Commit graph

1180 commits

Author SHA1 Message Date
Unknwon a752f09055 #2709 validate username attribute fetched from LDAP 2016-07-12 07:07:57 +08:00
Unknwon 70a281a39b #2375 preserve cases for action content 2016-07-09 23:37:32 +08:00
Unknwon 9fcf66f0e0 Minor fix for #3246 2016-07-09 13:42:05 +08:00
Pablo Saavedra 98b152030d The pruning for the synchronized mirrors is a option now. Default value: enable_prune = true (#3246)
Executed go fmt

getEngine() not handles DB parameters (#2972) (#2974)

Uses .AllCols() for Update in updateMirror()

Spanish traslation removed

Fixed a wrong way to ommit the --prune option in process.ExecDir() for MirrorUpdate function
2016-07-09 13:22:28 +08:00
Pheng Heong TAN 467d7dacb6 Modify behaviour of repo-delete. (#3232)
Re: issues gogits/gogs#2863 and gogits/gogs#3231

As a result of modifications to the contents of the conf folder, `make bindata`
was run, causing an update to bindata.go.

Meta
-----
This commit will be rebased onto the 'develop' branch.
2016-07-09 13:13:57 +08:00
Unknwon d62ab49978 #3057 retrieve webhook with repo_id
This prevents user retrieve arbitrary webhook by changing URL to
access webhook from other unauthorized repositories.
2016-07-08 13:57:09 +08:00
Unknwon e30c701386 #3229 disallow repository name . and ..
Since . and .. has browser automatical behaviors, we need to disallow those names.
2016-07-08 07:34:05 +08:00
Unknwon 401bf944ef Use SecurityProtocol to replace UseSSL in LDAP config
Initially proposed by #2376 and fixes #3068 as well.
2016-07-08 07:25:09 +08:00
Unknwon 4b25bdfbc4 #3058 #3059 support correct page size and link header 2016-07-04 17:27:06 +08:00
Tom 528682a294 getEngine() not handles DB parameters (#2972) (#2974) 2016-07-02 22:39:39 +08:00
Unknwon 3a30c06345 Fix wiki vulnerabilities
- Arbitrary file creation leading to command execution
- .md file creation/deletion

Reported by Gabriel Campana.
2016-07-01 15:33:35 +08:00
Andrey Nering 743d22669a Re-work MAX_DIFF_LINES: supress diff per file, not the whole diff (#3174) 2016-06-29 23:11:00 +08:00
Andrey Nering 6efb1e5626 Localize collaboration settings. (#3100)
Closes #2764
2016-06-28 00:22:30 +08:00
Sandro Santilli 8a248696e9 Use a gopher as default avatar (rather than the gravatar logo) (#3208)
Also changes the avatar from a jpeg to a png, to allow for
transparent background. The indexed png is also smaller in size.

Note that at the moment the default avatar is only used when
the user requested a custom avatar and the custom avatar file
is not found (should never happen).

