Skip to content

Commit

Permalink
Merge remote-tracking branch 'giteaoffical/main'
Browse files Browse the repository at this point in the history
* giteaoffical/main: (22 commits)
  Use case-insensitive regex for all webpack assets (go-gitea#26867)
  restrict certificate type for builtin SSH server (go-gitea#26789)
  feat(API): add secret deletion functionality for repository (go-gitea#26808)
  Avoid double-unescaping of form value (go-gitea#26853)
  Move web/api context related testing function into a separate package (go-gitea#26859)
  Remove some unused CSS styles (go-gitea#26852)
  [skip ci] Updated translations via Crowdin
  Minor dashboard tweaks, fix flex-list margins (go-gitea#26829)
  Update team invitation email link (go-gitea#26550)
  Redirect from `{repo}/issues/new` to `{repo}/issues/new/choose` when blank issues are disabled (go-gitea#26813)
  Remove "TODO" tasks from CSS file (go-gitea#26835)
  User details page (go-gitea#26713)
  Render code blocks in repo description (go-gitea#26830)
  Remove joinPaths function (go-gitea#26833)
  Remove polluted `.ui.right` (go-gitea#26825)
  Sync tags when adopting repos (go-gitea#26816)
  rm comment about hugo (go-gitea#26832)
  Fix filename for .spectral.yaml (go-gitea#26828)
  [skip ci] Updated translations via Crowdin
  Check blocklist for emails when adding them to account (go-gitea#26812)
  ...
  • Loading branch information
zjjhot committed Sep 1, 2023
2 parents 91a5317 + 327a7ad commit 92a4a33
Show file tree
Hide file tree
Showing 111 changed files with 1,200 additions and 757 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/files-changed.yml
Original file line number Diff line number Diff line change
Expand Up @@ -81,4 +81,4 @@ jobs:
- "Makefile"
- "package.json"
- "package-lock.json"
- ".spectral.yml"
- ".spectral.yaml"
2 changes: 0 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -121,8 +121,6 @@ If you have questions that are not covered by the documentation, you can get in

We maintain a list of Gitea-related projects at [gitea/awesome-gitea](https://gitea.com/gitea/awesome-gitea).

The Hugo-based documentation theme is hosted at [gitea/theme](https://gitea.com/gitea/theme).

The official Gitea CLI is developed at [gitea/tea](https://gitea.com/gitea/tea).

## Authors
Expand Down
13 changes: 12 additions & 1 deletion models/user/email_address.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ import (
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/util"
"code.gitea.io/gitea/modules/validation"

"xorm.io/builder"
)
Expand Down Expand Up @@ -161,7 +162,17 @@ func ValidateEmail(email string) error {
return ErrEmailInvalid{email}
}

// TODO: add an email allow/block list
// if there is no allow list, then check email against block list
if len(setting.Service.EmailDomainAllowList) == 0 &&
validation.IsEmailDomainListed(setting.Service.EmailDomainBlockList, email) {
return ErrEmailInvalid{email}
}

// if there is an allow list, then check email against allow list
if len(setting.Service.EmailDomainAllowList) > 0 &&
!validation.IsEmailDomainListed(setting.Service.EmailDomainAllowList, email) {
return ErrEmailInvalid{email}
}

return nil
}
Expand Down
25 changes: 4 additions & 21 deletions modules/context/utils.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,37 +4,27 @@
package context

import (
"net/url"
"strings"
"time"
)

// GetQueryBeforeSince return parsed time (unix format) from URL query's before and since
func GetQueryBeforeSince(ctx *Base) (before, since int64, err error) {
qCreatedBefore, err := prepareQueryArg(ctx, "before")
before, err = parseFormTime(ctx, "before")
if err != nil {
return 0, 0, err
}

qCreatedSince, err := prepareQueryArg(ctx, "since")
if err != nil {
return 0, 0, err
}

before, err = parseTime(qCreatedBefore)
if err != nil {
return 0, 0, err
}

since, err = parseTime(qCreatedSince)
since, err = parseFormTime(ctx, "since")
if err != nil {
return 0, 0, err
}
return before, since, nil
}

// parseTime parse time and return unix timestamp
func parseTime(value string) (int64, error) {
func parseFormTime(ctx *Base, name string) (int64, error) {
value := strings.TrimSpace(ctx.FormString(name))
if len(value) != 0 {
t, err := time.Parse(time.RFC3339, value)
if err != nil {
Expand All @@ -46,10 +36,3 @@ func parseTime(value string) (int64, error) {
}
return 0, nil
}

// prepareQueryArg unescape and trim a query arg
func prepareQueryArg(ctx *Base, name string) (value string, err error) {
value, err = url.PathUnescape(ctx.FormString(name))
value = strings.TrimSpace(value)
return value, err
}
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
// Copyright 2017 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT

package test
// Package contexttest provides utilities for testing Web/API contexts with models.
package contexttest

import (
gocontext "context"
Expand All @@ -22,7 +23,7 @@ import (
"code.gitea.io/gitea/modules/translation"
"code.gitea.io/gitea/modules/web/middleware"

chi "github.com/go-chi/chi/v5"
"github.com/go-chi/chi/v5"
"github.com/stretchr/testify/assert"
)

