From d6d3c96e6555fc91b3e2ef21f4d8d7475564bb3e Mon Sep 17 00:00:00 2001 From: Lunny Xiao Date: Tue, 8 Oct 2024 17:51:09 +0800 Subject: [PATCH 01/27] Fix bug when a token is given public only (#32204) --- models/user/user.go | 4 + routers/api/packages/api.go | 14 +++ routers/api/v1/api.go | 135 ++++++++++++++-------- routers/api/v1/org/org.go | 2 +- routers/api/v1/repo/issue.go | 2 +- routers/api/v1/repo/repo.go | 7 +- routers/api/v1/user/user.go | 6 + services/context/api.go | 7 +- tests/integration/api_issue_test.go | 34 ++++++ tests/integration/api_repo_branch_test.go | 11 +- tests/integration/api_user_search_test.go | 13 +++ 11 files changed, 178 insertions(+), 57 deletions(-) diff --git a/models/user/user.go b/models/user/user.go index f93fba8ae0..d5c4833cde 100644 --- a/models/user/user.go +++ b/models/user/user.go @@ -408,6 +408,10 @@ func (u *User) IsIndividual() bool { return u.Type == UserTypeIndividual } +func (u *User) IsUser() bool { + return u.Type == UserTypeIndividual || u.Type == UserTypeBot +} + // IsBot returns whether or not the user is of type bot func (u *User) IsBot() bool { return u.Type == UserTypeBot diff --git a/routers/api/packages/api.go b/routers/api/packages/api.go index 0f42e8f59e..d17e4875b1 100644 --- a/routers/api/packages/api.go +++ b/routers/api/packages/api.go @@ -63,6 +63,20 @@ func reqPackageAccess(accessMode perm.AccessMode) func(ctx *context.Context) { ctx.Error(http.StatusUnauthorized, "reqPackageAccess", "user should have specific permission or be a site admin") return } + + // check if scope only applies to public resources + publicOnly, err := scope.PublicOnly() + if err != nil { + ctx.Error(http.StatusForbidden, "tokenRequiresScope", "parsing public resource scope failed: "+err.Error()) + return + } + + if publicOnly { + if ctx.Package != nil && ctx.Package.Owner.Visibility.IsPrivate() { + ctx.Error(http.StatusForbidden, "reqToken", "token scope is limited to public packages") + return + } + } } } diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go index 5aa8ad44e5..883e694e44 100644 --- a/routers/api/v1/api.go +++ b/routers/api/v1/api.go @@ -235,6 +235,62 @@ func reqPackageAccess(accessMode perm.AccessMode) func(ctx *context.APIContext) } } +func checkTokenPublicOnly() func(ctx *context.APIContext) { + return func(ctx *context.APIContext) { + if !ctx.PublicOnly { + return + } + + requiredScopeCategories, ok := ctx.Data["requiredScopeCategories"].([]auth_model.AccessTokenScopeCategory) + if !ok || len(requiredScopeCategories) == 0 { + return + } + + // public Only permission check + switch { + case auth_model.ContainsCategory(requiredScopeCategories, auth_model.AccessTokenScopeCategoryRepository): + if ctx.Repo.Repository != nil && ctx.Repo.Repository.IsPrivate { + ctx.Error(http.StatusForbidden, "reqToken", "token scope is limited to public repos") + return + } + case auth_model.ContainsCategory(requiredScopeCategories, auth_model.AccessTokenScopeCategoryIssue): + if ctx.Repo.Repository != nil && ctx.Repo.Repository.IsPrivate { + ctx.Error(http.StatusForbidden, "reqToken", "token scope is limited to public issues") + return + } + case auth_model.ContainsCategory(requiredScopeCategories, auth_model.AccessTokenScopeCategoryOrganization): + if ctx.Org.Organization != nil && ctx.Org.Organization.Visibility != api.VisibleTypePublic { + ctx.Error(http.StatusForbidden, "reqToken", "token scope is limited to public orgs") + return + } + if ctx.ContextUser != nil && ctx.ContextUser.IsOrganization() && ctx.ContextUser.Visibility != api.VisibleTypePublic { + ctx.Error(http.StatusForbidden, "reqToken", "token scope is limited to public orgs") + return + } + case auth_model.ContainsCategory(requiredScopeCategories, auth_model.AccessTokenScopeCategoryUser): + if ctx.ContextUser != nil && ctx.ContextUser.IsUser() && ctx.ContextUser.Visibility != api.VisibleTypePublic { + ctx.Error(http.StatusForbidden, "reqToken", "token scope is limited to public users") + return + } + case auth_model.ContainsCategory(requiredScopeCategories, auth_model.AccessTokenScopeCategoryActivityPub): + if ctx.ContextUser != nil && ctx.ContextUser.IsUser() && ctx.ContextUser.Visibility != api.VisibleTypePublic { + ctx.Error(http.StatusForbidden, "reqToken", "token scope is limited to public activitypub") + return + } + case auth_model.ContainsCategory(requiredScopeCategories, auth_model.AccessTokenScopeCategoryNotification): + if ctx.Repo.Repository != nil && ctx.Repo.Repository.IsPrivate { + ctx.Error(http.StatusForbidden, "reqToken", "token scope is limited to public notifications") + return + } + case auth_model.ContainsCategory(requiredScopeCategories, auth_model.AccessTokenScopeCategoryPackage): + if ctx.Package != nil && ctx.Package.Owner.Visibility.IsPrivate() { + ctx.Error(http.StatusForbidden, "reqToken", "token scope is limited to public packages") + return + } + } + } +} + // if a token is being used for auth, we check that it contains the required scope // if a token is not being used, reqToken will enforce other sign in methods func tokenRequiresScopes(requiredScopeCategories ...auth_model.AccessTokenScopeCategory) func(ctx *context.APIContext) { @@ -250,9 +306,6 @@ func tokenRequiresScopes(requiredScopeCategories ...auth_model.AccessTokenScopeC return } - ctx.Data["ApiTokenScopePublicRepoOnly"] = false - ctx.Data["ApiTokenScopePublicOrgOnly"] = false - // use the http method to determine the access level requiredScopeLevel := auth_model.Read if ctx.Req.Method == "POST" || ctx.Req.Method == "PUT" || ctx.Req.Method == "PATCH" || ctx.Req.Method == "DELETE" { @@ -261,6 +314,18 @@ func tokenRequiresScopes(requiredScopeCategories ...auth_model.AccessTokenScopeC // get the required scope for the given access level and category requiredScopes := auth_model.GetRequiredScopes(requiredScopeLevel, requiredScopeCategories...) + allow, err := scope.HasScope(requiredScopes...) + if err != nil { + ctx.Error(http.StatusForbidden, "tokenRequiresScope", "checking scope failed: "+err.Error()) + return + } + + if !allow { + ctx.Error(http.StatusForbidden, "tokenRequiresScope", fmt.Sprintf("token does not have at least one of required scope(s): %v", requiredScopes)) + return + } + + ctx.Data["requiredScopeCategories"] = requiredScopeCategories // check if scope only applies to public resources publicOnly, err := scope.PublicOnly() @@ -269,21 +334,8 @@ func tokenRequiresScopes(requiredScopeCategories ...auth_model.AccessTokenScopeC return } - // this context is used by the middleware in the specific route - ctx.Data["ApiTokenScopePublicRepoOnly"] = publicOnly && auth_model.ContainsCategory(requiredScopeCategories, auth_model.AccessTokenScopeCategoryRepository) - ctx.Data["ApiTokenScopePublicOrgOnly"] = publicOnly && auth_model.ContainsCategory(requiredScopeCategories, auth_model.AccessTokenScopeCategoryOrganization) - - allow, err := scope.HasScope(requiredScopes...) - if err != nil { - ctx.Error(http.StatusForbidden, "tokenRequiresScope", "checking scope failed: "+err.Error()) - return - } - - if allow { - return - } - - ctx.Error(http.StatusForbidden, "tokenRequiresScope", fmt.Sprintf("token does not have at least one of required scope(s): %v", requiredScopes)) + // assign to true so that those searching should only filter public repositories/users/organizations + ctx.PublicOnly = publicOnly } } @@ -295,25 +347,6 @@ func reqToken() func(ctx *context.APIContext) { return } - if true == ctx.Data["IsApiToken"] { - publicRepo, pubRepoExists := ctx.Data["ApiTokenScopePublicRepoOnly"] - publicOrg, pubOrgExists := ctx.Data["ApiTokenScopePublicOrgOnly"] - - if pubRepoExists && publicRepo.(bool) && - ctx.Repo.Repository != nil && ctx.Repo.Repository.IsPrivate { - ctx.Error(http.StatusForbidden, "reqToken", "token scope is limited to public repos") - return - } - - if pubOrgExists && publicOrg.(bool) && - ctx.Org.Organization != nil && ctx.Org.Organization.Visibility != api.VisibleTypePublic { - ctx.Error(http.StatusForbidden, "reqToken", "token scope is limited to public orgs") - return - } - - return - } - if ctx.IsSigned { return } @@ -879,11 +912,11 @@ func Routes() *web.Router { m.Group("/user/{username}", func() { m.Get("", activitypub.Person) m.Post("/inbox", activitypub.ReqHTTPSignature(), activitypub.PersonInbox) - }, context.UserAssignmentAPI()) + }, context.UserAssignmentAPI(), checkTokenPublicOnly()) m.Group("/user-id/{user-id}", func() { m.Get("", activitypub.Person) m.Post("/inbox", activitypub.ReqHTTPSignature(), activitypub.PersonInbox) - }, context.UserIDAssignmentAPI()) + }, context.UserIDAssignmentAPI(), checkTokenPublicOnly()) }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryActivityPub)) } @@ -939,7 +972,7 @@ func Routes() *web.Router { }, reqSelfOrAdmin(), reqBasicOrRevProxyAuth()) m.Get("/activities/feeds", user.ListUserActivityFeeds) - }, context.UserAssignmentAPI(), individualPermsChecker) + }, context.UserAssignmentAPI(), checkTokenPublicOnly(), individualPermsChecker) }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser)) // Users (requires user scope) @@ -957,7 +990,7 @@ func Routes() *web.Router { m.Get("/starred", user.GetStarredRepos) m.Get("/subscriptions", user.GetWatchedRepos) - }, context.UserAssignmentAPI()) + }, context.UserAssignmentAPI(), checkTokenPublicOnly()) }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser), reqToken()) // Users (requires user scope) @@ -1044,7 +1077,7 @@ func Routes() *web.Router { m.Get("", user.IsStarring) m.Put("", user.Star) m.Delete("", user.Unstar) - }, repoAssignment()) + }, repoAssignment(), checkTokenPublicOnly()) }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryRepository)) m.Get("/times", repo.ListMyTrackedTimes) m.Get("/stopwatches", repo.GetStopwatches) @@ -1069,18 +1102,20 @@ func Routes() *web.Router { m.Get("", user.CheckUserBlock) m.Put("", user.BlockUser) m.Delete("", user.UnblockUser) - }, context.UserAssignmentAPI()) + }, context.UserAssignmentAPI(), checkTokenPublicOnly()) }) }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser), reqToken()) // Repositories (requires repo scope, org scope) m.Post("/org/{org}/repos", + // FIXME: we need org in context tokenRequiresScopes(auth_model.AccessTokenScopeCategoryOrganization, auth_model.AccessTokenScopeCategoryRepository), reqToken(), bind(api.CreateRepoOption{}), repo.CreateOrgRepoDeprecated) // requires repo scope + // FIXME: Don't expose repository id outside of the system m.Combo("/repositories/{id}", reqToken(), tokenRequiresScopes(auth_model.AccessTokenScopeCategoryRepository)).Get(repo.GetByID) // Repos (requires repo scope) @@ -1334,7 +1369,7 @@ func Routes() *web.Router { m.Post("", bind(api.UpdateRepoAvatarOption{}), repo.UpdateAvatar) m.Delete("", repo.DeleteAvatar) }, reqAdmin(), reqToken()) - }, repoAssignment()) + }, repoAssignment(), checkTokenPublicOnly()) }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryRepository)) // Notifications (requires notifications scope) @@ -1343,7 +1378,7 @@ func Routes() *web.Router { m.Combo("/notifications", reqToken()). Get(notify.ListRepoNotifications). Put(notify.ReadRepoNotifications) - }, repoAssignment()) + }, repoAssignment(), checkTokenPublicOnly()) }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryNotification)) // Issue (requires issue scope) @@ -1457,7 +1492,7 @@ func Routes() *web.Router { Patch(reqToken(), reqRepoWriter(unit.TypeIssues, unit.TypePullRequests), bind(api.EditMilestoneOption{}), repo.EditMilestone). Delete(reqToken(), reqRepoWriter(unit.TypeIssues, unit.TypePullRequests), repo.DeleteMilestone) }) - }, repoAssignment()) + }, repoAssignment(), checkTokenPublicOnly()) }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryIssue)) // NOTE: these are Gitea package management API - see packages.CommonRoutes and packages.DockerContainerRoutes for endpoints that implement package manager APIs @@ -1468,14 +1503,14 @@ func Routes() *web.Router { m.Get("/files", reqToken(), packages.ListPackageFiles) }) m.Get("/", reqToken(), packages.ListPackages) - }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryPackage), context.UserAssignmentAPI(), context.PackageAssignmentAPI(), reqPackageAccess(perm.AccessModeRead)) + }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryPackage), context.UserAssignmentAPI(), context.PackageAssignmentAPI(), reqPackageAccess(perm.AccessModeRead), checkTokenPublicOnly()) // Organizations m.Get("/user/orgs", reqToken(), tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser, auth_model.AccessTokenScopeCategoryOrganization), org.ListMyOrgs) m.Group("/users/{username}/orgs", func() { m.Get("", reqToken(), org.ListUserOrgs) m.Get("/{org}/permissions", reqToken(), org.GetUserOrgsPermissions) - }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser, auth_model.AccessTokenScopeCategoryOrganization), context.UserAssignmentAPI()) + }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser, auth_model.AccessTokenScopeCategoryOrganization), context.UserAssignmentAPI(), checkTokenPublicOnly()) m.Post("/orgs", tokenRequiresScopes(auth_model.AccessTokenScopeCategoryOrganization), reqToken(), bind(api.CreateOrgOption{}), org.Create) m.Get("/orgs", org.GetAll, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryOrganization)) m.Group("/orgs/{org}", func() { @@ -1533,7 +1568,7 @@ func Routes() *web.Router { m.Delete("", org.UnblockUser) }) }, reqToken(), reqOrgOwnership()) - }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryOrganization), orgAssignment(true)) + }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryOrganization), orgAssignment(true), checkTokenPublicOnly()) m.Group("/teams/{teamid}", func() { m.Combo("").Get(reqToken(), org.GetTeam). Patch(reqToken(), reqOrgOwnership(), bind(api.EditTeamOption{}), org.EditTeam). @@ -1553,7 +1588,7 @@ func Routes() *web.Router { Get(reqToken(), org.GetTeamRepo) }) m.Get("/activities/feeds", org.ListTeamActivityFeeds) - }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryOrganization), orgAssignment(false, true), reqToken(), reqTeamMembership()) + }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryOrganization), orgAssignment(false, true), reqToken(), reqTeamMembership(), checkTokenPublicOnly()) m.Group("/admin", func() { m.Group("/cron", func() { diff --git a/routers/api/v1/org/org.go b/routers/api/v1/org/org.go index e848d95181..9e58746272 100644 --- a/routers/api/v1/org/org.go +++ b/routers/api/v1/org/org.go @@ -191,7 +191,7 @@ func GetAll(ctx *context.APIContext) { // "$ref": "#/responses/OrganizationList" vMode := []api.VisibleType{api.VisibleTypePublic} - if ctx.IsSigned { + if ctx.IsSigned && !ctx.PublicOnly { vMode = append(vMode, api.VisibleTypeLimited) if ctx.Doer.IsAdmin { vMode = append(vMode, api.VisibleTypePrivate) diff --git a/routers/api/v1/repo/issue.go b/routers/api/v1/repo/issue.go index c1218440e5..d8c39b0f69 100644 --- a/routers/api/v1/repo/issue.go +++ b/routers/api/v1/repo/issue.go @@ -149,7 +149,7 @@ func SearchIssues(ctx *context.APIContext) { Actor: ctx.Doer, } if ctx.IsSigned { - opts.Private = true + opts.Private = !ctx.PublicOnly opts.AllLimited = true } if ctx.FormString("owner") != "" { diff --git a/routers/api/v1/repo/repo.go b/routers/api/v1/repo/repo.go index 6c1a94ee16..4638e2ba5c 100644 --- a/routers/api/v1/repo/repo.go +++ b/routers/api/v1/repo/repo.go @@ -129,6 +129,11 @@ func Search(ctx *context.APIContext) { // "422": // "$ref": "#/responses/validationError" + private := ctx.IsSigned && (ctx.FormString("private") == "" || ctx.FormBool("private")) + if ctx.PublicOnly { + private = false + } + opts := &repo_model.SearchRepoOptions{ ListOptions: utils.GetListOptions(ctx), Actor: ctx.Doer, @@ -138,7 +143,7 @@ func Search(ctx *context.APIContext) { TeamID: ctx.FormInt64("team_id"), TopicOnly: ctx.FormBool("topic"), Collaborate: optional.None[bool](), - Private: ctx.IsSigned && (ctx.FormString("private") == "" || ctx.FormBool("private")), + Private: private, Template: optional.None[bool](), StarredByID: ctx.FormInt64("starredBy"), IncludeDescription: ctx.FormBool("includeDesc"), diff --git a/routers/api/v1/user/user.go b/routers/api/v1/user/user.go index 2c277a18c7..a9011427fb 100644 --- a/routers/api/v1/user/user.go +++ b/routers/api/v1/user/user.go @@ -9,6 +9,7 @@ import ( activities_model "code.gitea.io/gitea/models/activities" user_model "code.gitea.io/gitea/models/user" + "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/routers/api/v1/utils" "code.gitea.io/gitea/services/context" "code.gitea.io/gitea/services/convert" @@ -67,12 +68,17 @@ func Search(ctx *context.APIContext) { maxResults = 1 users = []*user_model.User{user_model.NewActionsUser()} default: + var visible []structs.VisibleType + if ctx.PublicOnly { + visible = []structs.VisibleType{structs.VisibleTypePublic} + } users, maxResults, err = user_model.SearchUsers(ctx, &user_model.SearchUserOptions{ Actor: ctx.Doer, Keyword: ctx.FormTrim("q"), UID: uid, Type: user_model.UserTypeIndividual, SearchByEmail: true, + Visible: visible, ListOptions: listOptions, }) if err != nil { diff --git a/services/context/api.go b/services/context/api.go index 84da526e74..00cfd6afd9 100644 --- a/services/context/api.go +++ b/services/context/api.go @@ -35,9 +35,10 @@ type APIContext struct { ContextUser *user_model.User // the user which is being visited, in most cases it differs from Doer - Repo *Repository - Org *APIOrganization - Package *Package + Repo *Repository + Org *APIOrganization + Package *Package + PublicOnly bool // Whether the request is for a public endpoint } func init() { diff --git a/tests/integration/api_issue_test.go b/tests/integration/api_issue_test.go index 8bfb6fabe2..5b9f16ef96 100644 --- a/tests/integration/api_issue_test.go +++ b/tests/integration/api_issue_test.go @@ -75,6 +75,34 @@ func TestAPIListIssues(t *testing.T) { } } +func TestAPIListIssuesPublicOnly(t *testing.T) { + defer tests.PrepareTestEnv(t)() + + repo1 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1}) + owner1 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo1.OwnerID}) + + session := loginUser(t, owner1.Name) + token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadIssue) + link, _ := url.Parse(fmt.Sprintf("/api/v1/repos/%s/%s/issues", owner1.Name, repo1.Name)) + link.RawQuery = url.Values{"state": {"all"}}.Encode() + req := NewRequest(t, "GET", link.String()).AddTokenAuth(token) + MakeRequest(t, req, http.StatusOK) + + repo2 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 2}) + owner2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo2.OwnerID}) + + session = loginUser(t, owner2.Name) + token = getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadIssue) + link, _ = url.Parse(fmt.Sprintf("/api/v1/repos/%s/%s/issues", owner2.Name, repo2.Name)) + link.RawQuery = url.Values{"state": {"all"}}.Encode() + req = NewRequest(t, "GET", link.String()).AddTokenAuth(token) + MakeRequest(t, req, http.StatusOK) + + publicOnlyToken := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadIssue, auth_model.AccessTokenScopePublicOnly) + req = NewRequest(t, "GET", link.String()).AddTokenAuth(publicOnlyToken) + MakeRequest(t, req, http.StatusForbidden) +} + func TestAPICreateIssue(t *testing.T) { defer tests.PrepareTestEnv(t)() const body, title = "apiTestBody", "apiTestTitle" @@ -243,6 +271,12 @@ func TestAPISearchIssues(t *testing.T) { DecodeJSON(t, resp, &apiIssues) assert.Len(t, apiIssues, expectedIssueCount) + publicOnlyToken := getUserToken(t, "user1", auth_model.AccessTokenScopeReadIssue, auth_model.AccessTokenScopePublicOnly) + req = NewRequest(t, "GET", link.String()).AddTokenAuth(publicOnlyToken) + resp = MakeRequest(t, req, http.StatusOK) + DecodeJSON(t, resp, &apiIssues) + assert.Len(t, apiIssues, 15) // 15 public issues + since := "2000-01-01T00:50:01+00:00" // 946687801 before := time.Unix(999307200, 0).Format(time.RFC3339) query.Add("since", since) diff --git a/tests/integration/api_repo_branch_test.go b/tests/integration/api_repo_branch_test.go index b0ac2286c9..63080b308c 100644 --- a/tests/integration/api_repo_branch_test.go +++ b/tests/integration/api_repo_branch_test.go @@ -28,9 +28,13 @@ func TestAPIRepoBranchesPlain(t *testing.T) { repo3 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 3}) user1 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1}) session := loginUser(t, user1.LowerName) - token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository) + // public only token should be forbidden + publicOnlyToken := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopePublicOnly, auth_model.AccessTokenScopeWriteRepository) link, _ := url.Parse(fmt.Sprintf("/api/v1/repos/org3/%s/branches", repo3.Name)) // a plain repo + MakeRequest(t, NewRequest(t, "GET", link.String()).AddTokenAuth(publicOnlyToken), http.StatusForbidden) + + token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository) resp := MakeRequest(t, NewRequest(t, "GET", link.String()).AddTokenAuth(token), http.StatusOK) bs, err := io.ReadAll(resp.Body) assert.NoError(t, err) @@ -42,6 +46,8 @@ func TestAPIRepoBranchesPlain(t *testing.T) { assert.EqualValues(t, "master", branches[1].Name) link2, _ := url.Parse(fmt.Sprintf("/api/v1/repos/org3/%s/branches/test_branch", repo3.Name)) + MakeRequest(t, NewRequest(t, "GET", link2.String()).AddTokenAuth(publicOnlyToken), http.StatusForbidden) + resp = MakeRequest(t, NewRequest(t, "GET", link2.String()).AddTokenAuth(token), http.StatusOK) bs, err = io.ReadAll(resp.Body) assert.NoError(t, err) @@ -49,6 +55,8 @@ func TestAPIRepoBranchesPlain(t *testing.T) { assert.NoError(t, json.Unmarshal(bs, &branch)) assert.EqualValues(t, "test_branch", branch.Name) + MakeRequest(t, NewRequest(t, "POST", link.String()).AddTokenAuth(publicOnlyToken), http.StatusForbidden) + req := NewRequest(t, "POST", link.String()).AddTokenAuth(token) req.Header.Add("Content-Type", "application/json") req.Body = io.NopCloser(bytes.NewBufferString(`{"new_branch_name":"test_branch2", "old_branch_name": "test_branch", "old_ref_name":"refs/heads/test_branch"}`)) @@ -73,6 +81,7 @@ func TestAPIRepoBranchesPlain(t *testing.T) { link3, _ := url.Parse(fmt.Sprintf("/api/v1/repos/org3/%s/branches/test_branch2", repo3.Name)) MakeRequest(t, NewRequest(t, "DELETE", link3.String()), http.StatusNotFound) + MakeRequest(t, NewRequest(t, "DELETE", link3.String()).AddTokenAuth(publicOnlyToken), http.StatusForbidden) MakeRequest(t, NewRequest(t, "DELETE", link3.String()).AddTokenAuth(token), http.StatusNoContent) assert.NoError(t, err) diff --git a/tests/integration/api_user_search_test.go b/tests/integration/api_user_search_test.go index ff4671c54e..e9805a5139 100644 --- a/tests/integration/api_user_search_test.go +++ b/tests/integration/api_user_search_test.go @@ -38,6 +38,19 @@ func TestAPIUserSearchLoggedIn(t *testing.T) { assert.Contains(t, user.UserName, query) assert.NotEmpty(t, user.Email) } + + publicToken := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadUser, auth_model.AccessTokenScopePublicOnly) + req = NewRequestf(t, "GET", "/api/v1/users/search?q=%s", query). + AddTokenAuth(publicToken) + resp = MakeRequest(t, req, http.StatusOK) + results = SearchResults{} + DecodeJSON(t, resp, &results) + assert.NotEmpty(t, results.Data) + for _, user := range results.Data { + assert.Contains(t, user.UserName, query) + assert.NotEmpty(t, user.Email) + assert.True(t, user.Visibility == "public") + } } func TestAPIUserSearchNotLoggedIn(t *testing.T) { From 2e12343fc4ca96a215d6820c4467b619eaa5cbe9 Mon Sep 17 00:00:00 2001 From: cloudchamb3r Date: Wed, 9 Oct 2024 02:27:05 +0900 Subject: [PATCH 02/27] Add null check for responseData.invalidTopics (#32212) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Screenshot 2024-10-08 at 10 49 10 AM `responseData.invalidTopics` can be null but it wasn't handled. --- web_src/js/features/repo-home.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web_src/js/features/repo-home.ts b/web_src/js/features/repo-home.ts index f3e39ddb3c..ed1415d286 100644 --- a/web_src/js/features/repo-home.ts +++ b/web_src/js/features/repo-home.ts @@ -60,7 +60,7 @@ export function initRepoTopicBar() { // how to test: input topic like " invalid topic " (with spaces), and select it from the list, then "Save" const responseData = await response.json(); lastErrorToast = showErrorToast(responseData.message, {duration: 5000}); - if (responseData.invalidTopics.length > 0) { + if (responseData.invalidTopics && responseData.invalidTopics.length > 0) { const {invalidTopics} = responseData; const topicLabels = queryElemChildren(topicDropdown, 'a.ui.label'); for (const [index, value] of topics.split(',').entries()) { From f9a9b08896fe6fa88331fd58a1767e3981a79a8d Mon Sep 17 00:00:00 2001 From: GiteaBot Date: Wed, 9 Oct 2024 00:31:01 +0000 Subject: [PATCH 03/27] [skip ci] Updated translations via Crowdin --- options/locale/locale_fr-FR.ini | 6 +- options/locale/locale_ga-IE.ini | 481 ++++++++++++++++++++++++++++++++ 2 files changed, 486 insertions(+), 1 deletion(-) diff --git a/options/locale/locale_fr-FR.ini b/options/locale/locale_fr-FR.ini index e64c85b7a4..f58ce74564 100644 --- a/options/locale/locale_fr-FR.ini +++ b/options/locale/locale_fr-FR.ini @@ -580,6 +580,8 @@ lang_select_error=Sélectionnez une langue dans la liste. username_been_taken=Le nom d'utilisateur est déjà pris. username_change_not_local_user=Les utilisateurs non-locaux n'ont pas le droit de modifier leur nom d'utilisateur. +change_username_disabled=Le changement de nom d’utilisateur est désactivé. +change_full_name_disabled=Le changement de nom complet est désactivé. username_has_not_been_changed=Le nom d'utilisateur n'a pas été modifié repo_name_been_taken=Ce nom de dépôt est déjà utilisé. repository_force_private=Force Private est activé : les dépôts privés ne peuvent pas être rendus publics. @@ -1039,6 +1041,7 @@ issue_labels_helper=Sélectionner un jeu de label. license=Licence license_helper=Sélectionner une licence license_helper_desc=Une licence réglemente ce que les autres peuvent ou ne peuvent pas faire avec votre code. Vous ne savez pas laquelle est la bonne pour votre projet ? Comment choisir une licence. +multiple_licenses=Licences multiples object_format=Format d'objet object_format_helper=Format d’objet pour ce dépôt. Ne peut être modifié plus tard. SHA1 est le plus compatible. readme=LISEZMOI @@ -1834,7 +1837,7 @@ pulls.is_empty=Les changements sur cette branche sont déjà sur la branche cibl pulls.required_status_check_failed=Certains contrôles requis n'ont pas réussi. pulls.required_status_check_missing=Certains contrôles requis sont manquants. pulls.required_status_check_administrator=En tant qu'administrateur, vous pouvez toujours fusionner cette requête de pull. -pulls.blocked_by_approvals=Cette demande d'ajout n’est pas suffisamment approuvée. %d approbations obtenues sur %d. +pulls.blocked_by_approvals=Cette demande d’ajout n’est pas suffisamment approuvée. %d approbations obtenues sur %d. pulls.blocked_by_approvals_whitelisted=Cette demande d’ajout n’a pas encore assez d’approbations. %d sur %d approbations de la part des utilisateurs ou équipes sur la liste autorisée. pulls.blocked_by_rejection=Cette demande d’ajout nécessite des corrections sollicitées par un évaluateur officiel. pulls.blocked_by_official_review_requests=Cette demande d’ajout a des sollicitations officielles d’évaluation. @@ -2940,6 +2943,7 @@ dashboard.start_schedule_tasks=Démarrer les tâches planifiées dashboard.sync_branch.started=Début de la synchronisation des branches dashboard.sync_tag.started=Synchronisation des étiquettes dashboard.rebuild_issue_indexer=Reconstruire l’indexeur des tickets +dashboard.sync_repo_licenses=Synchroniser les licences du dépôt users.user_manage_panel=Gestion du compte utilisateur users.new_account=Créer un compte diff --git a/options/locale/locale_ga-IE.ini b/options/locale/locale_ga-IE.ini index 82209b1b11..5ccbc4315f 100644 --- a/options/locale/locale_ga-IE.ini +++ b/options/locale/locale_ga-IE.ini @@ -2890,17 +2890,167 @@ dashboard.delete_generated_repository_avatars=Scrios abhatáranna stórtha ginte dashboard.sync_repo_branches=Sync brainsí caillte ó shonraí git go bunachair sonraí dashboard.sync_repo_tags=Clibeanna sioncraigh ó shonraí git go bunachar sonraí dashboard.update_mirrors=Scátháin a nuashonrú +dashboard.repo_health_check=Seiceáil sláinte gach stóras +dashboard.check_repo_stats=Seiceáil gach staitisticí stórais +dashboard.archive_cleanup=Scrios sean-chartlanna stórais +dashboard.deleted_branches_cleanup=Brainsí scriosta a ghlanadh +dashboard.update_migration_poster_id=Nuashonraigh ID póstaer imir +dashboard.git_gc_repos=Bailíonn truflais gach stórais +dashboard.resync_all_sshkeys=Nuashonraigh an comhad '.ssh/authorized_keys' le heochracha Gitea SSH. +dashboard.resync_all_sshprincipals=Nuashonraigh an comhad '.ssh/authorized_principals' le príomhphrionsabail Gitea SSH. +dashboard.resync_all_hooks=Athshioncrónaigh crúcaí réamhfhála, nuashonraithe agus iar-fhála na stórtha go léir. +dashboard.reinit_missing_repos=Aththosaigh