Merge remote-tracking branch 'origin/master'

dropdown menu filter method modified

.editorconfig

@@ -0,0 +1,13 @@
+root = true
+
+[*]
+trim_trailing_whitespace = true
+insert_final_newline = true
+indent_style = space
+indent_size = 2
+
+[*.java]
+trim_trailing_whitespace = true
+insert_final_newline = true
+indent_style = space
+indent_size = 4

.github/CONTRIBUTING.md

@@ -1,7 +1,7 @@
 # Guideline for Issues
 
-- At first, See [FAQ](https://github.com/gitbucket/gitbucket/wiki/FAQ) and check issues whether there is a same question or request in the past.
+- At first, see [Wiki](https://github.com/gitbucket/gitbucket/wiki) and check issues whether there is a same question or request in the past.
 - If you can't find same question and report, send it to [gitter room](https://gitter.im/gitbucket/gitbucket) before raising an issue.
-- We can also support in Japaneses other than English at [gitter room for Japanese](https://gitter.im/gitbucket/gitbucket_ja).
+- We can also support in Japanese other than English at [gitter room for Japanese](https://gitter.im/gitbucket/gitbucket_ja).
 - Write an issue in English. At least, write subject in English.
-- First priority of GitBucket is easy installation and reproduce GitHub behavior, so we might reject if your request is against it.
+- The highest priority of GitBucket is the ease of installation and API compatibility with GitHub, so your feature request might be rejected if they go against those principles.

.github/ISSUE_TEMPLATE.md

@@ -1,6 +1,6 @@
 ### Before submitting an issue to Gitbucket I have first:
 
-- [] read the [contribution guidelines](https://github.com/gitbucket/gitbucket/blob/master/CONTRIBUTING.md)
+- [] read the [contribution guidelines](https://github.com/gitbucket/gitbucket/blob/master/.github/CONTRIBUTING.md)
 - [] searched for similar already existing issue
 - [] read the documentation and [wiki](https://github.com/gitbucket/gitbucket/wiki) 
 

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,8 +1,8 @@
 ### Before submitting a pull-request to Gitbucket I have first:
 
-- [] read the [contribution guidelines](https://github.com/gitbucket/gitbucket/blob/master/CONTRIBUTING.md)
+- [] read the [contribution guidelines](https://github.com/gitbucket/gitbucket/blob/master/.github/CONTRIBUTING.md)
 - [] rebased my branch over master
 - [] verified that project is compiling
 - [] verified that tests are passing
 - [] squashed my commits as appropriate *(keep several commits if it is relevant to understand the PR)*
-- [] [marked as closed](https://help.github.com/articles/closing-issues-via-commit-messages/) all issue ID that this PR should correct
+- [] [marked as closed using commit message](https://help.github.com/articles/closing-issues-via-commit-messages/) all issue ID that this PR should correct

.gitignore

@@ -21,3 +21,4 @@ project/plugins/project/
 # IntelliJ specific
 .idea/
 .idea_modules/
+*.iml

.travis.yml

@@ -1,6 +1,38 @@
 language: scala
-sudo: false
+sudo: true
 script:
   - sbt test
 jdk:
   - oraclejdk8
+before_script:
+  - sudo apt-get install libaio1
+  - sudo /etc/init.d/mysql stop
+  - sudo /etc/init.d/postgresql stop
+cache:
+  directories:
+    - $HOME/.ivy2/cache
+    - $HOME/.sbt/boot
+    - $HOME/.sbt/launchers
+    - $HOME/.coursier
+    - $HOME/.embedmysql
+    - $HOME/.embedpostgresql
+matrix:
+  include:
+  - dist: trusty
+    group: edge
+    sudo: required
+    jdk: oraclejdk9
+    script:
+    # https://github.com/sbt/sbt/pull/2951
+    - git clone https://github.com/retronym/java9-rt-export
+    - cd java9-rt-export/
+    - git checkout 1019a2873d057dd7214f4135e84283695728395d
+    - jdk_switcher use oraclejdk8
+    - sbt package
+    - jdk_switcher use oraclejdk9
+    - mkdir -p $HOME/.sbt/0.13/java9-rt-ext; java -jar target/java9-rt-export-*.jar $HOME/.sbt/0.13/java9-rt-ext/rt.jar
+    - jar tf $HOME/.sbt/0.13/java9-rt-ext/rt.jar | grep java/lang/Object
+    - cd ..
+    - echo "sbt.version=0.13.14-RC1" > project/build.properties
+    - wget https://raw.githubusercontent.com/paulp/sbt-extras/9ade5fa54914ca8aded44105bf4b9a60966f3ccd/sbt && chmod +x ./sbt
+    - ./sbt -Dscala.ext.dirs=$HOME/.sbt/0.13/java9-rt-ext test

LICENSE

@@ -1,4 +1,3 @@
-
                                  Apache License
                            Version 2.0, January 2004
                         http://www.apache.org/licenses/
@@ -179,7 +178,7 @@
    APPENDIX: How to apply the Apache License to your work.
 
       To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
+      boilerplate notice, with the fields enclosed by brackets "{}"
       replaced with your own identifying information. (Don't include
       the brackets!)  The text should be enclosed in the appropriate
       comment syntax for the file format. We also recommend that a
@@ -187,7 +186,7 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright [yyyy] [name of copyright owner]
+   Copyright {yyyy} {name of copyright owner}
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.

README.md

@@ -1,65 +1,190 @@
-GitBucket [![Gitter chat](https://badges.gitter.im/gitbucket/gitbucket.png)](https://gitter.im/gitbucket/gitbucket) [![Build Status](https://travis-ci.org/gitbucket/gitbucket.svg?branch=master)](https://travis-ci.org/gitbucket/gitbucket)
+0;95;0cGitBucket [![Gitter chat](https://badges.gitter.im/gitbucket/gitbucket.png)](https://gitter.im/gitbucket/gitbucket) [![Build Status](https://travis-ci.org/gitbucket/gitbucket.svg?branch=master)](https://travis-ci.org/gitbucket/gitbucket)
 =========
 
-GitBucket is a GitHub clone powered by Scala which has easy installation and high extensibility.
+GitBucket is a Git web platform powered by Scala offering:
+
+- Easy installation
+- Intuitive UI
+- High extensibility by plugins
+- API compatibility with GitHub
+
+You can try an [online demo](https://gitbucket.herokuapp.com/) *(ID: root / Pass: root)* of GitBucket, and also get the latest information at [GitBucket News](https://gitbucket.github.io/gitbucket-news/).
 
 Features
 --------
-The current version of GitBucket provides a basic features below:
+The current version of GitBucket provides many features such as:
 
-- Public / Private Git repository (http and ssh access)
-- Repository viewer and online file editing
-- Wiki
-- Issues / Pull request
-- Email notification
-- Simple user and group management with LDAP integration
-- Plug-in system
+- Public / Private Git repositories (with http/https and ssh access)
+- GitLFS support
+- Repository viewer including an online file editor
+- Issues, Pull Requests and Wiki for repositories
+- Activity timeline and email notifications
+- Account and group management with LDAP integration
+- a Plug-in system
 
-If you want to try the development version of GitBucket, see [Developer's Guide](https://github.com/gitbucket/gitbucket/blob/master/doc/how_to_run.md).
+If you want to try the development version of GitBucket, see the [Developer's Guide](https://github.com/gitbucket/gitbucket/blob/master/doc/how_to_run.md).
 
 Installation
 --------
-GitBucket requires **Java8**. You have to install beforehand when it's not installed.
+GitBucket requires **Java8**. You have to install it, if it is not already installed.
 
-1. Download latest **gitbucket.war** from [the release page](https://github.com/gitbucket/gitbucket/releases).
-2. Deploy it to the Servlet 3.0 container such as Tomcat 7.x, Jetty 8.x, GlassFish 3.x or higher.
-3. Access **http://[hostname]:[port]/gitbucket/** using your web browser and logged-in with **root** / **root**.
+1. Download the latest **gitbucket.war** from [the releases page](https://github.com/gitbucket/gitbucket/releases) and run it by `java -jar gitbucket.war`.
+2. Go to `http://[hostname]:8080/` and log in with ID: **root** / Pass: **root**.
 
-or you can start GitBucket by `java -jar gitbucket.war` without servlet container. In this case, GitBucket URL is **http://[hostname]:8080/**. You can specify following options.
+You can specify following options:
 
-- --port=[NUMBER]
-- --prefix=[CONTEXTPATH]
-- --host=[HOSTNAME]
-- --gitbucket.home=[DATA_DIR]
+- `--port=[NUMBER]`
+- `--prefix=[CONTEXTPATH]`
+- `--host=[HOSTNAME]`
+- `--gitbucket.home=[DATA_DIR]`
+- `--temp_dir=[TEMP_DIR]`
 
-To upgrade GitBucket, only replace gitbucket.war after stop GitBucket. All GitBucket data is stored in HOME/.gitbucket. So if you want to back up GitBucket data, copy this directory to the other disk.
+`TEMP_DIR` is used as the [temporary directory for the jetty application context](https://www.eclipse.org/jetty/documentation/9.3.x/ref-temporary-directories.html). This is the directory into which the `gitbucket.war` file is unpacked, the source files are compiled, etc. If given this parameter **must** match the path of an existing directory or the application will quit reporting an error; if not given the path used will be a `tmp` directory inside the gitbucket home.
 
-About installation on Mac or Windows Server (with IIS), configuration of Apache or Nginx and also integration with other tools or services such as Jenkins or Slack, see [Wiki](https://github.com/gitbucket/gitbucket/wiki).
+You can also deploy `gitbucket.war` to a servlet container which supports Servlet 3.0 (like Jetty, Tomcat, JBoss, etc)
 
-Plug-ins
+For more information about installation on Mac or Windows Server (with IIS), or configuration of Apache or Nginx and also integration with other tools or services such as Jenkins or Slack, see [Wiki](https://github.com/gitbucket/gitbucket/wiki).
+
+To upgrade GitBucket, replace `gitbucket.war` with the new version, after stopping GitBucket. All GitBucket data is stored in `HOME/.gitbucket` by default. So if you want to back up GitBucket's data, copy this directory to the backup location.
+
+Plugins
 --------
-GitBucket has the plug-in system to extend GitBucket from outside of GitBucket. Some plug-ins are available now:
+GitBucket has a plug-in system that allows extra functionality. Officially the following plug-ins are provided:
 
 - [gitbucket-gist-plugin](https://github.com/gitbucket/gitbucket-gist-plugin)
-- [gitbucket-announce-plugin](https://github.com/gitbucket-plugins/gitbucket-announce-plugin)
-- [gitbucket-h2-backup-plugin](https://github.com/gitbucket-plugins/gitbucket-h2-backup-plugin)
-- [gitbucket-desktopnotify-plugin](https://github.com/yoshiyoshifujii/gitbucket-desktopnotify-plugin)
-- [gitbucket-commitgraphs-plugin](https://github.com/yoshiyoshifujii/gitbucket-commitgraphs-plugin)
-- [gitbucket-asciidoctor-plugin](https://github.com/lefou/gitbucket-asciidoctor-plugin)
+- [gitbucket-emoji-plugin](https://github.com/gitbucket/gitbucket-emoji-plugin)
+- [gitbucket-pages-plugin](https://github.com/gitbucket/gitbucket-pages-plugin)
 
-You can find community plugins other than them at [gitbucket community plugins](http://gitbucket-plugins.github.io/).
+You can find more plugins made by the community at [GitBucket community plugins](http://gitbucket-plugins.github.io/).
 
 Support
 --------
 
-- If you have any question about GitBucket, send it to [gitter room](https://gitter.im/gitbucket/gitbucket) before raise an issue.
-- Make sure check whether there is a same question or request in the past.
-- When raise a new issue, write subject in **English** at least.
-- We can also support in Japaneses other than English at [gitter room for Japanese](https://gitter.im/gitbucket/gitbucket_ja).
-- First priority of GitBucket is easy installation and reproduce GitHub behavior, so we might reject if your request is against it.
+- If you have any questions about GitBucket, see [Wiki](https://github.com/gitbucket/gitbucket/wiki) and check issues whether there is a same question or request in the past.
+- If you can't find same question and report, send it to [gitter room](https://gitter.im/gitbucket/gitbucket) before raising an issue.
+- We can also provide support in Japanese other than English at [gitter room for Japanese](https://gitter.im/gitbucket/gitbucket_ja).
+- Write an issue in English. At least, write subject in English.
+- The highest priority of GitBucket is the ease of installation and API compatibility with GitHub, so your feature request might be rejected if they go against those principles.
 
 Release Notes
---------
+-------------
+### 4.12 - 30 Apr 2017
+- Gist plug-in provides JavaScript to embed snippet
+- Dropdown menu filter in the branch comparing page
+- Caution for the embedded H2 database
+
+### 4.11 - 1 Apr 2017
+- Deploy keys support
+- Auto generate avatar images
+- Collaborators of the private forked repository are copied from the original repository
+- Cache avatar images in the browser
+- New extension point to receive events about repository
+
+### 4.10 - 25 Feb 2017
+- Update to Scala 2.12, Scalatra 2.5 and Slick 3.2
+- Display file size in the file viewer
+
+### 4.9 - 29 Jan 2017
+- GitLFS support
+- Template for issues and pull requests
+- Manual label color editing
+- Account description
+- `--tmp-dir` option for standalone mode
+- More APIs for issues
+  - [List issues for a repository](https://developer.github.com/v3/issues/#list-issues-for-a-repository)
+  - [Create an issue](https://developer.github.com/v3/issues/#create-an-issue)
+
+### 4.8 - 23 Dec 2016
+- Search for repository names from the global header
+- Filter repositories on the sidebar of the dashboard
+- Search issues and wiki
+- Keep pull request comments after new commits are pushed
+- New web API to get a single issue
+- Performance improvement for the repository viewer
+
+### 4.7.1 - 28 Nov 2016
+- Bug fix: group repositories are not shown in the your repositories list on the sidebar
+- Small performance improvement of the dashboard
+
+### 4.7 - 26 Nov 2016
+- New permission system
+- Dropdown filter for issue labels, milestones and assignees
+- Keep sidebar folding status
+- Link from milestone label to the issue list
+
+### 4.6 - 29 Oct 2016
+- Add disable option for forking
+- Add History button to wiki page
+- Git repository URL redirection for GitHub compatibility
+- Get-Content API improvement
+- Indicate who is group master in Members tab in group view
+
+### 4.5 - 29 Sep 2016
+- Attach files by dropping into textarea
+- Issues / Pull requests switcher in dashboard
+- HikariCP could be configured in `GITBUCKET_HOME/database.conf`
+- Improve Cookie security
+- Display commit count on the history button
+- Improve mobile view
+
+### 4.4 - 28 Aug 2016
+- Import a SQL dump file to the database
+- `go get` support in private repositories
+- Sort milestones by due date
+- apache-sshd has been updated to 1.2.0
+
+### 4.3 - 30 Jul 2016
+- Emoji support by [gitbucket-emoji-plugin](https://github.com/gitbucket/gitbucket-emoji-plugin)
+- User name suggestion
+- Add new web APIs and basic authentication support for API access
+- Root Endpoint
+  - [List endpoints](https://developer.github.com/v3/#root-endpoint)
+  - [List Branches](https://developer.github.com/v3/repos/branches/#list-branches)
+  - [Get contents](https://developer.github.com/v3/repos/contents/#get-contents)
+  - [Get a Reference](https://developer.github.com/v3/git/refs/#get-a-reference)
+  - [List Collaborators](https://developer.github.com/v3/repos/collaborators/#list-collaborators)
+  - [List user repositories](https://developer.github.com/v3/repos/#list-user-repositories)
+  - [Get a group](https://developer.github.com/v3/orgs/#get-an-organization)
+  - [List group repositories](https://developer.github.com/v3/repos/#list-organization-repositories)
+- Add new extension points
+  - `assetsMapping` : Supplies resources in plugin classpath as web assets
+  - `suggestionProvider` : Provides suggestion in the Markdown editing textarea
+  - `textDecorator` : Decorate text nodes in HTML which is converted from Markdown
+
+### 4.2.1 - 3 Jul 2016
+- Fix migration bug
+
+This is hotfix for a critical bug in migration. If you are new installation, use 4.2.0. But if you have an exisiting installation and it had been updated to 4.0 from 3.x, you must update to 4.2.1.
+
+### 4.2 - 2 Jul 2016
+- New UI based on [AdminLTE](https://github.com/almasaeed2010/AdminLTE)
+- git gc
+- Issues and Wiki have been possible to be disabled
+- SMTP configuration test mail
+
+### 4.1 - 4 Jun 2016
+- Generic ssh user
+- Improve branch protection UI
+- Default value of pull request title
+
+### 4.0 - 30 Apr 2016
+- MySQL and PostgreSQL support
+- Data export and import
+- Migration system has been switched to [solidbase](https://github.com/gitbucket/solidbase)
+
+**Note:** You can upgrade to GitBucket 4.0 from 3.14. If your GitBucket is 3.13 or before, you have to upgrade 3.14 at first.
+
+### 3.14 - 30 Apr 2016
+- File attachment and search for wiki pages
+- New extension points to add menus
+- Content-Type of webhooks has been choosable
+
+### 3.13 - 1 Apr 2016
+- Refresh user interface for wide screen
+- Add `pull_request` key in list issues API for pull requests
+- Add `X-Hub-Signature` security to webhooks
+- Provide SHA-256 checksum for `gitbucket.war`
+
 ### 3.12 - 27 Feb 2016
 - New GitHub UI
 - Improve mobile view

build.sbt

@@ -1,8 +1,8 @@
-val Organization = "gitbucket"
+val Organization = "io.github.gitbucket"
 val Name = "gitbucket"
-val GitBucketVersion = "3.12.0"
-val ScalatraVersion = "2.4.0"
-val JettyVersion = "9.3.6.v20151106"
+val GitBucketVersion = "4.12.0"
+val ScalatraVersion = "2.5.0"
+val JettyVersion = "9.3.9.v20160517"
 
 lazy val root = (project in file(".")).enablePlugins(SbtTwirl, JettyPlugin)
 
@@ -10,54 +10,67 @@ sourcesInBase := false
 organization := Organization
 name := Name
 version := GitBucketVersion
-scalaVersion := "2.11.7"
+scalaVersion := "2.12.2"
 
 // dependency settings
 resolvers ++= Seq(
   Classpaths.typesafeReleases,
-  "amateras-repo" at "http://amateras.sourceforge.jp/mvn/",
-  "amateras-snapshot-repo" at "http://amateras.sourceforge.jp/mvn-snapshot/"
+  Resolver.jcenterRepo,
+  "amateras" at "http://amateras.sourceforge.jp/mvn/",
+  "sonatype-snapshot" at "https://oss.sonatype.org/content/repositories/snapshots/",
+  "amateras-snapshot" at "http://amateras.sourceforge.jp/mvn-snapshot/"
 )
 libraryDependencies ++= Seq(
-  "org.eclipse.jgit"          % "org.eclipse.jgit.http.server" % "4.1.1.201511131810-r",
-  "org.eclipse.jgit"          % "org.eclipse.jgit.archive"     % "4.1.1.201511131810-r",
-  "org.scalatra"             %% "scalatra"                     % ScalatraVersion,
-  "org.scalatra"             %% "scalatra-json"                % ScalatraVersion,
-  "org.json4s"               %% "json4s-jackson"               % "3.3.0",
-  "io.github.gitbucket"      %% "scalatra-forms"               % "1.0.0",
-  "commons-io"                % "commons-io"                   % "2.4",
-  "io.github.gitbucket"       % "markedj"                      % "1.0.6",
-  "org.apache.commons"        % "commons-compress"             % "1.10",
-  "org.apache.commons"        % "commons-email"                % "1.4",
-  "org.apache.httpcomponents" % "httpclient"                   % "4.5.1",
-  "org.apache.sshd"           % "apache-sshd"                  % "1.0.0",
-  "org.apache.tika"           % "tika-core"                    % "1.11",
-  "com.typesafe.slick"       %% "slick"                        % "2.1.0",
-  "com.novell.ldap"           % "jldap"                        % "2009-10-07",
-  "com.h2database"            % "h2"                           % "1.4.190",
-  "ch.qos.logback"            % "logback-classic"              % "1.1.1",
-  "com.mchange"               % "c3p0"                         % "0.9.5.2",
-  "com.typesafe"              % "config"                       % "1.3.0",
-  "com.typesafe.akka"        %% "akka-actor"                   % "2.3.14",
-  "com.enragedginger"        %% "akka-quartz-scheduler"        % "1.4.0-akka-2.3.x" exclude("c3p0","c3p0"),
-  "org.eclipse.jetty"         % "jetty-webapp"                 % JettyVersion     % "provided",
-  "javax.servlet"             % "javax.servlet-api"            % "3.1.0"          % "provided",
-  "junit"                     % "junit"                        % "4.12"           % "test",
-  "org.scalatra"             %% "scalatra-scalatest"           % ScalatraVersion  % "test",
-  "org.scalaz"               %% "scalaz-core"                  % "7.2.0"          % "test"
+  "org.eclipse.jgit"                %  "org.eclipse.jgit.http.server" % "4.7.0.201704051617-r",
+  "org.eclipse.jgit"                %  "org.eclipse.jgit.archive"     % "4.7.0.201704051617-r",
+  "org.scalatra"                    %% "scalatra"                     % ScalatraVersion,
+  "org.scalatra"                    %% "scalatra-json"                % ScalatraVersion,
+  "org.json4s"                      %% "json4s-jackson"               % "3.5.0",
+  "io.github.gitbucket"             %% "scalatra-forms"               % "1.1.0",
+  "commons-io"                      %  "commons-io"                   % "2.4",
+  "io.github.gitbucket"             %  "solidbase"                    % "1.0.0",
+  "io.github.gitbucket"             %  "markedj"                      % "1.0.10",
+  "org.apache.commons"              %  "commons-compress"             % "1.11",
+  "org.apache.commons"              %  "commons-email"                % "1.4",
+  "org.apache.httpcomponents"       %  "httpclient"                   % "4.5.1",
+  "org.apache.sshd"                 %  "apache-sshd"                  % "1.2.0",
+  "org.apache.tika"                 %  "tika-core"                    % "1.13",
+  "com.github.takezoe"              %% "blocking-slick-32"            % "0.0.8",
+  "joda-time"                       %  "joda-time"                    % "2.9.6",
+  "com.novell.ldap"                 %  "jldap"                        % "2009-10-07",
+  "com.h2database"                  %  "h2"                           % "1.4.192",
+  "mysql"                           %  "mysql-connector-java"         % "5.1.39",
+  "org.postgresql"                  %  "postgresql"                   % "9.4.1208",
+  "ch.qos.logback"                  %  "logback-classic"              % "1.1.7",
+  "com.zaxxer"                      %  "HikariCP"                     % "2.4.6",
+  "com.typesafe"                    %  "config"                       % "1.3.0",
+  "com.typesafe.akka"               %% "akka-actor"                   % "2.4.12",
+  "fr.brouillard.oss.security.xhub" %  "xhub4j-core"                  % "1.0.0",
+  "com.github.bkromhout"            %  "java-diff-utils"              % "2.1.1",
+  "org.cache2k"                     %  "cache2k-all"                  % "1.0.0.CR1",
+  "com.enragedginger"               %% "akka-quartz-scheduler"        % "1.6.0-akka-2.4.x" exclude("c3p0","c3p0"),
+  "net.coobird"                     %  "thumbnailator"                % "0.4.8",
+  "org.eclipse.jetty"               %  "jetty-webapp"                 % JettyVersion     % "provided",
+  "javax.servlet"                   %  "javax.servlet-api"            % "3.1.0"          % "provided",
+  "junit"                           %  "junit"                        % "4.12"           % "test",
+  "org.scalatra"                    %% "scalatra-scalatest"           % ScalatraVersion  % "test",
+  "org.mockito"                     %  "mockito-core"                 % "2.7.16"         % "test",
+  "com.wix"                         %  "wix-embedded-mysql"           % "2.1.4"          % "test",
+  "ru.yandex.qatools.embed"         %  "postgresql-embedded"          % "1.14"           % "test"
 )
 
-// Twirl settings
-play.twirl.sbt.Import.TwirlKeys.templateImports += "gitbucket.core._"
-
 // Compiler settings
 scalacOptions := Seq("-deprecation", "-language:postfixOps")
 javacOptions in compile ++= Seq("-target", "8", "-source", "8")
 javaOptions in Jetty += "-Dlogback.configurationFile=/logback-dev.xml"
-testOptions in Test += Tests.Argument(TestFrameworks.Specs2, "junitxml", "console")
+
+// Test settings
+//testOptions in Test += Tests.Argument("-l", "ExternalDBTest")
 javaOptions in Test += "-Dgitbucket.home=target/gitbucket_home_for_test"
 testOptions in Test += Tests.Setup( () => new java.io.File("target/gitbucket_home_for_test").mkdir() )
 fork in Test := true
+
+// Packaging options
 packageOptions += Package.MainClass("JettyLauncher")
 
 // Assembly settings
@@ -72,46 +85,46 @@ assemblyMergeStrategy in assembly := {
 }
 
 // JRebel
+Seq(jrebelSettings: _*)
+
 jrebel.webLinks += (target in webappPrepare).value
 jrebel.enabled := System.getenv().get("JREBEL") != null
 javaOptions in Jetty ++= Option(System.getenv().get("JREBEL")).toSeq.flatMap { path =>
   Seq("-noverify", "-XX:+UseConcMarkSweepGC", "-XX:+CMSClassUnloadingEnabled", s"-javaagent:${path}")
 }
-jrebelSettings
 
 // Create executable war file
 val executableConfig = config("executable").hide
 Keys.ivyConfigurations += executableConfig
-libraryDependencies	++= Seq(
-  "org.eclipse.jetty"	%	"jetty-security"     % JettyVersion % "executable",
-  "org.eclipse.jetty"	%	"jetty-webapp"       % JettyVersion % "executable",
-  "org.eclipse.jetty"	%	"jetty-continuation" % JettyVersion % "executable",
-  "org.eclipse.jetty"	%	"jetty-server"       % JettyVersion % "executable",
-  "org.eclipse.jetty"	%	"jetty-xml"          % JettyVersion % "executable",
-  "org.eclipse.jetty"	%	"jetty-http"         % JettyVersion % "executable",
-  "org.eclipse.jetty"	%	"jetty-servlet"      % JettyVersion % "executable",
-  "org.eclipse.jetty"	%	"jetty-io"           % JettyVersion % "executable",
-  "org.eclipse.jetty"	%	"jetty-util"         % JettyVersion % "executable"
+libraryDependencies ++= Seq(
+  "org.eclipse.jetty" % "jetty-security"     % JettyVersion % "executable",
+  "org.eclipse.jetty" % "jetty-webapp"       % JettyVersion % "executable",
+  "org.eclipse.jetty" % "jetty-continuation" % JettyVersion % "executable",
+  "org.eclipse.jetty" % "jetty-server"       % JettyVersion % "executable",
+  "org.eclipse.jetty" % "jetty-xml"          % JettyVersion % "executable",
+  "org.eclipse.jetty" % "jetty-http"         % JettyVersion % "executable",
+  "org.eclipse.jetty" % "jetty-servlet"      % JettyVersion % "executable",
+  "org.eclipse.jetty" % "jetty-io"           % JettyVersion % "executable",
+  "org.eclipse.jetty" % "jetty-util"         % JettyVersion % "executable"
 )
 
-val executableKey	= TaskKey[File]("executable")
-executableKey	:= {
-  import org.apache.ivy.util.ChecksumHelper
+val executableKey = TaskKey[File]("executable")
+executableKey := {
   import java.util.jar.{ Manifest => JarManifest }
   import java.util.jar.Attributes.{ Name => AttrName }
 
-  val workDir	= Keys.target.value / "executable"
-  val warName	= Keys.name.value + ".war"
+  val workDir   = Keys.target.value / "executable"
+  val warName   = Keys.name.value + ".war"
 
-  val log		= streams.value.log
+  val log       = streams.value.log
   log info s"building executable webapp in ${workDir}"
 
   // initialize temp directory
-  val temp	= workDir / "webapp"
+  val temp  = workDir / "webapp"
   IO delete temp
 
   // include jetty classes
-  val jettyJars	= Keys.update.value select configurationFilter(name = executableConfig.name)
+  val jettyJars = Keys.update.value select configurationFilter(name = executableConfig.name)
   jettyJars foreach { jar =>
     IO unzip (jar, temp, (name:String) =>
       (name startsWith "javax/") ||
@@ -120,40 +133,89 @@ executableKey	:= {
   }
 
   // include original war file
-  val warFile	= (Keys.`package`).value
+  val warFile   = (Keys.`package`).value
   IO unzip (warFile, temp)
 
   // include launcher classes
-  val classDir		= (Keys.classDirectory in Compile).value
-  val launchClasses	= Seq("JettyLauncher.class" /*, "HttpsSupportConnector.class" */)
+  val classDir      = (Keys.classDirectory in Compile).value
+  val launchClasses = Seq("JettyLauncher.class" /*, "HttpsSupportConnector.class" */)
   launchClasses foreach { name =>
     IO copyFile (classDir / name, temp / name)
   }
 
   // zip it up
   IO delete (temp / "META-INF" / "MANIFEST.MF")
-  val contentMappings	= (temp.*** --- PathFinder(temp)).get pair relativeTo(temp)
-  val manifest		= new JarManifest
-  manifest.getMainAttributes put (AttrName.MANIFEST_VERSION,	"1.0")
-  manifest.getMainAttributes put (AttrName.MAIN_CLASS,		"JettyLauncher")
-  val outputFile		= workDir / warName
+  val contentMappings   = (temp.*** --- PathFinder(temp)).get pair relativeTo(temp)
+  val manifest          = new JarManifest
+  manifest.getMainAttributes put (AttrName.MANIFEST_VERSION,    "1.0")
+  manifest.getMainAttributes put (AttrName.MAIN_CLASS,          "JettyLauncher")
+  val outputFile    = workDir / warName
   IO jar (contentMappings, outputFile, manifest)
 
   // generate checksums
-  Seq("md5", "sha1") foreach { algorithm =>
-    IO.write(
-      workDir / (warName + "." + algorithm),
-      ChecksumHelper computeAsString (outputFile, algorithm)
-    )
+  Seq(
+    "md5"    -> "MD5",
+    "sha1"   -> "SHA-1",
+    "sha256" -> "SHA-256"
+  )
+  .foreach { case (extension, algorithm) =>
+    val checksumFile = workDir / (warName + "." + extension)
+    Checksums generate (outputFile, checksumFile, algorithm)
   }
 
   // done
   log info s"built executable webapp ${outputFile}"
   outputFile
 }
-/*
-Keys.artifact in (Compile, executableKey) ~= {
-	_ copy (`type` = "war", extension = "war"))
+publishTo := {
+  val nexus = "https://oss.sonatype.org/"
+  if (version.value.trim.endsWith("SNAPSHOT")) Some("snapshots" at nexus + "content/repositories/snapshots")
+  else                             Some("releases"  at nexus + "service/local/staging/deploy/maven2")
 }
-addArtifact(Keys.artifact in (Compile, executableKey), executableKey)
-*/
+publishMavenStyle := true
+pomIncludeRepository := { _ => false }
+pomExtra := (
+  <url>https://github.com/gitbucket/gitbucket</url>
+  <licenses>
+    <license>
+      <name>The Apache Software License, Version 2.0</name>
+      <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+    </license>
+  </licenses>
+  <scm>
+    <url>https://github.com/gitbucket/gitbucket</url>
+    <connection>scm:git:https://github.com/gitbucket/gitbucket.git</connection>
+  </scm>
+  <developers>
+    <developer>
+      <id>takezoe</id>
+      <name>Naoki Takezoe</name>
+      <url>https://github.com/takezoe</url>
+    </developer>
+    <developer>
+      <id>shimamoto</id>
+      <name>Takako Shimamoto</name>
+      <url>https://github.com/shimamoto</url>
+    </developer>
+    <developer>
+      <id>tanacasino</id>
+      <name>Tomofumi Tanaka</name>
+      <url>https://github.com/tanacasino</url>
+    </developer>
+    <developer>
+      <id>mrkm4ntr</id>
+      <name>Shintaro Murakami</name>
+      <url>https://github.com/mrkm4ntr</url>
+    </developer>
+    <developer>
+      <id>nazoking</id>
+      <name>nazoking</name>
+      <url>https://github.com/nazoking</url>
+    </developer>
+    <developer>
+      <id>McFoggy</id>
+      <name>Matthieu Brouillard</name>
+      <url>https://github.com/McFoggy</url>
+    </developer>
+  </developers>
+)

command.bat

@@ -1,2 +0,0 @@
-%~d0
-cmd /k cd %~p0

contrib/linux/redhat/README.md

@@ -3,6 +3,7 @@
 RPM spec file and init script for Red Hat Enterprise Linux 6.x. 
 
 To create RPM:
+
 1. Edit `../../gitbucket.conf` to suit.
 2. Edit `gitbucket.init` to suit.
 3. Edit `gitbucket.spec` to suit.

doc/auto_update.md

@@ -1,37 +1,54 @@
 Automatic Schema Updating
 ========
-GitBucket uses H2 database to manage project and account data. GitBucket updates database schema automatically in the first run after the upgrading.
+GitBucket updates database schema automatically using [Solidbase](https://github.com/gitbucket/solidbase) in the first run after the upgrading.
 
-To release a new version of GitBucket, add the version definition to the [gitbucket.core.servlet.AutoUpdate](https://github.com/gitbucket/gitbucket/blob/master/src/main/scala/gitbucket/core/servlet/AutoUpdate.scala) at first.
+To release a new version of GitBucket, add the version definition to the [gitbucket.core.GitBucketCoreModule](https://github.com/gitbucket/gitbucket/blob/master/src/main/scala/gitbucket/core/GitBucketCoreModule.scala) at first.
 
 ```scala
-object AutoUpdate {
-  ...
-  /**
-   * The history of versions. A head of this sequence is the current GitBucket version.
-   */
-  val versions = Seq(
-      Version(1, 0)
+object GitBucketCoreModule extends Module("gitbucket-core",
+  new Version("4.0.0",
+    new LiquibaseMigration("update/gitbucket-core_4.0.xml"),
+    new SqlMigration("update/gitbucket-core_4.0.sql")
+  ),
+  new Version("4.1.0"),
+  new Version("4.2.0",
+    new LiquibaseMigration("update/gitbucket-core_4.2.xml")
   )
-  ...
-```
-
-Next, add a SQL file which updates database schema into [/src/main/resources/update/](https://github.com/gitbucket/gitbucket/tree/master/src/main/resources/update) as ```MAJOR_MINOR.sql```.
-
-GitBucket stores the current version to ```GITBUCKET_HOME/version``` and checks it at start-up. If the stored version differs from the actual version, it executes differences of SQL files between the stored version and the actual version. And ```GITBUCKET_HOME/version``` is updated by the actual version.
-
-We can also add any Scala code for upgrade GitBucket which modifies resources other than database. Override ```Version.update``` like below:
-
-```scala
-val versions = Seq(
-  new Version(1, 3){
-    override def update(conn: Connection): Unit = {
-      super.update(conn)
-      // Add any code here!
-    }
-  },
-  Version(1, 2),
-  Version(1, 1),
-  Version(1, 0)
 )
 ```
+
+Next, add a XML file which updates database schema into [/src/main/resources/update/](https://github.com/gitbucket/gitbucket/tree/master/src/main/resources/update) with a filenane defined in `GitBucketCoreModule`.
+
+```xml
+<?xml version="1.0" encoding="UTF-8"?>
+<changeSet>
+    <addColumn tableName="REPOSITORY">
+        <column name="ENABLE_WIKI" type="boolean" nullable="false" defaultValueBoolean="true"/>
+        <column name="ENABLE_ISSUES" type="boolean" nullable="false" defaultValueBoolean="true"/>
+        <column name="EXTERNAL_WIKI_URL" type="varchar(200)" nullable="true"/>
+        <column name="EXTERNAL_ISSUES_URL" type="varchar(200)" nullable="true"/>
+    </addColumn>
+</changeSet>
+```
+
+Solidbase stores the current version to `VERSIONS` table and checks it at start-up. If the stored version differs from the actual version, it executes differences between the stored version and the actual version.
+
+We can add the SQL file instead of the XML file using `SqlMigration`. It try to load a SQL file from classpath as following order:
+
+1. Specified path (if specified)
+2. `${moduleId}_${version}_${database}.sql`
+3. `${moduleId}_${version}.sql`
+
+Also we can add any code by extending `Migration`:
+
+```scala
+object GitBucketCoreModule extends Module("gitbucket-core",
+  new Version("4.0.0", new Migration(){
+    override def migrate(moduleId: String, version: String, context: java.util.Map[String, String]): Unit = {
+      ...
+    }
+  })
+)
+```
+
+See more details [README of Solidbase](https://github.com/gitbucket/solidbase).

doc/how_to_run.md

@@ -4,15 +4,15 @@ How to run from the source tree
 Run for Development
 --------
 
-If you want to test GitBucket, input following command at the root directory of the source tree.
+If you want to test GitBucket, type the following command in the root directory of the source tree.
 
 ```
 $ sbt ~jetty:start
 ```
 
-Then access to `http://localhost:8080/` by your browser. The default administrator account is `root` and password is `root`.
+Then access `http://localhost:8080/` in your browser. The default administrator account is `root` and password is `root`.
 
-Source code modification is detected and reloaded automatically. You can modify logging configuration by editing `src/main/resources/logback-dev.xml`.
+Source code modifications are detected and a reloaded happens automatically. You can modify the logging configuration by editing `src/main/resources/logback-dev.xml`.
 
 Build war file
 --------
@@ -23,12 +23,20 @@ To build war file, run the following command:
 $ sbt package
 ```
 
-`gitbucket_2.11-x.x.x.war` is generated into `target/scala-2.11`.
+`gitbucket_2.12-x.x.x.war` is generated into `target/scala-2.12`.
 
-To build executable war file, run
+To build an executable war file, run
 
 ```
 $ sbt executable
 ```
 
 at the top of the source tree. It generates executable `gitbucket.war` into `target/executable`. We release this war file as release artifact.
+
+Run tests spec
+---------
+To run the full series of tests, run the following command:
+
+```
+$ sbt test
+```

doc/notification.md

@@ -1,7 +1,7 @@
 Notification Email
 ========
 
-GitBucket sends email to target users by enabling the notification email by an administrator.
+GitBucket can send email notification to users if this feature is enabled by an administrator.
 
 The timing of the notification are as follows:
 
@@ -20,4 +20,4 @@ Notified users are as follows:
 * collaborators
 * participants
 
-However, the operation in person is excluded from the target.
+However, the person performing the operation is excluded from the notification.

doc/release.md

@@ -6,28 +6,29 @@ Update version number
 
 Note to update version number in files below:
 
-### project/build.scala
+### build.sbt
 
 ```scala
-object MyBuild extends Build {
-  val Organization = "gitbucket"
-  val Name = "gitbucket"
-  val Version = "3.3.0" // <---- update version!!
-  val ScalaVersion = "2.11.6"
-  val ScalatraVersion = "2.3.1"
+val Organization = "gitbucket"
+val Name = "gitbucket"
+val GitBucketVersion = "4.0.0" // <---- update version!!
+val ScalatraVersion = "2.4.0"
+val JettyVersion = "9.3.6.v20151106"
 ```
 
-### src/main/scala/gitbucket/core/servlet/AutoUpdate.scala
+### src/main/scala/gitbucket/core/GitBucketCoreModule.scala
 
 ```scala
-object AutoUpdate {
-
-  /**
-   * The history of versions. A head of this sequence is the current GitBucket version.
-   */
-  val versions = Seq(
-    new Version(3, 3), // <---- add this line!!
-    new Version(3, 2),
+object GitBucketCoreModule extends Module("gitbucket-core",
+  new Version("4.0.0",
+    new LiquibaseMigration("update/gitbucket-core_4.0.xml"),
+    new SqlMigration("update/gitbucket-core_4.0.sql")
+  ),
+  // add new version definition
+  new Version("4.1.0",
+    new LiquibaseMigration("update/gitbucket-core_4.1.xml")
+  )
+)
 ```
 
 Generate release files
@@ -40,14 +41,15 @@ Note: Release operation requires [Ant](http://ant.apache.org/) and [Maven](https
 Run `sbt executable`. The release war file and fingerprint are generated into `target/executable/gitbucket.war`.
 
