* Stop trimming preceding and suffixing spaces from editor filenames
In #5702 it was decided to trim preceding and suffixed spaces aswell as / from
editing file filenames. This was because at this point in time the url-safety of
Gitea was much poorer.
We can now drop this requirement and file editing should work correctly.
Fix#18176
Signed-off-by: Andrew Thornton <[email protected]>
When generating the commits list and number of files changed for PRs and
compare we should use "..." always not "..".
Fix#18303
Signed-off-by: Andrew Thornton <[email protected]>
Fix#17514
Given the comments I've adjusted this somewhat. The numbers of characters detected are increased and include things like the use of U+300 to make à instead of à and non-breaking spaces.
There is a button which can be used to escape the content to show it.
Signed-off-by: Andrew Thornton <[email protected]>
Co-authored-by: Gwyneth Morgan <[email protected]>
Co-authored-by: silverwind <[email protected]>
Co-authored-by: wxiaoguang <[email protected]>
* Team permission allow different unit has different permission
* Finish the interface and the logic
* Fix lint
* Fix translation
* align center for table cell content
* Fix fixture
* merge
* Fix test
* Add deprecated
* Improve code
* Add tooltip
* Fix swagger
* Fix newline
* Fix tests
* Fix tests
* Fix test
* Fix test
* Max permission of external wiki and issues should be read
* Move team units with limited max level below units table
* Update label and column names
* Some improvements
* Fix lint
* Some improvements
* Fix template variables
* Add permission docs
* improve doc
* Fix fixture
* Fix bug
* Fix some bug
* fix
* gofumpt
* Integration test for migration (#18124)
integrations: basic test for Gitea {dump,restore}-repo
This is a first step for integration testing of DumpRepository and
RestoreRepository. It:
runs a Gitea server,
dumps a repo via DumpRepository to the filesystem,
restores the repo via RestoreRepository from the filesystem,
dumps the restored repository to the filesystem,
compares the first and second dump and expects them to be identical
The verification is trivial and the goal is to add more tests for each
topic of the dump.
Signed-off-by: Loïc Dachary <[email protected]>
* Team permission allow different unit has different permission
* Finish the interface and the logic
* Fix lint
* Fix translation
* align center for table cell content
* Fix fixture
* merge
* Fix test
* Add deprecated
* Improve code
* Add tooltip
* Fix swagger
* Fix newline
* Fix tests
* Fix tests
* Fix test
* Fix test
* Max permission of external wiki and issues should be read
* Move team units with limited max level below units table
* Update label and column names
* Some improvements
* Fix lint
* Some improvements
* Fix template variables
* Add permission docs
* improve doc
* Fix fixture
* Fix bug
* Fix some bug
* Fix bug
Co-authored-by: Lauris BH <[email protected]>
Co-authored-by: 6543 <[email protected]>
Co-authored-by: Aravinth Manivannan <[email protected]>
This PR reworked the Find pointer files feature in Settings -> LFS page.
When a LFS object is missing from database but exists in LFS content store, admin can associate it to the repository by clicking the Associate button.
This PR is not perfect (because the LFS module itself should be improved too), it's just a nice-to-have feature to help users recover their LFS repositories (eg: database was lost / table was truncated)
A consequence of forcibly setting the RoutePath to the escaped url is that the
auto routing to endpoints without terminal slashes fails (Causing #18060.) This
failure raises the possibility that forcibly setting the RoutePath causes other
unexpected behaviors too.
Therefore, instead we should simply pre-escape the URL in the process registering
handler. Then the request URL will be properly escaped for all the following calls.
Fix#17938Fix#18060
Replace #18062
Replace #17997
Signed-off-by: Andrew Thornton <[email protected]>
User would keep seeing an empty repo if:
* An error occurs during the first git pushing/receiving
* A user replaces the Gitea's empty repository manually
Fix: when a user is viewing the repository web page, if the repoModal.IsEmpty is true, we check the git repository again to detect whether it is really empty.
