Commit Graph

257 Commits

Author SHA1 Message Date
Antoine GIRARD f9d34b2c60
vendor: update github.com/yuin/goldmark to v1.1.24 (#10551) 2020-03-01 15:01:44 +02:00
6543 15c7738b3a
goldmark v1.1.19 -> v1.1.23 (#10519)
vendor update
2020-02-28 13:06:10 +00:00
6543 8d2059a201
update: macaron cores,gzip,session (#10522)
Co-authored-by: zeripath <art27@cantab.net>
2020-02-28 10:51:18 +01:00
oscar.lofwenhamn 0eeee9c721
Update markbates/goth (#10444)
- Fixes a JWT decoding issue in the OpenID provider
- Updates the GitHub provider to use the authorization header for authentication
- Updates the Twitch provider for Twitch's v5 API changes
- Adds the email and is_private_email fields to the Apple provider's GetUser implementation
- Modifies gothic to export a non-collidable context key for setting the Provider in a context.Context
- Adds new scopes to the Spotify provider
- Adds the IDToken from OpenID providers on the user struct
- Make Apple provider's SecretParams public
- Adds support for sign in with Apple, and drops support for Go versions 1.7 and 1.8
- Fixes the Slack provider's FetchURL logic to use the appropriate scope for the info it needs
Signed-off-by: Oscar LÃfwenhamn <oscar.lofwenhamn@cgi.com>
2020-02-24 12:08:43 -05:00
Lauris BH 3c45cf8494
Add detected file language to code search (#10256)
Move langauge detection to separate module to be more reusable

Add option to disable vendored file exclusion from file search

Allways show all language stats for search
2020-02-20 16:53:55 -03:00
Lunny Xiao 5dbf36f356
Issue search support elasticsearch (#9428)
* Issue search support elasticsearch

* Fix lint

* Add indexer name on app.ini

* add a warnning on SearchIssuesByKeyword

* improve code
2020-02-13 14:06:17 +08:00
6543 bfd62b6f01
update vendor keybase/go-crypto (#10234) 2020-02-11 20:58:23 +02:00
Lauris BH ad2642a8aa
Language statistics bar for repositories (#8037)
* Implementation for calculating language statistics

Impement saving code language statistics to database

Implement rendering langauge stats

Add primary laguage to show in repository list

Implement repository stats indexer queue

Add indexer test

Refactor to use queue module

* Do not timeout for queues
2020-02-11 11:34:17 +02:00
Lauris BH 20c513be6e
Show download count info in release list (#10124)
* Show download count info in release list

* Use go-humanize
2020-02-03 21:50:37 +02:00
John Olheiser 28216bde46 More expansions in template repositories (#10021)
* Super expansion
* Explain which features are in 1.11 vs 1.12
* Move imports

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-01-28 13:57:15 +00:00
Damien Cassou c6a32ddb47 Update go-org to 0.1.9 (#9782)
* Update go-org to 0.1.9

What I did to generate this commit:

$ go get github.com/niklasfasching/go-org

* make vendor
2020-01-16 09:27:41 +01:00
zeripath 27757714d0 Change markdown rendering from blackfriday to goldmark (#9533)
* Move to goldmark

Markdown rendering moved from blackfriday to the goldmark.

Multiple subtle changes required to the goldmark extensions to keep
current rendering and defaults.

Can go further with goldmark linkify and have this work within markdown
rendering making the link processor unnecessary.

Need to think about how to go about allowing extensions - at present it
seems that these would be hard to do without recompilation.

* linter fixes

Co-authored-by: Lauris BH <lauris@nix.lv>
2019-12-31 03:53:28 +02:00
6543 599c0ee75f go-mssqldb UPDATE (#9522) 2019-12-28 17:14:38 +00:00
Antoine GIRARD 559fb6ccf0 chore: update github.com/couchbase/gomemcached and github.com/couchbase/go-couchbase (#9419) 2019-12-18 21:03:26 -05:00
6543 90057ca27e [Vendor Update] go-swagger v0.20.1 -> v0.21.0 (#9410)
* Update go-swagger v0.20.1 -> v0.21.0

* go mod tidy
2019-12-18 16:05:30 +01:00
Antoine GIRARD 81a52442a1 deps: update and fix chardet import (#9351) 2019-12-14 02:15:48 +02:00
Lunny Xiao 3bdce82ce9
upgrade levelqueue to 0.1.0 (#9192) 2019-11-28 23:37:33 +08:00
Mura Li 9591185c8f Upgrade blevesearch to v0.8.1 (#9177)
For #1441

a91b427b59
2019-11-27 11:23:33 +02:00
QuaSoft 7b4d2f7a2a Add single sign-on support via SSPI on Windows (#8463)
* Add single sign-on support via SSPI on Windows

* Ensure plugins implement interface

* Ensure plugins implement interface

* Move functions used only by the SSPI auth method to sspi_windows.go

* Field SSPISeparatorReplacement of AuthenticationForm should not be required via binding, as binding will insist the field is non-empty even if another login type is selected

* Fix breaking of oauth authentication on download links. Do not create new session with SSPI authentication on download links.

