4.10 release

fix deprecation warnings

.github/CONTRIBUTING.md

@@ -4,4 +4,3 @@
 - If you can't find same question and report, send it to [gitter room](https://gitter.im/gitbucket/gitbucket) before raising an issue.
 - We can also support in Japaneses other than English at [gitter room for Japanese](https://gitter.im/gitbucket/gitbucket_ja).
 - Write an issue in English. At least, write subject in English.
-- First priority of GitBucket is easy installation and reproduce GitHub behavior, so we might reject if your request is against it.

.github/PULL_REQUEST_TEMPLATE.md

@@ -5,4 +5,4 @@
 - [] verified that project is compiling
 - [] verified that tests are passing
 - [] squashed my commits as appropriate *(keep several commits if it is relevant to understand the PR)*
-- [] [marked as closed](https://help.github.com/articles/closing-issues-via-commit-messages/) all issue ID that this PR should correct
+- [] [marked as closed using commit message](https://help.github.com/articles/closing-issues-via-commit-messages/) all issue ID that this PR should correct

.travis.yml

@@ -8,4 +8,11 @@ before_script:
   - sudo apt-get install libaio1
   - sudo /etc/init.d/mysql stop
   - sudo /etc/init.d/postgresql stop
-
+cache:
+  directories:
+    - $HOME/.ivy2/cache
+    - $HOME/.sbt/boot
+    - $HOME/.sbt/launchers
+    - $HOME/.coursier
+    - $HOME/.embedmysql
+    - $HOME/.embedpostgresql

LICENSE

@@ -187,7 +187,7 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright [yyyy] [name of copyright owner]
+   Copyright 2013-2016 GitBucket Team
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.

README.md

@@ -2,89 +2,155 @@ GitBucket [![Gitter chat](https://badges.gitter.im/gitbucket/gitbucket.png)](htt
 =========
 
 GitBucket is a Git platform powered by Scala offering:
-- easy installation
-- high extensibility by plugins
-- API compatibility with Github
+- Easy installation
+- High extensibility by plugins
+- API compatibility with GitHub
 
 Features
 --------
 The current version of GitBucket provides a basic features below:
 
 - Public / Private Git repository (http and ssh access)
-- Repository viewer and online file editing
-- Wiki
-- Issues / Pull request
-- Email notification
-- Simple user and group management with LDAP integration
+- GitLFS support
+- Repository viewer includes online file editor
+- Issues, Pull request and Wiki for repositories
+- Activity timeline and email notification
+- Account and group management with LDAP integration
 - Plug-in system
 
-If you want to try the development version of GitBucket, see [Developer's Guide](https://github.com/gitbucket/gitbucket/blob/master/doc/how_to_run.md).
+If you want to try the development version of GitBucket, see the [Developer's Guide](https://github.com/gitbucket/gitbucket/blob/master/doc/how_to_run.md).
 
 Installation
 --------
-GitBucket requires **Java8**. You have to install beforehand when it's not installed.
+GitBucket requires **Java8**. You have to install it if it is not already installed.
 
-1. Download latest **gitbucket.war** from [the release page](https://github.com/gitbucket/gitbucket/releases).
-2. Deploy it to the Servlet 3.0 container such as Tomcat 7.x, Jetty 8.x, GlassFish 3.x or higher.
-3. Access **http://[hostname]:[port]/gitbucket/** using your web browser and logged-in with **root** / **root**.
+1. Download the latest **gitbucket.war** from [the releases page](https://github.com/gitbucket/gitbucket/releases) and run it by `java -jar gitbucket.war`.
+2. Go to `http://[hostname]:8080/` and log in with **root** / **root**.
 
