Commit graph

679 commits

Author SHA1 Message Date
zeripath 01c10a951b
Fix ssh deploy and user key constraints (#1357) (#5939)
1. A key can either be an ssh user key or a deploy key. It cannot be both.
2. If a key is a user key - it can only be associated with one user.
3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different.
4. If a repository is deleted, its deploy keys must be deleted too.

We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints:

- [x] You should not be able to add the same user key as another user
- [x] You should not be able to add a ssh user key which is being used as a deploy key
- [x] You should not be able to add a ssh deploy key which is being used as a user key
- [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode.
- [x] If you delete a repository you must delete all its deploy keys.

Fix #1357
2019-02-03 23:56:53 +00:00
zeripath 13c0f7dfff
Fix notifications on pushing with deploy keys by setting hook environment variables (#5935)
The gitea prerecieve and postrecieve hooks and the gitea PushUpdate function require that the PusherID and PusherName are real users. Previously, these environment variables were not being set when using a deploy key - the main result being that pushing to empty repositories meant that is_empty status was not changed.

I've also added an integration test to ensure that the is_empty status is updated on pushing with a deploy key.

There is a slight issue in that the deploy key is now considered a proxy for the owner - we don't have a way of separating out the deploy key from the owner at present. This can be fixed in another PR.

Fix #3795 

Signed-off-by: Andrew Thornton art27@cantab.net
2019-02-03 14:00:48 +00:00
zeripath 2902b3a68c
Fix #5866: Silence console logger in gitea serv (#5887)
By default, if `setting.NewContext()` prints out any warning logs, these are printed to the stdout breaking `git receive-pack` etc. meaning that even if there is a warning because of a minor problem in your app.ini but gitea starts despite this - you **CANNOT** push or pull over SSH.

This PR disables the console logger whilst in `serv.go`

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-02-03 11:19:28 +00:00
Lanre Adelowo e1fcd6b742 Disallow empty titles (#5785)
* add util method and tests

* make sure the title of an issue cannot be empty

* wiki title cannot be empty

* pull request title cannot be empty

* update to make use of the new util methof
2019-01-21 13:45:32 +02:00
Zsombor 656456441c Add flag to skip repository dumping (#5695) 2019-01-13 16:52:25 -05:00
Lanre Adelowo 8d2c24f7f9 Allow for user specific themes (#5668)
* add migration and basic UI for changing a user's theme

* update user themem

* use right text on button

* load theme based on users' selection

* load theme based on users' selection in pwa too

* update sample config

* delete older theme loading

* implement AfterLoad to set users' theme properly

* set up default theme when creating a user. This uses the installation wide theme

* use flash messages for error

* set default theme when creating a user from the cli

* fix @lunny review
2019-01-09 12:22:57 -05:00
Lanre Adelowo a82ba73346 Make sure argsSet verifies string isn't empty too (#4980) 2018-12-27 14:38:38 +02:00
Lunny Xiao 7fd34c0517
fix lfs version check warning log when using ssh protocol (#5501) 2018-12-19 09:17:43 +08:00
Greg Karékinian ebef3eff23 Remove a double slash in the HTTPS redirection when Let's Encrypt is enabled (#5537)
Before:

$ curl 0.0.0.0:3001
<a href="https://gitea.example.com:3000//">Found</a>.

After:

$ curl 0.0.0.0:3001
<a href="https://gitea.example.com:3000/">Found</a>.

Fixes #5536
2018-12-12 23:00:24 +02:00
Lunny Xiao af6bce3ad5 fix detect force push failure on deletion of protected branches (#5522) 2018-12-12 10:46:17 +02:00
Lunny Xiao ba75319157 fix clone wiki failed via ssh (#5503) 2018-12-11 13:37:32 -05:00
Greg Karékinian 15d6cf179d Fix the Let's Encrypt handler by listening on a valid address (#5525)
* Fix the Let's Encrypt handler by listening on a valid address

Also handle errors in the HTTP server go routine, return a fatal error
when something goes wrong.

