Commit graph

4341 commits

Author SHA1 Message Date
oliverpool 25daa267bb migration v1_11/v111.go: Unknown columns in 'field list' 2024-03-24 07:12:31 +01:00
oliverpool b990e07af0 old migrations: warning instead of error 2024-03-24 07:11:19 +01:00
oliverpool 3b7b899afa fix commit_status 2024-03-24 07:11:19 +01:00
oliverpool 2536c2db89 fix webhook fixtures 2024-03-24 07:11:19 +01:00
oliverpool 036b98884c fix action_run fixtures 2024-03-24 07:11:18 +01:00
oliverpool e43c6cd9df fail test when log.Error is called
except for some specific messages (to make the test pass for now)
2024-03-24 07:11:18 +01:00
Earl Warren 0bfd4ca532 Merge pull request 'Allow users to hide all "Add more units..." hints' (#2533) from algernon/forgejo:less-is-more into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2533
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-03-24 05:42:37 +00:00
oliverpool 33a3ee1955 [TESTS] webhook forms creation and edition 2024-03-23 23:02:06 +01:00
Michael Jerger a9d18e5327 fixed issues, store now works 2024-03-23 17:01:25 +01:00
Michael Jerger 950dcd959e implement storage of federated_repo 2024-03-22 20:14:20 +01:00
erik 6b767684a7 Add discussion ToDo 2024-03-22 17:51:20 +01:00
erik 36c0c1c3c1 Add DB functionality for federated repos 2024-03-22 17:41:59 +01:00
Michael Jerger 508b4deac8 add test & fix compile 2024-03-22 08:37:06 +01:00
Michael Jerger 9ccad50b05 review 2024-03-22 07:52:03 +01:00
erik 0c6c43003c Implement getting APAPIURL for repo and user 2024-03-21 16:27:35 +01:00
erik ed256ca540 Implement NewForgeLike 2024-03-21 16:27:08 +01:00
Michael Jerger b4bb41e0e3 introduce federated repo 2024-03-21 08:25:40 +01:00
Gergely Nagy 36147f580c
Allow users to hide all "Add more units..." hints
Repositories displaying an "Add more..." tab on the header is a neat way
to let people discover they can enable more units. However, displaying
it all the time for repository owners, even when they deliberately do
not want to enable more units gets noisy very fast.

As such, this patch introduces a new setting which lets people disable
this hint under the appearance settings.

Fixes #2378.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-03-21 08:15:51 +01:00
Lunny Xiao 926367fe1d
Add more stats tables (#29730)
Add `Tags`, `Branches` and `CommitStatus` to monitor/stats

(cherry picked from commit e5e2b2fcd7e8446f99e8eb61eef9efe2790220c8)
2024-03-20 08:46:28 +01:00
Lunny Xiao d996c5d517
Some performance optimization on dashboard and issues page (#29010)
This PR do some loading speed optimization for feeds user interface
pages.
- Load action users batchly but not one by one.
- Load action repositories batchly but not one by one.
- Load action's Repo Owners batchly but not one by one.
- Load action's possible issues batchly but not one by one.
- Load action's possible comments batchly but not one by one.

(cherry picked from commit aed3b53abdd02a3ffbf9e8eb90272ff567333073)
2024-03-20 08:46:28 +01:00
pengqiseven e825d007b1
remove repetitive words (#29695)
Signed-off-by: pengqiseven <912170095@qq.com>
(cherry picked from commit 7f856d5d742dcb6febdb8a3f22cd9a8fecc69a4d)
2024-03-20 08:46:28 +01:00
Zettat123 2559c80bec
Add a warning for disallowed email domains (#29658)
Resolve #29660

Follow #29522 and #29609

Add a warning for disallowed email domains when admins manually add/edit
users.

Thanks @yp05327 for the
[comment](https://github.com/go-gitea/gitea/pull/29605#issuecomment-1980105119)

![image](https://github.com/go-gitea/gitea/assets/15528715/6737b221-a3a2-4180-9ef8-b846c10f96e0)

(cherry picked from commit 4129e0e79bbf30e4297efd33feb2602c40322d10)
2024-03-20 08:46:28 +01:00
Gusted 17ef8145a8 Merge pull request '[PORT] Refactor code_indexer to use an SearchOptions struct for PerformSearch (gitea#29724)' (#2686) from snematoda/port-29724 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2686
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-03-19 17:42:50 +00:00
erik 884e38bdab WIP Implement proper saving of federated repo urls
Added ToDos where relevant
2024-03-19 15:29:37 +01:00
Jason Song 286d09203f Sync branches to DB immediately when handle git hook calling (gitea#29493)
Unlike other async processing in the queue, we should sync branches to
the DB immediately when handling git hook calling. If it fails, users
can see the error message in the output of the git command.

It can avoid potential inconsistency issues, and help #29494.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-03-18 17:38:01 +01:00
6543 d5319feb85 Refactor code_indexer to use an SearchOptions struct for PerformSearch (#29724)
similar to how it's already done for the issue_indexer

---
*Sponsored by Kithara Software GmbH*

Conflicts:
	routers/web/repo/search.go
2024-03-18 12:25:05 +00:00
Michael Jerger 9dcdf8d828 Locales, field & action 2024-03-16 12:46:43 +01:00
Gusted 65f9319c8f Merge pull request '[Windows] prevent ? in testdata path' (#2668) from oliverpool/forgejo:prevent_windows_incompatibles_paths into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2668
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-03-15 14:40:53 +00:00
oliverpool a3cdb5f2d3 [Windows] prevent ? in testdata path 2024-03-15 13:15:46 +01:00
Gusted a4cc37b46a
[BUG] Use correct headcommitid
Regression of #2507, which switched the HEAD from `pr.GetGitRefName()`
to `pr.HeadCommitID` but it had to be `prInfo.HeadCommitID`. Resolves #2656
I was able to reproduce this locally with _some_ pull requests, haven't
been able to get a reproducer trough integration testing.
2024-03-14 16:15:56 +01:00
oliverpool 12e317c198
add test for webhook migration 2024-03-11 23:37:00 +07:00
Lunny Xiao 3d9afe8813
Move get/set default branch from git package to gitrepo package to hide repopath (#29126)
(cherry picked from commit 25b842df261452a29570ba89ffc3a4842d73f68c)

Conflicts:
	routers/web/repo/wiki.go
	services/repository/branch.go
	services/repository/migrate.go
	services/wiki/wiki.go
	also apply to Forgejo specific usage of the refactored functions
2024-03-11 23:36:59 +07:00
sillyguodong 6cb9e8d869
Make runs-on support variable expression (#29468)
As title.
Close issue: https://gitea.com/gitea/act_runner/issues/445
Follow: https://gitea.com/gitea/act/pulls/91

Move `getSecretsOfTask` and `getVariablesOfTask` under `models` because
of circular dependency issues.