-or you can start GitBucket by `java -jar gitbucket.war` without servlet container. In this case, GitBucket URL is **http://[hostname]:8080/**. You can specify following options.
+You can specify following options:
 
-- --port=[NUMBER]
-- --prefix=[CONTEXTPATH]
-- --host=[HOSTNAME]
-- --gitbucket.home=[DATA_DIR]
+- `--port=[NUMBER]`
+- `--prefix=[CONTEXTPATH]`
+- `--host=[HOSTNAME]`
+- `--gitbucket.home=[DATA_DIR]`
+- `--temp_dir=[TEMP_DIR]`
 
-To upgrade GitBucket, only replace gitbucket.war after stop GitBucket. All GitBucket data is stored in HOME/.gitbucket. So if you want to back up GitBucket data, copy this directory to the other disk.
+`TEMP_DIR` is used as the [temporary directory for the jetty application context](https://www.eclipse.org/jetty/documentation/9.3.x/ref-temporary-directories.html). This is the directory into which the `gitbucket.war` file is unpacked, the source files are compiled, etc. If given this parameter **must** match the path of an existing directory or the application will quit reporting an error; if not given the path used will be a `tmp` directory inside the gitbucket home.
 
-About installation on Mac or Windows Server (with IIS), configuration of Apache or Nginx and also integration with other tools or services such as Jenkins or Slack, see [Wiki](https://github.com/gitbucket/gitbucket/wiki).
+You can also deploy `gitbucket.war` to a servlet container which supports Servlet 3.0 (like Jetty, Tomcat, JBoss, etc)
 
-Plug-ins
+For more information about installation on Mac or Windows Server (with IIS), or configuration of Apache or Nginx and also integration with other tools or services such as Jenkins or Slack, see [Wiki](https://github.com/gitbucket/gitbucket/wiki).
+
+To upgrade GitBucket, replace `gitbucket.war` with the new version, after stopping GitBucket. All GitBucket data is stored in `HOME/.gitbucket` by default. So if you want to back up GitBucket's data, copy this directory to the backup location.
+
+Plugins
 --------
-GitBucket has the plug-in system to extend GitBucket from outside of GitBucket. Some plug-ins are available now:
+GitBucket has a plug-in system to allow extensions to GitBucket. We provide some official plug-ins:
 
 - [gitbucket-gist-plugin](https://github.com/gitbucket/gitbucket-gist-plugin)
-- [gitbucket-announce-plugin](https://github.com/gitbucket-plugins/gitbucket-announce-plugin)
-- [gitbucket-h2-backup-plugin](https://github.com/gitbucket-plugins/gitbucket-h2-backup-plugin)
-- [gitbucket-desktopnotify-plugin](https://github.com/yoshiyoshifujii/gitbucket-desktopnotify-plugin)
-- [gitbucket-commitgraphs-plugin](https://github.com/yoshiyoshifujii/gitbucket-commitgraphs-plugin)
-- [gitbucket-asciidoctor-plugin](https://github.com/lefou/gitbucket-asciidoctor-plugin)
-- [gitbucket-network-plugin](https://github.com/mrkm4ntr/gitbucket-network-plugin)
+- [gitbucket-emoji-plugin](https://github.com/gitbucket/gitbucket-emoji-plugin)
 
-You can find community plugins other than them at [gitbucket community plugins](http://gitbucket-plugins.github.io/).
+You can find more plugins made by the community at [GitBucket community plugins](http://gitbucket-plugins.github.io/).
 
 Support
 --------
 
-- If you have any question about GitBucket, send it to [gitter room](https://gitter.im/gitbucket/gitbucket) before raise an issue.
-- Make sure check whether there is a same question or request in the past.
-- When raise a new issue, write subject in **English** at least.
-- We can also support in Japaneses other than English at [gitter room for Japanese](https://gitter.im/gitbucket/gitbucket_ja).
-- First priority of GitBucket is easy installation and API compatibility with GitHub, so we might reject if your request is against it.
+- If you have any questions about GitBucket, send it to the [gitter room](https://gitter.im/gitbucket/gitbucket) before opening an issue.
+- Make sure check whether there is the same question or request in the past.
+- When raise a new issue, write at least the subject in **English**.
+- We can also provide support in Japanese at [gitter room for Japanese](https://gitter.im/gitbucket/gitbucket_ja).
+- The first priority of GitBucket is easy installation and API compatibility with GitHub, so we might reject if your request is against it.
 
