Commit Graph

1450 Commits

Author SHA1 Message Date
Schwobaland
c0904f1942 Restrict creating organisations by user (#193)
* restrict creating organizations based on right on user

* revert bindata.go

* reverse vendor lib

* revert goimports change

* set AllowCreateOrganization default value to true

* revert locale

* added default value for AllowCreateOrganization

* fix typo in migration-comment

* fix comment

* add coments in migration
2016-12-31 10:33:30 +08:00
Bo-Yi Wu
6510e57758 fix gofmt error
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2016-12-30 20:41:10 +01:00
Andrey Nering
42904cb98a Notification - Step 1 (#523)
* Notification - Step 1

* Add copyright headers

* Cache issue and repository on notification model
2016-12-31 00:44:54 +08:00
typeless
937b4b5aa1 Speed up conflict checking in pull request creation (#276)
* Speed up conflict checking in pull request creation

In order to check conflicts of a PR, we set up a working tree by
cloning the base branch, which is quite time-consuming when the repository is huge.
Instead, this PR uses `git read-tree` and `git apply --check --cached` to check conflicts.

For #258

* Use $GIT_INDEX_FILE instead of --index-output to avoid lockfile problem

The lockfile gets renamed to the final destination after the operation
finishes. But it must be located in the same filesystem, which prevents
us from using /tmp.

* Temporary file names should not prefixed with '-'
2016-12-29 22:59:52 +08:00
Andrey Nering
b992858883 Tab on user profile to show starred repos (#519)
* Tab on user profile to show starred repos

* Make golint happy and use transactions on StarRepo function

* x -> sess

* Use sess.Close() instead of sess.Rollback()

* Add copyright

* Fix lint
2016-12-29 22:58:24 +08:00
Lunny Xiao
799d0c2030 slight optimization for GetUserRepositories (#498) 2016-12-29 02:53:33 -06:00
Kjell Kvinge
22e1bd31c6 commithgraph / timeline (#428)
* Add model and tests for graph

* Add route and router for graph

* Add assets for graph

* Add template for graph
2016-12-29 07:44:32 +08:00
Bwko
331316894e Replace Gogs with Gitea (#520) 2016-12-28 16:33:21 +08:00
Lunny Xiao
c463b1b8cb Optimization for user.GetRepositoryAccesses to reduce db query times (#495)
* optimization for user.GetRepositoryAccesses to reduce db query times

* fix missing cache
2016-12-28 09:34:35 +08:00
Lunny Xiao
ba134bd27a fix 500 when delete orgnization and resolved #486 2016-12-27 12:00:12 +01:00
Ethan Koenig
2342df183b API Endpoints for collaborators (#375) 2016-12-26 15:37:01 +08:00
Fabian Zaremba
2e7ccecfe6 Git LFS support v2 (#122)
* Import github.com/git-lfs/lfs-test-server as lfs module base

Imported commit is 3968aac269a77b73924649b9412ae03f7ccd3198

Removed:

Dockerfile CONTRIBUTING.md mgmt* script/ vendor/ kvlogger.go
.dockerignore .gitignore README.md

* Remove config, add JWT support from github.com/mgit-at/lfs-test-server

Imported commit f0cdcc5a01599c5a955dc1bbf683bb4acecdba83

* Add LFS settings

* Add LFS meta object model

* Add LFS routes and initialization

* Import github.com/dgrijalva/jwt-go into vendor/

* Adapt LFS module: handlers, routing, meta store

* Move LFS routes to /user/repo/info/lfs/*

* Add request header checks to LFS BatchHandler / PostHandler

* Implement LFS basic authentication

* Rework JWT secret generation / load

* Implement LFS SSH token authentication with JWT

Specification: https://github.com/github/git-lfs/tree/master/docs/api

* Integrate LFS settings into install process

* Remove LFS objects when repository is deleted

Only removes objects from content store when deleted repo is the only
referencing repository

* Make LFS module stateless

Fixes bug where LFS would not work after installation without
restarting Gitea

* Change 500 'Internal Server Error' to 400 'Bad Request'

* Change sql query to xorm call

* Remove unneeded type from LFS module

* Change internal imports to code.gitea.io/gitea/

* Add Gitea authors copyright

* Change basic auth realm to "gitea-lfs"

* Add unique indexes to LFS model

* Use xorm count function in LFS check on repository delete

* Return io.ReadCloser from content store and close after usage

* Add LFS info to runWeb()

* Export LFS content store base path

* LFS file download from UI

* Work around git-lfs client issue with unauthenticated requests

Returning a dummy Authorization header for unauthenticated requests
lets git-lfs client skip asking for auth credentials
See: https://github.com/github/git-lfs/issues/1088

* Fix unauthenticated UI downloads from public repositories

* Authentication check order, Finish LFS file view logic

* Ignore LFS hooks if installed for current OS user

Fixes Gitea UI actions for repositories tracking LFS files.
Checks for minimum needed git version by parsing the semantic version
string.