 ```bash
-$sbt executable
+$ sbt executable
 ```
 
 ### Deploy assembly jar file
 
-For plug-in development, we have to publish the assembly jar file to the public Maven repository by `release/deploy-assembly-jar.sh`.
+For plug-in development, we have to publish the GitBucket jar file to the Maven central repository as well. At first, hit following command to publish artifacts to the sonatype OSS repository:
 
 ```bash
-$ cd release/
-$ ./deploy-assembly-jar.sh
+$ sbt publish-signed
 ```
+
+Then operate release sequence at https://oss.sonatype.org/.

project/Checksums.scala

@@ -0,0 +1,34 @@
+import java.security.MessageDigest;
+import scala.annotation._
+import sbt._
+import sbt.Using._
+
+object Checksums {
+  private val bufferSize = 2048
+
+  def generate(source:File, target:File, algorithm:String):Unit =
+      IO write (target, compute(source, algorithm))
+
+  def compute(file:File, algorithm:String):String =
+      hex(raw(file, algorithm))
+
+  def raw(file:File, algorithm:String):Array[Byte]    =
+      (Using fileInputStream file) { is =>
+        val md  = MessageDigest getInstance algorithm
+        val buf = new Array[Byte](bufferSize)
+        md.reset()
+        @tailrec
+        def loop() {
+          val len = is read buf
+          if (len != -1) {
+            md update (buf, 0, len)
+            loop()
+          }
+        }
+        loop()
+        md.digest()
+      }
+
+  def hex(bytes:Array[Byte]):String =
+      bytes map { it => "%02x" format (it.toInt & 0xff) } mkString ""
+}

project/build.properties

@@ -1 +1 @@
-sbt.version=0.13.9
+sbt.version=0.13.13

project/plugins.sbt

@@ -1,6 +1,8 @@
 scalacOptions ++= Seq("-unchecked", "-deprecation", "-feature")
 
-addSbtPlugin("com.typesafe.sbt" % "sbt-twirl"       % "1.0.4")
-addSbtPlugin("com.eed3si9n"     % "sbt-assembly"    % "0.12.0")
-addSbtPlugin("com.earldouglas"  % "xsbt-web-plugin" % "2.1.0")
+addSbtPlugin("com.typesafe.sbt"     % "sbt-twirl"         % "1.3.0")
+addSbtPlugin("com.eed3si9n"         % "sbt-assembly"      % "0.14.3")
+addSbtPlugin("com.earldouglas"      % "xsbt-web-plugin"   % "2.1.1")
 addSbtPlugin("fi.gekkio.sbtplugins" % "sbt-jrebel-plugin" % "0.10.0")
+addSbtPlugin("com.typesafe.sbt"     % "sbt-pgp"           % "0.8.3")
+addSbtPlugin("io.get-coursier"      % "sbt-coursier"      % "1.0.0-M15")

project/project/plugins.sbt

@@ -0,0 +1 @@
+addSbtPlugin("io.get-coursier" % "sbt-coursier" % "1.0.0-M15")

release/deploy-assembly-jar.sh

@@ -1,24 +0,0 @@
-#!/bin/sh
-. ./env.sh
-
-cd ../
-./sbt.sh clean assembly
-
-cd release
-
-if [[ "$GITBUCKET_VERSION" =~ -SNAPSHOT$ ]]; then
-  MVN_DEPLOY_PATH=mvn-snapshot
-else
-  MVN_DEPLOY_PATH=mvn
-fi
-
-echo $MVN_DEPLOY_PATH
-
-mvn deploy:deploy-file \
-  -DgroupId=gitbucket\
-  -DartifactId=gitbucket-assembly\
-  -Dversion=$GITBUCKET_VERSION\
-  -Dpackaging=jar\
-  -Dfile=../target/scala-2.11/gitbucket-assembly-$GITBUCKET_VERSION.jar\
-  -DrepositoryId=sourceforge.jp\
-  -Durl=scp://shell.sourceforge.jp/home/groups/a/am/amateras/htdocs/$MVN_DEPLOY_PATH/

release/env.sh

@@ -1,3 +0,0 @@
-#!/bin/sh
-export GITBUCKET_VERSION=`cat ../build.sbt | grep 'val GitBucketVersion' | cut -d \" -f 2`
-echo "GITBUCKET_VERSION: $GITBUCKET_VERSION"

release/pom.xml

@@ -1,17 +0,0 @@
-<?xml version="1.0"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-    <modelVersion>4.0.0</modelVersion>
-    <groupId>jp.sf.amateras</groupId>
-    <artifactId>gitbucket-assembly</artifactId>
-    <version>0.0.1</version>
-    <build>
-        <extensions>
-            <extension>
-                <groupId>org.apache.maven.wagon</groupId>
-                <artifactId>wagon-ssh</artifactId>
-                <version>1.0-beta-6</version>
-            </extension>
-        </extensions>
-    </build>
-</project>

sbt.bat

@@ -1,2 +1,2 @@
 set SCRIPT_DIR=%~dp0
-java %JAVA_OPTS% -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -XX:MaxPermSize=256m -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar "%SCRIPT_DIR%\sbt-launch-0.13.9.jar" %*
+java %JAVA_OPTS% -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar "%SCRIPT_DIR%\sbt-launch-0.13.12.jar" %*

sbt.sh

@@ -1,2 +1,2 @@
 #!/bin/sh
-java $JAVA_OPTS -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -XX:MaxPermSize=256m -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar `dirname $0`/sbt-launch-0.13.9.jar "$@"
+java $JAVA_OPTS -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar `dirname $0`/sbt-launch-0.13.12.jar "$@"

src/main/java/JettyLauncher.java

@@ -3,33 +3,55 @@ import org.eclipse.jetty.webapp.WebAppContext;
 
 import java.io.File;
 import java.net.URL;
+import java.net.InetSocketAddress;
 import java.security.ProtectionDomain;
 
 public class JettyLauncher {
     public static void main(String[] args) throws Exception {
+        System.setProperty("java.awt.headless", "true");
+
         String host = null;
         int port = 8080;
+        InetSocketAddress address = null;
         String contextPath = "/";
+        String tmpDirPath="";
         boolean forceHttps = false;
 
         for(String arg: args) {
             if(arg.startsWith("--") && arg.contains("=")) {
                 String[] dim = arg.split("=");
                 if(dim.length >= 2) {
-                    if(dim[0].equals("--host")) {
-                        host = dim[1];
-                    } else if(dim[0].equals("--port")) {
-                        port = Integer.parseInt(dim[1]);
-                    } else if(dim[0].equals("--prefix")) {
-                        contextPath = dim[1];
-                    } else if(dim[0].equals("--gitbucket.home")){
-                        System.setProperty("gitbucket.home", dim[1]);
+                    switch (dim[0]) {
+                        case "--host":
+                            host = dim[1];
+                            break;
+                        case "--port":
+                            port = Integer.parseInt(dim[1]);
+                            break;
+                        case "--prefix":
+                            contextPath = dim[1];
+                            if (!contextPath.startsWith("/")) {
+                                contextPath = "/" + contextPath;
+                            }
+                            break;
+                        case "--gitbucket.home":
+                            System.setProperty("gitbucket.home", dim[1]);
+                            break;
+                        case "--temp_dir":
+                            tmpDirPath = dim[1];
+                            break;
                     }
                 }
             }
         }
 
-        Server server = new Server(port);
+        if(host != null) {
+            address = new InetSocketAddress(host, port);
+        } else {
+            address = new InetSocketAddress(port);
+        }
+
+        Server server = new Server(address);
 
 //        SelectChannelConnector connector = new SelectChannelConnector();
 //        if(host != null) {
@@ -42,11 +64,22 @@ public class JettyLauncher {
 
         WebAppContext context = new WebAppContext();
 
-        File tmpDir = new File(getGitBucketHome(), "tmp");
-        if(tmpDir.exists()){
-            deleteDirectory(tmpDir);
+        File tmpDir;
+        if(tmpDirPath.equals("")){
+            tmpDir = new File(getGitBucketHome(), "tmp");
+            if(!tmpDir.exists()){
+                tmpDir.mkdirs();
+            }
+        } else {
+            tmpDir = new File(tmpDirPath);
+            if(!tmpDir.exists()){
+                throw new java.io.FileNotFoundException(
+                    String.format("temp_dir \"%s\" not found", tmpDirPath));
+            } else if(!tmpDir.isDirectory()) {
+                throw new IllegalArgumentException(
+                    String.format("temp_dir \"%s\" is not a directory", tmpDirPath));
+            }
         }
-        tmpDir.mkdirs();
         context.setTempDirectory(tmpDir);
 
         ProtectionDomain domain = JettyLauncher.class.getProtectionDomain();
@@ -61,6 +94,8 @@ public class JettyLauncher {
         }
 
         server.setHandler(context);
+        server.setStopAtShutdown(true);
+        server.setStopTimeout(7_000);
         server.start();
         server.join();
     }

src/main/java/org/postgresql/Driver2.java

@@ -0,0 +1,52 @@
+package org.postgresql;
+
+import java.lang.reflect.InvocationHandler;
+import java.lang.reflect.Method;
+import java.lang.reflect.Proxy;
+import java.sql.Connection;
+import java.sql.SQLException;
+import java.util.Properties;
+
+/**
+ * Wraps the PostgreSQL JDBC driver to convert the returning column names to lower case.
+ */
+public class Driver2 extends Driver {
+
+    @Override
+    public java.sql.Connection connect(String url, Properties info) throws SQLException {
+        Connection conn =  super.connect(url, info);
+
+        Object proxy = Proxy.newProxyInstance(
+                conn.getClass().getClassLoader(),
+                new Class[]{ Connection.class },
+                new ConnectionProxyHandler(conn)
+        );
+
+        return Connection.class.cast(proxy);
+    }
+
+
+    private static class ConnectionProxyHandler implements InvocationHandler {
+
+        private Connection conn;
+
+        public ConnectionProxyHandler(Connection conn){
+            this.conn = conn;
+        }
+
+        @Override
+        public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
+            if(method.getName().equals("prepareStatement")){
+                if(args != null && args.length == 2 && args[1].getClass().isArray()){
+                    String[] keys = (String[]) args[1];
+                    for(int i = 0; i < keys.length; i++){
+                        keys[i] = keys[i].toLowerCase();
+                    }
+                }
+            }
+            return method.invoke(conn, args);
+        }
+    }
+
+}
+

src/main/resources/database.conf

@@ -1,6 +0,0 @@
-db {
-  driver = "org.h2.Driver"
-  url = "jdbc:h2:${DatabaseHome};MVCC=true"
-  user = "sa"
-  password = "sa"
-}

src/main/resources/logback-dev.xml

@@ -20,7 +20,7 @@
   <!--
   <logger name="service.WebHookService" level="DEBUG" />
   <logger name="servlet" level="DEBUG" />
-  -->
   <logger name="scala.slick.jdbc.JdbcBackend.statement" level="DEBUG" />
+  -->
 
 </configuration>

src/main/resources/reference.conf

@@ -1,5 +0,0 @@
-c3p0 {
-  privilegeSpawnedThreads=true
-  contextClassLoaderSource=library
-}
-

src/main/resources/update/1_0.sql

@@ -1,135 +0,0 @@
-CREATE TABLE ACCOUNT(
-		USER_NAME VARCHAR(100) NOT NULL,
-		MAIL_ADDRESS VARCHAR(100) NOT NULL,
-		PASSWORD VARCHAR(40) NOT NULL,
-		ADMINISTRATOR BOOLEAN NOT NULL,
-		URL VARCHAR(200),
-		REGISTERED_DATE TIMESTAMP NOT NULL,
-		UPDATED_DATE TIMESTAMP NOT NULL,
-		LAST_LOGIN_DATE TIMESTAMP
-);
-
-CREATE TABLE REPOSITORY(
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		PRIVATE BOOLEAN NOT NULL,
-		DESCRIPTION TEXT,
-		DEFAULT_BRANCH VARCHAR(100),
-		REGISTERED_DATE TIMESTAMP NOT NULL,
-		UPDATED_DATE TIMESTAMP NOT NULL,
-		LAST_ACTIVITY_DATE TIMESTAMP NOT NULL
-);
-
-CREATE TABLE COLLABORATOR(
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		COLLABORATOR_NAME VARCHAR(100) NOT NULL
-);
-
-CREATE TABLE ISSUE(
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		ISSUE_ID INT NOT NULL,
-		OPENED_USER_NAME VARCHAR(100) NOT NULL,
-		MILESTONE_ID INT,
-		ASSIGNED_USER_NAME VARCHAR(100),
-		TITLE TEXT NOT NULL,
-		CONTENT TEXT,
-		CLOSED BOOLEAN NOT NULL,
-		REGISTERED_DATE TIMESTAMP NOT NULL,
-		UPDATED_DATE TIMESTAMP NOT NULL
-);
-
-CREATE TABLE ISSUE_ID(
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		ISSUE_ID INT NOT NULL
-);
-
-CREATE TABLE ISSUE_COMMENT(
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		ISSUE_ID INT NOT NULL,
-		COMMENT_ID INT AUTO_INCREMENT,
-		ACTION VARCHAR(10),
-		COMMENTED_USER_NAME VARCHAR(100) NOT NULL,
-		CONTENT TEXT NOT NULL,
-		REGISTERED_DATE TIMESTAMP NOT NULL,
-		UPDATED_DATE TIMESTAMP NOT NULL
-);
-
-CREATE TABLE LABEL(
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		LABEL_ID INT AUTO_INCREMENT,
-		LABEL_NAME VARCHAR(100) NOT NULL,
-		COLOR CHAR(6) NOT NULL
-);
-
-CREATE TABLE ISSUE_LABEL(
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		ISSUE_ID INT NOT NULL,
-		LABEL_ID INT NOT NULL
-);
-
-CREATE TABLE MILESTONE(
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		MILESTONE_ID INT AUTO_INCREMENT,
-		TITLE VARCHAR(100) NOT NULL,
-		DESCRIPTION TEXT,
-		DUE_DATE TIMESTAMP,
-		CLOSED_DATE TIMESTAMP
-);
-
-ALTER TABLE ACCOUNT ADD CONSTRAINT IDX_ACCOUNT_PK PRIMARY KEY (USER_NAME);
-ALTER TABLE ACCOUNT ADD CONSTRAINT IDX_ACCOUNT_1 UNIQUE (MAIL_ADDRESS);
-
-ALTER TABLE REPOSITORY ADD CONSTRAINT IDX_REPOSITORY_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME);
-ALTER TABLE REPOSITORY ADD CONSTRAINT IDX_REPOSITORY_FK0 FOREIGN KEY (USER_NAME) REFERENCES ACCOUNT (USER_NAME);
-
-ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME);
-ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
-ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_FK1 FOREIGN KEY (COLLABORATOR_NAME) REFERENCES ACCOUNT (USER_NAME);
-
-ALTER TABLE ISSUE ADD CONSTRAINT IDX_ISSUE_PK PRIMARY KEY (ISSUE_ID, USER_NAME, REPOSITORY_NAME);
-ALTER TABLE ISSUE ADD CONSTRAINT IDX_ISSUE_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
-ALTER TABLE ISSUE ADD CONSTRAINT IDX_ISSUE_FK1 FOREIGN KEY (OPENED_USER_NAME) REFERENCES ACCOUNT (USER_NAME);
-ALTER TABLE ISSUE ADD CONSTRAINT IDX_ISSUE_FK2 FOREIGN KEY (MILESTONE_ID) REFERENCES MILESTONE (MILESTONE_ID);
-
-ALTER TABLE ISSUE_ID ADD CONSTRAINT IDX_ISSUE_ID_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME);
-ALTER TABLE ISSUE_ID ADD CONSTRAINT IDX_ISSUE_ID_FK1 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
-
-ALTER TABLE ISSUE_COMMENT ADD CONSTRAINT IDX_ISSUE_COMMENT_PK PRIMARY KEY (COMMENT_ID);
-ALTER TABLE ISSUE_COMMENT ADD CONSTRAINT IDX_ISSUE_COMMENT_1 UNIQUE (USER_NAME, REPOSITORY_NAME, ISSUE_ID, COMMENT_ID);
-ALTER TABLE ISSUE_COMMENT ADD CONSTRAINT IDX_ISSUE_COMMENT_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME, ISSUE_ID) REFERENCES ISSUE (USER_NAME, REPOSITORY_NAME, ISSUE_ID);
-
-ALTER TABLE LABEL ADD CONSTRAINT IDX_LABEL_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, LABEL_ID);
-ALTER TABLE LABEL ADD CONSTRAINT IDX_LABEL_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
-
-ALTER TABLE ISSUE_LABEL ADD CONSTRAINT IDX_ISSUE_LABEL_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, ISSUE_ID, LABEL_ID);
-ALTER TABLE ISSUE_LABEL ADD CONSTRAINT IDX_ISSUE_LABEL_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME, ISSUE_ID) REFERENCES ISSUE (USER_NAME, REPOSITORY_NAME, ISSUE_ID);
-
-ALTER TABLE MILESTONE ADD CONSTRAINT IDX_MILESTONE_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, MILESTONE_ID);
-ALTER TABLE MILESTONE ADD CONSTRAINT IDX_MILESTONE_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
-
-INSERT INTO ACCOUNT (
-  USER_NAME,
-  MAIL_ADDRESS,
-  PASSWORD,
-  ADMINISTRATOR,
-  URL,
-  REGISTERED_DATE,
-  UPDATED_DATE,
-  LAST_LOGIN_DATE
-) VALUES (
-  'root',
-  'root@localhost',
-  'dc76e9f0c0006e8f919e0c515c66dbba3982f785',
-  true,
-  'https://github.com/gitbucket/gitbucket',
-  SYSDATE,
-  SYSDATE,
-  NULL
-);

src/main/resources/update/1_1.sql

@@ -1,8 +0,0 @@
--- Fix COLLABORATOR constraints
-ALTER TABLE COLLABORATOR DROP CONSTRAINT IDX_COLLABORATOR_FK1 IF EXISTS;
-ALTER TABLE COLLABORATOR DROP CONSTRAINT IDX_COLLABORATOR_FK0 IF EXISTS;
-ALTER TABLE COLLABORATOR DROP CONSTRAINT IDX_COLLABORATOR_PK IF EXISTS;
-
-ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, COLLABORATOR_NAME);
-ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
-ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_FK1 FOREIGN KEY (COLLABORATOR_NAME) REFERENCES ACCOUNT (USER_NAME);

src/main/resources/update/1_12.sql

@@ -1,11 +0,0 @@
-ALTER TABLE GROUP_MEMBER ADD COLUMN MANAGER BOOLEAN DEFAULT FALSE;
-
-CREATE TABLE SSH_KEY (
-  USER_NAME VARCHAR(100) NOT NULL,
-  SSH_KEY_ID INT AUTO_INCREMENT,
-  TITLE VARCHAR(100) NOT NULL,
-  PUBLIC_KEY TEXT NOT NULL
-);
-
-ALTER TABLE SSH_KEY ADD CONSTRAINT IDX_SSH_KEY_PK PRIMARY KEY (USER_NAME, SSH_KEY_ID);
-ALTER TABLE SSH_KEY ADD CONSTRAINT IDX_SSH_KEY_FK0 FOREIGN KEY (USER_NAME) REFERENCES ACCOUNT (USER_NAME);

src/main/resources/update/1_13.sql

@@ -1 +0,0 @@
-DROP TABLE COMMIT_LOG;

src/main/resources/update/1_2.sql

@@ -1,24 +0,0 @@
-CREATE TABLE ACTIVITY(
-		ACTIVITY_ID INT AUTO_INCREMENT,
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		ACTIVITY_USER_NAME VARCHAR(100) NOT NULL,
-		ACTIVITY_TYPE VARCHAR(100) NOT NULL,
-		MESSAGE TEXT NOT NULL,
-		ADDITIONAL_INFO TEXT,
-		ACTIVITY_DATE TIMESTAMP NOT NULL
-);
-
-CREATE TABLE COMMIT_LOG (
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		COMMIT_ID VARCHAR(40) NOT NULL
-);
-
-ALTER TABLE ACTIVITY ADD CONSTRAINT IDX_ACTIVITY_PK PRIMARY KEY (ACTIVITY_ID);
-ALTER TABLE ACTIVITY ADD CONSTRAINT IDX_ACTIVITY_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
-ALTER TABLE ACTIVITY ADD CONSTRAINT IDX_ACTIVITY_FK1 FOREIGN KEY (ACTIVITY_USER_NAME) REFERENCES ACCOUNT (USER_NAME);
-
-ALTER TABLE COMMIT_LOG ADD CONSTRAINT IDX_COMMIT_LOG_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, COMMIT_ID);
-ALTER TABLE COMMIT_LOG ADD CONSTRAINT IDX_COMMIT_LOG_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
-

src/main/resources/update/1_3.sql

@@ -1,8 +0,0 @@
-ALTER TABLE ACCOUNT ADD COLUMN IMAGE VARCHAR(100);
-
-UPDATE ISSUE_COMMENT SET ACTION = 'comment' WHERE ACTION IS NULL;
-
-ALTER TABLE ISSUE_COMMENT ALTER COLUMN ACTION VARCHAR(20) NOT NULL;
-
-UPDATE ISSUE_COMMENT SET ACTION = 'close_comment'  WHERE ACTION = 'close';
-UPDATE ISSUE_COMMENT SET ACTION = 'reopen_comment' WHERE ACTION = 'reopen';

src/main/resources/update/1_4.sql

@@ -1,24 +0,0 @@
-CREATE TABLE GROUP_MEMBER(
-  GROUP_NAME VARCHAR(100) NOT NULL,
-  USER_NAME  VARCHAR(100) NOT NULL
-);
-
-ALTER TABLE GROUP_MEMBER ADD CONSTRAINT IDX_GROUP_MEMBER_PK PRIMARY KEY (GROUP_NAME, USER_NAME);
-ALTER TABLE GROUP_MEMBER ADD CONSTRAINT IDX_GROUP_MEMBER_FK0 FOREIGN KEY (GROUP_NAME) REFERENCES ACCOUNT (USER_NAME);
-ALTER TABLE GROUP_MEMBER ADD CONSTRAINT IDX_GROUP_MEMBER_FK1 FOREIGN KEY (USER_NAME) REFERENCES ACCOUNT (USER_NAME);
-
-ALTER TABLE ACCOUNT ADD COLUMN GROUP_ACCOUNT BOOLEAN NOT NULL DEFAULT FALSE;
-
-CREATE OR REPLACE VIEW ISSUE_OUTLINE_VIEW AS
- SELECT
-   A.USER_NAME,
-   A.REPOSITORY_NAME,
-   A.ISSUE_ID,
-   NVL(B.COMMENT_COUNT, 0) AS COMMENT_COUNT
- FROM ISSUE A
- LEFT OUTER JOIN (
-   SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM ISSUE_COMMENT
-   WHERE ACTION IN ('comment', 'close_comment', 'reopen_comment')
-   GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
- ) B
- ON (A.USER_NAME = B.USER_NAME AND A.REPOSITORY_NAME = B.REPOSITORY_NAME AND A.ISSUE_ID = B.ISSUE_ID);

src/main/resources/update/1_5.sql

@@ -1,21 +0,0 @@
-ALTER TABLE REPOSITORY ADD COLUMN ORIGIN_USER_NAME VARCHAR(100);
-ALTER TABLE REPOSITORY ADD COLUMN ORIGIN_REPOSITORY_NAME VARCHAR(100);
-ALTER TABLE REPOSITORY ADD COLUMN PARENT_USER_NAME VARCHAR(100);
-ALTER TABLE REPOSITORY ADD COLUMN PARENT_REPOSITORY_NAME VARCHAR(100);
-
-CREATE TABLE PULL_REQUEST(
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		ISSUE_ID INT NOT NULL,
-		BRANCH VARCHAR(100) NOT NULL,
-		REQUEST_USER_NAME VARCHAR(100) NOT NULL,
-		REQUEST_REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		REQUEST_BRANCH VARCHAR(100) NOT NULL,
-		COMMIT_ID_FROM VARCHAR(40) NOT NULL,
-		COMMIT_ID_TO VARCHAR(40) NOT NULL
-);
-
-ALTER TABLE PULL_REQUEST ADD CONSTRAINT IDX_PULL_REQUEST_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, ISSUE_ID);
-ALTER TABLE PULL_REQUEST ADD CONSTRAINT IDX_PULL_REQUEST_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME, ISSUE_ID) REFERENCES ISSUE (USER_NAME, REPOSITORY_NAME, ISSUE_ID);
-
-ALTER TABLE ISSUE ADD COLUMN PULL_REQUEST BOOLEAN NOT NULL DEFAULT FALSE;

src/main/resources/update/1_6.sql

@@ -1,8 +0,0 @@
-CREATE TABLE WEB_HOOK (
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		URL VARCHAR(200) NOT NULL
-);
-
-ALTER TABLE WEB_HOOK ADD CONSTRAINT IDX_WEB_HOOK_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, URL);
-ALTER TABLE WEB_HOOK ADD CONSTRAINT IDX_WEB_HOOK_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);

src/main/resources/update/1_7.sql

@@ -1,5 +0,0 @@
-ALTER TABLE ACCOUNT ADD COLUMN FULL_NAME VARCHAR(100);
-
-UPDATE ACCOUNT SET FULL_NAME = USER_NAME WHERE FULL_NAME IS NULL;
-
-ALTER TABLE ACCOUNT ALTER COLUMN FULL_NAME SET NOT NULL;

src/main/resources/update/1_8.sql

@@ -1 +0,0 @@
-ALTER TABLE ACCOUNT ADD COLUMN REMOVED BOOLEAN DEFAULT FALSE;

src/main/resources/update/2_3.sql

@@ -1,6 +0,0 @@
-CREATE TABLE PLUGIN (
-  PLUGIN_ID VARCHAR(100) NOT NULL,
-  VERSION   VARCHAR(100) NOT NULL
-);
-
-ALTER TABLE PLUGIN ADD CONSTRAINT IDX_PLUGIN_PK PRIMARY KEY (PLUGIN_ID);

src/main/resources/update/2_7.sql

@@ -1,18 +0,0 @@
-CREATE TABLE COMMIT_COMMENT (
-    USER_NAME VARCHAR(100) NOT NULL,
-    REPOSITORY_NAME VARCHAR(100) NOT NULL,
-    COMMIT_ID VARCHAR(100) NOT NULL,
-    COMMENT_ID INT AUTO_INCREMENT,
-    COMMENTED_USER_NAME VARCHAR(100) NOT NULL,
-    CONTENT TEXT NOT NULL,
-    FILE_NAME NVARCHAR(100),
-    OLD_LINE_NUMBER INT,
-    NEW_LINE_NUMBER INT,
-    REGISTERED_DATE TIMESTAMP NOT NULL,
-    UPDATED_DATE TIMESTAMP NOT NULL,
-    PULL_REQUEST BOOLEAN NOT NULL
-);
-
-ALTER TABLE COMMIT_COMMENT ADD CONSTRAINT IDX_COMMIT_COMMENT_PK PRIMARY KEY (COMMENT_ID);
-ALTER TABLE COMMIT_COMMENT ADD CONSTRAINT IDX_COMMIT_COMMENT_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
-ALTER TABLE COMMIT_COMMENT ADD CONSTRAINT IDX_COMMIT_COMMENT_1 UNIQUE (USER_NAME, REPOSITORY_NAME, COMMIT_ID, COMMENT_ID);

src/main/resources/update/2_8.sql

@@ -1 +0,0 @@
-ALTER TABLE COMMIT_COMMENT ALTER COLUMN FILE_NAME NVARCHAR(260);

src/main/resources/update/3_1.sql

@@ -1,42 +0,0 @@
-DROP TABLE IF EXISTS ACCESS_TOKEN;
-
-CREATE TABLE ACCESS_TOKEN (
-   ACCESS_TOKEN_ID INT NOT NULL AUTO_INCREMENT,
-   TOKEN_HASH VARCHAR(40) NOT NULL,
-   USER_NAME VARCHAR(100) NOT NULL,
-   NOTE TEXT NOT NULL
-);
-
-ALTER TABLE ACCESS_TOKEN ADD CONSTRAINT IDX_ACCESS_TOKEN_PK PRIMARY KEY (ACCESS_TOKEN_ID);
-ALTER TABLE ACCESS_TOKEN ADD CONSTRAINT IDX_ACCESS_TOKEN_FK0 FOREIGN KEY (USER_NAME) REFERENCES ACCOUNT (USER_NAME)
-  ON DELETE CASCADE ON UPDATE CASCADE;
-ALTER TABLE ACCESS_TOKEN ADD CONSTRAINT IDX_ACCESS_TOKEN_TOKEN_HASH UNIQUE(TOKEN_HASH);
-
-
-DROP TABLE IF EXISTS COMMIT_STATUS;
-CREATE TABLE COMMIT_STATUS(
-  COMMIT_STATUS_ID INT AUTO_INCREMENT,
-  USER_NAME VARCHAR(100) NOT NULL,
-  REPOSITORY_NAME VARCHAR(100) NOT NULL,
-  COMMIT_ID VARCHAR(40) NOT NULL,
-  CONTEXT VARCHAR(255) NOT NULL, -- context is too long (maximum is 255 characters)
-  STATE VARCHAR(10) NOT NULL, -- pending, success, error, or failure
-  TARGET_URL VARCHAR(200),
-  DESCRIPTION TEXT,
-  CREATOR VARCHAR(100) NOT NULL,
-  REGISTERED_DATE TIMESTAMP NOT NULL, -- CREATED_AT
-  UPDATED_DATE TIMESTAMP NOT NULL -- UPDATED_AT
-);
-ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_PK PRIMARY KEY (COMMIT_STATUS_ID);
-ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_1
-  UNIQUE (USER_NAME, REPOSITORY_NAME, COMMIT_ID, CONTEXT);
-ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_FK1
-  FOREIGN KEY (USER_NAME, REPOSITORY_NAME)
-  REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME)
-  ON DELETE CASCADE ON UPDATE CASCADE;
-ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_FK2
-  FOREIGN KEY (USER_NAME) REFERENCES ACCOUNT (USER_NAME)
-  ON DELETE CASCADE ON UPDATE CASCADE;
-ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_FK3
-  FOREIGN KEY (CREATOR) REFERENCES ACCOUNT (USER_NAME)
-  ON DELETE CASCADE ON UPDATE CASCADE;

src/main/resources/update/3_11.sql

@@ -1,25 +0,0 @@
-DROP TABLE IF EXISTS PROTECTED_BRANCH;
-
-CREATE TABLE PROTECTED_BRANCH(
-    USER_NAME VARCHAR(100) NOT NULL,
-    REPOSITORY_NAME VARCHAR(100) NOT NULL,
-    BRANCH VARCHAR(100) NOT NULL,
-    STATUS_CHECK_ADMIN BOOLEAN NOT NULL DEFAULT false
-);
-
-ALTER TABLE PROTECTED_BRANCH ADD CONSTRAINT IDX_PROTECTED_BRANCH_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, BRANCH);
-ALTER TABLE PROTECTED_BRANCH ADD CONSTRAINT IDX_PROTECTED_BRANCH_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME)
-  ON DELETE CASCADE ON UPDATE CASCADE;
-
-
-DROP TABLE IF EXISTS PROTECTED_BRANCH_REQUIRE_CONTEXT;
-CREATE TABLE PROTECTED_BRANCH_REQUIRE_CONTEXT(
-    USER_NAME VARCHAR(100) NOT NULL,
-    REPOSITORY_NAME VARCHAR(100) NOT NULL,
-    BRANCH VARCHAR(100) NOT NULL,
-    CONTEXT VARCHAR(255) NOT NULL
-);
-
-ALTER TABLE PROTECTED_BRANCH_REQUIRE_CONTEXT ADD CONSTRAINT IDX_PROTECTED_BRANCH_REQUIRE_CONTEXT_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, BRANCH, CONTEXT);
-ALTER TABLE PROTECTED_BRANCH_REQUIRE_CONTEXT ADD CONSTRAINT IDX_PROTECTED_BRANCH_REQUIRE_CONTEXT_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME, BRANCH) REFERENCES PROTECTED_BRANCH (USER_NAME, REPOSITORY_NAME, BRANCH)
-  ON DELETE CASCADE ON UPDATE CASCADE;

src/main/resources/update/3_9.sql

@@ -1,55 +0,0 @@
-DROP TABLE IF EXISTS WEB_HOOK_EVENT;
-
-CREATE TABLE WEB_HOOK_EVENT(
-    USER_NAME VARCHAR(100) NOT NULL,
-    REPOSITORY_NAME VARCHAR(100) NOT NULL,
-    URL VARCHAR(200) NOT NULL,
-    EVENT VARCHAR(30) NOT NULL
-);
-
-ALTER TABLE WEB_HOOK_EVENT ADD CONSTRAINT IDX_WEB_HOOK_EVENT_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, URL, EVENT);
-ALTER TABLE WEB_HOOK_EVENT ADD CONSTRAINT IDX_WEB_HOOK_EVENT_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME, URL) REFERENCES WEB_HOOK (USER_NAME, REPOSITORY_NAME, URL)
-  ON DELETE CASCADE ON UPDATE CASCADE;
-
-CREATE TEMPORARY TABLE TMP_EVENTS (EVENT VARCHAR(30));
-
-INSERT INTO TMP_EVENTS VALUES ('push'),('issue_comment'),('issues'),('pull_request');
-
-INSERT INTO WEB_HOOK_EVENT (USER_NAME, REPOSITORY_NAME, URL, EVENT)
-  SELECT USER_NAME, REPOSITORY_NAME, URL, EVENT
-    FROM WEB_HOOK, TMP_EVENTS;
-
-DROP TABLE TMP_EVENTS;
-
-ALTER TABLE COMMIT_COMMENT ADD COLUMN ISSUE_ID INT;
-
-CREATE OR REPLACE VIEW ISSUE_OUTLINE_VIEW AS
- SELECT
-   A.USER_NAME,
-   A.REPOSITORY_NAME,
-   A.ISSUE_ID,
-   NVL(B.COMMENT_COUNT, 0) + NVL(C.COMMENT_COUNT, 0) AS COMMENT_COUNT
- FROM ISSUE A
- LEFT OUTER JOIN (
-   SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM ISSUE_COMMENT
-   WHERE ACTION IN ('comment', 'close_comment', 'reopen_comment')
-   GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
- ) B
- ON (A.USER_NAME = B.USER_NAME AND A.REPOSITORY_NAME = B.REPOSITORY_NAME AND A.ISSUE_ID = B.ISSUE_ID)
- LEFT OUTER JOIN (
-   SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM COMMIT_COMMENT
-   GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
- ) C
- ON (A.USER_NAME = C.USER_NAME AND A.REPOSITORY_NAME = C.REPOSITORY_NAME AND A.ISSUE_ID = C.ISSUE_ID);
-
-
-UPDATE COMMIT_COMMENT C SET (ISSUE_ID) = (
-  SELECT MAX(P.ISSUE_ID)
-  FROM PULL_REQUEST P
-  WHERE
-    C.USER_NAME       = P.USER_NAME AND
-    C.REPOSITORY_NAME = P.REPOSITORY_NAME AND
-    C.COMMIT_ID       = P.COMMIT_ID_TO
-);
-
-ALTER TABLE COMMIT_COMMENT DROP COLUMN PULL_REQUEST;

src/main/resources/update/gitbucket-core_4.0.sql

@@ -0,0 +1,18 @@
+CREATE OR REPLACE VIEW ISSUE_OUTLINE_VIEW AS
+ SELECT
+   A.USER_NAME,
+   A.REPOSITORY_NAME,
+   A.ISSUE_ID,
+   COALESCE(B.COMMENT_COUNT, 0) + COALESCE(C.COMMENT_COUNT, 0) AS COMMENT_COUNT
+ FROM ISSUE A
+ LEFT OUTER JOIN (
+   SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM ISSUE_COMMENT
+   WHERE ACTION IN ('comment', 'close_comment', 'reopen_comment')
+   GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
+ ) B
+ ON (A.USER_NAME = B.USER_NAME AND A.REPOSITORY_NAME = B.REPOSITORY_NAME AND A.ISSUE_ID = B.ISSUE_ID)
+ LEFT OUTER JOIN (
+   SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM COMMIT_COMMENT
+   GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
+ ) C
+ ON (A.USER_NAME = C.USER_NAME AND A.REPOSITORY_NAME = C.REPOSITORY_NAME AND A.ISSUE_ID = C.ISSUE_ID);

src/main/resources/update/gitbucket-core_4.0.xml

@@ -0,0 +1,351 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<changeSet>
+
+  <!--================================================================================================-->
+  <!-- ACCOUNT -->
+  <!--================================================================================================-->
+  <createTable tableName="ACCOUNT">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="MAIL_ADDRESS" type="varchar(100)" nullable="false"/>
+    <column name="PASSWORD" type="varchar(40)" nullable="false"/>
+    <column name="ADMINISTRATOR" type="boolean" nullable="false"/>
+    <column name="URL" type="varchar(200)" nullable="true"/>
+    <column name="REGISTERED_DATE" type="datetime" nullable="false"/>
+    <column name="UPDATED_DATE" type="datetime" nullable="false"/>
+    <column name="LAST_LOGIN_DATE" type="datetime" nullable="true"/>
+    <column name="IMAGE" type="varchar(100)" nullable="true"/>
+    <column name="GROUP_ACCOUNT" type="boolean" nullable="false"/>
+    <column name="FULL_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REMOVED" type="boolean" nullable="true"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_ACCOUNT_PK" tableName="ACCOUNT" columnNames="USER_NAME"/>
+  <addUniqueConstraint constraintName="IDX_ACCOUNT_1" tableName="ACCOUNT" columnNames="MAIL_ADDRESS"/>
+
+  <insert tableName="ACCOUNT">
+    <column name="USER_NAME" value="root"/>
+    <column name="FULL_NAME" value="root"/>
+    <column name="MAIL_ADDRESS" value="root@localhost"/>
+    <column name="PASSWORD" value="dc76e9f0c0006e8f919e0c515c66dbba3982f785"/>
+    <column name="ADMINISTRATOR" valueBoolean="true"/>
+    <column name="URL" value="https://github.com/gitbucket/gitbucket"/>
+    <column name="GROUP_ACCOUNT" valueBoolean="false"/>
+    <column name="REMOVED" valueBoolean="false"/>
+    <column name="REGISTERED_DATE" valueDate="${currentDateTime}"/>
+    <column name="UPDATED_DATE" valueDate="${currentDateTime}"/>
+  </insert>
+
+  <!--================================================================================================-->
+  <!-- REPOSITORY -->
+  <!--================================================================================================-->
+  <createTable tableName="REPOSITORY">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="PRIVATE" type="boolean" nullable="false"/>
+    <column name="DESCRIPTION" type="text" nullable="true"/>
+    <column name="DEFAULT_BRANCH" type="varchar(100)" nullable="true"/>
+    <column name="REGISTERED_DATE" type="datetime" nullable="false"/>
+    <column name="UPDATED_DATE" type="datetime" nullable="false"/>
+    <column name="LAST_ACTIVITY_DATE" type="datetime" nullable="false"/>
+    <column name="ORIGIN_USER_NAME" type="varchar(100)" nullable="true"/>
+    <column name="ORIGIN_REPOSITORY_NAME" type="varchar(100)" nullable="true"/>
+    <column name="PARENT_USER_NAME" type="varchar(100)" nullable="true"/>
+    <column name="PARENT_REPOSITORY_NAME" type="varchar(100)" nullable="true"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_REPOSITORY_PK" tableName="REPOSITORY" columnNames="USER_NAME, REPOSITORY_NAME"/>
+  <addForeignKeyConstraint constraintName="IDX_REPOSITORY_FK0" baseTableName="REPOSITORY" baseColumnNames="USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- ACCESS_TOKEN -->
+  <!--================================================================================================-->
+  <createTable tableName="ACCESS_TOKEN">
+    <column name="ACCESS_TOKEN_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
+    <column name="TOKEN_HASH" type="varchar(40)" nullable="false"/>
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="NOTE" type="text" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_ACCESS_TOKEN_PK" tableName="ACCESS_TOKEN" columnNames="ACCESS_TOKEN_ID"/>
+  <addUniqueConstraint constraintName="IDX_ACCESS_TOKEN_TOKEN_HASH" tableName="ACCESS_TOKEN" columnNames="TOKEN_HASH"/>
+  <addForeignKeyConstraint constraintName="IDX_ACCESS_TOKEN_FK0" baseTableName="ACCESS_TOKEN" baseColumnNames="USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME" onDelete="CASCADE" onUpdate="CASCADE"/>
+
+  <!--================================================================================================-->
+  <!-- ACTIVITY -->
+  <!--================================================================================================-->
+  <createTable tableName="ACTIVITY">
+    <column name="ACTIVITY_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="ACTIVITY_USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="ACTIVITY_TYPE" type="varchar(100)" nullable="false"/>
+    <column name="MESSAGE" type="text" nullable="false"/>
+    <column name="ADDITIONAL_INFO" type="text" nullable="true"/>
+    <column name="ACTIVITY_DATE" type="datetime" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_ACTIVITY_PK" tableName="ACTIVITY" columnNames="ACTIVITY_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_ACTIVITY_FK1" baseTableName="ACTIVITY" baseColumnNames="ACTIVITY_USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
+  <addForeignKeyConstraint constraintName="IDX_ACTIVITY_FK0" baseTableName="ACTIVITY" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- COLLABORATOR -->
+  <!--================================================================================================-->
+  <createTable tableName="COLLABORATOR">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="COLLABORATOR_NAME" type="varchar(100)" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_COLLABORATOR_PK" tableName="COLLABORATOR" columnNames="USER_NAME, REPOSITORY_NAME, COLLABORATOR_NAME"/>
+  <addForeignKeyConstraint constraintName="IDX_COLLABORATOR_FK1" baseTableName="COLLABORATOR" baseColumnNames="COLLABORATOR_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
+  <addForeignKeyConstraint constraintName="IDX_COLLABORATOR_FK0" baseTableName="COLLABORATOR" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- COMMIT_COMMENT -->
+  <!--================================================================================================-->
+  <createTable tableName="COMMIT_COMMENT">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="COMMIT_ID" type="varchar(100)" nullable="false"/>
+    <column name="COMMENT_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
+    <column name="COMMENTED_USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="CONTENT" type="text" nullable="false"/>
+    <column name="FILE_NAME" type="varchar(260)" nullable="true"/>
+    <column name="OLD_LINE_NUMBER" type="int" nullable="true"/>
+    <column name="NEW_LINE_NUMBER" type="int" nullable="true"/>
+    <column name="REGISTERED_DATE" type="datetime" nullable="false"/>
+    <column name="UPDATED_DATE" type="datetime" nullable="false"/>
+    <column name="ISSUE_ID" type="int" nullable="true"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_COMMIT_COMMENT_PK" tableName="COMMIT_COMMENT" columnNames="COMMENT_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_COMMIT_COMMENT_FK0" baseTableName="COMMIT_COMMENT" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- COMMIT_STATUS -->
+  <!--================================================================================================-->
+  <createTable tableName="COMMIT_STATUS">
+    <column name="COMMIT_STATUS_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="COMMIT_ID" type="varchar(40)" nullable="false"/>
+    <column name="CONTEXT" type="varchar(255)" nullable="false"/>
+    <column name="STATE" type="varchar(10)" nullable="false"/>
+    <column name="TARGET_URL" type="varchar(200)" nullable="true"/>
+    <column name="DESCRIPTION" type="text" nullable="true"/>
+    <column name="CREATOR" type="varchar(100)" nullable="false"/>
+    <column name="REGISTERED_DATE" type="datetime" nullable="false"/>
+    <column name="UPDATED_DATE" type="datetime" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_COMMIT_STATUS_PK" tableName="COMMIT_STATUS" columnNames="COMMIT_STATUS_ID"/>
+  <addUniqueConstraint constraintName="IDX_COMMIT_STATUS_1" tableName="COMMIT_STATUS" columnNames="USER_NAME, REPOSITORY_NAME, COMMIT_ID, CONTEXT"/>
+  <addForeignKeyConstraint constraintName="IDX_COMMIT_STATUS_FK3" baseTableName="COMMIT_STATUS" baseColumnNames="CREATOR" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME" onDelete="CASCADE" onUpdate="CASCADE"/>
+  <addForeignKeyConstraint constraintName="IDX_COMMIT_STATUS_FK2" baseTableName="COMMIT_STATUS" baseColumnNames="USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME" onDelete="CASCADE" onUpdate="CASCADE"/>
+  <addForeignKeyConstraint constraintName="IDX_COMMIT_STATUS_FK1" baseTableName="COMMIT_STATUS" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME" onDelete="CASCADE" onUpdate="CASCADE"/>
+
+  <!--================================================================================================-->
+  <!-- GROUP_MEMBER -->
+  <!--================================================================================================-->
+  <createTable tableName="GROUP_MEMBER">
+    <column name="GROUP_NAME" type="varchar(100)" nullable="false"/>
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="MANAGER" type="boolean" nullable="true"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_GROUP_MEMBER_PK" tableName="GROUP_MEMBER" columnNames="GROUP_NAME, USER_NAME"/>
+  <addForeignKeyConstraint constraintName="IDX_GROUP_MEMBER_FK1" baseTableName="GROUP_MEMBER" baseColumnNames="USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
+  <addForeignKeyConstraint constraintName="IDX_GROUP_MEMBER_FK0" baseTableName="GROUP_MEMBER" baseColumnNames="GROUP_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- LABEL -->
+  <!--================================================================================================-->
+  <createTable tableName="LABEL">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="LABEL_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
+    <column name="LABEL_NAME" type="varchar(100)" nullable="false"/>
+    <column name="COLOR" type="char(6)" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_LABEL_PK" tableName="LABEL" columnNames="USER_NAME, REPOSITORY_NAME, LABEL_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_LABEL_FK0" baseTableName="LABEL" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- MILESTONE -->
+  <!--================================================================================================-->
+  <createTable tableName="MILESTONE">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="MILESTONE_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
+    <column name="TITLE" type="varchar(100)" nullable="false"/>
+    <column name="DESCRIPTION" type="text" nullable="true"/>
+    <column name="DUE_DATE" type="datetime" nullable="true"/>
+    <column name="CLOSED_DATE" type="datetime" nullable="true"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_MILESTONE_PK" tableName="MILESTONE" columnNames="USER_NAME, REPOSITORY_NAME, MILESTONE_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_MILESTONE_FK0" baseTableName="MILESTONE" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- ISSUE -->
+  <!--================================================================================================-->
+  <createTable tableName="ISSUE">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="ISSUE_ID" type="int" nullable="false"/>
+    <column name="OPENED_USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="MILESTONE_ID" type="int" nullable="true"/>
+    <column name="ASSIGNED_USER_NAME" type="varchar(100)" nullable="true"/>
+    <column name="TITLE" type="text" nullable="false"/>
+    <column name="CONTENT" type="text" nullable="true"/>
+    <column name="CLOSED" type="boolean" nullable="false"/>
+    <column name="REGISTERED_DATE" type="datetime" nullable="false"/>
+    <column name="UPDATED_DATE" type="datetime" nullable="false"/>
+    <column name="PULL_REQUEST" type="boolean" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_ISSUE_PK" tableName="ISSUE" columnNames="ISSUE_ID, USER_NAME, REPOSITORY_NAME"/>
+  <addForeignKeyConstraint constraintName="IDX_ISSUE_FK0" baseTableName="ISSUE" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
+  <addForeignKeyConstraint constraintName="IDX_ISSUE_FK2" baseTableName="ISSUE" baseColumnNames="MILESTONE_ID" referencedTableName="MILESTONE" referencedColumnNames="MILESTONE_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_ISSUE_FK1" baseTableName="ISSUE" baseColumnNames="OPENED_USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- ISSUE_COMMENT -->
+  <!--================================================================================================-->
+  <createTable tableName="ISSUE_COMMENT">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="ISSUE_ID" type="int" nullable="false"/>
+    <column name="COMMENT_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
+    <column name="ACTION" type="varchar(20)" nullable="false"/>
+    <column name="COMMENTED_USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="CONTENT" type="text" nullable="false"/>
+    <column name="REGISTERED_DATE" type="datetime" nullable="false"/>
+    <column name="UPDATED_DATE" type="datetime" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_ISSUE_COMMENT_PK" tableName="ISSUE_COMMENT" columnNames="COMMENT_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_ISSUE_COMMENT_FK0" baseTableName="ISSUE_COMMENT" baseColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID" referencedTableName="ISSUE" referencedColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID"/>
+
+  <!--================================================================================================-->
+  <!-- ISSUE_ID -->
+  <!--================================================================================================-->
+  <createTable tableName="ISSUE_ID">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="ISSUE_ID" type="int" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_ISSUE_ID_PK" tableName="ISSUE_ID" columnNames="USER_NAME, REPOSITORY_NAME"/>
+  <addForeignKeyConstraint constraintName="IDX_ISSUE_ID_FK1" baseTableName="ISSUE_ID" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- ISSUE_ID -->
+  <!--================================================================================================-->
+  <createTable tableName="ISSUE_LABEL">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="ISSUE_ID" type="int" nullable="false"/>
+    <column name="LABEL_ID" type="int" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_ISSUE_LABEL_PK" tableName="ISSUE_LABEL" columnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID, LABEL_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_ISSUE_LABEL_FK0" baseTableName="ISSUE_LABEL" baseColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID" referencedTableName="ISSUE" referencedColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID"/>
+
+  <!--================================================================================================-->
+  <!-- PLUGIN -->
+  <!--================================================================================================-->
+  <createTable tableName="PLUGIN">
+    <column name="PLUGIN_ID" type="varchar(100)" nullable="false"/>
+    <column name="VERSION" type="varchar(100)" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_PLUGIN_PK" tableName="PLUGIN" columnNames="PLUGIN_ID"/>
+
+  <!--================================================================================================-->
+  <!-- PULL_REQUEST -->
+  <!--================================================================================================-->
+  <createTable tableName="PULL_REQUEST">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="ISSUE_ID" type="int" nullable="false"/>
+    <column name="BRANCH" type="varchar(100)" nullable="false"/>
+    <column name="REQUEST_USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REQUEST_REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REQUEST_BRANCH" type="varchar(100)" nullable="false"/>
