Commit Graph

509 Commits

Author SHA1 Message Date
6543 f915161a2f
skip email validation on empty string (#13627)
- move validation into its own function
- use a session for UpdateUserSetting
2020-11-20 23:45:55 +02:00
Chris Shyi d025d84d91
Add email validity check (#13475)
* Improve error feedback for duplicate deploy keys

Instead of a generic HTTP 500 error page, a flash message is rendered
with the deploy key page template so inform the user that a key with the
intended title already exists.

* API returns 422 error when key with name exists

* Add email validity checking

Add email validity checking for the following routes:
[Web interface]
1. User registration
2. User creation by admin
3. Adding an email through user settings
[API]
1. POST /admin/users
2. PATCH /admin/users/:username
3. POST /user/emails

* Add further tests

* Add signup email tests

* Add email validity check for linking existing account

* Address PR comments

* Remove unneeded DB session

* Move email check to updateUser

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-11-14 11:53:43 -05:00
Paweł Bogusławski d2ad4dec63
Avatar autogeneration fixed (#13233)
This mod fixes problem with initial avatar autogeneration and
avatar autogneration after deleting previous avatar.

Related: https://github.com/go-gitea/gitea/issues/13159
Fixes: 80a6b0f5bc
Author-Change-Id: IB#1105243
2020-10-23 20:55:10 +03:00
6543 d453533beb
[Refactor] Move APIFormat functions into convert package (#12856)
* USER APIFormat -> ToUser

* Migrate more and mark APIFormat deprecated

* models.Comment APIFormat() -> convert.ToComment

* models.Release APIFormat() -> convert.ToRelease

* models.Attachments APIFormat() -> convert.ToReleaseAttachments

* models.CommitStatus APIFormat() -> convert.ToCommitStatus

* finish migration to convert.ToUser

* Move Test

* Imprufe Test

* fix test

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-17 00:23:08 -04:00
ydelafollye cb171dbd56
Improve users management through the CLI (#6001) (#10492)
* Fix images in wiki edit preview (#11546)

Make sure wiki editor sets wiki to true so gitea renders it as a wiki page.

Also change the context data attr for edit form. This looks wrong but everywhere else in our code assumes the urlPrefix to be just the repo url when rendering and manually adds /wiki to the rendered url regardless.

Fixes #11540
2020-10-15 22:48:38 -04:00
Lunny Xiao 80a6b0f5bc
Avatars and Repo avatars support storing in minio (#12516)
* Avatar support minio

* Support repo avatar minio storage

* Add missing migration

* Fix bug

* Fix test

* Add test for minio store type on avatars and repo avatars; Add documents

* Fix bug

* Fix bug

* Add back missed avatar link method

* refactor codes

* Simplify the codes

* Code improvements

* Fix lint

* Fix test mysql

* Fix test mysql

* Fix test mysql

* Fix settings

* Fix test

* fix test

* Fix bug
2020-10-14 21:07:51 +08:00
Wim 9066d09c57
Add ssh certificate support (#12281)
* Add ssh certificate support

* Add ssh certificate support to builtin ssh

* Write trusted-user-ca-keys.pem based on configuration

* Update app.example.ini

* Update templates/user/settings/keys_principal.tmpl

Co-authored-by: silverwind <me@silverwind.io>

* Remove unused locale string

* Update options/locale/locale_en-US.ini

Co-authored-by: silverwind <me@silverwind.io>

* Update options/locale/locale_en-US.ini

Co-authored-by: silverwind <me@silverwind.io>

* Update models/ssh_key.go

Co-authored-by: silverwind <me@silverwind.io>

* Add missing creation of SSH.Rootpath

* Update cheatsheet, example and locale strings

* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>

* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>

* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>

* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>

* Update models/ssh_key.go

* Optimizations based on feedback

* Validate CA keys for external sshd

* Add filename option and change default filename

Add a SSH_TRUSTED_USER_CA_KEYS_FILENAME option which default is
RUN_USER/.ssh/gitea-trusted-user-ca-keys.pem

Do not write a file when SSH_TRUSTED_USER_CA_KEYS is empty.

Add some more documentation.

* Remove unneeded principalkey functions

* Add blank line

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

* Add SSH_AUTHORIZED_PRINCIPALS_ALLOW option

This adds a SSH_AUTHORIZED_PRINCIPALS_ALLOW which is default
email,username this means that users only can add the principals
that match their email or username.

To allow anything the admin need to set the option anything.

This allows for a safe default in gitea which protects against malicious
users using other user's prinicipals. (before that user could set it).

This commit also has some small other fixes from the last code review.

* Rewrite principal keys file on user deletion

* Use correct rewrite method

* Set correct AuthorizedPrincipalsBackup default setting

* Rewrite principalsfile when adding principals

* Add update authorized_principals option to admin dashboard

* Handle non-primary emails

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add the command actually to the dashboard template

* Update models/ssh_key.go

Co-authored-by: silverwind <me@silverwind.io>

* By default do not show principal options unless there are CA keys set or they are explicitly set

Signed-off-by: Andrew Thornton <art27@cantab.net>

* allow settings when enabled

* Fix typos in TrustedUserCAKeys path

* Allow every CASignatureAlgorithms algorithm

As this depends on the content of TrustedUserCAKeys we should allow all
signature algorithms as admins can choose the specific algorithm on their
signing CA

* Update models/ssh_key.go

Co-authored-by: Lauris BH <lauris@nix.lv>

* Fix linting issue

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-10 20:38:09 -04:00
6543 818d921bbb
Refactor use TrimSuffix instead of TrimRight (#12993)
* Refactor use TrimSuffix instead of TrimRight

* TrimRight right

* has #12990
2020-10-01 06:54:34 +01:00
zeripath 7a7f56044a
Adopt repositories (#12920)
* Don't automatically delete repository files if they are present

Prior to this PR Gitea would delete any repository files if they are
present during creation or migration. This can in certain circumstances
lead to data-loss and is slightly unpleasant.

