Commit graph

1771 commits

Author SHA1 Message Date
zeripath e0e3ba6c12
Add Reindex buttons to repository settings page ()
This PR adds reindexing request buttons to the repository settings page.

Fix 

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-12-16 23:55:12 +08:00
GiteaBot e78ee73d71 [skip ci] Updated translations via Crowdin 2021-12-16 00:28:34 +00:00
GiteaBot 790e6cfeec [skip ci] Updated translations via Crowdin 2021-12-15 00:25:11 +00:00
zeripath 0981ec30c3
Add Option to synchronize Admin & Restricted states from OIDC/OAuth2 along with Setting Scopes ()
* Add setting to OAuth handlers to override local 2FA settings

This PR adds a setting to OAuth and OpenID login sources to allow the source to
override local 2FA requirements.

Fix 

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix regression from 

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add scopes settings

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix trace logging in auth_openid

Signed-off-by: Andrew Thornton <art27@cantab.net>

* add required claim options

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Move UpdateExternalUser to externalaccount

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Allow OAuth2/OIDC to set Admin/Restricted status

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Allow use of the same group claim name for the prohibit login value

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fixup! Move UpdateExternalUser to externalaccount

* as per wxiaoguang

Signed-off-by: Andrew Thornton <art27@cantab.net>

* add label back in

Signed-off-by: Andrew Thornton <art27@cantab.net>

* adjust localisation

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-12-14 16:37:11 +08:00
zeripath b4782e24d2
Return nicer error for ForcePrivate () 2021-12-14 00:08:09 -05:00
KN4CK3R 8e9140dd69
Fixed wording. ()
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-12-14 09:45:39 +08:00
GiteaBot bd475f5c9d [skip ci] Updated translations via Crowdin 2021-12-14 00:25:09 +00:00
qwerty287 c3eea2f8af
Improve behavior of "Fork" button ()
* Improbe behaviour of fork button

* Apply suggestions from code review

* Remove old lines

* Apply suggestions

* Fix test

* Remove unnecessary or

* Update templates/repo/header.tmpl

Co-authored-by: silverwind <me@silverwind.io>

* Add comment

* Fix situation if you can't fork but don't have forks

* Fix lint

* Apply changes from 

* fmt

* fmt

* Apply tweaks

Co-authored by: silverwind <me@silverwind.io>

* Rm dupl css

* Fix build

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-12-13 09:59:09 +08:00
GiteaBot fb8166c6c6 [skip ci] Updated translations via Crowdin 2021-12-10 00:25:26 +00:00
GiteaBot 183175263d [skip ci] Updated translations via Crowdin 2021-12-09 00:25:09 +00:00
wxiaoguang a6f961fba4
Refactor install page (db type) ()
* Refactor install page (db type)

* set correct default DB HOST for different DB TYPE
* remove legacy TiDB from documents
* unify the usage of DB TYPE, in code we only use "mysql". "MySQL" is only shown to users for friendly name.

* Gitea can use TiDB via MySQL protocol

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-12-07 13:44:08 +08:00
GiteaBot b30870ef8b [skip ci] Updated translations via Crowdin 2021-12-07 00:25:13 +00:00
GiteaBot 6c34f6b954 [skip ci] Updated translations via Crowdin 2021-12-06 00:24:54 +00:00
wxiaoguang a1dca00974
fix i18n () 2021-12-04 23:24:10 +08:00
GiteaBot c7c723c548 [skip ci] Updated translations via Crowdin 2021-12-04 00:26:13 +00:00
n 6791aae8de
Add hints for special Wiki pages ()
* Add UI hints to create a Wiki sidebar and footer
2021-12-03 15:28:54 +08:00
GiteaBot 365b16cde1 [skip ci] Updated translations via Crowdin 2021-12-03 00:25:09 +00:00
KN4CK3R 87be76213a
Add migrate from Codebase ()
This PR adds [Codebase](https://www.codebasehq.com/) as migration source.

