Commit Graph

45 Commits

Author SHA1 Message Date
Lunny Xiao bd7709a602
Hide some user information via API if user have no enough permission (#8655)
* Hide some user information via API if user have no enough permission

* fix test
2019-10-24 10:52:17 +08:00
zeripath fcb535c5c3
Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631)
This PR fixes #7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however.

## Features
- [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.)
- [x] Verify commits signed with the default gpg as valid
- [x] Signer, Committer and Author can all be different
    - [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon.
- [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available
    - Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg
    - [x] Try to match the default key with a user on gitea - this is done at verification time
- [x] Make things configurable?
    - app.ini configuration done
    - [x] when checking commits are signed need to check if they're actually verifiable too
- [x] Add documentation

I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
2019-10-16 14:42:42 +01:00
David Svantesson a0e88dfc2e Add teams to repo on collaboration page. (#8045)
* Add teams to repo on collaboration page.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add option for repository admins to change teams access to repo.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add comment for functions

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Make RepoAdminChangeTeamAccess default false in xorm and make it default checked in template instead.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Make proper language strings and fix error redirection.

* Add unit tests for adding and deleting team from repository.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add database migration

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix redirect

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix locale string mismatch.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Move team access mode text logic to template.

* Move collaborator access mode text logic to template.
2019-09-23 23:08:03 +03:00
David Svantesson 1f951cdeba Add API endpoint for accessing repo topics (#7963)
* Create API endpoints for repo topics.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Generate swagger

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add documentation to functions

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Grammar fix

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix function comment

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Can't use FindTopics when looking for a single repo topic, as it doesnt use exact match

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add PUT ​/repos​/{owner}​/{repo}​/topics and remove GET ​/repos​/{owner}​/{repo}​/topics

* Ignore if topic is sent twice in same request, refactoring.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix topic dropdown with api changes.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Style fix

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Update API documentation

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Better way to handle duplicate topics in slice

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Make response element TopicName an array of strings, instead of using an array of TopicName

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add test cases for API Repo Topics.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix format of tests

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix comments

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix unit tests after adding some more topics to the test fixture.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Update models/topic.go

Limit multiple if else if ...

Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>

* Engine as first parameter in function

Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>

* Replace magic numbers with http status code constants.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix variable scope

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Test one read with login and one with token

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add some more tests

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Apply suggestions from code review

Use empty struct for efficiency

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Add test case to check access for user with write access

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix access, repo admin required to change topics

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Correct first test to be without token

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Any repo reader should be able to access topics.

* No need for string pointer

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
2019-09-03 23:46:24 +08:00
Tamal Saha 171b359877 Use gitea forked macaron (#7933)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-08-23 12:40:29 -04:00
renothing cbf231a675 fix wrong email when use gitea as OAuth2 provider (#7640)
when you use gitea as OAuth2 provider, the /api/v1/user should return
user primary email as identifier, which is unique in OAuth2 clients.

this patch use convert.ToUser replace all u.APIFormat in api requests,
return primary email when caller is yourself or admin.
2019-07-27 16:15:30 +03:00
Richard Mahn 567e117df8 Fixes #7238 - Annotated tag commit ID incorrect (#7321)
* Fixes #7238 - Annotated tag commit ID incorrect

* Fixes #7238 - Annotated tag commit ID incorrect
2019-06-29 11:44:17 +01:00
zeripath cf2221e3ac Add LastLogin to the User API (#7196) 2019-06-15 23:28:32 -04:00
Richard Mahn 8de0b0a3f0 Fixes #2738 - Adds the /git/tags API endpoint (#7138)
* Fixes #2738 - /git/tags API

