* Use mount but not register for chi routes
* Fix test
* Fix test
* Fix test
* Fix comment
* turn back unnecessary change
* Remove the timout middleware since some operations may spend much time.
* CSS color variables, less bold font weight
- Define color variables for fully saturated colors and apply them where
it made sense
- Add background color helper classes
- Globally reduce bold font weight from 700 to 500
- Remove border from timeline icons
- Unify dropzone styling
- Various border style consolidations
* attempt to fix test
* another attempt at tests
* fix contains
* Improve error feedback for duplicate deploy keys
Instead of a generic HTTP 500 error page, a flash message is rendered
with the deploy key page template so inform the user that a key with the
intended title already exists.
* API returns 422 error when key with name exists
* Add email validity checking
Add email validity checking for the following routes:
[Web interface]
1. User registration
2. User creation by admin
3. Adding an email through user settings
[API]
1. POST /admin/users
2. PATCH /admin/users/:username
3. POST /user/emails
* Add further tests
* Add signup email tests
* Add email validity check for linking existing account
* Address PR comments
* Remove unneeded DB session
* Move email check to updateUser
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Make archival asynchronous
The prime benefit being sought here is for large archives to not
clog up the rendering process and cause unsightly proxy timeouts.
As a secondary benefit, archive-in-progress is moved out of the
way into a /tmp file so that new archival requests for the same
commit will not get fulfilled based on an archive that isn't yet
finished.
This asynchronous system is fairly primitive; request comes in, we'll
spawn off a new goroutine to handle it, then we'll mark it as done.
Status requests will see if the file exists in the final location,
and report the archival as done when it exists.
Fixes#11265
* Archive links: drop initial delay to three-quarters of a second
Some, or perhaps even most, archives will not take all that long to archive.
The archive process starts as soon as the download button is initially
clicked, so in theory they could be done quite quickly. Drop the initial
delay down to three-quarters of a second to make it more responsive in the
common case of the archive being quickly created.
* archiver: restructure a little bit to facilitate testing
This introduces two sync.Cond pointers to the archiver package. If they're
non-nil when we go to process a request, we'll wait until signalled (at all)
to proceed. The tests will then create the sync.Cond so that it can signal
at-will and sanity-check the state of the queue at different phases.
The author believes that nil-checking these two sync.Cond pointers on every
archive processing will introduce minimal overhead with no impact on
maintainability.
* gofmt nit: no space around binary + operator
* services: archiver: appease golangci-lint, lock queueMutex
Locking/unlocking the queueMutex is allowed, but not required, for
Cond.Signal() and Cond.Broadcast(). The magic at play here is just a little
too much for golangci-lint, as we take the address of queueMutex and this is
mostly used in archiver.go; the variable still gets flagged as unused.
* archiver: tests: fix several timing nits
Once we've signaled a cond var, it may take some small amount of time for
the goroutines released to hit the spot we're wanting them to be at. Give
them an appropriate amount of time.
* archiver: tests: no underscore in var name, ungh
* archiver: tests: Test* is run in a separate context than TestMain
We must setup the mutex/cond variables at the beginning of any test that's
going to use it, or else these will be nil when the test is actually ran.
* archiver: tests: hopefully final tweak
Things got shuffled around such that we carefully build up and release
requests from the queue, so we can validate the state of the queue at each
step. Fix some assertions that no longer hold true as fallout.
* repo: Download: restore some semblance of previous behavior
When archival was made async, the GET endpoint was only useful if a previous
POST had initiated the download. This commit restores the previous behavior,
to an extent; we'll now submit the archive request there and return a
"202 Accepted" to indicate that it's processing if we didn't manage to
complete the request within ~2 seconds of submission.
This lets a client directly GET the archive, and gives them some indication
that they may attempt to GET it again at a later time.
* archiver: tests: simplify a bit further
We don't need to risk failure and use time.ParseDuration to get 2 *
time.Second.
else if isn't really necessary if the conditions are simple enough and lead
to the same result.
* archiver: tests: resolve potential source of flakiness
Increase all timeouts to 10 seconds; these aren't hard-coded sleeps, so
there's no guarantee we'll actually take that long. If we need longer to
not have a false-positive, then so be it.
While here, various assert.{Not,}Equal arguments are flipped around so that
the wording in error output reflects reality, where the expected argument is
second and actual third.
* archiver: setup infrastructure for notifying consumers of completion
This API will *not* allow consumers to subscribe to specific requests being
completed, just *any* request being completed. The caller is responsible for
determining if their request is satisfied and waiting again if needed.
* repo: archive: make GET endpoint synchronous again
If the request isn't complete, this endpoint will now submit the request and
wait for completion using the new API. This may still be susceptible to
timeouts for larger repos, but other endpoints now exist that the web
interface will use to negotiate its way through larger archive processes.
* archiver: tests: amend test to include WaitForCompletion()
This is a trivial one, so go ahead and include it.
* archiver: tests: fix test by calling NewContext()
The mutex is otherwise uninitialized, so we need to ensure that we're
actually initializing it if we plan to test it.
* archiver: tests: integrate new WaitForCompletion a little better
We can use this to wait for archives to come in, rather than spinning and
hoping with a timeout.
* archiver: tests: combine numQueued declaration with next-instruction assignment
* routers: repo: reap unused archiving flag from DownloadStatus()
This had some planned usage before, indicating whether this request
initiated the archival process or not. After several rounds of refactoring,
this use was deemed not necessary for much of anything and got boiled down
to !complete in all cases.
* services: archiver: restructure to use a channel
We now offer two forms of waiting for a request:
- WaitForCompletion: wait for completion with no timeout
- TimedWaitForCompletion: wait for completion with timeout
In both cases, we wait for the given request's cchan to close; in the latter
case, we do so with the caller-provided timeout. This completely removes the
need for busy-wait loops in Download/InitiateDownload, as it's fairly clean
to wait on a channel with timeout.