(cherry picked from commit a1f5dd767729e30d07ab42fda80c19f30a72679f)
2024-03-11 23:36:59 +07:00
wxiaoguang abb0294996
Partially enable MSSQL case-sensitive collation support (#29238)
Follow #28662

(cherry picked from commit 29a8c8de779924694fadad80b31cc855dd62c0f2)
2024-03-11 23:36:59 +07:00
oliverpool 53f6f62ad4
Store webhook event in database (#29145)
Refactor the webhook logic, to have the type-dependent processing happen
only in one place.

---

1. An event happens
2. It is pre-processed (depending on the webhook type) and its body is
added to a task queue
3. When the task is processed, some more logic (depending on the webhook
type as well) is applied to make an HTTP request

This means that webhook-type dependant logic is needed in step 2 and 3.
This is cumbersome and brittle to maintain.

Updated webhook flow with this PR:
1. An event happens
2. It is stored as-is and added to a task queue
3. When the task is processed, the event is processed (depending on the
webhook type) to make an HTTP request

So the only webhook-type dependent logic happens in one place (step 3)
which should be much more robust.

- the raw event must be stored in the hooktask (until now, the
pre-processed body was stored)
- to ensure that previous hooktasks are correctly sent, a
`payload_version` is added (version 1: the body has already been
pre-process / version 2: the body is the raw event)

So future webhook additions will only have to deal with creating an
http.Request based on the raw event (no need to adjust the code in
multiple places, like currently).

Moreover since this processing happens when fetching from the task
queue, it ensures that the queuing of new events (upon a `git push` for
instance) does not get slowed down by a slow webhook.

As a concrete example, the PR #19307 for custom webhooks, should be
substantially smaller:
- no need to change `services/webhook/deliver.go`
- minimal change in `services/webhook/webhook.go` (add the new webhook
to the map)
- no need to change all the individual webhook files (since with this
refactor the `*webhook_model.Webhook` is provided as argument)

(cherry picked from commit 26653b196bd1d15c532af41f60351596dd4330bd)

Conflicts:
	services/webhook/deliver_test.go
	trivial context conflict
2024-03-11 23:36:59 +07:00
wxiaoguang 7ea8993a0e
Make wiki default branch name changable (#29603) (database migration ony)
Fix #29000
Fix #28685
Fix #18568

Related: #27497

And by the way fix #24036, add a Cancel button there (one line)

(cherry picked from commit 5cddab4f74bbb307ddf13e458c7ac22f93b9283a)
2024-03-11 23:36:59 +07:00
KN4CK3R 8bf280a686
Add user blocking (#29028) (database migration ony)
Fixes #17453

This PR adds the abbility to block a user from a personal account or
organization to restrict how the blocked user can interact with the
blocker. The docs explain what's the consequence of blocking a user.

Screenshots:

![grafik](https://github.com/go-gitea/gitea/assets/1666336/4ed884f3-e06a-4862-afd3-3b8aa2488dc6)

![grafik](https://github.com/go-gitea/gitea/assets/1666336/ae6d4981-f252-4f50-a429-04f0f9f1cdf1)

![grafik](https://github.com/go-gitea/gitea/assets/1666336/ca153599-5b0f-4b4a-90fe-18bdfd6f0b6b)

---------

Co-authored-by: Lauris BH <lauris@nix.lv>
(cherry picked from commit c337ff0ec70618ef2ead7850f90ab2a8458db192)
2024-03-11 23:36:59 +07:00
Lunny Xiao 97c8dbf332
Fix bug hidden on CI and make ci failed if tests failure (#29254)
The tests on migration tests failed but CI reports successfully

https://github.com/go-gitea/gitea/actions/runs/7364373807/job/20044685969#step:8:141

This PR will fix the bug on migration v283 and also the CI hidden
behaviour.

The reason is on the Makefile

`GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini $(GO) test
$(GOTESTFLAGS) -tags='$(TEST_TAGS)' $(MIGRATE_TEST_PACKAGES)` will
return the error exit code.

But

`for pkg in $(shell $(GO) list
code.gitea.io/gitea/models/migrations/...); do \
GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini $(GO) test
$(GOTESTFLAGS) -tags '$(TEST_TAGS)' $$pkg; \
	done`

will not work.

This also fix #29602

(cherry picked from commit 45277486c2c6213b7766b1da708a991cdb1f3565)

Conflicts:
	.github/workflows/pull-db-tests.yml
	Makefile
	models/migrations/v1_22/v283.go
	models/migrations/v1_22/v286_test.go
	models/migrations/v1_22/v287_test.go
	already in Forgejo for the Makefile & CI logic but Gitea changes
	otherwise rule
2024-03-11 23:36:59 +07:00
techknowlogick 82b7de1360
Add admin API route for managing user's badges (#23106) (database migration ony)
Fix #22785

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
(cherry picked from commit cb52b17f92e2d2293f7c003649743464492bca48)

Conflicts:
	discard everything except the database migration
2024-03-11 23:36:59 +07:00
wxiaoguang a7830e8d87
Avoid issue info panic (#29625)
Fix #29624

(cherry picked from commit 1d2548949adf6046f330d27084efce6e63330e04)
2024-03-11 23:36:58 +07:00
Zettat123 e7afba21ce
Skip email domain check when admins edit user emails (#29609)
Follow #29522

Administrators should be able to set a user's email address even if the
email address is not in `EMAIL_DOMAIN_ALLOWLIST`

(cherry picked from commit 136dd99e86eea9c8bfe61b972a12b395655171e8)
2024-03-11 23:36:58 +07:00
Zettat123 b6057a34db
Skip email domain check when admin users adds user manually (#29522)
Fix #27457

Administrators should be able to manually create any user even if the
user's email address is not in `EMAIL_DOMAIN_ALLOWLIST`.

(cherry picked from commit 4fd9c56ed09b31e2f6164a5f534a31c6624d0478)
2024-03-11 23:36:58 +07:00
Gusted b9e27b64e6 Merge pull request '[BUG] Disable CODEOWNERS for forked repositories' (#2537) from gusted/forgejo-codeowner-forked into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2537
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-03-06 18:18:58 +00:00
wxiaoguang 12441d7c5c
Fix incorrect relative/absolute URL usages (#29531)
Add two "HTMLURL" methods for PackageDescriptor.
And rename "FullWebLink" to "VersionWebLink"

(cherry picked from commit bf6502a8f7a2e9a2b64b43b7733316d863c9a768)
2024-03-06 12:10:46 +08:00
6543 e2371743d5
remove util.OptionalBool and related functions (#29513)
and migrate affected code

_last refactoring bits to replace **util.OptionalBool** with
**optional.Option[bool]**_

(cherry picked from commit a3f05d0d98408bb47333b19f505b21afcefa9e7c)

Conflicts:
	services/repository/branch.go
	trivial context conflict
2024-03-06 12:10:46 +08:00
wxiaoguang be9189eddc
Rename Action.GetDisplayName to GetActDisplayName (#29540)
To avoid conflicting with User.GetDisplayName, because there is no data
type in template.

