Merge branch 'main' into feature/workflow-graph

2026-02-24 10:33:35 +01:00 · 2026-02-09 15:44:59 +03:00 · 2026-02-09 15:44:59 +03:00 · cd185dcd4d
commit cd185dcd4d
parent 261b343ab0 34b34d2328
8 changed files with 53 additions and 67 deletions
--- a/routers/api/packages/api.go
+++ b/routers/api/packages/api.go
@ -117,7 +117,7 @@ func CommonRoutes() *web.Router {
 		&auth.OAuth2{},
 		&auth.Basic{},
 		&nuget.Auth{},
-		&conan.Auth{},
+		&Auth{},
 		&chef.Auth{},
 	})

@ -537,7 +537,8 @@ func ContainerRoutes() *web.Router {

 	verifyAuth(r, []auth.Method{
 		&auth.Basic{},
-		&container.Auth{},
+		// container auth requires an token, so container.Authenticate issues a Ghost user token for anonymous access
+		&Auth{AllowGhostUser: true},
 	})

 	// TODO: Content Discovery / References (not implemented yet)
--- a/routers/api/packages/conan/auth.go
+++ b/routers/api/packages/conan/auth.go
@ -1,7 +1,7 @@
-// Copyright 2022 The Gitea Authors. All rights reserved.
+// Copyright 2026 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT

-package conan
+package packages

 import (
 	"net/http"
@ -14,10 +14,13 @@ import (

 var _ auth.Method = &Auth{}

-type Auth struct{}
+// Auth is for conan and container
+type Auth struct {
+	AllowGhostUser bool
+}

 func (a *Auth) Name() string {
-	return "conan"
+	return "packages"
 }

 // Verify extracts the user from the Bearer token
@ -32,10 +35,22 @@ func (a *Auth) Verify(req *http.Request, w http.ResponseWriter, store auth.DataS
 		return nil, nil
 	}

-	u, err := user_model.GetUserByID(req.Context(), packageMeta.UserID)
-	if err != nil {
-		return nil, err
+	var u *user_model.User
+	switch packageMeta.UserID {
+	case user_model.GhostUserID:
+		if !a.AllowGhostUser {
+			return nil, nil
+		}
+		u = user_model.NewGhostUser()
+	case user_model.ActionsUserID:
+		u = user_model.NewActionsUserWithTaskID(packageMeta.ActionsUserTaskID)
+	default:
+		u, err = user_model.GetUserByID(req.Context(), packageMeta.UserID)
+		if err != nil {
+			return nil, err
+		}
 	}
+
 	if packageMeta.Scope != "" {
 		store.GetData()["IsApiToken"] = true
 		store.GetData()["ApiTokenScope"] = packageMeta.Scope
--- a/routers/api/packages/container/auth.go
+++ b/routers/api/packages/container/auth.go
@ -1,47 +0,0 @@
-// Copyright 2022 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-package container
-
-import (
-	"net/http"
-
-	user_model "code.gitea.io/gitea/models/user"
-	"code.gitea.io/gitea/modules/log"
-	"code.gitea.io/gitea/services/auth"
-	"code.gitea.io/gitea/services/packages"
-)
-
-var _ auth.Method = &Auth{}
-
-type Auth struct{}
-
-func (a *Auth) Name() string {
-	return "container"
-}
-
-// Verify extracts the user from the Bearer token
-// If it's an anonymous session, a ghost user is returned
-func (a *Auth) Verify(req *http.Request, w http.ResponseWriter, store auth.DataStore, sess auth.SessionStore) (*user_model.User, error) {
-	packageMeta, err := packages.ParseAuthorizationRequest(req)
-	if err != nil {
-		log.Trace("ParseAuthorizationToken: %v", err)
-		return nil, err
-	}
-
-	if packageMeta == nil || packageMeta.UserID == 0 {
-		return nil, nil
-	}
-
-	u, err := user_model.GetPossibleUserByID(req.Context(), packageMeta.UserID)
-	if err != nil {
-		return nil, err
-	}
-
-	if packageMeta.Scope != "" {
-		store.GetData()["IsApiToken"] = true
-		store.GetData()["ApiTokenScope"] = packageMeta.Scope
-	}
-
-	return u, nil
-}
--- a/services/packages/auth.go
+++ b/services/packages/auth.go
@ -23,21 +23,24 @@ type packageClaims struct {
 	PackageMeta
 }
 type PackageMeta struct {
-	UserID int64
-	Scope  auth_model.AccessTokenScope
+	UserID            int64
+	Scope             auth_model.AccessTokenScope
+	ActionsUserTaskID int64
 }

