Merge branch 'main' into tooldeps2

Author: silverwind

docker/root/etc/s6/gitea/setup

@@ -2,7 +2,15 @@
 
 if [ ! -d /data/git/.ssh ]; then
     mkdir -p /data/git/.ssh
-    chmod 700 /data/git/.ssh
+fi
+
+# Set the correct permissions on the .ssh directory and authorized_keys file,
+# or sshd will refuse to use them and lead to clone/push/pull failures.
+# It could happen when users have copied their data to a new volume and changed the file permission by accident,
+# and it would be very hard to troubleshoot unless users know how to check the logs of sshd which is started by s6.
+chmod 700 /data/git/.ssh
+if [ -f /data/git/.ssh/authorized_keys ]; then
+    chmod 600 /data/git/.ssh/authorized_keys
 fi
 
 if [ ! -f /data/git/.ssh/environment ]; then

models/asymkey/gpg_key_commit_verification.go

@@ -455,9 +455,9 @@ func hashAndVerifyForKeyID(sig *packet.Signature, payload string, committer *use
 
 // CalculateTrustStatus will calculate the TrustStatus for a commit verification within a repository
 // There are several trust models in Gitea
-func CalculateTrustStatus(verification *CommitVerification, repoTrustModel repo_model.TrustModelType, isOwnerMemberCollaborator func(*user_model.User) (bool, error), keyMap *map[string]bool) (err error) {
+func CalculateTrustStatus(verification *CommitVerification, repoTrustModel repo_model.TrustModelType, isOwnerMemberCollaborator func(*user_model.User) (bool, error), keyMap *map[string]bool) error {
 	if !verification.Verified {
-		return
+		return nil
 	}
 
 	// In the Committer trust model a signature is trusted if it matches the committer
@@ -475,7 +475,7 @@ func CalculateTrustStatus(verification *CommitVerification, repoTrustModel repo_
 				verification.SigningUser.Email == verification.CommittingUser.Email) {
 			verification.TrustStatus = "trusted"
 		}
-		return
+		return nil
 	}
 
 	// Now we drop to the more nuanced trust models...
@@ -490,10 +490,11 @@ func CalculateTrustStatus(verification *CommitVerification, repoTrustModel repo_
 			verification.SigningUser.Email != verification.CommittingUser.Email) {
 			verification.TrustStatus = "untrusted"
 		}
-		return
+		return nil
 	}
 
 	// Check we actually have a GPG SigningKey
+	var err error
 	if verification.SigningKey != nil {
 		var isMember bool
 		if keyMap != nil {

models/auth/oauth2.go

@@ -306,9 +306,10 @@ func (code *OAuth2AuthorizationCode) TableName() string {
 }
 
 // GenerateRedirectURI generates a redirect URI for a successful authorization request. State will be used if not empty.
-func (code *OAuth2AuthorizationCode) GenerateRedirectURI(state string) (redirect *url.URL, err error) {
-	if redirect, err = url.Parse(code.RedirectURI); err != nil {
-		return
+func (code *OAuth2AuthorizationCode) GenerateRedirectURI(state string) (*url.URL, error) {
+	redirect, err := url.Parse(code.RedirectURI)
+	if err != nil {
+		return nil, err
 	}
 	q := redirect.Query()
 	if state != "" {

models/migrations/v1_11/v106.go

@@ -16,10 +16,10 @@ type Watch struct {
 	Mode RepoWatchMode `xorm:"SMALLINT NOT NULL DEFAULT 1"`
 }
 
-func AddModeColumnToWatch(x *xorm.Engine) (err error) {
-	if err = x.Sync2(new(Watch)); err != nil {
-		return
+func AddModeColumnToWatch(x *xorm.Engine) error {
+	if err := x.Sync2(new(Watch)); err != nil {
+		return err
 	}
-	_, err = x.Exec("UPDATE `watch` SET `mode` = 1")
+	_, err := x.Exec("UPDATE `watch` SET `mode` = 1")
 	return err
 }

models/migrations/v1_13/v143.go

@@ -23,25 +23,25 @@ func RecalculateStars(x *xorm.Engine) (err error) {
 
 	for start := 0; ; start += batchSize {
 		users := make([]User, 0, batchSize)
-		if err = sess.Limit(batchSize, start).Where("type = ?", 0).Cols("id").Find(&users); err != nil {
-			return
+		if err := sess.Limit(batchSize, start).Where("type = ?", 0).Cols("id").Find(&users); err != nil {
+			return err
 		}
 		if len(users) == 0 {
 			break
 		}
 
