Backport #12577
When adding Avatar email-hash pairs we simply want the DB table to
represent a Set. We don't care if the hash-pair is already present,
so we just simply Insert and ignore the error.
Unfortunately this seems to cause some DBs to log the duplicate
insert to their logs - looking like a bug a in Gitea.
Now, there is no standard way in SQL to say Insert but if there's
an error ignore it. MySQL has INSERT IGNORE, PostgreSQL >= 9.5 has
INSERT ... ON CONFLICT DO NOTHING, but I do not believe that SQLite
or MSSQL have variants.
This PR places the insert in a transaction which we are happy to fail
if there is an error - hopefully this will stop the unnecessary
logging.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Backport #12900
We should only update is_empty, default_branch and updated time columns
during commitRepoAction and not update other columns as we risk
overwriting incorrect information.
Fix#11823Fix#10536
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Convert User expose ID each time (#12855)
* git blame tells me a lot of gitea things happen here around 2018, add header
* move user code int its own file
* expose user id
* adopt things from APIFormat
* fix test
* CI.restart()
* No Refactor
* CI.restart()
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Backport #12622
* Escape more things that are passed through str2html
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Bloody editors!
Co-authored-by: mrsdizzie <info@mrsdizzie.com>
* Update routers/user/oauth.go
* On Migration respect old DefaultBranch
* add DefaultBranch int test set
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
Backport #12771
Following further testing it has become apparent that the diff line
cannot be used to determine filenames for diffs with any sort of predictability
the answer therefore is to use the other lines that are provided with a diff
Fix#12768
Signed-off-by: Andrew Thornton <art27@cantab.net>
Make it possible to compile the default location of StaticRootPath independent from AppWorkPath
Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* When reading expired sessions - expire them
Update to latest macaron/session following merge of
https://gitea.com/macaron/session/pulls/11
Also remove old memory provider as 11 updates the memory provider to
make it unnecessary.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* and macaron/session/pulls/12
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
Backport #12554
* Fix diff path unquoting
services/gitdiff/gitdiff.go whereby there it assumed that the path would
always be quoted on both sides
This PR simplifies the code here and uses fmt.Fscanf to parse the
strings as necessary.
Fix#12546
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add testcase as per @mrsdizzie
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #12556
SSPI fails badly on authentication attempts to /api/internal which
it can never succesfully authenticate.
Fix#11260
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
The previous method did not escape single quotes which under some
circumstances can lead to XSS vulnerabilites and the fact that it
depends on jQuery is also not ideal. Replace it with a lightweight
module.
* Prevent NPE on commenting on lines with invalidated comments
Only check for a review if we are replying to a previous review.
Prevent the NPE in #12239 by assuming that a comment without a Review is
non-pending.
Fix#12239
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add hack around to show the broken comments
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix bug preventing transfer to private organization
The code assessing whether a private organization was visible to a user before
allowing transfer was incorrect due to testing membership the wrong way round
This PR fixes this issue and renames the function performing the test to be
clearer.
Further looking at the API for transfer repository - no testing was
performed to ensure that the acting user could actually see the new
owning organization.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* change IsUserPartOfOrg everywhere
Co-authored-by: zeripath <art27@cantab.net>
* Fix incorrect logging in oauth2.go
Fix#11945
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Handle ErrAlreadyInQueue in stats indexer
Fix#12380
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fixes type in error message of indexer
Add the missing character in the error message.
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lieven Hollevoet <hollie@lika.be>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lieven Hollevoet <hollie@lika.be>
* Fix emoji detection in certain cases (#12320)
* Fix emoji detection certain cases
Previous tests weren't complicated enough so there were some situations where emojis were't detected properly. Find the earliest occurance in addition to checking for the longest combination.
Fixes#12312
* ok spell bot
Co-authored-by: Lauris BH <lauris@nix.lv>
* Reduce emoji size (#12317)
* Reduce emoji size
Rendering should now pretty much match GitHub with 1.25em. I verified
that emojis don't increase the line height and removed unecessary size
overrides because now all emojis should appear similar in relation to
the font size.
* fix reaction hover
Co-authored-by: mrsdizzie <info@mrsdizzie.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
zeripath