From 4b84da5ab025e15924a3fd436958f4266cfd3e39 Mon Sep 17 00:00:00 2001 From: Andrew Thornton Date: Sat, 22 Feb 2020 15:21:07 +0000 Subject: [PATCH 01/16] Show Signer in commit lists and add basic trust Show the avatar of the signer in the commit list pages as we do not enforce that the signer is an author or committer. This makes it clearer who has signed the commit. Also display commits signed by non-members differently from members and in particular make it clear when a non-member signer is different from the committer to help reduce the risk of spoofing. Signed-off-by: Andrew Thornton --- models/gpg_key.go | 31 ++++++++++++++-- models/repo_collaboration.go | 18 +++++++++ options/locale/locale_en-US.ini | 2 + routers/private/hook.go | 2 - routers/repo/commit.go | 25 +++++++++++-- routers/repo/compare.go | 2 +- routers/repo/pull.go | 2 +- routers/repo/view.go | 20 +++++++++- routers/repo/wiki.go | 2 +- templates/repo/commit_page.tmpl | 10 ++++- templates/repo/commits_list.tmpl | 28 +++++++++----- templates/repo/view_list.tmpl | 25 +++++++++---- web_src/less/_repository.less | 64 +++++++++++++++++++++++++++++++- 13 files changed, 199 insertions(+), 32 deletions(-) diff --git a/models/gpg_key.go b/models/gpg_key.go index 643aa6822c0c9..9b1cd04f861c5 100644 --- a/models/gpg_key.go +++ b/models/gpg_key.go @@ -374,6 +374,7 @@ type CommitVerification struct { CommittingUser *User SigningEmail string SigningKey *GPGKey + TrustStatus string } // SignCommit represents a commit with validation of signature. @@ -759,17 +760,41 @@ func verifyWithGPGSettings(gpgSettings *git.GPGSettings, sig *packet.Signature, } // ParseCommitsWithSignature checks if signaute of commits are corresponding to users gpg keys. -func ParseCommitsWithSignature(oldCommits *list.List) *list.List { +func ParseCommitsWithSignature(oldCommits *list.List, repository *Repository) *list.List { var ( newCommits = list.New() e = oldCommits.Front() ) + memberMap := map[int64]bool{} + for e != nil { c := e.Value.(UserCommit) - newCommits.PushBack(SignCommit{ + signCommit := SignCommit{ UserCommit: &c, Verification: ParseCommitWithSignature(c.Commit), - }) + } + + if signCommit.Verification.Verified { + signCommit.Verification.TrustStatus = "trusted" + if signCommit.Verification.SigningUser.ID != 0 { + isMember, has := memberMap[signCommit.Verification.SigningUser.ID] + if !has { + // We can ignore the error here as isMember would return false and so the user would be listed as untrusted + isMember, _ = repository.IsOwnerMemberCollaborator(signCommit.Verification.SigningUser.ID) + memberMap[signCommit.Verification.SigningUser.ID] = isMember + } + if !isMember { + signCommit.Verification.TrustStatus = "untrusted" + if signCommit.Verification.CommittingUser.ID != signCommit.Verification.SigningUser.ID { + // The committing user and the signing user are not the same and are not the default key + // This should be marked as questionable unless the signing user is a collaborator/team member etc. + signCommit.Verification.TrustStatus = "unmatched" + } + } + } + } + + newCommits.PushBack(signCommit) e = e.Next() } return newCommits diff --git a/models/repo_collaboration.go b/models/repo_collaboration.go index 8c6ef36230370..91d45c1ae25c1 100644 --- a/models/repo_collaboration.go +++ b/models/repo_collaboration.go @@ -210,3 +210,21 @@ func (repo *Repository) getRepoTeams(e Engine) (teams []*Team, err error) { func (repo *Repository) GetRepoTeams() ([]*Team, error) { return repo.getRepoTeams(x) } + +// IsOwnerMemberCollaborator checks if a provided user is the owner, a collaborator or a member of a team in a repository +func (repo *Repository) IsOwnerMemberCollaborator(userID int64) (bool, error) { + if repo.OwnerID == userID { + return true, nil + } + teamMember, err := x.Join("INNER", "team_repo", "team_repo.team_id = team_user.team_id"). + Where("team_repo.repo_id = ?", repo.ID). + And("team_user.uid = ?", userID).Table("team_user").Exist(&TeamUser{}) + if err != nil { + return false, err + } + if teamMember { + return true, nil + } + + return x.Get(&Collaboration{RepoID: repo.ID, UserID: userID}) +} diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index 7fe7bf697dc55..9dfec6117b58f 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -808,6 +808,8 @@ commits.date = Date commits.older = Older commits.newer = Newer commits.signed_by = Signed by +commits.signed_by_untrusted_user = Signed by untrusted user +commits.signed_by_untrusted_user_unmatched = Signed by untrusted user who does not match committer commits.gpg_key_id = GPG Key ID ext_issues = Ext. Issues diff --git a/routers/private/hook.go b/routers/private/hook.go index 44e82ebe6c737..1d8cb4b48ec5e 100644 --- a/routers/private/hook.go +++ b/routers/private/hook.go @@ -90,10 +90,8 @@ func readAndVerifyCommit(sha string, repo *git.Repository, env []string) error { if err != nil { return err } - log.Info("have commit %s", commit.ID.String()) verification := models.ParseCommitWithSignature(commit) if !verification.Verified { - log.Info("unverified commit %s", commit.ID.String()) cancel() return &errUnverifiedCommit{ commit.ID.String(), diff --git a/routers/repo/commit.go b/routers/repo/commit.go index b2fa2790bcd8f..6b805e9e2dcd3 100644 --- a/routers/repo/commit.go +++ b/routers/repo/commit.go @@ -70,7 +70,7 @@ func Commits(ctx *context.Context) { return } commits = models.ValidateCommitsWithEmails(commits) - commits = models.ParseCommitsWithSignature(commits) + commits = models.ParseCommitsWithSignature(commits, ctx.Repo.Repository) commits = models.ParseCommitsWithStatus(commits, ctx.Repo.Repository) ctx.Data["Commits"] = commits @@ -139,7 +139,7 @@ func SearchCommits(ctx *context.Context) { return } commits = models.ValidateCommitsWithEmails(commits) - commits = models.ParseCommitsWithSignature(commits) + commits = models.ParseCommitsWithSignature(commits, ctx.Repo.Repository) commits = models.ParseCommitsWithStatus(commits, ctx.Repo.Repository) ctx.Data["Commits"] = commits @@ -185,7 +185,7 @@ func FileHistory(ctx *context.Context) { return } commits = models.ValidateCommitsWithEmails(commits) - commits = models.ParseCommitsWithSignature(commits) + commits = models.ParseCommitsWithSignature(commits, ctx.Repo.Repository) commits = models.ParseCommitsWithStatus(commits, ctx.Repo.Repository) ctx.Data["Commits"] = commits @@ -269,12 +269,29 @@ func Diff(ctx *context.Context) { setPathsCompareContext(ctx, parentCommit, commit, headTarget) ctx.Data["Title"] = commit.Summary() + " · " + base.ShortSha(commitID) ctx.Data["Commit"] = commit - ctx.Data["Verification"] = models.ParseCommitWithSignature(commit) + verification := models.ParseCommitWithSignature(commit) + ctx.Data["Verification"] = verification ctx.Data["Author"] = models.ValidateCommitWithEmail(commit) ctx.Data["Diff"] = diff ctx.Data["Parents"] = parents ctx.Data["DiffNotAvailable"] = diff.NumFiles() == 0 + verification.TrustStatus = "trusted" + if verification.Verified && verification.SigningUser.ID != 0 { + trusted, err := ctx.Repo.Repository.IsOwnerMemberCollaborator(verification.SigningUser.ID) + if err != nil { + ctx.ServerError("IsOwnerMemberCollaborator", err) + return + } + if !trusted { + verification.TrustStatus = "untrusted" + if verification.CommittingUser.ID != verification.SigningUser.ID { + // The committing user and the signing user are not the same and are not the default key + // This should be marked as questionable unless the signing user is a collaborator/team member etc. + verification.TrustStatus = "unmatched" + } + } + } note := &git.Note{} err = git.GetNote(ctx.Repo.GitRepo, commitID, note) if err == nil { diff --git a/routers/repo/compare.go b/routers/repo/compare.go index 833b7d91829af..d7fddc45587cf 100644 --- a/routers/repo/compare.go +++ b/routers/repo/compare.go @@ -316,7 +316,7 @@ func PrepareCompareDiff( } compareInfo.Commits = models.ValidateCommitsWithEmails(compareInfo.Commits) - compareInfo.Commits = models.ParseCommitsWithSignature(compareInfo.Commits) + compareInfo.Commits = models.ParseCommitsWithSignature(compareInfo.Commits, headRepo) compareInfo.Commits = models.ParseCommitsWithStatus(compareInfo.Commits, headRepo) ctx.Data["Commits"] = compareInfo.Commits ctx.Data["CommitCount"] = compareInfo.Commits.Len() diff --git a/routers/repo/pull.go b/routers/repo/pull.go index 11c376be7e639..92538945b0241 100644 --- a/routers/repo/pull.go +++ b/routers/repo/pull.go @@ -495,7 +495,7 @@ func ViewPullCommits(ctx *context.Context) { ctx.Data["Reponame"] = ctx.Repo.Repository.Name commits = prInfo.Commits commits = models.ValidateCommitsWithEmails(commits) - commits = models.ParseCommitsWithSignature(commits) + commits = models.ParseCommitsWithSignature(commits, ctx.Repo.Repository) commits = models.ParseCommitsWithStatus(commits, ctx.Repo.Repository) ctx.Data["Commits"] = commits ctx.Data["CommitCount"] = commits.Len() diff --git a/routers/repo/view.go b/routers/repo/view.go index 8364b1636b2be..180136d9fbbde 100644 --- a/routers/repo/view.go +++ b/routers/repo/view.go @@ -333,7 +333,25 @@ func renderDirectory(ctx *context.Context, treeLink string) { // Show latest commit info of repository in table header, // or of directory if not in root directory. ctx.Data["LatestCommit"] = latestCommit - ctx.Data["LatestCommitVerification"] = models.ParseCommitWithSignature(latestCommit) + verification := models.ParseCommitWithSignature(latestCommit) + + ctx.Data["LatestCommitVerification"] = verification + verification.TrustStatus = "trusted" + if verification.Verified && verification.SigningUser.ID != 0 { + trusted, err := ctx.Repo.Repository.IsOwnerMemberCollaborator(verification.SigningUser.ID) + if err != nil { + ctx.ServerError("IsOwnerMemberCollaborator", err) + return + } + if !trusted { + verification.TrustStatus = "untrusted" + if verification.CommittingUser.ID != verification.SigningUser.ID { + // The committing user and the signing user are not the same and are not the default key + // This should be marked as questionable unless the signing user is a collaborator/team member etc. + verification.TrustStatus = "unmatched" + } + } + } ctx.Data["LatestCommitUser"] = models.ValidateCommitWithEmail(latestCommit) statuses, err := models.GetLatestCommitStatus(ctx.Repo.Repository, ctx.Repo.Commit.ID.String(), 0) diff --git a/routers/repo/wiki.go b/routers/repo/wiki.go index f18625a59972a..a01498fb0a1aa 100644 --- a/routers/repo/wiki.go +++ b/routers/repo/wiki.go @@ -284,7 +284,7 @@ func renderRevisionPage(ctx *context.Context) (*git.Repository, *git.TreeEntry) return nil, nil } commitsHistory = models.ValidateCommitsWithEmails(commitsHistory) - commitsHistory = models.ParseCommitsWithSignature(commitsHistory) + commitsHistory = models.ParseCommitsWithSignature(commitsHistory, ctx.Repo.Repository) ctx.Data["Commits"] = commitsHistory diff --git a/templates/repo/commit_page.tmpl b/templates/repo/commit_page.tmpl index 0c3430c6acde7..25bf7c235dcad 100644 --- a/templates/repo/commit_page.tmpl +++ b/templates/repo/commit_page.tmpl @@ -61,8 +61,14 @@ {{if .Verification.Verified }}
