Commit graph

1723 commits

Author SHA1 Message Date
Lunny Xiao 0e6b9ea786 Take back control of hooks (#1006)
* git: delegate all server-side Git hooks (#1623)

* create hooks directories

* take control hooks back

* fix lint

* bug fixed and minor changes

* fix imports style

* fix migration scripts
2017-02-23 11:40:44 +08:00
Willem van Dreumel 01d957677f Oauth2 consumer (#679)
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)

* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)

* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
2017-02-22 08:14:37 +01:00
Denis Denisov fd941db246 Protected branches system (#339)
* Protected branches system

* Moved default branch to branches section (`:org/:reponame/settings/branches`).
* Initial support Protected Branch.
  - Admin does not restrict
  - Owner not to limit
  - To write permission restrictions

* reformat tmpl

* finished the UI and add/delete protected branch response

* remove unused comment

* indent all the template files and remove ru translations since we use crowdin

* fix the push bug
2017-02-21 23:02:10 +08:00
Lunny Xiao b8f70a27a5 Security: fix XSS attack on alert (#973) 2017-02-19 19:18:06 +08:00
Lunny Xiao 6076c95dd1 Security: fix XSS attack on milestone (#976)
Reported by Miguel Ángel Jimeno.
2017-02-19 19:09:59 +08:00
Lunny Xiao dbe6d2ff8e fix docker link on install page (#964) 2017-02-18 22:19:51 +08:00
Lunny Xiao 847527fd6d Fix all the bugs in issues and pulls on dashboard (#943)
* fix all the bugs in issues and pulls on dashboard

* small fix and refactor

* add method getRepoIDs for IssueList
2017-02-17 08:58:19 +08:00
Bo-Yi Wu 4c12e2a4b9 fix: fill in ssh key title on setting of repo (#950)
* fix: fill in ssh key title on setting of repo

* fix: Don't overwrite ssh key title if exist.
2017-02-16 05:16:42 +01:00
Unknwon 134f3e6e09 Security: prevent XSS attach on wiki page
Reported by Miguel Ángel Jimeno.
2017-02-16 04:06:20 +01:00
Lunny Xiao 7a9a5c8a69 Fix assigned issues dashboard (#920)
* Fix assigned/created issues in dashboard. (#3560)

* Fix assigned/created issues in dashboard.

* Use GetUserIssueStats for getting all Dashboard stats.

* Use gofmt to format the file properly.

* Replace &Issue{} with new(Issue).

* Check if user has access to given repository.

* Remove unnecessary filtering of issues.

* Return 404 error if invalid repository is given.

* Use correct number of issues in paginater.

* fix issues on dashboard
2017-02-14 22:15:18 +08:00
Bo-Yi Wu d67b278a0d feat: Able to disable non-admin to create new organization (#927) 2017-02-14 20:16:00 +08:00
Bo-Yi Wu 23aba523b5 feat: support search bar on star tab of user profile. (#917)
* feat: support search bar on star tab of user profile.

* fix: update testing.

* fix: Using loadAttributes

* fix: remove empty line.

* remove LOWER

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2017-02-14 15:28:22 +08:00
Andrew Boyarshin dc8248f8a4 Markdown rendering overhaul (#186)
* Markdown rendering overhaul

Cleaned up and squashed commits into single one.

Signed-off-by: Andrew Boyarshin <boyarshinand@gmail.com>

* Fix markdown API, add markdown module and API tests, improve code coverage

Signed-off-by: Andrew Boyarshin <boyarshinand@gmail.com>
2017-02-14 09:13:59 +08:00
Bo-Yi Wu 5cc275b1de feat: add git version on admin panel. (#921) 2017-02-13 19:49:42 +08:00
Andrew 3f67676059 Implement basic Open Graph support. (#901) 2017-02-11 20:57:33 +08:00
Lunny Xiao 8a0be5e9f0 Bug fixed for deleted label in issue comment (#904)
* bug fixed for deleted label in issue comment

* fix indent
2017-02-11 20:56:57 +08:00
Lunny Xiao cf0f451c37 Add delete branch track on pull request comments (#888)
* add delete branch track on pull request comments

* don't change vendor
2017-02-11 12:00:29 +08:00
Bo-Yi Wu 40f4377717 feat: fill in ssh key title automatically. (#863) 2017-02-09 17:58:04 +08:00
Sandro Santilli 23a7527e04 Allow rendering alerts in dashboard (#856)
NOTE: useful when logging in via OpenID and connecting to user
2017-02-08 09:37:23 +08:00
Lunny Xiao 02a881aa32 show tags on dashboard issues (#860) 2017-02-07 23:33:18 +08:00
Sandro Santilli ed096186a7 social_register_hepler_msg -> social_register_helper_msg (#855)
* social_register_hepler_msg -> social_register_helper_msg

