mirror of
https://github.com/go-gitea/gitea
synced 2024-06-03 03:46:51 +02:00
Compare commits
16 Commits
69b3d762cf
...
5f56238052
Author | SHA1 | Date | |
---|---|---|---|
|
5f56238052 | ||
|
edbf74c418 | ||
|
82a0c36332 | ||
|
339bc8bc8f | ||
|
58a03e9fad | ||
|
028992429a | ||
|
821d2fc2a3 | ||
|
68d5c18953 | ||
|
a73e3c6a69 | ||
|
c7ef602986 | ||
|
89a06d6ba5 | ||
|
a5a556a8ef | ||
|
38e7fc9eda | ||
|
e0cea76a92 | ||
|
c0e7afe4a7 | ||
|
e588f600b7 |
|
@ -29,6 +29,8 @@ run:
|
|||
|
||||
output:
|
||||
sort-results: true
|
||||
sort-order: [file]
|
||||
show-stats: true
|
||||
|
||||
linters-settings:
|
||||
stylecheck:
|
||||
|
@ -40,11 +42,7 @@ linters-settings:
|
|||
- ifElseChain
|
||||
- singleCaseSwitch # Every time this occurred in the code, there was no other way.
|
||||
revive:
|
||||
ignore-generated-header: false
|
||||
severity: warning
|
||||
confidence: 0.8
|
||||
errorCode: 1
|
||||
warningCode: 1
|
||||
severity: error
|
||||
rules:
|
||||
- name: atomic
|
||||
- name: bare-return
|
||||
|
|
|
@ -17,15 +17,35 @@ menu:
|
|||
|
||||
# Reverse Proxies
|
||||
|
||||
## General configuration
|
||||
|
||||
1. Set `[server] ROOT_URL = https://git.example.com/` in your `app.ini` file.
|
||||
2. Make the reverse-proxy pass `https://git.example.com/foo` to `http://gitea:3000/foo`.
|
||||
3. Make sure the reverse-proxy does not decode the URI. The request `https://git.example.com/a%2Fb` should be passed as `http://gitea:3000/a%2Fb`.
|
||||
4. Make sure `Host` and `X-Fowarded-Proto` headers are correctly passed to Gitea to make Gitea see the real URL being visited.
|
||||
|
||||
### Use a sub-path
|
||||
|
||||
Usually it's **not recommended** to put Gitea in a sub-path, it's not widely used and may have some issues in rare cases.
|
||||
|
||||
To make Gitea work with a sub-path (eg: `https://common.example.com/gitea/`),
|
||||
there are some extra requirements besides the general configuration above:
|
||||
|
||||
1. Use `[server] ROOT_URL = https://common.example.com/gitea/` in your `app.ini` file.
|
||||
2. Make the reverse-proxy pass `https://common.example.com/gitea/foo` to `http://gitea:3000/foo`.
|
||||
3. The container registry requires a fixed sub-path `/v2` at the root level which must be configured:
|
||||
- Make the reverse-proxy pass `https://common.example.com/v2` to `http://gitea:3000/v2`.
|
||||
- Make sure the URI and headers are also correctly passed (see the general configuration above).
|
||||
|
||||
## Nginx
|
||||
|
||||
If you want Nginx to serve your Gitea instance, add the following `server` section to the `http` section of `nginx.conf`:
|
||||
If you want Nginx to serve your Gitea instance, add the following `server` section to the `http` section of `nginx.conf`.
|
||||
|
||||
```
|
||||
Make sure `client_max_body_size` is large enough, otherwise there would be "413 Request Entity Too Large" error when uploading large files.
|
||||
|
||||
```nginx
|
||||
server {
|
||||
listen 80;
|
||||
server_name git.example.com;
|
||||
|
||||
...
|
||||
location / {
|
||||
client_max_body_size 512M;
|
||||
proxy_pass http://localhost:3000;
|
||||
|
@ -39,37 +59,35 @@ server {
|
|||
}
|
||||
```
|
||||
|
||||
### Resolving Error: 413 Request Entity Too Large
|
||||
|
||||
This error indicates nginx is configured to restrict the file upload size,
|
||||
it affects attachment uploading, form posting, package uploading and LFS pushing, etc.
|
||||
You can fine tune the `client_max_body_size` option according to [nginx document](http://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size).
|
||||
|
||||
## Nginx with a sub-path
|
||||
|
||||
In case you already have a site, and you want Gitea to share the domain name, you can setup Nginx to serve Gitea under a sub-path by adding the following `server` section inside the `http` section of `nginx.conf`:
|
||||
In case you already have a site, and you want Gitea to share the domain name,
|
||||
you can setup Nginx to serve Gitea under a sub-path by adding the following `server` section
|
||||
into the `http` section of `nginx.conf`:
|
||||
|
||||
```
|
||||
```nginx
|
||||
server {
|
||||
listen 80;
|
||||
server_name git.example.com;
|
||||
|
||||
# Note: Trailing slash
|
||||
location /gitea/ {
|
||||
...
|
||||
location ~ ^/(gitea|v2)($|/) {
|
||||
client_max_body_size 512M;
|
||||
|
||||
# make nginx use unescaped URI, keep "%2F" as is
|
||||
# make nginx use unescaped URI, keep "%2F" as-is, remove the "/gitea" sub-path prefix, pass "/v2" as-is.
|
||||
rewrite ^ $request_uri;
|
||||
rewrite ^/gitea(/.*) $1 break;
|
||||
rewrite ^(/gitea)?(/.*) $2 break;
|
||||
proxy_pass http://127.0.0.1:3000$uri;
|
||||
|
||||
# other common HTTP headers, see the "Nginx" config section above
|
||||
proxy_set_header ...
|
||||
proxy_set_header Connection $http_connection;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
Then you **MUST** set something like `[server] ROOT_URL = http://git.example.com/git/` correctly in your configuration.
|
||||
Then you **MUST** set something like `[server] ROOT_URL = http://git.example.com/gitea/` correctly in your configuration.
|
||||
|
||||
## Nginx and serve static resources directly
|
||||
|
||||
|
@ -93,7 +111,7 @@ or use a cdn for the static files.
|
|||
|
||||
Set `[server] STATIC_URL_PREFIX = /_/static` in your configuration.
|
||||
|
||||
```apacheconf
|
||||
```nginx
|
||||
server {
|
||||
listen 80;
|
||||
server_name git.example.com;
|
||||
|
@ -112,7 +130,7 @@ server {
|
|||
|
||||
Set `[server] STATIC_URL_PREFIX = http://cdn.example.com/gitea` in your configuration.
|
||||
|
||||
```apacheconf
|
||||
```nginx
|
||||
# application server running Gitea
|
||||
server {
|
||||
listen 80;
|
||||
|
@ -124,7 +142,7 @@ server {
|
|||
}
|
||||
```
|
||||
|
||||
```apacheconf
|
||||
```nginx
|
||||
# static content delivery server
|
||||
server {
|
||||
listen 80;
|
||||
|
@ -151,6 +169,8 @@ If you want Apache HTTPD to serve your Gitea instance, you can add the following
|
|||
ProxyRequests off
|
||||
AllowEncodedSlashes NoDecode
|
||||
ProxyPass / http://localhost:3000/ nocanon
|
||||
ProxyPreserveHost On
|
||||
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
|
||||
</VirtualHost>
|
||||
```
|
||||
|
||||
|
@ -172,6 +192,8 @@ In case you already have a site, and you want Gitea to share the domain name, yo
|
|||
AllowEncodedSlashes NoDecode
|
||||
# Note: no trailing slash after either /git or port
|
||||
ProxyPass /git http://localhost:3000 nocanon
|
||||
ProxyPreserveHost On
|
||||
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
|
||||
</VirtualHost>
|
||||
```
|
||||
|
||||
|
@ -183,7 +205,7 @@ Note: The following Apache HTTPD mods must be enabled: `proxy`, `proxy_http`.
|
|||
|
||||
If you want Caddy to serve your Gitea instance, you can add the following server block to your Caddyfile:
|
||||
|
||||
```apacheconf
|
||||
```
|
||||
git.example.com {
|
||||
reverse_proxy localhost:3000
|
||||
}
|
||||
|
@ -193,7 +215,7 @@ git.example.com {
|
|||
|
||||
In case you already have a site, and you want Gitea to share the domain name, you can setup Caddy to serve Gitea under a sub-path by adding the following to your server block in your Caddyfile:
|
||||
|
||||
```apacheconf
|
||||
```
|
||||
git.example.com {
|
||||
route /git/* {
|
||||
uri strip_prefix /git
|
||||
|
@ -371,19 +393,3 @@ gitea:
|
|||
This config assumes that you are handling HTTPS on the traefik side and using HTTP between Gitea and traefik.
