This PR fixes#7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however.
## Features
- [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.)
- [x] Verify commits signed with the default gpg as valid
- [x] Signer, Committer and Author can all be different
- [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon.
- [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available
- Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg
- [x] Try to match the default key with a user on gitea - this is done at verification time
- [x] Make things configurable?
- app.ini configuration done
- [x] when checking commits are signed need to check if they're actually verifiable too
- [x] Add documentation
I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
* Add API for Repo Advanced Settings of wiki and issue tracker
Signed-off-by: David Svantesson <[email protected]>
* Add some integration tests for tracker and wiki settings through API
* Should return StatusUnprocessableEntity in case of invalid API values.
* Add tests for invalid URLs for external tracker and wiki.
* Do not set inital values if they are default of type
* Make issue tracker and wiki units separate structures in Repository API structure.
Signed-off-by: David Svantesson <[email protected]>
* Fix comment of structures
Signed-off-by: David Svantesson <[email protected]>
* Rewrite API to use struct for setting tracker and wiki settings.
* LetOnlyContributorsTrackTime -> AllowOnlyContributorsToTrackTime
* Add teams to repo on collaboration page.
Signed-off-by: David Svantesson <[email protected]>
* Add option for repository admins to change teams access to repo.
Signed-off-by: David Svantesson <[email protected]>
* Add comment for functions
Signed-off-by: David Svantesson <[email protected]>
* Make RepoAdminChangeTeamAccess default false in xorm and make it default checked in template instead.
Signed-off-by: David Svantesson <[email protected]>
* Make proper language strings and fix error redirection.
* Add unit tests for adding and deleting team from repository.
Signed-off-by: David Svantesson <[email protected]>
* Add database migration
Signed-off-by: David Svantesson <[email protected]>
* Fix redirect
Signed-off-by: David Svantesson <[email protected]>
* Fix locale string mismatch.
Signed-off-by: David Svantesson <[email protected]>
* Move team access mode text logic to template.
* Move collaborator access mode text logic to template.
* Create API endpoints for repo topics.
Signed-off-by: David Svantesson <[email protected]>
* Generate swagger
Signed-off-by: David Svantesson <[email protected]>
* Add documentation to functions
Signed-off-by: David Svantesson <[email protected]>
* Grammar fix
Signed-off-by: David Svantesson <[email protected]>
* Fix function comment
Signed-off-by: David Svantesson <[email protected]>
* Can't use FindTopics when looking for a single repo topic, as it doesnt use exact match
Signed-off-by: David Svantesson <[email protected]>
* Add PUT /repos/{owner}/{repo}/topics and remove GET /repos/{owner}/{repo}/topics
* Ignore if topic is sent twice in same request, refactoring.
Signed-off-by: David Svantesson <[email protected]>
* Fix topic dropdown with api changes.
Signed-off-by: David Svantesson <[email protected]>
* Style fix
Signed-off-by: David Svantesson <[email protected]>
* Update API documentation
Signed-off-by: David Svantesson <[email protected]>
* Better way to handle duplicate topics in slice
Signed-off-by: David Svantesson <[email protected]>
* Make response element TopicName an array of strings, instead of using an array of TopicName
Signed-off-by: David Svantesson <[email protected]>
* Add test cases for API Repo Topics.
Signed-off-by: David Svantesson <[email protected]>
* Fix format of tests
Signed-off-by: David Svantesson <[email protected]>
* Fix comments
Signed-off-by: David Svantesson <[email protected]>
* Fix unit tests after adding some more topics to the test fixture.
Signed-off-by: David Svantesson <[email protected]>
* Update models/topic.go
Limit multiple if else if ...
Co-Authored-By: Antoine GIRARD <[email protected]>
* Engine as first parameter in function
Co-Authored-By: Antoine GIRARD <[email protected]>
* Replace magic numbers with http status code constants.
Signed-off-by: David Svantesson <[email protected]>
* Fix variable scope
Signed-off-by: David Svantesson <[email protected]>
* Test one read with login and one with token
Signed-off-by: David Svantesson <[email protected]>
* Add some more tests
Signed-off-by: David Svantesson <[email protected]>
* Apply suggestions from code review
Use empty struct for efficiency
Co-Authored-By: Lauris BH <[email protected]>
* Add test case to check access for user with write access
Signed-off-by: David Svantesson <[email protected]>
* Fix access, repo admin required to change topics
Signed-off-by: David Svantesson <[email protected]>
* Correct first test to be without token
Signed-off-by: David Svantesson <[email protected]>
* Any repo reader should be able to access topics.