Thanks to @gbl08ma for finding the actual bug

Here is an example of the error handling:

    2018/12/11 14:23:07 [....io/gitea/cmd/web.go:87 func1()] [E] Failed to
    start the Let's Encrypt handler on port 30: listen tcp 0.0.0.0:30: bind:
    permission denied

Closes #5280

* Fix a typo
2018-12-11 10:46:12 -05:00
Lunny Xiao eabbddcd98
Restrict permission check on repositories and fix some problems (#5314)
* fix units permission problems

* fix some bugs and merge LoadUnits to repoAssignment

* refactor permission struct and add some copyright heads

* remove unused codes

* fix routes units check

* improve permission check

* add unit tests for permission

* fix typo

* fix tests

* fix some routes

* fix api permission check

* improve permission check

* fix some permission check

* fix tests

* fix tests

* improve some permission check

* fix some permission check

* refactor AccessLevel

* fix bug

* fix tests

* fix tests

* fix tests

* fix AccessLevel

* rename CanAccess

* fix tests

* fix comment

* fix bug

* add missing unit for test repos

* fix bug

* rename some functions

* fix routes check
2018-11-28 19:26:14 +08:00
Lanre Adelowo ce9a5173fe fix password variable shadowing (#5405) 2018-11-26 17:00:38 +02:00
Lanre Adelowo fd37fb01fd Don't force a password change for the admin user when creating an account via cli (#5391)
* don't force a password change for the admin user

* don't totally dicard -must-change-password flag if creating the first (admin) user via the cli. Use flag if present but make sure to default to not forcing a password update
2018-11-25 09:42:24 +02:00
zeripath 7d9a191a3c Create AuthorizedKeysCommand (#5236) 2018-11-01 09:41:07 -04:00
Robert Ștefan 7edb930240 Add command for migrating database (#4954) 2018-10-30 23:14:42 -04:00
Lanre Adelowo e5daa2698f Generate random password (#5023)
* add random-password flag

* run make fmt

* add length cli flag rather than use a default value
2018-10-30 17:34:25 -04:00
Lunny Xiao 0ba57949e4 remove unused db init on commands serv, update, hooks (#5225) 2018-10-30 12:41:25 +02:00
Antoine GIRARD 617a2433a3 Make gitea serv use api/internal (#4886)
* Start to move to internal/private

* Add GetPublicKeyByID

* Add HasDeployKey

* Add private.UpdateDeployKeyUpdated

* Add private.GetUserByKeyID

* Add private.AccessLevel

* Add private.CheckUnitUser

* Fix mistakes I made

* Some cleaning + moving code to separate files

* Fix error handling

* Remove useless error handling for setup

* lint: fix comment on exported func

* fix copyright header

* Fix order of args
2018-10-30 14:20:13 +08:00
Lunny Xiao a2ee2a3c67 fix showing pull request link when delete a branch (#5166) 2018-10-28 18:15:25 -04:00
Lanre Adelowo c2748ea7fe Add must-change-password flag to cli for creating a user (#4955)
* add support for an admin to force a user to change his/her password from thee cli

* use BoolFlag instead

* default to true

* simplify by removing unnneccessary if/else
2018-10-21 01:05:01 +03:00
Julien Tant dea3d849e1 Give user a link to create PR after push (#4716)
* Give user a link to create PR after push

* Forks now create PR in the base repository + make sure PR creation is allowed

* fix code style
2018-10-20 09:59:06 +03:00
Bo-Yi Wu 1e34413238 refactor: err != nil check, just return error instead (#5093) 2018-10-18 00:51:07 -04:00
techknowlogick e91a2cf2ea
Add/remove/list oauth providers via cli (#4591) 2018-09-12 10:46:02 -04:00
Fluf b82c14b3d2 add letsencrypt to Gitea (#4189) 2018-08-21 09:56:50 -04:00
Jerry Jacobs b1bc08e268 cmd/serve: pprof cpu and memory profile dumps to disk (#4560) 2018-08-07 14:49:18 -04:00
Fluf f54626df0b Add config path as an optional flag when changing pass via CLI (#4184) 2018-06-09 18:35:14 -04:00
Inon S 15f6ec9632 LFS: make HTTP auth period configurable (#4035)
* LFS: make HTTP auth period configurable

* Formatting: Removed semicolon

Due to automated fmt-check failure (drone.gitea.io)

* applying code reviews

* Applied code review comment: Change HTTPAuthExpiry to time.Duration

* Updated config cheat sheet
2018-05-29 16:07:16 +08:00
techknowlogick 8176345c0e Add cli commands to regen hooks & keys (#3979)
* Add cli commands to regen hooks & keys

* make fmt

* Allow passing path to config as an option

* add docs
2018-05-17 09:35:07 +08:00
Lauris BH b66d6b3449
Do not allow inactive users to access repositories using private keys (#3887) 2018-05-02 16:22:56 +03:00
Codruț Constantin Gușoi 96c268c0fc Implements generator cli for secrets (#3531)
Signed-off-by: Codruț Constantin Gușoi <codrut.gusoi@gmail.com>
2018-02-18 20:14:37 +02:00
Antoine GIRARD 9e842c8a72 Fix SSH auth lfs locks (#3152)
* Fix SSH auth LFS locks

