Commit graph

276 commits

Author SHA1 Message Date
Lunny Xiao 90eb9fb889
Move EmailAddress & UserRedirect into models/user/ (#17607)
* Move EmailAddress into models/user/

* Fix test

* rename user_mail to user_email

* Fix test

* Move UserRedirect into models/user/

* Fix lint & test

* Fix lint

* Fix lint

* remove nolint comment

* Fix lint
2021-11-11 15:03:30 +08:00
Lunny Xiao 99b2858e62
Move unit into models/unit/ (#17576)
* Move unit into models/unit/

* Rename unit.UnitType as unit.Type
2021-11-09 20:57:58 +01:00
qwerty287 3676fafdac
Add API to get/edit wiki (#17278)
* Add API to get/edit wiki

* Add swagger docs, various improvements

* fmt

* Fix lint and rm comment

* Add page parameter

* Add pagination to pages

* Add tests

* fmt

* Update func names

* Update error handling

* Update type name

* Fix lint

* Don't delete Home

* Update func name

* Update routers/api/v1/repo/wiki.go

Co-authored-by: delvh <dev.lh@web.de>

* Remove unnecessary check

* Fix lint

* Use English strings

* Update integrations/api_wiki_test.go

Co-authored-by: delvh <dev.lh@web.de>

* Update func and test names

* Remove unsed check and avoid duplicated error reports

* Improve error handling

* Return after error

* Document 404 error

* Update swagger

* Fix lint

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

* Document file encoding

* fmt

* Apply suggestions

* Use convert

* Fix integration test

* simplify permissions

* unify duplicate key Title/Name

* improve types & return UTC timestamps

* improve types pt.2

- add WikiPageMetaData.LastCommit
- add WikiPageMetaData.HTMLURL
- replace WikiPageMetaData.Updated with .LastCommit.Committer.Created

also delete convert.ToWikiPage(), as it received too many arguments and
only had one callsite anyway. sorry for bad advice earlier 🙃

* WikiPage.Content is base64 encoded

* simplify error handling in wikiContentsByName()

* update swagger

* fix & DRY findWikiRepoCommit() error handling

ListWikiPages() previously wrote error twice when repo wiki didn't exist

* rename Content -> ContentBase64

* Fix test

* Fix tests

* Update var name

* suburl -> sub_url

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Norwin <git@nroo.de>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-10-25 11:43:40 +08:00
wxiaoguang e18ea9e349
Update documents for Gitea behind reverse proxy. Fix some small bugs (some URLs are generated without sub-path) (#17320)
* Apache `ProxyPassReverse` only works for Location, Content-Location and URI headers on HTTP redirect responses, it causes more problems than it resolves. Now all URLs generated by Gitee have the correct prefix AppSubURL. We do not need to set `ProxyPassReverse`.

* fix url param

* use AppSubURL instead of AppURL in api/v1

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-10-15 23:34:07 -04:00
Romain d0a681fbc3
[API] Add endpount to get user org permissions (#17232)
* Add endpoint

* Add swagger response + generate swagger

* Stop execution if user / org is not found

* Add tests


Co-authored-by: 6543 <6543@obermui.de>
2021-10-12 12:47:19 +02:00
techknowlogick babab0bf5e
Add nodeinfo endpoint for federation purposes (#16953)
Nodeinfo is a way to expose certain metadata about a server for use of discovery regarding functionality of its federation capabilities.

Two endpoints are required:
1. `/.well-known/nodeinfo` which informs client where it can find the location of the location of its metadata (including which version of the schema is used)
2. the endpoint which exposes the metadata in json format according to schema.

Notes:
* `openRegistrations` is a required field, but I propose to set to false as default in case someone writes a crawler to discover "open" gitea instances
* to limit data leakage I also propose to not include the `usage` field (note it is required so it should be included, but left as empty).

More info:
https://github.com/jhass/nodeinfo
https://github.com/jhass/nodeinfo/tree/main/schemas/2.1
http://nodeinfo.diaspora.software/protocol.html
2021-09-28 01:38:06 +02:00
qwerty287 0fa153f421
Merge endpoints for pull diff/patch (#17104)
this merges the two API endpoints for the PR diff/patch in to one
2021-09-22 01:04:53 +02:00
qwerty287 5ac857f4d4
Add API to get commit diff/patch (#17095)
* Add API to get commit diff/patch
* Add Tests

Co-authored-by: 6543 <6543@obermui.de>
2021-09-20 18:14:29 +02:00
zeripath a334a95a3c
Use common sessioner for API and Web (#17027)
* Use common sessioner for API and Web

Instead of creating separate sessioner and doubly initialising the provider just
use the same sessioner for the API and Web routes.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-09-12 19:35:38 +02:00
nitul1991 2d25b7d44b
Add an api endpoint to fetch git notes (#15373) (#16649)
close #15373
2021-08-11 03:01:40 +02:00
6543 c4d70a0325
Rename ctx.Form() to ctx.FormString() and move code into own file (#16571)
Followup from #16562 prepare for #16567

* Rename ctx.Form() to ctx.FormString()
* Reimplement FormX func to need less code and cpu cycles
* Move code into own file
2021-08-11 02:31:13 +02:00
zeripath 19e2c6a302
Set AllowedHeaders on API CORS handler (#16524)
Set AllowedHeaders on API CORS handler and add missing Access-Control-Expose-Headers
to pull API.

Fix #16100

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-08-04 21:56:49 +02:00
Lunny Xiao 33e0b38287
Rename context.Query to context.Form (#16562) 2021-07-29 03:42:15 +02:00
zeripath b82293270c
Add option to provide signature for a token to verify key ownership (#14054)
* Add option to provide signed token to verify key ownership

Currently we will only allow a key to be matched to a user if it matches
an activated email address. This PR provides a different mechanism - if
the user provides a signature for automatically generated token (based
on the timestamp, user creation time, user ID, username and primary
email.

