Commit Graph

1767 Commits

Author SHA1 Message Date
Aleksandr Bulyshchenko
ee878e3951 Support secure cookie for csrf-token (#3839)
* dep: Update github.com/go-macaron/csrf

Update github.com/go-macaron/csrf with dep to revision 503617c6b372
to fix issue of csrf-token security.

This update includes following commits:
- Add support for the Cookie HttpOnly flag
- Support secure mode for csrf cookie

Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>

* routers: set csrf-token security depending on COOKIE_SECURE

Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>
2018-05-22 02:09:48 +03:00
David Schneiderbauer
31067c0a89 remove collaborative repositories from search on user profiles (#3996)
* remove collaborative repositories from search on user profiles

* rename 'My Repositories' to 'Repositories'
2018-05-21 23:07:34 +03:00
Lunny Xiao
6bdc556b7f
Fix some webhooks bugs (#3981)
* fix some webhooks bugs

* update vendor

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* fix test

* fix clearlabels

* fix pullrequest webhook bug fix #3492

* update release webhook description

* remove unused code

* fix push webhook in pull request

* small changes
2018-05-21 10:28:29 +08:00
Jonas Franz
951309f76a Add support for FIDO U2F (#3971)
* Add support for U2F

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add vendor library
Add missing translations

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Minor improvements

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library
Add U2F error handling

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F login page to OAuth

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Move U2F user settings to a separate file

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add unit tests for u2f model
Renamed u2f table name

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix problems caused by refactoring

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F documentation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Remove not needed console.log-s

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add default values to app.ini.sample
Add FIDO U2F to comparison

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-05-19 17:12:37 +03:00
David Schneiderbauer
44754774f1 Re-enable random avatar feature (#3988)
* reenable random avatar feature

* replace Size check by Filename check
2018-05-19 21:22:09 +08:00
David Schneiderbauer
2aabfc1afa Splitted the user settings code into several files to be more maintainable (#3968)
* refactor setting router code

splitted up one huge router settings file into the smaller files
representing the actual page structure

* move code to subfolder

* rename functions

* renamed files

* add copyright information
2018-05-17 12:05:00 +08:00
Lunny Xiao
24941a1046
Add more webhooks support and refactor webhook templates directory (#3929)
* add more webhook support

* move hooks templates to standalone dir and add more webhooks ui

* fix tests

* update vendor checksum

* add more webhook support

* move hooks templates to standalone dir and add more webhooks ui

* fix tests

* update vendor checksum

* update vendor

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* load attributes when created release

* update comparsion doc
2018-05-16 22:01:55 +08:00
David Schneiderbauer
099372d76c Refactor User Settings (#3900)
* moved avatar to profile page

* combined password change, email and account deletion into account settings page

* combined totp, access tokens, linked accounts and openid into security settings page

* move access tokens to applications settings page

* small change to restart drone build

* fix change avatar url on profile page

* redirect old settings urls to new ones

* enforce only one autofocus attribute on settings pages

* set correct redirect status code

* fmt fix
2018-05-15 13:07:32 +03:00
FabioFortini
1546458f7d issue-2768: added new option allow_only_external_registration (#3910) 2018-05-13 15:51:16 +08:00
Lunny Xiao
c14870c5ac
fix blank topic (#3948) 2018-05-11 16:15:18 +08:00
kolaente
95f2e2b57b Multiple assignees (#3705) 2018-05-09 19:29:04 +03:00
David Schneiderbauer
ea01decb6b fix wrong issue endpoints in swagger doc (#3914) 2018-05-08 14:05:18 +08:00
Lauris BH
501fb228e6
Add option to use paged LDAP search when synchronizing users (#3895) 2018-05-05 17:30:47 +03:00
kolaente
1fdf560678 Added user language setting (#3875)
* Added user language setting

* Added translation string for setting

* Fixed import order + typo

* improved checking if the user has a language saved in the db

* The current saved language is now set a default inside the dropdown

* fmt

* When a user signs in and doesn't have a language saved, the current browser language is saved

* updated gitea-sdk

* Merge branch 'master' of https://github.com/go-gitea/gitea into save-user-language