* Activate SSH/lock test

* Remove debug

* Follow @lunny recommendation for AfterLoad method
2018-01-27 18:48:15 +02:00
Morgan Bazalgette 2b52f77e1b General refactor of the cmd package (#3328)
* General refactor of the cmd package

* Address breakage in runCreateUser

* Place "common" functions into cmd.go
2018-01-12 23:16:49 +01:00
Kim "BKC" Carlbäcker e5b8b4b5ec Cleanup models.User.HashPassword (#3334) 2018-01-12 00:19:38 +02:00
Morgan Bazalgette 674cfb7cac Change EncodePasswd to HashPassword (#3329)
* Change EncodePasswd to HashPassword

* Create test+benchmark for HashPassword
2018-01-08 23:28:18 +01:00
Sandro Santilli 8cd987af0c Add repo-sync-releases admin command (#3254)
* Add repo-sync-releases admin command

Will help recovering corrupted database, see #3247

* Load repos in chunks of 10, exit with error if unable to get a list, scan private repos, fix typo

* Fix debug output about num releases

* Introduce RepositoryListDefaultPageSize constant, set to 64

Use it from the new admin command

* Use RepositoryListDefaultPageSize in more places

* Document RepositoryListDefaultPageSize
2017-12-31 16:45:46 +02:00
Mike Fellows fabf3f2fc2 Add an option to allow redirect of http port 80 to https. (#1928)
* Add an option to allow redirect of http port 80 to https.

This is an "opt in" option (default is to not redirect).  It will only redirect
if protocol is https and the new REDIRECT_PORT_80 option is set to true.

The Port to redirect in previous commit was hardcoded to 80, now it can be
specified in the app.ini, defaulting to 80.  The boolean option to turn
redirection on has been changed to REDIRECT_OTHER_PORT to be logically
consistent with the new port option.

Signed-off-by: Mike Fellows <mike.fellows@shaw.ca>
2017-12-25 23:23:43 +01:00
Lunny Xiao f94c1b3943
Improvements for supporting UI Location (#3146)
* improvements for supporting UI Location

* improved the comment
2017-12-14 07:45:31 +08:00
Lunny Xiao 00bfa1d055
fix run web with -p push failed (#3154) 2017-12-13 16:57:28 +08:00
Lunny Xiao 35cc5b0402
Remove GetRepositoryByRef and add GetRepositoryByOwnerAndName (#3043)
* remove GetRepositoryByRef and add GetRepositoryByOwnerAndName

* fix tests

* fix tests bug

* some improvements
2017-12-02 15:34:39 +08:00
Lunny Xiao 62d0a4d882 Add external markup render support (#2570)
* add external markup render support

* bug fixed

* refacotr codes and fix wrong error log

* fix comments and add check to prevent leaks

* add check for config file and improve the example

* check file close error

* use ioutil.TempFile instead uuid

* correct Render -> Parser

* improve warning when incorrect markup setting

* fix typos
2017-11-07 08:33:06 +02:00
Guillaume Dube 8798cf4e3b Set session and indexers' data files rel to AppDataPath (#2192)
* Set session and indexers' data files rel to AppDataPath

The setting AppDataPath is now relative to the working directory.
The session svc's PROVIDER_CONFIG now defaults to AppDataPath/data/sessions.
The issue indexer's IssuePath now defaults to AppDataPath/indexers/issues.bleves.

* fix bug
2017-11-03 10:56:20 +02:00
Lunny Xiao 9ddbbd9d5a improve force push detect when push (#2798) 2017-10-28 22:36:20 +03:00
Lunny Xiao 1739e84ac0 improve protected branch to add whitelist support (#2451)
* improve protected branch to add whitelist support

* fix lint

* fix style check

* fix tests

* fix description on UI and import

* fix test

* bug fixed

* fix tests and languages

* move isSliceInt64Eq to util pkg; improve function names & typo
2017-09-14 16:16:22 +08:00
Lunny Xiao f960e19c59 Only update needed columns when update user (#2296)
* only update needed columns when update user

* fix missing update_unix column
2017-08-12 22:18:44 +08:00
Jonas Östanbäck b1b8c5e9f4 Set TMPDIR enviroment variable for dump command (#1915) 2017-06-08 19:24:15 -05:00
Bo-Yi Wu 703d18e50d feat: add check misspelling (#1877) 2017-06-05 02:49:46 -05:00
Lunny Xiao 6362462da8
fix admin lost permission caused by #947 2017-05-19 08:59:26 +08:00
Lunny Xiao fd6034aaf2 Add units to team (#947)
* add units to team

