* Partial fix for #4010
Swagger validation needs 'required: true' for parameters that are in
the URL path.
Signed-off-by: Steve Traugott <stevegt@t7a.org>
* Partial fix for #4010
Swagger needs a description field in each swagger:operation response. Adding
minimal text for now on the way to getting swagger validate to pass. Many
standard swagger client libraries will not work with gitea until validate
passes, so prioritizing that over better descriptions for now.
Signed-off-by: Steve Traugott <stevegt@t7a.org>
* Partial fix for #4010
Swagger needs a comment line above each swagger:response comment -- it
uses these to populate the description: fields. Adding minimal text
for now on the way to getting swagger validate to pass. Many standard
swagger client libraries will not work at all with gitea until validate
passes, so prioritizing that over better descriptions for now.
Signed-off-by: Steve Traugott <stevegt@t7a.org>
* Replace '%28' with '#'
Add test case
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Use ResolveReference instead of strings.Replace
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add LDAP Key Synchronization feature
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Add migration: add login source id column for public_key table
* Only update keys if needed
* Add function to only list pubkey synchronized from ldap
* Only list pub ssh keys synchronized from ldap. Do not sort strings as ExistsInSlice does it.
* Only get keys belonging to current login source id
* Set default login source id to 0
* Some minor cleanup. Add integration tests (updete dep testify)
* Add disable registration as an environment variable
for docker
* Add REQUIRE_SIGNIN_VIEW as env var to docker
* Add variables to template
* Update docker docs
Update the sample configuration and config cheat sheet description for
the LOCAL_ROOT_URL configuration variable to mention the special case
required if PROTOCOL is set to 'unix'.
Fixes #3741.
Signed-off-by: Timothée Ravier <tim@siosm.fr>
* dep: Update github.com/go-macaron/csrf
Update github.com/go-macaron/csrf with dep to revision 503617c6b372
to fix issue of csrf-token security.
This update includes following commits:
- Add support for the Cookie HttpOnly flag
- Support secure mode for csrf cookie
Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>
* routers: set csrf-token security depending on COOKIE_SECURE
Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>