issue: response wrong type of comment from AJAX

[CI SKIP]

.bra.toml

@@ -1,6 +1,6 @@
 [run]
 init_cmds = [
-	#["grep", "-rn", "FIXME", "."],
+	["make", "build-dev"],
 	["./gogs", "web"]
 ]
 watch_all = true
@@ -11,10 +11,9 @@ watch_dirs = [
 	"$WORKDIR/routers"
 ]
 watch_exts = [".go"]
+ignore_files = [".+_test.go"]
 build_delay = 1500
 cmds = [
-	#["go-bindata", "-o=modules/bindata/bindata.go", "-ignore=\\.DS_Store|README", "-pkg=bindata", "conf/..."],
-	["go", "install", "-tags", "sqlite"],# redis memcache cert pam
-	["go", "build", "-tags", "sqlite"],
+	["make", "build-dev"], # TAGS=sqlite cert pam tidb
 	["./gogs", "web"]
 ]

.codebeatignore

@@ -0,0 +1,7 @@
+conf/**
+docker/**
+modules/bindata/**
+packager/**
+public/**
+scripts/**
+templates/**

.codebeatsettings

@@ -0,0 +1,7 @@
+{
+	"GOLANG": {
+		"TOTAL_LOC": [500, 999, 1999, 9999],
+		"TOO_MANY_FUNCTIONS": [50, 99, 199, 999],
+		"TOO_MANY_IVARS": [20, 50, 70, 99]
+	}
+}

.dockerignore

@@ -1,12 +1,17 @@
-.git/*
-conf/*
-packager/*
-scripts/*
+.git
+.git/**
+packager
+packager/**
+scripts
+scripts/**
+.github/
+.github/**
+config.codekit
+.dockerignore
 *.yml
 *.md
 .bra.toml
 .editorconfig
 .gitignore
-.gopmfile
-config.codekit
-LICENSE
+Dockerfile*
+gogs

.editorconfig

@@ -5,8 +5,21 @@ root = true
 [*]
 charset = utf-8
 end_of_line = lf
-indent_style = tab
+insert_final_newline = true
+trim_trailing_whitespace = true
 
-[*.yml]
+[*.go]
+indent_style = tab
+indent_size = 4
+
+[*.tmpl]
+indent_style = tab
+indent_size = 2
+
+[*.{less,yml}]
 indent_style = space
 indent_size = 2
+
+[*.js]
+indent_style = tab
+indent_size = 4

.gitattributes

@@ -0,0 +1,10 @@
+conf/gitignore/* linguist-vendored
+conf/license/* linguist-vendored
+public/assets/* linguist-vendored
+public/plugins/* linguist-vendored
+public/css/themes/* linguist-vendored
+public/css/github.min.css linguist-vendored
+public/css/semantic-2.2.7.min.css linguist-vendored
+public/js/libs/* linguist-vendored
+public/js/jquery-1.11.3.min.js linguist-vendored
+public/js/semantic-2.2.7.min.js linguist-vendored

.github/CONTRIBUTING.md

@@ -42,21 +42,11 @@ There is no standard form of making a feature request. Just try to describe the
 
 ### Pull Request
 
-Pull requests are always welcome, but note that **ALL PULL REQUESTS MUST APPLY TO THE `DEV` BRANCH**.
-
-We are always thrilled to receive pull requests, and do our best to process them as fast as possible. Not sure if that typo is worth a pull request? Do it! We will appreciate it.
-
-If your pull request is not accepted on the first try, don't be discouraged! If there's a problem with the implementation, hopefully you received feedback on what to improve.
-
-We're trying very hard to keep Gogs lean and focused. We don't want it to do everything for everybody. This means that we might decide against incorporating a new feature. We believe you do like to discuss with us first in [Gitter](https://gitter.im/gogits/gogs).
+Please read detailed information on [Wiki](https://github.com/gogits/gogs/wiki/Contributing-Code).
 
 ### Ask For Help
 
-Before opening an issue, please make sure your problem isn't already addressed on the [Troubleshooting](http://gogs.io/docs/intro/troubleshooting.md) and [FAQs](http://gogs.io/docs/intro/faqs.html) pages.
-
-## Things To Notice
-
-Please take a moment to check that an issue on [GitHub](https://github.com/gogits/gogs/issues) or card on [Trello](https://trello.com/b/uxAoeLUl/gogs-go-git-service) doesn't already exist documenting your bug report or improvement proposal. If it does, it never hurts to add a quick "+1" or "I have this problem too". This will help prioritize the most common problems and requests.
+Before opening an issue, please make sure your problem isn't already addressed on the [Troubleshooting](https://gogs.io/docs/intro/troubleshooting.html) and [FAQs](https://gogs.io/docs/intro/faqs.html) pages.
 
 ## Code of conduct
 

.github/ISSUE_TEMPLATE.md

@@ -0,0 +1,26 @@
+The issue will be closed without any reasons if it does not satisfy any of following requirements:
+
+1. Please speak English, we have forum in [Chinese](https://discuss.gogs.io/c/getting-help/getting-help-chinese).
+2. Please post questions or config/deploy problems on our forum: https://discuss.gogs.io, here are bugs and feature requests only.
+3. Please take a moment to search that an issue doesn't already exist.
+4. Please give all relevant information below for bug reports; incomplete details considered invalid report.
+
+**You MUST delete above content including this line before posting; too lazy to take this action considered invalid report.**
+
+- Gogs version (or commit ref): 
+- Git version: 
+- Operating system: 
+- Database (use `[x]`):
+  - [ ] PostgreSQL
+  - [ ] MySQL
+  - [ ] MSSQL
+  - [ ] SQLite
+- Can you reproduce the bug at https://try.gogs.io:
+  - [ ] Yes (provide example URL)
+  - [ ] No
+  - [ ] Not relevant
+- Log gist (usually found in `log/gogs.log`):
+
+## Description
+
+...

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,9 @@
+The pull request will be closed without any reasons if it does not satisfy any of following requirements:
+
+1. Please make sure you are targeting the `develop` branch.
+2. Please read contributing guidelines:
+https://github.com/gogits/gogs/wiki/Contributing-Code
+3. Please describe what your pull request does and which issue you're targeting
+4. ... if it is not related to any particular issues, explain why we should not reject your pull request.
+
+**You MUST delete above content including this line before posting; too lazy to take this action considered invalid pull request.**

.gitignore

@@ -8,30 +8,12 @@ data/
 .idea/
 *.iml
 public/img/avatar/
-files/
-*.o
-*.a
-*.so
-_obj
-_test
-*.[568vq]
-[568vq].out
-*.cgo1.go
-*.cgo2.c
-_cgo_defun.c
-_cgo_gotypes.go
-_cgo_export.*
-_testmain.go
 *.exe
 *.exe~
 /gogs
 profile/
-__pycache__
 *.pem
 output*
-.brackets.json
-docker/fig.yml
-docker/docker/Dockerfile
-docker/docker/init_gogs.sh
-gogs.sublime-project
-gogs.sublime-workspace
+*.sublime-project
+*.sublime-workspace
+/release

.gopmfile

@@ -2,40 +2,63 @@
 path = github.com/gogits/gogs
 
 [deps]
-github.com/bradfitz/gomemcache = commit:72a68649ba
-github.com/Unknwon/cae = commit:2e70a1351b
-github.com/Unknwon/com = commit:47d7d2b81a
-github.com/Unknwon/i18n = commit:7457d88830
-github.com/Unknwon/macaron = commit:635c89ac74
-github.com/Unknwon/paginater = commit:cab2d086fa
-github.com/codegangsta/cli = commit:142e6cd241
-github.com/go-sql-driver/mysql = commit:3dd7008ac1
-github.com/go-xorm/core = commit:515edd92c1
-github.com/go-xorm/xorm = commit:ce23797899
-github.com/gogits/chardet = commit:2404f77725
-github.com/gogits/go-gogs-client = commit:519eee0af0
-github.com/lib/pq = commit:b269bd035a
-github.com/macaron-contrib/binding = commit:de6ed78668
-github.com/macaron-contrib/cache = commit:a139ea1eee
-github.com/macaron-contrib/captcha = commit:9a0a0b1468
-github.com/macaron-contrib/csrf = commit:98ddf5a710
-github.com/macaron-contrib/i18n = commit:da2b19e90b
-github.com/macaron-contrib/oauth2 = commit:1adb5ce072
-github.com/macaron-contrib/session = commit:e48134e803
-github.com/macaron-contrib/toolbox = commit:acbfe36e16
-github.com/mattn/go-sqlite3 = commit:897b8800a7
-github.com/mcuadros/go-version = commit:d52711f8d6
-github.com/microcosm-cc/bluemonday = commit:2b7763a06c
-github.com/mssola/user_agent = commit:a163d6a569
-github.com/msteinert/pam = commit:6534f23b39
-github.com/nfnt/resize = commit:dc93e1b98c
-github.com/russross/blackfriday = commit:8cec3a854e
-github.com/shurcooL/sanitized_anchor_name = commit:244f5ac324
-golang.org/x/net = 
-golang.org/x/text = 
-gopkg.in/ini.v1 = commit:463307112d
-gopkg.in/redis.v2 = commit:e617904962
+github.com/bradfitz/gomemcache = commit:2fafb84
+github.com/urfave/cli = commit:347a988
+github.com/go-macaron/binding = commit:4892016
+github.com/go-macaron/cache = commit:5617353
+github.com/go-macaron/captcha = commit:8aa5919
+github.com/go-macaron/csrf = commit:6a9a7df
+github.com/go-macaron/gzip = commit:cad1c65
+github.com/go-macaron/i18n = commit:ef57533
+github.com/go-macaron/inject = commit:d8a0b86
+github.com/go-macaron/session = commit:66031fc
+github.com/go-macaron/toolbox = commit:82b5115
+github.com/go-sql-driver/mysql = commit:2e00b5c
+github.com/go-xorm/builder = commit:9c35786
+github.com/go-xorm/core = commit:7daacb2
+github.com/go-xorm/xorm = commit:19f6dfc
+github.com/gogits/chardet = commit:2404f77
+github.com/gogits/cron = commit:2fc07a4
+github.com/gogits/git-module = commit:1b9552b
+github.com/gogits/go-gogs-client = commit:264a3d5
+github.com/gogits/go-libravatar = commit:cd1abbd
+github.com/issue9/identicon = commit:d36b545
+github.com/jaytaylor/html2text = commit:d16d412
+github.com/kardianos/minwinsvc = commit:cad6b2b
+github.com/klauspost/compress = commit:461e8fd
+github.com/klauspost/cpuid = commit:09cded8
+github.com/klauspost/crc32 = commit:cb6bfca
+github.com/lib/pq = commit:67c3f2a
+github.com/mattn/go-colorable = commit:d228849
+github.com/mattn/go-isatty = commit:30a891c
+github.com/mattn/go-sqlite3 = commit:ce9149a
+github.com/mcuadros/go-version = commit:257f7b9
+github.com/microcosm-cc/bluemonday = commit:e797637
+github.com/msteinert/pam = commit:02ccfbf
+github.com/nfnt/resize = commit:891127d
+github.com/russross/blackfriday = commit:5f33e7b
+github.com/satori/go.uuid = commit:b061729
+github.com/sergi/go-diff = commit:24e2351
+github.com/shurcooL/sanitized_anchor_name = commit:1dba4b3
+github.com/Unknwon/cae = commit:c6aac99
+github.com/Unknwon/com = commit:28b053d
+github.com/Unknwon/i18n = commit:e0eb0ce
+github.com/Unknwon/paginater = commit:701c23f
+github.com/fatih/color = commit:42c364b
+golang.org/x/crypto = commit:dc137be
+golang.org/x/net = commit:f249948
+golang.org/x/sys = commit:d75a526
+golang.org/x/text = commit:ece019d
+gopkg.in/alexcesaro/quotedprintable.v3 = commit:2caba25
+gopkg.in/asn1-ber.v1 = commit:4e86f43
+gopkg.in/bufio.v1 = commit:567b2bf
+gopkg.in/clog.v1 = commit:bf4bf4a
+gopkg.in/editorconfig/editorconfig-core-go.v1 = commit:a872f05
+gopkg.in/gomail.v2 = commit:81ebce5
+gopkg.in/ini.v1 = commit:e3c2d47
+gopkg.in/ldap.v2 = commit:8168ee0
+gopkg.in/macaron.v1 = commit:8be5635
+gopkg.in/redis.v2 = commit:e617904
 
 [res]
 include = public|scripts|templates
-

.mailmap

@@ -0,0 +1,2 @@
+Unknwon <u@gogs.io> <joe2010xtmf@163.com>
+Unknwon <u@gogs.io> 无闻 <u@gogs.io>

.pkgr.yml

@@ -7,13 +7,20 @@ targets:
       - git
   debian-8:
     <<: *debian
-  ubuntu-14.04:
-    <<: *debian
   ubuntu-12.04:
     <<: *debian
+  ubuntu-14.04:
+    <<: *debian
+  ubuntu-16.04:
+    <<: *debian
+    build_dependencies:
+      - bzr
+      - mercurial
   centos-6: &el
     build_dependencies:
       - pam-devel
+      # required for go buildpack
+      - perl-Digest-SHA
     dependencies:
       - pam
       - git
@@ -21,7 +28,7 @@ targets:
     <<: *el
 before:
   - mv packager/Procfile .
-  - mv packager/.godir .
 after:
-  - mv bin/main gogs
-after_install: ./packager/debian/postinst
+  - mv bin/gogs gogs
+after_install: ./packager/hooks/postinst
+buildpack: https://github.com/heroku/heroku-buildpack-go.git#v62

.travis.yml

@@ -1,26 +1,18 @@
 language: go
-
 go:
-  - 1.2
-  - 1.3
-  - 1.4
-  - 1.5
-  - tip
+  - 1.5.x
+  - 1.6.x
+  - 1.7.x
+  - 1.8.x
+  - master
 
 before_install:
   - sudo apt-get update -qq
   - sudo apt-get install -y libpam-dev
-  - go get github.com/msteinert/pam 
 
-script: go build -v -tags "pam"
+env:
+  - GO15VENDOREXPERIMENT=1
 
-notifications:
-  email:
-    - u@gogs.io
-  slack: gophercn:o5pSanyTeNhnfYc3QnG0X7Wx
-  webhooks:
-    urls:
-      - https://webhooks.gitter.im/e/b590f8e03882f7aedc3e
-    on_success: change 
-    on_failure: always 
-    on_start: never     
+script: 
+  - go build -v -tags "pam"
+  - go test -v -cover -race ./...

Dockerfile

@@ -1,54 +1,24 @@
-FROM google/debian:wheezy
-MAINTAINER u@gogs.io
+FROM alpine:3.5
 
-RUN echo "deb http://ftp.debian.org/debian/ wheezy-backports main" >> /etc/apt/sources.list && \
-	apt-get update -qqy && \
-	apt-get install --no-install-recommends -qqy \
-	curl build-essential ca-certificates git \ 
-	openssh-server rsync libpam-dev && \
-	apt-get autoclean && \
-    apt-get autoremove && \
-    rm -rf /var/lib/apt/lists/*
+# Install system utils & Gogs runtime dependencies
+ADD https://github.com/tianon/gosu/releases/download/1.9/gosu-amd64 /usr/sbin/gosu
+RUN chmod +x /usr/sbin/gosu \
+ && apk --no-cache --no-progress add ca-certificates bash git linux-pam s6 curl openssh socat tzdata
 
-ENV GOROOT /goroot
-ENV GOPATH /gopath
-ENV PATH $PATH:$GOROOT/bin:$GOPATH/bin
-
-COPY . /gopath/src/github.com/gogits/gogs/
-WORKDIR /gopath/src/github.com/gogits/gogs/
-
-# Build binary and clean up useless files
-RUN mkdir /goroot && \
-	curl https://storage.googleapis.com/golang/go1.5.linux-amd64.tar.gz | tar xzf - -C /goroot --strip-components=1 && \
-	go get -v -tags "sqlite redis memcache cert pam" && \
-	go build -tags "sqlite redis memcache cert pam" && \
-	mkdir /app/ && \
-	mv /gopath/src/github.com/gogits/gogs/ /app/gogs/ && \
-	rm -r $GOROOT $GOPATH
-
-WORKDIR /app/gogs/
-
-RUN useradd --shell /bin/bash --system --comment gogits git
-
-# SSH login fix, otherwise user is kicked off after login
-RUN mkdir /var/run/sshd && \
-	sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd && \
-	sed 's@UsePrivilegeSeparation yes@UsePrivilegeSeparation no@' -i /etc/ssh/sshd_config && \
-	echo "export VISIBLE=now" >> /etc/profile && \
-	echo "PermitUserEnvironment yes" >> /etc/ssh/sshd_config
-
-# Setup server keys on startup
-RUN sed 's@^HostKey@\#HostKey@' -i /etc/ssh/sshd_config && \
-	echo "HostKey /data/ssh/ssh_host_key" >> /etc/ssh/sshd_config && \
-	echo "HostKey /data/ssh/ssh_host_rsa_key" >> /etc/ssh/sshd_config && \
-	echo "HostKey /data/ssh/ssh_host_dsa_key" >> /etc/ssh/sshd_config && \
-	echo "HostKey /data/ssh/ssh_host_ecdsa_key" >> /etc/ssh/sshd_config && \
-	echo "HostKey /data/ssh/ssh_host_ed25519_key" >> /etc/ssh/sshd_config
-
-# Prepare data
 ENV GOGS_CUSTOM /data/gogs
-RUN echo "export GOGS_CUSTOM=/data/gogs" >> /etc/profile
 
+COPY . /app/gogs/build
+WORKDIR /app/gogs/build
+
+RUN    ./docker/build-go.sh \
+    && ./docker/build.sh \
+    && ./docker/finalize.sh
+
+# Configure LibC Name Service
+COPY docker/nsswitch.conf /etc/nsswitch.conf
+
+# Configure Docker Container
+VOLUME ["/data"]
 EXPOSE 22 3000
-ENTRYPOINT []
-CMD ["./docker/start.sh"]
+ENTRYPOINT ["/app/gogs/docker/start.sh"]
+CMD ["/bin/s6-svscan", "/app/gogs/docker/s6/"]

Dockerfile.aarch64

@@ -0,0 +1,24 @@
+FROM aarch64/alpine:3.5
+
+# Install system utils & Gogs runtime dependencies
+ADD https://github.com/tianon/gosu/releases/download/1.9/gosu-arm64 /usr/sbin/gosu
+RUN chmod +x /usr/sbin/gosu \
+ && apk --no-cache --no-progress add ca-certificates bash git linux-pam s6 curl openssh socat tzdata
+
+ENV GOGS_CUSTOM /data/gogs
+
+COPY . /app/gogs/build
+WORKDIR /app/gogs/build
+
+RUN    ./docker/build-go.sh \
+    && ./docker/build.sh \
+    && ./docker/finalize.sh
+
+# Configure LibC Name Service
+COPY docker/nsswitch.conf /etc/nsswitch.conf
+
+# Configure Docker Container
+VOLUME ["/data"]
+EXPOSE 22 3000
+ENTRYPOINT ["/app/gogs/docker/start.sh"]
+CMD ["/bin/s6-svscan", "/app/gogs/docker/s6/"]

Dockerfile.rpi

@@ -0,0 +1,24 @@
+FROM armhf/alpine:3.5
+
+# Install system utils & Gogs runtime dependencies
+ADD https://github.com/tianon/gosu/releases/download/1.9/gosu-armhf /usr/sbin/gosu
+RUN chmod +x /usr/sbin/gosu \
+ && apk --no-cache --no-progress add ca-certificates bash git linux-pam s6 curl openssh socat tzdata
+
+ENV GOGS_CUSTOM /data/gogs
+
+COPY . /app/gogs/build
+WORKDIR /app/gogs/build
+
+RUN    ./docker/build-go.sh \
+    && ./docker/build.sh \
+    && ./docker/finalize.sh
+
+# Configure LibC Name Service
+COPY docker/nsswitch.conf /etc/nsswitch.conf
+
+# Configure Docker Container
+VOLUME ["/data"]
+EXPOSE 22 3000
+ENTRYPOINT ["/app/gogs/docker/start.sh"]
+CMD ["/bin/s6-svscan", "/app/gogs/docker/s6/"]

LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2014 All Gogs Contributors
+Copyright (c) The Gogs Authors
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

Makefile

@@ -0,0 +1,80 @@
+LDFLAGS += -X "github.com/gogits/gogs/modules/setting.BuildTime=$(shell date -u '+%Y-%m-%d %I:%M:%S %Z')"
+LDFLAGS += -X "github.com/gogits/gogs/modules/setting.BuildGitHash=$(shell git rev-parse HEAD)"
+
+DATA_FILES := $(shell find conf | sed 's/ /\\ /g')
+LESS_FILES := $(wildcard public/less/gogs.less public/less/_*.less)
+GENERATED  := modules/bindata/bindata.go public/css/gogs.css
+
+OS := $(shell uname)
+
+TAGS = ""
+BUILD_FLAGS = "-v"
+
+RELEASE_ROOT = "release"
+RELEASE_GOGS = "release/gogs"
+NOW = $(shell date -u '+%Y%m%d%I%M%S')
+GOVET = go tool vet -composites=false -methods=false -structtags=false
+
+.PHONY: build pack release bindata clean
+
+.IGNORE: public/css/gogs.css
+
+all: build
+
+check: test
+
+dist: release
+
+govet:
+	$(GOVET) gogs.go
+	$(GOVET) models modules routers
+
+build: $(GENERATED)
+	go install $(BUILD_FLAGS) -ldflags '$(LDFLAGS)' -tags '$(TAGS)'
+	cp '$(GOPATH)/bin/gogs' .
+
+build-dev: $(GENERATED) govet
+	go install $(BUILD_FLAGS) -tags '$(TAGS)'
+	cp '$(GOPATH)/bin/gogs' .
+
+build-dev-race: $(GENERATED) govet
+	go install $(BUILD_FLAGS) -race -tags '$(TAGS)'
+	cp '$(GOPATH)/bin/gogs' .
+
+pack:
+	rm -rf $(RELEASE_GOGS)
+	mkdir -p $(RELEASE_GOGS)
+	cp -r gogs LICENSE README.md README_ZH.md templates public scripts $(RELEASE_GOGS)
+	rm -rf $(RELEASE_GOGS)/public/config.codekit $(RELEASE_GOGS)/public/less
+	cd $(RELEASE_ROOT) && zip -r gogs.$(NOW).zip "gogs"
+
+release: build pack
+
+bindata: modules/bindata/bindata.go
+
+modules/bindata/bindata.go: $(DATA_FILES)
+	go-bindata -o=$@ -ignore="\\.DS_Store|README.md|TRANSLATORS" -pkg=bindata conf/...
+
+less: public/css/gogs.css
+
+public/css/gogs.css: $(LESS_FILES)
+	lessc $< $@
+
+clean:
+	go clean -i ./...
+
+clean-mac: clean
+	find . -name ".DS_Store" -print0 | xargs -0 rm
+
+test:
+	go test -cover -race ./...
+
+fixme:
+	grep -rnw "FIXME" cmd routers models modules
+
+todo:
+	grep -rnw "TODO" cmd routers models modules
+
+# Legacy code should be remove by the time of release
+legacy:
+	grep -rnw "LEGACY" cmd routers models modules

README.md

@@ -1,89 +1,78 @@
-Gogs - Go Git Service [![Build Status](https://travis-ci.org/gogits/gogs.svg?branch=master)](https://travis-ci.org/gogits/gogs)
+Gogs [![Build Status](https://travis-ci.org/gogits/gogs.svg?branch=master)](https://travis-ci.org/gogits/gogs) [![Build status](https://ci.appveyor.com/api/projects/status/b9uu5ejl933e2wlt/branch/master?svg=true)](https://ci.appveyor.com/project/Unknwon/gogs/branch/master) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/gogs/localized.svg)](https://crowdin.com/project/gogs) [![Sourcegraph](https://sourcegraph.com/github.com/gogits/gogs/-/badge.svg)](https://sourcegraph.com/github.com/gogits/gogs?badge) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/gogits/gogs?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
 =====================
 
-[![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/gogits/gogs?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+![](https://github.com/gogits/gogs/blob/master/public/img/gogs-large-resize.png?raw=true)
 
-Gogs (Go Git Service) is a painless self-hosted Git service.
+##### Current tip version: [`.VERSION`](templates/.VERSION) (see [Releases](https://github.com/gogits/gogs/releases) for binary versions)
 
-##### Current version: 0.6.9 Beta
+| Web | UI  | Preview  |
+|:-------------:|:-------:|:-------:|
+|![Dashboard](https://gogs.io/img/screenshots/1.png)|![Repository](https://gogs.io/img/screenshots/2.png)|![Editor](https://gogs.io/img/screenshots/3.png)|
+|![Profile](https://gogs.io/img/screenshots/4.png)|![Diff](https://gogs.io/img/screenshots/5.png)|![Repository Settings](https://gogs.io/img/screenshots/6.png?ts=20170322)|
+|![Webhook](https://gogs.io/img/screenshots/7.png)|![Organization](https://gogs.io/img/screenshots/8.png)|![Admin Dashboard](https://gogs.io/img/screenshots/9.png)|
 
-<table>
-    <tr>
-        <td width="33%"><img src="http://gogs.io/imgs/screenshoots/1.png"></td>
-        <td width="33%"><img src="http://gogs.io/imgs/screenshoots/2.png"></td>
-        <td width="33%"><img src="http://gogs.io/imgs/screenshoots/3.png"></td>
-    </tr>
-    <tr>
-        <td><img src="http://gogs.io/imgs/screenshoots/4.png"></td>
-        <td><img src="http://gogs.io/imgs/screenshoots/5.png"></td>
-        <td><img src="http://gogs.io/imgs/screenshoots/6.png"></td>
-    </tr>
-    <tr>
-        <td><img src="http://gogs.io/imgs/screenshoots/7.png"></td>
-        <td><img src="http://gogs.io/imgs/screenshoots/8.png"></td>
-        <td><img src="http://gogs.io/imgs/screenshoots/9.png"></td>
-    </tr>
-</table>
+### Important Notes
 
-### NOTICES
+1. **YOU MUST READ [Contributing Code](https://github.com/gogits/gogs/wiki/Contributing-Code) BEFORE STARTING TO WORK ON A PULL REQUEST**.
+2. Due to testing purpose, data of [try.gogs.io](https://try.gogs.io) was reset in **Jan 28, 2015** and will reset multiple times after. Please do **NOT** put your important data on the site.
+3. The demo site [try.gogs.io](https://try.gogs.io) is running under `develop` branch.
+4. If you think there are vulnerabilities in the project, please talk privately to **u@gogs.io**, and the name you want to be credited as. Thanks!
+5. If you're interested in using APIs, we have experimental support with [documentation](https://github.com/gogits/go-gogs-client/wiki).
+6. If your team/company is using Gogs and would like to put your logo on [our website](https://gogs.io), contact us by any means.
 
-- Due to testing purpose, data of [try.gogs.io](https://try.gogs.io) has been reset in **Jan 28, 2015** and will reset multiple times after. Please do **NOT** put your important data on the site.
-- The demo site [try.gogs.io](https://try.gogs.io) is running under `develop` branch.
-- :exclamation::exclamation::exclamation:<span style="color: red">You **MUST** read [CONTRIBUTING.md](CONTRIBUTING.md) before you start filing an issue or making a Pull Request, and **MUST** discuss with us on [Gitter](https://gitter.im/gogits/gogs) for UI changes and feature Pull Requests, otherwise it's high possibilities that we are not going to merge it.</span>:exclamation::exclamation::exclamation:
-- If you think there are vulnerabilities in the project, please talk privately to **u@gogs.io**. Thanks!
-
-#### Other language version
-
-- [简体中文](README_ZH.md)
+[简体中文](README_ZH.md)
 
 ## Purpose
 
-The goal of this project is to make the easiest, fastest, and most painless way to set up a self-hosted Git service. With Go, this can be done via an independent binary distribution across **ALL platforms** that Go supports, including Linux, Mac OS X, and Windows.
+The goal of this project is to make the easiest, fastest, and most painless way of setting up a self-hosted Git service. With Go, this can be done with an independent binary distribution across **ALL platforms** that Go supports, including Linux, Mac OS X, Windows and ARM.
 
 ## Overview
 
-- Please see the [Documentation](http://gogs.io/docs/intro/) for project design, known issues, and change log.
-- See the [Trello Board](https://trello.com/b/uxAoeLUl/gogs-go-git-service) to follow the develop team.
-- Want to try it before doing anything else? Do it [online](https://try.gogs.io/gogs/gogs) or go down to the **Installation -> Install from binary** section!
-- Having trouble? Get help with [Troubleshooting](http://gogs.io/docs/intro/troubleshooting.md).
-- Want to help with localization? Check out the [guide](http://gogs.io/docs/features/i18n.html)!
+- Please see the [Documentation](https://gogs.io/docs/intro) for common usages and change log.
+- Want to try it before doing anything else? Do it [online](https://try.gogs.io/gogs/gogs)!
+- Having trouble? Get help with [Troubleshooting](https://gogs.io/docs/intro/troubleshooting.html) or [User Forum](https://discuss.gogs.io/).
+- Want to help with localization? Check out the [guide](https://gogs.io/docs/features/i18n.html)!
 
 ## Features
 
 - Activity timeline
-- SSH/HTTP(S) protocol support
-- SMTP/LDAP/reverse proxy authentication support
-- Reverse proxy suburl support
-- Account/Organization(with team)/Repository management
-- Repository/Organization webhooks(including Slack)
+- SSH and HTTP/HTTPS protocols
+- SMTP/LDAP/Reverse proxy authentication
+- Reverse proxy with sub-path
+- Account/Organization/Repository management
+- Add/Remove repository collaborators
+- Repository/Organization webhooks (including Slack and Discord)
 - Repository Git hooks/deploy keys
-- Add/remove repository collaborators
-- Gravatar and custom source support
+- Repository issues, pull requests, wiki and protected branches
+- Migrate and mirror repository and its wiki
+- Web editor for repository files and wiki
+- Jupyter Notebook
+- Gravatar and Federated avatar with custom source
 - Mail service
 - Administration panel
-- Supports MySQL, PostgreSQL and SQLite3
-- Social account login (GitHub, Google, QQ, Weibo)
-- Multi-language support ([14 languages](https://crowdin.com/project/gogs))
+- Supports MySQL, PostgreSQL, SQLite3, MSSQL and [TiDB](https://github.com/pingcap/tidb) (via MySQL protocol)
+- Multi-language support ([23 languages](https://crowdin.com/project/gogs))
 
-## System Requirements
+## Hardware Requirements
 
-- A cheap Raspberry Pi is powerful enough for basic functionality.
-- At least 2 CPU cores and 1GB RAM would be the baseline for teamwork.
+- A Raspberry Pi or $5 Digital Ocean Droplet is more than enough to get you started. Some even use 64MB RAM Docker [CaaS](https://blog.docker.com/2016/02/containers-as-a-service-caas/).
+- 2 CPU cores and 512MB RAM would be the baseline for teamwork.
+- Increase CPU cores when your team size gets significantly larger, memory footprint remains low.
 
 ## Browser Support
 
 - Please see [Semantic UI](https://github.com/Semantic-Org/Semantic-UI#browser-support) for specific versions of supported browsers.
-- The official support minimal size  is **1024*768**, UI may still looks right in smaller size but no promises and fixes.
+- The smallest resolution officially supported is **1024*768**, however the UI may still look right in smaller resolutions, but no promises or fixes.
 
 ## Installation
 
-Make sure you install the [prerequisites](http://gogs.io/docs/installation/) first.
+Make sure you install the [prerequisites](https://gogs.io/docs/installation) first.
 
 There are 5 ways to install Gogs:
 
-- [Install from binary](http://gogs.io/docs/installation/install_from_binary.md)
-- [Install from source](http://gogs.io/docs/installation/install_from_source.md)
-- [Install from packages](http://gogs.io/docs/installation/install_from_packages.md)
+- [Install from binary](https://gogs.io/docs/installation/install_from_binary.html)
+- [Install from source](https://gogs.io/docs/installation/install_from_source.html)
+- [Install from packages](https://gogs.io/docs/installation/install_from_packages.html)
 - [Ship with Docker](https://github.com/gogits/gogs/tree/master/docker)
 - [Install with Vagrant](https://github.com/geerlingguy/ansible-vagrant-examples/tree/master/gogs)
 
@@ -91,26 +80,55 @@ There are 5 ways to install Gogs:
 
 - [How To Set Up Gogs on Ubuntu 14.04](https://www.digitalocean.com/community/tutorials/how-to-set-up-gogs-on-ubuntu-14-04)
 - [Run your own GitHub-like service with the help of Docker](http://blog.hypriot.com/post/run-your-own-github-like-service-with-docker/)
+- [Dockerized Gogs git server and alpine postgres in 20 minutes or less](http://garthwaite.org/docker-gogs.html)
+- [Host Your Own Private GitHub with Gogs](https://eladnava.com/host-your-own-private-github-with-gogs-io/)
+- [使用 Gogs 搭建自己的 Git 服务器](https://mynook.info/blog/post/host-your-own-git-server-using-gogs) (Chinese)
 - [阿里云上 Ubuntu 14.04 64 位安装 Gogs](http://my.oschina.net/luyao/blog/375654) (Chinese)
 - [Installing Gogs on FreeBSD](https://www.codejam.info/2015/03/installing-gogs-on-freebsd.html)
 - [Gogs on Raspberry Pi](http://blog.meinside.pe.kr/Gogs-on-Raspberry-Pi/)
+- [Cloudflare Full SSL with Gogs using NGINX](http://www.listekconsulting.com/articles/cloudflare-full-ssl-with-gogs-go-git-service-using-nginx/)
 
 ### Screencasts
 
-- [Instalando Gogs no Ubuntu](http://blog.linuxpro.com.br/2015/08/14/instalando-gogs-no-ubuntu/) (Português)
+- [How to install Gogs on a Linux Server (DigitalOcean)](https://www.youtube.com/watch?v=deSfX0gqefE)
+- [Instalando Gogs no Ubuntu](https://www.youtube.com/watch?v=4UkHAR1F7ZA) (Português)
+
+### Deploy to Cloud
+
+- [OpenShift](https://github.com/tkisme/gogs-openshift)
+- [Cloudron](https://cloudron.io/appstore.html#io.gogs.cloudronapp)
+- [Scaleway](https://www.scaleway.com/imagehub/gogs/)
+- [Sandstorm](https://github.com/cem/gogs-sandstorm)
+- [sloppy.io](https://github.com/sloppyio/quickstarters/tree/master/gogs)
+- [YunoHost](https://github.com/YunoHost-Apps/gogs_ynh)
+- [DPlatform](https://github.com/j8r/DPlatform)
+
+## Software and Service Support
+
+- [Drone](https://github.com/drone/drone) (CI)
+- [Jenkins](https://wiki.jenkins-ci.org/display/JENKINS/Gogs+Webhook+Plugin) (CI)
+- [Fabric8](http://fabric8.io/) (DevOps)
+- [Taiga](https://taiga.io/) (Project Management)
+- [Puppet](https://forge.puppetlabs.com/Siteminds/gogs) (IT)
+- [Kanboard](http://kanboard.net/plugin/gogs-webhook) (Project Management)
+- [BearyChat](https://bearychat.com/) (Team Communication)
+- [HiWork](http://www.hiwork.cc/) (Team Communication)
+
+### Product Support
+
+- [Synology](https://www.synology.com) (Docker)
+- [One Space](http://www.onespace.cc) (App Store)
 
 ## Acknowledgments
 
-- Router and middleware mechanism of [Macaron](https://github.com/Unknwon/macaron).
-- Mail Service, modules design is inspired by [WeTalk](https://github.com/beego/wetalk).
-- System Monitor Status is inspired by [GoBlog](https://github.com/fuxiaohei/goblog).
-- Thanks [lavachen](http://www.lavachen.cn/) and [Rocker](http://weibo.com/rocker1989) for designing Logo.
+- Thanks [Egon Elbre](https://twitter.com/egonelbre) for designing logo.
 - Thanks [Crowdin](https://crowdin.com/project/gogs) for providing open source translation plan.
+- Thanks [DigitalOcean](https://www.digitalocean.com) for hosting home and demo sites.
+- Thanks [KeyCDN](https://www.keycdn.com/) and [QiNiu](http://www.qiniu.com/) for providing CDN service.
 
 ## Contributors
 
-- Ex-team members [@lunny](https://github.com/lunny) and [@fuxiaohei](https://github.com/fuxiaohei).
-- See [contributors page](https://github.com/gogits/gogs/graphs/contributors) for full list of contributors.
+- See [contributors page](https://github.com/gogits/gogs/graphs/contributors) for top 100 contributors.
 - See [TRANSLATORS](conf/locale/TRANSLATORS) for public list of translators.
 