* fix lint

* finish team setting backend

* finished permission controll on routes

* fix import blank line

* add unit check on ssh/http pull and push and fix test failed

* fix fixtures data

* remove unused code
2017-05-18 22:54:24 +08:00
Lunny Xiao 930d1759ae Remove env user salt since no need to use (#1515)
* remove env user salt since no need to use

* remove unused variable from update.go
2017-05-06 21:21:22 +08:00
Lunny Xiao 1773e88643 Drop db operations from hook commands (#1514)
* move all database operations from hook command to web command and instead of internal routes

* bug fixed

* adjust the import path sequences

* remove unused return value on hookSetup
2017-05-04 13:42:02 +08:00
Ethan Koenig c58708d3ee Integration test framework (#1290)
* Integration test framework

* udpate drone sign

* Formatting fixes and move router.go to routers/

* update sign for drone
2017-04-25 15:24:51 +08:00
Lunny Xiao 42072783c9 support health check via / and fix #969 (#1520) 2017-04-20 20:14:21 +08:00
Bo-Yi Wu fa2a513c62 feat: add download count field and unit testing for attachment. (#1512)
* feat: add download count field and unit testing.

* fix: unit testing

* refactor: improve testing.

* fix: update comment

* add default value.

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2017-04-20 10:31:31 +08:00
Lunny Xiao 2eeae84cbd Add internal routes for ssh hook comands (#1471)
* add internal routes for ssh hook comands

* fix lint

* add comment on why package named private not internal but the route name is internal

* add comment above package private why package named private not internal but the route name is internal

* remove exp time on internal access

* move routes from /internal to /api/internal

* add comment and defer on UpdatePublicKeyUpdated
2017-04-19 11:45:01 +08:00
Lauris BH f42ec6120e Better URL validation (#1507)
* Add correct git branch name validation

* Change git refname validation error constant name

* Implement URL validation based on GoLang url.Parse method

* Backward compatibility with older Go compiler

* Add git reference name validation unit tests

* Remove unused variable in unit test

* Implement URL validation based on GoLang url.Parse method

* Backward compatibility with older Go compiler

* Add url validation unit tests
2017-04-19 11:02:20 +08:00
Bo-Yi Wu 22295944df refactor: show command help message. (#1486) 2017-04-12 15:44:54 +08:00
Lunny Xiao 5c0bee9b20 refactor update ssh key use time (#1466) 2017-04-07 17:40:38 -07:00
Andrey Nering b674460748 Add watch button on issue 2017-03-29 20:31:47 -03:00
Sandro Santilli 129b0d6a4b Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION (#1369)
* Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION

Omit the configuration variable (the default) to be dependent.
Fixes #1363

* Move OpenID settings under Service object

* Show OpenID SignUp and SignIn status in admin panel / configuration
2017-03-29 18:57:43 +08:00
Pavel Korovin ae9b02b079 Fix FCGI (over TCP) support (#1368) 2017-03-23 15:57:43 +08:00
Fabian Zaremba 9224405155 LFS: Fix SSH authentication for trailing arguments (#1328)
Fixes #1296
2017-03-22 18:43:28 +08:00
Fabian Zaremba 5586445207 LFS: Return 404 for unimplemented endpoints (#1330)
Without this patch a 401 is returned for unspecified endpoints, making
the LFS client ask for HTTP credentials. This behaviour was introduced
with the new locking API:

https://github.com/git-lfs/git-lfs/blob/master/docs/api/locking.md
2017-03-20 16:40:20 +08:00
Sandro Santilli 9182a35f18 Show user OpenID URIs in their profile (#1314) 2017-03-20 09:31:08 +01:00
Sandro Santilli e1586898b2 Add change-password admin command (#1304)
* Add change-password admin command
2017-03-20 09:23:38 +01:00
Bo-Yi Wu 1c3bd436cc feat: Only use issue and wiki on repo. (#1297) 2017-03-18 18:59:07 +08:00
Sandro Santilli 71d16f69ff Login via OpenID-2.0 (#618) 2017-03-17 15:16:08 +01:00
Lunny Xiao ebbcf6fe12 Allow push to init a wiki repo (#1279)
* allow push to init a wiki repo

* compact error check
2017-03-17 12:59:42 +08:00
Ethan Koenig 09fe4a2ae9 Batch updates for issues (#926) 2017-03-15 02:10:35 +01:00
Ethan Koenig ec0ae5d50c Refactor and fix incorrect comment (#1247) 2017-03-15 08:51:46 +08:00
Sandro Santilli 7d8f9d1c46 Rename /forget_password url to /forgot_password
Also renames `forgot_password` translation key to
`forgot_password_title` and `forget_password` to
`forgot_password`