gach stórais Git atá in easnamh a bhfuil taifid ann dóibh +dashboard.sync_external_users=Sioncrónaigh sonraí úsáideoirí seachtracha +dashboard.cleanup_hook_task_table=Tábla hook_task glantacháin +dashboard.cleanup_packages=Pacáistí glanta in éag +dashboard.cleanup_actions=Gníomhaíochtaí glanta in éag acmhainní +dashboard.server_uptime=Aga fónaimh Freastalaí +dashboard.current_goroutine=Goroutines Reatha +dashboard.current_memory_usage=Úsáid Cuimhne Reatha +dashboard.total_memory_allocated=Cuimhne Iomlán Leithdháilte +dashboard.memory_obtained=Cuimhne Faighte +dashboard.pointer_lookup_times=Amanna Cuardaigh Pointeora +dashboard.memory_allocate_times=Leithdháiltí Cuimhne +dashboard.memory_free_times=Saorálann Cuimhne +dashboard.current_heap_usage=Úsáid Charn Reatha +dashboard.heap_memory_obtained=Cuimhne Charn Faighte +dashboard.heap_memory_idle=Díomhaoin Cuimhne Carn +dashboard.heap_memory_in_use=Cuimhne Carm In Úsáid +dashboard.heap_memory_released=Cuimhne Carn Eisithe +dashboard.heap_objects=Cuspóirí Carn +dashboard.bootstrap_stack_usage=Úsáid Staca Bootstrap +dashboard.stack_memory_obtained=Cuimhne Staca Faighte +dashboard.mspan_structures_usage=Úsáid Struchtúir MSpan +dashboard.mspan_structures_obtained=Struchtúir MSpan a Faightear +dashboard.mcache_structures_usage=Úsáid Struchtúir MCache +dashboard.mcache_structures_obtained=Struchtúir MCache a Faightear +dashboard.profiling_bucket_hash_table_obtained=Tábla Hash Buicéad Próifílithe a Faightear +dashboard.gc_metadata_obtained=Meiteashonraí GC faighte +dashboard.other_system_allocation_obtained=Leithdháileadh Córais Eile a Fuarthas +dashboard.next_gc_recycle=Athchúrsáil GC Eile +dashboard.last_gc_time=Ó Am Deiridh GC +dashboard.total_gc_time=Sos Iomlán GC +dashboard.total_gc_pause=Sos Iomlán GC +dashboard.last_gc_pause=Sos GC Deireanach +dashboard.gc_times=Amanna GC +dashboard.delete_old_actions=Scrios gach sean-ghníomhaíocht ón mbunachar +dashboard.delete_old_actions.started=Scrios na sean-ghníomhaíocht go léir ón mbunachar sonraí tosaithe. +dashboard.update_checker=Seiceoir nuashonraithe +dashboard.delete_old_system_notices=Scrios gach seanfhógra córais ón mbunachar sonraí +dashboard.gc_lfs=Bailigh truflais meta rudaí LFS +dashboard.stop_zombie_tasks=Stad gníomhartha tascanna zombie +dashboard.stop_endless_tasks=Stad gníomhartha tascanna gan deireadh +dashboard.cancel_abandoned_jobs=Cealaigh gníomhartha poist tréigthe +dashboard.start_schedule_tasks=Tosaigh tascanna sceideal gníom +dashboard.sync_branch.started=Thosaigh Brainsí Sioncronú +dashboard.sync_tag.started=Clibeanna Thosaigh Sioncronú +dashboard.rebuild_issue_indexer=Atógáil innéacsóir eisiúna dashboard.sync_repo_licenses=Sioncronaigh ceadúnais repo +users.user_manage_panel=Bainistíocht Cuntas Úsáideora +users.new_account=Cruthaigh cuntas Úsáideora +users.name=Ainm úsáideora users.full_name=Ainm Iomlán +users.activated=Gníomhachtaithe +users.admin=Riarachán +users.restricted=Srianta +users.reserved=In áirithe +users.bot=Bota +users.remote=Iargúlta +users.2fa=2FA +users.repos=Stórais +users.created=Cruthaithe +users.last_login=Sínigh Isteach Deiridh +users.never_login=Ná Sínigh Isteach riamh +users.send_register_notify=Seol Fógra um Chlárú Úsáideora +users.new_success=Tá an cuntas úsáideora "%s" cruthaithe. +users.edit=Eagar +users.auth_source=Foinse Fíordheimhnithe +users.local=Áitiúil +users.auth_login_name=Ainm Síniú Isteach Fíordheimhnithe +users.password_helper=Fág an pasfhocal folamh chun é a choinneáil gan athrú. +users.update_profile_success=Nuashonraíodh an cuntas úsáideora. +users.edit_account=Cuir Cuntas Úsáideora in Eagar +users.max_repo_creation=Uasmhéid Stóras +users.max_repo_creation_desc=(Cuir isteach -1 chun an teorainn réamhshocraithe domhanda a úsáid.) +users.is_activated=Gníomhachtaítear Cuntas Úsáideora +users.prohibit_login=Díchumasaigh Síniú Isteach +users.is_admin=Is Riarthóir +users.is_restricted=Is Srianta +users.allow_git_hook=Féadfaidh Git Hooks a Chruthú +users.allow_git_hook_tooltip=Déantar Git Hooks a fhorghníomhú mar úsáideoir OS a ritheann Gitea agus beidh an leibhéal céanna rochtana óstaigh aige. Mar thoradh air sin, is féidir le húsáideoirí a bhfuil an phribhléid speisialta Git Hook seo acu rochtain a fháil ar gach stór Gitea agus iad a mhodhnú chomh maith leis an mbunachar sonraí a úsáideann Gitea. Dá bharr sin tá siad in ann pribhléidí riarthóra Gitea a fháil freisin. +users.allow_import_local=Is féidir Stórais Áitiúla a Allmhairiú +users.allow_create_organization=Is féidir Eagraíochtaí a Chruthú +users.update_profile=Nuashonraigh Cuntas Úsáideora +users.delete_account=Scrios Cuntas Úsáide +users.cannot_delete_self=Ní féidir leat tú féin a scriosadh +users.still_own_repo=Tá stórais amháin nó níos mó fós ag an úsáideoir seo. Scrios nó aistrigh na stórais seo ar dtús. +users.still_has_org=Is ball d'eagraíocht é an t-úsáideoir seo. Bain an t-úsáideoir ó aon eagraíochtaí ar dtús. +users.purge=Úsáideoir a Ghlanadh +users.purge_help=Scrios go héigeantach úsáideoir agus aon stórais, eagraíochtaí agus pacáistí atá faoi úinéireacht an úsáideora. Scriosfar gach trácht freisin. +users.still_own_packages=Tá pacáiste amháin nó níos mó fós ag an úsáideoir seo, scrios na pacáistí seo ar dtús. +users.deletion_success=Scriosadh an cuntas úsáideora. +users.reset_2fa=Athshocraigh 2FA +users.list_status_filter.menu_text=Scagaire +users.list_status_filter.reset=Athshocraigh users.list_status_filter.is_active=Gníomhach +users.list_status_filter.not_active=Neamhghníomhach +users.list_status_filter.is_admin=Riarachán +users.list_status_filter.not_admin=Ní Riarachán +users.list_status_filter.is_restricted=Srianta +users.list_status_filter.not_restricted=Gan Srian +users.list_status_filter.is_prohibit_login=Cosc ar Logáil Isteach +users.list_status_filter.not_prohibit_login=Ceadaigh Logáil isteach +users.list_status_filter.is_2fa_enabled=2FA Cumasaithe +users.list_status_filter.not_2fa_enabled=2FA faoi mhíchumas +users.details=Sonraí Úsáideora +emails.email_manage_panel=Bainistíocht Ríomhphost Úsáideoir +emails.primary=Bunscoile +emails.activated=Gníomhachtaithe +emails.filter_sort.email=Ríomhphost +emails.filter_sort.email_reverse=Ríomhphost (droim ar ais) +emails.filter_sort.name=Ainm Úsáideora +emails.filter_sort.name_reverse=Ainm Úsáideora (droim ar ais) +emails.updated=Nuashonraíodh an ríomhphost +emails.not_updated=Theip ar an seoladh ríomhphoist iarrtha a nuashonrú: %v +emails.duplicate_active=Tá an seoladh ríomhphoist seo gníomhach cheana féin d'úsáideoir difriúil. +emails.change_email_header=Nuashonraigh Airíonna Ríomhphoist +emails.change_email_text=An bhfuil tú cinnte gur mhaith leat an seoladh ríomhphoist seo a nuashonrú? +emails.delete=Scrios Ríomhphost +emails.delete_desc=An bhfuil tú cinnte gur mhaith leat an seoladh ríomhphoist seo a scriosadh? +emails.deletion_success=Tá an seoladh ríomhphoist scriosta. +emails.delete_primary_email_error=Ní féidir leat an ríomhphost príomhúil a scriosadh. +orgs.org_manage_panel=Bainistíocht Eagraíochta +orgs.name=Ainm orgs.teams=Foirne +orgs.members=Comhaltaí +orgs.new_orga=Eagraíocht Nua +repos.repo_manage_panel=Bainistíocht Stórais +repos.unadopted=Stórais Neamhghlactha +repos.unadopted.no_more=Níor aimsíodh níos mó stórais neamhghlactha repos.owner=Úinéir +repos.name=Ainm +repos.private=Príobháideach +repos.issues=Saincheisteanna +repos.size=Méid +repos.lfs_size=Méid LFS +packages.package_manage_panel=Bainistíocht Pacáiste +packages.total_size=Méid Iomlán: %s +packages.unreferenced_size=Méid gan tagairt: %s +packages.cleanup=Glan suas sonraí in éag +packages.cleanup.success=Glanadh suas sonraí in éag go rathúil packages.owner=Úinéir +packages.creator=Cruthaitheoir +packages.name=Ainm +packages.version=Leagan +packages.type=Cineál +packages.repository=Stóráil +packages.size=Méid +packages.published=Foilsithe defaulthooks=Réamhshocraithe Crúcaí Gréasán defaulthooks.desc=Déanann Crúcaí Gréasán iarratais HTTP POST go huathoibríoch chuig freastalaí nuair a chuireann imeachtaí áirithe Gitea tús. Is mainneachtainí iad na cuacha gréasáin a shainítear anseo agus déanfar iad a chóipeáil isteach i ngach stórais nua. Léigh tuilleadh sa treoir chúca Crúcaí Gréasán. @@ -2912,49 +3062,375 @@ systemhooks.desc=Déanann Crúcaí Gréasán iarratais HTTP POST go huathoibrío systemhooks.add_webhook=Cuir Crúca Gréasán Córas leis systemhooks.update_webhook=Nuashonraigh Córas Crúca Gréasán +auths.auth_manage_panel=Bainistiú Foinse Fíordheimhnithe +auths.new=Cuir Foinse Fíordheimhni +auths.name=Ainm +auths.type=Cineál +auths.enabled=Cumasaithe +auths.syncenabled=Cumasaigh Sioncrónú Úsáideora auths.updated=Nuashonraithe +auths.auth_type=Cineál Fíordheimhnithe +auths.auth_name=Ainm Fíordheimhnithe +auths.security_protocol=Prótacal Slándála auths.domain=Fearann +auths.host=Óstach +auths.port=Calafort +auths.bind_dn=Ceangail DN +auths.bind_password=Ceangail Pasfhocal +auths.user_base=Bonn Cuardaigh Úsáideora +auths.user_dn=Úsáideoir DN +auths.attribute_username=Tréith Ainm Úsáideora +auths.attribute_username_placeholder=Fág folamh chun an t-ainm úsáideora a iontráiltear i Gitea a úsáid. +auths.attribute_name=Tréith Céad Ainm +auths.attribute_surname=Tréith Sloinne +auths.attribute_mail=Tréith ríomhphoist +auths.attribute_ssh_public_key=Tréith Eochair SSH Phoiblí +auths.attribute_avatar=Tréith Avatar +auths.attributes_in_bind=Faigh tréithe i gComhthéacs Bind DN +auths.allow_deactivate_all=Lig do thoradh cuardaigh folamh gach úsáideoir a dhíghníomhachtú +auths.use_paged_search=Úsáid Cuardach Leathanaigh +auths.search_page_size=Méid an Leathanaigh +auths.filter=Scagaire Úsáideora +auths.admin_filter=Scagaire Riaracháin +auths.restricted_filter=Scagaire Srianta +auths.restricted_filter_helper=Fág folamh chun aon úsáideoirí a shocrú mar theoranta. Úsáid réiltín ('*') chun gach úsáideoir nach meaitseálann Scagaire Riaracháin a shocrú mar theoranta. +auths.verify_group_membership=Fíoraigh ballraíocht ghrúpa i LDAP (fág an scagaire folamh le scipeáil) +auths.group_search_base=Bonn Cuardaigh Grúpa DN +auths.group_attribute_list_users=Tréith Grúpa ina bhfuil Liosta Úsáideoirí +auths.user_attribute_in_group=Tréith Úsáideora atá Liostaithe i nGrúpa +auths.map_group_to_team=Léarscáil grúpaí LDAP chuig foirne na hEagraíochta (fág an réimse folamh le scipeáil) +auths.map_group_to_team_removal=Bain úsáideoirí ó fhoirne sioncronaithe mura mbaineann an t-úsáideoir leis an ngrúpa comhfhreagrach LDAP +auths.enable_ldap_groups=Cumasaigh grúpaí LDAP +auths.ms_ad_sa=MS AD Tréithe Cuardaigh +auths.smtp_auth=Cineál Fíordheimhnithe SMTP +auths.smtphost=Óstach SMTP +auths.smtpport=SMTP Calafort +auths.allowed_domains=Fearainn Ceadaithe +auths.allowed_domains_helper=Fág folamh chun gach fearann a cheadú. Déan ilfhearann a scaradh le camóg (','). +auths.skip_tls_verify=Scipeáil Fíorú TLS +auths.force_smtps=Fórsa SMTPS +auths.force_smtps_helper=Úsáidtear SMTPS i gcónaí ar chalafort 465. Socraigh é seo chun SMTPS a chur i bhfeidhm ar chalafoirt eile. (Seachas sin úsáidfear STARTTLS ar chalafoirt eile má thacaíonn an t-óstach leis.) +auths.helo_hostname=Ainm Óstach HELO +auths.helo_hostname_helper=Ainm óstach a sheoltar le HELO. Fág bán chun an t-ainm óstach reatha a sheoladh. +auths.disable_helo=Díchumasaigh HELO +auths.pam_service_name=Ainm Seirbhíse PAM +auths.pam_email_domain=Fearann Ríomhphoist PAM (roghnach) +auths.oauth2_provider=Soláthraí OAuth2 +auths.oauth2_icon_url=URL deilbhín +auths.oauth2_clientID=Aitheantas Cliant (Eochair) +auths.oauth2_clientSecret=Rúnda Cliant +auths.openIdConnectAutoDiscoveryURL=URL Fionnachtana Uathoibríoch OpenID Connect +auths.oauth2_use_custom_url=Úsáid URLanna Saincheaptha in ionad URLanna Réamhshocraithe +auths.oauth2_tokenURL=URL Comhartha +auths.oauth2_authURL=Údaraigh URL +auths.oauth2_profileURL=URL Próifíl +auths.oauth2_emailURL=URL ríomhphoist +auths.skip_local_two_fa=Scipeáil 2FA áitiúil +auths.skip_local_two_fa_helper=Ciallaíonn fágáil gan socrú go mbeidh ar úsáideoirí áitiúla a bhfuil tacar 2FA acu 2FA a rith fós chun logáil isteach +auths.oauth2_tenant=Tionónta +auths.oauth2_scopes=Scóipeanna Breise +auths.oauth2_required_claim_name=Ainm Éilimh Riachtanach +auths.oauth2_required_claim_name_helper=Socraigh an t-ainm seo chun logáil isteach ón bhfoinse seo a shrianadh d'úsáideoirí a bhfuil éileamh acu leis an ainm seo +auths.oauth2_required_claim_value=Luach Éilimh Riachtanach +auths.oauth2_required_claim_value_helper=Socraigh an luach seo chun logáil isteach ón bhfoinse seo a shrianadh chuig úsáideoirí a bhfuil éileamh acu leis an ainm agus an luach seo +auths.oauth2_group_claim_name=Ainm éileamh ag soláthar ainmneacha grúpa don fhoinse seo (Roghnach) +auths.oauth2_admin_group=Luach Éilimh Grúpa d'úsáideoirí riarthóra. (Roghnach - teastaíonn ainm éilimh thuas) +auths.oauth2_restricted_group=Luach Éilimh Grúpa d'úsáideoirí srianta. (Roghnach - teastaíonn ainm éilimh thuas) +auths.oauth2_map_group_to_team=Map mhaígh grúpaí chuig foirne Eagraíochta. (Roghnach - éilíonn ainm an éilimh thuas) +auths.oauth2_map_group_to_team_removal=Bain úsáideoirí ó fhoirne sioncronaithe mura mbaineann an t-úsáideoir leis an ngrúpa comhfhreagrach. +auths.enable_auto_register=Cumasaigh Clárú Auto +auths.sspi_auto_create_users=Cruthaigh úsáideoirí go huathoibríoch +auths.sspi_auto_create_users_helper=Lig do mhodh auth SSPI cuntais nua a chruthú go huathoibríoch d'úsáideoirí a logálann isteach den chéad uair +auths.sspi_auto_activate_users=Gníomhachtaigh úsáideoirí go huathoibríoch +auths.sspi_auto_activate_users_helper=Lig modh auth SSPI úsáideoirí nua a ghníomhachtú go huathoibríoch +auths.sspi_strip_domain_names=Bain ainmneacha fearann ó ainm úsáideora +auths.sspi_strip_domain_names_helper=Má dhéantar iad a sheiceáil, bainfear ainmneacha fearainn ó ainmneacha logála isteach (m.sh. Beidh “DOMAIN\ user” agus "user@example.org" araon ní bheidh ach “úsáideoir”). +auths.sspi_separator_replacement=Deighilteoir le húsáid in ionad\,/agus @ +auths.sspi_separator_replacement_helper=An carachtar a úsáidfear chun na deighilteoirí a chur in ionad na n-ainmneacha logála síos-leibhéil (m.sh. an \ i "DOMAIN\úsáideoir") agus ainmneacha príomhoidí úsáideora (m.sh. an @ in "user@example.org"). +auths.sspi_default_language=Teanga úsáideora réamhshocraithe +auths.sspi_default_language_helper=Teanga réamhshocraithe d'úsáideoirí cruthaithe go huathoibríoch ag modh auth SSPI. Fág folamh más fearr leat teanga a bhrath go huathoibríoch. +auths.tips=Leideanna +auths.tips.oauth2.general=OAuth2 Fíordheimhniú +auths.tips.oauth2.general.tip=Agus fíordheimhniú OAuth2 nua á chlárú agat, ba chóir go mbeadh an URL glaonna ais/atreoraithe: +auths.tip.oauth2_provider=Soláthraí OAuth2 +auths.tip.bitbucket=Cláraigh tomhaltóir OAuth nua ar %s agus cuir an cead 'Cuntas' - 'Léigh' leis +auths.tip.nextcloud=`Cláraigh tomhaltóir OAuth nua ar do chás ag baint úsáide as an roghchlár seo a leanas "Socruithe -> Slándáil -> cliant OAuth 2.0"` +auths.tip.dropbox=Cruthaigh feidhmchlár nua ag %s +auths.tip.facebook=Cláraigh feidhmchlár nua ag %s agus cuir an táirge "Facebook Login" leis +auths.tip.github=Cláraigh feidhmchlár OAuth nua ar %s +auths.tip.gitlab_new=Cláraigh feidhmchlár nua ar %s +auths.tip.google_plus=Faigh dintiúir chliaint OAuth2 ó chonsól API Google ag %s +auths.tip.openid_connect=Úsáid URL Fionnachtana OpenID Connect "https://{server}/.well-known/openid-configuration" chun na críochphointí a shonrú +auths.tip.twitter=Téigh go %s, cruthaigh feidhmchlár agus cinntigh go bhfuil an rogha "Ceadaigh úsáid a bhaint as an bhfeidhmchlár seo chun logáil isteach le Twitter" cumasaithe +auths.tip.discord=Cláraigh feidhmchlár nua ar %s +auths.tip.gitea=Cláraigh feidhmchlár OAuth2 nua. Tá treoir le fáil ag %s +auths.tip.yandex=`Cruthaigh feidhmchlár nua ag %s. Roghnaigh na ceadanna seo a leanas ón rannán "Yandex.Passport API": "Rochtain ar sheoladh ríomhphoist", "Rochtain ar avatar úsáideora" agus "Rochtain ar ainm úsáideora, céad ainm agus sloinne, inscne"` +auths.tip.mastodon=Ionchur URL sampla saincheaptha don shampla mastodon is mian leat a fhíordheimhniú leis (nó bain úsáid as an gceann réamhshocraithe) +auths.edit=Cuir Foinse Fíordheimhnithe in Eagar +auths.activated=Tá an Foinse Fíordheimhnithe seo gníomhachtaithe +auths.new_success=Tá an fíordheimhniú "%s" curtha leis. +auths.update_success=Nuashonraíodh an fhoinse fíordheimhnithe. +auths.update=Nuashonraigh Foinse Fíordheimhnithe +auths.delete=Scrios Foinse Fíordheimhnithe +auths.delete_auth_title=Scrios Foinse Fíordheimhnithe +auths.delete_auth_desc=Má scriosann tú foinse fíordheimhnithe cuirtear cosc ​​ar úsáideoirí í a úsáid chun síniú isteach. Lean ort? +auths.still_in_used=Tá an fhoinse fíordheimhnithe fós in úsáid. Tiontaigh nó scrios aon úsáideoir a úsáideann an fhoinse fíordheimhnithe seo ar dtús. +auths.deletion_success=Tá an fhoinse fíordheimhnithe scriosta. +auths.login_source_exist=Tá an fhoinse fíordheimhnithe "%s" ann cheana. +auths.login_source_of_type_exist=Tá foinse fíordheimhnithe den chineál seo ann cheana féin. +auths.unable_to_initialize_openid=Ní féidir Soláthraí Ceangail OpenID a thionscnamh: %s +auths.invalid_openIdConnectAutoDiscoveryURL=URL Neamhbhailí Fionnachtana Uathoibríoch (ní mór gur URL bailí é seo ag tosú le http:// nó https://) +config.server_config=Cumraíocht Freastalaí +config.app_name=Teideal an Láithreáin +config.app_ver=Leagan Gitea +config.app_url=URL Bonn Gitea +config.custom_conf=Cosán Comhad Cumraíochta +config.custom_file_root_path=Cosán Fréamh Comhad Saincheaptha +config.domain=Fearann ​​Freastalaí +config.offline_mode=Mód Áitiúil +config.disable_router_log=Díchumasaigh Loga an Ródaire +config.run_user=Rith Mar Ainm úsáideora +config.run_mode=Mód Rith +config.git_version=Leagan Git +config.app_data_path=Cosán Sonraí Aip +config.repo_root_path=Cosán Fréimhe Stórála +config.lfs_root_path=Cosán Fréamh LFS +config.log_file_root_path=Cosán Logála +config.script_type=Cineál Script +config.reverse_auth_user=Úsáideoir Fíordheimhnithe Droim ar Ais +config.ssh_config=Cumraíocht SSH +config.ssh_enabled=Cumasaithe +config.ssh_start_builtin_server=Úsáid Freastalaí Ionsuite +config.ssh_domain=Fearainn Freastalaí SSH +config.ssh_port=Calafort +config.ssh_listen_port=Éist Calafort +config.ssh_root_path=Cosán Fréimhe +config.ssh_key_test_path=Cosán Tástáil Eochair +config.ssh_keygen_path=Keygen ('ssh-keygen') Cosán +config.ssh_minimum_key_size_check=Seiceáil Íosta Méid Eochair +config.ssh_minimum_key_sizes=Méideanna Íosta Eochrach +config.lfs_config=Cumraíocht LFS +config.lfs_enabled=Cumasaithe +config.lfs_content_path=Cosán Ábhar LFS +config.lfs_http_auth_expiry=Éag Auth LFS HTTP +config.db_config=Cumraíocht Bunachar Sonraí +config.db_type=Cineál +config.db_host=Óstach +config.db_name=Ainm +config.db_user=Ainm úsáideora +config.db_schema=Scéim +config.db_ssl_mode=SSL +config.db_path=Cosán +config.service_config=Cumraíocht Seirbhíse +config.register_email_confirm=Deimhniú Ríomhphost a éileamh chun Clárú +config.disable_register=Díchumasaigh Féin-Chlárú +config.allow_only_internal_registration=Ceadaigh Clárú Amháin Trí Gitea féin +config.allow_only_external_registration=Ceadaigh Clárú Trí Sheirbhísí Seachtracha amháin +config.enable_openid_signup=Cumasaigh Féinchlárú OpenID +config.enable_openid_signin=Cumasaigh Síniú isteach OpenID +config.show_registration_button=Taispeáin Cnaipe Cláraithe +config.require_sign_in_view=Teastaíonn Sínigh isteach chun Leathanaigh Amharc +config.mail_notify=Cumasaigh Fógraí Ríomhphoist +config.enable_captcha=Cumasaigh CAPTCHA +config.active_code_lives=Saol Gníomhach ag an gCód +config.reset_password_code_lives=Am Éaga Chóid Aisghabhála Cuntais +config.default_keep_email_private=Folaigh Seoltaí Ríomhphoist de réir Réamhshocrú +config.default_allow_create_organization=Ceadaigh Cruthú Eagraíochtaí de réir Réamhshocrú +config.enable_timetracking=Cumasaigh Rianú Ama +config.default_enable_timetracking=Cumasaigh Rianú Ama de réir Réamhshocrú +config.default_allow_only_contributors_to_track_time=Lig do Rannpháirtithe Amháin Rianú Am +config.no_reply_address=Fearann Ríomhphoist Folaithe +config.default_visibility_organization=Infheictheacht réamhshocraithe d'Eagraíochtaí nua +config.default_enable_dependencies=Cumasaigh Spleáchais Eisithe de réir Réamhshocrú config.webhook_config=Cumraíocht Crúca Gréasán +config.queue_length=Fad scuaine +config.deliver_timeout=Teorainn Ama Seachadta +config.skip_tls_verify=Scipeáil Fíorú TLS +config.mailer_config=Cumraíocht Seoltóra +config.mailer_enabled=Cumasaithe +config.mailer_enable_helo=Cumasaigh HELO +config.mailer_name=Ainm +config.mailer_protocol=Prótacal +config.mailer_smtp_addr=Seoladh SMTP +config.mailer_smtp_port=Calafort SMTP +config.mailer_user=Úsáideoir +config.mailer_use_sendmail=Úsáid Sendmail +config.mailer_sendmail_path=Cosán Sendmail +config.mailer_sendmail_args=Argóintí Breise chuig Sendmail +config.mailer_sendmail_timeout=Teorainn Ama Sendmail +config.mailer_use_dummy=Caochadán +config.test_email_placeholder=Ríomhphost (m.sh. test@example.com) +config.send_test_mail=Seol Ríomhphost Tástála +config.send_test_mail_submit=Seol +config.test_mail_failed=Theip ar ríomhphost tástála a sheoladh chuig "%s": %v +config.test_mail_sent=Tá ríomhphost tástála seolta chuig "%s". +config.oauth_config=Cumraíocht OAuth +config.oauth_enabled=Cumasaithe +config.cache_config=Cumraíocht taisce +config.cache_adapter=Cuibheoir taisce +config.cache_interval=Eatramh Taisce +config.cache_conn=Ceangal Taisce +config.cache_item_ttl=Mír Taisce TTL +config.cache_test=Taisce Tástáil +config.cache_test_failed=Theip ar an taisce a thaiscéaladh: %v. +config.cache_test_slow=D'éirigh leis an tástáil taisce, ach tá an freagra mall: %s. +config.cache_test_succeeded=D'éirigh leis an tástáil taisce, fuair sé freagra i %s. +config.session_config=Cumraíocht Seisiúin +config.session_provider=Soláthraí Seisiúin +config.provider_config=Cumraíocht Soláthraí +config.cookie_name=Ainm Fianán +config.gc_interval_time=Am Eatramh GC +config.session_life_time=Am Saoil na Seisiúin +config.https_only=HTTPS Amháin +config.cookie_life_time=Am Saoil Fianán +config.picture_config=Cumraíocht Pictiúr agus Avatar +config.picture_service=Seirbhís Pictiúr +config.disable_gravatar=Díchumasaigh Gravatar +config.enable_federated_avatar=Cumasaigh Avatars Cónaidhme +config.open_with_editor_app_help=Na heagarthóirí "Oscailte le" don roghchlár Clón. Má fhágtar folamh é, úsáidfear an réamhshocrú. Leathnaigh chun an réamhshocrú a fheiceáil. +config.git_config=Cumraíocht Git +config.git_disable_diff_highlight=Díchumasaigh Aibhsiú Comhréire Diff +config.git_max_diff_lines=Max Diff Lines (do chomhad amháin) +config.git_max_diff_line_characters=Carachtair Max Diff (le haghaidh líne amháin) +config.git_max_diff_files=Comhaid Max Diff (le taispeáint) +config.git_gc_args=Argóintí GC +config.git_migrate_timeout=Teorainn Ama Imirce +config.git_mirror_timeout=Teorainn Ama Nuashonraithe Scátháin +config.git_clone_timeout=Teorainn Ama Oibríochta Clón +config.git_pull_timeout=Tarraing Am Oibríochta +config.git_gc_timeout=Teorainn Ama Oibriúcháin GC +config.log_config=Cumraíocht Logáil +config.logger_name_fmt=Logálaí: %s +config.disabled_logger=Díchumasaithe +config.access_log_mode=Mód Logáil Rochtana +config.access_log_template=Teimpléad Logáil Rochtana +config.xorm_log_sql=Logáil SQL +config.set_setting_failed=Theip ar shocrú %s a shocrú +monitor.stats=Staitisticí +monitor.cron=Tascanna Cron +monitor.name=Ainm +monitor.schedule=Sceideal +monitor.next=An chéad uair eile +monitor.previous=Am Roimhe Seo +monitor.execute_times=Forghníomhaíochtaí +monitor.process=Próisis reatha +monitor.stacktrace=Rian cruachta +monitor.processes_count=Próisis %d +monitor.download_diagnosis_report=Íoslódáil tuairisc diagnóis monitor.desc=Cur síos +monitor.start=Am Tosaigh +monitor.execute_time=Am Forghníomhaithe +monitor.last_execution_result=Toradh +monitor.process.cancel=Cealaigh próiseas +monitor.process.cancel_desc=Má chuirtear próiseas ar ceal d'fhéadfadh go gcaillfí sonraí +monitor.process.cancel_notices=Cealaigh: %s? +monitor.process.children=Leanaí +monitor.queues=Scuaineanna +monitor.queue=Scuaine: %s +monitor.queue.name=Ainm +monitor.queue.type=Cineál +monitor.queue.exemplar=Cineál Eiseamláire +monitor.queue.numberworkers=Líon na nOibrithe +monitor.queue.activeworkers=Oibrithe Gníomhacha +monitor.queue.maxnumberworkers=Líon Uasta na nOibrithe +monitor.queue.numberinqueue=Uimhir i scuaine +monitor.queue.review_add=Athbhreithniú / Cuir Oibrithe leis +monitor.queue.settings.title=Socruithe Linn +monitor.queue.settings.desc=Fásann linnte go dinimiciúil mar fhreagra ar a gcuid scuaine oibrithe a bhlocáil. +monitor.queue.settings.maxnumberworkers=Uaslíon na n-oibrithe +monitor.queue.settings.maxnumberworkers.placeholder=Faoi láthair %[1]d +monitor.queue.settings.maxnumberworkers.error=Caithfidh uaslíon na n-oibrithe a bheith ina uimhir monitor.queue.settings.submit=Nuashonrú Socruithe +monitor.queue.settings.changed=Socruithe Nuashonraithe +monitor.queue.settings.remove_all_items=Bain gach +monitor.queue.settings.remove_all_items_done=Baineadh na míreanna go léir sa scuaine. notices.system_notice_list=Fógraí Córais +notices.view_detail_header=Féach ar Sonraí Fógra notices.operations=Oibríochtaí +notices.select_all=Roghnaigh Gach +notices.deselect_all=Díroghnaigh Gach +notices.inverse_selection=Roghnú Inbhéartha +notices.delete_selected=Scrios Roghnaithe +notices.delete_all=Scrios Gach Fógra +notices.type=Cineál +notices.type_1=Stóras +notices.type_2=Tasc notices.desc=Cur síos +notices.op=Oibríocht. +notices.delete_success=Scriosadh na fógraí córais. [action] [tool] +now=anois +future=todhchaí +1s=1 soicind +1m=1 nóiméad +1h=1 uair an chloig +1d=1 lá +1w=1 seachtain +1mon=1 mhí +1y=1 bhliain +seconds=%d soicind +minutes=%d nóiméad [dropzone] [notification] +notifications=Fógraí +unread=Gan léamh +read=Léigh +subscriptions=Síntiúis +watching=Ag féachaint +no_subscriptions=Gan síntiúis [gpg] [units] +unit=Aonad [packages] +title=Pacáistí +filter.type=Cineál +filter.type.all=Gach +filter.container.tagged=Clibeáilte +filter.container.untagged=Gan chlib +details=Sonraí +details.author=Údar +dependency.version=Leagan alpine.repository.branches=Brainsí alpine.repository.repositories=Stórais +conan.details.repository=Stóras +container.details.type=Cineál Íomhá +container.details.platform=Ardán +container.multi_arch=Córas Oibriúcháin / Ailtireacht +container.labels=Lipéid +container.labels.key=Eochair +container.labels.value=Luach +debian.repository=Eolas Stóras +debian.repository.components=Comhpháirteanna +debian.repository.architectures=Ailtireachtaí +npm.details.tag=Clib +owner.settings.cleanuprules.enabled=Cumasaithe [secrets] @@ -2962,10 +3438,15 @@ alpine.repository.repositories=Stórais +runners.name=Ainm +runners.owner_type=Cineál runners.description=Cur síos +runners.labels=Lipéid runners.task_list.run=Rith +runners.task_list.repository=Stóras runners.task_list.commit=Tiomantas runners.status.active=Gníomhach +runners.version=Leagan runners.reset_registration_token=Athshocraigh comhartha clár runners.reset_registration_token_success=D'éirigh le hathshocrú comhartha clárúcháin an dara háit From 8bee7fcf7e214ace5e4835556bfb0f96ae3d20fb Mon Sep 17 00:00:00 2001 From: Ehsan Shirvanian <72626662+eshirvana@users.noreply.github.com> Date: Wed, 9 Oct 2024 01:04:34 -0400 Subject: [PATCH 04/27] update git book link to v2 (#32221) Fix the dead link `https://git-scm.com/book/en/Git-Basics-Getting-a-Git-Repository` for empty repositories to help how to clone the repository to `https://git-scm.com/book/en/v2/Git-Basics-Getting-a-Git-Repository` which is v2 of the git book. This also updates download git links --- modules/git/git.go | 4 ++-- templates/repo/empty.tmpl | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/git/git.go b/modules/git/git.go index 05ca260855..a19dd7771b 100644 --- a/modules/git/git.go +++ b/modules/git/git.go @@ -111,12 +111,12 @@ func SetExecutablePath(path string) error { func ensureGitVersion() error { if !DefaultFeatures().CheckVersionAtLeast(RequiredVersion) { - moreHint := "get git: https://git-scm.com/download/" + moreHint := "get git: https://git-scm.com/downloads" if runtime.GOOS == "linux" { // there are a lot of CentOS/RHEL users using old git, so we add a special hint for them if _, err := os.Stat("/etc/redhat-release"); err == nil { // ius.io is the recommended official(git-scm.com) method to install git - moreHint = "get git: https://git-scm.com/download/linux and https://ius.io" + moreHint = "get git: https://git-scm.com/downloads/linux and https://ius.io" } } return fmt.Errorf("installed git version %q is not supported, Gitea requires git version >= %q, %s", DefaultFeatures().gitVersion.Original(), RequiredVersion, moreHint) diff --git a/templates/repo/empty.tmpl b/templates/repo/empty.tmpl index cb2a5ba1e9..7613643351 100644 --- a/templates/repo/empty.tmpl +++ b/templates/repo/empty.tmpl @@ -24,7 +24,7 @@
-