This PR provides a mechanism for Gitea to adopt repositories on creation
and otherwise requires an explicit flag for deletion.

PushCreate is slightly different - the create will cause adoption if
that is allowed otherwise it will delete the data if that is allowed.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix tests and migrate overwrite

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @lunny

Only offer to adopt or overwrite if the user can do that.

Allow the site administrator to adopt or overwrite in all
circumstances

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Use setting.Repository.DefaultBranch for the default branch

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Always set setting.Repository.DefaultBranch

Signed-off-by: Andrew Thornton <art27@cantab.net>

* update swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* update templates

Signed-off-by: Andrew Thornton <art27@cantab.net>

* ensure repo closed

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Rewrite of adoption as per @6543 and @lunny

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

* update swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* missing not

Signed-off-by: Andrew Thornton <art27@cantab.net>

* add modals and flash reporting

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Make the unadopted page searchable

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add API

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Handle empty and non-master branched repositories

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove commented out code

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-25 07:09:23 +03:00
赵智超 ffa12bdb71
Fix "only mail on mention" bug (#12775)
* fix mail mention bug

fix #12774

Signed-off-by: a1012112796 <1012112796@qq.com>

* fix test

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-09 15:08:55 -04:00
zeripath 5c0697ad1e
Use argon as default password hash algorithm (#12688)
* Restrict TLS connections to 1.2 minimum

* Set Argon2 as the default KDF

* Fix user.yml

* Remove TLS minversion changes

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add migration as per @techknowlogick

Signed-off-by: Andrew Thornton <art27@cantab.net>

* set the password algo in the fixtures

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove the v148 migration - it needs recreate table to change the defaults

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Nadim Kobeissi <nadim@symbolic.software>
2020-09-03 14:58:31 -04:00
zeripath d1e67d7ade
Fix bug preventing transfer to private organization (#12497)
* Fix bug preventing transfer to private organization

The code assessing whether a private organization was visible to a user before
allowing transfer was incorrect due to testing membership the wrong way round

This PR fixes this issue and renames the function performing the test to be
clearer.

Further looking at the API for transfer repository - no testing was
performed to ensure that the acting user could actually see the new
owning organization.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* change IsUserPartOfOrg everywhere
2020-08-16 16:27:08 -04:00
zeripath 74bd9691c6
Re-attempt to delete temporary upload if the file is locked by another process (#12447)
Replace all calls to os.Remove/os.RemoveAll by retrying util.Remove/util.RemoveAll and remove circular dependencies from util.

Fix #12339

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
2020-08-11 21:05:34 +01:00
silverwind e24ee48776
Add serviceworker.js to KnownPublicEntries (#11992)
Fixes a wrong 302 redirect to the login page, see https://github.com/go-gitea/gitea/issues/11989.
Also made it so the reserved username list is extended with those known
entries so we avoid code duplication.

Should be backported to 1.12.
2020-06-20 16:20:25 +03:00
Lunny Xiao 1645d4a5d8
Use ID or Where to instead directly use Get when load object from database (#11925)
* Use ID or Where to instead directly use Get when load object from database

* Apply suggestions from code review

Co-authored-by: 6543 <6543@obermui.de>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2020-06-17 20:50:11 +03:00
Cirno the Strongest 0159851cc3
Rework api/user/repos for pagination (#11827)
* Add count to `GetUserRepositories` so that pagination can be supported for `/user/{username}/repos`
* Rework ListMyRepos to use models.SearchRepository

ListMyRepos was an odd one. It first fetched all user repositories and then tried to supplement them with accessible map. The end result was that:

* Limit for pagination did not work because accessible repos would always be appended
* The amount of pages was incorrect if one were to calculate it
* When paginating, all accessible repos would be shown on every page

Hopefully it should now work properly. Fixes #11800 and does not require any change on Drone-side as it can properly interpret and act on Link header which we now set.

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-06-13 12:35:59 +01:00
l-jonas aa3c0f8eba
Add hide activity option (#11353)
* Add hide activity option

This closes https://github.com/go-gitea/gitea/issues/7927

* Adjust for linter

* Adjust for linter

* Add tests

* Remove info that admins can view the activity

* Adjust new tests for linter

* Rename v139.go to v140.go

* Rename v140.go to v141.go

* properly indent

* gofmt

Co-authored-by: Jonas Lochmann <git@inkompetenz.org>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-06-05 16:01:53 -04:00
zeripath 9a2e47b23a
Refactor Cron and merge dashboard tasks (#10745)
* Refactor Cron and merge dashboard tasks

* Merge Cron and Dashboard tasks
* Make every cron task report a system notice on completion
* Refactor the creation of these tasks
* Ensure that execution counts of tasks is correct
* Allow cron tasks to be started from the cron page

* golangci-lint fixes

* Enforce that only one task with the same name can be registered

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix name check

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @guillep2k

* as per @lafriks

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add git.CommandContext variants

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-05-16 19:31:38 -04:00
zeripath c42c31a111
Correctly set the organization num repos (#11339)
* Correctly set the organization num repos

Correctly set the organization num repos to the number of
accessible repos for the user

Fix #11194

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @lunny

Signed-off-by: Andrew Thornton <art27@cantab.net>

* attempt to fix mssql

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update models/user.go

* Explicit columns

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add test and fix 0 counted orgs

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove orgname from api

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-05-12 01:04:08 +03:00
Andrew Bezold 3dc6af3d70
Fix creation of Organization repos by Users with max created personal repos (#11183)
* Fix creation of Org repos

Fix go-gitea#9269

* Change variable name to appease linter

* Update PR with suggestions

Add a note for user.CanCreateRepo() about failure assumptions
Change repo.create help message

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-04-30 16:11:56 +01:00
silverwind 5180deb819
Send 404 immediately for known public requests (#11117)
Instead of further handling requests to public which causes issues like #11088, immediately terminate requests to directories js, css, fomantic if no file is found which is checked against a hardcoded list. Maybe there is a way to retrieve the top-level entries below public in a dynamic fashion.

