-04-07 12:18:16 +01:00
zeripath 5422f23ed8 Quieter Integration Tests (#6513)
* Rename BaseLogger to WriterLogger to help the creation of other providers

* Don't export ColorBytes and ResetBytes from ColoredValues

* Make integration tests only print logs if they fail

* check can color before coloring

* I always forget about MSSQL

* Oh and use LEVEL in sqlite.ini

* Make the test logger log at info - as it means you see the router

* Remove empty expected changes

* Make the migrations quieter too

* Don't display SQL on error - it can be looked at in the file logs if necessary

* Fix skip when using onGiteaRun
2019-04-07 03:25:14 +03:00
silverwind 2242a9f82e Improve SHA1 link detection (#6526)
This improves the SHA1 link detection to not pick up extraneous
non-whitespace characters at the end of the URL. The '.' is a special
case handled in code itself because of missing regexp lookahead
support.

Regex test cases: https://regex101.com/r/xUMlqh/3
2019-04-06 21:28:45 +03:00
mrsdizzie 54c1cb6c5f Add X-Auto-Response-Suppress header to outgoing messages (#6492)
This is a header used to suggest mail servers not to respond to a message
with an auto-responder:

 https://docs.microsoft.com/en-us/openspecs/exchange_server_protocols/ms-oxcmail/ced68690-498a-4567-9d14-5c01f974d8b1

This header is also used by github and gitlab in outgoing messages.

Fixes #6484
2019-04-02 11:45:54 -04:00
zeripath 704da08fdc
Better logging (#6038) (#6095)
* Panic don't fatal on create new logger

Fixes #5854

Signed-off-by: Andrew Thornton <art27@cantab.net>

* partial broken

* Update the logging infrastrcture

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Reset the skip levels for Fatal and Error

Signed-off-by: Andrew Thornton <art27@cantab.net>

* broken ncsa

* More log.Error fixes

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove nal

* set log-levels to lowercase

* Make console_test test all levels

* switch to lowercased levels

* OK now working

* Fix vetting issues

* Fix lint

* Fix tests

* change default logging to match current gitea

* Improve log testing

Signed-off-by: Andrew Thornton <art27@cantab.net>

* reset error skip levels to 0

* Update documentation and access logger configuration

* Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE

* Fix broken level caching

* Refactor the router log

* Add Router logger

* Add colorizing options

* Adjust router colors

* Only create logger if they will be used

* update app.ini.sample

* rename Attribute ColorAttribute

* Change from white to green for function

* Set fatal/error levels

* Restore initial trace logger

* Fix Trace arguments in modules/auth/auth.go

* Properly handle XORMLogger

* Improve admin/config page

* fix fmt

* Add auto-compression of old logs

* Update error log levels

* Remove the unnecessary skip argument from Error, Fatal and Critical

* Add stacktrace support

* Fix tests

* Remove x/sync from vendors?

* Add stderr option to console logger

* Use filepath.ToSlash to protect against Windows in tests

* Remove prefixed underscores from names in colors.go

* Remove not implemented database logger

This was removed from Gogs on 4 Mar 2016 but left in the configuration
since then.

* Ensure that log paths are relative to ROOT_PATH

* use path.Join

* rename jsonConfig to logConfig

* Rename "config" to "jsonConfig" to make it clearer

* Requested changes

* Requested changes: XormLogger

* Try to color the windows terminal

If successful default to colorizing the console logs

* fixup

* Colorize initially too

* update vendor

* Colorize logs on default and remove if this is not a colorizing logger

* Fix documentation

* fix test

* Use go-isatty to detect if on windows we are on msys or cygwin

* Fix spelling mistake

* Add missing vendors

* More changes

* Rationalise the ANSI writer protection

* Adjust colors on advice from @0x5c

* Make Flags a comma separated list

* Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING

* Ensure matching is done on the non-colored message - to simpify EXPRESSION
2019-04-02 08:48:31 +01:00
mrsdizzie c8650aef0a Change order that PostProcess Processors are run (#6445)
Make sure Processors that work on full links are run first so that
something matching another pattern doesn't alter a link before we get to
it, for example:

 https://stackoverflow.com/questions/2896191/what-is-go-used-fore

Fixes #4813
2019-03-27 11:37:54 -04:00
Mura Li d77176912b Use Go1.11 module (#5743)
* Migrate to go modules

* make vendor

* Update mvdan.cc/xurls

* make vendor

* Update code.gitea.io/git

* make fmt-check

* Update github.com/go-sql-driver/mysql

* make vendor
2019-03-27 19:15:23 +08:00
Lunny Xiao d578b71d61
move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364)
* move code.gitea.io/git to code.gitea.io/gitea/modules/git

* fix imports

* fix fmt

* fix misspell

* remove wrong tests data

* fix unit tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* enable Debug to trace the failure tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* comment commit count tests since git clone depth is 50

* fix tests

* update from code.gitea.io/git

* revert change to makefile
2019-03-27 17:33:00 +08:00
mrsdizzie d056bf300f Clean up ref name rules (#6437)
* Clean up ref name rules

