Commit graph

14457 commits

Author SHA1 Message Date
Sybren
95e8ea9440
Allow setting redirect_to cookie on OAuth login (#22594)
The regular login flow can use a `redirect_to` cookie to ensure the user
ends their authentication flow on the same page as where they started
it.

This commit adds the same functionality to the OAuth login URLs, so that
you can use URLs like these to directly use a specific OAuth provider:

`/user/oauth2/{provider}?redirect_to={post-login path}`

Only the `auth.SignInOAuth()` function needed a change for this, as the
rest of the login flow is aware of this cookie and uses it properly
already.
2023-01-24 11:41:38 -05:00
John Olheiser
9cc15d18df
Project links should use parent link methods (#22587)
Instead of re-creating, these should use the available `Link` methods
from the "parent" of the project, which also take sub-urls into account.

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-01-23 15:51:18 -06:00
rekayno
519b91ad2d
link update in README files (#22582)
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-01-23 15:57:57 -05:00
John Olheiser
649f89efdc
Frontport 1.18.2 and 1.18.3 Changelogs (#22580)
Frontport #22530 #22575

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-01-23 09:36:00 -06:00
tiny6996
29b78bce33
Fix incorrect Redis URL snippets in the example app.ini (#22573)
Fixes #22571

Co-authored-by: Yarden Shoham <hrsi88@gmail.com>
2023-01-23 02:17:15 +00:00
KN4CK3R
21dd4a252a
Prevent multiple To recipients (#22566)
Change the mailer interface to prevent leaking of possible hidden email
addresses when sending to multiple recipients.

Co-authored-by: Gusted <williamzijl7@hotmail.com>
2023-01-22 08:23:52 -06:00
techknowlogick
6737e1c5d5
gitlab supports ssh key signing (#22564) 2023-01-22 18:17:49 +08:00
Francesco Siddi
920ae2367f
Address feedback from #22517 (#22563)
- use octicons for icon
- use fomantic for centering the link
2023-01-21 22:14:43 -06:00
Lunny Xiao
eb793c3361
Fix bug on user setting (#22539)
Fix #22537

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-01-21 15:31:11 +01:00
silverwind
a1fcb1cfb8
Update JS dependencies (#22538)
- Update all JS dependencies
- Add new eslint rules
- Rebuild SVGs
- Tested citation and build

SVG changes are because of https://github.com/primer/octicons/pull/883.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-01-21 10:42:13 +08:00
Yarden Shoham
f417157bdd
Split default gitpod view to include all tasks (#22555)
It was showing only the `docs` process

Signed-off-by: Yarden Shoham <hrsi88@gmail.com>
2023-01-20 13:46:33 -06:00
John Olheiser
46d024428f
fix: read:org scope (#22556)
Hard to see in the diff, but this was duplicated in the wrong section.


![read-org](https://user-images.githubusercontent.com/42128690/213774506-9b47ce23-d2e5-4dfd-af49-6ae4947ac724.png)
2023-01-20 13:42:54 -05:00
Brecht Van Lommel
86c6b0de06 Pull Requests: add color to approved/reject icon in pull requests list
Makes it easier to scan the list of pull requests and see the status.
2023-01-20 12:50:13 -05:00
zeripath
b8eb282327
Truncate commit summary on repo files table. (#22551)
There was an unintended regression in #21124 which assumed that
`.commits-list .message-wrapper` would only match the commit summaries
on `/{owner}/{name}/commits/*`. This assumption is incorrect as the
directory/file view also uses a `.commits-list` wrapper.

