* Add configurable Trust Models
Gitea's default signature verification model differs from GitHub. GitHub
uses signatures to verify that the committer is who they say they are -
meaning that when GitHub makes a signed commit it must be the committer.
The GitHub model prevents re-publishing of commits after revocation of a
key and prevents re-signing of other people's commits to create a
completely trusted repository signed by one key or a set of trusted
keys.
The default behaviour of Gitea in contrast is to always display the
avatar and information related to a signature. This allows signatures to
be decoupled from the committer. That being said, allowing arbitary
users to present other peoples commits as theirs is not necessarily
desired therefore we have a trust model whereby signatures from
collaborators are marked trusted, signatures matching the commit line
are marked untrusted and signatures that match a user in the db but not
the committer line are marked unmatched.
The problem with this model is that this conflicts with Github therefore
we need to provide an option to allow users to choose the Github model
should they wish to.
Signed-off-by: Andrew Thornton <[email protected]>
* Adjust locale strings
Signed-off-by: Andrew Thornton <[email protected]>
* as per @6543
Co-authored-by: 6543 <[email protected]>
* Update models/gpg_key.go
* Add migration for repository
Signed-off-by: Andrew Thornton <[email protected]>
Co-authored-by: 6543 <[email protected]>
Co-authored-by: Lunny Xiao <[email protected]>
* Add a storage layer for attachments
* Fix some bug
* fix test
* Fix copyright head and lint
* Fix bug
* Add setting for minio and flags for migrate-storage
* Add documents
* fix lint
* Add test for minio store type on attachments
* fix test
* fix test
* Apply suggestions from code review
Co-authored-by: guillep2k <[email protected]>
* Add warning when storage migrated successfully
* Fix drone
* fix test
* rebase
* Fix test
* display the error on console
* Move minio test to amd64 since minio docker don't support arm64
* refactor the codes
* add trace
* Fix test
* remove log on xorm
* Fi download bug
* Add a storage layer for attachments
* Add setting for minio and flags for migrate-storage
* fix lint
* Add test for minio store type on attachments
* Apply suggestions from code review
Co-authored-by: guillep2k <[email protected]>
* Fix drone
* fix test
* Fix test
* display the error on console
* Move minio test to amd64 since minio docker don't support arm64
* refactor the codes
* add trace
* Fix test
* Add URL function to serve attachments directly from S3/Minio
* Add ability to enable/disable redirection in attachment configuration
* Fix typo
* Add a storage layer for attachments
* Add setting for minio and flags for migrate-storage
* fix lint
* Add test for minio store type on attachments
* Apply suggestions from code review
Co-authored-by: guillep2k <[email protected]>
* Fix drone
* fix test
* Fix test
* display the error on console
* Move minio test to amd64 since minio docker don't support arm64
* don't change unrelated files
* Fix lint
* Fix build
* update go.mod and go.sum
* Use github.com/minio/minio-go/v6
* Remove unused function
* Upgrade minio to v7 and some other improvements
* fix lint
* Fix go mod
Co-authored-by: guillep2k <[email protected]>
Co-authored-by: Tyler <[email protected]>
This PR prevents 2 further ways of causing the redirect cookie to be set
to redirect back to /user/events
Signed-off-by: Andrew Thornton <[email protected]>
* Provide diff and patch API endpoints
The diff and patch endpoints on the main routes are not accessible by token
therefore we provide new API based endpoints for these
Fix#10923
Signed-off-by: Andrew Thornton <[email protected]>
* placate swagger
Signed-off-by: Andrew Thornton <[email protected]>
* Make the response an actual string
Signed-off-by: Andrew Thornton <[email protected]>
Co-authored-by: techknowlogick <[email protected]>
Co-authored-by: Lauris BH <[email protected]>
* add API specific InternalServerError()
Co-authored-by: zeripath <[email protected]>
* return 500 error msg only if not Production mode
* Revert "return 500 error msg only if not Production mode"
This reverts commit 8467b2cee6.
* InternalServerError
Co-authored-by: zeripath <[email protected]>
When "Must Change Password" simplify the navbar header to only show the
signout button as all other links will redirect back. This prevents the
notifications icon from showing preventing initialization of the
event-source and hence preventing redirect_to being set, however in
addition do not set the redirect_to cookie if we are looking at the
/user/events page.
Fix#11554
Signed-off-by: Andrew Thornton <[email protected]>
There is an unfortunate signature change with the api.Context
NotFound function; whereas the normal modules/context/Context
NotFound function requires an error or nil, the api.Context
variant will panic with an NPE if a nil is provided.
