Commit graph

913 commits

Author SHA1 Message Date
delvh
bd6ef71854
Show branches and tags that contain a commit (#25180)
Now, you can see for a commit which existing branches and tags contain it.
You first have to click on the `load branches and tags` button, they are not preloaded by default.
All branches and tags are ordered descending by creation date.
You can even see without much hassle if the given commit is already part of the default branch.

Closes #25152 

## Screenshots

### Initial

![image](https://github.com/go-gitea/gitea/assets/51889757/84db2c0b-aaef-4f69-ab92-0b812793d2ad)

### Loaded

![image](https://github.com/go-gitea/gitea/assets/51889757/a9b84e66-8e44-4c55-b017-c37f4a45f41b)

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-27 12:47:41 +02:00
cassiozareck
73fb1ecdcf
Fixing redirection issue for logged-in users (#26105)
This PR addresses an issue where logged-in users get redirected to the
homepage when trying to access a URL with the redirect_to parameter. The
issue was traced back to a middleware function in
services/auth/middleware.go that redirects logged-in users to the
homepage. This function didn't account the redirect_to parameter.

The fix modifies the middleware function to check for this case and
redirect the user to the specified URL instead of the homepage.

Closes: #26005

---------

Signed-off-by: cassiozareck <cassiomilczareck@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-27 13:08:51 +08:00
yp05327
1c6c38fa6e
Improve display of Labels/Projects/Assignees sort options (#25886)
Labels:
Before: (no highlights)

![image](https://github.com/go-gitea/gitea/assets/18380374/88ffbff0-1b14-4d93-810d-f2ce2b2d7321)
After:

![image](https://github.com/go-gitea/gitea/assets/18380374/ab7b665b-d17c-4acd-a681-64cbb67ae460)

![image](https://github.com/go-gitea/gitea/assets/18380374/19f8a0d0-ad5f-4dbf-b45a-1001e60a8399)

Projects:
Before: (no highlights)

![image](https://github.com/go-gitea/gitea/assets/18380374/2079e6a8-8801-4662-acda-e248f115462f)

After:

![image](https://github.com/go-gitea/gitea/assets/18380374/7180a086-68be-49c4-bb29-3d05454fb41d)

![image](https://github.com/go-gitea/gitea/assets/18380374/3c5a791f-1852-4957-89b8-10940c672e10)

Assignee:
Before: (no highlights)

![image](https://github.com/go-gitea/gitea/assets/18380374/09273636-d9b1-4144-9533-2ce66cab8c49)
After:

![image](https://github.com/go-gitea/gitea/assets/18380374/24bd0cfe-b589-4c8a-be67-74f242dda6d3)

![image](https://github.com/go-gitea/gitea/assets/18380374/7476be73-5201-4330-82e2-44b0b5080f71)
2023-07-26 13:00:50 +00:00
wxiaoguang
dcd3a63128
Move web JSON functions to web context and simplify code (#26132)
The JSONRedirect/JSONOK/JSONError functions were put into "Base" context
incorrectly, it would cause abuse.

Actually, they are for "web context" only, so, move them to the correct
place.

And by the way, use them to simplify old code: +75 -196
2023-07-26 06:04:01 +00:00
Lunny Xiao
5dc37ef97a
Display deprecated warning in admin panel pages as well as in the log file (#26094)
This PR includes #26007 's changes but have a UI to prompt administrator
about the deprecated settings as well as the log or console warning.
Then users will have enough time to notice the problem and don't have
surprise like before.

<img width="1293" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/c33355f0-1ea7-4fb3-ad43-cd23cd15391d">

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-26 03:53:37 +00:00
JakobDev
6598d0291c
Allow Organisations to have a E-Mail (#25082)
Resolves #25057

This adds a E-Mail field to Organisations. The E-Mail is just shown on
the Profile when it is visited by a logged in User. The E-mail is not
used for something else.

**Screenshots:**

![grafik](https://github.com/go-gitea/gitea/assets/15185051/a8d622b3-7278-4c08-984b-9c5ebfdb5471)

![grafik](https://github.com/go-gitea/gitea/assets/15185051/6dcb1dd7-d04b-49eb-bc96-6582cfe9757b)

---------

Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
Co-authored-by: Denys Konovalov <privat@denyskon.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-25 08:26:27 +00:00
Bo-Yi Wu
44781f9f5c
Implement auto-cancellation of concurrent jobs if the event is push (#25716)
- cancel running jobs if the event is push
- Add a new function `CancelRunningJobs` to cancel all running jobs of a
run
- Update `FindRunOptions` struct to include `Ref` field and update its
condition in `toConds` function
- Implement auto cancellation of running jobs in the same workflow in
`notify` function

related task: https://github.com/go-gitea/gitea/pull/22751/

---------

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
Signed-off-by: appleboy <appleboy.tw@gmail.com>
Co-authored-by: Jason Song <i@wolfogre.com>
Co-authored-by: delvh <dev.lh@web.de>
2023-07-25 11:15:55 +08:00
delvh
f3d41c61eb
Remove db.DefaultContext in routers/ and cmd/ (#26076)
Now, the only remaining usages of `models.db.DefaultContext` are in
  - `modules`
  - `models`
  - `services`
2023-07-23 23:47:27 -04:00
Lunny Xiao
b167f35113
Add context parameter to some database functions (#26055)
To avoid deadlock problem, almost database related functions should be
have ctx as the first parameter.
This PR do a refactor for some of these functions.
2023-07-22 22:14:27 +08:00
Lunny Xiao
c42b71877e
Fix branch list auth (#26041)
The public repositories' branch list dropdown will return wrong because
it requires login wrongly.
Caused by #25719
2023-07-22 11:47:06 +00:00
wxiaoguang
52fb936773
Serve pre-defined files in "public", add "security.txt", add CORS header for ".well-known" (#25974)
Replace #25892

Close  #21942
Close  #25464

Major changes:

1. Serve "robots.txt" and ".well-known/security.txt" in the "public"
custom path
* All files in "public/.well-known" can be served, just like
"public/assets"
3. Add a test for ".well-known/security.txt"
4. Simplify the "FileHandlerFunc" logic, now the paths are consistent so
the code can be simpler
5. Add CORS header for ".well-known" endpoints
6. Add logs to tell users they should move some of their legacy custom
public files

```
2023/07/19 13:00:37 cmd/web.go:178:serveInstalled() [E] Found legacy public asset "img" in CustomPath. Please move it to /work/gitea/custom/public/assets/img
2023/07/19 13:00:37 cmd/web.go:182:serveInstalled() [E] Found legacy public asset "robots.txt" in CustomPath. Please move it to /work/gitea/custom/public/robots.txt
```
This PR is not breaking.

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-21 12:14:20 +00:00
HesterG
2f0e79e639
Use frontend fetch for branch dropdown component (#25719)
- Send request to get branch/tag list, use loading icon when waiting for
response.
- Only fetch when the first time branch/tag list shows.
- For backend, removed assignment to `ctx.Data["Branches"]` and
`ctx.Data["Tags"]` from `context/repo.go` and passed these data wherever
needed.
- Changed some `v-if` to `v-show` and used native `svg` as mentioned in
https://github.com/go-gitea/gitea/pull/25719#issuecomment-1631712757 to
improve perfomance when there are a lot of branches.
- Places Used the dropdown component:

     Repo Home Page
    
<img width="1429" alt="Screen Shot 2023-07-06 at 12 17 51"
src="https://github.com/go-gitea/gitea/assets/17645053/6accc7b6-8d37-4e88-ae1a-bd2b3b927ea0">

    Commits Page

<img width="1431" alt="Screen Shot 2023-07-06 at 12 18 34"
src="https://github.com/go-gitea/gitea/assets/17645053/2d0bf306-d1e2-45a8-a784-bc424879f537">

    Specific commit -> operations -> cherry-pick
    
<img width="758" alt="Screen Shot 2023-07-06 at 12 23 28"
src="https://github.com/go-gitea/gitea/assets/17645053/1e557948-3881-4e45-a625-8ef36d45ae2d">

    Release Page
    
<img width="1433" alt="Screen Shot 2023-07-06 at 12 25 05"
src="https://github.com/go-gitea/gitea/assets/17645053/3ec82af1-15a4-4162-a50b-04a9502161bb">

- Demo


https://github.com/go-gitea/gitea/assets/17645053/d45d266b-3eb0-465a-82f9-57f78dc5f9f3

- Note:

UI of dropdown menu could be improved in another PR as it should apply
to more dropdown menus.

