Commit Graph

1339 Commits

Author SHA1 Message Date
Niklas Goerke 8fe8ab5cbf
Mitigate Security vulnerability in the git hook feature (#13058)
* Extend git hook warning in the UI.

Git hooks are a dangerous feature, administrators should be warned before giving
the git hook privilege to users.

* Disable Git hooks by default and add warning.

Git hooks are a dangerous features (see warning text) that should only
be enabled if the administrator was informed about the risk involved.

Co-authored-by: Niklas Goerke <goerke@fzi.de>
2020-10-07 12:55:13 +03:00
GiteaBot f5436b4a67 [skip ci] Updated translations via Crowdin 2020-10-06 16:17:17 +00:00
GiteaBot a23c128ba6 [skip ci] Updated translations via Crowdin 2020-10-06 07:24:15 +00:00
Spencer Taylor 6eea301829
Adding visual cue for "Limited" & "Private" organizations. (#13040)
* Adding visual cue for "Limited" & "Private" organizations.

* Moving org visibility CSS styles to .less files.

Co-authored-by: Gitea <gitea@fake.local>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-06 02:25:43 -04:00
GiteaBot 91118bc73d [skip ci] Updated translations via Crowdin 2020-10-05 22:47:15 +00:00
GiteaBot 10e04da28c [skip ci] Updated translations via Crowdin 2020-10-04 17:13:45 +00:00
GiteaBot 86b8c81240 [skip ci] Updated translations via Crowdin 2020-10-02 09:38:47 +00:00
GiteaBot 1d2553abbf [skip ci] Updated translations via Crowdin 2020-10-01 12:50:55 +00:00
zeripath c6da033656
Copy missing things from app.example.ini to Cheat Sheet (#12988)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-10-01 07:57:57 +01:00
GiteaBot 992f387139 [skip ci] Updated translations via Crowdin 2020-10-01 05:55:40 +00:00
GiteaBot 551473b294 [skip ci] Updated translations via Crowdin 2020-09-30 21:00:33 +00:00
GiteaBot 7670a9db10 [skip ci] Updated translations via Crowdin 2020-09-30 16:17:15 +00:00
GiteaBot 615e784150 [skip ci] Updated translations via Crowdin 2020-09-30 12:28:46 +00:00
GiteaBot 9b6361f8a0 [skip ci] Updated translations via Crowdin 2020-09-29 19:27:47 +00:00
GiteaBot b606f13365 [skip ci] Updated translations via Crowdin 2020-09-28 19:01:59 +00:00
GiteaBot f404bdde9b [skip ci] Updated translations via Crowdin 2020-09-27 19:21:50 +00:00
GiteaBot 82179a6e81 [skip ci] Updated translations via Crowdin 2020-09-27 02:11:47 +00:00
GiteaBot b49ebc2ba8 [skip ci] Updated translations via Crowdin 2020-09-26 17:57:16 +00:00
GiteaBot 274430f40b [skip ci] Updated translations via Crowdin 2020-09-25 08:59:15 +00:00
zeripath 7a7f56044a
Adopt repositories (#12920)
* Don't automatically delete repository files if they are present

Prior to this PR Gitea would delete any repository files if they are
present during creation or migration. This can in certain circumstances
lead to data-loss and is slightly unpleasant.

This PR provides a mechanism for Gitea to adopt repositories on creation
and otherwise requires an explicit flag for deletion.

PushCreate is slightly different - the create will cause adoption if
that is allowed otherwise it will delete the data if that is allowed.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix tests and migrate overwrite

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @lunny

Only offer to adopt or overwrite if the user can do that.

Allow the site administrator to adopt or overwrite in all
circumstances

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Use setting.Repository.DefaultBranch for the default branch

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Always set setting.Repository.DefaultBranch

Signed-off-by: Andrew Thornton <art27@cantab.net>

* update swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* update templates

Signed-off-by: Andrew Thornton <art27@cantab.net>

* ensure repo closed

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Rewrite of adoption as per @6543 and @lunny

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

* update swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* missing not

Signed-off-by: Andrew Thornton <art27@cantab.net>

* add modals and flash reporting

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Make the unadopted page searchable

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add API

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Handle empty and non-master branched repositories

