- The current architecture is inherently insecure, because you can
construct the 'secret' cookie value with values that are available in
the database. Thus provides zero protection when a database is
dumped/leaked.
- This patch implements a new architecture that's inspired from: [Paragonie Initiative](https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#secure-remember-me-cookies).
- Integration testing is added to ensure the new mechanism works.
- Removes a setting, because it's not used anymore.
(cherry picked from commit eff097448b)
[GITEA] rework long-term authentication (squash) add migration
Reminder: the migration is run via integration tests as explained
in the commit "[DB] run all Forgejo migrations in integration tests"
(cherry picked from commit 4accf7443c)
user, topic, project, label, milestone, repository, pull_request,
release, asset, comment, reaction, review providers
Signed-off-by: Earl Warren <contact@earl-warren.org>
Preserve file size when creating attachments
Introduced in c6f5029708
repoList.LoadAttributes has a ctx argument now
Rename `repo.GetOwner` to `repo.LoadOwner`
bd66fa586a
upgrade to the latest gof3
(cherry picked from commit c770713656)
[F3] ID remapping logic is in place, remove workaround
(cherry picked from commit d0fee30167)
[F3] it is experimental, do not enable by default
(cherry picked from commit de325b21d0)
(cherry picked from commit 547e7b3c40)
(cherry picked from commit 820df3a56b)
(cherry picked from commit eaba87689b)
(cherry picked from commit 1b86896b3b)
(cherry picked from commit 0046aac1c6)
(cherry picked from commit f14220df8f)
(cherry picked from commit 559b731001)
(cherry picked from commit 801f7d600d)
(cherry picked from commit 6aa76e9bcf)
(cherry picked from commit a8757dcb07)
[F3] promote F3 users to matching OAuth2 users on first sign-in
(cherry picked from commit bd7fef7496)
(cherry picked from commit 07412698e8)
(cherry picked from commit d143e5b2a3)
[F3] upgrade to gof3 50a6e740ac04
Add new methods GetIDString() & SetIDString() & ToFormatInterface()
Change the prototype of the fixture function
(cherry picked from commit d7b263ff8b)
(cherry picked from commit b3eaf2249d)
(cherry picked from commit d492ddd9bb)
[F3] add GetLocalMatchingRemote with a default implementation
(cherry picked from commit 0a22015039)
(cherry picked from commit f1310c38fb)
(cherry picked from commit deb68552f2)
[F3] GetLocalMatchingRemote for user
(cherry picked from commit e73cb837f5)
(cherry picked from commit a24bc0b85e)
(cherry picked from commit 846a522ecc)
[F3] GetAdminUser now has a ctx argument
(cherry picked from commit 37357a92af)
(cherry picked from commit 660bc1673c)
(cherry picked from commit 72d692a767)
[F3] introduce UserTypeF3
To avoid conflicts should UserTypeRemoteUser be used differently by Gitea
(cherry picked from commit 6de2701bb3)
[F3] user.Put: idempotency
(cherry picked from commit 821e38573c)
(cherry picked from commit f7638f5414)
[F3] upgrade to urfave v2
(cherry picked from commit cc3dbdfd1d)
[F3] update gof3
(cherry picked from commit 2eee960751)
[F3] move f3 under forgejo-cli
* simplify the tests by re-using the forgejo-cli helpers to capture
the output
* unify CmdF3 to be structured in the same way CmdActions is
(cherry picked from commit 4c9fe58b74)
[F3] replace f3 with forgejo-cli f3
(cherry picked from commit 7ba7ceef1b)
[F3] s/ListOptions/Paginator/
[F3] user: add unit tests
[F3] user comparison of F3 managed users is on content
[F3] issue: add unit tests
[F3] gof3 now has one more argument to Put()
[F3] re-use gof3 unit tests for the driver
(cherry picked from commit af7ee6200c)
Conflicts:
tests/integration/integration_test.go
because of some code removed in forgejo-development, trivial
context conflict resolution
[F3] more idempotent tests (#1275)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1275
Co-authored-by: Loïc Dachary <loic@dachary.org>
Co-committed-by: Loïc Dachary <loic@dachary.org>
[F3] tests: do SQL update if nothing changes
[F3] tests comment idempotence
[F3] tests milestone idempotence
[F3] tests pull_request idempotence
[F3] tests release idempotence
[F3] tests asset idempotence
[F3] tests project idempotence
[F3] tests review idempotence
(cherry picked from commit 91038bb4e8)
(cherry picked from commit a7d2a65214)
(cherry picked from commit 59a17e5a34)
[F3] sub command of forgejo-cli
(cherry picked from commit 4d098e9b83)
[F3] implement --quiet, --debug, --verbose
(cherry picked from commit 82e2e17b45)
[F3] fix off by one error when importing repositories
(cherry picked from commit 31689b1397)
[F3] upgrade gof3
(cherry picked from commit 87b8cfe5a1)
[F3] set the logger for all drivers
The logger is set for the local Forgejo driver only. Even when --debug
is specified, the other drivers do not display debug
information. Use the gof3 context to set the logger for all of them at
once.
