* Add single sign-on support via SSPI on Windows
* Ensure plugins implement interface
* Ensure plugins implement interface
* Move functions used only by the SSPI auth method to sspi_windows.go
* Field SSPISeparatorReplacement of AuthenticationForm should not be required via binding, as binding will insist the field is non-empty even if another login type is selected
* Fix breaking of oauth authentication on download links. Do not create new session with SSPI authentication on download links.
* Update documentation for the new 'SPNEGO with SSPI' login source
* Mention in documentation that ROOT_URL should contain the FQDN of the server
* Make sure that Contexter is not checking for active login sources when the ORM engine is not initialized (eg. when installing)
* Always initialize and free SSO methods, even if they are not enabled, as a method can be activated while the app is running (from Authentication sources)
* Add option in SSPIConfig for removing of domains from logon names
* Update helper text for StripDomainNames option
* Make sure handleSignIn() is called after a new user object is created by SSPI auth method
* Remove default value from text of form field helper
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Remove default value from text of form field helper
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Remove default value from text of form field helper
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Only make a query to the DB to check if SSPI is enabled on handlers that need that information for templates
* Remove code duplication
* Log errors in ActiveLoginSources
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Revert suffix of randomly generated E-mails for Reverse proxy authentication
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Revert unneeded white-space change in template
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Add copyright comments at the top of new files
* Use loopback name for randomly generated emails
* Add locale tag for the SSPISeparatorReplacement field with proper casing
* Revert casing of SSPISeparatorReplacement field in locale file, moving it up, next to other form fields
* Update docs/content/doc/features/authentication.en-us.md
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Remove Priority() method and define the order in which SSO auth methods should be executed in one place
* Log authenticated username only if it's not empty
* Rephrase helper text for automatic creation of users
* Return error if more than one active SSPI auth source is found
* Change newUser() function to return error, letting caller log/handle the error
* Move isPublicResource, isPublicPage and handleSignIn functions outside SSPI auth method to allow other SSO methods to reuse them if needed
* Refactor initialization of the list containing SSO auth methods
* Validate SSPI settings on POST
* Change SSPI to only perform authentication on its own login page, API paths and download links. Leave Toggle middleware to redirect non authenticated users to login page
* Make 'Default language' in SSPI config empty, unless changed by admin
* Show error if admin tries to add a second authentication source of type SSPI
* Simplify declaration of global variable
* Rebuild gitgraph.js on Linux
* Make sure config values containing only whitespace are not accepted
* move semantic.dropdown.custom.js to webpack
Also disabled a annoying linter rule which insisted that imports can not
contain a file extension.
Fixes: https://github.com/go-gitea/gitea/issues/8971
* reorganize web_src files and rebuild
* restart ci
- moved gitgraph.js to web_src and made it importable and es6-compatible
- created new webpack chunk for gitgraph
- enabled CSS loader in webpack
- enabled async/await syntax via regenerator-runtime
- added script to ensure webpack chunks are loaded correctly
- disable terser's comment extraction to prevent .LICENCE files
gitgraph.js has many issues:
1. it is incompatible with ES6 because of strict-mode violations
1. it does not export anything
1. it's css has weird styles like for `body`
1. it is not available on npm
I fixed points 1-3 in our version so it's now loadable in webpack. We should eventually consider alternatives.
* Add add 'write' 'preview' buttons to wiki edit like in issues
affects #6975
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* update dark theme
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* fix css lint warnings - missing spaces
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* hide preview button on no fullscreen toolbar
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* wiki - enable side-by-side button in editor
and add some delay so side-by-side live preview is updated
* every 10th keypress
* if keypress < 10 -> apter no input for 1 sec
affects #5436
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* decrease timeinterval user need to stop before rendering is triggered
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* removed not needed code with simpleMDE placeholder
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* run highlight.js on markdown preview
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* fix white border around side-by-side preview
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* modernize js and use babel
- add babel toolchain to transform modern JS to ES5
- extend eslint config for modern rules
- fixes linting issues via `eslint --fix` and manual fixes
* run 'make css' to satisfy CI
* code style tweaks and set js indendation to 2 in .editorconfig
* regenerate js
* Allow to add and remove all repositories to team.