{{if ne .Verification.SigningUser.ID 0}} - - {{.i18n.Tr "repo.commits.signed_by"}}: + + {{if eq .Verification.TrustStatus "trusted"}} + {{.i18n.Tr "repo.commits.signed_by"}}: + {{else if eq .Verification.TrustStatus "untrusted"}} + {{.i18n.Tr "repo.commits.signed_by_untrusted_user"}}: + {{else}} + {{.i18n.Tr "repo.commits.signed_by_untrusted_user"}}: + {{end}} {{.Verification.SigningUser.Name}} <{{.Verification.SigningEmail}}> {{.i18n.Tr "repo.commits.gpg_key_id"}}: {{.Verification.SigningKey.KeyID}} diff --git a/templates/repo/commits_list.tmpl b/templates/repo/commits_list.tmpl index 01096f2085dcf..50f8b08623743 100644 --- a/templates/repo/commits_list.tmpl +++ b/templates/repo/commits_list.tmpl @@ -28,7 +28,13 @@ {{if .Signature}} {{$class = (printf "%s%s" $class " isSigned")}} {{if .Verification.Verified}} - {{$class = (printf "%s%s" $class " isVerified")}} + {{if eq .Verification.TrustStatus "trusted"}} + {{$class = (printf "%s%s" $class " isVerified")}} + {{else if eq .Verification.TrustStatus "untrusted"}} + {{$class = (printf "%s%s" $class " isVerifiedUntrusted")}} + {{else}} + {{$class = (printf "%s%s" $class " isVerifiedUnmatched")}} + {{end}} {{else if .Verification.Warning}} {{$class = (printf "%s%s" $class " isWarning")}} {{end}} @@ -42,14 +48,18 @@ {{if .Signature}}
{{if .Verification.Verified}} - {{if ne .Verification.SigningUser.ID 0}} - - {{else}} - - - - - {{end}} +
+ {{if ne .Verification.SigningUser.ID 0}} + + + {{else}} + + + + + + {{end}} +
{{else if .Verification.Warning}} {{else}} diff --git a/templates/repo/view_list.tmpl b/templates/repo/view_list.tmpl index e8163787f55fa..f54fd500940e1 100644 --- a/templates/repo/view_list.tmpl +++ b/templates/repo/view_list.tmpl @@ -15,16 +15,27 @@ {{.LatestCommit.Author.Name}} {{end}} {{end}} - + {{ShortSha .LatestCommit.ID.String}} {{if .LatestCommit.Signature}} -
- {{if .LatestCommitVerification.Verified}} - - {{else}} + {{if .LatestCommitVerification.Verified}} +
+ + {{if ne .LatestCommitVerification.SigningUser.ID 0}} + + {{else}} + + {{end}} +
+ {{else if .LatestCommitVerification.Warning}} +
+ +
+ {{else}} +
- {{end}} -
+
+ {{end}} {{end}} {{template "repo/commit_status" .LatestCommitStatus}} diff --git a/web_src/less/_repository.less b/web_src/less/_repository.less index d0163b49e52d8..5aa8130cb9fb9 100644 --- a/web_src/less/_repository.less +++ b/web_src/less/_repository.less @@ -1234,7 +1234,7 @@ text-align: center; } - width: 140px; + width: 175px; } } @@ -1255,6 +1255,12 @@ #repo-files-table .sha.label { border: 1px solid #bbbbbb; + .ui.signature.avatar { + height: 16px; + margin-bottom: 0; + width: auto; + } + .detail.icon { background: #fafafa; margin: -6px -10px -4px 0; @@ -1285,6 +1291,32 @@ background: fade(#21ba45, 30%) !important; } } + + &.isSigned.isVerifiedUntrusted { + border: 1px solid #fbbd08; + background: fade(#fbbd08, 10%); + + .detail.icon { + border-left: 1px solid #fbbd08; + } + + &:hover { + background: fade(#fbbd08, 30%) !important; + } + } + + &.isSigned.isVerifiedUnmatched { + border: 1px solid #f2711c; + background: fade(#f2711c, 10%); + + .detail.icon { + border-left: 1px solid #f2711c; + } + + &:hover { + background: fade(#f2711c, 30%) !important; + } + } } .diff-detail-box { @@ -1908,6 +1940,36 @@ } } + .ui.attached.isSigned.isVerifiedUntrusted { + &:not(.positive) { + border-left: 1px solid #c2c193; + border-right: 1px solid #c2c193; + } + + &.top:not(.positive) { + border-top: 1px solid #c2c193; + } + + &:not(.positive):last-child { + border-bottom: 1px solid #c2c193; + } + } + + .ui.attached.isSigned.isVerifiedUnmatched { + &:not(.positive) { + border-left: 1px solid #c2a893; + border-right: 1px solid #c2a893; + } + + &.top:not(.positive) { + border-top: 1px solid #c2a893; + } + + &:not(.positive):last-child { + border-bottom: 1px solid #c2a893; + } + } + .ui.segment.sub-menu { padding: 7px; line-height: 0; From 04eda8ba2b034e4dd766deade2ad4b1bc5dcdc0a Mon Sep 17 00:00:00 2001 From: Andrew Thornton Date: Sun, 23 Feb 2020 15:37:57 +0000 Subject: [PATCH 02/16] ensure orange text and background is available Signed-off-by: Andrew Thornton --- web_src/less/_base.less | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/web_src/less/_base.less b/web_src/less/_base.less index 3e7e16c63546e..7e3726a99afec 100644 --- a/web_src/less/_base.less +++ b/web_src/less/_base.less @@ -443,6 +443,10 @@ code, color: #fbbd08 !important; } + &.orange { + color: #f2711c !important; + } + &.gold { color: #a1882b !important; } @@ -640,6 +644,10 @@ code, background-color: #fbbf09 !important; } + &.orange { + background-color: #f2711c !important; + } + &.gold { background-color: #a1882b !important; } @@ -691,6 +699,10 @@ code, border-color: #fbbd08 !important; } + &.orange { + border-color: #f2711c !important; + } + &.gold { border-color: #a1882b !important; } From ed3ee731f4ec258336a8e4ca9db02434ef46bf55 Mon Sep 17 00:00:00 2001 From: Andrew Thornton Date: Sun, 23 Feb 2020 19:10:28 +0000 Subject: [PATCH 03/16] adjust colors Signed-off-by: Andrew Thornton --- templates/repo/commit_page.tmpl | 69 ++++++++------- templates/repo/commits_list.tmpl | 6 +- templates/repo/view_list.tmpl | 10 +-- web_src/less/_repository.less | 103 +++++++++++++++++++---- web_src/less/themes/theme-arc-green.less | 63 ++++++++++++++ 5 files changed, 195 insertions(+), 56 deletions(-) diff --git a/templates/repo/commit_page.tmpl b/templates/repo/commit_page.tmpl index 25bf7c235dcad..1cfd0944d513b 100644 --- a/templates/repo/commit_page.tmpl +++ b/templates/repo/commit_page.tmpl @@ -2,7 +2,22 @@
{{template "repo/header" .}}
-
