Commit graph

1183 commits

Author SHA1 Message Date
Lunny Xiao
74731c3a5a
Move some issue methods as functions (#19255)
* Move some issue methods as functions

* Fix bug
2022-03-29 16:57:33 +02:00
John Olheiser
ea6efba9b3
Granular webhook events in editHook (#19251)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2022-03-29 13:55:00 +02:00
Lunny Xiao
76aa33d884
Move init repository related functions to modules (#19159)
* Move init repository related functions to modules

* Fix lint

* Use ctx but db.DefaultContext

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-03-29 15:23:45 +08:00
Lunny Xiao
b06b9a056c
Move organization related structs into sub package (#18518)
* Move organization related structs into sub package

* Fix test

* Fix lint

* Move more functions into sub packages

* Fix bug

* Fix test

* Update models/organization/team_repo.go

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>

* Apply suggestions from code review

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>

* Fix fmt

* Follow suggestion from @Gusted

* Fix test

* Fix test

* Fix bug

* Use ctx but db.DefaultContext on routers

* Fix bug

* Fix bug

* fix bug

* Update models/organization/team_user.go

* Fix bug

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-03-29 14:29:02 +08:00
zeripath
e69b7a92ed
Allow API to create file on empty repo (#19224)
This PR adds the necessary work to make it possible to create files on empty
repos using the API.

Fix #10993

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-03-28 21:48:41 +02:00
Lunny Xiao
6526733a58
Let web and API routes have different auth methods group (#19168)
* remove the global methods but create dynamiclly

* Fix lint

* Fix windows lint

* Fix windows lint

* some improvements

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-03-28 12:46:28 +08:00
Abheek Dhawan
f316582458
Set the default branch for repositories generated from templates (#19136)
* Set the default branch for repositories generated from templates
* Allows default branch to be set through the API for repos generated from templates
* Update swagger API template
* Only set default branch to the one from the template if not specified
* Use specified default branch if it exists while generating git commits

Fix #19082 

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2022-03-27 03:56:28 +01:00
KN4CK3R
59b867dc2d
Add ContextUser to http request context (#18798)
This PR adds a middleware which sets a ContextUser (like GetUserByParams before) in a single place which can be used by other methods. For routes which represent a repo or org the respective middlewares set the field too.

Also fix a bug in modules/context/org.go during refactoring.
2022-03-26 17:04:22 +08:00
KN4CK3R
3f280f89e7
Update HTTP status codes to modern codes (#18063)
* 2xx/3xx/4xx/5xx -> http.Status...
* http.StatusFound -> http.StatusTemporaryRedirect
* http.StatusMovedPermanently -> http.StatusPermanentRedirect
2022-03-23 12:54:07 +08:00
wxiaoguang
7a550b3af2
Use ctx instead of db.DefaultContext in some packages(routers/services/modules) (#19163)
* Remove `db.DefaultContext` usage in routers, use `ctx` directly

* Use `ctx` directly if there is one, remove some `db.DefaultContext` in `services`

* Use ctx instead of db.DefaultContext for `cmd` and some `modules` packages

* fix incorrect context usage
2022-03-22 16:22:54 +01:00
wxiaoguang
2b55422cd7
Fix the bug: deploy key with write access can not push (#19010)
Use DeployKeyID to replace the IsDeployKey, then CanWriteCode uses the DeployKeyID to check the write permission.
2022-03-22 17:29:07 +08:00
KN4CK3R
80fd25524e
Renamed ctx.User to ctx.Doer. (#19161)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-03-22 15:03:22 +08:00
Gusted
49c5fc565c
Fix NPE /repos/issues/search when not signed in (#19154)
- Don't panic when on
`/repos/issues/search?{created,assigned,mentioned,review_requested}=true`
when client didn't pass any authentication.
- Resolves #19115
2022-03-20 22:04:51 +01:00
Lunny Xiao
18033f49ba
Restrict email address validation (#17688)
This didn't follow the RFC but it's a subset of that. I think we should narrow the allowed chars at first and discuss more possibility in future PRs.
2022-03-14 18:39:54 +01:00
Jimmy Praet
5184c83f6b
Add config option to disable "Update branch by rebase" (#18745) 2022-03-04 03:30:49 -05:00
eladyn
7a893dab39
ignore missing comment for user notifications (#18954)
* ignore missing comment for user notifications

* instead fix bug in notifications model

* use local variable instead

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2022-03-03 16:18:26 +01:00
Otto Richter (fnetX)
062fd4c217
[API] Allow removing issues (#18879)
Add new feature to delete issues and pulls via API

Co-authored-by: fnetx <git@fralix.ovh>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2022-03-01 01:20:15 +01:00
qwerty287
1563a45623
Fix page and missing return on unadopted repos API (#18848)
* Fix page and missing return on unadopted repos API

Page must be 1 if it's not specified and it should return after sending an internal server error.

* Allow ignore pages

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-02-27 20:17:42 +08:00
zeripath
eb748f5f3c
Add apply-patch, basic revert and cherry-pick functionality (#17902)
This code adds a simple endpoint to apply patches to repositories and
branches on gitea. This is then used along with the conflicting checking
code in #18004 to provide a basic implementation of cherry-pick revert.

Now because the buttons necessary for cherry-pick and revert have 
required us to create a dropdown next to the Browse Source button
I've also implemented Create Branch and Create Tag operations.

Fix #3880 
Fix #17986 

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-02-09 20:28:55 +00:00
Hugo Hoitink
5579345549
Update object repo with the migrated repository (#18684)
When migrating a repository (from GitHub) using the API (**POST** `repos/migrate`), the Code Indexer is not updated. Searching in the user interface will not return any results.

When migrating the same repository using **+/New Migration** in the web interface, the search index is updated and searching works as expected.

Caused by the fact that object `repo` is never updated with the migrated repo so `setting.Indexer.RepoIndexerEnabled && !repo.IsEmpty` in `modules/notification/indexer/indexer.go:NotifyMigrateRepository` always evaluates to `false`.

Tested with gitea:1.16.1, MariaDB:10, Breve in `Run Mode: Dev`.
2022-02-09 19:20:44 +00:00
Gusted
d3b31cc1ee
Add GetUserTeams (#18499)
* COrrect use `UserID` in `SearchTeams`

- Use `UserID` in the `SearchTeams` function, currently it was useless
to pass such information. Now it does a INNER statement to `team_user`
which obtains UserID -> TeamID data.
- Make OrgID optional.
- Resolves #18484

* Seperate searching specific user

* Add condition back

* Use correct struct type

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-02-01 14:09:24 -05:00
Lauris BH
8038610a42
Automatically pause queue if index service is unavailable (#15066)
* Handle keyword search error when issue indexer service is not available

* Implement automatic disabling and resume of code indexer queue
2022-01-27 10:30:51 +02:00
Lauris BH
6392f4691a
API: Return primary language and repository language stats API URL (#18396) 2022-01-25 08:33:40 +02:00
6543
54e9ee37a7
format with gofumpt (#18184)
* gofumpt -w -l .

* gofumpt -w -l -extra .

* Add linter

* manual fix

* change make fmt
2022-01-20 18:46:10 +01:00
zeripath
5cb0c9aa0d
Propagate context and ensure git commands run in request context (#17868)
This PR continues the work in #17125 by progressively ensuring that git
commands run within the request context.

This now means that the if there is a git repo already open in the context it will be used instead of reopening it.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-19 23:26:57 +00:00
wxiaoguang
84f8ef3df6
Fix PR comments UI (#18323)
Closes:
* Review comment cannot be edited #17768
* Changing PR Comment Resolved State Disables Further Changes #18315
2022-01-19 01:28:38 +08:00
zeripath
089b4e6a45
Use indirect comparison when showing pull requests (#18313)
When generating the commits list and number of files changed for PRs and
compare we should use "..." always not "..".

Fix #18303

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-18 07:45:43 +00:00
6543
ff00b8688b
Fix NPE on try to get tag reference via API (#18245)
* fix npe

* rm gitRepo from Tag
2022-01-12 20:37:46 +00:00
luzpaz
8c647bf0f6
Fix various typos (#18219)
Found via `codespell -q 3 -S ./options/locale,./vendor -L ba,pullrequest,pullrequests,readby,te,unknwon`

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-01-10 17:32:37 +08:00
Lunny Xiao
8760af752a
Team permission allow different unit has different permission (#17811)
* Team permission allow different unit has different permission

* Finish the interface and the logic

* Fix lint

* Fix translation

* align center for table cell content

* Fix fixture

* merge

* Fix test

* Add deprecated

* Improve code

* Add tooltip

* Fix swagger

* Fix newline

* Fix tests

* Fix tests

* Fix test

* Fix test

* Max permission of external wiki and issues should be read

* Move team units with limited max level below units table

* Update label and column names

* Some improvements

* Fix lint

* Some improvements

* Fix template variables

* Add permission docs

* improve doc

* Fix fixture

* Fix bug

* Fix some bug

* fix

* gofumpt

* Integration test for migration (#18124)

integrations: basic test for Gitea {dump,restore}-repo
This is a first step for integration testing of DumpRepository and
RestoreRepository. It:

runs a Gitea server,
dumps a repo via DumpRepository to the filesystem,
restores the repo via RestoreRepository from the filesystem,
dumps the restored repository to the filesystem,
compares the first and second dump and expects them to be identical

The verification is trivial and the goal is to add more tests for each
topic of the dump.

Signed-off-by: Loïc Dachary <loic@dachary.org>

* Team permission allow different unit has different permission

* Finish the interface and the logic

* Fix lint

* Fix translation

* align center for table cell content

* Fix fixture

* merge

* Fix test

* Add deprecated

* Improve code

* Add tooltip

* Fix swagger

* Fix newline

* Fix tests

* Fix tests

* Fix test

* Fix test

* Max permission of external wiki and issues should be read

* Move team units with limited max level below units table

* Update label and column names

* Some improvements

* Fix lint

* Some improvements

* Fix template variables

* Add permission docs

* improve doc

* Fix fixture

* Fix bug

* Fix some bug

* Fix bug

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Aravinth Manivannan <realaravinth@batsense.net>
2022-01-05 11:37:00 +08:00
a1012112796
637c3ec5d8
Don't delete branch if other PRs with this branch are open (#18164)
fix #18149

Signed-off-by: a1012112796 <1012112796@qq.com>
2022-01-03 20:45:58 +01:00
Lunny Xiao
de8e3948a5
Refactor auth package (#17962) 2022-01-02 21:12:35 +08:00
qwerty287
7db2f110ad
Add API to get issue/pull comments and events (timeline) (#17403)
* Add API to get issue/pull comments and events (timeline)
Adds an API to get both comments and events in one endpoint with all required data.
Closes go-gitea/gitea#13250

* Fix swagger

* Don't show code comments (use review api instead)

* fmt

* Fix comment

* Time -> TrackedTime

* Use var directly

* Add logger

* Fix lint

* Fix test

* Add comments

* fmt

* [test] get issue directly by ID

* Update test

* Add description for changed refs

* Fix build issues + lint

* Fix build

* Use string enums

* Update swagger

* Support `page` and `limit` params

* fmt + swagger

* Use global slices

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-01-01 22:12:25 +08:00
Aravinth Manivannan
c7151c2fb6
- name: new parameter in CreateForkOption to give the forked repository (#18066)
a custom name, intended to be used when there's a name conflict
- When a fork request results in a name conflict, HTTP 409: Conflict is
  returned instead of 500
- API documentation for the above mentioned changes

Signed-off-by: realaravinth <realaravinth@batsense.net>

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2021-12-24 22:43:00 +08:00
zeripath
532383d7dd
When attempting to subscribe other user to issue report why access denied (#18091)
Fix #18090

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-12-24 21:47:42 +08:00
qwerty287
7cc44491fa
Add API to manage repo tranfers (#17963) 2021-12-23 23:26:52 -05:00
qwerty287
a9ed1c5c7c
Add API to get file commit history (#17652)
Adds an API endpoint `api/v1/repos/{owner}/{repo}/git/history/{filepath}` to get the commits affecting the given file or directory.

Closes https://github.com/go-gitea/gitea/issues/16206 and closes https://github.com/go-gitea/gitea/issues/16703
2021-12-22 06:17:33 +00:00
zeripath
bef93abd49
Ensure that git repository is closed before transfer (#18049)
Repository Transfer requires that the repository directory is renamed - which
is not possible on Windows if the git repository is open.

Fix #17885

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-12-21 10:01:58 +08:00
Gusted
ff2fd08228
Simplify parameter types (#18006)
Remove repeated type declarations in function definitions.
2021-12-20 04:41:31 +00:00
zeripath
e4e411821d
Abort merge if head has been updated before pressing merge (#18032)
* Abort merge if head has been updated before pressing merge

It is possible that a PR head may be pushed to between the merge page being shown
and the merge button being pressed. Pass the current expected head in as a parameter
and cancel the merge if it has changed.

Fix #18028

Signed-off-by: Andrew Thornton <art27@cantab.net>

* adjust swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix test

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-12-20 08:32:54 +08:00
zeripath
d29b689f81
Ensure complexity, minlength and ispwned are checked on password setting (#18005)
It appears that there are several places that password length, complexity and ispwned
are not currently been checked when changing passwords. This PR adds these.

Fix #17977

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-12-17 10:03:39 +08:00
wxiaoguang
4da1d97810
Refactor HTTP request context (#17979) 2021-12-15 14:59:57 +08:00
qwerty287
9d943bf374
Add missing X-Total-Count and fix some related bugs (#17968)
* Add missing `X-Total-Count` and fix some related bugs

Adds `X-Total-Count` header to APIs that return a list but doesn't have it yet.
Fixed bugs:
* not returned after reporting error (39eb82446c/routers/api/v1/user/star.go (L70))
* crash with index out of bounds, API issue/issueSubscriptions

I also found various endpoints that return lists but do not apply/support pagination yet:
```
/repos/{owner}/{repo}/issues/{index}/labels
/repos/{owner}/{repo}/issues/comments/{id}/reactions
/repos/{owner}/{repo}/branch_protections
/repos/{owner}/{repo}/contents
/repos/{owner}/{repo}/hooks/git
/repos/{owner}/{repo}/issue_templates
/repos/{owner}/{repo}/releases/{id}/assets
/repos/{owner}/{repo}/reviewers
/repos/{owner}/{repo}/teams
/user/emails
/users/{username}/heatmap
```
If this is not expected, an new issue should be opened.

Closes #13043

* fmt

* Update routers/api/v1/repo/issue_subscription.go

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>

* Use FindAndCount

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: 6543 <6543@obermui.de>
2021-12-15 13:39:34 +08:00
Lunny Xiao
5723240490
Some repository refactors (#17950)
* some repository refactors

* remove unnecessary code

* Fix test

* Remove unnecessary banner
2021-12-12 23:48:20 +08:00
Lunny Xiao
3ca5dc7e32
Move keys to models/asymkey (#17917)
* Move keys to models/keys

* Rename models/keys -> models/asymkey

* change the missed package name

* Fix package alias

* Fix test

* Fix docs

* Fix test

* Fix test

* merge
2021-12-10 16:14:24 +08:00
Lunny Xiao
719bddcd76
Move repository model into models/repo (#17933)
* Some refactors related repository model

* Move more methods out of repository

* Move repository into models/repo

* Fix test

* Fix test

* some improvements

* Remove unnecessary function
2021-12-10 09:27:50 +08:00
zeripath
01087e9eef
Make Requests Processes and create process hierarchy. Associate OpenRepository with context. (#17125)
This PR registers requests with the process manager and manages hierarchy within the processes.