And it matches other methods like GetActFullName / GetActUserName

(cherry picked from commit 3f081d4b54261c1b4ee4f1df40c610fdd9581ef2)
2024-03-06 12:10:46 +08:00
ChristopherHX 66632c4958
Actions Artifacts v4 backend (#28965)
Fixes #28853

Needs both https://gitea.com/gitea/act_runner/pulls/473 and
https://gitea.com/gitea/act_runner/pulls/471 on the runner side and
patched `actions/upload-artifact@v4` / `actions/download-artifact@v4`,
like `christopherhx/gitea-upload-artifact@v4` and
`christopherhx/gitea-download-artifact@v4`, to not return errors due to
GHES not beeing supported yet.

(cherry picked from commit a53d268aca87a281aadc2246541f8749eddcebed)
2024-03-06 12:10:45 +08:00
wxiaoguang 68099f2f00
Refactor some Str2html code (#29397)
This PR touches the most interesting part of the "template refactoring".

1. Unclear variable type. Especially for "web/feed/convert.go":
sometimes it uses text, sometimes it uses HTML.
2. Assign text content to "RenderedContent" field, for example: `
project.RenderedContent = project.Description` in web/org/projects.go
3. Assign rendered content to text field, for example: `r.Note =
rendered content` in web/repo/release.go
4. (possible) Incorrectly calling `{{Str2html
.PackageDescriptor.Metadata.ReleaseNotes}}` in
package/content/nuget.tmpl, I guess the name Str2html misleads
developers to use it to "render string to html", but it only sanitizes.
if ReleaseNotes really contains HTML, then this is not a problem.

(cherry picked from commit e71eb8930a5d0f60874b038c223498b41ad65592)

Conflicts:
	modules/templates/util_string.go
	trivial context conflict
2024-03-06 12:10:44 +08:00
6543 d3d70198b0
migrate some more "OptionalBool" to "Option[bool]" (#29479)
just some refactoring bits towards replacing **util.OptionalBool** with
**optional.Option[bool]**

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
(cherry picked from commit f6656181e4a07d6c415927220efa2077d509f7c6)

Conflicts:
	models/repo/repo_list_test.go
	trivial shared fixture count conflicts
2024-03-06 12:10:44 +08:00
6543 7b23949f29
Let ctx.FormOptionalBool() return optional.Option[bool] (#29461)
just some refactoring bits towards replacing **util.OptionalBool** with
**optional.Option[bool]**

(cherry picked from commit 274c0aea2e88db9bc41690c90e13e8aedf6193d4)
2024-03-06 12:10:43 +08:00
wxiaoguang 459ee98136
Only use supported sort order for "explore/users" page (#29430)
Thanks to inferenceus : some sort orders on the "explore/users" page
could list users by their lastlogintime/updatetime.

It leaks user's activity unintentionally. This PR makes that page only
use "supported" sort orders.

Removing the "sort orders" could also be a good solution, while IMO at
the moment keeping the "create time" and "name" orders is also fine, in
case some users would like to find a target user in the search result,
the "sort order" might help.

![image](https://github.com/go-gitea/gitea/assets/2114189/ce5c39c1-1e86-484a-80c3-33cac6419af8)

(cherry picked from commit eedb8f41297c343d6073a7bab46e4df6ee297a90)
2024-03-06 12:10:43 +08:00
Gusted 2658d4361e
[BUG] Disable CODEOWNERS for forked repositories
- Disable the CODEOWNERS feature for forked repositories, as it would
otherwise inadvertently request reviewers when for example a pull
request is opened against a forked repository to propose changes to an
existant pull request in the original repository.
- Adds integration test.
- Resolves #2525
2024-03-01 23:19:18 +01:00
Gusted 331fa44956
[BUG] Ensure HasIssueContentHistory takes into account comment_id
- The content history table contains the content history of issues and
comments. For issues they are saved with an comment id of zero.
- If you want to check if the issue has an content history, it should
take into account that SQL has `comment_id = 0`, as it otherwise could
return incorrect results when for example the issue already has an
comment that has an content history.
- Fix the code of `HasIssueContentHistory` to take this into account, it
relied on XORM to generate the SQL from the non-default values of the
struct, this wouldn't generate the `comment_id = 0` SQL as `0` is the
default value of an integer.
- Remove an unncessary log (it's not the responsibility of `models`
code to do logging).
- Adds unit test.
- Resolves #2513
2024-02-29 18:23:06 +01:00
Gusted fb2795b5bb
[BUG] Correct changed files for codeowners
- The CODEOWNER feature relies on the changed files to determine which
reviewers should be added according to the `CODEOWNER` file.
- The current approach was to 'diff' between the base and head branch,
which seems logical but fail in practice when the pull request is out of
date with the base branch. Therefore it should instead diff between the
head branch and the merge base of the head and base branch, so only the
actual affected files by the pull requests are used, the same approach
is used by the diff of an unmerged pull request.
- Add integration testing (for the feature as well).
- Resolves #2458
2024-02-27 23:16:00 +01:00
Jimmy Praet f95fb8cc44 Add attachment support for code review comments (#29220)
Fixes #27960, #24411, #12183

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-02-27 18:35:43 +00:00
Lunny Xiao 003a358949
Users with read permission of pull requests can be assigned too (#27263)
This PR will also keep the consistent between list assigned users and
check assigned users.

(cherry picked from commit 98ab9445d1020c515c3c789f0b27d952903a2978)
2024-02-26 22:30:27 +01:00
Zettat123 77c56e29de
Allow non-admin users to delete review requests (#29057)
Fix #14459

The following users can add/remove review requests of a PR
- the poster of the PR
- the owner or collaborators of the repository
- members with read permission on the pull requests unit

(cherry picked from commit c42083a33950be6ee9f822c6d0de3c3a79d1f51b)

Conflicts:
	models/repo/repo_list_test.go
	tests/integration/api_nodeinfo_test.go
	tests/integration/api_repo_test.go
	shared fixture counts
2024-02-26 22:30:27 +01:00
qwerty287 1608ef0ce9
Add API to get merged PR of a commit (#29243)
Adds a new API `/repos/{owner}/{repo}/commits/{sha}/pull` that allows
you to get the merged PR associated to a commit.