 Release Notes
 -------------
-### 4.2.1 - 3 Jul 2016
+### 4.10 - 25 Feb 2017
+- Update to Scala 2.12 and Scalatra 2.5
+- Display file size in the file viewer
 
+### 4.9 - 29 Jan 2017
+- GitLFS support
+- Template for issues and pull requests
+- Manual label color editing
+- Account description
+- `--tmp-dir` option for standalone mode
+- More APIs for issues
+  - [List issues for a repository](https://developer.github.com/v3/issues/#list-issues-for-a-repository)
+  - [Create an issue](https://developer.github.com/v3/issues/#create-an-issue)
+
+### 4.8 - 23 Dec 2016
+- Search for repository names from the global header
+- Filter repositories on the sidebar of the dashboard
+- Search issues and wiki
+- Keep pull request comments after new commits are pushed
+- New web API to get a single issue
+- Performance improvement for the repository viewer
+
+### 4.7.1 - 28 Nov 2016
+- Bug fix: group repositories are not shown in the your repositories list on the sidebar
+- Small performance improvement of the dashboard
+
+### 4.7 - 26 Nov 2016
+- New permission system
+- Dropdown filter for issue labels, milestones and assignees
+- Keep sidebar folding status
+- Link from milestone label to the issue list
+
+### 4.6 - 29 Oct 2016
+- Add disable option for forking
+- Add History button to wiki page
+- Git repository URL redirection for GitHub compatibility
+- Get-Content API improvement
+- Indicate who is group master in Members tab in group view
+
+### 4.5 - 29 Sep 2016
+- Attach files by dropping into textarea
+- Issues / Pull requests switcher in dashboard
+- HikariCP could be configured in `GITBUCKET_HOME/database.conf`
+- Improve Cookie security
+- Display commit count on the history button
+- Improve mobile view
+
+### 4.4 - 28 Aug 2016
+- Import a SQL dump file to the database
+- `go get` support in private repositories
+- Sort milestones by due date
+- apache-sshd has been updated to 1.2.0
+
+### 4.3 - 30 Jul 2016
+- Emoji support by [gitbucket-emoji-plugin](https://github.com/gitbucket/gitbucket-emoji-plugin)
+- User name suggestion
+- Add new web APIs and basic authentication support for API access
+- Root Endpoint
+  - [List endpoints](https://developer.github.com/v3/#root-endpoint)
+  - [List Branches](https://developer.github.com/v3/repos/branches/#list-branches)
+  - [Get contents](https://developer.github.com/v3/repos/contents/#get-contents)
+  - [Get a Reference](https://developer.github.com/v3/git/refs/#get-a-reference)
+  - [List Collaborators](https://developer.github.com/v3/repos/collaborators/#list-collaborators)
+  - [List user repositories](https://developer.github.com/v3/repos/#list-user-repositories)
+  - [Get a group](https://developer.github.com/v3/orgs/#get-an-organization)
+  - [List group repositories](https://developer.github.com/v3/repos/#list-organization-repositories)
+- Add new extension points
+  - `assetsMapping` : Supplies resources in plugin classpath as web assets
+  - `suggestionProvider` : Provides suggestion in the Markdown editing textarea
+  - `textDecorator` : Decorate text nodes in HTML which is converted from Markdown
+
+### 4.2.1 - 3 Jul 2016
 - Fix migration bug
 
-This bug is relevant to users who updated to 4.0 from 3.14. If your GitBucket had been updated from 3.14 to 4.0 or 4.1 then you must use this version instead of 4.2.
+This is hotfix for a critical bug in migration. If you are new installation, use 4.2.0. But if you have an exisiting installation and it had been updated to 4.0 from 3.x, you must update to 4.2.1.
 
 ### 4.2 - 2 Jul 2016
-
 - New UI based on [AdminLTE](https://github.com/almasaeed2010/AdminLTE)
 - git gc
 - Issues and Wiki have been possible to be disabled
 - SMTP configuration test mail
 
 ### 4.1 - 4 Jun 2016
-
 - Generic ssh user
 - Improve branch protection UI
 - Default value of pull request title
 
 ### 4.0 - 30 Apr 2016
-
 - MySQL and PostgreSQL support
 - Data export and import
 - Migration system has been switched to [solidbase](https://github.com/gitbucket/solidbase)
@@ -92,7 +158,6 @@ This bug is relevant to users who updated to 4.0 from 3.14. If your GitBucket ha
 **Note:** You can upgrade to GitBucket 4.0 from 3.14. If your GitBucket is 3.13 or before, you have to upgrade 3.14 at first.
 
