Merge branch 'master' into oauth2-auto-register

.github/issue_template.md

@@ -30,6 +30,9 @@
 <!-- In addition, if your problem relates to git commands set `RUN_MODE=dev` at the top of app.ini -->
 
 ## Description
+<!-- If using a proxy or a CDN (e.g. CloudFlare) in front of gitea, please
+     disable the proxy/CDN fully and connect to gitea directly to confirm
+     the issue still persists without those services. -->
 
 ...
 

Makefile

@@ -573,7 +573,6 @@ release-windows: | $(DIST_DIRS)
 	@hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
 		GO111MODULE=off $(GO) get -u src.techknowlogick.com/xgo; \
 	fi
-	@echo "Warning: windows version is built using golang 1.14"
 	CGO_CFLAGS="$(CGO_CFLAGS)" GO111MODULE=off xgo -go $(XGO_VERSION) -buildmode exe -dest $(DIST)/binaries -tags 'netgo osusergo $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -targets 'windows/*' -out gitea-$(VERSION) .
 ifeq ($(CI),drone)
 	cp /build/* $(DIST)/binaries
@@ -709,7 +708,7 @@ pr\#%: clean-all
 golangci-lint:
 	@hash golangci-lint > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
 		export BINARY="golangci-lint"; \
-		curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s -- -b $(GOPATH)/bin v1.35.2; \
+		curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s -- -b $(GOPATH)/bin v1.37.0; \
 	fi
 	golangci-lint run --timeout 10m
 

docs/content/doc/usage/command-line.en-us.md

@@ -232,7 +232,7 @@ Generates a self-signed SSL certificate. Outputs to `cert.pem` and `key.pem` in
 directory and will overwrite any existing files.
 
 - Options:
-  - `--host value`: Comma seperated hostnames and ips which this certificate is valid for.
+  - `--host value`: Comma separated hostnames and ips which this certificate is valid for.
     Wildcards are supported. Required.
   - `--ecdsa-curve value`: ECDSA curve to use to generate a key. Optional. Valid options
     are P224, P256, P384, P521.

integrations/api_admin_test.go

@@ -192,4 +192,18 @@ func TestAPIEditUser(t *testing.T) {
 	errMap := make(map[string]interface{})
 	json.Unmarshal(resp.Body.Bytes(), &errMap)
 	assert.EqualValues(t, "email is not allowed to be empty string", errMap["message"].(string))
+
+	user2 := models.AssertExistsAndLoadBean(t, &models.User{LoginName: "user2"}).(*models.User)
+	assert.Equal(t, false, user2.IsRestricted)
+	bTrue := true
+	req = NewRequestWithJSON(t, "PATCH", urlStr, api.EditUserOption{
+		// required
+		LoginName: "user2",
+		SourceID:  0,
+		// to change
+		Restricted: &bTrue,
+	})
+	session.MakeRequest(t, req, http.StatusOK)
+	user2 = models.AssertExistsAndLoadBean(t, &models.User{LoginName: "user2"}).(*models.User)
+	assert.Equal(t, true, user2.IsRestricted)
 }

integrations/api_settings_test.go

@@ -43,9 +43,11 @@ func TestAPIExposedSettings(t *testing.T) {
 
 	DecodeJSON(t, resp, &repo)
 	assert.EqualValues(t, &api.GeneralRepoSettings{
-		MirrorsDisabled:    setting.Repository.DisableMirrors,
-		HTTPGitDisabled:    setting.Repository.DisableHTTPGit,
-		MigrationsDisabled: setting.Repository.DisableMigrations,
+		MirrorsDisabled:      setting.Repository.DisableMirrors,
+		HTTPGitDisabled:      setting.Repository.DisableHTTPGit,
+		MigrationsDisabled:   setting.Repository.DisableMigrations,
+		TimeTrackingDisabled: false,
+		LFSDisabled:          !setting.LFS.StartServer,
 	}, repo)
 
 	attachment := new(api.GeneralAttachmentSettings)