Git repos are then associated with a context, (usually the request's context) - with sub commands using this context as their base context.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-30 20:06:32 +00:00
Lunny Xiao
9defddb286
Move more model into models/user (#17826)
* Move more model into models/user

* Remove unnecessary comment

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-28 22:11:58 +08:00
Lunny Xiao
1fee11d69a
Move accessmode into models/perm (#17828) 2021-11-28 12:58:28 +01:00
Lunny Xiao
371ebce252
Fix database inconsistent when admin change user email (#17549) 2021-11-25 20:56:16 -05:00
Lunny Xiao
a666829a37
Move user related model into models/user (#17781)
* Move user related model into models/user

* Fix lint for windows

* Fix windows lint

* Fix windows lint

* Move some tests in models

* Merge
2021-11-24 17:49:20 +08:00
Lunny Xiao
c97d66d23c
Move repofiles from modules/repofiles to services/repository/files (#17774)
* Move repofiles from modules to services

* rename services/repository/repofiles -> services/repository/files

* Fix test

Co-authored-by: 6543 <6543@obermui.de>
2021-11-24 15:56:24 +08:00
Lunny Xiao
baed01f247
Remove unnecessary attributes of User struct (#17745)
* Remove unnecessary functions of User struct

* Move more database methods out of user struct

* Move more database methods out of user struct

* Fix template failure

* Fix bug

* Remove finished FIXME

* remove unnecessary code
2021-11-22 23:21:55 +08:00
Lunny Xiao
c2ab19888f
Support pagination of organizations on user settings pages (#16083)
* Add pagination for user setting orgs
* Use FindOrgs instead of GetOrgsByUserID
* Remove unnecessary functions and fix test
* remove unnecessary code
2021-11-22 21:51:45 +08:00
Gusted
ed23a6c397
Make bind error more readable (#17750)
- Add the related fieldNames into the response JSON, such that the developer can figure out what's going on.
- Related:
https://github.com/go-gitea/gitea/issues/17126#issuecomment-937848295
2021-11-22 21:05:29 +08:00
Lunny Xiao
0add627182
Fix close issue but time watcher still running (#17643)
* Fix close issue but time watcher still running

* refactor stopwatch codes

* Fix test

* Fix test

* Fix typo

* Fix test
2021-11-21 17:11:48 +08:00
zeripath
f8ec43dbc7
Extract constant names out for the ReverseProxy and Basic authentication methods (#17735)
In order to reduce load on the GC extract out the constant names of the Basic and ReverseProxy methods.

As mentioned in https://github.com/go-gitea/gitea/pull/15119#discussion_r730352176

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-20 23:33:18 +08:00
wxiaoguang
013fb73068
Use hostmatcher to replace matchlist, improve security (#17605)
Use hostmacher to replace matchlist.

And we introduce a better DialContext to do a full host/IP check, otherwise the attackers can still bypass the allow/block list by a 302 redirection.
2021-11-20 17:34:05 +08:00
Paweł Bogusławski
d4e281bc02
Allow Token API calls be authorized using the reverse-proxy header (#15119)
* API calls authorized with HTTP header

This mod allows API calls to be authorized with HTTP header
when ENABLE_REVERSE_PROXY_AUTHENTICATION is enabled. Without
it user authenticated by reverse proxy is able to access
gitea UI but not API which is inconsistent.

Author-Change-Id: IB#1107572

* Fixed API calls authorized with HTTP header

Only reqBasicAuth is modified to allow reverse proxy
auth as alternative and reqToken is left untouched.

Fixes: dc952c063206d11504085ddea966f121e796a04c
Author-Change-Id: IB#1107572

* Reverse proxy API auth separated in docs

Related: https://github.com/go-gitea/gitea/pull/15119#discussion_r621322127
Author-Change-Id: IB#1107572

* Reverse proxy API auth separated in docs

Related: https://github.com/go-gitea/gitea/pull/15119#discussion_r621322127
Author-Change-Id: IB#1107572

* Reverse proxy API auth separated

Related: https://github.com/go-gitea/gitea/pull/15119#discussion_r621322127
Author-Change-Id: IB#1107572

* ReverseProxyAuth removed from swagger

ReverseProxyAuth removed from swagger as in upstream's suggestion.

Related: https://github.com/go-gitea/gitea/pull/15119#pullrequestreview-692180940
Author-Change-Id: IB#1107572

* ReverseProxyAuth API authorization fixed

Related: https://github.com/go-gitea/gitea/pull/15119#issuecomment-868465099
Author-Change-Id: IB#1107572

* ReverseProxyAuth API authorization fixed

Related: https://github.com/go-gitea/gitea/pull/15119#issuecomment-868465099
Author-Change-Id: IB#1107572
2021-11-19 22:54:44 +08:00
Lunny Xiao
fc3d082609
Move attachment into models/repo/ (#17650)
* Move attachment into models/repo/

* Fix test

* Fix bug
2021-11-19 21:39:57 +08:00
Lunny Xiao
7a03473159
Use a standalone struct name for Organization (#17632)
* Use a standalone struct name for Organization

* recover unnecessary change

* make the code readable

* Fix template failure

* Fix template failure

* Move HasMemberWithUserID to org

* Fix test

* Remove unnecessary user type check

* Fix test

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-19 19:41:40 +08:00
KN4CK3R
f34151bdb2
Move user/org deletion to services (#17673) 2021-11-19 01:42:27 +08:00
Lunny Xiao
5233051e64
Move some functions into services/repository (#17677) 2021-11-17 23:17:31 +08:00
wxiaoguang
750a8465f5
A better go code formatter, and now make fmt can run in Windows (#17684)
* go build / format tools
* re-format imports
2021-11-17 20:34:35 +08:00
Lunny Xiao
95d3266bee
Move user follow and openid into models/user/ (#17613)
* Move UserRedirect into models/user/

* Fix lint & test

* Fix lint

* Fix lint

* remove nolint comment

* Fix lint

* Move user follow and openid into models/user

* Ignore the lint

* Ignore the lint

* Fix test

* ignore stutters lint on UserOpenID
2021-11-17 17:58:31 +08:00
zeripath
bbffcc3aec
Multiple Escaping Improvements (#17551)
There are multiple places where Gitea does not properly escape URLs that it is building and there are multiple places where it builds urls when there is already a simpler function available to use this.
    
This is an extensive PR attempting to fix these issues.

1. The first commit in this PR looks through all href, src and links in the Gitea codebase and has attempted to catch all the places where there is potentially incomplete escaping.
2. Whilst doing this we will prefer to use functions that create URLs over recreating them by hand.
3. All uses of strings should be directly escaped - even if they are not currently expected to contain escaping characters. The main benefit to doing this will be that we can consider relaxing the constraints on user names and reponames in future. 
4. The next commit looks at escaping in the wiki and re-considers the urls that are used there. Using the improved escaping here wiki files containing '/'. (This implementation will currently still place all of the wiki files the root directory of the repo but this would not be difficult to change.)
5. The title generation in feeds is now properly escaped.
6. EscapePound is no longer needed - urls should be PathEscaped / QueryEscaped as necessary but then re-escaped with Escape when creating html with locales Signed-off-by: Andrew Thornton <art27@cantab.net>

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-16 18:18:25 +00:00
Lunny Xiao
7e1ae38097
Move migrations into services and base into modules/migration (#17663)
* Move migrtions into services and base into modules/migration

* Fix imports

* Fix lint
2021-11-16 23:25:33 +08:00
Lunny Xiao
48ccd325a1
Move some functions into services/repository (#17660) 2021-11-16 21:30:11 +08:00
wxiaoguang
81926d61db
Decouple unit test, remove intermediate unittestbridge package (#17662)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-11-16 16:53:21 +08:00
wxiaoguang
df64fa4865
Decouple unit test code from business code (#17623) 2021-11-12 22:36:47 +08:00
Lunny Xiao
90eb9fb889
Move EmailAddress & UserRedirect into models/user/ (#17607)
* Move EmailAddress into models/user/

* Fix test

* rename user_mail to user_email

* Fix test

* Move UserRedirect into models/user/

* Fix lint & test

* Fix lint

* Fix lint

* remove nolint comment

* Fix lint
2021-11-11 15:03:30 +08:00
Lunny Xiao
43bbc54783
Fix 500 when a comment was deleted which has a notification (#17550)
* Fix 500 when a comment was deleted which has a notification

* Tolerate missing Comment in other places too

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-10 13:48:45 +08:00
Lunny Xiao
33fca2b537
Move webhook into models/webhook/ (#17579) 2021-11-10 13:13:16 +08:00
Lunny Xiao
99b2858e62
Move unit into models/unit/ (#17576)
* Move unit into models/unit/

* Rename unit.UnitType as unit.Type
2021-11-09 20:57:58 +01:00
Gusted
ebaf4c48ea
Avoid double imports (#17569)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-08 09:04:13 +02:00
zeripath
0b4a8be26b
Ensure that restricted users can access repos for which they are members (#17460)
There is a small bug in the way that repo access is checked in
repoAssignment: Accessibility is checked by checking if the user has a
marked access to the repository instead of checking if the user has any
team granted access.

This PR changes this permissions check to use HasAccess() which does the
correct test. There is also a fix in the release api ListReleases where
it should return draft releases if the user is a member of a team with
write access to the releases.

The PR also adds a testcase.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-10-28 10:54:40 +08:00
qwerty287
3676fafdac
Add API to get/edit wiki (#17278)
* Add API to get/edit wiki

* Add swagger docs, various improvements

* fmt

* Fix lint and rm comment

* Add page parameter

* Add pagination to pages

* Add tests

* fmt

* Update func names

* Update error handling

* Update type name

* Fix lint

* Don't delete Home

* Update func name

* Update routers/api/v1/repo/wiki.go

Co-authored-by: delvh <dev.lh@web.de>

* Remove unnecessary check

* Fix lint

* Use English strings

* Update integrations/api_wiki_test.go

Co-authored-by: delvh <dev.lh@web.de>

* Update func and test names

* Remove unsed check and avoid duplicated error reports

* Improve error handling

* Return after error

* Document 404 error

* Update swagger

* Fix lint

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

* Document file encoding

* fmt

* Apply suggestions

* Use convert

* Fix integration test

* simplify permissions

* unify duplicate key Title/Name

* improve types & return UTC timestamps

* improve types pt.2

- add WikiPageMetaData.LastCommit
- add WikiPageMetaData.HTMLURL
- replace WikiPageMetaData.Updated with .LastCommit.Committer.Created

also delete convert.ToWikiPage(), as it received too many arguments and
only had one callsite anyway. sorry for bad advice earlier 🙃

* WikiPage.Content is base64 encoded

* simplify error handling in wikiContentsByName()

* update swagger

* fix & DRY findWikiRepoCommit() error handling

ListWikiPages() previously wrote error twice when repo wiki didn't exist

* rename Content -> ContentBase64

* Fix test

* Fix tests

* Update var name

* suburl -> sub_url

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Norwin <git@nroo.de>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-10-25 11:43:40 +08:00
wxiaoguang
e18ea9e349
Update documents for Gitea behind reverse proxy. Fix some small bugs (some URLs are generated without sub-path) (#17320)
* Apache `ProxyPassReverse` only works for Location, Content-Location and URI headers on HTTP redirect responses, it causes more problems than it resolves. Now all URLs generated by Gitee have the correct prefix AppSubURL. We do not need to set `ProxyPassReverse`.

* fix url param

* use AppSubURL instead of AppURL in api/v1

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-10-15 23:34:07 -04:00
zeripath
a889d0cc8c
Add buttons to allow loading of incomplete diffs (#16829)
This PR adds two buttons to the stats and the end of the diffs list to load the (some of) the remaining incomplete diff sections.

Contains #16775
    
Signed-off-by: Andrew Thornton <art27@cantab.net>


## Screenshots

### Show more button at the end of the diff
![Screenshot from 2021-09-04 11-12-37](https://user-images.githubusercontent.com/1824502/132091009-b1f6113e-2c04-4be5-8a04-b8ecea56887b.png)

### Show more button at the end of the diff stats box
![Screenshot from 2021-09-04 11-14-54](https://user-images.githubusercontent.com/1824502/132091063-86da5a6d-6628-4b82-bea9-3655cd9f40f6.png)
2021-10-15 17:05:33 +01:00
Romain
d0a681fbc3
[API] Add endpount to get user org permissions (#17232)
* Add endpoint

* Add swagger response + generate swagger

* Stop execution if user / org is not found

* Add tests


Co-authored-by: 6543 <6543@obermui.de>
2021-10-12 12:47:19 +02:00
pricly-yellow
4afdb1eb78
API pull's head/base have correct permission (#17214)
close #17181

* for all pull requests API return permissions of caller
* for all webhook return empty permissions

Signed-off-by: Danila Kryukov <pricly_yellow@dismail.de>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: 6543 <6543@obermui.de>
2021-10-07 02:03:37 +02:00
Norwin
1f45b3a629
API: don't allow merged PRs to be reopened (#17192)
* api: dont open merged PRs

* don't change base branch when already merged

* don't allow any state change

* also validate opening merged PRs in EditIssue

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2021-10-02 23:11:17 -04:00
techknowlogick
babab0bf5e
Add nodeinfo endpoint for federation purposes (#16953)
Nodeinfo is a way to expose certain metadata about a server for use of discovery regarding functionality of its federation capabilities.

Two endpoints are required:
1. `/.well-known/nodeinfo` which informs client where it can find the location of the location of its metadata (including which version of the schema is used)
2. the endpoint which exposes the metadata in json format according to schema.

Notes:
* `openRegistrations` is a required field, but I propose to set to false as default in case someone writes a crawler to discover "open" gitea instances
* to limit data leakage I also propose to not include the `usage` field (note it is required so it should be included, but left as empty).

More info:
https://github.com/jhass/nodeinfo
https://github.com/jhass/nodeinfo/tree/main/schemas/2.1
http://nodeinfo.diaspora.software/protocol.html
2021-09-28 01:38:06 +02:00
Norwin
f48dce3176
Don't return binary file changes in raw PR diffs by default (#17158)
* return diffs without binary file content change

* ?binary=true option to restore old behaviour

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: zeripath <art27@cantab.net>
2021-09-27 17:09:49 -04:00
zeripath
920608e592
Support direct comparison (git diff a..b) as well merge comparison (a...b) (#16635)
This PR changes the compare page to make the "..." in the between branches a clickable
link. This changes the comparison type from "..." to "..". Similarly it makes the
initial compare icon clickable to switch the head and base branches.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-09-27 13:19:34 +01:00
Lunny Xiao
5842a55b31
Move login related structs and functions to models/login (#17093)
* Move login related structs and functions to models/login

* Fix test

* Fix lint

* Fix lint

* Fix lint of windows

* Fix lint

* Fix test

* Fix test

* Only load necessary fixtures when preparing unit tests envs

* Fix lint

* Fix test

* Fix test

* Fix error log

* Fix error log

* Fix error log

* remove unnecessary change

* fix error log

* merge main branch
2021-09-24 19:32:56 +08:00
Eng Zer Jun
f2e7d5477f
refactor: move from io/ioutil to io and os package (#17109)
The io/ioutil package has been deprecated as of Go 1.16, see
https://golang.org/doc/go1.16#ioutil. This commit replaces the existing
io/ioutil functions with their new definitions in io and os packages.

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-09-22 13:38:34 +08:00
qwerty287
0fa153f421
Merge endpoints for pull diff/patch (#17104)
this merges the two API endpoints for the PR diff/patch in to one
2021-09-22 01:04:53 +02:00
qwerty287
5ac857f4d4
Add API to get commit diff/patch (#17095)
* Add API to get commit diff/patch
* Add Tests

Co-authored-by: 6543 <6543@obermui.de>
2021-09-20 18:14:29 +02:00
Lunny Xiao
a4bfef265d
Move db related basic functions to models/db (#17075)
* Move db related basic functions to models/db

* Fix lint

* Fix lint

* Fix test

* Fix lint

* Fix lint

* revert unnecessary change

* Fix test

* Fix wrong replace string

* Use *Context

* Correct committer spelling and fix wrong replaced words

Co-authored-by: zeripath <art27@cantab.net>
2021-09-19 19:49:59 +08:00
Norwin
0b368aa73d
OpenAPI: correct documentation of issue listing parameters (#17060)
* correct documentation of issue listing parameters

* make generate-swagger

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-09-17 21:01:50 -04:00
zeripath
25533657f6
Add caller to cat-file batch calls (#17082)
Some people still appear to report unclosed cat-files. This PR simply adds the caller
to the process descriptor for the CatFileBatch and CatFileBatchCheck calls.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-09-17 20:54:15 -04:00
Norwin
0ffad31b92
Notifications API: respond with updated notifications (#17064)
* notifications api: return updated notifications in response

* make generate-swagger

* openapi fix

Co-authored-by: zeripath <art27@cantab.net>
2021-09-17 19:40:50 -04:00
zeripath
a334a95a3c
Use common sessioner for API and Web (#17027)
* Use common sessioner for API and Web

Instead of creating separate sessioner and doubly initialising the provider just
use the same sessioner for the API and Web routes.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-09-12 19:35:38 +02:00
Jimmy Praet
3d6cb25e31
Support unprotected file patterns (#16395)
Fixes #16381

Note that changes to unprotected files via the web editor still cannot be pushed directly to the protected branch. I could easily add such support for edits and deletes if needed. But for adding, uploading or renaming unprotected files, it is not trivial.