+ {{$class := ""}} + {{if .Commit.Signature}} + {{$class = (printf "%s%s" $class " isSigned")}} + {{if .Verification.Verified}} + {{if eq .Verification.TrustStatus "trusted"}} + {{$class = (printf "%s%s" $class " isVerified")}} + {{else if eq .Verification.TrustStatus "untrusted"}} + {{$class = (printf "%s%s" $class " isVerifiedUntrusted")}} + {{else}} + {{$class = (printf "%s%s" $class " isVerifiedUnmatched")}} + {{end}} + {{else if .Verification.Warning}} + {{$class = (printf "%s%s" $class " isWarning")}} + {{end}} + {{end}} +
{{.i18n.Tr "repo.diff.browse_source"}} @@ -12,15 +27,15 @@ {{end}} {{svg "octicon-git-branch" 16}}{{.BranchName}}
-
+
{{if .Author}} {{if .Author.FullName}} - {{.Author.FullName}} {{if .IsSigned}}<{{.Commit.Author.Email}}>{{end}} + {{.Author.FullName}} {{if .IsSigned}}<{{.Commit.Author.Email}}>{{end}} {{else}} - {{.Commit.Author.Name}} {{if .IsSigned}}<{{.Commit.Author.Email}}>{{end}} + {{.Commit.Author.Name}} {{if .IsSigned}}<{{.Commit.Author.Email}}>{{end}} {{end}} {{else}} @@ -30,7 +45,7 @@ {{if ne .Verification.CommittingUser.ID 0}} - {{.Commit.Committer.Name}} <{{.Commit.Committer.Email}}> + {{.Commit.Committer.Name}} <{{.Commit.Committer.Email}}> {{else}} {{.Commit.Committer.Name}} @@ -58,46 +73,42 @@
{{if .Commit.Signature}} - {{if .Verification.Verified }} -
+
+ {{if .Verification.Verified }} {{if ne .Verification.SigningUser.ID 0}} - + {{if eq .Verification.TrustStatus "trusted"}} - {{.i18n.Tr "repo.commits.signed_by"}}: + {{.i18n.Tr "repo.commits.signed_by"}}: {{else if eq .Verification.TrustStatus "untrusted"}} - {{.i18n.Tr "repo.commits.signed_by_untrusted_user"}}: + {{.i18n.Tr "repo.commits.signed_by_untrusted_user"}}: {{else}} - {{.i18n.Tr "repo.commits.signed_by_untrusted_user"}}: + {{.i18n.Tr "repo.commits.signed_by_untrusted_user_unmatched"}}: {{end}} - {{.Verification.SigningUser.Name}} <{{.Verification.SigningEmail}}> - {{.i18n.Tr "repo.commits.gpg_key_id"}}: {{.Verification.SigningKey.KeyID}} + {{.Verification.SigningUser.Name}} <{{.Verification.SigningEmail}}> + {{.i18n.Tr "repo.commits.gpg_key_id"}}: {{.Verification.SigningKey.KeyID}} {{else}} - + - {{.i18n.Tr "repo.commits.signed_by"}}: + {{.i18n.Tr "repo.commits.signed_by"}}: {{.Verification.SigningUser.Name}} <{{.Verification.SigningEmail}}> - {{.i18n.Tr "repo.commits.gpg_key_id"}}: {{.Verification.SigningKey.KeyID}} + {{.i18n.Tr "repo.commits.gpg_key_id"}}: {{.Verification.SigningKey.KeyID}} {{end}} -
- {{else if .Verification.Warning}} -
- - {{.i18n.Tr .Verification.Reason}} - {{.i18n.Tr "repo.commits.gpg_key_id"}}: {{.Verification.SigningKey.KeyID}} -
- {{else}} -
- + {{else if .Verification.Warning}} + + {{.i18n.Tr .Verification.Reason}} + {{.i18n.Tr "repo.commits.gpg_key_id"}}: {{.Verification.SigningKey.KeyID}} + {{else}} + {{.i18n.Tr .Verification.Reason}} {{if and .Verification.SigningKey (ne .Verification.SigningKey.KeyID "")}} - {{.i18n.Tr "repo.commits.gpg_key_id"}}: {{.Verification.SigningKey.KeyID}} + {{.i18n.Tr "repo.commits.gpg_key_id"}}: {{.Verification.SigningKey.KeyID}} {{end}} -
- {{end}} + {{end}} +
{{end}} {{if .Note}}
diff --git a/templates/repo/commits_list.tmpl b/templates/repo/commits_list.tmpl index 50f8b08623743..73f83bb02062a 100644 --- a/templates/repo/commits_list.tmpl +++ b/templates/repo/commits_list.tmpl @@ -50,18 +50,16 @@ {{if .Verification.Verified}}
{{if ne .Verification.SigningUser.ID 0}} - + {{else}} - + {{end}}
- {{else if .Verification.Warning}} - {{else}} {{end}} diff --git a/templates/repo/view_list.tmpl b/templates/repo/view_list.tmpl index f54fd500940e1..dbf0651381896 100644 --- a/templates/repo/view_list.tmpl +++ b/templates/repo/view_list.tmpl @@ -20,17 +20,17 @@ {{if .LatestCommit.Signature}} {{if .LatestCommitVerification.Verified}}
- {{if ne .LatestCommitVerification.SigningUser.ID 0}} + {{else}} + + + + {{end}}
- {{else if .LatestCommitVerification.Warning}} -
- -
{{else}}
diff --git a/web_src/less/_repository.less b/web_src/less/_repository.less index 5aa8130cb9fb9..a9a15dd6e0218 100644 --- a/web_src/less/_repository.less +++ b/web_src/less/_repository.less @@ -1276,6 +1276,7 @@ .detail.icon { border-left: 1px solid fade(#db2828, 50%); + color: #db2828; } } @@ -1285,6 +1286,7 @@ .detail.icon { border-left: 1px solid #21ba45; + color: #21ba45; } &:hover { @@ -1298,6 +1300,7 @@ .detail.icon { border-left: 1px solid #fbbd08; + color: #fbbd08; } &:hover { @@ -1311,6 +1314,7 @@ .detail.icon { border-left: 1px solid #f2711c; + color: #f2711c; } &:hover { @@ -1925,47 +1929,110 @@ } } - .ui.attached.isSigned.isVerified { - &:not(.positive) { - border-left: 1px solid #a3c293; - border-right: 1px solid #a3c293; + .ui.attached.isSigned.isWarning { + border-left: 1px solid #c29393; + border-right: 1px solid #c29393; + + &.top, + &.message { + border-top: 1px solid #c29393; + } + + &.message { + box-shadow: none; + background-color: #fff5f5; + color: #d95c5c; + + .ui.text { + color: #d64444; + } + } + + &:last-child, + &.bottom { + border-bottom: 1px solid #c29393; } + } + + .ui.attached.isSigned:not(.isWarning) .pull-right { + padding-top: 5px; + } - &.top:not(.positive) { + .ui.attached.isSigned.isVerified { + border-left: 1px solid #a3c293; + border-right: 1px solid #a3c293; + + &.top, + &.message { border-top: 1px solid #a3c293; } - &:not(.positive):last-child { + &.message { + box-shadow: none; + background-color: #fcfff5; + color: #6cc644; + + .pull-right { + color: #000; + } + + .ui.text { + color: #21ba45; + } + } + + &:last-child, + &.bottom { border-bottom: 1px solid #a3c293; } } .ui.attached.isSigned.isVerifiedUntrusted { - &:not(.positive) { - border-left: 1px solid #c2c193; - border-right: 1px solid #c2c193; - } + border-left: 1px