* cleaned permission checks for API -> site admin can now do anything
Signed-off-by: Vasek Sraier <git@vakabus.cz>
* PR #6483: helper methods moved to context/context.go, added missing return
Signed-off-by: Vasek Sraier <git@vakabus.cz>
* PR #6483: added documentation to new exported helper functions in context/context.go
Signed-off-by: Vasek Sraier <git@vakabus.cz>
* Panic don't fatal on create new logger
Fixes #5854
Signed-off-by: Andrew Thornton <art27@cantab.net>
* partial broken
* Update the logging infrastrcture
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Reset the skip levels for Fatal and Error
Signed-off-by: Andrew Thornton <art27@cantab.net>
* broken ncsa
* More log.Error fixes
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove nal
* set log-levels to lowercase
* Make console_test test all levels
* switch to lowercased levels
* OK now working
* Fix vetting issues
* Fix lint
* Fix tests
* change default logging to match current gitea
* Improve log testing
Signed-off-by: Andrew Thornton <art27@cantab.net>
* reset error skip levels to 0
* Update documentation and access logger configuration
* Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE
* Fix broken level caching
* Refactor the router log
* Add Router logger
* Add colorizing options
* Adjust router colors
* Only create logger if they will be used
* update app.ini.sample
* rename Attribute ColorAttribute
* Change from white to green for function
* Set fatal/error levels
* Restore initial trace logger
* Fix Trace arguments in modules/auth/auth.go
* Properly handle XORMLogger
* Improve admin/config page
* fix fmt
* Add auto-compression of old logs
* Update error log levels
* Remove the unnecessary skip argument from Error, Fatal and Critical
* Add stacktrace support
* Fix tests
* Remove x/sync from vendors?
* Add stderr option to console logger
* Use filepath.ToSlash to protect against Windows in tests
* Remove prefixed underscores from names in colors.go
* Remove not implemented database logger
This was removed from Gogs on 4 Mar 2016 but left in the configuration
since then.
* Ensure that log paths are relative to ROOT_PATH
* use path.Join
* rename jsonConfig to logConfig
* Rename "config" to "jsonConfig" to make it clearer
* Requested changes
* Requested changes: XormLogger
* Try to color the windows terminal
If successful default to colorizing the console logs
* fixup
* Colorize initially too
* update vendor
* Colorize logs on default and remove if this is not a colorizing logger
* Fix documentation
* fix test
* Use go-isatty to detect if on windows we are on msys or cygwin
* Fix spelling mistake
* Add missing vendors
* More changes
* Rationalise the ANSI writer protection
* Adjust colors on advice from @0x5c
* Make Flags a comma separated list
* Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING
* Ensure matching is done on the non-colored message - to simpify EXPRESSION
* Markdown: enable some more extensions
Improve Markdown-rendering by enabling some extensions:
- enable definitions lists
- enable footnotes
- enable header-ids and automatically generate header-ids (for linking to README-sections or creating table-of-contents for larger READMEs)
* Markdown: update and exted tests
Update and add tests for additionally enabled Markdown-extensions.
* Feature - Pagination for git tree API
* Handles case when page is negative
* Does a for loop over the start and end rather than all entries
* Removed redundent logic
* Adds per_page as a query parameter
* Adds DEFAULT_GIT_TREES_PER_PAGE for settings, ran make fmt
* Fix typo in cheat-sheet en
* Makes page start at 1, generated swagger
* Use updates to SDK
* Updates to use latest sdk
* Updates swagger for tree api
* Adds test for GetTreeBySHA
* Updates per PR reviews
* Updates per PR reviews
* Remove file
* Formatting
* Fix to swagger file
* Fix to swagger
* Update v1_json.tmpl
* Fix to swagger file
* Fix serving of raw wiki files other than .md
Closes #4690.
Closes #4395.
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Simplify code at routers/repo/wiki.go
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Add more files to user2/repo1.wiki for testing
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Update macaron to v1.3.2
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Add tests for WikiRaw
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Fix NewResponseWriter usage due to macaron update
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Add raw to reserved wiki names
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Revert #5877
This unfortunately was not the solution.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Change permission check to create pull requests to CanReadIssuesOrPulls
Signed-off-by: Andrew Thornton <art27@cantab.net>
1. A key can either be an ssh user key or a deploy key. It cannot be both.
2. If a key is a user key - it can only be associated with one user.
3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different.
4. If a repository is deleted, its deploy keys must be deleted too.
We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints:
- [x] You should not be able to add the same user key as another user
- [x] You should not be able to add a ssh user key which is being used as a deploy key
- [x] You should not be able to add a ssh deploy key which is being used as a user key
- [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode.