* Ensure verified keys can act for all active emails for the user

* Add code to mark keys as verified

* Slight UI adjustments

* Slight UI adjustments 2

* Simplify signature verification slightly

* fix postgres test

* add api routes

* handle swapped primary-keys

* Verify the no-reply address for verified keys

* Only add email addresses that are activated to keys

* Fix committer shortcut properly

* Restructure gpg_keys.go

* Use common Verification Token code

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-07-13 15:28:07 +02:00
a1012112796 5bb97a12d7
Creating a repo from a template repo via API (#15958)
* Creating a repo from a template repo via API

fix #15934
ref:
https://docs.github.com/en/rest/reference/repos#create-a-repository-using-a-template

Signed-off-by: a1012112796 <1012112796@qq.com>
2021-07-05 17:29:08 +02:00
sebastian-sauer 92328a3394
Add API to get commits of PR (#16300)
* Add API to get commits of PR

fixes #10918

Co-authored-by: Andrew Bezold <andrew.bezold@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2021-07-02 14:19:57 +02:00
6543 eb324a9402
[API] Add repoGetTag (#16166)
* GetTag -> GetAnnotatedTag

* API: Add repoGetTag

* fix swagger docs

* support "/" as tag name char

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-06-23 17:08:47 -04:00
6543 58501a2682
[API] GET / SET User Settings (#16169)
* API: GET/SET User Settings

* linter

* Apply suggestions from code review

* Update modules/structs/user.go

* lint

* fix swagger

* move User2UserSettings to convert

* as per @zeripath "preferences" -> "settings"

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-06-23 15:58:44 -04:00
zeripath 681e81babd
reqOrgMembership calls need to be preceded by reqToken (#16198)
ReqOrgMembership calls need to be preceded by reqToken

Fix #16192

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-06-21 14:01:44 +01:00
6543 f7cd394680
[API] Add repoCreateTag (#16165)
* Add API CreateTag

* Add Test

* API: expose Tag Message
2021-06-17 18:04:10 +02:00
6543 b3fbd37e99
[API] expose repo.GetReviewers() & repo.GetAssignees() (#16168)
* API: expose repo.GetReviewers() & repo.GetAssignees()

* Add tests

* fix unrelated swagger query type
2021-06-17 16:02:34 +02:00
Lunny Xiao fb3ffeb18d
Add sso.Group, context.Auth, context.APIAuth to allow auth special routes (#16086)
* Add sso.Group, context.Auth, context.APIAuth to allow auth special routes

* Remove unnecessary check

* Rename sso -> auth

* remove unused method of Auth interface
2021-06-09 19:53:16 +02:00
zeripath cbf30830d2
Add missing SameSite settings for the i_like_gitea cookie (#16037)
The i_like_gitea cookie appears to be missing the SameSite settings. I think they
were present at some point but may have been removed in a merge.

This PR ensures that they are set.

Fix #15972

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-05-31 14:22:36 -04:00
Norwin e542b416a7
api: fix overly strict edit pr permissions (#15900)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2021-05-19 10:48:48 -04:00
6543 e278614753
[API] make change repo settings work on empty repos (#15778)
* API: Fix #15602

* Add TEST
2021-05-08 14:11:36 +02:00
zeripath 47fd156936
Use route rather than use thus reducing the number of stack frames (#15301)
Since the move to Chi the number of stack frames has proliferated somewhat catastrophically and we're up to 96 frames with multiple tests of the url outside of a trie which is inefficient.

This PR reduces the number of stack frames by 6 through careful use of Route, moves Captcha into its own router so that it only fires on Captcha routes, similarly for avatars and repo-avatars.

The robots.txt, / and apple-touch-icon.png are moved out of requiring Contexter.

It moves access logger higher in the stack frame because there is no reason why it can't be higher.

Extract from #15186
Contains #15292
2021-05-04 22:48:31 +01:00
zeripath fa3895ce81
Move modules/forms to services/forms (#15305)
Forms are dependent on models and therefore should be in services.

This PR also removes the old auth. aliasing

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-04-06 20:44:05 +01:00
6543 16dea6cebd
[refactor] replace int with httpStatusCodes (#15282)
* replace "200" (int) with "http.StatusOK" (const)

* ctx.Error & ctx.HTML

* ctx.JSON Part1

* ctx.JSON Part2

* ctx.JSON Part3
2021-04-05 11:30:52 -04:00
zeripath 91ee3be588
Prevent incorrect HTML escaping in swagger.json (#14957)
* Prevent incorrect HTML escaping in swagger.json

Fix #14706

Signed-off-by: Andrew Thornton <art27@cantab.net>

* oops add it to the helper

Signed-off-by: Andrew Thornton <art27@cantab.net>

* try again

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-11 23:43:04 -05:00
zeripath c8e5c79cfd
Add ui.explore settings to control view of explore pages (2) (#14094)
This is an alternative PR to #13687.

Add `[ui.explore]` settings to allow restricting the
explore pages to logged in users only and to disable the users explore page.

The two proposed settings are:

- `REQUIRE_SIGNIN_VIEW`: Only allows access to the explore pages if the
user is signed in. Also restricts
  - `/api/v1/user/search`
  - `/api/v1/users/{username}`
  - `/api/v1/users/{username}/repos`
  - but does not restrict `/api/v1/users/{username}/heatmap`
- `DISABLE_USERS_PAGE`: Disables the /explore/users page

Fix #2908

Close #13687 

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-03-11 13:40:54 +00:00
techknowlogick a3cc842e15
Show Gitea version in swagger (#14654)
Show Gitea version in swagger

Co-authored-by: 6543 <6543@obermui.de>
2021-02-12 21:51:56 +01:00
Paweł Bogusławski 7d7007dca7
Added option to disable webhooks (#13176)
* Added option to disable web hooks

This mod introduces DISABLE_WEB_HOOKS parameter in [security] section
of app.ini (by default set to false). If set to true it disables web
hooks feature. Any existing undelivered web hook tasks will be cancelled.
Any existing web hook definitions will be left untouched in db but
its delivery tasks will be ignored.

Author-Change-Id: IB#1105130

* Webhook spelling fixed

Webhook spelling fixed.

Fixes: 07df6614dc
Related: https://github.com/go-gitea/gitea/pull/13176#pullrequestreview-510868421
Author-Change-Id: IB#1105174

* Parameter description fixed

Parameter description fixed.