-		if err = sess.Begin(); err != nil {
-			return
+		if err := sess.Begin(); err != nil {
+			return err
 		}
 
 		for _, user := range users {
-			if _, err = sess.Exec("UPDATE `user` SET num_stars=(SELECT COUNT(*) FROM `star` WHERE uid=?) WHERE id=?", user.ID, user.ID); err != nil {
-				return
+			if _, err := sess.Exec("UPDATE `user` SET num_stars=(SELECT COUNT(*) FROM `star` WHERE uid=?) WHERE id=?", user.ID, user.ID); err != nil {
+				return err
 			}
 		}
 
-		if err = sess.Commit(); err != nil {
-			return
+		if err := sess.Commit(); err != nil {
+			return err
 		}
 	}
 

models/migrations/v1_15/v180.go

@@ -44,25 +44,25 @@ func DeleteMigrationCredentials(x *xorm.Engine) (err error) {
 
 	for start := 0; ; start += batchSize {
 		tasks := make([]*Task, 0, batchSize)
-		if err = sess.Limit(batchSize, start).Where(cond, 0).Find(&tasks); err != nil {
-			return
+		if err := sess.Limit(batchSize, start).Where(cond, 0).Find(&tasks); err != nil {
+			return err
 		}
 		if len(tasks) == 0 {
 			break
 		}
-		if err = sess.Begin(); err != nil {
-			return
+		if err := sess.Begin(); err != nil {
+			return err
 		}
 		for _, t := range tasks {
 			if t.PayloadContent, err = removeCredentials(t.PayloadContent); err != nil {
-				return
+				return err
 			}
-			if _, err = sess.ID(t.ID).Cols("payload_content").Update(t); err != nil {
-				return
+			if _, err := sess.ID(t.ID).Cols("payload_content").Update(t); err != nil {
+				return err
 			}
 		}
-		if err = sess.Commit(); err != nil {
-			return
+		if err := sess.Commit(); err != nil {
+			return err
 		}
 	}
 	return err

models/migrations/v1_15/v181.go

@@ -9,7 +9,7 @@ import (
 	"xorm.io/xorm"
 )
 
-func AddPrimaryEmail2EmailAddress(x *xorm.Engine) (err error) {
+func AddPrimaryEmail2EmailAddress(x *xorm.Engine) error {
 	type User struct {
 		ID       int64  `xorm:"pk autoincr"`
 		Email    string `xorm:"NOT NULL"`
@@ -26,12 +26,12 @@ func AddPrimaryEmail2EmailAddress(x *xorm.Engine) (err error) {
 	}
 
 	// Add lower_email and is_primary columns
-	if err = x.Table("email_address").Sync2(new(EmailAddress1)); err != nil {
-		return
+	if err := x.Table("email_address").Sync2(new(EmailAddress1)); err != nil {
+		return err
 	}
 
-	if _, err = x.Exec("UPDATE email_address SET lower_email=LOWER(email), is_primary=?", false); err != nil {
-		return
+	if _, err := x.Exec("UPDATE email_address SET lower_email=LOWER(email), is_primary=?", false); err != nil {
+		return err
 	}
 
 	type EmailAddress struct {
@@ -44,8 +44,8 @@ func AddPrimaryEmail2EmailAddress(x *xorm.Engine) (err error) {
 	}
 
 	// change lower_email as unique
-	if err = x.Sync2(new(EmailAddress)); err != nil {
-		return
+	if err := x.Sync2(new(EmailAddress)); err != nil {
+		return err
 	}
 
 	sess := x.NewSession()
@@ -55,34 +55,33 @@ func AddPrimaryEmail2EmailAddress(x *xorm.Engine) (err error) {
 
 	for start := 0; ; start += batchSize {
 		users := make([]*User, 0, batchSize)
-		if err = sess.Limit(batchSize, start).Find(&users); err != nil {
-			return
+		if err := sess.Limit(batchSize, start).Find(&users); err != nil {
+			return err
 		}
 		if len(users) == 0 {
 			break
 		}
 
 		for _, user := range users {
-			var exist bool
-			exist, err = sess.Where("email=?", user.Email).Table("email_address").Exist()
+			exist, err := sess.Where("email=?", user.Email).Table("email_address").Exist()
 			if err != nil {
-				return
+				return err
 			}
 			if !exist {
-				if _, err = sess.Insert(&EmailAddress{
+				if _, err := sess.Insert(&EmailAddress{
 					UID:         user.ID,
 					Email:       user.Email,
 					LowerEmail:  strings.ToLower(user.Email),
 					IsActivated: user.IsActive,
 					IsPrimary:   true,
 				}); err != nil {
-					return
+					return err
 				}
 			} else {
-				if _, err = sess.Where("email=?", user.Email).Cols("is_primary").Update(&EmailAddress{
+				if _, err := sess.Where("email=?", user.Email).Cols("is_primary").Update(&EmailAddress{
 					IsPrimary: true,
 				}); err != nil {
-					return
+					return err
 				}
 			}
 		}

models/organization/org.go

@@ -532,27 +532,6 @@ func GetOrgsCanCreateRepoByUserID(userID int64) ([]*Organization, error) {
 		Find(&orgs)
 }
 
