Commit graph

99 commits

Author SHA1 Message Date
Gergely Nagy 67fa52dedb
feat(quota): Quota enforcement
The previous commit laid out the foundation of the quota engine, this
one builds on top of it, and implements the actual enforcement.

Enforcement happens at the route decoration level, whenever possible. In
case of the API, when over quota, a 413 error is returned, with an
appropriate JSON payload. In case of web routes, a 413 HTML page is
rendered with similar information.

This implementation is for a **soft quota**: quota usage is checked
before an operation is to be performed, and the operation is *only*
denied if the user is already over quota. This makes it possible to go
over quota, but has the significant advantage of being practically
implementable within the current Forgejo architecture.

The goal of enforcement is to deny actions that can make the user go
over quota, and allow the rest. As such, deleting things should - in
almost all cases - be possible. A prime exemption is deleting files via
the web ui: that creates a new commit, which in turn increases repo
size, thus, is denied if the user is over quota.

Limitations
-----------

Because we generally work at a route decorator level, and rarely
look *into* the operation itself, `size:repos:public` and
`size:repos:private` are not enforced at this level, the engine enforces
against `size:repos:all`. This will be improved in the future.

AGit does not play very well with this system, because AGit PRs count
toward the repo they're opened against, while in the GitHub-style fork +
pull model, it counts against the fork. This too, can be improved in the
future.

There's very little done on the UI side to guard against going over
quota. What this patch implements, is enforcement, not prevention. The
UI will still let you *try* operations that *will* result in a denial.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-08-02 11:10:34 +02:00
TheFox0x7 4de909747b Add testifylint to lint checks (#4535)
go-require lint is ignored for now

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4535
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: TheFox0x7 <thefox0x7@gmail.com>
Co-committed-by: TheFox0x7 <thefox0x7@gmail.com>
2024-07-30 19:41:10 +00:00
Michael Jerger 2f7f1aab8a fix review 2024-05-29 18:31:06 +02:00
Michael Jerger 82cb9e0203 ui for adding following repos 2024-05-24 13:28:15 +02:00
Lunny Xiao 9bc391250d
Fix wrong transfer hint (#30889)
Fix #30187

(cherry picked from commit f5f921c09555f5b31226fc31bbbb463649d0bfdc)
2024-05-12 20:03:10 +02:00
Gusted db39b8f4a7
[PORT] gitea#30430: Fix rename branch 500 when the target branch is deleted but exist in database
Fix https://github.com/go-gitea/gitea/issues/30428

---

Conflict resolution: trivial and move test to own subtest run directly
after `Normal`.

(cherrypicked commit 9466fec879f4f2c88c7c1e7a5cffba319282ab66)
2024-04-15 16:03:09 +02:00
Zettat123 87870ade49
Remove scheduled action tasks if the repo is archived (#30224)
Fix #30220