Fixes: 07df6614dc
Related: https://github.com/go-gitea/gitea/pull/13176#pullrequestreview-514086107
Author-Change-Id: IB#1105174
2021-02-11 12:34:34 -05:00
a1012112796 ac701637b4
Add dismiss review feature (#12674)
* Add dismiss review feature

refs:
    https://github.blog/2016-10-12-dismissing-reviews-on-pull-requests/
    https://developer.github.com/v3/pulls/reviews/#dismiss-a-review-for-a-pull-request

* change modal ui and error message

* Add unDismissReview api

Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-02-11 18:32:25 +01:00
6543 5f248d0df2
[API] Add delete release by tag & fix unreleased inconsistency (#14563)
* DeleteReleaseByTag delete release not git tags

* Add api to delete tag (without release)

* fix & extend tests

* fix swagger doc
2021-02-07 19:32:18 +01:00
6543 6d27703f14
[API] List, Check, Add & delete endpoints for repository teams (#13630)
* List, Check, Add & delete endpoints for repository teams

* return units on single team responce too

* Add Tests
2021-02-01 22:57:12 +01:00
Lunny Xiao a51cc6dea4
Fix access log (#14475)
Fix #14121, #14478.

The `AccessLog` middleware has to be after `Contexter` or `APIContexter` so that we can get `LoginUserName` if possible.
And also there is a **BREAK** change that it removed internal API access log.
2021-01-27 18:46:35 +01:00
Lunny Xiao 6433ba0ec3
Move macaron to chi (#14293)
Use [chi](https://github.com/go-chi/chi) instead of the forked [macaron](https://gitea.com/macaron/macaron). Since macaron and chi have conflicts with session share, this big PR becomes a have-to thing. According my previous idea, we can replace macaron step by step but I'm wrong. :( Below is a list of big changes on this PR.

- [x] Define `context.ResponseWriter` interface with an implementation `context.Response`.
- [x] Use chi instead of macaron, and also a customize `Route` to wrap chi so that the router usage is similar as before.
- [x] Create different routers for `web`, `api`, `internal` and `install` so that the codes will be more clear and no magic .
- [x] Use https://github.com/unrolled/render instead of macaron's internal render
- [x] Use https://github.com/NYTimes/gziphandler instead of https://gitea.com/macaron/gzip
- [x] Use https://gitea.com/go-chi/session which is a modified version of https://gitea.com/macaron/session and removed `nodb` support since it will not be maintained. **BREAK**
- [x] Use https://gitea.com/go-chi/captcha which is a modified version of https://gitea.com/macaron/captcha
- [x] Use https://gitea.com/go-chi/cache which is a modified version of https://gitea.com/macaron/cache
- [x] Use https://gitea.com/go-chi/binding which is a modified version of https://gitea.com/macaron/binding
- [x] Use https://github.com/go-chi/cors instead of https://gitea.com/macaron/cors
- [x] Dropped https://gitea.com/macaron/i18n and make a new one in `code.gitea.io/gitea/modules/translation`
- [x] Move validation form structs from `code.gitea.io/gitea/modules/auth` to `code.gitea.io/gitea/modules/forms` to avoid dependency cycle.
- [x] Removed macaron log service because it's not need any more. **BREAK**
- [x] All form structs have to be get by `web.GetForm(ctx)` in the route function but not as a function parameter on routes definition.
- [x] Move Git HTTP protocol implementation to use routers directly.
- [x] Fix the problem that chi routes don't support trailing slash but macaron did.
- [x] `/api/v1/swagger` now will be redirect to `/api/swagger` but not render directly so that `APIContext` will not create a html render. 

Notices:
- Chi router don't support request with trailing slash
- Integration test `TestUserHeatmap` maybe mysql version related. It's failed on my macOS(mysql 5.7.29 installed via brew) but succeed on CI.

Co-authored-by: 6543 <6543@obermui.de>
2021-01-26 16:36:53 +01:00
Andrew Bezold bc05ddc0eb
Redirect on changed user and org name (#11649)
* Add redirect for user

* Add redirect for orgs

* Add user redirect test

* Appease linter

* Add comment to DeleteUserRedirect function

* Fix locale changes

* Fix GetUserByParams

* Fix orgAssignment

* Remove debug logging

* Add redirect prompt

* Dont Export DeleteUserRedirect & only use it within a session

* Unexport newUserRedirect

* cleanup

* Fix & Dedub API code

* Format Template

* Add Migration & rm dublicat

* Refactor: unexport newRepoRedirect() & rm dedub del exec

* if this fails we'll need to re-rename the user directory

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-01-24 16:23:05 +01:00
Lunny Xiao dc66e4740f
Fix middlewares sequences (#14354)
Co-authored-by: 6543 <6543@obermui.de>
2021-01-16 12:23:02 +01:00
6543 7d2700c8be
[API] Only Return Json (#13511)
* Let Branch and Raw Endpoint return json error if not found

* Revert "RM RepoRefByTypeForAPI and move needed parts into GetRawFile directly"

This reverts commit d826d08577b23765cb3c257e7a861191d1aa9a04.

* more similar to RepoRefByType

* dedub-code

* API should just speak JSON

* nice name

Co-authored-by: zeripath <art27@cantab.net>
2020-11-14 11:13:55 -05:00
John Olheiser b5e974c8a5
Delete tag API (#13358)
* Delete tag API

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Wording

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add conflict response and fix API tests

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix other test

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-10-30 20:56:34 -05:00
a1012112796 b9850375fc
Add review request api (#11355)
* Add review request api

* add : POST /repos/{owner}/{repo}/pulls/{index}/requested_reviewers
* Remove : DELET /repos/{owner}/{repo}/pulls/{index}/requested_reviewers
* fix some request review bug
* block delet request review by models/DeleteReview()

