Commit graph

287 commits

Author SHA1 Message Date
Earl Warren 5455605342
[TESTS] oauth2: add integration test helpers
(cherry picked from commit e11dcc60f291f1b882a993f60f8381fe4561d6d0)

use backticks to avoid backslash

(cherry picked from commit 34212791eef2031ef09ea118a2ee5b98082174dc)
(cherry picked from commit bde9473c69eaf6306457b4218d9704af64cb6cc8)
(cherry picked from commit d4deb43084eec4ce0de786a01acef52921a39b13)
(cherry picked from commit 08e91649b0057258ea5d775447d84093c31ad523)
(cherry picked from commit 2b988e5415b35e608726facb5d23a920334fda1c)

[TESTS] auth LinkAccount test coverage (squash)

(cherry picked from commit a2b2e3066bee46ca15ce66d0deb7ef3e89915248)
(cherry picked from commit 841d1b50731a94b9330b6a623a40f8aa0a6befa8)
(cherry picked from commit 35da630ad884a9ffff5bd873123687af169a6cac)
(cherry picked from commit caf2dc4fa7c6fb45a19edc5a025579d42d8db455)
(cherry picked from commit 6eb81e67ba69aeb9f1290f6717ec6c6a367752c3)
(cherry picked from commit d59757239f4fd6353dafd88f2460145b88ef38a1)
(cherry picked from commit 38a121b6880538f381799fb69666e13abf667502)
(cherry picked from commit 20613874ee04286a5ecb28045ec80af0fd850582)
(cherry picked from commit 6d2705e10858baf5e33df0ced047c544ed826fd3)
(cherry picked from commit f177b728142911fed6709339dd0e686017b610b0)
(cherry picked from commit 75e1fc4c8318b378f94065a268b079ac152657ef)
(cherry picked from commit ba64fa9867b06fb0b390a799ef4c3f39f554bb0b)
(cherry picked from commit 0b8ab0893ec6b6d689534b5e4ac50cdfe36c34e9)
(cherry picked from commit 1419d11435b0cdf7c41cb7175dffaf521ecfacd7)
(cherry picked from commit 38766847e0441f4b3841b05b34e3442f4e23af06)
(cherry picked from commit 6f23426a6ab09df7bb5817d364301975715dc10b)
(cherry picked from commit 9e0ff9ca54505723ad39a3fb221b94cbcef2da66)
(cherry picked from commit 353f3601c318f77a07fba0976fc9e3d28b2fc818)
(cherry picked from commit 6e4ae401d815bf32ca21e2fdada5aa1ac528c756)
(cherry picked from commit 1a7afe41530378cf194ce7c302cfe6bf757a2838)
(cherry picked from commit f9f3e0cc02fda87ef769ee8410e9d926963d2d97)
(cherry picked from commit 22fd0337f3cc57e4365c783b80db553627022f6d)
(cherry picked from commit ee57e138d1a89508f7613d1e6782a9909977b153)
(cherry picked from commit 21f9b7e73ddf12948feb220ec5432e14b75e0baa)
(cherry picked from commit 17c548c09298472af65526f1334fecffd1e72d1e)
(cherry picked from commit 02d31865174d94273e993248aa152f482fa14802)
(cherry picked from commit f02a040fa27afdbcf12d197894e9adc0a8a17734)
(cherry picked from commit 3cf9f82b282fe62d2124e1d3c1d75ea5f92ddce0)
(cherry picked from commit aa9d06dbac2a14cde066f0c1f896c3993a49aae0)
(cherry picked from commit 689421315464c16462938b3dbd710978e1fd14f3)
2024-02-05 14:44:32 +01:00
Earl Warren 34a5fe68a7
[TESTS] createUser via the user model helper for integration tests
(cherry picked from commit c1d14c5fffeb823385b2984cfcdb3e195bfb151d)
(cherry picked from commit e0e8aabc985af153cf1fcb2064c17f68ec37f3a2)
(cherry picked from commit 392a415070af7f4e872c7bb013f259e2dcc8b7b4)
(cherry picked from commit c7cf1307ca227ff9f4935391582c058823419d7b)
(cherry picked from commit 93b13d092b46c261fc3c0f70ecd9d4f45ee84029)

[TESTS] createUser via the user model helper for integration tests (squash)