 func CreateAuthorizationToken(u *user_model.User, packageScope auth_model.AccessTokenScope) (string, error) {
 	now := time.Now()

+	actionsUserTaskID, _ := user_model.GetActionsUserTaskID(u)
 	claims := packageClaims{
 		RegisteredClaims: jwt.RegisteredClaims{
 			ExpiresAt: jwt.NewNumericDate(now.Add(24 * time.Hour)),
 			NotBefore: jwt.NewNumericDate(now),
 		},
 		PackageMeta: PackageMeta{
-			UserID: u.ID,
-			Scope:  packageScope,
+			UserID:            u.ID,
+			Scope:             packageScope,
+			ActionsUserTaskID: actionsUserTaskID,
 		},
 	}
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
--- a/templates/repo/issue/sidebar/assignee_list.tmpl
+++ b/templates/repo/issue/sidebar/assignee_list.tmpl
@ -1,5 +1,7 @@
 {{$pageMeta := .}}
 {{$data := .AssigneesData}}
+{{$listBaseLink := print $pageMeta.RepoLink (Iif $pageMeta.IsPullRequest "/pulls" "/issues")}}
+{{/* TODO: it seems that the code keeps checking $pageMeta.Issue and assumes that it might not exist, need to figure out why */}}
 {{$issueAssignees := NIL}}{{if $pageMeta.Issue}}{{$issueAssignees = $pageMeta.Issue.Assignees}}{{end}}
 <div class="divider"></div>
 <div class="issue-sidebar-combo" data-selection-mode="multiple" data-update-algo="diff"
@ -19,7 +21,7 @@
 				<div class="item clear-selection" data-text="">{{ctx.Locale.Tr "repo.issues.new.clear_assignees"}}</div>
 				<div class="divider"></div>
 				{{range $data.CandidateAssignees}}
-					<a class="item" href="#" data-value="{{.ID}}">
+					<a class="item" href="{{$listBaseLink}}?assignee={{.ID}}" data-value="{{.ID}}">
 						<span class="item-check-mark">{{svg "octicon-check"}}</span>
 						{{ctx.AvatarUtils.Avatar . 20}} {{template "repo/search_name" .}}
 					</a>
@ -30,8 +32,8 @@
 	<div class="ui relaxed list muted-links flex-items-block">
 		<span class="item empty-list {{if $issueAssignees}}tw-hidden{{end}}">{{ctx.Locale.Tr "repo.issues.new.no_assignees"}}</span>
 		{{range $issueAssignees}}
-			<a class="item" href="{{$pageMeta.RepoLink}}/{{if $pageMeta.IsPullRequest}}pulls{{else}}issues{{end}}?assignee={{.ID}}">
-					{{ctx.AvatarUtils.Avatar . 20}} {{.GetDisplayName}}
+			<a class="item" href="{{$listBaseLink}}?assignee={{.ID}}">
+				{{ctx.AvatarUtils.Avatar . 20}} {{.GetDisplayName}}
 			</a>
 		{{end}}
 	</div>
--- a/templates/repo/issue/sidebar/label_list.tmpl
+++ b/templates/repo/issue/sidebar/label_list.tmpl
@ -1,5 +1,6 @@
 {{$pageMeta := .}}
 {{$data := .LabelsData}}
+{{$listBaseLink := print $pageMeta.RepoLink (Iif $pageMeta.IsPullRequest "/pulls" "/issues")}}
 <div class="issue-sidebar-combo" data-selection-mode="multiple" data-update-algo="diff"
 		{{if $pageMeta.Issue}}data-update-url="{{$pageMeta.RepoLink}}/issues/labels?issue_ids={{$pageMeta.Issue.ID}}"{{end}}
 >
@ -26,7 +27,7 @@
 							<div class="divider" data-scope="{{.ExclusiveScope}}"></div>
 						{{end}}
 						{{$previousExclusiveScope = $exclusiveScope}}
