mirror of
1
Fork 0
Commit Graph

1522 Commits

Author SHA1 Message Date
Zettat123 886a675f62
Return `access_denied` error when an OAuth2 request is denied (#30974)
According to [RFC
6749](https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1),
when the resource owner or authorization server denied an request, an
`access_denied` error should be returned. But currently in this case
Gitea does not return any error.

For example, if the user clicks "Cancel" here, an `access_denied` error
should be returned.

<img width="360px"
src="https://github.com/go-gitea/gitea/assets/15528715/be31c09b-4c0a-4701-b7a4-f54b8fe3a6c5"
/>

(cherry picked from commit f1d9f18d96050d89a4085c961f572f07b1e653d1)
2024-05-26 18:37:20 +02:00
wxiaoguang a649610d61
Fix "force private" logic (#31012)
When creating a repo, the "FORCE_PRIVATE" config option should be
respected, `readonly` doesn't work for checkbox, so it should use
`disabled` attribute.

(cherry picked from commit edbf74c418061b013a5855f604dd6be6baf34132)

Conflicts:
	templates/repo/create.tmpl
	templates/repo/migrate/codebase.tmpl
	templates/repo/migrate/git.tmpl
	templates/repo/migrate/gitbucket.tmpl
	templates/repo/migrate/gitea.tmpl
	templates/repo/migrate/github.tmpl
	templates/repo/migrate/gitlab.tmpl
	templates/repo/migrate/gogs.tmpl
	templates/repo/migrate/onedev.tmpl
	already in forgejo fc0c5e80da Fix and improve repo visibility checkbox when FORCE_PRIVATE is on (#3786)
        enforcing FORCE_PRIVATE on repo settings was manually tested
	with a repository of an unprivileged user after setting
	FORCE_PRIVATE = true
2024-05-26 18:20:33 +02:00
Earl Warren c7711dac6d
chore: fix typos identified by mispell 2024-05-25 09:43:50 +02:00
Michael Jerger 9705d42e02 lint 2024-05-24 13:38:43 +02:00
Michael Jerger 82cb9e0203 ui for adding following repos 2024-05-24 13:28:15 +02:00
oliverpool 4ffda656e8 mysql: use inner join for hook_task deletion
Attempt to fix #3678
2024-05-24 10:31:41 +02:00
oliverpool bb165fadf6 test: check hook_task deletion
move test to integration to ensure Sqlite + MySQL testing
2024-05-24 10:31:41 +02:00
Michael Jerger b01f3bb2a1 federated-star: finalize receive activity (#3871)
PR will finalize the ability to receive a federated star from a remote instance.

This is part of: https://codeberg.org/forgejo/forgejo/pulls/1680

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3871
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
Co-committed-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
2024-05-24 00:25:57 +00:00
Earl Warren 32222d7d0a Merge pull request '[BUG] Fix SourceHut Builds webhook with triggers field' (#3864) from oliverpool/forgejo:sourcehut_trigger into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3864
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-05-24 00:16:22 +00:00
Earl Warren d8e21e673d Merge pull request 'Creation of federated user' (#3792) from meissa/forgejo:forgejo-federated-pr3 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3792
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-05-22 11:11:42 +00:00
oliverpool 1f6f909b2e refactor: sourcehut_builds ignore unused fields 2024-05-22 12:56:51 +02:00
oliverpool c9f38e2813 fix: sourcehut_builds preserve unused fields
Fix #3820
2024-05-22 12:56:51 +02:00
oliverpool 7b47cb43c1 test: sourcehut_builds trigger 2024-05-22 12:56:51 +02:00
Earl Warren 7ce8090346 Merge pull request 'tests(services/mailer): add tooling and coverage for issues/default.tmpl' (#3816) from earl-warren/forgejo:wip-test-mail into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3816
Reviewed-by: Otto <otto@codeberg.org>
2024-05-21 21:46:58 +00:00
Earl Warren 74e07656d2 Merge pull request '[gitea] week 2024-21 cherry pick (gitea/main -> forgejo)' (#3838) from algernon/wcp/2024-21 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3838
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-05-21 08:05:01 +00:00
Shiny Nematoda ec4f5495ba feat: wiki search using git-grep
+ add release note
2024-05-20 13:48:50 +00:00
Earl Warren fc45a0d9ba
cleanup(services/mailer): mark deadcode for removal
There is no activities_model.Action* when sending a review comment,
this is deadcode and should be removed. Or a new event should be added
to differentiate it from a regular comment when evaluating templates.
2024-05-19 16:47:34 +02:00
Earl Warren 55c850a8a8
tests(services/mailer): coverage for the issue/default.tmpl logic
* the tests fail when issue/default.tmpl is removed
* coverage for:
  * activities_model.ActionCreateIssue
  * activities_model.ActionCommentIssue
  * activities_model.ActionCloseIssue
  * activities_model.ActionReopenIssue
  * activities_model.ActionCommentPull
  * activities_model.ActionMergePullRequest
  * activities_model.ActionApprovePullRequest
  * activities_model.ActionRejectPullRequest
* replace mocks with calls to mockMailSettings
2024-05-19 16:47:22 +02:00
Lunny Xiao 1be797faba
Fix bug on avatar (#31008)
Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit 58a03e9fadb345de5653345c2a68ecfd0750940a)
2024-05-19 13:57:52 +02:00
Earl Warren 23bbec4459
tests(services/mailer): refactor mail_admin_new_user_test
* use MockVariableValue where appropriate
* split the tests in two with t.Run for clarity
2024-05-19 08:54:25 +02:00
0ko f9ac5b327a Remove `title` from email heads (#3810)
One part of https://codeberg.org/forgejo/forgejo/pulls/3316, though it may have a little more files touched because I re-created the changes.

