Commit graph

829 commits

Author SHA1 Message Date
Gusted
4c40bf5d29 Merge pull request '[SEC] Notify owner about TOTP enrollment' (#4704) from gusted/sec-more-totp into forgejo
Some checks are pending
/ release (push) Waiting to run
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-remote-cacher (map[image:docker.io/valkey/valkey:7.2.5-alpine3.19 port:6379]) (push) Blocked by required conditions
testing / test-remote-cacher (map[image:ghcr.io/microsoft/garnet-alpine:1.0.14 port:6379]) (push) Blocked by required conditions
testing / test-remote-cacher (map[image:redis:7.2 port:6379]) (push) Blocked by required conditions
testing / test-remote-cacher (map[image:registry.redict.io/redict:7.3.0-scratch port:6379]) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4704
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
2024-07-27 20:53:47 +00:00
Earl Warren
ff6aceaeac
feat: optimize the FindUnreferencedPackages package query
Replace a double select with a simple select.

The complication originates from the initial implementation which
deleted packages instead of selecting them. It was justified to
workaround a problem in MySQL. But it is just a waste of resources
when collecting a list of IDs.
2024-07-27 15:57:24 +02:00
Gusted
a7e96aae66
[SEC] Notify owner about TOTP enrollment
- In the spirit of #4635
- Notify the owner when their account is getting enrolled into TOTP. The
message is changed according if they have security keys or not.
- Integration test added.
2024-07-26 19:49:22 +02:00
0ko
13cb4b3f2e fix(ui): fix conversation template 2024-07-25 23:51:17 +05:00
Earl Warren
e9e3b8c0f3
fix(api): issue state change is not idempotent
The PATCH if issue & pull request switched to use the service
functions instead. However, the service function changing the state is
not idempotent. Instead of doing nothing which changing from open to
open or close to close, it will fail with an error like:

 Issue [2472] 0 was already closed

Regression of: 6a4bc0289d

Fixes: https://codeberg.org/forgejo/forgejo/issues/4686
2024-07-25 15:16:44 +02:00
Robert Wolff
0a74c95b2a fix(ui): use right placeholder string in milestones search (#4628)
This PR fixes a wrong placeholder for the search for milestones. I tested it locally (see attachments, below).

Before: https://codeberg.org/attachments/ba845ce1-1f20-4131-a74d-7220986a4acf
After: https://codeberg.org/attachments/0c4e32ee-b1a8-4472-837d-daa2a2a50121

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4628
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Robert Wolff <mahlzahn@posteo.de>
Co-committed-by: Robert Wolff <mahlzahn@posteo.de>
2024-07-25 03:33:44 +00:00
Gusted
4383da91bd
[SECURITY] Notify users about account security changes
- Currently if the password, primary mail, TOTP or security keys are
changed, no notification is made of that and makes compromising an
account a bit easier as it's essentially undetectable until the original
person tries to log in. Although other changes should be made as
well (re-authing before allowing a password change), this should go a
long way of improving the account security in Forgejo.
- Adds a mail notification for password and primary mail changes. For
the primary mail change, a mail notification is sent to the old primary
mail.
- Add a mail notification when TOTP or a security keys is removed, if no
other 2FA method is configured the mail will also contain that 2FA is
no longer needed to log into their account.
- `MakeEmailAddressPrimary` is refactored to the user service package,
as it now involves calling the mailer service.
- Unit tests added.
- Integration tests added.
2024-07-23 18:31:47 +02:00
Earl Warren
ded237ee77 Merge pull request '[gitea] week 2024-30 cherry pick (gitea/main -> forgejo)' (#4607) from algernon/wcp/2024-30 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4607
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-07-23 16:01:28 +00:00
Gusted
3ba64bd038 Merge pull request 'Reserve the devtest username' (#4638) from ikuyo/forgejo:reserve-devtest into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4638
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-07-23 12:59:16 +00:00
Ikuyo
859cc23dc2
Add missing trailing comma 2024-07-23 11:04:57 +05:00
Ikuyo
90c0e9dace
Add devtest in reserved usernames test 2024-07-23 08:38:55 +05:00
Gusted
40baa96fc3
[CHORE] Add playwright eslint plugin
- Add https://github.com/playwright-community/eslint-plugin-playwright
as a linter for the playwright tests.
- `no-networkidle` and `no-conditional-in-test` are disabled as fixing
those doesn't seem to really improve testing quality for our use case.
- Some non-recommended linters are enabled to ensure consistency (the
prefer rules).
2024-07-22 20:03:32 +02:00
Rowan Bohde
21fdd28f08
allow synchronizing user status from OAuth2 login providers (#31572)
This leverages the existing `sync_external_users` cron job to
synchronize the `IsActive` flag on users who use an OAuth2 provider set
to synchronize. This synchronization is done by checking for expired
access tokens, and using the stored refresh token to request a new
access token. If the response back from the OAuth2 provider is the
`invalid_grant` error code, the user is marked as inactive. However, the
user is able to reactivate their account by logging in the web browser
through their OAuth2 flow.

