0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-12-29 02:44:08 -05:00
Commit graph

363 commits

Author SHA1 Message Date
Earl Warren
7b4dba3aa0 [ACTIONS] skip superflous pull request synchronized event (#2314)
Skip a HookEventPullRequestSync event if it has the same CommitSHA as an existing HookEventPullRequest event in the ActionRun table. A HookEventPullRequestSync event must only create an ActionRun if the CommitSHA is different from what it was when the PR was open.

This guards against a race that can happen when the following is done in parallel:

* A commit C is pushed to a repo on branch B
* A pull request with head on branch B

it is then possible that the pull request is created first, successfully. The commit that was just pushed is not known yet but the PR only references the repository and the B branch so it is fine.

A HookEventPullRequest event is sent to the notification queue but not processed immediately.

The commit C is pushed and processed successfully. Since the PR already exists and has a head that matches the branch, the head of the PR is updated with the commit C and a HookEventPullRequestSync event is sent to the notification queue.

The HookEventPullRequest event is processed and since the head of the PR was updated to be commit C, an ActionRun with CommitSHA C is created.

The HookEventPullRequestSync event is then processed and also has a CommitSHA equal to C.

Refs: https://codeberg.org/forgejo/forgejo/issues/2009
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2314
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
2024-02-11 13:06:54 +00:00
Gergely Nagy
5f2d8be38e
[FEAT]: New route to view lates run of specific workflows
This adds a new route at `/actions/workflows/{workflow}/runs/latest`,
which will redirect to the latest run of the given workflow. It can be
further restricted by specifying an optional `?branch={branch}` query
parameter. If no branch is specified, the route defaults to using the
repo's default branch.

This route is meant to go hand in hand with the Badge route that returns
the result of the same workflow as a badge. This route can be used to
link to the run that produced that result.

Fixes #2303.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-10 09:15:58 +01:00
Earl Warren
7cbf05fafb
Merge remote-tracking branch 'forgejo/forgejo-dependency' into wip-forgejo
Conflicts:
	.forgejo/workflows/testing.yml
	trivial conflict
2024-02-09 19:00:54 +01:00
Gergely Nagy
1624ebc836
[TESTS] issue & PR templates in .forgejo are recognized
This adds a few tests for the previous change, to verify that issue
template configs, issue templates and pr templates are all recognized in
`.forgejo` directories.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-06 10:22:32 +01:00
Gergely Nagy
be8d16438a
Fix /api/v1/{owner}/{repo}/issue_templates
When issue templates were moved into services in
def4956122, the code was also refactored
and simplified. Unfortunately, that simplification broke the
`/api/v1/{owner}/{repo}/issue_templates` route, because it was
previously using a helper function that ignored invalid templates, and
after the refactor, the function it called *always* returned non-nil as
the second return value. This, in turn, results in the aforementioned
end point always returning an internal server error.

This change restores the previous behaviour of ignoring invalid files
returned by `issue.GetTemplatesFromDefaultBranch`, and adds a few test
cases to exercise the endpoint.

Other users of `GetTemplatesFromDefaultBranch` already ignore the second
return value, or handle it correctly, so no changes are necessary there.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-05 20:58:41 +01:00
Earl Warren
094c84ed6d
Merge branch 'rebase-forgejo-dependency' into wip-forgejo 2024-02-05 18:58:23 +01:00
Earl Warren
d7e1854884
Merge branch 'rebase-forgejo-branding' into wip-forgejo 2024-02-05 18:58:18 +01:00
Earl Warren
036f1eddc5
[GITEA] avoid superfluous synchronized pull_request run when opening a PR (#2236)
* Split TestPullRequest out of AddTestPullRequestTask
* Before scheduling the task, AddTestPullRequestTask stores the max
  index of the repository
* When the task runs, it does not take into account pull requests that
  have an index higher than the recorded max index

When AddTestPullRequestTask is called with isSync == true, it is the
direct consequence of a new commit being pushed. Forgejo knows nothing
of this new commit yet. If a PR is created later and its head
references the new commit, it will have an index that is higher and
must not be taken into account. It would be acting and triggering a
notification for a PR based on an event that happened before it
existed.

Refs: https://codeberg.org/forgejo/forgejo/issues/2009
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2236
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
(cherry picked from commit b3be895a30)
2024-02-05 16:57:58 +01:00
Gergely Nagy
c335d076aa
[GITEA] admin: "Self Check" should only show for some db types
The "Self Check" menu essentially runs the collation check that is also
performed at startup, and displays the results. This is only a thing for
MariaDB/MySQL and MSSQL. As such, the menu item should only be available
for these database types.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 0ca118fdc3)
2024-02-05 16:57:56 +01:00
oliverpool
76c2f5bf92
[GITEA] add test showing bug on resolving invalidated review comment
(cherry picked from commit 5fb3b927f1)
2024-02-05 16:57:56 +01:00
Gergely Nagy
fde08f91fd
[GITEA] tests: A workaround for the MySQL collation tests
Because Forgejo run mysqld with `--innodb-flush-method=nosync` to speed
up the test suite, there are situations where a larger, database-wide
operation does not always fully manifest until later, not even when it
is wrapped in a transaction, nor when we use `FLUSH TABLES` and similar
methods.

