diff --git a/Gemfile b/Gemfile
index c0df6c3b6..8fd3e7cff 100644
--- a/Gemfile
+++ b/Gemfile
@@ -141,4 +141,4 @@ gem 'doorkeeper'
gem 'doorkeeper-jwt'
-gem 'gitea-client', '~> 1.4.2'
+gem 'gitea-client', '~> 1.4.3'
diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb
index ea26f1bd5..14d59af77 100644
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@@ -201,12 +201,12 @@ class AccountsController < ApplicationController
return normal_status(-2, "违反平台使用规范,账号已被锁定") if @user.locked?
login_control = LimitForbidControl::UserLogin.new(@user)
- return normal_status(-2, "登录密码出错已达上限,账号已被锁定, 请#{login_control.forbid_expires/60}分钟后重新登录或找回密码") if login_control.forbid?
+ return normal_status(-2, "登录密码出错已达上限,账号已被锁定,请#{login_control.forbid_expires/60}分钟后重新登录或找回密码") if login_control.forbid?
password_ok = @user.check_password?(params[:password].to_s)
unless password_ok
if login_control.remain_times-1 == 0
- normal_status(-2, "登录密码出错已达上限,账号已被锁定, 请#{login_control.forbid_expires/60}分钟后重新登录或找回密码")
+ normal_status(-2, "登录密码出错已达上限,账号已被锁定,请#{login_control.forbid_expires/60}分钟后重新登录或找回密码")
else
normal_status(-2, "你已经输错密码#{login_control.error_times+1}次,还剩余#{login_control.remain_times-1}次机会")
end
@@ -222,6 +222,7 @@ class AccountsController < ApplicationController
end
def change_password
+ return render_error("两次输入的密码不一致") if params[:password].to_s != params[:new_password_repeat].to_s
@user = User.find_by(login: params[:login])
return render_error("此用户禁止修改密码!") if @user.id.to_i === 104691
return render_error("未找到相关用户!") if @user.blank?
diff --git a/app/controllers/api/v1/issues/issue_priorities_controller.rb b/app/controllers/api/v1/issues/issue_priorities_controller.rb
index eb36a47ce..319994a28 100644
--- a/app/controllers/api/v1/issues/issue_priorities_controller.rb
+++ b/app/controllers/api/v1/issues/issue_priorities_controller.rb
@@ -3,7 +3,7 @@ class Api::V1::Issues::IssuePrioritiesController < Api::V1::BaseController
before_action :require_public_and_member_above, only: [:index]
def index
- @priorities = IssuePriority.where.not(name: '立刻').order(position: :asc)
+ @priorities = IssuePriority.order(position: :asc)
@priorities = @priorities.ransack(name_cont: params[:keyword]).result if params[:keyword]
@priorities = kaminary_select_paginate(@priorities)
end
diff --git a/app/controllers/api/v1/issues/statues_controller.rb b/app/controllers/api/v1/issues/statues_controller.rb
index bcb54bab9..5a7fbc338 100644
--- a/app/controllers/api/v1/issues/statues_controller.rb
+++ b/app/controllers/api/v1/issues/statues_controller.rb
@@ -4,7 +4,7 @@ class Api::V1::Issues::StatuesController < Api::V1::BaseController
# 状态列表
def index
- @statues = IssueStatus.where.not(name: '反馈').order("position asc")
+ @statues = IssueStatus.order("position asc")
@statues = @statues.ransack(name_cont: params[:keyword]).result if params[:keyword].present?
