Commit graph

1474 commits

Author SHA1 Message Date
Denis Denisov 380e32e129 Fix random string generator (#384)
* Remove unused custom-alphabet feature of random string generator

Fix random string generator

Random string generator should return error if it fails to read random data via crypto/rand

* Fixes variable (un)initialization mixed assign
Update test GetRandomString
2016-12-20 13:32:02 +01:00
Michael de Wit 1d30457a94 change test mail subject and body to 'Gitea Test Mail!'
Signed-off-by: Michael de Wit <mjwwit@gmail.com>
2016-12-20 09:34:50 +01:00
Lunny Xiao 7c46667e71 fixed vulnerabilities labels (#409) 2016-12-17 19:49:17 +08:00
Richie B2B 44428fdc38 Remove fixed FIXME (#408) 2016-12-16 17:00:30 +01:00
Richie B2B 0d6e88baef Fix typo (#407) 2016-12-16 17:00:15 +01:00
Lunny Xiao 15c3d14d55 fixed vulnerabilities on deleting release (#399) 2016-12-16 19:42:39 +08:00
Lunny Xiao b4c794058a fixed vulnerabilities (#392) 2016-12-15 16:49:06 +08:00
Lunny Xiao d771e978a1 Don't use custom PBKDF2 function (#382) 2016-12-15 09:24:27 +08:00
Lunny Xiao 73710c00a8 bug fixed branch name for pushupdate (#380) 2016-12-13 15:19:42 +08:00
Denis Denisov f0a989c1d0 Correction LDAP validation (#342)
* Correction LDAP username validation

As https://msdn.microsoft.com/en-us/library/aa366101(v=vs.85).aspx describe spaces should not be in start or at the end of username but they can be inside the username. So please check my solution for it.

* Check for zero length passwords in LDAP module.

According to https://tools.ietf.org/search/rfc4513#section-5.1.2 LDAP client should always check before bind whether a password is an empty value. There are at least one LDAP implementation which does not return error if you try to bind with DN set and empty password - AD.

* Clearing the login/email spaces at the [start/end]
2016-12-12 08:46:51 +08:00
Bwko abcd39f7d5 In the wiki title replace tab with a space (#371) 2016-12-11 11:01:26 +08:00
Bwko cbcb4361d5 Fixes issue #283
Delete old temp local copy before we create a new temp local copy
2016-12-09 20:13:48 +01:00
Ethan Koenig 401a8db0ed Remove stale comment in models/repo.go (#366) 2016-12-08 00:04:12 +01:00
Ethan Koenig 04b9a7e7a2 Bug fixes for repo permissions in API
Also move duplicated code into repo.APIFormat(..)
2016-12-07 12:55:24 +01:00
Thomas Boerger 83ed234472 Integrate templates into bindata optionally (#314)
Integrated optional bindata for the templates
2016-12-06 18:58:31 +01:00
Kim "BKC" Carlbäcker d07c955e2a Fix regression in PR-API #248 (#349)
* Fix #344 (regression in PR-API #248)
2016-12-05 12:17:39 +01:00
Bwko 0118b275b6 Fix for #320
Suppress the error when we're removing a file that may not exist
2016-12-03 22:31:54 +01:00
Denis Denisov c8f300b2cd Safe compare password (timing attack) (#338) 2016-12-03 13:49:17 +08:00
Kim "BKC" Carlbäcker 0f05470cb8 [API] Pull Requests (#248) 2016-12-02 12:10:39 +01:00
Kim "BKC" Carlbäcker e8e0539b45 Linting 2016-12-02 09:31:44 +01:00
Kim "BKC" Carlbäcker e6cfccdd40 GitHub API Compliance (& linting) 2016-12-02 09:18:15 +01:00
Bwko 4ff0db0246 Catch os... errors 2016-12-02 07:41:19 +01:00
Bwko 5ab85372da Added rel="noopener" to target="_blank" hrefs (#327)
* Added rel="noopener" to target="_blank" hrefs