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove commented out code

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-25 07:09:23 +03:00
GiteaBot b5109272db [skip ci] Updated translations via Crowdin 2020-09-24 22:38:04 +00:00
GiteaBot 01ad714715 [skip ci] Updated translations via Crowdin 2020-09-23 20:26:51 +00:00
GiteaBot f215e015df [skip ci] Updated translations via Crowdin 2020-09-22 17:03:23 +00:00
GiteaBot 060d46dd25 [skip ci] Updated translations via Crowdin 2020-09-21 14:37:57 +00:00
GiteaBot 3f9eb93cc6 [skip ci] Updated translations via Crowdin 2020-09-20 21:56:51 +00:00
GiteaBot 23f064e813 [skip ci] Updated translations via Crowdin 2020-09-20 20:21:12 +00:00
GiteaBot e7ffc67ad5 [skip ci] Updated translations via Crowdin 2020-09-20 17:56:20 +00:00
GiteaBot 7e5499575b [skip ci] Updated translations via Crowdin 2020-09-19 23:22:29 +00:00
GiteaBot 355788db46 [skip ci] Updated translations via Crowdin 2020-09-19 16:45:53 +00:00
zeripath 4979f15c3f
Add configurable Trust Models (#11712)
* Add configurable Trust Models

Gitea's default signature verification model differs from GitHub. GitHub
uses signatures to verify that the committer is who they say they are -
meaning that when GitHub makes a signed commit it must be the committer.
The GitHub model prevents re-publishing of commits after revocation of a
key and prevents re-signing of other people's commits to create a
completely trusted repository signed by one key or a set of trusted
keys.

The default behaviour of Gitea in contrast is to always display the
avatar and information related to a signature. This allows signatures to
be decoupled from the committer. That being said, allowing arbitary
users to present other peoples commits as theirs is not necessarily
desired therefore we have a trust model whereby signatures from
collaborators are marked trusted, signatures matching the commit line
are marked untrusted and signatures that match a user in the db but not
the committer line are marked unmatched.

The problem with this model is that this conflicts with Github therefore
we need to provide an option to allow users to choose the Github model
should they wish to.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Adjust locale strings

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @6543

Co-authored-by: 6543 <6543@obermui.de>

* Update models/gpg_key.go

* Add migration for repository

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-09-20 00:44:55 +08:00
GiteaBot 89c94e2f8e [skip ci] Updated translations via Crowdin 2020-09-18 17:51:09 +00:00
GiteaBot 7250f5342f [skip ci] Updated translations via Crowdin 2020-09-18 12:10:52 +00:00
GiteaBot afea4faa33 [skip ci] Updated translations via Crowdin 2020-09-17 18:25:33 +00:00
赵智超 d8b5235ded
Add ui style for "Open a blank issue" button (#12824)
* Add ui style for "Open a blank issue" button

Signed-off-by: a1012112796 <1012112796@qq.com>

* Apply review suggestion @silverwind

* format

* format 2

* fix message

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-09-16 10:07:09 +08:00
GiteaBot ace8a283f1 [skip ci] Updated translations via Crowdin 2020-09-15 23:50:35 +00:00
GiteaBot 81ed47c29d [skip ci] Updated translations via Crowdin 2020-09-15 14:38:30 +00:00
GiteaBot 3d0ad2885a [skip ci] Updated translations via Crowdin 2020-09-15 11:29:56 +00:00
GiteaBot c950ea10ab [skip ci] Updated translations via Crowdin 2020-09-14 18:43:45 +00:00
GiteaBot 6a1a6332de [skip ci] Updated translations via Crowdin 2020-09-14 11:49:03 +00:00
GiteaBot 33f606ce4c [skip ci] Updated translations via Crowdin 2020-09-14 10:41:18 +00:00
GiteaBot 53b656582e [skip ci] Updated translations via Crowdin 2020-09-13 01:49:50 +00:00
GiteaBot 55e05ad1ce [skip ci] Updated translations via Crowdin 2020-09-12 12:32:50 +00:00
赵智超 ae528d8321
Translate two small lables on commit statuse list (#12821)
* Requested
* Details

Signed-off-by: a1012112796 <1012112796@qq.com>
2020-09-12 15:29:50 +08:00
GiteaBot c18c6cf4cf [skip ci] Updated translations via Crowdin 2020-09-11 20:20:02 +00:00
John Olheiser 26c4a049da
Issue templates directory (#11450)
* Issue templates

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add some comments, appease the linter

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add docs and re-use dir candidates

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add default labels to issue templates

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Generate swagger

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Suggested changes

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update issue.go

* Suggestions

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Extract metadata from legacy if possible

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-11 10:48:39 -04:00
GiteaBot 910947fbcd [skip ci] Updated translations via Crowdin 2020-09-11 12:39:57 +00:00
zeripath 4eb0a1dfaf
Disable watch and star if not signed in (#12807)
Fix #12070

