Commit graph

867 commits

Author SHA1 Message Date
zeripath
5d2e11eedb
Refactor: Move login out of models (#16199)
`models` does far too much. In particular it handles all `UserSignin`.

It shouldn't be responsible for calling LDAP, SMTP or PAM for signing in.

Therefore we should move this code out of `models`.

This code has to depend on `models` - therefore it belongs in `services`.

There is a package in `services` called `auth` and clearly this functionality belongs in there.

Plan:

- [x] Change `auth.Auth` to `auth.Method` - as they represent methods of authentication.
- [x] Move `models.UserSignIn` into `auth`
- [x] Move `models.ExternalUserLogin`
- [x] Move most of the `LoginVia*` methods to `auth` or subpackages
- [x] Move Resynchronize functionality to `auth`
  - Involved some restructuring of `models/ssh_key.go` to reduce the size of this massive file and simplify its files.
- [x] Move the rest of the LDAP functionality in to the ldap subpackage
- [x] Re-factor the login sources to express an interfaces `auth.Source`?
  - I've done this through some smaller interfaces Authenticator and Synchronizable - which would allow us to extend things in future
- [x] Now LDAP is out of models - need to think about modules/auth/ldap and I think all of that functionality might just be moveable
- [x] Similarly a lot Oauth2 functionality need not be in models too and should be moved to services/auth/source/oauth2
  - [x] modules/auth/oauth2/oauth2.go uses xorm... This is naughty - probably need to move this into models.
  - [x] models/oauth2.go - mostly should be in modules/auth/oauth2 or services/auth/source/oauth2 
- [x] More simplifications of login_source.go may need to be done
- Allow wiring in of notify registration -  *this can now easily be done - but I think we should do it in another PR*  - see #16178 
- More refactors...?
  - OpenID should probably become an auth Method but I think that can be left for another PR
  - Methods should also probably be cleaned up  - again another PR I think.
  - SSPI still needs more refactors.* Rename auth.Auth auth.Method
* Restructure ssh_key.go

- move functions from models/user.go that relate to ssh_key to ssh_key
- split ssh_key.go to try create clearer function domains for allow for
future refactors here.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-07-24 11:16:34 +01:00
zeripath
33a8eec33e
Retry rename on lock induced failures (#16435)
* Retry rename on lock induced failures

Due to external locking on Windows it is possible for an
os.Rename to fail if the files or directories are being
used elsewhere.

This PR simply suggests retrying the rename again similar
to how we handle the os.Remove problems.

Fix #16427

Signed-off-by: Andrew Thornton <art27@cantab.net>

* resolve CI fail

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-07-15 11:46:07 -04:00
zeripath
3dcb3e9073
Second attempt at preventing zombies (#16326)
* Second attempt at preventing zombies

* Ensure that the pipes are closed in ssh.go
* Ensure that a cancellable context is passed up in cmd/* http requests
* Make cmd.fail return properly so defers are obeyed
* Ensure that something is sent to stdout in case of blocks here

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint 2

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint 3

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fixup

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-07-14 10:43:13 -04:00
Stanley Hu
3dba75fb97
Support HTTP/2 in Let's Encrypt (#16371)
Modify the tlsConfig.NextProtos for Let's Encrypt and built-in HTTPS server in order to support HTTP/2.

Co-authored-by: 6543 <6543@obermui.de>
2021-07-13 18:17:46 +01:00
luzpaz
e0296b6a6d
Fix various documentation, user-facing, and source comment typos (#16367)
* Fix various doc, user-facing, and source comment typos

Found via `codespell -q 3 -S ./options/locale,./vendor -L ba,pullrequest,pullrequests,readby`
2021-07-08 13:38:13 +02:00
zeripath
302e8b6d02
Prevent zombie processes (#16314)
Unfortunately go doesn't always ensure that execd processes are completely
waited for. On linux this means that zombie processes can occur.

This PR ensures that these are waited for by using signal notifier in serv and
passing a context elsewhere.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-06-30 22:07:23 +02:00
zeripath
35f37a3625
Add --quiet and --verbose to gitea web to control initial logging (#16260)
One of the repeatedly reported issues has been that gitea produces too much console
logging during set up even if the console logger is turned off.

Fundamentally this is due to some otherwise very helpful logging that has to occur
before logging is set up. This has come to a head with the merging of #16243 where
otherwise potentially helpful Trace logging in the git module now appears on the
console.

This PR proposes three things:

1. Change the initial default logger to Info not Trace.
2. Change the logging for the AppPath things to Info in recompense.
3. Add two new command line options to gitea web: --quiet and --verbose

`gitea web -q` or `gitea web --quiet` will only log Fatal level initially.
`gitea web -verbose` will log at Trace.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-06-26 20:56:58 -04:00
KN4CK3R
44b8b07631
Add tag protection (#15629)
* Added tag protection in hook.

* Prevent UI tag creation if protected.

* Added settings page.

* Added tests.

* Added suggestions.

* Moved tests.

* Use individual errors.

* Removed unneeded methods.

* Switched delete selector.

* Changed method names.

* No reason to be unique.

* Allow editing of protected tags.

* Removed unique key from migration.

* Added docs page.

* Changed date.

* Respond with 404 to not found tags.

* Replaced glob with regex pattern.

* Added support for glob and regex pattern.

* Updated documentation.

* Changed white* to allow*.

* Fixed edit button link.

* Added cancel button.

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-06-25 16:28:55 +02:00
KN4CK3R
383ffcfa34
Small refactoring of modules/private (#15947)
* Use correct variable name.

* doer is never nil here.

* Use status code constants.

* Replaced generic map with concrete struct.

* Fixed windows lint.

* Removed unused method.

* Changed error codes.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-06-23 15:38:19 -04:00
KN4CK3R
29695cd6d5
Add asymmetric JWT signing (#16010)
* Added asymmetric token signing.

* Load signing key from settings.

* Added optional kid parameter.

* Updated documentation.

* Add "kid" to token header.
2021-06-17 23:56:46 +02:00
Lunny Xiao
1bfb0a24d8
Refactor routers directory (#15800)
* refactor routers directory

* move func used for web and api to common

* make corsHandler a function to prohibit side efects

* rm unused func

Co-authored-by: 6543 <6543@obermui.de>
2021-06-09 01:33:54 +02:00
KN4CK3R
efe77eec85
Unified custom config creation (#16012)
* Unified custom config creation.

* Fixed log message.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-05-29 19:44:14 +01:00
a1012112796
fec8324026
add a new internal hook to save ssh log (#15787)
* add a new internal hook to save ssh log

as title, when a ssh error ocure like #15785.
only when switch ``RUN_MODE`` to dev can we
found which error is ocure. But this way is
not a good idea for production envirment.

this changes try save ssh error mesage to the
log file like other log by a new internal hook.
I think it's usefull for find error message
in production envirment. Thanks.

Signed-off-by: a1012112796 <1012112796@qq.com>

* rename and fix nit

* Update modules/private/hook.go

Co-authored-by: silverwind <me@silverwind.io>

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-05-21 17:37:16 -04:00
Naohisa Murakami
9f19c2b8cc
Fix error message when saving generated LOCAL_ROOT_URL config (#15880) 2021-05-15 11:23:21 +01:00
Blake Miner
e2f39c2b64
Fix bound address/port for caddy's certmagic library (see #15848) (#15859) 2021-05-14 15:39:10 +01:00
Blake Miner
6a8e5f69cf
Fix bound address/port for caddy's certmagic library (#15758)
* Fix bound address/port for caddy's certmagic library

* Fix bug

Co-authored-by: zeripath <art27@cantab.net>
2021-05-12 20:58:55 +01:00
Lunny Xiao
e5723d6556
Move restore repo to internal router and invoke from command to avoid open the same db file or queues files (#15790)
* Move restore repo to internal router and invoke from command to avoid open the same db file or queues files

* Follow @zeripath's review

* set no timeout for resotre repo private request

* make restore repo cancelable
2021-05-10 15:57:45 +08:00
6543
8ea1d32bea
[Vendor] update certmagic (#15590)
* update github.com/caddyserver/certmagic v0.12.0 -> v0.13.0

* migrate
2021-04-22 22:42:33 +02:00
Lunny Xiao
e7fc078891
Fix missing storage init (#15589) 2021-04-22 18:48:47 +02:00
Johan Van de Wauw
6d2866f20c
dump: Add option to skip LFS/attachment files (#15407)
* Add option to skip dumping LFS/attachment files

* Fix fmt issues

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-04-12 17:33:32 +08:00
zeripath
9d2c251214
Move FCGI req.URL.Path fix-up to the FCGI listener (#15292)
Simplify the web.go FCGI path by moving the req.URL.Path fix-up to listener

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
2021-04-09 21:17:57 +08:00
6543
9c4601bdf8
Code Formats, Nits & Unused Func/Var deletions (#15286)
* _ to unused func options

* rm useless brakets

* rm trifial non used models functions

* rm dead code

* rm dead global vars

* fix routers/api/v1/repo/issue.go

* dont overload import module
2021-04-09 09:40:34 +02:00
KN4CK3R
c03e488e14
Add LFS Migration and Mirror (#14726)
* Implemented LFS client.

* Implemented scanning for pointer files.

* Implemented downloading of lfs files.

* Moved model-dependent code into services.

* Removed models dependency. Added TryReadPointerFromBuffer.

* Migrated code from service to module.

* Centralised storage creation.

* Removed dependency from models.

* Moved ContentStore into modules.

* Share structs between server and client.

* Moved method to services.

* Implemented lfs download on clone.

* Implemented LFS sync on clone and mirror update.

* Added form fields.

* Updated templates.

* Fixed condition.

* Use alternate endpoint.

* Added missing methods.

* Fixed typo and make linter happy.

* Detached pointer parser from gogit dependency.

