Commit graph

443 commits

Author SHA1 Message Date
Lunny Xiao 9e865cee67 Merge password and 2fa page on user settings (#2695)
* merge password and 2fa page on user settings
2017-10-16 11:14:12 +02:00
Kazuki Sawada 43253202e9 Change default sort order (#2647)
* sort repositories by `updated_unix` in Explore

* Fix UI problem

* Added missing sort order "newest"

* Change default sort order

* fmt
2017-10-05 08:02:43 +03:00
Morlinest 9a75a5d59b Use custom type and constants to hold order by options (#2572) 2017-09-22 15:53:21 +03:00
Rémy Boulanouar e5d80b7090 Implementation of all repositories of a user from user->settings (#1740)
* Implementation of all repositories of a user from user->settings

* Update message when no repository found

* Update according to comments

* Change UI to have a better look

* improved user repositories UI
2017-09-14 14:46:14 +03:00
Antoine GIRARD 7c417bbb0d Only check at least one email gpg key (#2266)
* Only require one email (possibly not yet validated)

* Update message error and check validation of commit

* Add integrations tests

* Complete integration for import

* Add pre-check/optimization

* Add some test (not finished)

* Finish

* Fix fixtures

* Fix typo

* Don't guess key ID
2017-09-05 21:45:18 +08:00
Lunny Xiao e41da3845d fix duplicated feed (#2370) 2017-08-28 10:26:04 +08:00
Lunny Xiao f61a1d210c Fix missing collabrative repos (#2367)
* fix missing collabrative repos

* fix bug of collabrative

* fix SQL quotes
2017-08-24 22:01:03 +08:00
David Schneiderbauer 174255e74e Log failed authentication attempts with remote address for fail2ban (#2334)
Signed-off-by: David Schneiderbauer <dschneiderbauer@gmail.com>
2017-08-24 08:57:54 +03:00
Bwko 1a5fe4326f Add collaborative repositories to the dashboard (#2205)
* Add collaborative repositories to the dashboard

Remove some unused code from the Dashboard func

* fix some bug and some refactor

* fix tests
2017-08-23 09:30:54 +08:00
Sandro Santilli 2c3a229a3c Add OpenID configuration in install page (#2276) 2017-08-19 17:34:49 +02:00
David Schneiderbauer 5707ad3bb7 Add AppURL without trailing slash to TOTP issuer parameter to prevent conflicting accounts on multiple gitea installations (#2335)
Signed-off-by: David Schneiderbauer <dschneiderbauer@gmail.com>
2017-08-19 09:39:43 +08:00
Morlinest e08d1fcc15 Fix variable name typo (#2327) 2017-08-18 14:21:46 +03:00
Michael Kuhn 934dd41fa6 Make SHOW_USER_EMAIL also apply to profiles (#2258)
The e-mail address is currently only hidden from the explore page.
2017-08-17 17:08:03 +08:00
Morlinest 951fb572a7 Fix and improve dashboard repo UI (#2285)
* Fix and improve dashboard repo UI

* Change order of scripts loading

* Remove "mirror" tab

* Remove single tab panel for "org user"

* Add localization strings

* Create vue component and change event for search

* Add "mirrors" filter
2017-08-17 09:31:34 +08:00
Lunny Xiao f960e19c59 Only update needed columns when update user (#2296)
* only update needed columns when update user

* fix missing update_unix column
2017-08-12 22:18:44 +08:00
Ethan Koenig 7e0654bd9e Fix counts on issues dashboard (#2215)
* Fix counts on issues dashboard

* setupSess -> setupSession

* Unit test

* Load repo owners for issues
2017-08-03 13:09:16 +08:00
Lauris BH 32fc44aa83 Make time diff translatable (#2057) 2017-06-28 13:43:28 +08:00
Jonas Franz 441986a473 Fix "Dashboard shows deleted comments" (#1995) 2017-06-25 20:20:29 +02:00
Ethan Koenig afe1f1c4af Fix 500 in public activity page (#1901) 2017-06-08 03:48:49 -05:00
Ethan Koenig 9ddc35e343 Cache ctx.User in retrieveFeeds (#1902) 2017-06-08 10:11:41 +08:00
Bo-Yi Wu 703d18e50d feat: add check misspelling (#1877) 2017-06-05 02:49:46 -05:00
Rémy Boulanouar 62f600cf1c Display all organization from user settings (#1739)
* Display all organization from user settings