Rather than completely restructure this page this PR simply adjusts the
styling to again use `display: inline-block;` for `#repo-files-table
.commit-list .message-wrapper`

Fix #22360

Signed-off-by: Andrew Thornton <art27@cantab.net>
2023-01-20 23:23:03 +08:00
Lunny Xiao
6fe3c8b398
Support org/user level projects (#22235)
Fix #13405

<img width="1151" alt="image"
src="https://user-images.githubusercontent.com/81045/209442911-7baa3924-c389-47b6-b63b-a740803e640e.png">

Co-authored-by: 6543 <6543@obermui.de>
2023-01-20 19:42:33 +08:00
Lunny Xiao
0c048e554b
Fix template bug of access scope (#22540)
Fix https://github.com/go-gitea/gitea/pull/20908#discussion_r1082075526

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-01-20 15:43:43 +08:00
silverwind
b833ce4964
Mute all links in issue timeline (#22533)
https://github.com/go-gitea/gitea/pull/21799 introduced a regression
where some links in the issue timeline were not muted any more. Fix it
by replacing all `class="text grey"` with `class="text grey
muted-links"` in the file.

Before:
<img width="384" alt="Screenshot 2023-01-19 at 22 23 05"
src="https://user-images.githubusercontent.com/115237/213565351-1bb82f4e-fa72-4cd7-8e36-e527bbfe5c5f.png">

After:
<img width="377" alt="Screenshot 2023-01-19 at 22 23 11"
src="https://user-images.githubusercontent.com/115237/213565359-87e14855-6599-472a-be0b-61297b168f9a.png">

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-01-20 12:00:32 +08:00
zeripath
4199d28053
When updating by rebase we need to set the environment for head repo (#22535)
The update by rebase code reuses the merge code but shortcircuits and
pushes back up to the head. However, it doesn't set the correct pushing
environment - and just uses the same environment as the base repo. This
leads to the push update failing and thence the PR becomes out-of-sync
with the head.

This PR fixes this and adjusts the trace logging elsewhere to help make
this clearer.

Fix #18802

Signed-off-by: Andrew Thornton <art27@cantab.net>

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2023-01-19 17:31:44 -05:00
Sybren
b383652e02
Fix assignment to cm.AssigneeID when importing comments (#22528)
This is a fix for https://github.com/go-gitea/gitea/pull/22510

The code assumed that the `AssigneeID` from the comment YAML was an
`int64`, but it is actually an `int`, causing a panic. It also had no
check on whether the type cast was actually valid, so badly formatted
YAML could also cause a panic.

Both these issues have been fixed.
2023-01-19 13:24:40 -05:00
Francesco Siddi
9f919cf083
Dropzone: Add "Copy link" button for new uploads (#22517)
Once an attachment is successfully uploaded via Dropzone, display a
"Copy link" under the "Remove file" button.
Once the button is clicked, depending if the attachment is an image or a
file, the appropriate markup is written to the clipboard, so it can be
conveniently pasted in the description.
2023-01-19 13:33:40 +08:00
Sybren
151b1a9508
Support importing comment types (#22510)
This commit adds support for specifying comment types when importing
with `gitea restore-repo`. It makes it possible to import issue changes,
such as "title changed" or "assigned user changed".

An earlier version of this pull request was made by Matti Ranta, in
https://future.projects.blender.org/blender-migration/gitea-bf/pulls/3

There are two changes with regard to Matti's original code:

1. The comment type was an `int64` in Matti's code, and is now using a
string. This makes it possible to use `comment_type: title`, which is
more reliable and future-proof than an index into an internal list in
the Gitea Go code.

2. Matti's code also had support for including labels, but in a way that
would require knowing the database ID of the labels before the import
even starts, which is impossible. This can be solved by using label
names instead of IDs; for simplicity I I left that out of this PR.
2023-01-18 21:14:56 -05:00
Brecht Van Lommel
cdf53fa4a7
Fix issue not auto-closing when it includes a reference to a branch (#22514)
Ensure branch prefix is stripped away for both when comparing the branch
name.
2023-01-18 19:24:38 -05:00
Brecht Van Lommel
e0a8965208
Fix invalid issue branch reference if not specified in template (#22513)
When an issue template does not contain a ref, it would end up with an
invalid `ref/heads/` value instead of having no branch referenced .
2023-01-18 16:50:22 -05:00
Brecht Van Lommel
aa87b36900
Fix 500 error viewing pull request when fork has pull requests disabled (#22512)
Swallow error just like in #20839, for the case where there is no
protected branch.