 ## License

README_ZH.md

@@ -1,41 +1,44 @@
-Gogs - Go Git Service [![Build Status](https://travis-ci.org/gogits/gogs.svg?branch=master)](https://travis-ci.org/gogits/gogs)
+Gogs [![Build Status](https://travis-ci.org/gogits/gogs.svg?branch=master)](https://travis-ci.org/gogits/gogs) [![Build status](https://ci.appveyor.com/api/projects/status/b9uu5ejl933e2wlt/branch/master?svg=true)](https://ci.appveyor.com/project/Unknwon/gogs/branch/master)
 =====================
 
-Gogs (Go Git Service) 是一款可轻易搭建的自助 Git 服务。
+Gogs 是一款极易搭建的自助 Git 服务。
 
 ## 开发目的
 
-Gogs 的目标是打造一个最简单、最快速和最轻松的方式搭建自助 Git 服务。使用 Go 语言开发使得 Gogs 能够通过独立的二进制分发，并且支持 Go 语言支持的 **所有平台**，包括 Linux、Mac OS X 以及 Windows。
+Gogs 的目标是打造一个最简单、最快速和最轻松的方式搭建自助 Git 服务。使用 Go 语言开发使得 Gogs 能够通过独立的二进制分发，并且支持 Go 语言支持的 **所有平台**，包括 Linux、Mac OS X、Windows 以及 ARM 平台。
 
 ## 项目概览
 
-- 有关项目设计、已知问题和变更日志，请通过 [使用手册](http://gogs.io/docs/intro/) 查看。
-- 您可以到 [Trello Board](https://trello.com/b/uxAoeLUl/gogs-go-git-service) 跟随开发团队的脚步。
-- 想要先睹为快？通过 [在线体验](https://try.gogs.io/gogs/gogs) 或查看 **安装部署 -> 二进制安装** 小节。
-- 使用过程中遇到问题？尝试从 [故障排查](http://gogs.io/docs/intro/troubleshooting.md) 页面获取帮助。
-- 希望帮助多国语言界面的翻译吗？请立即访问 [详情页面](http://gogs.io/docs/features/i18n.html)！
+- 有关基本用法和变更日志，请通过 [使用手册](https://gogs.io/docs/intro) 查看。
+- 想要先睹为快？直接去 [在线体验](https://try.gogs.io/gogs/gogs) 。
+- 使用过程中遇到问题？尝试从 [故障排查](https://gogs.io/docs/intro/troubleshooting.html) 页面或 [用户论坛](https://discuss.gogs.io/) 获取帮助。
+- 希望帮助多国语言界面的翻译吗？请立即访问 [详情页面](https://gogs.io/docs/features/i18n.html)！
 
 ## 功能特性
 
 - 支持活动时间线
-- 支持 SSH/HTTP(S) 协议
-- 支持 SMTP/LDAP/反向代理的用户认证
+- 支持 SSH 以及 HTTP/HTTPS 协议
+- 支持 SMTP、LDAP 和反向代理的用户认证
 - 支持反向代理子路径
 - 支持用户、组织和仓库管理系统
-- 支持仓库和组织级别 Web 钩子（包括 Slack 集成）
+- 支持添加和删除仓库协作者
+- 支持仓库和组织级别 Web 钩子（包括 Slack 和 Discord 集成）
 - 支持仓库 Git 钩子和部署密钥
-- 支持 添加/删除 仓库协作者
-- 支持 Gravatar 以及自定义源
+- 支持仓库工单（Issue）、合并请求（Pull Request）、Wiki 和保护分支
+- 支持迁移和镜像仓库以及它的 Wiki
+- 支持在线编辑仓库文件和 Wiki
+- 支持自定义源的 Gravatar 和 Federated Avatar
+- 支持 Jupyter Notebook
 - 支持邮件服务
 - 支持后台管理面板
-- 支持 MySQL、PostgreSQL 以及 SQLite3 数据库
-- 支持社交帐号登录（GitHub、Google、QQ、微博）
-- 支持多语言本地化（[14 种语言]([more](https://crowdin.com/project/gogs))）
+- 支持 MySQL、PostgreSQL、SQLite3、MSSQL 和 [TiDB](https://github.com/pingcap/tidb)（通过 MySQL 协议）数据库
+- 支持多语言本地化（[23 种语言]([more](https://crowdin.com/project/gogs))）
 
-## 系统要求
+## 硬件要求
 
 - 最低的系统硬件要求为一个廉价的树莓派
-- 如果用于团队项目，建议使用 2 核 CPU 及 1GB 内存
+- 如果用于团队项目管理，建议使用 2 核 CPU 及 512MB 内存
+- 当团队成员大量增加时，可以考虑添加 CPU 核数，内存占用保持不变
 
 ## 浏览器支持
 
@@ -44,28 +47,57 @@ Gogs 的目标是打造一个最简单、最快速和最轻松的方式搭建自
 
 ## 安装部署
 
-在安装 Gogs 之前，您需要先安装 [基本环境](http://gogs.io/docs/installation/)。
+在安装 Gogs 之前，您需要先安装 [基本环境](https://gogs.io/docs/installation)。
 
 然后，您可以通过以下 5 种方式来安装 Gogs：
 
-- [二进制安装](http://gogs.io/docs/installation/install_from_binary.md)
-- [源码安装](http://gogs.io/docs/installation/install_from_source.md)
-- [包管理安装](http://gogs.io/docs/installation/install_from_packages.md)
+- [二进制安装](https://gogs.io/docs/installation/install_from_binary.html)
+- [源码安装](https://gogs.io/docs/installation/install_from_source.html)
+- [包管理安装](https://gogs.io/docs/installation/install_from_packages.html)
 - [采用 Docker 部署](https://github.com/gogits/gogs/tree/master/docker)
 - [通过 Vagrant 安装](https://github.com/geerlingguy/ansible-vagrant-examples/tree/master/gogs)
 
+### 使用教程
+
+- [使用 Gogs 搭建自己的 Git 服务器](https://mynook.info/blog/post/host-your-own-git-server-using-gogs)
+- [阿里云上 Ubuntu 14.04 64 位安装 Gogs](http://my.oschina.net/luyao/blog/375654)
+
+### 云端部署
+
+- [OpenShift](https://github.com/tkisme/gogs-openshift)
+- [Cloudron](https://cloudron.io/appstore.html#io.gogs.cloudronapp)
+- [Scaleway](https://www.scaleway.com/imagehub/gogs/)
+- [Sandstorm](https://github.com/cem/gogs-sandstorm)
+- [sloppy.io](https://github.com/sloppyio/quickstarters/tree/master/gogs)
+- [YunoHost](https://github.com/mbugeia/gogs_ynh)
+- [DPlatform](https://github.com/j8r/DPlatform)
+
+## 软件及服务支持
+
+- [Drone](https://github.com/drone/drone)（CI）
+- [Jenkins](https://wiki.jenkins-ci.org/display/JENKINS/Gogs+Webhook+Plugin)（CI）
+- [Fabric8](http://fabric8.io/)（DevOps）
+- [Taiga](https://taiga.io/)（项目管理）
+- [Puppet](https://forge.puppetlabs.com/Siteminds/gogs)（IT）
+- [Kanboard](http://kanboard.net/plugin/gogs-webhook)（项目管理）
+- [BearyChat](https://bearychat.com/)（团队交流）
+- [HiWork](http://www.hiwork.cc/)（团队交流）
+
+### 产品支持
+
+- [Synology](https://www.synology.com)（Docker）
+- [One Space](http://www.onespace.cc)（应用商店）
+
 ## 特别鸣谢
 
-- 基于 [Macaron](https://github.com/Unknwon/macaron) 的路由与中间件机制。
-- 基于 [WeTalk](https://github.com/beego/wetalk) 修改的邮件服务和模块设计。
-- 基于 [GoBlog](https://github.com/fuxiaohei/goblog) 修改的系统监视状态。
-- 感谢 [lavachen](http://www.lavachen.cn/) 和 [Rocker](http://weibo.com/rocker1989) 设计的 Logo。
+- 感谢 [Egon Elbre](https://twitter.com/egonelbre) 设计的 Logo。
 - 感谢 [Crowdin](https://crowdin.com/project/gogs) 提供免费的开源项目本地化支持。
+- 感谢 [DigitalOcean](https://www.digitalocean.com) 提供主站和体验站点的服务器赞助。
+- 感谢 [KeyCDN](https://www.keycdn.com/) 和 [七牛云存储](http://www.qiniu.com/) 提供 CDN 服务赞助。
 
 ## 贡献成员
 
-- 前团队成员 [@lunny](https://github.com/lunny) 和 [@fuxiaohei](https://github.com/fuxiaohei)。
-- 您可以通过查看 [贡献者页面](https://github.com/gogits/gogs/graphs/contributors) 获取完整的贡献者列表。
+- 您可以通过查看 [贡献者页面](https://github.com/gogits/gogs/graphs/contributors) 获取 TOP 100 的贡献者列表。
 - 您可以通过查看 [TRANSLATORS](conf/locale/TRANSLATORS) 文件获取公开的翻译人员列表。
 
 ## 授权许可

appveyor.yml

@@ -0,0 +1,20 @@
+version: "{build}"
+skip_tags: true
+clone_folder: c:\gopath\src\github.com\gogits\gogs
+clone_depth: 1
+
+environment:
+  GOPATH: c:\gopath
+  GOVERSION: 1.7
+
+build: false
+deploy: false
+
+install:
+  - go build -v
+
+notifications:
+  - provider: Email
+    to:
+      - u@gogs.io
+    on_build_success: false

cmd/admin.go

@@ -0,0 +1,70 @@
+// Copyright 2016 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"fmt"
+
+	"github.com/urfave/cli"
+
+	"github.com/gogits/gogs/models"
+	"github.com/gogits/gogs/modules/setting"
+)
+
+var (
+	Admin = cli.Command{
+		Name:  "admin",
+		Usage: "Preform admin operations on command line",
+		Description: `Allow using internal logic of Gogs without hacking into the source code
+to make automatic initialization process more smoothly`,
+		Subcommands: []cli.Command{
+			subcmdCreateUser,
+		},
+	}
+
+	subcmdCreateUser = cli.Command{
+		Name:   "create-user",
+		Usage:  "Create a new user in database",
+		Action: runCreateUser,
+		Flags: []cli.Flag{
+			stringFlag("name", "", "Username"),
+			stringFlag("password", "", "User password"),
+			stringFlag("email", "", "User email address"),
+			boolFlag("admin", "User is an admin"),
+			stringFlag("config, c", "custom/conf/app.ini", "Custom configuration file path"),
+		},
+	}
+)
+
+func runCreateUser(c *cli.Context) error {
+	if !c.IsSet("name") {
+		return fmt.Errorf("Username is not specified")
+	} else if !c.IsSet("password") {
+		return fmt.Errorf("Password is not specified")
+	} else if !c.IsSet("email") {
+		return fmt.Errorf("Email is not specified")
+	}
+
+	if c.IsSet("config") {
+		setting.CustomConf = c.String("config")
+	}
+
+	setting.NewContext()
+	models.LoadConfigs()
+	models.SetEngine()
+
+	if err := models.CreateUser(&models.User{
+		Name:     c.String("name"),
+		Email:    c.String("email"),
+		Passwd:   c.String("password"),
+		IsActive: true,
+		IsAdmin:  c.Bool("admin"),
+	}); err != nil {
+		return fmt.Errorf("CreateUser: %v", err)
+	}
+
+	fmt.Printf("New user '%s' has been successfully created!\n", c.String("name"))
+	return nil
+}

cmd/backup.go

@@ -0,0 +1,136 @@
+// Copyright 2017 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path"
+	"time"
+
+	"github.com/Unknwon/cae/zip"
+	"github.com/Unknwon/com"
+	"github.com/urfave/cli"
+	log "gopkg.in/clog.v1"
+	"gopkg.in/ini.v1"
+
+	"github.com/gogits/gogs/models"
+	"github.com/gogits/gogs/modules/setting"
+)
+
+var Backup = cli.Command{
+	Name:  "backup",
+	Usage: "Backup files and database",
+	Description: `Backup dumps and compresses all related files and database into zip file,
+which can be used for migrating Gogs to another server. The output format is meant to be
+portable among all supported database engines.`,
+	Action: runBackup,
+	Flags: []cli.Flag{
+		stringFlag("config, c", "custom/conf/app.ini", "Custom configuration file path"),
+		boolFlag("verbose, v", "Show process details"),
+		stringFlag("tempdir, t", os.TempDir(), "Temporary directory path"),
+		stringFlag("target", "./", "Target directory path to save backup archive"),
+		stringFlag("archive-name", fmt.Sprintf("gogs-backup-%d.zip", time.Now().Unix()), "Name of backup archive"),
+		boolFlag("database-only", "Only dump database"),
+		boolFlag("exclude-repos", "Exclude repositories"),
+	},
+}
+
+const _ARCHIVE_ROOT_DIR = "gogs-backup"
+
+func runBackup(c *cli.Context) error {
+	zip.Verbose = c.Bool("verbose")
+	if c.IsSet("config") {
+		setting.CustomConf = c.String("config")
+	}
+	setting.NewContext()
+	models.LoadConfigs()
+	models.SetEngine()
+
+	tmpDir := c.String("tempdir")
+	if !com.IsExist(tmpDir) {
+		log.Fatal(0, "'--tempdir' does not exist: %s", tmpDir)
+	}
+	rootDir, err := ioutil.TempDir(tmpDir, "gogs-backup-")
+	if err != nil {
+		log.Fatal(0, "Fail to create backup root directory '%s': %v", rootDir, err)
+	}
+	log.Info("Backup root directory: %s", rootDir)
+
+	// Metadata
+	metaFile := path.Join(rootDir, "metadata.ini")
+	metadata := ini.Empty()
+	metadata.Section("").Key("VERSION").SetValue("1")
+	metadata.Section("").Key("DATE_TIME").SetValue(time.Now().String())
+	metadata.Section("").Key("GOGS_VERSION").SetValue(setting.AppVer)
+	if err = metadata.SaveTo(metaFile); err != nil {
+		log.Fatal(0, "Fail to save metadata '%s': %v", metaFile, err)
+	}
+
+	archiveName := path.Join(c.String("target"), c.String("archive-name"))
+	log.Info("Packing backup files to: %s", archiveName)
+
+	z, err := zip.Create(archiveName)
+	if err != nil {
+		log.Fatal(0, "Fail to create backup archive '%s': %v", archiveName, err)
+	}
+	if err = z.AddFile(_ARCHIVE_ROOT_DIR+"/metadata.ini", metaFile); err != nil {
+		log.Fatal(0, "Fail to include 'metadata.ini': %v", err)
+	}
+
+	// Database
+	dbDir := path.Join(rootDir, "db")
+	if err = models.DumpDatabase(dbDir); err != nil {
+		log.Fatal(0, "Fail to dump database: %v", err)
+	}
+	if err = z.AddDir(_ARCHIVE_ROOT_DIR+"/db", dbDir); err != nil {
+		log.Fatal(0, "Fail to include 'db': %v", err)
+	}
+
+	// Custom files
+	if !c.Bool("database-only") {
+		if err = z.AddDir(_ARCHIVE_ROOT_DIR+"/custom", setting.CustomPath); err != nil {
+			log.Fatal(0, "Fail to include 'custom': %v", err)
+		}
+	}
+
+	// Data files
+	if !c.Bool("database-only") {
+		for _, dir := range []string{"attachments", "avatars"} {
+			dirPath := path.Join(setting.AppDataPath, dir)
+			if !com.IsDir(dirPath) {
+				continue
+			}
+
+			if err = z.AddDir(path.Join(_ARCHIVE_ROOT_DIR+"/data", dir), dirPath); err != nil {
+				log.Fatal(0, "Fail to include 'data': %v", err)
+			}
+		}
+	}
+
+	// Repositories
+	if !c.Bool("exclude-repos") && !c.Bool("database-only") {
+		reposDump := path.Join(rootDir, "repositories.zip")
+		log.Info("Dumping repositories in '%s'", setting.RepoRootPath)
+		if err = zip.PackTo(setting.RepoRootPath, reposDump, true); err != nil {
+			log.Fatal(0, "Fail to dump repositories: %v", err)
+		}
+		log.Info("Repositories dumped to: %s", reposDump)
+
+		if err = z.AddFile(_ARCHIVE_ROOT_DIR+"/repositories.zip", reposDump); err != nil {
+			log.Fatal(0, "Fail to include 'repositories.zip': %v", err)
+		}
+	}
+
+	if err = z.Close(); err != nil {
+		log.Fatal(0, "Fail to save backup archive '%s': %v", archiveName, err)
+	}
+
+	os.RemoveAll(rootDir)
+	log.Info("Backup succeed! Archive is located at: %s", archiveName)
+	log.Shutdown()
+	return nil
+}

cmd/cert.go

@@ -22,22 +22,22 @@ import (
 	"strings"
 	"time"
 
-	"github.com/codegangsta/cli"
+	"github.com/urfave/cli"
 )
 
-var CmdCert = cli.Command{
+var Cert = cli.Command{
 	Name:  "cert",
 	Usage: "Generate self-signed certificate",
-	Description: `Generate a self-signed X.509 certificate for a TLS server. 
+	Description: `Generate a self-signed X.509 certificate for a TLS server.
 Outputs to 'cert.pem' and 'key.pem' and will overwrite existing files.`,
 	Action: runCert,
 	Flags: []cli.Flag{
-		cli.StringFlag{"host", "", "Comma-separated hostnames and IPs to generate a certificate for", ""},
-		cli.StringFlag{"ecdsa-curve", "", "ECDSA curve to use to generate a key. Valid values are P224, P256, P384, P521", ""},
-		cli.IntFlag{"rsa-bits", 2048, "Size of RSA key to generate. Ignored if --ecdsa-curve is set", ""},
-		cli.StringFlag{"start-date", "", "Creation date formatted as Jan 1 15:04:05 2011", ""},
-		cli.DurationFlag{"duration", 365 * 24 * time.Hour, "Duration that certificate is valid for", ""},
-		cli.BoolFlag{"ca", "whether this cert should be its own Certificate Authority", ""},
+		stringFlag("host", "", "Comma-separated hostnames and IPs to generate a certificate for"),
+		stringFlag("ecdsa-curve", "", "ECDSA curve to use to generate a key. Valid values are P224, P256, P384, P521"),
+		intFlag("rsa-bits", 2048, "Size of RSA key to generate. Ignored if --ecdsa-curve is set"),
+		stringFlag("start-date", "", "Creation date formatted as Jan 1 15:04:05 2011"),
+		durationFlag("duration", 365*24*time.Hour, "Duration that certificate is valid for"),
+		boolFlag("ca", "whether this cert should be its own Certificate Authority"),
 	},
 }
 
@@ -59,7 +59,7 @@ func pemBlockForKey(priv interface{}) *pem.Block {
 	case *ecdsa.PrivateKey:
 		b, err := x509.MarshalECPrivateKey(k)
 		if err != nil {
-			log.Fatal("unable to marshal ECDSA private key: %v", err)
+			log.Fatalf("Unable to marshal ECDSA private key: %v\n", err)
 		}
 		return &pem.Block{Type: "EC PRIVATE KEY", Bytes: b}
 	default:
@@ -67,7 +67,7 @@ func pemBlockForKey(priv interface{}) *pem.Block {
 	}
 }
 
-func runCert(ctx *cli.Context) {
+func runCert(ctx *cli.Context) error {
 	if len(ctx.String("host")) == 0 {
 		log.Fatal("Missing required --host parameter")
 	}
@@ -114,7 +114,7 @@ func runCert(ctx *cli.Context) {
 		SerialNumber: serialNumber,
 		Subject: pkix.Name{
 			Organization: []string{"Acme Co"},
-			CommonName: "Gogs",
+			CommonName:   "Gogs",
 		},
 		NotBefore: notBefore,
 		NotAfter:  notAfter,
@@ -153,9 +153,11 @@ func runCert(ctx *cli.Context) {
 
 	keyOut, err := os.OpenFile("key.pem", os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
 	if err != nil {
-		log.Fatal("failed to open key.pem for writing: %v", err)
+		log.Fatalf("Failed to open key.pem for writing: %v\n", err)
 	}
 	pem.Encode(keyOut, pemBlockForKey(priv))
 	keyOut.Close()
 	log.Println("Written key.pem")
+
+	return nil
 }

cmd/cert_stub.go

@@ -10,18 +10,19 @@ import (
 	"fmt"
 	"os"
 
-	"github.com/codegangsta/cli"
+	"github.com/urfave/cli"
 )
 
-var CmdCert = cli.Command{
-	Name:  "cert",
-	Usage: "Generate self-signed certificate",
-	Description: `Generate a self-signed X.509 certificate for a TLS server. 
-Outputs to 'cert.pem' and 'key.pem' and will overwrite existing files.`,
-	Action: runCert,
+var Cert = cli.Command{
+	Name:        "cert",
+	Usage:       "Generate self-signed certificate",
+	Description: `Please use build tags "cert" to rebuild Gogs in order to have this ability`,
+	Action:      runCert,
 }
 
-func runCert(ctx *cli.Context) {
+func runCert(ctx *cli.Context) error {
 	fmt.Println("Command cert not available, please use build tags 'cert' to rebuild.")
 	os.Exit(1)
+
+	return nil
 }

cmd/cmd.go

@@ -0,0 +1,42 @@
+// Copyright 2015 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"time"
+
+	"github.com/urfave/cli"
+)
+
+func stringFlag(name, value, usage string) cli.StringFlag {
+	return cli.StringFlag{
+		Name:  name,
+		Value: value,
+		Usage: usage,
+	}
+}
+
+func boolFlag(name, usage string) cli.BoolFlag {
+	return cli.BoolFlag{
+		Name:  name,
+		Usage: usage,
+	}
+}
+
+func intFlag(name string, value int, usage string) cli.IntFlag {
+	return cli.IntFlag{
+		Name:  name,
+		Value: value,
+		Usage: usage,
+	}
+}
+
+func durationFlag(name string, value time.Duration, usage string) cli.DurationFlag {
+	return cli.DurationFlag{
+		Name:  name,
+		Value: value,
+		Usage: usage,
+	}
+}

cmd/dump.go

@@ -1,74 +0,0 @@
-// Copyright 2014 The Gogs Authors. All rights reserved.
-// Use of this source code is governed by a MIT-style
-// license that can be found in the LICENSE file.
-
-package cmd
-
-import (
-	"fmt"
-	"log"
-	"os"
-	"path"
-	"time"
-
-	"github.com/Unknwon/cae/zip"
-	"github.com/codegangsta/cli"
-
-	"github.com/gogits/gogs/models"
-	"github.com/gogits/gogs/modules/setting"
-)
-
-var CmdDump = cli.Command{
-	Name:  "dump",
-	Usage: "Dump Gogs files and database",
-	Description: `Dump compresses all related files and database into zip file.
-It can be used for backup and capture Gogs server image to send to maintainer`,
-	Action: runDump,
-	Flags: []cli.Flag{
-		cli.StringFlag{"config, c", "custom/conf/app.ini", "Custom configuration file path", ""},
-		cli.BoolFlag{"verbose, v", "show process details", ""},
-	},
-}
-
-func runDump(ctx *cli.Context) {
-	if ctx.IsSet("config") {
-		setting.CustomConf = ctx.String("config")
-	}
-	setting.NewConfigContext()
-	models.LoadModelsConfig()
-	models.SetEngine()
-
-	log.Printf("Dumping local repositories...%s", setting.RepoRootPath)
-	zip.Verbose = ctx.Bool("verbose")
-	defer os.Remove("gogs-repo.zip")
-	if err := zip.PackTo(setting.RepoRootPath, "gogs-repo.zip", true); err != nil {
-		log.Fatalf("Fail to dump local repositories: %v", err)
-	}
-
-	log.Printf("Dumping database...")
-	defer os.Remove("gogs-db.sql")
-	if err := models.DumpDatabase("gogs-db.sql"); err != nil {
-		log.Fatalf("Fail to dump database: %v", err)
-	}
-
-	fileName := fmt.Sprintf("gogs-dump-%d.zip", time.Now().Unix())
-	log.Printf("Packing dump files...")
-	z, err := zip.Create(fileName)
-	if err != nil {
-		os.Remove(fileName)
-		log.Fatalf("Fail to create %s: %v", fileName, err)
-	}
-
-	workDir, _ := setting.WorkDir()
-	z.AddFile("gogs-repo.zip", path.Join(workDir, "gogs-repo.zip"))
-	z.AddFile("gogs-db.sql", path.Join(workDir, "gogs-db.sql"))
-	z.AddDir("custom", path.Join(workDir, "custom"))
-	z.AddDir("log", path.Join(workDir, "log"))
-	// FIXME: SSH key file.
-	if err = z.Close(); err != nil {
-		os.Remove(fileName)
-		log.Fatalf("Fail to save %s: %v", fileName, err)
-	}
-
-	log.Println("Finish dumping!")
-}

cmd/hook.go

@@ -0,0 +1,252 @@
+// Copyright 2014 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"bufio"
+	"bytes"
+	"crypto/tls"
+	"fmt"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"strings"
+
+	"github.com/Unknwon/com"
+	"github.com/urfave/cli"
+	log "gopkg.in/clog.v1"
+
+	"github.com/gogits/git-module"
+
+	"github.com/gogits/gogs/models"
+	"github.com/gogits/gogs/modules/httplib"
+	"github.com/gogits/gogs/modules/setting"
+	http "github.com/gogits/gogs/routers/repo"
+)
+
+var (
+	Hook = cli.Command{
+		Name:        "hook",
+		Usage:       "Delegate commands to corresponding Git hooks",
+		Description: "All sub-commands should only be called by Git",
+		Flags: []cli.Flag{
+			stringFlag("config, c", "custom/conf/app.ini", "Custom configuration file path"),
+		},
+		Subcommands: []cli.Command{
+			subcmdHookPreReceive,
+			subcmdHookUpadte,
+			subcmdHookPostReceive,
+		},
+	}
+
+	subcmdHookPreReceive = cli.Command{
+		Name:        "pre-receive",
+		Usage:       "Delegate pre-receive Git hook",
+		Description: "This command should only be called by Git",
+		Action:      runHookPreReceive,
+	}
+	subcmdHookUpadte = cli.Command{
+		Name:        "update",
+		Usage:       "Delegate update Git hook",
+		Description: "This command should only be called by Git",
+		Action:      runHookUpdate,
+	}
+	subcmdHookPostReceive = cli.Command{
+		Name:        "post-receive",
+		Usage:       "Delegate post-receive Git hook",
+		Description: "This command should only be called by Git",
+		Action:      runHookPostReceive,
+	}
+)
+
+func runHookPreReceive(c *cli.Context) error {
+	if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
+		return nil
+	}
+	setup(c, "hooks/pre-receive.log", true)
+
+	isWiki := strings.Contains(os.Getenv(http.ENV_REPO_CUSTOM_HOOKS_PATH), ".wiki.git/")
+
+	buf := bytes.NewBuffer(nil)
+	scanner := bufio.NewScanner(os.Stdin)
+	for scanner.Scan() {
+		buf.Write(scanner.Bytes())
+		buf.WriteByte('\n')
+
+		if isWiki {
+			continue
+		}
+
+		fields := bytes.Fields(scanner.Bytes())
+		if len(fields) != 3 {
+			continue
+		}
+		oldCommitID := string(fields[0])
+		newCommitID := string(fields[1])
+		branchName := strings.TrimPrefix(string(fields[2]), git.BRANCH_PREFIX)
+
+		// Branch protection
+		repoID := com.StrTo(os.Getenv(http.ENV_REPO_ID)).MustInt64()
+		protectBranch, err := models.GetProtectBranchOfRepoByName(repoID, branchName)
+		if err != nil {
+			if models.IsErrBranchNotExist(err) {
+				continue
+			}
+			fail("Internal error", "GetProtectBranchOfRepoByName [repo_id: %d, branch: %s]: %v", repoID, branchName, err)
+		}
+		if !protectBranch.Protected {
+			continue
+		}
+
+		// Whitelist users can bypass require pull request check
+		bypassRequirePullRequest := false
+
+		// Check if user is in whitelist when enabled
+		userID := com.StrTo(os.Getenv(http.ENV_AUTH_USER_ID)).MustInt64()
+		if protectBranch.EnableWhitelist {
+			if !models.IsUserInProtectBranchWhitelist(repoID, userID, branchName) {
+				fail(fmt.Sprintf("Branch '%s' is protected and you are not in the push whitelist", branchName), "")
+			}
+
+			bypassRequirePullRequest = true
+		}
+
+		// Check if branch allows direct push
+		if !bypassRequirePullRequest && protectBranch.RequirePullRequest {
+			fail(fmt.Sprintf("Branch '%s' is protected and commits must be merged through pull request", branchName), "")
+		}
+
+		// check and deletion
+		if newCommitID == git.EMPTY_SHA {
+			fail(fmt.Sprintf("Branch '%s' is protected from deletion", branchName), "")
+		}
+
+		// Check force push
+		output, err := git.NewCommand("rev-list", oldCommitID, "^"+newCommitID).
+			RunInDir(models.RepoPath(os.Getenv(http.ENV_REPO_OWNER_NAME), os.Getenv(http.ENV_REPO_NAME)))
+		if err != nil {
+			fail("Internal error", "Fail to detect force push: %v", err)
+		} else if len(output) > 0 {
+			fail(fmt.Sprintf("Branch '%s' is protected from force push", branchName), "")
+		}
+	}
+
+	customHooksPath := filepath.Join(os.Getenv(http.ENV_REPO_CUSTOM_HOOKS_PATH), "pre-receive")
+	if !com.IsFile(customHooksPath) {
+		return nil
+	}
+
+	hookCmd := exec.Command(customHooksPath)
+	hookCmd.Dir = models.RepoPath(os.Getenv(http.ENV_REPO_OWNER_NAME), os.Getenv(http.ENV_REPO_NAME))
+	hookCmd.Stdout = os.Stdout
+	hookCmd.Stdin = buf
+	hookCmd.Stderr = os.Stderr
+	if err := hookCmd.Run(); err != nil {
+		fail("Internal error", "Fail to execute custom pre-receive hook: %v", err)
+	}
+	return nil
+}
+
+func runHookUpdate(c *cli.Context) error {
+	if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
+		return nil
+	}
+	setup(c, "hooks/update.log", false)
+
+	args := c.Args()
+	if len(args) != 3 {
+		fail("Arguments received are not equal to three", "Arguments received are not equal to three")
+	} else if len(args[0]) == 0 {
+		fail("First argument 'refName' is empty", "First argument 'refName' is empty")
+	}
+
+	customHooksPath := filepath.Join(os.Getenv(http.ENV_REPO_CUSTOM_HOOKS_PATH), "update")
+	if !com.IsFile(customHooksPath) {
+		return nil
+	}
+
+	hookCmd := exec.Command(customHooksPath, args...)
+	hookCmd.Dir = models.RepoPath(os.Getenv(http.ENV_REPO_OWNER_NAME), os.Getenv(http.ENV_REPO_NAME))
+	hookCmd.Stdout = os.Stdout
+	hookCmd.Stdin = os.Stdin
+	hookCmd.Stderr = os.Stderr
+	if err := hookCmd.Run(); err != nil {
+		fail("Internal error", "Fail to execute custom pre-receive hook: %v", err)
+	}
+	return nil
+}
+
+func runHookPostReceive(c *cli.Context) error {
+	if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
+		return nil
+	}
+	setup(c, "hooks/post-receive.log", true)
+
+	isWiki := strings.Contains(os.Getenv(http.ENV_REPO_CUSTOM_HOOKS_PATH), ".wiki.git/")
+
+	buf := bytes.NewBuffer(nil)
+	scanner := bufio.NewScanner(os.Stdin)
+	for scanner.Scan() {
+		buf.Write(scanner.Bytes())
+		buf.WriteByte('\n')
+
+		// TODO: support news feeds for wiki
+		if isWiki {
+			continue
+		}
+
+		fields := bytes.Fields(scanner.Bytes())
+		if len(fields) != 3 {
+			continue
+		}
+
+		options := models.PushUpdateOptions{
+			OldCommitID:  string(fields[0]),
+			NewCommitID:  string(fields[1]),
+			RefFullName:  string(fields[2]),
+			PusherID:     com.StrTo(os.Getenv(http.ENV_AUTH_USER_ID)).MustInt64(),
+			PusherName:   os.Getenv(http.ENV_AUTH_USER_NAME),
+			RepoUserName: os.Getenv(http.ENV_REPO_OWNER_NAME),
+			RepoName:     os.Getenv(http.ENV_REPO_NAME),
+		}
+		if err := models.PushUpdate(options); err != nil {
+			log.Error(2, "PushUpdate: %v", err)
+		}
+
+		// Ask for running deliver hook and test pull request tasks.
+		reqURL := setting.LocalURL + options.RepoUserName + "/" + options.RepoName + "/tasks/trigger?branch=" +
+			strings.TrimPrefix(options.RefFullName, git.BRANCH_PREFIX) +
+			"&secret=" + os.Getenv(http.ENV_REPO_OWNER_SALT_MD5) +
+			"&pusher=" + os.Getenv(http.ENV_AUTH_USER_ID)
+		log.Trace("Trigger task: %s", reqURL)
+
+		resp, err := httplib.Head(reqURL).SetTLSClientConfig(&tls.Config{
+			InsecureSkipVerify: true,
+		}).Response()
+		if err == nil {
+			resp.Body.Close()
+			if resp.StatusCode/100 != 2 {
+				log.Error(2, "Fail to trigger task: not 2xx response code")
+			}
+		} else {
+			log.Error(2, "Fail to trigger task: %v", err)
+		}
+	}
+
+	customHooksPath := filepath.Join(os.Getenv(http.ENV_REPO_CUSTOM_HOOKS_PATH), "post-receive")
+	if !com.IsFile(customHooksPath) {
+		return nil
+	}
+
+	hookCmd := exec.Command(customHooksPath)
+	hookCmd.Dir = models.RepoPath(os.Getenv(http.ENV_REPO_OWNER_NAME), os.Getenv(http.ENV_REPO_NAME))
+	hookCmd.Stdout = os.Stdout
+	hookCmd.Stdin = buf
+	hookCmd.Stderr = os.Stderr
+	if err := hookCmd.Run(); err != nil {
+		fail("Internal error", "Fail to execute custom post-receive hook: %v", err)
+	}
+	return nil
+}

cmd/import.go

@@ -0,0 +1,113 @@
+// Copyright 2016 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"bufio"
+	"bytes"
+	"fmt"
+	"os"
+	"path/filepath"
+	"time"
+
+	"github.com/Unknwon/com"
+	"github.com/urfave/cli"
+
+	"github.com/gogits/gogs/modules/setting"
+)
+
+var (
+	Import = cli.Command{
+		Name:  "import",
+		Usage: "Import portable data as local Gogs data",
+		Description: `Allow user import data from other Gogs installations to local instance
+without manually hacking the data files`,
+		Subcommands: []cli.Command{
+			subcmdImportLocale,
+		},
+	}
+
+	subcmdImportLocale = cli.Command{
+		Name:   "locale",
+		Usage:  "Import locale files to local repository",
+		Action: runImportLocale,
+		Flags: []cli.Flag{
+			stringFlag("source", "", "Source directory that stores new locale files"),
+			stringFlag("target", "", "Target directory that stores old locale files"),
+			stringFlag("config, c", "custom/conf/app.ini", "Custom configuration file path"),
+		},
+	}
+)
+
+func runImportLocale(c *cli.Context) error {
+	if !c.IsSet("source") {
+		return fmt.Errorf("Source directory is not specified")
+	} else if !c.IsSet("target") {
+		return fmt.Errorf("Target directory is not specified")
+	}
+	if !com.IsDir(c.String("source")) {
+		return fmt.Errorf("Source directory does not exist or is not a directory")
+	} else if !com.IsDir(c.String("target")) {
+		return fmt.Errorf("Target directory does not exist or is not a directory")
+	}
+
+	if c.IsSet("config") {
+		setting.CustomConf = c.String("config")
+	}
+
+	setting.NewContext()
+
+	now := time.Now()
+
+	line := make([]byte, 0, 100)
+	badChars := []byte(`="`)
+	escapedQuotes := []byte(`\"`)
+	regularQuotes := []byte(`"`)
+	// Cut out en-US.
+	for _, lang := range setting.Langs[1:] {
+		name := fmt.Sprintf("locale_%s.ini", lang)
+		source := filepath.Join(c.String("source"), name)
+		target := filepath.Join(c.String("target"), name)
+		if !com.IsFile(source) {
+			continue
+		}
+
+		// Crowdin surrounds double quotes for strings contain quotes inside,
+		// this breaks INI parser, we need to fix that.
+		sr, err := os.Open(source)
+		if err != nil {
+			return fmt.Errorf("Open: %v", err)
+		}
+
+		tw, err := os.Create(target)
+		if err != nil {
+			if err != nil {
+				return fmt.Errorf("Open: %v", err)
+			}
+		}
+
+		scanner := bufio.NewScanner(sr)
+		for scanner.Scan() {
+			line = scanner.Bytes()
+			idx := bytes.Index(line, badChars)
+			if idx > -1 && line[len(line)-1] == '"' {
+				// We still want the "=" sign
+				line = append(line[:idx+1], line[idx+2:len(line)-1]...)
+				line = bytes.Replace(line, escapedQuotes, regularQuotes, -1)
+			}
+			tw.Write(line)
+			tw.WriteString("\n")
+		}
+		sr.Close()
+		tw.Close()
+
+		// Modification time of files from Crowdin often ahead of current,
+		// so we need to set back to current.
+		os.Chtimes(target, now, now)
+	}
+
+	fmt.Println("Locale files has been successfully imported!")
+	return nil
+}