I also added fomantic to the reserved usernames and sorted the list.

Fixes: #11088
2020-04-18 22:01:06 +01:00
Lauris BH 37c3db7be6
Add restricted user filter to LDAP authentication (#10600)
* Add restricted user filter to LDAP authentification

* Fix unit test cases
2020-03-05 08:30:33 +02:00
6543 4160bd6ef1
Remove Unused Functions (#10516)
* remove ReplaceLeft

* remove GetRepositoryByOwnerAndName chainload to models.GetRepositoryByOwnerAndName

* remove CheckUnitUser chainload to models.CheckUnitUser

* remove MakeAssigneeList

* remove DownloadDiff & DownloadPatch -> DownloadDiffOrPatch

* remove GetRandomBytesAsBase64

* remove PushUpdateDeleteTags

* remove GetUserByKeyID
(you still can resolve user by "k, err := GetPublicKeyByID; userID := k.OwnerID")

* remove BasicAuthEncode from struct package -> same function in modules/base/tools !

* remove UserID from api.utils

* remove unused func from structs package
2020-03-02 00:05:44 +02:00
James Lakin 7ffc2427da
Show the username as a fallback on feeds if full name is blank (#10438)
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-02-26 22:08:24 +00:00
6543 084a2b0026
Code Refactor of IssueWatch related things (#10401)
* refactor

* optimize

* remove Iretating function
LoadWatchUsers do not load Users into IW object and it is used only in api ... so move this logic

* remove unessesary

* Apply suggestions from code review

Thx

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* make Tests more robust

* fix rebase

* restart CI

* CI no dont hit sqlites deadlock

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-02-26 03:32:22 -03:00
guillep2k 09dbd85a3a
Various fixes in login sources (#10428) 2020-02-23 13:52:05 -06:00
guillep2k cfcd8e4146
Ensure only own addresses are updated (#10397) 2020-02-21 10:08:04 -03:00
techknowlogick c0bc9871be
Blacklist manifest.json & milestones user (#10292)
Fix #10290
2020-02-16 02:56:49 -05:00
David Svantesson 9ff4e1d2d9
Add API branch protection endpoint (#9311)
* add API branch protection endpoint

* lint

* Change to use team names instead of ids.

* Status codes.

* fix

* Fix

* Add new branch protection options (BlockOnRejectedReviews, DismissStaleApprovals, RequireSignedCommits)

* Do xorm query directly

* fix xorm GetUserNamesByIDs

* Add some tests

* Improved GetTeamNamesByID

* http status created for CreateBranchProtection

* Correct status code in integration test

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2020-02-12 23:19:35 +00:00
6543 e273817154
[API] Fix inconsistent label color format (#10129)
* update and use labelColorPattern

* add TestCases

* fix lint

* # optional for templates

* fix typo

* some more

* fix lint of **master**
2020-02-09 14:33:03 +00:00
mavenbline 74a4a1e17f
Fix invalid repo urls after change username (#10150)
* Fix invalid repo urls after change username

* Update user.go

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
2020-02-08 16:59:40 +02:00
6543 d4096ab6a2
Ensure DeleteUser is not allowed to Delete Orgs and visa versa (#10134)
* add check to DeleteUser

* add check to DeleteOrganization

* add Test

* remove redundancy (deleteOrg is only used in DeleteOrganization)

* Update models/org.go

Co-authored-by: zeripath <art27@cantab.net>
2020-02-04 16:27:18 +02:00
Lunny Xiao 48ce135cc9
Move PushUpdateAddDeleteTags to repository module from models (#10106)
* Move PushUpdateAddDeleteTags to repository module from models

* Fix deadlock on sqlite
2020-02-03 09:47:04 +01:00
6543 8d43563a32
[BugFix] [API] Pull.API.Convert: Only try to get HeadBranch if HeadRepo exist (#10029)
* only try to get HeadBranch if HeadRepo exist

* impruve

* no nil error

* add TEST

* correct error msg
2020-01-31 16:13:51 -05:00
SpaWn2KiLl 1f01f53c53 API add/generalize pagination (#9452)
* paginate results

* fixed deadlock

* prevented breaking change

* updated swagger

* go fmt

* fixed find topic

* go mod tidy

* go mod vendor with go1.13.5

* fixed repo find topics

* fixed unit test

* added Limit method to Engine struct; use engine variable when provided; fixed gitignore

* use ItemsPerPage for default pagesize; fix GetWatchers, getOrgUsersByOrgID and GetStargazers; fix GetAllCommits headers; reverted some changed behaviors

* set Page value on Home route

* improved memory allocations

* fixed response headers

* removed logfiles

* fixed import order

* import order

* improved swagger

* added function to get models.ListOptions from context

* removed pagesize diff on unit test

* fixed imports

* removed unnecessary struct field

* fixed go fmt

* scoped PR

* code improvements

* code improvements

* go mod tidy

* fixed import order

* fixed commit statuses session

* fixed files headers

* fixed headers; added pagination for notifications

* go mod tidy

* go fmt

* removed Private from user search options; added setting.UI.IssuePagingNum as default valeu on repo's issues list