* Change style, buttons on same row.
* Apply suggestions from code review
Grammar
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Move set num repos to lower function.
* Make general language sentences
* js: Import Semantic-UI's dropdown.js (version 2.3.1)
* js: Set tabindex=-1 on dropdown items
Setting tabindex=-1 on focusable elements within dropdown menus allows
the user to treat dropdown menus as a single focusable item with its own
internal navigation using arrow keys.
* js: Don't use jQuery to click menu items
Menu items are often <a> elements, which jQuery refuses to trigger click
events on. Instead it just bubbles up to the menu.
Using HTMLElement's click method fixes this and makes menu items
clickable from the keyboard using dropdown menus.
* js: Set correct ARIA 1.1 roles on dropdown menus
Setting role= makes assistive technology aware there is a widget here.
In this case, Orca will now exit browse mode and allow us to capture
keydown events when focused on a dropdown menu. It will also inform the
user that there's a menu focused.
Since dropdowns can be used in multiple elements each with different
ARIA roles, a guessRole method is used to find the correct role.
All roles I consider possible are listed, but only menu is implemented.
* js: Set aria-expanded when dropdown menus show and hide
This is deliberately done before the transition finishes so that screen
readers get immediate feedback.
* js: Set aria-label or aria-labelledby on dropdown menus
This makes dropdown menu buttons screen reader accessible.
aria-labelledby refers to an element using an ID, so the chosen labels
are now assigned a unique ID- This ID is not stable, do not refer to it
with user scripts.
* js: Set aria-activedescendant on dropdown menus
As the menus grab focus and navigate by tracking a 'selected' div class,
assistive technology has no idea that what the current selection is.
Assign IDs to each menu item and set aria-activedescendant to the ID of
the currently selected menu item.
When the menu is unfocused, remove aria-activedescendant- This isn't
neccessary but in my experience it triggers Orca to remind the user of
their current selection when re-focusing the menu.
* Makefile: Make eslint ignore semantic.dropdown.js
This file is taken from Semantic UI which isn't linted upstream.
Ignore it as we won't fix these issues.
* js: Add version note to semantic.dropdown.js
* Add Md5 AppVer to templates/base/footer.tmpl
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Add Md5 AppVer to templates/pwa/serviceworker_js.tmpl
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* semantic.dropdown.js -> semantic.dropdown.custom.js
* Use eslintignore
* remove bogus submodule
* Fix commit expand button to not go to commit link
* Fix message rendering to have correct HTML in result
* Fix check for empty commit message
* Code optimization
* in progress changes for #7405, added ability to add cross-repo dependencies
* removed unused repolink var
* fixed query that was breaking ci tests; fixed check in issue dependency add so that the id of the issue and dependency is checked rather than the indexes
* reverted removal of string in local files becasue these are done via crowdin, not updated manually
* removed 'Select("issue.*")' from getBlockedByDependencies and getBlockingDependencies based on comments in PR review
* changed getBlockedByDependencies and getBlockingDependencies to use a more xorm-like query, also updated the sidebar as a result
* simplified the getBlockingDependencies and getBlockedByDependencies methods; changed the sidebar to show the dependencies in a different format where you can see the name of the repository
* made some changes to the issue view in the dependencies (issue name on top, repo full name on separate line). Change view of issue in the dependency search results (also showing the full repo name on separate line)
* replace call to FindUserAccessibleRepoIDs with SearchRepositoryByName. The former was hardcoded to use isPrivate = false on the repo search, but this code needed it to be true. The SearchRepositoryByName method is used more in the code including on the user's dashboard
* some more tweaks to the layout of the issues when showing dependencies and in the search box when you add new dependencies
* added Name to the RepositoryMeta struct
* updated swagger doc
* fixed total count for link header on SearchIssues
* fixed indentation
* fixed aligment of remove icon on dependencies in issue sidebar
* removed unnecessary nil check (unnecessary because issue.loadRepo is called prior to this block)
* reverting .css change, somehow missed or forgot that less is used
* updated less file and generated css; updated sidebar template with styles to line up delete and issue index
* added ordering to the blocked by/depends on queries
* fixed sorting in issue dependency search and the depends on/blocks views to show issues from the current repo first, then by created date descending; added a "all cross repository dependencies" setting to allow this feature to be turned off, if turned off, the issue dependency search will work the way it did before (restricted to the current repository)
* re-applied my swagger changes after merge
* fixed split string condition in issue search
* changed ALLOW_CROSS_REPOSITORY_DEPENDENCIES description to sound more global than just the issue dependency search; returning 400 in the cross repo issue search api method if not enabled; fixed bug where the issue count did not respect the state parameter
* when adding a dependency to an issue, added a check to make sure the issue and dependency are in the same repo if cross repo dependencies is not enabled
* updated sortIssuesSession call in PullRequests, another commit moved this method from pull.go to pull_list.go so I had to re-apply my change here