(cherry picked from commit 6ff23839528db66ae91e88d6b687b63c769f8f43)
(cherry picked from commit de2a6fe8c374965d50bcd6421d44c3a5d312a689)
(cherry picked from commit 398a6ab072e8364db3c5236bf258ec6bb068dc29)
(cherry picked from commit 16abc89780a228fdc288ed2ce44a95daa6368e36)
(cherry picked from commit 312a3ec5d9d50864af9dbfb8672778789b2e11ca)
(cherry picked from commit 85c6d8e29065641ccbaf57fcebe72b93141a14a4)
(cherry picked from commit 79150d30a4d9a91e9e5272f3d46bd0ee836bcab1)
(cherry picked from commit 436137962d3f150d4c28093461c30c9910f2d32d)
(cherry picked from commit e4eb8d471e8e1c8e14a6a3208418bde0b121472c)
(cherry picked from commit a7257052f49a480dd2ccfbef5c0573c9b5b73adb)
(cherry picked from commit d5eba9a6dd93eb21350dc611edff7c9a13cb2552)
(cherry picked from commit d89ef2ffa9a83249b498867a02996a3dcb17aa31)
(cherry picked from commit f1d25aa30762ae97d7994048dd03c656028dedbe)
(cherry picked from commit 60c7c0735376d7987717c0d375fa409ca9b90e8f)
(cherry picked from commit cfeff3afdb80785019f53312369953e2d996de89)
(cherry picked from commit 608ac6bd683d60fe295163ba5562aee5037b6e01)
(cherry picked from commit c64e530a13fe4afc89ad3de481fff16fe190c3d1)
(cherry picked from commit 513db02971fa98ff88f9b06bf25b03c31d0a857c)
(cherry picked from commit 43eaaa5a61134928ff9a83e571552407450d0a09)
(cherry picked from commit 678eb494408e3784336a3aeb5e5f54bd738d009e)
(cherry picked from commit f7458dabda74dedecb431a75e9f049e545fc973e)
(cherry picked from commit 32568e43b412bf53bc207f5b429ee4ef77693857)
(cherry picked from commit 3fcbb2043d04fb701a7baa26cc599c98dfaa5601)
(cherry picked from commit 95f0b8eefad590c647951f42bd0f467685901bd2)
(cherry picked from commit f285b9469d0b644abc70ebbc79c4b14fe5a03e56)
(cherry picked from commit 4b8a02ad088bc925dee1b2f0b759ea9ef77d96e8)
(cherry picked from commit 70eb98025b6012f42c0161999f7675f069bde877)
(cherry picked from commit dc2d448705404872c7f67887f7cf80658e42c3fa)
(cherry picked from commit e1402ca319f549f8ed36a9f8b58f7aba09793415)
(cherry picked from commit 807d587285c06b82d636fba371f946c68f0a22e3)
2024-02-05 14:44:32 +01:00
Earl Warren c3985f05e8
[API] Forgejo API /api/forgejo/v1
(cherry picked from commit 20b56692693e054bb3c04b4ef12b29b0715b4530)
(cherry picked from commit 1574643a6a9634e5b92c033a4bfb69062a86bd05)

Update semantic version according to specification

(cherry picked from commit 22510f41306f9c133a7e99b61f9c38dabfd4b810)

Mise à jour de 'Makefile'

(cherry picked from commit c3d85d8409f1bb18a45659a167cf1ffee057f3b6)
(cherry picked from commit 5ea23098513c068444226af41faf9be9c4c998e6)
(cherry picked from commit ec5217b9d1b94bb04e34ce8c27eecbdc6f3a247a)
(cherry picked from commit 14f08e364b2ad7e3176b45d3ec8da5f5605b4315)
(cherry picked from commit b4465c67b8737aed9fd79a43046aa3795a298e68)

[API] [SEMVER] replace number with version

(cherry picked from commit fba48e64977a75e77c9c6cf8e3f8a679a5e7b733)
(cherry picked from commit 532ec5d8782703b62d7d02312764e50637cd016e)

[API] [SEMVER] [v1.20] less is replaced by css

(cherry picked from commit 01ca3a4f4291cf4c62df42cbd12a00638f3cdc70)
(cherry picked from commit 1d928c3ab2e1fda6082e1400d89ea96d6605ebaa)
(cherry picked from commit a39dc804cd1da86444ed709455857f069475e7db)

Conflicts:
	webpack.config.js
(cherry picked from commit adc68578b3eb41215338125edfca91804706f8a1)
(cherry picked from commit 9b8d98475fd7efcc15bf0d91b0af6ef3aff64508)
(cherry picked from commit 25161039745a63282257eded9616390241af8013)
(cherry picked from commit 18e6287963a0e1863cd08fd514a4e732a1904a68)
(cherry picked from commit e9694e67ab93ad74f7eae3152d88d95e8493e739)
(cherry picked from commit a9763edaf002c8009a2cca4115cb8b926f8cdc85)
(cherry picked from commit e2b550f4fba144f9637a212b56bfe30cac1adb3b)
(cherry picked from commit 2edac36701e8fa1ff67f87dccfa34cfc00ab66de)

[API] Forgejo API /api/forgejo/v1 (squash)