Supported:
- Milestones
- Issues
- Pull Requests
- Comments
- Labels
2021-12-02 23:24:02 +01:00
GiteaBot 7026a30fdc [skip ci] Updated translations via Crowdin 2021-12-02 00:25:09 +00:00
wxiaoguang 042cac5fed
Improve install code to avoid low-level mistakes. ()
* Improve install code to avoid low-level mistakes.

If a user tries to do a re-install in a Gitea database, they gets a warning and double check.
When Gitea runs, it never create empty app.ini automatically.

Also some small (related) refactoring:

* Refactor db.InitEngine related logic make it more clean (especially for the install code)
* Move some i18n strings out from setting.go to make the setting.go can be easily maintained.
* Show errors in CLI code if an incorrect app.ini is used.
* APP_DATA_PATH is created when installing, and checked when starting (no empty directory is created any more).
2021-12-01 15:50:01 +08:00
GiteaBot a3517d8668 [skip ci] Updated translations via Crowdin 2021-12-01 00:25:14 +00:00
zeripath 01087e9eef
Make Requests Processes and create process hierarchy. Associate OpenRepository with context. ()
This PR registers requests with the process manager and manages hierarchy within the processes.

Git repos are then associated with a context, (usually the request's context) - with sub commands using this context as their base context.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-30 20:06:32 +00:00
GiteaBot eb8513a690 [skip ci] Updated translations via Crowdin 2021-11-30 00:25:14 +00:00
GiteaBot 789d251ae4 [skip ci] Updated translations via Crowdin 2021-11-27 00:25:11 +00:00
GiteaBot f23851f690 [skip ci] Updated translations via Crowdin 2021-11-26 00:25:09 +00:00
GiteaBot 4f99697888 [skip ci] Updated translations via Crowdin 2021-11-25 00:25:19 +00:00
GiteaBot 3d996c85a5 [skip ci] Updated translations via Crowdin 2021-11-24 00:25:19 +00:00
GiteaBot c79cc2d3e8 [skip ci] Updated translations via Crowdin 2021-11-23 00:31:08 +00:00
zeripath 1dbc58f742
More pleasantly handle broken or missing git repositories ()
* More pleasantly handle broken or missing git repositories

In  it was noted that there a completely invalid git repository underlying a
repo on gitea.com. This happened due to a problem during a migration however, it
is not beyond the realms of possibility that a corruption could occur to another
user.

This PR adds a check to RepoAssignment that will detect if a repository loading has
failed due to an absent git repository. It will then show a page suggesting the user
contacts the administrator or deletes the repository.

Fix 

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update options/locale/locale_en-US.ini

Co-authored-by: techknowlogick <techknowlogick@gitea.io>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-11-22 22:32:16 +00:00
GiteaBot 55e9228866 [skip ci] Updated translations via Crowdin 2021-11-22 00:24:56 +00:00
zeripath 8511eec4d4
Allow Loading of Diffs that are too large ()
* Allow Loading of Diffs that are too large

This PR allows the loading of diffs that are suppressed because the file
is too large. It does not handle diffs of files which have lines which
are too long.

Fix 

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-22 00:51:08 +08:00
wxiaoguang 013fb73068
Use hostmatcher to replace matchlist, improve security ()
Use hostmacher to replace matchlist.

And we introduce a better DialContext to do a full host/IP check, otherwise the attackers can still bypass the allow/block list by a 302 redirection.
2021-11-20 17:34:05 +08:00
GiteaBot 52869ef386 [skip ci] Updated translations via Crowdin 2021-11-20 00:25:08 +00:00
Gusted 381e131fc8
Added comment for changing issue ref ()
* Added comment for changing issue ref
- Add a comment when someone changes the ref(erence?) of a issue.
2021-11-19 17:54:31 +08:00
GiteaBot 72b0882a45 [skip ci] Updated translations via Crowdin 2021-11-19 00:25:46 +00:00
GiteaBot b01f6c1a8c [skip ci] Updated translations via Crowdin 2021-11-18 00:25:14 +00:00
KN4CK3R ea42d3c04e
Fixed commit count. ()
Added "Tag" label.
Unified branch, tag and commit name.
2021-11-17 23:50:17 +00:00
GiteaBot 171f2d066e [skip ci] Updated translations via Crowdin 2021-11-17 00:25:11 +00:00
qwerty287 3be156f66a
Allow admins to change user avatars ()
Adds the avatar change panel to the edit user page (bottom) and allows admins to change it this way

Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2021-11-16 19:13:13 +00:00
zeripath bbffcc3aec
Multiple Escaping Improvements ()
There are multiple places where Gitea does not properly escape URLs that it is building and there are multiple places where it builds urls when there is already a simpler function available to use this.
    