(cherry picked from commit 1ef2eb50d82d07b1e4ff312ef58953d1bba2437a)
2024-04-07 15:40:31 +02:00
oliverpool 04a398a1af [REFACTOR] webhook shared code to prevent import cycles 2024-04-04 08:24:33 +02:00
Earl Warren ec091b59af Merge pull request '[FEAT] Configure if protected branch rule should apply to admins' (#2867) from gusted/forgejo-protectedbranch-admins into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2867
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-04-01 19:28:29 +00:00
oliverpool 69115baf41 [REFACTOR] use Icon from interface in webhook list 2024-03-30 16:00:06 +01:00
oliverpool 120fa61a0a [REFACTOR] add Icon to webhook.Interface 2024-03-30 15:59:56 +01:00
Gusted 79b7089360
[FEAT] Configure if protected branch rule should apply to admins
- Currently protected branch rules do not apply to admins, however in
some cases (like in the case of Forgejo project) you might also want to
apply these rules to admins to avoid accidental merges.
- Add new option to configure this on a per-rule basis.
- Adds integration tests.
- Resolves #65
2024-03-29 00:21:49 +01:00
Earl Warren 1684f0e5bf Merge pull request '[PERFORMANCE] git check-attr on bare repo if supported' (#2763) from oliverpool/forgejo:check_attr_bare into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2763
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-03-28 11:14:52 +00:00
oliverpool 3c81f7478c [PERFORMANCE] git check-attr on bare repo if supported 2024-03-28 10:52:51 +01:00
oliverpool bc36f85b5f [REFACTOR] webhook repo naming consistency 2024-03-27 22:26:55 +01:00
oliverpool 9c3611ec50 [REFACTOR] simplify checkHookType 2024-03-27 22:26:55 +01:00
oliverpool 635230ca5d [TESTS] webhook forms keep submitted data when invalid 2024-03-27 22:26:55 +01:00
oliverpool 1e050d01c0 [REFACTOR] merge once-called functions 2024-03-27 22:26:54 +01:00
oliverpool 4ab341e971 [REFACTOR] webhook gogs endpoint 2024-03-27 15:38:39 +01:00
oliverpool dce754cde1 [REFACTOR] webhook packagist endpoint 2024-03-27 15:38:39 +01:00
oliverpool 36a1d37532 [REFACTOR] webhook wechatwork endpoint 2024-03-27 15:38:39 +01:00
oliverpool 6b719f08d0 [REFACTOR] webhook feishu endpoint 2024-03-27 15:38:39 +01:00
oliverpool 97f0ad49ff [REFACTOR] webhook msteams endpoint 2024-03-27 15:38:39 +01:00
oliverpool 46b71ec709 [REFACTOR] webhook telegram endpoint 2024-03-27 15:38:39 +01:00
oliverpool 9dff719523 [REFACTOR] webhook dingtalk endpoint 2024-03-27 15:38:39 +01:00
oliverpool c3f8e6ed60 [REFACTOR] webhook discord endpoint 2024-03-27 15:38:39 +01:00
oliverpool 6f00821f3d [REFACTOR] webhook slack endpoints 2024-03-27 15:38:38 +01:00
oliverpool 7e0965b02c [REFACTOR] webhook forgejo/gitea endpoints 2024-03-27 15:38:38 +01:00
oliverpool 8dfbbfef07 [REFACTOR] webhook matrix endpoints 2024-03-27 15:38:38 +01:00
Earl Warren e41e18f87e Merge pull request '[REFACTOR] webhook.Handler interface' (#2758) from oliverpool/forgejo:webhook_2_interface into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2758
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-03-27 13:45:04 +00:00
Earl Warren ac672fc3ff Merge pull request '[ACTIONS] port scheduled actions from Gitea' (#2826) from earl-warren/forgejo:wip-gitea-schedule into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2826
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-03-27 06:23:56 +00:00
Earl Warren a117dfd2b1
[ACTIONS] port scheduled actions from Gitea
Refs: https://codeberg.org/forgejo/forgejo/issues/2798
2024-03-26 16:51:56 +01:00
Gusted 0f79122053
[BUG] Detect protected branch on branch rename
- If a branch cannot be renamed due to a protected branch rule, show
this error in the UI instead of throwing an internal server error.
- Add integration test (also simplify the existing one).
- Resolves #2751
2024-03-26 15:58:52 +01:00
Lunny Xiao 3b3747ffe8
Fix schedule tasks bugs (#28691)
Fix #28157

This PR fix the possible bugs about actions schedule.

- Move `UpdateRepositoryUnit` and `SetRepoDefaultBranch` from models to
service layer
- Remove schedules plan from database and cancel waiting & running
schedules tasks in this repository when actions unit has been disabled
or global disabled.
- Remove schedules plan from database and cancel waiting & running
schedules tasks in this repository when default branch changed.