* fixed incorrect setting of user id parameter in search repos call
* Enabling and disabling the commit button to prevent empty commits
Signed-off-by: LukBukkit <luk.bukkit@gmail.com>
* The button won't get enabled if you change the commit message
Signed-off-by: LukBukkit <luk.bukkit@gmail.com>
* Fixes a spelling mistake for 'silent'
Signed-off-by: LukBukkit <luk.bukkit@gmail.com>
* Allow committing / adding empty files from the web ui (#8420)
Signed-off-by: LukBukkit <luk.bukkit@gmail.com>
* Add a modal to confirm the commit of an empty file
Signed-off-by: LukBukkit <luk.bukkit@gmail.com>
* Api endpoint for searching teams.
Signed-off-by: dasv <david.svantesson@qrtech.se>
* Move API to /orgs/:org/teams/search
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Regenerate swagger
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix search is Get
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add test for search team API.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Update routers/api/v1/org/team.go
grammar
Co-Authored-By: Richard Mahn <richmahn@users.noreply.github.com>
* Fix review comments
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix some issues in repo collaboration team search, after changes in this PR.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Remove teamUser which is not used and replace with actual user id.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Remove unused search variable UserIsAdmin.
* Add paging to team search.
* Re-genereate swagger
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix review comments
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* fix
* Regenerate swagger
* Add teams to repo on collaboration page.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add option for repository admins to change teams access to repo.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add comment for functions
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Make RepoAdminChangeTeamAccess default false in xorm and make it default checked in template instead.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Make proper language strings and fix error redirection.
* Add unit tests for adding and deleting team from repository.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add database migration
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix redirect
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix locale string mismatch.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Move team access mode text logic to template.
* Move collaborator access mode text logic to template.
* Create API endpoints for repo topics.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Generate swagger
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add documentation to functions
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Grammar fix
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix function comment
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Can't use FindTopics when looking for a single repo topic, as it doesnt use exact match
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add PUT /repos/{owner}/{repo}/topics and remove GET /repos/{owner}/{repo}/topics
* Ignore if topic is sent twice in same request, refactoring.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix topic dropdown with api changes.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Style fix
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Update API documentation
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Better way to handle duplicate topics in slice
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Make response element TopicName an array of strings, instead of using an array of TopicName
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add test cases for API Repo Topics.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix format of tests
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix comments
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix unit tests after adding some more topics to the test fixture.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Update models/topic.go
Limit multiple if else if ...
Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>
* Engine as first parameter in function
Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>
* Replace magic numbers with http status code constants.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix variable scope
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Test one read with login and one with token
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add some more tests
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Apply suggestions from code review
Use empty struct for efficiency
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Add test case to check access for user with write access
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix access, repo admin required to change topics
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Correct first test to be without token
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Any repo reader should be able to access topics.
* No need for string pointer
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* display ui time with customize time location
* fix lint
* rename UILocation to DefaultUILocation
* move time related functions to modules/timeutil
* fix tests
* fix tests
* fix build
* fix swagger
* Fix syntax highlight initialization
Previously hljs was initialized via a function that relies on the
DOMContentLoaded event, registerd after jQuery's 'ready' event. I assume
that with the recent jQuery update, DOMContentLoaded may not be
guaranteed to fire after 'ready'. Fixed this via vanilla JS initalization.
