mirror of
1
Fork 0
Commit Graph

141 Commits

Author SHA1 Message Date
Lunny Xiao 2ef8b8bcbe fix go get subpackage bug (#2584)
* fix go get subpackage bug

* merge the duplicated funtions
2017-09-23 16:24:24 +03:00
Moritz Heiber 7e12aac61c Only allow token authentication with 2FA enabled (#2184)
* Don't allow for plain username/password authentication when 2FA is enabled

* Removed debugging statement

* Don't assume a token belongs to a given user, handle two-factor errors properly

* Simplified user/token matching, refactored error handling for two-factor authentication

* Change authentication response to avoid bruteforcing

* Add TODO item as a comment for changing the response for security purposes
2017-07-26 15:33:16 +08:00
Shuanglei Tao d389ed25a5 Fix: `http: multiple response.WriteHeader calls` (#2038)
We can't change the http status code here, because the response has been written.
2017-06-28 14:08:47 +08:00
Lunny Xiao 6362462da8
fix admin lost permission caused by #947 2017-05-19 08:59:26 +08:00
Lunny Xiao fd6034aaf2 Add units to team (#947)
* add units to team

* fix lint

* finish team setting backend

* finished permission controll on routes

* fix import blank line

* add unit check on ssh/http pull and push and fix test failed

* fix fixtures data

* remove unused code
2017-05-18 22:54:24 +08:00
Lunny Xiao 930d1759ae Remove env user salt since no need to use (#1515)
* remove env user salt since no need to use

* remove unused variable from update.go
2017-05-06 21:21:22 +08:00
Lunny Xiao f0db3da713 fix go get sub package and add domain on installation to let go get work defaultly (#1518)
* fix go get sub package and add domain on installation to let go get work defaultly

* fix import sequence

* fix .git problem
2017-04-21 10:43:29 +08:00
Ethan Koenig ec0ae5d50c Refactor and fix incorrect comment (#1247) 2017-03-15 08:51:46 +08:00
Lunny Xiao cd1821a7e2 Move push update to post-receive and protected branch check to pre-receive (#1030)
* move all push update to git hook post-receive and protected branch check to git hook pre-receive

* add SSH_ORIGINAL_COMMAND check back

* remove all unused codes

* fix the import
2017-02-25 22:54:40 +08:00
Willem van Dreumel 01d957677f Oauth2 consumer (#679)
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)

* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)

* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
2017-02-22 08:14:37 +01:00
Denis Denisov fd941db246 Protected branches system (#339)
* Protected branches system

* Moved default branch to branches section (`:org/:reponame/settings/branches`).
* Initial support Protected Branch.
  - Admin does not restrict
  - Owner not to limit
  - To write permission restrictions

* reformat tmpl

* finished the UI and add/delete protected branch response

* remove unused comment

* indent all the template files and remove ru translations since we use crowdin

* fix the push bug
2017-02-21 23:02:10 +08:00
Bo-Yi Wu 6510e57758 fix gofmt error
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2016-12-30 20:41:10 +01:00
Gogs 37eec6c9b7 push + pull now works with reverse proxy + basic auth on apache 2.4 2016-12-29 22:37:50 +01:00
Lunny Xiao 47a7529d96 update code.gitea.io/git (#450) 2016-12-22 10:30:52 +01:00
Lunny Xiao 3917ed45de golint fixed for routers (#208) 2016-11-24 15:04:31 +08:00
Sandro Santilli 4247304f5a Update import paths from github.com/go-gitea to code.gitea.io (#135)
- Update import paths from github.com/go-gitea to code.gitea.io
- Fix import path for travis

See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
2016-11-10 17:24:48 +01:00
Sandro Santilli f388661bda ACCESS_MODE_* -> AccessMode* 2016-11-07 17:20:37 +01:00
Rachid Zarouali be5607e510 Merge pull request #50 from 0xbaadf00d/feature/2583-disablehttpcloning
Disable HTTP cloning
2016-11-07 11:23:30 +01:00
Sandro Santilli 6e4252dad4 Replace gogits/git-module dependency with go-gitea/git (#94)
* Replace gogits/git-module dependency with go-gitea/git

