4.9.0 release

Merge pull request #1436 from ritschwumm/patch-1
fix typo in log message
2026-05-08 23:16:48 +02:00 · 2017-01-29 02:02:17 +09:00 · 2017-01-29 01:46:02 +09:00 · 2017-01-28 11:49:49 +01:00 · 2017-01-26 09:59:32 +09:00 · 2017-01-26 00:31:39 +09:00
347 changed files with 23471 additions and 19727 deletions
--- a/.github/CONTRIBUTING.md
+++ b/.github/CONTRIBUTING.md
@@ -4,4 +4,3 @@
 - If you can't find same question and report, send it to [gitter room](https://gitter.im/gitbucket/gitbucket) before raising an issue.
 - We can also support in Japaneses other than English at [gitter room for Japanese](https://gitter.im/gitbucket/gitbucket_ja).
 - Write an issue in English. At least, write subject in English.
 - First priority of GitBucket is easy installation and reproduce GitHub behavior, so we might reject if your request is against it.
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -5,4 +5,4 @@
 - [] verified that project is compiling
 - [] verified that tests are passing
 - [] squashed my commits as appropriate *(keep several commits if it is relevant to understand the PR)*
- [] [marked as closed](https://help.github.com/articles/closing-issues-via-commit-messages/) all issue ID that this PR should correct
+- [] [marked as closed using commit message](https://help.github.com/articles/closing-issues-via-commit-messages/) all issue ID that this PR should correct
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,6 +1,18 @@
 language: scala
-sudo: false
+sudo: true
 script:
  - sbt test
 jdk:
  - oraclejdk8
 before_script:
  - sudo apt-get install libaio1
  - sudo /etc/init.d/mysql stop
  - sudo /etc/init.d/postgresql stop
 cache:
  directories:
    - $HOME/.ivy2/cache
    - $HOME/.sbt/boot
    - $HOME/.sbt/launchers
    - $HOME/.coursier
    - $HOME/.embedmysql
    - $HOME/.embedpostgresql
--- a/2
+++ b/2
@@ -187,7 +187,7 @@
      same "printed page" as the copyright notice for easier
      identification within third-party archives.
-   Copyright [yyyy] [name of copyright owner]
+   Copyright 2013-2016 GitBucket Team
   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
--- a/README.md
+++ b/README.md
@@ -2,67 +2,166 @@ GitBucket [![Gitter chat](https://badges.gitter.im/gitbucket/gitbucket.png)](htt
 =========
 GitBucket is a Git platform powered by Scala offering:
- easy installation
+- Easy installation
- high extensibility by plugins
+- High extensibility by plugins
- API compatibility with Github
+- API compatibility with GitHub
 Features
 --------
 The current version of GitBucket provides a basic features below:
 - Public / Private Git repository (http and ssh access)
- Repository viewer and online file editing
+- Repository viewer and online file editor
- Wiki
+- Issues, Pull request and Wiki for repositories
 - Issues / Pull request
 - Email notification
- Simple user and group management with LDAP integration
+- Account and group management with LDAP integration
 - Plug-in system
-If you want to try the development version of GitBucket, see [Developer's Guide](https://github.com/gitbucket/gitbucket/blob/master/doc/how_to_run.md).
+If you want to try the development version of GitBucket, see the [Developer's Guide](https://github.com/gitbucket/gitbucket/blob/master/doc/how_to_run.md).
 Installation
 --------
-GitBucket requires **Java8**. You have to install beforehand when it's not installed.
+GitBucket requires **Java8**. You have to install it if it is not already installed.
-1. Download latest **gitbucket.war** from [the release page](https://github.com/gitbucket/gitbucket/releases).
+1. Download the latest **gitbucket.war** from [the releases page](https://github.com/gitbucket/gitbucket/releases) and run it by `java -jar gitbucket.war`.
-2. Deploy it to the Servlet 3.0 container such as Tomcat 7.x, Jetty 8.x, GlassFish 3.x or higher.
+2. Go to `http://[hostname]:8080/` and log in with **root** / **root**.
 3. Access **http://[hostname]:[port]/gitbucket/** using your web browser and logged-in with **root** / **root**.
-or you can start GitBucket by `java -jar gitbucket.war` without servlet container. In this case, GitBucket URL is **http://[hostname]:8080/**. You can specify following options.
+You can specify following options:
- --port=[NUMBER]
+- `--port=[NUMBER]`
- --prefix=[CONTEXTPATH]
+- `--prefix=[CONTEXTPATH]`
- --host=[HOSTNAME]
+- `--host=[HOSTNAME]`
- --gitbucket.home=[DATA_DIR]
+- `--gitbucket.home=[DATA_DIR]`
 - `--temp_dir=[TEMP_DIR]`
-To upgrade GitBucket, only replace gitbucket.war after stop GitBucket. All GitBucket data is stored in HOME/.gitbucket. So if you want to back up GitBucket data, copy this directory to the other disk.
+`TEMP_DIR` is used as the [temporary directory for the jetty application context](https://www.eclipse.org/jetty/documentation/9.3.x/ref-temporary-directories.html).
 This is the directory into which the gitbucket.war file is unpacked, the source
 files are compiled, etc.  
 If given this parameter **must** match the path of an existing directory
 or the application will quit reporting an error; if not given the path used
 will be a `tmp` directory inside the gitbucket home.
-About installation on Mac or Windows Server (with IIS), configuration of Apache or Nginx and also integration with other tools or services such as Jenkins or Slack, see [Wiki](https://github.com/gitbucket/gitbucket/wiki).
+You can also deploy gitbucket.war to a servlet container which supports Servlet 3.0 (like Jetty, Tomcat, JBoss, etc)
-Plug-ins
+For more information about installation on Mac or Windows Server (with IIS), or configuration of Apache or Nginx and also integration with other tools or services such as Jenkins or Slack, see [Wiki](https://github.com/gitbucket/gitbucket/wiki).
 To upgrade GitBucket, replace `gitbucket.war` with the new version, after stopping GitBucket. All GitBucket data is stored in `HOME/.gitbucket` by default. So if you want to back up GitBucket's data, copy this directory to the backup location.
 Plugins
 --------
-GitBucket has the plug-in system to extend GitBucket from outside of GitBucket. Some plug-ins are available now:
+GitBucket has a plug-in system to allow extensions to GitBucket. We provide some official plug-ins:
 - [gitbucket-gist-plugin](https://github.com/gitbucket/gitbucket-gist-plugin)
- [gitbucket-announce-plugin](https://github.com/gitbucket-plugins/gitbucket-announce-plugin)
+- [gitbucket-emoji-plugin](https://github.com/gitbucket/gitbucket-emoji-plugin)
 - [gitbucket-h2-backup-plugin](https://github.com/gitbucket-plugins/gitbucket-h2-backup-plugin)
 - [gitbucket-desktopnotify-plugin](https://github.com/yoshiyoshifujii/gitbucket-desktopnotify-plugin)
 - [gitbucket-commitgraphs-plugin](https://github.com/yoshiyoshifujii/gitbucket-commitgraphs-plugin)
 - [gitbucket-asciidoctor-plugin](https://github.com/lefou/gitbucket-asciidoctor-plugin)
-You can find community plugins other than them at [gitbucket community plugins](http://gitbucket-plugins.github.io/).
+You can find more plugins made by the community at [GitBucket community plugins](http://gitbucket-plugins.github.io/).
 Support
 --------
- If you have any question about GitBucket, send it to [gitter room](https://gitter.im/gitbucket/gitbucket) before raise an issue.
+- If you have any questions about GitBucket, send it to the [gitter room](https://gitter.im/gitbucket/gitbucket) before opening an issue.
- Make sure check whether there is a same question or request in the past.
+- Make sure check whether there is the same question or request in the past.
- When raise a new issue, write subject in **English** at least.
+- When raise a new issue, write at least the subject in **English**.
- We can also support in Japaneses other than English at [gitter room for Japanese](https://gitter.im/gitbucket/gitbucket_ja).
+- We can also provide support in Japanese at [gitter room for Japanese](https://gitter.im/gitbucket/gitbucket_ja).
- First priority of GitBucket is easy installation and API compatibility with GitHub, so we might reject if your request is against it.
+- The first priority of GitBucket is easy installation and API compatibility with GitHub, so we might reject if your request is against it.
 Release Notes
--------
+-------------
 ## 4.9 - 29 Jan 2017
 - GitLFS support
 - Template for issues and pull requests
 - Manual label color editing
 - Account description
 - `--tmp-dir` option for standalone mode
 - More APIs for issues
  - [List issues for a repository](https://developer.github.com/v3/issues/#list-issues-for-a-repository)
  - [Create an issue](https://developer.github.com/v3/issues/#create-an-issue)
 ## 4.8 - 23 Dec 2016
 - Search for repository names from the global header
 - Filter repositories on the sidebar of the dashboard
 - Search issues and wiki
 - Keep pull request comments after new commits are pushed
 - New web API to get a single issue
 - Performance improvement for the repository viewer
 ### 4.7.1 - 28 Nov 2016
 - Bug fix: group repositories are not shown in the your repositories list on the sidebar
 - Small performance improvement of the dashboard
 ### 4.7 - 26 Nov 2016
 - New permission system
 - Dropdown filter for issue labels, milestones and assignees
 - Keep sidebar folding status
 - Link from milestone label to the issue list
 ### 4.6 - 29 Oct 2016
 - Add disable option for forking
 - Add History button to wiki page
 - Git repository URL redirection for GitHub compatibility
 - Get-Content API improvement
 - Indicate who is group master in Members tab in group view
 ### 4.5 - 29 Sep 2016
 - Attach files by dropping into textarea
 - Issues / Pull requests switcher in dashboard
 - HikariCP could be configured in `GITBUCKET_HOME/database.conf`
 - Improve Cookie security
 - Display commit count on the history button
 - Improve mobile view
 ### 4.4 - 28 Aug 2016
 - Import a SQL dump file to the database
 - `go get` support in private repositories
 - Sort milestones by due date
 - apache-sshd has been updated to 1.2.0
 ### 4.3 - 30 Jul 2016
 - Emoji support by [gitbucket-emoji-plugin](https://github.com/gitbucket/gitbucket-emoji-plugin)
 - User name suggestion
 - Add new web APIs and basic authentication support for API access
 - Root Endpoint
  - [List endpoints](https://developer.github.com/v3/#root-endpoint)
  - [List Branches](https://developer.github.com/v3/repos/branches/#list-branches)
  - [Get contents](https://developer.github.com/v3/repos/contents/#get-contents)
  - [Get a Reference](https://developer.github.com/v3/git/refs/#get-a-reference)
  - [List Collaborators](https://developer.github.com/v3/repos/collaborators/#list-collaborators)
  - [List user repositories](https://developer.github.com/v3/repos/#list-user-repositories)
  - [Get a group](https://developer.github.com/v3/orgs/#get-an-organization)
  - [List group repositories](https://developer.github.com/v3/repos/#list-organization-repositories)
 - Add new extension points
  - `assetsMapping` : Supplies resources in plugin classpath as web assets
  - `suggestionProvider` : Provides suggestion in the Markdown editing textarea
  - `textDecorator` : Decorate text nodes in HTML which is converted from Markdown
 ### 4.2.1 - 3 Jul 2016
 - Fix migration bug
 This is hotfix for a critical bug in migration. If you are new installation, use 4.2.0. But if you have an exisiting installation and it had been updated to 4.0 from 3.x, you must update to 4.2.1.
 ### 4.2 - 2 Jul 2016
 - New UI based on [AdminLTE](https://github.com/almasaeed2010/AdminLTE)
 - git gc
 - Issues and Wiki have been possible to be disabled
 - SMTP configuration test mail
 ### 4.1 - 4 Jun 2016
 - Generic ssh user
 - Improve branch protection UI
 - Default value of pull request title
 ### 4.0 - 30 Apr 2016
 - MySQL and PostgreSQL support
 - Data export and import
 - Migration system has been switched to [solidbase](https://github.com/gitbucket/solidbase)
 **Note:** You can upgrade to GitBucket 4.0 from 3.14. If your GitBucket is 3.13 or before, you have to upgrade 3.14 at first.
 ### 3.14 - 30 Apr 2016
 - File attachment and search for wiki pages
 - New extension points to add menus
 - Content-Type of webhooks has been choosable
 ### 3.13 - 1 Apr 2016
 - Refresh user interface for wide screen
 - Add `pull_request` key in list issues API for pull requests
--- a/build.sbt
+++ b/build.sbt
@@ -1,8 +1,8 @@
-val Organization = "gitbucket"
+val Organization = "io.github.gitbucket"
 val Name = "gitbucket"
-val GitBucketVersion = "3.13.0"
+val GitBucketVersion = "4.9.0"
-val ScalatraVersion = "2.4.0"
+val ScalatraVersion = "2.4.1"
-val JettyVersion = "9.3.6.v20151106"
+val JettyVersion = "9.3.9.v20160517"
 lazy val root = (project in file(".")).enablePlugins(SbtTwirl, JettyPlugin)
@@ -15,50 +15,61 @@ scalaVersion := "2.11.8"
 // dependency settings
 resolvers ++= Seq(
  Classpaths.typesafeReleases,
-  "sonatype-snapshot" at "https://oss.sonatype.org/content/repositories/snapshots/"
+  Resolver.jcenterRepo,
  "amateras" at "http://amateras.sourceforge.jp/mvn/",
  "sonatype-snapshot" at "https://oss.sonatype.org/content/repositories/snapshots/",
  "amateras-snapshot" at "http://amateras.sourceforge.jp/mvn-snapshot/"
 )
 libraryDependencies ++= Seq(
  "org.scala-lang.modules"   %% "scala-java8-compat"           % "0.7.0",
-  "org.eclipse.jgit"          % "org.eclipse.jgit.http.server" % "4.1.1.201511131810-r",
+  "org.eclipse.jgit"          % "org.eclipse.jgit.http.server" % "4.6.0.201612231935-r",
-  "org.eclipse.jgit"          % "org.eclipse.jgit.archive"     % "4.1.1.201511131810-r",
+  "org.eclipse.jgit"          % "org.eclipse.jgit.archive"     % "4.6.0.201612231935-r",
  "org.scalatra"             %% "scalatra"                     % ScalatraVersion,
  "org.scalatra"             %% "scalatra-json"                % ScalatraVersion,
  "org.json4s"               %% "json4s-jackson"               % "3.3.0",
  "io.github.gitbucket"      %% "scalatra-forms"               % "1.0.0",
  "commons-io"                % "commons-io"                   % "2.4",
-  "io.github.gitbucket"       % "markedj"                      % "1.0.7",
+  "io.github.gitbucket"       % "solidbase"                    % "1.0.0",
-  "org.apache.commons"        % "commons-compress"             % "1.10",
+  "io.github.gitbucket"       % "markedj"                      % "1.0.9",
  "org.apache.commons"        % "commons-compress"             % "1.11",
  "org.apache.commons"        % "commons-email"                % "1.4",
  "org.apache.httpcomponents" % "httpclient"                   % "4.5.1",
-  "org.apache.sshd"           % "apache-sshd"                  % "1.0.0",
+  "org.apache.sshd"           % "apache-sshd"                  % "1.2.0",
-  "org.apache.tika"           % "tika-core"                    % "1.11",
+  "org.apache.tika"           % "tika-core"                    % "1.13",
  "com.typesafe.slick"       %% "slick"                        % "2.1.0",
  "com.novell.ldap"           % "jldap"                        % "2009-10-07",
-  "com.h2database"            % "h2"                           % "1.4.190",
+  "com.h2database"            % "h2"                           % "1.4.192",
-  "ch.qos.logback"            % "logback-classic"              % "1.1.1",
+  "mysql"                     % "mysql-connector-java"         % "5.1.39",
-  "com.mchange"               % "c3p0"                         % "0.9.5.2",
+  "org.postgresql"            % "postgresql"                   % "9.4.1208",
  "ch.qos.logback"            % "logback-classic"              % "1.1.7",
  "com.zaxxer"                % "HikariCP"                     % "2.4.6",
  "com.typesafe"              % "config"                       % "1.3.0",
-  "com.typesafe.akka"        %% "akka-actor"                   % "2.3.14",
+  "com.typesafe.akka"        %% "akka-actor"                   % "2.3.15",
  "fr.brouillard.oss.security.xhub" % "xhub4j-core"            % "1.0.0",
  "com.github.bkromhout"      % "java-diff-utils"              % "2.1.1",
  "org.cache2k"               % "cache2k-all"                  % "1.0.0.CR1",
  "com.enragedginger"        %% "akka-quartz-scheduler"        % "1.4.0-akka-2.3.x" exclude("c3p0","c3p0"),
  "net.coobird" % "thumbnailator" % "0.4.8",
  "org.eclipse.jetty"         % "jetty-webapp"                 % JettyVersion     % "provided",
  "javax.servlet"             % "javax.servlet-api"            % "3.1.0"          % "provided",
  "junit"                     % "junit"                        % "4.12"           % "test",
  "org.scalatra"             %% "scalatra-scalatest"           % ScalatraVersion  % "test",
-  "org.scalaz"               %% "scalaz-core"                  % "7.2.0"          % "test"
+  "com.wix"                   % "wix-embedded-mysql"           % "2.1.4"          % "test",
  "ru.yandex.qatools.embed"   % "postgresql-embedded"          % "1.14"           % "test"
 )
 // Twirl settings
 play.twirl.sbt.Import.TwirlKeys.templateImports += "gitbucket.core._"
 // Compiler settings
 scalacOptions := Seq("-deprecation", "-language:postfixOps", "-Ybackend:GenBCode", "-Ydelambdafy:method", "-target:jvm-1.8")
 javacOptions in compile ++= Seq("-target", "8", "-source", "8")
 javaOptions in Jetty += "-Dlogback.configurationFile=/logback-dev.xml"
-testOptions in Test += Tests.Argument(TestFrameworks.Specs2, "junitxml", "console")
+
 // Test settings
 //testOptions in Test += Tests.Argument("-l", "ExternalDBTest")
 javaOptions in Test += "-Dgitbucket.home=target/gitbucket_home_for_test"
 testOptions in Test += Tests.Setup( () => new java.io.File("target/gitbucket_home_for_test").mkdir() )
 fork in Test := true
 // Packaging options
 packageOptions += Package.MainClass("JettyLauncher")
 // Assembly settings
@@ -73,12 +84,13 @@ assemblyMergeStrategy in assembly := {
 }
 // JRebel
 Seq(jrebelSettings: _*)
 jrebel.webLinks += (target in webappPrepare).value
 jrebel.enabled := System.getenv().get("JREBEL") != null
 javaOptions in Jetty ++= Option(System.getenv().get("JREBEL")).toSeq.flatMap { path =>
  Seq("-noverify", "-XX:+UseConcMarkSweepGC", "-XX:+CMSClassUnloadingEnabled", s"-javaagent:${path}")
 }
 jrebelSettings
 // Create executable war file
 val executableConfig = config("executable").hide
@@ -97,7 +109,6 @@ libraryDependencies ++= Seq(
 val executableKey = TaskKey[File]("executable")
 executableKey := {
  import org.apache.ivy.util.ChecksumHelper
  import java.util.jar.{ Manifest => JarManifest }
  import java.util.jar.Attributes.{ Name => AttrName }
@@ -155,9 +166,55 @@ executableKey := {
  log info s"built executable webapp ${outputFile}"
  outputFile
 }
-/*
+publishTo := {
-Keys.artifact in (Compile, executableKey) ~= {
+  val nexus = "https://oss.sonatype.org/"
-    _ copy (`type` = "war", extension = "war"))
+  if (version.value.trim.endsWith("SNAPSHOT")) Some("snapshots" at nexus + "content/repositories/snapshots")
  else                             Some("releases"  at nexus + "service/local/staging/deploy/maven2")
 }
-addArtifact(Keys.artifact in (Compile, executableKey), executableKey)
+publishMavenStyle := true
-*/
+pomIncludeRepository := { _ => false }
 pomExtra := (
  <url>https://github.com/gitbucket/gitbucket</url>
  <licenses>
    <license>
      <name>The Apache Software License, Version 2.0</name>
      <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
    </license>
  </licenses>
  <scm>
    <url>https://github.com/gitbucket/gitbucket</url>
    <connection>scm:git:https://github.com/gitbucket/gitbucket.git</connection>
  </scm>
  <developers>
    <developer>
      <id>takezoe</id>
      <name>Naoki Takezoe</name>
      <url>https://github.com/takezoe</url>
    </developer>
    <developer>
      <id>shimamoto</id>
      <name>Takako Shimamoto</name>
      <url>https://github.com/shimamoto</url>
    </developer>
    <developer>
      <id>tanacasino</id>
      <name>Tomofumi Tanaka</name>
      <url>https://github.com/tanacasino</url>
    </developer>
    <developer>
      <id>mrkm4ntr</id>
      <name>Shintaro Murakami</name>
      <url>https://github.com/mrkm4ntr</url>
    </developer>
    <developer>
      <id>nazoking</id>
      <name>nazoking</name>
      <url>https://github.com/nazoking</url>
    </developer>
    <developer>
      <id>McFoggy</id>
      <name>Matthieu Brouillard</name>
      <url>https://github.com/McFoggy</url>
    </developer>
  </developers>
 )
--- a/contrib/linux/redhat/README.md
+++ b/contrib/linux/redhat/README.md
@@ -3,6 +3,7 @@
 RPM spec file and init script for Red Hat Enterprise Linux 6.x. 
 To create RPM:
 1. Edit `../../gitbucket.conf` to suit.
 2. Edit `gitbucket.init` to suit.
 3. Edit `gitbucket.spec` to suit.
--- a/doc/auto_update.md
+++ b/doc/auto_update.md
@@ -1,37 +1,54 @@
 Automatic Schema Updating
 ========
-GitBucket uses H2 database to manage project and account data. GitBucket updates database schema automatically in the first run after the upgrading.
+GitBucket updates database schema automatically using [Solidbase](https://github.com/gitbucket/solidbase) in the first run after the upgrading.
-To release a new version of GitBucket, add the version definition to the [gitbucket.core.servlet.AutoUpdate](https://github.com/gitbucket/gitbucket/blob/master/src/main/scala/gitbucket/core/servlet/AutoUpdate.scala) at first.
+To release a new version of GitBucket, add the version definition to the [gitbucket.core.GitBucketCoreModule](https://github.com/gitbucket/gitbucket/blob/master/src/main/scala/gitbucket/core/GitBucketCoreModule.scala) at first.
 ```scala
-object AutoUpdate {
+object GitBucketCoreModule extends Module("gitbucket-core",
-  ...
+  new Version("4.0.0",
-  /**
+    new LiquibaseMigration("update/gitbucket-core_4.0.xml"),
-   * The history of versions. A head of this sequence is the current GitBucket version.
+    new SqlMigration("update/gitbucket-core_4.0.sql")
-   */
+  ),
-  val versions = Seq(
+  new Version("4.1.0"),
-      Version(1, 0)
+  new Version("4.2.0",
    new LiquibaseMigration("update/gitbucket-core_4.2.xml")
  )
  ...
 ```
 Next, add a SQL file which updates database schema into [/src/main/resources/update/](https://github.com/gitbucket/gitbucket/tree/master/src/main/resources/update) as ```MAJOR_MINOR.sql```.
 GitBucket stores the current version to ```GITBUCKET_HOME/version``` and checks it at start-up. If the stored version differs from the actual version, it executes differences of SQL files between the stored version and the actual version. And ```GITBUCKET_HOME/version``` is updated by the actual version.
 We can also add any Scala code for upgrade GitBucket which modifies resources other than database. Override ```Version.update``` like below:
 ```scala
 val versions = Seq(
  new Version(1, 3){
    override def update(conn: Connection): Unit = {
      super.update(conn)
      // Add any code here!
    }
  },
  Version(1, 2),
  Version(1, 1),
  Version(1, 0)
 )
 ```
 Next, add a XML file which updates database schema into [/src/main/resources/update/](https://github.com/gitbucket/gitbucket/tree/master/src/main/resources/update) with a filenane defined in `GitBucketCoreModule`.
 ```xml
 <?xml version="1.0" encoding="UTF-8"?>
 <changeSet>
    <addColumn tableName="REPOSITORY">
        <column name="ENABLE_WIKI" type="boolean" nullable="false" defaultValueBoolean="true"/>
        <column name="ENABLE_ISSUES" type="boolean" nullable="false" defaultValueBoolean="true"/>
        <column name="EXTERNAL_WIKI_URL" type="varchar(200)" nullable="true"/>
        <column name="EXTERNAL_ISSUES_URL" type="varchar(200)" nullable="true"/>
    </addColumn>
 </changeSet>
 ```
 Solidbase stores the current version to `VERSIONS` table and checks it at start-up. If the stored version differs from the actual version, it executes differences between the stored version and the actual version.
 We can add the SQL file instead of the XML file using `SqlMigration`. It try to load a SQL file from classpath as following order:
 1. Specified path (if specified)
 2. `${moduleId}_${version}_${database}.sql`
 3. `${moduleId}_${version}.sql`
 Also we can add any code by extending `Migration`:
 ```scala
 object GitBucketCoreModule extends Module("gitbucket-core",
  new Version("4.0.0", new Migration(){
    override def migrate(moduleId: String, version: String, context: java.util.Map[String, String]): Unit = {
      ...
    }
  })
 )
 ```
 See more details [README of Solidbase](https://github.com/gitbucket/solidbase).
--- a/doc/release.md
+++ b/doc/release.md
@@ -11,22 +11,24 @@ Note to update version number in files below:
 ```scala
 val Organization = "gitbucket"
 val Name = "gitbucket"
-val GitBucketVersion = "3.12.0" // <---- update version!!
+val GitBucketVersion = "4.0.0" // <---- update version!!
 val ScalatraVersion = "2.4.0"
 val JettyVersion = "9.3.6.v20151106"
 ```
-### src/main/scala/gitbucket/core/servlet/AutoUpdate.scala
+### src/main/scala/gitbucket/core/GitBucketCoreModule.scala
 ```scala
-object AutoUpdate {
+object GitBucketCoreModule extends Module("gitbucket-core",
-
+  new Version("4.0.0",
-  /**
+    new LiquibaseMigration("update/gitbucket-core_4.0.xml"),
-   * The history of versions. A head of this sequence is the current GitBucket version.
+    new SqlMigration("update/gitbucket-core_4.0.sql")
-   */
+  ),
-  val versions = Seq(
+  // add new version definition
-    new Version(3, 12), // <---- add this line!!
+  new Version("4.1.0",
-    new Version(3, 11),
+    new LiquibaseMigration("update/gitbucket-core_4.1.xml")
  )
 )
 ```
 Generate release files
@@ -39,14 +41,15 @@ Note: Release operation requires [Ant](http://ant.apache.org/) and [Maven](https
 Run `sbt executable`. The release war file and fingerprint are generated into `target/executable/gitbucket.war`.
 ```bash
-$sbt executable
+$ sbt executable
 ```
 ### Deploy assembly jar file
-For plug-in development, we have to publish the assembly jar file to the public Maven repository by `release/deploy-assembly-jar.sh`.
+For plug-in development, we have to publish the GitBucket jar file to the Maven central repository as well. At first, hit following command to publish artifacts to the sonatype OSS repository:
 ```bash
-$ cd release/
+$ sbt publish-signed
 $ ./deploy-assembly-jar.sh
 ```
 Then operate release sequence at https://oss.sonatype.org/.
--- a/project/build.properties
+++ b/project/build.properties
@@ -1 +1 @@
-sbt.version=0.13.9
+sbt.version=0.13.12
--- a/project/plugins.sbt
+++ b/project/plugins.sbt
@@ -1,6 +1,8 @@
 scalacOptions ++= Seq("-unchecked", "-deprecation", "-feature")
-addSbtPlugin("com.typesafe.sbt" % "sbt-twirl"       % "1.0.4")
+addSbtPlugin("com.typesafe.sbt"     % "sbt-twirl"         % "1.0.4")
-addSbtPlugin("com.eed3si9n"     % "sbt-assembly"    % "0.12.0")
+addSbtPlugin("com.eed3si9n"         % "sbt-assembly"      % "0.12.0")
-addSbtPlugin("com.earldouglas"  % "xsbt-web-plugin" % "2.1.0")
+addSbtPlugin("com.earldouglas"      % "xsbt-web-plugin"   % "2.1.0")
 addSbtPlugin("fi.gekkio.sbtplugins" % "sbt-jrebel-plugin" % "0.10.0")
 addSbtPlugin("com.typesafe.sbt"     % "sbt-pgp"           % "0.8.3")
 addSbtPlugin("io.get-coursier"      % "sbt-coursier"      % "1.0.0-M15")
--- a/project/project/plugins.sbt
+++ b/project/project/plugins.sbt
@@ -0,0 +1 @@
 addSbtPlugin("io.get-coursier" % "sbt-coursier" % "1.0.0-M15")
--- a/release/deploy-assembly-jar.sh
+++ b/release/deploy-assembly-jar.sh
@@ -1,24 +0,0 @@
 #!/bin/sh
 . ./env.sh
 cd ../
 ./sbt.sh clean assembly
 cd release
 if [[ "$GITBUCKET_VERSION" =~ -SNAPSHOT$ ]]; then
  MVN_DEPLOY_PATH=mvn-snapshot
 else
  MVN_DEPLOY_PATH=mvn
 fi
 echo $MVN_DEPLOY_PATH
 mvn deploy:deploy-file \
  -DgroupId=gitbucket\
  -DartifactId=gitbucket-assembly\
  -Dversion=$GITBUCKET_VERSION\
  -Dpackaging=jar\
  -Dfile=../target/scala-2.11/gitbucket-assembly-$GITBUCKET_VERSION.jar\
  -DrepositoryId=sourceforge.jp\
  -Durl=scp://shell.sourceforge.jp/home/groups/a/am/amateras/htdocs/$MVN_DEPLOY_PATH/
--- a/release/env.sh
+++ b/release/env.sh
@@ -1,3 +0,0 @@
 #!/bin/sh
 export GITBUCKET_VERSION=`cat ../build.sbt | grep 'val GitBucketVersion' | cut -d \" -f 2`
 echo "GITBUCKET_VERSION: $GITBUCKET_VERSION"
--- a/release/pom.xml
+++ b/release/pom.xml
@@ -1,17 +0,0 @@
 <?xml version="1.0"?>
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <groupId>jp.sf.amateras</groupId>
    <artifactId>gitbucket-assembly</artifactId>
    <version>0.0.1</version>
    <build>
        <extensions>
            <extension>
                <groupId>org.apache.maven.wagon</groupId>
                <artifactId>wagon-ssh</artifactId>
                <version>1.0-beta-6</version>
            </extension>
        </extensions>
    </build>
 </project>
--- a/sbt-launch-0.13.12.jar
+++ b/sbt-launch-0.13.12.jar
--- a/sbt.bat
+++ b/sbt.bat
@@ -1,2 +1,2 @@
 set SCRIPT_DIR=%~dp0
-java %JAVA_OPTS% -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -XX:MaxPermSize=256m -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar "%SCRIPT_DIR%\sbt-launch-0.13.9.jar" %*
+java %JAVA_OPTS% -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar "%SCRIPT_DIR%\sbt-launch-0.13.12.jar" %*
--- a/sbt.sh
+++ b/sbt.sh
@@ -1,2 +1,2 @@
 #!/bin/sh
-java $JAVA_OPTS -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -XX:MaxPermSize=256m -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar `dirname $0`/sbt-launch-0.13.9.jar "$@"
+java $JAVA_OPTS -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar `dirname $0`/sbt-launch-0.13.12.jar "$@"
--- a/src/main/java/JettyLauncher.java
+++ b/src/main/java/JettyLauncher.java
@@ -3,13 +3,16 @@ import org.eclipse.jetty.webapp.WebAppContext;
 import java.io.File;
 import java.net.URL;
 import java.net.InetSocketAddress;
 import java.security.ProtectionDomain;
 public class JettyLauncher {
    public static void main(String[] args) throws Exception {
        String host = null;
        int port = 8080;
        InetSocketAddress address = null;
        String contextPath = "/";
        String tmpDirPath="";
        boolean forceHttps = false;
        for(String arg: args) {
@@ -22,14 +25,25 @@ public class JettyLauncher {
                        port = Integer.parseInt(dim[1]);
                    } else if(dim[0].equals("--prefix")) {
                        contextPath = dim[1];
                        if(!contextPath.startsWith("/")){
                            contextPath = "/" + contextPath;
                        }
                    } else if(dim[0].equals("--gitbucket.home")){
                        System.setProperty("gitbucket.home", dim[1]);
                    } else if(dim[0].equals("--temp_dir")){
                        tmpDirPath = dim[1];
                    }
                }
            }
        }
-        Server server = new Server(port);
+        if(host != null) {
            address = new InetSocketAddress(host, port);
        } else {
            address = new InetSocketAddress(port);
        }
        Server server = new Server(address);
 //        SelectChannelConnector connector = new SelectChannelConnector();
 //        if(host != null) {
@@ -42,11 +56,22 @@ public class JettyLauncher {
        WebAppContext context = new WebAppContext();
-        File tmpDir = new File(getGitBucketHome(), "tmp");
+        File tmpDir;
-        if(tmpDir.exists()){
+        if(tmpDirPath.equals("")){
-            deleteDirectory(tmpDir);
+            tmpDir = new File(getGitBucketHome(), "tmp");
            if(!tmpDir.exists()){
                tmpDir.mkdirs();
            }
        } else {
            tmpDir = new File(tmpDirPath);
            if(!tmpDir.exists()){
                throw new java.io.FileNotFoundException(
                    String.format("temp_dir \"%s\" not found", tmpDirPath));
            } else if(!tmpDir.isDirectory()) {
                throw new IllegalArgumentException(
                    String.format("temp_dir \"%s\" is not a directory", tmpDirPath));
            }
        }
        tmpDir.mkdirs();
        context.setTempDirectory(tmpDir);
        ProtectionDomain domain = JettyLauncher.class.getProtectionDomain();
@@ -61,6 +86,8 @@ public class JettyLauncher {
        }
        server.setHandler(context);
        server.setStopAtShutdown(true);
        server.setStopTimeout(7_000);
        server.start();
        server.join();
    }
--- a/src/main/java/org/postgresql/Driver2.java
+++ b/src/main/java/org/postgresql/Driver2.java
@@ -0,0 +1,52 @@
 package org.postgresql;
 import java.lang.reflect.InvocationHandler;
 import java.lang.reflect.Method;
 import java.lang.reflect.Proxy;
 import java.sql.Connection;
 import java.sql.SQLException;
 import java.util.Properties;
 /**
 * Wraps the PostgreSQL JDBC driver to convert the returning column names to lower case.