Fixes: https://github.com/go-gitea/gitea/issues/7559
* semicolon
* Fixes#7474 - Handles all redirects for Web UI File CRUD
* Fixes lint errors
* Typo fix
* Adds unit tests for a few helper functions
* Fixes per review
* Fix for new branch creation and to unit test
* Fixes the template used for errors on delete
* fix/define autochecked checkboxes on issue list on firefox
- close: deselect all
- nonclose: show buttons for close/label/milestone...
fix#7311
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* remove unnessesary timeouts
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* add comments in code - this is targeting firefox
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* fix post parameter - issue list - assignee
fix#7328 - remove assignee on issue list return 500
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* add missing semicolons
Signed-off-by: Michael Gnehr <michael@gnehr.de>
- ran `make npm-update`
- ran `make js`, fixed new lint issue
- ran `make css`, this added back some vendor prefixes
- added `engines` property to package.json to specify minimum required
Node.js version
- added `private` property to package.json to prevent accidential
publishing to npm
* - do not select if escape is pressed
- allow prefixes by adding current request content to result list
- remove html-tags before insert on page
fix#7126
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* sort current query to top
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* remove already added topics from dropdown list
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* protoct against xss
thanks to @silverwind
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* fix extra newlines when copying from diff
See https://bugzilla.mozilla.org/show_bug.cgi?id=1273836
Basically, the <pre><code> seems to add a forced newline that is not
possible to get rid of via CSS, so I replaced it with just a <code>.
Secondly, .lines-type-marker also forced a newline in the copied text,
but that was possible to get rid of via user-select.
Safari still has a extraneous newline in the copied text of unknown
origin, but this should not block stop this PR.
* simplify .line-type-marker
* fix selector
* remove erronous ^^^
* Fix empty split diff
* Fix arc-theme-green
* fix add comment
* ensure line-num is copied too
* Update templates/repo/diff/box.tmpl
Co-Authored-By: zeripath <art27@cantab.net>
* attempt to fix safari via removing <code>
* remove useless whitespace at the end of 'class'
* remove inter-tag whitespace for code <td>s
* more inter-tag removal
* final inter-tag removal
* attempt to fix empty line copy
* move and comment getLineContent
* fix golint
* make background grey for missing added code
* fix colors in dark theme - tables inside rendered markdown
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* fix colors in dark theme - simpleMDE rendered preview
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* Update public/less/themes/arc-green.less
remove scroll bar color, to add this globally on additional PR
Co-Authored-By: Lauris BH <lauris@nix.lv>
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* add missing class name
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* Supports tags when comparing commits or branches
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Hide headline when only comparing and don't load unused data
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Merges compare logics to allow comparing branches, commits and tags with eachother
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Display branch or tag instead of commit when used for comparing
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Show pull request form after click on button
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Transfers relevant pull.go changes from master to compare.go
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Fixes error when comparing forks against a commit or tag
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Removes console.log from JavaScript file
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Show icon next to commit reference when comparing branch or tag
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Updates css file
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Fixes import order
* Renames template variable
* Update routers/repo/compare.go
Co-Authored-By: zeripath <art27@cantab.net>
* Update from master
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Allow short-shas in compare
* Renames prInfo to compareInfo
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Check PR permissions only if compare is pull request
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Adjusts comment
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Use compareInfo instead of prInfo
* Adds auto-name if repo name is blank
Adds error checking before sanitization in migration
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Changed err from sanitization to a different variable
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Remove handleCreatePost and implement separately
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Make fmt
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* add make targets for js,css, add javascript linter
- add `make js`, deprecating `make javascripts`
- add `make css`, deprecating `make generate-stylesheets` and
`make stylesheets-check`
- changed the unclean css check to only run on CI
- add JS linting via eslint with basic configuration and fixed
discovered issues
- changed autoprefixer to use official `postcss-cli` avoiding the need
to loop in the makefile
- moved browserslist to package.json so other future tools can use it
too.
- update documentation for new make targets and added JS section
* fix indentation
* move functions used in html to 'exported' list
* Run lessc binary without having to install anything to node_modules
* use relative paths to node bin scripts, removing npx
* Revert "use relative paths to node bin scripts, removing npx"
This reverts commit 119b725525.
* fix lessc and postcss plugins
* check for node_modules and use actual bin names