2023-04-24 14:08:59 +03:00
/ *
Gitea ' s tailwind-style CSS helper classes have ` gt- ` prefix .
Gitea ' s private styles use ` g- ` prefix .
* /
2023-04-26 18:59:08 +03:00
. gt-db { display : block !important ; }
2023-02-13 20:59:59 +03:00
. gt-df { display : flex !important ; }
. gt-di { display : inline !important ; }
. gt-dif { display : inline-flex !important ; }
. gt-dib { display : inline-block !important ; }
. gt-ac { align-items : center !important ; }
2023-03-13 08:31:06 +03:00
. gt-ab { align-items : baseline !important ; }
2023-02-13 20:59:59 +03:00
. gt-tc { text-align : center !important ; }
. gt-tl { text-align : left !important ; }
. gt-jc { justify-content : center !important ; }
. gt-js { justify-content : flex-start !important ; }
. gt-je { justify-content : flex-end !important ; }
. gt-sb { justify-content : space-between !important ; }
. gt-fc { flex-direction : column !important ; }
. gt-f1 { flex : 1 !important ; }
. gt-fw { flex-wrap : wrap !important ; }
. gt-vm { vertical-align : middle !important ; }
. gt-w-100 { width : 100 % !important ; }
. gt-h-100 { height : 100 % !important ; }
. gt-br-0 { border-radius : 0 !important ; }
2020-11-10 21:28:07 +03:00
2023-02-13 20:59:59 +03:00
. gt-mono {
2020-11-10 21:28:07 +03:00
font-family : var ( --fonts-monospace ) ! important ;
2023-04-13 22:05:06 +03:00
font-size : . 95em ! important ; /* compensate for monospace fonts being usually slightly larger */
2020-11-10 21:28:07 +03:00
}
2023-02-13 20:59:59 +03:00
. gt-word-break {
2020-11-10 21:28:07 +03:00
word-wrap : break-word ! important ;
2022-04-29 12:30:54 +03:00
word-break : break-word ; /* compat: Safari */
overflow-wrap : anywhere ;
2020-11-10 21:28:07 +03:00
}
2020-09-08 20:17:56 +03:00
2023-02-13 20:59:59 +03:00
. gt-ellipsis {
2021-12-11 17:12:18 +03:00
overflow : hidden ! important ;
white-space : nowrap ! important ;
text-overflow : ellipsis ! important ;
}
2023-04-26 18:59:08 +03:00
. g-table-auto-ellipsis td . auto-ellipsis {
position : relative ;
}
. g-table-auto-ellipsis td . auto-ellipsis span {
position : absolute ;
left : 0 ;
right : 0 ;
top : 0 ;
bottom : 0 ;
padding : inherit ;
white-space : nowrap ;
overflow : hidden ;
text-overflow : ellipsis ;
}
2023-04-29 13:44:52 +03:00
. gt-max-width-24rem { max-width : 24 rem !important ; }
2023-04-25 22:48:30 +03:00
/* below class names match Tailwind CSS */
. gt-break-all { word-break : break-all !important ; }
. gt-content-center { align-content : center !important ; }
. gt-cursor-default { cursor : default !important ; }
Redesign Scoped Access Tokens (#24767)
## Changes
- Adds the following high level access scopes, each with `read` and
`write` levels:
- `activitypub`
- `admin` (hidden if user is not a site admin)
- `misc`
- `notification`
- `organization`
- `package`
- `issue`
- `repository`
- `user`
- Adds new middleware function `tokenRequiresScopes()` in addition to
`reqToken()`
- `tokenRequiresScopes()` is used for each high-level api section
- _if_ a scoped token is present, checks that the required scope is
included based on the section and HTTP method
- `reqToken()` is used for individual routes
- checks that required authentication is present (but does not check
scope levels as this will already have been handled by
`tokenRequiresScopes()`
- Adds migration to convert old scoped access tokens to the new set of
scopes
- Updates the user interface for scope selection
### User interface example
<img width="903" alt="Screen Shot 2023-05-31 at 1 56 55 PM"
src="https://github.com/go-gitea/gitea/assets/23248839/654766ec-2143-4f59-9037-3b51600e32f3">
<img width="917" alt="Screen Shot 2023-05-31 at 1 56 43 PM"
src="https://github.com/go-gitea/gitea/assets/23248839/1ad64081-012c-4a73-b393-66b30352654c">
## tokenRequiresScopes Design Decision
- `tokenRequiresScopes()` was added to more reliably cover api routes.