+    <column name="COMMIT_ID_FROM" type="varchar(40)" nullable="false"/>
+    <column name="COMMIT_ID_TO" type="varchar(40)" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_PULL_REQUEST_PK" tableName="PULL_REQUEST" columnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_PULL_REQUEST_FK0" baseTableName="PULL_REQUEST" baseColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID" referencedTableName="ISSUE" referencedColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID"/>
+
+  <!--================================================================================================-->
+  <!-- SSH_KEY -->
+  <!--================================================================================================-->
+  <createTable tableName="SSH_KEY">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="SSH_KEY_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
+    <column name="TITLE" type="varchar(100)" nullable="false"/>
+    <column name="PUBLIC_KEY" type="text" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_SSH_KEY_PK" tableName="SSH_KEY" columnNames="USER_NAME, SSH_KEY_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_SSH_KEY_FK0" baseTableName="SSH_KEY" baseColumnNames="USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- WEB_HOOK -->
+  <!--================================================================================================-->
+  <createTable tableName="WEB_HOOK">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="URL" type="varchar(200)" nullable="false"/>
+    <column name="TOKEN" type="varchar(100)" nullable="true"/>
+    <column name="CTYPE" type="varchar(10)" nullable="true"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_WEB_HOOK_PK" tableName="WEB_HOOK" columnNames="USER_NAME, REPOSITORY_NAME, URL"/>
+  <addForeignKeyConstraint constraintName="IDX_WEB_HOOK_FK0" baseTableName="WEB_HOOK" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- WEB_HOOK_EVENT -->
+  <!--================================================================================================-->
+  <createTable tableName="WEB_HOOK_EVENT">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="URL" type="varchar(200)" nullable="false"/>
+    <column name="EVENT" type="varchar(30)" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_WEB_HOOK_EVENT_PK" tableName="WEB_HOOK_EVENT" columnNames="USER_NAME, REPOSITORY_NAME, URL, EVENT"/>
+  <addForeignKeyConstraint constraintName="IDX_WEB_HOOK_EVENT_FK0" baseTableName="WEB_HOOK_EVENT" baseColumnNames="USER_NAME, REPOSITORY_NAME, URL" referencedTableName="WEB_HOOK" referencedColumnNames="USER_NAME, REPOSITORY_NAME, URL" onDelete="CASCADE" onUpdate="CASCADE"/>
+
+  <!--================================================================================================-->
+  <!-- PROTECTED_BRANCH -->
+  <!--================================================================================================-->
+  <createTable tableName="PROTECTED_BRANCH">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="BRANCH" type="varchar(100)" nullable="false"/>
+    <column name="STATUS_CHECK_ADMIN" type="boolean" nullable="false" defaultValueBoolean="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_PROTECTED_BRANCH_PK" tableName="PROTECTED_BRANCH" columnNames="USER_NAME, REPOSITORY_NAME, BRANCH"/>
+  <addForeignKeyConstraint constraintName="IDX_PROTECTED_BRANCH_FK0" baseTableName="PROTECTED_BRANCH" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME" onDelete="CASCADE" onUpdate="CASCADE"/>
+
+  <!--================================================================================================-->
+  <!-- PROTECTED_BRANCH_REQUIRE_CONTEXT -->
+  <!--================================================================================================-->
+  <createTable tableName="PROTECTED_BRANCH_REQUIRE_CONTEXT">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="BRANCH" type="varchar(100)" nullable="false"/>
+    <column name="CONTEXT" type="varchar(255)" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_PROTECTED_BRANCH_REQUIRE_CONTEXT_PK" tableName="PROTECTED_BRANCH_REQUIRE_CONTEXT" columnNames="USER_NAME, REPOSITORY_NAME, BRANCH, CONTEXT"/>
+  <addForeignKeyConstraint constraintName="IDX_PROTECTED_BRANCH_REQUIRE_CONTEXT_FK0" baseTableName="PROTECTED_BRANCH_REQUIRE_CONTEXT" baseColumnNames="USER_NAME, REPOSITORY_NAME, BRANCH" referencedTableName="PROTECTED_BRANCH" referencedColumnNames="USER_NAME, REPOSITORY_NAME, BRANCH" onDelete="CASCADE" onUpdate="CASCADE"/>
+
+</changeSet>

src/main/resources/update/gitbucket-core_4.11.xml

@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<changeSet>
+  <createTable tableName="DEPLOY_KEY">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="DEPLOY_KEY_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
+    <column name="TITLE" type="varchar(100)" nullable="false"/>
+    <column name="PUBLIC_KEY" type="text" nullable="false"/>
+    <column name="ALLOW_WRITE" type="boolean" nullable="false" defaultValueBoolean="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_DEPLOY_KEY_PK" tableName="DEPLOY_KEY" columnNames="USER_NAME, REPOSITORY_NAME, DEPLOY_KEY_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_DEPLOY_KEY_FK0" baseTableName="DEPLOY_KEY" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
+</changeSet>

src/main/resources/update/gitbucket-core_4.2.xml

@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<changeSet>
+    <addColumn tableName="REPOSITORY">
+        <column name="ENABLE_ISSUES" type="boolean" nullable="false" defaultValueBoolean="true"/>
+        <column name="EXTERNAL_ISSUES_URL" type="varchar(200)" nullable="true"/>
+        <column name="ENABLE_WIKI" type="boolean" nullable="false" defaultValueBoolean="true"/>
+        <column name="ALLOW_WIKI_EDITING" type="boolean" nullable="false" defaultValueBoolean="false"/>
+        <column name="EXTERNAL_WIKI_URL" type="varchar(200)" nullable="true"/>
+    </addColumn>
+</changeSet>

src/main/resources/update/gitbucket-core_4.6.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<changeSet>
+    <addColumn tableName="REPOSITORY">
+        <column name="ALLOW_FORK" type="boolean" nullable="false" defaultValueBoolean="true"/>
+    </addColumn>
+</changeSet>

src/main/resources/update/gitbucket-core_4.7.sql

@@ -0,0 +1,2 @@
+-- DELETE COLLABORATORS IN GROUP REPOSITORIES
+DELETE FROM COLLABORATOR WHERE USER_NAME IN (SELECT USER_NAME FROM ACCOUNT WHERE GROUP_ACCOUNT = TRUE)

src/main/resources/update/gitbucket-core_4.7.xml

@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<changeSet>
+    <addColumn tableName="COLLABORATOR">
+        <column name="ROLE" type="varchar(10)" nullable="false" defaultValue="ADMIN"/>
+    </addColumn>
+    <addColumn tableName="REPOSITORY">
+        <column name="WIKI_OPTION" type="varchar(10)" nullable="false" defaultValue="DISABLE"/>
+        <column name="ISSUES_OPTION" type="varchar(10)" nullable="false" defaultValue="DISABLE"/>
+    </addColumn>
+    <update tableName="REPOSITORY">
+        <column name="WIKI_OPTION" value="DISABLE"/>
+        <where>ENABLE_WIKI = FALSE</where>
+    </update>
+    <update tableName="REPOSITORY">
+        <column name="WIKI_OPTION" value="PRIVATE"/>
+        <where>ENABLE_WIKI = TRUE AND ALLOW_WIKI_EDITING = FALSE</where>
+    </update>
+    <update tableName="REPOSITORY">
+        <column name="WIKI_OPTION" value="PUBLIC"/>
+        <where>ENABLE_WIKI = TRUE AND ALLOW_WIKI_EDITING = TRUE</where>
+    </update>
+    <update tableName="REPOSITORY">
+        <column name="ISSUES_OPTION" value="DISABLE"/>
+        <where>ENABLE_ISSUES = FALSE</where>
+    </update>
+    <update tableName="REPOSITORY">
+        <column name="ISSUES_OPTION" value="PUBLIC"/>
+        <where>ENABLE_ISSUES = TRUE</where>
+    </update>
+    <dropColumn tableName="REPOSITORY" columnName="ENABLE_WIKI"/>
+    <dropColumn tableName="REPOSITORY" columnName="ALLOW_WIKI_EDITING"/>
+    <dropColumn tableName="REPOSITORY" columnName="ENABLE_ISSUES"/>
+</changeSet>

src/main/resources/update/gitbucket-core_4.9.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<changeSet>
+  <addColumn tableName="ACCOUNT">
+    <column name="DESCRIPTION" type="text" nullable="true" />
+  </addColumn>
+</changeSet>

src/main/scala/ScalatraBootstrap.scala

@@ -1,24 +1,33 @@
 
-import gitbucket.core.controller._
-import gitbucket.core.plugin.PluginRegistry
-import gitbucket.core.servlet.{AccessTokenAuthenticationFilter, BasicAuthenticationFilter, Database, TransactionFilter}
-import gitbucket.core.util.Directory
-
 import java.util.EnumSet
 import javax.servlet._
 
+import gitbucket.core.controller._
+import gitbucket.core.plugin.PluginRegistry
+import gitbucket.core.service.SystemSettingsService
+import gitbucket.core.servlet._
+import gitbucket.core.util.Directory
 import org.scalatra._
 
 
-class ScalatraBootstrap extends LifeCycle {
+class ScalatraBootstrap extends LifeCycle with SystemSettingsService {
   override def init(context: ServletContext) {
+
+    val settings = loadSystemSettings()
+    if(settings.baseUrl.exists(_.startsWith("https://"))) {
+      context.getSessionCookieConfig.setSecure(true)
+    }
+
     // Register TransactionFilter and BasicAuthenticationFilter at first
     context.addFilter("transactionFilter", new TransactionFilter)
     context.getFilterRegistration("transactionFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/*")
-    context.addFilter("basicAuthenticationFilter", new BasicAuthenticationFilter)
-    context.getFilterRegistration("basicAuthenticationFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/git/*")
-    context.addFilter("accessTokenAuthenticationFilter", new AccessTokenAuthenticationFilter)
-    context.getFilterRegistration("accessTokenAuthenticationFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/api/v3/*")
+    context.addFilter("gitAuthenticationFilter", new GitAuthenticationFilter)
+    context.getFilterRegistration("gitAuthenticationFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/git/*")
+    context.addFilter("apiAuthenticationFilter", new ApiAuthenticationFilter)
+    context.getFilterRegistration("apiAuthenticationFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/api/v3/*")
+    context.addFilter("ghCompatRepositoryAccessFilter", new GHCompatRepositoryAccessFilter)
+    context.getFilterRegistration("ghCompatRepositoryAccessFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/*")
+
     // Register controllers
     context.mount(new AnonymousAccessController, "/*")
 
@@ -27,10 +36,10 @@ class ScalatraBootstrap extends LifeCycle {
     }
 
     context.mount(new IndexController, "/")
+    context.mount(new ApiController, "/api/v3")
     context.mount(new FileUploadController, "/upload")
+    context.mount(new SystemSettingsController, "/admin")
     context.mount(new DashboardController, "/*")
-    context.mount(new UserManagementController, "/*")
-    context.mount(new SystemSettingsController, "/*")
     context.mount(new AccountController, "/*")
     context.mount(new RepositoryViewerController, "/*")
     context.mount(new WikiController, "/*")

src/main/scala/gitbucket/core/GitBucketCoreModule.scala

@@ -0,0 +1,36 @@
+package gitbucket.core
+
+import io.github.gitbucket.solidbase.migration.{SqlMigration, LiquibaseMigration}
+import io.github.gitbucket.solidbase.model.{Version, Module}
+
+object GitBucketCoreModule extends Module("gitbucket-core",
+  new Version("4.0.0",
+    new LiquibaseMigration("update/gitbucket-core_4.0.xml"),
+    new SqlMigration("update/gitbucket-core_4.0.sql")
+  ),
+  new Version("4.1.0"),
+  new Version("4.2.0",
+    new LiquibaseMigration("update/gitbucket-core_4.2.xml")
+  ),
+  new Version("4.2.1"),
+  new Version("4.3.0"),
+  new Version("4.4.0"),
+  new Version("4.5.0"),
+  new Version("4.6.0",
+    new LiquibaseMigration("update/gitbucket-core_4.6.xml")
+  ),
+  new Version("4.7.0",
+    new LiquibaseMigration("update/gitbucket-core_4.7.xml"),
+    new SqlMigration("update/gitbucket-core_4.7.sql")
+  ),
+  new Version("4.7.1"),
+  new Version("4.8"),
+  new Version("4.9.0",
+    new LiquibaseMigration("update/gitbucket-core_4.9.xml")
+  ),
+  new Version("4.10.0"),
+  new Version("4.11.0",
+    new LiquibaseMigration("update/gitbucket-core_4.11.xml")
+  ),
+  new Version("4.12.0")
+)

src/main/scala/gitbucket/core/api/ApiBranch.scala

@@ -8,9 +8,16 @@ import gitbucket.core.util.RepositoryName
  */
 case class ApiBranch(
   name: String,
-  // commit: ApiBranchCommit,
+  commit: ApiBranchCommit,
   protection: ApiBranchProtection)(repositoryName:RepositoryName) extends FieldSerializable {
   def _links = Map(
    "self" -> ApiPath(s"/api/v3/repos/${repositoryName.fullName}/branches/${name}"),
    "html" -> ApiPath(s"/${repositoryName.fullName}/tree/${name}"))
 }
+
+case class ApiBranchCommit(sha: String)
+
+case class ApiBranchForList(
+  name: String,
+  commit: ApiBranchCommit
+)

src/main/scala/gitbucket/core/api/ApiBranchProtection.scala

@@ -14,7 +14,7 @@ object ApiBranchProtection{
 
   def apply(info: ProtectedBranchService.ProtectedBranchInfo): ApiBranchProtection = ApiBranchProtection(
     enabled = info.enabled,
-    required_status_checks = Some(Status(EnforcementLevel(info.enabled, info.includeAdministrators), info.contexts)))
+    required_status_checks = Some(Status(EnforcementLevel(info.enabled && info.contexts.nonEmpty, info.includeAdministrators), info.contexts)))
   val statusNone = Status(Off, Seq.empty)
   case class Status(enforcement_level: EnforcementLevel, contexts: Seq[String])
   sealed class EnforcementLevel(val name: String)
@@ -44,4 +44,3 @@ object ApiBranchProtection{
    }
  ))
 }
-

src/main/scala/gitbucket/core/api/ApiContents.scala

@@ -0,0 +1,28 @@
+package gitbucket.core.api
+
+import java.util.Base64
+
+import gitbucket.core.util.JGitUtil.FileInfo
+import gitbucket.core.util.RepositoryName
+
+case class ApiContents(
+  `type`: String,
+  name: String,
+  path: String,
+  sha: String,
+  content: Option[String],
+  encoding: Option[String])(repositoryName: RepositoryName){
+  val download_url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/raw/${sha}/${path}")
+}
+
+object ApiContents{
+  def apply(fileInfo: FileInfo, repositoryName: RepositoryName, content: Option[Array[Byte]]): ApiContents = {
+    if(fileInfo.isDirectory) {
+      ApiContents("dir", fileInfo.name, fileInfo.path, fileInfo.commitId, None, None)(repositoryName)
+    } else {
+      content.map(arr =>
+        ApiContents("file", fileInfo.name, fileInfo.path, fileInfo.commitId, Some(Base64.getEncoder.encodeToString(arr)), Some("base64"))(repositoryName)
+      ).getOrElse(ApiContents("file", fileInfo.name, fileInfo.path, fileInfo.commitId, None, None)(repositoryName))
+    }
+  }
+}

src/main/scala/gitbucket/core/api/ApiEndPoint.scala

@@ -0,0 +1,3 @@
+package gitbucket.core.api
+
+case class ApiEndPoint(rate_limit_url: ApiPath = ApiPath("/api/v3/rate_limit"))

src/main/scala/gitbucket/core/api/ApiIssue.scala

@@ -20,6 +20,16 @@ case class ApiIssue(
   body: String)(repositoryName: RepositoryName, isPullRequest: Boolean){
   val comments_url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/issues/${number}/comments")
   val html_url = ApiPath(s"/${repositoryName.fullName}/${if(isPullRequest){ "pull" }else{ "issues" }}/${number}")
+  val pull_request = if (isPullRequest) {
+    Some(Map(
+      "url" -> ApiPath(s"/api/v3/repos/${repositoryName.fullName}/pulls/${number}"),
+      "html_url" -> ApiPath(s"/${repositoryName.fullName}/pull/${number}")
+      // "diff_url" -> ApiPath(s"/${repositoryName.fullName}/pull/${number}.diff"),
+      // "patch_url" -> ApiPath(s"/${repositoryName.fullName}/pull/${number}.patch")
+    ))
+  } else {
+    None
+  }
 }
 
 object ApiIssue{

src/main/scala/gitbucket/core/api/ApiPullRequest.scala

@@ -1,7 +1,6 @@
 package gitbucket.core.api
 
-import gitbucket.core.model.{Issue, PullRequest}
-
+import gitbucket.core.model.{Account, Issue, IssueComment, PullRequest}
 import java.util.Date
 
 
@@ -15,6 +14,9 @@ case class ApiPullRequest(
   head: ApiPullRequest.Commit,
   base: ApiPullRequest.Commit,
   mergeable: Option[Boolean],
+  merged: Boolean,
+  merged_at: Option[Date],
+  merged_by: Option[ApiUser],
   title: String,
   body: String,
   user: ApiUser) {
@@ -31,7 +33,15 @@ case class ApiPullRequest(
 }
 
 object ApiPullRequest{
-  def apply(issue: Issue, pullRequest: PullRequest, headRepo: ApiRepository, baseRepo: ApiRepository, user: ApiUser): ApiPullRequest = ApiPullRequest(
+  def apply(
+    issue: Issue,
+    pullRequest: PullRequest,
+    headRepo: ApiRepository,
+    baseRepo: ApiRepository,
+    user: ApiUser,
+    mergedComment: Option[(IssueComment, Account)]
+  ): ApiPullRequest =
+    ApiPullRequest(
       number     = issue.issueId,
       updated_at = issue.updatedDate,
       created_at = issue.registeredDate,
@@ -44,6 +54,9 @@ object ApiPullRequest{
                      ref  = pullRequest.branch,
                      repo = baseRepo)(issue.userName),
       mergeable  = None, // TODO: need check mergeable.
+      merged     = mergedComment.isDefined,
+      merged_at  = mergedComment.map { case (comment, _) => comment.registeredDate },
+      merged_by  = mergedComment.map { case (_, account) => ApiUser(account) },
       title      = issue.title,
       body       = issue.content.getOrElse(""),
       user       = user

src/main/scala/gitbucket/core/api/ApiRef.scala

@@ -0,0 +1,5 @@
+package gitbucket.core.api
+
+case class ApiObject(sha: String)
+
+case class ApiRef(ref: String, `object`: ApiObject)

src/main/scala/gitbucket/core/api/ApiRepository.scala

@@ -14,11 +14,11 @@ case class ApiRepository(
   `private`: Boolean,
   default_branch: String,
   owner: ApiUser)(urlIsHtmlUrl: Boolean) {
-  val forks_count   = forks
+  val forks_count = forks
   val watchers_count = watchers
-  val url       = if(urlIsHtmlUrl){
+  val url = if(urlIsHtmlUrl){
     ApiPath(s"/${full_name}")
-  }else{
+  } else {
     ApiPath(s"/api/v3/repos/${full_name}")
   }
   val http_url  = ApiPath(s"/git/${full_name}.git")
@@ -34,14 +34,14 @@ object ApiRepository{
       watchers: Int = 0,
       urlIsHtmlUrl: Boolean = false): ApiRepository =
     ApiRepository(
-      name        = repository.repositoryName,
-      full_name   = s"${repository.userName}/${repository.repositoryName}",
-      description = repository.description.getOrElse(""),
-      watchers    = 0,
-      forks       = forkedCount,
-      `private`   = repository.isPrivate,
+      name           = repository.repositoryName,
+      full_name      = s"${repository.userName}/${repository.repositoryName}",
+      description    = repository.description.getOrElse(""),
+      watchers       = 0,
+      forks          = forkedCount,
+      `private`      = repository.isPrivate,
       default_branch = repository.defaultBranch,
-      owner       = owner
+      owner          = owner
     )(urlIsHtmlUrl)
 
   def apply(repositoryInfo: RepositoryInfo, owner: ApiUser): ApiRepository =

src/main/scala/gitbucket/core/api/ApiUser.scala

@@ -13,6 +13,7 @@ case class ApiUser(
   created_at: Date) {
   val url                 = ApiPath(s"/api/v3/users/${login}")
   val html_url            = ApiPath(s"/${login}")
+  val avatar_url          = ApiPath(s"/${login}/_avatar")
   // val followers_url       = ApiPath(s"/api/v3/users/${login}/followers")
   // val following_url       = ApiPath(s"/api/v3/users/${login}/following{/other_user}")
   // val gists_url           = ApiPath(s"/api/v3/users/${login}/gists{/gist_id}")
@@ -29,7 +30,7 @@ object ApiUser{
   def apply(user: Account): ApiUser = ApiUser(
     login      = user.userName,
     email      = user.mailAddress,
-    `type`     = if(user.isGroupAccount){ "Organization" }else{ "User" },
+    `type`     = if(user.isGroupAccount){ "Organization" } else { "User" },
     site_admin = user.isAdmin,
     created_at = user.registeredDate
   )

src/main/scala/gitbucket/core/api/CreateARepository.scala

@@ -11,7 +11,7 @@ case class CreateARepository(
     auto_init: Boolean = false
 ) {
   def isValid: Boolean = {
-    name.length<=40 &&
+    name.length <= 100 &&
         name.matches("[a-zA-Z0-9\\-\\+_.]+") &&
         !name.startsWith("_") &&
         !name.startsWith("-")

src/main/scala/gitbucket/core/api/CreateAStatus.scala

@@ -19,8 +19,8 @@ case class CreateAStatus(
   def isValid: Boolean = {
     CommitState.valueOf(state).isDefined &&
       // only http
-      target_url.filterNot(f => "\\Ahttps?://".r.findPrefixOf(f).isDefined && f.length<255).isEmpty &&
-      context.filterNot(f => f.length<255).isEmpty &&
-      description.filterNot(f => f.length<1000).isEmpty
+      target_url.forall(f => "\\Ahttps?://".r.findPrefixOf(f).isDefined && f.length < 255) &&
+      context.forall(f => f.length < 255) &&
+      description.forall(f => f.length < 1000)
   }
 }

src/main/scala/gitbucket/core/api/CreateAnIssue.scala

@@ -0,0 +1,11 @@
+package gitbucket.core.api
+
+/**
+  * https://developer.github.com/v3/issues/#create-an-issue
+  */
+case class CreateAnIssue(
+    title: String,
+    body: Option[String],
+    assignees: List[String],
+    milestone: Option[Int],
+    labels: List[String])

src/main/scala/gitbucket/core/api/JsonFormat.scala

@@ -31,6 +31,7 @@ object JsonFormat {
     FieldSerializer[ApiPullRequest.Commit]() +
     FieldSerializer[ApiIssue]() +
     FieldSerializer[ApiComment]() +
+    FieldSerializer[ApiContents]() +
     FieldSerializer[ApiLabel]() +
     ApiBranchProtection.enforcementLevelSerializer
 

src/main/scala/gitbucket/core/controller/AccountController.scala

@@ -1,51 +1,49 @@
 package gitbucket.core.controller
 
 import gitbucket.core.account.html
-import gitbucket.core.api._
 import gitbucket.core.helper
-import gitbucket.core.model.GroupMember
+import gitbucket.core.model.{GroupMember, Role}
+import gitbucket.core.plugin.PluginRegistry
 import gitbucket.core.service._
 import gitbucket.core.ssh.SshUtil
-import gitbucket.core.util.ControlUtil._
+import gitbucket.core.util.SyntaxSugars._
 import gitbucket.core.util.Directory._
 import gitbucket.core.util.Implicits._
 import gitbucket.core.util.StringUtil._
 import gitbucket.core.util._
-
 import io.github.gitbucket.scalatra.forms._
 import org.apache.commons.io.FileUtils
-import org.eclipse.jgit.api.Git
-import org.eclipse.jgit.dircache.DirCache
-import org.eclipse.jgit.lib.{FileMode, Constants}
 import org.scalatra.i18n.Messages
+import org.scalatra.BadRequest
 
 
 class AccountController extends AccountControllerBase
   with AccountService with RepositoryService with ActivityService with WikiService with LabelsService with SshKeyService
   with OneselfAuthenticator with UsersAuthenticator with GroupManagerAuthenticator with ReadableUsersAuthenticator
-  with AccessTokenService with WebHookService
+  with AccessTokenService with WebHookService with RepositoryCreationService
 
 
 trait AccountControllerBase extends AccountManagementControllerBase {
   self: AccountService with RepositoryService with ActivityService with WikiService with LabelsService with SshKeyService
     with OneselfAuthenticator with UsersAuthenticator with GroupManagerAuthenticator with ReadableUsersAuthenticator
-    with AccessTokenService with WebHookService =>
+    with AccessTokenService with WebHookService with RepositoryCreationService =>
 
   case class AccountNewForm(userName: String, password: String, fullName: String, mailAddress: String,
-                            url: Option[String], fileId: Option[String])
+                            description: Option[String], url: Option[String], fileId: Option[String])
 
   case class AccountEditForm(password: Option[String], fullName: String, mailAddress: String,
-                             url: Option[String], fileId: Option[String], clearImage: Boolean)
+                             description: Option[String], url: Option[String], fileId: Option[String], clearImage: Boolean)
 
   case class SshKeyForm(title: String, publicKey: String)
 
   case class PersonalTokenForm(note: String)
 
   val newForm = mapping(
-    "userName"    -> trim(label("User name"    , text(required, maxlength(100), identifier, uniqueUserName))),
+    "userName"    -> trim(label("User name"    , text(required, maxlength(100), identifier, uniqueUserName, reservedNames))),
     "password"    -> trim(label("Password"     , text(required, maxlength(20)))),
     "fullName"    -> trim(label("Full Name"    , text(required, maxlength(100)))),
     "mailAddress" -> trim(label("Mail Address" , text(required, maxlength(100), uniqueMailAddress()))),
+    "description" -> trim(label("bio"          , optional(text()))),
     "url"         -> trim(label("URL"          , optional(text(maxlength(200))))),
     "fileId"      -> trim(label("File ID"      , optional(text())))
   )(AccountNewForm.apply)
@@ -54,6 +52,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
     "password"    -> trim(label("Password"     , optional(text(maxlength(20))))),
     "fullName"    -> trim(label("Full Name"    , text(required, maxlength(100)))),
     "mailAddress" -> trim(label("Mail Address" , text(required, maxlength(100), uniqueMailAddress("userName")))),
+    "description" -> trim(label("bio"          , optional(text()))),
     "url"         -> trim(label("URL"          , optional(text(maxlength(200))))),
     "fileId"      -> trim(label("File ID"      , optional(text()))),
     "clearImage"  -> trim(label("Clear image"  , boolean()))
@@ -61,29 +60,31 @@ trait AccountControllerBase extends AccountManagementControllerBase {
 
   val sshKeyForm = mapping(
     "title"     -> trim(label("Title", text(required, maxlength(100)))),
-    "publicKey" -> trim(label("Key"  , text(required, validPublicKey)))
+    "publicKey" -> trim2(label("Key" , text(required, validPublicKey)))
   )(SshKeyForm.apply)
 
   val personalTokenForm = mapping(
-    "note"     -> trim(label("Token", text(required, maxlength(100))))
+    "note" -> trim(label("Token", text(required, maxlength(100))))
   )(PersonalTokenForm.apply)
 
-  case class NewGroupForm(groupName: String, url: Option[String], fileId: Option[String], members: String)
-  case class EditGroupForm(groupName: String, url: Option[String], fileId: Option[String], members: String, clearImage: Boolean)
+  case class NewGroupForm(groupName: String, description: Option[String], url: Option[String], fileId: Option[String], members: String)
+  case class EditGroupForm(groupName: String, description: Option[String], url: Option[String], fileId: Option[String], members: String, clearImage: Boolean)
 
   val newGroupForm = mapping(
-    "groupName" -> trim(label("Group name" ,text(required, maxlength(100), identifier, uniqueUserName))),
-    "url"       -> trim(label("URL"        ,optional(text(maxlength(200))))),
-    "fileId"    -> trim(label("File ID"    ,optional(text()))),
-    "members"   -> trim(label("Members"    ,text(required, members)))
+    "groupName"   -> trim(label("Group name" ,text(required, maxlength(100), identifier, uniqueUserName, reservedNames))),
+    "description" -> trim(label("Group description", optional(text()))),
+    "url"         -> trim(label("URL"        ,optional(text(maxlength(200))))),
+    "fileId"      -> trim(label("File ID"    ,optional(text()))),
+    "members"     -> trim(label("Members"    ,text(required, members)))
   )(NewGroupForm.apply)
 
   val editGroupForm = mapping(
-    "groupName"  -> trim(label("Group name"  ,text(required, maxlength(100), identifier))),
-    "url"        -> trim(label("URL"         ,optional(text(maxlength(200))))),
-    "fileId"     -> trim(label("File ID"     ,optional(text()))),
-    "members"    -> trim(label("Members"     ,text(required, members))),
-    "clearImage" -> trim(label("Clear image" ,boolean()))
+    "groupName"   -> trim(label("Group name"  ,text(required, maxlength(100), identifier))),
+    "description" -> trim(label("Group description", optional(text()))),
+    "url"         -> trim(label("URL"         ,optional(text(maxlength(200))))),
+    "fileId"      -> trim(label("File ID"     ,optional(text()))),
+    "members"     -> trim(label("Members"     ,text(required, members))),
+    "clearImage"  -> trim(label("Clear image" ,boolean()))
   )(EditGroupForm.apply)
 
   case class RepositoryCreationForm(owner: String, name: String, description: Option[String], isPrivate: Boolean, createReadme: Boolean)
@@ -124,7 +125,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
         // Members
         case "members" if(account.isGroupAccount) => {
           val members = getGroupMembers(account.userName)
-          gitbucket.core.account.html.members(account, members.map(_.userName),
+          gitbucket.core.account.html.members(account, members,
             context.loginAccount.exists(x => members.exists { member => member.userName == x.userName && member.isManager }))
         }
 
@@ -137,7 +138,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
             context.loginAccount.exists(x => members.exists { member => member.userName == x.userName && member.isManager }))
         }
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   }
 
   get("/:userName.atom") {
@@ -148,38 +149,29 @@ trait AccountControllerBase extends AccountManagementControllerBase {
 
   get("/:userName/_avatar"){
     val userName = params("userName")
-    getAccountByUserName(userName).flatMap(_.image).map { image =>
-      RawData(FileUtil.getMimeType(image), new java.io.File(getUserUploadDir(userName), image))
-    } getOrElse {
-      contentType = "image/png"
+    contentType = "image/png"
+    getAccountByUserName(userName).flatMap{ account =>
+      response.setDateHeader("Last-Modified", account.updatedDate.getTime)
+      account.image.map{ image =>
+        Some(RawData(FileUtil.getMimeType(image), new java.io.File(getUserUploadDir(userName), image)))
+      }.getOrElse{
+        if (account.isGroupAccount) {
+          TextAvatarUtil.textGroupAvatar(account.fullName)
+        } else {
+          TextAvatarUtil.textAvatar(account.fullName)
+        }
+      }
+    }.getOrElse{
+      response.setHeader("Cache-Control", "max-age=3600")
       Thread.currentThread.getContextClassLoader.getResourceAsStream("noimage.png")
     }
   }
 
-  /**
-   * https://developer.github.com/v3/users/#get-a-single-user
-   */
-  get("/api/v3/users/:userName") {
-    getAccountByUserName(params("userName")).map { account =>
-      JsonFormat(ApiUser(account))
-    } getOrElse NotFound
-  }
-
-  /**
-   * https://developer.github.com/v3/users/#get-the-authenticated-user
-   */
-  get("/api/v3/user") {
-    context.loginAccount.map { account =>
-      JsonFormat(ApiUser(account))
-    } getOrElse Unauthorized
-  }
-
-
   get("/:userName/_edit")(oneselfOnly {
     val userName = params("userName")
     getAccountByUserName(userName).map { x =>
-      html.edit(x, flash.get("info"))
-    } getOrElse NotFound
+      html.edit(x, flash.get("info"), flash.get("error"))
+    } getOrElse NotFound()
   })
 
   post("/:userName/_edit", editForm)(oneselfOnly { form =>
@@ -189,19 +181,24 @@ trait AccountControllerBase extends AccountManagementControllerBase {
         password    = form.password.map(sha1).getOrElse(account.password),
         fullName    = form.fullName,
         mailAddress = form.mailAddress,
+        description = form.description,
         url         = form.url))
 
       updateImage(userName, form.fileId, form.clearImage)
       flash += "info" -> "Account information has been updated."
       redirect(s"/${userName}/_edit")
 
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   get("/:userName/_delete")(oneselfOnly {
     val userName = params("userName")
 
-    getAccountByUserName(userName, true).foreach { account =>
+    getAccountByUserName(userName, true).map { account =>
+      if(isLastAdministrator(account)){
+        flash += "error" -> "Account can't be removed because this is last one administrator."
+        redirect(s"/${userName}/_edit")
+      } else {
 //      // Remove repositories
 //      getRepositoryNamesOfUser(userName).foreach { repositoryName =>
 //        deleteRepository(userName, repositoryName)
@@ -210,21 +207,19 @@ trait AccountControllerBase extends AccountManagementControllerBase {
 //        FileUtils.deleteDirectory(getTemporaryDir(userName, repositoryName))
 //      }
 //      // Remove from GROUP_MEMBER, COLLABORATOR and REPOSITORY
-//      removeUserRelatedData(userName)
-
-      removeUserRelatedData(userName)
-      updateAccount(account.copy(isRemoved = true))
-    }
-
-    session.invalidate
-    redirect("/")
+        removeUserRelatedData(userName)
+        updateAccount(account.copy(isRemoved = true))
+        session.invalidate
+        redirect("/")
+      }
+    } getOrElse NotFound()
   })
 
   get("/:userName/_ssh")(oneselfOnly {
     val userName = params("userName")
     getAccountByUserName(userName).map { x =>
       html.ssh(x, getPublicKeys(x.userName))
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   post("/:userName/_ssh", sshKeyForm)(oneselfOnly { form =>
@@ -255,7 +250,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
         case _ => None
       }
       html.application(x, tokens, generatedToken)
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   post("/:userName/_personalToken", personalTokenForm)(oneselfOnly { form =>
@@ -281,15 +276,15 @@ trait AccountControllerBase extends AccountManagementControllerBase {
       } else {
         html.register()
       }
-    } else NotFound
+    } else NotFound()
   }
 
   post("/register", newForm){ form =>
     if(context.settings.allowAccountRegistration){
-      createAccount(form.userName, sha1(form.password), form.fullName, form.mailAddress, false, form.url)
+      createAccount(form.userName, sha1(form.password), form.fullName, form.mailAddress, false, form.description, form.url)
       updateImage(form.userName, form.fileId, false)
       redirect("/signin")
-    } else NotFound
+    } else NotFound()
   }
 
   get("/groups/new")(usersOnly {
@@ -297,7 +292,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
   })
 
   post("/groups/new", newGroupForm)(usersOnly { form =>
-    createGroup(form.groupName, form.url)
+    createGroup(form.groupName, form.description, form.url)
     updateGroupMembers(form.groupName, form.members.split(",").map {
       _.split(":") match {
         case Array(userName, isManager) => (userName, isManager.toBoolean)
@@ -335,22 +330,22 @@ trait AccountControllerBase extends AccountManagementControllerBase {
       }
     }.toList){ case (groupName, members) =>
       getAccountByUserName(groupName, true).map { account =>
-        updateGroup(groupName, form.url, false)
+        updateGroup(groupName, form.description, form.url, false)
 
         // Update GROUP_MEMBER
         updateGroupMembers(form.groupName, members)
-        // Update COLLABORATOR for group repositories
-        getRepositoryNamesOfUser(form.groupName).foreach { repositoryName =>
-          removeCollaborators(form.groupName, repositoryName)
-          members.foreach { case (userName, isManager) =>
-            addCollaborator(form.groupName, repositoryName, userName)
-          }
-        }
+//        // Update COLLABORATOR for group repositories
+//        getRepositoryNamesOfUser(form.groupName).foreach { repositoryName =>
+//          removeCollaborators(form.groupName, repositoryName)
+//          members.foreach { case (userName, isManager) =>
+//            addCollaborator(form.groupName, repositoryName, userName)
+//          }
+//        }
 
         updateImage(form.groupName, form.fileId, form.clearImage)
         redirect(s"/${form.groupName}")
 
-      } getOrElse NotFound
+      } getOrElse NotFound()
     }
   })
 
@@ -367,196 +362,100 @@ trait AccountControllerBase extends AccountManagementControllerBase {
   post("/new", newRepositoryForm)(usersOnly { form =>
     LockUtil.lock(s"${form.owner}/${form.name}"){
       if(getRepository(form.owner, form.name).isEmpty){
-        createRepository(form.owner, form.name, form.description, form.isPrivate, form.createReadme)
-      }
+        // Create the repository
+        createRepository(context.loginAccount.get, form.owner, form.name, form.description, form.isPrivate, form.createReadme)
 
-      // redirect to the repository
-      redirect(s"/${form.owner}/${form.name}")
+        // Call hooks
+        PluginRegistry().getRepositoryHooks.foreach(_.created(form.owner, form.name))
+      }
     }
-  })
 
-  /**
-   * Create user repository
-   * https://developer.github.com/v3/repos/#create
-   */
-  post("/api/v3/user/repos")(usersOnly {
-    val owner = context.loginAccount.get.userName
-    (for {
-      data <- extractFromJsonBody[CreateARepository] if data.isValid
-    } yield {
-      LockUtil.lock(s"${owner}/${data.name}") {
-        if(getRepository(owner, data.name).isEmpty){
-          createRepository(owner, data.name, data.description, data.`private`, data.auto_init)
-          val repository = getRepository(owner, data.name).get
-          JsonFormat(ApiRepository(repository, ApiUser(getAccountByUserName(owner).get)))
-        } else {
-          ApiError(
-            "A repository with this name already exists on this account", 
-            Some("https://developer.github.com/v3/repos/#create")
-          )
-        }
-      }
-    }) getOrElse NotFound
-  })
-
-  /**
-   * Create group repository
-   * https://developer.github.com/v3/repos/#create
-   */
-  post("/api/v3/orgs/:org/repos")(managersOnly {
-    val groupName = params("org")
-    (for {
-      data <- extractFromJsonBody[CreateARepository] if data.isValid
-    } yield {
-      LockUtil.lock(s"${groupName}/${data.name}") {
-        if(getRepository(groupName, data.name).isEmpty){
-          createRepository(groupName, data.name, data.description, data.`private`, data.auto_init)
-          val repository = getRepository(groupName, data.name).get
-          JsonFormat(ApiRepository(repository, ApiUser(getAccountByUserName(groupName).get)))
-        } else {
-          ApiError(
-            "A repository with this name already exists for this group", 
-            Some("https://developer.github.com/v3/repos/#create")
-          )
-        }
-      }
-    }) getOrElse NotFound
+    // redirect to the repository
+    redirect(s"/${form.owner}/${form.name}")
   })
 
   get("/:owner/:repository/fork")(readableUsersOnly { repository =>
-    val loginAccount   = context.loginAccount.get
-    val loginUserName  = loginAccount.userName
-    val groups         = getGroupsByUserName(loginUserName)
-    groups match {
-      case _: List[String] =>
-        val managerPermissions = groups.map { group =>
-          val members = getGroupMembers(group)
-          context.loginAccount.exists(x => members.exists { member => member.userName == x.userName && member.isManager })
-        }
-        helper.html.forkrepository(
-          repository,
-          (groups zip managerPermissions).toMap
-        )
-      case _ => redirect(s"/${loginUserName}")
-    }
+    if(repository.repository.options.allowFork){
+      val loginAccount   = context.loginAccount.get
+      val loginUserName  = loginAccount.userName
+      val groups         = getGroupsByUserName(loginUserName)
+      groups match {
+        case _: List[String] =>
+          val managerPermissions = groups.map { group =>
+            val members = getGroupMembers(group)
+            context.loginAccount.exists(x => members.exists { member => member.userName == x.userName && member.isManager })
+          }
+          helper.html.forkrepository(
+            repository,
+            (groups zip managerPermissions).toMap
+          )
+        case _ => redirect(s"/${loginUserName}")
+      }
+    } else BadRequest()
   })
 
   post("/:owner/:repository/fork", accountForm)(readableUsersOnly { (form, repository) =>
-    val loginAccount  = context.loginAccount.get
-    val loginUserName = loginAccount.userName
-    val accountName   = form.accountName
+    if(repository.repository.options.allowFork){
+      val loginAccount  = context.loginAccount.get
+      val loginUserName = loginAccount.userName
+      val accountName   = form.accountName
 
-    LockUtil.lock(s"${accountName}/${repository.name}"){
-      if(getRepository(accountName, repository.name).isDefined ||
-          (accountName != loginUserName && !getGroupsByUserName(loginUserName).contains(accountName))){
-        // redirect to the repository if repository already exists
-        redirect(s"/${accountName}/${repository.name}")
-      } else {
-        // Insert to the database at first
-        val originUserName = repository.repository.originUserName.getOrElse(repository.owner)
-        val originRepositoryName = repository.repository.originRepositoryName.getOrElse(repository.name)
-
-        createRepository(
-          repositoryName       = repository.name,
-          userName             = accountName,
-          description          = repository.repository.description,
-          isPrivate            = repository.repository.isPrivate,
-          originRepositoryName = Some(originRepositoryName),
-          originUserName       = Some(originUserName),
-          parentRepositoryName = Some(repository.name),
-          parentUserName       = Some(repository.owner)
-        )
-
-        // Add collaborators for group repository
-        val ownerAccount = getAccountByUserName(accountName).get
-        if(ownerAccount.isGroupAccount){
-          getGroupMembers(accountName).foreach { member =>
-            addCollaborator(accountName, repository.name, member.userName)
-          }
-        }
-
-        // Insert default labels
-        insertDefaultLabels(accountName, repository.name)
-
-        // clone repository actually
-        JGitUtil.cloneRepository(
-          getRepositoryDir(repository.owner, repository.name),
-          getRepositoryDir(accountName, repository.name))
-
-        // Create Wiki repository
-        JGitUtil.cloneRepository(
-          getWikiRepositoryDir(repository.owner, repository.name),
-          getWikiRepositoryDir(accountName, repository.name))
-
-        // Record activity
-        recordForkActivity(repository.owner, repository.name, loginUserName, accountName)
-        // redirect to the repository
-        redirect(s"/${accountName}/${repository.name}")
-      }
-    }
-  })
-
-  private def createRepository(owner: String, name: String, description: Option[String], isPrivate: Boolean, createReadme: Boolean) {
-    val ownerAccount  = getAccountByUserName(owner).get
-    val loginAccount  = context.loginAccount.get
-    val loginUserName = loginAccount.userName
-
-    // Insert to the database at first
-    createRepository(name, owner, description, isPrivate)
-
-    // Add collaborators for group repository
-    if(ownerAccount.isGroupAccount){
-      getGroupMembers(owner).foreach { member =>
-        addCollaborator(owner, name, member.userName)
-      }
-    }
-
-    // Insert default labels
-    insertDefaultLabels(owner, name)
-
-    // Create the actual repository
-    val gitdir = getRepositoryDir(owner, name)
-    JGitUtil.initRepository(gitdir)
-
-    if(createReadme){
-      using(Git.open(gitdir)){ git =>
-        val builder  = DirCache.newInCore.builder()
-        val inserter = git.getRepository.newObjectInserter()
-        val headId   = git.getRepository.resolve(Constants.HEAD + "^{commit}")
-        val content  = if(description.nonEmpty){
-          name + "\n" +
-          "===============\n" +
-          "\n" +
-          description.get
+      LockUtil.lock(s"${accountName}/${repository.name}"){
+        if(getRepository(accountName, repository.name).isDefined ||
+            (accountName != loginUserName && !getGroupsByUserName(loginUserName).contains(accountName))){
+          // redirect to the repository if repository already exists