Signed-off-by: a1012112796 <1012112796@qq.com>

* make fmt

* fix bug

* fix test code

* fix typo

* Apply suggestion from code review @jonasfranz

* fix swagger ref

* fix typo

Co-authored-by: Lauris BH <lauris@nix.lv>

* fix comment

* Change response message

* chang response so some simplfy

* Add ErrIllLegalReviewRequest
fix some nits

* make fmt

* Apply suggestions from code review

Co-authored-by: silverwind <me@silverwind.io>

* * Add team support
* fix test
* fix an known bug

* fix nit

* fix test

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

* update get api and add test

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
2020-10-20 14:18:25 -04:00
zeripath f2858600af
Return 404 not 500 from API if team does not exist (#13118)
If team does not exist expect ErrTeamNotExist not ErrUserNotEXist

Fix #11336

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-10-12 17:09:21 -04:00
Johan Van de Wauw 34d9cb335c
API: Get release by tags endpoint (#12932)
Get a release based on a tag name (for which a release exists).
Based on:
https://developer.github.com/v3/repos/releases/#get-a-release-by-tag-name

Co-authored-by: 赵智超 <1012112796@qq.com>
Co-authored-by: 6543 <6543@obermui.de>
2020-09-25 20:11:43 +01:00
zeripath 7a7f56044a
Adopt repositories (#12920)
* Don't automatically delete repository files if they are present

Prior to this PR Gitea would delete any repository files if they are
present during creation or migration. This can in certain circumstances
lead to data-loss and is slightly unpleasant.

This PR provides a mechanism for Gitea to adopt repositories on creation
and otherwise requires an explicit flag for deletion.

PushCreate is slightly different - the create will cause adoption if
that is allowed otherwise it will delete the data if that is allowed.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix tests and migrate overwrite

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @lunny

Only offer to adopt or overwrite if the user can do that.

Allow the site administrator to adopt or overwrite in all
circumstances

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Use setting.Repository.DefaultBranch for the default branch

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Always set setting.Repository.DefaultBranch

Signed-off-by: Andrew Thornton <art27@cantab.net>

* update swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* update templates

Signed-off-by: Andrew Thornton <art27@cantab.net>

* ensure repo closed

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Rewrite of adoption as per @6543 and @lunny

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

* update swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* missing not

Signed-off-by: Andrew Thornton <art27@cantab.net>

* add modals and flash reporting

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Make the unadopted page searchable

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add API

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Handle empty and non-master branched repositories

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove commented out code

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-25 07:09:23 +03:00
John Olheiser 26c4a049da
Issue templates directory (#11450)
* Issue templates

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add some comments, appease the linter

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add docs and re-use dir candidates

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add default labels to issue templates

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Generate swagger

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Suggested changes

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update issue.go

* Suggestions

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Extract metadata from legacy if possible

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-11 10:48:39 -04:00
6543 fd60ebfe14
[API] Migration: Change ServiceType String (#12672)
* use different structs for MigrateRepoOptions on UI and API

* Fix TokenAuth and rename UID to an understandable Name

* fix swagger doc

* simplify & mk redable

* R E F A C T O R:
migration has now internal 3 structs to store its options:
 * the Options for WebUI: modules/auth/repo_form.go
 * the Options for API: modules/structs/repo.go
 * the option struct with after validation for internal prossessing: modules/migrations/base/options.go

* Copyright Header

* Deprecate UID - add RepoOwner

* adopt repo.go -> migrate.go

* add comment about each struct purpose

* lint
2020-09-10 23:29:19 +01:00
6543 dba5d82f86
Expose Attachemnt Settings by API (#12514)
close #12368
2020-09-05 08:43:06 +01:00
6543 2a52aeec49
API: Expose its limitation settings (#12714)
* API: Expose its limitation settings

* TESTs

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-04 14:10:15 -04:00
zeripath 2ae8c7ab1c
Add cron running API (#12421)
* Add cron running API

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

* placate-swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* return not found

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-08-24 11:48:15 -04:00
赵智超 8a6790b2aa
Add API to update pr headBranch (#12419)
* [API] Add update pr headBranch api

Signed-off-by: a1012112796 <1012112796@qq.com>
2020-08-04 21:55:22 +01:00
6543 7b260acd7b
Add TOTP header to Swagger Documentation (#12402) 2020-08-02 13:01:12 +01:00
6543 fc2f2c7602
API: Move AllowedReactions endpoint into GetGenneralUI endpoint + creat new swagger section settings (#11854)
* move Setting function into its own package

* swagger add&use new section "settings"

* move api AllowedReactions into general UI-Settings endpoint

* prepare TEST

* lint
2020-06-22 14:21:31 -04:00
6543 68a2af6d68
API expose usefull General Repo settings settings (#11758)
* GeneralRepoSettings expose MirrorsDisabled, HTTPGitDisabled, MaxCreationLimit

* Apply suggestions from code review

Co-authored-by: proton <25139420+proton-ab@users.noreply.github.com>

* lint

Co-authored-by: proton <25139420+proton-ab@users.noreply.github.com>
2020-06-10 15:05:46 +03:00
Lauris BH 2874ab54bc
Add language statistics API endpoint (#11737)
* Add language statistics API

* Add tests
2020-06-07 14:48:41 +03:00
zeripath f761a37a0f
Provide diff and patch API endpoints (#11751)
* Provide diff and patch API endpoints

The diff and patch endpoints on the main routes are not accessible by token
therefore we provide new API based endpoints for these

Fix #10923

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Make the response an actual string

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-06-05 14:03:12 +03:00
6543 b534a5164f
[API] Expose allowed Reactions (#11735)
* [API] Expose allowed Reactions

* dont be in soutch a rush

* add TEST

* use ElementsMatch

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-06-04 12:16:53 +03:00
Terence Le Huu Phuong 141d52cc0f
Add API Endpoint for Branch Creation (#11607)
* [FEATURE] [API] Add Endpoint for Branch Creation

Issue: https://github.com/go-gitea/gitea/issues/11376

This commit introduces an API endpoint for branch creation.

The added route is POST /repos/{owner}/{repo}/branches.
A JSON with the name of the new branch and the name of the old branch is
required as parameters.

Signed-off-by: Terence Le Huu Phuong <terence@qwasar.io>

* Put all the logic into CreateBranch and removed CreateRepoBranch

* - Added the error ErrBranchDoesNotExist in error.go
- Made the CreateNewBranch function return an errBranchDoesNotExist error
when the OldBranch does not exist
- Made the CreateBranch API function checks that the repository is not
empty and that branch exists.

