1
1
mirror of https://github.com/go-gitea/gitea synced 2024-12-22 16:44:26 +00:00
Commit Graph

18668 Commits

Author SHA1 Message Date
Rowan Bohde
16a7d343d7
Validate OAuth Redirect URIs (#32643)
This fixes a TODO in the code to validate the RedirectURIs when adding
or editing an OAuth application in user settings.

This also includes a refactor of the user settings tests to only create
the DB once per top-level test to avoid reloading fixtures.
2024-11-28 10:50:27 +08:00
Kerwin Bryant
68d9f36543
Allow cropping an avatar before setting it (#32565)
Provide a cropping tool on the avatar editing page, allowing users to
select the cropping area themselves. This way, users can decide the
displayed area of the image, rather than us deciding for them.

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Giteabot <teabot@gitea.io>
2024-11-28 02:15:59 +00:00
silverwind
f1bea3c3b8
Add webpack EnvironmentPlugin (#32661)
Fixes: https://github.com/go-gitea/gitea/issues/32660

Environment vars in Webpack need to be declared in the config, otherwise
they will not be elimininated during compilation.
2024-11-28 01:50:54 +00:00
Lunny Xiao
f62f68cbdd
Move team related functions to service layer (#32537)
There are still some functions under `models` after last big refactor
about `models`. This change will move all team related functions to
service layer with no code change.
2024-11-27 21:12:26 +00:00
wxiaoguang
5a50b271e7
Make frontend unit test code could know it is in testing (#32656)
See the comment of isInFrontendUnitTest
2024-11-28 01:40:32 +08:00
6543
846f618716
Add priority to protected branch (#32286)
## Solves

Currently for rules to re-order them you have to alter the creation
date. so you basicly have to delete and recreate them in the right
order. This is more than just inconvinient ...

## Solution

Add a new col for prioritization

## Demo WebUI Video

https://github.com/user-attachments/assets/92182a31-9705-4ac5-b6e3-9bb74108cbd1


---
*Sponsored by Kithara Software GmbH*
2024-11-27 05:41:06 +01:00
silverwind
3fc1bbe971
Regenerate fomantic package-lock.json (#32650)
Fixes: https://github.com/go-gitea/gitea/security/dependabot/83
Fixes: https://github.com/go-gitea/gitea/security/dependabot/84

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-27 04:04:12 +00:00
wxiaoguang
6e507c45ed
Fix global form submit event (#32652) 2024-11-27 11:54:50 +08:00
Lunny Xiao
f49d82309b
Introduce OrgList and add LoadTeams, optimaze Load teams for orgs (#32543) 2024-11-26 21:55:06 +00:00
wxiaoguang
b6ce2d6dc9
Refactor markup render system (#32645)
This PR mainly removes some global variables, moves some code and
renames some functions to make code clearer.

This PR also removes a testing-only option ForceHardLineBreak during
refactoring since the behavior is clear now.
2024-11-26 16:46:02 +00:00
hiifong
87bb5ed0bc
Fix: passkey login not working anymore (#32623)
Quick fix #32595, use authenticator auth flags to login

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-26 16:04:17 +00:00
wxiaoguang
0f4b0cf892
Refactor some frontend problems (#32646)
1. correct the modal usage on "admin email list" page (then
`web_src/js/features/admin/emails.ts` is removed)
2. use `addDelegatedEventListener` instead of `jQuery().on`
3. more jQuery related changes and remove jQuery from
`web_src/js/features/common-button.ts`
4. improve `confirmModal` to make it support header, and remove
incorrect double-escaping
5. fix more typescript related types
6. fine tune devtest pages and add more tests
2024-11-26 15:36:55 +00:00
wxiaoguang
722e703c6b
Bypass vitest bug (#32647) 2024-11-26 23:10:45 +08:00
william-allspice
88f5d33ab2
Fix race condition in mermaid observer (#32599)
This Pull Request addresses a race condition in the updateIframeHeight
function where it is sometimes called when the iframe is not fully
loaded or accessible resulting in an alarming error message for the
user.

