675 Commits

Author	SHA1	Message	Date
KN4CK3R	df789d962b	Add Cargo package registry (#21888) ... This PR implements a [Cargo registry](https://doc.rust-lang.org/cargo/) to manage Rust packages. This package type was a little bit more complicated because Cargo needs an additional Git repository to store its package index. Screenshots:    --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>	2023-02-05 18:12:31 +08:00
ByLCY	7baeb9c52a	Add new captcha: cloudflare turnstile (#22369) ... Added a new captcha(cloudflare turnstile) and its corresponding document. Cloudflare turnstile official instructions are here: https://developers.cloudflare.com/turnstile Signed-off-by: ByLCY <bylcy@bylcy.dev> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Jason Song <i@wolfogre.com>	2023-02-05 15:29:03 +08:00
yp05327	9ef8bfb69b	set user dashboard org visibility to basic (#22706) ... Same to https://github.com/go-gitea/gitea/pull/22674 and https://github.com/go-gitea/gitea/pull/22605 Sorry to create 3 PR to fix this. I checked all span with class `org-visibility`, i think this is the last one :) And I found that private/limited user has no private/limited tag in dashboard. but org does. If it is ok i will add this feature in another pr. Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>	2023-02-02 14:53:14 +08:00
Felipe Leopoldo Sologuren Gutiérrez	15c035775a	Add main landmark to templates and adjust titles (#22670) ... * Add main aria landmark to templates * Adjust some titles to improve understanding of location in navigation Contributed by @Forgejo	2023-02-01 22:56:10 +00:00
KN4CK3R	5882e179a9	Add user secrets (#22191) ... Fixes #22183 Replaces #22187 This PR adds secrets for users. I refactored the files for organizations and repos to use the same logic and templates. I splitted the secrets from deploy keys again and reverted the fix from #22187. --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>	2023-02-01 20:53:04 +08:00
Francesco Siddi	c14d3e80e8	Remove label color from global issue filters (#22660) ... The use of ui colors (red, green, etc) should be limited to actionable or dismissable entries. Before this commit, a green/red label was used to display issues count on each repository. This did not add any meaningful information to the list. Removing the label reduces ambiguity and makes the list easier to scan visually.  --------- Co-authored-by: delvh <dev.lh@web.de>	2023-01-31 20:58:34 +08:00
yp05327	f47ea60c07	set user visibility class to basic (#22674) ... Same to https://github.com/go-gitea/gitea/pull/22605   These two page are both used at user and org, so if i fixed the org page, the user page will be also be fixed.	2023-01-31 07:05:25 +00:00
Otto Richter (fnetX)	95d9fbdcf3	Fix error on account activation with wrong passwd (#22609) ... On activating local accounts, the error message didn't differentiate between using a wrong or expired token, or a wrong password. The result could already be obtained from the behaviour (different screens were presented), but the error message was misleading and lead to confusion for new users on Codeberg with Forgejo. Now, entering a wrong password for a valid token prints a different error message. The problem was introduced in 0f14f69e60. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>	2023-01-28 15:59:46 +08:00
John Olheiser	642db3c8f7	Fix `delete_repo` in template (#22606) ... Currently the value doesn't match the model, so selecting it results in a 500. e8ac6a9aea/models/auth/token_scope.go (L42) Signed-off-by: jolheiser <john.olheiser@gmail.com>	2023-01-26 14:36:15 -06:00
John Olheiser	46d024428f	fix: read:org scope (#22556) ... Hard to see in the diff, but this was duplicated in the wrong section. 	2023-01-20 13:42:54 -05:00
Lunny Xiao	6fe3c8b398	Support org/user level projects (#22235) ... Fix #13405 <img width="1151" alt="image" src="https://user-images.githubusercontent.com/81045/209442911-7baa3924-c389-47b6-b63b-a740803e640e.png"> Co-authored-by: 6543 <6543@obermui.de>	2023-01-20 19:42:33 +08:00
Lunny Xiao	0c048e554b	Fix template bug of access scope (#22540) ... Fix https://github.com/go-gitea/gitea/pull/20908#discussion_r1082075526 Co-authored-by: techknowlogick <techknowlogick@gitea.io>	2023-01-20 15:43:43 +08:00