* Apply suggestions from code review

Co-Authored-By: 6543 <6543@obermui.de>
Co-Authored-By: zeripath <art27@cantab.net>

* fixed build error

* CI.restart()

* fixed merge conflicts resolve

* fixed conflicts resolve

* improved FindTrackedTimesOptions.ToOptions() method

* added backwards compatibility on ListReleases request; fixed issue tracked time ToSession

* fixed build error; fixed swagger template

* fixed swagger template

* fixed ListReleases backwards compatibility

* added page to user search route

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2020-01-24 14:00:29 -05:00
zeripath c5014a7f2c Add option to prevent LDAP from deactivating everything on empty search (#9879)
* Add option to prevent LDAP from deactivating everything on empty search

* Update options/locale/locale_en-US.ini

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-01-20 11:47:39 +08:00
David Svantesson 3c07d03c03 Add setting to set default and global disabled repository units. (#8788)
* Add possibility to global disable repo units.

* Add Default Repo Unit app.ini setting.

* Hide units

* Hide disabled repo units

* Minor fixes

* Indicate disabled units in team settings.

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2020-01-17 09:34:37 +02:00
Lunny Xiao 2b3e931cde Migrate reactions when migrating repository from github (#9599)
* Migrate reactions when migrating repository from github

* fix missed sleep

* fix tests

* update reactions when external user binding

* Fix test

* fix tests

* change the copy head

* fix test

* fix migrator add/delete reaction
2020-01-15 12:14:07 +01:00
Manush Dodunekov 1751d5fcf2 Restricted users (#6274)
* Restricted users (#4334): initial implementation

* Add User.IsRestricted & UI to edit it

* Pass user object instead of user id to places where IsRestricted flag matters

* Restricted users: maintain access rows for all referenced repos (incl public)

* Take logged in user & IsRestricted flag into account in org/repo listings, searches and accesses

* Add basic repo access tests for restricted users

Signed-off-by: Manush Dodunekov <manush@stendahls.se>

* Mention restricted users in the faq

Signed-off-by: Manush Dodunekov <manush@stendahls.se>

* Revert unnecessary change `.isUserPartOfOrg` -> `.IsUserPartOfOrg`

Signed-off-by: Manush Dodunekov <manush@stendahls.se>

* Remove unnecessary `org.IsOrganization()` call

Signed-off-by: Manush Dodunekov <manush@stendahls.se>

* Revert to an `int64` keyed `accessMap`

* Add type `userAccess`
* Add convenience func updateUserAccess()
* Turn accessMap into a `map[int64]userAccess`

Signed-off-by: Manush Dodunekov <manush@stendahls.se>

* or even better: `map[int64]*userAccess`

* updateUserAccess(): use tighter syntax as suggested by lafriks

* even tighter

* Avoid extra loop

* Don't disclose limited orgs to unauthenticated users

* Don't assume block only applies to orgs

* Use an array of `VisibleType` for filtering

* fix yet another thinko

* Ok - no need for u

* Revert "Ok - no need for u"

This reverts commit 5c3e886aabd5acd997a3b35687d322439732c200.

Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-01-13 18:33:46 +01:00
6543 10055bd2b1 [API] add GET /orgs endpoint (#9560)
* introduce `GET /orgs`

* add TEST

* show also other VisibleType's

* update description

* refactor a lot

* SearchUserOptions by default return only public
2020-01-12 23:43:44 +08:00
zeripath eadb45e891 Restore IsPasswordSet previous value (#9682) 2020-01-11 18:50:05 +08:00
David Svantesson 03d59bcd1d Fix access issues on milestone and issue overview pages. (#9603)
* Fix access issues on milestone and issue overview pages.

* Fix filter algorithm
2020-01-04 20:23:29 -05:00
6543 c620eb5b2d Fix #9189 - API Allow only specific Colums to be updated on Issue (#9539)
* dont insert "-1" in any case to issue.poster_id

* Make sure API cant override importand fields

* code format

* fix lint

* WIP test

* add missing poster_id

* fix test

* user.IsGhost handle nil

* CI.restart()

* make sure no -1 is realy added

* CI.restart()

* @lunny suggestion remove some not allowed fields

* seperate issue.LoadMilestone

* load milestone and return it on IssueEdit via API

* extend Test for TestAPIEditIssue

* fix fixtures

* declare allowedColumnsUpdateIssueByAPI only once

* Update Year

* no var just write id drecty into func cal

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-01-01 17:51:10 -05:00
Masudur Rahman e3a5b83212 Fix user avatar name (#8547)
Migrate avatar names to include user ID and the md5 hash.
2019-12-27 18:27:59 +00:00
zeripath e3c3b33ea7
Graceful: Xorm, RepoIndexer, Cron and Others (#9282)
* Change graceful to use a singleton obtained through GetManager instead of a global.
* Graceful: Make TestPullRequests shutdownable
* Graceful: Make the cron tasks graceful
* Graceful: AddTestPullRequest run in graceful ctx
* Graceful: SyncMirrors shutdown
* Graceful: SetDefaultContext for Xorm to be HammerContext
* Avoid starting graceful for migrate commands and checkout
* Graceful: DeliverHooks now can be shutdown
* Fix multiple syncing errors in modules/sync/UniqueQueue &  Make UniqueQueue closable
* Begin the process of making the repo indexer shutdown gracefully
2019-12-15 09:51:28 +00:00
Antoine GIRARD f128e06ea6 fix: add search to reserved usernames (#9063)
* fix: add search to reserved usernames