> Removed HTML `<title>` part in `<head>` that was present inconsistently in these emails. It doesn't appear to be used by other websites. After all, these are emails, not webpages.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3810
Reviewed-by: Otto <otto@codeberg.org>
2024-05-17 10:10:33 +00:00
Michael Jerger b2c3eb1644 add migration & enhance int-test 2024-05-16 18:25:16 +02:00
Michael Jerger 1c7a9b00be initial 2024-05-16 08:15:43 +02:00
oliverpool 5e73c67d67 fix: hook post-receive for sha256 repos 2024-05-15 16:43:16 +02:00
Earl Warren 77092c7a0c Merge pull request 'Federation: Parse ActorId & cache FederationHost' (#3662) from meissa/forgejo:forgejo-federated-parse-actorId into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3662
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-05-14 22:42:02 +00:00
Earl Warren 1b3e6a4831 Merge pull request '[gitea] week 2024-20 cherry pick (gitea-github/main -> forgejo)' (#3729) from earl-warren/wcp/2024-20 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3729
Reviewed-by: twenty-panda <twenty-panda@noreply.codeberg.org>
2024-05-14 12:23:10 +00:00
Beowulf 2810b9ae0a Replace reply with a forked version to fix the cut-off of the incoming mail text (#3747)
replace reply with forgejos forked version

If plain text is selected as the message format in e.g. Apple Mail, the inline attachments are no longer at the end of the mail, but instead directly where they are in the mail. When parsing the mail, these inline attachments are replaced by "--". The new reply version no longer cuts the text at the first "--".

Tests for this are present in reply (7dc5750c6d).

Fixes https://codeberg.org/forgejo/forgejo/issues/3496#issuecomment-1798416

---

Additionally, I reduced the allocations for the inline attachments.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3747
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Beowulf <beowulf@beocode.eu>
Co-committed-by: Beowulf <beowulf@beocode.eu>
2024-05-13 21:24:58 +00:00
Lunny Xiao eb792d9f8a
Move database operations of merging a pull request to post receive hook and add a transaction (#30805)
Merging PR may fail because of various problems. The pull request may
have a dirty state because there is no transaction when merging a pull
request. ref
https://github.com/go-gitea/gitea/pull/25741#issuecomment-2074126393

This PR moves all database update operations to post-receive handler for
merging a pull request and having a database transaction. That means if
database operations fail, then the git merging will fail, the git client
will get a fail result.

There are already many tests for pull request merging, so we don't need
to add a new one.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit ebf0c969403d91ed80745ff5bd7dfbdb08174fc7)

Conflicts:
	modules/private/hook.go
	routers/private/hook_post_receive.go
	trivial conflicts because
	  263a716cb5 * Performance optimization for git push (#30104)
	was not cherry-picked and because of
	  998a431747 Do not update PRs based on events that happened before they existed
2024-05-12 20:03:10 +02:00
yp05327 1a250c7b2b
Fix incorrect default branch when adopt a repository (#30912)
Fix #30521

we should sync branches first, then detect default branch, or
`git_model.FindBranchNames` will always return empty list, and the
detection will be wrong.

(cherry picked from commit e94723f2de7d9bf12d870f5ce9ffb291a99ba090)

Conflicts:
	services/repository/adopt.go
	trivial conflict because
	  e80466f734 Resolve lint for unused parameter and unnecessary type arguments (#30750)
	was not cherry-picked
2024-05-12 20:03:10 +02:00
yp05327 6c9b8401f9
Fix misspelling of mergable (#30896)
https://github.com/go-gitea/gitea/pull/25812#issuecomment-2099833692
Follow #30573

(cherry picked from commit f7d2f695a4c57b245830a526e77fa62e99e00254)

Conflicts:
	services/pull/check.go
	trivial conflict because
	  9b2536b78fdcd3cf444a2f54857d9871e153858f Update misspell to 0.5.1 and add `misspellings.csv` (#30573)
	was not cherry-picked
2024-05-12 20:03:10 +02:00
Zettat123 8f0f6bf89c
Update issue indexer after merging a PR (#30715)
Fix #30684

(cherry picked from commit f09e68ec33262d5356779572a0b1c66e6e86590f)

Conflicts:
	tests/integration/pull_merge_test.go
	trivial context conflict
2024-05-12 20:03:10 +02:00
wxiaoguang 8cb8547532
Make "sync branch" also sync object format and add tests (#30878)
(cherry picked from commit 9c08637eae8c3a44d15e62d85144e07ae9dabbec)
2024-05-12 20:03:10 +02:00
Yaroslav Halchenko 2b2fd2728c Add codespell support and fix a good number of typos with its help (#3270)
More about codespell: https://github.com/codespell-project/codespell .