* register_hepler_msg -> register_helper_msg
2017-02-07 23:30:20 +08:00
Bo-Yi Wu b13232f524 feat: support paginater on star tab of user profile. (#845) 2017-02-07 19:54:16 +08:00
Stephen Brown 94130da63a Fixes #794 by moving emoji tag to the correct span (#848)
Signed-off-by: Stephen Brown <steve@evolvedlight.co.uk>
2017-02-06 23:24:59 +08:00
Zsombor e388db311b Add checkbox to search for all the branches by commit message (#813)
and updating the vendor directory
2017-02-05 22:43:28 +08:00
Lunny Xiao f35b20b042 track issue title changes (#841) 2017-02-05 22:36:00 +08:00
Ethan Koenig 027591a3a5 Redirects for renamed repos (#807)
* Redirects for renamed repos

* Remove unused phrase from locales
2017-02-05 22:35:03 +08:00
Lunny Xiao 8a421b1fd7 Add units concept for modulable functions of a repository (#742)
* Add units concept for modulable functions of a repository

* remove unused comment codes & fix lints and tests

* remove unused comment codes

* use struct config instead of map

* fix lint

* rm wrong files

* fix tests
2017-02-04 23:53:46 +08:00
Bo-Yi Wu a90a215662 feat: Add search bar on user profile page. (#787) 2017-02-04 20:20:20 +08:00
Lunny Xiao 3e0525b47d Track assignee for issue (#808)
* track assignee for issue

* fix lint

* use getUserByID instead Get
2017-02-03 23:09:10 +08:00
Lunny Xiao 081485ecfd add milestone changed traker on issue view (#804) 2017-02-01 10:36:08 +08:00
Lunny Xiao f94869d2d1 Track labels changed on issue view & resolved #542 (#788)
* track labels changed on issue view & resolved #542

* add missing head comment & sort & fix refresh
2017-01-30 20:46:45 +08:00
Bo-Yi Wu d078aa30d6 feat: add search repository on dashboard. (#773) 2017-01-30 13:57:47 +08:00
Andrey Nering aa591317e7 Small UI fixes 2017-01-28 14:11:49 -02:00
Andrey Nering 5348e8b71a Fix color: closed PR was showing as purple instead of red 2017-01-28 14:01:07 -02:00
Bwko e08421017c Add ability to fork your own repos (#761) 2017-01-26 22:44:37 +08:00
Bwko 067ae5d96e Fix to reflect selected branch for fork (#762)
PullRequestCtx.HeadInfo did not contain the current selected branch
causing issue #304
2017-01-26 13:32:08 +08:00
Bo-Yi Wu 2831267db1 refactor: move js to bottom and move css to top. (#689) 2017-01-25 23:15:25 +08:00
Ethan Koenig 833f8b94c2 Search bar for issues/pulls (#530) 2017-01-25 10:43:02 +08:00
Bwko 74ed6dc3ad Add option to app.ini to enable local import paths (#724) 2017-01-23 09:19:50 +08:00
Kjell Kvinge f9a3aa8737 add scroolbars to wide graphs. (#608)
* Add scrollbars to graph and revlist if needed.

* Add border
2017-01-22 20:10:01 +08:00
Kazuki Sawada 3c4d5e1ed5 Fix: Pagenation on dashboard->issues does not work well (#698) 2017-01-19 17:20:40 +08:00
Andrey Nering d2bb8ef503 Notifications: trying to get a better layout (#660)
* i18n button titles

* Improvements on notification page layout

* Notification count badge fixes

* Make table <tr> clickable

* Fix octicon aligment

* Fix use of AppSubUrl
2017-01-18 09:18:55 +08:00
Andrew 6dd096b7f0 Two factor authentication support (#630)
* Initial commit for 2FA support

Signed-off-by: Andrew <write@imaginarycode.com>

* Add vendored files

* Add missing depends

* A few clean ups

* Added improvements, proper encryption

* Better encryption key

* Simplify "key" generation

* Make 2FA enrollment page more robust

* Fix typo

* Rename twofa/2FA to TwoFactor

* UNIQUE INDEX -> UNIQUE
2017-01-16 10:14:29 +08:00
Philip Couling 64375d875b Attach to release (#673)
* Moved attachaments POST url from /issues/attachments to /attachments