(cherry picked from commit 8aa7de8ba0)
[F3] the closed date of an issue may be nil
(cherry picked from commit 93d3eaf0b5)
[F3] update gof3 to support system users
there now is a workaround to hardcode system users when they are not
supported by the API
(cherry picked from commit 915484daa7)
(cherry picked from commit b47ac73b8a)
[F3] upgrade gof3 with a version that can deal with system users
When they are missing from what the API returns, it will replace the
missing user with the Ghost user instead of leaving it be a null pointer.
(cherry picked from commit 9eeeab7f8e)
[F3] tests do not need a running Forgejo server
(cherry picked from commit b2b9749ac9)
[F3] upgrade gof3 to correctly fetch PRs from forks
(cherry picked from commit d2448de302)
[F3] upgrade gof3 to resolve incorrect object ID mappings
(cherry picked from commit af8c9de89f)
[F3] mirroring a repository needs --mirror instead of --bare
(cherry picked from commit 9941131920)
[F3] PR create the pull/N/head from the original PR head
It is incorrect to assume they are identical because:
* the IDs of a PR may be remapped and pull/N/head will become
pull/M/head
* the head of a remote fork is a branch named after the fork
(cherry picked from commit 9c220bf23e)
[F3] gof3 upgrade with non overlapping PR references
(cherry picked from commit f1b2f82e7e)
[F3] refactor issue insertion to preserve the creation date
issues_model.NewIssue() is convenient but will override the creation
date. Update the database instead.
(cherry picked from commit 729f4be1e4)
[F3] gof3 upgrade to get performance improvements
(cherry picked from commit 996ac35d4d)
(cherry picked from commit 906e9eb3f5)
(cherry picked from commit c340e22197)
(cherry picked from commit bb0ed72e08)
The installation instructions of a Maven package places the `url` child
of the `repository` node in an extra indentation level. This indentation
is unnecesary since both the `id` and `url` nodes are direct children of
the `repository` node.
This commit removes the unnecessary indentation.
Refs: https://codeberg.org/forgejo/forgejo/pulls/1534
(cherry picked from commit 82f0ddad7b)
(cherry picked from commit 905e546549)
- If there's a code comment that's received during the migration that
contains no diffhunk, skip it. This either means it was commenting on
old diffhunk or it's just a general codecomment. Forgejo supports
neither of such type of code comment.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1407
(cherry picked from commit ae463c7c55)
(cherry picked from commit bf48f02a86)
(cherry picked from commit 10c3f102fa)
(cherry picked from commit 828b4cc10c)
- Currently the repository description uses the same sanitizer as a
normal markdown document. This means that element such as heading and
images are allowed and can be abused.
- Create a minimal restricted sanitizer for the repository description,
which only allows what the postprocessor currently allows, which are
links and emojis.
- Added unit testing.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1202
- Resolves https://codeberg.org/Codeberg/Community/issues/1122
(cherry picked from commit a8afa4cd18)
(cherry picked from commit 0238587c51)
(cherry picked from commit a8c7bbf728)
(cherry picked from commit 80e05a8245)
- Make it consistent with the other modals of the dangerous actions.