+          redirect(s"/${accountName}/${repository.name}")
         } else {
-          name + "\n" +
-          "===============\n"
+          // Insert to the database at first
+          val originUserName = repository.repository.originUserName.getOrElse(repository.owner)
+          val originRepositoryName = repository.repository.originRepositoryName.getOrElse(repository.name)
+
+          insertRepository(
+            repositoryName       = repository.name,
+            userName             = accountName,
+            description          = repository.repository.description,
+            isPrivate            = repository.repository.isPrivate,
+            originRepositoryName = Some(originRepositoryName),
+            originUserName       = Some(originUserName),
+            parentRepositoryName = Some(repository.name),
+            parentUserName       = Some(repository.owner)
+          )
+
+          // Set default collaborators for the private fork
+          if(repository.repository.isPrivate){
+            // Copy collaborators from the source repository
+            getCollaborators(repository.owner, repository.name).foreach { case (collaborator, _) =>
+              addCollaborator(accountName, repository.name, collaborator.collaboratorName, collaborator.role)
+            }
+            // Register an owner of the source repository as a collaborator
+            addCollaborator(accountName, repository.name, repository.owner, Role.ADMIN.name)
+          }
+
+          // Insert default labels
+          insertDefaultLabels(accountName, repository.name)
+
+          // clone repository actually
+          JGitUtil.cloneRepository(
+            getRepositoryDir(repository.owner, repository.name),
+            getRepositoryDir(accountName, repository.name))
+
+          // Create Wiki repository
+          JGitUtil.cloneRepository(
+            getWikiRepositoryDir(repository.owner, repository.name),
+            getWikiRepositoryDir(accountName, repository.name))
+
+          // Record activity
+          recordForkActivity(repository.owner, repository.name, loginUserName, accountName)
+
+          // Call hooks
+          PluginRegistry().getRepositoryHooks.foreach(_.forked(repository.owner, accountName, repository.name))
+
+          // redirect to the repository
+          redirect(s"/${accountName}/${repository.name}")
         }
-
-        builder.add(JGitUtil.createDirCacheEntry("README.md", FileMode.REGULAR_FILE,
-          inserter.insert(Constants.OBJ_BLOB, content.getBytes("UTF-8"))))
-        builder.finish()
-
-        JGitUtil.createNewCommit(git, inserter, headId, builder.getDirCache.writeTree(inserter),
-          Constants.HEAD, loginAccount.fullName, loginAccount.mailAddress, "Initial commit")
       }
-    }
-
-    // Create Wiki repository
-    createWikiRepository(loginAccount, owner, name)
-
-    // Record activity
-    recordCreateRepositoryActivity(owner, name, loginUserName)
-  }
-
-  private def insertDefaultLabels(userName: String, repositoryName: String): Unit = {
-    createLabel(userName, repositoryName, "bug", "fc2929")
-    createLabel(userName, repositoryName, "duplicate", "cccccc")
-    createLabel(userName, repositoryName, "enhancement", "84b6eb")
-    createLabel(userName, repositoryName, "invalid", "e6e6e6")
-    createLabel(userName, repositoryName, "question", "cc317c")
-    createLabel(userName, repositoryName, "wontfix", "ffffff")
-  }
+    } else BadRequest()
+  })
 
   private def existsAccount: Constraint = new Constraint(){
     override def validate(name: String, value: String, messages: Messages): Option[String] =
@@ -580,8 +479,8 @@ trait AccountControllerBase extends AccountManagementControllerBase {
 
   private def validPublicKey: Constraint = new Constraint(){
     override def validate(name: String, value: String, messages: Messages): Option[String] = SshUtil.str2PublicKey(value) match {
-     case Some(_) => None
-     case None => Some("Key is invalid.")
+     case Some(_) if !getAllKeys().exists(_.publicKey == value) => None
+     case _ => Some("Key is invalid.")
     }
   }
 

src/main/scala/gitbucket/core/controller/ApiController.scala

@@ -0,0 +1,645 @@
+package gitbucket.core.controller
+
+import gitbucket.core.api._
+import gitbucket.core.model._
+import gitbucket.core.service.IssuesService.IssueSearchCondition
+import gitbucket.core.service.PullRequestService._
+import gitbucket.core.service._
+import gitbucket.core.util.SyntaxSugars._
+import gitbucket.core.util.Directory._
+import gitbucket.core.util.JGitUtil._
+import gitbucket.core.util._
+import gitbucket.core.util.Implicits._
+import gitbucket.core.view.helpers.{renderMarkup, isRenderable}
+import org.eclipse.jgit.api.Git
+import org.scalatra.{NoContent, UnprocessableEntity, Created}
+import scala.collection.JavaConverters._
+
+class ApiController extends ApiControllerBase
+  with RepositoryService
+  with AccountService
+  with ProtectedBranchService
+  with IssuesService
+  with LabelsService
+  with MilestonesService
+  with PullRequestService
+  with CommitsService
+  with CommitStatusService
+  with RepositoryCreationService
+  with IssueCreationService
+  with HandleCommentService
+  with WebHookService
+  with WebHookPullRequestService
+  with WebHookIssueCommentService
+  with WikiService
+  with ActivityService
+  with OwnerAuthenticator
+  with UsersAuthenticator
+  with GroupManagerAuthenticator
+  with ReferrerAuthenticator
+  with ReadableUsersAuthenticator
+  with WritableUsersAuthenticator
+
+trait ApiControllerBase extends ControllerBase {
+  self: RepositoryService
+    with AccountService
+    with ProtectedBranchService
+    with IssuesService
+    with LabelsService
+    with MilestonesService
+    with PullRequestService
+    with CommitStatusService
+    with RepositoryCreationService
+    with IssueCreationService
+    with HandleCommentService
+    with OwnerAuthenticator
+    with UsersAuthenticator
+    with GroupManagerAuthenticator
+    with ReferrerAuthenticator
+    with ReadableUsersAuthenticator
+    with WritableUsersAuthenticator =>
+
+  /**
+    * 404 for non-implemented api
+    */
+  get("/api/v3/*") {
+    NotFound()
+  }
+
+  /**
+    * https://developer.github.com/v3/#root-endpoint
+    */
+  get("/api/v3/") {
+    JsonFormat(ApiEndPoint())
+  }
+
+  /**
+    * https://developer.github.com/v3/orgs/#get-an-organization
+    */
+  get("/api/v3/orgs/:groupName") {
+    getAccountByUserName(params("groupName")).filter(account => account.isGroupAccount).map { account =>
+      JsonFormat(ApiUser(account))
+    } getOrElse NotFound()
+  }
+
+  /**
+   * https://developer.github.com/v3/users/#get-a-single-user
+   * This API also returns group information (as GitHub).
+   */
+  get("/api/v3/users/:userName") {
+    getAccountByUserName(params("userName")).map { account =>
+      JsonFormat(ApiUser(account))
+    } getOrElse NotFound()
+  }
+
+  /**
+    * https://developer.github.com/v3/repos/#list-organization-repositories
+    */
+  get("/api/v3/orgs/:orgName/repos") {
+    JsonFormat(getVisibleRepositories(context.loginAccount, Some(params("orgName"))).map{ r => ApiRepository(r, getAccountByUserName(r.owner).get)})
+  }
+  /**
+   * https://developer.github.com/v3/repos/#list-user-repositories
+   */
+  get("/api/v3/users/:userName/repos") {
+    JsonFormat(getVisibleRepositories(context.loginAccount, Some(params("userName"))).map{ r => ApiRepository(r, getAccountByUserName(r.owner).get)})
+  }
+
+  /*
+   * https://developer.github.com/v3/repos/branches/#list-branches
+   */
+  get ("/api/v3/repos/:owner/:repo/branches")(referrersOnly { repository =>
+    JsonFormat(JGitUtil.getBranches(
+      owner         = repository.owner,
+      name          = repository.name,
+      defaultBranch = repository.repository.defaultBranch,
+      origin        = repository.repository.originUserName.isEmpty
+    ).map { br =>
+      ApiBranchForList(br.name, ApiBranchCommit(br.commitId))
+    })
+  })
+
+  /**
+    * https://developer.github.com/v3/repos/branches/#get-branch
+    */
+  get ("/api/v3/repos/:owner/:repo/branches/:branch")(referrersOnly { repository =>
+    //import gitbucket.core.api._
+    (for{
+      branch     <- params.get("branch") if repository.branchList.contains(branch)
+      br <- getBranches(repository.owner, repository.name, repository.repository.defaultBranch, repository.repository.originUserName.isEmpty).find(_.name == branch)
+    } yield {
+      val protection = getProtectedBranchInfo(repository.owner, repository.name, branch)
+      JsonFormat(ApiBranch(branch, ApiBranchCommit(br.commitId), ApiBranchProtection(protection))(RepositoryName(repository)))
+    }) getOrElse NotFound()
+  })
+
+  /*
+   * https://developer.github.com/v3/repos/contents/#get-contents
+   */
+  get("/api/v3/repos/:owner/:repo/contents/*")(referrersOnly { repository =>
+    def getFileInfo(git: Git, revision: String, pathStr: String): Option[FileInfo] = {
+      val path = new java.io.File(pathStr)
+      val dirName = path.getParent match {
+        case null => "."
+        case s => s
+      }
+      getFileList(git, revision, dirName).find(f => f.name.equals(path.getName))
+    }
+
+    val path = multiParams("splat").head match {
+      case s if s.isEmpty => "."
+      case s => s
+    }
+    val refStr = params.getOrElse("ref", repository.repository.defaultBranch)
+
+    using(Git.open(getRepositoryDir(params("owner"), params("repo")))){ git =>
+      val fileList = getFileList(git, refStr, path)
+      if (fileList.isEmpty) { // file or NotFound
+        getFileInfo(git, refStr, path).flatMap(f => {
+          val largeFile = params.get("large_file").exists(s => s.equals("true"))
+          val content = getContentFromId(git, f.id, largeFile)
+          request.getHeader("Accept") match {
+            case "application/vnd.github.v3.raw" => {
+              contentType = "application/vnd.github.v3.raw"
+              content
+            }
+            case "application/vnd.github.v3.html" if isRenderable(f.name) => {
+              contentType = "application/vnd.github.v3.html"
+              content.map(c =>
+                List(
+                  "<div data-path=\"", path, "\" id=\"file\">", "<article>",
+                  renderMarkup(path.split("/").toList, new String(c), refStr, repository, false, false, true).body,
+                  "</article>", "</div>"
+                ).mkString
+              )
+            }
+            case "application/vnd.github.v3.html" => {
+              contentType = "application/vnd.github.v3.html"
+              content.map(c =>
+                List(
+                  "<div data-path=\"", path, "\" id=\"file\">", "<div class=\"plain\">", "<pre>",
+                  play.twirl.api.HtmlFormat.escape(new String(c)).body,
+                  "</pre>", "</div>", "</div>"
+                ).mkString
+              )
+            }
+            case _ =>
+              Some(JsonFormat(ApiContents(f, RepositoryName(repository), content)))
+          }
+        }).getOrElse(NotFound())
+      } else { // directory
+        JsonFormat(fileList.map{f => ApiContents(f, RepositoryName(repository), None)})
+      }
+    }
+  })
+
+  /*
+   * https://developer.github.com/v3/git/refs/#get-a-reference
+   */
+  get("/api/v3/repos/:owner/:repo/git/*") (referrersOnly { repository =>
+    val revstr = multiParams("splat").head
+    using(Git.open(getRepositoryDir(params("owner"), params("repo")))) { git =>
+      //JsonFormat( (revstr, git.getRepository().resolve(revstr)) )
+      // getRef is deprecated by jgit-4.2. use exactRef() or findRef()
+      val sha = git.getRepository().exactRef(revstr).getObjectId().name()
+      JsonFormat(ApiRef(revstr, ApiObject(sha)))
+    }
+  })
+
+  /**
+   * https://developer.github.com/v3/repos/collaborators/#list-collaborators
+   */
+  get("/api/v3/repos/:owner/:repo/collaborators") (referrersOnly { repository =>
+    // TODO Should ApiUser take permission? getCollaboratorUserNames does not return owner group members.
+    JsonFormat(getCollaboratorUserNames(params("owner"), params("repo")).map(u => ApiUser(getAccountByUserName(u).get)))
+  })
+
+  /**
+   * https://developer.github.com/v3/users/#get-the-authenticated-user
+   */
+  get("/api/v3/user") {
+    context.loginAccount.map { account =>
+      JsonFormat(ApiUser(account))
+    } getOrElse Unauthorized()
+  }
+
+  /**
+   * List user's own repository
+   * https://developer.github.com/v3/repos/#list-your-repositories
+   */
+  get("/api/v3/user/repos")(usersOnly{
+    JsonFormat(getVisibleRepositories(context.loginAccount, Option(context.loginAccount.get.userName)).map{
+      r => ApiRepository(r, getAccountByUserName(r.owner).get)
+    })
+  })
+
+  /**
+   * Create user repository
+   * https://developer.github.com/v3/repos/#create
+   */
+  post("/api/v3/user/repos")(usersOnly {
+    val owner = context.loginAccount.get.userName
+    (for {
+      data <- extractFromJsonBody[CreateARepository] if data.isValid
+    } yield {
+      LockUtil.lock(s"${owner}/${data.name}") {
+        if(getRepository(owner, data.name).isEmpty){
+          createRepository(context.loginAccount.get, owner, data.name, data.description, data.`private`, data.auto_init)
+          val repository = getRepository(owner, data.name).get
+          JsonFormat(ApiRepository(repository, ApiUser(getAccountByUserName(owner).get)))
+        } else {
+          ApiError(
+            "A repository with this name already exists on this account",
+            Some("https://developer.github.com/v3/repos/#create")
+          )
+        }
+      }
+    }) getOrElse NotFound()
+  })
+
+  /**
+   * Create group repository
+   * https://developer.github.com/v3/repos/#create
+   */
+  post("/api/v3/orgs/:org/repos")(managersOnly {
+    val groupName = params("org")
+    (for {
+      data <- extractFromJsonBody[CreateARepository] if data.isValid
+    } yield {
+      LockUtil.lock(s"${groupName}/${data.name}") {
+        if(getRepository(groupName, data.name).isEmpty){
+          createRepository(context.loginAccount.get, groupName, data.name, data.description, data.`private`, data.auto_init)
+          val repository = getRepository(groupName, data.name).get
+          JsonFormat(ApiRepository(repository, ApiUser(getAccountByUserName(groupName).get)))
+        } else {
+          ApiError(
+            "A repository with this name already exists for this group",
+            Some("https://developer.github.com/v3/repos/#create")
+          )
+        }
+      }
+    }) getOrElse NotFound()
+  })
+
+  /**
+   * https://developer.github.com/v3/repos/#enabling-and-disabling-branch-protection
+   */
+  patch("/api/v3/repos/:owner/:repo/branches/:branch")(ownerOnly { repository =>
+    import gitbucket.core.api._
+    (for{
+      branch     <- params.get("branch") if repository.branchList.contains(branch)
+      protection <- extractFromJsonBody[ApiBranchProtection.EnablingAndDisabling].map(_.protection)
+      br <- getBranches(repository.owner, repository.name, repository.repository.defaultBranch, repository.repository.originUserName.isEmpty).find(_.name == branch)
+    } yield {
+      if(protection.enabled){
+        enableBranchProtection(repository.owner, repository.name, branch, protection.status.enforcement_level == ApiBranchProtection.Everyone, protection.status.contexts)
+      } else {
+        disableBranchProtection(repository.owner, repository.name, branch)
+      }
+      JsonFormat(ApiBranch(branch, ApiBranchCommit(br.commitId), protection)(RepositoryName(repository)))
+    }) getOrElse NotFound()
+  })
+
+  /**
+   * @see https://developer.github.com/v3/rate_limit/#get-your-current-rate-limit-status
+   * but not enabled.
+   */
+  get("/api/v3/rate_limit"){
+    contentType = formats("json")
+    // this message is same as github enterprise...
+    org.scalatra.NotFound(ApiError("Rate limiting is not enabled."))
+  }
+
+  /**
+    * https://developer.github.com/v3/issues/#list-issues-for-a-repository
+    */
+  get("/api/v3/repos/:owner/:repository/issues")(referrersOnly { repository =>
+    val page = IssueSearchCondition.page(request)
+    // TODO: more api spec condition
+    val condition = IssueSearchCondition(request)
+    val baseOwner = getAccountByUserName(repository.owner).get
+
+    val issues: List[(Issue, Account)] =
+      searchIssueByApi(
+        condition = condition,
+        offset    = (page - 1) * PullRequestLimit,
+        limit     = PullRequestLimit,
+        repos     = repository.owner -> repository.name
+      )
+
+    JsonFormat(issues.map { case (issue, issueUser) =>
+      ApiIssue(
+        issue          = issue,
+        repositoryName = RepositoryName(repository),
+        user           = ApiUser(issueUser)
+      )
+    })
+  })
+
+  /**
+   * https://developer.github.com/v3/issues/#get-a-single-issue
+   */
+  get("/api/v3/repos/:owner/:repository/issues/:id")(referrersOnly { repository =>
+    (for{
+      issueId  <- params("id").toIntOpt
+      issue <- getIssue(repository.owner, repository.name, issueId.toString)
+      openedUser <- getAccountByUserName(issue.openedUserName)
+    } yield {
+      JsonFormat(ApiIssue(issue, RepositoryName(repository), ApiUser(openedUser)))
+    }) getOrElse NotFound()
+  })
+
+  /**
+    * https://developer.github.com/v3/issues/#create-an-issue
+    */
+  post("/api/v3/repos/:owner/:repository/issues")(readableUsersOnly { repository =>
+    if(isIssueEditable(repository)){ // TODO Should this check is provided by authenticator?
+      (for{
+        data <- extractFromJsonBody[CreateAnIssue]
+        loginAccount <- context.loginAccount
+      } yield {
+        val milestone = data.milestone.flatMap(getMilestone(repository.owner, repository.name, _))
+        val issue = createIssue(
+          repository,
+          data.title,
+          data.body,
+          data.assignees.headOption,
+          milestone.map(_.milestoneId),
+          data.labels,
+          loginAccount)
+        JsonFormat(ApiIssue(issue, RepositoryName(repository), ApiUser(loginAccount)))
+      }) getOrElse NotFound()
+    } else Unauthorized()
+  })
+
+  /**
+   * https://developer.github.com/v3/issues/comments/#list-comments-on-an-issue
+   */
+  get("/api/v3/repos/:owner/:repository/issues/:id/comments")(referrersOnly { repository =>
+    (for{
+      issueId  <- params("id").toIntOpt
+      comments =  getCommentsForApi(repository.owner, repository.name, issueId.toInt)
+    } yield {
+      JsonFormat(comments.map{ case (issueComment, user, issue) => ApiComment(issueComment, RepositoryName(repository), issueId, ApiUser(user), issue.isPullRequest) })
+    }) getOrElse NotFound()
+  })
+
+  /**
+   * https://developer.github.com/v3/issues/comments/#create-a-comment
+   */
+  post("/api/v3/repos/:owner/:repository/issues/:id/comments")(readableUsersOnly { repository =>
+    (for{
+      issueId      <- params("id").toIntOpt
+      issue        <- getIssue(repository.owner, repository.name, issueId.toString)
+      body         <- extractFromJsonBody[CreateAComment].map(_.body) if ! body.isEmpty
+      action       =  params.get("action").filter(_ => isEditable(issue.userName, issue.repositoryName, issue.openedUserName))
+      (issue, id)  <- handleComment(issue, Some(body), repository, action)
+      issueComment <- getComment(repository.owner, repository.name, id.toString())
+    } yield {
+      JsonFormat(ApiComment(issueComment, RepositoryName(repository), issueId, ApiUser(context.loginAccount.get), issue.isPullRequest))
+    }) getOrElse NotFound()
+  })
+
+  /**
+   * List all labels for this repository
+   * https://developer.github.com/v3/issues/labels/#list-all-labels-for-this-repository
+   */
+  get("/api/v3/repos/:owner/:repository/labels")(referrersOnly { repository =>
+    JsonFormat(getLabels(repository.owner, repository.name).map { label =>
+      ApiLabel(label, RepositoryName(repository))
+    })
+  })
+
+  /**
+   * Get a single label
+   * https://developer.github.com/v3/issues/labels/#get-a-single-label
+   */
+  get("/api/v3/repos/:owner/:repository/labels/:labelName")(referrersOnly { repository =>
+    getLabel(repository.owner, repository.name, params("labelName")).map { label =>
+      JsonFormat(ApiLabel(label, RepositoryName(repository)))
+    } getOrElse NotFound()
+  })
+
+  /**
+   * Create a label
+   * https://developer.github.com/v3/issues/labels/#create-a-label
+   */
+  post("/api/v3/repos/:owner/:repository/labels")(writableUsersOnly { repository =>
+    (for{
+      data <- extractFromJsonBody[CreateALabel] if data.isValid
+    } yield {
+      LockUtil.lock(RepositoryName(repository).fullName) {
+        if (getLabel(repository.owner, repository.name, data.name).isEmpty) {
+          val labelId = createLabel(repository.owner, repository.name, data.name, data.color)
+          getLabel(repository.owner, repository.name, labelId).map { label =>
+            Created(JsonFormat(ApiLabel(label, RepositoryName(repository))))
+          } getOrElse NotFound()
+        } else {
+          // TODO ApiError should support errors field to enhance compatibility of GitHub API
+          UnprocessableEntity(ApiError(
+            "Validation Failed",
+            Some("https://developer.github.com/v3/issues/labels/#create-a-label")
+          ))
+        }
+      }
+    }) getOrElse NotFound()
+  })
+
+  /**
+   * Update a label
+   * https://developer.github.com/v3/issues/labels/#update-a-label
+   */
+  patch("/api/v3/repos/:owner/:repository/labels/:labelName")(writableUsersOnly { repository =>
+    (for{
+      data <- extractFromJsonBody[CreateALabel] if data.isValid
+    } yield {
+      LockUtil.lock(RepositoryName(repository).fullName) {
+        getLabel(repository.owner, repository.name, params("labelName")).map { label =>
+          if (getLabel(repository.owner, repository.name, data.name).isEmpty) {
+            updateLabel(repository.owner, repository.name, label.labelId, data.name, data.color)
+            JsonFormat(ApiLabel(
+              getLabel(repository.owner, repository.name, label.labelId).get,
+              RepositoryName(repository)
+            ))
+          } else {
+            // TODO ApiError should support errors field to enhance compatibility of GitHub API
+            UnprocessableEntity(ApiError(
+              "Validation Failed",
+              Some("https://developer.github.com/v3/issues/labels/#create-a-label")
+            ))
+          }
+        } getOrElse NotFound()
+      }
+    }) getOrElse NotFound()
+  })
+
+  /**
+   * Delete a label
+   * https://developer.github.com/v3/issues/labels/#delete-a-label
+   */
+  delete("/api/v3/repos/:owner/:repository/labels/:labelName")(writableUsersOnly { repository =>
+    LockUtil.lock(RepositoryName(repository).fullName) {
+      getLabel(repository.owner, repository.name, params("labelName")).map { label =>
+        deleteLabel(repository.owner, repository.name, label.labelId)
+        NoContent()
+      } getOrElse NotFound()
+    }
+  })
+
+  /**
+   * https://developer.github.com/v3/pulls/#list-pull-requests
+   */
+  get("/api/v3/repos/:owner/:repository/pulls")(referrersOnly { repository =>
+    val page = IssueSearchCondition.page(request)
+    // TODO: more api spec condition
+    val condition = IssueSearchCondition(request)
+    val baseOwner = getAccountByUserName(repository.owner).get
+
+    val issues: List[(Issue, Account, Int, PullRequest, Repository, Account)] =
+      searchPullRequestByApi(
+        condition = condition,
+        offset    = (page - 1) * PullRequestLimit,
+        limit     = PullRequestLimit,
+        repos     = repository.owner -> repository.name
+      )
+
+    JsonFormat(issues.map { case (issue, issueUser, commentCount, pullRequest, headRepo, headOwner) =>
+      ApiPullRequest(
+        issue         = issue,
+        pullRequest   = pullRequest,
+        headRepo      = ApiRepository(headRepo, ApiUser(headOwner)),
+        baseRepo      = ApiRepository(repository, ApiUser(baseOwner)),
+        user          = ApiUser(issueUser),
+        mergedComment = getMergedComment(repository.owner, repository.name, issue.issueId)
+      )
+    })
+  })
+
+  /**
+   * https://developer.github.com/v3/pulls/#get-a-single-pull-request
+   */
+  get("/api/v3/repos/:owner/:repository/pulls/:id")(referrersOnly { repository =>
+    (for{
+      issueId   <- params("id").toIntOpt
+      (issue, pullRequest) <- getPullRequest(repository.owner, repository.name, issueId)
+      users     =  getAccountsByUserNames(Set(repository.owner, pullRequest.requestUserName, issue.openedUserName), Set.empty)
+      baseOwner <- users.get(repository.owner)
+      headOwner <- users.get(pullRequest.requestUserName)
+      issueUser <- users.get(issue.openedUserName)
+      headRepo  <- getRepository(pullRequest.requestUserName, pullRequest.requestRepositoryName)
+    } yield {
+      JsonFormat(ApiPullRequest(
+        issue         = issue,
+        pullRequest   = pullRequest,
+        headRepo      = ApiRepository(headRepo, ApiUser(headOwner)),
+        baseRepo      = ApiRepository(repository, ApiUser(baseOwner)),
+        user          = ApiUser(issueUser),
+        mergedComment = getMergedComment(repository.owner, repository.name, issue.issueId)
+      ))
+    }) getOrElse NotFound()
+  })
+
+  /**
+   * https://developer.github.com/v3/pulls/#list-commits-on-a-pull-request
+   */
+  get("/api/v3/repos/:owner/:repository/pulls/:id/commits")(referrersOnly { repository =>
+    val owner = repository.owner
+    val name = repository.name
+    params("id").toIntOpt.flatMap{ issueId =>
+      getPullRequest(owner, name, issueId) map { case(issue, pullreq) =>
+        using(Git.open(getRepositoryDir(owner, name))){ git =>
+          val oldId = git.getRepository.resolve(pullreq.commitIdFrom)
+          val newId = git.getRepository.resolve(pullreq.commitIdTo)
+          val repoFullName = RepositoryName(repository)
+          val commits = git.log.addRange(oldId, newId).call.iterator.asScala.map { c => ApiCommitListItem(new CommitInfo(c), repoFullName) }.toList
+          JsonFormat(commits)
+        }
+      }
+    } getOrElse NotFound()
+  })
+
+  /**
+   * https://developer.github.com/v3/repos/#get
+   */
+  get("/api/v3/repos/:owner/:repository")(referrersOnly { repository =>
+    JsonFormat(ApiRepository(repository, ApiUser(getAccountByUserName(repository.owner).get)))
+  })
+
+  /**
+   * https://developer.github.com/v3/repos/statuses/#create-a-status
+   */
+  post("/api/v3/repos/:owner/:repo/statuses/:sha")(writableUsersOnly { repository =>
+    (for{
+      ref      <- params.get("sha")
+      sha      <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
+      data     <- extractFromJsonBody[CreateAStatus] if data.isValid
+      creator  <- context.loginAccount
+      state    <- CommitState.valueOf(data.state)
+      statusId =  createCommitStatus(repository.owner, repository.name, sha, data.context.getOrElse("default"),
+                                     state, data.target_url, data.description, new java.util.Date(), creator)
+      status   <- getCommitStatus(repository.owner, repository.name, statusId)
+    } yield {
+      JsonFormat(ApiCommitStatus(status, ApiUser(creator)))
+    }) getOrElse NotFound()
+  })
+
+  /**
+   * https://developer.github.com/v3/repos/statuses/#list-statuses-for-a-specific-ref
+   *
+   * ref is Ref to list the statuses from. It can be a SHA, a branch name, or a tag name.
+   */
+  val listStatusesRoute = get("/api/v3/repos/:owner/:repo/commits/:ref/statuses")(referrersOnly { repository =>
+    (for{
+      ref <- params.get("ref")
+      sha <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
+    } yield {
+      JsonFormat(getCommitStatuesWithCreator(repository.owner, repository.name, sha).map{ case(status, creator) =>
+        ApiCommitStatus(status, ApiUser(creator))
+      })
+    }) getOrElse NotFound()
+  })
+
+  /**
+   * https://developer.github.com/v3/repos/statuses/#list-statuses-for-a-specific-ref
+   *
+   * legacy route
+   */
+  get("/api/v3/repos/:owner/:repo/statuses/:ref"){
+    listStatusesRoute.action()
+  }
+
+  /**
+   * https://developer.github.com/v3/repos/statuses/#get-the-combined-status-for-a-specific-ref
+   *
+   * ref is Ref to list the statuses from. It can be a SHA, a branch name, or a tag name.
+   */
+  get("/api/v3/repos/:owner/:repo/commits/:ref/status")(referrersOnly { repository =>
+    (for{
+      ref   <- params.get("ref")
+      owner <- getAccountByUserName(repository.owner)
+      sha   <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
+    } yield {
+      val statuses = getCommitStatuesWithCreator(repository.owner, repository.name, sha)
+      JsonFormat(ApiCombinedCommitStatus(sha, statuses, ApiRepository(repository, owner)))
+    }) getOrElse NotFound()
+  })
+
+  private def isEditable(owner: String, repository: String, author: String)(implicit context: Context): Boolean =
+    hasDeveloperRole(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
+
+  /**
+    * non-GitHub compatible API for Jenkins-Plugin
+    */
+  get("/api/v3/repos/:owner/:repo/raw/*")(referrersOnly { repository =>
+    val (id, path) = repository.splitPath(multiParams("splat").head)
+    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
+      val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(id))
+
+      getPathObjectId(git, path, revCommit).map { objectId =>
+        responseRawFile(git, objectId, path, repository)
+      } getOrElse NotFound()
+    }
+  })
+
+}
+

src/main/scala/gitbucket/core/controller/ControllerBase.scala

@@ -1,25 +1,31 @@
 package gitbucket.core.controller
 
+import java.io.FileInputStream
+
 import gitbucket.core.api.ApiError
 import gitbucket.core.model.Account
-import gitbucket.core.service.{AccountService, SystemSettingsService}
-import gitbucket.core.util.ControlUtil._
+import gitbucket.core.service.{AccountService, SystemSettingsService,RepositoryService}
+import gitbucket.core.util.SyntaxSugars._
 import gitbucket.core.util.Directory._
 import gitbucket.core.util.Implicits._
 import gitbucket.core.util._
-
+import gitbucket.core.util.JGitUtil._
 import io.github.gitbucket.scalatra.forms._
-import org.apache.commons.io.FileUtils
 import org.json4s._
 import org.scalatra._
 import org.scalatra.i18n._
 import org.scalatra.json._
-
-import javax.servlet.http.{HttpServletResponse, HttpServletRequest}
-import javax.servlet.{FilterChain, ServletResponse, ServletRequest}
+import javax.servlet.http.{HttpServletRequest, HttpServletResponse}
+import javax.servlet.{FilterChain, ServletRequest, ServletResponse}
 
 import scala.util.Try
+import net.coobird.thumbnailator.Thumbnails
 
+import org.eclipse.jgit.api.Git
+import org.eclipse.jgit.lib.ObjectId
+import org.eclipse.jgit.revwalk.RevCommit
+import org.eclipse.jgit.treewalk._
+import org.apache.commons.io.IOUtils
 
 /**
  * Provides generic features for controller implementations.
@@ -34,10 +40,6 @@ abstract class ControllerBase extends ScalatraFilter
     contentType = formats("json")
   }
 
-// TODO Scala 2.11
-//  // Don't set content type via Accept header.
-//  override def format(implicit request: HttpServletRequest) = ""
-
   override def doFilter(request: ServletRequest, response: ServletResponse, chain: FilterChain): Unit = try {
     val httpRequest  = request.asInstanceOf[HttpServletRequest]
     val httpResponse = response.asInstanceOf[HttpServletResponse]
@@ -57,7 +59,7 @@ abstract class ControllerBase extends ScalatraFilter
         // Redirect to dashboard
         httpResponse.sendRedirect(baseUrl + "/")
       }
-    } else if(path.startsWith("/git/")){
+    } else if(path.startsWith("/git/") || path.startsWith("/git-lfs/")){
       // Git repository
       chain.doFilter(request, response)
     } else {
@@ -145,13 +147,17 @@ abstract class ControllerBase extends ScalatraFilter
       }
     }
 
-  // TODO Scala 2.11
-  override def url(path: String, params: Iterable[(String, Any)] = Iterable.empty,
-                   includeContextPath: Boolean = true, includeServletPath: Boolean = true,
-                   absolutize: Boolean = true, withSessionId: Boolean = true)
-                  (implicit request: HttpServletRequest, response: HttpServletResponse): String =
-    if (path.startsWith("http")) path
-    else baseUrl + super.url(path, params, false, false, false)
+  /**
+   * Extends scalatra-form's trim rule to eliminate CR and LF.
+   */
+  protected def trim2[T](valueType: SingleValueType[T]): SingleValueType[T] = new SingleValueType[T](){
+    def convert(value: String, messages: Messages): T = valueType.convert(trim(value), messages)
+
+    override def validate(name: String, value: String, params: Map[String, String], messages: Messages): Seq[(String, String)] =
+      valueType.validate(name, trim(value), params, messages)
+
+    private def trim(value: String): String = if(value == null) null else value.replaceAll("\r\n", "").trim
+  }
 
   /**
    * Use this method to response the raw data against XSS.
@@ -174,6 +180,49 @@ abstract class ControllerBase extends ScalatraFilter
       case _ => Some(parse(request.body))
     }).filterNot(_ == JNothing).flatMap(j => Try(j.extract[A]).toOption)
   }
+
+  protected def getPathObjectId(git: Git, path: String, revCommit: RevCommit): Option[ObjectId] = {
+    @scala.annotation.tailrec
+    def _getPathObjectId(path: String, walk: TreeWalk): Option[ObjectId] = walk.next match {
+      case true if(walk.getPathString == path) => Some(walk.getObjectId(0))
+      case true  => _getPathObjectId(path, walk)
+      case false => None
+    }
+
+    using(new TreeWalk(git.getRepository)){ treeWalk =>
+      treeWalk.addTree(revCommit.getTree)
+      treeWalk.setRecursive(true)
+      _getPathObjectId(path, treeWalk)
+    }
+  }
+
+  protected def responseRawFile(git: Git, objectId: ObjectId, path: String,
+                              repository: RepositoryService.RepositoryInfo): Unit = {
+    JGitUtil.getObjectLoaderFromId(git, objectId){ loader =>
+      contentType = FileUtil.getMimeType(path)
+
+      if(loader.isLarge){
+        response.setContentLength(loader.getSize.toInt)
+        loader.copyTo(response.outputStream)
+      } else {
+        val bytes = loader.getCachedBytes
+        val text = new String(bytes, "UTF-8")
+
+        val attrs = JGitUtil.getLfsObjects(text)
+        if(attrs.nonEmpty) {
+          response.setContentLength(attrs("size").toInt)
+          val oid = attrs("oid").split(":")(1)
+
+          using(new FileInputStream(FileUtil.getLfsFilePath(repository.owner, repository.name, oid))){ in =>
+            IOUtils.copy(in, response.getOutputStream)
+          }
+        } else {
+          response.setContentLength(loader.getSize.toInt)
+          response.getOutputStream.write(bytes)
+        }
+      }
+    }
+  }
 }
 
 /**
@@ -191,6 +240,7 @@ case class Context(settings: SystemSettingsService.SystemSettings, loginAccount:
     case agent if agent.contains("Win") => "windows"
     case _ => null
   }
+  val sidebarCollapse = request.getSession.getAttribute("sidebar-collapse") != null
 
   /**
    * Get object from cache.
@@ -224,10 +274,13 @@ trait AccountManagementControllerBase extends ControllerBase {
     } else {
       fileId.map { fileId =>
         val filename = "avatar." + FileUtil.getExtension(session.getAndRemove(Keys.Session.Upload(fileId)).get)
-        FileUtils.moveFile(
-          new java.io.File(getTemporaryDir(session.getId), fileId),
-          new java.io.File(getUserUploadDir(userName), filename)
-        )
+        val uploadDir = getUserUploadDir(userName)
+        if(!uploadDir.exists){
+          uploadDir.mkdirs()
+        }
+        Thumbnails.of(new java.io.File(getTemporaryDir(session.getId), fileId))
+          .size(324, 324)
+          .toFile(new java.io.File(uploadDir, filename))
         updateAvatarImage(userName, Some(filename))
       }
     }
@@ -244,4 +297,13 @@ trait AccountManagementControllerBase extends ControllerBase {
         .map    { _ => "Mail address is already registered." }
   }
 
+  val allReservedNames = Set("git", "admin", "upload", "api")
+  protected def reservedNames(): Constraint = new Constraint(){
+    override def validate(name: String, value: String, messages: Messages): Option[String] = if(allReservedNames.contains(value)){
+      Some(s"${value} is reserved")
+    } else {
+      None
+    }
+  }
+
 }

src/main/scala/gitbucket/core/controller/DashboardController.scala

@@ -1,13 +1,13 @@
 package gitbucket.core.controller
 
 import gitbucket.core.dashboard.html
-import gitbucket.core.service.{RepositoryService, PullRequestService, AccountService, IssuesService}
-import gitbucket.core.util.{StringUtil, Keys, UsersAuthenticator}
+import gitbucket.core.service._
+import gitbucket.core.util.{Keys, UsersAuthenticator}
 import gitbucket.core.util.Implicits._
 import gitbucket.core.service.IssuesService._
 
 class DashboardController extends DashboardControllerBase
-  with IssuesService with PullRequestService with RepositoryService with AccountService
+  with IssuesService with PullRequestService with RepositoryService with AccountService with CommitsService
   with UsersAuthenticator
 
 trait DashboardControllerBase extends ControllerBase {
@@ -15,20 +15,7 @@ trait DashboardControllerBase extends ControllerBase {
     with UsersAuthenticator =>
 
   get("/dashboard/issues")(usersOnly {
-    val q = request.getParameter("q")
-    val account = context.loginAccount.get
-    Option(q).map { q =>
-      val condition = IssueSearchCondition(q, Map[String, Int]())
-      q match {
-        case q if(q.contains("is:pr")) => redirect(s"/dashboard/pulls?q=${StringUtil.urlEncode(q)}")
-        case q if(q.contains(s"author:${account.userName}")) => redirect(s"/dashboard/issues/created_by${condition.toURL}")
-        case q if(q.contains(s"assignee:${account.userName}")) => redirect(s"/dashboard/issues/assigned${condition.toURL}")
-        case q if(q.contains(s"mentions:${account.userName}")) => redirect(s"/dashboard/issues/mentioned${condition.toURL}")
-        case _ => searchIssues("created_by")
-      }
-    } getOrElse {
-      searchIssues("created_by")
-    }
+    searchIssues("created_by")
   })
 
   get("/dashboard/issues/assigned")(usersOnly {
@@ -44,20 +31,7 @@ trait DashboardControllerBase extends ControllerBase {
   })
 
   get("/dashboard/pulls")(usersOnly {
-    val q = request.getParameter("q")
-    val account = context.loginAccount.get
-    Option(q).map { q =>
-      val condition = IssueSearchCondition(q, Map[String, Int]())
-      q match {
-        case q if(q.contains("is:issue")) => redirect(s"/dashboard/issues?q=${StringUtil.urlEncode(q)}")
-        case q if(q.contains(s"author:${account.userName}")) => redirect(s"/dashboard/pulls/created_by${condition.toURL}")
-        case q if(q.contains(s"assignee:${account.userName}")) => redirect(s"/dashboard/pulls/assigned${condition.toURL}")
-        case q if(q.contains(s"mentions:${account.userName}")) => redirect(s"/dashboard/pulls/mentioned${condition.toURL}")
-        case _ => searchPullRequests("created_by")
-      }
-    } getOrElse {
-      searchPullRequests("created_by")
-    }
+    searchPullRequests("created_by")
   })
 
   get("/dashboard/pulls/created_by")(usersOnly {
@@ -73,19 +47,12 @@ trait DashboardControllerBase extends ControllerBase {
   })
 
   private def getOrCreateCondition(key: String, filter: String, userName: String) = {
-    val condition = session.putAndGet(key, if(request.hasQueryString){
-      val q = request.getParameter("q")
-      if(q == null){
-        IssueSearchCondition(request)
-      } else {
-        IssueSearchCondition(q, Map[String, Int]())
-      }
-    } else session.getAs[IssueSearchCondition](key).getOrElse(IssueSearchCondition()))
+    val condition = IssueSearchCondition(request)
 
     filter match {
-      case "assigned"  => condition.copy(assigned = Some(userName), author = None          , mentioned = None)
-      case "mentioned" => condition.copy(assigned = None          , author = None          , mentioned = Some(userName))
-      case _           => condition.copy(assigned = None          , author = Some(userName), mentioned = None)
+      case "assigned"  => condition.copy(assigned = Some(Some(userName)), author = None, mentioned = None)
+      case "mentioned" => condition.copy(assigned = None, author = None, mentioned = Some(userName))
+      case _           => condition.copy(assigned = None, author = Some(userName), mentioned = None)
     }
   }
 
@@ -103,12 +70,14 @@ trait DashboardControllerBase extends ControllerBase {
       countIssue(condition.copy(state = "open"  ), false, userRepos: _*),
       countIssue(condition.copy(state = "closed"), false, userRepos: _*),
       filter match {
-        case "assigned"  => condition.copy(assigned  = Some(userName))
+        case "assigned"  => condition.copy(assigned  = Some(Some(userName)))
         case "mentioned" => condition.copy(mentioned = Some(userName))
         case _           => condition.copy(author    = Some(userName))
       },
       filter,
-      getGroupNames(userName))
+      getGroupNames(userName),
+      Nil,
+      getUserRepositories(userName, withoutPhysicalInfo = true))
   }
 
   private def searchPullRequests(filter: String) = {
@@ -126,12 +95,14 @@ trait DashboardControllerBase extends ControllerBase {
       countIssue(condition.copy(state = "open"  ), true, allRepos: _*),
       countIssue(condition.copy(state = "closed"), true, allRepos: _*),
       filter match {
-        case "assigned"  => condition.copy(assigned  = Some(userName))
+        case "assigned"  => condition.copy(assigned  = Some(Some(userName)))
         case "mentioned" => condition.copy(mentioned = Some(userName))
         case _           => condition.copy(author    = Some(userName))
       },
       filter,
-      getGroupNames(userName))
+      getGroupNames(userName),
+      Nil,
+      getUserRepositories(userName, withoutPhysicalInfo = true))
   }
 
 

src/main/scala/gitbucket/core/controller/FileUploadController.scala

@@ -1,18 +1,26 @@
 package gitbucket.core.controller
 
-import gitbucket.core.util.{Keys, FileUtil}
-import gitbucket.core.util.ControlUtil._
+import gitbucket.core.model.Account
+import gitbucket.core.service.RepositoryService.RepositoryInfo
+import gitbucket.core.service.{AccountService, RepositoryService}
+import gitbucket.core.servlet.Database
+import gitbucket.core.util._
+import gitbucket.core.util.SyntaxSugars._
 import gitbucket.core.util.Directory._
+import gitbucket.core.util.Implicits._
+import org.eclipse.jgit.api.Git
+import org.eclipse.jgit.dircache.DirCache
+import org.eclipse.jgit.lib.{Constants, FileMode}
 import org.scalatra._
-import org.scalatra.servlet.{MultipartConfig, FileUploadSupport, FileItem}
-import org.apache.commons.io.FileUtils
+import org.scalatra.servlet.{FileItem, FileUploadSupport, MultipartConfig}
+import org.apache.commons.io.{FileUtils, IOUtils}
 
 /**
  * Provides Ajax based file upload functionality.
  *
  * This servlet saves uploaded file.
  */
-class FileUploadController extends ScalatraServlet with FileUploadSupport {
+class FileUploadController extends ScalatraServlet with FileUploadSupport with RepositoryService with AccountService {
 
   configureMultipartHandling(MultipartConfig(maxFileSize = Some(3 * 1024 * 1024)))
 
@@ -31,14 +39,75 @@ class FileUploadController extends ScalatraServlet with FileUploadSupport {
     }, FileUtil.isUploadableType)
   }
 
+  post("/wiki/:owner/:repository"){
+    // Don't accept not logged-in users
+    session.get(Keys.Session.LoginAccount).collect { case loginAccount: Account =>
+      val owner      = params("owner")
+      val repository = params("repository")
+
+      // Check whether logged-in user is collaborator
+      onlyWikiEditable(owner, repository, loginAccount){
+        execute({ (file, fileId) =>
+          val fileName = file.getName
