mirror of
1
Fork 0
Commit Graph

44 Commits

Author SHA1 Message Date
zeripath fcb535c5c3
Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631)
This PR fixes #7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however.

## Features
- [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.)
- [x] Verify commits signed with the default gpg as valid
- [x] Signer, Committer and Author can all be different
    - [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon.
- [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available
    - Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg
    - [x] Try to match the default key with a user on gitea - this is done at verification time
- [x] Make things configurable?
    - app.ini configuration done
    - [x] when checking commits are signed need to check if they're actually verifiable too
- [x] Add documentation

I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
2019-10-16 14:42:42 +01:00
Tamal Saha 171b359877 Use gitea forked macaron (#7933)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-08-23 12:40:29 -04:00
Lunny Xiao 6782a704ef Fix bug create/edit wiki pages when code master branch protected (#7580)
* fix bug create/edit wiki pages when code master branch protected

* improve FullPushingEnvironment function
2019-07-25 22:50:20 +01:00
kolaente f9ec2f89f2 Add golangci (#6418) 2019-06-12 15:41:28 -04:00
zeripath ce8de35334 Remove local clones & make hooks run on merge/edit/upload (#6672)
* Add options to git.Clone to make it more capable

* Begin the process of removing the local copy and tidy up

* Remove Wiki LocalCopy Checkouts

* Remove the last LocalRepo helpers

* Remove WithTemporaryFile

* Enable push-hooks for these routes

* Ensure tests cope with hooks

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove Repository.LocalCopyPath()

* Move temporary repo to use the standard temporary path

* Fix the tests

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove LocalWikiPath

* Fix missing remove

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Use AppURL for Oauth user link (#6894)

* Use AppURL for Oauth user link

Fix #6843

* Update oauth.go

* Update oauth.go

* internal/ssh: ignore env command totally (#6825)

* ssh: ignore env command totally

* Remove commented code 

Needed fix described in issue #6889

* Escape the commit message on issues update and title in telegram hook (#6901)

* update sdk to latest (#6903)

* improve description of branch protection (fix #6886) (#6906)

The branch protection description text were not quite accurate.

* Fix logging documentation (#6904)

* ENABLE_MACARON_REDIRECT should be REDIRECT_MACARON_LOG

* Allow DISABLE_ROUTER_LOG to be set in the [log] section

* [skip ci] Updated translations via Crowdin

* Move sdk structs to modules/structs (#6905)

* move sdk structs to moduels/structs

* fix tests

* fix fmt

* fix swagger

* fix vendor
2019-05-11 11:29:17 -04:00
Lunny Xiao d578b71d61
move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364)
* move code.gitea.io/git to code.gitea.io/gitea/modules/git

* fix imports

* fix fmt

* fix misspell

* remove wrong tests data

* fix unit tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* enable Debug to trace the failure tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* comment commit count tests since git clone depth is 50

* fix tests

* update from code.gitea.io/git

* revert change to makefile
2019-03-27 17:33:00 +08:00
Gabriel Silva Simões 3b7f41f9f7 Fix serving of raw wiki files other than .md (#5814)
* Fix serving of raw wiki files other than .md

Closes #4690.
Closes #4395.

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Simplify code at routers/repo/wiki.go

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add more files to user2/repo1.wiki for testing

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Update macaron to v1.3.2

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add tests for WikiRaw

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Fix NewResponseWriter usage due to macaron update

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add raw to reserved wiki names

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
2019-02-05 20:58:55 -05:00
Lunny Xiao 616b8f42f9 Fix deadlock when sqlite (#5118)
* fix deadlock when sqlite

* fix clonelink deadlock on sqlite
2018-10-19 12:36:42 -04:00
Lauris BH 5ffdf9388b
Fix to use only needed columns from tables to get repository git paths (#3870) 2018-05-02 09:10:19 +03:00
Lauris BH 283e87d814
Fix rendering of wiki page list if wiki repo contains other files (#3454)
* Fix rendering of wiki page list if wiki repo contains other files

* Improve wiki filename tests
2018-02-05 16:56:30 +02:00
Lauris BH be1330ec89 Remove hardcoded paths to fix randomly failing tests (#3347)
* Remove hardcoded paths to fix randomly failing tests