* Implemented attachment upload on release page

* Implemented downloading attachments on the release page

* Added zip and gzip files to default allowed attachments

* Implemented uploading attachments on edit release

* Renamed UploadIssueAttachment to UploadAttachment
2017-01-15 22:57:00 +08:00
Andrey Nering 769e0a3ea6 Notifications: mark as read/unread and pin (#629)
* Use relative URLs

* Notifications - Mark as read/unread

* Feature of pinning a notification

* On view issue, do not mark as read a pinned notification
2017-01-12 12:27:09 +08:00
Bo-Yi Wu 0af9a24087 docs: update translation on homepage for zh-tw (#634) 2017-01-11 09:23:42 +01:00
derSuessmann 51d578ff33 Add Keep email private (see issue #571). (#571)
- Add site-wide option DEFAULT_KEEP_EMAIL_PRIVATE.
- Add the new option to the install and admin/config pages.
- Add the new option to app.ini in the service section.
- Add the new option to the settings struct.
- Add English text strings to i18n.
- Add field KeepEmailPrivate to user struct.
- Add field KeepEmailPrivate to user form.
- Add option to UI.
- Add using noreply email address if user has "Keep Email Private".
An email address <LowerName>@<NO_REPLY_ADDRESS> is now used in commit
messages (and hopefully all other git log relevant places). The
change relies on the fact that git commands should use
user.NetGitSig().
- Add hiding of email address in UI, if user has set "Keep Email Private".
- Add condition to show email address only on explore/users and user
pages, if user has not set "Keep Email Private".
- Add noreply email in API if set "Keep Email Private".
- Add a new service setting NO_REPLY_ADDRESS. The value of this
setting is used as the domain part for the user's email address in
git log, iff he decides to keep his email address private.
If the user decides to keep his email address private and this
option is not set 'noreply.example.org' is used, which no MTA
should send email to.

Add NO_REPLY_ADDRESS to conf/app.ini.
2017-01-08 11:12:03 +08:00
Andrey Nering 79d527195d Merge pull request #539 from andreynering/notifications-step-2
Notifications - Step 2
2017-01-05 11:53:01 -02:00
Manuel Kuhlmann eb9ce39bb7 Fix unified diff view styling (#585)
Signed-off-by: Manuel Kuhlmann <manuel@mkuhlmann.org>
2017-01-05 10:04:41 +08:00
Manuel Kuhlmann a5e07da8be Fix diff split view coloring (#553) (#584)
Signed-off-by: Manuel Kuhlmann <manuel@mkuhlmann.org>
2017-01-05 09:07:43 +08:00
Andrey Nering b354cf362e Add pagination for notifications 2017-01-03 17:09:36 -02:00
Andrey Nering 545ba2e2e6 Showing index in front of issue title 2017-01-02 16:43:23 -02:00
Lunny Xiao 727675dd46 fix config session missing data row & resolved #517 (#549) 2017-01-02 12:33:15 +08:00
Thiago Avelino 787fda53ef UI config to toggle whether user email shows up in Explore Users (#336)
* UI config to toggle whether user email shows up in Explore Users

* Recommendation made by @tboerger
66a1c59fe7 (r94122732)

* fixed typo, rename ShowUserEmailInExplore to ShowUserEmail

* Fixed typo merged conflict

* Hide email in the user profile page

if you are active ShowUserEmail
ref https://github.com/go-gitea/gitea/pull/336#issuecomment-269843725

* Please replace MustBool() with MustBool(true)
2017-01-01 10:51:10 +08:00
Lunny Xiao 96c201273e
resolved #517: fix admin ui data row missing 2016-12-31 18:58:54 +08:00
Schwobaland c0904f1942 Restrict creating organisations by user (#193)
* restrict creating organizations based on right on user

* revert bindata.go

* reverse vendor lib

* revert goimports change

* set AllowCreateOrganization default value to true

* revert locale

* added default value for AllowCreateOrganization

* fix typo in migration-comment

* fix comment

* add coments in migration
2016-12-31 10:33:30 +08:00
Andrey Nering 6069abe5fd Notifications - Step 2 2016-12-30 16:51:24 -02:00
Andrey Nering b992858883 Tab on user profile to show starred repos (#519)
* Tab on user profile to show starred repos

* Make golint happy and use transactions on StarRepo function

* x -> sess

* Use sess.Close() instead of sess.Rollback()

* Add copyright

* Fix lint
2016-12-29 22:58:24 +08:00
Kjell Kvinge 22e1bd31c6 commithgraph / timeline (#428)
* Add model and tests for graph