This PR will allow api.Context.NotFound to tolerate a being
passed a nil.
Signed-off-by: Andrew Thornton <[email protected]>
Co-authored-by: Lauris BH <[email protected]>
* routers: make /compare route available to unauthenticated users
Remove some bits of the compare interface if the user isn't signed in.
Notably, they don't need to see the "New Pull Request" button box nor the
hidden form that would fail to submit due to the POST request continuing to
require proper privileges.
Follow-up commits will improve the UI a bit around this, removing some
"Pull Request" verbiage in favor of "Compare."
* ui: home: show "compare" button for unauthenticated users
This change requires pulling in the BaseRepo unconditionally and
recording if the pull request is in-fact not allowed
(.PullRequestCtx.Allowed). If the user isn't allowed to create a pull
request, either because this isn't a fork or same-fork branch PRs aren't
allowed, then we'll name the button "Compare" instead of "Pull Request."
* ui: branch list: use the new Compare language when available
When viewing the branch listing as an unauthenticated user, you'll get
"Pull Request" buttons. use the new "Compare" verbiage instead, which
matches GitHub behavior when you can't issue a pull request from the
branches.
Co-authored-by: zeripath <[email protected]>
Co-authored-by: guillep2k <[email protected]>
* Fix wrong permissions check when issues/prs shared operations
* move redirect to the last of the function
* fix swagger
Co-authored-by: zeripath <[email protected]>
Co-authored-by: Lauris BH <[email protected]>
* Add require signed commit for protected branch
* Fix fmt
* Make editor show if they will be signed
* bugfix
* Add basic merge check and better information for CRUD
* linting comment
* Add descriptors to merge signing
* Slight refactor
* Slight improvement to appearances
* Handle Merge API
* manage CRUD API
* Move error to error.go
* Remove fix to delete.go
* prep for merge
* need to tolerate \r\n in message
* check protected branch before trying to load it
* Apply suggestions from code review
Co-Authored-By: guillep2k <[email protected]>
* fix commit-reader
Co-authored-by: guillep2k <[email protected]>
* use numbers and not http.Status___ enum
* fix test
* add many missing swagger responses
* code format
* Deletion Sould return 204 ...
* error handling improvements
* if special error type ... then add it to swagger too
* one smal nit
* invalidTopicsError is []string
* valid swagger specification 2.0
- if you add responses swagger can tell you if you do it right 👍
* use ctx.InternalServerError
* Revert "use numbers and not http.Status___ enum"
This reverts commit b1ff386e24.
* use http.Status* enum everywhere
* Add team permission setting to allow creating repo in organization.
Signed-off-by: David Svantesson <[email protected]>
* Add test case for creating repo when have team creation access.
Signed-off-by: David Svantesson <[email protected]>
* build error: should omit comparison to bool constant
Signed-off-by: David Svantesson <[email protected]>
* Add comment on exported functions
* Fix fixture consistency, fix existing unit tests
* Fix boolean comparison in xorm query.
* addCollaborator and changeCollaborationAccessMode separate steps
More clear to use different if-cases.
* Create and commit xorm session
* fix
* Add information of create repo permission in team sidebar
* Add migration step
* Clarify that repository creator will be administrator.
* Fix some things after merge
* Fix language text that use html
* migrations file
* Create repository permission -> Create repositories
* fix merge
* fix review comments
In investigating #7947 it has become clear that the storage component of go-git repositories needs closing.
This PR adds this Close function and adds the Close functions as necessary.
In TransferOwnership the ctx.Repo.GitRepo is closed if it is open to help prevent the risk of multiple open files.
Fixes#7947
editorconfig-core-go made breaking api changes and has recently released
v2.1.1. This change consumes the new api and fixes up any breaking
references.
* fix org visibility bug
* fix permission check
* add integration tests
* fix tests
* change test user name for easier maintainance and fix test
* fix test git repo name
Add support for repo_redirect objects in the git smart http
handler so that when a user clones a repo that has been moved
or renamed, they are redirected to the new location.
This requires that the query string be included in the redirect
as well, so that is added.
Signed-off-by: James E. Blair <[email protected]>
* Add log.ColorFormat and log.ColorFormatted
Structs can now implement log.ColorFormatted to provide their own
colored format when logged with `%-v` or additional flags.