However: the IsEmpty flag is deeply broken and should be removed. For example it's possible for a repository to be non-empty by that flag but still 500 because there are no branches - only tags -or the default branch is non-extant as it has been 0-pushed.
Git will and can pack references into packfiles and therefore if you write/read the
files directly you will get false results. Instead you should use update-ref and
show-ref. To that end I have created three new functions in git/repo_commit.go that
will do this correctly.
Related #17191
Signed-off-by: Andrew Thornton <[email protected]>
PR #17997 means that urls with terminal '/' are no longer immediately mapped
to the url without a terminal slash. However, it has revealed that the NotFound handler
appears to have been lost.
This PR adds back in a NotFound handler that simply redirects to a path without the
terminal slash or runs the NotFound handler.
Fix#18060
Signed-off-by: Andrew Thornton <[email protected]>
Repository Transfer requires that the repository directory is renamed - which
is not possible on Windows if the git repository is open.
Fix#17885
Signed-off-by: Andrew Thornton <[email protected]>
Co-authored-by: Lunny Xiao <[email protected]>
The current code unfortunately requires that `action` be a reserved
repository name as it prevents posts to change the settings for
action repositories. However, we can simply change action handler
to work on POST /{username} instead.
Fix#18037
Signed-off-by: Andrew Thornton <[email protected]>
* Reset Session ID on login
When logging in the SessionID should be reset and the session cleaned up.
Signed-off-by: Andrew Thornton <[email protected]>
* with new session.RegenerateID function
Signed-off-by: Andrew Thornton <[email protected]>
* update go-chi/session
Signed-off-by: Andrew Thornton <[email protected]>
* Ensure that session id is changed after oauth data is set and between account linking pages too
Signed-off-by: Andrew Thornton <[email protected]>
* placate lint
Signed-off-by: Andrew Thornton <[email protected]>
* as per review
Signed-off-by: Andrew Thornton <[email protected]>
* Abort merge if head has been updated before pressing merge
It is possible that a PR head may be pushed to between the merge page being shown
and the merge button being pressed. Pass the current expected head in as a parameter
and cancel the merge if it has changed.
Fix#18028
Signed-off-by: Andrew Thornton <[email protected]>
* adjust swagger
Signed-off-by: Andrew Thornton <[email protected]>
* fix test
Signed-off-by: Andrew Thornton <[email protected]>
* placate lint
Signed-off-by: Andrew Thornton <[email protected]>
* Add support for ssh commit signing
* Split out ssh verification to separate file
* Show ssh key fingerprint on commit page
* Update sshsig lib
* Make sure we verify against correct namespace
* Add ssh public key verification via ssh signatures
When adding a public ssh key also validate that this user actually
owns the key by signing a token with the private key.
* Remove some gpg references and make verify key optional
* Fix spaces indentation
* Update options/locale/locale_en-US.ini
Co-authored-by: Gusted <[email protected]>
* Update templates/user/settings/keys_ssh.tmpl
Co-authored-by: Gusted <[email protected]>
* Update options/locale/locale_en-US.ini
Co-authored-by: Gusted <[email protected]>
* Update options/locale/locale_en-US.ini
Co-authored-by: Gusted <[email protected]>
* Update models/ssh_key_commit_verification.go
Co-authored-by: Gusted <[email protected]>
* Reword ssh/gpg_key_success message
* Change Badsignature to NoKeyFound
* Add sign/verify tests
* Fix upstream api changes to user_model User
* Match exact on SSH signature
* Fix code review remarks
Co-authored-by: Gusted <[email protected]>
Co-authored-by: wxiaoguang <[email protected]>
Co-authored-by: Lunny Xiao <[email protected]>
Co-authored-by: techknowlogick <[email protected]>
It appears that there are several places that password length, complexity and ispwned
are not currently been checked when changing passwords. This PR adds these.