(cherry picked from commit 576d7ec759)
(cherry picked from commit 8b1225f974)
(cherry picked from commit c2c47972ee)
(cherry picked from commit eec301806b)
System users (Ghost, ActionsUser, etc) have a negative id and may be
the author of a comment, either because it was created by a now
deleted user or via an action using a transient token.
The GetPossibleUserByID function has special cases related to system
users and will not fail if given a negative id.
Refs: https://codeberg.org/forgejo/forgejo/issues/1425
(cherry picked from commit 97667e06b3)
(cherry picked from commit 8ef73a09c9)
(cherry picked from commit fa8a00d264)
(cherry picked from commit 2ada2074b5)
Signed-off-by: zareck <cassiomilczareck@gmail.com>
(cherry picked from commit f48e3ff0db)
Removing comments and make command
(cherry picked from commit 7664a423a5)
(cherry picked from commit b2fb435364)
(cherry picked from commit 0a24a819a9)
(cherry picked from commit 155cc19f75)
(cherry picked from commit 223537f71a)
(cherry picked from commit ffbe2970cc)
(cherry picked from commit 836836bd73)
- The review type '22' is a general comment type that is attached to
single codecomments, reviews with multiple comments or to simple approve
and request changes comment. This comment can be used to create a link
towards this action on an pull request.
- Adds an anchor to the review comment type, so that when its getting
linked to it, it actually jumps towards that event.
- This also now fixes the behavior that after you created a review you
will be redirected to that review and because this is an general comment
type other mails will also be 'fixed' such as the approved or request changes.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1248
(cherry picked from commit b0c3075a79)
(cherry picked from commit f61505281c)
(cherry picked from commit 1741a5f1fe)
(cherry picked from commit 5ee4cf2ed9)
(cherry picked from commit 601f00e530)
(cherry picked from commit 9ce8aa57fb)
(cherry picked from commit 854b5a1379)
(cherry picked from commit 96fbeb4416)
- This is actually https://github.com/go-gitea/gitea/pull/19978 &
https://github.com/go-gitea/gitea/pull/19486 but was removed in one of
the UI refactors of v1.20
- This is a very technical fix and is best explained in the CSS
comments. But the short version: When there's an overflow being set, but
you want an element to 'break out' of that overflow with `position:
absolute`, it sometimes doesn't work! You need to set some CSS to let
the browser know that the element needs to use an element outside of
that overflow as 'clip parent'.
- Resolves my internal frustration with the mobile UI constantly getting broken.
(cherry picked from commit 879f842bed)
(cherry picked from commit 6099c9b41b)
(cherry picked from commit 0749d00b16)
(cherry picked from commit ec6a5428a7)
(cherry picked from commit 9d0bee784d)
(cherry picked from commit 61d6ae4882)
(cherry picked from commit 8b3f3639b6)
(cherry picked from commit 2c600ddb2c)
- Databases are one of the most important parts of Forgejo, every
interaction with Forgejo uses the database in one way or another.
Therefore, it is important to maintain the database and recognize when
Forgejo is not doing well with the database. Forgejo already has the
option to log *every* SQL query along with its execution time, but
monitoring becomes impractical for larger instances and takes up
unnecessary storage in the logs.
- Add a QoL enhancement that allows instance administrators to specify a
threshold value beyond which query execution time is logged as a warning
in the xorm logger. The default value is a conservative five seconds to
avoid this becoming a source of spam in the logs.
- The use case for this patch is that with an instance the size of Codeberg, monitoring SQL logs is not very fruitful and most of them are uninteresting. Recently, in the context of persistent deadlock issues (https://codeberg.org/forgejo/forgejo/issues/220), I have noticed that certain queries hold locks on tables like comment and issue for several seconds. This patch helps to identify which queries these are and when they happen.
- Added unit test.
(cherry picked from commit 24bbe7886f)
(cherry picked from commit 6e29145b3c)
(cherry picked from commit 63731e3071)
(cherry picked from commit 3ce1a09736)
(cherry picked from commit a64426907d)
(cherry picked from commit 4b19215691)
(cherry picked from commit e635674435)
(cherry picked from commit 9cf501f1af)
- The `<title>` element that lives inside the `<head>` element is an important element that gives browsers and search engine crawlers the title of the webpage, hence the element name. It's therefor important that this title is accurate.