* proper URLs

* Adds function comments

* Updates swagger

* Removes newline from tag message

* Removes trailing newline from commit message

* Adds integration test

* Removed debugging

* Adds tests

* Fixes bug where multiple tags of same commit show wrong tag name

* Fix formatting

* Removes unused varaible

* Fix to annotated tag function names and response

* Update modules/git/repo_tag.go

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Uses TagPrefix

* Changes per review, better error handling for getting tag and commit IDs

* Fix to getting commit ID

* Fix to getting commit ID

* Fix to getting commit ID

* Fix to getting commit ID
2019-06-08 17:31:11 +03:00
Richard Mahn 43cf2f3b55 Fixes #7023 - API Org Visibility (#7028) 2019-05-30 13:57:55 -04:00
Lunny Xiao 34eee25bd4
Move sdk structs to modules/structs (#6905)
* move sdk structs to moduels/structs

* fix tests

* fix fmt

* fix swagger

* fix vendor
2019-05-11 18:21:34 +08:00
Filip Navara 2af67f6044 Improve listing performance by using go-git (#6478)
* Use go-git for tree reading and commit info lookup.

Signed-off-by: Filip Navara <navara@emclient.com>

* Use TreeEntry.IsRegular() instead of ObjectType that was removed.

Signed-off-by: Filip Navara <navara@emclient.com>

* Use the treePath to optimize commit info search.

Signed-off-by: Filip Navara <navara@emclient.com>

* Extract the latest commit at treePath along with the other commits.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix listing commit info for a directory that was created in one commit and never modified after.

Signed-off-by: Filip Navara <navara@emclient.com>

* Avoid nearly all external 'git' invocations when doing directory listing (.editorconfig code path is still hit).

Signed-off-by: Filip Navara <navara@emclient.com>

* Use go-git for reading blobs.

Signed-off-by: Filip Navara <navara@emclient.com>

* Make SHA1 type alias for plumbing.Hash in go-git.

Signed-off-by: Filip Navara <navara@emclient.com>

* Make Signature type alias for object.Signature in go-git.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix GetCommitsInfo for repository with only one commit.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix PGP signature verification.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix issues with walking commit graph across merges.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix typo in condition.

Signed-off-by: Filip Navara <navara@emclient.com>

* Speed up loading branch list by keeping the repository reference (and thus all the loaded packfile indexes).

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix lising submodules.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix build

Signed-off-by: Filip Navara <navara@emclient.com>

* Add back commit cache because of name-rev

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix tests

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix code style

* Fix spelling

* Address PR feedback

Signed-off-by: Filip Navara <navara@emclient.com>

* Update vendor module list

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix getting trees by commit id

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix remaining unit test failures

* Fix GetTreeBySHA

* Avoid running `git name-rev` if not necessary

Signed-off-by: Filip Navara <navara@emclient.com>

* Move Branch code to git module

* Clean up GPG signature verification and fix it for tagged commits

* Address PR feedback (import formatting, copyright headers)

* Make blob lookup by SHA working

* Update tests to use public API

* Allow getting content from any type of object through the blob interface

* Change test to actually expect the object content that is in the GIT repository

* Change one more test to actually expect the object content that is in the GIT repository

* Add comments
2019-04-19 20:17:27 +08:00
Segev Finer 34548369e1 Add API for manipulating Git hooks (#6436)
* Add API for manipulating Git hooks

Signed-off-by: Segev Finer <segev@codeocean.com>

* Replace code.gitea.io/sdk with PR branch temporarily for CI

* Switch back to code.gitea.io/sdk@master

* Return 403 instead of 404 on no permission to edit hooks in API

* Add tests for Git hooks API

* Update models/repo_list_test.go

Co-Authored-By: segevfiner <segev208@gmail.com>

* Update models/repo_list_test.go

Co-Authored-By: segevfiner <segev208@gmail.com>

* empty line
2019-04-17 01:31:08 -04:00
zeripath 837116875e Return a UserList from /api/v1/admin/users (#6629) 2019-04-15 12:36:59 -04:00
zeripath 704da08fdc
Better logging (#6038) (#6095)
* Panic don't fatal on create new logger

Fixes #5854

Signed-off-by: Andrew Thornton <art27@cantab.net>

* partial broken

* Update the logging infrastrcture

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Reset the skip levels for Fatal and Error