Fix #14180

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-21 11:20:04 +00:00
Lunny Xiao
037c9895a7
Support copy protected branch from template repository (#25889)
Fix #14303
2023-07-21 12:32:47 +08:00
FuXiaoHei
f3d293d2bb
Actions Artifacts support uploading multiple files and directories (#24874)
current actions artifacts implementation only support single file
artifact. To support multiple files uploading, it needs:

- save each file to each db record with same run-id, same artifact-name
and proper artifact-path
- need change artifact uploading url without artifact-id, multiple files
creates multiple artifact-ids
- support `path` in download-artifact action. artifact should download
to `{path}/{artifact-path}`.
- in repo action view, it provides zip download link in artifacts list
in summary page, no matter this artifact contains single or multiple
files.
2023-07-21 10:42:01 +08:00
wxiaoguang
9b25bfa8f4
Remove redundant "RouteMethods" method (#26024)
The `RouteMethods` is mainly an alias for `Methods` with different
argument order.

Remove it to keep the "route.go" code clear
2023-07-21 00:43:49 +02:00
wxiaoguang
af22f33a93
Fix the route for pull-request's authors (#26016)
Close #25906

![image](https://github.com/go-gitea/gitea/assets/2114189/e689f3e1-9a90-46c0-89f4-2d61394d34d3)


Succeeded logs:

```
[I] router: completed GET /root/test/issues/posters?&q=%20&_=1689853025011 for [::1]:59271, 200 OK in 127.7ms @ repo/issue.go:3505(repo.IssuePosters)


[I] router: completed GET /root/test/pulls/posters?&q=%20&_=1689853968204 for [::1]:59269, 200 OK in 94.3ms @ repo/issue.go:3509(repo.PullPosters)
```
2023-07-20 12:41:28 +00:00
Noah Snelson
df55f9b189
Add a link to OpenID Issuer URL in WebFinger response (#26000)
This change adds an entry to the `links` field of the
`/.well-known/webfinger` response. The new entry points to the `appURL`
as an OpenID issuer. This is consistent with the output of
`/.well-known/openid-configuration`, which also uses the value of
`appURL`.

This change is required for Tailscale SSO to work, as it uses the OpenID
Issuer URL when querying the Tailscale user email during signup/login
([docs](https://tailscale.com/kb/1240/sso-custom-oidc/#webfinger-setup)).
2023-07-20 16:02:45 +08:00
Earl Warren
e20f8f0977
Improve profile readme rendering (#25988)
- Tell the renderer to use the `document` mode, so it's consistent with
other renderers.
- Use the same padding as `.file-view.markup`, so it's consistent with
other containers that contain markup rendering.
- Resolves https://codeberg.org/forgejo/forgejo/issues/833

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-07-19 22:22:32 +00:00
harryzcy
0f9f6567bb
Bump github.com/golang-jwt/jwt to v5 (#25975)
Bumping `github.com/golang-jwt/jwt` from v4 to v5.

`github.com/golang-jwt/jwt` v5 is bringing some breaking changes:

- standard `Valid()` method on claims is removed. It's replaced by
`ClaimsValidator` interface implementing `Validator()` method instead,
which is called after standard validation. Gitea doesn't seem to be
using this logic.
- `jwt.Token` has a field `Valid`, so it's checked in `ParseToken`
function in `services/auth/source/oauth2/token.go`

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-19 09:57:10 +00:00
wxiaoguang
50e14699d3
Update path related documents (#25417)
Update WorkPath/WORK_PATH related documents, remove out-dated
information.

Remove "StaticRootPath" on the admin config display page, because few
end user really need it, it only causes misconfiguration.


![image](https://github.com/go-gitea/gitea/assets/2114189/8095afa4-da76-436b-9e89-2a92c229c01d)

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-19 11:22:57 +02:00
wxiaoguang
236c645bf1
Refactor "Content" for file uploading (#25851)
Before: the concept "Content string" is used everywhere. It has some
problems:

1. Sometimes it means "base64 encoded content", sometimes it means "raw
binary content"
2. It doesn't work with large files, eg: uploading a 1G LFS file would
make Gitea process OOM

This PR does the refactoring: use "ContentReader" / "ContentBase64"
instead of "Content"

This PR is not breaking because the key in API JSON is still "content":
`` ContentBase64 string `json:"content"` ``
2023-07-18 18:14:47 +00:00
Jason Song
29e959fd00
Ignore runs-on with expressions when warning no matched runners (#25917)
Fix #25905

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-17 18:19:53 +02:00
yp05327
3add4ca216
Fix incorrect milestone count when provide a keyword (#25880)
You can confirm this issue in:
https://try.gitea.io/yp05327/testrepo/milestones?state=open&q=a
There's no milestone, but the count is 1.

![image](https://github.com/go-gitea/gitea/assets/18380374/25e58cee-aeeb-43c1-8ec8-6e2ec6bf1284)
2023-07-16 03:43:51 +00:00
yp05327
ec35af470c
Avoid opening/closing PRs which are already merged (#25883)
We can select PRs to open/close them by one click, but we forgot to
check whether it is merged.
You can get an opening merged PR:

![image](https://github.com/go-gitea/gitea/assets/18380374/22c2e747-4bb9-4742-a9aa-ef39d5308bc5)

You can confirm this in:
https://try.gitea.io/yp05327/testrepo/pulls/5
2023-07-15 22:10:49 +00:00
wxiaoguang
9672085d94
Fix "Flash" message usage (#25895)
Resolve https://github.com/go-gitea/gitea/pull/25820/files#r1264309059
2023-07-15 11:52:03 +03:00
yp05327
dc679fc9fa
Fix incorrect release count (#25879)
Release count is not correct:
https://try.gitea.io/yp05327/testrepo/tags

![image](https://github.com/go-gitea/gitea/assets/18380374/07f97c62-d450-4ccb-b3f2-3e0af9d9fc52)

https://try.gitea.io/yp05327/testrepo/releases

![image](https://github.com/go-gitea/gitea/assets/18380374/6f1d55a4-bb68-445d-84b9-90552a40f403)

https://try.gitea.io/yp05327/testrepo/releases/tag/testtag

![image](https://github.com/go-gitea/gitea/assets/18380374/09ab5d51-52b6-4621-a571-3100198eb260)

We already have correct release count, no need to calculate it again.

c5e187c389/modules/context/repo.go (L547)

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-14 08:47:17 +00:00
yp05327
52f46919dc
Add error info if no user can fork the repo (#25820)
Before: (Owner list is empty)

![image](https://github.com/go-gitea/gitea/assets/18380374/dbe87bfe-14ed-4997-8cb2-5c1308232a70)

After: (Disable the button and show the error info)

![image](https://github.com/go-gitea/gitea/assets/18380374/a7e4c315-67ab-408b-88f2-c554076ce87a)
2023-07-14 15:56:20 +08:00
hiifong
4628aa5251
fix incorrect repo url when changed the case of ownername (#25733)
When only the case of the username changes and the new username is
consistent with the lowercase username of the old user name, update the
owner name of the repo, and keep the original logic consistent with
other conditions.

example: your username is `gitea`, lowercase username is `gitea`,repo
url is `.../gitea/{repo}`, you changed username to `Gitea` or `GiTea` or
other, but the lowercase username is still `gitea`, the repo url is
still `.../gitea/{repo}`.

this pr fixed it,keep username and repo url consistent.