Update semver as v1.20 is entering release candidate mode

(cherry picked from commit 4995098ec3c6eee19a7ad7bc956b71c6e937c04c)
(cherry picked from commit 578ccfdd27d7a280050bdf61d497d07decf98f2f)
(cherry picked from commit 1bf6ac09520490f0a56b9b55d7836c2d8ea5d22c)
(cherry picked from commit 2fe16b2bfed62c0386d0bfe104f7dcc621d1c3be)
(cherry picked from commit 7cd9d027eec5a2b328d06a47f34545943560fe1b)
(cherry picked from commit eaed4be2ae88055a15dcc96564440c301a13ba8e)
(cherry picked from commit cc94f3115f844a0f16064e49e5eb719d33bc4441)
(cherry picked from commit d7a77e35ccfd2d0fc2ba98932296ab7354edd2db)
(cherry picked from commit cd8eb68ab7b3e2eaacf78d370c762f43cc19fd6a)
(cherry picked from commit 68487ac95f742837e7ff38df902834b6173cd9ab)
(cherry picked from commit 616dceb565456d6fac6f58b1c4de43e9d3254090)
(cherry picked from commit 545fe5975b47d2eab348a57b87c6fd4590f33442)
(cherry picked from commit c042cf8eda2dea805138bd64daa7fbe07865ed5a)
(cherry picked from commit ae5e5a7468aa66312055a26841f658574a9b0dd7)
(cherry picked from commit 8034ef5fa2648a127f8c84c572bec02a1ff6bb9f)
(cherry picked from commit aaf0293034468505449d33ab1483ae65b4175754)
(cherry picked from commit daafa8ce58e5e6077da585b13e5190856228a4a3)
(cherry picked from commit 7ca3681d3e2ed5ec1ae44364cba476d642e2b557)
(cherry picked from commit 39f72cba71ff3f9d2cbb05c88031b34933573a8c)
(cherry picked from commit 60a591713097384935ba0ac51a5cd4793f7544a8)
(cherry picked from commit 4853bd9e16bc8986ba8159349e93bc3093dc8ab9)

[API] Move forgejo api file (squash)

- Move the file to accommodate faa28b5a44

(cherry picked from commit bce89351d251bfa18c677b30bc7da80856d919fb)
(cherry picked from commit 11ae7f6e85395b287c6f4108c531aa1a81fd964c)
(cherry picked from commit 25e96cfcb28859406329090eb0c7990bea4e73eb)
(cherry picked from commit 6d8d19b39156a7f8b4db5022915590593df94f1f)
(cherry picked from commit 5afc5c454b7d70f95b83e6c3b4c9e2cb6e2d0ef5)
(cherry picked from commit 86d07b4c249211bdb77c0520f99f2c8e5d89b516)
(cherry picked from commit e54d869fdae44811faaa80f3757efbc93bf0bce4)
(cherry picked from commit ab31ef1bba3bc5188e0f3ce5e5fa33335877cf47)
(cherry picked from commit 511cbca2f3799646edf8eae00464b87f43ca280f)
(cherry picked from commit 333916fea874509063f9449f07d79e4cafbcf06f)
(cherry picked from commit 3802bcd7c9865b77151ef454c0bdc2ce32157a41)
(cherry picked from commit 5d0fa034f77388ed21735a22cf1a2a23562245c3)
(cherry picked from commit d15627aa0dfb4ffc2eb7ab0ce99b7c5b2bf06dcf)
(cherry picked from commit ba0b21b9305b6fecf23aeec213f1a95d96ce72fb)
(cherry picked from commit 39ade66aac7f8cccd980d1f435b92465a50be032)
2024-02-05 14:44:32 +01:00
Earl Warren e90db3f5cc
[CLI] implement forgejo-cli
(cherry picked from commit 2555e315f7561302484b15576d34c5da0d4cdb12)
(cherry picked from commit 51b9c9092e21a451695ee0154e7d49753574f525)

[CLI] implement forgejo-cli (squash) support initDB

(cherry picked from commit 5c31ae602a45f1d9a90b86bece5393bc9faddf25)
(cherry picked from commit bbf76489a73bad83d68ca7c8e7a75cf8e27b2198)

Conflicts:
	because of d0dbe52e76
	upgrade to https://pkg.go.dev/github.com/urfave/cli/v2
(cherry picked from commit b6c1bcc008fcff0e297d570a0069bf41bc74e53d)

[CLI] implement forgejo-cli actions

(cherry picked from commit 08be2b226e46d9f41e08f66e936b317bcfb4a257)
(cherry picked from commit b6cfa88c6e2ae00e30c832ce4cf93c9e3f2cd6e4)
(cherry picked from commit 59704200de59b65a4f37c39569a3b43e1ee38862)

[CLI] implement forgejo-cli actions generate-secret

(cherry picked from commit 6f7905c8ecf17d5f74ac9a71a453d6768c212b6d)
(cherry picked from commit e085d6d2737e6238a4ff00f19f40cf839ac16b34)

[CLI] implement forgejo-cli actions generate-secret (squash) NoInit

(cherry picked from commit 962c944eb20268a394030495c3caab3e3d4bd8b7)

[CLI] implement forgejo-cli actions register

(cherry picked from commit 2f95143000e4ccc94ef14332777b58fe778edbd6)
(cherry picked from commit 42f2f8731e876564b6627a43a248f262f50c04cd)

[CLI] implement forgejo-cli actions register (squash) no private

Do not go through the private API, directly modify the database

(cherry picked from commit 1ba7c0d39d0ecd190b7d9c517bd26af6c84341aa)