Fixes #20826 for me, though I can't tell if this now covers all cases.
2023-01-18 13:54:57 -06:00
Jason Song
4804900ac9
Load asciicast css async (#22502)
Load asciicast css asynchronously.

Related to #22448.
2023-01-18 12:19:38 -06:00
Sybren
326d29dce0
Reliable selection of admin user (#22509)
When importing a repository via `gitea restore-repo`, external users
will get remapped to an admin user. This admin user is obtained via
`users.GetAdminUser()`, which unfortunately picks a more-or-less random
admin to return.

This makes it hard to predict which admin user will get assigned. This
patch orders the admin by ascending ID before choosing the first one,
i.e. it picks the admin with the lowest ID.

Even though it would be nicer to have full control over which user is
chosen, this at least gives us a predictable result.
2023-01-18 10:57:16 -06:00
Lunny Xiao
f59ce77772
Display unreferenced packages total size in package admin panel (#22498) 2023-01-18 09:52:04 -06:00
wxiaoguang
7ddc11def7
Simplify the error message when index.js couldn't be loaded (#22354)
In some cases, the loading failure of `index.js` is not related to the
ROOT_URL directly, ex: https://gitea.com/gitea/helm-chart/issues/392

If the user's reversed proxy is mis-configured:
`http://public-domain/gitea/xxx` -> `http://gitea:3000/gitea/xxx`, it
also causes the loading failure.

So this PR removes the ROOT_URL related tip from the error message.
2023-01-17 19:36:40 -06:00
Jason Song
d9f748a700
Support asciicast files as new markup (#22448)
Support [asciicast
files](https://github.com/asciinema/asciinema/blob/develop/doc/asciicast-v2.md)
as a new markup via
[asciinema-player](https://github.com/asciinema/asciinema-player). For
more on asciinema, see the [introduction](https://asciinema.org/).

So users can use asciinema recorder to generate an asciicast file (or
you can download a sample file from
https://asciinema.org/a/335480.cast?dl=1), then upload it to Gitea and
play it on Gitea.

Snapshots:
<details>

## Upload asciicast files

<img width="1134" alt="image"
src="https://user-images.githubusercontent.com/9418365/212461061-cc2c7181-0e14-4534-af55-1ec60a639fd1.png">

## Open an asciicast file

<img width="1137" alt="image"
src="https://user-images.githubusercontent.com/9418365/212461090-a3b5141f-4894-430d-a2b4-ea257801a0ed.png">

## Play it

<img width="1144" alt="image"
src="https://user-images.githubusercontent.com/9418365/212461157-4e82db69-0e41-471d-928f-ac1fe0737105.png">

## Copy contents from the "video"

<img width="1145" alt="image"
src="https://user-images.githubusercontent.com/9418365/212461286-211612bc-15d6-427a-89a9-6abff5c6a0a5.png">


## View the source

<img width="1140" alt="image"
src="https://user-images.githubusercontent.com/9418365/212461187-05473b2d-ba3d-4072-84a6-4aa1e7d82182.png">


</details>

Known issue:

Don't support the [v1 version asciicast
files](https://github.com/asciinema/asciinema/blob/develop/doc/asciicast-v1.md),
it's a poorly designed version, it does not specify the file extension
and uses `*.json` usually, so it's impossible to recognize the files.

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-18 08:46:58 +08:00
Chongyi Zheng
de484e86bc
Support scoped access tokens (#20908)
This PR adds the support for scopes of access tokens, mimicking the
design of GitHub OAuth scopes.

The changes of the core logic are in `models/auth` that `AccessToken`
struct will have a `Scope` field. The normalized (no duplication of
scope), comma-separated scope string will be stored in `access_token`
table in the database.
In `services/auth`, the scope will be stored in context, which will be
used by `reqToken` middleware in API calls. Only OAuth2 tokens will have
granular token scopes, while others like BasicAuth will default to scope
`all`.
A large amount of work happens in `routers/api/v1/api.go` and the
corresponding `tests/integration` tests, that is adding necessary scopes
to each of the API calls as they fit.