Before:

![image](https://github.com/go-gitea/gitea/assets/89133723/84177296-f0ff-4176-84f1-1f9ec3f5b86f)

![image](https://github.com/go-gitea/gitea/assets/89133723/8f8f4a12-ecdd-4dec-af89-85c009b0ccfe)


After: 

![image](https://github.com/go-gitea/gitea/assets/89133723/0564edb6-9467-405a-8cd4-d6f70e6f614b)

![image](https://github.com/go-gitea/gitea/assets/89133723/554ecd6e-e5a1-43bc-a46d-99e988c2ff58)
2023-07-14 13:42:10 +08:00
Denys Konovalov
eec45b43db
move issue filters to shared template (#25729)
Issue filters are being used on repo list page and on milestone issues
page, and the code is mostly duplicated.

This PR does the following changes:
- move issue filters into a shared template
- allow filtering milestone issues by project, so no need to hide this
filter on milestone issues page
- remove some dead code (e. g. issue actions in milestone issues
template)
- fix label filter dropdown width

---------

Co-authored-by: 6543 <6543@obermui.de>
2023-07-13 20:00:38 +00:00
yp05327
8b89563bf1
Fix empty project displayed in issue sidebar (#25802)
Before:

![image](https://github.com/go-gitea/gitea/assets/18380374/1ab476dc-2f9b-4c85-9e87-105fc73af1ee)
After:

![image](https://github.com/go-gitea/gitea/assets/18380374/786f984d-5c27-4eff-b3d9-159f68034ce4)

This issue comes from the change in #25468.
`LoadProject` will always return at least one record, so we use
`ProjectID` to check whether an issue is linked to a project in the old
code.
As other `issue.LoadXXX` functions, we need to check the return value
from `xorm.Session.Get`.

In recent unit tests, we only test `issueList.LoadAttributes()` but
don't test `issue.LoadAttributes()`. So I added a new test for
`issue.LoadAttributes()` in this PR.

---------

Co-authored-by: Denys Konovalov <privat@denyskon.de>
2023-07-12 16:10:35 +02:00
yp05327
44572e9243
Fix incorrect oldest sort in project list (#25806)
sort type `oldest` should be `Asc`.
Added a test for this.
2023-07-11 20:47:50 +02:00
Lunny Xiao
2f31d2d56c
Exclude default branch from pushed branch hint (#25795)
When pushing to default branch, no pushing hint should be prompt.
Fix #25778

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-10 11:18:55 +00:00
Lunny Xiao
0fd1672ae4
For API attachments, use API URL (#25639)
Fix #25257

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-10 09:31:19 +00:00
sebastian-sauer
d2c3a90ee2
Show edit title button on commits tab of PR, too (#25791)
All 3 tabs of the PR (Conversation, Commits and Files changed) should
show the edit title button.

Before this commit the edit button was not shown on commits tab

Screenshots:
After: 

![image](https://github.com/go-gitea/gitea/assets/1135157/d04c700c-dffc-4bcd-8108-cb64838af0c6)

Before:

![image](https://github.com/go-gitea/gitea/assets/1135157/b6795ad3-c994-461c-98aa-a7331c3e3877)

Just for reference the edit button in files changed tab:

![image](https://github.com/go-gitea/gitea/assets/1135157/5750640d-489f-4a71-8144-543ef42afb42)

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-10 09:05:59 +02:00
wxiaoguang
84c78650cc
Fix notification list bugs (#25781)
Fix #25627

1. `ctx.Data["Link"]` should use relative URL but not AppURL
2. The `data-params` is incorrect because it doesn't contain "page". JS
can simply use "window.location.search" to construct the AJAX URL
3. The `data-xxx` and `id` in notification_subscriptions.tmpl were
copied&pasted, they don't have affect.
2023-07-09 18:42:31 +00:00
Lunny Xiao
6375419468
Newly pushed branches hints on repository home page (#25715)
This PR will display a pull request creation hint on the repository home
page when there are newly created branches with no pull request. Only
the recent 6 hours and 2 updated branches will be displayed.

Inspired by #14003 
Replace #14003 
Resolves #311
Resolves #13196
Resolves #23743

co-authored by @kolaente
2023-07-08 05:19:00 +02:00
techknowlogick
cb01b8691d
Add open/closed field support for issue index (#25708)
A couple of notes:
* Future changes should refactor arguments into a struct
* This filtering only is supported by meilisearch right now
* Issue index number is bumped which will cause a re-index
2023-07-07 17:10:13 +00:00
wxiaoguang
128d77a3a0
Following up fixes for "Fix inconsistent user profile layout across tabs" (#25739)
Follow
https://github.com/go-gitea/gitea/pull/25625#issuecomment-1621577816

1. Fix the incorrect "project view" layout
2. Fix the "follow/unfollow" link on "packages" and "projects" tab


Before:


![image](https://github.com/go-gitea/gitea/assets/2114189/3b071235-c186-4097-8a19-dd90dcb2a344)


After:


![image](https://github.com/go-gitea/gitea/assets/2114189/d1d23cd7-28d8-43e3-9f68-03e8a34a9b97)

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-07 17:27:12 +02:00
6543
8995046110
Less naked returns (#25713)
just a step towards  #25655

and some related refactoring
2023-07-07 05:31:56 +00:00
puni9869
2af30f715e
Fix inconsistent user profile layout across tabs (#25625)
Fix ::User Profile Page  Project Tab Have Inconsistent Layout and Style
Added the big_avator for consistency in the all header_items tabs.
Fixes: #24871
> ### Description
> in the user profile page the `Packages` and `Projects` tab have small
icons for user but other tabs have bigger profile picture with user
info:
> 
> ### Screenshots
> ### **For Packages And Projects:**
>
![image](https://user-images.githubusercontent.com/25511175/240148601-2420d77b-ba25-4718-9ccb-c5d0d95e3079.png)
> 
> ### **For Other Tabs:**
>
![image](https://user-images.githubusercontent.com/25511175/240148461-ce9636b3-fe11-4c46-a230-30d83eee5947.png)
> 

## Before

![image](https://github.com/go-gitea/gitea/assets/80308335/975ad038-07ca-4b10-b75d-ccf259be7b9d)


 ## After changes
Project View 
<img width="1394" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/95d181d7-8e61-496d-9899-7b825c91ad56">


Packages View
<img width="1378" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/7f5fd60f-6b18-4fa8-8c56-7b0d45d1a610">


## Org view for projects page
<img width="1385" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/6400dc89-a5ae-4f0a-831b-5b6efa020d89">

## Org view for packages page
<img width="1387" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/4e1e9ffe-1e4b-4334-8657-de11b5fd31d0">

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: silverwind <me@silverwind.io>
2023-07-06 18:59:24 +00:00
Jason Song
3c05aa4927
Check ctx.Written() for GetActionIssue (#25698)
Fix #25697.

Just avoid panic, maybe there's another bug to trigger this case.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-05 18:52:12 +00:00
Lunny Xiao
90b3b3dbf8
Fix tags header and pretty format numbers (#25624)
This caused by #23465
2023-07-05 04:11:42 +00:00
silverwind
88f835192d
Replace interface{} with any (#25686)
Result of running `perl -p -i -e 's#interface\{\}#any#g' **/*` and `make fmt`.