|
||||
|
||||
Then you **MUST** set something like `[server] ROOT_URL = http://example.com/gitea/` correctly in your configuration.
|
||||
|
||||
## General sub-path configuration
|
||||
|
||||
Usually it's not recommended to put Gitea in a sub-path, it's not widely used and may have some issues in rare cases.
|
||||
|
||||
If you really need to do so, to make Gitea works with sub-path (eg: `http://example.com/gitea/`), here are the requirements:
|
||||
|
||||
1. Set `[server] ROOT_URL = http://example.com/gitea/` in your `app.ini` file.
|
||||
2. Make the reverse-proxy pass `http://example.com/gitea/foo` to `http://gitea-server:3000/foo`.
|
||||
3. Make sure the reverse-proxy not decode the URI, the request `http://example.com/gitea/a%2Fb` should be passed as `http://gitea-server:3000/a%2Fb`.
|
||||
|
||||
## Docker / Container Registry
|
||||
|
||||
The container registry uses a fixed sub-path `/v2` which can't be changed.
|
||||
Even if you deploy Gitea with a different sub-path, `/v2` will be used by the `docker` client.
|
||||
Therefore you may need to add an additional route to your reverse proxy configuration.
|
||||
|
|
|
@ -9,8 +9,10 @@ import (
|
|||
|
||||
"code.gitea.io/gitea/models/db"
|
||||
access_model "code.gitea.io/gitea/models/perm/access"
|
||||
repo_model "code.gitea.io/gitea/models/repo"
|
||||
"code.gitea.io/gitea/models/unit"
|
||||
user_model "code.gitea.io/gitea/models/user"
|
||||
"code.gitea.io/gitea/modules/container"
|
||||
"code.gitea.io/gitea/modules/log"
|
||||
"code.gitea.io/gitea/modules/util"
|
||||
|
||||
|
@ -48,7 +50,7 @@ func listPullRequestStatement(ctx context.Context, baseRepoID int64, opts *PullR
|
|||
}
|
||||
|
||||
// GetUnmergedPullRequestsByHeadInfo returns all pull requests that are open and has not been merged
|
||||
func GetUnmergedPullRequestsByHeadInfo(ctx context.Context, repoID int64, branch string) ([]*PullRequest, error) {
|
||||
func GetUnmergedPullRequestsByHeadInfo(ctx context.Context, repoID int64, branch string) (PullRequestList, error) {
|
||||
prs := make([]*PullRequest, 0, 2)
|
||||
sess := db.GetEngine(ctx).
|
||||
Join("INNER", "issue", "issue.id = pull_request.issue_id").
|
||||
|
@ -56,29 +58,30 @@ func GetUnmergedPullRequestsByHeadInfo(ctx context.Context, repoID int64, branch
|
|||
return prs, sess.Find(&prs)
|
||||
}
|
||||
|
||||
// CanMaintainerWriteToBranch check whether user is a maintainer and could write to the branch
|
||||
func CanMaintainerWriteToBranch(ctx context.Context, p access_model.Permission, branch string, user *user_model.User) bool {
|
||||
func CanUserWriteToBranch(ctx context.Context, p access_model.Permission, headRepoID int64, branch string, user *user_model.User) bool {
|
||||
if p.CanWrite(unit.TypeCode) {
|
||||
return true
|
||||
}
|
||||
|
||||
// the code below depends on units to get the repository ID, not ideal but just keep it for now
|
||||
firstUnitRepoID := p.GetFirstUnitRepoID()
|
||||
if firstUnitRepoID == 0 {
|
||||
return false
|
||||
}
|
||||
return canMaintainerWriteToHeadBranch(ctx, headRepoID, branch, user)
|
||||
}
|
||||
|
||||
prs, err := GetUnmergedPullRequestsByHeadInfo(ctx, firstUnitRepoID, branch)
|
||||
// canMaintainerWriteToHeadBranch check whether user is a maintainer and could write to the branch
|
||||
func canMaintainerWriteToHeadBranch(ctx context.Context, headRepoID int64, branch string, user *user_model.User) bool {
|
||||
prs, err := GetUnmergedPullRequestsByHeadInfo(ctx, headRepoID, branch)
|
||||
if err != nil {
|
||||
log.Error("GetUnmergedPullRequestsByHeadInfo: %v", err)
|
||||
return false
|
||||
}
|
||||
|
||||
if err := prs.LoadBaseRepos(ctx); err != nil {
|
||||
log.Error("LoadBaseRepos: %v", err)
|
||||
return false
|
||||
}
|
||||
|
||||
// user can write to the branch once one pull request allowed the user edit the branch
|
||||
for _, pr := range prs {
|
||||
if pr.AllowMaintainerEdit {
|
||||
err = pr.LoadBaseRepo(ctx)
|
||||
if err != nil {
|
||||
continue
|
||||
}
|
||||
prPerm, err := access_model.GetUserRepoPermission(ctx, pr.BaseRepo, user)
|
||||
if err != nil {
|
||||
continue
|
||||
|
@ -159,7 +162,9 @@ func (prs PullRequestList) LoadAttributes(ctx context.Context) error {
|
|||
}
|
||||
|
||||
// Load issues.
|
||||
issueIDs := prs.GetIssueIDs()
|
||||
issueIDs := container.FilterSlice(prs, func(pr *PullRequest) (int64, bool) {
|
||||
return pr.IssueID, pr.Issue == nil
|
||||
})
|
||||
issues := make([]*Issue, 0, len(issueIDs))
|
||||
if err := db.GetEngine(ctx).
|
||||
Where("id > 0").
|
||||
|
@ -190,13 +195,22 @@ func (prs PullRequestList) LoadAttributes(ctx context.Context) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// GetIssueIDs returns all issue ids
|
||||
func (prs PullRequestList) GetIssueIDs() []int64 {
|
||||
issueIDs := make([]int64, 0, len(prs))
|
||||
for i := range prs {
|
||||
issueIDs = append(issueIDs, prs[i].IssueID)
|
||||
func (prs PullRequestList) LoadBaseRepos(ctx context.Context) error {
|
||||
baseRepoIDs := container.FilterSlice(prs, func(pr *PullRequest) (int64, bool) {
|
||||
return pr.BaseRepoID, pr.BaseRepo == nil
|
||||
})
|
||||
reposMap := make(map[int64]*repo_model.Repository, len(baseRepoIDs))
|
||||
if err := db.GetEngine(ctx).
|
||||
In("id", baseRepoIDs).
