From 2c2d7e6f64591acb9a286c36e8a690afdf9c4533 Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Sat, 4 Apr 2026 04:03:59 +0800 Subject: [PATCH] Fix various bugs (#37096) * Fix #36001 * Fix #35498 * Fix #35395 * Fix #35160 * Fix #35058 * Fix #35445 --- cmd/generate.go | 6 +--- modules/generate/generate.go | 8 +++--- modules/generate/generate_test.go | 6 ++-- modules/markup/markdown/markdown_test.go | 17 +++++++++++ modules/markup/markdown/transform_list.go | 13 ++++++++- modules/setting/lfs.go | 5 +--- modules/setting/oauth2.go | 10 ++----- routers/api/v1/api.go | 4 +-- routers/api/v1/repo/branch.go | 6 ++-- routers/api/v1/repo/tag.go | 17 ++++++----- routers/install/install.go | 15 ++++------ templates/projects/view.tmpl | 2 +- templates/shared/search/combo.tmpl | 27 +++++++++--------- tests/integration/api_branch_test.go | 11 ++++++-- web_src/js/components/ActionRunJobView.vue | 2 +- web_src/js/features/repo-projects.ts | 33 ++++++++++++++++------ web_src/js/index.ts | 4 +-- web_src/js/utils.ts | 5 ++-- 18 files changed, 113 insertions(+), 78 deletions(-) diff --git a/cmd/generate.go b/cmd/generate.go index b94ff79aaec..21f8b42bff7 100644 --- a/cmd/generate.go +++ b/cmd/generate.go @@ -78,11 +78,7 @@ func runGenerateInternalToken(_ context.Context, c *cli.Command) error { } func runGenerateLfsJwtSecret(_ context.Context, c *cli.Command) error { - _, jwtSecretBase64, err := generate.NewJwtSecretWithBase64() - if err != nil { - return err - } - + _, jwtSecretBase64 := generate.NewJwtSecretWithBase64() fmt.Printf("%s", jwtSecretBase64) if isatty.IsTerminal(os.Stdout.Fd()) { diff --git a/modules/generate/generate.go b/modules/generate/generate.go index 2d9a3dd9022..ac845044923 100644 --- a/modules/generate/generate.go +++ b/modules/generate/generate.go @@ -54,13 +54,13 @@ func DecodeJwtSecretBase64(src string) ([]byte, error) { } // NewJwtSecretWithBase64 generates a jwt secret with its base64 encoded value intended to be used for saving into config file -func NewJwtSecretWithBase64() ([]byte, string, error) { +func NewJwtSecretWithBase64() ([]byte, string) { bytes := make([]byte, defaultJwtSecretLen) - _, err := io.ReadFull(rand.Reader, bytes) + _, err := rand.Read(bytes) if err != nil { - return nil, "", err + panic(err) // rand.Read never fails } - return bytes, base64.RawURLEncoding.EncodeToString(bytes), nil + return bytes, base64.RawURLEncoding.EncodeToString(bytes) } // NewSecretKey generate a new value intended to be used by SECRET_KEY. diff --git a/modules/generate/generate_test.go b/modules/generate/generate_test.go index af640a60c1e..f9dd20cc7fe 100644 --- a/modules/generate/generate_test.go +++ b/modules/generate/generate_test.go @@ -25,10 +25,12 @@ func TestDecodeJwtSecretBase64(t *testing.T) { } func TestNewJwtSecretWithBase64(t *testing.T) { - secret, encoded, err := NewJwtSecretWithBase64() - assert.NoError(t, err) + secret, encoded := NewJwtSecretWithBase64() assert.Len(t, secret, 32) decoded, err := DecodeJwtSecretBase64(encoded) assert.NoError(t, err) assert.Equal(t, secret, decoded) + + secret2, _ := NewJwtSecretWithBase64() + assert.NotEqual(t, secret, secret2) } diff --git a/modules/markup/markdown/markdown_test.go b/modules/markup/markdown/markdown_test.go index 26dbde9932a..e231b037cc1 100644 --- a/modules/markup/markdown/markdown_test.go +++ b/modules/markup/markdown/markdown_test.go @@ -583,3 +583,20 @@ func TestMarkdownLink(t *testing.T) { assert.Equal(t, `

https://example.com/__init__.py

