This PR makes it possible for the markdown renderer to render images and media straight from the LFS.
Fix #5746
Signed-off-by: Andrew Thornton [art27@cantab.net](mailto:art27@cantab.net)
* Use git plumbing for upload: #5621 repo_editor.go: UploadRepoFile
* Use git plumbing for upload: #5621 repo_editor.go: GetDiffPreview
* Use git plumbing for upload: #5621 repo_editor.go: DeleteRepoFile
* Use git plumbing for upload: #5621 repo_editor.go: UploadRepoFiles
* Move branch checkout functions out of repo_editor.go as they are no longer used there
* BUGFIX: The default permissions should be 100644
This is a change from the previous code but is more in keeping
with the default behaviour of git.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Standardise cleanUploadFilename to more closely match git
See verify_path in: 7f4e641693/read-cache.c (L951)
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Redirect on bad paths
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Refactor to move the uploading functions out to a module
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add LFS support
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update upload.go attribution header
Upload.go is essentially the remnants of repo_editor.go. The remaining code is essentially unchanged from the Gogs code, hence the Gogs attribution.
* Delete upload files after session committed
* Ensure that GIT_AUTHOR_NAME etc. are valid for git
see #5774
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add in test cases per @lafriks comment
* Add space between gitea and github imports
Signed-off-by: Andrew Thornton <art27@cantab.net>
* more examples in TestCleanUploadName
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix formatting
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Set the SSH_ORIGINAL_COMMAND to ensure hooks are run
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Switch off SSH_ORIGINAL_COMMAND
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fixes #5957
* add tests to make sure config option is respected
* use already defined struct
* - use migration to make the flag repo wide not for the entire gitea instance
Also note that the config value can still be set so as to be able to control the value for new repositories that are to be created
- fix copy/paste error in copyright header year and rearrange import
- use repo config instead of server config value to determine if a commit should close an issue
- update testsuite
* use global config only when creating a new repository
* allow repo admin toggle feature via UI
* fix typo and improve testcase
* fix fixtures
* add DEFAULT prefix to config value
* fix test
* Feature - Pagination for git tree API
* Handles case when page is negative
* Does a for loop over the start and end rather than all entries
* Removed redundent logic
* Adds per_page as a query parameter
* Adds DEFAULT_GIT_TREES_PER_PAGE for settings, ran make fmt
* Fix typo in cheat-sheet en
* Makes page start at 1, generated swagger
* Use updates to SDK
* Updates to use latest sdk
* Updates swagger for tree api
* Adds test for GetTreeBySHA
* Updates per PR reviews
* Updates per PR reviews
* Remove file
* Formatting
* Fix to swagger file
* Fix to swagger
* Update v1_json.tmpl
* Fix to swagger file
* Fix serving of raw wiki files other than .md
Closes #4690.
Closes #4395.
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Simplify code at routers/repo/wiki.go
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Add more files to user2/repo1.wiki for testing
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Update macaron to v1.3.2
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Add tests for WikiRaw
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Fix NewResponseWriter usage due to macaron update
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Add raw to reserved wiki names
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Don't display buttons if there are no notices
* clear stopwatch on merging a PR
* remove redundant gt check
* use ctx.Flash as per @bkcsoft comment
* stop timer on closing issues/PRs too
* updated translation as per review
* redirect to login page after successfully activating account
* remove unrelated changes
* stop timer for issues that are closed via commits too..Not just the 'close' UI button
* Revert #5877
This unfortunately was not the solution.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Change permission check to create pull requests to CanReadIssuesOrPulls
Signed-off-by: Andrew Thornton <art27@cantab.net>
1. A key can either be an ssh user key or a deploy key. It cannot be both.
2. If a key is a user key - it can only be associated with one user.
3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different.
4. If a repository is deleted, its deploy keys must be deleted too.
We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints:
- [x] You should not be able to add the same user key as another user
- [x] You should not be able to add a ssh user key which is being used as a deploy key
- [x] You should not be able to add a ssh deploy key which is being used as a user key
- [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode.
- [x] If you delete a repository you must delete all its deploy keys.
Fix #1357
This PR gitea'ises the macaron.Recovery() handler meaning that in
the event of panic we get proper gitea 500 pages and the stacktrace
is logged with the gitea logger.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* don't allow pull requests to be created on an archived repository
Also disable the "PR" button if the repo is archived
* Refuse creating an issue/PR via API calls too
* Pooled and buffered gzip implementation
* Add test for gzip
* Add integration test
* Ensure lfs check within transaction
The previous code made it possible for a race condition to occur whereby a LFSMetaObject could be checked into the database twice. We should check if the LFSMetaObject is within the database and insert it if not in one transaction.