In the case of the MySQL collation test, this *sometimes* results in the
database still responding with the old collation to a reader, even after
an `ALTER DATABASE ... COLLATE ...`.

In order to be able to still use the aforementioned flag and enjoy its
benefits, add a five second sleep between `db.ConvertDatabaseTable()`
and `db.CheckCollations()` in the `TestDatabaseCollation()` set of
tests.

This is not a fix - I don't think there is one possible -, but a
workaround. If it breaks again, the correct fix will be to remove the
flag from `mysqld` (it's not a supported flag to begin with).

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit af18ed2ba9)
2024-02-05 16:57:55 +01:00
Gergely Nagy
2ca4862f8b
[GITEA] Allow changing the repo Wiki branch to main
Previously, the repo wiki was hardcoded to use `master` as its branch,
this change makes it possible to use `main` (or something else, governed
by `[repository].DEFAULT_BRANCH`, a setting that already exists and
defaults to `main`).

The way it is done is that a new column is added to the `repository`
table: `wiki_branch`. The migration will make existing repositories
default to `master`, for compatibility's sake, even if they don't have a
Wiki (because it's easier to do that). Newly created repositories will
default to `[repository].DEFAULT_BRANCH` instead.

The Wiki service was updated to use the branch name stored in the
database, and fall back to the default if it is empty.

Old repositories with Wikis using the older `master` branch will have
the option to do a one-time transition to `main`, available via the
repository settings in the "Danger Zone". This option will only be
available for repositories that have the internal wiki enabled, it is
not empty, and the wiki branch is not `[repository].DEFAULT_BRANCH`.

When migrating a repository with a Wiki, Forgejo will use the same
branch name for the wiki as the source repository did. If that's not the
same as the default, the option to normalize it will be available after
the migration's done.

Additionally, the `/api/v1/{owner}/{repo}` endpoint was updated: it will
now include the wiki branch name in `GET` requests, and allow changing
the wiki branch via `PATCH`.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit d87c526d2a)
2024-02-05 16:57:47 +01:00
Gusted
361617eea0
[GITEA] Use correct translations for pull request
- When a commit references a pull request, the detail strings should
reflect that. Add a new translation string for the pull request.
- Added integration tests.
- Resolves #2256

(cherry picked from commit 0d054cd4d9)
2024-02-05 16:54:44 +01:00
Gergely Nagy
fdda432d1e
[TESTS] Convert more tests to CreateDeclarativeRepo
These tests originate from Gitea, so may cause conflicts in the longer
run. But they use the same pattern, so transitioning them to the helper
is hopefully a benefit that offsets the risk.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 2d475af494)
(cherry picked from commit a99c17729c)
2024-02-05 16:54:44 +01:00
Gergely Nagy
48d752c630
[TESTS] Lift out CreateDeclarativeRepo()
There are a number of tests which require creating a repository on the
fly, and they each do it their own way. To reduce code duplication, lift
out this common pattern into a helper called `CreateDeclarativeRepo()`,
which lets us create a repository, set up enabled and disabled repo
units, and even add, delete, or update files.

Also convert a number of users of this pattern to the new helper - those
users that I introduced, and are in code introduced by Forgejo in the
first place.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 342b7bae3c)
(cherry picked from commit 2ece8764e9)
2024-02-05 16:54:44 +01:00
Earl Warren
fe8622dae3
Revert "Fix schedule tasks bugs (#28691)"
This reverts commit 97292da960.

(cherry picked from commit 83e5eba031)
(cherry picked from commit f6ef8f3819)

Conflicts:
	services/repository/setting.go
2024-02-05 16:54:42 +01:00
Gergely Nagy
d4396acf82
[GITEA] Don't consider orphan branches as recently pushed
When displaying the recently pushed branches banner, don't display
branches that have no common history with the default branch. These
branches are usually not meant to be merged, so the banner is just noise
in this case.

Refs: https://codeberg.org/forgejo/forgejo/pulls/2196

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit e1fba517f4)
(cherry picked from commit 2d3c81d4f2)
(cherry picked from commit 624a61b3b8)
2024-02-05 16:09:43 +01:00
Gergely Nagy
69688628f5
[GITEA] Fix misleading comparisons when comparing branches
When comparing branches, only offer those branches to use as a base
where the repository allows pull requests. Those that do not allow pull
request would result in a 404, so offering them as an option would be
misleading.

