Commit Graph

4158 Commits

Author SHA1 Message Date
wxiaoguang
6029d78ab5
Improve the maintainblity of the reserved username list (#32229)
Some checks are pending
release-nightly / nightly-binary (push) Waiting to run
release-nightly / nightly-docker-rootful (push) Waiting to run
release-nightly / nightly-docker-rootless (push) Waiting to run
2024-10-10 09:04:42 +00:00
Lunny Xiao
c2217670dd
Move admin routers from /admin to /-/admin (#32189)
Some checks are pending
release-nightly / nightly-binary (push) Waiting to run
release-nightly / nightly-docker-rootful (push) Waiting to run
release-nightly / nightly-docker-rootless (push) Waiting to run
Resolve #32181

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-10-10 04:56:49 +00:00
Lunny Xiao
d6d3c96e65
Fix bug when a token is given public only (#32204)
Some checks are pending
release-nightly / nightly-binary (push) Waiting to run
release-nightly / nightly-docker-rootful (push) Waiting to run
release-nightly / nightly-docker-rootless (push) Waiting to run
2024-10-08 12:51:09 +03:00
6543
bdd655f2bd
Allow filtering PRs by poster in the ListPullRequests API (#32209)
as title

---
*Sponsored by Kithara Software GmbH*
2024-10-07 23:21:07 +02:00
yp05327
5d6d025c9b
Add support for searching users by email (#30908)
Some checks are pending
release-nightly / nightly-binary (push) Waiting to run
release-nightly / nightly-docker-rootful (push) Waiting to run
release-nightly / nightly-docker-rootless (push) Waiting to run
Fix #30898

we have an option `SearchByEmail`, so enable it, then we can search user
by email.
Also added a test for it.
2024-10-04 17:45:06 +00:00
Lunny Xiao
a989404e23
Fix javascript error when an anonymous user visiting migration page (#32144)
Some checks are pending
release-nightly / nightly-binary (push) Waiting to run
release-nightly / nightly-docker-rootful (push) Waiting to run
release-nightly / nightly-docker-rootless (push) Waiting to run
This PR fixes javascript errors when an anonymous user visits the
migration page.
It also makes task view checking more restrictive.

The router moved from `/user/task/{id}/status` to
`/username/reponame/-/migrate/status` because it's a migrate status.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-10-02 04:37:16 +00:00
yp05327
70b7df0e5e
Support repo license (#24872)
Close #278
Close #24076

## Solutions:
- Use
[google/licenseclassifier](https://github.com/google/licenseclassifier/)
Test result between
[google/licensecheck](https://github.com/google/licensecheck) and
[go-license-detector](https://github.com/go-enry/go-license-detector):
https://github.com/go-gitea/gitea/pull/24872#issuecomment-1560361167
Test result between
[google/licensecheck](https://github.com/google/licensecheck) and
[google/licenseclassifier](https://github.com/google/licenseclassifier/):
https://github.com/go-gitea/gitea/pull/24872#issuecomment-1576092178
- Generate License Convert Name List to avoid import license templates
with same contents
Gitea automatically get latest license data from[
spdx/license-list-data](https://github.com/spdx/license-list-data).
But unfortunately, some license templates have same contents. #20915
[click here to see the
list](https://github.com/go-gitea/gitea/pull/24872#issuecomment-1584141684)
So we will generate a list of these license templates with same contents
and create a new file to save the result when using `make
generate-license`. (Need to decide the save path)
- Save License info into a new table `repo_license`
Can easily support searching repo by license in the future.

## Screen shot
Single License:

![image](https://github.com/go-gitea/gitea/assets/18380374/41260bd7-0b4c-4038-8592-508706cffa9f)

Multiple Licenses:

![image](https://github.com/go-gitea/gitea/assets/18380374/34ce2f73-7e18-446b-9b96-ecc4fb61bd70)

Triggers:
- [x] Push commit to default branch
- [x] Create repo
- [x] Mirror repo
- [x] When Default Branch is changed, licenses should be updated

Todo:
- [x] Save Licenses info in to DB when there's a change to license file
in the commit
- [x] DB Migration
- [x] A nominal test?
- [x] Select which library to
use(https://github.com/go-gitea/gitea/pull/24872#issuecomment-1560361167)
- [x] API Support
- [x] Add repo license table
- ~Select license in settings if there are several licenses(Not
recommended)~
- License board(later, not in this PR)