* Extract & Move GetAffectedFiles to modules/git
2021-09-11 16:21:17 +02:00
6543
51578d6418
Calculate label URL on API (#16186)
close #8028
2021-09-10 18:03:16 +02:00
Lunny Xiao
ddc709ff7f
Add repo_id for attachment (#16958)
When create a new issue or comment and paste/upload an attachment/image, it will not assign an issue id before submit. So if user give up the creating, the attachments will lost key feature and become dirty content. We don't know if we need to delete the attachment even if the repository deleted.

This PR add a repo_id in attachment table so that even if a new upload attachment with no issue_id or release_id but should have repo_id. When deleting a repository, they could also be deleted.

Co-authored-by: 6543 <6543@obermui.de>
2021-09-08 17:19:30 +02:00
6543
63d7cbcef1
Make mirror feature more configurable (#16957)
Rename`[repository]` `DISABLE_MIRRORS` to `[mirror]` `DISABLE_NEW_PULL`  and add `ENABLED` and `DISABLE_NEW_PUSH` with the below meanings:

- `ENABLED`: **true**: Enables the mirror functionality. Set to **false** to disable all mirrors.
- `DISABLE_NEW_PULL`: **false**: Disable the creation of **new** mirrors. Pre-existing mirrors remain valid.
- `DISABLE_NEW_PUSH`: **false**: Disable the creation of **new** push mirrors. Pre-existing mirrors remain valid.


Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: delvh <dev.lh@web.de>
2021-09-07 17:49:36 +02:00
zeripath
eb0330a3fe
Ensure that rebase conflicts are handled in updates (#16952)
PR #16125 did not update the error handlers to handle conflict errors relating
to rebases. This PR adds them.

Fix #16922

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-09-05 10:30:40 +01:00
a1012112796
cbf05c3f79
Add option to update pull request by rebase (#16125)
* add option to update pull request by `rebase`

Signed-off-by: a1012112796 <1012112796@qq.com>
2021-08-31 16:03:45 +02:00
6543
73394f435c
[API] List limited and private orgs if authentificated (#16866)
* fix bug #16785 and similar

* code format

* CI.restart()
2021-08-30 14:00:59 -04:00
Kyle Evans
cad70599a6
Refactor the fork service slightly to take ForkRepoOptions (#16744)
* Refactor the fork service slightly to take ForkRepoOptions

This reduces the number of places we need to change if we want to add other
options during fork time.

Signed-off-by: Kyle Evans <kevans@FreeBSD.org>

* Fix integrations and tests after ForkRepository refactor

Signed-off-by: Kyle Evans <kevans@FreeBSD.org>

* Update OldRepo -> BaseRepo

Signed-off-by: Kyle Evans <kevans@FreeBSD.org>

* gofmt pass

Signed-off-by: Kyle Evans <kevans@FreeBSD.org>
2021-08-28 16:37:14 +08:00
Jimmy Praet
a4962a9440
Add filter by owner and team to issue/pulls search endpoint (#16662)
* Filter by owner and team in API issue/pulls search

* Add integration test
2021-08-13 22:47:25 +02:00
6543
2289580bb7
[API] generalize list header (#16551)
* Add info about list endpoints to CONTRIBUTING.md

* Let all list endpoints return X-Total-Count header 

* Add TODOs for GetCombinedCommitStatusByRef

* Fix models/issue_stopwatch.go

* Rrefactor models.ListDeployKeys

* Introduce helper func and use them for SetLinkHeader related func
2021-08-12 14:43:08 +02:00
6543
f1a810e090
Related refactors to ctx.FormX functions (#16567)
* use FormTrim if posible

* speedup goGet

* only convert if nessesary
2021-08-11 18:08:52 +03:00
nitul1991
2d25b7d44b
Add an api endpoint to fetch git notes (#15373) (#16649)
close #15373
2021-08-11 03:01:40 +02:00
6543
c4d70a0325
Rename ctx.Form() to ctx.FormString() and move code into own file (#16571)
Followup from #16562 prepare for #16567

* Rename ctx.Form() to ctx.FormString()
* Reimplement FormX func to need less code and cpu cycles
* Move code into own file
2021-08-11 02:31:13 +02:00
KN4CK3R
d9ef43a712
Replace list.List with slices (#16311)
* Replaced list with slice.

* Fixed usage of pointer to temporary variable.

* Replaced LIFO list with slice.

* Lint

* Removed type check.

* Removed duplicated code.

* Lint

* Fixed merge.

Co-authored-by: 6543 <6543@obermui.de>
2021-08-09 14:08:51 -04:00
zeripath
19e2c6a302
Set AllowedHeaders on API CORS handler (#16524)
Set AllowedHeaders on API CORS handler and add missing Access-Control-Expose-Headers
to pull API.

Fix #16100

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-08-04 21:56:49 +02:00
zeripath
48c7c880b8
Swagger AccessToken fixes (#16574)
There is a subtle problem with the Swagger definition for AccessTokens which causes
autogeneration of APIs for these endpoints to fail.

This PR corrects these errors.

Ref: https://github.com/zeripath/java-gitea-api/issues/4
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-08-01 16:44:15 -04:00
Lars Hvam
d686d7b052
Fix swagger doc by rename repoAddTopíc to repoAddTopic (#16580)
* Swagger API: rename repoAddTopíc to repoAddTopic

This changes the operationId to only contain 7 bit ascii, note "í" instead of "i"
2021-08-01 18:28:05 +02:00
Lunny Xiao
33e0b38287
Rename context.Query to context.Form (#16562) 2021-07-29 03:42:15 +02:00
a1012112796
3705168837
Add agit flow support in gitea (#14295)
* feature: add agit flow support

ref: https://git-repo.info/en/2020/03/agit-flow-and-git-repo/

example:

```Bash
git checkout -b test
echo "test" >> README.md
git commit -m "test"
git push origin HEAD:refs/for/master -o topic=test
```

Signed-off-by: a1012112796 <1012112796@qq.com>

* fix lint

* simplify code add fix some nits

* update merge help message

* Apply suggestions from code review. Thanks @jiangxin

* add forced-update message

* fix lint

* splite writePktLine

* add refs/for/<target-branch>/<topic-branch> support also

* Add test code add fix api

* fix lint

* fix test

* skip test if git version < 2.29

* try test with git 2.30.1

* fix permission check bug

* fix some nit

* logic implify and test code update

* fix bug

* apply suggestions from code review

* prepare for merge

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix permission check bug

- test code update
- apply suggestions from code review @zeripath

Signed-off-by: a1012112796 <1012112796@qq.com>

* fix bug when target branch isn't exist

* prevent some special push and fix some nits

* fix lint

* try splite

* Apply suggestions from code review

- fix permission check
- handle user rename

* fix version negotiation

* remane

* fix template

* handle empty repo

* ui: fix  branch link under the title

* fix nits

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-07-28 17:42:56 +08:00
Lunny Xiao
9f31f3aa8a
Add an abstract json layout to make it's easier to change json library (#16528)
* Add an abstract json layout to make it's easier to change json library

* Fix import

* Fix import sequence

* Fix blank lines

* Fix blank lines
2021-07-24 18:03:58 +02:00
Patrick Schratz
ef395286bf
update user/repos api description (#16503)
Currently states 

> List the repos that the authenticated user owns or has access to

but the endpoint does not list all repos a user has access to, only the ones a user owns

(Also verified and discussed in Discord)

Fixes #16502
2021-07-21 17:49:10 +01:00
Ion Jaureguialzo Sarasola
251d7f524a
Check user instead of organization when creating a repo from a template via API (#16346)
* Check user instead of organization

* Enforce that only admins can copy a repo to another user
2021-07-15 20:19:39 +02:00
6543
56b7f53329
Return updated repository when changing repository using API (#16420) 2021-07-13 20:31:59 +01:00
zeripath
b82293270c
Add option to provide signature for a token to verify key ownership (#14054)
* Add option to provide signed token to verify key ownership

Currently we will only allow a key to be matched to a user if it matches
an activated email address. This PR provides a different mechanism - if
the user provides a signature for automatically generated token (based
on the timestamp, user creation time, user ID, username and primary
email.

* Ensure verified keys can act for all active emails for the user

* Add code to mark keys as verified

* Slight UI adjustments

* Slight UI adjustments 2

* Simplify signature verification slightly

* fix postgres test

* add api routes

* handle swapped primary-keys

* Verify the no-reply address for verified keys

* Only add email addresses that are activated to keys

* Fix committer shortcut properly

* Restructure gpg_keys.go

* Use common Verification Token code

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-07-13 15:28:07 +02:00
6543
b81106be3f
Let branch/tag name be a valid ref to get CI status (#16400)
* fix #16384#

* refactor: move shared helper func to utils package

* extend Tests

* use ctx.Repo.GitRepo if not nil
2021-07-13 08:14:14 +01:00
Jimmy Praet
78118a3b02
Add checkbox to delete pull branch after successful merge (#16049)
* Add checkbox to delete pull branch after successful merge

* Omit DeleteBranchAfterMerge field in json

* Log a warning instead of error when PR head branch deleted

* Add DefaultDeleteBranchAfterMerge to PullRequestConfig

* Add support for delete_branch_after_merge via API

* Fix for API: the branch should be deleted from the HEAD repo

If head and base repo are the same, reuse the already opened ctx.Repo.GitRepo

* Don't delegate to CleanupBranch, only reuse branch deletion code

CleanupBranch contains too much logic that has already been performed by the Merge

* Reuse gitrepo in MergePullRequest

Co-authored-by: Andrew Thornton <art27@cantab.net>
2021-07-13 01:26:25 +02:00
luzpaz
e0296b6a6d
Fix various documentation, user-facing, and source comment typos (#16367)
* Fix various doc, user-facing, and source comment typos

Found via `codespell -q 3 -S ./options/locale,./vendor -L ba,pullrequest,pullrequests,readby`
2021-07-08 13:38:13 +02:00
a1012112796
5bb97a12d7
Creating a repo from a template repo via API (#15958)
* Creating a repo from a template repo via API

fix #15934
ref:
https://docs.github.com/en/rest/reference/repos#create-a-repository-using-a-template

Signed-off-by: a1012112796 <1012112796@qq.com>
2021-07-05 17:29:08 +02:00
sebastian-sauer
92328a3394
Add API to get commits of PR (#16300)
* Add API to get commits of PR

fixes #10918

Co-authored-by: Andrew Bezold <andrew.bezold@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2021-07-02 14:19:57 +02:00
6543
65548359cc
Add custom emoji support (#16004) 2021-06-29 16:28:38 +02:00
KN4CK3R
aac663e0da
Implemented head_commit for webhooks (#16282)
* Removed Len field.

* Added head_commit webhook field.

* Added comment for returns.
2021-06-29 15:34:03 +02:00
KN4CK3R
9b1b4b5433
Refactor Webhook + Add X-Hub-Signature (#16176)
This PR removes multiple unneeded fields from the `HookTask` struct and adds the two headers `X-Hub-Signature` and `X-Hub-Signature-256`.

## ⚠️ BREAKING ⚠️ 

* The `Secret` field is no longer passed as part of the payload.
* "Breaking" change (or fix?): The webhook history shows the real called url and not the url registered in the webhook (`deliver.go`@129).

Close #16115
Fixes #7788
Fixes #11755

Co-authored-by: zeripath <art27@cantab.net>
2021-06-27 20:21:09 +01:00
Sergey Dryabzhinsky
22a0636544
Add Visible modes function from Organisation to Users too (#16069)
You can limit or hide organisations. This pull make it also posible for users

- new strings to translte
- add checkbox to user profile form
- add checkbox to admin user.edit form
- filter explore page user search
- filter api admin and public user searches
- allow admins view "hidden" users
- add app option DEFAULT_USER_VISIBILITY
- rewrite many files to use Visibility field
- check for teams intersection
- fix context output
- right fake 404 if not visible

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2021-06-26 20:53:14 +01:00
Lunny Xiao
e3c626834b
Let package git depend on setting but not opposite (#15241)
* Let package git depend on setting but not opposite

* private some package variables
2021-06-26 13:28:55 +02:00
sebastian-sauer
6c3433151f
API: Allow COMMENT reviews to not specify a body (#16229)
* Allow COMMENT reviews to not specify a body

when using web ui there is no need to specify a body.
so we don't need to specify a body if adding a COMMENT-review
via our api.

* Ensure comments or Body is provided

and add some integration tests for reviewtype COMMENT.

Signed-off-by: Sebastian Sauer <sauer.sebastian@gmail.com>
2021-06-25 00:05:51 +02:00
Lunny Xiao
b223d36195
Rework repository archive (#14723)
* Use storage to store archive files

* Fix backend lint

* Add archiver table on database

* Finish archive download

* Fix test

* Add database migrations

* Add status for archiver

* Fix lint

* Add queue

* Add doctor to check and delete old archives

* Improve archive queue

* Fix tests

* improve archive storage

* Delete repo archives

* Add missing fixture

* fix fixture

* Fix fixture

* Fix test

* Fix archiver cleaning

* Fix bug

* Add docs for repository archive storage

* remove repo-archive configuration

* Fix test

* Fix test

* Fix lint

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-06-23 17:12:38 -04:00
6543
eb324a9402
[API] Add repoGetTag (#16166)
* GetTag -> GetAnnotatedTag

* API: Add repoGetTag

* fix swagger docs

* support "/" as tag name char

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-06-23 17:08:47 -04:00
6543
58501a2682
[API] GET / SET User Settings (#16169)
* API: GET/SET User Settings

* linter

* Apply suggestions from code review

* Update modules/structs/user.go

* lint

* fix swagger

* move User2UserSettings to convert

* as per @zeripath "preferences" -> "settings"

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-06-23 15:58:44 -04:00
zeripath
681e81babd
reqOrgMembership calls need to be preceded by reqToken (#16198)
ReqOrgMembership calls need to be preceded by reqToken

Fix #16192

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-06-21 14:01:44 +01:00
6543
75205b5669
Fix some API bugs (#16184)
* Repository object only count releases as releases (fix #16144)

* EditOrg respect RepoAdminChangeTeamAccess option (fix #16013)
2021-06-18 01:24:55 +02:00
6543
f7cd394680
[API] Add repoCreateTag (#16165)
* Add API CreateTag

* Add Test

* API: expose Tag Message
2021-06-17 18:04:10 +02:00
6543
b3fbd37e99
[API] expose repo.GetReviewers() & repo.GetAssignees() (#16168)
* API: expose repo.GetReviewers() & repo.GetAssignees()

* Add tests

* fix unrelated swagger query type
2021-06-17 16:02:34 +02:00
6543
6ad5d0a306
[API] ListReleases add filter for draft and pre-releases (#16175)
* invent ctx.QueryOptionalBool

* [API] ListReleases add draft and pre-release filter

* Add X-Total-Count header

* Add a release to fixtures

* Add TEST for API ListReleases
2021-06-17 10:58:10 +02:00
6543
9469e14dc6
[API] Issue Search Add filter for MilestoneNames (#16173) 2021-06-17 08:40:59 +02:00
6543
0e081ff0ce
[API] ListIssues add more filters (#16174)
* [API] ListIssues add more filters:
optional filter repo issues by:
 - since
 - before
 - created_by
 - assigned_by
 - mentioned_by

* Add Tests

* Update routers/api/v1/repo/issue.go

Co-authored-by: Lanre Adelowo <adelowomailbox@gmail.com>

* Apply suggestions from code review

Co-authored-by: Lanre Adelowo <adelowomailbox@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-06-16 18:33:37 -04:00
zeripath
6d69df2804
Add Status Updates whilst Gitea migrations are occurring (#15076)
* Add migrating message

Signed-off-by: Andrew Thornton <art27@cantab.net>

* simplify messenger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* make messenger an interface

Signed-off-by: Andrew Thornton <art27@cantab.net>

* rename

Signed-off-by: Andrew Thornton <art27@cantab.net>

* prepare for merge

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per tech

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
2021-06-16 18:02:24 -04:00
6543
9273601064
Add subject-type filter to list notification API endpoints (#16177)
Close #15886
2021-06-16 18:04:37 +01:00
KN4CK3R
ebf253b841
Add attachments for PR reviews (#16075)
* First step for multiple dropzones per page.