- Currently there are three issues with titles on repositories. It doesn't use the `FullName` and instead only uses the repository name, this doesn't distinguish which user or organisation the repository is on. It doesn't show the full treepath in the title when visiting an file inside a directory and instead only uses the latest path in treepath. It can show the repository name twice if the `.Title` variable also included the repository name such as on the repository homepage.
- Use the repository's fullname (which include which user the repository is on) instead of just their name.
- Display the repository's fullname if it isn't already in `.Title`.
- Use the full treepath in the repository code view instead of just the
last path.
- Adds integration tests.
- Adds a new repository (`repo59`) that has 3 depths for folders, which
wasn't in any other fixture repository yet, so the full treepath for
could be properly tested.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1276
(cherry picked from commit ff9a6a2cda)
(cherry picked from commit 76dffc8621)
(cherry picked from commit ff0615b9d0)
(cherry picked from commit 8712eaa394)
(cherry picked from commit 0c11587582)
(cherry picked from commit 3cbd9fb792)
Conflicts:
tests/integration/repo_test.go
https://codeberg.org/forgejo/forgejo/pulls/1512
(cherry picked from commit fbfdba8ae9)
Conflicts:
models/fixtures/release.yml
https://codeberg.org/forgejo/forgejo/pulls/1550
(cherry picked from commit 8b2bf0534c)
- Currently in the cron tasks, the 'Previous Time' only displays the
previous time of when the cron library executes the function, but not
any of the manual executions of the task.
- Store the last run's time in memory in the Task struct and use that,
when that time is later than time that the cron library has executed this
task.
- This ensures that if an instance admin manually starts a task, there's
feedback that this task is/has been run, because the task might be run
that quick, that the status icon already has been changed to an
checkmark,
- Tasks that are executed at startup now reflect this as well, as the
time of the execution of that task on startup is now being shown as
'Previous Time'.
- Added integration tests for the API part, which is easier to test
because querying the HTML table of cron tasks is non-trivial.
- Resolves https://codeberg.org/forgejo/forgejo/issues/949
(cherry picked from commit 0475e2048e)
(cherry picked from commit dcc952f0db)
(cherry picked from commit 7168a240e8)
(cherry picked from commit 4bc4cccb1b)
(cherry picked from commit 3fe019ca3c)
[GITEA] Show manual cron run's last time (squash) 26 jobs in cron fixtures
(cherry picked from commit 8473030628)
(cherry picked from commit 871c729742)
(cherry picked from commit daefb27d2c)
(cherry picked from commit 2f66c1e4ce)
(cherry picked from commit cdaa9615f4)
(cherry picked from commit 9d1701442f)
(cherry picked from commit fd34fdac14)
- Resolves#271
- Ensure that the adminstrator password is at least `MIN_PASSWORD_LENGTH`.
(cherry picked from commit 28cb04c3f5)
(cherry picked from commit 95371ebd92)
(cherry picked from commit a134288ab6)
(cherry picked from commit 4202f052cb)
(cherry picked from commit 510b7467d3)
(cherry picked from commit f3a6e1f121)
(cherry picked from commit f340508819)
(cherry picked from commit b891bb176d)
(cherry picked from commit 1a1bfc38cc)
(cherry picked from commit 083d5aefed)
(cherry picked from commit 4586096be9)
(cherry picked from commit 039fa20cc8)
(cherry picked from commit 3ec9cb5f59)
(cherry picked from commit 00be0eee37)
(cherry picked from commit a156603002)
- Fix problem caused by the clearer confirmation for dangerous actions commit.
(cherry picked from commit 3488f4a9cb)
(cherry picked from commit ed7de91f6a)
(cherry picked from commit 2d97929b9b)
* There is one more issue in the fixtures and this breaks some tests
* The users in the shared fixtures were renamed for clarity and that
breaks some tests
(cherry picked from commit 707a4edbdf)
Conflicts:
modules/indexer/issues/indexer_test.go
https://codeberg.org/forgejo/forgejo/pulls/1508
(cherry picked from commit 82cc044366)
(cherry picked from commit 2776aec7e8)
- Pass the whole context instead of only giving pieces.