{{ctx.Locale.Tr "repo.clone_this_repo"}} {{ctx.Locale.Tr "repo.clone_helper" "http://git-scm.com/book/en/Git-Basics-Getting-a-Git-Repository"}}

+

{{ctx.Locale.Tr "repo.clone_this_repo"}} {{ctx.Locale.Tr "repo.clone_helper" "http://git-scm.com/book/en/v2/Git-Basics-Getting-a-Git-Repository"}}

{{if and .CanWriteCode (not .Repository.IsArchived)}} From 4eacc61f645bbe259e22fba6f7111c8817de0652 Mon Sep 17 00:00:00 2001 From: Zettat123 Date: Thu, 10 Oct 2024 08:25:46 +0800 Subject: [PATCH 05/27] Fix incorrect "Target branch does not exist" in PR title (#32222) --- routers/web/repo/pull.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/routers/web/repo/pull.go b/routers/web/repo/pull.go index ced0bbc15a..02d9b429b5 100644 --- a/routers/web/repo/pull.go +++ b/routers/web/repo/pull.go @@ -166,7 +166,7 @@ func setMergeTarget(ctx *context.Context, pull *issues_model.PullRequest) { ctx.Data["BaseTarget"] = pull.BaseBranch headBranchLink := "" if pull.Flow == issues_model.PullRequestFlowGithub { - b, err := git_model.GetBranch(ctx, ctx.Repo.Repository.ID, pull.HeadBranch) + b, err := git_model.GetBranch(ctx, pull.HeadRepoID, pull.HeadBranch) switch { case err == nil: if !b.IsDeleted { From 368b0881f502dd36a1ae725493c85683803fd816 Mon Sep 17 00:00:00 2001 From: GiteaBot Date: Thu, 10 Oct 2024 00:30:33 +0000 Subject: [PATCH 06/27] [skip ci] Updated translations via Crowdin --- options/locale/locale_ga-IE.ini | 288 ++++++++++++++++++++++++++++++++ 1 file changed, 288 insertions(+) diff --git a/options/locale/locale_ga-IE.ini b/options/locale/locale_ga-IE.ini index 5ccbc4315f..0fae28daea 100644 --- a/options/locale/locale_ga-IE.ini +++ b/options/locale/locale_ga-IE.ini @@ -3377,8 +3377,47 @@ notices.desc=Cur síos notices.op=Oibríocht. notices.delete_success=Scriosadh na fógraí córais. +self_check.no_problem_found=Níor aimsíodh aon fhadhb fós. +self_check.startup_warnings=Rabhadh tosaithe: +self_check.database_collation_mismatch=Bí ag súil le comhthiomsú a úsáid sa bhunachar sonraí: %s +self_check.database_collation_case_insensitive=Tá bunachar sonraí ag baint úsáide as comparáid %s, arb é comhdhlúthú neamhíogair. Cé go bhféadfadh Gitea oibriú leis, d'fhéadfadh go mbeadh roinnt cásanna annamh ann nach n-oibríonn mar a bhíothas ag súil leis. +self_check.database_inconsistent_collation_columns=Tá comhthiomsú %s in úsáid ag an mbunachar sonraí, ach tá comhthiomsuithe mímheaitseála á n-úsáid ag na colúin seo. D'fhéadfadh sé a bheith ina chúis le roinnt fadhbanna gan choinne. +self_check.database_fix_mysql=D'úsáideoirí MySQL/MariaDB, d'fhéadfá an t-ordú "gitea doctor convert" a úsáid chun na fadhbanna comhthiomsaithe a réiteach, nó d'fhéadfá an fhadhb a réiteach trí "ALTER ... COLLATE ..." SQLs de láimh freisin. +self_check.database_fix_mssql=I gcás úsáideoirí MSSQL, ní fhéadfá an fhadhb a réiteach ach trí "ALTER ... COLLATE ..." SQLs de láimh faoi láthair. +self_check.location_origin_mismatch=Ní mheaitseálann an URL reatha (%[1]s) an URL atá le feiceáil ag Gitea (%[2]s). Má tá seachfhreastalaí droim ar ais á úsáid agat, cinntigh le do thoil go bhfuil na ceanntásca "Óstríomhaire" agus "X-Forwarded-Proto" socraithe i gceart. [action] +create_repo=stóras cruthaithe %s +rename_repo=stóras athainmnithe ó %[1]s go %[3]s +commit_repo=brú chuig %[3]s ag %[4]s +create_issue=`osclaíodh ceist %[3]s#%[2]s` +close_issue=`eagrán dúnta %[3]s#%[2]s` +reopen_issue=`athoscailt an cheist %[3]s#%[2]s` +create_pull_request=`iarratas tarraingthe cruthaithe %[3]s#%[2]s` +close_pull_request=`iarratas tarraingthe dúnta %[3]s#%[2]s` +reopen_pull_request=`iarratas tarraingthe athoscailte %[3]s#%[2]s` +comment_issue=`trácht ar cheist %[3]s#%[2]s` +comment_pull=`déan trácht ar iarratas tarraingthe %[3]s#%[2]s` +merge_pull_request=`iarratas tarraingthe cumaisc %[3]s#%[2]s` +auto_merge_pull_request=`iarratas tarraingthe cumasctha go huathoibríoch %[3]s#%[2]s` +transfer_repo=aistrithe stóras %s go %s +push_tag=brú %[3]s go %[4]s +delete_tag=scriosta clib %[2]s ó %[3]s +delete_branch=brainse scriosta %[2]s ó %[3]s +compare_branch=Déan comparáid +compare_commits=Déan comparáid idir tiomáintí %d +compare_commits_general=Déan comparáid idir tiomáintí +mirror_sync_push=geallann synced do %[3]s ag %[4]s ón scáthán +mirror_sync_create=sioncronaigh tagairt nua %[3]s do %[4]s ón scáthán +mirror_sync_delete=sioncronaithe agus scriosta an tagairt %[2]s ag %[3]s ón scáthán +approve_pull_request=`ceadaithe %[3]s#%[2]s` +reject_pull_request=`athruithe molta le haghaidh %[3]s#%[2]s` +publish_release=`scaoileadh %[4]s ag %[3]s` +review_dismissed=`léirmheas ó %[4]s le haghaidh %[3]s#%[2]s` +review_dismissed_reason=Cúis: +create_branch=brainse cruthaithe %[3]s i %[4]s +starred_repo=le %[2]s le réalta +watched_repo=thosaigh sé ag breathnú ar %[2]s [tool] now=anois @@ -3392,60 +3431,266 @@ future=todhchaí 1y=1 bhliain seconds=%d soicind minutes=%d nóiméad +hours=%d uair an chloig +days=%d laethanta +weeks=%d seachtain +months=%d míonna +years=%d bliain +raw_seconds=soicind +raw_minutes=nóiméad [dropzone] +default_message=Scaoil comhaid nó cliceáil anseo chun iad a uaslódáil. +invalid_input_type=Ní féidir leat comhaid den chineál seo a uaslódáil. +file_too_big=Sáraíonn méid comhaid ({{filesize}} MB) an t-uasmhéid de ({{maxFilesize}} MB). +remove_file=Bain an comhad [notification] notifications=Fógraí unread=Gan léamh read=Léigh +no_unread=Gan aon fhógraí neamh-léite. +no_read=Gan aon fhógraí léite. +pin=Fógra bioráin +mark_as_read=Marcáil mar léite +mark_as_unread=Marcáil mar neamh-léite +mark_all_as_read=Marcáil gach ceann mar léite subscriptions=Síntiúis watching=Ag féachaint no_subscriptions=Gan síntiúis [gpg] +default_key=Sínithe leis an eochair réamhshocraithe +error.extract_sign=Theip ar an síniú a bhaint +error.generate_hash=Theip ar hash gealltanas a ghiniúint +error.no_committer_account=Níl aon chuntas nasctha le seoladh ríomhphoist an tiomnóra +error.no_gpg_keys_found=Níor aimsíodh aon eochair aithne don síniú seo sa bhunachar +error.not_signed_commit=Ní tiomantas sínithe +error.failed_retrieval_gpg_keys=Theip ar aisghabháil eochair ar bith a bhí ceangailte le cuntas an tiomnóra +error.probable_bad_signature=RABHADH! Cé go bhfuil eochair leis an ID seo sa bhunachar sonraí ní fhíoraíonn sé an tiomantas seo! Tá an tiomantas seo AMHRASACH. +error.probable_bad_default_signature=RABHADH! Cé go bhfuil an t-aitheantas seo ag an eochair réamhshocraithe ní fíoraíonn sé an tiomantas seo! Tá an tiomantas seo AMHRASACH. [units] unit=Aonad +error.no_unit_allowed_repo=Níl cead agat rochtain a fháil ar aon chuid den tiomantas seo. +error.unit_not_allowed=Níl cead agat an rannán stóras seo a rochtain. [packages] title=Pacáistí +desc=Bainistigh pacáistí stórais. +empty=Níl aon phacáistí ann fós. +no_metadata=Gan aon mheiteashonraí. +empty.documentation=Le haghaidh tuilleadh eolais ar chlárlann na bpacáistí, féach ar na doiciméid. +empty.repo=An ndearna tú uaslódáil ar phacáiste, ach nach bhfuil sé léirithe anseo? Téigh go socruithe pacáiste agus nasc leis an stóras seo é. +registry.documentation=Le haghaidh tuilleadh eolais ar chlárlann %s, féach ar na doiciméid. filter.type=Cineál filter.type.all=Gach +filter.no_result=Níor thug do scagaire aon torthaí. filter.container.tagged=Clibeáilte filter.container.untagged=Gan chlib +published_by=Foilsithe %[1]s ag %[3]s +published_by_in=Foilsithe ag %[1]s ag %[3]s in %[5]s +installation=Suiteáil +about=Maidir leis an bpacáiste seo +requirements=Riachtanais +dependencies=Spleithiúlachtaí +keywords=Eochairfhocail details=Sonraí details.author=Údar +details.project_site=Suíomh an Tionscadail +details.repository_site=Suíomh Stóras +details.documentation_site=Suíomh Doiciméadaithe +details.license=Ceadúnas +assets=Sócmhainní +versions=Leaganacha +versions.view_all=Féach ar gach +dependency.id=ID dependency.version=Leagan +alpine.registry=Socraigh an chlár seo tríd an url a chur i do chomhad /etc/apk/repositories: +alpine.registry.key=Íoslódáil eochair RSA poiblí na clárlainne isteach san fhillteán /etc/apk/keys/ chun an síniú innéacs a fhíorú: +alpine.registry.info=Roghnaigh $branch agus $repository ón liosta thíos. +alpine.install=Chun an pacáiste a shuiteáil, rith an t-ordú seo a leanas: +alpine.repository=Eolas Stórais alpine.repository.branches=Brainsí alpine.repository.repositories=Stórais +alpine.repository.architectures=Ailtireachtaí +cargo.registry=Socraigh an clárlann seo sa chomhad cumraíochta lasta (mar shampla ~/.cargo/config.toml): +cargo.install=Chun an pacáiste a shuiteáil ag baint úsáide as Cargo, reáchtáil an t-ordú seo a leanas: +chef.registry=Socraigh an clárlann seo i do chomhad ~/.chef/config.rb: +chef.install=Chun an pacáiste a shuiteáil, rith an t-ordú seo a leanas: +composer.registry=Socraigh an chlár seo i do chomhad ~/.composer/config.json: +composer.install=Chun an pacáiste a shuiteáil ag baint úsáide as Cumadóir, reáchtáil an t-ordú seo a leanas: +composer.dependencies=Spleithiúlachtaí +composer.dependencies.development=Spleithiúlachtaí Forbartha conan.details.repository=Stóras +conan.registry=Socraigh an clárlann seo ón líne ordaithe: +conan.install=Chun an pacáiste a shuiteáil ag úsáid Conan, reáchtáil an t-ordú seo a leanas: +conda.registry=Socraigh an chlár seo mar stóras Conda i do chomhad .condarc: +conda.install=Chun an pacáiste a shuiteáil ag úsáid Conda, reáchtáil an t-ordú seo a leanas: container.details.type=Cineál Íomhá container.details.platform=Ardán +container.pull=Tarraing an íomhá ón líne ordaithe: +container.digest=Díleáigh: container.multi_arch=Córas Oibriúcháin / Ailtireacht +container.layers=Sraitheanna Íomhá container.labels=Lipéid container.labels.key=Eochair container.labels.value=Luach +cran.registry=Cumraigh an chlárlann seo i do chomhad Rprofile.site: +cran.install=Chun an pacáiste a shuiteáil, rith an t-ordú seo a leanas: +debian.registry=Socraigh an clárlann seo ón líne ordaithe: +debian.registry.info=Roghnaigh $distribution agus $component ón liosta thíos. +debian.install=Chun an pacáiste a shuiteáil, rith an t-ordú seo a leanas: debian.repository=Eolas Stóras +debian.repository.distributions=Dáiltí debian.repository.components=Comhpháirteanna debian.repository.architectures=Ailtireachtaí +generic.download=Íoslódáil pacáiste ón líne ordaithe: +go.install=Suiteáil an pacáiste ón líne ordaithe: +helm.registry=Socraigh an clárlann seo ón líne ordaithe: +helm.install=Chun an pacáiste a shuiteáil, rith an t-ordú seo a leanas: +maven.registry=Socraigh an clárlann seo i do chomhad pom.xml tionscadail: +maven.install=Chun an pacáiste a úsáid cuir na nithe seo a leanas sa bhloc spleáchais sa chomhad pom.xml: +maven.install2=Rith tríd an líne ordaithe: +maven.download=Chun an spleáchas a íoslódáil, rith tríd an líne ordaithe: +nuget.registry=Socraigh an clárlann seo ón líne ordaithe: +nuget.install=Chun an pacáiste a shuiteáil ag úsáid NuGet, reáchtáil an t-ordú seo a leanas: +nuget.dependency.framework=Spriocchreat +npm.registry=Socraigh an chlárlann seo i do chomhad .npmrc do thionscadail: +npm.install=Chun an pacáiste a shuiteáil ag úsáid npm, reáchtáil an t-ordú seo a leanas: +npm.install2=nó cuir leis an gcomhad package.json é: +npm.dependencies=Spleithiúlachtaí +npm.dependencies.development=Spleithiúlachtaí Forbartha +npm.dependencies.bundle=Spleáchais Chuachta +npm.dependencies.peer=Spleithiúlachtaí Piaraí +npm.dependencies.optional=Spleáchais Roghnacha npm.details.tag=Clib +pub.install=Chun an pacáiste a shuiteáil ag úsáid Dart, reáchtáil an t-ordú seo a leanas: +pypi.requires=Teastaíonn Python +pypi.install=Chun an pacáiste a shuiteáil ag úsáid pip, reáchtáil an t-ordú seo a leanas: +rpm.registry=Socraigh an clárlann seo ón líne ordaithe: +rpm.distros.redhat=ar dháileadh bunaithe ar RedHat +rpm.distros.suse=ar dháileadh bunaithe ar SUSE +rpm.install=Chun an pacáiste a shuiteáil, rith an t-ordú seo a leanas: +rpm.repository=Eolas Stóras +rpm.repository.architectures=Ailtireachtaí +rpm.repository.multiple_groups=Tá an pacáiste seo ar fáil i ngrúpaí éagsúla. +rubygems.install=Chun an pacáiste a shuiteáil ag baint úsáide as gem, reáchtáil an t-ordú seo a leanas: +rubygems.install2=nó cuir leis an Gemfile é: +rubygems.dependencies.runtime=Spleáchais Rith-Ama +rubygems.dependencies.development=Spleáchais Forbartha +rubygems.required.ruby=Éilíonn leagan Ruby +rubygems.required.rubygems=Éilíonn leagan RubyGem +swift.registry=Socraigh an clárlann seo ón líne ordaithe: +swift.install=Cuir an pacáiste i do chomhad Package.swift: +swift.install2=agus reáchtáil an t-ordú seo a leanas: +vagrant.install=Chun bosca Vagrant a chur leis, reáchtáil an t-ordú seo a leanas: +settings.link=Nasc an pacáiste seo le stóras +settings.link.description=Má nascann tú pacáiste le stóras, liostaítear an pacáiste i liosta pacáistí an stórais. +settings.link.select=Roghnaigh Stóras +settings.link.button=Nuashonraigh Nasc Stórais +settings.link.success=D'éirigh le nasc an stórais a nuashonrú. +settings.link.error=Theip ar an nasc stóras a nuashonrú. +settings.delete=Scrios pacáiste +settings.delete.description=Tá pacáiste a scriosadh buan agus ní féidir é a chur ar ais. +settings.delete.notice=Tá tú ar tí %s (%s) a scriosadh. Tá an oibríocht seo dochúlaithe, an bhfuil tú cinnte? +settings.delete.success=Tá an pacáiste scriosta. +settings.delete.error=Theip ar an pacáiste a scriosadh. +owner.settings.cargo.title=Innéacs Clárlann Lasta +owner.settings.cargo.initialize=Innéacs a chur i dtosach +owner.settings.cargo.initialize.description=Tá gá le stóras innéacs speisialta Git chun an clárlann Cargo a úsáid. Tríd an rogha seo, cruthófar an stóras (nó athchruthófar é) agus cumrófar é go huathoibríoch. +owner.settings.cargo.initialize.error=Níorbh fhéidir an t-innéacs Cargo a thúsú: %v +owner.settings.cargo.initialize.success=Cruthaíodh an t-innéacs Cargo go rathúil. +owner.settings.cargo.rebuild=Innéacs Atógáil +owner.settings.cargo.rebuild.description=Is féidir atógáil a bheith úsáideach mura bhfuil an t-innéacs sioncronaithe leis na pacáistí Cargo stóráilte. +owner.settings.cargo.rebuild.error=Níorbh fhéidir an t-innéacs Cargo a atógáil: %v +owner.settings.cargo.rebuild.success=D'éirigh leis an innéacs Cargo a atógáil. +owner.settings.cleanuprules.title=Bainistigh Rialacha Glanta +owner.settings.cleanuprules.add=Cuir Riail Glantacháin leis +owner.settings.cleanuprules.edit=Cuir Riail Glantacháin in eagar +owner.settings.cleanuprules.none=Níl aon rialacha glanta ar fáil. Féach ar na doiciméid le do thoil. +owner.settings.cleanuprules.preview=Réamhamharc Riail Glantacháin +owner.settings.cleanuprules.preview.overview=Tá pacáistí %d beartaithe a bhaint. +owner.settings.cleanuprules.preview.none=Ní hionann riail glantacháin agus pacáistí ar bith. owner.settings.cleanuprules.enabled=Cumasaithe +owner.settings.cleanuprules.pattern_full_match=Cuir patrún i bhfeidhm ar ainm an phacáiste iomlán +owner.settings.cleanuprules.keep.title=Coinnítear leaganacha a mheaitseálann leis na rialacha seo, fiú má mheaitseálann siad riail bhaint thíos. +owner.settings.cleanuprules.keep.count=Coinnigh an ceann is déanaí +owner.settings.cleanuprules.keep.count.1=1 leagan in aghaidh an phacáiste +owner.settings.cleanuprules.keep.count.n=Leaganacha %d in aghaidh an phacáiste +owner.settings.cleanuprules.keep.pattern=Coinnigh leaganacha meaitseála +owner.settings.cleanuprules.keep.pattern.container=Coinnítear an leagan is déanaí le haghaidh pacáistí Coimeádán i gcónaí. +owner.settings.cleanuprules.remove.title=Baintear leaganacha a mheaitseálann leis na rialacha seo, mura deir riail thuas iad a choinneáil. +owner.settings.cleanuprules.remove.days=Bain leaganacha níos sine ná +owner.settings.cleanuprules.remove.pattern=Bain leaganacha meaitseála +owner.settings.cleanuprules.success.update=Nuashonraíodh an riail ghlantacháin. +owner.settings.cleanuprules.success.delete=Scriosadh an riail glantacháin. +owner.settings.chef.title=Clárlann Chef +owner.settings.chef.keypair=Gin péire eochair +owner.settings.chef.keypair.description=Tá eochairphéire riachtanach le fíordheimhniú a dhéanamh ar chlárlann an Chef. Má tá péire eochrach ginte agat roimhe seo, má ghinfidh tú eochairphéire nua, scriosfar an seanphéire eochair. [secrets] +secrets=Rúin +description=Cuirfear rúin ar aghaidh chuig gníomhartha áirithe agus ní féidir iad a léamh ar mhalairt. +none=Níl aon rúin ann fós. +creation=Cuir Rúnda leis +creation.name_placeholder=carachtair alfanumair nó íoslaghda amháin nach féidir a thosú le GITEA_ nó GITHUB_ +creation.value_placeholder=Ionchur ábhar ar bith. Fágfar spás bán ag tús agus ag deireadh ar lár. +creation.success=Tá an rún "%s" curtha leis. +creation.failed=Theip ar an rún a chur leis. +deletion=Bain rún +deletion.description=Is buan rún a bhaint agus ní féidir é a chealú. Lean ort? +deletion.success=Tá an rún bainte. +deletion.failed=Theip ar rún a bhaint. +management=Bainistíocht Rúin [actions] +actions=Gníomhartha +unit.desc=Bainistigh gníomhartha +status.unknown=Anaithnid +status.waiting=Ag fanacht +status.running=Ag rith +status.success=Rath +status.failure=Teip +status.cancelled=Cealaíodh +status.skipped=Scipeáilte +status.blocked=Blocáilte +runners=Reathaitheoirí +runners.runner_manage_panel=Bainistíocht reathaithe +runners.new=Cruthaigh reathaí nua +runners.new_notice=Conas reathaí a thosú +runners.status=Stádas +runners.id=ID runners.name=Ainm runners.owner_type=Cineál runners.description=Cur síos runners.labels=Lipéid +runners.last_online=Am Ar Líne Deiridh +runners.runner_title=Reathaí +runners.task_list=Tascanna le déanaí ar an reathaí seo +runners.task_list.no_tasks=Níl aon tasc ann fós. runners.task_list.run=Rith +runners.task_list.status=Stádas runners.task_list.repository=Stóras runners.task_list.commit=Tiomantas +runners.task_list.done_at=Déanta ag +runners.edit_runner=Cuir Reathaí in Eagar +runners.update_runner=Nuashonrú Athruithe +runners.update_runner_success=Nuashonraíodh an Reathaí +runners.update_runner_failed=Theip ar an reathaí a nuashonrú +runners.delete_runner=Scrios an reathaí seo +runners.delete_runner_success=Scriosadh an reathaí go rathúil +runners.delete_runner_failed=Theip ar an reathaí a scriosadh +runners.delete_runner_header=Deimhnigh an reathaí seo a scriosadh +runners.delete_runner_notice=Má tá tasc ar siúl ar an reathaí seo, cuirfear deireadh leis agus marcáil mar theip. Féadfaidh sé sreabhadh oibre tógála a bhriseadh. +runners.none=Níl aon reathaí ar fáil +runners.status.unspecified=Anaithnid +runners.status.idle=Díomhaoin runners.status.active=Gníomhach +runners.status.offline=As líne runners.version=Leagan runners.reset_registration_token=Athshocraigh comhartha clár runners.reset_registration_token_success=D'éirigh le hathshocrú comhartha clárúcháin an dara háit @@ -3455,11 +3700,54 @@ runs.commit=Tiomantas runs.scheduled=Sceidealaithe runs.pushed_by=bhrú ag runs.invalid_workflow_helper=Tá comhad cumraíochta sreabhadh oibre nebhailí. Seiceáil do chomhad cumraithe le do thoil: %s +runs.no_matching_online_runner_helper=Gan aon reathaí ar líne a mheaitseáil le lipéad: %s +runs.no_job_without_needs=Caithfidh post amháin ar a laghad a bheith sa sreabhadh oibre gan spleáchas. +runs.no_job=Caithfidh post amháin ar a laghad a bheith sa sreabhadh oibre +runs.actor=Aisteoir +runs.status=Stádas +runs.actors_no_select=Gach aisteoir +runs.status_no_select=Gach stádas +runs.no_results=Níor mheaitseáil aon torthaí. +runs.no_workflows=Níl aon sreafaí oibre ann fós. +runs.no_workflows.quick_start=Níl a fhios agam conas tosú le Gitea Actions? Féach an treoirleabhar mear tosaithe. +runs.no_workflows.documentation=Le haghaidh tuilleadh eolais ar Gitea Actions, féach ar na doiciméid. +runs.no_runs=Níl aon rith ag an sreabhadh oibre fós. +runs.empty_commit_message=(teachtaireacht tiomantas folamh) +runs.expire_log_message=Glanadh logaí toisc go raibh siad ró-sean. +workflow.disable=Díchumasaigh sreabhadh oibre +workflow.disable_success=D'éirigh le sreabhadh oibre '%s' a dhíchumasú. +workflow.enable=Cumasaigh sreabhadh oibre +workflow.enable_success=Cumasaíodh sreabhadh oibre '%s' go rathúil. +workflow.disabled=Tá sreabhadh oibre díchumasaithe +workflow.run=Rith Sreabhadh Oibre +workflow.not_found=Níor aimsíodh sreabhadh oibre '%s'. +workflow.run_success=Ritheann sreabhadh oibre '%s' go rathúil. +workflow.from_ref=Úsáid sreabhadh oibre ó +workflow.has_workflow_dispatch=Tá comhoibriú ag an gcur i bhfeidhm seo le himeacht workflow_dispatch. +need_approval_desc=Teastaíonn faomhadh chun sreafaí oibre a rith le haghaidh iarratas tarraingt forc. +variables=Athróga +variables.management=Bainistíocht Athróg +variables.creation=Cuir Athróg leis +variables.none=Níl aon athróga ann fós. +variables.deletion=Bain athróg +variables.deletion.description=Tá athróg a bhaint buan agus ní féidir é a chur ar ais. Lean ar aghaidh? +variables.description=Cuirfear athróga chuig gníomhartha áirithe agus ní féidir iad a léamh ar mhalairt eile. +variables.id_not_exist=Níl athróg le ID %d ann. +variables.edit=Cuir Athróg in Eagar +variables.deletion.failed=Theip ar athróg a bhaint. +variables.deletion.success=Tá an athróg bainte. +variables.creation.failed=Theip ar athróg a chur leis. +variables.creation.success=Tá an athróg "%s" curtha leis. +variables.update.failed=Theip ar athróg a chur in eagar. +variables.update.success=Tá an t-athróg curtha in eagar. [projects] +deleted.display_name=Tionscadal scriosta +type-1.display_name=Tionscadal Aonair +type-2.display_name=Tionscadal Stórais type-3.display_name=Tionscadal Eagrúcháin [git.filemode] From dd83cfcacc989d0e7cbd21ec5eba029fdfcb72dd Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Thu, 10 Oct 2024 11:48:21 +0800 Subject: [PATCH 07/27] Refactor CSRF token (#32216) --- routers/web/auth/auth.go | 8 ++- routers/web/auth/oauth.go | 4 +- services/auth/auth.go | 4 +- services/context/csrf.go | 4 +- tests/integration/admin_user_test.go | 4 +- tests/integration/api_httpsig_test.go | 2 +- .../api_packages_container_test.go | 4 +- tests/integration/attachment_test.go | 4 +- tests/integration/auth_ldap_test.go | 6 +- .../integration/change_default_branch_test.go | 4 +- tests/integration/delete_user_test.go | 4 +- tests/integration/editor_test.go | 4 +- tests/integration/empty_repo_test.go | 8 +-- tests/integration/git_test.go | 4 +- tests/integration/integration_test.go | 26 ++++----- tests/integration/issue_test.go | 20 +++---- tests/integration/mirror_push_test.go | 4 +- tests/integration/nonascii_branches_test.go | 2 +- tests/integration/org_project_test.go | 4 +- tests/integration/org_team_invite_test.go | 57 ++++++------------- tests/integration/privateactivity_test.go | 2 +- tests/integration/pull_merge_test.go | 6 +- tests/integration/pull_status_test.go | 6 +- tests/integration/rename_branch_test.go | 2 +- tests/integration/repo_branch_test.go | 9 +-- tests/integration/signin_test.go | 2 - tests/integration/user_avatar_test.go | 2 +- tests/integration/user_test.go | 8 +-- tests/integration/xss_test.go | 2 +- 29 files changed, 90 insertions(+), 126 deletions(-) diff --git a/routers/web/auth/auth.go b/routers/web/auth/auth.go index 5cbe2f5388..c9ef9193f1 100644 --- a/routers/web/auth/auth.go +++ b/routers/web/auth/auth.go @@ -98,7 +98,7 @@ func autoSignIn(ctx *context.Context) (bool, error) { return false, err } - ctx.Csrf.DeleteCookie(ctx) + ctx.Csrf.PrepareForSessionUser(ctx) return true, nil } @@ -359,8 +359,8 @@ func handleSignInFull(ctx *context.Context, u *user_model.User, remember, obeyRe ctx.Locale = middleware.Locale(ctx.Resp, ctx.Req) } - // Clear whatever CSRF cookie has right now, force to generate a new one - ctx.Csrf.DeleteCookie(ctx) + // force to generate a new CSRF token + ctx.Csrf.PrepareForSessionUser(ctx) // Register last login if err := user_service.UpdateUser(ctx, u, &user_service.UpdateOptions{SetLastLogin: true}); err != nil { @@ -804,6 +804,8 @@ func handleAccountActivation(ctx *context.Context, user *user_model.User) { return } + ctx.Csrf.PrepareForSessionUser(ctx) + if err := resetLocale(ctx, user); err != nil { ctx.ServerError("resetLocale", err) return diff --git a/routers/web/auth/oauth.go b/routers/web/auth/oauth.go index ccbb3bebf1..730d68051b 100644 --- a/routers/web/auth/oauth.go +++ b/routers/web/auth/oauth.go @@ -358,8 +358,8 @@ func handleOAuth2SignIn(ctx *context.Context, source *auth.Source, u *user_model return } - // Clear whatever CSRF cookie has right now, force to generate a new one - ctx.Csrf.DeleteCookie(ctx) + // force to generate a new CSRF token + ctx.Csrf.PrepareForSessionUser(ctx) if err := resetLocale(ctx, u); err != nil { ctx.ServerError("resetLocale", err) diff --git a/services/auth/auth.go b/services/auth/auth.go index a2523a2452..43ff95f053 100644 --- a/services/auth/auth.go +++ b/services/auth/auth.go @@ -103,8 +103,8 @@ func handleSignIn(resp http.ResponseWriter, req *http.Request, sess SessionStore middleware.SetLocaleCookie(resp, user.Language, 0) - // Clear whatever CSRF has right now, force to generate a new one + // force to generate a new CSRF token if ctx := gitea_context.GetWebContext(req); ctx != nil { - ctx.Csrf.DeleteCookie(ctx) + ctx.Csrf.PrepareForSessionUser(ctx) } } diff --git a/services/context/csrf.go b/services/context/csrf.go index 9b66d613e3..7b475a8fd8 100644 --- a/services/context/csrf.go +++ b/services/context/csrf.go @@ -129,10 +129,8 @@ func (c *csrfProtector) PrepareForSessionUser(ctx *Context) { } if needsNew { - // FIXME: actionId. c.token = GenerateCsrfToken(c.opt.Secret, c.id, "POST", time.Now()) - cookie := newCsrfCookie(&c.opt, c.token) - ctx.Resp.Header().Add("Set-Cookie", cookie.String()) + ctx.Resp.Header().Add("Set-Cookie", newCsrfCookie(&c.opt, c.token).String()) } ctx.Data["CsrfToken"] = c.token diff --git a/tests/integration/admin_user_test.go b/tests/integration/admin_user_test.go index 669060c787..090e60da29 100644 --- a/tests/integration/admin_user_test.go +++ b/tests/integration/admin_user_test.go @@ -51,7 +51,7 @@ func testSuccessfullEdit(t *testing.T, formData user_model.User) { func makeRequest(t *testing.T, formData user_model.User, headerCode int) { session := loginUser(t, "user1") - csrf := GetCSRF(t, session, "/admin/users/"+strconv.Itoa(int(formData.ID))+"/edit") + csrf := GetUserCSRFToken(t, session) req := NewRequestWithValues(t, "POST", "/admin/users/"+strconv.Itoa(int(formData.ID))+"/edit", map[string]string{ "_csrf": csrf, "user_name": formData.Name, @@ -72,7 +72,7 @@ func TestAdminDeleteUser(t *testing.T) { session := loginUser(t, "user1") - csrf := GetCSRF(t, session, "/admin/users/8/edit") + csrf := GetUserCSRFToken(t, session) req := NewRequestWithValues(t, "POST", "/admin/users/8/delete", map[string]string{ "_csrf": csrf, }) diff --git a/tests/integration/api_httpsig_test.go b/tests/integration/api_httpsig_test.go index cca477f5e1..b9dc508ad0 100644 --- a/tests/integration/api_httpsig_test.go +++ b/tests/integration/api_httpsig_test.go @@ -95,7 +95,7 @@ func TestHTTPSigCert(t *testing.T) { defer tests.PrepareTestEnv(t)() session := loginUser(t, "user1") - csrf := GetCSRF(t, session, "/user/settings/keys") + csrf := GetUserCSRFToken(t, session) req := NewRequestWithValues(t, "POST", "/user/settings/keys", map[string]string{ "_csrf": csrf, "content": "user1", diff --git a/tests/integration/api_packages_container_test.go b/tests/integration/api_packages_container_test.go index 409e7513a6..3905ad1b70 100644 --- a/tests/integration/api_packages_container_test.go +++ b/tests/integration/api_packages_container_test.go @@ -784,7 +784,7 @@ func TestPackageContainer(t *testing.T) { newOwnerName := "newUsername" req := NewRequestWithValues(t, "POST", "/user/settings", map[string]string{ - "_csrf": GetCSRF(t, session, "/user/settings"), + "_csrf": GetUserCSRFToken(t, session), "name": newOwnerName, "email": "user2@example.com", "language": "en-US", @@ -794,7 +794,7 @@ func TestPackageContainer(t *testing.T) { t.Run(fmt.Sprintf("Catalog[%s]", newOwnerName), checkCatalog(newOwnerName)) req = NewRequestWithValues(t, "POST", "/user/settings", map[string]string{ - "_csrf": GetCSRF(t, session, "/user/settings"), + "_csrf": GetUserCSRFToken(t, session), "name": user.Name, "email": "user2@example.com", "language": "en-US", diff --git a/tests/integration/attachment_test.go b/tests/integration/attachment_test.go index 11aa03bb7e..30c394e9b0 100644 --- a/tests/integration/attachment_test.go +++ b/tests/integration/attachment_test.go @@ -57,14 +57,14 @@ func createAttachment(t *testing.T, session *TestSession, csrf, repoURL, filenam func TestCreateAnonymousAttachment(t *testing.T) { defer tests.PrepareTestEnv(t)() session := emptyTestSession(t) - createAttachment(t, session, GetCSRF(t, session, "/user/login"), "user2/repo1", "image.png", generateImg(), http.StatusSeeOther) + createAttachment(t, session, GetAnonymousCSRFToken(t, session), "user2/repo1", "image.png", generateImg(), http.StatusSeeOther) } func TestCreateIssueAttachment(t *testing.T) { defer tests.PrepareTestEnv(t)() const repoURL = "user2/repo1" session := loginUser(t, "user2") - uuid := createAttachment(t, session, GetCSRF(t, session, repoURL), repoURL, "image.png", generateImg(), http.StatusOK) + uuid := createAttachment(t, session, GetUserCSRFToken(t, session), repoURL, "image.png", generateImg(), http.StatusOK) req := NewRequest(t, "GET", repoURL+"/issues/new") resp := session.MakeRequest(t, req, http.StatusOK) diff --git a/tests/integration/auth_ldap_test.go b/tests/integration/auth_ldap_test.go index 317787f403..deb79187eb 100644 --- a/tests/integration/auth_ldap_test.go +++ b/tests/integration/auth_ldap_test.go @@ -156,7 +156,7 @@ func addAuthSourceLDAP(t *testing.T, sshKeyAttribute, groupFilter string, groupM groupTeamMap = groupMapParams[1] } session := loginUser(t, "user1") - csrf := GetCSRF(t, session, "/admin/auths/new") + csrf := GetUserCSRFToken(t, session) req := NewRequestWithValues(t, "POST", "/admin/auths/new", buildAuthSourceLDAPPayload(csrf, sshKeyAttribute, groupFilter, groupTeamMap, groupTeamMapRemoval)) session.MakeRequest(t, req, http.StatusSeeOther) } @@ -252,7 +252,7 @@ func TestLDAPUserSyncWithEmptyUsernameAttribute(t *testing.T) { defer tests.PrepareTestEnv(t)() session := loginUser(t, "user1") - csrf := GetCSRF(t, session, "/admin/auths/new") + csrf := GetUserCSRFToken(t, session) payload := buildAuthSourceLDAPPayload(csrf, "", "", "", "") payload["attribute_username"] = "" req := NewRequestWithValues(t, "POST", "/admin/auths/new", payload) @@ -487,7 +487,7 @@ func TestLDAPPreventInvalidGroupTeamMap(t *testing.T) { defer tests.PrepareTestEnv(t)() session := loginUser(t, "user1") - csrf := GetCSRF(t, session, "/admin/auths/new") + csrf := GetUserCSRFToken(t, session) req := NewRequestWithValues(t, "POST", "/admin/auths/new", buildAuthSourceLDAPPayload(csrf, "", "", `{"NOT_A_VALID_JSON"["MISSING_DOUBLE_POINT"]}`, "off")) session.MakeRequest(t, req, http.StatusOK) // StatusOK = failed, StatusSeeOther = ok } diff --git a/tests/integration/change_default_branch_test.go b/tests/integration/change_default_branch_test.go index 703834b712..729eb1e4ce 100644 --- a/tests/integration/change_default_branch_test.go +++ b/tests/integration/change_default_branch_test.go @@ -22,7 +22,7 @@ func TestChangeDefaultBranch(t *testing.T) { session := loginUser(t, owner.Name) branchesURL := fmt.Sprintf("/%s/%s/settings/branches", owner.Name, repo.Name) - csrf := GetCSRF(t, session, branchesURL) + csrf := GetUserCSRFToken(t, session) req := NewRequestWithValues(t, "POST", branchesURL, map[string]string{ "_csrf": csrf, "action": "default_branch", @@ -30,7 +30,7 @@ func TestChangeDefaultBranch(t *testing.T) { }) session.MakeRequest(t, req, http.StatusSeeOther) - csrf = GetCSRF(t, session, branchesURL) + csrf = GetUserCSRFToken(t, session) req = NewRequestWithValues(t, "POST", branchesURL, map[string]string{ "_csrf": csrf, "action": "default_branch", diff --git a/tests/integration/delete_user_test.go b/tests/integration/delete_user_test.go index 806b87dc4c..ad3c882882 100644 --- a/tests/integration/delete_user_test.go +++ b/tests/integration/delete_user_test.go @@ -33,7 +33,7 @@ func TestUserDeleteAccount(t *testing.T) { defer tests.PrepareTestEnv(t)() session := loginUser(t, "user8") - csrf := GetCSRF(t, session, "/user/settings/account") + csrf := GetUserCSRFToken(t, session) urlStr := fmt.Sprintf("/user/settings/account/delete?password=%s", userPassword) req := NewRequestWithValues(t, "POST", urlStr, map[string]string{ "_csrf": csrf, @@ -48,7 +48,7 @@ func TestUserDeleteAccountStillOwnRepos(t *testing.T) { defer tests.PrepareTestEnv(t)() session := loginUser(t, "user2") - csrf := GetCSRF(t, session, "/user/settings/account") + csrf := GetUserCSRFToken(t, session) urlStr := fmt.Sprintf("/user/settings/account/delete?password=%s", userPassword) req := NewRequestWithValues(t, "POST", urlStr, map[string]string{ "_csrf": csrf, diff --git a/tests/integration/editor_test.go b/tests/integration/editor_test.go index f510c79bc6..f0f71b80d1 100644 --- a/tests/integration/editor_test.go +++ b/tests/integration/editor_test.go @@ -49,7 +49,7 @@ func TestCreateFileOnProtectedBranch(t *testing.T) { onGiteaRun(t, func(t *testing.T, u *url.URL) { session := loginUser(t, "user2") - csrf := GetCSRF(t, session, "/user2/repo1/settings/branches") + csrf := GetUserCSRFToken(t, session) // Change master branch to protected req := NewRequestWithValues(t, "POST", "/user2/repo1/settings/branches/edit", map[string]string{ "_csrf": csrf, @@ -84,7 +84,7 @@ func TestCreateFileOnProtectedBranch(t *testing.T) { assert.Contains(t, resp.Body.String(), "Cannot commit to protected branch "master".") // remove the protected branch - csrf = GetCSRF(t, session, "/user2/repo1/settings/branches") + csrf = GetUserCSRFToken(t, session) // Change master branch to protected req = NewRequestWithValues(t, "POST", "/user2/repo1/settings/branches/1/delete", map[string]string{ diff --git a/tests/integration/empty_repo_test.go b/tests/integration/empty_repo_test.go index 002aa5600e..630a3c03af 100644 --- a/tests/integration/empty_repo_test.go +++ b/tests/integration/empty_repo_test.go @@ -29,7 +29,7 @@ import ( func testAPINewFile(t *testing.T, session *TestSession, user, repo, branch, treePath, content string) *httptest.ResponseRecorder { url := fmt.Sprintf("/%s/%s/_new/%s", user, repo, branch) req := NewRequestWithValues(t, "POST", url, map[string]string{ - "_csrf": GetCSRF(t, session, "/user/settings"), + "_csrf": GetUserCSRFToken(t, session), "commit_choice": "direct", "tree_path": treePath, "content": content, @@ -63,7 +63,7 @@ func TestEmptyRepoAddFile(t *testing.T) { doc := NewHTMLParser(t, resp.Body).Find(`input[name="commit_choice"]`) assert.Empty(t, doc.AttrOr("checked", "_no_")) req = NewRequestWithValues(t, "POST", "/user30/empty/_new/"+setting.Repository.DefaultBranch, map[string]string{ - "_csrf": GetCSRF(t, session, "/user/settings"), + "_csrf": GetUserCSRFToken(t, session), "commit_choice": "direct", "tree_path": "test-file.md", "content": "newly-added-test-file", @@ -89,7 +89,7 @@ func TestEmptyRepoUploadFile(t *testing.T) { body := &bytes.Buffer{} mpForm := multipart.NewWriter(body) - _ = mpForm.WriteField("_csrf", GetCSRF(t, session, "/user/settings")) + _ = mpForm.WriteField("_csrf", GetUserCSRFToken(t, session)) file, _ := mpForm.CreateFormFile("file", "uploaded-file.txt") _, _ = io.Copy(file, bytes.NewBufferString("newly-uploaded-test-file")) _ = mpForm.Close() @@ -101,7 +101,7 @@ func TestEmptyRepoUploadFile(t *testing.T) { assert.NoError(t, json.Unmarshal(resp.Body.Bytes(), &respMap)) req = NewRequestWithValues(t, "POST", "/user30/empty/_upload/"+setting.Repository.DefaultBranch, map[string]string{ - "_csrf": GetCSRF(t, session, "/user/settings"), + "_csrf": GetUserCSRFToken(t, session), "commit_choice": "direct", "files": respMap["uuid"], "tree_path": "", diff --git a/tests/integration/git_test.go b/tests/integration/git_test.go index ac56cffe5e..f024d22c4a 100644 --- a/tests/integration/git_test.go +++ b/tests/integration/git_test.go @@ -462,7 +462,7 @@ func doBranchProtectPRMerge(baseCtx *APITestContext, dstPath string) func(t *tes func doProtectBranch(ctx APITestContext, branch, userToWhitelistPush, userToWhitelistForcePush, unprotectedFilePatterns string) func(t *testing.T) { // We are going to just use the owner to set the protection. return func(t *testing.T) { - csrf := GetCSRF(t, ctx.Session, fmt.Sprintf("/%s/%s/settings/branches", url.PathEscape(ctx.Username), url.PathEscape(ctx.Reponame))) + csrf := GetUserCSRFToken(t, ctx.Session) formData := map[string]string{ "_csrf": csrf, @@ -644,7 +644,7 @@ func doPushCreate(ctx APITestContext, u *url.URL) func(t *testing.T) { func doBranchDelete(ctx APITestContext, owner, repo, branch string) func(*testing.T) { return func(t *testing.T) { - csrf := GetCSRF(t, ctx.Session, fmt.Sprintf("/%s/%s/branches", url.PathEscape(owner), url.PathEscape(repo))) + csrf := GetUserCSRFToken(t, ctx.Session) req := NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/branches/delete?name=%s", url.PathEscape(owner), url.PathEscape(repo), url.QueryEscape(branch)), map[string]string{ "_csrf": csrf, diff --git a/tests/integration/integration_test.go b/tests/integration/integration_test.go index 1f12430fcf..f72ac5f51c 100644 --- a/tests/integration/integration_test.go +++ b/tests/integration/integration_test.go @@ -486,23 +486,19 @@ func VerifyJSONSchema(t testing.TB, resp *httptest.ResponseRecorder, schemaFile assert.True(t, result.Valid()) } -// GetCSRF returns CSRF token from body -// If it fails, it means the CSRF token is not found in the response body returned by the url with the given session. -// In this case, you should find a better url to get it. -func GetCSRF(t testing.TB, session *TestSession, urlStr string) string { +// GetUserCSRFToken returns CSRF token for current user +func GetUserCSRFToken(t testing.TB, session *TestSession) string { t.Helper() - req := NewRequest(t, "GET", urlStr) - resp := session.MakeRequest(t, req, http.StatusOK) - doc := NewHTMLParser(t, resp.Body) - csrf := doc.GetCSRF() - require.NotEmpty(t, csrf) - return csrf + cookie := session.GetCookie("_csrf") + require.NotEmpty(t, cookie) + return cookie.Value } -// GetCSRFFrom returns CSRF token from body -func GetCSRFFromCookie(t testing.TB, session *TestSession, urlStr string) string { +// GetUserCSRFToken returns CSRF token for anonymous user (not logged in) +func GetAnonymousCSRFToken(t testing.TB, session *TestSession) string { t.Helper() - req := NewRequest(t, "GET", urlStr) - session.MakeRequest(t, req, http.StatusOK) - return session.GetCookie("_csrf").Value + resp := session.MakeRequest(t, NewRequest(t, "GET", "/user/login"), http.StatusOK) + csrfToken := NewHTMLParser(t, resp.Body).GetCSRF() + require.NotEmpty(t, csrfToken) + return csrfToken } diff --git a/tests/integration/issue_test.go b/tests/integration/issue_test.go index 308b82d4b9..df45da84a5 100644 --- a/tests/integration/issue_test.go +++ b/tests/integration/issue_test.go @@ -197,21 +197,21 @@ func TestEditIssue(t *testing.T) { issueURL := testNewIssue(t, session, "user2", "repo1", "Title", "Description") req := NewRequestWithValues(t, "POST", fmt.Sprintf("%s/content", issueURL), map[string]string{ - "_csrf": GetCSRF(t, session, issueURL), + "_csrf": GetUserCSRFToken(t, session), "content": "modified content", "context": fmt.Sprintf("/%s/%s", "user2", "repo1"), }) session.MakeRequest(t, req, http.StatusOK) req = NewRequestWithValues(t, "POST", fmt.Sprintf("%s/content", issueURL), map[string]string{ - "_csrf": GetCSRF(t, session, issueURL), + "_csrf": GetUserCSRFToken(t, session), "content": "modified content", "context": fmt.Sprintf("/%s/%s", "user2", "repo1"), }) session.MakeRequest(t, req, http.StatusBadRequest) req = NewRequestWithValues(t, "POST", fmt.Sprintf("%s/content", issueURL), map[string]string{ - "_csrf": GetCSRF(t, session, issueURL), + "_csrf": GetUserCSRFToken(t, session), "content": "modified content", "content_version": "1", "context": fmt.Sprintf("/%s/%s", "user2", "repo1"), @@ -246,11 +246,11 @@ func TestIssueCommentDelete(t *testing.T) { // Using the ID of a comment that does not belong to the repository must fail req := NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/comments/%d/delete", "user5", "repo4", commentID), map[string]string{ - "_csrf": GetCSRF(t, session, issueURL), + "_csrf": GetUserCSRFToken(t, session), }) session.MakeRequest(t, req, http.StatusNotFound) req = NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/comments/%d/delete", "user2", "repo1", commentID), map[string]string{ - "_csrf": GetCSRF(t, session, issueURL), + "_csrf": GetUserCSRFToken(t, session), }) session.MakeRequest(t, req, http.StatusOK) unittest.AssertNotExistsBean(t, &issues_model.Comment{ID: commentID}) @@ -270,13 +270,13 @@ func TestIssueCommentUpdate(t *testing.T) { // Using the ID of a comment that does not belong to the repository must fail req := NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/comments/%d", "user5", "repo4", commentID), map[string]string{ - "_csrf": GetCSRF(t, session, issueURL), + "_csrf": GetUserCSRFToken(t, session), "content": modifiedContent, }) session.MakeRequest(t, req, http.StatusNotFound) req = NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/comments/%d", "user2", "repo1", commentID), map[string]string{ - "_csrf": GetCSRF(t, session, issueURL), + "_csrf": GetUserCSRFToken(t, session), "content": modifiedContent, }) session.MakeRequest(t, req, http.StatusOK) @@ -298,7 +298,7 @@ func TestIssueCommentUpdateSimultaneously(t *testing.T) { modifiedContent := comment.Content + "MODIFIED" req := NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/comments/%d", "user2", "repo1", commentID), map[string]string{ - "_csrf": GetCSRF(t, session, issueURL), + "_csrf": GetUserCSRFToken(t, session), "content": modifiedContent, }) session.MakeRequest(t, req, http.StatusOK) @@ -306,13 +306,13 @@ func TestIssueCommentUpdateSimultaneously(t *testing.T) { modifiedContent = comment.Content + "2" req = NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/comments/%d", "user2", "repo1", commentID), map[string]string{ - "_csrf": GetCSRF(t, session, issueURL), + "_csrf": GetUserCSRFToken(t, session), "content": modifiedContent, }) session.MakeRequest(t, req, http.StatusBadRequest) req = NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/comments/%d", "user2", "repo1", commentID), map[string]string{ - "_csrf": GetCSRF(t, session, issueURL), + "_csrf": GetUserCSRFToken(t, session), "content": modifiedContent, "content_version": "1", }) diff --git a/tests/integration/mirror_push_test.go b/tests/integration/mirror_push_test.go index 1c262b3349..6b1c808cf4 100644 --- a/tests/integration/mirror_push_test.go +++ b/tests/integration/mirror_push_test.go @@ -81,7 +81,7 @@ func testMirrorPush(t *testing.T, u *url.URL) { func doCreatePushMirror(ctx APITestContext, address, username, password string) func(t *testing.T) { return func(t *testing.T) { - csrf := GetCSRF(t, ctx.Session, fmt.Sprintf("/%s/%s/settings", url.PathEscape(ctx.Username), url.PathEscape(ctx.Reponame))) + csrf := GetUserCSRFToken(t, ctx.Session) req := NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/settings", url.PathEscape(ctx.Username), url.PathEscape(ctx.Reponame)), map[string]string{ "_csrf": csrf, @@ -101,7 +101,7 @@ func doCreatePushMirror(ctx APITestContext, address, username, password string) func doRemovePushMirror(ctx APITestContext, address, username, password string, pushMirrorID int) func(t *testing.T) { return func(t *testing.T) { - csrf := GetCSRF(t, ctx.Session, fmt.Sprintf("/%s/%s/settings", url.PathEscape(ctx.Username), url.PathEscape(ctx.Reponame))) + csrf := GetUserCSRFToken(t, ctx.Session) req := NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/settings", url.PathEscape(ctx.Username), url.PathEscape(ctx.Reponame)), map[string]string{ "_csrf": csrf, diff --git a/tests/integration/nonascii_branches_test.go b/tests/integration/nonascii_branches_test.go index a189273eac..e5934a148d 100644 --- a/tests/integration/nonascii_branches_test.go +++ b/tests/integration/nonascii_branches_test.go @@ -17,7 +17,7 @@ import ( func setDefaultBranch(t *testing.T, session *TestSession, user, repo, branch string) { location := path.Join("/", user, repo, "settings/branches") - csrf := GetCSRF(t, session, location) + csrf := GetUserCSRFToken(t, session) req := NewRequestWithValues(t, "POST", location, map[string]string{ "_csrf": csrf, "action": "default_branch", diff --git a/tests/integration/org_project_test.go b/tests/integration/org_project_test.go index 31d10f16ff..c3894fd7af 100644 --- a/tests/integration/org_project_test.go +++ b/tests/integration/org_project_test.go @@ -34,7 +34,7 @@ func TestOrgProjectAccess(t *testing.T) { // change the org's visibility to private session := loginUser(t, "user2") req = NewRequestWithValues(t, "POST", "/org/org3/settings", map[string]string{ - "_csrf": GetCSRF(t, session, "/org3/-/projects"), + "_csrf": GetUserCSRFToken(t, session), "name": "org3", "visibility": "2", }) @@ -48,7 +48,7 @@ func TestOrgProjectAccess(t *testing.T) { // disable team1's project unit session = loginUser(t, "user2") req = NewRequestWithValues(t, "POST", "/org/org3/teams/team1/edit", map[string]string{ - "_csrf": GetCSRF(t, session, "/org3/-/projects"), + "_csrf": GetUserCSRFToken(t, session), "team_name": "team1", "repo_access": "specific", "permission": "read", diff --git a/tests/integration/org_team_invite_test.go b/tests/integration/org_team_invite_test.go index 919769a61a..274fde4085 100644 --- a/tests/integration/org_team_invite_test.go +++ b/tests/integration/org_team_invite_test.go @@ -40,7 +40,7 @@ func TestOrgTeamEmailInvite(t *testing.T) { session := loginUser(t, "user1") teamURL := fmt.Sprintf("/org/%s/teams/%s", org.Name, team.Name) - csrf := GetCSRF(t, session, teamURL) + csrf := GetUserCSRFToken(t, session) req := NewRequestWithValues(t, "POST", teamURL+"/action/add", map[string]string{ "_csrf": csrf, "uid": "1", @@ -59,7 +59,7 @@ func TestOrgTeamEmailInvite(t *testing.T) { // join the team inviteURL := fmt.Sprintf("/org/invite/%s", invites[0].Token) - csrf = GetCSRF(t, session, inviteURL) + csrf = GetUserCSRFToken(t, session) req = NewRequestWithValues(t, "POST", inviteURL, map[string]string{ "_csrf": csrf, }) @@ -94,7 +94,7 @@ func TestOrgTeamEmailInviteRedirectsExistingUser(t *testing.T) { teamURL := fmt.Sprintf("/org/%s/teams/%s", org.Name, team.Name) req := NewRequestWithValues(t, "POST", teamURL+"/action/add", map[string]string{ - "_csrf": GetCSRF(t, session, teamURL), + "_csrf": GetUserCSRFToken(t, session), "uid": "1", "uname": user.Email, }) @@ -137,7 +137,7 @@ func TestOrgTeamEmailInviteRedirectsExistingUser(t *testing.T) { // make the request req = NewRequestWithValues(t, "POST", test.RedirectURL(resp), map[string]string{ - "_csrf": GetCSRF(t, session, test.RedirectURL(resp)), + "_csrf": GetUserCSRFToken(t, session), }) resp = session.MakeRequest(t, req, http.StatusSeeOther) req = NewRequest(t, "GET", test.RedirectURL(resp)) @@ -165,7 +165,7 @@ func TestOrgTeamEmailInviteRedirectsNewUser(t *testing.T) { teamURL := fmt.Sprintf("/org/%s/teams/%s", org.Name, team.Name) req := NewRequestWithValues(t, "POST", teamURL+"/action/add", map[string]string{ - "_csrf": GetCSRF(t, session, teamURL), + "_csrf": GetUserCSRFToken(t, session), "uid": "1", "uname": "doesnotexist@example.com", }) @@ -210,7 +210,7 @@ func TestOrgTeamEmailInviteRedirectsNewUser(t *testing.T) { // make the redirected request req = NewRequestWithValues(t, "POST", test.RedirectURL(resp), map[string]string{ - "_csrf": GetCSRF(t, session, test.RedirectURL(resp)), + "_csrf": GetUserCSRFToken(t, session), }) resp = session.MakeRequest(t, req, http.StatusSeeOther) req = NewRequest(t, "GET", test.RedirectURL(resp)) @@ -233,22 +233,18 @@ func TestOrgTeamEmailInviteRedirectsNewUserWithActivation(t *testing.T) { } // enable email confirmation temporarily - defer func(prevVal bool) { - setting.Service.RegisterEmailConfirm = prevVal - }(setting.Service.RegisterEmailConfirm) - setting.Service.RegisterEmailConfirm = true - + defer test.MockVariableValue(&setting.Service.RegisterEmailConfirm, true)() defer tests.PrepareTestEnv(t)() org := unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: 3}) team := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: 2}) - // create the invite + // user1: create the invite session := loginUser(t, "user1") teamURL := fmt.Sprintf("/org/%s/teams/%s", org.Name, team.Name) req := NewRequestWithValues(t, "POST", teamURL+"/action/add", map[string]string{ - "_csrf": GetCSRF(t, session, teamURL), + "_csrf": GetUserCSRFToken(t, session), "uid": "1", "uname": "doesnotexist@example.com", }) @@ -261,53 +257,34 @@ func TestOrgTeamEmailInviteRedirectsNewUserWithActivation(t *testing.T) { assert.NoError(t, err) assert.Len(t, invites, 1) - // accept the invite + // new user: accept the invite + session = emptyTestSession(t) + inviteURL := fmt.Sprintf("/org/invite/%s", invites[0].Token) req = NewRequest(t, "GET", fmt.Sprintf("/user/sign_up?redirect_to=%s", url.QueryEscape(inviteURL))) - inviteResp := MakeRequest(t, req, http.StatusOK) - - doc := NewHTMLParser(t, resp.Body) + session.MakeRequest(t, req, http.StatusOK) req = NewRequestWithValues(t, "POST", "/user/sign_up", map[string]string{ - "_csrf": doc.GetCSRF(), "user_name": "doesnotexist", "email": "doesnotexist@example.com", "password": "examplePassword!1", "retype": "examplePassword!1", }) - for _, c := range inviteResp.Result().Cookies() { - req.AddCookie(c) - } - - resp = MakeRequest(t, req, http.StatusOK) + session.MakeRequest(t, req, http.StatusOK) user, err := user_model.GetUserByName(db.DefaultContext, "doesnotexist") assert.NoError(t, err) - ch := http.Header{} - ch.Add("Cookie", strings.Join(resp.Header()["Set-Cookie"], ";")) - cr := http.Request{Header: ch} - - session = emptyTestSession(t) - baseURL, err := url.Parse(setting.AppURL) - assert.NoError(t, err) - session.jar.SetCookies(baseURL, cr.Cookies()) - activateURL := fmt.Sprintf("/user/activate?code=%s", user.GenerateEmailActivateCode("doesnotexist@example.com")) req = NewRequestWithValues(t, "POST", activateURL, map[string]string{ "password": "examplePassword!1", }) - // use the cookies set by the signup request - for _, c := range inviteResp.Result().Cookies() { - req.AddCookie(c) - } - resp = session.MakeRequest(t, req, http.StatusSeeOther) // should be redirected to accept the invite assert.Equal(t, inviteURL, test.RedirectURL(resp)) req = NewRequestWithValues(t, "POST", test.RedirectURL(resp), map[string]string{ - "_csrf": GetCSRF(t, session, test.RedirectURL(resp)), + "_csrf": GetUserCSRFToken(t, session), }) resp = session.MakeRequest(t, req, http.StatusSeeOther) req = NewRequest(t, "GET", test.RedirectURL(resp)) @@ -342,7 +319,7 @@ func TestOrgTeamEmailInviteRedirectsExistingUserWithLogin(t *testing.T) { teamURL := fmt.Sprintf("/org/%s/teams/%s", org.Name, team.Name) req := NewRequestWithValues(t, "POST", teamURL+"/action/add", map[string]string{ - "_csrf": GetCSRF(t, session, teamURL), + "_csrf": GetUserCSRFToken(t, session), "uid": "1", "uname": user.Email, }) @@ -366,7 +343,7 @@ func TestOrgTeamEmailInviteRedirectsExistingUserWithLogin(t *testing.T) { // make the request req = NewRequestWithValues(t, "POST", test.RedirectURL(resp), map[string]string{ - "_csrf": GetCSRF(t, session, test.RedirectURL(resp)), + "_csrf": GetUserCSRFToken(t, session), }) resp = session.MakeRequest(t, req, http.StatusSeeOther) req = NewRequest(t, "GET", test.RedirectURL(resp)) diff --git a/tests/integration/privateactivity_test.go b/tests/integration/privateactivity_test.go index 5362462f7d..a1fbadec99 100644 --- a/tests/integration/privateactivity_test.go +++ b/tests/integration/privateactivity_test.go @@ -48,7 +48,7 @@ func testPrivateActivityDoSomethingForActionEntries(t *testing.T) { func testPrivateActivityHelperEnablePrivateActivity(t *testing.T) { session := loginUser(t, privateActivityTestUser) req := NewRequestWithValues(t, "POST", "/user/settings", map[string]string{ - "_csrf": GetCSRF(t, session, "/user/settings"), + "_csrf": GetUserCSRFToken(t, session), "name": privateActivityTestUser, "email": privateActivityTestUser + "@example.com", "language": "en-US", diff --git a/tests/integration/pull_merge_test.go b/tests/integration/pull_merge_test.go index 9a412329a1..c1c8a8bf4e 100644 --- a/tests/integration/pull_merge_test.go +++ b/tests/integration/pull_merge_test.go @@ -694,7 +694,7 @@ func TestPullAutoMergeAfterCommitStatusSucceed(t *testing.T) { }) // add protected branch for commit status - csrf := GetCSRF(t, session, "/user2/repo1/settings/branches") + csrf := GetUserCSRFToken(t, session) // Change master branch to protected req := NewRequestWithValues(t, "POST", "/user2/repo1/settings/branches/edit", map[string]string{ "_csrf": csrf, @@ -777,7 +777,7 @@ func TestPullAutoMergeAfterCommitStatusSucceedAndApproval(t *testing.T) { }) // add protected branch for commit status - csrf := GetCSRF(t, session, "/user2/repo1/settings/branches") + csrf := GetUserCSRFToken(t, session) // Change master branch to protected req := NewRequestWithValues(t, "POST", "/user2/repo1/settings/branches/edit", map[string]string{ "_csrf": csrf, @@ -905,7 +905,7 @@ func TestPullAutoMergeAfterCommitStatusSucceedAndApprovalForAgitFlow(t *testing. session := loginUser(t, "user1") // add protected branch for commit status - csrf := GetCSRF(t, session, "/user2/repo1/settings/branches") + csrf := GetUserCSRFToken(t, session) // Change master branch to protected req := NewRequestWithValues(t, "POST", "/user2/repo1/settings/branches/edit", map[string]string{ "_csrf": csrf, diff --git a/tests/integration/pull_status_test.go b/tests/integration/pull_status_test.go index 26e1baeb11..ac9036ca96 100644 --- a/tests/integration/pull_status_test.go +++ b/tests/integration/pull_status_test.go @@ -29,7 +29,7 @@ func TestPullCreate_CommitStatus(t *testing.T) { url := path.Join("user1", "repo1", "compare", "master...status1") req := NewRequestWithValues(t, "POST", url, map[string]string{ - "_csrf": GetCSRF(t, session, url), + "_csrf": GetUserCSRFToken(t, session), "title": "pull request from status1", }, ) @@ -129,7 +129,7 @@ func TestPullCreate_EmptyChangesWithDifferentCommits(t *testing.T) { url := path.Join("user1", "repo1", "compare", "master...status1") req := NewRequestWithValues(t, "POST", url, map[string]string{ - "_csrf": GetCSRF(t, session, url), + "_csrf": GetUserCSRFToken(t, session), "title": "pull request from status1", }, ) @@ -152,7 +152,7 @@ func TestPullCreate_EmptyChangesWithSameCommits(t *testing.T) { url := path.Join("user1", "repo1", "compare", "master...status1") req := NewRequestWithValues(t, "POST", url, map[string]string{ - "_csrf": GetCSRF(t, session, url), + "_csrf": GetUserCSRFToken(t, session), "title": "pull request from status1", }, ) diff --git a/tests/integration/rename_branch_test.go b/tests/integration/rename_branch_test.go index 71bfb6b6cb..576264ba95 100644 --- a/tests/integration/rename_branch_test.go +++ b/tests/integration/rename_branch_test.go @@ -54,7 +54,7 @@ func testRenameBranch(t *testing.T, u *url.URL) { assert.Equal(t, "main", repo1.DefaultBranch) // create branch1 - csrf := GetCSRF(t, session, "/user2/repo1/src/branch/main") + csrf := GetUserCSRFToken(t, session) req = NewRequestWithValues(t, "POST", "/user2/repo1/branches/_new/branch/main", map[string]string{ "_csrf": csrf, diff --git a/tests/integration/repo_branch_test.go b/tests/integration/repo_branch_test.go index f5217374b0..6d1cc8afcf 100644 --- a/tests/integration/repo_branch_test.go +++ b/tests/integration/repo_branch_test.go @@ -27,14 +27,7 @@ import ( ) func testCreateBranch(t testing.TB, session *TestSession, user, repo, oldRefSubURL, newBranchName string, expectedStatus int) string { - var csrf string - if expectedStatus == http.StatusNotFound { - // src/branch/branch_name may not container "_csrf" input, - // so we need to get it from cookies not from body - csrf = GetCSRFFromCookie(t, session, path.Join(user, repo, "src/branch/master")) - } else { - csrf = GetCSRFFromCookie(t, session, path.Join(user, repo, "src", oldRefSubURL)) - } + csrf := GetUserCSRFToken(t, session) req := NewRequestWithValues(t, "POST", path.Join(user, repo, "branches/_new", oldRefSubURL), map[string]string{ "_csrf": csrf, "new_branch_name": newBranchName, diff --git a/tests/integration/signin_test.go b/tests/integration/signin_test.go index 77e19bba96..886d4a8259 100644 --- a/tests/integration/signin_test.go +++ b/tests/integration/signin_test.go @@ -21,7 +21,6 @@ import ( func testLoginFailed(t *testing.T, username, password, message string) { session := emptyTestSession(t) req := NewRequestWithValues(t, "POST", "/user/login", map[string]string{ - "_csrf": GetCSRF(t, session, "/user/login"), "user_name": username, "password": password, }) @@ -68,7 +67,6 @@ func TestSigninWithRememberMe(t *testing.T) { session := emptyTestSession(t) req := NewRequestWithValues(t, "POST", "/user/login", map[string]string{ - "_csrf": GetCSRF(t, session, "/user/login"), "user_name": user.Name, "password": userPassword, "remember": "on", diff --git a/tests/integration/user_avatar_test.go b/tests/integration/user_avatar_test.go index ec5813df0d..caca9a3e56 100644 --- a/tests/integration/user_avatar_test.go +++ b/tests/integration/user_avatar_test.go @@ -37,7 +37,7 @@ func TestUserAvatar(t *testing.T) { } session := loginUser(t, "user2") - csrf := GetCSRF(t, session, "/user/settings") + csrf := GetUserCSRFToken(t, session) imgData := &bytes.Buffer{} diff --git a/tests/integration/user_test.go b/tests/integration/user_test.go index c4544f37aa..53d88aeb37 100644 --- a/tests/integration/user_test.go +++ b/tests/integration/user_test.go @@ -33,7 +33,7 @@ func TestRenameUsername(t *testing.T) { session := loginUser(t, "user2") req := NewRequestWithValues(t, "POST", "/user/settings", map[string]string{ - "_csrf": GetCSRF(t, session, "/user/settings"), + "_csrf": GetUserCSRFToken(t, session), "name": "newUsername", "email": "user2@example.com", "language": "en-US", @@ -77,7 +77,7 @@ func TestRenameInvalidUsername(t *testing.T) { t.Logf("Testing username %s", invalidUsername) req := NewRequestWithValues(t, "POST", "/user/settings", map[string]string{ - "_csrf": GetCSRF(t, session, "/user/settings"), + "_csrf": GetUserCSRFToken(t, session), "name": invalidUsername, "email": "user2@example.com", }) @@ -135,7 +135,7 @@ func TestRenameReservedUsername(t *testing.T) { for _, reservedUsername := range reservedUsernames { t.Logf("Testing username %s", reservedUsername) req := NewRequestWithValues(t, "POST", "/user/settings", map[string]string{ - "_csrf": GetCSRF(t, session, "/user/settings"), + "_csrf": GetUserCSRFToken(t, session), "name": reservedUsername, "email": "user2@example.com", "language": "en-US", @@ -293,7 +293,7 @@ func TestUserLocationMapLink(t *testing.T) { session := loginUser(t, "user2") req := NewRequestWithValues(t, "POST", "/user/settings", map[string]string{ - "_csrf": GetCSRF(t, session, "/user/settings"), + "_csrf": GetUserCSRFToken(t, session), "name": "user2", "email": "user@example.com", "language": "en-US", diff --git a/tests/integration/xss_test.go b/tests/integration/xss_test.go index e575ed3990..a8eaa5fc62 100644 --- a/tests/integration/xss_test.go +++ b/tests/integration/xss_test.go @@ -21,7 +21,7 @@ func TestXSSUserFullName(t *testing.T) { session := loginUser(t, user.Name) req := NewRequestWithValues(t, "POST", "/user/settings", map[string]string{ - "_csrf": GetCSRF(t, session, "/user/settings"), + "_csrf": GetUserCSRFToken(t, session), "name": user.Name, "full_name": fullName, "email": user.Email, From c2217670dd7514e17fc9c1f17d7e459b842ea798 Mon Sep 17 00:00:00 2001 From: Lunny Xiao Date: Thu, 10 Oct 2024 12:56:49 +0800 Subject: [PATCH 08/27] Move admin routers from /admin to /-/admin (#32189) Resolve #32181 --------- Co-authored-by: wxiaoguang --- models/user/user.go | 1 - routers/api/v1/admin/hooks.go | 4 +- routers/api/v1/utils/hook.go | 4 +- routers/web/admin/admin.go | 4 +- routers/web/admin/applications.go | 4 +- routers/web/admin/auths.go | 8 ++-- routers/web/admin/config.go | 4 +- routers/web/admin/emails.go | 2 +- routers/web/admin/hooks.go | 10 ++--- routers/web/admin/notice.go | 2 +- routers/web/admin/packages.go | 4 +- routers/web/admin/queue.go | 6 +-- routers/web/admin/repos.go | 8 ++-- routers/web/admin/runners.go | 2 +- routers/web/admin/stacktrace.go | 2 +- routers/web/admin/users.go | 22 +++++----- routers/web/repo/setting/runners.go | 2 +- routers/web/repo/setting/variables.go | 2 +- routers/web/repo/setting/webhook.go | 4 +- routers/web/web.go | 2 +- templates/admin/auth/list.tmpl | 6 +-- templates/admin/config.tmpl | 4 +- templates/admin/config_settings.tmpl | 2 +- templates/admin/cron.tmpl | 2 +- templates/admin/dashboard.tmpl | 2 +- templates/admin/emails/list.tmpl | 2 +- templates/admin/navbar.tmpl | 42 +++++++++---------- templates/admin/notice.tmpl | 2 +- templates/admin/packages/list.tmpl | 2 +- templates/admin/repo/list.tmpl | 2 +- templates/admin/repo/unadopted.tmpl | 6 +-- templates/admin/stacktrace.tmpl | 2 +- templates/admin/user/list.tmpl | 2 +- templates/base/footer_content.tmpl | 2 +- templates/base/head_navbar.tmpl | 2 +- templates/shared/user/profile_big_avatar.tmpl | 2 +- tests/integration/admin_config_test.go | 2 +- tests/integration/admin_user_test.go | 12 +++--- tests/integration/auth_ldap_test.go | 10 ++--- tests/integration/user_test.go | 1 - web_src/js/features/admin/config.ts | 2 +- web_src/js/features/admin/selfcheck.ts | 2 +- 42 files changed, 103 insertions(+), 105 deletions(-) diff --git a/models/user/user.go b/models/user/user.go index d5c4833cde..c1e3d5d1c7 100644 --- a/models/user/user.go +++ b/models/user/user.go @@ -565,7 +565,6 @@ var ( ".", "..", ".well-known", - "admin", "api", "assets", "attachments", diff --git a/routers/api/v1/admin/hooks.go b/routers/api/v1/admin/hooks.go index fa60836b7e..db481fbf59 100644 --- a/routers/api/v1/admin/hooks.go +++ b/routers/api/v1/admin/hooks.go @@ -45,7 +45,7 @@ func ListHooks(ctx *context.APIContext) { } hooks := make([]*api.Hook, len(sysHooks)) for i, hook := range sysHooks { - h, err := webhook_service.ToHook(setting.AppURL+"/admin", hook) + h, err := webhook_service.ToHook(setting.AppURL+"/-/admin", hook) if err != nil { ctx.Error(http.StatusInternalServerError, "convert.ToHook", err) return @@ -83,7 +83,7 @@ func GetHook(ctx *context.APIContext) { } return } - h, err := webhook_service.ToHook("/admin/", hook) + h, err := webhook_service.ToHook("/-/admin/", hook) if err != nil { ctx.Error(http.StatusInternalServerError, "convert.ToHook", err) return diff --git a/routers/api/v1/utils/hook.go b/routers/api/v1/utils/hook.go index f1abd49a7d..4328878e19 100644 --- a/routers/api/v1/utils/hook.go +++ b/routers/api/v1/utils/hook.go @@ -100,7 +100,7 @@ func checkCreateHookOption(ctx *context.APIContext, form *api.CreateHookOption) func AddSystemHook(ctx *context.APIContext, form *api.CreateHookOption) { hook, ok := addHook(ctx, form, 0, 0) if ok { - h, err := webhook_service.ToHook(setting.AppSubURL+"/admin", hook) + h, err := webhook_service.ToHook(setting.AppSubURL+"/-/admin", hook) if err != nil { ctx.Error(http.StatusInternalServerError, "convert.ToHook", err) return @@ -268,7 +268,7 @@ func EditSystemHook(ctx *context.APIContext, form *api.EditHookOption, hookID in ctx.Error(http.StatusInternalServerError, "GetSystemOrDefaultWebhook", err) return } - h, err := webhook_service.ToHook(setting.AppURL+"/admin", updated) + h, err := webhook_service.ToHook(setting.AppURL+"/-/admin", updated) if err != nil { ctx.Error(http.StatusInternalServerError, "convert.ToHook", err) return diff --git a/routers/web/admin/admin.go b/routers/web/admin/admin.go index 6fc97c949e..37c54b5362 100644 --- a/routers/web/admin/admin.go +++ b/routers/web/admin/admin.go @@ -185,9 +185,9 @@ func DashboardPost(ctx *context.Context) { } } if form.From == "monitor" { - ctx.Redirect(setting.AppSubURL + "/admin/monitor/cron") + ctx.Redirect(setting.AppSubURL + "/-/admin/monitor/cron") } else { - ctx.Redirect(setting.AppSubURL + "/admin") + ctx.Redirect(setting.AppSubURL + "/-/admin") } } diff --git a/routers/web/admin/applications.go b/routers/web/admin/applications.go index 8583398074..9b48f21eca 100644 --- a/routers/web/admin/applications.go +++ b/routers/web/admin/applications.go @@ -23,8 +23,8 @@ var ( func newOAuth2CommonHandlers() *user_setting.OAuth2CommonHandlers { return &user_setting.OAuth2CommonHandlers{ OwnerID: 0, - BasePathList: fmt.Sprintf("%s/admin/applications", setting.AppSubURL), - BasePathEditPrefix: fmt.Sprintf("%s/admin/applications/oauth2", setting.AppSubURL), + BasePathList: fmt.Sprintf("%s/-/admin/applications", setting.AppSubURL), + BasePathEditPrefix: fmt.Sprintf("%s/-/admin/applications/oauth2", setting.AppSubURL), TplAppEdit: tplSettingsOauth2ApplicationEdit, } } diff --git a/routers/web/admin/auths.go b/routers/web/admin/auths.go index 3b89be0f8f..60e2b7c86f 100644 --- a/routers/web/admin/auths.go +++ b/routers/web/admin/auths.go @@ -324,7 +324,7 @@ func NewAuthSourcePost(ctx *context.Context) { log.Trace("Authentication created by admin(%s): %s", ctx.Doer.Name, form.Name) ctx.Flash.Success(ctx.Tr("admin.auths.new_success", form.Name)) - ctx.Redirect(setting.AppSubURL + "/admin/auths") + ctx.Redirect(setting.AppSubURL + "/-/admin/auths") } // EditAuthSource render editing auth source page @@ -437,7 +437,7 @@ func EditAuthSourcePost(ctx *context.Context) { log.Trace("Authentication changed by admin(%s): %d", ctx.Doer.Name, source.ID) ctx.Flash.Success(ctx.Tr("admin.auths.update_success")) - ctx.Redirect(setting.AppSubURL + "/admin/auths/" + strconv.FormatInt(form.ID, 10)) + ctx.Redirect(setting.AppSubURL + "/-/admin/auths/" + strconv.FormatInt(form.ID, 10)) } // DeleteAuthSource response for deleting an auth source @@ -454,11 +454,11 @@ func DeleteAuthSource(ctx *context.Context) { } else { ctx.Flash.Error(fmt.Sprintf("auth_service.DeleteSource: %v", err)) } - ctx.JSONRedirect(setting.AppSubURL + "/admin/auths/" + url.PathEscape(ctx.PathParam(":authid"))) + ctx.JSONRedirect(setting.AppSubURL + "/-/admin/auths/" + url.PathEscape(ctx.PathParam(":authid"))) return } log.Trace("Authentication deleted by admin(%s): %d", ctx.Doer.Name, source.ID) ctx.Flash.Success(ctx.Tr("admin.auths.deletion_success")) - ctx.JSONRedirect(setting.AppSubURL + "/admin/auths") + ctx.JSONRedirect(setting.AppSubURL + "/-/admin/auths") } diff --git a/routers/web/admin/config.go b/routers/web/admin/config.go index 2ae93e9cac..d067250a5b 100644 --- a/routers/web/admin/config.go +++ b/routers/web/admin/config.go @@ -40,7 +40,7 @@ func SendTestMail(ctx *context.Context) { ctx.Flash.Info(ctx.Tr("admin.config.test_mail_sent", email)) } - ctx.Redirect(setting.AppSubURL + "/admin/config") + ctx.Redirect(setting.AppSubURL + "/-/admin/config") } // TestCache test the cache settings @@ -56,7 +56,7 @@ func TestCache(ctx *context.Context) { } } - ctx.Redirect(setting.AppSubURL + "/admin/config") + ctx.Redirect(setting.AppSubURL + "/-/admin/config") } func shadowPasswordKV(cfgItem, splitter string) string { diff --git a/routers/web/admin/emails.go b/routers/web/admin/emails.go index f0d8555070..49338fbd7c 100644 --- a/routers/web/admin/emails.go +++ b/routers/web/admin/emails.go @@ -134,7 +134,7 @@ func ActivateEmail(ctx *context.Context) { ctx.Flash.Info(ctx.Tr("admin.emails.updated")) } - redirect, _ := url.Parse(setting.AppSubURL + "/admin/emails") + redirect, _ := url.Parse(setting.AppSubURL + "/-/admin/emails") q := url.Values{} if val := ctx.FormTrim("q"); len(val) > 0 { q.Set("q", val) diff --git a/routers/web/admin/hooks.go b/routers/web/admin/hooks.go index e40580b6e7..91ca6e3fa7 100644 --- a/routers/web/admin/hooks.go +++ b/routers/web/admin/hooks.go @@ -36,8 +36,8 @@ func DefaultOrSystemWebhooks(ctx *context.Context) { sys["Title"] = ctx.Tr("admin.systemhooks") sys["Description"] = ctx.Tr("admin.systemhooks.desc", "https://docs.gitea.com/usage/webhooks") sys["Webhooks"], err = webhook.GetSystemWebhooks(ctx, optional.None[bool]()) - sys["BaseLink"] = setting.AppSubURL + "/admin/hooks" - sys["BaseLinkNew"] = setting.AppSubURL + "/admin/system-hooks" + sys["BaseLink"] = setting.AppSubURL + "/-/admin/hooks" + sys["BaseLinkNew"] = setting.AppSubURL + "/-/admin/system-hooks" if err != nil { ctx.ServerError("GetWebhooksAdmin", err) return @@ -46,8 +46,8 @@ func DefaultOrSystemWebhooks(ctx *context.Context) { def["Title"] = ctx.Tr("admin.defaulthooks") def["Description"] = ctx.Tr("admin.defaulthooks.desc", "https://docs.gitea.com/usage/webhooks") def["Webhooks"], err = webhook.GetDefaultWebhooks(ctx) - def["BaseLink"] = setting.AppSubURL + "/admin/hooks" - def["BaseLinkNew"] = setting.AppSubURL + "/admin/default-hooks" + def["BaseLink"] = setting.AppSubURL + "/-/admin/hooks" + def["BaseLinkNew"] = setting.AppSubURL + "/-/admin/default-hooks" if err != nil { ctx.ServerError("GetWebhooksAdmin", err) return @@ -67,5 +67,5 @@ func DeleteDefaultOrSystemWebhook(ctx *context.Context) { ctx.Flash.Success(ctx.Tr("repo.settings.webhook_deletion_success")) } - ctx.JSONRedirect(setting.AppSubURL + "/admin/hooks") + ctx.JSONRedirect(setting.AppSubURL + "/-/admin/hooks") } diff --git a/routers/web/admin/notice.go b/routers/web/admin/notice.go index 36303cbc06..5f7432e629 100644 --- a/routers/web/admin/notice.go +++ b/routers/web/admin/notice.go @@ -74,5 +74,5 @@ func EmptyNotices(ctx *context.Context) { log.Trace("System notices deleted by admin (%s): [start: %d]", ctx.Doer.Name, 0) ctx.Flash.Success(ctx.Tr("admin.notices.delete_success")) - ctx.Redirect(setting.AppSubURL + "/admin/notices") + ctx.Redirect(setting.AppSubURL + "/-/admin/notices") } diff --git a/routers/web/admin/packages.go b/routers/web/admin/packages.go index 39f064a1be..2b9edc622d 100644 --- a/routers/web/admin/packages.go +++ b/routers/web/admin/packages.go @@ -99,7 +99,7 @@ func DeletePackageVersion(ctx *context.Context) { } ctx.Flash.Success(ctx.Tr("packages.settings.delete.success")) - ctx.JSONRedirect(setting.AppSubURL + "/admin/packages?page=" + url.QueryEscape(ctx.FormString("page")) + "&q=" + url.QueryEscape(ctx.FormString("q")) + "&type=" + url.QueryEscape(ctx.FormString("type"))) + ctx.JSONRedirect(setting.AppSubURL + "/-/admin/packages?page=" + url.QueryEscape(ctx.FormString("page")) + "&q=" + url.QueryEscape(ctx.FormString("q")) + "&type=" + url.QueryEscape(ctx.FormString("type"))) } func CleanupExpiredData(ctx *context.Context) { @@ -109,5 +109,5 @@ func CleanupExpiredData(ctx *context.Context) { } ctx.Flash.Success(ctx.Tr("admin.packages.cleanup.success")) - ctx.Redirect(setting.AppSubURL + "/admin/packages") + ctx.Redirect(setting.AppSubURL + "/-/admin/packages") } diff --git a/routers/web/admin/queue.go b/routers/web/admin/queue.go index dce8f8077f..59b17f88e6 100644 --- a/routers/web/admin/queue.go +++ b/routers/web/admin/queue.go @@ -53,7 +53,7 @@ func QueueSet(ctx *context.Context) { maxNumber, err = strconv.Atoi(maxNumberStr) if err != nil { ctx.Flash.Error(ctx.Tr("admin.monitor.queue.settings.maxnumberworkers.error")) - ctx.Redirect(setting.AppSubURL + "/admin/monitor/queue/" + strconv.FormatInt(qid, 10)) + ctx.Redirect(setting.AppSubURL + "/-/admin/monitor/queue/" + strconv.FormatInt(qid, 10)) return } if maxNumber < -1 { @@ -65,7 +65,7 @@ func QueueSet(ctx *context.Context) { mq.SetWorkerMaxNumber(maxNumber) ctx.Flash.Success(ctx.Tr("admin.monitor.queue.settings.changed")) - ctx.Redirect(setting.AppSubURL + "/admin/monitor/queue/" + strconv.FormatInt(qid, 10)) + ctx.Redirect(setting.AppSubURL + "/-/admin/monitor/queue/" + strconv.FormatInt(qid, 10)) } func QueueRemoveAllItems(ctx *context.Context) { @@ -85,5 +85,5 @@ func QueueRemoveAllItems(ctx *context.Context) { } ctx.Flash.Success(ctx.Tr("admin.monitor.queue.settings.remove_all_items_done")) - ctx.Redirect(setting.AppSubURL + "/admin/monitor/queue/" + strconv.FormatInt(qid, 10)) + ctx.Redirect(setting.AppSubURL + "/-/admin/monitor/queue/" + strconv.FormatInt(qid, 10)) } diff --git a/routers/web/admin/repos.go b/routers/web/admin/repos.go index e7c27145dc..75e5ee5d86 100644 --- a/routers/web/admin/repos.go +++ b/routers/web/admin/repos.go @@ -58,7 +58,7 @@ func DeleteRepo(ctx *context.Context) { log.Trace("Repository deleted: %s", repo.FullName()) ctx.Flash.Success(ctx.Tr("repo.settings.deletion_success")) - ctx.JSONRedirect(setting.AppSubURL + "/admin/repos?page=" + url.QueryEscape(ctx.FormString("page")) + "&sort=" + url.QueryEscape(ctx.FormString("sort"))) + ctx.JSONRedirect(setting.AppSubURL + "/-/admin/repos?page=" + url.QueryEscape(ctx.FormString("page")) + "&sort=" + url.QueryEscape(ctx.FormString("sort"))) } // UnadoptedRepos lists the unadopted repositories @@ -114,7 +114,7 @@ func AdoptOrDeleteRepository(ctx *context.Context) { dirSplit := strings.SplitN(dir, "/", 2) if len(dirSplit) != 2 { - ctx.Redirect(setting.AppSubURL + "/admin/repos") + ctx.Redirect(setting.AppSubURL + "/-/admin/repos") return } @@ -122,7 +122,7 @@ func AdoptOrDeleteRepository(ctx *context.Context) { if err != nil { if user_model.IsErrUserNotExist(err) { log.Debug("User does not exist: %s", dirSplit[0]) - ctx.Redirect(setting.AppSubURL + "/admin/repos") + ctx.Redirect(setting.AppSubURL + "/-/admin/repos") return } ctx.ServerError("GetUserByName", err) @@ -160,5 +160,5 @@ func AdoptOrDeleteRepository(ctx *context.Context) { } ctx.Flash.Success(ctx.Tr("repo.delete_preexisting_success", dir)) } - ctx.Redirect(setting.AppSubURL + "/admin/repos/unadopted?search=true&q=" + url.QueryEscape(q) + "&page=" + url.QueryEscape(page)) + ctx.Redirect(setting.AppSubURL + "/-/admin/repos/unadopted?search=true&q=" + url.QueryEscape(q) + "&page=" + url.QueryEscape(page)) } diff --git a/routers/web/admin/runners.go b/routers/web/admin/runners.go index d73290a8db..4b89237364 100644 --- a/routers/web/admin/runners.go +++ b/routers/web/admin/runners.go @@ -9,5 +9,5 @@ import ( ) func RedirectToDefaultSetting(ctx *context.Context) { - ctx.Redirect(setting.AppSubURL + "/admin/actions/runners") + ctx.Redirect(setting.AppSubURL + "/-/admin/actions/runners") } diff --git a/routers/web/admin/stacktrace.go b/routers/web/admin/stacktrace.go index b3b635af5b..ff751be621 100644 --- a/routers/web/admin/stacktrace.go +++ b/routers/web/admin/stacktrace.go @@ -42,5 +42,5 @@ func Stacktrace(ctx *context.Context) { func StacktraceCancel(ctx *context.Context) { pid := ctx.PathParam("pid") process.GetManager().Cancel(process.IDType(pid)) - ctx.JSONRedirect(setting.AppSubURL + "/admin/monitor/stacktrace") + ctx.JSONRedirect(setting.AppSubURL + "/-/admin/monitor/stacktrace") } diff --git a/routers/web/admin/users.go b/routers/web/admin/users.go index 48ff8ea04b..a6b0b5c78b 100644 --- a/routers/web/admin/users.go +++ b/routers/web/admin/users.go @@ -215,14 +215,14 @@ func NewUserPost(ctx *context.Context) { } ctx.Flash.Success(ctx.Tr("admin.users.new_success", u.Name)) - ctx.Redirect(setting.AppSubURL + "/admin/users/" + strconv.FormatInt(u.ID, 10)) + ctx.Redirect(setting.AppSubURL + "/-/admin/users/" + strconv.FormatInt(u.ID, 10)) } func prepareUserInfo(ctx *context.Context) *user_model.User { u, err := user_model.GetUserByID(ctx, ctx.PathParamInt64(":userid")) if err != nil { if user_model.IsErrUserNotExist(err) { - ctx.Redirect(setting.AppSubURL + "/admin/users") + ctx.Redirect(setting.AppSubURL + "/-/admin/users") } else { ctx.ServerError("GetUserByID", err) } @@ -481,7 +481,7 @@ func EditUserPost(ctx *context.Context) { } ctx.Flash.Success(ctx.Tr("admin.users.update_profile_success")) - ctx.Redirect(setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.PathParam(":userid"))) + ctx.Redirect(setting.AppSubURL + "/-/admin/users/" + url.PathEscape(ctx.PathParam(":userid"))) } // DeleteUser response for deleting a user @@ -495,7 +495,7 @@ func DeleteUser(ctx *context.Context) { // admin should not delete themself if u.ID == ctx.Doer.ID { ctx.Flash.Error(ctx.Tr("admin.users.cannot_delete_self")) - ctx.Redirect(setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.PathParam(":userid"))) + ctx.Redirect(setting.AppSubURL + "/-/admin/users/" + url.PathEscape(ctx.PathParam(":userid"))) return } @@ -503,16 +503,16 @@ func DeleteUser(ctx *context.Context) { switch { case models.IsErrUserOwnRepos(err): ctx.Flash.Error(ctx.Tr("admin.users.still_own_repo")) - ctx.Redirect(setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.PathParam(":userid"))) + ctx.Redirect(setting.AppSubURL + "/-/admin/users/" + url.PathEscape(ctx.PathParam(":userid"))) case models.IsErrUserHasOrgs(err): ctx.Flash.Error(ctx.Tr("admin.users.still_has_org")) - ctx.Redirect(setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.PathParam(":userid"))) + ctx.Redirect(setting.AppSubURL + "/-/admin/users/" + url.PathEscape(ctx.PathParam(":userid"))) case models.IsErrUserOwnPackages(err): ctx.Flash.Error(ctx.Tr("admin.users.still_own_packages")) - ctx.Redirect(setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.PathParam(":userid"))) + ctx.Redirect(setting.AppSubURL + "/-/admin/users/" + url.PathEscape(ctx.PathParam(":userid"))) case models.IsErrDeleteLastAdminUser(err): ctx.Flash.Error(ctx.Tr("auth.last_admin")) - ctx.Redirect(setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.PathParam(":userid"))) + ctx.Redirect(setting.AppSubURL + "/-/admin/users/" + url.PathEscape(ctx.PathParam(":userid"))) default: ctx.ServerError("DeleteUser", err) } @@ -521,7 +521,7 @@ func DeleteUser(ctx *context.Context) { log.Trace("Account deleted by admin (%s): %s", ctx.Doer.Name, u.Name) ctx.Flash.Success(ctx.Tr("admin.users.deletion_success")) - ctx.Redirect(setting.AppSubURL + "/admin/users") + ctx.Redirect(setting.AppSubURL + "/-/admin/users") } // AvatarPost response for change user's avatar request @@ -538,7 +538,7 @@ func AvatarPost(ctx *context.Context) { ctx.Flash.Success(ctx.Tr("settings.update_user_avatar_success")) } - ctx.Redirect(setting.AppSubURL + "/admin/users/" + strconv.FormatInt(u.ID, 10)) + ctx.Redirect(setting.AppSubURL + "/-/admin/users/" + strconv.FormatInt(u.ID, 10)) } // DeleteAvatar render delete avatar page @@ -552,5 +552,5 @@ func DeleteAvatar(ctx *context.Context) { ctx.Flash.Error(err.Error()) } - ctx.JSONRedirect(setting.AppSubURL + "/admin/users/" + strconv.FormatInt(u.ID, 10)) + ctx.JSONRedirect(setting.AppSubURL + "/-/admin/users/" + strconv.FormatInt(u.ID, 10)) } diff --git a/routers/web/repo/setting/runners.go b/routers/web/repo/setting/runners.go index 93e6f518b0..3141d8f42a 100644 --- a/routers/web/repo/setting/runners.go +++ b/routers/web/repo/setting/runners.go @@ -76,7 +76,7 @@ func getRunnersCtx(ctx *context.Context) (*runnersCtx, error) { IsAdmin: true, RunnersTemplate: tplAdminRunners, RunnerEditTemplate: tplAdminRunnerEdit, - RedirectLink: setting.AppSubURL + "/admin/actions/runners/", + RedirectLink: setting.AppSubURL + "/-/admin/actions/runners/", }, nil } diff --git a/routers/web/repo/setting/variables.go b/routers/web/repo/setting/variables.go index 45b6c0f39a..cc2e619f66 100644 --- a/routers/web/repo/setting/variables.go +++ b/routers/web/repo/setting/variables.go @@ -74,7 +74,7 @@ func getVariablesCtx(ctx *context.Context) (*variablesCtx, error) { RepoID: 0, IsGlobal: true, VariablesTemplate: tplAdminVariables, - RedirectLink: setting.AppSubURL + "/admin/actions/variables", + RedirectLink: setting.AppSubURL + "/-/admin/actions/variables", }, nil } diff --git a/routers/web/repo/setting/webhook.go b/routers/web/repo/setting/webhook.go index 7661599729..8d548c4e3d 100644 --- a/routers/web/repo/setting/webhook.go +++ b/routers/web/repo/setting/webhook.go @@ -100,8 +100,8 @@ func getOwnerRepoCtx(ctx *context.Context) (*ownerRepoCtx, error) { return &ownerRepoCtx{ IsAdmin: true, IsSystemWebhook: ctx.PathParam(":configType") == "system-hooks", - Link: path.Join(setting.AppSubURL, "/admin/hooks"), - LinkNew: path.Join(setting.AppSubURL, "/admin/", ctx.PathParam(":configType")), + Link: path.Join(setting.AppSubURL, "/-/admin/hooks"), + LinkNew: path.Join(setting.AppSubURL, "/-/admin/", ctx.PathParam(":configType")), NewTemplate: tplAdminHookNew, }, nil } diff --git a/routers/web/web.go b/routers/web/web.go index 69258bca18..80399ec499 100644 --- a/routers/web/web.go +++ b/routers/web/web.go @@ -683,7 +683,7 @@ func registerRoutes(m *web.Router) { adminReq := verifyAuthWithOptions(&common.VerifyOptions{SignInRequired: true, AdminRequired: true}) // ***** START: Admin ***** - m.Group("/admin", func() { + m.Group("/-/admin", func() { m.Get("", admin.Dashboard) m.Get("/system_status", admin.SystemStatus) m.Post("", web.Bind(forms.AdminDashboardForm{}), admin.DashboardPost) diff --git a/templates/admin/auth/list.tmpl b/templates/admin/auth/list.tmpl index 174dda1e2a..7057169895 100644 --- a/templates/admin/auth/list.tmpl +++ b/templates/admin/auth/list.tmpl @@ -3,7 +3,7 @@

