1
1
mirror of https://github.com/go-gitea/gitea synced 2025-07-25 03:38:36 +00:00

200 Commits

Author SHA1 Message Date
wxiaoguang
a5a3d9b101 Refactor OpenIDConnect to support SSH/FullName sync (#34978)
* Fix #26585
* Fix #28327
* Fix #34932
2025-07-10 18:35:59 +00:00
TheFox0x7
aa9d86745a enforce explanation for necessary nolints and fix bugs (#34883)
Follows up https://github.com/go-gitea/gitea/pull/34851

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-06-27 21:48:03 +08:00
silverwind
1f35435b81 Run gopls modernize on codebase (#34751)
Recent modernize fixes:
https://github.com/golang/tools/commits/master/gopls/internal/analysis/modernize
2025-06-18 01:48:09 +00:00
wxiaoguang
0082cb51fa Fix last admin check when syncing users (#34649)
Fix #34358
2025-06-09 20:57:45 +00:00
wxiaoguang
f6041441ee Refactor FindOrgOptions to use enum instead of bool, fix membership visibility (#34629) 2025-06-09 03:30:34 +00:00
Philip Peterson
c5e78fc7ad Do not mutate incoming options to SearchRepositoryByName (#34553)
Similar to #34544, this PR changes the `opts` argument in
`SearchRepositoryByName()` to be passed by value instead of by pointer,
as its mutations do not escape the function scope and are not used
elsewhere. This simplifies reasoning about the function and avoids
unnecessary pointer usage.

This insight emerged during an initial attempt to refactor
`RenderUserSearch()`, which currently intermixes multiple concerns.

---------

Co-authored-by: Philip Peterson <philip-peterson@users.noreply.github.com>
2025-06-02 17:33:25 +00:00
Philip Peterson
b0936f4f41 Do not mutate incoming options to RenderUserSearch and SearchUsers (#34544)
This PR changes the `opts` argument in `SearchUsers()` to be passed by
value instead of by pointer, as its mutations do not escape the function
scope and are not used elsewhere. This simplifies reasoning about the
function and avoids unnecessary pointer usage.

This insight emerged during an initial attempt to refactor
`RenderUserSearch()`, which currently intermixes multiple concerns.

Co-authored-by: Philip Peterson <philip-peterson@users.noreply.github.com>
2025-05-27 19:36:02 +00:00
wxiaoguang
0148d03f21 Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187)
Fix #880

Design:

1. A global setting `security.TWO_FACTOR_AUTH`.
* To support org-level config, we need to introduce a better "owner
setting" system first (in the future)
2. A user without 2FA can login and may explore, but can NOT read or
write to any repositories via API/web.
3. Keep things as simple as possible.
* This option only aggressively suggest users to enable their 2FA at the
moment, it does NOT guarantee that users must have 2FA before all other
operations, it should be good enough for real world use cases.
* Some details and tests could be improved in the future since this
change only adds a check and seems won't affect too much.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2025-04-28 15:31:59 -07:00
wxiaoguang
9705adb27f Make public URL generation configurable (#34250)
Follow up #32564

Co-authored-by: Jannis Pohl <838818+jannispl@users.noreply.github.com>
Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
2025-04-22 06:49:37 +08:00
Jannis Pohl
d1a3bd6814 Make ROOT_URL support using request Host header (#32564)
Resolve #32554

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-04-20 11:43:48 +00:00
TheFox0x7
ee3c82f874 Enable addtional linters (#34085)
enable mirror, usestdlibbars and perfsprint 
part of: https://github.com/go-gitea/gitea/issues/34083

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-04-01 10:14:01 +00:00
TheFox0x7
0fde8ecd55 Enable testifylint rules (#34075)
enable testifylint rules disabled in:
https://github.com/go-gitea/gitea/pull/34054
2025-03-31 01:53:48 -04:00
Lunny Xiao
25b6f38865 Move ParseBool to optional (#33979) 2025-03-24 03:53:30 +00:00
wxiaoguang
f35850f48e Refactor error system (#33610) 2025-02-16 22:13:17 -08:00
wxiaoguang
7069369e03 Support performance trace (#32973)
1. Add a OpenTelemetry-like shim-layer to collect traces
2. Add a simple builtin trace collector and exporter, end users could
download the diagnosis report to get the traces.

