0
0
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2024-12-25 03:24:09 +01:00
Commit graph

488 commits

Author SHA1 Message Date
Oleg Kovalov
5a4648cdd6 Remove check for negative length (#5120) 2018-10-20 17:25:14 -04:00
Lanre Adelowo
2a6d3ba058 Allow admin toggle forcing a password change for newly created users (#4563) 2018-09-13 12:34:36 -04:00
Lanre Adelowo
126ba796dc Force user to change password (#4489)
* redirect to login page after successfully activating account

* force users to change password if account was created by an admin

* force users to change password if account was created by an admin

* fixed build

* fixed build

* fix pending issues with translation and wrong routes

* make sure path check is safe

* remove unneccessary newline

* make sure users that don't have to view the form get redirected

* move route to use /settings prefix so as to make sure unauthenticated users can't view the page

* update as per @lafriks review

* add necessary comment

* remove unrelated changes

* support redirecting to location the user actually want to go to before being forced to change his/her password

* run make fmt

* added tests

* improve assertions

* add assertion

* fix copyright year

Signed-off-by: Lanre Adelowo <yo@lanre.wtf>
2018-09-13 15:04:25 +03:00
B-OnTheGo
e47df0b301 Enforce token on api routes [fixed critical security issue #4357] (#4840) 2018-09-10 12:15:52 -04:00
Lanre Adelowo
be48397945 Slack webhook channel name cannot be empty or just contain an hashtag (#4786) 2018-09-10 10:31:08 -04:00
Lanre Adelowo
0df7cab4fb prevent empty review comment (#4632)
* prevent empty review comment

This would only require a comment for rejection and comment

* add tests

* add comment
2018-08-07 20:15:41 +03:00
Lauris BH
6e64f9db8e Pull request review/approval and comment on code (#3748)
* Initial ui components for pull request review

* Add Review
Add IssueComment types

Signed-off-by: Jonas Franz <info@jonasfranz.software>

(cherry picked from commit 2b4daab)
Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Replace ReviewComment with Content

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add load functions
Add ReviewID to findComments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add create review comment implementation
Add migration for review
Other small changes

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Simplified create and find functions for review

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Moved "Pending" to first position

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add GetCurrentReview to simplify fetching current review

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Preview for listing comments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Move new comment form to its own file

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Implement Review form
Show Review comments on comment stream

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add support for single comments
Showing buttons in context

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add pending tag to pending review comments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add unit tests for Review

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fetch all review ids at once
Add unit tests

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* gofmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Improved comment rendering in "Files" view by adding Comments to DiffLine

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add support for invalidating comments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Switched back to code.gitea.io/git

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Moved review migration from v64 to v65

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Rebuild css

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* gofmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Improve translations

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix unit tests by updating fixtures and updating outdated test

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Comments will be shown at the right place now

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add support for deleting CodeComments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix problems caused by files in subdirectories

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add support for showing code comments of reviews in conversation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add support for "Show/Hide outdated"

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update code.gitea.io/git

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add support for new webhooks

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update comparison

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Resolve conflicts

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Minor UI improvements

* update code.gitea.io/git

* Fix ui bug reported by @lunny causing wrong position of add button
Add functionality to "Cancel" button
Add scale effects to add button
Hide "Cancel" button for existing comments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Prepare solving conflicts

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Show add button only if no comments already exist for the line

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add missing vendor files

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Check if reviewer is nil

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Show forms only to users who are logged in

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Revert "Show forms only to users who are logged in"

This reverts commit c083682

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Save patch in comment
Render patch for code comments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add link to comment in code

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add reply form to comment list
Show forms only to signed in users

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add 'Reply' as translatable
Add CODE_COMMENT_LINES setting

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* gofmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix problems introduced by checking for singed in user

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add v70

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update generated stylesheet

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix preview
Beginn with new review comment patch system

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add new algo to generate diff for line range
Remove old algo used for cutting big diffs (it was very buggy)

* Add documentation and example for CutDiffAroundLine

* Fix example of CutDiffAroundLine

* Fix some comment UI rendering bugs

* Add code comment edit mode

* Send notifications / actions to users until review gets published
Fix diff generation bug
Fix wrong hashtag

* Fix vet errors

* Send notifications also for single comments

* Fix some notification bugs, fix link

* Fix: add comment icon is only shown on code lines

* Add lint comment

* Add unit tests for git diff

* Add more error messages

* Regenerated css

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* fmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Regenerated CSS with latest less version

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix test by updating comment type to new ID

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Introducing CodeComments as type for map[string]map[int64][]*Comment
Other minor code improvements

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix data-tab issues

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Remove unnecessary change

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* refactored checkForInvalidation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Append comments instead of setting

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Use HeadRepo instead of BaseRepo

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update migration

Signed-off-by: Jonas Franz <info@jonasfranz.de>

* Regenerated CSS

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add copyright

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update index.css

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-08-06 06:43:21 +02:00
kolaente
1bff02de55 Added dependencies for issues (#2196) (#2531) 2018-07-17 17:23:58 -04:00
Fluf
f035dcd4f2 Add Recaptcha functionality to Gitea (#4044) 2018-07-05 00:13:05 -04:00
techknowlogick
4ee52b7161 Add scope to Gitlab oauth request (#4330)
Fix #3449
2018-06-30 20:13:17 +03:00
Bwko
1f877f8c87 Add tag check to release draft creation (#3729) 2018-06-04 08:34:44 +03:00
Magnus Lindvall
cdb9478774 LDAP Public SSH Keys synchronization (#1844)
* Add LDAP Key Synchronization feature

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Add migration: add login source id column for public_key table

* Only update keys if needed

* Add function to only list pubkey synchronized from ldap

* Only list pub ssh keys synchronized from ldap. Do not sort strings as ExistsInSlice does it.

* Only get keys belonging to current login source id

* Set default login source id to 0

* Some minor cleanup. Add integration tests (updete dep testify)
2018-05-24 07:59:02 +03:00
Jonas Franz
951309f76a Add support for FIDO U2F (#3971)
* Add support for U2F

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add vendor library
Add missing translations

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Minor improvements

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library
Add U2F error handling

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F login page to OAuth

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Move U2F user settings to a separate file

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add unit tests for u2f model
Renamed u2f table name

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix problems caused by refactoring

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F documentation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Remove not needed console.log-s

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add default values to app.ini.sample
Add FIDO U2F to comparison

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-05-19 17:12:37 +03:00
David Schneiderbauer
80d1998981 add missing token validation and fix missing alert on application settings page (#3976) 2018-05-16 22:18:13 +08:00
Lunny Xiao
24941a1046
Add more webhooks support and refactor webhook templates directory (#3929)
* add more webhook support

* move hooks templates to standalone dir and add more webhooks ui

* fix tests

* update vendor checksum

* add more webhook support

* move hooks templates to standalone dir and add more webhooks ui

* fix tests

* update vendor checksum

* update vendor

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* load attributes when created release

