Commit Graph

14519 Commits

Author SHA1 Message Date
Pavel Ezhov 98770d3db8
Fix group filter for ldap source sync (#22506)
There are 2 separate flows of creating a user: authentication and source
sync.
When a group filter is defined, source sync ignores group filter, while
authentication respects it.
With this PR I've fixed this behavior, so both flows now apply this
filter when searching users in LDAP in a unified way.

- Unified LDAP group membership lookup for authentication and source
sync flows
- Replaced custom group membership lookup (used for authentication flow)
with an existing listLdapGroupMemberships method (used for source sync
flow)
- Modified listLdapGroupMemberships and getUserAttributeListedInGroup in
a way group lookup could be called separately
- Added user filtering based on a group membership for a source sync
- Added tests to cover this logic

Co-authored-by: Pavel Ezhov <paejov@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-02 15:45:00 +08:00
yp05327 9ef8bfb69b
set user dashboard org visibility to basic (#22706)
Same to https://github.com/go-gitea/gitea/pull/22674 and
https://github.com/go-gitea/gitea/pull/22605

Sorry to create 3 PR to fix this.
I checked all span with class `org-visibility`, i think this is the last
one :)

And I found that private/limited user has no private/limited tag in
dashboard. but org does.
If it is ok i will add this feature in another pr.

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-02 14:53:14 +08:00
wxiaoguang c46f53a627
Fix diff UI for unexpandable items (#22700)
Follows #21094

Before:

There are 2 problems:

1. Sometimes, the header starts with a number, sometimes, it starts with
an icon button. It makes the UI look like misaligned.
2. The second item's bottom border is too thick (actually, that's an
empty element with border, which should be hidden as well)
3. (An old problem) the number is not mono-font


![image](https://user-images.githubusercontent.com/2114189/215935944-003fe2d3-69bf-413c-bbae-0a4668a508c3.png)


After:

Fix above problems.


![image](https://user-images.githubusercontent.com/2114189/215944811-b867a20c-110c-47a2-aa52-572a8162a44d.png)

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2023-02-02 13:39:55 +08:00
crystal 5d9c64b3fe
Fix line spacing for plaintext previews (#22699)
Adding `<br>` between each line is not necessary since the entire file
is rendered inside a `<pre>`

fixes https://codeberg.org/Codeberg/Community/issues/915
2023-02-01 22:51:02 -06:00
Lunny Xiao 4e946e5a7d
Small refactor for loading PRs (#22652) 2023-02-01 21:49:28 -06:00
Lukas 3f2e721372
Allow setting access token scope by CLI (#22648)
Followup for #20908 to allow setting the scopes when creating new access
token via CLI.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2023-02-02 11:10:37 +08:00
Felipe Leopoldo Sologuren Gutiérrez 15c035775a
Add main landmark to templates and adjust titles (#22670)
* Add main aria landmark to templates
 * Adjust some titles to improve understanding of location in navigation

Contributed by @Forgejo
2023-02-01 22:56:10 +00:00
Brecht Van Lommel 1e0e79dcbf
Fix cache-control header clearing comment text when editing issue (#22604)
The `no-store` cache control added in #20432 is causing form input to be
cleared unnecessarily on page reload. Instead use
`max-age=0,private,must-revalidate` which avoids this.

This was particularly a problem when typing a long comment for an issue
and then for example changing the label. The page would be reloaded and
lose the unsubmitted comment.

Fixes #22603
2023-02-01 15:28:06 -06:00
delvh b6b8feb3de
Enable `@<user>`- completion popup on the release description textarea (#22359)
For some unknown reason, this was previously disabled.
Additionally removed an unused return value.
2023-02-01 13:14:40 -06:00
KN4CK3R 6ba9ff7b48
Add Conda package registry (#22262)
This PR adds a [Conda](https://conda.io/) package registry.
2023-02-01 12:30:39 -06:00
KN4CK3R 5882e179a9
Add user secrets (#22191)
Fixes #22183
Replaces #22187

This PR adds secrets for users. I refactored the files for organizations
and repos to use the same logic and templates. I splitted the secrets
from deploy keys again and reverted the fix from #22187.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-01 20:53:04 +08:00
zeripath 9f9a1ce922
Add missing close bracket in imagediff (#22710)
There was a missing `]` in imagediff.js:

```
const $range = $container.find("input[type='range'"); 
```

This PR simply adds this.