- [x] Add `Scope` field to `AccessToken`
- [x] Add access control to all API endpoints
- [x] Update frontend & backend for when creating tokens
- [x] Add a database migration for `scope` column (enable 'all' access
to past tokens)

I'm aiming to complete it before Gitea 1.19 release.

Fixes #4300
2023-01-17 15:46:03 -06:00
Lunny Xiao
db2286bbb6
some refactor about code comments (#20821) 2023-01-17 15:03:44 -06:00
John Olheiser
60c4725cc2
docs: add swagger.json file location to FAQ (#22489)
This just adds a mention on how to get the `swagger.json` for an
instance.

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-01-17 14:18:42 -06:00
John Olheiser
0a6b57bcaf
docs: bump Gitea version (#22490)
Forgot to do this with the frontport

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-01-17 18:42:12 +00:00
John Olheiser
51951d4503
chore: changelog 1.18.1 (#22471) (#22487)
Frontport #22471

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-01-17 12:18:22 -06:00
Emily
7a0f2fb1dc
Fixed lint warnings in Grafana raised by Mixtool (#22486)
This PR introduces a few minor changes to the gitea-monitoring-mixin,
specifically linting issues raised by
[Mixtool](https://github.com/monitoring-mixins/mixtool):
- Query selectors using `job` and `instance` have been update to allow
multi-select
- Added missing attributes to `job` and `instance` template

As this change is very minor I haven't created an issue, but please let
me know if you'd like me to do so. According to the guidelines, it
seemed to only be for larger designs :)
2023-01-17 10:23:25 -06:00
Jason Song
21c91b7dff
Set disable_gravatar/enable_federated_avatar when offline mode is true (#22479)
When offline mode is true, we should set `disable_gravatar` to `true`
and `enable_federated_avatar` to `false` in system settings.
2023-01-17 17:00:19 +02:00
Yarden Shoham
e763fab685
Fix pull request API field closed_at always being null (#22482)
Fix #22480
2023-01-17 11:42:32 +00:00
Haruo Kinoshita
9edf80f472
Fix migration from gitbucket (repost) (#22477)
Reposting pull request for #22465 

> Migration from GitBucket does not work due to a access for "Reviews"
API on GitBucket that makes 404 response. This PR has following changes.
> 1. Made to stop access for Reviews API while migrating from GitBucket.
> 2. Added support for custom URL (e.g.
`http://example.com/gitbucket/owner/repository`)
> 3. Made to accept for git checkout URL
(`http://example.com/git/owner/repository.git`)

Co-authored-by: zeripath <art27@cantab.net>
2023-01-17 15:22:00 +08:00
KN4CK3R
3510d7e33a
Fix container blob mount (#22226) 2023-01-16 17:35:48 -05:00
Bradley D. Thornton
1aba53db62
Update overview.en-us.md (#22463)
Fix grammar
2023-01-16 16:24:24 -06:00
KN4CK3R
8117e41dfa
Add reply hint to mail text (#22459)
Addition to #22056

This PR adds a hint to mail text if replies are supported.
I can't tell if the text structure is supported in every language. Maybe
we need to put the whole line in the translation file and use
parameters.
2023-01-16 14:58:01 -06:00
zeripath
2cc3a6381c
Add cron method to gc LFS MetaObjects (#22385)
This PR adds a task to the cron service to allow garbage collection of
LFS meta objects. As repositories may have a large number of
LFSMetaObjects, an updated column is added to this table and it is used
to perform a generational GC to attempt to reduce the amount of work.
(There may need to be a bit more work here but this is probably enough
for the moment.)