* update comparsion doc
2018-05-16 22:01:55 +08:00
FabioFortini
1546458f7d issue-2768: added new option allow_only_external_registration (#3910) 2018-05-13 15:51:16 +08:00
kolaente
95f2e2b57b Multiple assignees (#3705) 2018-05-09 19:29:04 +03:00
Lauris BH
501fb228e6
Add option to use paged LDAP search when synchronizing users (#3895) 2018-05-05 17:30:47 +03:00
kolaente
1fdf560678 Added user language setting (#3875)
* Added user language setting

* Added translation string for setting

* Fixed import order + typo

* improved checking if the user has a language saved in the db

* The current saved language is now set a default inside the dropdown

* fmt

* When a user signs in and doesn't have a language saved, the current browser language is saved

* updated gitea-sdk

* Merge branch 'master' of https://github.com/go-gitea/gitea into save-user-language

# Conflicts:
#	models/migrations/migrations.go
#	models/migrations/v62.go

* Made tests work again

* trigger CI

* trigger CI

* fmt

* re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO

* re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO

* When loggin in, only the language col gets updated instead of everything
2018-05-05 08:28:30 +08:00
kolaente
1a97030017 Issue due date (#3794)
* Started adding deadline to ui

* Implemented basic issue due date managing

* Improved UI for due date managing

* Added at least write access to the repo in order to modify issue due dates

* Ui improvements

* Added issue comments creation when adding/modifying/removing a due date

* Show due date in issue list

* Added api support for issue due dates

* Fixed lint suggestions

* Added deadline to sdk

* Updated css

* Added support for adding/modifiying deadlines for pull requests via api

* Fixed comments not created when updating or removing a deadline

* update sdk (will do properly once go-gitea/go-sdk#103 is merged)

* enhanced updateIssueDeadline

* Removed unnessecary Issue.DeadlineString

* UI improvements

* Small improvments to comment creation
+ ui & validation improvements

* Check if an issue is overdue is now a seperate function

* Updated go-sdk with govendor as it was merged

* Simplified isOverdue method

* removed unessecary deadline to 0 set

* Update swagger definitions

* Added missing return

* Added an explanary comment

* Improved updateIssueDeadline method so it'll only update `deadline_unix`

* Small changes and improvements
* no need to explicitly load the issue when updating a deadline, just use whats already there
* small optimisations

* Added check if a deadline was modified before updating it

* Moved comment creating logic into its own function

* Code cleanup for creating deadline comment

* locale improvement

* When modifying a deadline, the old deadline is saved with the comment

* small improvments to xorm session handling when updating an issue deadline
+ style nitpicks

* style nitpicks

* Moved checking for if the user has write acces to middleware
2018-05-01 22:05:28 +03:00
Lauris BH
5a62eb30df
Store OAuth2 session data in database (#3660)
* Store OAuth2 session data in database

* Rename table to `oauth2_session` and do not skip xormstorage initialization error
2018-04-29 09:09:24 +03:00
Lunny Xiao
bec69f702b
Add topic support (#3711)
* add topic models and unit tests

* fix comments

* fix comment

* add the UI to show or add topics for a repo

* show topics on repositories list

* fix test

* don't show manage topics link when no permission

* use green basic as topic label

* fix topic label color

* remove trace content

* remove debug function
2018-04-11 10:51:44 +08:00
Allen Wild
15c6bb500b Add repository setting to enable/disable health checks (#3607)
New Feature:
  * Repository struct field for IsFsckEnabled (default true of course)
  * Admin Settings section on repo options page, accessible only by
    admin users

Possible Enhancements:
  * There's no way to force running health checks on all repos
    regardless of their IsFsckEnabled setting. This would be useful if
    there were an admin API or dashboard button to run fsck immediately.

Issue: https://github.com/go-gitea/gitea/issues/1712
Signed-off-by: Allen Wild <allenwild93@gmail.com>
2018-03-27 22:13:20 +08:00
Chri-s
9350ba7947 Add protected branch whitelists for merging (#3689)
* Add database migrations for merge whitelist

* Add merge whitelist settings for protected branches

* Add checks for merge whitelists
2018-03-25 13:01:32 +03:00
Lauris BH
c0d41b1b77 Add label descriptions (#3662)
* Add label descriptions

* Add default descriptions to label template
2018-03-13 10:03:55 +08:00
Vlad Temian
e78786ef39 Writable deploy keys (closes #671) (#3225)
* Add is_writable checkbox to deploy keys interface

* Add writable key option to deploy key form

* Add support for writable ssh keys in the interface

* Rename IsWritable to ReadOnly

* Test: create read-only and read-write deploy keys via api

* Add DeployKey access mode migration

* Update gitea sdk via govendor

* Fix deploykey migration

* Add unittests for writable deploy keys

* Move template text to locale

* Remove implicit column update

* Remove duplicate locales

* Replace ReadOnly field with IsReadOnly method

* Fix deploy_keys related integration test

* Rename v54 migration with v55

* Fix migration hell
2018-01-07 00:55:53 +02:00
Lauris BH
8ac1501ad7
Add Pull Request merge options - Ignore white-space for conflict checking, Rebase, Squash merge (#3188)
* Pull request options migration and UI in settings

* Add ignore whitespace functionality

* Fix settings if pull requests are disabled

* Fix migration transaction

* Merge with Rebase functionality

* UI changes and related functionality for pull request merging button

* Implement squash functionality

* Fix rebase merging

* Fix pull request merge tests

* Add squash and rebase tests

* Fix API method to reuse default message functions

* Some refactoring and small fixes

* Remove more hardcoded values from tests

* Remove unneeded check from API method

* Fix variable name and comment typo

* Fix reset commit count after PR merge
2018-01-05 20:56:50 +02:00
Lunny Xiao
f2e20c81b6 Refactor struct's time to remove unnecessary memory usage (#3142)
* refactor struct's time to remove unnecessary memory usage

* use AsTimePtr simple code

* fix tests

* fix time compare

* fix template on gpg

* use AddDuration instead of Add
2017-12-11 06:37:04 +02:00
Lauris BH
5dc37b187c
Add reactions to issues/PR and comments (#2856) 2017-12-04 01:14:26 +02:00
Ethan Koenig
013db70fce Removed unused field in form (#3023) 2017-11-29 22:52:34 +02:00
Lunny Xiao
10b54df2b2 Add dingtalk webhook (#2777)
* add dingtalk webhook type

* add vendor

* some fixes

* fix name check

* fix name check & improvment
2017-11-21 06:26:43 +02:00
Sandro Santilli
e735d8cb25 Gogs -> Gitea (#2909)
rename label
2017-11-14 08:55:57 +08:00
Jochen Rill
f94e6fd7a5 Correct ldap username validation. (#2880)
PR #342 was only partially applied. Spaces should not be at the start
and end of a username but they can be inside.
2017-11-13 11:32:16 +02:00
Ethan Koenig
f26f4a7e01 Update swagger documentation (#2899)
* Update swagger documentation