Refs: https://codeberg.org/forgejo/forgejo/pulls/2194

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 022d0e0d71)
(cherry picked from commit 957990b36a)
(cherry picked from commit 6d2df72825)
2024-02-05 16:09:43 +01:00
Gergely Nagy
bc7e448d49
[GITEA] Rework when recently pushed branches are displayed
With this change, the "You pushed on branch xyz" banner will be
displayed when either the viewed repository or its base repo (if the
current one's a fork) has pull requests enabled. Previously it only
displayed if the viewed repo had PRs enabled.

Furthermore, if the viewed repository is an original repository that the
viewing user has a fork of, if the forked repository has recently pushed
branches, then the banner will appear for the original repository too.
In this case, the notification will include branches from the viewing
user's fork, and branches they pushed to the base repo, too.

Refs: https://codeberg.org/forgejo/forgejo/pulls/2195

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit a29f10661d)
(cherry picked from commit 70c5e2021d)
(cherry picked from commit 48b25be67a)
2024-02-05 16:09:43 +01:00
Gusted
bbe5a881cc
[GITEA] Fix API inconsistencies
- Document the correct content types for Git archives. Add code that
actually sets the correct application type for `.zip` and `.tar.gz`.
- When an action (POST/PUT/DELETE method) was successful, an 204 status
code should be returned instead of status code 200.
- Add and adjust integration testing.
- Resolves #2180
- Resolves #2181

(cherry picked from commit 6c8c4512b5)
(cherry picked from commit 3f74bcb14d)
(cherry picked from commit 6ed9057fd7)
2024-02-05 16:09:43 +01:00
Earl Warren
0b503e5e86
[GITEA] DELETE /repos/{owner}/{repo}/pulls/{index}/reviews/{id}/comments/{comment}
* reuse deleteIssueComment by adding the commentType parameter
* ensure tests start with a PR with no random reviews from fixtures

Refs: https://codeberg.org/forgejo/forgejo/issues/2109
(cherry picked from commit 5b90ab77f6)
(cherry picked from commit 28ecd6f5a6)
(cherry picked from commit 24870cf133)
2024-02-05 16:09:43 +01:00
Gergely Nagy
8eaa8aeaf9
[GITEA] Improved Linguist compatibility
Recognise the `linguist-documentation` and `linguist-detectable`
attributes in `.gitattributes` files, and use them in
`GetLanguageStats()` to make a decision whether to include a particular
file in the stats or not.

This allows one more control over which files in their repositories
contribute toward the language statistics, so that for a project that is
mostly documentation, the language stats can reflect that.

Fixes #1672.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 6d4e02fe5f)
(cherry picked from commit ee1ead8189)
(cherry picked from commit 2dbec730e8)
2024-02-05 16:09:43 +01:00
Earl Warren
bd1cea3f82
[GITEA] GET /repos/{owner}/{repo}/pulls/{index}/reviews/{id}/comments/{comment}
Refs: https://codeberg.org/forgejo/forgejo/issues/2109
(cherry picked from commit 69fcf26dee)
(cherry picked from commit 1296f4d115)
(cherry picked from commit 119d10d9e2)
(cherry picked from commit eb5b55b1b7)
2024-02-05 16:09:43 +01:00
Gergely Nagy
3bdfb7a7aa
[GITEA] Fix the topic search paging
When searching for repository topics, either via the API, or via
Explore, paging did not work correctly, because it only applied when the
`page` parameter was non-zero. Paging should have applied when the page
size is greater than zero, which is what this patch does.

As a result, both the API, and the Explore endpoint will return paged
results (30 by default). As such, when managing topics on the frontend,
the offered completions will also be limited to a pageful of results,
based on what the user has already typed.

This drastically reduces the amount of traffic, and also the number of
the topics to choose from, and thus, the rendering time too.

The topics will be returned by popularity, with most used topics first.
A single page will contain `[api].DEFAULT_PAGING_NUM` (30 by default)
items that match the query. That's plenty to choose from.

Fixes #132.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 64d4ff41db)
(cherry picked from commit 06b808fa2c)
(cherry picked from commit 9205c9266a)
(cherry picked from commit 47863d4f72)
2024-02-05 16:09:43 +01:00
Gergely Nagy
2924fcf814
[GITEA] services: Gracefully handle missing branches
services: in loadOneBranch, return if CountDivergingCommits fail

If we can't count the number of diverging commits for one reason or
another (such as the branch being in the database, but missing from
disk), rather than logging an error and continuing into a crash (because
`divergence` will be nil), return an error instead.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 8266105f24)

services: Gracefully handle missing branches

When loading branches, if loading one fails, log an error, and ignore
the branch, rather than returning and causing an internal server error.

Ideally, we would only ignore the error if it was caused by a missing
branch, and do it silently, like the respective API endpoint does.
However, veryfing that at this place is not very practical, so for the
time being, ignore any and all branch loading errors.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit e552a8fd62)

tests: Add a testcase for missing branches

This tests the scenario reported in Codeberg/Community#1408: a branch
that is recorded in the database, but missing on disk was causing
internal server errors. With recent changes, that is no longer the case,
the error is logged and then ignored.

