Commit Graph

1672 Commits

Author SHA1 Message Date
Willem van Dreumel
01d957677f Oauth2 consumer (#679)
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)

* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)

* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
2017-02-22 08:14:37 +01:00
Denis Denisov
fd941db246 Protected branches system (#339)
* Protected branches system

* Moved default branch to branches section (`:org/:reponame/settings/branches`).
* Initial support Protected Branch.
  - Admin does not restrict
  - Owner not to limit
  - To write permission restrictions

* reformat tmpl

* finished the UI and add/delete protected branch response

* remove unused comment

* indent all the template files and remove ru translations since we use crowdin

* fix the push bug
2017-02-21 23:02:10 +08:00
Lunny Xiao
b8f70a27a5 Security: fix XSS attack on alert (#973) 2017-02-19 19:18:06 +08:00
Lunny Xiao
6076c95dd1 Security: fix XSS attack on milestone (#976)
Reported by Miguel Ángel Jimeno.
2017-02-19 19:09:59 +08:00
Lunny Xiao
dbe6d2ff8e fix docker link on install page (#964) 2017-02-18 22:19:51 +08:00
Lunny Xiao
847527fd6d Fix all the bugs in issues and pulls on dashboard (#943)
* fix all the bugs in issues and pulls on dashboard

* small fix and refactor

* add method getRepoIDs for IssueList
2017-02-17 08:58:19 +08:00
Bo-Yi Wu
4c12e2a4b9 fix: fill in ssh key title on setting of repo (#950)
* fix: fill in ssh key title on setting of repo

* fix: Don't overwrite ssh key title if exist.
2017-02-16 05:16:42 +01:00
Unknwon
134f3e6e09 Security: prevent XSS attach on wiki page
Reported by Miguel Ángel Jimeno.
2017-02-16 04:06:20 +01:00
Lunny Xiao
7a9a5c8a69 Fix assigned issues dashboard (#920)
* Fix assigned/created issues in dashboard. (#3560)

* Fix assigned/created issues in dashboard.

* Use GetUserIssueStats for getting all Dashboard stats.

* Use gofmt to format the file properly.

* Replace &Issue{} with new(Issue).

* Check if user has access to given repository.

* Remove unnecessary filtering of issues.

* Return 404 error if invalid repository is given.

* Use correct number of issues in paginater.

* fix issues on dashboard
2017-02-14 22:15:18 +08:00
Bo-Yi Wu
d67b278a0d feat: Able to disable non-admin to create new organization (#927) 2017-02-14 20:16:00 +08:00
Bo-Yi Wu
23aba523b5 feat: support search bar on star tab of user profile. (#917)
* feat: support search bar on star tab of user profile.

* fix: update testing.

* fix: Using loadAttributes

* fix: remove empty line.

* remove LOWER

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2017-02-14 15:28:22 +08:00
Andrew Boyarshin
dc8248f8a4 Markdown rendering overhaul (#186)
* Markdown rendering overhaul

Cleaned up and squashed commits into single one.

Signed-off-by: Andrew Boyarshin <boyarshinand@gmail.com>

* Fix markdown API, add markdown module and API tests, improve code coverage

Signed-off-by: Andrew Boyarshin <boyarshinand@gmail.com>
2017-02-14 09:13:59 +08:00
Bo-Yi Wu
5cc275b1de feat: add git version on admin panel. (#921) 2017-02-13 19:49:42 +08:00
Andrew
3f67676059 Implement basic Open Graph support. (#901) 2017-02-11 20:57:33 +08:00
Lunny Xiao
8a0be5e9f0 Bug fixed for deleted label in issue comment (#904)
* bug fixed for deleted label in issue comment

* fix indent
2017-02-11 20:56:57 +08:00
Lunny Xiao
cf0f451c37 Add delete branch track on pull request comments (#888)
* add delete branch track on pull request comments

* don't change vendor
2017-02-11 12:00:29 +08:00
Bo-Yi Wu
40f4377717 feat: fill in ssh key title automatically. (#863) 2017-02-09 17:58:04 +08:00
Sandro Santilli
23a7527e04 Allow rendering alerts in dashboard (#856)
NOTE: useful when logging in via OpenID and connecting to user
2017-02-08 09:37:23 +08:00
Lunny Xiao
02a881aa32 show tags on dashboard issues (#860) 2017-02-07 23:33:18 +08:00
Sandro Santilli
ed096186a7 social_register_hepler_msg -> social_register_helper_msg (#855)
* social_register_hepler_msg -> social_register_helper_msg

* register_hepler_msg -> register_helper_msg
2017-02-07 23:30:20 +08:00
Bo-Yi Wu
b13232f524 feat: support paginater on star tab of user profile. (#845) 2017-02-07 19:54:16 +08:00
Stephen Brown
94130da63a Fixes #794 by moving emoji tag to the correct span (#848)
Signed-off-by: Stephen Brown <steve@evolvedlight.co.uk>
2017-02-06 23:24:59 +08:00
Zsombor
e388db311b Add checkbox to search for all the branches by commit message (#813)
and updating the vendor directory
2017-02-05 22:43:28 +08:00
Lunny Xiao
f35b20b042 track issue title changes (#841) 2017-02-05 22:36:00 +08:00
Ethan Koenig
027591a3a5 Redirects for renamed repos (#807)
* Redirects for renamed repos

* Remove unused phrase from locales
2017-02-05 22:35:03 +08:00
Lunny Xiao
8a421b1fd7 Add units concept for modulable functions of a repository (#742)
* Add units concept for modulable functions of a repository