[CLI] implement forgejo-cli actions

(cherry picked from commit 6f7905c8ecf17d5f74ac9a71a453d6768c212b6d)
(cherry picked from commit e085d6d2737e6238a4ff00f19f40cf839ac16b34)

[CLI] implement forgejo-cli actions generate-secret (squash) NoInit

(cherry picked from commit 962c944eb20268a394030495c3caab3e3d4bd8b7)
(cherry picked from commit 4c121ef022597e66d902c17e0f46839c26924b18)

Conflicts:
	cmd/forgejo/actions.go
	tests/integration/cmd_forgejo_actions_test.go
(cherry picked from commit 36997a48e38286579850abe4b55e75a235b56537)

[CLI] implement forgejo-cli actions (squash) restore --version

Refs: https://codeberg.org/forgejo/forgejo/issues/1134
(cherry picked from commit 9739eb52d8f94d32f61068d7209958e8d2582818)

[CI] implement forgejo-cli (squash) the actions subcommand needs config

(cherry picked from commit def638475122a26082ab3835842c84cd03839154)

Conflicts:
	cmd/main.go
	https://codeberg.org/forgejo/forgejo/pulls/1209
(cherry picked from commit a1758a391043123903607338cb11490161ac946d)
(cherry picked from commit 935fa650c77b151752a58f621d846b166b97cd79)
(cherry picked from commit cd21026bc94922043dce8e2a5baba68111d1e569)
(cherry picked from commit 1700b8973a58f0fc3469492d8a39b931019d2461)
(cherry picked from commit 1def42a37945cfe88947803f9afe9468fb8798fe)
(cherry picked from commit 839d97521d59a012b06e6c2b9b0655c56b41b6cd)
(cherry picked from commit fd8c13be6b45f9aa939be482c0a4e5a60c89344c)
(cherry picked from commit 588e5d552f044d91218a07fa46e84259d4892c5d)
(cherry picked from commit 151a726620f662ff9af37316dfda38a6bd6744bb)

[v1.22] [CLI] implement forgejo-cli

https://codeberg.org/forgejo/forgejo/pulls/1541
(cherry picked from commit 46708de7b9a3efac74aced8361327a39f45b6892)
(cherry picked from commit a8e5c1369ee3ee197579a30aeba519b4384360aa)
(cherry picked from commit c8a32aaf24fd851927432f140fcc59a274824d33)

Conflicts:
	models/actions/main_test.go
	https://codeberg.org/forgejo/forgejo/pulls/1656
(cherry picked from commit 79f4553063c4f4ee70c98f95d9e62facd9d33c67)
(cherry picked from commit 0379da0cf5b14e7915f2f38502bd00036723071d)
(cherry picked from commit 331d58c085d6533ebcc528c1ac69d4f99e8e9acd)
(cherry picked from commit 89705502c477ec833bd7ce46c3cedc53fbd454bc)
(cherry picked from commit 4723d5febf4a5748b2ca038bc95235995ebb8c11)
(cherry picked from commit e71b26013039d5d029ec4c38befd25e6a447b3f1)
(cherry picked from commit 6a376a5b48b0b5187f492ddd73c72896cc8ae0a8)

Conflicts:
	cmd/main.go
	https://codeberg.org/forgejo/forgejo/pulls/1969
(cherry picked from commit 6ba97cf4b5bae19426fef9d65a20bc5527e41a90)
(cherry picked from commit e0a6ebfeca1ff20d53fe8d0baf4a737d6e10fce1)
(cherry picked from commit 5702aeab2d25fa1f79fb1d11ec359a5460dc0f91)
(cherry picked from commit f919c4d6c11423ac2d3ab624d9a6390661c07aa7)
(cherry picked from commit a26799a88aa2f320b498372717019fa601545931)
(cherry picked from commit b6ab4733959176aacfb25183e9f2f5e57195e35d)
(cherry picked from commit cf054a0461ea204f81774b4da52dae186970d1a8)
2024-02-05 13:33:58 +01:00
KN4CK3R f8b471ace1
Unify user update methods (#28733)
Fixes #28660
Fixes an admin api bug related to `user.LoginSource`
Fixed `/user/emails` response not identical to GitHub api

This PR unifies the user update methods. The goal is to keep the logic
only at one place (having audit logs in mind). For example, do the
password checks only in one method not everywhere a password is updated.

After that PR is merged, the user creation should be next.
2024-02-04 13:29:09 +00:00
Lunny Xiao 5f82ead13c
Simplify how git repositories are opened (#28937)
## Purpose
This is a refactor toward building an abstraction over managing git
repositories.
Afterwards, it does not matter anymore if they are stored on the local
disk or somewhere remote.

## What this PR changes
We used `git.OpenRepository` everywhere previously.
Now, we should split them into two distinct functions:

Firstly, there are temporary repositories which do not change:

```go
git.OpenRepository(ctx, diskPath)
```

Gitea managed repositories having a record in the database in the
`repository` table are moved into the new package `gitrepo`:

```go
gitrepo.OpenRepository(ctx, repo_model.Repo)
```

Why is `repo_model.Repository` the second parameter instead of file
path?
Because then we can easily adapt our repository storage strategy.
The repositories can be stored locally, however, they could just as well
be stored on a remote server.