Basically the same [as golang did](2580d0e08d).
2023-07-04 18:36:08 +00:00
Zettat123
ff140d4050
Fix the nil pointer when assigning issues to projects (#25665)
Fixes #25649
Caused by #25468
2023-07-04 10:26:24 +00:00
Lunny Xiao
0403bd989f
Log the real reason when authentication fails (but don't show the user) (#25414) 2023-07-03 18:39:38 -04:00
KN4CK3R
c890454769
Add direct serving of package content (#25543)
Fixes #24723

Direct serving of content aka HTTP redirect is not mentioned in any of
the package registry specs but lots of official registries do that so it
should be supported by the usual clients.
2023-07-03 15:33:28 +02:00
wxiaoguang
45bc180a15
Make "cancel" buttons have proper type in modal forms (#25618)
Replace #25446, fix #25438

All "cancel" buttons which do not have "type" should not submit the
form, should not be triggered by "Enter".

This is a complete fix for all modal dialogs.

The major change is "modules/aria/modal.js", "devtest" related code is
for demo/test purpose.
2023-07-03 14:04:50 +08:00
Lunny Xiao
7735da1c66
Display branch commit status (#25608)
Fix #10388

This PR adds a status icon for every branch which has a status check for
the latest commit on branch list page.

<img width="1313" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/727cd540-d03a-40c6-a7dd-e87c118af0ac">
2023-07-03 03:32:21 +00:00
Lunny Xiao
807c9712ef
Get latest commit statuses from database instead of git data on dashboard for repositories (#25605)
related #24638
2023-07-03 01:53:05 +00:00
hiifong
36f1fa7792
Support displaying diff stats in PR tab bar (#25387)
Fix #25326

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-07-03 01:00:28 +00:00
Lunny Xiao
aab7cb6750
Move some files under repo/setting (#25585)
There are too many files under `routers/web/repo` and the file
`routers/web/repo/setting.go` is too big.
This PR move all setting related routers' body functions under
`routers/web/repo/setting` and also split `routers/web/repo/setting.go`
2023-07-02 08:59:32 +08:00
KN4CK3R
cf2356062f
Redirect to package after version deletion (#25594)
Related #25559

Current behaviour:
1. Deletion of a package version
2. Redirect to the owners package list

New behaviour:
1. Deletion of a package version
2.1. If there are more versions available, redirect to the package again
2.2. If there are no versions available, redirect to the owners package
list
2023-06-29 17:01:14 +00:00
Lunny Xiao
6e19484f4d
Sync branches into databases (#22743)
Related #14180
Related #25233 
Related #22639
Close #19786
Related #12763 

This PR will change all the branches retrieve method from reading git
data to read database to reduce git read operations.

- [x] Sync git branches information into database when push git data
- [x] Create a new table `Branch`, merge some columns of `DeletedBranch`
into `Branch` table and drop the table `DeletedBranch`.
- [x] Read `Branch` table when visit `code` -> `branch` page
- [x] Read `Branch` table when list branch names in `code` page dropdown
- [x] Read `Branch` table when list git ref compare page
- [x] Provide a button in admin page to manually sync all branches.
- [x] Sync branches if repository is not empty but database branches are
empty when visiting pages with branches list
- [x] Use `commit_time desc` as the default FindBranch order by to keep
consistent as before and deleted branches will be always at the end.

---------

Co-authored-by: Jason Song <i@wolfogre.com>
2023-06-29 10:03:20 +00:00
HesterG
c6f1fb1c6d
Use fetch form action for lock/unlock/pin/unpin on sidebar (#25380)
Before:

<img width="364" alt="Screen Shot 2023-06-20 at 11 59 11"
src="https://github.com/go-gitea/gitea/assets/17645053/ad284b7e-8d21-43be-b178-bbcfd37cb5bd">

Might trigger many posts when keep clicking the buttons above.

<img width="448" alt="Screen Shot 2023-06-20 at 11 52 28"
src="https://github.com/go-gitea/gitea/assets/17645053/a60aa6ac-af74-45e4-b13a-512b436b81b0">
<img width="678" alt="Screen Shot 2023-06-20 at 11 52 37"
src="https://github.com/go-gitea/gitea/assets/17645053/d6662700-3643-4cc7-a2ec-64e1c0f5fbdb">

After (PR sidebar, Same for issue):


https://github.com/go-gitea/gitea/assets/17645053/9df3ad1f-e29c-439b-8bde-e6b917d63cc6

For delete, it is using `base/modal_actions_confirm` subtemplate, and we
might need another general solution for this (maybe add another
attribute to the subtemplate or something)

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-29 04:16:04 +00:00
Vitaliy Filippov
f0b773e0ce
Support downloading raw task logs (#24451)
Hi!
This pull request adds support for downloading raw task logs for Gitea
Actions, similar to Github Actions
It looks like the following:

![image](https://user-images.githubusercontent.com/945339/235376746-405d5019-710b-468b-8113-9e82eab8e752.png)
2023-06-29 10:58:56 +08:00
a1012112796
4aba8a6a5f
Split lfs size from repository size (#22900)
releated to #21820

- Split `Size` in repository table as two new colunms, one is `GitSize`
for git size, the other is `LFSSize` for lfs data. still store full size
in `Size` colunm.
- Show full size on ui, but show each of them by a `title`;  example:

![image](https://user-images.githubusercontent.com/25342410/218636251-e200f085-d7e7-4a25-9ff1-b586a63e07a9.png)

- Return full size in api response.

---------

Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: DmitryFrolovTri <23313323+DmitryFrolovTri@users.noreply.github.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-28 22:41:02 +00:00
wxiaoguang
ddf96f68cc
Use JSON response for "user/logout" (#25522)
The request sent to "user/logout" is from "link-action", it expects to
get JSON response.
2023-06-26 21:36:10 +02:00
Lunny Xiao
083818cb85
Improve loadprojects for issue list (#25468) 2023-06-24 15:31:28 +00:00
wxiaoguang
62ab55bacc
Improve wiki sidebar and TOC (#25460)
Close #20976
Close #20975

1. Fix the bug: the TOC in footer was incorrectly rendered as main
content's TOC
2. Fix the layout: on mobile, the TOC is put above the main content,
while the sidebar is put below the main content
3. Auto collapse the TOC on mobile

ps: many styles of "wiki.css" are moved from old css files, so leave
nits to following PRs.
2023-06-23 15:51:43 -04:00
Jason Song
375fd15fbf
Refactor indexer (#25174)
Refactor `modules/indexer` to make it more maintainable. And it can be
easier to support more features. I'm trying to solve some of issue
searching, this is a precursor to making functional changes.

Current supported engines and the index versions:

| engines | issues | code |
| - | - | - |
| db | Just a wrapper for database queries, doesn't need version | - |
| bleve | The version of index is **2** | The version of index is **6**
|
| elasticsearch | The old index has no version, will be treated as
version **0** in this PR | The version of index is **1** |
| meilisearch | The old index has no version, will be treated as version
**0** in this PR | - |


## Changes

### Split

Splited it into mutiple packages

```text
indexer
├── internal
│   ├── bleve
│   ├── db
│   ├── elasticsearch
│   └── meilisearch
├── code
│   ├── bleve
│   ├── elasticsearch
│   └── internal
└── issues
    ├── bleve
    ├── db
    ├── elasticsearch
    ├── internal
    └── meilisearch
```

- `indexer/interanal`: Internal shared package for indexer.
- `indexer/interanal/[engine]`: Internal shared package for each engine
(bleve/db/elasticsearch/meilisearch).
- `indexer/code`: Implementations for code indexer.
- `indexer/code/internal`: Internal shared package for code indexer.
- `indexer/code/[engine]`: Implementation via each engine for code
indexer.
- `indexer/issues`: Implementations for issues indexer.