{{ctx.Locale.Tr "admin.auths.auth_manage_panel"}} ({{ctx.Locale.Tr "admin.total" .Total}})
- {{ctx.Locale.Tr "admin.auths.new"}} + {{ctx.Locale.Tr "admin.auths.new"}}

@@ -23,12 +23,12 @@ {{range .Sources}} {{.ID}} - {{.Name}} + {{.Name}} {{.TypeName}} {{svg (Iif .IsActive "octicon-check" "octicon-x")}} {{DateTime "short" .UpdatedUnix}} {{DateTime "short" .CreatedUnix}} - {{svg "octicon-pencil"}} + {{svg "octicon-pencil"}} {{end}} diff --git a/templates/admin/config.tmpl b/templates/admin/config.tmpl index 87f18192a6..29a5e1b473 100644 --- a/templates/admin/config.tmpl +++ b/templates/admin/config.tmpl @@ -231,7 +231,7 @@
{{ctx.Locale.Tr "admin.config.send_test_mail"}}
-
+ {{.CsrfTokenHtml}}
@@ -263,7 +263,7 @@
{{ctx.Locale.Tr "admin.config.cache_test"}}
- + {{.CsrfTokenHtml}}
diff --git a/templates/admin/config_settings.tmpl b/templates/admin/config_settings.tmpl index 02ab5fd0fb..6b9bb8275c 100644 --- a/templates/admin/config_settings.tmpl +++ b/templates/admin/config_settings.tmpl @@ -24,7 +24,7 @@ {{ctx.Locale.Tr "repository"}}
-
+
{{ctx.Locale.Tr "admin.config.open_with_editor_app_help"}} diff --git a/templates/admin/cron.tmpl b/templates/admin/cron.tmpl index bb412ef146..1c16ed00ae 100644 --- a/templates/admin/cron.tmpl +++ b/templates/admin/cron.tmpl @@ -4,7 +4,7 @@ {{ctx.Locale.Tr "admin.monitor.cron"}}
- + diff --git a/templates/admin/dashboard.tmpl b/templates/admin/dashboard.tmpl index b82922df0c..af2349d288 100644 --- a/templates/admin/dashboard.tmpl +++ b/templates/admin/dashboard.tmpl @@ -9,7 +9,7 @@ {{ctx.Locale.Tr "admin.dashboard.maintenance_operations"}}
- + {{.CsrfTokenHtml}}
diff --git a/templates/admin/emails/list.tmpl b/templates/admin/emails/list.tmpl index 93fbb9dfc2..835b77ea17 100644 --- a/templates/admin/emails/list.tmpl +++ b/templates/admin/emails/list.tmpl @@ -80,7 +80,7 @@

{{ctx.Locale.Tr "admin.emails.change_email_text"}}

- + {{$.CsrfTokenHtml}} diff --git a/templates/admin/navbar.tmpl b/templates/admin/navbar.tmpl index 1b3b9d6efc..4116357d1d 100644 --- a/templates/admin/navbar.tmpl +++ b/templates/admin/navbar.tmpl @@ -5,10 +5,10 @@
{{ctx.Locale.Tr "admin.maintenance"}}
- + {{ctx.Locale.Tr "admin.dashboard"}} - + {{ctx.Locale.Tr "admin.self_check"}}
@@ -16,16 +16,16 @@
{{ctx.Locale.Tr "admin.identity_access"}}
- + {{ctx.Locale.Tr "admin.authentication"}} - + {{ctx.Locale.Tr "admin.organizations"}} - + {{ctx.Locale.Tr "admin.users"}} - + {{ctx.Locale.Tr "admin.emails"}}
@@ -34,11 +34,11 @@ {{ctx.Locale.Tr "admin.assets"}}
{{if .EnablePackages}} - + {{ctx.Locale.Tr "packages.title"}} {{end}} - + {{ctx.Locale.Tr "admin.repositories"}}
@@ -48,22 +48,22 @@
{{ctx.Locale.Tr "admin.integrations"}}
- + {{ctx.Locale.Tr "settings.applications"}} - + {{ctx.Locale.Tr "admin.hooks"}}
{{else}} {{if not DisableWebhooks}} - + {{ctx.Locale.Tr "admin.hooks"}} {{end}} {{if .EnableOAuth2}} - + {{ctx.Locale.Tr "settings.applications"}} {{end}} @@ -72,10 +72,10 @@
{{ctx.Locale.Tr "actions.actions"}}
- + {{ctx.Locale.Tr "actions.runners"}} - + {{ctx.Locale.Tr "actions.variables"}}
@@ -84,30 +84,30 @@
{{ctx.Locale.Tr "admin.config"}}
- + {{ctx.Locale.Tr "admin.config_summary"}} - + {{ctx.Locale.Tr "admin.config_settings"}}
- + {{ctx.Locale.Tr "admin.notices"}}
{{ctx.Locale.Tr "admin.monitor"}}
- + {{ctx.Locale.Tr "admin.monitor.stats"}} - + {{ctx.Locale.Tr "admin.monitor.cron"}} - + {{ctx.Locale.Tr "admin.monitor.queues"}} - + {{ctx.Locale.Tr "admin.monitor.stacktrace"}}
diff --git a/templates/admin/notice.tmpl b/templates/admin/notice.tmpl index 68703cc884..6e7eed7678 100644 --- a/templates/admin/notice.tmpl +++ b/templates/admin/notice.tmpl @@ -31,7 +31,7 @@
- + {{.CsrfTokenHtml}} diff --git a/templates/admin/packages/list.tmpl b/templates/admin/packages/list.tmpl index d1d77b6220..a5ad93b89c 100644 --- a/templates/admin/packages/list.tmpl +++ b/templates/admin/packages/list.tmpl @@ -5,7 +5,7 @@ {{ctx.Locale.Tr "admin.packages.total_size" (FileSize .TotalBlobSize)}}, {{ctx.Locale.Tr "admin.packages.unreferenced_size" (FileSize .TotalUnreferencedBlobSize)}})
-
+ {{.CsrfTokenHtml}}
diff --git a/templates/admin/repo/list.tmpl b/templates/admin/repo/list.tmpl index 69031e42eb..77a275427a 100644 --- a/templates/admin/repo/list.tmpl +++ b/templates/admin/repo/list.tmpl @@ -3,7 +3,7 @@

{{ctx.Locale.Tr "admin.repos.repo_manage_panel"}} ({{ctx.Locale.Tr "admin.total" .Total}})
- {{ctx.Locale.Tr "admin.repos.unadopted"}} + {{ctx.Locale.Tr "admin.repos.unadopted"}}

diff --git a/templates/admin/repo/unadopted.tmpl b/templates/admin/repo/unadopted.tmpl index a95f6b5120..6f26fa5291 100644 --- a/templates/admin/repo/unadopted.tmpl +++ b/templates/admin/repo/unadopted.tmpl @@ -3,7 +3,7 @@

{{ctx.Locale.Tr "admin.repos.unadopted"}}
- {{ctx.Locale.Tr "admin.repos.repo_manage_panel"}} + {{ctx.Locale.Tr "admin.repos.repo_manage_panel"}}

@@ -31,7 +31,7 @@

{{ctx.Locale.Tr "repo.adopt_preexisting_content" $dir}}

-
+ {{$.CsrfTokenHtml}} @@ -48,7 +48,7 @@

{{ctx.Locale.Tr "repo.delete_preexisting_content" $dir}}

- + {{$.CsrfTokenHtml}} diff --git a/templates/admin/stacktrace.tmpl b/templates/admin/stacktrace.tmpl index e324570c96..ce03d80555 100644 --- a/templates/admin/stacktrace.tmpl +++ b/templates/admin/stacktrace.tmpl @@ -8,7 +8,7 @@ {{ctx.Locale.Tr "admin.monitor.stacktrace"}}
- +
{{ctx.Locale.Tr "tool.raw_seconds"}} diff --git a/templates/admin/user/list.tmpl b/templates/admin/user/list.tmpl index bc54d33431..bc3d83fc5c 100644 --- a/templates/admin/user/list.tmpl +++ b/templates/admin/user/list.tmpl @@ -3,7 +3,7 @@

{{ctx.Locale.Tr "admin.users.user_manage_panel"}} ({{ctx.Locale.Tr "admin.total" .Total}})
- {{ctx.Locale.Tr "admin.users.new_account"}} + {{ctx.Locale.Tr "admin.users.new_account"}}