* fix Tab selection

* Update locale_en-US.ini

* Add a condition for display Create organization button

* Remove french translation

* Remove unnecessary admin flag
2017-06-02 03:43:44 -05:00
Ethan Koenig 4e5ee2b67a Fix user profile activity feed (#1848)
* Fix user profile activity feed

* gofmt, and avoid overlapping database connections
2017-06-02 08:42:25 +08:00
Jonas Östanbäck b93568cce4 xxx_active_code_live setting in printed in hours and minutes instead … (#1814)
* xxx_active_code_live setting in printed in hours and minutes instead of just hours

* Update app.ini description of xxx_code_lives settings
2017-05-29 02:35:47 -05:00
Ethan Koenig 0c332f0480 Fix activity feed (#1779)
* Fix activity feed

Preserve actions after user/repo name change

* Add missing comment

* Fix migration, and remove fields completely

* Tests
2017-05-26 09:38:18 +08:00
Jonas Östanbäck e214728725 Add new text for reset password flash (#1718)
* Forgot password should use ResetPwdCodeLives, not ActiveCodeLives
 * Improve documentation for different send mail functions related to password reset
 * Improve documentation in conf/app.ini regarding xxx_CODE_LIVE_MINUTES settings
2017-05-14 10:38:30 +08:00
Willem van Dreumel 950f2e2074 Additional OAuth2 providers (#1010)
* add google+

* sort signin oauth2 providers based on the name so order is always the same

* update auth tip for google+

* add gitlab provider

* add bitbucket provider (and some go fmt)

* add twitter provider

* add facebook provider

* add dropbox provider

* add openid connect provider incl. new format of tips section in "Add New Source"

* lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow)

* imports according to goimport and code style

* make it possible to set custom urls to gitlab and github provider (only these could have a different host)

* split up oauth2 into multiple files

* small typo in comment

* fix indention

* fix indentation

* fix new line before external import

* fix layout of signin part

* update "broken" dependency
2017-05-01 21:26:53 +08:00
Antoine GIRARD 8371f94d06 Rework SSH key management UI to add GPG (#1293)
* Rework SSH key management UI to add GPG

* Add more detail to gpg key display

* Update CHANGELOG.md

* Implement deletion UI

* Implement adding gpg UI

* Various fixes

- Fix duplicate entry in locale
- Re-generate hash before verification since they are consumed

* Add missing translation

* Split template

* Catch not found/verified email error
2017-04-26 21:10:43 +08:00
silverwind 237270ef50 Orgs: fix org page title when full name is not defined (#1495) 2017-04-15 10:02:46 +08:00
Sandro Santilli 129b0d6a4b Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION (#1369)
* Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION

Omit the configuration variable (the default) to be dependent.
Fixes #1363

* Move OpenID settings under Service object

* Show OpenID SignUp and SignIn status in admin panel / configuration
2017-03-29 18:57:43 +08:00
Kim "BKC" Carlbäcker c05bd1789c Reduce conditionals in signin/signup inner forms (#1138) 2017-03-22 00:50:56 +01:00
Sandro Santilli f73e734411 Run "make fmt" with go-1.6 (#1333) 2017-03-21 08:55:00 +08:00
Sandro Santilli 15f5d8e794 Reduce conditionals in signin/signup inner forms
by always using SignInLink and SignUpLink in the form action
2017-03-20 09:40:42 +01:00
Sandro Santilli 9182a35f18 Show user OpenID URIs in their profile (#1314) 2017-03-20 09:31:08 +01:00
Sandro Santilli 97ee88975a Add captcha support to OpenID based signup 2017-03-20 08:58:00 +01:00
Sandro Santilli 71d16f69ff Login via OpenID-2.0 (#618) 2017-03-17 15:16:08 +01:00
Sandro Santilli 7d8f9d1c46 Rename /forget_password url to /forgot_password
Also renames `forgot_password` translation key to
`forgot_password_title` and `forget_password` to
`forgot_password`

Includes entry in CHANGELOG about the breaking change
(and some markdown fixes in there)
2017-03-14 22:54:07 +01:00
Sandro Santilli 8a98a25d8e Show a link to password reset from password change and delete account (#862)
It's helpful when you forgot your password thus cannot change it
(can happen if you log in via OAuth2 or OpenID)

Also make sure that both the delete-account and password-change
links to forgot-password will have the primary email pre-filled
2017-03-11 17:11:54 +08:00
Willem van Dreumel 8947b711aa Link OAuth2 account to 2FA enabled account (fix #1050) (#1052)
* fixes #1050 where linking an account to a 2fa enabled account failed because we forgot to really link the account when 2fa is completed

