Commit Graph

9679 Commits

Author SHA1 Message Date
6543 40a7660038
Fix error create comment on outdated file (#13041) (#13042)
* FIX

* more specific

Co-authored-by: techknowlogick <techknowlogick@gitea.io>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-06 14:38:08 +08:00
James Lakin b05e178138
Fix repository create/delete event webhooks (#13008) (#13027) 2020-10-04 17:42:03 -04:00
techknowlogick 96918a442b
Fix 500 on README in submodule (#13006) (#13016)
If a README file is a symlink to a submodule Gitea the view branch page
will return a 500.

The underlying problem is a missed conversion of an
plumbing.ErrObjectNotFound in git/tree_blob.go.

Fix #12599

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-10-02 10:39:14 -04:00
John Olheiser aa1d9ef6cb
Changelog 1.12.5 (#13002)
* Changelog 1.12.5

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update CHANGELOG.md

* Update CHANGELOG.md

Co-authored-by: techknowlogick <matti@mdranta.net>

* Apply suggestions from code review

Co-authored-by: techknowlogick <matti@mdranta.net>

Co-authored-by: techknowlogick <matti@mdranta.net>
2020-10-01 13:35:22 -05:00
techknowlogick 20a75f86a1
allow U2F with default settings for gitea in subpath (#12990) (#13001)
* allow U2F with default settings for gitea in subpath

* use trim suffix

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-10-01 13:22:49 -04:00
techknowlogick c1c5e00d20
Prevent empty div when editing comment (#12404) (#12991)
* Prevent empty div when editing comment

The template for attachments needs to remove whitespace and return empty when there are no attachments.

Fix #10220

Co-authored-by: zeripath <art27@cantab.net>
2020-10-01 09:25:57 +08:00
6543 3e279dfb0b
Mirror: Update DB on Address-Update too (#12964) (#12967)
* Mirror: Update DB on Address-Update too (#12964)

* Mirror: Update DB on Address-Update too

* new name for function to better describe

* fix lint
2020-09-28 21:52:13 +02:00
zeripath e9346fc4a9
Allow extended config on cron settings (#12939) (#12943)
Backport #12939

Fix #12934

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-25 10:19:20 -05:00
zeripath b62e13a001
Open transaction when adding Avatar email-hash pairs to the DB (#12577) (#12940)
Backport #12577

When adding Avatar email-hash pairs we simply want the DB table to
represent a Set. We don't care if the hash-pair is already present,
so we just simply Insert and ignore the error.

Unfortunately this seems to cause some DBs to log the duplicate
insert to their logs - looking like a bug a in Gitea.

Now, there is no standard way in SQL to say Insert but if there's
an error ignore it. MySQL has INSERT IGNORE, PostgreSQL >= 9.5 has
INSERT ... ON CONFLICT DO NOTHING, but I do not believe that SQLite
or MSSQL have variants.

This PR places the insert in a transaction which we are happy to fail
if there is an error - hopefully this will stop the unnecessary
logging.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-24 18:36:26 -04:00
赵智超 470b195da1
Fix ListUserOrgs (#12910) (#12915)
fix #12891

Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: Lauris BH <lauris@nix.lv>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-09-21 01:04:33 -04:00
zeripath 09178300b0
Update only the repository columns that need updating (#12900) (#12912)
Backport #12900

We should only update is_empty, default_branch and updated time columns
during commitRepoAction and not update other columns as we risk
overwriting incorrect information.

Fix #11823
Fix #10536

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-21 09:06:23 +08:00
mrsdizzie 23aae3274a
Fix panic when adding long comment (#12892) (#12894)
Previous PR #12881 causes out of bounds panic by working on wrong string.
2020-09-18 16:45:00 -04:00
6543 a98bf03204
Convert User expose ID each time (#12855) (#12883)
* Convert User expose ID each time (#12855)

* git blame tells me a lot of gitea things happen here around 2018, add header

* move user code int its own file

* expose user id

* adopt things from APIFormat

* fix test

* CI.restart()

* No Refactor

* CI.restart()