* Replaced gogs.io/docs with docs.gitea.io
2016-12-02 09:12:16 +08:00
Lunny Xiao 646e02b521 typo 2016-12-01 09:05:32 +08:00
Thomas Boerger 6dd2c3b2db
Fixed linting errors for variable definitions 2016-11-29 14:05:26 +01:00
Kim "BKC" Carlbäcker 42ec5ce740 Fix breakage from vendor-update 2016-11-29 11:50:22 +01:00
Kim "BKC" Carlbäcker dad806d3ea CreateBranch-hook has shasum. Use the full ref for fetching shasum 2016-11-29 11:50:22 +01:00
Kim "BKC" Carlbäcker f364522468 Tag-webhooks are useless without shasums 2016-11-29 11:50:22 +01:00
Andrey Nering fd53028139 Merge pull request #294 from Bwko/Lint/user.go
Lint models/user.go
2016-11-28 20:30:02 -02:00
Bwko bad1bc6518 Lint models/repo.go 2016-11-28 18:27:55 +01:00
Bwko a5aae1c145 Lint models/repo_* 2016-11-28 17:58:59 +01:00
Bwko 9963d61233 Lint models/user.go 2016-11-28 17:47:46 +01:00
Lunny Xiao 27d66855eb golint fixed for models/migrations (#291) 2016-11-28 23:44:17 +08:00
Lunny Xiao 1d0f811399 golint fixed for models/pull.go (#292) 2016-11-28 23:31:06 +08:00
Lunny Xiao 9fc609ce17 golint fixed for models/issue_comment.go 2016-11-28 21:33:09 +08:00
Thomas Boerger 9948f0daaa Merge pull request #285 from lunny/lunny/golint_models_org_team
Golint for models/org_team.go
2016-11-28 09:42:53 +01:00
Lunny Xiao f215d78157 rename all uID -> userID on models/org_team.go 2016-11-28 16:33:08 +08:00
Lunny Xiao bf8d90c5cc golint fixed for models/models.go (#284) 2016-11-28 15:25:16 +08:00
Lunny Xiao 21846d16e5 golint for models/org_team.go 2016-11-28 09:30:08 +08:00
Lunny Xiao ec87a75c00 golint fixed for modules/auth 2016-11-27 21:39:06 +08:00
Bwko a4ece1f223 Fixes typos 2016-11-27 12:59:12 +01:00
Thomas Boerger 5efdccd1d8 Merge pull request #264 from Bwko/lint/org.go
Lint models/org.go
2016-11-27 12:18:20 +01:00
Thomas Boerger 9a984c0d49 Merge pull request #266 from Bwko/lint/repo_mirror
Lint models/repo_mirror.go
2016-11-27 12:15:01 +01:00
Thomas Boerger fe3908d099 Merge pull request #268 from Bwko/lint/repo_branch
Lint models/repo_branch.go
2016-11-27 12:14:25 +01:00
Thomas Boerger e23a9d22e5 Merge pull request #267 from Bwko/lint/ssh_key
Lint models/ssh_key.go
2016-11-27 12:13:43 +01:00
Thomas Boerger 93d527a0a4 Merge pull request #265 from Bwko/lint/access.go
Lint models/access.go
2016-11-27 12:12:56 +01:00
Thomas Boerger 8347a55cc2 Merge pull request #263 from Bwko/lint/user_email
Lint models/user_email.go
2016-11-27 12:12:02 +01:00
Lunny Xiao 94da472717 Golint fixed for modules/setting (#262)
* golint fixed for modules/setting

* typo fixed and renamed UNIXSOCKET to UnixSocket
2016-11-27 18:14:25 +08:00
Bwko 0b9cf10340 Lint models/org.go & models.go 2016-11-26 11:37:50 +01:00
Bwko 7bf7042013 Lint models/repo_mirror.go 2016-11-26 11:23:55 +01:00
Bwko ce8c9ef580 Lint models/repo_branch.go 2016-11-26 11:20:37 +01:00
Bwko 6cde041080 Lint models/ssh_key.go 2016-11-26 01:36:03 +01:00
Bwko 2bb1601d7c Lint models/access.go 2016-11-26 01:07:57 +01:00
Bwko 066f515a47 Lint models/user_email.go 2016-11-26 01:03:06 +01:00
Thomas Boerger 574e49c854 Merge pull request #241 from Bwko/lint/admin.go
Lint models/admin.go
2016-11-25 12:55:24 +01:00
Thomas Boerger 21b7d30174 Merge pull request #245 from Bwko/lint/update&slack
Lint models/update.go, release.go & webhook_slack.go
2016-11-25 12:55:14 +01:00
Thomas Boerger e9c6053b86 Merge pull request #246 from Bwko/fix/typo
Fix typos
2016-11-25 12:54:57 +01:00
Thomas Boerger 3e6f363471 Merge pull request #256 from lunny/lunny/golint_modules_avatar
Golint fixed for modules/avatar
2016-11-25 10:11:44 +01:00
Thomas Boerger 7c5de1e393 Merge pull request #250 from lunny/lunny/golint_modules_markdown
Golint fixed for modules/markdown
2016-11-25 10:08:23 +01:00
Lunny Xiao 3c87c57d96 golint fixed for modules/avatar 2016-11-25 16:37:04 +08:00
Bwko c0ca6644ad Lint/issue &mail (#243)
* Lint models/release.go