* services: archiver: use defer to unlock now that we can
This previously carried the lock into the goroutine, but an intermediate
step just added the request to archiveInProgress outside of the new
goroutine and removed the need for the goroutine to start out with it.
* Revert "archiver: tests: combine numQueued declaration with next-instruction assignment"
This reverts commit bcc5214023.
Revert "archiver: tests: integrate new WaitForCompletion a little better"
This reverts commit 9fc8bedb56.
Revert "archiver: tests: fix test by calling NewContext()"
This reverts commit 709c35685e.
Revert "archiver: tests: amend test to include WaitForCompletion()"
This reverts commit 75261f56bc.
* archiver: tests: first attempt at WaitForCompletion() tests
* archiver: tests: slight improvement, less busy-loop
Just wait for the requests to complete in order, instead of busy-waiting
with a timeout. This is slightly less fragile.
While here, reverse the arguments of a nearby assert.Equal() so that
expected/actual are correct in any test output.
* archiver: address lint nits
* services: archiver: only close the channel once
* services: archiver: use a struct{} for the wait channel
This makes it obvious that the channel is only being used as a signal,
rather than anything useful being piped through it.
* archiver: tests: fix expectations
Move the close of the channel into doArchive() itself; notably, before these
goroutines move on to waiting on the Release cond.
The tests are adjusted to reflect that we can't WaitForCompletion() after
they've already completed, as WaitForCompletion() doesn't indicate that
they've been released from the queue yet.
* archiver: tests: set cchan to nil for comparison
* archiver: move ctx.Error's back into the route handlers
We shouldn't be setting this in a service, we should just be validating the
request that we were handed.
* services: archiver: use regex to match a hash
This makes sure we don't try and use refName as a hash when it's clearly not
one, e.g. heads/pull/foo.
* routers: repo: remove the weird /archive/status endpoint
We don't need to do this anymore, we can just continue POSTing to the
archive/* endpoint until we're told the download's complete. This avoids a
potential naming conflict, where a ref could start with "status/"
* archiver: tests: bump reasonable timeout to 15s
* archiver: tests: actually release timedReq
* archiver: tests: run through inFlight instead of manually checking
While we're here, add a test for manually re-processing an archive that's
already been complete. Re-open the channel and mark it incomplete, so that
doArchive can just mark it complete again.
* initArchiveLinks: prevent default behavior from clicking
* archiver: alias gitea's context, golang context import pending
* archiver: simplify logic, just reconstruct slices
While the previous logic was perhaps slightly more efficient, the
new variant's readability is much improved.
* archiver: don't block shutdown on waiting for archive
The technique established launches a goroutine to do the wait,
which will close a wait channel upon termination. For the timeout
case, we also send back a value indicating whether the timeout was
hit or not.
The timeouts are expected to be relatively small, but still a multi-
second delay to shutdown due to this could be unfortunate.
* archiver: simplify shutdown logic
We can just grab the shutdown channel from the graceful manager instead of
constructing a channel to halt the caller and/or pass a result back.
* Style issues
* Fix mis-merge
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
* Fix minio bug
* Add tests for storage configuration
* Change the Seek flag to keep compitable minio?
* Fix test when first-byte-pos of all ranges is greater than the resource length
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Remove obsolete change of email on profile page
The change email on the account profile page is out-of-date
and unnecessary.
Changing email should be done using the account page.
Fix#13336
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Avatar support minio
* Support repo avatar minio storage
* Add missing migration
* Fix bug
* Fix test
* Add test for minio store type on avatars and repo avatars; Add documents
* Fix bug
* Fix bug
* Add back missed avatar link method
* refactor codes
* Simplify the codes
* Code improvements
* Fix lint
* Fix test mysql
* Fix test mysql
* Fix test mysql
* Fix settings
* Fix test
* fix test
* Fix bug
* Disable DSA ssh keys by default
OpenSSH has disabled DSA keys since version 7.0
As the docker runs openssh > v7.0 we should just disable
DSA keys by default.
Refers to #11417
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Just disable DSA keys by default
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Appears we need to set the minimum key sizes too
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Appears we need to set the minimum key sizes too
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove DSA type
* Fix Tests
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
* Completely quote AppPath and CustomConf paths
Properly handle spaces in AppPath and CustomConf within hooks and
authorized_keys. Unfortunately here we don't seem to be able to get away
with using go-shellquote as it appears that Windows doesn't play too
well with singlequote quoting - therefore we will avoid singlequote
quoting unless we absolutely cannot get away without it, e.g. \n or !.
Fix#10813
Signed-off-by: Andrew Thornton <art27@cantab.net>
* missing change
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix Test_CmdKeys
Signed-off-by: Andrew Thornton <art27@cantab.net>
* move GitCommit to APIFormat convertion into convert package
* rename Commit convert functions
* move stopwatch to api convertion into convert package & rm unused code & extend test
* fix compare time
* Gitea not Gogs ;)
* git blame tells me a lot of gitea things happen here around 2018, add header
* move user code int its own file
* expose user id
* adopt things from APIFormat
* fix test
* CI.restart()
There's no need to keep repeatedly running SetEngine in migration_test,
as NewEngine calls it anyway.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix test
* Add no queue for test only
* improve code
* Auto watch whatever branch operation
* Fix lint
* Rename noqueue to immediate
* Remove old PushUpdate function
* Fix tests
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Rather than rely on the user running the gitea server and db setting the
schema search_path correctly - if gitea is run with a schema we should
simply set the search_path to have that schema first in the path.
