Commit graph

585 commits

Author SHA1 Message Date
mrsdizzie
e14cad79c9 Include custom configuration file in dump (#6516)
When running the dump command, include the specific configuration file
provided as part of the backup. Currently we only zip up custom/ and this
misses the config file if it is somewhere else, like /etc/gitea/app.ini

Fixes #6034
2019-04-05 09:24:28 -04:00
zeripath
704da08fdc
Better logging (#6038) (#6095)
* Panic don't fatal on create new logger

Fixes #5854

Signed-off-by: Andrew Thornton <art27@cantab.net>

* partial broken

* Update the logging infrastrcture

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Reset the skip levels for Fatal and Error

Signed-off-by: Andrew Thornton <art27@cantab.net>

* broken ncsa

* More log.Error fixes

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove nal

* set log-levels to lowercase

* Make console_test test all levels

* switch to lowercased levels

* OK now working

* Fix vetting issues

* Fix lint

* Fix tests

* change default logging to match current gitea

* Improve log testing

Signed-off-by: Andrew Thornton <art27@cantab.net>

* reset error skip levels to 0

* Update documentation and access logger configuration

* Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE

* Fix broken level caching

* Refactor the router log

* Add Router logger

* Add colorizing options

* Adjust router colors

* Only create logger if they will be used

* update app.ini.sample

* rename Attribute ColorAttribute

* Change from white to green for function

* Set fatal/error levels

* Restore initial trace logger

* Fix Trace arguments in modules/auth/auth.go

* Properly handle XORMLogger

* Improve admin/config page

* fix fmt

* Add auto-compression of old logs

* Update error log levels

* Remove the unnecessary skip argument from Error, Fatal and Critical

* Add stacktrace support

* Fix tests

* Remove x/sync from vendors?

* Add stderr option to console logger

* Use filepath.ToSlash to protect against Windows in tests

* Remove prefixed underscores from names in colors.go

* Remove not implemented database logger

This was removed from Gogs on 4 Mar 2016 but left in the configuration
since then.

* Ensure that log paths are relative to ROOT_PATH

* use path.Join

* rename jsonConfig to logConfig

* Rename "config" to "jsonConfig" to make it clearer

* Requested changes

* Requested changes: XormLogger

* Try to color the windows terminal

If successful default to colorizing the console logs

* fixup

* Colorize initially too

* update vendor

* Colorize logs on default and remove if this is not a colorizing logger

* Fix documentation

* fix test

* Use go-isatty to detect if on windows we are on msys or cygwin

* Fix spelling mistake

* Add missing vendors

* More changes

* Rationalise the ANSI writer protection

* Adjust colors on advice from @0x5c

* Make Flags a comma separated list

* Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING

* Ensure matching is done on the non-colored message - to simpify EXPRESSION
2019-04-02 08:48:31 +01:00
glaszig
dbba46c216 support custom file name in gitea dump command (#6474)
* support custom file name in `gitea dump` command

* simpler approach to handle default dump file name
in `gitea dump` command
2019-04-01 00:31:37 -04:00
Lunny Xiao
d578b71d61
move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364)
* move code.gitea.io/git to code.gitea.io/gitea/modules/git

* fix imports

* fix fmt

* fix misspell

* remove wrong tests data

* fix unit tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* enable Debug to trace the failure tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* comment commit count tests since git clone depth is 50

* fix tests

* update from code.gitea.io/git

* revert change to makefile
2019-03-27 17:33:00 +08:00
mrsdizzie
ca46385637 Clean up various use of escape/unescape functions for URL generation (#6334)
* Use PathUnescape instead of QueryUnescape when working with branch names

Currently branch names with a '+' fail in certain situations because
QueryUnescape replaces the + character with a blank space.

Using PathUnescape should be better since it is defined as:

// PathUnescape is identical to QueryUnescape except that it does not
// unescape '+' to ' ' (space).

Fixes #6333

* Change error to match new function name

* Add new util function PathEscapeSegments

This function simply runs PathEscape on each segment of a path without
touching the forward slash itself. We want to use this instead of
PathEscape/QueryEscape in most cases because a forward slash is a valid name for a
branch etc... and we don't want that escaped in a URL.

Putting this in new file url.go and also moving a couple similar
functions into that file as well.

* Use EscapePathSegments where appropriate

Replace various uses of EscapePath/EscapeQuery with new
EscapePathSegments. Also remove uncessary uses of various
escape/unescape functions when the text had already been escaped or was
not escaped.

