Commit graph

369 commits

Author SHA1 Message Date
Lunny Xiao
d151503d34 Upgrade xorm to v0.8.0 (#8536) 2019-10-17 11:26:49 +02:00
zeripath
fcb535c5c3
Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631)
This PR fixes #7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however.

## Features
- [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.)
- [x] Verify commits signed with the default gpg as valid
- [x] Signer, Committer and Author can all be different
    - [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon.
- [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available
    - Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg
    - [x] Try to match the default key with a user on gitea - this is done at verification time
- [x] Make things configurable?
    - app.ini configuration done
    - [x] when checking commits are signed need to check if they're actually verifiable too
- [x] Add documentation

I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
2019-10-16 14:42:42 +01:00
guillep2k
15809d81f7 Rewrite reference processing code in preparation for opening/closing from comment references (#8261)
* Add a markdown stripper for mentions and xrefs

* Improve comments

* Small code simplification

* Move reference code to modules/references

* Fix typo

* Make MarkdownStripper return [][]byte

* Implement preliminary keywords parsing

* Add FIXME comment

* Fix comment

* make fmt

* Fix permissions check

* Fix text assumptions

* Fix imports

* Fix lint, fmt

* Fix unused import

* Add missing export comment

* Bypass revive on implemented interface

* Move mdstripper into its own package

* Support alphanumeric patterns

* Refactor FindAllMentions

* Move mentions test to references

* Parse mentions from reference package

* Refactor code to implement renderizable references

* Fix typo

* Move patterns and tests to the references package

* Fix nil reference

* Preliminary rendering attempt of closing keywords

* Normalize names, comments, general tidy-up

* Add CSS style for action keywords

* Fix permission for admin and owner

* Fix golangci-lint

* Fix golangci-lint
2019-10-13 23:29:10 +01:00
zeripath
5e759b60cc Restore functionality for early gits (#7775)
* Change tests to make it possible to run TestGit with 1.7.2

* Make merge run on 1.7.2

* Fix tracking and staging branch name problem

* Ensure that git 1.7.2 works on tests

* ensure that there is no chance for conflicts

* Fix-up missing merge issues

* Final rm

* Ensure LFS filters run on the tests

* Do not sign commits from temp repo

* Restore tracking fetch change

* Apply suggestions from code review

* Update modules/repofiles/temp_repo.go
2019-10-12 08:13:27 +08:00
Lunny Xiao
46a12f196b
Move change issue title from models to issue service package (#8456)
* move change issue title from models to issue service package

* make the change less

* fix typo
2019-10-11 14:44:43 +08:00
guillep2k
0bda876161 Fix lfs locks (#8361)
* Extend time window for TestAPILFSLocksLogged
2019-10-03 09:56:26 +02:00
David Svantesson
90ab3056eb Api: advanced settings for repository (external wiki, issue tracker etc.) (#7756)
* Add API for Repo Advanced Settings of wiki and issue tracker

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add some integration tests for tracker and wiki settings through API

* Should return StatusUnprocessableEntity in case of invalid API values.

* Add tests for invalid URLs for external tracker and wiki.

* Do not set inital values if they are default of type

* Make issue tracker and wiki units separate structures in Repository API structure.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix comment of structures

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Rewrite API to use struct for setting tracker and wiki settings.

* LetOnlyContributorsTrackTime -> AllowOnlyContributorsToTrackTime
2019-10-02 17:30:41 +08:00
David Svantesson
36bcd4cd6b API endpoint for searching teams. (#8108)
* Api endpoint for searching teams.

Signed-off-by: dasv <david.svantesson@qrtech.se>

* Move API to /orgs/:org/teams/search

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Regenerate swagger

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix search is Get

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add test for search team API.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Update routers/api/v1/org/team.go

grammar

Co-Authored-By: Richard Mahn <richmahn@users.noreply.github.com>

* Fix review comments

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix some issues in repo collaboration team search, after changes in this PR.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Remove teamUser which is not used and replace with actual user id.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Remove unused search variable UserIsAdmin.

* Add paging to team search.

* Re-genereate swagger

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix review comments

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* fix

* Regenerate swagger
2019-10-01 13:32:28 +08:00
Lunny Xiao
a8c024043c Improve integration tests (#8276)
* improve integration tests

* fix Makefile

* improve makefile and integration docs
2019-09-25 14:13:18 +02:00
Sandro Santilli
3dd1cee331 Test more reserved usernames (#8263)
* Test more reserved usernames

* Add more reserved usernames, sort them

* Reserve "attachments" username (is a used route)

* It's "avatars" being reserved, not "avatar"
2019-09-24 13:12:56 -04:00
guillep2k
2a2b46c62e Reference issues from pull requests and other issues (#8137)
* Update ref comment

* Generate comment on simple ref

* Make fmt + remove unneeded repo load

* Add TODO comments

* Add ref-check in issue creation; re-arrange template

* Make unit tests pass; rearrange code

* Make fmt

* Filter out xref comment if user can't see the referencing issue

* Add TODOs

* Add cross reference

* Rearrange code; add cross-repository references

* Striketrhough obsolete references

* Remove unnecesary TODO

* Add "not supported" note

* Support for edits and deletes, and issue title

* Revert changes to go.mod

* Fix fmt

* Add support for xref from API

* Add first integration test

* Add integration tests

* Correct formatting

* Fix add comment test

* Add migration

* Remove outdated comments; fix typo

* Some code refactoring and rearranging

* Rename findCrossReferences to createCrossReferences

* Delete xrefs when repository is deleted

* Corrections as suggested by @lafriks

* Prepare for merge

* Fix log for errors
2019-09-20 01:45:38 -04:00
Mura Li
eec997d30a Fix data race (#8204)
* Fix data race

* Fix data race in modules/log

* Make the scope of lock finner-grained

* Use syc.Map

* Fix missing change in the test

* Do not export LoggerMap
2019-09-17 12:39:37 +03:00
Lunny Xiao
be0f7ff9bf
Fix team user api (#8172)
* fix team user api

* fix tests

* fix api

* fix team user api

* change user convert

* fix tests

* fix tests
2019-09-15 20:22:02 +08:00
guillep2k
72f6d5c882 Restrict repository indexing by glob match (#7767)
* Restrict repository indexing by file extension

* Use REPO_EXTENSIONS_LIST_INCLUDE instead of REPO_EXTENSIONS_LIST_EXCLUDE and have a more flexible extension pattern

* Corrected to pass lint gosimple

* Add wildcard support to REPO_INDEXER_EXTENSIONS

* This reverts commit 72a650c8e4.