Add docs for missing endpoints
Add documentation for request parameters
Make parameter naming consistent
Fix response documentation

* Restore delete comments
2017-11-13 09:02:25 +02:00
Lauris BH
f3833b7ce4 Create new branch from branch selection dropdown (#2130)
* Create new branch from branch selection dropdown and rewrite it to VueJS

* Make updateLocalCopyToCommit as not exported

* Move branch name validation to model

* Fix possible race condition
2017-10-15 22:59:24 +03:00
Lunny Xiao
1739e84ac0 improve protected branch to add whitelist support (#2451)
* improve protected branch to add whitelist support

* fix lint

* fix style check

* fix tests

* fix description on UI and import

* fix test

* bug fixed

* fix tests and languages

* move isSliceInt64Eq to util pkg; improve function names & typo
2017-09-14 16:16:22 +08:00
Jonas Franz
5ccecb44ad Feature: Timetracking (#2211)
* Added comment's hashtag to url for mail notifications.
* Added explanation to return statement + documentation.
* Replacing in-line link generation with HTMLURL. (+gofmt)
* Replaced action-based model with nil-based model. (+gofmt)
* Replaced mailIssueActionToParticipants with mailIssueCommentToParticipants.
* Updating comment for mailIssueCommentToParticipants
* Added link to comment in "Dashboard"
* Deleting feed entry if a comment is going to be deleted
* Added migration
* Added improved migration to add a CommentID column to action.
* Added improved links to comments in feed entries.
* Fixes #1956 by filtering for deleted comments that are referenced in actions.
* Introducing "IsDeleted" column to action.
* Adding design draft (not functional)
* Adding database models for stopwatches and trackedtimes
* See go-gitea/gitea#967
* Adding design draft (not functional)
* Adding translations and improving design
* Implementing stopwatch (for timetracking)
* Make UI functional
* Add hints in timeline for time tracking events
* Implementing timetracking feature
* Adding "Add time manual" option
* Improved stopwatch
* Created report of total spent time by user
* Only showing total time spent if theire is something to show.
* Adding license headers.
* Improved error handling for "Add Time Manual"
* Adding @sapks 's changes, refactoring
* Adding API for feature tracking
* Adding unit test
* Adding DISABLE/ENABLE option to Repository settings page
* Improving translations
* Applying @sapk 's changes
* Removing repo_unit and using IssuesSetting for disabling/enabling timetracker
* Adding DEFAULT_ENABLE_TIMETRACKER to config, installation and admin menu
* Improving documentation
* Fixing vendor/ folder
* Changing timtracking routes by adding subgroups /times and /times/stopwatch (Proposed by @lafriks )
* Restricting write access to timetracking based on the repo settings (Proposed by @lafriks )
* Fixed minor permissions bug.
* Adding CanUseTimetracker and IsTimetrackerEnabled in ctx.Repo
* Allow assignees and authors to track there time too.
* Fixed some build-time-errors + logical errors.
* Removing unused Get...ByID functions
* Moving IsTimetrackerEnabled from context.Repository to models.Repository
* Adding a seperate file for issue related repo functions
* Adding license headers
* Fixed GetUserByParams return 404
* Moving /users/:username/times to /repos/:username/:reponame/times/:username for security reasons
* Adding /repos/:username/times to get all tracked times of the repo
* Updating sdk-dependency
* Updating swagger.v1.json
* Adding warning if user has already a running stopwatch (auto-timetracker)
* Replacing GetTrackedTimesBy... with GetTrackedTimes(options FindTrackedTimesOptions)
* Changing code.gitea.io/sdk back to code.gitea.io/sdk
* Correcting spelling mistake
* Updating vendor.json
* Changing GET stopwatch/toggle to POST stopwatch/toggle
* Changing GET stopwatch/cancel to POST stopwatch/cancel
* Added migration for stopwatches/timetracking
* Fixed some access bugs for read-only users
* Added default allow only contributors to track time value to config
* Fixed migration by chaging x.Iterate to x.Find
* Resorted imports
* Moved Add Time Manually form to repo_form.go
* Removed "Seconds" field from Add Time Manually
* Resorted imports
* Improved permission checking
* Fixed some bugs
* Added integration test
* gofmt
* Adding integration test by @lafriks
* Added created_unix to comment fixtures
* Using last event instead of a fixed event
* Adding another integration test by @lafriks
* Fixing bug Timetracker enabled causing error 500 at sidebar.tpl
* Fixed a refactoring bug that resulted in hiding "HasUserStopwatch" warning.
* Returning TrackedTime instead of AddTimeOption at AddTime.
* Updating SDK from go-gitea/go-sdk#69
* Resetting Go-SDK back to default repository
* Fixing test-vendor by changing ini back to original repository
* Adding "tags" to swagger spec
* govendor sync
* Removed duplicate
* Formatting templates
* Adding IsTimetrackingEnabled checks to API
* Improving translations / english texts
* Improving documentation
* Updating swagger spec
* Fixing integration test caused be translation-changes
* Removed encoding issues in local_en-US.ini.
* "Added" copyright line
* Moved unit.IssuesConfig().EnableTimetracker into a != nil check
* Removed some other encoding issues in local_en-US.ini
* Improved javascript by checking if data-context exists
* Replaced manual comment creation with CreateComment
* Removed unnecessary code
* Improved error checking
* Small cosmetic changes
* Replaced int>string>duration parsing with int>duration parsing
* Fixed encoding issues
* Removed unused imports

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2017-09-12 09:48:13 +03:00
Ethan Koenig
b689bb6180 Webhooks for repo creation/deletion (#1663)
* Webhooks for repo creation/deletion

* add createHookTask

* Add handles for GetSlackPayload and GetDiscordPayload
2017-09-03 11:20:24 +03:00
Lunny Xiao
ced50e0ec1 Implementation of discord webhook (#2402)
* implementation of discord webhook

* fix webhooks

* fix typo and unnecessary color values

* fix typo

* fix imports and revert changes to webhook_slack.go
2017-08-28 13:06:45 +08:00
Zsombor
da230a2872 Add possibility to record branch or tag information in an issue (#780) 2017-08-24 15:30:27 +03:00
Sandro Santilli
2c3a229a3c Add OpenID configuration in install page (#2276) 2017-08-19 17:34:49 +02:00
Lauris BH
3702dac0d5 Fix profile update for non-local users (#2178) 2017-07-19 09:36:37 +08:00
Ethan Koenig
fea902adc8 Check for valid renamed usernames (#2077)
* Check for valid renamed usernames

* Integration test

* Test for username with space

* Make name field required
2017-07-01 22:48:29 +03:00
Rémy Boulanouar
e0c6ab2d44 Add Gitea Webhook (#1755)
* Replace Gogs by Gitea

* Fix missing changes

* Create Gitea webhook and put Gogs webhook apart.
2017-05-29 02:17:15 -05:00
Lunny Xiao
fd6034aaf2 Add units to team (#947)
* add units to team