 */
 public class Driver2 extends Driver {
    @Override
    public java.sql.Connection connect(String url, Properties info) throws SQLException {
        Connection conn =  super.connect(url, info);
        Object proxy = Proxy.newProxyInstance(
                conn.getClass().getClassLoader(),
                new Class[]{ Connection.class },
                new ConnectionProxyHandler(conn)
        );
        return Connection.class.cast(proxy);
    }
    private static class ConnectionProxyHandler implements InvocationHandler {
        private Connection conn;
        public ConnectionProxyHandler(Connection conn){
            this.conn = conn;
        }
        @Override
        public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
            if(method.getName().equals("prepareStatement")){
                if(args != null && args.length == 2 && args[1].getClass().isArray()){
                    String[] keys = (String[]) args[1];
                    for(int i = 0; i < keys.length; i++){
                        keys[i] = keys[i].toLowerCase();
                    }
                }
            }
            return method.invoke(conn, args);
        }
    }
 }
--- a/src/main/resources/database.conf
+++ b/src/main/resources/database.conf
@@ -1,6 +0,0 @@
 db {
  driver = "org.h2.Driver"
  url = "jdbc:h2:${DatabaseHome};MVCC=true"
  user = "sa"
  password = "sa"
 }
--- a/src/main/resources/logback-dev.xml
+++ b/src/main/resources/logback-dev.xml
@@ -20,7 +20,7 @@
  <!--
  <logger name="service.WebHookService" level="DEBUG" />
  <logger name="servlet" level="DEBUG" />
  -->
  <logger name="scala.slick.jdbc.JdbcBackend.statement" level="DEBUG" />
  -->
 </configuration>
--- a/src/main/resources/reference.conf
+++ b/src/main/resources/reference.conf
@@ -1,5 +0,0 @@
 c3p0 {
  privilegeSpawnedThreads=true
  contextClassLoaderSource=library
 }
--- a/src/main/resources/update/1_0.sql
+++ b/src/main/resources/update/1_0.sql
@@ -1,135 +0,0 @@
 CREATE TABLE ACCOUNT(
 		USER_NAME VARCHAR(100) NOT NULL,
 		MAIL_ADDRESS VARCHAR(100) NOT NULL,
 		PASSWORD VARCHAR(40) NOT NULL,
 		ADMINISTRATOR BOOLEAN NOT NULL,
 		URL VARCHAR(200),
 		REGISTERED_DATE TIMESTAMP NOT NULL,
 		UPDATED_DATE TIMESTAMP NOT NULL,
 		LAST_LOGIN_DATE TIMESTAMP
 );
 CREATE TABLE REPOSITORY(
 		USER_NAME VARCHAR(100) NOT NULL,
 		REPOSITORY_NAME VARCHAR(100) NOT NULL,
 		PRIVATE BOOLEAN NOT NULL,
 		DESCRIPTION TEXT,
 		DEFAULT_BRANCH VARCHAR(100),
 		REGISTERED_DATE TIMESTAMP NOT NULL,
 		UPDATED_DATE TIMESTAMP NOT NULL,
 		LAST_ACTIVITY_DATE TIMESTAMP NOT NULL
 );
 CREATE TABLE COLLABORATOR(
 		USER_NAME VARCHAR(100) NOT NULL,
 		REPOSITORY_NAME VARCHAR(100) NOT NULL,
 		COLLABORATOR_NAME VARCHAR(100) NOT NULL
 );
 CREATE TABLE ISSUE(
 		USER_NAME VARCHAR(100) NOT NULL,
 		REPOSITORY_NAME VARCHAR(100) NOT NULL,
 		ISSUE_ID INT NOT NULL,
 		OPENED_USER_NAME VARCHAR(100) NOT NULL,
 		MILESTONE_ID INT,
 		ASSIGNED_USER_NAME VARCHAR(100),
 		TITLE TEXT NOT NULL,
 		CONTENT TEXT,
 		CLOSED BOOLEAN NOT NULL,
 		REGISTERED_DATE TIMESTAMP NOT NULL,
 		UPDATED_DATE TIMESTAMP NOT NULL
 );
 CREATE TABLE ISSUE_ID(
 		USER_NAME VARCHAR(100) NOT NULL,
 		REPOSITORY_NAME VARCHAR(100) NOT NULL,
 		ISSUE_ID INT NOT NULL
 );
 CREATE TABLE ISSUE_COMMENT(
 		USER_NAME VARCHAR(100) NOT NULL,
 		REPOSITORY_NAME VARCHAR(100) NOT NULL,
 		ISSUE_ID INT NOT NULL,
 		COMMENT_ID INT AUTO_INCREMENT,
 		ACTION VARCHAR(10),
 		COMMENTED_USER_NAME VARCHAR(100) NOT NULL,
 		CONTENT TEXT NOT NULL,
 		REGISTERED_DATE TIMESTAMP NOT NULL,
 		UPDATED_DATE TIMESTAMP NOT NULL
 );
 CREATE TABLE LABEL(
 		USER_NAME VARCHAR(100) NOT NULL,
 		REPOSITORY_NAME VARCHAR(100) NOT NULL,
 		LABEL_ID INT AUTO_INCREMENT,
 		LABEL_NAME VARCHAR(100) NOT NULL,
 		COLOR CHAR(6) NOT NULL
 );
 CREATE TABLE ISSUE_LABEL(
 		USER_NAME VARCHAR(100) NOT NULL,
 		REPOSITORY_NAME VARCHAR(100) NOT NULL,
 		ISSUE_ID INT NOT NULL,
 		LABEL_ID INT NOT NULL
 );
 CREATE TABLE MILESTONE(
 		USER_NAME VARCHAR(100) NOT NULL,
 		REPOSITORY_NAME VARCHAR(100) NOT NULL,
 		MILESTONE_ID INT AUTO_INCREMENT,
 		TITLE VARCHAR(100) NOT NULL,
 		DESCRIPTION TEXT,
 		DUE_DATE TIMESTAMP,
 		CLOSED_DATE TIMESTAMP
 );
 ALTER TABLE ACCOUNT ADD CONSTRAINT IDX_ACCOUNT_PK PRIMARY KEY (USER_NAME);
 ALTER TABLE ACCOUNT ADD CONSTRAINT IDX_ACCOUNT_1 UNIQUE (MAIL_ADDRESS);
 ALTER TABLE REPOSITORY ADD CONSTRAINT IDX_REPOSITORY_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME);
 ALTER TABLE REPOSITORY ADD CONSTRAINT IDX_REPOSITORY_FK0 FOREIGN KEY (USER_NAME) REFERENCES ACCOUNT (USER_NAME);
 ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME);
 ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
 ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_FK1 FOREIGN KEY (COLLABORATOR_NAME) REFERENCES ACCOUNT (USER_NAME);
 ALTER TABLE ISSUE ADD CONSTRAINT IDX_ISSUE_PK PRIMARY KEY (ISSUE_ID, USER_NAME, REPOSITORY_NAME);
 ALTER TABLE ISSUE ADD CONSTRAINT IDX_ISSUE_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
 ALTER TABLE ISSUE ADD CONSTRAINT IDX_ISSUE_FK1 FOREIGN KEY (OPENED_USER_NAME) REFERENCES ACCOUNT (USER_NAME);
 ALTER TABLE ISSUE ADD CONSTRAINT IDX_ISSUE_FK2 FOREIGN KEY (MILESTONE_ID) REFERENCES MILESTONE (MILESTONE_ID);
 ALTER TABLE ISSUE_ID ADD CONSTRAINT IDX_ISSUE_ID_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME);
 ALTER TABLE ISSUE_ID ADD CONSTRAINT IDX_ISSUE_ID_FK1 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
 ALTER TABLE ISSUE_COMMENT ADD CONSTRAINT IDX_ISSUE_COMMENT_PK PRIMARY KEY (COMMENT_ID);
 ALTER TABLE ISSUE_COMMENT ADD CONSTRAINT IDX_ISSUE_COMMENT_1 UNIQUE (USER_NAME, REPOSITORY_NAME, ISSUE_ID, COMMENT_ID);
 ALTER TABLE ISSUE_COMMENT ADD CONSTRAINT IDX_ISSUE_COMMENT_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME, ISSUE_ID) REFERENCES ISSUE (USER_NAME, REPOSITORY_NAME, ISSUE_ID);
 ALTER TABLE LABEL ADD CONSTRAINT IDX_LABEL_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, LABEL_ID);
 ALTER TABLE LABEL ADD CONSTRAINT IDX_LABEL_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
 ALTER TABLE ISSUE_LABEL ADD CONSTRAINT IDX_ISSUE_LABEL_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, ISSUE_ID, LABEL_ID);
 ALTER TABLE ISSUE_LABEL ADD CONSTRAINT IDX_ISSUE_LABEL_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME, ISSUE_ID) REFERENCES ISSUE (USER_NAME, REPOSITORY_NAME, ISSUE_ID);
 ALTER TABLE MILESTONE ADD CONSTRAINT IDX_MILESTONE_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, MILESTONE_ID);
 ALTER TABLE MILESTONE ADD CONSTRAINT IDX_MILESTONE_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
 INSERT INTO ACCOUNT (
  USER_NAME,
  MAIL_ADDRESS,
  PASSWORD,
  ADMINISTRATOR,
  URL,
  REGISTERED_DATE,
  UPDATED_DATE,
  LAST_LOGIN_DATE
 ) VALUES (
  'root',
  'root@localhost',
  'dc76e9f0c0006e8f919e0c515c66dbba3982f785',
  true,
  'https://github.com/gitbucket/gitbucket',
  SYSDATE,
  SYSDATE,
  NULL
 );
--- a/src/main/resources/update/1_1.sql
+++ b/src/main/resources/update/1_1.sql
@@ -1,8 +0,0 @@
 -- Fix COLLABORATOR constraints
 ALTER TABLE COLLABORATOR DROP CONSTRAINT IDX_COLLABORATOR_FK1 IF EXISTS;
 ALTER TABLE COLLABORATOR DROP CONSTRAINT IDX_COLLABORATOR_FK0 IF EXISTS;
 ALTER TABLE COLLABORATOR DROP CONSTRAINT IDX_COLLABORATOR_PK IF EXISTS;
 ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, COLLABORATOR_NAME);
 ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
 ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_FK1 FOREIGN KEY (COLLABORATOR_NAME) REFERENCES ACCOUNT (USER_NAME);
--- a/src/main/resources/update/1_12.sql
+++ b/src/main/resources/update/1_12.sql
@@ -1,11 +0,0 @@
 ALTER TABLE GROUP_MEMBER ADD COLUMN MANAGER BOOLEAN DEFAULT FALSE;
 CREATE TABLE SSH_KEY (
  USER_NAME VARCHAR(100) NOT NULL,
  SSH_KEY_ID INT AUTO_INCREMENT,
  TITLE VARCHAR(100) NOT NULL,
  PUBLIC_KEY TEXT NOT NULL
 );
 ALTER TABLE SSH_KEY ADD CONSTRAINT IDX_SSH_KEY_PK PRIMARY KEY (USER_NAME, SSH_KEY_ID);
 ALTER TABLE SSH_KEY ADD CONSTRAINT IDX_SSH_KEY_FK0 FOREIGN KEY (USER_NAME) REFERENCES ACCOUNT (USER_NAME);
--- a/src/main/resources/update/1_13.sql
+++ b/src/main/resources/update/1_13.sql
@@ -1 +0,0 @@
 DROP TABLE COMMIT_LOG;
--- a/src/main/resources/update/1_2.sql
+++ b/src/main/resources/update/1_2.sql
@@ -1,24 +0,0 @@
 CREATE TABLE ACTIVITY(
 		ACTIVITY_ID INT AUTO_INCREMENT,
 		USER_NAME VARCHAR(100) NOT NULL,
 		REPOSITORY_NAME VARCHAR(100) NOT NULL,
 		ACTIVITY_USER_NAME VARCHAR(100) NOT NULL,
 		ACTIVITY_TYPE VARCHAR(100) NOT NULL,
 		MESSAGE TEXT NOT NULL,
 		ADDITIONAL_INFO TEXT,
 		ACTIVITY_DATE TIMESTAMP NOT NULL
 );
 CREATE TABLE COMMIT_LOG (
 		USER_NAME VARCHAR(100) NOT NULL,
 		REPOSITORY_NAME VARCHAR(100) NOT NULL,
 		COMMIT_ID VARCHAR(40) NOT NULL
 );
 ALTER TABLE ACTIVITY ADD CONSTRAINT IDX_ACTIVITY_PK PRIMARY KEY (ACTIVITY_ID);
 ALTER TABLE ACTIVITY ADD CONSTRAINT IDX_ACTIVITY_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
 ALTER TABLE ACTIVITY ADD CONSTRAINT IDX_ACTIVITY_FK1 FOREIGN KEY (ACTIVITY_USER_NAME) REFERENCES ACCOUNT (USER_NAME);
 ALTER TABLE COMMIT_LOG ADD CONSTRAINT IDX_COMMIT_LOG_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, COMMIT_ID);
 ALTER TABLE COMMIT_LOG ADD CONSTRAINT IDX_COMMIT_LOG_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
--- a/src/main/resources/update/1_3.sql
+++ b/src/main/resources/update/1_3.sql
@@ -1,8 +0,0 @@
 ALTER TABLE ACCOUNT ADD COLUMN IMAGE VARCHAR(100);
 UPDATE ISSUE_COMMENT SET ACTION = 'comment' WHERE ACTION IS NULL;
 ALTER TABLE ISSUE_COMMENT ALTER COLUMN ACTION VARCHAR(20) NOT NULL;
 UPDATE ISSUE_COMMENT SET ACTION = 'close_comment'  WHERE ACTION = 'close';
 UPDATE ISSUE_COMMENT SET ACTION = 'reopen_comment' WHERE ACTION = 'reopen';
--- a/src/main/resources/update/1_4.sql
+++ b/src/main/resources/update/1_4.sql
@@ -1,24 +0,0 @@
 CREATE TABLE GROUP_MEMBER(
  GROUP_NAME VARCHAR(100) NOT NULL,
  USER_NAME  VARCHAR(100) NOT NULL
 );
 ALTER TABLE GROUP_MEMBER ADD CONSTRAINT IDX_GROUP_MEMBER_PK PRIMARY KEY (GROUP_NAME, USER_NAME);
 ALTER TABLE GROUP_MEMBER ADD CONSTRAINT IDX_GROUP_MEMBER_FK0 FOREIGN KEY (GROUP_NAME) REFERENCES ACCOUNT (USER_NAME);
 ALTER TABLE GROUP_MEMBER ADD CONSTRAINT IDX_GROUP_MEMBER_FK1 FOREIGN KEY (USER_NAME) REFERENCES ACCOUNT (USER_NAME);
 ALTER TABLE ACCOUNT ADD COLUMN GROUP_ACCOUNT BOOLEAN NOT NULL DEFAULT FALSE;
 CREATE OR REPLACE VIEW ISSUE_OUTLINE_VIEW AS
 SELECT
   A.USER_NAME,
   A.REPOSITORY_NAME,
   A.ISSUE_ID,
   NVL(B.COMMENT_COUNT, 0) AS COMMENT_COUNT
 FROM ISSUE A
 LEFT OUTER JOIN (
   SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM ISSUE_COMMENT
   WHERE ACTION IN ('comment', 'close_comment', 'reopen_comment')
   GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
 ) B
 ON (A.USER_NAME = B.USER_NAME AND A.REPOSITORY_NAME = B.REPOSITORY_NAME AND A.ISSUE_ID = B.ISSUE_ID);
--- a/src/main/resources/update/1_5.sql
+++ b/src/main/resources/update/1_5.sql
@@ -1,21 +0,0 @@
 ALTER TABLE REPOSITORY ADD COLUMN ORIGIN_USER_NAME VARCHAR(100);
 ALTER TABLE REPOSITORY ADD COLUMN ORIGIN_REPOSITORY_NAME VARCHAR(100);
 ALTER TABLE REPOSITORY ADD COLUMN PARENT_USER_NAME VARCHAR(100);
 ALTER TABLE REPOSITORY ADD COLUMN PARENT_REPOSITORY_NAME VARCHAR(100);
 CREATE TABLE PULL_REQUEST(
 		USER_NAME VARCHAR(100) NOT NULL,
 		REPOSITORY_NAME VARCHAR(100) NOT NULL,
 		ISSUE_ID INT NOT NULL,
 		BRANCH VARCHAR(100) NOT NULL,
 		REQUEST_USER_NAME VARCHAR(100) NOT NULL,
 		REQUEST_REPOSITORY_NAME VARCHAR(100) NOT NULL,
 		REQUEST_BRANCH VARCHAR(100) NOT NULL,
 		COMMIT_ID_FROM VARCHAR(40) NOT NULL,
 		COMMIT_ID_TO VARCHAR(40) NOT NULL
 );
 ALTER TABLE PULL_REQUEST ADD CONSTRAINT IDX_PULL_REQUEST_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, ISSUE_ID);
 ALTER TABLE PULL_REQUEST ADD CONSTRAINT IDX_PULL_REQUEST_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME, ISSUE_ID) REFERENCES ISSUE (USER_NAME, REPOSITORY_NAME, ISSUE_ID);
 ALTER TABLE ISSUE ADD COLUMN PULL_REQUEST BOOLEAN NOT NULL DEFAULT FALSE;
--- a/src/main/resources/update/1_6.sql
+++ b/src/main/resources/update/1_6.sql
@@ -1,8 +0,0 @@
 CREATE TABLE WEB_HOOK (
 		USER_NAME VARCHAR(100) NOT NULL,
 		REPOSITORY_NAME VARCHAR(100) NOT NULL,
 		URL VARCHAR(200) NOT NULL
 );
 ALTER TABLE WEB_HOOK ADD CONSTRAINT IDX_WEB_HOOK_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, URL);
 ALTER TABLE WEB_HOOK ADD CONSTRAINT IDX_WEB_HOOK_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
--- a/src/main/resources/update/1_7.sql
+++ b/src/main/resources/update/1_7.sql
@@ -1,5 +0,0 @@
 ALTER TABLE ACCOUNT ADD COLUMN FULL_NAME VARCHAR(100);
 UPDATE ACCOUNT SET FULL_NAME = USER_NAME WHERE FULL_NAME IS NULL;
 ALTER TABLE ACCOUNT ALTER COLUMN FULL_NAME SET NOT NULL;
--- a/src/main/resources/update/1_8.sql
+++ b/src/main/resources/update/1_8.sql
@@ -1 +0,0 @@
 ALTER TABLE ACCOUNT ADD COLUMN REMOVED BOOLEAN DEFAULT FALSE;
--- a/src/main/resources/update/2_3.sql
+++ b/src/main/resources/update/2_3.sql
@@ -1,6 +0,0 @@
 CREATE TABLE PLUGIN (
  PLUGIN_ID VARCHAR(100) NOT NULL,
  VERSION   VARCHAR(100) NOT NULL
 );
 ALTER TABLE PLUGIN ADD CONSTRAINT IDX_PLUGIN_PK PRIMARY KEY (PLUGIN_ID);
--- a/src/main/resources/update/2_7.sql
+++ b/src/main/resources/update/2_7.sql
@@ -1,18 +0,0 @@
 CREATE TABLE COMMIT_COMMENT (
    USER_NAME VARCHAR(100) NOT NULL,
    REPOSITORY_NAME VARCHAR(100) NOT NULL,
    COMMIT_ID VARCHAR(100) NOT NULL,
    COMMENT_ID INT AUTO_INCREMENT,
    COMMENTED_USER_NAME VARCHAR(100) NOT NULL,
    CONTENT TEXT NOT NULL,
    FILE_NAME NVARCHAR(100),
    OLD_LINE_NUMBER INT,
    NEW_LINE_NUMBER INT,
    REGISTERED_DATE TIMESTAMP NOT NULL,
    UPDATED_DATE TIMESTAMP NOT NULL,
    PULL_REQUEST BOOLEAN NOT NULL
 );
 ALTER TABLE COMMIT_COMMENT ADD CONSTRAINT IDX_COMMIT_COMMENT_PK PRIMARY KEY (COMMENT_ID);
 ALTER TABLE COMMIT_COMMENT ADD CONSTRAINT IDX_COMMIT_COMMENT_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
 ALTER TABLE COMMIT_COMMENT ADD CONSTRAINT IDX_COMMIT_COMMENT_1 UNIQUE (USER_NAME, REPOSITORY_NAME, COMMIT_ID, COMMENT_ID);
--- a/src/main/resources/update/2_8.sql
+++ b/src/main/resources/update/2_8.sql
@@ -1 +0,0 @@
 ALTER TABLE COMMIT_COMMENT ALTER COLUMN FILE_NAME NVARCHAR(260);
--- a/src/main/resources/update/3_1.sql
+++ b/src/main/resources/update/3_1.sql
@@ -1,42 +0,0 @@
 DROP TABLE IF EXISTS ACCESS_TOKEN;
 CREATE TABLE ACCESS_TOKEN (
   ACCESS_TOKEN_ID INT NOT NULL AUTO_INCREMENT,
   TOKEN_HASH VARCHAR(40) NOT NULL,
   USER_NAME VARCHAR(100) NOT NULL,
   NOTE TEXT NOT NULL
 );
 ALTER TABLE ACCESS_TOKEN ADD CONSTRAINT IDX_ACCESS_TOKEN_PK PRIMARY KEY (ACCESS_TOKEN_ID);
 ALTER TABLE ACCESS_TOKEN ADD CONSTRAINT IDX_ACCESS_TOKEN_FK0 FOREIGN KEY (USER_NAME) REFERENCES ACCOUNT (USER_NAME)
  ON DELETE CASCADE ON UPDATE CASCADE;
 ALTER TABLE ACCESS_TOKEN ADD CONSTRAINT IDX_ACCESS_TOKEN_TOKEN_HASH UNIQUE(TOKEN_HASH);
 DROP TABLE IF EXISTS COMMIT_STATUS;
 CREATE TABLE COMMIT_STATUS(
  COMMIT_STATUS_ID INT AUTO_INCREMENT,
  USER_NAME VARCHAR(100) NOT NULL,
  REPOSITORY_NAME VARCHAR(100) NOT NULL,
  COMMIT_ID VARCHAR(40) NOT NULL,
  CONTEXT VARCHAR(255) NOT NULL, -- context is too long (maximum is 255 characters)
  STATE VARCHAR(10) NOT NULL, -- pending, success, error, or failure
  TARGET_URL VARCHAR(200),
  DESCRIPTION TEXT,
  CREATOR VARCHAR(100) NOT NULL,
  REGISTERED_DATE TIMESTAMP NOT NULL, -- CREATED_AT
  UPDATED_DATE TIMESTAMP NOT NULL -- UPDATED_AT
 );
 ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_PK PRIMARY KEY (COMMIT_STATUS_ID);
 ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_1
  UNIQUE (USER_NAME, REPOSITORY_NAME, COMMIT_ID, CONTEXT);
 ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_FK1
  FOREIGN KEY (USER_NAME, REPOSITORY_NAME)
  REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME)
  ON DELETE CASCADE ON UPDATE CASCADE;
 ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_FK2
  FOREIGN KEY (USER_NAME) REFERENCES ACCOUNT (USER_NAME)
  ON DELETE CASCADE ON UPDATE CASCADE;
 ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_FK3
  FOREIGN KEY (CREATOR) REFERENCES ACCOUNT (USER_NAME)
  ON DELETE CASCADE ON UPDATE CASCADE;
--- a/src/main/resources/update/3_11.sql
+++ b/src/main/resources/update/3_11.sql
@@ -1,25 +0,0 @@
 DROP TABLE IF EXISTS PROTECTED_BRANCH;
 CREATE TABLE PROTECTED_BRANCH(
    USER_NAME VARCHAR(100) NOT NULL,
    REPOSITORY_NAME VARCHAR(100) NOT NULL,
    BRANCH VARCHAR(100) NOT NULL,
    STATUS_CHECK_ADMIN BOOLEAN NOT NULL DEFAULT false
 );
 ALTER TABLE PROTECTED_BRANCH ADD CONSTRAINT IDX_PROTECTED_BRANCH_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, BRANCH);
 ALTER TABLE PROTECTED_BRANCH ADD CONSTRAINT IDX_PROTECTED_BRANCH_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME)
  ON DELETE CASCADE ON UPDATE CASCADE;
 DROP TABLE IF EXISTS PROTECTED_BRANCH_REQUIRE_CONTEXT;
 CREATE TABLE PROTECTED_BRANCH_REQUIRE_CONTEXT(
    USER_NAME VARCHAR(100) NOT NULL,
    REPOSITORY_NAME VARCHAR(100) NOT NULL,
    BRANCH VARCHAR(100) NOT NULL,
    CONTEXT VARCHAR(255) NOT NULL
 );
 ALTER TABLE PROTECTED_BRANCH_REQUIRE_CONTEXT ADD CONSTRAINT IDX_PROTECTED_BRANCH_REQUIRE_CONTEXT_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, BRANCH, CONTEXT);
 ALTER TABLE PROTECTED_BRANCH_REQUIRE_CONTEXT ADD CONSTRAINT IDX_PROTECTED_BRANCH_REQUIRE_CONTEXT_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME, BRANCH) REFERENCES PROTECTED_BRANCH (USER_NAME, REPOSITORY_NAME, BRANCH)
  ON DELETE CASCADE ON UPDATE CASCADE;
--- a/src/main/resources/update/3_13.sql
+++ b/src/main/resources/update/3_13.sql
@@ -1 +0,0 @@
 ALTER TABLE WEB_HOOK ADD COLUMN TOKEN VARCHAR(100);
--- a/src/main/resources/update/3_9.sql
+++ b/src/main/resources/update/3_9.sql
@@ -1,55 +0,0 @@
 DROP TABLE IF EXISTS WEB_HOOK_EVENT;
 CREATE TABLE WEB_HOOK_EVENT(
    USER_NAME VARCHAR(100) NOT NULL,
    REPOSITORY_NAME VARCHAR(100) NOT NULL,
    URL VARCHAR(200) NOT NULL,
    EVENT VARCHAR(30) NOT NULL
 );
 ALTER TABLE WEB_HOOK_EVENT ADD CONSTRAINT IDX_WEB_HOOK_EVENT_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, URL, EVENT);
 ALTER TABLE WEB_HOOK_EVENT ADD CONSTRAINT IDX_WEB_HOOK_EVENT_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME, URL) REFERENCES WEB_HOOK (USER_NAME, REPOSITORY_NAME, URL)
  ON DELETE CASCADE ON UPDATE CASCADE;
 CREATE TEMPORARY TABLE TMP_EVENTS (EVENT VARCHAR(30));
 INSERT INTO TMP_EVENTS VALUES ('push'),('issue_comment'),('issues'),('pull_request');
 INSERT INTO WEB_HOOK_EVENT (USER_NAME, REPOSITORY_NAME, URL, EVENT)
  SELECT USER_NAME, REPOSITORY_NAME, URL, EVENT
    FROM WEB_HOOK, TMP_EVENTS;
 DROP TABLE TMP_EVENTS;
 ALTER TABLE COMMIT_COMMENT ADD COLUMN ISSUE_ID INT;
 CREATE OR REPLACE VIEW ISSUE_OUTLINE_VIEW AS
 SELECT
   A.USER_NAME,
   A.REPOSITORY_NAME,
   A.ISSUE_ID,
   NVL(B.COMMENT_COUNT, 0) + NVL(C.COMMENT_COUNT, 0) AS COMMENT_COUNT
 FROM ISSUE A
 LEFT OUTER JOIN (
   SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM ISSUE_COMMENT
   WHERE ACTION IN ('comment', 'close_comment', 'reopen_comment')
   GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
 ) B
 ON (A.USER_NAME = B.USER_NAME AND A.REPOSITORY_NAME = B.REPOSITORY_NAME AND A.ISSUE_ID = B.ISSUE_ID)
 LEFT OUTER JOIN (
   SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM COMMIT_COMMENT
   GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
 ) C
 ON (A.USER_NAME = C.USER_NAME AND A.REPOSITORY_NAME = C.REPOSITORY_NAME AND A.ISSUE_ID = C.ISSUE_ID);
 UPDATE COMMIT_COMMENT C SET (ISSUE_ID) = (
  SELECT MAX(P.ISSUE_ID)
  FROM PULL_REQUEST P
  WHERE
    C.USER_NAME       = P.USER_NAME AND
    C.REPOSITORY_NAME = P.REPOSITORY_NAME AND
    C.COMMIT_ID       = P.COMMIT_ID_TO
 );
 ALTER TABLE COMMIT_COMMENT DROP COLUMN PULL_REQUEST;
--- a/src/main/resources/update/gitbucket-core_4.0.sql
+++ b/src/main/resources/update/gitbucket-core_4.0.sql
@@ -0,0 +1,18 @@
 CREATE OR REPLACE VIEW ISSUE_OUTLINE_VIEW AS
 SELECT
   A.USER_NAME,
   A.REPOSITORY_NAME,
   A.ISSUE_ID,
   COALESCE(B.COMMENT_COUNT, 0) + COALESCE(C.COMMENT_COUNT, 0) AS COMMENT_COUNT
 FROM ISSUE A
 LEFT OUTER JOIN (
   SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM ISSUE_COMMENT
   WHERE ACTION IN ('comment', 'close_comment', 'reopen_comment')
   GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
 ) B
 ON (A.USER_NAME = B.USER_NAME AND A.REPOSITORY_NAME = B.REPOSITORY_NAME AND A.ISSUE_ID = B.ISSUE_ID)
 LEFT OUTER JOIN (
   SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM COMMIT_COMMENT
   GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
 ) C
 ON (A.USER_NAME = C.USER_NAME AND A.REPOSITORY_NAME = C.REPOSITORY_NAME AND A.ISSUE_ID = C.ISSUE_ID);
--- a/src/main/resources/update/gitbucket-core_4.0.xml
+++ b/src/main/resources/update/gitbucket-core_4.0.xml
@@ -0,0 +1,351 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <changeSet>
  <!--================================================================================================-->
  <!-- ACCOUNT -->
  <!--================================================================================================-->
  <createTable tableName="ACCOUNT">
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="MAIL_ADDRESS" type="varchar(100)" nullable="false"/>
    <column name="PASSWORD" type="varchar(40)" nullable="false"/>
    <column name="ADMINISTRATOR" type="boolean" nullable="false"/>
    <column name="URL" type="varchar(200)" nullable="true"/>
    <column name="REGISTERED_DATE" type="datetime" nullable="false"/>
    <column name="UPDATED_DATE" type="datetime" nullable="false"/>
    <column name="LAST_LOGIN_DATE" type="datetime" nullable="true"/>
    <column name="IMAGE" type="varchar(100)" nullable="true"/>
    <column name="GROUP_ACCOUNT" type="boolean" nullable="false"/>
    <column name="FULL_NAME" type="varchar(100)" nullable="false"/>
    <column name="REMOVED" type="boolean" nullable="true"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_ACCOUNT_PK" tableName="ACCOUNT" columnNames="USER_NAME"/>
  <addUniqueConstraint constraintName="IDX_ACCOUNT_1" tableName="ACCOUNT" columnNames="MAIL_ADDRESS"/>
  <insert tableName="ACCOUNT">
    <column name="USER_NAME" value="root"/>
    <column name="FULL_NAME" value="root"/>
    <column name="MAIL_ADDRESS" value="root@localhost"/>
    <column name="PASSWORD" value="dc76e9f0c0006e8f919e0c515c66dbba3982f785"/>
    <column name="ADMINISTRATOR" valueBoolean="true"/>
    <column name="URL" value="https://github.com/gitbucket/gitbucket"/>
    <column name="GROUP_ACCOUNT" valueBoolean="false"/>
    <column name="REMOVED" valueBoolean="false"/>
    <column name="REGISTERED_DATE" valueDate="${currentDateTime}"/>
    <column name="UPDATED_DATE" valueDate="${currentDateTime}"/>
  </insert>
  <!--================================================================================================-->
  <!-- REPOSITORY -->
  <!--================================================================================================-->
  <createTable tableName="REPOSITORY">
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
    <column name="PRIVATE" type="boolean" nullable="false"/>
    <column name="DESCRIPTION" type="text" nullable="true"/>
    <column name="DEFAULT_BRANCH" type="varchar(100)" nullable="true"/>
    <column name="REGISTERED_DATE" type="datetime" nullable="false"/>
    <column name="UPDATED_DATE" type="datetime" nullable="false"/>
    <column name="LAST_ACTIVITY_DATE" type="datetime" nullable="false"/>
    <column name="ORIGIN_USER_NAME" type="varchar(100)" nullable="true"/>
    <column name="ORIGIN_REPOSITORY_NAME" type="varchar(100)" nullable="true"/>
    <column name="PARENT_USER_NAME" type="varchar(100)" nullable="true"/>
    <column name="PARENT_REPOSITORY_NAME" type="varchar(100)" nullable="true"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_REPOSITORY_PK" tableName="REPOSITORY" columnNames="USER_NAME, REPOSITORY_NAME"/>
  <addForeignKeyConstraint constraintName="IDX_REPOSITORY_FK0" baseTableName="REPOSITORY" baseColumnNames="USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
  <!--================================================================================================-->
  <!-- ACCESS_TOKEN -->
  <!--================================================================================================-->
  <createTable tableName="ACCESS_TOKEN">
    <column name="ACCESS_TOKEN_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
    <column name="TOKEN_HASH" type="varchar(40)" nullable="false"/>
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="NOTE" type="text" nullable="false"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_ACCESS_TOKEN_PK" tableName="ACCESS_TOKEN" columnNames="ACCESS_TOKEN_ID"/>
  <addUniqueConstraint constraintName="IDX_ACCESS_TOKEN_TOKEN_HASH" tableName="ACCESS_TOKEN" columnNames="TOKEN_HASH"/>
  <addForeignKeyConstraint constraintName="IDX_ACCESS_TOKEN_FK0" baseTableName="ACCESS_TOKEN" baseColumnNames="USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME" onDelete="CASCADE" onUpdate="CASCADE"/>
  <!--================================================================================================-->
  <!-- ACTIVITY -->
  <!--================================================================================================-->
  <createTable tableName="ACTIVITY">
    <column name="ACTIVITY_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
    <column name="ACTIVITY_USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="ACTIVITY_TYPE" type="varchar(100)" nullable="false"/>
    <column name="MESSAGE" type="text" nullable="false"/>
    <column name="ADDITIONAL_INFO" type="text" nullable="true"/>
    <column name="ACTIVITY_DATE" type="datetime" nullable="false"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_ACTIVITY_PK" tableName="ACTIVITY" columnNames="ACTIVITY_ID"/>
  <addForeignKeyConstraint constraintName="IDX_ACTIVITY_FK1" baseTableName="ACTIVITY" baseColumnNames="ACTIVITY_USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
  <addForeignKeyConstraint constraintName="IDX_ACTIVITY_FK0" baseTableName="ACTIVITY" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
  <!--================================================================================================-->
  <!-- COLLABORATOR -->
  <!--================================================================================================-->
  <createTable tableName="COLLABORATOR">
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
    <column name="COLLABORATOR_NAME" type="varchar(100)" nullable="false"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_COLLABORATOR_PK" tableName="COLLABORATOR" columnNames="USER_NAME, REPOSITORY_NAME, COLLABORATOR_NAME"/>
  <addForeignKeyConstraint constraintName="IDX_COLLABORATOR_FK1" baseTableName="COLLABORATOR" baseColumnNames="COLLABORATOR_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
  <addForeignKeyConstraint constraintName="IDX_COLLABORATOR_FK0" baseTableName="COLLABORATOR" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
  <!--================================================================================================-->
  <!-- COMMIT_COMMENT -->
  <!--================================================================================================-->
  <createTable tableName="COMMIT_COMMENT">
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
    <column name="COMMIT_ID" type="varchar(100)" nullable="false"/>
    <column name="COMMENT_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
    <column name="COMMENTED_USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="CONTENT" type="text" nullable="false"/>
    <column name="FILE_NAME" type="varchar(260)" nullable="true"/>
    <column name="OLD_LINE_NUMBER" type="int" nullable="true"/>
    <column name="NEW_LINE_NUMBER" type="int" nullable="true"/>
    <column name="REGISTERED_DATE" type="datetime" nullable="false"/>
    <column name="UPDATED_DATE" type="datetime" nullable="false"/>
    <column name="ISSUE_ID" type="int" nullable="true"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_COMMIT_COMMENT_PK" tableName="COMMIT_COMMENT" columnNames="COMMENT_ID"/>
  <addForeignKeyConstraint constraintName="IDX_COMMIT_COMMENT_FK0" baseTableName="COMMIT_COMMENT" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
  <!--================================================================================================-->
  <!-- COMMIT_STATUS -->
  <!--================================================================================================-->
  <createTable tableName="COMMIT_STATUS">
    <column name="COMMIT_STATUS_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
    <column name="COMMIT_ID" type="varchar(40)" nullable="false"/>
    <column name="CONTEXT" type="varchar(255)" nullable="false"/>
    <column name="STATE" type="varchar(10)" nullable="false"/>
    <column name="TARGET_URL" type="varchar(200)" nullable="true"/>
    <column name="DESCRIPTION" type="text" nullable="true"/>
    <column name="CREATOR" type="varchar(100)" nullable="false"/>
    <column name="REGISTERED_DATE" type="datetime" nullable="false"/>
    <column name="UPDATED_DATE" type="datetime" nullable="false"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_COMMIT_STATUS_PK" tableName="COMMIT_STATUS" columnNames="COMMIT_STATUS_ID"/>
  <addUniqueConstraint constraintName="IDX_COMMIT_STATUS_1" tableName="COMMIT_STATUS" columnNames="USER_NAME, REPOSITORY_NAME, COMMIT_ID, CONTEXT"/>
  <addForeignKeyConstraint constraintName="IDX_COMMIT_STATUS_FK3" baseTableName="COMMIT_STATUS" baseColumnNames="CREATOR" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME" onDelete="CASCADE" onUpdate="CASCADE"/>
  <addForeignKeyConstraint constraintName="IDX_COMMIT_STATUS_FK2" baseTableName="COMMIT_STATUS" baseColumnNames="USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME" onDelete="CASCADE" onUpdate="CASCADE"/>
  <addForeignKeyConstraint constraintName="IDX_COMMIT_STATUS_FK1" baseTableName="COMMIT_STATUS" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME" onDelete="CASCADE" onUpdate="CASCADE"/>
  <!--================================================================================================-->
  <!-- GROUP_MEMBER -->
  <!--================================================================================================-->
  <createTable tableName="GROUP_MEMBER">
    <column name="GROUP_NAME" type="varchar(100)" nullable="false"/>
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="MANAGER" type="boolean" nullable="true"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_GROUP_MEMBER_PK" tableName="GROUP_MEMBER" columnNames="GROUP_NAME, USER_NAME"/>
  <addForeignKeyConstraint constraintName="IDX_GROUP_MEMBER_FK1" baseTableName="GROUP_MEMBER" baseColumnNames="USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
  <addForeignKeyConstraint constraintName="IDX_GROUP_MEMBER_FK0" baseTableName="GROUP_MEMBER" baseColumnNames="GROUP_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
  <!--================================================================================================-->
  <!-- LABEL -->
  <!--================================================================================================-->
  <createTable tableName="LABEL">
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
    <column name="LABEL_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
    <column name="LABEL_NAME" type="varchar(100)" nullable="false"/>
    <column name="COLOR" type="char(6)" nullable="false"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_LABEL_PK" tableName="LABEL" columnNames="USER_NAME, REPOSITORY_NAME, LABEL_ID"/>
  <addForeignKeyConstraint constraintName="IDX_LABEL_FK0" baseTableName="LABEL" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
  <!--================================================================================================-->
  <!-- MILESTONE -->
  <!--================================================================================================-->
  <createTable tableName="MILESTONE">
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
    <column name="MILESTONE_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
    <column name="TITLE" type="varchar(100)" nullable="false"/>
    <column name="DESCRIPTION" type="text" nullable="true"/>
    <column name="DUE_DATE" type="datetime" nullable="true"/>
    <column name="CLOSED_DATE" type="datetime" nullable="true"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_MILESTONE_PK" tableName="MILESTONE" columnNames="USER_NAME, REPOSITORY_NAME, MILESTONE_ID"/>
  <addForeignKeyConstraint constraintName="IDX_MILESTONE_FK0" baseTableName="MILESTONE" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
  <!--================================================================================================-->
  <!-- ISSUE -->
  <!--================================================================================================-->
  <createTable tableName="ISSUE">
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
    <column name="ISSUE_ID" type="int" nullable="false"/>
    <column name="OPENED_USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="MILESTONE_ID" type="int" nullable="true"/>
    <column name="ASSIGNED_USER_NAME" type="varchar(100)" nullable="true"/>
    <column name="TITLE" type="text" nullable="false"/>
    <column name="CONTENT" type="text" nullable="true"/>
    <column name="CLOSED" type="boolean" nullable="false"/>
    <column name="REGISTERED_DATE" type="datetime" nullable="false"/>
    <column name="UPDATED_DATE" type="datetime" nullable="false"/>
    <column name="PULL_REQUEST" type="boolean" nullable="false"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_ISSUE_PK" tableName="ISSUE" columnNames="ISSUE_ID, USER_NAME, REPOSITORY_NAME"/>
  <addForeignKeyConstraint constraintName="IDX_ISSUE_FK0" baseTableName="ISSUE" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
  <addForeignKeyConstraint constraintName="IDX_ISSUE_FK2" baseTableName="ISSUE" baseColumnNames="MILESTONE_ID" referencedTableName="MILESTONE" referencedColumnNames="MILESTONE_ID"/>
  <addForeignKeyConstraint constraintName="IDX_ISSUE_FK1" baseTableName="ISSUE" baseColumnNames="OPENED_USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
  <!--================================================================================================-->
  <!-- ISSUE_COMMENT -->
  <!--================================================================================================-->
  <createTable tableName="ISSUE_COMMENT">
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
    <column name="ISSUE_ID" type="int" nullable="false"/>
    <column name="COMMENT_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
    <column name="ACTION" type="varchar(20)" nullable="false"/>
    <column name="COMMENTED_USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="CONTENT" type="text" nullable="false"/>
    <column name="REGISTERED_DATE" type="datetime" nullable="false"/>
    <column name="UPDATED_DATE" type="datetime" nullable="false"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_ISSUE_COMMENT_PK" tableName="ISSUE_COMMENT" columnNames="COMMENT_ID"/>
  <addForeignKeyConstraint constraintName="IDX_ISSUE_COMMENT_FK0" baseTableName="ISSUE_COMMENT" baseColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID" referencedTableName="ISSUE" referencedColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID"/>
  <!--================================================================================================-->
  <!-- ISSUE_ID -->
  <!--================================================================================================-->
  <createTable tableName="ISSUE_ID">
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
    <column name="ISSUE_ID" type="int" nullable="false"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_ISSUE_ID_PK" tableName="ISSUE_ID" columnNames="USER_NAME, REPOSITORY_NAME"/>
  <addForeignKeyConstraint constraintName="IDX_ISSUE_ID_FK1" baseTableName="ISSUE_ID" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
  <!--================================================================================================-->
  <!-- ISSUE_ID -->
  <!--================================================================================================-->
  <createTable tableName="ISSUE_LABEL">
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
    <column name="ISSUE_ID" type="int" nullable="false"/>
    <column name="LABEL_ID" type="int" nullable="false"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_ISSUE_LABEL_PK" tableName="ISSUE_LABEL" columnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID, LABEL_ID"/>
  <addForeignKeyConstraint constraintName="IDX_ISSUE_LABEL_FK0" baseTableName="ISSUE_LABEL" baseColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID" referencedTableName="ISSUE" referencedColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID"/>
  <!--================================================================================================-->
  <!-- PLUGIN -->
  <!--================================================================================================-->
  <createTable tableName="PLUGIN">
    <column name="PLUGIN_ID" type="varchar(100)" nullable="false"/>
    <column name="VERSION" type="varchar(100)" nullable="false"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_PLUGIN_PK" tableName="PLUGIN" columnNames="PLUGIN_ID"/>
  <!--================================================================================================-->
  <!-- PULL_REQUEST -->
  <!--================================================================================================-->
  <createTable tableName="PULL_REQUEST">
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
    <column name="ISSUE_ID" type="int" nullable="false"/>
    <column name="BRANCH" type="varchar(100)" nullable="false"/>
    <column name="REQUEST_USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="REQUEST_REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
    <column name="REQUEST_BRANCH" type="varchar(100)" nullable="false"/>
    <column name="COMMIT_ID_FROM" type="varchar(40)" nullable="false"/>
    <column name="COMMIT_ID_TO" type="varchar(40)" nullable="false"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_PULL_REQUEST_PK" tableName="PULL_REQUEST" columnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID"/>
  <addForeignKeyConstraint constraintName="IDX_PULL_REQUEST_FK0" baseTableName="PULL_REQUEST" baseColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID" referencedTableName="ISSUE" referencedColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID"/>
  <!--================================================================================================-->
  <!-- SSH_KEY -->
  <!--================================================================================================-->
  <createTable tableName="SSH_KEY">
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="SSH_KEY_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
    <column name="TITLE" type="varchar(100)" nullable="false"/>
    <column name="PUBLIC_KEY" type="text" nullable="false"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_SSH_KEY_PK" tableName="SSH_KEY" columnNames="USER_NAME, SSH_KEY_ID"/>
  <addForeignKeyConstraint constraintName="IDX_SSH_KEY_FK0" baseTableName="SSH_KEY" baseColumnNames="USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
  <!--================================================================================================-->
  <!-- WEB_HOOK -->
  <!--================================================================================================-->
  <createTable tableName="WEB_HOOK">
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
    <column name="URL" type="varchar(200)" nullable="false"/>
    <column name="TOKEN" type="varchar(100)" nullable="true"/>
    <column name="CTYPE" type="varchar(10)" nullable="true"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_WEB_HOOK_PK" tableName="WEB_HOOK" columnNames="USER_NAME, REPOSITORY_NAME, URL"/>
  <addForeignKeyConstraint constraintName="IDX_WEB_HOOK_FK0" baseTableName="WEB_HOOK" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
  <!--================================================================================================-->
  <!-- WEB_HOOK_EVENT -->
  <!--================================================================================================-->
  <createTable tableName="WEB_HOOK_EVENT">
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
    <column name="URL" type="varchar(200)" nullable="false"/>
    <column name="EVENT" type="varchar(30)" nullable="false"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_WEB_HOOK_EVENT_PK" tableName="WEB_HOOK_EVENT" columnNames="USER_NAME, REPOSITORY_NAME, URL, EVENT"/>
  <addForeignKeyConstraint constraintName="IDX_WEB_HOOK_EVENT_FK0" baseTableName="WEB_HOOK_EVENT" baseColumnNames="USER_NAME, REPOSITORY_NAME, URL" referencedTableName="WEB_HOOK" referencedColumnNames="USER_NAME, REPOSITORY_NAME, URL" onDelete="CASCADE" onUpdate="CASCADE"/>
  <!--================================================================================================-->
  <!-- PROTECTED_BRANCH -->
  <!--================================================================================================-->
  <createTable tableName="PROTECTED_BRANCH">
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
    <column name="BRANCH" type="varchar(100)" nullable="false"/>
    <column name="STATUS_CHECK_ADMIN" type="boolean" nullable="false" defaultValueBoolean="false"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_PROTECTED_BRANCH_PK" tableName="PROTECTED_BRANCH" columnNames="USER_NAME, REPOSITORY_NAME, BRANCH"/>
  <addForeignKeyConstraint constraintName="IDX_PROTECTED_BRANCH_FK0" baseTableName="PROTECTED_BRANCH" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME" onDelete="CASCADE" onUpdate="CASCADE"/>
  <!--================================================================================================-->
  <!-- PROTECTED_BRANCH_REQUIRE_CONTEXT -->
  <!--================================================================================================-->
  <createTable tableName="PROTECTED_BRANCH_REQUIRE_CONTEXT">
    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
    <column name="BRANCH" type="varchar(100)" nullable="false"/>
    <column name="CONTEXT" type="varchar(255)" nullable="false"/>
  </createTable>
  <addPrimaryKey constraintName="IDX_PROTECTED_BRANCH_REQUIRE_CONTEXT_PK" tableName="PROTECTED_BRANCH_REQUIRE_CONTEXT" columnNames="USER_NAME, REPOSITORY_NAME, BRANCH, CONTEXT"/>
  <addForeignKeyConstraint constraintName="IDX_PROTECTED_BRANCH_REQUIRE_CONTEXT_FK0" baseTableName="PROTECTED_BRANCH_REQUIRE_CONTEXT" baseColumnNames="USER_NAME, REPOSITORY_NAME, BRANCH" referencedTableName="PROTECTED_BRANCH" referencedColumnNames="USER_NAME, REPOSITORY_NAME, BRANCH" onDelete="CASCADE" onUpdate="CASCADE"/>
 </changeSet>
--- a/src/main/resources/update/gitbucket-core_4.2.xml
+++ b/src/main/resources/update/gitbucket-core_4.2.xml
@@ -0,0 +1,10 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <changeSet>
    <addColumn tableName="REPOSITORY">
        <column name="ENABLE_ISSUES" type="boolean" nullable="false" defaultValueBoolean="true"/>
        <column name="EXTERNAL_ISSUES_URL" type="varchar(200)" nullable="true"/>
        <column name="ENABLE_WIKI" type="boolean" nullable="false" defaultValueBoolean="true"/>
        <column name="ALLOW_WIKI_EDITING" type="boolean" nullable="false" defaultValueBoolean="false"/>
        <column name="EXTERNAL_WIKI_URL" type="varchar(200)" nullable="true"/>
    </addColumn>
 </changeSet>
--- a/src/main/resources/update/gitbucket-core_4.6.xml
+++ b/src/main/resources/update/gitbucket-core_4.6.xml
@@ -0,0 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <changeSet>
    <addColumn tableName="REPOSITORY">
        <column name="ALLOW_FORK" type="boolean" nullable="false" defaultValueBoolean="true"/>
    </addColumn>
 </changeSet>
--- a/src/main/resources/update/gitbucket-core_4.7.sql
+++ b/src/main/resources/update/gitbucket-core_4.7.sql
@@ -0,0 +1,2 @@
 -- DELETE COLLABORATORS IN GROUP REPOSITORIES
 DELETE FROM COLLABORATOR WHERE USER_NAME IN (SELECT USER_NAME FROM ACCOUNT WHERE GROUP_ACCOUNT = TRUE)
--- a/src/main/resources/update/gitbucket-core_4.7.xml
+++ b/src/main/resources/update/gitbucket-core_4.7.xml
@@ -0,0 +1,33 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <changeSet>
    <addColumn tableName="COLLABORATOR">
        <column name="ROLE" type="varchar(10)" nullable="false" defaultValue="ADMIN"/>
    </addColumn>
    <addColumn tableName="REPOSITORY">
        <column name="WIKI_OPTION" type="varchar(10)" nullable="false" defaultValue="DISABLE"/>
        <column name="ISSUES_OPTION" type="varchar(10)" nullable="false" defaultValue="DISABLE"/>
    </addColumn>
    <update tableName="REPOSITORY">
        <column name="WIKI_OPTION" value="DISABLE"/>
        <where>ENABLE_WIKI = FALSE</where>
    </update>
    <update tableName="REPOSITORY">
        <column name="WIKI_OPTION" value="PRIVATE"/>
        <where>ENABLE_WIKI = TRUE AND ALLOW_WIKI_EDITING = FALSE</where>
    </update>
    <update tableName="REPOSITORY">
        <column name="WIKI_OPTION" value="PUBLIC"/>
        <where>ENABLE_WIKI = TRUE AND ALLOW_WIKI_EDITING = TRUE</where>
    </update>
    <update tableName="REPOSITORY">
        <column name="ISSUES_OPTION" value="DISABLE"/>
        <where>ENABLE_ISSUES = FALSE</where>
    </update>
    <update tableName="REPOSITORY">
        <column name="ISSUES_OPTION" value="PUBLIC"/>
        <where>ENABLE_ISSUES = TRUE</where>
    </update>
    <dropColumn tableName="REPOSITORY" columnName="ENABLE_WIKI"/>
    <dropColumn tableName="REPOSITORY" columnName="ALLOW_WIKI_EDITING"/>
    <dropColumn tableName="REPOSITORY" columnName="ENABLE_ISSUES"/>
 </changeSet>
--- a/src/main/resources/update/gitbucket-core_4.9.xml
+++ b/src/main/resources/update/gitbucket-core_4.9.xml
@@ -0,0 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <changeSet>
  <addColumn tableName="ACCOUNT">
    <column name="DESCRIPTION" type="text" nullable="true" />
  </addColumn>
 </changeSet>
--- a/src/main/scala/ScalatraBootstrap.scala
+++ b/src/main/scala/ScalatraBootstrap.scala
@@ -1,24 +1,33 @@
 import gitbucket.core.controller._
 import gitbucket.core.plugin.PluginRegistry
 import gitbucket.core.servlet.{AccessTokenAuthenticationFilter, BasicAuthenticationFilter, Database, TransactionFilter}
 import gitbucket.core.util.Directory
 import java.util.EnumSet
 import javax.servlet._
 import gitbucket.core.controller._
 import gitbucket.core.plugin.PluginRegistry
 import gitbucket.core.service.SystemSettingsService
 import gitbucket.core.servlet._
 import gitbucket.core.util.Directory
 import org.scalatra._
-class ScalatraBootstrap extends LifeCycle {
+class ScalatraBootstrap extends LifeCycle with SystemSettingsService {
  override def init(context: ServletContext) {
    val settings = loadSystemSettings()
    if(settings.baseUrl.exists(_.startsWith("https://"))) {
      context.getSessionCookieConfig.setSecure(true)
    }
    // Register TransactionFilter and BasicAuthenticationFilter at first
    context.addFilter("transactionFilter", new TransactionFilter)
    context.getFilterRegistration("transactionFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/*")
-    context.addFilter("basicAuthenticationFilter", new BasicAuthenticationFilter)
+    context.addFilter("gitAuthenticationFilter", new GitAuthenticationFilter)
-    context.getFilterRegistration("basicAuthenticationFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/git/*")
+    context.getFilterRegistration("gitAuthenticationFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/git/*")
-    context.addFilter("accessTokenAuthenticationFilter", new AccessTokenAuthenticationFilter)
+    context.addFilter("apiAuthenticationFilter", new ApiAuthenticationFilter)
-    context.getFilterRegistration("accessTokenAuthenticationFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/api/v3/*")
+    context.getFilterRegistration("apiAuthenticationFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/api/v3/*")
    context.addFilter("ghCompatRepositoryAccessFilter", new GHCompatRepositoryAccessFilter)
    context.getFilterRegistration("ghCompatRepositoryAccessFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/*")
    // Register controllers
    context.mount(new AnonymousAccessController, "/*")
--- a/src/main/scala/gitbucket/core/GitBucketCoreModule.scala
+++ b/src/main/scala/gitbucket/core/GitBucketCoreModule.scala
@@ -0,0 +1,31 @@
 package gitbucket.core
 import io.github.gitbucket.solidbase.migration.{SqlMigration, LiquibaseMigration}
 import io.github.gitbucket.solidbase.model.{Version, Module}
 object GitBucketCoreModule extends Module("gitbucket-core",
  new Version("4.0.0",
    new LiquibaseMigration("update/gitbucket-core_4.0.xml"),
    new SqlMigration("update/gitbucket-core_4.0.sql")
  ),
  new Version("4.1.0"),
  new Version("4.2.0",
    new LiquibaseMigration("update/gitbucket-core_4.2.xml")
  ),
  new Version("4.2.1"),
  new Version("4.3.0"),
  new Version("4.4.0"),
  new Version("4.5.0"),
  new Version("4.6.0",
    new LiquibaseMigration("update/gitbucket-core_4.6.xml")
  ),
  new Version("4.7.0",
    new LiquibaseMigration("update/gitbucket-core_4.7.xml"),
    new SqlMigration("update/gitbucket-core_4.7.sql")
  ),
  new Version("4.7.1"),
  new Version("4.8"),
  new Version("4.9.0",
    new LiquibaseMigration("update/gitbucket-core_4.9.xml")
  )
 )
--- a/src/main/scala/gitbucket/core/api/ApiBranch.scala
+++ b/src/main/scala/gitbucket/core/api/ApiBranch.scala
@@ -14,3 +14,10 @@ case class ApiBranch(
   "self" -> ApiPath(s"/api/v3/repos/${repositoryName.fullName}/branches/${name}"),
   "html" -> ApiPath(s"/${repositoryName.fullName}/tree/${name}"))
 }
 case class ApiBranchCommit(sha: String)
 case class ApiBranchForList(
  name: String,
  commit: ApiBranchCommit
 )
--- a/src/main/scala/gitbucket/core/api/ApiBranchProtection.scala
+++ b/src/main/scala/gitbucket/core/api/ApiBranchProtection.scala
@@ -14,7 +14,7 @@ object ApiBranchProtection{
  def apply(info: ProtectedBranchService.ProtectedBranchInfo): ApiBranchProtection = ApiBranchProtection(
    enabled = info.enabled,
-    required_status_checks = Some(Status(EnforcementLevel(info.enabled, info.includeAdministrators), info.contexts)))
+    required_status_checks = Some(Status(EnforcementLevel(info.enabled && info.contexts.nonEmpty, info.includeAdministrators), info.contexts)))
  val statusNone = Status(Off, Seq.empty)
  case class Status(enforcement_level: EnforcementLevel, contexts: Seq[String])
  sealed class EnforcementLevel(val name: String)
@@ -44,4 +44,3 @@ object ApiBranchProtection{
   }
 ))
 }
--- a/src/main/scala/gitbucket/core/api/ApiContents.scala
+++ b/src/main/scala/gitbucket/core/api/ApiContents.scala
@@ -0,0 +1,18 @@
 package gitbucket.core.api
 import gitbucket.core.util.JGitUtil.FileInfo
 import org.apache.commons.codec.binary.Base64
 case class ApiContents(`type`: String, name: String, content: Option[String], encoding: Option[String])
 object ApiContents{
  def apply(fileInfo: FileInfo, content: Option[Array[Byte]]): ApiContents = {
    if(fileInfo.isDirectory) {
      ApiContents("dir", fileInfo.name, None, None)
    } else {
      content.map(arr =>
        ApiContents("file", fileInfo.name, Some(Base64.encodeBase64String(arr)), Some("base64"))
      ).getOrElse(ApiContents("file", fileInfo.name, None, None))
    }
  }
 }
--- a/src/main/scala/gitbucket/core/api/ApiEndPoint.scala
+++ b/src/main/scala/gitbucket/core/api/ApiEndPoint.scala
@@ -0,0 +1,3 @@
 package gitbucket.core.api
 case class ApiEndPoint(rate_limit_url: ApiPath = ApiPath("/api/v3/rate_limit"))
--- a/src/main/scala/gitbucket/core/api/ApiPullRequest.scala
+++ b/src/main/scala/gitbucket/core/api/ApiPullRequest.scala
@@ -1,7 +1,6 @@
 package gitbucket.core.api
-import gitbucket.core.model.{Issue, PullRequest}
+import gitbucket.core.model.{Account, Issue, IssueComment, PullRequest}
 import java.util.Date
@@ -15,6 +14,9 @@ case class ApiPullRequest(
  head: ApiPullRequest.Commit,
  base: ApiPullRequest.Commit,
  mergeable: Option[Boolean],
  merged: Boolean,
  merged_at: Option[Date],
  merged_by: Option[ApiUser],
  title: String,
  body: String,
  user: ApiUser) {
@@ -31,7 +33,15 @@ case class ApiPullRequest(
 }
 object ApiPullRequest{
-  def apply(issue: Issue, pullRequest: PullRequest, headRepo: ApiRepository, baseRepo: ApiRepository, user: ApiUser): ApiPullRequest = ApiPullRequest(
+  def apply(
    issue: Issue,
    pullRequest: PullRequest,
    headRepo: ApiRepository,
    baseRepo: ApiRepository,
    user: ApiUser,
    mergedComment: Option[(IssueComment, Account)]
  ): ApiPullRequest =
    ApiPullRequest(
      number     = issue.issueId,
      updated_at = issue.updatedDate,
      created_at = issue.registeredDate,
@@ -44,6 +54,9 @@ object ApiPullRequest{
                     ref  = pullRequest.branch,
                     repo = baseRepo)(issue.userName),
      mergeable  = None, // TODO: need check mergeable.