Clean up checks on reference names to better conform to the guideline
here: https://git-scm.com/docs/git-check-ref-format

This fixes half of #6321

* Update branch create integration test

According to: https://git-scm.com/docs/git-check-ref-format

And: git check-ref-format "master/feature=test1"

This is a valid branch name and we should not be testing for it to fail.
2019-03-26 21:59:48 +02:00
Roland Koebler 57ecf09787 Markdown: enable some more extensions (#6362)
* Markdown: enable some more extensions

Improve Markdown-rendering by enabling some extensions:

- enable definitions lists
- enable footnotes
- enable header-ids and automatically generate header-ids (for linking to README-sections or creating table-of-contents for larger READMEs)

* Markdown: update and exted tests

Update and add tests for additionally enabled Markdown-extensions.
2019-03-21 15:53:06 +02:00
John Olheiser cac9e6e760 Updates to API 404 responses (#6077) 2019-03-18 22:29:43 -04:00
techknowlogick d1c982cb73
Add bio field for user (#6113)
Fix #4339
2019-03-18 22:28:10 -04:00
mrsdizzie ca46385637 Clean up various use of escape/unescape functions for URL generation (#6334)
* Use PathUnescape instead of QueryUnescape when working with branch names

Currently branch names with a '+' fail in certain situations because
QueryUnescape replaces the + character with a blank space.

Using PathUnescape should be better since it is defined as:

// PathUnescape is identical to QueryUnescape except that it does not
// unescape '+' to ' ' (space).

Fixes #6333

* Change error to match new function name

* Add new util function PathEscapeSegments

This function simply runs PathEscape on each segment of a path without
touching the forward slash itself. We want to use this instead of
PathEscape/QueryEscape in most cases because a forward slash is a valid name for a
branch etc... and we don't want that escaped in a URL.

Putting this in new file url.go and also moving a couple similar
functions into that file as well.

* Use EscapePathSegments where appropriate

Replace various uses of EscapePath/EscapeQuery with new
EscapePathSegments. Also remove uncessary uses of various
escape/unescape functions when the text had already been escaped or was
not escaped.

* Reformat comment to make drone build happy

* Remove no longer used url library

* Requested code changes
2019-03-18 10:00:23 -04:00
zeripath d78bb1d564 Add lang specific font stacks for CJK (#6007)
* Add lang specific font stacks

* Force font changes

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix icons

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix octicons and icons

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Just override the semantic ui fonts only

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Missed the headers... override them too

* Missed some more semantic ui stuff

* Fix PT Sans

Signed-off-by: Andrew Thornton <art27@cantab.net>

* More changes

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Squashed commit of the following:

commit 7d1679e9079541359869c9e677ba7412bfcc59f3
Author: Mike L <cl.jeremy@qq.com>
Date:   Wed Mar 13 13:53:49 2019 +0100

    Remove missed YaHei leftover from _home.less

commit 0079121ea91860a323ed4e5cc1a9c0d490d9cefd
Author: Mike L <cl.jeremy@qq.com>
Date:   Wed Mar 13 12:03:54 2019 +0100

    Fix overdone fixes (inherit, :lang)

commit 62c919915928ec1db4731d547e95885f91a0618d
Author: Mike L <cl.jeremy@qq.com>
Date:   Wed Mar 13 02:29:10 2019 +0100

    Fix elements w/ explicit lang (language chooser)

commit b3117587aa2eb8570d60bed583a11ee5565418be
Author: Mike L <cl.jeremy@qq.com>
Date:   Tue Mar 12 20:17:26 2019 +0100

    Fix textarea also (to match body)

commit 81cedf2c3012c4dd05a7680782b4a98e1b947f67
Author: Mike L <cl.jeremy@qq.com>
Date:   Tue Mar 12 19:41:39 2019 +0100

    Revert css temporarily to fix conflict

commit 80ff82797f3203cbeaf866f22e961334e137df89
Author: Mike L <cl.jeremy@qq.com>
Date:   Tue Mar 12 19:15:30 2019 +0100

    Tweak CJK, fix Yu Gothic, more monospace inherits

commit 581dceb9a869646c2c486dabb925c88c2680d70c
Author: Mike L <cl.jeremy@qq.com>
Date:   Mon Mar 11 13:09:26 2019 +0100

    Add Lato for latin extd. & cyrillic, improve CJK

* update stylesheet
2019-03-18 08:49:01 -04:00
Lunny Xiao 379289639e
split setting.go to multiple files (#6154)
* split setting.go to multiple files

* fix lint
2019-03-16 11:12:44 +08:00
techknowlogick d7542bfde3
Add InternalTokenURI to load InteralToken from an external file (#5812) 2019-03-13 18:49:43 -04:00
zeripath b2e9894988 Fix reported issue in repo description (#6306) 2019-03-11 22:23:34 -04:00
zeripath 663874e8be Use url.PathEscape to escape the branchname (#6304)
* Use url.PathEscape to escape the branchname