### Deduplication

- Combine `Init/Ping/Close` for code indexer and issues indexer.
- ~Combine `issues.indexerHolder` and `code.wrappedIndexer` to
`internal.IndexHolder`.~ Remove it, use dummy indexer instead when the
indexer is not ready.
- Duplicate two copies of creating ES clients.
- Duplicate two copies of `indexerID()`.


### Enhancement

- [x] Support index version for elasticsearch issues indexer, the old
index without version will be treated as version 0.
- [x] Fix spell of `elastic_search/ElasticSearch`, it should be
`Elasticsearch`.
- [x] Improve versioning of ES index. We don't need `Aliases`:
- Gitea does't need aliases for "Zero Downtime" because it never delete
old indexes.
- The old code of issues indexer uses the orignal name to create issue
index, so it's tricky to convert it to an alias.
- [x] Support index version for meilisearch issues indexer, the old
index without version will be treated as version 0.
- [x] Do "ping" only when `Ping` has been called, don't ping
periodically and cache the status.
- [x] Support the context parameter whenever possible.
- [x] Fix outdated example config.
- [x] Give up the requeue logic of issues indexer: When indexing fails,
call Ping to check if it was caused by the engine being unavailable, and
only requeue the task if the engine is unavailable.
- It is fragile and tricky, could cause data losing (It did happen when
I was doing some tests for this PR). And it works for ES only.
- Just always requeue the failed task, if it caused by bad data, it's a
bug of Gitea which should be fixed.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-23 12:37:56 +00:00
6543
b0215c40cd
Store and use seconds for timeline time comments (#25392)
this will allow us to fully localize it later

PS: we can not migrate back as the old value was a one-way conversion


prepare for  #25213

---
*Sponsored by Kithara Software GmbH*
2023-06-23 12:12:39 +00:00
Jason Song
174213530d
Fix Permission in API returned repository struct (#25388)
The old code generates `structs.Repository.Permissions` with only
`access.Permission.AccessMode`, however, it should check the units too,
or the value could be incorrect. For example,
`structs.Repository.Permissions.Push` could be false even the doer has
write access to code unit.

Should fix
https://github.com/renovatebot/renovate/issues/14059#issuecomment-1047961128
(Not reported by it, I just found it when I was looking into this bug)

---

Review tips:

The major changes are
- `modules/structs/repo.go`
https://github.com/go-gitea/gitea/pull/25388/files#diff-870406f6857117f8b03611c43fca0ab9ed6d6e76a2d0069a7c1f17e8fa9092f7
- `services/convert/repository.go`
https://github.com/go-gitea/gitea/pull/25388/files#diff-7736f6d2ae894c9edb7729a80ab89aa183b888a26a811a0c1fdebd18726a7101

And other changes are passive.
2023-06-22 13:08:08 +00:00
sebastian-sauer
25455bc670
Show outdated comments in files changed tab (#24936)
If enabled show a clickable label in the comment. A click on the label
opens the Conversation tab with the comment focussed - there you're able
to view the old diff (or original diff the comment was created on).

**Screenshots**


![image](https://github.com/go-gitea/gitea/assets/1135157/63ab9571-a9ee-4900-9f02-94ab0095f9e7)

![image](https://github.com/go-gitea/gitea/assets/1135157/78f7c225-8d76-46f5-acfd-9b8aab988a6c)



When resolved and outdated:

![image](https://github.com/go-gitea/gitea/assets/1135157/6ece9ebd-c792-4aa5-9c35-628694e9d093)

Option to enable/disable this (stored in user settings - default is
disabled):

![image](https://github.com/go-gitea/gitea/assets/1135157/ed99dfe4-76dc-4c12-bd96-e7e62da50ab5)

![image](https://github.com/go-gitea/gitea/assets/1135157/e837a052-e92e-4a28-906d-9db5bacf93a6)



fixes #24913

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-06-21 16:08:12 +00:00
wxiaoguang
2cdf260f42
Refactor path & config system (#25330)
# The problem

There were many "path tricks":

* By default, Gitea uses its program directory as its work path
* Gitea tries to use the "work path" to guess its "custom path" and
"custom conf (app.ini)"
* Users might want to use other directories as work path
* The non-default work path should be passed to Gitea by GITEA_WORK_DIR
or "--work-path"
* But some Gitea processes are started without these values
    * The "serv" process started by OpenSSH server
    * The CLI sub-commands started by site admin
* The paths are guessed by SetCustomPathAndConf again and again
* The default values of "work path / custom path / custom conf" can be
changed when compiling

# The solution

* Use `InitWorkPathAndCommonConfig` to handle these path tricks, and use
test code to cover its behaviors.
* When Gitea's web server runs, write the WORK_PATH to "app.ini", this
value must be the most correct one, because if this value is not right,
users would find that the web UI doesn't work and then they should be
able to fix it.
* Then all other sub-commands can use the WORK_PATH in app.ini to
initialize their paths.
* By the way, when Gitea starts for git protocol, it shouldn't output
any log, otherwise the git protocol gets broken and client blocks
forever.

The "work path" priority is: WORK_PATH in app.ini > cmd arg --work-path
> env var GITEA_WORK_DIR > builtin default

The "app.ini" searching order is: cmd arg --config > cmd arg "work path
/ custom path" > env var "work path / custom path" > builtin default


## ⚠️ BREAKING

If your instance's "work path / custom path / custom conf" doesn't meet
the requirements (eg: work path must be absolute), Gitea will report a
fatal error and exit. You need to set these values according to the
error log.



----

Close #24818
Close #24222
Close #21606
Close #21498
Close #25107
Close #24981
Maybe close #24503

Replace #23301
Replace #22754

And maybe more
2023-06-21 13:50:26 +08:00
HesterG
1454f9dafc
Add actor and status dropdowns to run list (#25118)
Part of #25042

1. Added actor and status dropdowns first in case something is offtrack
and PR is too large.

2. Also added "No results matched." and "The workflow has no runs yet.",
and "No results matched." will show if there is no filter results and
there is no workflows (with [reference to github
action](https://github.com/go-gitea/gitea/actions/workflows/files-changed.yml?query=actor%3AGiteaBot))

Demo:


https://github.com/go-gitea/gitea/assets/17645053/6e76292c-4c1f-450d-8b48-99944cfc920c


TODOs:

- [x] Get available status (same as those in `aggregateJobStatus`)
instead of getting from database
- [x] Use `JOIN` to get actors, actors order by name
- [x] Make self on top
2023-06-21 04:25:14 +00:00
sillyguodong
35a653d7ed
Support configuration variables on Gitea Actions (#24724)
Co-Author: @silverwind @wxiaoguang 
Replace: #24404

See:
- [defining configuration variables for multiple
workflows](https://docs.github.com/en/actions/learn-github-actions/variables#defining-configuration-variables-for-multiple-workflows)
- [vars
context](https://docs.github.com/en/actions/learn-github-actions/contexts#vars-context)

Related to:
- [x] protocol: https://gitea.com/gitea/actions-proto-def/pulls/7
- [x] act_runner: https://gitea.com/gitea/act_runner/pulls/157
- [x] act: https://gitea.com/gitea/act/pulls/43

#### Screenshoot
Create Variable:

![image](https://user-images.githubusercontent.com/33891828/236758288-032b7f64-44e7-48ea-b07d-de8b8b0e3729.png)


![image](https://user-images.githubusercontent.com/33891828/236758174-5203f64c-1d0e-4737-a5b0-62061dee86f8.png)

Workflow:
```yaml
  test_vars:
    runs-on: ubuntu-latest
    steps:
      - name: Print Custom Variables
        run: echo "${{ vars.test_key }}"
      - name: Try to print a non-exist var
        run: echo "${{ vars.NON_EXIST_VAR }}"
```

Actions Log:

![image](https://user-images.githubusercontent.com/33891828/236759075-af0c5950-368d-4758-a8ac-47a96e43b6e2.png)

---
This PR just implement the org / user (depends on the owner of the
current repository) and repo level variables, The Environment level
variables have not been implemented.
Because
[Environment](https://docs.github.com/en/actions/deployment/targeting-different-environments/using-environments-for-deployment#about-environments)
is a module separate from `Actions`. Maybe it would be better to create
a new PR to do it.