* Add wildcard support to REPO_INDEXER_EXTENSIONS (no make vendor)

* Simplify isIndexable() for better clarity

* Add gobwas/glob to vendors

* manually set appengine new release

* Implement better REPO_INDEXER_INCLUDE and REPO_INDEXER_EXCLUDE

* Add unit and integration tests

* Update app.ini.sample and reword config-cheat-sheet

* Add doc page and correct app.ini.sample

* Some polish on the doc

* Simplify code as suggested by @lafriks
2019-09-11 20:26:28 +03:00
David Svantesson
1f951cdeba Add API endpoint for accessing repo topics (#7963)
* Create API endpoints for repo topics.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Generate swagger

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add documentation to functions

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Grammar fix

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix function comment

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Can't use FindTopics when looking for a single repo topic, as it doesnt use exact match

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add PUT ​/repos​/{owner}​/{repo}​/topics and remove GET ​/repos​/{owner}​/{repo}​/topics

* Ignore if topic is sent twice in same request, refactoring.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix topic dropdown with api changes.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Style fix

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Update API documentation

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Better way to handle duplicate topics in slice

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Make response element TopicName an array of strings, instead of using an array of TopicName

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add test cases for API Repo Topics.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix format of tests

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix comments

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix unit tests after adding some more topics to the test fixture.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Update models/topic.go

Limit multiple if else if ...

Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>

* Engine as first parameter in function

Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>

* Replace magic numbers with http status code constants.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix variable scope

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Test one read with login and one with token

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add some more tests

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Apply suggestions from code review

Use empty struct for efficiency

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Add test case to check access for user with write access

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix access, repo admin required to change topics

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Correct first test to be without token

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Any repo reader should be able to access topics.

* No need for string pointer

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
2019-09-03 23:46:24 +08:00
Gary Kim
ee11974719 Search Commits via Commit Hash (#7400)
* search commits via commit hash

Signed-off-by: Gary Kim <gary@garykim.dev>

* Also include all option for hash search

Signed-off-by: Gary Kim <gary@garykim.dev>

* Remove code duplication in commit search

Signed-off-by: Gary Kim <gary@garykim.dev>

* Add case ignore to commit hash search

Signed-off-by: Gary Kim <gary@garykim.dev>
2019-09-02 19:38:04 -04:00
guillep2k
765be70323 Make CI work (#8057)
* Use export GOPROXY=https://goproxy.cn before build

* Add go version to generate command

* Reproduced the entire build procedure - see notes

I've used:

sudo go clean -i -r -cache -testcache -modcache
make clean
make generate
make golangci-lint
make revive
make swagger-check
make swagger-validate
make test-vendor            <--- this now fails
make vendor                 <--- this now produced changes
git commit -a               <--- this commit

* Add fix from #8059 to complete CI tests
2019-09-02 15:12:29 -04:00
Mike Schwörer
042089fbaf API method to list all commits of a repository (#6408)
* Added API endpoint ListAllCommits (/repos/{owner}/{repo}/git/commits)

Signed-off-by: Mike Schwörer <mailport@mikescher.de>

* Fixed failing drone build

Signed-off-by: Mike Schwörer <mailport@mikescher.de>

* Implemented requested changes (PR reviews)

Signed-off-by: Mike Schwörer <mailport@mikescher.de>

* gofmt

Signed-off-by: Mike Schwörer <mailport@mikescher.de>

* Changed api route from "/repos/{owner}/{repo}/git/commits" to "/repos/{owner}/{repo}/commits"

* Removed unnecessary line

* better error message when git repo is empty

* make generate-swagger

* fixed removed return

* Update routers/api/v1/repo/commits.go

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Update routers/api/v1/repo/commits.go

Co-Authored-By: Lauris BH <lauris@nix.lv>

* go fmt

* Refactored common code into ToCommit()

* made toCommit not exported

* added check for userCache == nil
2019-08-26 16:09:10 +02:00
Lunny Xiao
f83db078f0 Move database settings from models to setting (#7806)
* move database settings from models to setting

* update docs

* fix checkout pr

* fix tests

* fix lint

* remove unsupported tidb options

* correct wrong variable name

* remove tidb totally
2019-08-24 11:24:45 +02:00
Tamal Saha
171b359877 Use gitea forked macaron (#7933)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-08-23 12:40:29 -04:00
Mura Li
3ac45e3cb5 Fix pull creation with empty changes (#7920)
* Logs the stderr of git-apply
* Add an integration test
* Skip testPatch when patch is empty
2019-08-20 13:43:00 -04:00
guillep2k
de5986ae03 Reduce quote usage to bypass bug in GIT_SSH_COMMAND (#7893) 2019-08-16 23:28:55 +01:00
guillep2k
5a44be627c Convert files to utf-8 for indexing (#7814)
* Convert files to utf-8 for indexing

* Move utf8 functions to modules/base

* Bump repoIndexerLatestVersion to 3

* Add tests for base/encoding.go

* Changes to pass gosimple

* Move UTF8 funcs into new modules/charset package
2019-08-15 20:07:28 +08:00
Antoine GIRARD
c2c35d169c lfs/lock: round locked_at timestamp to second (#7872)
* lfs/lock: round locked_at timestamp to second

* test returned locked_at values

* tests: use time RFC3339
2019-08-15 18:53:28 +08:00
zeripath
176ba79e96
Fix local runs of ssh-requiring integration tests (#7855) 2019-08-14 12:19:13 +01:00
Antoine GIRARD
e9bb75d8d1 Fix duplicate call of webhook (#7821) 2019-08-11 23:31:18 +03:00
Antoine GIRARD
2b6f45299d api: fix multiple bugs with statuses endpoints (#7785)
* fix commit statuses api url

* search refs before passing sha

* adjust tests

* directly search tags and branches names + remove un-needed check in NewCommitStatus

* fix comment

* de-duplicate code

* test: use relative setting.AppURL

* Update routers/api/v1/repo/status.go

Co-Authored-By: Lauris BH <lauris@nix.lv>

* remove return

* Update routers/api/v1/repo/status.go

Co-Authored-By: Lauris BH <lauris@nix.lv>
2019-08-09 10:13:03 +08:00
zeripath
026696b87a
Fix dropTableColumns sqlite implementation (#7710)
* Fix dropTableColumns sqlite implementation

* use droptables and its index dropping support in v78 and v85

* golang-ci fixes

* Add migration from gitea 1.3.3 for sqlite which reveals the droptables bug - thus showing this works
2019-08-05 22:49:49 +01:00
Antoine GIRARD
d02566a8ea integration tests: Use t.Helper() (#7654) 2019-07-29 12:15:18 +08:00
zeripath
78e5317242
Update to latest mssqldriver (#7613)
* New driver does not tolerate USE - handle this by closing db and reopening db in the new dbname
2019-07-26 05:10:20 +01:00
Christian Muehlhaeuser
54d96c79b5 Removed unnecessary conversions (#7557)
No need to convert to the same type.
2019-07-23 19:50:39 +01:00
Christian Muehlhaeuser
12a098920c Fixed ineffectual assignments in tests (#7553)
Just makes it a bit more obvious which values we want to test for, and which
ones we want to ignore.
2019-07-22 15:11:16 +08:00
techknowlogick
d0ec940dd7
switch to use gliderlabs/ssh for builtin server (#7250)
resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash)

Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
2019-07-06 21:28:09 -04:00
Lunny Xiao
1772c6b94d fix pull view ui merge section (#7335)
* fix pull view ui merge section

* fix tests

* fix tests
2019-07-01 00:08:43 -04:00
Lunny Xiao
ff85dd3e12 Add commit statuses reports on pull request view (#6845)
* Add commit statuses reports on pull view