cmd/restore.go

@@ -0,0 +1,129 @@
+// Copyright 2017 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"os"
+	"path"
+
+	"github.com/Unknwon/cae/zip"
+	"github.com/Unknwon/com"
+	"github.com/mcuadros/go-version"
+	"github.com/urfave/cli"
+	log "gopkg.in/clog.v1"
+	"gopkg.in/ini.v1"
+
+	"github.com/gogits/gogs/models"
+	"github.com/gogits/gogs/modules/setting"
+)
+
+var Restore = cli.Command{
+	Name:  "restore",
+	Usage: "Restore files and database from backup",
+	Description: `Restore imports all related files and database from a backup archive.
+The backup version must lower or equal to current Gogs version. You can also import
+backup from other database engines, which is useful for database migrating. 
+
+If corresponding files or database tables are not presented in the archive, they will 
+be skipped and remian unchanged.`,
+	Action: runRestore,
+	Flags: []cli.Flag{
+		stringFlag("config, c", "custom/conf/app.ini", "Custom configuration file path"),
+		boolFlag("verbose, v", "Show process details"),
+		stringFlag("tempdir, t", os.TempDir(), "Temporary directory path"),
+		stringFlag("from", "", "Path to backup archive"),
+		boolFlag("database-only", "Only import database"),
+		boolFlag("exclude-repos", "Exclude repositories"),
+	},
+}
+
+func runRestore(c *cli.Context) error {
+	zip.Verbose = c.Bool("verbose")
+
+	tmpDir := c.String("tempdir")
+	if !com.IsExist(tmpDir) {
+		log.Fatal(0, "'--tempdir' does not exist: %s", tmpDir)
+	}
+
+	log.Info("Restore backup from: %s", c.String("from"))
+	if err := zip.ExtractTo(c.String("from"), tmpDir); err != nil {
+		log.Fatal(0, "Fail to extract backup archive: %v", err)
+	}
+	archivePath := path.Join(tmpDir, _ARCHIVE_ROOT_DIR)
+
+	// Check backup version
+	metaFile := path.Join(archivePath, "metadata.ini")
+	if !com.IsExist(metaFile) {
+		log.Fatal(0, "File 'metadata.ini' is missing")
+	}
+	metadata, err := ini.Load(metaFile)
+	if err != nil {
+		log.Fatal(0, "Fail to load metadata '%s': %v", metaFile, err)
+	}
+	backupVersion := metadata.Section("").Key("GOGS_VERSION").MustString("999.0")
+	if version.Compare(setting.AppVer, backupVersion, "<") {
+		log.Fatal(0, "Current Gogs version is lower than backup version: %s < %s", setting.AppVer, backupVersion)
+	}
+
+	// If config file is not present in backup, user must set this file via flag.
+	// Otherwise, it's optional to set config file flag.
+	configFile := path.Join(archivePath, "custom/conf/app.ini")
+	if c.IsSet("config") {
+		setting.CustomConf = c.String("config")
+	} else if !com.IsExist(configFile) {
+		log.Fatal(0, "'--config' is not specified and custom config file is not found in backup")
+	} else {
+		setting.CustomConf = configFile
+	}
+	setting.NewContext()
+	models.LoadConfigs()
+	models.SetEngine()
+
+	// Database
+	dbDir := path.Join(archivePath, "db")
+	if err = models.ImportDatabase(dbDir); err != nil {
+		log.Fatal(0, "Fail to import database: %v", err)
+	}
+
+	// Custom files
+	if !c.Bool("database-only") {
+		if com.IsExist(setting.CustomPath) {
+			if err = os.Rename(setting.CustomPath, setting.CustomPath+".bak"); err != nil {
+				log.Fatal(0, "Fail to backup current 'custom': %v", err)
+			}
+		}
+		if err = os.Rename(path.Join(archivePath, "custom"), setting.CustomPath); err != nil {
+			log.Fatal(0, "Fail to import 'custom': %v", err)
+		}
+	}
+
+	// Data files
+	if !c.Bool("database-only") {
+		for _, dir := range []string{"attachments", "avatars"} {
+			dirPath := path.Join(setting.AppDataPath, dir)
+			if com.IsExist(dirPath) {
+				if err = os.Rename(dirPath, dirPath+".bak"); err != nil {
+					log.Fatal(0, "Fail to backup current 'data': %v", err)
+				}
+			}
+			if err = os.Rename(path.Join(archivePath, "data", dir), dirPath); err != nil {
+				log.Fatal(0, "Fail to import 'data': %v", err)
+			}
+		}
+	}
+
+	// Repositories
+	reposPath := path.Join(archivePath, "repositories.zip")
+	if !c.Bool("exclude-repos") && !c.Bool("database-only") && com.IsExist(reposPath) {
+		if err := zip.ExtractTo(reposPath, path.Dir(setting.RepoRootPath)); err != nil {
+			log.Fatal(0, "Fail to extract 'repositories.zip': %v", err)
+		}
+	}
+
+	os.RemoveAll(path.Join(tmpDir, _ARCHIVE_ROOT_DIR))
+	log.Info("Restore succeed!")
+	log.Shutdown()
+	return nil
+}

cmd/serv.go

@@ -0,0 +1,273 @@
+// Copyright 2014 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"fmt"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"strings"
+	"time"
+
+	"github.com/Unknwon/com"
+	"github.com/urfave/cli"
+	log "gopkg.in/clog.v1"
+
+	"github.com/gogits/gogs/models"
+	"github.com/gogits/gogs/models/errors"
+	"github.com/gogits/gogs/modules/setting"
+	http "github.com/gogits/gogs/routers/repo"
+)
+
+const (
+	_ACCESS_DENIED_MESSAGE = "Repository does not exist or you do not have access"
+)
+
+var Serv = cli.Command{
+	Name:        "serv",
+	Usage:       "This command should only be called by SSH shell",
+	Description: `Serv provide access auth for repositories`,
+	Action:      runServ,
+	Flags: []cli.Flag{
+		stringFlag("config, c", "custom/conf/app.ini", "Custom configuration file path"),
+	},
+}
+
+func fail(userMessage, logMessage string, args ...interface{}) {
+	fmt.Fprintln(os.Stderr, "Gogs:", userMessage)
+
+	if len(logMessage) > 0 {
+		if !setting.ProdMode {
+			fmt.Fprintf(os.Stderr, logMessage+"\n", args...)
+		}
+		log.Fatal(3, logMessage, args...)
+	}
+
+	os.Exit(1)
+}
+
+func setup(c *cli.Context, logPath string, connectDB bool) {
+	if c.IsSet("config") {
+		setting.CustomConf = c.String("config")
+	} else if c.GlobalIsSet("config") {
+		setting.CustomConf = c.GlobalString("config")
+	}
+
+	setting.NewContext()
+
+	level := log.TRACE
+	if setting.ProdMode {
+		level = log.ERROR
+	}
+	log.New(log.FILE, log.FileConfig{
+		Level:    level,
+		Filename: filepath.Join(setting.LogRootPath, logPath),
+		FileRotationConfig: log.FileRotationConfig{
+			Rotate:  true,
+			Daily:   true,
+			MaxDays: 3,
+		},
+	})
+	log.Delete(log.CONSOLE) // Remove primary logger
+
+	if !connectDB {
+		return
+	}
+
+	models.LoadConfigs()
+
+	if setting.UseSQLite3 {
+		workDir, _ := setting.WorkDir()
+		os.Chdir(workDir)
+	}
+
+	if err := models.SetEngine(); err != nil {
+		fail("Internal error", "SetEngine: %v", err)
+	}
+}
+
+func parseSSHCmd(cmd string) (string, string) {
+	ss := strings.SplitN(cmd, " ", 2)
+	if len(ss) != 2 {
+		return "", ""
+	}
+	return ss[0], strings.Replace(ss[1], "'/", "'", 1)
+}
+
+func checkDeployKey(key *models.PublicKey, repo *models.Repository) {
+	// Check if this deploy key belongs to current repository.
+	if !models.HasDeployKey(key.ID, repo.ID) {
+		fail("Key access denied", "Deploy key access denied: [key_id: %d, repo_id: %d]", key.ID, repo.ID)
+	}
+
+	// Update deploy key activity.
+	deployKey, err := models.GetDeployKeyByRepo(key.ID, repo.ID)
+	if err != nil {
+		fail("Internal error", "GetDeployKey: %v", err)
+	}
+
+	deployKey.Updated = time.Now()
+	if err = models.UpdateDeployKey(deployKey); err != nil {
+		fail("Internal error", "UpdateDeployKey: %v", err)
+	}
+}
+
+var (
+	allowedCommands = map[string]models.AccessMode{
+		"git-upload-pack":    models.ACCESS_MODE_READ,
+		"git-upload-archive": models.ACCESS_MODE_READ,
+		"git-receive-pack":   models.ACCESS_MODE_WRITE,
+	}
+)
+
+func runServ(c *cli.Context) error {
+	setup(c, "serv.log", true)
+
+	if setting.SSH.Disabled {
+		println("Gogs: SSH has been disabled")
+		return nil
+	}
+
+	if len(c.Args()) < 1 {
+		fail("Not enough arguments", "Not enough arguments")
+	}
+
+	sshCmd := os.Getenv("SSH_ORIGINAL_COMMAND")
+	if len(sshCmd) == 0 {
+		println("Hi there, You've successfully authenticated, but Gogs does not provide shell access.")
+		println("If this is unexpected, please log in with password and setup Gogs under another user.")
+		return nil
+	}
+
+	verb, args := parseSSHCmd(sshCmd)
+	repoFullName := strings.ToLower(strings.Trim(args, "'"))
+	repoFields := strings.SplitN(repoFullName, "/", 2)
+	if len(repoFields) != 2 {
+		fail("Invalid repository path", "Invalid repository path: %v", args)
+	}
+	ownerName := strings.ToLower(repoFields[0])
+	repoName := strings.TrimSuffix(strings.ToLower(repoFields[1]), ".git")
+	repoName = strings.TrimSuffix(repoName, ".wiki")
+
+	owner, err := models.GetUserByName(ownerName)
+	if err != nil {
+		if errors.IsUserNotExist(err) {
+			fail("Repository owner does not exist", "Unregistered owner: %s", ownerName)
+		}
+		fail("Internal error", "Fail to get repository owner '%s': %v", ownerName, err)
+	}
+
+	repo, err := models.GetRepositoryByName(owner.ID, repoName)
+	if err != nil {
+		if errors.IsRepoNotExist(err) {
+			fail(_ACCESS_DENIED_MESSAGE, "Repository does not exist: %s/%s", owner.Name, repoName)
+		}
+		fail("Internal error", "Fail to get repository: %v", err)
+	}
+	repo.Owner = owner
+
+	requestMode, ok := allowedCommands[verb]
+	if !ok {
+		fail("Unknown git command", "Unknown git command '%s'", verb)
+	}
+
+	// Prohibit push to mirror repositories.
+	if requestMode > models.ACCESS_MODE_READ && repo.IsMirror {
+		fail("Mirror repository is read-only", "")
+	}
+
+	// Allow anonymous (user is nil) clone for public repositories.
+	var user *models.User
+
+	key, err := models.GetPublicKeyByID(com.StrTo(strings.TrimPrefix(c.Args()[0], "key-")).MustInt64())
+	if err != nil {
+		fail("Invalid key ID", "Invalid key ID '%s': %v", c.Args()[0], err)
+	}
+
+	if requestMode == models.ACCESS_MODE_WRITE || repo.IsPrivate {
+		// Check deploy key or user key.
+		if key.IsDeployKey() {
+			if key.Mode < requestMode {
+				fail("Key permission denied", "Cannot push with deployment key: %d", key.ID)
+			}
+			checkDeployKey(key, repo)
+		} else {
+			user, err = models.GetUserByKeyID(key.ID)
+			if err != nil {
+				fail("Internal error", "Fail to get user by key ID '%d': %v", key.ID, err)
+			}
+
+			mode, err := models.AccessLevel(user.ID, repo)
+			if err != nil {
+				fail("Internal error", "Fail to check access: %v", err)
+			}
+
+			if mode < requestMode {
+				clientMessage := _ACCESS_DENIED_MESSAGE
+				if mode >= models.ACCESS_MODE_READ {
+					clientMessage = "You do not have sufficient authorization for this action"
+				}
+				fail(clientMessage,
+					"User '%s' does not have level '%v' access to repository '%s'",
+					user.Name, requestMode, repoFullName)
+			}
+		}
+	} else {
+		setting.NewService()
+		// Check if the key can access to the repository in case of it is a deploy key (a deploy keys != user key).
+		// A deploy key doesn't represent a signed in user, so in a site with Service.RequireSignInView activated
+		// we should give read access only in repositories where this deploy key is in use. In other case, a server
+		// or system using an active deploy key can get read access to all the repositories in a Gogs service.
+		if key.IsDeployKey() && setting.Service.RequireSignInView {
+			checkDeployKey(key, repo)
+		}
+	}
+
+	// Update user key activity.
+	if key.ID > 0 {
+		key, err := models.GetPublicKeyByID(key.ID)
+		if err != nil {
+			fail("Internal error", "GetPublicKeyByID: %v", err)
+		}
+
+		key.Updated = time.Now()
+		if err = models.UpdatePublicKey(key); err != nil {
+			fail("Internal error", "UpdatePublicKey: %v", err)
+		}
+	}
+
+	// Special handle for Windows.
+	if setting.IsWindows {
+		verb = strings.Replace(verb, "-", " ", 1)
+	}
+
+	var gitCmd *exec.Cmd
+	verbs := strings.Split(verb, " ")
+	if len(verbs) == 2 {
+		gitCmd = exec.Command(verbs[0], verbs[1], repoFullName)
+	} else {
+		gitCmd = exec.Command(verb, repoFullName)
+	}
+	if requestMode == models.ACCESS_MODE_WRITE {
+		gitCmd.Env = append(os.Environ(), http.ComposeHookEnvs(http.ComposeHookEnvsOptions{
+			AuthUser:  user,
+			OwnerName: owner.Name,
+			OwnerSalt: owner.Salt,
+			RepoID:    repo.ID,
+			RepoName:  repo.Name,
+			RepoPath:  repo.RepoPath(),
+		})...)
+	}
+	gitCmd.Dir = setting.RepoRootPath
+	gitCmd.Stdout = os.Stdout
+	gitCmd.Stdin = os.Stdin
+	gitCmd.Stderr = os.Stderr
+	if err = gitCmd.Run(); err != nil {
+		fail("Internal error", "Fail to execute git command: %v", err)
+	}
+
+	return nil
+}

cmd/serve.go

@@ -1,239 +0,0 @@
-// Copyright 2014 The Gogs Authors. All rights reserved.
-// Use of this source code is governed by a MIT-style
-// license that can be found in the LICENSE file.
-
-package cmd
-
-import (
-	"fmt"
-	"os"
-	"os/exec"
-	"path/filepath"
-	"strings"
-	"time"
-
-	"github.com/Unknwon/com"
-	"github.com/codegangsta/cli"
-
-	"github.com/gogits/gogs/models"
-	"github.com/gogits/gogs/modules/httplib"
-	"github.com/gogits/gogs/modules/log"
-	"github.com/gogits/gogs/modules/setting"
-	"github.com/gogits/gogs/modules/uuid"
-)
-
-const (
-	_ACCESS_DENIED_MESSAGE = "Repository does not exist or you do not have access"
-)
-
-var CmdServ = cli.Command{
-	Name:        "serv",
-	Usage:       "This command should only be called by SSH shell",
-	Description: `Serv provide access auth for repositories`,
-	Action:      runServ,
-	Flags: []cli.Flag{
-		cli.StringFlag{"config, c", "custom/conf/app.ini", "Custom configuration file path", ""},
-	},
-}
-
-func setup(logPath string) {
-	setting.NewConfigContext()
-	log.NewGitLogger(filepath.Join(setting.LogRootPath, logPath))
-
-	if setting.DisableSSH {
-		println("Gogs: SSH has been disabled")
-		os.Exit(1)
-	}
-
-	models.LoadModelsConfig()
-
-	if setting.UseSQLite3 {
-		workDir, _ := setting.WorkDir()
-		os.Chdir(workDir)
-	}
-
-	models.SetEngine()
-}
-
-func parseCmd(cmd string) (string, string) {
-	ss := strings.SplitN(cmd, " ", 2)
-	if len(ss) != 2 {
-		return "", ""
-	}
-	return ss[0], strings.Replace(ss[1], "'/", "'", 1)
-}
-
-var (
-	COMMANDS = map[string]models.AccessMode{
-		"git-upload-pack":    models.ACCESS_MODE_READ,
-		"git-upload-archive": models.ACCESS_MODE_READ,
-		"git-receive-pack":   models.ACCESS_MODE_WRITE,
-	}
-)
-
-func fail(userMessage, logMessage string, args ...interface{}) {
-	fmt.Fprintln(os.Stderr, "Gogs:", userMessage)
-	log.GitLogger.Fatal(3, logMessage, args...)
-}
-
-func runServ(c *cli.Context) {
-	if c.IsSet("config") {
-		setting.CustomConf = c.String("config")
-	}
-	setup("serv.log")
-
-	if len(c.Args()) < 1 {
-		fail("Not enough arguments", "Not enough arguments")
-	}
-
-	cmd := os.Getenv("SSH_ORIGINAL_COMMAND")
-	if len(cmd) == 0 {
-		println("Hi there, You've successfully authenticated, but Gogs does not provide shell access.")
-		println("If this is unexpected, please log in with password and setup Gogs under another user.")
-		return
-	}
-
-	verb, args := parseCmd(cmd)
-	repoPath := strings.Trim(args, "'")
-	rr := strings.SplitN(repoPath, "/", 2)
-	if len(rr) != 2 {
-		fail("Invalid repository path", "Invalid repository path: %v", args)
-	}
-	repoUserName := rr[0]
-	repoName := strings.TrimSuffix(rr[1], ".git")
-
-	repoUser, err := models.GetUserByName(repoUserName)
-	if err != nil {
-		if models.IsErrUserNotExist(err) {
-			fail("Repository owner does not exist", "Unregistered owner: %s", repoUserName)
-		}
-		fail("Internal error", "Failed to get repository owner(%s): %v", repoUserName, err)
-	}
-
-	repo, err := models.GetRepositoryByName(repoUser.Id, repoName)
-	if err != nil {
-		if models.IsErrRepoNotExist(err) {
-			fail(_ACCESS_DENIED_MESSAGE, "Repository does not exist: %s/%s", repoUser.Name, repoName)
-		}
-		fail("Internal error", "Failed to get repository: %v", err)
-	}
-
-	requestedMode, has := COMMANDS[verb]
-	if !has {
-		fail("Unknown git command", "Unknown git command %s", verb)
-	}
-
-	// Allow anonymous clone for public repositories.
-	var (
-		keyID int64
-		user  *models.User
-	)
-	if requestedMode == models.ACCESS_MODE_WRITE || repo.IsPrivate {
-		keys := strings.Split(c.Args()[0], "-")
-		if len(keys) != 2 {
-			fail("Key ID format error", "Invalid key ID: %s", c.Args()[0])
-		}
-
-		key, err := models.GetPublicKeyByID(com.StrTo(keys[1]).MustInt64())
-		if err != nil {
-			fail("Key ID format error", "Invalid key ID[%s]: %v", c.Args()[0], err)
-		}
-		keyID = key.ID
-
-		// Check deploy key or user key.
-		if key.Type == models.KEY_TYPE_DEPLOY {
-			if key.Mode < requestedMode {
-				fail("Key permission denied", "Cannot push with deployment key: %d", key.ID)
-			}
-			// Check if this deploy key belongs to current repository.
-			if !models.HasDeployKey(key.ID, repo.ID) {
-				fail("Key access denied", "Key access denied: %d-%d", key.ID, repo.ID)
-			}
-
-			// Update deploy key activity.
-			deployKey, err := models.GetDeployKeyByRepo(key.ID, repo.ID)
-			if err != nil {
-				fail("Internal error", "GetDeployKey: %v", err)
-			}
-
-			deployKey.Updated = time.Now()
-			if err = models.UpdateDeployKey(deployKey); err != nil {
-				fail("Internal error", "UpdateDeployKey: %v", err)
-			}
-		} else {
-			user, err = models.GetUserByKeyId(key.ID)
-			if err != nil {
-				fail("internal error", "Failed to get user by key ID(%d): %v", keyID, err)
-			}
-
-			mode, err := models.AccessLevel(user, repo)
-			if err != nil {
-				fail("Internal error", "Fail to check access: %v", err)
-			} else if mode < requestedMode {
-				clientMessage := _ACCESS_DENIED_MESSAGE
-				if mode >= models.ACCESS_MODE_READ {
-					clientMessage = "You do not have sufficient authorization for this action"
-				}
-				fail(clientMessage,
-					"User %s does not have level %v access to repository %s",
-					user.Name, requestedMode, repoPath)
-			}
-		}
-	}
-
-	uuid := uuid.NewV4().String()
-	os.Setenv("uuid", uuid)
-
-	var gitcmd *exec.Cmd
-	verbs := strings.Split(verb, " ")
-	if len(verbs) == 2 {
-		gitcmd = exec.Command(verbs[0], verbs[1], repoPath)
-	} else {
-		gitcmd = exec.Command(verb, repoPath)
-	}
-	gitcmd.Dir = setting.RepoRootPath
-	gitcmd.Stdout = os.Stdout
-	gitcmd.Stdin = os.Stdin
-	gitcmd.Stderr = os.Stderr
-	if err = gitcmd.Run(); err != nil {
-		fail("Internal error", "Failed to execute git command: %v", err)
-	}
-
-	if requestedMode == models.ACCESS_MODE_WRITE {
-		tasks, err := models.GetUpdateTasksByUuid(uuid)
-		if err != nil {
-			log.GitLogger.Fatal(2, "GetUpdateTasksByUuid: %v", err)
-		}
-
-		for _, task := range tasks {
-			err = models.Update(task.RefName, task.OldCommitId, task.NewCommitId,
-				user.Name, repoUserName, repoName, user.Id)
-			if err != nil {
-				log.GitLogger.Error(2, "Failed to update: %v", err)
-			}
-		}
-
-		if err = models.DelUpdateTasksByUuid(uuid); err != nil {
-			log.GitLogger.Fatal(2, "DelUpdateTasksByUuid: %v", err)
-		}
-	}
-
-	// Send deliver hook request.
-	resp, err := httplib.Head(setting.AppUrl + setting.AppSubUrl + repoUserName + "/" + repoName + "/hooks/trigger").Response()
-	if err == nil {
-		resp.Body.Close()
-	}
-
-	// Update user key activity.
-	if keyID > 0 {
-		key, err := models.GetPublicKeyByID(keyID)
-		if err != nil {
-			fail("Internal error", "GetPublicKeyById: %v", err)
-		}
-
-		key.Updated = time.Now()
-		if err = models.UpdatePublicKey(key); err != nil {
-			fail("Internal error", "UpdatePublicKey: %v", err)
-		}
-	}
-}

cmd/update.go

@@ -1,57 +0,0 @@
-// Copyright 2014 The Gogs Authors. All rights reserved.
-// Use of this source code is governed by a MIT-style
-// license that can be found in the LICENSE file.
-
-package cmd
-
-import (
-	"os"
-
-	"github.com/codegangsta/cli"
-
-	"github.com/gogits/gogs/models"
-	"github.com/gogits/gogs/modules/log"
-	"github.com/gogits/gogs/modules/setting"
-)
-
-var CmdUpdate = cli.Command{
-	Name:        "update",
-	Usage:       "This command should only be called by SSH shell",
-	Description: `Update get pushed info and insert into database`,
-	Action:      runUpdate,
-	Flags: []cli.Flag{
-		cli.StringFlag{"config, c", "custom/conf/app.ini", "Custom configuration file path", ""},
-	},
-}
-
-func runUpdate(c *cli.Context) {
-	if c.IsSet("config") {
-		setting.CustomConf = c.String("config")
-	}
-	cmd := os.Getenv("SSH_ORIGINAL_COMMAND")
-	if cmd == "" {
-		return
-	}
-
-	setup("update.log")
-
-	args := c.Args()
-	if len(args) != 3 {
-		log.GitLogger.Fatal(2, "received less 3 parameters")
-	} else if args[0] == "" {
-		log.GitLogger.Fatal(2, "refName is empty, shouldn't use")
-	}
-
-	uuid := os.Getenv("uuid")
-
-	task := models.UpdateTask{
-		Uuid:        uuid,
-		RefName:     args[0],
-		OldCommitId: args[1],
-		NewCommitId: args[2],
-	}
-
-	if err := models.AddUpdateTask(&task); err != nil {
-		log.GitLogger.Fatal(2, err.Error())
-	}
-}

cmd/web.go

@@ -7,91 +7,69 @@ package cmd
 import (
 	"crypto/tls"
 	"fmt"
-	"html/template"
 	"io/ioutil"
+	"net"
 	"net/http"
 	"net/http/fcgi"
 	"os"
 	"path"
 	"strings"
 
-	"github.com/Unknwon/macaron"
-	"github.com/codegangsta/cli"
-	"github.com/go-xorm/xorm"
-	"github.com/macaron-contrib/binding"
-	"github.com/macaron-contrib/cache"
-	"github.com/macaron-contrib/captcha"
-	"github.com/macaron-contrib/csrf"
-	"github.com/macaron-contrib/i18n"
-	"github.com/macaron-contrib/oauth2"
-	"github.com/macaron-contrib/session"
-	"github.com/macaron-contrib/toolbox"
+	"github.com/Unknwon/com"
+	"github.com/go-macaron/binding"
+	"github.com/go-macaron/cache"
+	"github.com/go-macaron/captcha"
+	"github.com/go-macaron/csrf"
+	"github.com/go-macaron/gzip"
+	"github.com/go-macaron/i18n"
+	"github.com/go-macaron/session"
+	"github.com/go-macaron/toolbox"
 	"github.com/mcuadros/go-version"
-	"gopkg.in/ini.v1"
-
-	api "github.com/gogits/go-gogs-client"
+	"github.com/urfave/cli"
+	log "gopkg.in/clog.v1"
+	"gopkg.in/macaron.v1"
 
 	"github.com/gogits/gogs/models"
-	"github.com/gogits/gogs/modules/auth"
-	"github.com/gogits/gogs/modules/auth/apiv1"
-	"github.com/gogits/gogs/modules/avatar"
-	"github.com/gogits/gogs/modules/base"
 	"github.com/gogits/gogs/modules/bindata"
-	"github.com/gogits/gogs/modules/log"
-	"github.com/gogits/gogs/modules/middleware"
+	"github.com/gogits/gogs/modules/context"
+	"github.com/gogits/gogs/modules/form"
+	"github.com/gogits/gogs/modules/mailer"
 	"github.com/gogits/gogs/modules/setting"
+	"github.com/gogits/gogs/modules/template"
 	"github.com/gogits/gogs/routers"
 	"github.com/gogits/gogs/routers/admin"
-	"github.com/gogits/gogs/routers/api/v1"
+	apiv1 "github.com/gogits/gogs/routers/api/v1"
 	"github.com/gogits/gogs/routers/dev"
 	"github.com/gogits/gogs/routers/org"
 	"github.com/gogits/gogs/routers/repo"
 	"github.com/gogits/gogs/routers/user"
 )
 
-var CmdWeb = cli.Command{
+var Web = cli.Command{
 	Name:  "web",
-	Usage: "Start Gogs web server",
+	Usage: "Start web server",
 	Description: `Gogs web server is the only thing you need to run,
 and it takes care of all the other things for you`,
 	Action: runWeb,
 	Flags: []cli.Flag{
-		cli.StringFlag{"port, p", "3000", "Temporary port number to prevent conflict", ""},
-		cli.StringFlag{"config, c", "custom/conf/app.ini", "Custom configuration file path", ""},
+		stringFlag("port, p", "3000", "Temporary port number to prevent conflict"),
+		stringFlag("config, c", "custom/conf/app.ini", "Custom configuration file path"),
 	},
 }
 
-type VerChecker struct {
-	ImportPath string
-	Version    func() string
-	Expected   string
-}
-
 // checkVersion checks if binary matches the version of templates files.
 func checkVersion() {
 	// Templates.
 	data, err := ioutil.ReadFile(setting.StaticRootPath + "/templates/.VERSION")
 	if err != nil {
-		log.Fatal(4, "Fail to read 'templates/.VERSION': %v", err)
+		log.Fatal(2, "Fail to read 'templates/.VERSION': %v", err)
 	}
-	if string(data) != setting.AppVer {
-		log.Fatal(4, "Binary and template file version does not match, did you forget to recompile?")
-	}
-
-	// Check dependency version.
-	checkers := []VerChecker{
-		{"github.com/go-xorm/xorm", func() string { return xorm.Version }, "0.4.3.0806"},
-		{"github.com/Unknwon/macaron", macaron.Version, "0.5.4"},
-		{"github.com/macaron-contrib/binding", binding.Version, "0.1.0"},
-		{"github.com/macaron-contrib/cache", cache.Version, "0.1.2"},
-		{"github.com/macaron-contrib/csrf", csrf.Version, "0.0.3"},
-		{"github.com/macaron-contrib/i18n", i18n.Version, "0.0.7"},
-		{"github.com/macaron-contrib/session", session.Version, "0.1.6"},
-		{"gopkg.in/ini.v1", ini.Version, "1.3.4"},
-	}
-	for _, c := range checkers {
-		if !version.Compare(c.Version(), c.Expected, ">=") {
-			log.Fatal(4, "Package '%s' version is too old(%s -> %s), did you forget to update?", c.ImportPath, c.Version(), c.Expected)
+	tplVer := string(data)
+	if tplVer != setting.AppVer {
+		if version.Compare(tplVer, setting.AppVer, ">") {
+			log.Fatal(2, "Binary version is lower than template file version, did you forget to recompile Gogs?")
+		} else {
+			log.Fatal(2, "Binary version is higher than template file version, did you forget to update template files?")
 		}
 	}
 }
@@ -104,9 +82,9 @@ func newMacaron() *macaron.Macaron {
 	}
 	m.Use(macaron.Recovery())
 	if setting.EnableGzip {
-		m.Use(macaron.Gziper())
+		m.Use(gzip.Gziper())
 	}
-	if setting.Protocol == setting.FCGI {
+	if setting.Protocol == setting.SCHEME_FCGI {
 		m.SetURLPrefix(setting.AppSubUrl)
 	}
 	m.Use(macaron.Static(
@@ -122,11 +100,16 @@ func newMacaron() *macaron.Macaron {
 			SkipLogging: setting.DisableRouterLog,
 		},
 	))
+
+	funcMap := template.NewFuncMap()
 	m.Use(macaron.Renderer(macaron.RenderOptions{
-		Directory:  path.Join(setting.StaticRootPath, "templates"),
-		Funcs:      []template.FuncMap{base.TemplateFuncs},
-		IndentJSON: macaron.Env != macaron.PROD,
+		Directory:         path.Join(setting.StaticRootPath, "templates"),
+		AppendDirectories: []string{path.Join(setting.CustomPath, "templates")},
+		Funcs:             funcMap,
+		IndentJSON:        macaron.Env != macaron.PROD,
 	}))
+	mailer.InitMailRender(path.Join(setting.StaticRootPath, "templates/mail"),
+		path.Join(setting.CustomPath, "templates/mail"), funcMap)
 
 	localeNames, err := bindata.AssetDir("conf/locale")
 	if err != nil {
@@ -142,12 +125,13 @@ func newMacaron() *macaron.Macaron {
 		CustomDirectory: path.Join(setting.CustomPath, "conf/locale"),
 		Langs:           setting.Langs,
 		Names:           setting.Names,
+		DefaultLang:     "en-US",
 		Redirect:        true,
 	}))
 	m.Use(cache.Cacher(cache.Options{
 		Adapter:       setting.CacheAdapter,
 		AdapterConfig: setting.CacheConn,
-		Interval:      setting.CacheInternal,
+		Interval:      setting.CacheInterval,
 	}))
 	m.Use(captcha.Captchaer(captcha.Options{
 		SubURL: setting.AppSubUrl,
@@ -155,6 +139,7 @@ func newMacaron() *macaron.Macaron {
 	m.Use(session.Sessioner(setting.SessionConfig))
 	m.Use(csrf.Csrfer(csrf.Options{
 		Secret:     setting.SecretKey,
+		Cookie:     setting.CSRFCookieName,
 		SetCookie:  true,
 		Header:     "X-Csrf-Token",
 		CookiePath: setting.AppSubUrl,
@@ -167,18 +152,11 @@ func newMacaron() *macaron.Macaron {
 			},
 		},
 	}))
-
-	// OAuth 2.
-	if setting.OauthService != nil {
-		for _, info := range setting.OauthService.OauthInfos {
-			m.Use(oauth2.NewOAuth2Provider(info.Options, info.AuthUrl, info.TokenUrl))
-		}
-	}
-	m.Use(middleware.Contexter())
+	m.Use(context.Contexter())
 	return m
 }
 
-func runWeb(ctx *cli.Context) {
+func runWeb(ctx *cli.Context) error {
 	if ctx.IsSet("config") {
 		setting.CustomConf = ctx.String("config")
 	}
@@ -187,105 +165,71 @@ func runWeb(ctx *cli.Context) {
 
 	m := newMacaron()
 
-	reqSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: true})
-	ignSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: setting.Service.RequireSignInView})
-	ignSignInAndCsrf := middleware.Toggle(&middleware.ToggleOptions{DisableCsrf: true})
-	reqSignOut := middleware.Toggle(&middleware.ToggleOptions{SignOutRequire: true})
+	reqSignIn := context.Toggle(&context.ToggleOptions{SignInRequired: true})
+	ignSignIn := context.Toggle(&context.ToggleOptions{SignInRequired: setting.Service.RequireSignInView})
+	ignSignInAndCsrf := context.Toggle(&context.ToggleOptions{DisableCSRF: true})
+	reqSignOut := context.Toggle(&context.ToggleOptions{SignOutRequired: true})
 
-	bind := binding.Bind
 	bindIgnErr := binding.BindIgnErr
 
+	// FIXME: not all routes need go through same middlewares.
+	// Especially some AJAX requests, we can reduce middleware number to improve performance.
 	// Routers.
 	m.Get("/", ignSignIn, routers.Home)
-	m.Get("/explore", ignSignIn, routers.Explore)
-	m.Combo("/install", routers.InstallInit).Get(routers.Install).
-		Post(bindIgnErr(auth.InstallForm{}), routers.InstallPost)
-	m.Get("/:type(issues|pulls)", reqSignIn, user.Issues)
-
-	// ***** START: API *****
-	// FIXME: custom form error response.
-	m.Group("/api", func() {
-		m.Group("/v1", func() {
-			// Miscellaneous.
-			m.Post("/markdown", bindIgnErr(apiv1.MarkdownForm{}), v1.Markdown)
-			m.Post("/markdown/raw", v1.MarkdownRaw)
-
-			// Users.
-			m.Group("/users", func() {
-				m.Get("/search", v1.SearchUsers)
-
-				m.Group("/:username", func() {
-					m.Get("", v1.GetUserInfo)
-
-					m.Group("/tokens", func() {
-						m.Combo("").Get(v1.ListAccessTokens).
-							Post(bind(v1.CreateAccessTokenForm{}), v1.CreateAccessToken)
-					}, middleware.ApiReqBasicAuth())
-				})
-			})
-
-			// Repositories.
-			m.Combo("/user/repos", middleware.ApiReqToken()).Get(v1.ListMyRepos).
-				Post(bind(api.CreateRepoOption{}), v1.CreateRepo)
-			m.Post("/org/:org/repos", middleware.ApiReqToken(), bind(api.CreateRepoOption{}), v1.CreateOrgRepo)
-
-			m.Group("/repos", func() {
-				m.Get("/search", v1.SearchRepos)
-
-				m.Group("", func() {
-					m.Post("/migrate", bindIgnErr(auth.MigrateRepoForm{}), v1.MigrateRepo)
-				}, middleware.ApiReqToken())
-
-				m.Group("/:username/:reponame", func() {
-					m.Combo("/hooks").Get(v1.ListRepoHooks).
-						Post(bind(api.CreateHookOption{}), v1.CreateRepoHook)
-					m.Patch("/hooks/:id:int", bind(api.EditHookOption{}), v1.EditRepoHook)
-					m.Get("/raw/*", middleware.RepoRef(), v1.GetRepoRawFile)
-					m.Get("/archive/*", v1.GetRepoArchive)
-				}, middleware.ApiRepoAssignment(), middleware.ApiReqToken())
-			})
-
-			m.Any("/*", func(ctx *middleware.Context) {
-				ctx.HandleAPI(404, "Page not found")
-			})
+	m.Group("/explore", func() {
+		m.Get("", func(ctx *context.Context) {
+			ctx.Redirect(setting.AppSubUrl + "/explore/repos")
 		})
+		m.Get("/repos", routers.ExploreRepos)
+		m.Get("/users", routers.ExploreUsers)
+		m.Get("/organizations", routers.ExploreOrganizations)
 	}, ignSignIn)
-	// ***** END: API *****
+	m.Combo("/install", routers.InstallInit).Get(routers.Install).
+		Post(bindIgnErr(form.Install{}), routers.InstallPost)
+	m.Get("/^:type(issues|pulls)$", reqSignIn, user.Issues)
 