Signed-off-by: Andrew Thornton <[email protected]>
* Add basic ColorFormat to repository and user
Signed-off-by: Andrew Thornton <[email protected]>
* Add basic ColorFormat to access and unit
Signed-off-by: Andrew Thornton <[email protected]>
* Add ColorFormat to permission and on trace log it
Signed-off-by: Andrew Thornton <[email protected]>
* Add log.NewColoredIDValue to make ID value coloring consistent
Signed-off-by: Andrew Thornton <[email protected]>
* formatting changes
* Add some better tracing to permission denied for read issues/pulls
Signed-off-by: Andrew Thornton <[email protected]>
* Add Trace logging on permission denied
Signed-off-by: Andrew Thornton <[email protected]>
* Remove isTrace() check from deferred func
* Adjust repo and allow logging of team
* use FormatInt instead of Itoa
* Add blank line
Signed-off-by: Andrew Thornton <[email protected]>
* Update access.go
* Use go-git for tree reading and commit info lookup.
Signed-off-by: Filip Navara <[email protected]>
* Use TreeEntry.IsRegular() instead of ObjectType that was removed.
Signed-off-by: Filip Navara <[email protected]>
* Use the treePath to optimize commit info search.
Signed-off-by: Filip Navara <[email protected]>
* Extract the latest commit at treePath along with the other commits.
Signed-off-by: Filip Navara <[email protected]>
* Fix listing commit info for a directory that was created in one commit and never modified after.
Signed-off-by: Filip Navara <[email protected]>
* Avoid nearly all external 'git' invocations when doing directory listing (.editorconfig code path is still hit).
Signed-off-by: Filip Navara <[email protected]>
* Use go-git for reading blobs.
Signed-off-by: Filip Navara <[email protected]>
* Make SHA1 type alias for plumbing.Hash in go-git.
Signed-off-by: Filip Navara <[email protected]>
* Make Signature type alias for object.Signature in go-git.
Signed-off-by: Filip Navara <[email protected]>
* Fix GetCommitsInfo for repository with only one commit.
Signed-off-by: Filip Navara <[email protected]>
* Fix PGP signature verification.
Signed-off-by: Filip Navara <[email protected]>
* Fix issues with walking commit graph across merges.
Signed-off-by: Filip Navara <[email protected]>
* Fix typo in condition.
Signed-off-by: Filip Navara <[email protected]>
* Speed up loading branch list by keeping the repository reference (and thus all the loaded packfile indexes).
Signed-off-by: Filip Navara <[email protected]>
* Fix lising submodules.
Signed-off-by: Filip Navara <[email protected]>
* Fix build
Signed-off-by: Filip Navara <[email protected]>
* Add back commit cache because of name-rev
Signed-off-by: Filip Navara <[email protected]>
* Fix tests
Signed-off-by: Filip Navara <[email protected]>
* Fix code style
* Fix spelling
* Address PR feedback
Signed-off-by: Filip Navara <[email protected]>
* Update vendor module list
Signed-off-by: Filip Navara <[email protected]>
* Fix getting trees by commit id
Signed-off-by: Filip Navara <[email protected]>
* Fix remaining unit test failures
* Fix GetTreeBySHA
* Avoid running `git name-rev` if not necessary
Signed-off-by: Filip Navara <[email protected]>
* Move Branch code to git module
* Clean up GPG signature verification and fix it for tagged commits
* Address PR feedback (import formatting, copyright headers)
* Make blob lookup by SHA working
* Update tests to use public API
* Allow getting content from any type of object through the blob interface
* Change test to actually expect the object content that is in the GIT repository
* Change one more test to actually expect the object content that is in the GIT repository
* Add comments
* Add API for manipulating Git hooks
Signed-off-by: Segev Finer <[email protected]>
* Replace code.gitea.io/sdk with PR branch temporarily for CI
* Switch back to code.gitea.io/sdk@master
* Return 403 instead of 404 on no permission to edit hooks in API
* Add tests for Git hooks API
* Update models/repo_list_test.go
Co-Authored-By: segevfiner <[email protected]>
* Update models/repo_list_test.go
Co-Authored-By: segevfiner <[email protected]>
* empty line
zeripath
John Olheiser
Lunny Xiao
Lanre Adelowo
successgo
mrsdizzie
6543
Kyle Evans
SpaWn2KiLl
Brad Albright
John Olheiser
David Svantesson
Colin Arnott
Tamal Saha
Christian Muehlhaeuser
kolaente
James E. Blair
Mario Lubenka
Filip Navara
techknowlogick
Richard Mahn
Segev Finer