- This fixes CSRF not correctly being inserted into the unblock buttons.
(cherry picked from commit 2aa51922ba)
(cherry picked from commit 7ee8db0f01)
(cherry picked from commit e4f8b999bc)
(cherry picked from commit 05aea60b13)
- When someone gets blocked, remove all pending repository transfers
from the blocked user to the doer.
- Do not allow to start transferring repositories to the doer as blocked user.
- Added unit testing.
- Added integration testing.
(cherry picked from commit 8a3caac330)
(cherry picked from commit a92b4cfeb6)
(cherry picked from commit acaaaf07d9)
(cherry picked from commit 735818863c)
- Forgejo has the option to delete users, in which all data except
issues and comments are removed, this makes sense in some cases where
users need to be removed cleanly but without removing their existing bug
reports or comments to an discussion. In the case of spammers, admins
have the option to enable purging, where comments are removed.
- Add issues to the list of things to be removed if purge is checked.
- No unit testing, as this gigantic function doesn't have one to begin
with.
- Add integration test.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1268
(cherry picked from commit 3ed381c758)
(cherry picked from commit 44d00650ce)
(cherry picked from commit 7f4da82779)
(cherry picked from commit d629314def)
Conflicts:
models/fixtures/issue.yml
https://codeberg.org/forgejo/forgejo/pulls/1508
(cherry picked from commit 794dcc218f)
(cherry picked from commit c433f2ecb6)
- Add the ability to block a user via their profile page.
- This will unstar their repositories and visa versa.
- Blocked users cannot create issues or pull requests on your the doer's repositories (mind that this is not the case for organizations).
- Blocked users cannot comment on the doer's opened issues or pull requests.
- Blocked users cannot add reactions to doer's comments.
- Blocked users cannot cause a notification trough mentioning the doer.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/540
(cherry picked from commit 687d852480)
(cherry picked from commit 0c32a4fde5)
(cherry picked from commit 1791130e3c)
(cherry picked from commit 37858b7e8f)
(cherry picked from commit a3e2bfd7e9)
(cherry picked from commit 7009b9fe87)
Conflicts: https://codeberg.org/forgejo/forgejo/pulls/1014
routers/web/user/profile.go
templates/user/profile.tmpl
(cherry picked from commit b2aec34791)
(cherry picked from commit e2f1b73752)
[MODERATION] organization blocking a user (#802)
- Resolves#476
- Follow up for: #540
- Ensure that the doer and blocked person cannot follow each other.
- Ensure that the block person cannot watch doer's repositories.
- Add unblock button to the blocked user list.
- Add blocked since information to the blocked user list.
- Add extra testing to moderation code.
- Blocked user will unwatch doer's owned repository upon blocking.
- Add flash messages to let the user know the block/unblock action was successful.
- Add "You haven't blocked any users" message.
- Add organization blocking a user.
Co-authored-by: Gusted <postmaster@gusted.xyz>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/802
(cherry picked from commit 0505a10421)
(cherry picked from commit 37b4e6ef9b)
(cherry picked from commit c17c121f2c)
[MODERATION] organization blocking a user (#802) (squash)
Changes to adapt to:
6bbccdd177 Improve AJAX link and modal confirm dialog (#25210)
Refs: https://codeberg.org/forgejo/forgejo/pulls/882/files#issuecomment-945962
Refs: https://codeberg.org/forgejo/forgejo/pulls/882#issue-330561
(cherry picked from commit 523635f83c)
(cherry picked from commit 4743eaa6a0)
(cherry picked from commit eff5b43d2e)
Conflicts: https://codeberg.org/forgejo/forgejo/pulls/1014
routers/web/user/profile.go
(cherry picked from commit 9d359be5ed)
(cherry picked from commit b1f3069a22)
[MODERATION] add user blocking API
- Follow up for: #540, #802
- Add API routes for user blocking from user and organization
perspective.
- The new routes have integration testing.
- The new model functions have unit tests.
- Actually quite boring to write and to read this pull request.