      merged     = mergedComment.isDefined,
      merged_at  = mergedComment.map { case (comment, _) => comment.registeredDate },
      merged_by  = mergedComment.map { case (_, account) => ApiUser(account) },
      title      = issue.title,
      body       = issue.content.getOrElse(""),
      user       = user
--- a/src/main/scala/gitbucket/core/api/ApiRef.scala
+++ b/src/main/scala/gitbucket/core/api/ApiRef.scala
@@ -0,0 +1,5 @@
 package gitbucket.core.api
 case class ApiObject(sha: String)
 case class ApiRef(ref: String, `object`: ApiObject)
--- a/src/main/scala/gitbucket/core/api/ApiRepository.scala
+++ b/src/main/scala/gitbucket/core/api/ApiRepository.scala
@@ -14,11 +14,11 @@ case class ApiRepository(
  `private`: Boolean,
  default_branch: String,
  owner: ApiUser)(urlIsHtmlUrl: Boolean) {
-  val forks_count   = forks
+  val forks_count = forks
  val watchers_count = watchers
-  val url       = if(urlIsHtmlUrl){
+  val url = if(urlIsHtmlUrl){
    ApiPath(s"/${full_name}")
-  }else{
+  } else {
    ApiPath(s"/api/v3/repos/${full_name}")
  }
  val http_url  = ApiPath(s"/git/${full_name}.git")
@@ -34,14 +34,14 @@ object ApiRepository{
      watchers: Int = 0,
      urlIsHtmlUrl: Boolean = false): ApiRepository =
    ApiRepository(
-      name        = repository.repositoryName,
+      name           = repository.repositoryName,
-      full_name   = s"${repository.userName}/${repository.repositoryName}",
+      full_name      = s"${repository.userName}/${repository.repositoryName}",
-      description = repository.description.getOrElse(""),
+      description    = repository.description.getOrElse(""),
-      watchers    = 0,
+      watchers       = 0,
-      forks       = forkedCount,
+      forks          = forkedCount,
-      `private`   = repository.isPrivate,
+      `private`      = repository.isPrivate,
      default_branch = repository.defaultBranch,
-      owner       = owner
+      owner          = owner
    )(urlIsHtmlUrl)
  def apply(repositoryInfo: RepositoryInfo, owner: ApiUser): ApiRepository =
--- a/src/main/scala/gitbucket/core/api/ApiUser.scala
+++ b/src/main/scala/gitbucket/core/api/ApiUser.scala
@@ -13,6 +13,7 @@ case class ApiUser(
  created_at: Date) {
  val url                 = ApiPath(s"/api/v3/users/${login}")
  val html_url            = ApiPath(s"/${login}")
  val avatar_url          = ApiPath(s"/${login}/_avatar")
  // val followers_url       = ApiPath(s"/api/v3/users/${login}/followers")
  // val following_url       = ApiPath(s"/api/v3/users/${login}/following{/other_user}")
  // val gists_url           = ApiPath(s"/api/v3/users/${login}/gists{/gist_id}")
@@ -29,7 +30,7 @@ object ApiUser{
  def apply(user: Account): ApiUser = ApiUser(
    login      = user.userName,
    email      = user.mailAddress,
-    `type`     = if(user.isGroupAccount){ "Organization" }else{ "User" },
+    `type`     = if(user.isGroupAccount){ "Organization" } else { "User" },
    site_admin = user.isAdmin,
    created_at = user.registeredDate
  )
--- a/src/main/scala/gitbucket/core/api/CreateARepository.scala
+++ b/src/main/scala/gitbucket/core/api/CreateARepository.scala
@@ -11,7 +11,7 @@ case class CreateARepository(
    auto_init: Boolean = false
 ) {
  def isValid: Boolean = {
-    name.length<=40 &&
+    name.length <= 100 &&
        name.matches("[a-zA-Z0-9\\-\\+_.]+") &&
        !name.startsWith("_") &&
        !name.startsWith("-")
--- a/src/main/scala/gitbucket/core/api/CreateAnIssue.scala
+++ b/src/main/scala/gitbucket/core/api/CreateAnIssue.scala
@@ -0,0 +1,11 @@
 package gitbucket.core.api
 /**
  * https://developer.github.com/v3/issues/#create-an-issue
  */
 case class CreateAnIssue(
    title: String,
    body: Option[String],
    assignees: List[String],
    milestone: Option[Int],
    labels: List[String])
--- a/src/main/scala/gitbucket/core/controller/AccountController.scala
+++ b/src/main/scala/gitbucket/core/controller/AccountController.scala
@@ -14,6 +14,7 @@ import gitbucket.core.util._
 import io.github.gitbucket.scalatra.forms._
 import org.apache.commons.io.FileUtils
 import org.scalatra.i18n.Messages
 import org.scalatra.BadRequest
 class AccountController extends AccountControllerBase
@@ -28,20 +29,21 @@ trait AccountControllerBase extends AccountManagementControllerBase {
    with AccessTokenService with WebHookService with RepositoryCreationService =>
  case class AccountNewForm(userName: String, password: String, fullName: String, mailAddress: String,
-                            url: Option[String], fileId: Option[String])
+                            description: Option[String], url: Option[String], fileId: Option[String])
  case class AccountEditForm(password: Option[String], fullName: String, mailAddress: String,
-                             url: Option[String], fileId: Option[String], clearImage: Boolean)
+                             description: Option[String], url: Option[String], fileId: Option[String], clearImage: Boolean)
  case class SshKeyForm(title: String, publicKey: String)
  case class PersonalTokenForm(note: String)
  val newForm = mapping(
-    "userName"    -> trim(label("User name"    , text(required, maxlength(100), identifier, uniqueUserName))),
+    "userName"    -> trim(label("User name"    , text(required, maxlength(100), identifier, uniqueUserName, reservedNames))),
    "password"    -> trim(label("Password"     , text(required, maxlength(20)))),
    "fullName"    -> trim(label("Full Name"    , text(required, maxlength(100)))),
    "mailAddress" -> trim(label("Mail Address" , text(required, maxlength(100), uniqueMailAddress()))),
    "description" -> trim(label("bio"          , optional(text()))),
    "url"         -> trim(label("URL"          , optional(text(maxlength(200))))),
    "fileId"      -> trim(label("File ID"      , optional(text())))
  )(AccountNewForm.apply)
@@ -50,6 +52,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
    "password"    -> trim(label("Password"     , optional(text(maxlength(20))))),
    "fullName"    -> trim(label("Full Name"    , text(required, maxlength(100)))),
    "mailAddress" -> trim(label("Mail Address" , text(required, maxlength(100), uniqueMailAddress("userName")))),
    "description" -> trim(label("bio"          , optional(text()))),
    "url"         -> trim(label("URL"          , optional(text(maxlength(200))))),
    "fileId"      -> trim(label("File ID"      , optional(text()))),
    "clearImage"  -> trim(label("Clear image"  , boolean()))
@@ -64,11 +67,12 @@ trait AccountControllerBase extends AccountManagementControllerBase {
    "note"     -> trim(label("Token", text(required, maxlength(100))))
  )(PersonalTokenForm.apply)
-  case class NewGroupForm(groupName: String, url: Option[String], fileId: Option[String], members: String)
+  case class NewGroupForm(groupName: String, description: Option[String], url: Option[String], fileId: Option[String], members: String)
-  case class EditGroupForm(groupName: String, url: Option[String], fileId: Option[String], members: String, clearImage: Boolean)
+  case class EditGroupForm(groupName: String, description: Option[String], url: Option[String], fileId: Option[String], members: String, clearImage: Boolean)
  val newGroupForm = mapping(
-    "groupName" -> trim(label("Group name" ,text(required, maxlength(100), identifier, uniqueUserName))),
+    "groupName" -> trim(label("Group name" ,text(required, maxlength(100), identifier, uniqueUserName, reservedNames))),
    "description" -> trim(label("Group description", optional(text()))),
    "url"       -> trim(label("URL"        ,optional(text(maxlength(200))))),
    "fileId"    -> trim(label("File ID"    ,optional(text()))),
    "members"   -> trim(label("Members"    ,text(required, members)))
@@ -76,6 +80,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
  val editGroupForm = mapping(
    "groupName"  -> trim(label("Group name"  ,text(required, maxlength(100), identifier))),
    "description" -> trim(label("Group description", optional(text()))),
    "url"        -> trim(label("URL"         ,optional(text(maxlength(200))))),
    "fileId"     -> trim(label("File ID"     ,optional(text()))),
    "members"    -> trim(label("Members"     ,text(required, members))),
@@ -120,7 +125,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
        // Members
        case "members" if(account.isGroupAccount) => {
          val members = getGroupMembers(account.userName)
-          gitbucket.core.account.html.members(account, members.map(_.userName),
+          gitbucket.core.account.html.members(account, members,
            context.loginAccount.exists(x => members.exists { member => member.userName == x.userName && member.isManager }))
        }
@@ -133,7 +138,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
            context.loginAccount.exists(x => members.exists { member => member.userName == x.userName && member.isManager }))
        }
      }
-    } getOrElse NotFound
+    } getOrElse NotFound()
  }
  get("/:userName.atom") {
@@ -155,8 +160,8 @@ trait AccountControllerBase extends AccountManagementControllerBase {
  get("/:userName/_edit")(oneselfOnly {
    val userName = params("userName")
    getAccountByUserName(userName).map { x =>
-      html.edit(x, flash.get("info"))
+      html.edit(x, flash.get("info"), flash.get("error"))
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
  post("/:userName/_edit", editForm)(oneselfOnly { form =>
@@ -166,19 +171,24 @@ trait AccountControllerBase extends AccountManagementControllerBase {
        password    = form.password.map(sha1).getOrElse(account.password),
        fullName    = form.fullName,
        mailAddress = form.mailAddress,
        description = form.description,
        url         = form.url))
      updateImage(userName, form.fileId, form.clearImage)
      flash += "info" -> "Account information has been updated."
      redirect(s"/${userName}/_edit")
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
  get("/:userName/_delete")(oneselfOnly {
    val userName = params("userName")
-    getAccountByUserName(userName, true).foreach { account =>
+    getAccountByUserName(userName, true).map { account =>
      if(isLastAdministrator(account)){
        flash += "error" -> "Account can't be removed because this is last one administrator."
        redirect(s"/${userName}/_edit")
      } else {
 //      // Remove repositories
 //      getRepositoryNamesOfUser(userName).foreach { repositoryName =>
 //        deleteRepository(userName, repositoryName)
@@ -187,21 +197,19 @@ trait AccountControllerBase extends AccountManagementControllerBase {
 //        FileUtils.deleteDirectory(getTemporaryDir(userName, repositoryName))
 //      }
 //      // Remove from GROUP_MEMBER, COLLABORATOR and REPOSITORY
-//      removeUserRelatedData(userName)
+        removeUserRelatedData(userName)
-
+        updateAccount(account.copy(isRemoved = true))
-      removeUserRelatedData(userName)
+        session.invalidate
-      updateAccount(account.copy(isRemoved = true))
+        redirect("/")
-    }
+      }
-
+    } getOrElse NotFound()
    session.invalidate
    redirect("/")
  })
  get("/:userName/_ssh")(oneselfOnly {
    val userName = params("userName")
    getAccountByUserName(userName).map { x =>
      html.ssh(x, getPublicKeys(x.userName))
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
  post("/:userName/_ssh", sshKeyForm)(oneselfOnly { form =>
@@ -232,7 +240,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
        case _ => None
      }
      html.application(x, tokens, generatedToken)
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
  post("/:userName/_personalToken", personalTokenForm)(oneselfOnly { form =>
@@ -258,15 +266,15 @@ trait AccountControllerBase extends AccountManagementControllerBase {
      } else {
        html.register()
      }
-    } else NotFound
+    } else NotFound()
  }
  post("/register", newForm){ form =>
    if(context.settings.allowAccountRegistration){
-      createAccount(form.userName, sha1(form.password), form.fullName, form.mailAddress, false, form.url)
+      createAccount(form.userName, sha1(form.password), form.fullName, form.mailAddress, false, form.description, form.url)
      updateImage(form.userName, form.fileId, false)
      redirect("/signin")
-    } else NotFound
+    } else NotFound()
  }
  get("/groups/new")(usersOnly {
@@ -274,7 +282,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
  })
  post("/groups/new", newGroupForm)(usersOnly { form =>
-    createGroup(form.groupName, form.url)
+    createGroup(form.groupName, form.description, form.url)
    updateGroupMembers(form.groupName, form.members.split(",").map {
      _.split(":") match {
        case Array(userName, isManager) => (userName, isManager.toBoolean)
@@ -312,22 +320,22 @@ trait AccountControllerBase extends AccountManagementControllerBase {
      }
    }.toList){ case (groupName, members) =>
      getAccountByUserName(groupName, true).map { account =>
-        updateGroup(groupName, form.url, false)
+        updateGroup(groupName, form.description, form.url, false)
        // Update GROUP_MEMBER
        updateGroupMembers(form.groupName, members)
-        // Update COLLABORATOR for group repositories
+//        // Update COLLABORATOR for group repositories
-        getRepositoryNamesOfUser(form.groupName).foreach { repositoryName =>
+//        getRepositoryNamesOfUser(form.groupName).foreach { repositoryName =>
-          removeCollaborators(form.groupName, repositoryName)
+//          removeCollaborators(form.groupName, repositoryName)
-          members.foreach { case (userName, isManager) =>
+//          members.foreach { case (userName, isManager) =>
-            addCollaborator(form.groupName, repositoryName, userName)
+//            addCollaborator(form.groupName, repositoryName, userName)
-          }
+//          }
-        }
+//        }
        updateImage(form.groupName, form.fileId, form.clearImage)
        redirect(s"/${form.groupName}")
-      } getOrElse NotFound
+      } getOrElse NotFound()
    }
  })
@@ -353,76 +361,80 @@ trait AccountControllerBase extends AccountManagementControllerBase {
  })
  get("/:owner/:repository/fork")(readableUsersOnly { repository =>
-    val loginAccount   = context.loginAccount.get
+    if(repository.repository.options.allowFork){
-    val loginUserName  = loginAccount.userName
+      val loginAccount   = context.loginAccount.get
-    val groups         = getGroupsByUserName(loginUserName)
+      val loginUserName  = loginAccount.userName
-    groups match {
+      val groups         = getGroupsByUserName(loginUserName)
-      case _: List[String] =>
+      groups match {
-        val managerPermissions = groups.map { group =>
+        case _: List[String] =>
-          val members = getGroupMembers(group)
+          val managerPermissions = groups.map { group =>
-          context.loginAccount.exists(x => members.exists { member => member.userName == x.userName && member.isManager })
+            val members = getGroupMembers(group)
-        }
+            context.loginAccount.exists(x => members.exists { member => member.userName == x.userName && member.isManager })
-        helper.html.forkrepository(
+          }
-          repository,
+          helper.html.forkrepository(
-          (groups zip managerPermissions).toMap
+            repository,
-        )
+            (groups zip managerPermissions).toMap
-      case _ => redirect(s"/${loginUserName}")
+          )
-    }
+        case _ => redirect(s"/${loginUserName}")
      }
    } else BadRequest()
  })
  post("/:owner/:repository/fork", accountForm)(readableUsersOnly { (form, repository) =>
-    val loginAccount  = context.loginAccount.get
+    if(repository.repository.options.allowFork){
-    val loginUserName = loginAccount.userName
+      val loginAccount  = context.loginAccount.get
-    val accountName   = form.accountName
+      val loginUserName = loginAccount.userName
      val accountName   = form.accountName
-    LockUtil.lock(s"${accountName}/${repository.name}"){
+      LockUtil.lock(s"${accountName}/${repository.name}"){
-      if(getRepository(accountName, repository.name).isDefined ||
+        if(getRepository(accountName, repository.name).isDefined ||
-          (accountName != loginUserName && !getGroupsByUserName(loginUserName).contains(accountName))){
+            (accountName != loginUserName && !getGroupsByUserName(loginUserName).contains(accountName))){
-        // redirect to the repository if repository already exists
+          // redirect to the repository if repository already exists
-        redirect(s"/${accountName}/${repository.name}")
+          redirect(s"/${accountName}/${repository.name}")
-      } else {
+        } else {
-        // Insert to the database at first
+          // Insert to the database at first
-        val originUserName = repository.repository.originUserName.getOrElse(repository.owner)
+          val originUserName = repository.repository.originUserName.getOrElse(repository.owner)
-        val originRepositoryName = repository.repository.originRepositoryName.getOrElse(repository.name)
+          val originRepositoryName = repository.repository.originRepositoryName.getOrElse(repository.name)
-        insertRepository(
+          insertRepository(
-          repositoryName       = repository.name,
+            repositoryName       = repository.name,
-          userName             = accountName,
+            userName             = accountName,
-          description          = repository.repository.description,
+            description          = repository.repository.description,
-          isPrivate            = repository.repository.isPrivate,
+            isPrivate            = repository.repository.isPrivate,
-          originRepositoryName = Some(originRepositoryName),
+            originRepositoryName = Some(originRepositoryName),
-          originUserName       = Some(originUserName),
+            originUserName       = Some(originUserName),
-          parentRepositoryName = Some(repository.name),
+            parentRepositoryName = Some(repository.name),
-          parentUserName       = Some(repository.owner)
+            parentUserName       = Some(repository.owner)
-        )
+          )
-        // Add collaborators for group repository
+//          // Add collaborators for group repository
-        val ownerAccount = getAccountByUserName(accountName).get
+//          val ownerAccount = getAccountByUserName(accountName).get
-        if(ownerAccount.isGroupAccount){
+//          if(ownerAccount.isGroupAccount){
-          getGroupMembers(accountName).foreach { member =>
+//            getGroupMembers(accountName).foreach { member =>
-            addCollaborator(accountName, repository.name, member.userName)
+//              addCollaborator(accountName, repository.name, member.userName)
-          }
+//            }
 //          }
          // Insert default labels
          insertDefaultLabels(accountName, repository.name)
          // clone repository actually
          JGitUtil.cloneRepository(
            getRepositoryDir(repository.owner, repository.name),
            getRepositoryDir(accountName, repository.name))
          // Create Wiki repository
          JGitUtil.cloneRepository(
            getWikiRepositoryDir(repository.owner, repository.name),
            getWikiRepositoryDir(accountName, repository.name))
          // Record activity
          recordForkActivity(repository.owner, repository.name, loginUserName, accountName)
          // redirect to the repository
          redirect(s"/${accountName}/${repository.name}")
        }
        // Insert default labels
        insertDefaultLabels(accountName, repository.name)
        // clone repository actually
        JGitUtil.cloneRepository(
          getRepositoryDir(repository.owner, repository.name),
          getRepositoryDir(accountName, repository.name))
        // Create Wiki repository
        JGitUtil.cloneRepository(
          getWikiRepositoryDir(repository.owner, repository.name),
          getWikiRepositoryDir(accountName, repository.name))
        // Record activity
        recordForkActivity(repository.owner, repository.name, loginUserName, accountName)
        // redirect to the repository
        redirect(s"/${accountName}/${repository.name}")
      }
-    }
+    } else BadRequest()
  })
  private def existsAccount: Constraint = new Constraint(){
@@ -447,8 +459,8 @@ trait AccountControllerBase extends AccountManagementControllerBase {
  private def validPublicKey: Constraint = new Constraint(){
    override def validate(name: String, value: String, messages: Messages): Option[String] = SshUtil.str2PublicKey(value) match {
-     case Some(_) => None
+     case Some(_) if !getAllKeys().exists(_.publicKey == value) => None
-     case None => Some("Key is invalid.")
+     case _ => Some("Key is invalid.")
    }
  }
--- a/src/main/scala/gitbucket/core/controller/ApiController.scala
+++ b/src/main/scala/gitbucket/core/controller/ApiController.scala
@@ -7,9 +7,10 @@ import gitbucket.core.service.PullRequestService._
 import gitbucket.core.service._
 import gitbucket.core.util.ControlUtil._
 import gitbucket.core.util.Directory._
-import gitbucket.core.util.JGitUtil.CommitInfo
+import gitbucket.core.util.JGitUtil._
 import gitbucket.core.util._
 import gitbucket.core.util.Implicits._
 import gitbucket.core.view.helpers.{renderMarkup, isRenderable}
 import org.eclipse.jgit.api.Git
 import org.scalatra.{NoContent, UnprocessableEntity, Created}
 import scala.collection.JavaConverters._
@@ -20,9 +21,12 @@ class ApiController extends ApiControllerBase
  with ProtectedBranchService
  with IssuesService
  with LabelsService
  with MilestonesService
  with PullRequestService
  with CommitsService
  with CommitStatusService
  with RepositoryCreationService
  with IssueCreationService
  with HandleCommentService
  with WebHookService
  with WebHookPullRequestService
@@ -34,7 +38,7 @@ class ApiController extends ApiControllerBase
  with GroupManagerAuthenticator
  with ReferrerAuthenticator
  with ReadableUsersAuthenticator
-  with CollaboratorsAuthenticator
+  with WritableUsersAuthenticator
 trait ApiControllerBase extends ControllerBase {
  self: RepositoryService
@@ -42,35 +46,171 @@ trait ApiControllerBase extends ControllerBase {
    with ProtectedBranchService
    with IssuesService
    with LabelsService
    with MilestonesService
    with PullRequestService
    with CommitStatusService
    with RepositoryCreationService
    with IssueCreationService
    with HandleCommentService
    with OwnerAuthenticator
    with UsersAuthenticator
    with GroupManagerAuthenticator
    with ReferrerAuthenticator
    with ReadableUsersAuthenticator
-    with CollaboratorsAuthenticator =>
+    with WritableUsersAuthenticator =>
  /**
    * https://developer.github.com/v3/#root-endpoint
    */
  get("/api/v3/") {
    JsonFormat(ApiEndPoint())
  }
  /**
    * https://developer.github.com/v3/orgs/#get-an-organization
    */
  get("/api/v3/orgs/:groupName") {
    getAccountByUserName(params("groupName")).filter(account => account.isGroupAccount).map { account =>
      JsonFormat(ApiUser(account))
    } getOrElse NotFound()
  }
  /**
   * https://developer.github.com/v3/users/#get-a-single-user
   */
  get("/api/v3/users/:userName") {
-    getAccountByUserName(params("userName")).map { account =>
+    getAccountByUserName(params("userName")).filterNot(account => account.isGroupAccount).map { account =>
      JsonFormat(ApiUser(account))
-    } getOrElse NotFound
+    } getOrElse NotFound()
  }
  /**
    * https://developer.github.com/v3/repos/#list-organization-repositories
    */
  get("/api/v3/orgs/:orgName/repos") {
    JsonFormat(getVisibleRepositories(context.loginAccount, Some(params("orgName"))).map{ r => ApiRepository(r, getAccountByUserName(r.owner).get)})
  }
  /**
   * https://developer.github.com/v3/repos/#list-user-repositories
   */
  get("/api/v3/users/:userName/repos") {
    JsonFormat(getVisibleRepositories(context.loginAccount, Some(params("userName"))).map{ r => ApiRepository(r, getAccountByUserName(r.owner).get)})
  }
  /*
   * https://developer.github.com/v3/repos/branches/#list-branches
   */
  get ("/api/v3/repos/:owner/:repo/branches")(referrersOnly { repository =>
    JsonFormat(JGitUtil.getBranches(
      owner         = repository.owner,
      name          = repository.name,
      defaultBranch = repository.repository.defaultBranch,
      origin        = repository.repository.originUserName.isEmpty
    ).map { br =>
      ApiBranchForList(br.name, ApiBranchCommit(br.commitId))
    })
  })
  /*
   * https://developer.github.com/v3/repos/contents/#get-contents
   */
  get("/api/v3/repos/:owner/:repo/contents/*")(referrersOnly { repository =>
    def getFileInfo(git: Git, revision: String, pathStr: String): Option[FileInfo] = {
      val path = new java.io.File(pathStr)
      val dirName = path.getParent match {
        case null => "."
        case s => s
      }
      getFileList(git, revision, dirName).find(f => f.name.equals(path.getName))
    }
    val path = multiParams("splat").head match {
      case s if s.isEmpty => "."
      case s => s
    }
    val refStr = params.getOrElse("ref", repository.repository.defaultBranch)
    using(Git.open(getRepositoryDir(params("owner"), params("repo")))){ git =>
      val fileList = getFileList(git, refStr, path)
      if (fileList.isEmpty) { // file or NotFound
        getFileInfo(git, refStr, path).flatMap(f => {
          val largeFile = params.get("large_file").exists(s => s.equals("true"))
          val content = getContentFromId(git, f.id, largeFile)
          request.getHeader("Accept") match {
            case "application/vnd.github.v3.raw" => {
              contentType = "application/vnd.github.v3.raw"
              content
            }
            case "application/vnd.github.v3.html" if isRenderable(f.name) => {
              contentType = "application/vnd.github.v3.html"
              content.map(c =>
                List(
                  "<div data-path=\"", path, "\" id=\"file\">", "<article>",
                  renderMarkup(path.split("/").toList, new String(c), refStr, repository, false, false, true).body,
                  "</article>", "</div>"
                ).mkString
              )
            }
            case "application/vnd.github.v3.html" => {
              contentType = "application/vnd.github.v3.html"
              content.map(c =>
                List(
                  "<div data-path=\"", path, "\" id=\"file\">", "<div class=\"plain\">", "<pre>",
                  play.twirl.api.HtmlFormat.escape(new String(c)).body,
                  "</pre>", "</div>", "</div>"
                ).mkString
              )
            }
            case _ =>
              Some(JsonFormat(ApiContents(f, content)))
          }
        }).getOrElse(NotFound())
      } else { // directory
        JsonFormat(fileList.map{f => ApiContents(f, None)})
      }
    }
  })
  /*
   * https://developer.github.com/v3/git/refs/#get-a-reference
   */
  get("/api/v3/repos/:owner/:repo/git/*") (referrersOnly { repository =>
    val revstr = multiParams("splat").head
    using(Git.open(getRepositoryDir(params("owner"), params("repo")))) { git =>
      //JsonFormat( (revstr, git.getRepository().resolve(revstr)) )
      // getRef is deprecated by jgit-4.2. use exactRef() or findRef()
      val sha = git.getRepository().exactRef(revstr).getObjectId().name()
      JsonFormat(ApiRef(revstr, ApiObject(sha)))
    }
  })
  /**
   * https://developer.github.com/v3/repos/collaborators/#list-collaborators
   */
  get("/api/v3/repos/:owner/:repo/collaborators") (referrersOnly { repository =>
    // TODO Should ApiUser take permission? getCollaboratorUserNames does not return owner group members.
    JsonFormat(getCollaboratorUserNames(params("owner"), params("repo")).map(u => ApiUser(getAccountByUserName(u).get)))
  })
  /**
   * https://developer.github.com/v3/users/#get-the-authenticated-user
   */
  get("/api/v3/user") {
    context.loginAccount.map { account =>
      JsonFormat(ApiUser(account))
-    } getOrElse Unauthorized
+    } getOrElse Unauthorized()
  }
  /**
   * List user's own repository
   * https://developer.github.com/v3/repos/#list-your-repositories
   */
  get("/api/v3/user/repos")(usersOnly{
    JsonFormat(getVisibleRepositories(context.loginAccount, Option(context.loginAccount.get.userName)).map{
      r => ApiRepository(r, getAccountByUserName(r.owner).get)
    })
  })
  /**
   * Create user repository
   * https://developer.github.com/v3/repos/#create
@@ -92,7 +232,7 @@ trait ApiControllerBase extends ControllerBase {
          )
        }
      }
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
  })
  /**
@@ -116,14 +256,16 @@ trait ApiControllerBase extends ControllerBase {
          )
        }
      }
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
  })
-  /** https://developer.github.com/v3/repos/#enabling-and-disabling-branch-protection */
+  /**
   * https://developer.github.com/v3/repos/#enabling-and-disabling-branch-protection
   */
  patch("/api/v3/repos/:owner/:repo/branches/:branch")(ownerOnly { repository =>
    import gitbucket.core.api._
    (for{
-      branch <- params.get("branch") if repository.branchList.find(_ == branch).isDefined
+      branch     <- params.get("branch") if repository.branchList.find(_ == branch).isDefined
      protection <- extractFromJsonBody[ApiBranchProtection.EnablingAndDisabling].map(_.protection)
    } yield {
      if(protection.enabled){
@@ -132,7 +274,7 @@ trait ApiControllerBase extends ControllerBase {
        disableBranchProtection(repository.owner, repository.name, branch)
      }
      JsonFormat(ApiBranch(branch, protection)(RepositoryName(repository)))
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
  })
  /**
@@ -145,16 +287,78 @@ trait ApiControllerBase extends ControllerBase {
    org.scalatra.NotFound(ApiError("Rate limiting is not enabled."))
  }
  /**
    * https://developer.github.com/v3/issues/#list-issues-for-a-repository
    */
  get("/api/v3/repos/:owner/:repository/issues")(referrersOnly { repository =>
    val page = IssueSearchCondition.page(request)
    // TODO: more api spec condition
    val condition = IssueSearchCondition(request)
    val baseOwner = getAccountByUserName(repository.owner).get
    val issues: List[(Issue, Account)] =
      searchIssueByApi(
        condition = condition,
        offset    = (page - 1) * PullRequestLimit,
        limit     = PullRequestLimit,
        repos     = repository.owner -> repository.name
      )
    JsonFormat(issues.map { case (issue, issueUser) =>
      ApiIssue(
        issue          = issue,
        repositoryName = RepositoryName(repository),
        user           = ApiUser(issueUser)
      )
    })
  })
  /**
   * https://developer.github.com/v3/issues/#get-a-single-issue
   */
  get("/api/v3/repos/:owner/:repository/issues/:id")(referrersOnly { repository =>
    (for{
      issueId  <- params("id").toIntOpt
      issue <- getIssue(repository.owner, repository.name, issueId.toString)
      openedUser <- getAccountByUserName(issue.openedUserName)
    } yield {
      JsonFormat(ApiIssue(issue, RepositoryName(repository), ApiUser(openedUser)))
    }) getOrElse NotFound()
  })
  /**
    * https://developer.github.com/v3/issues/#create-an-issue
    */
  post("/api/v3/repos/:owner/:repository/issues")(readableUsersOnly { repository =>
    if(isIssueEditable(repository)){ // TODO Should this check is provided by authenticator?