* Fixed TestGetLFSRange test.

* Added context to support cancellation.

* Use ReadFull to probably read more data.

* Removed duplicated code from models.

* Moved scan implementation into pointer_scanner_nogogit.

* Changed method name.

* Added comments.

* Added more/specific log/error messages.

* Embedded lfs.Pointer into models.LFSMetaObject.

* Moved code from models to module.

* Moved code from models to module.

* Moved code from models to module.

* Reduced pointer usage.

* Embedded type.

* Use promoted fields.

* Fixed unexpected eof.

* Added unit tests.

* Implemented migration of local file paths.

* Show an error on invalid LFS endpoints.

* Hide settings if not used.

* Added LFS info to mirror struct.

* Fixed comment.

* Check LFS endpoint.

* Manage LFS settings from mirror page.

* Fixed selector.

* Adjusted selector.

* Added more tests.

* Added local filesystem migration test.

* Fixed typo.

* Reset settings.

* Added special windows path handling.

* Added unit test for HTTPClient.

* Added unit test for BasicTransferAdapter.

* Moved into util package.

* Test if LFS endpoint is allowed.

* Added support for git://

* Just use a static placeholder as the displayed url may be invalid.

* Reverted to original code.

* Added "Advanced Settings".

* Updated wording.

* Added discovery info link.

* Implemented suggestion.

* Fixed missing format parameter.

* Added Pointer.IsValid().

* Always remove model on error.

* Added suggestions.

* Use channel instead of array.

* Update routers/repo/migrate.go

* fmt

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2021-04-08 18:25:57 -04:00
zeripath
c03f530212
Make internal SSH server host key path configurable (#14918)
* Make SSH server host key path configurable

* make it possible to have multiple keys

* Make gitea.rsa the default key

* Add some more logging

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-08 03:43:59 +01:00
zeripath
f0e15250b9
Migrate to use jsoniter instead of encoding/json (#14841)
* Migrate to use jsoniter

* fix tests

* update gitea.com/go-chi/binding

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-03-01 22:08:10 +01:00
zeripath
3477e616ab
Exclude the current dump file from the dump (#14606)
* Exclude the current dump file from the dump

Always prevent the current file from being added to the dump.

Fix #13618

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add skip custom directory option

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
2021-02-08 09:00:12 +08:00
Lunny Xiao
6433ba0ec3
Move macaron to chi (#14293)
Use [chi](https://github.com/go-chi/chi) instead of the forked [macaron](https://gitea.com/macaron/macaron). Since macaron and chi have conflicts with session share, this big PR becomes a have-to thing. According my previous idea, we can replace macaron step by step but I'm wrong. :( Below is a list of big changes on this PR.

- [x] Define `context.ResponseWriter` interface with an implementation `context.Response`.
- [x] Use chi instead of macaron, and also a customize `Route` to wrap chi so that the router usage is similar as before.
- [x] Create different routers for `web`, `api`, `internal` and `install` so that the codes will be more clear and no magic .
- [x] Use https://github.com/unrolled/render instead of macaron's internal render
- [x] Use https://github.com/NYTimes/gziphandler instead of https://gitea.com/macaron/gzip
- [x] Use https://gitea.com/go-chi/session which is a modified version of https://gitea.com/macaron/session and removed `nodb` support since it will not be maintained. **BREAK**
- [x] Use https://gitea.com/go-chi/captcha which is a modified version of https://gitea.com/macaron/captcha
- [x] Use https://gitea.com/go-chi/cache which is a modified version of https://gitea.com/macaron/cache
- [x] Use https://gitea.com/go-chi/binding which is a modified version of https://gitea.com/macaron/binding
- [x] Use https://github.com/go-chi/cors instead of https://gitea.com/macaron/cors
- [x] Dropped https://gitea.com/macaron/i18n and make a new one in `code.gitea.io/gitea/modules/translation`
- [x] Move validation form structs from `code.gitea.io/gitea/modules/auth` to `code.gitea.io/gitea/modules/forms` to avoid dependency cycle.
- [x] Removed macaron log service because it's not need any more. **BREAK**
- [x] All form structs have to be get by `web.GetForm(ctx)` in the route function but not as a function parameter on routes definition.
- [x] Move Git HTTP protocol implementation to use routers directly.
- [x] Fix the problem that chi routes don't support trailing slash but macaron did.
- [x] `/api/v1/swagger` now will be redirect to `/api/swagger` but not render directly so that `APIContext` will not create a html render. 

Notices:
- Chi router don't support request with trailing slash
- Integration test `TestUserHeatmap` maybe mysql version related. It's failed on my macOS(mysql 5.7.29 installed via brew) but succeed on CI.

Co-authored-by: 6543 <6543@obermui.de>
2021-01-26 16:36:53 +01:00
techknowlogick
d2ea21d0d8
Use caddy's certmagic library for extensible/robust ACME handling (#14177)
* use certmagic for more extensible/robust ACME cert handling

* accept TOS based on config option

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-01-25 01:37:35 +02:00
Lunny Xiao
84b147c7f0
Use IsProd instead of testing if it's equal. (#14336)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2021-01-14 23:17:03 +02:00
6543
74a0481586
[Refactor] Passwort Hash/Set (#14282)
* move SaltGeneration into HashPasswort and rename it to what it does

* Migration: Where Password is Valid with Empty String delete it

* prohibit empty password hash

* let SetPassword("") unset pwd stuff
2021-01-10 20:05:18 +02:00
Daniil Pankratov
3175d08626
CLI support for OAuth sources custom icons (#14166)
Co-authored-by: Daniil Pankratov <daniil.pankratov@t-systems.com>
2020-12-28 09:39:12 +01:00
Lunny Xiao
dd08853b10
Dump github/gitlab/gitea repository data to a local directory and restore to gitea (#12244)
* Dump github/gitlab repository data to a local directory

* Fix lint

* Adjust directory structure

* Allow migration special units

* Allow migration ignore release assets

* Fix lint

* Add restore repository

* stage the changes

* Merge

* Fix lint

* Update the interface

* Add some restore methods

* Finish restore

* Add comments

* Fix restore

* Add a token flag

* Fix bug

* Fix test

* Fix test

* Fix bug

* Fix bug

* Fix lint

* Fix restore

* refactor downloader

* fmt

* Fix bug isEnd detection on getIssues

* Refactor maxPerPage

* Remove unused codes

* Remove unused codes

* Fix bug

* Fix restore

* Fix dump

* Uploader should not depend downloader

* use release attachment name but not id

* Fix restore bug

* Fix lint

* Fix restore bug

* Add a method of DownloadFunc for base.Release to make uploader not depend on downloader

* fix Release yml marshal

* Fix trace information

* Fix bug when dump & restore

* Save relative path on yml file

* Fix bug

* Use relative path

* Update docs

* Use git service string but not int

* Recognize clone addr to service type
2020-12-27 11:34:19 +08:00
6543
a19447aed1
migrate from com.* to alternatives (#14103)
* remove github.com/unknwon/com from models

* dont use "com.ToStr()"

* replace "com.ToStr" with "fmt.Sprint" where its easy to do

* more refactor

* fix test

* just "proxy" Copy func for now

* as per @lunny
2020-12-25 11:59:32 +02:00
zeripath
5e09de174c
fix label of --id in admin delete user (#14005)
* fix label of --id in admin delete user

This pr fixes the label descriptor of `gitea admin delete user`
but also adds a `--username` option.

Fix #13995

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix-spacing

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add delete email support

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-12-17 02:57:32 -05:00
zeripath
287b594803
Whenever the password is updated ensure that the hash algorithm is too (#13966)
`user.HashPassword` may potentially - and in fact now likely does - change
the `passwd_hash_algo` therefore whenever the `passwd` is updated, this
also needs to be updated.

Fix #13832

Thanks @fblaese for the hint

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-12-12 19:59:49 +01:00
zeripath
4569339a4b
Refactor doctor (#12264)
* Refactor Logger

Refactor Logger to make a logger interface and make it possible to
wrap loggers for specific purposes.

* Refactor Doctor

    Move the gitea doctor functions into its own module.
    Use a logger for its messages instead of returning a results string[]

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update modules/doctor/misc.go

Co-authored-by: 6543 <6543@obermui.de>

* Update modules/doctor/misc.go

Co-authored-by: 6543 <6543@obermui.de>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-12-02 06:56:04 +02:00
zeripath
742e21aeba
Handle and propagate errors when checking if paths are Dirs, Files or Exist (#13186)
* Ensure errors from IsDir propagate

* Handle errors when checking IsFile

* Handle and propagate errors from IsExist

* Update modules/templates/static.go

* Update modules/templates/static.go

* Return after ctx.ServerError

* Apply suggestions from code review

* Fix tests

The previous merge managed to break repo_form.go

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-11-27 21:42:08 -05:00
Lunny Xiao
586bfb9f32
Use mount but not register for chi routes (#13555)
* Use mount but not register for chi routes

* Fix test

* Fix test

* Fix test

* Fix comment

* turn back unnecessary change

* Remove the timout middleware since some operations may spend much time.
2020-11-16 15:33:41 +08:00
Lunny Xiao
c296f4fed6
Introduce go chi web framework as frontend of macaron, so that we can move routes from macaron to chi step by step (#7420)
* When route cannot be found on chi, go to macaron

* Stick chi version to 1.5.0

* Follow router log setting
2020-11-13 14:51:07 +02:00
John Olheiser
172eca1cd3
Add docs command (#13429)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-11-07 08:32:57 +08:00
zeripath
dd12384f22
Fix --port setting (#13288)
* Fix --port setting

Unfortunately there was an error in #13195 which set the --port
option before the settings were read. This PR fixes this by
moving applying this option to after the the settings are read

However, on looking further into this code I believe that the setPort
code was slightly odd.