|
||||
Find(&reposMap); err != nil {
|
||||
return fmt.Errorf("find repos: %w", err)
|
||||
}
|
||||
return issueIDs
|
||||
for _, pr := range prs {
|
||||
if pr.BaseRepo == nil {
|
||||
pr.BaseRepo = reposMap[pr.BaseRepoID]
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// HasMergedPullRequestInRepo returns whether the user(poster) has merged pull-request in the repo
|
||||
|
|
|
@ -63,15 +63,6 @@ func (p *Permission) HasUnits() bool {
|
|||
return len(p.units) > 0
|
||||
}
|
||||
|
||||
// GetFirstUnitRepoID returns the repo ID of the first unit, it is a fragile design and should NOT be used anymore
|
||||
// deprecated
|
||||
func (p *Permission) GetFirstUnitRepoID() int64 {
|
||||
if len(p.units) > 0 {
|
||||
return p.units[0].RepoID
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
// UnitAccessMode returns current user access mode to the specify unit of the repository
|
||||
// It also considers "everyone access mode"
|
||||
func (p *Permission) UnitAccessMode(unitType unit.Type) perm_model.AccessMode {
|
||||
|
|
|
@ -32,7 +32,7 @@ func IsRelativeURL(s string) bool {
|
|||
return err == nil && urlIsRelative(s, u)
|
||||
}
|
||||
|
||||
func guessRequestScheme(req *http.Request, def string) string {
|
||||
func getRequestScheme(req *http.Request) string {
|
||||
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto
|
||||
if s := req.Header.Get("X-Forwarded-Proto"); s != "" {
|
||||
return s
|
||||
|
@ -49,10 +49,10 @@ func guessRequestScheme(req *http.Request, def string) string {
|
|||
if s := req.Header.Get("X-Forwarded-Ssl"); s != "" {
|
||||
return util.Iif(s == "on", "https", "http")
|
||||
}
|
||||
return def
|
||||
return ""
|
||||
}
|
||||
|
||||
func guessForwardedHost(req *http.Request) string {
|
||||
func getForwardedHost(req *http.Request) string {
|
||||
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Host
|
||||
return req.Header.Get("X-Forwarded-Host")
|
||||
}
|
||||
|
@ -63,15 +63,24 @@ func GuessCurrentAppURL(ctx context.Context) string {
|
|||
if !ok {
|
||||
return setting.AppURL
|
||||
}
|
||||
if host := guessForwardedHost(req); host != "" {
|
||||
// if it is behind a reverse proxy, use "https" as default scheme in case the site admin forgets to set the correct forwarded-protocol headers
|
||||
return guessRequestScheme(req, "https") + "://" + host + setting.AppSubURL + "/"
|
||||
} else if req.Host != "" {
|
||||
// if it is not behind a reverse proxy, use the scheme from config options, meanwhile use "https" as much as possible
|
||||
defaultScheme := util.Iif(setting.Protocol == "http", "http", "https")
|
||||
return guessRequestScheme(req, defaultScheme) + "://" + req.Host + setting.AppSubURL + "/"
|
||||
// If no scheme provided by reverse proxy, then do not guess the AppURL, use the configured one.
|
||||
// At the moment, if site admin doesn't configure the proxy headers correctly, then Gitea would guess wrong.
|
||||
// There are some cases:
|
||||
// 1. The reverse proxy is configured correctly, it passes "X-Forwarded-Proto/Host" headers. Perfect, Gitea can handle it correctly.
|
||||
// 2. The reverse proxy is not configured correctly, doesn't pass "X-Forwarded-Proto/Host" headers, eg: only one "proxy_pass http://gitea:3000" in Nginx.
|
||||
// 3. There is no reverse proxy.
|
||||
// Without an extra config option, Gitea is impossible to distinguish between case 2 and case 3,
|
||||
// then case 2 would result in wrong guess like guessed AppURL becomes "http://gitea:3000/", which is not accessible by end users.
|
||||
// So in the future maybe it should introduce a new config option, to let site admin decide how to guess the AppURL.
|
||||
reqScheme := getRequestScheme(req)
|
||||
if reqScheme == "" {
|
||||
return setting.AppURL
|
||||
}
|
||||
return setting.AppURL
|
||||
reqHost := getForwardedHost(req)
|
||||
if reqHost == "" {
|
||||
reqHost = req.Host
|
||||
}
|
||||
return reqScheme + "://" + reqHost + setting.AppSubURL + "/"
|
||||
}
|
||||
|
||||
func MakeAbsoluteURL(ctx context.Context, s string) string {
|
||||
|
|
|
@ -41,19 +41,19 @@ func TestIsRelativeURL(t *testing.T) {
|
|||
|
||||
func TestMakeAbsoluteURL(t *testing.T) {
|
||||
defer test.MockVariableValue(&setting.Protocol, "http")()
|
||||
defer test.MockVariableValue(&setting.AppURL, "http://the-host/sub/")()
|
||||
defer test.MockVariableValue(&setting.AppURL, "http://cfg-host/sub/")()
|
||||
defer test.MockVariableValue(&setting.AppSubURL, "/sub")()
|
||||
|
||||
ctx := context.Background()
|
||||
assert.Equal(t, "http://the-host/sub/", MakeAbsoluteURL(ctx, ""))
|
||||
assert.Equal(t, "http://the-host/sub/foo", MakeAbsoluteURL(ctx, "foo"))
|
||||
assert.Equal(t, "http://the-host/sub/foo", MakeAbsoluteURL(ctx, "/foo"))
|
||||
assert.Equal(t, "http://cfg-host/sub/", MakeAbsoluteURL(ctx, ""))
|
||||
assert.Equal(t, "http://cfg-host/sub/foo", MakeAbsoluteURL(ctx, "foo"))
|
||||
assert.Equal(t, "http://cfg-host/sub/foo", MakeAbsoluteURL(ctx, "/foo"))
|
||||
assert.Equal(t, "http://other/foo", MakeAbsoluteURL(ctx, "http://other/foo"))
|
||||
|
||||
ctx = context.WithValue(ctx, RequestContextKey, &http.Request{
|
||||
Host: "user-host",
|
||||
})
|
||||
assert.Equal(t, "http://user-host/sub/foo", MakeAbsoluteURL(ctx, "/foo"))
|
||||
assert.Equal(t, "http://cfg-host/sub/foo", MakeAbsoluteURL(ctx, "/foo"))
|
||||
|
||||
ctx = context.WithValue(ctx, RequestContextKey, &http.Request{
|
||||
Host: "user-host",
|
||||
|
@ -61,7 +61,7 @@ func TestMakeAbsoluteURL(t *testing.T) {
|
|||
"X-Forwarded-Host": {"forwarded-host"},
|
||||
},
|
||||
})
|
||||
assert.Equal(t, "https://forwarded-host/sub/foo", MakeAbsoluteURL(ctx, "/foo"))
|
||||
assert.Equal(t, "http://cfg-host/sub/foo", MakeAbsoluteURL(ctx, "/foo"))
|
||||
|
||||
ctx = context.WithValue(ctx, RequestContextKey, &http.Request{
|
||||
Host: "user-host",
|
||||
|
|
|
@ -217,7 +217,7 @@ type EditRepoOption struct {
|
|||
Archived *bool `json:"archived,omitempty"`
|
||||
// set to a string like `8h30m0s` to set the mirror interval time
|
||||
MirrorInterval *string `json:"mirror_interval,omitempty"`
|
||||
// enable prune - remove obsolete remote-tracking references
|
||||
// enable prune - remove obsolete remote-tracking references when mirroring
|
||||
EnablePrune *bool `json:"enable_prune,omitempty"`
|
||||
}
|
||||
|
||||
|
|
190
options/license/3D-Slicer-1.0
Normal file
190
options/license/3D-Slicer-1.0
Normal file
|
@ -0,0 +1,190 @@
|
|||
3D Slicer Contribution and Software License Agreement ("Agreement")
|
||||
Version 1.0 (December 20, 2005)
|
||||
|
||||
This Agreement covers contributions to and downloads from the 3D
|
||||
Slicer project ("Slicer") maintained by The Brigham and Women's
|
||||
Hospital, Inc. ("Brigham"). Part A of this Agreement applies to
|
||||
contributions of software and/or data to Slicer (including making
|
||||
revisions of or additions to code and/or data already in Slicer). Part
|
||||
B of this Agreement applies to downloads of software and/or data from
|
||||
Slicer. Part C of this Agreement applies to all transactions with
|
||||
Slicer. If you distribute Software (as defined below) downloaded from
|
||||
Slicer, all of the paragraphs of Part B of this Agreement must be
|
||||
included with and apply to such Software.
|
||||
|
||||
Your contribution of software and/or data to Slicer (including prior
|
||||
to the date of the first publication of this Agreement, each a
|
||||
"Contribution") and/or downloading, copying, modifying, displaying,
|
||||
distributing or use of any software and/or data from Slicer
|
||||
(collectively, the "Software") constitutes acceptance of all of the
|
||||
terms and conditions of this Agreement. If you do not agree to such
|
||||
terms and conditions, you have no right to contribute your
|
||||
Contribution, or to download, copy, modify, display, distribute or use
|
||||
the Software.
|
||||
|
||||
PART A. CONTRIBUTION AGREEMENT - License to Brigham with Right to
|
||||
Sublicense ("Contribution Agreement").
|
||||
|
||||
1. As used in this Contribution Agreement, "you" means the individual
|
||||
contributing the Contribution to Slicer and the institution or
|
||||
entity which employs or is otherwise affiliated with such
|
||||
individual in connection with such Contribution.