@statues = kaminary_select_paginate(@statues)
end
diff --git a/app/controllers/api/v1/issues_controller.rb b/app/controllers/api/v1/issues_controller.rb
index ebba95e2b..76185a16b 100644
--- a/app/controllers/api/v1/issues_controller.rb
+++ b/app/controllers/api/v1/issues_controller.rb
@@ -1,6 +1,6 @@
class Api::V1::IssuesController < Api::V1::BaseController
- before_action :require_login, except: [:index, :show]
- before_action :require_public_and_member_above, only: [:index, :show, :create, :update, :destroy]
+ before_action :require_login, except: [:index, :show, :show_by_id]
+ before_action :require_public_and_member_above, only: [:index, :show, :show_by_id, :create, :update, :destroy]
before_action :require_operate_above, only: [:batch_update, :batch_destroy]
def index
@@ -22,6 +22,12 @@ class Api::V1::IssuesController < Api::V1::BaseController
before_action :load_issue, only: [:show, :update, :destroy]
before_action :check_issue_operate_permission, only: [:update, :destroy]
+ before_action :load_issue_by_id, only: [:show_by_id]
+
+ def show_by_id
+ @issue.associate_attachment_container
+ @user_permission = current_user.present? && current_user.logged? && (@project.member?(current_user) || current_user.admin? || @issue.user == current_user)
+ end
def show
@issue.associate_attachment_container
@@ -70,6 +76,13 @@ class Api::V1::IssuesController < Api::V1::BaseController
end
end
+ def load_issue_by_id
+ @issue = Issue.find_by_id(params[:index])
+ if @issue.blank?
+ render_not_found("疑修不存在!")
+ end
+ end
+
def load_issues
return render_error("请输入正确的ID数组!") unless params[:ids].is_a?(Array)
params[:ids].each do |id|
diff --git a/app/controllers/api/v1/projects/tags_controller.rb b/app/controllers/api/v1/projects/tags_controller.rb
index b87d48429..44fdd9ba0 100644
--- a/app/controllers/api/v1/projects/tags_controller.rb
+++ b/app/controllers/api/v1/projects/tags_controller.rb
@@ -1,10 +1,13 @@
class Api::V1::Projects::TagsController < Api::V1::BaseController
- before_action :require_public_and_member_above, only: [:index]
+ before_action :require_public_and_member_above, only: [:index, :show]
def index
@release_tags = @repository.version_releases.pluck(:tag_name)
@result_object = Api::V1::Projects::Tags::ListService.call(@project, {page: page, limit: limit}, current_user&.gitea_token)
- puts @result_object
+ end
+
+ def show
+ @result_object = Api::V1::Projects::Tags::GetService.call(@project, params[:name], current_user&.gitea_token)
end
before_action :require_operate_above, only: [:destroy]
diff --git a/app/controllers/attachments_controller.rb b/app/controllers/attachments_controller.rb
index bf8c870a0..ecc4760b5 100644
--- a/app/controllers/attachments_controller.rb
+++ b/app/controllers/attachments_controller.rb
@@ -144,11 +144,12 @@ class AttachmentsController < ApplicationController
private
def find_file
+ tip_exception(404, "您访问的页面不存在或已被删除") if params[:id].blank?
@file =
if params[:type] == 'history'
AttachmentHistory.find params[:id]
else
- Attachment.find_by(id: params[:id]) || Attachment.find_by(uuid: params[:id])
+ Attachment.where_id_or_uuid(params[:id]).first
end
tip_exception(404, "您访问的页面不存在或已被删除") if @file.blank?
end
diff --git a/app/controllers/issues_controller.rb b/app/controllers/issues_controller.rb
index cb7beb402..84219b89b 100644
--- a/app/controllers/issues_controller.rb
+++ b/app/controllers/issues_controller.rb
@@ -139,7 +139,7 @@ class IssuesController < ApplicationController
SendTemplateMessageJob.perform_later('ProjectIssue', current_user.id, @issue&.id) if Site.has_notice_menu?
if params[:attachment_ids].present?
params[:attachment_ids].each do |id|
- attachment = Attachment.select(:id, :container_id, :container_type)&.find_by_id(id)
+ attachment = Attachment.where_id_or_uuid(id).select(:id, :container_id, :container_type)&.first
unless attachment.blank?
attachment.container = @issue
attachment.author_id = current_user.id
@@ -232,7 +232,7 @@ class IssuesController < ApplicationController
if issue_files.present?
change_files = true
issue_files.each do |id|
- attachment = Attachment.select(:id, :container_id, :container_type)&.find_by_id(id)
+ attachment = Attachment.where_id_or_uuid(id).select(:id, :container_id, :container_type)&.first
unless attachment.blank?
attachment.container = @issue
attachment.author_id = current_user.id
diff --git a/app/controllers/journals_controller.rb b/app/controllers/journals_controller.rb
index 8f7857567..6b9abd5c6 100644
--- a/app/controllers/journals_controller.rb
+++ b/app/controllers/journals_controller.rb
@@ -35,7 +35,7 @@ class JournalsController < ApplicationController
if journal.save
if params[:attachment_ids].present?