Fix#12505
Signed-off-by: Andrew Thornton <art27@cantab.net>
* use different structs for MigrateRepoOptions on UI and API
* Fix TokenAuth and rename UID to an understandable Name
* fix swagger doc
* simplify & mk redable
* R E F A C T O R:
migration has now internal 3 structs to store its options:
* the Options for WebUI: modules/auth/repo_form.go
* the Options for API: modules/structs/repo.go
* the option struct with after validation for internal prossessing: modules/migrations/base/options.go
* Copyright Header
* Deprecate UID - add RepoOwner
* adopt repo.go -> migrate.go
* add comment about each struct purpose
* lint
* LFS support to be stored on minio
* Fix test
* Fix lint
* Fix lint
* Fix check
* Fix test
* Update documents and add migration for LFS
* Fix some bugs
Provides new command: `gitea doctor recreate-table` which will recreate
db tables and copy the old data in to the new table.
This function can be used to remove the old warning of struct defaults being
out of date.
Fix#8868Fix#3265Fix#8894
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add a storage layer for attachments
* Fix some bug
* fix test
* Fix copyright head and lint
* Fix bug
* Add setting for minio and flags for migrate-storage
* Add documents
* fix lint
* Add test for minio store type on attachments
* fix test
* fix test
* Apply suggestions from code review
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Add warning when storage migrated successfully
* Fix drone
* fix test
* rebase
* Fix test
* display the error on console
* Move minio test to amd64 since minio docker don't support arm64
* refactor the codes
* add trace
* Fix test
* remove log on xorm
* Fi download bug
* Add a storage layer for attachments
* Add setting for minio and flags for migrate-storage
* fix lint
* Add test for minio store type on attachments
* Apply suggestions from code review
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Fix drone
* fix test
* Fix test
* display the error on console
* Move minio test to amd64 since minio docker don't support arm64
* refactor the codes
* add trace
* Fix test
* Add URL function to serve attachments directly from S3/Minio
* Add ability to enable/disable redirection in attachment configuration
* Fix typo
* Add a storage layer for attachments
* Add setting for minio and flags for migrate-storage
* fix lint
* Add test for minio store type on attachments
* Apply suggestions from code review
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Fix drone
* fix test
* Fix test
* display the error on console
* Move minio test to amd64 since minio docker don't support arm64
* don't change unrelated files
* Fix lint
* Fix build
* update go.mod and go.sum
* Use github.com/minio/minio-go/v6
* Remove unused function
* Upgrade minio to v7 and some other improvements
* fix lint
* Fix go mod
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Tyler <tystuyfzand@gmail.com>
Replace all calls to os.Remove/os.RemoveAll by retrying util.Remove/util.RemoveAll and remove circular dependencies from util.
Fix#12339
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
* Update Octicons to v10
Besides a few renames, these icons are no longer present in v10 that we've
used, so had to change:
file-symlink-directory -> file-submodule
internal-repo -> repo
repo-force-push -> repo-push
repo-template-private -> repo-template
Fixes: https://github.com/go-gitea/gitea/issues/11889
Ref: https://github.com/primer/octicons/releases/tag/v10.0.0
* add custom sliders svg for removed octicon-settings
* apply suggestion
* fix triangles and use play on admin dashboard
* add custom mirror svg
* add missing build files
* unify custom svgs
* move to octicon-repo-clone to gitea-mirror
* use octicon-x on conflicts
* tweak timeline icons
* tweak comment buttons
* update settings icon to octicons v1
* switch to octicon-mirror and octicon-tools
* replace two wiki buttons with octicons
* remove whitespace in svg sources
* Fix filepath basename on Windows for SVG bindata (#12241)
* move octicons to devDependencies
* move back to dependencies
* move svgo to devDependencies again
Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Extend notifications API and return pinned notifications in notifications list
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix swagger
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix swagger again
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix test
Signed-off-by: Andrew Thornton <art27@cantab.net>
* remove spurious debugs
* as per @6543
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update models/notification.go
* as per @6543
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Make LogDescriptions race safe
* Add manager commands for pausing, resuming, adding and removing loggers
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Placate lint
* Ensure that file logger is run!
* Add support for smtp and conn
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add release-and-reopen
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
* move Setting function into its own package
* swagger add&use new section "settings"
* move api AllowedReactions into general UI-Settings endpoint
* prepare TEST
* lint
* Add comment on non-unicode line to force fail
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Just quote/unquote patch
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add automatic JS license generation
Removed librejs file and replaced it with a plaintext file that is built
from all JS dependencies that are included in the webpack build. It does
not cover the few remaining statically vendored files and fomantic is
added manually because it's not yet in the webpack build process.
Fixes: https://github.com/go-gitea/gitea/issues/11630
* fix lint
* remove jslicense, we're not librejs compatible any more
* remove license.txt test as it depens on absent files
* small optimization
* trailing comma
* localize and capitalize the word 'licenses'
* reduce text to just 'Licenses'
Co-authored-by: Lauris BH <lauris@nix.lv>
* Handle more pathological branch and tag names
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix failing test
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* API allow to create closed milestones
* set CloseDate too
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Honor DEFAULT_PAGING_NUM for API
* set pagination to 10 for tests
* lint
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add hide activity option
This closes https://github.com/go-gitea/gitea/issues/7927
* Adjust for linter
* Adjust for linter
* Add tests
* Remove info that admins can view the activity
* Adjust new tests for linter
* Rename v139.go to v140.go
* Rename v140.go to v141.go
* properly indent
* gofmt
Co-authored-by: Jonas Lochmann <git@inkompetenz.org>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Some integration test data is being put outside of the integration test folders which means it isn't deleted properly with make clean. Update config so it works as expected.
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* [FEATURE] [API] Add Endpoint for Branch Creation
Issue: https://github.com/go-gitea/gitea/issues/11376
This commit introduces an API endpoint for branch creation.
The added route is POST /repos/{owner}/{repo}/branches.
A JSON with the name of the new branch and the name of the old branch is
required as parameters.
Signed-off-by: Terence Le Huu Phuong <terence@qwasar.io>
* Put all the logic into CreateBranch and removed CreateRepoBranch
* - Added the error ErrBranchDoesNotExist in error.go
- Made the CreateNewBranch function return an errBranchDoesNotExist error
when the OldBranch does not exist
- Made the CreateBranch API function checks that the repository is not
empty and that branch exists.