* Use correct function for merge path
2018-01-11 00:46:59 +01:00
Ethan Koenig b7ebaf6d20 Various wiki bug fixes (#2996)
* Update macaron

* Various wiki bug fixes
2017-11-28 17:43:51 +08:00
Ethan Koenig 474d636794 Update code.gitea.io/git (#1824)
* Update code.gitea.io/git

* Update function calls

* govendor fetch
2017-05-30 04:32:01 -05:00
Lunny Xiao bd8fe49076 fix wiki bugs (#1294) 2017-03-20 21:36:19 +08:00
Lunny Xiao 0e6b9ea786 Take back control of hooks (#1006)
* git: delegate all server-side Git hooks (#1623)

* create hooks directories

* take control hooks back

* fix lint

* bug fixed and minor changes

* fix imports style

* fix migration scripts
2017-02-23 11:40:44 +08:00
Gabriel Jackson bf6f61cc69 Cleanup log messaging
This change corrects a few logging issues:

 * Standardized formatting errors with '%v'.
 * Standardized failure warning word usage.
 * Corrected an instance of using the standard log library when
   the gitea log library should be used instead.
2017-02-02 15:24:18 +01:00
Ethan Koenig bb76285762 Unit tests for models/wiki 2017-01-27 13:08:17 -05:00
Bwko 1257d43e14 Add a reserved path check to the wiki (#720) 2017-01-22 23:08:54 +08:00
Lunny Xiao f8c2903484 fixed bugs on Wiki and resolved #667 (#674) 2017-01-21 20:50:51 +08:00
Bwko abcd39f7d5 In the wiki title replace tab with a space (#371) 2016-12-11 11:01:26 +08:00
Bwko 0118b275b6 Fix for #320
Suppress the error when we're removing a file that may not exist
2016-12-03 22:31:54 +01:00
Bwko 4ff0db0246 Catch os... errors 2016-12-02 07:41:19 +01:00
Sandro Santilli 592a4ec4d3 Fix lint errors in models/wiki (just add methods docs)
See #70
2016-11-14 18:01:46 +01:00
Sandro Santilli 4247304f5a Update import paths from github.com/go-gitea to code.gitea.io (#135)
- Update import paths from github.com/go-gitea to code.gitea.io
- Fix import path for travis

See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
2016-11-10 17:24:48 +01:00
Sandro Santilli 6e4252dad4 Replace gogits/git-module dependency with go-gitea/git (#94)
* Replace gogits/git-module dependency with go-gitea/git

Fixes #92

* Remove git alias for git module import (not needed)
2016-11-06 11:18:34 -02:00
Rémy Boulanouar 2d68bd1ef9 Change import reference to match gitea instead of gogs (#37) 2016-11-03 10:29:56 -02:00
Unknwon 43297148b2 modules/sync: rename SingleInstancePool to ExclusivePool 2016-08-30 15:19:53 -07:00
Unknwon c30b856d14 #3505 use user’s info for committer and author 2016-08-27 13:37:55 -07:00
Unknwon 6c8fcb3af2 #3467 fix clone fail when wiki is empty 2016-08-15 15:09:34 -07:00
Unknwon cd89f6c502 Web editor: improve edit file and diff preview 2016-08-14 23:52:24 -07:00
Unknwon 660e7a178a modules/sync: move sync objects to independent module 2016-08-14 23:52:24 -07:00
Richard Mahn d0a0239bac Squashed commit of the following:
commit 0afcb843d7ffd596991c4885cab768273a6eb42c
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Sun Jul 31 17:13:29 2016 -0600

    Removed Upload stats as the upload table is just a temporary table

commit 7ecd73ff5535612d79d471409173ee7f1fcfa157
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Sun Jul 31 08:42:41 2016 -0600

    Fix for CodeMirror mode

commit c29b9ab531e2e7af0fb5db24dc17e51027dd1174
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Sun Jul 31 08:03:33 2016 -0600

    Made tabbing in editor use spaces

commit 23af384c53206a8a40e11e45bf49d7a149c4adcd
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Sun Jul 31 07:56:46 2016 -0600

    Fix for data-url

commit cfb8a97591cb6fc0a92e49563b7b764c524db0e9
Merge: 7fc8a89 991ce42
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Sun Jul 31 07:42:53 2016 -0600

    Merge remote-tracking branch 'gogits/develop' into feature-create-and-edit-repo-file

