gitea/models
zeripath dace0ce1b1
Prevent addition of labels from outside the repository or organisation in issues (#14912)
* Never add labels not from this repository or organisation and remove org labels on transfer

Prevent the addition of labels from outside of the repository or
organisation and remove organisation labels on transfer.

Related #14908

Signed-off-by: Andrew Thornton <art27@cantab.net>

* switch to use sql

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove AS

Signed-off-by: Andrew Thornton <art27@cantab.net>

* subquery alias

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Give me some AS?

Signed-off-by: Andrew Thornton <art27@cantab.net>

* double AS

Signed-off-by: Andrew Thornton <art27@cantab.net>

* try try again

Signed-off-by: Andrew Thornton <art27@cantab.net>

* once more around the merry go round

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix api problem

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add outside label consistency check into doctor

This PR adds another consistency check into doctor in order to detect
labels that have been added from outside of repositories and organisations

Fix #14908

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix migration

Signed-off-by: Andrew Thornton <art27@cantab.net>

* prep for merge

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-03-19 21:25:14 +08:00
..
fixtures API: fix set milestone on PR creation (#14981) 2021-03-13 19:06:52 +01:00
migrations Prevent addition of labels from outside the repository or organisation in issues (#14912) 2021-03-19 21:25:14 +08:00
access_test.go Fix "access" fixtures and tests (#10247) 2020-02-15 12:29:06 +08:00
access.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
action_list.go refactor: reduce sql query in retrieveFeeds (#3547) 2018-02-21 18:55:34 +08:00
action_test.go Clarify the suffices and prefixes of setting.AppSubURL and setting.AppURL (#12999) 2021-02-19 22:36:43 +01:00
action.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
admin_test.go Fix tests code to prevent some runtime errors (#2381) 2017-08-28 12:17:45 +03:00
admin.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
attachment_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
attachment.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
avatar_test.go Direct avatar rendering (#13649) 2020-12-03 19:46:11 +01:00
avatar.go Fix frontpage avatars (#13853) 2020-12-09 01:12:15 +01:00
branches_test.go Add deleted_branch table fixture (#2832) 2017-11-04 15:31:59 +02:00
branches.go Add dismiss review feature (#12674) 2021-02-11 18:32:25 +01:00
commit_status_test.go Fix bug about ListOptions and stars/watchers pagnation (#14556) 2021-02-04 11:23:46 -06:00
commit_status.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
consistency.go Prevent addition of labels from outside the repository or organisation in issues (#14912) 2021-03-19 21:25:14 +08:00
context.go Upgrade xorm to v1.0.2 (#11900) 2020-06-15 16:46:01 -04:00
convert.go Whilst changing the character set to utf8mb4 we should set ROW_FORMAT=dynamic too (#12804) 2020-09-11 09:25:06 +01:00
error_oauth2.go gofmt (#1662) 2017-05-04 13:54:56 +08:00
error.go Ensure validation occurs on clone addresses too (#14994) 2021-03-15 17:52:11 -04:00
external_login_user.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
fixture_generation.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
fixture_test.go Move fixture generation to contrib and add test (#10277) 2020-02-15 10:59:43 +02:00
gpg_key_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
gpg_key.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
helper_directory.go Re-attempt to delete temporary upload if the file is locked by another process (#12447) 2020-08-11 21:05:34 +01:00
helper_environment.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
helper.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_assignees_test.go Fix API Bug (fail on empty assignees) (#8873) 2019-11-10 16:07:21 +08:00
issue_assignees.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_comment_list.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_comment_test.go Pull request review/approval and comment on code (#3748) 2018-08-06 06:43:21 +02:00
issue_comment.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_dependency_test.go Refactor comment (#9330) 2019-12-15 16:57:34 -05:00
issue_dependency.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_label_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_label.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_list_test.go Add Organization Wide Labels (#10814) 2020-04-01 01:14:46 -03:00
issue_list.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_lock.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_milestone_test.go Add name filter to API for GetMilestoneList (#12336) 2020-07-28 12:30:40 +01:00
issue_milestone.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_reaction_test.go Migrate reactions when migrating repository from github (#9599) 2020-01-15 12:14:07 +01:00
issue_reaction.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_stopwatch_test.go Add gitea-vet (#10948) 2020-04-05 07:20:50 +01:00
issue_stopwatch.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_tracked_time_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_tracked_time.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_user_test.go Add "Update Branch" button to Pull Requests (#9784) 2020-01-17 08:03:40 +02:00
issue_user.go Mail assignee when issue/pull request is assigned (#8546) 2019-10-25 22:46:37 +08:00
issue_watch_test.go API add/generalize pagination (#9452) 2020-01-24 14:00:29 -05:00
issue_watch.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_xref_test.go Refactor comment (#9330) 2019-12-15 16:57:34 -05:00
issue_xref.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
lfs_lock.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
lfs.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
list_options.go Fix bug about ListOptions and stars/watchers pagnation (#14556) 2021-02-04 11:23:46 -06:00
log.go Refactor Logger (#13294) 2020-10-31 01:36:46 -04:00
login_source.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
main_test.go Add gitea-vet (#10948) 2020-04-05 07:20:50 +01:00
migrate.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
models_test.go gitea dump: include version & Check InstallLock (#12760) 2020-09-07 23:27:17 +01:00
models.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
notification_test.go add request review from specific reviewers feature in pull request (#10756) 2020-04-06 19:33:34 +03:00