---------

Co-authored-by: 6543 <6543@obermui.de>
(cherry picked from commit 0a426cc575734e5eff410d6a790f40473117f753)
2024-02-26 22:30:26 +01:00
6543 8ff858b94b
Start to migrate from util.OptionalBool to optional.Option[bool] (#29329)
just create transition helper and migrate two structs

(cherry picked from commit 7fbdb60fc1152acc9a040dc04b1b0f5a3475b081)
2024-02-26 22:30:26 +01:00
6543 f796548225
Workaround to clean up old reviews on creating a new one (#28554)
close  #28542

blocks  #28544

---
*Sponsored by Kithara Software GmbH*

(cherry picked from commit 217d71c48a10265e08b95cc961656b921f61f9ff)

Conflicts:
	tests/integration/api_pull_review_test.go
	context
2024-02-26 21:42:14 +01:00
qwerty287 feb189554e
Add API to get PR by base/head (#29242)
Closes https://github.com/go-gitea/gitea/issues/16289

Add a new API `/repos/{owner}/{repo}/pulls/{base}/{head}` to get a PR by
its base and head branch.
2024-02-26 03:41:42 +01:00
FuXiaoHei c551d3f3ab
Artifact deletion in actions ui (#27172)
Add deletion link in runs view page.
Fix #26315

![image](https://github.com/go-gitea/gitea/assets/2142787/aa65a4ab-f434-4deb-b953-21e63c212033)

When click deletion button. It marks this artifact `need-delete`.

This artifact would be deleted when actions cleanup cron task.
2024-02-23 09:06:14 +01:00
Earl Warren 726ce5e3f9 Merge pull request '[BUG] Load AllUnitsEnabled when necessary' (#2420) from gusted/forgejo-add-more into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2420
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-21 13:25:38 +00:00
Michael Kriese 849de07064 feat(xorm): add max idle time setting for db connections (#2418)
Add a new optional `CONN_MAX_IDLETIME`[^1]

This allows to set the `SetConnMaxIdleTime` on `database/sql`.
It's useful to allow to close more idle connections to reduce database connections, especially on postgresql.
For me i would like to use it to set a higher max idle connections but they will all be closed after being idle.
So also the last idle connection will be closed when there is no load on forgejo.
I also use it with max connection lifetime, because currently `database/sql` doesn't detect a postgresql master change[^2] and i'll get `[E] can't update runner status: pq: cannot execute UPDATE in a read-only transaction`[^3] on forgejo until the connection is closed.

[^1]: https://pkg.go.dev/database/sql#DB.SetConnMaxIdleTime
[^2]: https://stackoverflow.com/questions/51858659/how-to-safely-discard-golang-database-sql-pooled-connections-for-example-when-t
[^3]: https://matrix.to/#/!zpNKWqkiEOyljSMQDK:matrix.org/$_AJft_amsGn5hXGOYw75JoBJQnW3aKJEpb-Iw53L_TU?via=schinas.net&via=matrix.org&via=nitro.chat

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2418
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Michael Kriese <michael.kriese@visualon.de>
Co-committed-by: Michael Kriese <michael.kriese@visualon.de>
2024-02-21 12:17:16 +00:00
Gusted 6fbfe441de
[BUG] Load AllUnitsEnabled when necessary
- In order to determine if the "Add more..." tab should be shown, the
template has to know if the repository has all units enabled, this is
done in the repository header which can be shown for quite a lot of
pages (code, issues, projects, actions etc.)
- This was previously set in the `RepoRefByType` function, which would
be called by pages such as code, issues and releases, but it was not
being called for all pages such as actions, packages and wiki. Which
would in turn incorrectly show the "Add more..." button when it
shouldn't.
- Now call it from the template itself, so the value is 'always' loaded
when necessary.
2024-02-21 12:48:26 +01:00
yp05327 78f6b29248
Fix gitea-action user avatar broken on edited menu (#29190)
Fix #29178

(cherry picked from commit 8e2831611c06e84dd8fedf7a0b2cce9f98d4188f)
2024-02-17 23:24:31 +01:00
wxiaoguang 65248945c9
Refactor locale&string&template related code (#29165)
Clarify when "string" should be used (and be escaped), and when
"template.HTML" should be used (no need to escape)

And help PRs like  #29059 , to render the error messages correctly.

(cherry picked from commit f3eb835886031df7a562abc123c3f6011c81eca8)

Conflicts:
	modules/web/middleware/binding.go
	routers/web/feed/convert.go
	tests/integration/branches_test.go
	tests/integration/repo_branch_test.go
	trivial context conflicts
2024-02-16 15:20:52 +01:00
KN4CK3R 52ef33b931
Remove unused KeyID. (#29167)
`KeyID` is never set.

(cherry picked from commit 155269fa586c41a268530c3bb56349e68e6761d7)

Conflicts:
	models/user/email_address.go
	trivial context conflict
2024-02-16 15:20:52 +01:00
KN4CK3R 6eaabb1a9d
Use ghost user if user was not found (#29161)
Fixes #29159

(cherry picked from commit 37061e8266806c0b2b66ac64138e725632b295db)
2024-02-16 15:20:52 +01:00
oliverpool 0fc61c8836 [BUG] split code conversations in diff tab (#2306)
Follow-up of #2282 and #2296 (which tried to address #2278)

One of the issue with the previous PR is that when a conversation on the Files tab was marked as "resolved", it would fetch all the comments for that line (even the outdated ones, which should not be shown on this page - except when explicitly activated).

To properly fix this, I have changed `FetchCodeCommentsByLine` to `FetchCodeConversation`. Its role is to fetch all comments related to a given (review, path, line) and reverted my changes in the template (which were based on a misunderstanding).

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2306
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: oliverpool <git@olivier.pfad.fr>
Co-committed-by: oliverpool <git@olivier.pfad.fr>
2024-02-16 12:16:11 +00:00
Earl Warren c8b177713a
[CLEANUP] make golangci-lint@v1.56.1 happy 2024-02-15 16:19:36 +01:00
6543 e9e6c6152e
Dont load Review if Comment is CommentTypeReviewRequest (#28551)
RequestReview get deleted on review.
So we don't have to try to load them on comments.

broken out #28544

(cherry picked from commit 6fad2c874438275d3f69bb1cc223708bd2d27ff6)
2024-02-14 21:44:25 +01:00
Chris Copeland 83123b493f
Add merge style fast-forward-only (#28954)
With this option, it is possible to require a linear commit history with
the following benefits over the next best option `Rebase+fast-forward`:
The original commits continue existing, with the original signatures
continuing to stay valid instead of being rewritten, there is no merge
commit, and reverting commits becomes easier.

Closes #24906
2024-02-14 17:19:19 +01:00
Earl Warren 05eaf1cf3e Merge pull request 'Repository settings refactor' (#2221) from algernon/forgejo:repo-units/ui-refactor into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2221
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
2024-02-14 13:29:04 +00:00
Gergely Nagy e07b0e75ff
Add a direct link from repo header to unit settings
If a repository administrator is viewing a repository, and there are
units that can be enabled, display an "Add more..." link that leads to
the repository unit settings page.