* No need for string pointer
Signed-off-by: David Svantesson <[email protected]>
* Store original author info for migrated issues and comments
Keep original author name for displaying in Gitea interface and also
store original author user ID for potential future use in linking
accounts from old location.
* Add original_url for repo
Store the original URL for a migrated repo
Clean up migrations/tests
* fix migration
* fix golangci-lint
* make 'make revive' happy also
* Modify templates to use OriginalAuthor if set
Use the original author name in templates if it is set rather than the
user who migrated/currently owns the issues
* formatting fixes
* make generate-swagger
* Use default avatar for imported comments
* Remove no longer used IgnoreIssueAuthor option
* Add OriginalAuthorID to swagger also
* Fixes#2738 - /git/tags API
* proper URLs
* Adds function comments
* Updates swagger
* Removes newline from tag message
* Removes trailing newline from commit message
* Adds integration test
* Removed debugging
* Adds tests
* Fixes bug where multiple tags of same commit show wrong tag name
* Fix formatting
* Removes unused varaible
* Fix to annotated tag function names and response
* Update modules/git/repo_tag.go
Co-Authored-By: Lauris BH <[email protected]>
* Uses TagPrefix
* Changes per review, better error handling for getting tag and commit IDs
* Fix to getting commit ID
* Fix to getting commit ID
* Fix to getting commit ID
* Fix to getting commit ID
* Feature - #5960 - API Endpoint for Repo Editing
* Revert from merge
* Adds integration testing
* Updates to integration tests
* Revert changes
* Update year in file header
* Misspell fix
* XORM = test
* XORM = test
* revert XORM = file
* Makes RepoUnit.ID be pk and autoincr
* Fix to units
* revert header
* Remove print statement
* Adds other responses
* Improves swagger for creating repo
* Fixes import order
* Better Unit Type does not exist error
* Adds editable repo properties to the response repo structure
* Fix to api_repo_edit_test.go
* Fixes repo test
* Changes per review
* Fixes typo and standardizes comments in the EditRepoOption struct for swagger
* Fixes typo and standardizes comments in the EditRepoOption struct for swagger
* Actually can unarchive through the API
* Unlike delete, user doesn't have to be the owner of the org, just admin to the repo
* Fix to swagger comments for field name change
* Update to swagger docs
* Update swagger
* Changes allow_pull_requests to has_pull_requests
* Repository avatars
- first variant of code from old work for gogs
- add migration 87
- add new option in app.ini
- add en-US locale string
- add new class in repository.less
* Add changed index.css, remove unused template name
* Update en-us doc about configuration options
* Add comments to new functions, add new option to docker app.ini
* Add comment for lint
* Remove variable, not needed
* Fix formatting
* Update swagger api template
* Check if avatar exists
* Fix avatar link/path checks
* Typo
* TEXT column can't have a default value
* Fixes:
- remove old avatar file on upload
- use ID in name of avatar file - users may upload same files
- add simple tests
* Fix fmt check
* Generate PNG instead of "static" GIF
* More informative comment
* Fix error message
* Update avatar upload checks:
- add file size check
- add new option
- update config docs
- add new string to en-us locale
* Fixes:
- use FileHEader field for check file size
- add new test - upload big image
* Fix formatting
* Update comments
* Update log message
* Removed wrong style - not needed
* Use Sync2 to migrate
* Update repos list view
- bigger avatar
- fix html blocks alignment
* A little adjust avatar size
* Use small icons for explore/repo list
* Use new cool avatar preparation func by @lafriks
* Missing changes for new function
* Remove unused import, move imports
* Missed new option definition in app.ini
Add file size check in user/profile avatar upload
* Use smaller field length for Avatar
* Use session to update repo DB data, update DeleteAvatar - use session too
* Fix err variable definition
* As suggested @lafriks - return as soon as possible, code readability
John Olheiser
zeripath
Lunny Xiao
David Svantesson
WGH
Antoine GIRARD
Mike Schwörer
mrsdizzie
Richard Mahn
kolaente
Lanre Adelowo
Sergey Dryabzhinsky
Rémy Boulanouar