Chongyi Zheng	de484e86bc	Support scoped access tokens (#20908) ... This PR adds the support for scopes of access tokens, mimicking the design of GitHub OAuth scopes. The changes of the core logic are in `models/auth` that `AccessToken` struct will have a `Scope` field. The normalized (no duplication of scope), comma-separated scope string will be stored in `access_token` table in the database. In `services/auth`, the scope will be stored in context, which will be used by `reqToken` middleware in API calls. Only OAuth2 tokens will have granular token scopes, while others like BasicAuth will default to scope `all`. A large amount of work happens in `routers/api/v1/api.go` and the corresponding `tests/integration` tests, that is adding necessary scopes to each of the API calls as they fit. - [x] Add `Scope` field to `AccessToken` - [x] Add access control to all API endpoints - [x] Update frontend & backend for when creating tokens - [x] Add a database migration for `scope` column (enable 'all' access to past tokens) I'm aiming to complete it before Gitea 1.19 release. Fixes #4300	2023-01-17 15:46:03 -06:00
Gusted	b76970f2e4	Fix key signature error page (#22229) ... - When the GPG key contains an error, such as an invalid signature or an email address that does not match the user.A page will be shown that says you must provide a signature for the token. - This page had two errors: one had the wrong translation key and the other tried to use an undefined variable [`.PaddedKeyID`](e81ccc406b/models/asymkey/gpg_key.go (L65-L72)), which is a function implemented on the `GPGKey` struct, given that we don't have that, we use [`KeyID`](e81ccc406b/routers/web/user/setting/keys.go (L102)) which is [the fingerprint of the publickey](https://pkg.go.dev/golang.org/x/crypto/openpgp/packet#PublicKey.KeyIdString) and is a valid way for opengpg to refer to a key. Before:  After:  Co-authored-by: zeripath <art27@cantab.net>	2022-12-30 12:53:05 +08:00
silverwind	c4c4151f7d	Fix margin and alignment in dashboard repolist (#22120) ... Seems this has recently regressed, previously, there was a significant whitespace between icon and text, but it seems to be gone, so I added the margin and also vertically aligned the icon because it was slightly misaligned. Before: <img width="419" alt="Screenshot 2022-12-13 at 20 03 51" src="https://user-images.githubusercontent.com/115237/207422938-7c45110c-f73e-4344-afc8-c072266d1f95.png"> After: <img width="419" alt="image" src="https://user-images.githubusercontent.com/115237/207447579-95525405-574d-4ca8-84ba-d8a9af50015a.png"> Co-authored-by: KN4CK3R <admin@oldschoolhack.me>	2022-12-17 09:58:57 +08:00
Jason Song	2779d47ad3	Optimize html templates (#22080) ... Replace `active{{end}} item` with `active{{end}} item`.	2022-12-09 21:34:51 +08:00
Yarden Shoham	77f50356f4	Remove useless "Cancel" buttons (#21872) ... * Continues #21381 These buttons have no real use. To cancel, one would simply navigate away. Signed-off-by: Yarden Shoham <hrsi88@gmail.com>	2022-12-05 20:38:34 +08:00
花墨	7020c4afb7	Fix leaving organization bug on user settings -> orgs (#21983) ... Fix #21772 Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	2022-11-30 17:00:00 +08:00
Xinyu Zhou	68e934ab5d	Add option to enable CAPTCHA validation for login (#21638) ... Enable this to require captcha validation for user login. You also must enable `ENABLE_CAPTCHA`. Summary: - Consolidate CAPTCHA template - add CAPTCHA handle and context - add `REQUIRE_CAPTCHA_FOR_LOGIN` config and docs - Consolidate CAPTCHA set-up and verification code Partially resolved #6049 Signed-off-by: Xinyu Zhou <i@sourcehut.net> Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Andrew Thornton <art27@cantab.net>	2022-11-22 21:13:18 +00:00
Xinyu Zhou	b4802b9b2e	Allow disable RSS/Atom feed (#21622) ... This patch provide a mechanism to disable RSS/Atom feed. Signed-off-by: Xinyu Zhou <i@sourcehut.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: 6543 <6543@obermui.de>	2022-11-21 13:14:58 +08:00
KN4CK3R	32db62515f	Add package registry cleanup rules (#21658) ... Fixes #20514 Fixes #20766 Fixes #20631 This PR adds Cleanup Rules for the package registry. This allows to delete unneeded packages automatically. Cleanup rules can be set up from the user or org settings. Please have a look at the documentation because I'm not a native english speaker. Rule Form  Rule List  Rule Preview  Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>	2022-11-20 16:08:38 +02:00
KN4CK3R	044c754ea5	Add `context.Context` to more methods (#21546) ... This PR adds a context parameter to a bunch of methods. Some helper `xxxCtx()` methods got replaced with the normal name now. Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>	2022-11-19 16:12:33 +08:00