solid #c2c193; + border-right: 1px solid #c2c193; - &.top:not(.positive) { + &.top, + &.message { border-top: 1px solid #c2c193; } - &:not(.positive):last-child { + &.message { + box-shadow: none; + background-color: #fffff5; + color: #fbbd08; + + .ui.text { + color: #d2ab00; + } + } + + &:last-child, + &.bottom { border-bottom: 1px solid #c2c193; } } .ui.attached.isSigned.isVerifiedUnmatched { - &:not(.positive) { - border-left: 1px solid #c2a893; - border-right: 1px solid #c2a893; - } + border-left: 1px solid #c2a893; + border-right: 1px solid #c2a893; - &.top:not(.positive) { + &.top, + &.message { border-top: 1px solid #c2a893; } - &:not(.positive):last-child { + &.message { + box-shadow: none; + background-color: #fffaf5; + color: #f2711c; + + .ui.text { + color: #ee5f00; + } + } + + &:last-child, + &.bottom { border-bottom: 1px solid #c2a893; } } diff --git a/web_src/less/themes/theme-arc-green.less b/web_src/less/themes/theme-arc-green.less index cee4ba5d92a0d..11e3b66d24a75 100644 --- a/web_src/less/themes/theme-arc-green.less +++ b/web_src/less/themes/theme-arc-green.less @@ -1156,6 +1156,64 @@ a.ui.labels .label:hover { border-left-color: #888; } +.repository .ui.attached.message.isSigned.isVerified { + background-color: #394829; + color: #9e9e9e; + + &.message { + color: #87ab63; + .ui.text { + color: #9e9e9e; + } + .pull-right { + color: #87ab63; + } + } +} + +.repository .ui.attached.message.isSigned.isVerifiedUntrusted { + background-color: #4a3903; + color: #9e9e9e; + &.message { + color: #c2c193; + .ui.text { + color: #9e9e9e; + } + .pull-right, + a { + color: #c2c193; + } + } +} + +.repository .ui.attached.message.isSigned.isVerifiedUnmatched { + background-color: #4e3321; + color: #9e9e9e; + &.message { + color: #c2a893; + .ui.text { + color: #9e9e9e; + } + .pull-right, + a { + color: #c2a893; + } + } +} + +.repository .ui.attached.message.isSigned.isWarning { + background-color: rgba(80, 23, 17, 0.6); + &.message { + color: #d07d7d; + .ui.text { + color: #d07d7d; + } + .pull-right { + color: #9e9e9e; + } + } +} + .repository .label.list .item { border-bottom: 1px dashed #4c505c; } @@ -1166,6 +1224,11 @@ a.ui.labels .label:hover { color: #87ab63 !important; } +.ui.text.yellow, +.yellow.icon.icon.icon { + color: #e4ac07 !important; +} + .repository .diff-file-box .code-diff-split tbody tr.add-code td:nth-child(1), .repository .diff-file-box .code-diff-split tbody tr.add-code td:nth-child(2), .repository .diff-file-box .code-diff-split tbody tr.add-code td:nth-child(3), From 669bb7216c7fffa899b7345a592de30182b52caf Mon Sep 17 00:00:00 2001 From: Andrew Thornton Date: Sun, 23 Feb 2020 19:46:32 +0000 Subject: [PATCH 04/16] placate latest ci Signed-off-by: Andrew Thornton --- web_src/less/themes/theme-arc-green.less | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web_src/less/themes/theme-arc-green.less b/web_src/less/themes/theme-arc-green.less index 11e3b66d24a75..87b8cc3e5f8d9 100644 --- a/web_src/less/themes/theme-arc-green.less +++ b/web_src/less/themes/theme-arc-green.less @@ -1202,7 +1202,7 @@ a.ui.labels .label:hover { } .repository .ui.attached.message.isSigned.isWarning { - background-color: rgba(80, 23, 17, 0.6); + background-color: rgba(80, 23, 17, .6); &.message { color: #d07d7d; .ui.text { From 148bab65fc2aad9f2609e6fbaf8d721c9693b78f Mon Sep 17 00:00:00 2001 From: Andrew Thornton Date: Sun, 23 Feb 2020 22:09:19 +0000 Subject: [PATCH 05/16] reduce code copying Signed-off-by: Andrew Thornton --- models/gpg_key.go | 44 +++++++++++++++++++++++++++--------------- routers/repo/commit.go | 19 ++++-------------- routers/repo/view.go | 19 ++++-------------- 3 files changed, 36 insertions(+), 46 deletions(-) diff --git a/models/gpg_key.go b/models/gpg_key.go index 9b1cd04f861c5..d90c5e7ebf4cb 100644 --- a/models/gpg_key.go +++ b/models/gpg_key.go @@ -774,28 +774,40 @@ func ParseCommitsWithSignature(oldCommits *list.List, repository *Repository) *l Verification: ParseCommitWithSignature(c.Commit), } - if signCommit.Verification.Verified { - signCommit.Verification.TrustStatus = "trusted" - if signCommit.Verification.SigningUser.ID != 0 { - isMember, has := memberMap[signCommit.Verification.SigningUser.ID] + _ = CalculateTrustStatus(signCommit.Verification, repository, &memberMap) + + newCommits.PushBack(signCommit) + e = e.Next() + } + return newCommits +} + +// CalculateTrustStatus will calculate the TrustStatus for a commit verification within a repository +func CalculateTrustStatus(verification *CommitVerification, repository *Repository, memberMap *map[int64]bool) (err error) { + if verification.Verified { + verification.TrustStatus = "trusted" + if verification.SigningUser.ID != 0 { + var isMember bool + if memberMap != nil { + var has bool + isMember, has = memberMap[signCommit.Verification.SigningUser.ID] if !has { // We can ignore the error here as isMember would return false and so the user would be listed as untrusted - isMember, _ = repository.IsOwnerMemberCollaborator(signCommit.Verification.SigningUser.ID) + isMember, err = repository.IsOwnerMemberCollaborator(signCommit.Verification.SigningUser.ID) memberMap[signCommit.Verification.SigningUser.ID] = isMember } - if !isMember { - signCommit.Verification.TrustStatus = "untrusted" - if signCommit.Verification.CommittingUser.ID != signCommit.Verification.SigningUser.ID { - // The committing user and the signing user are not the same and are not the default key - // This should be marked as questionable unless the signing user is a collaborator/team member etc. - signCommit.Verification.TrustStatus = "unmatched" - } + } else { + isMember, err = repository.IsOwnerMemberCollaborator(signCommit.Verification.SigningUser.ID) + } + + if !isMember { + signCommit.Verification.TrustStatus = "untrusted" + if signCommit.Verification.CommittingUser.ID != signCommit.Verification.SigningUser.ID { + // The committing user and the signing user are not the same and are not the default key + // This should be marked as questionable unless the signing user is a collaborator/team member etc. + signCommit.Verification.TrustStatus = "unmatched" } } } - - newCommits.PushBack(signCommit) - e = e.Next() } - return newCommits } diff --git a/routers/repo/commit.go b/routers/repo/commit.go index 6b805e9e2dcd3..bc671cbcd86a1 100644 --- a/routers/repo/commit.go +++ b/routers/repo/commit.go @@ -276,22 +276,11 @@ func Diff(ctx *context.Context) { ctx.Data["Parents"] = parents ctx.Data["DiffNotAvailable"] = diff.NumFiles() == 0 - verification.TrustStatus = "trusted" - if verification.Verified && verification.SigningUser.ID != 0 { - trusted, err := ctx.Repo.Repository.IsOwnerMemberCollaborator(verification.SigningUser.ID) - if err != nil { - ctx.ServerError("IsOwnerMemberCollaborator", err) - return - } - if !trusted { - verification.TrustStatus = "untrusted" - if verification.CommittingUser.ID != verification.SigningUser.ID { - // The committing user and the signing user are not the same and are not the default key - // This should be marked as questionable unless the signing user is a collaborator/team member etc. - verification.TrustStatus = "unmatched" - } - } + if err := models.CalculateTrustStatus(verification, ctx.Repo.Repository, nil); err != nil { + ctx.ServerError("IsOwnerMemberCollaborator", err) + return } + note := &git.Note{} err = git.GetNote(ctx.Repo.GitRepo, commitID, note) if err == nil { diff --git a/routers/repo/view.go b/routers/repo/view.go index 180136d9fbbde..2be9f0ff546be 100644 --- a/routers/repo/view.go +++ b/routers/repo/view.go @@ -336,22 +336,11 @@ func renderDirectory(ctx *context.Context, treeLink string) { verification := models.ParseCommitWithSignature(latestCommit) ctx.Data["LatestCommitVerification"] = verification - verification.TrustStatus = "trusted" - if verification.Verified && verification.SigningUser.ID != 0 { - trusted, err := ctx.Repo.Repository.IsOwnerMemberCollaborator(verification.SigningUser.ID) - if err != nil { - ctx.ServerError("IsOwnerMemberCollaborator", err) - return - } - if !trusted { - verification.TrustStatus = "untrusted" - if verification.CommittingUser.ID != verification.SigningUser.ID { - // The committing user and the signing user are not the same and are not the default key - // This should be marked as questionable unless the signing user is a collaborator/team member etc. - verification.TrustStatus = "unmatched" - } - } + if err := models.CalculateTrustStatus(verification, ctx.Repo.Repository, nil); err != nil { + ctx.ServerError("IsOwnerMemberCollaborator", err) + return } + ctx.Data["LatestCommitUser"] = models.ValidateCommitWithEmail(latestCommit) statuses, err := models.GetLatestCommitStatus(ctx.Repo.Repository, ctx.Repo.Commit.ID.String(), 0) From 6944077b56de021f77528ce2c30feb53c032c5c4 Mon Sep 17 00:00:00 2001 From: zeripath Date: Sun, 23 Feb 2020 23:12:44 +0000 Subject: [PATCH 06/16] Update gpg_key.go --- models/gpg_key.go | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/models/gpg_key.go b/models/gpg_key.go index d90c5e7ebf4cb..2a54dcc01344b 100644 --- a/models/gpg_key.go +++ b/models/gpg_key.go @@ -790,22 +790,22 @@ func CalculateTrustStatus(verification *CommitVerification, repository *Reposito var isMember bool if memberMap != nil { var has bool - isMember, has = memberMap[signCommit.Verification.SigningUser.ID] + isMember, has = memberMap[verification.SigningUser.ID] if !has { // We can ignore the error here as isMember would return false and so the user would be listed as untrusted - isMember, err = repository.IsOwnerMemberCollaborator(signCommit.Verification.SigningUser.ID) - memberMap[signCommit.Verification.SigningUser.ID] = isMember + isMember, err = repository.IsOwnerMemberCollaborator(verification.SigningUser.ID) + memberMap[verification.SigningUser.ID] = isMember } } else { - isMember, err = repository.IsOwnerMemberCollaborator(signCommit.Verification.SigningUser.ID) + isMember, err = repository.IsOwnerMemberCollaborator(verification.SigningUser.ID) } if !isMember { - signCommit.Verification.TrustStatus = "untrusted" - if signCommit.Verification.CommittingUser.ID != signCommit.Verification.SigningUser.ID { + verification.TrustStatus = "untrusted" + if verification.CommittingUser.ID != verification.SigningUser.ID { // The committing user and the signing user are not the same and are not the default key // This should be marked as questionable unless the signing user is a collaborator/team member etc. - signCommit.Verification.TrustStatus = "unmatched" + verification.TrustStatus = "unmatched" } } } From c6f726404f669a11e39f171d76a56df6150b6bf5 Mon Sep 17 00:00:00 2001 From: zeripath Date: Sun, 23 Feb 2020 23:14:34 +0000 Subject: [PATCH 07/16] Update models/gpg_key.go --- models/gpg_key.go | 1 + 1 file changed, 1 insertion(+) diff --git a/models/gpg_key.go b/models/gpg_key.go index 2a54dcc01344b..5c33efe2ce9af 100644 --- a/models/gpg_key.go +++ b/models/gpg_key.go @@ -810,4 +810,5 @@ func CalculateTrustStatus(verification *CommitVerification, repository *Reposito } } } + return } From 1257233a61b9f8bd846c0b0634a3c0d2a1c5b992 Mon Sep 17 00:00:00 2001 From: zeripath Date: Sun, 23 Feb 2020 23:23:13 +0000 Subject: [PATCH 08/16] Apply suggestions from code review --- models/gpg_key.