Signed-off-by: Andrew Thornton <art27@cantab.net>

* broken ncsa

* More log.Error fixes

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove nal

* set log-levels to lowercase

* Make console_test test all levels

* switch to lowercased levels

* OK now working

* Fix vetting issues

* Fix lint

* Fix tests

* change default logging to match current gitea

* Improve log testing

Signed-off-by: Andrew Thornton <art27@cantab.net>

* reset error skip levels to 0

* Update documentation and access logger configuration

* Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE

* Fix broken level caching

* Refactor the router log

* Add Router logger

* Add colorizing options

* Adjust router colors

* Only create logger if they will be used

* update app.ini.sample

* rename Attribute ColorAttribute

* Change from white to green for function

* Set fatal/error levels

* Restore initial trace logger

* Fix Trace arguments in modules/auth/auth.go

* Properly handle XORMLogger

* Improve admin/config page

* fix fmt

* Add auto-compression of old logs

* Update error log levels

* Remove the unnecessary skip argument from Error, Fatal and Critical

* Add stacktrace support

* Fix tests

* Remove x/sync from vendors?

* Add stderr option to console logger

* Use filepath.ToSlash to protect against Windows in tests

* Remove prefixed underscores from names in colors.go

* Remove not implemented database logger

This was removed from Gogs on 4 Mar 2016 but left in the configuration
since then.

* Ensure that log paths are relative to ROOT_PATH

* use path.Join

* rename jsonConfig to logConfig

* Rename "config" to "jsonConfig" to make it clearer

* Requested changes

* Requested changes: XormLogger

* Try to color the windows terminal

If successful default to colorizing the console logs

* fixup

* Colorize initially too

* update vendor

* Colorize logs on default and remove if this is not a colorizing logger

* Fix documentation

* fix test

* Use go-isatty to detect if on windows we are on msys or cygwin

* Fix spelling mistake

* Add missing vendors

* More changes

* Rationalise the ANSI writer protection

* Adjust colors on advice from @0x5c

* Make Flags a comma separated list

* Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING

* Ensure matching is done on the non-colored message - to simpify EXPRESSION
2019-04-02 08:48:31 +01:00
Lunny Xiao d578b71d61
move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364)
* move code.gitea.io/git to code.gitea.io/gitea/modules/git

* fix imports

* fix fmt

* fix misspell

* remove wrong tests data

* fix unit tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* enable Debug to trace the failure tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* comment commit count tests since git clone depth is 50

* fix tests

* update from code.gitea.io/git

* revert change to makefile
2019-03-27 17:33:00 +08:00
Lunny Xiao 01bbf5ea69 Add API to list tags (#5850)
* Add API to list tags

* update dependency gitea sdk vendor

* fix swagger generation

* fix swagger

* add tests

* update code.gitea.io/git vendor
2019-02-07 12:00:52 +00:00
Lunny Xiao b3000ae623 Fix create team, update team missing units (#5188) 2018-11-10 14:45:32 -05:00
zeripath 00533d3870 Keys API changes (#4960)
* Add private information to the deploy keys api

This commit adds more information to the deploy keys to allow for back
reference in to the main keys list. It also adds information about the
repository that the key is referring to.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add private information to the user keys API

This adjusts the keys API to give out private information to user keys if
the current user is the owner or an admin.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add ability to search keys by fingerprint

This commit adds the functionality to search ssh-keys by fingerprint of
the ssh-key. Deploy keys per repository can also be searched. There is
no current clear API point to allow search of all deploy keys by
fingerprint or keyID.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add integration test
2018-10-31 23:40:49 -04:00
Ethan Koenig 7b104f0cd0 Populate URL field of API commits (#3546)
* Populate URL field of API commits

* fix orgmode_test
2018-02-20 20:50:42 +08:00
Lunny Xiao f94c1b3943
Improvements for supporting UI Location (#3146)
* improvements for supporting UI Location

* improved the comment
2017-12-14 07:45:31 +08:00
Lunny Xiao f2e20c81b6 Refactor struct's time to remove unnecessary memory usage (#3142)
* refactor struct's time to remove unnecessary memory usage

* use AsTimePtr simple code

* fix tests

* fix time compare

* fix template on gpg

* use AddDuration instead of Add
2017-12-11 06:37:04 +02:00
Vlad Temian 6ad4990a65 Add fingerprint to ssh key endpoints. (#3009)
* Add fingerprint to ssh key endpoints.