params[:attachment_ids].each do |id|
- attachment = Attachment.select(:id, :container_id, :container_type)&.find_by_id(id)
+ attachment = Attachment.where_id_or_uuid(id).select(:id, :container_id, :container_type)&.first
unless attachment.blank?
attachment.container = journal
attachment.author_id = current_user.id
diff --git a/app/controllers/oauth2_controller.rb b/app/controllers/oauth2_controller.rb
index f1ac19a2a..9be575a1f 100644
--- a/app/controllers/oauth2_controller.rb
+++ b/app/controllers/oauth2_controller.rb
@@ -20,12 +20,12 @@ class Oauth2Controller < ActionController::Base
return @error = {msg: '违反平台使用规范,账号已被锁定', id: 'login'} if @user.locked?
login_control = LimitForbidControl::UserLogin.new(@user)
- return @error = {msg: "登录密码出错已达上限,账号已被锁定, 请#{login_control.forbid_expires/60}分钟后重新登录或找回密码", id: 'account'} if login_control.forbid?
+ return @error = {msg: "登录密码出错已达上限,账号已被锁定,请#{login_control.forbid_expires/60}分钟后重新登录或找回密码", id: 'account'} if login_control.forbid?
password_ok = @user.check_password?(params[:password].to_s)
unless password_ok
if login_control.remain_times-1 == 0
- @error = {msg: "登录密码出错已达上限,账号已被锁定, 请#{login_control.forbid_expires/60}分钟后重新登录或找回密码", id: 'account'}
+ @error = {msg: "登录密码出错已达上限,账号已被锁定,请#{login_control.forbid_expires/60}分钟后重新登录或找回密码", id: 'account'}
else
@error = {msg: "你已经输错密码#{login_control.error_times+1}次,还剩余#{login_control.remain_times-1}次机会", id: 'account'}
end
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 34d617f19..d7608ec3d 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -22,7 +22,7 @@ class UsersController < ApplicationController
end
def list
- scope = User.active.recent.like(params[:search]).includes(:user_extension)
+ scope = User.active.like(params[:search]).includes(:user_extension).order(nickname: :desc, last_login_on: :desc)
@total_count = scope.size
@users = paginate(scope)
end
diff --git a/app/controllers/version_releases_controller.rb b/app/controllers/version_releases_controller.rb
index 76a214d0f..ed608873e 100644
--- a/app/controllers/version_releases_controller.rb
+++ b/app/controllers/version_releases_controller.rb
@@ -152,11 +152,12 @@ class VersionReleasesController < ApplicationController
def create_attachments(attachment_ids, target)
attachment_ids.each do |id|
- attachment = Attachment.select(:id, :container_id, :container_type)&.find_by_id(id)
+ attachment = Attachment.where_id_or_uuid(id).select(:id, :container_id, :container_type)&.first
unless attachment.blank?