## Further changes in other PRs
- A Git Command wrapper on package `gitrepo` could be created. i.e.
`NewCommand(ctx, repo_model.Repository, commands...)`. `git.RunOpts{Dir:
repo.RepoPath()}`, the directory should be empty before invoking this
method and it can be filled in the function only. #28940
- Remove the `RepoPath()`/`WikiPath()` functions to reduce the
possibility of mistakes.

---------

Co-authored-by: delvh <dev.lh@web.de>
2024-01-27 21:09:51 +01:00
silverwind 60e4a98ab0
Preserve BOM in web editor (#28935)
The `ToUTF8*` functions were stripping BOM, while BOM is actually valid
in UTF8, so the stripping must be optional depending on use case. This
does:

- Add a options struct to all `ToUTF8*` functions, that by default will
strip BOM to preserve existing behaviour
- Remove `ToUTF8` function, it was dead code
- Rename `ToUTF8WithErr` to `ToUTF8`
- Preserve BOM in Monaco Editor
- Remove a unnecessary newline in the textarea value. Browsers did
ignore it, it seems but it's better not to rely on this behaviour.

Fixes: https://github.com/go-gitea/gitea/issues/28743
Related: https://github.com/go-gitea/gitea/issues/6716 which seems to
have once introduced a mechanism that strips and re-adds the BOM, but
from what I can tell, this mechanism was removed at some point after
that PR.
2024-01-27 18:02:51 +00:00
KN4CK3R caad931385
Prevent anonymous container access if RequireSignInView is enabled (#28877)
Fixes #28875

If `RequireSignInView` is enabled, the ghost user has no access rights.
2024-01-21 16:31:29 +00:00
KN4CK3R 461d8b53c2
Fix some RPM registry flaws (#28782)
Related #26984
(https://github.com/go-gitea/gitea/pull/26984#issuecomment-1889588912)

Fix admin cleanup message.
Fix models `Get` not respecting default values.
Rebuild RPM repository files after cleanup.
Do not add RPM group to package version name.
Force stable sorting of Alpine/Debian/RPM repository data.
Fix missing deferred `Close`.
Add tests for multiple RPM groups.
Removed non-cached `ReplaceAllStringRegex`.

If there are multiple groups available, it's stated in the package
installation screen:

![grafik](https://github.com/go-gitea/gitea/assets/1666336/8f132760-882c-4ab8-9678-77e47dfc4415)
2024-01-19 11:37:10 +00:00
FuXiaoHei ad98ea63ee
Fix uploaded artifacts should be overwritten (#28726)
Fix `Uploaded artifacts should be overwritten`
https://github.com/go-gitea/gitea/issues/28549

When upload different content to uploaded artifact, it checks that
content size is not match in db record with previous artifact size, then
the new artifact is refused.

Now if it finds uploading content size is not matching db record when
receiving chunks, it updates db records to follow the latest size value.
2024-01-17 11:21:16 +08:00
Viktor Kuzmin 49eb168677
Retarget depending pulls when the parent branch is deleted (#28686)
Sometimes you need to work on a feature which depends on another (unmerged) feature.
In this case, you may create a PR based on that feature instead of the main branch.
Currently, such PRs will be closed without the possibility to reopen in case the parent feature is merged and its branch is deleted.
Automatic target branch change make life a lot easier in such cases.
Github and Bitbucket behave in such way.

Example:
$PR_1$: main <- feature1
$PR_2$: feature1 <- feature2

Currently, merging $PR_1$ and deleting its branch leads to $PR_2$ being closed without the possibility to reopen.
This is both annoying and loses the review history when you open a new PR.

With this change, $PR_2$ will change its target branch to main ($PR_2$: main <- feature2) after $PR_1$ has been merged and its branch has been deleted.

This behavior is enabled by default but can be disabled.
For security reasons, this target branch change will not be executed when merging PRs targeting another repo. 

Fixes #27062
Fixes #18408

---------

Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
Co-authored-by: delvh <dev.lh@web.de>
2024-01-17 01:44:56 +01:00
Mihir Joshi b8270240bf
Fix reverting a merge commit failing (#28794)
Fixes #22236

---
Error occurring currently while trying to revert commit using read-tree
-m approach:
> 2022/12/26 16:04:43 ...rvices/pull/patch.go:240:AttemptThreeWayMerge()
[E] [63a9c61a] Unable to run read-tree -m! Error: exit status 128 -
fatal: this operation must be run in a work tree
> 	 - fatal: this operation must be run in a work tree

We need to clone a non-bare repository for `git read-tree -m` to work.

bb371aee6e
adds support to create a non-bare cloned temporary upload repository.

After cloning a non-bare temporary upload repository, we [set default
index](https://github.com/go-gitea/gitea/blob/main/services/repository/files/cherry_pick.go#L37)
(`git read-tree HEAD`).
This operation ends up resetting the git index file (see investigation
details below), due to which, we need to call `git update-index
--refresh` afterward.