* fix lint

* finish team setting backend

* finished permission controll on routes

* fix import blank line

* add unit check on ssh/http pull and push and fix test failed

* fix fixtures data

* remove unused code
2017-05-18 22:54:24 +08:00
Ethan Koenig
9e627af9a4 gofmt (#1710) 2017-05-12 16:09:53 +08:00
Lauris BH
524885dd65 LDAP user synchronization (#1478) 2017-05-10 15:10:18 +02:00
Lauris BH
51d0becb42 Add configuration option for default permission to create Organizations (#1686) 2017-05-08 21:51:53 +02:00
Willem van Dreumel
950f2e2074 Additional OAuth2 providers (#1010)
* add google+

* sort signin oauth2 providers based on the name so order is always the same

* update auth tip for google+

* add gitlab provider

* add bitbucket provider (and some go fmt)

* add twitter provider

* add facebook provider

* add dropbox provider

* add openid connect provider incl. new format of tips section in "Add New Source"

* lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow)

* imports according to goimport and code style

* make it possible to set custom urls to gitlab and github provider (only these could have a different host)

* split up oauth2 into multiple files

* small typo in comment

* fix indention

* fix indentation

* fix new line before external import

* fix layout of signin part

* update "broken" dependency
2017-05-01 21:26:53 +08:00
Antoine GIRARD
8371f94d06 Rework SSH key management UI to add GPG (#1293)
* Rework SSH key management UI to add GPG

* Add more detail to gpg key display

* Update CHANGELOG.md

* Implement deletion UI

* Implement adding gpg UI

* Various fixes

- Fix duplicate entry in locale
- Re-generate hash before verification since they are consumed

* Add missing translation

* Split template

* Catch not found/verified email error
2017-04-26 21:10:43 +08:00
Lauris BH
f42ec6120e Better URL validation (#1507)
* Add correct git branch name validation

* Change git refname validation error constant name

* Implement URL validation based on GoLang url.Parse method

* Backward compatibility with older Go compiler

* Add git reference name validation unit tests

* Remove unused variable in unit test

* Implement URL validation based on GoLang url.Parse method

* Backward compatibility with older Go compiler

* Add url validation unit tests
2017-04-19 11:02:20 +08:00
Jonas
54f0293f0a Mirror sync interval specified as duration string (#1407)
* Sync interval specifed as duration string

* Changed mirror interval text

* make fmt

* Add MinInterval for mirror sync

* Use duration internally

* Changed min default to 10m

* make fmt

* Incorrect default

* Removed defaults in MustDuration()

* Add Mirror interval migration

* Default values corrected

* Use transaction during migration

* Change http 500 to page with error message

* Cleanup session.commit()
2017-04-08 23:27:26 +08:00
Sandro Santilli
f73e734411 Run "make fmt" with go-1.6 (#1333) 2017-03-21 08:55:00 +08:00
Sandro Santilli
71d16f69ff Login via OpenID-2.0 (#618) 2017-03-17 15:16:08 +01:00
Ethan Koenig
021904e4e6 Fix typos in models/ and modules/ (#1248) 2017-03-15 08:52:01 +08:00
Bo-Yi Wu
28a5bc313a fix: gofmt errors. (#1106) 2017-03-03 16:21:31 +08:00
puffybsd
8de8e11487 Fixes 1019, install page SMTP user is required to (#1020)
to be an email address.

Signed-off-by: P.B. <puffybsd@yahoo.com>
2017-02-24 09:37:13 +08:00
Willem van Dreumel
01d957677f Oauth2 consumer (#679)
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)

* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)

* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
2017-02-22 08:14:37 +01:00
Denis Denisov
fd941db246 Protected branches system (#339)
* Protected branches system

* Moved default branch to branches section (`:org/:reponame/settings/branches`).
* Initial support Protected Branch.
  - Admin does not restrict
  - Owner not to limit
  - To write permission restrictions

* reformat tmpl

* finished the UI and add/delete protected branch response

* remove unused comment

* indent all the template files and remove ru translations since we use crowdin

* fix the push bug
2017-02-21 23:02:10 +08:00
Ethan Koenig
e86d935175 Avoid duplicate queries in auth (#827)
Avoid identical making calls to GetUserByID(..) in SignedInUser(..)
2017-02-05 21:10:46 +08:00
Bwko
634ac9c5af Update Website binding MaxSize to 255 (#722) 2017-01-25 15:23:20 +08:00
Andrew
6dd096b7f0 Two factor authentication support (#630)
* Initial commit for 2FA support

Signed-off-by: Andrew <write@imaginarycode.com>

* Add vendored files

* Add missing depends

* A few clean ups

* Added improvements, proper encryption

* Better encryption key

* Simplify "key" generation

* Make 2FA enrollment page more robust

* Fix typo

* Rename twofa/2FA to TwoFactor

* UNIQUE INDEX -> UNIQUE
2017-01-16 10:14:29 +08:00
Philip Couling
64375d875b Attach to release (#673)
* Moved attachaments POST url from /issues/attachments to /attachments

* Implemented attachment upload on release page

* Implemented downloading attachments on the release page

* Added zip and gzip files to default allowed attachments

* Implemented uploading attachments on edit release

* Renamed UploadIssueAttachment to UploadAttachment
2017-01-15 22:57:00 +08:00
derSuessmann
51d578ff33 Add Keep email private (see issue #571). (#571)
- Add site-wide option DEFAULT_KEEP_EMAIL_PRIVATE.
- Add the new option to the install and admin/config pages.
- Add the new option to app.ini in the service section.
- Add the new option to the settings struct.
- Add English text strings to i18n.
- Add field KeepEmailPrivate to user struct.
- Add field KeepEmailPrivate to user form.
- Add option to UI.
- Add using noreply email address if user has "Keep Email Private".
An email address <LowerName>@<NO_REPLY_ADDRESS> is now used in commit
messages (and hopefully all other git log relevant places). The
change relies on the fact that git commands should use
user.NetGitSig().
- Add hiding of email address in UI, if user has set "Keep Email Private".
- Add condition to show email address only on explore/users and user
pages, if user has not set "Keep Email Private".
- Add noreply email in API if set "Keep Email Private".
- Add a new service setting NO_REPLY_ADDRESS. The value of this
setting is used as the domain part for the user's email address in
git log, iff he decides to keep his email address private.
If the user decides to keep his email address private and this
option is not set 'noreply.example.org' is used, which no MTA
should send email to.