 	// ***** START: User *****
 	m.Group("/user", func() {
 		m.Get("/login", user.SignIn)
-		m.Post("/login", bindIgnErr(auth.SignInForm{}), user.SignInPost)
-		m.Get("/info/:name", user.SocialSignIn)
+		m.Post("/login", bindIgnErr(form.SignIn{}), user.SignInPost)
 		m.Get("/sign_up", user.SignUp)
-		m.Post("/sign_up", bindIgnErr(auth.RegisterForm{}), user.SignUpPost)
+		m.Post("/sign_up", bindIgnErr(form.Register{}), user.SignUpPost)
 		m.Get("/reset_password", user.ResetPasswd)
 		m.Post("/reset_password", user.ResetPasswdPost)
 	}, reqSignOut)
 
 	m.Group("/user/settings", func() {
 		m.Get("", user.Settings)
-		m.Post("", bindIgnErr(auth.UpdateProfileForm{}), user.SettingsPost)
-		m.Post("/avatar", binding.MultipartForm(auth.UploadAvatarForm{}), user.SettingsAvatar)
-		m.Get("/email", user.SettingsEmails)
-		m.Post("/email", bindIgnErr(auth.AddEmailForm{}), user.SettingsEmailPost)
+		m.Post("", bindIgnErr(form.UpdateProfile{}), user.SettingsPost)
+		m.Combo("/avatar").Get(user.SettingsAvatar).
+			Post(binding.MultipartForm(form.Avatar{}), user.SettingsAvatarPost)
+		m.Post("/avatar/delete", user.SettingsDeleteAvatar)
+		m.Combo("/email").Get(user.SettingsEmails).
+			Post(bindIgnErr(form.AddEmail{}), user.SettingsEmailPost)
+		m.Post("/email/delete", user.DeleteEmail)
 		m.Get("/password", user.SettingsPassword)
-		m.Post("/password", bindIgnErr(auth.ChangePasswordForm{}), user.SettingsPasswordPost)
+		m.Post("/password", bindIgnErr(form.ChangePassword{}), user.SettingsPasswordPost)
 		m.Combo("/ssh").Get(user.SettingsSSHKeys).
-			Post(bindIgnErr(auth.AddSSHKeyForm{}), user.SettingsSSHKeysPost)
+			Post(bindIgnErr(form.AddSSHKey{}), user.SettingsSSHKeysPost)
 		m.Post("/ssh/delete", user.DeleteSSHKey)
-		m.Get("/social", user.SettingsSocial)
 		m.Combo("/applications").Get(user.SettingsApplications).
-			Post(bindIgnErr(auth.NewAccessTokenForm{}), user.SettingsApplicationsPost)
+			Post(bindIgnErr(form.NewAccessToken{}), user.SettingsApplicationsPost)
 		m.Post("/applications/delete", user.SettingsDeleteApplication)
+
+		m.Group("/organizations", func() {
+			m.Get("", user.SettingsOrganizations)
+			m.Post("/leave", user.SettingsLeaveOrganization)
+		})
+		m.Group("/repositories", func() {
+			m.Get("", user.SettingsRepos)
+			m.Post("/leave", user.SettingsLeaveRepo)
+		})
 		m.Route("/delete", "GET,POST", user.SettingsDelete)
-	}, reqSignIn, func(ctx *middleware.Context) {
+	}, reqSignIn, func(ctx *context.Context) {
 		ctx.Data["PageIsUserSettings"] = true
-		ctx.Data["HasOAuthService"] = setting.OauthService != nil
 	})
 
 	m.Group("/user", func() {
-		// r.Get("/feeds", binding.Bind(auth.FeedsForm{}), user.Feeds)
 		m.Any("/activate", user.Activate)
 		m.Any("/activate_email", user.ActivateEmail)
 		m.Get("/email2user", user.Email2User)
@@ -295,25 +239,19 @@ func runWeb(ctx *cli.Context) {
 	})
 	// ***** END: User *****
 
-	// Gravatar service.
-	avt := avatar.CacheServer("public/img/avatar/", "public/img/avatar_default.jpg")
-	os.MkdirAll("public/img/avatar/", os.ModePerm)
-	m.Get("/avatar/:hash", avt.ServeHTTP)
-
-	adminReq := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: true, AdminRequire: true})
+	adminReq := context.Toggle(&context.ToggleOptions{SignInRequired: true, AdminRequired: true})
 
 	// ***** START: Admin *****
 	m.Group("/admin", func() {
 		m.Get("", adminReq, admin.Dashboard)
 		m.Get("/config", admin.Config)
+		m.Post("/config/test_mail", admin.SendTestMail)
 		m.Get("/monitor", admin.Monitor)
 
 		m.Group("/users", func() {
 			m.Get("", admin.Users)
-			m.Get("/new", admin.NewUser)
-			m.Post("/new", bindIgnErr(auth.RegisterForm{}), admin.NewUserPost)
-			m.Get("/:userid", admin.EditUser)
-			m.Post("/:userid", bindIgnErr(auth.AdminEditUserForm{}), admin.EditUserPost)
+			m.Combo("/new").Get(admin.NewUser).Post(bindIgnErr(form.AdminCrateUser{}), admin.NewUserPost)
+			m.Combo("/:userid").Get(admin.EditUser).Post(bindIgnErr(form.AdminEditUser{}), admin.EditUserPost)
 			m.Post("/:userid/delete", admin.DeleteUser)
 		})
 
@@ -322,35 +260,41 @@ func runWeb(ctx *cli.Context) {
 		})
 
 		m.Group("/repos", func() {
-			m.Get("", admin.Repositories)
+			m.Get("", admin.Repos)
+			m.Post("/delete", admin.DeleteRepo)
 		})
 
 		m.Group("/auths", func() {
 			m.Get("", admin.Authentications)
-			m.Get("/new", admin.NewAuthSource)
-			m.Post("/new", bindIgnErr(auth.AuthenticationForm{}), admin.NewAuthSourcePost)
-			m.Get("/:authid", admin.EditAuthSource)
-			m.Post("/:authid", bindIgnErr(auth.AuthenticationForm{}), admin.EditAuthSourcePost)
+			m.Combo("/new").Get(admin.NewAuthSource).Post(bindIgnErr(form.Authentication{}), admin.NewAuthSourcePost)
+			m.Combo("/:authid").Get(admin.EditAuthSource).
+				Post(bindIgnErr(form.Authentication{}), admin.EditAuthSourcePost)
 			m.Post("/:authid/delete", admin.DeleteAuthSource)
 		})
 
 		m.Group("/notices", func() {
 			m.Get("", admin.Notices)
-			m.Get("/:id:int/delete", admin.DeleteNotice)
+			m.Post("/delete", admin.DeleteNotices)
+			m.Get("/empty", admin.EmptyNotices)
 		})
 	}, adminReq)
 	// ***** END: Admin *****
 
 	m.Group("", func() {
-		m.Get("/:username", user.Profile)
-		m.Get("/attachments/:uuid", func(ctx *middleware.Context) {
+		m.Group("/:username", func() {
+			m.Get("", user.Profile)
+			m.Get("/followers", user.Followers)
+			m.Get("/following", user.Following)
+			m.Get("/stars", user.Stars)
+		})
+
+		m.Get("/attachments/:uuid", func(ctx *context.Context) {
 			attach, err := models.GetAttachmentByUUID(ctx.Params(":uuid"))
 			if err != nil {
-				if models.IsErrAttachmentNotExist(err) {
-					ctx.Error(404)
-				} else {
-					ctx.Handle(500, "GetAttachmentByUUID", err)
-				}
+				ctx.NotFoundOrServerError("GetAttachmentByUUID", models.IsErrAttachmentNotExist, err)
+				return
+			} else if !com.IsFile(attach.LocalPath()) {
+				ctx.NotFound()
 				return
 			}
 
@@ -362,200 +306,331 @@ func runWeb(ctx *cli.Context) {
 			defer fr.Close()
 
 			ctx.Header().Set("Cache-Control", "public,max-age=86400")
-			// Fix #312. Attachments with , in their name are not handled correctly by Google Chrome.
-			// We must put the name in " manually.
-			if err = repo.ServeData(ctx, "\""+attach.Name+"\"", fr); err != nil {
+			fmt.Println("attach.Name:", attach.Name)
+			ctx.Header().Set("Content-Disposition", fmt.Sprintf(`inline; filename="%s"`, attach.Name))
+			if err = repo.ServeData(ctx, attach.Name, fr); err != nil {
 				ctx.Handle(500, "ServeData", err)
 				return
 			}
 		})
 		m.Post("/issues/attachments", repo.UploadIssueAttachment)
+		m.Post("/releases/attachments", repo.UploadReleaseAttachment)
 	}, ignSignIn)
 
+	m.Group("/:username", func() {
+		m.Get("/action/:action", user.Action)
+	}, reqSignIn)
+
 	if macaron.Env == macaron.DEV {
 		m.Get("/template/*", dev.TemplatePreview)
 	}
 
-	reqRepoAdmin := middleware.RequireRepoAdmin()
+	reqRepoAdmin := context.RequireRepoAdmin()
+	reqRepoWriter := context.RequireRepoWriter()
 
 	// ***** START: Organization *****
 	m.Group("/org", func() {
-		m.Get("/create", org.Create)
-		m.Post("/create", bindIgnErr(auth.CreateOrgForm{}), org.CreatePost)
+		m.Group("", func() {
+			m.Get("/create", org.Create)
+			m.Post("/create", bindIgnErr(form.CreateOrg{}), org.CreatePost)
+		}, func(ctx *context.Context) {
+			if !ctx.User.CanCreateOrganization() {
+				ctx.NotFound()
+			}
+		})
 
 		m.Group("/:org", func() {
 			m.Get("/dashboard", user.Dashboard)
-			m.Get("/:type(issues|pulls)", user.Issues)
+			m.Get("/^:type(issues|pulls)$", user.Issues)
 			m.Get("/members", org.Members)
 			m.Get("/members/action/:action", org.MembersAction)
 
 			m.Get("/teams", org.Teams)
+		}, context.OrgAssignment(true))
+
+		m.Group("/:org", func() {
 			m.Get("/teams/:team", org.TeamMembers)
 			m.Get("/teams/:team/repositories", org.TeamRepositories)
-			m.Get("/teams/:team/action/:action", org.TeamsAction)
-			m.Get("/teams/:team/action/repo/:action", org.TeamsRepoAction)
-		}, middleware.OrgAssignment(true, true))
+			m.Route("/teams/:team/action/:action", "GET,POST", org.TeamsAction)
+			m.Route("/teams/:team/action/repo/:action", "GET,POST", org.TeamsRepoAction)
+		}, context.OrgAssignment(true, false, true))
 
 		m.Group("/:org", func() {
 			m.Get("/teams/new", org.NewTeam)
-			m.Post("/teams/new", bindIgnErr(auth.CreateTeamForm{}), org.NewTeamPost)
+			m.Post("/teams/new", bindIgnErr(form.CreateTeam{}), org.NewTeamPost)
 			m.Get("/teams/:team/edit", org.EditTeam)
-			m.Post("/teams/:team/edit", bindIgnErr(auth.CreateTeamForm{}), org.EditTeamPost)
+			m.Post("/teams/:team/edit", bindIgnErr(form.CreateTeam{}), org.EditTeamPost)
 			m.Post("/teams/:team/delete", org.DeleteTeam)
 
 			m.Group("/settings", func() {
 				m.Combo("").Get(org.Settings).
-					Post(bindIgnErr(auth.UpdateOrgSettingForm{}), org.SettingsPost)
+					Post(bindIgnErr(form.UpdateOrgSetting{}), org.SettingsPost)
+				m.Post("/avatar", binding.MultipartForm(form.Avatar{}), org.SettingsAvatar)
+				m.Post("/avatar/delete", org.SettingsDeleteAvatar)
 
 				m.Group("/hooks", func() {
 					m.Get("", org.Webhooks)
 					m.Post("/delete", org.DeleteWebhook)
 					m.Get("/:type/new", repo.WebhooksNew)
-					m.Post("/gogs/new", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksNewPost)
-					m.Post("/slack/new", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksNewPost)
+					m.Post("/gogs/new", bindIgnErr(form.NewWebhook{}), repo.WebHooksNewPost)
+					m.Post("/slack/new", bindIgnErr(form.NewSlackHook{}), repo.SlackHooksNewPost)
+					m.Post("/discord/new", bindIgnErr(form.NewDiscordHook{}), repo.DiscordHooksNewPost)
 					m.Get("/:id", repo.WebHooksEdit)
-					m.Post("/gogs/:id", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksEditPost)
-					m.Post("/slack/:id", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksEditPost)
+					m.Post("/gogs/:id", bindIgnErr(form.NewWebhook{}), repo.WebHooksEditPost)
+					m.Post("/slack/:id", bindIgnErr(form.NewSlackHook{}), repo.SlackHooksEditPost)
+					m.Post("/discord/:id", bindIgnErr(form.NewDiscordHook{}), repo.DiscordHooksEditPost)
 				})
 
 				m.Route("/delete", "GET,POST", org.SettingsDelete)
 			})
 
 			m.Route("/invitations/new", "GET,POST", org.Invitation)
-		}, middleware.OrgAssignment(true, true, true))
+		}, context.OrgAssignment(true, true))
 	}, reqSignIn)
-	m.Group("/org", func() {
-		m.Get("/:org", org.Home)
-	}, ignSignIn, middleware.OrgAssignment(true))
 	// ***** END: Organization *****
 
 	// ***** START: Repository *****
 	m.Group("/repo", func() {
 		m.Get("/create", repo.Create)
-		m.Post("/create", bindIgnErr(auth.CreateRepoForm{}), repo.CreatePost)
+		m.Post("/create", bindIgnErr(form.CreateRepo{}), repo.CreatePost)
 		m.Get("/migrate", repo.Migrate)
-		m.Post("/migrate", bindIgnErr(auth.MigrateRepoForm{}), repo.MigratePost)
+		m.Post("/migrate", bindIgnErr(form.MigrateRepo{}), repo.MigratePost)
 		m.Combo("/fork/:repoid").Get(repo.Fork).
-			Post(bindIgnErr(auth.CreateRepoForm{}), repo.ForkPost)
+			Post(bindIgnErr(form.CreateRepo{}), repo.ForkPost)
 	}, reqSignIn)
 
 	m.Group("/:username/:reponame", func() {
 		m.Group("/settings", func() {
 			m.Combo("").Get(repo.Settings).
-				Post(bindIgnErr(auth.RepoSettingForm{}), repo.SettingsPost)
-			m.Route("/collaboration", "GET,POST", repo.Collaboration)
+				Post(bindIgnErr(form.RepoSetting{}), repo.SettingsPost)
+			m.Group("/collaboration", func() {
+				m.Combo("").Get(repo.SettingsCollaboration).Post(repo.SettingsCollaborationPost)
+				m.Post("/access_mode", repo.ChangeCollaborationAccessMode)
+				m.Post("/delete", repo.DeleteCollaboration)
+			})
+			m.Group("/branches", func() {
+				m.Get("", repo.SettingsBranches)
+				m.Post("/default_branch", repo.UpdateDefaultBranch)
+				m.Combo("/*").Get(repo.SettingsProtectedBranch).
+					Post(bindIgnErr(form.ProtectBranch{}), repo.SettingsProtectedBranchPost)
+			}, func(ctx *context.Context) {
+				if ctx.Repo.Repository.IsMirror {
+					ctx.NotFound()
+					return
+				}
+			})
 
 			m.Group("/hooks", func() {
 				m.Get("", repo.Webhooks)
 				m.Post("/delete", repo.DeleteWebhook)
 				m.Get("/:type/new", repo.WebhooksNew)
-				m.Post("/gogs/new", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksNewPost)
-				m.Post("/slack/new", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksNewPost)
-				m.Get("/:id", repo.WebHooksEdit)
-				m.Post("/gogs/:id", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksEditPost)
-				m.Post("/slack/:id", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksEditPost)
+				m.Post("/gogs/new", bindIgnErr(form.NewWebhook{}), repo.WebHooksNewPost)
+				m.Post("/slack/new", bindIgnErr(form.NewSlackHook{}), repo.SlackHooksNewPost)
+				m.Post("/discord/new", bindIgnErr(form.NewDiscordHook{}), repo.DiscordHooksNewPost)
+				m.Post("/gogs/:id", bindIgnErr(form.NewWebhook{}), repo.WebHooksEditPost)
+				m.Post("/slack/:id", bindIgnErr(form.NewSlackHook{}), repo.SlackHooksEditPost)
+				m.Post("/discord/:id", bindIgnErr(form.NewDiscordHook{}), repo.DiscordHooksEditPost)
+
+				m.Group("/:id", func() {
+					m.Get("", repo.WebHooksEdit)
+					m.Post("/test", repo.TestWebhook)
+					m.Post("/redelivery", repo.RedeliveryWebhook)
+				})
 
 				m.Group("/git", func() {
-					m.Get("", repo.GitHooks)
-					m.Combo("/:name").Get(repo.GitHooksEdit).
-						Post(repo.GitHooksEditPost)
-				}, middleware.GitHookService())
+					m.Get("", repo.SettingsGitHooks)
+					m.Combo("/:name").Get(repo.SettingsGitHooksEdit).
+						Post(repo.SettingsGitHooksEditPost)
+				}, context.GitHookService())
 			})
 
 			m.Group("/keys", func() {
-				m.Combo("").Get(repo.DeployKeys).
-					Post(bindIgnErr(auth.AddSSHKeyForm{}), repo.DeployKeysPost)
+				m.Combo("").Get(repo.SettingsDeployKeys).
+					Post(bindIgnErr(form.AddSSHKey{}), repo.SettingsDeployKeysPost)
 				m.Post("/delete", repo.DeleteDeployKey)
 			})
 
+		}, func(ctx *context.Context) {
+			ctx.Data["PageIsSettings"] = true
 		})
-	}, reqSignIn, middleware.RepoAssignment(true), reqRepoAdmin)
+	}, reqSignIn, context.RepoAssignment(), reqRepoAdmin, context.RepoRef())
 
+	m.Get("/:username/:reponame/action/:action", reqSignIn, context.RepoAssignment(), repo.Action)
 	m.Group("/:username/:reponame", func() {
-		m.Get("/action/:action", repo.Action)
-
+		m.Get("/issues", repo.RetrieveLabels, repo.Issues)
+		m.Get("/issues/:index", repo.ViewIssue)
+		m.Get("/labels/", repo.RetrieveLabels, repo.Labels)
+		m.Get("/milestones", repo.Milestones)
+	}, ignSignIn, context.RepoAssignment(true))
+	m.Group("/:username/:reponame", func() {
+		// FIXME: should use different URLs but mostly same logic for comments of issue and pull reuqest.
+		// So they can apply their own enable/disable logic on routers.
 		m.Group("/issues", func() {
-			m.Combo("/new").Get(repo.NewIssue).
-				Post(bindIgnErr(auth.CreateIssueForm{}), repo.NewIssuePost)
-
-			m.Combo("/:index/comments").Post(bindIgnErr(auth.CreateCommentForm{}), repo.NewComment)
-			m.Group("/:index", func() {
-				m.Post("/label", repo.UpdateIssueLabel)
-				m.Post("/milestone", repo.UpdateIssueMilestone)
-				m.Post("/assignee", repo.UpdateIssueAssignee)
-			}, reqRepoAdmin)
+			m.Combo("/new", repo.MustEnableIssues).Get(context.RepoRef(), repo.NewIssue).
+				Post(bindIgnErr(form.NewIssue{}), repo.NewIssuePost)
 
 			m.Group("/:index", func() {
 				m.Post("/title", repo.UpdateIssueTitle)
 				m.Post("/content", repo.UpdateIssueContent)
+				m.Combo("/comments").Post(bindIgnErr(form.CreateComment{}), repo.NewComment)
 			})
 		})
-		m.Post("/comments/:id", repo.UpdateCommentContent)
+		m.Group("/comments/:id", func() {
+			m.Post("", repo.UpdateCommentContent)
+			m.Post("/delete", repo.DeleteComment)
+		})
+	}, reqSignIn, context.RepoAssignment(true))
+	m.Group("/:username/:reponame", func() {
+		m.Group("/wiki", func() {
+			m.Get("/?:page", repo.Wiki)
+			m.Get("/_pages", repo.WikiPages)
+		}, repo.MustEnableWiki, context.RepoRef())
+	}, ignSignIn, context.RepoAssignment(false, true))
+
+	m.Group("/:username/:reponame", func() {
+		// FIXME: should use different URLs but mostly same logic for comments of issue and pull reuqest.
+		// So they can apply their own enable/disable logic on routers.
+		m.Group("/issues", func() {
+			m.Group("/:index", func() {
+				m.Post("/label", repo.UpdateIssueLabel)
+				m.Post("/milestone", repo.UpdateIssueMilestone)
+				m.Post("/assignee", repo.UpdateIssueAssignee)
+			}, reqRepoWriter)
+		})
 		m.Group("/labels", func() {
-			m.Post("/new", bindIgnErr(auth.CreateLabelForm{}), repo.NewLabel)
-			m.Post("/edit", bindIgnErr(auth.CreateLabelForm{}), repo.UpdateLabel)
+			m.Post("/new", bindIgnErr(form.CreateLabel{}), repo.NewLabel)
+			m.Post("/edit", bindIgnErr(form.CreateLabel{}), repo.UpdateLabel)
 			m.Post("/delete", repo.DeleteLabel)
-		}, reqRepoAdmin)
+			m.Post("/initialize", bindIgnErr(form.InitializeLabels{}), repo.InitializeLabels)
+		}, reqRepoWriter, context.RepoRef())
 		m.Group("/milestones", func() {
-			m.Get("/new", repo.NewMilestone)
-			m.Post("/new", bindIgnErr(auth.CreateMilestoneForm{}), repo.NewMilestonePost)
+			m.Combo("/new").Get(repo.NewMilestone).
+				Post(bindIgnErr(form.CreateMilestone{}), repo.NewMilestonePost)
 			m.Get("/:id/edit", repo.EditMilestone)
-			m.Post("/:id/edit", bindIgnErr(auth.CreateMilestoneForm{}), repo.EditMilestonePost)
+			m.Post("/:id/edit", bindIgnErr(form.CreateMilestone{}), repo.EditMilestonePost)
 			m.Get("/:id/:action", repo.ChangeMilestonStatus)
 			m.Post("/delete", repo.DeleteMilestone)
-		}, reqRepoAdmin)
+		}, reqRepoWriter, context.RepoRef())
 
 		m.Group("/releases", func() {
 			m.Get("/new", repo.NewRelease)
-			m.Post("/new", bindIgnErr(auth.NewReleaseForm{}), repo.NewReleasePost)
-			m.Get("/edit/:tagname", repo.EditRelease)
-			m.Post("/edit/:tagname", bindIgnErr(auth.EditReleaseForm{}), repo.EditReleasePost)
-		}, reqRepoAdmin, middleware.RepoRef())
+			m.Post("/new", bindIgnErr(form.NewRelease{}), repo.NewReleasePost)
+			m.Post("/delete", repo.DeleteRelease)
+			m.Get("/edit/*", repo.EditRelease)
+			m.Post("/edit/*", bindIgnErr(form.EditRelease{}), repo.EditReleasePost)
+		}, repo.MustBeNotBare, reqRepoWriter, func(ctx *context.Context) {
+			ctx.Data["PageIsViewFiles"] = true
+		})
 
-		m.Combo("/compare/*").Get(repo.CompareAndPullRequest).
-			Post(bindIgnErr(auth.CreateIssueForm{}), repo.CompareAndPullRequestPost)
-	}, reqSignIn, middleware.RepoAssignment(true))
+		// FIXME: Should use ctx.Repo.PullRequest to unify template, currently we have inconsistent URL
+		// for PR in same repository. After select branch on the page, the URL contains redundant head user name.
+		// e.g. /org1/test-repo/compare/master...org1:develop
+		// which should be /org1/test-repo/compare/master...develop
+		m.Combo("/compare/*", repo.MustAllowPulls).Get(repo.CompareAndPullRequest).
+			Post(bindIgnErr(form.NewIssue{}), repo.CompareAndPullRequestPost)
+
+		m.Group("", func() {
+			m.Combo("/_edit/*").Get(repo.EditFile).
+				Post(bindIgnErr(form.EditRepoFile{}), repo.EditFilePost)
+			m.Combo("/_new/*").Get(repo.NewFile).
+				Post(bindIgnErr(form.EditRepoFile{}), repo.NewFilePost)
+			m.Post("/_preview/*", bindIgnErr(form.EditPreviewDiff{}), repo.DiffPreviewPost)
+			m.Combo("/_delete/*").Get(repo.DeleteFile).
+				Post(bindIgnErr(form.DeleteRepoFile{}), repo.DeleteFilePost)
+
+			m.Group("", func() {
+				m.Combo("/_upload/*").Get(repo.UploadFile).
+					Post(bindIgnErr(form.UploadRepoFile{}), repo.UploadFilePost)
+				m.Post("/upload-file", repo.UploadFileToServer)
+				m.Post("/upload-remove", bindIgnErr(form.RemoveUploadFile{}), repo.RemoveUploadFileFromServer)
+			}, func(ctx *context.Context) {
+				if !setting.Repository.Upload.Enabled {
+					ctx.NotFound()
+					return
+				}
+			})
+		}, repo.MustBeNotBare, reqRepoWriter, context.RepoRef(), func(ctx *context.Context) {
+			if !ctx.Repo.CanEnableEditor() {
+				ctx.NotFound()
+				return
+			}
+
+			ctx.Data["PageIsViewFiles"] = true
+		})
+	}, reqSignIn, context.RepoAssignment())
 
 	m.Group("/:username/:reponame", func() {
-		m.Get("/releases", middleware.RepoRef(), repo.Releases)
-		m.Get("/:type(issues|pulls)", repo.RetrieveLabels, repo.Issues)
-		m.Get("/:type(issues|pulls)/:index", repo.ViewIssue)
-		m.Get("/labels/", repo.RetrieveLabels, repo.Labels)
-		m.Get("/milestones", repo.Milestones)
-		m.Get("/branches", repo.Branches)
-		m.Get("/archive/*", repo.Download)
+		m.Group("", func() {
+			m.Get("/releases", repo.MustBeNotBare, repo.Releases)
+			m.Get("/pulls", repo.RetrieveLabels, repo.Pulls)
+			m.Get("/pulls/:index", repo.ViewPull)
+		}, context.RepoRef())
+
+		m.Group("/branches", func() {
+			m.Get("", repo.Branches)
+			m.Get("/all", repo.AllBranches)
+			m.Post("/delete/*", reqSignIn, reqRepoWriter, repo.DeleteBranchPost)
+		}, repo.MustBeNotBare, func(ctx *context.Context) {
+			ctx.Data["PageIsViewFiles"] = true
+		})
+
+		m.Group("/wiki", func() {
+			m.Group("", func() {
+				m.Combo("/_new").Get(repo.NewWiki).
+					Post(bindIgnErr(form.NewWiki{}), repo.NewWikiPost)
+				m.Combo("/:page/_edit").Get(repo.EditWiki).
+					Post(bindIgnErr(form.NewWiki{}), repo.EditWikiPost)
+				m.Post("/:page/delete", repo.DeleteWikiPagePost)
+			}, reqSignIn, reqRepoWriter)
+		}, repo.MustEnableWiki, context.RepoRef())
+
+		m.Get("/archive/*", repo.MustBeNotBare, repo.Download)
 
 		m.Group("/pulls/:index", func() {
-			m.Get("/commits", repo.ViewPullCommits)
-			m.Get("/files", repo.ViewPullFiles)
-			m.Post("/merge", reqRepoAdmin, repo.MergePullRequest)
-		})
+			m.Get("/commits", context.RepoRef(), repo.ViewPullCommits)
+			m.Get("/files", context.RepoRef(), repo.ViewPullFiles)
+			m.Post("/merge", reqRepoWriter, repo.MergePullRequest)
+		}, repo.MustAllowPulls)
 
 		m.Group("", func() {
 			m.Get("/src/*", repo.Home)
 			m.Get("/raw/*", repo.SingleDownload)
 			m.Get("/commits/*", repo.RefCommits)
-			m.Get("/commit/*", repo.Diff)
-		}, middleware.RepoRef())
+			m.Get("/commit/:sha([a-f0-9]{7,40})$", repo.Diff)
+			m.Get("/forks", repo.Forks)
+		}, repo.MustBeNotBare, context.RepoRef())
+		m.Get("/commit/:sha([a-f0-9]{7,40})\\.:ext(patch|diff)", repo.MustBeNotBare, repo.RawDiff)
 
-		m.Get("/compare/:before([a-z0-9]{40})...:after([a-z0-9]{40})", repo.CompareDiff)
-	}, ignSignIn, middleware.RepoAssignment(true))
+		m.Get("/compare/:before([a-z0-9]{40})\\.\\.\\.:after([a-z0-9]{40})", repo.MustBeNotBare, context.RepoRef(), repo.CompareDiff)
+	}, ignSignIn, context.RepoAssignment())
+	m.Group("/:username/:reponame", func() {
+		m.Get("/stars", repo.Stars)
+		m.Get("/watchers", repo.Watchers)
+	}, ignSignIn, context.RepoAssignment(), context.RepoRef())
 
 	m.Group("/:username", func() {
-		m.Group("/:reponame", func() {
-			m.Get("", repo.Home)
-			m.Get(".git", repo.Home)
-		}, ignSignIn, middleware.RepoAssignment(true, true), middleware.RepoRef())
+		m.Get("/:reponame", ignSignIn, context.RepoAssignment(), context.RepoRef(), repo.Home)
 
 		m.Group("/:reponame", func() {
-			m.Any("/*", ignSignInAndCsrf, repo.Http)
-			m.Head("/hooks/trigger", repo.TriggerHook)
+			m.Head("/tasks/trigger", repo.TriggerTask)
 		})
+		// Use the regexp to match the repository name
+		// Duplicated routes to enable different ways of accessing same set of URLs,
+		// e.g. with or without ".git" suffix.
+		m.Group("/:reponame([\\d\\w-_\\.]+\\.git$)", func() {
+			m.Get("", ignSignIn, context.RepoAssignment(), context.RepoRef(), repo.Home)
+			m.Route("/*", "GET,POST", ignSignInAndCsrf, repo.HTTPContexter(), repo.HTTP)
+		})
+		m.Route("/:reponame/*", "GET,POST", ignSignInAndCsrf, repo.HTTPContexter(), repo.HTTP)
 	})
 	// ***** END: Repository *****
 
+	m.Group("/api", func() {
+		apiv1.RegisterRoutes(m)
+	}, ignSignIn)
+
 	// robots.txt
-	m.Get("/robots.txt", func(ctx *middleware.Context) {
+	m.Get("/robots.txt", func(ctx *context.Context) {
 		if setting.HasRobotsTxt {
 			ctx.ServeFileContent(path.Join(setting.CustomPath, "robots.txt"))
 		} else {
@@ -568,21 +643,52 @@ func runWeb(ctx *cli.Context) {
 
 	// Flag for port number in case first time run conflict.
 	if ctx.IsSet("port") {
-		setting.AppUrl = strings.Replace(setting.AppUrl, setting.HttpPort, ctx.String("port"), 1)
-		setting.HttpPort = ctx.String("port")
+		setting.AppUrl = strings.Replace(setting.AppUrl, setting.HTTPPort, ctx.String("port"), 1)
+		setting.HTTPPort = ctx.String("port")
 	}
 
-	var err error
-	listenAddr := fmt.Sprintf("%s:%s", setting.HttpAddr, setting.HttpPort)
+	var listenAddr string
+	if setting.Protocol == setting.SCHEME_UNIX_SOCKET {
+		listenAddr = fmt.Sprintf("%s", setting.HTTPAddr)
+	} else {
+		listenAddr = fmt.Sprintf("%s:%s", setting.HTTPAddr, setting.HTTPPort)
+	}
 	log.Info("Listen: %v://%s%s", setting.Protocol, listenAddr, setting.AppSubUrl)
+
+	var err error
 	switch setting.Protocol {
-	case setting.HTTP:
+	case setting.SCHEME_HTTP:
 		err = http.ListenAndServe(listenAddr, m)
-	case setting.HTTPS:
-		server := &http.Server{Addr: listenAddr, TLSConfig: &tls.Config{MinVersion: tls.VersionTLS10}, Handler: m}
+	case setting.SCHEME_HTTPS:
+		server := &http.Server{Addr: listenAddr, TLSConfig: &tls.Config{
+			MinVersion:               tls.VersionTLS10,
+			CurvePreferences:         []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
+			PreferServerCipherSuites: true,
+			CipherSuites: []uint16{
+				tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+				tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, // Required for HTTP/2 support.
+				tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+				tls.TLS_RSA_WITH_AES_256_CBC_SHA,
+			},
+		}, Handler: m}
 		err = server.ListenAndServeTLS(setting.CertFile, setting.KeyFile)
-	case setting.FCGI:
+	case setting.SCHEME_FCGI:
 		err = fcgi.Serve(nil, m)
+	case setting.SCHEME_UNIX_SOCKET:
+		os.Remove(listenAddr)
+
+		var listener *net.UnixListener
+		listener, err = net.ListenUnix("unix", &net.UnixAddr{listenAddr, "unix"})
+		if err != nil {
+			break // Handle error after switch
+		}
+
+		// FIXME: add proper implementation of signal capture on all protocols
+		// execute this on SIGTERM or SIGINT: listener.Close()
+		if err = os.Chmod(listenAddr, os.FileMode(setting.UnixSocketPermission)); err != nil {
+			log.Fatal(4, "Failed to set permission of unix socket: %v", err)
+		}
+		err = http.Serve(listener, m)
 	default:
 		log.Fatal(4, "Invalid protocol: %s", setting.Protocol)
 	}
@@ -590,4 +696,6 @@ func runWeb(ctx *cli.Context) {
 	if err != nil {
 		log.Fatal(4, "Fail to start server: %v", err)
 	}
+
+	return nil
 }

conf/README.md

@@ -1,7 +1,3 @@
 Execute following command in ROOT directory when anything is changed:
 
-$ go-bindata -o=modules/bindata/bindata.go -ignore="\\.DS_Store|README.md" -pkg=bindata conf/...
-
-Add -debug flag to make life easier in development(somehow isn't working):
-
-$ go-bindata -debug -o=modules/bindata/bindata.go -ignore="\\.DS_Store|README.md" -pkg=bindata conf/...
+$ make bindata

conf/app.ini

@@ -1,41 +1,53 @@
-# NEVER EVER MODIFY THIS FILE
-# PLEASE MAKE CHANGES ON CORRESPONDING CUSTOM CONFIG FILE
+# !!! NEVER EVER MODIFY THIS FILE !!!
+# !!! PLEASE MAKE CHANGES ON CORRESPONDING CUSTOM CONFIG FILE !!!
+# !!! IF YOU ARE PACKAGING PROVIDER, PLEASE MAKE OWN COPY OF IT !!!
 
