8888 Commits

Author SHA1 Message Date
Cirno the Strongest
95af6096fb
Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11683)
Fixes #11651

(cherry picked from commit 02fa329a7c2190d947cd5e02ea90d2d4406653be)
2020-05-29 22:12:21 +01:00
6543
801f4b9e7a
Add tracked time fix to doctor (part of #11111) (#11138)
Backports the tracked-time fix from #11111 (part of #11111)

Fixes tracked time errors following repo deletion (#10280) and adds the fix to the default doctor tasks
2020-05-29 16:41:23 +01:00
c0c3a533a0
Fix webpack chunk loading with STATIC_URL_PREFIX (#11526) (#11544)
Previously, we had only set __webpack_public_path__ to a path which
caused webpack chunks to be loaded from the current origin which is
incorrect when STATIC_URL_PREFIX points to another origin.

This should fix the issue curretnly seen on gitea.com.

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-05-28 19:49:38 -04:00
6543
ed646078e1
Return json on 500 error from API (#11574) (#11660)
Backport #11574

add API specific InternalServerError()

InternalServerError
2020-05-28 19:27:29 +01:00
zeripath
dc0ea133e1
Prevent (caught) panic on login (#11590) (#11598)
Backport #11590

Unfortunately when the virtual session is released it requires that the
real session does not exist. This worked fine when sessions were only
saved at the end of request/response cycle however, now sessions are
saved proactively this does not hold.

The result is a caught panic in the logs during every log-in.  This
panic has no significant side-effects but should not occur.

This PR marks the virtual session as released when released and updates
it if the same session is released again.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-05-27 21:37:27 +01:00
Gary Kim
a854846f06
Fix wrong milestone in webhook message (#11596) (#11612)
Backport of #11596

Signed-off-by: Gary Kim <gary@garykim.dev>
2020-05-25 00:03:02 +01:00
b52e8de7de
Fix commit page js error (1.11 backport) (#11527)
Partial backport of fd094eea95 to 1.11.

Fixes: https://github.com/go-gitea/gitea/issues/11518
2020-05-20 22:01:01 -04:00
zeripath
1b62916393
Use media links for img in post-process (#10515) (#11504)
* use media links for img in post-process

* do not visit text of anchors
2020-05-19 18:55:06 -04:00
pvgoran
1d57c309ef
Remove unnecessary parentheses in wiki/revision template (#11481)
This fixes the error on "Page Revision" page, similar to #10552.
2020-05-18 23:05:27 +01:00
6543
cf97e65b66
Ensure public repositories in private organizations are visible and fix admin organizations list (#11465) (#11475)
Partial Backport of #11465

Co-authored-by: zeripath <art27@cantab.net>
2020-05-17 22:18:14 -03:00
zeripath
42a46cff35
Allow all members of private orgs to see public repos (#11442) (#11459)
* Allow all members of private orgs to see public repos (#11442)

Backport (#11442)

Allow all members of private orgs to see public repos

Fix #10144

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update models/repo_list.go

* Oops missed the repos we own!

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-05-17 23:53:09 +01:00
zeripath
2cb3db2d20
Set correct content_type value for Gogs/Gitea webhooks (#9504) (#10456) (#11461)
The content_type value was defaulting to the string value of the
ContentType, not the integer value as expected by the backend.

Co-authored-by: Jeff Stein <jeff@jeffvstein.org>
2020-05-17 20:08:59 +01:00
zeripath
04e480d477
Whenever the ctx.Session is updated, release it to save it before sending the redirect (#11456) (#11457)
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-05-18 00:30:31 +08:00
zeripath
de9a96c4de
Forcibly clean and destroy the session on logout (#11447) (#11451)
Backport #11447

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-05-17 14:32:33 +03:00
guillep2k
878434146f
Use session for retrieving org teams (#11438) (#11439)
Co-authored-by: Guillermo Prandi <guillep2k@users.noreply.github.com>
2020-05-17 00:10:04 +03:00
6543
d78be7ddf9
Fix /api/v1/orgs/* endpoints by changing parameter to :org from :orgname (#11381) 2020-05-12 08:46:44 +03:00
6543
83f8414e1e
Update Changelog for 1.11.5 (#11347)
* Update Changelog for 1.11.5

* bumb version in docs

* Update CHANGELOG.md

Co-authored-by: zeripath <art27@cantab.net>
v1.11.5
2020-05-09 16:26:27 -03:00
guillep2k
0b216f40fd
Fix tracked time issues (#11349) (#11354)
Backport #11349 

* Fix tracked time issues (#11349)

* Fix nil exeption: #11313

* fix 500

* activate test 😆

* move logic

* Add missing import

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Guillermo Prandi <guillep2k@users.noreply.github.com>
2020-05-09 18:08:41 +01:00
zeripath
dd6e604f8f
Add NotifySyncPushCommits to indexer notifier (#11309) (#11338)
Thanks to @simon-on-gh for tracking down the issue.