The goal here is to allow instances to configure a small set of repo
units to be enabled by default, but also highlight for repo admins that
they can add more.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-13 22:42:09 +01:00
Clemens db2f896264 small fix by adding id as pk for FederatedUser 2024-02-13 11:09:31 +01:00
Gusted cbbcfdd400
[FEAT] Don't log context cancelled SQL errors
- I found this while doing some unrelated testing in Forgejo. It wasn't
my intention to log failed SQL queries if they were cancelled (which can
happen quite frequently for larger instances) as in those cases it's not
interesting to know which SQL query was run. My intentation was only to
log an SQL query if there was an error reported by the database.
- Ref #2140
2024-02-12 23:11:50 +01:00
Michael Jerger 181d743a8a update copyright 2024-02-12 10:14:29 +01:00
Gwyneth Morgan 9a1d5c549c
[gitea] Drop "@" from email sender to avoid spam filters (#29109)
Commit 360b3fd17c (Include username in email headers (#28981),
2024-02-03) adds usernames to the From field of notification emails in
the form of `Display Name (@username)`, to prevent spoofing. However,
some email filtering software flags "@" in the display name part of the
From field as potential spoofing, as you could set the display name part
to another email address than the one you are sending from (e.g.
`From: "apparent@email-address" <actual@email-address>`). To avoid
being flagged, instead send emails from `Display Name (username)`.

Closes: #29107

---------

Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 5b2fd0fc19a2a77414c8e2989b4794b6617221f5)
2024-02-11 13:47:44 +01:00
Michael Jerger 6d17f45986 fix misspell 2024-02-10 15:22:38 +01:00
Michael Jerger eecb9b8040 fmt fix 2024-02-10 15:22:30 +01:00
Michael Jerger 3ef57385ec fix linting 2024-02-10 15:21:22 +01:00
Michael Jerger 3b244d673b small fixes 2024-02-10 15:21:17 +01:00
Michael Jerger e733809ef2 symetric handling for value/reference 2024-02-10 15:20:33 +01:00
Michael Jerger d2d5e84977 federated user is not entity - so no need for ID 2024-02-10 15:20:26 +01:00
Michael Jerger 91f7541add refactor for semantic and cycle free deps 2024-02-10 15:20:17 +01:00
Michael Jerger 66bc7a9a0c Search federatedUser instead of loginName 2024-02-10 15:20:09 +01:00
Michael Jerger e44be72251 Add tx around user creation 2024-02-10 15:20:01 +01:00
Michael Jerger edf7f61b83 mv federated_user_creation to user package 2024-02-10 15:19:55 +01:00
Clemens e180467760 added user creation from ap 2024-02-10 15:19:47 +01:00
Michael Jerger a702da69cc added test for federated user 2024-02-10 15:19:40 +01:00
Clemens 67f3f66be4 Created FederatedUser 2024-02-10 15:19:36 +01:00
Michael Jerger 5a7f6f15a6 ensure federation info fqdn to lowercase 2024-02-10 15:19:08 +01:00
Michael Jerger c58a995fb2 refactor FederationInfo -> FederationHost 2024-02-10 15:18:56 +01:00
Michael Jerger 0453598e3d add some todos 2024-02-10 15:18:51 +01:00
Michael Jerger 0ddc2db46a mitigate Block by future StartTime 2024-02-10 15:18:46 +01:00
Michael Jerger 1b35bd2911 lint fix 2024-02-10 15:18:46 +01:00
Michael Jerger c4eb763f4a lint fix 2024-02-10 15:18:45 +01:00
Michael Jerger 9a9ac33766 lint fix 2024-02-10 15:18:44 +01:00
Michael Jerger ca5eaa8c6b introduce FI Factory 2024-02-10 15:18:43 +01:00
Michael Jerger dabd773f6b Fix error handling & add timestamp check 2024-02-10 15:18:43 +01:00
Clemens 7d30d14c76 breaking struct adjustment 2024-02-10 15:18:42 +01:00
Clemens 1f989f2ecd Added FederationInfo Create function 2024-02-10 15:18:41 +01:00
Michael Jerger 380d3db0bf integrate federation info in api call 2024-02-10 15:18:40 +01:00
Clemens 52400f7978 Added FederationInfo get methods for repository 2024-02-10 15:18:37 +01:00
Michael Jerger bbccc24ed1 test federationinfo validation 2024-02-10 15:18:32 +01:00
Michael Jerger c67be3b668 start work on federationinfo 2024-02-10 15:18:29 +01:00
Michael Jerger 8610d94af8 start work on federationinfo 2024-02-10 15:18:29 +01:00
Michael Jerger 6e46739090 validate person 2024-02-10 15:17:14 +01:00
Michael Jerger 0505baab2b ad validation for like activity 2024-02-10 15:17:13 +01:00
Michael Jerger 3ab2d9a449 rename star -> ForgeLike 2024-02-10 15:17:12 +01:00
Michael Jerger 4473fb788a start refactoring star->like 2024-02-10 15:17:11 +01:00
Michael Jerger 38438b592f rebase conflicts to fix 2024-02-10 15:17:10 +01:00
Michael Jerger 8116214727 introduce nodeinfo 2024-02-10 15:17:07 +01:00
bom 310d740cee Start NodeInfo implementation 2024-02-10 15:17:05 +01:00
Michael Jerger 3c2493902d adjust to ugly linting 2024-02-10 15:17:05 +01:00
Michael Jerger e704e5adcc adjust to ugly linting 2024-02-10 15:17:04 +01:00
erik 1e40b814a1 Linting 2024-02-10 15:17:03 +01:00
erik 8585edc47a Linting 2024-02-10 15:17:03 +01:00
Michael Jerger a64ce2feb1 removed resolved todos 2024-02-10 15:17:02 +01:00
erik 2e031a9763 WIP Generic IsValid for *Id structs 2024-02-10 15:17:01 +01:00
erik e69e5df089 Assume validated url.URL for NewActorID 2024-02-10 15:17:00 +01:00
Michael Jerger 6e4467d49d experiment on generalization 2024-02-10 15:16:59 +01:00
erik 75cc5b900d Add review todo 2024-02-10 15:16:59 +01:00
erik 1dd3084f66 Split test according to actor.go 2024-02-10 15:16:58 +01:00
erik c887bddb72 Attempt generalization of Id creation 2024-02-10 15:16:57 +01:00
erik 0378b2dc7d Add questions for review discussion 2024-02-10 15:16:36 +01:00
Michael Jerger 1704ac5bc2 fix most of the tests 2024-02-10 15:14:35 +01:00
Michael Jerger e1d7db178c unify logging & minor improvements 2024-02-10 15:14:31 +01:00
Michael Jerger 3172eb69d2 introduce RepositoryId 2024-02-10 15:14:08 +01:00
Michael Jerger 1fe35e14a5 mv our actor code to forgefed 2024-02-10 15:14:07 +01:00
Michael Jerger abdf56dde1 move forgefed to models 2024-02-10 15:14:06 +01:00
Michael Jerger 184388015d added more tests 2024-02-10 15:10:39 +01:00
Michael Jerger b5a467e94d remove unused & implement webfinger 2024-02-10 15:10:38 +01:00
Michael Jerger e8371ca94c ActorId -> PersonId 2024-02-10 15:10:37 +01:00
Michael Jerger 3151c8fe81 make validate more compact 2024-02-10 15:10:37 +01:00
Michael Jerger be4d3544ae Refactor ActorID -> ActorId 2024-02-10 15:10:36 +01:00
Michael Jerger afcc7f0def factory instead of parse & validate 2024-02-10 15:10:35 +01:00
erik 3c515c2614 Add review todos 2024-02-10 15:10:33 +01:00
erik 6ad52a6d67 Update tests 2024-02-10 15:10:24 +01:00
erik 25d34e0c14 Check for empty path in IRI 2024-02-10 15:10:22 +01:00
erik fa1acd1ebb Extract url string validation and parsing from ActorID parsing 2024-02-10 15:10:19 +01:00
erik 4d3ab4dda2 Update Validate() 2024-02-10 15:10:19 +01:00
erik 39d4c8dd2d Generalize validate_is_not_empty 2024-02-10 15:10:17 +01:00
erik 085db0c127 Remove todo 2024-02-10 15:10:16 +01:00
Michael Jerger 28a290da10 reviewed current work 2024-02-10 15:10:13 +01:00
erik 02dc8901af Fix tests 2024-02-10 15:10:13 +01:00
erik 68cd621053 Test for empty string 2024-02-10 15:10:12 +01:00
erik 946e5cf34c Remove typo in func 2024-02-10 15:10:10 +01:00
erik c0f1681fa3 Allow parsing of repository-id too 2024-02-10 15:10:09 +01:00
erik 4f25e5057a Make the source an argument to the parser 2024-02-10 15:10:08 +01:00
erik 52e950a492 Check the path for empty strings 2024-02-10 15:10:06 +01:00
erik 65f7124c67 Use u.Hostname() instead of u.Host
u.Host returns hostname:port.
2024-02-10 15:10:05 +01:00
erik 27c9db1027 Better function descriptions 2024-02-10 15:10:05 +01:00
Michael Jerger 9b5d8bbeda If we use user.loginname to store the actor.id we can search for local users earlier 2024-02-10 15:10:04 +01:00
erik fde8de4f90 Rename to ParseActorIDFromStarActivity 2024-02-10 15:09:35 +01:00
erik ede86df685 Remove todo 2024-02-10 15:09:34 +01:00
erik 8a53331283 Add ToDo 2024-02-10 15:09:30 +01:00
erik 9568eab62a Fix tests 2024-02-10 15:09:29 +01:00
erik 566b3bc459 Parse Actor from star activity, Update function declaration order 2024-02-10 15:09:28 +01:00
erik 3a938b6c3f Use and validate source in ActorID struct 2024-02-10 15:09:28 +01:00
erik 9566e9bc5d Change tests to use IsValid method 2024-02-10 15:09:27 +01:00
erik fccf5c37ca Add IsValid and PanicIfInvalid methods for ActorID 2024-02-10 15:09:26 +01:00
erik 8300d3fbde Add ToDos from code review 2024-02-10 15:09:25 +01:00
erik 91baf2be32 Add get functions for userId and HostAndPort 2024-02-10 15:09:23 +01:00
erik 92c089a4e2 Add a test for getting host and port 2024-02-10 15:09:23 +01:00
erik 8657f70960 Add todo 2024-02-10 15:09:21 +01:00
erik 5efce01f6f Make test messages consistent 2024-02-10 15:09:21 +01:00
erik ad8adc880f Create easier to read tests for parser and validator 2024-02-10 15:09:20 +01:00
erik 62eae6564f Fix bug in validation 2024-02-10 15:09:20 +01:00
erik d205c50a43 Implement generic validation on ActorID 2024-02-10 15:09:19 +01:00
erik 7b5d13a625 Split check for schema and host 2024-02-10 15:09:19 +01:00
erik 3d2b5115ad Implement and use Validatable interface 2024-02-10 15:09:18 +01:00
erik 235ed7cd1e Rename to actorID 2024-02-10 15:09:18 +01:00
Michael Jerger fbff67f11a add some more todos 2024-02-10 15:09:09 +01:00
erik 5729cee3e5 Move test to model/activitypub 2024-02-10 15:09:07 +01:00
erik 78fc75135f Rename to ActorData 2024-02-10 15:09:04 +01:00
erik 09058c13c5 Rename to actor 2024-02-10 15:09:01 +01:00
erik 273ca49e22 Validate on ActorData independently and move to model 2024-02-10 15:08:58 +01:00
Lunny Xiao 1fdd8341d6
[gitea] Remove unnecessary parameter (#29092)
The parameter extraConfigs has never been used anywhere. This PR just
removed it. It can be taken back once it's needed.