-// GetOrgUsersByUserID returns all organization-user relations by user ID.
-func GetOrgUsersByUserID(uid int64, opts *SearchOrganizationsOptions) ([]*OrgUser, error) {
-	ous := make([]*OrgUser, 0, 10)
-	sess := db.GetEngine(db.DefaultContext).
-		Join("LEFT", "`user`", "`org_user`.org_id=`user`.id").
-		Where("`org_user`.uid=?", uid)
-	if !opts.All {
-		// Only show public organizations
-		sess.And("is_public=?", true)
-	}
-
-	if opts.PageSize != 0 {
-		sess = db.SetSessionPagination(sess, opts)
-	}
-
-	err := sess.
-		Asc("`user`.name").
-		Find(&ous)
-	return ous, err
-}
-
 // GetOrgUsersByOrgID returns all organization-user relations by organization ID.
 func GetOrgUsersByOrgID(ctx context.Context, opts *FindOrgMembersOpts) ([]*OrgUser, error) {
 	sess := db.GetEngine(ctx).Where("org_id=?", opts.OrgID)

models/organization/org_test.go

@@ -207,42 +207,6 @@ func TestFindOrgs(t *testing.T) {
 	assert.EqualValues(t, 1, total)
 }
 
-func TestGetOrgUsersByUserID(t *testing.T) {
-	assert.NoError(t, unittest.PrepareTestDatabase())
-
-	orgUsers, err := organization.GetOrgUsersByUserID(5, &organization.SearchOrganizationsOptions{All: true})
-	assert.NoError(t, err)
-	if assert.Len(t, orgUsers, 3) {
-		assert.Equal(t, organization.OrgUser{
-			ID:       orgUsers[0].ID,
-			OrgID:    23,
-			UID:      5,
-			IsPublic: false,
-		}, *orgUsers[0])
-		assert.Equal(t, organization.OrgUser{
-			ID:       orgUsers[1].ID,
-			OrgID:    6,
-			UID:      5,
-			IsPublic: true,
-		}, *orgUsers[1])
-		assert.Equal(t, organization.OrgUser{
-			ID:       orgUsers[2].ID,
-			OrgID:    7,
-			UID:      5,
-			IsPublic: false,
-		}, *orgUsers[2])
-	}
-
-	publicOrgUsers, err := organization.GetOrgUsersByUserID(5, &organization.SearchOrganizationsOptions{All: false})
-	assert.NoError(t, err)
-	assert.Len(t, publicOrgUsers, 1)
-	assert.Equal(t, *orgUsers[1], *publicOrgUsers[0])
-
-	orgUsers, err = organization.GetOrgUsersByUserID(1, &organization.SearchOrganizationsOptions{All: true})
-	assert.NoError(t, err)
-	assert.Len(t, orgUsers, 0)
-}
-
 func TestGetOrgUsersByOrgID(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 

models/user/user.go

@@ -336,7 +336,7 @@ func GetUserFollowers(ctx context.Context, u, viewer *User, listOptions db.ListO
 
 // GetUserFollowing returns range of user's following.
 func GetUserFollowing(ctx context.Context, u, viewer *User, listOptions db.ListOptions) ([]*User, int64, error) {
-	sess := db.GetEngine(db.DefaultContext).
+	sess := db.GetEngine(ctx).
 		Select("`user`.*").
 		Join("LEFT", "follow", "`user`.id=follow.follow_id").
 		Where("follow.user_id=?", u.ID).

modules/context/org.go

@@ -161,7 +161,6 @@ func HandleOrgAssignment(ctx *Context, args ...bool) {
 	}
 	ctx.Data["IsOrganizationOwner"] = ctx.Org.IsOwner
 	ctx.Data["IsOrganizationMember"] = ctx.Org.IsMember
-	ctx.Data["IsProjectEnabled"] = true
 	ctx.Data["IsPackageEnabled"] = setting.Packages.Enabled
 	ctx.Data["IsRepoIndexerEnabled"] = setting.Indexer.RepoIndexerEnabled
 	ctx.Data["IsPublicMember"] = func(uid int64) bool {