models/action.go

@@ -289,12 +289,13 @@ func (a *Action) GetIssueContent() string {
 
 // GetFeedsOptions options for retrieving feeds
 type GetFeedsOptions struct {
-	RequestedUser   *User // the user we want activity for
-	RequestedTeam   *Team // the team we want activity for
-	Actor           *User // the user viewing the activity
-	IncludePrivate  bool  // include private actions
-	OnlyPerformedBy bool  // only actions performed by requested user
-	IncludeDeleted  bool  // include deleted actions
+	RequestedUser   *User  // the user we want activity for
+	RequestedTeam   *Team  // the team we want activity for
+	Actor           *User  // the user viewing the activity
+	IncludePrivate  bool   // include private actions
+	OnlyPerformedBy bool   // only actions performed by requested user
+	IncludeDeleted  bool   // include deleted actions
+	Date            string // the day we want activity for: YYYY-MM-DD
 }
 
 // GetFeeds returns actions according to the provided options
@@ -380,5 +381,17 @@ func activityQueryCondition(opts GetFeedsOptions) (builder.Cond, error) {
 		cond = cond.And(builder.Eq{"is_deleted": false})
 	}
 
+	if opts.Date != "" {
+		dateLow, err := time.Parse("2006-01-02", opts.Date)
+		if err != nil {
+			log.Warn("Unable to parse %s, filter not applied: %v", opts.Date, err)
+		} else {
+			dateHigh := dateLow.Add(86399000000000) // 23h59m59s
+
+			cond = cond.And(builder.Gte{"created_unix": dateLow.Unix()})
+			cond = cond.And(builder.Lte{"created_unix": dateHigh.Unix()})
+		}
+	}
+
 	return cond, nil
 }

models/action_test.go

@@ -26,7 +26,7 @@ func TestAction_GetRepoLink(t *testing.T) {
 	repo := AssertExistsAndLoadBean(t, &Repository{}).(*Repository)
 	owner := AssertExistsAndLoadBean(t, &User{ID: repo.OwnerID}).(*User)
 	action := &Action{RepoID: repo.ID}
-	setting.AppSubURL = "/suburl/"
+	setting.AppSubURL = "/suburl"
 	expected := path.Join(setting.AppSubURL, owner.Name, repo.Name)
 	assert.Equal(t, expected, action.GetRepoLink())
 }

models/issue_comment.go

@@ -136,6 +136,8 @@ type Comment struct {
 	MilestoneID      int64
 	OldMilestone     *Milestone `xorm:"-"`
 	Milestone        *Milestone `xorm:"-"`
+	TimeID           int64
+	Time             *TrackedTime `xorm:"-"`
 	AssigneeID       int64
 	RemovedAssignee  bool
 	Assignee         *User `xorm:"-"`
@@ -541,6 +543,16 @@ func (c *Comment) LoadDepIssueDetails() (err error) {
 	return err
 }
 
+// LoadTime loads the associated time for a CommentTypeAddTimeManual
+func (c *Comment) LoadTime() error {
+	if c.Time != nil || c.TimeID == 0 {
+		return nil
+	}
+	var err error
+	c.Time, err = GetTrackedTimeByID(c.TimeID)
+	return err
+}
+
 func (c *Comment) loadReactions(e Engine, repo *Repository) (err error) {
 	if c.Reactions != nil {
 		return nil
@@ -692,6 +704,7 @@ func createComment(e *xorm.Session, opts *CreateCommentOptions) (_ *Comment, err
 		MilestoneID:      opts.MilestoneID,
 		OldProjectID:     opts.OldProjectID,
 		ProjectID:        opts.ProjectID,
+		TimeID:           opts.TimeID,
 		RemovedAssignee:  opts.RemovedAssignee,
 		AssigneeID:       opts.AssigneeID,
 		AssigneeTeamID:   opts.AssigneeTeamID,
@@ -859,6 +872,7 @@ type CreateCommentOptions struct {
 	MilestoneID      int64
 	OldProjectID     int64
 	ProjectID        int64
+	TimeID           int64
 	AssigneeID       int64
 	AssigneeTeamID   int64
 	RemovedAssignee  bool

models/issue_stopwatch.go

@@ -100,6 +100,7 @@ func CreateOrStopIssueStopwatch(user *User, issue *Issue) error {
 			Repo:    issue.Repo,
 			Content: SecToTime(timediff),
 			Type:    CommentTypeStopTracking,
+			TimeID:  tt.ID,
 		}); err != nil {
 			return err
 		}