* Allow attachments on review comments.

* Lint.

* Fixed accidental initialize of the review textarea.

* Initialize SimpleMDE textarea.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-06-14 21:12:33 -04:00
KN4CK3R
440039c0cc
Add push to remote mirror repository (#15157)
* Added push mirror model.

* Integrated push mirror into queue.

* Moved methods into own file.

* Added basic implementation.

* Mirror wiki too.

* Removed duplicated method.

* Get url for different remotes.

* Added migration.

* Unified remote url access.

* Add/Remove push mirror remotes.

* Prevent hangs with missing credentials.

* Moved code between files.

* Changed sanitizer interface.

* Added push mirror backend methods.

* Only update the mirror remote.

* Limit refs on push.

* Added UI part.

* Added missing table.

* Delete mirror if repository gets removed.

* Changed signature. Handle object errors.

* Added upload method.

* Added "upload" unit tests.

* Added transfer adapter unit tests.

* Send correct headers.

* Added pushing of LFS objects.

* Added more logging.

* Simpler body handling.

* Process files in batches to reduce HTTP calls.

* Added created timestamp.

* Fixed invalid column name.

* Changed name to prevent xorm auto setting.

* Remove table header im empty.

* Strip exit code from error message.

* Added docs page about mirroring.

* Fixed date.

* Fixed merge errors.

* Moved test to integrations.

* Added push mirror test.

* Added test.
2021-06-14 19:20:43 +02:00
Lunny Xiao
fb3ffeb18d
Add sso.Group, context.Auth, context.APIAuth to allow auth special routes (#16086)
* Add sso.Group, context.Auth, context.APIAuth to allow auth special routes

* Remove unnecessary check

* Rename sso -> auth

* remove unused method of Auth interface
2021-06-09 19:53:16 +02:00
Lunny Xiao
1bfb0a24d8
Refactor routers directory (#15800)
* refactor routers directory

* move func used for web and api to common

* make corsHandler a function to prohibit side efects

* rm unused func

Co-authored-by: 6543 <6543@obermui.de>
2021-06-09 01:33:54 +02:00
Lunny Xiao
0909695204
Merge all deleteBranch as one function and also fix bug when delete branch don't close related PRs (#16067)
* Fix bug when delete branch don't close related PRs

* Merge all deletebranch as one method

* Add missed branch.go

* fix comment

Co-authored-by: Lauris BH <lauris@nix.lv>
2021-06-07 22:52:59 +08:00
zeripath
cbf30830d2
Add missing SameSite settings for the i_like_gitea cookie (#16037)
The i_like_gitea cookie appears to be missing the SameSite settings. I think they
were present at some point but may have been removed in a merge.

This PR ensures that they are set.

Fix #15972

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-05-31 14:22:36 -04:00
zeripath
3183a465d7
Make modules/context.Context a context.Context (#16031)
* Make modules/context.Context a context.Context

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Simplify context calls

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Set the base context for requests to the HammerContext

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-05-31 02:18:11 -04:00
Norwin
e542b416a7
api: fix overly strict edit pr permissions (#15900)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2021-05-19 10:48:48 -04:00
zeripath
d0ea10b21f
Close the gitrepo when deleting the repository (#15876)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-05-14 21:19:38 +01:00
6543
e278614753
[API] make change repo settings work on empty repos (#15778)
* API: Fix #15602

* Add TEST
2021-05-08 14:11:36 +02:00
zeripath
47fd156936
Use route rather than use thus reducing the number of stack frames (#15301)
Since the move to Chi the number of stack frames has proliferated somewhat catastrophically and we're up to 96 frames with multiple tests of the url outside of a trie which is inefficient.

This PR reduces the number of stack frames by 6 through careful use of Route, moves Captcha into its own router so that it only fires on Captcha routes, similarly for avatars and repo-avatars.

The robots.txt, / and apple-touch-icon.png are moved out of requiring Contexter.

It moves access logger higher in the stack frame because there is no reason why it can't be higher.

Extract from #15186
Contains #15292
2021-05-04 22:48:31 +01:00
KN4CK3R
8c8471e754
Addition to (Add Location, Website and Description to API #15675) (#15690)
* Use same name as other structs.

* Sync with normal forms.

* Edit description with API.

* Workaround for nil value.
2021-05-02 21:03:15 +02:00
Lunny Xiao
9d99f6ab19
Refactor renders (#15175)
* Refactor renders

* Some performance optimization

* Fix comment

* Transform reader

* Fix csv test

* Fix test

* Fix tests

* Improve optimaziation

* Fix test

* Fix test

* Detect file encoding with reader

* Improve optimaziation

* reduce memory usage

* improve code

* fix build

* Fix test

* Fix for go1.15

* Fix render

* Fix comment

* Fix lint

* Fix test

* Don't use NormalEOF when unnecessary

* revert change on util.go

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

* rename function

* Take NormalEOF back

Co-authored-by: zeripath <art27@cantab.net>
2021-04-19 18:25:08 -04:00
Kyle D
f44543a1bb
Disable Stars config option (#14653)
* Add config option to disable stars

* Replace "stars" with watched in user profile

* Add documentation
2021-04-15 18:53:57 +02:00
a1012112796
63411309fb
add some reponse status on api docs (#15399)
Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: 6543 <6543@obermui.de>
2021-04-11 09:53:23 +01:00
Lunny Xiao
1fc1d60517
Fix delete nonexist oauth application 500 and prevent deadlock (#15384)
* Fix delete nonexist oauth application 500

* Fix test

* Close the session

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update integrations/api_oauth2_apps_test.go

* Fix more missed sess.Close

* Remove unnecessary blank line

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-04-10 16:49:10 -04:00
a1012112796
e375cbfd46
rsponse 404 when delete not exist email (#15383)
fix #15357

Signed-off-by: a1012112796 <1012112796@qq.com>
2021-04-10 07:12:38 +01:00
6543
9c4601bdf8
Code Formats, Nits & Unused Func/Var deletions (#15286)
* _ to unused func options

* rm useless brakets

* rm trifial non used models functions

* rm dead code

* rm dead global vars

* fix routers/api/v1/repo/issue.go

* dont overload import module
2021-04-09 09:40:34 +02:00
KN4CK3R
c03e488e14
Add LFS Migration and Mirror (#14726)
* Implemented LFS client.

* Implemented scanning for pointer files.

* Implemented downloading of lfs files.

* Moved model-dependent code into services.

* Removed models dependency. Added TryReadPointerFromBuffer.

* Migrated code from service to module.

* Centralised storage creation.

* Removed dependency from models.

* Moved ContentStore into modules.

* Share structs between server and client.

* Moved method to services.

* Implemented lfs download on clone.

* Implemented LFS sync on clone and mirror update.

* Added form fields.

* Updated templates.

* Fixed condition.

* Use alternate endpoint.

* Added missing methods.

* Fixed typo and make linter happy.

* Detached pointer parser from gogit dependency.

* Fixed TestGetLFSRange test.

* Added context to support cancellation.

* Use ReadFull to probably read more data.

* Removed duplicated code from models.

* Moved scan implementation into pointer_scanner_nogogit.

* Changed method name.

* Added comments.

* Added more/specific log/error messages.

* Embedded lfs.Pointer into models.LFSMetaObject.

* Moved code from models to module.

* Moved code from models to module.

* Moved code from models to module.

* Reduced pointer usage.

* Embedded type.

* Use promoted fields.

* Fixed unexpected eof.

* Added unit tests.

* Implemented migration of local file paths.

* Show an error on invalid LFS endpoints.

* Hide settings if not used.

* Added LFS info to mirror struct.

* Fixed comment.

* Check LFS endpoint.

* Manage LFS settings from mirror page.

* Fixed selector.

* Adjusted selector.

* Added more tests.

* Added local filesystem migration test.

* Fixed typo.

* Reset settings.

* Added special windows path handling.

* Added unit test for HTTPClient.

* Added unit test for BasicTransferAdapter.

* Moved into util package.

* Test if LFS endpoint is allowed.

* Added support for git://

* Just use a static placeholder as the displayed url may be invalid.

* Reverted to original code.

* Added "Advanced Settings".

* Updated wording.

* Added discovery info link.

* Implemented suggestion.

* Fixed missing format parameter.

* Added Pointer.IsValid().

* Always remove model on error.

* Added suggestions.

* Use channel instead of array.

* Update routers/repo/migrate.go

* fmt

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2021-04-08 18:25:57 -04:00
zeripath
fa3895ce81
Move modules/forms to services/forms (#15305)
Forms are dependent on models and therefore should be in services.

This PR also removes the old auth. aliasing

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-04-06 20:44:05 +01:00
6543
16dea6cebd
[refactor] replace int with httpStatusCodes (#15282)
* replace "200" (int) with "http.StatusOK" (const)

* ctx.Error & ctx.HTML

* ctx.JSON Part1

* ctx.JSON Part2

* ctx.JSON Part3
2021-04-05 11:30:52 -04:00
6543
80d6c6d7de
[refactor] mailer service (#15072)
* Unexport SendUserMail

* Instead of "[]*models.User" or "[]string" lists infent "[]*MailRecipient" for mailer

* adopt

* code format

* TODOs for "i18n"

* clean

* no fallback for lang -> just use english

* lint

* exec testComposeIssueCommentMessage per lang and use only emails

* rm MailRecipient

* Dont reload from users from db if you alredy have in ram

* nits

* minimize diff

Signed-off-by: 6543 <6543@obermui.de>

* localize subjects

* linter ...

* Tr extend

* start tmpl edit ...

* Apply suggestions from code review

* use translation.Locale

* improve mailIssueCommentBatch

Signed-off-by: Andrew Thornton <art27@cantab.net>

* add i18n to datas

Signed-off-by: Andrew Thornton <art27@cantab.net>

* a comment

Co-authored-by: Andrew Thornton <art27@cantab.net>
2021-04-02 11:25:13 +01:00
zeripath
c1ca4a8313
Improve /api/v1/repos/issues/search by just getting repo ids (#15179)
/api/v1/repos/issues/search is a highly inefficient search which is unfortunately
the basis for our dependency searching algorithm. In particular it currently loads
all of the repositories and their owners and their primary coding language all of
which is immediately thrown away.

This PR makes one simple change - just get the IDs.

Related #14560
Related #12827

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-29 18:12:21 +01:00
6543
290cf75f93
[refactor] Unify the export of user data via API (#15144)
* [refactor] unify how user data is exported via API

* test time via unix timestamp
2021-03-27 17:45:26 +01:00
parnic
f4d27498bd
Add DefaultMergeStyle option to repository (#14789)
Fixes #12293
2021-03-27 15:55:40 +01:00
Lunny Xiao
8567cba0d9
Implement delete release attachments and update release attachments' name (#14130)
* Implement delete release attachment

* Add attachments on release edit page

* Fix bug

* Finish del release attachments

* Fix frontend lint

* Fix tests

* Support edit release attachments

* Added tests

* Remove the unnecessary parameter isCreate from UpdateReleaseOrCreatReleaseFromTag

* Rename UpdateReleaseOrCreatReleaseFromTag to UpdateRelease

* Fix middle align
2021-03-23 00:09:51 +08:00
zeripath
6e423d5573
Ensure validation occurs on clone addresses too (#14994)
* Ensure validation occurs on clone addresses too

Fix #14984

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix test

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix api tests

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-15 17:52:11 -04:00
Norwin
658d1bfac8
API: fix set milestone on PR creation (#14981)
* API: fix set milestone on PR creation

pr creation via API failed with 404, because we searched
for milestoneID 0, due to uninitialized var usage D:

* add tests

* fix expected status codes

* fix tests

Co-authored-by: 6543 <6543@obermui.de>
2021-03-13 19:06:52 +01:00
zeripath
91ee3be588
Prevent incorrect HTML escaping in swagger.json (#14957)
* Prevent incorrect HTML escaping in swagger.json

Fix #14706

Signed-off-by: Andrew Thornton <art27@cantab.net>

* oops add it to the helper

Signed-off-by: Andrew Thornton <art27@cantab.net>

* try again

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-11 23:43:04 -05:00
zeripath
5705f72fd6
Prevent panic when editing forked repos by API (#14960)
When editing forked repos using the API the BaseRepository needs to loaded
in order to check its visibility otherwise there will be NPE panic.

Fix #14956

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-11 19:09:52 +01:00
zeripath
c8e5c79cfd
Add ui.explore settings to control view of explore pages (2) (#14094)
This is an alternative PR to #13687.

Add `[ui.explore]` settings to allow restricting the
explore pages to logged in users only and to disable the users explore page.

The two proposed settings are:

- `REQUIRE_SIGNIN_VIEW`: Only allows access to the explore pages if the
user is signed in. Also restricts
  - `/api/v1/user/search`
  - `/api/v1/users/{username}`
  - `/api/v1/users/{username}/repos`
  - but does not restrict `/api/v1/users/{username}/heatmap`
- `DISABLE_USERS_PAGE`: Disables the /explore/users page

Fix #2908

Close #13687 

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-03-11 13:40:54 +00:00
a1012112796
a5279b74b6
Make manual merge autodetection optional and add manual merge as merge method (#12543)
* Make auto check manual merge as a chooseable mod and add manual merge way on ui

as title, Before this pr, we use same way with GH to check manually merge.
It good, but in some special cases, misjudgments can occur. and it's hard
to fix this bug. So I add option to allow repo manager block "auto check manual merge"
function, Then it will have same style like gitlab(allow empty pr). and to compensate for
not being able to detect THE PR merge automatically, I added a manual approach.

Signed-off-by: a1012112796 <1012112796@qq.com>

* make swager

* api support

* ping ci

* fix TestPullCreate_EmptyChangesWithCommits

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

* Apply review suggestions and add test

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

* fix build

* test error message

* make fmt

* Fix indentation issues identified by @silverwind

Co-authored-by: silverwind <me@silverwind.io>

* Fix tests and make manually merged disabled error on API the same

Signed-off-by: Andrew Thornton <art27@cantab.net>

* a small nit

* fix wrong commit id error

* fix bug

* simple test

* fix test

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-03 22:41:23 -05:00
zeripath
f0e15250b9
Migrate to use jsoniter instead of encoding/json (#14841)
* Migrate to use jsoniter

* fix tests

* update gitea.com/go-chi/binding

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-03-01 22:08:10 +01:00
6543
a4148c0f12
Repository transfer has to be confirmed, if user can not create repo for new owner (#14792)
* make repo as "pending transfer" if on transfer start doer has no right to create repo in new destination

* if new pending transfer ocured, create UI & Mail notifications
2021-03-01 01:47:30 +01:00
a1012112796
83cf1a894e
Create tag on ui (#13467)
Support create single tag directly

support create tag with message from create release ui

Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2021-02-28 19:57:45 +00:00
6543
190bd0accd
Export LFS & TimeTracking function status (#14753) 2021-02-20 11:17:51 +01:00
zeripath
aa4f9180e4
Clarify the suffices and prefixes of setting.AppSubURL and setting.AppURL (#12999)
Also removes some unnecessary uses of fmt.Sprintf and adds documentation
strings

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-02-19 22:36:43 +01:00
6543
8d5c795cc4
[API] Add Restricted Field to User (#14630)
* Expose Restricted field for User

* Add Option to Change Restricted on User via adminEditUser API

* Add test who change restricted & test if it changed it ...