* Add some translations

* improve the UI

* fix fmt

* fix tests

* add a new test git repo to fix tests

* fix bug when headRepo or headBranch missing

* fix tests

* fix tests

* fix consistency

* fix tests

* fix tests

* change the test repo

* fix tests

* fix tests

* fix migration

* keep db size consistency

* fix translation

* change commit hash status table unique index

* remove unused table

* use char instead varchar

* make hashCommitStatusContext private

* split merge section with status check on pull view ui

* fix tests; fix arc-green theme on pull ui
2019-06-30 08:57:59 +01:00
Richard Mahn
cd96dee982 Fixes #7292 - API File Contents bug (#7301) 2019-06-29 16:51:10 -04:00
Richard Mahn
002b597c1f Fixes #7152 - Allow create/update/delete message to be empty, use default message (#7324)
* Fixes #7152 - Allow create/update/delete message to be empty, use default message

* Linting fix

* Fix to delete integration tests
2019-06-29 16:19:24 +01:00
zeripath
baefea311f
Fix #732: Add LFS objects to base repository on merging (#7082)
On merge we walk the merge history and ensure that all lfs objects pointed to in
the history are added to the base repository. This switches from relying on having git-lfs installed on the server, (and in fact .gitattributes being correctly installed.)
2019-06-22 18:35:34 +01:00
John Olheiser
8f0182c322 API error cleanup (#7186) 2019-06-12 17:07:24 -04:00
kolaente
f9ec2f89f2 Add golangci (#6418) 2019-06-12 15:41:28 -04:00
Richard Mahn
8de0b0a3f0 Fixes #2738 - Adds the /git/tags API endpoint (#7138)
* Fixes #2738 - /git/tags API

* proper URLs

* Adds function comments

* Updates swagger

* Removes newline from tag message

* Removes trailing newline from commit message

* Adds integration test

* Removed debugging

* Adds tests

* Fixes bug where multiple tags of same commit show wrong tag name

* Fix formatting

* Removes unused varaible

* Fix to annotated tag function names and response

* Update modules/git/repo_tag.go

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Uses TagPrefix

* Changes per review, better error handling for getting tag and commit IDs

* Fix to getting commit ID

* Fix to getting commit ID

* Fix to getting commit ID

* Fix to getting commit ID
2019-06-08 17:31:11 +03:00
zeripath
356854fc5f Move serv hook functionality & drop GitLogger (#6993)
* Move hook functionality internally

* Internalise serv logic

* Remove old internal paths

* finally remove the gitlogger

* Disallow push on archived repositories

* fix lint error

* Update modules/private/key.go

* Update routers/private/hook.go

* Update routers/private/hook.go

* Update routers/private/hook.go

* Updated routers/private/serv.go

* Fix LFS Locks over SSH

* rev-list needs to be run by the hook process

* fixup

* Improve git test

* Ensure that the lfs files are created with a different prefix

* Reduce the replication in git_test.go

* slight refactor

* Remove unnecessary "/"

* Restore ensureAnonymousClone

* Restore ensureAnonymousClone

* Run rev-list on server side

* Try passing in the alternative directories instead

* Mark test as skipped

* Improve git test

* Ensure that the lfs files are created with a different prefix
* Reduce the replication in git_test.go
* Remove unnecessary "/"
2019-06-01 23:00:21 +08:00
zeripath
fb4438a815
Improve git test (#7086)
* Ensure that the lfs files are created with a different prefix
* Reduce the replication in git_test.go
2019-05-31 11:12:15 +01:00
Richard Mahn
43cf2f3b55 Fixes #7023 - API Org Visibility (#7028) 2019-05-30 13:57:55 -04:00
Richard Mahn
1831b3b571 Fixes #5960 - Adds API Endpoint for Repo Edit (#7006)
* Feature - #5960 - API Endpoint for Repo Editing

* Revert from merge

* Adds integration testing

* Updates to integration tests

* Revert changes

* Update year in file header

* Misspell fix

* XORM = test

* XORM = test

* revert XORM = file

* Makes RepoUnit.ID be pk and autoincr

* Fix to units

* revert header

* Remove print statement

* Adds other responses

* Improves swagger for creating repo

* Fixes import order

* Better Unit Type does not exist error

* Adds editable repo properties to the response repo structure

* Fix to api_repo_edit_test.go

* Fixes repo test

* Changes per review

* Fixes typo and standardizes comments in the EditRepoOption struct for swagger

* Fixes typo and standardizes comments in the EditRepoOption struct for swagger

* Actually can unarchive through the API

* Unlike delete, user doesn't have to be the owner of the org, just admin to the repo

* Fix to swagger comments for field name change

* Update to swagger docs

* Update swagger

* Changes allow_pull_requests to has_pull_requests
2019-05-30 11:09:05 -04:00
Bo-Yi Wu
743697a549
refactor: append, build variable and type switch (#4940)
* refactor: append, build variable and type switch

* fix: remove redundant space.
2019-05-28 23:45:54 +08:00
zeripath
31557b1274
Fix LFS Locks over SSH (#6999)
* Fix LFS Locks over SSH
* Mark test as skipped
2019-05-28 11:32:41 +01:00
zeripath
54bd63cd5c
Change UpdateRepoIndex api to include watchers (#7012)
* Change UpdateRepoIndex api to include watchers

* Add timeout
2019-05-23 17:00:07 +01:00
zeripath
84bfd00537
Fix TestSearchRepo by waiting till indexing is done (#7004)
* Fix TestSearchRepo by waiting till indexing is done

* Update integrations/repo_search_test.go

* changes as per @mrsdizzie
2019-05-21 20:11:09 +01:00
mrsdizzie
68a83cc5a2 Allow collaborators to view repo owned private org (#6965)
Handle case where an orginization is private but a user who is not a
member of the orgninization has been added as a collaborator of a repo
within that org

Fixes #6962
2019-05-16 11:48:40 -04:00
zeripath
56ae539bed SearchRepositoryByName improvements and unification (#6897) 2019-05-15 11:24:39 -04:00
zeripath
e55c874dd2 Add work path CLI option (#6922)
Makes it possible to set the work path as a CLI option instead of
relying on environment variables which are somewhat opaque
2019-05-14 11:20:35 -04:00
Tamal Saha
34d06f4c6b Handle CORS requests (#6289) 2019-05-13 11:38:53 -04:00
zeripath
ce8de35334 Remove local clones & make hooks run on merge/edit/upload (#6672)
* Add options to git.Clone to make it more capable

* Begin the process of removing the local copy and tidy up

* Remove Wiki LocalCopy Checkouts

* Remove the last LocalRepo helpers

* Remove WithTemporaryFile

* Enable push-hooks for these routes

* Ensure tests cope with hooks

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove Repository.LocalCopyPath()

* Move temporary repo to use the standard temporary path

* Fix the tests

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove LocalWikiPath

* Fix missing remove

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Use AppURL for Oauth user link (#6894)

* Use AppURL for Oauth user link

Fix #6843

* Update oauth.go

* Update oauth.go

* internal/ssh: ignore env command totally (#6825)

* ssh: ignore env command totally

* Remove commented code 

Needed fix described in issue #6889

* Escape the commit message on issues update and title in telegram hook (#6901)

* update sdk to latest (#6903)

* improve description of branch protection (fix #6886) (#6906)

The branch protection description text were not quite accurate.