I personally introduced it to dozens if not hundreds of projects already and so far only positive feedback.

```
❯ grep lint-spell Makefile
	@echo " - lint-spell                       lint spelling"
	@echo " - lint-spell-fix                   lint spelling and fix issues"
lint: lint-frontend lint-backend lint-spell
lint-fix: lint-frontend-fix lint-backend-fix lint-spell-fix
.PHONY: lint-spell
lint-spell: lint-codespell
.PHONY: lint-spell-fix
lint-spell-fix: lint-codespell-fix
❯ git grep lint- -- .forgejo/
.forgejo/workflows/testing.yml:      - run: make --always-make -j$(nproc) lint-backend checks-backend # ensure the "go-licenses" make target runs
.forgejo/workflows/testing.yml:      - run: make lint-frontend
```
so how would you like me to invoke `lint-codespell` on CI? (without that would be IMHO very suboptimal and let typos sneak in)

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3270
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Yaroslav Halchenko <debian@onerussian.com>
Co-committed-by: Yaroslav Halchenko <debian@onerussian.com>
2024-05-09 13:49:37 +00:00
Earl Warren a2c8fe0370 Merge pull request '[gitea] week 2024-19 cherry pick (gitea-github/main -> forgejo)' (#3639) from earl-warren/wcp/2024-19 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3639
Reviewed-by: Gergely Nagy <algernon@noreply.codeberg.org>
2024-05-07 22:47:53 +00:00
Michael Jerger 1a76664d56 next step on the way to federation 2024-05-07 17:58:13 +02:00
Michael Jerger 2177d38e9c feat(federation): validate like activities (#3494)
First step on the way to #1680

The PR will

* accept like request on the api
* validate activity in a first level

You can find

* architecture at: https://codeberg.org/meissa/forgejo/src/branch/forgejo-federated-star/docs/unsure-where-to-put/federation-architecture.md

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3494
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
Co-committed-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
2024-05-07 07:59:49 +00:00
wxiaoguang d93d62371c
Ignore useless error message "broken pipe" (#30801)
Fix #30792

(cherry picked from commit 53b55223d167c3fc996dd0278a656f421408ace7)
2024-05-05 12:15:40 +01:00
Chester 1a40fe54a6
Add API endpoints for getting action jobs status (#26673)
Sample of response, it is similar to Github actions

ref
https://docs.github.com/en/rest/actions/workflow-runs?apiVersion=2022-11-28#list-workflow-runs-for-a-repository

``` json
{
    "workflow_runs": [
        {
            "id": 3,
            "name": "Explore-Gitea-Actions",
            "head_branch": "main",
            "head_sha": "6d8d29a9f7a01ded8f8aeb64341cb31ee1ab5f19",
            "run_number": 3,
            "event": "push",
            "display_title": "More job",
            "status": "success",
            "workflow_id": "demo2.yaml",
            "url": "/chester/test/actions/runs/3",
            "created_at": "2023-08-22T13:41:33-04:00",
            "updated_at": "2023-08-22T13:41:37-04:00",
            "run_started_at": "2023-08-22T13:41:33-04:00"
        },
        {
            "id": 2,
            "name": "Explore-Gitea-Actions",
            "head_branch": "main",
            "head_sha": "6d8d29a9f7a01ded8f8aeb64341cb31ee1ab5f19",
            "run_number": 2,
            "event": "push",
            "display_title": "More job",
            "status": "success",
            "workflow_id": "demo.yaml",
            "url": "/chester/test/actions/runs/2",
            "created_at": "2023-08-22T13:41:30-04:00",
            "updated_at": "2023-08-22T13:41:33-04:00",
            "run_started_at": "2023-08-22T13:41:30-04:00"
        },
        {
            "id": 1,
            "name": "Explore-Gitea-Actions",
            "head_branch": "main",
            "head_sha": "e5369ab054cae79899ba36e45ee82811a6e0acd5",
            "run_number": 1,
            "event": "push",
            "display_title": "Add job",
            "status": "failure",
            "workflow_id": "demo.yaml",
            "url": "/chester/test/actions/runs/1",
            "created_at": "2023-08-22T13:15:21-04:00",
            "updated_at": "2023-08-22T13:18:10-04:00",
            "run_started_at": "2023-08-22T13:15:21-04:00"
        }
    ],
    "total_count": 3
}
```

---------

Co-authored-by: yp05327 <576951401@qq.com>
Co-authored-by: puni9869 <80308335+puni9869@users.noreply.github.com>
(cherry picked from commit 6709e28da78a0ea7e63f9fe4e32f620abdc88d14)