* make generate-swagger

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-02-18 16:25:35 +08:00
techknowlogick
a3cc842e15
Show Gitea version in swagger (#14654)
Show Gitea version in swagger

Co-authored-by: 6543 <6543@obermui.de>
2021-02-12 21:51:56 +01:00
Anton Khimich
5a18712dd7
Fix PATCH /repos/{owner}/{repo} panic (#14637)
* Fix a runtime error when modifying a repository through API call

Using the `PATCH /repos/{owner}/{repo}` endpoint and attempting to
modify `default_branch` on an empty repository will cause a
panic. This commit adds a check for a nil pointer before attempting
to dereference it.

* Apply suggestions from code review

* Apply suggestions from code review

* Ensure that the git repository is loaded

If you change the default branch for a repository you must change it in
git too. Therefore you must open the repository before changing the
default branch.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Allow empty repos to have their default branches changed

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Anton Khimich <anton.khimicha@mail.utoronto.ca>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2021-02-11 20:53:41 +01:00
Paweł Bogusławski
7d7007dca7
Added option to disable webhooks (#13176)
* Added option to disable web hooks

This mod introduces DISABLE_WEB_HOOKS parameter in [security] section
of app.ini (by default set to false). If set to true it disables web
hooks feature. Any existing undelivered web hook tasks will be cancelled.
Any existing web hook definitions will be left untouched in db but
its delivery tasks will be ignored.

Author-Change-Id: IB#1105130

* Webhook spelling fixed

Webhook spelling fixed.

Fixes: 07df6614dc84cdd2e9f39c57577fa1062bd70012
Related: https://github.com/go-gitea/gitea/pull/13176#pullrequestreview-510868421
Author-Change-Id: IB#1105174

* Parameter description fixed

Parameter description fixed.

Fixes: 07df6614dc84cdd2e9f39c57577fa1062bd70012
Related: https://github.com/go-gitea/gitea/pull/13176#pullrequestreview-514086107
Author-Change-Id: IB#1105174
2021-02-11 12:34:34 -05:00
a1012112796
ac701637b4
Add dismiss review feature (#12674)
* Add dismiss review feature

refs:
    https://github.blog/2016-10-12-dismissing-reviews-on-pull-requests/
    https://developer.github.com/v3/pulls/reviews/#dismiss-a-review-for-a-pull-request

* change modal ui and error message

* Add unDismissReview api

Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-02-11 18:32:25 +01:00
zeripath
b337c606d3
Add support for ref parameter to get raw file API (#14602)
Fix #14597

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-02-09 01:15:47 +01:00
6543
5f248d0df2
[API] Add delete release by tag & fix unreleased inconsistency (#14563)
* DeleteReleaseByTag delete release not git tags

* Add api to delete tag (without release)

* fix & extend tests

* fix swagger doc
2021-02-07 19:32:18 +01:00
Cameron Braid
3c965c3e30
[API] GetRelease by tag only return release (#14397)
get release by tag should filter out tag releases to be consistent with list releases and get by id

Co-authored-by: 6543 <6543@obermui.de>
2021-02-04 04:12:25 +01:00
6543
0d1444751f
[API] Add pagination to ListBranches (#14524)
* make PaginateUserSlice generic -> PaginateSlice

* Add pagination to ListBranches

* add skip, limit to Repository.GetBranches()

* Move routers/api/v1/utils/utils PaginateSlice -> modules/util/paginate.go

* repo_module.GetBranches paginate

* fix & rename & more logging

* better description

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: a1012112796 <1012112796@qq.com>
2021-02-03 20:06:13 +01:00
6543
6d27703f14
[API] List, Check, Add & delete endpoints for repository teams (#13630)
* List, Check, Add & delete endpoints for repository teams

* return units on single team responce too

* Add Tests
2021-02-01 22:57:12 +01:00
a1012112796
f19da14c34
enhancement: add signoff option in commit form (#14516)
Signed-off-by: a1012112796 <1012112796@qq.com>
2021-01-29 16:57:45 +08:00
Lunny Xiao
a51cc6dea4
Fix access log (#14475)
Fix #14121, #14478.

The `AccessLog` middleware has to be after `Contexter` or `APIContexter` so that we can get `LoginUserName` if possible.
And also there is a **BREAK** change that it removed internal API access log.
2021-01-27 18:46:35 +01:00
Lunny Xiao
6433ba0ec3
Move macaron to chi (#14293)
Use [chi](https://github.com/go-chi/chi) instead of the forked [macaron](https://gitea.com/macaron/macaron). Since macaron and chi have conflicts with session share, this big PR becomes a have-to thing. According my previous idea, we can replace macaron step by step but I'm wrong. :( Below is a list of big changes on this PR.

- [x] Define `context.ResponseWriter` interface with an implementation `context.Response`.
- [x] Use chi instead of macaron, and also a customize `Route` to wrap chi so that the router usage is similar as before.
- [x] Create different routers for `web`, `api`, `internal` and `install` so that the codes will be more clear and no magic .
- [x] Use https://github.com/unrolled/render instead of macaron's internal render
- [x] Use https://github.com/NYTimes/gziphandler instead of https://gitea.com/macaron/gzip
- [x] Use https://gitea.com/go-chi/session which is a modified version of https://gitea.com/macaron/session and removed `nodb` support since it will not be maintained. **BREAK**
- [x] Use https://gitea.com/go-chi/captcha which is a modified version of https://gitea.com/macaron/captcha
- [x] Use https://gitea.com/go-chi/cache which is a modified version of https://gitea.com/macaron/cache
- [x] Use https://gitea.com/go-chi/binding which is a modified version of https://gitea.com/macaron/binding
- [x] Use https://github.com/go-chi/cors instead of https://gitea.com/macaron/cors
- [x] Dropped https://gitea.com/macaron/i18n and make a new one in `code.gitea.io/gitea/modules/translation`
- [x] Move validation form structs from `code.gitea.io/gitea/modules/auth` to `code.gitea.io/gitea/modules/forms` to avoid dependency cycle.
- [x] Removed macaron log service because it's not need any more. **BREAK**
- [x] All form structs have to be get by `web.GetForm(ctx)` in the route function but not as a function parameter on routes definition.
- [x] Move Git HTTP protocol implementation to use routers directly.
- [x] Fix the problem that chi routes don't support trailing slash but macaron did.
- [x] `/api/v1/swagger` now will be redirect to `/api/swagger` but not render directly so that `APIContext` will not create a html render. 

Notices:
- Chi router don't support request with trailing slash
- Integration test `TestUserHeatmap` maybe mysql version related. It's failed on my macOS(mysql 5.7.29 installed via brew) but succeed on CI.

Co-authored-by: 6543 <6543@obermui.de>
2021-01-26 16:36:53 +01:00
Andrew Bezold
bc05ddc0eb
Redirect on changed user and org name (#11649)
* Add redirect for user

* Add redirect for orgs

* Add user redirect test

* Appease linter

* Add comment to DeleteUserRedirect function

* Fix locale changes

* Fix GetUserByParams

* Fix orgAssignment

* Remove debug logging

* Add redirect prompt

* Dont Export DeleteUserRedirect & only use it within a session

* Unexport newUserRedirect

* cleanup

* Fix & Dedub API code

* Format Template

* Add Migration & rm dublicat

* Refactor: unexport newRepoRedirect() & rm dedub del exec

* if this fails we'll need to re-rename the user directory

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-01-24 16:23:05 +01:00
6543
a0e424da85
Enhance Ghost comment mitigation Settings (#14392)
* refactor models.DeleteComment and delete related reactions too

* use deleteComment for UserDeleteWithCommentsMaxDays in DeleteUser

* nits

* Use time.Duration as other time settings have

* docs

* Resolve Fixme & fix potential deadlock

* Disabled by Default

* Update Config Value Description

* switch args

* Update models/issue_comment.go

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2021-01-21 21:56:19 -05:00
6543
81c833d92d
Add support to migrate from gogs (#14342)
Add support to migrate gogs:

  *  issues
  *  comments
  *  labels
  *  milestones
  *  wiki


Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2021-01-21 20:33:58 +01:00
Jimmy Praet
acb1ceb1f4
Add review requested filter on pull request overview (#13701)
* Add review requested filter on pull request overview #13682

fix formatting

* add review_requested filter to /repos/issues/search API endpoint

* only Approve and Reject status should supersede Request status

* add support for team reviews

* refactor: remove duplication of issue filtering conditions
2021-01-17 17:34:19 +01:00
Lunny Xiao
dc66e4740f
Fix middlewares sequences (#14354)
Co-authored-by: 6543 <6543@obermui.de>
2021-01-16 12:23:02 +01:00
6543
74a0481586
[Refactor] Passwort Hash/Set (#14282)
* move SaltGeneration into HashPasswort and rename it to what it does

* Migration: Where Password is Valid with Empty String delete it

* prohibit empty password hash

* let SetPassword("") unset pwd stuff
2021-01-10 20:05:18 +02:00
Paul Barton
7576e37a65
Add MirrorInterval to the API (#14163)
* Added MirrorInterval to the API

* Remove MirrorInterval from CreateRepository

* Removed Duplicate UpdateMirror Function

* Updated Error Logging

* Update Log Message for is not Mirror

Co-authored-by: 6543 <6543@obermui.de>

* Delete Debug Statement that snuck in

Co-authored-by: zeripath <art27@cantab.net>

* Add Check for If Interval is too small

* Output to API Call

* Add Error Object when time is Less than Min Interval

* Frequency Error Message

Co-authored-by: zeripath <art27@cantab.net>

* Allow Zero Mirror Interval

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2021-01-02 18:47:47 -05:00
Jimmy Praet
40274b4a93
Team dashboards (#14159) 2020-12-27 21:58:03 +02:00
Lunny Xiao
dd08853b10
Dump github/gitlab/gitea repository data to a local directory and restore to gitea (#12244)
* Dump github/gitlab repository data to a local directory

* Fix lint

* Adjust directory structure

* Allow migration special units

* Allow migration ignore release assets

* Fix lint

* Add restore repository

* stage the changes

* Merge

* Fix lint

* Update the interface

* Add some restore methods

* Finish restore

* Add comments

* Fix restore

* Add a token flag

* Fix bug

* Fix test

* Fix test

* Fix bug

* Fix bug

* Fix lint

* Fix restore

* refactor downloader

* fmt

* Fix bug isEnd detection on getIssues

* Refactor maxPerPage

* Remove unused codes

* Remove unused codes

* Fix bug

* Fix restore

* Fix dump

* Uploader should not depend downloader

* use release attachment name but not id

* Fix restore bug

* Fix lint

* Fix restore bug

* Add a method of DownloadFunc for base.Release to make uploader not depend on downloader

* fix Release yml marshal

* Fix trace information

* Fix bug when dump & restore

* Save relative path on yml file

* Fix bug

* Use relative path

* Update docs

* Use git service string but not int

* Recognize clone addr to service type
2020-12-27 11:34:19 +08:00
zeripath
ad1164f73b
Disable SSH key deletion of externally managed Keys (#13985)
* Disable SSH key addition and deletion when externally managed

When a user has a login source which has SSH key management
key addition and deletion using the UI should be disabled.

Fix #13983

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Make only externally managed keys disabled

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-12-25 23:24:47 -05:00
6543
a19447aed1
migrate from com.* to alternatives (#14103)
* remove github.com/unknwon/com from models

* dont use "com.ToStr()"

* replace "com.ToStr" with "fmt.Sprint" where its easy to do

* more refactor

* fix test

* just "proxy" Copy func for now

* as per @lunny
2020-12-25 11:59:32 +02:00
Norwin
bdeccc3688
Fix api doc response code (#14123)
Fixes #14120
2020-12-24 18:14:01 +00:00
Norwin
c2ae432489
Add user filter to issueTrackedTimes, enable usage for issue managers (#14081)
* add user filter to issueTrackedTimes

fixes #14024

* update swagger

* allow user filter for issue writers

* improve swagger doc

* return 404 on invalid user
2020-12-22 04:47:17 +01:00
Norwin
f6bec85296
rework heatmap permissions (#14080)
* now uses the same permission model as for the activity feed:
  only include activities in repos, that the doer has access to.
  this might be somewhat slower.

* also improves handling of user.KeepActivityPrivate (still shows
  the heatmap to self & admins)

* extend tests

* adjust integration test to new behaviour

* add access to actions for admins

* extend heatmap unit tests
2020-12-22 03:53:37 +01:00
Paweł Bogusławski
839daa85aa
Added option to disable migrations (#13114)
* Added option to disable migrations

This patch introduces DISABLE_MIGRATIONS parameter in [repository]
section of app.ini (by default set to false). If set to true
it blocks access to repository migration feature.

This mod hides also local repo import option in user editor if
local repo importing or migrations is disabled.

* Alter Example config

DISABLE_MIGRATIONS set to false in example config to
match its default value.

* HTTP error 403 instead of 500 on denied access to migration

* Parameter DISABLE_MIGRATIONS exposed via API

Fixes: 04b04cf854bcb3ed7659442bcf79822bdebe29e9
Author-Change-Id: IB#1105130
2020-12-21 15:39:41 +01:00
6543
e483220ea3
[Refactor] CombinedStatus and CommitStatus related functions & structs (#14026)
* RM unused struct

* rename (*CommitStatus) loadRepo() -> loadAttributes()

* move ToCommitStatus into its own file

* use CommitStatusState instead of StatusState

* move CombinedStatus convertion into convert package

* let models.GetLatestCommitStatus use repoID direct and accept ListOptions

* update swagger docs

* fix tests

* Fix swagger docs

* rm page

* fix swagger docs!!!

* return json null

* always return json

* rename api.Status to api.CommitStatus

* fix swagger docs

* sec swagger fix
2020-12-18 11:33:32 +08:00
6543
9e456b5a56
HotFix: Hide private partisipation in Orgs (#13994)
* HotFix: Hide private partisipation in Orgs

* refactor & add node to fuc GetOrganizations
2020-12-17 00:39:12 +01:00
6543
e2aa701812
[API] Add ref to create/edit issue options & deprecated assignee (#13992)
* API: Add ref to create/edit issue options

* deprecate Assignee in favour of Assignees
2020-12-15 19:38:10 +01:00
Lunny Xiao
9f100a45c6
Possible fix the webhook API creation (#13960)
* Possible fix the webhook API creation

* Fix api create webhook bug
2020-12-12 16:33:19 +01:00
Lunny Xiao
6edfa6bc88
Fix broken migration on webhook (#13911)
* Fix broken migration on webhook

* Fix lint

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2020-12-09 17:20:13 +00:00
Lunny Xiao
42354dfe45
Move webhook type from int to string (#13664)
* Move webhook type from int to string

* rename webhook_services

* finish refactor

* Fix merge

* Ignore unnecessary ci

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2020-12-08 11:41:14 +01:00
John Olheiser
e306c292ac
Expose default theme in meta and API (#13809)
Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: 6543 <6543@obermui.de>
2020-12-03 13:53:21 +01:00
6543
7ac8a770e1
Move Repo APIFormat to convert package (#13787)
* Move Repo APIFormat to convert package

* tweek
2020-12-02 16:38:30 -05:00
6543
4f5ff1ef08
move notification APIFormat (#13783) 2020-12-02 09:24:35 +00:00
6543
b2435af9be
Add Allow-/Block-List for Migrate & Mirrors (#13610)
* add black list and white list support for migrating repositories

* fix fmt

* fix lint

* fix vendor

* fix modules.txt

* clean diff

* specify log message

* use blocklist/allowlist

* allways use lowercase to match url

* Apply allow/block

* Settings: use existing "migrations" section

* convert domains lower case

* dont store unused value

* Block private addresses for migration by default

* fix lint

* use proposed-upstream func to detect private IP addr

* a nit

* add own error for blocked migration, add tests, imprufe api

* fix test

* fix-if-localhost-is-ipv4

* rename error & error message

* rename setting options

* Apply suggestions from code review

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-11-28 19:37:58 -05:00
a1012112796
9c26dc1f3a
Add block on official review requests branch protection (#13705)
Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-11-28 21:30:46 +02:00
zeripath
742e21aeba
Handle and propagate errors when checking if paths are Dirs, Files or Exist (#13186)
* Ensure errors from IsDir propagate

* Handle errors when checking IsFile

* Handle and propagate errors from IsExist

* Update modules/templates/static.go

* Update modules/templates/static.go

* Return after ctx.ServerError

* Apply suggestions from code review

* Fix tests

The previous merge managed to break repo_form.go

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-11-27 21:42:08 -05:00
6543
f88a2eae97
[API] Add more filters to issues search (#13514)
* Add time filter for issue search

* Add limit option for paggination

* Add Filter for: Created by User, Assigned to User, Mentioning User

* update swagger

* Add Tests for limit, before & since
2020-11-23 20:49:36 +00:00
6543
1bb5c09b5d
API: Admin EditUser: Make FullName, Email, Website & Location optional (#13562)
* API: Admin EditUser: Make FullName, Email, Website & Location optional

* update swagger docs

* add Tests

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-11-19 20:56:42 -05:00
Chris Shyi
d025d84d91
Add email validity check (#13475)
* Improve error feedback for duplicate deploy keys

Instead of a generic HTTP 500 error page, a flash message is rendered
with the deploy key page template so inform the user that a key with the
intended title already exists.