* Hide LFS metafile diff from commit view, marking as binary

* Show LFS notice if file in commit view is tracked

* Add notbefore/nbf JWT claim

* Correct lint suggestions - comments for structs and functions

- Add comments to LFS model
- Function comment for GetRandomBytesAsBase64
- LFS server function comments and lint variable suggestion

* Move secret generation code out of conditional

Ensures no LFS code may run with an empty secret

* Do not hand out JWT tokens if LFS server support is disabled
2016-12-26 09:16:37 +08:00
Philip Couling
d4924d45d6 Implement sendmail (#355)
* Implemented sendmail. This piggybacks on existing configuration to keep the change simple

* Changed privicy of new sendSMTP and sendSendmail functions

* Fixed Lint errors

* Seperated SMTP and sendmail into their own senders

* Making new structs private as they should not be used externally now

* Added sendmail setting to ini file

* Minor code cleanup
2016-12-25 14:55:22 +01:00
Bwko
fa3abc22c0 Added sorting to organizations, repos & users page (#222) 2016-12-24 22:42:26 +08:00
Bwko
a345a03d99 Added sorting to the labels & milestones page (#199) 2016-12-24 22:41:09 +08:00
Ethan Koenig
d0932ef147 Bug fixes for Issues filters (#413)
Correctly handle simultaneous assignee/poster filters, and conflicting assignee filters
2016-12-24 18:33:21 +08:00
Ethan Koenig
8a4161c723 API Endpoint for watching (#191) 2016-12-24 09:53:11 +08:00
btrepp
25b5ffb6af Enables mssql support (#383)
* Enables mssql support

Port of dlobs work in gogs.
Enables options in index.js
Enables MSSQL as a database option in go.
Sets ID to 0 on initial migration. Required for
MSSQL insert statements.

Signed-off-by: Beau Trepp <beautrepp@gmail.com>

* Vendors in denisenkom/go-mssqldb

Includes golang.org/x/crypto/md4
as this is required by go-msssqldb

Signed-off-by: Beau Trepp <beautrepp@gmail.com>
2016-12-24 09:37:35 +08:00
Lunny Xiao
a822bba3e1 Add default values for settings (#455)
* add default values for settings

* more default values

* more default settings and labels resource

* mv locale to options
2016-12-23 15:18:05 +08:00
Thomas Boerger
b33078fa33 Bindata is optional and over-writable on restart (#354)
* Moved conf assets into options folder

* Dropped old bindata

* Started to integrate options bindata and accessors

* Do not enforce a builtin app.ini

* Replaced bindata calls with options

* Dropped bindata task from makefile, it's the generate task now

* Always embedd app.ini to provide sane config defaults

* Use sane defaults for the configuration

* Defined default value for SSH_KEYGEN_PATH

* Dropped "NEVER EVER MODIFY THIS FILE" header from app.ini

* Fixed new paths in latest test additions

* Drop bindata with make clean task

* Set more proper default values
2016-12-22 19:12:23 +01:00
Lunny Xiao
c21e2c4151 fix tag webhook 404 error (#420) 2016-12-22 22:57:48 +08:00
Lunny Xiao
47a7529d96 update code.gitea.io/git (#450) 2016-12-22 10:30:52 +01:00
Lunny Xiao
0c5c34d7dd UpdateIssueUsersByMentions was calling database write operations while (#443)
a transaction session was in progress. MailParticipants was failing
silently because of the SQLITE_LOCKED error. Make sure failures in
MailParticipants enter the log, and pass on the transaction context.

issue: let caller pass in database context, and use it
issue_comment: obtain database context to pass to UpdateIssueMentions
issue_comment: log any error from call to MailParticipants
issue_mail: pass on database context to UpdateIssueMentions
2016-12-22 17:00:39 +08:00
Ethan Koenig
4c89a9c33c Bug fixes and tests for modules/base (#442)
Also address other TODOs
2016-12-22 16:58:04 +08:00
Kim "BKC" Carlbäcker
df7fa4e995 issue comment api fix (#449)
* ListAllInRepo & Delete Issue-Comments