* - Added a resetFixtures helper function in integration_test.go to
fine-tune test env resetting
- Added api test for CreateBranch
- Used resetFixture instead of the more general prepareTestEnv in the
repo_branch_test CreateBranch tests
* Moved the resetFixtures call inside the loop for APICreateBranch function
* Put the prepareTestEnv back in repo_branch_test
* fix import order/sort api branch test
Co-authored-by: zeripath <art27@cantab.net>
* Refactor Cron and merge dashboard tasks
* Merge Cron and Dashboard tasks
* Make every cron task report a system notice on completion
* Refactor the creation of these tasks
* Ensure that execution counts of tasks is correct
* Allow cron tasks to be started from the cron page
* golangci-lint fixes
* Enforce that only one task with the same name can be registered
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix name check
Signed-off-by: Andrew Thornton <art27@cantab.net>
* as per @guillep2k
* as per @lafriks
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add git.CommandContext variants
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Correctly set the organization num repos
Correctly set the organization num repos to the number of
accessible repos for the user
Fix#11194
Signed-off-by: Andrew Thornton <art27@cantab.net>
* as per @lunny
Signed-off-by: Andrew Thornton <art27@cantab.net>
* attempt to fix mssql
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update models/user.go
* Explicit columns
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add test and fix 0 counted orgs
Signed-off-by: Andrew Thornton <art27@cantab.net>
* remove orgname from api
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Allow Git ref for /repos/{owner}/{repo}/git/commits/{sha}
* Consolidate API for getting single commit
* Fix tests and do it differently
Co-authored-by: zeripath <art27@cantab.net>
* Initial support of end Range header option in lfs
* Allow end range option to be unspecified
* Declare toByte for consistency
* Factor out content encoding tests from doLfs
This is so Range tests could still use doLfs but without repeating
not related tests
* Add Range header test
* implemented extraHeader
* parametrized expectedStatus
* Add more test cases of Range header
* Fix S1030: should use resp.Body.String()
* Add more tests for edge cases
* Fix tests
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
Reduce the code duplication in the PushCreate test and switch
to a declarative format.
* Instead of explicitly creating the repository re-use functions from the other declarative tests and add comments
* Ensure that the test repository is deleted at the end of test
* Slightly reorder the sub-tests
Also reduce the code duplication in MergeFork and add some comments there too and make doGitCloneFail be self-contained.
Signed-off-by: Andrew Thornton art27@cantab.net
* switch to use pseudorandom generator and stop cloning in pushcreate
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add some logging of BranchProtectPRMerge
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Stop running prepareTestEnv so often for TestAPIGetBranch
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add option to use /tmp for test repositories
* Fix exit status
* Add feedback about using tmp repos
Co-authored-by: Guillermo Prandi <guillep2k@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* use same process as in routers/repo/branch.go/deleteBranch
* make sure default branch can not be deleted
* remove IsDefaultBranch from UI process - it is worth its own pull
* permissions
* Cache PullRequest Divergence
* only re-calc divergence if AddTestPullRequestTask() is exec
* migrate already open pulls
* finalize
* take care of closed¬-merged+deleted-branch pull requests
* fix nil pointer exeption
Signed-off-by: 6543 <6543@obermui.de>
* try this
* no error its a warn
* init gitea-repositories-meta
* dont use gitDivergence type
* CI.restart()
* CI.restart()
* CI.restart()
* CI.restart()
* check IsUserAllowedToUpdate independend from CommitsBehind
* make sure duplicate token names cannot be used
* add check to api routes too
* add @lunny s suggestion
* fix & don't forget User.ID
* AccessTokenByNameExists() return error too
* unique token for each test
* fix lint
Signed-off-by: 6543 <6543@obermui.de>
Co-authored-by: Lanre Adelowo <yo@lanre.wtf>
Add api methods for getting and updating user oauth2 applications.
Signed-off-by: Dan Molik <dan@danmolik.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* remove a user from being assigned to any issue/PR if (s)he is removed as a collaborator
* fix gender specific comment
* do not remove users that still have access to the repo if they are a member of a team that can access the repo
* add context to errors
* updates
* incorporate review fixes
* Update models/repo_collaboration.go
Co-Authored-By: 6543 <6543@obermui.de>
* Update models/repo_collaboration.go
Co-Authored-By: 6543 <6543@obermui.de>
* Fix Rebase Relict
* Fix & Impruve
* use xorm builder
* all in one session
* generalize reconsiderIssueAssignees
* Only Unwatch if have no access anymore
* prepare for reuse
* Same things if remove User from Team
* fix lint
* let mysql take time to react
* add description
* CI.restart()
* CI.restart()
Co-authored-by: Lanre Adelowo <yo@lanre.wtf>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
* Generate Diff and Patch direct from Pull head
Fix#10932
Also fix "Empty Diff/Patch File when pull is merged"
Closes#10934
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add tests to ensure that diff does not change
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Ensure diffs and pulls pages work if head branch is deleted too
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add organization wide labels
Implement organization wide labels similar to organization wide
webhooks. This lets you create individual labels for organizations that can be used
for all repos under that organization (so being able to reuse the same
label across multiple repos).
This makes it possible for small organizations with many repos to use
labels effectively.