* remove unused comment codes & fix lints and tests

* remove unused comment codes

* use struct config instead of map

* fix lint

* rm wrong files

* fix tests
2017-02-04 23:53:46 +08:00
Bo-Yi Wu
a90a215662 feat: Add search bar on user profile page. (#787) 2017-02-04 20:20:20 +08:00
Lunny Xiao
3e0525b47d Track assignee for issue (#808)
* track assignee for issue

* fix lint

* use getUserByID instead Get
2017-02-03 23:09:10 +08:00
Lunny Xiao
081485ecfd add milestone changed traker on issue view (#804) 2017-02-01 10:36:08 +08:00
Lunny Xiao
f94869d2d1 Track labels changed on issue view & resolved #542 (#788)
* track labels changed on issue view & resolved #542

* add missing head comment & sort & fix refresh
2017-01-30 20:46:45 +08:00
Bo-Yi Wu
d078aa30d6 feat: add search repository on dashboard. (#773) 2017-01-30 13:57:47 +08:00
Andrey Nering
aa591317e7 Small UI fixes 2017-01-28 14:11:49 -02:00
Andrey Nering
5348e8b71a Fix color: closed PR was showing as purple instead of red 2017-01-28 14:01:07 -02:00
Bwko
e08421017c Add ability to fork your own repos (#761) 2017-01-26 22:44:37 +08:00
Bwko
067ae5d96e Fix to reflect selected branch for fork (#762)
PullRequestCtx.HeadInfo did not contain the current selected branch
causing issue #304
2017-01-26 13:32:08 +08:00
Bo-Yi Wu
2831267db1 refactor: move js to bottom and move css to top. (#689) 2017-01-25 23:15:25 +08:00
Ethan Koenig
833f8b94c2 Search bar for issues/pulls (#530) 2017-01-25 10:43:02 +08:00
Bwko
74ed6dc3ad Add option to app.ini to enable local import paths (#724) 2017-01-23 09:19:50 +08:00
Kjell Kvinge
f9a3aa8737 add scroolbars to wide graphs. (#608)
* Add scrollbars to graph and revlist if needed.

* Add border
2017-01-22 20:10:01 +08:00
Kazuki Sawada
3c4d5e1ed5 Fix: Pagenation on dashboard->issues does not work well (#698) 2017-01-19 17:20:40 +08:00
Andrey Nering
d2bb8ef503 Notifications: trying to get a better layout (#660)
* i18n button titles

* Improvements on notification page layout

* Notification count badge fixes

* Make table <tr> clickable

* Fix octicon aligment

* Fix use of AppSubUrl
2017-01-18 09:18:55 +08:00
Andrew
6dd096b7f0 Two factor authentication support (#630)
* Initial commit for 2FA support

Signed-off-by: Andrew <write@imaginarycode.com>

* Add vendored files

* Add missing depends

* A few clean ups

* Added improvements, proper encryption

* Better encryption key

* Simplify "key" generation

* Make 2FA enrollment page more robust

* Fix typo

* Rename twofa/2FA to TwoFactor

* UNIQUE INDEX -> UNIQUE
2017-01-16 10:14:29 +08:00
Philip Couling
64375d875b Attach to release (#673)
* Moved attachaments POST url from /issues/attachments to /attachments

* Implemented attachment upload on release page

* Implemented downloading attachments on the release page

* Added zip and gzip files to default allowed attachments

* Implemented uploading attachments on edit release

* Renamed UploadIssueAttachment to UploadAttachment
2017-01-15 22:57:00 +08:00
Andrey Nering
769e0a3ea6 Notifications: mark as read/unread and pin (#629)
* Use relative URLs

* Notifications - Mark as read/unread

* Feature of pinning a notification

* On view issue, do not mark as read a pinned notification
2017-01-12 12:27:09 +08:00
Bo-Yi Wu
0af9a24087 docs: update translation on homepage for zh-tw (#634) 2017-01-11 09:23:42 +01:00
derSuessmann
51d578ff33 Add Keep email private (see issue #571). (#571)
- Add site-wide option DEFAULT_KEEP_EMAIL_PRIVATE.
- Add the new option to the install and admin/config pages.
- Add the new option to app.ini in the service section.
- Add the new option to the settings struct.
- Add English text strings to i18n.
- Add field KeepEmailPrivate to user struct.
- Add field KeepEmailPrivate to user form.
- Add option to UI.
- Add using noreply email address if user has "Keep Email Private".
An email address <LowerName>@<NO_REPLY_ADDRESS> is now used in commit
messages (and hopefully all other git log relevant places). The
change relies on the fact that git commands should use
user.NetGitSig().
- Add hiding of email address in UI, if user has set "Keep Email Private".
- Add condition to show email address only on explore/users and user
pages, if user has not set "Keep Email Private".
- Add noreply email in API if set "Keep Email Private".
- Add a new service setting NO_REPLY_ADDRESS. The value of this
setting is used as the domain part for the user's email address in
git log, iff he decides to keep his email address private.
If the user decides to keep his email address private and this
option is not set 'noreply.example.org' is used, which no MTA
should send email to.

Add NO_REPLY_ADDRESS to conf/app.ini.
2017-01-08 11:12:03 +08:00
Andrey Nering
79d527195d Merge pull request #539 from andreynering/notifications-step-2
Notifications - Step 2
2017-01-05 11:53:01 -02:00
Manuel Kuhlmann
eb9ce39bb7 Fix unified diff view styling (#585)
Signed-off-by: Manuel Kuhlmann <manuel@mkuhlmann.org>
2017-01-05 10:04:41 +08:00
Manuel Kuhlmann
a5e07da8be Fix diff split view coloring (#553) (#584)
Signed-off-by: Manuel Kuhlmann <manuel@mkuhlmann.org>
2017-01-05 09:07:43 +08:00
Andrey Nering
b354cf362e Add pagination for notifications 2017-01-03 17:09:36 -02:00