* - Added a resetFixtures helper function in integration_test.go to
fine-tune test env resetting
- Added api test for CreateBranch
- Used resetFixture instead of the more general prepareTestEnv in the
repo_branch_test CreateBranch tests

* Moved the resetFixtures call inside the loop for APICreateBranch function

* Put the prepareTestEnv back in repo_branch_test

* fix import order/sort api branch test

Co-authored-by: zeripath <art27@cantab.net>
2020-05-29 19:16:20 +01:00
zeripath c42c31a111
Correctly set the organization num repos (#11339)
* Correctly set the organization num repos

Correctly set the organization num repos to the number of
accessible repos for the user

Fix #11194

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @lunny

Signed-off-by: Andrew Thornton <art27@cantab.net>

* attempt to fix mssql

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update models/user.go

* Explicit columns

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add test and fix 0 counted orgs

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove orgname from api

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-05-12 01:04:08 +03:00
Cirno the Strongest 32b8172e56
Consolidate API for getting single commit (#11368)
* Allow Git ref for /repos/{owner}/{repo}/git/commits/{sha}

* Consolidate API for getting single commit

* Fix tests and do it differently

Co-authored-by: zeripath <art27@cantab.net>
2020-05-11 12:44:36 +03:00
6543 c97494a4f4
API: Add pull review endpoints (#11224)
* API: Added pull review read only endpoints

* Update Structs, move Conversion, Refactor

* refactor

* lint & co

* fix lint + refactor

* add new Review state, rm unessesary, refacotr loadAttributes, convert patch to diff

* add DeletePullReview

* add paggination

* draft1: Create & submit review

* fix lint

* fix lint

* impruve test

* DONT use GhostUser for loadReviewer

* expose comments_count of a PullReview

* infent GetCodeCommentsCount()

* fixes

* fix+impruve

* some nits

* Handle Ghosts 👻

* add TEST for GET apis

* complete TESTS

* add HTMLURL to PullReview responce

* code format as per @lafriks

* update swagger definition

* Update routers/api/v1/repo/pull_review.go

Co-authored-by: David Svantesson <davidsvantesson@gmail.com>

* add comments

Co-authored-by: Thomas Berger <loki@lokis-chaos.de>
Co-authored-by: David Svantesson <davidsvantesson@gmail.com>
2020-05-02 03:20:51 +03:00
Shashvat Kedia 74cc3c5e18
Allow list collaborators for users with Read access to repo (#9995)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-04-21 11:22:04 -04:00
6543 bb4261a5ed
Add issue subscription check to API (#10967)
close #10962

Adds `GET /api/v1​/repos​/{owner}​/{repo}​/issues​/{index}​/subscriptions​/check`
 -> return a `WachInfo`
2020-04-21 14:48:53 +01:00
6543 3c5a4d094a
[API] Add branch delete (#11112)
* use same process as in routers/repo/branch.go/deleteBranch

* make sure default branch can not be deleted

* remove IsDefaultBranch from UI process - it is worth its own pull

* permissions
2020-04-19 10:38:09 +08:00
Dan Molik 743022116d
Add Get/Update for api/v1/user/applications/oauth2 (#11008)
Add api methods for getting and updating user oauth2 applications.

Signed-off-by: Dan Molik <dan@danmolik.com>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-04-09 19:37:31 -05:00
j.yao.SUSE b40107c416
[suggest] change merge strategy: do not check write access if user in merge white list (#10951)
* [suggest] change merge strategy: do not check write access if user in merge white list #10935

(cherry picked from commit ba74fc6389dfcad03c273441a49b54e4d38c86ee)

* fix NPE

* Fix cross compile (#10952)

* Fix cross compile

* Add test for cross compile

* Fix drone

* Fix drone

* Also prevent CC environment not to generate

Co-authored-by: zeripath <art27@cantab.net>

* fix merge box icon color bug (#10974)

that because need some space beturn ``text`` and color defines

Signed-off-by: a1012112796 <1012112796@qq.com>

* [skip ci] Updated translations via Crowdin

* Allow X in addition to x in tasks (#10979)

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove api: merge  reqRepoWriter

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 赵智超 <1012112796@qq.com>
Co-authored-by: GiteaBot <teabot@gitea.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-04-08 14:26:50 +03:00
6543 3d63caa542
[API] Get a single commit via Ref (#10915)
* GET /repos/:owner/:repo/commits/:ref

* add Validation Checks

* Fix & Extend TEST

* add two new tast cases
2020-04-07 22:54:46 -04:00
mrsdizzie 8d99ee2773
Add Organization Wide Labels (#10814)
* Add organization wide labels

Implement organization wide labels similar to organization wide
webhooks. This lets you create individual labels for organizations that can be used
for all repos under that organization (so being able to reuse the same
label across multiple repos).

This makes it possible for small organizations with many repos to use
labels effectively.

Fixes #7406

* Add migration

* remove comments

* fix tests

* Update options/locale/locale_en-US.ini

Removed unused translation string

* show org labels in issue search label filter

* Use more clear var name

* rename migration after merge from master

* comment typo

* update migration again after rebase with master

* check for orgID <=0 per guillep2k review

* fmt

* Apply suggestions from code review

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* remove unused code

* Make sure RepoID is 0 when searching orgID per code review

* more changes/code review requests

* More descriptive translation var per code review

* func description/delete comment when issue label deleted instead of hiding it

* remove comment

* only use issues in that repo when calculating number of open issues for org label on repo label page

* Add integration test for IssuesSearch API with labels

* remove unused function

* Update models/issue_label.go

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Use subquery in GetLabelIDsInReposByNames

* Fix tests to use correct orgID

* fix more tests

* IssuesSearch api now uses new BuildLabelNamesIssueIDsCondition. Add a few more tests as well

* update comment for clarity

* Revert previous code change now that we can use the new BuildLabelNamesIssueIDsCondition

* Don't sort repos by date in IssuesSearch API

After much debugging I've found a strange issue where in some cases MySQL will return a different result than other enigines if a query is sorted by a null collumn. For example with our integration test data where we don't set updated_unix in repository fixtures:

SELECT `id`, `owner_id`, `owner_name`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` ORDER BY updated_unix DESC LIMIT 15 OFFSET 45

Returns different results for MySQL than other engines. However, the similar query:

SELECT `id`, `owner_id`, `owner_name`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` ORDER BY updated_unix DESC LIMIT 15 OFFSET 30

Returns the same results.