* Fix logging documentation (#6904)

* ENABLE_MACARON_REDIRECT should be REDIRECT_MACARON_LOG

* Allow DISABLE_ROUTER_LOG to be set in the [log] section

* [skip ci] Updated translations via Crowdin

* Move sdk structs to modules/structs (#6905)

* move sdk structs to moduels/structs

* fix tests

* fix fmt

* fix swagger

* fix vendor
2019-05-11 11:29:17 -04:00
Lunny Xiao
34eee25bd4
Move sdk structs to modules/structs (#6905)
* move sdk structs to moduels/structs

* fix tests

* fix fmt

* fix swagger

* fix vendor
2019-05-11 18:21:34 +08:00
Richard Mahn
6db3dc7c02 Fixes #6881 - API users search fix (#6882) 2019-05-08 22:17:32 +03:00
Lunny Xiao
9f18b23129 Fix 404 when send pull request some situation (#6871) 2019-05-07 13:20:23 -04:00
Lauris BH
d9d538c8a1
Refactor table width to have more info shown in file list (#6867)
* Refactor table width to have more info shown in file list

* Remove unnecesary semicolon

* Fix tests for changed html structure
2019-05-06 21:43:40 +03:00
Lunny Xiao
2382f1b057
fix 500 when reviewer is deleted with integration tests (#6856) 2019-05-06 20:09:31 +08:00
zeripath
0081cd8dfe Add mssql migration tests (#6852) 2019-05-06 02:42:29 +03:00
techknowlogick
46373e7657
Hash App token (#6724) 2019-05-04 11:45:34 -04:00
zeripath
8d0d7bc28d Make CustomPath, CustomConf and AppWorkPath configurable at build (#6631) 2019-04-29 14:08:21 -04:00
ngourdon
4e311123d8 Fix team edit API panic (#6780) 2019-04-27 19:32:33 -04:00
Lunny Xiao
199faadea3 Fix org visibility bug when git cloning (#6743)
* fix org visibility bug

* fix permission check

* add integration tests

* fix tests

* change test user name for easier maintainance and fix test

* fix test git repo name
2019-04-25 21:59:10 +03:00
Lunny Xiao
ff03b2f606 Fix: Sort repos on org home page with non-admin login (#6741) 2019-04-24 19:20:22 +01:00
Lunny Xiao
1d8b521ae1 Add tests for Org API (#6731) 2019-04-24 12:16:14 -04:00
Lunny Xiao
59be704efb Fix team members API (#6714) 2019-04-24 01:32:35 -04:00
zeripath
b33f7f792b
Prevent creating empty sessions (#6677)
* Prevent creating empty sessions

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update modules/setting/session.go

* Remove unnecessary option

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add destory to list of ignored misspellings

* rename cookie.go -> virtual.go

* Delete old file

* Add test to ensure that sessions are not created without being logged in

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix tests

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update integrations/create_no_session_test.go
2019-04-20 07:44:50 +01:00
Filip Navara
2af67f6044 Improve listing performance by using go-git (#6478)
* Use go-git for tree reading and commit info lookup.

Signed-off-by: Filip Navara <navara@emclient.com>

* Use TreeEntry.IsRegular() instead of ObjectType that was removed.

Signed-off-by: Filip Navara <navara@emclient.com>

* Use the treePath to optimize commit info search.

Signed-off-by: Filip Navara <navara@emclient.com>

* Extract the latest commit at treePath along with the other commits.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix listing commit info for a directory that was created in one commit and never modified after.

Signed-off-by: Filip Navara <navara@emclient.com>

* Avoid nearly all external 'git' invocations when doing directory listing (.editorconfig code path is still hit).

Signed-off-by: Filip Navara <navara@emclient.com>

* Use go-git for reading blobs.

Signed-off-by: Filip Navara <navara@emclient.com>

* Make SHA1 type alias for plumbing.Hash in go-git.

Signed-off-by: Filip Navara <navara@emclient.com>

* Make Signature type alias for object.Signature in go-git.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix GetCommitsInfo for repository with only one commit.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix PGP signature verification.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix issues with walking commit graph across merges.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix typo in condition.

Signed-off-by: Filip Navara <navara@emclient.com>

* Speed up loading branch list by keeping the repository reference (and thus all the loaded packfile indexes).

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix lising submodules.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix build

Signed-off-by: Filip Navara <navara@emclient.com>

* Add back commit cache because of name-rev

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix tests

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix code style

* Fix spelling

* Address PR feedback

Signed-off-by: Filip Navara <navara@emclient.com>

* Update vendor module list

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix getting trees by commit id

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix remaining unit test failures

* Fix GetTreeBySHA

* Avoid running `git name-rev` if not necessary

Signed-off-by: Filip Navara <navara@emclient.com>

* Move Branch code to git module

* Clean up GPG signature verification and fix it for tagged commits

* Address PR feedback (import formatting, copyright headers)

* Make blob lookup by SHA working

* Update tests to use public API

* Allow getting content from any type of object through the blob interface

* Change test to actually expect the object content that is in the GIT repository

* Change one more test to actually expect the object content that is in the GIT repository

* Add comments
2019-04-19 20:17:27 +08:00
Richard Mahn
2262811e40 Fixes 4762 - Content API for Creating, Updating, Deleting Files (#6314) 2019-04-17 12:06:35 -04:00
Segev Finer
34548369e1 Add API for manipulating Git hooks (#6436)
* Add API for manipulating Git hooks

Signed-off-by: Segev Finer <segev@codeocean.com>

* Replace code.gitea.io/sdk with PR branch temporarily for CI

* Switch back to code.gitea.io/sdk@master

* Return 403 instead of 404 on no permission to edit hooks in API

* Add tests for Git hooks API

* Update models/repo_list_test.go

Co-Authored-By: segevfiner <segev208@gmail.com>

* Update models/repo_list_test.go

Co-Authored-By: segevfiner <segev208@gmail.com>

* empty line
2019-04-17 01:31:08 -04:00
zeripath
837116875e Return a UserList from /api/v1/admin/users (#6629) 2019-04-15 12:36:59 -04:00
Jonas Franz
62d3f49c28 Add json tags for oauth2 form (#6627) 2019-04-15 11:54:50 -04:00
Antoine GIRARD
d699de32f2 add .gpg url (match github behaviour) (#6610)
* add .gpg url (match github behaviour)

* wildcard

* test to export maximum data

* working POC

* add comment for old imported keys

* cleaning

* Update routers/user/profile.go

Co-Authored-By: sapk <sapk@users.noreply.github.com>

* add migration script

* add integration tests
2019-04-14 12:43:56 -04:00
Jonas Franz
783cd64927 Add option to disable refresh token invalidation (#6584)
* Add option to disable refresh token invalidation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add integration tests and remove wrong todos

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix typo

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix tests and add documentation

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2019-04-12 15:50:21 +08:00
Mura Li
3186ef554c Support search operators for commits search (#6479)
* Support searching commits with prefix syntax

For now, support auther: committer:
When more than one prefix is supplied is presented, the result is the union.
When different prefixes are supplied, the result is the intersection.