Expand All @@ -40,7 +41,6 @@ func mockRequest(t *testing.T, reqPath string) *http.Request {
}

// MockContext mock context for unit tests
// TODO: move this function to other packages, because it depends on "models" package
func MockContext(t *testing.T, reqPath string) (*context.Context, *httptest.ResponseRecorder) {
resp := httptest.NewRecorder()
req := mockRequest(t, reqPath)
Expand All @@ -50,15 +50,13 @@ func MockContext(t *testing.T, reqPath string) (*context.Context, *httptest.Resp
base.Locale = &translation.MockLocale{}

ctx := context.NewWebContext(base, &MockRender{}, nil)
ctx.Flash = &middleware.Flash{Values: url.Values{}}

chiCtx := chi.NewRouteContext()
ctx.Base.AppendContextValue(chi.RouteCtxKey, chiCtx)
return ctx, resp
}

// MockAPIContext mock context for unit tests
// TODO: move this function to other packages, because it depends on "models" package
func MockAPIContext(t *testing.T, reqPath string) (*context.APIContext, *httptest.ResponseRecorder) {
resp := httptest.NewRecorder()
req := mockRequest(t, reqPath)
Expand Down Expand Up @@ -123,7 +121,7 @@ func LoadRepoCommit(t *testing.T, ctx gocontext.Context) {
}
}

// LoadUser load a user into a test context.
// LoadUser load a user into a test context
func LoadUser(t *testing.T, ctx gocontext.Context, userID int64) {
doer := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: userID})
switch ctx := ctx.(type) {
Expand Down
6 changes: 6 additions & 0 deletions modules/ssh/ssh.go
Original file line number Diff line number Diff line change
Expand Up @@ -191,6 +191,12 @@ func publicKeyHandler(ctx ssh.Context, key ssh.PublicKey) bool {
return false
}

if cert.CertType != gossh.UserCert {
log.Warn("Certificate Rejected: Not a user certificate")
log.Warn("Failed authentication attempt from %s", ctx.RemoteAddr())
return false
}

// look for the exact principal
principalLoop:
for _, principal := range cert.ValidPrincipals {
Expand Down
5 changes: 2 additions & 3 deletions modules/templates/util_render.go
Original file line number Diff line number Diff line change
Expand Up @@ -108,10 +108,9 @@ func RenderCommitBody(ctx context.Context, msg, urlPrefix string, metas map[stri
// Match text that is between back ticks.
var codeMatcher = regexp.MustCompile("`([^`]+)`")

// RenderCodeBlock renders "`…`" as highlighted "<code>" block.
// Intended for issue and PR titles, these containers should have styles for "<code>" elements
// RenderCodeBlock renders "`…`" as highlighted "<code>" block, intended for issue and PR titles
func RenderCodeBlock(htmlEscapedTextToRender template.HTML) template.HTML {
htmlWithCodeTags := codeMatcher.ReplaceAllString(string(htmlEscapedTextToRender), "<code>$1</code>") // replace with HTML <code> tags
htmlWithCodeTags := codeMatcher.ReplaceAllString(string(htmlEscapedTextToRender), `<code class="inline-code-block">$1</code>`) // replace with HTML <code> tags
return template.HTML(htmlWithCodeTags)
}

Expand Down
25 changes: 25 additions & 0 deletions modules/validation/helpers.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ import (
"strings"

"code.gitea.io/gitea/modules/setting"

"github.com/gobwas/glob"
)

var externalTrackerRegex = regexp.MustCompile(`({?)(?:user|repo|index)+?(}?)`)
Expand Down Expand Up @@ -48,6 +50,29 @@ func IsValidSiteURL(uri string) bool {
return false
}

// IsEmailDomainListed checks whether the domain of an email address
// matches a list of domains
func IsEmailDomainListed(globs []glob.Glob, email string) bool {
if len(globs) == 0 {
return false
}

n := strings.LastIndex(email, "@")
if n <= 0 {
return false
}

domain := strings.ToLower(email[n+1:])

for _, g := range globs {
if g.Match(domain) {
return true
}
}

return false
}

// IsAPIURL checks if URL is current Gitea instance API URL
func IsAPIURL(uri string) bool {
return strings.HasPrefix(strings.ToLower(uri), strings.ToLower(setting.AppURL+"api"))
Expand Down
1 change: 1 addition & 0 deletions options/locale/locale_en-US.ini
Original file line number Diff line number Diff line change
Expand Up @@ -2823,6 +2823,7 @@ users.list_status_filter.is_prohibit_login = Prohibit Login
users.list_status_filter.not_prohibit_login = Allow Login
users.list_status_filter.is_2fa_enabled = 2FA Enabled
users.list_status_filter.not_2fa_enabled = 2FA Disabled
users.details = User Details

emails.email_manage_panel = User Email Management
emails.primary = Primary
Expand Down
Loading

0 comments on commit 92a4a33

Please sign in to comment.