Fix #22702
2023-02-01 19:48:35 +08:00
yp05327 72a83dcc82
Explain that the no-access team unit does not affect public repositories (#22661)
Fixes https://github.com/go-gitea/gitea/issues/22600

Add explanations to team unit access control.

---------

Co-authored-by: Jason Song <i@wolfogre.com>
2023-02-01 16:14:40 +08:00
zeripath 19d5b2f922
Fix bugs with WebAuthn preventing sign in and registration. (#22651)
This PR fixes two bugs with Webauthn support:

* There was a longstanding bug within webauthn due to the backend using
URLEncodedBase64 but the javascript using decoding using plain base64.
This causes intermittent issues with users reporting decoding errors.
* Following the recent upgrade to webauthn there was a change in the way
the library expects RPOrigins to be configured. This leads to the
Relying Party Origin not being configured and prevents registration.

Fix #22507

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-02-01 07:24:10 +00:00
Lunny Xiao 2871ea0809
Add more events details supports for actions (#22680)
#21937 implemented only basic events based on name because of `act`'s
limitation. So I sent a PR to parse all possible events details in
https://gitea.com/gitea/act/pulls/11 and it merged. The ref
documentation is
https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows

This PR depends on that and make more detail responses for `push` events
and `pull_request` events. And it lefts more events there for future
PRs.

---------

Co-authored-by: Jason Song <i@wolfogre.com>
2023-02-01 13:32:46 +08:00
Felipe Leopoldo Sologuren Gutiérrez 7fd5d38860
Improve checkbox accessibility a bit by adding the title attribute (#22593)
EDIT: The main change of this PR was resolved by #22599. This
complements that PR for some cases without label and complicated layout
to be added.

NOTE: Contributed by @Forgejo.
2023-02-01 01:43:06 +00:00
Brecht Van Lommel faa96553d1
Add repository setting to enable/disable releases unit (#22671)
To go along with similar settings for issues, pulls, projects, packages.
2023-02-01 01:31:19 +00:00
Jason Song b6145bfaa3
Use relative url in actions view (#22675)
Use relative url in actions view.
2023-01-31 22:46:10 +00:00
Jason Song 707ecec715
Fix ref to trigger Actions (#22679)
If triggered by PR, the ref should be `pull/<index>/head` instead of
`repo.DefaultBranch`.

And improve UI:

<img width="493" alt="image"
src="https://user-images.githubusercontent.com/9418365/215731280-312564f2-2450-45d0-b986-1accb0670976.png">


Related to #21937.
2023-01-31 22:45:25 +00:00
Melroy van den Berg fd29071e57
Rootless Docker - Mistake with the repo-avatars parent folder name (#22637)
There was a mistake when choosing the structure for the repo avatars parent folder and it added a spurious /gitea.

The `data` directory should contain folders like:

  - `attachments/`
  - `avatars/`
  - `log/`
  - `repo-avatars/`
2023-01-31 22:42:48 +00:00
Brecht Van Lommel 1947409ef0
Fix missing title and filter in issue sidebar project menu (#22557)
These exist in the new issue form but were seemingly forgotten here.
2023-01-31 22:40:38 +00:00
Lunny Xiao cc910014ab
Fix wrong hint when deleting a branch successfully from pull request UI (#22673)
Fix #18785
2023-01-31 22:11:48 +00:00
zeripath f1f0430f9f
Add Contributed backport command (#22643)
This PR provides a contributed backport command to help create backports
for Gitea.

It represents a significant improvement on my previously described
shell-script.