|
||||
|
||||
2. This Contribution Agreement applies to all Contributions made to
|
||||
Slicer, including without limitation Contributions made prior to
|
||||
the date of first publication of this Agreement. If at any time you
|
||||
make a Contribution to Slicer, you represent that (i) you are
|
||||
legally authorized and entitled to make such Contribution and to
|
||||
grant all licenses granted in this Contribution Agreement with
|
||||
respect to such Contribution; (ii) if your Contribution includes
|
||||
any patient data, all such data is de-identified in accordance with
|
||||
U.S. confidentiality and security laws and requirements, including
|
||||
but not limited to the Health Insurance Portability and
|
||||
Accountability Act (HIPAA) and its regulations, and your disclosure
|
||||
of such data for the purposes contemplated by this Agreement is
|
||||
properly authorized and in compliance with all applicable laws and
|
||||
regulations; and (iii) you have preserved in the Contribution all
|
||||
applicable attributions, copyright notices and licenses for any
|
||||
third party software or data included in the Contribution.
|
||||
|
||||
3. Except for the licenses granted in this Agreement, you reserve all
|
||||
right, title and interest in your Contribution.
|
||||
|
||||
4. You hereby grant to Brigham, with the right to sublicense, a
|
||||
perpetual, worldwide, non-exclusive, no charge, royalty-free,
|
||||
irrevocable license to use, reproduce, make derivative works of,
|
||||
display and distribute the Contribution. If your Contribution is
|
||||
protected by patent, you hereby grant to Brigham, with the right to
|
||||
sublicense, a perpetual, worldwide, non-exclusive, no-charge,
|
||||
royalty-free, irrevocable license under your interest in patent
|
||||
rights covering the Contribution, to make, have made, use, sell and
|
||||
otherwise transfer your Contribution, alone or in combination with
|
||||
any other code.
|
||||
|
||||
5. You acknowledge and agree that Brigham may incorporate your
|
||||
Contribution into Slicer and may make Slicer available to members
|
||||
of the public on an open source basis under terms substantially in
|
||||
accordance with the Software License set forth in Part B of this
|
||||
Agreement. You further acknowledge and agree that Brigham shall
|
||||
have no liability arising in connection with claims resulting from
|
||||
your breach of any of the terms of this Agreement.
|
||||
|
||||
6. YOU WARRANT THAT TO THE BEST OF YOUR KNOWLEDGE YOUR CONTRIBUTION
|
||||
DOES NOT CONTAIN ANY CODE THAT REQUIRES OR PRESCRIBES AN "OPEN
|
||||
SOURCE LICENSE" FOR DERIVATIVE WORKS (by way of non-limiting
|
||||
example, the GNU General Public License or other so-called
|
||||
"reciprocal" license that requires any derived work to be licensed
|
||||
under the GNU General Public License or other "open source
|
||||
license").
|
||||
|
||||
PART B. DOWNLOADING AGREEMENT - License from Brigham with Right to
|
||||
Sublicense ("Software License").
|
||||
|
||||
1. As used in this Software License, "you" means the individual
|
||||
downloading and/or using, reproducing, modifying, displaying and/or
|
||||
distributing the Software and the institution or entity which
|
||||
employs or is otherwise affiliated with such individual in
|
||||
connection therewith. The Brigham and Women's Hospital,
|
||||
Inc. ("Brigham") hereby grants you, with right to sublicense, with
|
||||
respect to Brigham's rights in the software, and data, if any,
|
||||
which is the subject of this Software License (collectively, the
|
||||
"Software"), a royalty-free, non-exclusive license to use,
|
||||
reproduce, make derivative works of, display and distribute the
|
||||
Software, provided that:
|
||||
|
||||
(a) you accept and adhere to all of the terms and conditions of this
|
||||
Software License;
|
||||
|
||||
(b) in connection with any copy of or sublicense of all or any portion
|
||||
of the Software, all of the terms and conditions in this Software
|
||||
License shall appear in and shall apply to such copy and such
|
||||
sublicense, including without limitation all source and executable
|
||||
forms and on any user documentation, prefaced with the following
|
||||
words: "All or portions of this licensed product (such portions are
|
||||
the "Software") have been obtained under license from The Brigham and
|
||||
Women's Hospital, Inc. and are subject to the following terms and
|
||||
conditions:"
|
||||
|
||||
(c) you preserve and maintain all applicable attributions, copyright
|
||||
notices and licenses included in or applicable to the Software;
|
||||
|
||||
(d) modified versions of the Software must be clearly identified and
|
||||
marked as such, and must not be misrepresented as being the original
|
||||
Software; and
|
||||
|
||||
(e) you consider making, but are under no obligation to make, the
|
||||
source code of any of your modifications to the Software freely
|
||||
available to others on an open source basis.
|
||||
|
||||
2. The license granted in this Software License includes without
|
||||
limitation the right to (i) incorporate the Software into
|
||||
proprietary programs (subject to any restrictions applicable to
|
||||
such programs), (ii) add your own copyright statement to your
|
||||
modifications of the Software, and (iii) provide additional or
|
||||
different license terms and conditions in your sublicenses of
|
||||
modifications of the Software; provided that in each case your use,
|
||||
reproduction or distribution of such modifications otherwise
|
||||
complies with the conditions stated in this Software License.
|
||||
|
||||
3. This Software License does not grant any rights with respect to
|
||||
third party software, except those rights that Brigham has been
|
||||
authorized by a third party to grant to you, and accordingly you
|
||||
are solely responsible for (i) obtaining any permissions from third
|
||||
parties that you need to use, reproduce, make derivative works of,
|
||||
display and distribute the Software, and (ii) informing your
|
||||
sublicensees, including without limitation your end-users, of their
|
||||
obligations to secure any such required permissions.
|
||||
|
||||
4. The Software has been designed for research purposes only and has
|
||||
not been reviewed or approved by the Food and Drug Administration
|
||||
or by any other agency. YOU ACKNOWLEDGE AND AGREE THAT CLINICAL
|
||||
APPLICATIONS ARE NEITHER RECOMMENDED NOR ADVISED. Any
|
||||
commercialization of the Software is at the sole risk of the party
|
||||
or parties engaged in such commercialization. You further agree to
|
||||
use, reproduce, make derivative works of, display and distribute
|
||||
the Software in compliance with all applicable governmental laws,
|
||||
regulations and orders, including without limitation those relating
|
||||
to export and import control.
|
||||
|
||||
5. The Software is provided "AS IS" and neither Brigham nor any
|
||||
contributor to the software (each a "Contributor") shall have any
|
||||
obligation to provide maintenance, support, updates, enhancements
|
||||
or modifications thereto. BRIGHAM AND ALL CONTRIBUTORS SPECIFICALLY
|
||||
DISCLAIM ALL EXPRESS AND IMPLIED WARRANTIES OF ANY KIND INCLUDING,
|
||||
BUT NOT LIMITED TO, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR
|
||||
A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL
|
||||
BRIGHAM OR ANY CONTRIBUTOR BE LIABLE TO ANY PARTY FOR DIRECT,
|
||||
INDIRECT, SPECIAL, INCIDENTAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES
|
||||
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY ARISING IN ANY WAY
|
||||
RELATED TO THE SOFTWARE, EVEN IF BRIGHAM OR ANY CONTRIBUTOR HAS
|
||||
BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. TO THE MAXIMUM
|
||||
EXTENT NOT PROHIBITED BY LAW OR REGULATION, YOU FURTHER ASSUME ALL
|
||||
LIABILITY FOR YOUR USE, REPRODUCTION, MAKING OF DERIVATIVE WORKS,
|
||||
DISPLAY, LICENSE OR DISTRIBUTION OF THE SOFTWARE AND AGREE TO
|
||||
INDEMNIFY AND HOLD HARMLESS BRIGHAM AND ALL CONTRIBUTORS FROM AND
|
||||
AGAINST ANY AND ALL CLAIMS, SUITS, ACTIONS, DEMANDS AND JUDGMENTS
|
||||
ARISING THEREFROM.
|
||||
|
||||
6. None of the names, logos or trademarks of Brigham or any of
|
||||
Brigham's affiliates or any of the Contributors, or any funding
|
||||
agency, may be used to endorse or promote products produced in
|
||||
whole or in part by operation of the Software or derived from or
|
||||
based on the Software without specific prior written permission
|
||||
from the applicable party.
|
||||
|
||||
7. Any use, reproduction or distribution of the Software which is not
|
||||
in accordance with this Software License shall automatically revoke
|
||||
all rights granted to you under this Software License and render
|
||||
Paragraphs 1 and 2 of this Software License null and void.