 ### 3.14 - 30 Apr 2016
-
 - File attachment and search for wiki pages
 - New extension points to add menus
 - Content-Type of webhooks has been choosable

build.sbt

@@ -1,7 +1,7 @@
-val Organization = "gitbucket"
+val Organization = "io.github.gitbucket"
 val Name = "gitbucket"
-val GitBucketVersion = "4.2.1"
-val ScalatraVersion = "2.4.1"
+val GitBucketVersion = "4.10.0"
+val ScalatraVersion = "2.5.0"
 val JettyVersion = "9.3.9.v20160517"
 
 lazy val root = (project in file(".")).enablePlugins(SbtTwirl, JettyPlugin)
@@ -10,56 +10,56 @@ sourcesInBase := false
 organization := Organization
 name := Name
 version := GitBucketVersion
-scalaVersion := "2.11.8"
+scalaVersion := "2.12.1"
 
 // dependency settings
 resolvers ++= Seq(
   Classpaths.typesafeReleases,
+  Resolver.jcenterRepo,
   "amateras" at "http://amateras.sourceforge.jp/mvn/",
   "sonatype-snapshot" at "https://oss.sonatype.org/content/repositories/snapshots/",
   "amateras-snapshot" at "http://amateras.sourceforge.jp/mvn-snapshot/"
 )
 libraryDependencies ++= Seq(
-  "org.scala-lang.modules"   %% "scala-java8-compat"           % "0.7.0",
-  "org.eclipse.jgit"          % "org.eclipse.jgit.http.server" % "4.1.2.201602141800-r",
-  "org.eclipse.jgit"          % "org.eclipse.jgit.archive"     % "4.1.2.201602141800-r",
-  "org.scalatra"             %% "scalatra"                     % ScalatraVersion,
-  "org.scalatra"             %% "scalatra-json"                % ScalatraVersion,
-  "org.json4s"               %% "json4s-jackson"               % "3.3.0",
-  "io.github.gitbucket"      %% "scalatra-forms"               % "1.0.0",
-  "commons-io"                % "commons-io"                   % "2.4",
-  "io.github.gitbucket"       % "solidbase"                    % "1.0.0",
-  "io.github.gitbucket"       % "markedj"                      % "1.0.9-SNAPSHOT",
-  "org.apache.commons"        % "commons-compress"             % "1.11",
-  "org.apache.commons"        % "commons-email"                % "1.4",
-  "org.apache.httpcomponents" % "httpclient"                   % "4.5.1",
-  "org.apache.sshd"           % "apache-sshd"                  % "1.0.0",
-  "org.apache.tika"           % "tika-core"                    % "1.13",
-  "com.typesafe.slick"       %% "slick"                        % "2.1.0",
-  "com.novell.ldap"           % "jldap"                        % "2009-10-07",
-  "com.h2database"            % "h2"                           % "1.4.192",
-  "mysql"                     % "mysql-connector-java"         % "5.1.39",
-  "org.postgresql"            % "postgresql"                   % "9.4.1208",
-  "ch.qos.logback"            % "logback-classic"              % "1.1.7",
-  "com.zaxxer"                % "HikariCP"                     % "2.4.6",
-  "com.typesafe"              % "config"                       % "1.3.0",
-  "com.typesafe.akka"        %% "akka-actor"                   % "2.3.15",
-  "fr.brouillard.oss.security.xhub" % "xhub4j-core"            % "1.0.0",
-  "com.enragedginger"        %% "akka-quartz-scheduler"        % "1.4.0-akka-2.3.x" exclude("c3p0","c3p0"),
-  "org.eclipse.jetty"         % "jetty-webapp"                 % JettyVersion     % "provided",
-  "javax.servlet"             % "javax.servlet-api"            % "3.1.0"          % "provided",
-  "junit"                     % "junit"                        % "4.12"           % "test",
-  "org.scalatra"             %% "scalatra-scalatest"           % ScalatraVersion  % "test",
-  "org.scalaz"               %% "scalaz-core"                  % "7.2.4"          % "test",
-  "com.wix"                   % "wix-embedded-mysql"           % "1.0.3"          % "test",