+          LockUtil.lock(s"${owner}/${repository}/wiki") {
+            using(Git.open(Directory.getWikiRepositoryDir(owner, repository))) { git =>
+              val builder  = DirCache.newInCore.builder()
+              val inserter = git.getRepository.newObjectInserter()
+              val headId   = git.getRepository.resolve(Constants.HEAD + "^{commit}")
+
+              if(headId != null){
+                JGitUtil.processTree(git, headId){ (path, tree) =>
+                  if(path != fileName){
+                    builder.add(JGitUtil.createDirCacheEntry(path, tree.getEntryFileMode, tree.getEntryObjectId))
+                  }
+                }
+              }
+
+              val bytes = IOUtils.toByteArray(file.getInputStream)
+              builder.add(JGitUtil.createDirCacheEntry(fileName, FileMode.REGULAR_FILE, inserter.insert(Constants.OBJ_BLOB, bytes)))
+              builder.finish()
+
+              val newHeadId = JGitUtil.createNewCommit(git, inserter, headId, builder.getDirCache.writeTree(inserter),
+                Constants.HEAD, loginAccount.userName, loginAccount.mailAddress, s"Uploaded ${fileName}")
+
+              fileName
+            }
+          }
+        }, FileUtil.isUploadableType)
+      }
+    } getOrElse BadRequest()
+  }
+
+  post("/import") {
+    import JDBCUtil._
+    session.get(Keys.Session.LoginAccount).collect { case loginAccount: Account if loginAccount.isAdmin =>
+      execute({ (file, fileId) =>
+        request2Session(request).conn.importAsSQL(file.getInputStream)
+      }, _ => true)
+    }
+    redirect("/admin/data")
+  }
+
+  private def onlyWikiEditable(owner: String, repository: String, loginAccount: Account)(action: => Any): Any = {
+    implicit val session = Database.getSession(request)
+    getRepository(owner, repository) match {
+      case Some(x) => x.repository.options.wikiOption match {
+        case "ALL"     if !x.repository.isPrivate => action
+        case "PUBLIC"  if hasGuestRole(owner, repository, Some(loginAccount)) => action
+        case "PRIVATE" if hasDeveloperRole(owner, repository, Some(loginAccount)) => action
+        case _  => BadRequest()
+      }
+      case None => BadRequest()
+    }
+  }
+
   private def execute(f: (FileItem, String) => Unit, mimeTypeChcker: (String) => Boolean) = fileParams.get("file") match {
     case Some(file) if(mimeTypeChcker(file.name)) =>
       defining(FileUtil.generateFileId){ fileId =>
         f(file, fileId)
-
         Ok(fileId)
       }
-    case _ => BadRequest
+    case _ => BadRequest()
   }
 
 }

src/main/scala/gitbucket/core/controller/IndexController.scala

@@ -1,17 +1,16 @@
 package gitbucket.core.controller
 
-import gitbucket.core.api._
 import gitbucket.core.helper.xml
 import gitbucket.core.model.Account
-import gitbucket.core.service.{RepositoryService, ActivityService, AccountService, RepositorySearchService, IssuesService}
+import gitbucket.core.service._
 import gitbucket.core.util.Implicits._
-import gitbucket.core.util.ControlUtil._
-import gitbucket.core.util.{LDAPUtil, Keys, UsersAuthenticator, ReferrerAuthenticator, StringUtil}
-
+import gitbucket.core.util.SyntaxSugars._
+import gitbucket.core.util.{Keys, LDAPUtil, ReferrerAuthenticator, UsersAuthenticator}
 import io.github.gitbucket.scalatra.forms._
+import org.scalatra.Ok
 
 
-class IndexController extends IndexControllerBase 
+class IndexController extends IndexControllerBase
   with RepositoryService with ActivityService with AccountService with RepositorySearchService with IssuesService
   with UsersAuthenticator with ReferrerAuthenticator
 
@@ -27,33 +26,21 @@ trait IndexControllerBase extends ControllerBase {
     "password" -> trim(label("Password", text(required)))
   )(SignInForm.apply)
 
-  val searchForm = mapping(
-    "query"      -> trim(text(required)),
-    "owner"      -> trim(text(required)),
-    "repository" -> trim(text(required))
-  )(SearchForm.apply)
-
-  case class SearchForm(query: String, owner: String, repository: String)
+//  val searchForm = mapping(
+//    "query"      -> trim(text(required)),
+//    "owner"      -> trim(text(required)),
+//    "repository" -> trim(text(required))
+//  )(SearchForm.apply)
+//
+//  case class SearchForm(query: String, owner: String, repository: String)
 
 
   get("/"){
-    val loginAccount = context.loginAccount
-    if(loginAccount.isEmpty) {
-        gitbucket.core.html.index(getRecentActivities(),
-            getVisibleRepositories(loginAccount, withoutPhysicalInfo = true),
-            loginAccount.map{ account => getUserRepositories(account.userName, withoutPhysicalInfo = true) }.getOrElse(Nil)
-        )
-    } else {
-        val loginUserName = loginAccount.get.userName
-        val loginUserGroups = getGroupsByUserName(loginUserName)
-        var visibleOwnerSet : Set[String] = Set(loginUserName)
-        
-        visibleOwnerSet ++= loginUserGroups
-
-        gitbucket.core.html.index(getRecentActivitiesByOwners(visibleOwnerSet),
-            getVisibleRepositories(loginAccount, withoutPhysicalInfo = true),
-            loginAccount.map{ account => getUserRepositories(account.userName, withoutPhysicalInfo = true) }.getOrElse(Nil) 
-        )
+    context.loginAccount.map { account =>
+      val visibleOwnerSet: Set[String] = Set(account.userName) ++ getGroupsByUserName(account.userName)
+      gitbucket.core.html.index(getRecentActivitiesByOwners(visibleOwnerSet), Nil, getUserRepositories(account.userName, withoutPhysicalInfo = true))
+    }.getOrElse {
+      gitbucket.core.html.index(getRecentActivities(), getVisibleRepositories(None, withoutPhysicalInfo = true), Nil)
     }
   }
 
@@ -62,13 +49,18 @@ trait IndexControllerBase extends ControllerBase {
     if(redirect.isDefined && redirect.get.startsWith("/")){
       flash += Keys.Flash.Redirect -> redirect.get
     }
-    gitbucket.core.html.signin()
+    gitbucket.core.html.signin(flash.get("userName"), flash.get("password"), flash.get("error"))
   }
 
   post("/signin", signinForm){ form =>
     authenticate(context.settings, form.userName, form.password) match {
       case Some(account) => signin(account)
-      case None          => redirect("/signin")
+      case None          => {
+        flash += "userName" -> form.userName
+        flash += "password" -> form.password
+        flash += "error" -> "Sorry, your Username and/or Password is incorrect. Please try again."
+        redirect("/signin")
+      }
     }
   }
 
@@ -82,6 +74,15 @@ trait IndexControllerBase extends ControllerBase {
     xml.feed(getRecentActivities())
   }
 
+  get("/sidebar-collapse"){
+    if(params("collapse") == "true"){
+      session.setAttribute("sidebar-collapse", "true")
+    }  else {
+      session.setAttribute("sidebar-collapse", null)
+    }
+    Ok()
+  }
+
   /**
    * Set account information into HttpSession and redirect.
    */
@@ -109,37 +110,35 @@ trait IndexControllerBase extends ControllerBase {
    */
   get("/_user/proposals")(usersOnly {
     contentType = formats("json")
+    val user  = params("user").toBoolean
+    val group = params("group").toBoolean
     org.json4s.jackson.Serialization.write(
-      Map("options" -> getAllUsers(false).filter(!_.isGroupAccount).map(_.userName).toArray)
+      Map("options" -> (
+        getAllUsers(false)
+          .withFilter { t => (user, group) match {
+            case (true, true) => true
+            case (true, false) => !t.isGroupAccount
+            case (false, true) => t.isGroupAccount
+            case (false, false) => false
+          }}.map { t => t.userName }
+      ))
     )
   })
 
   /**
-   * JSON API for checking user existence.
+   * JSON API for checking user or group existence.
+   * Returns a single string which is any of "group", "user" or "".
    */
   post("/_user/existence")(usersOnly {
-    getAccountByUserName(params("userName")).isDefined
+    getAccountByUserName(params("userName")).map { account =>
+      if(account.isGroupAccount) "group" else "user"
+    } getOrElse ""
   })
 
-  /**
-   * @see https://developer.github.com/v3/rate_limit/#get-your-current-rate-limit-status
-   * but not enabled.
-   */
-  get("/api/v3/rate_limit"){
-    contentType = formats("json")
-    // this message is same as github enterprise...
-    org.scalatra.NotFound(ApiError("Rate limiting is not enabled."))
-  }
-
-  // TODO Move to RepositoryViwerController?
-  post("/search", searchForm){ form =>
-    redirect(s"/${form.owner}/${form.repository}/search?q=${StringUtil.urlEncode(form.query)}")
-  }
-
   // TODO Move to RepositoryViwerController?
   get("/:owner/:repository/search")(referrersOnly { repository =>
-    defining(params("q").trim, params.getOrElse("type", "code")){ case (query, target) =>
-      val page   = try {
+    defining(params.getOrElse("q", "").trim, params.getOrElse("type", "code")){ case (query, target) =>
+      val page = try {
         val i = params.getOrElse("page", "1").toInt
         if(i <= 0) 1 else i
       } catch {
@@ -148,15 +147,31 @@ trait IndexControllerBase extends ControllerBase {
 
       target.toLowerCase match {
         case "issue" => gitbucket.core.search.html.issues(
-          searchIssues(repository.owner, repository.name, query),
-          countFiles(repository.owner, repository.name, query),
+          if(query.nonEmpty) searchIssues(repository.owner, repository.name, query) else Nil,
+          query, page, repository)
+
+        case "wiki" => gitbucket.core.search.html.wiki(
+          if(query.nonEmpty) searchWikiPages(repository.owner, repository.name, query) else Nil,
           query, page, repository)
 
         case _ => gitbucket.core.search.html.code(
-          searchFiles(repository.owner, repository.name, query),
-          countIssues(repository.owner, repository.name, query),
+          if(query.nonEmpty) searchFiles(repository.owner, repository.name, query) else Nil,
           query, page, repository)
       }
     }
   })
+
+  get("/search"){
+    val query = params.getOrElse("query", "").trim.toLowerCase
+    val visibleRepositories = getVisibleRepositories(context.loginAccount, repositoryUserName = None, withoutPhysicalInfo = true)
+    val repositories = visibleRepositories.filter { repository =>
+      repository.name.toLowerCase.indexOf(query) >= 0 || repository.owner.toLowerCase.indexOf(query) >= 0
+    }
+    context.loginAccount.map { account =>
+      gitbucket.core.search.html.repositories(query, repositories, Nil, getUserRepositories(account.userName, withoutPhysicalInfo = true))
+    }.getOrElse {
+      gitbucket.core.search.html.repositories(query, repositories, visibleRepositories, Nil)
+    }
+  }
+
 }

src/main/scala/gitbucket/core/controller/IssuesController.scala

@@ -1,27 +1,47 @@
 package gitbucket.core.controller
 
-import gitbucket.core.api._
 import gitbucket.core.issues.html
-import gitbucket.core.model.Issue
 import gitbucket.core.service.IssuesService._
 import gitbucket.core.service._
-import gitbucket.core.util.ControlUtil._
+import gitbucket.core.util.SyntaxSugars._
 import gitbucket.core.util.Implicits._
 import gitbucket.core.util._
 import gitbucket.core.view
 import gitbucket.core.view.Markdown
-
 import io.github.gitbucket.scalatra.forms._
-import org.scalatra.Ok
+import org.scalatra.{BadRequest, Ok}
 
 
 class IssuesController extends IssuesControllerBase
-  with IssuesService with RepositoryService with AccountService with LabelsService with MilestonesService with ActivityService
-  with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with WebHookIssueCommentService
+  with IssuesService
+  with RepositoryService
+  with AccountService
+  with LabelsService
+  with MilestonesService
+  with ActivityService
+  with HandleCommentService
+  with IssueCreationService
+  with ReadableUsersAuthenticator
+  with ReferrerAuthenticator
+  with WritableUsersAuthenticator
+  with PullRequestService
+  with WebHookIssueCommentService
+  with CommitsService
 
 trait IssuesControllerBase extends ControllerBase {
-  self: IssuesService with RepositoryService with AccountService with LabelsService with MilestonesService with ActivityService
-    with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with WebHookIssueCommentService =>
+  self: IssuesService
+    with RepositoryService
+    with AccountService
+    with LabelsService
+    with MilestonesService
+    with ActivityService
+    with HandleCommentService
+    with IssueCreationService
+    with ReadableUsersAuthenticator
+    with ReferrerAuthenticator
+    with WritableUsersAuthenticator
+    with PullRequestService
+    with WebHookIssueCommentService =>
 
   case class IssueCreateForm(title: String, content: Option[String],
     assignedUserName: Option[String], milestoneId: Option[Int], labelNames: Option[String])
@@ -69,165 +89,121 @@ trait IssuesControllerBase extends ControllerBase {
           _,
           getComments(owner, name, issueId.toInt),
           getIssueLabels(owner, name, issueId.toInt),
-          (getCollaborators(owner, name) ::: (if(getAccountByUserName(owner).get.isGroupAccount) Nil else List(owner))).sorted,
+          getAssignableUserNames(owner, name),
           getMilestonesWithIssueCount(owner, name),
           getLabels(owner, name),
-          hasWritePermission(owner, name, context.loginAccount),
+          isIssueEditable(repository),
+          isIssueManageable(repository),
           repository)
-      } getOrElse NotFound
+      } getOrElse NotFound()
     }
   })
 
-  /**
-   * https://developer.github.com/v3/issues/comments/#list-comments-on-an-issue
-   */
-  get("/api/v3/repos/:owner/:repository/issues/:id/comments")(referrersOnly { repository =>
-    (for{
-      issueId <- params("id").toIntOpt
-      comments = getCommentsForApi(repository.owner, repository.name, issueId.toInt)
-    } yield {
-      JsonFormat(comments.map{ case (issueComment, user, issue) => ApiComment(issueComment, RepositoryName(repository), issueId, ApiUser(user), issue.isPullRequest) })
-    }).getOrElse(NotFound)
-  })
-
   get("/:owner/:repository/issues/new")(readableUsersOnly { repository =>
-    defining(repository.owner, repository.name){ case (owner, name) =>
-      html.create(
-        (getCollaborators(owner, name) ::: (if(getAccountByUserName(owner).get.isGroupAccount) Nil else List(owner))).sorted,
+    if(isIssueEditable(repository)){ // TODO Should this check is provided by authenticator?
+      defining(repository.owner, repository.name){ case (owner, name) =>
+        html.create(
+          getAssignableUserNames(owner, name),
           getMilestones(owner, name),
           getLabels(owner, name),
-          hasWritePermission(owner, name, context.loginAccount),
+          isIssueManageable(repository),
+          getContentTemplate(repository, "ISSUE_TEMPLATE"),
           repository)
-    }
+      }
+    } else Unauthorized()
   })
 
   post("/:owner/:repository/issues/new", issueCreateForm)(readableUsersOnly { (form, repository) =>
-    defining(repository.owner, repository.name){ case (owner, name) =>
-      val writable = hasWritePermission(owner, name, context.loginAccount)
-      val userName = context.loginAccount.get.userName
+    if(isIssueEditable(repository)){ // TODO Should this check is provided by authenticator?
+      val issue = createIssue(
+        repository,
+        form.title,
+        form.content,
+        form.assignedUserName,
+        form.milestoneId,
+        form.labelNames.toArray.flatMap(_.split(",")),
+        context.loginAccount.get)
 
-      // insert issue
-      val issueId = createIssue(owner, name, userName, form.title, form.content,
-        if(writable) form.assignedUserName else None,
-        if(writable) form.milestoneId else None)
-
-      // insert labels
-      if(writable){
-        form.labelNames.map { value =>
-          val labels = getLabels(owner, name)
-          value.split(",").foreach { labelName =>
-            labels.find(_.labelName == labelName).map { label =>
-              registerIssueLabel(owner, name, issueId, label.labelId)
-            }
-          }
-        }
-      }
-
-      // record activity
-      recordCreateIssueActivity(owner, name, userName, issueId, form.title)
-
-      getIssue(owner, name, issueId.toString).foreach { issue =>
-        // extract references and create refer comment
-        createReferComment(owner, name, issue, form.title + " " + form.content.getOrElse(""))
-
-        // call web hooks
-        callIssuesWebHook("opened", repository, issue, context.baseUrl, context.loginAccount.get)
-
-        // notifications
-        Notifier().toNotify(repository, issue, form.content.getOrElse("")){
-          Notifier.msgIssue(s"${context.baseUrl}/${owner}/${name}/issues/${issueId}")
-        }
-      }
-
-      redirect(s"/${owner}/${name}/issues/${issueId}")
-    }
+      redirect(s"/${issue.userName}/${issue.repositoryName}/issues/${issue.issueId}")
+    } else Unauthorized()
   })
 
   ajaxPost("/:owner/:repository/issues/edit_title/:id", issueTitleEditForm)(readableUsersOnly { (title, repository) =>
     defining(repository.owner, repository.name){ case (owner, name) =>
       getIssue(owner, name, params("id")).map { issue =>
-        if(isEditable(owner, name, issue.openedUserName)){
+        if(isEditableContent(owner, name, issue.openedUserName)){
           // update issue
           updateIssue(owner, name, issue.issueId, title, issue.content)
           // extract references and create refer comment
-          createReferComment(owner, name, issue.copy(title = title), title)
+          createReferComment(owner, name, issue.copy(title = title), title, context.loginAccount.get)
 
           redirect(s"/${owner}/${name}/issues/_data/${issue.issueId}")
-        } else Unauthorized
-      } getOrElse NotFound
+        } else Unauthorized()
+      } getOrElse NotFound()
     }
   })
 
   ajaxPost("/:owner/:repository/issues/edit/:id", issueEditForm)(readableUsersOnly { (content, repository) =>
     defining(repository.owner, repository.name){ case (owner, name) =>
       getIssue(owner, name, params("id")).map { issue =>
-        if(isEditable(owner, name, issue.openedUserName)){
+        if(isEditableContent(owner, name, issue.openedUserName)){
           // update issue
           updateIssue(owner, name, issue.issueId, issue.title, content)
           // extract references and create refer comment
-          createReferComment(owner, name, issue, content.getOrElse(""))
+          createReferComment(owner, name, issue, content.getOrElse(""), context.loginAccount.get)
 
           redirect(s"/${owner}/${name}/issues/_data/${issue.issueId}")
-        } else Unauthorized
-      } getOrElse NotFound
+        } else Unauthorized()
+      } getOrElse NotFound()
     }
   })
 
   post("/:owner/:repository/issue_comments/new", commentForm)(readableUsersOnly { (form, repository) =>
-    handleComment(form.issueId, Some(form.content), repository)() map { case (issue, id) =>
-      redirect(s"/${repository.owner}/${repository.name}/${
-        if(issue.isPullRequest) "pull" else "issues"}/${form.issueId}#comment-${id}")
-    } getOrElse NotFound
-  })
-
-  /**
-   * https://developer.github.com/v3/issues/comments/#create-a-comment
-   */
-  post("/api/v3/repos/:owner/:repository/issues/:id/comments")(readableUsersOnly { repository =>
-    (for{
-      issueId <- params("id").toIntOpt
-      body <- extractFromJsonBody[CreateAComment].map(_.body) if ! body.isEmpty
-      (issue, id) <- handleComment(issueId, Some(body), repository)()
-      issueComment <- getComment(repository.owner, repository.name, id.toString())
-    } yield {
-      JsonFormat(ApiComment(issueComment, RepositoryName(repository), issueId, ApiUser(context.loginAccount.get), issue.isPullRequest))
-    }) getOrElse NotFound
+    getIssue(repository.owner, repository.name, form.issueId.toString).flatMap { issue =>
+      val actionOpt = params.get("action").filter(_ => isEditableContent(issue.userName, issue.repositoryName, issue.openedUserName))
+      handleComment(issue, Some(form.content), repository, actionOpt) map { case (issue, id) =>
+        redirect(s"/${repository.owner}/${repository.name}/${
+          if(issue.isPullRequest) "pull" else "issues"}/${form.issueId}#comment-${id}")
+      }
+    } getOrElse NotFound()
   })
 
   post("/:owner/:repository/issue_comments/state", issueStateForm)(readableUsersOnly { (form, repository) =>
-    handleComment(form.issueId, form.content, repository)() map { case (issue, id) =>
-      redirect(s"/${repository.owner}/${repository.name}/${
-        if(issue.isPullRequest) "pull" else "issues"}/${form.issueId}#comment-${id}")
-    } getOrElse NotFound
+    getIssue(repository.owner, repository.name, form.issueId.toString).flatMap { issue =>
+      val actionOpt = params.get("action").filter(_ => isEditableContent(issue.userName, issue.repositoryName, issue.openedUserName))
+      handleComment(issue, form.content, repository, actionOpt) map { case (issue, id) =>
+        redirect(s"/${repository.owner}/${repository.name}/${
+          if(issue.isPullRequest) "pull" else "issues"}/${form.issueId}#comment-${id}")
+      }
+    } getOrElse NotFound()
   })
 
   ajaxPost("/:owner/:repository/issue_comments/edit/:id", commentForm)(readableUsersOnly { (form, repository) =>
     defining(repository.owner, repository.name){ case (owner, name) =>
       getComment(owner, name, params("id")).map { comment =>
-        if(isEditable(owner, name, comment.commentedUserName)){
+        if(isEditableContent(owner, name, comment.commentedUserName)){
           updateComment(comment.commentId, form.content)
           redirect(s"/${owner}/${name}/issue_comments/_data/${comment.commentId}")
-        } else Unauthorized
-      } getOrElse NotFound
+        } else Unauthorized()
+      } getOrElse NotFound()
     }
   })
 
   ajaxPost("/:owner/:repository/issue_comments/delete/:id")(readableUsersOnly { repository =>
     defining(repository.owner, repository.name){ case (owner, name) =>
       getComment(owner, name, params("id")).map { comment =>
-        if(isEditable(owner, name, comment.commentedUserName)){
+        if(isEditableContent(owner, name, comment.commentedUserName)){
           Ok(deleteComment(comment.commentId))
-        } else Unauthorized
-      } getOrElse NotFound
+        } else Unauthorized()
+      } getOrElse NotFound()
     }
   })
 
   ajaxGet("/:owner/:repository/issues/_data/:id")(readableUsersOnly { repository =>
     getIssue(repository.owner, repository.name, params("id")) map { x =>
-      if(isEditable(x.userName, x.repositoryName, x.openedUserName)){
+      if(isEditableContent(x.userName, x.repositoryName, x.openedUserName)){
         params.get("dataType") collect {
-          case t if t == "html" => html.editissue(
-              x.content, x.issueId, x.userName, x.repositoryName)
+          case t if t == "html" => html.editissue(x.content, x.issueId, repository)
         } getOrElse {
           contentType = formats("json")
           org.json4s.jackson.Serialization.write(
@@ -241,21 +217,20 @@ trait IssuesControllerBase extends ControllerBase {
                 enableAnchor = true,
                 enableLineBreaks = true,
                 enableTaskList = true,
-                hasWritePermission = isEditable(x.userName, x.repositoryName, x.openedUserName)
+                hasWritePermission = true
               )
             )
           )
         }
-      } else Unauthorized
-    } getOrElse NotFound
+      } else Unauthorized()
+    } getOrElse NotFound()
   })
 
   ajaxGet("/:owner/:repository/issue_comments/_data/:id")(readableUsersOnly { repository =>
     getComment(repository.owner, repository.name, params("id")) map { x =>
-      if(isEditable(x.userName, x.repositoryName, x.commentedUserName)){
+      if(isEditableContent(x.userName, x.repositoryName, x.commentedUserName)){
         params.get("dataType") collect {
-          case t if t == "html" => html.editcomment(
-              x.content, x.commentId, x.userName, x.repositoryName)
+          case t if t == "html" => html.editcomment(x.content, x.commentId, repository)
         } getOrElse {
           contentType = formats("json")
           org.json4s.jackson.Serialization.write(
@@ -268,71 +243,79 @@ trait IssuesControllerBase extends ControllerBase {
                 enableAnchor = true,
                 enableLineBreaks = true,
                 enableTaskList = true,
-                hasWritePermission = isEditable(x.userName, x.repositoryName, x.commentedUserName)
+                hasWritePermission = true
               )
             )
           )
         }
-      } else Unauthorized
-    } getOrElse NotFound
+      } else Unauthorized()
+    } getOrElse NotFound()
   })
 
-  ajaxPost("/:owner/:repository/issues/new/label")(collaboratorsOnly { repository =>
+  ajaxPost("/:owner/:repository/issues/new/label")(writableUsersOnly { repository =>
     val labelNames = params("labelNames").split(",")
     val labels = getLabels(repository.owner, repository.name).filter(x => labelNames.contains(x.labelName))
     html.labellist(labels)
   })
 
-  ajaxPost("/:owner/:repository/issues/:id/label/new")(collaboratorsOnly { repository =>
+  ajaxPost("/:owner/:repository/issues/:id/label/new")(writableUsersOnly { repository =>
     defining(params("id").toInt){ issueId =>
       registerIssueLabel(repository.owner, repository.name, issueId, params("labelId").toInt)
       html.labellist(getIssueLabels(repository.owner, repository.name, issueId))
     }
   })
 
-  ajaxPost("/:owner/:repository/issues/:id/label/delete")(collaboratorsOnly { repository =>
+  ajaxPost("/:owner/:repository/issues/:id/label/delete")(writableUsersOnly { repository =>
     defining(params("id").toInt){ issueId =>
       deleteIssueLabel(repository.owner, repository.name, issueId, params("labelId").toInt)
       html.labellist(getIssueLabels(repository.owner, repository.name, issueId))
     }
   })
 
-  ajaxPost("/:owner/:repository/issues/:id/assign")(collaboratorsOnly { repository =>
+  ajaxPost("/:owner/:repository/issues/:id/assign")(writableUsersOnly { repository =>
     updateAssignedUserName(repository.owner, repository.name, params("id").toInt, assignedUserName("assignedUserName"))
     Ok("updated")
   })
 
-  ajaxPost("/:owner/:repository/issues/:id/milestone")(collaboratorsOnly { repository =>
+  ajaxPost("/:owner/:repository/issues/:id/milestone")(writableUsersOnly { repository =>
     updateMilestoneId(repository.owner, repository.name, params("id").toInt, milestoneId("milestoneId"))
     milestoneId("milestoneId").map { milestoneId =>
       getMilestonesWithIssueCount(repository.owner, repository.name)
           .find(_._1.milestoneId == milestoneId).map { case (_, openCount, closeCount) =>
         gitbucket.core.issues.milestones.html.progress(openCount + closeCount, closeCount)
-      } getOrElse NotFound
+      } getOrElse NotFound()
     } getOrElse Ok()
   })
 
-  post("/:owner/:repository/issues/batchedit/state")(collaboratorsOnly { repository =>
+  post("/:owner/:repository/issues/batchedit/state")(writableUsersOnly { repository =>
     defining(params.get("value")){ action =>
       action match {
-        case Some("open")  => executeBatch(repository) { handleComment(_, None, repository)( _ => Some("reopen")) }
-        case Some("close") => executeBatch(repository) { handleComment(_, None, repository)( _ => Some("close"))  }
-        case _ => // TODO BadRequest
+        case Some("open")  => executeBatch(repository) { issueId =>
+          getIssue(repository.owner, repository.name, issueId.toString).foreach { issue =>
+            handleComment(issue, None, repository, Some("reopen"))
+          }
+        }
+        case Some("close") => executeBatch(repository) { issueId =>
+          getIssue(repository.owner, repository.name, issueId.toString).foreach { issue =>
+            handleComment(issue, None, repository, Some("close"))
+          }
+        }
+        case _ => BadRequest()
       }
     }
   })
 
-  post("/:owner/:repository/issues/batchedit/label")(collaboratorsOnly { repository =>
+  post("/:owner/:repository/issues/batchedit/label")(writableUsersOnly { repository =>
     params("value").toIntOpt.map{ labelId =>
       executeBatch(repository) { issueId =>
         getIssueLabel(repository.owner, repository.name, issueId, labelId) getOrElse {
           registerIssueLabel(repository.owner, repository.name, issueId, labelId)
         }
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
-  post("/:owner/:repository/issues/batchedit/assign")(collaboratorsOnly { repository =>
+  post("/:owner/:repository/issues/batchedit/assign")(writableUsersOnly { repository =>
     defining(assignedUserName("value")){ value =>
       executeBatch(repository) {
         updateAssignedUserName(repository.owner, repository.name, _, value)
@@ -340,7 +323,7 @@ trait IssuesControllerBase extends ControllerBase {
     }
   })
 
-  post("/:owner/:repository/issues/batchedit/milestone")(collaboratorsOnly { repository =>
+  post("/:owner/:repository/issues/batchedit/milestone")(writableUsersOnly { repository =>
     defining(milestoneId("value")){ value =>
       executeBatch(repository) {
         updateMilestoneId(repository.owner, repository.name, _, value)
@@ -356,15 +339,12 @@ trait IssuesControllerBase extends ControllerBase {
           RawData(FileUtil.getMimeType(file.getName), file)
         }
       case _ => None
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
   })
 
   val assignedUserName = (key: String) => params.get(key) filter (_.trim != "")
   val milestoneId: String => Option[Int] = (key: String) => params.get(key).flatMap(_.toIntOpt)
 
-  private def isEditable(owner: String, repository: String, author: String)(implicit context: Context): Boolean =
-    hasWritePermission(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
-
   private def executeBatch(repository: RepositoryService.RepositoryInfo)(execute: Int => Unit) = {
     params("checked").split(',') map(_.toInt) foreach execute
     params("from") match {
@@ -373,132 +353,33 @@ trait IssuesControllerBase extends ControllerBase {
     }
   }
 
-  // TODO Same method exists in PullRequestController. Should it moved to IssueService?
-  private def createReferComment(owner: String, repository: String, fromIssue: Issue, message: String) = {
-    StringUtil.extractIssueId(message).foreach { issueId =>
-      val content = fromIssue.issueId + ":" + fromIssue.title
-      if(getIssue(owner, repository, issueId).isDefined){
-        // Not add if refer comment already exist.
-        if(!getComments(owner, repository, issueId.toInt).exists { x => x.action == "refer" && x.content == content }) {
-          createComment(owner, repository, context.loginAccount.get.userName, issueId.toInt, content, "refer")
-        }
-      }
-    }
-  }
-
-  /**
-   * @see [[https://github.com/takezoe/gitbucket/wiki/CommentAction]]
-   */
-  private def handleComment(issueId: Int, content: Option[String], repository: RepositoryService.RepositoryInfo)
-      (getAction: Issue => Option[String] =
-           p1 => params.get("action").filter(_ => isEditable(p1.userName, p1.repositoryName, p1.openedUserName))) = {
-
-    defining(repository.owner, repository.name){ case (owner, name) =>
-      val userName = context.loginAccount.get.userName
-
-      getIssue(owner, name, issueId.toString) flatMap { issue =>
-        val (action, recordActivity) =
-          getAction(issue)
-            .collect {
-              case "close" if(!issue.closed) => true  ->
-                (Some("close")  -> Some(if(issue.isPullRequest) recordClosePullRequestActivity _ else recordCloseIssueActivity _))
-              case "reopen" if(issue.closed) => false ->
-                (Some("reopen") -> Some(recordReopenIssueActivity _))
-            }
-            .map { case (closed, t) =>
-              updateClosed(owner, name, issueId, closed)
-              t
-            }
-            .getOrElse(None -> None)
-
-        val commentId = (content, action) match {
-          case (None, None) => None
-          case (None, Some(action)) => Some(createComment(owner, name, userName, issueId, action.capitalize, action))
-          case (Some(content), _) => Some(createComment(owner, name, userName, issueId, content, action.map(_+ "_comment").getOrElse("comment")))
-        }
-
-        // record comment activity if comment is entered
-        content foreach {
-          (if(issue.isPullRequest) recordCommentPullRequestActivity _ else recordCommentIssueActivity _)
-          (owner, name, userName, issueId, _)
-        }
-        recordActivity foreach ( _ (owner, name, userName, issueId, issue.title) )
-
-        // extract references and create refer comment
-        content.map { content =>
-          createReferComment(owner, name, issue, content)
-        }
-
-        // call web hooks
-        action match {
-          case None => commentId.map{ commentIdSome => callIssueCommentWebHook(repository, issue, commentIdSome, context.loginAccount.get) }
-          case Some(act) => val webHookAction = act match {
-            case "open"   => "opened"
-            case "reopen" => "reopened"
-            case "close"  => "closed"
-            case _ => act
-          }
-          if(issue.isPullRequest){
-            callPullRequestWebHook(webHookAction, repository, issue.issueId, context.baseUrl, context.loginAccount.get)
-          } else {
-            callIssuesWebHook(webHookAction, repository, issue, context.baseUrl, context.loginAccount.get)
-          }
-        }
-
-        // notifications
-        Notifier() match {
-          case f =>
-            content foreach {
-              f.toNotify(repository, issue, _){
-                Notifier.msgComment(s"${context.baseUrl}/${owner}/${name}/${
-                  if(issue.isPullRequest) "pull" else "issues"}/${issueId}#comment-${commentId.get}")
-              }
-            }
-            action foreach {
-              f.toNotify(repository, issue, _){
-                Notifier.msgStatus(s"${context.baseUrl}/${owner}/${name}/issues/${issueId}")
-              }
-            }
-        }
-
-        commentId.map( issue -> _ )
-      }
-    }
-  }
-
   private def searchIssues(repository: RepositoryService.RepositoryInfo) = {
     defining(repository.owner, repository.name){ case (owner, repoName) =>
-      val page       = IssueSearchCondition.page(request)
-      val sessionKey = Keys.Session.Issues(owner, repoName)
+      val page = IssueSearchCondition.page(request)
 
       // retrieve search condition
-      val condition = session.putAndGet(sessionKey,
-        if(request.hasQueryString){
-          val q = request.getParameter("q")
-          if(q == null || q.trim.isEmpty){
-            IssueSearchCondition(request)
-          } else {
-            IssueSearchCondition(q, getMilestones(owner, repoName).map(x => (x.title, x.milestoneId)).toMap)
-          }
-        } else session.getAs[IssueSearchCondition](sessionKey).getOrElse(IssueSearchCondition())
-      )
+      val condition = IssueSearchCondition(request)
 
       html.list(
           "issues",
           searchIssue(condition, false, (page - 1) * IssueLimit, IssueLimit, owner -> repoName),
           page,
-          if(!getAccountByUserName(owner).exists(_.isGroupAccount)){
-            (getCollaborators(owner, repoName) :+ owner).sorted
-          } else {
-            getCollaborators(owner, repoName)
-          },
+          getAssignableUserNames(owner, repoName),
           getMilestones(owner, repoName),
           getLabels(owner, repoName),
           countIssue(condition.copy(state = "open"  ), false, owner -> repoName),
           countIssue(condition.copy(state = "closed"), false, owner -> repoName),
           condition,
           repository,
-          hasWritePermission(owner, repoName, context.loginAccount))
+          isIssueEditable(repository),
+          isIssueManageable(repository))
     }
   }
+
+  /**
+   * Tests whether an issue or a comment is editable by a logged-in user.
+   */
+  private def isEditableContent(owner: String, repository: String, author: String)(implicit context: Context): Boolean = {
+    hasDeveloperRole(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
+  }
 }

src/main/scala/gitbucket/core/controller/LabelsController.scala

@@ -1,21 +1,20 @@
 package gitbucket.core.controller
 
-import gitbucket.core.api.{ApiError, CreateALabel, ApiLabel, JsonFormat}
 import gitbucket.core.issues.labels.html
 import gitbucket.core.service.{RepositoryService, AccountService, IssuesService, LabelsService}
-import gitbucket.core.util.{LockUtil, RepositoryName, ReferrerAuthenticator, CollaboratorsAuthenticator}
+import gitbucket.core.util.{ReferrerAuthenticator, WritableUsersAuthenticator}
 import gitbucket.core.util.Implicits._
 import io.github.gitbucket.scalatra.forms._
 import org.scalatra.i18n.Messages
-import org.scalatra.{NoContent, UnprocessableEntity, Created, Ok}
+import org.scalatra.Ok
 
 class LabelsController extends LabelsControllerBase
   with LabelsService with IssuesService with RepositoryService with AccountService
-with ReferrerAuthenticator with CollaboratorsAuthenticator
+with ReferrerAuthenticator with WritableUsersAuthenticator
 
 trait LabelsControllerBase extends ControllerBase {
   self: LabelsService with IssuesService with RepositoryService
-    with ReferrerAuthenticator with CollaboratorsAuthenticator =>
+    with ReferrerAuthenticator with WritableUsersAuthenticator =>
 
   case class LabelForm(labelName: String, color: String)
 
@@ -24,133 +23,50 @@ trait LabelsControllerBase extends ControllerBase {
     "labelColor" -> trim(label("Color",      text(required, color)))
   )(LabelForm.apply)
 
+
   get("/:owner/:repository/issues/labels")(referrersOnly { repository =>
     html.list(
       getLabels(repository.owner, repository.name),
       countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
       repository,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount))
+      hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
   })
 
-  /**
-    * List all labels for this repository
-    * https://developer.github.com/v3/issues/labels/#list-all-labels-for-this-repository
-    */
-  get("/api/v3/repos/:owner/:repository/labels")(referrersOnly { repository =>
-    JsonFormat(getLabels(repository.owner, repository.name).map { label =>
-      ApiLabel(label, RepositoryName(repository))
-    })
-  })
-
-  /**
-    * Get a single label
-    * https://developer.github.com/v3/issues/labels/#get-a-single-label
-    */
-  get("/api/v3/repos/:owner/:repository/labels/:labelName")(referrersOnly { repository =>
-    getLabel(repository.owner, repository.name, params("labelName")).map { label =>
-      JsonFormat(ApiLabel(label, RepositoryName(repository)))
-    } getOrElse NotFound()
-  })
-
-  ajaxGet("/:owner/:repository/issues/labels/new")(collaboratorsOnly { repository =>
+  ajaxGet("/:owner/:repository/issues/labels/new")(writableUsersOnly { repository =>
     html.edit(None, repository)
   })
 
-  ajaxPost("/:owner/:repository/issues/labels/new", labelForm)(collaboratorsOnly { (form, repository) =>
+  ajaxPost("/:owner/:repository/issues/labels/new", labelForm)(writableUsersOnly { (form, repository) =>
     val labelId = createLabel(repository.owner, repository.name, form.labelName, form.color.substring(1))
     html.label(
       getLabel(repository.owner, repository.name, labelId).get,
       // TODO futility
       countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
       repository,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount))
+      hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
   })
 
-  /**
-    * Create a label
-    * https://developer.github.com/v3/issues/labels/#create-a-label
-    */
-  post("/api/v3/repos/:owner/:repository/labels")(collaboratorsOnly { repository =>
-    (for{
-      data <- extractFromJsonBody[CreateALabel] if data.isValid
-    } yield {
-      LockUtil.lock(RepositoryName(repository).fullName) {
-        if (getLabel(repository.owner, repository.name, data.name).isEmpty) {
-          val labelId = createLabel(repository.owner, repository.name, data.name, data.color)
-          getLabel(repository.owner, repository.name, labelId).map { label =>
-            Created(JsonFormat(ApiLabel(label, RepositoryName(repository))))
-          } getOrElse NotFound()
-        } else {
-          // TODO ApiError should support errors field to enhance compatibility of GitHub API
-          UnprocessableEntity(ApiError(
-            "Validation Failed",
-            Some("https://developer.github.com/v3/issues/labels/#create-a-label")
-          ))
-        }
-      }
-    }) getOrElse NotFound()
-  })
-
-  ajaxGet("/:owner/:repository/issues/labels/:labelId/edit")(collaboratorsOnly { repository =>
+  ajaxGet("/:owner/:repository/issues/labels/:labelId/edit")(writableUsersOnly { repository =>
     getLabel(repository.owner, repository.name, params("labelId").toInt).map { label =>
       html.edit(Some(label), repository)
     } getOrElse NotFound()
   })
 
-  ajaxPost("/:owner/:repository/issues/labels/:labelId/edit", labelForm)(collaboratorsOnly { (form, repository) =>
+  ajaxPost("/:owner/:repository/issues/labels/:labelId/edit", labelForm)(writableUsersOnly { (form, repository) =>
     updateLabel(repository.owner, repository.name, params("labelId").toInt, form.labelName, form.color.substring(1))
     html.label(
       getLabel(repository.owner, repository.name, params("labelId").toInt).get,
       // TODO futility
       countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
       repository,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount))
+      hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
   })
 
-  /**
-    * Update a label
-    * https://developer.github.com/v3/issues/labels/#update-a-label
-    */
-  patch("/api/v3/repos/:owner/:repository/labels/:labelName")(collaboratorsOnly { repository =>
-    (for{
-      data <- extractFromJsonBody[CreateALabel] if data.isValid
-    } yield {
-      LockUtil.lock(RepositoryName(repository).fullName) {
-        getLabel(repository.owner, repository.name, params("labelName")).map { label =>
-          if (getLabel(repository.owner, repository.name, data.name).isEmpty) {
-            updateLabel(repository.owner, repository.name, label.labelId, data.name, data.color)
-            JsonFormat(ApiLabel(
-              getLabel(repository.owner, repository.name, label.labelId).get,
-              RepositoryName(repository)))
-          } else {
-            // TODO ApiError should support errors field to enhance compatibility of GitHub API
-            UnprocessableEntity(ApiError(
-              "Validation Failed",
-              Some("https://developer.github.com/v3/issues/labels/#create-a-label")))
-          }
-        } getOrElse NotFound()
-      }
-    }) getOrElse NotFound()
-  })
-
-  ajaxPost("/:owner/:repository/issues/labels/:labelId/delete")(collaboratorsOnly { repository =>
+  ajaxPost("/:owner/:repository/issues/labels/:labelId/delete")(writableUsersOnly { repository =>
     deleteLabel(repository.owner, repository.name, params("labelId").toInt)
     Ok()
   })
 
-  /**
-    * Delete a label
-    * https://developer.github.com/v3/issues/labels/#delete-a-label
-    */
-  delete("/api/v3/repos/:owner/:repository/labels/:labelName")(collaboratorsOnly { repository =>
-    LockUtil.lock(RepositoryName(repository).fullName) {
-      getLabel(repository.owner, repository.name, params("labelName")).map { label =>
-        deleteLabel(repository.owner, repository.name, label.labelId)
-        NoContent()
-      } getOrElse NotFound()
-    }
-  })
-
   /**
    * Constraint for the identifier such as user name, repository name or page name.
    */
@@ -169,7 +85,11 @@ trait LabelsControllerBase extends ControllerBase {