|
||||
|
||||
8. This Software License does not grant any rights in or to any
|
||||
intellectual property owned by Brigham or any Contributor except
|
||||
those rights expressly granted hereunder.
|
||||
|
||||
PART C. MISCELLANEOUS
|
||||
|
||||
This Agreement shall be governed by and construed in accordance with
|
||||
the laws of The Commonwealth of Massachusetts without regard to
|
||||
principles of conflicts of law. This Agreement shall supercede and
|
||||
replace any license terms that you may have agreed to previously with
|
||||
respect to Slicer.
|
13
options/license/Asterisk-linking-protocols-exception
Normal file
13
options/license/Asterisk-linking-protocols-exception
Normal file
|
@ -0,0 +1,13 @@
|
|||
Specific permission is also granted to link Asterisk with OpenSSL, OpenH323
|
||||
UniMRCP, and/or the UW IMAP Toolkit and distribute the resulting binary files.
|
||||
|
||||
In addition, Asterisk implements several management/control protocols.
|
||||
This includes the Asterisk Manager Interface (AMI), the Asterisk Gateway
|
||||
Interface (AGI), and the Asterisk REST Interface (ARI). It is our belief
|
||||
that applications using these protocols to manage or control an Asterisk
|
||||
instance do not have to be licensed under the GPL or a compatible license,
|
||||
as we believe these protocols do not create a 'derivative work' as referred
|
||||
to in the GPL. However, should any court or other judiciary body find that
|
||||
these protocols do fall under the terms of the GPL, then we hereby grant you a
|
||||
license to use these protocols in combination with Asterisk in external
|
||||
applications licensed under any license you wish.
|
25
options/license/HPND-Intel
Normal file
25
options/license/HPND-Intel
Normal file
|
@ -0,0 +1,25 @@
|
|||
Copyright (c) 1993 Intel Corporation
|
||||
|
||||
Intel hereby grants you permission to copy, modify, and distribute this
|
||||
software and its documentation. Intel grants this permission provided
|
||||
that the above copyright notice appears in all copies and that both the
|
||||
copyright notice and this permission notice appear in supporting
|
||||
documentation. In addition, Intel grants this permission provided that
|
||||
you prominently mark as "not part of the original" any modifications
|
||||
made to this software or documentation, and that the name of Intel
|
||||
Corporation not be used in advertising or publicity pertaining to
|
||||
distribution of the software or the documentation without specific,
|
||||
written prior permission.
|
||||
|
||||
Intel Corporation provides this AS IS, WITHOUT ANY WARRANTY, EXPRESS OR
|
||||
IMPLIED, INCLUDING, WITHOUT LIMITATION, ANY WARRANTY OF MERCHANTABILITY
|
||||
OR FITNESS FOR A PARTICULAR PURPOSE. Intel makes no guarantee or
|
||||
representations regarding the use of, or the results of the use of,
|
||||
the software and documentation in terms of correctness, accuracy,
|
||||
reliability, currentness, or otherwise; and you rely on the software,
|
||||
documentation and results solely at your own risk.
|
||||
|
||||
IN NO EVENT SHALL INTEL BE LIABLE FOR ANY LOSS OF USE, LOSS OF BUSINESS,
|
||||
LOSS OF PROFITS, INDIRECT, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES
|
||||
OF ANY KIND. IN NO EVENT SHALL INTEL'S TOTAL LIABILITY EXCEED THE SUM
|
||||
PAID TO INTEL FOR THE PRODUCT LICENSED HEREUNDER.
|
22
options/license/HPND-export-US-acknowledgement
Normal file
22
options/license/HPND-export-US-acknowledgement
Normal file
|
@ -0,0 +1,22 @@
|
|||
Copyright (C) 1994 by the University of Southern California
|
||||
|
||||
EXPORT OF THIS SOFTWARE from the United States of America may
|
||||
require a specific license from the United States Government. It
|
||||
is the responsibility of any person or organization
|
||||
contemplating export to obtain such a license before exporting.
|
||||
|
||||
WITHIN THAT CONSTRAINT, permission to copy, modify, and distribute
|
||||
this software and its documentation in source and binary forms is
|
||||
hereby granted, provided that any documentation or other materials
|
||||
related to such distribution or use acknowledge that the software
|
||||
was developed by the University of Southern California.
|
||||
|
||||
DISCLAIMER OF WARRANTY. THIS SOFTWARE IS PROVIDED "AS IS". The
|
||||
University of Southern California MAKES NO REPRESENTATIONS OR
|
||||
WARRANTIES, EXPRESS OR IMPLIED. By way of example, but not
|
||||
limitation, the University of Southern California MAKES NO
|
||||
REPRESENTATIONS OR WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY
|
||||
PARTICULAR PURPOSE. The University of Southern California shall not
|
||||
be held liable for any liability nor for any direct, indirect, or
|
||||
consequential damages with respect to any claim by the user or
|
||||
distributor of the ksu software.
|
19
options/license/NCBI-PD
Normal file
19
options/license/NCBI-PD
Normal file
|
@ -0,0 +1,19 @@
|
|||
PUBLIC DOMAIN NOTICE
|
||||
National Center for Biotechnology Information
|
||||
|
||||
This software is a "United States Government Work" under the terms of the
|
||||
United States Copyright Act. It was written as part of the authors'
|
||||
official duties as United States Government employees and thus cannot
|
||||
be copyrighted. This software is freely available to the public for
|
||||
use. The National Library of Medicine and the U.S. Government have not
|
||||
placed any restriction on its use or reproduction.
|
||||
|
||||
Although all reasonable efforts have been taken to ensure the accuracy
|
||||
and reliability of the software and data, the NLM and the U.S.
|
||||
Government do not and cannot warrant the performance or results that
|
||||
may be obtained by using this software or data. The NLM and the U.S.
|
||||
Government disclaim all warranties, express or implied, including
|
||||
warranties of performance, merchantability or fitness for any
|
||||
particular purpose.
|
||||
|
||||
Please cite the author in any work or product based on this material.
|
|
@ -3320,6 +3320,7 @@ self_check.database_collation_case_insensitive=数据库正在使用一个校验
|
|||
self_check.database_inconsistent_collation_columns=数据库正在使用%s的排序规则,但是这些列使用了不匹配的排序规则。这可能会造成一些意外问题。
|
||||
self_check.database_fix_mysql=对于MySQL/MariaDB用户,您可以使用“gitea doctor convert”命令来解决校验问题。 或者您也可以通过 "ALTER ... COLLATE ..." 这样的SQL 来手动解决这个问题。
|
||||
self_check.database_fix_mssql=对于MSSQL用户,您现在只能通过"ALTER ... COLLATE ..."SQLs手动解决这个问题。
|
||||
self_check.location_origin_mismatch=当前 URL (%[1]s) 与 Gitea 的 URL (%[2]s) 不匹配 。 如果您正在使用反向代理,请确保设置正确的“主机”和“X-转发-原始”标题。
|
||||
|
||||
[action]
|
||||
create_repo=创建了仓库 <a href="%s">%s</a>
|
||||
|
@ -3347,6 +3348,7 @@ mirror_sync_create=从镜像同步了引用 <a href="%[2]s">%[3]s</a> 至仓库
|
|||
mirror_sync_delete=从镜像同步并从 <a href="%[1]s">%[3]s</a> 删除了引用 <code>%[2]s</code>
|
||||
approve_pull_request=`批准了 <a href="%[1]s">%[3]s#%[2]s</a>`
|
||||
reject_pull_request=`建议变更 <a href="%[1]s">%[3]s#%[2]s</a>`
|
||||
publish_release=`在 <a href="%[1]s">%[3]s</a> 发布了 <a href="%[2]s"> %[4]s </a>`
|
||||
review_dismissed=`取消了 <b>%[4]s</b> 对 <a href="%[1]s">%[3]s#%[2]s</a> 的变更请求`
|
||||
review_dismissed_reason=原因:
|
||||
create_branch=于 <a href="%[1]s">%[4]s</a> 创建了分支 <a href="%[2]s">%[3]s</a>
|
||||
|
|
8
poetry.lock
generated
8
poetry.lock
generated
|
@ -1,4 +1,4 @@
|
|||
# This file is automatically @generated by Poetry 1.8.2 and should not be changed by hand.
|
||||
# This file is automatically @generated by Poetry 1.8.3 and should not be changed by hand.
|
||||
|
||||
[[package]]
|
||||
name = "click"
|
||||
|
@ -318,13 +318,13 @@ files = [
|
|||
|
||||
[[package]]
|
||||
name = "tqdm"
|
||||
version = "4.66.2"
|
||||
version = "4.66.4"
|
||||
description = "Fast, Extensible Progress Meter"
|
||||
optional = false
|
||||
python-versions = ">=3.7"
|
||||
files = [
|
||||
{file = "tqdm-4.66.2-py3-none-any.whl", hash = "sha256:1ee4f8a893eb9bef51c6e35730cebf234d5d0b6bd112b0271e10ed7c24a02bd9"},
|
||||
{file = "tqdm-4.66.2.tar.gz", hash = "sha256:6cd52cdf0fef0e0f543299cfc96fec90d7b8a7e88745f411ec33eb44d5ed3531"},
|
||||
{file = "tqdm-4.66.4-py3-none-any.whl", hash = "sha256:b75ca56b413b030bc3f00af51fd2c1a1a5eac6a0c1cca83cbb37a5c52abce644"},
|
||||
{file = "tqdm-4.66.4.tar.gz", hash = "sha256:e4d936c9de8727928f3be6079590e97d9abfe8d39a590be678eb5919ffc186bb"},
|
||||
]
|
||||
|
||||
[package.dependencies]
|
||||
|
|
|
@ -116,6 +116,8 @@ func apiErrorDefined(ctx *context.Context, err *namedError) {
|
|||
}
|
||||
|
||||
func apiUnauthorizedError(ctx *context.Context) {
|
||||
// TODO: it doesn't seem quite right but it doesn't really cause problem at the moment.
|
||||
// container registry requires that the "/v2" must be in the root, so the sub-path in AppURL should be removed, ideally.
|
||||
ctx.Resp.Header().Add("WWW-Authenticate", `Bearer realm="`+httplib.GuessCurrentAppURL(ctx)+`v2/token",service="container_registry",scope="*"`)
|
||||
apiErrorDefined(ctx, errUnauthorized)
|
||||
}
|
||||
|
|
|
@ -46,6 +46,7 @@ func UpdateAvatar(ctx *context.APIContext) {
|
|||
err = user_service.UploadAvatar(ctx, ctx.Org.Organization.AsUser(), content)
|
||||
if err != nil {
|
||||
ctx.Error(http.StatusInternalServerError, "UploadAvatar", err)
|
||||
return
|
||||
}
|
||||
|
||||
ctx.Status(http.StatusNoContent)
|
||||
|
@ -72,6 +73,7 @@ func DeleteAvatar(ctx *context.APIContext) {
|
|||
err := user_service.DeleteAvatar(ctx, ctx.Org.Organization.AsUser())
|
||||
if err != nil {
|
||||
ctx.Error(http.StatusInternalServerError, "DeleteAvatar", err)
|
||||
return
|
||||
}
|
||||
|
||||
ctx.Status(http.StatusNoContent)
|
||||
|
|
|
@ -175,7 +175,7 @@ func Migrate(ctx *context.APIContext) {
|
|||
Description: opts.Description,
|
||||
OriginalURL: form.CloneAddr,
|
||||
GitServiceType: gitServiceType,
|
||||
IsPrivate: opts.Private,
|
||||
IsPrivate: opts.Private || setting.Repository.ForcePrivate,
|
||||
IsMirror: opts.Mirror,
|
||||
Status: repo_model.RepositoryBeingMigrated,
|
||||
})
|
||||
|
|
|
@ -252,7 +252,7 @@ func CreateUserRepo(ctx *context.APIContext, owner *user_model.User, opt api.Cre
|
|||
Gitignores: opt.Gitignores,
|
||||
License: opt.License,
|
||||
Readme: opt.Readme,
|
||||
IsPrivate: opt.Private,
|
||||
IsPrivate: opt.Private || setting.Repository.ForcePrivate,
|
||||
AutoInit: opt.AutoInit,
|
||||
DefaultBranch: opt.DefaultBranch,
|
||||
TrustModel: repo_model.ToTrustModel(opt.TrustModel),
|
||||
|
@ -364,7 +364,7 @@ func Generate(ctx *context.APIContext) {
|
|||
Name: form.Name,
|
||||
DefaultBranch: form.DefaultBranch,
|
||||
Description: form.Description,
|
||||
Private: form.Private,
|
||||
Private: form.Private || setting.Repository.ForcePrivate,
|
||||
GitContent: form.GitContent,
|
||||
Topics: form.Topics,
|
||||
GitHooks: form.GitHooks,
|
||||
|
@ -1062,16 +1062,10 @@ func updateRepoArchivedState(ctx *context.APIContext, opts api.EditRepoOption) e
|
|||
func updateMirror(ctx *context.APIContext, opts api.EditRepoOption) error {
|
||||
repo := ctx.Repo.Repository
|
||||
|
||||
// only update mirror if interval or enable prune are provided
|
||||
if opts.MirrorInterval == nil && opts.EnablePrune == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
// these values only make sense if the repo is a mirror
|
||||
// Skip this update if the repo is not a mirror, do not return error.
|
||||
// Because reporting errors only makes the logic more complex&fragile, it doesn't really help end users.
|
||||
if !repo.IsMirror {
|
||||
err := fmt.Errorf("repo is not a mirror, can not change mirror interval")
|
||||
ctx.Error(http.StatusUnprocessableEntity, err.Error(), err)
|
||||
return err
|
||||
return nil
|
||||
}
|
||||
|
||||
// get the mirror from the repo
|
||||
|
|
|
@ -39,6 +39,7 @@ func UpdateAvatar(ctx *context.APIContext) {
|
|||
err = user_service.UploadAvatar(ctx, ctx.Doer, content)
|
||||
if err != nil {
|
||||
ctx.Error(http.StatusInternalServerError, "UploadAvatar", err)
|
||||
return
|
||||
}
|
||||
|
||||
ctx.Status(http.StatusNoContent)
|
||||
|
@ -57,6 +58,7 @@ func DeleteAvatar(ctx *context.APIContext) {
|
|||
err := user_service.DeleteAvatar(ctx, ctx.Doer)
|
||||
if err != nil {
|
||||
ctx.Error(http.StatusInternalServerError, "DeleteAvatar", err)
|
||||
return
|
||||
}
|
||||
|
||||
ctx.Status(http.StatusNoContent)
|
||||
|
|
|
@ -55,7 +55,7 @@ func (ctx *preReceiveContext) CanWriteCode() bool {
|
|||
if !ctx.loadPusherAndPermission() {
|
||||
return false
|
||||
}
|
||||
ctx.canWriteCode = issues_model.CanMaintainerWriteToBranch(ctx, ctx.userPerm, ctx.branchName, ctx.user) || ctx.deployKeyAccessMode >= perm_model.AccessModeWrite
|
||||
ctx.canWriteCode = issues_model.CanUserWriteToBranch(ctx, ctx.userPerm, ctx.Repo.Repository.ID, ctx.branchName, ctx.user) || ctx.deployKeyAccessMode >= perm_model.AccessModeWrite
|
||||
ctx.checkedCanWriteCode = true
|
||||
}
|
||||
return ctx.canWriteCode
|
||||
|
|
|
@ -87,6 +87,6 @@ func TestSelfCheckPost(t *testing.T) {
|
|||
err := json.Unmarshal(resp.Body.Bytes(), &data)
|
||||
assert.NoError(t, err)
|
||||
assert.Equal(t, []string{
|
||||
ctx.Locale.TrString("admin.self_check.location_origin_mismatch", "http://frontend/sub/", "http://host/sub/"),
|
||||
ctx.Locale.TrString("admin.self_check.location_origin_mismatch", "http://frontend/sub/", "http://config/sub/"),
|
||||
}, data.Problems)
|
||||
}
|
||||
|
|
|
@ -871,7 +871,7 @@ func viewPullFiles(ctx *context.Context, specifiedStartCommit, specifiedEndCommi
|
|||
return
|
||||
}
|
||||
|
||||
if perm.CanWrite(unit.TypeCode) || issues_model.CanMaintainerWriteToBranch(ctx, perm, pull.HeadBranch, ctx.Doer) {
|
||||
if issues_model.CanUserWriteToBranch(ctx, perm, pull.HeadRepoID, pull.HeadBranch, ctx.Doer) {
|
||||
ctx.Data["CanEditFile"] = true
|
||||
ctx.Data["EditFileTooltip"] = ctx.Tr("repo.editor.edit_this_file")
|
||||
ctx.Data["HeadRepoLink"] = pull.HeadRepo.Link()
|
||||
|
|
|
@ -248,7 +248,7 @@ func CreatePost(ctx *context.Context) {
|
|||
opts := repo_service.GenerateRepoOptions{
|
||||
Name: form.RepoName,
|
||||
Description: form.Description,
|
||||
Private: form.Private,
|
||||
Private: form.Private || setting.Repository.ForcePrivate,
|
||||
GitContent: form.GitContent,
|
||||
Topics: form.Topics,
|
||||
GitHooks: form.GitHooks,
|
||||
|
|
|
@ -70,7 +70,7 @@ type Repository struct {
|
|||
|
||||
// CanWriteToBranch checks if the branch is writable by the user
|
||||
func (r *Repository) CanWriteToBranch(ctx context.Context, user *user_model.User, branch string) bool {
|
||||
return issues_model.CanMaintainerWriteToBranch(ctx, r.Permission, branch, user)
|
||||
return issues_model.CanUserWriteToBranch(ctx, r.Permission, r.Repository.ID, branch, user)
|
||||
}
|
||||
|
||||
// CanEnableEditor returns true if repository is editable and user has proper access level.