* Update integrations/user_test.go

Co-Authored-By: 6543 <24977596+6543@users.noreply.github.com>
2019-11-18 15:03:25 -05:00
guillep2k 08ae6bb7ed Rewrite delivery of issue and comment mails (#9009)
* Mail issue subscribers, rework the function

* Simplify a little more

* Fix unused variable

* Refactor mail delivery to avoid heavy load on server

* Avoid splitting into too many goroutines

* Fix comments and optimize GetMaileableUsersByIDs()

* Fix return on errors
2019-11-18 08:08:20 +00:00
guillep2k 01a4a7cb14 Auto-subscribe user to repository when they commit/tag to it (#7657)
* Add support for AUTO_WATCH_ON_CHANGES and AUTO_WATCH_ON_CLONE

* Update models/repo_watch.go

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Round up changes suggested by lafriks

* Added changes suggested from automated tests

* Updated deleteUser to take RepoWatchModeDont into account, corrected inverted DefaultWatchOnClone and DefaultWatchOnChanges behaviour, updated and added tests.

* Reinsert import "github.com/Unknwon/com" on http.go

* Add migration for new column `watch`.`mode`

* Remove serv code

* Remove WATCH_ON_CLONE; use hooks, add integrations

* Renamed watch_test.go to repo_watch_test.go

* Correct fmt

* Add missing EOL

* Correct name of test function

* Reword cheat and ini descriptions

* Add update to migration to ensure column value

* Clarify comment

Co-Authored-By: zeripath <art27@cantab.net>

* Simplify if condition
2019-11-10 09:22:19 +00:00
David Svantesson 6aa3f8bc29 Mail assignee when issue/pull request is assigned (#8546)
* Send email to assigned user

* Only send mail if enabled

* Mail also when assigned through API

* Need to refactor functions from models to issue service

* Refer to issue index rather than ID

* Disable email notifications completly at initalization if global disable

* Check of user enbled mail shall be in mail notification function only

* Initialize notifications from routers init function.

* Use the assigned comment when sending assigned mail

* Refactor so that assignees always added as separate step when new issue/pr.

* Check error from AddAssignees

* Check if user can be assiged to issue or pull request

* Missing return

* Refactor of CanBeAssigned check.

CanBeAssigned shall have same check as UI.

* Clarify function names (toggle rather than update/change), and clean up.

* Fix review comments.

* Flash error if assignees was not added when creating issue/pr

* Generate error if assignee users doesn't exist
2019-10-25 22:46:37 +08:00
Lunny Xiao 945f121262
Fix bug on pull requests when transfer head repository (#8564)
* fix bug on pull requests when transfer head repository

* add migration and fix lint

* fix tests and add a cache check on LoadBaseRepo
2019-10-18 19:13:31 +08:00
Lunny Xiao d151503d34 Upgrade xorm to v0.8.0 (#8536) 2019-10-17 11:26:49 +02:00
Lunny Xiao 170743c8a0 Revert "Fix issues/pr list broken when there are many repositories (#8409)" (#8427)
This reverts commit 78438d310b.
2019-10-08 20:55:16 +03:00
Lunny Xiao 78438d310b
Fix issues/pr list broken when there are many repositories (#8409)
* fix issues/pr list broken when there are many repositories

* remove unused codes

* fix counting error on issues/prs

* keep the old logic

* fix panic

* fix tests
2019-10-08 10:57:41 +08:00
Sandro Santilli d958b9db4f Alwaywas return local url for users avatar (#8245)
* Always return local url for users avatar

Avoids having to wait for DNS lookups when libravatar is activated
fixing #6046

* Avoid double slash in avatar link

* Move avatar route to the correct place
2019-09-26 12:21:23 -04:00
Sandro Santilli 3dd1cee331 Test more reserved usernames (#8263)
* Test more reserved usernames

* Add more reserved usernames, sort them

* Reserve "attachments" username (is a used route)

* It's "avatars" being reserved, not "avatar"
2019-09-24 13:12:56 -04:00
David Svantesson a0e88dfc2e Add teams to repo on collaboration page. (#8045)
* Add teams to repo on collaboration page.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add option for repository admins to change teams access to repo.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add comment for functions

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Make RepoAdminChangeTeamAccess default false in xorm and make it default checked in template instead.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Make proper language strings and fix error redirection.

* Add unit tests for adding and deleting team from repository.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add database migration

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix redirect

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix locale string mismatch.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Move team access mode text logic to template.

* Move collaborator access mode text logic to template.
2019-09-23 23:08:03 +03:00
Gary Kim f1c414882c Add Ability for User to Customize Email Notification Frequency (#7813)
* Add Backend Logic for Toggling Email Notification

This commit adds the backend logic for
allowing users to enable or disable email
notifications. The implementation ensures
that only issue notification emails get disabled
and important emails are still sent regardless
of the setting.

The UI to toggle this setting has not yet been
implemented.

* Add UI and complete user email notification enable

This commit completes the functionality to allow
users to disable their own email notifications.