* API returns 422 error when key with name exists

* Add email validity checking

Add email validity checking for the following routes:
[Web interface]
1. User registration
2. User creation by admin
3. Adding an email through user settings
[API]
1. POST /admin/users
2. PATCH /admin/users/:username
3. POST /user/emails

* Add further tests

* Add signup email tests

* Add email validity check for linking existing account

* Address PR comments

* Remove unneeded DB session

* Move email check to updateUser

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-11-14 11:53:43 -05:00
6543
7d2700c8be
[API] Only Return Json (#13511)
* Let Branch and Raw Endpoint return json error if not found

* Revert "RM RepoRefByTypeForAPI and move needed parts into GetRawFile directly"

This reverts commit d826d08577b23765cb3c257e7a861191d1aa9a04.

* more similar to RepoRefByType

* dedub-code

* API should just speak JSON

* nice name

Co-authored-by: zeripath <art27@cantab.net>
2020-11-14 11:13:55 -05:00
6543
3f3447a1ea
API: Fix GetQueryBeforeSince (#13559) 2020-11-14 14:05:40 +00:00
John Olheiser
b5e974c8a5
Delete tag API (#13358)
* Delete tag API

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Wording

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add conflict response and fix API tests

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix other test

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-10-30 20:56:34 -05:00
Lunny Xiao
4df2ed29f2
Refactor: Move PushUpdateOptions (#13363)
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
2020-10-30 22:59:02 +01:00
zeripath
55801cf4eb
Issue comment reactions should also check pull type (#13349)
* Migrating reactions is just not that important

A failure during migrating reactions should not cause failure of
migration.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* When checking issue reactions check the correct permission

Signed-off-by: Andrew Thornton <art27@cantab.net>

* And there is another one ...

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-10-29 20:48:07 +08:00
zeripath
4b33afcd5b
Migration failure during reaction migration from gitea (#13344)
* Migrating reactions is just not that important

A failure during migrating reactions should not cause failure of
migration.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* When checking issue reactions check the correct permission

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-28 22:23:31 -04:00
M4RKUS-11111
ff1b00002a
Deny wrong pull (#13308)
* Deny wrong pull

* Update routers/api/v1/repo/pull.go

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: Markus <git+markus@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2020-10-26 11:05:27 +02:00
a1012112796
b9850375fc
Add review request api (#11355)
* Add review request api

* add : POST /repos/{owner}/{repo}/pulls/{index}/requested_reviewers
* Remove : DELET /repos/{owner}/{repo}/pulls/{index}/requested_reviewers
* fix some request review bug
* block delet request review by models/DeleteReview()

Signed-off-by: a1012112796 <1012112796@qq.com>

* make fmt

* fix bug

* fix test code

* fix typo

* Apply suggestion from code review @jonasfranz

* fix swagger ref

* fix typo

Co-authored-by: Lauris BH <lauris@nix.lv>

* fix comment

* Change response message

* chang response so some simplfy

* Add ErrIllLegalReviewRequest
fix some nits

* make fmt

* Apply suggestions from code review

Co-authored-by: silverwind <me@silverwind.io>

* * Add team support
* fix test
* fix an known bug

* fix nit

* fix test

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

* update get api and add test

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
2020-10-20 14:18:25 -04:00
6543
d453533beb
[Refactor] Move APIFormat functions into convert package (#12856)
* USER APIFormat -> ToUser

* Migrate more and mark APIFormat deprecated

* models.Comment APIFormat() -> convert.ToComment

* models.Release APIFormat() -> convert.ToRelease

* models.Attachments APIFormat() -> convert.ToReleaseAttachments

* models.CommitStatus APIFormat() -> convert.ToCommitStatus

* finish migration to convert.ToUser

* Move Test

* Imprufe Test

* fix test

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-17 00:23:08 -04:00
赵智超
dfa7291f8f
[Enhancement] Allow admin to merge pr with protected file changes (#12078)
* [Enhancement] Allow admin to merge pr with protected file changes

As tilte, show protected message in diff page and merge box.

Signed-off-by: a1012112796 <1012112796@qq.com>

* remove unused ver

* Update options/locale/locale_en-US.ini

Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>

* Add TrN

* Apply suggestions from code review

* fix lint

* Update options/locale/locale_en-US.ini

Co-authored-by: zeripath <art27@cantab.net>

* Apply suggestions from code review

* move pr proteced files check to TestPatch
* Call TestPatch when protected branches settings changed

* Apply review suggestion @CirnoT

* move to service @lunny

* slightly restructure routers/private/hook.go

Adds a lot of comments and simplifies the logic

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* skip duplicate protected files check

* fix check logic

* slight refactor of TestPatch

Signed-off-by: Andrew Thornton <art27@cantab.net>

* When checking for protected files changes in TestPatch use the temporary repository

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix introduced issue with hook

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove the check on PR index being greater than 0 as it unnecessary

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-13 14:50:57 -04:00
zeripath
f2858600af
Return 404 not 500 from API if team does not exist (#13118)
If team does not exist expect ErrTeamNotExist not ErrUserNotEXist

Fix #11336

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-10-12 17:09:21 -04:00
Chris Shyi
c752ccee64
Improve error feedback for duplicate deploy keys (#13112)
Instead of a generic HTTP 500 error page, a flash message is rendered with the deploy key page template to inform the user that a key with the intended title already exists. 

Fixes #13110
2020-10-12 14:44:56 +01:00
Rongjian Zhang
77f360b1b8
fix: case typo (#13049)
* Update settings.go

* Run swagger generate
2020-10-06 12:16:16 -04:00
silverwind
cda44750cb
Attachments: Add extension support, allow all types for releases (#12465)
* Attachments: Add extension support, allow all types for releases

- Add support for file extensions, matching the `accept` attribute of `<input type="file">`
- Add support for type wildcard mime types, e.g. `image/*`
- Create repository.release.ALLOWED_TYPES setting (default unrestricted)
- Change default for attachment.ALLOWED_TYPES to a list of extensions
- Split out POST /attachments into two endpoints for issue/pr and
  releases to prevent circumvention of allowed types check

Fixes: https://github.com/go-gitea/gitea/pull/10172
Fixes: https://github.com/go-gitea/gitea/issues/7266
Fixes: https://github.com/go-gitea/gitea/pull/12460
Ref: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/file#Unique_file_type_specifiers

* rename function

* extract GET routes out of RepoMustNotBeArchived

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-10-05 01:49:33 -04:00
Johan Van de Wauw
34d9cb335c
API: Get release by tags endpoint (#12932)
Get a release based on a tag name (for which a release exists).
Based on:
https://developer.github.com/v3/repos/releases/#get-a-release-by-tag-name

Co-authored-by: 赵智超 <1012112796@qq.com>
Co-authored-by: 6543 <6543@obermui.de>
2020-09-25 20:11:43 +01:00
赵智超
3c360801b3
Add IsTemplate option in create repo ui and api (#12942)
Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-09-25 13:18:37 +08:00
zeripath
7a7f56044a
Adopt repositories (#12920)
* Don't automatically delete repository files if they are present

Prior to this PR Gitea would delete any repository files if they are
present during creation or migration. This can in certain circumstances
lead to data-loss and is slightly unpleasant.

This PR provides a mechanism for Gitea to adopt repositories on creation
and otherwise requires an explicit flag for deletion.

PushCreate is slightly different - the create will cause adoption if
that is allowed otherwise it will delete the data if that is allowed.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix tests and migrate overwrite

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @lunny

Only offer to adopt or overwrite if the user can do that.

Allow the site administrator to adopt or overwrite in all
circumstances

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Use setting.Repository.DefaultBranch for the default branch

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Always set setting.Repository.DefaultBranch

Signed-off-by: Andrew Thornton <art27@cantab.net>

* update swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* update templates

Signed-off-by: Andrew Thornton <art27@cantab.net>

* ensure repo closed

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Rewrite of adoption as per @6543 and @lunny

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

* update swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* missing not

Signed-off-by: Andrew Thornton <art27@cantab.net>

* add modals and flash reporting

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Make the unadopted page searchable

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add API

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Handle empty and non-master branched repositories

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove commented out code

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-25 07:09:23 +03:00
ひのしば / hinoshiba
6fa19a8458
Fixed count of filtered issues when api request. (#12275)
* Improved total count of issue when filtered.

* Fixed size of slice when  selected 1 repository.

* Improved function of error check.

* improved comment

* Added parameter of return header.

Co-authored-by: 6543 <6543@obermui.de>

* Updated corresponded to the current vendored of "xorm.io/xorm".

* Dedublicated it by store the Options Struct into a variable.

* format code

* Update routers/api/v1/repo/issue.go

Co-authored-by: 6543 <6543@obermui.de>

* Update routers/api/v1/repo/issue.go

Co-authored-by: 6543 <6543@obermui.de>

* Updated number of range.

Co-authored-by: 6543 <6543@obermui.de>

* Updated number of range.

Co-authored-by: 6543 <6543@obermui.de>

* Removed total value.

* make fmt

* Improved value of sql.

Co-authored-by: zeripath <art27@cantab.net>

* Improved value of sql.

* improved message

* improved message

* improved message

* fixed message

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-24 19:30:40 -04:00
6543
efebb824ac
API: GetReleaseByID return 404 if not found (#12933)
* API: GetReleaseByID return 404 if not found

* update swagger docs
2020-09-24 18:36:56 -04:00
赵智超
b74ed16c41
Fix ListUserOrgs (#12910)
fix #12891

Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-09-21 00:55:48 +03:00
赵智超
fec1521555
Not using "ctx.ServerError" in api (#12907)
This function will render a whole html page which is not useful for API.

Signed-off-by: a1012112796 <1012112796@qq.com>
2020-09-20 21:20:14 +01:00
zeripath
4979f15c3f
Add configurable Trust Models (#11712)
* Add configurable Trust Models

Gitea's default signature verification model differs from GitHub. GitHub
uses signatures to verify that the committer is who they say they are -
meaning that when GitHub makes a signed commit it must be the committer.
The GitHub model prevents re-publishing of commits after revocation of a
key and prevents re-signing of other people's commits to create a
completely trusted repository signed by one key or a set of trusted
keys.

The default behaviour of Gitea in contrast is to always display the
avatar and information related to a signature. This allows signatures to
be decoupled from the committer. That being said, allowing arbitary
users to present other peoples commits as theirs is not necessarily
desired therefore we have a trust model whereby signatures from
collaborators are marked trusted, signatures matching the commit line
are marked untrusted and signatures that match a user in the db but not
the committer line are marked unmatched.

The problem with this model is that this conflicts with Github therefore
we need to provide an option to allow users to choose the Github model
should they wish to.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Adjust locale strings

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @6543

Co-authored-by: 6543 <6543@obermui.de>

* Update models/gpg_key.go

* Add migration for repository

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-09-20 00:44:55 +08:00
6543
1418288734
Refactor: move Commit To APIFormat Code & Lot of StopWatch related things (#12729)
* move GitCommit to APIFormat convertion into convert package

* rename Commit convert functions

* move stopwatch to api convertion into convert package & rm unused code & extend test

* fix compare time

* Gitea not Gogs ;)
2020-09-18 20:09:26 +08:00
6543
07995e2301
Fix [API] [Bug] CreateRepo missing information (#12848)
* Fix [API] [Bug] CreateRepo missing information

* add code comment

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-09-15 18:42:19 -04:00
6543
00a806de68
[API] Milestone endpoints accept names too (#12649)
* API: Milestone endpoints accept names too

* add test

* rename

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-09-14 14:48:03 +03:00
John Olheiser
26c4a049da
Issue templates directory (#11450)
* Issue templates

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add some comments, appease the linter

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add docs and re-use dir candidates

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add default labels to issue templates

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Generate swagger

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Suggested changes

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update issue.go

* Suggestions

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Extract metadata from legacy if possible

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-11 10:48:39 -04:00
Lunny Xiao
dd1a651b58
Move all push update operations to a queue (#10133)
* Fix test

* Add no queue for test only

* improve code

* Auto watch whatever branch operation

* Fix lint

* Rename noqueue to immediate

* Remove old PushUpdate function

* Fix tests

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-11 10:14:48 -04:00
6543
fd60ebfe14
[API] Migration: Change ServiceType String (#12672)
* use different structs for MigrateRepoOptions on UI and API

* Fix TokenAuth and rename UID to an understandable Name

* fix swagger doc

* simplify & mk redable

* R E F A C T O R:
migration has now internal 3 structs to store its options:
 * the Options for WebUI: modules/auth/repo_form.go
 * the Options for API: modules/structs/repo.go
 * the option struct with after validation for internal prossessing: modules/migrations/base/options.go

* Copyright Header

* Deprecate UID - add RepoOwner

* adopt repo.go -> migrate.go

* add comment about each struct purpose

* lint
2020-09-10 23:29:19 +01:00
John Olheiser
c6e4bc53aa
Check passwords against HaveIBeenPwned (#12716)
* Implement pwn

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update module

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Apply suggestions mrsdizzie

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Add link to HIBP

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add more details to admin command

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add context to pwn

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Consistency and making some noise ;)

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: mrsdizzie <info@mrsdizzie.com>
Co-authored-by: zeripath <art27@cantab.net>
2020-09-08 17:06:39 -05:00
6543
3408fb73b6
Add better Swagger description and a example for GetArchive (#12743)
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-06 12:23:47 -04:00
6543
dba5d82f86
Expose Attachemnt Settings by API (#12514)
close #12368
2020-09-05 08:43:06 +01:00
6543
2a52aeec49
API: Expose its limitation settings (#12714)
* API: Expose its limitation settings

* TESTs

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-04 14:10:15 -04:00
6543
d5b6931dbe
[API] Delete Token accept names too (#12366)
* Delete Token accept names too

* better description

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-08-28 11:09:33 +03:00
zeripath
2ae8c7ab1c
Add cron running API (#12421)
* Add cron running API

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

* placate-swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* return not found

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-08-24 11:48:15 -04:00
zeripath
7c2cf236f8
Allow addition of gpg keyring with multiple keys (#12487)
Related #6778

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-08-21 13:45:50 +03:00
zeripath
a5440fcb1e
Report error if API merge is not allowed (#12528)
#12496 demonstrated that the API merge needs to return some information as
to why a merge has been disallowed with a status code 422.