Add NO_REPLY_ADDRESS to conf/app.ini.
2017-01-08 11:12:03 +08:00
Schwobaland
c0904f1942 Restrict creating organisations by user (#193)
* restrict creating organizations based on right on user

* revert bindata.go

* reverse vendor lib

* revert goimports change

* set AllowCreateOrganization default value to true

* revert locale

* added default value for AllowCreateOrganization

* fix typo in migration-comment

* fix comment

* add coments in migration
2016-12-31 10:33:30 +08:00
Fabian Zaremba
2e7ccecfe6 Git LFS support v2 (#122)
* Import github.com/git-lfs/lfs-test-server as lfs module base

Imported commit is 3968aac269a77b73924649b9412ae03f7ccd3198

Removed:

Dockerfile CONTRIBUTING.md mgmt* script/ vendor/ kvlogger.go
.dockerignore .gitignore README.md

* Remove config, add JWT support from github.com/mgit-at/lfs-test-server

Imported commit f0cdcc5a01599c5a955dc1bbf683bb4acecdba83

* Add LFS settings

* Add LFS meta object model

* Add LFS routes and initialization

* Import github.com/dgrijalva/jwt-go into vendor/

* Adapt LFS module: handlers, routing, meta store

* Move LFS routes to /user/repo/info/lfs/*

* Add request header checks to LFS BatchHandler / PostHandler

* Implement LFS basic authentication

* Rework JWT secret generation / load

* Implement LFS SSH token authentication with JWT

Specification: https://github.com/github/git-lfs/tree/master/docs/api

* Integrate LFS settings into install process

* Remove LFS objects when repository is deleted

Only removes objects from content store when deleted repo is the only
referencing repository

* Make LFS module stateless

Fixes bug where LFS would not work after installation without
restarting Gitea

* Change 500 'Internal Server Error' to 400 'Bad Request'

* Change sql query to xorm call

* Remove unneeded type from LFS module

* Change internal imports to code.gitea.io/gitea/

* Add Gitea authors copyright

* Change basic auth realm to "gitea-lfs"

* Add unique indexes to LFS model

* Use xorm count function in LFS check on repository delete

* Return io.ReadCloser from content store and close after usage

* Add LFS info to runWeb()

* Export LFS content store base path

* LFS file download from UI

* Work around git-lfs client issue with unauthenticated requests

Returning a dummy Authorization header for unauthenticated requests
lets git-lfs client skip asking for auth credentials
See: https://github.com/github/git-lfs/issues/1088

* Fix unauthenticated UI downloads from public repositories

* Authentication check order, Finish LFS file view logic

* Ignore LFS hooks if installed for current OS user

Fixes Gitea UI actions for repositories tracking LFS files.
Checks for minimum needed git version by parsing the semantic version
string.

* Hide LFS metafile diff from commit view, marking as binary

* Show LFS notice if file in commit view is tracked

* Add notbefore/nbf JWT claim

* Correct lint suggestions - comments for structs and functions

- Add comments to LFS model
- Function comment for GetRandomBytesAsBase64
- LFS server function comments and lint variable suggestion

* Move secret generation code out of conditional

Ensures no LFS code may run with an empty secret

* Do not hand out JWT tokens if LFS server support is disabled
2016-12-26 09:16:37 +08:00
Denis Denisov
f0a989c1d0 Correction LDAP validation (#342)
* Correction LDAP username validation

As https://msdn.microsoft.com/en-us/library/aa366101(v=vs.85).aspx describe spaces should not be in start or at the end of username but they can be inside the username. So please check my solution for it.

* Check for zero length passwords in LDAP module.

According to https://tools.ietf.org/search/rfc4513#section-5.1.2 LDAP client should always check before bind whether a password is an empty value. There are at least one LDAP implementation which does not return error if you try to bind with DN set and empty password - AD.

* Clearing the login/email spaces at the [start/end]
2016-12-12 08:46:51 +08:00
Kim "BKC" Carlbäcker
e6cfccdd40 GitHub API Compliance (& linting) 2016-12-02 09:18:15 +01:00
Lunny Xiao
ec87a75c00 golint fixed for modules/auth 2016-11-27 21:39:06 +08:00
Bwko
2a449bd4b1 Fix typos 2016-11-21 20:08:21 +01:00
Thibault Meyer
ddee4c8b58
Normalize files with gofmt 2016-11-11 13:11:45 +01:00
Sandro Santilli
4247304f5a Update import paths from github.com/go-gitea to code.gitea.io (#135)
- Update import paths from github.com/go-gitea to code.gitea.io
- Fix import path for travis

See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
2016-11-10 17:24:48 +01:00
Sandro Santilli
864d1b1f9f Fix type in unused constant name (#111)
* Write LDAP, SMTP, PAM, DLDAP back to all uppercase

* Fix type in unused constant name

* Other MixCased fixes

* Complete MixerCasing of template constants

* Re uppercase LTS and LDAPS suffixes

* Uppercase JSON suffix in constant names

* Proper case LoginNoType

* Prefix unexported template path constants with "tpl"
2016-11-07 18:58:22 -02:00
Sandro Santilli
b7bf9dfd28 more 2016-11-07 17:55:31 +01:00
Sandro Santilli
05fd9d3f09 Security protocols 2016-11-07 17:38:43 +01:00
Matthias Loibl
1f44b01e2a Fix imports found by goimports. 2016-11-05 17:56:35 +01:00
Thomas Boerger
f960b776f0
Simply made go vet happy, fixed tags 2016-11-04 23:45:06 +01:00
Rémy Boulanouar
8dc49dc114 Implementation of the feature to redirect to an external issue tracker 2016-11-04 09:06:54 +01:00
Rémy Boulanouar
2d68bd1ef9 Change import reference to match gitea instead of gogs (#37) 2016-11-03 10:29:56 -02:00
Unknwon
643142acab Web editor: support upload files 2016-08-30 05:23:59 -07:00
Unknwon
28cf0e6aaa #3459 code quality improvement 2016-08-29 20:00:06 -07:00
Thibault Meyer
92fb30c526 Load a set of predefined labels (#3459)
* Can use a predefined set of labels

* Change UI

* Fix HTML file indentation

* Avoid reading file from other directory (security issue)

* Apply a better fix

* Remove not used variable

* Merge upstream/develop

* Do modifications

* Raname

* remove binding + rename variable
2016-08-29 19:02:49 -07:00
Unknwon
0114fdcba4 Web editor: improve delete file process 2016-08-28 01:41:44 -07:00
Unknwon
f8a48ffaad Web editor: improve code quality 2016-08-24 21:35:03 -07:00
Unknwon
4042d1f0c3 models/issue: improve quality and performance of NewIssue function 2016-08-15 18:40:32 -07:00
Richard Mahn
d0a0239bac Squashed commit of the following:
commit 0afcb843d7ffd596991c4885cab768273a6eb42c
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Sun Jul 31 17:13:29 2016 -0600

    Removed Upload stats as the upload table is just a temporary table

commit 7ecd73ff5535612d79d471409173ee7f1fcfa157
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Sun Jul 31 08:42:41 2016 -0600

    Fix for CodeMirror mode

commit c29b9ab531e2e7af0fb5db24dc17e51027dd1174
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Sun Jul 31 08:03:33 2016 -0600

    Made tabbing in editor use spaces

commit 23af384c53206a8a40e11e45bf49d7a149c4adcd
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Sun Jul 31 07:56:46 2016 -0600