Here's the diff of the index file before and after we execute
SetDefaultIndex: https://www.diffchecker.com/hyOP3eJy/

Notice the **ctime**, **mtime** are set to 0 after SetDefaultIndex.

You can reproduce the same behavior using these steps:
```bash
$ git clone https://try.gitea.io/me-heer/test.git -s -b main
$ cd test
$ git read-tree HEAD
$ git read-tree -m 1f085d7ed8 1f085d7ed8 9933caed00
error: Entry '1' not uptodate. Cannot merge.
```

After which, we can fix like this:
```
$ git update-index --refresh
$ git read-tree -m 1f085d7ed8 1f085d7ed8 9933caed00
```
2024-01-16 15:06:51 +00:00
Lunny Xiao 70c4aad8e1
Move more functions to db.Find (#28419)
Following #28220

This PR move more functions to use `db.Find`.

---------

Co-authored-by: delvh <dev.lh@web.de>
2024-01-15 02:19:25 +00:00
Earl Warren 3f342d6dff
Modernize merge button (#28140)
- Make use of the `form-fetch-action` for the merge button, which will
automatically prevent the action from happening multiple times and show
a nice loading indicator as user feedback while the merge request is
being processed by the server.
- Adjust the merge PR code to JSON response as this is required for the
`form-fetch-action` functionality.
- Resolves https://codeberg.org/forgejo/forgejo/issues/774
- Likely resolves the cause of
https://codeberg.org/forgejo/forgejo/issues/1688#issuecomment-1313044

(cherry picked from commit 4ec64c19507caefff7ddaad722b1b5792b97cc5a)

Co-authored-by: Gusted <postmaster@gusted.xyz>
2024-01-15 00:00:47 +02:00
Lunny Xiao 97292da960
Fix schedule tasks bugs (#28691)
Fix #28157 

This PR fix the possible bugs about actions schedule.

## The Changes

- Move `UpdateRepositoryUnit` and `SetRepoDefaultBranch` from models to
service layer
- Remove schedules plan from database and cancel waiting & running
schedules tasks in this repository when actions unit has been disabled
or global disabled.
- Remove schedules plan from database and cancel waiting & running
schedules tasks in this repository when default branch changed.
2024-01-12 21:50:38 +00:00
Jack Hay 6c6823935c
Add tests for #28765 (#28773)
Adds tests to cover changes made in #28765
2024-01-12 17:15:42 +00:00
Exploding Dragon ba4d0b8ffb
Support for grouping RPMs using paths (#26984)
The current rpm repository places all packages in the same repository,
and different systems (el7,f34) may hit packages that do not belong to
this distribution ( #25304 ) , which now supports grouping of rpm.

![图片](https://github.com/go-gitea/gitea/assets/33776693/d1e1d99f-7799-4b2b-a19b-cb2a5c692914)

Fixes #25304 .
Fixes #27056 .

Refactor: [#25866](https://github.com/go-gitea/gitea/pull/25866)
2024-01-12 03:16:05 +00:00
Mihir Joshi 669bbbaf24
Integration Test for Commit Search containing Square Brackets (#28751)
Integration test for #28744 

Change keywords commit search flag from `-F` to `--fixed-strings` for
readability
2024-01-11 11:04:45 +08:00
wxiaoguang 2df7563f31
Recommend/convert to use case-sensitive collation for MySQL/MSSQL (#28662)
Mainly for MySQL/MSSQL.

It is important for Gitea to use case-sensitive database charset
collation. If the database is using a case-insensitive collation, Gitea
will show startup error/warning messages, and show the errors/warnings
on the admin panel's Self-Check page.

Make `gitea doctor convert` work for MySQL to convert the collations of
database & tables & columns.

* Fix #28131

## ⚠️ BREAKING ⚠️

It is not quite breaking, but it's highly recommended to convert the
database&table&column to a consistent and case-sensitive collation.
2024-01-10 11:03:23 +00:00
wxiaoguang 9296c31ff7
Fix incorrect URL for "Reference in New Issue" (#28716)
Gitea prefers to use relative URLs in code (to make multiple domain work
for some users)

So it needs to use `toAbsoluteUrl` to generate a full URL when click
"Reference in New Issues"

And add some comments in the test code
2024-01-07 10:50:03 +00:00
wxiaoguang c5901b622d
Avoid unnecessary 500 panic when a commit doesn't exist (#28719)
In #26851, it assumed that `Commit` always exists when
`PageIsDiff==true`.

But for a 404 page, the `Commit` doesn't exist, so the following code
would cause panic because nil value can't be passed as string parameter
to `IsMultilineCommitMessage(string)` (or the StringUtils.Cut in later
PRs)
2024-01-07 18:20:22 +08:00
Lunny Xiao da58bb85fa
Upgrade xorm to new version which supported update join for all supported databases (#28590)
Fix https://github.com/go-gitea/gitea/pull/28547#issuecomment-1867740842

Since https://gitea.com/xorm/xorm/pulls/2383 merged, xorm now supports
UPDATE JOIN.
To keep consistent from different databases, xorm use
`engine.Join().Update`, but the actural generated SQL are different
between different databases.