Firstly, it may make sense to run the install page on a different
temporary port to the full system and this should be possible with
a --install-port option.

Secondy, if the --port option is provided we should apply it to both
otherwise there will be unusual behaviour on graceful restart

Thirdly, the documentation for --port says that the setting is
temporary - it should therefore not save its result to the configuration

(This however, does mean that authorized_keys and internal links may
not be correct. - I think we need to discuss this option further.)

Fix #13277

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update cmd/web.go

* Apply suggestions from code review

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-30 15:26:03 -04:00
Lunny Xiao
38d11eea58
Fix send mail (#13312)
* Fix send mail

* Fix send mail

* Update modules/private/mail.go

Co-authored-by: techknowlogick <matti@mdranta.net>
2020-10-26 12:42:27 -04:00
Maxim Zhiburt
a1952afc38
Sendmail command (#13079)
* Add SendSync method

Usefull to have when you need to be confident that message was sent.

* Add sendmail command

* add checks that if either title or content is empty then error out

* Add a confirmation step

* Add --force option to bypass confirm step

* Move implementation of runSendMail to a different file

* Add copyrighting comment

* Make content optional

Print waring if it's empty or haven't been set up.
The warning will be skiped if there's a `--force` flag.

* Fix import style

Co-authored-by: 6543 <6543@obermui.de>

* Use batch when getting all users

IterateUsers uses batching by default.

Signed-off-by: Maxim Zhiburt <zhiburt@gmail.com>

* Send emails one by one instead of as one chunck

Signed-off-by: Maxim Zhiburt <zhiburt@gmail.com>

* Send messages concurantly

Signed-off-by: Maxim Zhiburt <zhiburt@gmail.com>

* Use SendAsync+Flush instead of SendSync

Signed-off-by: Maxim Zhiburt <zhiburt@gmail.com>

* Add timeout parameter to sendemail command

Signed-off-by: Maxim Zhiburt <zhiburt@gmail.com>

* Fix spelling mistake

Signed-off-by: Maxim Zhiburt <zhiburt@gmail.com>

* Update cmd/admin.go

Co-authored-by: 6543 <6543@obermui.de>

* Connect to a running Gitea instance

* Fix mispelling

* Add copyright comment

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-24 16:38:14 -04:00
zeripath
2f1353a2f3
Move install pages out of main macaron routes (#13195)
* Move install pages out of main macaron loop

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update templates/post-install.tmpl

Co-authored-by: Lauris BH <lauris@nix.lv>

* remove prefetch

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-10-19 17:03:08 -04:00
ydelafollye
cb171dbd56
Improve users management through the CLI (#6001) (#10492)
* Fix images in wiki edit preview (#11546)

Make sure wiki editor sets wiki to true so gitea renders it as a wiki page.

Also change the context data attr for edit form. This looks wrong but everywhere else in our code assumes the urlPrefix to be just the repo url when rendering and manually adds /wiki to the rendered url regardless.

Fixes #11540
2020-10-15 22:48:38 -04:00
Lunny Xiao
80a6b0f5bc
Avatars and Repo avatars support storing in minio (#12516)
* Avatar support minio

* Support repo avatar minio storage

* Add missing migration

* Fix bug

* Fix test

* Add test for minio store type on avatars and repo avatars; Add documents

* Fix bug

* Fix bug

* Add back missed avatar link method

* refactor codes

* Simplify the codes

* Code improvements

* Fix lint

* Fix test mysql

* Fix test mysql

* Fix test mysql

* Fix settings

* Fix test

* fix test

* Fix bug
2020-10-14 21:07:51 +08:00
zeripath
2d75d6f664
Move update-server-info to hooks (#12826)
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-14 00:24:06 +08:00
zeripath
6b1266b6b3
Provide self-registering storage system (#12978)
* Provide self-registering storage system

Signed-off-by: Andrew Thornton <art27@cantab.net>

* More simplification

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove old strings from setting

Signed-off-by: Andrew Thornton <art27@cantab.net>

* oops attachments not attachment

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-10-12 23:58:34 -04:00
Wim
9066d09c57
Add ssh certificate support (#12281)
* Add ssh certificate support

* Add ssh certificate support to builtin ssh

* Write trusted-user-ca-keys.pem based on configuration

* Update app.example.ini

* Update templates/user/settings/keys_principal.tmpl

Co-authored-by: silverwind <me@silverwind.io>

* Remove unused locale string

* Update options/locale/locale_en-US.ini

Co-authored-by: silverwind <me@silverwind.io>

* Update options/locale/locale_en-US.ini

Co-authored-by: silverwind <me@silverwind.io>

* Update models/ssh_key.go

Co-authored-by: silverwind <me@silverwind.io>

* Add missing creation of SSH.Rootpath

* Update cheatsheet, example and locale strings

* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>

* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>

* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>

* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>

* Update models/ssh_key.go

* Optimizations based on feedback

* Validate CA keys for external sshd

* Add filename option and change default filename

Add a SSH_TRUSTED_USER_CA_KEYS_FILENAME option which default is
RUN_USER/.ssh/gitea-trusted-user-ca-keys.pem

Do not write a file when SSH_TRUSTED_USER_CA_KEYS is empty.

Add some more documentation.

* Remove unneeded principalkey functions

* Add blank line

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

* Add SSH_AUTHORIZED_PRINCIPALS_ALLOW option

This adds a SSH_AUTHORIZED_PRINCIPALS_ALLOW which is default
email,username this means that users only can add the principals
that match their email or username.

To allow anything the admin need to set the option anything.

This allows for a safe default in gitea which protects against malicious
users using other user's prinicipals. (before that user could set it).

This commit also has some small other fixes from the last code review.

* Rewrite principal keys file on user deletion

* Use correct rewrite method

* Set correct AuthorizedPrincipalsBackup default setting

* Rewrite principalsfile when adding principals

* Add update authorized_principals option to admin dashboard

* Handle non-primary emails

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add the command actually to the dashboard template

* Update models/ssh_key.go

Co-authored-by: silverwind <me@silverwind.io>

* By default do not show principal options unless there are CA keys set or they are explicitly set

Signed-off-by: Andrew Thornton <art27@cantab.net>

* allow settings when enabled

* Fix typos in TrustedUserCAKeys path

* Allow every CASignatureAlgorithms algorithm

As this depends on the content of TrustedUserCAKeys we should allow all
signature algorithms as admins can choose the specific algorithm on their
signing CA

* Update models/ssh_key.go

Co-authored-by: Lauris BH <lauris@nix.lv>

* Fix linting issue

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-10 20:38:09 -04:00
zeripath
1bf40ca0df
Gitea serv, hooks, manager and the like should always display Fatals (#13032)
The gitea cmd/serv.go setup function deletes the console logger to
prevent stdout interference with commands. However, the problem is that
it then calls setting.NewContext which may cause an exit with log.Fatal
- which will then not be shown.

Now, log.Fatal is so disastrous that the interference that logging
causes is wanted. However, we can avoid stdout interference by emitting
on stderr.

This PR forces the creation of a console logger on stderr listening on
Fatal for these commands. Most commands have a `--debug` option now that
will print more reasons too - however, defaulting to give the log for
Fatal seems reasonable.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-10-07 16:44:16 -04:00
6543
818d921bbb
Refactor use TrimSuffix instead of TrimRight (#12993)
* Refactor use TrimSuffix instead of TrimRight

* TrimRight right

* has #12990
2020-10-01 06:54:34 +01:00
Lunny Xiao
3878e985b6
Add default storage configurations (#12813)
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
2020-09-29 12:05:13 +03:00
John Olheiser
c6e4bc53aa
Check passwords against HaveIBeenPwned (#12716)
* Implement pwn

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update module

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Apply suggestions mrsdizzie

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Add link to HIBP

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add more details to admin command

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add context to pwn

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Consistency and making some noise ;)

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: mrsdizzie <info@mrsdizzie.com>
Co-authored-by: zeripath <art27@cantab.net>
2020-09-08 17:06:39 -05:00
Lunny Xiao
7a5465fc56
LFS support to be stored on minio (#12518)
* LFS support to be stored on minio

* Fix test

* Fix lint

* Fix lint

* Fix check

* Fix test

* Update documents and add migration for LFS

* Fix some bugs
2020-09-08 23:45:10 +08:00
6543
cfd8e8a489
gitea dump: include version & Check InstallLock (#12760)
* gitea dump: include version

* Check InstallLock (close #12759)

* fix test

* fix lint
2020-09-07 23:27:17 +01:00
zeripath
a722dd72db
Set setting.AppURL as GITEA_ROOT_URL environment variable during pushes (#12752)
* Set setting.AppURL as GITEA_ROOT_URL environment variable during pushes

Fix #11738

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-06 23:53:42 -04:00
zeripath
1b9d5074a7
Add command to recreate tables (#12407)
Provides new command: `gitea doctor recreate-table` which will recreate
db tables and copy the old data in to the new table.

This function can be used to remove the old warning of struct defaults being
out of date.

Fix #8868
Fix #3265
Fix #8894

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-06 22:52:01 +01:00
zeripath
82b71881d8
Ensure repoNames are lowercased in serv (#12668)
#12624 missed lowering the provided repoPath.

(Additionally make a few fixes to the way the debug flag works.)