To address this we:
1. Add defensive programming within the updateIframeHeight function
2. Delay instantiating the intersection observer until the iframe has
loaded

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-26 06:37:24 +00:00
wxiaoguang
9ed768adc4
Improve oauth2 scope token handling (#32633) 2024-11-26 02:03:02 +00:00
Kerwin Bryant
25cacaf0aa
Fixed Issue of Review Menu Shown Behind (#32631)
Fixed #31144 

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-26 09:24:56 +08:00
Lunny Xiao
703be6bf30
Add github compatible tarball download API endpoints (#32572)
Fix #29654 
Fix #32481
2024-11-25 19:35:49 +00:00
wxiaoguang
44909f6e2c
Fix markup render regression and fix some tests (#32640)
Fix #32639,
https://github.com/go-gitea/gitea/issues/32608#issuecomment-2497918210

By the way, fix some incorrect SQLs (use single quote but not double
quote)
2024-11-26 03:04:55 +08:00
wxiaoguang
5d57c287fb
Fix sqlite3 test (#32622) 2024-11-25 06:10:11 +00:00
Lunny Xiao
c363bd06e9
Strict pagination check (#32548) 2024-11-25 09:56:50 +08:00
wxiaoguang
633785a5f3
Refactor markup render system (#32612)
This PR removes (almost) all path tricks, and introduces "renderhelper"
package.

Now we can clearly see the rendering behaviors for comment/file/wiki,
more details are in "renderhelper" tests.

Fix #31411 , fix #18592, fix #25632 and maybe more problems. (ps: fix
#32608 by the way)
2024-11-24 16:18:57 +08:00
silverwind
fa175c1694
Add vue-tsc (#32601)
As per https://vuejs.org/guide/typescript/overview#overview,
typescript's `tsc` does not support importing `.vue` files from `.ts`
files, so we need to use `vue-tsc` which patches in that support. Added
a convenience alias `make tsc` to run it.
2024-11-23 23:02:37 +00:00
Michael Owoc
713364fc71
Support optional/configurable IAMEndpoint for Minio Client (#32581) (#32581)
Targeting issue #32271

This modification allows native Kubernetes + AWS (EKS) authentication
with the Minio client, to Amazon S3 using the IRSA role assigned to a
Service account by replacing the hard coded reference to the
`DefaultIAMRoleEndpoint` with an optional configurable endpoint.

Internally, Minio's `credentials.IAM` provider implements a discovery
flow for IAM Endpoints if it is not set.

For backwards compatibility: 
- We have added a configuration mechanism for an `IamEndpoint` to retain
the unit test safety in `minio_test.go`.
- We believe existing clients will continue to function the same without
needing to provide a new config property since the internals of Minio
client also often resolve to the `http://169.254.169.254` default
endpoint that was being hard coded before

To test, we were able to build a docker image from source and, observe
it choosing the expected IAM endpoint, and see files uploaded via the
client.
2024-11-22 20:12:06 +00:00
Yarden Shoham
f2a9951741
Update the list of watchers and stargazers when clicking watch/unwatch or star/unstar (#32570)
We make sure the user cards are updated

- Fixes https://github.com/go-gitea/gitea/issues/32561

I also removed `ctx.Data["PageIsWatchers"] = true` and
`ctx.Data["PageIsStargazers"] = true` as they are not used anywhere.

# Before

![before](https://github.com/user-attachments/assets/e3bc3235-35eb-4eda-862d-bdf2510282ea)

# After

![after](https://github.com/user-attachments/assets/bc0488a5-8399-4cf6-95c9-17328a9702eb)

---------

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2024-11-22 18:51:51 +00:00
hiifong
ae90b21db0
Apply to became a maintainer (#32614)
[PRs
list](https://github.com/go-gitea/gitea/pulls?q=is%3Apr+author%3Ahiifong+is%3Aclosed+is%3Amerged)
2024-11-22 18:26:05 +00:00
Lunny Xiao
fe49cb0243
Fix get reviewers' bug (#32415)
This PR rewrites `GetReviewer` function and move it to service layer.