For MySQL, it's `UPDATE talbe1 JOIN table2 ON join_conditions SET xxx
Where xxx`.

For MSSQL, it's `UPDATE table1 SET xxx FROM TABLE1, TABLE2 WHERE
join_conditions`.

For SQLITE per https://www.sqlite.org/lang_update.html, sqlite support
`UPDATE table1 SET xxx FROM table2 WHERE join conditions` from
3.33.0(2020-8-14).

POSTGRES is the same as SQLITE.
2023-12-31 05:00:35 +00:00
wxiaoguang e743570f65
Refactor timeutil package (#28623)
1. make names more readable
2. remove unused FormatLong/FormatShort
3. use `FormatDate` instead of `Format "2006-01-02"`
2023-12-28 10:09:57 +00:00
Lunny Xiao 921df1cbad
Remove unnecessary syncbranchToDB with tests (#28624)
#28361 introduced `syncBranchToDB` in `CreateNewBranchFromCommit`. This
PR will revert the change because it's unnecessary. Every push will
already be checked by `syncBranchToDB`.
This PR also created a test to ensure it's right.
2023-12-28 15:28:57 +08:00
Lunny Xiao 4c29c75968
Fix session key conflict with database keyword (#28613)
This is a regression from #28220 .
`builder.Cond` will not add `` ` `` automatically but xorm method
`Get/Find` adds `` ` ``.

This PR also adds tests to prevent the method from being implemented
incorrectly. The tests are added in `integrations` to test every
database.
2023-12-27 15:24:23 +08:00
delvh 778ad795fd
Refactor deletion (#28610)
Introduce the new generic deletion methods
- `func DeleteByID[T any](ctx context.Context, id int64) (int64, error)`
- `func DeleteByIDs[T any](ctx context.Context, ids ...int64) error`
- `func Delete[T any](ctx context.Context, opts FindOptions) (int64,
error)`

So, we no longer need any specific deletion method and can just use
the generic ones instead.

Replacement of #28450

Closes #28450

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-12-25 21:25:29 +01:00
wxiaoguang b41925cee3
Refactor CORS handler (#28587)
The CORS code has been unmaintained for long time, and the behavior is
not correct.

This PR tries to improve it. The key point is written as comment in
code. And add more tests.

Fix #28515
Fix #27642
Fix #17098
2023-12-25 20:13:18 +08:00
Kyle D 33439b733a
Disable query token param in integration tests (#28592)
Follow up to https://github.com/go-gitea/gitea/pull/28484, this PR
enables the setting for integration tests and migrates a few additional
test queries.
2023-12-23 11:29:51 +08:00
KN4CK3R 838db2f891
Convert to url auth to header auth in tests (#28484)
Related #28390
2023-12-21 23:59:59 +00:00
Lunny Xiao 408a484224
Adjust object format interface (#28469)
- Remove `ObjectFormatID`
- Remove function `ObjectFormatFromID`.
- Use `Sha1ObjectFormat` directly but not a pointer because it's an
empty struct.
- Store `ObjectFormatName` in `repository` struct
2023-12-17 11:56:08 +00:00
Adam Majer cbf923e87b
Abstract hash function usage (#28138)
Refactor Hash interfaces and centralize hash function. This will allow
easier introduction of different hash function later on.

This forms the "no-op" part of the SHA256 enablement patch.
2023-12-13 21:02:00 +00:00
Lunny Xiao 717d0f5934
Do some missing checks (#28423) 2023-12-12 05:01:17 +00:00
Lunny Xiao aeb383025f
Also sync DB branches on push if necessary (#28361)
Fix #28056 

This PR will check whether the repo has zero branch when pushing a
branch. If that, it means this repository hasn't been synced.

The reason caused that is after user upgrade from v1.20 -> v1.21, he
just push branches without visit the repository user interface. Because
all repositories routers will check whether a branches sync is necessary
but push has not such check.

For every repository, it has two states, synced or not synced. If there
is zero branch for a repository, then it will be assumed as non-sync
state. Otherwise, it's synced state. So if we think it's synced, we just
need to update branch/insert new branch. Otherwise do a full sync. So
that, for every push, there will be almost no extra load added. It's
high performance than yours.

For the implementation, we in fact will try to update the branch first,
if updated success with affect records > 0, then all are done. Because
that means the branch has been in the database. If no record is
affected, that means the branch does not exist in database. So there are
two possibilities. One is this is a new branch, then we just need to
insert the record. Another is the branches haven't been synced, then we
need to sync all the branches into database.
2023-12-09 13:30:56 +00:00
Lunny Xiao dd30d9d5c0
Remove GetByBean method because sometimes it's danger when query condition parameter is zero and also introduce new generic methods (#28220)
The function `GetByBean` has an obvious defect that when the fields are
empty values, it will be ignored. Then users will get a wrong result
which is possibly used to make a security problem.

To avoid the possibility, this PR removed function `GetByBean` and all
references.
And some new generic functions have been introduced to be used.