* Update documentation for the new 'SPNEGO with SSPI' login source

* Mention in documentation that ROOT_URL should contain the FQDN of the server

* Make sure that Contexter is not checking for active login sources when the ORM engine is not initialized (eg. when installing)

* Always initialize and free SSO methods, even if they are not enabled, as a method can be activated while the app is running (from Authentication sources)

* Add option in SSPIConfig for removing of domains from logon names

* Update helper text for StripDomainNames option

* Make sure handleSignIn() is called after a new user object is created by SSPI auth method

* Remove default value from text of form field helper

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Remove default value from text of form field helper

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Remove default value from text of form field helper

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Only make a query to the DB to check if SSPI is enabled on handlers that need that information for templates

* Remove code duplication

* Log errors in ActiveLoginSources

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Revert suffix of randomly generated E-mails for Reverse proxy authentication

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Revert unneeded white-space change in template

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Add copyright comments at the top of new files

* Use loopback name for randomly generated emails

* Add locale tag for the SSPISeparatorReplacement field with proper casing

* Revert casing of SSPISeparatorReplacement field in locale file, moving it up, next to other form fields

* Update docs/content/doc/features/authentication.en-us.md

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Remove Priority() method and define the order in which SSO auth methods should be executed in one place

* Log authenticated username only if it's not empty

* Rephrase helper text for automatic creation of users

* Return error if more than one active SSPI auth source is found

* Change newUser() function to return error, letting caller log/handle the error

* Move isPublicResource, isPublicPage and handleSignIn functions outside SSPI auth method to allow other SSO methods to reuse them if needed

* Refactor initialization of the list containing SSO auth methods

* Validate SSPI settings on POST

* Change SSPI to only perform authentication on its own login page, API paths and download links. Leave Toggle middleware to redirect non authenticated users to login page

* Make 'Default language' in SSPI config empty, unless changed by admin

* Show error if admin tries to add a second authentication source of type SSPI

* Simplify declaration of global variable

* Rebuild gitgraph.js on Linux

* Make sure config values containing only whitespace are not accepted
2019-11-23 01:33:31 +02:00
Lunny Xiao 9ff6312627
Move modules/gzip to gitea.com/macaron/gzip (#9058)
* Move modules/gzip to gitea.com/macaron/gzip

* Fix vendor
2019-11-18 13:18:33 +08:00
Lauris BH 05e7715c4b Update go-org to optimize code (#8824) 2019-11-05 16:39:03 +08:00
Lauris BH 086a46994a Rewrite markdown rendering to blackfriday v2 and rewrite orgmode rendering to go-org (#8560)
* Rewrite markdown rendering to blackfriday v2.0

* Fix style

* Fix go mod with golang 1.13

* Fix blackfriday v2 import

* Inital orgmode renderer migration to go-org

* Vendor go-org dependency

* Ignore errors :/

* Update go-org to latest version

* Update test

* Fix go-org test

* Remove unneeded code

* Fix comments

* Fix markdown test

* Fix blackfriday regression rendering HTML block
2019-10-31 01:06:25 +00:00
Lunny Xiao d151503d34 Upgrade xorm to v0.8.0 (#8536) 2019-10-17 11:26:49 +02:00
Colin Arnott 66e99d722a upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 (#8501)
editorconfig-core-go made breaking api changes and has recently released
v2.1.1. This change consumes the new api and fixes up any breaking
references.
2019-10-15 22:24:16 +01:00
zeripath 167e8f18da
Restore Graceful Restarting & Socket Activation (#7274)
* Prevent deadlock in indexer initialisation during graceful restart

* Move from gracehttp to our own service to add graceful ssh

* Add timeout for start of indexers and make hammer time configurable

* Fix issue with re-initialization in indexer during tests

* move the code to detect use of closed to graceful

* Handle logs gracefully - add a pid suffix just before restart

* Move to using a cond and a holder for indexers

* use time.Since

* Add some comments and attribution

* update modules.txt

* Use zero to disable timeout

* Move RestartProcess to its own file

* Add cleanup routine
2019-10-15 14:39:51 +01:00
Lunny Xiao c9f819eae0 Upgrade xorm to v0.7.9 to fix some bugs (#8354)
* upgrade xorm to v0.7.9 to fix some bugs

* upgrade xormstore to v1.3.1
2019-10-02 16:47:20 -04:00
Antoine GIRARD 149758c912
Update to github.com/lafriks/xormstore@v1.3.0 (#8317) 2019-10-02 02:32:12 +02:00
Lunny Xiao aa9a99cf5f
Upgrade xorm to latest to fix insert issue bug (#8309)
* upgrade xorm to latest to fix insert issue bug

* add newissue unit tests

* update xorm version

* fix tests
2019-09-29 20:52:39 +08:00
John Olheiser f8882f4fa9 Update xorm (#8286)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-09-25 22:02:54 +03:00
Lunny Xiao 29dda47cbb
Fix label count (#8267)
* fix label count

* fix vendor

* fix import order

* update xorm to fix bug

* fix tests

* fix mssql bug
2019-09-24 21:22:39 +08:00
techknowlogick 7a8e299c7c migrate gplus to google oauth2 provider (#7885)
* migrate gplus to google oauth2 provider. this still provides support for old gplus connections.