Signed-off-by: Gary Kim <gary@garykim.dev>

* Add Third Option for Only Email on Mention

Signed-off-by: Gary Kim <gary@garykim.dev>

* Readd NOT NULL to new preference string

Signed-off-by: Gary Kim <gary@garykim.dev>

* Add Tests and Rewrite Comment

Signed-off-by: Gary Kim <gary@garykim.dev>

* Allow admin to set default email frequency

Signed-off-by: Gary Kim <gary@garykim.dev>

* Add new config option to docs

Signed-off-by: Gary Kim <gary@garykim.dev>

* Fix a few mistakes

Signed-off-by: Gary Kim <gary@garykim.dev>

* Only update required columns

Signed-off-by: Gary Kim <gary@garykim.dev>

* Simplify an error check

Signed-off-by: Gary Kim <gary@garykim.dev>

* Make email_notification_preference column in DB be VARCHAR(20)

Signed-off-by: Gary Kim <gary@garykim.dev>

* Handle errors

Signed-off-by: Gary Kim <gary@garykim.dev>

* Update models/migrations/v93.go

Co-Authored-By: Lauris BH <lauris@nix.lv>
2019-08-29 17:05:42 +03:00
David Svantesson 8c24bb9e43 Abort syncrhonization from LDAP source if there is some error. (#7960)
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
2019-08-24 21:53:37 +03:00
Lunny Xiao f83db078f0 Move database settings from models to setting (#7806)
* move database settings from models to setting

* update docs

* fix checkout pr

* fix tests

* fix lint

* remove unsupported tidb options

* correct wrong variable name

* remove tidb totally
2019-08-24 11:24:45 +02:00
Tamal Saha 171b359877 Use gitea forked macaron (#7933)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-08-23 12:40:29 -04:00
Lunny Xiao 85202d4784
Display ui time with customize time location (#7792)
* display ui time with customize time location

* fix lint

* rename UILocation to DefaultUILocation

* move time related functions to modules/timeutil

* fix tests

* fix tests

* fix build

* fix swagger
2019-08-15 22:46:21 +08:00
Lunny Xiao 5b902e2368 add pagination for admin api get orgs and fix only list public orgs bug (#7742) 2019-08-04 14:33:36 -04:00
Antoine GIRARD 76408d50fb org/members: display 2FA members states + optimize sql requests (#7621)
* org/members: display 2FA state

* fix comment typo

* lay down UserList bases

* add basic test for previous methods

* add comment for UserList type

* add valid two-fa account

* test new UserList methods

* optimize MembersIsPublic by side loading info on GetMembers + fix integrations tests

* respect fmt rules

* use map for data

* Optimize GetTwoFaStatus

* rewrite by using existing sub func

* Optimize IsUserOrgOwner

* remove un-used code

* tests: cover empty org + fix import order

* tests: add ErrTeamNotExist path

* tests: fix wrong expected result
2019-08-02 12:06:27 -04:00
renothing cbf231a675 fix wrong email when use gitea as OAuth2 provider (#7640)
when you use gitea as OAuth2 provider, the /api/v1/user should return
user primary email as identifier, which is unique in OAuth2 clients.

this patch use convert.ToUser replace all u.APIFormat in api requests,
return primary email when caller is yourself or admin.
2019-07-27 16:15:30 +03:00
Andreas Shimokawa cdaf9a5ef5 reserve .well-known username (#7637) 2019-07-26 16:06:21 -04:00
Lunny Xiao d2958d9f46 Move status table to cron package (#7370) 2019-07-15 20:13:03 -04:00
EpicCoder 8d9d6aa903 Add additional password hash algorithms (closes #5859) (#6023) 2019-07-07 02:01:01 -04:00
Lunny Xiao aa7c34cf86 Fix error log when loading issues caused by a xorm bug (#7271)
* fix error log when loading issues caused by a xorm bug

* upgrade packages

* fix fmt

* fix Consistency

* fix tests
2019-06-23 18:22:43 +03:00
zeripath cf2221e3ac Add LastLogin to the User API (#7196) 2019-06-15 23:28:32 -04:00
kolaente f9ec2f89f2 Add golangci (#6418) 2019-06-12 15:41:28 -04:00
zeripath bd55f6ff36
Detect noreply email address as user (#7133) 2019-06-06 06:54:25 +01:00
Bo-Yi Wu 743697a549
refactor: append, build variable and type switch (#4940)
* refactor: append, build variable and type switch

* fix: remove redundant space.
2019-05-28 23:45:54 +08:00
Rob Watson df2557835b Improve handling of non-square avatars (#7025)
* Crop avatar before resizing (#1268)

Signed-off-by: Rob Watson <rfwatson@users.noreply.github.com>

* Fix spelling error

Signed-off-by: Rob Watson <rfwatson@users.noreply.github.com>
2019-05-25 14:46:14 +03:00
jpicht 8cd4c2242c Fix default for allowing new organization creation for new users (#7017)
Fixed #6542

When creating users DefaultAllowCreateOrganization was ignored.

Signed-off-by: Julian Picht <julian.picht@gmail.com>

* fix TestCreateUser_Issue5882

Signed-off-by: Julian Picht <julian.picht@gmail.com>
2019-05-24 19:40:45 +03:00
zeripath ce8de35334 Remove local clones & make hooks run on merge/edit/upload (#6672)
* Add options to git.Clone to make it more capable

* Begin the process of removing the local copy and tidy up

* Remove Wiki LocalCopy Checkouts

* Remove the last LocalRepo helpers

* Remove WithTemporaryFile

* Enable push-hooks for these routes

* Ensure tests cope with hooks

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove Repository.LocalCopyPath()

* Move temporary repo to use the standard temporary path

* Fix the tests

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove LocalWikiPath

* Fix missing remove

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Use AppURL for Oauth user link (#6894)

* Use AppURL for Oauth user link

Fix #6843

* Update oauth.go

* Update oauth.go

* internal/ssh: ignore env command totally (#6825)

* ssh: ignore env command totally

* Remove commented code 

Needed fix described in issue #6889

* Escape the commit message on issues update and title in telegram hook (#6901)

* update sdk to latest (#6903)

* improve description of branch protection (fix #6886) (#6906)

The branch protection description text were not quite accurate.