    Fix for data-url

commit cfb8a97591cb6fc0a92e49563b7b764c524db0e9
Merge: 7fc8a89 991ce42
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Sun Jul 31 07:42:53 2016 -0600

    Merge remote-tracking branch 'gogits/develop' into feature-create-and-edit-repo-file

    Conflicts:
    	modules/bindata/bindata.go
    	public/js/gogs.js

commit 7fc8a89cb495478225b02d613e647f99a1489634
Merge: fd3d86c c03d040
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Sun Jul 31 07:40:00 2016 -0600

    Merge branch 'feature-create-and-edit-repo-file' of github.com:richmahn/gogs into feature-create-and-edit-repo-file

commit fd3d86ca6bbc02cfda566a504ffd6b03db4f75ef
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Sun Jul 31 07:39:44 2016 -0600

    Code cleanup

commit c03d0401c1049eeeccc32ab1f9c3303c130be5ee
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Fri Jul 29 15:38:23 2016 -0600

    Code cleanup

commit 98e1206ccf9f9a4503c020e3a7830cf9f861dfae
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Thu Jul 28 18:36:01 2016 -0600

    Code cleanup and fixes

commit c2895dc742f25f8412879c9fa15e18f27f42f194
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Thu Jul 28 18:24:04 2016 -0600

    Fixes per Unknwon's requests

commit 6aa7e46b21ad4c96e562daa2eac26a8fb408f8ef
Merge: 889e9fa ad7ea88
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Thu Jul 28 17:13:43 2016 -0600

    Merge remote-tracking branch 'gogits/develop' into feature-create-and-edit-repo-file

    Conflicts:
    	modules/bindata/bindata.go
    	modules/setting/setting.go

commit 889e9faf1bd8559a4979c8f46005d488c1a234d4
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Fri Jul 22 14:09:18 2016 -0600

    Fix in gogs.js

commit 47603edf223f147b114be65f3bd27bc1e88827a5
Merge: bb57912 cf85e9e
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Fri Jul 22 14:07:36 2016 -0600

    Merge remote-tracking branch 'gogits/develop' into feature-create-and-edit-repo-file

    Conflicts:
    	modules/bindata/bindata.go
    	public/js/gogs.js

commit bb5791255867a71c11a77b639db050ad09c597a4
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Fri Jul 22 14:02:18 2016 -0600

    Update for using CodeMirror mode addon

commit d10d128c51039be19e2af9c66c63db66a9f2ec6d
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Tue Jul 19 16:12:57 2016 -0600

    Update for Edit

commit 34a34982025144e3225e389f7849eb6273c1d576
Merge: fa1b752 1c7dcdd
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Tue Jul 19 11:52:02 2016 -0600

    Merge remote-tracking branch 'gogits/develop' into feature-create-and-edit-repo-file

    Conflicts:
    	modules/bindata/bindata.go

commit fa1b752be29cd455c5184ddac2ffe80b3489763e
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Fri Jul 15 18:35:42 2016 -0600

    Feature for editing, creating, uploading and deleting files
2016-08-14 23:52:24 -07:00
Unknwon
3f7f4852ef #2246 fully support of webhooks for pull request 2016-08-14 03:32:24 -07:00
Sandro Santilli
90dd0657b5 Add support for federated avatars (#3320)
* Add support for federated avatars

Fixes #3105

Removes avatar fetching duplication code
Adds an "Enable Federated Avatar" checkbox in user settings
(defaults to unchecked)

Moves avatar settings all in the same form, making
local and remote avatars mutually exclusive

Renames UploadAvatarForm to AvatarForm
as it's not anymore only for uploading

* Run gofmt on all modified files

* Move Avatar form in its own page

* Add go-libravatar dependency to vendor/ dir

Hopefully helps with accepting the contribution.
See also #3214

* Revert "Add go-libravatar dependency to vendor/ dir"

This reverts commit a8cb93ae640bbb90f7d25012fc257bda9fae9b82.

* Make federated avatar setting a global configuration

Removes the per-user setting

* Move avatar handling back to base tool, disable federated avatar in offline mode

* Format, handle error

* Properly set fallback host

* Use unsupported github.com mirror for importing go-libravatar

* Remove comment showing life exists outside of github.com

... pity, but contribution would not be accepted otherwise

* Use Combo for Get and Post methods over /avatar

* FEDERATED_AVATAR -> ENABLE_FEDERATED_AVATAR

* Fix persistance of federated avatar lookup checkbox at install time

* Federated Avatars -> Enable Federated Avatars

* Use len(string) == 0 instead of string == ""

* Move import line where it belong

See
https://github.com/Unknwon/go-code-convention/blob/master/en-US/import_packages.md

Pity the import url is still the unofficial one, but oh well...

* Save a line (and waste much more expensive time)

* Remove redundant parens

* Remove an empty line

* Remove empty lines

* Reorder lines to make diff smaller

* Remove another newline

Unknwon review got me start a fight against newlines

* Move DISABLE_GRAVATAR and ENABLE_FEDERATED_AVATAR after OFFLINE_MODE

On re-reading the diff I figured what Unknwon meant here:
https://github.com/gogits/gogs/pull/3320/files#r73741106

* Remove newlines that weren't there before my intervention
2016-08-07 10:27:38 -07:00
Unknwon
e3d3d424b2 Minor fix for go vet 2016-07-16 15:15:00 +08:00
Unknwon
c083d76567 #2937 able to prohibit user login 2016-07-16 10:22:16 +08:00
Unknwon
a752f09055 #2709 validate username attribute fetched from LDAP 2016-07-12 07:07:57 +08:00
Pablo Saavedra
98b152030d The pruning for the synchronized mirrors is a option now. Default value: enable_prune = true (#3246)
Executed go fmt

getEngine() not handles DB parameters (#2972) (#2974)

Uses .AllCols() for Update in updateMirror()

Spanish traslation removed

Fixed a wrong way to ommit the --prune option in process.ExecDir() for MirrorUpdate function
2016-07-09 13:22:28 +08:00
Unknwon
401bf944ef Use SecurityProtocol to replace UseSSL in LDAP config
Initially proposed by #2376 and fixes #3068 as well.
2016-07-08 07:25:09 +08:00
Franz Schmidt
8b35c194ec Fixes #3110 (#3136) 2016-06-27 17:02:39 +08:00
Paul Tötterman
fb970b9d87 Add ServerName to tls.Config in LDAP auth (#3104)
From https://godoc.org/crypto/tls#Config

    ServerName is used to verify the hostname on the returned
    certificates unless InsecureSkipVerify is given. It is also included
    in the client's handshake to support virtual hosting unless it is
    an IP address.