Also changed to support this is that a linked `ExternalLoginUser` is
always created upon a login or signup via OAuth2.

Ideally, we would also refresh permissions from the configured OAuth
provider (e.g., admin, restricted and group mappings) to match the
implementation of LDAP. However, the OAuth library used for this `goth`,
doesn't seem to support issuing a session via refresh tokens. The
interface provides a [`RefreshToken`
method](https://github.com/markbates/goth/blob/master/provider.go#L20),
but the returned `oauth.Token` doesn't implement the `goth.Session` we
would need to call `FetchUser`. Due to specific implementations, we
would need to build a compatibility function for every provider, since
they cast to concrete types (e.g.
[Azure](https://github.com/markbates/goth/blob/master/providers/azureadv2/azureadv2.go#L132))

---------

Co-authored-by: Kyle D <kdumontnu@gmail.com>
(cherry picked from commit 416c36f3034e228a27258b5a8a15eec4e5e426ba)

Conflicts:
	- tests/integration/auth_ldap_test.go
	  Trivial conflict resolved by manually applying the change.
	- routers/web/auth/oauth.go
	  Technically not a conflict, but the original PR removed the
	  modules/util import, which in our version, is still in use. Added it
	  back.
2024-07-22 15:44:13 +02:00
Gusted
6a49e3f468
[BUG] Fix panic on too high page number
- Fixes a panic where the file history router would panic if the page
number was set to a page where no commits would be returned. It now
returns a 404 in such case.
- Regresion of a5b1c1b0b3
- Panic log provided by @algernon.
- Minimal integration test added.

Co-authored-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-07-21 02:01:54 +02:00
0ko
c235e9b919 ui: encourage participation in the localization of Forgejo in language settings (#4596)
Some checks are pending
/ release (push) Waiting to run
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-remote-cacher (map[image:docker.io/valkey/valkey:7.2.5-alpine3.19 port:6379]) (push) Blocked by required conditions
testing / test-remote-cacher (map[image:ghcr.io/microsoft/garnet-alpine:1.0.14 port:6379]) (push) Blocked by required conditions
testing / test-remote-cacher (map[image:redis:7.2 port:6379]) (push) Blocked by required conditions
testing / test-remote-cacher (map[image:registry.redict.io/redict:7.3.0-scratch port:6379]) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
Changes:
- clarify how the language selector works as this is not very unclear: the footer selector is per-session and the settings selector is per-account, usually users need the 2nd
- tell about how to participate in improvement of localization via this link: https://forgejo.org/docs/latest/developer/localization/. Test that the link is present by extending and existing test

Preview:
- https://codeberg.org/attachments/f5d04fa1-2e9a-46e4-ac94-d8effefb9762
- https://codeberg.org/attachments/2a820bf5-1326-4c4a-9aff-4b9b70ee1bc0