For example,
"author:alice author:bob"
=> the result is all commits authored by Alice OR Bob

"hello committer:alice"
=> the result is all commits committed by Alice AND has the keyword
'hello' in the message.

Note that there should NOT have any space after the colon(:) of the prefix.
For example,
"author:bill" => correct
"author: bill" => wrong

* Remove unneeded logging

* Add missing files of test repository

* Add missing repo_unit entries to test fixtures

* Update test cases

* Add tooltip for commits search button

* Update tooltip text

I have no idea about how to format it with line breaks.

* Make the usage example more real

* Add a test case

* Add new options struct for SearchCommits

* Prefer len(s) > 0 over s != ""

* Add NewSearchCommitsOptions
2019-04-12 10:28:44 +08:00
zeripath
c02c6a144f Fix race in integration testlogger (#6556)
* Fix race in logger

* At testing end drop the reference to the last test.
2019-04-11 19:49:49 +08:00
zeripath
5422f23ed8 Quieter Integration Tests (#6513)
* Rename BaseLogger to WriterLogger to help the creation of other providers

* Don't export ColorBytes and ResetBytes from ColoredValues

* Make integration tests only print logs if they fail

* check can color before coloring

* I always forget about MSSQL

* Oh and use LEVEL in sqlite.ini

* Make the test logger log at info - as it means you see the router

* Remove empty expected changes

* Make the migrations quieter too

* Don't display SQL on error - it can be looked at in the file logs if necessary

* Fix skip when using onGiteaRun
2019-04-07 03:25:14 +03:00
Elias Norberg
bf5af87eef Show last commit status in pull request lists (#6465) 2019-04-02 15:54:29 -04:00
Lunny Xiao
d578b71d61
move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364)
* move code.gitea.io/git to code.gitea.io/gitea/modules/git

* fix imports

* fix fmt

* fix misspell

* remove wrong tests data

* fix unit tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* enable Debug to trace the failure tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* comment commit count tests since git clone depth is 50

* fix tests

* update from code.gitea.io/git

* revert change to makefile
2019-03-27 17:33:00 +08:00
mrsdizzie
d056bf300f Clean up ref name rules (#6437)
* Clean up ref name rules

Clean up checks on reference names to better conform to the guideline
here: https://git-scm.com/docs/git-check-ref-format

This fixes half of #6321

* Update branch create integration test

According to: https://git-scm.com/docs/git-check-ref-format

And: git check-ref-format "master/feature=test1"

This is a valid branch name and we should not be testing for it to fail.
2019-03-26 21:59:48 +02:00
mrsdizzie
ca46385637 Clean up various use of escape/unescape functions for URL generation (#6334)
* Use PathUnescape instead of QueryUnescape when working with branch names

Currently branch names with a '+' fail in certain situations because
QueryUnescape replaces the + character with a blank space.

Using PathUnescape should be better since it is defined as:

// PathUnescape is identical to QueryUnescape except that it does not
// unescape '+' to ' ' (space).

Fixes #6333

* Change error to match new function name

* Add new util function PathEscapeSegments

This function simply runs PathEscape on each segment of a path without
touching the forward slash itself. We want to use this instead of
PathEscape/QueryEscape in most cases because a forward slash is a valid name for a
branch etc... and we don't want that escaped in a URL.

Putting this in new file url.go and also moving a couple similar
functions into that file as well.

* Use EscapePathSegments where appropriate

Replace various uses of EscapePath/EscapeQuery with new
EscapePathSegments. Also remove uncessary uses of various
escape/unescape functions when the text had already been escaped or was
not escaped.

* Reformat comment to make drone build happy

* Remove no longer used url library

* Requested code changes
2019-03-18 10:00:23 -04:00
Lunny Xiao
4a6b011b15 Add test environment for Mysql8 (#5234) 2019-03-17 15:17:18 -04:00
Bogdan Petrea
583968f274 Return 409 when creating repo if it already exists. (#6330) 2019-03-15 10:19:09 -04:00
Jonas Franz
2315019fef Add support for client basic auth for exchanging access tokens (#6293)
* Add support for client basic auth for exchanging access tokens

* Improve error messages

* Fix tests
2019-03-11 10:54:59 +08:00
Jonas Franz
e777c6bdc6 Integrate OAuth2 Provider (#5378) 2019-03-08 11:42:50 -05:00
John Olheiser
d26d249748 Minor UI tweaks (#5980)
* Remove all CommitStatus when a repo is deleted

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Minor UI tweaks (#5782)
Added 'No License' option
Added link and octicon change for external issue trackers
Reset password now notifies right away if the code is invalid

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* More UI tweaks
More info in PR

* Generate stylesheet for arc-green

* Make gofmt work

* Change PR integration since the button is changed

* Rebase

* Generate stylesheet

* UI updates
Made the PR button a "basic" button
Vertically centered the issue checkboxes
Labels will update only once after modal is closed

* Commit to reference related issues
Resolves #5782
Resolves #5861
Addresses original question in #5993

* Change the comment wording since PR button is no longer little and green.

* Revert changes that made Windows work

* Regenerate stylesheet

* Regenerate stylesheets

* make generate-stylesheets

* Update integration again, changed button style

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Added ID to PR button
Changed integration to use the ID to avoid breaking in the future

* Added missing semi-colons

* Added back distinction between issue actions and filters (overlooked it before)
Moved action button over next to other action dropdowns

* Remove extra tab formatting in list.tmpl

* Remove more formatting from GoLand

* Replace hardcoded "No License" with i18n license helper.
2019-02-19 18:09:47 -05:00
Lanre Adelowo
094263db4d Show email if the authenticated user owns the profile page being requested for (#4981)
* Show email if the authenticated user owns the profile page being
requested for.

Also removed `setting.UI.ShowUserEmail` as it's documentation says it
only controls the email setting on the explore page

* fix current user check... This prevents a panic as a user must be signed in before ctx.User is called

* fix panic in tests

* try to fix tests

* Update year

* Test CI fail

* Revert change

* User 3 is not allowed to authorize

* Set user2 email to be private

* Change to user4 in explore page as user2 now has private email option set
2019-02-19 09:11:50 -05:00
Lunny Xiao
f5fa22a499 Fix prohibit login check on authorization (#6106)
* fix bug prohibit login not applied on dashboard

* fix tests

* fix bug user status leak

* fix typo

* return after render
2019-02-19 09:19:28 +02:00
zeripath
2a03e96bce
Allow markdown files to read from the LFS (#5787)
This PR makes it possible for the markdown renderer to render images and media straight from the LFS.