![image](https://github.com/go-gitea/gitea/assets/18380374/2c3c3bf8-bcc2-4c6d-8ce0-81d1a9733878)

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: 6543 <m.huber@kithara.com>
Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.com>
2024-10-01 15:25:08 -04:00
Zettat123
f4b8f6fc40
Fix the logic of finding the latest pull review commit ID (#32139)
Some checks failed
release-nightly / nightly-binary (push) Has been cancelled
release-nightly / nightly-docker-rootful (push) Has been cancelled
release-nightly / nightly-docker-rootless (push) Has been cancelled
Fix #31423
2024-10-01 01:58:55 +00:00
Lunny Xiao
3f9e360142
Don't join repository when loading action table data (#32127)
Some checks failed
release-nightly / nightly-binary (push) Has been cancelled
release-nightly / nightly-docker-rootful (push) Has been cancelled
release-nightly / nightly-docker-rootless (push) Has been cancelled
2024-09-26 04:50:30 +00:00
Lunny Xiao
e2f365b55c
Display head branch more comfortable on pull request view (#32000)
This PR do some minor improvements for head branch display on pull
request view UI.

- [x] Remove the link if the head branch has been deleted with a
tooltip, so that users will not result in a 404 page
- [x] Display a label if this pull request is an agit based one.

![图片](https://github.com/user-attachments/assets/872f26b6-f1cf-4427-9e41-e3a5b176dfa4)
2024-09-24 04:14:57 +00:00
Timon van der Berg
ebfde84529
Repo Activity: count new issues that were closed (#31776)
I'm new to go and contributing to gitea, your guidance is much
appreciated.

This is meant to solve https://github.com/go-gitea/gitea/issues/13309

Previously, closed issues would not be shown under new issues in the
activity tab, even if they were newly created.

changes:
* Split out newlyCreatedIssues from issuesForActivityStatement to count
  both currently open and closed issues.
* Use a seperate function to count active issues to prevent
double-counting issues after the above change.

Result is that new issues that have been closed are shown both under
"new" and "closed".

Signed-off-by: Timon van der Berg <tmnvanderberg@gmail.com>
2024-09-21 18:57:01 +00:00
Kemal Zebari
adea500aa0
Resolve duplicate local string key related to PR comments (#32073)
A regression in #31924 caused there to be two `issues.review.comment`
keys in the English language locale file, leading to a problem when
reading PR review histories that contain comments.

This snapshot addresses this by making the newer key unique.
2024-09-18 19:46:41 +00:00
Bruno Sofiato
7dde3e6489
Included tag search capabilities (#32045)
Resolves #31998

The first screenshot shows the tag page without any filter being
applied:


![image](https://github.com/user-attachments/assets/eac0e51c-9e48-42b2-bb1c-a25896ca40cb)

The second one, shows the page when the given filter returns no tag:


![image](https://github.com/user-attachments/assets/98df191e-1a7b-4947-b0ef-4987a0293c3e)

The last one shows a single tag being filtered:


![image](https://github.com/user-attachments/assets/79c7e05e-8c86-4f06-b17e-15818b7b9291)

Signed-off-by: Bruno Sofiato <bruno.sofiato@gmail.com>
2024-09-18 02:33:11 +08:00
Lauris BH
4ab6fc62d2
Add option to filter board cards by labels and assignees (#31999)
Works in both organization and repository project boards

Fixes #21846

Replaces #21963
Replaces #27117
 

![image](https://github.com/user-attachments/assets/1837ace8-3de2-444f-a153-e166bd0da2c0)

**Note** that implementation was made intentionally to work same as in
issue list so that URL can be bookmarked for quick access with
predefined filters in URL
2024-09-12 03:53:40 +00:00
techknowlogick
d9a7748cdc
bump to go 1.23 (#31855) 2024-09-10 02:23:07 +00:00
techknowlogick
f183783baa
Save initial signup information for users to aid in spam prevention (#31852)
This will allow instance admins to view signup pattern patterns for
public instances. It is modelled after discourse, mastodon, and
MediaWiki's approaches.