This is needed for certificate validation without InsecureSkipVerify.
2016-06-01 01:11:28 -07:00
Cosmin Stroe
ba314a7a36 Support alphanumeric issue style (ABC-1234) for external issue tracker (#2992) 2016-04-22 18:28:08 -04:00
Unknwon
ac78bae7b5 Replace uuid module with original package 2016-02-20 18:13:12 -05:00
Unknwon
926e75d721 #2334 strip whitespace for migrate URL
Also fix a possible race condition while install
2016-02-20 17:32:34 -05:00
Adam Strzelecki
5649556a33 LDAP: Make a bit more detailed log traces
This is useful especially to check whether we fetch right attributes, using
right LDAP search base and in right order.
2016-02-20 14:12:32 +01:00
Adam Strzelecki
834d92a47b LDAP: Fetch attributes in Bind DN context option
This is feature is workaround for #2628 (JumpCloud) and some other services
that allow LDAP search only under BindDN user account, but not allow any LDAP
search query in logged user DN context.

Such approach is an alternative to minimal permissions security pattern for
BindDN user.
2016-02-20 14:12:32 +01:00
Adam Strzelecki
e2f95c2845 LDAP: Use single connection in BindDN mode auth
According to RFC 4511 4.2.1. Processing of the Bind Request "Clients may send
multiple Bind requests to change the authentication and/or security
associations or to complete a multi-stage Bind process. Authentication from
earlier binds is subsequently ignored."

Therefore we should not use 2 connections, but single one just sending two bind
requests.
2016-02-20 14:01:47 +01:00
Josh Frye
8ab5399e83 Make log path required 2016-02-12 10:10:02 -05:00
Josh Frye
a3e8c32a30 Add install option for log path 2016-02-12 09:19:45 -05:00
Adam Strzelecki
3808638df1 Fix #2221 LDAP username attribute must be fetched
This is fix-up for 573305f. Forgot to fetch AttributeUsername value from the
LDAP server, so the setting was effectively not working as intended.
2016-02-07 18:18:29 +01:00
Florian Kaiser
abc5abce30 Allow modification of a release if Content is empty (fix #2516) 2016-01-30 13:39:02 +00:00
Unknwon
112a7cab31 #2497 incorrect error handle for team name 2016-01-29 17:06:14 -05:00
zhuharev
0d5dc8a064 typo fix 2016-01-06 22:41:42 +03:00
Unknwon
59c965a5ec #2156 admin able to edit organization max repo creation 2015-12-11 19:24:57 -05:00
Unknwon
477b4d3b50 #2154 fix form submit error 2015-12-11 18:52:28 -05:00
Unknwon
d0b0d24f22 #2154 disable change user for non-local users
- #2153 remove require for gravatar
2015-12-11 15:31:02 -05:00
Unknwon
40f3142264 #2114 External URL for wiki 2015-12-11 04:55:08 -05:00
Unknwon
2a0bb1fa90 #1575 Limit repo creation 2015-12-10 12:37:53 -05:00
Unknwon
b8d48bdb62 #2037 Add "New Mirror" button on Dashboard 2015-12-09 11:24:56 -05:00
Unknwon
120cd4e471 #1984 Better mirror repo management 2015-12-08 20:06:12 -05:00
Alex Myasoedov
ae54d878c0 Fix misspelled words 2015-12-06 16:42:23 +02:00
Unknwon
978dc00305 APIs: admin users 2015-12-05 17:13:13 -05:00
Unknwon
e538ff2770 fix #1829 and fix #890 2015-12-04 21:30:33 -05:00
Unknwon
56dd430a10 refactor API routes and some work for #976 2015-12-04 17:16:42 -05:00
Adam Strzelecki
573305f3d3 LDAP: Optional user name attribute specification
Consider following LDAP search query example:

    (&(objectClass=Person)(|(uid=%s)(mail=%s)))

Right now on first login attempt Gogs will use the text supplied on login form
as the newly created user name. In example query above the text matches against
both e-mail or user name. So if user puts the e-mail then the new Gogs user
name will be e-mail which may be undesired.