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-20 22:54:15 +00:00
Lunny Xiao
54259dbf37
Fix blank dir message when uploading files from web editor (#25391)
Fix #7883
2023-06-20 19:58:03 +00:00
wxiaoguang
b4e4b7ad51
Make backend code respond correct JSON when creating PR (#25353)
Fix #25351
2023-06-19 08:25:36 +00:00
wxiaoguang
a1c5057fe8
Batch delete issue and improve tippy opts (#25253)
1. Add "batch delete" button for selected issues, close #22273
2. Address the review in
https://github.com/go-gitea/gitea/pull/25219#discussion_r1229266083
2023-06-19 15:46:50 +08:00
wxiaoguang
4e2f1ee58d
Refactor web package and context package (#25298)
1. The "web" package shouldn't depends on "modules/context" package,
instead, let each "web context" register themselves to the "web"
package.
2. The old Init/Free doesn't make sense, so simplify it
* The ctx in "Init(ctx)" is never used, and shouldn't be used that way
* The "Free" is never called and shouldn't be called because the SSPI
instance is shared

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-18 09:59:09 +02:00
wxiaoguang
b71cb7acdc
Use fetch to send requests to create issues/comments (#25258)
Follow #23290

Network error won't make content lost. And this is a much better
approach than "loading-button".

The UI is not perfect and there are still some TODOs, they can be done
in following PRs, not a must in this PR's scope.

<details>


![image](https://github.com/go-gitea/gitea/assets/2114189/c94ba958-aa46-4747-8ddf-6584deeed25c)

</details>
2023-06-16 06:32:43 +00:00
JakobDev
a305c37e62
Show if File is Executable (#25287)
This simply shows if a File has the executable Permission


![grafik](https://github.com/go-gitea/gitea/assets/15185051/1d50c105-6d55-4ecc-808a-c9cd5559d238)

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-16 07:46:12 +02:00
wxiaoguang
73ae71824d
Show OAuth2 errors to end users (#25261)
Partially fix #23936


![image](https://github.com/go-gitea/gitea/assets/2114189/8aa7f3ad-a5f0-42ce-a478-289a03bd08a3)


![image](https://github.com/go-gitea/gitea/assets/2114189/bb901e7d-485a-47a5-b68d-9ebe7013a6b2)


![image](https://github.com/go-gitea/gitea/assets/2114189/9a1ce0f3-f011-4baf-8e2f-cc6304bc9703)
2023-06-15 01:12:50 +00:00
HesterG
a43ea22479
Change form actions to fetch for submit review box (#25219)
Co-author: @wxiaoguang 

Close #25096 

The way to fix it in this PR is to change form submit to fetch using
formData, and add flags to avoid post repeatedly.
Should be able to apply to more forms that have the same issue after
this PR.

In the demo below, 'approve' is clicked several times, and then
'comment' is clicked several time after 'request changes' clicked.

After:


https://github.com/go-gitea/gitea/assets/17645053/beabeb1d-fe66-4b76-b048-4f022b4e83a0


Update: screenshots from /devtest

>
![image](https://user-images.githubusercontent.com/2114189/245680011-ee4231e0-a53d-4c2a-a9c2-71ccd98005cc.png)
> 
>
![image](https://user-images.githubusercontent.com/2114189/245680057-9215d348-63d8-406d-8828-17e171163aaa.png)
> 
>
![image](https://user-images.githubusercontent.com/2114189/245680148-89d7b3d1-d7b6-442f-b69e-eadaee112482.png)

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-14 16:01:37 +08:00
Lunny Xiao
d6dd6d641b
Fix all possible setting error related storages and added some tests (#23911)
Follow up #22405

Fix #20703 

This PR rewrites storage configuration read sequences with some breaks
and tests. It becomes more strict than before and also fixed some
inherit problems.

- Move storage's MinioConfig struct into setting, so after the
configuration loading, the values will be stored into the struct but not
still on some section.
- All storages configurations should be stored on one section,
configuration items cannot be overrided by multiple sections. The
prioioty of configuration is `[attachment]` > `[storage.attachments]` |
`[storage.customized]` > `[storage]` > `default`
- For extra override configuration items, currently are `SERVE_DIRECT`,
`MINIO_BASE_PATH`, `MINIO_BUCKET`, which could be configured in another
section. The prioioty of the override configuration is `[attachment]` >
`[storage.attachments]` > `default`.
- Add more tests for storages configurations.
- Update the storage documentations.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-14 11:42:38 +08:00
sillyguodong
8228751c55
Support changing labels of Actions runner without re-registration (#24806)
close #24540

related:
- Protocol: https://gitea.com/gitea/actions-proto-def/pulls/9
- Runner side: https://gitea.com/gitea/act_runner/pulls/201

changes:
- Add column of `labels` to table `action_runner`, and combine the value
of `agent_labels` and `custom_labels` column to `labels` column.
- Store `labels` when registering `act_runner`.
- Update `labels` when `act_runner` starting and calling `Declare`.
- Users cannot modify the `custom labels` in edit page any more.

other changes:
- Store `version` when registering `act_runner`.
- If runner is latest version, parse version from `Declare`. But older
version runner still parse version from request header.
2023-06-13 22:28:31 +08:00
yp05327
22a39bb961
Fix profile render when the README.md size is larger than 1024 bytes (#25131)
Fixes https://github.com/go-gitea/gitea/issues/25094

`GetBlobContent` will only get the first 1024 bytes, if the README.md
size is larger than 1024 bytes,
We can not render the rest of them.
After this fix, we should provide the limited size to read when call
`GetBlobContent`.

After:

![image](https://github.com/go-gitea/gitea/assets/18380374/22a42936-4cf8-40b4-a5c7-e384082beb0d)

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-13 09:02:25 +00:00
Lunny Xiao
feb38da259
Fix bug for code search if code is disabled (#25173)
Fix https://github.com/go-gitea/gitea/pull/24189/files#r1224144768
2023-06-09 19:02:33 +00:00
Vladimir Buyanov
3bdd48016f
Add codeowners feature (#24910)
Hello.
This PR adds a github like configuration for the CODEOWNERS file.

Resolves: #10161
2023-06-08 16:56:05 +08:00
Zettat123
679b1f7949
Fix MilestoneIDs when querying issues (#25125)
Fix #25114
2023-06-08 08:08:35 +00:00
zeripath
036fb7861f
Clean up WebAuthn javascript code and remove JQuery code (#22697)
There were several issues with the WebAuthn registration and testing
code and the style
was very old javascript with jquery callbacks.

This PR uses async and fetch to replace the JQuery code.

Ref #22651

Signed-off-by: Andrew Thornton <art27@cantab.net>

---------

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: silverwind <me@silverwind.io>
2023-06-06 13:29:37 +08:00
Denys Konovalov
ca35dec18b
Add ability to set multiple redirect URIs in OAuth application UI (#25072)
OAuth applications can already have multiple redirect URIs if
created/edited over API.