 ; App name that shows on every page title
-APP_NAME = Gogs: Go Git Service
-; Change it if you run locally
+APP_NAME = Gogs
+; The name of the system user that runs Gogs
 RUN_USER = git
-; Either "dev", "prod" or "test", default is "dev"
+; Either "dev", "prod" or "test"
 RUN_MODE = dev
 
-[repository]
-ROOT =
-SCRIPT_TYPE = bash
-
-[ui]
-; Number of repositories that are showed in one explore page
-EXPLORE_PAGING_NUM = 20
-; Number of issues that are showed in one page
-ISSUE_PAGING_NUM = 10
-
-[markdown]
-; Enable hard line break extension
-ENABLE_HARD_LINE_BREAK = false
-
 [server]
 PROTOCOL = http
 DOMAIN = localhost
 ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
-HTTP_ADDR =
+HTTP_ADDR = 0.0.0.0
 HTTP_PORT = 3000
+; Permission for unix socket
+UNIX_SOCKET_PERMISSION = 666
+; Local (DMZ) URL for Gogs workers (such as SSH update) accessing web service.
+; In most cases you do not need to change the default value.
+; Alter it only if your SSH server node is not the same as HTTP node.
+LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
 ; Disable SSH feature when not available
 DISABLE_SSH = false
+; Whether use builtin SSH server or not.
+START_SSH_SERVER = false
+; Domain name to be exposed in SSH clone URL
+SSH_DOMAIN = %(DOMAIN)s
+; Port number to be exposed in SSH clone URL
 SSH_PORT = 22
+; Network interface builtin SSH server listens on
+SSH_LISTEN_HOST = 0.0.0.0
+; Port number builtin SSH server listens on
+SSH_LISTEN_PORT = %(SSH_PORT)s
+; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'.
+SSH_ROOT_PATH =
+; Choose the ciphers to support for SSH connections
+SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
+; Directory to create temporary files when test publick key using ssh-keygen,
+; default is system temporary directory.
+SSH_KEY_TEST_PATH =
+; Path to ssh-keygen, default is 'ssh-keygen' and let shell find out which one to call.
+SSH_KEYGEN_PATH = ssh-keygen
+; Indicate whether to check minimum key size with corresponding type
+MINIMUM_KEY_SIZE_CHECK = false
 ; Disable CDN even in "prod" mode
 OFFLINE_MODE = false
 DISABLE_ROUTER_LOG = false
 ; Generate steps:
-; $ cd path/to/gogs/custom/https
 ; $ ./gogs cert -ca=true -duration=8760h0m0s -host=myhost.example.com
 ;
 ; Or from a .pfx file exported from the Windows certificate store (do
@@ -47,13 +59,106 @@ KEY_FILE = custom/https/key.pem
 ; Upper level of template and static file path
 ; default is the path where Gogs is executed
 STATIC_ROOT_PATH =
+; Default path for App data
+APP_DATA_PATH = data
 ; Application level GZIP support
 ENABLE_GZIP = false
 ; Landing page for non-logged users, can be "home" or "explore"
 LANDING_PAGE = home
 
+[repository]
+; Root path for storing repositories's data, default is "~/<username>/gogs-repositories"
+ROOT =
+; The script type server supports, sometimes could be "sh"
+SCRIPT_TYPE = bash
+; Default ANSI charset for an unrecognized charset
+ANSI_CHARSET =
+; Force every new repository to be private
+FORCE_PRIVATE = false
+; Global maximum creation limit of repository per user, -1 means no limit
+MAX_CREATION_LIMIT = -1
+; Mirror sync queue length, increase if mirror syncing starts hanging
+MIRROR_QUEUE_LENGTH = 1000
+; Patch test queue length, increase if pull request patch testing starts hanging
+PULL_REQUEST_QUEUE_LENGTH = 1000
+; Preferred Licenses to place at the top of the list
+; Name must match file name in conf/license or custom/conf/license
+PREFERRED_LICENSES = Apache License 2.0,MIT License
+; Disable ability to interact with repositories by HTTP protocol
+DISABLE_HTTP_GIT = false
+; Enable ability to migrate repository by local path
+ENABLE_LOCAL_PATH_MIGRATION = false
+; Concurrency is used to retrieve commits information. This variable define
+; the maximum number of tasks that can be run at the same time. Usually, the
+; value depend of how many CPUs (cores) you have. If the value is set to zero
+; or under, GOGS will automatically detect the number of CPUs your system have
+COMMITS_FETCH_CONCURRENCY = 0
+; Enable render mode for raw file
+ENABLE_RAW_FILE_RENDER_MODE = false
+
+[repository.editor]
+; List of file extensions that should have line wraps in the CodeMirror editor.
+; Separate extensions with a comma. To line wrap files without extension, just put a comma
+LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd,
+; Valid file modes that have a preview API associated with them, such as api/v1/markdown.
+; Separate values by commas. Preview tab in edit mode won't show if the file extension doesn't match
+PREVIEWABLE_FILE_MODES = markdown
+
+[repository.upload]
+; Enable repository file uploads.
+ENABLED = true
+; Path to temporarily store uploads (default path gets cleaned by Gogs in every start)
+TEMP_PATH = data/tmp/uploads
+; File types that are allowed to be uploaded, e.g. image/jpeg|image/png. Leave empty means allow any file type
+ALLOWED_TYPES =
+; Maximum size of each file in MB
+FILE_MAX_SIZE = 3
+; Maximum number of files per upload
+MAX_FILES = 5
+
+; Attachment settings for releases
+[release.attachment]
+; Whether attachments are enabled. Defaults to `true`
+ENABLED = true
+; Path for attachments. Defaults to `data/attachments`
+PATH = data/attachments
+; One or more allowed types, e.g. image/jpeg|image/png
+ALLOWED_TYPES = */*
+; Max size of each file. Defaults to 32MB
+MAX_SIZE = 32
+; Max number of files per upload. Defaults to 10
+MAX_FILES = 10
+
+[markdown]
+; Enable hard line break extension
+ENABLE_HARD_LINE_BREAK = false
+; List of custom URL-Schemes that are allowed as links when rendering Markdown
+; for example git,magnet
+CUSTOM_URL_SCHEMES =
+; List of file extensions that should be rendered/edited as Markdown
+; Separate extensions with a comma. To render files w/o extension as markdown, just put a comma
+FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd
+
+[smartypants]
+ENABLED = false
+FRACTIONS = true
+DASHES = true
+LATEX_DASHES = true
+ANGLED_QUOTES = true
+
+[http]
+; Value for Access-Control-Allow-Origin header, default is not to present
+ACCESS_CONTROL_ALLOW_ORIGIN = 
+
+; Define allowed algorithms and their minimum key length (use -1 to disable a type)
+[ssh.minimum_key_sizes]
+ED25519 = 256
+ECDSA   = 256
+RSA     = 2048
+DSA     = 1024
+
 [database]
-; Either "mysql", "postgres" or "sqlite3", it's your choice
+; Either "mysql", "postgres" or "sqlite3", you can connect to TiDB with MySQL protocol
 DB_TYPE = mysql
 HOST = 127.0.0.1:3306
 NAME = gogs
@@ -61,10 +166,12 @@ USER = root
 PASSWD =
 ; For "postgres" only, either "disable", "require" or "verify-full"
 SSL_MODE = disable
-; For "sqlite3" only
+; For "sqlite3" and "tidb", use absolute path when you start as service
 PATH = data/gogs.db
 
 [admin]
+; Disable regular (non-admin) users to create organizations
+DISABLE_REGULAR_ORG_CREATION = false
 
 [security]
 INSTALL_LOCK = false
@@ -74,8 +181,12 @@ SECRET_KEY = !#@FDEWREWR&*(
 LOGIN_REMEMBER_DAYS = 7
 COOKIE_USERNAME = gogs_awesome
 COOKIE_REMEMBER_NAME = gogs_incredible
+COOKIE_SECURE = false
 ; Reverse proxy authentication header name of user name
 REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
+; Enable to set cookie to indicate user login status
+ENABLE_LOGIN_STATUS_COOKIE = false
+LOGIN_STATUS_COOKIE_NAME = login_status
 
 [service]
 ACTIVE_CODE_LIVE_MINUTES = 180
@@ -86,18 +197,18 @@ REGISTER_EMAIL_CONFIRM = false
 DISABLE_REGISTRATION = false
 ; User must sign in to view anything.
 REQUIRE_SIGNIN_VIEW = false
-; Cache avatar as picture
-ENABLE_CACHE_AVATAR = false
 ; Mail notification
 ENABLE_NOTIFY_MAIL = false
 ; More detail: https://github.com/gogits/gogs/issues/165
 ENABLE_REVERSE_PROXY_AUTHENTICATION = false
 ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
-; Do not check minimum key size with corresponding type
-DISABLE_MINIMUM_KEY_SIZE_CHECK = false
+; Enable captcha validation for registration
+ENABLE_CAPTCHA = true
 
 [webhook]
-; Hook task queue length
+; Types are enabled for users to use, can be "gogs", "slack", "discord"
+TYPES = gogs, slack, discord
+; Hook task queue length, increase if webhook shooting starts hanging
 QUEUE_LENGTH = 1000
 ; Deliver timeout in seconds
 DELIVER_TIMEOUT = 5
@@ -109,67 +220,31 @@ PAGING_NUM = 10
 [mailer]
 ENABLED = false
 ; Buffer length of channel, keep it as it is if you don't know what it is.
-SEND_BUFFER_LEN = 10
+SEND_BUFFER_LEN = 100
 ; Name displayed in mail title
 SUBJECT = %(APP_NAME)s
 ; Mail server
 ; Gmail: smtp.gmail.com:587
-; QQ: smtp.qq.com:25
+; QQ: smtp.qq.com:465
 ; Note, if the port ends with "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409. If the server supports STARTTLS it will always be used.
-HOST = 
+HOST =
 ; Disable HELO operation when hostname are different.
-DISABLE_HELO = 
+DISABLE_HELO =
 ; Custom hostname for HELO operation, default is from system.
-HELO_HOSTNAME = 
+HELO_HOSTNAME =
 ; Do not verify the certificate of the server. Only use this for self-signed certificates
-SKIP_VERIFY = 
+SKIP_VERIFY =
 ; Use client certificate
 USE_CERTIFICATE = false
 CERT_FILE = custom/mailer/cert.pem
 KEY_FILE = custom/mailer/key.pem
-; Mail from address, RFC 5322. This can be just an email address, or the `"Name" <email@example.com>` format 
+; Mail from address, RFC 5322. This can be just an email address, or the `"Name" <email@example.com>` format
 FROM =
 ; Mailer user name and password
 USER =
 PASSWD =
-
-[oauth]
-ENABLED = false
-
-[oauth.github]
-ENABLED = false
-CLIENT_ID =
-CLIENT_SECRET =
-SCOPES = https://api.github.com/user
-AUTH_URL = https://github.com/login/oauth/authorize
-TOKEN_URL = https://github.com/login/oauth/access_token
-
-; Get client id and secret from
-; https://console.developers.google.com/project
-[oauth.google]
-ENABLED = false
-CLIENT_ID =
-CLIENT_SECRET =
-SCOPES = https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile
-AUTH_URL = https://accounts.google.com/o/oauth2/auth
-TOKEN_URL = https://accounts.google.com/o/oauth2/token
-
-[oauth.qq]
-ENABLED = false
-CLIENT_ID =
-CLIENT_SECRET =
-SCOPES = get_user_info
-; QQ 互联
-AUTH_URL = https://graph.qq.com/oauth2.0/authorize
-TOKEN_URL = https://graph.qq.com/oauth2.0/token
-
-[oauth.weibo]
-ENABLED = false
-CLIENT_ID =
-CLIENT_SECRET =
-SCOPES = all
-AUTH_URL = https://api.weibo.com/oauth2/authorize
-TOKEN_URL = https://api.weibo.com/oauth2/access_token
+; Use text/plain as format of content
+USE_PLAIN_TEXT = false
 
 [cache]
 ; Either "memory", "redis", or "memcache", default is "memory"
@@ -182,7 +257,7 @@ INTERVAL = 60
 HOST =
 
 [session]
-; Either "memory", "file", "redis" or "mysql", default is "memory"
+; Either "memory", "file", or "redis", default is "memory"
 PROVIDER = memory
 ; Provider config options
 ; memory: not have any config yet
@@ -196,20 +271,27 @@ COOKIE_NAME = i_like_gogits
 COOKIE_SECURE = false
 ; Enable set cookie, default is true
 ENABLE_SET_COOKIE = true
-; Session GC time interval, default is 86400
-GC_INTERVAL_TIME = 86400
+; Session GC time interval, default is 3600
+GC_INTERVAL_TIME = 3600
 ; Session life time, default is 86400
 SESSION_LIFE_TIME = 86400
+; Cookie name for CSRF
+CSRF_COOKIE_NAME = _csrf
 
 [picture]
-; The place to picture data, either "server" or "qiniu", default is "server"
-SERVICE = server
+; Path to store user uploaded avatars
 AVATAR_UPLOAD_PATH = data/avatars
 ; Chinese users can choose "duoshuo"
 ; or a custom avatar source, like: http://cn.gravatar.com/avatar/
 GRAVATAR_SOURCE = gravatar
+; This value will be forced to be true in offline mode.
 DISABLE_GRAVATAR = false
+; Federated avatar lookup uses DNS to discover avatar associated
+; with emails, see https://www.libravatar.org
+; This value will be forced to be false in offline mode or Gravatar is disbaled.
+ENABLE_FEDERATED_AVATAR = true
 
+; Attachment settings for issues
 [attachment]
 ; Whether attachments are enabled. Defaults to `true`
 ENABLE = true
@@ -217,9 +299,9 @@ ENABLE = true
 PATH = data/attachments
 ; One or more allowed types, e.g. image/jpeg|image/png
 ALLOWED_TYPES = image/jpeg|image/png
-; Max size of each file. Defaults to 32MB
+; Max size of each file. Defaults to 4MB
 MAX_SIZE = 4
-; Max number of files per upload. Defaults to 10
+; Max number of files per upload. Defaults to 5
 MAX_FILES = 5
 
 [time]
@@ -228,66 +310,53 @@ MAX_FILES = 5
 ; For more information about the format see http://golang.org/pkg/time/#pkg-constants
 FORMAT =
 
+; General settings of loggers
 [log]
 ROOT_PATH =
-; Either "console", "file", "conn", "smtp" or "database", default is "console"
+; Can be "console" and "file", default is "console"
 ; Use comma to separate multiple modes, e.g. "console, file"
 MODE = console
 ; Buffer length of channel, keep it as it is if you don't know what it is.
-BUFFER_LEN = 10000
-; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace"
+BUFFER_LEN = 100
+; Either "Trace", "Info", "Warn", "Error", "Fatal", default is "Trace"
 LEVEL = Trace
 
 ; For "console" mode only
 [log.console]
+; leave empty to inherit
 LEVEL =
 
 ; For "file" mode only
 [log.file]
+; leave empty to inherit
 LEVEL =
-; This enables automated log rotate(switch of following options), default is true
+; This enables automated log rotate (switch of following options)
 LOG_ROTATE = true
-; Max line number of single file, default is 1000000
-MAX_LINES = 1000000
+; Segment log daily
+DAILY_ROTATE = true
 ; Max size shift of single file, default is 28 means 1 << 28, 256MB
 MAX_SIZE_SHIFT = 28
-; Segment log daily, default is true
-DAILY_ROTATE = true
-; Expired days of log file(delete after max days), default is 7
+; Max line number of single file
+MAX_LINES = 1000000
+; Expired days of log file (delete after max days)
 MAX_DAYS = 7
 
-; For "conn" mode only
-[log.conn]
+; For "slack" mode only
+[log.slack]
+; leave empty to inherit
 LEVEL =
-; Reconnect host for every single message, default is false
-RECONNECT_ON_MSG = false
-; Try to reconnect when connection is lost, default is false
-RECONNECT = false
-; Either "tcp", "unix" or "udp", default is "tcp"
-PROTOCOL = tcp
-; Host address
-ADDR =
+; Webhook URL
+URL = 
 
-; For "smtp" mode only
-[log.smtp]
-LEVEL =
-; Name displayed in mail title, default is "Diagnostic message from serve"
-SUBJECT = Diagnostic message from serve
-; Mail server
-HOST =
-; Mailer user name and password
-USER =
-PASSWD =
-; Receivers, can be one or more, e.g. ["1@example.com","2@example.com"]
-RECEIVERS =
-
-; For "database" mode only
-[log.database]
-LEVEL =
-; Either "mysql" or "postgres"
-DRIVER =
-; Based on xorm, e.g.: root:root@localhost/gogs?charset=utf8
-CONN =
+[log.xorm]
+; Enable file rotation
+ROTATE = true
+; Rotate every day
+ROTATE_DAILY = true
+; Rotate once file size excesses x MB
+MAX_SIZE = 100
+; Maximum days to keep logger files
+MAX_DAYS = 3
 
 [cron]
 ; Enable running cron tasks periodically.
@@ -297,35 +366,99 @@ RUN_AT_START = false
 
 ; Update mirrors
 [cron.update_mirrors]
-SCHEDULE = @every 1h
+SCHEDULE = @every 10m
 
 ; Repository health check
 [cron.repo_health_check]
 SCHEDULE = @every 24h
-; Arguments for command 'git fsck', e.g.: "--unreachable --tags"
+TIMEOUT = 60s
+; Arguments for command 'git fsck', e.g. "--unreachable --tags"
 ; see more on http://git-scm.com/docs/git-fsck/1.7.5
-ARGS = 
+ARGS =
 
 ; Check repository statistics
 [cron.check_repo_stats]
 RUN_AT_START = true
 SCHEDULE = @every 24h
 
+; Cleanup repository archives
+[cron.repo_archive_cleanup]
+RUN_AT_START = false
+SCHEDULE = @every 24h
+; Time duration to check if archive should be cleaned
+OLDER_THAN = 24h
+
 [git]
-MAX_GIT_DIFF_LINES = 10000
-; Arguments for command 'git gc', e.g.: "--aggressive --auto"
+; Disables highlight of added and removed changes
+DISABLE_DIFF_HIGHLIGHT = false
+; Max number of lines allowed of a single file in diff view
+MAX_GIT_DIFF_LINES = 1000
+; Max number of characters of a line allowed in diff view
+MAX_GIT_DIFF_LINE_CHARACTERS = 500
+; Max number of files shown in diff view
+MAX_GIT_DIFF_FILES = 100
+; Arguments for command 'git gc', e.g. "--aggressive --auto"
 ; see more on http://git-scm.com/docs/git-gc/1.7.5
-GC_ARGS = 
+GC_ARGS =
+
+; Operation timeout in seconds
+[git.timeout]
+MIGRATE = 600
+MIRROR = 300
+CLONE = 300
+PULL = 300
+GC = 60
+
+[mirror]
+; Default interval in hours between each check
+DEFAULT_INTERVAL = 8
+
+[api]
+; Max number of items will response in a page
+MAX_RESPONSE_ITEMS = 50
+
+[ui]
+; Number of repositories that are showed in one explore page
+EXPLORE_PAGING_NUM = 20
+; Number of issues that are showed in one page
+ISSUE_PAGING_NUM = 10
+; Number of maximum commits showed in one activity feed
+FEED_MAX_COMMIT_NUM = 5
+; Value of "theme-color" meta tag, used by Android >= 5.0
+; An invalid color like "none" or "disable" will have the default style
+; More info: https://developers.google.com/web/updates/2014/11/Support-for-theme-color-in-Chrome-39-for-Android
+THEME_COLOR_META_TAG = `#ff5343`
+; Max size in bytes of files to be displayed (default is 8MB)
+MAX_DISPLAY_FILE_SIZE = 8388608
+
+[ui.admin]
+; Number of users that are showed in one page
+USER_PAGING_NUM = 50
+; Number of repos that are showed in one page
+REPO_PAGING_NUM = 50
+; Number of notices that are showed in one page
+NOTICE_PAGING_NUM = 25
+; Number of organization that are showed in one page
+ORG_PAGING_NUM = 50
+
+[ui.user]
+; Number of repos that are showed in one page
+REPO_PAGING_NUM = 15
+; Number of news feeds that are showed in one page
+NEWS_FEED_PAGING_NUM = 20
+; Number of commits that are showed in one page
+COMMITS_PAGING_NUM = 30
 
 [i18n]
-LANGS = en-US,zh-CN,zh-HK,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT
-NAMES = English,简体中文,繁體中文,Deutsch,Français,Nederlands,Latviešu,Русский,日本語,Español,Português do Brasil,Polski,български,Italiano
+LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR,gl-ES,uk-UA
+NAMES = English,简体中文,繁體中文（香港）,繁體中文（台湾）,Deutsch,français,Nederlands,latviešu,русский,日本語,español,português do Brasil,polski,български,italiano,suomi,Türkçe,čeština,српски,svenska,한국어,galego,українська
 
 ; Used for datetimepicker
 [i18n.datelang]
 en-US = en
 zh-CN = zh
 zh-HK = zh-TW
+zh-TW = zh-TW
 de-DE = de
 fr-FR = fr
 nl-NL = nl
@@ -337,6 +470,22 @@ pt-BR = pt-BR
 pl-PL = pl
 bg-BG = bg
 it-IT = it
+fi-FI = fi
+tr-TR = tr
+cs-CZ = cs-CZ
+sr-SP = sr
+sv-SE = sv
+ko-KR = ko
+gl-ES = gl
+uk-UA = uk
+
+; Extension mapping to highlight class
+; e.g. .toml=ini
+[highlight.mapping]
 
 [other]
 SHOW_FOOTER_BRANDING = false
+; Show version information about Gogs and Go in the footer
+SHOW_FOOTER_VERSION = true
+; Show time of template execution in the footer
+SHOW_FOOTER_TEMPLATE_LOAD_TIME = true

conf/gitignore/Clojure.gitignore

@@ -1 +0,0 @@
-Leiningen.gitignore

conf/gitignore/Fortran.gitignore

@@ -1 +0,0 @@
-C++.gitignore

conf/gitignore/macOS

@@ -1,24 +1,25 @@
-.DS_Store
-.AppleDouble
-.LSOverride
-
-# Icon must end with two \r
-Icon
-
-# Thumbnails
-._*
-
-# Files that might appear in the root of a volume
-.DocumentRevisions-V100
-.fseventsd
-.Spotlight-V100
-.TemporaryItems
-.Trashes
-.VolumeIcon.icns
-
-# Directories potentially created on remote AFP share
-.AppleDB
-.AppleDesktop
-Network Trash Folder
-Temporary Items
-.apdisk
+.DS_Store
+.AppleDouble
+.LSOverride
+
+# Icon must end with two \r
+Icon
+
+
+# Thumbnails
+._*
+
+# Files that might appear in the root of a volume
+.DocumentRevisions-V100
+.fseventsd
+.Spotlight-V100
+.TemporaryItems
+.Trashes
+.VolumeIcon.icns
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk

conf/label/Default

@@ -0,0 +1,7 @@
+#ee0701 bug
+#cccccc duplicate
+#84b6eb enhancement
+#128a0c help wanted
+#e6e6e6 invalid
+#cc317c question
+#ffffff wontfix

conf/license/Creative Commons Zero v1.0 Universal

@@ -1,39 +0,0 @@
-Creative Commons CC0 1.0 Universal
-CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS DOCUMENT DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED HEREUNDER, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED HEREUNDER.
-Statement of Purpose
-
-The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work").
-
-Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others.
-
-For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights.
-
-1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following:
-
-i. the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work;
-
-ii. moral rights retained by the original author(s) and/or performer(s);
-
-iii. publicity and privacy rights pertaining to a person's image or likeness depicted in a Work;
-
-iv. rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below;
-
-v. rights protecting the extraction, dissemination, use and reuse of data in a Work;
-
-vi. database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and
-
-vii. other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof.
-
-2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose.
-
-3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose.
-
-4. Limitations and Disclaimers.
-
-a. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document.
-
-b. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law.
-
-c. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work.
-
-d. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work.

conf/license/ISC license

@@ -1,6 +1,5 @@
 ISC License:
-Copyright (c) 2004-2010 by Internet Systems Consortium, Inc. ("ISC") 
-Copyright (c) 1995-2003 by Internet Software Consortium
+Copyright (c) Year(s), Company or Person's Name
 
 Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.
 

conf/locale/TRANSLATORS

@@ -1,20 +1,82 @@
 # This file lists all PUBLIC individuals having contributed content to the translation.
-# Order of name is meaningless.
+# Entries are in alphabetical order.
 
-Akihiro YAGASAKI <yaggytter@momiage.com>
-Alexander Steinhöfer <kontakt@lx-s.de>
-Alexandre Magno <alexandre.mbm@gmail.com>
-Barış Arda Yılmaz <ardayilmazgamer@gmail.com>
-Christoph Kisfeld <christoph.kisfeld@gmail.com>
-Daniel Speichert <daniel@speichert.pl>
-Gregor Santner <gdev@live.de>
-Huimin Wang <wanghm2009@hotmail.co.jp>
-ilko <email>
-Thomas Fanninger <gogs.thomas@fanninger.at>
-Łukasz Jan Niemier <lukasz@niemier.pl>
-Lafriks <lafriks@gmail.com>
-Luc Stepniewski <luc@stepniewski.fr>
-Miguel de la Cruz <miguel@mcrx.me>
-Marc Schiller <marc@schiller.im>
-Morten Sørensen <klim8d@gmail.com>
-Natan Albuquerque <natanalbuquerque5@gmail.com>
+Adam Strzelecki <ono AT java DOT pl>
+Adrian Verde <me AT adrianverde DOT com>
+Akihiro YAGASAKI <yaggytter AT momiage DOT com>
+Aleksejs Grocevs <aleksejs AT grocevs DOT pro>
+Aleksey Tarakin <hukendo AT yandex DOT ru>
+Alexander Steinhöfer <kontakt AT lx-s DOT de>
+Alexandre Espinosa Menor <aemenor DOT gmail DOT com>
+Alexandre Magno <alexandre DOT mbm AT gmail DOT com>
+Anders B. Hansen <anders AT birkoe DOT com>
+András Schenkerik <moviesharkteam AT gmail DOT com>
+Andrey Nering <andrey AT nering DOT com DOT br>
+Andrey Paskal <apaskal AT gmail DOT com>
+Andrey Solomatin <toadron AT yandex DOT ru>
+Antoine GIRARD <sapk AT sapk DOT fr>
+Arthur Aslanyan <arthur DOT e DOT aslanyan AT gmail DOT com>
+Aurelien Darragon <aurelien DOT darragon AT gmail DOT com>
+Barış Arda Yılmaz <ardayilmazgamer AT gmail DOT com>
+Bo-Yi Wu <appleboy DOT tw AT gmail DOT com>
+Breton Corentin <contact AT neodarz DOT net>
+Camille Baronnet <gogs AT camillebaronnet DOT fr>
+Christoph Kisfeld <christoph DOT kisfeld AT gmail DOT com>
+Cysioland
+Damaris Padieu <damizx AT hotmail DOT fr>
+Daniel Speichert <daniel AT speichert DOT pl>
+David Yzaguirre <dvdyzag AT gmail DOT com>
+Denys Khomenko
+Dmitriy Nogay <me AT catwhocode DOT ga>
+Enrico Testori hypertesto AT gmail DOT com
+Ezequiel Gonzalez Rial <gonrial AT gmail DOT com>
+Farhan Naysee <wpmagic70 AT gmail DOT com>
+Gabriel Dugny <gabriel DOT dugny AT gmail DOT com>
+Ganesha <reekoheek AT gmail DOT com>
+Gregor Santner <gdev AT live DOT de>
+Halil Kaya <halil AT halilkaya DOT net>
+Hamid Feizabadi <hamidfzm AT gmail DOT com>
+Huimin Wang <wanghm2009 AT hotmail DOT co DOT jp>
+ilko <kontact-mr.k AT outlook DOT com">
+Ilya Makarov
+Jamie Mansfield <dev AT jamierocks DOT uk>
+Javier Ortiz Bultron <javier DOT ortiz DOT 78 AT gmail DOT com>
+Jean THOMAS <contact AT tibounise DOT com>
+John Behm <jxsl13 AT googlemail DOT com>
+Jonas De Kegel <jonasgithub [AT] gmail [DOT] com>
+Joubert RedRat <me+github AT redrat DOT com DOT br>
+Juraj Bubniak <contact AT jbub DOT eu>
+Lafriks <lafriks AT gmail DOT com>
+Lauri Ojansivu <x AT xet7 DOT org>
+Luca Bozzo <luca AT bozzo DOT it>
+Luca Kröger <l DOT kroeger01 AT gmail DOT com>
+Luc Stepniewski <luc AT stepniewski DOT fr>
+Łukasz Jan Niemier <lukasz AT niemier DOT pl>
+Marc Schiller <marc AT schiller DOT im>
+Marvin Menzerath <github AT marvin-menzerath DOT de>
+Michael Härtl <haertl DOT mike AT gmail DOT com>
+Miguel de la Cruz <miguel AT mcrx DOT me>
+Mikhail Burdin <xdshot9000 AT gmail DOT com>
+Morten Sørensen <klim8d AT gmail DOT com>
+Muhammad Fawwaz Orabi <mfawwaz93 AT gmail DOT com>
+Nakao Takamasa <at.mattenn AT gmail DOT com>
+Natan Albuquerque <natanalbuquerque5 AT gmail DOT com>
+Odilon Junior <odilon DOT junior93 AT gmail DOT com>
+Oleksandr Yermakov <olexander DOT yermakov AT gmail DOT com>
+Óscar García Amor <ogarcia AT connectical DOT com>
+Pablo Saavedra <psaavedra AT igalia DOT com>
+Pierre Prinetti >meatqrawldotnet<
+Richard Bukovansky <richard DOT bukovansky @ gmail DOT com>
+Robert Nuske <robert DOT nuske AT web DOT de>
+Robin Hübner <profan AT prfn DOT se>
+Rste Risafov <risafov AT lazy DOT com>
+SeongJae Park <sj38 DOT park AT gmail DOT com>
+Sergey Stepanov <sergystepanov AT gmail DOT com>
+Thomas Fanninger <gogs DOT thomas AT fanninger DOT at>
+Tilmann Bach <tilmann AT outlook DOT com>
+Toni Villena Jiménez <tonivj5 AT gmail DOT com>
+Vladimir Jigulin mogaika AT yandex DOT ru
+Vladimir Vissoultchev <wqweto AT gmail DOT com>
+Vongola <me AT vongola DOT tw>
+YJSoft <yjsoft AT yjsoft DOT pe DOT kr>
+Oscar Quisbert <quisbert_karos AT outlook DOT com>

docker-compose.yml

@@ -1,12 +0,0 @@
-web:
-  build: .
-  links:
-    - mysql
-  ports:
-    - "3000:3000"
-
-mysql:
-  image: mysql
-  environment:
-    - MYSQL_ROOT_PASSWORD=gogs
-    - MYSQL_DATABASE=gogs

docker/README.md

@@ -1,12 +1,12 @@
 # Docker for Gogs
 
-Visit [Docker Hub](https://hub.docker.com/r/gogs/gogs/) see all available tags.
+Visit [Docker Hub](https://hub.docker.com/r/gogs/) / [Docker Store](https://store.docker.com/community/images/gogs/gogs) see all available images and tags.
 
 ## Usage
 
-To keep your data out of Docker container, we do a volume(`/var/gogs` -> `/data`) here, and you can change it based on your situation.
+To keep your data out of Docker container, we do a volume (`/var/gogs` -> `/data`) here, and you can change it based on your situation.
 
-```
+```sh
 # Pull image from Docker Hub.
 $ docker pull gogs/gogs
 
@@ -17,12 +17,14 @@ $ mkdir -p /var/gogs
 $ docker run --name=gogs -p 10022:22 -p 10080:3000 -v /var/gogs:/data gogs/gogs
 