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/models/gpg_key.go b/models/gpg_key.go index 5c33efe2ce9af..6b5c13bd0f80e 100644 --- a/models/gpg_key.go +++ b/models/gpg_key.go @@ -790,11 +790,11 @@ func CalculateTrustStatus(verification *CommitVerification, repository *Reposito var isMember bool if memberMap != nil { var has bool - isMember, has = memberMap[verification.SigningUser.ID] + isMember, has = *memberMap[verification.SigningUser.ID] if !has { // We can ignore the error here as isMember would return false and so the user would be listed as untrusted isMember, err = repository.IsOwnerMemberCollaborator(verification.SigningUser.ID) - memberMap[verification.SigningUser.ID] = isMember + *memberMap[verification.SigningUser.ID] = isMember } } else { isMember, err = repository.IsOwnerMemberCollaborator(verification.SigningUser.ID) From 08305478ecb579e4e44e8778305d625d099b1ac5 Mon Sep 17 00:00:00 2001 From: zeripath Date: Sun, 23 Feb 2020 23:31:20 +0000 Subject: [PATCH 09/16] Apply suggestions from code review --- models/gpg_key.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/models/gpg_key.go b/models/gpg_key.go index 6b5c13bd0f80e..53576609fb357 100644 --- a/models/gpg_key.go +++ b/models/gpg_key.go @@ -790,11 +790,11 @@ func CalculateTrustStatus(verification *CommitVerification, repository *Reposito var isMember bool if memberMap != nil { var has bool - isMember, has = *memberMap[verification.SigningUser.ID] + isMember, has = (*memberMap)[verification.SigningUser.ID] if !has { // We can ignore the error here as isMember would return false and so the user would be listed as untrusted isMember, err = repository.IsOwnerMemberCollaborator(verification.SigningUser.ID) - *memberMap[verification.SigningUser.ID] = isMember + (*memberMap)[verification.SigningUser.ID] = isMember } } else { isMember, err = repository.IsOwnerMemberCollaborator(verification.SigningUser.ID) From 529ab12f1ed76968bab7ab2fd41476f0de519901 Mon Sep 17 00:00:00 2001 From: Andrew Thornton Date: Wed, 26 Feb 2020 18:25:51 +0000 Subject: [PATCH 10/16] Require team collaborators to have access to UnitTypeCode --- models/repo_collaboration.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/models/repo_collaboration.go b/models/repo_collaboration.go index 91d45c1ae25c1..85bc99f32034c 100644 --- a/models/repo_collaboration.go +++ b/models/repo_collaboration.go @@ -217,7 +217,9 @@ func (repo *Repository) IsOwnerMemberCollaborator(userID int64) (bool, error) { return true, nil } teamMember, err := x.Join("INNER", "team_repo", "team_repo.team_id = team_user.team_id"). + Join("INNER", "team_unit", "team_unit.team_id = team_user.team_id"). Where("team_repo.repo_id = ?", repo.ID). + And("team_unit.`type` = ?", UnitTypeCode). And("team_user.uid = ?", userID).Table("team_user").Exist(&TeamUser{}) if err != nil { return false, err From 82cdca79699323e06a2152bd2f11c86e51b761c8 Mon Sep 17 00:00:00 2001 From: Andrew Thornton Date: Wed, 26 Feb 2020 18:28:32 +0000 Subject: [PATCH 11/16] as per @6543 --- routers/repo/view.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/routers/repo/view.go b/routers/repo/view.go index 2be9f0ff546be..887e3b9b82c35 100644 --- a/routers/repo/view.go +++ b/routers/repo/view.go @@ -335,11 +335,11 @@ func renderDirectory(ctx *context.Context, treeLink string) { ctx.Data["LatestCommit"] = latestCommit verification := models.ParseCommitWithSignature(latestCommit) - ctx.Data["LatestCommitVerification"] = verification if err := models.CalculateTrustStatus(verification, ctx.Repo.Repository, nil); err != nil { ctx.ServerError("IsOwnerMemberCollaborator", err) return } + ctx.Data["LatestCommitVerification"] = verification ctx.Data["LatestCommitUser"] = models.ValidateCommitWithEmail(latestCommit) From 6f7c7a2eb05a9a31754272a312204e64d1e72b1f Mon Sep 17 00:00:00 2001 From: Andrew Thornton Date: Wed, 26 Feb 2020 19:54:37 +0000 Subject: [PATCH 12/16] fix position of sha as per @silverwind --- templates/repo/commits_list.tmpl | 2 +- web_src/less/_repository.less | 31 +++++++++++++++++++++++++++++-- 2 files changed, 30 insertions(+), 3 deletions(-) diff --git a/templates/repo/commits_list.tmpl b/templates/repo/commits_list.tmpl index 73f83bb02062a..5dc12c642bdba 100644 --- a/templates/repo/commits_list.tmpl +++ b/templates/repo/commits_list.tmpl @@ -44,7 +44,7 @@ {{else}} {{end}} - {{ShortSha .ID.String}} + {{ShortSha .ID.String}} {{if .Signature}}
{{if .Verification.Verified}} diff --git a/web_src/less/_repository.less b/web_src/less/_repository.less index 38f35103cda3a..756c3e8e4565d 100644 --- a/web_src/less/_repository.less +++ b/web_src/less/_repository.less @@ -1264,8 +1264,11 @@ .detail.icon { background: #fafafa; margin: -6px -10px -4px 0; - padding: 5px 3px 5px 6px; + padding: 5px 4px 5px 6px; border-left: 1px solid #bbbbbb; + border-top: 0; + border-right: 0; + border-bottom: 0; border-top-left-radius: 0; border-bottom-left-radius: 0; } @@ -1274,16 +1277,30 @@ border: 1px solid #db2828; background: fade(#db2828, 10%); + .shortsha { + display: inline-block; + padding-top: 1px; + } + .detail.icon { - border-left: 1px solid fade(#db2828, 50%); + border-left: 1px solid #db2828; color: #db2828; } + + &:hover { + background: fade(#db2828, 30%) !important; + } } &.isSigned.isVerified { border: 1px solid #21ba45; background: fade(#21ba45, 10%); + .shortsha { + display: inline-block; + padding-top: 1px; + } + .detail.icon { border-left: 1px solid #21ba45; color: #21ba45; @@ -1298,6 +1315,11 @@ border: 1px solid #fbbd08; background: fade(#fbbd08, 10%); + .shortsha { + display: inline-block; + padding-top: 1px; + } + .detail.icon { border-left: 1px solid #fbbd08; color: #fbbd08; @@ -1312,6 +1334,11 @@ border: 1px solid #f2711c; background: fade(#f2711c, 10%); + .shortsha { + display: inline-block; + padding-top: 1px; + } + .detail.icon { border-left: 1px solid #f2711c; color: #f2711c; From 75dd1d6dbd8ca395da7f9f71bca7d78d49a0409d Mon Sep 17 00:00:00 2001 From: Andrew Thornton Date: Wed, 26 Feb 2020 21:11:16 +0000 Subject: [PATCH 13/16] update comparison --- docs/content/doc/features/comparison.en-us.