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4596
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-07-20 16:38:59 +00:00
Earl Warren
eb61437a52 Merge pull request '[UI] Convert milestone to HTMX' (#4542) from gusted/htmx-milestone into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4542
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-07-20 07:49:28 +00:00
Earl Warren
3e8f975345 Merge pull request 'Remove hardcoded filenames for better readability' (#4225) from Xinayder/forgejo:alpine-noarch into forgejo
Some checks failed
/ release (push) Has been cancelled
testing / backend-checks (push) Has been cancelled
testing / frontend-checks (push) Has been cancelled
testing / test-unit (push) Has been cancelled
testing / test-remote-cacher (map[image:docker.io/valkey/valkey:7.2.5-alpine3.19 port:6379]) (push) Has been cancelled
testing / test-remote-cacher (map[image:ghcr.io/microsoft/garnet-alpine:1.0.14 port:6379]) (push) Has been cancelled
testing / test-remote-cacher (map[image:redis:7.2 port:6379]) (push) Has been cancelled
testing / test-remote-cacher (map[image:registry.redict.io/redict:7.3.0-scratch port:6379]) (push) Has been cancelled
testing / test-mysql (push) Has been cancelled
testing / test-pgsql (push) Has been cancelled
testing / test-sqlite (push) Has been cancelled
testing / security-check (push) Has been cancelled
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4225
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-07-18 13:28:09 +00:00
Alexandre Oliveira
ef815db8f2 Remove hardcoded filenames for better readability 2024-07-17 23:20:48 +02:00
TheFox0x7
3fca6c0bf5
test: enforce tenv usage in tests 2024-07-17 23:07:41 +02:00
Earl Warren
c349da723c
Revert "ui: update pull request icons (#4455)" (partial)
This reverts commit 8e56f61d0f.

Refs: https://codeberg.org/forgejo/discussions/issues/192
2024-07-17 16:56:25 +02:00
Earl Warren
125e4832e0 Merge pull request 'Update module github.com/go-testfixtures/testfixtures/v3 to v3.12.0 (forgejo)' (#4485) from renovate/forgejo-github.com-go-testfixtures-testfixtures-v3-3.x into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4485
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-07-17 14:07:10 +00:00
Gusted
d731dc793b
[UI] Convert milestone to HTMX
- Currently if you want to update the milestone of an issue or pull
request, your whole page will be reloaded to reflect the newly set
milestone. This is quite unecessary, as only the milestone text is
updated and a new timeline event is added.
- This patch converts the milestone section in the issue/pull request
sidebar to use HTMX, so it becomes a progressive element and avoids
reloading the whole page to update the milestone.
- The update of the milestone section itself is quite straightforward
and nothing special is happening. To support adding new timeline events,
a new element `#insert-timeline` is conviently placed after the last
timeline event, which can be used with
[`hx-swap-oob`](https://htmx.org/attributes/hx-swap-oob/) to position
new timeline events before that element.
- Adds E2E test.
2024-07-17 14:52:00 +02:00
Earl Warren
011a7cffd2 Merge pull request 'fix: labels set during issue creation are not displayed' (#4546) from 0ko/forgejo:ui-labels-aaa into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4546
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-07-17 12:03:43 +00:00
0ko
326958316d ui: fix issue labels 2024-07-17 16:19:44 +05:00
Gusted
14d9c386fd
[UI] Fix HTMX support for profile card
- There were two issues with the profile card since the introduction of
HTMX in 3e8414179c. If an HTMX request
resulted in a flash message, it wasn't being shown and HTMX was
replacing all the HTML content instead of morphing it into the existing
DOM which caused event listeners to be lost for buttons.
- Flash messages are now properly being shown by using `hx-swap-oob`
and sending the alerts on a HTMX request, this does mean it requires
server-side changes in order to support HTMX requests like this, but
it's luckily not a big change either.
- Morphing is now enabled for the profile card by setting
`hx-swap="morph"`, and weirdly, the morphing library was already
installed and included as a dependency. This solves the issue of buttons
losing their event listeners.
- This patch also adds HTMX support to the modals feature, which means
that the blocking feature on the profile card now takes advantage of
HTMX.
- Added a E2E test.
2024-07-17 01:41:32 +02:00
Gusted
984d0127f1
Enable multiStatements for MySQL
Some checks failed
renovate / renovate (push) Has been cancelled
2024-07-16 23:16:03 +02:00
Earl Warren
5fc3916fff
docs(e2e): explain how to use VSCodium or VSCode
Imported from the docs to keep them in one place.
2024-07-16 17:22:39 +02:00
Solomon Victorino
df22f8da5f fix: preserve object format dropdown options on /repo/create error (#4360)
To reproduce:
- make the repo creation form return with an error, like a duplicate name
- click on the Object format dropdown
- the options are missing as the listbox is empty