attachment.container = target
attachment.author_id = current_user.id
attachment.description = ""
+ attachment.uuid = SecureRandom.uuid
attachment.save
end
end
diff --git a/app/models/attachment.rb b/app/models/attachment.rb
index defc73662..810474609 100644
--- a/app/models/attachment.rb
+++ b/app/models/attachment.rb
@@ -69,6 +69,7 @@ class Attachment < ApplicationRecord
scope :simple_columns, -> { select(:id, :filename, :filesize, :created_on, :cloud_url, :author_id, :content_type, :container_type, :container_id) }
scope :search_by_container, -> (ids) {where(container_id: ids)}
scope :unified_setting, -> {where("unified_setting = ? ", 1)}
+ scope :where_id_or_uuid, -> (id) { (Float(id) rescue nil).present? ? where(id: id) : where(uuid: id) }
validates_length_of :description, maximum: 100, message: "不能超过100个字符"
diff --git a/app/models/identity_verification.rb b/app/models/identity_verification.rb
index 6ea6e0547..fdef74d43 100644
--- a/app/models/identity_verification.rb
+++ b/app/models/identity_verification.rb
@@ -6,10 +6,10 @@
# user_id :integer not null
# number :string(255) not null
# name :string(255) not null
-# card_front :integer
-# card_back :integer
-# hold_card_front :integer
-# hold_card_back :integer
+# card_front :string(255)
+# card_back :string(255)
+# hold_card_front :string(255)
+# hold_card_back :string(255)
# state :integer default("0")
# description :string(255)
# created_at :datetime not null
@@ -24,7 +24,7 @@ class IdentityVerification < ApplicationRecord
belongs_to :user
enum state: { "待审核": 0, "已通过": 1, "已拒绝": 2}
after_create do
- Attachment.where(id:[card_front,card_back,hold_card_front,hold_card_back]).update_all(is_public:0)
+ Attachment.where(uuid:[card_front,card_back,hold_card_front,hold_card_back]).update_all(is_public:0)
end
after_save do
@@ -34,18 +34,18 @@ class IdentityVerification < ApplicationRecord
end
def card_front_attachment
- Attachment.find_by_id card_front
+ Attachment.where_id_or_uuid(card_front).first
end
def card_back_attachment
- Attachment.find_by_id card_back
+ Attachment.where_id_or_uuid(card_back).first
end
def hold_card_front_attachment
- Attachment.find_by_id hold_card_front
+ Attachment.where_id_or_uuid(hold_card_front).first
end
def hold_card_back_attachment
- Attachment.find_by_id hold_card_back
+ Attachment.where_id_or_uuid(hold_card_back).first
end
end
diff --git a/app/models/journal.rb b/app/models/journal.rb
index dad60cd71..2e754c51a 100644
--- a/app/models/journal.rb
+++ b/app/models/journal.rb
@@ -88,9 +88,9 @@ class Journal < ApplicationRecord
when 'issue'
return "创建了疑修"
when 'attachment'
- old_value = Attachment.where(id: detail.old_value.split(",")).pluck(:filename).join("、")
- new_value = Attachment.where(id: detail.value.split(",")).pluck(:filename).join("、")
- if old_value.nil? || old_value.blank?
+ old_value = Attachment.where("id in (?) or uuid in (?)", detail.old_value.to_s.split(","), detail.old_value.to_s.split(",")).pluck(:filename).join("、")
+ new_value = Attachment.where("id in (?) or uuid in (?)", detail.value.to_s.split(","), detail.value.to_s.split(",")).pluck(:filename).join("、")
+ if old_value.nil? || old_value.blank?
content += "添加了#{new_value}附件"
else
new_value = "无" if new_value.blank?
diff --git a/app/models/trace_user.rb b/app/models/trace_user.rb
index 69198706e..6e032e9fd 100644
--- a/app/models/trace_user.rb
+++ b/app/models/trace_user.rb
@@ -43,8 +43,9 @@ class TraceUser < ApplicationRecord
def build_token
return if username.blank? || password.blank? || unit.blank? || email.blank? || name.blank?
- response = Trace::AddUserService.call(username, password, unit, telnumber, email, name)
- self.token = response[1]['token']
+ response1 = Trace::AddUserService.call(username, password, unit, telnumber, email, name)
+ response2 = Trace::LoginService.call(username, password)
+ self.token = response2[1]['token']
self.expired_at = Time.now + 1.hours
end
diff --git a/app/services/api/v1/issues/concerns/checkable.rb b/app/services/api/v1/issues/concerns/checkable.rb
index 8067262e2..167c53a6c 100644
--- a/app/services/api/v1/issues/concerns/checkable.rb
+++ b/app/services/api/v1/issues/concerns/checkable.rb
@@ -12,7 +12,7 @@ module Api::V1::Issues::Concerns::Checkable
raise ApplicationService::Error, "Milestone不存在!" unless Version.find_by_id(milestone_id).present?
end
- def check_root_issue(issue, root_id)
+ def check_root_issue(issue, root_id)
raise ApplicationService::Error, "父工作项与当前工作项已存在父子关系!" if Issue.full_children_issues(issue).map{|i| i.id}.include?(root_id)
end
@@ -35,8 +35,8 @@ module Api::V1::Issues::Concerns::Checkable
def check_attachments (attachment_ids)
raise ApplicationService::Error, "请输入正确的附件ID数组!" unless attachment_ids.is_a?(Array)
attachment_ids.each do |aid|
- raise ApplicationService::Error, "请输入正确的附件ID!" unless Attachment.exists?(id: aid) || Attachment.exists?(uuid: aid)
- end
+ raise ApplicationService::Error, "请输入正确的附件ID!" unless Attachment.where_id_or_uuid(aid).exists?