Reviewers should not be watchers, so that this PR removed all watchers
from reviewers. When the repository is under an organization, the pull
request unit read permission will be checked to resolve the bug of
#32394

Fix #32394
2024-11-22 10:44:48 -05:00
Kerwin Bryant
bc7d599030
Fix issues with inconsistent spacing in areas (#32607)
Fix issues with inconsistent spacing in areas where the branch_dropdown
component is used.
before:

![1732238359257](https://github.com/user-attachments/assets/38edda1f-ec4e-419e-9264-68009375d177)

![1732238334410](https://github.com/user-attachments/assets/c4770aea-bc83-477c-9b6a-632f984c0d7d)

after:

![1732238273317](https://github.com/user-attachments/assets/4d05068e-db97-45af-86c4-29442dff1bdf)

![1732238723881](https://github.com/user-attachments/assets/69acd286-f79b-44fe-ad73-2d5fc6dfc98c)

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-22 06:12:50 +00:00
wxiaoguang
c4e27cb27b
Refactor markup render system (#32589)
This PR mainly moves some code and introduces `RenderContext.WithXxx`
functions
2024-11-22 05:48:09 +00:00
Kerwin Bryant
81ac8d914c
Style unification for the issue_management area (#32605)
Style unification for the issue_management area (consistent across the
layout

before:

![1732237277916](https://github.com/user-attachments/assets/52a20b2d-d6a4-4118-9cdf-9b377115b7f7)

![1732237288802](https://github.com/user-attachments/assets/05592fe8-cab2-412b-99bc-f0a201c08413)

![1732237299849](https://github.com/user-attachments/assets/8be4a891-c514-4983-bad4-fcc5a7a9d838)

after:

![1732237471086](https://github.com/user-attachments/assets/0bd19ef6-79c1-490a-8ffa-6a42208befd9)

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-22 04:33:31 +00:00
Marcell Mars
a3881ffa3d
Enhancing Gitea OAuth2 Provider with Granular Scopes for Resource Access (#32573)
Resolve #31609

This PR was initiated following my personal research to find the
lightest possible Single Sign-On solution for self-hosted setups. The
existing solutions often seemed too enterprise-oriented, involving many
moving parts and services, demanding significant resources while
promising planetary-scale capabilities. Others were adequate in
supporting basic OAuth2 flows but lacked proper user management
features, such as a change password UI.

Gitea hits the sweet spot for me, provided it supports more granular
access permissions for resources under users who accept the OAuth2
application.

This PR aims to introduce granularity in handling user resources as
nonintrusively and simply as possible. It allows third parties to inform
users about their intent to not ask for the full access and instead
request a specific, reduced scope. If the provided scopes are **only**
the typical ones for OIDC/OAuth2—`openid`, `profile`, `email`, and
`groups`—everything remains unchanged (currently full access to user's
resources). Additionally, this PR supports processing scopes already
introduced with [personal
tokens](https://docs.gitea.com/development/oauth2-provider#scopes) (e.g.
`read:user`, `write:issue`, `read:group`, `write:repository`...)

Personal tokens define scopes around specific resources: user info,
repositories, issues, packages, organizations, notifications,
miscellaneous, admin, and activitypub, with access delineated by read
and/or write permissions.

The initial case I wanted to address was to have Gitea act as an OAuth2
Identity Provider. To achieve that, with this PR, I would only add
`openid public-only` to provide access token to the third party to
authenticate the Gitea's user but no further access to the API and users
resources.

Another example: if a third party wanted to interact solely with Issues,
it would need to add `read:user` (for authorization) and
`read:issue`/`write:issue` to manage Issues.

My approach is based on my understanding of how scopes can be utilized,
supported by examples like [Sample Use Cases: Scopes and
Claims](https://auth0.com/docs/get-started/apis/scopes/sample-use-cases-scopes-and-claims)
on auth0.com.

I renamed `CheckOAuthAccessToken` to `GetOAuthAccessTokenScopeAndUserID`
so now it returns AccessTokenScope and user's ID. In the case of
additional scopes in `userIDFromToken` the default `all` would be
reduced to whatever was asked via those scopes. The main difference is
the opportunity to reduce the permissions from `all`, as is currently
the case, to what is provided by the additional scopes described above.