This test case tests this behaviour, that the repo's branches page on
the web UI functions even if the git branch is missing.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit e20eb7b385)

tests: More testing in TestDatabaseMissingABranch

In the `TestDatabaseMissingABranch` testcase, make sure that the
branches are in sync between the db and git before deleting a branch via
git, then compare the branch count from the web UI, making sure that it
returns an out-of-sync value first, and the correct one after another
sync.

This is currently tested by scraping the UI, and relies on the fact that
the branch counter is out of date before syncing. If that issue gets
resolved, we'll have to adjust the test to verify the sync another way.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 8c2ccfcece)
(cherry picked from commit 439fadf563)
(cherry picked from commit 44dd80552c)
(cherry picked from commit 37b91fe6f2)
2024-02-05 16:09:42 +01:00
Gusted
2cfcd266b4
[GITEA] Fix panic in canSoftDeleteContentHistory
- It's possible that `canSoftDeleteContentHistory` is called without
`ctx.Doer` being set, such as an anonymous user requesting the
`/content-history/detail` endpoint.
- Add a simple condition to always set to `canSoftDelete` to false if an
anonymous user is requesting this, this avoids a panic in the code that
assumes `ctx.Doer` is set.
- Added integration testing.

(cherry picked from commit 0b5db0dcc6)
(cherry picked from commit 30d168bcc8)
(cherry picked from commit 19be82b7ef)
(cherry picked from commit 334b703b17)
2024-02-05 16:09:42 +01:00
Earl Warren
603a44edf0
[GITEA] POST /repos/{owner}/{repo}/pulls/{index}/reviews/{id}/comments
Refs: https://codeberg.org/forgejo/forgejo/issues/2109
(cherry picked from commit 8b4ba3dce7)
(cherry picked from commit 196edea0f9)

[GITEA] POST /repos/{owner}/{repo}/pulls/{index}/reviews/{id}/comments (squash) do not implicitly create a review

If a comment already exists in a review, the comment is added. If it
is the first comment added to a review, it will implicitly create a
new review instead of adding to the existing one.

The pull_service.CreateCodeComment function is responsibe for this
behavior and it will defer to createCodeComment once the review is
determined, either because it was found or because it was created.

Rename createCodeComment into CreateCodeCommentKnownReviewID to expose
it and change the API endpoint to use it instead. Since the review is
provided by the user and verified to exist already, there is no need
for the logic implemented by CreateCodeComment.

The tests are modified to remove the initial comment from the fixture
because it was creating the false positive. I was verified to fail
without this fix.

(cherry picked from commit 6a555996dc)
(cherry picked from commit b173a0ccee)
(cherry picked from commit 838ab9740a)
2024-02-05 16:09:42 +01:00
Gergely Nagy
639b428cf4
[FEAT] API support for repository flags
Expose the repository flags feature over the API, so the flags can be
managed by a site administrator without using the web API.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit bac9f0225d)
(cherry picked from commit e7f5c1ba14)
(cherry picked from commit 95d9fe19cf)
(cherry picked from commit 7fc51991e4)
2024-02-05 16:09:42 +01:00
Gergely Nagy
36f7c162e2
[FEAT] Repository flags
This implements "repository flags", a way for instance administrators to
assign custom flags to repositories. The idea is that custom templates
can look at these flags, and display banners based on them, Forgejo does
not provide anything built on top of it, just the foundation. The
feature is optional, and disabled by default. To enable it, set
`[repository].ENABLE_FLAGS = true`.

On the UI side, instance administrators will see a new "Manage flags"
tab on repositories, and a list of enabled tags (if any) on the
repository home page. The "Manage flags" page allows them to remove
existing flags, or add any new ones that are listed in
`[repository].SETTABLE_FLAGS`.

The model does not enforce that only the `SETTABLE_FLAGS` are present.
If the setting is changed, old flags may remain present in the database,
and anything that uses them, will still work. The repository flag
management page will allow an instance administrator to remove them, but
not set them, once removed.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit ba735ce222)
(cherry picked from commit f09f6e029b)
(cherry picked from commit 2f8b041489)
(cherry picked from commit d3186ee5f4)
2024-02-05 16:09:42 +01:00
Gergely Nagy
9809f96a4a
[GITEA] Disable the RSS feed in file view for non-branches
Files can have an RSS feed, but those only make sense when taken in the
context of a branch. There is no history to make a feed of on a tag or a
commit: they're static. Forgejo does not provide a feed for them for
this reason.

However, the file view on the web UI was offering a link to these
non-existent feeds. With this patch, it does that no longer, and only
provides a link when viewing the file in the context of a branch.