* Update models/oauth2.go

Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>

* make vendor
2019-09-14 12:02:39 +02:00
techknowlogick 2837563147
oauth2 with remote Gitea - Fix #8093 (#8149) 2019-09-12 22:15:36 -04:00
techknowlogick 3f5cdfe359 use go 1.13 (#8088)
* use go 1.13

* use go 1.13 in gomod file

* Update Makefile

* update swagger deps
2019-09-12 14:58:32 +03:00
WGH 6ddd3b0b47 Implement webhook branch filter (#7791)
* Fix validate() function to handle errors in embedded anon structs

* Implement webhook branch filter

See #2025, #3998.
2019-09-09 08:48:21 +03:00
Antoine GIRARD 9fe4437bda Use vendored go-swagger (#8087)
* Use vendored go-swagger

* vendor go-swagger

* revert un wanteed change

* remove un-needed GO111MODULE

* Update Makefile

Co-Authored-By: techknowlogick <matti@mdranta.net>
2019-09-04 22:53:54 +03:00
Antoine GIRARD 187ae109d0 Update to mod enabled version goquery (#8021)
* update to mod enabled version goquery

* manually set appengine new release
2019-08-29 11:18:42 +08:00
guillep2k cedb285e25 Update github.com/lafriks/xormstore and tidy up mod.go (#8020) 2019-08-28 23:17:14 +02:00
Antoine GIRARD 256b178176
Update swagger to 0.20.1 (#8010)
* update swagger to 0.20.1

* fiw swagger version for validate
2019-08-28 08:55:22 +02:00
guillep2k 5fe2ec264f Retry create issue to cope with duplicate keys (#7898)
* Retry create issue to cope with duplicate keys

* Use  .SetExpr().Where().Insert()
2019-08-26 22:17:23 -04:00
Tamal Saha 171b359877 Use gitea forked macaron (#7933)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-08-23 12:40:29 -04:00
guillep2k 5661773018 Remove unique filter from repo indexer analyzer. (#7878)
* Remove unique filter from repo indexer analyzer.

* Bump repoIndexerLatestVersion to 4

* Corrrect fmt

* make vendor to remove unique dependency
2019-08-15 23:38:55 +08:00
guillep2k 2594693a46 Remove camel case tokenization from repo indexer (#7733)
* Make repository indexer tokenize by camel case selectable

* Revert "Make repository indexer tokenize by camel case selectable"

This reverts commit a8d4e40af56ffeab9c040a13e01b9e0d5487bd3b.

* Remove app.ini setting, permanently remove camel case tokenizer

* Increase repoIndexerLatestVersion to force indexes to be rebuilt

* Changes introduced by the commmand make vendor
2019-08-06 07:38:16 +03:00
Antoine GIRARD a9b4c8171f Update src-d/go-git to v4.13.0 (#7688)
* update gopkg.in/src-d/go-git.v4 v4.13.0

* mod tidy

* vendor
2019-07-31 12:45:42 -04:00
zeripath 78e5317242
Update to latest mssqldriver (#7613)
* New driver does not tolerate USE - handle this by closing db and reopening db in the new dbname
2019-07-26 05:10:20 +01:00
Tamal Saha 5efd3630bc Update to xorm@v0.7.4 (#7596)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-07-25 00:39:14 +03:00
Lunny Xiao d2958d9f46 Move status table to cron package (#7370) 2019-07-15 20:13:03 -04:00
Tamal Saha 2102f9d92d Support setting cookie domain (#6288)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-07-12 09:57:31 -04:00
Lunny Xiao b84a251fca
upgrade macaron/captcha to fix random error problem (#7407) 2019-07-10 13:26:42 +08:00
techknowlogick d0ec940dd7
switch to use gliderlabs/ssh for builtin server (#7250)
resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash)

Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
2019-07-06 21:28:09 -04:00
Cherrg 86750325c7 workaround broken drone build (#7362)
* workaround broken swagger

only master brach is not working, latest release seems to work

Signed-off-by: Michael Gnehr <michael@gnehr.de>

* make vendor

Signed-off-by: Michael Gnehr <michael@gnehr.de>

* Don't export GO111MODULE

* set go-swagger to fixed release version

mentioned here: https://github.com/go-gitea/gitea/pull/7362#discussion_r300831537

Signed-off-by: Michael Gnehr <michael@gnehr.de>
2019-07-06 16:16:43 +01:00
Antoine GIRARD 1e46eedce7 update mssql drive to last working version 20180314172330-6a30f4e59a44 (#7306) 2019-06-30 11:28:17 +08:00
Lunny Xiao aa7c34cf86 Fix error log when loading issues caused by a xorm bug (#7271)
* fix error log when loading issues caused by a xorm bug

* upgrade packages

* fix fmt

* fix Consistency

* fix tests
2019-06-23 18:22:43 +03:00
techknowlogick 33ad554800 update go-git to v4.12.0 - fixes #7248 (#7249) 2019-06-19 10:14:15 +08:00
Lunny Xiao 83b90e4199 Use vfsgen instead of go-bindata (#7080)
* use vfsgen instead of go-bindata

* fix templates

* fix fmt

* vendor vsfgen
2019-06-03 00:43:47 +03:00
Rob Watson df2557835b Improve handling of non-square avatars (#7025)
* Crop avatar before resizing (#1268)

Signed-off-by: Rob Watson <rfwatson@users.noreply.github.com>

* Fix spelling error

Signed-off-by: Rob Watson <rfwatson@users.noreply.github.com>
2019-05-25 14:46:14 +03:00
Tamal Saha 34d06f4c6b Handle CORS requests (#6289) 2019-05-13 11:38:53 -04:00
Lunny Xiao 08069dc465
Improve migrations to support migrating milestones/labels/issues/comments/pullrequests (#6290)
* add migrations

