Commit Graph

355 Commits

Author SHA1 Message Date
Willem van Dreumel
8947b711aa Link OAuth2 account to 2FA enabled account (fix #1050) (#1052)
* fixes #1050 where linking an account to a 2fa enabled account failed because we forgot to really link the account when 2fa is completed

* handle errors
2017-02-27 18:10:26 +08:00
Lunny Xiao
19b3c45ca7 fix 500 when use a duplicat email instead of giving an error tip (#1040) 2017-02-25 22:57:06 +08:00
Lunny Xiao
e8e56da9ac fix #13 (#1042) 2017-02-25 22:53:57 +08:00
Lunny Xiao
8894f856de fix 500 when change user setting email to an exist email (#1039) 2017-02-25 21:39:52 +08:00
Willem van Dreumel
01d957677f Oauth2 consumer (#679)
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)

* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)

* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
2017-02-22 08:14:37 +01:00
Lunny Xiao
847527fd6d Fix all the bugs in issues and pulls on dashboard (#943)
* fix all the bugs in issues and pulls on dashboard

* small fix and refactor

* add method getRepoIDs for IssueList
2017-02-17 08:58:19 +08:00
Bo-Yi Wu
a31f64d639 fix: 500 error on /explore/repos page. (#946) 2017-02-15 22:28:11 +08:00
Lunny Xiao
9c645b54dc bug fixed on issues and pulls 2017-02-15 01:17:07 +01:00
Lunny Xiao
7a9a5c8a69 Fix assigned issues dashboard (#920)
* Fix assigned/created issues in dashboard. (#3560)

* Fix assigned/created issues in dashboard.

* Use GetUserIssueStats for getting all Dashboard stats.

* Use gofmt to format the file properly.

* Replace &Issue{} with new(Issue).

* Check if user has access to given repository.

* Remove unnecessary filtering of issues.

* Return 404 error if invalid repository is given.

* Use correct number of issues in paginater.

* fix issues on dashboard
2017-02-14 22:15:18 +08:00
Bo-Yi Wu
23aba523b5 feat: support search bar on star tab of user profile. (#917)
* feat: support search bar on star tab of user profile.

* fix: update testing.

* fix: Using loadAttributes

* fix: remove empty line.

* remove LOWER

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2017-02-14 15:28:22 +08:00
Bo-Yi Wu
3576e1ee73 fix: trim the whitespaces for the search keyword (#893) 2017-02-11 12:00:01 +08:00
Bo-Yi Wu
a195c3fabe fix: Admin can also search private user repository. (#869) 2017-02-08 17:35:59 +08:00
Bo-Yi Wu
b13232f524 feat: support paginater on star tab of user profile. (#845) 2017-02-07 19:54:16 +08:00
Bo-Yi Wu
71d35dae8c fix: wrong pages number which includes private repository count. (#844) 2017-02-06 23:18:36 +08:00
Lunny Xiao
8a421b1fd7 Add units concept for modulable functions of a repository (#742)
* Add units concept for modulable functions of a repository

* remove unused comment codes & fix lints and tests

* remove unused comment codes

* use struct config instead of map

* fix lint

* rm wrong files

* fix tests
2017-02-04 23:53:46 +08:00
Bo-Yi Wu
a90a215662 feat: Add search bar on user profile page. (#787) 2017-02-04 20:20:20 +08:00
Ethan Koenig
400b6fd61c Cache ctxUser in retrieveFeeds(..) (#826) 2017-02-03 13:27:10 +08:00
Bo-Yi Wu
2db0ffe69e fix: User can see the private activity on public activity history. (#818) 2017-02-02 20:32:40 +08:00
Ethan Koenig
2eb15f4a61 Unit tests and remove unused functions in models/notification (#796)
* Unit tests and remove unused functions in models/notification

* Read -> Unread
2017-01-30 22:21:49 +08:00
Ethan Koenig
da1b6164fe Fix FIXME and remove superfluous queries in models/org (#749) 2017-01-25 23:41:38 +08:00
Ethan Koenig
833f8b94c2 Search bar for issues/pulls (#530) 2017-01-25 10:43:02 +08:00
Andrey Nering
d2bb8ef503 Notifications: trying to get a better layout (#660)
* i18n button titles

