Commit Graph
2370 Commits
Author SHA1 Message Date
de9a96c4de Forcibly clean and destroy the session on logout (#11447) (#11451)
Backport #11447

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-05-17 14:32:33 +03:00
6543andGitHub d78be7ddf9 Fix /api/v1/orgs/* endpoints by changing parameter to :org from :orgname (#11381) 2020-05-12 08:46:44 +03:00
0b216f40fd Fix tracked time issues (#11349) (#11354)
Backport #11349 

* Fix tracked time issues (#11349)

* Fix nil exeption: #11313

* fix 500

* activate test 😆

* move logic

* Add missing import

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Guillermo Prandi <guillep2k@users.noreply.github.com>
2020-05-09 18:08:41 +01:00
6543andGitHub 79868d7096 When delete tracked time through the API return 404 not 500 (#11319) (#11326) 2020-05-07 22:42:33 +03:00
guillep2kandGitHub ff7eaa1eb4 Show pull request selection even when unrelated branches (#11239) (#11283)
Fix #10525

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-05-04 12:38:26 +01:00
5131206aad repo: milestone: make /milestone/:id endpoint accessible (#11264) (#11282)
Previously, this required authentication, but there's not actually
any privileged information on this page.  Move the endpoint out of
the group that requires sign-in.  It still requires the ability to
read issues and pull requests, so private repositories (for instance)
will not be exposed.

Fixes #10312 
Fixes #11233

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-05-04 04:12:36 +03:00
zeripathandGitHub dca8ef9407 Prevent clones and pushes to disabled wiki (#11131) (#11134)
Backport #11131

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-04-19 16:40:40 +01:00
6543andGitHub cc2a6c1d30 Fix merge dialog on protected branch with missing required statuses (#11074) (#11084)
It is possible for misconfigured protected branches to have required status checks that are not in any of the current statuses: Pending, Success, Error, Failure, or Warning - presumably because the CI has not contacted us as yet.

Fix #10636 by adding case: missing StatusChecks when these are missing
2020-04-16 10:45:34 +03:00
Lunny XiaoandGitHub 139fc7cfee Fix milestones too many SQL variables bug (#10880) (#10904)
* Fix milestones too many SQL variables bug

* Fix test

* Don't display repositories with no milestone and fix tests

* Remove unused code and add some comments
2020-03-31 08:40:37 -05:00
596eebb2b6 Protect against NPEs in notifications list (#10879) (#10883)
* Protect against NPEs in notifications list (#10879)

Unfortunately there appears to be potential race with notifications
being set before the associated issue has been committed.

This PR adds protection in to the notifications list to log any failures
and remove these notifications from the display.

References #10815 - and prevents the panic but does not completely fix
this.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* add log import

* Update models/notification.go

Co-Authored-By: Lauris BH <lauris@nix.lv>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-03-30 15:23:02 +08:00
3dabfd4933 Convert plumbing.ErrReferenceNotFound to git.ErrNotExist in GetRefCommitID (#10676) (#10797)
* Fix panic in API pulls when headbranch does not exist (#10676)

Backport #10676

* Fix panic in API pulls when headbranch does not exist
* refix other reference to plumbing.ErrReferenceNotFound

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

Co-Authored-By: Lauris BH <lauris@nix.lv>
2020-03-23 15:01:25 +02:00
Lunny XiaoandGitHub 602fe45936 Fix bug on branch API (#10767) (#10775)
* Fix bug on branch API (#10767)

* Fix branch api canPush and canMerge
2020-03-20 23:31:01 +02:00
Lauris BHandGitHub c0b917b7eb Migrate to go-git/go-git v5.0.0 (#10735) (#10753) 2020-03-18 22:36:31 -04:00
zeripathandGitHub 66b31786d3 Prevent panic in stopwatch (#10670) (#10673)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-03-08 21:14:27 +02:00
John OlheiserandGitHub 21eaeb8418 Issue writers perms can modify issues (#10623) (#10626)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-03-06 04:42:20 +00:00
Lauris BHandGitHub 9a929ad17f Handle deleted base branch in PR (#10618) (#10619)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-03-05 22:23:34 +02:00
John OlheiserandGitHub 6f5656ab0e Logout POST action (#10582) (#10585)
* Change logout to POST