For an incoming request, this function uses the given scope category
(say `AccessTokenScopeCategoryOrganization`) and the HTTP method (say
`DELETE`) and verifies that any scoped tokens in use include
`delete:organization`.
- `reqToken()` is used to enforce auth for individual routes that
require it. If a scoped token is not present for a request,
`tokenRequiresScopes()` will not return an error
## TODO
- [x] Alphabetize scope categories
- [x] Change 'public repos only' to a radio button (private vs public).
Also expand this to organizations
- [X] Disable token creation if no scopes selected. Alternatively, show
warning
- [x] `reqToken()` is missing from many `POST/DELETE` routes in the api.
`tokenRequiresScopes()` only checks that a given token has the correct
scope, `reqToken()` must be used to check that a token (or some other
auth) is present.
- _This should be addressed in this PR_
- [x] The migration should be reviewed very carefully in order to
minimize access changes to existing user tokens.
- _This should be addressed in this PR_
- [x] Link to api to swagger documentation, clarify what
read/write/delete levels correspond to
- [x] Review cases where more than one scope is needed as this directly
deviates from the api definition.
- _This should be addressed in this PR_
- For example:
```go
m.Group("/users/{username}/orgs", func() {
m.Get("", reqToken(), org.ListUserOrgs)
m.Get("/{org}/permissions", reqToken(), org.GetUserOrgsPermissions)
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser,
auth_model.AccessTokenScopeCategoryOrganization),
context_service.UserAssignmentAPI())
```
## Future improvements
- [ ] Add required scopes to swagger documentation
- [ ] Redesign `reqToken()` to be opt-out rather than opt-in
- [ ] Subdivide scopes like `repository`
- [ ] Once a token is created, if it has no scopes, we should display
text instead of an empty bullet point
- [ ] If the 'public repos only' option is selected, should read
categories be selected by default
Closes #24501
Closes #24799
Co-authored-by: Jonathan Tran <jon@allspice.io>
Co-authored-by: Kyle D <kdumontnu@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2023-06-04 21:57:16 +03:00
. gt-cursor-pointer { cursor : pointer !important ; }
2023-04-25 22:48:30 +03:00
. gt-invisible { visibility : hidden !important ; }
. gt-items-start { align-items : flex-start !important ; }
. gt-pointer-events-none { pointer-events : none !important ; }
. gt-relative { position : relative !important ; }
. gt-whitespace-nowrap { white-space : nowrap !important ; }
. gt-whitespace-pre { white-space : pre !important ; }
. gt-whitespace-pre-wrap { white-space : pre-wrap !important ; }
2023-05-16 01:46:51 +03:00
. gt-object-contain { object-fit : contain !important ; }
. gt-self-center { align-self : center !important ; }
2023-05-25 05:31:26 +03:00
. gt-self-start { align-self : flex-start !important ; }
. gt-self-end { align-self : flex-end !important ; }
2023-06-09 11:37:47 +03:00
. gt-no-underline { text-decoration-line : none !important ; }
2023-04-25 22:48:30 +03:00
2023-04-29 14:35:59 +03:00
. gt-overflow-x-auto { overflow-x : auto !important ; }
. gt-overflow-x-scroll { overflow-x : scroll !important ; }
. gt-overflow-y-hidden { overflow-y : hidden !important ; }
2023-04-14 08:19:11 +03:00
. gt-w-screen { width : 100 vw !important ; }
. gt-h-screen { height : 100 vh !important ; }
2023-02-13 20:59:59 +03:00
2023-04-29 14:35:59 +03:00
. gt-float-left { float : left !important ; }
. gt-float-right { float : right !important ; }