Fixes#7406
* Add migration
* remove comments
* fix tests
* Update options/locale/locale_en-US.ini
Removed unused translation string
* show org labels in issue search label filter
* Use more clear var name
* rename migration after merge from master
* comment typo
* update migration again after rebase with master
* check for orgID <=0 per guillep2k review
* fmt
* Apply suggestions from code review
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* remove unused code
* Make sure RepoID is 0 when searching orgID per code review
* more changes/code review requests
* More descriptive translation var per code review
* func description/delete comment when issue label deleted instead of hiding it
* remove comment
* only use issues in that repo when calculating number of open issues for org label on repo label page
* Add integration test for IssuesSearch API with labels
* remove unused function
* Update models/issue_label.go
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Use subquery in GetLabelIDsInReposByNames
* Fix tests to use correct orgID
* fix more tests
* IssuesSearch api now uses new BuildLabelNamesIssueIDsCondition. Add a few more tests as well
* update comment for clarity
* Revert previous code change now that we can use the new BuildLabelNamesIssueIDsCondition
* Don't sort repos by date in IssuesSearch API
After much debugging I've found a strange issue where in some cases MySQL will return a different result than other enigines if a query is sorted by a null collumn. For example with our integration test data where we don't set updated_unix in repository fixtures:
SELECT `id`, `owner_id`, `owner_name`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` ORDER BY updated_unix DESC LIMIT 15 OFFSET 45
Returns different results for MySQL than other engines. However, the similar query:
SELECT `id`, `owner_id`, `owner_name`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` ORDER BY updated_unix DESC LIMIT 15 OFFSET 30
Returns the same results.
This causes integration tests to fail on MySQL in certain cases but would never show up in a real installation. Since this API call always returns issues based on the optionally provided repo_priority_id or the issueID itself, there is no change to results by changing the repo sorting method used to get ids earlier in the function.
* linter is back!
* code review
* remove now unused option
* Fix newline at end of files
* more unused code
* update to master
* check for matching ids before query
* Update models/issue_label.go
Co-Authored-By: 6543 <6543@obermui.de>
* Update models/issue_label.go
* update comments
* Update routers/org/setting.go
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: 6543 <6543@obermui.de>
* add API endpoint to create OAuth2 Application.
* move endpoint to /user. Add swagger documentations and proper response type.
* change json tags to snake_case. add CreateOAuth2ApplicationOptions to swagger docs.
* change response status to Created (201)
* add methods to list OAuth2 apps and delete an existing OAuth2 app by ID.
* add APIFormat convert method and file header
* fixed header
* hide secret on oauth2 application list
* add Created time to API response
* add API integration tests for create/list/delete OAuth2 applications.
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* refactor
* optimize
* remove Iretating function
LoadWatchUsers do not load Users into IW object and it is used only in api ... so move this logic
* remove unessesary
* Apply suggestions from code review
Thx
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* make Tests more robust
* fix rebase
* restart CI
* CI no dont hit sqlites deadlock
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Change action GETs to POST
* submite = submit + smite
* No more # href
* Fix test
* Match other tests
* Explicit csrf
Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
If you attempt to merge to a branch which on a PR there will be a nil pointer error in the pull request checker.
This panic is uncaught and will bring down the gitea server.
This PR adds protection to prevent this.
* Add fixture gen tool and fix "access" test
* Close file before exiting
* Add missing repo_unit for repo id: 5
* Fix count on TestAPIOrgRepos
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* add API branch protection endpoint
* lint
* Change to use team names instead of ids.
* Status codes.
* fix
* Fix
* Add new branch protection options (BlockOnRejectedReviews, DismissStaleApprovals, RequireSignedCommits)
* Do xorm query directly
* fix xorm GetUserNamesByIDs
* Add some tests
* Improved GetTeamNamesByID
* http status created for CreateBranchProtection
* Correct status code in integration test
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
* Implementation for calculating language statistics
Impement saving code language statistics to database
Implement rendering langauge stats
Add primary laguage to show in repository list
Implement repository stats indexer queue
Add indexer test
Refactor to use queue module
* Do not timeout for queues
* Only check for merging if the PR has not been merged in the interim
* fixup! Only check for merging if the PR has not been merged in the interim
* Try to fix test failure
* Use PR2 not PR1 in tests as PR1 merges automatically
* return already merged error
* enforce locking
* enforce locking - fix-test
* enforce locking - fix-testx2
* enforce locking - fix-testx3
* move pullrequest checking to after merge
This might improve the chance that the race does not affect us but does not prevent it.
* Remove minor race with getting merge commit id
* fixup
* move check pr after merge
* Remove unnecessary prepareTestEnv - onGiteaRun does this for us
* Add information about when merging occuring
* fix fmt
* More logging
* Attempt to fix mysql
* Try MySQL fix again
* try again
* Try again?!
* Try again?!
* Sigh
* remove the count - perhaps that will help
* next remove the update id
* next remove the update id - make it updated_unix instead
* On failure to merge ensure that the pr is rechecked for conflict errors
* On failure to merge ensure that the pr is rechecked for conflict errors
* Update models/pull.go
* Update models/pull.go
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Apply suggestions from code review
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Cache last commit to accelerate the repository directory page visit
* Default use default cache configuration
* add tests for last commit cache
* Simplify last commit cache
* Revert Enabled back
* Change the last commit cache default ttl to 8760h
* Fix test
* Make WorkerPools and Queues flushable
Adds Flush methods to Queues and the WorkerPool
Further abstracts the WorkerPool
Adds a final step to Flush the queues in the defer from PrintCurrentTest
Fixes an issue with Settings inheritance in queues
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Change to for loop
* Add IsEmpty and begin just making the queues composed WorkerPools
* subsume workerpool into the queues and create a flushable interface
* Add manager command
* Move flushall to queue.Manager and add to testlogger
* As per @guillep2k
* as per @guillep2k
* Just make queues all implement flushable and clean up the wrapped queue flushes
* cope with no timeout
Co-authored-by: Lauris BH <lauris@nix.lv>
* fix pull view when head repository or head branch missed and close related pull requests when delete branch
* fix pull view broken when head repository deleted
* close pull requests when head repositories deleted
* Add tests for broken pull request head repository or branch
* fix typo
* ignore special error when close pull request
Co-authored-by: Lauris BH <lauris@nix.lv>
* Fix wrong hint when status checking is running on pull request view
* fix lint
* fix test
* fix test
* fix wrong tmpl
* fix import
* rename function name
* Add support for database schema
* Require setting search_path for the db user
* Add schema setting to admin/config.tmpl
* Use a schema different from default for psql tests
* Update postgres scripts to use custom schema
* Update to xorm/core 0.7.3 and xorm/xorm c37aff9b3a
* Fix migration test
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* introduce GET /notifications/new
* add TEST
* use Sprintf instead of path.Join
* Error more verbose
* return number of notifications if unreaded exist
* 200 http status for available notifications
* add "before" query to ListIssueComments and ListRepoIssueComments
* Add TEST
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
* introduce `GET /orgs`
* add TEST
* show also other VisibleType's
* update description
* refactor a lot
* SearchUserOptions by default return only public
* API: orgEditTeam make Fields optional
* add TestCase
* Update integrations/api_team_test.go
* suggestions from lafriks
use len() to check if string is empty
Co-Authored-By: Lauris BH <lauris@nix.lv>
* change ...