Fix #12659
Fix #12667

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-31 18:12:49 +01:00
zeripath
d257485bc0
Rename models.ProtectedBranchRepoID to models.EnvRepoID and ensure EnvPusherEmail is set (#12646)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-30 08:24:39 +01:00
zeripath
7ba6fea0b7
Use shellquote to unpack arguments to gitea serv (#12624)
Fix #12471

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-28 20:55:25 +01:00
John Olheiser
43a397ce9a
Initial support for push options (#12169)
* Initial support for push options

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix misspelling 🤦

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix formatting after conflict resolution

* defer close git repo

* According the GitLab documentation, git >= 2.10

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Words are hard. Thanks @mrsdizzie 😅

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Only update if there are push options

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: mrsdizzie <info@mrsdizzie.com>
2020-08-23 17:02:35 +01:00
Lunny Xiao
62e6c9bc6c
Add a storage layer for attachments (#11387)
* Add a storage layer for attachments

* Fix some bug

* fix test

* Fix copyright head and lint

* Fix bug

* Add setting for minio and flags for migrate-storage

* Add documents

* fix lint

* Add test for minio store type on attachments

* fix test

* fix test

* Apply suggestions from code review

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Add warning when storage migrated successfully

* Fix drone

* fix test

* rebase

* Fix test

* display the error on console

* Move minio test to amd64 since minio docker don't support arm64

* refactor the codes

* add trace

* Fix test

* remove log on xorm

* Fi download bug

* Add a storage layer for attachments

* Add setting for minio and flags for migrate-storage

* fix lint

* Add test for minio store type on attachments

* Apply suggestions from code review

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Fix drone

* fix test

* Fix test

* display the error on console

* Move minio test to amd64 since minio docker don't support arm64

* refactor the codes

* add trace

* Fix test

* Add URL function to serve attachments directly from S3/Minio

* Add ability to enable/disable redirection in attachment configuration

* Fix typo

* Add a storage layer for attachments

* Add setting for minio and flags for migrate-storage

* fix lint

* Add test for minio store type on attachments

* Apply suggestions from code review

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Fix drone

* fix test

* Fix test

* display the error on console

* Move minio test to amd64 since minio docker don't support arm64

* don't change unrelated files

* Fix lint

* Fix build

* update go.mod and go.sum

* Use github.com/minio/minio-go/v6

* Remove unused function

* Upgrade minio to v7 and some other improvements

* fix lint

* Fix go mod

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Tyler <tystuyfzand@gmail.com>
2020-08-18 12:23:45 +08:00
zeripath
ac3cfad23d
Make the default PID file compile-time settable (#12485)
#12391 offered to change the default PID file from /var/run/gitea.pid however in discussion it was decided that this could break users of older systems. An alternative was offered that we could make the PID file compile/link time settable.

This PR does this, and changes the name of the setting from CustomPID to simply PIDFile. It also updates the from-source docs to show how to change the compiler settings to do this.

Closes #12391

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Florian Klink <flokli@flokli.de>
2020-08-15 21:15:27 +01:00
zeripath
74bd9691c6
Re-attempt to delete temporary upload if the file is locked by another process (#12447)
Replace all calls to os.Remove/os.RemoveAll by retrying util.Remove/util.RemoveAll and remove circular dependencies from util.

Fix #12339

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
2020-08-11 21:05:34 +01:00
Wim
4609eba2e7
Fix ipv6 parsing (#12321)
* Fix ipv6 parsing

* Update modules/setting/setting.go

Co-authored-by: 6543 <6543@obermui.de>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-26 16:31:28 -04:00
赵智超
12f9dd8fa9
Decrease the num_stars when deleting a repo (#11954)
* Decrease the  num_stars when deleting a repo

fix #11949

Signed-off-by: a1012112796 <1012112796@qq.com>

* Add migration

* use batch

* Apply suggestions from code review

Co-authored-by: Lauris BH <lauris@nix.lv>

* fix lint

* fix lint

* fix ci

* fix ci2

* add doctor

* duplicate code

* fix migration

* fix some nits

* add start

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-07-07 15:16:34 -04:00
zeripath
c5b08f6d5a
Pause, Resume, Release&Reopen, Add and Remove Logging from command line (#11777)
* Make LogDescriptions race safe

* Add manager commands for pausing, resuming, adding and removing loggers

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Placate lint

* Ensure that file logger is run!

* Add support for smtp and conn

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add release-and-reopen

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-07-05 20:07:07 -04:00
zeripath
b9e281265e
Add migration to set IsArchived false if it is null (#11853)
* Add migration to set IsArchived false if it is null

Fix #11824

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add doctor

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-06-11 16:18:11 -04:00
PhilippHomann
684b7a999f
Dump: add output format tar and output to stdout (#10376)
* Dump: Use mholt/archive/v3 to support tar including many compressions

Signed-off-by: Philipp Homann <homann.philipp@googlemail.com>

* Dump: Allow dump output to stdout

Signed-off-by: Philipp Homann <homann.philipp@googlemail.com>

* Dump: Fixed bug present since #6677 where SessionConfig.Provider is never "file"

Signed-off-by: Philipp Homann <homann.philipp@googlemail.com>

* Dump: never pack RepoRootPath, LFS.ContentPath and LogRootPath when they are below AppDataPath

Signed-off-by: Philipp Homann <homann.philipp@googlemail.com>

* Dump: also dump LFS (fixes #10058)

Signed-off-by: Philipp Homann <homann.philipp@googlemail.com>

* Dump: never dump CustomPath if CustomPath is a subdir of or equal to AppDataPath (fixes #10365)

Signed-off-by: Philipp Homann <homann.philipp@googlemail.com>

* Use log.Info instead of fmt.Fprintf

Signed-off-by: Philipp Homann <homann.philipp@googlemail.com>

* import ordering

* make fmt

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Matti R <matti@mdranta.net>
2020-06-05 16:47:39 -04:00
6543
726e1e5279
Doctor check & fix db consistency (#11111)
needed to fix issue as described in #10280

* rename check-db to check-db-version
* add check-db-consistency:
* find issues without existing repository
* find pulls without existing issues
* find tracked times without existing issues/pulls
* find labels without repository or org reference

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-05-29 14:24:15 +01:00
zeripath
8730b091e3
Add debug option to hooks (#11624)
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-05-28 23:04:44 -04:00
zeripath
c81ab17de9
TrimSpace when reading InternalToken from a file (#11502)
InternalTokens are fixed as alphanum strings therefore TrimSpace from these.
Also use isatty to not add a terminal newline when redirecting generate.

Fix #11498

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-05-20 19:16:06 +03:00
zeripath
c58bc4bf80
Prevent timer leaks in Workerpool and others (#11333)
There is a potential memory leak in `Workerpool` due to the intricacies of
`time.Timer` stopping.

Whenever a `time.Timer` is `Stop`ped its channel must be cleared using a
`select` if the result of the `Stop()` is `false`.

Unfortunately in `Workerpool` these were checked the wrong way round.

However, there were a few other places that were not being checked.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-05-08 16:46:05 +01:00
Kyle Evans
a5018d099d
cmd: dump: check value of skip-repository flag (#11254)
This is a boolean flag; simply checking if it's set isn't enough, we must check the value as well.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-05-03 00:57:45 -03:00
Kyle Evans
1bdffefc05
cmd: dump: add an -L/--skip-log option (#11253)
Not all dumps need to include the logs, in a similar vain to not all dumps
needing to include repositories; these may be subject to different backup
mechanisms/constraints. Add a simple option to let them be excluded from the
dump to simplify workflows that need to exclude them or not collect in the
first place.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: zeripath <art27@cantab.net>
2020-04-30 21:30:31 -04:00
zeripath
089b34858c
Return error for authorized_keys and mergebase problems (#10990)
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-04-08 02:04:19 -03:00
zeripath
d26885e2bf
Mulitple Gitea Doctor improvements (#10943)
* Add `gitea doctor --list` flag to list the checks that will be run, including those by default
* Add `gitea doctor --run` to run specific checks
* Add `gitea doctor --all` to run all checks
* Add db version checker
* Add non-default recalculate merge bases check/fixer to doctor
* Add hook checker (Fix #9878) and ensure hooks are executable (Fix #6319)
* Fix authorized_keys checker - slight change of functionality here because parsing the command is fragile and we should just check if the authorized_keys file is essentially the same as what gitea would produce. (This is still not perfect as order matters - we should probably just md5sum the two files.)
* Add SCRIPT_TYPE check (Fix #10977)
* Add `gitea doctor --fix` to attempt to fix what is possible to easily fix
* Add `gitea doctor --log-file` to set the log-file, be it a file, stdout or to switch off completely. (Fixes previously undetected bug with certain xorm logging configurations - see @6543 comment.)

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-04-06 11:44:47 +01:00
zeripath
1737fca220
make gitea admin auth list formatting configurable (#10844)
* make admin auth list formatting configurable

Signed-off-by: Andrew Thornton <art27@cantab.net>

* As per @guillep2k

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-03-27 22:26:43 +01:00
zeripath
9269b7f627
Multiple LFS improvements (#10667)
* Add more logging in the LFS server

Adds more logging in the LFS server and stops sending internal server
error information to the client

* Add LFS Lock cursor implementation

* Simplify Claims in LFS and remove the float64 casts

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-03-09 19:56:18 +00:00
Lauris BH
37c3db7be6
Add restricted user filter to LDAP authentication (#10600)
* Add restricted user filter to LDAP authentification

* Fix unit test cases
2020-03-05 08:30:33 +02:00
John Olheiser
95013fde60
Fix push-create SSH bugs (#10145)
* Attempt to fix push-create SSH bugs

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix binding

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Invalid ctx

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-02-05 10:40:35 +01:00
guillep2k
bcb52aef09
Implement "embedded" command to extract static resources (#9982)
* draft

* Implement extract command

* Fix nits and force args on extract

* Add !bindata stub, support Windows, fmt

* fix vendored flag

* Remove leading slash for matching

* Add docs

* Fix typos

* Add embedded view command

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-02-02 10:17:44 +08:00
guillep2k
04cbdf5c08
Implement basic app.ini and path checks to doctor cmd (#10064)
* Add doctor check of app.ini paths

* Make /custom dir not mandatory

* Fix message and improve interface

* Update cmd/doctor.go

Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com>

* Apaise lint

* Isn't the linter a sweet? (1)

* Isn't the linter a sweet? (2)