-  "ru.yandex.qatools.embed"   % "postgresql-embedded"          % "1.14"           % "test"
+  "org.eclipse.jgit"                %  "org.eclipse.jgit.http.server" % "4.6.0.201612231935-r",
+  "org.eclipse.jgit"                %  "org.eclipse.jgit.archive"     % "4.6.0.201612231935-r",
+  "org.scalatra"                    %% "scalatra"                     % ScalatraVersion,
+  "org.scalatra"                    %% "scalatra-json"                % ScalatraVersion,
+  "org.json4s"                      %% "json4s-jackson"               % "3.5.0",
+  "io.github.gitbucket"             %% "scalatra-forms"               % "1.1.0",
+  "commons-io"                      %  "commons-io"                   % "2.4",
+  "io.github.gitbucket"             %  "solidbase"                    % "1.0.0",
+  "io.github.gitbucket"             %  "markedj"                      % "1.0.9",
+  "org.apache.commons"              %  "commons-compress"             % "1.11",
+  "org.apache.commons"              %  "commons-email"                % "1.4",
+  "org.apache.httpcomponents"       %  "httpclient"                   % "4.5.1",
+  "org.apache.sshd"                 %  "apache-sshd"                  % "1.2.0",
+  "org.apache.tika"                 %  "tika-core"                    % "1.13",
+  "com.github.takezoe"              %% "blocking-slick-32"            % "0.0.7",
+  "joda-time"                       %  "joda-time"                    % "2.9.6",
+  "com.novell.ldap"                 %  "jldap"                        % "2009-10-07",
+  "com.h2database"                  %  "h2"                           % "1.4.192",
+  "mysql"                           %  "mysql-connector-java"         % "5.1.39",
+  "org.postgresql"                  %  "postgresql"                   % "9.4.1208",
+  "ch.qos.logback"                  %  "logback-classic"              % "1.1.7",
+  "com.zaxxer"                      %  "HikariCP"                     % "2.4.6",
+  "com.typesafe"                    %  "config"                       % "1.3.0",
+  "com.typesafe.akka"               %% "akka-actor"                   % "2.4.12",
+  "fr.brouillard.oss.security.xhub" %  "xhub4j-core"                  % "1.0.0",
+  "com.github.bkromhout"            %  "java-diff-utils"              % "2.1.1",
+  "org.cache2k"                     %  "cache2k-all"                  % "1.0.0.CR1",
+  "com.enragedginger"               %% "akka-quartz-scheduler"        % "1.6.0-akka-2.4.x" exclude("c3p0","c3p0"),
+  "net.coobird"                     %  "thumbnailator"                % "0.4.8",
+  "org.eclipse.jetty"               %  "jetty-webapp"                 % JettyVersion     % "provided",
+  "javax.servlet"                   %  "javax.servlet-api"            % "3.1.0"          % "provided",
+  "junit"                           %  "junit"                        % "4.12"           % "test",
+  "org.scalatra"                    %% "scalatra-scalatest"           % ScalatraVersion  % "test",
+  "com.wix"                         %  "wix-embedded-mysql"           % "2.1.4"          % "test",
+  "ru.yandex.qatools.embed"         %  "postgresql-embedded"          % "1.14"           % "test"
 )
 
-// Twirl settings
-play.twirl.sbt.Import.TwirlKeys.templateImports += "gitbucket.core._"
-
 // Compiler settings
-scalacOptions := Seq("-deprecation", "-language:postfixOps", "-Ybackend:GenBCode", "-Ydelambdafy:method", "-target:jvm-1.8")
+scalacOptions := Seq("-deprecation", "-language:postfixOps", "-Ydelambdafy:method", "-target:jvm-1.8")
 javacOptions in compile ++= Seq("-target", "8", "-source", "8")
 javaOptions in Jetty += "-Dlogback.configurationFile=/logback-dev.xml"
 