* Try to avoid primary key problem in postgres
The integration tests are being affected by
https://github.com/go-testfixtures/testfixtures/issues/39 if we set the
primary key high enough, keep a count of this and remove at the end of
each test we shouldn't be affected by this.
* add util method and tests
* make sure the title of an issue cannot be empty
* wiki title cannot be empty
* pull request title cannot be empty
* update to make use of the new util methof
Unfortunately a scoping problem was missed on the previous PR which meant that the only nil error was logged on failure to connect to the db. This pr fixes this.
* api: Add an endpoint to list a particular member of team.
* models: Rename `GetUserTeams()` to `GetUserOrgTeams()` in `org_team` model.
`GetUserTeams()` sounds a bit misnomer since it actually returns
the teams that user belongs to in a given organization rather than
all the teams across all the organization that the user has joined.
* models: Add `GetUserTeams()`.
Returns all the teams that a user belongs to.
* api: Add an endpoint for GET '/user/teams'.
A GET request to this endpoint lists all the teams that a user
belongs to.
* add default PR title
Set default PR title to commit summary if there's a single commit on the head branch, else set it to the head branch name
* set default PR description
If there's a single commit on the head branch, and it's multiline, then set it as the default PR description
* Do not display the raw OpenID error in the UI
If there are no `WHITELIST_URIS` or `BLACKLIST_URIS` set in the openid
section of the app.ini, it is possible that gitea can leak sensitive
information about the local network through the error provided by the
UI. This PR hides the error information and logs it.
Fix #4973
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update auth_openid.go
Place error log within the `err != nil` branch.
* add migration and basic UI for changing a user's theme
* update user themem
* use right text on button
* load theme based on users' selection
* load theme based on users' selection in pwa too
* update sample config
* delete older theme loading
* implement AfterLoad to set users' theme properly
* set up default theme when creating a user. This uses the installation wide theme
* use flash messages for error
* set default theme when creating a user from the cli
* fix @lunny review
* Add branch protection for approvals
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add required approvals
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add missing comments and fmt
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add type = approval and group by reviewer_id to review
* Prevent users from adding negative review limits
* Add migration for approval whitelists
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* improve team members and repositories settings UI
* use tab on team pages
* add default description on team members and repos
* add blank on numbers and texts
* improve translation
* added the ability to provide an empty array at the EditPullRequests API to remove all labels
Signed-off-by: Lucien Kerl <lucien.kerl@wuerth-it.com>
* Update pull.go
* add milestone issues and pulls page instead of redirecting issues page
* add milestone when creating issue from milestone page
* refactor to merge similiar codes as a new function issues
* remove milestone info on milestone issues list
* fix missing params
* Inital routes to git refs api
* Git refs API implementation
* Update swagger
* Fix copyright
* Make swagger happy add basic test
* Fix test
* Fix test again :)
* Create manifest and serviceworker
* Create templates and add AppSubUrl
* Add JSRenderer
* fix ctx type
* Add JSRenderer to static.go
* Complete adding {{AppSubUrl}}
* Add more fonts to urlsToCache
* Add 512px and 192px icons
* Hardcode font MD5
* Default theme doesn't have a specific CSS file
* show only opened milestones on issues page milestone filter
* update Godoc
* update Godoc everywhere
* update swagger
* use false instead of 0
* Add seccond ordering by ID for milestones where no deadline is set
* add api for user to create org
* remove unused blank line on the swagger file end
* fix create and add test
* fix tests
* fix routes of create org API
* fix bug
* add copyright heads
* Add raw blob endpoint
This should make it possible to download raw blobs directly from
/:repo/:username/raw/blob/:sha1 URLs.
* fix: Make it work
* As an SHA-ID is no path getRefNameFromPath can't be used to verify
file specifying parameter
* added relevant change in go-gitea/git #132
Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>
* Update Gopkg.lock
Can't update all vendors due to errors
Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>
* style: Add Gitea copyright header
* feat: Added integration test for /repo/u/r/raw/blob
* fix: correct year in copyright header
* Add CSRF checking to reqToken and place CSRF in the post for deadline creation
Fixes #5226, #5249
* /api/v1/admin/users routes should have reqToken middleware
* Add private information to the deploy keys api
This commit adds more information to the deploy keys to allow for back
reference in to the main keys list. It also adds information about the
repository that the key is referring to.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add private information to the user keys API
This adjusts the keys API to give out private information to user keys if
the current user is the owner or an admin.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add ability to search keys by fingerprint
This commit adds the functionality to search ssh-keys by fingerprint of
the ssh-key. Deploy keys per repository can also be searched. There is
no current clear API point to allow search of all deploy keys by
fingerprint or keyID.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add integration test
* Show either sign up OR sign in
* disambiguate fresh start from adding recovery options
* use tabs to switch between account link flows
* add active to tab body as well
* changes as per discussion
* handle specific error; fix missing err typo
* Added basic heatmap data
* Added extra case for sqlite
* Built basic heatmap into user profile
* Get contribution data from api & styling
* Fixed lint & added extra group by statements for all database types
* generated swagger spec
* generated swagger spec
* generated swagger spec
* fixed swagger spec
* fmt
* Added tests
* Added setting to enable/disable user heatmap
* Added locale for loading text
* Removed UseTiDB
* Updated librejs & moment.js
* Fixed import order
* Fixed heatmap in postgresql
* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md
Co-Authored-By: kolaente <konrad@kola-entertainments.de>
* Added copyright header
* Fixed a bug to show the heatmap for the actual user instead of the currently logged in
* Added integration test for heatmaps
* Added a heatmap on the dashboard
* Fixed timestamp parsing
* Hide heatmap on mobile
* optimized postgresql group by query
* Improved sqlite group by statement
* Fix Swagger JSON.