# Conflicts:
#	models/migrations/migrations.go
#	models/migrations/v62.go

* Made tests work again

* trigger CI

* trigger CI

* fmt

* re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO

* re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO

* When loggin in, only the language col gets updated instead of everything
2018-05-05 08:28:30 +08:00
Lauris BH
1e1ece8f3d
Do not allow to reuse TOTP passcode (#3878) 2018-05-02 18:02:02 +03:00
kolaente
1a97030017 Issue due date (#3794)
* Started adding deadline to ui

* Implemented basic issue due date managing

* Improved UI for due date managing

* Added at least write access to the repo in order to modify issue due dates

* Ui improvements

* Added issue comments creation when adding/modifying/removing a due date

* Show due date in issue list

* Added api support for issue due dates

* Fixed lint suggestions

* Added deadline to sdk

* Updated css

* Added support for adding/modifiying deadlines for pull requests via api

* Fixed comments not created when updating or removing a deadline

* update sdk (will do properly once go-gitea/go-sdk#103 is merged)

* enhanced updateIssueDeadline

* Removed unnessecary Issue.DeadlineString

* UI improvements

* Small improvments to comment creation
+ ui & validation improvements

* Check if an issue is overdue is now a seperate function

* Updated go-sdk with govendor as it was merged

* Simplified isOverdue method

* removed unessecary deadline to 0 set

* Update swagger definitions

* Added missing return

* Added an explanary comment

* Improved updateIssueDeadline method so it'll only update `deadline_unix`

* Small changes and improvements
* no need to explicitly load the issue when updating a deadline, just use whats already there
* small optimisations

* Added check if a deadline was modified before updating it

* Moved comment creating logic into its own function

* Code cleanup for creating deadline comment

* locale improvement

* When modifying a deadline, the old deadline is saved with the comment

* small improvments to xorm session handling when updating an issue deadline
+ style nitpicks

* style nitpicks

* Moved checking for if the user has write acces to middleware
2018-05-01 22:05:28 +03:00
Lauris BH
181b3a8f09 Fix path cleanup in multiple places (#3871) 2018-05-01 09:46:04 +08:00
Ethan Koenig
7ea4bfc561 API endpoint for testing webhook (#3550)
* API endpoint for testing webhook

* Empty commit to rerun CI
2018-04-29 14:21:33 +08:00
Lauris BH
5a62eb30df
Store OAuth2 session data in database (#3660)
* Store OAuth2 session data in database

* Rename table to `oauth2_session` and do not skip xormstorage initialization error
2018-04-29 09:09:24 +03:00
Jonas Franz
8d5f58d834 Shows total tracked time in issue and milestone list (#3341)
* Show total tracked time in issue and milestone list
Show total tracked time at issue page

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Optimizing TotalTimes by using SumInt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fixing wrong total times for milestones caused by a missing JOIN
Adding unit tests for total times

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Logging error instead of ignoring it

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Correcting spelling mistakes

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Change error message to a short version

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add error handling to TotalTimes
Add variable for totalTimes

Signed-off-by: Jonas Franz <info@jonasfranz.de>

* Introduce TotalTrackedTimes as variable of issue
Load TotalTrackedTimes by loading attributes of IssueList
Load TotalTrackedTimes by loading attributes of single issue
Add Sec2Time as helper to use it in templates

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fixed test + gofmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Load TotalTrackedTimes via MilestoneList instead of single requests

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add documentation for MilestoneList

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add documentation for MilestoneList

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix test

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Change comment from SQL query to description

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix unit test by using int64 instead of int

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix unit test by using int64 instead of int

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Check if timetracker is enabled

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix test by enabling timetracking

Signed-off-by: Jonas Franz <info@jonasfranz.de>
2018-04-29 13:58:47 +08:00
Morgan Bazalgette
e3028d124f don't reset team/repo count when updating team via API (#3831)
fixes #3600
2018-04-29 13:22:57 +08:00
Lunny Xiao
bec69f702b
Add topic support (#3711)
* add topic models and unit tests