Fixes #2102.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 4b48d21ea7)
(cherry picked from commit 70cb266760)
(cherry picked from commit 69b45c3fea)

Conflicts:
	options/locale/locale_en-US.ini
	https://codeberg.org/forgejo/forgejo/pulls/2249
(cherry picked from commit 639a2c0741)
2024-02-05 16:09:42 +01:00
Gergely Nagy
e019eb33a2
[GITEA] Find README.md for user profiles case insensitively
When trying to find a `README.md` in a `.profile` repo, do so case
insensitively. This change does not make it possible to render readmes
in formats other than Markdown, it just removes the hard-coded
"README.md".

Also adds a few tests to make sure the change works.

Fixes #1494.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit edd219d8e9)
(cherry picked from commit 2c0105ef17)
(cherry picked from commit 3975a9f3aa)
(cherry picked from commit dee4a18423)
(cherry picked from commit 60aee6370f)
2024-02-05 16:09:42 +01:00
Gusted
159dc74ceb
[GITEA] Check for Commit in opengraph
- It's possible that `PageIsDiff` is set but not `Commit` resulting in a
NPE in the template. This can happen when the requested commit doesn't exist.
- Regression of c802c46a9b &
5743d7cb5b
- Added 'hacky' integration test.

(cherry picked from commit 8db2d5e4a7)
(cherry picked from commit 8c737a802b)
(cherry picked from commit 6b7c7d18dc)
(cherry picked from commit a2be4fab27)
(cherry picked from commit a1125268ac)
2024-02-05 16:09:42 +01:00
Gergely Nagy
f90b802634
[GITEA] Add support for shields.io-based badges
Adds a new `/{username}/{repo}/badges` family of routes, which redirect
to various shields.io badges. The goal is to not reimplement badge
generation, and delegate it to shields.io (or a similar service), which
are already used by many. This way, we get all the goodies that come
with it: different styles, colors, logos, you name it.

So these routes are just thin wrappers around shields.io that make it
easier to display the information we want. The URL is configurable via
`app.ini`, and is templatable, allowing to use alternative badge
generator services with slightly different URL patterns.

Additionally, for compatibility with GitHub, there's an
`/{username}/{repo}/actions/workflows/{workflow_file}/badge.svg` route
that works much the same way as on GitHub. Change the hostname in the
URL, and done.

Fixes gitea#5633, gitea#23688, and also fixes #126.

Work sponsored by Codeberg e.V.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit fcd0f61212)
(cherry picked from commit 20d14f7844)
(cherry picked from commit 4359741431)
(cherry picked from commit 35cff45eb8)
(cherry picked from commit 2fc0d0b8a3)
2024-02-05 16:09:42 +01:00
Gergely Nagy
92f41d11dd
[GITEA] repo: Don't redirect the repo to external units
When displaying the repo home view, do not redirect to unit types that
can't be defaults (which, at the moment, are the external wiki and issue
tracker unit types).

If we'd redirect to those, that would mean that a repository with the
Code unit disabled, and an external issue tracker would immediately
redirect to the external issue tracker, making it harder to reach other,
non-external units of the repo.

Fixes #1965.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 44078e5460)
(cherry picked from commit 1868dec2e4)
(cherry picked from commit c3a8e98870)
(cherry picked from commit 9266b1916f)
(cherry picked from commit 8fa5ff65af)
2024-02-05 16:09:42 +01:00
Gusted
abfc169fc8
[GITEA] Remove redundant syncBranchToDB
- The transaction in combination with Git push was causing deadlocks if
you had the `push_update` queue set to `immediate`. This was the root
cause of slow integration tests in CI.
- Remove the sync branch code as this is already being done in the Git
post-receive hook.
- Add tests to proof the branch models are in sync even with this code
removed.

(cherry picked from commit 90110e1f44)
(cherry picked from commit a064065cb9)
(cherry picked from commit 7713e558eb)

Conflicts:
	services/repository/branch.go
	https://codeberg.org/forgejo/forgejo/pulls/2068
(cherry picked from commit 3bb73e0813)
(cherry picked from commit c557540926)
(cherry picked from commit 986be6171a)
(cherry picked from commit 7a343877f1)
(cherry picked from commit 51425500f2)
2024-02-05 16:09:42 +01:00
Gergely Nagy
1d8bca07f3
[GITEA] Configurable clone methods
Adds `[repository].DOWNLOAD_OR_CLONE_METHODS` (defaulting to
"download-zip,download-targz,download-bundle,vscode-clone"), which lets
an instance administrator override the additional clone methods
displayed on the repository home view.

This is purely display-only, the clone methods not listed here are still
available, unless disabled elsewhere. They're just not displayed.