- [x] If you delete a repository you must delete all its deploy keys.
Fix #1357
* don't allow pull requests to be created on an archived repository
Also disable the "PR" button if the repo is archived
* Refuse creating an issue/PR via API calls too
* api: Add an endpoint to list a particular member of team.
* models: Rename `GetUserTeams()` to `GetUserOrgTeams()` in `org_team` model.
`GetUserTeams()` sounds a bit misnomer since it actually returns
the teams that user belongs to in a given organization rather than
all the teams across all the organization that the user has joined.
* models: Add `GetUserTeams()`.
Returns all the teams that a user belongs to.
* api: Add an endpoint for GET '/user/teams'.
A GET request to this endpoint lists all the teams that a user
belongs to.
* added the ability to provide an empty array at the EditPullRequests API to remove all labels
Signed-off-by: Lucien Kerl <lucien.kerl@wuerth-it.com>
* Update pull.go
* Inital routes to git refs api
* Git refs API implementation
* Update swagger
* Fix copyright
* Make swagger happy add basic test
* Fix test
* Fix test again :)
* show only opened milestones on issues page milestone filter
* update Godoc
* update Godoc everywhere
* update swagger
* use false instead of 0
* Add seccond ordering by ID for milestones where no deadline is set
* add api for user to create org
* remove unused blank line on the swagger file end
* fix create and add test
* fix tests
* fix routes of create org API
* fix bug
* add copyright heads
* Add CSRF checking to reqToken and place CSRF in the post for deadline creation
Fixes #5226, #5249
* /api/v1/admin/users routes should have reqToken middleware
* Add private information to the deploy keys api
This commit adds more information to the deploy keys to allow for back
reference in to the main keys list. It also adds information about the
repository that the key is referring to.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add private information to the user keys API
This adjusts the keys API to give out private information to user keys if
the current user is the owner or an admin.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add ability to search keys by fingerprint
This commit adds the functionality to search ssh-keys by fingerprint of
the ssh-key. Deploy keys per repository can also be searched. There is
no current clear API point to allow search of all deploy keys by
fingerprint or keyID.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add integration test
* Added basic heatmap data
* Added extra case for sqlite
* Built basic heatmap into user profile
* Get contribution data from api & styling
* Fixed lint & added extra group by statements for all database types
* generated swagger spec
* generated swagger spec
* generated swagger spec
* fixed swagger spec
* fmt
* Added tests
* Added setting to enable/disable user heatmap
* Added locale for loading text
* Removed UseTiDB
* Updated librejs & moment.js
* Fixed import order
* Fixed heatmap in postgresql
* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md
Co-Authored-By: kolaente <konrad@kola-entertainments.de>
* Added copyright header
* Fixed a bug to show the heatmap for the actual user instead of the currently logged in
* Added integration test for heatmaps
* Added a heatmap on the dashboard
* Fixed timestamp parsing
* Hide heatmap on mobile
* optimized postgresql group by query
* Improved sqlite group by statement
* Fix Swagger JSON.
Remove unnecessary schema references for the forbidden and empty responses
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix swagger API for CreateAccessToken
* Fix admin create org swagger
* Fix swagger for adminCreateRepo
* More swagger fixes
Set int64 format for those which are int64
Some more form fixes
* Fix swagger description of GET /repos/{owner}/{repo}/pulls
* add notification interface and refactor UI notifications
* add missing methods on notification interface and notifiy only issue status really changed
* implement NotifyPullRequestReview for ui notification
* prevent pull request to be merged when PR is a WIP
* add tests
* add helper to prepend WIP: in PR title
* move default wip prefixes into settings
* use configurable WIP prefixes in javascript and default to first one in templates
* add documentation
* add unit test on pull model
Signed-off-by: Julien Tant <julien@craftyx.fr>
* an inactive user shouldn't be able to be a collaborator
* use translated error message
* add active user check when adding a new collaborator via the api
* fix translation text
* added collaborator test
* improvee testcases
The backend SearchRepositoryByName function supports several sort order
options, hook these up to the /repos/search API.
New parameters for /repos/search:
'sort': alpha, created, updated, size, or id
'order': asc or desc
'sort' defaults to alpha.
'order' defaults to ascending, and is ignored if 'sort' is not specified.
The overall default behavior is unchanged (alphabetically ascending).