    Conflicts:
    	modules/bindata/bindata.go
    	public/js/gogs.js

commit 7fc8a89cb495478225b02d613e647f99a1489634
Merge: fd3d86c c03d040
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Sun Jul 31 07:40:00 2016 -0600

    Merge branch 'feature-create-and-edit-repo-file' of github.com:richmahn/gogs into feature-create-and-edit-repo-file

commit fd3d86ca6bbc02cfda566a504ffd6b03db4f75ef
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Sun Jul 31 07:39:44 2016 -0600

    Code cleanup

commit c03d0401c1049eeeccc32ab1f9c3303c130be5ee
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Fri Jul 29 15:38:23 2016 -0600

    Code cleanup

commit 98e1206ccf9f9a4503c020e3a7830cf9f861dfae
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Thu Jul 28 18:36:01 2016 -0600

    Code cleanup and fixes

commit c2895dc742f25f8412879c9fa15e18f27f42f194
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Thu Jul 28 18:24:04 2016 -0600

    Fixes per Unknwon's requests

commit 6aa7e46b21ad4c96e562daa2eac26a8fb408f8ef
Merge: 889e9fa ad7ea88
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Thu Jul 28 17:13:43 2016 -0600

    Merge remote-tracking branch 'gogits/develop' into feature-create-and-edit-repo-file

    Conflicts:
    	modules/bindata/bindata.go
    	modules/setting/setting.go

commit 889e9faf1bd8559a4979c8f46005d488c1a234d4
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Fri Jul 22 14:09:18 2016 -0600

    Fix in gogs.js

commit 47603edf223f147b114be65f3bd27bc1e88827a5
Merge: bb57912 cf85e9e
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Fri Jul 22 14:07:36 2016 -0600

    Merge remote-tracking branch 'gogits/develop' into feature-create-and-edit-repo-file

    Conflicts:
    	modules/bindata/bindata.go
    	public/js/gogs.js

commit bb5791255867a71c11a77b639db050ad09c597a4
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Fri Jul 22 14:02:18 2016 -0600

    Update for using CodeMirror mode addon

commit d10d128c51039be19e2af9c66c63db66a9f2ec6d
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Tue Jul 19 16:12:57 2016 -0600

    Update for Edit

commit 34a34982025144e3225e389f7849eb6273c1d576
Merge: fa1b752 1c7dcdd
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Tue Jul 19 11:52:02 2016 -0600

    Merge remote-tracking branch 'gogits/develop' into feature-create-and-edit-repo-file

    Conflicts:
    	modules/bindata/bindata.go

commit fa1b752be29cd455c5184ddac2ffe80b3489763e
Author: Richard Mahn <richard_mahn@wycliffeassociates.org>
Date:   Fri Jul 15 18:35:42 2016 -0600

    Feature for editing, creating, uploading and deleting files
2016-08-14 23:52:24 -07:00
Unknwon 5077408d78 #3233 code cleanup and minor issue fix 2016-08-11 10:53:51 -07:00
Unknwon 3a30c06345 Fix wiki vulnerabilities
- Arbitrary file creation leading to command execution
- .md file creation/deletion

Reported by Gabriel Campana.
2016-07-01 15:33:35 +08:00
Unknwon 9df6ce48c5 Minor fixes for #2746 2016-03-04 13:32:17 -05:00
Josh Frye 1ca171dbe9 Add ability to delete single wiki pages. 2016-03-04 09:26:52 -05:00
Jofkos 76d4af891f Removed empty line, multi return args 2015-12-20 21:13:12 +01:00
Jofkos 0721095944 Wiki pages containing question marks in their name weren't loading
(untested)
2015-12-20 18:02:54 +01:00
Unknwon 19423957b1 rename import path 2015-12-15 17:25:45 -05:00
Unknwon 9ed60d96a9 fix API 2015-12-01 16:33:45 -05:00
Unknwon 830d000667 finish wiki 2015-11-30 20:45:55 -05:00
Unknwon e42fcb033d wiki: finish edit 2015-11-27 01:50:38 -05:00
Unknwon 392f3ee210 wiki: finish new 2015-11-27 00:24:24 -05:00
Unknwon c50a3503e6 introduce git-shell 2015-11-26 17:33:45 -05:00