It can be installed using `go install contrib/backport/backport.go`.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2023-01-31 22:10:54 +00:00
Ivan Maximov 519939fa8c
Fix typo in command-line.en-us.md (#22681)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-31 21:43:39 +00:00
Ivan Maximov f518b42d4c
Fix typo in linked-references.en-us.md (#22682) 2023-01-31 21:43:27 +00:00
Ivan Maximov 66877aed54
Fix typo in guidelines-backend.en-us.md (#22690) 2023-01-31 21:43:12 +00:00
Ivan Maximov 706f4686b8
Fix typo in storage.en-us.md (#22694) 2023-01-31 22:42:41 +01:00
JakobDev be93e48ccb
Hide collapse icon in diff with no lines (#21094)
Sometimes (e.g. renaming a file) nothing of the content is changed. In
this case, it makes no sense to show the collapse icon in a diff.
2023-01-31 11:40:22 -06:00
Felipe Leopoldo Sologuren Gutiérrez 85016af1fe
Fixes accessibility behavior of Watching, Staring and Fork buttons (#22634)
Add tabindex to buttons of repository views.
2023-01-31 16:28:43 +01:00
KN4CK3R b80538f37d
Disable test for incoming email (#22686)
Disable this test for the moment because the used imap container image
seems unstable which results in many failed CI builds.

Co-authored-by: Jason Song <i@wolfogre.com>
2023-01-31 14:56:22 +01:00
Francesco Siddi c14d3e80e8
Remove label color from global issue filters (#22660)
The use of ui colors (red, green, etc) should be limited to actionable
or dismissable entries. Before this commit, a green/red label was used
to display issues count on each repository. This did not add any
meaningful information to the list.

Removing the label reduces ambiguity and makes the list easier to scan
visually.


![label_compare](https://user-images.githubusercontent.com/451841/215360696-a881b765-207d-4ffa-8bec-398f8e5dab1e.jpg)

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-01-31 20:58:34 +08:00
wxiaoguang 36dc11869d
Use correct captured group range when parsing cross-reference (#22672)
Fixes #22666 (Replace #22668)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: zeripath <art27@cantab.net>
2023-01-31 10:08:05 +01:00
yp05327 f47ea60c07
set user visibility class to basic (#22674)
Same to https://github.com/go-gitea/gitea/pull/22605

![user
package](https://user-images.githubusercontent.com/18380374/215669905-71fe01c3-c011-4867-97a6-3df5f940a6bf.PNG)
![user
projects](https://user-images.githubusercontent.com/18380374/215669909-1a4f74f1-bbde-4913-9ba5-51c44cc63862.PNG)

These two page are both used at user and org, so if i fixed the org
page, the user page will be also be fixed.
2023-01-31 07:05:25 +00:00
crystal 03f37d82fe
Fix README TOC links (#22577)
Fixes anchored markup links by adding `user-content-` (which is
prepended to IDs)

Closes https://codeberg.org/Codeberg/Community/issues/894
2023-01-31 13:21:29 +08:00
Jason Song 4011821c94
Implement actions (#21937)
Close #13539.

Co-authored by: @lunny @appleboy @fuxiaohei and others.

Related projects:
- https://gitea.com/gitea/actions-proto-def
- https://gitea.com/gitea/actions-proto-go
- https://gitea.com/gitea/act
- https://gitea.com/gitea/act_runner

### Summary

The target of this PR is to bring a basic implementation of "Actions",
an internal CI/CD system of Gitea. That means even though it has been
merged, the state of the feature is **EXPERIMENTAL**, and please note
that:

- It is disabled by default;
- It shouldn't be used in a production environment currently;
- It shouldn't be used in a public Gitea instance currently;
- Breaking changes may be made before it's stable.

**Please comment on #13539 if you have any different product design
ideas**, all decisions reached there will be adopted here. But in this
PR, we don't talk about **naming, feature-creep or alternatives**.

### ⚠️ Breaking

`gitea-actions` will become a reserved user name. If a user with the
name already exists in the database, it is recommended to rename it.