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-11 12:01:51 +01:00
GiteaBot 29ac1f9122 [skip ci] Updated translations via Crowdin 2020-09-11 06:45:37 +00:00
GiteaBot 5b10da241b [skip ci] Updated translations via Crowdin 2020-09-10 17:06:38 +00:00
John Olheiser c3e8c9441a
Add check for LDAP group membership (#10869)
This is a port of gogs/gogs#4398

The only changes made by myself are:

Add locales
Add some JS to the UI
Otherwise all code credit goes to @aboron

Resolves #10829

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2020-09-10 16:30:07 +01:00
Bagas Sanjaya 4c42fce401
Add placeholder text for bio profile text form (#12792)
* Add placeholder text
  * Localize
2020-09-10 15:29:26 +01:00
GiteaBot 7354efe702 [skip ci] Updated translations via Crowdin 2020-09-10 13:05:36 +00:00
GiteaBot b333aa7db4 [skip ci] Updated translations via Crowdin 2020-09-10 04:17:37 +00:00
GiteaBot fcc410c350 [skip ci] Updated translations via Crowdin 2020-09-09 19:09:54 +00:00
GiteaBot 0cd49aaebd [skip ci] Updated translations via Crowdin 2020-09-09 18:30:16 +00:00
Lunny Xiao e153cf07c3
Add a migrate service type switch page (#12697)
* Add a migrat service type switch page

* Improve translations

* remove images

* Fix images

* remove extra create repo button on dashboard

* Follow reviewers' opinions

* Fix frontend lint

* Remove wrong submit file

* Fix tests

* Adjust the size of image

* Apply suggestions from code review

Co-authored-by: 赵智超 <1012112796@qq.com>

* Remove username and password from migration of github/gitlab

* Improve docs

* Improve interface docs

Co-authored-by: 赵智超 <1012112796@qq.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-09 14:29:10 -04:00
GiteaBot 6483dbc8ec [skip ci] Updated translations via Crowdin 2020-09-09 17:32:39 +00:00
GiteaBot 090024db37 [skip ci] Updated translations via Crowdin 2020-09-09 13:09:44 +00:00
GiteaBot 1fbc50f974 [skip ci] Updated translations via Crowdin 2020-09-08 22:07:38 +00:00
John Olheiser c6e4bc53aa
Check passwords against HaveIBeenPwned (#12716)
* Implement pwn

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update module

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Apply suggestions mrsdizzie

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Add link to HIBP

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add more details to admin command

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add context to pwn

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Consistency and making some noise ;)

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: mrsdizzie <info@mrsdizzie.com>
Co-authored-by: zeripath <art27@cantab.net>
2020-09-08 17:06:39 -05:00
Vedran e204398754
Change/remove a branch of an open issue (#9080)
* Add field with isIssueWriter to front end

* Make branch field editable

* Switch frontend to form and POST from javascript

* Add /issue/id/ref endpoint to routes

* Use UpdateIssueTitle model to change ref in backend

* Removed crossreference check and adding comments on branch change

* Use ref returned from POST to update the field

* Prevent calling loadRepo from models/

* Branch/tag refreshed without page reload

* Remove filter for empty branch name

* Add clear option to tag list as well

* Delete button translation and coloring

* Fix for not showing selected branch name in new issue

* Check that branch is not being changed on a PR

* Change logic

* Notification when changing issue ref

* Fix for renamed permission parameter

* Fix for failing build

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: Gitea <gitea@fake.local>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-08 12:29:51 -04:00
GiteaBot 0ed8d268ad [skip ci] Updated translations via Crowdin 2020-09-08 15:46:14 +00:00
GiteaBot 9af60ce0bb [skip ci] Updated translations via Crowdin 2020-09-07 22:28:18 +00:00
GiteaBot 226aef7e0f [skip ci] Updated translations via Crowdin 2020-09-07 15:06:09 +00:00
GiteaBot 0b198eb392 [skip ci] Updated translations via Crowdin 2020-09-06 19:54:31 +00:00
GiteaBot 332dbe7393 [skip ci] Updated translations via Crowdin 2020-09-06 16:26:12 +00:00
zeripath f727e3e1c9
Fix editor.commit_empty_file_text locale string (#12744)
editor.commit_empty_file_text should read `about to commit`
not `about commit`

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-06 12:24:24 -04:00
GiteaBot 43c303d35c [skip ci] Updated translations via Crowdin 2020-09-06 15:39:00 +00:00
GiteaBot 0ed5e103fe [skip ci] Updated translations via Crowdin 2020-09-06 15:01:20 +00:00
GiteaBot a755e5adeb [skip ci] Updated translations via Crowdin 2020-09-06 10:35:50 +00:00
GiteaBot 0cc4aadf58 [skip ci] Updated translations via Crowdin 2020-09-06 08:55:26 +00:00
GiteaBot 67ec27150e [skip ci] Updated translations via Crowdin 2020-09-05 22:51:54 +00:00
GiteaBot 78509b5f9b [skip ci] Updated translations via Crowdin 2020-09-05 20:13:09 +00:00
GiteaBot 913ac9cacd [skip ci] Updated translations via Crowdin 2020-09-05 17:39:52 +00:00
6543 1ea1cade85
Add Created & Updated to Milestone (#12662)
* Add Created and Updated to Milestone table and expose via API

* Expose to UI - To Overloaded ?!?