* Fix logging documentation (#6904)

* ENABLE_MACARON_REDIRECT should be REDIRECT_MACARON_LOG

* Allow DISABLE_ROUTER_LOG to be set in the [log] section

* [skip ci] Updated translations via Crowdin

* Move sdk structs to modules/structs (#6905)

* move sdk structs to moduels/structs

* fix tests

* fix fmt

* fix swagger

* fix vendor
2019-05-11 11:29:17 -04:00
Lunny Xiao 34eee25bd4
Move sdk structs to modules/structs (#6905)
* move sdk structs to moduels/structs

* fix tests

* fix fmt

* fix swagger

* fix vendor
2019-05-11 18:21:34 +08:00
Wim 4508380cf7 Show full name if DefaultShowFullName setting activated (#6710)
Adds a new key DEFAULT_SHOW_FULL_NAME (default false) to the [ui] section.
If enabled the full name will be shown (unless it's empty, then
the default username will be used)
2019-05-08 11:41:35 +03:00
Lukas Prettenthaler 81059a2567 LDAP: ignore already existing public keys after ldap sync (#6766)
* fix type in public key exist error, only log trace for ldap public key import if existing

Signed-off-by: Lukas Prettenthaler <lukas@noenv.com>

* cleanup switch statement

Signed-off-by: Lukas Prettenthaler <lukas@noenv.com>

* replace switch with if, fix log formatting

Signed-off-by: Lukas Prettenthaler <lukas@noenv.com>

* fix formatting

Signed-off-by: Lukas Prettenthaler <lukas@noenv.com>
2019-04-26 18:01:54 +03:00
Lunny Xiao 199faadea3 Fix org visibility bug when git cloning (#6743)
* fix org visibility bug

* fix permission check

* add integration tests

* fix tests

* change test user name for easier maintainance and fix test

* fix test git repo name
2019-04-25 21:59:10 +03:00
zeripath be666b03ee Trace Logging on Permission Denied & ColorFormat (#6618)
* Add log.ColorFormat and log.ColorFormatted

Structs can now implement log.ColorFormatted to provide their own
colored format when logged with `%-v` or additional flags.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add basic ColorFormat to repository and user

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add basic ColorFormat to access and unit

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add ColorFormat to permission and on trace log it

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add log.NewColoredIDValue to make ID value coloring consistent

Signed-off-by: Andrew Thornton <art27@cantab.net>

* formatting changes

* Add some better tracing to permission denied for read issues/pulls

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add Trace logging on permission denied

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove isTrace() check from deferred func

* Adjust repo and allow logging of team

* use FormatInt instead of Itoa

* Add blank line

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update access.go
2019-04-22 23:40:51 +03:00
Antoine GIRARD d699de32f2 add .gpg url (match github behaviour) (#6610)
* add .gpg url (match github behaviour)

* wildcard

* test to export maximum data

* working POC

* add comment for old imported keys

* cleaning

* Update routers/user/profile.go

Co-Authored-By: sapk <sapk@users.noreply.github.com>

* add migration script

* add integration tests
2019-04-14 12:43:56 -04:00
zeripath 704da08fdc
Better logging (#6038) (#6095)
* Panic don't fatal on create new logger

Fixes #5854

Signed-off-by: Andrew Thornton <art27@cantab.net>

* partial broken

* Update the logging infrastrcture

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Reset the skip levels for Fatal and Error

Signed-off-by: Andrew Thornton <art27@cantab.net>

* broken ncsa

* More log.Error fixes

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove nal

* set log-levels to lowercase

* Make console_test test all levels

* switch to lowercased levels

* OK now working

* Fix vetting issues

* Fix lint

* Fix tests

* change default logging to match current gitea

* Improve log testing

Signed-off-by: Andrew Thornton <art27@cantab.net>

* reset error skip levels to 0

* Update documentation and access logger configuration

* Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE

* Fix broken level caching

* Refactor the router log

* Add Router logger

* Add colorizing options

* Adjust router colors

* Only create logger if they will be used

* update app.ini.sample

* rename Attribute ColorAttribute

* Change from white to green for function

* Set fatal/error levels

* Restore initial trace logger

* Fix Trace arguments in modules/auth/auth.go

* Properly handle XORMLogger

* Improve admin/config page

* fix fmt

* Add auto-compression of old logs

* Update error log levels

* Remove the unnecessary skip argument from Error, Fatal and Critical

* Add stacktrace support

* Fix tests

* Remove x/sync from vendors?

* Add stderr option to console logger

* Use filepath.ToSlash to protect against Windows in tests

* Remove prefixed underscores from names in colors.go

* Remove not implemented database logger

This was removed from Gogs on 4 Mar 2016 but left in the configuration
since then.

* Ensure that log paths are relative to ROOT_PATH

* use path.Join

* rename jsonConfig to logConfig

* Rename "config" to "jsonConfig" to make it clearer

* Requested changes

* Requested changes: XormLogger

* Try to color the windows terminal

If successful default to colorizing the console logs

* fixup

* Colorize initially too

* update vendor

* Colorize logs on default and remove if this is not a colorizing logger

* Fix documentation

* fix test

* Use go-isatty to detect if on windows we are on msys or cygwin

* Fix spelling mistake

* Add missing vendors

* More changes

* Rationalise the ANSI writer protection

* Adjust colors on advice from @0x5c

* Make Flags a comma separated list

* Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING

* Ensure matching is done on the non-colored message - to simpify EXPRESSION
2019-04-02 08:48:31 +01:00
Lunny Xiao d578b71d61
move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364)
* move code.gitea.io/git to code.gitea.io/gitea/modules/git