* Isn't the linter a sweet?? (3)

* Restart CI

Co-authored-by: John Olheiser <42128690+jolheiser@users.noreply.github.com>
Co-authored-by: zeripath <art27@cantab.net>
2020-01-30 10:00:27 +08:00
zeripath
c01221e70f
Queue: Make WorkerPools and Queues flushable (#10001)
* Make WorkerPools and Queues flushable

Adds Flush methods to Queues and the WorkerPool
Further abstracts the WorkerPool
Adds a final step to Flush the queues in the defer from PrintCurrentTest
Fixes an issue with Settings inheritance in queues

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Change to for loop

* Add IsEmpty and begin just making the queues composed WorkerPools

* subsume workerpool into the queues and create a flushable interface

* Add manager command

* Move flushall to queue.Manager and add to testlogger

* As per @guillep2k

* as per @guillep2k

* Just make queues all implement flushable and clean up the wrapped queue flushes

* cope with no timeout

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-01-28 20:01:06 -05:00
SpaWn2KiLl
1f01f53c53 API add/generalize pagination (#9452)
* paginate results

* fixed deadlock

* prevented breaking change

* updated swagger

* go fmt

* fixed find topic

* go mod tidy

* go mod vendor with go1.13.5

* fixed repo find topics

* fixed unit test

* added Limit method to Engine struct; use engine variable when provided; fixed gitignore

* use ItemsPerPage for default pagesize; fix GetWatchers, getOrgUsersByOrgID and GetStargazers; fix GetAllCommits headers; reverted some changed behaviors

* set Page value on Home route

* improved memory allocations

* fixed response headers

* removed logfiles

* fixed import order

* import order

* improved swagger

* added function to get models.ListOptions from context

* removed pagesize diff on unit test

* fixed imports

* removed unnecessary struct field

* fixed go fmt

* scoped PR

* code improvements

* code improvements

* go mod tidy

* fixed import order

* fixed commit statuses session

* fixed files headers

* fixed headers; added pagination for notifications

* go mod tidy

* go fmt

* removed Private from user search options; added setting.UI.IssuePagingNum as default valeu on repo's issues list

* Apply suggestions from code review

Co-Authored-By: 6543 <6543@obermui.de>
Co-Authored-By: zeripath <art27@cantab.net>

* fixed build error

* CI.restart()

* fixed merge conflicts resolve

* fixed conflicts resolve

* improved FindTrackedTimesOptions.ToOptions() method

* added backwards compatibility on ListReleases request; fixed issue tracked time ToSession

* fixed build error; fixed swagger template

* fixed swagger template

* fixed ListReleases backwards compatibility

* added page to user search route

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2020-01-24 14:00:29 -05:00
Lunny Xiao
d92781bf94 Refactor repository check and sync functions (#9854)
Move more general repository functions out of models/repo.go
2020-01-20 20:01:19 +00:00
zeripath
c5014a7f2c Add option to prevent LDAP from deactivating everything on empty search (#9879)
* Add option to prevent LDAP from deactivating everything on empty search

* Update options/locale/locale_en-US.ini

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-01-20 11:47:39 +08:00
Lunny Xiao
9f40bb020e fix dump non-exist log directory (#9818) 2020-01-16 21:56:51 -05:00
zeripath
65baacf227
Make hook status printing configurable with delay (#9641)
* Delay printing hook statuses until after 1 second

* Move to a 5s delay, wrapped writer structure and add config

* Update cmd/hook.go

* Apply suggestions from code review

* Update cmd/hook.go

Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
2020-01-12 08:46:03 +00:00
Lunny Xiao
f69f5a9f10 Add a new command doctor to check if some wrong configurations on gitea instance (#9095)
* add doctor

* Add a new command doctor to check if some wrong configurations on gitea instance

* fix import

* use regex match authorized_keys on doctor

* Add documentation
2020-01-11 15:24:57 +01:00
Shashvat Kedia
1e9b3d4743 Fix #9530: admin auth list make readable and admin auth delete bug fix (#9628) 2020-01-07 23:41:16 +00:00
zeripath
4acca9d2e8
Properly enforce gitea environment for pushes (#9501)
#8982 attempted to enforce the gitea environment for pushes - unfortunately it tested the settings before they were actually read in - and therefore does not do that!
2019-12-27 21:15:04 +00:00
zeripath
154424623a
Remove unnecessary loading of settings in update hook (#9496)
This PR simply makes update an empty command rather than needlessly load the settings for each reference.
2019-12-27 15:21:33 +00:00
zeripath
7bfb83e064 Batch hook pre- and post-receive calls (#8602)
* make notifyWatchers work on multiple actions

* more efficient multiple notifyWatchers

* Make CommitRepoAction take advantage of multiple actions

* Batch post and pre-receive results

* Set batch to 30

* Auto adjust timeout & add logging

* adjust processing message

* Add some messages to pre-receive

* Make any non-200 status code from pre-receive an error

* Add missing hookPrintResults

* Remove shortcut for single action

* mistaken merge fix

* oops

* Move master branch to the front

* If repo was empty and the master branch is pushed ensure that that is set as the default branch

* fixup

* fixup

* Missed HookOptions in setdefaultbranch

* Batch PushUpdateAddTag and PushUpdateDelTag

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2019-12-26 13:29:45 +02:00
zeripath
3e166bd055 Add debug option to serv to help debug problems (#9492)
* Add debug option to serv to help debug problems

* fixup! Add debug option to serv to help debug problems
2019-12-25 23:44:57 +08:00
Rychu
2b0e4e0cb8 Fixed errors logging in dump.go (#9218)
* Fixed errors logging in dump.go

* Replaced overlooked log.Fatal() with fatal()

* Run make fmt on dump.go

* Added missing new line to the fatal log

* Run make fmt on dump.go
2019-12-17 18:12:10 +02:00
zeripath
d1a49977b0 AuthorizedKeysCommand should not query db directly (#9371)
* AuthorizedKeysCommand should not query db directly

* Update routers/private/internal.go

* Fix import order
2019-12-16 20:49:07 -05:00
zeripath
e3c3b33ea7
Graceful: Xorm, RepoIndexer, Cron and Others (#9282)
* Change graceful to use a singleton obtained through GetManager instead of a global.
* Graceful: Make TestPullRequests shutdownable
* Graceful: Make the cron tasks graceful
* Graceful: AddTestPullRequest run in graceful ctx
* Graceful: SyncMirrors shutdown
* Graceful: SetDefaultContext for Xorm to be HammerContext
* Avoid starting graceful for migrate commands and checkout
* Graceful: DeliverHooks now can be shutdown
* Fix multiple syncing errors in modules/sync/UniqueQueue &  Make UniqueQueue closable
* Begin the process of making the repo indexer shutdown gracefully
2019-12-15 09:51:28 +00:00
Lunny Xiao
7b2ff82d20 Move some repository methods from models to modules/repository (#9353)
* Move some repository methods from models to modules/repository

* fix test
2019-12-14 18:30:01 +01:00
zeripath
2c83dac5d4 FCGI: Allow FCGI over unix sockets (#9298)
* FCGI: Allow FCGI over unix sockets

* fixup! FCGI: Allow FCGI over unix sockets
2019-12-10 13:23:26 +01:00
zeripath
60c5339042 Graceful: Cancel Process on monitor pages & HammerTime (#9213)
* Graceful: Create callbacks to with contexts

* Graceful: Say when Gitea is completely finished

* Graceful: Git and Process within HammerTime

Force all git commands to terminate at HammerTime
Force all process commands to terminate at HammerTime
Move almost all git processes to run as git Commands

* Graceful: Always Hammer after Shutdown

* ProcessManager: Add cancel functionality

* Fix tests

* Make sure that process.Manager.Kill() cancels

* Make threadsafe access to Processes and remove own unused Kill

* Remove cmd from the process manager as it is no longer used

* the default context is the correct context

* get rid of double till
2019-11-30 16:40:22 +02:00
zeripath
7523314ef8
Graceful: Allow graceful restart for fcgi (#9112)
* Graceful: Allow graceful restart for fcgi

My previous interpretation was incorrect - we do not handle sockets
being passed in over stdin

* Update web.go
2019-11-24 10:39:50 +00:00
zeripath
e3f22ad2cc Graceful: Allow graceful restart for unix sockets (#9113)
Previously we could not handle graceful restarts for http over unix
sockets. These can now be handled.
2019-11-24 03:11:24 +01:00
zeripath
cbaa1de9ec Add Graceful shutdown for Windows and hooks for shutdown of goroutines (#8964)
* Graceful Shutdown for windows and others

Restructures modules/graceful, adding shutdown for windows, removing and
replacing the old minwinsvc code.

Creates a new waitGroup - terminate which allows for goroutines to
finish up after the shutdown of the servers.

Shutdown and terminate hooks are added for goroutines.

* Remove unused functions - these can be added in a different PR

* Add startup timeout functionality

* Document STARTUP_TIMEOUT
2019-11-21 13:32:02 -05:00
zeripath
dd1beee2ef
Enforce Gitea environment for pushes (#8982)
* Enforce Gitea environment for pushes

* Update custom/conf/app.ini.sample

Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>
2019-11-14 22:39:48 +00:00
zeripath
722a7c902d
Add Close() method to gogitRepository (#8901)
In investigating #7947 it has become clear that the storage component of go-git repositories needs closing.

This PR adds this Close function and adds the Close functions as necessary.

In TransferOwnership the ctx.Repo.GitRepo is closed if it is open to help prevent the risk of multiple open files.

Fixes #7947
2019-11-13 07:01:19 +00:00
zeripath
b48cad6a2a
Adjust the must-change-password help (#8755) 2019-10-30 18:28:14 +00:00
zeripath
f067e12859
Graceful fixes (#8645)
* Only attempt to kill parent once

* Apply suggestions from code review

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Add waitgroup for running servers
2019-10-23 16:32:19 +01:00
zeripath
0bfe5eb10b
Allow Protected Branches to Whitelist Deploy Keys (#8483)
Add an option to protected branches to add writing deploy keys to the whitelist for pushing.