Fix#17977
Signed-off-by: Andrew Thornton <[email protected]>
Co-authored-by: wxiaoguang <[email protected]>
This PR contains multiple fixes. The most important of which is:
* Prevent hang in git cat-file if the repository is not a valid repository
Unfortunately it appears that if git cat-file is run in an invalid
repository it will hang until stdin is closed. This will result in
deadlocked /pulls pages and dangling git cat-file calls if a broken
repository is tried to be reviewed or pulls exists for a broken
repository.
Fix#14734Fix#9271Fix#16113
Otherwise there are a few small other fixes included which this PR was initially intending to fix:
* Fix panic on partial compares due to missing PullRequestWorkInProgressPrefixes
* Fix links on pulls pages due to regression from #17551 - by making most /issues routes match /pulls too - Fix#17983
* Fix links on feeds pages due to another regression from #17551 but also fix issue with syncing tags - Fix#17943
* Add missing locale entries for oauth group claims
* Prevent NPEs if ColorFormat is called on nil users, repos or teams.
Move the more relevant sections of the page title earlier which make it
possible to distinguish multiple tabs from each other when tab width is
limited.
Co-authored-by: Lunny Xiao <[email protected]>
Co-authored-by: wxiaoguang <[email protected]>
* Add missing `X-Total-Count` and fix some related bugs
Adds `X-Total-Count` header to APIs that return a list but doesn't have it yet.
Fixed bugs:
* not returned after reporting error (https://github.com/qwerty287/gitea/blob/39eb82446c6fe5da3d79124e1f701f3795625b69/routers/api/v1/user/star.go#L70)
* crash with index out of bounds, API issue/issueSubscriptions
I also found various endpoints that return lists but do not apply/support pagination yet:
```
/repos/{owner}/{repo}/issues/{index}/labels
/repos/{owner}/{repo}/issues/comments/{id}/reactions
/repos/{owner}/{repo}/branch_protections
/repos/{owner}/{repo}/contents
/repos/{owner}/{repo}/hooks/git
/repos/{owner}/{repo}/issue_templates
/repos/{owner}/{repo}/releases/{id}/assets
/repos/{owner}/{repo}/reviewers
/repos/{owner}/{repo}/teams
/user/emails
/users/{username}/heatmap
```
If this is not expected, an new issue should be opened.
Closes#13043
* fmt
* Update routers/api/v1/repo/issue_subscription.go
Co-authored-by: KN4CK3R <[email protected]>
* Use FindAndCount
Co-authored-by: KN4CK3R <[email protected]>
Co-authored-by: 6543 <[email protected]>
* Add setting to OAuth handlers to override local 2FA settings
This PR adds a setting to OAuth and OpenID login sources to allow the source to
override local 2FA requirements.
Fix#13939
Signed-off-by: Andrew Thornton <[email protected]>
* Fix regression from #16544
Signed-off-by: Andrew Thornton <[email protected]>
* Add scopes settings
Signed-off-by: Andrew Thornton <[email protected]>
* fix trace logging in auth_openid
Signed-off-by: Andrew Thornton <[email protected]>
* add required claim options
Signed-off-by: Andrew Thornton <[email protected]>
* Move UpdateExternalUser to externalaccount
Signed-off-by: Andrew Thornton <[email protected]>
* Allow OAuth2/OIDC to set Admin/Restricted status
Signed-off-by: Andrew Thornton <[email protected]>
* Allow use of the same group claim name for the prohibit login value
Signed-off-by: Andrew Thornton <[email protected]>
* fixup! Move UpdateExternalUser to externalaccount
* as per wxiaoguang
Signed-off-by: Andrew Thornton <[email protected]>
* add label back in
Signed-off-by: Andrew Thornton <[email protected]>
* adjust localisation
Signed-off-by: Andrew Thornton <[email protected]>
* placate lint
Signed-off-by: Andrew Thornton <[email protected]>
Co-authored-by: 6543 <[email protected]>
Co-authored-by: Lunny Xiao <[email protected]>
Co-authored-by: techknowlogick <[email protected]>
zeripathandGitHub
wxiaoguangandGitHub
a1012112796andGitHub
GustedandGitHub
99rgosseandGitHub
qwerty287andGitHub