* Lint models/ issue_label, issue_mail & mail.go
2016-11-25 16:11:12 +08:00
Bwko 081c2a9395 Lint models/token.go (#244) 2016-11-25 16:03:52 +08:00
Lunny Xiao 76604d8f90 fixed test build error 2016-11-25 16:02:10 +08:00
Bwko 33a2ac3830 Lint models/update.go & webhook_slack.go 2016-11-25 07:55:08 +01:00
Lunny Xiao 304bbd3f25 golint fixed for modules/markdown 2016-11-25 09:58:05 +08:00
Bwko d8e11a8eaa Lint models/admin.go 2016-11-24 23:42:07 +01:00
Bwko ece19f4a5e Lint models/release.go 2016-11-24 22:02:54 +01:00
Lunny Xiao 450969c158 test database is connect OK after db config initialized (#239) 2016-11-24 22:30:36 +08:00
Sandro Santilli 1c3044b873 Lint models/login_source.go 2016-11-24 12:34:38 +01:00
Thomas Boerger 0a66c2a2d9 Merge pull request #234 from strk/issue-lint
Lint issue.go
2016-11-24 11:30:39 +01:00
Thomas Boerger e512411863 Merge pull request #233 from strk/git_diff-lint
Lint git_diff.go
2016-11-24 11:29:51 +01:00
Thomas Boerger 03b6880089 Merge pull request #232 from strk/error-lint
Lint error.go
2016-11-24 11:29:15 +01:00
Sandro Santilli 8aa960f129 Actually document the missing bits 2016-11-24 09:41:11 +01:00
Sandro Santilli 3fba29c571 Expand documentations 2016-11-24 09:30:08 +01:00
Sandro Santilli 0a61d54a9c Expand documentation a bit more 2016-11-24 09:20:28 +01:00
Sandro Santilli dd9d0f3732 Lint action.go 2016-11-24 09:03:29 +01:00
Sandro Santilli 170f2e98cc Lint error.go
This was done semi-programmatically, not really documenting anything
2016-11-24 09:03:17 +01:00
Sandro Santilli 6e644726d0 Lint git_diff.go
Semi-automatic linting (don't really document things)
2016-11-24 09:02:58 +01:00
Sandro Santilli 4dd1eb57bd Lint issue.go 2016-11-24 09:02:44 +01:00
stroucki 3a3782bb7f Handle ssh key import better (#224)
* Handle user ssh key input better

ssh_key: when user submitted keys had a newline at the end, strings.Split
would have created a slice with an empty last element, and the key type
check would be incorrect. Perhaps a better way is to look for 'ssh-rsa' or
'ssh-dsa' at the beginning of the string, but this is simple.

* ssh_key: correct indentation
2016-11-24 08:52:55 +08:00
Sandro Santilli c25063d834 Lint webhook.go, unexports simpleMarshalJSON (#198) 2016-11-22 14:42:52 +08:00
Bwko 2a449bd4b1 Fix typos 2016-11-21 20:08:21 +01:00
Ethan Koenig 0834e492c0 API endpoints for stars 2016-11-16 22:51:54 -05:00
Bo-Yi Wu d9ffe99972 fix variable assigned and not used.
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2016-11-15 14:16:27 +08:00
Sandro Santilli 592a4ec4d3 Fix lint errors in models/wiki (just add methods docs)
See #70
2016-11-14 18:01:46 +01:00
Andrey Nering 739f07c98e Remember diff view style (#163) 2016-11-13 10:54:04 +08:00
LefsFlare 3ef022b071 Fixes possible vulnerabilities with keyword hijacking (#20)
- Added public entries to reserved keywords list
- Rename variables
- Derped comment
2016-11-12 13:26:45 +01:00
Lunny Xiao 3dedc027ac Bug fixed for issues (#156) 2016-11-12 13:06:33 +01:00
Lunny Xiao 0baaa7728a bug fixed caused by #153 (#154) 2016-11-12 09:30:46 +01:00
Lunny Xiao 30a37311f8 use in instead string join (#155) 2016-11-12 09:29:18 +01:00
Lunny Xiao 555d8b16cb fixed bug #151 caused Find should be Get (#153) 2016-11-12 00:01:09 +01:00
Lunny Xiao ade6d4a20f optimization on database IN 2016-11-12 01:31:37 +08:00
Lunny Xiao 9bf28a2799 bug fixed for 500 caused by get org users (#149) 2016-11-12 00:55:06 +08:00
Thibault Meyer ddee4c8b58
Normalize files with gofmt 2016-11-11 13:11:45 +01:00
Sandro Santilli a1c5f02444 Fix import path of go-sdk (#141)
From code.gitea.io/go-sdk/gitea
  To code.gitea.io/sdk/gitea
2016-11-11 17:39:44 +08:00
Thibault Meyer b12f2a5916
Remove unused import 2016-11-10 21:10:25 +01:00
Thibault Meyer b0ddced2b5
Merge remote-tracking branch 'upstream/master' into feature/rewrite-xorm-queries
# Conflicts:
#	models/git_diff.go
#	models/issue.go
#	models/org.go
#	models/pull.go
#	models/repo.go
2016-11-10 21:05:52 +01:00
Thibault Meyer a4454f5d0f
Rewrite XORM queries 2016-11-10 20:59:51 +01:00
Sandro Santilli 4247304f5a Update import paths from github.com/go-gitea to code.gitea.io (#135)
- Update import paths from github.com/go-gitea to code.gitea.io
- Fix import path for travis

See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
2016-11-10 17:24:48 +01:00
Matthias Loibl 94b2747375 Remove go version from build tags (#133) 2016-11-10 08:43:49 -02:00