* fix imports

* fix fmt

* fix misspell

* remove wrong tests data

* fix unit tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* enable Debug to trace the failure tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* comment commit count tests since git clone depth is 50

* fix tests

* update from code.gitea.io/git

* revert change to makefile
2019-03-27 17:33:00 +08:00
techknowlogick d1c982cb73
Add bio field for user (#6113)
Fix #4339
2019-03-18 22:28:10 -04:00
Jonas Franz e777c6bdc6 Integrate OAuth2 Provider (#5378) 2019-03-08 11:42:50 -05:00
techknowlogick 9fd8b2621f
Add robots.txt as reserved username (#6272)
Fix #6271
2019-03-07 16:30:25 -05:00
Lanre Adelowo 141c58f5a6 add isAdmin to user model (#6231)
update vendor and add tests

fix swagger
2019-03-03 17:57:24 -05:00
tklein23 525f03306f Add "ghost" and "notifications" to list of reserved user names. (#6208) 2019-02-27 19:04:44 -05:00
John Olheiser 994b1be9d1 Admins can now do unlimited page size user search (listAllUsers & listAllOrgs) (#6143)
Non-admins will default to 10 page size
2019-02-21 15:42:54 -05:00
Rémy Boulanouar 64ce159a6e Allow to set organization visibility (public, internal, private) (#1763) 2019-02-18 18:00:27 +02:00
zeripath cc48c12d8f Fix empty ssh key importing in ldap (#5984) 2019-02-06 21:38:28 -05:00
Lanre Adelowo 6dc2f401c9 Don't discard the value of DISABLE_REGULAR_ORG_CREATION (#5886)
* Consider the configuration value of DISABLE_REGULAR_ORG_CREATION when
creating a user
2019-01-30 12:04:14 -05:00
zeripath 44371b96f5 Ensure valid git author names passed in signatures (#5774)
* Ensure valid git author names passed in signatures

Fix #5772 - Git author names are not allowed to include `\n` `<` or `>` and
must not be empty. Ensure that the name passed in a signature is valid.

* Account for pathologically named external users

LDAP and the like usernames are not checked in the same way that users who signup are.
Therefore just ensure that user names are also git safe and if totally pathological -
Set them to "user-$UID"

* Add Tests and adjust test users

Make our testcases a little more pathological so that we be sure that integration
tests have a chance to spot these cases.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-24 16:12:17 +02:00
Shashvat Kedia 1b90692844 New API routes added (#5594)
* New API routes added

* Comments added

* Build fix

* swagger_v1_json.tmpl without new line character

* Typo fix

* Code review changes

* Code review changes

* Add copyright

* Add copyright

* Add copyright

* Update per @lafriks feedback

* Update org.go

* Update user.go

* Update user.go

* make fmt
2019-01-23 17:30:19 -05:00
Lanre Adelowo 8d2c24f7f9 Allow for user specific themes (#5668)
* add migration and basic UI for changing a user's theme

* update user themem

* use right text on button

* load theme based on users' selection

* load theme based on users' selection in pwa too

* update sample config

* delete older theme loading

* implement AfterLoad to set users' theme properly

* set up default theme when creating a user. This uses the installation wide theme

* use flash messages for error

* set default theme when creating a user from the cli

* fix @lunny review
2019-01-09 12:22:57 -05:00
zeripath 8bb0a6f425 Synchronize SSH keys on login with LDAP + Fix SQLite deadlock on ldap ssh key deletion (#5557)
* Synchronize SSH keys on login with LDAP

* BUG: Fix hang on sqlite during LDAP key deletion
2018-12-27 12:28:48 -05:00
Lunny Xiao fe55ab2a68 fix forgot removed records when deleting user (#5429)
* fix forgot removed records when deleting user

* fix migration

* fix rewritekey lock on sqlite

* remove unused codes
2018-12-18 11:26:26 -05:00
Lunny Xiao eabbddcd98
Restrict permission check on repositories and fix some problems (#5314)
* fix units permission problems

* fix some bugs and merge LoadUnits to repoAssignment

* refactor permission struct and add some copyright heads

* remove unused codes

* fix routes units check

* improve permission check

* add unit tests for permission

* fix typo

* fix tests

* fix some routes

* fix api permission check

* improve permission check

* fix some permission check

* fix tests

* fix tests

* improve some permission check

* fix some permission check

* refactor AccessLevel

* fix bug

* fix tests

* fix tests

* fix tests

* fix AccessLevel

* rename CanAccess

* fix tests

* fix comment

* fix bug

* add missing unit for test repos

* fix bug

* rename some functions

* fix routes check
2018-11-28 19:26:14 +08:00
Stanislav 078c404c3b Prometheus endpoint (#5256)
* Add prometheus collector and route

* dep ensure -add github.com/prometheus/client_golang/prometheus

* dep ensure -update github.com/golang/protobuf

* add metrics to reserved usernames

* add comment head in metrics package

* fix style imports

* add metrics settings

* add bearer token check

* mapping metrics configs

* fix lint

* update config cheat sheet

* update conf sample, typo fix
2018-11-04 22:20:00 -05:00
Jerry Jacobs 22ad514297 Fix issue where ecdsa and other key types are not synced from LDAP (#5092) (#5094)
* Fix issue where ecdsa and other key types are not synced from LDAP authentication provider fixes #5092

* integrations/auth_ldap_test.go: Add Hermes Conrad new ecdsa-sha2-nistp256 publickey fingerprint

* integrations/auth_ldap_test.go: Use ssh-keygen -lf <filename> -E sha256
2018-10-30 20:08:30 -04:00