-						{{template "repo/issue/sidebar/label_list_item" dict "Label" .}}
+						{{template "repo/issue/sidebar/label_list_item" dict "Label" . "LabelLink" (print $listBaseLink "?labels=" .ID)}}
 					{{end}}
 					{{if and $data.RepoLabels $data.OrgLabels}}<div class="divider"></div>{{end}}
 					{{$previousExclusiveScope = "_no_scope"}}
@ -36,7 +37,7 @@
 							<div class="divider" data-scope="{{.ExclusiveScope}}"></div>
 						{{end}}
 						{{$previousExclusiveScope = $exclusiveScope}}
-						{{template "repo/issue/sidebar/label_list_item" dict "Label" .}}
+						{{template "repo/issue/sidebar/label_list_item" dict "Label" . "LabelLink" (print $listBaseLink "?labels=" .ID)}}
 					{{end}}
 				</div>
 			{{end}}
@ -47,7 +48,7 @@
 		<span class="item empty-list {{if $data.SelectedLabelIDs}}tw-hidden{{end}}">{{ctx.Locale.Tr "repo.issues.new.no_label"}}</span>
 		{{range $data.AllLabels}}
 			{{if .IsChecked}}
-				<a class="item" href="{{$pageMeta.RepoLink}}/{{if $pageMeta.IsPullRequest}}pulls{{else}}issues{{end}}?labels={{.ID}}">
+				<a class="item" href="{{$listBaseLink}}?labels={{.ID}}">
 					{{- ctx.RenderUtils.RenderLabel . -}}
 				</a>
 			{{end}}
--- a/templates/repo/issue/sidebar/label_list_item.tmpl
+++ b/templates/repo/issue/sidebar/label_list_item.tmpl
@ -1,5 +1,6 @@
 {{$label := .Label}}
-<a class="item muted {{if $label.IsChecked}}checked{{else if $label.IsArchived}}tw-hidden{{end}}" href="#"
+{{$labelLink := or .LabelLink "#"}}
+<a class="item muted {{if $label.IsChecked}}checked{{else if $label.IsArchived}}tw-hidden{{end}}" href="{{$labelLink}}"
 	data-scope="{{$label.ExclusiveScope}}" data-value="{{$label.ID}}" {{if $label.IsArchived}}data-is-archived{{end}}
 >
 	<span class="item-check-mark">{{svg (Iif $label.ExclusiveScope "octicon-dot-fill" "octicon-check")}}</span>
--- a/web_src/js/features/repo-issue-sidebar.md
+++ b/web_src/js/features/repo-issue-sidebar.md
@ -23,6 +23,16 @@ When the selected items change, the `combo-value` input will be updated.
 If there is `data-update-url`, it also calls backend to attach/detach the changed items.

 Also, the changed items will be synchronized to the `ui list` items.
+The menu items must have correct `href`, otherwise the links of synchronized (cloned) items would be wrong.
+
+Synchronization logic:
+* On page load:
+  * If the dropdown menu contains checked items, there will be no synchronization.
+    In this case, it's assumed that the dropdown menu is already in sync with the list.
+  * If the dropdown menu doesn't contain checked items, it will use dropdown's value to mark the selected items as checked.
+    And the selected (checked) items will be synchronized to the list.
+* On dropdown selection change:
+  * The selected items will be synchronized to the list after the dropdown is hidden

 The items with the same data-scope only allow one selected at a time.