* handle errors
2017-02-27 18:10:26 +08:00
Lunny Xiao 19b3c45ca7 fix 500 when use a duplicat email instead of giving an error tip (#1040) 2017-02-25 22:57:06 +08:00
Lunny Xiao e8e56da9ac fix #13 (#1042) 2017-02-25 22:53:57 +08:00
Lunny Xiao 8894f856de fix 500 when change user setting email to an exist email (#1039) 2017-02-25 21:39:52 +08:00
Willem van Dreumel 01d957677f Oauth2 consumer (#679)
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)

* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)

* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
2017-02-22 08:14:37 +01:00
Lunny Xiao 847527fd6d Fix all the bugs in issues and pulls on dashboard (#943)
* fix all the bugs in issues and pulls on dashboard

* small fix and refactor

* add method getRepoIDs for IssueList
2017-02-17 08:58:19 +08:00
Bo-Yi Wu a31f64d639 fix: 500 error on /explore/repos page. (#946) 2017-02-15 22:28:11 +08:00
Lunny Xiao 9c645b54dc bug fixed on issues and pulls 2017-02-15 01:17:07 +01:00
Lunny Xiao 7a9a5c8a69 Fix assigned issues dashboard (#920)
* Fix assigned/created issues in dashboard. (#3560)

* Fix assigned/created issues in dashboard.

* Use GetUserIssueStats for getting all Dashboard stats.

* Use gofmt to format the file properly.

* Replace &Issue{} with new(Issue).

* Check if user has access to given repository.

* Remove unnecessary filtering of issues.

* Return 404 error if invalid repository is given.

* Use correct number of issues in paginater.

* fix issues on dashboard
2017-02-14 22:15:18 +08:00
Bo-Yi Wu 23aba523b5 feat: support search bar on star tab of user profile. (#917)
* feat: support search bar on star tab of user profile.

* fix: update testing.

* fix: Using loadAttributes

* fix: remove empty line.

* remove LOWER

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2017-02-14 15:28:22 +08:00
Bo-Yi Wu 3576e1ee73 fix: trim the whitespaces for the search keyword (#893) 2017-02-11 12:00:01 +08:00
Bo-Yi Wu a195c3fabe fix: Admin can also search private user repository. (#869) 2017-02-08 17:35:59 +08:00
Bo-Yi Wu b13232f524 feat: support paginater on star tab of user profile. (#845) 2017-02-07 19:54:16 +08:00
Bo-Yi Wu 71d35dae8c fix: wrong pages number which includes private repository count. (#844) 2017-02-06 23:18:36 +08:00
Lunny Xiao 8a421b1fd7 Add units concept for modulable functions of a repository (#742)
* Add units concept for modulable functions of a repository

* remove unused comment codes & fix lints and tests

* remove unused comment codes

* use struct config instead of map

* fix lint

* rm wrong files

* fix tests
2017-02-04 23:53:46 +08:00
Bo-Yi Wu a90a215662 feat: Add search bar on user profile page. (#787) 2017-02-04 20:20:20 +08:00
Ethan Koenig 400b6fd61c Cache ctxUser in retrieveFeeds(..) (#826) 2017-02-03 13:27:10 +08:00
Bo-Yi Wu 2db0ffe69e fix: User can see the private activity on public activity history. (#818) 2017-02-02 20:32:40 +08:00
Ethan Koenig 2eb15f4a61 Unit tests and remove unused functions in models/notification (#796)
* Unit tests and remove unused functions in models/notification

* Read -> Unread
2017-01-30 22:21:49 +08:00
Ethan Koenig da1b6164fe Fix FIXME and remove superfluous queries in models/org (#749) 2017-01-25 23:41:38 +08:00
Ethan Koenig 833f8b94c2 Search bar for issues/pulls (#530) 2017-01-25 10:43:02 +08:00
Andrey Nering d2bb8ef503 Notifications: trying to get a better layout (#660)
* i18n button titles

* Improvements on notification page layout

* Notification count badge fixes

* Make table <tr> clickable

* Fix octicon aligment

* Fix use of AppSubUrl
2017-01-18 09:18:55 +08:00
Andrew 6dd096b7f0 Two factor authentication support (#630)
* Initial commit for 2FA support

Signed-off-by: Andrew <write@imaginarycode.com>

* Add vendored files

* Add missing depends

* A few clean ups

* Added improvements, proper encryption

* Better encryption key

* Simplify "key" generation

* Make 2FA enrollment page more robust

* Fix typo

* Rename twofa/2FA to TwoFactor

* UNIQUE INDEX -> UNIQUE
2017-01-16 10:14:29 +08:00
xgitea 64b167138f docs: update translation on notification page for zh-CN (#649)
* docs: update translation on notification page for zh-CN