* fix package dependency

* fix lints

* implements migrations except pull requests

* add releases

* migrating releases

* fix bug

* fix lint

* fix migrate releases

* fix tests

* add rollback

* pull request migtations

* fix import

* fix go module vendor

* add tests for upload to gitea

* more migrate options

* fix swagger-check

* fix misspell

* add options on migration UI

* fix log error

* improve UI options on migrating

* add support for username password when migrating from github

* fix tests

* remove comments and fix migrate limitation

* improve error handles

* migrate API will also support migrate milestones/labels/issues/pulls/releases

* fix tests and remove unused codes

* add DownloaderFactory and docs about how to create a new Downloader

* fix misspell

* fix migration docs

* Add hints about migrate options on migration page

* fix tests
2019-05-07 09:12:51 +08:00
Antoine GIRARD 2933ae4e88 Update https://github.com/urfave/cli to version 1.2.0 (#6838)
From un-tagged pervious version : https://github.com/urfave/cli/compare/d86a009f5e13...master
2019-05-03 08:49:14 -04:00
Lunny Xiao 5be1780045 update github.com/mcuadros/go-version to v0.0.0-20190308113854-92cdf37c5b75 (#6815) 2019-05-01 11:44:16 -04:00
Antoine GIRARD 84fd24246c Bump github.com/stretchr/testify from 1.2.2 to 1.3.0 (#6663)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.2.2 to 1.3.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.2.2...v1.3.0)
2019-04-16 23:45:40 -04:00
techknowlogick 3fb038c53a
upgrade version of lib/pq to v1.1.0 (#6640)
Adds SCRAM-SHA-256 authentication
2019-04-15 16:14:31 -04:00
Lunny Xiao e7d7dcb090 Issue indexer queue redis support (#6218)
* add redis queue

* finished indexer redis queue

* add redis vendor

* fix vet

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-Authored-By: lunny <xiaolunwen@gmail.com>

* switch to go mod

* Update required changes for new logging func signatures
2019-04-08 12:05:15 +03:00
zeripath 704da08fdc
Better logging (#6038) (#6095)
* Panic don't fatal on create new logger

Fixes #5854

Signed-off-by: Andrew Thornton <art27@cantab.net>

* partial broken

* Update the logging infrastrcture

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Reset the skip levels for Fatal and Error

Signed-off-by: Andrew Thornton <art27@cantab.net>

* broken ncsa

* More log.Error fixes

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove nal

* set log-levels to lowercase

* Make console_test test all levels

* switch to lowercased levels

* OK now working

* Fix vetting issues

* Fix lint

* Fix tests

* change default logging to match current gitea

* Improve log testing

Signed-off-by: Andrew Thornton <art27@cantab.net>

* reset error skip levels to 0

* Update documentation and access logger configuration

* Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE

* Fix broken level caching

* Refactor the router log

* Add Router logger

* Add colorizing options

* Adjust router colors

* Only create logger if they will be used

* update app.ini.sample

* rename Attribute ColorAttribute

* Change from white to green for function

* Set fatal/error levels

* Restore initial trace logger

* Fix Trace arguments in modules/auth/auth.go

* Properly handle XORMLogger

* Improve admin/config page

* fix fmt

* Add auto-compression of old logs

* Update error log levels

* Remove the unnecessary skip argument from Error, Fatal and Critical

* Add stacktrace support

* Fix tests

* Remove x/sync from vendors?

* Add stderr option to console logger

* Use filepath.ToSlash to protect against Windows in tests

* Remove prefixed underscores from names in colors.go

* Remove not implemented database logger

This was removed from Gogs on 4 Mar 2016 but left in the configuration
since then.

* Ensure that log paths are relative to ROOT_PATH

* use path.Join

* rename jsonConfig to logConfig

* Rename "config" to "jsonConfig" to make it clearer

* Requested changes

* Requested changes: XormLogger

* Try to color the windows terminal

If successful default to colorizing the console logs

* fixup

* Colorize initially too

* update vendor

* Colorize logs on default and remove if this is not a colorizing logger

* Fix documentation

* fix test

* Use go-isatty to detect if on windows we are on msys or cygwin

* Fix spelling mistake

* Add missing vendors

* More changes

* Rationalise the ANSI writer protection

* Adjust colors on advice from @0x5c

* Make Flags a comma separated list

* Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING

* Ensure matching is done on the non-colored message - to simpify EXPRESSION
2019-04-02 08:48:31 +01:00
Mura Li d77176912b Use Go1.11 module (#5743)
* Migrate to go modules

* make vendor

* Update mvdan.cc/xurls

* make vendor

* Update code.gitea.io/git

* make fmt-check

* Update github.com/go-sql-driver/mysql

* make vendor
2019-03-27 19:15:23 +08:00
Lunny Xiao d578b71d61
move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364)
* move code.gitea.io/git to code.gitea.io/gitea/modules/git

* fix imports

* fix fmt

* fix misspell

* remove wrong tests data

* fix unit tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* enable Debug to trace the failure tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* comment commit count tests since git clone depth is 50

* fix tests

* update from code.gitea.io/git

* revert change to makefile
2019-03-27 17:33:00 +08:00
mrsdizzie f2de5dc8c8 Replace linkRegex with xurls library (#6261)
* Replace linkRegex with xurls library

Rather than maintaining a complicated regex to match URLs for
autolinking, gitea can use this existing go library that takes care of
the matching with very little code change to gitea itself. After
spending a while trying to find the perfect regex for all cases this library
still works better as it is more flexible than a single regex ever will be.

This will also fix the following issues: #5844 #3095 #3381

This passes all our current tests and I've added new ones mentioned in
those issues as well.