(cherry picked from commit f3afaf15c7)
(cherry picked from commit 6d754db3e5)
(cherry picked from commit 2a89ddc0ac)
(cherry picked from commit 4a147bff7e)
Conflicts:
routers/api/v1/api.go
templates/swagger/v1_json.tmpl
(cherry picked from commit bb8c339185)
(cherry picked from commit 5a11569a01)
(cherry picked from commit 2373c801ee)
[MODERATION] restore redirect on unblock
ctx.RedirectToFirst(ctx.FormString("redirect_to"), ctx.ContextUser.HomeLink())
was replaced by
ctx.JSONOK()
in 128d77a3a Following up fixes for "Fix inconsistent user profile layout across tabs" (#25739)
thus changing the behavior (nicely spotted by the tests). This
restores it.
(cherry picked from commit 597c243707)
(cherry picked from commit cfa539e590)
[MODERATION] Add test case (squash)
- Add an test case, to test an property of the function.
(cherry picked from commit 70dadb1916)
[MODERATION] Block adding collaborators
- Ensure that the doer and blocked user cannot add each other as
collaborators to repositories.
- The Web UI gets an detailed message of the specific situation, the API
gets an generic Forbidden code.
- Unit tests has been added.
- Integration testing for Web and API has been added.
- This commit doesn't introduce removing each other as collaborators on
the block action, due to the complexity of database calls that needs to
be figured out. That deserves its own commit and test code.
(cherry picked from commit 747be949a1)
[MODERATION] move locale_en-US.ini strings to avoid conflicts
Conflicts:
web_src/css/org.css
web_src/css/user.css
https://codeberg.org/forgejo/forgejo/pulls/1180
(cherry picked from commit e53f955c88)
Conflicts:
services/issue/comments.go
https://codeberg.org/forgejo/forgejo/pulls/1212
(cherry picked from commit b4a454b576)
Conflicts:
models/forgejo_migrations/migrate.go
options/locale/locale_en-US.ini
services/pull/pull.go
https://codeberg.org/forgejo/forgejo/pulls/1264
[MODERATION] Remove blocked user collaborations with doer
- When the doer blocks an user, who is also an collaborator on an
repository that the doer owns, remove that collaboration.
- Added unit tests.
- Refactor the unit test to be more organized.
(cherry picked from commit ec87016178)
(cherry picked from commit 313e6174d8)
[MODERATION] QoL improvements (squash)
- Ensure that organisations cannot be blocked. It currently has no
effect, as all blocked operations cannot be executed from an
organisation standpoint.
- Refactored the API route to make use of the `UserAssignmentAPI`
middleware.
- Make more use of `t.Run` so that the test code is more clear about
which block of code belongs to which test case.
- Added more integration testing (to ensure the organisations cannot be
blocked and some authorization/permission checks).
(cherry picked from commit e9d638d075)
[MODERATION] s/{{avatar/{{ctx.AvatarUtils.Avatar/
(cherry picked from commit ce8b30be13)
(cherry picked from commit f911dc4025)
Conflicts:
options/locale/locale_en-US.ini
https://codeberg.org/forgejo/forgejo/pulls/1354
(cherry picked from commit c1b37b7fda)
(cherry picked from commit 856a2e0903)
[MODERATION] Show graceful error on comment creation
- When someone is blocked by the repository owner or issue poster and
try to comment on that issue, they get shown a graceful error.
- Adds integration test.
(cherry picked from commit 490646302e)
(cherry picked from commit d3d88667cb)
(cherry picked from commit 6818de13a9)
[MODERATION] Show graceful error on comment creation (squash) typo
(cherry picked from commit 1588d4834a)
(cherry picked from commit d510ea52d0)
(cherry picked from commit 8249e93a14)
[MODERATION] Refactor integration testing (squash)
- Motivation for this PR is that I'd noticed that a lot of repeated
calls are happening between the test functions and that certain tests
weren't using helper functions like `GetCSRF`, therefor this refactor of
the integration tests to keep it: clean, small and hopefully more
maintainable and understandable.
- There are now three integration tests: `TestBlockUser`,
`TestBlockUserFromOrganization` and `TestBlockActions` (and has been
moved in that order in the source code).