* use Where not ID to get mssql
* add return and code format
* fix test
* fix test ... null pointer exept
* update specific colums
* only specific colums too
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Once a branch has been merged if the commit ID no longer equals that of
the pulls ref commit id don't offer to delete the branch on the pull screen
and don't list it as merged on branches.
Fix#9201
When looking at the pull page we should also get the commits from the refs/pulls/x/head
Fix#9158
* test: add current attachement responses
* refactor: check if attachement is linked and accessible by user
* chore: clean TODO
* fix: typo attachement -> attachment
* revert un-needed go.sum change
* refactor: move models logic to models
* fix TestCreateIssueAttachment which was wrongly successful
* fix unit tests with unittype added
* fix unit tests with changes
* use a valid uuid format for pgsql int. test
* test: add unit test TestLinkedRepository
* refactor: allow uploader to access unlinked attachement
* add missing blank line
* refactor: move to a separate function repo.GetAttachment
* typo
* test: remove err test return
* refactor: use repo perm for access checking generally + 404 for all reject
* dont insert "-1" in any case to issue.poster_id
* Make sure API cant override importand fields
* code format
* fix lint
* WIP test
* add missing poster_id
* fix test
* user.IsGhost handle nil
* CI.restart()
* make sure no -1 is realy added
* CI.restart()
* @lunny suggestion remove some not allowed fields
* seperate issue.LoadMilestone
* load milestone and return it on IssueEdit via API
* extend Test for TestAPIEditIssue
* fix fixtures
* declare allowedColumnsUpdateIssueByAPI only once
* Update Year
* no var just write id drecty into func cal
Co-authored-by: Lauris BH <lauris@nix.lv>
* remove since it is there for 3years
* fix 500 error for ghost avatar
* dont insert "-1" in any case to issue.poster_id
* fix lint
* Test: ghost avatar link
* fix test
* Revert "remove since it is there for 3years"
This reverts commit fd9ad05159.
* Revert "dont insert "-1" in any case to issue.poster_id"
This reverts commit 05469ab6d8.
Co-authored-by: zeripath <art27@cantab.net>
* Fix the intermittent TestGPGGit failures
Reattempt to open the listener if the port is busy with a delay up to a second
Switch from generating a private key each time, just use a known good key
* Change graceful to use a singleton obtained through GetManager instead of a global.
* Graceful: Make TestPullRequests shutdownable
* Graceful: Make the cron tasks graceful
* Graceful: AddTestPullRequest run in graceful ctx
* Graceful: SyncMirrors shutdown
* Graceful: SetDefaultContext for Xorm to be HammerContext
* Avoid starting graceful for migrate commands and checkout
* Graceful: DeliverHooks now can be shutdown
* Fix multiple syncing errors in modules/sync/UniqueQueue & Make UniqueQueue closable
* Begin the process of making the repo indexer shutdown gracefully
* Refactor
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Add push-create to SSH serv
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Cannot push for another user unless admin
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Get owner in case admin pushes for another user
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Set new repo ID in result
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Update to service and use new org perms
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Move pushCreateRepo to services
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Fix import order
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Changes for @guillep2k
* Check owner (not user) in SSH
* Add basic tests for created repos (private, not empty)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Save patches to temporary files
* Remove SavePatch and generate patches on the fly
* Use ioutil.TempDir
* fixup! Use ioutil.TempDir
* fixup! fixup! Use ioutil.TempDir
* RemoveAll LocalCopyPath() in initIntergrationTest
* Default to status checking on PR creation
* Remove unnecessary set to StatusChecking
* Protect against unable to load repo
* Handle conflicts
* Restore original conflict setting
* In TestPullRequests update status to StatusChecking before running TestPatch
* reject reactions wich ar not allowed
* dont duble check CreateReaction now throw ErrForbiddenIssueReaction
* add /repos/{owner}/{repo}/issues/comments/{id}/reactions endpoint
* add Find Functions
* fix some swagger stuff + add issue reaction endpoints + GET ReactionList now use FindReactions...
* explicite Issue Only Reaction for FindReactionsOptions with "-1" commentID
* load issue; load user ...
* return error again
* swagger def canged after LINT
* check if user has ben loaded
* add Tests
* better way of comparing results
* add suggestion
* use different issue for test
(dont interfear with integration test)
* test dont compare Location on timeCompare
* TEST: add forbidden dubble add
* add comments in code to explain
* add settings.UI.ReactionsMap
so if !setting.UI.ReactionsMap[opts.Type] works
* Possibility to not use whitelist but allow anyone with write access
* fix existing test
* rename migration function
* Try to give a better name for migration step
* Clear settings if higher level setting is not set
* Move official reviews to db instead of counting approvals each time
* migration
* fix
* fix migration
* fix migration
* Remove NOT NULL from EnableWhitelist as migration isn't possible
* Fix migration, reviews are connected to issues.