Fix #5746

Signed-off-by: Andrew Thornton [art27@cantab.net](mailto:art27@cantab.net)
2019-02-12 15:09:43 +00:00
Lunny Xiao
01bbf5ea69 Add API to list tags (#5850)
* Add API to list tags

* update dependency gitea sdk vendor

* fix swagger generation

* fix swagger

* add tests

* update code.gitea.io/git vendor
2019-02-07 12:00:52 +00:00
Lunny Xiao
2d213b64d1 use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976)
* use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines

* fix tests and add comment head
2019-02-07 02:13:12 -05:00
Gabriel Silva Simões
3b7f41f9f7 Fix serving of raw wiki files other than .md (#5814)
* Fix serving of raw wiki files other than .md

Closes #4690.
Closes #4395.

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Simplify code at routers/repo/wiki.go

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add more files to user2/repo1.wiki for testing

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Update macaron to v1.3.2

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add tests for WikiRaw

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Fix NewResponseWriter usage due to macaron update

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add raw to reserved wiki names

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
2019-02-05 20:58:55 -05:00
zeripath
01c10a951b
Fix ssh deploy and user key constraints (#1357) (#5939)
1. A key can either be an ssh user key or a deploy key. It cannot be both.
2. If a key is a user key - it can only be associated with one user.
3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different.
4. If a repository is deleted, its deploy keys must be deleted too.

We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints:

- [x] You should not be able to add the same user key as another user
- [x] You should not be able to add a ssh user key which is being used as a deploy key
- [x] You should not be able to add a ssh deploy key which is being used as a user key
- [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode.
- [x] If you delete a repository you must delete all its deploy keys.

Fix #1357
2019-02-03 23:56:53 +00:00
zeripath
13c0f7dfff
Fix notifications on pushing with deploy keys by setting hook environment variables (#5935)
The gitea prerecieve and postrecieve hooks and the gitea PushUpdate function require that the PusherID and PusherName are real users. Previously, these environment variables were not being set when using a deploy key - the main result being that pushing to empty repositories meant that is_empty status was not changed.

I've also added an integration test to ensure that the is_empty status is updated on pushing with a deploy key.

There is a slight issue in that the deploy key is now considered a proxy for the owner - we don't have a way of separating out the deploy key from the owner at present. This can be fixed in another PR.

Fix #3795 

Signed-off-by: Andrew Thornton art27@cantab.net
2019-02-03 14:00:48 +00:00
Lunny Xiao
ecefa9e724 Add single commit API support (#5843)
* add single commit API support
2019-02-02 22:35:17 -05:00
zeripath
3d91bb2f2d Make log mailer for testing (#5893)
* Create log mailer for testing email settings

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Switch on the log mailer for the integration tests

This ensures that the sending mail process works

Signed-off-by: Andrew Thornton <art27@cantab.net>

* rename the from user for mysql/mssql

* rename log sender to dummy sender

* update the integration tests
2019-02-02 21:06:52 -05:00
Lauris BH
fada6968a8 Fix new release creation API to allow empty target (#5870)
* Fix new release creation API to allow empty target

* Add more test cases

* Update swagger
2019-01-30 11:33:00 -05:00
zeripath
8917d66571 Add migration test (#5773)
* Add migration test

This commit adds a simple migration test for v1.5.3, v1.6.4 and v1.7.0-rc3

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Automigrate based on available dbs

* remove old ini file

* Standardise the dialect names
2019-01-28 11:18:52 -05:00
Gabriel Silva Simões
5f4a40c4a3 Revert #3711 overwrite of only show "No Description" to repo admins #2167 (#5836)
Revert #3711 overwrite of only show "No Description" to repo admins  #2167 and add tests to prevent accidental overwrite again.
2019-01-27 21:13:15 +00:00
zeripath
44371b96f5 Ensure valid git author names passed in signatures (#5774)
* Ensure valid git author names passed in signatures

Fix #5772 - Git author names are not allowed to include `\n` `<` or `>` and
must not be empty. Ensure that the name passed in a signature is valid.

* Account for pathologically named external users

LDAP and the like usernames are not checked in the same way that users who signup are.
Therefore just ensure that user names are also git safe and if totally pathological -
Set them to "user-$UID"

* Add Tests and adjust test users

Make our testcases a little more pathological so that we be sure that integration
tests have a chance to spot these cases.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-24 16:12:17 +02:00
zeripath
7d434376f1 Pooled and buffered gzip implementation (#5722)
* Pooled and buffered gzip implementation

* Add test for gzip

* Add integration test

* Ensure lfs check within transaction

The previous code made it possible for a race condition to occur whereby a LFSMetaObject could be checked into the database twice. We should check if the LFSMetaObject is within the database and insert it if not in one transaction.

* Try to avoid primary key problem in postgres

The integration tests are being affected by
https://github.com/go-testfixtures/testfixtures/issues/39 if we set the
primary key high enough, keep a count of this and remove at the end of
each test we shouldn't be affected by this.
2019-01-23 10:56:51 +02:00
zeripath
07802a2bc5 Refactor repo.isBare to repo.isEmpty #5629 (#5714)
* Refactor repo.isBare to repo.isEmpty #5629

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove Sync call
2019-01-17 19:01:04 -05:00
Julian
4a685f8b87 Add rebase with merge commit merge style (#3844) (#4052)
Signed-off-by: Julian Tölle <julian.toelle97@gmail.com>
2018-12-27 12:27:08 +02:00
Mura Li
9a33798b30 Fix type mismatch of format string (#5574) 2018-12-21 11:13:31 -05:00
Lunny Xiao
7fd34c0517
fix lfs version check warning log when using ssh protocol (#5501) 2018-12-19 09:17:43 +08:00
kolaente
6db7dbd333 Added test environment for mssql (#4282)
* Added test environment for m$sql

* Added template for test environment for m$sql

* Fix password

* Fix password (again)

* Fix password (again again)

* Fix db

* Ci trigger (Looking at you drone....)

* Ci trigger (Looking at you drone....)

* Ci trigger (Looking at you drone....)

* Ci trigger (Looking at you drone....)

* Create master database for mssql integration tests

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Create database only if master do not exist

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix mssql integration tests by using custom database "gitea"

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Moved defer

* bump xorm

* updated xorm

* Fixed build
2018-12-12 09:01:41 +08:00
Lunny Xiao
da5a0b8382
add tests for api user orgs (#5494)
* add tests for api user orgs

* add permission for admin to list user's orgs even he is a private user of org
2018-12-09 10:19:50 +08:00
Lunny Xiao
eabbddcd98
Restrict permission check on repositories and fix some problems (#5314)
* fix units permission problems

* fix some bugs and merge LoadUnits to repoAssignment

* refactor permission struct and add some copyright heads

* remove unused codes

* fix routes units check

* improve permission check

* add unit tests for permission

* fix typo

* fix tests

* fix some routes

* fix api permission check

* improve permission check

* fix some permission check

* fix tests

* fix tests

* improve some permission check

* fix some permission check

* refactor AccessLevel

* fix bug

* fix tests

* fix tests

* fix tests

* fix AccessLevel

* rename CanAccess

* fix tests

* fix comment

* fix bug

* add missing unit for test repos

* fix bug

* rename some functions

* fix routes check
2018-11-28 19:26:14 +08:00
Lauris BH
08bf443016 Implement git refs API for listing references (branches, tags and other) (#5354)
* Inital routes to git refs api

* Git refs API implementation

* Update swagger

* Fix copyright

* Make swagger happy add basic test

* Fix test

* Fix test again :)
2018-11-27 16:52:20 -05:00
Daniel Balko
3379141d81 API: '/orgs/:org/repos': return private repos with read access (#5310) (#3829) (#5383)
Signed-off-by: Daniel Balko <inxonic+github@gmail.com>
2018-11-23 16:23:27 -05:00
Lunny Xiao
8ef177f8c5 add api for user to create org (#5268)
* add api for user to create org

* remove unused blank line on the swagger file end

* fix create and add test

* fix tests

* fix routes of create org API

* fix bug

* add copyright heads
2018-11-20 12:31:30 -05:00
Peter Hoffmann
e08c7e521b Add raw blob endpoint to get objects by SHA ID (#5334)
* Add raw blob endpoint

This should make it possible to download raw blobs directly from
/:repo/:username/raw/blob/:sha1 URLs.