Please note this is technically a breaking change: previously if the owner of a repository was on the whitelist then any writing deploy key was effectively on the whitelist. This option will now need to be set if that is desired.

Closes #8472 

Details:
* Allow Protected Branches to Whitelist Deploy Keys
* Add migration
* Ensure that IsDeployKey is set to false on the http pushes
* add not null default false
2019-10-21 09:21:45 +01:00
zeripath
167e8f18da
Restore Graceful Restarting & Socket Activation (#7274)
* Prevent deadlock in indexer initialisation during graceful restart

* Move from gracehttp to our own service to add graceful ssh

* Add timeout for start of indexers and make hammer time configurable

* Fix issue with re-initialization in indexer during tests

* move the code to detect use of closed to graceful

* Handle logs gracefully - add a pid suffix just before restart

* Move to using a cond and a holder for indexers

* use time.Since

* Add some comments and attribution

* update modules.txt

* Use zero to disable timeout

* Move RestartProcess to its own file

* Add cleanup routine
2019-10-15 14:39:51 +01:00
Maxim Tkachenko
db657192d0 Password Complexity Checks (#6230)
Add password complexity checks. The default settings require a lowercase, uppercase, number and a special character within passwords.

Co-Authored-By: T-M-A <maxim.tkachenko@gmail.com>
Co-Authored-By: Lanre Adelowo <adelowomailbox@gmail.com>
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-Authored-By: Lauris BH <lauris@nix.lv>
2019-10-14 16:24:26 +01:00
Lunny Xiao
f83db078f0 Move database settings from models to setting (#7806)
* move database settings from models to setting

* update docs

* fix checkout pr

* fix tests

* fix lint

* remove unsupported tidb options

* correct wrong variable name

* remove tidb totally
2019-08-24 11:24:45 +02:00
Tamal Saha
171b359877 Use gitea forked macaron (#7933)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-08-23 12:40:29 -04:00
zeripath
def84840db Attempt to fix hook problem (#7854) 2019-08-14 12:25:05 +03:00
clavinet
8101d803e6 Update serv.go (#7822)
small semantics fix
"Hi there, user!" looks better than "Hi there: user!"
2019-08-11 20:15:58 +08:00
Allen Wild
2186a99c76 cmd/serv: actually exit after fatal errors (#7458)
Regression in 356854fc5f, where
a log.Fatal call was removed. log.Fatal calls os.Exit(1) as intended,
but without it the fail() function returns normally and execution
continues past the fatal error, causing a panic.

This is visible as a go panic log and stack trace returned to the SSH
client, which is not only ugly, it leaks server and build system
information.

Fix by removing the stray return statement so that the fail() function
always calls os.Exit(1).

Fixes: https://github.com/go-gitea/gitea/issues/7457
Signed-off-by: Allen Wild <allenwild93@gmail.com>
2019-07-13 21:38:18 +01:00
zeripath
3563650bdb #6946 Run hooks on merge/edit and cope with protected branches (#6961)
* Fix #6946 by checking PullRequest ID on pushing

* Ensure we have the owner name, the pr attributes and the the issue

* Fix TestSearchRepo by waiting till indexing is done

* Update integrations/repo_search_test.go

* changes as per @mrsdizzie

* missing comma

* Spelling mistake

* Fix full pushing environment
2019-07-01 09:18:13 +08:00
Lunny Xiao
8ec659722d Only check and config git on web subcommand but not others (#7236)
* only check and config git on web subcommand but not others

* add Init in git tests
2019-06-19 19:53:37 +03:00
ngourdon
a618df8d84 Add CLI commands to manage LDAP authentication source (#6681)
* add CLI commands to manage LDAP authentication source

* delete Gogs copyright

* remove unused return value of func parseLoginSource

* fix comment

Co-Authored-By: ngourdon <31291059+ngourdon@users.noreply.github.com>

* remove config flag already present in global flags

* remove config flag from ldap commands in docs

* remove config flag handling
2019-06-17 14:32:20 -04:00
zeripath
eaa3a1db4e Use certmanager provided TLSConfig for LetsEncrypt (#7229) 2019-06-17 13:33:55 -04:00
kolaente
f9ec2f89f2 Add golangci (#6418) 2019-06-12 15:41:28 -04:00
Lunny Xiao
74690f6451
fix pusher name via ssh push (#7167) 2019-06-11 09:13:24 +08:00
Lunny Xiao
23a2ee3510
Add command to convert mysql database from utf8 to utf8mb4 (#7144)
* add command to convert mysql database from utf8 to utf8mb4

* Update cmd/convert.go

Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com>

* Update cmd/convert.go

Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com>

* Update cmd/convert.go

Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com>

* Update models/convert.go

Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com>

* Update models/convert.go

Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com>

* Update cmd/convert.go

Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com>

* Update cmd/convert.go

Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com>
2019-06-08 21:53:45 +08:00
Sandro Santilli
45f588e85d Avoid arbitrary format strings upon calling fail() function (#7112) 2019-06-03 09:07:03 +01:00
zeripath
356854fc5f Move serv hook functionality & drop GitLogger (#6993)
* Move hook functionality internally

* Internalise serv logic

* Remove old internal paths

* finally remove the gitlogger

* Disallow push on archived repositories

* fix lint error

* Update modules/private/key.go

* Update routers/private/hook.go

* Update routers/private/hook.go

* Update routers/private/hook.go

* Updated routers/private/serv.go

* Fix LFS Locks over SSH

* rev-list needs to be run by the hook process

* fixup

* Improve git test

* Ensure that the lfs files are created with a different prefix

* Reduce the replication in git_test.go

* slight refactor

* Remove unnecessary "/"

* Restore ensureAnonymousClone

* Restore ensureAnonymousClone

* Run rev-list on server side

* Try passing in the alternative directories instead

* Mark test as skipped

* Improve git test

* Ensure that the lfs files are created with a different prefix
* Reduce the replication in git_test.go
* Remove unnecessary "/"
2019-06-01 23:00:21 +08:00
Lunny Xiao
355ab0c62c Fix wrong init dependency on markup extensions (#7038)
* fix wrong init dependency on markup extensions
2019-05-25 18:15:39 +01:00
James E. Blair
488d34691a Ignore non-standard refs in git push (#6758)
When replicating to gitea from a remote system which makes use of
git refs to store extra data (for example, gerrit), pushing a lot
of refs to gitea can cause problems due to the extra processing
that the pre and post receive hooks perform.  But it's still
useful for gitea to be able to serve those refs.  This change
skips unecessary processing of refs other than branches or tags.

We don't need to check any ref that isn't a branch for branch
protection (protection will never be enabled).  So in the
pre-receive hook, we wrap that check in a test for whether the
ref is a branch.

We also don't need to add information to the activity stream about
pushes to non-standard refs, so we skip that step in the
post-receive hook for refs which are not branches or tags.

For some concrete examples, gerrit maintains a ref for every
patchset of every change in the form refs/changes/XX/YYYY/Z.
Many systems use refs/notes to store additonal data about commits.
This change allows these and other schemes to be used without
affecting gitea.
2019-05-14 10:40:27 -04:00
Lanre Adelowo
e0dde8173f Generate access token in admin cli (#6847)
* add cli flag for access token while creating a user
2019-05-04 23:03:09 +01:00
techknowlogick
897927690f
Rename LFS_JWT_SECRET to include OAUTH2 as well (#6826) 2019-05-01 22:32:06 -04:00
John Olheiser
e255df83a6 Change verbose flag in dump command to avoid colliding with global version flag (#6822)
* Change verbose flag to avoid colliding with version flag
* Update docs

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-05-01 21:36:09 +01:00
zeripath
8d0d7bc28d Make CustomPath, CustomConf and AppWorkPath configurable at build (#6631) 2019-04-29 14:08:21 -04:00
ngourdon
2b9b3310f6 Add username flag in create-user command (#6534)
* Add username flag in create-user command

* Fix the error message

* Change name to username on flag of create-user command

* Include create-user flags of both versions

* delete deprecated example of create-user command
2019-04-09 11:21:55 -04:00
mrsdizzie
e14cad79c9 Include custom configuration file in dump (#6516)
When running the dump command, include the specific configuration file
provided as part of the backup. Currently we only zip up custom/ and this
misses the config file if it is somewhere else, like /etc/gitea/app.ini

Fixes #6034
2019-04-05 09:24:28 -04:00
zeripath
704da08fdc
Better logging (#6038) (#6095)
* Panic don't fatal on create new logger

Fixes #5854

Signed-off-by: Andrew Thornton <art27@cantab.net>

* partial broken

* Update the logging infrastrcture

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Reset the skip levels for Fatal and Error

Signed-off-by: Andrew Thornton <art27@cantab.net>

* broken ncsa

* More log.Error fixes

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove nal

* set log-levels to lowercase

* Make console_test test all levels

* switch to lowercased levels

* OK now working

* Fix vetting issues

* Fix lint

* Fix tests

* change default logging to match current gitea

* Improve log testing

Signed-off-by: Andrew Thornton <art27@cantab.net>

* reset error skip levels to 0

* Update documentation and access logger configuration

* Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE

* Fix broken level caching

* Refactor the router log

* Add Router logger

* Add colorizing options

* Adjust router colors

* Only create logger if they will be used

* update app.ini.sample

* rename Attribute ColorAttribute

* Change from white to green for function

* Set fatal/error levels

* Restore initial trace logger

* Fix Trace arguments in modules/auth/auth.go

* Properly handle XORMLogger

* Improve admin/config page

* fix fmt

* Add auto-compression of old logs

* Update error log levels

* Remove the unnecessary skip argument from Error, Fatal and Critical

* Add stacktrace support

* Fix tests

* Remove x/sync from vendors?