diff --git a/templates/base/footer_content.tmpl b/templates/base/footer_content.tmpl index 8d0d8e669c..4b9d9f5bbe 100644 --- a/templates/base/footer_content.tmpl +++ b/templates/base/footer_content.tmpl @@ -6,7 +6,7 @@ {{if (or .ShowFooterVersion .PageIsAdmin)}} {{ctx.Locale.Tr "version"}}: {{if .IsAdmin}} - {{AppVer}} + {{AppVer}} {{else}} {{AppVer}} {{end}} diff --git a/templates/base/head_navbar.tmpl b/templates/base/head_navbar.tmpl index 7be2d96d74..951ee590d1 100644 --- a/templates/base/head_navbar.tmpl +++ b/templates/base/head_navbar.tmpl @@ -158,7 +158,7 @@ {{if .IsAdmin}}
- + {{svg "octicon-server"}} {{ctx.Locale.Tr "admin_panel"}} diff --git a/templates/shared/user/profile_big_avatar.tmpl b/templates/shared/user/profile_big_avatar.tmpl index 1069209495..50d707176d 100644 --- a/templates/shared/user/profile_big_avatar.tmpl +++ b/templates/shared/user/profile_big_avatar.tmpl @@ -14,7 +14,7 @@
{{if .ContextUser.FullName}}{{.ContextUser.FullName}}{{end}} {{.ContextUser.Name}} {{if .IsAdmin}} - + {{svg "octicon-gear" 18}} {{end}} diff --git a/tests/integration/admin_config_test.go b/tests/integration/admin_config_test.go index 860a92d6a3..eec7e75fd9 100644 --- a/tests/integration/admin_config_test.go +++ b/tests/integration/admin_config_test.go @@ -17,7 +17,7 @@ func TestAdminConfig(t *testing.T) { defer tests.PrepareTestEnv(t)() session := loginUser(t, "user1") - req := NewRequest(t, "GET", "/admin/config") + req := NewRequest(t, "GET", "/-/admin/config") resp := session.MakeRequest(t, req, http.StatusOK) assert.True(t, test.IsNormalPageCompleted(resp.Body.String())) } diff --git a/tests/integration/admin_user_test.go b/tests/integration/admin_user_test.go index 090e60da29..d5d7e70bc7 100644 --- a/tests/integration/admin_user_test.go +++ b/tests/integration/admin_user_test.go @@ -19,11 +19,11 @@ func TestAdminViewUsers(t *testing.T) { defer tests.PrepareTestEnv(t)() session := loginUser(t, "user1") - req := NewRequest(t, "GET", "/admin/users") + req := NewRequest(t, "GET", "/-/admin/users") session.MakeRequest(t, req, http.StatusOK) session = loginUser(t, "user2") - req = NewRequest(t, "GET", "/admin/users") + req = NewRequest(t, "GET", "/-/admin/users") session.MakeRequest(t, req, http.StatusForbidden) } @@ -31,11 +31,11 @@ func TestAdminViewUser(t *testing.T) { defer tests.PrepareTestEnv(t)() session := loginUser(t, "user1") - req := NewRequest(t, "GET", "/admin/users/1") + req := NewRequest(t, "GET", "/-/admin/users/1") session.MakeRequest(t, req, http.StatusOK) session = loginUser(t, "user2") - req = NewRequest(t, "GET", "/admin/users/1") + req = NewRequest(t, "GET", "/-/admin/users/1") session.MakeRequest(t, req, http.StatusForbidden) } @@ -52,7 +52,7 @@ func testSuccessfullEdit(t *testing.T, formData user_model.User) { func makeRequest(t *testing.T, formData user_model.User, headerCode int) { session := loginUser(t, "user1") csrf := GetUserCSRFToken(t, session) - req := NewRequestWithValues(t, "POST", "/admin/users/"+strconv.Itoa(int(formData.ID))+"/edit", map[string]string{ + req := NewRequestWithValues(t, "POST", "/-/admin/users/"+strconv.Itoa(int(formData.ID))+"/edit", map[string]string{ "_csrf": csrf, "user_name": formData.Name, "login_name": formData.LoginName, @@ -73,7 +73,7 @@ func TestAdminDeleteUser(t *testing.T) { session := loginUser(t, "user1") csrf := GetUserCSRFToken(t, session) - req := NewRequestWithValues(t, "POST", "/admin/users/8/delete", map[string]string{ + req := NewRequestWithValues(t, "POST", "/-/admin/users/8/delete", map[string]string{ "_csrf": csrf, }) session.MakeRequest(t, req, http.StatusSeeOther) diff --git a/tests/integration/auth_ldap_test.go b/tests/integration/auth_ldap_test.go index deb79187eb..8c8b6b02d1 100644 --- a/tests/integration/auth_ldap_test.go +++ b/tests/integration/auth_ldap_test.go @@ -157,7 +157,7 @@ func addAuthSourceLDAP(t *testing.T, sshKeyAttribute, groupFilter string, groupM } session := loginUser(t, "user1") csrf := GetUserCSRFToken(t, session) - req := NewRequestWithValues(t, "POST", "/admin/auths/new", buildAuthSourceLDAPPayload(csrf, sshKeyAttribute, groupFilter, groupTeamMap, groupTeamMapRemoval)) + req := NewRequestWithValues(t, "POST", "/-/admin/auths/new", buildAuthSourceLDAPPayload(csrf, sshKeyAttribute, groupFilter, groupTeamMap, groupTeamMapRemoval)) session.MakeRequest(t, req, http.StatusSeeOther) } @@ -187,7 +187,7 @@ func TestLDAPAuthChange(t *testing.T) { addAuthSourceLDAP(t, "", "") session := loginUser(t, "user1") - req := NewRequest(t, "GET", "/admin/auths") + req := NewRequest(t, "GET", "/-/admin/auths") resp := session.MakeRequest(t, req, http.StatusOK) doc := NewHTMLParser(t, resp.Body) href, exists := doc.Find("table.table td a").Attr("href") @@ -255,11 +255,11 @@ func TestLDAPUserSyncWithEmptyUsernameAttribute(t *testing.T) { csrf := GetUserCSRFToken(t, session) payload := buildAuthSourceLDAPPayload(csrf, "", "", "", "") payload["attribute_username"] = "" - req := NewRequestWithValues(t, "POST", "/admin/auths/new", payload) + req := NewRequestWithValues(t, "POST", "/-/admin/auths/new", payload) session.MakeRequest(t, req, http.StatusSeeOther) for _, u := range gitLDAPUsers { - req := NewRequest(t, "GET", "/admin/users?q="+u.UserName) + req := NewRequest(t, "GET", "/-/admin/users?q="+u.UserName) resp := session.MakeRequest(t, req, http.StatusOK) htmlDoc := NewHTMLParser(t, resp.Body) @@ -488,6 +488,6 @@ func TestLDAPPreventInvalidGroupTeamMap(t *testing.T) { session := loginUser(t, "user1") csrf := GetUserCSRFToken(t, session) - req := NewRequestWithValues(t, "POST", "/admin/auths/new", buildAuthSourceLDAPPayload(csrf, "", "", `{"NOT_A_VALID_JSON"["MISSING_DOUBLE_POINT"]}`, "off")) + req := NewRequestWithValues(t, "POST", "/-/admin/auths/new", buildAuthSourceLDAPPayload(csrf, "", "", `{"NOT_A_VALID_JSON"["MISSING_DOUBLE_POINT"]}`, "off")) session.MakeRequest(t, req, http.StatusOK) // StatusOK = failed, StatusSeeOther = ok } diff --git a/tests/integration/user_test.go b/tests/integration/user_test.go index 53d88aeb37..2ba16b3d36 100644 --- a/tests/integration/user_test.go +++ b/tests/integration/user_test.go @@ -97,7 +97,6 @@ func TestRenameReservedUsername(t *testing.T) { reservedUsernames := []string{ // ".", "..", ".well-known", // The names are not only reserved but also invalid - "admin", "api", "assets", "attachments", diff --git a/web_src/js/features/admin/config.ts b/web_src/js/features/admin/config.ts index 4ccbbacd5b..0d130703ae 100644 --- a/web_src/js/features/admin/config.ts +++ b/web_src/js/features/admin/config.ts @@ -10,7 +10,7 @@ export function initAdminConfigs() { for (const el of elAdminConfig.querySelectorAll('input[type="checkbox"][data-config-dyn-key]')) { el.addEventListener('change', async () => { try { - const resp = await POST(`${appSubUrl}/admin/config`, { + const resp = await POST(`${appSubUrl}/-/admin/config`, { data: new URLSearchParams({key: el.getAttribute('data-config-dyn-key'), value: el.checked}), }); const json = await resp.json(); diff --git a/web_src/js/features/admin/selfcheck.ts b/web_src/js/features/admin/selfcheck.ts index 498c52ffb5..925a50130f 100644 --- a/web_src/js/features/admin/selfcheck.ts +++ b/web_src/js/features/admin/selfcheck.ts @@ -10,7 +10,7 @@ export async function initAdminSelfCheck() { const elContent = document.querySelector('.page-content.admin .admin-setting-content'); // send frontend self-check request - const resp = await POST(`${appSubUrl}/admin/self_check`, { + const resp = await POST(`${appSubUrl}/-/admin/self_check`, { data: new URLSearchParams({ location_origin: window.location.origin, now: Date.now(), // TODO: check time difference between server and client From 6029d78ab5006e8fb4f42adb5a8c491f19fa7b0a Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Thu, 10 Oct 2024 17:04:42 +0800 Subject: [PATCH 09/27] Improve the maintainblity of the reserved username list (#32229) --- models/user/user.go | 64 ++++++++++++++++++---------------- services/user/user_test.go | 8 ++--- tests/integration/user_test.go | 45 +++++------------------- 3 files changed, 45 insertions(+), 72 deletions(-) diff --git a/models/user/user.go b/models/user/user.go index c1e3d5d1c7..c1cb988e43 100644 --- a/models/user/user.go +++ b/models/user/user.go @@ -565,41 +565,43 @@ var ( ".", "..", ".well-known", - "api", - "assets", - "attachments", - "avatar", - "avatars", - "captcha", - "commits", - "debug", - "error", - "explore", - "favicon.ico", - "ghost", - "issues", - "login", - "manifest.json", - "metrics", - "milestones", - "new", - "notifications", - "org", - "pulls", - "raw", - "repo", + + "api", // gitea api + "metrics", // prometheus metrics api + "v2", // container registry api + + "assets", // static asset files + "attachments", // issue attachments + + "avatar", // avatar by email hash + "avatars", // user avatars by file name "repo-avatars", - "robots.txt", - "search", - "serviceworker.js", - "ssh_info", + + "captcha", + "login", // oauth2 login + "org", // org create/manage, or "/org/{org}", BUT if an org is named as "invite" then it goes wrong + "repo", // repo create/migrate, etc + "user", // user login/activate/settings, etc + + "explore", + "issues", + "pulls", + "milestones", + "notifications", + + "favicon.ico", + "manifest.json", // web app manifests + "robots.txt", // search engine robots + "sitemap.xml", // search engine sitemap + "ssh_info", // agit info "swagger.v1.json", - "user", - "v2", - "gitea-actions", + + "ghost", // reserved name for deleted users (id: -1) + "gitea-actions", // gitea builtin user (id: -2) } - // DON'T ADD ANY NEW STUFF, WE SOLVE THIS WITH `/user/{obj}` PATHS! + // These names are reserved for user accounts: user's keys, user's rss feed, user's avatar, etc. + // DO NOT add any new stuff! The paths with these names are processed by `/{username}` handler (UsernameSubRoute) manually. reservedUserPatterns = []string{"*.keys", "*.gpg", "*.rss", "*.atom", "*.png"} ) diff --git a/services/user/user_test.go b/services/user/user_test.go index cd0f597501..efcbc669c8 100644 --- a/services/user/user_test.go +++ b/services/user/user_test.go @@ -114,12 +114,10 @@ func TestRenameUser(t *testing.T) { }) t.Run("Non usable username", func(t *testing.T) { - usernames := []string{"--diff", "aa.png", ".well-known", "search", "aaa.atom"} + usernames := []string{"--diff", ".well-known", "gitea-actions", "aaa.atom", "aa.png"} for _, username := range usernames { - t.Run(username, func(t *testing.T) { - assert.Error(t, user_model.IsUsableUsername(username)) - assert.Error(t, RenameUser(db.DefaultContext, user, username)) - }) + assert.Error(t, user_model.IsUsableUsername(username), "non-usable username: %s", username) + assert.Error(t, RenameUser(db.DefaultContext, user, username), "non-usable username: %s", username) } }) diff --git a/tests/integration/user_test.go b/tests/integration/user_test.go index 2ba16b3d36..99e413c6d9 100644 --- a/tests/integration/user_test.go +++ b/tests/integration/user_test.go @@ -5,6 +5,7 @@ package integration import ( "net/http" + "strings" "testing" auth_model "code.gitea.io/gitea/models/auth" @@ -98,41 +99,12 @@ func TestRenameReservedUsername(t *testing.T) { reservedUsernames := []string{ // ".", "..", ".well-known", // The names are not only reserved but also invalid "api", - "assets", - "attachments", - "avatar", - "avatars", - "captcha", - "commits", - "debug", - "error", - "explore", - "favicon.ico", - "ghost", - "issues", - "login", - "manifest.json", - "metrics", - "milestones", - "new", - "notifications", - "org", - "pulls", - "raw", - "repo", - "repo-avatars", - "robots.txt", - "search", - "serviceworker.js", - "ssh_info", - "swagger.v1.json", - "user", - "v2", + "name.keys", } session := loginUser(t, "user2") + locale := translation.NewLocale("en-US") for _, reservedUsername := range reservedUsernames { - t.Logf("Testing username %s", reservedUsername) req := NewRequestWithValues(t, "POST", "/user/settings", map[string]string{ "_csrf": GetUserCSRFToken(t, session), "name": reservedUsername, @@ -144,11 +116,12 @@ func TestRenameReservedUsername(t *testing.T) { req = NewRequest(t, "GET", test.RedirectURL(resp)) resp = session.MakeRequest(t, req, http.StatusOK) htmlDoc := NewHTMLParser(t, resp.Body) - assert.Contains(t, - htmlDoc.doc.Find(".ui.negative.message").Text(), - translation.NewLocale("en-US").TrString("user.form.name_reserved", reservedUsername), - ) - + actualMsg := strings.TrimSpace(htmlDoc.doc.Find(".ui.negative.message").Text()) + expectedMsg := locale.TrString("user.form.name_reserved", reservedUsername) + if strings.Contains(reservedUsername, ".") { + expectedMsg = locale.TrString("user.form.name_pattern_not_allowed", reservedUsername) + } + assert.Equal(t, expectedMsg, actualMsg) unittest.AssertNotExistsBean(t, &user_model.User{Name: reservedUsername}) } } From cb739f533358a8cf6e1b6875b3d4f0da3bfa7c95 Mon Sep 17 00:00:00 2001 From: cloudchamb3r Date: Fri, 11 Oct 2024 02:12:27 +0900 Subject: [PATCH 10/27] Fix checkbox bug on private/archive filter (#32236) fix #32235 --------- Co-authored-by: wxiaoguang --- web_src/js/components/DashboardRepoList.vue | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/web_src/js/components/DashboardRepoList.vue b/web_src/js/components/DashboardRepoList.vue index ce165b1b3d..986fcc1181 100644 --- a/web_src/js/components/DashboardRepoList.vue +++ b/web_src/js/components/DashboardRepoList.vue @@ -362,9 +362,9 @@ export default sfc; // activate the IDE's Vue plugin
- - +
- +
-
- - {{svg "octicon-triangle-down" 14 "dropdown icon"}} - {{svg "octicon-x" 14 "remove icon"}} -
clearable search dropdown
-
-
item
+
sm1
+
sm2
+
medium1
+
medium2
+
large item1
+
large item2
+
large item3
+
very large item test 1
+
very large item test 2
+
very large item test 3
@@ -50,6 +51,27 @@
+
+
+ + {{svg "octicon-triangle-down" 14 "dropdown icon"}} + {{svg "octicon-x" 14 "remove icon"}} +
clearable search dropdown
+
+
item
+
sm1
+
sm2
+
medium1
+
medium2
+
large item1
+
large item2
+
large item3
+
very large item test 1
+
very large item test 2
+
very large item test 3
+
+
+