     override def validate(name: String, value: String, params: Map[String, String], messages: Messages): Option[String] = {
       val owner = params("owner")
       val repository = params("repository")
-      getLabel(owner, repository, value).map(_ => "Name has already been taken.")
+      params.get("labelId").map { labelId =>
+        getLabel(owner, repository, value).filter(_.labelId != labelId.toInt).map(_ => "Name has already been taken.")
+      }.getOrElse {
+        getLabel(owner, repository, value).map(_ => "Name has already been taken.")
+      }
     }
   }
 

src/main/scala/gitbucket/core/controller/MilestonesController.scala

@@ -2,17 +2,17 @@ package gitbucket.core.controller
 
 import gitbucket.core.issues.milestones.html
 import gitbucket.core.service.{RepositoryService, MilestonesService, AccountService}
-import gitbucket.core.util.{ReferrerAuthenticator, CollaboratorsAuthenticator}
+import gitbucket.core.util.{ReferrerAuthenticator, WritableUsersAuthenticator}
 import gitbucket.core.util.Implicits._
 import io.github.gitbucket.scalatra.forms._
 
 class MilestonesController extends MilestonesControllerBase
   with MilestonesService with RepositoryService with AccountService
-  with ReferrerAuthenticator with CollaboratorsAuthenticator
+  with ReferrerAuthenticator with WritableUsersAuthenticator
 
 trait MilestonesControllerBase extends ControllerBase {
   self: MilestonesService with RepositoryService
-    with ReferrerAuthenticator with CollaboratorsAuthenticator  =>
+    with ReferrerAuthenticator with WritableUsersAuthenticator  =>
 
   case class MilestoneForm(title: String, description: Option[String], dueDate: Option[java.util.Date])
 
@@ -27,58 +27,58 @@ trait MilestonesControllerBase extends ControllerBase {
       params.getOrElse("state", "open"),
       getMilestonesWithIssueCount(repository.owner, repository.name),
       repository,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount))
+      hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
   })
 
-  get("/:owner/:repository/issues/milestones/new")(collaboratorsOnly {
+  get("/:owner/:repository/issues/milestones/new")(writableUsersOnly {
     html.edit(None, _)
   })
 
-  post("/:owner/:repository/issues/milestones/new", milestoneForm)(collaboratorsOnly { (form, repository) =>
+  post("/:owner/:repository/issues/milestones/new", milestoneForm)(writableUsersOnly { (form, repository) =>
     createMilestone(repository.owner, repository.name, form.title, form.description, form.dueDate)
     redirect(s"/${repository.owner}/${repository.name}/issues/milestones")
   })
 
-  get("/:owner/:repository/issues/milestones/:milestoneId/edit")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/issues/milestones/:milestoneId/edit")(writableUsersOnly { repository =>
     params("milestoneId").toIntOpt.map{ milestoneId =>
       html.edit(getMilestone(repository.owner, repository.name, milestoneId), repository)
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
-  post("/:owner/:repository/issues/milestones/:milestoneId/edit", milestoneForm)(collaboratorsOnly { (form, repository) =>
+  post("/:owner/:repository/issues/milestones/:milestoneId/edit", milestoneForm)(writableUsersOnly { (form, repository) =>
     params("milestoneId").toIntOpt.flatMap{ milestoneId =>
       getMilestone(repository.owner, repository.name, milestoneId).map { milestone =>
         updateMilestone(milestone.copy(title = form.title, description = form.description, dueDate = form.dueDate))
         redirect(s"/${repository.owner}/${repository.name}/issues/milestones")
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
-  get("/:owner/:repository/issues/milestones/:milestoneId/close")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/issues/milestones/:milestoneId/close")(writableUsersOnly { repository =>
     params("milestoneId").toIntOpt.flatMap{ milestoneId =>
       getMilestone(repository.owner, repository.name, milestoneId).map { milestone =>
         closeMilestone(milestone)
         redirect(s"/${repository.owner}/${repository.name}/issues/milestones")
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
-  get("/:owner/:repository/issues/milestones/:milestoneId/open")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/issues/milestones/:milestoneId/open")(writableUsersOnly { repository =>
     params("milestoneId").toIntOpt.flatMap{ milestoneId =>
       getMilestone(repository.owner, repository.name, milestoneId).map { milestone =>
         openMilestone(milestone)
         redirect(s"/${repository.owner}/${repository.name}/issues/milestones")
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
-  get("/:owner/:repository/issues/milestones/:milestoneId/delete")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/issues/milestones/:milestoneId/delete")(writableUsersOnly { repository =>
     params("milestoneId").toIntOpt.flatMap{ milestoneId =>
       getMilestone(repository.owner, repository.name, milestoneId).map { milestone =>
         deleteMilestone(repository.owner, repository.name, milestone.milestoneId)
         redirect(s"/${repository.owner}/${repository.name}/issues/milestones")
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
 }

src/main/scala/gitbucket/core/controller/PullRequestsController.scala

@@ -1,42 +1,37 @@
 package gitbucket.core.controller
 
-import gitbucket.core.api._
-import gitbucket.core.model.{Account, CommitStatus, CommitState, Repository, PullRequest, Issue, WebHook}
+import gitbucket.core.model.WebHook
 import gitbucket.core.pulls.html
 import gitbucket.core.service.CommitStatusService
 import gitbucket.core.service.MergeService
 import gitbucket.core.service.IssuesService._
 import gitbucket.core.service.PullRequestService._
+import gitbucket.core.service.RepositoryService.RepositoryInfo
 import gitbucket.core.service._
-import gitbucket.core.util.ControlUtil._
+import gitbucket.core.util.SyntaxSugars._
 import gitbucket.core.util.Directory._
 import gitbucket.core.util.Implicits._
-import gitbucket.core.util.JGitUtil._
 import gitbucket.core.util._
-import gitbucket.core.view
-import gitbucket.core.view.helpers
-
 import io.github.gitbucket.scalatra.forms._
 import org.eclipse.jgit.api.Git
 import org.eclipse.jgit.lib.PersonIdent
-import org.slf4j.LoggerFactory
 
 import scala.collection.JavaConverters._
 
 
 class PullRequestsController extends PullRequestsControllerBase
   with RepositoryService with AccountService with IssuesService with PullRequestService with MilestonesService with LabelsService
-  with CommitsService with ActivityService with WebHookPullRequestService with ReferrerAuthenticator with CollaboratorsAuthenticator
+  with CommitsService with ActivityService with WebHookPullRequestService
+  with ReadableUsersAuthenticator with ReferrerAuthenticator with WritableUsersAuthenticator
   with CommitStatusService with MergeService with ProtectedBranchService
 
 
 trait PullRequestsControllerBase extends ControllerBase {
   self: RepositoryService with AccountService with IssuesService with MilestonesService with LabelsService
-    with CommitsService with ActivityService with PullRequestService with WebHookPullRequestService with ReferrerAuthenticator with CollaboratorsAuthenticator
+    with CommitsService with ActivityService with PullRequestService with WebHookPullRequestService
+    with ReadableUsersAuthenticator with ReferrerAuthenticator with WritableUsersAuthenticator
     with CommitStatusService with MergeService with ProtectedBranchService =>
 
-  private val logger = LoggerFactory.getLogger(classOf[PullRequestsControllerBase])
-
   val pullRequestForm = mapping(
     "title"                 -> trim(label("Title"  , text(required, maxlength(100)))),
     "content"               -> trim(label("Content", optional(text()))),
@@ -82,24 +77,6 @@ trait PullRequestsControllerBase extends ControllerBase {
     }
   })
 
-  /**
-   * https://developer.github.com/v3/pulls/#list-pull-requests
-   */
-  get("/api/v3/repos/:owner/:repository/pulls")(referrersOnly { repository =>
-    val page       = IssueSearchCondition.page(request)
-    // TODO: more api spec condition
-    val condition = IssueSearchCondition(request)
-    val baseOwner = getAccountByUserName(repository.owner).get
-    val issues:List[(Issue, Account, Int, PullRequest, Repository, Account)] = searchPullRequestByApi(condition, (page - 1) * PullRequestLimit, PullRequestLimit, repository.owner -> repository.name)
-    JsonFormat(issues.map{case (issue, issueUser, commentCount, pullRequest, headRepo, headOwner) =>
-      ApiPullRequest(
-        issue,
-        pullRequest,
-        ApiRepository(headRepo, ApiUser(headOwner)),
-        ApiRepository(repository, ApiUser(baseOwner)),
-        ApiUser(issueUser)) })
-  })
-
   get("/:owner/:repository/pull/:id")(referrersOnly { repository =>
     params("id").toIntOpt.flatMap{ issueId =>
       val owner = repository.owner
@@ -113,58 +90,18 @@ trait PullRequestsControllerBase extends ControllerBase {
             (commits.flatten.map(commit => getCommitComments(owner, name, commit.id, true)).flatten.toList ::: getComments(owner, name, issueId))
               .sortWith((a, b) => a.registeredDate before b.registeredDate),
             getIssueLabels(owner, name, issueId),
-            (getCollaborators(owner, name) ::: (if(getAccountByUserName(owner).get.isGroupAccount) Nil else List(owner))).sorted,
+            getAssignableUserNames(owner, name),
             getMilestonesWithIssueCount(owner, name),
             getLabels(owner, name),
             commits,
             diffs,
-            hasWritePermission(owner, name, context.loginAccount),
+            isEditable(repository),
+            isManageable(repository),
             repository,
             flash.toMap.map(f => f._1 -> f._2.toString))
         }
       }
-    } getOrElse NotFound
-  })
-
-  /**
-   * https://developer.github.com/v3/pulls/#get-a-single-pull-request
-   */
-  get("/api/v3/repos/:owner/:repository/pulls/:id")(referrersOnly { repository =>
-    (for{
-      issueId <- params("id").toIntOpt
-      (issue, pullRequest) <- getPullRequest(repository.owner, repository.name, issueId)
-      users = getAccountsByUserNames(Set(repository.owner, pullRequest.requestUserName, issue.openedUserName), Set())
-      baseOwner <- users.get(repository.owner)
-      headOwner <- users.get(pullRequest.requestUserName)
-      issueUser <- users.get(issue.openedUserName)
-      headRepo  <- getRepository(pullRequest.requestUserName, pullRequest.requestRepositoryName)
-    } yield {
-      JsonFormat(ApiPullRequest(
-        issue,
-        pullRequest,
-        ApiRepository(headRepo, ApiUser(headOwner)),
-        ApiRepository(repository, ApiUser(baseOwner)),
-        ApiUser(issueUser)))
-    }).getOrElse(NotFound)
-  })
-
-  /**
-   * https://developer.github.com/v3/pulls/#list-commits-on-a-pull-request
-   */
-  get("/api/v3/repos/:owner/:repository/pulls/:id/commits")(referrersOnly { repository =>
-    val owner = repository.owner
-    val name = repository.name
-    params("id").toIntOpt.flatMap{ issueId =>
-      getPullRequest(owner, name, issueId) map { case(issue, pullreq) =>
-        using(Git.open(getRepositoryDir(owner, name))){ git =>
-          val oldId = git.getRepository.resolve(pullreq.commitIdFrom)
-          val newId = git.getRepository.resolve(pullreq.commitIdTo)
-          val repoFullName = RepositoryName(repository)
-          val commits = git.log.addRange(oldId, newId).call.iterator.asScala.map(c => ApiCommitListItem(new CommitInfo(c), repoFullName)).toList
-          JsonFormat(commits)
-        }
-      }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   ajaxGet("/:owner/:repository/pull/:id/mergeguide")(referrersOnly { repository =>
@@ -175,7 +112,7 @@ trait PullRequestsControllerBase extends ControllerBase {
         val hasConflict = LockUtil.lock(s"${owner}/${name}"){
           checkConflict(owner, name, pullreq.branch, issueId)
         }
-        val hasMergePermission = hasWritePermission(owner, name, context.loginAccount)
+        val hasMergePermission = hasDeveloperRole(owner, name, context.loginAccount)
         val branchProtection = getProtectedBranchInfo(owner, name, pullreq.branch)
         val mergeStatus = PullRequestService.MergeStatus(
            hasConflict         = hasConflict,
@@ -185,7 +122,7 @@ trait PullRequestsControllerBase extends ControllerBase {
            needStatusCheck     = context.loginAccount.map{ u =>
                                    branchProtection.needStatusCheck(u.userName)
                                  }.getOrElse(true),
-           hasUpdatePermission = hasWritePermission(pullreq.requestUserName, pullreq.requestRepositoryName, context.loginAccount) &&
+           hasUpdatePermission = hasDeveloperRole(pullreq.requestUserName, pullreq.requestRepositoryName, context.loginAccount) &&
                                    context.loginAccount.map{ u =>
                                      !getProtectedBranchInfo(pullreq.requestUserName, pullreq.requestRepositoryName, pullreq.requestBranch).needStatusCheck(u.userName)
                                    }.getOrElse(false),
@@ -198,10 +135,10 @@ trait PullRequestsControllerBase extends ControllerBase {
           repository,
           getRepository(pullreq.requestUserName, pullreq.requestRepositoryName).get)
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
-  get("/:owner/:repository/pull/:id/delete/*")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/pull/:id/delete/*")(writableUsersOnly { repository =>
     params("id").toIntOpt.map { issueId =>
       val branchName = multiParams("splat").head
       val userName   = context.loginAccount.get.userName
@@ -213,32 +150,32 @@ trait PullRequestsControllerBase extends ControllerBase {
       }
       createComment(repository.owner, repository.name, userName, issueId, branchName, "delete_branch")
       redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
-  post("/:owner/:repository/pull/:id/update_branch")(referrersOnly { baseRepository =>
+  post("/:owner/:repository/pull/:id/update_branch")(writableUsersOnly { baseRepository =>
     (for {
       issueId <- params("id").toIntOpt
       loginAccount <- context.loginAccount
       (issue, pullreq) <- getPullRequest(baseRepository.owner, baseRepository.name, issueId)
       owner = pullreq.requestUserName
       name  = pullreq.requestRepositoryName
-      if hasWritePermission(owner, name, context.loginAccount)
+      if hasDeveloperRole(owner, name, context.loginAccount)
     } yield {
+      val repository = getRepository(owner, name).get
       val branchProtection = getProtectedBranchInfo(owner, name, pullreq.requestBranch)
       if(branchProtection.needStatusCheck(loginAccount.userName)){
         flash += "error" -> s"branch ${pullreq.requestBranch} is protected need status check."
       } else {
-        val repository = getRepository(owner, name).get
         LockUtil.lock(s"${owner}/${name}"){
           val alias = if(pullreq.repositoryName == pullreq.requestRepositoryName && pullreq.userName == pullreq.requestUserName){
             pullreq.branch
-          }else{
+          } else {
             s"${pullreq.userName}:${pullreq.branch}"
           }
           val existIds = using(Git.open(Directory.getRepositoryDir(owner, name))) { git => JGitUtil.getAllCommitIds(git) }.toSet
           pullRemote(owner, name, pullreq.requestBranch, pullreq.userName, pullreq.repositoryName, pullreq.branch, loginAccount,
-                     "Merge branch '${alias}' into ${pullreq.requestBranch}") match {
+                     s"Merge branch '${alias}' into ${pullreq.requestBranch}") match {
             case None => // conflict
               flash += "error" -> s"Can't automatic merging branch '${alias}' into ${pullreq.requestBranch}."
             case Some(oldId) =>
@@ -247,11 +184,10 @@ trait PullRequestsControllerBase extends ControllerBase {
 
               using(Git.open(Directory.getRepositoryDir(owner, name))) { git =>
                 //  after update branch
-
                 val newCommitId = git.getRepository.resolve(s"refs/heads/${pullreq.requestBranch}")
                 val commits = git.log.addRange(oldId, newCommitId).call.iterator.asScala.map(c => new JGitUtil.CommitInfo(c)).toList
 
-                commits.foreach{ commit =>
+                commits.foreach { commit =>
                   if(!existIds.contains(commit.id)){
                     createIssueComment(owner, name, commit)
                   }
@@ -262,7 +198,7 @@ trait PullRequestsControllerBase extends ControllerBase {
 
                 // close issue by commit message
                 if(pullreq.requestBranch == repository.repository.defaultBranch){
-                  commits.map{ commit =>
+                  commits.map { commit =>
                     closeIssuesFromMessage(commit.fullMessage, loginAccount.userName, owner, name)
                   }
                 }
@@ -280,12 +216,13 @@ trait PullRequestsControllerBase extends ControllerBase {
               flash += "info" -> s"Merge branch '${alias}' into ${pullreq.requestBranch}"
           }
         }
-        redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
       }
-    }) getOrElse NotFound
+      redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
+
+    }) getOrElse NotFound()
   })
 
-  post("/:owner/:repository/pull/:id/merge", mergeForm)(collaboratorsOnly { (form, repository) =>
+  post("/:owner/:repository/pull/:id/merge", mergeForm)(writableUsersOnly { (form, repository) =>
     params("id").toIntOpt.flatMap { issueId =>
       val owner = repository.owner
       val name  = repository.name
@@ -315,10 +252,7 @@ trait PullRequestsControllerBase extends ControllerBase {
               commits.flatten.foreach { commit =>
                 closeIssuesFromMessage(commit.fullMessage, loginAccount.userName, owner, name)
               }
-              issue.content match {
-                case Some(content) => closeIssuesFromMessage(content, loginAccount.userName, owner, name)
-                case _ =>
-              }
+              closeIssuesFromMessage(issue.title + " " + issue.content.getOrElse(""), loginAccount.userName, owner, name)
               closeIssuesFromMessage(form.message, loginAccount.userName, owner, name)
             }
 
@@ -336,7 +270,7 @@ trait PullRequestsControllerBase extends ControllerBase {
           }
         }
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   get("/:owner/:repository/compare")(referrersOnly { forkedRepository =>
@@ -353,7 +287,7 @@ trait PullRequestsControllerBase extends ControllerBase {
 
             redirect(s"/${forkedRepository.owner}/${forkedRepository.name}/compare/${originUserName}:${oldBranch}...${newBranch}")
           }
-        } getOrElse NotFound
+        } getOrElse NotFound()
       }
       case _ => {
         using(Git.open(getRepositoryDir(forkedRepository.owner, forkedRepository.name))){ git =>
@@ -414,7 +348,15 @@ trait PullRequestsControllerBase extends ControllerBase {
               originRepository.owner, originRepository.name, oldId.getName,
               forkedRepository.owner, forkedRepository.name, newId.getName)
 
+            val title = if(commits.flatten.length == 1){
+              commits.flatten.head.shortMessage
+            } else {
+              val text = forkedId.replaceAll("[\\-_]", " ")
+              text.substring(0, 1).toUpperCase + text.substring(1)
+            }
+
             html.compare(
+              title,
               commits,
               diffs,
               (forkedRepository.repository.originUserName, forkedRepository.repository.originRepositoryName) match {
@@ -426,11 +368,12 @@ trait PullRequestsControllerBase extends ControllerBase {
               forkedId,
               oldId.getName,
               newId.getName,
+              getContentTemplate(originRepository, "PULL_REQUEST_TEMPLATE"),
               forkedRepository,
               originRepository,
               forkedRepository,
-              hasWritePermission(originRepository.owner, originRepository.name, context.loginAccount),
-              (getCollaborators(originRepository.owner, originRepository.name) ::: (if(getAccountByUserName(originRepository.owner).get.isGroupAccount) Nil else List(originRepository.owner))).sorted,
+              hasDeveloperRole(originRepository.owner, originRepository.name, context.loginAccount),
+              getAssignableUserNames(originRepository.owner, originRepository.name),
               getMilestones(originRepository.owner, originRepository.name),
               getLabels(originRepository.owner, originRepository.name)
             )
@@ -441,10 +384,10 @@ trait PullRequestsControllerBase extends ControllerBase {
                      s"${forkedOwner}:${newId.map(_ => forkedId).getOrElse(forkedRepository.repository.defaultBranch)}")
         }
       }
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
   })
 
-  ajaxGet("/:owner/:repository/compare/*...*/mergecheck")(collaboratorsOnly { forkedRepository =>
+  ajaxGet("/:owner/:repository/compare/*...*/mergecheck")(readableUsersOnly { forkedRepository =>
     val Seq(origin, forked) = multiParams("splat")
     val (originOwner, tmpOriginBranch) = parseCompareIdentifie(origin, forkedRepository.owner)
     val (forkedOwner, tmpForkedBranch) = parseCompareIdentifie(forked, forkedRepository.owner)
@@ -471,37 +414,37 @@ trait PullRequestsControllerBase extends ControllerBase {
         }
         html.mergecheck(conflict)
       }
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
   })
 
-  post("/:owner/:repository/pulls/new", pullRequestForm)(referrersOnly { (form, repository) =>
+  post("/:owner/:repository/pulls/new", pullRequestForm)(readableUsersOnly { (form, repository) =>
     defining(repository.owner, repository.name){ case (owner, name) =>
-      val writable = hasWritePermission(owner, name, context.loginAccount)
+      val manageable = isManageable(repository)
       val loginUserName = context.loginAccount.get.userName
 
-      val issueId = createIssue(
-        owner            = repository.owner,
-        repository       = repository.name,
-        loginUser        = loginUserName,
-        title            = form.title,
-        content          = form.content,
-        assignedUserName = if(writable) form.assignedUserName else None,
-        milestoneId      = if(writable) form.milestoneId else None,
-        isPullRequest    = true)
+      val issueId = insertIssue(
+        owner = repository.owner,
+        repository = repository.name,
+        loginUser = loginUserName,
+        title = form.title,
+        content = form.content,
+        assignedUserName = if (manageable) form.assignedUserName else None,
+        milestoneId = if (manageable) form.milestoneId else None,
+        isPullRequest = true)
 
       createPullRequest(
-        originUserName        = repository.owner,
-        originRepositoryName  = repository.name,
-        issueId               = issueId,
-        originBranch          = form.targetBranch,
-        requestUserName       = form.requestUserName,
+        originUserName = repository.owner,
+        originRepositoryName = repository.name,
+        issueId = issueId,
+        originBranch = form.targetBranch,
+        requestUserName = form.requestUserName,
         requestRepositoryName = form.requestRepositoryName,
-        requestBranch         = form.requestBranch,
-        commitIdFrom          = form.commitIdFrom,
-        commitIdTo            = form.commitIdTo)
+        requestBranch = form.requestBranch,
+        commitIdFrom = form.commitIdFrom,
+        commitIdTo = form.commitIdTo)
 
       // insert labels
-      if(writable){
+      if (manageable) {
         form.labelNames.map { value =>
           val labels = getLabels(owner, name)
           value.split(",").foreach { labelName =>
@@ -523,10 +466,10 @@ trait PullRequestsControllerBase extends ControllerBase {
 
       getIssue(owner, name, issueId.toString) foreach { issue =>
         // extract references and create refer comment
-        createReferComment(owner, name, issue, form.title + " " + form.content.getOrElse(""))
+        createReferComment(owner, name, issue, form.title + " " + form.content.getOrElse(""), context.loginAccount.get)
 
         // notifications
-        Notifier().toNotify(repository, issue, form.content.getOrElse("")){
+        Notifier().toNotify(repository, issue, form.content.getOrElse("")) {
           Notifier.msgPullRequest(s"${context.baseUrl}/${owner}/${name}/pull/${issueId}")
         }
       }
@@ -535,19 +478,6 @@ trait PullRequestsControllerBase extends ControllerBase {
     }
   })
 
-  // TODO Same method exists in IssueController. Should it moved to IssueService?
-  private def createReferComment(owner: String, repository: String, fromIssue: Issue, message: String) = {
-    StringUtil.extractIssueId(message).foreach { issueId =>
-      val content = fromIssue.issueId + ":" + fromIssue.title
-      if(getIssue(owner, repository, issueId).isDefined){
-        // Not add if refer comment already exist.
-        if(!getComments(owner, repository, issueId.toInt).exists { x => x.action == "refer" && x.content == content }) {
-          createComment(owner, repository, context.loginAccount.get.userName, issueId.toInt, content, "refer")
-        }
-      }
-    }
-  }
-
   /**
    * Parses branch identifier and extracts owner and branch name as tuple.
    *
@@ -562,63 +492,45 @@ trait PullRequestsControllerBase extends ControllerBase {
       (defaultOwner, value)
     }
 
-  private def getRequestCompareInfo(userName: String, repositoryName: String, branch: String,
-      requestUserName: String, requestRepositoryName: String, requestCommitId: String): (Seq[Seq[CommitInfo]], Seq[DiffInfo]) =
-    using(
-      Git.open(getRepositoryDir(userName, repositoryName)),
-      Git.open(getRepositoryDir(requestUserName, requestRepositoryName))
-    ){ (oldGit, newGit) =>
-      val oldId = oldGit.getRepository.resolve(branch)
-      val newId = newGit.getRepository.resolve(requestCommitId)
-
-      val commits = newGit.log.addRange(oldId, newId).call.iterator.asScala.map { revCommit =>
-        new CommitInfo(revCommit)
-      }.toList.splitWith { (commit1, commit2) =>
-        helpers.date(commit1.commitTime) == view.helpers.date(commit2.commitTime)
-      }
-
-      val diffs = JGitUtil.getDiffs(newGit, oldId.getName, newId.getName, true)
-
-      (commits, diffs)
-    }
-
   private def searchPullRequests(userName: Option[String], repository: RepositoryService.RepositoryInfo) =
     defining(repository.owner, repository.name){ case (owner, repoName) =>
-      val page       = IssueSearchCondition.page(request)
-      val sessionKey = Keys.Session.Pulls(owner, repoName)
+      val page = IssueSearchCondition.page(request)
 
       // retrieve search condition
-      val condition = session.putAndGet(sessionKey,
-        if(request.hasQueryString) IssueSearchCondition(request)
-        else session.getAs[IssueSearchCondition](sessionKey).getOrElse(IssueSearchCondition())
-      )
+      val condition = IssueSearchCondition(request)
 
       gitbucket.core.issues.html.list(
         "pulls",
         searchIssue(condition, true, (page - 1) * PullRequestLimit, PullRequestLimit, owner -> repoName),
         page,
-        if(!getAccountByUserName(owner).exists(_.isGroupAccount)){
-          (getCollaborators(owner, repoName) :+ owner).sorted
-        } else {
-          getCollaborators(owner, repoName)
-        },
+        getAssignableUserNames(owner, repoName),
         getMilestones(owner, repoName),
         getLabels(owner, repoName),
         countIssue(condition.copy(state = "open"  ), true, owner -> repoName),
         countIssue(condition.copy(state = "closed"), true, owner -> repoName),
         condition,
         repository,
-        hasWritePermission(owner, repoName, context.loginAccount))
+        isEditable(repository),
+        isManageable(repository))
     }
 
-  // TODO: same as gitbucket.core.servlet.CommitLogHook ...
-  private def createIssueComment(owner: String, repository: String, commit: CommitInfo) = {
-    StringUtil.extractIssueId(commit.fullMessage).foreach { issueId =>
-      if(getIssue(owner, repository, issueId).isDefined){
-        getAccountByMailAddress(commit.committerEmailAddress).foreach { account =>
-          createComment(owner, repository, account.userName, issueId.toInt, commit.fullMessage + " " + commit.id, "commit")
-        }
-      }
+  /**
+   * Tests whether an logged-in user can manage pull requests.
+   */
+  private def isManageable(repository: RepositoryInfo)(implicit context: Context): Boolean = {
+    hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
+  }
+
+  /**
+   * Tests whether an logged-in user can post pull requests.
+   */
+  private def isEditable(repository: RepositoryInfo)(implicit context: Context): Boolean = {
+    repository.repository.options.issuesOption match {
+      case "ALL"     => !repository.repository.isPrivate && context.loginAccount.isDefined
+      case "PUBLIC"  => hasGuestRole(repository.owner, repository.name, context.loginAccount)
+      case "PRIVATE" => hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
+      case "DISABLE" => false
     }
   }
+
 }

src/main/scala/gitbucket/core/controller/RepositorySettingsController.scala

@@ -2,11 +2,11 @@ package gitbucket.core.controller
 
 import gitbucket.core.settings.html
 import gitbucket.core.model.WebHook
-import gitbucket.core.service.{RepositoryService, AccountService, WebHookService, ProtectedBranchService, CommitStatusService}
+import gitbucket.core.service._
 import gitbucket.core.service.WebHookService._
 import gitbucket.core.util._
 import gitbucket.core.util.JGitUtil._
-import gitbucket.core.util.ControlUtil._
+import gitbucket.core.util.SyntaxSugars._
 import gitbucket.core.util.Implicits._
 import gitbucket.core.util.Directory._
 import io.github.gitbucket.scalatra.forms._
@@ -15,23 +15,39 @@ import org.scalatra.i18n.Messages
 import org.eclipse.jgit.api.Git
 import org.eclipse.jgit.lib.Constants
 import org.eclipse.jgit.lib.ObjectId
+import gitbucket.core.model.WebHookContentType
+import gitbucket.core.plugin.PluginRegistry
 
 
 class RepositorySettingsController extends RepositorySettingsControllerBase
-  with RepositoryService with AccountService with WebHookService with ProtectedBranchService with CommitStatusService
+  with RepositoryService with AccountService with WebHookService with ProtectedBranchService with CommitStatusService with DeployKeyService
   with OwnerAuthenticator with UsersAuthenticator
 
 trait RepositorySettingsControllerBase extends ControllerBase {
-  self: RepositoryService with AccountService with WebHookService with ProtectedBranchService with CommitStatusService
+  self: RepositoryService with AccountService with WebHookService with ProtectedBranchService with CommitStatusService with DeployKeyService
     with OwnerAuthenticator with UsersAuthenticator =>
 
   // for repository options
-  case class OptionsForm(repositoryName: String, description: Option[String], isPrivate: Boolean)
-  
+  case class OptionsForm(
+    repositoryName: String,
+    description: Option[String],
+    isPrivate: Boolean,
+    issuesOption: String,
+    externalIssuesUrl: Option[String],
+    wikiOption: String,
+    externalWikiUrl: Option[String],
+    allowFork: Boolean
+  )
+
   val optionsForm = mapping(
-    "repositoryName" -> trim(label("Repository Name", text(required, maxlength(40), identifier, renameRepositoryName))),
-    "description"    -> trim(label("Description"    , optional(text()))),
-    "isPrivate"      -> trim(label("Repository Type", boolean()))
+    "repositoryName"    -> trim(label("Repository Name"    , text(required, maxlength(100), repository, renameRepositoryName))),
+    "description"       -> trim(label("Description"        , optional(text()))),
+    "isPrivate"         -> trim(label("Repository Type"    , boolean())),
+    "issuesOption"      -> trim(label("Issues Option"      , text(required, featureOption))),
+    "externalIssuesUrl" -> trim(label("External Issues URL", optional(text(maxlength(200))))),
+    "wikiOption"        -> trim(label("Wiki Option"        , text(required, featureOption))),
+    "externalWikiUrl"   -> trim(label("External Wiki URL"  , optional(text(maxlength(200))))),
+    "allowFork"         -> trim(label("Allow Forking"      , boolean()))
   )(OptionsForm.apply)
 
   // for default branch
@@ -41,20 +57,27 @@ trait RepositorySettingsControllerBase extends ControllerBase {
     "defaultBranch"  -> trim(label("Default Branch" , text(required, maxlength(100))))
   )(DefaultBranchForm.apply)
 
-  // for collaborator addition
-  case class CollaboratorForm(userName: String)
 
-  val collaboratorForm = mapping(
-    "userName" -> trim(label("Username", text(required, collaborator)))
-  )(CollaboratorForm.apply)
+  // for deploy key
+  case class DeployKeyForm(title: String, publicKey: String, allowWrite: Boolean)
+
+  val deployKeyForm = mapping(
+    "title"      -> trim(label("Title", text(required, maxlength(100)))),
+    "publicKey"  -> trim2(label("Key" , text(required))), // TODO duplication check in the repository?
+    "allowWrite" -> trim(label("Key"  , boolean()))
+  )(DeployKeyForm.apply)
 
   // for web hook url addition
-  case class WebHookForm(url: String, events: Set[WebHook.Event])
+  case class WebHookForm(url: String, events: Set[WebHook.Event], ctype: WebHookContentType, token: Option[String])
 
   def webHookForm(update:Boolean) = mapping(
     "url"    -> trim(label("url", text(required, webHook(update)))),
-    "events" -> webhookEvents
-  )(WebHookForm.apply)
+    "events" -> webhookEvents,
+    "ctype" -> label("ctype", text()),
+    "token" -> optional(trim(label("token", text(maxlength(100)))))
+  )(
+    (url, events, ctype, token) => WebHookForm(url, events, WebHookContentType.valueOf(ctype), token)
+  )
 
   // for transfer ownership
   case class TransferOwnerShipForm(newOwner: String)
@@ -69,14 +92,14 @@ trait RepositorySettingsControllerBase extends ControllerBase {
   get("/:owner/:repository/settings")(ownerOnly { repository =>
     redirect(s"/${repository.owner}/${repository.name}/settings/options")
   })
-  
+
   /**
    * Display the Options page.
    */
   get("/:owner/:repository/settings/options")(ownerOnly {
     html.options(_, flash.get("info"))
   })
-  
+
   /**
    * Save the repository options.
    */
@@ -87,7 +110,12 @@ trait RepositorySettingsControllerBase extends ControllerBase {
       form.description,
       repository.repository.parentUserName.map { _ =>
         repository.repository.isPrivate
-      } getOrElse form.isPrivate
+      } getOrElse form.isPrivate,
+      form.issuesOption,
+      form.externalIssuesUrl,
+      form.wikiOption,
+      form.externalWikiUrl,
+      form.allowFork
     )
     // Change repository name
     if(repository.name != form.repositoryName){
@@ -95,12 +123,33 @@ trait RepositorySettingsControllerBase extends ControllerBase {
       renameRepository(repository.owner, repository.name, repository.owner, form.repositoryName)
       // Move git repository
       defining(getRepositoryDir(repository.owner, repository.name)){ dir =>
-        FileUtils.moveDirectory(dir, getRepositoryDir(repository.owner, form.repositoryName))
+        if(dir.isDirectory){
+          FileUtils.moveDirectory(dir, getRepositoryDir(repository.owner, form.repositoryName))
+        }
       }
       // Move wiki repository
       defining(getWikiRepositoryDir(repository.owner, repository.name)){ dir =>
-        FileUtils.moveDirectory(dir, getWikiRepositoryDir(repository.owner, form.repositoryName))
+        if(dir.isDirectory) {
+          FileUtils.moveDirectory(dir, getWikiRepositoryDir(repository.owner, form.repositoryName))
+        }
       }
+      // Move lfs directory
+      defining(getLfsDir(repository.owner, repository.name)){ dir =>
+        if(dir.isDirectory) {
+          FileUtils.moveDirectory(dir, getLfsDir(repository.owner, form.repositoryName))
+        }
+      }
+      // Move attached directory
+      defining(getAttachedDir(repository.owner, repository.name)){ dir =>
+        if(dir.isDirectory) {
+          FileUtils.moveDirectory(dir, getAttachedDir(repository.owner, form.repositoryName))
+        }
+      }
+      // Delete parent directory
+      FileUtil.deleteDirectoryIfEmpty(getRepositoryFilesDir(repository.owner, repository.name))
+
+      // Call hooks
+      PluginRegistry().getRepositoryHooks.foreach(_.renamed(repository.owner, repository.name, form.repositoryName))
     }
     flash += "info" -> "Repository settings has been updated."
     redirect(s"/${repository.owner}/${form.repositoryName}/settings/options")
@@ -114,7 +163,7 @@ trait RepositorySettingsControllerBase extends ControllerBase {
 
   /** Update default branch */
   post("/:owner/:repository/settings/update_default_branch", defaultBranchForm)(ownerOnly { (form, repository) =>
-    if(repository.branchList.find(_ == form.defaultBranch).isEmpty){
+    if(!repository.branchList.contains(form.defaultBranch)){
       redirect(s"/${repository.owner}/${repository.name}/settings/options")
     } else {
       saveRepositoryDefaultBranch(repository.owner, repository.name, form.defaultBranch)
@@ -131,7 +180,7 @@ trait RepositorySettingsControllerBase extends ControllerBase {
   get("/:owner/:repository/settings/branches/:branch")(ownerOnly { repository =>
     import gitbucket.core.api._
     val branch = params("branch")
-    if(repository.branchList.find(_ == branch).isEmpty){
+    if(!repository.branchList.contains(branch)){
       redirect(s"/${repository.owner}/${repository.name}/settings/branches")
     } else {
       val protection = ApiBranchProtection(getProtectedBranchInfo(repository.owner, repository.name, branch))
@@ -141,22 +190,6 @@ trait RepositorySettingsControllerBase extends ControllerBase {
     }
   })
 
-  /** https://developer.github.com/v3/repos/#enabling-and-disabling-branch-protection */
-  patch("/api/v3/repos/:owner/:repo/branches/:branch")(ownerOnly { repository =>
-    import gitbucket.core.api._
-    (for{
-      branch <- params.get("branch") if repository.branchList.find(_ == branch).isDefined
-      protection <- extractFromJsonBody[ApiBranchProtection.EnablingAndDisabling].map(_.protection)
-    } yield {
-      if(protection.enabled){
-        enableBranchProtection(repository.owner, repository.name, branch, protection.status.enforcement_level == ApiBranchProtection.Everyone, protection.status.contexts)
-      } else {
-        disableBranchProtection(repository.owner, repository.name, branch)
-      }
-      JsonFormat(ApiBranch(branch, protection)(RepositoryName(repository)))
-    }) getOrElse NotFound
-  })
-
   /**
    * Display the Collaborators page.
    */
@@ -167,22 +200,12 @@ trait RepositorySettingsControllerBase extends ControllerBase {
       repository)
   })
 
-  /**
-   * Add the collaborator.
-   */
-  post("/:owner/:repository/settings/collaborators/add", collaboratorForm)(ownerOnly { (form, repository) =>
-    if(!getAccountByUserName(repository.owner).get.isGroupAccount){
-      addCollaborator(repository.owner, repository.name, form.userName)
-    }
-    redirect(s"/${repository.owner}/${repository.name}/settings/collaborators")
-  })
-
-  /**
-   * Add the collaborator.
-   */
-  get("/:owner/:repository/settings/collaborators/remove")(ownerOnly { repository =>
-    if(!getAccountByUserName(repository.owner).get.isGroupAccount){
-      removeCollaborator(repository.owner, repository.name, params("name"))
+  post("/:owner/:repository/settings/collaborators")(ownerOnly { repository =>
+    val collaborators = params("collaborators")
+    removeCollaborators(repository.owner, repository.name)
+    collaborators.split(",").withFilter(_.nonEmpty).map { collaborator =>
+      val userName :: role :: Nil = collaborator.split(":").toList
+      addCollaborator(repository.owner, repository.name, userName, role)
     }
     redirect(s"/${repository.owner}/${repository.name}/settings/collaborators")
   })
@@ -198,7 +221,7 @@ trait RepositorySettingsControllerBase extends ControllerBase {
    * Display the web hook edit page.
    */
   get("/:owner/:repository/settings/hooks/new")(ownerOnly { repository =>
-    val webhook = WebHook(repository.owner, repository.name, "")
+    val webhook = WebHook(repository.owner, repository.name, "", WebHookContentType.FORM, None)
     html.edithooks(webhook, Set(WebHook.Push), repository, flash.get("info"), true)
   })
 
@@ -206,7 +229,7 @@ trait RepositorySettingsControllerBase extends ControllerBase {
    * Add the web hook URL.
    */
   post("/:owner/:repository/settings/hooks/new", webHookForm(false))(ownerOnly { (form, repository) =>
-    addWebHook(repository.owner, repository.name, form.url, form.events)
+    addWebHook(repository.owner, repository.name, form.url, form.events, form.ctype, form.token)
     flash += "info" -> s"Webhook ${form.url} created"
     redirect(s"/${repository.owner}/${repository.name}/settings/hooks")
   })
@@ -235,10 +258,12 @@ trait RepositorySettingsControllerBase extends ControllerBase {
       import scala.concurrent.ExecutionContext.Implicits.global
 
       val url = params("url")
-      val dummyWebHookInfo = WebHook(repository.owner, repository.name, url)
+      val token = Some(params("token"))
+      val ctype = WebHookContentType.valueOf(params("ctype"))
+      val dummyWebHookInfo = WebHook(repository.owner, repository.name, url, ctype, token)
       val dummyPayload = {
         val ownerAccount = getAccountByUserName(repository.owner).get
-        val commits = if(repository.commitCount == 0) List.empty else git.log
+        val commits = if(JGitUtil.isEmpty(git)) List.empty else git.log
           .add(git.getRepository.resolve(repository.repository.defaultBranch))
           .setMaxCount(4)
           .call.iterator.asScala.map(new CommitInfo(_)).toList
@@ -287,14 +312,14 @@ trait RepositorySettingsControllerBase extends ControllerBase {
   get("/:owner/:repository/settings/hooks/edit")(ownerOnly { repository =>
     getWebHook(repository.owner, repository.name, params("url")).map{ case (webhook, events) =>
       html.edithooks(webhook, events, repository, flash.get("info"), false)
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   /**
    * Update web hook settings.
    */
   post("/:owner/:repository/settings/hooks/edit", webHookForm(true))(ownerOnly { (form, repository) =>
-    updateWebHook(repository.owner, repository.name, form.url, form.events)
+    updateWebHook(repository.owner, repository.name, form.url, form.events, form.ctype, form.token)
     flash += "info" -> s"webhook ${form.url} updated"
     redirect(s"/${repository.owner}/${repository.name}/settings/hooks")
   })
@@ -303,7 +328,7 @@ trait RepositorySettingsControllerBase extends ControllerBase {
    * Display the danger zone.
    */
   get("/:owner/:repository/settings/danger")(ownerOnly {
-    html.danger(_)
+    html.danger(_, flash.get("info"))
   })
 
   /**
@@ -317,12 +342,33 @@ trait RepositorySettingsControllerBase extends ControllerBase {
         renameRepository(repository.owner, repository.name, form.newOwner, repository.name)
         // Move git repository
         defining(getRepositoryDir(repository.owner, repository.name)){ dir =>
-          FileUtils.moveDirectory(dir, getRepositoryDir(form.newOwner, repository.name))
+          if(dir.isDirectory){
+            FileUtils.moveDirectory(dir, getRepositoryDir(form.newOwner, repository.name))
+          }
         }
         // Move wiki repository
         defining(getWikiRepositoryDir(repository.owner, repository.name)){ dir =>
-          FileUtils.moveDirectory(dir, getWikiRepositoryDir(form.newOwner, repository.name))
+          if(dir.isDirectory) {
+            FileUtils.moveDirectory(dir, getWikiRepositoryDir(form.newOwner, repository.name))