This PR's design is quite lightweight, no hard-dependency, and it is
easy to improve or remove. We can try it on gitea.com first to see
whether it works well, and fine tune the details.

---------

Co-authored-by: silverwind <me@silverwind.io>
2025-01-21 18:57:07 +00:00
wxiaoguang
2564c15cb0 Remove some unnecessary template helpers (#33069)
DisableGitHooks and DisableImportLocal are only used when editing a
user, so only set them in `editUserCommon`
2025-01-01 18:02:34 +08:00
wxiaoguang
cd1b5488a3 Refactor pagination (#33037)
I am sure the simple approach should work, let's try it in 1.24

Follow #29834 and #29841
2024-12-30 01:57:38 +00:00
wxiaoguang
2a828e2798 Clarify path param naming (#32969)
In history (from some legacy frameworks), both `:name` and `name` are
supported as path path name, `:name` is an alias to `name`.

To make code consistent, now we should only use `name` but not `:name`.

Also added panic check in related functions to make sure the name won't
be abused in case some downstreams still use them.
2024-12-24 13:47:45 +00:00
wxiaoguang
a163c53a60 Refactor template & test related code (#32938)
Move some legacy code from "base" package to proper packages.
2024-12-22 15:33:19 +00:00
Lunny Xiao
751fe8b714 Move some errors to their own sub packages (#32880) 2024-12-20 18:05:29 +00:00
wxiaoguang
0f4b0cf892 Refactor some frontend problems (#32646)
1. correct the modal usage on "admin email list" page (then
`web_src/js/features/admin/emails.ts` is removed)
2. use `addDelegatedEventListener` instead of `jQuery().on`
3. more jQuery related changes and remove jQuery from
`web_src/js/features/common-button.ts`
4. improve `confirmModal` to make it support header, and remove
incorrect double-escaping
5. fix more typescript related types
6. fine tune devtest pages and add more tests
2024-11-26 15:36:55 +00:00
Lunny Xiao
c2217670dd Move admin routers from /admin to /-/admin (#32189)
Resolve #32181

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-10-10 04:56:49 +00:00
techknowlogick
f183783baa Save initial signup information for users to aid in spam prevention (#31852)
This will allow instance admins to view signup pattern patterns for
public instances. It is modelled after discourse, mastodon, and
MediaWiki's approaches.

Note: This has privacy implications, but as the above-stated open-source
projects take this approach, especially MediaWiki, which I have no doubt
looked into this thoroughly, it is likely okay for us, too. However, I
would be appreciative of any feedback on how this could be improved.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2024-09-09 17:05:16 -04:00
Denys Konovalov
83f37f6302 Remove urls from translations (#31950)
Part of #27700

Removes all URLs from translation strings to easy up changing them in
the future and to exclude people injecting malicious URLs through
translations. First measure as long as #24402 is out of scope.
2024-09-02 18:36:24 +00:00
yp05327
cc044818c3 Support delete user email in admin panel (#31690)
![QQ_1721784609320](https://github.com/user-attachments/assets/23f08bf3-93f4-44d7-963d-10380ef8c1f1)

![QQ_1721784616403](https://github.com/user-attachments/assets/667cbd1e-5e21-4489-8d18-2a7be85190db)

![QQ_1721784626722](https://github.com/user-attachments/assets/495beb94-dfa2-481c-aa60-d5115cad1ae1)

---------

Co-authored-by: Jason Song <i@wolfogre.com>
2024-07-25 18:11:04 +08:00
wxiaoguang
43c7a2e7b1 Refactor names (#31405)
This PR only does "renaming":

* `Route` should be `Router` (and chi router is also called "router")
* `Params` should be `PathParam` (to distingush it from URL query param, and to match `FormString`)
* Use lower case for private functions to avoid exposing or abusing
2024-06-19 06:32:45 +08:00
6543
363c123598 Add cache test for admins (#31265)
Add a test to probe the cache similar to the email test func.


