Commit graph

1521 commits

Author SHA1 Message Date
Ethan Koenig f29458bd3a EnableUnit() -> UnitEnabled() (#2242) 2017-08-02 11:46:54 +03:00
Christoph Handel 539d9f4c30 Fix git version check with four digits (1.8.3.1) (#2236) 2017-08-01 21:59:22 +03:00
Lauris BH 3702dac0d5 Fix profile update for non-local users (#2178) 2017-07-19 09:36:37 +08:00
Lauris BH f33e6ae09e Remove unit types commits and settings (#2161)
* Remove unit types commits and settings

* Can not limit units in administrator teams

* Limit changing units only to teams with read and write access mode

* Small code optimization
2017-07-17 10:04:43 +08:00
Stefan Kalscheuer 0b177574c9 Only show SSH clone URL if signed in (#2169) (#2170)
* Add configuration flag SSH_EXPOSE_ANONYMOUS

If this flag (default True) is set to false, the SSH clone URL will only be exposed if the current user is signed in.

* Default SSH exposure set to false

To match GitHub and for security reasons, SSH URL exposure is disabled by default.
In addition to that. minor code changes have been applied.

Signed-off-by: Stefan Kalscheuer <stefan@stklcode.de>

* Add integration tests

* Hide clone button neither HTTP and SSH is enabled

Signed-off-by: Stefan Kalscheuer <stefan@stklcode.de>
2017-07-15 22:21:51 +08:00
Roy Marples 89845f6728 Fix SHA1 hash linking (#2143)
This changes the regex to look for a hash from 7 to 40 characters,
to match the use of abbreviated hash lookups in both git and github.
The restriction of not being a pure number is also removed because
1234567 is now considered a valid abbreviated hash, as is deadbeef.

A note has been added to the top of the code to state that the
literal regex match is fine, but no extra validation is currently
performed so some false positives are expected.

A future change could ensure that the hash exists in the repository
before rendering it as a link, although this might incur a slight
performance penalty.

Reverts part of commit 4a46613 and fixes #2053.
2017-07-12 04:26:54 +02:00
Ethan Koenig e58237ee3f Fix import order 2017-07-06 16:38:38 -04:00
Ethan Koenig e14ea9979b Relative URL tests 2017-07-06 12:46:31 -04:00
Ethan Koenig b1d7348a20 Fix wiki preview links 2017-07-06 12:07:15 -04:00
Ethan Koenig 2fd039864b Fix missing-return bug (#2109) 2017-07-04 09:29:57 +08:00
Ethan Koenig fea902adc8 Check for valid renamed usernames (#2077)
* Check for valid renamed usernames

* Integration test

* Test for username with space

* Make name field required
2017-07-01 22:48:29 +03:00
Ethan Koenig 3c0705ecf3 Absolute path for setting.CustomConf (#2085) 2017-07-01 11:10:04 +08:00
Ethan Koenig 2b410e44b2 lint 2017-06-29 12:11:34 -04:00
Ethan Koenig 05e3726415 Use default avatar on error 2017-06-29 12:10:33 -04:00
Ethan Koenig 23f0728879 Don't ignore gravatar error 2017-06-29 10:37:55 -04:00
Lauris BH 32fc44aa83 Make time diff translatable (#2057) 2017-06-28 13:43:28 +08:00
Dan Magnus Lindvall 79daf31058 Setting to disable authorized_keys backup (#1856)
* Add setting to disable authorized_keys backup when rewriting public keys

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Update default value to comply with documentation

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Use tmp-file instead of bak-file for saving manually added keys.

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Change casing

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Change casing and build bakpath with sprintf only

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Only close file once

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Do not modify calcFingerprint

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Fix casing

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Change style from disable to enable

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Change name, just SSH_BACKUP_AUTHORIZED_KEYS

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Do not check for directory existence if backup is disabled

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
2017-06-28 09:35:35 +08:00
Kim "BKC" Carlbäcker 5db8cf3bd1 Always return valid go-get meta, even if unauthorized (#2010)
* Always return valid go-get meta, even if unauthorized

* don't leak information
2017-06-26 09:06:40 +08:00
Lunny Xiao f6450b8f92 remove deprecated code for Gogs compitable (#2041) 2017-06-23 14:29:53 +08:00
Mike Fellows 32f1c41f28 ROOT_URL setting use the default as shown in conf/app.ini (#1823)
The well commented conf/app.ini file that comes with the code shows the
ROOT_URL (i.e. setting.AppURL) as:

    ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/

However the installed custom/conf/app.ini file does not include this setting as
shown, and the default in the setting module was hard coded to
http://localhost:3000/ instead of what is shown above.