* fix unit test

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-05 13:38:54 -04:00
GiteaBot 7404786420 [skip ci] Updated translations via Crowdin 2020-09-05 16:43:55 +00:00
GiteaBot e80eda7d01 [skip ci] Updated translations via Crowdin 2020-09-05 11:59:34 +00:00
GiteaBot 9837b598fc [skip ci] Updated translations via Crowdin 2020-09-04 22:47:21 +00:00
GiteaBot 45c0ec3152 [skip ci] Updated translations via Crowdin 2020-09-04 17:30:03 +00:00
6543 ca81b6528b
UI: Inform user what meaning hourglass on reviews has (#12713)
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-04 12:36:37 -04:00
GiteaBot 42a5e39b3b [skip ci] Updated translations via Crowdin 2020-09-03 21:27:49 +00:00
GiteaBot 6d6b5ceaa5 [skip ci] Updated translations via Crowdin 2020-09-03 18:59:33 +00:00
GiteaBot 8fa7a4b511 [skip ci] Updated translations via Crowdin 2020-09-03 10:12:22 +00:00
GiteaBot baa93855e8 [skip ci] Updated translations via Crowdin 2020-09-03 07:36:13 +00:00
GiteaBot ed81a95a84 [skip ci] Updated translations via Crowdin 2020-09-02 20:20:42 +00:00
GiteaBot 3ecd030cd5 [skip ci] Updated translations via Crowdin 2020-09-02 16:56:15 +00:00
GiteaBot ea775e67fb [skip ci] Updated translations via Crowdin 2020-09-02 15:02:44 +00:00
GiteaBot 66843f2237 [skip ci] Updated translations via Crowdin 2020-08-31 17:13:45 +00:00
GiteaBot 807a41ca9a [skip ci] Updated translations via Crowdin 2020-08-30 22:55:54 +00:00
GiteaBot 274f9233ab [skip ci] Updated translations via Crowdin 2020-08-28 17:40:33 +00:00
GiteaBot 3bf1c4fad0 [skip ci] Updated translations via Crowdin 2020-08-28 14:40:48 +00:00
zeripath 1d47a25759
Fix confusing last_org_owner locale string (#12628)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-28 09:39:50 -05:00
GiteaBot cbc60f5c70 [skip ci] Updated translations via Crowdin 2020-08-28 02:48:16 +00:00
John Olheiser 211321fb93
Git migration UX (#12619)
* Initial work

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Implementation

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix gitlab and token cloning

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Imports and JS

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix test

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Linting

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Generate swagger

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Move mirror toggle and rename options

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-08-28 09:36:37 +08:00
GiteaBot ed2f6e137b [skip ci] Updated translations via Crowdin 2020-08-27 20:46:30 +00:00
赵智超 65444c5ea3
Add link to home page on swagger ui (#12601)
* Add link to home page on swagger ui

Signed-off-by: a1012112796 <1012112796@qq.com>

* translate

* Apply review suggestion

* Move to right, Thanks @silverwind

* tweaks

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-08-26 12:39:45 -04:00
GiteaBot 63f3c42be9 [skip ci] Updated translations via Crowdin 2020-08-24 15:49:17 +00:00
zeripath 1bf7b8d7c1
Fix signing.wont_sign.%!s(<nil>) if Require Signing commits but not signed in (#12581)
signing.wont_sign.%!s(<nil>) will be displayed if the repository needs signed
commits but the user is not logged in.

This is displayed because of complicated logic in the the template repo/issue/view_content/pull.tmpl
and a shortcut in the code of routers/repo/issue.go

This PR adds a default value of notsignedin if users are not signed in, which
although our templates will not show will prevent custom templates from showing
the above.

It also fixes the template to avoid showing signing errors if the user is not
authorized to sign.

Replaces #12564
Close #12564

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-23 22:59:41 +01:00
GiteaBot d2cee3eea6 [skip ci] Updated translations via Crowdin 2020-08-23 16:03:36 +00:00
GiteaBot a0484890c1 [skip ci] Updated translations via Crowdin 2020-08-22 01:24:01 +00:00