![image](https://github.com/go-gitea/gitea/assets/24977596/700e2733-586d-4091-900f-f5f71e6e94bf)


![image](https://github.com/go-gitea/gitea/assets/24977596/2a953802-18fc-4e81-a37d-24ebe1297365)


![image](https://github.com/go-gitea/gitea/assets/24977596/e00d62ad-bb60-41cc-9138-09993daee156)

---------

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: silverwind <me@silverwind.io>
2024-06-17 21:22:39 +02:00
silverwind
fc2d75f86d Enable unparam linter (#31277)
Enable [unparam](https://github.com/mvdan/unparam) linter.

Often I could not tell the intention why param is unused, so I put
`//nolint` for those cases like webhook request creation functions never
using `ctx`.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
2024-06-11 18:47:45 +00:00
Lunny Xiao
b6f15c7948 Add missed return after ctx.ServerError (#31130) 2024-05-28 12:31:59 +03:00
wxiaoguang
339bc8bc8f Improve reverse proxy documents and clarify the AppURL guessing behavior (#31003)
Fix #31002

1. Mention Make sure `Host` and `X-Fowarded-Proto` headers are correctly passed to Gitea
2. Clarify the basic requirements and move the "general configuration" to the top
3. Add a comment for the "container registry"
4. Use 1.21 behavior if the reverse proxy is not correctly configured

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-05-19 14:56:08 +00:00
wxiaoguang
7424f27cf3 Check if reverse proxy is correctly configured (#30890)
Follow #27011
Follow #30885

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
2024-05-10 20:07:01 +08:00
wxiaoguang
7c613f100e Make sure git version&feature are always prepared (#30877)
Otherwise there would be more similar issues like #29287
2024-05-06 18:34:16 +02:00
Chongyi Zheng
e80466f734 Resolve lint for unused parameter and unnecessary type arguments (#30750)
Resolve all cases for `unused parameter` and `unnecessary type
arguments`

Related: #30729

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2024-04-29 08:47:56 +00:00
silverwind
9b2536b78f Update misspell to 0.5.1 and add misspellings.csv (#30573)
Misspell 0.5.0 supports passing a csv file to extend the list of
misspellings, so I added some common ones from the codebase. There is at
least one typo in a API response so we need to decided whether to revert
that and then likely remove the dict entry.
2024-04-27 08:03:49 +00:00
wxiaoguang
83f83019ef Clean up log messages (#30313)
`log.Xxx("%v")` is not ideal, this PR adds necessary context messages.
Remove some unnecessary logs.

Co-authored-by: Giteabot <teabot@gitea.io>
2024-04-07 19:17:06 +08:00
wxiaoguang
bbe5cd7c92 Refactor startup deprecation messages (#30305)
It doesn't change logic, it only does:

1. Rename the variable and function names
2. Use more consistent format when mentioning config section&key
3. Improve some messages
2024-04-07 01:11:25 +00:00
wxiaoguang
6d34ce25b1 Do not allow different storage configurations to point to the same directory (#30169)
Replace #29171
2024-03-31 03:03:24 +00:00
Lunny Xiao
f8ab9dafb7 Use db.ListOptionsAll instead of db.ListOptions{ListAll: true} (#29995) 2024-03-22 13:53:52 +01:00
wxiaoguang
a889381664 Remove AddParamIfExist(AddParam) (#29841)
Follow #29834

Remove AddParamIfExist, use "AddParamString" instead, it should clearly
know what is being added into the parameters.
2024-03-16 12:07:56 +00:00
wxiaoguang
e0ea3811c4 Refactor AddParam to AddParamIfExist (#29834)
When read the code: `pager.AddParam(ctx, "search", "search")`, the
question always comes: What is it doing? Where is the value from? Why
"search" / "search" ?