* use international resources
2017-01-13 17:31:48 +08:00
Andrey Nering 769e0a3ea6 Notifications: mark as read/unread and pin (#629)
* Use relative URLs

* Notifications - Mark as read/unread

* Feature of pinning a notification

* On view issue, do not mark as read a pinned notification
2017-01-12 12:27:09 +08:00
derSuessmann 51d578ff33 Add Keep email private (see issue #571). (#571)
- Add site-wide option DEFAULT_KEEP_EMAIL_PRIVATE.
- Add the new option to the install and admin/config pages.
- Add the new option to app.ini in the service section.
- Add the new option to the settings struct.
- Add English text strings to i18n.
- Add field KeepEmailPrivate to user struct.
- Add field KeepEmailPrivate to user form.
- Add option to UI.
- Add using noreply email address if user has "Keep Email Private".
An email address <LowerName>@<NO_REPLY_ADDRESS> is now used in commit
messages (and hopefully all other git log relevant places). The
change relies on the fact that git commands should use
user.NetGitSig().
- Add hiding of email address in UI, if user has set "Keep Email Private".
- Add condition to show email address only on explore/users and user
pages, if user has not set "Keep Email Private".
- Add noreply email in API if set "Keep Email Private".
- Add a new service setting NO_REPLY_ADDRESS. The value of this
setting is used as the domain part for the user's email address in
git log, iff he decides to keep his email address private.
If the user decides to keep his email address private and this
option is not set 'noreply.example.org' is used, which no MTA
should send email to.

Add NO_REPLY_ADDRESS to conf/app.ini.
2017-01-08 11:12:03 +08:00
Andrey Nering b354cf362e Add pagination for notifications 2017-01-03 17:09:36 -02:00
Andrey Nering 341a3b571b Do not get count on /api routers 2017-01-02 16:31:50 -02:00
Andrey Nering 6069abe5fd Notifications - Step 2 2016-12-30 16:51:24 -02:00
Andrey Nering b992858883 Tab on user profile to show starred repos (#519)
* Tab on user profile to show starred repos

* Make golint happy and use transactions on StarRepo function

* x -> sess

* Use sess.Close() instead of sess.Rollback()

* Add copyright

* Fix lint
2016-12-29 22:58:24 +08:00
Bwko f27d87d93b Added minimum password length to app.ini (#223) 2016-12-24 21:40:44 +08:00
Ethan Koenig d0932ef147 Bug fixes for Issues filters (#413)
Correctly handle simultaneous assignee/poster filters, and conflicting assignee filters
2016-12-24 18:33:21 +08:00
Lunny Xiao a12da66dfb resolved #394 (#396) 2016-12-23 01:26:01 +01:00
Denis Denisov 380e32e129 Fix random string generator (#384)
* Remove unused custom-alphabet feature of random string generator

Fix random string generator

Random string generator should return error if it fails to read random data via crypto/rand

* Fixes variable (un)initialization mixed assign
Update test GetRandomString
2016-12-20 13:32:02 +01:00
Lunny Xiao b4c794058a fixed vulnerabilities (#392) 2016-12-15 16:49:06 +08:00
Bwko a4ece1f223 Fixes typos 2016-11-27 12:59:12 +01:00
Lunny Xiao 94da472717 Golint fixed for modules/setting (#262)
* golint fixed for modules/setting

* typo fixed and renamed UNIXSOCKET to UnixSocket
2016-11-27 18:14:25 +08:00
Lunny Xiao cf045b029c golint fixed for parts of routers root, dev, user and org dirs (#167)
* golint fixed for parts of routers root, dev and org dirs

* add user/auth.go golint fixed

* rename unnecessary exported to unexported and user dir golint fixed
2016-11-18 11:03:03 +08:00
Thibault Meyer ddee4c8b58
Normalize files with gofmt 2016-11-11 13:11:45 +01:00
Sandro Santilli 4247304f5a Update import paths from github.com/go-gitea to code.gitea.io (#135)
- Update import paths from github.com/go-gitea to code.gitea.io
- Fix import path for travis