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/content/doc/features/comparison.en-us.md b/docs/content/doc/features/comparison.en-us.md index 21731b20fddf4..9b65d70650235 100644 --- a/docs/content/doc/features/comparison.en-us.md +++ b/docs/content/doc/features/comparison.en-us.md @@ -60,7 +60,7 @@ _Symbols used in table:_ | Git LFS 2.0 | ✓ | ✘ | ✓ | ✓ | ✓ | ⁄ | ✓ | | Group Milestones | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ | | Granular user roles (Code, Issues, Wiki etc) | ✓ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ | -| Verified Committer | ✘ | ✘ | ? | ✓ | ✓ | ✓ | ✘ | +| Verified Committer | / | ✘ | ? | ✓ | ✓ | ✓ | ✘ | | GPG Signed Commits | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | | Reject unsigned commits | [✓](https://github.com/go-gitea/gitea/pull/9708) | ✘ | ✓ | ✓ | ✓ | ✘ | ✓ | | Repository Activity page | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | From 459e05603778f743d95662bf81e6ac4825568473 Mon Sep 17 00:00:00 2001 From: Andrew Thornton Date: Wed, 26 Feb 2020 21:48:06 +0000 Subject: [PATCH 14/16] more alignment fixes --- docs/content/doc/features/comparison.en-us.md | 2 +- web_src/less/_repository.less | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/docs/content/doc/features/comparison.en-us.md b/docs/content/doc/features/comparison.en-us.md index 9b65d70650235..dab1ee7eafc38 100644 --- a/docs/content/doc/features/comparison.en-us.md +++ b/docs/content/doc/features/comparison.en-us.md @@ -60,7 +60,7 @@ _Symbols used in table:_ | Git LFS 2.0 | ✓ | ✘ | ✓ | ✓ | ✓ | ⁄ | ✓ | | Group Milestones | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ | | Granular user roles (Code, Issues, Wiki etc) | ✓ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ | -| Verified Committer | / | ✘ | ? | ✓ | ✓ | ✓ | ✘ | +| Verified Committer | ⁄ | ✘ | ? | ✓ | ✓ | ✓ | ✘ | | GPG Signed Commits | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | | Reject unsigned commits | [✓](https://github.com/go-gitea/gitea/pull/9708) | ✘ | ✓ | ✓ | ✓ | ✘ | ✓ | | Repository Activity page | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | diff --git a/web_src/less/_repository.less b/web_src/less/_repository.less index 756c3e8e4565d..05a9fe8df2e50 100644 --- a/web_src/less/_repository.less +++ b/web_src/less/_repository.less @@ -1271,6 +1271,15 @@ border-bottom: 0; border-top-left-radius: 0; border-bottom-left-radius: 0; + + img { + margin-right: 0; + } + + > div { + display: inline-flex; + align-items: center; + } } &.isSigned.isWarning { From af172ef8ed95066d41570b8bc3253c8896c60ff4 Mon Sep 17 00:00:00 2001 From: Andrew Thornton Date: Wed, 26 Feb 2020 22:14:10 +0000 Subject: [PATCH 15/16] fix commit page --- templates/repo/view_list.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/repo/view_list.tmpl b/templates/repo/view_list.tmpl index dbf0651381896..c296eb7beec6f 100644 --- a/templates/repo/view_list.tmpl +++ b/templates/repo/view_list.tmpl @@ -16,7 +16,7 @@ {{end}} {{end}} - {{ShortSha .LatestCommit.ID.String}} + {{ShortSha .LatestCommit.ID.String}} {{if .LatestCommit.Signature}} {{if .LatestCommitVerification.Verified}}
From ab8e19604ea07bb6aaaf98dc5015442c00f7da2b Mon Sep 17 00:00:00 2001 From: Andrew Thornton Date: Thu, 27 Feb 2020 18:16:39 +0000 Subject: [PATCH 16/16] as per @guillep2k --- models/gpg_key.go | 1 - routers/repo/commit.go | 2 +- routers/repo/view.go | 2 +- 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/models/gpg_key.go b/models/gpg_key.go index 53576609fb357..a32312a12dd6b 100644 --- a/models/gpg_key.go +++ b/models/gpg_key.go @@ -792,7 +792,6 @@ func CalculateTrustStatus(verification *CommitVerification, repository *Reposito var has bool isMember, has = (*memberMap)[verification.SigningUser.ID] if !has { - // We can ignore the error here as isMember would return false and so the user would be listed as untrusted isMember, err = repository.IsOwnerMemberCollaborator(verification.SigningUser.ID) (*memberMap)[verification.SigningUser.ID] = isMember } diff --git a/routers/repo/commit.go b/routers/repo/commit.go index bc671cbcd86a1..2767986fda6ee 100644 --- a/routers/repo/commit.go +++ b/routers/repo/commit.go @@ -277,7 +277,7 @@ func Diff(ctx *context.Context) { ctx.Data["DiffNotAvailable"] = diff.NumFiles() == 0 if err := models.CalculateTrustStatus(verification, ctx.Repo.Repository, nil); err != nil { - ctx.ServerError("IsOwnerMemberCollaborator", err) + ctx.ServerError("CalculateTrustStatus", err) return } diff --git a/routers/repo/view.go b/routers/repo/view.go index 887e3b9b82c35..5bcf4dae3bb95 100644 --- a/routers/repo/view.go +++ b/routers/repo/view.go @@ -336,7 +336,7 @@ func renderDirectory(ctx *context.Context, treeLink string) { verification := models.ParseCommitWithSignature(latestCommit) if err := models.CalculateTrustStatus(verification, ctx.Repo.Repository, nil); err != nil { - ctx.ServerError("IsOwnerMemberCollaborator", err) + ctx.ServerError("CalculateTrustStatus", err) return } ctx.Data["LatestCommitVerification"] = verification