      (for{
        data <- extractFromJsonBody[CreateAnIssue]
        loginAccount <- context.loginAccount
      } yield {
        val milestone = data.milestone.flatMap(getMilestone(repository.owner, repository.name, _))
        val issue = createIssue(
          repository,
          data.title,
          data.body,
          data.assignees.headOption,
          milestone.map(_.milestoneId),
          data.labels,
          loginAccount)
        JsonFormat(ApiIssue(issue, RepositoryName(repository), ApiUser(loginAccount)))
      }) getOrElse NotFound()
    } else Unauthorized()
  })
  /**
   * https://developer.github.com/v3/issues/comments/#list-comments-on-an-issue
   */
  get("/api/v3/repos/:owner/:repository/issues/:id/comments")(referrersOnly { repository =>
    (for{
-      issueId <- params("id").toIntOpt
+      issueId  <- params("id").toIntOpt
-      comments = getCommentsForApi(repository.owner, repository.name, issueId.toInt)
+      comments =  getCommentsForApi(repository.owner, repository.name, issueId.toInt)
    } yield {
      JsonFormat(comments.map{ case (issueComment, user, issue) => ApiComment(issueComment, RepositoryName(repository), issueId, ApiUser(user), issue.isPullRequest) })
-    }).getOrElse(NotFound)
+    }) getOrElse NotFound()
  })
  /**
@@ -170,7 +374,7 @@ trait ApiControllerBase extends ControllerBase {
      issueComment <- getComment(repository.owner, repository.name, id.toString())
    } yield {
      JsonFormat(ApiComment(issueComment, RepositoryName(repository), issueId, ApiUser(context.loginAccount.get), issue.isPullRequest))
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
  })
  /**
@@ -197,7 +401,7 @@ trait ApiControllerBase extends ControllerBase {
   * Create a label
   * https://developer.github.com/v3/issues/labels/#create-a-label
   */
-  post("/api/v3/repos/:owner/:repository/labels")(collaboratorsOnly { repository =>
+  post("/api/v3/repos/:owner/:repository/labels")(writableUsersOnly { repository =>
    (for{
      data <- extractFromJsonBody[CreateALabel] if data.isValid
    } yield {
@@ -222,7 +426,7 @@ trait ApiControllerBase extends ControllerBase {
   * Update a label
   * https://developer.github.com/v3/issues/labels/#update-a-label
   */
-  patch("/api/v3/repos/:owner/:repository/labels/:labelName")(collaboratorsOnly { repository =>
+  patch("/api/v3/repos/:owner/:repository/labels/:labelName")(writableUsersOnly { repository =>
    (for{
      data <- extractFromJsonBody[CreateALabel] if data.isValid
    } yield {
@@ -232,12 +436,14 @@ trait ApiControllerBase extends ControllerBase {
            updateLabel(repository.owner, repository.name, label.labelId, data.name, data.color)
            JsonFormat(ApiLabel(
              getLabel(repository.owner, repository.name, label.labelId).get,
-              RepositoryName(repository)))
+              RepositoryName(repository)
            ))
          } else {
            // TODO ApiError should support errors field to enhance compatibility of GitHub API
            UnprocessableEntity(ApiError(
              "Validation Failed",
-              Some("https://developer.github.com/v3/issues/labels/#create-a-label")))
+              Some("https://developer.github.com/v3/issues/labels/#create-a-label")
            ))
          }
        } getOrElse NotFound()
      }
@@ -248,7 +454,7 @@ trait ApiControllerBase extends ControllerBase {
   * Delete a label
   * https://developer.github.com/v3/issues/labels/#delete-a-label
   */
-  delete("/api/v3/repos/:owner/:repository/labels/:labelName")(collaboratorsOnly { repository =>
+  delete("/api/v3/repos/:owner/:repository/labels/:labelName")(writableUsersOnly { repository =>
    LockUtil.lock(RepositoryName(repository).fullName) {
      getLabel(repository.owner, repository.name, params("labelName")).map { label =>
        deleteLabel(repository.owner, repository.name, label.labelId)
@@ -261,18 +467,29 @@ trait ApiControllerBase extends ControllerBase {
   * https://developer.github.com/v3/pulls/#list-pull-requests
   */
  get("/api/v3/repos/:owner/:repository/pulls")(referrersOnly { repository =>
-    val page       = IssueSearchCondition.page(request)
+    val page = IssueSearchCondition.page(request)
    // TODO: more api spec condition
    val condition = IssueSearchCondition(request)
    val baseOwner = getAccountByUserName(repository.owner).get
-    val issues:List[(Issue, Account, Int, PullRequest, Repository, Account)] = searchPullRequestByApi(condition, (page - 1) * PullRequestLimit, PullRequestLimit, repository.owner -> repository.name)
+
-    JsonFormat(issues.map{case (issue, issueUser, commentCount, pullRequest, headRepo, headOwner) =>
+    val issues: List[(Issue, Account, Int, PullRequest, Repository, Account)] =
      searchPullRequestByApi(
        condition = condition,
        offset    = (page - 1) * PullRequestLimit,
        limit     = PullRequestLimit,
        repos     = repository.owner -> repository.name
      )
    JsonFormat(issues.map { case (issue, issueUser, commentCount, pullRequest, headRepo, headOwner) =>
      ApiPullRequest(
-        issue,
+        issue         = issue,
-        pullRequest,
+        pullRequest   = pullRequest,
-        ApiRepository(headRepo, ApiUser(headOwner)),
+        headRepo      = ApiRepository(headRepo, ApiUser(headOwner)),
-        ApiRepository(repository, ApiUser(baseOwner)),
+        baseRepo      = ApiRepository(repository, ApiUser(baseOwner)),
-        ApiUser(issueUser)) })
+        user          = ApiUser(issueUser),
        mergedComment = getMergedComment(repository.owner, repository.name, issue.issueId)
      )
    })
  })
  /**
@@ -280,21 +497,23 @@ trait ApiControllerBase extends ControllerBase {
   */
  get("/api/v3/repos/:owner/:repository/pulls/:id")(referrersOnly { repository =>
    (for{
-      issueId <- params("id").toIntOpt
+      issueId   <- params("id").toIntOpt
      (issue, pullRequest) <- getPullRequest(repository.owner, repository.name, issueId)
-      users = getAccountsByUserNames(Set(repository.owner, pullRequest.requestUserName, issue.openedUserName), Set())
+      users     =  getAccountsByUserNames(Set(repository.owner, pullRequest.requestUserName, issue.openedUserName), Set.empty)
      baseOwner <- users.get(repository.owner)
      headOwner <- users.get(pullRequest.requestUserName)
      issueUser <- users.get(issue.openedUserName)
      headRepo  <- getRepository(pullRequest.requestUserName, pullRequest.requestRepositoryName)
    } yield {
      JsonFormat(ApiPullRequest(
-        issue,
+        issue         = issue,
-        pullRequest,
+        pullRequest   = pullRequest,
-        ApiRepository(headRepo, ApiUser(headOwner)),
+        headRepo      = ApiRepository(headRepo, ApiUser(headOwner)),
-        ApiRepository(repository, ApiUser(baseOwner)),
+        baseRepo      = ApiRepository(repository, ApiUser(baseOwner)),
-        ApiUser(issueUser)))
+        user          = ApiUser(issueUser),
-    }).getOrElse(NotFound)
+        mergedComment = getMergedComment(repository.owner, repository.name, issue.issueId)
      ))
    }) getOrElse NotFound()
  })
  /**
@@ -309,11 +528,11 @@ trait ApiControllerBase extends ControllerBase {
          val oldId = git.getRepository.resolve(pullreq.commitIdFrom)
          val newId = git.getRepository.resolve(pullreq.commitIdTo)
          val repoFullName = RepositoryName(repository)
-          val commits = git.log.addRange(oldId, newId).call.iterator.asScala.map(c => ApiCommitListItem(new CommitInfo(c), repoFullName)).toList
+          val commits = git.log.addRange(oldId, newId).call.iterator.asScala.map { c => ApiCommitListItem(new CommitInfo(c), repoFullName) }.toList
          JsonFormat(commits)
        }
      }
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
  /**
@@ -326,19 +545,19 @@ trait ApiControllerBase extends ControllerBase {
  /**
   * https://developer.github.com/v3/repos/statuses/#create-a-status
   */
-  post("/api/v3/repos/:owner/:repo/statuses/:sha")(collaboratorsOnly { repository =>
+  post("/api/v3/repos/:owner/:repo/statuses/:sha")(writableUsersOnly { repository =>
    (for{
-      ref <- params.get("sha")
+      ref      <- params.get("sha")
-      sha <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
+      sha      <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
-      data <- extractFromJsonBody[CreateAStatus] if data.isValid
+      data     <- extractFromJsonBody[CreateAStatus] if data.isValid
-      creator <- context.loginAccount
+      creator  <- context.loginAccount
-      state <- CommitState.valueOf(data.state)
+      state    <- CommitState.valueOf(data.state)
-      statusId = createCommitStatus(repository.owner, repository.name, sha, data.context.getOrElse("default"),
+      statusId =  createCommitStatus(repository.owner, repository.name, sha, data.context.getOrElse("default"),
-        state, data.target_url, data.description, new java.util.Date(), creator)
+                                     state, data.target_url, data.description, new java.util.Date(), creator)
-      status <- getCommitStatus(repository.owner, repository.name, statusId)
+      status   <- getCommitStatus(repository.owner, repository.name, statusId)
    } yield {
      JsonFormat(ApiCommitStatus(status, ApiUser(creator)))
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
  })
  /**
@@ -354,7 +573,7 @@ trait ApiControllerBase extends ControllerBase {
      JsonFormat(getCommitStatuesWithCreator(repository.owner, repository.name, sha).map{ case(status, creator) =>
        ApiCommitStatus(status, ApiUser(creator))
      })
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
  })
  /**
@@ -373,17 +592,17 @@ trait ApiControllerBase extends ControllerBase {
   */
  get("/api/v3/repos/:owner/:repo/commits/:ref/status")(referrersOnly { repository =>
    (for{
-      ref <- params.get("ref")
+      ref   <- params.get("ref")
      owner <- getAccountByUserName(repository.owner)
-      sha <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
+      sha   <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
    } yield {
      val statuses = getCommitStatuesWithCreator(repository.owner, repository.name, sha)
      JsonFormat(ApiCombinedCommitStatus(sha, statuses, ApiRepository(repository, owner)))
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
  })
  private def isEditable(owner: String, repository: String, author: String)(implicit context: Context): Boolean =
-    hasWritePermission(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
+    hasDeveloperRole(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
 }
--- a/src/main/scala/gitbucket/core/controller/ControllerBase.scala
+++ b/src/main/scala/gitbucket/core/controller/ControllerBase.scala
@@ -9,7 +9,6 @@ import gitbucket.core.util.Implicits._
 import gitbucket.core.util._
 import io.github.gitbucket.scalatra.forms._
 import org.apache.commons.io.FileUtils
 import org.json4s._
 import org.scalatra._
 import org.scalatra.i18n._
@@ -20,6 +19,8 @@ import javax.servlet.{FilterChain, ServletResponse, ServletRequest}
 import scala.util.Try
 import net.coobird.thumbnailator.Thumbnails
 /**
 * Provides generic features for controller implementations.
@@ -57,7 +58,7 @@ abstract class ControllerBase extends ScalatraFilter
        // Redirect to dashboard
        httpResponse.sendRedirect(baseUrl + "/")
      }
-    } else if(path.startsWith("/git/")){
+    } else if(path.startsWith("/git/") || path.startsWith("/git-lfs/")){
      // Git repository
      chain.doFilter(request, response)
    } else {
@@ -191,6 +192,7 @@ case class Context(settings: SystemSettingsService.SystemSettings, loginAccount:
    case agent if agent.contains("Win") => "windows"
    case _ => null
  }
  val sidebarCollapse = request.getSession.getAttribute("sidebar-collapse") != null
  /**
   * Get object from cache.
@@ -224,10 +226,13 @@ trait AccountManagementControllerBase extends ControllerBase {
    } else {
      fileId.map { fileId =>
        val filename = "avatar." + FileUtil.getExtension(session.getAndRemove(Keys.Session.Upload(fileId)).get)
-        FileUtils.moveFile(
+        val uploadDir = getUserUploadDir(userName)
-          new java.io.File(getTemporaryDir(session.getId), fileId),
+        if(!uploadDir.exists){
-          new java.io.File(getUserUploadDir(userName), filename)
+          uploadDir.mkdirs()
-        )
+        }
        Thumbnails.of(new java.io.File(getTemporaryDir(session.getId), fileId))
          .size(324, 324)
          .toFile(new java.io.File(uploadDir, filename))
        updateAvatarImage(userName, Some(filename))
      }
    }
@@ -244,4 +249,13 @@ trait AccountManagementControllerBase extends ControllerBase {
        .map    { _ => "Mail address is already registered." }
  }
  val allReservedNames = Set("git", "admin", "upload", "api")
  protected def reservedNames(): Constraint = new Constraint(){
    override def validate(name: String, value: String, messages: Messages): Option[String] = if(allReservedNames.contains(value)){
      Some(s"${value} is reserved")
    } else {
      None
    }
  }
 }
--- a/src/main/scala/gitbucket/core/controller/DashboardController.scala
+++ b/src/main/scala/gitbucket/core/controller/DashboardController.scala
@@ -1,13 +1,13 @@
 package gitbucket.core.controller
 import gitbucket.core.dashboard.html
-import gitbucket.core.service.{RepositoryService, PullRequestService, AccountService, IssuesService}
+import gitbucket.core.service._
-import gitbucket.core.util.{StringUtil, Keys, UsersAuthenticator}
+import gitbucket.core.util.{Keys, UsersAuthenticator}
 import gitbucket.core.util.Implicits._
 import gitbucket.core.service.IssuesService._
 class DashboardController extends DashboardControllerBase
-  with IssuesService with PullRequestService with RepositoryService with AccountService
+  with IssuesService with PullRequestService with RepositoryService with AccountService with CommitsService
  with UsersAuthenticator
 trait DashboardControllerBase extends ControllerBase {
@@ -15,20 +15,7 @@ trait DashboardControllerBase extends ControllerBase {
    with UsersAuthenticator =>
  get("/dashboard/issues")(usersOnly {
-    val q = request.getParameter("q")
+    searchIssues("created_by")
    val account = context.loginAccount.get
    Option(q).map { q =>
      val condition = IssueSearchCondition(q, Map[String, Int]())
      q match {
        case q if(q.contains("is:pr")) => redirect(s"/dashboard/pulls?q=${StringUtil.urlEncode(q)}")
        case q if(q.contains(s"author:${account.userName}")) => redirect(s"/dashboard/issues/created_by${condition.toURL}")
        case q if(q.contains(s"assignee:${account.userName}")) => redirect(s"/dashboard/issues/assigned${condition.toURL}")
        case q if(q.contains(s"mentions:${account.userName}")) => redirect(s"/dashboard/issues/mentioned${condition.toURL}")
        case _ => searchIssues("created_by")
      }
    } getOrElse {
      searchIssues("created_by")
    }
  })
  get("/dashboard/issues/assigned")(usersOnly {
@@ -44,20 +31,7 @@ trait DashboardControllerBase extends ControllerBase {
  })
  get("/dashboard/pulls")(usersOnly {
-    val q = request.getParameter("q")
+    searchPullRequests("created_by")
    val account = context.loginAccount.get
    Option(q).map { q =>
      val condition = IssueSearchCondition(q, Map[String, Int]())
      q match {
        case q if(q.contains("is:issue")) => redirect(s"/dashboard/issues?q=${StringUtil.urlEncode(q)}")
        case q if(q.contains(s"author:${account.userName}")) => redirect(s"/dashboard/pulls/created_by${condition.toURL}")
        case q if(q.contains(s"assignee:${account.userName}")) => redirect(s"/dashboard/pulls/assigned${condition.toURL}")
        case q if(q.contains(s"mentions:${account.userName}")) => redirect(s"/dashboard/pulls/mentioned${condition.toURL}")
        case _ => searchPullRequests("created_by")
      }
    } getOrElse {
      searchPullRequests("created_by")
    }
  })
  get("/dashboard/pulls/created_by")(usersOnly {
@@ -73,19 +47,12 @@ trait DashboardControllerBase extends ControllerBase {
  })
  private def getOrCreateCondition(key: String, filter: String, userName: String) = {
-    val condition = session.putAndGet(key, if(request.hasQueryString){
+    val condition = IssueSearchCondition(request)
      val q = request.getParameter("q")
      if(q == null){
        IssueSearchCondition(request)
      } else {
        IssueSearchCondition(q, Map[String, Int]())
      }
    } else session.getAs[IssueSearchCondition](key).getOrElse(IssueSearchCondition()))
    filter match {
-      case "assigned"  => condition.copy(assigned = Some(userName), author = None          , mentioned = None)
+      case "assigned"  => condition.copy(assigned = Some(Some(userName)), author = None, mentioned = None)
-      case "mentioned" => condition.copy(assigned = None          , author = None          , mentioned = Some(userName))
+      case "mentioned" => condition.copy(assigned = None, author = None, mentioned = Some(userName))
-      case _           => condition.copy(assigned = None          , author = Some(userName), mentioned = None)
+      case _           => condition.copy(assigned = None, author = Some(userName), mentioned = None)
    }
  }
@@ -103,13 +70,13 @@ trait DashboardControllerBase extends ControllerBase {
      countIssue(condition.copy(state = "open"  ), false, userRepos: _*),
      countIssue(condition.copy(state = "closed"), false, userRepos: _*),
      filter match {
-        case "assigned"  => condition.copy(assigned  = Some(userName))
+        case "assigned"  => condition.copy(assigned  = Some(Some(userName)))
        case "mentioned" => condition.copy(mentioned = Some(userName))
        case _           => condition.copy(author    = Some(userName))
      },
      filter,
      getGroupNames(userName),
-      getVisibleRepositories(context.loginAccount, withoutPhysicalInfo = true),
+      Nil,
      getUserRepositories(userName, withoutPhysicalInfo = true))
  }
@@ -128,13 +95,13 @@ trait DashboardControllerBase extends ControllerBase {
      countIssue(condition.copy(state = "open"  ), true, allRepos: _*),
      countIssue(condition.copy(state = "closed"), true, allRepos: _*),
      filter match {
-        case "assigned"  => condition.copy(assigned  = Some(userName))
+        case "assigned"  => condition.copy(assigned  = Some(Some(userName)))
        case "mentioned" => condition.copy(mentioned = Some(userName))
        case _           => condition.copy(author    = Some(userName))
      },
      filter,
      getGroupNames(userName),
-      getVisibleRepositories(context.loginAccount, withoutPhysicalInfo = true),
+      Nil,
      getUserRepositories(userName, withoutPhysicalInfo = true))
  }
--- a/src/main/scala/gitbucket/core/controller/FileUploadController.scala
+++ b/src/main/scala/gitbucket/core/controller/FileUploadController.scala
@@ -1,18 +1,25 @@
 package gitbucket.core.controller
-import gitbucket.core.util.{Keys, FileUtil}
+import gitbucket.core.model.Account
 import gitbucket.core.service.{AccountService, RepositoryService}
 import gitbucket.core.servlet.Database
 import gitbucket.core.util._
 import gitbucket.core.util.ControlUtil._
 import gitbucket.core.util.Directory._
 import gitbucket.core.util.Implicits._
 import org.eclipse.jgit.api.Git
 import org.eclipse.jgit.dircache.DirCache
 import org.eclipse.jgit.lib.{FileMode, Constants}
 import org.scalatra._
 import org.scalatra.servlet.{MultipartConfig, FileUploadSupport, FileItem}
-import org.apache.commons.io.FileUtils
+import org.apache.commons.io.{IOUtils, FileUtils}
 /**
 * Provides Ajax based file upload functionality.
 *
 * This servlet saves uploaded file.
 */
-class FileUploadController extends ScalatraServlet with FileUploadSupport {
+class FileUploadController extends ScalatraServlet with FileUploadSupport with RepositoryService with AccountService {
  configureMultipartHandling(MultipartConfig(maxFileSize = Some(3 * 1024 * 1024)))
@@ -31,14 +38,71 @@ class FileUploadController extends ScalatraServlet with FileUploadSupport {
    }, FileUtil.isUploadableType)
  }
  post("/wiki/:owner/:repository"){
    // Don't accept not logged-in users
    session.get(Keys.Session.LoginAccount).collect { case loginAccount: Account =>
      val owner      = params("owner")
      val repository = params("repository")
      // Check whether logged-in user is collaborator
      collaboratorsOnly(owner, repository, loginAccount){
        execute({ (file, fileId) =>
          val fileName = file.getName
          LockUtil.lock(s"${owner}/${repository}/wiki") {
            using(Git.open(Directory.getWikiRepositoryDir(owner, repository))) { git =>
              val builder  = DirCache.newInCore.builder()
              val inserter = git.getRepository.newObjectInserter()
              val headId   = git.getRepository.resolve(Constants.HEAD + "^{commit}")
              if(headId != null){
                JGitUtil.processTree(git, headId){ (path, tree) =>
                  if(path != fileName){
                    builder.add(JGitUtil.createDirCacheEntry(path, tree.getEntryFileMode, tree.getEntryObjectId))
                  }
                }
              }
              val bytes = IOUtils.toByteArray(file.getInputStream)
              builder.add(JGitUtil.createDirCacheEntry(fileName, FileMode.REGULAR_FILE, inserter.insert(Constants.OBJ_BLOB, bytes)))
              builder.finish()
              val newHeadId = JGitUtil.createNewCommit(git, inserter, headId, builder.getDirCache.writeTree(inserter),
                Constants.HEAD, loginAccount.userName, loginAccount.mailAddress, s"Uploaded ${fileName}")
              fileName
            }
          }
        }, FileUtil.isUploadableType)
      }
    } getOrElse BadRequest()
  }
  post("/import") {
    import JDBCUtil._
    session.get(Keys.Session.LoginAccount).collect { case loginAccount: Account if loginAccount.isAdmin =>
      execute({ (file, fileId) =>
        request2Session(request).conn.importAsSQL(file.getInputStream)
      }, _ => true)
    }
    redirect("/admin/data")
  }
  private def collaboratorsOnly(owner: String, repository: String, loginAccount: Account)(action: => Any): Any = {
    implicit val session = Database.getSession(request)
    loginAccount match {
      case x if(x.isAdmin) => action
      case x if(getCollaborators(owner, repository).contains(x.userName)) => action
      case _ => BadRequest()
    }
  }
  private def execute(f: (FileItem, String) => Unit, mimeTypeChcker: (String) => Boolean) = fileParams.get("file") match {
    case Some(file) if(mimeTypeChcker(file.name)) =>
      defining(FileUtil.generateFileId){ fileId =>
        f(file, fileId)
        Ok(fileId)
      }
-    case _ => BadRequest
+    case _ => BadRequest()
  }
 }
--- a/src/main/scala/gitbucket/core/controller/IndexController.scala
+++ b/src/main/scala/gitbucket/core/controller/IndexController.scala
@@ -1,14 +1,13 @@
 package gitbucket.core.controller
 import gitbucket.core.api._
 import gitbucket.core.helper.xml
 import gitbucket.core.model.Account
-import gitbucket.core.service.{RepositoryService, ActivityService, AccountService, RepositorySearchService, IssuesService}
+import gitbucket.core.service._
 import gitbucket.core.util.Implicits._
 import gitbucket.core.util.ControlUtil._
-import gitbucket.core.util.{LDAPUtil, Keys, UsersAuthenticator, ReferrerAuthenticator, StringUtil}
+import gitbucket.core.util.{Keys, LDAPUtil, ReferrerAuthenticator, UsersAuthenticator}
 import io.github.gitbucket.scalatra.forms._
 import org.scalatra.Ok
 class IndexController extends IndexControllerBase 
@@ -37,23 +36,11 @@ trait IndexControllerBase extends ControllerBase {
  get("/"){
-    val loginAccount = context.loginAccount
+    context.loginAccount.map { account =>
-    if(loginAccount.isEmpty) {
+      val visibleOwnerSet: Set[String] = Set(account.userName) ++ getGroupsByUserName(account.userName)
-        gitbucket.core.html.index(getRecentActivities(),
+      gitbucket.core.html.index(getRecentActivitiesByOwners(visibleOwnerSet), Nil, getUserRepositories(account.userName, withoutPhysicalInfo = true))
-            getVisibleRepositories(loginAccount, withoutPhysicalInfo = true),
+    }.getOrElse {
-            loginAccount.map{ account => getUserRepositories(account.userName, withoutPhysicalInfo = true) }.getOrElse(Nil)
+      gitbucket.core.html.index(getRecentActivities(), getVisibleRepositories(None, withoutPhysicalInfo = true), Nil)
        )
    } else {
        val loginUserName = loginAccount.get.userName
        val loginUserGroups = getGroupsByUserName(loginUserName)
        var visibleOwnerSet : Set[String] = Set(loginUserName)
        visibleOwnerSet ++= loginUserGroups
        gitbucket.core.html.index(getRecentActivitiesByOwners(visibleOwnerSet),
            getVisibleRepositories(loginAccount, withoutPhysicalInfo = true),
            loginAccount.map{ account => getUserRepositories(account.userName, withoutPhysicalInfo = true) }.getOrElse(Nil) 
        )
    }
  }
@@ -62,13 +49,18 @@ trait IndexControllerBase extends ControllerBase {
    if(redirect.isDefined && redirect.get.startsWith("/")){
      flash += Keys.Flash.Redirect -> redirect.get
    }
-    gitbucket.core.html.signin()
+    gitbucket.core.html.signin(flash.get("userName"), flash.get("password"), flash.get("error"))
  }
  post("/signin", signinForm){ form =>
    authenticate(context.settings, form.userName, form.password) match {
      case Some(account) => signin(account)
-      case None          => redirect("/signin")
+      case None          => {
        flash += "userName" -> form.userName
        flash += "password" -> form.password
        flash += "error" -> "Sorry, your Username and/or Password is incorrect. Please try again."
        redirect("/signin")
      }
    }
  }
@@ -82,6 +74,15 @@ trait IndexControllerBase extends ControllerBase {
    xml.feed(getRecentActivities())
  }
  get("/sidebar-collapse"){
    if(params("collapse") == "true"){
      session.setAttribute("sidebar-collapse", "true")
    }  else {
      session.setAttribute("sidebar-collapse", null)
    }
    Ok()
  }
  /**
   * Set account information into HttpSession and redirect.
   */
@@ -109,27 +110,35 @@ trait IndexControllerBase extends ControllerBase {
   */
  get("/_user/proposals")(usersOnly {
    contentType = formats("json")
    val user  = params("user").toBoolean
    val group = params("group").toBoolean
    org.json4s.jackson.Serialization.write(
-      Map("options" -> getAllUsers(false).filter(!_.isGroupAccount).map(_.userName).toArray)
+      Map("options" -> (
        getAllUsers(false)
          .withFilter { t => (user, group) match {
            case (true, true) => true
            case (true, false) => !t.isGroupAccount
            case (false, true) => t.isGroupAccount
            case (false, false) => false
          }}.map { t => t.userName }
      ))
    )
  })
  /**
-   * JSON API for checking user existence.
+   * JSON API for checking user or group existence.
   * Returns a single string which is any of "group", "user" or "".
   */
  post("/_user/existence")(usersOnly {
-    getAccountByUserName(params("userName")).isDefined
+    getAccountByUserName(params("userName")).map { account =>
      if(account.isGroupAccount) "group" else "user"
    } getOrElse ""
  })
  // TODO Move to RepositoryViwerController?
  post("/search", searchForm){ form =>
    redirect(s"/${form.owner}/${form.repository}/search?q=${StringUtil.urlEncode(form.query)}")
  }
  // TODO Move to RepositoryViwerController?
  get("/:owner/:repository/search")(referrersOnly { repository =>
-    defining(params("q").trim, params.getOrElse("type", "code")){ case (query, target) =>
+    defining(params.getOrElse("q", "").trim, params.getOrElse("type", "code")){ case (query, target) =>
-      val page   = try {
+      val page = try {
        val i = params.getOrElse("page", "1").toInt
        if(i <= 0) 1 else i
      } catch {
@@ -138,15 +147,31 @@ trait IndexControllerBase extends ControllerBase {
      target.toLowerCase match {
        case "issue" => gitbucket.core.search.html.issues(
-          searchIssues(repository.owner, repository.name, query),
+          if(query.nonEmpty) searchIssues(repository.owner, repository.name, query) else Nil,
-          countFiles(repository.owner, repository.name, query),
+          query, page, repository)
        case "wiki" => gitbucket.core.search.html.wiki(
          if(query.nonEmpty) searchWikiPages(repository.owner, repository.name, query) else Nil,
          query, page, repository)
        case _ => gitbucket.core.search.html.code(
-          searchFiles(repository.owner, repository.name, query),
+          if(query.nonEmpty) searchFiles(repository.owner, repository.name, query) else Nil,
          countIssues(repository.owner, repository.name, query),
          query, page, repository)
      }
    }
  })
  get("/search"){
    val query = params.getOrElse("query", "").trim.toLowerCase
    val visibleRepositories = getVisibleRepositories(context.loginAccount, None)
    val repositories = visibleRepositories.filter { repository =>
      repository.name.toLowerCase.indexOf(query) >= 0 || repository.owner.toLowerCase.indexOf(query) >= 0
    }
    context.loginAccount.map { account =>
      gitbucket.core.search.html.repositories(query, repositories, Nil, getUserRepositories(account.userName, withoutPhysicalInfo = true))
    }.getOrElse {
      gitbucket.core.search.html.repositories(query, repositories, visibleRepositories, Nil)
    }
  }
 }
--- a/src/main/scala/gitbucket/core/controller/IssuesController.scala
+++ b/src/main/scala/gitbucket/core/controller/IssuesController.scala
@@ -8,18 +8,40 @@ import gitbucket.core.util.Implicits._
 import gitbucket.core.util._
 import gitbucket.core.view
 import gitbucket.core.view.Markdown
 import io.github.gitbucket.scalatra.forms._
-import org.scalatra.Ok
+import org.scalatra.{BadRequest, Ok}
 class IssuesController extends IssuesControllerBase
-  with IssuesService with RepositoryService with AccountService with LabelsService with MilestonesService with ActivityService with HandleCommentService
+  with IssuesService
-  with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with WebHookIssueCommentService
+  with RepositoryService
  with AccountService
  with LabelsService
  with MilestonesService
  with ActivityService
  with HandleCommentService
  with IssueCreationService
  with ReadableUsersAuthenticator
  with ReferrerAuthenticator
  with WritableUsersAuthenticator
  with PullRequestService
  with WebHookIssueCommentService
  with CommitsService
 trait IssuesControllerBase extends ControllerBase {
-  self: IssuesService with RepositoryService with AccountService with LabelsService with MilestonesService with ActivityService with HandleCommentService
+  self: IssuesService
-    with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with WebHookIssueCommentService =>
+    with RepositoryService
    with AccountService
    with LabelsService
    with MilestonesService
    with ActivityService
    with HandleCommentService
    with IssueCreationService
    with ReadableUsersAuthenticator
    with ReferrerAuthenticator
    with WritableUsersAuthenticator
    with PullRequestService
    with WebHookIssueCommentService =>
  case class IssueCreateForm(title: String, content: Option[String],
    assignedUserName: Option[String], milestoneId: Option[Int], labelNames: Option[String])
@@ -67,145 +89,121 @@ trait IssuesControllerBase extends ControllerBase {
          _,
          getComments(owner, name, issueId.toInt),
          getIssueLabels(owner, name, issueId.toInt),
-          (getCollaborators(owner, name) ::: (if(getAccountByUserName(owner).get.isGroupAccount) Nil else List(owner))).sorted,
+          getAssignableUserNames(owner, name),
          getMilestonesWithIssueCount(owner, name),
          getLabels(owner, name),
-          hasWritePermission(owner, name, context.loginAccount),
+          isIssueEditable(repository),
          isIssueManageable(repository),
          repository)
-      } getOrElse NotFound
+      } getOrElse NotFound()
    }
  })
  get("/:owner/:repository/issues/new")(readableUsersOnly { repository =>
-    defining(repository.owner, repository.name){ case (owner, name) =>
+    if(isIssueEditable(repository)){ // TODO Should this check is provided by authenticator?
-      html.create(
+      defining(repository.owner, repository.name){ case (owner, name) =>
-        (getCollaborators(owner, name) ::: (if(getAccountByUserName(owner).get.isGroupAccount) Nil else List(owner))).sorted,
+        html.create(
          getAssignableUserNames(owner, name),
          getMilestones(owner, name),
          getLabels(owner, name),
-          hasWritePermission(owner, name, context.loginAccount),
+          isIssueManageable(repository),
          getContentTemplate(repository, "ISSUE_TEMPLATE"),
          repository)
-    }
+      }
    } else Unauthorized()
  })
  post("/:owner/:repository/issues/new", issueCreateForm)(readableUsersOnly { (form, repository) =>
-    defining(repository.owner, repository.name){ case (owner, name) =>
+    if(isIssueEditable(repository)){ // TODO Should this check is provided by authenticator?
-      val writable = hasWritePermission(owner, name, context.loginAccount)
+      val issue = createIssue(
-      val userName = context.loginAccount.get.userName
+        repository,
        form.title,
        form.content,
        form.assignedUserName,
        form.milestoneId,
        form.labelNames.toArray.flatMap(_.split(",")),
        context.loginAccount.get)
-      // insert issue
+      redirect(s"/${issue.userName}/${issue.repositoryName}/issues/${issue.issueId}")
-      val issueId = createIssue(owner, name, userName, form.title, form.content,
+    } else Unauthorized()
        if(writable) form.assignedUserName else None,
        if(writable) form.milestoneId else None)
      // insert labels
      if(writable){
        form.labelNames.map { value =>
          val labels = getLabels(owner, name)
          value.split(",").foreach { labelName =>
            labels.find(_.labelName == labelName).map { label =>
              registerIssueLabel(owner, name, issueId, label.labelId)
            }
          }
        }
      }
      // record activity
      recordCreateIssueActivity(owner, name, userName, issueId, form.title)
      getIssue(owner, name, issueId.toString).foreach { issue =>
        // extract references and create refer comment
        createReferComment(owner, name, issue, form.title + " " + form.content.getOrElse(""), context.loginAccount.get)
        // call web hooks
        callIssuesWebHook("opened", repository, issue, context.baseUrl, context.loginAccount.get)
        // notifications
        Notifier().toNotify(repository, issue, form.content.getOrElse("")){
          Notifier.msgIssue(s"${context.baseUrl}/${owner}/${name}/issues/${issueId}")
        }
      }
      redirect(s"/${owner}/${name}/issues/${issueId}")
    }
  })
  ajaxPost("/:owner/:repository/issues/edit_title/:id", issueTitleEditForm)(readableUsersOnly { (title, repository) =>
    defining(repository.owner, repository.name){ case (owner, name) =>
      getIssue(owner, name, params("id")).map { issue =>
-        if(isEditable(owner, name, issue.openedUserName)){
+        if(isEditableContent(owner, name, issue.openedUserName)){
          // update issue
          updateIssue(owner, name, issue.issueId, title, issue.content)
          // extract references and create refer comment
          createReferComment(owner, name, issue.copy(title = title), title, context.loginAccount.get)
          redirect(s"/${owner}/${name}/issues/_data/${issue.issueId}")
-        } else Unauthorized
+        } else Unauthorized()
-      } getOrElse NotFound
+      } getOrElse NotFound()
    }
  })
  ajaxPost("/:owner/:repository/issues/edit/:id", issueEditForm)(readableUsersOnly { (content, repository) =>
    defining(repository.owner, repository.name){ case (owner, name) =>
      getIssue(owner, name, params("id")).map { issue =>
-        if(isEditable(owner, name, issue.openedUserName)){
+        if(isEditableContent(owner, name, issue.openedUserName)){
          // update issue
          updateIssue(owner, name, issue.issueId, issue.title, content)
          // extract references and create refer comment
          createReferComment(owner, name, issue, content.getOrElse(""), context.loginAccount.get)
          redirect(s"/${owner}/${name}/issues/_data/${issue.issueId}")
-        } else Unauthorized
+        } else Unauthorized()
-      } getOrElse NotFound
+      } getOrElse NotFound()
    }
  })
  post("/:owner/:repository/issue_comments/new", commentForm)(readableUsersOnly { (form, repository) =>
    getIssue(repository.owner, repository.name, form.issueId.toString).flatMap { issue =>
-      val actionOpt = params.get("action").filter(_ => isEditable(issue.userName, issue.repositoryName, issue.openedUserName))
+      val actionOpt = params.get("action").filter(_ => isEditableContent(issue.userName, issue.repositoryName, issue.openedUserName))
      handleComment(issue, Some(form.content), repository, actionOpt) map { case (issue, id) =>
        redirect(s"/${repository.owner}/${repository.name}/${
          if(issue.isPullRequest) "pull" else "issues"}/${form.issueId}#comment-${id}")
      }
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
  post("/:owner/:repository/issue_comments/state", issueStateForm)(readableUsersOnly { (form, repository) =>
    getIssue(repository.owner, repository.name, form.issueId.toString).flatMap { issue =>
-      val actionOpt = params.get("action").filter(_ => isEditable(issue.userName, issue.repositoryName, issue.openedUserName))
+      val actionOpt = params.get("action").filter(_ => isEditableContent(issue.userName, issue.repositoryName, issue.openedUserName))
      handleComment(issue, form.content, repository, actionOpt) map { case (issue, id) =>
        redirect(s"/${repository.owner}/${repository.name}/${
          if(issue.isPullRequest) "pull" else "issues"}/${form.issueId}#comment-${id}")
      }
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
  ajaxPost("/:owner/:repository/issue_comments/edit/:id", commentForm)(readableUsersOnly { (form, repository) =>
    defining(repository.owner, repository.name){ case (owner, name) =>
      getComment(owner, name, params("id")).map { comment =>
-        if(isEditable(owner, name, comment.commentedUserName)){
+        if(isEditableContent(owner, name, comment.commentedUserName)){
          updateComment(comment.commentId, form.content)
          redirect(s"/${owner}/${name}/issue_comments/_data/${comment.commentId}")
-        } else Unauthorized
+        } else Unauthorized()
-      } getOrElse NotFound
+      } getOrElse NotFound()
    }
  })
  ajaxPost("/:owner/:repository/issue_comments/delete/:id")(readableUsersOnly { repository =>
    defining(repository.owner, repository.name){ case (owner, name) =>
      getComment(owner, name, params("id")).map { comment =>
-        if(isEditable(owner, name, comment.commentedUserName)){
+        if(isEditableContent(owner, name, comment.commentedUserName)){
          Ok(deleteComment(comment.commentId))
-        } else Unauthorized
+        } else Unauthorized()
-      } getOrElse NotFound
+      } getOrElse NotFound()
    }
  })
  ajaxGet("/:owner/:repository/issues/_data/:id")(readableUsersOnly { repository =>
    getIssue(repository.owner, repository.name, params("id")) map { x =>
-      if(isEditable(x.userName, x.repositoryName, x.openedUserName)){
+      if(isEditableContent(x.userName, x.repositoryName, x.openedUserName)){
        params.get("dataType") collect {
-          case t if t == "html" => html.editissue(
+          case t if t == "html" => html.editissue(x.content, x.issueId, repository)
              x.content, x.issueId, x.userName, x.repositoryName)
        } getOrElse {
          contentType = formats("json")
          org.json4s.jackson.Serialization.write(
@@ -219,21 +217,20 @@ trait IssuesControllerBase extends ControllerBase {
                enableAnchor = true,
                enableLineBreaks = true,
                enableTaskList = true,
-                hasWritePermission = isEditable(x.userName, x.repositoryName, x.openedUserName)
+                hasWritePermission = true
              )
            )
          )
        }
-      } else Unauthorized
+      } else Unauthorized()
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
  ajaxGet("/:owner/:repository/issue_comments/_data/:id")(readableUsersOnly { repository =>
    getComment(repository.owner, repository.name, params("id")) map { x =>
-      if(isEditable(x.userName, x.repositoryName, x.commentedUserName)){
+      if(isEditableContent(x.userName, x.repositoryName, x.commentedUserName)){
        params.get("dataType") collect {
-          case t if t == "html" => html.editcomment(
+          case t if t == "html" => html.editcomment(x.content, x.commentId, repository)
              x.content, x.commentId, x.userName, x.repositoryName)
        } getOrElse {
          contentType = formats("json")
          org.json4s.jackson.Serialization.write(
@@ -246,51 +243,51 @@ trait IssuesControllerBase extends ControllerBase {
                enableAnchor = true,
                enableLineBreaks = true,
                enableTaskList = true,
-                hasWritePermission = isEditable(x.userName, x.repositoryName, x.commentedUserName)
+                hasWritePermission = true
              )
            )
          )
        }
-      } else Unauthorized
+      } else Unauthorized()
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
-  ajaxPost("/:owner/:repository/issues/new/label")(collaboratorsOnly { repository =>
+  ajaxPost("/:owner/:repository/issues/new/label")(writableUsersOnly { repository =>
    val labelNames = params("labelNames").split(",")
    val labels = getLabels(repository.owner, repository.name).filter(x => labelNames.contains(x.labelName))
    html.labellist(labels)
  })
-  ajaxPost("/:owner/:repository/issues/:id/label/new")(collaboratorsOnly { repository =>
+  ajaxPost("/:owner/:repository/issues/:id/label/new")(writableUsersOnly { repository =>
    defining(params("id").toInt){ issueId =>
      registerIssueLabel(repository.owner, repository.name, issueId, params("labelId").toInt)
      html.labellist(getIssueLabels(repository.owner, repository.name, issueId))
    }
  })
-  ajaxPost("/:owner/:repository/issues/:id/label/delete")(collaboratorsOnly { repository =>
+  ajaxPost("/:owner/:repository/issues/:id/label/delete")(writableUsersOnly { repository =>
    defining(params("id").toInt){ issueId =>
      deleteIssueLabel(repository.owner, repository.name, issueId, params("labelId").toInt)
      html.labellist(getIssueLabels(repository.owner, repository.name, issueId))
    }
  })
-  ajaxPost("/:owner/:repository/issues/:id/assign")(collaboratorsOnly { repository =>
+  ajaxPost("/:owner/:repository/issues/:id/assign")(writableUsersOnly { repository =>
    updateAssignedUserName(repository.owner, repository.name, params("id").toInt, assignedUserName("assignedUserName"))
    Ok("updated")
  })
-  ajaxPost("/:owner/:repository/issues/:id/milestone")(collaboratorsOnly { repository =>
+  ajaxPost("/:owner/:repository/issues/:id/milestone")(writableUsersOnly { repository =>
    updateMilestoneId(repository.owner, repository.name, params("id").toInt, milestoneId("milestoneId"))
    milestoneId("milestoneId").map { milestoneId =>
      getMilestonesWithIssueCount(repository.owner, repository.name)
          .find(_._1.milestoneId == milestoneId).map { case (_, openCount, closeCount) =>
        gitbucket.core.issues.milestones.html.progress(openCount + closeCount, closeCount)
-      } getOrElse NotFound
+      } getOrElse NotFound()
    } getOrElse Ok()
  })
-  post("/:owner/:repository/issues/batchedit/state")(collaboratorsOnly { repository =>
+  post("/:owner/:repository/issues/batchedit/state")(writableUsersOnly { repository =>
    defining(params.get("value")){ action =>
      action match {
        case Some("open")  => executeBatch(repository) { issueId =>
@@ -303,22 +300,22 @@ trait IssuesControllerBase extends ControllerBase {
            handleComment(issue, None, repository, Some("close"))
          }
        }
-        case _ => // TODO BadRequest
+        case _ => BadRequest()
      }
    }
  })
-  post("/:owner/:repository/issues/batchedit/label")(collaboratorsOnly { repository =>
+  post("/:owner/:repository/issues/batchedit/label")(writableUsersOnly { repository =>
    params("value").toIntOpt.map{ labelId =>
      executeBatch(repository) { issueId =>
        getIssueLabel(repository.owner, repository.name, issueId, labelId) getOrElse {
          registerIssueLabel(repository.owner, repository.name, issueId, labelId)
        }
      }
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
-  post("/:owner/:repository/issues/batchedit/assign")(collaboratorsOnly { repository =>
+  post("/:owner/:repository/issues/batchedit/assign")(writableUsersOnly { repository =>
    defining(assignedUserName("value")){ value =>
      executeBatch(repository) {
        updateAssignedUserName(repository.owner, repository.name, _, value)
@@ -326,7 +323,7 @@ trait IssuesControllerBase extends ControllerBase {
    }
  })
-  post("/:owner/:repository/issues/batchedit/milestone")(collaboratorsOnly { repository =>
+  post("/:owner/:repository/issues/batchedit/milestone")(writableUsersOnly { repository =>
    defining(milestoneId("value")){ value =>
      executeBatch(repository) {
        updateMilestoneId(repository.owner, repository.name, _, value)
@@ -342,15 +339,12 @@ trait IssuesControllerBase extends ControllerBase {
          RawData(FileUtil.getMimeType(file.getName), file)
        }
      case _ => None
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
  })
  val assignedUserName = (key: String) => params.get(key) filter (_.trim != "")
  val milestoneId: String => Option[Int] = (key: String) => params.get(key).flatMap(_.toIntOpt)
  private def isEditable(owner: String, repository: String, author: String)(implicit context: Context): Boolean =
    hasWritePermission(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
  private def executeBatch(repository: RepositoryService.RepositoryInfo)(execute: Int => Unit) = {
    params("checked").split(',') map(_.toInt) foreach execute
    params("from") match {
@@ -361,37 +355,31 @@ trait IssuesControllerBase extends ControllerBase {
  private def searchIssues(repository: RepositoryService.RepositoryInfo) = {
    defining(repository.owner, repository.name){ case (owner, repoName) =>
-      val page       = IssueSearchCondition.page(request)
+      val page = IssueSearchCondition.page(request)
      val sessionKey = Keys.Session.Issues(owner, repoName)
      // retrieve search condition
-      val condition = session.putAndGet(sessionKey,
+      val condition = IssueSearchCondition(request)
        if(request.hasQueryString){
          val q = request.getParameter("q")
          if(q == null || q.trim.isEmpty){
            IssueSearchCondition(request)
          } else {
            IssueSearchCondition(q, getMilestones(owner, repoName).map(x => (x.title, x.milestoneId)).toMap)
          }
        } else session.getAs[IssueSearchCondition](sessionKey).getOrElse(IssueSearchCondition())
      )
      html.list(
          "issues",
          searchIssue(condition, false, (page - 1) * IssueLimit, IssueLimit, owner -> repoName),
          page,
-          if(!getAccountByUserName(owner).exists(_.isGroupAccount)){
+          getAssignableUserNames(owner, repoName),
            (getCollaborators(owner, repoName) :+ owner).sorted
          } else {
            getCollaborators(owner, repoName)
          },
          getMilestones(owner, repoName),
          getLabels(owner, repoName),
          countIssue(condition.copy(state = "open"  ), false, owner -> repoName),
          countIssue(condition.copy(state = "closed"), false, owner -> repoName),
          condition,
          repository,
-          hasWritePermission(owner, repoName, context.loginAccount))
+          isIssueEditable(repository),
          isIssueManageable(repository))
    }
  }
  /**
   * Tests whether an issue or a comment is editable by a logged-in user.