@@ -109,7 +109,6 @@ libraryDependencies ++= Seq(
 
 val executableKey = TaskKey[File]("executable")
 executableKey := {
-  import org.apache.ivy.util.ChecksumHelper
   import java.util.jar.{ Manifest => JarManifest }
   import java.util.jar.Attributes.{ Name => AttrName }
 
@@ -167,9 +166,55 @@ executableKey := {
   log info s"built executable webapp ${outputFile}"
   outputFile
 }
-/*
-Keys.artifact in (Compile, executableKey) ~= {
-    _ copy (`type` = "war", extension = "war"))
+publishTo := {
+  val nexus = "https://oss.sonatype.org/"
+  if (version.value.trim.endsWith("SNAPSHOT")) Some("snapshots" at nexus + "content/repositories/snapshots")
+  else                             Some("releases"  at nexus + "service/local/staging/deploy/maven2")
 }
-addArtifact(Keys.artifact in (Compile, executableKey), executableKey)
-*/
+publishMavenStyle := true
+pomIncludeRepository := { _ => false }
+pomExtra := (
+  <url>https://github.com/gitbucket/gitbucket</url>
+  <licenses>
+    <license>
+      <name>The Apache Software License, Version 2.0</name>
+      <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+    </license>
+  </licenses>
+  <scm>
+    <url>https://github.com/gitbucket/gitbucket</url>
+    <connection>scm:git:https://github.com/gitbucket/gitbucket.git</connection>
+  </scm>
+  <developers>
+    <developer>
+      <id>takezoe</id>
+      <name>Naoki Takezoe</name>
+      <url>https://github.com/takezoe</url>
+    </developer>
+    <developer>
+      <id>shimamoto</id>
+      <name>Takako Shimamoto</name>
+      <url>https://github.com/shimamoto</url>
+    </developer>
+    <developer>
+      <id>tanacasino</id>
+      <name>Tomofumi Tanaka</name>
+      <url>https://github.com/tanacasino</url>
+    </developer>
+    <developer>
+      <id>mrkm4ntr</id>
+      <name>Shintaro Murakami</name>
+      <url>https://github.com/mrkm4ntr</url>
+    </developer>
+    <developer>
+      <id>nazoking</id>
+      <name>nazoking</name>
+      <url>https://github.com/nazoking</url>
+    </developer>
+    <developer>
+      <id>McFoggy</id>
+      <name>Matthieu Brouillard</name>
+      <url>https://github.com/McFoggy</url>
+    </developer>
+  </developers>
+)

contrib/linux/redhat/README.md

@@ -3,6 +3,7 @@
 RPM spec file and init script for Red Hat Enterprise Linux 6.x. 
 
 To create RPM:
+
 1. Edit `../../gitbucket.conf` to suit.
 2. Edit `gitbucket.init` to suit.
 3. Edit `gitbucket.spec` to suit.

doc/release.md

@@ -46,9 +46,10 @@ $ sbt executable
 
 ### Deploy assembly jar file
 
-For plug-in development, we have to publish the assembly jar file to the public Maven repository by `release/deploy-assembly-jar.sh`.
+For plug-in development, we have to publish the GitBucket jar file to the Maven central repository as well. At first, hit following command to publish artifacts to the sonatype OSS repository:
 
 ```bash
-$ cd release/
-$ ./deploy-assembly-jar.sh
+$ sbt publish-signed
 ```
+
+Then operate release sequence at https://oss.sonatype.org/.

project/build.properties

@@ -1 +1 @@
-sbt.version=0.13.11
+sbt.version=0.13.13

project/plugins.sbt

@@ -1,6 +1,8 @@
 scalacOptions ++= Seq("-unchecked", "-deprecation", "-feature")
 