Fixes #710.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 2aadcf4946)
(cherry picked from commit 42ac34fbf9)
(cherry picked from commit bd231b0245)
(cherry picked from commit 3d3366dbbe)
(cherry picked from commit 0157fb9b88)
(cherry picked from commit bee88f6a83)
2024-02-05 16:09:42 +01:00
Antonin Delpeuch
f3b298133e
[GITEA] pulls: "Edit File" button in "Files Changed" tab
Closes #1894.
Gitea issue: https://github.com/go-gitea/gitea/issues/23848

(cherry picked from commit 79c75164ca)
(cherry picked from commit 58c76aad8f)
(cherry picked from commit 5bdb3c6c53)
(cherry picked from commit 94e954ce22)
(cherry picked from commit 1388e7c7be)
(cherry picked from commit 6a234abff5)
2024-02-05 16:09:42 +01:00
Gergely Nagy
5eeccecafc
[GITEA] Optionally allow anyone to edit Wikis
This is largely based on gitea#6312 by @ashimokawa, with updates and
fixes by myself, and incorporates the review feedback given in that pull
request, and more.

What this patch does is add a new "default_permissions" column to the
`repo_units` table (defaulting to read permission), adjusts the
permission checking code to take this into consideration, and then
exposes a setting that lets a repo administrator enable any user on a
Forgejo instance to edit the repo's wiki (effectively giving the wiki
unit of the repo "write" permissions by default).

By default, wikis will remain restricted to collaborators, but with the
new setting exposed, they can be turned into globally editable wikis.

Fixes Codeberg/Community#28.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 4b74439922)
(cherry picked from commit 337cf62c10)
(cherry picked from commit b6786fdb32)
(cherry picked from commit a5d2829a10)

[GITEA] Optionally allow anyone to edit Wikis (squash) AddTokenAuth

(cherry picked from commit fed50cf72e)
(cherry picked from commit 42c55e494e)
(cherry picked from commit e3463bda47)
2024-02-05 16:09:42 +01:00
Gusted
33b1dec846
[GITEA] Fix NPE in UsernameSubRoute
- When the user is not found in `reloadparam`, early return when the
user is not found to avoid calling `IsUserVisibleToViewer` which in turn
avoids causing a NPE.
- This fixes the case that a 500 error and 404 error is shown on the
same page.
- Add integration test for non-existant user RSS.
- Regression by c6366089df

(cherry picked from commit f0e0696278)
(cherry picked from commit 75d8066908)
(cherry picked from commit 4d0a1e0637)
(cherry picked from commit 5f40a485da)
(cherry picked from commit c4cb7812e3)
(cherry picked from commit d31ce2f03d)
(cherry picked from commit cfebef4f82)
2024-02-05 16:09:41 +01:00
Gergely Nagy
d4fc0d2c5a
[GITEA] Allow changing the email address before activation
During registration, one may be required to give their email address, to
be verified and activated later. However, if one makes a mistake, a
typo, they may end up with an account that cannot be activated due to
having a wrong email address.

They can still log in, but not change the email address, thus, no way to
activate it without help from an administrator.

To remedy this issue, lets allow changing the email address for logged
in, but not activated users.

This fixes gitea#17785.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit aaaece28e4)
(cherry picked from commit 639dafabec)
(cherry picked from commit d699c12ceb)

[GITEA] Allow changing the email address before activation (squash) cache is always active

This needs to be revisited because the MailResendLimit is not enforced
and turns out to not be tested.

See e7cb8da2a8 * Always enable caches (#28527)

(cherry picked from commit 43ded8ee30)

Rate limit pre-activation email change separately

Changing the email address before any email address is activated should
be subject to a different rate limit than the normal activation email
resending. If there's only one rate limit for both, then if a newly
signed up quickly discovers they gave a wrong email address, they'd have
to wait three minutes to change it.

With the two separate limits, they don't - but they'll have to wait
three minutes before they can change the email address again.

The downside of this setup is that a malicious actor can alternate
between resending and changing the email address (to something like
`user+$idx@domain`, delivered to the same inbox) to effectively halving
the rate limit. I do not think there's a better solution, and this feels
like such a small attack surface that I'd deem it acceptable.

The way the code works after this change is that `ActivatePost` will now
check the `MailChangeLimit_user` key rather than `MailResendLimit_user`,
and if we're within the limit, it will set `MailChangedJustNow_user`. The
`Activate` method - which sends the activation email, whether it is a
normal resend, or one following an email change - will check
`MailChangedJustNow_user`, and if it is set, it will check the rate
limit against `MailChangedLimit_user`, otherwise against
`MailResendLimit_user`, and then will delete the
`MailChangedJustNow_user` key from the cache.