   */
  private def isEditableContent(owner: String, repository: String, author: String)(implicit context: Context): Boolean = {
    hasDeveloperRole(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
  }
 }
--- a/src/main/scala/gitbucket/core/controller/LabelsController.scala
+++ b/src/main/scala/gitbucket/core/controller/LabelsController.scala
@@ -2,7 +2,7 @@ package gitbucket.core.controller
 import gitbucket.core.issues.labels.html
 import gitbucket.core.service.{RepositoryService, AccountService, IssuesService, LabelsService}
-import gitbucket.core.util.{ReferrerAuthenticator, CollaboratorsAuthenticator}
+import gitbucket.core.util.{ReferrerAuthenticator, WritableUsersAuthenticator}
 import gitbucket.core.util.Implicits._
 import io.github.gitbucket.scalatra.forms._
 import org.scalatra.i18n.Messages
@@ -10,11 +10,11 @@ import org.scalatra.Ok
 class LabelsController extends LabelsControllerBase
  with LabelsService with IssuesService with RepositoryService with AccountService
-with ReferrerAuthenticator with CollaboratorsAuthenticator
+with ReferrerAuthenticator with WritableUsersAuthenticator
 trait LabelsControllerBase extends ControllerBase {
  self: LabelsService with IssuesService with RepositoryService
-    with ReferrerAuthenticator with CollaboratorsAuthenticator =>
+    with ReferrerAuthenticator with WritableUsersAuthenticator =>
  case class LabelForm(labelName: String, color: String)
@@ -29,40 +29,40 @@ trait LabelsControllerBase extends ControllerBase {
      getLabels(repository.owner, repository.name),
      countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
      repository,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount))
+      hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
  })
-  ajaxGet("/:owner/:repository/issues/labels/new")(collaboratorsOnly { repository =>
+  ajaxGet("/:owner/:repository/issues/labels/new")(writableUsersOnly { repository =>
    html.edit(None, repository)
  })
-  ajaxPost("/:owner/:repository/issues/labels/new", labelForm)(collaboratorsOnly { (form, repository) =>
+  ajaxPost("/:owner/:repository/issues/labels/new", labelForm)(writableUsersOnly { (form, repository) =>
    val labelId = createLabel(repository.owner, repository.name, form.labelName, form.color.substring(1))
    html.label(
      getLabel(repository.owner, repository.name, labelId).get,
      // TODO futility
      countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
      repository,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount))
+      hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
  })
-  ajaxGet("/:owner/:repository/issues/labels/:labelId/edit")(collaboratorsOnly { repository =>
+  ajaxGet("/:owner/:repository/issues/labels/:labelId/edit")(writableUsersOnly { repository =>
    getLabel(repository.owner, repository.name, params("labelId").toInt).map { label =>
      html.edit(Some(label), repository)
    } getOrElse NotFound()
  })
-  ajaxPost("/:owner/:repository/issues/labels/:labelId/edit", labelForm)(collaboratorsOnly { (form, repository) =>
+  ajaxPost("/:owner/:repository/issues/labels/:labelId/edit", labelForm)(writableUsersOnly { (form, repository) =>
    updateLabel(repository.owner, repository.name, params("labelId").toInt, form.labelName, form.color.substring(1))
    html.label(
      getLabel(repository.owner, repository.name, params("labelId").toInt).get,
      // TODO futility
      countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
      repository,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount))
+      hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
  })
-  ajaxPost("/:owner/:repository/issues/labels/:labelId/delete")(collaboratorsOnly { repository =>
+  ajaxPost("/:owner/:repository/issues/labels/:labelId/delete")(writableUsersOnly { repository =>
    deleteLabel(repository.owner, repository.name, params("labelId").toInt)
    Ok()
  })
--- a/src/main/scala/gitbucket/core/controller/MilestonesController.scala
+++ b/src/main/scala/gitbucket/core/controller/MilestonesController.scala
@@ -2,17 +2,17 @@ package gitbucket.core.controller
 import gitbucket.core.issues.milestones.html
 import gitbucket.core.service.{RepositoryService, MilestonesService, AccountService}
-import gitbucket.core.util.{ReferrerAuthenticator, CollaboratorsAuthenticator}
+import gitbucket.core.util.{ReferrerAuthenticator, WritableUsersAuthenticator}
 import gitbucket.core.util.Implicits._
 import io.github.gitbucket.scalatra.forms._
 class MilestonesController extends MilestonesControllerBase
  with MilestonesService with RepositoryService with AccountService
-  with ReferrerAuthenticator with CollaboratorsAuthenticator
+  with ReferrerAuthenticator with WritableUsersAuthenticator
 trait MilestonesControllerBase extends ControllerBase {
  self: MilestonesService with RepositoryService
-    with ReferrerAuthenticator with CollaboratorsAuthenticator  =>
+    with ReferrerAuthenticator with WritableUsersAuthenticator  =>
  case class MilestoneForm(title: String, description: Option[String], dueDate: Option[java.util.Date])
@@ -27,58 +27,58 @@ trait MilestonesControllerBase extends ControllerBase {
      params.getOrElse("state", "open"),
      getMilestonesWithIssueCount(repository.owner, repository.name),
      repository,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount))
+      hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
  })
-  get("/:owner/:repository/issues/milestones/new")(collaboratorsOnly {
+  get("/:owner/:repository/issues/milestones/new")(writableUsersOnly {
    html.edit(None, _)
  })
-  post("/:owner/:repository/issues/milestones/new", milestoneForm)(collaboratorsOnly { (form, repository) =>
+  post("/:owner/:repository/issues/milestones/new", milestoneForm)(writableUsersOnly { (form, repository) =>
    createMilestone(repository.owner, repository.name, form.title, form.description, form.dueDate)
    redirect(s"/${repository.owner}/${repository.name}/issues/milestones")
  })
-  get("/:owner/:repository/issues/milestones/:milestoneId/edit")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/issues/milestones/:milestoneId/edit")(writableUsersOnly { repository =>
    params("milestoneId").toIntOpt.map{ milestoneId =>
      html.edit(getMilestone(repository.owner, repository.name, milestoneId), repository)
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
-  post("/:owner/:repository/issues/milestones/:milestoneId/edit", milestoneForm)(collaboratorsOnly { (form, repository) =>
+  post("/:owner/:repository/issues/milestones/:milestoneId/edit", milestoneForm)(writableUsersOnly { (form, repository) =>
    params("milestoneId").toIntOpt.flatMap{ milestoneId =>
      getMilestone(repository.owner, repository.name, milestoneId).map { milestone =>
        updateMilestone(milestone.copy(title = form.title, description = form.description, dueDate = form.dueDate))
        redirect(s"/${repository.owner}/${repository.name}/issues/milestones")
      }
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
-  get("/:owner/:repository/issues/milestones/:milestoneId/close")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/issues/milestones/:milestoneId/close")(writableUsersOnly { repository =>
    params("milestoneId").toIntOpt.flatMap{ milestoneId =>
      getMilestone(repository.owner, repository.name, milestoneId).map { milestone =>
        closeMilestone(milestone)
        redirect(s"/${repository.owner}/${repository.name}/issues/milestones")
      }
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
-  get("/:owner/:repository/issues/milestones/:milestoneId/open")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/issues/milestones/:milestoneId/open")(writableUsersOnly { repository =>
    params("milestoneId").toIntOpt.flatMap{ milestoneId =>
      getMilestone(repository.owner, repository.name, milestoneId).map { milestone =>
        openMilestone(milestone)
        redirect(s"/${repository.owner}/${repository.name}/issues/milestones")
      }
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
-  get("/:owner/:repository/issues/milestones/:milestoneId/delete")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/issues/milestones/:milestoneId/delete")(writableUsersOnly { repository =>
    params("milestoneId").toIntOpt.flatMap{ milestoneId =>
      getMilestone(repository.owner, repository.name, milestoneId).map { milestone =>
        deleteMilestone(repository.owner, repository.name, milestone.milestoneId)
        redirect(s"/${repository.owner}/${repository.name}/issues/milestones")
      }
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
 }
--- a/src/main/scala/gitbucket/core/controller/PullRequestsController.scala
+++ b/src/main/scala/gitbucket/core/controller/PullRequestsController.scala
@@ -6,36 +6,32 @@ import gitbucket.core.service.CommitStatusService
 import gitbucket.core.service.MergeService
 import gitbucket.core.service.IssuesService._
 import gitbucket.core.service.PullRequestService._
 import gitbucket.core.service.RepositoryService.RepositoryInfo
 import gitbucket.core.service._
 import gitbucket.core.util.ControlUtil._
 import gitbucket.core.util.Directory._
 import gitbucket.core.util.Implicits._
 import gitbucket.core.util.JGitUtil._
 import gitbucket.core.util._
 import gitbucket.core.view
 import gitbucket.core.view.helpers
 import io.github.gitbucket.scalatra.forms._
 import org.eclipse.jgit.api.Git
 import org.eclipse.jgit.lib.PersonIdent
 import org.slf4j.LoggerFactory
 import scala.collection.JavaConverters._
 class PullRequestsController extends PullRequestsControllerBase
  with RepositoryService with AccountService with IssuesService with PullRequestService with MilestonesService with LabelsService
-  with CommitsService with ActivityService with WebHookPullRequestService with ReferrerAuthenticator with CollaboratorsAuthenticator
+  with CommitsService with ActivityService with WebHookPullRequestService
  with ReadableUsersAuthenticator with ReferrerAuthenticator with WritableUsersAuthenticator
  with CommitStatusService with MergeService with ProtectedBranchService
 trait PullRequestsControllerBase extends ControllerBase {
  self: RepositoryService with AccountService with IssuesService with MilestonesService with LabelsService
-    with CommitsService with ActivityService with PullRequestService with WebHookPullRequestService with ReferrerAuthenticator with CollaboratorsAuthenticator
+    with CommitsService with ActivityService with PullRequestService with WebHookPullRequestService
    with ReadableUsersAuthenticator with ReferrerAuthenticator with WritableUsersAuthenticator
    with CommitStatusService with MergeService with ProtectedBranchService =>
  private val logger = LoggerFactory.getLogger(classOf[PullRequestsControllerBase])
  val pullRequestForm = mapping(
    "title"                 -> trim(label("Title"  , text(required, maxlength(100)))),
    "content"               -> trim(label("Content", optional(text()))),
@@ -94,17 +90,18 @@ trait PullRequestsControllerBase extends ControllerBase {
            (commits.flatten.map(commit => getCommitComments(owner, name, commit.id, true)).flatten.toList ::: getComments(owner, name, issueId))
              .sortWith((a, b) => a.registeredDate before b.registeredDate),
            getIssueLabels(owner, name, issueId),
-            (getCollaborators(owner, name) ::: (if(getAccountByUserName(owner).get.isGroupAccount) Nil else List(owner))).sorted,
+            getAssignableUserNames(owner, name),
            getMilestonesWithIssueCount(owner, name),
            getLabels(owner, name),
            commits,
            diffs,
-            hasWritePermission(owner, name, context.loginAccount),
+            isEditable(repository),
            isManageable(repository),
            repository,
            flash.toMap.map(f => f._1 -> f._2.toString))
        }
      }
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
  ajaxGet("/:owner/:repository/pull/:id/mergeguide")(referrersOnly { repository =>
@@ -115,7 +112,7 @@ trait PullRequestsControllerBase extends ControllerBase {
        val hasConflict = LockUtil.lock(s"${owner}/${name}"){
          checkConflict(owner, name, pullreq.branch, issueId)
        }
-        val hasMergePermission = hasWritePermission(owner, name, context.loginAccount)
+        val hasMergePermission = hasDeveloperRole(owner, name, context.loginAccount)
        val branchProtection = getProtectedBranchInfo(owner, name, pullreq.branch)
        val mergeStatus = PullRequestService.MergeStatus(
           hasConflict         = hasConflict,
@@ -125,7 +122,7 @@ trait PullRequestsControllerBase extends ControllerBase {
           needStatusCheck     = context.loginAccount.map{ u =>
                                   branchProtection.needStatusCheck(u.userName)
                                 }.getOrElse(true),
-           hasUpdatePermission = hasWritePermission(pullreq.requestUserName, pullreq.requestRepositoryName, context.loginAccount) &&
+           hasUpdatePermission = hasDeveloperRole(pullreq.requestUserName, pullreq.requestRepositoryName, context.loginAccount) &&
                                   context.loginAccount.map{ u =>
                                     !getProtectedBranchInfo(pullreq.requestUserName, pullreq.requestRepositoryName, pullreq.requestBranch).needStatusCheck(u.userName)
                                   }.getOrElse(false),
@@ -138,10 +135,10 @@ trait PullRequestsControllerBase extends ControllerBase {
          repository,
          getRepository(pullreq.requestUserName, pullreq.requestRepositoryName).get)
      }
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
-  get("/:owner/:repository/pull/:id/delete/*")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/pull/:id/delete/*")(writableUsersOnly { repository =>
    params("id").toIntOpt.map { issueId =>
      val branchName = multiParams("splat").head
      val userName   = context.loginAccount.get.userName
@@ -153,27 +150,27 @@ trait PullRequestsControllerBase extends ControllerBase {
      }
      createComment(repository.owner, repository.name, userName, issueId, branchName, "delete_branch")
      redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
-  post("/:owner/:repository/pull/:id/update_branch")(referrersOnly { baseRepository =>
+  post("/:owner/:repository/pull/:id/update_branch")(writableUsersOnly { baseRepository =>
    (for {
      issueId <- params("id").toIntOpt
      loginAccount <- context.loginAccount
      (issue, pullreq) <- getPullRequest(baseRepository.owner, baseRepository.name, issueId)
      owner = pullreq.requestUserName
      name  = pullreq.requestRepositoryName
-      if hasWritePermission(owner, name, context.loginAccount)
+      if hasDeveloperRole(owner, name, context.loginAccount)
    } yield {
      val repository = getRepository(owner, name).get
      val branchProtection = getProtectedBranchInfo(owner, name, pullreq.requestBranch)
      if(branchProtection.needStatusCheck(loginAccount.userName)){
        flash += "error" -> s"branch ${pullreq.requestBranch} is protected need status check."
      } else {
        val repository = getRepository(owner, name).get
        LockUtil.lock(s"${owner}/${name}"){
          val alias = if(pullreq.repositoryName == pullreq.requestRepositoryName && pullreq.userName == pullreq.requestUserName){
            pullreq.branch
-          }else{
+          } else {
            s"${pullreq.userName}:${pullreq.branch}"
          }
          val existIds = using(Git.open(Directory.getRepositoryDir(owner, name))) { git => JGitUtil.getAllCommitIds(git) }.toSet
@@ -187,11 +184,10 @@ trait PullRequestsControllerBase extends ControllerBase {
              using(Git.open(Directory.getRepositoryDir(owner, name))) { git =>
                //  after update branch
                val newCommitId = git.getRepository.resolve(s"refs/heads/${pullreq.requestBranch}")
                val commits = git.log.addRange(oldId, newCommitId).call.iterator.asScala.map(c => new JGitUtil.CommitInfo(c)).toList
-                commits.foreach{ commit =>
+                commits.foreach { commit =>
                  if(!existIds.contains(commit.id)){
                    createIssueComment(owner, name, commit)
                  }
@@ -202,7 +198,7 @@ trait PullRequestsControllerBase extends ControllerBase {
                // close issue by commit message
                if(pullreq.requestBranch == repository.repository.defaultBranch){
-                  commits.map{ commit =>
+                  commits.map { commit =>
                    closeIssuesFromMessage(commit.fullMessage, loginAccount.userName, owner, name)
                  }
                }
@@ -220,12 +216,13 @@ trait PullRequestsControllerBase extends ControllerBase {
              flash += "info" -> s"Merge branch '${alias}' into ${pullreq.requestBranch}"
          }
        }
        redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
      }
-    }) getOrElse NotFound
+      redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
    }) getOrElse NotFound()
  })
-  post("/:owner/:repository/pull/:id/merge", mergeForm)(collaboratorsOnly { (form, repository) =>
+  post("/:owner/:repository/pull/:id/merge", mergeForm)(writableUsersOnly { (form, repository) =>
    params("id").toIntOpt.flatMap { issueId =>
      val owner = repository.owner
      val name  = repository.name
@@ -255,10 +252,7 @@ trait PullRequestsControllerBase extends ControllerBase {
              commits.flatten.foreach { commit =>
                closeIssuesFromMessage(commit.fullMessage, loginAccount.userName, owner, name)
              }
-              issue.content match {
+              closeIssuesFromMessage(issue.title + " " + issue.content.getOrElse(""), loginAccount.userName, owner, name)
                case Some(content) => closeIssuesFromMessage(content, loginAccount.userName, owner, name)
                case _ =>
              }
              closeIssuesFromMessage(form.message, loginAccount.userName, owner, name)
            }
@@ -276,7 +270,7 @@ trait PullRequestsControllerBase extends ControllerBase {
          }
        }
      }
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
  get("/:owner/:repository/compare")(referrersOnly { forkedRepository =>
@@ -293,7 +287,7 @@ trait PullRequestsControllerBase extends ControllerBase {
            redirect(s"/${forkedRepository.owner}/${forkedRepository.name}/compare/${originUserName}:${oldBranch}...${newBranch}")
          }
-        } getOrElse NotFound
+        } getOrElse NotFound()
      }
      case _ => {
        using(Git.open(getRepositoryDir(forkedRepository.owner, forkedRepository.name))){ git =>
@@ -354,7 +348,15 @@ trait PullRequestsControllerBase extends ControllerBase {
              originRepository.owner, originRepository.name, oldId.getName,
              forkedRepository.owner, forkedRepository.name, newId.getName)
            val title = if(commits.flatten.length == 1){
              commits.flatten.head.shortMessage
            } else {
              val text = forkedId.replaceAll("[\\-_]", " ")
              text.substring(0, 1).toUpperCase + text.substring(1)
            }
            html.compare(
              title,
              commits,
              diffs,
              (forkedRepository.repository.originUserName, forkedRepository.repository.originRepositoryName) match {
@@ -366,11 +368,12 @@ trait PullRequestsControllerBase extends ControllerBase {
              forkedId,
              oldId.getName,
              newId.getName,
              getContentTemplate(originRepository, "PULL_REQUEST_TEMPLATE"),
              forkedRepository,
              originRepository,
              forkedRepository,
-              hasWritePermission(originRepository.owner, originRepository.name, context.loginAccount),
+              hasDeveloperRole(originRepository.owner, originRepository.name, context.loginAccount),
-              (getCollaborators(originRepository.owner, originRepository.name) ::: (if(getAccountByUserName(originRepository.owner).get.isGroupAccount) Nil else List(originRepository.owner))).sorted,
+              getAssignableUserNames(originRepository.owner, originRepository.name),
              getMilestones(originRepository.owner, originRepository.name),
              getLabels(originRepository.owner, originRepository.name)
            )
@@ -381,10 +384,10 @@ trait PullRequestsControllerBase extends ControllerBase {
                     s"${forkedOwner}:${newId.map(_ => forkedId).getOrElse(forkedRepository.repository.defaultBranch)}")
        }
      }
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
  })
-  ajaxGet("/:owner/:repository/compare/*...*/mergecheck")(collaboratorsOnly { forkedRepository =>
+  ajaxGet("/:owner/:repository/compare/*...*/mergecheck")(readableUsersOnly { forkedRepository =>
    val Seq(origin, forked) = multiParams("splat")
    val (originOwner, tmpOriginBranch) = parseCompareIdentifie(origin, forkedRepository.owner)
    val (forkedOwner, tmpForkedBranch) = parseCompareIdentifie(forked, forkedRepository.owner)
@@ -411,67 +414,71 @@ trait PullRequestsControllerBase extends ControllerBase {
        }
        html.mergecheck(conflict)
      }
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
  })
-  post("/:owner/:repository/pulls/new", pullRequestForm)(referrersOnly { (form, repository) =>
+  post("/:owner/:repository/pulls/new", pullRequestForm)(readableUsersOnly { (form, repository) =>
    defining(repository.owner, repository.name){ case (owner, name) =>
-      val writable = hasWritePermission(owner, name, context.loginAccount)
+      val manageable = isManageable(repository)
-      val loginUserName = context.loginAccount.get.userName
+      val editable = isEditable(repository)
-      val issueId = createIssue(
+      if(editable) {
-        owner            = repository.owner,
+        val loginUserName = context.loginAccount.get.userName
        repository       = repository.name,
        loginUser        = loginUserName,
        title            = form.title,
        content          = form.content,
        assignedUserName = if(writable) form.assignedUserName else None,
        milestoneId      = if(writable) form.milestoneId else None,
        isPullRequest    = true)
-      createPullRequest(
+        val issueId = insertIssue(
-        originUserName        = repository.owner,
+          owner = repository.owner,
-        originRepositoryName  = repository.name,
+          repository = repository.name,
-        issueId               = issueId,
+          loginUser = loginUserName,
-        originBranch          = form.targetBranch,
+          title = form.title,
-        requestUserName       = form.requestUserName,
+          content = form.content,
-        requestRepositoryName = form.requestRepositoryName,
+          assignedUserName = if (manageable) form.assignedUserName else None,
-        requestBranch         = form.requestBranch,
+          milestoneId = if (manageable) form.milestoneId else None,
-        commitIdFrom          = form.commitIdFrom,
+          isPullRequest = true)
        commitIdTo            = form.commitIdTo)
-      // insert labels
+        createPullRequest(
-      if(writable){
+          originUserName = repository.owner,
-        form.labelNames.map { value =>
+          originRepositoryName = repository.name,
-          val labels = getLabels(owner, name)
+          issueId = issueId,
-          value.split(",").foreach { labelName =>
+          originBranch = form.targetBranch,
-            labels.find(_.labelName == labelName).map { label =>
+          requestUserName = form.requestUserName,
-              registerIssueLabel(repository.owner, repository.name, issueId, label.labelId)
+          requestRepositoryName = form.requestRepositoryName,
          requestBranch = form.requestBranch,
          commitIdFrom = form.commitIdFrom,
          commitIdTo = form.commitIdTo)
        // insert labels
        if (manageable) {
          form.labelNames.map { value =>
            val labels = getLabels(owner, name)
            value.split(",").foreach { labelName =>
              labels.find(_.labelName == labelName).map { label =>
                registerIssueLabel(repository.owner, repository.name, issueId, label.labelId)
              }
            }
          }
        }
      }
-      // fetch requested branch
+        // fetch requested branch
-      fetchAsPullRequest(owner, name, form.requestUserName, form.requestRepositoryName, form.requestBranch, issueId)
+        fetchAsPullRequest(owner, name, form.requestUserName, form.requestRepositoryName, form.requestBranch, issueId)
-      // record activity
+        // record activity
-      recordPullRequestActivity(owner, name, loginUserName, issueId, form.title)
+        recordPullRequestActivity(owner, name, loginUserName, issueId, form.title)
-      // call web hook
+        // call web hook
-      callPullRequestWebHook("opened", repository, issueId, context.baseUrl, context.loginAccount.get)
+        callPullRequestWebHook("opened", repository, issueId, context.baseUrl, context.loginAccount.get)
-      getIssue(owner, name, issueId.toString) foreach { issue =>
+        getIssue(owner, name, issueId.toString) foreach { issue =>
-        // extract references and create refer comment
+          // extract references and create refer comment
-        createReferComment(owner, name, issue, form.title + " " + form.content.getOrElse(""), context.loginAccount.get)
+          createReferComment(owner, name, issue, form.title + " " + form.content.getOrElse(""), context.loginAccount.get)
-        // notifications
+          // notifications
-        Notifier().toNotify(repository, issue, form.content.getOrElse("")){
+          Notifier().toNotify(repository, issue, form.content.getOrElse("")) {
-          Notifier.msgPullRequest(s"${context.baseUrl}/${owner}/${name}/pull/${issueId}")
+            Notifier.msgPullRequest(s"${context.baseUrl}/${owner}/${name}/pull/${issueId}")
          }
        }
      }
-      redirect(s"/${owner}/${name}/pull/${issueId}")
+        redirect(s"/${owner}/${name}/pull/${issueId}")
      } else Unauthorized()
    }
  })
@@ -489,53 +496,45 @@ trait PullRequestsControllerBase extends ControllerBase {
      (defaultOwner, value)
    }
  private def getRequestCompareInfo(userName: String, repositoryName: String, branch: String,
      requestUserName: String, requestRepositoryName: String, requestCommitId: String): (Seq[Seq[CommitInfo]], Seq[DiffInfo]) =
    using(
      Git.open(getRepositoryDir(userName, repositoryName)),
      Git.open(getRepositoryDir(requestUserName, requestRepositoryName))
    ){ (oldGit, newGit) =>
      val oldId = oldGit.getRepository.resolve(branch)
      val newId = newGit.getRepository.resolve(requestCommitId)
      val commits = newGit.log.addRange(oldId, newId).call.iterator.asScala.map { revCommit =>
        new CommitInfo(revCommit)
      }.toList.splitWith { (commit1, commit2) =>
        helpers.date(commit1.commitTime) == view.helpers.date(commit2.commitTime)
      }
      val diffs = JGitUtil.getDiffs(newGit, oldId.getName, newId.getName, true)
      (commits, diffs)
    }
  private def searchPullRequests(userName: Option[String], repository: RepositoryService.RepositoryInfo) =
    defining(repository.owner, repository.name){ case (owner, repoName) =>
-      val page       = IssueSearchCondition.page(request)
+      val page = IssueSearchCondition.page(request)
      val sessionKey = Keys.Session.Pulls(owner, repoName)
      // retrieve search condition
-      val condition = session.putAndGet(sessionKey,
+      val condition = IssueSearchCondition(request)
        if(request.hasQueryString) IssueSearchCondition(request)
        else session.getAs[IssueSearchCondition](sessionKey).getOrElse(IssueSearchCondition())
      )
      gitbucket.core.issues.html.list(
        "pulls",
        searchIssue(condition, true, (page - 1) * PullRequestLimit, PullRequestLimit, owner -> repoName),
        page,
-        if(!getAccountByUserName(owner).exists(_.isGroupAccount)){
+        getAssignableUserNames(owner, repoName),
          (getCollaborators(owner, repoName) :+ owner).sorted
        } else {
          getCollaborators(owner, repoName)
        },
        getMilestones(owner, repoName),
        getLabels(owner, repoName),
        countIssue(condition.copy(state = "open"  ), true, owner -> repoName),
        countIssue(condition.copy(state = "closed"), true, owner -> repoName),
        condition,
        repository,
-        hasWritePermission(owner, repoName, context.loginAccount))
+        isEditable(repository),
        isManageable(repository))
    }
  /**
   * Tests whether an logged-in user can manage pull requests.
   */
  private def isManageable(repository: RepositoryInfo)(implicit context: Context): Boolean = {
    hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
  }
  /**
   * Tests whether an logged-in user can post pull requests.
   */
  private def isEditable(repository: RepositoryInfo)(implicit context: Context): Boolean = {
    repository.repository.options.issuesOption match {
      case "ALL"     => !repository.repository.isPrivate && context.loginAccount.isDefined
      case "PUBLIC"  => hasGuestRole(repository.owner, repository.name, context.loginAccount)
      case "PRIVATE" => hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
      case "DISABLE" => false
    }
  }
 }
--- a/src/main/scala/gitbucket/core/controller/RepositorySettingsController.scala
+++ b/src/main/scala/gitbucket/core/controller/RepositorySettingsController.scala
@@ -15,6 +15,7 @@ import org.scalatra.i18n.Messages
 import org.eclipse.jgit.api.Git
 import org.eclipse.jgit.lib.Constants
 import org.eclipse.jgit.lib.ObjectId
 import gitbucket.core.model.WebHookContentType
 class RepositorySettingsController extends RepositorySettingsControllerBase
@@ -26,12 +27,26 @@ trait RepositorySettingsControllerBase extends ControllerBase {
    with OwnerAuthenticator with UsersAuthenticator =>
  // for repository options
-  case class OptionsForm(repositoryName: String, description: Option[String], isPrivate: Boolean)
+  case class OptionsForm(
    repositoryName: String,
    description: Option[String],
    isPrivate: Boolean,
    issuesOption: String,
    externalIssuesUrl: Option[String],
    wikiOption: String,
    externalWikiUrl: Option[String],
    allowFork: Boolean
  )
  val optionsForm = mapping(
-    "repositoryName" -> trim(label("Repository Name", text(required, maxlength(40), identifier, renameRepositoryName))),
+    "repositoryName"    -> trim(label("Repository Name"    , text(required, maxlength(100), identifier, renameRepositoryName))),
-    "description"    -> trim(label("Description"    , optional(text()))),
+    "description"       -> trim(label("Description"        , optional(text()))),
-    "isPrivate"      -> trim(label("Repository Type", boolean()))
+    "isPrivate"         -> trim(label("Repository Type"    , boolean())),
    "issuesOption"      -> trim(label("Issues Option"      , text(required, featureOption))),
    "externalIssuesUrl" -> trim(label("External Issues URL", optional(text(maxlength(200))))),
    "wikiOption"        -> trim(label("Wiki Option"        , text(required, featureOption))),
    "externalWikiUrl"   -> trim(label("External Wiki URL"  , optional(text(maxlength(200))))),
    "allowFork"         -> trim(label("Allow Forking"      , boolean()))
  )(OptionsForm.apply)
  // for default branch
@@ -41,21 +56,24 @@ trait RepositorySettingsControllerBase extends ControllerBase {
    "defaultBranch"  -> trim(label("Default Branch" , text(required, maxlength(100))))
  )(DefaultBranchForm.apply)
-  // for collaborator addition
+//  // for collaborator addition
-  case class CollaboratorForm(userName: String)
+//  case class CollaboratorForm(userName: String)
-
+//
-  val collaboratorForm = mapping(
+//  val collaboratorForm = mapping(
-    "userName" -> trim(label("Username", text(required, collaborator)))
+//    "userName" -> trim(label("Username", text(required, collaborator)))
-  )(CollaboratorForm.apply)
+//  )(CollaboratorForm.apply)
  // for web hook url addition
-  case class WebHookForm(url: String, events: Set[WebHook.Event], token: Option[String])
+  case class WebHookForm(url: String, events: Set[WebHook.Event], ctype: WebHookContentType, token: Option[String])
  def webHookForm(update:Boolean) = mapping(
    "url"    -> trim(label("url", text(required, webHook(update)))),
    "events" -> webhookEvents,
    "ctype" -> label("ctype", text()),
    "token" -> optional(trim(label("token", text(maxlength(100)))))
-  )(WebHookForm.apply)
+  )(
    (url, events, ctype, token) => WebHookForm(url, events, WebHookContentType.valueOf(ctype), token)
  )
  // for transfer ownership
  case class TransferOwnerShipForm(newOwner: String)
@@ -88,7 +106,12 @@ trait RepositorySettingsControllerBase extends ControllerBase {
      form.description,
      repository.repository.parentUserName.map { _ =>
        repository.repository.isPrivate
-      } getOrElse form.isPrivate
+      } getOrElse form.isPrivate,
      form.issuesOption,
      form.externalIssuesUrl,
      form.wikiOption,
      form.externalWikiUrl,
      form.allowFork
    )
    // Change repository name
    if(repository.name != form.repositoryName){
@@ -152,22 +175,12 @@ trait RepositorySettingsControllerBase extends ControllerBase {
      repository)
  })
-  /**
+  post("/:owner/:repository/settings/collaborators")(ownerOnly { repository =>
-   * Add the collaborator.
+    val collaborators = params("collaborators")
-   */
+    removeCollaborators(repository.owner, repository.name)
-  post("/:owner/:repository/settings/collaborators/add", collaboratorForm)(ownerOnly { (form, repository) =>
+    collaborators.split(",").withFilter(_.nonEmpty).map { collaborator =>
-    if(!getAccountByUserName(repository.owner).get.isGroupAccount){
+      val userName :: role :: Nil = collaborator.split(":").toList
-      addCollaborator(repository.owner, repository.name, form.userName)
+      addCollaborator(repository.owner, repository.name, userName, role)
    }
    redirect(s"/${repository.owner}/${repository.name}/settings/collaborators")
  })
  /**
   * Add the collaborator.
   */
  get("/:owner/:repository/settings/collaborators/remove")(ownerOnly { repository =>
    if(!getAccountByUserName(repository.owner).get.isGroupAccount){
      removeCollaborator(repository.owner, repository.name, params("name"))
    }
    redirect(s"/${repository.owner}/${repository.name}/settings/collaborators")
  })
@@ -183,7 +196,7 @@ trait RepositorySettingsControllerBase extends ControllerBase {
   * Display the web hook edit page.
   */
  get("/:owner/:repository/settings/hooks/new")(ownerOnly { repository =>
-    val webhook = WebHook(repository.owner, repository.name, "", None)
+    val webhook = WebHook(repository.owner, repository.name, "", WebHookContentType.FORM, None)
    html.edithooks(webhook, Set(WebHook.Push), repository, flash.get("info"), true)
  })
@@ -191,7 +204,7 @@ trait RepositorySettingsControllerBase extends ControllerBase {
   * Add the web hook URL.
   */
  post("/:owner/:repository/settings/hooks/new", webHookForm(false))(ownerOnly { (form, repository) =>
-    addWebHook(repository.owner, repository.name, form.url, form.events, form.token)
+    addWebHook(repository.owner, repository.name, form.url, form.events, form.ctype, form.token)
    flash += "info" -> s"Webhook ${form.url} created"
    redirect(s"/${repository.owner}/${repository.name}/settings/hooks")
  })
@@ -221,10 +234,11 @@ trait RepositorySettingsControllerBase extends ControllerBase {
      val url = params("url")
      val token = Some(params("token"))
-      val dummyWebHookInfo = WebHook(repository.owner, repository.name, url, token)
+      val ctype = WebHookContentType.valueOf(params("ctype"))
      val dummyWebHookInfo = WebHook(repository.owner, repository.name, url, ctype, token)
      val dummyPayload = {
        val ownerAccount = getAccountByUserName(repository.owner).get
-        val commits = if(repository.commitCount == 0) List.empty else git.log
+        val commits = if(JGitUtil.isEmpty(git)) List.empty else git.log
          .add(git.getRepository.resolve(repository.repository.defaultBranch))
          .setMaxCount(4)
          .call.iterator.asScala.map(new CommitInfo(_)).toList
@@ -273,14 +287,14 @@ trait RepositorySettingsControllerBase extends ControllerBase {
  get("/:owner/:repository/settings/hooks/edit")(ownerOnly { repository =>
    getWebHook(repository.owner, repository.name, params("url")).map{ case (webhook, events) =>
      html.edithooks(webhook, events, repository, flash.get("info"), false)
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
  /**
   * Update web hook settings.
   */
  post("/:owner/:repository/settings/hooks/edit", webHookForm(true))(ownerOnly { (form, repository) =>
-    updateWebHook(repository.owner, repository.name, form.url, form.events, form.token)
+    updateWebHook(repository.owner, repository.name, form.url, form.events, form.ctype, form.token)
    flash += "info" -> s"webhook ${form.url} updated"
    redirect(s"/${repository.owner}/${repository.name}/settings/hooks")
  })
@@ -289,7 +303,7 @@ trait RepositorySettingsControllerBase extends ControllerBase {
   * Display the danger zone.
   */
  get("/:owner/:repository/settings/danger")(ownerOnly {
-    html.danger(_)
+    html.danger(_, flash.get("info"))
  })
  /**
@@ -328,6 +342,19 @@ trait RepositorySettingsControllerBase extends ControllerBase {
    redirect(s"/${repository.owner}")
  })
  /**
   * Run GC
   */
  post("/:owner/:repository/settings/gc")(ownerOnly { repository =>
    LockUtil.lock(s"${repository.owner}/${repository.name}") {
      using(Git.open(getRepositoryDir(repository.owner, repository.name))) { git =>
        git.gc();
      }
    }
    flash += "info" -> "Garbage collection has been executed."
    redirect(s"/${repository.owner}/${repository.name}/settings/danger")
  })
  /**
   * Provides duplication check for web hook url.
   */
@@ -357,20 +384,20 @@ trait RepositorySettingsControllerBase extends ControllerBase {
    }
  }
-  /**
+//  /**
-   * Provides Constraint to validate the collaborator name.
+//   * Provides Constraint to validate the collaborator name.
-   */
+//   */
-  private def collaborator: Constraint = new Constraint(){
+//  private def collaborator: Constraint = new Constraint(){
-    override def validate(name: String, value: String, messages: Messages): Option[String] =
+//    override def validate(name: String, value: String, messages: Messages): Option[String] =
-      getAccountByUserName(value) match {
+//      getAccountByUserName(value) match {
-        case None => Some("User does not exist.")
+//        case None => Some("User does not exist.")
-        case Some(x) if(x.isGroupAccount)
+////        case Some(x) if(x.isGroupAccount)
-                  => Some("User does not exist.")
+////                  => Some("User does not exist.")
-        case Some(x) if(x.userName == params("owner") || getCollaborators(params("owner"), params("repository")).contains(x.userName))
+//        case Some(x) if(x.userName == params("owner") || getCollaborators(params("owner"), params("repository")).contains(x.userName))
-                  => Some("User can access this repository already.")
+//                  => Some(value + " is repository owner.") // TODO also group members?
-        case _    => None
+//        case _    => None
-      }
+//      }
-  }
+//  }
  /**
   * Duplicate check for the rename repository name.
@@ -384,6 +411,15 @@ trait RepositorySettingsControllerBase extends ControllerBase {
      }
  }
  /**
   *
   */
  private def featureOption: Constraint = new Constraint(){
    override def validate(name: String, value: String, params: Map[String, String], messages: Messages): Option[String] =
      if(Seq("DISABLE", "PRIVATE", "PUBLIC", "ALL").contains(value)) None else Some("Option is invalid.")
  }
  /**
   * Provides Constraint to validate the repository transfer user.