* Use xurls.StrictMatchingScheme instead of xurls.Strict

This is much faster and we only care about https? links to preserve
existing behavior.
2019-03-07 15:12:01 -05:00
Lunny Xiao 830ae61456 Refactor issue indexer (#5363) 2019-02-19 09:39:39 -05:00
Lunny Xiao a380cfd8e0 Update bleve dependency to latest master revision (#6100)
* update bleve to master b17287a86f6cac923a5d886e10618df994eeb54b6724eac2e3b8dde89cfbe3a2

* remove unused pkg from dep file

* change bleve from master to recent revision
2019-02-17 19:50:26 -05:00
techknowlogick 9de871a0f8
add other session providers (#5963) 2019-02-05 11:52:51 -05:00
Lauris BH fada6968a8 Fix new release creation API to allow empty target (#5870)
* Fix new release creation API to allow empty target

* Add more test cases

* Update swagger
2019-01-30 11:33:00 -05:00
Lunny Xiao 477a80f658 upgrade go-sql-driver/mysql to fix invalid connection error (#5748)
should fix #5736
2019-01-17 06:07:23 +00:00
Zsombor c2dcb35148 Fixing #5728: (#5747)
* Format boolean values to true/false even when it is returned as byte-slice,
* Fix the sequence generation, the proper sequence name is used (instead of 'table_id_seq'), and fix the next value be max+1 always
2019-01-16 16:24:09 -05:00
techknowlogick 5c44f751a3
Discord Oauth2 support (#4476)
* add discord auth

* add vendor for discord

* fix syntax error

* make fmt

* update version of goth in use

* update markbates/goth
2019-01-13 14:06:22 -05:00
Zsombor 31aa00fa4b Update xorm to fix issue #5659 and #5651 (#5680) 2019-01-09 17:18:06 -05:00
Lunny Xiao fe55ab2a68 fix forgot removed records when deleting user (#5429)
* fix forgot removed records when deleting user

* fix migration

* fix rewritekey lock on sqlite

* remove unused codes
2018-12-18 11:26:26 -05:00
kolaente 6db7dbd333 Added test environment for mssql (#4282)
* Added test environment for m$sql

* Added template for test environment for m$sql

* Fix password

* Fix password (again)

* Fix password (again again)

* Fix db

* Ci trigger (Looking at you drone....)

* Ci trigger (Looking at you drone....)

* Ci trigger (Looking at you drone....)

* Ci trigger (Looking at you drone....)

* Create master database for mssql integration tests

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Create database only if master do not exist

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix mssql integration tests by using custom database "gitea"

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Moved defer

* bump xorm

* updated xorm

* Fixed build
2018-12-12 09:01:41 +08:00
Lauris BH 08bf443016 Implement git refs API for listing references (branches, tags and other) (#5354)
* Inital routes to git refs api

* Git refs API implementation

* Update swagger

* Fix copyright

* Make swagger happy add basic test

* Fix test

* Fix test again :)
2018-11-27 16:52:20 -05:00
Antoine GIRARD 4c1f1f9646 Remove x/net/context vendor by using std package (#5202)
* Update dep github.com/markbates/goth

* Update dep github.com/blevesearch/bleve

* Update dep golang.org/x/oauth2

* Fix github.com/blevesearch/bleve to c74e08f039e56cef576e4336382b2a2d12d9e026

* Update dep golang.org/x/oauth2
2018-11-10 18:55:36 -05:00
Stanislav 078c404c3b Prometheus endpoint (#5256)
* Add prometheus collector and route

* dep ensure -add github.com/prometheus/client_golang/prometheus

* dep ensure -update github.com/golang/protobuf

* add metrics to reserved usernames

* add comment head in metrics package

* fix style imports

* add metrics settings

* add bearer token check

* mapping metrics configs

* fix lint

* update config cheat sheet

* update conf sample, typo fix
2018-11-04 22:20:00 -05:00
Kim "BKC" Carlbäcker aeb5655c25 Update go-macaron/session to latest mast to fix RCE-bug (#5177) 2018-10-25 19:53:39 +08:00
Mura Li 317ddb7283 Update vendor/github.com/mattn/go-sqlite3 (#5162)
To fix build failure on Windows/386
2018-10-24 16:18:51 +08:00
Mura Li 2ce72d4e00 Update vendor/go-sqlite3 (#5133) 2018-10-23 13:28:10 +08:00
Lauris BH ab5b245182 Disable debug routes unless PPROF is enabled in configuration (#4995) 2018-09-29 18:44:06 -04:00
OvermindDL1 07af31d004 Fix #4877 to follow the OpenID Connect Audiences spec (#4878)
Signed-off-by: Gabriel Robertson <overminddl1@gmail.com>
2018-09-20 22:17:34 +03:00
Lauris BH 0c59edaafa Update xorm to latest version and fix correct `user` table referencing in sql (#4473) 2018-07-20 10:10:17 +08:00
Antoine GIRARD 74f9f98f78 Simply remove tidb and deps (#3993) 2018-07-04 16:23:23 -04:00
techknowlogick 9d4c1ddfa1
Dep upgrade mysql lib (#4161)
*  update gopkg file to add sql dep
2018-07-03 17:58:31 -04:00
Magnus Lindvall cdb9478774 LDAP Public SSH Keys synchronization (#1844)
* Add LDAP Key Synchronization feature

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Add migration: add login source id column for public_key table

* Only update keys if needed

* Add function to only list pubkey synchronized from ldap

* Only list pub ssh keys synchronized from ldap. Do not sort strings as ExistsInSlice does it.

* Only get keys belonging to current login source id

* Set default login source id to 0

* Some minor cleanup. Add integration tests (updete dep testify)
2018-05-24 07:59:02 +03:00
Aleksandr Bulyshchenko ee878e3951 Support secure cookie for csrf-token (#3839)
* dep: Update github.com/go-macaron/csrf

Update github.com/go-macaron/csrf with dep to revision 503617c6b372
to fix issue of csrf-token security.