* fix comments

* fix comment

* add the UI to show or add topics for a repo

* show topics on repositories list

* fix test

* don't show manage topics link when no permission

* use green basic as topic label

* fix topic label color

* remove trace content

* remove debug function
2018-04-11 10:51:44 +08:00
Lunny Xiao
45d1fc03cb
fix go vet error (#3740) 2018-03-30 07:21:27 +08:00
Bo-Yi Wu
1c5cbc390b refactor: import order. (#3736) 2018-03-29 21:32:40 +08:00
Lauris BH
ab5cc6f3a9 Correctly check http git access rights for reverse proxy authorized users (#3721) 2018-03-29 09:39:51 +08:00
Allen Wild
15c6bb500b Add repository setting to enable/disable health checks (#3607)
New Feature:
  * Repository struct field for IsFsckEnabled (default true of course)
  * Admin Settings section on repo options page, accessible only by
    admin users

Possible Enhancements:
  * There's no way to force running health checks on all repos
    regardless of their IsFsckEnabled setting. This would be useful if
    there were an admin API or dashboard button to run fsck immediately.

Issue: https://github.com/go-gitea/gitea/issues/1712
Signed-off-by: Allen Wild <allenwild93@gmail.com>
2018-03-27 22:13:20 +08:00
Chri-s
9350ba7947 Add protected branch whitelists for merging (#3689)
* Add database migrations for merge whitelist

* Add merge whitelist settings for protected branches

* Add checks for merge whitelists
2018-03-25 13:01:32 +03:00
Chri-s
e64aa18dc9 Change protected branch settings title to existing locale entry (#3694) 2018-03-21 20:12:49 +02:00
Alex Ward
4ebdcbc5df Fix style of "In your repositories" when selected (#3699)
Signed-off-by: Alex Ward <alxwrd@googlemail.com>
2018-03-20 23:39:14 +02:00
Lunny Xiao
9e5d0a09eb
Global code search support (#3664)
* add global code search on explore

* fix bug when no anyone public repos

* change the icon

* fix typo and add UnitTypeCode check for login non-admin user

* fix ui description when no match
2018-03-16 22:04:33 +08:00
Lauris BH
7b2b900e13 Refactor and simplify redirect to url (#3674) 2018-03-15 22:13:34 +01:00
Chri-s
a2a49c93c7 Added checks for protected branches in pull requests (#3544)
* Added checks for protected branches in pull requests

Signed-off-by: Christian Wulff <NChris@posteo.net>

* Moved check for protected branch into new function CheckUserAllowedToMerge

Signed-off-by: Christian Wulff <NChris@posteo.net>

* Removed merge conflict lines from last commit

Signed-off-by: Christian Wulff <NChris@posteo.net>

* Explicit check for error type in ViewIssue

Signed-off-by: Christian Wulff <NChris@posteo.net>
2018-03-13 11:46:14 +08:00
Lauris BH
c0d41b1b77 Add label descriptions (#3662)
* Add label descriptions

* Add default descriptions to label template
2018-03-13 10:03:55 +08:00
kolaente
1a83581121 Added issue search via api (#3612)
* Started implementing issue api search

* Implemented issue search via api

* Added search to swagger.json

* Removed todo

* fmt

* Added comment to generate swagger json via "generate-swagger"

* Simplified search

* fmt

* Removed unessecary comment

* Removed unessecary declaration of the issues-variable

* Removed unessecary comment

* Removed unessecary comment

* Added explanation keyword

* Simplified check for empty keyword

* corrected check if keyword is empty
2018-03-07 12:00:56 +02:00
Jonas Franz
9a5e628a7e Add Attachment API (#3478)
* Add Attachment API
* repos/:owner/:repo/releases (add attachments)
* repos/:owner/:repo/releases/:id (add attachments)
* repos/:owner/:repo/releases/:id/attachments
* repos/:owner/:repo/releases/:id/attachments/:attachment_id

Signed-off-by: Jonas Franz <info@jonasfranz.de>

* Add unit tests for new attachment functions
Fix comments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* fix lint

* Update vendor.json

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* remove version of sdk

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix unit tests
Add missing license header

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add CreateReleaseAttachment
Add EditReleaseAttachment
Add DeleteReleaseAttachment

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add filename query parameter for choosing another name for an attachment

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix order of imports

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Restricting updatable attachment columns