* Add stderr option to console logger

* Use filepath.ToSlash to protect against Windows in tests

* Remove prefixed underscores from names in colors.go

* Remove not implemented database logger

This was removed from Gogs on 4 Mar 2016 but left in the configuration
since then.

* Ensure that log paths are relative to ROOT_PATH

* use path.Join

* rename jsonConfig to logConfig

* Rename "config" to "jsonConfig" to make it clearer

* Requested changes

* Requested changes: XormLogger

* Try to color the windows terminal

If successful default to colorizing the console logs

* fixup

* Colorize initially too

* update vendor

* Colorize logs on default and remove if this is not a colorizing logger

* Fix documentation

* fix test

* Use go-isatty to detect if on windows we are on msys or cygwin

* Fix spelling mistake

* Add missing vendors

* More changes

* Rationalise the ANSI writer protection

* Adjust colors on advice from @0x5c

* Make Flags a comma separated list

* Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING

* Ensure matching is done on the non-colored message - to simpify EXPRESSION
2019-04-02 08:48:31 +01:00
glaszig
dbba46c216 support custom file name in gitea dump command (#6474)
* support custom file name in `gitea dump` command

* simpler approach to handle default dump file name
in `gitea dump` command
2019-04-01 00:31:37 -04:00
Lunny Xiao
d578b71d61
move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364)
* move code.gitea.io/git to code.gitea.io/gitea/modules/git

* fix imports

* fix fmt

* fix misspell

* remove wrong tests data

* fix unit tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* enable Debug to trace the failure tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* comment commit count tests since git clone depth is 50

* fix tests

* update from code.gitea.io/git

* revert change to makefile
2019-03-27 17:33:00 +08:00
mrsdizzie
ca46385637 Clean up various use of escape/unescape functions for URL generation (#6334)
* Use PathUnescape instead of QueryUnescape when working with branch names

Currently branch names with a '+' fail in certain situations because
QueryUnescape replaces the + character with a blank space.

Using PathUnescape should be better since it is defined as:

// PathUnescape is identical to QueryUnescape except that it does not
// unescape '+' to ' ' (space).

Fixes #6333

* Change error to match new function name

* Add new util function PathEscapeSegments

This function simply runs PathEscape on each segment of a path without
touching the forward slash itself. We want to use this instead of
PathEscape/QueryEscape in most cases because a forward slash is a valid name for a
branch etc... and we don't want that escaped in a URL.

Putting this in new file url.go and also moving a couple similar
functions into that file as well.

* Use EscapePathSegments where appropriate

Replace various uses of EscapePath/EscapeQuery with new
EscapePathSegments. Also remove uncessary uses of various
escape/unescape functions when the text had already been escaped or was
not escaped.

* Reformat comment to make drone build happy

* Remove no longer used url library

* Requested code changes
2019-03-18 10:00:23 -04:00
Jonas Franz
e777c6bdc6 Integrate OAuth2 Provider (#5378) 2019-03-08 11:42:50 -05:00
zeripath
01c10a951b
Fix ssh deploy and user key constraints (#1357) (#5939)
1. A key can either be an ssh user key or a deploy key. It cannot be both.
2. If a key is a user key - it can only be associated with one user.
3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different.
4. If a repository is deleted, its deploy keys must be deleted too.

We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints:

- [x] You should not be able to add the same user key as another user
- [x] You should not be able to add a ssh user key which is being used as a deploy key
- [x] You should not be able to add a ssh deploy key which is being used as a user key
- [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode.
- [x] If you delete a repository you must delete all its deploy keys.

Fix #1357
2019-02-03 23:56:53 +00:00
zeripath
13c0f7dfff
Fix notifications on pushing with deploy keys by setting hook environment variables (#5935)
The gitea prerecieve and postrecieve hooks and the gitea PushUpdate function require that the PusherID and PusherName are real users. Previously, these environment variables were not being set when using a deploy key - the main result being that pushing to empty repositories meant that is_empty status was not changed.

I've also added an integration test to ensure that the is_empty status is updated on pushing with a deploy key.

There is a slight issue in that the deploy key is now considered a proxy for the owner - we don't have a way of separating out the deploy key from the owner at present. This can be fixed in another PR.

Fix #3795 

Signed-off-by: Andrew Thornton art27@cantab.net
2019-02-03 14:00:48 +00:00
zeripath
2902b3a68c
Fix #5866: Silence console logger in gitea serv (#5887)
By default, if `setting.NewContext()` prints out any warning logs, these are printed to the stdout breaking `git receive-pack` etc. meaning that even if there is a warning because of a minor problem in your app.ini but gitea starts despite this - you **CANNOT** push or pull over SSH.

This PR disables the console logger whilst in `serv.go`

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-02-03 11:19:28 +00:00
Lanre Adelowo
e1fcd6b742 Disallow empty titles (#5785)
* add util method and tests

* make sure the title of an issue cannot be empty

* wiki title cannot be empty

* pull request title cannot be empty

* update to make use of the new util methof
2019-01-21 13:45:32 +02:00
Zsombor
656456441c Add flag to skip repository dumping (#5695) 2019-01-13 16:52:25 -05:00
Lanre Adelowo
8d2c24f7f9 Allow for user specific themes (#5668)
* add migration and basic UI for changing a user's theme

* update user themem

* use right text on button

* load theme based on users' selection

* load theme based on users' selection in pwa too

* update sample config

* delete older theme loading

* implement AfterLoad to set users' theme properly

* set up default theme when creating a user. This uses the installation wide theme

* use flash messages for error

* set default theme when creating a user from the cli

* fix @lunny review
2019-01-09 12:22:57 -05:00
Lanre Adelowo
a82ba73346 Make sure argsSet verifies string isn't empty too (#4980) 2018-12-27 14:38:38 +02:00
Lunny Xiao
7fd34c0517
fix lfs version check warning log when using ssh protocol (#5501) 2018-12-19 09:17:43 +08:00
Greg Karékinian
ebef3eff23 Remove a double slash in the HTTPS redirection when Let's Encrypt is enabled (#5537)
Before:

$ curl 0.0.0.0:3001
<a href="https://gitea.example.com:3000//">Found</a>.

After:

$ curl 0.0.0.0:3001
<a href="https://gitea.example.com:3000/">Found</a>.

Fixes #5536
2018-12-12 23:00:24 +02:00
Lunny Xiao
af6bce3ad5 fix detect force push failure on deletion of protected branches (#5522) 2018-12-12 10:46:17 +02:00
Lunny Xiao
ba75319157 fix clone wiki failed via ssh (#5503) 2018-12-11 13:37:32 -05:00
Greg Karékinian
15d6cf179d Fix the Let's Encrypt handler by listening on a valid address (#5525)
* Fix the Let's Encrypt handler by listening on a valid address

Also handle errors in the HTTP server go routine, return a fatal error
when something goes wrong.

Thanks to @gbl08ma for finding the actual bug

Here is an example of the error handling:

    2018/12/11 14:23:07 [....io/gitea/cmd/web.go:87 func1()] [E] Failed to
    start the Let's Encrypt handler on port 30: listen tcp 0.0.0.0:30: bind:
    permission denied

Closes #5280

* Fix a typo
2018-12-11 10:46:12 -05:00
Lunny Xiao
eabbddcd98
Restrict permission check on repositories and fix some problems (#5314)
* fix units permission problems

* fix some bugs and merge LoadUnits to repoAssignment

* refactor permission struct and add some copyright heads

* remove unused codes

* fix routes units check

* improve permission check

* add unit tests for permission

* fix typo

* fix tests

* fix some routes

* fix api permission check

* improve permission check

* fix some permission check

* fix tests

* fix tests

* improve some permission check

* fix some permission check

* refactor AccessLevel

* fix bug

* fix tests

* fix tests

* fix tests

* fix AccessLevel

* rename CanAccess

* fix tests

* fix comment

* fix bug

* add missing unit for test repos

* fix bug

* rename some functions

* fix routes check
2018-11-28 19:26:14 +08:00
Lanre Adelowo
ce9a5173fe fix password variable shadowing (#5405) 2018-11-26 17:00:38 +02:00
Lanre Adelowo
fd37fb01fd Don't force a password change for the admin user when creating an account via cli (#5391)
* don't force a password change for the admin user

* don't totally dicard -must-change-password flag if creating the first (admin) user via the cli. Use flag if present but make sure to default to not forcing a password update
2018-11-25 09:42:24 +02:00
zeripath
7d9a191a3c Create AuthorizedKeysCommand (#5236) 2018-11-01 09:41:07 -04:00
Robert Ștefan
7edb930240 Add command for migrating database (#4954) 2018-10-30 23:14:42 -04:00
Lanre Adelowo
e5daa2698f Generate random password (#5023)
* add random-password flag

* run make fmt

* add length cli flag rather than use a default value
2018-10-30 17:34:25 -04:00
Lunny Xiao
0ba57949e4 remove unused db init on commands serv, update, hooks (#5225) 2018-10-30 12:41:25 +02:00
Antoine GIRARD
617a2433a3 Make gitea serv use api/internal (#4886)
* Start to move to internal/private

* Add GetPublicKeyByID

* Add HasDeployKey

* Add private.UpdateDeployKeyUpdated

* Add private.GetUserByKeyID

* Add private.AccessLevel

* Add private.CheckUnitUser

* Fix mistakes I made

* Some cleaning + moving code to separate files

* Fix error handling

* Remove useless error handling for setup

* lint: fix comment on exported func

* fix copyright header

* Fix order of args
2018-10-30 14:20:13 +08:00
Lunny Xiao
a2ee2a3c67 fix showing pull request link when delete a branch (#5166) 2018-10-28 18:15:25 -04:00
Lanre Adelowo
c2748ea7fe Add must-change-password flag to cli for creating a user (#4955)
* add support for an admin to force a user to change his/her password from thee cli