`, string(result)) } + +func TestMarkdownUlDir(t *testing.T) { + defer test.MockVariableValue(&markup.RenderBehaviorForTesting.DisableAdditionalAttributes, false)() + result, err := markdown.RenderString(markup.NewTestRenderContext(), ` +* a + * b +`) + assert.NoError(t, err) + assert.Equal(t, ` +`, string(result)) +} diff --git a/modules/markup/markdown/transform_list.go b/modules/markup/markdown/transform_list.go index c89ad2f2cf3..6cafa8ff78e 100644 --- a/modules/markup/markdown/transform_list.go +++ b/modules/markup/markdown/transform_list.go @@ -81,5 +81,16 @@ func (g *ASTTransformer) transformList(_ *markup.RenderContext, v *ast.List, rc v.AppendChild(v, newChild) } } - g.applyElementDir(v) + + nestedList := false + for p := v.Parent(); p != nil; p = p.Parent() { + if _, ok := p.(*ast.List); ok { + nestedList = true + break + } + } + if !nestedList { + // "dir=auto" should be only added to top-level "ul". https://github.com/go-gitea/gitea/issues/35058 + g.applyElementDir(v) + } } diff --git a/modules/setting/lfs.go b/modules/setting/lfs.go index 7f2d0ae1590..3ec21860ae6 100644 --- a/modules/setting/lfs.go +++ b/modules/setting/lfs.go @@ -81,10 +81,7 @@ func loadLFSFrom(rootCfg ConfigProvider) error { jwtSecretBase64 := loadSecret(rootCfg.Section("server"), "LFS_JWT_SECRET_URI", "LFS_JWT_SECRET") LFS.JWTSecretBytes, err = generate.DecodeJwtSecretBase64(jwtSecretBase64) if err != nil { - LFS.JWTSecretBytes, jwtSecretBase64, err = generate.NewJwtSecretWithBase64() - if err != nil { - return fmt.Errorf("error generating JWT Secret for custom config: %v", err) - } + LFS.JWTSecretBytes, jwtSecretBase64 = generate.NewJwtSecretWithBase64() // Save secret saveCfg, err := rootCfg.PrepareSaving() diff --git a/modules/setting/oauth2.go b/modules/setting/oauth2.go index 2dfe77dda9a..8e0210aa518 100644 --- a/modules/setting/oauth2.go +++ b/modules/setting/oauth2.go @@ -139,10 +139,7 @@ func loadOAuth2From(rootCfg ConfigProvider) { if InstallLock { jwtSecretBytes, err := generate.DecodeJwtSecretBase64(jwtSecretBase64) if err != nil { - jwtSecretBytes, jwtSecretBase64, err = generate.NewJwtSecretWithBase64() - if err != nil { - log.Fatal("error generating JWT secret: %v", err) - } + jwtSecretBytes, jwtSecretBase64 = generate.NewJwtSecretWithBase64() saveCfg, err := rootCfg.PrepareSaving() if err != nil { log.Fatal("save oauth2.JWT_SECRET failed: %v", err) @@ -162,10 +159,7 @@ var generalSigningSecret atomic.Pointer[[]byte] func GetGeneralTokenSigningSecret() []byte { old := generalSigningSecret.Load() if old == nil || len(*old) == 0 { - jwtSecret, _, err := generate.NewJwtSecretWithBase64() - if err != nil { - log.Fatal("Unable to generate general JWT secret: %v", err) - } + jwtSecret, _ := generate.NewJwtSecretWithBase64() if generalSigningSecret.CompareAndSwap(old, &jwtSecret) { return jwtSecret } diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go index e1d836b5c85..ef38b75696f 100644 --- a/routers/api/v1/api.go +++ b/routers/api/v1/api.go @@ -1228,10 +1228,10 @@ func Routes() *web.Router { m.Group("/branch_protections", func() { m.Get("", repo.ListBranchProtections) m.Post("", bind(api.CreateBranchProtectionOption{}), mustNotBeArchived, repo.CreateBranchProtection) - m.Group("/{name}", func() { + m.Group("/*", func() { m.Get("", repo.GetBranchProtection) m.Patch("", bind(api.EditBranchProtectionOption{}), mustNotBeArchived, repo.EditBranchProtection) - m.Delete("", repo.DeleteBranchProtection) + m.Delete("", mustNotBeArchived, repo.DeleteBranchProtection) }) m.Post("/priority", bind(api.UpdateBranchProtectionPriories{}), mustNotBeArchived, repo.UpdateBranchProtectionPriories) }, reqToken(), reqAdmin()) diff --git a/routers/api/v1/repo/branch.go b/routers/api/v1/repo/branch.go index c3b3fc10855..295e4c2b5ed 100644 --- a/routers/api/v1/repo/branch.go +++ b/routers/api/v1/repo/branch.go @@ -563,7 +563,7 @@ func GetBranchProtection(ctx *context.APIContext) { // "$ref": "#/responses/notFound" repo := ctx.Repo.Repository - bpName := ctx.PathParam("name") + bpName := ctx.PathParam("*") bp, err := git_model.GetProtectedBranchRuleByName(ctx, repo.ID, bpName) if err != nil { ctx.APIErrorInternal(err) @@ -845,7 +845,7 @@ func EditBranchProtection(ctx *context.APIContext) { // "$ref": "#/responses/repoArchivedError" form := web.GetForm(ctx).