* Add route and router for graph

* Add assets for graph

* Add template for graph
2016-12-29 07:44:32 +08:00
Sl@ny c22f9114c7 Implementation of Folder Jumping 2016-12-28 18:09:52 +01:00
Bwko 331316894e Replace Gogs with Gitea (#520) 2016-12-28 16:33:21 +08:00
Bwko 6388761129
Added Dutch translations to the landingpage 2016-12-26 23:03:16 +01:00
Bwko 71dee6b7c0 Improve the way how branches are deleted
Delete branch from HeadRepo instead of BaseRepo
Prevent the deletion of a master branch
Show a yes/no overlay when you press the delete branch button
2016-12-26 11:55:28 +01:00
Fabian Zaremba 2e7ccecfe6 Git LFS support v2 (#122)
* Import github.com/git-lfs/lfs-test-server as lfs module base

Imported commit is 3968aac269a77b73924649b9412ae03f7ccd3198

Removed:

Dockerfile CONTRIBUTING.md mgmt* script/ vendor/ kvlogger.go
.dockerignore .gitignore README.md

* Remove config, add JWT support from github.com/mgit-at/lfs-test-server

Imported commit f0cdcc5a01599c5a955dc1bbf683bb4acecdba83

* Add LFS settings

* Add LFS meta object model

* Add LFS routes and initialization

* Import github.com/dgrijalva/jwt-go into vendor/

* Adapt LFS module: handlers, routing, meta store

* Move LFS routes to /user/repo/info/lfs/*

* Add request header checks to LFS BatchHandler / PostHandler

* Implement LFS basic authentication

* Rework JWT secret generation / load

* Implement LFS SSH token authentication with JWT

Specification: https://github.com/github/git-lfs/tree/master/docs/api

* Integrate LFS settings into install process

* Remove LFS objects when repository is deleted

Only removes objects from content store when deleted repo is the only
referencing repository

* Make LFS module stateless

Fixes bug where LFS would not work after installation without
restarting Gitea

* Change 500 'Internal Server Error' to 400 'Bad Request'

* Change sql query to xorm call

* Remove unneeded type from LFS module

* Change internal imports to code.gitea.io/gitea/

* Add Gitea authors copyright

* Change basic auth realm to "gitea-lfs"

* Add unique indexes to LFS model

* Use xorm count function in LFS check on repository delete

* Return io.ReadCloser from content store and close after usage

* Add LFS info to runWeb()

* Export LFS content store base path

* LFS file download from UI

* Work around git-lfs client issue with unauthenticated requests

Returning a dummy Authorization header for unauthenticated requests
lets git-lfs client skip asking for auth credentials
See: https://github.com/github/git-lfs/issues/1088

* Fix unauthenticated UI downloads from public repositories

* Authentication check order, Finish LFS file view logic

* Ignore LFS hooks if installed for current OS user

Fixes Gitea UI actions for repositories tracking LFS files.
Checks for minimum needed git version by parsing the semantic version
string.

* Hide LFS metafile diff from commit view, marking as binary

* Show LFS notice if file in commit view is tracked

* Add notbefore/nbf JWT claim

* Correct lint suggestions - comments for structs and functions

- Add comments to LFS model
- Function comment for GetRandomBytesAsBase64
- LFS server function comments and lint variable suggestion

* Move secret generation code out of conditional

Ensures no LFS code may run with an empty secret

* Do not hand out JWT tokens if LFS server support is disabled
2016-12-26 09:16:37 +08:00
Lunny Xiao 4b7594d9fa Provide button to delete merged pull request (#441)
* provide button to delete merged pull request

* golint fix
2016-12-25 23:27:25 +08:00
Bwko fa3abc22c0 Added sorting to organizations, repos & users page (#222) 2016-12-24 22:42:26 +08:00
Bwko a345a03d99 Added sorting to the labels & milestones page (#199) 2016-12-24 22:41:09 +08:00
Lunny Xiao c46eb3f5b3 Fix homepage docs link broken (#417)
* fix homepage docs link broken

* fix homepage docs links after docs updated
2016-12-22 07:03:43 +01:00
Joubert RedRat ce21ed6c34 Remove remaining Gogs reference on locales and cmd (#430) 2016-12-21 20:13:17 +08:00
Nico Mandery 6ade13e86e serve video files using the HTML5 video tag (#418)
* serve video files using the HTML5 video tag

* lint fix: add comment to IsVideoFile
2016-12-20 16:09:11 +08:00
Sandro Santilli 1831ee2d1d Update example install url from try.gogs.io to try.gitea.io (#385)
* Update example install url from try.gogs.io to try.gitea.io