* GetRepositoryByOwnerAndName should also have url.PathEscape as the owner and reponame are provided by the client
2019-03-12 00:53:41 +02:00
zeripath dbab98c8e0 Remove util.RemoveAll - should have been removed since go 1.7 (#6299) 2019-03-10 23:56:36 +02:00
Jonas Franz e777c6bdc6 Integrate OAuth2 Provider (#5378) 2019-03-08 11:42:50 -05:00
mrsdizzie f2de5dc8c8 Replace linkRegex with xurls library (#6261)
* Replace linkRegex with xurls library

Rather than maintaining a complicated regex to match URLs for
autolinking, gitea can use this existing go library that takes care of
the matching with very little code change to gitea itself. After
spending a while trying to find the perfect regex for all cases this library
still works better as it is more flexible than a single regex ever will be.

This will also fix the following issues: #5844 #3095 #3381

This passes all our current tests and I've added new ones mentioned in
those issues as well.

* Use xurls.StrictMatchingScheme instead of xurls.Strict

This is much faster and we only care about https? links to preserve
existing behavior.
2019-03-07 15:12:01 -05:00
mrsdizzie 020075e12f Remove visitLinksForShortLinks features (#6257)
The visitLinksForShortLinks feature would look inside of an <a> tag and
run shortLinkProcessorFull on any text, which attempts to create links
out of potential 'short links' like [[test]] [[link|example]] etc...
This makes no sense because you can't have nested links within an <a>
tag. Specifically, the html5 standard says <a> tags can't include
interactive content if they contain the href attribute:

 http://w3c.github.io/html/single-page.html#the-a-element

And also defines an <a> element with a href attribute as interactive:

 http://w3c.github.io/html/single-page.html#interactive-content

Therefore you can't really put a link inside of another link. In
practice none of this works anyways since browsers won't render it, it
would probably be broken if they tried, and it is causing a bug
(#4946). No current tests rely on this behavior either.

This removes the feature and also explicitly excludes the
current visitNodeForShortLinks from looking in <a> tags.
2019-03-07 14:13:44 -05:00
Zsombor f80caa5a8c Fix #6234 : Check organization visibility before everything else (#6235)
* Fix #6234 : Check organization visibility before everything else

* Ensure that Owner is available in the Repo
2019-03-05 15:15:24 -05:00
mrsdizzie 4a2e92bcd1 Modify linkRegex to require http|https (#6171)
Modify the current linkRegex to require http|https which appears to be
the intended behavior based on the comments. Right now, it also matches
anything starting with www as well. Also add testing for linkRegex
2019-02-28 20:31:53 +08:00
Lunny Xiao c812ba7f87
fix display dashboard even if require to change password (#6214)
* fix display dashboard even if require to change password

* fix comments
2019-02-28 16:01:42 +08:00
James E. Blair 48c101affe Create a repo redirect when transferring ownership (#6210) (#6211)
When transferring ownership of a repo to a different user/org,
create a repo redirect that points to the new location in the same
way that is done when a repo is renamed.

Signed-off-by: James E. Blair <jeblair@redhat.com>
2019-02-28 11:51:46 +08:00
Segev Finer 594f591691 Increase Username and Orgname MaxSize 35 -> 40 (#6178)
* Increase Username and Orgname MaxSize 35 -> 40

Signed-off-by: Segev Finer <segev@codeocean.com>

* Dep update code.gitea.io/sdk

Signed-off-by: Segev Finer <segev@codeocean.com>

* Run generate-swagger

Signed-off-by: Segev Finer <segev@codeocean.com>
2019-02-25 13:56:47 -05:00
Lunny Xiao 15ecc08475 fix bug when set indexer as db and add tests (#6173) 2019-02-24 11:16:20 -05:00
Lunny Xiao 477ef46251
Add more tests and docs for issue indexer, add db indexer type for searching from database (#6144)
* add more tests and docs for issue indexer, add db indexer type for searching from database

* fix typo

* fix typo

* fix lint

* improve docs
2019-02-21 13:01:28 +08:00
Lunny Xiao 0751153613
refactor issue indexer, add some testing and fix a bug (#6131)
* refactor issue indexer, add some testing and fix a bug

* fix error copyright year on comment header

* issues indexer package import keep consistent
2019-02-21 08:54:05 +08:00
John Olheiser d26d249748 Minor UI tweaks (#5980)
* Remove all CommitStatus when a repo is deleted

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Minor UI tweaks (#5782)
Added 'No License' option
Added link and octicon change for external issue trackers
Reset password now notifies right away if the code is invalid

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* More UI tweaks
More info in PR

* Generate stylesheet for arc-green

* Make gofmt work

* Change PR integration since the button is changed

* Rebase

* Generate stylesheet

* UI updates
Made the PR button a "basic" button
Vertically centered the issue checkboxes
Labels will update only once after modal is closed

* Commit to reference related issues
Resolves #5782
Resolves #5861
Addresses original question in #5993

* Change the comment wording since PR button is no longer little and green.