* Improvements on notification page layout

* Notification count badge fixes

* Make table <tr> clickable

* Fix octicon aligment

* Fix use of AppSubUrl
2017-01-18 09:18:55 +08:00
Andrew
6dd096b7f0 Two factor authentication support (#630)
* Initial commit for 2FA support

Signed-off-by: Andrew <write@imaginarycode.com>

* Add vendored files

* Add missing depends

* A few clean ups

* Added improvements, proper encryption

* Better encryption key

* Simplify "key" generation

* Make 2FA enrollment page more robust

* Fix typo

* Rename twofa/2FA to TwoFactor

* UNIQUE INDEX -> UNIQUE
2017-01-16 10:14:29 +08:00
xgitea
64b167138f docs: update translation on notification page for zh-CN (#649)
* docs: update translation on notification page for zh-CN

* use international resources
2017-01-13 17:31:48 +08:00
Andrey Nering
769e0a3ea6 Notifications: mark as read/unread and pin (#629)
* Use relative URLs

* Notifications - Mark as read/unread

* Feature of pinning a notification

* On view issue, do not mark as read a pinned notification
2017-01-12 12:27:09 +08:00
derSuessmann
51d578ff33 Add Keep email private (see issue #571). (#571)
- Add site-wide option DEFAULT_KEEP_EMAIL_PRIVATE.
- Add the new option to the install and admin/config pages.
- Add the new option to app.ini in the service section.
- Add the new option to the settings struct.
- Add English text strings to i18n.
- Add field KeepEmailPrivate to user struct.
- Add field KeepEmailPrivate to user form.
- Add option to UI.
- Add using noreply email address if user has "Keep Email Private".
An email address <LowerName>@<NO_REPLY_ADDRESS> is now used in commit
messages (and hopefully all other git log relevant places). The
change relies on the fact that git commands should use
user.NetGitSig().
- Add hiding of email address in UI, if user has set "Keep Email Private".
- Add condition to show email address only on explore/users and user
pages, if user has not set "Keep Email Private".
- Add noreply email in API if set "Keep Email Private".
- Add a new service setting NO_REPLY_ADDRESS. The value of this
setting is used as the domain part for the user's email address in
git log, iff he decides to keep his email address private.
If the user decides to keep his email address private and this
option is not set 'noreply.example.org' is used, which no MTA
should send email to.

Add NO_REPLY_ADDRESS to conf/app.ini.
2017-01-08 11:12:03 +08:00
Andrey Nering
b354cf362e Add pagination for notifications 2017-01-03 17:09:36 -02:00
Andrey Nering
341a3b571b Do not get count on /api routers 2017-01-02 16:31:50 -02:00
Andrey Nering
6069abe5fd Notifications - Step 2 2016-12-30 16:51:24 -02:00
Andrey Nering
b992858883 Tab on user profile to show starred repos (#519)
* Tab on user profile to show starred repos

* Make golint happy and use transactions on StarRepo function

* x -> sess

* Use sess.Close() instead of sess.Rollback()

* Add copyright

* Fix lint
2016-12-29 22:58:24 +08:00
Bwko
f27d87d93b Added minimum password length to app.ini (#223) 2016-12-24 21:40:44 +08:00
Ethan Koenig
d0932ef147 Bug fixes for Issues filters (#413)
Correctly handle simultaneous assignee/poster filters, and conflicting assignee filters
2016-12-24 18:33:21 +08:00
Lunny Xiao
a12da66dfb resolved #394 (#396) 2016-12-23 01:26:01 +01:00
Denis Denisov
380e32e129 Fix random string generator (#384)
* Remove unused custom-alphabet feature of random string generator

Fix random string generator

Random string generator should return error if it fails to read random data via crypto/rand

* Fixes variable (un)initialization mixed assign
Update test GetRandomString
2016-12-20 13:32:02 +01:00
Lunny Xiao
b4c794058a fixed vulnerabilities (#392) 2016-12-15 16:49:06 +08:00
Bwko
a4ece1f223 Fixes typos 2016-11-27 12:59:12 +01:00
Lunny Xiao
94da472717 Golint fixed for modules/setting (#262)
* golint fixed for modules/setting