 # Use `docker start` if you have stopped it.
-$ docker start gogs 
+$ docker start gogs
 ```
 
+Note: It is important to map the Gogs ssh service from the container to the host and set the appropriate SSH Port and URI settings when setting up Gogs for the first time. To access and clone Gogs Git repositories with the above configuration you would use: `git clone ssh://git@hostname:10022/username/myrepo.git` for example.
+
 Files will be store in local path `/var/gogs` in my case.
 
-Directory `/var/gogs` keeps Git repoistories and Gogs data:
+Directory `/var/gogs` keeps Git repositories and Gogs data:
 
     /var/gogs
     |-- git
@@ -33,31 +35,81 @@ Directory `/var/gogs` keeps Git repoistories and Gogs data:
         |-- conf
         |-- data
         |-- log
-        |-- templates
+
+### Volume With Data Container
+
+If you're more comfortable with mounting data to a data container, the commands you execute at the first time will look like as follows:
+
+```sh
+# Create data container
+docker run --name=gogs-data --entrypoint /bin/true gogs/gogs
+
+# Use `docker run` for the first time.
+docker run --name=gogs --volumes-from gogs-data -p 10022:22 -p 10080:3000 gogs/gogs
+```
+
+#### Using Docker 1.9 Volume Command
+
+```sh
+# Create docker volume.
+$ docker volume create --name gogs-data
+
+# Use `docker run` for the first time.
+$ docker run --name=gogs -p 10022:22 -p 10080:3000 -v gogs-data:/data gogs/gogs
+```
 
 ## Settings
 
+### Application
+
 Most of settings are obvious and easy to understand, but there are some settings can be confusing by running Gogs inside Docker:
 
 - **Repository Root Path**: keep it as default value `/home/git/gogs-repositories` because `start.sh` already made a symbolic link for you.
-- **Run User**: keep it as default value `git` because `start.sh` already setup a user with name `git`.
-- **Domain**: fill in with Docker container IP(e.g. `192.168.99.100`).
-- **SSH Port**: Use the exposed port from Docker container. For example, your SSH server listens on `22` inside Docker, but you expose it by `10022:22`, then use `10022` for this value.
-- **HTTP Port**: Use port you want Gogs to listen on inside Docker container. For example, your Gogs listens on `3000` inside Docker, and you expose it by `10080:3000`, but you still use `3000` for this value.
-- **Application URL**: Use combination of **Domain** and **exposed HTTP Port** values(e.g. `http://192.168.99.100:10080/`). 
+- **Run User**: keep it as default value `git` because `build.sh` already setup a user with name `git`.
+- **Domain**: fill in with Docker container IP (e.g. `192.168.99.100`). But if you want to access your Gogs instance from a different physical machine, please fill in with the hostname or IP address of the Docker host machine.
+- **SSH Port**: Use the exposed port from Docker container. For example, your SSH server listens on `22` inside Docker, **but** you expose it by `10022:22`, then use `10022` for this value. **Builtin SSH server is not recommended inside Docker Container**
+- **HTTP Port**: Use port you want Gogs to listen on inside Docker container. For example, your Gogs listens on `3000` inside Docker, **and** you expose it by `10080:3000`, but you still use `3000` for this value.
+- **Application URL**: Use combination of **Domain** and **exposed HTTP Port** values (e.g. `http://192.168.99.100:10080/`).
 
-Full documentation of settings can be found [here](http://gogs.io/docs/advanced/configuration_cheat_sheet.html).
+Full documentation of application settings can be found [here](https://gogs.io/docs/advanced/configuration_cheat_sheet.html).
 
-## Troubleshooting
+### Container Options
 
-If you see the following error:
+This container have some options available via environment variables, these options are opt-in features that can help the administration of this container:
 
-```
-checkVersion()] [E] Binary and template file version does not match
-```
+- **SOCAT_LINK**:
+  - <u>Possible value:</u>
+      `true`, `false`, `1`, `0`
+  - <u>Default:</u>
+      `true`
+  - <u>Action:</u>
+      Bind linked docker container to localhost socket using socat.
+      Any exported port from a linked container will be binded to the matching port on localhost.
+  - <u>Disclaimer:</u>
+      As this option rely on the environment variable created by docker when a container is linked, this option should be deactivated in managed environment such as Rancher or Kubernetes (set to `0` or `false`)
+- **RUN_CROND**:
+  - <u>Possible value:</u>
+      `true`, `false`, `1`, `0`
+  - <u>Default:</u>
+      `false`
+  - <u>Action:</u>
+      Request crond to be run inside the container. Its default configuration will periodically run all scripts from `/etc/periodic/${period}` but custom crontabs can be added to `/var/spool/cron/crontabs/`.
 
-Run `rm -fr /var/gogs/gogs/templates/` should fix this it. Just remember to backup templates file if you have made modifications youself.
+## Upgrade
+
+:exclamation::exclamation::exclamation:<span style="color: red">**Make sure you have volumed data to somewhere outside Docker container**</span>:exclamation::exclamation::exclamation:
+
+Steps to upgrade Gogs with Docker:
+
+- `docker pull gogs/gogs`
+- `docker stop gogs`
+- `docker rm gogs`
+- Finally, create container as the first time and don't forget to do same volume and port mapping.
 
 ## Known Issues
 
-- [Use ctrl+c when clone through SSH makes Docker exit unexpectedly](https://github.com/gogits/gogs/issues/1499)
+- The docker container can not currently be build on Raspberry 1 (armv6l) as our base image `alpine` does not have a `go` package available for this platform.
+
+## Useful Links
+
+- [Share port 22 between Gogs inside Docker & the local system](http://www.ateijelo.com/blog/2016/07/09/share-port-22-between-docker-gogs-ssh-and-local-system)

docker/build-go.sh

@@ -0,0 +1,32 @@
+#!/bin/sh
+# Build GO version as specified in Dockerfile
+
+set -x
+set -e
+
+# Components versions
+export GOLANG_VERSION="1.8"
+export GOLANG_SRC_URL="https://golang.org/dl/go$GOLANG_VERSION.src.tar.gz"
+export GOLANG_SRC_SHA256="406865f587b44be7092f206d73fc1de252600b79b3cacc587b74b5ef5c623596"
+
+
+# Install build tools
+apk add --no-cache --no-progress --virtual build-deps-go gcc musl-dev openssl go
+
+export GOROOT_BOOTSTRAP="$(go env GOROOT)"
+
+# Download Go
+wget -q "$GOLANG_SRC_URL" -O golang.tar.gz
+echo "$GOLANG_SRC_SHA256  golang.tar.gz" | sha256sum -c -
+tar -C /usr/local -xzf golang.tar.gz
+rm golang.tar.gz
+
+# Build
+cd /usr/local/go/src
+# see https://golang.org/issue/14851
+patch -p2 -i /app/gogs/build/docker/no-pic.patch
+./make.bash
+
+# Clean
+rm /app/gogs/build/docker/*.patch
+apk del build-deps-go

docker/build.sh

@@ -0,0 +1,29 @@
+#!/bin/sh
+set -x
+set -e
+
+# Set temp environment vars
+export GOPATH=/tmp/go
+export PATH=/usr/local/go/bin:${PATH}:${GOPATH}/bin
+export GO15VENDOREXPERIMENT=1
+
+# Install build deps
+apk --no-cache --no-progress add --virtual build-deps build-base linux-pam-dev
+
+# Build Gogs
+mkdir -p ${GOPATH}/src/github.com/gogits/
+ln -s /app/gogs/build ${GOPATH}/src/github.com/gogits/gogs
+cd ${GOPATH}/src/github.com/gogits/gogs
+# Needed since git 2.9.3 or 2.9.4
+git config --global http.https://gopkg.in.followRedirects true
+make build TAGS="sqlite cert pam"
+
+# Cleanup GOPATH
+rm -r $GOPATH
+
+# Remove build deps
+apk --no-progress del build-deps
+
+# Create git user for Gogs
+adduser -H -D -g 'Gogs Git User' git -h /data/git -s /bin/bash && passwd -u git
+echo "export GOGS_CUSTOM=${GOGS_CUSTOM}" >> /etc/profile

docker/finalize.sh

@@ -0,0 +1,22 @@
+#!/bin/sh
+# Finalize the build
+
+set -x
+set -e
+
+# Move to final place
+mv /app/gogs/build/gogs /app/gogs/
+mv /app/gogs/build/templates /app/gogs/
+mv /app/gogs/build/public /app/gogs/
+mv /app/gogs/build/docker /app/gogs/
+
+# Final cleaning
+rm -rf /app/gogs/build
+rm /app/gogs/docker/build.sh
+rm /app/gogs/docker/build-go.sh
+rm /app/gogs/docker/finalize.sh
+rm /app/gogs/docker/nsswitch.conf
+rm /app/gogs/docker/README.md
+
+rm -rf /tmp/go
+rm -rf /usr/local/go

docker/no-pic.patch

@@ -0,0 +1,16 @@
+diff --git a/src/cmd/link/internal/ld/lib.go b/src/cmd/link/internal/ld/lib.go
+index 14f4fa9..5599307 100644
+--- a/src/cmd/link/internal/ld/lib.go
++++ b/src/cmd/link/internal/ld/lib.go
+@@ -1272,6 +1272,11 @@ func hostlink() {
+ 		argv = append(argv, peimporteddlls()...)
+ 	}
+ 
++	// The Go linker does not currently support building PIE
++	// executables when using the external linker. See:
++	// https://github.com/golang/go/issues/6940
++	argv = append(argv, "-fno-PIC")
++
+ 	if l.Debugvlog != 0 {
+ 		l.Logf("%5.2f host link:", obj.Cputime())
+ 		for _, v := range argv {

docker/nsswitch.conf

@@ -0,0 +1,16 @@
+# /etc/nsswitch.conf
+
+passwd:         compat
+group:          compat
+shadow:         compat
+
+hosts:          files dns
+networks:       files
+
+protocols:      db files
+services:       db files
+ethers:         db files
+rpc:            db files
+
+netgroup:       nis
+

docker/s6/.s6-svscan/finish

@@ -0,0 +1,5 @@
+#!/bin/sh
+
+# Cleanup SOCAT services and s6 event folder
+rm -rf $(find /app/gogs/docker/s6/ -name 'event')
+rm -rf /app/gogs/docker/s6/SOCAT_*

docker/s6/crond/run

@@ -0,0 +1,9 @@
+#!/bin/sh
+# Crontabs are located by default in /var/spool/cron/crontabs/
+# The default configuration is also calling all the scripts in /etc/periodic/${period}
+
+if test -f ./setup; then
+    source ./setup
+fi
+
+exec gosu root /usr/sbin/crond -fS

docker/s6/gogs/run

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+if test -f ./setup; then
+    source ./setup
+fi
+
+export USER=git
+exec gosu $USER /app/gogs/gogs web

docker/s6/gogs/setup

@@ -0,0 +1,23 @@
+#!/bin/sh
+
+if ! test -d ~git/.ssh; then
+    mkdir -p ~git/.ssh
+    chmod 700 ~git/.ssh
+fi
+
+if ! test -f ~git/.ssh/environment; then
+    echo "GOGS_CUSTOM=${GOGS_CUSTOM}" > ~git/.ssh/environment
+    chmod 600 ~git/.ssh/environment
+fi
+
+cd /app/gogs
+
+# Link volumed data with app data
+ln -sf /data/gogs/log  ./log
+ln -sf /data/gogs/data ./data
+
+# Backward Compatibility with Gogs Container v0.6.15
+ln -sf /data/git /home/git
+
+chown -R git:git /data /app/gogs ~git/
+chmod 0755 /data /data/gogs ~git/

docker/s6/openssh/run

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+if test -f ./setup; then
+    source ./setup
+fi
+
+exec gosu root /usr/sbin/sshd -D -f /app/gogs/docker/sshd_config

docker/s6/openssh/setup

@@ -0,0 +1,23 @@
+#!/bin/sh
+
+# Check if host keys are present, else create them
+if ! test -f /data/ssh/ssh_host_rsa_key; then
+    ssh-keygen -q -f /data/ssh/ssh_host_rsa_key -N '' -t rsa
+fi
+
+if ! test -f /data/ssh/ssh_host_dsa_key; then
+    ssh-keygen -q -f /data/ssh/ssh_host_dsa_key -N '' -t dsa
+fi
+
+if ! test -f /data/ssh/ssh_host_ecdsa_key; then
+    ssh-keygen -q -f /data/ssh/ssh_host_ecdsa_key -N '' -t ecdsa
+fi
+
+if ! test -f /data/ssh/ssh_host_ed25519_key; then
+    ssh-keygen -q -f /data/ssh/ssh_host_ed25519_key -N '' -t ed25519
+fi
+
+# Set correct right to ssh keys
+chown -R root:root /data/ssh/*
+chmod 0700 /data/ssh
+chmod 0600 /data/ssh/*

docker/s6/syslogd/run

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+if test -f ./setup; then
+    source ./setup
+fi
+
+exec gosu root /sbin/syslogd -nS -O-

docker/sshd_config

@@ -0,0 +1,16 @@
+Port 22
+AddressFamily any
+ListenAddress 0.0.0.0
+ListenAddress ::
+Protocol 2
+LogLevel INFO
+HostKey /data/ssh/ssh_host_rsa_key
+HostKey /data/ssh/ssh_host_dsa_key
+HostKey /data/ssh/ssh_host_ecdsa_key
+HostKey /data/ssh/ssh_host_ed25519_key
+PermitRootLogin no
+AuthorizedKeysFile	.ssh/authorized_keys
+PasswordAuthentication no
+UsePrivilegeSeparation no
+PermitUserEnvironment yes
+AllowUsers git

docker/start.sh

@@ -1,47 +1,65 @@
-#!/bin/bash -
-#
+#!/bin/sh
 
-if ! test -d /data/gogs
-then
-	mkdir -p /var/run/sshd
-	mkdir -p /data/gogs/data /data/gogs/conf /data/gogs/log /data/git
+create_socat_links() {
+    # Bind linked docker container to localhost socket using socat
+    USED_PORT="3000:22"
+    while read NAME ADDR PORT; do
+        if test -z "$NAME$ADDR$PORT"; then
+            continue
+        elif echo $USED_PORT | grep -E "(^|:)$PORT($|:)" > /dev/null; then
+            echo "init:socat  | Can't bind linked container ${NAME} to localhost, port ${PORT} already in use" 1>&2
+        else
+            SERV_FOLDER=/app/gogs/docker/s6/SOCAT_${NAME}_${PORT}
+            mkdir -p ${SERV_FOLDER}
+            CMD="socat -ls TCP4-LISTEN:${PORT},fork,reuseaddr TCP4:${ADDR}:${PORT}"
+            echo -e "#!/bin/sh\nexec $CMD" > ${SERV_FOLDER}/run
+            chmod +x ${SERV_FOLDER}/run
+            USED_PORT="${USED_PORT}:${PORT}"
+            echo "init:socat  | Linked container ${NAME} will be binded to localhost on port ${PORT}" 1>&2
+        fi
+    done << EOT
+    $(env | sed -En 's|(.*)_PORT_([0-9]+)_TCP=tcp://(.*):([0-9]+)|\1 \3 \4|p')
+EOT
+}
+
+cleanup() {
+    # Cleanup SOCAT services and s6 event folder
+    # On start and on shutdown in case container has been killed
+    rm -rf $(find /app/gogs/docker/s6/ -name 'event')
+    rm -rf /app/gogs/docker/s6/SOCAT_*
+}
+
+create_volume_subfolder() {
+    # Create VOLUME subfolder
+    for f in /data/gogs/data /data/gogs/conf /data/gogs/log /data/git /data/ssh; do
+        if ! test -d $f; then
+            mkdir -p $f
+        fi
+    done
+}
+
+cleanup
+create_volume_subfolder
+
+LINK=$(echo "$SOCAT_LINK" | tr '[:upper:]' '[:lower:]')
+if [ "$LINK" = "false" -o "$LINK" = "0" ]; then
+    echo "init:socat  | Will not try to create socat links as requested" 1>&2
+else
+    create_socat_links
 fi
 
-if ! test -d /data/ssh
-then
-	mkdir /data/ssh
-	ssh-keygen -q -f /data/ssh/ssh_host_key -N '' -t rsa1
-	ssh-keygen -q -f /data/ssh/ssh_host_rsa_key -N '' -t rsa
-	ssh-keygen -q -f /data/ssh/ssh_host_dsa_key -N '' -t dsa
-	ssh-keygen -q -f /data/ssh/ssh_host_ecdsa_key -N '' -t ecdsa
-	ssh-keygen -q -f /data/ssh/ssh_host_ed25519_key -N '' -t ed25519
-	chown -R root:root /data/ssh/*
-	chmod 600 /data/ssh/*
+CROND=$(echo "$RUN_CROND" | tr '[:upper:]' '[:lower:]')
+if [ "$CROND" = "true" -o "$CROND" = "1" ]; then
+    echo "init:crond  | Cron Daemon (crond) will be run as requested by s6" 1>&2
+    rm -f /app/gogs/docker/s6/crond/down
+else
+    # Tell s6 not to run the crond service
+    touch /app/gogs/docker/s6/crond/down
 fi
 
-service ssh start
-
-# sync templates
-test -d /data/gogs/templates || cp -ar ./templates /data/gogs/
-rsync -rtv /data/gogs/templates/ ./templates/
-
-ln -sf /data/gogs/log ./log
-ln -sf /data/gogs/data ./data
-ln -sf /data/git /home/git
-
-
-if ! test -d ~git/.ssh
-then
-  mkdir ~git/.ssh
-  chmod 700 ~git/.ssh
+# Exec CMD or S6 by default if nothing present
+if [ $# -gt 0 ];then
+    exec "$@"
+else
+    exec /bin/s6-svscan /app/gogs/docker/s6/
 fi
-
-if ! test -f ~git/.ssh/environment
-then
-  echo "GOGS_CUSTOM=/data/gogs" > ~git/.ssh/environment
-  chown git:git ~git/.ssh/environment
-  chown 600 ~git/.ssh/environment
-fi
-
-chown -R git:git /data .
-exec su git -c "./gogs web"

gogs.go

@@ -1,40 +1,41 @@
-// +build go1.2
+// +build go1.5
 
 // Copyright 2014 The Gogs Authors. All rights reserved.
 // Use of this source code is governed by a MIT-style
 // license that can be found in the LICENSE file.
 
-// Gogs(Go Git Service) is a painless self-hosted Git Service written in Go.
+// Gogs is a painless self-hosted Git Service.
 package main
 
 import (
 	"os"
-	"runtime"
 
-	"github.com/codegangsta/cli"
+	"github.com/urfave/cli"
 
 	"github.com/gogits/gogs/cmd"
 	"github.com/gogits/gogs/modules/setting"
 )
 
-const APP_VER = "0.6.9.0903 Beta"
+const APP_VER = "0.11.0.0403"
 
 func init() {
-	runtime.GOMAXPROCS(runtime.NumCPU())
 	setting.AppVer = APP_VER
 }
 
 func main() {
 	app := cli.NewApp()
 	app.Name = "Gogs"
-	app.Usage = "Go Git Service"
+	app.Usage = "A painless self-hosted Git service"
 	app.Version = APP_VER
 	app.Commands = []cli.Command{
-		cmd.CmdWeb,
-		cmd.CmdServ,
-		cmd.CmdUpdate,
-		cmd.CmdDump,
-		cmd.CmdCert,
+		cmd.Web,
+		cmd.Serv,
+		cmd.Hook,
+		cmd.Cert,
+		cmd.Admin,
+		cmd.Import,
+		cmd.Backup,
+		cmd.Restore,
 	}
 	app.Flags = append(app.Flags, []cli.Flag{}...)
 	app.Run(os.Args)

models/access.go

@@ -7,19 +7,48 @@ package models
 import (
 	"fmt"
 
-	"github.com/gogits/gogs/modules/log"
+	log "gopkg.in/clog.v1"
+
+	"github.com/gogits/gogs/models/errors"
 )
 
 type AccessMode int
 
 const (
-	ACCESS_MODE_NONE AccessMode = iota
-	ACCESS_MODE_READ
-	ACCESS_MODE_WRITE
-	ACCESS_MODE_ADMIN
-	ACCESS_MODE_OWNER
+	ACCESS_MODE_NONE  AccessMode = iota // 0
+	ACCESS_MODE_READ                    // 1
+	ACCESS_MODE_WRITE                   // 2
+	ACCESS_MODE_ADMIN                   // 3
+	ACCESS_MODE_OWNER                   // 4
 )
 
+func (mode AccessMode) String() string {
+	switch mode {
+	case ACCESS_MODE_READ:
+		return "read"
+	case ACCESS_MODE_WRITE:
+		return "write"
+	case ACCESS_MODE_ADMIN:
+		return "admin"
+	case ACCESS_MODE_OWNER:
+		return "owner"
+	default:
+		return "none"
+	}
+}
+
+// ParseAccessMode returns corresponding access mode to given permission string.
+func ParseAccessMode(permission string) AccessMode {
+	switch permission {
+	case "write":
+		return ACCESS_MODE_WRITE
+	case "admin":
+		return ACCESS_MODE_ADMIN
+	default:
+		return ACCESS_MODE_READ
+	}
+}
+
 // Access represents the highest access level of a user to the repository. The only access type
 // that is not in this table is the real owner of a repository. In case of an organization
 // repository, the members of the owners team are in this table.
@@ -30,48 +59,51 @@ type Access struct {
 	Mode   AccessMode
 }
 
-func accessLevel(e Engine, u *User, repo *Repository) (AccessMode, error) {
+func accessLevel(e Engine, userID int64, repo *Repository) (AccessMode, error) {
 	mode := ACCESS_MODE_NONE
+	// Everyone has read access to public repository
 	if !repo.IsPrivate {
 		mode = ACCESS_MODE_READ
 	}
 
-	if u != nil {
-		if u.Id == repo.OwnerID {
-			return ACCESS_MODE_OWNER, nil
-		}
-
-		a := &Access{UserID: u.Id, RepoID: repo.ID}
-		if has, err := e.Get(a); !has || err != nil {
-			return mode, err
-		}
-		return a.Mode, nil
+	if userID <= 0 {
+		return mode, nil
 	}
 
-	return mode, nil
+	if userID == repo.OwnerID {
+		return ACCESS_MODE_OWNER, nil
+	}
+
+	access := &Access{
+		UserID: userID,
+		RepoID: repo.ID,
+	}
+	if has, err := e.Get(access); !has || err != nil {
+		return mode, err
+	}
+	return access.Mode, nil
 }
 
 // AccessLevel returns the Access a user has to a repository. Will return NoneAccess if the
-// user does not have access. User can be nil!
-func AccessLevel(u *User, repo *Repository) (AccessMode, error) {
-	return accessLevel(x, u, repo)
+// user does not have access.
+func AccessLevel(userID int64, repo *Repository) (AccessMode, error) {
+	return accessLevel(x, userID, repo)
 }
 
-func hasAccess(e Engine, u *User, repo *Repository, testMode AccessMode) (bool, error) {
-	mode, err := accessLevel(e, u, repo)
-	return testMode <= mode, err
+func hasAccess(e Engine, userID int64, repo *Repository, testMode AccessMode) (bool, error) {
+	mode, err := accessLevel(e, userID, repo)
+	return mode >= testMode, err
 }
 
 // HasAccess returns true if someone has the request access level. User can be nil!
-func HasAccess(u *User, repo *Repository, testMode AccessMode) (bool, error) {
-	return hasAccess(x, u, repo, testMode)
+func HasAccess(userID int64, repo *Repository, testMode AccessMode) (bool, error) {
+	return hasAccess(x, userID, repo, testMode)
 }
 
-// GetAccessibleRepositories finds all repositories where a user has access to,
-// besides he/she owns.
-func (u *User) GetAccessibleRepositories() (map[*Repository]AccessMode, error) {
+// GetRepositoryAccesses finds all repositories with their access mode where a user has access but does not own.
+func (u *User) GetRepositoryAccesses() (map[*Repository]AccessMode, error) {
 	accesses := make([]*Access, 0, 10)
-	if err := x.Find(&accesses, &Access{UserID: u.Id}); err != nil {
+	if err := x.Find(&accesses, &Access{UserID: u.ID}); err != nil {
 		return nil, err
 	}
 
@@ -79,24 +111,35 @@ func (u *User) GetAccessibleRepositories() (map[*Repository]AccessMode, error) {
 	for _, access := range accesses {
 		repo, err := GetRepositoryByID(access.RepoID)
 		if err != nil {
-			if IsErrRepoNotExist(err) {
-				log.Error(4, "%v", err)
+			if errors.IsRepoNotExist(err) {
+				log.Error(4, "GetRepositoryByID: %v", err)
 				continue
 			}
 			return nil, err
 		}
 		if err = repo.GetOwner(); err != nil {
 			return nil, err
-		} else if repo.OwnerID == u.Id {
+		} else if repo.OwnerID == u.ID {
 			continue
 		}
 		repos[repo] = access.Mode
 	}
-
-	// FIXME: should we generate an ordered list here? Random looks weird.
 	return repos, nil
 }
 
+// GetAccessibleRepositories finds repositories which the user has access but does not own.
+// If limit is smaller than 1 means returns all found results.
+func (user *User) GetAccessibleRepositories(limit int) (repos []*Repository, _ error) {
+	sess := x.Where("owner_id !=? ", user.ID).Desc("updated_unix")
+	if limit > 0 {
+		sess.Limit(limit)
+		repos = make([]*Repository, 0, limit)
+	} else {
+		repos = make([]*Repository, 0, 10)
+	}
+	return repos, sess.Join("INNER", "access", "access.user_id = ? AND access.repo_id = repository.id", user.ID).Find(&repos)
+}
+
 func maxAccessMode(modes ...AccessMode) AccessMode {
 	max := ACCESS_MODE_NONE
 	for _, mode := range modes {
@@ -109,16 +152,8 @@ func maxAccessMode(modes ...AccessMode) AccessMode {
 
 // FIXME: do corss-comparison so reduce deletions and additions to the minimum?
 func (repo *Repository) refreshAccesses(e Engine, accessMap map[int64]AccessMode) (err error) {
-	minMode := ACCESS_MODE_READ
-	if !repo.IsPrivate {
-		minMode = ACCESS_MODE_WRITE
-	}
-
 	newAccesses := make([]Access, 0, len(accessMap))
 	for userID, mode := range accessMap {
-		if mode < minMode {
-			continue
-		}
 		newAccesses = append(newAccesses, Access{
 			UserID: userID,
 			RepoID: repo.ID,
@@ -135,15 +170,14 @@ func (repo *Repository) refreshAccesses(e Engine, accessMap map[int64]AccessMode
 	return nil
 }
 
-// FIXME: should be able to have read-only access.
-// Give all collaborators write access.
+// refreshCollaboratorAccesses retrieves repository collaborations with their access modes.
 func (repo *Repository) refreshCollaboratorAccesses(e Engine, accessMap map[int64]AccessMode) error {
-	collaborators, err := repo.getCollaborators(e)
+	collaborations, err := repo.getCollaborations(e)
 	if err != nil {
-		return fmt.Errorf("getCollaborators: %v", err)
+		return fmt.Errorf("getCollaborations: %v", err)
 	}
-	for _, c := range collaborators {
-		accessMap[c.Id] = ACCESS_MODE_WRITE
+	for _, c := range collaborations {
+		accessMap[c.UserID] = c.Mode
 	}
 	return nil
 }
@@ -185,7 +219,7 @@ func (repo *Repository) recalculateTeamAccesses(e Engine, ignTeamID int64) (err
 			return fmt.Errorf("getMembers '%d': %v", t.ID, err)
 		}
 		for _, m := range t.Members {
-			accessMap[m.Id] = maxAccessMode(accessMap[m.Id], t.Authorize)
+			accessMap[m.ID] = maxAccessMode(accessMap[m.ID], t.Authorize)
 		}
 	}
 
@@ -197,7 +231,7 @@ func (repo *Repository) recalculateAccesses(e Engine) error {
 		return repo.recalculateTeamAccesses(e, 0)
 	}
 
-	accessMap := make(map[int64]AccessMode, 20)
+	accessMap := make(map[int64]AccessMode, 10)
 	if err := repo.refreshCollaboratorAccesses(e, accessMap); err != nil {
 		return fmt.Errorf("refreshCollaboratorAccesses: %v", err)
 	}

models/action.go

@@ -6,7 +6,6 @@ package models
 
 import (
 	"encoding/json"
-	"errors"
 	"fmt"
 	"path"
 	"regexp"
@@ -14,34 +13,41 @@ import (
 	"time"
 	"unicode"
 
+	"github.com/Unknwon/com"
 	"github.com/go-xorm/xorm"
+	log "gopkg.in/clog.v1"
 
+	"github.com/gogits/git-module"
 	api "github.com/gogits/go-gogs-client"
 
+	"github.com/gogits/gogs/models/errors"
 	"github.com/gogits/gogs/modules/base"
-	"github.com/gogits/gogs/modules/git"
-	"github.com/gogits/gogs/modules/log"
 	"github.com/gogits/gogs/modules/setting"
 )
 
 type ActionType int
 
+// To maintain backward compatibility only append to the end of list
 const (
-	CREATE_REPO         ActionType = iota + 1 // 1
-	RENAME_REPO                               // 2
-	STAR_REPO                                 // 3
-	FOLLOW_REPO                               // 4
-	COMMIT_REPO                               // 5
-	CREATE_ISSUE                              // 6
-	CREATE_PULL_REQUEST                       // 7
-	TRANSFER_REPO                             // 8
-	PUSH_TAG                                  // 9
-	COMMENT_ISSUE                             // 10
-	MERGE_PULL_REQUEST                        // 11
-)
-
-var (
-	ErrNotImplemented = errors.New("Not implemented yet")
+	ACTION_CREATE_REPO         ActionType = iota + 1 // 1
+	ACTION_RENAME_REPO                               // 2
+	ACTION_STAR_REPO                                 // 3
+	ACTION_WATCH_REPO                                // 4
+	ACTION_COMMIT_REPO                               // 5
+	ACTION_CREATE_ISSUE                              // 6
+	ACTION_CREATE_PULL_REQUEST                       // 7
+	ACTION_TRANSFER_REPO                             // 8
+	ACTION_PUSH_TAG                                  // 9
+	ACTION_COMMENT_ISSUE                             // 10
+	ACTION_MERGE_PULL_REQUEST                        // 11
+	ACTION_CLOSE_ISSUE                               // 12
+	ACTION_REOPEN_ISSUE                              // 13
+	ACTION_CLOSE_PULL_REQUEST                        // 14
+	ACTION_REOPEN_PULL_REQUEST                       // 15
+	ACTION_CREATE_BRANCH                             // 16
+	ACTION_DELETE_BRANCH                             // 17
+	ACTION_DELETE_TAG                                // 18
+	ACTION_FORK_REPO                                 // 19
 )
 
 var (
@@ -63,15 +69,14 @@ func init() {
 	IssueReferenceKeywordsPat = regexp.MustCompile(`(?i)(?:)(^| )\S+`)
 }
 
-// Action represents user operation type and other information to repository.,
+// Action represents user operation type and other information to repository,
 // it implemented interface base.Actioner so that can be used in template render.
 type Action struct {
-	ID           int64 `xorm:"pk autoincr"`
+	ID           int64
 	UserID       int64 // Receiver user id.
 	OpType       ActionType
 	ActUserID    int64  // Action user id.
 	ActUserName  string // Action user name.
-	ActEmail     string
 	ActAvatar    string `xorm:"-"`
 	RepoID       int64
 	RepoUserName string
@@ -79,92 +84,127 @@ type Action struct {
 	RefName      string
 	IsPrivate    bool      `xorm:"NOT NULL DEFAULT false"`
 	Content      string    `xorm:"TEXT"`
-	Created      time.Time `xorm:"created"`
+	Created      time.Time `xorm:"-"`
+	CreatedUnix  int64
+}
+
+func (a *Action) BeforeInsert() {
+	a.CreatedUnix = time.Now().Unix()
 }
 
 func (a *Action) AfterSet(colName string, _ xorm.Cell) {
 	switch colName {
-	case "created":
-		a.Created = regulateTimeZone(a.Created)
+	case "created_unix":
+		a.Created = time.Unix(a.CreatedUnix, 0).Local()
 	}
 }
 
-func (a Action) GetOpType() int {
+func (a *Action) GetOpType() int {
 	return int(a.OpType)
 }
 
-func (a Action) GetActUserName() string {
+func (a *Action) GetActUserName() string {
 	return a.ActUserName
 }
 
-func (a Action) GetActEmail() string {
-	return a.ActEmail
+func (a *Action) ShortActUserName() string {
+	return base.EllipsisString(a.ActUserName, 20)
 }
 
-func (a Action) GetRepoUserName() string {
+func (a *Action) GetRepoUserName() string {
 	return a.RepoUserName
 }
 
-func (a Action) GetRepoName() string {
+func (a *Action) ShortRepoUserName() string {
+	return base.EllipsisString(a.RepoUserName, 20)
+}
+
+func (a *Action) GetRepoName() string {
 	return a.RepoName
 }
 
-func (a Action) GetRepoPath() string {
+func (a *Action) ShortRepoName() string {
+	return base.EllipsisString(a.RepoName, 33)
+}
+
+func (a *Action) GetRepoPath() string {
 	return path.Join(a.RepoUserName, a.RepoName)
 }
 
-func (a Action) GetRepoLink() string {
+func (a *Action) ShortRepoPath() string {
+	return path.Join(a.ShortRepoUserName(), a.ShortRepoName())
+}
+
+func (a *Action) GetRepoLink() string {
 	if len(setting.AppSubUrl) > 0 {
 		return path.Join(setting.AppSubUrl, a.GetRepoPath())
 	}
 	return "/" + a.GetRepoPath()
 }
 
-func (a Action) GetBranch() string {
+func (a *Action) GetBranch() string {
 	return a.RefName
 }
 
-func (a Action) GetContent() string {
+func (a *Action) GetContent() string {
 	return a.Content
 }
 
-func (a Action) GetCreate() time.Time {
+func (a *Action) GetCreate() time.Time {
 	return a.Created
 }
 
-func (a Action) GetIssueInfos() []string {
+func (a *Action) GetIssueInfos() []string {
 	return strings.SplitN(a.Content, "|", 2)
 }
 
-func newRepoAction(e Engine, u *User, repo *Repository) (err error) {
-	if err = notifyWatchers(e, &Action{
-		ActUserID:    u.Id,
-		ActUserName:  u.Name,
-		ActEmail:     u.Email,
-		OpType:       CREATE_REPO,
+func (a *Action) GetIssueTitle() string {
+	index := com.StrTo(a.GetIssueInfos()[0]).MustInt64()
+	issue, err := GetIssueByIndex(a.RepoID, index)
+	if err != nil {
+		log.Error(4, "GetIssueByIndex: %v", err)
+		return "500 when get issue"
+	}
+	return issue.Title
+}
+
+func (a *Action) GetIssueContent() string {
+	index := com.StrTo(a.GetIssueInfos()[0]).MustInt64()
+	issue, err := GetIssueByIndex(a.RepoID, index)
+	if err != nil {
+		log.Error(4, "GetIssueByIndex: %v", err)
+		return "500 when get issue"
+	}
+	return issue.Content
+}
+
+func newRepoAction(e Engine, doer, owner *User, repo *Repository) (err error) {
+	opType := ACTION_CREATE_REPO
+	if repo.IsFork {
+		opType = ACTION_FORK_REPO
+	}
+
+	return notifyWatchers(e, &Action{
+		ActUserID:    doer.ID,
+		ActUserName:  doer.Name,
+		OpType:       opType,
 		RepoID:       repo.ID,
 		RepoUserName: repo.Owner.Name,
 		RepoName:     repo.Name,
 		IsPrivate:    repo.IsPrivate,
-	}); err != nil {
-		return fmt.Errorf("notify watchers '%d/%s': %v", u.Id, repo.ID, err)
-	}
-
-	log.Trace("action.newRepoAction: %s/%s", u.Name, repo.Name)
-	return err
+	})
 }
 
 // NewRepoAction adds new action for creating repository.
-func NewRepoAction(u *User, repo *Repository) (err error) {
-	return newRepoAction(x, u, repo)
+func NewRepoAction(doer, owner *User, repo *Repository) (err error) {
+	return newRepoAction(x, doer, owner, repo)
 }
 
 func renameRepoAction(e Engine, actUser *User, oldRepoName string, repo *Repository) (err error) {
 	if err = notifyWatchers(e, &Action{
-		ActUserID:    actUser.Id,
+		ActUserID:    actUser.ID,
 		ActUserName:  actUser.Name,
-		ActEmail:     actUser.Email,
-		OpType:       RENAME_REPO,
+		OpType:       ACTION_RENAME_REPO,
 		RepoID:       repo.ID,
 		RepoUserName: repo.Owner.Name,
 		RepoName:     repo.Name,
@@ -187,9 +227,102 @@ func issueIndexTrimRight(c rune) bool {
 	return !unicode.IsDigit(c)
 }
 
-// updateIssuesCommit checks if issues are manipulated by commit message.
-func updateIssuesCommit(u *User, repo *Repository, repoUserName, repoName string, commits []*base.PushCommit) error {
-	for _, c := range commits {
+type PushCommit struct {
+	Sha1           string
+	Message        string
+	AuthorEmail    string
+	AuthorName     string
+	CommitterEmail string
+	CommitterName  string
+	Timestamp      time.Time
+}
+
+type PushCommits struct {
+	Len        int
+	Commits    []*PushCommit
+	CompareURL string
+
+	avatars map[string]string
+}
+
+func NewPushCommits() *PushCommits {
+	return &PushCommits{
+		avatars: make(map[string]string),
+	}
+}
+
+func (pc *PushCommits) ToApiPayloadCommits(repoPath, repoLink string) ([]*api.PayloadCommit, error) {
+	commits := make([]*api.PayloadCommit, len(pc.Commits))
+	for i, commit := range pc.Commits {
+		authorUsername := ""
+		author, err := GetUserByEmail(commit.AuthorEmail)
+		if err == nil {
+			authorUsername = author.Name
+		} else if !errors.IsUserNotExist(err) {
+			return nil, fmt.Errorf("GetUserByEmail: %v", err)
+		}
+
+		committerUsername := ""
+		committer, err := GetUserByEmail(commit.CommitterEmail)
+		if err == nil {
+			committerUsername = committer.Name
+		} else if !errors.IsUserNotExist(err) {
+			return nil, fmt.Errorf("GetUserByEmail: %v", err)
+		}
+