This PR ensures that a reason is always returned.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-08-19 17:35:06 -04:00
Lunny Xiao
62e6c9bc6c
Add a storage layer for attachments (#11387)
* Add a storage layer for attachments

* Fix some bug

* fix test

* Fix copyright head and lint

* Fix bug

* Add setting for minio and flags for migrate-storage

* Add documents

* fix lint

* Add test for minio store type on attachments

* fix test

* fix test

* Apply suggestions from code review

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Add warning when storage migrated successfully

* Fix drone

* fix test

* rebase

* Fix test

* display the error on console

* Move minio test to amd64 since minio docker don't support arm64

* refactor the codes

* add trace

* Fix test

* remove log on xorm

* Fi download bug

* Add a storage layer for attachments

* Add setting for minio and flags for migrate-storage

* fix lint

* Add test for minio store type on attachments

* Apply suggestions from code review

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Fix drone

* fix test

* Fix test

* display the error on console

* Move minio test to amd64 since minio docker don't support arm64

* refactor the codes

* add trace

* Fix test

* Add URL function to serve attachments directly from S3/Minio

* Add ability to enable/disable redirection in attachment configuration

* Fix typo

* Add a storage layer for attachments

* Add setting for minio and flags for migrate-storage

* fix lint

* Add test for minio store type on attachments

* Apply suggestions from code review

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Fix drone

* fix test

* Fix test

* display the error on console

* Move minio test to amd64 since minio docker don't support arm64

* don't change unrelated files

* Fix lint

* Fix build

* update go.mod and go.sum

* Use github.com/minio/minio-go/v6

* Remove unused function

* Upgrade minio to v7 and some other improvements

* fix lint

* Fix go mod

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Tyler <tystuyfzand@gmail.com>
2020-08-18 12:23:45 +08:00
Lanre Adelowo
4027c5dd7c
Kanban board (#8346)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: jaqra <48099350+jaqra@users.noreply.github.com>
Co-authored-by: Kerry <flatline-studios@users.noreply.github.com>
Co-authored-by: Jaqra <jaqra@hotmail.com>
Co-authored-by: Kyle Evans <kevans91@users.noreply.github.com>
Co-authored-by: Tsakiridis Ilias <TsakiDev@users.noreply.github.com>
Co-authored-by: Ilias Tsakiridis <ilias.tsakiridis@outlook.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-08-16 23:07:38 -04:00
zeripath
d1e67d7ade
Fix bug preventing transfer to private organization (#12497)
* Fix bug preventing transfer to private organization

The code assessing whether a private organization was visible to a user before
allowing transfer was incorrect due to testing membership the wrong way round

This PR fixes this issue and renames the function performing the test to be
clearer.

Further looking at the API for transfer repository - no testing was
performed to ensure that the acting user could actually see the new
owning organization.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* change IsUserPartOfOrg everywhere
2020-08-16 16:27:08 -04:00
zeripath
2ef318e6f1
Add Access-Control-Expose-Headers (#12446)
Fix #12424

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
2020-08-13 18:18:18 +01:00
赵智超
8a6790b2aa
Add API to update pr headBranch (#12419)
* [API] Add update pr headBranch api

Signed-off-by: a1012112796 <1012112796@qq.com>
2020-08-04 21:55:22 +01:00
6543
7b260acd7b
Add TOTP header to Swagger Documentation (#12402) 2020-08-02 13:01:12 +01:00
赵智超
1f12dc8e88
Add action feed for new release (#12324)
* Add action feed for new release

Signed-off-by: a1012112796 <1012112796@qq.com>

* fix lint

* Apply suggestions from code review

* Add ReleaseID to the action table
* Remove error message
* Fold the attachments download list

* remove attchment download list

* simplify code

* fix create release from existing tag

* simplify ui

* translation change

* fix test

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-29 15:20:54 -04:00
6543
8bdc9795d8
Add name filter to API for GetMilestoneList (#12336)
Adds a name filter to the API for GetMilestoneList

Includes a small refactor: merge GetMilestones and GetMilestonesByRepoID

Close #12260

Needed for https://gitea.com/gitea/go-sdk/issues/383 and https://gitea.com/gitea/tea/pulls/149
2020-07-28 12:30:40 +01:00
zeripath
63591016b3
Extend Notifications API and return pinned notifications by default (#12164)
* Extend notifications API and return pinned notifications in notifications list

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix swagger again

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix test

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove spurious debugs

* as per @6543

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update models/notification.go

* as per @6543

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-12 00:46:01 +03:00
Kristian Antonsen
cedbd3684f
Fix regression: Gitea commits API again returns commit summaries, not full messages (#12186)
Closes #12185
2020-07-08 14:53:09 +01:00
Clark Boylan
7e401fb026
Fix repo API listing stability (#12057)
Repo listings are paginated in the API now. Unfortunately, they are
ORDER BY updated_unix which only has second resolution. This means that
if you do a listing when multiple projects were created at the same time
you can unstable ordering. If that unstable ordering happens at a page
boundary you may fail to get a complete repo listing.

To make things worse sorting by updated_unix means that we may never get
a complete listing because udpated_unix can change independent of our
API calls.

Fix this by making the API repo listing order by id instead.
2020-07-02 15:55:42 +01:00
Cirno the Strongest
2281b048af
Do not override API issue pagination with UI settings (#12068)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-06-27 17:09:24 -04:00
Cirno the Strongest
1fd2beb6e9
Fix swagger docs for /repos/issues (#12069)
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-06-27 16:32:28 -04:00
6543
fc2f2c7602
API: Move AllowedReactions endpoint into GetGenneralUI endpoint + creat new swagger section settings (#11854)
* move Setting function into its own package

* swagger add&use new section "settings"

* move api AllowedReactions into general UI-Settings endpoint

* prepare TEST

* lint
2020-06-22 14:21:31 -04:00
Cirno the Strongest
81324cf37c
Add pagination headers on endpoints that support total count from database (#11145)
* begin work

* import fmt

* more work

* empty commit

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-06-21 16:22:06 +08:00
Cirno the Strongest
0159851cc3
Rework api/user/repos for pagination (#11827)
* Add count to `GetUserRepositories` so that pagination can be supported for `/user/{username}/repos`
* Rework ListMyRepos to use models.SearchRepository

ListMyRepos was an odd one. It first fetched all user repositories and then tried to supplement them with accessible map. The end result was that:

* Limit for pagination did not work because accessible repos would always be appended
* The amount of pages was incorrect if one were to calculate it
* When paginating, all accessible repos would be shown on every page

Hopefully it should now work properly. Fixes #11800 and does not require any change on Drone-side as it can properly interpret and act on Link header which we now set.

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-06-13 12:35:59 +01:00
6543
68a2af6d68
API expose usefull General Repo settings settings (#11758)
* GeneralRepoSettings expose MirrorsDisabled, HTTPGitDisabled, MaxCreationLimit

* Apply suggestions from code review

Co-authored-by: proton <25139420+proton-ab@users.noreply.github.com>

* lint

Co-authored-by: proton <25139420+proton-ab@users.noreply.github.com>
2020-06-10 15:05:46 +03:00
6543
1ac46186ff
API allow to create closed milestones (#11745)
* API allow to create closed milestones

* set CloseDate too

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-06-09 18:01:36 -04:00
Cirno the Strongest
27a6e03906
Remove page size limit comment from swagger (#11806)
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-06-09 00:57:38 -04:00
Cirno the Strongest
cefbf73aea
Honor DEFAULT_PAGING_NUM for API (#11805)
* Honor DEFAULT_PAGING_NUM for API

* set pagination to 10 for tests

* lint

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-06-08 22:46:51 -04:00
6543
5814079bf5
Add option to API to update PullRequest base branch (#11666)
* EditPull: add option to change base

Close #11552
2020-06-07 20:13:40 +01:00
6543
479ef5c379
In File Create/Update API return 404 if Branch does not exist (#11791) 2020-06-07 18:30:58 +01:00
Lauris BH
2874ab54bc
Add language statistics API endpoint (#11737)
* Add language statistics API

* Add tests
2020-06-07 14:48:41 +03:00
Cirno the Strongest
bbe13b60cd
Fix timezone on issue deadline (#11697)
* Fix timezone on issue deadline

* FormatDate

Co-authored-by: zeripath <art27@cantab.net>
2020-06-05 18:51:10 -04:00
zeripath
f761a37a0f
Provide diff and patch API endpoints (#11751)
* Provide diff and patch API endpoints

The diff and patch endpoints on the main routes are not accessible by token
therefore we provide new API based endpoints for these

Fix #10923

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Make the response an actual string

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-06-05 14:03:12 +03:00
6543
2c5b3c72e8
Fix bug with globally disabling mirror (#11760)
Ensure we return after `ctx.Error(...)`
2020-06-04 19:06:24 +01:00
6543
0cb22121f4
API: Return error when Mirrors globaly disabled and like to create one (#11757)
* API: return an error when Mirrors globaly disabled

* keep it consistent with UI

Co-authored-by: John Olheiser <john.olheiser@gmail.com>

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2020-06-04 12:11:28 -04:00
6543
b534a5164f
[API] Expose allowed Reactions (#11735)
* [API] Expose allowed Reactions

* dont be in soutch a rush

* add TEST

* use ElementsMatch

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-06-04 12:16:53 +03:00
John Olheiser
a6fd2f23f7
Allow site admin to disable mirrors (#11740)
* Allow site admin to disable mirrors

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* No need to run through Safe

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Clarify only disabling NEW mirrors

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Apply suggestions from @guillep2k

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-06-02 21:21:38 -04:00
6543
b636cd6fd4
Handle expected errors in FileCreate & FileUpdate API (#11643)
as title

needed for #11641
2020-05-31 21:59:34 +01:00
Terence Le Huu Phuong
141d52cc0f
Add API Endpoint for Branch Creation (#11607)
* [FEATURE] [API] Add Endpoint for Branch Creation

Issue: https://github.com/go-gitea/gitea/issues/11376

This commit introduces an API endpoint for branch creation.

The added route is POST /repos/{owner}/{repo}/branches.
A JSON with the name of the new branch and the name of the old branch is
required as parameters.

Signed-off-by: Terence Le Huu Phuong <terence@qwasar.io>

* Put all the logic into CreateBranch and removed CreateRepoBranch

* - Added the error ErrBranchDoesNotExist in error.go
- Made the CreateNewBranch function return an errBranchDoesNotExist error
when the OldBranch does not exist
- Made the CreateBranch API function checks that the repository is not
empty and that branch exists.

* - Added a resetFixtures helper function in integration_test.go to
fine-tune test env resetting
- Added api test for CreateBranch
- Used resetFixture instead of the more general prepareTestEnv in the
repo_branch_test CreateBranch tests

* Moved the resetFixtures call inside the loop for APICreateBranch function

* Put the prepareTestEnv back in repo_branch_test

* fix import order/sort api branch test

Co-authored-by: zeripath <art27@cantab.net>
2020-05-29 19:16:20 +01:00
6543
560744fb33
Handle expected errors in AddGPGkey API (#11644)
* handle GPG Parse & Email Errors

* correct TEST

* update Swagger

* more Docu
2020-05-28 17:25:54 -04:00
zeripath
814ca9ffea
Allow different HardBreaks settings for documents and comments (#11515)
GH has different HardBreaks behaviour for markdown comments and documents.

Comments have hard breaks and documents have soft breaks - therefore Gitea's rendering will always be different from GH's if we only provide one setting.

Here we split the setting in to two - one for documents and one for comments and other things.

Signed-off-by: Andrew Thornton art27@cantab.net

Changes to index.js as per @silverwind 
Co-authored-by: silverwind <me@silverwind.io>

Changes to docs as per @guillep2k 
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-05-24 09:14:26 +01:00
zeripath
3eb323901c
Fix repo-list private and total count bugs (#11500)
* Fix repo-list private and total count bugs

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Ensure limited and private org public repos are displayed on "private"

Signed-off-by: Andrew Thornton <art27@cantab.net>

* switch from onlyPrivate to is_private

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Generate swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-05-20 22:15:30 -03:00
zeripath
414c9ee76a
Make API EditIssue and EditPullRequest issue notifications (#11123)
* Make API EditIssue and EditPullRequest issue notifications

Restructure models.UpdateIssueByAPI and EditIssue/EditPullRequest
to issue notifications

Fix #10014

Signed-off-by: Andrew Thornton <art27@cantab.net>

* As per @6543

Signed-off-by: Andrew Thornton <art27@cantab.net>

* update status!

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-05-17 00:05:19 +03:00
zeripath
c86bc8e061
Add paging and archive/private repository filtering to dashboard list (#11321)
* Add archived options to SearchRepository

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add only-private search

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add filter options and paging to dashboard repository page

Signed-off-by: Andrew Thornton <art27@cantab.net>

* swagger generate

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix-swagger-again

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @mrsdizzie also remember state

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-05-16 23:07:01 +03:00
6543
7257c39ddf
Refactor Milestone related (#11225) 2020-05-12 22:54:35 +01:00
zeripath
c42c31a111
Correctly set the organization num repos (#11339)
* Correctly set the organization num repos

Correctly set the organization num repos to the number of
accessible repos for the user

Fix #11194

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @lunny

Signed-off-by: Andrew Thornton <art27@cantab.net>

* attempt to fix mssql

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update models/user.go

* Explicit columns

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add test and fix 0 counted orgs

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove orgname from api

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-05-12 01:04:08 +03:00
Cirno the Strongest
32b8172e56
Consolidate API for getting single commit (#11368)
* Allow Git ref for /repos/{owner}/{repo}/git/commits/{sha}

* Consolidate API for getting single commit

* Fix tests and do it differently

Co-authored-by: zeripath <art27@cantab.net>
2020-05-11 12:44:36 +03:00
6543
cd4f7ba5bf
Fix tracked time issues (#11349)
* Fix nil exeption: #11313

* fix 500

* activate test 😆

* move logic
2020-05-09 11:18:44 -03:00
赵智超
119173130a
Add default CommitID for create pull review api (#11334)
If user create pull review through api but not set CommitID,
I think it's necessary to use last headCommitID as default seting,
or this review will be considered as stale review which is wrong

Signed-off-by: a1012112796 <1012112796@qq.com>
2020-05-08 19:50:23 +01:00
6543
486e4c8087
When deleting a tracked time through the API return 404 not 500 (#11319) 2020-05-07 18:54:33 +01:00
6543
c97494a4f4
API: Add pull review endpoints (#11224)
* API: Added pull review read only endpoints

* Update Structs, move Conversion, Refactor

* refactor

* lint & co

* fix lint + refactor

* add new Review state, rm unessesary, refacotr loadAttributes, convert patch to diff

* add DeletePullReview

* add paggination

* draft1: Create & submit review

* fix lint

* fix lint

* impruve test

* DONT use GhostUser for loadReviewer

* expose comments_count of a PullReview

* infent GetCodeCommentsCount()

* fixes

* fix+impruve

* some nits

* Handle Ghosts 👻

* add TEST for GET apis

* complete TESTS

* add HTMLURL to PullReview responce

* code format as per @lafriks

* update swagger definition

* Update routers/api/v1/repo/pull_review.go

Co-authored-by: David Svantesson <davidsvantesson@gmail.com>

* add comments

Co-authored-by: Thomas Berger <loki@lokis-chaos.de>
Co-authored-by: David Svantesson <davidsvantesson@gmail.com>
2020-05-02 03:20:51 +03:00
6543
e9e8638f18
Return issue subscription status from API subscribe (#10966)
* [API] issue subscription indicate by http status

* CI.restart()
2020-04-30 23:55:24 +01:00
6543
ab69b9b1a6
Refactor UpdateOAuth2Application (#11034)
Following on from #11008 refactor UpdateOAuth2Application
2020-04-30 18:50:47 +01:00
6543
bfda0f3864
[API] ListIssues add filter for milestones (#10148)
* Refactor Issue Filter Func

* ListIssues add filter for milestones

* as per @lafriks

* documentation ...
2020-04-30 01:15:39 -03:00
6543
4ddfe0d07a
Fix GetContents(): Dont't ignore Executables (#11192)
* Refactor: dont expose help functions

* repofiles GetContents: dont ignore executables

* CI.restart()
2020-04-24 19:20:22 +03:00
silverwind
7e20f1cb5b
enable ENABLE_HARD_LINE_BREAK by default (#11162)
enable ENABLE_HARD_LINE_BREAK by default

This matches GitHub's rendering.