* typo fixed and renamed UNIXSOCKET to UnixSocket
2016-11-27 18:14:25 +08:00
Lunny Xiao
cf045b029c golint fixed for parts of routers root, dev, user and org dirs (#167)
* golint fixed for parts of routers root, dev and org dirs

* add user/auth.go golint fixed

* rename unnecessary exported to unexported and user dir golint fixed
2016-11-18 11:03:03 +08:00
Thibault Meyer
ddee4c8b58
Normalize files with gofmt 2016-11-11 13:11:45 +01:00
Sandro Santilli
4247304f5a Update import paths from github.com/go-gitea to code.gitea.io (#135)
- Update import paths from github.com/go-gitea to code.gitea.io
- Fix import path for travis

See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
2016-11-10 17:24:48 +01:00
Joubert RedRat
f91cbf0fed Support to last login feature 2016-11-09 08:53:45 -02:00
Sandro Santilli
b7bf9dfd28 more 2016-11-07 17:55:31 +01:00
Sandro Santilli
f6a11e0de1 More MixedCase consts 2016-11-07 17:24:59 +01:00
Rémy Boulanouar
2d68bd1ef9 Change import reference to match gitea instead of gogs (#37) 2016-11-03 10:29:56 -02:00
LefsFlare
2cb5ec5983 Prevented user enumeration of valid users through HTTP status codes of login (#3639) (#3654) 2016-10-16 22:08:40 -04:00
Unknwon
780cc2d110 router/repo: code refactoring 2016-08-30 02:08:38 -07:00
Unknwon
f0b5c3b90a #3448 redirect if any after sign in 2016-08-27 15:07:02 -07:00
lstahlman
2c82fc3edb Fix for #3410 overall issues for organisations is limited to num_repos from the user (#3412) 2016-08-09 10:00:42 -07:00
Sandro Santilli
90dd0657b5 Add support for federated avatars (#3320)
* Add support for federated avatars

Fixes #3105

Removes avatar fetching duplication code
Adds an "Enable Federated Avatar" checkbox in user settings
(defaults to unchecked)

Moves avatar settings all in the same form, making
local and remote avatars mutually exclusive

Renames UploadAvatarForm to AvatarForm
as it's not anymore only for uploading

* Run gofmt on all modified files

* Move Avatar form in its own page

* Add go-libravatar dependency to vendor/ dir

Hopefully helps with accepting the contribution.
See also #3214

* Revert "Add go-libravatar dependency to vendor/ dir"

This reverts commit a8cb93ae640bbb90f7d25012fc257bda9fae9b82.

* Make federated avatar setting a global configuration

Removes the per-user setting

* Move avatar handling back to base tool, disable federated avatar in offline mode

* Format, handle error

* Properly set fallback host

* Use unsupported github.com mirror for importing go-libravatar

* Remove comment showing life exists outside of github.com

... pity, but contribution would not be accepted otherwise

* Use Combo for Get and Post methods over /avatar

* FEDERATED_AVATAR -> ENABLE_FEDERATED_AVATAR

* Fix persistance of federated avatar lookup checkbox at install time

* Federated Avatars -> Enable Federated Avatars

* Use len(string) == 0 instead of string == ""

* Move import line where it belong

See
https://github.com/Unknwon/go-code-convention/blob/master/en-US/import_packages.md

Pity the import url is still the unofficial one, but oh well...

* Save a line (and waste much more expensive time)

* Remove redundant parens

* Remove an empty line

* Remove empty lines

* Reorder lines to make diff smaller

* Remove another newline

Unknwon review got me start a fight against newlines

* Move DISABLE_GRAVATAR and ENABLE_FEDERATED_AVATAR after OFFLINE_MODE

On re-reading the diff I figured what Unknwon meant here:
https://github.com/gogits/gogs/pull/3320/files#r73741106

* Remove newlines that weren't there before my intervention
2016-08-07 10:27:38 -07:00
Unknwon
cf6d321991 Ignore repository with issue disabled or use external tracker in dashboard issues 2016-08-05 12:46:26 -07:00