(cherry picked from commit 8c6ffdac378654f9d2171ebdbc46becf1571f7fe)
2024-02-10 10:53:43 +01:00
Earl Warren 094c84ed6d
Merge branch 'rebase-forgejo-dependency' into wip-forgejo 2024-02-05 18:58:23 +01:00
Earl Warren d7e1854884
Merge branch 'rebase-forgejo-branding' into wip-forgejo 2024-02-05 18:58:18 +01:00
Earl Warren 030cdd6ae2
[GITEA] Allow changing the email address before activation (squash)
See https://codeberg.org/forgejo/forgejo/pulls/2300
2024-02-05 16:57:58 +01:00
Earl Warren 036f1eddc5
[GITEA] avoid superfluous synchronized pull_request run when opening a PR (#2236)
* Split TestPullRequest out of AddTestPullRequestTask
* Before scheduling the task, AddTestPullRequestTask stores the max
  index of the repository
* When the task runs, it does not take into account pull requests that
  have an index higher than the recorded max index

When AddTestPullRequestTask is called with isSync == true, it is the
direct consequence of a new commit being pushed. Forgejo knows nothing
of this new commit yet. If a PR is created later and its head
references the new commit, it will have an index that is higher and
must not be taken into account. It would be acting and triggering a
notification for a PR based on an event that happened before it
existed.

Refs: https://codeberg.org/forgejo/forgejo/issues/2009
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2236
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
(cherry picked from commit b3be895a30)
2024-02-05 16:57:58 +01:00
Gergely Nagy 2ca4862f8b
[GITEA] Allow changing the repo Wiki branch to main
Previously, the repo wiki was hardcoded to use `master` as its branch,
this change makes it possible to use `main` (or something else, governed
by `[repository].DEFAULT_BRANCH`, a setting that already exists and
defaults to `main`).

The way it is done is that a new column is added to the `repository`
table: `wiki_branch`. The migration will make existing repositories
default to `master`, for compatibility's sake, even if they don't have a
Wiki (because it's easier to do that). Newly created repositories will
default to `[repository].DEFAULT_BRANCH` instead.

The Wiki service was updated to use the branch name stored in the
database, and fall back to the default if it is empty.