Note: This has privacy implications, but as the above-stated open-source
projects take this approach, especially MediaWiki, which I have no doubt
looked into this thoroughly, it is likely okay for us, too. However, I
would be appreciative of any feedback on how this could be improved.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2024-09-09 17:05:16 -04:00
william-allspice
e9c64f41a6
Distinguish official vs non-official reviews, add tool tips, and upgr… (#31924)
This Pull Request is a follow up to
https://github.com/go-gitea/gitea/pull/31886:

1. Adds a UI indicator between official (green) and unofficial (grey)
approved pull requests on the Pull Request page (as suggested by
@kdumontnu )
2. Adds tooltips adding clarity to the type and status of a review on
the Pull Request page (as suggested by @kdumontnu)
3. Updates text adding more clarity to required approvals (as suggested
by @kdumontnu)
4. Updates text on the branch settings page explaining what branch
approval limitations (as suggested by @yp05327)

Official approval:
<img width="376" alt="Screenshot 2024-08-26 at 1 03 52 PM"
src="https://github.com/user-attachments/assets/500f083d-bfc0-45c5-82b7-b98e20495696">

Unofficial approval:
<img width="442" alt="Screenshot 2024-08-26 at 12 53 15 PM"
src="https://github.com/user-attachments/assets/e8c565ff-5886-4ce1-8b79-a0fa26c282f7">

Rejected approval:
<img width="452" alt="Screenshot 2024-08-26 at 12 53 06 PM"
src="https://github.com/user-attachments/assets/aebc0e2f-7052-4dea-8098-7caa0db86617">

Stale approval:
<img width="546" alt="Screenshot 2024-08-26 at 1 07 59 PM"
src="https://github.com/user-attachments/assets/da599ff3-e35c-4fa3-8141-ed80b738dd77">

Requested review tooltip:
<img width="434" alt="Screenshot 2024-08-26 at 12 53 22 PM"
src="https://github.com/user-attachments/assets/460d163e-8724-43b6-8760-34b285da8fe2">

Updated text for approvals:
<img width="991" alt="Screenshot 2024-08-26 at 12 54 00 PM"
src="https://github.com/user-attachments/assets/ab3ff012-9742-4c1b-933d-21addcb89f2c">

Updated text for allowlisted/whitelisted approvals:
<img width="990" alt="Screenshot 2024-08-26 at 1 01 40 PM"
src="https://github.com/user-attachments/assets/1a5bae61-d9e0-4d96-b86f-92610b0940d1">

Protected branch settings text:
<img width="1022" alt="Screenshot 2024-08-26 at 1 01 14 PM"
src="https://github.com/user-attachments/assets/892ce208-e1c2-41f7-8fec-46d5a0e7e776">

Comments list:
<img width="1048" alt="Screenshot 2024-08-28 at 9 25 31 AM"
src="https://github.com/user-attachments/assets/9c5c00c5-06cf-43b3-b413-4f7f673609b2">

---------

Co-authored-by: Kyle D. <kdumontnu@gmail.com>
2024-09-06 06:40:02 +00:00
Lunny Xiao
5c05dddbed
Fix nuget/conan/container packages upload bugs (#31967) 2024-09-05 07:05:42 +00:00
Lunny Xiao
85b1f3080c
Improve get feed with pagination (#31821)
Fix #31752

@somera

---------

Co-authored-by: delvh <dev.lh@web.de>
2024-09-02 19:05:09 +00:00
Saulius Gurklys
10fd60412d
Remove "dsa-1024" testcases from Test_SSHParsePublicKey and Test_calcFingerprint (#31905)
DSA is considered inherently insecure and is already disabled/removed in
OpenSSH 9.8.