(cherry picked from commit 97292da960)

Conflicts:
	modules/actions/github.go
	routers/web/repo/setting/default_branch.go
	routers/web/repo/setting/setting.go
	services/repository/branch.go
	services/repository/setting.go
	tests/integration/actions_trigger_test.go
2024-03-25 16:25:02 +01:00
oliverpool 702152bfde [REFACTOR] webhook.Handler interface 2024-03-24 10:35:06 +01:00
oliverpool 33a3ee1955 [TESTS] webhook forms creation and edition 2024-03-23 23:02:06 +01:00
yp05327 2da0628f18
Fix incorrect menu/link on webhook edit page (#29709)
Fix #29699

---------

Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit 2da13675c0cfdc531044553636c3b74f2fda3eb4)
2024-03-20 08:46:29 +01:00
Lunny Xiao 69ebc2f7d8
Use repo object format name instead of detecting from git repository (#29702)
It's unnecessary to detect the repository object format from git
repository. Just use the repository's object format name.

(cherry picked from commit 3c6fc25a77c37d50686caa495d27a31dcef7f75f)

Conflicts:
	services/pull/pull.go
2024-03-20 08:46:28 +01:00
Lunny Xiao 3d9afe8813
Move get/set default branch from git package to gitrepo package to hide repopath (#29126)
(cherry picked from commit 25b842df261452a29570ba89ffc3a4842d73f68c)

Conflicts:
	routers/web/repo/wiki.go
	services/repository/branch.go
	services/repository/migrate.go
	services/wiki/wiki.go
	also apply to Forgejo specific usage of the refactored functions
2024-03-11 23:36:59 +07:00
Lunny Xiao 894d9b2836
Move context from modules to services (#29440)
Since `modules/context` has to depend on `models` and many other
packages, it should be moved from `modules/context` to
`services/context` according to design principles. There is no logic
code change on this PR, only move packages.

- Move `code.gitea.io/gitea/modules/context` to
`code.gitea.io/gitea/services/context`
- Move `code.gitea.io/gitea/modules/contexttest` to
`code.gitea.io/gitea/services/contexttest` because of depending on
context
- Move `code.gitea.io/gitea/modules/upload` to
`code.gitea.io/gitea/services/context/upload` because of depending on
context

(cherry picked from commit 29f149bd9f517225a3c9f1ca3fb0a7b5325af696)

Conflicts:
	routers/api/packages/alpine/alpine.go
	routers/api/v1/repo/issue_reaction.go
	routers/install/install.go
	routers/web/admin/config.go
	routers/web/passkey.go
	routers/web/repo/search.go
	routers/web/repo/setting/default_branch.go
	routers/web/user/home.go
	routers/web/user/profile.go
	tests/integration/editor_test.go
	tests/integration/integration_test.go
	tests/integration/mirror_push_test.go
	trivial context conflicts
	also modified all other occurrences in Forgejo specific files
2024-03-06 12:10:43 +08:00
Lunny Xiao ff8cb299d1
Move migration functions to services layer (#29497) 2024-03-04 07:10:53 +01:00
Lunny Xiao 6905540088
Use the database object format name but not read from git repoisitory everytime and fix possible migration wrong objectformat when migrating a sha256 repository (#29294)
Now we can get object format name from git command line or from the
database repository table. Assume the column is right, we don't need to
read from git command line every time.

This also fixed a possible bug that the object format is wrong when
migrating a sha256 repository from external.