Fix #11200

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-05-08 22:40:51 +01:00
zeripath
86863ae939
Prevent timer leaks in Workerpool and others (#11333) (#11340)
There is a potential memory leak in `Workerpool` due to the intricacies of
`time.Timer` stopping.

Whenever a `time.Timer` is `Stop`ped its channel must be cleared using a
`select` if the result of the `Stop()` is `false`.

Unfortunately in `Workerpool` these were checked the wrong way round.

However, there were a few other places that were not being checked.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-05-09 00:18:39 +08:00
zeripath
f3a90057a5
Allow X in addition to x in tasks (#10979) (#11335)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-05-08 20:55:16 +08:00
6543
03fdd82d63
Changelog v1.11.5 (#11329)
* Changelog v1.11.5

* Apply suggestions from code review

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-05-08 12:58:05 +03:00
6543
cd7fa15d1d
Prevent multiple listings of organization when creating a repository (#11303) (#11325)
Backport #11303 

Prevent multiple listings of organization when creating a repository (#11303)

prevent double entries in results of GetOrgsCanCreateRepoByUserID

I first try to only add GroupBy directly but xorm return broken user objects ...

... solution was to just query related UserIDs(OrgIDs) first and return OrgUsers based on this IDs

close #11258

Co-authored-by: zeripath <art27@cantab.net>
2020-05-07 21:30:51 +01:00
6543
79868d7096
When delete tracked time through the API return 404 not 500 (#11319) (#11326) 2020-05-07 22:42:33 +03:00
zeripath
19626b93f8
Manage port in submodule refurl (#11305) (#11323)
* Manage port in submodule refurl

Fix #11304

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* URLJoin is causes a cyclic dependency and possibly isn't what what we want anyway

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Protect against leading .. in scp syntax

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-05-07 10:41:40 -05:00
zeripath
91e6a7f7ea
api.Context.NotFound(...) should tolerate nil (#11288) (#11306)
There is an unfortunate signature change with the api.Context
NotFound function; whereas the normal modules/context/Context
NotFound function requires an error or nil, the api.Context
variant will panic with an NPE if a nil is provided.

This PR will allow api.Context.NotFound to tolerate a being
passed a nil.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-05-05 17:48:24 -05:00
guillep2k
ff7eaa1eb4
Show pull request selection even when unrelated branches (#11239) (#11283)
Fix #10525

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-05-04 12:38:26 +01:00
Kyle Evans
5131206aad
repo: milestone: make /milestone/:id endpoint accessible (#11264) (#11282)
Previously, this required authentication, but there's not actually
any privileged information on this page.  Move the endpoint out of
the group that requires sign-in.  It still requires the ability to
read issues and pull requests, so private repositories (for instance)
will not be exposed.

Fixes #10312 
Fixes #11233

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-05-04 04:12:36 +03:00
6543
bfc25fcf40
Fix GetContents(): Dont't ignore Executables (#11192) (#11209) 2020-04-25 01:54:38 -03:00
zeripath
4a6765fba2
Fix submodule paths when AppSubUrl is not root (#11098) (#11176)
Backport #11098

Fix #11002

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-04-22 13:37:52 +01:00
zeripath
dca8ef9407
Prevent clones and pushes to disabled wiki (#11131) (#11134)
Backport #11131

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-04-19 16:40:40 +01:00
zeripath
cebef5c871
Remove errant third closing curly-bracket from account.tmpl and send account ID in account.tmpl (#11130)
* Remove errant third } from account.tmpl

Fix #11128

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update templates/user/settings/account.tmpl
2020-04-19 20:35:34 +08:00
6543
245d6ebda5
On Repo Deletion: Delete related TrackedTimes too (#11110) (#11125) 2020-04-19 10:39:48 +08:00
zeripath
d9875ff2e1
Refresh codemirror on show pull comment tab (#11100) (#11122)
Fix #10975

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-04-18 13:55:13 -03:00
6543
cc2a6c1d30
Fix merge dialog on protected branch with missing required statuses (#11074) (#11084)
It is possible for misconfigured protected branches to have required status checks that are not in any of the current statuses: Pending, Success, Error, Failure, or Warning - presumably because the CI has not contacted us as yet.