* Fix SQL query issues in GetReviewersByPullID.
* Simplify function GetReviewersByIssueID
* Handle reviewers that has been deleted
* Ensure reviews for test is in a well defined order
* Only clear and set official reviews when it is an approve or reject.
* Make repository list @ issues/PR page persist
Will partially fix#6355
* Enable multiple selections in repo list @ issues/PR page
Part of issue #6355
* Add RepoIDs to UserIssueStatsOptions to make "type" count correct when selecting one/multiple repos.
* Replace variable "repo" with list "repos[]" and enable multiple selections of repositories from list by including/excluding RepoIDs in list.
*
* Remove redundant code
* Add 'All' button
Improves functionality of the page, so that backtracking is not necessary to reset the page
* Remove redundant variable
Completely replace 'RepoID' with 'RepoIDs' and remove redundant code
* Add RepoIDs to label link
* Revert part of code to previous version to troubleshoot build failure
* Implement old and new pieces of code whilst adhering to multi select
* Attempt to join the two versions
Last commit passed tests but doesn't work in practice, this works in practice and hopefully passes the tests.
* Update tests to desired state
* Fix pagination implementation and tests
* Pass repoIDs as `repos=[1,2,3...]` instead of several `repos[]=..`
* Update tests file to reflect new functionality
* Update template with new `repos` format
* Implement new solution to show constant "total issues" count for "All" button
* Correct behavior when passing zero to array
* Comment out test url returning 404
This keeps returning 404 in the test despite working in practice, for the sake of running more tests I am commenting it out
* Comment out another test url returning 404
Last attempt, if more tests crash I will uncomment the urls and request assistance.
* Reenable tests and test fix
* Re-enable tests
* Make selecting "In your repositories" reset selection as passing IDs of repos belonging to other profiles causes breakage
* Remove unnecessary (with multi-selection enable) code
* Drop repo from repo map and total count if permission denied
* Remove extra parenthesis
* make template work again
* find bug!
* forgot the '#' at bugfixing
* delete unused RepoID
* compile regex only one time
* make fmt
* local variable = capital letter lower
* check if repos query pattern is correct
* pagination remove last , - make regex work again
* use Replace instead of ReplaceAll; del delete
* fix test
* how did this test binary got in?!?
dont forgot the "-p" at git add * !
* dont replace -> cut fisrt & last string
Co-Authored-By: zeripath <art27@cantab.net>
* jet another regex
dont mind as long as it has the same result and is performatn ...
Co-Authored-By: zeripath <art27@cantab.net>
* dont use nonexisting repo for test
* exclude /issues?type=created_by from test
* add table to querys
use same syntax in each query (table.colum)
* add new issue for test
* dont make a workaround or something else
this need a refactor itself and is out of scope for this PR
* fix misspell
* CI.redo()
* englisch txt update
Co-Authored-By: zeripath <art27@cantab.net>
* add sugestions
* Tweak & Fix
* CI.restart()
* add [ui] Reactions
* move contend check from form to go functions
* use else if
* check if reaction is allowed only on react
(so previous custom reaction can be still removed)
* use $.AllowedReactions in templates
* use ctx.Flash.Error
* use it there too
* add redirection
* back to server error
because a wrong reaction is a template issue ...
* add emoji list link
* add docs entry
* small wording nit
suggestions from @jolheiser - thx
* same reactions as github
* fix PR reactions
* handle error so template JS could check
* Add Integrations Test
* add REACTIONS setting to cheat-sheet doc page
* Yet another attempt to fix the race in gpg_git_test
* add some fail nows
* Need to set preparetestenv
* Ensure that http messages go to the correct server
* Add team permission setting to allow creating repo in organization.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add test case for creating repo when have team creation access.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* build error: should omit comparison to bool constant
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add comment on exported functions
* Fix fixture consistency, fix existing unit tests
* Fix boolean comparison in xorm query.
* addCollaborator and changeCollaborationAccessMode separate steps
More clear to use different if-cases.
* Create and commit xorm session
* fix
* Add information of create repo permission in team sidebar
* Add migration step
* Clarify that repository creator will be administrator.
* Fix some things after merge
* Fix language text that use html
* migrations file
* Create repository permission -> Create repositories
* fix merge
* fix review comments
In investigating #7947 it has become clear that the storage component of go-git repositories needs closing.
This PR adds this Close function and adds the Close functions as necessary.
In TransferOwnership the ctx.Repo.GitRepo is closed if it is open to help prevent the risk of multiple open files.
Fixes#7947
* Add support for AUTO_WATCH_ON_CHANGES and AUTO_WATCH_ON_CLONE
* Update models/repo_watch.go
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Round up changes suggested by lafriks
* Added changes suggested from automated tests
* Updated deleteUser to take RepoWatchModeDont into account, corrected inverted DefaultWatchOnClone and DefaultWatchOnChanges behaviour, updated and added tests.
* Reinsert import "github.com/Unknwon/com" on http.go
* Add migration for new column `watch`.`mode`
* Remove serv code
* Remove WATCH_ON_CLONE; use hooks, add integrations
* Renamed watch_test.go to repo_watch_test.go
* Correct fmt
* Add missing EOL
* Correct name of test function
* Reword cheat and ini descriptions
* Add update to migration to ensure column value
* Clarify comment
Co-Authored-By: zeripath <art27@cantab.net>
* Simplify if condition
There are two major components to this PR:
* This PR handles merge and rebase failures from merging a little more nicely with Flash errors rather a 500.
* All git commands are run in the LC_ALL="C" environment to ensure that error messages are in English. This DefaultLocale is defined in a way that if necessary (due to platform weirdness) it can be overridden at build time using LDFLAGS="-X "code.gitea.io/gitea/modules/git.DefaultLocale=C"" with C changed for the locale as necessary.