* fix: Make it work

* As an SHA-ID is no path getRefNameFromPath can't be used to verify
file specifying parameter
* added relevant change in go-gitea/git #132

Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>

* Update Gopkg.lock

Can't update all vendors due to errors

Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>

* style: Add Gitea copyright header

* feat: Added integration test for /repo/u/r/raw/blob

* fix: correct year in copyright header
2018-11-18 13:45:40 -05:00
zeripath
7096085f2b Fix #5226 by adding CSRF checking to api reqToken and add CSRF to the POST header for deadline (#5250)
* Add CSRF checking to reqToken and place CSRF in the post for deadline creation

Fixes #5226, #5249

* /api/v1/admin/users routes should have reqToken middleware
2018-11-03 21:15:55 -04:00
zeripath
00533d3870 Keys API changes (#4960)
* Add private information to the deploy keys api

This commit adds more information to the deploy keys to allow for back
reference in to the main keys list. It also adds information about the
repository that the key is referring to.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add private information to the user keys API

This adjusts the keys API to give out private information to user keys if
the current user is the owner or an admin.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add ability to search keys by fingerprint

This commit adds the functionality to search ssh-keys by fingerprint of
the ssh-key. Deploy keys per repository can also be searched. There is
no current clear API point to allow search of all deploy keys by
fingerprint or keyID.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add integration test
2018-10-31 23:40:49 -04:00
Jerry Jacobs
22ad514297 Fix issue where ecdsa and other key types are not synced from LDAP (#5092) (#5094)
* Fix issue where ecdsa and other key types are not synced from LDAP authentication provider fixes #5092

* integrations/auth_ldap_test.go: Add Hermes Conrad new ecdsa-sha2-nistp256 publickey fingerprint

* integrations/auth_ldap_test.go: Use ssh-keygen -lf <filename> -E sha256
2018-10-30 20:08:30 -04:00
kolaente
6759237eda User action heatmap (#5131)
* Added basic heatmap data

* Added extra case for sqlite

* Built basic heatmap into user profile

* Get contribution data from api & styling

* Fixed lint & added extra group by statements for all database types

* generated swagger spec

* generated swagger spec

* generated swagger spec

* fixed swagger spec

* fmt

* Added tests

* Added setting to enable/disable user heatmap

* Added locale for loading text

* Removed UseTiDB

* Updated librejs & moment.js

* Fixed import order

* Fixed heatmap in postgresql

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-Authored-By: kolaente <konrad@kola-entertainments.de>

* Added copyright header

* Fixed a bug to show the heatmap for the actual user instead of the currently logged in

* Added integration test for heatmaps

* Added a heatmap on the dashboard

* Fixed timestamp parsing

* Hide heatmap on mobile

* optimized postgresql group by query

* Improved sqlite group by statement
2018-10-23 10:57:42 +08:00
BetaCat
4090204944 CN translation of README (#5050) 2018-10-15 12:13:21 +08:00
Bo-Yi Wu
ea20adaa84
feat(repo): support search repository by topic name (#4505)
* feat(repo): support search repository by topic name
2018-09-13 10:33:48 +08:00
B-OnTheGo
e47df0b301 Enforce token on api routes [fixed critical security issue #4357] (#4840) 2018-09-10 12:15:52 -04:00
zeripath
d293a2b9d6 Add sudo functionality to the API (#4809) 2018-09-06 23:31:29 -04:00
SagePtr
bf55276189 Fix redirect with non-ascii branch names (#4764) (#4810)
* Fix redirect with non-ascii branch names (#4764)

* Add integration tests for non-ascii branch redirect

* Fix mysql test and coverage test
2018-09-06 21:37:02 -04:00
Julien Tant
7781e8cef2 Disable merging a WIP Pull request (#4529)
* prevent pull request to be merged when PR is a WIP

* add tests

* add helper to prepend WIP: in PR title

* move default wip prefixes into settings

* use configurable WIP prefixes in javascript and default to first one in templates

* add documentation

* add unit test on pull model

Signed-off-by: Julien Tant <julien@craftyx.fr>
2018-08-13 22:04:39 +03:00
techknowlogick
ab55ca7ebd
Add ability to delete a token (#4235)
Fix #4234
2018-07-06 21:54:30 -04:00
Lauris BH
69e2ab1611 Allow administrator to create repository for any organization (#4368) 2018-07-05 01:51:02 +02:00
Lauris BH
4a8ee0b5cc
Check that repositories can only be migrated to own user or organizations (#4366)
* Repositories can only migrated to own user or organizations

* Add check for organization that user does not belong to

* Allow admin to migrate repositories for other users
2018-07-05 01:45:15 +03:00
David Schneiderbauer
0b3ea42847 hide issues from org private repos w/o team assignment (#4034) 2018-06-21 12:00:13 -04:00
David Schneiderbauer
adba2ad609 fix not respecting landing page setting (#4209)
* fix not respecting landing page setting

* fmt

* add landing page test
2018-06-15 11:42:46 +08:00
Alexey Terentyev
7b773bd49f Fixed drone command in readme (#4222)
Signed-off-by: Alexey Terentyev <axifnx@gmail.com>
2018-06-12 13:34:56 +03:00
Magnus Lindvall
cdb9478774 LDAP Public SSH Keys synchronization (#1844)
* Add LDAP Key Synchronization feature

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Add migration: add login source id column for public_key table

* Only update keys if needed

* Add function to only list pubkey synchronized from ldap

* Only list pub ssh keys synchronized from ldap. Do not sort strings as ExistsInSlice does it.

