4 commits

Author	SHA1	Message	Date
pat-s	c39a4368af	refactor: migrate from lib/pq to jackc/pgx (#10219) ... This PR migrates the unmaintaiend `lib/pq` library to `jackc/pgx`, which is the de-facto standard lib in go for postgres connections these days. Some implementation notes: We register both `pgx` and `postgresschema` driver names (for backward comp). We can't register `postgres` as this one is still used by `lib/pq` imported by `go-chi/session`, which is in use when users go for the "postgres" session type in the "Session config. It is questionable if anyone is really using the "postgres" driver option in the session config - but for consistency, it would be good to also migrate to `pgx` there, especially as the code lives within Forgejo under [go-chi/session](https://code.forgejo.org/go-chi/session). `pgx` supports multi-host notation in the connection string. New tests have been added therefore. `pgx` also allows for connection string parameters such as `?default_query_exec_mode=simple_protocol`. This should possibly allow running with `pgbouncer` "transaction" mode instead of "session", which could substantially enhance Postgres query handling. ## Checklist ### Tests - I added test coverage for Go changes... - [x] in their respective `*_test.go` for unit tests. - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server. - I added test coverage for JavaScript changes... - [ ] in `web_src/js/*.test.js` if it can be unit tested. - [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)). ### Documentation - [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change. - [x] I did not document these changes and I do not expect someone else to do it. ### Release notes - [ ] I do not want this change to show in the release notes. - [x] I want the title to show in the release notes with a link to this pull request. - [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/10219 Reviewed-by: Mathieu Fenniak <mfenniak@noreply.codeberg.org> Co-authored-by: pat-s <patrick.schratz@gmail.com> Co-committed-by: pat-s <patrick.schratz@gmail.com>	2025-11-30 17:47:45 +01:00
Cyborus	a68791d707	fix: prevent orgs from being added as members of orgs (#9757) ... Resolves #4167 Changes it to check that the user being added is `User` or `Bot` type before allowing it Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/9757 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: Cyborus <cyborus@cyborus.xyz> Co-committed-by: Cyborus <cyborus@cyborus.xyz>	2025-11-08 22:05:21 +01:00
Gusted	b51f97e97d	feat: add option to allow non-local users to change usernames (#8714) ... Add a new config option for OAuth2 authentication sources: allow users to change their username. In the case where OAuth2 is more like a social OAuth2 login there's no need to not allow users to change their username. The information how the user is linked to the authentication source is stored in different fields. Resolves forgejo/forgejo#687 Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8714 Reviewed-by: 0ko <0ko@noreply.codeberg.org> Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org> Co-authored-by: Gusted <postmaster@gusted.xyz> Co-committed-by: Gusted <postmaster@gusted.xyz>	2025-08-06 20:25:13 +02:00
Earl Warren	7cabc5670d	Implement remote user login source and promotion to regular user ... A remote user (UserTypeRemoteUser) is a placeholder that can be promoted to a regular user (UserTypeIndividual). It represents users that exist somewhere else. Although the UserTypeRemoteUser already exists in Forgejo, it is neither used or documented. A new login type / source (Remote) is introduced and set to be the login type of remote users. Type UserTypeRemoteUser LogingType Remote The association between a remote user and its counterpart in another environment (for instance another forge) is via the OAuth2 login source: LoginName set to the unique identifier relative to the login source LoginSource set to the identifier of the remote source For instance when migrating from GitLab.com, a user can be created as if it was authenticated using GitLab.com as an OAuth2 authentication source. When a user authenticates to Forejo from the same authentication source and the identifier match, the remote user is promoted to a regular user. For instance if 43 is the ID of the GitLab.com OAuth2 login source, 88 is the ID of the Remote loging source, and 48323 is the identifier of the foo user: Type UserTypeRemoteUser LogingType Remote LoginName 48323 LoginSource 88 Email (empty) Name foo Will be promoted to the following when the user foo authenticates to the Forgejo instance using GitLab.com as an OAuth2 provider. All users with a LoginType of Remote and a LoginName of 48323 are examined. If the LoginSource has a provider name that matches the provider name of GitLab.com (usually just "gitlab"), it is a match and can be promoted. The email is obtained via the OAuth2 provider and the user set to: Type UserTypeIndividual LogingType OAuth2 LoginName 48323 LoginSource 43 Email foo@example.com Name foo Note: the Remote login source is an indirection to the actual login source, i.e. the provider string my be set to a login source that does not exist yet.	2024-04-25 13:03:49 +02:00