* Reformat comment to make drone build happy

* Remove no longer used url library

* Requested code changes
2019-03-18 10:00:23 -04:00
Jonas Franz
e777c6bdc6 Integrate OAuth2 Provider (#5378) 2019-03-08 11:42:50 -05:00
zeripath
01c10a951b
Fix ssh deploy and user key constraints (#1357) (#5939)
1. A key can either be an ssh user key or a deploy key. It cannot be both.
2. If a key is a user key - it can only be associated with one user.
3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different.
4. If a repository is deleted, its deploy keys must be deleted too.

We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints:

- [x] You should not be able to add the same user key as another user
- [x] You should not be able to add a ssh user key which is being used as a deploy key
- [x] You should not be able to add a ssh deploy key which is being used as a user key
- [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode.
- [x] If you delete a repository you must delete all its deploy keys.

Fix #1357
2019-02-03 23:56:53 +00:00
zeripath
13c0f7dfff
Fix notifications on pushing with deploy keys by setting hook environment variables (#5935)
The gitea prerecieve and postrecieve hooks and the gitea PushUpdate function require that the PusherID and PusherName are real users. Previously, these environment variables were not being set when using a deploy key - the main result being that pushing to empty repositories meant that is_empty status was not changed.

I've also added an integration test to ensure that the is_empty status is updated on pushing with a deploy key.

There is a slight issue in that the deploy key is now considered a proxy for the owner - we don't have a way of separating out the deploy key from the owner at present. This can be fixed in another PR.

Fix #3795 

Signed-off-by: Andrew Thornton art27@cantab.net
2019-02-03 14:00:48 +00:00
zeripath
2902b3a68c
Fix #5866: Silence console logger in gitea serv (#5887)
By default, if `setting.NewContext()` prints out any warning logs, these are printed to the stdout breaking `git receive-pack` etc. meaning that even if there is a warning because of a minor problem in your app.ini but gitea starts despite this - you **CANNOT** push or pull over SSH.

This PR disables the console logger whilst in `serv.go`

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-02-03 11:19:28 +00:00
Lanre Adelowo
e1fcd6b742 Disallow empty titles (#5785)
* add util method and tests

* make sure the title of an issue cannot be empty

* wiki title cannot be empty

* pull request title cannot be empty

* update to make use of the new util methof
2019-01-21 13:45:32 +02:00
Zsombor
656456441c Add flag to skip repository dumping (#5695) 2019-01-13 16:52:25 -05:00
Lanre Adelowo
8d2c24f7f9 Allow for user specific themes (#5668)
* add migration and basic UI for changing a user's theme

* update user themem

* use right text on button

* load theme based on users' selection

* load theme based on users' selection in pwa too

* update sample config

* delete older theme loading

* implement AfterLoad to set users' theme properly

* set up default theme when creating a user. This uses the installation wide theme

* use flash messages for error

* set default theme when creating a user from the cli

* fix @lunny review
2019-01-09 12:22:57 -05:00
Lanre Adelowo
a82ba73346 Make sure argsSet verifies string isn't empty too (#4980) 2018-12-27 14:38:38 +02:00
Lunny Xiao
7fd34c0517
fix lfs version check warning log when using ssh protocol (#5501) 2018-12-19 09:17:43 +08:00
Greg Karékinian
ebef3eff23 Remove a double slash in the HTTPS redirection when Let's Encrypt is enabled (#5537)
Before:

$ curl 0.0.0.0:3001
<a href="https://gitea.example.com:3000//">Found</a>.

After:

$ curl 0.0.0.0:3001
<a href="https://gitea.example.com:3000/">Found</a>.

Fixes #5536
2018-12-12 23:00:24 +02:00
Lunny Xiao
af6bce3ad5 fix detect force push failure on deletion of protected branches (#5522) 2018-12-12 10:46:17 +02:00
Lunny Xiao
ba75319157 fix clone wiki failed via ssh (#5503) 2018-12-11 13:37:32 -05:00
Greg Karékinian
15d6cf179d Fix the Let's Encrypt handler by listening on a valid address (#5525)
* Fix the Let's Encrypt handler by listening on a valid address

Also handle errors in the HTTP server go routine, return a fatal error
when something goes wrong.