In the future the default avatar could be used as a default
return when by-mail avatar lookups fail too (both gravatar
and libravatar support passing a default)
2016-06-27 18:12:30 +08:00
Franz Schmidt 8b35c194ec Fixes #3110 (#3136) 2016-06-27 17:02:39 +08:00
Robin Lambertz ac05f88641 Fix #3154 (#3155) 2016-06-27 16:58:53 +08:00
SjonHortensius 17a4d8a5e5 Fix capitalisation of repo-name in news (#3203)
use 'official' repo.Name instead of incoming repoName; to enforce
correct capitalisation
2016-06-27 16:10:12 +08:00
Robin Lambertz bc00da1721 Fix negative issue count (#3207) 2016-06-27 01:53:30 +08:00
Unknwon e9ae926e04 #809 fix wrong closed issue count when create closed issue via API
Add start count corrector for Repository.NumClosedIssues
2016-05-27 18:23:39 -07:00
Andrey Nering 12d30255a7 Add comment note (#3093) 2016-05-23 13:24:40 -07:00
Kim Carlbäcker 3c0c7a9f83 Fix listing team members (#3048) 2016-05-06 20:02:36 -04:00
Andrey Nering d8612f7704 Fix remove folder issues, including initialization failling. (#2969)
- Prevent panic on creating notice if database is not available
- Prevent incorrect folder on Windows ("/" instead of "\")
2016-05-06 15:48:18 -04:00
Unknwon 0a78d99a4d models/release: filter input to prevent command line argument vulnerability 2016-05-06 15:40:41 -04:00
Unknwon 0325bec283 #2895 minor fix for bug of xorm 2016-04-26 00:22:03 -04:00
Thomas Boerger dfad51fe9e Made the issue stats query more secure with parameterized placeholders (#2895) 2016-04-26 00:07:49 -04:00
Unknwon 78b8b63774 #2992 set default style name when empty in AfterSet 2016-04-22 18:36:05 -04:00
Cosmin Stroe ba314a7a36 Support alphanumeric issue style (ABC-1234) for external issue tracker (#2992) 2016-04-22 18:28:08 -04:00
Unknwon 762ab056a2 Fix XORM IN condition table name parse 2016-03-27 18:21:37 -04:00
Thomas Boerger 746c7fd4e7 Followup fix for previous query fix 2016-03-28 00:05:49 +02:00
Thomas Boerger b5948f2e71 Made the issues query more secure and simpler 2016-03-27 23:26:45 +02:00
Thomas Boerger 79a1bfd963 Try to make the SQL queries cleaner and more secure 2016-03-27 22:59:57 +02:00
Unknwon b1d41cfa60 #1692 add admin APIs to add/remove a user from teams 2016-03-25 18:04:02 -04:00
Unknwon 98b58fa050 Handle windows deletion when start
Fix #2872
2016-03-23 03:16:53 -04:00
Unknwon e6f927f61a #1692 api: admin list and create team under organization 2016-03-21 12:47:54 -04:00
Unknwon ff731ea07d #2814 LOWER() column value within search 2016-03-16 16:55:19 -04:00
Odin Ugedal 6ccb2d36cf Remove email from user search 2016-03-15 19:44:58 +01:00
Odin Ugedal 3253e3c5aa Make user search look in username, name and email
Make user search function look in username (lower_name), full name
(full_name) and primary email (email). This will benefit searching after
user in "explore", admin panel and when adding new collaborators.
2016-03-15 14:16:58 +01:00
Unknwon 9bd9ad4205 #1692 add CRUD issue APIs
- Fix go-gogs-client#10
- Related to #809
2016-03-13 23:20:22 -04:00
Unknwon f76d821bda fix #2804 2016-03-11 17:12:37 -05:00
Unknwon 263304b6b7 #13 fix postgres aggregate 2016-03-11 16:11:33 -05:00
Unknwon 2bf8494332 #13 finish user and repository search
Both are possible on explore and admin panel
2016-03-11 15:33:12 -05:00
Marin Jankovski 1314ba219e Updated and created were appended with _unix. Fresh databases have only the newly named fields. 2016-03-11 12:43:35 +01:00
Unknwon 5267dce210 Fix ref comment from commit create empty feed 2016-03-11 05:11:58 -05:00
Unknwon eed9966ad6 #2727 fix incompatible SQL in PostgreSQL 2016-03-09 23:18:39 -05:00
Unknwon ad513a20e9 #2302 Replace time.Time with Unix Timestamp (int64) 2016-03-09 19:53:30 -05:00
Unknwon 13bd16af92 Minor fixes for #2766 2016-03-06 13:24:42 -05:00
Tamás Molnár 9c91e27933 Added: Ability to delete org avatar. 2016-03-06 17:36:30 +01:00
Unknwon a5b0400be7 #1146 finish new access rights for collaborators 2016-03-05 20:45:23 -05:00
Unknwon 045f14fbd0 #1146 finsih UI work for access mode of collaborators
Collaborators have write access as default, and can be changed via repository
collaboration settings page to change between read, write and admin.
2016-03-05 18:08:42 -05:00
Unknwon 414eb22ef9 #1597 fix activitity feeds for pull requests 2016-03-05 12:58:51 -05:00