Conflicts:
	routers/api/v1/swagger/repo.go
	trivial context conflict
2024-05-05 12:15:40 +01:00
silverwind 9792a377e4
Fix tautological conditions (#30735)
As discovered by https://github.com/go-gitea/gitea/pull/30729.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 610802df85933e7a190a705bc3f7800da87ce868)

Conflicts:
	tests/integration/git_test.go
	trivial conflict because of https://codeberg.org/forgejo/forgejo/pulls/2834
2024-05-05 08:59:40 +01:00
Chongyi Zheng c504461b66
Resolve lint for unused parameter and unnecessary type arguments (#30750)
Resolve all cases for `unused parameter` and `unnecessary type
arguments`

Related: #30729

---------

Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit e80466f7349164ce4cf3c07bdac30d736d20f035)

Conflicts:
	modules/markup/markdown/transform_codespan.go
	modules/setting/incoming_email.go
	routers/api/v1/admin/user_badge.go
	routers/private/hook_pre_receive.go
	tests/integration/repo_search_test.go
	resolved by discarding the change, this is linting only and
	for the sake of avoiding future conflicts
2024-05-05 08:38:16 +01:00
varp0n 4a2959b3ec FIX gogs migration if gogs is hosted at a subpath (#3572)
Also add a test for GogsDownloaderFactory.New() to make sure
that the URL of the source repository is parsed correctly.

When the source gogs instance is hosted at a subpath like `https://git.example.com/gogs/<username>/<reponame>` the migration fails.
This PR fixes that.

Co-authored-by: hecker <tomas.hecker@gmail.com>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3572
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: varp0n <tom@gkstn.de>
Co-committed-by: varp0n <tom@gkstn.de>
2024-05-01 16:28:44 +00:00
Gergely Nagy 33cd8446d3
Performance improvement for FindReposLastestCommitStatuses
If `commitstatus_service.FindReposLastestCommitStatuses` receives no
repos in its params, short-circuit, and return early, without performing
any potentially expensive work.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-05-01 00:34:48 +02:00
Earl Warren 9a3a3feb4c Merge pull request 'Add inline attachments to comments and prevent double handling of mails' (#3504) from Beowulf/forgejo:mail-inline-attachments-not-added-to-comment into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3504
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-04-30 12:19:42 +00:00
Beowulf aeb544aff7
added test for reading inline attachments 2024-04-30 10:47:48 +02:00
oliverpool 0d3a9e6491 webhook: send short ref on gitea create/delete payload 2024-04-30 10:41:42 +02:00
oliverpool cb0f361171 test: webhook gitea tag creation ref 2024-04-30 10:41:38 +02:00
oliverpool df06904f4a webhook: fix getPayloadBranch 2024-04-30 09:38:35 +02:00
oliverpool 79380c209d test: webhook fix branch filter tests 2024-04-30 09:38:35 +02:00
Earl Warren 79ffb2de47 Merge pull request '[gitea] week 2024-18 cherry pick (gitea-github/main -> forgejo)' (#3513) from earl-warren/wcp/2024-18 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3513
Reviewed-by: jean-daricade <jean-daricade@noreply.codeberg.org>
2024-04-30 06:42:26 +00:00
oliverpool e1d93950ad feat: implement PKCE when acting as oauth2 client (for user login)
Closes #2766
2024-04-29 11:20:26 +02:00
Kemal Zebari 4ed372af13
Prevent allow/reject reviews on merged/closed PRs (#30686)
Resolves #30675.

(cherry picked from commit dd301cae1c40c9ef2805bd13af6b09a81ff4f5d7)

Conflicts:
	tests/integration/pull_review_test.go
	trivial context conflict in import
2024-04-28 15:39:01 +02:00
Chongyi Zheng bb7d22d019
Remove unused parameter for some functions in `services/mirror` (#30724)
Suggested by gopls `unusedparams`

(cherry picked from commit 4ae6b1a5534e4cc85602e990054c66a08b11852e)
2024-04-28 15:39:01 +02:00
Bo-Yi Wu 7b456a28d1
feat(api): enhance Actions Secrets Management API for repository (#30656)
- Add endpoint to list repository action secrets in API routes
- Implement `ListActionsSecrets` function to retrieve action secrets
from the database
- Update Swagger documentation to include the new
`/repos/{owner}/{repo}/actions/secrets` endpoint
- Add `actions` package import and define new routes for actions,
secrets, variables, and runners in `api.go`.
- Refactor action-related API functions into `Action` struct methods in
`org/action.go` and `repo/action.go`.
- Remove `actionAPI` struct and related functions, replacing them with
`NewAction()` calls.
- Rename `variables.go` to `action.go` in `org` directory.
- Delete `runners.go` and `secrets.go` in both `org` and `repo`
directories, consolidating their content into `action.go`.
- Update copyright year and add new imports in `org/action.go`.
- Implement `API` interface in `services/actions/interface.go` for
action-related methods.
- Remove individual action-related functions and replace them with
methods on the `Action` struct in `repo/action.go`.