+		fileStatus, err := git.GetCommitFileStatus(repoPath, commit.Sha1)
+		if err != nil {
+			return nil, fmt.Errorf("FileStatus [commit_sha1: %s]: %v", commit.Sha1, err)
+		}
+
+		commits[i] = &api.PayloadCommit{
+			ID:      commit.Sha1,
+			Message: commit.Message,
+			URL:     fmt.Sprintf("%s/commit/%s", repoLink, commit.Sha1),
+			Author: &api.PayloadUser{
+				Name:     commit.AuthorName,
+				Email:    commit.AuthorEmail,
+				UserName: authorUsername,
+			},
+			Committer: &api.PayloadUser{
+				Name:     commit.CommitterName,
+				Email:    commit.CommitterEmail,
+				UserName: committerUsername,
+			},
+			Added:     fileStatus.Added,
+			Removed:   fileStatus.Removed,
+			Modified:  fileStatus.Modified,
+			Timestamp: commit.Timestamp,
+		}
+	}
+	return commits, nil
+}
+
+// AvatarLink tries to match user in database with e-mail
+// in order to show custom avatar, and falls back to general avatar link.
+func (push *PushCommits) AvatarLink(email string) string {
+	_, ok := push.avatars[email]
+	if !ok {
+		u, err := GetUserByEmail(email)
+		if err != nil {
+			push.avatars[email] = base.AvatarLink(email)
+			if !errors.IsUserNotExist(err) {
+				log.Error(4, "GetUserByEmail: %v", err)
+			}
+		} else {
+			push.avatars[email] = u.RelAvatarLink()
+		}
+	}
+
+	return push.avatars[email]
+}
+
+// UpdateIssuesCommit checks if issues are manipulated by commit message.
+func UpdateIssuesCommit(doer *User, repo *Repository, commits []*PushCommit) error {
+	// Commits are appended in the reverse order.
+	for i := len(commits) - 1; i >= 0; i-- {
+		c := commits[i]
+
 		refMarked := make(map[int64]bool)
 		for _, ref := range IssueReferenceKeywordsPat.FindAllString(c.Message, -1) {
 			ref = ref[strings.IndexByte(ref, byte(' '))+1:]
@@ -201,7 +334,7 @@ func updateIssuesCommit(u *User, repo *Repository, repoUserName, repoName string
 
 			// Add repo name if missing
 			if ref[0] == '#' {
-				ref = fmt.Sprintf("%s/%s%s", repoUserName, repoName, ref)
+				ref = fmt.Sprintf("%s%s", repo.FullName(), ref)
 			} else if !strings.Contains(ref, "/") {
 				// FIXME: We don't support User#ID syntax yet
 				// return ErrNotImplemented
@@ -210,6 +343,9 @@ func updateIssuesCommit(u *User, repo *Repository, repoUserName, repoName string
 
 			issue, err := GetIssueByRef(ref)
 			if err != nil {
+				if errors.IsIssueNotExist(err) {
+					continue
+				}
 				return err
 			}
 
@@ -218,9 +354,13 @@ func updateIssuesCommit(u *User, repo *Repository, repoUserName, repoName string
 			}
 			refMarked[issue.ID] = true
 
-			url := fmt.Sprintf("%s/%s/%s/commit/%s", setting.AppSubUrl, repoUserName, repoName, c.Sha1)
-			message := fmt.Sprintf(`<a href="%s">%s</a>`, url, c.Message)
-			if _, err = CreateComment(u, repo, issue, 0, 0, COMMENT_TYPE_COMMIT_REF, message, nil); err != nil {
+			msgLines := strings.Split(c.Message, "\n")
+			shortMsg := msgLines[0]
+			if len(msgLines) > 2 {
+				shortMsg += "..."
+			}
+			message := fmt.Sprintf(`<a href="%s/commit/%s">%s</a>`, repo.Link(), c.Sha1, shortMsg)
+			if err = CreateRefComment(doer, repo, issue, message, c.Sha1); err != nil {
 				return err
 			}
 		}
@@ -237,7 +377,7 @@ func updateIssuesCommit(u *User, repo *Repository, repoUserName, repoName string
 
 			// Add repo name if missing
 			if ref[0] == '#' {
-				ref = fmt.Sprintf("%s/%s%s", repoUserName, repoName, ref)
+				ref = fmt.Sprintf("%s%s", repo.FullName(), ref)
 			} else if !strings.Contains(ref, "/") {
 				// We don't support User#ID syntax yet
 				// return ErrNotImplemented
@@ -246,6 +386,9 @@ func updateIssuesCommit(u *User, repo *Repository, repoUserName, repoName string
 
 			issue, err := GetIssueByRef(ref)
 			if err != nil {
+				if errors.IsIssueNotExist(err) {
+					continue
+				}
 				return err
 			}
 
@@ -258,7 +401,7 @@ func updateIssuesCommit(u *User, repo *Repository, repoUserName, repoName string
 				continue
 			}
 
-			if err = issue.ChangeStatus(u, true); err != nil {
+			if err = issue.ChangeStatus(doer, repo, true); err != nil {
 				return err
 			}
 		}
@@ -274,7 +417,7 @@ func updateIssuesCommit(u *User, repo *Repository, repoUserName, repoName string
 
 			// Add repo name if missing
 			if ref[0] == '#' {
-				ref = fmt.Sprintf("%s/%s%s", repoUserName, repoName, ref)
+				ref = fmt.Sprintf("%s%s", repo.FullName(), ref)
 			} else if !strings.Contains(ref, "/") {
 				// We don't support User#ID syntax yet
 				// return ErrNotImplemented
@@ -283,6 +426,9 @@ func updateIssuesCommit(u *User, repo *Repository, repoUserName, repoName string
 
 			issue, err := GetIssueByRef(ref)
 			if err != nil {
+				if errors.IsIssueNotExist(err) {
+					continue
+				}
 				return err
 			}
 
@@ -295,7 +441,7 @@ func updateIssuesCommit(u *User, repo *Repository, repoUserName, repoName string
 				continue
 			}
 
-			if err = issue.ChangeStatus(u, false); err != nil {
+			if err = issue.ChangeStatus(doer, repo, false); err != nil {
 				return err
 			}
 		}
@@ -303,201 +449,213 @@ func updateIssuesCommit(u *User, repo *Repository, repoUserName, repoName string
 	return nil
 }
 
-// CommitRepoAction adds new action for committing repository.
-func CommitRepoAction(
-	userID, repoUserID int64,
-	userName, actEmail string,
-	repoID int64,
-	repoUserName, repoName string,
-	refFullName string,
-	commit *base.PushCommits,
-	oldCommitID string, newCommitID string) error {
+type CommitRepoActionOptions struct {
+	PusherName  string
+	RepoOwnerID int64
+	RepoName    string
+	RefFullName string
+	OldCommitID string
+	NewCommitID string
+	Commits     *PushCommits
+}
 
-	u, err := GetUserByID(userID)
+// CommitRepoAction adds new commit actio to the repository, and prepare corresponding webhooks.
+func CommitRepoAction(opts CommitRepoActionOptions) error {
+	pusher, err := GetUserByName(opts.PusherName)
 	if err != nil {
-		return fmt.Errorf("GetUserByID: %v", err)
+		return fmt.Errorf("GetUserByName [%s]: %v", opts.PusherName, err)
 	}
 
-	repo, err := GetRepositoryByName(repoUserID, repoName)
+	repo, err := GetRepositoryByName(opts.RepoOwnerID, opts.RepoName)
 	if err != nil {
-		return fmt.Errorf("GetRepositoryByName: %v", err)
-	} else if err = repo.GetOwner(); err != nil {
-		return fmt.Errorf("GetOwner: %v", err)
+		return fmt.Errorf("GetRepositoryByName [owner_id: %d, name: %s]: %v", opts.RepoOwnerID, opts.RepoName, err)
 	}
 
-	isNewBranch := false
-	opType := COMMIT_REPO
-	// Check it's tag push or branch.
-	if strings.HasPrefix(refFullName, "refs/tags/") {
-		opType = PUSH_TAG
-		commit = &base.PushCommits{}
+	// Change repository bare status and update last updated time.
+	repo.IsBare = false
+	if err = UpdateRepository(repo, false); err != nil {
+		return fmt.Errorf("UpdateRepository: %v", err)
+	}
+
+	isNewRef := opts.OldCommitID == git.EMPTY_SHA
+	isDelRef := opts.NewCommitID == git.EMPTY_SHA
+
+	opType := ACTION_COMMIT_REPO
+	// Check if it's tag push or branch.
+	if strings.HasPrefix(opts.RefFullName, git.TAG_PREFIX) {
+		opType = ACTION_PUSH_TAG
 	} else {
-		// if not the first commit, set the compareUrl
-		if !strings.HasPrefix(oldCommitID, "0000000") {
-			commit.CompareUrl = fmt.Sprintf("%s/%s/compare/%s...%s", repoUserName, repoName, oldCommitID, newCommitID)
-		} else {
-			isNewBranch = true
+		// if not the first commit, set the compare URL.
+		if !isNewRef && !isDelRef {
+			opts.Commits.CompareURL = repo.ComposeCompareURL(opts.OldCommitID, opts.NewCommitID)
 		}
 
-		// Change repository bare status and update last updated time.
-		repo.IsBare = false
-		if err = UpdateRepository(repo, false); err != nil {
-			return fmt.Errorf("UpdateRepository: %v", err)
-		}
-
-		if err = updateIssuesCommit(u, repo, repoUserName, repoName, commit.Commits); err != nil {
-			log.Debug("updateIssuesCommit: %v", err)
+		if err = UpdateIssuesCommit(pusher, repo, opts.Commits.Commits); err != nil {
+			log.Error(2, "UpdateIssuesCommit: %v", err)
 		}
 	}
 
-	bs, err := json.Marshal(commit)
+	if len(opts.Commits.Commits) > setting.UI.FeedMaxCommitNum {
+		opts.Commits.Commits = opts.Commits.Commits[:setting.UI.FeedMaxCommitNum]
+	}
+
+	data, err := json.Marshal(opts.Commits)
 	if err != nil {
 		return fmt.Errorf("Marshal: %v", err)
 	}
 
-	refName := git.RefEndName(refFullName)
-
-	if err = NotifyWatchers(&Action{
-		ActUserID:    u.Id,
-		ActUserName:  userName,
-		ActEmail:     actEmail,
-		OpType:       opType,
-		Content:      string(bs),
+	refName := git.RefEndName(opts.RefFullName)
+	action := &Action{
+		ActUserID:    pusher.ID,
+		ActUserName:  pusher.Name,
+		Content:      string(data),
 		RepoID:       repo.ID,
-		RepoUserName: repoUserName,
-		RepoName:     repoName,
+		RepoUserName: repo.MustOwner().Name,
+		RepoName:     repo.Name,
 		RefName:      refName,
 		IsPrivate:    repo.IsPrivate,
-	}); err != nil {
-		return fmt.Errorf("NotifyWatchers: %v", err)
-
-	}
-
-	repoLink := fmt.Sprintf("%s%s/%s", setting.AppUrl, repoUserName, repoName)
-	payloadRepo := &api.PayloadRepo{
-		ID:          repo.ID,
-		Name:        repo.LowerName,
-		URL:         repoLink,
-		Description: repo.Description,
-		Website:     repo.Website,
-		Watchers:    repo.NumWatches,
-		Owner: &api.PayloadAuthor{
-			Name:     repo.Owner.DisplayName(),
-			Email:    repo.Owner.Email,
-			UserName: repo.Owner.Name,
-		},
-		Private: repo.IsPrivate,
-	}
-
-	pusher_email, pusher_name := "", ""
-	pusher, err := GetUserByName(userName)
-	if err == nil {
-		pusher_email = pusher.Email
-		pusher_name = pusher.DisplayName()
-	}
-	payloadSender := &api.PayloadUser{
-		UserName:  pusher.Name,
-		ID:        pusher.Id,
-		AvatarUrl: setting.AppUrl + pusher.RelAvatarLink(),
 	}
 
+	apiRepo := repo.APIFormat(nil)
+	apiPusher := pusher.APIFormat()
 	switch opType {
-	case COMMIT_REPO: // Push
-		commits := make([]*api.PayloadCommit, len(commit.Commits))
-		for i, cmt := range commit.Commits {
-			author_username := ""
-			author, err := GetUserByEmail(cmt.AuthorEmail)
-			if err == nil {
-				author_username = author.Name
+	case ACTION_COMMIT_REPO: // Push
+		if isDelRef {
+			if err = PrepareWebhooks(repo, HOOK_EVENT_DELETE, &api.DeletePayload{
+				Ref:        refName,
+				RefType:    "branch",
+				PusherType: api.PUSHER_TYPE_USER,
+				Repo:       apiRepo,
+				Sender:     apiPusher,
+			}); err != nil {
+				return fmt.Errorf("PrepareWebhooks.(delete branch): %v", err)
 			}
-			commits[i] = &api.PayloadCommit{
-				ID:      cmt.Sha1,
-				Message: cmt.Message,
-				URL:     fmt.Sprintf("%s/commit/%s", repoLink, cmt.Sha1),
-				Author: &api.PayloadAuthor{
-					Name:     cmt.AuthorName,
-					Email:    cmt.AuthorEmail,
-					UserName: author_username,
-				},
+
+			action.OpType = ACTION_DELETE_BRANCH
+			if err = NotifyWatchers(action); err != nil {
+				return fmt.Errorf("NotifyWatchers.(delete branch): %v", err)
+			}
+
+			// Delete branch doesn't have anything to push or compare
+			return nil
+		}
+
+		compareURL := setting.AppUrl + opts.Commits.CompareURL
+		if isNewRef {
+			compareURL = ""
+			if err = PrepareWebhooks(repo, HOOK_EVENT_CREATE, &api.CreatePayload{
+				Ref:           refName,
+				RefType:       "branch",
+				DefaultBranch: repo.DefaultBranch,
+				Repo:          apiRepo,
+				Sender:        apiPusher,
+			}); err != nil {
+				return fmt.Errorf("PrepareWebhooks.(new branch): %v", err)
+			}
+
+			action.OpType = ACTION_CREATE_BRANCH
+			if err = NotifyWatchers(action); err != nil {
+				return fmt.Errorf("NotifyWatchers.(new branch): %v", err)
 			}
 		}
-		p := &api.PushPayload{
-			Ref:        refFullName,
-			Before:     oldCommitID,
-			After:      newCommitID,
-			CompareUrl: setting.AppUrl + commit.CompareUrl,
+
+		commits, err := opts.Commits.ToApiPayloadCommits(repo.RepoPath(), repo.HTMLURL())
+		if err != nil {
+			return fmt.Errorf("ToApiPayloadCommits: %v", err)
+		}
+
+		if err = PrepareWebhooks(repo, HOOK_EVENT_PUSH, &api.PushPayload{
+			Ref:        opts.RefFullName,
+			Before:     opts.OldCommitID,
+			After:      opts.NewCommitID,
+			CompareURL: compareURL,
 			Commits:    commits,
-			Repo:       payloadRepo,
-			Pusher: &api.PayloadAuthor{
-				Name:     pusher_name,
-				Email:    pusher_email,
-				UserName: userName,
-			},
-			Sender: payloadSender,
-		}
-		if err = PrepareWebhooks(repo, HOOK_EVENT_PUSH, p); err != nil {
-			return fmt.Errorf("PrepareWebhooks: %v", err)
+			Repo:       apiRepo,
+			Pusher:     apiPusher,
+			Sender:     apiPusher,
+		}); err != nil {
+			return fmt.Errorf("PrepareWebhooks.(new commit): %v", err)
 		}
 
-		if isNewBranch {
-			return PrepareWebhooks(repo, HOOK_EVENT_CREATE, &api.CreatePayload{
-				Ref:     refName,
-				RefType: "branch",
-				Repo:    payloadRepo,
-				Sender:  payloadSender,
-			})
+		action.OpType = ACTION_COMMIT_REPO
+		if err = NotifyWatchers(action); err != nil {
+			return fmt.Errorf("NotifyWatchers.(new commit): %v", err)
 		}
 
-	case PUSH_TAG: // Create
-		return PrepareWebhooks(repo, HOOK_EVENT_CREATE, &api.CreatePayload{
-			Ref:     refName,
-			RefType: "tag",
-			Repo:    payloadRepo,
-			Sender:  payloadSender,
-		})
+	case ACTION_PUSH_TAG: // Tag
+		if isDelRef {
+			if err = PrepareWebhooks(repo, HOOK_EVENT_DELETE, &api.DeletePayload{
+				Ref:        refName,
+				RefType:    "tag",
+				PusherType: api.PUSHER_TYPE_USER,
+				Repo:       apiRepo,
+				Sender:     apiPusher,
+			}); err != nil {
+				return fmt.Errorf("PrepareWebhooks.(delete tag): %v", err)
+			}
+
+			action.OpType = ACTION_DELETE_TAG
+			if err = NotifyWatchers(action); err != nil {
+				return fmt.Errorf("NotifyWatchers.(delete tag): %v", err)
+			}
+			return nil
+		}
+
+		if err = PrepareWebhooks(repo, HOOK_EVENT_CREATE, &api.CreatePayload{
+			Ref:           refName,
+			RefType:       "tag",
+			DefaultBranch: repo.DefaultBranch,
+			Repo:          apiRepo,
+			Sender:        apiPusher,
+		}); err != nil {
+			return fmt.Errorf("PrepareWebhooks.(new tag): %v", err)
+		}
+
+		action.OpType = ACTION_PUSH_TAG
+		if err = NotifyWatchers(action); err != nil {
+			return fmt.Errorf("NotifyWatchers.(new tag): %v", err)
+		}
 	}
 
 	return nil
 }
 
-func transferRepoAction(e Engine, actUser, oldOwner, newOwner *User, repo *Repository) (err error) {
+func transferRepoAction(e Engine, doer, oldOwner *User, repo *Repository) (err error) {
 	if err = notifyWatchers(e, &Action{
-		ActUserID:    actUser.Id,
-		ActUserName:  actUser.Name,
-		ActEmail:     actUser.Email,
-		OpType:       TRANSFER_REPO,
+		ActUserID:    doer.ID,
+		ActUserName:  doer.Name,
+		OpType:       ACTION_TRANSFER_REPO,
 		RepoID:       repo.ID,
-		RepoUserName: newOwner.Name,
+		RepoUserName: repo.Owner.Name,
 		RepoName:     repo.Name,
 		IsPrivate:    repo.IsPrivate,
-		Content:      path.Join(oldOwner.LowerName, repo.LowerName),
+		Content:      path.Join(oldOwner.Name, repo.Name),
 	}); err != nil {
-		return fmt.Errorf("notify watchers '%d/%s': %v", actUser.Id, repo.ID, err)
+		return fmt.Errorf("notifyWatchers: %v", err)
 	}
 
 	// Remove watch for organization.
-	if repo.Owner.IsOrganization() {
-		if err = watchRepo(e, repo.Owner.Id, repo.ID, false); err != nil {
-			return fmt.Errorf("watch repository: %v", err)
+	if oldOwner.IsOrganization() {
+		if err = watchRepo(e, oldOwner.ID, repo.ID, false); err != nil {
+			return fmt.Errorf("watchRepo [false]: %v", err)
 		}
 	}
 
-	log.Trace("action.transferRepoAction: %s/%s", actUser.Name, repo.Name)
 	return nil
 }
 
-// TransferRepoAction adds new action for transferring repository.
-func TransferRepoAction(actUser, oldOwner, newOwner *User, repo *Repository) error {
-	return transferRepoAction(x, actUser, oldOwner, newOwner, repo)
+// TransferRepoAction adds new action for transferring repository,
+// the Owner field of repository is assumed to be new owner.
+func TransferRepoAction(doer, oldOwner *User, repo *Repository) error {
+	return transferRepoAction(x, doer, oldOwner, repo)
 }
 
-func mergePullRequestAction(e Engine, actUser *User, repo *Repository, pull *Issue) error {
+func mergePullRequestAction(e Engine, doer *User, repo *Repository, issue *Issue) error {
 	return notifyWatchers(e, &Action{
-		ActUserID:    actUser.Id,
-		ActUserName:  actUser.Name,
-		ActEmail:     actUser.Email,
-		OpType:       MERGE_PULL_REQUEST,
-		Content:      fmt.Sprintf("%d|%s", pull.Index, pull.Name),
+		ActUserID:    doer.ID,
+		ActUserName:  doer.Name,
+		OpType:       ACTION_MERGE_PULL_REQUEST,
+		Content:      fmt.Sprintf("%d|%s", issue.Index, issue.Title),
 		RepoID:       repo.ID,
 		RepoUserName: repo.Owner.Name,
 		RepoName:     repo.Name,
@@ -511,12 +669,33 @@ func MergePullRequestAction(actUser *User, repo *Repository, pull *Issue) error
 }
 
 // GetFeeds returns action list of given user in given context.
-func GetFeeds(uid, offset int64, isProfile bool) ([]*Action, error) {
-	actions := make([]*Action, 0, 20)
-	sess := x.Limit(20, int(offset)).Desc("id").Where("user_id=?", uid)
-	if isProfile {
-		sess.And("is_private=?", false).And("act_user_id=?", uid)
+// actorID is the user who's requesting, ctxUserID is the user/org that is requested.
+// actorID can be -1 when isProfile is true or to skip the permission check.
+func GetFeeds(ctxUser *User, actorID, afterID int64, isProfile bool) ([]*Action, error) {
+	actions := make([]*Action, 0, setting.UI.User.NewsFeedPagingNum)
+	sess := x.Limit(setting.UI.User.NewsFeedPagingNum).Where("user_id = ?", ctxUser.ID).Desc("id")
+	if afterID > 0 {
+		sess.And("id < ?", afterID)
 	}
+	if isProfile {
+		sess.And("is_private = ?", false).And("act_user_id = ?", ctxUser.ID)
+	} else if actorID != -1 && ctxUser.IsOrganization() {
+		// FIXME: only need to get IDs here, not all fields of repository.
+		repos, _, err := ctxUser.GetUserRepositories(actorID, 1, ctxUser.NumRepos)
+		if err != nil {
+			return nil, fmt.Errorf("GetUserRepositories: %v", err)
+		}
+
+		var repoIDs []int64
+		for _, repo := range repos {
+			repoIDs = append(repoIDs, repo.ID)
+		}
+
+		if len(repoIDs) > 0 {
+			sess.In("repo_id", repoIDs)
+		}
+	}
+
 	err := sess.Find(&actions)
 	return actions, err
 }

models/admin.go

@@ -5,9 +5,18 @@
 package models
 
 import (
+	"fmt"
+	"os"
+	"os/exec"
+	"strings"
 	"time"
 
 	"github.com/Unknwon/com"
+	"github.com/go-xorm/xorm"
+	log "gopkg.in/clog.v1"
+
+	"github.com/gogits/gogs/modules/base"
+	"github.com/gogits/gogs/modules/setting"
 )
 
 type NoticeType int
@@ -18,10 +27,22 @@ const (
 
 // Notice represents a system notice for admin.
 type Notice struct {
-	Id          int64
+	ID          int64 `xorm:"pk autoincr"`
 	Type        NoticeType
 	Description string    `xorm:"TEXT"`
-	Created     time.Time `xorm:"CREATED"`
+	Created     time.Time `xorm:"-"`
+	CreatedUnix int64
+}
+
+func (n *Notice) BeforeInsert() {
+	n.CreatedUnix = time.Now().Unix()
+}
+
+func (n *Notice) AfterSet(colName string, _ xorm.Cell) {
+	switch colName {
+	case "created_unix":
+		n.Created = time.Unix(n.CreatedUnix, 0).Local()
+	}
 }
 
 // TrStr returns a translation format string.
@@ -31,6 +52,11 @@ func (n *Notice) TrStr() string {
 
 // CreateNotice creates new system notice.
 func CreateNotice(tp NoticeType, desc string) error {
+	// prevent panic if database connection is not available at this point
+	if x == nil {
+		return fmt.Errorf("Could not save notice due database connection not being available: %d %s", tp, desc)
+	}
+
 	n := &Notice{
 		Type:        tp,
 		Description: desc,
@@ -44,17 +70,41 @@ func CreateRepositoryNotice(desc string) error {
 	return CreateNotice(NOTICE_REPOSITORY, desc)
 }
 
+// RemoveAllWithNotice removes all directories in given path and
+// creates a system notice when error occurs.
+func RemoveAllWithNotice(title, path string) {
+	var err error
+	// LEGACY [Go 1.7]: workaround for Go not being able to remove read-only files/folders: https://github.com/golang/go/issues/9606
+	// this bug should be fixed on Go 1.7, so the workaround should be removed when Gogs don't support Go 1.6 anymore:
+	// https://github.com/golang/go/commit/2ffb3e5d905b5622204d199128dec06cefd57790
+	// Note: Windows complains when delete target does not exist, therefore we can skip deletion in such cases.
+	if setting.IsWindows && com.IsExist(path) {
+		// converting "/" to "\" in path on Windows
+		path = strings.Replace(path, "/", "\\", -1)
+		err = exec.Command("cmd", "/C", "rmdir", "/S", "/Q", path).Run()
+	} else {
+		err = os.RemoveAll(path)
+	}
+
+	if err != nil {
+		desc := fmt.Sprintf("%s [%s]: %v", title, path, err)
+		log.Warn(desc)
+		if err = CreateRepositoryNotice(desc); err != nil {
+			log.Error(4, "CreateRepositoryNotice: %v", err)
+		}
+	}
+}
+
 // CountNotices returns number of notices.
 func CountNotices() int64 {
 	count, _ := x.Count(new(Notice))
 	return count
 }
 
-// GetNotices returns given number of notices with offset.
-func GetNotices(num, offset int) ([]*Notice, error) {
-	notices := make([]*Notice, 0, num)
-	err := x.Limit(num, offset).Desc("id").Find(&notices)
-	return notices, err
+// Notices returns number of notices in given page.
+func Notices(page, pageSize int) ([]*Notice, error) {
+	notices := make([]*Notice, 0, pageSize)
+	return notices, x.Limit(pageSize, (page-1)*pageSize).Desc("id").Find(&notices)
 }
 
 // DeleteNotice deletes a system notice by given ID.
@@ -62,3 +112,22 @@ func DeleteNotice(id int64) error {
 	_, err := x.Id(id).Delete(new(Notice))
 	return err
 }
+
+// DeleteNotices deletes all notices with ID from start to end (inclusive).
+func DeleteNotices(start, end int64) error {
+	sess := x.Where("id >= ?", start)
+	if end > 0 {
+		sess.And("id <= ?", end)
+	}
+	_, err := sess.Delete(new(Notice))
+	return err
+}
+
+// DeleteNoticesByIDs deletes notices by given IDs.
+func DeleteNoticesByIDs(ids []int64) error {
+	if len(ids) == 0 {
+		return nil
+	}
+	_, err := x.Where("id IN (" + strings.Join(base.Int64sToStrings(ids), ",") + ")").Delete(new(Notice))
+	return err
+}

models/attachment.go

@@ -0,0 +1,185 @@
+// Copyright 2017 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package models
+
+import (
+	"fmt"
+	"io"
+	"mime/multipart"
+	"os"
+	"path"
+	"time"
+
+	"github.com/go-xorm/xorm"
+	gouuid "github.com/satori/go.uuid"
+
+	"github.com/gogits/gogs/modules/setting"
+)
+
+// Attachment represent a attachment of issue/comment/release.
+type Attachment struct {
+	ID        int64  `xorm:"pk autoincr"`
+	UUID      string `xorm:"uuid UNIQUE"`
+	IssueID   int64  `xorm:"INDEX"`
+	CommentID int64
+	ReleaseID int64 `xorm:"INDEX"`
+	Name      string
+
+	Created     time.Time `xorm:"-"`
+	CreatedUnix int64
+}
+
+func (a *Attachment) BeforeInsert() {
+	a.CreatedUnix = time.Now().Unix()
+}
+
+func (a *Attachment) AfterSet(colName string, _ xorm.Cell) {
+	switch colName {
+	case "created_unix":
+		a.Created = time.Unix(a.CreatedUnix, 0).Local()
+	}
+}
+
+// AttachmentLocalPath returns where attachment is stored in local file system based on given UUID.
+func AttachmentLocalPath(uuid string) string {
+	return path.Join(setting.AttachmentPath, uuid[0:1], uuid[1:2], uuid)
+}
+
+// LocalPath returns where attachment is stored in local file system.
+func (attach *Attachment) LocalPath() string {
+	return AttachmentLocalPath(attach.UUID)
+}
+
+// NewAttachment creates a new attachment object.
+func NewAttachment(name string, buf []byte, file multipart.File) (_ *Attachment, err error) {
+	attach := &Attachment{
+		UUID: gouuid.NewV4().String(),
+		Name: name,
+	}
+
+	localPath := attach.LocalPath()
+	if err = os.MkdirAll(path.Dir(localPath), os.ModePerm); err != nil {
+		return nil, fmt.Errorf("MkdirAll: %v", err)
+	}
+
+	fw, err := os.Create(localPath)
+	if err != nil {
+		return nil, fmt.Errorf("Create: %v", err)
+	}
+	defer fw.Close()
+
+	if _, err = fw.Write(buf); err != nil {
+		return nil, fmt.Errorf("Write: %v", err)
+	} else if _, err = io.Copy(fw, file); err != nil {
+		return nil, fmt.Errorf("Copy: %v", err)
+	}
+
+	if _, err := x.Insert(attach); err != nil {
+		return nil, err
+	}
+
+	return attach, nil
+}
+
+func getAttachmentByUUID(e Engine, uuid string) (*Attachment, error) {
+	attach := &Attachment{UUID: uuid}
+	has, err := x.Get(attach)
+	if err != nil {
+		return nil, err
+	} else if !has {
+		return nil, ErrAttachmentNotExist{0, uuid}
+	}
+	return attach, nil
+}
+
+func getAttachmentsByUUIDs(e Engine, uuids []string) ([]*Attachment, error) {
+	if len(uuids) == 0 {
+		return []*Attachment{}, nil
+	}
+
+	// Silently drop invalid uuids.
+	attachments := make([]*Attachment, 0, len(uuids))
+	return attachments, e.In("uuid", uuids).Find(&attachments)
+}
+
+// GetAttachmentByUUID returns attachment by given UUID.
+func GetAttachmentByUUID(uuid string) (*Attachment, error) {
+	return getAttachmentByUUID(x, uuid)
+}
+
+func getAttachmentsByIssueID(e Engine, issueID int64) ([]*Attachment, error) {
+	attachments := make([]*Attachment, 0, 5)
+	return attachments, e.Where("issue_id = ? AND comment_id = 0", issueID).Find(&attachments)
+}
+
+// GetAttachmentsByIssueID returns all attachments of an issue.
+func GetAttachmentsByIssueID(issueID int64) ([]*Attachment, error) {
+	return getAttachmentsByIssueID(x, issueID)
+}
+
+func getAttachmentsByCommentID(e Engine, commentID int64) ([]*Attachment, error) {
+	attachments := make([]*Attachment, 0, 5)
+	return attachments, e.Where("comment_id=?", commentID).Find(&attachments)
+}
+
+// GetAttachmentsByCommentID returns all attachments of a comment.
+func GetAttachmentsByCommentID(commentID int64) ([]*Attachment, error) {
+	return getAttachmentsByCommentID(x, commentID)
+}
+
+func getAttachmentsByReleaseID(e Engine, releaseID int64) ([]*Attachment, error) {
+	attachments := make([]*Attachment, 0, 10)
+	return attachments, e.Where("release_id = ?", releaseID).Find(&attachments)
+}
+
+// GetAttachmentsByReleaseID returns all attachments of a release.
+func GetAttachmentsByReleaseID(releaseID int64) ([]*Attachment, error) {
+	return getAttachmentsByReleaseID(x, releaseID)
+}
+
+// DeleteAttachment deletes the given attachment and optionally the associated file.
+func DeleteAttachment(a *Attachment, remove bool) error {
+	_, err := DeleteAttachments([]*Attachment{a}, remove)
+	return err
+}
+
+// DeleteAttachments deletes the given attachments and optionally the associated files.
+func DeleteAttachments(attachments []*Attachment, remove bool) (int, error) {
+	for i, a := range attachments {
+		if remove {
+			if err := os.Remove(a.LocalPath()); err != nil {
+				return i, err
+			}
+		}
+
+		if _, err := x.Delete(a); err != nil {
+			return i, err
+		}
+	}
+
+	return len(attachments), nil
+}
+
+// DeleteAttachmentsByIssue deletes all attachments associated with the given issue.
+func DeleteAttachmentsByIssue(issueId int64, remove bool) (int, error) {
+	attachments, err := GetAttachmentsByIssueID(issueId)
+
+	if err != nil {
+		return 0, err
+	}
+
+	return DeleteAttachments(attachments, remove)
+}
+
+// DeleteAttachmentsByComment deletes all attachments associated with the given comment.
+func DeleteAttachmentsByComment(commentId int64, remove bool) (int, error) {
+	attachments, err := GetAttachmentsByCommentID(commentId)
+
+	if err != nil {
+		return 0, err
+	}
+
+	return DeleteAttachments(attachments, remove)
+}

models/comment.go

@@ -0,0 +1,528 @@
+// Copyright 2016 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package models
+
+import (
+	"fmt"
+	"strings"
+	"time"
+
+	"github.com/Unknwon/com"
+	"github.com/go-xorm/xorm"
+	log "gopkg.in/clog.v1"
+
+	api "github.com/gogits/go-gogs-client"
+
+	"github.com/gogits/gogs/models/errors"
+	"github.com/gogits/gogs/modules/markup"
+)
+
+// CommentType defines whether a comment is just a simple comment, an action (like close) or a reference.
+type CommentType int
+
+const (
+	// Plain comment, can be associated with a commit (CommitID > 0) and a line (LineNum > 0)
+	COMMENT_TYPE_COMMENT CommentType = iota
+	COMMENT_TYPE_REOPEN
+	COMMENT_TYPE_CLOSE
+
+	// References.
+	COMMENT_TYPE_ISSUE_REF
+	// Reference from a commit (not part of a pull request)
+	COMMENT_TYPE_COMMIT_REF
+	// Reference from a comment
+	COMMENT_TYPE_COMMENT_REF
+	// Reference from a pull request
+	COMMENT_TYPE_PULL_REF
+)
+
+type CommentTag int
+
+const (
+	COMMENT_TAG_NONE CommentTag = iota
+	COMMENT_TAG_POSTER
+	COMMENT_TAG_WRITER
+	COMMENT_TAG_OWNER
+)
+
+// Comment represents a comment in commit and issue page.
+type Comment struct {
+	ID              int64 `xorm:"pk autoincr"`
+	Type            CommentType
+	PosterID        int64
+	Poster          *User  `xorm:"-"`
+	IssueID         int64  `xorm:"INDEX"`
+	Issue           *Issue `xorm:"-"`
+	CommitID        int64
+	Line            int64
+	Content         string `xorm:"TEXT"`
+	RenderedContent string `xorm:"-"`
+
+	Created     time.Time `xorm:"-"`
+	CreatedUnix int64
+	Updated     time.Time `xorm:"-"`
+	UpdatedUnix int64
+
+	// Reference issue in commit message
+	CommitSHA string `xorm:"VARCHAR(40)"`
+
+	Attachments []*Attachment `xorm:"-"`
+
+	// For view issue page.
+	ShowTag CommentTag `xorm:"-"`
+}
+
+func (c *Comment) BeforeInsert() {
+	c.CreatedUnix = time.Now().Unix()
+	c.UpdatedUnix = c.CreatedUnix
+}
+
+func (c *Comment) BeforeUpdate() {
+	c.UpdatedUnix = time.Now().Unix()
+}
+
+func (c *Comment) AfterSet(colName string, _ xorm.Cell) {
+	switch colName {
+	case "created_unix":
+		c.Created = time.Unix(c.CreatedUnix, 0).Local()
+	case "updated_unix":
+		c.Updated = time.Unix(c.UpdatedUnix, 0).Local()
+	}
+}
+
+func (c *Comment) loadAttributes(e Engine) (err error) {
+	if c.Poster == nil {
+		c.Poster, err = GetUserByID(c.PosterID)
+		if err != nil {
+			if errors.IsUserNotExist(err) {
+				c.PosterID = -1
+				c.Poster = NewGhostUser()
+			} else {
+				return fmt.Errorf("getUserByID.(Poster) [%d]: %v", c.PosterID, err)
+			}
+		}
+	}
+
+	if c.Issue == nil {
+		c.Issue, err = getRawIssueByID(e, c.IssueID)
+		if err != nil {
+			return fmt.Errorf("getIssueByID [%d]: %v", c.IssueID, err)
+		}
+	}
+
+	if c.Attachments == nil {
+		c.Attachments, err = getAttachmentsByCommentID(e, c.ID)
+		if err != nil {
+			return fmt.Errorf("getAttachmentsByCommentID [%d]: %v", c.ID, err)
+		}
+	}
+
+	return nil
+}
+
+func (c *Comment) LoadAttributes() error {
+	return c.loadAttributes(x)
+}
+
+func (c *Comment) AfterDelete() {
+	_, err := DeleteAttachmentsByComment(c.ID, true)
+
+	if err != nil {
+		log.Info("Could not delete files for comment %d on issue #%d: %s", c.ID, c.IssueID, err)
+	}
+}
+
+func (c *Comment) HTMLURL() string {
+	return fmt.Sprintf("%s#issuecomment-%d", c.Issue.HTMLURL(), c.ID)
+}
+
+// This method assumes following fields have been assigned with valid values:
+// Required - Poster, Issue
+func (c *Comment) APIFormat() *api.Comment {
+	return &api.Comment{
+		ID:      c.ID,
+		HTMLURL: c.HTMLURL(),
+		Poster:  c.Poster.APIFormat(),
+		Body:    c.Content,
+		Created: c.Created,
+		Updated: c.Updated,
+	}
+}
+
+func CommentHashTag(id int64) string {
+	return "issuecomment-" + com.ToStr(id)
+}
+
+// HashTag returns unique hash tag for comment.
+func (c *Comment) HashTag() string {
+	return CommentHashTag(c.ID)
+}
+
+// EventTag returns unique event hash tag for comment.
+func (c *Comment) EventTag() string {
+	return "event-" + com.ToStr(c.ID)
+}
+
+// mailParticipants sends new comment emails to repository watchers
+// and mentioned people.
+func (cmt *Comment) mailParticipants(e Engine, opType ActionType, issue *Issue) (err error) {
+	mentions := markup.FindAllMentions(cmt.Content)
+	if err = updateIssueMentions(e, cmt.IssueID, mentions); err != nil {
+		return fmt.Errorf("UpdateIssueMentions [%d]: %v", cmt.IssueID, err)
+	}
+
+	switch opType {
+	case ACTION_COMMENT_ISSUE:
+		issue.Content = cmt.Content
+	case ACTION_CLOSE_ISSUE:
+		issue.Content = fmt.Sprintf("Closed #%d", issue.Index)
+	case ACTION_REOPEN_ISSUE:
+		issue.Content = fmt.Sprintf("Reopened #%d", issue.Index)
+	}
+	if err = mailIssueCommentToParticipants(issue, cmt.Poster, mentions); err != nil {
+		log.Error(4, "mailIssueCommentToParticipants: %v", err)
+	}
+
+	return nil
+}
+
+func createComment(e *xorm.Session, opts *CreateCommentOptions) (_ *Comment, err error) {
+	comment := &Comment{
+		Type:      opts.Type,
+		PosterID:  opts.Doer.ID,
+		Poster:    opts.Doer,
+		IssueID:   opts.Issue.ID,
+		CommitID:  opts.CommitID,
+		CommitSHA: opts.CommitSHA,
+		Line:      opts.LineNum,
+		Content:   opts.Content,
+	}
+	if _, err = e.Insert(comment); err != nil {