   */
--- a/src/main/scala/gitbucket/core/controller/RepositoryViewerController.scala
+++ b/src/main/scala/gitbucket/core/controller/RepositoryViewerController.scala
@@ -1,6 +1,7 @@
 package gitbucket.core.controller
-import javax.servlet.http.{HttpServletResponse, HttpServletRequest}
+import java.io.FileInputStream
 import javax.servlet.http.{HttpServletRequest, HttpServletResponse}
 import gitbucket.core.plugin.PluginRegistry
 import gitbucket.core.repo.html
@@ -16,9 +17,8 @@ import gitbucket.core.model.{Account, WebHook}
 import gitbucket.core.service.WebHookService._
 import gitbucket.core.view
 import gitbucket.core.view.helpers
 import io.github.gitbucket.scalatra.forms._
-import org.apache.commons.io.FileUtils
+import org.apache.commons.io.IOUtils
 import org.eclipse.jgit.api.{ArchiveCommand, Git}
 import org.eclipse.jgit.archive.{TgzFormat, ZipFormat}
 import org.eclipse.jgit.dircache.DirCache
@@ -31,7 +31,7 @@ import org.scalatra._
 class RepositoryViewerController extends RepositoryViewerControllerBase
  with RepositoryService with AccountService with ActivityService with IssuesService with WebHookService with CommitsService
-  with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with CommitStatusService
+  with ReadableUsersAuthenticator with ReferrerAuthenticator with WritableUsersAuthenticator with PullRequestService with CommitStatusService
  with WebHookPullRequestService with WebHookPullRequestReviewCommentService with ProtectedBranchService
 /**
@@ -39,7 +39,7 @@ class RepositoryViewerController extends RepositoryViewerControllerBase
 */
 trait RepositoryViewerControllerBase extends ControllerBase {
  self: RepositoryService with AccountService with ActivityService with IssuesService with WebHookService with CommitsService
-    with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with CommitStatusService
+    with ReadableUsersAuthenticator with ReferrerAuthenticator with WritableUsersAuthenticator with PullRequestService with CommitStatusService
    with WebHookPullRequestService with WebHookPullRequestReviewCommentService with ProtectedBranchService =>
  ArchiveCommand.registerFormat("zip", new ZipFormat)
@@ -102,30 +102,47 @@ trait RepositoryViewerControllerBase extends ControllerBase {
   */
  post("/:owner/:repository/_preview")(referrersOnly { repository =>
    contentType = "text/html"
-    helpers.markdown(
+    val filename = params.get("filename")
-      markdown = params("content"),
+    filename match {
-      repository = repository,
+      case Some(f) => helpers.renderMarkup(
-      enableWikiLink = params("enableWikiLink").toBoolean,
+          filePath = List(f),
-      enableRefsLink = params("enableRefsLink").toBoolean,
+          fileContent = params("content"),
-      enableLineBreaks = params("enableLineBreaks").toBoolean,
+          branch = "master",
-      enableTaskList = params("enableTaskList").toBoolean,
+          repository = repository,
-      enableAnchor = false,
+          enableWikiLink = params("enableWikiLink").toBoolean,
-      hasWritePermission = hasWritePermission(repository.owner, repository.name, context.loginAccount)
+          enableRefsLink = params("enableRefsLink").toBoolean,
-    )
+          enableAnchor = false
        )
      case None => helpers.markdown(
          markdown = params("content"),
          repository = repository,
          enableWikiLink = params("enableWikiLink").toBoolean,
          enableRefsLink = params("enableRefsLink").toBoolean,
          enableLineBreaks = params("enableLineBreaks").toBoolean,
          enableTaskList = params("enableTaskList").toBoolean,
          enableAnchor = false,
          hasWritePermission = hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
        )
    }
  })
  /**
   * Displays the file list of the repository root and the default branch.
   */
-  get("/:owner/:repository")(referrersOnly {
+  get("/:owner/:repository") {
-    fileList(_)
+    params.get("go-get") match {
-  })
+      case Some("1") => defining(request.paths){ paths =>
        getRepository(paths(0), paths(1)).map(gitbucket.core.html.goget(_))getOrElse NotFound()
      }
      case _ => referrersOnly(fileList(_))
    }
  }
  /**
   * Displays the file list of the specified path and branch.
   */
  get("/:owner/:repository/tree/*")(referrersOnly { repository =>
-    val (id, path) = splitPath(repository, multiParams("splat").head)
+    val (id, path) = repository.splitPath(multiParams("splat").head)
    if(path.isEmpty){
      fileList(repository, id)
    } else {
@@ -137,7 +154,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
   * Displays the commit list of the specified resource.
   */
  get("/:owner/:repository/commits/*")(referrersOnly { repository =>
-    val (branchName, path) = splitPath(repository, multiParams("splat").head)
+    val (branchName, path) = repository.splitPath(multiParams("splat").head)
    val page = params.get("page").flatMap(_.toIntOpt).getOrElse(1)
    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
@@ -146,22 +163,22 @@ trait RepositoryViewerControllerBase extends ControllerBase {
          html.commits(if(path.isEmpty) Nil else path.split("/").toList, branchName, repository,
            logs.splitWith{ (commit1, commit2) =>
              view.helpers.date(commit1.commitTime) == view.helpers.date(commit2.commitTime)
-            }, page, hasNext, hasWritePermission(repository.owner, repository.name, context.loginAccount))
+            }, page, hasNext, hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
-        case Left(_) => NotFound
+        case Left(_) => NotFound()
      }
    }
  })
-  get("/:owner/:repository/new/*")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/new/*")(writableUsersOnly { repository =>
-    val (branch, path) = splitPath(repository, multiParams("splat").head)
+    val (branch, path) = repository.splitPath(multiParams("splat").head)
    val protectedBranch = getProtectedBranchInfo(repository.owner, repository.name, branch).needStatusCheck(context.loginAccount.get.userName)
    html.editor(branch, repository, if(path.length == 0) Nil else path.split("/").toList,
      None, JGitUtil.ContentInfo("text", None, Some("UTF-8")),
      protectedBranch)
  })
-  get("/:owner/:repository/edit/*")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/edit/*")(writableUsersOnly { repository =>
-    val (branch, path) = splitPath(repository, multiParams("splat").head)
+    val (branch, path) = repository.splitPath(multiParams("splat").head)
    val protectedBranch = getProtectedBranchInfo(repository.owner, repository.name, branch).needStatusCheck(context.loginAccount.get.userName)
    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
@@ -172,12 +189,12 @@ trait RepositoryViewerControllerBase extends ControllerBase {
        html.editor(branch, repository, paths.take(paths.size - 1).toList, Some(paths.last),
          JGitUtil.getContentInfo(git, path, objectId),
          protectedBranch)
-      } getOrElse NotFound
+      } getOrElse NotFound()
    }
  })
-  get("/:owner/:repository/remove/*")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/remove/*")(writableUsersOnly { repository =>
-    val (branch, path) = splitPath(repository, multiParams("splat").head)
+    val (branch, path) = repository.splitPath(multiParams("splat").head)
    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
      val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(branch))
@@ -185,11 +202,11 @@ trait RepositoryViewerControllerBase extends ControllerBase {
        val paths = path.split("/")
        html.delete(branch, repository, paths.take(paths.size - 1).toList, paths.last,
          JGitUtil.getContentInfo(git, path, objectId))
-      } getOrElse NotFound
+      } getOrElse NotFound()
    }
  })
-  post("/:owner/:repository/create", editorForm)(collaboratorsOnly { (form, repository) =>
+  post("/:owner/:repository/create", editorForm)(writableUsersOnly { (form, repository) =>
    commitFile(
      repository  = repository,
      branch      = form.branch,
@@ -206,7 +223,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    }")
  })
-  post("/:owner/:repository/update", editorForm)(collaboratorsOnly { (form, repository) =>
+  post("/:owner/:repository/update", editorForm)(writableUsersOnly { (form, repository) =>
    commitFile(
      repository  = repository,
      branch      = form.branch,
@@ -227,7 +244,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    }")
  })
-  post("/:owner/:repository/remove", deleteForm)(collaboratorsOnly { (form, repository) =>
+  post("/:owner/:repository/remove", deleteForm)(writableUsersOnly { (form, repository) =>
    commitFile(repository, form.branch, form.path, None, Some(form.fileName), "", "",
      form.message.getOrElse(s"Delete ${form.fileName}"))
@@ -235,17 +252,13 @@ trait RepositoryViewerControllerBase extends ControllerBase {
  })
  get("/:owner/:repository/raw/*")(referrersOnly { repository =>
-    val (id, path) = splitPath(repository, multiParams("splat").head)
+    val (id, path) = repository.splitPath(multiParams("splat").head)
    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
      val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(id))
-      getPathObjectId(git, path, revCommit).flatMap { objectId =>
+
-        JGitUtil.getObjectLoaderFromId(git, objectId){ loader =>
+      getPathObjectId(git, path, revCommit).map { objectId =>
-          contentType = FileUtil.getMimeType(path)
+        responseRawFile(git, objectId, path, repository)
-          response.setContentLength(loader.getSize.toInt)
+      } getOrElse NotFound()
          loader.copyTo(response.outputStream)
          ()
        }
      } getOrElse NotFound
    }
  })
@@ -253,30 +266,69 @@ trait RepositoryViewerControllerBase extends ControllerBase {
   * Displays the file content of the specified branch or commit.
   */
  val blobRoute = get("/:owner/:repository/blob/*")(referrersOnly { repository =>
-    val (id, path) = splitPath(repository, multiParams("splat").head)
+    val (id, path) = repository.splitPath(multiParams("splat").head)
    val raw = params.get("raw").getOrElse("false").toBoolean
    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
      val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(id))
      getPathObjectId(git, path, revCommit).map { objectId =>
        if(raw){
          // Download (This route is left for backword compatibility)
-          JGitUtil.getObjectLoaderFromId(git, objectId){ loader =>
+          responseRawFile(git, objectId, path, repository)
            contentType = FileUtil.getMimeType(path)
            response.setContentLength(loader.getSize.toInt)
            loader.copyTo(response.outputStream)
            ()
          } getOrElse NotFound
        } else {
          html.blob(id, repository, path.split("/").toList,
            JGitUtil.getContentInfo(git, path, objectId),
            new JGitUtil.CommitInfo(JGitUtil.getLastModifiedCommit(git, revCommit, path)),
-            hasWritePermission(repository.owner, repository.name, context.loginAccount),
+            hasDeveloperRole(repository.owner, repository.name, context.loginAccount),
-            request.paths(2) == "blame")
+            request.paths(2) == "blame",
            isLfsFile(git, objectId))
        }
-      } getOrElse NotFound
+      } getOrElse NotFound()
    }
  })
  private def isLfsFile(git: Git, objectId: ObjectId): Boolean = {
    JGitUtil.getObjectLoaderFromId(git, objectId){ loader =>
      if(loader.isLarge){
        false
      } else {
        new String(loader.getCachedBytes, "UTF-8").startsWith("version https://git-lfs.github.com/spec/v1")
      }
    }.getOrElse(false)
  }
  private def responseRawFile(git: Git, objectId: ObjectId, path: String,
                              repository: RepositoryService.RepositoryInfo): Unit = {
    JGitUtil.getObjectLoaderFromId(git, objectId){ loader =>
      contentType = FileUtil.getMimeType(path)
      if(loader.isLarge){
        response.setContentLength(loader.getSize.toInt)
        loader.copyTo(response.outputStream)
      } else {
        val bytes = loader.getCachedBytes
        val text = new String(bytes, "UTF-8")
        if(text.startsWith("version https://git-lfs.github.com/spec/v1")){
          // LFS objects
          val attrs = text.split("\n").map { line =>
            val dim = line.split(" ")
            dim(0) -> dim(1)
          }.toMap
          response.setContentLength(attrs("size").toInt)
          val oid = attrs("oid").split(":")(1)
          using(new FileInputStream(FileUtil.getLfsFilePath(repository.owner, repository.name, oid))){ in =>
            IOUtils.copy(in, response.getOutputStream)
          }
        } else {
          response.setContentLength(loader.getSize.toInt)
          response.getOutputStream.write(bytes)
        }
      }
    }
  }
  get("/:owner/:repository/blame/*"){
    blobRoute.action()
  }
@@ -285,7 +337,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
   * Blame data.
   */
  ajaxGet("/:owner/:repository/get-blame/*")(referrersOnly { repository =>
-    val (id, path) = splitPath(repository, multiParams("splat").head)
+    val (id, path) = repository.splitPath(multiParams("splat").head)
    contentType = formats("json")
    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
      val last = git.log.add(git.getRepository.resolve(id)).addPath(path).setMaxCount(1).call.iterator.next.name
@@ -323,13 +375,13 @@ trait RepositoryViewerControllerBase extends ControllerBase {
              html.commit(id, new JGitUtil.CommitInfo(revCommit),
                JGitUtil.getBranchesOfCommit(git, revCommit.getName),
                JGitUtil.getTagsOfCommit(git, revCommit.getName),
-                getCommitComments(repository.owner, repository.name, id, false),
+                getCommitComments(repository.owner, repository.name, id, true),
-                repository, diffs, oldCommitId, hasWritePermission(repository.owner, repository.name, context.loginAccount))
+                repository, diffs, oldCommitId, hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
          }
        }
      }
    } catch {
-      case e:MissingObjectException => NotFound
+      case e:MissingObjectException => NotFound()
    }
  })
@@ -353,7 +405,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    html.commentform(
      commitId = id,
      fileName, oldLineNumber, newLineNumber, issueId,
-      hasWritePermission = hasWritePermission(repository.owner, repository.name, context.loginAccount),
+      hasWritePermission = hasDeveloperRole(repository.owner, repository.name, context.loginAccount),
      repository = repository
    )
  })
@@ -369,15 +421,14 @@ trait RepositoryViewerControllerBase extends ControllerBase {
        callPullRequestReviewCommentWebHook("create", comment, repository, issueId, context.baseUrl, context.loginAccount.get)
      case None => recordCommentCommitActivity(repository.owner, repository.name, context.loginAccount.get.userName, id, form.content)
    }
-    helper.html.commitcomment(comment, hasWritePermission(repository.owner, repository.name, context.loginAccount), repository)
+    helper.html.commitcomment(comment, hasDeveloperRole(repository.owner, repository.name, context.loginAccount), repository)
  })
  ajaxGet("/:owner/:repository/commit_comments/_data/:id")(readableUsersOnly { repository =>
    getCommitComment(repository.owner, repository.name, params("id")) map { x =>
      if(isEditable(x.userName, x.repositoryName, x.commentedUserName)){
        params.get("dataType") collect {
-          case t if t == "html" => html.editcomment(
+          case t if t == "html" => html.editcomment(x.content, x.commentId, repository)
            x.content, x.commentId, x.userName, x.repositoryName)
        } getOrElse {
          contentType = formats("json")
          org.json4s.jackson.Serialization.write(
@@ -389,12 +440,12 @@ trait RepositoryViewerControllerBase extends ControllerBase {
                enableRefsLink = true,
                enableAnchor = true,
                enableLineBreaks = true,
-                hasWritePermission = isEditable(x.userName, x.repositoryName, x.commentedUserName)
+                hasWritePermission = true
              )
            ))
        }
-      } else Unauthorized
+      } else Unauthorized()
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
  ajaxPost("/:owner/:repository/commit_comments/edit/:id", commentForm)(readableUsersOnly { (form, repository) =>
@@ -403,8 +454,8 @@ trait RepositoryViewerControllerBase extends ControllerBase {
        if(isEditable(owner, name, comment.commentedUserName)){
          updateCommitComment(comment.commentId, form.content)
          redirect(s"/${owner}/${name}/commit_comments/_data/${comment.commentId}")
-        } else Unauthorized
+        } else Unauthorized()
-      } getOrElse NotFound
+      } getOrElse NotFound()
    }
  })
@@ -413,8 +464,8 @@ trait RepositoryViewerControllerBase extends ControllerBase {
      getCommitComment(owner, name, params("id")).map { comment =>
        if(isEditable(owner, name, comment.commentedUserName)){
          Ok(deleteCommitComment(comment.commentId))
-        } else Unauthorized
+        } else Unauthorized()
-      } getOrElse NotFound
+      } getOrElse NotFound()
    }
  })
@@ -433,13 +484,13 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    .map(br => (br, getPullRequestByRequestCommit(repository.owner, repository.name, repository.repository.defaultBranch, br.name, br.commitId), protectedBranches.contains(br.name)))
    .reverse
-    html.branches(branches, hasWritePermission(repository.owner, repository.name, context.loginAccount), repository)
+    html.branches(branches, hasDeveloperRole(repository.owner, repository.name, context.loginAccount), repository)
  })
  /**
   * Creates a branch.
   */
-  post("/:owner/:repository/branches")(collaboratorsOnly { repository =>
+  post("/:owner/:repository/branches")(writableUsersOnly { repository =>
    val newBranchName = params.getOrElse("new", halt(400))
    val fromBranchName = params.getOrElse("from", halt(400))
    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
@@ -457,7 +508,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
  /**
   * Deletes branch.
   */
-  get("/:owner/:repository/delete/*")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/delete/*")(writableUsersOnly { repository =>
    val branchName = multiParams("splat").head
    val userName   = context.loginAccount.get.userName
    if(repository.repository.defaultBranch != branchName){
@@ -485,23 +536,25 @@ trait RepositoryViewerControllerBase extends ControllerBase {
        archiveRepository(name, ".zip", repository)
      case name if name.endsWith(".tar.gz") =>
        archiveRepository(name, ".tar.gz", repository)
-      case _ => BadRequest
+      case _ => BadRequest()
    }
  })
  get("/:owner/:repository/network/members")(referrersOnly { repository =>
-    html.forked(
+    if(repository.repository.options.allowFork) {
-      getRepository(
+      html.forked(
-        repository.repository.originUserName.getOrElse(repository.owner),
+        getRepository(
-        repository.repository.originRepositoryName.getOrElse(repository.name)),
+          repository.repository.originUserName.getOrElse(repository.owner),
-      getForkedRepositories(
+          repository.repository.originRepositoryName.getOrElse(repository.name)),
-        repository.repository.originUserName.getOrElse(repository.owner),
+        getForkedRepositories(
-        repository.repository.originRepositoryName.getOrElse(repository.name)),
+          repository.repository.originUserName.getOrElse(repository.owner),
-      context.loginAccount match {
+          repository.repository.originRepositoryName.getOrElse(repository.name)),
-        case None => List()
+        context.loginAccount match {
-        case account: Option[Account] => getGroupsByUserName(account.get.userName)
+          case None => List()
-      }, // groups of current user
+          case account: Option[Account] => getGroupsByUserName(account.get.userName)
-      repository)
+        }, // groups of current user
        repository)
    } else BadRequest()
  })
  /**
@@ -512,7 +565,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
      val ref = multiParams("splat").head
      JGitUtil.getTreeId(git, ref).map{ treeId =>
        html.find(ref, treeId, repository)
-      } getOrElse NotFound
+      } getOrElse NotFound()
    }
  })
@@ -527,17 +580,6 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    }
  })
  private def splitPath(repository: RepositoryService.RepositoryInfo, path: String): (String, String) = {
    val id = repository.branchList.collectFirst {
      case branch if(path == branch || path.startsWith(branch + "/")) => branch
    } orElse repository.tags.collectFirst {
      case tag if(path == tag.name || path.startsWith(tag.name + "/")) => tag.name
    } getOrElse path.split("/")(0)
    (id, path.substring(id.length).stripPrefix("/"))
  }
  private val readmeFiles = PluginRegistry().renderableExtensions.map { extension =>
    s"readme.${extension}"
  } ++ Seq("readme.txt", "readme")
@@ -551,10 +593,10 @@ trait RepositoryViewerControllerBase extends ControllerBase {
   * @return HTML of the file list
   */
  private def fileList(repository: RepositoryService.RepositoryInfo, revstr: String = "", path: String = ".") = {
-    if(repository.commitCount == 0){
+    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
-      html.guide(repository, hasWritePermission(repository.owner, repository.name, context.loginAccount))
+      if(JGitUtil.isEmpty(git)){
-    } else {
+        html.guide(repository, hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
-      using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
+      } else {
        // get specified commit
        JGitUtil.getDefaultBranch(git, repository, revstr).map { case (objectId, revision) =>
          defining(JGitUtil.getRevCommitFromId(git, objectId)) { revCommit =>
@@ -574,11 +616,16 @@ trait RepositoryViewerControllerBase extends ControllerBase {
            html.files(revision, repository,
              if(path == ".") Nil else path.split("/").toList, // current path
              new JGitUtil.CommitInfo(lastModifiedCommit), // last modified commit
-              files, readme, hasWritePermission(repository.owner, repository.name, context.loginAccount),
+              JGitUtil.getCommitCount(repository.owner, repository.name, revision),
              files,
              readme,
              hasDeveloperRole(repository.owner, repository.name, context.loginAccount),
              getPullRequestFromBranch(repository.owner, repository.name, revstr, repository.repository.defaultBranch),
-              flash.get("info"), flash.get("error"))
+              flash.get("info"),
              flash.get("error")
            )
          }
-        } getOrElse NotFound
+        } getOrElse NotFound()
      }
    }
  }
@@ -598,14 +645,18 @@ trait RepositoryViewerControllerBase extends ControllerBase {
        val headName = s"refs/heads/${branch}"
        val headTip  = git.getRepository.resolve(headName)
-        JGitUtil.processTree(git, headTip){ (path, tree) =>
+        val permission = JGitUtil.processTree(git, headTip){ (path, tree) =>
          // Add all entries except the editing file
          if(!newPath.exists(_ == path) && !oldPath.exists(_ == path)){
            builder.add(JGitUtil.createDirCacheEntry(path, tree.getEntryFileMode, tree.getEntryObjectId))
          }
-        }
+          // Retrieve permission if file exists to keep it
          oldPath.collect { case x if x == path => tree.getEntryFileMode.getBits }
        }.flatten.headOption
        newPath.foreach { newPath =>
-          builder.add(JGitUtil.createDirCacheEntry(newPath, FileMode.REGULAR_FILE,
+          builder.add(JGitUtil.createDirCacheEntry(newPath,
            permission.map { bits => FileMode.fromBits(bits) } getOrElse FileMode.REGULAR_FILE,
            inserter.insert(Constants.OBJ_BLOB, content.getBytes(charset))))
        }
        builder.finish()
@@ -628,8 +679,11 @@ trait RepositoryViewerControllerBase extends ControllerBase {
        updatePullRequests(repository.owner, repository.name, branch)
        // record activity
-        recordPushActivity(repository.owner, repository.name, loginAccount.userName, branch,
+        val commitInfo = new CommitInfo(JGitUtil.getRevCommitFromId(git, commitId))
-          List(new CommitInfo(JGitUtil.getRevCommitFromId(git, commitId))))
+        recordPushActivity(repository.owner, repository.name, loginAccount.userName, branch, List(commitInfo))
        // create issue comment by commit message
        createIssueComment(repository.owner, repository.name, commitInfo)
        // close issue by commit message
        closeIssuesFromMessage(message, loginAccount.userName, repository.owner, repository.name)
@@ -664,11 +718,6 @@ trait RepositoryViewerControllerBase extends ControllerBase {
  private def archiveRepository(name: String, suffix: String, repository: RepositoryService.RepositoryInfo): Unit = {
    val revision = name.stripSuffix(suffix)
    val workDir = getDownloadWorkDir(repository.owner, repository.name, session.getId)
    if(workDir.exists) {
      FileUtils.deleteDirectory(workDir)
    }
    workDir.mkdirs
    val filename = repository.name + "-" +
      (if(revision.length == 40) revision.substring(0, 10) else revision).replace('/', '_') + suffix
@@ -682,16 +731,14 @@ trait RepositoryViewerControllerBase extends ControllerBase {
      git.archive
         .setFormat(suffix.tail)
-         .setTree(revCommit.getTree)
+         .setTree(revCommit)
         .setOutputStream(response.getOutputStream)
         .call()
    }
  }
  private def isEditable(owner: String, repository: String, author: String)(implicit context: Context): Boolean =
-    hasWritePermission(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
+    hasDeveloperRole(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
  override protected def renderUncaughtException(e: Throwable)(implicit request: HttpServletRequest, response: HttpServletResponse): Unit = {
    e.printStackTrace()
--- a/src/main/scala/gitbucket/core/controller/SystemSettingsController.scala
+++ b/src/main/scala/gitbucket/core/controller/SystemSettingsController.scala
@@ -1,8 +1,10 @@
 package gitbucket.core.controller
 import java.io.FileInputStream
 import gitbucket.core.admin.html
-import gitbucket.core.service.{AccountService, SystemSettingsService, RepositoryService}
+import gitbucket.core.service.{AccountService, RepositoryService, SystemSettingsService}
-import gitbucket.core.util.AdminAuthenticator
+import gitbucket.core.util.{AdminAuthenticator, Mailer}
 import gitbucket.core.ssh.SshServer
 import gitbucket.core.plugin.PluginRegistry
 import SystemSettingsService._
@@ -11,7 +13,7 @@ import gitbucket.core.util.ControlUtil._
 import gitbucket.core.util.Directory._
 import gitbucket.core.util.StringUtil._
 import io.github.gitbucket.scalatra.forms._
-import org.apache.commons.io.FileUtils
+import org.apache.commons.io.{FileUtils, IOUtils}
 import org.scalatra.i18n.Messages
 class SystemSettingsController extends SystemSettingsControllerBase
@@ -39,6 +41,7 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
        "user"                     -> trim(label("SMTP User", optional(text()))),
        "password"                 -> trim(label("SMTP Password", optional(text()))),
        "ssl"                      -> trim(label("Enable SSL", optional(boolean()))),
        "starttls"                 -> trim(label("Enable STARTTLS", optional(boolean()))),
        "fromAddress"              -> trim(label("FROM Address", optional(text()))),
        "fromName"                 -> trim(label("FROM Name", optional(text())))
    )(Smtp.apply)),
@@ -68,34 +71,46 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
    ).flatten
  }
-  private val pluginForm = mapping(
+  private val sendMailForm = mapping(
-    "pluginId" -> list(trim(label("", text())))
+    "smtp"        -> mapping(
-  )(PluginForm.apply)
+      "host"        -> trim(label("SMTP Host", text(required))),
      "port"        -> trim(label("SMTP Port", optional(number()))),
      "user"        -> trim(label("SMTP User", optional(text()))),
      "password"    -> trim(label("SMTP Password", optional(text()))),
      "ssl"         -> trim(label("Enable SSL", optional(boolean()))),
      "starttls"    -> trim(label("Enable STARTTLS", optional(boolean()))),
      "fromAddress" -> trim(label("FROM Address", optional(text()))),
      "fromName"    -> trim(label("FROM Name", optional(text())))
    )(Smtp.apply),
    "testAddress" -> trim(label("", text(required)))
  )(SendMailForm.apply)
-  case class PluginForm(pluginIds: List[String])
+  case class SendMailForm(smtp: Smtp, testAddress: String)
  case class DataExportForm(tableNames: List[String])
  case class NewUserForm(userName: String, password: String, fullName: String,
                         mailAddress: String, isAdmin: Boolean,
-                         url: Option[String], fileId: Option[String])
+                         description: Option[String], url: Option[String], fileId: Option[String])
  case class EditUserForm(userName: String, password: Option[String], fullName: String,
-                          mailAddress: String, isAdmin: Boolean, url: Option[String],
+                          mailAddress: String, isAdmin: Boolean, description: Option[String], url: Option[String],
                          fileId: Option[String], clearImage: Boolean, isRemoved: Boolean)
-  case class NewGroupForm(groupName: String, url: Option[String], fileId: Option[String],
+  case class NewGroupForm(groupName: String, description: Option[String], url: Option[String], fileId: Option[String],
                          members: String)
-  case class EditGroupForm(groupName: String, url: Option[String], fileId: Option[String],
+  case class EditGroupForm(groupName: String, description: Option[String], url: Option[String], fileId: Option[String],
                           members: String, clearImage: Boolean, isRemoved: Boolean)
  val newUserForm = mapping(
-    "userName"    -> trim(label("Username"     ,text(required, maxlength(100), identifier, uniqueUserName))),
+    "userName"    -> trim(label("Username"     ,text(required, maxlength(100), identifier, uniqueUserName, reservedNames))),
    "password"    -> trim(label("Password"     ,text(required, maxlength(20)))),
    "fullName"    -> trim(label("Full Name"    ,text(required, maxlength(100)))),
    "mailAddress" -> trim(label("Mail Address" ,text(required, maxlength(100), uniqueMailAddress()))),
    "isAdmin"     -> trim(label("User Type"    ,boolean())),
    "description" -> trim(label("bio"          ,optional(text()))),
    "url"         -> trim(label("URL"          ,optional(text(maxlength(200))))),
    "fileId"      -> trim(label("File ID"      ,optional(text())))
  )(NewUserForm.apply)
@@ -106,6 +121,7 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
    "fullName"    -> trim(label("Full Name"    ,text(required, maxlength(100)))),
    "mailAddress" -> trim(label("Mail Address" ,text(required, maxlength(100), uniqueMailAddress("userName")))),
    "isAdmin"     -> trim(label("User Type"    ,boolean())),
    "description" -> trim(label("bio"          ,optional(text()))),
    "url"         -> trim(label("URL"          ,optional(text(maxlength(200))))),
    "fileId"      -> trim(label("File ID"      ,optional(text()))),
    "clearImage"  -> trim(label("Clear image"  ,boolean())),
@@ -113,7 +129,8 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
  )(EditUserForm.apply)
  val newGroupForm = mapping(
-    "groupName" -> trim(label("Group name" ,text(required, maxlength(100), identifier, uniqueUserName))),
+    "groupName" -> trim(label("Group name" ,text(required, maxlength(100), identifier, uniqueUserName, reservedNames))),
    "description" -> trim(label("Group description", optional(text()))),
    "url"       -> trim(label("URL"        ,optional(text(maxlength(200))))),
    "fileId"    -> trim(label("File ID"    ,optional(text()))),
    "members"   -> trim(label("Members"    ,text(required, members)))
@@ -121,6 +138,7 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
  val editGroupForm = mapping(
    "groupName"  -> trim(label("Group name"  ,text(required, maxlength(100), identifier))),
    "description" -> trim(label("Group description", optional(text()))),
    "url"        -> trim(label("URL"         ,optional(text(maxlength(200))))),
    "fileId"     -> trim(label("File ID"     ,optional(text()))),
    "members"    -> trim(label("Members"     ,text(required, members))),
@@ -149,6 +167,19 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
    redirect("/admin/system")
  })
  post("/admin/system/sendmail", sendMailForm)(adminOnly { form =>
    try {
      new Mailer(form.smtp).send(form.testAddress,
        "Test message from GitBucket", "This is a test message from GitBucket.",
        context.loginAccount.get)
      "Test mail has been sent to: " + form.testAddress
    } catch {
      case e: Exception => "[Error] " + e.toString
    }
  })
  get("/admin/plugins")(adminOnly {
    html.plugins(PluginRegistry().getPlugins())
  })
@@ -169,44 +200,48 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
  })
  post("/admin/users/_newuser", newUserForm)(adminOnly { form =>
-    createAccount(form.userName, sha1(form.password), form.fullName, form.mailAddress, form.isAdmin, form.url)
+    createAccount(form.userName, sha1(form.password), form.fullName, form.mailAddress, form.isAdmin, form.description, form.url)
    updateImage(form.userName, form.fileId, false)
    redirect("/admin/users")
  })
  get("/admin/users/:userName/_edituser")(adminOnly {
    val userName = params("userName")
-    html.user(getAccountByUserName(userName, true))
+    html.user(getAccountByUserName(userName, true), flash.get("error"))
  })
  post("/admin/users/:name/_edituser", editUserForm)(adminOnly { form =>
    val userName = params("userName")
    getAccountByUserName(userName, true).map { account =>
      if(account.isAdmin && (form.isRemoved || !form.isAdmin) && isLastAdministrator(account)){
        flash += "error" -> "Account can't be turned off because this is last one administrator."
        redirect(s"/admin/users/${userName}/_edituser")
      } else {
        if(form.isRemoved){
          // Remove repositories
          //        getRepositoryNamesOfUser(userName).foreach { repositoryName =>
          //          deleteRepository(userName, repositoryName)
          //          FileUtils.deleteDirectory(getRepositoryDir(userName, repositoryName))
          //          FileUtils.deleteDirectory(getWikiRepositoryDir(userName, repositoryName))
          //          FileUtils.deleteDirectory(getTemporaryDir(userName, repositoryName))
          //        }
          // Remove from GROUP_MEMBER, COLLABORATOR and REPOSITORY
          removeUserRelatedData(userName)
        }
-      if(form.isRemoved){
+        updateAccount(account.copy(
-        // Remove repositories
+          password     = form.password.map(sha1).getOrElse(account.password),
-        //        getRepositoryNamesOfUser(userName).foreach { repositoryName =>
+          fullName     = form.fullName,
-        //          deleteRepository(userName, repositoryName)
+          mailAddress  = form.mailAddress,
-        //          FileUtils.deleteDirectory(getRepositoryDir(userName, repositoryName))
+          isAdmin      = form.isAdmin,
-        //          FileUtils.deleteDirectory(getWikiRepositoryDir(userName, repositoryName))
+          description  = form.description,
-        //          FileUtils.deleteDirectory(getTemporaryDir(userName, repositoryName))
+          url          = form.url,
-        //        }
+          isRemoved    = form.isRemoved))
-        // Remove from GROUP_MEMBER, COLLABORATOR and REPOSITORY
+
-        removeUserRelatedData(userName)
+        updateImage(userName, form.fileId, form.clearImage)
        redirect("/admin/users")
      }
-
+    } getOrElse NotFound()
      updateAccount(account.copy(
        password     = form.password.map(sha1).getOrElse(account.password),
        fullName     = form.fullName,
        mailAddress  = form.mailAddress,
        isAdmin      = form.isAdmin,
        url          = form.url,
        isRemoved    = form.isRemoved))
      updateImage(userName, form.fileId, form.clearImage)
      redirect("/admin/users")
    } getOrElse NotFound
  })
  get("/admin/users/_newgroup")(adminOnly {
@@ -214,7 +249,7 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
  })
  post("/admin/users/_newgroup", newGroupForm)(adminOnly { form =>
-    createGroup(form.groupName, form.url)
+    createGroup(form.groupName, form.description, form.url)
    updateGroupMembers(form.groupName, form.members.split(",").map {
      _.split(":") match {
        case Array(userName, isManager) => (userName, isManager.toBoolean)
@@ -237,7 +272,7 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
      }
    }.toList){ case (groupName, members) =>
      getAccountByUserName(groupName, true).map { account =>
-        updateGroup(groupName, form.url, form.isRemoved)
+        updateGroup(groupName, form.url, form.description, form.isRemoved)
        if(form.isRemoved){
          // Remove from GROUP_MEMBER
@@ -252,22 +287,43 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
        } else {
          // Update GROUP_MEMBER
          updateGroupMembers(form.groupName, members)
-          // Update COLLABORATOR for group repositories
+//          // Update COLLABORATOR for group repositories
-          getRepositoryNamesOfUser(form.groupName).foreach { repositoryName =>
+//          getRepositoryNamesOfUser(form.groupName).foreach { repositoryName =>
-            removeCollaborators(form.groupName, repositoryName)
+//            removeCollaborators(form.groupName, repositoryName)
-            members.foreach { case (userName, isManager) =>
+//            members.foreach { case (userName, isManager) =>
-              addCollaborator(form.groupName, repositoryName, userName)
+//              addCollaborator(form.groupName, repositoryName, userName)
-            }
+//            }
-          }
+//          }
        }
        updateImage(form.groupName, form.fileId, form.clearImage)
        redirect("/admin/users")
-      } getOrElse NotFound
+      } getOrElse NotFound()
    }
  })
  get("/admin/data")(adminOnly {
    import gitbucket.core.util.JDBCUtil._
    val session = request2Session(request)
    html.data(session.conn.allTableNames())
  })
  post("/admin/export")(adminOnly {
    import gitbucket.core.util.JDBCUtil._
    val file = request2Session(request).conn.exportAsSQL(request.getParameterValues("tableNames").toSeq)
    contentType = "application/octet-stream"
    response.setHeader("Content-Disposition", "attachment; filename=" + file.getName)
    response.setContentLength(file.length.toInt)
    using(new FileInputStream(file)){ in =>
      IOUtils.copy(in, response.outputStream)
    }
    ()
  })
  private def members: Constraint = new Constraint(){
    override def validate(name: String, value: String, messages: Messages): Option[String] = {
      if(value.split(",").exists {
--- a/src/main/scala/gitbucket/core/controller/WikiController.scala
+++ b/src/main/scala/gitbucket/core/controller/WikiController.scala
@@ -1,7 +1,8 @@
 package gitbucket.core.controller
 import gitbucket.core.service.RepositoryService.RepositoryInfo
 import gitbucket.core.wiki.html
-import gitbucket.core.service.{RepositoryService, WikiService, ActivityService, AccountService}
+import gitbucket.core.service.{AccountService, ActivityService, RepositoryService, WikiService}
 import gitbucket.core.util._
 import gitbucket.core.util.StringUtil._
 import gitbucket.core.util.ControlUtil._
@@ -12,10 +13,11 @@ import org.eclipse.jgit.api.Git
 import org.scalatra.i18n.Messages
 class WikiController extends WikiControllerBase 
-  with WikiService with RepositoryService with AccountService with ActivityService with CollaboratorsAuthenticator with ReferrerAuthenticator
+  with WikiService with RepositoryService with AccountService with ActivityService
  with ReadableUsersAuthenticator with ReferrerAuthenticator
 trait WikiControllerBase extends ControllerBase {
-  self: WikiService with RepositoryService with ActivityService with CollaboratorsAuthenticator with ReferrerAuthenticator =>
+  self: WikiService with RepositoryService with ActivityService with ReadableUsersAuthenticator with ReferrerAuthenticator =>
  case class WikiPageEditForm(pageName: String, content: String, message: Option[String], currentPageName: String, id: String)
@@ -38,7 +40,7 @@ trait WikiControllerBase extends ControllerBase {
  get("/:owner/:repository/wiki")(referrersOnly { repository =>
    getWikiPage(repository.owner, repository.name, "Home").map { page =>
      html.page("Home", page, getWikiPageList(repository.owner, repository.name),
-        repository, hasWritePermission(repository.owner, repository.name, context.loginAccount),
+        repository, isEditable(repository),
        getWikiPage(repository.owner, repository.name, "_Sidebar"),
        getWikiPage(repository.owner, repository.name, "_Footer"))
    } getOrElse redirect(s"/${repository.owner}/${repository.name}/wiki/Home/_edit")
@@ -49,7 +51,7 @@ trait WikiControllerBase extends ControllerBase {
    getWikiPage(repository.owner, repository.name, pageName).map { page =>
      html.page(pageName, page, getWikiPageList(repository.owner, repository.name),
-        repository, hasWritePermission(repository.owner, repository.name, context.loginAccount),
+        repository, isEditable(repository),
        getWikiPage(repository.owner, repository.name, "_Sidebar"),
        getWikiPage(repository.owner, repository.name, "_Footer"))
    } getOrElse redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(pageName)}/_edit")
@@ -60,8 +62,8 @@ trait WikiControllerBase extends ControllerBase {
    using(Git.open(getWikiRepositoryDir(repository.owner, repository.name))){ git =>
      JGitUtil.getCommitLog(git, "master", path = pageName + ".md") match {
-        case Right((logs, hasNext)) => html.history(Some(pageName), logs, repository)
+        case Right((logs, hasNext)) => html.history(Some(pageName), logs, repository, isEditable(repository))
-        case Left(_) => NotFound
+        case Left(_) => NotFound()
      }
    }
  })
@@ -72,7 +74,7 @@ trait WikiControllerBase extends ControllerBase {
    using(Git.open(getWikiRepositoryDir(repository.owner, repository.name))){ git =>
      html.compare(Some(pageName), from, to, JGitUtil.getDiffs(git, from, to, true).filter(_.newPath == pageName + ".md"), repository,
-        hasWritePermission(repository.owner, repository.name, context.loginAccount), flash.get("info"))
+        isEditable(repository), flash.get("info"))
    }
  })
@@ -81,102 +83,115 @@ trait WikiControllerBase extends ControllerBase {
    using(Git.open(getWikiRepositoryDir(repository.owner, repository.name))){ git =>
      html.compare(None, from, to, JGitUtil.getDiffs(git, from, to, true), repository,
-        hasWritePermission(repository.owner, repository.name, context.loginAccount), flash.get("info"))
+        isEditable(repository), flash.get("info"))
    }
  })
-  get("/:owner/:repository/wiki/:page/_revert/:commitId")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/wiki/:page/_revert/:commitId")(readableUsersOnly { repository =>
-    val pageName = StringUtil.urlDecode(params("page"))
+    if(isEditable(repository)){
-    val Array(from, to) = params("commitId").split("\\.\\.\\.")
+      val pageName = StringUtil.urlDecode(params("page"))
      val Array(from, to) = params("commitId").split("\\.\\.\\.")