* Add field IsAllRepositories to team
* Add AllRepositories to team UI
* Manage team with access to all repositories
* Add field IsAllRepositories to team API
* put backticks around table/column names
* rename IsAllRepositories to IncludesAllRepositories
* do not reload slice if already loaded
* add repo to teams with access to all repositories when changing repo owner
* improve tests for teams with access to all repositories
* Merge branch 'master'
* Change code for adding all repositories
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* fmt after merge
* Change code in API EditTeam similar to EditTeamPost web interface
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Clarify that all repositories will be added
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* All repositories option under Permissions headline
* New setting group 'Repository access'
* Move check IncludeAllRepositories to removeRepository.
* Revert "Move check IncludeAllRepositories to removeRepository." and add comment instead.
This reverts commit 753b7d205b.
* Clarify help text what options do.
This PR fixes#7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however.
## Features
- [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.)
- [x] Verify commits signed with the default gpg as valid
- [x] Signer, Committer and Author can all be different
- [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon.
- [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available
- Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg
- [x] Try to match the default key with a user on gitea - this is done at verification time
- [x] Make things configurable?
- app.ini configuration done
- [x] when checking commits are signed need to check if they're actually verifiable too
- [x] Add documentation
I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
* Change tests to make it possible to run TestGit with 1.7.2
* Make merge run on 1.7.2
* Fix tracking and staging branch name problem
* Ensure that git 1.7.2 works on tests
* ensure that there is no chance for conflicts
* Fix-up missing merge issues
* Final rm
* Ensure LFS filters run on the tests
* Do not sign commits from temp repo
* Restore tracking fetch change
* Apply suggestions from code review
* Update modules/repofiles/temp_repo.go
* Add API for Repo Advanced Settings of wiki and issue tracker
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add some integration tests for tracker and wiki settings through API
* Should return StatusUnprocessableEntity in case of invalid API values.
* Add tests for invalid URLs for external tracker and wiki.
* Do not set inital values if they are default of type
* Make issue tracker and wiki units separate structures in Repository API structure.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix comment of structures
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Rewrite API to use struct for setting tracker and wiki settings.
* LetOnlyContributorsTrackTime -> AllowOnlyContributorsToTrackTime
* Api endpoint for searching teams.
Signed-off-by: dasv <david.svantesson@qrtech.se>
* Move API to /orgs/:org/teams/search
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Regenerate swagger
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix search is Get
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add test for search team API.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Update routers/api/v1/org/team.go
grammar
Co-Authored-By: Richard Mahn <richmahn@users.noreply.github.com>
* Fix review comments
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix some issues in repo collaboration team search, after changes in this PR.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Remove teamUser which is not used and replace with actual user id.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Remove unused search variable UserIsAdmin.
* Add paging to team search.
* Re-genereate swagger
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix review comments
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* fix
* Regenerate swagger
* Test more reserved usernames
* Add more reserved usernames, sort them
* Reserve "attachments" username (is a used route)
* It's "avatars" being reserved, not "avatar"
* Update ref comment
* Generate comment on simple ref
* Make fmt + remove unneeded repo load
* Add TODO comments
* Add ref-check in issue creation; re-arrange template
* Make unit tests pass; rearrange code
* Make fmt
* Filter out xref comment if user can't see the referencing issue
* Add TODOs
* Add cross reference
* Rearrange code; add cross-repository references
* Striketrhough obsolete references
* Remove unnecesary TODO
* Add "not supported" note
* Support for edits and deletes, and issue title
* Revert changes to go.mod
* Fix fmt
* Add support for xref from API
* Add first integration test
* Add integration tests
* Correct formatting
* Fix add comment test
* Add migration
* Remove outdated comments; fix typo
* Some code refactoring and rearranging
* Rename findCrossReferences to createCrossReferences
* Delete xrefs when repository is deleted
* Corrections as suggested by @lafriks
* Prepare for merge
* Fix log for errors
* Fix data race
* Fix data race in modules/log
* Make the scope of lock finner-grained
* Use syc.Map
* Fix missing change in the test
* Do not export LoggerMap
* Restrict repository indexing by file extension
* Use REPO_EXTENSIONS_LIST_INCLUDE instead of REPO_EXTENSIONS_LIST_EXCLUDE and have a more flexible extension pattern
* Corrected to pass lint gosimple
* Add wildcard support to REPO_INDEXER_EXTENSIONS
* This reverts commit 72a650c8e4.
* Add wildcard support to REPO_INDEXER_EXTENSIONS (no make vendor)
* Simplify isIndexable() for better clarity
* Add gobwas/glob to vendors
* manually set appengine new release
* Implement better REPO_INDEXER_INCLUDE and REPO_INDEXER_EXCLUDE
* Add unit and integration tests
* Update app.ini.sample and reword config-cheat-sheet
* Add doc page and correct app.ini.sample
* Some polish on the doc
* Simplify code as suggested by @lafriks
* Create API endpoints for repo topics.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Generate swagger
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add documentation to functions
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Grammar fix
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix function comment
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Can't use FindTopics when looking for a single repo topic, as it doesnt use exact match
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add PUT /repos/{owner}/{repo}/topics and remove GET /repos/{owner}/{repo}/topics
* Ignore if topic is sent twice in same request, refactoring.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix topic dropdown with api changes.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Style fix
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Update API documentation
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Better way to handle duplicate topics in slice
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Make response element TopicName an array of strings, instead of using an array of TopicName
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add test cases for API Repo Topics.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix format of tests
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix comments
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix unit tests after adding some more topics to the test fixture.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Update models/topic.go
Limit multiple if else if ...
Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>
* Engine as first parameter in function
Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>
* Replace magic numbers with http status code constants.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix variable scope
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Test one read with login and one with token
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add some more tests
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Apply suggestions from code review
Use empty struct for efficiency
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Add test case to check access for user with write access
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix access, repo admin required to change topics
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Correct first test to be without token
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Any repo reader should be able to access topics.
* No need for string pointer
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>