notification.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
oauth2_application_test.go Minimal OpenID Connect implementation (#14139) 2021-01-02 00:33:27 +08:00
oauth2_application.go Minimal OpenID Connect implementation (#14139) 2021-01-02 00:33:27 +08:00
oauth2.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
org_team_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
org_team.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
org_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
org.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
project_board.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
project_issue.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
project_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
project.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
pull_list.go API add/generalize pagination (#9452) 2020-01-24 14:00:29 -05:00
pull_sign.go Add configurable Trust Models (#11712) 2020-09-20 00:44:55 +08:00
pull_test.go Display pull request head branch even the branch deleted or repository deleted (#10413) 2020-03-02 22:31:55 +00:00
pull.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
release.go sort release attachments by name (#15008) 2021-03-17 11:25:49 +02:00
repo_activity.go Add top author stats to activity page (#9615) 2020-01-20 12:07:30 +02:00
repo_avatar.go Avatars and Repo avatars support storing in minio (#12516) 2020-10-14 21:07:51 +08:00
repo_branch.go Move newbranch to standalone package (#9627) 2020-01-14 11:38:04 +08:00
repo_collaboration_test.go API add/generalize pagination (#9452) 2020-01-24 14:00:29 -05:00
repo_collaboration.go Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124) 2020-10-12 20:01:57 -04:00
repo_generate_test.go Variable expansion in repository templates (#9163) 2019-11-30 01:54:47 -05:00
repo_generate.go Fix broken migration on webhook (#13911) 2020-12-09 17:20:13 +00:00
repo_indexer.go Index code and stats only for non-empty repositories (#10251) 2020-02-14 13:42:30 +01:00
repo_issue.go Add EnableTimetracking option to app settings (#3719) 2018-04-09 23:15:32 +08:00
repo_language_stats.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
repo_list_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
repo_list.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
repo_mirror.go Move some repository methods from models to modules/repository (#9353) 2019-12-14 18:30:01 +01:00
repo_permission_test.go fix bug when update owner team then visit team's repo return 404 (#6119) 2019-02-22 11:14:45 -05:00
repo_permission.go ui: show 'owner' tag for real owner (#13689) 2020-11-28 17:52:29 +02:00
repo_redirect_test.go Redirect on changed user and org name (#11649) 2021-01-24 16:23:05 +01:00
repo_redirect.go Redirect on changed user and org name (#11649) 2021-01-24 16:23:05 +01:00
repo_sign.go Add configurable Trust Models (#11712) 2020-09-20 00:44:55 +08:00
repo_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
repo_transfer_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
repo_transfer.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
repo_unit.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
repo_watch_test.go API add/generalize pagination (#9452) 2020-01-24 14:00:29 -05:00
repo_watch.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
repo.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
review_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
review.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
session.go Create DB session provider(based on xorm) (#13031) 2021-02-15 00:33:31 -05:00
sql_postgres_with_schema.go Ensure that schema search path is set with every connection on postgres (#14131) 2021-01-02 10:07:43 +08:00
ssh_key_test.go Add support for ed25519_sk and ecdsa_sk SSH keys (#13462) 2021-01-20 20:36:55 +00:00
ssh_key.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
star_test.go API add/generalize pagination (#9452) 2020-01-24 14:00:29 -05:00
star.go Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124) 2020-10-12 20:01:57 -04:00
task.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
test_fixtures.go upgrade to use testfixtures v3 (#11904) 2020-06-17 22:07:58 +03:00
token_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
token.go [API] Delete Token accept names too (#12366) 2020-08-28 11:09:33 +03:00
topic_test.go API add/generalize pagination (#9452) 2020-01-24 14:00:29 -05:00
topic.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
twofactor.go Attachments: Add extension support, allow all types for releases (#12465) 2020-10-05 01:49:33 -04:00
u2f_test.go Add gitea-vet (#10948) 2020-04-05 07:20:50 +01:00
u2f.go Display ui time with customize time location (#7792) 2019-08-15 22:46:21 +08:00
unit_tests.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
unit.go Kanban board (#8346) 2020-08-16 23:07:38 -04:00
update.go Remove Unused Functions (#10516) 2020-03-02 00:05:44 +02:00
upload.go Handle and propagate errors when checking if paths are Dirs, Files or Exist (#13186) 2020-11-27 21:42:08 -05:00
user_avatar.go Clarify the suffices and prefixes of setting.AppSubURL and setting.AppURL (#12999) 2021-02-19 22:36:43 +01:00
user_follow_test.go Add gitea-vet (#10948) 2020-04-05 07:20:50 +01:00
user_follow.go Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124) 2020-10-12 20:01:57 -04:00
user_heatmap_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
user_heatmap.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
user_mail_test.go Admin page for managing user e-mail activation (#10557) 2020-03-02 15:25:36 -03:00
user_mail.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
user_openid_test.go Add golangci (#6418) 2019-06-12 15:41:28 -04:00
user_openid.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
user_redirect_test.go Redirect on changed user and org name (#11649) 2021-01-24 16:23:05 +01:00
user_redirect.go Redirect on changed user and org name (#11649) 2021-01-24 16:23:05 +01:00
user_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
user.go Ensure validation occurs on clone addresses too (#14994) 2021-03-15 17:52:11 -04:00
userlist_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
userlist.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
webhook_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
webhook.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
wiki_test.go Move wiki related funtions from models to services/wiki (#9355) 2020-01-07 18:27:36 +00:00
wiki.go Handle and propagate errors when checking if paths are Dirs, Files or Exist (#13186) 2020-11-27 21:42:08 -05:00