Vladimir Yakovlev	0218fa7cf1	Added missing headers on user packages page (#21172) ... User packages page had missing tabs.   Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Lauris BH <lauris@nix.lv>	2022-10-24 20:01:05 +08:00
M Hickford	191a74d622	Record OAuth client type at registration (#21316) ... The OAuth spec [defines two types of client](https://datatracker.ietf.org/doc/html/rfc6749#section-2.1), confidential and public. Previously Gitea assumed all clients to be confidential. > OAuth defines two client types, based on their ability to authenticate securely with the authorization server (i.e., ability to > maintain the confidentiality of their client credentials): > > confidential > Clients capable of maintaining the confidentiality of their credentials (e.g., client implemented on a secure server with > restricted access to the client credentials), or capable of secure client authentication using other means. > > **public > Clients incapable of maintaining the confidentiality of their credentials (e.g., clients executing on the device used by the resource owner, such as an installed native application or a web browser-based application), and incapable of secure client authentication via any other means.** > > The client type designation is based on the authorization server's definition of secure authentication and its acceptable exposure levels of client credentials. The authorization server SHOULD NOT make assumptions about the client type. https://datatracker.ietf.org/doc/html/rfc8252#section-8.4 > Authorization servers MUST record the client type in the client registration details in order to identify and process requests accordingly. Require PKCE for public clients: https://datatracker.ietf.org/doc/html/rfc8252#section-8.1 > Authorization servers SHOULD reject authorization requests from native apps that don't use PKCE by returning an error message Fixes #21299 Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>	2022-10-24 15:59:24 +08:00
Yarden Shoham	acdb92ad42	Localize all timestamps (#21440) ... Following * #21410 We are now able to localize all timestamps. Some examples: `short-date` format, French, user profile page:  `date-time` format, Portuguese, mirror repository settings page:  Signed-off-by: Yarden Shoham <hrsi88@gmail.com> Signed-off-by: Yarden Shoham <hrsi88@gmail.com> Co-authored-by: Gusted <williamzijl7@hotmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>	2022-10-17 12:08:21 +08:00
Yarden Shoham	b9cd6fb703	Add `code` highlighting in issue titles (#21432) ... This changes the rendering logic of issue titles. If a substring in an issue title is enclosed with a pair of backticks, it'll be rendered with a monospace font (HTML `code` tag). * Closes #20887 Signed-off-by: Yarden Shoham <hrsi88@gmail.com> Co-authored-by: Gusted <williamzijl7@hotmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: 6543 <6543@obermui.de>	2022-10-16 02:24:41 +08:00
Yarden Shoham	c4f7c96903	Run `make fmt` (#21437) ... The only change is what `make fmt` did, I am merely a vessel for its glorious function Signed-off-by: Yarden Shoham <hrsi88@gmail.com>	2022-10-13 21:33:54 -04:00
qwerty287	a902af75f4	Support instance-wide OAuth2 applications (#21335) ... Support OAuth2 applications created by admins on the admin panel, they aren't owned by anybody. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Lauris BH <lauris@nix.lv>	2022-10-12 22:08:29 +08:00
Lauris BH	b59b0cad0a	Add user/organization code search (#19977) ... Fixes #19925 Screenshots: 	2022-10-11 00:12:03 +01:00
qwerty287	a813c9d8f3	Allow creation of OAuth2 applications for orgs (#18084) ... Adds the settings pages to create OAuth2 apps also to the org settings and allows to create apps for orgs. Refactoring: the oauth2 related templates are shared for instance-wide/org/user, and the backend code uses `OAuth2CommonHandlers` to share code for instance-wide/org/user. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	2022-10-09 20:07:41 +08:00
John Olheiser	2d2cf589f7	Fix linked account translation (#21331) ... fix key used for translation	2022-10-04 07:51:07 -05:00
André Jaenisch	04e97b8311	Refactor from Vue2 to Vue3 (#20044) ... Close #19902	2022-10-01 22:26:38 +08:00