* Ask if issue can be reproduced on try.gitea.io

* Link try.gitea.io to the README
2016-12-15 16:56:46 +08:00
Henning Henkel bab737bf02 Fix alignment of tooltip and add bindata - related to #359 (#364) 2016-12-08 20:59:47 +08:00
Henning Henkel 08b9af9ad8 Added download tooltip - solves #221 (#359) 2016-12-07 09:38:20 +01:00
Thomas Boerger 83ed234472 Integrate templates into bindata optionally (#314)
Integrated optional bindata for the templates
2016-12-06 18:58:31 +01:00
Avelino d93429af8b Fixed project name on base template head 2016-12-02 07:48:11 +01:00
Avelino 7e09f80ee3 Fixed project name on repo template mail 2016-12-02 07:46:31 +01:00
Avelino baf60bf603 Fixed project on repo template hook settings 2016-12-02 07:46:02 +01:00
Bwko 5ab85372da Added rel="noopener" to target="_blank" hrefs (#327)
* Added rel="noopener" to target="_blank" hrefs

* Replaced gogs.io/docs with docs.gitea.io
2016-12-02 09:12:16 +08:00
Lunny Xiao 590a79ff8a Resolved #296 (#324)
* resolved #296

* Indentation fixed
2016-12-01 18:52:57 +08:00
Lunny Xiao 2343feadd4 resolved #310: hide fork to self (#323) 2016-12-01 18:51:50 +08:00
Bwko 1e9730a779 Fixes xss, clickjacking & password autocompletion 2016-11-29 22:49:06 +01:00
Lunny Xiao abf6c3a8e3 bug fixed caused by #295 (#299) 2016-11-29 14:57:36 +08:00
Matthias Loibl 7b6cc9244d Update link on user’s profile avatar to avatar settings (#287) 2016-11-28 21:29:39 +08:00
Sandro Santilli cd339263d9 Allow updating draft releases while keeping them as draft
Closes #162
2016-11-14 18:02:21 +01:00
Lunny Xiao b339858500 replace footer gogs to gitea (#157) 2016-11-12 09:32:43 +01:00
Andrey Nering 96c9fef35f Update home page to Gitea (#138) 2016-11-11 08:50:31 +08:00
Matthias Loibl 63ca42d17f Fix bug that tries to load mistyped templates 2016-11-10 11:54:20 +01:00
Lunny Xiao 1b238fe4d5 Merge pull request #121 from joubertredrat/feature-last-login
Last Login for admin manage your users
2016-11-10 17:20:55 +08:00
Joubert RedRat f91cbf0fed Support to last login feature 2016-11-09 08:53:45 -02:00
Matthias Loibl 45c4539c61 Merge pull request #17 from LefsFlarey/issue/3666
Fixed 404 caused by unexpected question mark
2016-11-08 18:27:59 +01:00
Flare 01c5233b53
Fixed 404 caused by unexpected question mark
This fixes 404 caused when creating new files or wiki pages with question marks. Amended to force CI rebuild
2016-11-08 22:09:48 +08:00
Lunny Xiao 5667d4daae Merge pull request #73 from bkcsoft/gt/2164-release-pagination
Add Pagination to Releases-page (and de-duplicate pagination templates)
2016-11-08 10:39:03 +08:00
Thomas Boerger ceb920802a
Dropped link to Gogs docs from template 2016-11-07 14:49:25 +01:00
Kim "BKC" Carlbäcker 562f9b6eae Merge all pagination-templates into 'base/paginate'
to reduce code-duplicity
2016-11-07 12:44:29 +01:00
Kim "BKC" Carlbäcker 86fb1a0cb1 Add Pagination to Releases-page 2016-11-07 11:41:09 +01:00
Rachid Zarouali be5607e510 Merge pull request #50 from 0xbaadf00d/feature/2583-disablehttpcloning
Disable HTTP cloning
2016-11-07 11:23:30 +01:00
Joubert RedRat ff54e4d929 Set default less and css to new default name 2016-11-04 08:53:18 -02:00
Rémy Boulanouar 8dc49dc114 Implementation of the feature to redirect to an external issue tracker 2016-11-04 09:06:54 +01:00
Thibault Meyer 17f9ab4ff8 Use user fullname if resolved 2016-11-04 08:13:14 +01:00
Rémy Boulanouar 2d68bd1ef9 Change import reference to match gitea instead of gogs (#37) 2016-11-03 10:29:56 -02:00