With this change the ROOT_URL will default to what is shown above if it is not
set in the custom/conf/app.ini.

Of course it is still possible to override the default by adding the ROOT_URL
setting to your custom/conf/app.ini file as usual.

Signed-off-by: Mike Fellows <mike.fellows@shaw.ca>
2017-06-22 15:35:14 +08:00
Bo-Yi Wu b7812be33a fix misspell (#1996)
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2017-06-18 08:30:04 +08:00
Andrey Nering 635273cea6 Merge pull request #1829 from ethantkoenig/no_branches
Commitless repos should be bare
2017-06-12 11:05:01 -03:00
Ethan Koenig 6d613fb28e No highlighting for .txt files (#1922) 2017-06-09 19:39:16 -05:00
Jonas Östanbäck d9a8eff2de Send mails as HTML as default. Setting for send as plain text. (#1648)
* Send mails as HTML as default. Setting for send as plain text.
 * Add new option SendAsPlainText. remove EnableHTMLAlternative
 * Send HTML mails as default
 * Add html check if html2text should be performed

* Send only multipart or plain. Add deprication warning for ENABLE_HTML_ALTERNATIVE

* Still use ENABLE_HTML_ALTERNATIVE for backward compatibility

* Changed to not ignore html2text errors
2017-06-07 09:14:31 +08:00
Sandro Santilli f6b58964d7 Include formatting check to the make test (and thus also check) rule (#1366)
* Include formatting check to the `make check` rule

... and give it its own standalone target too (make fmt-check)

Show diff on fmt-check failure
Do not allow running "fmt-check" with incompatible go version
Also simplify the `fmt` rule

* Forbid running "make fmt" with Go version != 1.7 or 1.8

* Ignore bindata.go for spelling and formatting checks

also remove duplicated variable assignment for GOFILES

* Run `make fmt`
2017-06-06 08:53:16 -05:00
Phil Hopper 6ec07a6bd7 Make LocalCopyPath a setting instead of a hard-coded path (#1881) 2017-06-06 04:09:54 -05:00
Ethan Koenig bfb44f8854 Fix status table race condition (#1835) 2017-05-31 16:57:17 +08:00
Ethan Koenig 642f844735 Fix PR template error (#1834) 2017-05-30 07:04:12 -05:00
Jonas Östanbäck b93568cce4 xxx_active_code_live setting in printed in hours and minutes instead … (#1814)
* xxx_active_code_live setting in printed in hours and minutes instead of just hours

* Update app.ini description of xxx_code_lives settings
2017-05-29 02:35:47 -05:00
Rémy Boulanouar e0c6ab2d44 Add Gitea Webhook (#1755)
* Replace Gogs by Gitea

* Fix missing changes

* Create Gitea webhook and put Gogs webhook apart.
2017-05-29 02:17:15 -05:00
Ethan Koenig c85ff532e9 Commitless repos should be bare 2017-05-28 22:31:40 -04:00
Bo-Yi Wu 1e40c2e579 fix: #1757 fix set MAX_CREATION_LIMIT as zero. (#1762)
* fix: #1757 fix set MAX_CREATION_LIMIT as zero.

* fix: missing default value
2017-05-21 22:48:35 +08:00
Andrey Nering be5323a05f Update HighlightJS and fix YAML files highlighting (#1764)
* Update HighlightJS to 9.11.0

* Fix YAML files highlighting
2017-05-20 11:52:35 +08:00
Lunny Xiao 6362462da8
fix admin lost permission caused by #947 2017-05-19 08:59:26 +08:00
Lunny Xiao fd6034aaf2 Add units to team (#947)
* add units to team

* fix lint

* finish team setting backend

* finished permission controll on routes

* fix import blank line

* add unit check on ssh/http pull and push and fix test failed

* fix fixtures data

* remove unused code
2017-05-18 22:54:24 +08:00
Jonas Östanbäck 5db5e16ab6 Correct grammar in APIEmpty documentation (#1748)
* Correct grammar in APIEmpty doc

* Generate swagger.v1.json
2017-05-18 22:39:42 +08:00
Ethan Koenig 9e627af9a4 gofmt (#1710) 2017-05-12 16:09:53 +08:00
Ethan Koenig 5ca3046da6 Fix rendering of issue checkboxes (#1709) 2017-05-12 15:52:45 +08:00
Lauris BH 524885dd65 LDAP user synchronization (#1478) 2017-05-10 15:10:18 +02:00
mappu fd76f090a2 markup: microoptimise for many short filenames in directory (#1534)
* markup: microoptimise for many short filenames in directory

Move strings.ToLower() after the early-return length check. This is a safe operation in all cases and should slightly improve directory listing performance when a directory contains many thousands of files with short filenames.