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4360
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Solomon Victorino <git@solomonvictorino.com>
Co-committed-by: Solomon Victorino <git@solomonvictorino.com>
2024-07-16 14:42:35 +00:00
Bram Hagens
8e56f61d0f ui: update pull request icons (#4455)
Added a new icon for closed PRs (similar to GitHub, GitLab, etc),
Fixes https://codeberg.org/forgejo/forgejo/issues/4454.

Before:
- https://codeberg.org/attachments/b17c5846-506f-4b32-97c9-03f31c5ff758
- https://codeberg.org/attachments/babcd011-d340-4a9e-94db-ea17ef6d3c2b
- https://codeberg.org/attachments/dbca009a-413e-48ab-84b1-55ad7f4fcd3d

After:
- https://codeberg.org/attachments/3e161f7b-4172-4a8c-a8eb-54bcf81c0cae
- https://codeberg.org/attachments/0c308f7e-25a0-49a3-9c86-1b1f9ab39467
- https://codeberg.org/attachments/b982b6b8-c78a-4332-8269-50d01de834e0

Co-authored-by: 0ko <0ko@noreply.codeberg.org>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4455
Reviewed-by: Caesar Schinas <caesar@caesarschinas.com>
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Bram Hagens <bram@bramh.me>
Co-committed-by: Bram Hagens <bram@bramh.me>
2024-07-16 14:38:46 +00:00
Gergely Nagy
fc4f914e71
Load attachments for /issues/comments/{id}
The `/repos/{owner}/{repo}/issues/comments/{id}` API endpoint returns an
`assets` field, but the route handler did not load attachments, thus,
the field was never populated.

This patch fixes that, and adds a test to exercise it. The test fails
without the fix.

This addresses a bug discovered in Codeberg/Community#1607.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-07-16 11:09:54 +02:00
Earl Warren
56ee58c239 Merge pull request '[CHORE] Use github.com/ProtonMail/go-crypto' (#4506) from gusted/proton-openpgp into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4506
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-07-15 16:49:05 +00:00
Earl Warren
f4b8ffcca4 Merge pull request '[CHORE] Update jsonschema library to v6' (#4496) from gusted/update-jsonscheme into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4496
Reviewed-by: Otto <otto@codeberg.org>
2024-07-15 16:47:37 +00:00
Gusted
45341ee9ce
[CHORE] Use github.com/ProtonMail/go-crypto
- We were previously using `github.com/keybase/go-crypto`, because the
package for openpgp by Go itself is deprecated and no longer
maintained. This library provided a maintained version of the openpgp
package. However, it hasn't seen any activity for the last five years,
 and I would therefore consider this also unmaintained.
- This patch switches the package to `github.com/ProtonMail/go-crypto`
which provides a maintained version of the openpgp package and was
already being used in the tests.
- Adds unit tests, I've carefully checked the callstacks to ensure the
OpenPGP-related code was covered under either a unit test or integration
tests to avoid regression, as this can easily turn into security
vulnerabilities if a regression happens here.
- Small behavior update, revocations are now checked correctly instead
of checking if they merely exist and the expiry time of a subkey is used
if one is provided (this is just cosmetic and doesn't impact security).
- One more dependency eliminated :D
2024-07-15 17:27:37 +02:00
Gusted
45401e044f
[CHORE] Update jsonschema library to v6
- Update the `github.com/santhosh-tekuri/jsonschema` library from v5 to
v6.
- Update the migration loader function to a type, which is now required
in V6.
- `github.com/santhosh-tekuri/jsonschema/v6` was already used by gof3,
so removing the v5 library and using the v6 library reduces the binary
size of Forgejo.
  - Before: 95912040 bytes
  - After: 95706152 bytes
2024-07-15 17:20:50 +02:00
Earl Warren
84e6f03134 Merge pull request 'Fix CI status link in dashboard' (#4481) from beowulf/fix-ci-status-link-on-dashboard into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4481
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
2024-07-14 17:38:06 +00:00
Otto
f255923b67 Merge pull request 'tests(e2e): only run one test, not all of them each time' (#4492) from earl-warren/forgejo:wip-fix-e2e into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4492
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Beowulf <beowulf@noreply.codeberg.org>
2024-07-14 15:09:56 +00:00
Earl Warren
e3665c3042
tests(e2e): only run one test, not all of them each time 2024-07-14 14:19:05 +02:00
Beowulf
1088c057e0
Fixed link to commit status and tooltip on dashboard
Regression introduced by 5a18b74632
2024-07-14 13:03:03 +02:00
Gusted
013b89eb13
[UI] Remove unnecessary vertical space in empty labels list
- Don't show the labels-list element, if no labels are selected.
- The labels-list was taking up vertical space, even if no labels were
selected which caused an inconsistency in how the sidebar looked.
- Adds integration test
2024-07-14 05:38:45 +02:00
Xavier Vello
147ae2c5be Fix opengraph meta for wiki pages (#4427)
Fixes https://codeberg.org/forgejo/forgejo/issues/4417 by adding a conditional branch to the `head_opengraph` template to match wiki pages. I tried to be consistent with the other types:

- `og:title` is the wiki page title
- `og:url` is built via `{{AppUrl}}{{.Link}}` like it is done for commit and file views. This has the caveat of doubling the slash (see test below). Should we `{{trimSuffix "/" AppUrl}}` to remove this, if sprig is available?
- `og:description` is the repository description to match GH behaviour. Also, the first sentences of the page might not be descriptive enough. Should we prefix the repo description with the repo name?
- `og:type` and `og:image` are common

Added a `TestOpenGraphProperties` integration test using existing fixtures. Coverage is not 100% but can be improved later.

## Output on a test repo

```html
<meta property="og:title" content="Project architecture">
<meta property="og:url" content="http://localhost:3000//xvello/wiki-test/wiki/Project-architecture">
<meta property="og:description" content="description for a test project">
<meta property="og:type" content="object">
<meta property="og:image" content="http://localhost:3000/avatars/3dd4d1e4eef065d1b4ad4bdb081ab6e7">
```

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4427
Co-authored-by: Xavier Vello <xavier.vello@gmail.com>
Co-committed-by: Xavier Vello <xavier.vello@gmail.com>
2024-07-10 18:29:35 +00:00
Earl Warren
436f8fda07 Merge pull request 'Make user privacy settings more clear' (#4439) from 0ko/forgejo:ui-settings-activity into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4439
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-07-10 06:09:52 +00:00
ThetaDev
e80f8ff69f fix artifact range requests (#4218)
I noticed that Forgejo does not allow HTTP range requests when downloading artifacts. All other file downloads like releases and packages support them.

So I looked at the code and found that the artifact download endpoint uses a simple io.Copy to serve the file contents instead of using the established `ServeContentByReadSeeker` function which does take range requests into account.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4218
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: ThetaDev <thetadev@magenta.de>
Co-committed-by: ThetaDev <thetadev@magenta.de>
2024-07-10 05:28:01 +00:00
Shiny Nematoda
928f188689 fix(code search): various ui/ux improvements raised by user research (#4332)
various improvements from [user research](https://codeberg.org/forgejo/user-research/src/branch/main/interviews/2024-06/issues%28search%2Cfeatures%29%2Cselfhosting%2CCI%2Caccessibility%2Ccodesearch.md)

- filenames are links to the respective files
  fixes: `fold menu: user clicked and expected to view file, instead the file collapsed`

- refactor(searchfile.tmpl): ordered lists with lines grouped together instead of table
  fixes: `multiple matches per file are "merged", only visible in the code lines (no visual separation)`

- feat: display fuzzy as "Either" when using git-grep which is much more accurate than "fuzzy"
  git-grep does not support fuzzy searching, in this context selecting fuzzy searching worked similar to an OR of white space separated keywords
  fixes: `typo doesn't bring results in fuzzy search`

---

<details>
<summary>Before</summary>

![1](https://codeberg.org/attachments/5173357f-8dce-470c-9a9e-84a30517c216)
</details>