* Revert changes that made Windows work

* Regenerate stylesheet

* Regenerate stylesheets

* make generate-stylesheets

* Update integration again, changed button style

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Added ID to PR button
Changed integration to use the ID to avoid breaking in the future

* Added missing semi-colons

* Added back distinction between issue actions and filters (overlooked it before)
Moved action button over next to other action dropdowns

* Remove extra tab formatting in list.tmpl

* Remove more formatting from GoLand

* Replace hardcoded "No License" with i18n license helper.
2019-02-19 18:09:47 -05:00
Lunny Xiao 987a521e2f remove unused file (#6121) 2019-02-19 17:22:42 +02:00
Lunny Xiao 830ae61456 Refactor issue indexer (#5363) 2019-02-19 09:39:39 -05:00
Lunny Xiao f5fa22a499 Fix prohibit login check on authorization (#6106)
* fix bug prohibit login not applied on dashboard

* fix tests

* fix bug user status leak

* fix typo

* return after render
2019-02-19 09:19:28 +02:00
Lanre Adelowo 44114b38e6 Implement "conversation lock" for issue comments (#5073) 2019-02-18 22:55:04 +02:00
Rémy Boulanouar 64ce159a6e Allow to set organization visibility (public, internal, private) (#1763) 2019-02-18 18:00:27 +02:00
zeripath 22770c324d
Move to ldap.v3 to fix #5928 (#6105)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-02-18 12:34:37 +00:00
xdch47 5e7dee0db5 modules/context/auth.go: fix redirect loop (#5965)
Closes #5815
2019-02-17 13:44:25 +08:00
zeripath 2a03e96bce
Allow markdown files to read from the LFS (#5787)
This PR makes it possible for the markdown renderer to render images and media straight from the LFS.

Fix #5746

Signed-off-by: Andrew Thornton [art27@cantab.net](mailto:art27@cantab.net)
2019-02-12 15:09:43 +00:00
zeripath 296814e887 Refactor editor upload, update and delete to use git plumbing and add LFS support (#5702)
* Use git plumbing for upload: #5621 repo_editor.go: UploadRepoFile

* Use git plumbing for upload: #5621 repo_editor.go: GetDiffPreview

* Use git plumbing for upload: #5621 repo_editor.go: DeleteRepoFile

* Use git plumbing for upload: #5621 repo_editor.go: UploadRepoFiles

* Move branch checkout functions out of repo_editor.go as they are no longer used there

* BUGFIX: The default permissions should be 100644

    This is a change from the previous code but is more in keeping
    with the default behaviour of git.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Standardise cleanUploadFilename to more closely match git

See verify_path in: 7f4e641693/read-cache.c (L951)

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Redirect on bad paths

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Refactor to move the uploading functions out to a module

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add LFS support

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update upload.go attribution header

Upload.go is essentially the remnants of repo_editor.go. The remaining code is essentially unchanged from the Gogs code, hence the Gogs attribution.

* Delete upload files after session committed

* Ensure that GIT_AUTHOR_NAME etc. are valid for git

see #5774

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add in test cases per @lafriks comment

* Add space between gitea and github imports

Signed-off-by: Andrew Thornton <art27@cantab.net>

* more examples in TestCleanUploadName

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix formatting

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Set the SSH_ORIGINAL_COMMAND to ensure hooks are run

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Switch off SSH_ORIGINAL_COMMAND

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-02-12 15:07:31 +02:00
manuelluis fc038caa69 In basic auth check for tokens before call UserSignIn (#5725)
* Check first if user/password is a token

* In basic auth check if user/password is a token

* Remove unnecessary else statement

* Changes of fmt
2019-02-12 11:20:08 +02:00
Lanre Adelowo 9d8178b3ac Add option to close issues via commit on a non master branch (#5992)
* fixes #5957

* add tests to make sure config option is respected

* use already defined struct

* - use migration to make the flag repo wide not for the entire gitea instance
Also note that the config value can still be set so as to be able to control the value for new repositories that are to be created

- fix copy/paste error in copyright header year and rearrange import

- use repo config instead of server config value to determine if a commit should close an issue

- update testsuite

* use global config only when creating a new repository

* allow repo admin toggle feature via UI

* fix typo and improve testcase

* fix fixtures

* add DEFAULT prefix to config value

* fix test
2019-02-10 21:27:19 +02:00
Lunny Xiao 820e28c904
Split setting.go as multiple files (#6014)
* split setting.go as multiple files

* fix comments
2019-02-10 09:37:37 +08:00
Lunny Xiao 9e8cc3b18d add default time out for git operations (#6015) 2019-02-09 22:44:24 +00:00
Thomas Loubiou d252d4eb8c Remove extra spaces (#6016) 2019-02-09 14:48:28 +02:00
Thomas Loubiou 7fb09f035a Fix #5799 - swagger for mergePullRequest (#5996) 2019-02-08 08:08:38 +00:00
Lunny Xiao 2d213b64d1 use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976)
* use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines

* fix tests and add comment head
2019-02-07 02:13:12 -05:00
Richard Mahn da1edbfb79 Feature - Pagination for git tree API (#5838)
* Feature - Pagination for git tree API

* Handles case when page is negative

* Does a for loop over the start and end rather than all entries

* Removed redundent logic

* Adds per_page as a query parameter

* Adds DEFAULT_GIT_TREES_PER_PAGE for settings, ran make fmt

* Fix typo in cheat-sheet en

* Makes page start at 1, generated swagger

* Use updates to SDK

* Updates to use latest sdk

* Updates swagger for tree api

* Adds test for GetTreeBySHA

* Updates per PR reviews

* Updates per PR reviews

* Remove file

* Formatting

* Fix to swagger file

* Fix to swagger

* Update v1_json.tmpl

* Fix to swagger file
2019-02-06 18:19:26 +00:00
zeripath f286a5abb4 Allow Macaron to be set to log through to gitea.log (#5667)
* Allow Macaron to be set to log through gitea.log

Fix #4291
2019-02-05 22:06:41 -05:00
techknowlogick 9de871a0f8
add other session providers (#5963) 2019-02-05 11:52:51 -05:00
zeripath 01c10a951b
Fix ssh deploy and user key constraints (#1357) (#5939)
1. A key can either be an ssh user key or a deploy key. It cannot be both.
2. If a key is a user key - it can only be associated with one user.
3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different.
4. If a repository is deleted, its deploy keys must be deleted too.

We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints:

- [x] You should not be able to add the same user key as another user
- [x] You should not be able to add a ssh user key which is being used as a deploy key
- [x] You should not be able to add a ssh deploy key which is being used as a user key
- [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode.
- [x] If you delete a repository you must delete all its deploy keys.

Fix #1357
2019-02-03 23:56:53 +00:00
zeripath 3d91bb2f2d Make log mailer for testing (#5893)
* Create log mailer for testing email settings

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Switch on the log mailer for the integration tests

This ensures that the sending mail process works

Signed-off-by: Andrew Thornton <art27@cantab.net>

* rename the from user for mysql/mssql

* rename log sender to dummy sender

* update the integration tests
2019-02-02 21:06:52 -05:00
Lunny Xiao bbad9b6178 Fix bug when read public repo lfs file (#5912)
* fix bug when read public repo lfs file

* add comment on lfs permission check
2019-01-31 13:36:57 +00:00
zeripath 0823791d17 Recover panic in orgmode.Render if bad orgfile (#4982) (#5903)
This PR protects against the panic referred to in chaseadmsio/goorgeous#82
by recovering from the panic and just returning the raw bytes if
there is an error.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-30 17:17:43 -05:00
zeripath ca00ca8ee4 Provide better panic handling (#5902)
This PR gitea'ises the macaron.Recovery() handler meaning that in
the event of panic we get proper gitea 500 pages and the stacktrace
is logged with the gitea logger.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-30 17:00:00 -05:00
zeripath 0f295ababa Only allow local login if password is non-empty (#5906) 2019-01-30 23:18:54 +02:00
Lauris BH 80098bd752 Fix go-get URL generation (#5905) 2019-01-30 21:04:19 +00:00
sebastian-sauer 84076211b3 Config option to disable automatic repo watching (#5852)
Add a new config option to enable / disable the automatic watching of
repos for new repositories and if a user is added to a team.

Fixes #653

Signed-off-by: Sebastian Sauer <sauer.sebastian@gmail.com>
2019-01-27 09:25:21 +00:00
Lunny Xiao 892bfd0b19 improve the releases api paging (#5831)
* improve the releases api paging

* add max limit on API paging
2019-01-24 20:59:27 +02:00
Joona Hoikkala 3b364029f7 Fix TLS errors when using acme/autocert for local connections (#5820) 2019-01-23 19:47:54 -05:00
Lauris BH 331c9120e8
Request for public keys only if LDAP attribute is set (#5816)
* Update go-ldap dependency

* Request for public keys only if attribute is set
2019-01-24 01:25:33 +02:00
kolaente 0b510725c9 Feature: Archive repos (#5009) 2019-01-23 13:58:38 -05:00
zeripath 7d434376f1 Pooled and buffered gzip implementation (#5722)
* Pooled and buffered gzip implementation

* Add test for gzip

* Add integration test

* Ensure lfs check within transaction

The previous code made it possible for a race condition to occur whereby a LFSMetaObject could be checked into the database twice. We should check if the LFSMetaObject is within the database and insert it if not in one transaction.