<img width="658" alt="image"
src="https://github.com/go-gitea/gitea/assets/81045/6e9a9dcf-13bf-4267-928b-6bf2c2560423">

(cherry picked from commit b79c30435f439af8243ee281310258cdf141e27b)

Conflicts:
	routers/web/repo/blame.go
	services/agit/agit.go
	context
2024-02-26 22:30:26 +01:00
Earl Warren 775956cc68 Merge pull request '[BUG] Don't overwrite protected branch accidentally' (#2473) from gusted/forgejo-error-duplicate into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2473
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-26 14:55:09 +00:00
Gusted 1bab4358ac
[BUG] Don't overwrite protected branch accidentally
- If a user tries to create another protected branching rule that
specifies a set of branches already used by another rule, do not allow
it.
- Update the translation accordingly.
- Adds integration test.
- Resolves #2455
2024-02-25 20:09:18 +01:00
Gusted 5b3a82d621
[FEAT] Enable ambiguous character detection in configured contexts
- The ambiguous character detection is an important security feature to
combat against sourcebase attacks (https://trojansource.codes/).
- However there are a few problems with the feature as it stands
today (i) it's apparantly an big performance hitter, it's twice as slow
as syntax highlighting (ii) it contains false positives, because it's
reporting valid problems but not valid within the context of a
programming language (ambiguous charachters in code comments being a
prime example) that can lead to security issues (iii) charachters from
certain languages always being marked as ambiguous. It's a lot of effort
to fix the aforementioned issues.
- Therefore, make it configurable in which context the ambiguous
character detection should be run, this avoids running detection in all
contexts such as file views, but still enable it in commits and pull
requests diffs where it matters the most. Ideally this also becomes an
per-repository setting, but the code architecture doesn't allow for a
clean implementation of that.
- Adds unit test.
- Adds integration tests to ensure that the contexts and instance-wide
is respected (and that ambigious charachter detection actually work in
different places).
- Ref: https://codeberg.org/forgejo/forgejo/pulls/2395#issuecomment-1575547
- Ref: https://codeberg.org/forgejo/forgejo/issues/564
2024-02-23 13:12:17 +01:00
Tim-Nicas Oelschläger 7263b3effe
Change webhook-type in create-view (#29114)
It's now possible to change webhook-type in create-view.

before:

![image](https://github.com/go-gitea/gitea/assets/72873130/9ee1b9fb-843b-4f28-b8d6-6361e5d184f1)

after:

![image](https://github.com/go-gitea/gitea/assets/72873130/9dbf058f-5912-43af-9acd-487271212f2d)

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 374e886f5113a996e1e927a60d1775e77262c364)

Conflicts:
	templates/repo/settings/webhook/base_list.tmpl
	templates/shared/webhook/icon.tmpl
2024-02-17 23:24:30 +01:00
wxiaoguang 65248945c9
Refactor locale&string&template related code (#29165)
Clarify when "string" should be used (and be escaped), and when
"template.HTML" should be used (no need to escape)

And help PRs like  #29059 , to render the error messages correctly.

(cherry picked from commit f3eb835886031df7a562abc123c3f6011c81eca8)

Conflicts:
	modules/web/middleware/binding.go
	routers/web/feed/convert.go
	tests/integration/branches_test.go
	tests/integration/repo_branch_test.go
	trivial context conflicts
2024-02-16 15:20:52 +01:00
Chris Copeland 83123b493f
Add merge style fast-forward-only (#28954)
With this option, it is possible to require a linear commit history with
the following benefits over the next best option `Rebase+fast-forward`:
The original commits continue existing, with the original signatures
continuing to stay valid instead of being rewritten, there is no merge
commit, and reverting commits becomes easier.

Closes #24906
2024-02-14 17:19:19 +01:00
Gergely Nagy fa73375e13
Split out repository unit settings
This splits out the repository unit settings (formerly "Advanced
settings" under the repository settings page) into their own, separate
page.

The primary reason for this is that the settings page became long and
complicated, with a structure that not always made sense. A secondary
reason is that toggling units on and off should not necessarily be an
"advanced" setting. We want to make doing that easier, and having the
units on their own page helps with that.

This is basically a refactor, there is no new functionality introduced,
just an extra pair of routes for the new page, and the supporting code.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-13 22:42:09 +01:00
Earl Warren 094c84ed6d
Merge branch 'rebase-forgejo-dependency' into wip-forgejo 2024-02-05 18:58:23 +01:00