Therefore "dsa-1024" tescases are failing.

```
--- FAIL: Test_calcFingerprint (0.02s)
    --- FAIL: Test_calcFingerprint/dsa-1024 (0.00s)
        --- FAIL: Test_calcFingerprint/dsa-1024/SSHKeygen (0.00s)
            ssh_key_test.go:196:
                        Error Trace:    /src/gitea/models/asymkey/ssh_key_test.go:196
                        Error:          Received unexpected error:
                                        Unable to verify key content [result: /tmp/gitea_keytest1239408114 is not a public key file.
                                        ]
                        Test:           Test_calcFingerprint/dsa-1024/SSHKeygen
            ssh_key_test.go:197:
                        Error Trace:    /src/gitea/models/asymkey/ssh_key_test.go:197
                        Error:          Not equal:
                                        expected: "SHA256:fSIHQlpKMDsGPVAXI8BPYfRp+e2sfvSt1sMrPsFiXrc"
                                        actual  : ""

                                        Diff:
                                        --- Expected
                                        +++ Actual
                                        @@ -1 +1 @@
                                        -SHA256:fSIHQlpKMDsGPVAXI8BPYfRp+e2sfvSt1sMrPsFiXrc
                                        +
                        Test:           Test_calcFingerprint/dsa-1024/SSHKeygen
FAIL
```

Fix #31624
2024-08-24 10:07:16 +00:00
Lunny Xiao
8b92eba21f
Fix agit automerge (#31207) 2024-08-20 14:17:21 +08:00
Lunny Xiao
ccf7366db0
Add tag name in the commits list (#31082)
Fix #10036

This PR adds some labels for tags of this commit after the commit
message on the commits table. The tag template is share as commit
graph's.

Desktop:
<img width="1302" alt="image"
src="https://github.com/go-gitea/gitea/assets/81045/ba94e1e6-2a3d-44f3-85a3-575fb5667c97">

Mobile:
<img width="370" alt="image"
src="https://github.com/go-gitea/gitea/assets/81045/e3eb1f44-3686-4012-aa9d-52cd88b22c0e">
2024-08-19 17:04:06 +00:00
Lunny Xiao
b491b2104f
Fix panic of ssh public key page after deletion of auth source (#31829)
Fix #31730 

This PR rewrote the function `PublicKeysAreExternallyManaged` with a
simple test. The new function removed the loop to make it more readable.
2024-08-15 23:59:01 +08:00
Edip Emre Bodur
a4dac59643
Fixes for unreachable project issues when transfer repository from organization (#31770)
When transferring repositories that have issues linked to a project
board to another organization, the issues remain associated with the
original project board. This causes the columns in the project board to
become bugged, making it difficult to move other issues in or out of the
affected columns. As a solution, I removed the issue relations since the
other organization does not have this project table.

Fix for #31538

Co-authored-by: Jason Song <i@wolfogre.com>
2024-08-13 02:53:43 +00:00
Jason Song
0470646d46
Show lock owner instead of repo owner on LFS setting page (#31788)
Fix #31784.

Before:

<img width="1648" alt="image"
src="https://github.com/user-attachments/assets/03f32545-4a85-42ed-bafc-2b193a5d8023">

After:

<img width="1653" alt="image"
src="https://github.com/user-attachments/assets/e5bcaf93-49cb-421f-aac1-5122bc488b02">
2024-08-11 14:48:20 +00:00
FuXiaoHei
df27846628
Show latest run when visit /run/latest (#31808)
Proposal from
https://github.com/go-gitea/gitea/issues/27911#issuecomment-2271982172

When visit latest run path, such as
`/{user}/{repo}/actions/runs/latest`. It renders latest run instead of
index=0 currently.
2024-08-10 08:40:41 +08:00
Jason Song
33cc5837a6
Support compression for Actions logs (#31761)
Support compression for Actions logs to save storage space and
bandwidth. Inspired by
https://github.com/go-gitea/gitea/issues/24256#issuecomment-1521153015

The biggest challenge is that the compression format should support
[seekable](https://github.com/facebook/zstd/blob/dev/contrib/seekable_format/zstd_seekable_compression_format.md).
So when users are viewing a part of the log lines, Gitea doesn't need to
download the whole compressed file and decompress it.

That means gzip cannot help here. And I did research, there aren't too
many choices, like bgzip and xz, but I think zstd is the most popular
one. It has an implementation in Golang with
[zstd](https://github.com/klauspost/compress/tree/master/zstd) and
[zstd-seekable-format-go](https://github.com/SaveTheRbtz/zstd-seekable-format-go),
and what is better is that it has good compatibility: a seekable format
zstd file can be read by a regular zstd reader.

This PR introduces a new package `zstd` to combine and wrap the two
packages, to provide a unified and easy-to-use API.