This change allows for setting multiple redirect URIs through the UI as
a comma-separated list (e. g.
`https://example.org/redirect,https://redirect.example.org`)

<details>
<summary>Screenshots</summary>

![Bildschirmfoto vom 2023-06-04
17-14-40](https://github.com/go-gitea/gitea/assets/47871822/2206dc32-e7e4-4953-9ecb-e098890b3f54)
![Bildschirmfoto vom 2023-06-04
17-14-50](https://github.com/go-gitea/gitea/assets/47871822/cd97c73c-9310-44ee-a83a-b927a1ef94da)

</details>

Closes #25068
2023-06-05 15:00:12 +08:00
Jack Hay
18de83b2a3
Redesign Scoped Access Tokens (#24767)
## Changes
- Adds the following high level access scopes, each with `read` and
`write` levels:
    - `activitypub`
    - `admin` (hidden if user is not a site admin)
    - `misc`
    - `notification`
    - `organization`
    - `package`
    - `issue`
    - `repository`
    - `user`
- Adds new middleware function `tokenRequiresScopes()` in addition to
`reqToken()`
  -  `tokenRequiresScopes()` is used for each high-level api section
- _if_ a scoped token is present, checks that the required scope is
included based on the section and HTTP method
  - `reqToken()` is used for individual routes
- checks that required authentication is present (but does not check
scope levels as this will already have been handled by
`tokenRequiresScopes()`
- Adds migration to convert old scoped access tokens to the new set of
scopes
- Updates the user interface for scope selection

### User interface example
<img width="903" alt="Screen Shot 2023-05-31 at 1 56 55 PM"
src="https://github.com/go-gitea/gitea/assets/23248839/654766ec-2143-4f59-9037-3b51600e32f3">
<img width="917" alt="Screen Shot 2023-05-31 at 1 56 43 PM"
src="https://github.com/go-gitea/gitea/assets/23248839/1ad64081-012c-4a73-b393-66b30352654c">

## tokenRequiresScopes  Design Decision
- `tokenRequiresScopes()` was added to more reliably cover api routes.
For an incoming request, this function uses the given scope category
(say `AccessTokenScopeCategoryOrganization`) and the HTTP method (say
`DELETE`) and verifies that any scoped tokens in use include
`delete:organization`.
- `reqToken()` is used to enforce auth for individual routes that
require it. If a scoped token is not present for a request,
`tokenRequiresScopes()` will not return an error

## TODO
- [x] Alphabetize scope categories
- [x] Change 'public repos only' to a radio button (private vs public).
Also expand this to organizations
- [X] Disable token creation if no scopes selected. Alternatively, show
warning
- [x] `reqToken()` is missing from many `POST/DELETE` routes in the api.
`tokenRequiresScopes()` only checks that a given token has the correct
scope, `reqToken()` must be used to check that a token (or some other
auth) is present.
   -  _This should be addressed in this PR_
- [x] The migration should be reviewed very carefully in order to
minimize access changes to existing user tokens.
   - _This should be addressed in this PR_
- [x] Link to api to swagger documentation, clarify what
read/write/delete levels correspond to
- [x] Review cases where more than one scope is needed as this directly
deviates from the api definition.
   - _This should be addressed in this PR_
   - For example: 
   ```go
	m.Group("/users/{username}/orgs", func() {
		m.Get("", reqToken(), org.ListUserOrgs)
		m.Get("/{org}/permissions", reqToken(), org.GetUserOrgsPermissions)
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser,
auth_model.AccessTokenScopeCategoryOrganization),
context_service.UserAssignmentAPI())
   ```

## Future improvements
- [ ] Add required scopes to swagger documentation
- [ ] Redesign `reqToken()` to be opt-out rather than opt-in
- [ ] Subdivide scopes like `repository`
- [ ] Once a token is created, if it has no scopes, we should display
text instead of an empty bullet point
- [ ] If the 'public repos only' option is selected, should read
categories be selected by default

Closes #24501
Closes #24799

Co-authored-by: Jonathan Tran <jon@allspice.io>
Co-authored-by: Kyle D <kdumontnu@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2023-06-04 20:57:16 +02:00
wxiaoguang
520eb57d76
Use a separate admin page to show global stats, remove actions stat (#25062)
Before, Gitea shows the database table stats on the `admin dashboard`
page.

It has some problems:

* `count(*)` is quite heavy. If tables have many records, this blocks
loading the admin page blocks for a long time
* Some users had even reported issues that they can't visit their admin
page because this page causes blocking or `50x error (reverse proxy
timeout)`
* The `actions` stat is not useful. The table is simply too large. Does
it really matter if it contains 1,000,000 rows or 9,999,999 rows?
* The translation `admin.dashboard.statistic_info` is difficult to
maintain.

So, this PR uses a separate page to show the stats and removes the
`actions` stat.


![image](https://github.com/go-gitea/gitea/assets/2114189/babf7c61-b93b-4a62-bfaa-22983636427e)

## ⚠️ BREAKING

The `actions` Prometheus metrics collector has been removed for the
reasons mentioned beforehand.
Please do not rely on its output anymore.
2023-06-03 22:03:41 +08:00
Denys Konovalov
7d855efb1f
Allow for PKCE flow without client secret + add docs (#25033)
The PKCE flow according to [RFC
7636](https://datatracker.ietf.org/doc/html/rfc7636) allows for secure
authorization without the requirement to provide a client secret for the
OAuth app.

It is implemented in Gitea since #5378 (v1.8.0), however without being
able to omit client secret.
Since #21316 Gitea supports setting client type at OAuth app
registration.

As public clients are already forced to use PKCE since #21316, in this
PR the client secret check is being skipped if a public client is
detected. As Gitea seems to implement PKCE authorization correctly
according to the spec, this would allow for PKCE flow without providing
a client secret.

Also add some docs for it, please check language as I'm not a native
English speaker.

Closes #17107
Closes #25047
2023-06-03 05:59:28 +02:00
Lunny Xiao
5d23c885ed
Fix users cannot visit issue attachment bug (#25019)
Caused by #24362

Co-authored-by: Giteabot <teabot@gitea.io>
2023-05-31 19:06:17 +02:00
delvh
bf27fc3596
Merge new project templates into one (#24985)
Additionally simplify the `new project` template slightly.

Review hint: Disable whitespace changes.

<details><summary>Before</summary>

## New repo project

![grafik](https://github.com/go-gitea/gitea/assets/51889757/4de977e8-3688-45cd-8832-49b001e6f249)

## Edit repo project

![grafik](https://github.com/go-gitea/gitea/assets/51889757/daaf353f-6c99-48bd-b37a-a3bc64459079)

## New user/org project

![grafik](https://github.com/go-gitea/gitea/assets/51889757/6a5a3be5-f51a-4599-b75c-7adb9710d2fa)

## Edit user/org project

![grafik](https://github.com/go-gitea/gitea/assets/51889757/a4768f49-cf46-4773-8a0f-54dfdcc1c1b8)
</details>

<details><summary>After</summary>

## New repo project

![grafik](https://github.com/go-gitea/gitea/assets/51889757/3d0ac8a0-850a-4743-963c-71c66ef38d07)

## Edit repo project

![grafik](https://github.com/go-gitea/gitea/assets/51889757/6b86a1cd-e360-4a9b-aaf7-af032d0d991a)

## New user/org project

![grafik](https://github.com/go-gitea/gitea/assets/51889757/a7b0964c-e4c7-4924-842a-52a58499bc36)

## Edit user/org project

![grafik](https://github.com/go-gitea/gitea/assets/51889757/0fbc5605-afee-49bd-a44a-8646f8c55681)
</details>

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-05-31 08:50:18 +02:00
HesterG
28a89e360f
Add user level action runners (#24995)
Used similar logic to organization.

<img width="1437" alt="Screen Shot 2023-05-30 at 10 18 06"
src="https://github.com/go-gitea/gitea/assets/17645053/49f3800a-44ae-4188-b1e6-91d49e3d7868">

<img width="1331" alt="Screen Shot 2023-05-30 at 10 31 18"
src="https://github.com/go-gitea/gitea/assets/17645053/221b2068-e9b9-4e34-bb4a-d390594b2f35">
2023-05-31 09:39:54 +08:00
JakobDev
1b115296d3
Followup to pinned Issues (#24945)
This addressees some things from #24406 that came up after the PR was
merged. Mostly from @delvh.