2023-05-29 11:55:23 +03:00
. gt-font-light { font-weight : var ( - - font - weight - light ) !important ; }
. gt-font-normal { font-weight : var ( - - font - weight - normal ) !important ; }
. gt-font-medium { font-weight : var ( - - font - weight - medium ) !important ; }
. gt-font-semibold { font-weight : var ( - - font - weight - semibold ) !important ; }
. gt-font-bold { font-weight : var ( - - font - weight - bold ) !important ; }
2023-05-22 02:37:32 +03:00
2023-02-13 20:59:59 +03:00
. gt-rounded { border-radius : var ( - - border - radius ) !important ; }
. gt-rounded-top { border-radius : var ( - - border - radius ) var ( - - border - radius ) 0 0 !important ; }
. gt-rounded-bottom { border-radius : 0 0 var ( - - border - radius ) var ( - - border - radius ) !important ; }
. gt-rounded-left { border-radius : var ( - - border - radius ) 0 0 var ( - - border - radius ) !important ; }
. gt-rounded-right { border-radius : 0 var ( - - border - radius ) var ( - - border - radius ) 0 !important ; }
. gt-border-secondary { border : 1 px solid var ( - - color - secondary ) !important ; }
. gt-border-secondary-top { border-top : 1 px solid var ( - - color - secondary ) !important ; }
. gt-border-secondary-bottom { border-bottom : 1 px solid var ( - - color - secondary ) !important ; }
. gt-border-secondary-left { border-left : 1 px solid var ( - - color - secondary ) !important ; }
. gt-border-secondary-right { border-right : 1 px solid var ( - - color - secondary ) !important ; }
. gt-no-transition { transition : none !important ; }
. gt-bg-red { background : var ( - - color - red ) !important ; }
. gt-bg-orange { background : var ( - - color - orange ) !important ; }
. gt-bg-yellow { background : var ( - - color - yellow ) !important ; }
. gt-bg-olive { background : var ( - - color - olive ) !important ; }
. gt-bg-green { background : var ( - - color - green ) !important ; }
. gt-bg-teal { background : var ( - - color - teal ) !important ; }
. gt-bg-blue { background : var ( - - color - blue ) !important ; }
. gt-bg-violet { background : var ( - - color - violet ) !important ; }
. gt-bg-purple { background : var ( - - color - purple ) !important ; }
. gt-bg-pink { background : var ( - - color - pink ) !important ; }
. gt-bg-brown { background : var ( - - color - brown ) !important ; }
. gt-bg-grey { background : var ( - - color - grey ) !important ; }
. gt-bg-gold { background : var ( - - color - gold ) !important ; }
2023-05-18 10:27:29 +03:00
. gt-bg-transparent { background : transparent !important ; }
2023-02-13 20:59:59 +03:00
. gt-text-white { color : var ( - - color - white ) !important ; }
2023-06-09 11:37:47 +03:00
. interact-fg { color : inherit !important ; }
. interact-fg : hover { color : var ( - - color - primary ) !important ; }
. interact-fg : active { color : var ( - - color - primary - active ) !important ; }
. interact-bg { background : transparent !important ; }
. interact-bg : hover { background : var ( - - color - hover ) !important ; }
. interact-bg : active { background : var ( - - color - active ) !important ; }
2023-02-13 20:59:59 +03:00
. gt-m-0 { margin : 0 !important ; }
. gt-m-1 { margin : .125 rem !important ; }
. gt-m-2 { margin : .25 rem !important ; }
. gt-m-3 { margin : .5 rem !important ; }
. gt-m-4 { margin : 1 rem !important ; }
. gt-m-5 { margin : 2 rem !important ; }
. gt-ml-0 { margin-left : 0 !important ; }
. gt-ml-1 { margin-left : .125 rem !important ; }
. gt-ml-2 { margin-left : .25 rem !important ; }
. gt-ml-3 { margin-left : .5 rem !important ; }