* use BoolFlag instead

* default to true

* simplify by removing unnneccessary if/else
2018-10-21 01:05:01 +03:00
Julien Tant
dea3d849e1 Give user a link to create PR after push (#4716)
* Give user a link to create PR after push

* Forks now create PR in the base repository + make sure PR creation is allowed

* fix code style
2018-10-20 09:59:06 +03:00
Bo-Yi Wu
1e34413238 refactor: err != nil check, just return error instead (#5093) 2018-10-18 00:51:07 -04:00
techknowlogick
e91a2cf2ea
Add/remove/list oauth providers via cli (#4591) 2018-09-12 10:46:02 -04:00
Fluf
b82c14b3d2 add letsencrypt to Gitea (#4189) 2018-08-21 09:56:50 -04:00
Jerry Jacobs
b1bc08e268 cmd/serve: pprof cpu and memory profile dumps to disk (#4560) 2018-08-07 14:49:18 -04:00
Fluf
f54626df0b Add config path as an optional flag when changing pass via CLI (#4184) 2018-06-09 18:35:14 -04:00
Inon S
15f6ec9632 LFS: make HTTP auth period configurable (#4035)
* LFS: make HTTP auth period configurable

* Formatting: Removed semicolon

Due to automated fmt-check failure (drone.gitea.io)

* applying code reviews

* Applied code review comment: Change HTTPAuthExpiry to time.Duration

* Updated config cheat sheet
2018-05-29 16:07:16 +08:00
techknowlogick
8176345c0e Add cli commands to regen hooks & keys (#3979)
* Add cli commands to regen hooks & keys

* make fmt

* Allow passing path to config as an option

* add docs
2018-05-17 09:35:07 +08:00
Lauris BH
b66d6b3449
Do not allow inactive users to access repositories using private keys (#3887) 2018-05-02 16:22:56 +03:00
Codruț Constantin Gușoi
96c268c0fc Implements generator cli for secrets (#3531)
Signed-off-by: Codruț Constantin Gușoi <codrut.gusoi@gmail.com>
2018-02-18 20:14:37 +02:00
Antoine GIRARD
9e842c8a72 Fix SSH auth lfs locks (#3152)
* Fix SSH auth LFS locks

* Activate SSH/lock test

* Remove debug

* Follow @lunny recommendation for AfterLoad method
2018-01-27 18:48:15 +02:00
Morgan Bazalgette
2b52f77e1b General refactor of the cmd package (#3328)
* General refactor of the cmd package

* Address breakage in runCreateUser

* Place "common" functions into cmd.go
2018-01-12 23:16:49 +01:00
Kim "BKC" Carlbäcker
e5b8b4b5ec Cleanup models.User.HashPassword (#3334) 2018-01-12 00:19:38 +02:00
Morgan Bazalgette
674cfb7cac Change EncodePasswd to HashPassword (#3329)
* Change EncodePasswd to HashPassword

* Create test+benchmark for HashPassword
2018-01-08 23:28:18 +01:00
Sandro Santilli
8cd987af0c Add repo-sync-releases admin command (#3254)
* Add repo-sync-releases admin command

Will help recovering corrupted database, see #3247

* Load repos in chunks of 10, exit with error if unable to get a list, scan private repos, fix typo

* Fix debug output about num releases

* Introduce RepositoryListDefaultPageSize constant, set to 64

Use it from the new admin command

* Use RepositoryListDefaultPageSize in more places

* Document RepositoryListDefaultPageSize
2017-12-31 16:45:46 +02:00
Mike Fellows
fabf3f2fc2 Add an option to allow redirect of http port 80 to https. (#1928)
* Add an option to allow redirect of http port 80 to https.

This is an "opt in" option (default is to not redirect).  It will only redirect
if protocol is https and the new REDIRECT_PORT_80 option is set to true.

The Port to redirect in previous commit was hardcoded to 80, now it can be
specified in the app.ini, defaulting to 80.  The boolean option to turn
redirection on has been changed to REDIRECT_OTHER_PORT to be logically
consistent with the new port option.

Signed-off-by: Mike Fellows <mike.fellows@shaw.ca>
2017-12-25 23:23:43 +01:00
Lunny Xiao
f94c1b3943
Improvements for supporting UI Location (#3146)
* improvements for supporting UI Location

* improved the comment
2017-12-14 07:45:31 +08:00
Lunny Xiao
00bfa1d055
fix run web with -p push failed (#3154) 2017-12-13 16:57:28 +08:00
Lunny Xiao
35cc5b0402
Remove GetRepositoryByRef and add GetRepositoryByOwnerAndName (#3043)
* remove GetRepositoryByRef and add GetRepositoryByOwnerAndName

* fix tests

* fix tests bug

* some improvements
2017-12-02 15:34:39 +08:00
Lunny Xiao
62d0a4d882 Add external markup render support (#2570)
* add external markup render support

* bug fixed

* refacotr codes and fix wrong error log

* fix comments and add check to prevent leaks

* add check for config file and improve the example

* check file close error

* use ioutil.TempFile instead uuid

* correct Render -> Parser

* improve warning when incorrect markup setting

* fix typos
2017-11-07 08:33:06 +02:00
Guillaume Dube
8798cf4e3b Set session and indexers' data files rel to AppDataPath (#2192)
* Set session and indexers' data files rel to AppDataPath

The setting AppDataPath is now relative to the working directory.
The session svc's PROVIDER_CONFIG now defaults to AppDataPath/data/sessions.
The issue indexer's IssuePath now defaults to AppDataPath/indexers/issues.bleves.

* fix bug
2017-11-03 10:56:20 +02:00
Lunny Xiao
9ddbbd9d5a improve force push detect when push (#2798) 2017-10-28 22:36:20 +03:00
Lunny Xiao
1739e84ac0 improve protected branch to add whitelist support (#2451)
* improve protected branch to add whitelist support

* fix lint

* fix style check

* fix tests

* fix description on UI and import

* fix test

* bug fixed

* fix tests and languages

* move isSliceInt64Eq to util pkg; improve function names & typo
2017-09-14 16:16:22 +08:00
Lunny Xiao
f960e19c59 Only update needed columns when update user (#2296)
* only update needed columns when update user

* fix missing update_unix column
2017-08-12 22:18:44 +08:00
Jonas Östanbäck
b1b8c5e9f4 Set TMPDIR enviroment variable for dump command (#1915) 2017-06-08 19:24:15 -05:00
Bo-Yi Wu
703d18e50d feat: add check misspelling (#1877) 2017-06-05 02:49:46 -05:00
Lunny Xiao
6362462da8
fix admin lost permission caused by #947 2017-05-19 08:59:26 +08:00
Lunny Xiao
fd6034aaf2 Add units to team (#947)
* add units to team

* fix lint

* finish team setting backend

* finished permission controll on routes

* fix import blank line

* add unit check on ssh/http pull and push and fix test failed

* fix fixtures data

* remove unused code
2017-05-18 22:54:24 +08:00
Lunny Xiao
930d1759ae Remove env user salt since no need to use (#1515)
* remove env user salt since no need to use

* remove unused variable from update.go
2017-05-06 21:21:22 +08:00
Lunny Xiao
1773e88643 Drop db operations from hook commands (#1514)
* move all database operations from hook command to web command and instead of internal routes

* bug fixed

* adjust the import path sequences

* remove unused return value on hookSetup
2017-05-04 13:42:02 +08:00
Ethan Koenig
c58708d3ee Integration test framework (#1290)
* Integration test framework

* udpate drone sign

* Formatting fixes and move router.go to routers/

* update sign for drone
2017-04-25 15:24:51 +08:00
Lunny Xiao
42072783c9 support health check via / and fix #969 (#1520) 2017-04-20 20:14:21 +08:00
Bo-Yi Wu
fa2a513c62 feat: add download count field and unit testing for attachment. (#1512)
* feat: add download count field and unit testing.

* fix: unit testing

* refactor: improve testing.

* fix: update comment

* add default value.

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2017-04-20 10:31:31 +08:00
Lunny Xiao
2eeae84cbd Add internal routes for ssh hook comands (#1471)
* add internal routes for ssh hook comands

* fix lint

* add comment on why package named private not internal but the route name is internal

* add comment above package private why package named private not internal but the route name is internal

* remove exp time on internal access

* move routes from /internal to /api/internal

* add comment and defer on UpdatePublicKeyUpdated
2017-04-19 11:45:01 +08:00
Lauris BH
f42ec6120e Better URL validation (#1507)
* Add correct git branch name validation

* Change git refname validation error constant name

* Implement URL validation based on GoLang url.Parse method

* Backward compatibility with older Go compiler

* Add git reference name validation unit tests

* Remove unused variable in unit test

* Implement URL validation based on GoLang url.Parse method

* Backward compatibility with older Go compiler

* Add url validation unit tests
2017-04-19 11:02:20 +08:00
Bo-Yi Wu
22295944df refactor: show command help message. (#1486) 2017-04-12 15:44:54 +08:00
Lunny Xiao
5c0bee9b20 refactor update ssh key use time (#1466) 2017-04-07 17:40:38 -07:00
Andrey Nering
b674460748 Add watch button on issue 2017-03-29 20:31:47 -03:00
Sandro Santilli
129b0d6a4b Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION (#1369)
* Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION

Omit the configuration variable (the default) to be dependent.
Fixes #1363

* Move OpenID settings under Service object

* Show OpenID SignUp and SignIn status in admin panel / configuration
2017-03-29 18:57:43 +08:00
Pavel Korovin
ae9b02b079 Fix FCGI (over TCP) support (#1368) 2017-03-23 15:57:43 +08:00