models/issue_tracked_time.go

@@ -162,6 +162,7 @@ func AddTime(user *User, issue *Issue, amount int64, created time.Time) (*Tracke
 		Doer:    user,
 		Content: SecToTime(amount),
 		Type:    CommentTypeAddTimeManual,
+		TimeID:  t.ID,
 	}); err != nil {
 		return nil, err
 	}

models/migrations/migrations.go

@@ -292,6 +292,8 @@ var migrations = []Migration{
 	NewMigration("Add Sorting to ProjectBoard table", addSortingColToProjectBoard),
 	// v172 -> v173
 	NewMigration("Add sessions table for go-chi/session", addSessionTable),
+	// v173 -> v174
+	NewMigration("Add time_id column to Comment", addTimeIDCommentColumn),
 }
 
 // GetCurrentDBVersion returns the current db version

models/migrations/v166.go

@@ -106,10 +106,8 @@ func recalculateUserEmptyPWD(x *xorm.Engine) (err error) {
 	}
 
 	// delete salt and algo where password is empty
-	if _, err = sess.Where(builder.Eq{"passwd": ""}.And(builder.Neq{"salt": ""}.Or(builder.Neq{"passwd_hash_algo": ""}))).
-		Cols("salt", "passwd_hash_algo").Update(&User{}); err != nil {
-		return err
-	}
+	_, err = sess.Where(builder.Eq{"passwd": ""}.And(builder.Neq{"salt": ""}.Or(builder.Neq{"passwd_hash_algo": ""}))).
+		Cols("salt", "passwd_hash_algo").Update(&User{})
 
-	return sess.Commit()
+	return err
 }

models/migrations/v173.go

@@ -0,0 +1,22 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package migrations
+
+import (
+	"fmt"
+
+	"xorm.io/xorm"
+)
+
+func addTimeIDCommentColumn(x *xorm.Engine) error {
+	type Comment struct {
+		TimeID int64
+	}
+
+	if err := x.Sync2(new(Comment)); err != nil {
+		return fmt.Errorf("Sync2: %v", err)
+	}
+	return nil
+}

models/notification.go

@@ -6,7 +6,7 @@ package models
 
 import (
 	"fmt"
-	"path"
+	"strconv"
 
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
@@ -413,7 +413,7 @@ func (n *Notification) HTMLURL() string {
 
 // APIURL formats a URL-string to the notification
 func (n *Notification) APIURL() string {
-	return setting.AppURL + path.Join("api/v1/notifications/threads", fmt.Sprintf("%d", n.ID))
+	return setting.AppURL + "api/v1/notifications/threads/" + strconv.FormatInt(n.ID, 10)
 }
 
 // NotificationList contains a list of notifications

models/pull.go

@@ -13,6 +13,7 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/timeutil"
+	"code.gitea.io/gitea/modules/util"
 )
 
 // PullRequestType defines pull request type
@@ -638,3 +639,27 @@ func (pr *PullRequest) updateCommitDivergence(e Engine, ahead, behind int) error
 func (pr *PullRequest) IsSameRepo() bool {
 	return pr.BaseRepoID == pr.HeadRepoID
 }
+
+// GetBaseBranchHTMLURL returns the HTML URL of the base branch
+func (pr *PullRequest) GetBaseBranchHTMLURL() string {
+	if err := pr.LoadBaseRepo(); err != nil {
+		log.Error("LoadBaseRepo: %v", err)
+		return ""
+	}
+	if pr.BaseRepo == nil {
+		return ""
+	}
+	return pr.BaseRepo.HTMLURL() + "/src/branch/" + util.PathEscapeSegments(pr.BaseBranch)
+}
+
+// GetHeadBranchHTMLURL returns the HTML URL of the head branch
+func (pr *PullRequest) GetHeadBranchHTMLURL() string {
+	if err := pr.LoadHeadRepo(); err != nil {
+		log.Error("LoadHeadRepo: %v", err)
+		return ""
+	}
+	if pr.HeadRepo == nil {
+		return ""
+	}
+	return pr.HeadRepo.HTMLURL() + "/src/branch/" + util.PathEscapeSegments(pr.HeadBranch)
+}

models/repo.go

@@ -264,7 +264,7 @@ func (repo *Repository) ColorFormat(s fmt.State) {
 		repo.Name)
 }
 