Now it is clear: `pager.AddParamIfExist("search", ctx.Data["search"])`
2024-03-16 10:20:13 +01:00
Zettat123
4129e0e79b Add a warning for disallowed email domains (#29658)
Resolve #29660

Follow #29522 and #29609

Add a warning for disallowed email domains when admins manually add/edit
users.

Thanks @yp05327 for the
[comment](https://github.com/go-gitea/gitea/pull/29605#issuecomment-1980105119)

![image](https://github.com/go-gitea/gitea/assets/15528715/6737b221-a3a2-4180-9ef8-b846c10f96e0)
2024-03-11 06:07:36 +00:00
Zettat123
136dd99e86 Skip email domain check when admins edit user emails (#29609)
Follow #29522

Administrators should be able to set a user's email address even if the
email address is not in `EMAIL_DOMAIN_ALLOWLIST`
2024-03-05 16:51:56 +00:00
Zettat123
4fd9c56ed0 Skip email domain check when admin users adds user manually (#29522)
Fix #27457

Administrators should be able to manually create any user even if the
user's email address is not in `EMAIL_DOMAIN_ALLOWLIST`.
2024-03-05 05:55:47 +00:00
6543
e3e6569c5f Add option to set language in admin user view (#28449)
![image](https://github.com/go-gitea/gitea/assets/24977596/be7e3f92-af3f-4628-b4ed-abf6439687f3)
`/admin/users/<UserID>/edit`


![image](https://github.com/go-gitea/gitea/assets/24977596/906af0dd-cceb-4ed9-9cd9-32c71ae1bf71)
`/admin/users/<UserID>`

---
*Sponsored by Kithara Software GmbH*
2024-03-02 22:55:02 +01:00
6543
a3f05d0d98 remove util.OptionalBool and related functions (#29513)
and migrate affected code

_last refactoring bits to replace **util.OptionalBool** with
**optional.Option[bool]**_
2024-03-02 16:42:31 +01:00
6543
f6656181e4 migrate some more "OptionalBool" to "Option[bool]" (#29479)
just some refactoring bits towards replacing **util.OptionalBool** with
**optional.Option[bool]**

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-02-29 18:52:49 +00:00
Lunny Xiao
29f149bd9f Move context from modules to services (#29440)
Since `modules/context` has to depend on `models` and many other
packages, it should be moved from `modules/context` to
`services/context` according to design principles. There is no logic
code change on this PR, only move packages.

- Move `code.gitea.io/gitea/modules/context` to
`code.gitea.io/gitea/services/context`
- Move `code.gitea.io/gitea/modules/contexttest` to
`code.gitea.io/gitea/services/contexttest` because of depending on
context
- Move `code.gitea.io/gitea/modules/upload` to
`code.gitea.io/gitea/services/context/upload` because of depending on
context
2024-02-27 08:12:22 +01:00
wxiaoguang
29a26d9d8c Customizable "Open with" applications for repository clone (#29320)
Users could customize the "clone" menu with their own application URLs on the admin panel.

Replace #22378
Close #21121
Close #22149
2024-02-24 13:12:17 +00:00
6543
4ba642d07d Revert "Support SAML authentication (#25165)" (#29358)
This reverts #25165 (5bb8d1924d), as there
was a chance some important reviews got missed.

so after reverting this patch it will be resubmitted for reviewing again

https://github.com/go-gitea/gitea/pull/25165#issuecomment-1960670242

temporary Open #5512 again
2024-02-24 12:18:49 +08:00
6543
7fbdb60fc1 Start to migrate from util.OptionalBool to optional.Option[bool] (#29329)
just create transition helper and migrate two structs
2024-02-23 02:18:33 +00:00