* markup: expand test cases for IsReadmeFile()
2017-05-09 22:20:22 +08:00
Lauris BH 51d0becb42 Add configuration option for default permission to create Organizations (#1686) 2017-05-08 21:51:53 +02:00
Lauris BH 9a0b0da1fe Fix commit sha1 URL rendering in markdown (#1677)
* Fix commit sha1 URL rendering in markdown

* Add unit test for commit sha1 markdown rendering when sha1 has space before it

* Change to better variable name
2017-05-05 16:49:13 +08:00
Lunny Xiao 1773e88643 Drop db operations from hook commands (#1514)
* move all database operations from hook command to web command and instead of internal routes

* bug fixed

* adjust the import path sequences

* remove unused return value on hookSetup
2017-05-04 13:42:02 +08:00
Antoine GIRARD 3edb0c5894 Generate swagger json (#1402)
- Generate swagger.json into public/
- Add swagger-ui auto-installation
- Add footer link to local swagger-ui
- Add /swagger url for using app url.
- Fix Swagger-UI version via git tag
2017-05-02 15:35:59 +02:00
Lunny Xiao 0d1e001b9c fix multiple readme file rendering and fix #1657 (#1658)
* fix multiple readme file rendering and fix #1657

* remove unnecessary loop
2017-05-02 16:57:54 +08:00
Lauris BH 0144817971 Do not allow commiting to protected branch from online editor (#1502)
* Do not allow commiting to protected branch from online editor

* Add editor integration tests for adding new file and not allowing to add new file to protected branch
2017-05-02 08:49:55 +08:00
Lunny Xiao 3ebbdfaa75 make openid support default false for compitable with v1.1 (#1650) 2017-05-02 00:27:53 +08:00
Willem van Dreumel 950f2e2074 Additional OAuth2 providers (#1010)
* add google+

* sort signin oauth2 providers based on the name so order is always the same

* update auth tip for google+

* add gitlab provider

* add bitbucket provider (and some go fmt)

* add twitter provider

* add facebook provider

* add dropbox provider

* add openid connect provider incl. new format of tips section in "Add New Source"

* lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow)

* imports according to goimport and code style

* make it possible to set custom urls to gitlab and github provider (only these could have a different host)

* split up oauth2 into multiple files

* small typo in comment

* fix indention

* fix indentation

* fix new line before external import

* fix layout of signin part

* update "broken" dependency
2017-05-01 21:26:53 +08:00
Antoine GIRARD 8371f94d06 Rework SSH key management UI to add GPG (#1293)
* Rework SSH key management UI to add GPG

* Add more detail to gpg key display

* Update CHANGELOG.md

* Implement deletion UI

* Implement adding gpg UI

* Various fixes

- Fix duplicate entry in locale
- Re-generate hash before verification since they are consumed

* Add missing translation

* Split template

* Catch not found/verified email error
2017-04-26 21:10:43 +08:00
Morlinest fcc7cdab11 Fix markdown rendering (#1530) 2017-04-24 12:18:36 +08:00
Lunny Xiao 52627032bc Add markup package to prepare for org markup format (#1493) 2017-04-21 09:01:08 +02:00
Lunny Xiao f0db3da713 fix go get sub package and add domain on installation to let go get work defaultly (#1518)
* fix go get sub package and add domain on installation to let go get work defaultly

* fix import sequence

* fix .git problem
2017-04-21 10:43:29 +08:00
Lunny Xiao a2d365c81f fix #1501 ssh hangs caused by #1461 (#1513) 2017-04-19 19:16:36 +08:00
Lunny Xiao 2eeae84cbd Add internal routes for ssh hook comands (#1471)
* add internal routes for ssh hook comands

* fix lint

* add comment on why package named private not internal but the route name is internal

* add comment above package private why package named private not internal but the route name is internal

* remove exp time on internal access

* move routes from /internal to /api/internal

* add comment and defer on UpdatePublicKeyUpdated
2017-04-19 11:45:01 +08:00
Lauris BH f42ec6120e Better URL validation (#1507)
* Add correct git branch name validation

* Change git refname validation error constant name

* Implement URL validation based on GoLang url.Parse method

* Backward compatibility with older Go compiler

* Add git reference name validation unit tests

* Remove unused variable in unit test

* Implement URL validation based on GoLang url.Parse method

* Backward compatibility with older Go compiler

* Add url validation unit tests
2017-04-19 11:02:20 +08:00
Kim "BKC" Carlbäcker d409d3ab57 Sanitation fix from Gogs (#1461)
* Santiation fix from Gogs

* Linting

* Fix build-errors

* still not working

* Fix all the things!