|
||||
|
|
|
@ -67,7 +67,7 @@ func ToBranch(ctx context.Context, repo *repo_model.Repository, branchName strin
|
|||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
canPush = issues_model.CanMaintainerWriteToBranch(ctx, perms, branchName, user)
|
||||
canPush = issues_model.CanUserWriteToBranch(ctx, perms, repo.ID, branchName, user)
|
||||
}
|
||||
|
||||
return &api.Branch{
|
||||
|
|
|
@ -107,7 +107,7 @@ func (g *GiteaLocalUploader) CreateRepo(repo *base.Repository, opts base.Migrate
|
|||
Description: repo.Description,
|
||||
OriginalURL: repo.OriginalURL,
|
||||
GitServiceType: opts.GitServiceType,
|
||||
IsPrivate: opts.Private,
|
||||
IsPrivate: opts.Private || setting.Repository.ForcePrivate,
|
||||
IsMirror: opts.Mirror,
|
||||
Status: repo_model.RepositoryBeingMigrated,
|
||||
})
|
||||
|
|
|
@ -331,11 +331,10 @@ func AddTestPullRequestTask(doer *user_model.User, repoID int64, branch string,
|
|||
}
|
||||
|
||||
if isSync {
|
||||
requests := issues_model.PullRequestList(prs)
|
||||
if err = requests.LoadAttributes(ctx); err != nil {
|
||||
if err = prs.LoadAttributes(ctx); err != nil {
|
||||
log.Error("PullRequestList.LoadAttributes: %v", err)
|
||||
}
|
||||
if invalidationErr := checkForInvalidation(ctx, requests, repoID, doer, branch); invalidationErr != nil {
|
||||
if invalidationErr := checkForInvalidation(ctx, prs, repoID, doer, branch); invalidationErr != nil {
|
||||
log.Error("checkForInvalidation: %v", invalidationErr)
|
||||
}
|
||||
if err == nil {
|
||||
|
@ -627,7 +626,7 @@ func CloseBranchPulls(ctx context.Context, doer *user_model.User, repoID int64,
|
|||
}
|
||||
|
||||
prs = append(prs, prs2...)
|
||||
if err := issues_model.PullRequestList(prs).LoadAttributes(ctx); err != nil {
|
||||
if err := prs.LoadAttributes(ctx); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
|
@ -657,7 +656,7 @@ func CloseRepoBranchesPulls(ctx context.Context, doer *user_model.User, repo *re
|
|||
return err
|
||||
}
|
||||
|
||||
if err = issues_model.PullRequestList(prs).LoadAttributes(ctx); err != nil {
|
||||
if err = prs.LoadAttributes(ctx); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
|
|
|
@ -16,6 +16,7 @@ import (
|
|||
issues_model "code.gitea.io/gitea/models/issues"
|
||||
repo_model "code.gitea.io/gitea/models/repo"
|
||||
user_model "code.gitea.io/gitea/models/user"
|
||||
"code.gitea.io/gitea/modules/container"
|
||||
"code.gitea.io/gitea/modules/git"
|
||||
"code.gitea.io/gitea/modules/gitrepo"
|
||||
"code.gitea.io/gitea/modules/log"
|
||||
|
@ -71,7 +72,10 @@ func InvalidateCodeComments(ctx context.Context, prs issues_model.PullRequestLis
|
|||
if len(prs) == 0 {
|
||||
return nil
|
||||
}
|
||||
issueIDs := prs.GetIssueIDs()
|
||||
|
||||
issueIDs := container.FilterSlice(prs, func(pr *issues_model.PullRequest) (int64, bool) {
|
||||
return pr.IssueID, true
|
||||
})
|
||||
|
||||
codeComments, err := db.Find[issues_model.Comment](ctx, issues_model.FindCommentsOptions{
|
||||
ListOptions: db.ListOptionsAll,
|
||||
|
|
|
@ -85,7 +85,7 @@ func PushCreateRepo(ctx context.Context, authUser, owner *user_model.User, repoN
|
|||
|
||||
repo, err := CreateRepository(ctx, authUser, owner, CreateRepoOptions{
|
||||
Name: repoName,
|
||||
IsPrivate: setting.Repository.DefaultPushCreatePrivate,
|
||||
IsPrivate: setting.Repository.DefaultPushCreatePrivate || setting.Repository.ForcePrivate,
|
||||
})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
|
@ -107,7 +107,7 @@ func CreateMigrateTask(ctx context.Context, doer, u *user_model.User, opts base.
|
|||
Description: opts.Description,
|
||||
OriginalURL: opts.OriginalURL,
|
||||
GitServiceType: opts.GitServiceType,
|
||||
IsPrivate: opts.Private,
|
||||
IsPrivate: opts.Private || setting.Repository.ForcePrivate,
|
||||
IsMirror: opts.Mirror,
|
||||
Status: repo_model.RepositoryBeingMigrated,
|
||||
})
|
||||
|
|
|
@ -5,8 +5,10 @@ package user
|
|||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
"os"
|
||||
|
||||
"code.gitea.io/gitea/models/db"
|
||||
user_model "code.gitea.io/gitea/models/user"
|
||||
|
@ -48,16 +50,24 @@ func UploadAvatar(ctx context.Context, u *user_model.User, data []byte) error {
|
|||
func DeleteAvatar(ctx context.Context, u *user_model.User) error {
|
||||
aPath := u.CustomAvatarRelativePath()
|
||||
log.Trace("DeleteAvatar[%d]: %s", u.ID, aPath)
|
||||
if len(u.Avatar) > 0 {
|
||||
if err := storage.Avatars.Delete(aPath); err != nil {
|
||||
return fmt.Errorf("Failed to remove %s: %w", aPath, err)
|
||||
}
|
||||
}
|
||||
|
||||
u.UseCustomAvatar = false
|
||||
u.Avatar = ""
|
||||
if _, err := db.GetEngine(ctx).ID(u.ID).Cols("avatar, use_custom_avatar").Update(u); err != nil {
|
||||
return fmt.Errorf("DeleteAvatar: %w", err)
|
||||
}
|
||||
return nil
|
||||
return db.WithTx(ctx, func(ctx context.Context) error {
|
||||
hasAvatar := len(u.Avatar) > 0
|
||||
u.UseCustomAvatar = false
|
||||
u.Avatar = ""
|
||||
if _, err := db.GetEngine(ctx).ID(u.ID).Cols("avatar, use_custom_avatar").Update(u); err != nil {
|
||||
return fmt.Errorf("DeleteAvatar: %w", err)
|
||||
}
|
||||
|
||||
if hasAvatar {
|
||||
if err := storage.Avatars.Delete(aPath); err != nil {
|
||||
if !errors.Is(err, os.ErrNotExist) {
|
||||
return fmt.Errorf("failed to remove %s: %w", aPath, err)
|
||||
}
|
||||
log.Warn("Deleting avatar %s but it doesn't exist", aPath)
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
})
|
||||
}
|
||||
|
|
|
@ -50,7 +50,7 @@
|
|||
<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
|
||||
<div class="ui checkbox">
|
||||
{{if .IsForcedPrivate}}
|
||||
<input name="private" type="checkbox" checked readonly>
|
||||
<input name="private" type="checkbox" checked disabled>
|
||||
<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
|
||||
{{else}}
|
||||
<input name="private" type="checkbox" {{if .private}}checked{{end}}>
|
||||
|
|
|
@ -89,7 +89,7 @@
|
|||
<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
|
||||
<div class="ui checkbox">
|
||||
{{if .IsForcedPrivate}}
|
||||
<input name="private" type="checkbox" checked readonly>
|
||||
<input name="private" type="checkbox" checked disabled>
|
||||
<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
|
||||
{{else}}
|
||||
<input name="private" type="checkbox" {{if .private}}checked{{end}}>
|
||||
|
|
|
@ -63,7 +63,7 @@
|
|||
<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
|
||||
<div class="ui checkbox">
|
||||
{{if .IsForcedPrivate}}
|
||||
<input name="private" type="checkbox" checked readonly>
|
||||
<input name="private" type="checkbox" checked disabled>
|
||||
<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