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-09-18 12:56:16 -04:00
赵智超 65aef7b35f
Add size limit for content of comment on action ui (#12881) (#12890)
Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: mrsdizzie <info@mrsdizzie.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Co-authored-by: mrsdizzie <info@mrsdizzie.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-18 19:58:49 +08:00
Lunny Xiao 65ef634d5c
Fix pgsql migration test (#12844) (#12884)
Co-authored-by: Lauris BH <lauris@nix.lv>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-09-18 16:28:13 +08:00
6543 869fd17b88
Fix [API] CreateRepo missing information (#12848) (#12867)
* Fix [API] [Bug] CreateRepo missing information (#12848)

* Fix [API] [Bug] CreateRepo missing information

* add code comment

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

* CI.restart()

* CI.restart()

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2020-09-18 13:58:04 +08:00
zeripath d624e91c0c
Support slashes in release tags (#12864) (#12882)
Backport #12864

Fix #12861

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-17 15:33:48 -05:00
Lunny Xiao 62a3c847cd
Fix migration v111 (#12868) 2020-09-16 10:37:04 +03:00
zeripath 3a02f0896e
Escape more things that are passed through str2html (#12622) (#12850)
Backport #12622

* Escape more things that are passed through str2html

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Bloody editors!

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update routers/user/oauth.go
2020-09-15 18:43:10 -04:00
zeripath 408db95dc1
Fix notifications page links (#12838) (#12853)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-15 17:53:30 +01:00
6543 6305f07fdc
On Migration respect old DefaultBranch (#12843) (#12858)
* On Migration respect old DefaultBranch

* add DefaultBranch int test set

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-09-15 12:12:07 -04:00
zeripath ff9d99f63d
Stop cloning unnecessarily on PR update (#12839) (#12852)
Backport #12839

Fix #12740

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-15 13:09:25 +03:00
techknowlogick 37572551d7
Remove double escape on labels addition in comments (#12809) (#12810)
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-09-11 00:56:12 -04:00
赵智超 0ee823be0b
Fix "only mail on mention" bug (#12775) (#12789)
* fix mail mention bug

fix #12774

Signed-off-by: a1012112796 <1012112796@qq.com>

* fix test

Co-authored-by: techknowlogick <techknowlogick@gitea.io>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-10 11:32:54 +03:00
zeripath 062ea40a79
Fix yet another bug with diff file names (#12771) (#12776)
Backport #12771

Following further testing it has become apparent that the diff line
cannot be used to determine filenames for diffs with any sort of predictability
the answer therefore is to use the other lines that are provided with a diff

Fix #12768

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-09 19:03:54 +01:00
6543 7a25441abe
gitea dump: include version & Check InstallLock (#12760) (#12762)
* gitea dump: include version

* Check InstallLock
2020-09-07 20:44:45 -04:00
6543 dc71d00393
RepoInit Respect AlternateDefaultBranch (#12746) (#12751) 2020-09-06 18:03:50 -04:00
6543 0bb56a413d
Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear) (#12745) (#12750)
* Update Vendor github.com/nfnt/resize

* switch resize algo NearestNeighbor -> Bilinear
2020-09-06 22:14:59 +01:00
6543 2806a312e1
[Backport] Fix go1.15 lint error in modules/public/public.go (#12707) (#12708)
* fix go1.15 lint error in modules/public/public.go

* CI.restart()
2020-09-04 08:28:08 +03:00
techknowlogick 8a51c48eb6
Changelog for 1.12.4 release (#12687)
Co-authored-by: zeripath <art27@cantab.net>
2020-09-03 17:00:13 -04:00
6543 0fa538e552
[Backport] Fix comment broken issue ref dependence (#12651) (#12692)
* deleteIssuesByRepoID: delete related CommentTypeRemoveDependency & CommentTypeAddDependency comments too

* Ignore ErrIssueNotExist on comment.LoadDepIssueDetails()

* CI.restart()
2020-09-03 17:23:36 +08:00
6543 69e4b6910b
Make default StaticRootPath compile time settable (#12371) (#12652)
Make it possible to compile the default location of StaticRootPath independent from AppWorkPath

Co-authored-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-02 19:12:24 -04:00
techknowlogick 0e9dcc9500
When reading expired sessions - expire them (#12686) (#12690)
* When reading expired sessions - expire them

Update to latest macaron/session following merge of
https://gitea.com/macaron/session/pulls/11

Also remove old memory provider as 11 updates the memory provider to
make it unnecessary.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* and macaron/session/pulls/12