Old repositories with Wikis using the older `master` branch will have
the option to do a one-time transition to `main`, available via the
repository settings in the "Danger Zone". This option will only be
available for repositories that have the internal wiki enabled, it is
not empty, and the wiki branch is not `[repository].DEFAULT_BRANCH`.

When migrating a repository with a Wiki, Forgejo will use the same
branch name for the wiki as the source repository did. If that's not the
same as the default, the option to normalize it will be available after
the migration's done.

Additionally, the `/api/v1/{owner}/{repo}` endpoint was updated: it will
now include the wiki branch name in `GET` requests, and allow changing
the wiki branch via `PATCH`.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit d87c526d2a)
2024-02-05 16:57:47 +01:00
Earl Warren 209610075a
[TESTS] add log.Level to test.NewLogChecker
So the caller can check log events at the desired level instead of
being limited to the default level log.INFO

(cherry picked from commit 2fbf5f9555)
(cherry picked from commit e2137a3147)
2024-02-05 16:54:44 +01:00
Gusted 6fb55e9c08
[GITEA] Add slow SQL query warning (squash) Fix setting typo
- Fix typo in the slow query threshold setting, add a deprecation warning.
- Resolves #2203

(cherry picked from commit 02f6608e5f)
(cherry picked from commit 4e8f6b2ffd)
2024-02-05 16:54:44 +01:00
Earl Warren fe8622dae3
Revert "Fix schedule tasks bugs (#28691)"
This reverts commit 97292da960.

(cherry picked from commit 83e5eba031)
(cherry picked from commit f6ef8f3819)

Conflicts:
	services/repository/setting.go
2024-02-05 16:54:42 +01:00
Gergely Nagy bc7e448d49
[GITEA] Rework when recently pushed branches are displayed
With this change, the "You pushed on branch xyz" banner will be
displayed when either the viewed repository or its base repo (if the
current one's a fork) has pull requests enabled. Previously it only
displayed if the viewed repo had PRs enabled.

Furthermore, if the viewed repository is an original repository that the
viewing user has a fork of, if the forked repository has recently pushed
branches, then the banner will appear for the original repository too.
In this case, the notification will include branches from the viewing
user's fork, and branches they pushed to the base repo, too.

Refs: https://codeberg.org/forgejo/forgejo/pulls/2195

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit a29f10661d)
(cherry picked from commit 70c5e2021d)
(cherry picked from commit 48b25be67a)
2024-02-05 16:09:43 +01:00
Gergely Nagy 3bdfb7a7aa
[GITEA] Fix the topic search paging
When searching for repository topics, either via the API, or via
Explore, paging did not work correctly, because it only applied when the
`page` parameter was non-zero. Paging should have applied when the page
size is greater than zero, which is what this patch does.

As a result, both the API, and the Explore endpoint will return paged
results (30 by default). As such, when managing topics on the frontend,
the offered completions will also be limited to a pageful of results,
based on what the user has already typed.

This drastically reduces the amount of traffic, and also the number of
the topics to choose from, and thus, the rendering time too.

The topics will be returned by popularity, with most used topics first.
A single page will contain `[api].DEFAULT_PAGING_NUM` (30 by default)
items that match the query. That's plenty to choose from.

Fixes #132.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 64d4ff41db)
(cherry picked from commit 06b808fa2c)
(cherry picked from commit 9205c9266a)
(cherry picked from commit 47863d4f72)
2024-02-05 16:09:43 +01:00
Gusted d1cb590c78
[GITEA] Log SQL queries when the database return error
- When the database returns an error about the SQL query, the error is
logged but not the SQL query and arguments, which is just as valuable as
the vague deeply hidden documented error that the database returns.
It's possible to log the SQL query by logging **all** SQL queries. For
bigger instances such as Codeberg, this is not a viable option.
- Adds a new hook, enabled by default, to log SQL queries with their
arguments and the error returned by the database when the database
returns an error.
- This likely needs some fine tuning in the future to decide when to
enable this, as the error is already logged and if people have the
`[database].LOG_SQL` option enabled, the SQL would be logged twice. But
given that it's an rare occurence for SQL queries to error, it's fine to
leave that as-is.
- Ref: https://codeberg.org/forgejo/forgejo/issues/1998

(cherry picked from commit 866229bc32)
(cherry picked from commit 96dd3e87cf)
(cherry picked from commit e165510317)
(cherry picked from commit 1638e2b3f5)
2024-02-05 16:09:43 +01:00
Gergely Nagy 36f7c162e2
[FEAT] Repository flags
This implements "repository flags", a way for instance administrators to
assign custom flags to repositories. The idea is that custom templates
can look at these flags, and display banners based on them, Forgejo does
not provide anything built on top of it, just the foundation. The
feature is optional, and disabled by default. To enable it, set
`[repository].ENABLE_FLAGS = true`.

On the UI side, instance administrators will see a new "Manage flags"
tab on repositories, and a list of enabled tags (if any) on the
repository home page. The "Manage flags" page allows them to remove
existing flags, or add any new ones that are listed in
`[repository].SETTABLE_FLAGS`.

The model does not enforce that only the `SETTABLE_FLAGS` are present.
If the setting is changed, old flags may remain present in the database,
and anything that uses them, will still work. The repository flag
management page will allow an instance administrator to remove them, but
not set them, once removed.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit ba735ce222)
(cherry picked from commit f09f6e029b)
(cherry picked from commit 2f8b041489)
(cherry picked from commit d3186ee5f4)
2024-02-05 16:09:42 +01:00
Earl Warren 2e172b3c9c
[GITEA] add option for banning dots in usernames (squash) set in test
(cherry picked from commit b005b586c3)
(cherry picked from commit 0077b2661e)
(cherry picked from commit c4589d1fce)
(cherry picked from commit a7f9ff982c)
2024-02-05 16:09:42 +01:00
Gergely Nagy f90b802634
[GITEA] Add support for shields.io-based badges
Adds a new `/{username}/{repo}/badges` family of routes, which redirect
to various shields.io badges. The goal is to not reimplement badge
generation, and delegate it to shields.io (or a similar service), which
are already used by many. This way, we get all the goodies that come
with it: different styles, colors, logos, you name it.

So these routes are just thin wrappers around shields.io that make it
easier to display the information we want. The URL is configurable via
`app.ini`, and is templatable, allowing to use alternative badge
generator services with slightly different URL patterns.

Additionally, for compatibility with GitHub, there's an
`/{username}/{repo}/actions/workflows/{workflow_file}/badge.svg` route
that works much the same way as on GitHub. Change the hostname in the
URL, and done.

Fixes gitea#5633, gitea#23688, and also fixes #126.