This update includes following commits:
- Add support for the Cookie HttpOnly flag
- Support secure mode for csrf cookie

Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>

* routers: set csrf-token security depending on COOKIE_SECURE

Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>
2018-05-22 02:09:48 +03:00
Antoine GIRARD 3f3383dc0a Migrate to dep (#3972)
* Update makefile to use dep

* Migrate to dep

* Fix some deps

* Try to find a better version for golang.org/x/net

* Try to find a better version for golang.org/x/oauth2
2018-05-21 15:34:20 +03:00
Antoine GIRARD 8dca5ad526 Fetch missing file in github.com/davecgh/go-spew/spew (#3995) 2018-05-20 09:09:35 +03:00
Jonas Franz 951309f76a Add support for FIDO U2F (#3971)
* Add support for U2F

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add vendor library
Add missing translations

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Minor improvements

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library
Add U2F error handling

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F login page to OAuth

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Move U2F user settings to a separate file

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add unit tests for u2f model
Renamed u2f table name

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix problems caused by refactoring

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F documentation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Remove not needed console.log-s

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add default values to app.ini.sample
Add FIDO U2F to comparison

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-05-19 17:12:37 +03:00
Antoine GIRARD 917b9641ec Update to last common bleve (#3986) 2018-05-19 20:49:46 +08:00
Lauris BH e74055878f Update xormstore dependency to fix OAuth2 support for MySQL (#3955) 2018-05-13 13:10:50 +08:00
Lauris BH ff64f188fd Switch back to upstream goth repository and update govendor to latest goth version (#3863) 2018-04-30 09:05:59 +08:00
Lauris BH 5a62eb30df
Store OAuth2 session data in database (#3660)
* Store OAuth2 session data in database

* Rename table to `oauth2_session` and do not skip xormstorage initialization error
2018-04-29 09:09:24 +03:00
PJ Eby fc36567ee1 Update blackfriday dependency per #2994 (#3857)
Signed-off-by: PJ Eby <pje@telecommunity.com>
2018-04-29 13:07:36 +08:00
Lauris BH ad33730dca
Update markbates/goth libary to fix OAuth2 support (#3661) 2018-03-13 01:35:46 +02:00
Lauris BH 7b297808ce
Update markbates/goth library (#3533)
Signed-off-by: Lauris Bukšis-Haberkorns <lauris@nix.lv>
2018-02-19 07:10:51 +02:00
Ethan Koenig a89592d4ab Reduce repo indexer disk usage (#3452) 2018-02-05 20:29:17 +02:00
Lunny Xiao 97fe773491 fix MSSQL bug on org (#3405) 2018-01-27 17:20:59 +02:00
Antoine GIRARD d2736e268b Remove unused vendor github.com/stretchr/testify/require (#3273) 2017-12-31 09:11:08 +08:00
Ethan Koenig 58a7de2aea Update code.gitea.io/git (#3137) 2017-12-11 10:23:34 +08:00
Ethan Koenig b7ebaf6d20 Various wiki bug fixes (#2996)
* Update macaron

* Various wiki bug fixes
2017-11-28 17:43:51 +08:00
Lunny Xiao 10b54df2b2 Add dingtalk webhook (#2777)
* add dingtalk webhook type

* add vendor

* some fixes

* fix name check

* fix name check & improvment
2017-11-21 06:26:43 +02:00
Lauris BH a6f337046f Update go-ini dependency and remove semicolon hack in translations (#2913) 2017-11-15 11:34:42 +08:00
Ethan Koenig 5866eb2321 Code/repo search (#2582)
Indexed search of repository contents (for default branch only)
2017-10-27 09:10:54 +03:00
Jonas Bröms e86a0bf3fe Add support for extra sendmail arguments (#2731)
* Add support for extra sendmail arguments

* Sendmail args to exec.command should be a list

* Add go-shellquote package

* Use go-shellquote lib for parsing Sendmail args

* Only parse if sendmail is configured
2017-10-25 22:27:25 +03:00
Antoine GIRARD 2112eb8741 Update vendor github.com/lib/pq (#2752) 2017-10-21 12:05:58 +08:00
Lunny Xiao a8717e5e3a Use AfterLoad instead of AfterSet on Structs (#2628)
* use AfterLoad instead of AfterSet on Structs

* fix the comments on AfterLoad

* fix the comments on action AfterLoad
2017-10-01 19:52:35 +03:00
Lunny Xiao 0d80af649a Add init support of orgmode document type on file view and readme (#2525)
* add init support of orgmode document type on file view and readme

* fix imports

* fix imports and readmeExist

* fix imports order

* fix format

* remove unnecessary convert
2017-09-21 13:20:14 +08:00
Ethan Koenig b0f7457d9e Improve issue search (#2387)
* Improve issue indexer

* Fix new issue sqlite bug

* Different test indexer paths for each db

* Add integration indexer paths to make clean
2017-09-16 23:16:21 +03:00
Lunny Xiao 0f9e20b3d7 fix updated update on public key (#2514)
* fix updated update on public key

* update vendor.json

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* fix root path

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2017-09-15 11:23:48 +08:00
Lunny Xiao 005900baea Use created & updated instead BeforeInsert & BeforeUpdate (#2482)
* use created & updated instead BeforeInsert & BeforeUpdate

* fix vendor checksum

* only show generated SQL when development mode

* remove extra update column updated_unix

* remove trace config
2017-09-13 08:18:22 +03:00
Lunny Xiao 2c6a0fdca8 update latest xorm version to vendor (#2353) 2017-08-22 14:39:52 +03:00
Andrey Nering 2ef33b5338 vendor: update sqlite to fix "database is locked" errors (#2116)
closes #2040

upstream commit: acfa601240
2017-07-06 14:43:30 +08:00
Antoine GIRARD 274149dd14 Switch to keybase go-crypto (for some elliptic curve key) + test (#1925)
* Switch to keybase go-crypto (for some elliptic curve key) + test