And a new setting `LOG_COMPRESSION` is added to the config, although I
don't see any reason why not to use compression, I think's it's a good
idea to keep the default with `none` to be consistent with old versions.

`LOG_COMPRESSION` takes effect for only new log files, it adds `.zst` as
an extension to the file name, so Gitea can determine if it needs
decompression according to the file name when reading. Old files will
keep the format since it's not worth converting them, as they will be
cleared after #31735.

<img width="541" alt="image"
src="https://github.com/user-attachments/assets/e9598764-a4e0-4b68-8c2b-f769265183c9">
2024-08-09 10:10:30 +08:00
Lunny Xiao
791d7fc76a
Add issue comment when moving issues from one column to another of the project (#29311)
Fix #27278
Replace #27816

This PR adds a meta-comment for an issue when dragging an issue from one
column to another of a project.

<img width="600" alt="image"
src="https://github.com/go-gitea/gitea/assets/81045/5fc1d954-430e-4db0-aaee-a00006fa91f5">

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: yp05327 <576951401@qq.com>
2024-08-09 01:29:02 +00:00
Edip Emre Bodur
94cca8846e
Fix null requested_reviewer from API (#31773)
If the assign the pull request review to a team, it did not show the
members of the team in the "requested_reviewers" field, so the field was
null. As a solution, I added the team members to the array.

fix #31764
2024-08-05 10:59:53 +00:00
Lunny Xiao
572aaebd96
Rename head branch of pull requests when renaming a branch (#31759)
Fix #31716
2024-08-04 03:21:42 +00:00
Kemal Zebari
0e3d8f8048
Remove unused code from models/repos/release.go (#31756)
These blocks aren't used anywhere else when doing a grep search.
2024-08-02 14:23:49 +00:00
Jason Song
687c118248
Clear up old Actions logs (#31735)
Part of #24256.

Clear up old action logs to free up storage space.

Users will see a message indicating that the log has been cleared if
they view old tasks.

<img width="1361" alt="image"
src="https://github.com/user-attachments/assets/9f0f3a3a-bc5a-402f-90ca-49282d196c22">

Docs: https://gitea.com/gitea/docs/pulls/40

---------

Co-authored-by: silverwind <me@silverwind.io>
2024-08-02 00:42:08 +00:00
Jason Song
21a73ae642
Use UTC as default timezone when schedule Actions cron tasks (#31742)
Fix #31657.

According to the
[doc](https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#onschedule)
of GitHub Actions, The timezone for cron should be UTC, not the local
timezone. And Gitea Actions doesn't have any reasons to change this, so
I think it's a bug.

However, Gitea Actions has extended the syntax, as it supports
descriptors like `@weekly` and `@every 5m`, and supports specifying the
timezone like `TZ=UTC 0 10 * * *`. So we can make it use UTC only when
the timezone is not specified, to be compatible with GitHub Actions, and
also respect the user's specified.

It does break the feature because the times to run tasks would be
changed, and it may confuse users. So I don't think we should backport
this.

## ⚠️ BREAKING ⚠️

If the server's local time zone is not UTC, a scheduled task would run
at a different time after upgrading Gitea to this version.
2024-08-01 10:02:46 +00:00
Jason Song
a33e74d40d
Clarify Actions resources ownership (#31724)
Fix #31707.

Also related to #31715.

Some Actions resources could has different types of ownership. It could
be:

- global: all repos and orgs/users can use it.
- org/user level: only the org/user can use it.
- repo level: only the repo can use it.

There are two ways to distinguish org/user level from repo level:
1. `{owner_id: 1, repo_id: 2}` for repo level, and `{owner_id: 1,
repo_id: 0}` for org level.
2. `{owner_id: 0, repo_id: 2}` for repo level, and `{owner_id: 1,
repo_id: 0}` for org level.

The first way seems more reasonable, but it may not be true. The point
is that although a resource, like a runner, belongs to a repo (it can be
used by the repo), the runner doesn't belong to the repo's org (other
repos in the same org cannot use the runner). So, the second method
makes more sense.

And the first way is not user-friendly to query, we must set the repo id
to zero to avoid wrong results.