. gt-ml-4 { margin-left : 1 rem !important ; }
. gt-ml-5 { margin-left : 2 rem !important ; }
. gt-mr-0 { margin-right : 0 !important ; }
. gt-mr-1 { margin-right : .125 rem !important ; }
. gt-mr-2 { margin-right : .25 rem !important ; }
. gt-mr-3 { margin-right : .5 rem !important ; }
. gt-mr-4 { margin-right : 1 rem !important ; }
. gt-mr-5 { margin-right : 2 rem !important ; }
. gt-mt-0 { margin-top : 0 !important ; }
. gt-mt-1 { margin-top : .125 rem !important ; }
. gt-mt-2 { margin-top : .25 rem !important ; }
. gt-mt-3 { margin-top : .5 rem !important ; }
. gt-mt-4 { margin-top : 1 rem !important ; }
. gt-mt-5 { margin-top : 2 rem !important ; }
. gt-mb-0 { margin-bottom : 0 !important ; }
. gt-mb-1 { margin-bottom : .125 rem !important ; }
. gt-mb-2 { margin-bottom : .25 rem !important ; }
. gt-mb-3 { margin-bottom : .5 rem !important ; }
. gt-mb-4 { margin-bottom : 1 rem !important ; }
. gt-mb-5 { margin-bottom : 2 rem !important ; }
. gt-mx-0 { margin-left : 0 !important ; margin-right : 0 !important ; }
. gt-mx-1 { margin-left : .125 rem !important ; margin-right : .125 rem !important ; }
. gt-mx-2 { margin-left : .25 rem !important ; margin-right : .25 rem !important ; }
. gt-mx-3 { margin-left : .5 rem !important ; margin-right : .5 rem !important ; }
. gt-mx-4 { margin-left : 1 rem !important ; margin-right : 1 rem !important ; }
. gt-mx-5 { margin-left : 2 rem !important ; margin-right : 2 rem !important ; }
. gt-my-0 { margin-top : 0 !important ; margin-bottom : 0 !important ; }
. gt-my-1 { margin-top : .125 rem !important ; margin-bottom : .125 rem !important ; }
. gt-my-2 { margin-top : .25 rem !important ; margin-bottom : .25 rem !important ; }
. gt-my-3 { margin-top : .5 rem !important ; margin-bottom : .5 rem !important ; }
. gt-my-4 { margin-top : 1 rem !important ; margin-bottom : 1 rem !important ; }
. gt-my-5 { margin-top : 2 rem !important ; margin-bottom : 2 rem !important ; }
2023-05-11 00:59:58 +03:00
. gt-m-auto { margin : auto !important ; }
. gt-mx-auto { margin-left : auto !important ; margin-right : auto !important ; }
. gt-my-auto { margin-top : auto !important ; margin-bottom : auto !important ; }
. gt-mt-auto { margin-top : auto !important ; }
. gt-mr-auto { margin-right : auto !important ; }
. gt-mb-auto { margin-bottom : auto !important ; }
. gt-ml-auto { margin-left : auto !important ; }
2023-02-13 20:59:59 +03:00
. gt-p-0 { padding : 0 !important ; }
. gt-p-1 { padding : .125 rem !important ; }
. gt-p-2 { padding : .25 rem !important ; }
. gt-p-3 { padding : .5 rem !important ; }
. gt-p-4 { padding : 1 rem !important ; }
. gt-p-5 { padding : 2 rem !important ; }
. gt-pl-0 { padding-left : 0 !important ; }
. gt-pl-1 { padding-left : .125 rem !important ; }
. gt-pl-2 { padding-left : .25 rem !important ; }
. gt-pl-3 { padding-left : .5 rem !important ; }
. gt-pl-4 { padding-left : 1 rem !important ; }
. gt-pl-5 { padding-left : 2 rem !important ; }
. gt-pr-0 { padding-right : 0 !important ; }
. gt-pr-1 { padding-right : .125 rem !important ; }
. gt-pr-2 { padding-right : .25 rem !important ; }
. gt-pr-3 { padding-right : .5 rem !important ; }
. gt-pr-4 { padding-right : 1 rem !important ; }
. gt-pr-5 { padding-right : 2 rem !important ; }
. gt-pt-0 { padding-top : 0 !important ; }
. gt-pt-1 { padding-top : .125 rem !important ; }
. gt-pt-2 { padding-top : .25 rem !important ; }
. gt-pt-3 { padding-top : .5 rem !important ; }
. gt-pt-4 { padding-top : 1 rem !important ; }
. gt-pt-5 { padding-top : 2 rem !important ; }