### Some important reviews

- What is `DEFAULT_ACTIONS_URL` in `app.ini` for?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1055954954
- Why the api for runners is not under the normal `/api/v1` prefix?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1061173592
- Why DBFS?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1061301178
- Why ignore events triggered by `gitea-actions` bot?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1063254103
- Why there's no permission control for actions?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1090229868

### What it looks like

<details>

#### Manage runners

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205870657-c72f590e-2e08-4cd4-be7f-2e0abb299bbf.png">

#### List runs

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205872794-50fde990-2b45-48c1-a178-908e4ec5b627.png">


#### View logs

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205872501-9b7b9000-9542-4991-8f55-18ccdada77c3.png">



</details>

### How to try it

<details>

#### 1. Start Gitea

Clone this branch and [install from
source](https://docs.gitea.io/en-us/install-from-source).

Add additional configurations in `app.ini` to enable Actions:

```ini
[actions]
ENABLED = true
```

Start it.

If all is well, you'll see the management page of runners:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205877365-8e30a780-9b10-4154-b3e8-ee6c3cb35a59.png">


#### 2. Start runner

Clone the [act_runner](https://gitea.com/gitea/act_runner), and follow
the
[README](https://gitea.com/gitea/act_runner/src/branch/main/README.md)
to start it.

If all is well, you'll see a new runner has been added:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205878000-216f5937-e696-470d-b66c-8473987d91c3.png">

#### 3. Enable actions for a repo

Create a new repo or open an existing one, check the `Actions` checkbox
in settings and submit.

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205879705-53e09208-73c0-4b3e-a123-2dcf9aba4b9c.png">
<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205879383-23f3d08f-1a85-41dd-a8b3-54e2ee6453e8.png">

If all is well, you'll see a new tab "Actions":

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205881648-a8072d8c-5803-4d76-b8a8-9b2fb49516c1.png">

#### 4. Upload workflow files

Upload some workflow files to `.gitea/workflows/xxx.yaml`, you can
follow the [quickstart](https://docs.github.com/en/actions/quickstart)
of GitHub Actions. Yes, Gitea Actions is compatible with GitHub Actions
in most cases, you can use the same demo:

```yaml
name: GitHub Actions Demo
run-name: ${{ github.actor }} is testing out GitHub Actions 🚀
on: [push]
jobs:
  Explore-GitHub-Actions:
    runs-on: ubuntu-latest
    steps:
      - run: echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event."
      - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by GitHub!"
      - run: echo "🔎 The name of your branch is ${{ github.ref }} and your repository is ${{ github.repository }}."
      - name: Check out repository code
        uses: actions/checkout@v3
      - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner."
      - run: echo "🖥️ The workflow is now ready to test your code on the runner."
      - name: List files in the repository
        run: |
          ls ${{ github.workspace }}
      - run: echo "🍏 This job's status is ${{ job.status }}."
```

If all is well, you'll see a new run in `Actions` tab:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205884473-79a874bc-171b-4aaf-acd5-0241a45c3b53.png">

#### 5. Check the logs of jobs

Click a run and you'll see the logs:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205884800-994b0374-67f7-48ff-be9a-4c53f3141547.png">

#### 6. Go on

You can try more examples in [the
documents](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions)
of GitHub Actions, then you might find a lot of bugs.

Come on, PRs are welcome.

</details>

See also: [Feature Preview: Gitea
Actions](https://blog.gitea.io/2022/12/feature-preview-gitea-actions/)

---------

Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: ChristopherHX <christopher.homberger@web.de>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2023-01-31 09:45:19 +08:00
Brecht Van Lommel b5b3e0714e
Pull request yaml template support for including commit body in a field (#22629)
When using a markdown template the commit body is prepended to text in
the description. This adds the same functionality for yaml templates,
adding the commit message in a field with id "body".

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-30 22:39:07 +08:00
Gusted 1b53a9e914
Don't return duplicated users who can create org repo (#22560)
- Currently the function `GetUsersWhoCanCreateOrgRepo` uses a query that
is able to have duplicated users in the result, this is can happen under
the condition that a user is in team that either is the owner team or
has permission to create organization repositories.
- Add test code to simulate the above condition for user 3,
[`TestGetUsersWhoCanCreateOrgRepo`](a1fcb1cfb8/models/organization/org_test.go (L435))
is the test function that tests for this.
- The fix is quite trivial use a map keyed by user id in order to drop
duplicates.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-30 18:12:45 +08:00
Brecht Van Lommel be315c76fb
Fix poor alignment of organization description on organization home page (#22656)
Don't generate nested `<p>`, use `<div>` like description on the user
profile page.