So, #31715 should be right. And the most simple way to fix #31707 is
just:

```diff
-	shared.GetRegistrationToken(ctx, ctx.Repo.Repository.OwnerID, ctx.Repo.Repository.ID)
+	shared.GetRegistrationToken(ctx, 0, ctx.Repo.Repository.ID)
```

However, it is quite intuitive to set both owner id and repo id since
the repo belongs to the owner. So I prefer to be compatible with it. If
we get both owner id and repo id not zero when creating or finding, it's
very clear that the caller want one with repo level, but set owner id
accidentally. So it's OK to accept it but fix the owner id to zero.
2024-08-01 09:04:04 +00:00
Jason Song
9e31b229bd
Exclude protected branches from recently pushed (#31748)
Resolve #31566.

Updates to protected branches often come from PR merges, and they are
unlikely to be used to create new PRs.

<img width="1346" alt="image"
src="https://github.com/user-attachments/assets/9ed72bd6-0303-435d-856c-184784104c6a">
<img width="1347" alt="image"
src="https://github.com/user-attachments/assets/c1a1df4b-1c16-4116-aea3-d452242119e0">
<img width="1336" alt="image"
src="https://github.com/user-attachments/assets/706034ad-d3c3-4853-a6b8-cbaf87c70ba0">
2024-08-01 10:21:28 +03:00
yp05327
75d0b61546
Fix the display of project type for deleted projects (#31732)
Fix: #31727
After:

![image](https://github.com/user-attachments/assets/1dfb4b31-3bd6-47f7-b126-650f33f453e2)
2024-07-30 04:37:43 +00:00
yp05327
0a11bce87f
Fix Null Pointer error for CommitStatusesHideActionsURL (#31731)
Fix https://github.com/go-gitea/gitea/pull/30156#discussion_r1695247028

Forgot fixing it in #31719
2024-07-30 02:56:25 +00:00
yp05327
7b388630ec
Fix loadRepository error when access user dashboard (#31719) 2024-07-29 06:51:02 +00:00
yp05327
e0a408e6f3
Add permission check when creating PR (#31033)
user should be a collaborator of the base repo to create a PR
2024-07-29 02:21:22 +00:00
Lunny Xiao
d109923ed8
Make GetRepositoryByName more safer (#31712)
Fix #31708
2024-07-29 01:32:54 +00:00
Zettat123
7dec8de914
Hide the "Details" link of commit status when the user cannot access actions (#30156)
Fix #26685

If a commit status comes from Gitea Actions and the user cannot access
the repo's actions unit (the user does not have the permission or the
actions unit is disabled), a 404 page will occur after clicking the
"Details" link. We should hide the "Details" link in this case.

<img
src="https://github.com/go-gitea/gitea/assets/15528715/68361714-b784-4bb5-baab-efde4221f466"
width="400px" />
2024-07-28 23:11:40 +08:00
yp05327
cc044818c3
Support delete user email in admin panel (#31690)
![QQ_1721784609320](https://github.com/user-attachments/assets/23f08bf3-93f4-44d7-963d-10380ef8c1f1)

![QQ_1721784616403](https://github.com/user-attachments/assets/667cbd1e-5e21-4489-8d18-2a7be85190db)

![QQ_1721784626722](https://github.com/user-attachments/assets/495beb94-dfa2-481c-aa60-d5115cad1ae1)

---------

Co-authored-by: Jason Song <i@wolfogre.com>
2024-07-25 18:11:04 +08:00
Denys Konovalov
a8d0c879c3
add skip secondary authorization option for public oauth2 clients (#31454) 2024-07-19 14:28:30 -04:00
Rowan Bohde
416c36f303
allow synchronizing user status from OAuth2 login providers (#31572)
This leverages the existing `sync_external_users` cron job to
synchronize the `IsActive` flag on users who use an OAuth2 provider set
to synchronize. This synchronization is done by checking for expired
access tokens, and using the stored refresh token to request a new
access token. If the response back from the OAuth2 provider is the
`invalid_grant` error code, the user is marked as inactive. However, the
user is able to reactivate their account by logging in the web browser
through their OAuth2 flow.

Also changed to support this is that a linked `ExternalLoginUser` is
always created upon a login or signup via OAuth2.