|
||||
{{else}}
|
||||
<input name="private" type="checkbox" {{if .private}}checked{{end}}>
|
||||
|
|
|
@ -105,7 +105,7 @@
|
|||
<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
|
||||
<div class="ui checkbox">
|
||||
{{if .IsForcedPrivate}}
|
||||
<input name="private" type="checkbox" checked readonly>
|
||||
<input name="private" type="checkbox" checked disabled>
|
||||
<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
|
||||
{{else}}
|
||||
<input name="private" type="checkbox" {{if .private}}checked{{end}}>
|
||||
|
|
|
@ -101,7 +101,7 @@
|
|||
<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
|
||||
<div class="ui checkbox">
|
||||
{{if .IsForcedPrivate}}
|
||||
<input name="private" type="checkbox" checked readonly>
|
||||
<input name="private" type="checkbox" checked disabled>
|
||||
<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
|
||||
{{else}}
|
||||
<input name="private" type="checkbox" {{if .private}} checked{{end}}>
|
||||
|
|
|
@ -103,7 +103,7 @@
|
|||
<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
|
||||
<div class="ui checkbox">
|
||||
{{if .IsForcedPrivate}}
|
||||
<input name="private" type="checkbox" checked readonly>
|
||||
<input name="private" type="checkbox" checked disabled>
|
||||
<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
|
||||
{{else}}
|
||||
<input name="private" type="checkbox" {{if .private}}checked{{end}}>
|
||||
|
|
|
@ -100,7 +100,7 @@
|
|||
<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
|
||||
<div class="ui checkbox">
|
||||
{{if .IsForcedPrivate}}
|
||||
<input name="private" type="checkbox" checked readonly>
|
||||
<input name="private" type="checkbox" checked disabled>
|
||||
<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
|
||||
{{else}}
|
||||
<input name="private" type="checkbox" {{if .private}}checked{{end}}>
|
||||
|
|
|
@ -103,7 +103,7 @@
|
|||
<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
|
||||
<div class="ui checkbox">
|
||||
{{if .IsForcedPrivate}}
|
||||
<input name="private" type="checkbox" checked readonly>
|
||||
<input name="private" type="checkbox" checked disabled>
|
||||
<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
|
||||
{{else}}
|
||||
<input name="private" type="checkbox" {{if .private}} checked{{end}}>
|
||||
|
|
|
@ -89,7 +89,7 @@
|
|||
<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
|
||||
<div class="ui checkbox">
|
||||
{{if .IsForcedPrivate}}
|
||||
<input name="private" type="checkbox" checked readonly>
|
||||
<input name="private" type="checkbox" checked disabled>
|
||||
<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
|
||||
{{else}}
|
||||
<input name="private" type="checkbox" {{if .private}}checked{{end}}>
|
||||
|
|
|
@ -28,9 +28,10 @@
|
|||
<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
|
||||
<div class="ui checkbox" {{if and (not .Repository.IsPrivate) (gt .Repository.NumStars 0)}}data-tooltip-content="{{ctx.Locale.Tr "repo.stars_remove_warning"}}"{{end}}>
|
||||
{{if .IsAdmin}}
|
||||
<input name="private" type="checkbox" {{if .Repository.IsPrivate}}checked{{end}}>
|
||||
<input name="private" type="checkbox" {{if .Repository.IsPrivate}}checked{{end}}>
|
||||
{{else}}
|
||||
<input name="private" type="checkbox" {{if .Repository.IsPrivate}}checked{{end}}{{if and $.ForcePrivate .Repository.IsPrivate}} readonly{{end}}>
|
||||
<input name="private" type="checkbox" {{if .Repository.IsPrivate}}checked{{end}}{{if and $.ForcePrivate .Repository.IsPrivate}} disabled{{end}}>
|
||||
{{if and .Repository.IsPrivate $.ForcePrivate}}<input type="hidden" name="private" value="{{.Repository.IsPrivate}}">{{end}}
|
||||
{{end}}
|
||||
<label>{{ctx.Locale.Tr "repo.visibility_helper"}} {{if .Repository.NumForks}}<span class="text red">{{ctx.Locale.Tr "repo.visibility_fork_helper"}}</span>{{end}}</label>
|
||||
</div>
|
||||
|
|
2
templates/swagger/v1_json.tmpl
generated
2
templates/swagger/v1_json.tmpl
generated
|
@ -20753,7 +20753,7 @@
|
|||
"x-go-name": "Description"
|
||||
},
|
||||
"enable_prune": {
|
||||
"description": "enable prune - remove obsolete remote-tracking references",
|
||||
"description": "enable prune - remove obsolete remote-tracking references when mirroring",
|
||||
"type": "boolean",
|
||||
"x-go-name": "EnablePrune"
|
||||
},
|
||||
|
|
52
tests/integration/pull_allowedit_test.go
Normal file
52
tests/integration/pull_allowedit_test.go
Normal file
|
@ -0,0 +1,52 @@
|
|||
// Copyright 2024 The Gitea Authors. All rights reserved.
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
package integration
|
||||
|
||||
import (
|
||||
"net/url"
|
||||
"testing"
|
||||
|
||||
"code.gitea.io/gitea/models/db"
|
||||
issues_model "code.gitea.io/gitea/models/issues"
|
||||
repo_model "code.gitea.io/gitea/models/repo"
|
||||
"code.gitea.io/gitea/models/unittest"
|
||||
user_model "code.gitea.io/gitea/models/user"
|
||||
pull_service "code.gitea.io/gitea/services/pull"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
func TestPullAllowMaintainerEdit(t *testing.T) {
|
||||
onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
|
||||
// create a pull request
|
||||
session := loginUser(t, "user1")
|
||||
user1 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})
|
||||
forkedName := "repo1"
|
||||
testRepoFork(t, session, "org3", "repo5", "user1", forkedName)
|
||||
defer func() {
|
||||
testDeleteRepository(t, session, "user1", forkedName)
|
||||
}()
|
||||
testEditFile(t, session, "user1", forkedName, "master", "README.md", "Hello, World (Edited)\n")
|
||||
testPullCreate(t, session, "user1", forkedName, false, "master", "master", "Indexer notifier test pull")
|
||||
|
||||
baseRepo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{OwnerName: "org3", Name: "repo5"})
|
||||
forkedRepo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{OwnerName: "user1", Name: forkedName})
|
||||
pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{
|
||||
BaseRepoID: baseRepo.ID,
|
||||
BaseBranch: "master",
|
||||
HeadRepoID: forkedRepo.ID,
|
||||
HeadBranch: "master",
|
||||
})
|
||||
assert.False(t, pr.AllowMaintainerEdit)
|
||||
assert.NoError(t, pr.LoadIssue(db.DefaultContext))
|
||||
|
||||
// allow org3's member to edit the branch's files
|
||||
err := pull_service.SetAllowEdits(db.DefaultContext, user1, pr, true)
|
||||
assert.NoError(t, err)
|
||||
|
||||
// user2 is in org3 team
|
||||
session = loginUser(t, "user2")
|
||||
testEditFile(t, session, "user1", forkedName, "master", "README.md", "Hello, World (Edited)\n")
|
||||
})
|
||||
}
|
Loading…
Reference in New Issue
Block a user