* Use assert.NoError 

and add a little more context to failing test description

* Use assert.(No)Error everywhere 🌈

and assert.Error in place of .Nil/.NotNil
2017-06-14 08:43:43 +08:00
Ethan Koenig cf02cd7ba0 Fix and test for delete user (#1713)
* Fix and test for delete user

* Run updates in batches

* Unit test
2017-05-20 16:48:22 +08:00
Lauris BH 79494047b0 Show commit status icon in commits table (#1688)
* Show commit status icon in commits table

* Add comments

* Fix icons

* Few more places where commit table is displayed

* Change integration test to use goquery for parsing html

* Add integration tests for commit table and status icons

* Fix status to return lates status correctly on all databases

* Rewrote lates commit status selects
2017-05-07 22:40:31 +08:00
Lauris BH 3792867955 Update xorm to latest version (#1651)
* Update xorm to latest version

* Update xorm/builder
2017-05-02 08:50:33 +08:00
Willem van Dreumel 950f2e2074 Additional OAuth2 providers (#1010)
* add google+

* sort signin oauth2 providers based on the name so order is always the same

* update auth tip for google+

* add gitlab provider

* add bitbucket provider (and some go fmt)

* add twitter provider

* add facebook provider

* add dropbox provider

* add openid connect provider incl. new format of tips section in "Add New Source"

* lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow)

* imports according to goimport and code style

* make it possible to set custom urls to gitlab and github provider (only these could have a different host)

* split up oauth2 into multiple files

* small typo in comment

* fix indention

* fix indentation

* fix new line before external import

* fix layout of signin part

* update "broken" dependency
2017-05-01 21:26:53 +08:00
Lunny Xiao e3c2963222 remove unused vendor packages (#1620) 2017-04-27 18:10:34 +08:00
Antoine GIRARD eb1075dd4c Check if missing/modified/unused deps in vendor and fix errors (#1468)
* Check if missing deps in vendor

This will catch import from other repos. (maybe by auto-import)

* Remove github.com/smartystreets unused deps

* Remove github.com/boltdb/bolt unused dep

* Fetch github.com/go-xorm/core + sync gopkg.in/ldap.v2/ldap.go

* Auto-install govendor + reinstall github.com/boltdb/bolt needed by vendor/github.com/blevesearch/bleve/index/store/boltdb

* Update go-xorm/xorm to a5cb21 in vendor.json

* Use a custom repo for implementing change to bolt dep.

* Switching bolt to github.com/go-gitea/bolt

* Switching bolt to github.com/go-gitea/bolt (fork version)

* change the drone sign
2017-04-24 22:31:46 +08:00
Lunny Xiao 5acfc7c4bc fix migrate failed and org dashboard failed on MSSQL database (#1448) 2017-04-06 18:47:25 -07:00
Damien Gaignon a78a0266c4 Correct broken unaligned load/store in armv5 (#1355)
Update vendor github.com/boltdb/bolt to take care of the issue #1354.
2017-04-05 18:50:33 -07:00
Sandro Santilli 71d16f69ff Login via OpenID-2.0 (#618) 2017-03-17 15:16:08 +01:00
Lunny Xiao fa41ddd3eb fix build failed on aarch64 (#1132) 2017-03-07 15:09:05 +08:00
Lunny Xiao 6bdfadf4a9 fix broken caused by boltdb in mips/mipsle (#1107) 2017-03-03 15:57:54 +08:00
Willem van Dreumel 01d957677f Oauth2 consumer (#679)
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)

* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)

* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
2017-02-22 08:14:37 +01:00
Lunny Xiao c5f8b96dda update xorm for fixing bug on processor BeforeSet and AfterSet when Find a map (#987) 2017-02-20 19:33:10 +08:00
Lunny Xiao 46320f9630 refactor notificationsForUser since xorm In support slice of customerize type (#956) 2017-02-16 12:07:00 +08:00
Lunny Xiao 284c0160c3 update xorm vendor and also fix #740 (#886) 2017-02-10 23:02:26 +08:00
Ethan Koenig d2329e1c26 Use assert in legacy unit tests (#867) 2017-02-08 14:29:07 +08:00
Thomas Boerger ea8c8cdaf3 Fix master builds on mips* again (#815)
* Use local folder for xgo

* Always do crosscompile and testing to fail early

* Added mips* values for boltdb

In order to get master building again I have applied these 2 additional
files to boltdb. This should get dropped when
https://github.com/boltdb/bolt/issues/656 gets solved.
2017-02-02 11:56:08 +08:00
Andrey Nering e7c3be5f2f Merge pull request #736 from andreynering/fix-windows-ssh
Fix SSH server on Windows when running as service
2017-01-25 14:19:55 -02:00
Bo-Yi Wu 691fbdf1d3 fix: delete attachment after remove comment. 2017-01-25 16:40:43 +01:00
Bwko 8555e888d8 Add ETag header to avatars (#721) 2017-01-25 12:26:31 +08:00
Ethan Koenig 833f8b94c2 Search bar for issues/pulls (#530) 2017-01-25 10:43:02 +08:00
Andrey Nering 2009f4cbda Remove original minwinsvc from vendor 2017-01-23 20:57:34 -02:00
Lunny Xiao 907b6f943c update xorm for bugs fix (#728) 2017-01-23 19:11:57 +08:00
Lunny Xiao a8048c19f3 Update xorm and fix dump command (#692)
* update xorm and fix dump