---------

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
Signed-off-by: appleboy <appleboy.tw@gmail.com>
(cherry picked from commit 852547d0dc70299589c7bf8d00ea462ed709b8e5)

Conflicts:
	routers/api/v1/api.go
	trivial conflict because of Fix #2512 /api/forgejo/v1/version auth check (#2582)
2024-04-28 15:39:01 +02:00
sillyguodong 561a7cf520
Interpolate runs-on with variables when scheduling tasks (#30640)
Follow #29468
1. Interpolate runs-on with variables when scheduling tasks.
2. The `GetVariablesOfRun` function will check if the `Repo` of the run
is nil.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 2f6b1c46a1a4a90f56ca0f3ad7840e8e70daeab5)

Conflicts:
	services/actions/schedule_tasks.go
	trivial conflict because of 'Add vars context to cron jobs (#3059)'
2024-04-28 15:39:00 +02:00
Zettat123 168cb758ec
Add a db consistency check to remove runners that do not belong to a repository (#30614)
Follow #30406

(cherry picked from commit 30dd4beeee631860c7dd393c341e9955997095a4)
2024-04-28 15:39:00 +02:00
silverwind 12b199c5e5
Enable more `revive` linter rules (#30608)
Noteable additions:

- `redefines-builtin-id` forbid variable names that shadow go builtins
- `empty-lines` remove unnecessary empty lines that `gofumpt` does not
remove for some reason
- `superfluous-else` eliminate more superfluous `else` branches

Rules are also sorted alphabetically and I cleaned up various parts of
`.golangci.yml`.

(cherry picked from commit 74f0c84fa4245a20ce6fb87dac1faf2aeeded2a2)

Conflicts:
	.golangci.yml
	apply the linter recommendations to Forgejo code as well
2024-04-28 15:39:00 +02:00
Beowulf b796694cd5
Skip already handled incoming emails
It seems like (at least on my machine) that every mail is processed
twice. Added a check if the email is already handled and if so, skip it.
2024-04-28 14:21:06 +02:00
Beowulf 162b840100
Add inline attachments to comments
If incoming email is configured and an email is sent, inline
attachments are currently not added to the comment if it has the
`Content-Disposition: inline` instead of
`Content-Disposition: attachment` as e.g. with Apple Mail.

This adds inline attachments (`Content-Disposition: inline`) that have a
filename as attachment to the comment.

Fixes #3496
2024-04-28 00:33:03 +02:00
Baptiste Daroussin 08f5a25d3b ldap: default domain name (#3414)
When the ldap synchronizer is look for an email address and fails at
finding one, it falls back at creating one using "localhost.local"
domain.

This new field makes this domain name configurable.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3414
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Baptiste Daroussin <bapt@FreeBSD.org>
Co-committed-by: Baptiste Daroussin <bapt@FreeBSD.org>
2024-04-26 22:38:58 +00:00
oliverpool 20350846fc Merge pull request 'fix: git.ComputeHash did not write the content' (#3466) from oliverpool/forgejo:fix_compute_hash into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3466
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-04-26 10:15:23 +00:00
oliverpool 3dfa5ba43a test: LFS gc should not delete all metadata objects
and ComputeBlobHash should depend on the blob content (not only the
length)
2024-04-26 10:16:59 +02:00
Gergely Nagy 2385f3c9db
services/convert: Convert a Repository's ObjectFormatName too
When converting a `repo_model.Repository` to `api.Repository`, copy the
`ObjectFormatName` field too.

Fixes #3458.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-04-26 09:25:30 +02:00
Earl Warren 7cabc5670d
Implement remote user login source and promotion to regular user
A remote user (UserTypeRemoteUser) is a placeholder that can be
promoted to a regular user (UserTypeIndividual). It represents users
that exist somewhere else. Although the UserTypeRemoteUser already
exists in Forgejo, it is neither used or documented.

A new login type / source (Remote) is introduced and set to be the login type
of remote users.

Type        UserTypeRemoteUser
LogingType  Remote

The association between a remote user and its counterpart in another
environment (for instance another forge) is via the OAuth2 login
source:

LoginName   set to the unique identifier relative to the login source
LoginSource set to the identifier of the remote source

For instance when migrating from GitLab.com, a user can be created as
if it was authenticated using GitLab.com as an OAuth2 authentication
source.

When a user authenticates to Forejo from the same authentication
source and the identifier match, the remote user is promoted to a
regular user. For instance if 43 is the ID of the GitLab.com OAuth2
login source, 88 is the ID of the Remote loging source, and 48323
is the identifier of the foo user:

Type        UserTypeRemoteUser
LogingType  Remote
LoginName   48323
LoginSource 88
Email       (empty)
Name        foo

Will be promoted to the following when the user foo authenticates to
the Forgejo instance using GitLab.com as an OAuth2 provider. All users
with a LoginType of Remote and a LoginName of 48323 are examined. If
the LoginSource has a provider name that matches the provider name of
GitLab.com (usually just "gitlab"), it is a match and can be promoted.