Fixes #2040.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit e35d2af2e5)
(cherry picked from commit 03989418a7)
(cherry picked from commit f50e0dfe5e)
(cherry picked from commit cad9184a36)
(cherry picked from commit e2da5d7fe1)
(cherry picked from commit 3a80534d4d)
2024-02-05 16:09:41 +01:00
Earl Warren
06aae9ae72
[GITEA] GetScheduledMergeByPullID may involve a system user
Refs: https://codeberg.org/forgejo/forgejo/issues/1897
(cherry picked from commit ddc3c22558)
(cherry picked from commit a7fe969b93)
(cherry picked from commit 62bda95774)
(cherry picked from commit 8149a822c7)
(cherry picked from commit 9ed4e685eb)
(cherry picked from commit 4f072b4f80)
(cherry picked from commit ca5924037b)
(cherry picked from commit 88e2b47e29)
(cherry picked from commit 784f860cfa)
2024-02-05 16:09:41 +01:00
Gergely Nagy
fa0759962b
[GITEA] allow viewing the latest Action Run on the web
Similar to how some other parts of the web UI support a `/latest` path
to directly go to the latest of a certain thing, let the Actions web UI
do the same: `/{owner}/{repo}/actions/runs/latest` will redirect to the
latest run, if there's one available.

Fixes gitea#27991.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit f67ccef1dd)

Code cleanup in the actions.ViewLatest route handler

Based on feedback received after the feature was merged, use
`ctx.NotFound` and `ctx.ServerError`, and drop the use of the
unnecessary `ctx.Written()`.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 74e42da563)
(cherry picked from commit f7535a1cef)
(cherry picked from commit 1a90cd37c3)
(cherry picked from commit d86d71340a)
(cherry picked from commit 9e5cce1afc)
(cherry picked from commit 2013fb3fab)
(cherry picked from commit 88b9d21d11)
(cherry picked from commit 72c020298e)
(cherry picked from commit 6525f730df)
2024-02-05 16:09:41 +01:00
Gergely Nagy
ff00749191
[GITEA] new doctor check: fix-push-mirrors-without-git-remote (#1853)
This adds a new `doctor` check: `fix-push-mirrors-without-git-remote`. The new check looks for push mirrors that do not have their remotes configured in git. If automatic fixing is enabled, it will remove these push mirrors from the database.

The check is not run by default, and thus, must be invoked manually. It should be usable in a half-migrated state, too, and as such, fixes #1800.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1853
Co-authored-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Co-committed-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 9038e07ef3)
(cherry picked from commit b15bafcbc7)
(cherry picked from commit 93ba05a2dd)
(cherry picked from commit e418ea8082)
(cherry picked from commit 321790a91e)
(cherry picked from commit f4e19d3323)
(cherry picked from commit 4d9923dee8)
(cherry picked from commit 049df69eda)

Conflicts:
	services/doctor/push_mirror_consistency.go
	https://codeberg.org/forgejo/forgejo/pulls/2214
(cherry picked from commit c79cba8d55)
(cherry picked from commit f3a3969c02)
2024-02-05 16:09:41 +01:00
Gusted
75ce1e2ac1
[GITEA] Allow user to select email for file operations in Web UI
- Add a dropdown to the web interface for changing files to select which
Email should be used for the commit. It only shows (and verifies) that a
activated mail can be used, while this isn't necessary, it's better to
have this already in place.
- Added integration testing.
- Resolves https://codeberg.org/forgejo/forgejo/issues/281

(cherry picked from commit 564e701f40)
(cherry picked from commit de8f2e03cc)
(cherry picked from commit 0182cff12e)
(cherry picked from commit 9c74254d46)
(cherry picked from commit 2f0b68f821)
(cherry picked from commit 079b995d49)
(cherry picked from commit 6952ea6ee3)
(cherry picked from commit 6c7d5a5d14)
(cherry picked from commit 49c39f0ed5)
(cherry picked from commit a8f9727388)
2024-02-05 16:09:41 +01:00
Loïc Dachary
21c4d844f3
[GITEA] test GET /{owner}/{repo}/comments/{id}/attachments
Refs: https://forgejo.org/2023-11-release-v1-20-5-1/#api-and-web-endpoint-vulnerable-to-manually-crafted-identifiers

(cherry picked from commit 888dda12cf9bc95f9ef85ba5a518cf40152e07ea)
(cherry picked from commit aceeca55da)
(cherry picked from commit ab7e649668)
(cherry picked from commit 7fb8598c7d)
(cherry picked from commit fb4961e2a5)
(cherry picked from commit 9fe856a29a)
(cherry picked from commit 6db21c013d)
(cherry picked from commit 72c84eb19c)
(cherry picked from commit 07ebc9761d)
(cherry picked from commit 0c8f484002)
(cherry picked from commit 25df7d89bc)
(cherry picked from commit 0f436a0d22)
(cherry picked from commit 6109f8b6c1)
2024-02-05 16:09:41 +01:00
Loïc Dachary
3f71a0ef02
[GITEA] test POST /{username}/{reponame}/{type:issues|pulls}/move_pin
Refs: https://forgejo.org/2023-11-release-v1-20-5-1/#api-and-web-endpoint-vulnerable-to-manually-crafted-identifiers