* catch database init error

* still use dumpTables

* fix dump bool type

* update vendor.json
2017-01-23 17:11:18 +08:00
Andrew 6dd096b7f0 Two factor authentication support (#630)
* Initial commit for 2FA support

Signed-off-by: Andrew <write@imaginarycode.com>

* Add vendored files

* Add missing depends

* A few clean ups

* Added improvements, proper encryption

* Better encryption key

* Simplify "key" generation

* Make 2FA enrollment page more robust

* Fix typo

* Rename twofa/2FA to TwoFactor

* UNIQUE INDEX -> UNIQUE
2017-01-16 10:14:29 +08:00
Lunny Xiao 980dd0bf51 Update xorm and dependencies vendor for feature to dump to other database (#565)
* update xorm and dependencies vendor for feature to dump to other database

* fix golint
2017-01-03 16:20:28 +08:00
Ethan Koenig de8b73dd92 Unit tests for token and update models 2016-12-31 10:17:45 +01:00
Lunny Xiao 527c2dd665 Support http service graceful restart (#416)
* support http service graceful restart

* fix dependencies
2016-12-31 09:00:33 +08:00
Fabian Zaremba 2e7ccecfe6 Git LFS support v2 (#122)
* Import github.com/git-lfs/lfs-test-server as lfs module base

Imported commit is 3968aac269a77b73924649b9412ae03f7ccd3198

Removed:

Dockerfile CONTRIBUTING.md mgmt* script/ vendor/ kvlogger.go
.dockerignore .gitignore README.md

* Remove config, add JWT support from github.com/mgit-at/lfs-test-server

Imported commit f0cdcc5a01599c5a955dc1bbf683bb4acecdba83

* Add LFS settings

* Add LFS meta object model

* Add LFS routes and initialization

* Import github.com/dgrijalva/jwt-go into vendor/

* Adapt LFS module: handlers, routing, meta store

* Move LFS routes to /user/repo/info/lfs/*

* Add request header checks to LFS BatchHandler / PostHandler

* Implement LFS basic authentication

* Rework JWT secret generation / load

* Implement LFS SSH token authentication with JWT

Specification: https://github.com/github/git-lfs/tree/master/docs/api

* Integrate LFS settings into install process

* Remove LFS objects when repository is deleted

Only removes objects from content store when deleted repo is the only
referencing repository

* Make LFS module stateless

Fixes bug where LFS would not work after installation without
restarting Gitea

* Change 500 'Internal Server Error' to 400 'Bad Request'

* Change sql query to xorm call

* Remove unneeded type from LFS module

* Change internal imports to code.gitea.io/gitea/

* Add Gitea authors copyright

* Change basic auth realm to "gitea-lfs"

* Add unique indexes to LFS model

* Use xorm count function in LFS check on repository delete

* Return io.ReadCloser from content store and close after usage

* Add LFS info to runWeb()

* Export LFS content store base path

* LFS file download from UI

* Work around git-lfs client issue with unauthenticated requests

Returning a dummy Authorization header for unauthenticated requests
lets git-lfs client skip asking for auth credentials
See: https://github.com/github/git-lfs/issues/1088

* Fix unauthenticated UI downloads from public repositories

* Authentication check order, Finish LFS file view logic

* Ignore LFS hooks if installed for current OS user

Fixes Gitea UI actions for repositories tracking LFS files.
Checks for minimum needed git version by parsing the semantic version
string.

* Hide LFS metafile diff from commit view, marking as binary

* Show LFS notice if file in commit view is tracked

* Add notbefore/nbf JWT claim

* Correct lint suggestions - comments for structs and functions

- Add comments to LFS model
- Function comment for GetRandomBytesAsBase64
- LFS server function comments and lint variable suggestion

* Move secret generation code out of conditional

Ensures no LFS code may run with an empty secret

* Do not hand out JWT tokens if LFS server support is disabled
2016-12-26 09:16:37 +08:00
btrepp 25b5ffb6af Enables mssql support (#383)
* Enables mssql support

Port of dlobs work in gogs.
Enables options in index.js
Enables MSSQL as a database option in go.
Sets ID to 0 on initial migration. Required for
MSSQL insert statements.

Signed-off-by: Beau Trepp <beautrepp@gmail.com>

* Vendors in denisenkom/go-mssqldb

Includes golang.org/x/crypto/md4
as this is required by go-msssqldb

Signed-off-by: Beau Trepp <beautrepp@gmail.com>
2016-12-24 09:37:35 +08:00
Thomas Boerger b6a95a8cb3 Integrate public as bindata optionally (#293)
* Dropped unused codekit config

* Integrated dynamic and static bindata for public

* Ignore public bindata

* Add a general generate make task

* Integrated flexible public assets into web command

* Updated vendoring, added all missiong govendor deps

* Made the linter happy with the bindata and dynamic code

* Moved public bindata definition to modules directory

* Ignoring the new bindata path now

* Updated to the new public modules import path

* Updated public bindata command and drop the new prefix
2016-11-30 00:26:36 +08:00
Lunny Xiao a8c6698de8 Fix error 500 on organization dashboard page (#150) 2016-11-12 00:40:21 +08:00
Sandro Santilli 4247304f5a Update import paths from github.com/go-gitea to code.gitea.io (#135)
- Update import paths from github.com/go-gitea to code.gitea.io
- Fix import path for travis

See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
2016-11-10 17:24:48 +01:00