The email is obtained via the OAuth2 provider and the user set to:

Type        UserTypeIndividual
LogingType  OAuth2
LoginName   48323
LoginSource 43
Email       foo@example.com
Name        foo

Note: the Remote login source is an indirection to the actual login
source, i.e. the provider string my be set to a login source that does
not exist yet.
2024-04-25 13:03:49 +02:00
JakobDev 1bce2dc5c5 [FEAT]Add Option to hide Release Archive links (#3139)
This adds a new options to releases to hide the links to the automatically generated archives. This is useful, when the automatically generated Archives are broken e.g. because of Submodules.

![grafik](/attachments/5686edf6-f318-4175-8459-89c33973b181)
![grafik](/attachments/74a8bf92-2abb-47a0-876d-d41024770d0b)

Note:
This juts hides the Archives from the UI. Users can still download 5the Archive if they know t correct URL.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3139
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: JakobDev <jakobdev@gmx.de>
Co-committed-by: JakobDev <jakobdev@gmx.de>
2024-04-24 15:15:55 +00:00
Earl Warren 54285319f6
fix(incoming): allow replies to comments
- allow attachments to code comments
- incoming mails from issue comments are now identified as comments

Fixes: https://codeberg.org/forgejo/forgejo/issues/3374
2024-04-23 00:05:12 +02:00
Earl Warren b63b224c36 Merge pull request '[gitea] week 2024-17 cherry pick (gitea/main -> forgejo)' (#3350) from algernon/wcp/2024-17 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3350
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-04-22 18:48:13 +00:00
0ko 469c214ec8 s/Gitea/Forgejo in various log messages and comments 2024-04-21 21:26:15 +05:00
yp05327 829c3c6838
Use action user as the trigger user of schedules (#30581)
Follow https://github.com/go-gitea/gitea/pull/30357

When user push to default branch, the schedule trigger user will be the
user.
When disable then enable action units in settings, the schedule trigger
user will be action user.
When repo is a mirror, the schedule trigger user will be action user. (
before it will return error, fixed by #30357)

As scheduled job is a cron, the trigger user should be action user from
Gitea, not a real user.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit cb6814adad4dc81a683b50826a211ce7bce731d7)

Conflicts:
	- services/actions/notifier_helper.go
	  Conflict resolved by keeping Forgejo's version of the line.
2024-04-21 16:28:16 +02:00
Edward Zhang b3a6596b54
Fix branch_protection api shows users/teams who has no readAccess (#30291)
Add some logic in `convert.ToBranchProtection` to return only the names
associated with readAccess instead of returning all names. This will
ensure consistency in behavior between the frontend and backend.
Fixes: #27694

---------

Co-authored-by: techknowlogick <techknowlogick@gitea.com>
Co-authored-by: wenzhuo.zhang <wenzhuo.zhang@geely.com>
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 02e183bf3fa502b7cef76e8dcdbf01b85ce641f0)
2024-04-21 16:28:16 +02:00
Tobias Balle-Petersen 23f032eaa5
Update API to return 'source_id' for users (#29718)
Using the API, a user's _source_id_ can be set in the _CreateUserOption_
model, but the field is not returned in the _User_ model.

This PR updates the _User_ model to include the field _source_id_ (The
ID of the Authentication Source).

(cherry picked from commit 58b204b813cd3a97db904d889d552e64a7e398ff)
2024-04-21 12:04:18 +02:00
Gergely Nagy b0c0167c54
services: Use proper Message-IDs for release mails
When sending notification emails about a release, use a properly
formatted, RFC-compliant message id, rather than the release's HTML URL
wrapped in angle brackets (which would not be compliant).

Fixes #3105.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-04-18 13:44:18 +02:00
Earl Warren e4aa7bd511 Merge pull request 'webhook: improve UX for sourcehut and matrix' (#3156) from oliverpool/forgejo:webhook_sourcehut_polish into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3156
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-04-17 06:39:54 +00:00
Gergely Nagy ea4071ca9f Allow admins to fork repos even when creation limits are exhausted (#3277)
This is a continuation of #2728, with a test case added.

Fixes #2633.

I kept @zareck 's commit as is, because I believe it is correct. We can't move the check to `owner.CanForkRepo()`, because `owner` is the future owner of the forked repo, and may be an organization. We need to check the admin permission of the `doer`, like in the case of repository creation.

I verified that the test fails without the `ForkRepository` change, and passes with it.

Co-authored-by: Cassio Zareck <cassiomilczareck@gmail.com>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3277
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Co-committed-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-04-17 05:52:02 +00:00
Gergely Nagy df8e58c5cb
Allow changing global wiki editability via the API
The global wiki editability can be set via the web UI, this patch makes
it possible to set the same thing via the API too. This is accomplished
by adjusting the GET and PATCH handlers of the
`/api/v1/repos/{owner}/{repo}` route.