Co-authored-by: Jason Song <i@wolfogre.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-30 16:16:12 +08:00
techknowlogick 203681d084
Issues: support setting issue template field values with query (#22545) 2023-01-30 12:36:04 +08:00
KN4CK3R d0d257b243
Add support for commit cross references (#22645)
Fixes #22628

This PR adds cross references for commits by using the format
`owner/repo@commit` . References are rendered like
[go-gitea/lgtm@6fe88302](#dummy).

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-30 09:50:01 +08:00
Brecht Van Lommel 3ff5a6a365
Fix missing message in git hook when pull requests disabled on fork (#22625)
And also the other way around, it would show an non-working URL in the
message when pull requests are disabled on the base repository but
enabled on the fork.
2023-01-29 15:00:10 -06:00
KN4CK3R d283a31f03
Check quota limits for container uploads (#22450)
The test coverage has revealed that container packages were not checked
against the quota limits.
2023-01-29 11:34:29 -06:00
John Olheiser 2052a9e2b4
Consume hcaptcha and pwn deps (#22610)
This PR just consumes the
[hcaptcha](https://gitea.com/jolheiser/hcaptcha) and
[haveibeenpwned](https://gitea.com/jolheiser/pwn) modules directly into
Gitea.

Also let this serve as a notice that I'm fine with transferring my
license (which was already MIT) from my own name to "The Gitea Authors".

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-01-29 09:49:51 -06:00
techknowlogick e88b529b31
Issues: add Project filter to issues list and search (#22544)
Currently only a single project like milestone, not multiple like
labels.

Implements #14298

Code by @brechtvl

---------

Co-authored-by: Brecht Van Lommel <brecht@blender.org>
2023-01-29 11:45:29 +08:00
Felipe Leopoldo Sologuren Gutiérrez 2b1e47e2a2
Improve accessibility of navigation bar and footer (#22635)
Added ARIA navigation landmark to navigation bar and aria label for both
nav bar and footer.

Contributed by @forgejo.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-29 09:29:10 +08:00
Lunny Xiao c0015979a6
Support system hook API (#14537)
This add system hook API
2023-01-28 19:12:10 +01:00
zeripath 78e6b21c1a
Improve checkIfPRContentChanged (#22611)
The code for checking if a commit has caused a change in a PR is
extremely inefficient and affects the head repository instead of using a
temporary repository.

This PR therefore makes several significant improvements:

* A temporary repo like that used in merging.
* The diff code is then significant improved to use a three-way diff
instead of comparing diffs (possibly binary) line-by-line - in memory...

Ref #22578

Signed-off-by: Andrew Thornton <art27@cantab.net>
2023-01-28 15:54:40 +00:00
Felipe Leopoldo Sologuren Gutiérrez e9cd18b557
Link issue and pull requests status change in UI notifications directly to their event in the timelined view. (#22627)
Adding the related comment to the issue and pull request status change
in the UI notifications allows to navigate directly to the specific
event in its dedicated view, easing the reading of last comments and to
the editor for additional comments if desired.
2023-01-28 11:16:46 +00:00
a1012112796 48f5d51908
fix permission check for creating comment while mail (#22524)
only creating comment on locked issue request write permission,
for others, read permission is enough.

related to https://github.com/go-gitea/gitea/pull/22056

/cc @KN4CK3R

---------

Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-28 17:28:55 +08:00
Otto Richter (fnetX) 95d9fbdcf3
Fix error on account activation with wrong passwd (#22609)
On activating local accounts, the error message didn't differentiate
between using a wrong or expired token, or a wrong password. The result
could already be obtained from the behaviour (different screens were
presented), but the error message was misleading and lead to confusion
for new users on Codeberg with Forgejo.

Now, entering a wrong password for a valid token prints a different
error message.

The problem was introduced in 0f14f69e60.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-28 15:59:46 +08:00