Backport of #5939
1. A key can either be an ssh user key or a deploy key. It cannot be both.
2. If a key is a user key - it can only be associated with one user.
3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different.
4. If a repository is deleted, its deploy keys must be deleted too.
We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints:
- [x] You should not be able to add the same user key as another user
- [x] You should not be able to add a ssh user key which is being used as a deploy key
- [x] You should not be able to add a ssh deploy key which is being used as a user key
- [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode.
- [x] If you delete a repository you must delete all its deploy keys.
Fix#1357
* Ensure issue.Poster is loaded in mailIssueCommentToParticipants (#5891)
Previous code could potentially dereference nil - this PR ensures
that the poster is loaded before dereferencing it.
Signed-off-by: Andrew Thornton <[email protected]>
* Also ensure the repo is loaded
Signed-off-by: Andrew Thornton <[email protected]>
* Fix sqlite deadlock when assigning to a PR
Fix 5639
Signed-off-by: Andrew Thornton <[email protected]>
* More possible deadlocks found and fixed
Signed-off-by: Andrew Thornton <[email protected]>
* Added test environment for m$sql
* Added template for test environment for m$sql
* Fix password
* Fix password (again)
* Fix password (again again)
* Fix db
* Ci trigger (Looking at you drone....)
* Ci trigger (Looking at you drone....)
* Ci trigger (Looking at you drone....)
* Ci trigger (Looking at you drone....)
* Create master database for mssql integration tests
Signed-off-by: Jonas Franz <[email protected]>
* Create database only if master do not exist
Signed-off-by: Jonas Franz <[email protected]>
* Fix mssql integration tests by using custom database "gitea"
Signed-off-by: Jonas Franz <[email protected]>
* Moved defer
* bump xorm
* updated xorm
* Fixed build
* Add branch protection for approvals
Signed-off-by: Jonas Franz <[email protected]>
* Add required approvals
Signed-off-by: Jonas Franz <[email protected]>
* Add missing comments and fmt
Signed-off-by: Jonas Franz <[email protected]>
* Add type = approval and group by reviewer_id to review
* Prevent users from adding negative review limits
* Add migration for approval whitelists
Signed-off-by: Jonas Franz <[email protected]>
MSSQL is using the wrong type here which results in a strconv.ParseInt: parsing "2018-12-07T00:00:00Z": invalid syntax error.
The added datediff(SECOND, '19700101', x) results in the unix timestamp to be returned.
Signed-off-by: Christopher Dziomba <[email protected]>
right now the `closed_at` field for json responses is not filled during
the `APIIssue` creation for api responses.
For a closed issue you get a result like:
```json
"state":"open","comments":0,"created_at":"2018-11-29T16:39:24+01:00",
"updated_at":"2018-11-30T10:49:19+01:00","closed_at":null,
"due_date":null,"pull_request":null}
```
which has no information about the closing date. (which exists in the
db and ui)
with this PR the result changes to this:
```json
:null,"assignee":null,"assignees":null,
"state":"closed",
"comments":0,"created_at":"2018-11-29T16:43:05+01:00",
"updated_at":"2018-12-02T19:17:05+01:00",
"closed_at":"2018-12-02T19:17:05+01:00",
"due_date":null,"pull_request":null}
```
fixes: https://github.com/go-gitea/gitea/issues/5446
Signed-off-by: Roman <[email protected]>
* add milestone issues and pulls page instead of redirecting issues page
* add milestone when creating issue from milestone page
* refactor to merge similiar codes as a new function issues
* remove milestone info on milestone issues list
* fix missing params
* show only opened milestones on issues page milestone filter
* update Godoc
* update Godoc everywhere
* update swagger
* use false instead of 0
* Add seccond ordering by ID for milestones where no deadline is set
* Remove field from migration to support upgrades from older version
That will ensure the field does not get queried in the Select if it does
not exist yet:
```
[I] [SQL] SELECT "id", "repo_id", "index", "poster_id", "name", "content", "milestone_id", "priority", "assignee_id", "is_closed", "is_pull", "num_comments", "ref", "deadline_unix", "created_unix", "updated_unix
[...itea/routers/init.go:60 GlobalInit()] [E] Failed to initialize ORM engine: migrate: do migrate: pq: column "ref" does not exist
```
see #5318
* Skip remove stale watcher migration if not required
Otherwise the migration will fail if executed from a older database
version without multiple IssueWatch feature.
```
2018/11/11 23:51:14 [I] [SQL] SELECT DISTINCT "issue_watch"."user_id", "issue"."repo_id" FROM "issue_watch" INNER JOIN issue ON issue_watch.issue_id = issue.id WHERE (issue_watch.is_watching = $1) LIMIT 50 []int
[...itea/routers/init.go:60 GlobalInit()] [E] Failed to initialize ORM engine: migrate: do migrate: pq: relation "issue_watch" does not exist
```
see #5318
* Add private information to the deploy keys api
This commit adds more information to the deploy keys to allow for back
reference in to the main keys list. It also adds information about the
repository that the key is referring to.
Signed-off-by: Andrew Thornton <[email protected]>
* Add private information to the user keys API
This adjusts the keys API to give out private information to user keys if
the current user is the owner or an admin.
Signed-off-by: Andrew Thornton <[email protected]>
* Add ability to search keys by fingerprint
This commit adds the functionality to search ssh-keys by fingerprint of
the ssh-key. Deploy keys per repository can also be searched. There is
no current clear API point to allow search of all deploy keys by
fingerprint or keyID.
Signed-off-by: Andrew Thornton <[email protected]>
* Add integration test
* Fix issue where ecdsa and other key types are not synced from LDAP authentication provider fixes#5092
* integrations/auth_ldap_test.go: Add Hermes Conrad new ecdsa-sha2-nistp256 publickey fingerprint
* integrations/auth_ldap_test.go: Use ssh-keygen -lf <filename> -E sha256
zeripathandLauris BH
Lanre AdelowoandLauris BH
John Olheiserandtechknowlogick
Harshit Bansalandzeripath
yasuokavandtechknowlogick
JulianandLauris BH
Daniel WolfandLunny Xiao
kolaenteandLunny Xiao
ChristopherandLunny Xiao
romanklandtechknowlogick
Florian EitelandLauris BH
Jonas Brömsandtechknowlogick
Stanislavandtechknowlogick
Jerry Jacobsandtechknowlogick