(*api.EditBranchProtectionOption) repo := ctx.Repo.Repository - bpName := ctx.PathParam("name") + bpName := ctx.PathParam("*") protectBranch, err := git_model.GetProtectedBranchRuleByName(ctx, repo.ID, bpName) if err != nil { ctx.APIErrorInternal(err) @@ -1168,7 +1168,7 @@ func DeleteBranchProtection(ctx *context.APIContext) { // "$ref": "#/responses/notFound" repo := ctx.Repo.Repository - bpName := ctx.PathParam("name") + bpName := ctx.PathParam("*") bp, err := git_model.GetProtectedBranchRuleByName(ctx, repo.ID, bpName) if err != nil { ctx.APIErrorInternal(err) diff --git a/routers/api/v1/repo/tag.go b/routers/api/v1/repo/tag.go index 9e77637282a..28bc508879b 100644 --- a/routers/api/v1/repo/tag.go +++ b/routers/api/v1/repo/tag.go @@ -107,15 +107,18 @@ func GetAnnotatedTag(ctx *context.APIContext) { return } - if tag, err := ctx.Repo.GitRepo.GetAnnotatedTag(sha); err != nil { + tag, err := ctx.Repo.GitRepo.GetAnnotatedTag(sha) + if err != nil { ctx.APIError(http.StatusBadRequest, err) - } else { - commit, err := ctx.Repo.GitRepo.GetTagCommit(tag.Name) - if err != nil { - ctx.APIError(http.StatusBadRequest, err) - } - ctx.JSON(http.StatusOK, convert.ToAnnotatedTag(ctx, ctx.Repo.Repository, tag, commit)) + return } + + commit, err := ctx.Repo.GitRepo.GetTagCommit(tag.Name) + if err != nil { + ctx.APIError(http.StatusBadRequest, err) + return + } + ctx.JSON(http.StatusOK, convert.ToAnnotatedTag(ctx, ctx.Repo.Repository, tag, commit)) } // GetTag get the tag of a repository diff --git a/routers/install/install.go b/routers/install/install.go index 81fcdfa384c..dec0b31e5cd 100644 --- a/routers/install/install.go +++ b/routers/install/install.go @@ -371,12 +371,11 @@ func SubmitInstall(ctx *context.Context) { if form.LFSRootPath != "" { cfg.Section("server").Key("LFS_START_SERVER").SetValue("true") cfg.Section("lfs").Key("PATH").SetValue(form.LFSRootPath) - var lfsJwtSecret string - if _, lfsJwtSecret, err = generate.NewJwtSecretWithBase64(); err != nil { - ctx.RenderWithErrDeprecated(ctx.Tr("install.lfs_jwt_secret_failed", err), tplInstall, &form) - return + + if !cfg.Section("server").HasKey("LFS_JWT_SECRET_URI") { + _, lfsJwtSecret := generate.NewJwtSecretWithBase64() + cfg.Section("server").Key("LFS_JWT_SECRET").SetValue(lfsJwtSecret) } - cfg.Section("server").Key("LFS_JWT_SECRET").SetValue(lfsJwtSecret) } else { cfg.Section("server").Key("LFS_START_SERVER").SetValue("false") } @@ -437,11 +436,7 @@ func SubmitInstall(ctx *context.Context) { // FIXME: at the moment, no matter oauth2 is enabled or not, it must generate a "oauth2 JWT_SECRET" // see the "loadOAuth2From" in "setting/oauth2.go" if !cfg.Section("oauth2").HasKey("JWT_SECRET") && !cfg.Section("oauth2").HasKey("JWT_SECRET_URI") { - _, jwtSecretBase64, err := generate.NewJwtSecretWithBase64() - if err != nil { - ctx.RenderWithErrDeprecated(ctx.Tr("install.secret_key_failed", err), tplInstall, &form) - return - } + _, jwtSecretBase64 := generate.NewJwtSecretWithBase64() cfg.Section("oauth2").Key("JWT_SECRET").SetValue(jwtSecretBase64) } diff --git a/templates/projects/view.tmpl b/templates/projects/view.tmpl index 3e1afab79f0..ac08e567813 100644 --- a/templates/projects/view.tmpl +++ b/templates/projects/view.tmpl @@ -1,6 +1,6 @@ {{$canWriteProject := and .CanWriteProjects (or (not .Repository) (not .Repository.IsArchived))}} -
+

{{.Project.Title}}

diff --git a/templates/shared/search/combo.tmpl b/templates/shared/search/combo.tmpl index 3aba9a7f047..7850b083a45 100644 --- a/templates/shared/search/combo.tmpl +++ b/templates/shared/search/combo.tmpl @@ -9,22 +9,21 @@
{{template "shared/search/input" dict "Value" .Value "Disabled" .Disabled "Placeholder" .Placeholder}} {{if .SearchModes}} -