This partially implements issue #3963
Signed-off-by: Allen Wild <allenwild93@gmail.com>
* Implemented basic api endpoint to manage deadlines
* Fixed checking for permissions
* Updating a deadline from the ui is now entirely done via the api
* cleanup
* Cosmetics
* fixed lint + fmt
* Added swagger model definition for deadline response
* Updated gitea-sdk
* Updated gitea-sdk
* More cleanup
* Generate swagger json
* Merge branch 'master' of https://github.com/go-gitea/gitea into issue-due-date-api
# Conflicts:
# public/swagger.v1.json
* Fixed permission to update a deadline via api
* Re-added form to change a deadline
* Added client-side validation + not ignore error messages from the api
* Added locale for error message
* Merge branch 'master' of https://github.com/go-gitea/gitea
# Conflicts:
# models/issue_comment.go
* Proper date validation
* Fixed indention
* moved css to css file
* added documentation for error codes
* after merge cleanup
* Added swagger description
* DO NOTHING BUT TRIGGER THAT F*CKIN CI SO IT PICKS UP THE LATEST COMMIT AS IT SHOULD
* DO NOTHING BUT TRIGGER THAT F*CKIN CI SO IT PICKS UP THE LATEST COMMIT AS IT SHOULD
* regenerated stylesheets
* Repositories can only migrated to own user or organizations
* Add check for organization that user does not belong to
* Allow admin to migrate repositories for other users
Fix all the resting errors to have a valid swagger file.
They are still some warnings but nothing blocking.
Doing so I found that some request still misses son parameters for some POST/PUT/PATCH request. This means the a client generated from the swagger file will not work completely.
Fix #4088 by activating validation in drone
Should fix #4010.
* Partial fix for #4010
Swagger validation needs 'required: true' for parameters that are in
the URL path.
Signed-off-by: Steve Traugott <stevegt@t7a.org>
* Partial fix for #4010
Swagger needs a description field in each swagger:operation response. Adding
minimal text for now on the way to getting swagger validate to pass. Many
standard swagger client libraries will not work with gitea until validate
passes, so prioritizing that over better descriptions for now.
Signed-off-by: Steve Traugott <stevegt@t7a.org>
* Partial fix for #4010
Swagger needs a comment line above each swagger:response comment -- it
uses these to populate the description: fields. Adding minimal text
for now on the way to getting swagger validate to pass. Many standard
swagger client libraries will not work at all with gitea until validate
passes, so prioritizing that over better descriptions for now.
Signed-off-by: Steve Traugott <stevegt@t7a.org>
* Add LDAP Key Synchronization feature
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Add migration: add login source id column for public_key table
* Only update keys if needed
* Add function to only list pubkey synchronized from ldap
* Only list pub ssh keys synchronized from ldap. Do not sort strings as ExistsInSlice does it.
* Only get keys belonging to current login source id
* Set default login source id to 0
* Some minor cleanup. Add integration tests (updete dep testify)
* add more webhook support
* move hooks templates to standalone dir and add more webhooks ui
* fix tests
* update vendor checksum
* add more webhook support
* move hooks templates to standalone dir and add more webhooks ui
* fix tests
* update vendor checksum
* update vendor
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
* load attributes when created release
* update comparsion doc
* Started adding deadline to ui
* Implemented basic issue due date managing
* Improved UI for due date managing
* Added at least write access to the repo in order to modify issue due dates
* Ui improvements
* Added issue comments creation when adding/modifying/removing a due date
* Show due date in issue list
* Added api support for issue due dates
* Fixed lint suggestions
* Added deadline to sdk
* Updated css
* Added support for adding/modifiying deadlines for pull requests via api
* Fixed comments not created when updating or removing a deadline
* update sdk (will do properly once go-gitea/go-sdk#103 is merged)
* enhanced updateIssueDeadline
* Removed unnessecary Issue.DeadlineString
* UI improvements
* Small improvments to comment creation
+ ui & validation improvements
* Check if an issue is overdue is now a seperate function
* Updated go-sdk with govendor as it was merged
* Simplified isOverdue method
* removed unessecary deadline to 0 set
* Update swagger definitions
* Added missing return
* Added an explanary comment
* Improved updateIssueDeadline method so it'll only update `deadline_unix`
* Small changes and improvements
* no need to explicitly load the issue when updating a deadline, just use whats already there
* small optimisations
* Added check if a deadline was modified before updating it
* Moved comment creating logic into its own function
* Code cleanup for creating deadline comment
* locale improvement
* When modifying a deadline, the old deadline is saved with the comment
* small improvments to xorm session handling when updating an issue deadline
+ style nitpicks
* style nitpicks
* Moved checking for if the user has write acces to middleware