Fixes #92

* Remove git alias for git module import (not needed)
2016-11-06 11:18:34 -02:00
Rémy Boulanouar 2d68bd1ef9 Change import reference to match gitea instead of gogs (#37) 2016-11-03 10:29:56 -02:00
Thibault Meyer 93f1eabe30
rename variable + fix wiki link 2016-10-04 18:58:14 +02:00
Thibault Meyer 9d66497abc
Can disable GIT interactions by HTTP protocol 2016-09-18 10:54:33 +02:00
Unknwon a00c932bbc General code quality improvement 2016-08-16 23:06:38 -07:00
Unknwon dccb0c15b9 Replace convert.To with APIFormat calls 2016-08-14 04:17:26 -07:00
Unknwon 3f7f4852ef #2246 fully support of webhooks for pull request 2016-08-14 03:32:24 -07:00
Unknwon 1f2e173a74 Refactor User.Id to User.ID 2016-07-24 01:08:22 +08:00
Franz Schmidt 8b35c194ec Fixes #3110 (#3136) 2016-06-27 17:02:39 +08:00
Unknwon c041273dd3 repo/http: clean code 2016-06-01 04:19:01 -07:00
Unknwon 60ae8ac3d2 Add route for #2846 2016-03-21 10:49:46 -04:00
Unknwon 514382e2eb Rename module: middleware -> context 2016-03-11 11:56:52 -05:00
Unknwon 338af89d56 #2650 fix possbility that use email as pusher user name
Remove the possibility of using email as user name when user actually push
through combination of email and password with HTTP.

Also refactor update action function to replcae tons of arguments with
single PushUpdateOptions struct.
And define the user who pushes code as pusher, therefore variable names shouldn't
be confusing any more.
2016-02-17 22:47:06 -05:00
Florian Kaiser 0e4ae27caa Use pretty 404 pages in repo.HTTPBackend 2016-02-02 14:09:47 +00:00
zhuharev 0d5dc8a064 typo fix 2016-01-06 22:41:42 +03:00
Unknwon a62290de52 #2311 improve HTTP auth error message 2015-12-30 21:29:30 -05:00
Unknwon 40f3142264 #2114 External URL for wiki 2015-12-11 04:55:08 -05:00
Unknwon 830d000667 finish wiki 2015-11-30 20:45:55 -05:00
Unknwon c50a3503e6 introduce git-shell 2015-11-26 17:33:45 -05:00
Unknwon 0128036514 #1681 some fixes for builtin SSH server on Windows 2015-11-23 22:32:07 -05:00
Unknwon b55499d039 go vet and fix #1890 2015-11-08 14:31:49 -05:00
Unknwon 0fbb8c8826 New push to head repo of head branch: regenerate patch and retest apply 2015-10-24 03:36:47 -04:00
Unknwon 2ac8e11f46 #842 able to use access token replace basic auth 2015-09-02 02:40:15 -04:00
Unknwon 03b85b73af token recent activity 2015-08-19 06:22:33 +08:00
Unknwon d17f102339 try to fix HTTP ops not GC 2015-08-17 22:32:43 +08:00
Unknwon 407385db7e work on #1493 2015-08-17 17:05:37 +08:00
Unknwon dea3a8c6a4 WIP: create PR - choose branch 2015-08-08 22:43:14 +08:00
Unknwon e50982f5ec allow anonymous SSH clone 2015-08-05 11:14:17 +08:00
Unknwon fa298a2c30 #835: Realtime webhooks 2015-07-25 21:32:04 +08:00
Linquize f26f8d5afa Set Content-Type to text/plain for http status 401
This is because git command line shows the failure reason only if Content-Type is text/plain.
2015-03-28 22:30:05 +08:00
Unknwon 588f3215c6 #1040: dashboard no longer accessible when repo is missing 2015-03-16 04:04:27 -04:00
Unknwon 4aafeace23 fix HTTP/HTTPS push update func call panic #1037 and `http: multiple response.WriteHeader calls` 2015-03-12 01:15:01 -04:00
Unknwon b0b11fd7b1 Merge branch 'access' of github.com:gogits/gogs into dev 2015-02-28 21:50:29 -05:00
Gogs fab038b175 Attempt #3 of ldap fixes 2015-02-27 13:18:29 +00:00
Peter Smit f9454cc32c Make sure that a mirror can't be written to by http or ssh 2015-02-16 12:00:06 +02:00
Unknwon 6d0f3a07d4 code fix #941 caution: undertest 2015-02-13 00:58:46 -05:00
Peter Smit 6c1ee384f1 Merge remote-tracking branch 'mine/access_refactor' into access_refactor
Conflicts:
	cmd/serve.go
	models/access.go
	models/migrations/migrations.go
	models/org.go
	models/repo.go
	models/user.go
	modules/middleware/org.go
	modules/middleware/repo.go
	routers/api/v1/repo.go
	routers/org/teams.go
	routers/repo/http.go
	routers/user/home.go
2015-02-12 14:25:07 +02:00
Peter Smit 0a4cda0dd4 Refactoring of the Access Table
This commit does a lot of the work of refactoring the access table in a table with id's instead of strings.

