Commit Graph

1238 Commits

Author SHA1 Message Date
Unknwon 60110adc06 models/webhook: restrict deletion to be explicitly with repo and org ID 2016-07-17 08:33:59 +08:00
Unknwon c083d76567 #2937 able to prohibit user login 2016-07-16 10:22:16 +08:00
Unknwon 52322ef624 models/user_mail: refactor EmailAddress 2016-07-16 10:08:04 +08:00
Sandro Santilli a4ea3bd015 Return avatar link as absolute url (#3235)
Fixes relative urls coming from api/v1

See https://github.com/drone/drone/issues/1701
2016-07-16 08:19:30 +08:00
Unknwon 3d93532c87 #3274 fix can't get webhook detail of organization 2016-07-16 01:02:55 +08:00
Unknwon f1b8d52eb3 #2854 fix no mail notification when issue is closed/reopened 2016-07-16 00:36:39 +08:00
Unknwon 7ca5f8f119 models/repo: remove redundant info for some repo methods
RepoLink -> Link, RepoRelLink -> RelLink, FullRepoLink -> FullLink
2016-07-15 21:53:43 +08:00
Kim Carlbäcker d950bf68e3 Ignore Response Body for Slack Hooks #3169 (#3256) 2016-07-15 14:02:19 +08:00
Unknwon a752f09055 #2709 validate username attribute fetched from LDAP 2016-07-12 07:07:57 +08:00
Unknwon 70a281a39b #2375 preserve cases for action content 2016-07-09 23:37:32 +08:00
Unknwon 9fcf66f0e0 Minor fix for #3246 2016-07-09 13:42:05 +08:00
Pablo Saavedra 98b152030d The pruning for the synchronized mirrors is a option now. Default value: enable_prune = true (#3246)
Executed go fmt

getEngine() not handles DB parameters (#2972) (#2974)

Uses .AllCols() for Update in updateMirror()

Spanish traslation removed

Fixed a wrong way to ommit the --prune option in process.ExecDir() for MirrorUpdate function
2016-07-09 13:22:28 +08:00
Pheng Heong TAN 467d7dacb6 Modify behaviour of repo-delete. (#3232)
Re: issues gogits/gogs#2863 and gogits/gogs#3231

As a result of modifications to the contents of the conf folder, `make bindata`
was run, causing an update to bindata.go.

Meta
-----
This commit will be rebased onto the 'develop' branch.
2016-07-09 13:13:57 +08:00
Unknwon d62ab49978 #3057 retrieve webhook with repo_id
This prevents user retrieve arbitrary webhook by changing URL to
access webhook from other unauthorized repositories.
2016-07-08 13:57:09 +08:00
Unknwon e30c701386 #3229 disallow repository name . and ..
Since . and .. has browser automatical behaviors, we need to disallow those names.
2016-07-08 07:34:05 +08:00
Unknwon 401bf944ef Use SecurityProtocol to replace UseSSL in LDAP config
Initially proposed by #2376 and fixes #3068 as well.
2016-07-08 07:25:09 +08:00
Unknwon 4b25bdfbc4 #3058 #3059 support correct page size and link header 2016-07-04 17:27:06 +08:00
Tom 528682a294 getEngine() not handles DB parameters (#2972) (#2974) 2016-07-02 22:39:39 +08:00
Unknwon 3a30c06345 Fix wiki vulnerabilities
- Arbitrary file creation leading to command execution
- .md file creation/deletion

Reported by Gabriel Campana.
2016-07-01 15:33:35 +08:00
Andrey Nering 743d22669a Re-work MAX_DIFF_LINES: supress diff per file, not the whole diff (#3174) 2016-06-29 23:11:00 +08:00
Andrey Nering 6efb1e5626 Localize collaboration settings. (#3100)
Closes #2764
2016-06-28 00:22:30 +08:00
Sandro Santilli 8a248696e9 Use a gopher as default avatar (rather than the gravatar logo) (#3208)
Also changes the avatar from a jpeg to a png, to allow for
transparent background. The indexed png is also smaller in size.