* gofmt

* Add code-injection checks
2017-04-13 10:52:24 +08:00
Jonas be6edaddcb Repo size in admin panel (#1482)
* Implementation of the feature to view repository size in admin panel
 * Move GetRepoSize to git module
 * Repository.RepoSize -> Repository.Size
 * RepoSize -> Size in template
 * Redo a few bits and pieces
 * Update size when syncing mirror or forking
 * Remove GetRepoSize
 * Changed fatal errors to error message

* Copy migration code from Gogs

* make fmt
2017-04-11 21:30:15 +08:00
Jonas 54f0293f0a Mirror sync interval specified as duration string (#1407)
* Sync interval specifed as duration string

* Changed mirror interval text

* make fmt

* Add MinInterval for mirror sync

* Use duration internally

* Changed min default to 10m

* make fmt

* Incorrect default

* Removed defaults in MustDuration()

* Add Mirror interval migration

* Default values corrected

* Use transaction during migration

* Change http 500 to page with error message

* Cleanup session.commit()
2017-04-08 23:27:26 +08:00
Mura Li b746757209 Remove unused mutex field (#1440) 2017-04-04 01:54:02 -07:00
Mura Li 93c25c9a35 Fix races in the log module by using syncmap (#1421) 2017-04-03 10:22:26 +08:00
Jonas 095e1f5155 Support for custom html meta (#1423)
* Support for custom html meta

* Changed html meta description default
2017-03-31 18:03:01 -07:00
Sandro Santilli 129b0d6a4b Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION (#1369)
* Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION

Omit the configuration variable (the default) to be dependent.
Fixes #1363

* Move OpenID settings under Service object

* Show OpenID SignUp and SignIn status in admin panel / configuration
2017-03-29 18:57:43 +08:00
Bo-Yi Wu 08f7fded3c refactor: remove workaround after the golang 1.7 release. (#1349)
* refactor: remove workaround after the golang 1.7 release.

* remove unused import.

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* refactor: Add remove function.

* refactor: rename

* refactor: update build flag
2017-03-29 10:05:23 +08:00
Sandro Santilli f73e734411 Run "make fmt" with go-1.6 (#1333) 2017-03-21 08:55:00 +08:00
caiwp dbabc35e71 Delete the useless code (#1335) 2017-03-20 21:17:07 +08:00
Lunny Xiao 8bcb643a03 remove empty file (#1326) 2017-03-19 21:43:04 +08:00
Bo-Yi Wu 1c3bd436cc feat: Only use issue and wiki on repo. (#1297) 2017-03-18 18:59:07 +08:00
Sandro Santilli 71d16f69ff Login via OpenID-2.0 (#618) 2017-03-17 15:16:08 +01:00
Lunny Xiao 3cf0e513e6 fix wrong log when push to a new branch (#1220) 2017-03-17 10:15:00 +08:00
Ethan Koenig 17f403fbcd Fix nil-dereference bug 2017-03-15 14:09:44 -04:00
Ethan Koenig 021904e4e6 Fix typos in models/ and modules/ (#1248) 2017-03-15 08:52:01 +08:00
Ethan Koenig ec0ae5d50c Refactor and fix incorrect comment (#1247) 2017-03-15 08:51:46 +08:00
Andrey Nering d2b2881306 Fix Git hooks not being executed on Windows when running as a service (#1149)
Closes #1139
2017-03-09 09:27:43 +08:00
Bo-Yi Wu 0afab87631 refactor: remove redundant slash. (#1109) 2017-03-03 20:47:24 +08:00
Bo-Yi Wu 28a5bc313a fix: gofmt errors. (#1106) 2017-03-03 16:21:31 +08:00
Schwobaland 2f7dc28b22 add ProxyFromEnvironment if none set (#1096) 2017-03-02 08:36:42 +08:00
Jonas f3bf409082 Log config pretty printer (#1097)
Signed-off-by: Jonas Östanbäck <jonas.ostanback@gmail.com>
2017-03-02 08:25:44 +08:00
Lunny Xiao 0380ce269f add back the default setting values and fix #739 (#1093) 2017-03-01 23:10:12 +08:00
Thomas Boerger db6777d369 Fixed custom templates for static builds (#1087) 2017-03-01 09:45:21 +08:00
Lunny Xiao c2eef171ff fix some typos (#1082) 2017-02-28 12:56:15 +08:00
Jonas a201977590 Fix for #828: Embed build tags (#1051)
* Fix for #828
Add build tags to ldflags and print in version output

Signed-off-by: Jonas Östanbäck <jonas.ostanback@gmail.com>

* Reworked formatBuiltWith function

Signed-off-by: Jonas Östanbäck <jonas.ostanback@gmail.com>

* Add tags to version information in admin panel

Signed-off-by: Jonas Östanbäck <jonas.ostanback@gmail.com>

* Added new variable for use on admin page.