* Try to avoid primary key problem in postgres

The integration tests are being affected by
https://github.com/go-testfixtures/testfixtures/issues/39 if we set the
primary key high enough, keep a count of this and remove at the end of
each test we shouldn't be affected by this.
2019-01-23 10:56:51 +02:00
Lanre Adelowo e1fcd6b742 Disallow empty titles (#5785)
* add util method and tests

* make sure the title of an issue cannot be empty

* wiki title cannot be empty

* pull request title cannot be empty

* update to make use of the new util methof
2019-01-21 13:45:32 +02:00
Paul Brackin 1bb22b2b47 Make db connect more robust (#5738) 2019-01-19 16:17:08 -05:00
John Olheiser 6f194b83c6 Moved defaults in defaults.go to setting.go (#5764)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-01-19 15:39:27 -05:00
Harshit Bansal 6822a8993b ldap: Adjust log settings when a user is not found. (#5771)
Fixes: #3849.
2019-01-19 14:57:27 -05:00
Robert Sprunk 65b6ebf243 Log IP of failed ssh connection (#5766)
Fix #5765 by log the IP address of a connecting remote machine in case of a SSH connection error for the built-in ssh server.

Signed-off-by: Robert Sprunk <github@sprunk.me>
2019-01-19 16:29:17 +00:00
zeripath 07802a2bc5 Refactor repo.isBare to repo.isEmpty #5629 (#5714)
* Refactor repo.isBare to repo.isEmpty #5629

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove Sync call
2019-01-17 19:01:04 -05:00
Lunny Xiao 82e08a3364
Refactor notification for indexer (#5111)
* notification for indexer

* use NullNotifier as parent struct
2019-01-17 22:23:22 +08:00
Lunny Xiao 270fa6d63b Support CORS headers to git smart http protocol (#5719) 2019-01-14 16:05:27 -05:00
Khaled Hamed bd75965296 Prioritize "readme.md" (#5691)
* prioritize readme.md

* Improve IsReadmeFile

* Add more tests
2019-01-14 14:15:06 -05:00
techknowlogick 5c44f751a3
Discord Oauth2 support (#4476)
* add discord auth

* add vendor for discord

* fix syntax error

* make fmt

* update version of goth in use

* update markbates/goth
2019-01-13 14:06:22 -05:00
Lunny Xiao beab2df122 Refactor mail notification (#5110)
* mail notification implement interface

* fix file comment year

* use NullNotifier as parent struct of notifiers
2019-01-13 16:42:55 +02:00
zeripath dd13327382 When redirecting clean the path to avoid redirecting to //www.othersite.com (#5669)
Fix #5627

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-09 13:39:01 -05:00
Lanre Adelowo 8d2c24f7f9 Allow for user specific themes (#5668)
* add migration and basic UI for changing a user's theme

* update user themem

* use right text on button

* load theme based on users' selection

* load theme based on users' selection in pwa too

* update sample config

* delete older theme loading

* implement AfterLoad to set users' theme properly

* set up default theme when creating a user. This uses the installation wide theme

* use flash messages for error

* set default theme when creating a user from the cli

* fix @lunny review
2019-01-09 12:22:57 -05:00
zeripath 8bb0a6f425 Synchronize SSH keys on login with LDAP + Fix SQLite deadlock on ldap ssh key deletion (#5557)
* Synchronize SSH keys on login with LDAP

* BUG: Fix hang on sqlite during LDAP key deletion
2018-12-27 12:28:48 -05:00
Tony Homrich 2058c362a8 LDAP via simple auth separate bind user and search base (#5055) 2018-12-27 11:51:19 -05:00
Julian 4a685f8b87 Add rebase with merge commit merge style (#3844) (#4052)
Signed-off-by: Julian Tölle <julian.toelle97@gmail.com>
2018-12-27 12:27:08 +02:00
Lunny Xiao b65e37ed72
fix indexer reindex bug when gitea restart (#5563)
* fix issue indexer bug reindex when restart gitea

* also fix code indexer reindex when gitea restart
2018-12-19 16:37:48 +08:00
Lunny Xiao 7fd34c0517
fix lfs version check warning log when using ssh protocol (#5501) 2018-12-19 09:17:43 +08:00
zeripath 2a660a1de1 Support reverse proxy providing email (#5554)
This PR implements #2347
2018-12-18 12:05:48 -05:00
Lunny Xiao ba75319157 fix clone wiki failed via ssh (#5503) 2018-12-11 13:37:32 -05:00
Jonas Franz 9681c83734 Approvals at Branch Protection (#5350)
* Add branch protection for approvals

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add required approvals

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add missing comments and fmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add type = approval and group by reviewer_id to review

* Prevent users from adding negative review limits

* Add migration for approval whitelists

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-12-11 19:28:37 +08:00
Lunny Xiao eabbddcd98
Restrict permission check on repositories and fix some problems (#5314)
* fix units permission problems

* fix some bugs and merge LoadUnits to repoAssignment

* refactor permission struct and add some copyright heads

* remove unused codes

* fix routes units check

* improve permission check

* add unit tests for permission

* fix typo

* fix tests

* fix some routes

* fix api permission check

* improve permission check

* fix some permission check

* fix tests

* fix tests

* improve some permission check

* fix some permission check

* refactor AccessLevel

* fix bug

* fix tests

* fix tests

* fix tests

* fix AccessLevel

* rename CanAccess

* fix tests

* fix comment

* fix bug

* add missing unit for test repos

* fix bug

* rename some functions

* fix routes check
2018-11-28 19:26:14 +08:00
Michael Kuhn 0222623be9 Explicitly disable Git credential helper (#5367)
* Explicitly disable Git credential helper

If the user running Gitea has configured a credential helper, Git
credentials might leak out of Gitea.