See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
2016-11-10 17:24:48 +01:00
Joubert RedRat f91cbf0fed Support to last login feature 2016-11-09 08:53:45 -02:00
Sandro Santilli b7bf9dfd28 more 2016-11-07 17:55:31 +01:00
Sandro Santilli f6a11e0de1 More MixedCase consts 2016-11-07 17:24:59 +01:00
Rémy Boulanouar 2d68bd1ef9 Change import reference to match gitea instead of gogs (#37) 2016-11-03 10:29:56 -02:00
LefsFlare 2cb5ec5983 Prevented user enumeration of valid users through HTTP status codes of login (#3639) (#3654) 2016-10-16 22:08:40 -04:00
Unknwon 780cc2d110 router/repo: code refactoring 2016-08-30 02:08:38 -07:00
Unknwon f0b5c3b90a #3448 redirect if any after sign in 2016-08-27 15:07:02 -07:00
lstahlman 2c82fc3edb Fix for #3410 overall issues for organisations is limited to num_repos from the user (#3412) 2016-08-09 10:00:42 -07:00
Sandro Santilli 90dd0657b5 Add support for federated avatars (#3320)
* Add support for federated avatars

Fixes #3105

Removes avatar fetching duplication code
Adds an "Enable Federated Avatar" checkbox in user settings
(defaults to unchecked)

Moves avatar settings all in the same form, making
local and remote avatars mutually exclusive

Renames UploadAvatarForm to AvatarForm
as it's not anymore only for uploading

* Run gofmt on all modified files

* Move Avatar form in its own page

* Add go-libravatar dependency to vendor/ dir

Hopefully helps with accepting the contribution.
See also #3214

* Revert "Add go-libravatar dependency to vendor/ dir"

This reverts commit a8cb93ae640bbb90f7d25012fc257bda9fae9b82.

* Make federated avatar setting a global configuration

Removes the per-user setting

* Move avatar handling back to base tool, disable federated avatar in offline mode

* Format, handle error

* Properly set fallback host

* Use unsupported github.com mirror for importing go-libravatar

* Remove comment showing life exists outside of github.com

... pity, but contribution would not be accepted otherwise

* Use Combo for Get and Post methods over /avatar

* FEDERATED_AVATAR -> ENABLE_FEDERATED_AVATAR

* Fix persistance of federated avatar lookup checkbox at install time

* Federated Avatars -> Enable Federated Avatars

* Use len(string) == 0 instead of string == ""

* Move import line where it belong

See
https://github.com/Unknwon/go-code-convention/blob/master/en-US/import_packages.md

Pity the import url is still the unofficial one, but oh well...

* Save a line (and waste much more expensive time)

* Remove redundant parens

* Remove an empty line

* Remove empty lines

* Reorder lines to make diff smaller

* Remove another newline

Unknwon review got me start a fight against newlines

* Move DISABLE_GRAVATAR and ENABLE_FEDERATED_AVATAR after OFFLINE_MODE

On re-reading the diff I figured what Unknwon meant here:
https://github.com/gogits/gogs/pull/3320/files#r73741106

* Remove newlines that weren't there before my intervention
2016-08-07 10:27:38 -07:00
Unknwon cf6d321991 Ignore repository with issue disabled or use external tracker in dashboard issues 2016-08-05 12:46:26 -07:00
Unknwon 50422f1fc2 #3348 always use relative avatar link in the template 2016-08-05 12:12:54 -07:00
Unknwon e74630ae3b #1384 add pagination for repositories 2016-07-24 14:32:46 +08:00
Unknwon 1f2e173a74 Refactor User.Id to User.ID 2016-07-24 01:08:22 +08:00
Unknwon 46e96c008c Use struct for UI settings 2016-07-24 00:23:54 +08:00
Unknwon f1b8d52eb3 #2854 fix no mail notification when issue is closed/reopened 2016-07-16 00:36:39 +08:00
Unknwon 762ab056a2 Fix XORM IN condition table name parse 2016-03-27 18:21:37 -04:00
Unknwon 8966f5635d Merge pull request #2823 from zacheryph/feature/local-only-password-reset
Prevent `Forgot Password` for non local users
2016-03-14 16:44:05 -04:00
Zachery Hostens 63e21c146a ensure we don’t try changing LDAP passswords 2016-03-14 09:40:16 -05:00
Unknwon 9bd9ad4205 #1692 add CRUD issue APIs
- Fix go-gogs-client#10
- Related to #809
2016-03-13 23:20:22 -04:00
Unknwon b4f47a7623 #1891 attempt to fix invalid csrf token 2016-03-12 20:56:03 -05:00
Unknwon 514382e2eb Rename module: middleware -> context 2016-03-11 11:56:52 -05:00
Alec S 792c13cf0a readd 'dashboard' to title 2016-03-10 12:10:03 -06:00