Thanks to @gbl08ma for finding the actual bug

Here is an example of the error handling:

    2018/12/11 14:23:07 [....io/gitea/cmd/web.go:87 func1()] [E] Failed to
    start the Let's Encrypt handler on port 30: listen tcp 0.0.0.0:30: bind:
    permission denied

Closes #5280

* Fix a typo
2018-12-11 10:46:12 -05:00
Lunny Xiao
eabbddcd98
Restrict permission check on repositories and fix some problems (#5314)
* fix units permission problems

* fix some bugs and merge LoadUnits to repoAssignment

* refactor permission struct and add some copyright heads

* remove unused codes

* fix routes units check

* improve permission check

* add unit tests for permission

* fix typo

* fix tests

* fix some routes

* fix api permission check

* improve permission check

* fix some permission check

* fix tests

* fix tests

* improve some permission check

* fix some permission check

* refactor AccessLevel

* fix bug

* fix tests

* fix tests

* fix tests

* fix AccessLevel

* rename CanAccess

* fix tests

* fix comment

* fix bug

* add missing unit for test repos

* fix bug

* rename some functions

* fix routes check
2018-11-28 19:26:14 +08:00
Lanre Adelowo
ce9a5173fe fix password variable shadowing (#5405) 2018-11-26 17:00:38 +02:00
Lanre Adelowo
fd37fb01fd Don't force a password change for the admin user when creating an account via cli (#5391)
* don't force a password change for the admin user

* don't totally dicard -must-change-password flag if creating the first (admin) user via the cli. Use flag if present but make sure to default to not forcing a password update
2018-11-25 09:42:24 +02:00
zeripath
7d9a191a3c Create AuthorizedKeysCommand (#5236) 2018-11-01 09:41:07 -04:00
Robert Ștefan
7edb930240 Add command for migrating database (#4954) 2018-10-30 23:14:42 -04:00
Lanre Adelowo
e5daa2698f Generate random password (#5023)
* add random-password flag

* run make fmt

* add length cli flag rather than use a default value
2018-10-30 17:34:25 -04:00
Lunny Xiao
0ba57949e4 remove unused db init on commands serv, update, hooks (#5225) 2018-10-30 12:41:25 +02:00
Antoine GIRARD
617a2433a3 Make gitea serv use api/internal (#4886)
* Start to move to internal/private

* Add GetPublicKeyByID

* Add HasDeployKey

* Add private.UpdateDeployKeyUpdated

* Add private.GetUserByKeyID

* Add private.AccessLevel

* Add private.CheckUnitUser

* Fix mistakes I made

* Some cleaning + moving code to separate files

* Fix error handling

* Remove useless error handling for setup

* lint: fix comment on exported func

* fix copyright header

* Fix order of args
2018-10-30 14:20:13 +08:00
Lunny Xiao
a2ee2a3c67 fix showing pull request link when delete a branch (#5166) 2018-10-28 18:15:25 -04:00
Lanre Adelowo
c2748ea7fe Add must-change-password flag to cli for creating a user (#4955)
* add support for an admin to force a user to change his/her password from thee cli

* use BoolFlag instead

* default to true

* simplify by removing unnneccessary if/else
2018-10-21 01:05:01 +03:00
Julien Tant
dea3d849e1 Give user a link to create PR after push (#4716)
* Give user a link to create PR after push

* Forks now create PR in the base repository + make sure PR creation is allowed

* fix code style
2018-10-20 09:59:06 +03:00
Bo-Yi Wu
1e34413238 refactor: err != nil check, just return error instead (#5093) 2018-10-18 00:51:07 -04:00
techknowlogick
e91a2cf2ea
Add/remove/list oauth providers via cli (#4591) 2018-09-12 10:46:02 -04:00
Fluf
b82c14b3d2 add letsencrypt to Gitea (#4189) 2018-08-21 09:56:50 -04:00
Jerry Jacobs
b1bc08e268 cmd/serve: pprof cpu and memory profile dumps to disk (#4560) 2018-08-07 14:49:18 -04:00
Fluf
f54626df0b Add config path as an optional flag when changing pass via CLI (#4184) 2018-06-09 18:35:14 -04:00
Inon S
15f6ec9632 LFS: make HTTP auth period configurable (#4035)
* LFS: make HTTP auth period configurable

* Formatting: Removed semicolon

Due to automated fmt-check failure (drone.gitea.io)