Fix #7045

Signed-off-by: Andrew Thornton <art27@cantab.net>
2023-01-16 13:50:53 -06:00
Felipe Leopoldo Sologuren Gutiérrez
04c97aa364
Change use of Walk to WalkDir to improve disk performance (#22462)
As suggest by Go developers, use `filepath.WalkDir` instead of
`filepath.Walk` because [*Walk is less efficient than WalkDir,
introduced in Go 1.16, which avoids calling `os.Lstat` on every file or
directory visited](https://pkg.go.dev/path/filepath#Walk).

This proposition address that, in a similar way as
https://github.com/go-gitea/gitea/pull/22392 did.


Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-16 16:21:44 +00:00
wxiaoguang
da274380a7
Remove the netgo tag for Windows build (#22467)
Fix #22370 and more.

Before Go 1.19, the `netgo` tag for Windows does nothing.

But Go 1.19 rewrite the net package code for Windows DNS, and there is a
bug:

* https://github.com/golang/go/issues/57757

This PR just removes the `netgo` tag for Windows build, then the Gitea
for Windows can have the old DNS behavior.
2023-01-16 13:29:10 +00:00
zeripath
16e9dec827
Fix Operator does not exist bug on explore page with ONLY_SHOW_RELEVANT_REPOS (#22454)
There is a mistake in the code for SearchRepositoryCondition where it
tests topics as a string. This is incorrect for postgres where topics is
cast and stored as json. topics needs to be cast to text for this to
work. (For some reason JSON_ARRAY_LENGTH does not work, so I have taken
the simplest solution of casting to text and doing a string comparison.)

Ref https://github.com/go-gitea/gitea/pull/21962#issuecomment-1379584057

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: delvh <dev.lh@web.de>
2023-01-16 11:25:22 +00:00
zeripath
1e7f3c16a4
Fix environments for KaTeX and error reporting (#22453)
In #22447 it was noticed that display environments were not working
correctly. This was due to the setting displayMode not being set.

Further it was noticed that the error was not being displayed correctly.

This PR fixes both of these issues by forcibly setting the displayMode
setting and corrects an error in displayError.

Fix #22447

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-16 18:25:46 +08:00
Lunny Xiao
2782c14396
Supports wildcard protected branch (#20825)
This PR introduce glob match for protected branch name. The separator is
`/` and you can use `*` matching non-separator chars and use `**` across
separator.

It also supports input an exist or non-exist branch name as matching
condition and branch name condition has high priority than glob rule.

Should fix #2529 and #15705

screenshots

<img width="1160" alt="image"
src="https://user-images.githubusercontent.com/81045/205651179-ebb5492a-4ade-4bb4-a13c-965e8c927063.png">

Co-authored-by: zeripath <art27@cantab.net>
2023-01-16 16:00:22 +08:00
zeripath
cc1f8cbe96
Prevent panic on looking at api "git" endpoints for empty repos (#22457)
The API endpoints for "git" can panic if they are called on an empty
repo. We can simply allow empty repos for these endpoints without worry
as they should just work.

Fix #22452

Signed-off-by: Andrew Thornton <art27@cantab.net>
2023-01-15 08:33:25 -06:00
Jimmy Praet
fe519d8633
Restore previous official review when an official review is deleted (#22449)
Fix #22406

Co-authored-by: Lauris BH <lauris@nix.lv>
2023-01-15 07:00:09 +02:00
KN4CK3R
fc037b4b82
Add support for incoming emails (#22056)
closes #13585
fixes #9067
fixes #2386
ref #6226
ref #6219
fixes #745

This PR adds support to process incoming emails to perform actions.
Currently I added handling of replies and unsubscribing from
issues/pulls. In contrast to #13585 the IMAP IDLE command is used
instead of polling which results (in my opinion 😉) in cleaner code.

Procedure:
- When sending an issue/pull reply email, a token is generated which is
present in the Reply-To and References header.
- IMAP IDLE waits until a new email arrives
- The token tells which action should be performed

A possible signature and/or reply gets stripped from the content.

I added a new service to the drone pipeline to test the receiving of
incoming mails. If we keep this in, we may test our outgoing emails too
in future.

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-14 23:57:10 +08:00