There are two problems with credential helpers when combined with Gitea:

1. Credentials entered by a user when doing a migration or setting up a
   mirror will end up in the credential store. In the worst case, this
   is the plain text file ~/.git-credentials.
2. Credentials in the credential store will be used for migrations and
   mirrors by all users. For example, if user A sets up a mirror, their
   credentials will be stored. If user B later sets up a mirror from the
   same host and does not enter any credentials, user A's credentials
   will be used.

This PR prepends -c credential.helper= to all Git commands to clear the
list of helpers. This requires at least Git version 2.9, as previous
versions will try to load an empty helper instead. For more details, see
24321375cd

* Update git module
2018-11-28 09:00:25 +02:00
SohnyBohny 294904321c Create Progressive Web App (#4730)
* Create manifest and serviceworker

* Create templates and add AppSubUrl

* Add JSRenderer

* fix ctx type

* Add JSRenderer to static.go

* Complete adding {{AppSubUrl}}

* Add more fonts to urlsToCache

* Add 512px and 192px icons

* Hardcode font MD5

* Default theme doesn't have a specific CSS file
2018-11-27 10:18:26 -05:00
Lauris BH e09fe48773 Refactor heatmap to vue component (#5401) 2018-11-27 10:36:54 +01:00
Lanre Adelowo 3a1ed82529 Explicitly decide whether to use TLS in mailer's configuration (#5024)
* explicitly decide on using TLS for mail connections

* explicitly decide on using TLS for mail connections

* keep compatibility
2018-11-26 14:21:41 -05:00
Lunny Xiao cef0f12c51 support envs on external render commands (#5278) 2018-11-20 17:11:21 -05:00
Peter Hoffmann e08c7e521b Add raw blob endpoint to get objects by SHA ID (#5334)
* Add raw blob endpoint

This should make it possible to download raw blobs directly from
/:repo/:username/raw/blob/:sha1 URLs.

* fix: Make it work

* As an SHA-ID is no path getRefNameFromPath can't be used to verify
file specifying parameter
* added relevant change in go-gitea/git #132

Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>

* Update Gopkg.lock

Can't update all vendors due to errors

Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>

* style: Add Gitea copyright header

* feat: Added integration test for /repo/u/r/raw/blob

* fix: correct year in copyright header
2018-11-18 13:45:40 -05:00
Lanre Adelowo b97af15de6 Block registration based on email domain (#5157)
* implement email domain whitelist
2018-11-14 20:00:04 -05:00
Lauris BH 8f8ff5a295
Remove maxlines option for file logger (#5282) 2018-11-07 06:48:53 +02:00
Stanislav 078c404c3b Prometheus endpoint (#5256)
* Add prometheus collector and route

* dep ensure -add github.com/prometheus/client_golang/prometheus

* dep ensure -update github.com/golang/protobuf

* add metrics to reserved usernames

* add comment head in metrics package

* fix style imports

* add metrics settings

* add bearer token check

* mapping metrics configs

* fix lint

* update config cheat sheet

* update conf sample, typo fix
2018-11-04 22:20:00 -05:00
zeripath 7096085f2b Fix #5226 by adding CSRF checking to api reqToken and add CSRF to the POST header for deadline (#5250)
* Add CSRF checking to reqToken and place CSRF in the post for deadline creation

Fixes #5226, #5249

* /api/v1/admin/users routes should have reqToken middleware
2018-11-03 21:15:55 -04:00
zeripath 7d9a191a3c Create AuthorizedKeysCommand (#5236) 2018-11-01 09:41:07 -04:00
L.E.R b686bd0c94 Fix markdown image with link (#4675)
* Fix markdown image with link

* Add gitea copyright notice

* add a test for markdown image with link

* remove svg related variables
2018-10-30 18:26:28 -04:00
Nicolas Lenz 220ee6ae42 Pass link prefixes to external markup parsers (#5201)
* Pass environment variables for URL prefixes to external markup parser

Signed-off-by: Nicolas Lenz <nicolas@eisfunke.com>

* Document external markup link prefix environment variables

Signed-off-by: Nicolas Lenz <nicolas@eisfunke.com>

* Run format on link prefix changes

Signed-off-by: Nicolas Lenz <nicolas@eisfunke.com>
2018-10-30 10:34:12 -04:00
Antoine GIRARD 617a2433a3 Make gitea serv use api/internal (#4886)
* Start to move to internal/private