Remove unnecessary schema references for the forbidden and empty responses
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix swagger API for CreateAccessToken
* Fix admin create org swagger
* Fix swagger for adminCreateRepo
* More swagger fixes
Set int64 format for those which are int64
Some more form fixes
* Fix swagger description of GET /repos/{owner}/{repo}/pulls
* add notification interface and refactor UI notifications
* add missing methods on notification interface and notifiy only issue status really changed
* implement NotifyPullRequestReview for ui notification
* Detect charset and convert non UTF-8 files for display
* Refactor and move function to correct module
* Revert unrelated changes
* More unrelated changes
* Duplicate content for small text to have better encoding detection
* Check if original content is valid before duplicating it
* Code review UI improvements
* More fixes to dark theme
* Style fix
* Fix to allow add code review comments only on review files tab
* More readability dark style fixes
* Fix commenting on deleted files. Fixes #4752
* Fix line blame getting for multiple corner cases
* redirect to login page after successfully activating account
* force users to change password if account was created by an admin
* force users to change password if account was created by an admin
* fixed build
* fixed build
* fix pending issues with translation and wrong routes
* make sure path check is safe
* remove unneccessary newline
* make sure users that don't have to view the form get redirected
* move route to use /settings prefix so as to make sure unauthenticated users can't view the page
* update as per @lafriks review
* add necessary comment
* remove unrelated changes
* support redirecting to location the user actually want to go to before being forced to change his/her password
* run make fmt
* added tests
* improve assertions
* add assertion
* fix copyright year
Signed-off-by: Lanre Adelowo <yo@lanre.wtf>
* Make reverse proxy auth optional
If the option ENABLE_REVERSE_PROXY_AUTHENTICATION is enabled, make
reverse proxy auth optional, instead of failing if the authentication
did not succeed.
Fixes #3973
Signed-off-by: Najib Idrissi <najib.idrissi.kaitouni@gmail.com>
* Update http.go
* Make sure author cannot reject/approve their own PR
* Disable buttons in templates too
* Remove unneccessary if check since the switch below catches it
* Fix IsOwner check
* Update template and remove new template variable
* Add alert template and redirect to diff page on review failure
* Redirect to files diff as a little update to #4632
* Add whitespace handling to PR-comparsion
In a PR we have to keep an eye on a lot of different things. But sometimes the
bare code is the key-thing we want to care about and just don't want to care
about fixed indention on some places. Especially if we follow the pathfinder
rule we face a lot of these situations because these changes don't break the
code in many languages but improve the readability a lot.
So this change introduce a fine graned button to adjust the way how the
reviewer want to see whitespace-changes within the code.
The possibilities reflect the possibilities from git itself except of the
`--ignore-blank-lines` flag because that one is also handled by `-b` and is
really rare.