The recommand usage like below.

```go
// if query an object according id
obj, err := db.GetByID[Object](ctx, id)
// query with other conditions
obj, err := db.Get[Object](ctx, builder.Eq{"a": a, "b":b})
```
2023-12-07 15:27:36 +08:00
KN4CK3R a95d5b7702
Add HEAD support for rpm repo files (#28309)
Fixes https://codeberg.org/forgejo/forgejo/issues/1810

zypper uses HEAD requests to check file existence.

https://github.com/openSUSE/libzypp/blob/HEAD/zypp/RepoManager.cc#L2549

https://github.com/openSUSE/libzypp/blob/HEAD/zypp-curl/ng/network/private/downloaderstates/basicdownloader_p.cc#L116

@ExplodingDragon fyi
2023-12-05 08:01:02 +00:00
Lunny Xiao 882e502327
Fix comment permissions (#28213)
This PR will fix some missed checks for private repositories' data on
web routes and API routes.
2023-11-25 17:21:21 +00:00
Lunny Xiao df1e7d0067
Use db.Find instead of writing methods for every object (#28084)
For those simple objects, it's unnecessary to write the find and count
methods again and again.
2023-11-24 03:49:41 +00:00
Denys Konovalov 816e46ee7c
add skip ci functionality (#28075)
Adds the possibility to skip workflow execution if the commit message
contains a string like [skip ci] or similar.

The default strings are the same as on GitHub, users can also set custom
ones in app.ini

Reference:
https://docs.github.com/en/actions/managing-workflow-runs/skipping-workflow-runs

Close #28020
2023-11-18 13:37:08 +02:00
Earl Warren 340055ab6c
Enable system users search via the API (#28013)
Refs: https://codeberg.org/forgejo/forgejo/issues/1403

(cherry picked from commit dd4d17c159eaf8b642aa9e6105b0532e25972bb7)
2023-11-13 15:31:38 +01:00
Earl Warren f2ea31de36
Enable system users for comment.LoadPoster (#28014)
System users (Ghost, ActionsUser, etc) have a negative id and may be the
author of a comment, either because it was created by a now deleted user
or via an action using a transient token.

The GetPossibleUserByID function has special cases related to system
users and will not fail if given a negative id.

Refs: https://codeberg.org/forgejo/forgejo/issues/1425 

(cherry picked from commit 6a2d2fa24390116d31ae2507c0a93d423f690b7b)
2023-11-13 15:30:08 +01:00
KN4CK3R 4f4fea734c
Unify two factor check (#27915)
Fixes #27819

We have support for two factor logins with the normal web login and with
basic auth. For basic auth the two factor check was implemented at three
different places and you need to know that this check is necessary. This
PR moves the check into the basic auth itself.
2023-11-06 08:22:39 +00:00
Jean-Baptiste Gomond 9106514e51
Add user secrets API integration tests (#27832)
Adds the missing user secrets API integration tests so #27829 does not
happen again
2023-10-31 11:46:09 +08:00
KN4CK3R b36e2ca419
List all Debian package versions in Packages (#27786)
Closes #27783

This PR lists all and not only the latest package versions in the
`Packages` index.
2023-10-29 14:14:47 +00:00
silverwind ce83609ff6
Upgrade to golangci-lint@v1.55.0 (#27756)
https://github.com/golangci/golangci-lint/releases/tag/v1.55.0
2023-10-24 02:54:59 +00:00
Lunny Xiao 9852c92e9a
Remove unnecessary parameter (#27671) 2023-10-18 15:03:10 +00:00
Jason Song 1be49fdda6
Improve retrying index issues (#27554)
Fix #27540
2023-10-15 18:56:57 +00:00
Lunny Xiao cddf245c12
Replace more db.DefaultContext (#27628)
Target #27065
2023-10-15 17:46:06 +02:00
JakobDev 76a85a4ce9
Final round of db.DefaultContext refactor (#27587)
Last part of #27065
2023-10-14 08:37:24 +00:00
Evan Tobin ae419fa494
Fix permissions for Token DELETE endpoint to match GET and POST (#27610)
Fixes #27598

In #27080, the logic for the tokens endpoints were updated to allow
admins to create and view tokens in other accounts. However, the same
functionality was not added to the DELETE endpoint. This PR makes the
DELETE endpoint function the same as the other token endpoints and adds unit tests
2023-10-14 08:04:44 +00:00
KN4CK3R c6c829fe3f
Enhanced auth token / remember me (#27606)
Closes #27455

> The mechanism responsible for long-term authentication (the 'remember
me' cookie) uses a weak construction technique. It will hash the user's
hashed password and the rands value; it will then call the secure cookie
code, which will encrypt the user's name with the computed hash. If one
were able to dump the database, they could extract those two values to
rebuild that cookie and impersonate a user. That vulnerability exists
from the date the dump was obtained until a user changed their password.
> 
> To fix this security issue, the cookie could be created and verified
using a different technique such as the one explained at
https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#secure-remember-me-cookies.

The PR removes the now obsolete setting `COOKIE_USERNAME`.
2023-10-14 00:56:41 +00:00