-// IsBeingMigrated indicates that repository is being migtated
+// IsBeingMigrated indicates that repository is being migrated
 func (repo *Repository) IsBeingMigrated() bool {
 	return repo.Status == RepositoryBeingMigrated
 }
@@ -318,7 +318,7 @@ func (repo *Repository) CommitLink(commitID string) (result string) {
 
 // APIURL returns the repository API URL
 func (repo *Repository) APIURL() string {
-	return setting.AppURL + path.Join("api/v1/repos", repo.FullName())
+	return setting.AppURL + "api/v1/repos/" + repo.FullName()
 }
 
 // GetCommitsCountCacheKey returns cache key used for commits count caching.
@@ -613,7 +613,7 @@ func (repo *Repository) getReviewers(e Engine, doerID, posterID int64) ([]*User,
 // * for private repositories this returns all users that have read access or higher to the repository.
 // * for public repositories this returns all users that have write access or higher to the repository,
 // and all repo watchers.
-// TODO: may be we should hava a busy choice for users to block review request to them.
+// TODO: may be we should have a busy choice for users to block review request to them.
 func (repo *Repository) GetReviewers(doerID, posterID int64) ([]*User, error) {
 	return repo.getReviewers(x, doerID, posterID)
 }

models/user_avatar.go

@@ -63,7 +63,7 @@ func (u *User) generateRandomAvatar(e Engine) error {
 // the local explore page. Function returns immediately.
 // When applicable, the link is for an avatar of the indicated size (in pixels).
 func (u *User) SizedRelAvatarLink(size int) string {
-	return strings.TrimSuffix(setting.AppSubURL, "/") + "/user/avatar/" + u.Name + "/" + strconv.Itoa(size)
+	return setting.AppSubURL + "/user/avatar/" + u.Name + "/" + strconv.Itoa(size)
 }
 
 // RealSizedAvatarLink returns a link to the user's avatar. When

modules/context/context.go

@@ -188,6 +188,10 @@ func (ctx *Context) HTML(status int, name base.TplName) {
 		return fmt.Sprint(time.Since(startTime).Nanoseconds()/1e6) + "ms"
 	}
 	if err := ctx.Render.HTML(ctx.Resp, status, string(name), ctx.Data); err != nil {
+		if status == http.StatusInternalServerError && name == base.TplName("status/500") {
+			ctx.PlainText(http.StatusInternalServerError, []byte("Unable to find status/500 template"))
+			return
+		}
 		ctx.ServerError("Render failed", err)
 	}
 }

modules/convert/user.go

@@ -17,12 +17,13 @@ func ToUser(user *models.User, signed, authed bool) *api.User {
 		return nil
 	}
 	result := &api.User{
-		ID:        user.ID,
-		UserName:  user.Name,
-		FullName:  markup.Sanitize(user.FullName),
-		Email:     user.GetEmail(),
-		AvatarURL: user.AvatarLink(),
-		Created:   user.CreatedUnix.AsTime(),
+		ID:         user.ID,
+		UserName:   user.Name,
+		FullName:   markup.Sanitize(user.FullName),
+		Email:      user.GetEmail(),
+		AvatarURL:  user.AvatarLink(),
+		Created:    user.CreatedUnix.AsTime(),
+		Restricted: user.IsRestricted,
 	}
 	// hide primary email if API caller is anonymous or user keep email private
 	if signed && (!user.KeepEmailPrivate || authed) {

modules/git/repo_commit_nogogit.go

@@ -8,6 +8,7 @@ package git
 
 import (
 	"bufio"
+	"errors"
 	"fmt"
 	"io"
 	"io/ioutil"
@@ -70,10 +71,15 @@ func (repo *Repository) getCommit(id SHA1) (*Commit, error) {
 	bufReader := bufio.NewReader(stdoutReader)
 	_, typ, size, err := ReadBatchLine(bufReader)
 	if err != nil {
+		if errors.Is(err, io.EOF) {
+			return nil, ErrNotExist{ID: id.String()}
+		}
 		return nil, err
 	}
 
 	switch typ {
+	case "missing":
+		return nil, ErrNotExist{ID: id.String()}
 	case "tag":
 		// then we need to parse the tag
 		// and load the commit