. gt-pb-0 { padding-bottom : 0 !important ; }
. gt-pb-1 { padding-bottom : .125 rem !important ; }
. gt-pb-2 { padding-bottom : .25 rem !important ; }
. gt-pb-3 { padding-bottom : .5 rem !important ; }
. gt-pb-4 { padding-bottom : 1 rem !important ; }
. gt-pb-5 { padding-bottom : 2 rem !important ; }
. gt-px-0 { padding-left : 0 !important ; padding-right : 0 !important ; }
. gt-px-1 { padding-left : .125 rem !important ; padding-right : .125 rem !important ; }
. gt-px-2 { padding-left : .25 rem !important ; padding-right : .25 rem !important ; }
. gt-px-3 { padding-left : .5 rem !important ; padding-right : .5 rem !important ; }
. gt-px-4 { padding-left : 1 rem !important ; padding-right : 1 rem !important ; }
. gt-px-5 { padding-left : 2 rem !important ; padding-right : 2 rem !important ; }
. gt-py-0 { padding-top : 0 !important ; padding-bottom : 0 !important ; }
. gt-py-1 { padding-top : .125 rem !important ; padding-bottom : .125 rem !important ; }
. gt-py-2 { padding-top : .25 rem !important ; padding-bottom : .25 rem !important ; }
. gt-py-3 { padding-top : .5 rem !important ; padding-bottom : .5 rem !important ; }
. gt-py-4 { padding-top : 1 rem !important ; padding-bottom : 1 rem !important ; }
. gt-py-5 { padding-top : 2 rem !important ; padding-bottom : 2 rem !important ; }
2023-03-10 06:14:45 +03:00
. gt-gap-0 { gap : 0 !important ; }
. gt-gap-1 { gap : .125 rem !important ; }
. gt-gap-2 { gap : .25 rem !important ; }
. gt-gap-3 { gap : .5 rem !important ; }
. gt-gap-4 { gap : 1 rem !important ; }
. gt-gap-5 { gap : 2 rem !important ; }
. gt-gap-x-0 { column-gap : 0 !important ; }
. gt-gap-x-1 { column-gap : .125 rem !important ; }
. gt-gap-x-2 { column-gap : .25 rem !important ; }
. gt-gap-x-3 { column-gap : .5 rem !important ; }
. gt-gap-x-4 { column-gap : 1 rem !important ; }
. gt-gap-x-5 { column-gap : 2 rem !important ; }
. gt-gap-y-0 { row-gap : 0 !important ; }
. gt-gap-y-1 { row-gap : .125 rem !important ; }
. gt-gap-y-2 { row-gap : .25 rem !important ; }
. gt-gap-y-3 { row-gap : .5 rem !important ; }
. gt-gap-y-4 { row-gap : 1 rem !important ; }
. gt-gap-y-5 { row-gap : 2 rem !important ; }
2023-03-24 10:11:23 +03:00
. gt-shrink-0 { flex-shrink : 0 !important ; }
2023-03-23 21:07:04 +03:00
2023-06-09 11:37:47 +03:00
. gt-font-12 { font-size : 12 px !important }
2023-05-25 05:31:26 +03:00
. gt-font-13 { font-size : 13 px !important }
. gt-font-14 { font-size : 14 px !important }
. gt-font-15 { font-size : 15 px !important }
. gt-font-16 { font-size : 16 px !important }
. gt-font-17 { font-size : 17 px !important }
. gt-font-18 { font-size : 18 px !important }
2023-06-09 12:10:51 +03:00
@ media ( max-width : 767 . 98px ) {
2023-02-13 20:59:59 +03:00
. gt-db-small { display : block !important ; }
. gt-w-100-small { width : 100 % !important ; }
. gt-js-small { justify-content : flex-start !important ; }
2022-08-10 16:20:10 +03:00
}
2023-02-16 15:07:21 +03:00
2023-02-19 07:06:14 +03:00
/ *
gt-hidden must be placed after all other "display: xxx !important" classes to win the chance
do not use :
* "[hidden]" attribute : it ' s too weak , can not be applied to an element with "display: flex"
* ".hidden" class : it has been polluted by Fomantic UI in many cases
* inline style = "display: none" : it ' s difficult to tweak
* jQuery ' s show / hide / toggle : it can not show / hide elements with "display: xxx !important"
only use :
* this ".gt-hidden" class
* showElem / hideElem / toggleElem functions in "utils/dom.js"
* /
2023-02-16 15:07:21 +03:00
. gt-hidden { display : none !important ; }