Note that at the moment the default avatar is only used when
the user requested a custom avatar and the custom avatar file
is not found (should never happen).

In the future the default avatar could be used as a default
return when by-mail avatar lookups fail too (both gravatar
and libravatar support passing a default)
2016-06-27 18:12:30 +08:00
Franz Schmidt 8b35c194ec Fixes #3110 (#3136) 2016-06-27 17:02:39 +08:00
Robin Lambertz ac05f88641 Fix #3154 (#3155) 2016-06-27 16:58:53 +08:00
SjonHortensius 17a4d8a5e5 Fix capitalisation of repo-name in news (#3203)
use 'official' repo.Name instead of incoming repoName; to enforce
correct capitalisation
2016-06-27 16:10:12 +08:00
Robin Lambertz bc00da1721 Fix negative issue count (#3207) 2016-06-27 01:53:30 +08:00
Unknwon e9ae926e04 #809 fix wrong closed issue count when create closed issue via API
Add start count corrector for Repository.NumClosedIssues
2016-05-27 18:23:39 -07:00
Andrey Nering 12d30255a7 Add comment note (#3093) 2016-05-23 13:24:40 -07:00
Kim Carlbäcker 3c0c7a9f83 Fix listing team members (#3048) 2016-05-06 20:02:36 -04:00
Andrey Nering d8612f7704 Fix remove folder issues, including initialization failling. (#2969)
- Prevent panic on creating notice if database is not available
- Prevent incorrect folder on Windows ("/" instead of "\")
2016-05-06 15:48:18 -04:00
Unknwon 0a78d99a4d models/release: filter input to prevent command line argument vulnerability 2016-05-06 15:40:41 -04:00
Unknwon 0325bec283 #2895 minor fix for bug of xorm 2016-04-26 00:22:03 -04:00
Thomas Boerger dfad51fe9e Made the issue stats query more secure with parameterized placeholders (#2895) 2016-04-26 00:07:49 -04:00
Unknwon 78b8b63774 #2992 set default style name when empty in AfterSet 2016-04-22 18:36:05 -04:00
Cosmin Stroe ba314a7a36 Support alphanumeric issue style (ABC-1234) for external issue tracker (#2992) 2016-04-22 18:28:08 -04:00
Unknwon 762ab056a2 Fix XORM IN condition table name parse 2016-03-27 18:21:37 -04:00
Thomas Boerger 746c7fd4e7 Followup fix for previous query fix 2016-03-28 00:05:49 +02:00
Thomas Boerger b5948f2e71 Made the issues query more secure and simpler 2016-03-27 23:26:45 +02:00
Thomas Boerger 79a1bfd963 Try to make the SQL queries cleaner and more secure 2016-03-27 22:59:57 +02:00
Unknwon b1d41cfa60 #1692 add admin APIs to add/remove a user from teams 2016-03-25 18:04:02 -04:00
Unknwon 98b58fa050 Handle windows deletion when start
Fix #2872
2016-03-23 03:16:53 -04:00
Unknwon e6f927f61a #1692 api: admin list and create team under organization 2016-03-21 12:47:54 -04:00
Unknwon ff731ea07d #2814 LOWER() column value within search 2016-03-16 16:55:19 -04:00
Odin Ugedal 6ccb2d36cf Remove email from user search 2016-03-15 19:44:58 +01:00
Odin Ugedal 3253e3c5aa Make user search look in username, name and email
Make user search function look in username (lower_name), full name
(full_name) and primary email (email). This will benefit searching after
user in "explore", admin panel and when adding new collaborators.
2016-03-15 14:16:58 +01:00
Unknwon 9bd9ad4205 #1692 add CRUD issue APIs
- Fix go-gogs-client#10
- Related to #809
2016-03-13 23:20:22 -04:00
Unknwon f76d821bda fix #2804 2016-03-11 17:12:37 -05:00
Unknwon 263304b6b7 #13 fix postgres aggregate 2016-03-11 16:11:33 -05:00
Unknwon 2bf8494332 #13 finish user and repository search
Both are possible on explore and admin panel
2016-03-11 15:33:12 -05:00
Marin Jankovski 1314ba219e Updated and created were appended with _unix. Fresh databases have only the newly named fields. 2016-03-11 12:43:35 +01:00
Unknwon 5267dce210 Fix ref comment from commit create empty feed 2016-03-11 05:11:58 -05:00
Unknwon eed9966ad6 #2727 fix incompatible SQL in PostgreSQL 2016-03-09 23:18:39 -05:00
Unknwon ad513a20e9 #2302 Replace time.Time with Unix Timestamp (int64) 2016-03-09 19:53:30 -05:00
Unknwon 13bd16af92 Minor fixes for #2766 2016-03-06 13:24:42 -05:00
Tamás Molnár 9c91e27933 Added: Ability to delete org avatar. 2016-03-06 17:36:30 +01:00
Unknwon a5b0400be7 #1146 finish new access rights for collaborators 2016-03-05 20:45:23 -05:00
Unknwon 045f14fbd0 #1146 finsih UI work for access mode of collaborators
Collaborators have write access as default, and can be changed via repository