Signed-off-by: Felix Nehrke <felix@nehrke.info>
* prevent pull request to be merged when PR is a WIP
* add tests
* add helper to prepend WIP: in PR title
* move default wip prefixes into settings
* use configurable WIP prefixes in javascript and default to first one in templates
* add documentation
* add unit test on pull model
Signed-off-by: Julien Tant <julien@craftyx.fr>
* an inactive user shouldn't be able to be a collaborator
* use translated error message
* add active user check when adding a new collaborator via the api
* fix translation text
* added collaborator test
* improvee testcases
* don't fail silently if trying to add a collaborator twice
* fix translation text
* added collaborator test
* improvee testcases
* Added tests to make sure a collaborator cannot be added twice
* Initial ui components for pull request review
* Add Review
Add IssueComment types
Signed-off-by: Jonas Franz <info@jonasfranz.software>
(cherry picked from commit 2b4daab)
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Replace ReviewComment with Content
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add load functions
Add ReviewID to findComments
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add create review comment implementation
Add migration for review
Other small changes
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Simplified create and find functions for review
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Moved "Pending" to first position
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add GetCurrentReview to simplify fetching current review
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Preview for listing comments
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Move new comment form to its own file
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Implement Review form
Show Review comments on comment stream
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add support for single comments
Showing buttons in context
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add pending tag to pending review comments
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add unit tests for Review
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fetch all review ids at once
Add unit tests
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* gofmt
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Improved comment rendering in "Files" view by adding Comments to DiffLine
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add support for invalidating comments
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Switched back to code.gitea.io/git
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Moved review migration from v64 to v65
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Rebuild css
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* gofmt
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Improve translations
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix unit tests by updating fixtures and updating outdated test
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Comments will be shown at the right place now
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add support for deleting CodeComments
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix problems caused by files in subdirectories
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add support for showing code comments of reviews in conversation
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add support for "Show/Hide outdated"
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Update code.gitea.io/git
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add support for new webhooks
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Update comparison
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Resolve conflicts
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Minor UI improvements
* update code.gitea.io/git
* Fix ui bug reported by @lunny causing wrong position of add button
Add functionality to "Cancel" button
Add scale effects to add button
Hide "Cancel" button for existing comments
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Prepare solving conflicts
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Show add button only if no comments already exist for the line
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add missing vendor files
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Check if reviewer is nil
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Show forms only to users who are logged in
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Revert "Show forms only to users who are logged in"
This reverts commit c083682
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Save patch in comment
Render patch for code comments
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add link to comment in code
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add reply form to comment list
Show forms only to signed in users
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add 'Reply' as translatable
Add CODE_COMMENT_LINES setting
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* gofmt
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix problems introduced by checking for singed in user
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add v70
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Update generated stylesheet
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix preview
Beginn with new review comment patch system
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add new algo to generate diff for line range
Remove old algo used for cutting big diffs (it was very buggy)
* Add documentation and example for CutDiffAroundLine
* Fix example of CutDiffAroundLine
* Fix some comment UI rendering bugs
* Add code comment edit mode
* Send notifications / actions to users until review gets published
Fix diff generation bug
Fix wrong hashtag
* Fix vet errors
* Send notifications also for single comments
* Fix some notification bugs, fix link
* Fix: add comment icon is only shown on code lines
* Add lint comment
* Add unit tests for git diff
* Add more error messages
* Regenerated css
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* fmt
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Regenerated CSS with latest less version
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix test by updating comment type to new ID
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Introducing CodeComments as type for map[string]map[int64][]*Comment
Other minor code improvements
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix data-tab issues
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Remove unnecessary change
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* refactored checkForInvalidation
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Append comments instead of setting
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Use HeadRepo instead of BaseRepo
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Update migration
Signed-off-by: Jonas Franz <info@jonasfranz.de>
* Regenerated CSS
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add copyright
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Update index.css
Signed-off-by: Jonas Franz <info@jonasfranz.software>
The backend SearchRepositoryByName function supports several sort order
options, hook these up to the /repos/search API.
New parameters for /repos/search:
'sort': alpha, created, updated, size, or id
'order': asc or desc
'sort' defaults to alpha.
'order' defaults to ascending, and is ignored if 'sort' is not specified.
The overall default behavior is unchanged (alphabetically ascending).
This partially implements issue #3963
Signed-off-by: Allen Wild <allenwild93@gmail.com>
* Implemented basic api endpoint to manage deadlines
* Fixed checking for permissions
* Updating a deadline from the ui is now entirely done via the api
* cleanup
* Cosmetics
* fixed lint + fmt
* Added swagger model definition for deadline response
* Updated gitea-sdk
* Updated gitea-sdk
* More cleanup
* Generate swagger json
* Merge branch 'master' of https://github.com/go-gitea/gitea into issue-due-date-api
# Conflicts:
# public/swagger.v1.json
* Fixed permission to update a deadline via api
* Re-added form to change a deadline
* Added client-side validation + not ignore error messages from the api
* Added locale for error message
* Merge branch 'master' of https://github.com/go-gitea/gitea
# Conflicts:
# models/issue_comment.go
* Proper date validation
* Fixed indention
* moved css to css file
* added documentation for error codes
* after merge cleanup
* Added swagger description
* DO NOTHING BUT TRIGGER THAT F*CKIN CI SO IT PICKS UP THE LATEST COMMIT AS IT SHOULD
* DO NOTHING BUT TRIGGER THAT F*CKIN CI SO IT PICKS UP THE LATEST COMMIT AS IT SHOULD
* regenerated stylesheets