Includes entry in CHANGELOG about the breaking change
(and some markdown fixes in there)
2017-03-14 22:54:07 +01:00
Lunny Xiao 341b3a0349 bug fix for dump when data directoryis not exist (#1025) 2017-03-02 17:41:33 +08:00
Lunny Xiao cfdc62e7fa Comment force push detect to fix bug #1073 (#1077)
* umcomment force push detect to fix bug #1073

* fix #1086

* handle global config set and fix #1086
2017-03-01 23:01:03 +08:00
Lunny Xiao 9084bdd863 fix push (#1076) 2017-02-27 14:24:58 +08:00
Lunny Xiao 50918084bb remove unused struct (#1062) 2017-02-27 09:49:05 +08:00
Lunny Xiao 35548a9d4e remove unused fixme on dump command (#1065) 2017-02-26 16:01:49 +08:00
Lunny Xiao cd1821a7e2 Move push update to post-receive and protected branch check to pre-receive (#1030)
* move all push update to git hook post-receive and protected branch check to git hook pre-receive

* add SSH_ORIGINAL_COMMAND check back

* remove all unused codes

* fix the import
2017-02-25 22:54:40 +08:00
Lunny Xiao 0e6b9ea786 Take back control of hooks (#1006)
* git: delegate all server-side Git hooks (#1623)

* create hooks directories

* take control hooks back

* fix lint

* bug fixed and minor changes

* fix imports style

* fix migration scripts
2017-02-23 11:40:44 +08:00
Willem van Dreumel 01d957677f Oauth2 consumer (#679)
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)

* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)

* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
2017-02-22 08:14:37 +01:00
Denis Denisov fd941db246 Protected branches system (#339)
* Protected branches system

* Moved default branch to branches section (`:org/:reponame/settings/branches`).
* Initial support Protected Branch.
  - Admin does not restrict
  - Owner not to limit
  - To write permission restrictions

* reformat tmpl

* finished the UI and add/delete protected branch response

* remove unused comment

* indent all the template files and remove ru translations since we use crowdin

* fix the push bug
2017-02-21 23:02:10 +08:00
Christoph König ffde33bdfa Fix typo (#990) 2017-02-21 09:14:37 +08:00
Lunny Xiao 04fdeb9d8d Make Xorm log configurable (#174)
* make xorm log configable

* bug fixed for other sub commands except web

* rebase and fix xorm log

* bug fix for TrimSpace
2017-02-20 16:11:13 +08:00
Lunny Xiao be55460b63 catch error on call setup on serv command (#932) 2017-02-15 09:25:21 +08:00
Bo-Yi Wu d67b278a0d feat: Able to disable non-admin to create new organization (#927) 2017-02-14 20:16:00 +08:00
Andrew Boyarshin dc8248f8a4 Markdown rendering overhaul (#186)
* Markdown rendering overhaul

Cleaned up and squashed commits into single one.

Signed-off-by: Andrew Boyarshin <boyarshinand@gmail.com>

* Fix markdown API, add markdown module and API tests, improve code coverage

Signed-off-by: Andrew Boyarshin <boyarshinand@gmail.com>
2017-02-14 09:13:59 +08:00
Sandro Santilli 9b4f6c1c32 Handle SetModel error, fixes one errcheck report (#257) 2017-02-12 09:53:46 +01:00
Lunny Xiao c5887b0f28 fix watchers templates breaks (#870) 2017-02-08 22:13:48 +08:00
Matthias Loibl 17c5e12e6e Add ENABLE_PPROF to app.ini and start pprof if true on localhost:6060 (#801)
* Add ENABLE_PPROF to app.ini and start pprof if true on localhost:6060

* Add comment for golint to blank pprof import
2017-02-05 21:06:25 +08:00
surefire c73b7a65f5 Fix remove unix socket listenAddr (#846)
Because the absence of the listenAddr is what is expected.
The error will only be then when we can't remove.
2017-02-05 20:27:37 +08:00
Lunny Xiao 8a421b1fd7 Add units concept for modulable functions of a repository (#742)
* Add units concept for modulable functions of a repository

* remove unused comment codes & fix lints and tests

* remove unused comment codes

* use struct config instead of map

* fix lint

* rm wrong files

* fix tests
2017-02-04 23:53:46 +08:00
Gabriel Jackson bf6f61cc69 Cleanup log messaging
This change corrects a few logging issues:

 * Standardized formatting errors with '%v'.
 * Standardized failure warning word usage.
 * Corrected an instance of using the standard log library when
   the gitea log library should be used instead.
2017-02-02 15:24:18 +01:00
Thomas Boerger 78535fb08e Allow custom public files (#782)
* Allow custom public files