* applying code reviews

* Applied code review comment: Change HTTPAuthExpiry to time.Duration

* Updated config cheat sheet
2018-05-29 16:07:16 +08:00
techknowlogick
8176345c0e Add cli commands to regen hooks & keys (#3979)
* Add cli commands to regen hooks & keys

* make fmt

* Allow passing path to config as an option

* add docs
2018-05-17 09:35:07 +08:00
Lauris BH
b66d6b3449
Do not allow inactive users to access repositories using private keys (#3887) 2018-05-02 16:22:56 +03:00
Codruț Constantin Gușoi
96c268c0fc Implements generator cli for secrets (#3531)
Signed-off-by: Codruț Constantin Gușoi <codrut.gusoi@gmail.com>
2018-02-18 20:14:37 +02:00
Antoine GIRARD
9e842c8a72 Fix SSH auth lfs locks (#3152)
* Fix SSH auth LFS locks

* Activate SSH/lock test

* Remove debug

* Follow @lunny recommendation for AfterLoad method
2018-01-27 18:48:15 +02:00
Morgan Bazalgette
2b52f77e1b General refactor of the cmd package (#3328)
* General refactor of the cmd package

* Address breakage in runCreateUser

* Place "common" functions into cmd.go
2018-01-12 23:16:49 +01:00
Kim "BKC" Carlbäcker
e5b8b4b5ec Cleanup models.User.HashPassword (#3334) 2018-01-12 00:19:38 +02:00
Morgan Bazalgette
674cfb7cac Change EncodePasswd to HashPassword (#3329)
* Change EncodePasswd to HashPassword

* Create test+benchmark for HashPassword
2018-01-08 23:28:18 +01:00
Sandro Santilli
8cd987af0c Add repo-sync-releases admin command (#3254)
* Add repo-sync-releases admin command

Will help recovering corrupted database, see #3247

* Load repos in chunks of 10, exit with error if unable to get a list, scan private repos, fix typo

* Fix debug output about num releases

* Introduce RepositoryListDefaultPageSize constant, set to 64

Use it from the new admin command

* Use RepositoryListDefaultPageSize in more places

* Document RepositoryListDefaultPageSize
2017-12-31 16:45:46 +02:00
Mike Fellows
fabf3f2fc2 Add an option to allow redirect of http port 80 to https. (#1928)
* Add an option to allow redirect of http port 80 to https.

This is an "opt in" option (default is to not redirect).  It will only redirect
if protocol is https and the new REDIRECT_PORT_80 option is set to true.

The Port to redirect in previous commit was hardcoded to 80, now it can be
specified in the app.ini, defaulting to 80.  The boolean option to turn
redirection on has been changed to REDIRECT_OTHER_PORT to be logically
consistent with the new port option.

Signed-off-by: Mike Fellows <mike.fellows@shaw.ca>
2017-12-25 23:23:43 +01:00
Lunny Xiao
f94c1b3943
Improvements for supporting UI Location (#3146)
* improvements for supporting UI Location

* improved the comment
2017-12-14 07:45:31 +08:00
Lunny Xiao
00bfa1d055
fix run web with -p push failed (#3154) 2017-12-13 16:57:28 +08:00
Lunny Xiao
35cc5b0402
Remove GetRepositoryByRef and add GetRepositoryByOwnerAndName (#3043)
* remove GetRepositoryByRef and add GetRepositoryByOwnerAndName

* fix tests

* fix tests bug

* some improvements
2017-12-02 15:34:39 +08:00
Lunny Xiao
62d0a4d882 Add external markup render support (#2570)
* add external markup render support

* bug fixed

* refacotr codes and fix wrong error log

* fix comments and add check to prevent leaks

* add check for config file and improve the example

* check file close error

* use ioutil.TempFile instead uuid

* correct Render -> Parser

* improve warning when incorrect markup setting

* fix typos
2017-11-07 08:33:06 +02:00
Guillaume Dube
8798cf4e3b Set session and indexers' data files rel to AppDataPath (#2192)
* Set session and indexers' data files rel to AppDataPath

The setting AppDataPath is now relative to the working directory.
The session svc's PROVIDER_CONFIG now defaults to AppDataPath/data/sessions.
The issue indexer's IssuePath now defaults to AppDataPath/indexers/issues.bleves.

* fix bug
2017-11-03 10:56:20 +02:00
Lunny Xiao
9ddbbd9d5a improve force push detect when push (#2798) 2017-10-28 22:36:20 +03:00