+          }
         }
+        // Move lfs directory
+        defining(getLfsDir(repository.owner, repository.name)){ dir =>
+          if(dir.isDirectory()) {
+            FileUtils.moveDirectory(dir, getLfsDir(form.newOwner, repository.name))
+          }
+        }
+        // Move attached directory
+        defining(getAttachedDir(repository.owner, repository.name)){ dir =>
+          if(dir.isDirectory) {
+            FileUtils.moveDirectory(dir, getAttachedDir(form.newOwner, repository.name))
+          }
+        }
+        // Delere parent directory
+        FileUtil.deleteDirectoryIfEmpty(getRepositoryFilesDir(repository.owner, repository.name))
+
+        // Call hooks
+        PluginRegistry().getRepositoryHooks.foreach(_.transferred(repository.owner, form.newOwner, repository.name))
       }
     }
     redirect(s"/${form.newOwner}/${repository.name}")
@@ -333,15 +379,54 @@ trait RepositorySettingsControllerBase extends ControllerBase {
    */
   post("/:owner/:repository/settings/delete")(ownerOnly { repository =>
     LockUtil.lock(s"${repository.owner}/${repository.name}"){
+      // Delete the repository and related files
       deleteRepository(repository.owner, repository.name)
 
       FileUtils.deleteDirectory(getRepositoryDir(repository.owner, repository.name))
       FileUtils.deleteDirectory(getWikiRepositoryDir(repository.owner, repository.name))
       FileUtils.deleteDirectory(getTemporaryDir(repository.owner, repository.name))
+      val lfsDir = getLfsDir(repository.owner, repository.name)
+      FileUtils.deleteDirectory(lfsDir)
+      FileUtil.deleteDirectoryIfEmpty(lfsDir.getParentFile())
+
+      // Call hooks
+      PluginRegistry().getRepositoryHooks.foreach(_.deleted(repository.owner, repository.name))
     }
+
     redirect(s"/${repository.owner}")
   })
 
+  /**
+   * Run GC
+   */
+  post("/:owner/:repository/settings/gc")(ownerOnly { repository =>
+    LockUtil.lock(s"${repository.owner}/${repository.name}") {
+      using(Git.open(getRepositoryDir(repository.owner, repository.name))) { git =>
+        git.gc();
+      }
+    }
+    flash += "info" -> "Garbage collection has been executed."
+    redirect(s"/${repository.owner}/${repository.name}/settings/danger")
+  })
+
+  /** List deploy keys */
+  get("/:owner/:repository/settings/deploykey")(ownerOnly { repository =>
+    html.deploykey(repository, getDeployKeys(repository.owner, repository.name))
+  })
+
+  /** Register a deploy key */
+  post("/:owner/:repository/settings/deploykey", deployKeyForm)(ownerOnly { (form, repository) =>
+    addDeployKey(repository.owner, repository.name, form.title, form.publicKey, form.allowWrite)
+    redirect(s"/${repository.owner}/${repository.name}/settings/deploykey")
+  })
+
+  /** Delete a deploy key */
+  get("/:owner/:repository/settings/deploykey/delete/:id")(ownerOnly { repository =>
+    val deployKeyId = params("id").toInt
+    deleteDeployKey(repository.owner, repository.name, deployKeyId)
+    redirect(s"/${repository.owner}/${repository.name}/settings/deploykey")
+  })
+
   /**
    * Provides duplication check for web hook url.
    */
@@ -371,20 +456,20 @@ trait RepositorySettingsControllerBase extends ControllerBase {
     }
   }
 
-  /**
-   * Provides Constraint to validate the collaborator name.
-   */
-  private def collaborator: Constraint = new Constraint(){
-    override def validate(name: String, value: String, messages: Messages): Option[String] =
-      getAccountByUserName(value) match {
-        case None => Some("User does not exist.")
-        case Some(x) if(x.isGroupAccount)
-                  => Some("User does not exist.")
-        case Some(x) if(x.userName == params("owner") || getCollaborators(params("owner"), params("repository")).contains(x.userName))
-                  => Some("User can access this repository already.")
-        case _    => None
-      }
-  }
+//  /**
+//   * Provides Constraint to validate the collaborator name.
+//   */
+//  private def collaborator: Constraint = new Constraint(){
+//    override def validate(name: String, value: String, messages: Messages): Option[String] =
+//      getAccountByUserName(value) match {
+//        case None => Some("User does not exist.")
+////        case Some(x) if(x.isGroupAccount)
+////                  => Some("User does not exist.")
+//        case Some(x) if(x.userName == params("owner") || getCollaborators(params("owner"), params("repository")).contains(x.userName))
+//                  => Some(value + " is repository owner.") // TODO also group members?
+//        case _    => None
+//      }
+//  }
 
   /**
    * Duplicate check for the rename repository name.
@@ -398,6 +483,15 @@ trait RepositorySettingsControllerBase extends ControllerBase {
       }
   }
 
+  /**
+   *
+   */
+  private def featureOption: Constraint = new Constraint(){
+    override def validate(name: String, value: String, params: Map[String, String], messages: Messages): Option[String] =
+      if(Seq("DISABLE", "PRIVATE", "PUBLIC", "ALL").contains(value)) None else Some("Option is invalid.")
+  }
+
+
   /**
    * Provides Constraint to validate the repository transfer user.
    */

src/main/scala/gitbucket/core/controller/RepositoryViewerController.scala

@@ -1,8 +1,8 @@
 package gitbucket.core.controller
 
-import javax.servlet.http.{HttpServletResponse, HttpServletRequest}
+import java.io.FileInputStream
+import javax.servlet.http.{HttpServletRequest, HttpServletResponse}
 
-import gitbucket.core.api._
 import gitbucket.core.plugin.PluginRegistry
 import gitbucket.core.repo.html
 import gitbucket.core.helper
@@ -10,16 +10,15 @@ import gitbucket.core.service._
 import gitbucket.core.util._
 import gitbucket.core.util.JGitUtil._
 import gitbucket.core.util.StringUtil._
-import gitbucket.core.util.ControlUtil._
+import gitbucket.core.util.SyntaxSugars._
 import gitbucket.core.util.Implicits._
 import gitbucket.core.util.Directory._
-import gitbucket.core.model.{Account, CommitState, WebHook}
+import gitbucket.core.model.{Account, WebHook}
 import gitbucket.core.service.WebHookService._
 import gitbucket.core.view
 import gitbucket.core.view.helpers
-
 import io.github.gitbucket.scalatra.forms._
-import org.apache.commons.io.FileUtils
+import org.apache.commons.io.IOUtils
 import org.eclipse.jgit.api.{ArchiveCommand, Git}
 import org.eclipse.jgit.archive.{TgzFormat, ZipFormat}
 import org.eclipse.jgit.dircache.DirCache
@@ -32,7 +31,7 @@ import org.scalatra._
 
 class RepositoryViewerController extends RepositoryViewerControllerBase
   with RepositoryService with AccountService with ActivityService with IssuesService with WebHookService with CommitsService
-  with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with CommitStatusService
+  with ReadableUsersAuthenticator with ReferrerAuthenticator with WritableUsersAuthenticator with PullRequestService with CommitStatusService
   with WebHookPullRequestService with WebHookPullRequestReviewCommentService with ProtectedBranchService
 
 /**
@@ -40,7 +39,7 @@ class RepositoryViewerController extends RepositoryViewerControllerBase
  */
 trait RepositoryViewerControllerBase extends ControllerBase {
   self: RepositoryService with AccountService with ActivityService with IssuesService with WebHookService with CommitsService
-    with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with CommitStatusService
+    with ReadableUsersAuthenticator with ReferrerAuthenticator with WritableUsersAuthenticator with PullRequestService with CommitStatusService
     with WebHookPullRequestService with WebHookPullRequestReviewCommentService with ProtectedBranchService =>
 
   ArchiveCommand.registerFormat("zip", new ZipFormat)
@@ -103,37 +102,47 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    */
   post("/:owner/:repository/_preview")(referrersOnly { repository =>
     contentType = "text/html"
-    helpers.markdown(
-      markdown = params("content"),
-      repository = repository,
-      enableWikiLink = params("enableWikiLink").toBoolean,
-      enableRefsLink = params("enableRefsLink").toBoolean,
-      enableLineBreaks = params("enableLineBreaks").toBoolean,
-      enableTaskList = params("enableTaskList").toBoolean,
-      enableAnchor = false,
-      hasWritePermission = hasWritePermission(repository.owner, repository.name, context.loginAccount)
-    )
+    val filename = params.get("filename")
+    filename match {
+      case Some(f) => helpers.renderMarkup(
+          filePath = List(f),
+          fileContent = params("content"),
+          branch = "master",
+          repository = repository,
+          enableWikiLink = params("enableWikiLink").toBoolean,
+          enableRefsLink = params("enableRefsLink").toBoolean,
+          enableAnchor = false
+        )
+      case None => helpers.markdown(
+          markdown = params("content"),
+          repository = repository,
+          enableWikiLink = params("enableWikiLink").toBoolean,
+          enableRefsLink = params("enableRefsLink").toBoolean,
+          enableLineBreaks = params("enableLineBreaks").toBoolean,
+          enableTaskList = params("enableTaskList").toBoolean,
+          enableAnchor = false,
+          hasWritePermission = hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
+        )
+    }
   })
 
   /**
    * Displays the file list of the repository root and the default branch.
    */
-  get("/:owner/:repository")(referrersOnly {
-    fileList(_)
-  })
-
-  /**
-   * https://developer.github.com/v3/repos/#get
-   */
-  get("/api/v3/repos/:owner/:repository")(referrersOnly { repository =>
-    JsonFormat(ApiRepository(repository, ApiUser(getAccountByUserName(repository.owner).get)))
-  })
+  get("/:owner/:repository") {
+    params.get("go-get") match {
+      case Some("1") => defining(request.paths){ paths =>
+        getRepository(paths(0), paths(1)).map(gitbucket.core.html.goget(_))getOrElse NotFound()
+      }
+      case _ => referrersOnly(fileList(_))
+    }
+  }
 
   /**
    * Displays the file list of the specified path and branch.
    */
   get("/:owner/:repository/tree/*")(referrersOnly { repository =>
-    val (id, path) = splitPath(repository, multiParams("splat").head)
+    val (id, path) = repository.splitPath(multiParams("splat").head)
     if(path.isEmpty){
       fileList(repository, id)
     } else {
@@ -145,7 +154,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    * Displays the commit list of the specified resource.
    */
   get("/:owner/:repository/commits/*")(referrersOnly { repository =>
-    val (branchName, path) = splitPath(repository, multiParams("splat").head)
+    val (branchName, path) = repository.splitPath(multiParams("splat").head)
     val page = params.get("page").flatMap(_.toIntOpt).getOrElse(1)
 
     using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
@@ -154,81 +163,22 @@ trait RepositoryViewerControllerBase extends ControllerBase {
           html.commits(if(path.isEmpty) Nil else path.split("/").toList, branchName, repository,
             logs.splitWith{ (commit1, commit2) =>
               view.helpers.date(commit1.commitTime) == view.helpers.date(commit2.commitTime)
-            }, page, hasNext, hasWritePermission(repository.owner, repository.name, context.loginAccount))
-        case Left(_) => NotFound
+            }, page, hasNext, hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
+        case Left(_) => NotFound()
       }
     }
   })
 
-  /**
-   * https://developer.github.com/v3/repos/statuses/#create-a-status
-   */
-  post("/api/v3/repos/:owner/:repo/statuses/:sha")(collaboratorsOnly { repository =>
-    (for{
-      ref <- params.get("sha")
-      sha <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
-      data <- extractFromJsonBody[CreateAStatus] if data.isValid
-      creator <- context.loginAccount
-      state <- CommitState.valueOf(data.state)
-      statusId = createCommitStatus(repository.owner, repository.name, sha, data.context.getOrElse("default"),
-                                    state, data.target_url, data.description, new java.util.Date(), creator)
-      status <- getCommitStatus(repository.owner, repository.name, statusId)
-    } yield {
-      JsonFormat(ApiCommitStatus(status, ApiUser(creator)))
-    }) getOrElse NotFound
-  })
-
-  /**
-   * https://developer.github.com/v3/repos/statuses/#list-statuses-for-a-specific-ref
-   *
-   * ref is Ref to list the statuses from. It can be a SHA, a branch name, or a tag name.
-   */
-  val listStatusesRoute = get("/api/v3/repos/:owner/:repo/commits/:ref/statuses")(referrersOnly { repository =>
-    (for{
-      ref <- params.get("ref")
-      sha <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
-    } yield {
-      JsonFormat(getCommitStatuesWithCreator(repository.owner, repository.name, sha).map{ case(status, creator) =>
-        ApiCommitStatus(status, ApiUser(creator))
-      })
-    }) getOrElse NotFound
-  })
-
-  /**
-   * https://developer.github.com/v3/repos/statuses/#list-statuses-for-a-specific-ref
-   *
-   * legacy route
-   */
-  get("/api/v3/repos/:owner/:repo/statuses/:ref"){
-    listStatusesRoute.action()
-  }
-
-  /**
-   * https://developer.github.com/v3/repos/statuses/#get-the-combined-status-for-a-specific-ref
-   *
-   * ref is Ref to list the statuses from. It can be a SHA, a branch name, or a tag name.
-   */
-  get("/api/v3/repos/:owner/:repo/commits/:ref/status")(referrersOnly { repository =>
-    (for{
-      ref <- params.get("ref")
-      owner <- getAccountByUserName(repository.owner)
-      sha <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
-    } yield {
-      val statuses = getCommitStatuesWithCreator(repository.owner, repository.name, sha)
-      JsonFormat(ApiCombinedCommitStatus(sha, statuses, ApiRepository(repository, owner)))
-    }) getOrElse NotFound
-  })
-
-  get("/:owner/:repository/new/*")(collaboratorsOnly { repository =>
-    val (branch, path) = splitPath(repository, multiParams("splat").head)
+  get("/:owner/:repository/new/*")(writableUsersOnly { repository =>
+    val (branch, path) = repository.splitPath(multiParams("splat").head)
     val protectedBranch = getProtectedBranchInfo(repository.owner, repository.name, branch).needStatusCheck(context.loginAccount.get.userName)
     html.editor(branch, repository, if(path.length == 0) Nil else path.split("/").toList,
-      None, JGitUtil.ContentInfo("text", None, Some("UTF-8")),
+      None, JGitUtil.ContentInfo("text", None, None, Some("UTF-8")),
       protectedBranch)
   })
 
-  get("/:owner/:repository/edit/*")(collaboratorsOnly { repository =>
-    val (branch, path) = splitPath(repository, multiParams("splat").head)
+  get("/:owner/:repository/edit/*")(writableUsersOnly { repository =>
+    val (branch, path) = repository.splitPath(multiParams("splat").head)
     val protectedBranch = getProtectedBranchInfo(repository.owner, repository.name, branch).needStatusCheck(context.loginAccount.get.userName)
 
     using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
@@ -239,12 +189,12 @@ trait RepositoryViewerControllerBase extends ControllerBase {
         html.editor(branch, repository, paths.take(paths.size - 1).toList, Some(paths.last),
           JGitUtil.getContentInfo(git, path, objectId),
           protectedBranch)
-      } getOrElse NotFound
+      } getOrElse NotFound()
     }
   })
 
-  get("/:owner/:repository/remove/*")(collaboratorsOnly { repository =>
-    val (branch, path) = splitPath(repository, multiParams("splat").head)
+  get("/:owner/:repository/remove/*")(writableUsersOnly { repository =>
+    val (branch, path) = repository.splitPath(multiParams("splat").head)
     using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
       val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(branch))
 
@@ -252,11 +202,11 @@ trait RepositoryViewerControllerBase extends ControllerBase {
         val paths = path.split("/")
         html.delete(branch, repository, paths.take(paths.size - 1).toList, paths.last,
           JGitUtil.getContentInfo(git, path, objectId))
-      } getOrElse NotFound
+      } getOrElse NotFound()
     }
   })
 
-  post("/:owner/:repository/create", editorForm)(collaboratorsOnly { (form, repository) =>
+  post("/:owner/:repository/create", editorForm)(writableUsersOnly { (form, repository) =>
     commitFile(
       repository  = repository,
       branch      = form.branch,
@@ -273,7 +223,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
     }")
   })
 
-  post("/:owner/:repository/update", editorForm)(collaboratorsOnly { (form, repository) =>
+  post("/:owner/:repository/update", editorForm)(writableUsersOnly { (form, repository) =>
     commitFile(
       repository  = repository,
       branch      = form.branch,
@@ -282,7 +232,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
       oldFileName = form.oldFileName,
       content     = appendNewLine(convertLineSeparator(form.content, form.lineSeparator), form.lineSeparator),
       charset     = form.charset,
-      message     = if(form.oldFileName.exists(_ == form.newFileName)){
+      message     = if(form.oldFileName.contains(form.newFileName)){
         form.message.getOrElse(s"Update ${form.newFileName}")
       } else {
         form.message.getOrElse(s"Rename ${form.oldFileName.get} to ${form.newFileName}")
@@ -294,7 +244,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
     }")
   })
 
-  post("/:owner/:repository/remove", deleteForm)(collaboratorsOnly { (form, repository) =>
+  post("/:owner/:repository/remove", deleteForm)(writableUsersOnly { (form, repository) =>
     commitFile(repository, form.branch, form.path, None, Some(form.fileName), "", "",
       form.message.getOrElse(s"Delete ${form.fileName}"))
 
@@ -302,17 +252,13 @@ trait RepositoryViewerControllerBase extends ControllerBase {
   })
 
   get("/:owner/:repository/raw/*")(referrersOnly { repository =>
-    val (id, path) = splitPath(repository, multiParams("splat").head)
+    val (id, path) = repository.splitPath(multiParams("splat").head)
     using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
       val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(id))
-      getPathObjectId(git, path, revCommit).flatMap { objectId =>
-        JGitUtil.getObjectLoaderFromId(git, objectId){ loader =>
-          contentType = FileUtil.getMimeType(path)
-          response.setContentLength(loader.getSize.toInt)
-          loader.copyTo(response.outputStream)
-          ()
-        }
-      } getOrElse NotFound
+
+      getPathObjectId(git, path, revCommit).map { objectId =>
+        responseRawFile(git, objectId, path, repository)
+      } getOrElse NotFound()
     }
   })
 
@@ -320,30 +266,36 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    * Displays the file content of the specified branch or commit.
    */
   val blobRoute = get("/:owner/:repository/blob/*")(referrersOnly { repository =>
-    val (id, path) = splitPath(repository, multiParams("splat").head)
+    val (id, path) = repository.splitPath(multiParams("splat").head)
     val raw = params.get("raw").getOrElse("false").toBoolean
     using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
       val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(id))
       getPathObjectId(git, path, revCommit).map { objectId =>
         if(raw){
           // Download (This route is left for backword compatibility)
-          JGitUtil.getObjectLoaderFromId(git, objectId){ loader =>
-            contentType = FileUtil.getMimeType(path)
-            response.setContentLength(loader.getSize.toInt)
-            loader.copyTo(response.outputStream)
-            ()
-          } getOrElse NotFound
+          responseRawFile(git, objectId, path, repository)
         } else {
           html.blob(id, repository, path.split("/").toList,
             JGitUtil.getContentInfo(git, path, objectId),
             new JGitUtil.CommitInfo(JGitUtil.getLastModifiedCommit(git, revCommit, path)),
-            hasWritePermission(repository.owner, repository.name, context.loginAccount),
-            request.paths(2) == "blame")
+            hasDeveloperRole(repository.owner, repository.name, context.loginAccount),
+            request.paths(2) == "blame",
+            isLfsFile(git, objectId))
         }
-      } getOrElse NotFound
+      } getOrElse NotFound()
     }
   })
 
+  private def isLfsFile(git: Git, objectId: ObjectId): Boolean = {
+    JGitUtil.getObjectLoaderFromId(git, objectId){ loader =>
+      if(loader.isLarge){
+        false
+      } else {
+        new String(loader.getCachedBytes, "UTF-8").startsWith("version https://git-lfs.github.com/spec/v1")
+      }
+    }.getOrElse(false)
+  }
+
   get("/:owner/:repository/blame/*"){
     blobRoute.action()
   }
@@ -352,7 +304,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    * Blame data.
    */
   ajaxGet("/:owner/:repository/get-blame/*")(referrersOnly { repository =>
-    val (id, path) = splitPath(repository, multiParams("splat").head)
+    val (id, path) = repository.splitPath(multiParams("splat").head)
     contentType = formats("json")
     using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
       val last = git.log.add(git.getRepository.resolve(id)).addPath(path).setMaxCount(1).call.iterator.next.name
@@ -390,13 +342,13 @@ trait RepositoryViewerControllerBase extends ControllerBase {
               html.commit(id, new JGitUtil.CommitInfo(revCommit),
                 JGitUtil.getBranchesOfCommit(git, revCommit.getName),
                 JGitUtil.getTagsOfCommit(git, revCommit.getName),
-                getCommitComments(repository.owner, repository.name, id, false),
-                repository, diffs, oldCommitId, hasWritePermission(repository.owner, repository.name, context.loginAccount))
+                getCommitComments(repository.owner, repository.name, id, true),
+                repository, diffs, oldCommitId, hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
           }
         }
       }
     } catch {
-      case e:MissingObjectException => NotFound
+      case e:MissingObjectException => NotFound()
     }
   })
 
@@ -420,7 +372,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
     html.commentform(
       commitId = id,
       fileName, oldLineNumber, newLineNumber, issueId,
-      hasWritePermission = hasWritePermission(repository.owner, repository.name, context.loginAccount),
+      hasWritePermission = hasDeveloperRole(repository.owner, repository.name, context.loginAccount),
       repository = repository
     )
   })
@@ -436,15 +388,14 @@ trait RepositoryViewerControllerBase extends ControllerBase {
         callPullRequestReviewCommentWebHook("create", comment, repository, issueId, context.baseUrl, context.loginAccount.get)
       case None => recordCommentCommitActivity(repository.owner, repository.name, context.loginAccount.get.userName, id, form.content)
     }
-    helper.html.commitcomment(comment, hasWritePermission(repository.owner, repository.name, context.loginAccount), repository)
+    helper.html.commitcomment(comment, hasDeveloperRole(repository.owner, repository.name, context.loginAccount), repository)
   })
 
   ajaxGet("/:owner/:repository/commit_comments/_data/:id")(readableUsersOnly { repository =>
     getCommitComment(repository.owner, repository.name, params("id")) map { x =>
       if(isEditable(x.userName, x.repositoryName, x.commentedUserName)){
         params.get("dataType") collect {
-          case t if t == "html" => html.editcomment(
-            x.content, x.commentId, x.userName, x.repositoryName)
+          case t if t == "html" => html.editcomment(x.content, x.commentId, repository)
         } getOrElse {
           contentType = formats("json")
           org.json4s.jackson.Serialization.write(
@@ -456,12 +407,12 @@ trait RepositoryViewerControllerBase extends ControllerBase {
                 enableRefsLink = true,
                 enableAnchor = true,
                 enableLineBreaks = true,
-                hasWritePermission = isEditable(x.userName, x.repositoryName, x.commentedUserName)
+                hasWritePermission = true
               )
             ))
         }
-      } else Unauthorized
-    } getOrElse NotFound
+      } else Unauthorized()
+    } getOrElse NotFound()
   })
 
   ajaxPost("/:owner/:repository/commit_comments/edit/:id", commentForm)(readableUsersOnly { (form, repository) =>
@@ -470,8 +421,8 @@ trait RepositoryViewerControllerBase extends ControllerBase {
         if(isEditable(owner, name, comment.commentedUserName)){
           updateCommitComment(comment.commentId, form.content)
           redirect(s"/${owner}/${name}/commit_comments/_data/${comment.commentId}")
-        } else Unauthorized
-      } getOrElse NotFound
+        } else Unauthorized()
+      } getOrElse NotFound()
     }
   })
 
@@ -480,8 +431,8 @@ trait RepositoryViewerControllerBase extends ControllerBase {
       getCommitComment(owner, name, params("id")).map { comment =>
         if(isEditable(owner, name, comment.commentedUserName)){
           Ok(deleteCommitComment(comment.commentId))
-        } else Unauthorized
-      } getOrElse NotFound
+        } else Unauthorized()
+      } getOrElse NotFound()
     }
   })
 
@@ -500,13 +451,13 @@ trait RepositoryViewerControllerBase extends ControllerBase {
     .map(br => (br, getPullRequestByRequestCommit(repository.owner, repository.name, repository.repository.defaultBranch, br.name, br.commitId), protectedBranches.contains(br.name)))
     .reverse
 
-    html.branches(branches, hasWritePermission(repository.owner, repository.name, context.loginAccount), repository)
+    html.branches(branches, hasDeveloperRole(repository.owner, repository.name, context.loginAccount), repository)
   })
 
   /**
    * Creates a branch.
    */
-  post("/:owner/:repository/branches")(collaboratorsOnly { repository =>
+  post("/:owner/:repository/branches")(writableUsersOnly { repository =>
     val newBranchName = params.getOrElse("new", halt(400))
     val fromBranchName = params.getOrElse("from", halt(400))
     using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
@@ -524,7 +475,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
   /**
    * Deletes branch.
    */
-  get("/:owner/:repository/delete/*")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/delete/*")(writableUsersOnly { repository =>
     val branchName = multiParams("splat").head
     val userName   = context.loginAccount.get.userName
     if(repository.repository.defaultBranch != branchName){
@@ -552,19 +503,25 @@ trait RepositoryViewerControllerBase extends ControllerBase {
         archiveRepository(name, ".zip", repository)
       case name if name.endsWith(".tar.gz") =>
         archiveRepository(name, ".tar.gz", repository)
-      case _ => BadRequest
+      case _ => BadRequest()
     }
   })
 
   get("/:owner/:repository/network/members")(referrersOnly { repository =>
-    html.forked(
-      getRepository(
-        repository.repository.originUserName.getOrElse(repository.owner),
-        repository.repository.originRepositoryName.getOrElse(repository.name)),
-      getForkedRepositories(
-        repository.repository.originUserName.getOrElse(repository.owner),
-        repository.repository.originRepositoryName.getOrElse(repository.name)),
-      repository)
+    if(repository.repository.options.allowFork) {
+      html.forked(
+        getRepository(
+          repository.repository.originUserName.getOrElse(repository.owner),
+          repository.repository.originRepositoryName.getOrElse(repository.name)),
+        getForkedRepositories(
+          repository.repository.originUserName.getOrElse(repository.owner),
+          repository.repository.originRepositoryName.getOrElse(repository.name)),
+        context.loginAccount match {
+          case None => List()
+          case account: Option[Account] => getGroupsByUserName(account.get.userName)
+        }, // groups of current user
+        repository)
+    } else BadRequest()
   })
 
   /**
@@ -574,14 +531,8 @@ trait RepositoryViewerControllerBase extends ControllerBase {
     using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
       val ref = multiParams("splat").head
       JGitUtil.getTreeId(git, ref).map{ treeId =>
-        html.find(ref,
-                  treeId,
-                  repository,
-                  context.loginAccount match {
-                    case None => List()
-                    case account: Option[Account] => getGroupsByUserName(account.get.userName)
-                  })
-      } getOrElse NotFound
+        html.find(ref, treeId, repository)
+      } getOrElse NotFound()
     }
   })
 
@@ -596,17 +547,6 @@ trait RepositoryViewerControllerBase extends ControllerBase {
     }
   })
 
-  private def splitPath(repository: RepositoryService.RepositoryInfo, path: String): (String, String) = {
-    val id = repository.branchList.collectFirst {
-      case branch if(path == branch || path.startsWith(branch + "/")) => branch
-    } orElse repository.tags.collectFirst {
-      case tag if(path == tag.name || path.startsWith(tag.name + "/")) => tag.name
-    } getOrElse path.split("/")(0)
-
-    (id, path.substring(id.length).stripPrefix("/"))
-  }
-
-
   private val readmeFiles = PluginRegistry().renderableExtensions.map { extension =>
     s"readme.${extension}"
   } ++ Seq("readme.txt", "readme")
@@ -620,10 +560,10 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    * @return HTML of the file list
    */
   private def fileList(repository: RepositoryService.RepositoryInfo, revstr: String = "", path: String = ".") = {
-    if(repository.commitCount == 0){
-      html.guide(repository, hasWritePermission(repository.owner, repository.name, context.loginAccount))
-    } else {
-      using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
+    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
+      if(JGitUtil.isEmpty(git)){
+        html.guide(repository, hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
+      } else {
         // get specified commit
         JGitUtil.getDefaultBranch(git, repository, revstr).map { case (objectId, revision) =>
           defining(JGitUtil.getRevCommitFromId(git, objectId)) { revCommit =>
@@ -642,16 +582,17 @@ trait RepositoryViewerControllerBase extends ControllerBase {
 
             html.files(revision, repository,
               if(path == ".") Nil else path.split("/").toList, // current path
-              context.loginAccount match {
-                case None => List()
-                case account: Option[Account] => getGroupsByUserName(account.get.userName)
-              }, // groups of current user
               new JGitUtil.CommitInfo(lastModifiedCommit), // last modified commit
-              files, readme, hasWritePermission(repository.owner, repository.name, context.loginAccount),
+              JGitUtil.getCommitCount(repository.owner, repository.name, lastModifiedCommit.getName),
+              files,
+              readme,
+              hasDeveloperRole(repository.owner, repository.name, context.loginAccount),
               getPullRequestFromBranch(repository.owner, repository.name, revstr, repository.repository.defaultBranch),
-              flash.get("info"), flash.get("error"))
+              flash.get("info"),
+              flash.get("error")
+            )
           }
-        } getOrElse NotFound
+        } getOrElse NotFound()
       }
     }
   }
@@ -671,14 +612,18 @@ trait RepositoryViewerControllerBase extends ControllerBase {
         val headName = s"refs/heads/${branch}"
         val headTip  = git.getRepository.resolve(headName)
 
-        JGitUtil.processTree(git, headTip){ (path, tree) =>
-          if(!newPath.exists(_ == path) && !oldPath.exists(_ == path)){
+        val permission = JGitUtil.processTree(git, headTip){ (path, tree) =>
+          // Add all entries except the editing file
+          if(!newPath.contains(path) && !oldPath.contains(path)){
             builder.add(JGitUtil.createDirCacheEntry(path, tree.getEntryFileMode, tree.getEntryObjectId))
           }
-        }
+          // Retrieve permission if file exists to keep it
+          oldPath.collect { case x if x == path => tree.getEntryFileMode.getBits }
+        }.flatten.headOption
 
         newPath.foreach { newPath =>
-          builder.add(JGitUtil.createDirCacheEntry(newPath, FileMode.REGULAR_FILE,
+          builder.add(JGitUtil.createDirCacheEntry(newPath,
+            permission.map { bits => FileMode.fromBits(bits) } getOrElse FileMode.REGULAR_FILE,
             inserter.insert(Constants.OBJ_BLOB, content.getBytes(charset))))
         }
         builder.finish()
@@ -701,8 +646,11 @@ trait RepositoryViewerControllerBase extends ControllerBase {
         updatePullRequests(repository.owner, repository.name, branch)
 
         // record activity
-        recordPushActivity(repository.owner, repository.name, loginAccount.userName, branch,
-          List(new CommitInfo(JGitUtil.getRevCommitFromId(git, commitId))))
+        val commitInfo = new CommitInfo(JGitUtil.getRevCommitFromId(git, commitId))
+        recordPushActivity(repository.owner, repository.name, loginAccount.userName, branch, List(commitInfo))
+
+        // create issue comment by commit message
+        createIssueComment(repository.owner, repository.name, commitInfo)
 
         // close issue by commit message
         closeIssuesFromMessage(message, loginAccount.userName, repository.owner, repository.name)
@@ -720,34 +668,15 @@ trait RepositoryViewerControllerBase extends ControllerBase {
     }
   }
 
-  private def getPathObjectId(git: Git, path: String, revCommit: RevCommit): Option[ObjectId] = {
-    @scala.annotation.tailrec
-    def _getPathObjectId(path: String, walk: TreeWalk): Option[ObjectId] = walk.next match {
-      case true if(walk.getPathString == path) => Some(walk.getObjectId(0))
-      case true  => _getPathObjectId(path, walk)
-      case false => None
-    }
-
-    using(new TreeWalk(git.getRepository)){ treeWalk =>
-      treeWalk.addTree(revCommit.getTree)
-      treeWalk.setRecursive(true)
-      _getPathObjectId(path, treeWalk)
-    }
-  }
-
   private def archiveRepository(name: String, suffix: String, repository: RepositoryService.RepositoryInfo): Unit = {
     val revision = name.stripSuffix(suffix)
-    val workDir = getDownloadWorkDir(repository.owner, repository.name, session.getId)
-    if(workDir.exists) {
-      FileUtils.deleteDirectory(workDir)
-    }
-    workDir.mkdirs
-
-    val filename = repository.name + "-" +
-      (if(revision.length == 40) revision.substring(0, 10) else revision).replace('/', '_') + suffix
-
+    
     using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
-      val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(revision))
+      val oid = git.getRepository.resolve(revision)
+      val revCommit = JGitUtil.getRevCommitFromId(git, oid)
+      val sha1 = oid.getName()     
+      val repositorySuffix = (if(sha1.startsWith(revision)) sha1 else revision).replace('/','-')
+      val filename = repository.name + "-" + repositorySuffix + suffix
 
       contentType = "application/octet-stream"
       response.setHeader("Content-Disposition", s"attachment; filename=${filename}")
@@ -755,16 +684,15 @@ trait RepositoryViewerControllerBase extends ControllerBase {
 
       git.archive
          .setFormat(suffix.tail)
-         .setTree(revCommit.getTree)
+         .setPrefix(repository.name + "-" + repositorySuffix + "/")
+         .setTree(revCommit)
          .setOutputStream(response.getOutputStream)
          .call()
     }
   }
 
   private def isEditable(owner: String, repository: String, author: String)(implicit context: Context): Boolean =
-    hasWritePermission(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
-
-
+    hasDeveloperRole(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
 
   override protected def renderUncaughtException(e: Throwable)(implicit request: HttpServletRequest, response: HttpServletResponse): Unit = {
     e.printStackTrace()

src/main/scala/gitbucket/core/controller/SystemSettingsController.scala

@@ -1,18 +1,26 @@
 package gitbucket.core.controller
 
+import java.io.FileInputStream
+
 import gitbucket.core.admin.html
-import gitbucket.core.service.{AccountService, SystemSettingsService}
-import gitbucket.core.util.AdminAuthenticator
+import gitbucket.core.service.{AccountService, RepositoryService, SystemSettingsService}
+import gitbucket.core.util.{AdminAuthenticator, Mailer}
 import gitbucket.core.ssh.SshServer
 import gitbucket.core.plugin.PluginRegistry
 import SystemSettingsService._
+import gitbucket.core.util.Implicits._
+import gitbucket.core.util.SyntaxSugars._
+import gitbucket.core.util.Directory._
+import gitbucket.core.util.StringUtil._
 import io.github.gitbucket.scalatra.forms._
+import org.apache.commons.io.{FileUtils, IOUtils}
+import org.scalatra.i18n.Messages
 
 class SystemSettingsController extends SystemSettingsControllerBase
-  with AccountService with AdminAuthenticator
+  with AccountService with RepositoryService with AdminAuthenticator
 
-trait SystemSettingsControllerBase extends ControllerBase {
-  self: AccountService with AdminAuthenticator =>
+trait SystemSettingsControllerBase extends AccountManagementControllerBase {
+  self: AccountService with RepositoryService with AdminAuthenticator =>
 
   private val form = mapping(
     "baseUrl"                  -> trim(label("Base URL", optional(text()))),
@@ -33,6 +41,7 @@ trait SystemSettingsControllerBase extends ControllerBase {
         "user"                     -> trim(label("SMTP User", optional(text()))),
         "password"                 -> trim(label("SMTP Password", optional(text()))),
         "ssl"                      -> trim(label("Enable SSL", optional(boolean()))),
+        "starttls"                 -> trim(label("Enable STARTTLS", optional(boolean()))),
         "fromAddress"              -> trim(label("FROM Address", optional(text()))),
         "fromName"                 -> trim(label("FROM Name", optional(text())))
     )(Smtp.apply)),
@@ -62,11 +71,81 @@ trait SystemSettingsControllerBase extends ControllerBase {
     ).flatten
   }
 
-  private val pluginForm = mapping(
-    "pluginId" -> list(trim(label("", text())))
-  )(PluginForm.apply)
+  private val sendMailForm = mapping(
+    "smtp"        -> mapping(
+      "host"        -> trim(label("SMTP Host", text(required))),
+      "port"        -> trim(label("SMTP Port", optional(number()))),
+      "user"        -> trim(label("SMTP User", optional(text()))),
+      "password"    -> trim(label("SMTP Password", optional(text()))),
+      "ssl"         -> trim(label("Enable SSL", optional(boolean()))),
+      "starttls"    -> trim(label("Enable STARTTLS", optional(boolean()))),
+      "fromAddress" -> trim(label("FROM Address", optional(text()))),
+      "fromName"    -> trim(label("FROM Name", optional(text())))
+    )(Smtp.apply),
+    "testAddress" -> trim(label("", text(required)))
+  )(SendMailForm.apply)
+
+  case class SendMailForm(smtp: Smtp, testAddress: String)
+
+  case class DataExportForm(tableNames: List[String])
+
+  case class NewUserForm(userName: String, password: String, fullName: String,
+                         mailAddress: String, isAdmin: Boolean,
+                         description: Option[String], url: Option[String], fileId: Option[String])
+
+  case class EditUserForm(userName: String, password: Option[String], fullName: String,
+                          mailAddress: String, isAdmin: Boolean, description: Option[String], url: Option[String],
+                          fileId: Option[String], clearImage: Boolean, isRemoved: Boolean)
+
+  case class NewGroupForm(groupName: String, description: Option[String], url: Option[String], fileId: Option[String],
+                          members: String)
+
+  case class EditGroupForm(groupName: String, description: Option[String], url: Option[String], fileId: Option[String],
+                           members: String, clearImage: Boolean, isRemoved: Boolean)
+
+
+  val newUserForm = mapping(
+    "userName"    -> trim(label("Username"     ,text(required, maxlength(100), identifier, uniqueUserName, reservedNames))),
+    "password"    -> trim(label("Password"     ,text(required, maxlength(20)))),
+    "fullName"    -> trim(label("Full Name"    ,text(required, maxlength(100)))),
+    "mailAddress" -> trim(label("Mail Address" ,text(required, maxlength(100), uniqueMailAddress()))),
+    "isAdmin"     -> trim(label("User Type"    ,boolean())),
+    "description" -> trim(label("bio"          ,optional(text()))),
+    "url"         -> trim(label("URL"          ,optional(text(maxlength(200))))),
+    "fileId"      -> trim(label("File ID"      ,optional(text())))
+  )(NewUserForm.apply)
+
+  val editUserForm = mapping(
+    "userName"    -> trim(label("Username"     ,text(required, maxlength(100), identifier))),
+    "password"    -> trim(label("Password"     ,optional(text(maxlength(20))))),
+    "fullName"    -> trim(label("Full Name"    ,text(required, maxlength(100)))),
+    "mailAddress" -> trim(label("Mail Address" ,text(required, maxlength(100), uniqueMailAddress("userName")))),
+    "isAdmin"     -> trim(label("User Type"    ,boolean())),
+    "description" -> trim(label("bio"          ,optional(text()))),
+    "url"         -> trim(label("URL"          ,optional(text(maxlength(200))))),
+    "fileId"      -> trim(label("File ID"      ,optional(text()))),
+    "clearImage"  -> trim(label("Clear image"  ,boolean())),
+    "removed"     -> trim(label("Disable"      ,boolean(disableByNotYourself("userName"))))
+  )(EditUserForm.apply)
+
+  val newGroupForm = mapping(
+    "groupName" -> trim(label("Group name" ,text(required, maxlength(100), identifier, uniqueUserName, reservedNames))),
+    "description" -> trim(label("Group description", optional(text()))),
+    "url"       -> trim(label("URL"        ,optional(text(maxlength(200))))),
+    "fileId"    -> trim(label("File ID"    ,optional(text()))),
+    "members"   -> trim(label("Members"    ,text(required, members)))
+  )(NewGroupForm.apply)
+
+  val editGroupForm = mapping(
+    "groupName"  -> trim(label("Group name"  ,text(required, maxlength(100), identifier))),
+    "description" -> trim(label("Group description", optional(text()))),
+    "url"        -> trim(label("URL"         ,optional(text(maxlength(200))))),
+    "fileId"     -> trim(label("File ID"     ,optional(text()))),
+    "members"    -> trim(label("Members"     ,text(required, members))),
+    "clearImage" -> trim(label("Clear image" ,boolean())),
+    "removed"    -> trim(label("Disable"     ,boolean()))
+  )(EditGroupForm.apply)
 
-  case class PluginForm(pluginIds: List[String])
 
   get("/admin/system")(adminOnly {
     html.system(flash.get("info"))
@@ -88,8 +167,180 @@ trait SystemSettingsControllerBase extends ControllerBase {
     redirect("/admin/system")
   })
 
+  post("/admin/system/sendmail", sendMailForm)(adminOnly { form =>
+    try {
+      new Mailer(form.smtp).send(form.testAddress,
+        "Test message from GitBucket", "This is a test message from GitBucket.",
+        context.loginAccount.get)
+
+      "Test mail has been sent to: " + form.testAddress
+
+    } catch {
+      case e: Exception => "[Error] " + e.toString
+    }
+  })
+
   get("/admin/plugins")(adminOnly {
     html.plugins(PluginRegistry().getPlugins())
   })
 
+
+  get("/admin/users")(adminOnly {
+    val includeRemoved = params.get("includeRemoved").map(_.toBoolean).getOrElse(false)
+    val users          = getAllUsers(includeRemoved)
+    val members        = users.collect { case account if(account.isGroupAccount) =>
+      account.userName -> getGroupMembers(account.userName).map(_.userName)
+    }.toMap
+
+    html.userlist(users, members, includeRemoved)
+  })
+
+  get("/admin/users/_newuser")(adminOnly {
+    html.user(None)
+  })
+
+  post("/admin/users/_newuser", newUserForm)(adminOnly { form =>