Fix #10636 by adding case: missing StatusChecks when these are missing
2020-04-16 10:45:34 +03:00
赵智超
b5fd55de73
fix 404 and 500 image size in small size screen (#11043) (#11049)
do it by define Semantic UI image class

Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-04-12 20:24:15 +08:00
6543
e11b3a1076
Load PR Issue Poster on API too (#11033) (#11039)
* Load pr Issue Poster on API too (#11033)

* ajust for 1.11 codebase
2020-04-11 01:10:16 -03:00
6543
0c4be64345
[Backport] Fix release counter on API repository info (#10968) (#10996)
* Fix release counter on API repository info (#10968)

* correct Pull Count to v1.11 Fixtures
2020-04-06 18:13:12 -04:00
zeripath
c34ad62eea
Mulitple Gitea Doctor improvements (#10943) (#10990) (#10064) (#9095) (#10991)
* Mulitple Gitea Doctor improvements (#10943)

Backport #10943

* Add `gitea doctor --list` flag to list the checks that will be run, including those by default
* Add `gitea doctor --run` to run specific checks
* Add `gitea doctor --all` to run all checks
* Add db version checker
* Add non-default recalculate merge bases check/fixer to doctor
* Add hook checker (Fix #9878) and ensure hooks are executable (Fix #6319)
* Fix authorized_keys checker - slight change of functionality here because parsing the command is fragile and we should just check if the authorized_keys file is essentially the same as what gitea would produce. (This is still not perfect as order matters - we should probably just md5sum the two files.)
* Add SCRIPT_TYPE check (Fix #10977)
* Add `gitea doctor --fix` to attempt to fix what is possible to easily fix
* Add `gitea doctor --log-file` to set the log-file, be it a file, stdout or to switch off completely. (Fixes previously undetected bug with certain xorm logging configurations - see @6543 comment.)

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Switch to io.Writer instead of io.StringWriter

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-04-06 16:15:20 -04:00
6543
f7d7cf4e2d
Fix rebase conflict detection in git 2.26 (#10930)
Git changed the technique used in rebase from
simple apply-patches to use merge. This breaks
our conflict detection code.

created by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-04-03 13:09:15 -04:00
zeripath
99a364a9dc
Generate Diff and Patch direct from Pull head (#10936) (#10938)
Backport #10936

* Generate Diff and Patch direct from Pull head

Fix #10932
Also fix "Empty Diff/Patch File when pull is merged"

Closes #10934

* Add tests to ensure that diff does not change
* Ensure diffs and pulls pages work if head branch is deleted too

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-04-03 17:06:54 +03:00
6543
3afbbfe921
Changelog v1.11.4 (#10916)
* output of changelog

* Apply suggestions from code review

* Update CHANGELOG.md

Co-authored-by: zeripath <art27@cantab.net>
v1.11.4
2020-04-01 18:09:33 +03:00
zeripath
bfce841b04
Only update merge_base if not already merged (#10909)
* Only update merge_base if not already merged

Fix #10766

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Prevent race in transfer pull request

* Update services/pull/pull.go
2020-04-01 15:33:44 +03:00
139fc7cfee
Fix milestones too many SQL variables bug (#10880) (#10904)
* Fix milestones too many SQL variables bug

* Fix test

* Don't display repositories with no milestone and fix tests

* Remove unused code and add some comments
2020-03-31 08:40:37 -05:00
zeripath
596eebb2b6
Protect against NPEs in notifications list (#10879) (#10883)
* Protect against NPEs in notifications list (#10879)

Unfortunately there appears to be potential race with notifications
being set before the associated issue has been committed.

This PR adds protection in to the notifications list to log any failures
and remove these notifications from the display.

References #10815 - and prevents the panic but does not completely fix
this.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* add log import

* Update models/notification.go

Co-Authored-By: Lauris BH <lauris@nix.lv>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-03-30 15:23:02 +08:00
zeripath
1d5d745851
Convert plumbing.ErrObjectNotFound to git.ErrNotExist in getCommit (#10862) (#10868)
Backport #10862

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
2020-03-29 17:47:53 +01:00
zeripath
3dabfd4933
Convert plumbing.ErrReferenceNotFound to git.ErrNotExist in GetRefCommitID (#10676) (#10797)
* Fix panic in API pulls when headbranch does not exist (#10676)

Backport #10676

* Fix panic in API pulls when headbranch does not exist
* refix other reference to plumbing.ErrReferenceNotFound

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

Co-Authored-By: Lauris BH <lauris@nix.lv>
2020-03-23 15:01:25 +02:00
zeripath
6ee6731290
account for empty lines in receive-hook message (#10773) (#10784)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-03-21 10:49:02 +08:00
602fe45936
Fix bug on branch API (#10767) (#10775)
* Fix bug on branch API (#10767)

* Fix branch api canPush and canMerge
2020-03-20 23:31:01 +02:00
Lauris BH
e2da9cd21f
FIx hiding of fields in authorization source page (#10734) (#10752) 2020-03-19 11:40:01 -04:00