* Properly fix#7127
Although #7300 properly shadows the password from the virtual session
provider, the template displaying the provider config still presumed
that the config was JSON.
This PR updates the template and properly hides the Virtual Session
provider.
Fixes#7127
* update per @silverwind's suggestion
* Add single sign-on support via SSPI on Windows
* Ensure plugins implement interface
* Ensure plugins implement interface
* Move functions used only by the SSPI auth method to sspi_windows.go
* Field SSPISeparatorReplacement of AuthenticationForm should not be required via binding, as binding will insist the field is non-empty even if another login type is selected
* Fix breaking of oauth authentication on download links. Do not create new session with SSPI authentication on download links.
* Update documentation for the new 'SPNEGO with SSPI' login source
* Mention in documentation that ROOT_URL should contain the FQDN of the server
* Make sure that Contexter is not checking for active login sources when the ORM engine is not initialized (eg. when installing)
* Always initialize and free SSO methods, even if they are not enabled, as a method can be activated while the app is running (from Authentication sources)
* Add option in SSPIConfig for removing of domains from logon names
* Update helper text for StripDomainNames option
* Make sure handleSignIn() is called after a new user object is created by SSPI auth method
* Remove default value from text of form field helper
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Remove default value from text of form field helper
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Remove default value from text of form field helper
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Only make a query to the DB to check if SSPI is enabled on handlers that need that information for templates
* Remove code duplication
* Log errors in ActiveLoginSources
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Revert suffix of randomly generated E-mails for Reverse proxy authentication
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Revert unneeded white-space change in template
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Add copyright comments at the top of new files
* Use loopback name for randomly generated emails
* Add locale tag for the SSPISeparatorReplacement field with proper casing
* Revert casing of SSPISeparatorReplacement field in locale file, moving it up, next to other form fields
* Update docs/content/doc/features/authentication.en-us.md
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Remove Priority() method and define the order in which SSO auth methods should be executed in one place
* Log authenticated username only if it's not empty
* Rephrase helper text for automatic creation of users
* Return error if more than one active SSPI auth source is found
* Change newUser() function to return error, letting caller log/handle the error
* Move isPublicResource, isPublicPage and handleSignIn functions outside SSPI auth method to allow other SSO methods to reuse them if needed
* Refactor initialization of the list containing SSO auth methods
* Validate SSPI settings on POST
* Change SSPI to only perform authentication on its own login page, API paths and download links. Leave Toggle middleware to redirect non authenticated users to login page
* Make 'Default language' in SSPI config empty, unless changed by admin
* Show error if admin tries to add a second authentication source of type SSPI
* Simplify declaration of global variable
* Rebuild gitgraph.js on Linux
* Make sure config values containing only whitespace are not accepted
* move semantic.dropdown.custom.js to webpack
Also disabled a annoying linter rule which insisted that imports can not
contain a file extension.
Fixes: https://github.com/go-gitea/gitea/issues/8971
* reorganize web_src files and rebuild
* restart ci
* Add USE_SERVICE_WORKER setting
This will be very useful setting for anyone doing frontend work.
Fixes: https://github.com/go-gitea/gitea/issues/9044
* prevent potential syntax error on old browsers
* FIX: getIssueWatchers() get only aktive suscriber
* save query to work later with it or not ...
* fix test + add new case
* corect tests + GetIssueWatch
* API issue_subscripton: Put/Delete require tocken
* remove redundant code
* swagger specify return value
* remove unused binding
* remove note
because I'll implement this in a different way and in another PR
* ID should be unique!
* use xorm session
* Revert "use xorm session"
This reverts commit c1de540147.
* better test code
* more acurate comments
* use assert.False/True instead of Equal
* use more assert methodes
* Add team permission setting to allow creating repo in organization.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add test case for creating repo when have team creation access.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* build error: should omit comparison to bool constant
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add comment on exported functions
* Fix fixture consistency, fix existing unit tests
* Fix boolean comparison in xorm query.
* addCollaborator and changeCollaborationAccessMode separate steps
More clear to use different if-cases.
* Create and commit xorm session
* fix
* Add information of create repo permission in team sidebar
* Add migration step
* Clarify that repository creator will be administrator.
* Fix some things after merge
* Fix language text that use html
* migrations file
* Create repository permission -> Create repositories
* fix merge
* fix review comments
- moved gitgraph.js to web_src and made it importable and es6-compatible
- created new webpack chunk for gitgraph
- enabled CSS loader in webpack
- enabled async/await syntax via regenerator-runtime
- added script to ensure webpack chunks are loaded correctly
- disable terser's comment extraction to prevent .LICENCE files
gitgraph.js has many issues:
1. it is incompatible with ES6 because of strict-mode violations
1. it does not export anything
1. it's css has weird styles like for `body`
1. it is not available on npm
I fixed points 1-3 in our version so it's now loadable in webpack. We should eventually consider alternatives.