Selection

diff --git a/web_src/css/base.css b/web_src/css/base.css index 223d9fbad6..8d9f810ef8 100644 --- a/web_src/css/base.css +++ b/web_src/css/base.css @@ -1364,6 +1364,10 @@ table th[data-sortt-desc] .svg { min-width: 0; /* make ellipsis work */ } +.ui.multiple.selection.dropdown { + flex-wrap: wrap; +} + .ui.ui.dropdown.selection { min-width: 14em; /* match the default min width */ } From 9df5ddaf44aa5a3f319acba7b18645b7b1d4d8a2 Mon Sep 17 00:00:00 2001 From: Lunny Xiao Date: Sun, 13 Oct 2024 11:13:55 +0800 Subject: [PATCH 16/27] Only rename a user when they should receive a different name (#32247) Fix #31996 --- services/user/user.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/services/user/user.go b/services/user/user.go index 2287e36c71..9aded62a51 100644 --- a/services/user/user.go +++ b/services/user/user.go @@ -32,6 +32,10 @@ import ( // RenameUser renames a user func RenameUser(ctx context.Context, u *user_model.User, newUserName string) error { + if newUserName == u.Name { + return nil + } + // Non-local users are not allowed to change their username. if !u.IsOrganization() && !u.IsLocal() { return user_model.ErrUserIsNotLocal{ @@ -40,10 +44,6 @@ func RenameUser(ctx context.Context, u *user_model.User, newUserName string) err } } - if newUserName == u.Name { - return nil - } - if err := user_model.IsUsableUsername(newUserName); err != nil { return err } From 74664b08a004393ce013e872e47901f52645b65a Mon Sep 17 00:00:00 2001 From: Zettat123 Date: Mon, 14 Oct 2024 03:58:13 +0800 Subject: [PATCH 17/27] Support migrating GitHub/GitLab PR draft status (#32242) Resolve #32196 --- modules/migration/pullrequest.go | 1 + services/migrations/gitea_uploader.go | 7 ++++++- services/migrations/github.go | 1 + services/migrations/gitlab.go | 1 + 4 files changed, 9 insertions(+), 1 deletion(-) diff --git a/modules/migration/pullrequest.go b/modules/migration/pullrequest.go index 1435991bd2..fbfdff0315 100644 --- a/modules/migration/pullrequest.go +++ b/modules/migration/pullrequest.go @@ -37,6 +37,7 @@ type PullRequest struct { ForeignIndex int64 Context DownloaderContext `yaml:"-"` EnsuredSafe bool `yaml:"ensured_safe"` + IsDraft bool `yaml:"is_draft"` } func (p *PullRequest) GetLocalIndex() int64 { return p.Number } diff --git a/services/migrations/gitea_uploader.go b/services/migrations/gitea_uploader.go index 4c8e036f05..eb21b6534b 100644 --- a/services/migrations/gitea_uploader.go +++ b/services/migrations/gitea_uploader.go @@ -760,10 +760,15 @@ func (g *GiteaLocalUploader) newPullRequest(pr *base.PullRequest) (*issues_model pr.Updated = pr.Created } + prTitle := pr.Title + if pr.IsDraft && !issues_model.HasWorkInProgressPrefix(pr.Title) { + prTitle = fmt.Sprintf("%s %s", setting.Repository.PullRequest.WorkInProgressPrefixes[0], pr.Title) + } + issue := issues_model.Issue{ RepoID: g.repo.ID, Repo: g.repo, - Title: pr.Title, + Title: prTitle, Index: pr.Number, Content: pr.Content, MilestoneID: milestoneID, diff --git a/services/migrations/github.go b/services/migrations/github.go index a36b02ca8b..604ab84b39 100644 --- a/services/migrations/github.go +++ b/services/migrations/github.go @@ -737,6 +737,7 @@ func (g *GithubDownloaderV3) GetPullRequests(page, perPage int) ([]*base.PullReq PatchURL: pr.GetPatchURL(), // see below for SECURITY related issues here Reactions: reactions, ForeignIndex: int64(*pr.Number), + IsDraft: pr.GetDraft(), }) // SECURITY: Ensure that the PR is safe diff --git a/services/migrations/gitlab.go b/services/migrations/gitlab.go index 065b687fa6..295bc7c29f 100644 --- a/services/migrations/gitlab.go +++ b/services/migrations/gitlab.go @@ -722,6 +722,7 @@ func (g *GitlabDownloader) GetPullRequests(page, perPage int) ([]*base.PullReque PatchURL: pr.WebURL + ".patch", ForeignIndex: int64(pr.IID), Context: gitlabIssueContext{IsMergeRequest: true}, + IsDraft: pr.Draft, }) // SECURITY: Ensure that the PR is safe From 81aec6d621a3ea0dfb02d3b4d20b9be77c30c6ab Mon Sep 17 00:00:00 2001 From: Zettat123 Date: Mon, 14 Oct 2024 04:28:32 +0800 Subject: [PATCH 18/27] Update scheduled tasks even if changes are pushed by "ActionsUser" (#32246) Fix #32219 --------- Co-authored-by: delvh --- services/actions/notifier_helper.go | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/services/actions/notifier_helper.go b/services/actions/notifier_helper.go index b21d889d03..323c6a76e4 100644 --- a/services/actions/notifier_helper.go +++ b/services/actions/notifier_helper.go @@ -116,11 +116,20 @@ func (input *notifyInput) Notify(ctx context.Context) { } func notify(ctx context.Context, input *notifyInput) error { + shouldDetectSchedules := input.Event == webhook_module.HookEventPush && input.Ref.BranchName() == input.Repo.DefaultBranch if input.Doer.IsActions() { // avoiding triggering cyclically, for example: // a comment of an issue will trigger the runner to add a new comment as reply, // and the new comment will trigger the runner again. log.Debug("ignore executing %v for event %v whose doer is %v", getMethod(ctx), input.Event, input.Doer.Name) + + // we should update schedule tasks in this case, because + // 1. schedule tasks cannot be triggered by other events, so cyclic triggering will not occur + // 2. some schedule tasks may update the repo periodically, so the refs of schedule tasks need to be updated + if shouldDetectSchedules { + return DetectAndHandleSchedules(ctx, input.Repo) + } + return nil } if input.Repo.IsEmpty || input.Repo.IsArchived { @@ -174,7 +183,6 @@ func notify(ctx context.Context, input *notifyInput) error { var detectedWorkflows []*actions_module.DetectedWorkflow actionsConfig := input.Repo.MustGetUnit(ctx, unit_model.TypeActions).ActionsConfig() - shouldDetectSchedules := input.Event == webhook_module.HookEventPush && input.Ref.BranchName() == input.Repo.DefaultBranch workflows, schedules, err := actions_module.DetectWorkflows(gitRepo, commit, input.Event, input.Payload, From c4b2808b896dd86323c6a0d119c8cf24752d4d8a Mon Sep 17 00:00:00 2001 From: a1012112796 <1012112796@qq.com> Date: Tue, 15 Oct 2024 05:23:20 +0800 Subject: [PATCH 19/27] make `show stats` work when only one file changed (#32244) fix https://github.com/go-gitea/gitea/issues/32226 in https://github.com/go-gitea/gitea/pull/27775 , it do some changes to only show diff file tree when more than one file changed. But looks it also break the `diff-file-list` logic, which looks not expected change. so try fix it. /cc @silverwind example view: ![image](https://github.com/user-attachments/assets/281e9c4f-a269-4d36-94eb-a132058aea87) Signed-off-by: a1012112796 <1012112796@qq.com> --- web_src/js/features/repo-diff-filetree.ts | 2 ++ web_src/js/features/repo-diff.ts | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/web_src/js/features/repo-diff-filetree.ts b/web_src/js/features/repo-diff-filetree.ts index 6d9533d066..bc275a90f6 100644 --- a/web_src/js/features/repo-diff-filetree.ts +++ b/web_src/js/features/repo-diff-filetree.ts @@ -8,7 +8,9 @@ export function initDiffFileTree() { const fileTreeView = createApp(DiffFileTree); fileTreeView.mount(el); +} +export function initDiffFileList() { const fileListElement = document.querySelector('#diff-file-list'); if (!fileListElement) return; diff --git a/web_src/js/features/repo-diff.ts b/web_src/js/features/repo-diff.ts index 5d6388a43e..a0bd9955fe 100644 --- a/web_src/js/features/repo-diff.ts +++ b/web_src/js/features/repo-diff.ts @@ -1,7 +1,7 @@ import $ from 'jquery'; import {initCompReactionSelector} from './comp/ReactionSelector.ts'; import {initRepoIssueContentHistory} from './repo-issue-content.ts'; -import {initDiffFileTree} from './repo-diff-filetree.ts'; +import {initDiffFileTree, initDiffFileList} from './repo-diff-filetree.ts'; import {initDiffCommitSelect} from './repo-diff-commitselect.ts'; import {validateTextareaNonEmpty} from './comp/ComboMarkdownEditor.ts'; import {initViewedCheckboxListenerFor, countAndUpdateViewedFiles, initExpandAndCollapseFilesButton} from './pull-view-file.ts'; @@ -216,6 +216,7 @@ export function initRepoDiffView() { initRepoDiffConversationForm(); if (!$('#diff-file-list').length) return; initDiffFileTree(); + initDiffFileList(); initDiffCommitSelect(); initRepoDiffShowMore(); initRepoDiffReviewButton(); From 5242e520c499bf72ec21a8df2dbdee825f98ed78 Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Tue, 15 Oct 2024 14:47:07 +0800 Subject: [PATCH 20/27] Make `owner/repo/pulls` handlers use "PR reader" permission (#32254) Fix #32253 (partially) --- routers/web/web.go | 55 ++++++++++++++++++++++++---------------------- 1 file changed, 29 insertions(+), 26 deletions(-) diff --git a/routers/web/web.go b/routers/web/web.go index 80399ec499..f28ec82c8f 100644 --- a/routers/web/web.go +++ b/routers/web/web.go @@ -1461,6 +1461,35 @@ func registerRoutes(m *web.Router) { ) // end "/{username}/{reponame}/activity" + m.Group("/{username}/{reponame}", func() { + m.Group("/pulls/{index}", func() { + m.Get("", repo.SetWhitespaceBehavior, repo.GetPullDiffStats, repo.ViewIssue) + m.Get(".diff", repo.DownloadPullDiff) + m.Get(".patch", repo.DownloadPullPatch) + m.Group("/commits", func() { + m.Get("", context.RepoRef(), repo.SetWhitespaceBehavior, repo.GetPullDiffStats, repo.ViewPullCommits) + m.Get("/list", context.RepoRef(), repo.GetPullCommits) + m.Get("/{sha:[a-f0-9]{7,40}}", context.RepoRef(), repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.SetWhitespaceBehavior, repo.SetShowOutdatedComments, repo.ViewPullFilesForSingleCommit) + }) + m.Post("/merge", context.RepoMustNotBeArchived(), web.Bind(forms.MergePullRequestForm{}), repo.MergePullRequest) + m.Post("/cancel_auto_merge", context.RepoMustNotBeArchived(), repo.CancelAutoMergePullRequest) + m.Post("/update", repo.UpdatePullRequest) + m.Post("/set_allow_maintainer_edit", web.Bind(forms.UpdateAllowEditsForm{}), repo.SetAllowEdits) + m.Post("/cleanup", context.RepoMustNotBeArchived(), context.RepoRef(), repo.CleanUpPullRequest) + m.Group("/files", func() { + m.Get("", context.RepoRef(), repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.SetWhitespaceBehavior, repo.SetShowOutdatedComments, repo.ViewPullFilesForAllCommitsOfPr) + m.Get("/{sha:[a-f0-9]{7,40}}", context.RepoRef(), repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.SetWhitespaceBehavior, repo.SetShowOutdatedComments, repo.ViewPullFilesStartingFromCommit) + m.Get("/{shaFrom:[a-f0-9]{7,40}}..{shaTo:[a-f0-9]{7,40}}", context.RepoRef(), repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.SetWhitespaceBehavior, repo.SetShowOutdatedComments, repo.ViewPullFilesForRange) + m.Group("/reviews", func() { + m.Get("/new_comment", repo.RenderNewCodeCommentForm) + m.Post("/comments", web.Bind(forms.CodeCommentForm{}), repo.SetShowOutdatedComments, repo.CreateCodeComment) + m.Post("/submit", web.Bind(forms.SubmitReviewForm{}), repo.SubmitReview) + }, context.RepoMustNotBeArchived()) + }) + }) + }, ignSignIn, context.RepoAssignment, repo.MustAllowPulls, reqRepoPullsReader) + // end "/{username}/{reponame}/pulls/{index}": repo pull request + m.Group("/{username}/{reponame}", func() { m.Group("/activity_author_data", func() { m.Get("", repo.ActivityAuthors) @@ -1499,32 +1528,6 @@ func registerRoutes(m *web.Router) { return cancel }) - m.Group("/pulls/{index}", func() { - m.Get("", repo.SetWhitespaceBehavior, repo.GetPullDiffStats, repo.ViewIssue) - m.Get(".diff", repo.DownloadPullDiff) - m.Get(".patch", repo.DownloadPullPatch) - m.Group("/commits", func() { - m.Get("", context.RepoRef(), repo.SetWhitespaceBehavior, repo.GetPullDiffStats, repo.ViewPullCommits) - m.Get("/list", context.RepoRef(), repo.GetPullCommits) - m.Get("/{sha:[a-f0-9]{7,40}}", context.RepoRef(), repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.SetWhitespaceBehavior, repo.SetShowOutdatedComments, repo.ViewPullFilesForSingleCommit) - }) - m.Post("/merge", context.RepoMustNotBeArchived(), web.Bind(forms.MergePullRequestForm{}), repo.MergePullRequest) - m.Post("/cancel_auto_merge", context.RepoMustNotBeArchived(), repo.CancelAutoMergePullRequest) - m.Post("/update", repo.UpdatePullRequest) - m.Post("/set_allow_maintainer_edit", web.Bind(forms.UpdateAllowEditsForm{}), repo.SetAllowEdits) - m.Post("/cleanup", context.RepoMustNotBeArchived(), context.RepoRef(), repo.CleanUpPullRequest) - m.Group("/files", func() { - m.Get("", context.RepoRef(), repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.SetWhitespaceBehavior, repo.SetShowOutdatedComments, repo.ViewPullFilesForAllCommitsOfPr) - m.Get("/{sha:[a-f0-9]{7,40}}", context.RepoRef(), repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.SetWhitespaceBehavior, repo.SetShowOutdatedComments, repo.ViewPullFilesStartingFromCommit) - m.Get("/{shaFrom:[a-f0-9]{7,40}}..{shaTo:[a-f0-9]{7,40}}", context.RepoRef(), repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.SetWhitespaceBehavior, repo.SetShowOutdatedComments, repo.ViewPullFilesForRange) - m.Group("/reviews", func() { - m.Get("/new_comment", repo.RenderNewCodeCommentForm) - m.Post("/comments", web.Bind(forms.CodeCommentForm{}), repo.SetShowOutdatedComments, repo.CreateCodeComment) - m.Post("/submit", web.Bind(forms.SubmitReviewForm{}), repo.SubmitReview) - }, context.RepoMustNotBeArchived()) - }) - }, repo.MustAllowPulls) - m.Group("/media", func() { m.Get("/branch/*", context.RepoRefByType(context.RepoRefBranch), repo.SingleDownloadOrLFS) m.Get("/tag/*", context.RepoRefByType(context.RepoRefTag), repo.SingleDownloadOrLFS) From d50ed0abf731a10741831d4b6dd54791e3e567ec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E8=B0=88=E7=AC=91=E9=A3=8E=E7=94=9F=E9=97=B4?= Date: Wed, 16 Oct 2024 17:10:05 +0800 Subject: [PATCH 21/27] Support requested_reviewers data in comment webhook events (#26178) close #25833 Currently, the information for "requested_reviewers" is only included in the webhook event for reviews. I would like to suggest adding this information to the webhook event for "PullRequest comment" as well, as they both pertain to the "PullRequest" event. Also, The reviewer information for the Pull Request is not displayed when it is approved or rejected. --- modules/structs/hook.go | 15 ++++---- services/webhook/notifier.go | 74 ++++++++++++++++++++---------------- 2 files changed, 50 insertions(+), 39 deletions(-) diff --git a/modules/structs/hook.go b/modules/structs/hook.go index c55e63db6b..db8b20e7e5 100644 --- a/modules/structs/hook.go +++ b/modules/structs/hook.go @@ -217,13 +217,14 @@ const ( // IssueCommentPayload represents a payload information of issue comment event. type IssueCommentPayload struct { - Action HookIssueCommentAction `json:"action"` - Issue *Issue `json:"issue"` - Comment *Comment `json:"comment"` - Changes *ChangesPayload `json:"changes,omitempty"` - Repository *Repository `json:"repository"` - Sender *User `json:"sender"` - IsPull bool `json:"is_pull"` + Action HookIssueCommentAction `json:"action"` + Issue *Issue `json:"issue"` + PullRequest *PullRequest `json:"pull_request,omitempty"` + Comment *Comment `json:"comment"` + Changes *ChangesPayload `json:"changes,omitempty"` + Repository *Repository `json:"repository"` + Sender *User `json:"sender"` + IsPull bool `json:"is_pull"` } // JSONPayload implements Payload diff --git a/services/webhook/notifier.go b/services/webhook/notifier.go index 53b1cc8c9c..38fad7f5e8 100644 --- a/services/webhook/notifier.go +++ b/services/webhook/notifier.go @@ -59,7 +59,7 @@ func (m *webhookNotifier) IssueClearLabels(ctx context.Context, doer *user_model err = PrepareWebhooks(ctx, EventSource{Repository: issue.Repo}, webhook_module.HookEventPullRequestLabel, &api.PullRequestPayload{ Action: api.HookIssueLabelCleared, Index: issue.Index, - PullRequest: convert.ToAPIPullRequest(ctx, issue.PullRequest, nil), + PullRequest: convert.ToAPIPullRequest(ctx, issue.PullRequest, doer), Repository: convert.ToRepo(ctx, issue.Repo, permission), Sender: convert.ToUser(ctx, doer, nil), }) @@ -150,7 +150,7 @@ func (m *webhookNotifier) IssueChangeAssignee(ctx context.Context, doer *user_mo } apiPullRequest := &api.PullRequestPayload{ Index: issue.Index, - PullRequest: convert.ToAPIPullRequest(ctx, issue.PullRequest, nil), + PullRequest: convert.ToAPIPullRequest(ctx, issue.PullRequest, doer), Repository: convert.ToRepo(ctx, issue.Repo, permission), Sender: convert.ToUser(ctx, doer, nil), } @@ -201,7 +201,7 @@ func (m *webhookNotifier) IssueChangeTitle(ctx context.Context, doer *user_model From: oldTitle, }, }, - PullRequest: convert.ToAPIPullRequest(ctx, issue.PullRequest, nil), + PullRequest: convert.ToAPIPullRequest(ctx, issue.PullRequest, doer), Repository: convert.ToRepo(ctx, issue.Repo, permission), Sender: convert.ToUser(ctx, doer, nil), }) @@ -236,7 +236,7 @@ func (m *webhookNotifier) IssueChangeStatus(ctx context.Context, doer *user_mode // Merge pull request calls issue.changeStatus so we need to handle separately. apiPullRequest := &api.PullRequestPayload{ Index: issue.Index, - PullRequest: convert.ToAPIPullRequest(ctx, issue.PullRequest, nil), + PullRequest: convert.ToAPIPullRequest(ctx, issue.PullRequest, doer), Repository: convert.ToRepo(ctx, issue.Repo, permission), Sender: convert.ToUser(ctx, doer, nil), CommitID: commitID, @@ -307,7 +307,7 @@ func (m *webhookNotifier) NewPullRequest(ctx context.Context, pull *issues_model if err := PrepareWebhooks(ctx, EventSource{Repository: pull.Issue.Repo}, webhook_module.HookEventPullRequest, &api.PullRequestPayload{ Action: api.HookIssueOpened, Index: pull.Issue.Index, - PullRequest: convert.ToAPIPullRequest(ctx, pull, nil), + PullRequest: convert.ToAPIPullRequest(ctx, pull, pull.Issue.Poster), Repository: convert.ToRepo(ctx, pull.Issue.Repo, permission), Sender: convert.ToUser(ctx, pull.Issue.Poster, nil), }); err != nil { @@ -336,7 +336,7 @@ func (m *webhookNotifier) IssueChangeContent(ctx context.Context, doer *user_mod From: oldContent, }, }, - PullRequest: convert.ToAPIPullRequest(ctx, issue.PullRequest, nil), + PullRequest: convert.ToAPIPullRequest(ctx, issue.PullRequest, doer), Repository: convert.ToRepo(ctx, issue.Repo, permission), Sender: convert.ToUser(ctx, doer, nil), }) @@ -375,17 +375,20 @@ func (m *webhookNotifier) UpdateComment(ctx context.Context, doer *user_model.Us } var eventType webhook_module.HookEventType + var pullRequest *api.PullRequest if c.Issue.IsPull { eventType = webhook_module.HookEventPullRequestComment + pullRequest = convert.ToAPIPullRequest(ctx, c.Issue.PullRequest, doer) } else { eventType = webhook_module.HookEventIssueComment } permission, _ := access_model.GetUserRepoPermission(ctx, c.Issue.Repo, doer) if err := PrepareWebhooks(ctx, EventSource{Repository: c.Issue.Repo}, eventType, &api.IssueCommentPayload{ - Action: api.HookIssueCommentEdited, - Issue: convert.ToAPIIssue(ctx, doer, c.Issue), - Comment: convert.ToAPIComment(ctx, c.Issue.Repo, c), + Action: api.HookIssueCommentEdited, + Issue: convert.ToAPIIssue(ctx, doer, c.Issue), + PullRequest: pullRequest, + Comment: convert.ToAPIComment(ctx, c.Issue.Repo, c), Changes: &api.ChangesPayload{ Body: &api.ChangesFromPayload{ From: oldContent, @@ -403,20 +406,23 @@ func (m *webhookNotifier) CreateIssueComment(ctx context.Context, doer *user_mod issue *issues_model.Issue, comment *issues_model.Comment, mentions []*user_model.User, ) { var eventType webhook_module.HookEventType + var pullRequest *api.PullRequest if issue.IsPull { eventType = webhook_module.HookEventPullRequestComment + pullRequest = convert.ToAPIPullRequest(ctx, issue.PullRequest, doer) } else { eventType = webhook_module.HookEventIssueComment } permission, _ := access_model.GetUserRepoPermission(ctx, repo, doer) if err := PrepareWebhooks(ctx, EventSource{Repository: issue.Repo}, eventType, &api.IssueCommentPayload{ - Action: api.HookIssueCommentCreated, - Issue: convert.ToAPIIssue(ctx, doer, issue), - Comment: convert.ToAPIComment(ctx, repo, comment), - Repository: convert.ToRepo(ctx, repo, permission), - Sender: convert.ToUser(ctx, doer, nil), - IsPull: issue.IsPull, + Action: api.HookIssueCommentCreated, + Issue: convert.ToAPIIssue(ctx, doer, issue), + PullRequest: pullRequest, + Comment: convert.ToAPIComment(ctx, repo, comment), + Repository: convert.ToRepo(ctx, repo, permission), + Sender: convert.ToUser(ctx, doer, nil), + IsPull: issue.IsPull, }); err != nil { log.Error("PrepareWebhooks [comment_id: %d]: %v", comment.ID, err) } @@ -440,20 +446,23 @@ func (m *webhookNotifier) DeleteComment(ctx context.Context, doer *user_model.Us } var eventType webhook_module.HookEventType + var pullRequest *api.PullRequest if comment.Issue.IsPull { eventType = webhook_module.HookEventPullRequestComment + pullRequest = convert.ToAPIPullRequest(ctx, comment.Issue.PullRequest, doer) } else { eventType = webhook_module.HookEventIssueComment } permission, _ := access_model.GetUserRepoPermission(ctx, comment.Issue.Repo, doer) if err := PrepareWebhooks(ctx, EventSource{Repository: comment.Issue.Repo}, eventType, &api.IssueCommentPayload{ - Action: api.HookIssueCommentDeleted, - Issue: convert.ToAPIIssue(ctx, doer, comment.Issue), - Comment: convert.ToAPIComment(ctx, comment.Issue.Repo, comment), - Repository: convert.ToRepo(ctx, comment.Issue.Repo, permission), - Sender: convert.ToUser(ctx, doer, nil), - IsPull: comment.Issue.IsPull, + Action: api.HookIssueCommentDeleted, + Issue: convert.ToAPIIssue(ctx, doer, comment.Issue), + PullRequest: pullRequest, + Comment: convert.ToAPIComment(ctx, comment.Issue.Repo, comment), + Repository: convert.ToRepo(ctx, comment.Issue.Repo, permission), + Sender: convert.ToUser(ctx, doer, nil), + IsPull: comment.Issue.IsPull, }); err != nil { log.Error("PrepareWebhooks [comment_id: %d]: %v", comment.ID, err) } @@ -525,7 +534,7 @@ func (m *webhookNotifier) IssueChangeLabels(ctx context.Context, doer *user_mode err = PrepareWebhooks(ctx, EventSource{Repository: issue.Repo}, webhook_module.HookEventPullRequestLabel, &api.PullRequestPayload{ Action: api.HookIssueLabelUpdated, Index: issue.Index, - PullRequest: convert.ToAPIPullRequest(ctx, issue.PullRequest, nil), + PullRequest: convert.ToAPIPullRequest(ctx, issue.PullRequest, doer), Repository: convert.ToRepo(ctx, issue.Repo, access_model.Permission{AccessMode: perm.AccessModeOwner}), Sender: convert.ToUser(ctx, doer, nil), }) @@ -567,7 +576,7 @@ func (m *webhookNotifier) IssueChangeMilestone(ctx context.Context, doer *user_m err = PrepareWebhooks(ctx, EventSource{Repository: issue.Repo}, webhook_module.HookEventPullRequestMilestone, &api.PullRequestPayload{ Action: hookAction, Index: issue.Index, - PullRequest: convert.ToAPIPullRequest(ctx, issue.PullRequest, nil), + PullRequest: convert.ToAPIPullRequest(ctx, issue.PullRequest, doer), Repository: convert.ToRepo(ctx, issue.Repo, permission), Sender: convert.ToUser(ctx, doer, nil), }) @@ -640,7 +649,7 @@ func (*webhookNotifier) MergePullRequest(ctx context.Context, doer *user_model.U // Merge pull request calls issue.changeStatus so we need to handle separately. apiPullRequest := &api.PullRequestPayload{ Index: pr.Issue.Index, - PullRequest: convert.ToAPIPullRequest(ctx, pr, nil), + PullRequest: convert.ToAPIPullRequest(ctx, pr, doer), Repository: convert.ToRepo(ctx, pr.Issue.Repo, permission), Sender: convert.ToUser(ctx, doer, nil), Action: api.HookIssueClosed, @@ -668,7 +677,7 @@ func (m *webhookNotifier) PullRequestChangeTargetBranch(ctx context.Context, doe From: oldBranch, }, }, - PullRequest: convert.ToAPIPullRequest(ctx, pr, nil), + PullRequest: convert.ToAPIPullRequest(ctx, pr, doer), Repository: convert.ToRepo(ctx, issue.Repo, mode), Sender: convert.ToUser(ctx, doer, nil), }); err != nil { @@ -703,11 +712,12 @@ func (m *webhookNotifier) PullRequestReview(ctx context.Context, pr *issues_mode return } if err := PrepareWebhooks(ctx, EventSource{Repository: review.Issue.Repo}, reviewHookType, &api.PullRequestPayload{ - Action: api.HookIssueReviewed, - Index: review.Issue.Index, - PullRequest: convert.ToAPIPullRequest(ctx, pr, nil), - Repository: convert.ToRepo(ctx, review.Issue.Repo, permission), - Sender: convert.ToUser(ctx, review.Reviewer, nil), + Action: api.HookIssueReviewed, + Index: review.Issue.Index, + PullRequest: convert.ToAPIPullRequest(ctx, pr, review.Reviewer), + RequestedReviewer: convert.ToUser(ctx, review.Reviewer, nil), + Repository: convert.ToRepo(ctx, review.Issue.Repo, permission), + Sender: convert.ToUser(ctx, review.Reviewer, nil), Review: &api.ReviewPayload{ Type: string(reviewHookType), Content: review.Content, @@ -729,7 +739,7 @@ func (m *webhookNotifier) PullRequestReviewRequest(ctx context.Context, doer *us } apiPullRequest := &api.PullRequestPayload{ Index: issue.Index, - PullRequest: convert.ToAPIPullRequest(ctx, issue.PullRequest, nil), + PullRequest: convert.ToAPIPullRequest(ctx, issue.PullRequest, doer), RequestedReviewer: convert.ToUser(ctx, reviewer, nil), Repository: convert.ToRepo(ctx, issue.Repo, permission), Sender: convert.ToUser(ctx, doer, nil), @@ -774,7 +784,7 @@ func (m *webhookNotifier) PullRequestSynchronized(ctx context.Context, doer *use if err := PrepareWebhooks(ctx, EventSource{Repository: pr.Issue.Repo}, webhook_module.HookEventPullRequestSync, &api.PullRequestPayload{ Action: api.HookIssueSynchronized, Index: pr.Issue.Index, - PullRequest: convert.ToAPIPullRequest(ctx, pr, nil), + PullRequest: convert.ToAPIPullRequest(ctx, pr, doer), Repository: convert.ToRepo(ctx, pr.Issue.Repo, access_model.Permission{AccessMode: perm.AccessModeOwner}), Sender: convert.ToUser(ctx, doer, nil), }); err != nil { From 603fca1e27bc29c1e700cc1bd284eb619d2436c8 Mon Sep 17 00:00:00 2001 From: cloudchamb3r Date: Wed, 16 Oct 2024 21:39:47 +0900 Subject: [PATCH 22/27] Fix null errors on conversation holder (#32258) (#32266) fix #32258 Errors in the issue was due to unhandled null check. so i fixed it. ### Detailed description for Issue & Fix To reproduce that issue, the comment must be deleted on Conversation tab. #### Before Delete image #### After Delete (AS-IS) image gitea already have remove logic for `timeline-item-group`, but because of null ref exception the later logic that removes `timeline-item-group` could be not be called correctly. --- web_src/js/features/repo-issue.ts | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/web_src/js/features/repo-issue.ts b/web_src/js/features/repo-issue.ts index 4377292a64..e450f561c0 100644 --- a/web_src/js/features/repo-issue.ts +++ b/web_src/js/features/repo-issue.ts @@ -187,14 +187,17 @@ export function initRepoIssueCommentDelete() { const path = conversationHolder.getAttribute('data-path'); const side = conversationHolder.getAttribute('data-side'); const idx = conversationHolder.getAttribute('data-idx'); - const lineType = conversationHolder.closest('tr').getAttribute('data-line-type'); + const lineType = conversationHolder.closest('tr')?.getAttribute('data-line-type'); - if (lineType === 'same') { - document.querySelector(`[data-path="${path}"] .add-code-comment[data-idx="${idx}"]`).classList.remove('tw-invisible'); - } else { - document.querySelector(`[data-path="${path}"] .add-code-comment[data-side="${side}"][data-idx="${idx}"]`).classList.remove('tw-invisible'); + // the conversation holder could appear either on the "Conversation" page, or the "Files Changed" page + // on the Conversation page, there is no parent "tr", so no need to do anything for "add-code-comment" + if (lineType) { + if (lineType === 'same') { + document.querySelector(`[data-path="${path}"] .add-code-comment[data-idx="${idx}"]`).classList.remove('tw-invisible'); + } else { + document.querySelector(`[data-path="${path}"] .add-code-comment[data-side="${side}"][data-idx="${idx}"]`).classList.remove('tw-invisible'); + } } - conversationHolder.remove(); } From 0196b3583a09131f42dd0a364ad46babd5f12e04 Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Thu, 17 Oct 2024 10:28:51 +0800 Subject: [PATCH 23/27] Warn users when they try to use a non-root-url to sign in/up (#32272) --- web_src/js/features/common-page.ts | 8 ++++++++ web_src/js/features/user-auth.ts | 7 ++++++- web_src/js/index.ts | 3 ++- 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/web_src/js/features/common-page.ts b/web_src/js/features/common-page.ts index 1a4decd752..77fe2cc1ca 100644 --- a/web_src/js/features/common-page.ts +++ b/web_src/js/features/common-page.ts @@ -91,3 +91,11 @@ export function checkAppUrl() { showGlobalErrorMessage(`Your ROOT_URL in app.ini is "${appUrl}", it's unlikely matching the site you are visiting. Mismatched ROOT_URL config causes wrong URL links for web UI/mail content/webhook notification/OAuth2 sign-in.`, 'warning'); } + +export function checkAppUrlScheme() { + const curUrl = window.location.href; + // some users visit "http://domain" while appUrl is "https://domain", COOKIE_SECURE makes it impossible to sign in + if (curUrl.startsWith('http:') && appUrl.startsWith('https:')) { + showGlobalErrorMessage(`This instance is configured to run under HTTPS (by ROOT_URL config), you are accessing by HTTP. Mismatched scheme might cause problems for sign-in/sign-up.`, 'warning'); + } +} diff --git a/web_src/js/features/user-auth.ts b/web_src/js/features/user-auth.ts index f1f34bc806..b716287ff2 100644 --- a/web_src/js/features/user-auth.ts +++ b/web_src/js/features/user-auth.ts @@ -1,4 +1,9 @@ -import {checkAppUrl} from './common-page.ts'; +import {checkAppUrl, checkAppUrlScheme} from './common-page.ts'; + +export function initUserCheckAppUrl() { + if (!document.querySelector('.page-content.user.signin, .page-content.user.signup, .page-content.user.link-account')) return; + checkAppUrlScheme(); +} export function initUserAuthOauth2() { const outer = document.querySelector('#oauth2-login-navigator'); diff --git a/web_src/js/index.ts b/web_src/js/index.ts index db678a25ba..13dfe1f3ef 100644 --- a/web_src/js/index.ts +++ b/web_src/js/index.ts @@ -24,7 +24,7 @@ import {initFindFileInRepo} from './features/repo-findfile.ts'; import {initCommentContent, initMarkupContent} from './markup/content.ts'; import {initPdfViewer} from './render/pdf.ts'; -import {initUserAuthOauth2} from './features/user-auth.ts'; +import {initUserAuthOauth2, initUserCheckAppUrl} from './features/user-auth.ts'; import { initRepoIssueDue, initRepoIssueReferenceRepositorySearch, @@ -219,6 +219,7 @@ onDomReady(() => { initCommitStatuses, initCaptcha, + initUserCheckAppUrl, initUserAuthOauth2, initUserAuthWebAuthn, initUserAuthWebAuthnRegister, From 2b8ff419a75afd81b9902c4964e9ad9475000825 Mon Sep 17 00:00:00 2001 From: cloudchamb3r Date: Thu, 17 Oct 2024 14:43:48 +0900 Subject: [PATCH 24/27] Add `gh-access-token` flag into backport script (#32283) The current backport script does not have github access token flag. This patch will be useful when encountered rate limit issue. --- contrib/backport/backport.go | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/contrib/backport/backport.go b/contrib/backport/backport.go index 9ae4483d8b..eb19437445 100644 --- a/contrib/backport/backport.go +++ b/contrib/backport/backport.go @@ -64,6 +64,11 @@ func main() { Value: "", Usage: "Forked user name on Github", }, + &cli.StringFlag{ + Name: "gh-access-token", + Value: "", + Usage: "Access token for GitHub api request", + }, &cli.BoolFlag{ Name: "no-fetch", Usage: "Set this flag to prevent fetch of remote branches", @@ -169,9 +174,10 @@ func runBackport(c *cli.Context) error { fmt.Printf("* Backporting %s to %s as %s\n", pr, localReleaseBranch, backportBranch) sha := c.String("cherry-pick") + accessToken := c.String("gh-access-token") if sha == "" { var err error - sha, err = determineSHAforPR(ctx, pr) + sha, err = determineSHAforPR(ctx, pr, accessToken) if err != nil { return err } @@ -427,13 +433,16 @@ func readVersion() string { return strings.Join(split[:2], ".") } -func determineSHAforPR(ctx context.Context, prStr string) (string, error) { +func determineSHAforPR(ctx context.Context, prStr, accessToken string) (string, error) { prNum, err := strconv.Atoi(prStr) if err != nil { return "", err } client := github.NewClient(http.DefaultClient) + if accessToken != "" { + client = client.WithAuthToken(accessToken) + } pr, _, err := client.PullRequests.Get(ctx, "go-gitea", "gitea", prNum) if err != nil { From 9116665e9c1c01d882c919fb3058f7fdb695350e Mon Sep 17 00:00:00 2001 From: Zettat123 Date: Thu, 17 Oct 2024 17:05:38 +0800 Subject: [PATCH 25/27] Always update expiration time when creating an artifact (#32281) Fix #32256 --- models/actions/artifact.go | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/models/actions/artifact.go b/models/actions/artifact.go index 3d0a288e62..0bc66ba24e 100644 --- a/models/actions/artifact.go +++ b/models/actions/artifact.go @@ -69,7 +69,7 @@ func CreateArtifact(ctx context.Context, t *ActionTask, artifactName, artifactPa OwnerID: t.OwnerID, CommitSHA: t.CommitSHA, Status: int64(ArtifactStatusUploadPending), - ExpiredUnix: timeutil.TimeStamp(time.Now().Unix() + 3600*24*expiredDays), + ExpiredUnix: timeutil.TimeStamp(time.Now().Unix() + timeutil.Day*expiredDays), } if _, err := db.GetEngine(ctx).Insert(artifact); err != nil { return nil, err @@ -78,6 +78,13 @@ func CreateArtifact(ctx context.Context, t *ActionTask, artifactName, artifactPa } else if err != nil { return nil, err } + + if _, err := db.GetEngine(ctx).ID(artifact.ID).Cols("expired_unix").Update(&ActionArtifact{ + ExpiredUnix: timeutil.TimeStamp(time.Now().Unix() + timeutil.Day*expiredDays), + }); err != nil { + return nil, err + } + return artifact, nil } From 08c963c921ad05640890be0fe95711bc36264e9e Mon Sep 17 00:00:00 2001 From: YR Chen Date: Sat, 19 Oct 2024 20:51:55 +0800 Subject: [PATCH 26/27] Update github.com/go-enry/go-enry to v2.9.1 (#32295) `go-enry` v2.9.1 includes latest file patterns from Linguist, which can identify more generated file type, eg. `pdm.lock`. --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index d85553ac9f..1005176d29 100644 --- a/go.mod +++ b/go.mod @@ -54,7 +54,7 @@ require ( github.com/go-chi/chi/v5 v5.0.13 github.com/go-chi/cors v1.2.1 github.com/go-co-op/gocron v1.37.0 - github.com/go-enry/go-enry/v2 v2.8.8 + github.com/go-enry/go-enry/v2 v2.9.1 github.com/go-git/go-billy/v5 v5.5.0 github.com/go-git/go-git/v5 v5.12.0 github.com/go-ldap/ldap/v3 v3.4.6 diff --git a/go.sum b/go.sum index bb185e20c1..f8d0287dd2 100644 --- a/go.sum +++ b/go.sum @@ -315,8 +315,8 @@ github.com/go-chi/cors v1.2.1 h1:xEC8UT3Rlp2QuWNEr4Fs/c2EAGVKBwy/1vHx3bppil4= github.com/go-chi/cors v1.2.1/go.mod h1:sSbTewc+6wYHBBCW7ytsFSn836hqM7JxpglAy2Vzc58= github.com/go-co-op/gocron v1.37.0 h1:ZYDJGtQ4OMhTLKOKMIch+/CY70Brbb1dGdooLEhh7b0= github.com/go-co-op/gocron v1.37.0/go.mod h1:3L/n6BkO7ABj+TrfSVXLRzsP26zmikL4ISkLQ0O8iNY= -github.com/go-enry/go-enry/v2 v2.8.8 h1:EhfxWpw4DQ3WEFB1Y77X8vKqZL0D0EDUUWYDUAIv9/4= -github.com/go-enry/go-enry/v2 v2.8.8/go.mod h1:9yrj4ES1YrbNb1Wb7/PWYr2bpaCXUGRt0uafN0ISyG8= +github.com/go-enry/go-enry/v2 v2.9.1 h1:G9iDteJ/Mc0F4Di5NeQknf83R2OkRbwY9cAYmcqVG6U= +github.com/go-enry/go-enry/v2 v2.9.1/go.mod h1:9yrj4ES1YrbNb1Wb7/PWYr2bpaCXUGRt0uafN0ISyG8= github.com/go-enry/go-oniguruma v1.2.1 h1:k8aAMuJfMrqm/56SG2lV9Cfti6tC4x8673aHCcBk+eo= github.com/go-enry/go-oniguruma v1.2.1/go.mod h1:bWDhYP+S6xZQgiRL7wlTScFYBe023B6ilRZbCAD5Hf4= github.com/go-faster/city v1.0.1 h1:4WAxSZ3V2Ws4QRDrscLEDcibJY8uf41H6AhXDrNDcGw= From d638067d3cb0a7f69b4d899f65b9be4940bd3e41 Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Sat, 19 Oct 2024 22:11:56 +0200 Subject: [PATCH 27/27] API: enhance SearchIssues swagger docs (#32208) this will result in better api clients generated out of the openapi docs ... for SearchIssues --- *Sponsored by Kithara Software GmbH* --- routers/api/v1/repo/issue.go | 51 +++++++++++++++++++----------- templates/swagger/v1_json.tmpl | 58 ++++++++++++++++++++++++---------- 2 files changed, 73 insertions(+), 36 deletions(-) diff --git a/routers/api/v1/repo/issue.go b/routers/api/v1/repo/issue.go index d8c39b0f69..e86fb3ccb1 100644 --- a/routers/api/v1/repo/issue.go +++ b/routers/api/v1/repo/issue.go @@ -41,80 +41,93 @@ func SearchIssues(ctx *context.APIContext) { // parameters: // - name: state // in: query - // description: whether issue is open or closed + // description: State of the issue // type: string + // enum: [open, closed, all] + // default: open // - name: labels // in: query - // description: comma separated list of labels. Fetch only issues that have any of this labels. Non existent labels are discarded + // description: Comma-separated list of label names. Fetch only issues that have any of these labels. Non existent labels are discarded. // type: string // - name: milestones // in: query - // description: comma separated list of milestone names. Fetch only issues that have any of this milestones. Non existent are discarded + // description: Comma-separated list of milestone names. Fetch only issues that have any of these milestones. Non existent milestones are discarded. // type: string // - name: q // in: query - // description: search string + // description: Search string // type: string // - name: priority_repo_id // in: query - // description: repository to prioritize in the results + // description: Repository ID to prioritize in the results // type: integer // format: int64 // - name: type // in: query - // description: filter by type (issues / pulls) if set + // description: Filter by issue type // type: string + // enum: [issues, pulls] // - name: since // in: query - // description: Only show notifications updated after the given time. This is a timestamp in RFC 3339 format + // description: Only show issues updated after the given time (RFC 3339 format) // type: string // format: date-time - // required: false // - name: before // in: query - // description: Only show notifications updated before the given time. This is a timestamp in RFC 3339 format + // description: Only show issues updated before the given time (RFC 3339 format) // type: string // format: date-time - // required: false // - name: assigned // in: query - // description: filter (issues / pulls) assigned to you, default is false + // description: Filter issues or pulls assigned to the authenticated user // type: boolean + // default: false // - name: created // in: query - // description: filter (issues / pulls) created by you, default is false + // description: Filter issues or pulls created by the authenticated user // type: boolean + // default: false // - name: mentioned // in: query - // description: filter (issues / pulls) mentioning you, default is false + // description: Filter issues or pulls mentioning the authenticated user // type: boolean + // default: false // - name: review_requested // in: query - // description: filter pulls requesting your review, default is false + // description: Filter pull requests where the authenticated user's review was requested // type: boolean + // default: false // - name: reviewed // in: query - // description: filter pulls reviewed by you, default is false + // description: Filter pull requests reviewed by the authenticated user // type: boolean + // default: false // - name: owner // in: query - // description: filter by owner + // description: Filter by repository owner // type: string // - name: team // in: query - // description: filter by team (requires organization owner parameter to be provided) + // description: Filter by team (requires organization owner parameter) // type: string // - name: page // in: query - // description: page number of results to return (1-based) + // description: Page number of results to return (1-based) // type: integer + // minimum: 1 + // default: 1 // - name: limit // in: query - // description: page size of results + // description: Number of items per page // type: integer + // minimum: 0 // responses: // "200": // "$ref": "#/responses/IssueList" + // "400": + // "$ref": "#/responses/error" + // "422": + // "$ref": "#/responses/validationError" before, since, err := context.GetQueryBeforeSince(ctx.Base) if err != nil { diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl index 2cbd8782d8..a2b75bd873 100644 --- a/templates/swagger/v1_json.tmpl +++ b/templates/swagger/v1_json.tmpl @@ -3444,107 +3444,125 @@ "operationId": "issueSearchIssues", "parameters": [ { + "enum": [ + "open", + "closed", + "all" + ], "type": "string", - "description": "whether issue is open or closed", + "default": "open", + "description": "State of the issue", "name": "state", "in": "query" }, { "type": "string", - "description": "comma separated list of labels. Fetch only issues that have any of this labels. Non existent labels are discarded", + "description": "Comma-separated list of label names. Fetch only issues that have any of these labels. Non existent labels are discarded.", "name": "labels", "in": "query" }, { "type": "string", - "description": "comma separated list of milestone names. Fetch only issues that have any of this milestones. Non existent are discarded", + "description": "Comma-separated list of milestone names. Fetch only issues that have any of these milestones. Non existent milestones are discarded.", "name": "milestones", "in": "query" }, { "type": "string", - "description": "search string", + "description": "Search string", "name": "q", "in": "query" }, { "type": "integer", "format": "int64", - "description": "repository to prioritize in the results", + "description": "Repository ID to prioritize in the results", "name": "priority_repo_id", "in": "query" }, { + "enum": [ + "issues", + "pulls" + ], "type": "string", - "description": "filter by type (issues / pulls) if set", + "description": "Filter by issue type", "name": "type", "in": "query" }, { "type": "string", "format": "date-time", - "description": "Only show notifications updated after the given time. This is a timestamp in RFC 3339 format", + "description": "Only show issues updated after the given time (RFC 3339 format)", "name": "since", "in": "query" }, { "type": "string", "format": "date-time", - "description": "Only show notifications updated before the given time. This is a timestamp in RFC 3339 format", + "description": "Only show issues updated before the given time (RFC 3339 format)", "name": "before", "in": "query" }, { "type": "boolean", - "description": "filter (issues / pulls) assigned to you, default is false", + "default": false, + "description": "Filter issues or pulls assigned to the authenticated user", "name": "assigned", "in": "query" }, { "type": "boolean", - "description": "filter (issues / pulls) created by you, default is false", + "default": false, + "description": "Filter issues or pulls created by the authenticated user", "name": "created", "in": "query" }, { "type": "boolean", - "description": "filter (issues / pulls) mentioning you, default is false", + "default": false, + "description": "Filter issues or pulls mentioning the authenticated user", "name": "mentioned", "in": "query" }, { "type": "boolean", - "description": "filter pulls requesting your review, default is false", + "default": false, + "description": "Filter pull requests where the authenticated user's review was requested", "name": "review_requested", "in": "query" }, { "type": "boolean", - "description": "filter pulls reviewed by you, default is false", + "default": false, + "description": "Filter pull requests reviewed by the authenticated user", "name": "reviewed", "in": "query" }, { "type": "string", - "description": "filter by owner", + "description": "Filter by repository owner", "name": "owner", "in": "query" }, { "type": "string", - "description": "filter by team (requires organization owner parameter to be provided)", + "description": "Filter by team (requires organization owner parameter)", "name": "team", "in": "query" }, { + "minimum": 1, "type": "integer", - "description": "page number of results to return (1-based)", + "default": 1, + "description": "Page number of results to return (1-based)", "name": "page", "in": "query" }, { + "minimum": 0, "type": "integer", - "description": "page size of results", + "description": "Number of items per page", "name": "limit", "in": "query" } @@ -3552,6 +3570,12 @@ "responses": { "200": { "$ref": "#/responses/IssueList" + }, + "400": { + "$ref": "#/responses/error" + }, + "422": { + "$ref": "#/responses/validationError" } } }