+ end
end
def check_atme_receivers(receivers_login)
diff --git a/app/services/api/v1/issues/concerns/loadable.rb b/app/services/api/v1/issues/concerns/loadable.rb
index ffd5ff4a7..547ff50d7 100644
--- a/app/services/api/v1/issues/concerns/loadable.rb
+++ b/app/services/api/v1/issues/concerns/loadable.rb
@@ -9,7 +9,7 @@ module Api::V1::Issues::Concerns::Loadable
end
def load_attachments(attachment_ids)
- @attachments = Attachment.where(id: attachment_ids).or(Attachment.where(uuid: attachment_ids))
+ @attachments = Attachment.where("id in (?) or uuid in (?)", attachment_ids, attachment_ids)
end
def load_atme_receivers(receivers_login)
diff --git a/app/services/api/v1/issues/list_service.rb b/app/services/api/v1/issues/list_service.rb
index 3fe5826e6..cfe9a3ce7 100644
--- a/app/services/api/v1/issues/list_service.rb
+++ b/app/services/api/v1/issues/list_service.rb
@@ -144,7 +144,7 @@ class Api::V1::Issues::ListService < ApplicationService
else
scope = issues.includes(:priority, :issue_status, :user, :show_assigners, :show_issue_tags, :version, :comment_journals)
scope = if sort_by == 'issue_priorities.position'
- scope.reorder("issue_priorities.position #{sort_direction}, issues.created_on DESC").distinct
+ scope.reorder("issue_priorities.position #{sort_direction}, issues.updated_on DESC").distinct
else
scope.reorder("#{sort_by} #{sort_direction}").distinct
end
diff --git a/app/services/api/v1/projects/tags/get_service.rb b/app/services/api/v1/projects/tags/get_service.rb
new file mode 100644
index 000000000..bfceab4c2
--- /dev/null
+++ b/app/services/api/v1/projects/tags/get_service.rb
@@ -0,0 +1,48 @@
+class Api::V1::Projects::Tags::GetService < ApplicationService
+ include ActiveModel::Model
+
+ attr_reader :project, :token, :owner, :repo, :tag_name
+ attr_accessor :gitea_data
+
+ validates :tag_name, presence: true
+
+ def initialize(project, tag_name, token=nil)
+ @project = project
+ @owner = project&.owner&.login
+ @repo = project&.identifier
+ @tag_name = tag_name.to_s
+ @token = token
+ end
+
+ def call
+
+ raise Error, errors.full_messages.join(",") unless valid?
+
+ check_tag_exist
+
+ load_gitea_data
+
+ gitea_data
+ end
+
+ private
+ def request_params
+ params = {
+ access_token: token
+ }
+
+ params
+ end
+
+ def load_gitea_data
+ @gitea_data = $gitea_hat_client.get_repos_tags_by_owner_repo_tag(owner, repo, URI.escape(tag_name), {query: request_params}) rescue nil
+ raise Error, '获取标签失败!' unless @gitea_data.is_a?(Hash)
+ end
+
+ def check_tag_exist
+ result = $gitea_hat_client.get_repos_tag_name_set_by_owner_repo(owner, repo, {query: request_params}) rescue nil
+
+ raise Error, '查询标签名称失败!' unless result.is_a?(Array)
+ raise Error, '标签不存在!' if !result.include?(@tag_name)
+ end
+end
\ No newline at end of file
diff --git a/app/services/gitea/repository/entries/create_service.rb b/app/services/gitea/repository/entries/create_service.rb
index ac27b3afb..406106744 100644
--- a/app/services/gitea/repository/entries/create_service.rb
+++ b/app/services/gitea/repository/entries/create_service.rb
@@ -59,7 +59,11 @@ class Gitea::Repository::Entries::CreateService < Gitea::ClientService
if @body[:new_branch].present? && (@body[:new_branch].include?('/') || @body[:new_branch].include?('\'') || @body[:new_branch].include?('^') || @body[:new_branch].include?('*'))
error("不合法的分支名称!")
else
- error("#{filepath}文件已存在,不能重复创建!")