-    if(revertWikiPage(repository.owner, repository.name, from, to, context.loginAccount.get, Some(pageName))){
+      if(revertWikiPage(repository.owner, repository.name, from, to, context.loginAccount.get, Some(pageName))){
-      redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(pageName)}")
+        redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(pageName)}")
    } else {
      flash += "info" -> "This patch was not able to be reversed."
      redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(pageName)}/_compare/${from}...${to}")
    }
  })
  get("/:owner/:repository/wiki/_revert/:commitId")(collaboratorsOnly { repository =>
    val Array(from, to) = params("commitId").split("\\.\\.\\.")
    if(revertWikiPage(repository.owner, repository.name, from, to, context.loginAccount.get, None)){
      redirect(s"/${repository.owner}/${repository.name}/wiki/")
    } else {
      flash += "info" -> "This patch was not able to be reversed."
      redirect(s"/${repository.owner}/${repository.name}/wiki/_compare/${from}...${to}")
    }
  })
  get("/:owner/:repository/wiki/:page/_edit")(collaboratorsOnly { repository =>
    val pageName = StringUtil.urlDecode(params("page"))
    html.edit(pageName, getWikiPage(repository.owner, repository.name, pageName), repository)
  })
  post("/:owner/:repository/wiki/_edit", editForm)(collaboratorsOnly { (form, repository) =>
    defining(context.loginAccount.get){ loginAccount =>
      saveWikiPage(
        repository.owner,
        repository.name,
        form.currentPageName,
        form.pageName,
        appendNewLine(convertLineSeparator(form.content, "LF"), "LF"),
        loginAccount,
        form.message.getOrElse(""),
        Some(form.id)
      ).map { commitId =>
        updateLastActivityDate(repository.owner, repository.name)
        recordEditWikiPageActivity(repository.owner, repository.name, loginAccount.userName, form.pageName, commitId)
      }
      if(notReservedPageName(form.pageName)) {
        redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(form.pageName)}")
      } else {
-        redirect(s"/${repository.owner}/${repository.name}/wiki")
+        flash += "info" -> "This patch was not able to be reversed."
        redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(pageName)}/_compare/${from}...${to}")
      }
-    }
+    } else Unauthorized()
  })
  get("/:owner/:repository/wiki/_revert/:commitId")(readableUsersOnly { repository =>
    if(isEditable(repository)){
      val Array(from, to) = params("commitId").split("\\.\\.\\.")
      if(revertWikiPage(repository.owner, repository.name, from, to, context.loginAccount.get, None)){
        redirect(s"/${repository.owner}/${repository.name}/wiki/")
      } else {
        flash += "info" -> "This patch was not able to be reversed."
        redirect(s"/${repository.owner}/${repository.name}/wiki/_compare/${from}...${to}")
      }
    } else Unauthorized()
  })
  get("/:owner/:repository/wiki/:page/_edit")(readableUsersOnly { repository =>
    if(isEditable(repository)){
      val pageName = StringUtil.urlDecode(params("page"))
      html.edit(pageName, getWikiPage(repository.owner, repository.name, pageName), repository)
    } else Unauthorized()
  })
-  get("/:owner/:repository/wiki/_new")(collaboratorsOnly {
+  post("/:owner/:repository/wiki/_edit", editForm)(readableUsersOnly { (form, repository) =>
-    html.edit("", None, _)
+    if(isEditable(repository)){
      defining(context.loginAccount.get){ loginAccount =>
        saveWikiPage(
          repository.owner,
          repository.name,
          form.currentPageName,
          form.pageName,
          appendNewLine(convertLineSeparator(form.content, "LF"), "LF"),
          loginAccount,
          form.message.getOrElse(""),
          Some(form.id)
        ).map { commitId =>
          updateLastActivityDate(repository.owner, repository.name)
          recordEditWikiPageActivity(repository.owner, repository.name, loginAccount.userName, form.pageName, commitId)
        }
        if(notReservedPageName(form.pageName)) {
          redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(form.pageName)}")
        } else {
          redirect(s"/${repository.owner}/${repository.name}/wiki")
        }
      }
    } else Unauthorized()
  })
-  post("/:owner/:repository/wiki/_new", newForm)(collaboratorsOnly { (form, repository) =>
+  get("/:owner/:repository/wiki/_new")(readableUsersOnly { repository =>
-    defining(context.loginAccount.get){ loginAccount =>
+    if(isEditable(repository)){
-      saveWikiPage(repository.owner, repository.name, form.currentPageName, form.pageName,
+      html.edit("", None, repository)
    } else Unauthorized()
  })
  post("/:owner/:repository/wiki/_new", newForm)(readableUsersOnly { (form, repository) =>
    if(isEditable(repository)){
      defining(context.loginAccount.get){ loginAccount =>
        saveWikiPage(repository.owner, repository.name, form.currentPageName, form.pageName,
          form.content, loginAccount, form.message.getOrElse(""), None)
-      updateLastActivityDate(repository.owner, repository.name)
+        updateLastActivityDate(repository.owner, repository.name)
-      recordCreateWikiPageActivity(repository.owner, repository.name, loginAccount.userName, form.pageName)
+        recordCreateWikiPageActivity(repository.owner, repository.name, loginAccount.userName, form.pageName)
        if(notReservedPageName(form.pageName)) {
          redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(form.pageName)}")
        } else {
          redirect(s"/${repository.owner}/${repository.name}/wiki")
        }
      }
    } else Unauthorized()
  })
  get("/:owner/:repository/wiki/:page/_delete")(readableUsersOnly { repository =>
    if(isEditable(repository)){
      val pageName = StringUtil.urlDecode(params("page"))
      defining(context.loginAccount.get){ loginAccount =>
        deleteWikiPage(repository.owner, repository.name, pageName, loginAccount.fullName, loginAccount.mailAddress, s"Destroyed ${pageName}")
        updateLastActivityDate(repository.owner, repository.name)
      if(notReservedPageName(form.pageName)) {
        redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(form.pageName)}")
      } else {
        redirect(s"/${repository.owner}/${repository.name}/wiki")
      }
-    }
+    } else Unauthorized()
  })
  get("/:owner/:repository/wiki/:page/_delete")(collaboratorsOnly { repository =>
    val pageName = StringUtil.urlDecode(params("page"))
    defining(context.loginAccount.get){ loginAccount =>
      deleteWikiPage(repository.owner, repository.name, pageName, loginAccount.fullName, loginAccount.mailAddress, s"Destroyed ${pageName}")
      updateLastActivityDate(repository.owner, repository.name)
      redirect(s"/${repository.owner}/${repository.name}/wiki")
    }
  })
  get("/:owner/:repository/wiki/_pages")(referrersOnly { repository =>
-    html.pages(getWikiPageList(repository.owner, repository.name), repository,
+    html.pages(getWikiPageList(repository.owner, repository.name), repository, isEditable(repository))
      hasWritePermission(repository.owner, repository.name, context.loginAccount))
  })
  get("/:owner/:repository/wiki/_history")(referrersOnly { repository =>
    using(Git.open(getWikiRepositoryDir(repository.owner, repository.name))){ git =>
      JGitUtil.getCommitLog(git, "master") match {
-        case Right((logs, hasNext)) => html.history(None, logs, repository)
+        case Right((logs, hasNext)) => html.history(None, logs, repository, isEditable(repository))
-        case Left(_) => NotFound
+        case Left(_) => NotFound()
      }
    }
  })
@@ -186,7 +201,7 @@ trait WikiControllerBase extends ControllerBase {
    getFileContent(repository.owner, repository.name, path).map { bytes =>
      RawData(FileUtil.getContentType(path, bytes), bytes)
-    } getOrElse NotFound
+    } getOrElse NotFound()
  })
  private def unique: Constraint = new Constraint(){
@@ -225,4 +240,13 @@ trait WikiControllerBase extends ControllerBase {
  private def targetWikiPage = getWikiPage(params("owner"), params("repository"), params("pageName"))
  private def isEditable(repository: RepositoryInfo)(implicit context: Context): Boolean = {
    repository.repository.options.wikiOption match {
      case "ALL"     => !repository.repository.isPrivate && context.loginAccount.isDefined
      case "PUBLIC"  => hasGuestRole(repository.owner, repository.name, context.loginAccount)
      case "PRIVATE" => hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
      case "DISABLE" => false
    }
  }
 }
--- a/src/main/scala/gitbucket/core/model/Account.scala
+++ b/src/main/scala/gitbucket/core/model/Account.scala
@@ -19,7 +19,8 @@ trait AccountComponent { self: Profile =>
    val image = column[String]("IMAGE")
    val groupAccount = column[Boolean]("GROUP_ACCOUNT")
    val removed = column[Boolean]("REMOVED")
-    def * = (userName, fullName, mailAddress, password, isAdmin, url.?, registeredDate, updatedDate, lastLoginDate.?, image.?, groupAccount, removed) <> (Account.tupled, Account.unapply)
+    val description = column[String]("DESCRIPTION")
    def * = (userName, fullName, mailAddress, password, isAdmin, url.?, registeredDate, updatedDate, lastLoginDate.?, image.?, groupAccount, removed, description.?) <> (Account.tupled, Account.unapply)
  }
 }
@@ -35,5 +36,6 @@ case class Account(
  lastLoginDate: Option[java.util.Date],
  image: Option[String],
  isGroupAccount: Boolean,
-  isRemoved: Boolean
+  isRemoved: Boolean,
  description: Option[String]
 )
--- a/src/main/scala/gitbucket/core/model/Collaborator.scala
+++ b/src/main/scala/gitbucket/core/model/Collaborator.scala
@@ -7,7 +7,8 @@ trait CollaboratorComponent extends TemplateComponent { self: Profile =>
  class Collaborators(tag: Tag) extends Table[Collaborator](tag, "COLLABORATOR") with BasicTemplate {
    val collaboratorName = column[String]("COLLABORATOR_NAME")
-    def * = (userName, repositoryName, collaboratorName) <> (Collaborator.tupled, Collaborator.unapply)
+    val role = column[String]("ROLE")
    def * = (userName, repositoryName, collaboratorName, role) <> (Collaborator.tupled, Collaborator.unapply)
    def byPrimaryKey(owner: String, repository: String, collaborator: String) =
      byRepository(owner, repository) && (collaboratorName === collaborator.bind)
@@ -17,5 +18,23 @@ trait CollaboratorComponent extends TemplateComponent { self: Profile =>
 case class Collaborator(
  userName: String,
  repositoryName: String,
-  collaboratorName: String
+  collaboratorName: String,
  role: String
 )
 sealed abstract class Role(val name: String)
 object Role {
  object ADMIN extends Role("ADMIN")
  object DEVELOPER extends Role("DEVELOPER")
  object GUEST extends Role("GUEST")
 //  val values: Vector[Permission] = Vector(ADMIN, WRITE, READ)
 //
 //  private val map: Map[String, Permission] = values.map(enum => enum.name -> enum).toMap
 //
 //  def apply(name: String): Permission = map(name)
 //
 //  def valueOf(name: String): Option[Permission] = map.get(name)
 }
--- a/src/main/scala/gitbucket/core/model/CommitStatus.scala
+++ b/src/main/scala/gitbucket/core/model/CommitStatus.scala
@@ -1,6 +1,5 @@
 package gitbucket.core.model
 import scala.slick.lifted.MappedTo
 import scala.slick.jdbc._
 trait CommitStatusComponent extends TemplateComponent { self: Profile =>
--- a/src/main/scala/gitbucket/core/model/Plugin.scala
+++ b/src/main/scala/gitbucket/core/model/Plugin.scala
@@ -1,19 +0,0 @@
 package gitbucket.core.model
 trait PluginComponent extends TemplateComponent { self: Profile =>
  import profile.simple._
  import self._
  lazy val Plugins = TableQuery[Plugins]
  class Plugins(tag: Tag) extends Table[Plugin](tag, "PLUGIN"){
    val pluginId = column[String]("PLUGIN_ID", O PrimaryKey)
    val version = column[String]("VERSION")
    def * = (pluginId, version) <> (Plugin.tupled, Plugin.unapply)
  }
 }
 case class Plugin(
  pluginId: String,
  version: String
 )
--- a/src/main/scala/gitbucket/core/model/Profile.scala
+++ b/src/main/scala/gitbucket/core/model/Profile.scala
@@ -1,5 +1,6 @@
 package gitbucket.core.model
 import gitbucket.core.util.DatabaseConfig
 trait Profile {
  val profile: slick.driver.JdbcProfile
@@ -28,7 +29,9 @@ trait Profile {
 }
 trait ProfileProvider { self: Profile =>
-  val profile = slick.driver.H2Driver
+
  lazy val profile = DatabaseConfig.slickDriver
 }
 trait CoreProfile extends ProfileProvider with Profile
@@ -49,7 +52,6 @@ trait CoreProfile extends ProfileProvider with Profile
  with SshKeyComponent
  with WebHookComponent
  with WebHookEventComponent
  with PluginComponent
  with ProtectedBranchComponent
 object Profile extends CoreProfile
--- a/src/main/scala/gitbucket/core/model/ProtectedBranch.scala
+++ b/src/main/scala/gitbucket/core/model/ProtectedBranch.scala
@@ -1,8 +1,5 @@
 package gitbucket.core.model
 import scala.slick.lifted.MappedTo
 import scala.slick.jdbc._
 trait ProtectedBranchComponent extends TemplateComponent { self: Profile =>
  import profile.simple._
  import self._
--- a/src/main/scala/gitbucket/core/model/Repository.scala
+++ b/src/main/scala/gitbucket/core/model/Repository.scala
@@ -7,17 +7,61 @@ trait RepositoryComponent extends TemplateComponent { self: Profile =>
  lazy val Repositories = TableQuery[Repositories]
  class Repositories(tag: Tag) extends Table[Repository](tag, "REPOSITORY") with BasicTemplate {
-    val isPrivate = column[Boolean]("PRIVATE")
+    val isPrivate            = column[Boolean]("PRIVATE")
-    val description = column[String]("DESCRIPTION")
+    val description          = column[String]("DESCRIPTION")
-    val defaultBranch = column[String]("DEFAULT_BRANCH")
+    val defaultBranch        = column[String]("DEFAULT_BRANCH")
-    val registeredDate = column[java.util.Date]("REGISTERED_DATE")
+    val registeredDate       = column[java.util.Date]("REGISTERED_DATE")
-    val updatedDate = column[java.util.Date]("UPDATED_DATE")
+    val updatedDate          = column[java.util.Date]("UPDATED_DATE")
-    val lastActivityDate = column[java.util.Date]("LAST_ACTIVITY_DATE")
+    val lastActivityDate     = column[java.util.Date]("LAST_ACTIVITY_DATE")
-    val originUserName = column[String]("ORIGIN_USER_NAME")
+    val originUserName       = column[String]("ORIGIN_USER_NAME")
    val originRepositoryName = column[String]("ORIGIN_REPOSITORY_NAME")
-    val parentUserName = column[String]("PARENT_USER_NAME")
+    val parentUserName       = column[String]("PARENT_USER_NAME")
    val parentRepositoryName = column[String]("PARENT_REPOSITORY_NAME")
-    def * = (userName, repositoryName, isPrivate, description.?, defaultBranch, registeredDate, updatedDate, lastActivityDate, originUserName.?, originRepositoryName.?, parentUserName.?, parentRepositoryName.?) <> (Repository.tupled, Repository.unapply)
+    val issuesOption         = column[String]("ISSUES_OPTION")
    val externalIssuesUrl    = column[String]("EXTERNAL_ISSUES_URL")
    val wikiOption           = column[String]("WIKI_OPTION")
    val externalWikiUrl      = column[String]("EXTERNAL_WIKI_URL")
    val allowFork            = column[Boolean]("ALLOW_FORK")
    def * = (
      (userName, repositoryName, isPrivate, description.?, defaultBranch,
      registeredDate, updatedDate, lastActivityDate, originUserName.?, originRepositoryName.?, parentUserName.?, parentRepositoryName.?),
      (issuesOption, externalIssuesUrl.?, wikiOption, externalWikiUrl.?, allowFork)
    ).shaped <> (
      { case (repository, options) =>
        Repository(
          repository._1,
          repository._2,
          repository._3,
          repository._4,
          repository._5,
          repository._6,
          repository._7,
          repository._8,
          repository._9,
          repository._10,
          repository._11,
          repository._12,
          RepositoryOptions.tupled.apply(options)
        )
      }, { (r: Repository) =>
        Some(((
          r.userName,
          r.repositoryName,
          r.isPrivate,
          r.description,
          r.defaultBranch,
          r.registeredDate,
          r.updatedDate,
          r.lastActivityDate,
          r.originUserName,
          r.originRepositoryName,
          r.parentUserName,
          r.parentRepositoryName
        ),(
          RepositoryOptions.unapply(r.options).get
        )))
      })
    def byPrimaryKey(owner: String, repository: String) = byRepository(owner, repository)
  }
@@ -35,5 +79,14 @@ case class Repository(
  originUserName: Option[String],
  originRepositoryName: Option[String],
  parentUserName: Option[String],
-  parentRepositoryName: Option[String]
+  parentRepositoryName: Option[String],
  options: RepositoryOptions
 )
 case class RepositoryOptions(
  issuesOption: String,
  externalIssuesUrl: Option[String],
  wikiOption: String,
  externalWikiUrl: Option[String],
  allowFork: Boolean
 )
--- a/src/main/scala/gitbucket/core/model/WebHook.scala
+++ b/src/main/scala/gitbucket/core/model/WebHook.scala
@@ -3,21 +3,42 @@ package gitbucket.core.model
 trait WebHookComponent extends TemplateComponent { self: Profile =>
  import profile.simple._
  implicit val whContentTypeColumnType = MappedColumnType.base[WebHookContentType, String](whct => whct.code , code => WebHookContentType.valueOf(code))
  lazy val WebHooks = TableQuery[WebHooks]
  class WebHooks(tag: Tag) extends Table[WebHook](tag, "WEB_HOOK") with BasicTemplate {
    val url = column[String]("URL")
    val token = column[Option[String]]("TOKEN", O.Nullable)
-    def * = (userName, repositoryName, url, token) <> ((WebHook.apply _).tupled, WebHook.unapply)
+    val ctype = column[WebHookContentType]("CTYPE", O.NotNull)
    def * = (userName, repositoryName, url, ctype, token) <> ((WebHook.apply _).tupled, WebHook.unapply)
    def byPrimaryKey(owner: String, repository: String, url: String) = byRepository(owner, repository) && (this.url === url.bind)
  }
 }
 case class WebHookContentType(val code: String, val ctype: String)
 object WebHookContentType {
  object JSON extends WebHookContentType("json", "application/json")
  object FORM extends WebHookContentType("form", "application/x-www-form-urlencoded")
  val values: Vector[WebHookContentType] = Vector(JSON, FORM)
  private val map: Map[String, WebHookContentType] = values.map(enum => enum.code -> enum).toMap
  def apply(code: String): WebHookContentType = map(code)
  def valueOf(code: String): WebHookContentType = map(code)
  def valueOpt(code: String): Option[WebHookContentType] = map.get(code)
 }
 case class WebHook(
  userName: String,
  repositoryName: String,
  url: String,
  ctype: WebHookContentType,
  token: Option[String]
 )
--- a/src/main/scala/gitbucket/core/plugin/Plugin.scala
+++ b/src/main/scala/gitbucket/core/plugin/Plugin.scala
@@ -1,16 +1,18 @@
 package gitbucket.core.plugin
 import javax.servlet.ServletContext
-import gitbucket.core.controller.ControllerBase
+import gitbucket.core.controller.{Context, ControllerBase}
 import gitbucket.core.model.Account
 import gitbucket.core.service.RepositoryService.RepositoryInfo
 import gitbucket.core.service.SystemSettingsService.SystemSettings
 import gitbucket.core.util.ControlUtil._
-import gitbucket.core.util.Version
+import io.github.gitbucket.solidbase.model.Version
 /**
 * Trait for define plugin interface.
- * To provide plugin, put Plugin class which mixed in this trait into the package root.
+ * To provide a plugin, put a Plugin class which extends this class into the package root.
 */
-trait Plugin {
+abstract class Plugin {
  val pluginId: String
  val pluginName: String
@@ -77,6 +79,106 @@ trait Plugin {
   */
  def receiveHooks(registry: PluginRegistry, context: ServletContext, settings: SystemSettings): Seq[ReceiveHook] = Nil
  /**
   * Override to add global menus.
   */
  val globalMenus: Seq[(Context) => Option[Link]] = Nil
  /**
   * Override to add global menus.
   */
  def globalMenus(registry: PluginRegistry, context: ServletContext, settings: SystemSettings): Seq[(Context) => Option[Link]] = Nil
  /**
   * Override to add repository menus.
   */
  val repositoryMenus: Seq[(RepositoryInfo, Context) => Option[Link]] = Nil
  /**
   * Override to add repository menus.
   */
  def repositoryMenus(registry: PluginRegistry, context: ServletContext, settings: SystemSettings): Seq[(RepositoryInfo, Context) => Option[Link]] = Nil
  /**
   * Override to add repository setting tabs.
   */
  val repositorySettingTabs: Seq[(RepositoryInfo, Context) => Option[Link]] = Nil
  /**
   * Override to add repository setting tabs.
   */
  def repositorySettingTabs(registry: PluginRegistry, context: ServletContext, settings: SystemSettings): Seq[(RepositoryInfo, Context) => Option[Link]] = Nil
  /**
   * Override to add profile tabs.
   */
  val profileTabs: Seq[(Account, Context) => Option[Link]] = Nil
  /**
   * Override to add profile tabs.
   */
  def profileTabs(registry: PluginRegistry, context: ServletContext, settings: SystemSettings): Seq[(Account, Context) => Option[Link]] = Nil
  /**
   * Override to add system setting menus.
   */
  val systemSettingMenus: Seq[(Context) => Option[Link]] = Nil
  /**
   * Override to add system setting menus.
   */
  def systemSettingMenus(registry: PluginRegistry, context: ServletContext, settings: SystemSettings): Seq[(Context) => Option[Link]] = Nil
  /**
   * Override to add account setting menus.
   */
  val accountSettingMenus: Seq[(Context) => Option[Link]] = Nil
  /**
   * Override to add account setting menus.
   */
  def accountSettingMenus(registry: PluginRegistry, context: ServletContext, settings: SystemSettings): Seq[(Context) => Option[Link]] = Nil
  /**
   * Override to add dashboard tabs.
   */
  val dashboardTabs: Seq[(Context) => Option[Link]] = Nil
  /**
   * Override to add dashboard tabs.
   */
  def dashboardTabs(registry: PluginRegistry, context: ServletContext, settings: SystemSettings): Seq[(Context) => Option[Link]] = Nil
  /**
   * Override to add assets mappings.
   */
  val assetsMappings: Seq[(String, String)] = Nil
  /**
   * Override to add assets mappings.
   */
  def assetsMappings(registry: PluginRegistry, context: ServletContext, settings: SystemSettings): Seq[(String, String)] = Nil
  /**
   * Override to add text decorators.
   */
  val textDecorators: Seq[TextDecorator] = Nil
  /**
   * Override to add text decorators.
   */
  def textDecorators(registry: PluginRegistry, context: ServletContext, settings: SystemSettings): Seq[TextDecorator] = Nil
  /**
   * Override to add suggestion provider.
   */
  val suggestionProviders: Seq[SuggestionProvider] = Nil
  /**
   * Override to add suggestion provider.
   */
  def suggestionProviders(registry: PluginRegistry, context: ServletContext, settings: SystemSettings): Seq[SuggestionProvider] = Nil
  /**
   * This method is invoked in initialization of plugin system.
   * Register plugin functionality to PluginRegistry.
@@ -100,6 +202,36 @@ trait Plugin {
    (receiveHooks ++ receiveHooks(registry, context, settings)).foreach { receiveHook =>
      registry.addReceiveHook(receiveHook)
    }
    (globalMenus ++ globalMenus(registry, context, settings)).foreach { globalMenu =>
      registry.addGlobalMenu(globalMenu)
    }
    (repositoryMenus ++ repositoryMenus(registry, context, settings)).foreach { repositoryMenu =>
      registry.addRepositoryMenu(repositoryMenu)
    }
    (repositorySettingTabs ++ repositorySettingTabs(registry, context, settings)).foreach { repositorySettingTab =>
      registry.addRepositorySettingTab(repositorySettingTab)
    }
    (profileTabs ++ profileTabs(registry, context, settings)).foreach { profileTab =>
      registry.addProfileTab(profileTab)
    }
    (systemSettingMenus ++ systemSettingMenus(registry, context, settings)).foreach { systemSettingMenu =>
      registry.addSystemSettingMenu(systemSettingMenu)
    }
    (accountSettingMenus ++ accountSettingMenus(registry, context, settings)).foreach { accountSettingMenu =>
      registry.addAccountSettingMenu(accountSettingMenu)
    }
    (dashboardTabs ++ dashboardTabs(registry, context, settings)).foreach { dashboardTab =>
      registry.addDashboardTab(dashboardTab)
    }
    (assetsMappings ++ assetsMappings(registry, context, settings)).foreach { assetMapping =>
      registry.addAssetsMapping((assetMapping._1, assetMapping._2, getClass.getClassLoader))
    }
    (textDecorators ++ textDecorators(registry, context, settings)).foreach { textDecorator =>
      registry.addTextDecorator(textDecorator)
    }
    (suggestionProviders ++ suggestionProviders(registry, context, settings)).foreach { suggestionProvider =>
      registry.addSuggestionProvider(suggestionProvider)
    }
  }
  /**
--- a/src/main/scala/gitbucket/core/plugin/PluginRegistory.scala
+++ b/src/main/scala/gitbucket/core/plugin/PluginRegistory.scala
@@ -3,16 +3,18 @@ package gitbucket.core.plugin
 import java.io.{File, FilenameFilter, InputStream}
 import java.net.URLClassLoader
 import javax.servlet.ServletContext
 import javax.servlet.http.{HttpServletRequest, HttpServletResponse}
 import gitbucket.core.controller.{Context, ControllerBase}
 import gitbucket.core.model.Account
 import gitbucket.core.service.ProtectedBranchService.ProtectedBranchReceiveHook
 import gitbucket.core.service.RepositoryService.RepositoryInfo
 import gitbucket.core.service.SystemSettingsService.SystemSettings
 import gitbucket.core.util.ControlUtil._
 import gitbucket.core.util.DatabaseConfig
 import gitbucket.core.util.Directory._
-import gitbucket.core.util.JDBCUtil._
+import io.github.gitbucket.solidbase.Solidbase
-import gitbucket.core.util.{Version, Versions}
+import io.github.gitbucket.solidbase.manager.JDBCVersionManager
 import io.github.gitbucket.solidbase.model.Module
 import org.apache.commons.codec.binary.{Base64, StringUtils}
 import org.slf4j.LoggerFactory
@@ -33,9 +35,20 @@ class PluginRegistry {
  private val receiveHooks = new ListBuffer[ReceiveHook]
  receiveHooks += new ProtectedBranchReceiveHook()
-  def addPlugin(pluginInfo: PluginInfo): Unit = {
+  private val globalMenus = new ListBuffer[(Context) => Option[Link]]
-    plugins += pluginInfo
+  private val repositoryMenus = new ListBuffer[(RepositoryInfo, Context) => Option[Link]]
-  }
+  private val repositorySettingTabs = new ListBuffer[(RepositoryInfo, Context) => Option[Link]]
  private val profileTabs = new ListBuffer[(Account, Context) => Option[Link]]
  private val systemSettingMenus = new ListBuffer[(Context) => Option[Link]]
  private val accountSettingMenus = new ListBuffer[(Context) => Option[Link]]
  private val dashboardTabs = new ListBuffer[(Context) => Option[Link]]
  private val assetsMappings = new ListBuffer[(String, String, ClassLoader)]
  private val textDecorators = new ListBuffer[TextDecorator]
  private val suggestionProviders = new ListBuffer[SuggestionProvider]
  suggestionProviders += new UserNameSuggestionProvider()
  def addPlugin(pluginInfo: PluginInfo): Unit = plugins += pluginInfo
  def getPlugins(): List[PluginInfo] = plugins.toList
@@ -56,42 +69,26 @@ class PluginRegistry {
  def getImage(id: String): String = images(id)
-  def addController(path: String, controller: ControllerBase): Unit = {
+  def addController(path: String, controller: ControllerBase): Unit = controllers += ((controller, path))
    controllers += ((controller, path))
  }
  @deprecated("Use addController(path: String, controller: ControllerBase) instead", "3.4.0")
-  def addController(controller: ControllerBase, path: String): Unit = {
+  def addController(controller: ControllerBase, path: String): Unit = addController(path, controller)
    addController(path, controller)
  }
  def getControllers(): Seq[(ControllerBase, String)] = controllers.toSeq
-  def addJavaScript(path: String, script: String): Unit = {
+  def addJavaScript(path: String, script: String): Unit = javaScripts += ((path, script))
    javaScripts += ((path, script))
  }
-  def getJavaScript(currentPath: String): List[String] = {
+  def getJavaScript(currentPath: String): List[String] = javaScripts.filter(x => currentPath.matches(x._1)).toList.map(_._2)
    javaScripts.filter(x => currentPath.matches(x._1)).toList.map(_._2)
  }
-  def addRenderer(extension: String, renderer: Renderer): Unit = {
+  def addRenderer(extension: String, renderer: Renderer): Unit = renderers += ((extension, renderer))
    renderers += ((extension, renderer))
  }
-  def getRenderer(extension: String): Renderer = {
+  def getRenderer(extension: String): Renderer = renderers.get(extension).getOrElse(DefaultRenderer)
    renderers.get(extension).getOrElse(DefaultRenderer)
  }
  def renderableExtensions: Seq[String] = renderers.keys.toSeq
-  def addRepositoryRouting(routing: GitRepositoryRouting): Unit = {
+  def addRepositoryRouting(routing: GitRepositoryRouting): Unit = repositoryRoutings += routing
    repositoryRoutings += routing
  }
-  def getRepositoryRoutings(): Seq[GitRepositoryRouting] = {
+  def getRepositoryRoutings(): Seq[GitRepositoryRouting] = repositoryRoutings.toSeq
    repositoryRoutings.toSeq
  }
  def getRepositoryRouting(repositoryPath: String): Option[GitRepositoryRouting] = {
    PluginRegistry().getRepositoryRoutings().find {
@@ -101,24 +98,49 @@ class PluginRegistry {
    }
  }
-  def addReceiveHook(commitHook: ReceiveHook): Unit = {
+  def addReceiveHook(commitHook: ReceiveHook): Unit = receiveHooks += commitHook
    receiveHooks += commitHook
  }
  def getReceiveHooks: Seq[ReceiveHook] = receiveHooks.toSeq
-  private case class GlobalAction(
+  def addGlobalMenu(globalMenu: (Context) => Option[Link]): Unit = globalMenus += globalMenu
    method: String,
    path: String,
    function: (HttpServletRequest, HttpServletResponse, Context) => Any
  )
-  private case class RepositoryAction(
+  def getGlobalMenus: Seq[(Context) => Option[Link]] = globalMenus.toSeq
    method: String,
    path: String,
    function: (HttpServletRequest, HttpServletResponse, Context, RepositoryInfo) => Any
  )
  def addRepositoryMenu(repositoryMenu: (RepositoryInfo, Context) => Option[Link]): Unit = repositoryMenus += repositoryMenu
  def getRepositoryMenus: Seq[(RepositoryInfo, Context) => Option[Link]] = repositoryMenus.toSeq
  def addRepositorySettingTab(repositorySettingTab: (RepositoryInfo, Context) => Option[Link]): Unit = repositorySettingTabs += repositorySettingTab
  def getRepositorySettingTabs: Seq[(RepositoryInfo, Context) => Option[Link]] = repositorySettingTabs.toSeq
  def addProfileTab(profileTab: (Account, Context) => Option[Link]): Unit = profileTabs += profileTab
  def getProfileTabs: Seq[(Account, Context) => Option[Link]] = profileTabs.toSeq
  def addSystemSettingMenu(systemSettingMenu: (Context) => Option[Link]): Unit = systemSettingMenus += systemSettingMenu
  def getSystemSettingMenus: Seq[(Context) => Option[Link]] = systemSettingMenus.toSeq
  def addAccountSettingMenu(accountSettingMenu: (Context) => Option[Link]): Unit = accountSettingMenus += accountSettingMenu
  def getAccountSettingMenus: Seq[(Context) => Option[Link]] = accountSettingMenus.toSeq
  def addDashboardTab(dashboardTab: (Context) => Option[Link]): Unit = dashboardTabs += dashboardTab
  def getDashboardTabs: Seq[(Context) => Option[Link]] = dashboardTabs.toSeq
  def addAssetsMapping(assetsMapping: (String, String, ClassLoader)): Unit = assetsMappings += assetsMapping
  def getAssetsMappings: Seq[(String, String, ClassLoader)] = assetsMappings.toSeq
  def addTextDecorator(textDecorator: TextDecorator): Unit = textDecorators += textDecorator
  def getTextDecorators: Seq[TextDecorator] = textDecorators.toSeq
  def addSuggestionProvider(suggestionProvider: SuggestionProvider): Unit = suggestionProviders += suggestionProvider
  def getSuggestionProviders: Seq[SuggestionProvider] = suggestionProviders.toSeq
 }
 /**
@@ -140,6 +162,8 @@ object PluginRegistry {
   */
  def initialize(context: ServletContext, settings: SystemSettings, conn: java.sql.Connection): Unit = {
    val pluginDir = new File(PluginHome)
    val manager = new JDBCVersionManager(conn)
    if(pluginDir.exists && pluginDir.isDirectory){
      pluginDir.listFiles(new FilenameFilter {
        override def accept(dir: File, name: String): Boolean = name.endsWith(".jar")
@@ -149,37 +173,29 @@ object PluginRegistry {
          val plugin = classLoader.loadClass("Plugin").newInstance().asInstanceOf[Plugin]
          // Migration
-          val headVersion = plugin.versions.head
+          val solidbase = new Solidbase()
-          val currentVersion = conn.find("SELECT * FROM PLUGIN WHERE PLUGIN_ID = ?", plugin.pluginId)(_.getString("VERSION")) match {
+          solidbase.migrate(conn, classLoader, DatabaseConfig.liquiDriver, new Module(plugin.pluginId, plugin.versions: _*))
            case Some(x) => {
              val dim = x.split("\\.")
              Version(dim(0).toInt, dim(1).toInt)
            }
            case None => Version(0, 0)
          }
-          Versions.update(conn, headVersion, currentVersion, plugin.versions, new URLClassLoader(Array(pluginJar.toURI.toURL))){ conn =>
+          // Check version
-            currentVersion.versionString match {
+          val databaseVersion = manager.getCurrentVersion(plugin.pluginId)
-              case "0.0" =>
+          val pluginVersion = plugin.versions.last.getVersion
-                conn.update("INSERT INTO PLUGIN (PLUGIN_ID, VERSION) VALUES (?, ?)", plugin.pluginId, headVersion.versionString)
+          if(databaseVersion != pluginVersion){
-              case _ =>
+            throw new IllegalStateException(s"Plugin version is ${pluginVersion}, but database version is ${databaseVersion}")
                conn.update("UPDATE PLUGIN SET VERSION = ? WHERE PLUGIN_ID = ?", headVersion.versionString, plugin.pluginId)
            }
          }
          // Initialize
          plugin.initialize(instance, context, settings)
          instance.addPlugin(PluginInfo(
-            pluginId    = plugin.pluginId,
+            pluginId      = plugin.pluginId,
-            pluginName  = plugin.pluginName,
+            pluginName    = plugin.pluginName,
-            version     = plugin.versions.head.versionString,
+            pluginVersion = plugin.versions.last.getVersion,
-            description = plugin.description,
+            description   = plugin.description,
-            pluginClass = plugin
+            pluginClass   = plugin
          ))
        } catch {
          case e: Throwable => {
-            logger.error(s"Error during plugin initialization", e)
+            logger.error(s"Error during plugin initialization: ${pluginJar.getAbsolutePath}", e)
          }
        }
      }
@@ -201,10 +217,12 @@ object PluginRegistry {
 }
 case class Link(id: String, label: String, path: String, icon: Option[String] = None)
 case class PluginInfo(
  pluginId: String,
  pluginName: String,
-  version: String,
+  pluginVersion: String,
  description: String,
  pluginClass: Plugin
 )
--- a/src/main/scala/gitbucket/core/plugin/SuggestionProvider.scala
+++ b/src/main/scala/gitbucket/core/plugin/SuggestionProvider.scala
@@ -0,0 +1,27 @@
 package gitbucket.core.plugin
 import gitbucket.core.controller.Context
 import gitbucket.core.service.RepositoryService.RepositoryInfo
 trait SuggestionProvider {
  val id: String
  val prefix: String
  val suffix: String = " "
  val context: Seq[String]
  def values(repository: RepositoryInfo): Seq[String]
  def template(implicit context: Context): String = "value"
  def additionalScript(implicit context: Context): String = ""
 }
 class UserNameSuggestionProvider extends SuggestionProvider {
  override val id: String = "user"
  override val prefix: String = "@"
  override val context: Seq[String] = Seq("issues")
  override def values(repository: RepositoryInfo): Seq[String] = Nil
  override def template(implicit context: Context): String = "'@' + value"
  override def additionalScript(implicit context: Context): String =
    s"""$$.get('${context.path}/_user/proposals', { query: '', user: true, group: false }, function (data) { user = data.options; });"""
 }
--- a/src/main/scala/gitbucket/core/plugin/TextDecorator.scala
+++ b/src/main/scala/gitbucket/core/plugin/TextDecorator.scala
@@ -0,0 +1,10 @@
 package gitbucket.core.plugin
 import gitbucket.core.controller.Context
 import gitbucket.core.service.RepositoryService.RepositoryInfo
 trait TextDecorator {
  def decorate(text: String, repository: RepositoryInfo)(implicit context: Context): String
 }
--- a/src/main/scala/gitbucket/core/service/AccessTokenService.scala
+++ b/src/main/scala/gitbucket/core/service/AccessTokenService.scala
@@ -20,7 +20,7 @@ trait AccessTokenService {
  def tokenToHash(token: String): String = StringUtil.sha1(token)
  /**
-   * @retuen (TokenId, Token)
+   * @return (TokenId, Token)
   */
  def generateAccessToken(userName: String, note: String)(implicit s: Session): (Int, String) = {
    var token: String = null
--- a/src/main/scala/gitbucket/core/service/AccountService.scala
+++ b/src/main/scala/gitbucket/core/service/AccountService.scala
@@ -14,13 +14,20 @@ trait AccountService {
  private val logger = LoggerFactory.getLogger(classOf[AccountService])
-  def authenticate(settings: SystemSettings, userName: String, password: String)(implicit s: Session): Option[Account] =
+  def authenticate(settings: SystemSettings, userName: String, password: String)(implicit s: Session): Option[Account] = {
-    if(settings.ldapAuthentication){
+    val account = if (settings.ldapAuthentication) {
      ldapAuthentication(settings, userName, password)
    } else {
      defaultAuthentication(userName, password)
    }
    if(account.isEmpty){
      logger.info(s"Failed to authenticate: $userName")
    }
    account
  }
  /**
   * Authenticate by internal database.