* Add add 'write' 'preview' buttons to wiki edit like in issues
affects #6975
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* update dark theme
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* fix css lint warnings - missing spaces
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* hide preview button on no fullscreen toolbar
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* Fix broken link to branch from issue list
* Update templates/repo/issue/list.tmpl
Co-Authored-By: mrsdizzie <info@mrsdizzie.com>
* apply @mrsdizzie's review
* Update dashboard context for PR reviews
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Update options/locale/locale_en-US.ini
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Only append head action if it has content or is approval/rejection
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Update options/locale/locale_en-US.ini
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Allow to add and remove all repositories to team.
* Change style, buttons on same row.
* Apply suggestions from code review
Grammar
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Move set num repos to lower function.
* Make general language sentences
* js: Import Semantic-UI's dropdown.js (version 2.3.1)
* js: Set tabindex=-1 on dropdown items
Setting tabindex=-1 on focusable elements within dropdown menus allows
the user to treat dropdown menus as a single focusable item with its own
internal navigation using arrow keys.
* js: Don't use jQuery to click menu items
Menu items are often <a> elements, which jQuery refuses to trigger click
events on. Instead it just bubbles up to the menu.
Using HTMLElement's click method fixes this and makes menu items
clickable from the keyboard using dropdown menus.
* js: Set correct ARIA 1.1 roles on dropdown menus
Setting role= makes assistive technology aware there is a widget here.
In this case, Orca will now exit browse mode and allow us to capture
keydown events when focused on a dropdown menu. It will also inform the
user that there's a menu focused.
Since dropdowns can be used in multiple elements each with different
ARIA roles, a guessRole method is used to find the correct role.
All roles I consider possible are listed, but only menu is implemented.
* js: Set aria-expanded when dropdown menus show and hide
This is deliberately done before the transition finishes so that screen
readers get immediate feedback.
* js: Set aria-label or aria-labelledby on dropdown menus
This makes dropdown menu buttons screen reader accessible.
aria-labelledby refers to an element using an ID, so the chosen labels
are now assigned a unique ID- This ID is not stable, do not refer to it
with user scripts.
* js: Set aria-activedescendant on dropdown menus
As the menus grab focus and navigate by tracking a 'selected' div class,
assistive technology has no idea that what the current selection is.
Assign IDs to each menu item and set aria-activedescendant to the ID of
the currently selected menu item.
When the menu is unfocused, remove aria-activedescendant- This isn't
neccessary but in my experience it triggers Orca to remind the user of
their current selection when re-focusing the menu.
* Makefile: Make eslint ignore semantic.dropdown.js
This file is taken from Semantic UI which isn't linted upstream.
Ignore it as we won't fix these issues.
* js: Add version note to semantic.dropdown.js
* Add Md5 AppVer to templates/base/footer.tmpl
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Add Md5 AppVer to templates/pwa/serviceworker_js.tmpl
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* semantic.dropdown.js -> semantic.dropdown.custom.js
* Use eslintignore
* remove bogus submodule
* Show due date in dashboard issues list
Include due date when vieiwiing all issues on dashboard (matching what
we show for repo issue lists).
Fixes#8859
* Put in same order as repo issue list
* Add suggested changes and also update repo issue list to match
* Add template capability for issue mail subject
* Remove test string
* Fix trim subject length
* Add comment to template and run make fmt
* Add information for the template
* Rename defaultMailSubject() to fallbackMailSubject()
* General rewrite of the mail template code
* Fix .Doer name
* Use text/template for subject instead of html
* Fix subject Re: prefix
* Fix mail tests
* Fix static templates
* [skip ci] Updated translations via Crowdin
* Expose db.SetMaxOpenConns and allow non MySQL dbs to set conn pool params (#8528)
* Expose db.SetMaxOpenConns and allow other dbs to set their connection params
* Add note about port exhaustion
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Prevent .code-view from overriding font on icon fonts (#8614)
* Correct some outdated statements in the contributing guidelines (#8612)
* More information for drone-cli in CONTRIBUTING.md
* Increases the version of drone-cli to 1.2.0
* Adds a note for the Docker Toolbox on Windows
Signed-off-by: LukBukkit <luk.bukkit@gmail.com>
* Fix the url for the blog repository (now on gitea.com)
Signed-off-by: LukBukkit <luk.bukkit@gmail.com>
* Remove TrN due to lack of lang context
* Redo templates to match previous code
* Fix extra character in template
* Unify PR & Issue tempaltes, fix format
* Remove default subject
* Add template tests
* Fix template
* Remove replaced function
* Provide User as models.User for better consistency
* Add docs
* Fix doc inaccuracies, improve examples
* Change mail footer to math AppName
* Add test for mail subject/body template separation
* Add support for code review comments
* Update docs/content/doc/advanced/mail-templates-us.md
Co-Authored-By: 6543 <24977596+6543@users.noreply.github.com>
* Add field IsAllRepositories to team
* Add AllRepositories to team UI
* Manage team with access to all repositories
* Add field IsAllRepositories to team API
* put backticks around table/column names
* rename IsAllRepositories to IncludesAllRepositories
* do not reload slice if already loaded
* add repo to teams with access to all repositories when changing repo owner
* improve tests for teams with access to all repositories
* Merge branch 'master'
* Change code for adding all repositories
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* fmt after merge
* Change code in API EditTeam similar to EditTeamPost web interface
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Clarify that all repositories will be added
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* All repositories option under Permissions headline
* New setting group 'Repository access'
* Move check IncludeAllRepositories to removeRepository.