+    createAccount(form.userName, sha1(form.password), form.fullName, form.mailAddress, form.isAdmin, form.description, form.url)
+    updateImage(form.userName, form.fileId, false)
+    redirect("/admin/users")
+  })
+
+  get("/admin/users/:userName/_edituser")(adminOnly {
+    val userName = params("userName")
+    html.user(getAccountByUserName(userName, true), flash.get("error"))
+  })
+
+  post("/admin/users/:name/_edituser", editUserForm)(adminOnly { form =>
+    val userName = params("userName")
+    getAccountByUserName(userName, true).map { account =>
+      if(account.isAdmin && (form.isRemoved || !form.isAdmin) && isLastAdministrator(account)){
+        flash += "error" -> "Account can't be turned off because this is last one administrator."
+        redirect(s"/admin/users/${userName}/_edituser")
+      } else {
+        if(form.isRemoved){
+          // Remove repositories
+          //        getRepositoryNamesOfUser(userName).foreach { repositoryName =>
+          //          deleteRepository(userName, repositoryName)
+          //          FileUtils.deleteDirectory(getRepositoryDir(userName, repositoryName))
+          //          FileUtils.deleteDirectory(getWikiRepositoryDir(userName, repositoryName))
+          //          FileUtils.deleteDirectory(getTemporaryDir(userName, repositoryName))
+          //        }
+          // Remove from GROUP_MEMBER, COLLABORATOR and REPOSITORY
+          removeUserRelatedData(userName)
+        }
+
+        updateAccount(account.copy(
+          password     = form.password.map(sha1).getOrElse(account.password),
+          fullName     = form.fullName,
+          mailAddress  = form.mailAddress,
+          isAdmin      = form.isAdmin,
+          description  = form.description,
+          url          = form.url,
+          isRemoved    = form.isRemoved))
+
+        updateImage(userName, form.fileId, form.clearImage)
+        redirect("/admin/users")
+      }
+    } getOrElse NotFound()
+  })
+
+  get("/admin/users/_newgroup")(adminOnly {
+    html.usergroup(None, Nil)
+  })
+
+  post("/admin/users/_newgroup", newGroupForm)(adminOnly { form =>
+    createGroup(form.groupName, form.description, form.url)
+    updateGroupMembers(form.groupName, form.members.split(",").map {
+      _.split(":") match {
+        case Array(userName, isManager) => (userName, isManager.toBoolean)
+      }
+    }.toList)
+    updateImage(form.groupName, form.fileId, false)
+    redirect("/admin/users")
+  })
+
+  get("/admin/users/:groupName/_editgroup")(adminOnly {
+    defining(params("groupName")){ groupName =>
+      html.usergroup(getAccountByUserName(groupName, true), getGroupMembers(groupName))
+    }
+  })
+
+  post("/admin/users/:groupName/_editgroup", editGroupForm)(adminOnly { form =>
+    defining(params("groupName"), form.members.split(",").map {
+      _.split(":") match {
+        case Array(userName, isManager) => (userName, isManager.toBoolean)
+      }
+    }.toList){ case (groupName, members) =>
+      getAccountByUserName(groupName, true).map { account =>
+        updateGroup(groupName, form.description, form.url, form.isRemoved)
+
+        if(form.isRemoved){
+          // Remove from GROUP_MEMBER
+          updateGroupMembers(form.groupName, Nil)
+          // Remove repositories
+          getRepositoryNamesOfUser(form.groupName).foreach { repositoryName =>
+            deleteRepository(groupName, repositoryName)
+            FileUtils.deleteDirectory(getRepositoryDir(groupName, repositoryName))
+            FileUtils.deleteDirectory(getWikiRepositoryDir(groupName, repositoryName))
+            FileUtils.deleteDirectory(getTemporaryDir(groupName, repositoryName))
+          }
+        } else {
+          // Update GROUP_MEMBER
+          updateGroupMembers(form.groupName, members)
+//          // Update COLLABORATOR for group repositories
+//          getRepositoryNamesOfUser(form.groupName).foreach { repositoryName =>
+//            removeCollaborators(form.groupName, repositoryName)
+//            members.foreach { case (userName, isManager) =>
+//              addCollaborator(form.groupName, repositoryName, userName)
+//            }
+//          }
+        }
+
+        updateImage(form.groupName, form.fileId, form.clearImage)
+        redirect("/admin/users")
+
+      } getOrElse NotFound()
+    }
+  })
+
+  get("/admin/data")(adminOnly {
+    import gitbucket.core.util.JDBCUtil._
+    val session = request2Session(request)
+    html.data(session.conn.allTableNames())
+  })
+
+  post("/admin/export")(adminOnly {
+    import gitbucket.core.util.JDBCUtil._
+    val file = request2Session(request).conn.exportAsSQL(request.getParameterValues("tableNames").toSeq)
+
+    contentType = "application/octet-stream"
+    response.setHeader("Content-Disposition", "attachment; filename=" + file.getName)
+    response.setContentLength(file.length.toInt)
+
+    using(new FileInputStream(file)){ in =>
+      IOUtils.copy(in, response.outputStream)
+    }
+
+    ()
+  })
+
+  private def members: Constraint = new Constraint(){
+    override def validate(name: String, value: String, messages: Messages): Option[String] = {
+      if(value.split(",").exists {
+        _.split(":") match { case Array(userName, isManager) => isManager.toBoolean }
+      }) None else Some("Must select one manager at least.")
+    }
+  }
+
+  protected def disableByNotYourself(paramName: String): Constraint = new Constraint() {
+    override def validate(name: String, value: String, messages: Messages): Option[String] = {
+      params.get(paramName).flatMap { userName =>
+        if(userName == context.loginAccount.get.userName && params.get("removed") == Some("true"))
+          Some("You can't disable your account yourself")
+        else
+          None
+      }
+    }
+  }
+
 }

src/main/scala/gitbucket/core/controller/UserManagementController.scala

@@ -1,204 +0,0 @@
-package gitbucket.core.controller
-
-import gitbucket.core.service.{RepositoryService, AccountService}
-import gitbucket.core.admin.users.html
-import gitbucket.core.util._
-import gitbucket.core.util.ControlUtil._
-import gitbucket.core.util.StringUtil._
-import gitbucket.core.util.Implicits._
-import gitbucket.core.util.Directory._
-import io.github.gitbucket.scalatra.forms._
-import org.scalatra.i18n.Messages
-import org.apache.commons.io.FileUtils
-
-class UserManagementController extends UserManagementControllerBase
-  with AccountService with RepositoryService with AdminAuthenticator
-
-trait UserManagementControllerBase extends AccountManagementControllerBase {
-  self: AccountService with RepositoryService with AdminAuthenticator =>
-  
-  case class NewUserForm(userName: String, password: String, fullName: String,
-                         mailAddress: String, isAdmin: Boolean,
-                         url: Option[String], fileId: Option[String])
-
-  case class EditUserForm(userName: String, password: Option[String], fullName: String,
-                          mailAddress: String, isAdmin: Boolean, url: Option[String],
-                          fileId: Option[String], clearImage: Boolean, isRemoved: Boolean)
-
-  case class NewGroupForm(groupName: String, url: Option[String], fileId: Option[String],
-                          members: String)
-
-  case class EditGroupForm(groupName: String, url: Option[String], fileId: Option[String],
-                           members: String, clearImage: Boolean, isRemoved: Boolean)
-
-  val newUserForm = mapping(
-    "userName"    -> trim(label("Username"     ,text(required, maxlength(100), identifier, uniqueUserName))),
-    "password"    -> trim(label("Password"     ,text(required, maxlength(20)))),
-    "fullName"    -> trim(label("Full Name"    ,text(required, maxlength(100)))),
-    "mailAddress" -> trim(label("Mail Address" ,text(required, maxlength(100), uniqueMailAddress()))),
-    "isAdmin"     -> trim(label("User Type"    ,boolean())),
-    "url"         -> trim(label("URL"          ,optional(text(maxlength(200))))),
-    "fileId"      -> trim(label("File ID"      ,optional(text())))
-  )(NewUserForm.apply)
-
-  val editUserForm = mapping(
-    "userName"    -> trim(label("Username"     ,text(required, maxlength(100), identifier))),
-    "password"    -> trim(label("Password"     ,optional(text(maxlength(20))))),
-    "fullName"    -> trim(label("Full Name"    ,text(required, maxlength(100)))),
-    "mailAddress" -> trim(label("Mail Address" ,text(required, maxlength(100), uniqueMailAddress("userName")))),
-    "isAdmin"     -> trim(label("User Type"    ,boolean())),
-    "url"         -> trim(label("URL"          ,optional(text(maxlength(200))))),
-    "fileId"      -> trim(label("File ID"      ,optional(text()))),
-    "clearImage"  -> trim(label("Clear image"  ,boolean())),
-    "removed"     -> trim(label("Disable"      ,boolean(disableByNotYourself("userName"))))
-  )(EditUserForm.apply)
-
-  val newGroupForm = mapping(
-    "groupName" -> trim(label("Group name" ,text(required, maxlength(100), identifier, uniqueUserName))),
-    "url"       -> trim(label("URL"        ,optional(text(maxlength(200))))),
-    "fileId"    -> trim(label("File ID"    ,optional(text()))),
-    "members"   -> trim(label("Members"    ,text(required, members)))
-  )(NewGroupForm.apply)
-
-  val editGroupForm = mapping(
-    "groupName"  -> trim(label("Group name"  ,text(required, maxlength(100), identifier))),
-    "url"        -> trim(label("URL"         ,optional(text(maxlength(200))))),
-    "fileId"     -> trim(label("File ID"     ,optional(text()))),
-    "members"    -> trim(label("Members"     ,text(required, members))),
-    "clearImage" -> trim(label("Clear image" ,boolean())),
-    "removed"    -> trim(label("Disable"     ,boolean()))
-  )(EditGroupForm.apply)
-
-  get("/admin/users")(adminOnly {
-    val includeRemoved = params.get("includeRemoved").map(_.toBoolean).getOrElse(false)
-    val users          = getAllUsers(includeRemoved)
-    val members        = users.collect { case account if(account.isGroupAccount) =>
-      account.userName -> getGroupMembers(account.userName).map(_.userName)
-    }.toMap
-
-    html.list(users, members, includeRemoved)
-  })
-  
-  get("/admin/users/_newuser")(adminOnly {
-    html.user(None)
-  })
-  
-  post("/admin/users/_newuser", newUserForm)(adminOnly { form =>
-    createAccount(form.userName, sha1(form.password), form.fullName, form.mailAddress, form.isAdmin, form.url)
-    updateImage(form.userName, form.fileId, false)
-    redirect("/admin/users")
-  })
-  
-  get("/admin/users/:userName/_edituser")(adminOnly {
-    val userName = params("userName")
-    html.user(getAccountByUserName(userName, true))
-  })
-  
-  post("/admin/users/:name/_edituser", editUserForm)(adminOnly { form =>
-    val userName = params("userName")
-    getAccountByUserName(userName, true).map { account =>
-
-      if(form.isRemoved){
-        // Remove repositories
-//        getRepositoryNamesOfUser(userName).foreach { repositoryName =>
-//          deleteRepository(userName, repositoryName)
-//          FileUtils.deleteDirectory(getRepositoryDir(userName, repositoryName))
-//          FileUtils.deleteDirectory(getWikiRepositoryDir(userName, repositoryName))
-//          FileUtils.deleteDirectory(getTemporaryDir(userName, repositoryName))
-//        }
-        // Remove from GROUP_MEMBER, COLLABORATOR and REPOSITORY
-        removeUserRelatedData(userName)
-      }
-
-      updateAccount(account.copy(
-        password     = form.password.map(sha1).getOrElse(account.password),
-        fullName     = form.fullName,
-        mailAddress  = form.mailAddress,
-        isAdmin      = form.isAdmin,
-        url          = form.url,
-        isRemoved    = form.isRemoved))
-
-      updateImage(userName, form.fileId, form.clearImage)
-      redirect("/admin/users")
-
-    } getOrElse NotFound
-  })
-
-  get("/admin/users/_newgroup")(adminOnly {
-    html.group(None, Nil)
-  })
-
-  post("/admin/users/_newgroup", newGroupForm)(adminOnly { form =>
-    createGroup(form.groupName, form.url)
-    updateGroupMembers(form.groupName, form.members.split(",").map {
-      _.split(":") match {
-        case Array(userName, isManager) => (userName, isManager.toBoolean)
-      }
-    }.toList)
-    updateImage(form.groupName, form.fileId, false)
-    redirect("/admin/users")
-  })
-
-  get("/admin/users/:groupName/_editgroup")(adminOnly {
-    defining(params("groupName")){ groupName =>
-      html.group(getAccountByUserName(groupName, true), getGroupMembers(groupName))
-    }
-  })
-
-  post("/admin/users/:groupName/_editgroup", editGroupForm)(adminOnly { form =>
-    defining(params("groupName"), form.members.split(",").map {
-      _.split(":") match {
-        case Array(userName, isManager) => (userName, isManager.toBoolean)
-      }
-    }.toList){ case (groupName, members) =>
-      getAccountByUserName(groupName, true).map { account =>
-        updateGroup(groupName, form.url, form.isRemoved)
-
-        if(form.isRemoved){
-          // Remove from GROUP_MEMBER
-          updateGroupMembers(form.groupName, Nil)
-          // Remove repositories
-          getRepositoryNamesOfUser(form.groupName).foreach { repositoryName =>
-            deleteRepository(groupName, repositoryName)
-            FileUtils.deleteDirectory(getRepositoryDir(groupName, repositoryName))
-            FileUtils.deleteDirectory(getWikiRepositoryDir(groupName, repositoryName))
-            FileUtils.deleteDirectory(getTemporaryDir(groupName, repositoryName))
-          }
-        } else {
-          // Update GROUP_MEMBER
-          updateGroupMembers(form.groupName, members)
-          // Update COLLABORATOR for group repositories
-          getRepositoryNamesOfUser(form.groupName).foreach { repositoryName =>
-            removeCollaborators(form.groupName, repositoryName)
-            members.foreach { case (userName, isManager) =>
-              addCollaborator(form.groupName, repositoryName, userName)
-            }
-          }
-        }
-
-        updateImage(form.groupName, form.fileId, form.clearImage)
-        redirect("/admin/users")
-
-      } getOrElse NotFound
-    }
-  })
-
-  private def members: Constraint = new Constraint(){
-    override def validate(name: String, value: String, messages: Messages): Option[String] = {
-      if(value.split(",").exists {
-        _.split(":") match { case Array(userName, isManager) => isManager.toBoolean }
-      }) None else Some("Must select one manager at least.")
-    }
-  }
-
-  protected def disableByNotYourself(paramName: String): Constraint = new Constraint() {
-    override def validate(name: String, value: String, messages: Messages): Option[String] = {
-      params.get(paramName).flatMap { userName =>
-        if(userName == context.loginAccount.get.userName && params.get("removed") == Some("true"))
-          Some("You can't disable your account yourself")
-        else
-          None
-      }
-    }
-  }
-}

src/main/scala/gitbucket/core/controller/WikiController.scala

@@ -1,24 +1,26 @@
 package gitbucket.core.controller
 
+import gitbucket.core.service.RepositoryService.RepositoryInfo
 import gitbucket.core.wiki.html
-import gitbucket.core.service.{RepositoryService, WikiService, ActivityService, AccountService}
+import gitbucket.core.service.{AccountService, ActivityService, RepositoryService, WikiService}
 import gitbucket.core.util._
 import gitbucket.core.util.StringUtil._
-import gitbucket.core.util.ControlUtil._
+import gitbucket.core.util.SyntaxSugars._
 import gitbucket.core.util.Implicits._
 import gitbucket.core.util.Directory._
 import io.github.gitbucket.scalatra.forms._
 import org.eclipse.jgit.api.Git
 import org.scalatra.i18n.Messages
 
-class WikiController extends WikiControllerBase 
-  with WikiService with RepositoryService with AccountService with ActivityService with CollaboratorsAuthenticator with ReferrerAuthenticator
+class WikiController extends WikiControllerBase
+  with WikiService with RepositoryService with AccountService with ActivityService
+  with ReadableUsersAuthenticator with ReferrerAuthenticator
 
 trait WikiControllerBase extends ControllerBase {
-  self: WikiService with RepositoryService with ActivityService with CollaboratorsAuthenticator with ReferrerAuthenticator =>
+  self: WikiService with RepositoryService with ActivityService with ReadableUsersAuthenticator with ReferrerAuthenticator =>
 
   case class WikiPageEditForm(pageName: String, content: String, message: Option[String], currentPageName: String, id: String)
-  
+
   val newForm = mapping(
     "pageName"        -> trim(label("Page name"         , text(required, maxlength(40), pagename, unique))),
     "content"         -> trim(label("Content"           , text(required, conflictForNew))),
@@ -26,7 +28,7 @@ trait WikiControllerBase extends ControllerBase {
     "currentPageName" -> trim(label("Current page name" , text())),
     "id"              -> trim(label("Latest commit id"  , text()))
   )(WikiPageEditForm.apply)
-  
+
   val editForm = mapping(
     "pageName"        -> trim(label("Page name"         , text(required, maxlength(40), pagename))),
     "content"         -> trim(label("Content"           , text(required, conflictForEdit))),
@@ -34,149 +36,162 @@ trait WikiControllerBase extends ControllerBase {
     "currentPageName" -> trim(label("Current page name" , text(required))),
     "id"              -> trim(label("Latest commit id"  , text(required)))
   )(WikiPageEditForm.apply)
-  
+
   get("/:owner/:repository/wiki")(referrersOnly { repository =>
     getWikiPage(repository.owner, repository.name, "Home").map { page =>
       html.page("Home", page, getWikiPageList(repository.owner, repository.name),
-        repository, hasWritePermission(repository.owner, repository.name, context.loginAccount),
+        repository, isEditable(repository),
         getWikiPage(repository.owner, repository.name, "_Sidebar"),
         getWikiPage(repository.owner, repository.name, "_Footer"))
     } getOrElse redirect(s"/${repository.owner}/${repository.name}/wiki/Home/_edit")
   })
-  
+
   get("/:owner/:repository/wiki/:page")(referrersOnly { repository =>
     val pageName = StringUtil.urlDecode(params("page"))
 
     getWikiPage(repository.owner, repository.name, pageName).map { page =>
       html.page(pageName, page, getWikiPageList(repository.owner, repository.name),
-        repository, hasWritePermission(repository.owner, repository.name, context.loginAccount),
+        repository, isEditable(repository),
         getWikiPage(repository.owner, repository.name, "_Sidebar"),
         getWikiPage(repository.owner, repository.name, "_Footer"))
     } getOrElse redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(pageName)}/_edit")
   })
-  
+
   get("/:owner/:repository/wiki/:page/_history")(referrersOnly { repository =>
     val pageName = StringUtil.urlDecode(params("page"))
 
     using(Git.open(getWikiRepositoryDir(repository.owner, repository.name))){ git =>
       JGitUtil.getCommitLog(git, "master", path = pageName + ".md") match {
-        case Right((logs, hasNext)) => html.history(Some(pageName), logs, repository)
-        case Left(_) => NotFound
+        case Right((logs, hasNext)) => html.history(Some(pageName), logs, repository, isEditable(repository))
+        case Left(_) => NotFound()
       }
     }
   })
-  
+
   get("/:owner/:repository/wiki/:page/_compare/:commitId")(referrersOnly { repository =>
     val pageName = StringUtil.urlDecode(params("page"))
     val Array(from, to) = params("commitId").split("\\.\\.\\.")
 
     using(Git.open(getWikiRepositoryDir(repository.owner, repository.name))){ git =>
       html.compare(Some(pageName), from, to, JGitUtil.getDiffs(git, from, to, true).filter(_.newPath == pageName + ".md"), repository,
-        hasWritePermission(repository.owner, repository.name, context.loginAccount), flash.get("info"))
+        isEditable(repository), flash.get("info"))
     }
   })
-  
+
   get("/:owner/:repository/wiki/_compare/:commitId")(referrersOnly { repository =>
     val Array(from, to) = params("commitId").split("\\.\\.\\.")
 
     using(Git.open(getWikiRepositoryDir(repository.owner, repository.name))){ git =>
       html.compare(None, from, to, JGitUtil.getDiffs(git, from, to, true), repository,
-        hasWritePermission(repository.owner, repository.name, context.loginAccount), flash.get("info"))
+        isEditable(repository), flash.get("info"))
     }
   })
 
-  get("/:owner/:repository/wiki/:page/_revert/:commitId")(collaboratorsOnly { repository =>
-    val pageName = StringUtil.urlDecode(params("page"))
-    val Array(from, to) = params("commitId").split("\\.\\.\\.")
+  get("/:owner/:repository/wiki/:page/_revert/:commitId")(readableUsersOnly { repository =>
+    if(isEditable(repository)){
+      val pageName = StringUtil.urlDecode(params("page"))
+      val Array(from, to) = params("commitId").split("\\.\\.\\.")
 
-    if(revertWikiPage(repository.owner, repository.name, from, to, context.loginAccount.get, Some(pageName))){
-      redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(pageName)}")
-    } else {
-      flash += "info" -> "This patch was not able to be reversed."
-      redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(pageName)}/_compare/${from}...${to}")
-    }
-  })
-
-  get("/:owner/:repository/wiki/_revert/:commitId")(collaboratorsOnly { repository =>
-    val Array(from, to) = params("commitId").split("\\.\\.\\.")
-
-    if(revertWikiPage(repository.owner, repository.name, from, to, context.loginAccount.get, None)){
-      redirect(s"/${repository.owner}/${repository.name}/wiki/")
-    } else {
-      flash += "info" -> "This patch was not able to be reversed."
-      redirect(s"/${repository.owner}/${repository.name}/wiki/_compare/${from}...${to}")
-    }
-  })
-
-  get("/:owner/:repository/wiki/:page/_edit")(collaboratorsOnly { repository =>
-    val pageName = StringUtil.urlDecode(params("page"))
-    html.edit(pageName, getWikiPage(repository.owner, repository.name, pageName), repository)
-  })
-  
-  post("/:owner/:repository/wiki/_edit", editForm)(collaboratorsOnly { (form, repository) =>
-    defining(context.loginAccount.get){ loginAccount =>
-      saveWikiPage(
-        repository.owner,
-        repository.name,
-        form.currentPageName,
-        form.pageName,
-        appendNewLine(convertLineSeparator(form.content, "LF"), "LF"),
-        loginAccount,
-        form.message.getOrElse(""),
-        Some(form.id)
-      ).map { commitId =>
-        updateLastActivityDate(repository.owner, repository.name)
-        recordEditWikiPageActivity(repository.owner, repository.name, loginAccount.userName, form.pageName, commitId)
-      }
-      if(notReservedPageName(form.pageName)) {
-        redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(form.pageName)}")
+      if(revertWikiPage(repository.owner, repository.name, from, to, context.loginAccount.get, Some(pageName))){
+        redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(pageName)}")
       } else {
-        redirect(s"/${repository.owner}/${repository.name}/wiki")
+        flash += "info" -> "This patch was not able to be reversed."
+        redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(pageName)}/_compare/${from}...${to}")
       }
-    }
+    } else Unauthorized()
   })
-  
-  get("/:owner/:repository/wiki/_new")(collaboratorsOnly {
-    html.edit("", None, _)
+
+  get("/:owner/:repository/wiki/_revert/:commitId")(readableUsersOnly { repository =>
+    if(isEditable(repository)){
+      val Array(from, to) = params("commitId").split("\\.\\.\\.")
+
+      if(revertWikiPage(repository.owner, repository.name, from, to, context.loginAccount.get, None)){
+        redirect(s"/${repository.owner}/${repository.name}/wiki/")
+      } else {
+        flash += "info" -> "This patch was not able to be reversed."
+        redirect(s"/${repository.owner}/${repository.name}/wiki/_compare/${from}...${to}")
+      }
+    } else Unauthorized()
   })
-  
-  post("/:owner/:repository/wiki/_new", newForm)(collaboratorsOnly { (form, repository) =>
-    defining(context.loginAccount.get){ loginAccount =>
-      saveWikiPage(repository.owner, repository.name, form.currentPageName, form.pageName,
+
+  get("/:owner/:repository/wiki/:page/_edit")(readableUsersOnly { repository =>
+    if(isEditable(repository)){
+      val pageName = StringUtil.urlDecode(params("page"))
+      html.edit(pageName, getWikiPage(repository.owner, repository.name, pageName), repository)
+    } else Unauthorized()
+  })
+
+  post("/:owner/:repository/wiki/_edit", editForm)(readableUsersOnly { (form, repository) =>
+    if(isEditable(repository)){
+      defining(context.loginAccount.get){ loginAccount =>
+        saveWikiPage(
+          repository.owner,
+          repository.name,
+          form.currentPageName,
+          form.pageName,
+          appendNewLine(convertLineSeparator(form.content, "LF"), "LF"),
+          loginAccount,
+          form.message.getOrElse(""),
+          Some(form.id)
+        ).map { commitId =>
+          updateLastActivityDate(repository.owner, repository.name)
+          recordEditWikiPageActivity(repository.owner, repository.name, loginAccount.userName, form.pageName, commitId)
+        }
+        if(notReservedPageName(form.pageName)) {
+          redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(form.pageName)}")
+        } else {
+          redirect(s"/${repository.owner}/${repository.name}/wiki")
+        }
+      }
+    } else Unauthorized()
+  })
+
+  get("/:owner/:repository/wiki/_new")(readableUsersOnly { repository =>
+    if(isEditable(repository)){
+      html.edit("", None, repository)
+    } else Unauthorized()
+  })
+
+  post("/:owner/:repository/wiki/_new", newForm)(readableUsersOnly { (form, repository) =>
+    if(isEditable(repository)){
+      defining(context.loginAccount.get){ loginAccount =>
+        saveWikiPage(repository.owner, repository.name, form.currentPageName, form.pageName,
           form.content, loginAccount, form.message.getOrElse(""), None)
 
-      updateLastActivityDate(repository.owner, repository.name)
-      recordCreateWikiPageActivity(repository.owner, repository.name, loginAccount.userName, form.pageName)
+        updateLastActivityDate(repository.owner, repository.name)
+        recordCreateWikiPageActivity(repository.owner, repository.name, loginAccount.userName, form.pageName)
+
+        if(notReservedPageName(form.pageName)) {
+          redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(form.pageName)}")
+        } else {
+          redirect(s"/${repository.owner}/${repository.name}/wiki")
+        }
+      }
+    } else Unauthorized()
+  })
+
+  get("/:owner/:repository/wiki/:page/_delete")(readableUsersOnly { repository =>
+    if(isEditable(repository)){
+      val pageName = StringUtil.urlDecode(params("page"))
+
+      defining(context.loginAccount.get){ loginAccount =>
+        deleteWikiPage(repository.owner, repository.name, pageName, loginAccount.fullName, loginAccount.mailAddress, s"Destroyed ${pageName}")
+        updateLastActivityDate(repository.owner, repository.name)
 
-      if(notReservedPageName(form.pageName)) {
-        redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(form.pageName)}")
-      } else {
         redirect(s"/${repository.owner}/${repository.name}/wiki")
       }
-    }
+    } else Unauthorized()
   })
-  
-  get("/:owner/:repository/wiki/:page/_delete")(collaboratorsOnly { repository =>
-    val pageName = StringUtil.urlDecode(params("page"))
 
-    defining(context.loginAccount.get){ loginAccount =>
-      deleteWikiPage(repository.owner, repository.name, pageName, loginAccount.fullName, loginAccount.mailAddress, s"Destroyed ${pageName}")
-      updateLastActivityDate(repository.owner, repository.name)
-
-      redirect(s"/${repository.owner}/${repository.name}/wiki")
-    }
-  })
-  
   get("/:owner/:repository/wiki/_pages")(referrersOnly { repository =>
-    html.pages(getWikiPageList(repository.owner, repository.name), repository,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount))
+    html.pages(getWikiPageList(repository.owner, repository.name), repository, isEditable(repository))
   })
-  
+
   get("/:owner/:repository/wiki/_history")(referrersOnly { repository =>
     using(Git.open(getWikiRepositoryDir(repository.owner, repository.name))){ git =>
       JGitUtil.getCommitLog(git, "master") match {
-        case Right((logs, hasNext)) => html.history(None, logs, repository)
-        case Left(_) => NotFound
+        case Right((logs, hasNext)) => html.history(None, logs, repository, isEditable(repository))
+        case Left(_) => NotFound()
       }
     }
   })
@@ -186,7 +201,7 @@ trait WikiControllerBase extends ControllerBase {
 
     getFileContent(repository.owner, repository.name, path).map { bytes =>
       RawData(FileUtil.getContentType(path, bytes), bytes)
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   private def unique: Constraint = new Constraint(){
@@ -225,4 +240,13 @@ trait WikiControllerBase extends ControllerBase {
 
   private def targetWikiPage = getWikiPage(params("owner"), params("repository"), params("pageName"))
 
+  private def isEditable(repository: RepositoryInfo)(implicit context: Context): Boolean = {
+    repository.repository.options.wikiOption match {
+      case "ALL"     => !repository.repository.isPrivate && context.loginAccount.isDefined
+      case "PUBLIC"  => hasGuestRole(repository.owner, repository.name, context.loginAccount)
+      case "PRIVATE" => hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
+      case "DISABLE" => false
+    }
+  }
+
 }

src/main/scala/gitbucket/core/model/AccessToken.scala

@@ -2,7 +2,8 @@ package gitbucket.core.model
 
 
 trait AccessTokenComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
+
   lazy val AccessTokens = TableQuery[AccessTokens]
 
   class AccessTokens(tag: Tag) extends Table[AccessToken](tag, "ACCESS_TOKEN") {

src/main/scala/gitbucket/core/model/Account.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 trait AccountComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
   import self._
 
   lazy val Accounts = TableQuery[Accounts]
@@ -19,7 +19,8 @@ trait AccountComponent { self: Profile =>
     val image = column[String]("IMAGE")
     val groupAccount = column[Boolean]("GROUP_ACCOUNT")
     val removed = column[Boolean]("REMOVED")
-    def * = (userName, fullName, mailAddress, password, isAdmin, url.?, registeredDate, updatedDate, lastLoginDate.?, image.?, groupAccount, removed) <> (Account.tupled, Account.unapply)
+    val description = column[String]("DESCRIPTION")
+    def * = (userName, fullName, mailAddress, password, isAdmin, url.?, registeredDate, updatedDate, lastLoginDate.?, image.?, groupAccount, removed, description.?) <> (Account.tupled, Account.unapply)
   }
 }
 
@@ -35,5 +36,6 @@ case class Account(
   lastLoginDate: Option[java.util.Date],
   image: Option[String],
   isGroupAccount: Boolean,
-  isRemoved: Boolean
+  isRemoved: Boolean,
+  description: Option[String]
 )

src/main/scala/gitbucket/core/model/Activity.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 trait ActivityComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
   import self._
 
   lazy val Activities = TableQuery[Activities]

src/main/scala/gitbucket/core/model/BasicTemplate.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 protected[model] trait TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
 
   trait BasicTemplate { self: Table[_] =>
     val userName = column[String]("USER_NAME")
@@ -10,7 +10,7 @@ protected[model] trait TemplateComponent { self: Profile =>
     def byRepository(owner: String, repository: String) =
       (userName === owner.bind) && (repositoryName === repository.bind)
 
-    def byRepository(userName: Column[String], repositoryName: Column[String]) =
+    def byRepository(userName: Rep[String], repositoryName: Rep[String]) =
       (this.userName === userName) && (this.repositoryName === repositoryName)
   }
 
@@ -20,7 +20,7 @@ protected[model] trait TemplateComponent { self: Profile =>
     def byIssue(owner: String, repository: String, issueId: Int) =
       byRepository(owner, repository) && (this.issueId === issueId.bind)
 
-    def byIssue(userName: Column[String], repositoryName: Column[String], issueId: Column[Int]) =
+    def byIssue(userName: Rep[String], repositoryName: Rep[String], issueId: Rep[Int]) =
       byRepository(userName, repositoryName) && (this.issueId === issueId)
   }
 
@@ -31,7 +31,7 @@ protected[model] trait TemplateComponent { self: Profile =>
     def byLabel(owner: String, repository: String, labelId: Int) =
       byRepository(owner, repository) && (this.labelId === labelId.bind)
 
-    def byLabel(userName: Column[String], repositoryName: Column[String], labelId: Column[Int]) =
+    def byLabel(userName: Rep[String], repositoryName: Rep[String], labelId: Rep[Int]) =
       byRepository(userName, repositoryName) && (this.labelId === labelId)
 
     def byLabel(owner: String, repository: String, labelName: String) =
@@ -44,7 +44,7 @@ protected[model] trait TemplateComponent { self: Profile =>
     def byMilestone(owner: String, repository: String, milestoneId: Int) =
       byRepository(owner, repository) && (this.milestoneId === milestoneId.bind)
 
-    def byMilestone(userName: Column[String], repositoryName: Column[String], milestoneId: Column[Int]) =
+    def byMilestone(userName: Rep[String], repositoryName: Rep[String], milestoneId: Rep[Int]) =
       byRepository(userName, repositoryName) && (this.milestoneId === milestoneId)
   }
 
@@ -54,13 +54,13 @@ protected[model] trait TemplateComponent { self: Profile =>
     def byCommit(owner: String, repository: String, commitId: String) =
       byRepository(owner, repository) && (this.commitId === commitId)
 
-    def byCommit(owner: Column[String], repository: Column[String], commitId: Column[String]) =
+    def byCommit(owner: Rep[String], repository: Rep[String], commitId: Rep[String]) =
       byRepository(userName, repositoryName) && (this.commitId === commitId)
   }
 
   trait BranchTemplate extends BasicTemplate{ self: Table[_] =>
     val branch = column[String]("BRANCH")
     def byBranch(owner: String, repository: String, branchName: String) = byRepository(owner, repository) && (branch === branchName.bind)
-    def byBranch(owner: Column[String], repository: Column[String], branchName: Column[String]) = byRepository(owner, repository) && (this.branch === branchName)
+    def byBranch(owner: Rep[String], repository: Rep[String], branchName: Rep[String]) = byRepository(owner, repository) && (this.branch === branchName)
   }
 }

src/main/scala/gitbucket/core/model/Collaborator.scala

@@ -1,13 +1,14 @@
 package gitbucket.core.model
 
 trait CollaboratorComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
 
   lazy val Collaborators = TableQuery[Collaborators]
 
   class Collaborators(tag: Tag) extends Table[Collaborator](tag, "COLLABORATOR") with BasicTemplate {
     val collaboratorName = column[String]("COLLABORATOR_NAME")
-    def * = (userName, repositoryName, collaboratorName) <> (Collaborator.tupled, Collaborator.unapply)
+    val role = column[String]("ROLE")
+    def * = (userName, repositoryName, collaboratorName, role) <> (Collaborator.tupled, Collaborator.unapply)
 
     def byPrimaryKey(owner: String, repository: String, collaborator: String) =
       byRepository(owner, repository) && (collaboratorName === collaborator.bind)
@@ -17,5 +18,23 @@ trait CollaboratorComponent extends TemplateComponent { self: Profile =>
 case class Collaborator(
   userName: String,
   repositoryName: String,
-  collaboratorName: String
+  collaboratorName: String,
+  role: String
 )
+
+sealed abstract class Role(val name: String)
+
+object Role {
+  object ADMIN extends Role("ADMIN")
+  object DEVELOPER extends Role("DEVELOPER")
+  object GUEST extends Role("GUEST")
+
+//  val values: Vector[Permission] = Vector(ADMIN, WRITE, READ)
+//
+//  private val map: Map[String, Permission] = values.map(enum => enum.name -> enum).toMap
+//
+//  def apply(name: String): Permission = map(name)
+//
+//  def valueOf(name: String): Option[Permission] = map.get(name)
+
+}

src/main/scala/gitbucket/core/model/Comment.scala

@@ -6,12 +6,10 @@ trait Comment {
 }
 
 trait IssueCommentComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
   import self._
 
-  lazy val IssueComments = new TableQuery(tag => new IssueComments(tag)){
-    def autoInc = this returning this.map(_.commentId)
-  }
+  lazy val IssueComments = TableQuery[IssueComments]
 
   class IssueComments(tag: Tag) extends Table[IssueComment](tag, "ISSUE_COMMENT") with IssueTemplate {
     val commentId = column[Int]("COMMENT_ID", O AutoInc)
@@ -39,12 +37,10 @@ case class IssueComment (
 ) extends Comment
 
 trait CommitCommentComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
   import self._
 
-  lazy val CommitComments = new TableQuery(tag => new CommitComments(tag)){
-    def autoInc = this returning this.map(_.commentId)
-  }
+  lazy val CommitComments = TableQuery[CommitComments]
 
   class CommitComments(tag: Tag) extends Table[CommitComment](tag, "COMMIT_COMMENT") with CommitTemplate {
     val commentId = column[Int]("COMMENT_ID", O AutoInc)

src/main/scala/gitbucket/core/model/CommitStatus.scala

@@ -1,10 +1,7 @@
 package gitbucket.core.model
 
-import scala.slick.lifted.MappedTo
-import scala.slick.jdbc._
-
 trait CommitStatusComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
   import self._
 
   implicit val commitStateColumnType = MappedColumnType.base[CommitState, String](b => b.name , i => CommitState(i))
@@ -90,7 +87,5 @@ object CommitState {
     }
   }
 
-  implicit val getResult: GetResult[CommitState] = GetResult(r => CommitState(r.<<))
-  implicit val getResultOpt: GetResult[Option[CommitState]] = GetResult(r => r.<<?[String].map(CommitState(_)))
 }
 

src/main/scala/gitbucket/core/model/DeployKey.scala

@@ -0,0 +1,27 @@
+package gitbucket.core.model
+
+trait DeployKeyComponent extends TemplateComponent { self: Profile =>
+  import profile.api._
+
+  lazy val DeployKeys = TableQuery[DeployKeys]
+
+  class DeployKeys(tag: Tag) extends Table[DeployKey](tag, "DEPLOY_KEY") with BasicTemplate {
+    val deployKeyId = column[Int]("DEPLOY_KEY_ID", O AutoInc)
+    val title = column[String]("TITLE")
+    val publicKey = column[String]("PUBLIC_KEY")
+    val allowWrite = column[Boolean]("ALLOW_WRITE")
+    def * = (userName, repositoryName, deployKeyId, title, publicKey, allowWrite) <> (DeployKey.tupled, DeployKey.unapply)
+
+    def byPrimaryKey(userName: String, repositoryName: String, deployKeyId: Int) =
+      (this.userName === userName.bind) && (this.repositoryName === repositoryName.bind) && (this.deployKeyId === deployKeyId.bind)
+  }
+}
+
+case class DeployKey(
+  userName: String,
+  repositoryName: String,
+  deployKeyId: Int = 0,
+  title: String,
+  publicKey: String,
+  allowWrite: Boolean
+)

src/main/scala/gitbucket/core/model/GroupMembers.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 trait GroupMemberComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
 
   lazy val GroupMembers = TableQuery[GroupMembers]
 

src/main/scala/gitbucket/core/model/Issue.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 trait IssueComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
   import self._
 
   lazy val IssueId = TableQuery[IssueId]

src/main/scala/gitbucket/core/model/IssueLabels.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 trait IssueLabelComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
 
   lazy val IssueLabels = TableQuery[IssueLabels]
 

src/main/scala/gitbucket/core/model/Labels.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 trait LabelComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
 
   lazy val Labels = TableQuery[Labels]
 
@@ -12,7 +12,7 @@ trait LabelComponent extends TemplateComponent { self: Profile =>
     def * = (userName, repositoryName, labelId, labelName, color) <> (Label.tupled, Label.unapply)
 
     def byPrimaryKey(owner: String, repository: String, labelId: Int) = byLabel(owner, repository, labelId)
-    def byPrimaryKey(userName: Column[String], repositoryName: Column[String], labelId: Column[Int]) = byLabel(userName, repositoryName, labelId)
+    def byPrimaryKey(userName: Rep[String], repositoryName: Rep[String], labelId: Rep[Int]) = byLabel(userName, repositoryName, labelId)
   }
 }
 

src/main/scala/gitbucket/core/model/Milestone.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 trait MilestoneComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
   import self._
 
   lazy val Milestones = TableQuery[Milestones]
@@ -9,13 +9,13 @@ trait MilestoneComponent extends TemplateComponent { self: Profile =>
   class Milestones(tag: Tag) extends Table[Milestone](tag, "MILESTONE") with MilestoneTemplate {
     override val milestoneId = column[Int]("MILESTONE_ID", O AutoInc)
     val title = column[String]("TITLE")
-    val description = column[String]("DESCRIPTION")
-    val dueDate = column[java.util.Date]("DUE_DATE")
-    val closedDate = column[java.util.Date]("CLOSED_DATE")
-    def * = (userName, repositoryName, milestoneId, title, description.?, dueDate.?, closedDate.?) <> (Milestone.tupled, Milestone.unapply)
+    val description = column[Option[String]]("DESCRIPTION")
+    val dueDate = column[Option[java.util.Date]]("DUE_DATE")
+    val closedDate = column[Option[java.util.Date]]("CLOSED_DATE")
+    def * = (userName, repositoryName, milestoneId, title, description, dueDate, closedDate) <> (Milestone.tupled, Milestone.unapply)
 
     def byPrimaryKey(owner: String, repository: String, milestoneId: Int) = byMilestone(owner, repository, milestoneId)
-    def byPrimaryKey(userName: Column[String], repositoryName: Column[String], milestoneId: Column[Int]) = byMilestone(userName, repositoryName, milestoneId)
+    def byPrimaryKey(userName: Rep[String], repositoryName: Rep[String], milestoneId: Rep[Int]) = byMilestone(userName, repositoryName, milestoneId)
   }
 }
 

src/main/scala/gitbucket/core/model/Plugin.scala

@@ -1,19 +0,0 @@
-package gitbucket.core.model
-
-trait PluginComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
-  import self._
-
-  lazy val Plugins = TableQuery[Plugins]
-
-  class Plugins(tag: Tag) extends Table[Plugin](tag, "PLUGIN"){
-    val pluginId = column[String]("PLUGIN_ID", O PrimaryKey)
-    val version = column[String]("VERSION")
-    def * = (pluginId, version) <> (Plugin.tupled, Plugin.unapply)
-  }
-}
-
-case class Plugin(
-  pluginId: String,
-  version: String
-)

src/main/scala/gitbucket/core/model/Profile.scala

@@ -1,9 +1,11 @@
 package gitbucket.core.model
 
+import gitbucket.core.util.DatabaseConfig
+import com.github.takezoe.slick.blocking.BlockingJdbcProfile
 
 trait Profile {
-  val profile: slick.driver.JdbcProfile
-  import profile.simple._
+  val profile: BlockingJdbcProfile
+  import profile.blockingApi._
 
   /**
    * java.util.Date Mapped Column Types
@@ -16,8 +18,8 @@ trait Profile {
   /**
    * Extends Column to add conditional condition
    */
-  implicit class RichColumn(c1: Column[Boolean]){
-    def &&(c2: => Column[Boolean], guard: => Boolean): Column[Boolean] = if(guard) c1 && c2 else c1
+  implicit class RichColumn(c1: Rep[Boolean]){
+    def &&(c2: => Rep[Boolean], guard: => Boolean): Rep[Boolean] = if(guard) c1 && c2 else c1
   }
 
   /**
@@ -28,7 +30,9 @@ trait Profile {
 }
 
 trait ProfileProvider { self: Profile =>
-  val profile = slick.driver.H2Driver
+
+  lazy val profile = DatabaseConfig.slickDriver
+
 }
 
 trait CoreProfile extends ProfileProvider with Profile
@@ -49,7 +53,7 @@ trait CoreProfile extends ProfileProvider with Profile
   with SshKeyComponent
   with WebHookComponent
   with WebHookEventComponent
-  with PluginComponent
   with ProtectedBranchComponent
+  with DeployKeyComponent
 
 object Profile extends CoreProfile