The first will include the property when checking the repo's settings,
the second allows a repo admin to change the setting too.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-04-16 22:51:36 +02:00
oliverpool ada8bfa52f Merge pull request 'Fix release published actions not triggering for releases created from existing tags' (#3220) from zotan/forgejo:forgejo into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3220
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-04-16 18:27:59 +00:00
Michael Kriese 8e9c296014
fix: don't update cache for empty state 2024-04-16 12:02:01 +02:00
Lunny Xiao f393ccf745
Fix commit status cache which missed target_url (#30426)
Fix #30421

---------

Co-authored-by: Jason Song <i@wolfogre.com>
2024-04-16 12:01:26 +02:00
Lunny Xiao 6495741238
Add commit status summary table to reduce query from commit status table (#30223)
This PR adds a new table named commit status summary to reduce queries
from the commit status table. After this change, commit status summary
table will be used for the final result, commit status table will be for
details.

---------

Co-authored-by: Jason Song <i@wolfogre.com>
2024-04-16 12:01:20 +02:00
Zettat123 463ea8fdd2
Check the token's owner and repository when registering a runner (#30406)
Fix #30378

(cherry picked from commit 0fe9f93eb4c94d55e43b18b9c3cc6d513a34c0b5)

Conflicts:
	- models/organization/org.go
	- services/repository/delete.go
	- services/user/delete.go
	In all three cases, conflicts were resolved by manually adding
        the lines added by the Gitea patch, keeping the Forgejo code
        surrounding them.
2024-04-16 09:38:26 +02:00
oliverpool 94dd22a784 webhook: matrix use v3 endpoint and drop headers 2024-04-16 08:59:56 +02:00
oliverpool 99830a40a1 webhook: matrix access_token helper text 2024-04-16 08:59:56 +02:00
oliverpool 5d45545ca1 webhook deliver: keep Bearer prefix in history 2024-04-16 08:59:56 +02:00
oliverpool 36f05e6f4e webhook: sourcehut_builds: ask for access_token instead of authorization_header 2024-04-16 08:59:55 +02:00
Earl Warren 9a43c39d3e Merge pull request '[BUG] Use correct empty commit ID' (#3247) from gusted/forgejo-sha256-index into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3247
Reviewed-by: Gergely Nagy <algernon@noreply.codeberg.org>
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
2024-04-16 06:26:23 +00:00
Gusted eeaef556c2
[BUG] Use correct empty commit ID
- `RemoveFilesFromIndex` used an hardcoded empty commit ID for the SHA1
object format, this would result in an error if the repository was
initialized to use the sha256 object format. Get the object format of
the Git repository and use that to get the empty commit id.
- Adds unit test.
- Resolves #3184
2024-04-16 01:08:15 +02:00
Laura Hausmann 46977b0f01
Fix release published actions not triggering for releases created from existing tags 2024-04-15 22:53:53 +02:00
Jonathan Tran 7ff74a47c8
fix: Fix to delete cookie when AppSubURL is non-empty (#30375)
Cookies may exist on "/subpath" and "/subpath/" for some legacy reasons (eg: changed CookiePath behavior in code). The legacy cookie should be removed correctly.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Kyle D <kdumontnu@gmail.com>
(cherry picked from commit b18c04ebde94e23d97da4958173faea843d5344f)
2024-04-15 20:01:36 +02:00
silverwind bf933f5ca4
Add `interface{}` to `any` replacement to `make fmt`, exclude `*.pb.go` (#30461)
Since https://github.com/go-gitea/gitea/pull/25686, a few `interface{}`
have sneaked into the codebase. Add this replacement to `make fmt` to
prevent this from happening again.

Ideally a linter would do this, but I haven't found any suitable.

(cherry picked from commit c77e8140bc2ac6521dbebfb77613dce2648bfcb8)

Conflicts:
	- .gitattributes
	  Trivial conflict resolved by picking our choice of language
          for `*.tmpl` files.
2024-04-15 20:01:36 +02:00
Jason Song 982e9ce58f
Avoid losing token when updating mirror settings (#30429)
Fix #30416.

Before (it shows as "Unset" while there's a token):

<img width="980" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/d7148e3e-62c9-4d2e-942d-3d795b79515a">

After:

<img width="977" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/24aaa1db-5baa-4204-9081-470b15ea72b5">

The username shows as "oauth2" because of
f9fdac9809/services/migrations/dump.go (L99)

I have checked that all usage of `MirrorRemoteAddress` has been updated.

<img width="1806" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/2f042501-2824-4511-9203-c84a6731a02d">

However, it needs to be checked again when backporting.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit fd59cd9450cbd511ad4a0790bf51f8d5d2c18aa3)
2024-04-15 20:01:36 +02:00
yp05327 6cc141516b
Fix mirror error when mirror repo is empty (#30432)
Fix #30424

Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit b4d86912ef18c58e973ee10c4a3bc621e9bd6c52)
2024-04-15 20:01:36 +02:00
Kazushi (Jam) Marukawa 6513515555
Change the default maxPerPage for gitbucket (#30392)
This patch improves the migration from gitbucket to gitea.