+ if json_parse!(body)["message"].present? && json_parse!(body)["message"].starts_with?("branch already exists")
+ error("#{@body[:new_branch]}分支已存在!")
+ else
+ error("#{filepath}文件已存在,不能重复创建!")
+ end
end
else
Rails.logger.error("Gitea api url==#{url},status:#{status},body=#{body}")
diff --git a/app/views/api/v1/issues/show_by_id.json.jbuilder b/app/views/api/v1/issues/show_by_id.json.jbuilder
new file mode 100644
index 000000000..55028fc64
--- /dev/null
+++ b/app/views/api/v1/issues/show_by_id.json.jbuilder
@@ -0,0 +1,2 @@
+json.partial! "api/v1/issues/detail", locals: {issue: @issue}
+json.user_permission @user_permission
diff --git a/app/views/api/v1/projects/tags/_simple_gitea_index_detail.json.jbuilder b/app/views/api/v1/projects/tags/_simple_gitea_index_detail.json.jbuilder
index 460b56f56..32b384fb5 100644
--- a/app/views/api/v1/projects/tags/_simple_gitea_index_detail.json.jbuilder
+++ b/app/views/api/v1/projects/tags/_simple_gitea_index_detail.json.jbuilder
@@ -4,7 +4,11 @@ if tag.present? && tag.is_a?(Hash)
json.zipball_url render_zip_url(@owner, @repository, tag['name'])
json.tarball_url render_tar_url(@owner, @repository, tag['name'])
json.tagger do
- json.partial! 'api/v1/users/commit_user', user: render_cache_commit_author(tag['tagger']), name: tag['tagger']['name']
+ if tag['tagger'].present?
+ json.partial! 'api/v1/users/commit_user', user: render_cache_commit_author(tag['tagger']), name: tag['tagger']['name']
+ else
+ json.nil!
+ end
end
json.time_ago time_from_now(tag['tagger']['date'].to_time)
json.created_at_unix tag['tagger']['date'].to_time.to_i
diff --git a/app/views/api/v1/projects/tags/show.json.jbuilder b/app/views/api/v1/projects/tags/show.json.jbuilder
new file mode 100644
index 000000000..a0e45fb7e
--- /dev/null
+++ b/app/views/api/v1/projects/tags/show.json.jbuilder
@@ -0,0 +1 @@
+json.partial! "api/v1/projects/tags/simple_gitea_index_detail", tag: @result_object
diff --git a/config/routes/api.rb b/config/routes/api.rb
index ee89921b6..77abee455 100644
--- a/config/routes/api.rb
+++ b/config/routes/api.rb
@@ -83,6 +83,7 @@ defaults format: :json do
end
member do
+ get :show_by_id
resources :journals, module: :issues, only: [:index, :create, :update, :destroy] do
member do
get :children_journals
@@ -128,8 +129,9 @@ defaults format: :json do
end
match 'branches/*name', to: "branches#destroy", via: :all
- resources :tags, param: :name, only: [:index, :destroy]
- match 'tags/*name', to: "tags#destroy", via: :all
+ resources :tags, param: :name, only: [:index, :show, :destroy]
+ delete 'tags/*name', to: "tags#destroy", via: :all
+ get 'tags/*name', to: "tags#show", via: :all
resources :commits, only: [:index]
resources :code_stats, only: [:index]
diff --git a/db/migrate/20231212012107_change_identity_verification.rb b/db/migrate/20231212012107_change_identity_verification.rb
new file mode 100644
index 000000000..6a6ac4085
--- /dev/null
+++ b/db/migrate/20231212012107_change_identity_verification.rb
@@ -0,0 +1,8 @@
+class ChangeIdentityVerification < ActiveRecord::Migration[5.2]
+ def change
+ change_column :identity_verifications, :card_front, :string
+ change_column :identity_verifications, :card_back, :string
+ change_column :identity_verifications, :hold_card_front, :string
+ change_column :identity_verifications, :hold_card_back, :string
+ end
+end