Screenshots:

![Screenshot_20241121_121405](https://github.com/user-attachments/assets/29deaed7-4333-4b02-8898-b822e6f2463e)

![Screenshot_20241121_120211](https://github.com/user-attachments/assets/7a4a4ef7-409c-4116-9d5f-2fe00eb37167)

![Screenshot_20241121_120119](https://github.com/user-attachments/assets/aa52c1a2-212d-4e64-bcdf-7122cee49eb6)

![Screenshot_20241121_120018](https://github.com/user-attachments/assets/9eac318c-e381-4ea9-9e2c-3a3f60319e47)
---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-22 12:06:41 +08:00
Lunny Xiao
a175f9805c
Add line-through for deleted branch on pull request view page (#32500)
Base branch deleted

![图片](https://github.com/user-attachments/assets/bc45aa33-d514-47c8-885a-de9732f2f3d5)

branch deleted comment

![图片](https://github.com/user-attachments/assets/83729bbb-2ee8-4bd3-b6f1-780d2daad3d4)

Head branch deleted

![图片](https://github.com/user-attachments/assets/90120b22-34a9-4387-aae9-5c882e8d421a)
2024-11-21 17:04:18 +00:00
wxiaoguang
a32cfb2a8d
Fix issue sidebar regression (#32598) 2024-11-22 00:38:34 +08:00
wxiaoguang
e90753a712
Fix PR diff review form submit (#32596)
Fix #31622, there is a longstanding bug in #19612, 
it doesn't handle submit event, correctly.
2024-11-21 14:09:16 +00:00
silverwind
675c288811
Fix some typescript issues (#32586)
Fixes around 30 or so typescript errors. No runtime changes.
2024-11-21 13:57:42 +00:00
Lunny Xiao
9bf821ae6c
Fix GetInactiveUsers (#32540)
Fix #31480
2024-11-21 04:55:32 +00:00
Rowan Bohde
9ac74a1a40
disable gravatar in test (#32529)
When running e2e tests on flaky networks, gravatar can cause a timeout
and test failures. Turn off, and populate avatars on e2e test suite run
to make them reliable.
2024-11-21 04:30:48 +00:00
silverwind
d11f8d24b0
Add 'Copy path' button to file view (#32584)
Also adds a tooltip which is replicated to the same button in the diff
box. Fixes: https://github.com/go-gitea/gitea/issues/32583
2024-11-21 04:03:17 +00:00
wxiaoguang
07373f1d5d
Improve issue sidebar UI (#32587)
1. remove duplicate dividers
2. align reviewer items
3. merge & remove unused CSS styles


Before:

<details>


![image](https://github.com/user-attachments/assets/1b3121ee-b5fa-4fe9-b0f2-344d96dc5fbc)


![image](https://github.com/user-attachments/assets/ba8b97e6-114d-488c-adee-48f6c7a3b580)

</details>

After:

<details>


![image](https://github.com/user-attachments/assets/978eab3e-a5d7-4b68-90ce-079b61994d25)


![image](https://github.com/user-attachments/assets/a8b58a27-dd05-4c8d-be60-816439ce77c6)


![image](https://github.com/user-attachments/assets/b7e6a16c-bf98-4465-a805-9f4a642d366e)

</details>
2024-11-21 03:31:54 +00:00
Kerwin Bryant
efb55cd8ef
Supplement and Improvement for #32558 (#32585)
Thank you for @wxiaoguang's reminders and suggestions:
https://github.com/go-gitea/gitea/pull/32558#discussion_r1849972913
2024-11-21 02:42:37 +00:00
a1012112796
23d0f9083e
make search box in issue sidebar dropdown list always show when scrolling (#32576)
as title, replace #31597 after #32460 

---------

Signed-off-by: a1012112796 <1012112796@qq.com>
2024-11-21 09:23:50 +08:00
Lunny Xiao
33850a83fe
Fix submodule parsing (#32571)
Fix #32568, parse `.gitmodules` correctly

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-20 19:26:12 +00:00
Rowan Bohde
407b6e6dfc
allow the actions user to login via the jwt token (#32527)
We have some actions that leverage the Gitea API that began receiving
401 errors, with a message that the user was not found. These actions
use the `ACTIONS_RUNTIME_TOKEN` env var in the actions job to
authenticate with the Gitea API. The format of this env var in actions
jobs changed with go-gitea/gitea/pull/28885 to be a JWT (with a
corresponding update to `act_runner`) Since it was a JWT, the OAuth
parsing logic attempted to parse it as an OAuth token, and would return
user not found, instead of falling back to look up the running task and
assigning it to the actions user.