collaboration settings page to change between read, write and admin.
2016-03-05 18:08:42 -05:00
Unknwon 414eb22ef9 #1597 fix activitity feeds for pull requests 2016-03-05 12:58:51 -05:00
Unknwon a2f13eae55 #1157 some avatar setting changes
- Allow to delete current avatar
2016-03-05 00:51:51 -05:00
Unknwon 2a931937a8 Update locales 2016-03-04 18:51:18 -05:00
Unknwon dfd6f8f7ab Merge pull request #2757 from joshfng/fix-fork-relative-url
Use relative url when showing forked from
2016-03-04 18:37:42 -05:00
Josh Frye 275464e7fb Use relative url when showing forked from 2016-03-04 18:32:30 -05:00
Unknwon e2d370f0da #1597 fix pull request remote head can't update with force push 2016-03-04 16:53:03 -05:00
Unknwon 5335e671be #2743 more fixes on SQL errors 2016-03-04 16:00:00 -05:00
Unknwon 2d2d85bba4 #1597 support pull requests in same repository 2016-03-04 15:43:01 -05:00
Unknwon 9df6ce48c5 Minor fixes for #2746 2016-03-04 13:32:17 -05:00
Unknwon 4d5911dbcf Merge pull request #2746 from joshfng/feature-delete-wiki-pages
Add ability to delete single wiki pages.
2016-03-04 13:14:37 -05:00
Unknwon d57a2b908a #2743 and #2751 fix bad SQL generated by XORM
Use hand-written SQL to do complex query
2016-03-04 13:08:47 -05:00
Josh Frye 1ca171dbe9 Add ability to delete single wiki pages. 2016-03-04 09:26:52 -05:00
Unknwon 260723e2cc Minor fixes for #2745 2016-03-03 23:24:22 -05:00
Josh Frye f3358f5927 Repo setting to delete and disable wiki 2016-03-03 16:12:48 -05:00
Josh Frye 7f2733fa1b Return errors instead of just logging them. 2016-03-03 12:43:23 -05:00
Josh Frye edb7967dc7 Set DefaultBranch to master when importing a new repo if possible 2016-03-03 12:23:45 -05:00
Unknwon c9901bbba5 #2743 workaround to fix XORM problem 2016-03-03 10:57:27 -05:00
Unknwon 97429a25ab #2727 make IN clause compatible with Postgres 2016-03-01 14:39:28 -05:00
Unknwon 9e89584cb4 Allow setting git operations timeouts
- Migrate: #2704 #2653
- Clone: #2701
- Mirror, Pull
2016-02-29 19:29:49 -05:00
Unknwon ea80274229 #2700 fix sqlite3 can't create issue with more than one label 2016-02-29 18:45:12 -05:00
Unknwon 8055a0bdac Post work for #2637
Improve test cases, config settings, also show SSH config settings on admin config panel.
2016-02-27 20:48:39 -05:00
Unknwon 83c74878df Merge pull request #2637 from Gibheer/ssh-publickeys
allow native and ssh-keygen public key check
2016-02-27 18:55:14 -05:00
Unknwon d320915ad2 Minor fix for #2710 2016-02-27 11:31:24 -05:00
Lukas Dietrich c0eaae200e Add ForegroundColor for labels 2016-02-27 13:59:11 +01:00
Unknwon 129638117f #2697 fix panic when close issue via commit message 2016-02-25 14:17:55 -05:00
Gibheer 2f27ee2232 variable should not use ALL_CAPS 2016-02-23 15:39:05 +01:00
Unknwon 912f7b51e9 #1821 add actions for close and reopen issues 2016-02-22 12:40:00 -05:00
Andrey Nering d160c7e565 Little refactoring of diff highlight.
Moving cache variable to template instead of in the struct.
2016-02-21 18:45:24 -03:00
Unknwon ac78bae7b5 Replace uuid module with original package 2016-02-20 18:13:12 -05:00
Unknwon d5a3021a7d Make markdown as an independent module 2016-02-20 17:10:05 -05:00
Unknwon d8a994ef24 Move cron module to independent package
Make it easier to keep track of upstream changes and bug fixes
2016-02-20 15:58:09 -05:00
Unknwon acf094fb07 Minor fix for #2634
Add AttributesInBind option in new auth source form.
2016-02-20 14:56:27 -05:00
Unknwon b7f3d94cd0 Minor fix for #2524 2016-02-19 22:16:26 -05:00
Unknwon f6c98465c7 Merge pull request #2524 from mhartkorn/pullrefs
Enable a way to checkout Pull Requests from remote refs
2016-02-19 22:00:25 -05:00
Unknwon aa12135b97 Fix panic when view profile without signin
Also fix that no matter who, still able to see organizations with private membership.
2016-02-19 18:10:03 -05:00
Unknwon 2408df3f35 Merge pull request #2663 from Download-Fritz/MirrorForks
#2505 Allow to fork and disallow to create PRs for mirrors.
2016-02-19 15:04:50 -05:00
Download-Fritz a467184e13 #2505 Allow to fork and disallow to create PRs for mirrors. 2016-02-19 20:33:06 +01:00
Unknwon 338af89d56 #2650 fix possbility that use email as pusher user name
Remove the possibility of using email as user name when user actually push
through combination of email and password with HTTP.