Signed-off-by: Jonas Östanbäck <jonas.ostanback@gmail.com>

* Fixed incorrect indentation
2017-02-28 08:40:02 +08:00
Andrey Nering f552b0a207 Remove test that touch network 2017-02-25 10:32:15 -03:00
Andrew Boyarshin 0602a44b27 Fix URL handling in the whole markdown module, improve test coverage (#1027)
Amended with string to bool change in API SDK.

Signed-off-by: Andrew Boyarshin <andrew.boyarshin@gmail.com>
2017-02-24 22:59:56 +08:00
puffybsd 8de8e11487 Fixes 1019, install page SMTP user is required to (#1020)
to be an email address.

Signed-off-by: P.B. <puffybsd@yahoo.com>
2017-02-24 09:37:13 +08:00
Lunny Xiao d6748284bd fix panic when push but the only log mode console is disabled by serv and update commands (#1007) 2017-02-22 19:44:51 +08:00
Willem van Dreumel 01d957677f Oauth2 consumer (#679)
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)

* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)

* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
2017-02-22 08:14:37 +01:00
Denis Denisov fd941db246 Protected branches system (#339)
* Protected branches system

* Moved default branch to branches section (`:org/:reponame/settings/branches`).
* Initial support Protected Branch.
  - Admin does not restrict
  - Owner not to limit
  - To write permission restrictions

* reformat tmpl

* finished the UI and add/delete protected branch response

* remove unused comment

* indent all the template files and remove ru translations since we use crowdin

* fix the push bug
2017-02-21 23:02:10 +08:00
Lunny Xiao 70ae6d197b disable console output xorm log on ssh (#993) 2017-02-21 21:34:05 +08:00
Lunny Xiao 04fdeb9d8d Make Xorm log configurable (#174)
* make xorm log configable

* bug fixed for other sub commands except web

* rebase and fix xorm log

* bug fix for TrimSpace
2017-02-20 16:11:13 +08:00
Unknwon 134f3e6e09 Security: prevent XSS attach on wiki page
Reported by Miguel Ángel Jimeno.
2017-02-16 04:06:20 +01:00
Lunny Xiao cf47532ebc fix ssh domain default value to domain (#930) 2017-02-15 00:07:37 +08:00
Bo-Yi Wu d67b278a0d feat: Able to disable non-admin to create new organization (#927) 2017-02-14 20:16:00 +08:00
Andrew Boyarshin dc8248f8a4 Markdown rendering overhaul (#186)
* Markdown rendering overhaul

Cleaned up and squashed commits into single one.

Signed-off-by: Andrew Boyarshin <boyarshinand@gmail.com>

* Fix markdown API, add markdown module and API tests, improve code coverage

Signed-off-by: Andrew Boyarshin <boyarshinand@gmail.com>
2017-02-14 09:13:59 +08:00
Bo-Yi Wu 5cc275b1de feat: add git version on admin panel. (#921) 2017-02-13 19:49:42 +08:00
Andrew a36a8f4d72 Add missing copyright header to status table test (#902) 2017-02-11 17:53:47 +08:00
Andrew 42835c7f82 Implement archive cleanup (#885)
* Implement archive cleanup

Fixes #769

Signed-off-by: Andrew <write@imaginarycode.com>

* Make sure to close the directory file

* Resolve issues noted by @strk

* edit cheatsheet app.ini [ci skip]

* oops [ci skip]
2017-02-11 12:00:46 +08:00
Andrew 1da7dd3da9 Improve status table implementation (#879)
* Remove superfluous defer calls

* Improve status table implementation as well

This would probably only help with large, high-traffic installs
2017-02-09 14:39:06 +08:00
Ethan Koenig d2329e1c26 Use assert in legacy unit tests (#867) 2017-02-08 14:29:07 +08:00
Ethan Koenig 027591a3a5 Redirects for renamed repos (#807)
* Redirects for renamed repos

* Remove unused phrase from locales
2017-02-05 22:35:03 +08:00
Ethan Koenig e86d935175 Avoid duplicate queries in auth (#827)
Avoid identical making calls to GetUserByID(..) in SignedInUser(..)
2017-02-05 21:10:46 +08:00