### Notes on updating permissions
Ideally, we would also refresh permissions from the configured OAuth
provider (e.g., admin, restricted and group mappings) to match the
implementation of LDAP. However, the OAuth library used for this `goth`,
doesn't seem to support issuing a session via refresh tokens. The
interface provides a [`RefreshToken`
method](https://github.com/markbates/goth/blob/master/provider.go#L20),
but the returned `oauth.Token` doesn't implement the `goth.Session` we
would need to call `FetchUser`. Due to specific implementations, we
would need to build a compatibility function for every provider, since
they cast to concrete types (e.g.
[Azure](https://github.com/markbates/goth/blob/master/providers/azureadv2/azureadv2.go#L132))

---------

Co-authored-by: Kyle D <kdumontnu@gmail.com>
2024-07-16 20:33:16 +02:00
Bartlomiej Komendarczuk
e8d4b7a8b1
Added default sorting milestones by name (#27084)
#26996 
Added default sorting for milestones by name.
Additional, name for sorting closestduedate and furthestduedate was
broken, so I fixed it.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-07-16 10:08:54 +02:00
Lunny Xiao
0d08bb6112
Upgrade xorm to v1.3.9 and improve some migrations Sync (#29899)
Co-authored-by: 6543 <6543@obermui.de>
2024-07-14 17:15:59 -04:00
wxiaoguang
72b6bc8caf
Refactor webhook (#31587)
A more complete fix for #31588

1. Make "generic" code more readable
2. Clarify HTML or Markdown for the payload content
2024-07-10 11:37:16 +00:00
Rowan Bohde
1ee59f0fa3
Allow disabling authentication related user features (#31535)
We have some instances that only allow using an external authentication
source for authentication. In this case, users changing their email,
password, or linked OpenID connections will not have any effect, and
we'd like to prevent showing that to them to prevent confusion.

Included in this are several changes to support this:
* A new setting to disable user managed authentication credentials
(email, password & OpenID connections)
* A new setting to disable user managed MFA (2FA codes & WebAuthn)
* Fix an issue where some templates had separate logic for determining
if a feature was disabled since it didn't check the globally disabled
features
* Hide more user setting pages in the navbar when their settings aren't
enabled

---------

Co-authored-by: Kyle D <kdumontnu@gmail.com>
2024-07-09 17:36:31 +00:00
6543
4696bcb3f7
Use FullName in Emails to address the recipient if possible (#31527)
Before we had just the plain mail address as recipient. But now we
provide additional Information for the Mail clients.

---
*Sponsored by Kithara Software GmbH*
2024-07-08 08:38:45 +00:00
Henry Goodman
12cb1d2998
Allow force push to protected branches (#28086)
Fixes #22722 

### Problem
Currently, it is not possible to force push to a branch with branch
protection rules in place. There are often times where this is necessary
(CI workflows/administrative tasks etc).

The current workaround is to rename/remove the branch protection,
perform the force push, and then reinstate the protections.

### Solution
Provide an additional section in the branch protection rules to allow
users to specify which users with push access can also force push to the
branch. The default value of the rule will be set to `Disabled`, and the
UI is intuitive and very similar to the `Push` section.

It is worth noting in this implementation that allowing force push does
not override regular push access, and both will need to be enabled for a
user to force push.

This applies to manual force push to a remote, and also in Gitea UI
updating a PR by rebase (which requires force push)

This modifies the `BranchProtection` API structs to add:
- `enable_force_push bool`
- `enable_force_push_whitelist bool`
- `force_push_whitelist_usernames string[]`
- `force_push_whitelist_teams string[]`
- `force_push_whitelist_deploy_keys bool`

### Updated Branch Protection UI:

<img width="943" alt="image"
src="https://github.com/go-gitea/gitea/assets/79623665/7491899c-d816-45d5-be84-8512abd156bf">

### Pull Request `Update branch by Rebase` option enabled with source
branch `test` being a protected branch:


![image](https://github.com/go-gitea/gitea/assets/79623665/e018e6e9-b7b2-4bd3-808e-4947d7da35cc)
<img width="1038" alt="image"
src="https://github.com/go-gitea/gitea/assets/79623665/57ead13e-9006-459f-b83c-7079e6f4c654">

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-07-05 18:21:56 +00:00