- `TestBlockUser` is for doing blocking related actions as an user and
`TestBlockUserFromOrganization` as an organisation, even though they
execute the same kind of tests they do not share any database calls or
logic and therefor it currently doesn't make sense to merge them
together (hopefully such oppurtinutiy might be presented in the future).
- `TestBlockActions` now contain all tests for actions that should be
blocked after blocking has happened, most tests now share the same doer
and blocked users and a extra fixture has been added to make this
possible for the comment test.
- Less code, more comments and more re-use between tests.
(cherry picked from commit ffb393213d)
(cherry picked from commit 85505e0f81)
(cherry picked from commit 0f3cf17761)
[MODERATION] Fix network error (squash)
- Fix network error toast messages on user actions such as follow and
unfollow. This happened because the javascript code now expects an JSON
to be returned, but this wasn't the case due to
cfa539e590127b4953b010fba3dea21c82a1714.
- The integration testing has been adjusted to instead test for the
returned flash cookie.
(cherry picked from commit 112bc25e54)
(cherry picked from commit 1194fe4899)
(cherry picked from commit 9abb95a844)
[MODERATION] Modernize frontend (squash)
- Unify blocked users list.
- Use the new flex list classes for blocked users list to avoid using
the CSS helper classes and thereby be consistent in the design.
- Fix the modal by using the new modal class.
- Remove the icon in the modal as looks too big in the new design.
- Fix avatar not displaying as it was passing the context where the user
should've been passed.
- Don't use italics for 'Blocked since' text.
- Use namelink template to display the user's name and homelink.
(cherry picked from commit ec935a16a3)
(cherry picked from commit 67f37c8346)
Conflicts:
models/user/follow.go
models/user/user_test.go
routers/api/v1/user/follower.go
routers/web/shared/user/header.go
routers/web/user/profile.go
templates/swagger/v1_json.tmpl
https://codeberg.org/forgejo/forgejo/pulls/1468
(cherry picked from commit 6a9626839c)
Conflicts:
tests/integration/api_nodeinfo_test.go
https://codeberg.org/forgejo/forgejo/pulls/1508#issuecomment-1242385
(cherry picked from commit 7378b251b4)
Conflicts:
models/fixtures/watch.yml
models/issues/reaction.go
models/issues/reaction_test.go
routers/api/v1/repo/issue_reaction.go
routers/web/repo/issue.go
services/issue/issue.go
https://codeberg.org/forgejo/forgejo/pulls/1547
(cherry picked from commit c2028930c1)
(cherry picked from commit ecc3dae2ac)
(cherry picked from commit c6c3fc6ace)
(cherry picked from commit 4833bd594a)
[I18N] in the home page replace GitHub with Forgejo
The english string that shows on the home page to encourage for
contribution no longer reference GitHub. But some translations still
do. In this context, and this context only, replace it with Forgejo
even though it may not be correct in some cases.
Refs: https://codeberg.org/forgejo/forgejo/pulls/450
(cherry picked from commit 71de77f5ae)
(cherry picked from commit 0b5195e4e4)
(cherry picked from commit 1252e83f8c)
(cherry picked from commit 2ceb1b2b5f)
(cherry picked from commit 59233055b1)
(cherry picked from commit 378ed6a21e)
(cherry picked from commit 2d661119c3)
(cherry picked from commit 2a95ff4107)
(cherry picked from commit 012b5444a8)
(cherry picked from commit 2aaee4f7c4)
(cherry picked from commit 52b3f53cb7)
(cherry picked from commit 24e665abe7)
(cherry picked from commit 335f8b2bd1)
(cherry picked from commit da3890938b)
(cherry picked from commit 5d0cdd5fe2)
(cherry picked from commit ed8e299b59)
(cherry picked from commit b38db49888)
(cherry picked from commit c19cb35acf)
(cherry picked from commit 45fc0e2dda)
(cherry picked from commit e7ef7c26d1)
(cherry picked from commit 11d05b0dc5)
(cherry picked from commit 8f7287337e)
(cherry picked from commit 8351803ee1)
(cherry picked from commit 0ebf3c0fc7)
(cherry picked from commit 749d3b4f68)
Replaced gitea links with forgejo - protected tags, webhooks
(cherry picked from commit 12534649d0)
(cherry picked from commit 5ad3ff69d4)
(cherry picked from commit a7a325b3f5)
(cherry picked from commit 31d2cc455f)
(cherry picked from commit 99b71abfdb)
(cherry picked from commit b096317ac9)
(cherry picked from commit cbc5cfdfd6)
(cherry picked from commit 1c99fa3f70)
- Use TXT records in order to determine the latest available version.