<details>
<summary>After</summary>

![after](https://codeberg.org/attachments/f8ec15dd-08ce-41f2-9326-d823de6f2395)
</details>

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4332
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
Co-committed-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
2024-07-10 05:25:32 +00:00
0ko
29a1c786a3 ui(settings): make user privacy settings more clear 2024-07-10 10:07:23 +05:00
Beowulf
11ff38dd40
fix branch selector in commit graph
Regression from 5ef80ceb64
2024-07-07 20:26:30 +02:00
Gusted
a8460bb132
[BUG] Use correct SHA in GetCommitPullRequest
- The param wasn't `sha`, it was `ref`. Use this instead.
- Adds new integration tests.
- Resolves #4190
- Resolves #4025
2024-07-06 22:04:31 +02:00
Mai-Lapyst
98c8d45f0b Fixes an visual bug where the info box to dispatch a workflow is shown even for users that lack permissions to actualy run the workflow. (#4305)
Example: Visit https://v8.next.forgejo.org/Mai-Lapyst/test/actions?workflow=dispatch.yaml&actor=0&status=0 without being logged in.

![image](/attachments/98e74104-4d60-4f7f-b17c-7e76467cd397)

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4305
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
Co-committed-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
2024-07-06 05:30:58 +00:00
Otto Richter
fafc4f6ad9 test: issue sidebar testing using playwright (#4319)
Conclusion of https://codeberg.org/forgejo/forgejo/issues/3499

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4319
Co-authored-by: Otto Richter <git@otto.splvs.net>
Co-committed-by: Otto Richter <git@otto.splvs.net>
2024-07-05 05:03:45 +00:00
Twenty Panda
5561e80b04 fix(hook): ignore unknown push options instead of failing
If a repository has

git config --add push.pushOption submit=".sourcehut/*.yml"

it failed when pushed because of the unknown submit push
option. It will be ignored instead.

Filtering out the push options is done in an earlier stage, when the
hook command runs, before it submits the options map to the private
endpoint.

* move all the push options logic to modules/git/pushoptions
* add 100% test coverage for modules/git/pushoptions

Test coverage for the code paths from which code was moved to the
modules/git/pushoptions package:

* cmd/hook.go:runHookPreReceive
* routers/private/hook_pre_receive.go:validatePushOptions
  tests/integration/git_push_test.go:TestOptionsGitPush runs through
  both. The test verifying the option is rejected was removed and, if
  added again, will fail because the option is now ignored instead of
  being rejected.

* cmd/hook.go:runHookProcReceive
* services/agit/agit.go:ProcReceive
  tests/integration/git_test.go: doCreateAgitFlowPull runs through
  both. It uses variations of AGit related push options.

* cmd/hook.go:runHookPostReceive
* routers/private/hook_post_receive.go:HookPostReceive
  tests/integration/git_test.go:doPushCreate called by TestGit/HTTP/sha1/PushCreate
  runs through both.
  Note that although it provides coverage for this code path it does not use push options.

Fixes: https://codeberg.org/forgejo/forgejo/issues/3651
2024-07-02 21:39:01 +02:00
Danko Aleksejevs
36b6444f34 Remove tab key handling in markdown editor, add toolbar buttons instead, re #4072 #4142 (#4263)
We haven't decided much (to my knowledge), and I've been using the main branch in production (as one does) and found out even I myself rely on Tab sometimes working to move focus and have been caught off guard by it indenting lines instead.

So this removes Tab handling and instead adds two new buttons to the toolbar. The indentation logic is unchanged (other than now focusing the textarea during button handling, to ensure execCommand works, and thus undo history is preserved).

I'm not sure which terminology to use in tooltips. Could also add keyboard shortcuts for the whole toolbar eventually, but as is this is hopefully an better solution to the problems I previously created than un-merging the whole thing :)

<img width="414" alt="Screenshot with two new buttons" src="/attachments/b7af3aa4-a195-48d1-be0a-1559f25dce8e">

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4263
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Danko Aleksejevs <danko@very.lv>
Co-committed-by: Danko Aleksejevs <danko@very.lv>
2024-06-30 13:03:32 +00:00