(cherry picked from commit 52f50792606a22cbf1e144e1bd480984abf6f53f)
(cherry picked from commit 65b942fa1e)
(cherry picked from commit e140c5c983)
(cherry picked from commit 4d108fa1cf)
(cherry picked from commit 9430badc5c)
(cherry picked from commit 1e67f4665d)
(cherry picked from commit 992e0d3218)
(cherry picked from commit 0e25ca17f3)
(cherry picked from commit 3c7d9769fa)

Conflicts:
	tests/integration/issue_test.go
	https://codeberg.org/forgejo/forgejo/pulls/2119
(cherry picked from commit f6bdf76a1d)
(cherry picked from commit a5e527f872)
(cherry picked from commit be3f9a28a1)
(cherry picked from commit 836a95eab8)
2024-02-05 16:09:41 +01:00
Loïc Dachary
efbe483057
[GITEA] test POST /{username}/{reponame}/{tags,release}/delete
Refs: https://forgejo.org/2023-11-release-v1-20-5-1/#api-and-web-endpoint-vulnerable-to-manually-crafted-identifiers

(cherry picked from commit 78dcbb62fe87abe044034d880c9e8c22b44c2c98)
(cherry picked from commit 6707c08c17)
(cherry picked from commit 68da5a9cd8)
(cherry picked from commit c27fb08cb0)
(cherry picked from commit f15a2c558a)
(cherry picked from commit 8eb3ae6939)
(cherry picked from commit d54d5952f2)
(cherry picked from commit ce22d57485)
(cherry picked from commit bfc110ba33)
(cherry picked from commit 1fb3d555d9)
(cherry picked from commit 859c2275db)
(cherry picked from commit b21cf2567a)
(cherry picked from commit 8b9d75974f)
2024-02-05 16:09:41 +01:00
Antonin Delpeuch
6338fe8bef
[GITEA] oauth2: use link_account page when email/username is missing (#1757)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1757
Co-authored-by: Antonin Delpeuch <antonin@delpeuch.eu>
Co-committed-by: Antonin Delpeuch <antonin@delpeuch.eu>
(cherry picked from commit 0f6e0f9035)
(cherry picked from commit 779168a572)
(cherry picked from commit 29a2457321)
(cherry picked from commit a1edc2314d)
(cherry picked from commit cd01594610)
(cherry picked from commit 74db46b0f5)
(cherry picked from commit fd98f55204)
(cherry picked from commit 3099d0e281)
(cherry picked from commit 9fbbe61364)
(cherry picked from commit 8c00565006)
(cherry picked from commit 0977a1ed75)
2024-02-05 16:09:40 +01:00
Gusted
4d76bbeda7
[GITEA] Accept shorter commit IDs in web route
- Be more liberal in what Forgejo accepts, by reducing the minimum
amount of characters for SHA to 4 characters, which is the minimum
amount that  Git needs in order to figure out which commit was meant.
- It's safe to reduce this requirements, as commits are passed to Git
which will error if the given commit ID results in more than one Git
object. Forgejo will catch this error as that the Commit doesn't exist,
which is a error that's already being handled in most places gracefully.
- Added integration testing.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1760

(cherry picked from commit 0d655c7384)
(cherry picked from commit 9b9aca2a02)
(cherry picked from commit 0d0ab1af1f)
(cherry picked from commit d3b352c854)
(cherry picked from commit d6af2094df)
(cherry picked from commit f96e55a7a9)
(cherry picked from commit bb6261f847)
(cherry picked from commit f6a4146161)
(cherry picked from commit ed02921379)

Conflicts:
	routers/web/web.go
	https://codeberg.org/forgejo/forgejo/pulls/2214
(cherry picked from commit 768377cb02)
(cherry picked from commit 2cebe3ef94)
2024-02-05 16:09:40 +01:00
Gusted
62f866de99
[GITEA] Add repo empty check for branch feed
- If you attempted to get a branch feed on a empty repository, it would
result in a panic as the code expects that the branch exists.
- `context.RepoRefByType` would normally already 404 if the branch
doesn't exist, however if a repository is empty, it would not do this
check.
- Fix bug where `/atom/branch/*` would return a RSS feed.

(cherry picked from commit d27bcd98a4)
(cherry picked from commit c58566403d)
(cherry picked from commit b8b3f6ab8b)
(cherry picked from commit 195520100b)
(cherry picked from commit 6e417087dd)
(cherry picked from commit ff91e5957a)
(cherry picked from commit 6626d5cc75)
(cherry picked from commit 62f8ab793b)
(cherry picked from commit e5bbf1a2d0)
(cherry picked from commit f5b8c8edea)
(cherry picked from commit 50948fa11b)
(cherry picked from commit 83a9f7f442)
(cherry picked from commit 679438b5d6)
(cherry picked from commit 17db07d6d0)
2024-02-05 16:09:40 +01:00