This causes integration tests to fail on MySQL in certain cases but would never show up in a real installation. Since this API call always returns issues based on the optionally provided repo_priority_id or the issueID itself, there is no change to results by changing the repo sorting method used to get ids earlier in the function.

* linter is back!

* code review

* remove now unused option

* Fix newline at end of files

* more unused code

* update to master

* check for matching ids before query

* Update models/issue_label.go

Co-Authored-By: 6543 <6543@obermui.de>

* Update models/issue_label.go

* update comments

* Update routers/org/setting.go

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: 6543 <6543@obermui.de>
2020-04-01 01:14:46 -03:00
Gustavo Marin af61b2249a
adds API endpoints to manage OAuth2 Application (list/create/delete) (#10437)
* add API endpoint to create OAuth2 Application.

* move endpoint to /user. Add swagger documentations and proper response type.

* change json tags to snake_case. add CreateOAuth2ApplicationOptions to swagger docs.

* change response status to Created (201)

* add methods to list OAuth2 apps and delete an existing OAuth2 app by ID.

* add APIFormat convert method and file header

* fixed header

* hide secret on oauth2 application list

* add Created time to API response

* add API integration tests for create/list/delete OAuth2 applications.

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-02-29 03:19:32 -03:00
David Svantesson 9ff4e1d2d9
Add API branch protection endpoint (#9311)
* add API branch protection endpoint

* lint

* Change to use team names instead of ids.

* Status codes.

* fix

* Fix

* Add new branch protection options (BlockOnRejectedReviews, DismissStaleApprovals, RequireSignedCommits)

* Do xorm query directly

* fix xorm GetUserNamesByIDs

* Add some tests

* Improved GetTeamNamesByID

* http status created for CreateBranchProtection

* Correct status code in integration test

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2020-02-12 23:19:35 +00:00
6543 13bc82009c
API endpoint for repo transfer (#9947)
* squash

* optimize

* fail before make any changes

* fix-header
2020-01-31 15:49:04 +00:00
6543 44de66bf50 [API] add endpoint to check notifications [Extend #9488] (#9595)
* introduce GET /notifications/new

* add TEST

* use Sprintf instead of path.Join

* Error more verbose

* return number of notifications if unreaded exist

* 200 http status for available notifications
2020-01-14 16:37:19 +01:00
6543 10055bd2b1 [API] add GET /orgs endpoint (#9560)
* introduce `GET /orgs`

* add TEST

* show also other VisibleType's

* update description

* refactor a lot

* SearchUserOptions by default return only public
2020-01-12 23:43:44 +08:00
6543 e8ea0695b0 [API] creat org repo call same as github (#9186)
* deprecate /api/v1/org/{org}/repos in favour of /api/v1/orgs/{org}/repos + cleanup api repository routes a bit

* remove redundant code

* use upstream function for api cal

* make generate-swagger

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-01-09 16:40:01 +00:00
6543 6baa5d7588 [API] Add notification endpoint (#9488)
* [API] Add notification endpoints

 * add func GetNotifications(opts FindNotificationOptions)
 * add func (n *Notification) APIFormat()
 * add func (nl NotificationList) APIFormat()
 * add func (n *Notification) APIURL()
 * add func (nl NotificationList) APIFormat()
 * add LoadAttributes functions (loadRepo, loadIssue, loadComment, loadUser)
 * add func (c *Comment) APIURL()
 * add func (issue *Issue) GetLastComment()
 * add endpoint GET /notifications
 * add endpoint PUT /notifications
 * add endpoint GET /repos/{owner}/{repo}/notifications
 * add endpoint PUT /repos/{owner}/{repo}/notifications
 * add endpoint GET /notifications/threads/{id}
 * add endpoint PATCH /notifications/threads/{id}

* Add TEST

* code format

* code format
2020-01-09 11:56:32 +00:00
6543 14a9687444 times Add filters (#9373)
(extend #9200)
 * add query param for GET functions (created Bevore & after)
 * add test
 * generalize func GetQueryBeforeSince

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-01-08 16:14:00 -05:00
6543 e88d67b774 [API] add comments endpoint for single comment (#9494)
* add GET /repos/{owner}/{repo}/issues/comments/{id}
 and complete error list for swagger in other func

* add repo check
2020-01-08 15:00:59 +08:00
6543 134e3fdf3d [API] dont reqToken on GetReactions (fix #9543) (#9548)
* dont reqToken on GetReactions

* ctx.Repo.CanWrite has ctx.User.IsAdmin in It

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-01-02 23:27:31 +02:00
6543 f2d03cda96 [API] Extend times API (#9200)
Extensively extend the times API.

close #8833; close #8513; close #8559
2019-12-27 20:30:58 +00:00
6543 2848c5eb8f Swagger info corrections (#9441)
* use numbers and not http.Status___ enum

* fix test

* add many missing swagger responses

* code format

* Deletion Sould return 204 ...

* error handling improvements

* if special error type ... then add it to swagger too

* one smal nit

* invalidTopicsError is []string

* valid swagger specification 2.0
 - if you add responses swagger can tell you if you do it right 👍

* use ctx.InternalServerError

* Revert "use numbers and not http.Status___ enum"

This reverts commit b1ff386e24.

* use http.Status* enum everywhere
2019-12-20 19:07:12 +02:00
6543 aceb1085c7 [API] extend StopWatch (#9196)
* squash api-stopwatch

* fix prepair logic! + add Tests

* fix lint

* more robust time compare

* delete responce 202 -> 204

* change http responce in test too
2019-12-11 23:23:05 -05:00
6543 37e10d4543 [API] Add Reactions (#9220)
* reject reactions wich ar not allowed

* dont duble check CreateReaction now throw ErrForbiddenIssueReaction

* add /repos/{owner}/{repo}/issues/comments/{id}/reactions endpoint

* add Find Functions

* fix some swagger stuff + add issue reaction endpoints + GET ReactionList now use FindReactions...