* Gofmt code, lots of places not related to this pr
2017-01-28 23:14:56 +01:00
Bwko 8555e888d8 Add ETag header to avatars (#721) 2017-01-25 12:26:31 +08:00
Lunny Xiao a8048c19f3 Update xorm and fix dump command (#692)
* update xorm and fix dump

* catch database init error

* still use dumpTables

* fix dump bool type

* update vendor.json
2017-01-23 17:11:18 +08:00
Andrew 6dd096b7f0 Two factor authentication support (#630)
* Initial commit for 2FA support

Signed-off-by: Andrew <write@imaginarycode.com>

* Add vendored files

* Add missing depends

* A few clean ups

* Added improvements, proper encryption

* Better encryption key

* Simplify "key" generation

* Make 2FA enrollment page more robust

* Fix typo

* Rename twofa/2FA to TwoFactor

* UNIQUE INDEX -> UNIQUE
2017-01-16 10:14:29 +08:00
Philip Couling 64375d875b Attach to release (#673)
* Moved attachaments POST url from /issues/attachments to /attachments

* Implemented attachment upload on release page

* Implemented downloading attachments on the release page

* Added zip and gzip files to default allowed attachments

* Implemented uploading attachments on edit release

* Renamed UploadIssueAttachment to UploadAttachment
2017-01-15 22:57:00 +08:00
Bwko 4a1f36c3cc Don't create a default pid file (#637) 2017-01-14 10:15:43 +08:00
Manuel Kuhlmann e698654902 Add data directory excluding sessions to dump (#587) 2017-01-12 12:47:20 +08:00
Andrey Nering 769e0a3ea6 Notifications: mark as read/unread and pin (#629)
* Use relative URLs

* Notifications - Mark as read/unread

* Feature of pinning a notification

* On view issue, do not mark as read a pinned notification
2017-01-12 12:27:09 +08:00
Bo-Yi Wu 9f575986d8 feat: support pid file. 2017-01-09 19:54:57 +08:00
Andrey Nering 79d527195d Merge pull request #539 from andreynering/notifications-step-2
Notifications - Step 2
2017-01-05 11:53:01 -02:00
Lunny Xiao 980dd0bf51 Update xorm and dependencies vendor for feature to dump to other database (#565)
* update xorm and dependencies vendor for feature to dump to other database

* fix golint
2017-01-03 16:20:28 +08:00
Lunny Xiao bf85c82087
fix windows build broken by #416 2016-12-31 17:16:02 +08:00
Lunny Xiao 527c2dd665 Support http service graceful restart (#416)
* support http service graceful restart

* fix dependencies
2016-12-31 09:00:33 +08:00
Andrey Nering 6069abe5fd Notifications - Step 2 2016-12-30 16:51:24 -02:00
Andrey Nering b992858883 Tab on user profile to show starred repos (#519)
* Tab on user profile to show starred repos

* Make golint happy and use transactions on StarRepo function

* x -> sess

* Use sess.Close() instead of sess.Rollback()

* Add copyright

* Fix lint
2016-12-29 22:58:24 +08:00
Kjell Kvinge 22e1bd31c6 commithgraph / timeline (#428)
* Add model and tests for graph

* Add route and router for graph

* Add assets for graph

* Add template for graph
2016-12-29 07:44:32 +08:00
Fabian Zaremba 2e7ccecfe6 Git LFS support v2 (#122)
* Import github.com/git-lfs/lfs-test-server as lfs module base

Imported commit is 3968aac269a77b73924649b9412ae03f7ccd3198

Removed:

Dockerfile CONTRIBUTING.md mgmt* script/ vendor/ kvlogger.go
.dockerignore .gitignore README.md

* Remove config, add JWT support from github.com/mgit-at/lfs-test-server

Imported commit f0cdcc5a01599c5a955dc1bbf683bb4acecdba83

* Add LFS settings

* Add LFS meta object model

* Add LFS routes and initialization

* Import github.com/dgrijalva/jwt-go into vendor/

* Adapt LFS module: handlers, routing, meta store

* Move LFS routes to /user/repo/info/lfs/*

* Add request header checks to LFS BatchHandler / PostHandler

* Implement LFS basic authentication

* Rework JWT secret generation / load

* Implement LFS SSH token authentication with JWT

Specification: https://github.com/github/git-lfs/tree/master/docs/api

* Integrate LFS settings into install process

* Remove LFS objects when repository is deleted

Only removes objects from content store when deleted repo is the only
referencing repository

* Make LFS module stateless

Fixes bug where LFS would not work after installation without
restarting Gitea

* Change 500 'Internal Server Error' to 400 'Bad Request'