This is an extensive PR attempting to fix these issues.

1. The first commit in this PR looks through all href, src and links in the Gitea codebase and has attempted to catch all the places where there is potentially incomplete escaping.
2. Whilst doing this we will prefer to use functions that create URLs over recreating them by hand.
3. All uses of strings should be directly escaped - even if they are not currently expected to contain escaping characters. The main benefit to doing this will be that we can consider relaxing the constraints on user names and reponames in future. 
4. The next commit looks at escaping in the wiki and re-considers the urls that are used there. Using the improved escaping here wiki files containing '/'. (This implementation will currently still place all of the wiki files the root directory of the repo but this would not be difficult to change.)
5. The title generation in feeds is now properly escaped.
6. EscapePound is no longer needed - urls should be PathEscaped / QueryEscaped as necessary but then re-escaped with Escape when creating html with locales Signed-off-by: Andrew Thornton <art27@cantab.net>

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-16 18:18:25 +00:00
silverwind 23bd7b1211
Add copy button to markdown code blocks ()
* Add copy button to markdown code blocks

Done mostly in JS because I think it's better not to try getting buttons
past the markup sanitizer.

* add svg module tests

* fix sanitizer regexp

* remove outdated comment

* vertically center button in issue comments as well

* add comment to css

* fix undefined on view file line copy

* combine animation less files

* Update modules/markup/markdown/markdown.go

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

* add test for different sizes

* add cloneNode and add tests for it

* use deep clone

* remove useless optional chaining

* remove the svg node cache

* unify clipboard copy string and i18n

* remove unused var

* remove unused localization

* minor css tweaks to the button

* comment tweak

* remove useless attribute

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-16 16:16:05 +08:00
GiteaBot 3a60e0ad89 [skip ci] Updated translations via Crowdin 2021-11-16 00:25:21 +00:00
KN4CK3R ff9564a679
Changed migration text. () 2021-11-15 18:12:09 -05:00
Gusted 562785ef4e
Add download button for file viewer ()
- Resolves 
- Use the `download` attribute such that the browser will natively
initate a download dialog for the given URL.

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-11-15 09:05:12 +08:00
GiteaBot 10db864c66 [skip ci] Updated translations via Crowdin 2021-11-15 00:24:54 +00:00
KN4CK3R 42ea0023a3
Add migration from GitBucket ()
This PR adds [GitBucket](https://gitbucket.github.io/) as migration source.

Supported:
- Milestones
- Issues
- Pull Requests
- Comments
- Reviews
- Labels

There is no public usable instance so no integration tests added.
2021-11-14 20:11:10 +01:00
zeripath bab95c3a86
Correctly handle failed migrations ()
* Correctly handle failed migrations

There is a bug in handling failed migrations whereby the migration task gets decoupled
from the migration repository. This leads to a failure of the task to get deleted with
the repository and also leads to the migration failed page resulting in a ISE.

This PR removes the zeroing out of the task id from the migration but also makes
the migration handler tolerate missing tasks much nicer.

Fix 

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-13 19:28:50 +08:00
GiteaBot 465fb4169e [skip ci] Updated translations via Crowdin 2021-11-10 00:25:15 +00:00
Kamil Domański 021df29623
Allow U2F 2FA without TOTP ()
This change enables the usage of U2F without being forced to enroll an TOTP authenticator.
The `/user/auth/u2f` has been changed to hide the "use TOTP instead" bar if TOTP is not enrolled.

Fixes 
Fixes 
2021-11-08 23:47:19 +01:00
GiteaBot c9110eb5e4 [skip ci] Updated translations via Crowdin 2021-11-07 00:25:43 +00:00