* Add GetPublicKeyByID

* Add HasDeployKey

* Add private.UpdateDeployKeyUpdated

* Add private.GetUserByKeyID

* Add private.AccessLevel

* Add private.CheckUnitUser

* Fix mistakes I made

* Some cleaning + moving code to separate files

* Fix error handling

* Remove useless error handling for setup

* lint: fix comment on exported func

* fix copyright header

* Fix order of args
2018-10-30 14:20:13 +08:00
Jonas Bröms db30d6d791 Serve audio files using HTML5 audio tag (#5221)
* Serve audio files using HTML5 audio tag

* Correct copy paste error
2018-10-30 10:17:26 +08:00
Antoine GIRARD ffd5fb8139 Set heatmap color range configurable (#5165) 2018-10-24 16:38:04 +02:00
kolaente 6759237eda User action heatmap (#5131)
* Added basic heatmap data

* Added extra case for sqlite

* Built basic heatmap into user profile

* Get contribution data from api & styling

* Fixed lint & added extra group by statements for all database types

* generated swagger spec

* generated swagger spec

* generated swagger spec

* fixed swagger spec

* fmt

* Added tests

* Added setting to enable/disable user heatmap

* Added locale for loading text

* Removed UseTiDB

* Updated librejs & moment.js

* Fixed import order

* Fixed heatmap in postgresql

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-Authored-By: kolaente <konrad@kola-entertainments.de>

* Added copyright header

* Fixed a bug to show the heatmap for the actual user instead of the currently logged in

* Added integration test for heatmaps

* Added a heatmap on the dashboard

* Fixed timestamp parsing

* Hide heatmap on mobile

* optimized postgresql group by query

* Improved sqlite group by statement
2018-10-23 10:57:42 +08:00
Jonas Franz f38fce916e Add comment replies (#5104)
* Add comment replies

* Replace reviewID with review.ID
2018-10-22 16:13:35 -04:00
Oleg Kovalov 5a4648cdd6 Remove check for negative length (#5120) 2018-10-20 17:25:14 -04:00
Julien Tant dea3d849e1 Give user a link to create PR after push (#4716)
* Give user a link to create PR after push

* Forks now create PR in the base repository + make sure PR creation is allowed

* fix code style
2018-10-20 09:59:06 +03:00
Oleg Kovalov 971dccda16 Use type switch (#5122) 2018-10-19 14:54:26 -04:00
Lunny Xiao ea619b39b2
Add notification interface and refactor UI notifications (#5085)
* add notification interface and refactor UI notifications

* add missing methods on notification interface and notifiy only issue status really changed

* implement NotifyPullRequestReview for ui notification
2018-10-18 19:23:05 +08:00
SagePtr eb0c848f5b Use native go method to get current user rather than environment variable (#4930)
* Use native go method to get current user rather than environment var

* Use t.Skip instead of return in test
2018-10-18 15:08:20 +08:00
Lauris BH 81702e6ec9 Detect charset and convert non UTF-8 files for display (#4950)
* Detect charset and convert non UTF-8 files for display

* Refactor and move function to correct module

* Revert unrelated changes

* More unrelated changes

* Duplicate content for small text to have better encoding detection

* Check if original content is valid before duplicating it
2018-09-29 16:33:54 +08:00
Lanre Adelowo 2a6d3ba058 Allow admin toggle forcing a password change for newly created users (#4563) 2018-09-13 12:34:36 -04:00
Lanre Adelowo 126ba796dc Force user to change password (#4489)
* redirect to login page after successfully activating account

* force users to change password if account was created by an admin

* force users to change password if account was created by an admin

* fixed build

* fixed build

* fix pending issues with translation and wrong routes

* make sure path check is safe

* remove unneccessary newline

* make sure users that don't have to view the form get redirected

* move route to use /settings prefix so as to make sure unauthenticated users can't view the page

* update as per @lafriks review

* add necessary comment

* remove unrelated changes

* support redirecting to location the user actually want to go to before being forced to change his/her password

* run make fmt

* added tests

* improve assertions

* add assertion

* fix copyright year

Signed-off-by: Lanre Adelowo <yo@lanre.wtf>
2018-09-13 15:04:25 +03:00
Drew Bowering 8e3e59fdb8 Fix: Let's Encrypt configuration settings (#4911)
ENABLE_LETSENCRYPT and LETSENCRYPT_ACCEPTTOS were not being properly loaded from the config file, always resulting in the default settings being in place.
2018-09-12 00:06:44 -04:00
B-OnTheGo e47df0b301 Enforce token on api routes [fixed critical security issue #4357] (#4840) 2018-09-10 12:15:52 -04:00
Lanre Adelowo be48397945 Slack webhook channel name cannot be empty or just contain an hashtag (#4786) 2018-09-10 10:31:08 -04:00
Lauris BH fa4663e61e Add push webhook support for mirrored repositories (#4127) 2018-09-06 22:06:09 -04:00
SagePtr bf55276189 Fix redirect with non-ascii branch names (#4764) (#4810)
* Fix redirect with non-ascii branch names (#4764)

* Add integration tests for non-ascii branch redirect

* Fix mysql test and coverage test
2018-09-06 21:37:02 -04:00