Make ACTIONS_RUNTIME_TOKEN in action runners could be used,
attempting to parse Oauth JWTs. The code to parse potential old
`ACTION_RUNTIME_TOKEN` was kept in case someone is running an older
version of act_runner that doesn't support the Actions JWT.
2024-11-20 15:24:09 +00:00
Marcell Mars
56bff7ae23
Support HTTP POST requests to /userinfo, aligning to OpenID Core specification (#32578)
This PR adds support for the HTTP POST requests to `/userinfo` endpoint.
While the OpenID Core specification says both are supported and
recommends using HTTP GET.

ref: https://openid.net/specs/openid-connect-core-1_0.html#UserInfo
2024-11-20 14:22:48 +00:00
Kemal Zebari
355889dbc2
Remove duplicate empty repo check in delete branch API (#32569)
Found while working on #32433.

This branch will never be executed because we have would have already
made the same check a couple lines above.
2024-11-20 01:05:06 +00:00
Kerwin Bryant
69268ee19f
Optimize installation-page experience (#32558)
![3000-gogitea-gitea-kiagpwhqbx1 ws-us116 gitpod io_
(1)](https://github.com/user-attachments/assets/7f9ff835-7122-420e-83a9-218a1b9c7030)
Highlight the path of the configuration file with a label-style emphasis
and provide a quick copy button.
2024-11-20 00:39:57 +00:00
Lunny Xiao
0d5abd9b3e
Remove unnecessary code (#32560)
PushMirrors only be used in the repository setting page. So it should
not be loaded on every repository page.
2024-11-19 16:21:13 +00:00
Kerwin Bryant
32456b6f31
Fix a compilation error in the Gitpod environment (#32559)
When opening the latest code in **Gitpod** and running `make
lint-backend`, the following error occurs:
```bash
gitpod /workspace/gitea (main) $ make lint-backend
go run github.com/golangci/golangci-lint/cmd/golangci-lint@v1.60.3 run
# internal/profilerecord
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/goarch
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# unicode/utf8
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/coverage/rtcov
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/byteorder
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# cmp
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/itoa
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/race
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/goos
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/unsafeheader
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# unicode
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/godebugs
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/asan
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# math/bits
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/goexperiment
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/msan
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/runtime/atomic
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# sync/atomic
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/runtime/syscall
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# crypto/internal/alias
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# encoding
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# log/internal
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# vendor/golang.org/x/crypto/cryptobyte/asn1
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/golangci/golangci-lint/pkg/exitcodes
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/cpu
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# unicode/utf16
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# container/list
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# crypto/subtle
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/goversion
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# golang.org/x/exp/maps
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/ccojocar/zxcvbn-go/match
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# golang.org/x/exp/constraints
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# golang.org/x/tools/internal/packagesinternal
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/quasilyte/go-ruleguard/dsl/types
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# vendor/golang.org/x/crypto/internal/alias
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/nettrace
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/google/go-cmp/cmp/internal/flags
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/gobwas/glob/util/runes
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# internal/platform
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# crypto/internal/boring/sig
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/quasilyte/gogrep/internal/stdinfo
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/daixiang0/gci/pkg/utils
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/quasilyte/stdinfo
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/Antonboom/testifylint/internal/testify
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# hash/maphash
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# github.com/nunnatsa/ginkgolinter/version
compile: version "go1.23.1" does not match go tool version "go1.22.9"
# google.golang.org/protobuf/internal/flags
compile: version "go1.23.1" does not match go tool version "go1.22.9"
make: *** [Makefile:413: lint-go] Error 1
```
2024-11-19 14:57:55 +08:00
Baltazár Radics
5eb0ee49a1
Use user.FullName in Oauth2 id_token response (#32542)
This makes `/login/oauth/authorize` behave the same way as the
`/login/oauth/userinfo` endpoint.
2024-11-18 19:24:17 +08:00
Lunny Xiao
896314c7a2
Fix some places which doesn't repsect org full name setting (#32243)
Partially fix #31345
2024-11-18 06:24:49 +00:00
Lunny Xiao
696fbe6036
Refactor push mirror find and add check for updating push mirror (#32539)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-18 05:59:04 +00:00