Using optional user name attribute setting we can explicitly say we want Gogs
user name to be certain LDAP attribute eg. `uid`, so even user will use e-mail
to login 1st time, the new account will receive correct user name.
2015-12-02 00:20:14 +01:00
Unknwon
dcb391d341 Merge branch 'feature/wiki' into develop 2015-11-30 20:46:19 -05:00
Unknwon
e42fcb033d wiki: finish edit 2015-11-27 01:50:38 -05:00
Unknwon
392f3ee210 wiki: finish new 2015-11-27 00:24:24 -05:00
Unknwon
c50a3503e6 introduce git-shell 2015-11-26 17:33:45 -05:00
Unknwon
aaa3f1b2b9 Use better LDAP lib and should fix #1139 2015-11-26 14:04:58 -05:00
Unknwon
f04d773f4f UI: long organization name in create repository owner list 2015-11-18 17:42:20 -05:00
Unknwon
18de67380c fix #1958 2015-11-15 23:52:46 -05:00
Unknwon
f255b1e86d #1896 fatal when no needed update task 2015-11-04 21:57:10 -05:00
Unknwon
6f0a41b8b2 #1511 Allow local import only for admin users 2015-11-03 18:40:52 -05:00
无闻
91c9069c4d Merge pull request #1862 from nathan7/fix-private
Fix the JSON field names for MigrateRepoForm
2015-10-31 11:14:38 -04:00
Nathan Zadoks
f1aa4c0524 Fix the JSON field names for MigrateRepoForm
For some reason, the field names for Private and Mirror got swapped.
2015-10-30 02:44:45 +01:00
Unknwon
073da3c49d #470 fix max length of email 2015-10-29 21:12:41 -04:00
Unknwon
7d72c8333e work on #470 and fix miror JS issue when choose targets on compare and pull 2015-10-29 21:09:48 -04:00
Sergio Benitez
630ebbe6c2 Sanitizing input to LDAP authentication module. 2015-10-26 18:08:59 -07:00
Unknwon
932dbccb67 fix import path, fix #1782 2015-10-15 21:28:12 -04:00
Unknwon
21e13cb51e #1525 Triggere mailer for admin created accounts 2015-09-25 19:45:44 -04:00
Unknwon
6a1907d994 revert simple LDAP userDN and update example 2015-09-16 12:15:14 -04:00
Unknwon
e4ecbcdf4a new sign in page 2015-09-14 22:50:44 -04:00
Unknwon
f5c7f22cc8 #1637 able to skip verify for LDAP 2015-09-14 15:48:51 -04:00
Unknwon
2bc3e83e1c fix simple LDAP userDN 2015-09-14 12:24:37 -04:00
Unknwon
5f1183cecf #697 add install option 2015-09-13 12:14:32 -04:00
Unknwon
83e747bfda #697 and #1606 and new admin edit user UI 2015-09-13 11:07:21 -04:00
Unknwon
e5ed5904c6 #1606 GUI bug while adding ldap user 2015-09-13 10:05:18 -04:00
Unknwon
8e0a69f86a #697 disable captcha and new admin create user UI 2015-09-13 09:51:51 -04:00
Unknwon
cd37fccdfb #1625 remove auto_register and makes it default 2015-09-12 20:58:51 -04:00
Unknwon
362d64df04 #1620 add allowed domains for SMTP auth 2015-09-11 13:32:33 -04:00
Unknwon
121a81a2c5 finish new edit auth UI 2015-09-11 12:03:08 -04:00
Unknwon
0617448282 finish new add auth UI 2015-09-10 17:11:41 -04:00
Unknwon
cbd6276200 Merge branch 'develop' of https://github.com/SergioBenitez/gogs into develop
# Conflicts:
#	modules/bindata/bindata.go
2015-09-10 14:55:29 -04:00
Unknwon
52ec80fa18 finish all new user settings UI 2015-09-10 11:40:34 -04:00
Sergio Benitez
964d0262ff Merged conflicts. 2015-09-09 13:44:51 -07:00
Unknwon
cc83043edc minor fix on template 2015-09-07 14:02:09 -04:00
Unknwon
85f34ba538 new user profile settings UI
Signed-off-by: Unknwon <u@gogs.io>
2015-09-06 16:31:22 -04:00
Unknwon
edc99bc8a4 new org options UI 2015-09-06 10:56:31 -04:00
Unknwon
80701d45bb #1193 Make organization emails non-mandatory 2015-09-06 10:08:14 -04:00
Sergio Benitez
079a2d68db Minor fixes to the LDAP module readme 2015-09-05 15:26:31 -07:00
Sergio Benitez
0f07a5cb84 Updated the LDAP auth module README. 2015-09-04 21:14:20 -07:00
Sergio Benitez
aa9c36514f Merged conflicts. 2015-09-04 20:49:07 -07:00
Sergio Benitez
2d1db4bf05 Added LDAP simple auth support. 2015-09-04 20:48:34 -07:00
Unknwon
07fe846c9f #1579 change e-mail max length to 254 2015-09-04 10:59:34 -04:00
Unknwon
38eb000d13 work on #1570 2015-09-03 08:09:08 -04:00
Unknwon
7ec991326d fix migrate api 2015-09-03 06:48:52 -04:00
Unknwon
e5b105e513 fix migrate API 2015-09-03 06:17:33 -04:00
Unknwon
65e73c4ac6 support URL param to token, but still restrict to APIs 2015-09-02 02:45:01 -04:00
Unknwon
2ac8e11f46 #842 able to use access token replace basic auth 2015-09-02 02:40:15 -04:00
Unknwon
f1adbca0f1 #1554 check adminFilter length before LDAP search 2015-09-01 08:40:11 -04:00
Unknwon
c6b039c6f9 new repo options UI 2015-08-30 03:21:59 +08:00
Unknwon
302938e646 #1333 Disable Gravatar option when install 2015-08-30 00:22:26 +08:00
Unknwon
ea454c21f7 #1542 A way to skip TLS verify for SMTP authentication 2015-08-29 15:45:58 +08:00
Unknwon
55ddf225bb webhook APIs 2015-08-29 11:49:59 +08:00
Unknwon
f509c59ac1 new create webhook event 2015-08-28 23:36:13 +08:00
Unknwon
bb3b90fcd6 #1487 Readme Template 2015-08-28 18:33:09 +08:00
Unknwon
46bee50e45 complate list of gitignores and licenses 2015-08-28 16:44:04 +08:00
Unknwon
c08600c59b new edit webhook UI 2015-08-27 01:04:23 +08:00
Unknwon
4217c2333c new create webhook UI 2015-08-27 00:30:06 +08:00
Unknwon
bd1d7d1509 Able to set SSH port when install, update Docker docs 2015-08-19 20:36:19 +08:00
Girish Ramakrishnan
24d7a86a8d Set IsAdmin using LDAP
The IsAdmin flag is set based on whether the admin filter
returned any result. The admin filter is applied with the user dn
as the search root.

In the future, we should update IsAdmin as well on each login.
Alternately, we can have a periodic sync operation.
2015-08-18 23:49:12 -07:00
Unknwon
03b85b73af token recent activity 2015-08-19 06:22:33 +08:00
Unknwon
4c7b6414eb new access token UI 2015-08-19 03:36:16 +08:00
Unknwon
6235bd1fe9 work on #986 and fix a LDAP crash 2015-08-18 04:03:11 +08:00
Unknwon
71fd10dd37 change minimum password length to 1 2015-08-18 02:30:33 +08:00
Unknwon
407385db7e work on #1493 2015-08-17 17:05:37 +08:00
Sergio Benitez
bb8e763ede Small style fixes to the LDAP module README 2015-08-16 17:29:56 -07:00
Unknwon
55ccb00a47 Merge branch 'develop' of https://github.com/SergioBenitez/gogs into develop
# Conflicts:
#	modules/bindata/bindata.go
2015-08-16 14:31:54 +08:00
Unknwon
1fb53067f4 finish close/reopen issue 2015-08-13 23:21:43 +08:00
Unknwon
133b19d0c5 finish view comments on issue page 2015-08-13 16:07:11 +08:00
Sergio Benitez
f8a4ab25fd Updated the LDAP module readme. 2015-08-12 17:08:16 -07:00
Sergio Benitez
7d84d4a8f0 Significantly enhanced LDAP support in Gogs. 2015-08-12 17:01:22 -07:00
Unknwon
34f6cbfc2a finish attachments when create issue 2015-08-11 23:24:40 +08:00
Unknwon
922f3f3062 finish create issue with labels 2015-08-10 16:52:08 +08:00
Unknwon
590c464c56 UI: create issue with title and content 2015-08-09 15:23:02 +08:00
Unknwon
dea3a8c6a4 WIP: create PR - choose branch 2015-08-08 22:43:14 +08:00
Unknwon
39a3b768bc #334: Add Deployment Key Support 2015-08-06 22:48:11 +08:00
Unknwon
2c507667bf Merge branch 'develop' of github.com:gogits/gogs into feature/milestone
# Conflicts:
#	gogs.go
#	models/issue.go
#	templates/.VERSION
2015-08-05 20:26:00 +08:00
Unknwon
3e4cdccf6b milestone: create page 2015-08-05 15:24:26 +08:00
Unknwon
e50982f5ec allow anonymous SSH clone 2015-08-05 11:14:17 +08:00
Unknwon
487fc8ca39 fix #1439 2015-08-05 10:16:21 +08:00
Unknwon
54b58e988d Merge branch 'develop' of github.com:gogits/gogs into feature/page_issues 2015-07-25 00:49:40 +08:00
Unknwon
70d44e9565 Merge branch 'master' of github.com:gogits/gogs into develop 2015-07-25 00:48:42 +08:00
无闻
d86c4841fa Merge pull request #1309 from stettberger/master
settings/password: no minimal required characters for OldPassword
2015-07-25 00:45:53 +08:00
无闻
91ab2538c3 Merge pull request #1244 from jamesa/develop
Add full name field to admin's user edit page (fixes #1130)
2015-07-25 00:39:16 +08:00