Also refactor update action function to replcae tons of arguments with
single PushUpdateOptions struct.
And define the user who pushes code as pusher, therefore variable names shouldn't
be confusing any more.
2016-02-17 22:47:06 -05:00
Gibheer dab74f21b7 remove ed25519 test for now
TravisCI is too old for ed25519, so it can't be tested correctly.
2016-02-17 11:30:48 +01:00
Gibheer 9eef2e706c fix ssh public key tests
The old API was using []byte, but was changed to string without running
the tests again.
It also sets the variables from the configuration to make them work.
Maybe there is a better way to do this.
2016-02-17 09:33:41 +01:00
Gibheer 12403bdfb0 allow native and ssh-keygen public key check
This commit adds the possibibility to use either the native golang
libraries or ssh-keygen to check public keys. The check is adjusted
depending on the settings, so that only supported keys are let through.

This commit also brings back the blacklist feature, which was removed in
7ef9a05588. This allows to blacklist
algorythms or keys based on the key length. This works with the native
and the ssh-keygen way.

Because of #2179 it also includes a way to adjust the path to
ssh-keygen and the working directory for ssh-keygen. With this,
sysadmins should be able to adjust the settings in a way, that SELinux
is okay with it. In the worst case, they can switch to the native
implementation and only loose support for ed25519 keys at the moment.
There are some other places which need adjustment to utilize the
parameters and the native implementation, but this sets the ground work.
2016-02-16 23:01:56 +01:00
Lunny Xiao 779b71eda4 fix dependency broken because xorm's API changed 2016-02-16 22:35:08 +08:00
Unknwon 2765b5c7cf #2630 fix wrong user avatar link in webhook
Was using the wrong method and now uses the method which checks if
the avatar link is relative or not.
2016-02-15 15:18:53 -05:00