* Update for redirect

* Revert octicon to font

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-03-03 13:54:15 +08:00
e4a876cee1 Admin page for managing user e-mail activation (#10557) (#10579)
* Admin page for managing user e-mail activation (#10557)

* Implement mail activation admin panel

* Apply suggestions by @lunny

* Add UI for user activated emails

* Prevent admin from self-deactivate; add modal

Co-authored-by: zeripath <art27@cantab.net>

* Fix pagination options downgrade

Co-authored-by: zeripath <art27@cantab.net>
2020-03-02 17:09:37 -03:00
James LakinandGitHub 65dceb6a40 Fix redirection path if Slack webhook channel is invalid (#10566)
The path to the hook config is already defined by orgRepoCtx
2020-03-02 13:54:07 +02:00
Andreas ShimokawaandGitHub 76878fd69b Fix 404 after activating secondary email (backport of #10547) (#10553) 2020-03-01 13:27:13 +01:00
caa2aeaa52 Show Signer in commit lists and add basic trust (#10425) (#10524)
Backport #10425
Backport #10511

* Show Signer in commit lists and add basic trust (#10425)

Show the avatar of the signer in the commit list pages as we do not
enforce that the signer is an author or committer. This makes it
clearer who has signed the commit.

Also display commits signed by non-members differently from
members and in particular make it clear when a non-member signer
is different from the committer to help reduce the risk of
spoofing.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Fix the signing icon in the  view_list.tmpl page (#10511)

Co-Authored-By: silverwind <me@silverwind.io>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-02-28 14:18:02 -03:00
6543andGitHub 11300ee582 Fix potential bugs (#10513) (#10518)
* use e if it is an option
* potential nil so check err first
* check err first
* m == nil already checked
2020-02-28 00:12:23 -03:00
5d11ccc9e1 Handle push rejection message in Merge & Web Editor (#10373) (#10497)
Backport #10373

* Handle push rejection message in Merge

* Fix sanitize, adjust message handling

* Handle push-rejection in webeditor CRUD too

Co-authored-by: Lauris BH <lauris@nix.lv>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-02-27 15:37:11 +02:00
John OlheiserandGitHub 1fbdd9335f Fix double PR notification from API (#10482) (#10486)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-02-26 22:39:39 +02:00
John OlheiserandGitHub e9061a537c Fix admin notices (#10480) (#10483)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-02-26 11:14:37 -06:00
John OlheiserandGitHub ed664a9e1d Change admin dashboard to POST (#10465) (#10466)
* Change admin dashboard to POST (#10465)

* Add form and convert to POST

* Redirect for flash

* Convert octicons back to fa for 1.11

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-02-25 17:42:43 -06:00
4cb18601ff Change action GETs to POST (#10462) (#10464)
* Change action GETs to POST

* submite = submit + smite

* No more # href

* Fix test

* Match other tests

* Explicit csrf

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-02-25 15:08:21 -06:00
6543andGitHub 9e6ad64d48 Trigger webhooks on issue label-change via API too (#10421) (#10439)
* trigger webhooks with api too

* fix comment

* notify report old too

* CI restart

* restart CI again

* remove duplicated code
2020-02-24 14:30:59 +00:00
d3b6f001fe Various fixes in login sources (#10428) (#10429)
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-02-23 22:46:17 +02:00
Lauris BHandGitHub 80eb50655a Fix followers and following tabs in profile (#10202) (#10203) 2020-02-09 21:00:24 +00:00
John OlheiserandGitHub 2cd2614eaa Fix push-create SSH bugs (#10145) (#10151)
* Attempt to fix push-create SSH bugs

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix binding

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Invalid ctx

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-02-05 15:50:06 +01:00
6543andGitHub 0129e76ef5 Prevent DeleteUser API abuse (#10125) (#10128)
* fix & co