* Revert "Move check IncludeAllRepositories to removeRepository." and add comment instead.
This reverts commit 753b7d205b.
* Clarify help text what options do.
* Handle deadline is zero (to remove deadline)
* Better API documentation for issue deadline.
* Add parameter to unset due date.
* Update pull edit API comment
* add issue subscriber API
* subscribers return []user.APIFormat
* add comments
* more meaningfull description
* without "reqToken()" api works ...
* should be still secure beause ctx.user has to be there or nothing will hapen
* FIX: getIssueWatchers() get only aktive suscriber
* add return avter error on right position
* Revert "FIX: getIssueWatchers() get only aktive suscriber"
This reverts commit 5eca929185.
* Update routers/api/v1/repo/issue.go
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* test go linter again
* update swagger
* GetIssueWatchers -> GetIssueSubscribers
part one
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* GetIssueWatchers -> GetIssueSubscribers
part two
* Revert "test go linter again"
This reverts commit bab1235622.
* change description for unsubscribe too
* golangci-lint timeout avter 5min
* move issueSubscription to seperate file
* dont create black entitys
* use IsWatching until refactoring
* Update License Info
* better swagger description
* Update .golangci.yml
because functions moved from issue.go to issue_subscription.go
* add IssueWatchList type
* batch tasks
* use e Engien
* add error handling
* error should be the last type when returning multiple items
* short version
* reurn empy UserList instead of nil
* in progress changes for #7405, added ability to add cross-repo dependencies
* removed unused repolink var
* fixed query that was breaking ci tests; fixed check in issue dependency add so that the id of the issue and dependency is checked rather than the indexes
* reverted removal of string in local files becasue these are done via crowdin, not updated manually
* removed 'Select("issue.*")' from getBlockedByDependencies and getBlockingDependencies based on comments in PR review
* changed getBlockedByDependencies and getBlockingDependencies to use a more xorm-like query, also updated the sidebar as a result
* simplified the getBlockingDependencies and getBlockedByDependencies methods; changed the sidebar to show the dependencies in a different format where you can see the name of the repository
* made some changes to the issue view in the dependencies (issue name on top, repo full name on separate line). Change view of issue in the dependency search results (also showing the full repo name on separate line)
* replace call to FindUserAccessibleRepoIDs with SearchRepositoryByName. The former was hardcoded to use isPrivate = false on the repo search, but this code needed it to be true. The SearchRepositoryByName method is used more in the code including on the user's dashboard
* some more tweaks to the layout of the issues when showing dependencies and in the search box when you add new dependencies
* added Name to the RepositoryMeta struct
* updated swagger doc
* fixed total count for link header on SearchIssues
* fixed indentation
* fixed aligment of remove icon on dependencies in issue sidebar
* removed unnecessary nil check (unnecessary because issue.loadRepo is called prior to this block)
* reverting .css change, somehow missed or forgot that less is used
* updated less file and generated css; updated sidebar template with styles to line up delete and issue index
* added ordering to the blocked by/depends on queries
* fixed sorting in issue dependency search and the depends on/blocks views to show issues from the current repo first, then by created date descending; added a "all cross repository dependencies" setting to allow this feature to be turned off, if turned off, the issue dependency search will work the way it did before (restricted to the current repository)
* re-applied my swagger changes after merge
* fixed split string condition in issue search
* changed ALLOW_CROSS_REPOSITORY_DEPENDENCIES description to sound more global than just the issue dependency search; returning 400 in the cross repo issue search api method if not enabled; fixed bug where the issue count did not respect the state parameter
* when adding a dependency to an issue, added a check to make sure the issue and dependency are in the same repo if cross repo dependencies is not enabled
* updated sortIssuesSession call in PullRequests, another commit moved this method from pull.go to pull_list.go so I had to re-apply my change here
* fixed incorrect setting of user id parameter in search repos call
* 'update'
* Send push tag event when release created
* send tag create event while release created in UI
* update to go v1.13
* fix gofmt error
* fix#8576 create pull request on current repository by default