The result does compile, but has not been tested. It may eat your kittens.
2015-02-12 14:14:45 +02:00
Peter Smit 0d158e569b Change constants to UPPERCASE_WITH_UNDERSCORE style 2015-02-09 13:36:33 +02:00
Unknwon ba77a3b0b4 routers/repo/http.go: allow HTTP push/pull by token for #845 2015-02-07 15:47:23 -05:00
Peter Smit 4e79adf6b5 Refactoring of the Access Table
This commit does a lot of the work of refactoring the access table in a table with id's instead of strings.

The result does compile, but has not been tested. It may eat your kittens.
2015-02-06 13:18:11 +02:00
Christopher Brickley d0827e5d5e allow http push by token - #842 2015-01-08 09:30:22 -05:00
codeskyblue db6c0ebf76 fix git clone error when repo has upper case name 2014-12-11 15:57:32 +08:00
Unknwon 32dcaefafa fox #620 2014-11-17 14:53:41 -05:00
Unknwon abc57b6e43 work on #609 2014-11-07 14:46:13 -05:00
Unknwon 3abc41ccca Fix API broken 2014-10-18 23:26:55 -04:00
Unknwon 1aa12c7452 Fix #572 2014-10-15 16:28:38 -04:00
lunnyxiao d1911658e1 remove debug info 2014-09-26 12:17:46 +08:00
lunnyxiao 150eef93b2 add submodule basic support & buf fixed #478 2014-09-22 10:43:16 +08:00
Unknwon 755eec745f Finish new repo settings page 2014-08-02 13:47:33 -04:00
Unknwon 8dd07c0ddd New UI merge in progress 2014-07-26 00:24:27 -04:00
Lunny Xiao 86e2627175 Merge branch 'master' of github.com:gogits/gogs
Conflicts:
	models/update.go
	routers/repo/http.go
2014-06-28 14:58:59 +08:00
Lunny Xiao e5ae41e21f bug fixed #261 2014-06-28 14:55:33 +08:00
Unknown 57ac15aa20 Merge branch 'master' of github.com:gogits/gogs into dev 2014-06-27 23:12:55 -04:00
Lunny Xiao 7dbeee94e3 bug fixed #236 2014-06-28 11:06:07 +08:00
Unknown e0f9c628c5 Add create organization 2014-06-25 00:44:48 -04:00
Unknown 47d29a1ee0 Mirror fix on #248 2014-06-23 16:22:34 -04:00
Unknown 8bfa7ae745 Remove qiniu/log 2014-06-20 01:14:54 -04:00
Unknown fbf274b751 Fix #220 2014-05-30 17:57:38 -04:00
Unknown 688ec6ecbd Fixed #209 2014-05-25 20:11:25 -04:00
Unknown 7b60756f2c Fix Collaborators cannot commit 2014-05-03 01:37:49 -04:00
Unknown 1bfe4ee665 Merge branch 'master' of github.com:gogits/gogs 2014-04-16 07:13:20 -04:00
Unknown 2dc0329c5f Fix auth issue on #80 2014-04-16 04:45:02 -04:00
Unknown 6277f8497c Auth problem related #80 2014-04-16 04:37:07 -04:00
Christopher Brickley 4c5a6e4d87 swap \n for \000, update len check, when reading receive-pack input 2014-04-15 22:07:28 -04:00
Lunny Xiao 4210f56dbc bug fixed for http clone 2014-04-14 23:22:00 +08:00
Lunny Xiao ee2d8d2469 remove trace 2014-04-11 10:44:09 +08:00
Lunny Xiao db39e58a13 add actions for http push 2014-04-11 10:27:13 +08:00
zhsso a4cbe79567 fix 2014-04-10 14:20:58 -04:00
zhsso f3ed11d177 mistakes 2014-04-10 14:20:01 -04:00
Lunny Xiao a24c0b92e4 bug fixed 2014-04-10 23:02:08 +08:00
Lunny Xiao 94c7278194 Merge branch 'master' of github.com:gogits/gogs into dev
Conflicts:
	web.go
2014-04-10 22:21:12 +08:00
Lunny Xiao 16b6e5d50b bug fixed 2014-04-10 22:12:32 +08:00