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: delvh <dev.lh@web.de>
2023-05-30 15:26:51 +00:00
Panagiotis "Ivory" Vasilopoulos
35ce7ca25b
Hide 'Mirror Settings' when unneeded, improve hints (#24433)
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-05-29 11:32:52 +00:00
Denys Konovalov
275d4b7e3f
API endpoint for changing/creating/deleting multiple files (#24887)
This PR creates an API endpoint for creating/updating/deleting multiple
files in one API call similar to the solution provided by
[GitLab](https://docs.gitlab.com/ee/api/commits.html#create-a-commit-with-multiple-files-and-actions).

To archive this, the CreateOrUpdateRepoFile and DeleteRepoFIle functions
in files service are unified into one function supporting multiple files
and actions.

Resolves #14619
2023-05-29 17:41:35 +08:00
Zettat123
28077e66c0
Add step start time to ViewStepLog (#24980)
Part of #24876

According to
https://github.com/go-gitea/gitea/pull/24876#discussion_r1205565622 , we
need the start time of the step to get the log time offset.
2023-05-29 08:18:36 +00:00
JakobDev
85fa954a38
Improve some Forms (#24878)
Don't really know a better name for this. I've gone through some Forms
and added missing HTML attributes (mostly `maxlength`). I tried to fill
the Forms with dummy Data and see if Gitea throws a Error (e.g. maximum
length). If yes, I added the missing HTML attribute.

While working on this, I discovered that the Form to add OAuth2 Apps
just silently fails when filled with invalid data, so I fixed that too.
2023-05-26 09:42:54 +00:00
wxiaoguang
18f26cfbf7
Improve queue and logger context (#24924)
Before there was a "graceful function": RunWithShutdownFns, it's mainly
for some modules which doesn't support context.

The old queue system doesn't work well with context, so the old queues
need it.

After the queue refactoring, the new queue works with context well, so,
use Golang context as much as possible, the `RunWithShutdownFns` could
be removed (replaced by RunWithCancel for context cancel mechanism), the
related code could be simplified.

This PR also fixes some legacy queue-init problems, eg:

* typo : archiver: "unable to create codes indexer queue" => "unable to
create repo-archive queue"
* no nil check for failed queues, which causes unfriendly panic

After this PR, many goroutines could have better display name:

![image](https://github.com/go-gitea/gitea/assets/2114189/701b2a9b-8065-4137-aeaa-0bda2b34604a)

![image](https://github.com/go-gitea/gitea/assets/2114189/f1d5f50f-0534-40f0-b0be-f2c9daa5fe92)
2023-05-26 07:31:55 +00:00
Lunny Xiao
f9cfd6ce5b
Use the type RefName for all the needed places and fix pull mirror sync bugs (#24634)
This PR replaces all string refName as a type `git.RefName` to make the
code more maintainable.

Fix #15367
Replaces #23070 
It also fixed a bug that tags are not sync because `git remote --prune
origin` will not remove local tags if remote removed.

We in fact should use `git fetch --prune --tags origin` but not `git
remote update origin` to do the sync.

Some answer from ChatGPT as ref.

> If the git fetch --prune --tags command is not working as expected,
there could be a few reasons why. Here are a few things to check:
> 
>Make sure that you have the latest version of Git installed on your
system. You can check the version by running git --version in your
terminal. If you have an outdated version, try updating Git and see if
that resolves the issue.
> 
>Check that your Git repository is properly configured to track the
remote repository's tags. You can check this by running git config
--get-all remote.origin.fetch and verifying that it includes
+refs/tags/*:refs/tags/*. If it does not, you can add it by running git
config --add remote.origin.fetch "+refs/tags/*:refs/tags/*".
> 
>Verify that the tags you are trying to prune actually exist on the
remote repository. You can do this by running git ls-remote --tags
origin to list all the tags on the remote repository.
> 
>Check if any local tags have been created that match the names of tags
on the remote repository. If so, these local tags may be preventing the
git fetch --prune --tags command from working properly. You can delete
local tags using the git tag -d command.

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-05-26 01:04:48 +00:00
JakobDev
aaa1094663
Add the ability to pin Issues (#24406)
This adds the ability to pin important Issues and Pull Requests. You can
also move pinned Issues around to change their Position. Resolves #2175.

## Screenshots

![grafik](https://user-images.githubusercontent.com/15185051/235123207-0aa39869-bb48-45c3-abe2-ba1e836046ec.png)

![grafik](https://user-images.githubusercontent.com/15185051/235123297-152a16ea-a857-451d-9a42-61f2cd54dd75.png)

![grafik](https://user-images.githubusercontent.com/15185051/235640782-cbfe25ec-6254-479a-a3de-133e585d7a2d.png)

The Design was mostly copied from the Projects Board.

## Implementation
This uses a new `pin_order` Column in the `issue` table. If the value is
set to 0, the Issue is not pinned. If it's set to a bigger value, the
value is the Position. 1 means it's the first pinned Issue, 2 means it's
the second one etc. This is dived into Issues and Pull requests for each
Repo.

## TODO
- [x] You can currently pin as many Issues as you want. Maybe we should
add a Limit, which is configurable. GitHub uses 3, but I prefer 6, as
this is better for bigger Projects, but I'm open for suggestions.
- [x] Pin and Unpin events need to be added to the Issue history.
- [x] Tests
- [x] Migration

**The feature itself is currently fully working, so tester who may find
weird edge cases are very welcome!**

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-05-25 15:17:19 +02:00
谈笑风生间
309354c70e
New webhook trigger for receiving Pull Request review requests (#24481)
close https://github.com/go-gitea/gitea/issues/16321

Provided a webhook trigger for requesting someone to review the Pull
Request.

Some modifications have been made to the returned `PullRequestPayload`
based on the GitHub webhook settings, including:
- add a description of the current reviewer object as
`RequestedReviewer` .
- setting the action to either **review_requested** or
**review_request_removed** based on the operation.
- adding the `RequestedReviewers` field to the issues_model.PullRequest.
This field will be loaded into the PullRequest through
`LoadRequestedReviewers()` when `ToAPIPullRequest` is called.

After the Pull Request is merged, I will supplement the relevant
documentation.
2023-05-24 22:06:27 -04:00
Brecht Van Lommel
1bfa37ada2
Create pull request for base after editing file, if not enabled on fork (#24841)
Currently if pull requests are disabled on a fork but enabled on a base
repo, creating/editing/deleting files does not offer the option to
create a pull request. This change enables creating a pull request for
the base repo in that case.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-05-24 21:36:02 +00:00
wxiaoguang
abcf5a7b5e
Fix install page context, make the install page tests really test (#24858)
Fix #24856

Rename "context.contextKey" to "context.WebContextKey", this context is
for web context only. But the Context itself is not renamed, otherwise
it would cause a lot of changes (if we really want to rename it, there
could be a separate PR).

The old test code doesn't really test, the "install page" gets broken
not only one time, so use new test code to make sure the "install page"
could work.
2023-05-23 09:29:15 +08:00
yp05327
bebc3433c5
Add IsErrRepoFilesAlreadyExist check when fork repo (#24678)
Before:

![image](https://github.com/go-gitea/gitea/assets/18380374/e9e3de75-eb6e-418e-9227-ef4e5f448a04)
After:

![image](https://github.com/go-gitea/gitea/assets/18380374/74b1cd6c-c5b1-4ee0-a1d8-6b3fb8d3a8e9)
2023-05-22 18:21:46 +08:00