Fix #11155
2020-04-21 23:13:56 +01:00
Shashvat Kedia
74cc3c5e18
Allow list collaborators for users with Read access to repo (#9995)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-04-21 11:22:04 -04:00
6543
bb4261a5ed
Add issue subscription check to API (#10967)
close #10962

Adds `GET /api/v1​/repos​/{owner}​/{repo}​/issues​/{index}​/subscriptions​/check`
 -> return a `WachInfo`
2020-04-21 14:48:53 +01:00
6543
b9ed8d8497
make branch parameter optional for /api/v1/repos/{owner}/{repo}/contents/{filepath} (#11067) 2020-04-20 17:47:05 +01:00
CirnoT
d2693f18de
Support organization labels for PRs in API (#11135)
Fix `/repos/{owner}/{repo}/pulls` and `/repos/{owner}/{repo}/pulls/{index}` to accept organization labels during PR creation and edition.
2020-04-20 14:10:45 +01:00
6543
3c5a4d094a
[API] Add branch delete (#11112)
* use same process as in routers/repo/branch.go/deleteBranch

* make sure default branch can not be deleted

* remove IsDefaultBranch from UI process - it is worth its own pull

* permissions
2020-04-19 10:38:09 +08:00
CirnoT
38d5f88a81
Add X-Total-Count on /repos/{owner]/{repo}/pulls API (#11113)
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-04-18 02:53:56 -04:00
6543
c52d48aae4
Prevent merge of outdated PRs on protected branches (#11012)
* Block PR on Outdated Branch

* finalize

* cleanup

* fix typo and sentences

thanks @guillep2k

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-04-16 22:00:36 -03:00
6543
70fab7e26a
document 404 responce and meaning (#11073) 2020-04-15 16:03:05 +03:00
zeripath
2e85ad665a
Contents API should return 404 on not exist (#10323)
* Return 404 on not exist

* swagger update and use git.IsErrNotExist

* Handle delete too

* Handle delete too x2

* Fix pr 10323 (#3)

* fix TESTS

* leafe a note for fututre

* placate golangci-lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update integrations/api_repo_file_delete_test.go

Co-Authored-By: 6543 <6543@obermui.de>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-04-15 02:18:51 -03:00
6543
ad5c43ae5d
Reject duplicate AccessToken names (#10994)
* make sure duplicate token names cannot be used

* add check to api routes too

* add @lunny s suggestion

* fix & don't forget User.ID

* AccessTokenByNameExists() return error too

* unique token for each test

* fix lint

Signed-off-by: 6543 <6543@obermui.de>

Co-authored-by: Lanre Adelowo <yo@lanre.wtf>
2020-04-13 22:02:48 +03:00
6543
0dadea19bc
[Api] Check Notify (always return json) (#10059)
* BEAKING: check return status based on struct not httpStatus

* update Tests

* CI.restart()
2020-04-10 19:49:39 -04:00
Dan Molik
743022116d
Add Get/Update for api/v1/user/applications/oauth2 (#11008)
Add api methods for getting and updating user oauth2 applications.

Signed-off-by: Dan Molik <dan@danmolik.com>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-04-09 19:37:31 -05:00
j.yao.SUSE
b40107c416
[suggest] change merge strategy: do not check write access if user in merge white list (#10951)
* [suggest] change merge strategy: do not check write access if user in merge white list #10935

(cherry picked from commit ba74fc6389dfcad03c273441a49b54e4d38c86ee)

* fix NPE

* Fix cross compile (#10952)

* Fix cross compile

* Add test for cross compile

* Fix drone

* Fix drone

* Also prevent CC environment not to generate

Co-authored-by: zeripath <art27@cantab.net>

* fix merge box icon color bug (#10974)

that because need some space beturn ``text`` and color defines

Signed-off-by: a1012112796 <1012112796@qq.com>

* [skip ci] Updated translations via Crowdin

* Allow X in addition to x in tasks (#10979)

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove api: merge  reqRepoWriter

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 赵智超 <1012112796@qq.com>
Co-authored-by: GiteaBot <teabot@gitea.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-04-08 14:26:50 +03:00
6543
3d63caa542
[API] Get a single commit via Ref (#10915)
* GET /repos/:owner/:repo/commits/:ref

* add Validation Checks

* Fix & Extend TEST

* add two new tast cases
2020-04-07 22:54:46 -04:00
John Olheiser
baadb51445
Add gitea-vet (#10948)
* Add copyright

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add gitea-vet and fix non-compliance

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Combine tools.go into build.go and clean up

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Remove extra GO111MODULE=on

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-04-05 07:20:50 +01:00
mrsdizzie
8d99ee2773
Add Organization Wide Labels (#10814)
* Add organization wide labels

Implement organization wide labels similar to organization wide
webhooks. This lets you create individual labels for organizations that can be used
for all repos under that organization (so being able to reuse the same
label across multiple repos).

This makes it possible for small organizations with many repos to use
labels effectively.

Fixes #7406

* Add migration

* remove comments

* fix tests

* Update options/locale/locale_en-US.ini

Removed unused translation string

* show org labels in issue search label filter

* Use more clear var name

* rename migration after merge from master

* comment typo

* update migration again after rebase with master

* check for orgID <=0 per guillep2k review

* fmt

* Apply suggestions from code review

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* remove unused code

* Make sure RepoID is 0 when searching orgID per code review

* more changes/code review requests

* More descriptive translation var per code review

* func description/delete comment when issue label deleted instead of hiding it

* remove comment

* only use issues in that repo when calculating number of open issues for org label on repo label page

* Add integration test for IssuesSearch API with labels

* remove unused function

* Update models/issue_label.go

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Use subquery in GetLabelIDsInReposByNames

* Fix tests to use correct orgID

* fix more tests

* IssuesSearch api now uses new BuildLabelNamesIssueIDsCondition. Add a few more tests as well

* update comment for clarity

* Revert previous code change now that we can use the new BuildLabelNamesIssueIDsCondition

* Don't sort repos by date in IssuesSearch API

After much debugging I've found a strange issue where in some cases MySQL will return a different result than other enigines if a query is sorted by a null collumn. For example with our integration test data where we don't set updated_unix in repository fixtures:

SELECT `id`, `owner_id`, `owner_name`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` ORDER BY updated_unix DESC LIMIT 15 OFFSET 45

Returns different results for MySQL than other engines. However, the similar query:

SELECT `id`, `owner_id`, `owner_name`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` ORDER BY updated_unix DESC LIMIT 15 OFFSET 30

Returns the same results.

This causes integration tests to fail on MySQL in certain cases but would never show up in a real installation. Since this API call always returns issues based on the optionally provided repo_priority_id or the issueID itself, there is no change to results by changing the repo sorting method used to get ids earlier in the function.

* linter is back!

* code review

* remove now unused option

* Fix newline at end of files

* more unused code

* update to master

* check for matching ids before query

* Update models/issue_label.go

Co-Authored-By: 6543 <6543@obermui.de>

* Update models/issue_label.go

* update comments

* Update routers/org/setting.go

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: 6543 <6543@obermui.de>
2020-04-01 01:14:46 -03:00
Lunny Xiao
f490291bea
Use subquery to instead In (#10874)
* Use subquery to instead In

* Support excludedLabelNames on issues options

* Fix tests

Co-authored-by: zeripath <art27@cantab.net>
2020-03-30 02:30:39 -03:00
zeripath
48890ce546
Allow site admin to check /api/v1/orgs endpoints (#10867)
Fix #9950

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-03-28 19:45:55 +00:00
zeripath
7cd47046ea
Handle push rejection in branch and upload (#10854)
* Handle push rejections and push out-of-date in branch creation and
file upload.
* Remove the duplicated sanitize from services/pull/merge
* Move the errors Err(Merge)PushOutOfDate and ErrPushRejected to
modules/git
* Handle errors better in the upload file dialogs

Fix #10460

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-03-28 01:13:18 -03:00
Lauris BH
bbd910ed1b
Allow to set protected file patterns that can not be changed under no conditions (#10806)
Co-Authored-By: zeripath <art27@cantab.net>
2020-03-27 00:26:34 +02:00
zeripath
52cfd2743c
Option to set default branch at repository creation (#10803)
* Option to set default branch at repository creation
* Handle template repos with non-default master branch
* Add DefaultBranch handling on creation to API

Fix #9542

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-03-26 19:14:51 +00:00
Lunny Xiao
dcaa5643d7
Fix branch api canPush and canMerge (#10776)
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-03-20 23:41:33 -04:00
zeripath
33c5e5e7fa
Prevent panic in stopwatch (#10670)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-03-08 14:46:24 -03:00
John Olheiser
3f1c0841cb
Granular webhook events (#9626)
* Initial work

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add PR reviews and API coverage

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Split up events

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add migration and locale

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Format

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Revert IsPull

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix comments

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix tests

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix PR reviews

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix issue_comment

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Make fmt

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Migrations

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Backwards compatible API

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix feishu

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Move session commit

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-03-06 07:10:48 +02:00
Lunny Xiao
5abe1c52de
Display pull request head branch even the branch deleted or repository deleted (#10413)
* Display pull request head branch even the branch deleted or repository deleted

* Merge getHeadRepo/loadHeadRepo and getBaseRepo/loadBaseRepo on pull and fill repo when pr.Issue.Repo is available

* retrieve sha from pull head when pull request branch deleted and fix tests

* Fix test

* Ensure MustHeadRepoName returns empty string if no head repo

Co-authored-by: zeripath <art27@cantab.net>
2020-03-02 22:31:55 +00:00
6543
4160bd6ef1
Remove Unused Functions (#10516)
* remove ReplaceLeft

* remove GetRepositoryByOwnerAndName chainload to models.GetRepositoryByOwnerAndName

* remove CheckUnitUser chainload to models.CheckUnitUser

* remove MakeAssigneeList

* remove DownloadDiff & DownloadPatch -> DownloadDiffOrPatch

* remove GetRandomBytesAsBase64

* remove PushUpdateDeleteTags

* remove GetUserByKeyID
(you still can resolve user by "k, err := GetPublicKeyByID; userID := k.OwnerID")

* remove BasicAuthEncode from struct package -> same function in modules/base/tools !

* remove UserID from api.utils

* remove unused func from structs package
2020-03-02 00:05:44 +02:00
Gustavo Marin
af61b2249a
adds API endpoints to manage OAuth2 Application (list/create/delete) (#10437)
* add API endpoint to create OAuth2 Application.

* move endpoint to /user. Add swagger documentations and proper response type.

* change json tags to snake_case. add CreateOAuth2ApplicationOptions to swagger docs.

* change response status to Created (201)

* add methods to list OAuth2 apps and delete an existing OAuth2 app by ID.

* add APIFormat convert method and file header

* fixed header

* hide secret on oauth2 application list

* add Created time to API response

* add API integration tests for create/list/delete OAuth2 applications.

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-02-29 03:19:32 -03:00
6543
7e8cdba181
[Refactor] move APIFormat() of Issue and Label to convert package (#10423)
* Label: delete .APIFormat() and use convert.ToLabel()

* move issue APIFormat too

* add missing one

* move TEST too

* handle error -> return empty APIIssue

* Apply suggestions from code review

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-02-28 23:49:50 -03:00
John Olheiser
78585b1cd7
Fix double PR notification from API (#10482)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-02-26 12:12:34 -06:00
6543
084a2b0026
Code Refactor of IssueWatch related things (#10401)
* refactor

* optimize

* remove Iretating function
LoadWatchUsers do not load Users into IW object and it is used only in api ... so move this logic

* remove unessesary

* Apply suggestions from code review

Thx

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* make Tests more robust

* fix rebase

* restart CI

* CI no dont hit sqlites deadlock

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-02-26 03:32:22 -03:00
6543
4427a936b4
[API] enable paggination for ListRepoTags (#10454)
* enable paggination for repoTags

* precalculate first, cut slice second

* Apply suggestions from code review

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-02-25 14:07:07 -05:00
6543
39b507e3c4
Trigger webhooks on issue label-change via API too (#10421)
* trigger webhooks with api too

* fix comment

* notify report old too

* CI restart

* restart CI again

* remove duplicated code
2020-02-23 22:53:08 +00:00
guillep2k
09dbd85a3a
Various fixes in login sources (#10428) 2020-02-23 13:52:05 -06:00
zeripath
089ccb0c80
Handle push rejection message in Merge & Web Editor (#10373)
* Handle push rejection message in Merge

* placate golangci-lint

* Fix sanitize, adjust message handling

* oops

* Oops

* Handle push-rejection in webeditor CRUD too

* Apply suggestions from code review

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-02-22 15:08:48 +02:00
David Svantesson
9ff4e1d2d9
Add API branch protection endpoint (#9311)
* add API branch protection endpoint

* lint

* Change to use team names instead of ids.

* Status codes.

* fix

* Fix

* Add new branch protection options (BlockOnRejectedReviews, DismissStaleApprovals, RequireSignedCommits)

* Do xorm query directly

* fix xorm GetUserNamesByIDs

* Add some tests

* Improved GetTeamNamesByID

* http status created for CreateBranchProtection

* Correct status code in integration test

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2020-02-12 23:19:35 +00:00
6543
585316f3bf
[API] let admin check org membership on other users (#10201)
* fix

* fix lint on master

Co-authored-by: zeripath <art27@cantab.net>
2020-02-09 23:54:53 +02:00
6543
e273817154
[API] Fix inconsistent label color format (#10129)
* update and use labelColorPattern

* add TestCases

* fix lint

* # optional for templates

* fix typo

* some more

* fix lint of **master**
2020-02-09 14:33:03 +00:00
6543
ea50f60df2
Prevent DeleteUser API abuse (#10125)
* fix & co

* word suggestions from @jolheiser
2020-02-03 18:46:33 +02:00
6543
13bc82009c
API endpoint for repo transfer (#9947)
* squash

* optimize

* fail before make any changes

* fix-header
2020-01-31 15:49:04 +00:00
Lunny Xiao
c09e020558
Fix milestone API state parameter unhandled (#10049)
* Fix milestone API state parameter unhandled

* Fix test
2020-01-29 08:36:32 +02:00
6543
f29c301040
Refactor api repo dir (#10048)
* mv migrate

* mv mirror

Co-authored-by: zeripath <art27@cantab.net>
2020-01-29 13:55:23 +08:00
Andy Harrison
d879353632 Minor typo fix (#10043) 2020-01-28 18:45:39 +00:00
SpaWn2KiLl
1f01f53c53 API add/generalize pagination (#9452)
* paginate results

* fixed deadlock

* prevented breaking change

* updated swagger

* go fmt

* fixed find topic

* go mod tidy

* go mod vendor with go1.13.5

* fixed repo find topics

* fixed unit test

* added Limit method to Engine struct; use engine variable when provided; fixed gitignore

* use ItemsPerPage for default pagesize; fix GetWatchers, getOrgUsersByOrgID and GetStargazers; fix GetAllCommits headers; reverted some changed behaviors

* set Page value on Home route

* improved memory allocations

* fixed response headers

* removed logfiles

* fixed import order

* import order

* improved swagger

* added function to get models.ListOptions from context

* removed pagesize diff on unit test

* fixed imports

* removed unnecessary struct field

* fixed go fmt

* scoped PR

* code improvements

* code improvements

* go mod tidy

* fixed import order

* fixed commit statuses session

* fixed files headers

* fixed headers; added pagination for notifications

* go mod tidy

* go fmt

* removed Private from user search options; added setting.UI.IssuePagingNum as default valeu on repo's issues list

* Apply suggestions from code review

Co-Authored-By: 6543 <6543@obermui.de>
Co-Authored-By: zeripath <art27@cantab.net>

* fixed build error

* CI.restart()

* fixed merge conflicts resolve

* fixed conflicts resolve

* improved FindTrackedTimesOptions.ToOptions() method

* added backwards compatibility on ListReleases request; fixed issue tracked time ToSession

* fixed build error; fixed swagger template

* fixed swagger template

* fixed ListReleases backwards compatibility

* added page to user search route

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2020-01-24 14:00:29 -05:00
Lunny Xiao
81daf26878
Fix wrong hint when status checking is running on pull request view (#9886)
* Fix wrong hint when status checking is running on pull request view

* fix lint

* fix test

* fix test

* fix wrong tmpl

* fix import

* rename function name
2020-01-22 11:46:04 +08:00
Lunny Xiao
6d6f1d568e Fix wrong permissions check when issues/prs shared operations (#9885)
* Fix wrong permissions check when issues/prs shared operations

* move redirect to the last of the function

* fix swagger

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-01-20 13:00:32 +01:00