+		return nil, err
+	}
+
+	// Compose comment action, could be plain comment, close or reopen issue/pull request.
+	// This object will be used to notify watchers in the end of function.
+	act := &Action{
+		ActUserID:    opts.Doer.ID,
+		ActUserName:  opts.Doer.Name,
+		Content:      fmt.Sprintf("%d|%s", opts.Issue.Index, strings.Split(opts.Content, "\n")[0]),
+		RepoID:       opts.Repo.ID,
+		RepoUserName: opts.Repo.Owner.Name,
+		RepoName:     opts.Repo.Name,
+		IsPrivate:    opts.Repo.IsPrivate,
+	}
+
+	// Check comment type.
+	switch opts.Type {
+	case COMMENT_TYPE_COMMENT:
+		act.OpType = ACTION_COMMENT_ISSUE
+
+		if _, err = e.Exec("UPDATE `issue` SET num_comments=num_comments+1 WHERE id=?", opts.Issue.ID); err != nil {
+			return nil, err
+		}
+
+		// Check attachments
+		attachments := make([]*Attachment, 0, len(opts.Attachments))
+		for _, uuid := range opts.Attachments {
+			attach, err := getAttachmentByUUID(e, uuid)
+			if err != nil {
+				if IsErrAttachmentNotExist(err) {
+					continue
+				}
+				return nil, fmt.Errorf("getAttachmentByUUID [%s]: %v", uuid, err)
+			}
+			attachments = append(attachments, attach)
+		}
+
+		for i := range attachments {
+			attachments[i].IssueID = opts.Issue.ID
+			attachments[i].CommentID = comment.ID
+			// No assign value could be 0, so ignore AllCols().
+			if _, err = e.Id(attachments[i].ID).Update(attachments[i]); err != nil {
+				return nil, fmt.Errorf("update attachment [%d]: %v", attachments[i].ID, err)
+			}
+		}
+
+	case COMMENT_TYPE_REOPEN:
+		act.OpType = ACTION_REOPEN_ISSUE
+		if opts.Issue.IsPull {
+			act.OpType = ACTION_REOPEN_PULL_REQUEST
+		}
+
+		if opts.Issue.IsPull {
+			_, err = e.Exec("UPDATE `repository` SET num_closed_pulls=num_closed_pulls-1 WHERE id=?", opts.Repo.ID)
+		} else {
+			_, err = e.Exec("UPDATE `repository` SET num_closed_issues=num_closed_issues-1 WHERE id=?", opts.Repo.ID)
+		}
+		if err != nil {
+			return nil, err
+		}
+
+	case COMMENT_TYPE_CLOSE:
+		act.OpType = ACTION_CLOSE_ISSUE
+		if opts.Issue.IsPull {
+			act.OpType = ACTION_CLOSE_PULL_REQUEST
+		}
+
+		if opts.Issue.IsPull {
+			_, err = e.Exec("UPDATE `repository` SET num_closed_pulls=num_closed_pulls+1 WHERE id=?", opts.Repo.ID)
+		} else {
+			_, err = e.Exec("UPDATE `repository` SET num_closed_issues=num_closed_issues+1 WHERE id=?", opts.Repo.ID)
+		}
+		if err != nil {
+			return nil, err
+		}
+
+	}
+
+	// Notify watchers for whatever action comes in, ignore if no action type.
+	if act.OpType > 0 {
+		if err = notifyWatchers(e, act); err != nil {
+			log.Error(4, "notifyWatchers: %v", err)
+		}
+		if err = comment.mailParticipants(e, act.OpType, opts.Issue); err != nil {
+			log.Error(4, "MailParticipants: %v", err)
+		}
+	}
+
+	return comment, comment.loadAttributes(e)
+}
+
+func createStatusComment(e *xorm.Session, doer *User, repo *Repository, issue *Issue) (*Comment, error) {
+	cmtType := COMMENT_TYPE_CLOSE
+	if !issue.IsClosed {
+		cmtType = COMMENT_TYPE_REOPEN
+	}
+	return createComment(e, &CreateCommentOptions{
+		Type:  cmtType,
+		Doer:  doer,
+		Repo:  repo,
+		Issue: issue,
+	})
+}
+
+type CreateCommentOptions struct {
+	Type  CommentType
+	Doer  *User
+	Repo  *Repository
+	Issue *Issue
+
+	CommitID    int64
+	CommitSHA   string
+	LineNum     int64
+	Content     string
+	Attachments []string // UUIDs of attachments
+}
+
+// CreateComment creates comment of issue or commit.
+func CreateComment(opts *CreateCommentOptions) (comment *Comment, err error) {
+	sess := x.NewSession()
+	defer sessionRelease(sess)
+	if err = sess.Begin(); err != nil {
+		return nil, err
+	}
+
+	comment, err = createComment(sess, opts)
+	if err != nil {
+		return nil, err
+	}
+
+	return comment, sess.Commit()
+}
+
+// CreateIssueComment creates a plain issue comment.
+func CreateIssueComment(doer *User, repo *Repository, issue *Issue, content string, attachments []string) (*Comment, error) {
+	comment, err := CreateComment(&CreateCommentOptions{
+		Type:        COMMENT_TYPE_COMMENT,
+		Doer:        doer,
+		Repo:        repo,
+		Issue:       issue,
+		Content:     content,
+		Attachments: attachments,
+	})
+	if err != nil {
+		return nil, fmt.Errorf("CreateComment: %v", err)
+	}
+
+	comment.Issue = issue
+	if err = PrepareWebhooks(repo, HOOK_EVENT_ISSUE_COMMENT, &api.IssueCommentPayload{
+		Action:     api.HOOK_ISSUE_COMMENT_CREATED,
+		Issue:      issue.APIFormat(),
+		Comment:    comment.APIFormat(),
+		Repository: repo.APIFormat(nil),
+		Sender:     doer.APIFormat(),
+	}); err != nil {
+		log.Error(2, "PrepareWebhooks [comment_id: %d]: %v", comment.ID, err)
+	}
+
+	return comment, nil
+}
+
+// CreateRefComment creates a commit reference comment to issue.
+func CreateRefComment(doer *User, repo *Repository, issue *Issue, content, commitSHA string) error {
+	if len(commitSHA) == 0 {
+		return fmt.Errorf("cannot create reference with empty commit SHA")
+	}
+
+	// Check if same reference from same commit has already existed.
+	has, err := x.Get(&Comment{
+		Type:      COMMENT_TYPE_COMMIT_REF,
+		IssueID:   issue.ID,
+		CommitSHA: commitSHA,
+	})
+	if err != nil {
+		return fmt.Errorf("check reference comment: %v", err)
+	} else if has {
+		return nil
+	}
+
+	_, err = CreateComment(&CreateCommentOptions{
+		Type:      COMMENT_TYPE_COMMIT_REF,
+		Doer:      doer,
+		Repo:      repo,
+		Issue:     issue,
+		CommitSHA: commitSHA,
+		Content:   content,
+	})
+	return err
+}
+
+// GetCommentByID returns the comment by given ID.
+func GetCommentByID(id int64) (*Comment, error) {
+	c := new(Comment)
+	has, err := x.Id(id).Get(c)
+	if err != nil {
+		return nil, err
+	} else if !has {
+		return nil, ErrCommentNotExist{id, 0}
+	}
+	return c, c.LoadAttributes()
+}
+
+// FIXME: use CommentList to improve performance.
+func loadCommentsAttributes(e Engine, comments []*Comment) (err error) {
+	for i := range comments {
+		if err = comments[i].loadAttributes(e); err != nil {
+			return fmt.Errorf("loadAttributes [%d]: %v", comments[i].ID, err)
+		}
+	}
+
+	return nil
+}
+
+func getCommentsByIssueIDSince(e Engine, issueID, since int64) ([]*Comment, error) {
+	comments := make([]*Comment, 0, 10)
+	sess := e.Where("issue_id = ?", issueID).Asc("created_unix")
+	if since > 0 {
+		sess.And("updated_unix >= ?", since)
+	}
+
+	if err := sess.Find(&comments); err != nil {
+		return nil, err
+	}
+	return comments, loadCommentsAttributes(e, comments)
+}
+
+func getCommentsByRepoIDSince(e Engine, repoID, since int64) ([]*Comment, error) {
+	comments := make([]*Comment, 0, 10)
+	sess := e.Where("issue.repo_id = ?", repoID).Join("INNER", "issue", "issue.id = comment.issue_id", repoID).Asc("created_unix")
+	if since > 0 {
+		sess.And("updated_unix >= ?", since)
+	}
+	if err := sess.Find(&comments); err != nil {
+		return nil, err
+	}
+	return comments, loadCommentsAttributes(e, comments)
+}
+
+func getCommentsByIssueID(e Engine, issueID int64) ([]*Comment, error) {
+	return getCommentsByIssueIDSince(e, issueID, -1)
+}
+
+// GetCommentsByIssueID returns all comments of an issue.
+func GetCommentsByIssueID(issueID int64) ([]*Comment, error) {
+	return getCommentsByIssueID(x, issueID)
+}
+
+// GetCommentsByIssueIDSince returns a list of comments of an issue since a given time point.
+func GetCommentsByIssueIDSince(issueID, since int64) ([]*Comment, error) {
+	return getCommentsByIssueIDSince(x, issueID, since)
+}
+
+// GetCommentsByRepoIDSince returns a list of comments for all issues in a repo since a given time point.
+func GetCommentsByRepoIDSince(repoID, since int64) ([]*Comment, error) {
+	return getCommentsByRepoIDSince(x, repoID, since)
+}
+
+// UpdateComment updates information of comment.
+func UpdateComment(doer *User, c *Comment, oldContent string) (err error) {
+	if _, err = x.Id(c.ID).AllCols().Update(c); err != nil {
+		return err
+	}
+
+	if err = c.Issue.LoadAttributes(); err != nil {
+		log.Error(2, "Issue.LoadAttributes [issue_id: %d]: %v", c.IssueID, err)
+	} else if err = PrepareWebhooks(c.Issue.Repo, HOOK_EVENT_ISSUE_COMMENT, &api.IssueCommentPayload{
+		Action:  api.HOOK_ISSUE_COMMENT_EDITED,
+		Issue:   c.Issue.APIFormat(),
+		Comment: c.APIFormat(),
+		Changes: &api.ChangesPayload{
+			Body: &api.ChangesFromPayload{
+				From: oldContent,
+			},
+		},
+		Repository: c.Issue.Repo.APIFormat(nil),
+		Sender:     doer.APIFormat(),
+	}); err != nil {
+		log.Error(2, "PrepareWebhooks [comment_id: %d]: %v", c.ID, err)
+	}
+
+	return nil
+}
+
+// DeleteCommentByID deletes the comment by given ID.
+func DeleteCommentByID(doer *User, id int64) error {
+	comment, err := GetCommentByID(id)
+	if err != nil {
+		if IsErrCommentNotExist(err) {
+			return nil
+		}
+		return err
+	}
+
+	sess := x.NewSession()
+	defer sessionRelease(sess)
+	if err = sess.Begin(); err != nil {
+		return err
+	}
+
+	if _, err = sess.Id(comment.ID).Delete(new(Comment)); err != nil {
+		return err
+	}
+
+	if comment.Type == COMMENT_TYPE_COMMENT {
+		if _, err = sess.Exec("UPDATE `issue` SET num_comments = num_comments - 1 WHERE id = ?", comment.IssueID); err != nil {
+			return err
+		}
+	}
+
+	if err = sess.Commit(); err != nil {
+		return fmt.Errorf("Commit: %v", err)
+	}
+
+	if err = comment.Issue.LoadAttributes(); err != nil {
+		log.Error(2, "Issue.LoadAttributes [issue_id: %d]: %v", comment.IssueID, err)
+	} else if err = PrepareWebhooks(comment.Issue.Repo, HOOK_EVENT_ISSUE_COMMENT, &api.IssueCommentPayload{
+		Action:     api.HOOK_ISSUE_COMMENT_DELETED,
+		Issue:      comment.Issue.APIFormat(),
+		Comment:    comment.APIFormat(),
+		Repository: comment.Issue.Repo.APIFormat(nil),
+		Sender:     doer.APIFormat(),
+	}); err != nil {
+		log.Error(2, "PrepareWebhooks [comment_id: %d]: %v", comment.ID, err)
+	}
+	return nil
+}

models/cron/cron.go

@@ -1,59 +0,0 @@
-// Copyright 2014 The Gogs Authors. All rights reserved.
-// Use of this source code is governed by a MIT-style
-// license that can be found in the LICENSE file.
-
-package cron
-
-import (
-	"time"
-
-	"github.com/gogits/gogs/models"
-	"github.com/gogits/gogs/modules/cron"
-	"github.com/gogits/gogs/modules/log"
-	"github.com/gogits/gogs/modules/setting"
-)
-
-var c = cron.New()
-
-func NewCronContext() {
-	var (
-		entry *cron.Entry
-		err   error
-	)
-	if setting.Cron.UpdateMirror.Enabled {
-		entry, err = c.AddFunc("Update mirrors", setting.Cron.UpdateMirror.Schedule, models.MirrorUpdate)
-		if err != nil {
-			log.Fatal(4, "Cron[Update mirrors]: %v", err)
-		}
-		if setting.Cron.UpdateMirror.RunAtStart {
-			entry.Prev = time.Now()
-			go models.MirrorUpdate()
-		}
-	}
-	if setting.Cron.RepoHealthCheck.Enabled {
-		entry, err = c.AddFunc("Repository health check", setting.Cron.RepoHealthCheck.Schedule, models.GitFsck)
-		if err != nil {
-			log.Fatal(4, "Cron[Repository health check]: %v", err)
-		}
-		if setting.Cron.RepoHealthCheck.RunAtStart {
-			entry.Prev = time.Now()
-			go models.GitFsck()
-		}
-	}
-	if setting.Cron.CheckRepoStats.Enabled {
-		entry, err = c.AddFunc("Check repository statistics", setting.Cron.CheckRepoStats.Schedule, models.CheckRepoStats)
-		if err != nil {
-			log.Fatal(4, "Cron[Check repository statistics]: %v", err)
-		}
-		if setting.Cron.CheckRepoStats.RunAtStart {
-			entry.Prev = time.Now()
-			go models.CheckRepoStats()
-		}
-	}
-	c.Start()
-}
-
-// ListTasks returns all running cron tasks.
-func ListTasks() []*cron.Entry {
-	return c.Entries()
-}

models/error.go

@@ -18,7 +18,7 @@ func IsErrNameReserved(err error) bool {
 }
 
 func (err ErrNameReserved) Error() string {
-	return fmt.Sprintf("name is reserved: [name: %s]", err.Name)
+	return fmt.Sprintf("name is reserved [name: %s]", err.Name)
 }
 
 type ErrNamePatternNotAllowed struct {
@@ -31,7 +31,7 @@ func IsErrNamePatternNotAllowed(err error) bool {
 }
 
 func (err ErrNamePatternNotAllowed) Error() string {
-	return fmt.Sprintf("name pattern is not allowed: [pattern: %s]", err.Pattern)
+	return fmt.Sprintf("name pattern is not allowed [pattern: %s]", err.Pattern)
 }
 
 //  ____ ___
@@ -51,21 +51,7 @@ func IsErrUserAlreadyExist(err error) bool {
 }
 
 func (err ErrUserAlreadyExist) Error() string {
-	return fmt.Sprintf("user already exists: [name: %s]", err.Name)
-}
-
-type ErrUserNotExist struct {
-	UID  int64
-	Name string
-}
-
-func IsErrUserNotExist(err error) bool {
-	_, ok := err.(ErrUserNotExist)
-	return ok
-}
-
-func (err ErrUserNotExist) Error() string {
-	return fmt.Sprintf("user does not exist: [uid: %d, name: %s]", err.UID, err.Name)
+	return fmt.Sprintf("user already exists [name: %s]", err.Name)
 }
 
 type ErrEmailAlreadyUsed struct {
@@ -78,7 +64,7 @@ func IsErrEmailAlreadyUsed(err error) bool {
 }
 
 func (err ErrEmailAlreadyUsed) Error() string {
-	return fmt.Sprintf("e-mail has been used: [email: %s]", err.Email)
+	return fmt.Sprintf("e-mail has been used [email: %s]", err.Email)
 }
 
 type ErrUserOwnRepos struct {
@@ -91,7 +77,7 @@ func IsErrUserOwnRepos(err error) bool {
 }
 
 func (err ErrUserOwnRepos) Error() string {
-	return fmt.Sprintf("user still has ownership of repositories: [uid: %d]", err.UID)
+	return fmt.Sprintf("user still has ownership of repositories [uid: %d]", err.UID)
 }
 
 type ErrUserHasOrgs struct {
@@ -104,7 +90,40 @@ func IsErrUserHasOrgs(err error) bool {
 }
 
 func (err ErrUserHasOrgs) Error() string {
-	return fmt.Sprintf("user still has membership of organizations: [uid: %d]", err.UID)
+	return fmt.Sprintf("user still has membership of organizations [uid: %d]", err.UID)
+}
+
+type ErrReachLimitOfRepo struct {
+	Limit int
+}
+
+func IsErrReachLimitOfRepo(err error) bool {
+	_, ok := err.(ErrReachLimitOfRepo)
+	return ok
+}
+
+func (err ErrReachLimitOfRepo) Error() string {
+	return fmt.Sprintf("user has reached maximum limit of repositories [limit: %d]", err.Limit)
+}
+
+//  __      __.__ __   .__
+// /  \    /  \__|  | _|__|
+// \   \/\/   /  |  |/ /  |
+//  \        /|  |    <|  |
+//   \__/\  / |__|__|_ \__|
+//        \/          \/
+
+type ErrWikiAlreadyExist struct {
+	Title string
+}
+
+func IsErrWikiAlreadyExist(err error) bool {
+	_, ok := err.(ErrWikiAlreadyExist)
+	return ok
+}
+
+func (err ErrWikiAlreadyExist) Error() string {
+	return fmt.Sprintf("wiki page already exists [title: %s]", err.Title)
 }
 
 // __________     ___.   .__  .__          ____  __.
@@ -114,6 +133,19 @@ func (err ErrUserHasOrgs) Error() string {
 //  |____|   |____/|___  /____/__|\___  > |____|__ \___  > ____|
 //                     \/             \/          \/   \/\/
 
+type ErrKeyUnableVerify struct {
+	Result string
+}
+
+func IsErrKeyUnableVerify(err error) bool {
+	_, ok := err.(ErrKeyUnableVerify)
+	return ok
+}
+
+func (err ErrKeyUnableVerify) Error() string {
+	return fmt.Sprintf("Unable to verify key content [result: %s]", err.Result)
+}
+
 type ErrKeyNotExist struct {
 	ID int64
 }
@@ -124,7 +156,7 @@ func IsErrKeyNotExist(err error) bool {
 }
 
 func (err ErrKeyNotExist) Error() string {
-	return fmt.Sprintf("public key does not exist: [id: %d]", err.ID)
+	return fmt.Sprintf("public key does not exist [id: %d]", err.ID)
 }
 
 type ErrKeyAlreadyExist struct {
@@ -138,7 +170,7 @@ func IsErrKeyAlreadyExist(err error) bool {
 }
 
 func (err ErrKeyAlreadyExist) Error() string {
-	return fmt.Sprintf("public key already exists: [owner_id: %d, content: %s]", err.OwnerID, err.Content)
+	return fmt.Sprintf("public key already exists [owner_id: %d, content: %s]", err.OwnerID, err.Content)
 }
 
 type ErrKeyNameAlreadyUsed struct {
@@ -152,7 +184,38 @@ func IsErrKeyNameAlreadyUsed(err error) bool {
 }
 
 func (err ErrKeyNameAlreadyUsed) Error() string {
-	return fmt.Sprintf("public key already exists: [owner_id: %d, name: %s]", err.OwnerID, err.Name)
+	return fmt.Sprintf("public key already exists [owner_id: %d, name: %s]", err.OwnerID, err.Name)
+}
+
+type ErrKeyAccessDenied struct {
+	UserID int64
+	KeyID  int64
+	Note   string
+}
+
+func IsErrKeyAccessDenied(err error) bool {
+	_, ok := err.(ErrKeyAccessDenied)
+	return ok
+}
+
+func (err ErrKeyAccessDenied) Error() string {
+	return fmt.Sprintf("user does not have access to the key [user_id: %d, key_id: %d, note: %s]",
+		err.UserID, err.KeyID, err.Note)
+}
+
+type ErrDeployKeyNotExist struct {
+	ID     int64
+	KeyID  int64
+	RepoID int64
+}
+
+func IsErrDeployKeyNotExist(err error) bool {
+	_, ok := err.(ErrDeployKeyNotExist)
+	return ok
+}
+
+func (err ErrDeployKeyNotExist) Error() string {
+	return fmt.Sprintf("Deploy key does not exist [id: %d, key_id: %d, repo_id: %d]", err.ID, err.KeyID, err.RepoID)
 }
 
 type ErrDeployKeyAlreadyExist struct {
@@ -166,7 +229,7 @@ func IsErrDeployKeyAlreadyExist(err error) bool {
 }
 
 func (err ErrDeployKeyAlreadyExist) Error() string {
-	return fmt.Sprintf("public key already exists: [key_id: %d, repo_id: %d]", err.KeyID, err.RepoID)
+	return fmt.Sprintf("public key already exists [key_id: %d, repo_id: %d]", err.KeyID, err.RepoID)
 }
 
 type ErrDeployKeyNameAlreadyUsed struct {
@@ -180,7 +243,7 @@ func IsErrDeployKeyNameAlreadyUsed(err error) bool {
 }
 
 func (err ErrDeployKeyNameAlreadyUsed) Error() string {
-	return fmt.Sprintf("public key already exists: [repo_id: %d, name: %s]", err.RepoID, err.Name)
+	return fmt.Sprintf("public key already exists [repo_id: %d, name: %s]", err.RepoID, err.Name)
 }
 
 //    _____                                   ___________     __
@@ -200,7 +263,19 @@ func IsErrAccessTokenNotExist(err error) bool {
 }
 
 func (err ErrAccessTokenNotExist) Error() string {
-	return fmt.Sprintf("access token does not exist: [sha: %s]", err.SHA)
+	return fmt.Sprintf("access token does not exist [sha: %s]", err.SHA)
+}
+
+type ErrAccessTokenEmpty struct {
+}
+
+func IsErrAccessTokenEmpty(err error) bool {
+	_, ok := err.(ErrAccessTokenEmpty)
+	return ok
+}
+
+func (err ErrAccessTokenEmpty) Error() string {
+	return fmt.Sprintf("access token is empty")
 }
 
 // ________                            .__                __  .__
@@ -220,7 +295,7 @@ func IsErrLastOrgOwner(err error) bool {
 }
 
 func (err ErrLastOrgOwner) Error() string {
-	return fmt.Sprintf("user is the last member of owner team: [uid: %d]", err.UID)
+	return fmt.Sprintf("user is the last member of owner team [uid: %d]", err.UID)
 }
 
 // __________                           .__  __
@@ -230,21 +305,6 @@ func (err ErrLastOrgOwner) Error() string {
 //  |____|_  /\___  >   __/ \____/____  >__||__|  \____/|__|   / ____|
 //         \/     \/|__|              \/                       \/
 
-type ErrRepoNotExist struct {
-	ID   int64
-	UID  int64
-	Name string
-}
-
-func IsErrRepoNotExist(err error) bool {
-	_, ok := err.(ErrRepoNotExist)
-	return ok
-}
-
-func (err ErrRepoNotExist) Error() string {
-	return fmt.Sprintf("repository does not exist [id: %d, uid: %d, name: %s]", err.ID, err.UID, err.Name)
-}
-
 type ErrRepoAlreadyExist struct {
 	Uname string
 	Name  string
@@ -259,46 +319,106 @@ func (err ErrRepoAlreadyExist) Error() string {
 	return fmt.Sprintf("repository already exists [uname: %s, name: %s]", err.Uname, err.Name)
 }
 
-//  __      __      ___.   .__                   __
-// /  \    /  \ ____\_ |__ |  |__   ____   ____ |  | __
-// \   \/\/   // __ \| __ \|  |  \ /  _ \ /  _ \|  |/ /
-//  \        /\  ___/| \_\ \   Y  (  <_> |  <_> )    <
-//   \__/\  /  \___  >___  /___|  /\____/ \____/|__|_ \
-//        \/       \/    \/     \/                   \/
-
-type ErrWebhookNotExist struct {
-	ID int64
+type ErrInvalidCloneAddr struct {
+	IsURLError         bool
+	IsInvalidPath      bool
+	IsPermissionDenied bool
 }
 
-func IsErrWebhookNotExist(err error) bool {
-	_, ok := err.(ErrWebhookNotExist)
+func IsErrInvalidCloneAddr(err error) bool {
+	_, ok := err.(ErrInvalidCloneAddr)
 	return ok
 }
 
-func (err ErrWebhookNotExist) Error() string {
-	return fmt.Sprintf("webhook does not exist [id: %d]", err.ID)
+func (err ErrInvalidCloneAddr) Error() string {
+	return fmt.Sprintf("invalid clone address [is_url_error: %v, is_invalid_path: %v, is_permission_denied: %v]",
+		err.IsURLError, err.IsInvalidPath, err.IsPermissionDenied)
 }
 
-// .___
-// |   | ______ ________ __   ____
-// |   |/  ___//  ___/  |  \_/ __ \
-// |   |\___ \ \___ \|  |  /\  ___/
-// |___/____  >____  >____/  \___  >
-//          \/     \/            \/
-
-type ErrIssueNotExist struct {
-	ID     int64
-	RepoID int64
-	Index  int64
+type ErrUpdateTaskNotExist struct {
+	UUID string
 }
 
-func IsErrIssueNotExist(err error) bool {
-	_, ok := err.(ErrIssueNotExist)
+func IsErrUpdateTaskNotExist(err error) bool {
+	_, ok := err.(ErrUpdateTaskNotExist)
 	return ok
 }
 
-func (err ErrIssueNotExist) Error() string {
-	return fmt.Sprintf("issue does not exist [id: %d, repo_id: %d, index: %d]", err.ID, err.RepoID, err.Index)
+func (err ErrUpdateTaskNotExist) Error() string {
+	return fmt.Sprintf("update task does not exist [uuid: %s]", err.UUID)
+}
+
+type ErrReleaseAlreadyExist struct {
+	TagName string
+}
+
+func IsErrReleaseAlreadyExist(err error) bool {
+	_, ok := err.(ErrReleaseAlreadyExist)
+	return ok
+}
+
+func (err ErrReleaseAlreadyExist) Error() string {
+	return fmt.Sprintf("release tag already exist [tag_name: %s]", err.TagName)
+}
+
+type ErrReleaseNotExist struct {
+	ID      int64
+	TagName string
+}
+
+func IsErrReleaseNotExist(err error) bool {
+	_, ok := err.(ErrReleaseNotExist)
+	return ok
+}
+
+func (err ErrReleaseNotExist) Error() string {
+	return fmt.Sprintf("release tag does not exist [id: %d, tag_name: %s]", err.ID, err.TagName)
+}
+
+type ErrInvalidTagName struct {
+	TagName string
+}
+
+func IsErrInvalidTagName(err error) bool {
+	_, ok := err.(ErrInvalidTagName)
+	return ok
+}
+
+func (err ErrInvalidTagName) Error() string {
+	return fmt.Sprintf("release tag name is not valid [tag_name: %s]", err.TagName)
+}
+
+type ErrRepoFileAlreadyExist struct {
+	FileName string
+}
+
+func IsErrRepoFileAlreadyExist(err error) bool {
+	_, ok := err.(ErrRepoFileAlreadyExist)
+	return ok
+}
+
+func (err ErrRepoFileAlreadyExist) Error() string {
+	return fmt.Sprintf("repository file already exists [file_name: %s]", err.FileName)
+}
+
+// __________                             .__
+// \______   \____________    ____   ____ |  |__
+//  |    |  _/\_  __ \__  \  /    \_/ ___\|  |  \
+//  |    |   \ |  | \// __ \|   |  \  \___|   Y  \
+//  |______  / |__|  (____  /___|  /\___  >___|  /
+//         \/             \/     \/     \/     \/
+
+type ErrBranchNotExist struct {
+	Name string
+}
+
+func IsErrBranchNotExist(err error) bool {
+	_, ok := err.(ErrBranchNotExist)
+	return ok
+}
+
+func (err ErrBranchNotExist) Error() string {
+	return fmt.Sprintf("branch does not exist [name: %s]", err.Name)
 }
 
 // __________      .__  .__ __________                                     __
@@ -310,7 +430,7 @@ func (err ErrIssueNotExist) Error() string {
 
 type ErrPullRequestNotExist struct {
 	ID         int64
-	PullID     int64
+	IssueID    int64
 	HeadRepoID int64
 	BaseRepoID int64
 	HeadBarcnh string
@@ -323,8 +443,8 @@ func IsErrPullRequestNotExist(err error) bool {
 }
 
 func (err ErrPullRequestNotExist) Error() string {
-	return fmt.Sprintf("pull request does not exist [id: %d, pull_id: %d, head_repo_id: %d, base_repo_id: %d, head_branch: %s, base_branch: %s]",
-		err.ID, err.PullID, err.HeadRepoID, err.BaseRepoID, err.HeadBarcnh, err.BaseBranch)
+	return fmt.Sprintf("pull request does not exist [id: %d, issue_id: %d, head_repo_id: %d, base_repo_id: %d, head_branch: %s, base_branch: %s]",
+		err.ID, err.IssueID, err.HeadRepoID, err.BaseRepoID, err.HeadBarcnh, err.BaseBranch)
 }
 
 // _________                                       __
@@ -335,7 +455,8 @@ func (err ErrPullRequestNotExist) Error() string {
 //         \/             \/      \/     \/     \/
 
 type ErrCommentNotExist struct {
-	ID int64
+	ID      int64
+	IssueID int64
 }
 
 func IsErrCommentNotExist(err error) bool {
@@ -344,7 +465,7 @@ func IsErrCommentNotExist(err error) bool {
 }
 
 func (err ErrCommentNotExist) Error() string {
-	return fmt.Sprintf("comment does not exist [id: %d]", err.ID)
+	return fmt.Sprintf("comment does not exist [id: %d, issue_id: %d]", err.ID, err.IssueID)
 }
 
 // .____          ___.          .__
@@ -355,7 +476,8 @@ func (err ErrCommentNotExist) Error() string {
 //         \/    \/    \/     \/
 
 type ErrLabelNotExist struct {
-	ID int64
+	LabelID int64
+	RepoID  int64
 }
 
 func IsErrLabelNotExist(err error) bool {
@@ -364,7 +486,7 @@ func IsErrLabelNotExist(err error) bool {
 }
 
 func (err ErrLabelNotExist) Error() string {
-	return fmt.Sprintf("label does not exist [id: %d]", err.ID)
+	return fmt.Sprintf("label does not exist [label_id: %d, repo_id: %d]", err.LabelID, err.RepoID)
 }
 
 //    _____  .__.__                   __
@@ -408,3 +530,92 @@ func IsErrAttachmentNotExist(err error) bool {
 func (err ErrAttachmentNotExist) Error() string {
 	return fmt.Sprintf("attachment does not exist [id: %d, uuid: %s]", err.ID, err.UUID)
 }
+
+// .____                 .__           _________
+// |    |    ____   ____ |__| ____    /   _____/ ____  __ _________   ____  ____
+// |    |   /  _ \ / ___\|  |/    \   \_____  \ /  _ \|  |  \_  __ \_/ ___\/ __ \
+// |    |__(  <_> ) /_/  >  |   |  \  /        (  <_> )  |  /|  | \/\  \__\  ___/
+// |_______ \____/\___  /|__|___|  / /_______  /\____/|____/ |__|    \___  >___  >
+//         \/    /_____/         \/          \/                          \/    \/
+
+type ErrLoginSourceNotExist struct {
+	ID int64
+}
+
+func IsErrLoginSourceNotExist(err error) bool {
+	_, ok := err.(ErrLoginSourceNotExist)
+	return ok
+}
+
+func (err ErrLoginSourceNotExist) Error() string {
+	return fmt.Sprintf("login source does not exist [id: %d]", err.ID)
+}
+
+type ErrLoginSourceAlreadyExist struct {
+	Name string
+}
+
+func IsErrLoginSourceAlreadyExist(err error) bool {
+	_, ok := err.(ErrLoginSourceAlreadyExist)
+	return ok
+}
+
+func (err ErrLoginSourceAlreadyExist) Error() string {
+	return fmt.Sprintf("login source already exists [name: %s]", err.Name)
+}
+
+type ErrLoginSourceInUse struct {
+	ID int64
+}
+
+func IsErrLoginSourceInUse(err error) bool {
+	_, ok := err.(ErrLoginSourceInUse)
+	return ok
+}
+
+func (err ErrLoginSourceInUse) Error() string {
+	return fmt.Sprintf("login source is still used by some users [id: %d]", err.ID)
+}
+
+// ___________
+// \__    ___/___ _____    _____
+//   |    |_/ __ \\__  \  /     \
+//   |    |\  ___/ / __ \|  Y Y  \
+//   |____| \___  >____  /__|_|  /
+//              \/     \/      \/
+
+type ErrTeamAlreadyExist struct {
+	OrgID int64
+	Name  string
+}
+
+func IsErrTeamAlreadyExist(err error) bool {
+	_, ok := err.(ErrTeamAlreadyExist)
+	return ok
+}
+
+func (err ErrTeamAlreadyExist) Error() string {
+	return fmt.Sprintf("team already exists [org_id: %d, name: %s]", err.OrgID, err.Name)
+}
+
+//  ____ ___        .__                    .___
+// |    |   \______ |  |   _________     __| _/
+// |    |   /\____ \|  |  /  _ \__  \   / __ |
+// |    |  / |  |_> >  |_(  <_> ) __ \_/ /_/ |
+// |______/  |   __/|____/\____(____  /\____ |
+//           |__|                   \/      \/
+//
+
+type ErrUploadNotExist struct {
+	ID   int64
+	UUID string
+}
+
+func IsErrUploadNotExist(err error) bool {
+	_, ok := err.(ErrAttachmentNotExist)
+	return ok
+}
+
+func (err ErrUploadNotExist) Error() string {
+	return fmt.Sprintf("attachment does not exist [id: %d, uuid: %s]", err.ID, err.UUID)
+}

models/errors/errors.go

@@ -0,0 +1,12 @@
+// Copyright 2017 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package errors
+
+import "errors"
+
+// New is a wrapper of real errors.New function.
+func New(text string) error {
+	return errors.New(text)
+}

models/errors/issue.go

@@ -0,0 +1,35 @@
+// Copyright 2017 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package errors
+
+import "fmt"
+
+type IssueNotExist struct {
+	ID     int64
+	RepoID int64
+	Index  int64
+}
+
+func IsIssueNotExist(err error) bool {
+	_, ok := err.(IssueNotExist)
+	return ok
+}
+
+func (err IssueNotExist) Error() string {
+	return fmt.Sprintf("issue does not exist [id: %d, repo_id: %d, index: %d]", err.ID, err.RepoID, err.Index)
+}
+
+type InvalidIssueReference struct {
+	Ref string
+}
+
+func IsInvalidIssueReference(err error) bool {
+	_, ok := err.(InvalidIssueReference)
+	return ok
+}
+
+func (err InvalidIssueReference) Error() string {
+	return fmt.Sprintf("invalid issue reference [ref: %s]", err.Ref)
+}

models/errors/login_source.go

@@ -0,0 +1,33 @@
+// Copyright 2017 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package errors
+
+import "fmt"
+
+type LoginSourceNotActivated struct {
+	SourceID int64
+}
+
+func IsLoginSourceNotActivated(err error) bool {
+	_, ok := err.(LoginSourceNotActivated)
+	return ok
+}
+
+func (err LoginSourceNotActivated) Error() string {
+	return fmt.Sprintf("login source is not activated [source_id: %d]", err.SourceID)
+}
+
+type InvalidLoginSourceType struct {
+	Type interface{}
+}
+
+func IsInvalidLoginSourceType(err error) bool {
+	_, ok := err.(InvalidLoginSourceType)
+	return ok
+}
+
+func (err InvalidLoginSourceType) Error() string {
+	return fmt.Sprintf("invalid login source type [type: %v]", err.Type)
+}

models/errors/repo.go

@@ -0,0 +1,48 @@
+// Copyright 2017 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package errors
+
+import "fmt"
+
+type RepoNotExist struct {
+	ID     int64
+	UserID int64
+	Name   string
+}
+
+func IsRepoNotExist(err error) bool {
+	_, ok := err.(RepoNotExist)
+	return ok
+}
+
+func (err RepoNotExist) Error() string {
+	return fmt.Sprintf("repository does not exist [id: %d, user_id: %d, name: %s]", err.ID, err.UserID, err.Name)
+}
+
+type InvalidRepoReference struct {
+	Ref string
+}
+
+func IsInvalidRepoReference(err error) bool {
+	_, ok := err.(InvalidRepoReference)
+	return ok
+}
+
+func (err InvalidRepoReference) Error() string {
+	return fmt.Sprintf("invalid repository reference [ref: %s]", err.Ref)
+}
+
+type MirrorNotExist struct {
+	RepoID int64
+}
+
+func IsMirrorNotExist(err error) bool {
+	_, ok := err.(MirrorNotExist)
+	return ok
+}
+
+func (err MirrorNotExist) Error() string {
+	return fmt.Sprintf("mirror does not exist [repo_id: %d]", err.RepoID)
+}

models/errors/user.go

@@ -0,0 +1,45 @@
+// Copyright 2017 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package errors
+
+import "fmt"
+
+type EmptyName struct{}
+
+func IsEmptyName(err error) bool {
+	_, ok := err.(EmptyName)
+	return ok
+}
+
+func (err EmptyName) Error() string {
+	return "empty name"
+}
+
+type UserNotExist struct {
+	UserID int64
+	Name   string
+}
+
+func IsUserNotExist(err error) bool {
+	_, ok := err.(UserNotExist)
+	return ok
+}
+
+func (err UserNotExist) Error() string {
+	return fmt.Sprintf("user does not exist [user_id: %d, name: %s]", err.UserID, err.Name)
+}
+
+type UserNotKeyOwner struct {
+	KeyID int64
+}
+
+func IsUserNotKeyOwner(err error) bool {
+	_, ok := err.(UserNotKeyOwner)
+	return ok
+}
+
+func (err UserNotKeyOwner) Error() string {
+	return fmt.Sprintf("user is not the owner of public key [key_id: %d]", err.KeyID)
+}

models/errors/user_mail.go

@@ -0,0 +1,33 @@
+// Copyright 2017 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package errors
+
+import "fmt"
+
+type EmailNotFound struct {
+	Email string
+}
+
+func IsEmailNotFound(err error) bool {
+	_, ok := err.(EmailNotFound)
+	return ok
+}
+
+func (err EmailNotFound) Error() string {
+	return fmt.Sprintf("email is not found [email: %s]", err.Email)
+}
+
+type EmailNotVerified struct {
+	Email string
+}
+
+func IsEmailNotVerified(err error) bool {
+	_, ok := err.(EmailNotVerified)
+	return ok
+}
+
+func (err EmailNotVerified) Error() string {
+	return fmt.Sprintf("email has not been verified [email: %s]", err.Email)
+}

models/errors/webhook.go

@@ -0,0 +1,34 @@
+// Copyright 2017 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package errors
+
+import "fmt"
+
+type WebhookNotExist struct {
+	ID int64
+}
+
+func IsWebhookNotExist(err error) bool {
+	_, ok := err.(WebhookNotExist)
+	return ok
+}
+
+func (err WebhookNotExist) Error() string {
+	return fmt.Sprintf("webhook does not exist [id: %d]", err.ID)
+}
+
+type HookTaskNotExist struct {
+	HookID int64
+	UUID   string
+}
+
+func IsHookTaskNotExist(err error) bool {
+	_, ok := err.(HookTaskNotExist)
+	return ok
+}
+
+func (err HookTaskNotExist) Error() string {
+	return fmt.Sprintf("hook task does not exist [hook_id: %d, uuid: %s]", err.HookID, err.UUID)
+}