Backport #18414
The endpoint /{username}/{reponame}/milestone/{id} is not currently restricted to
the repo. This PR restricts the milestones to those within the repo.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Use common sessioner for API and web routes
Since the regenerate session ID PR some users of the memory session provider have been
reporting difficulties with getting API results.
I am uncertain as to why this is happening - but I think that the sessioner being
created twice may be a potential cause for this. Therefore this PR attempts to move
this out to a common sessioner as it is in 1.16.
Fix#18070
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update routers/init.go
Backport #18086
A consequence of forcibly setting the RoutePath to the escaped url is that the
auto routing to endpoints without terminal slashes fails (Causing #18060.) This
failure raises the possibility that forcibly setting the RoutePath causes other
unexpected behaviors too.
Therefore, instead we should simply pre-escape the URL in the process registering
handler. Then the request URL will be properly escaped for all the following calls.
Fix#17938Fix#18060
Replace #18062
Replace #17997
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Correctly handle failed migrations
There is a bug in handling failed migrations whereby the migration task gets decoupled
from the migration repository. This leads to a failure of the task to get deleted with
the repository and also leads to the migration failed page resulting in a ISE.
This PR removes the zeroing out of the task id from the migration but also makes
the migration handler tolerate missing tasks much nicer.
Fix#17571
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Backport #17734
When logging in reset the user's locale to ensure that it matches their
preferred locale.
Fix#15612
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #18062
PR #17997 means that urls with terminal '/' are no longer immediately mapped
to the url without a terminal slash. However, it has revealed that the NotFound handler
appears to have been lost.
This PR adds back in a NotFound handler that simply redirects to a path without the
terminal slash or runs the NotFound handler.
Fix#18060
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #18049
Repository Transfer requires that the repository directory is renamed - which
is not possible on Windows if the git repository is open.
Fix#17885
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #18045
The current code unfortunately requires that `action` be a reserved
repository name as it prevents posts to change the settings for
action repositories. However, we can simply change action handler
to work on POST /{username} instead.
Fix#18037
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #18018
When logging in the SessionID should be reset and the session cleaned up.
Also logs the user in on completion of linking account
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #18023
Although we reset the locale in a number of places there were several ways of logging in that were missing the same code.
Fix#18020
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
Backport #18005
It appears that there are several places that password length, complexity and ispwned
are not currently been checked when changing passwords. This PR adds these.
Fix#17977
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #17498
The call to html.EscapeString in routers/web/repo/blame.go:renderBlame is extraneous
as the commit message is now rendered by the template. The template will correctly
escape strings - therefore we are currently double escaping.
This PR fixes this.
Fix#17492
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #17475
The underlying problem in #17328 appears to be that users are re-running the install
page during upgrades. The function that tests and creates the db did not intend for
this and thus instead the migration scripts being run - a simple sync tables occurs.
This then causes a weird partially migrated DB which causes, in this release cycle,
the duplicate column in task table error. It is likely the cause of some weird
partial migration errors in other cycles too.
This PR simply ensures that the migration scripts are also run at this point too.
Fix#17328
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #17460
There is a small bug in the way that repo access is checked in
repoAssignment: Accessibility is checked by checking if the user has a
marked access to the repository instead of checking if the user has any
team granted access.
This PR changes this permissions check to use HasAccess() which does the
correct test. There is also a fix in the release api ListReleases where
it should return draft releases if the user is a member of a team with
write access to the releases.
The PR also adds a testcase.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #17434
Unfortunately there was a regression in #17373 which missed that the user is not
for deploy keys. This leads to a panic when pushing with deploy keys.
Fix#17412
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #17406.
Closes#17378
Both errors from #17378 were caused by #15175.
Problem 1 (error with added file):
`ToUTF8WithFallbackReader` creates a `MultiReader` from a `byte[2048]` and the remaining reader. `CreateReaderAndGuessDelimiter` tries to read 10000 bytes from this reader but only gets 2048 because that's the first reader in the `MultiReader`. Then the `if size < 1e4` thinks the input is at EOF and just returns that.
Problem 2 (error with changed file):
The blob reader gets defer closed. That was fine because the old version reads the whole file into memory. Now with the streaming version the close needs to defer after the method.
Co-authored-by: zeripath <art27@cantab.net>
Repositories owned by private users and organisations and pulls by restricted users
need to have permissions checked. Previously Serv would simply assumed that if the
user could log in and the repository was not private then it would be visible.
Fix#17364
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
Backport #17304
Downgrade logging statement from Fatal to Error so that errors parsing
U2FRegistration data does not panic; instead, the invalid key will be
skipped and we will attempt to parse the next one, if available.
Signed-off-by: David Jimenez <dvejmz@sgfault.com>
Co-authored-by: David Jimenez <dvejmz@users.noreply.github.com>
* Check user instead of organization
* Enforce that only admins can copy a repo to another user
Co-authored-by: Ion Jaureguialzo Sarasola <ion@jaureguialzo.com>
Some people still appear to report unclosed cat-files. This PR simply adds the caller
to the process descriptor for the CatFileBatch and CatFileBatchCheck calls.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Backport #17035
When converting repositories from forks to normal the root NumFork needs to be
decremented too.
Fix#17026
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #16952
PR #16125 did not update the error handlers to handle conflict errors relating
to rebases. This PR adds them.
Fix#16922
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #16807
Calculate and return the number of Repositories on the dashboard
Organization list.
This PR restores some of the logic that was removed in #14032 to
calculate the number of repos on the dashboard orgs list.
Fix#16648
Replaces #16799
Signed-off-by: Andrew Thornton <art27@cantab.net>
* make sure headGitRepo is closed on err too
* refactor
* Fix git.Blob.DataAsync(): exec cancel since we already read all bytes (close pipe since we return a NopCloser)
Co-authored-by: zeripath <art27@cantab.net>
There are multiple places where wiki git repositories are not properly closed.
This PR ensures they are closed.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
* In Render tolerate not being passed a context
It is possible for RenderString to be passed to an external renderer if markdown
is set to be rendered by an external renderer. No context is currently sent to these
meaning that this will error out.
Fix#16835
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add Context to Repo calls for RenderString
All calls from routers can easily add the context - so add it.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
Backport #16805Fix#16801
Even if default branch is removed from the current page, but the total branches number should be still kept. So that the pagination calculation will be correct.
Backport #16794
There is a missing return in handleSettingRemoteAddrError which means
that the error page for repo settings is duplicately rendered.
Fix#16771
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