   */
@@ -61,14 +68,14 @@ trait AccountService {
              defaultAuthentication(userName, password)
            }
            case None => {
-              createAccount(ldapUserInfo.userName, "", ldapUserInfo.fullName, ldapUserInfo.mailAddress, false, None)
+              createAccount(ldapUserInfo.userName, "", ldapUserInfo.fullName, ldapUserInfo.mailAddress, false, None, None)
              getAccountByUserName(ldapUserInfo.userName)
            }
          }
        }
      }
      case Left(errorMessage) => {
-        logger.info(s"LDAP Authentication Failed: ${errorMessage}")
+        logger.info(s"LDAP error: ${errorMessage}")
        defaultAuthentication(userName, password)
      }
    }
@@ -97,7 +104,13 @@ trait AccountService {
      Accounts filter (_.removed === false.bind) sortBy(_.userName) list
    }
-  def createAccount(userName: String, password: String, fullName: String, mailAddress: String, isAdmin: Boolean, url: Option[String])
+  def isLastAdministrator(account: Account)(implicit s: Session): Boolean = {
    if(account.isAdmin){
      (Accounts filter (_.removed === false.bind) filter (_.isAdmin === true.bind) map (_.userName.length)).first == 1
    } else false
  }
  def createAccount(userName: String, password: String, fullName: String, mailAddress: String, isAdmin: Boolean, description: Option[String], url: Option[String])
                   (implicit s: Session): Unit =
    Accounts insert Account(
      userName       = userName,
@@ -111,12 +124,13 @@ trait AccountService {
      lastLoginDate  = None,
      image          = None,
      isGroupAccount = false,
-      isRemoved      = false)
+      isRemoved      = false,
      description    = description)
  def updateAccount(account: Account)(implicit s: Session): Unit =
    Accounts
      .filter { a =>  a.userName === account.userName.bind }
-      .map    { a => (a.password, a.fullName, a.mailAddress, a.isAdmin, a.url.?, a.registeredDate, a.updatedDate, a.lastLoginDate.?, a.removed) }
+      .map    { a => (a.password, a.fullName, a.mailAddress, a.isAdmin, a.url.?, a.registeredDate, a.updatedDate, a.lastLoginDate.?, a.removed, a.description.?) }
      .update (
        account.password,
        account.fullName,
@@ -126,7 +140,8 @@ trait AccountService {
        account.registeredDate,
        currentDate,
        account.lastLoginDate,
-        account.isRemoved)
+        account.isRemoved,
        account.description)
  def updateAvatarImage(userName: String, image: Option[String])(implicit s: Session): Unit =
    Accounts.filter(_.userName === userName.bind).map(_.image.?).update(image)
@@ -134,7 +149,7 @@ trait AccountService {
  def updateLastLoginDate(userName: String)(implicit s: Session): Unit =
    Accounts.filter(_.userName === userName.bind).map(_.lastLoginDate).update(currentDate)
-  def createGroup(groupName: String, url: Option[String])(implicit s: Session): Unit =
+  def createGroup(groupName: String, description: Option[String], url: Option[String])(implicit s: Session): Unit =
    Accounts insert Account(
      userName       = groupName,
      password       = "",
@@ -147,10 +162,13 @@ trait AccountService {
      lastLoginDate  = None,
      image          = None,
      isGroupAccount = true,
-      isRemoved      = false)
+      isRemoved      = false,
      description    = description)
-  def updateGroup(groupName: String, url: Option[String], removed: Boolean)(implicit s: Session): Unit =
+  def updateGroup(groupName: String, description: Option[String], url: Option[String], removed: Boolean)(implicit s: Session): Unit =
-    Accounts.filter(_.userName === groupName.bind).map(t => t.url.? -> t.removed).update(url, removed)
+    Accounts.filter(_.userName === groupName.bind)
      .map(t => (t.url.?, t.description.?, t.removed))
      .update(url, description, removed)
  def updateGroupMembers(groupName: String, members: List[(String, Boolean)])(implicit s: Session): Unit = {
    GroupMembers.filter(_.groupName === groupName.bind).delete
@@ -175,12 +193,11 @@ trait AccountService {
  def removeUserRelatedData(userName: String)(implicit s: Session): Unit = {
    GroupMembers.filter(_.userName === userName.bind).delete
    Collaborators.filter(_.collaboratorName === userName.bind).delete
    Repositories.filter(_.userName === userName.bind).delete
  }
  def getGroupNames(userName: String)(implicit s: Session): List[String] = {
    List(userName) ++
-      Collaborators.filter(_.collaboratorName === userName.bind).sortBy(_.userName).map(_.userName).list
+      Collaborators.filter(_.collaboratorName === userName.bind).sortBy(_.userName).map(_.userName).list.distinct
  }
 }
--- a/src/main/scala/gitbucket/core/service/CommitStatusService.scala
+++ b/src/main/scala/gitbucket/core/service/CommitStatusService.scala
@@ -5,9 +5,6 @@ import profile.simple._
 import gitbucket.core.model.{CommitState, CommitStatus, Account}
 import gitbucket.core.util.Implicits._
 import gitbucket.core.util.StringUtil._
 import gitbucket.core.service.RepositoryService.RepositoryInfo
 import org.joda.time.LocalDateTime
 import gitbucket.core.model.Profile.dateColumnType
 trait CommitStatusService {
@@ -54,4 +51,4 @@ trait CommitStatusService {
  protected def byCommitStatues(userName: String, repositoryName: String, sha: String)(implicit s: Session) = 
    CommitStatuses.filter(t => t.byCommit(userName, repositoryName, sha)).sortBy(_.updatedDate desc)
-}
+}
--- a/src/main/scala/gitbucket/core/service/CommitsService.scala
+++ b/src/main/scala/gitbucket/core/service/CommitsService.scala
@@ -1,14 +1,11 @@
 package gitbucket.core.service
 import gitbucket.core.model.CommitComment
-import gitbucket.core.util.{StringUtil, Implicits}
+import gitbucket.core.util.Implicits
 import scala.slick.jdbc.{StaticQuery => Q}
 import Q.interpolation
 import gitbucket.core.model.Profile._
 import profile.simple._
 import Implicits._
 import StringUtil._
 trait CommitsService {
@@ -42,12 +39,18 @@ trait CommitsService {
      updatedDate       = currentDate,
      issueId           = issueId)
  def updateCommitCommentPosition(commentId: Int, commitId: String, oldLine: Option[Int], newLine: Option[Int])(implicit s: Session): Unit =
    CommitComments.filter(_.byPrimaryKey(commentId))
      .map { t =>
        (t.commitId, t.oldLine, t.newLine)
      }.update(commitId, oldLine, newLine)
  def updateCommitComment(commentId: Int, content: String)(implicit s: Session) =
    CommitComments
      .filter (_.byPrimaryKey(commentId))
      .map { t =>
-      t.content -> t.updatedDate
+        t.content -> t.updatedDate
-    }.update (content, currentDate)
+      }.update (content, currentDate)
  def deleteCommitComment(commentId: Int)(implicit s: Session) =
    CommitComments filter (_.byPrimaryKey(commentId)) delete
--- a/src/main/scala/gitbucket/core/service/HandleCommentService.scala
+++ b/src/main/scala/gitbucket/core/service/HandleCommentService.scala
@@ -13,78 +13,81 @@ trait HandleCommentService {
    with WebHookService with WebHookIssueCommentService with WebHookPullRequestService =>
  /**
-   * @see [[https://github.com/takezoe/gitbucket/wiki/CommentAction]]
+   * @see [[https://github.com/gitbucket/gitbucket/wiki/CommentAction]]
   */
  def handleComment(issue: Issue, content: Option[String], repository: RepositoryService.RepositoryInfo, actionOpt: Option[String])
                   (implicit context: Context, s: Session) = {
    context.loginAccount.flatMap { loginAccount =>
      defining(repository.owner, repository.name){ case (owner, name) =>
        val userName = loginAccount.userName
-    defining(repository.owner, repository.name){ case (owner, name) =>
+        val (action, recordActivity) = actionOpt
-      val userName = context.loginAccount.get.userName
+          .collect {
-
+            case "close" if(!issue.closed) => true  ->
-      val (action, recordActivity) = actionOpt
+              (Some("close")  -> Some(if(issue.isPullRequest) recordClosePullRequestActivity _ else recordCloseIssueActivity _))
-        .collect {
+            case "reopen" if(issue.closed) => false ->
-          case "close" if(!issue.closed) => true  ->
+              (Some("reopen") -> Some(recordReopenIssueActivity _))
            (Some("close")  -> Some(if(issue.isPullRequest) recordClosePullRequestActivity _ else recordCloseIssueActivity _))
          case "reopen" if(issue.closed) => false ->
            (Some("reopen") -> Some(recordReopenIssueActivity _))
        }
        .map { case (closed, t) =>
          updateClosed(owner, name, issue.issueId, closed)
          t
        }
        .getOrElse(None -> None)
      val commentId = (content, action) match {
        case (None, None) => None
        case (None, Some(action)) => Some(createComment(owner, name, userName, issue.issueId, action.capitalize, action))
        case (Some(content), _) => Some(createComment(owner, name, userName, issue.issueId, content, action.map(_+ "_comment").getOrElse("comment")))
      }
      // record comment activity if comment is entered
      content foreach {
        (if(issue.isPullRequest) recordCommentPullRequestActivity _ else recordCommentIssueActivity _)
        (owner, name, userName, issue.issueId, _)
      }
      recordActivity foreach ( _ (owner, name, userName, issue.issueId, issue.title) )
      // extract references and create refer comment
      content.map { content =>
        createReferComment(owner, name, issue, content, context.loginAccount.get)
      }
      // call web hooks
      action match {
        case None => commentId.map{ commentIdSome => callIssueCommentWebHook(repository, issue, commentIdSome, context.loginAccount.get) }
        case Some(act) => val webHookAction = act match {
          case "open"   => "opened"
          case "reopen" => "reopened"
          case "close"  => "closed"
          case _ => act
        }
          if(issue.isPullRequest){
            callPullRequestWebHook(webHookAction, repository, issue.issueId, context.baseUrl, context.loginAccount.get)
          } else {
            callIssuesWebHook(webHookAction, repository, issue, context.baseUrl, context.loginAccount.get)
          }
-      }
+          .map { case (closed, t) =>
            updateClosed(owner, name, issue.issueId, closed)
            t
          }
          .getOrElse(None -> None)
-      // notifications
+        val commentId = (content, action) match {
-      Notifier() match {
+          case (None, None) => None
-        case f =>
+          case (None, Some(action)) => Some(createComment(owner, name, userName, issue.issueId, action.capitalize, action))
-          content foreach {
+          case (Some(content), _) => Some(createComment(owner, name, userName, issue.issueId, content, action.map(_+ "_comment").getOrElse("comment")))
-            f.toNotify(repository, issue, _){
+        }
-              Notifier.msgComment(s"${context.baseUrl}/${owner}/${name}/${
+
-                if(issue.isPullRequest) "pull" else "issues"}/${issue.issueId}#comment-${commentId.get}")
+        // record comment activity if comment is entered
        content foreach {
          (if(issue.isPullRequest) recordCommentPullRequestActivity _ else recordCommentIssueActivity _)
          (owner, name, userName, issue.issueId, _)
        }
        recordActivity foreach ( _ (owner, name, userName, issue.issueId, issue.title) )
        // extract references and create refer comment
        content.map { content =>
          createReferComment(owner, name, issue, content, loginAccount)
        }
        // call web hooks
        action match {
          case None => commentId.map { commentIdSome => callIssueCommentWebHook(repository, issue, commentIdSome, loginAccount) }
          case Some(act) => {
            val webHookAction = act match {
              case "open"   => "opened"
              case "reopen" => "reopened"
              case "close"  => "closed"
              case _ => act
            }
            if (issue.isPullRequest) {
              callPullRequestWebHook(webHookAction, repository, issue.issueId, context.baseUrl, loginAccount)
            } else {
              callIssuesWebHook(webHookAction, repository, issue, context.baseUrl, loginAccount)
            }
          }
-          action foreach {
+        }
            f.toNotify(repository, issue, _){
              Notifier.msgStatus(s"${context.baseUrl}/${owner}/${name}/issues/${issue.issueId}")
            }
          }
      }
-      commentId.map( issue -> _ )
+        // notifications
        Notifier() match {
          case f =>
            content foreach {
              f.toNotify(repository, issue, _){
                Notifier.msgComment(s"${context.baseUrl}/${owner}/${name}/${
                  if(issue.isPullRequest) "pull" else "issues"}/${issue.issueId}#comment-${commentId.get}")
              }
            }
            action foreach {
              f.toNotify(repository, issue, _){
                Notifier.msgStatus(s"${context.baseUrl}/${owner}/${name}/issues/${issue.issueId}")
              }
            }
        }
        commentId.map( issue -> _ )
      }
    }
  }
--- a/src/main/scala/gitbucket/core/service/IssueCreationService.scala
+++ b/src/main/scala/gitbucket/core/service/IssueCreationService.scala
@@ -0,0 +1,74 @@
 package gitbucket.core.service
 import gitbucket.core.controller.Context
 import gitbucket.core.model.{Account, Issue}
 import gitbucket.core.model.Profile.profile.simple.Session
 import gitbucket.core.service.RepositoryService.RepositoryInfo
 import gitbucket.core.util.Notifier
 import gitbucket.core.util.Implicits._
 // TODO: Merged with IssuesService?
 trait IssueCreationService {
  self: RepositoryService with WebHookIssueCommentService with LabelsService with IssuesService with ActivityService =>
  def createIssue(repository: RepositoryInfo, title:String, body:Option[String],
                  assignee: Option[String], milestoneId: Option[Int], labelNames: Seq[String],
                  loginAccount: Account)(implicit context: Context, s: Session) : Issue = {
    val owner = repository.owner
    val name  = repository.name
    val userName   = loginAccount.userName
    val manageable = isIssueManageable(repository)
    // insert issue
    val issueId = insertIssue(owner, name, userName, title, body,
      if (manageable) assignee else None,
      if (manageable) milestoneId else None)
    val issue: Issue = getIssue(owner, name, issueId.toString).get
    // insert labels
    if (manageable) {
      val labels = getLabels(owner, name)
      labelNames.map { labelName =>
        labels.find(_.labelName == labelName).map { label =>
          registerIssueLabel(owner, name, issueId, label.labelId)
        }
      }
    }
    // record activity
    recordCreateIssueActivity(owner, name, userName, issueId, title)
    // extract references and create refer comment
    createReferComment(owner, name, issue, title + " " + body.getOrElse(""), loginAccount)
    // call web hooks
    callIssuesWebHook("opened", repository, issue, context.baseUrl, loginAccount)
    // notifications
    Notifier().toNotify(repository, issue, body.getOrElse("")) {
      Notifier.msgIssue(s"${context.baseUrl}/${owner}/${name}/issues/${issueId}")
    }
    issue
  }
  /**
   * Tests whether an logged-in user can manage issues.
   */
  protected def isIssueManageable(repository: RepositoryInfo)(implicit context: Context, s: Session): Boolean = {
    hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
  }
  /**
   * Tests whether an logged-in user can post issues.
   */
  protected def isIssueEditable(repository: RepositoryInfo)(implicit context: Context, s: Session): Boolean = {
    repository.repository.options.issuesOption match {
      case "ALL"     => !repository.repository.isPrivate && context.loginAccount.isDefined
      case "PUBLIC"  => hasGuestRole(repository.owner, repository.name, context.loginAccount)
      case "PRIVATE" => hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
      case "DISABLE" => false
    }
  }
 }
--- a/src/main/scala/gitbucket/core/service/IssuesService.scala
+++ b/src/main/scala/gitbucket/core/service/IssuesService.scala
@@ -13,17 +13,18 @@ import scala.slick.jdbc.{StaticQuery => Q}
 import Q.interpolation
 trait IssuesService {
-  self: AccountService =>
+  self: AccountService with RepositoryService =>
  import IssuesService._
  def getIssue(owner: String, repository: String, issueId: String)(implicit s: Session) =
-    if (issueId forall (_.isDigit))
+    if (isInteger(issueId))
      Issues filter (_.byPrimaryKey(owner, repository, issueId.toInt)) firstOption
    else None
  def getComments(owner: String, repository: String, issueId: Int)(implicit s: Session) =
-    IssueComments filter (_.byIssue(owner, repository, issueId)) list
+    IssueComments filter (_.byIssue(owner, repository, issueId)) sortBy(_.commentId asc) list
  /** @return IssueComment and commentedUser and Issue */
  def getCommentsForApi(owner: String, repository: String, issueId: Int)(implicit s: Session): List[(IssueComment, Account, Issue)] =
@@ -34,6 +35,10 @@ trait IssuesService {
    .map{ case ((t1, t2), t3) => (t1, t2, t3) }
    .list
  def getMergedComment(owner: String, repository: String, issueId: Int)(implicit s: Session): Option[(IssueComment, Account)] = {
    getCommentsForApi(owner, repository, issueId).collectFirst { case (comment, account, _) if comment.action == "merged" => (comment, account) }
  }
  def getComment(owner: String, repository: String, commentId: String)(implicit s: Session) =
    if (commentId forall (_.isDigit))
      IssueComments filter { t =>
@@ -106,27 +111,42 @@ trait IssuesService {
            pp.setInt(a._3)
          }
      }
      import gitbucket.core.model.Profile.commitStateColumnType
      val query = Q.query[Seq[(String, String, Int)], (String, String, Int, Int, Int, Option[String], Option[CommitState], Option[String], Option[String])](s"""
-        SELECT SUMM.USER_NAME, SUMM.REPOSITORY_NAME, SUMM.ISSUE_ID, CS_ALL, CS_SUCCESS
+        SELECT
-             , CSD.CONTEXT, CSD.STATE, CSD.TARGET_URL, CSD.DESCRIPTION
+          SUMM.USER_NAME,
-        FROM (SELECT
+          SUMM.REPOSITORY_NAME,
-           PR.USER_NAME
+          SUMM.ISSUE_ID,
-         , PR.REPOSITORY_NAME
+          CS_ALL,
-         , PR.ISSUE_ID
+          CS_SUCCESS,
-         , COUNT(CS.STATE) AS CS_ALL
+          CSD.CONTEXT,
-         , SUM(CS.STATE='success') AS CS_SUCCESS
+          CSD.STATE,
-         , PR.COMMIT_ID_TO AS COMMIT_ID
+          CSD.TARGET_URL,
          CSD.DESCRIPTION
        FROM (
          SELECT
            PR.USER_NAME,
            PR.REPOSITORY_NAME,
            PR.ISSUE_ID,
            COUNT(CS.STATE) AS CS_ALL,
            CSS.CS_SUCCESS  AS CS_SUCCESS,
            PR.COMMIT_ID_TO AS COMMIT_ID
          FROM PULL_REQUEST PR
          JOIN COMMIT_STATUS CS
-            ON PR.USER_NAME=CS.USER_NAME
+            ON PR.USER_NAME = CS.USER_NAME AND PR.REPOSITORY_NAME = CS.REPOSITORY_NAME AND PR.COMMIT_ID_TO = CS.COMMIT_ID
-           AND PR.REPOSITORY_NAME=CS.REPOSITORY_NAME
+          JOIN (
-           AND PR.COMMIT_ID_TO=CS.COMMIT_ID
+            SELECT
-         WHERE $issueIdQuery
+              COUNT(*) AS CS_SUCCESS,
-         GROUP BY PR.USER_NAME, PR.REPOSITORY_NAME, PR.ISSUE_ID) as SUMM
+              USER_NAME,
              REPOSITORY_NAME,
              COMMIT_ID
            FROM COMMIT_STATUS WHERE STATE = 'success' GROUP BY USER_NAME, REPOSITORY_NAME, COMMIT_ID
          ) CSS ON PR.USER_NAME = CSS.USER_NAME AND PR.REPOSITORY_NAME = CSS.REPOSITORY_NAME AND PR.COMMIT_ID_TO = CSS.COMMIT_ID
          WHERE $issueIdQuery
          GROUP BY PR.USER_NAME, PR.REPOSITORY_NAME, PR.ISSUE_ID, CSS.CS_SUCCESS
        ) as SUMM
        LEFT OUTER JOIN COMMIT_STATUS CSD
          ON SUMM.CS_ALL = 1 AND SUMM.COMMIT_ID = CSD.COMMIT_ID""");
-      query(issueList).list.map{
+      query(issueList).list.map {
        case(userName, repositoryName, issueId, count, successCount, context, state, targetUrl, description) =>
          (userName, repositoryName, issueId) -> CommitStatusInfo(count, successCount, context, state, targetUrl, description)
        }.toMap
@@ -147,66 +167,75 @@ trait IssuesService {
                 (implicit s: Session): List[IssueInfo] = {
    // get issues and comment count and labels
    val result = searchIssueQueryBase(condition, pullRequest, offset, limit, repos)
-        .leftJoin (IssueLabels) .on { case ((t1, t2), t3) => t1.byIssue(t3.userName, t3.repositoryName, t3.issueId) }
+      .leftJoin (IssueLabels) .on { case (((t1, t2), i), t3) => t1.byIssue(t3.userName, t3.repositoryName, t3.issueId) }
-        .leftJoin (Labels)      .on { case (((t1, t2), t3), t4) => t3.byLabel(t4.userName, t4.repositoryName, t4.labelId) }
+      .leftJoin (Labels)      .on { case ((((t1, t2), i), t3), t4) => t3.byLabel(t4.userName, t4.repositoryName, t4.labelId) }
-        .leftJoin (Milestones)  .on { case ((((t1, t2), t3), t4), t5) => t1.byMilestone(t5.userName, t5.repositoryName, t5.milestoneId) }
+      .leftJoin (Milestones)  .on { case (((((t1, t2), i), t3), t4), t5) => t1.byMilestone(t5.userName, t5.repositoryName, t5.milestoneId) }
-        .map { case ((((t1, t2), t3), t4), t5) =>
+      .sortBy { case (((((t1, t2), i), t3), t4), t5) => i asc }
-          (t1, t2.commentCount, t4.labelId.?, t4.labelName.?, t4.color.?, t5.title.?)
+      .map { case (((((t1, t2), i), t3), t4), t5) => (t1, t2.commentCount, t4.labelId.?, t4.labelName.?, t4.color.?, t5.title.?) }
-        }
+      .list
-        .list
+      .splitWith { (c1, c2) => c1._1.userName == c2._1.userName && c1._1.repositoryName == c2._1.repositoryName && c1._1.issueId == c2._1.issueId }
-        .splitWith { (c1, c2) =>
+
          c1._1.userName       == c2._1.userName &&
          c1._1.repositoryName == c2._1.repositoryName &&
          c1._1.issueId        == c2._1.issueId
        }
    val status = getCommitStatues(result.map(_.head._1).map(is => (is.userName, is.repositoryName, is.issueId)))
    result.map { issues => issues.head match {
-          case (issue, commentCount, _, _, _, milestone) =>
+      case (issue, commentCount, _, _, _, milestone) =>
-            IssueInfo(issue,
+        IssueInfo(issue,
-             issues.flatMap { t => t._3.map (
+          issues.flatMap { t => t._3.map (
-                 Label(issue.userName, issue.repositoryName, _, t._4.get, t._5.get)
+            Label(issue.userName, issue.repositoryName, _, t._4.get, t._5.get)
-             )} toList,
+          )} toList,
-             milestone,
+          milestone,
-             commentCount,
+          commentCount,
-             status.get(issue.userName, issue.repositoryName, issue.issueId))
+          status.get(issue.userName, issue.repositoryName, issue.issueId))
-        }} toList
+    }} toList
  }
  /** for api
    * @return (issue, issueUser, commentCount)
    */
  def searchIssueByApi(condition: IssueSearchCondition, offset: Int, limit: Int, repos: (String, String)*)
                            (implicit s: Session): List[(Issue, Account)] = {
    // get issues and comment count and labels
    searchIssueQueryBase(condition, false, offset, limit, repos)
      .innerJoin(Accounts).on { case (((t1, t2), i), t3) => t3.userName === t1.openedUserName }
      .sortBy { case (((t1, t2), i), t3) => i asc }
      .map { case (((t1, t2), i), t3) => (t1, t3) }
      .list
  }
  /** for api
   * @return (issue, issueUser, commentCount, pullRequest, headRepo, headOwner)
   */
  def searchPullRequestByApi(condition: IssueSearchCondition, offset: Int, limit: Int, repos: (String, String)*)
-                 (implicit s: Session): List[(Issue, Account, Int, PullRequest, Repository, Account)] = {
+                            (implicit s: Session): List[(Issue, Account, Int, PullRequest, Repository, Account)] = {
    // get issues and comment count and labels
    searchIssueQueryBase(condition, true, offset, limit, repos)
-      .innerJoin(PullRequests).on { case ((t1, t2), t3) => t3.byPrimaryKey(t1.userName, t1.repositoryName, t1.issueId) }
+      .innerJoin(PullRequests).on { case (((t1, t2), i), t3) => t3.byPrimaryKey(t1.userName, t1.repositoryName, t1.issueId) }
-      .innerJoin(Repositories).on { case (((t1, t2), t3), t4) => t4.byRepository(t1.userName, t1.repositoryName) }
+      .innerJoin(Repositories).on { case ((((t1, t2), i), t3), t4) => t4.byRepository(t1.userName, t1.repositoryName) }
-      .innerJoin(Accounts).on { case ((((t1, t2), t3), t4), t5) => t5.userName === t1.openedUserName }
+      .innerJoin(Accounts).on { case (((((t1, t2), i), t3), t4), t5) => t5.userName === t1.openedUserName }
-      .innerJoin(Accounts).on { case (((((t1, t2), t3), t4), t5), t6) => t6.userName === t4.userName }
+      .innerJoin(Accounts).on { case ((((((t1, t2), i), t3), t4), t5), t6) => t6.userName === t4.userName }
-      .map { case (((((t1, t2), t3), t4), t5), t6) =>
+      .sortBy { case ((((((t1, t2), i), t3), t4), t5), t6) => i asc }
-          (t1, t5, t2.commentCount, t3, t4, t6)
+      .map { case ((((((t1, t2), i), t3), t4), t5), t6) => (t1, t5, t2.commentCount, t3, t4, t6) }
      }
      .list
  }
  private def searchIssueQueryBase(condition: IssueSearchCondition, pullRequest: Boolean, offset: Int, limit: Int, repos: Seq[(String, String)])
-                 (implicit s: Session) =
+                                  (implicit s: Session) =
    searchIssueQuery(repos, condition, pullRequest)
-        .innerJoin(IssueOutline).on { (t1, t2) => t1.byIssue(t2.userName, t2.repositoryName, t2.issueId) }
+      .innerJoin(IssueOutline).on { (t1, t2) => t1.byIssue(t2.userName, t2.repositoryName, t2.issueId) }
-        .sortBy { case (t1, t2) =>
+      .sortBy { case (t1, t2) => t1.issueId desc }
-          (condition.sort match {
+      .sortBy { case (t1, t2) =>
-            case "created"  => t1.registeredDate
+        (condition.sort match {
-            case "comments" => t2.commentCount
+          case "created"  => t1.registeredDate
-            case "updated"  => t1.updatedDate
+          case "comments" => t2.commentCount
-          }) match {
+          case "updated"  => t1.updatedDate
-            case sort => condition.direction match {
+        }) match {
-              case "asc"  => sort asc
+          case sort => condition.direction match {
-              case "desc" => sort desc
+            case "asc"  => sort asc
-            }
+            case "desc" => sort desc
          }
        }
-        .drop(offset).take(limit)
+      }
      .drop(offset).take(limit).zipWithIndex
  /**
@@ -218,9 +247,8 @@ trait IssuesService {
        .map { case (owner, repository) => t1.byRepository(owner, repository) }
        .foldLeft[Column[Boolean]](false) ( _ || _ ) &&
      (t1.closed           === (condition.state == "closed").bind) &&
-      //(t1.milestoneId      === condition.milestoneId.get.get.bind, condition.milestoneId.flatten.isDefined) &&
+      (t1.milestoneId.?      isEmpty, condition.milestone == Some(None)) &&
-      (t1.milestoneId.?    isEmpty, condition.milestone == Some(None)) &&
+      (t1.assignedUserName.? isEmpty, condition.assigned  == Some(None)) &&
      (t1.assignedUserName === condition.assigned.get.bind, condition.assigned.isDefined) &&
      (t1.openedUserName   === condition.author.get.bind, condition.author.isDefined) &&
      (t1.pullRequest      === pullRequest.bind) &&
      // Milestone filter
@@ -228,6 +256,8 @@ trait IssuesService {
        (t2.byPrimaryKey(t1.userName, t1.repositoryName, t1.milestoneId)) &&
        (t2.title === condition.milestone.get.get.bind)
      } exists, condition.milestone.flatten.isDefined) &&
      // Assignee filter
      (t1.assignedUserName === condition.assigned.get.get.bind, condition.assigned.flatten.isDefined) &&
      // Label filter
      (IssueLabels filter { t2 =>
        (t2.byIssue(t1.userName, t1.repositoryName, t1.issueId)) &&
@@ -251,7 +281,7 @@ trait IssuesService {
        } exists), condition.mentioned.isDefined)
    }
-  def createIssue(owner: String, repository: String, loginUser: String, title: String, content: Option[String],
+  def insertIssue(owner: String, repository: String, loginUser: String, title: String, content: Option[String],
                  assignedUserName: Option[String], milestoneId: Option[Int],
                  isPullRequest: Boolean = false)(implicit s: Session) =
    // next id number
@@ -420,6 +450,11 @@ trait IssuesService {
    }
  }
  def getAssignableUserNames(owner: String, repository: String)(implicit s: Session): List[String] = {
    (getCollaboratorUserNames(owner, repository, Seq(Role.ADMIN, Role.DEVELOPER)) :::
      (if (getAccountByUserName(owner).get.isGroupAccount) getGroupMembers(owner).map(_.userName) else List(owner))).distinct.sorted
  }
 }
 object IssuesService {
@@ -431,7 +466,7 @@ object IssuesService {
      labels: Set[String] = Set.empty,
      milestone: Option[Option[String]] = None,
      author: Option[String] = None,
-      assigned: Option[String] = None,
+      assigned: Option[Option[String]] = None,
      mentioned: Option[String] = None,
      state: String = "open",
      sort: String = "created",
@@ -475,12 +510,15 @@ object IssuesService {
    def toURL: String =
      "?" + List(
        if(labels.isEmpty) None else Some("labels=" + urlEncode(labels.mkString(","))),
-        milestone.map { _ match {
+        milestone.map {
          case Some(x) => "milestone=" + urlEncode(x)
          case None    => "milestone=none"
-        }},
+        },
        author   .map(x => "author="    + urlEncode(x)),
-        assigned .map(x => "assigned="  + urlEncode(x)),
+        assigned.map {
          case Some(x) => "assigned="  + urlEncode(x)
          case None    => "assigned=none"
        },
        mentioned.map(x => "mentioned=" + urlEncode(x)),
        Some("state="     + urlEncode(state)),
        Some("sort="      + urlEncode(sort)),
@@ -498,46 +536,6 @@ object IssuesService {
      if(value == null || value.isEmpty || (allow.nonEmpty && !allow.contains(value))) None else Some(value)
    }
    /**
     * Restores IssueSearchCondition instance from filter query.
     */
    def apply(filter: String, milestones: Map[String, Int]): IssueSearchCondition = {
      val conditions = filter.split("[ 　\t]+").flatMap { x =>
        x.split(":") match {
           case Array(key, value) => Some((key, value))
           case _ => None
        }
      }.groupBy(_._1).map { case (key, values) =>
        key -> values.map(_._2).toSeq
      }
      val (sort, direction) = conditions.get("sort").flatMap(_.headOption).getOrElse("created-desc") match {
        case "created-asc"   => ("created" , "asc" )
        case "comments-desc" => ("comments", "desc")
        case "comments-asc"  => ("comments", "asc" )
        case "updated-desc"  => ("comments", "desc")
        case "updated-asc"   => ("comments", "asc" )
        case _               => ("created" , "desc")
      }
      IssueSearchCondition(
        conditions.get("label").map(_.toSet).getOrElse(Set.empty),
        conditions.get("milestone").flatMap(_.headOption) match {
          case None         => None
          case Some("none") => Some(None)
          case Some(x)      => Some(Some(x)) //milestones.get(x).map(x => Some(x))
        },
        conditions.get("author").flatMap(_.headOption),
        conditions.get("assignee").flatMap(_.headOption),
        conditions.get("mentions").flatMap(_.headOption),
        conditions.get("is").getOrElse(Seq.empty).find(x => x == "open" || x == "closed").getOrElse("open"),
        sort,
        direction,
        conditions.get("visibility").flatMap(_.headOption),
        conditions.get("group").map(_.toSet).getOrElse(Set.empty)
      )
    }
    /**
     * Restores IssueSearchCondition instance from request parameters.
     */
@@ -549,7 +547,10 @@ object IssuesService {
          case x      => Some(x)
        },
        param(request, "author"),
-        param(request, "assigned"),
+        param(request, "assigned").map {
          case "none" => None
          case x      => Some(x)
        },
        param(request, "mentioned"),
        param(request, "state",     Seq("open", "closed")).getOrElse("open"),
        param(request, "sort",      Seq("created", "comments", "updated")).getOrElse("created"),
--- a/src/main/scala/gitbucket/core/service/MergeService.scala
+++ b/src/main/scala/gitbucket/core/service/MergeService.scala
@@ -1,9 +1,7 @@
 package gitbucket.core.service
 import gitbucket.core.model.Account
 import gitbucket.core.util.LockUtil
 import gitbucket.core.util.Directory._
 import gitbucket.core.util.Implicits._
 import gitbucket.core.util.ControlUtil._
 import org.eclipse.jgit.merge.MergeStrategy
@@ -197,4 +195,4 @@ object MergeService{
    private def parseCommit(id:ObjectId) = using(new RevWalk( repository ))(_.parseCommit(id))
  }
-}
+}
--- a/src/main/scala/gitbucket/core/service/MilestonesService.scala
+++ b/src/main/scala/gitbucket/core/service/MilestonesService.scala
@@ -41,7 +41,7 @@ trait MilestonesService {
  def getMilestonesWithIssueCount(owner: String, repository: String)(implicit s: Session): List[(Milestone, Int, Int)] = {
    val counts = Issues
-      .filter  { t => (t.byRepository(owner, repository)) && (t.milestoneId.? isDefined) }
+      .filter  { t => t.byRepository(owner, repository) && (t.milestoneId.? isDefined) }
      .groupBy { t => t.milestoneId -> t.closed }
      .map     { case (t1, t2) => t1._1 -> t1._2 -> t2.length }
      .toMap
@@ -52,6 +52,6 @@ trait MilestonesService {
  }
  def getMilestones(owner: String, repository: String)(implicit s: Session): List[Milestone] =
-    Milestones.filter(_.byRepository(owner, repository)).sortBy(_.milestoneId asc).list
+    Milestones.filter(_.byRepository(owner, repository)).sortBy(t => (t.dueDate.asc, t.closedDate.desc, t.milestoneId.desc)).list
 }
--- a/src/main/scala/gitbucket/core/service/PluginService.scala
+++ b/src/main/scala/gitbucket/core/service/PluginService.scala
@@ -1,24 +0,0 @@
 package gitbucket.core.service
 import gitbucket.core.model.Plugin
 import gitbucket.core.model.Profile._
 import profile.simple._
 trait PluginService {
  def getPlugins()(implicit s: Session): List[Plugin] =
    Plugins.sortBy(_.pluginId).list
  def registerPlugin(plugin: Plugin)(implicit s: Session): Unit =
    Plugins.insert(plugin)
  def updatePlugin(plugin: Plugin)(implicit s: Session): Unit =
    Plugins.filter(_.pluginId === plugin.pluginId.bind).map(_.version).update(plugin.version)
  def deletePlugin(pluginId: String)(implicit s: Session): Unit =
    Plugins.filter(_.pluginId === pluginId.bind).delete
  def getPlugin(pluginId: String)(implicit s: Session): Option[Plugin] =
    Plugins.filter(_.pluginId === pluginId.bind).firstOption
 }
--- a/src/main/scala/gitbucket/core/service/ProtectedBranchService.scala
+++ b/src/main/scala/gitbucket/core/service/ProtectedBranchService.scala
@@ -86,7 +86,7 @@ object ProtectedBranchService {
    def getStopReason(isAllowNonFastForwards: Boolean, command: ReceiveCommand, pusher: String)(implicit session: Session): Option[String] = {
      if(enabled){
        command.getType() match {
-          case ReceiveCommand.Type.UPDATE|ReceiveCommand.Type.UPDATE_NONFASTFORWARD if isAllowNonFastForwards =>
+          case ReceiveCommand.Type.UPDATE_NONFASTFORWARD if isAllowNonFastForwards =>
            Some("Cannot force-push to a protected branch")
          case ReceiveCommand.Type.UPDATE|ReceiveCommand.Type.UPDATE_NONFASTFORWARD if needStatusCheck(pusher) =>
            unSuccessedContexts(command.getNewId.name) match {
@@ -98,7 +98,7 @@ object ProtectedBranchService {
            Some("Cannot delete a protected branch")
          case _ => None
        }
-      }else{
+      } else {
        None
      }
    }
--- a/src/main/scala/gitbucket/core/service/PullRequestService.scala
+++ b/src/main/scala/gitbucket/core/service/PullRequestService.scala
@@ -1,12 +1,22 @@
 package gitbucket.core.service
-import gitbucket.core.model.{Account, Issue, PullRequest, WebHook, CommitStatus, CommitState}
+import difflib.{Delta, DiffUtils}
 import gitbucket.core.model.{Session => _, _}
 import gitbucket.core.model.Profile._
 import gitbucket.core.util.ControlUtil._
 import gitbucket.core.util.Directory._
 import gitbucket.core.util.Implicits._
 import gitbucket.core.util.JGitUtil
 import gitbucket.core.util.JGitUtil.{CommitInfo, DiffInfo}
 import gitbucket.core.view
 import gitbucket.core.view.helpers
 import org.eclipse.jgit.api.Git
 import profile.simple._
 import scala.collection.JavaConverters._
-trait PullRequestService { self: IssuesService =>
+
 trait PullRequestService { self: IssuesService with CommitsService =>
  import PullRequestService._
  def getPullRequest(owner: String, repository: String, issueId: Int)
@@ -111,9 +121,26 @@ trait PullRequestService { self: IssuesService =>
  def updatePullRequests(owner: String, repository: String, branch: String)(implicit s: Session): Unit =
    getPullRequestsByRequest(owner, repository, branch, false).foreach { pullreq =>
      if(Repositories.filter(_.byRepository(pullreq.userName, pullreq.repositoryName)).exists.run){
        // Update the git repository
        val (commitIdTo, commitIdFrom) = JGitUtil.updatePullRequest(
          pullreq.userName, pullreq.repositoryName, pullreq.branch, pullreq.issueId,
          pullreq.requestUserName, pullreq.requestRepositoryName, pullreq.requestBranch)
        // Collect comment positions
        val positions = getCommitComments(pullreq.userName, pullreq.repositoryName, pullreq.commitIdTo, true)
          .collect {
            case CommitComment(_, _, _, commentId, _, _, Some(file), None, Some(newLine), _, _, _) => (file, commentId, Right(newLine))
            case CommitComment(_, _, _, commentId, _, _, Some(file), Some(oldLine), None, _, _, _) => (file, commentId, Left(oldLine))
          }
          .groupBy { case (file, _, _) => file }
          .map { case (file, comments) => file ->
            comments.map { case (_, commentId, lineNumber) => (commentId, lineNumber) }
          }
        // Update comments position
        updatePullRequestCommentPositions(positions, pullreq.requestUserName, pullreq.requestRepositoryName, pullreq.commitIdTo, commitIdTo)
        // Update commit id in the PULL_REQUEST table
        updateCommitId(pullreq.userName, pullreq.repositoryName, pullreq.issueId, commitIdTo, commitIdFrom)
      }
    }
@@ -137,6 +164,78 @@ trait PullRequestService { self: IssuesService =>
        .firstOption
    }
  }
  private def updatePullRequestCommentPositions(positions: Map[String, Seq[(Int, Either[Int, Int])]], userName: String, repositoryName: String,
                                                oldCommitId: String, newCommitId: String)(implicit s: Session): Unit = {
    val (_, diffs) = getRequestCompareInfo(userName, repositoryName, oldCommitId, userName, repositoryName, newCommitId)
    val patchs = positions.map { case (file, _) =>
      diffs.find(x => x.oldPath == file).map { diff =>
        (diff.oldContent, diff.newContent) match {
          case (Some(oldContent), Some(newContent)) => {
            val oldLines = oldContent.replace("\r\n", "\n").split("\n")
            val newLines = newContent.replace("\r\n", "\n").split("\n")
            file -> Option(DiffUtils.diff(oldLines.toList.asJava, newLines.toList.asJava))
          }
          case _ =>
            file -> None
        }
      }.getOrElse {
        file -> None
      }
    }
    positions.foreach { case (file, comments) =>
      patchs(file) match {
        case Some(patch) => file -> comments.foreach { case (commentId, lineNumber) => lineNumber match {
          case Left(oldLine)  => updateCommitCommentPosition(commentId, newCommitId, Some(oldLine), None)
          case Right(newLine) =>
            var counter = newLine
            patch.getDeltas.asScala.filter(_.getOriginal.getPosition < newLine).foreach { delta =>
              delta.getType match {
                case Delta.TYPE.CHANGE =>
                  if(delta.getOriginal.getPosition <= newLine - 1 && newLine <= delta.getOriginal.getPosition + delta.getRevised.getLines.size){
                    counter = -1
                  } else {
                    counter = counter + (delta.getRevised.getLines.size - delta.getOriginal.getLines.size)
                  }
                case Delta.TYPE.INSERT => counter = counter + delta.getRevised.getLines.size
                case Delta.TYPE.DELETE => counter = counter - delta.getOriginal.getLines.size
              }
            }
            if(counter >= 0){
              updateCommitCommentPosition(commentId, newCommitId, None, Some(counter))
            }
        }}
        case _ => comments.foreach { case (commentId, lineNumber) => lineNumber match {
          case Right(oldLine) => updateCommitCommentPosition(commentId, newCommitId, Some(oldLine), None)
          case Left(newLine)  => updateCommitCommentPosition(commentId, newCommitId, None, Some(newLine))
        }}
      }
    }
  }
  def getRequestCompareInfo(userName: String, repositoryName: String, branch: String,
                            requestUserName: String, requestRepositoryName: String, requestCommitId: String): (Seq[Seq[CommitInfo]], Seq[DiffInfo]) =
    using(
      Git.open(getRepositoryDir(userName, repositoryName)),
      Git.open(getRepositoryDir(requestUserName, requestRepositoryName))
    ){ (oldGit, newGit) =>
      val oldId = oldGit.getRepository.resolve(branch)
      val newId = newGit.getRepository.resolve(requestCommitId)
      val commits = newGit.log.addRange(oldId, newId).call.iterator.asScala.map { revCommit =>
        new CommitInfo(revCommit)
      }.toList.splitWith { (commit1, commit2) =>
        helpers.date(commit1.commitTime) == view.helpers.date(commit2.commitTime)
      }
      val diffs = JGitUtil.getDiffs(newGit, oldId.getName, newId.getName, true)
      (commits, diffs)
    }
 }
 object PullRequestService {
--- a/src/main/scala/gitbucket/core/service/RepositoryCreationService.scala
+++ b/src/main/scala/gitbucket/core/service/RepositoryCreationService.scala
@@ -21,12 +21,12 @@ trait RepositoryCreationService {
    // Insert to the database at first
    insertRepository(name, owner, description, isPrivate)
-    // Add collaborators for group repository
+//    // Add collaborators for group repository
-    if(ownerAccount.isGroupAccount){
+//    if(ownerAccount.isGroupAccount){
-      getGroupMembers(owner).foreach { member =>
+//      getGroupMembers(owner).foreach { member =>
-        addCollaborator(owner, name, member.userName)
+//        addCollaborator(owner, name, member.userName)
-      }
+//      }
-    }
+//    }
    // Insert default labels
    insertDefaultLabels(owner, name)
--- a/src/main/scala/gitbucket/core/service/RepositorySearchService.scala
+++ b/src/main/scala/gitbucket/core/service/RepositorySearchService.scala
@@ -53,7 +53,30 @@ trait RepositorySearchService { self: IssuesService =>
      }
    }
-  private def searchRepositoryFiles(git: Git, query: String): List[(String, String)] = {
+  def countWikiPages(owner: String, repository: String, query: String): Int =
    using(Git.open(Directory.getWikiRepositoryDir(owner, repository))){ git =>
      if(JGitUtil.isEmpty(git)) 0 else searchRepositoryFiles(git, query).length
    }
  def searchWikiPages(owner: String, repository: String, query: String): List[FileSearchResult] =
    using(Git.open(Directory.getWikiRepositoryDir(owner, repository))){ git =>
      if(JGitUtil.isEmpty(git)){
        Nil
      } else {
        val files = searchRepositoryFiles(git, query)
        val commits = JGitUtil.getLatestCommitFromPaths(git, files.map(_._1), "HEAD")
        files.map { case (path, text) =>
          val (highlightText, lineNumber) = getHighlightText(text, query)
          FileSearchResult(
            path.replaceFirst("\\.md$", ""),
            commits(path).getCommitterIdent.getWhen,
            highlightText,
            lineNumber)
        }
      }
    }
  def searchRepositoryFiles(git: Git, query: String): List[(String, String)] = {
    val revWalk   = new RevWalk(git.getRepository)
    val objectId  = git.getRepository.resolve("HEAD")
    val revCommit = revWalk.parseCommit(objectId)
--- a/Show More
+++ b/Show More
		`@@ -0,0 +1 @@`
							`addSbtPlugin("io.get-coursier" % "sbt-coursier" % "1.0.0-M15")`
`@@ -1,2 +1,2 @@`
	`set SCRIPT_DIR=%~dp0`	`set SCRIPT_DIR=%~dp0`
	`java %JAVA_OPTS% -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -XX:MaxPermSize=256m -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar "%SCRIPT_DIR%\sbt-launch-0.13.9.jar" %*`	`java %JAVA_OPTS% -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar "%SCRIPT_DIR%\sbt-launch-0.13.12.jar" %*`
`@@ -1,2 +1,2 @@`
	`#!/bin/sh`	`#!/bin/sh`
	java $JAVA_OPTS -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -XX:MaxPermSize=256m -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar `dirname $0`/sbt-launch-0.13.9.jar "$@"	java $JAVA_OPTS -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar `dirname $0`/sbt-launch-0.13.12.jar "$@"
		`@@ -1 +0,0 @@`
			`ALTER TABLE ACCOUNT ADD COLUMN REMOVED BOOLEAN DEFAULT FALSE;`
		`@@ -1 +0,0 @@`
			`ALTER TABLE COMMIT_COMMENT ALTER COLUMN FILE_NAME NVARCHAR(260);`
		`@@ -1 +0,0 @@`
			`ALTER TABLE WEB_HOOK ADD COLUMN TOKEN VARCHAR(100);`
		`@@ -0,0 +1,2 @@`
							`-- DELETE COLLABORATORS IN GROUP REPOSITORIES`
							`DELETE FROM COLLABORATOR WHERE USER_NAME IN (SELECT USER_NAME FROM ACCOUNT WHERE GROUP_ACCOUNT = TRUE)`
		`@@ -0,0 +1,3 @@`
							`package gitbucket.core.api`

							`case class ApiEndPoint(rate_limit_url: ApiPath = ApiPath("/api/v3/rate_limit"))`