The gitbucket uses it's own internal perPage value (= 25) for paging and
ignore per_page arguments in the requested URL. This cause gitea to
migrate only 25 issues and 25 PRs from gitbucket repository. This may
not happens on old gitbucket. But recent gitbucket 4.40 or 4.38.4 has
this problem.

This patch change to use this internally hardcoded perPage of gitbucket
as gitea's maxPerPage numer when migrating from gitbucket. There are
several perPage values in gitbucket like 25 for Isseus/PRs and 10 for
Releases. Some of those API doesn't support paging yet. It sounds
difficult to implement, but using the minimum number among them worked
out very well. So, I use 10 in this patch.

Brief descriptions of problems and this patch are also available in
https://github.com/go-gitea/gitea/issues/30316.

In addition, I'm not sure what kind of test cases are possible to write
here. It's a test for migration, so it requires testing gitbucket server
and gitea server, I guess. Please let me know if it is possible to write
such test cases here. Thanks!

(cherry picked from commit 7af074dbeebc3c863618992b43f84ec9e5ab9657)
2024-04-15 20:01:36 +02:00
yp05327 e74865caba
Avoid user does not exist error when detecting schedule actions when the commit author is an external user (#30357)
![image](https://github.com/go-gitea/gitea/assets/18380374/ddf6ee84-2242-49b9-b066-bd8429ba4d76)

When repo is a mirror, and commit author is an external user, then
`GetUserByEmail` will return error.

reproduce/test:
- mirror Gitea to your instance
- disable action and enable it again, this will trigger
`DetectAndHandleSchedules`

ps: also follow #24706, it only fixed normal runs, not scheduled runs.
(cherry picked from commit 96d31fe0a8b88c09488989cd5459d4124dcb7983)
2024-04-15 20:01:36 +02:00
Lunny Xiao f544bb25b5
Fix missed doer (#30231)
Fix #29879

Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 908426aa0fcc58961c345994f0f66056f6cf5f48)
2024-04-15 20:01:35 +02:00
wxiaoguang 9b8de15797
Clean up log messages (#30313)
`log.Xxx("%v")` is not ideal, this PR adds necessary context messages.
Remove some unnecessary logs.

Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 83f83019ef3471b847a300f0821499b3896ec987)

Conflicts:
	- modules/util/util.go
          Conflict resolved by picking `util.Iif` from 654cfd1dfbd3f3f1d94addee50b6fe2b018a49c3
2024-04-15 20:01:35 +02:00
0ko ceba1abe06 Merge pull request 'Improve English locale' (#2941) from 0ko/forgejo:english20240401 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2941
Reviewed-by: Otto <otto@codeberg.org>
2024-04-15 17:34:52 +00:00
Michael Kriese 36f4732e6a
fix(actions): call automerge service on successful commit state
- Backport of https://github.com/go-gitea/gitea/pull/30225
2024-04-15 16:17:45 +02:00
oliverpool 16879b07d2 [PORT] drop utils.IsExternalURL (and expand IsRiskyRedirectURL tests) (#3167)
Related to  #2773
Related to Refactor URL detection [gitea#29960](https://github.com/go-gitea/gitea/pull/29960)
Related to Refactor external URL detection [gitea#29973](https://github.com/go-gitea/gitea/pull/29973)

I added a bunch of tests to `httplib.TestIsRiskyRedirectURL` and some cases should be better handled (however it is not an easy task).

I also ported the removal of `utils.IsExternalURL`, since it prevents duplicated (subtle) code.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3167
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: oliverpool <git@olivier.pfad.fr>
Co-committed-by: oliverpool <git@olivier.pfad.fr>
2024-04-15 13:03:08 +00:00
Earl Warren c3e2c25359
fix(actions): the trigger user of a schedule is the action user
The user that caused the notification to re-evaluates the
schedules is not the one that will trigger the workflows. They are
background tasks that are authored by the action user (id -2).

Such a mis-assignment is problematic when the user that caused the
notification is deleted.

Fixes: https://codeberg.org/forgejo/forgejo/issues/3211
2024-04-14 12:53:20 +02:00
Earl Warren ad8a3ed2a1 Merge pull request 'Do not update PRs based on events that happened before they existed' (#2932) from earl-warren/forgejo:wip-superfluous into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2932
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
2024-04-11 12:07:07 +00:00
Gusted 4c8b67c4b2
[BUG] Store JSON in contributors commit cache
- The code that gets contributor stats tried to store an
`map[string]*ContributorData` type in the cache, this works for the
memory cache but not for other caches such as Redis.
- The cache implementation for Redis would convert this map via
`fmt.Sprintf` to an string, which would simply print the pointer and not
the value of the pointer. Storing pointers is a no-go as this will get
GC-ed eventually within a few minutes. Therefore store everything with
json, that does properly store the value of the pointers.
- Adds unit test that verifies JSON is being used.
- Resolves https://codeberg.org/forgejo/forgejo/issues/3158
2024-04-11 13:01:33 +02:00