-
{{svg "octicon-triangle-down" 14 "dropdown icon"}} - -
- {{range $mode := .SearchModes}} -
{{ctx.Locale.Tr $mode.TitleTrKey}}
+ {{$selected := index .SearchModes 0}} + {{range $mode := .SearchModes}} + {{if eq $mode.ModeValue $.SelectedSearchMode}} + {{$selected = $mode}} {{end}} + {{end}} +
+
{{ctx.Locale.Tr $selected.TitleTrKey}}
{{svg "octicon-triangle-down" 14 "dropdown icon"}} + +
+ {{range $mode := .SearchModes}} +
{{ctx.Locale.Tr $mode.TitleTrKey}}
+ {{end}} +
-
{{end}} {{template "shared/search/button" dict "Disabled" .Disabled "Tooltip" .Tooltip}}
diff --git a/tests/integration/api_branch_test.go b/tests/integration/api_branch_test.go index f5f33dacf09..017790081e5 100644 --- a/tests/integration/api_branch_test.go +++ b/tests/integration/api_branch_test.go @@ -362,15 +362,20 @@ func testAPIRenameBranch(t *testing.T, doerName, ownerName, repoName, from, to s func TestAPIBranchProtection(t *testing.T) { defer tests.PrepareTestEnv(t)() - // Branch protection on branch that not exist - testAPICreateBranchProtection(t, "master/doesnotexist", 1, http.StatusCreated) + // Can create branch protection on branch that not exist + testAPICreateBranchProtection(t, "non-existing/branch", 1, http.StatusCreated) + testAPIGetBranchProtection(t, "non-existing/branch", http.StatusOK) + testAPIDeleteBranchProtection(t, "non-existing/branch", http.StatusNoContent) + // Get branch protection on branch that exist but not branch protection testAPIGetBranchProtection(t, "master", http.StatusNotFound) - testAPICreateBranchProtection(t, "master", 2, http.StatusCreated) + testAPICreateBranchProtection(t, "master", 1, http.StatusCreated) // Can only create once testAPICreateBranchProtection(t, "master", 0, http.StatusForbidden) + testAPICreateBranchProtection(t, "other-branch", 2, http.StatusCreated) + // Can't delete a protected branch testAPIDeleteBranch(t, "master", http.StatusForbidden) diff --git a/web_src/js/components/ActionRunJobView.vue b/web_src/js/components/ActionRunJobView.vue index fba78917c9c..67d4c1048b5 100644 --- a/web_src/js/components/ActionRunJobView.vue +++ b/web_src/js/components/ActionRunJobView.vue @@ -381,7 +381,7 @@ function toggleTimeDisplay(type: 'seconds' | 'stamp') { function toggleFullScreenMode() { isFullScreen.value = !isFullScreen.value; - toggleFullScreen('.action-view-right', isFullScreen.value, '.action-view-body'); + toggleFullScreen(document.querySelector('.action-view-right')!, isFullScreen.value, '.action-view-body'); } async function hashChangeListener() { diff --git a/web_src/js/features/repo-projects.ts b/web_src/js/features/repo-projects.ts index 2432d1b0353..904bce983b8 100644 --- a/web_src/js/features/repo-projects.ts +++ b/web_src/js/features/repo-projects.ts @@ -5,6 +5,8 @@ import {fomanticQuery} from '../modules/fomantic/base.ts'; import {queryElemChildren, queryElems, toggleElem} from '../utils/dom.ts'; import type {SortableEvent} from 'sortablejs'; import {toggleFullScreen} from '../utils.ts'; +import {registerGlobalInitFunc} from '../modules/observer.ts'; +import {localUserSettings} from '../modules/user-settings.ts'; function updateIssueCount(card: HTMLElement): void { const parent = card.parentElement!; @@ -143,27 +145,42 @@ function initRepoProjectColumnEdit(writableProjectBoard: Element): void { }); } -function initRepoProjectToggleFullScreen(): void { +function initRepoProjectToggleFullScreen(elProjectsView: HTMLElement): void { const enterFullscreenBtn = document.querySelector('.screen-full'); const exitFullscreenBtn = document.querySelector('.screen-normal'); if (!enterFullscreenBtn || !exitFullscreenBtn) return; + const settingKey = 'projects-view-options'; + type ProjectsViewOptions = { + fullScreen: boolean; + }; + const opts = localUserSettings.getJsonObject(settingKey, {fullScreen: false}); const toggleFullscreenState = (isFullScreen: boolean) => { - toggleFullScreen('.projects-view', isFullScreen); + toggleFullScreen(elProjectsView, isFullScreen); toggleElem(enterFullscreenBtn, !isFullScreen); toggleElem(exitFullscreenBtn, isFullScreen); + + opts.fullScreen = isFullScreen; + localUserSettings.setJsonObject(settingKey, opts); }; enterFullscreenBtn.addEventListener('click', () => toggleFullscreenState(true)); exitFullscreenBtn.addEventListener('click', () => toggleFullscreenState(false)); + if (opts.fullScreen) { + // a temporary solution to remember the full screen state, not perfect, + // just make UX better than before, especially for users who need to change the label filter frequently and want to keep full screen mode. + toggleFullscreenState(true); + } } -export function initRepoProject(): void { - initRepoProjectToggleFullScreen(); +export function initRepoProjectsView(): void { + registerGlobalInitFunc('initRepoProjectsView', (elProjectsView) => { + initRepoProjectToggleFullScreen(elProjectsView); - const writableProjectBoard = document.querySelector('#project-board[data-project-board-writable="true"]'); - if (!writableProjectBoard) return; + const writableProjectBoard = document.querySelector('#project-board[data-project-board-writable="true"]'); + if (!writableProjectBoard) return; - initRepoProjectSortable(); // no await - initRepoProjectColumnEdit(writableProjectBoard); + initRepoProjectSortable(); // no await + initRepoProjectColumnEdit(writableProjectBoard); + }); } diff --git a/web_src/js/index.ts b/web_src/js/index.ts index d4d5ea6cfff..aac9cce5f60 100644 --- a/web_src/js/index.ts +++ b/web_src/js/index.ts @@ -9,7 +9,7 @@ import {initRepoGraphGit} from './features/repo-graph.ts'; import {initHeatmap} from './features/heatmap.ts'; import {initImageDiff} from './features/imagediff.ts'; import {initRepoMigration} from './features/repo-migration.ts'; -import {initRepoProject} from './features/repo-projects.ts'; +import {initRepoProjectsView} from './features/repo-projects.ts'; import {initTableSort} from './features/tablesort.ts'; import {initAdminUserListSearchForm} from './features/admin/users.ts'; import {initAdminConfigs} from './features/admin/config.ts'; @@ -132,7 +132,7 @@ const initPerformanceTracer = callInitFunctions([ initRepoIssueFilterItemLabel, initRepoMigration, initRepoMigrationStatusChecker, - initRepoProject, + initRepoProjectsView, initRepoPullRequestReview, initRepoReleaseNew, initRepoTopicBar, diff --git a/web_src/js/utils.ts b/web_src/js/utils.ts index 23bddc3b1c0..1ea201ab826 100644 --- a/web_src/js/utils.ts +++ b/web_src/js/utils.ts @@ -208,7 +208,7 @@ export function isVideoFile({name, type}: {name?: string, type?: string}): boole return Boolean(/\.(mpe?g|mp4|mkv|webm)$/i.test(name || '') || type?.startsWith('video/')); } -export function toggleFullScreen(fullscreenElementsSelector: string, isFullScreen: boolean, sourceParentSelector?: string): void { +export function toggleFullScreen(fullScreenEl: HTMLElement, isFullScreen: boolean, sourceParentSelector?: string): void { // hide other elements const headerEl = document.querySelector('#navbar')!; const contentEl = document.querySelector('.page-content')!; @@ -218,9 +218,8 @@ export function toggleFullScreen(fullscreenElementsSelector: string, isFullScree toggleElem(footerEl, !isFullScreen); const sourceParentEl = sourceParentSelector ? document.querySelector(sourceParentSelector)! : contentEl; - const fullScreenEl = document.querySelector(fullscreenElementsSelector)!; const outerEl = document.querySelector('.full.height')!; - toggleElemClass(fullscreenElementsSelector, 'fullscreen', isFullScreen); + toggleElemClass(fullScreenEl, 'fullscreen', isFullScreen); if (isFullScreen) { outerEl.append(fullScreenEl); } else {