- This addresses a valid privacy issue, as with HTTP requests the server
can keep track(estimated) of how many instances are using Forgejo, with
DNS that's basically not possible as the server will never receive any
data, as the only ones receiving data are DNS resolvers.
(cherry picked from commit 0baefb546a)
(cherry picked from commit e8ee41880b)
(cherry picked from commit 7eca4f3bf1)
(cherry picked from commit 6dde3992dc)
(cherry picked from commit fb3a37fbfc)
(cherry picked from commit 8304af1e9d)
(cherry picked from commit 0543a7d12a)
(cherry picked from commit c3a22933b7)
(cherry picked from commit e243707694)
(cherry picked from commit 7eb6d1bcf7)
(cherry picked from commit 1d7b9535cd)
(cherry picked from commit 05920dce67)
(cherry picked from commit f173f27d7c)
(cherry picked from commit 90e1c9340e)
(cherry picked from commit de68610ea7)
(cherry picked from commit 8d5757ea04)
(cherry picked from commit c7a7fff316)
(cherry picked from commit 39ac8b8fc1)
(cherry picked from commit 9889203301)
[PRIVACY]: Adjust update checker description
- Resolves#323
- Adjust the description of the update check function on the
installation page to describe the privacy method instead of the HTTP
method by checking gitea.io
(cherry picked from commit 61eae5b105)
(cherry picked from commit 091def20a1)
(cherry picked from commit d5d11bf45a)
(cherry picked from commit 71863d4707)
(cherry picked from commit 11ece4aab1)
(cherry picked from commit afdd7e714f)
(cherry picked from commit 39170e2f1d)
(cherry picked from commit 4b3a52aab8)
(cherry picked from commit 9d763c5fc8)
(cherry picked from commit 638db15482)
(cherry picked from commit a52bfdd8e7)
(cherry picked from commit dc93d00e85)
(cherry picked from commit 0bc4b3508c)
(cherry picked from commit 3f760d85a4)
(cherry picked from commit ecc2716785)
- This is being disabled as it will weekly connect to a domain.
- This only affects existing installations, as new installations will
have a explicit value being written into app.ini due to https://github.com/go-gitea/gitea/pull/21655
(cherry picked from commit cd0b8b6852)
(cherry picked from commit 58d43867ca)
(cherry picked from commit f290b91e50)
(cherry picked from commit 5bd6d75554)
(cherry picked from commit e5d0abb592)
(cherry picked from commit 4b381ce77e)
(cherry picked from commit b6a9b1390d)
(cherry picked from commit 3674362871)
(cherry picked from commit af0f606fc1)
(cherry picked from commit 49560da6fb)
(cherry picked from commit ca06e27c5b)
(cherry picked from commit 163df86df5)
(cherry picked from commit 0391c6ae42)
(cherry picked from commit f282f2d42f)
(cherry picked from commit 68d31cf247)
(cherry picked from commit cfd4a479e9)
(cherry picked from commit add969bdf6)
(cherry picked from commit c0f3f1f1e7)
(cherry picked from commit f11dca9090)
(cherry picked from commit 283810387f)
(cherry picked from commit 08af1f0ea8)
(cherry picked from commit 1c1a6da319)
(cherry picked from commit c1444bae65)
(cherry picked from commit 6361df634b)
(cherry picked from commit cc8bb3f946)
(cherry picked from commit c7ae4411fd)
(cherry picked from commit f73f4eef02)
(cherry picked from commit 2122896e85)
(cherry picked from commit d469c99671)
(cherry picked from commit 41dbbd731e)
(cherry picked from commit e8e742b437)
(cherry picked from commit 0fa9f87b5f)
(cherry picked from commit a92c724a56)