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-09-02 18:51:56 -04:00
6543 87f02d90cf
Escape provider name in oauth2 provider redirect (#12650)
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
2020-08-30 23:55:19 +01:00
John Olheiser 21cd7ab812
Mark Cache with ini tag (#12605) (#12611)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-08-26 11:53:14 -04:00
John Olheiser 981216c9fe
Escape Email in forgot_password.tmpl (#12610) (#12612)
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-08-26 10:12:09 -05:00
techknowlogick cfbfb73c56
go1.15 on windows (#12589) (#12593)
We don't support go1.15 on 1.12.x branch, however this will allow users who chose to build with go1.15 on windows to be successful
2020-08-24 18:38:47 -04:00
zeripath 4a548a0332
Fix diff path unquoting (#12554) (#12575)
Backport #12554

* Fix diff path unquoting

services/gitdiff/gitdiff.go whereby there it assumed that the path would
always be quoted on both sides

This PR simplifies the code here and uses fmt.Fscanf to parse the
strings as necessary.

Fix #12546

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add testcase as per @mrsdizzie

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-23 16:58:09 +03:00
zeripath 8bf2ee1e02
Skip SSPI authentication attempts for /api/internal (#12556) (#12559)
Backport #12556

SSPI fails badly on authentication attempts to /api/internal which
it can never succesfully authenticate.

Fix #11260

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-08-22 17:09:14 -04:00
zeripath a687980412
Default empty merger list to those with write permissions (#12535) (#12560)
Backport #12535

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-08-22 23:35:56 +03:00
zeripath 1f85815a3b
models: break out of loop (#12386) (#12561)
Backport #12386

Co-authored-by: Lars Lehtonen <lars.lehtonen@gmail.com>
2020-08-22 16:22:07 +01:00
silverwind ee5e5a5093
Improve HTML escaping helper (#12562)
The previous method did not escape single quotes which under some
circumstances can lead to XSS vulnerabilites and the fact that it
depends on jQuery is also not ideal. Replace it with a lightweight
module.
2020-08-22 13:36:56 +01:00
zeripath 03ba12aabf
Prevent NPE on commenting on lines with invalidated comments (#12549) (#12550)
* Prevent NPE on commenting on lines with invalidated comments

Only check for a review if we are replying to a previous review.

Prevent the NPE in #12239 by assuming that a comment without a Review is
non-pending.

Fix #12239

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add hack around to show the broken comments

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-21 10:52:20 +03:00
John Olheiser 24ed1b5feb
Remove hardcoded ES indexername (#12521) (#12526)
Co-authored-by: Wim <wim@42.be>
2020-08-18 21:42:22 -04:00
zeripath 8282697734
Keys should not verify revoked email addresses (#12486) (#12495)
Backport #12486

Fix #6778

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-08-17 12:06:31 -04:00
techknowlogick ec48618d40
Fix bug preventing transfer to private organization (#12497) (#12501)
* Fix bug preventing transfer to private organization

The code assessing whether a private organization was visible to a user before
allowing transfer was incorrect due to testing membership the wrong way round

This PR fixes this issue and renames the function performing the test to be
clearer.

Further looking at the API for transfer repository - no testing was
performed to ensure that the acting user could actually see the new
owning organization.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* change IsUserPartOfOrg everywhere

Co-authored-by: zeripath <art27@cantab.net>
2020-08-17 09:32:33 +03:00
techknowlogick f0dd07129a
Do not add prefix on http/https submodule links (#12477) (#12479)
Fix #12345

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-08-13 11:53:40 -04:00
techknowlogick 6d3b8141df
Fix ignored login on compare (#12476) (#12478)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-08-12 16:36:22 -04:00
techknowlogick 13c4c7a132
Match GH with Commit page (#12425) (#12431)
Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-08-05 15:49:12 +08:00
techknowlogick 6015d30dd6
Fix incorrect error logging in Stats indexer and OAuth2 (#12387) (#12422)
* Fix incorrect logging in oauth2.go

Fix #11945

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Handle ErrAlreadyInQueue in stats indexer

Fix #12380

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fixes type in error message of indexer

Add the missing character in the error message.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lieven Hollevoet <hollie@lika.be>

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lieven Hollevoet <hollie@lika.be>
2020-08-04 16:27:43 +08:00