* Change sql query to xorm call

* Remove unneeded type from LFS module

* Change internal imports to code.gitea.io/gitea/

* Add Gitea authors copyright

* Change basic auth realm to "gitea-lfs"

* Add unique indexes to LFS model

* Use xorm count function in LFS check on repository delete

* Return io.ReadCloser from content store and close after usage

* Add LFS info to runWeb()

* Export LFS content store base path

* LFS file download from UI

* Work around git-lfs client issue with unauthenticated requests

Returning a dummy Authorization header for unauthenticated requests
lets git-lfs client skip asking for auth credentials
See: https://github.com/github/git-lfs/issues/1088

* Fix unauthenticated UI downloads from public repositories

* Authentication check order, Finish LFS file view logic

* Ignore LFS hooks if installed for current OS user

Fixes Gitea UI actions for repositories tracking LFS files.
Checks for minimum needed git version by parsing the semantic version
string.

* Hide LFS metafile diff from commit view, marking as binary

* Show LFS notice if file in commit view is tracked

* Add notbefore/nbf JWT claim

* Correct lint suggestions - comments for structs and functions

- Add comments to LFS model
- Function comment for GetRandomBytesAsBase64
- LFS server function comments and lint variable suggestion

* Move secret generation code out of conditional

Ensures no LFS code may run with an empty secret

* Do not hand out JWT tokens if LFS server support is disabled
2016-12-26 09:16:37 +08:00
Lunny Xiao 4b7594d9fa Provide button to delete merged pull request (#441)
* provide button to delete merged pull request

* golint fix
2016-12-25 23:27:25 +08:00
Thomas Boerger b33078fa33 Bindata is optional and over-writable on restart (#354)
* Moved conf assets into options folder

* Dropped old bindata

* Started to integrate options bindata and accessors

* Do not enforce a builtin app.ini

* Replaced bindata calls with options

* Dropped bindata task from makefile, it's the generate task now

* Always embedd app.ini to provide sane config defaults

* Use sane defaults for the configuration

* Defined default value for SSH_KEYGEN_PATH

* Dropped "NEVER EVER MODIFY THIS FILE" header from app.ini

* Fixed new paths in latest test additions

* Drop bindata with make clean task

* Set more proper default values
2016-12-22 19:12:23 +01:00
Lunny Xiao 47a7529d96 update code.gitea.io/git (#450) 2016-12-22 10:30:52 +01:00
Joubert RedRat ce21ed6c34 Remove remaining Gogs reference on locales and cmd (#430) 2016-12-21 20:13:17 +08:00
Bwko 026ad4aee7 Fixes panic when there's no user initialized (#358) 2016-12-06 21:58:34 +01:00
Thomas Boerger 83ed234472 Integrate templates into bindata optionally (#314)
Integrated optional bindata for the templates
2016-12-06 18:58:31 +01:00
Antonio Facciolo 947d2ee21b Fixes #316
Export Pusher name as GITEA_PUSHER_NAME env variable
Export also GITEA_UUID, but keep the uuid env variable for backward compatibility

export pusher name ENV variable #316

change env variable prefix to GITEA_

Signed-off-by: Antonio Facciolo <afdev82@gmail.com>

Export also GITEA_UUID #316

Keep uuid env variable for backward compatibility
2016-12-05 12:25:45 +01:00
Bwko 4ff0db0246 Catch os... errors 2016-12-02 07:41:19 +01:00
Thomas Boerger 2932042a6d Get rid of bin folder within makefile, enabled TiDB (#319)
* Get rid of the bin folder within the build process

Signed-off-by: Thomas Boerger <thomas@webhippie.de>

* Dropped latest make task, it is unused

Signed-off-by: Thomas Boerger <thomas@webhippie.de>

* Added tidb tag to drone config

Signed-off-by: Thomas Boerger <thomas@webhippie.de>

* Dropped the cert build tag

Signed-off-by: Thomas Boerger <thomas@webhippie.de>

* Dropped useless minwinsvc build tag

Signed-off-by: Thomas Boerger <thomas@webhippie.de>

* Dropped the useless build tags from drone config

Signed-off-by: Thomas Boerger <thomas@webhippie.de>
2016-12-01 15:28:43 +08:00
Thomas Boerger b6a95a8cb3 Integrate public as bindata optionally (#293)
* Dropped unused codekit config