Work sponsored by Codeberg e.V.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit fcd0f61212)
(cherry picked from commit 20d14f7844)
(cherry picked from commit 4359741431)
(cherry picked from commit 35cff45eb8)
(cherry picked from commit 2fc0d0b8a3)
2024-02-05 16:09:42 +01:00
Gusted 5c0894a588
[GITEA] Avoid WHERE IN for comment migration query
- Rewrite `UpdateCommentsMigrationsByType` to not use `WHERE IN` as
that's a performance diaster for MariaDB, it now use batching to query
the the relevant comment IDs via JOINs (which is not possible in a
UPDATE query for SQLite) and then update them in a seperate query.
- Add unit test.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1856

(cherry picked from commit 8098ca9d2e)

Conflicts:
	models/issues/comment.go
	https://codeberg.org/forgejo/forgejo/pulls/2075
(cherry picked from commit ca65deba1c)
(cherry picked from commit 0e1e09e77d)
(cherry picked from commit 19013ba5ea)
(cherry picked from commit 23c887f97e)
(cherry picked from commit b3321d1a84)
2024-02-05 16:09:42 +01:00
Gergely Nagy 5eeccecafc
[GITEA] Optionally allow anyone to edit Wikis
This is largely based on gitea#6312 by @ashimokawa, with updates and
fixes by myself, and incorporates the review feedback given in that pull
request, and more.

What this patch does is add a new "default_permissions" column to the
`repo_units` table (defaulting to read permission), adjusts the
permission checking code to take this into consideration, and then
exposes a setting that lets a repo administrator enable any user on a
Forgejo instance to edit the repo's wiki (effectively giving the wiki
unit of the repo "write" permissions by default).

By default, wikis will remain restricted to collaborators, but with the
new setting exposed, they can be turned into globally editable wikis.

Fixes Codeberg/Community#28.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 4b74439922)
(cherry picked from commit 337cf62c10)
(cherry picked from commit b6786fdb32)
(cherry picked from commit a5d2829a10)

[GITEA] Optionally allow anyone to edit Wikis (squash) AddTokenAuth

(cherry picked from commit fed50cf72e)
(cherry picked from commit 42c55e494e)
(cherry picked from commit e3463bda47)
2024-02-05 16:09:42 +01:00
Gusted f3f888ed13
[GITEA] Fix session generation for database
- If the session doesn't exist, it shouldn't be expected that the
variable is non-nil. Define the session variable instead and insert that.
- Add unit tests to test the behavior of the database sessions code .
- Regression caused by dd30d9d5c0.
- Resolves https://codeberg.org/forgejo/forgejo/issues/2042

(cherry picked from commit 90307ad200)
(cherry picked from commit 874ef1978d)
(cherry picked from commit 27d5f035fc)
(cherry picked from commit 65dbc4303b)

[GITEA] Fix session generation for database (squash) timeutil.Mock

because of e743570f65 * Refactor timeutil package (#28623)

(cherry picked from commit acc6b51be2)
(cherry picked from commit 02b74317f2)
(cherry picked from commit 63b9b624bd)
(cherry picked from commit 7752ff8baa)
(cherry picked from commit c0af4d9438)
2024-02-05 16:09:41 +01:00
Gergely Nagy d4fc0d2c5a
[GITEA] Allow changing the email address before activation
During registration, one may be required to give their email address, to
be verified and activated later. However, if one makes a mistake, a
typo, they may end up with an account that cannot be activated due to
having a wrong email address.

They can still log in, but not change the email address, thus, no way to
activate it without help from an administrator.

To remedy this issue, lets allow changing the email address for logged
in, but not activated users.

This fixes gitea#17785.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit aaaece28e4)
(cherry picked from commit 639dafabec)
(cherry picked from commit d699c12ceb)

[GITEA] Allow changing the email address before activation (squash) cache is always active

This needs to be revisited because the MailResendLimit is not enforced
and turns out to not be tested.

See e7cb8da2a8 * Always enable caches (#28527)

(cherry picked from commit 43ded8ee30)

Rate limit pre-activation email change separately

Changing the email address before any email address is activated should
be subject to a different rate limit than the normal activation email
resending. If there's only one rate limit for both, then if a newly
signed up quickly discovers they gave a wrong email address, they'd have
to wait three minutes to change it.

With the two separate limits, they don't - but they'll have to wait
three minutes before they can change the email address again.

The downside of this setup is that a malicious actor can alternate
between resending and changing the email address (to something like
`user+$idx@domain`, delivered to the same inbox) to effectively halving
the rate limit. I do not think there's a better solution, and this feels
like such a small attack surface that I'd deem it acceptable.

The way the code works after this change is that `ActivatePost` will now
check the `MailChangeLimit_user` key rather than `MailResendLimit_user`,
and if we're within the limit, it will set `MailChangedJustNow_user`. The
`Activate` method - which sends the activation email, whether it is a
normal resend, or one following an email change - will check
`MailChangedJustNow_user`, and if it is set, it will check the rate
limit against `MailChangedLimit_user`, otherwise against
`MailResendLimit_user`, and then will delete the
`MailChangedJustNow_user` key from the cache.

Fixes #2040.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit e35d2af2e5)
(cherry picked from commit 03989418a7)
(cherry picked from commit f50e0dfe5e)
(cherry picked from commit cad9184a36)
(cherry picked from commit e2da5d7fe1)
(cherry picked from commit 3a80534d4d)
2024-02-05 16:09:41 +01:00
Earl Warren 06aae9ae72
[GITEA] GetScheduledMergeByPullID may involve a system user
Refs: https://codeberg.org/forgejo/forgejo/issues/1897
(cherry picked from commit ddc3c22558)
(cherry picked from commit a7fe969b93)
(cherry picked from commit 62bda95774)
(cherry picked from commit 8149a822c7)
(cherry picked from commit 9ed4e685eb)
(cherry picked from commit 4f072b4f80)
(cherry picked from commit ca5924037b)
(cherry picked from commit 88e2b47e29)
(cherry picked from commit 784f860cfa)
2024-02-05 16:09:41 +01:00
Gergely Nagy fa0759962b
[GITEA] allow viewing the latest Action Run on the web
Similar to how some other parts of the web UI support a `/latest` path
to directly go to the latest of a certain thing, let the Actions web UI
do the same: `/{owner}/{repo}/actions/runs/latest` will redirect to the
latest run, if there's one available.

Fixes gitea#27991.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit f67ccef1dd)

Code cleanup in the actions.ViewLatest route handler

Based on feedback received after the feature was merged, use
`ctx.NotFound` and `ctx.ServerError`, and drop the use of the
unnecessary `ctx.Written()`.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 74e42da563)
(cherry picked from commit f7535a1cef)
(cherry picked from commit 1a90cd37c3)
(cherry picked from commit d86d71340a)
(cherry picked from commit 9e5cce1afc)
(cherry picked from commit 2013fb3fab)
(cherry picked from commit 88b9d21d11)
(cherry picked from commit 72c020298e)
(cherry picked from commit 6525f730df)
2024-02-05 16:09:41 +01:00