* explicite Issue Only Reaction for FindReactionsOptions with "-1" commentID

* load issue; load user ...

* return error again

* swagger def canged after LINT

* check if user has ben loaded

* add Tests

* better way of comparing results

* add suggestion

* use different issue for test
(dont interfear with integration test)

* test dont compare Location on timeCompare

* TEST: add forbidden dubble add

* add comments in code to explain

* add settings.UI.ReactionsMap
so if !setting.UI.ReactionsMap[opts.Type] works
2019-12-07 17:04:19 -05:00
6543 2ab8c78c30 Refactor Issues Subscription (#8738)
* FIX: getIssueWatchers() get only aktive suscriber

* save query to work later with it or not ...

* fix test + add new case

* corect tests + GetIssueWatch

* API issue_subscripton: Put/Delete require tocken

* remove redundant code

* swagger specify return value

* remove unused binding

* remove note
because I'll implement this in a different way and in another PR

* ID should be unique!

* use xorm session

* Revert "use xorm session"

This reverts commit c1de540147.

* better test code
* more acurate comments
* use assert.False/True instead of Equal

* use more assert methodes
2019-11-20 22:50:54 +08:00
David Svantesson 184e47f6ce Handle setting default branch via API (#9030) 2019-11-17 01:30:00 -05:00
zeripath 722a7c902d
Add Close() method to gogitRepository (#8901)
In investigating #7947 it has become clear that the storage component of go-git repositories needs closing.

This PR adds this Close function and adds the Close functions as necessary.

In TransferOwnership the ctx.Repo.GitRepo is closed if it is open to help prevent the risk of multiple open files.

Fixes #7947
2019-11-13 07:01:19 +00:00
6543 5a187f4bcc Add API for Issue set Subscription (#8729)
* add issue subscriber API

* subscribers return []user.APIFormat

* add comments

* more meaningfull description

* without "reqToken()" api works ...
 * should be still secure beause ctx.user has to be there or nothing will hapen

* FIX: getIssueWatchers() get only aktive suscriber

* add return avter error on right position

* Revert "FIX: getIssueWatchers() get only aktive suscriber"

This reverts commit 5eca929185.

* Update routers/api/v1/repo/issue.go

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* test go linter again

* update swagger

* GetIssueWatchers -> GetIssueSubscribers

part one

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* GetIssueWatchers -> GetIssueSubscribers
part two

* Revert "test go linter again"

This reverts commit bab1235622.

* change description for unsubscribe too

* golangci-lint timeout avter 5min

* move issueSubscription to seperate file

* dont create black entitys

* use IsWatching until refactoring

* Update License Info

* better swagger description

* Update .golangci.yml

because functions moved from issue.go to issue_subscription.go

* add IssueWatchList type

* batch tasks

* use e Engien

* add error handling

* error should be the last type when returning multiple items

* short version

* reurn empy UserList instead of nil
2019-11-02 23:27:49 +08:00
Brad Albright 887a8fe242 Allow cross-repository dependencies on issues (#7901)
* in progress changes for #7405, added ability to add cross-repo dependencies

* removed unused repolink var

* fixed query that was breaking ci tests; fixed check in issue dependency add so that the id of the issue and dependency is checked rather than the indexes

* reverted removal of string in local files becasue these are done via crowdin, not updated manually

* removed 'Select("issue.*")' from getBlockedByDependencies and getBlockingDependencies based on comments in PR review

* changed getBlockedByDependencies and getBlockingDependencies to use a more xorm-like query, also updated the sidebar as a result

* simplified the getBlockingDependencies and getBlockedByDependencies methods; changed the sidebar to show the dependencies in a different format where you can see the name of the repository

* made some changes to the issue view in the dependencies (issue name on top, repo full name on separate line). Change view of issue in the dependency search results (also showing the full repo name on separate line)

* replace call to FindUserAccessibleRepoIDs with SearchRepositoryByName. The former was hardcoded to use isPrivate = false on the repo search, but this code needed it to be true. The SearchRepositoryByName method is used more in the code including on the user's dashboard

* some more tweaks to the layout of the issues when showing dependencies and in the search box when you add new dependencies

* added Name to the RepositoryMeta struct

* updated swagger doc

* fixed total count for link header on SearchIssues

* fixed indentation

* fixed aligment of remove icon on dependencies in issue sidebar

* removed unnecessary nil check (unnecessary because issue.loadRepo is called prior to this block)

* reverting .css change, somehow missed or forgot that less is used

* updated less file and generated css; updated sidebar template with styles to line up delete and issue index

* added ordering to the blocked by/depends on queries

* fixed sorting in issue dependency search and the depends on/blocks views to show issues from the current repo first, then by created date descending; added a "all cross repository dependencies" setting to allow this feature to be turned off, if turned off, the issue dependency search will work the way it did before (restricted to the current repository)

* re-applied my swagger changes after merge

* fixed split string condition in issue search

* changed ALLOW_CROSS_REPOSITORY_DEPENDENCIES description to sound more global than just the issue dependency search; returning 400 in the cross repo issue search api method if not enabled; fixed bug where the issue count did not respect the state parameter

* when adding a dependency to an issue, added a check to make sure the issue and dependency are in the same repo if cross repo dependencies is not enabled

* updated sortIssuesSession call in PullRequests, another commit moved this method from pull.go to pull_list.go so I had to re-apply my change here

* fixed incorrect setting of user id parameter in search repos call
2019-10-31 13:06:10 +08:00
Lunny Xiao 0a80164bec Revert "API should follow RequireSignInView (#8654)" (#8675)
This reverts commit 3c63c3ace4.
2019-10-24 22:10:48 +01:00
Lunny Xiao 3c63c3ace4
API should follow RequireSignInView (#8654) 2019-10-24 13:32:40 +08:00
zeripath fcb535c5c3
Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631)
This PR fixes #7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however.