* Integrated dynamic and static bindata for public

* Ignore public bindata

* Add a general generate make task

* Integrated flexible public assets into web command

* Updated vendoring, added all missiong govendor deps

* Made the linter happy with the bindata and dynamic code

* Moved public bindata definition to modules directory

* Ignoring the new bindata path now

* Updated to the new public modules import path

* Updated public bindata command and drop the new prefix
2016-11-30 00:26:36 +08:00
Lunny Xiao ec87a75c00 golint fixed for modules/auth 2016-11-27 21:39:06 +08:00
Andrey Nering c664ffd1db Merge pull request #270 from andreynering/gitea/http-headers-download
Fix HTTP headers for issue attachment download
2016-11-27 08:48:26 -02:00
Lunny Xiao 94da472717 Golint fixed for modules/setting (#262)
* golint fixed for modules/setting

* typo fixed and renamed UNIXSOCKET to UnixSocket
2016-11-27 18:14:25 +08:00
Andrey Nering 638dd24cec Fix HTTP headers for issue attachment download
- Download filename was wrong for files other than images. Example: It was `download` instead of `file.pdf`
- PDF was downloading instead of showing on browser
2016-11-26 10:13:25 -02:00
Bo-Yi Wu 5054020c1f fix gofmt error.
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2016-11-15 00:03:37 +08:00
Andrey Nering 739f07c98e Remember diff view style (#163) 2016-11-13 10:54:04 +08:00
Sandro Santilli 4247304f5a Update import paths from github.com/go-gitea to code.gitea.io (#135)
- Update import paths from github.com/go-gitea to code.gitea.io
- Fix import path for travis

See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
2016-11-10 17:24:48 +01:00
Matthias Loibl 90fb64b217 Improve formatting of admin command
Signed-off-by: Matthias Loibl <mail@matthiasloibl.com>
2016-11-09 23:32:24 +01:00
Matthias Loibl 5cd093aa46 Use cli Flags directly and not some helper funcs
Signed-off-by: Matthias Loibl <mail@matthiasloibl.com>
2016-11-09 23:18:22 +01:00
Sandro Santilli aadd7dcdc3 And others 2016-11-07 17:53:22 +01:00
Sandro Santilli f388661bda ACCESS_MODE_* -> AccessMode* 2016-11-07 17:20:37 +01:00
Thomas Boerger 3e13e16b3f
Dropped client from version check 2016-11-07 14:49:25 +01:00
Sandro Santilli 6e4252dad4 Replace gogits/git-module dependency with go-gitea/git (#94)
* Replace gogits/git-module dependency with go-gitea/git

Fixes #92

* Remove git alias for git module import (not needed)
2016-11-06 11:18:34 -02:00
Sandro Santilli f36544f98d Merge branch 'master' into feature/goimports 2016-11-05 22:54:20 +01:00
Andrey Nering bd898a10f8 Refactor editorconfig middleware 2016-11-05 15:44:14 -02:00
Matthias Loibl 953c099428 Add missing version & gogs package 2016-11-05 18:04:47 +01:00
Matthias Loibl 1f44b01e2a Fix imports found by goimports. 2016-11-05 17:56:35 +01:00
Thomas Boerger 3dd14ee522
Fixed "net.UnixAddr composite literal uses unkeyed fields" 2016-11-04 23:45:47 +01:00
Thomas Boerger 5b5af7daee
Made linter happy in cmd folder 2016-11-04 23:45:06 +01:00
Lunny Xiao 1adde07a3f Merge branch 'master' into fix/3743-route-regexp-branchname 2016-11-04 00:11:08 +08:00
Rémy Boulanouar 2d68bd1ef9 Change import reference to match gitea instead of gogs (#37) 2016-11-03 10:29:56 -02:00
Thibault Meyer 8ea63f8c50
Restore whitespace 2016-11-03 09:37:24 +01:00
Thibault Meyer a79eb48de3
Fix SHA regexp and commit comparisons 2016-11-03 09:32:55 +01:00
Unknwon 491407ddf8
#3590 fix 404 for release draft edition
Closes #3591
2016-09-03 06:00:59 -04:00
Daniel Oaks b3d9ca4ccd Add the ability to explore organizations (#3573)
* Add ability to explore organizations

* Use right icon for org explore links
2016-09-01 09:08:05 -04:00
Unknwon c2afdf2192 Minor code fix [CI SKIP] 2016-08-31 04:31:53 -07:00
Unknwon 16eb2eb6a3 Fix import path 2016-08-30 05:49:54 -07:00
Unknwon e6ec1ca1f8 #3548 disable issue cannot edit label and milestonefor pull requests 2016-08-30 05:30:47 -07:00
Unknwon 643142acab Web editor: support upload files 2016-08-30 05:23:59 -07:00
Kim "BKC" Carlbäcker 4f40019130 codegangsta/cli => urfave/cli (#3546) 2016-08-30 04:57:58 -07:00
Unknwon 2a13f682e0 Bump git-module required version 2016-08-29 23:57:22 -07:00