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* gofmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update go-sdk
Replace Attachments with Assets

Signed-off-by: Jonas Franz <info@jonasfranz.de>

* Update go-sdk

Signed-off-by: Jonas Franz <info@jonasfranz.de>

* Updating go-sdk and regenerating swagger

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add missing file of go-sdk

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Change origin of code.gitea.io/sdk to code.gitea.io/sdk
Update code.gitea.io/sdk

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update swagger

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update updateAttachment
2018-03-06 09:22:16 +08:00
Mahmoud Al-Qudsi
171914e9a7 Log attachment blocked events (#3615)
Include both a log entry and the blocked mime type in the gitea log when
an attachment upload is blocked.

Chosen log level is info; this may need to be dialed down to trace.
2018-03-05 08:51:10 +08:00
Allen Wild
8606d9f5bc Add admin dashboard option to run health checks (#3606)
There's one for git gc, why not git fsck too?

Also add a couple more trace logs to GitFsck to see progress
2018-03-02 11:09:43 +02:00
Morgan Bazalgette
535445c32e Rework special link parsing in the post-processing of markup (#3354)
* Get rid of autolink

* autolink in markdown

* Replace email addresses with mailto links

* better handling of links

* Remove autolink.js from footer

* Refactor entire html.go

* fix some bugs

* Make tests green, move what we can to html_internal_test, various other changes to processor logic

* Make markdown tests work again

This is just a description to allow me to force push in order to restart
the drone build.

* Fix failing markdown tests in routers/api/v1/misc

* Add license headers, log errors, future-proof <body>

* fix formatting
2018-02-27 09:09:18 +02:00
bugreport0
521945a2d2 Fix missing translations when updating username. (#3564)
* Fix missing translations when updating username.

* Fix reserved username translated string test.

* Fix 'username reserved' string test a bit more.
2018-02-25 15:56:25 +02:00
Bo-Yi Wu
04b3e8cbdc
refactor: reduce sql query in retrieveFeeds (#3547) 2018-02-21 18:55:34 +08:00
Ethan Koenig
7b104f0cd0 Populate URL field of API commits (#3546)
* Populate URL field of API commits

* fix orgmode_test
2018-02-20 20:50:42 +08:00
Codruț Constantin Gușoi
96c268c0fc Implements generator cli for secrets (#3531)
Signed-off-by: Codruț Constantin Gușoi <codrut.gusoi@gmail.com>
2018-02-18 20:14:37 +02:00
Piotr Orzechowski
b104ab3ca1 Add option to enable or disable swagger endpoints (#3502) 2018-02-14 06:46:00 +02:00
Ethan Koenig
4c9d9c221a Improve wiki test (#3493) 2018-02-13 11:19:49 +02:00
Lauris BH
283e87d814
Fix rendering of wiki page list if wiki repo contains other files (#3454)
* Fix rendering of wiki page list if wiki repo contains other files

* Improve wiki filename tests
2018-02-05 16:56:30 +02:00
Morgan Bazalgette
17655cdf1b Enable caching on assets and avatars (#3376)
* Enable caching on assets and avatars

Fixes #3323

* Only set avatar in user BeforeUpdate when there is no avatar set

* add error checking after stat

* gofmt

* Change cache time for avatars to an hour
2018-02-04 00:37:05 +02:00
Lauris BH
ca4f5c37e6
Fix branch deletion for squash or rebase merged pull requests (#3425) 2018-01-30 14:29:39 +02:00
Lauris BH
ca306985d3
Change how merged PR commit info are prepared (#3368)
* Change how merged PR commits and diff are made

* Update code.gitea.io/git dependency

* Fix typo

* Remove unneeded local variable
2018-01-19 08:18:51 +02:00
Marc Brückner
695b10bedd Fix API-Endpoint release (#3012)
* Fixes API-Endpoint release (#3005)

* Using context.ReferencesGitRepo(); doing the same in the PATCH route.

* Add release create, get and update test
2018-01-16 10:54:13 +02:00
Morgan Bazalgette
eb0f166f50 Address issues pointed out by @lunny in #3339 (#3352) 2018-01-12 08:37:30 -06:00