* word suggestions from @jolheiser
2020-02-03 19:44:06 +02:00
6896dad675 working part of #9998 (#10114) (#10115)
Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-02-03 11:19:04 +08:00
Lunny XiaoandGitHub 049af0d3d0 Fix branch page pull request title and link error (#10092) (#10097)
* Fix branch page pull request title and link error (#10092)
2020-02-01 15:14:56 +00:00
Lunny XiaoandGitHub 491cbeca67 Fix milestone API state parameter unhandled (#10049) (#10052)
* Fix milestone API state parameter unhandled

* Fix test
2020-01-29 18:01:44 +02:00
zeripathandLauris BH 895d92ffe5 Ensure that feeds are appropriately restricted (#10018) (#10019)
* Ensure that feeds are appropriately restricted

* Placate golangci-lint
2020-01-28 23:54:09 +02:00
Lunny Xiaoandzeripath 1e73dd2446 Fix wiki raw view on sub path (#10002) (#10040)
* Fix wiki raw view on sub path

* Add test for subpath wiki raw file

* Fix bug
2020-01-28 15:10:25 +00:00
Lunny XiaoandLauris BH 0dced15c1a Fix wrong hint when status checking is running on pull request view (#9886) (#9928)
* Fix wrong hint when status checking is running on pull request view

* fix lint

* fix test

* fix test

* fix wrong tmpl

* fix import

* rename function name
2020-01-22 08:06:11 +02:00
ff508c9c9b Add option to prevent LDAP from deactivating everything on empty search (#9879) (#9896)
* Add option to prevent LDAP from deactivating everything on empty search

* Update options/locale/locale_en-US.ini

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-01-20 21:18:23 +02:00
f96c1a2c79 Fix wrong permissions check when issues/prs shared operations (#9885) (#9889)
* Fix wrong permissions check when issues/prs shared operations

* move redirect to the last of the function

* fix swagger

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-01-20 17:59:33 +02:00
e878d743f4 Ensure that 2fa is checked on reset-password (#9857) (#9876)
* Ensure that 2fa is checked on reset-password

* Apply suggestions from code review

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Properly manage scratch_code regeneration

Co-authored-by: Lauris BH <lauris@nix.lv>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-01-19 23:21:21 +00:00
Lunny Xiaoandtechknowlogick 8add1dfacc Fix issues/pulls dependencies problems (#9842) (#9864)
* Fix issues/pulls dependencies problems

* fix swagger and api param name

* fix js
2020-01-19 12:56:57 -05:00
6543andtechknowlogick 95cb921097 fix (#9837) 2020-01-17 23:31:46 -05:00
fe46185407 Fix download file wrong content-type (#9825) (#9834)
* Fix download file wrong content-type

* change the error text to be more precise

* fix test

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-01-17 15:11:20 +01:00
Lunny XiaoandAntoine GIRARD 69a2a29c33 Fix wrong identify poster on a migrated pull request when submi… (#9827) (#9830) 2020-01-17 13:38:11 +01:00
e2ddc42377 Fix compare (#9808) (#9814)
Co-authored-by: techknowlogick <matti@mdranta.net>

Co-authored-by: techknowlogick <matti@mdranta.net>
2020-01-17 10:08:28 +08:00
3521177a34 Fix push-to-create (#9772) (#9797)
* Fix push-to-create

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Check URL path and service

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Send dummy payload on receive-pack GET

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* The space was actually a NUL byte

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Use real bare repo instead of manufactured payload

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: zeripath <art27@cantab.net>
2020-01-16 07:40:37 +02:00
Lunny Xiaoandzeripath c8bb0ecf52 Fix missing msteam webhook on organization (#9781) (#9794) 2020-01-16 03:09:47 +00:00
David SvantessonandAntoine GIRARD 42663a687c Fix add team on collaborator page when same name as organization (#9778) 2020-01-15 14:18:18 +01:00
dbeef6bb02 [BugFix] [API] ​/repos​/issues​/search (#9698) (#9724)
* fix

* fix options

* add TEST

Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>

Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
2020-01-12 10:20:49 +00:00