* Moar data in issue-comments
2016-12-22 16:29:26 +08:00
Alexander Lunegov
d5d21b67d2 Fix string format verbs (#3637) 2016-12-22 08:18:41 +01:00
Denis Denisov
380e32e129 Fix random string generator (#384)
* Remove unused custom-alphabet feature of random string generator

Fix random string generator

Random string generator should return error if it fails to read random data via crypto/rand

* Fixes variable (un)initialization mixed assign
Update test GetRandomString
2016-12-20 13:32:02 +01:00
Michael de Wit
1d30457a94 change test mail subject and body to 'Gitea Test Mail!'
Signed-off-by: Michael de Wit <mjwwit@gmail.com>
2016-12-20 09:34:50 +01:00
Lunny Xiao
7c46667e71 fixed vulnerabilities labels (#409) 2016-12-17 19:49:17 +08:00
Richie B2B
44428fdc38 Remove fixed FIXME (#408) 2016-12-16 17:00:30 +01:00
Richie B2B
0d6e88baef Fix typo (#407) 2016-12-16 17:00:15 +01:00
Lunny Xiao
15c3d14d55 fixed vulnerabilities on deleting release (#399) 2016-12-16 19:42:39 +08:00
Lunny Xiao
b4c794058a fixed vulnerabilities (#392) 2016-12-15 16:49:06 +08:00
Lunny Xiao
d771e978a1 Don't use custom PBKDF2 function (#382) 2016-12-15 09:24:27 +08:00
Lunny Xiao
73710c00a8 bug fixed branch name for pushupdate (#380) 2016-12-13 15:19:42 +08:00
Denis Denisov
f0a989c1d0 Correction LDAP validation (#342)
* Correction LDAP username validation

As https://msdn.microsoft.com/en-us/library/aa366101(v=vs.85).aspx describe spaces should not be in start or at the end of username but they can be inside the username. So please check my solution for it.

* Check for zero length passwords in LDAP module.

According to https://tools.ietf.org/search/rfc4513#section-5.1.2 LDAP client should always check before bind whether a password is an empty value. There are at least one LDAP implementation which does not return error if you try to bind with DN set and empty password - AD.

* Clearing the login/email spaces at the [start/end]
2016-12-12 08:46:51 +08:00
Bwko
abcd39f7d5 In the wiki title replace tab with a space (#371) 2016-12-11 11:01:26 +08:00
Bwko
cbcb4361d5 Fixes issue #283
Delete old temp local copy before we create a new temp local copy
2016-12-09 20:13:48 +01:00
Ethan Koenig
401a8db0ed Remove stale comment in models/repo.go (#366) 2016-12-08 00:04:12 +01:00
Ethan Koenig
04b9a7e7a2 Bug fixes for repo permissions in API
Also move duplicated code into repo.APIFormat(..)
2016-12-07 12:55:24 +01:00
Thomas Boerger
83ed234472 Integrate templates into bindata optionally (#314)
Integrated optional bindata for the templates
2016-12-06 18:58:31 +01:00
Kim "BKC" Carlbäcker
d07c955e2a Fix regression in PR-API #248 (#349)
* Fix #344 (regression in PR-API #248)
2016-12-05 12:17:39 +01:00
Bwko
0118b275b6 Fix for #320
Suppress the error when we're removing a file that may not exist
2016-12-03 22:31:54 +01:00
Denis Denisov
c8f300b2cd Safe compare password (timing attack) (#338) 2016-12-03 13:49:17 +08:00
Kim "BKC" Carlbäcker
0f05470cb8 [API] Pull Requests (#248) 2016-12-02 12:10:39 +01:00
Kim "BKC" Carlbäcker
e8e0539b45 Linting 2016-12-02 09:31:44 +01:00
Kim "BKC" Carlbäcker
e6cfccdd40 GitHub API Compliance (& linting) 2016-12-02 09:18:15 +01:00
Bwko
4ff0db0246 Catch os... errors 2016-12-02 07:41:19 +01:00
Bwko
5ab85372da Added rel="noopener" to target="_blank" hrefs (#327)
* Added rel="noopener" to target="_blank" hrefs

* Replaced gogs.io/docs with docs.gitea.io
2016-12-02 09:12:16 +08:00
Lunny Xiao
646e02b521 typo 2016-12-01 09:05:32 +08:00