## Features
- [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.)
- [x] Verify commits signed with the default gpg as valid
- [x] Signer, Committer and Author can all be different
    - [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon.
- [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available
    - Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg
    - [x] Try to match the default key with a user on gitea - this is done at verification time
- [x] Make things configurable?
    - app.ini configuration done
    - [x] when checking commits are signed need to check if they're actually verifiable too
- [x] Add documentation

I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
2019-10-16 14:42:42 +01:00
David Svantesson 36bcd4cd6b API endpoint for searching teams. (#8108)
* Api endpoint for searching teams.

Signed-off-by: dasv <david.svantesson@qrtech.se>

* Move API to /orgs/:org/teams/search

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Regenerate swagger

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix search is Get

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add test for search team API.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Update routers/api/v1/org/team.go

grammar

Co-Authored-By: Richard Mahn <richmahn@users.noreply.github.com>

* Fix review comments

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix some issues in repo collaboration team search, after changes in this PR.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Remove teamUser which is not used and replace with actual user id.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Remove unused search variable UserIsAdmin.

* Add paging to team search.

* Re-genereate swagger

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix review comments

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* fix

* Regenerate swagger
2019-10-01 13:32:28 +08:00
David Svantesson 1f951cdeba Add API endpoint for accessing repo topics (#7963)
* Create API endpoints for repo topics.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Generate swagger

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add documentation to functions

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Grammar fix

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix function comment

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Can't use FindTopics when looking for a single repo topic, as it doesnt use exact match

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add PUT ​/repos​/{owner}​/{repo}​/topics and remove GET ​/repos​/{owner}​/{repo}​/topics

* Ignore if topic is sent twice in same request, refactoring.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix topic dropdown with api changes.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Style fix

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Update API documentation

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Better way to handle duplicate topics in slice

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Make response element TopicName an array of strings, instead of using an array of TopicName

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add test cases for API Repo Topics.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix format of tests

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix comments

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix unit tests after adding some more topics to the test fixture.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Update models/topic.go

Limit multiple if else if ...

Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>

* Engine as first parameter in function

Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>

* Replace magic numbers with http status code constants.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix variable scope

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Test one read with login and one with token

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add some more tests

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Apply suggestions from code review

Use empty struct for efficiency

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Add test case to check access for user with write access

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Fix access, repo admin required to change topics

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Correct first test to be without token

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Any repo reader should be able to access topics.

* No need for string pointer

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
2019-09-03 23:46:24 +08:00
Mike Schwörer 042089fbaf API method to list all commits of a repository (#6408)
* Added API endpoint ListAllCommits (/repos/{owner}/{repo}/git/commits)

Signed-off-by: Mike Schwörer <mailport@mikescher.de>

* Fixed failing drone build

Signed-off-by: Mike Schwörer <mailport@mikescher.de>

* Implemented requested changes (PR reviews)

Signed-off-by: Mike Schwörer <mailport@mikescher.de>

* gofmt

Signed-off-by: Mike Schwörer <mailport@mikescher.de>

* Changed api route from "/repos/{owner}/{repo}/git/commits" to "/repos/{owner}/{repo}/commits"

* Removed unnecessary line

* better error message when git repo is empty

* make generate-swagger

* fixed removed return

* Update routers/api/v1/repo/commits.go

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Update routers/api/v1/repo/commits.go

Co-Authored-By: Lauris BH <lauris@nix.lv>

* go fmt

* Refactored common code into ToCommit()

* made toCommit not exported

* added check for userCache == nil
2019-08-26 16:09:10 +02:00
Tamal Saha 6b3f52fe5f Run CORS handler first for /api routes (#7967)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-08-26 13:33:06 +02:00
Tamal Saha 171b359877 Use gitea forked macaron (#7933)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-08-23 12:40:29 -04:00
zeripath 635e7b38bd
Swagger: Add information to API Token header (#7585)
* Add a description to the API Token header for swagger
2019-07-24 09:34:11 +01:00
Lunny Xiao b5aa7f7ceb fix api route (#7346) 2019-07-03 06:31:29 +01:00
Richard Mahn cd96dee982 Fixes #7292 - API File Contents bug (#7301) 2019-06-29 16:51:10 -04:00
Richard Mahn 8de0b0a3f0 Fixes #2738 - Adds the /git/tags API endpoint (#7138)
* Fixes #2738 - /git/tags API

* proper URLs

* Adds function comments

* Updates swagger

* Removes newline from tag message

* Removes trailing newline from commit message

* Adds integration test

* Removed debugging

* Adds tests

* Fixes bug where multiple tags of same commit show wrong tag name

* Fix formatting

* Removes unused varaible

* Fix to annotated tag function names and response

* Update modules/git/repo_tag.go

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Uses TagPrefix

* Changes per review, better error handling for getting tag and commit IDs

* Fix to getting commit ID

* Fix to getting commit ID

* Fix to getting commit ID

* Fix to getting commit ID
2019-06-08 17:31:11 +03:00
Richard Mahn 1831b3b571 Fixes #5960 - Adds API Endpoint for Repo Edit (#7006)
* Feature - #5960 - API Endpoint for Repo Editing

* Revert from merge

* Adds integration testing

* Updates to integration tests

* Revert changes

* Update year in file header

* Misspell fix

* XORM = test

* XORM = test

* revert XORM = file

* Makes RepoUnit.ID be pk and autoincr

* Fix to units

* revert header

* Remove print statement

* Adds other responses

* Improves swagger for creating repo

* Fixes import order

* Better Unit Type does not exist error

* Adds editable repo properties to the response repo structure

* Fix to api_repo_edit_test.go

* Fixes repo test

* Changes per review

* Fixes typo and standardizes comments in the EditRepoOption struct for swagger

* Fixes typo and standardizes comments in the EditRepoOption struct for swagger

* Actually can unarchive through the API

* Unlike delete, user doesn't have to be the owner of the org, just admin to the repo

* Fix to swagger comments for field name change

* Update to swagger docs

* Update swagger

* Changes allow_pull_requests to has_pull_requests
2019-05-30 11:09:05 -04:00