* Only get keys belonging to current login source id

* Set default login source id to 0

* Some minor cleanup. Add integration tests (updete dep testify)
2018-05-24 07:59:02 +03:00
David Schneiderbauer
099372d76c Refactor User Settings (#3900)
* moved avatar to profile page

* combined password change, email and account deletion into account settings page

* combined totp, access tokens, linked accounts and openid into security settings page

* move access tokens to applications settings page

* small change to restart drone build

* fix change avatar url on profile page

* redirect old settings urls to new ones

* enforce only one autofocus attribute on settings pages

* set correct redirect status code

* fmt fix
2018-05-15 13:07:32 +03:00
Lauris BH
ff3971b830 Add LDAP integration tests (#3897)
* Add LDAP service for tests

* Add LDAP login source and test user sign-in

* Add checks to test if user data is correct

* Add LDAP user sync test

* Add failed user sign-in test
2018-05-11 15:55:32 +08:00
kolaente
1fdf560678 Added user language setting (#3875)
* Added user language setting

* Added translation string for setting

* Fixed import order + typo

* improved checking if the user has a language saved in the db

* The current saved language is now set a default inside the dropdown

* fmt

* When a user signs in and doesn't have a language saved, the current browser language is saved

* updated gitea-sdk

* Merge branch 'master' of https://github.com/go-gitea/gitea into save-user-language

# Conflicts:
#	models/migrations/migrations.go
#	models/migrations/v62.go

* Made tests work again

* trigger CI

* trigger CI

* fmt

* re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO

* re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO

* When loggin in, only the language col gets updated instead of everything
2018-05-05 08:28:30 +08:00
Tris Forster
85d14cc229 Symlink icons (#1416) (#3826)
* Updated vendor code for code.gitea.io/git

* Display symlinks correctly for files and directories

* Added symlink tests

* Applied silverwinds stylesheet patch

Signed-off-by: Tris Forster <tris.git@shoddynet.org>
2018-05-01 10:04:36 +03:00
bugreport0
bac6d05e78 Improve English grammar and consistency. (#3614)
* Start improving English grammar and consistency.

* Apply review comments, push translation further.

* Additional review changes; expand translation.

* Undo team/organization change, further translation.

* Add site administration; review comments; merge.

* Update hardcoded branch protection string tests.

* Update hardcoded branch deletion string test.

* Update another hardcoded translation string test.

* Add my nickname to the list of translators.

* Implement @lafriks review comments.

* Remove (now) unused branch deletion warnings.

* Remove (now) unused branch deletion warnings.
2018-04-19 17:24:31 +03:00
bugreport0
521945a2d2 Fix missing translations when updating username. (#3564)
* Fix missing translations when updating username.

* Fix reserved username translated string test.

* Fix 'username reserved' string test a bit more.
2018-02-25 15:56:25 +02:00
Lauris BH
ae30315a62
Fix escaping changed title in comments (#3530)
* Fix escaping changed title in comments

* Fix escaping of wiki page titile

Signed-off-by: Lauris Bukšis-Haberkorns <lauris@nix.lv>
2018-02-18 22:06:37 +02:00
Ethan Koenig
a2648281a0 Improvements to git integration test (#3466) 2018-02-06 11:27:24 +02:00
Antoine GIRARD
36a94da8da doc: Improve integrations examples (#3416) 2018-01-27 20:52:41 +02:00
Antoine GIRARD
9e842c8a72 Fix SSH auth lfs locks (#3152)
* Fix SSH auth LFS locks

* Activate SSH/lock test

* Remove debug

* Follow @lunny recommendation for AfterLoad method
2018-01-27 18:48:15 +02:00
Antoine GIRARD
095fb9f2e3 Add integrations tests from git cli (#3377)
* test: integration add git cli tests

Extracted form for easing review process and debug #3152

* test: integration add git cli big file commit

* fix:  Don't rewrite key if internal server
2018-01-16 13:07:47 +02:00
Marc Brückner
695b10bedd Fix API-Endpoint release (#3012)
* Fixes API-Endpoint release (#3005)

* Using context.ReferencesGitRepo(); doing the same in the PATCH route.

* Add release create, get and update test
2018-01-16 10:54:13 +02:00
Lauris BH
be1330ec89 Remove hardcoded paths to fix randomly failing tests (#3347)
* Remove hardcoded paths to fix randomly failing tests

* Use correct function for merge path
2018-01-11 00:46:59 +01:00
Lauris BH
d8dff304c0
Fix randomly failing LFS lock tests in drone (#3346) 2018-01-11 00:09:56 +02:00
Sandro Santilli
f2b841d0ec Add some instructions about running integration tests (#3319)
* Add some instructions about running integration tests

* Add missing newline escape

* Suggest running a clean build
2018-01-08 18:29:52 +02:00
Sandro Santilli
44053532bb Serve .patch for pull requests (#3305)
* Serve .patch for pull requests

Closes #3259
Updates "git" module, for GetFormatPatch

* Handle io.Copy error
2018-01-07 15:10:20 +02:00
Vlad Temian
e78786ef39 Writable deploy keys (closes #671) (#3225)
* Add is_writable checkbox to deploy keys interface

* Add writable key option to deploy key form

* Add support for writable ssh keys in the interface

* Rename IsWritable to ReadOnly

* Test: create read-only and read-write deploy keys via api

* Add DeployKey access mode migration

* Update gitea sdk via govendor

* Fix deploykey migration

* Add unittests for writable deploy keys

* Move template text to locale

* Remove implicit column update

* Remove duplicate locales

* Replace ReadOnly field with IsReadOnly method

* Fix deploy_keys related integration test

* Rename v54 migration with v55

* Fix migration hell
2018-01-07 00:55:53 +02:00
Lauris BH
8ac1501ad7
Add Pull Request merge options - Ignore white-space for conflict checking, Rebase, Squash merge (#3188)
* Pull request options migration and UI in settings

* Add ignore whitespace functionality

* Fix settings if pull requests are disabled

* Fix migration transaction

* Merge with Rebase functionality

* UI changes and related functionality for pull request merging button

* Implement squash functionality

* Fix rebase merging

* Fix pull request merge tests

* Add squash and rebase tests

* Fix API method to reuse default message functions

* Some refactoring and small fixes

* Remove more hardcoded values from tests

* Remove unneeded check from API method

* Fix variable name and comment typo

* Fix reset commit count after PR merge
2018-01-05 20:56:50 +02:00
Sandro Santilli
a192f3052e Serve pull request .diff files (#3293)
* Serve pull request .diff files

Closes #3259

* Add test for pull request redirection and .diff access

* Typo

* There's no need to test for pr.BaseRepo being nil after calling GetBaseRepo
2018-01-05 12:56:52 +02:00
Morgan Bazalgette
3d3faa2624 Responsive view (#2750)
* Viewport meta tag

* responsive: dashboard

* responsive: issues page

* responsive: Explore page

* responsive: navbar, and some navbar css refactoring

* responsive: button for collapsing navbar in mobile view

* Mark the hamburger button as active when pressed

* better homepage for responsive views

* Bring back jump class in navbar

The class was necessary, because this way the
dropdown doesn't assume the contents of the
selected item.

* make repository homes responsive

* Make file view page responsive

* Make forms look good on responsive views

* make commits and commit diff view responsive

* issues and PRs

* responsive wiki

* Don't place auto-init far off the page

* Minor changes to amend broken stuff

minor improvements

- make login/sign up in navbar stackable
- make navbar in explore and sign in not stackable

Change selected class in TestPullCompare

Fix typo that happened when rebasing

fix dashboard on org view

improve profile UI

Use clearing on file diff to fix broken UI caused by floating elements

remove unresolved merge conflict, and | Sanitize

Fix repo home not loading
2017-12-30 18:47:52 -06:00