qwerty287	08609d439d	Add pages to view watched repos and subscribed issues/PRs (#17156) ... Adds GitHub-like pages to view watched repos and subscribed issues/PRs This is my second try to fix this, but it is better than the first since it doesn't uses a filter option which could be slow when accessing `/issues` or `/pulls` and it shows both pulls and issues (the first try is #17053). Closes #16111 Replaces and closes #17053  Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	2022-09-29 22:09:14 +03:00
neon	0bd59381ad	Center-aligning content of WebAuthN page (#21127) ... <!-- Please check the following: 1. Make sure you are targeting the `main` branch, pull requests on release branches are only allowed for bug fixes. 2. Read contributing guidelines: https://github.com/go-gitea/gitea/blob/main/CONTRIBUTING.md 3. Describe what your pull request does and which issue you're targeting (if any) --> This attempts to correct #21126 , where the content of the page is not center-aligned. (Note: I think this contains the right commits - but, those other commits seem superfluous. I'm not sure I've made the pull request correctly. I don't often use the pull request pattern when working, opting to use the merge-request pattern instead for my workplace. If there are any issues, please let me know and I will try to correct them.) Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	2022-09-09 16:18:54 -04:00
silverwind	647b2649b1	Make sure fmt catches all templates (#20979) ... * Make sure fmt catches all templates Make's `wildcard` is not recursive so it missed many template files, fix that by using `find`. * Update Makefile	2022-08-31 23:58:54 +08:00
silverwind	c80ca94ab1	Remove black labels and CSS cleanup (#21003) ... Co-authored-by: John Olheiser <john.olheiser@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>	2022-08-31 17:04:41 +08:00
silverwind	6c4688e1b1	Add whitespace removal inside template curly brackes (#20853)	2022-08-25 17:55:52 -04:00
CodeDoctor	aedfc923ad	Improve single repo action for issue and pull requests (#20730) ... Related to #20650. This will fix the behavior of the single repo action for pull requests and disables the button for other screens that don't have a single repo action currently.	2022-08-22 13:51:48 +01:00
zeripath	11bae50484	Pad GPG Key ID with preceding zeroes (#20878)	2022-08-21 02:50:15 -04:00
Gusted	fad0e7a497	Fix create repository page's help text (#20810)	2022-08-18 22:13:08 -04:00
techknowlogick	d8e6c99125	Add badge capabilities to users (#20607) ... Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: John Olheiser <john.olheiser@gmail.com>	2022-08-18 02:25:25 +03:00
silverwind	802c5313e1	Replace some icons with SVG (#20741) ... - Replace some icons with SVG - Create teams help page - Application and SSH keys icons - Add new icon for app token - Use fontawesom-send	2022-08-10 18:30:40 +02:00
Gusted	58de07e5fd	Add support mCaptcha as captcha provider (#20458) ... https://mcaptcha.org/ Co-authored-by: Felipe Leopoldo Sologuren Gutiérrez <fsologureng@users.noreply.github.com>	2022-08-10 15:20:10 +02:00
silverwind	1b2cd4c4e1	Replace fomantic popup module with tippy.js (#20428) ... - replace fomantic popup module with tippy.js - fix chaining and add comment - add 100ms delay to tooltips - stopwatch improvments, raise default maxWidth - update web_src/js/features/common-global.js - use type=submit instead of js	2022-08-09 14:37:34 +02:00
CodeDoctor	36f9ee5813	Add an option to create new issues from "/issues" page (#20650)	2022-08-09 19:30:09 +08:00
6543	0b12abcfb5	Add missing Tabs on organisation/package view (Frontport #20539) (#20540) ... hotfix #20106	2022-07-31 14:32:51 +02:00
wxiaoguang	2c108d20ba	Fix i18n for email notifications (#20518)	2022-07-28 17:28:46 +02:00
Tyrone Yeh	3bd8f50af8	Added email notification option to receive all own messages (#20179) ... Sometimes users want to receive email notifications of messages they create or reply to, Added an option to personal preferences to allow users to choose Closes #20149	2022-07-28 16:30:12 +08:00
Baoshuo Ren	175705356c	Fix icon margin in user/settings/repos (#20281)	2022-07-14 11:03:31 +08:00
Gusted	d55a0b7238	Refactor `i18n` to `locale` (#20153) ... * Refactor `i18n` to `locale` - Currently we're using the `i18n` variable naming for the `locale` struct. This contains locale's specific information and cannot be used for general i18n purpose, therefore refactoring it to `locale` makes more sense. - Ref: https://github.com/go-gitea/gitea/pull/20096#discussion_r906699200 * Update routers/install/install.go	2022-06-27 15:58:46 -05:00