* Update gitea sdk vendor
2017-11-28 17:21:39 +02:00
Lunny Xiao cf6699fb4f fix gpg API panic when no verification (#1451)
* fix gpg API panic when no verification

* fix if condition
2017-04-06 18:40:05 -07:00
Antoine GIRARD 14fe9010ae GPG commit validation (#1150)
* GPG commit validation

* Add translation

+ some little fix

* Move hash calc after retrieving of potential key + missing translation

* Add some little test
2017-03-22 18:43:54 +08:00
Antoine GIRARD ca1c3f1926 Implement GPG api (#710)
* Implement GPG API

* Better handle error

* Apply review recommendation + simplify database operations

* Remove useless comments
2017-03-16 09:27:35 +08:00
Kim "BKC" Carlbäcker 42ec5ce740 Fix breakage from vendor-update 2016-11-29 11:50:22 +01:00
Lunny Xiao 3917ed45de golint fixed for routers (#208) 2016-11-24 15:04:31 +08:00
Sandro Santilli a1c5f02444 Fix import path of go-sdk (#141)
From code.gitea.io/go-sdk/gitea
  To code.gitea.io/sdk/gitea
2016-11-11 17:39:44 +08:00
Sandro Santilli 4247304f5a Update import paths from github.com/go-gitea to code.gitea.io (#135)
- Update import paths from github.com/go-gitea to code.gitea.io
- Fix import path for travis

See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
2016-11-10 17:24:48 +01:00
Thomas Boerger 4c6c16f358
Replaced go-gogs-client with go-sdk imports 2016-11-07 16:10:32 +01:00
Sandro Santilli 6e4252dad4 Replace gogits/git-module dependency with go-gitea/git (#94)
* Replace gogits/git-module dependency with go-gitea/git

Fixes #92

* Remove git alias for git module import (not needed)
2016-11-06 11:18:34 -02:00
Rémy Boulanouar 2d68bd1ef9 Change import reference to match gitea instead of gogs (#37) 2016-11-03 10:29:56 -02:00
Unknwon dccb0c15b9 Replace convert.To with APIFormat calls 2016-08-14 04:17:26 -07:00
Unknwon 3f7f4852ef #2246 fully support of webhooks for pull request 2016-08-14 03:32:24 -07:00
lstahlman 89f71b44f7 Add committer information to API and Webhooks. Also fixes #3271 (#3414) 2016-08-09 22:01:57 -07:00
lstahlman 2eeb0ec9b0 Additional API support for labels (#3290)
* Add API support for labels.

* Error handling for adding/replacing multiple issue labels

* Revisions to function names and error handling. Use issue.ClearLabels in replace/clear functions

* Additional code cleanup
2016-08-03 09:24:16 -07:00
Unknwon 1f2e173a74 Refactor User.Id to User.ID 2016-07-24 01:08:22 +08:00
lstahlman 846bf2ca9f Add timestamps to repository api response (#3255)
Additional properties: created_at, updated_at
2016-07-12 06:28:51 +08:00
lstahlman 12cb84b97f Extend the API to include more repository properties (#3249)
Adds description, stars_count, forks_count, watchers_count and
open_issues_count.
2016-07-11 07:56:15 +08:00
Unknwon e6f927f61a #1692 api: admin list and create team under organization 2016-03-21 12:47:54 -04:00
Unknwon 9bd9ad4205 #1692 add CRUD issue APIs
- Fix go-gogs-client#10
- Related to #809
2016-03-13 23:20:22 -04:00
Antoine GIRARD b7b30cd85e Corrections following recommendations 2016-01-28 20:51:19 +01:00
Antoine GIRARD c11c3b6c11 Near ready 2016-01-28 20:51:19 +01:00
Unknwon 9cd16c5b12 #1692 add organization APIs 2015-12-17 02:28:47 -05:00