-addSbtPlugin("com.typesafe.sbt" % "sbt-twirl"       % "1.0.4")
-addSbtPlugin("com.eed3si9n"     % "sbt-assembly"    % "0.12.0")
-addSbtPlugin("com.earldouglas"  % "xsbt-web-plugin" % "2.1.0")
+addSbtPlugin("com.typesafe.sbt"     % "sbt-twirl"         % "1.3.0")
+addSbtPlugin("com.eed3si9n"         % "sbt-assembly"      % "0.14.3")
+addSbtPlugin("com.earldouglas"      % "xsbt-web-plugin"   % "2.1.1")
 addSbtPlugin("fi.gekkio.sbtplugins" % "sbt-jrebel-plugin" % "0.10.0")
+addSbtPlugin("com.typesafe.sbt"     % "sbt-pgp"           % "0.8.3")
+addSbtPlugin("io.get-coursier"      % "sbt-coursier"      % "1.0.0-M15")

project/project/plugins.sbt

@@ -0,0 +1 @@
+addSbtPlugin("io.get-coursier" % "sbt-coursier" % "1.0.0-M15")

release/deploy-assembly-jar.sh

@@ -1,24 +0,0 @@
-#!/bin/sh
-. ./env.sh
-
-cd ../
-./sbt.sh clean assembly
-
-cd release
-
-if [[ "$GITBUCKET_VERSION" =~ -SNAPSHOT$ ]]; then
-  MVN_DEPLOY_PATH=mvn-snapshot
-else
-  MVN_DEPLOY_PATH=mvn
-fi
-
-echo $MVN_DEPLOY_PATH
-
-mvn deploy:deploy-file \
-  -DgroupId=gitbucket\
-  -DartifactId=gitbucket-assembly\
-  -Dversion=$GITBUCKET_VERSION\
-  -Dpackaging=jar\
-  -Dfile=../target/scala-2.11/gitbucket-assembly-$GITBUCKET_VERSION.jar\
-  -DrepositoryId=sourceforge.jp\
-  -Durl=scp://shell.sourceforge.jp/home/groups/a/am/amateras/htdocs/$MVN_DEPLOY_PATH/

release/env.sh

@@ -1,3 +0,0 @@
-#!/bin/sh
-export GITBUCKET_VERSION=`cat ../build.sbt | grep 'val GitBucketVersion' | cut -d \" -f 2`
-echo "GITBUCKET_VERSION: $GITBUCKET_VERSION"

release/pom.xml

@@ -1,17 +0,0 @@
-<?xml version="1.0"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-    <modelVersion>4.0.0</modelVersion>
-    <groupId>jp.sf.amateras</groupId>
-    <artifactId>gitbucket-assembly</artifactId>
-    <version>0.0.1</version>
-    <build>
-        <extensions>
-            <extension>
-                <groupId>org.apache.maven.wagon</groupId>
-                <artifactId>wagon-ssh</artifactId>
-                <version>2.10</version>
-            </extension>
-        </extensions>
-    </build>
-</project>

sbt.bat

@@ -1,2 +1,2 @@
 set SCRIPT_DIR=%~dp0
-java %JAVA_OPTS% -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar "%SCRIPT_DIR%\sbt-launch-0.13.9.jar" %*
+java %JAVA_OPTS% -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar "%SCRIPT_DIR%\sbt-launch-0.13.12.jar" %*

sbt.sh

@@ -1,2 +1,2 @@
 #!/bin/sh
-java $JAVA_OPTS -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar `dirname $0`/sbt-launch-0.13.9.jar "$@"
+java $JAVA_OPTS -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar `dirname $0`/sbt-launch-0.13.12.jar "$@"

src/main/java/JettyLauncher.java

@@ -3,13 +3,16 @@ import org.eclipse.jetty.webapp.WebAppContext;
 
 import java.io.File;
 import java.net.URL;
+import java.net.InetSocketAddress;
 import java.security.ProtectionDomain;
 
 public class JettyLauncher {
     public static void main(String[] args) throws Exception {
         String host = null;
         int port = 8080;
+        InetSocketAddress address = null;
         String contextPath = "/";
+        String tmpDirPath="";
         boolean forceHttps = false;
 
         for(String arg: args) {
@@ -22,14 +25,25 @@ public class JettyLauncher {
                         port = Integer.parseInt(dim[1]);
                     } else if(dim[0].equals("--prefix")) {
                         contextPath = dim[1];
+                        if(!contextPath.startsWith("/")){
+                            contextPath = "/" + contextPath;
+                        }
                     } else if(dim[0].equals("--gitbucket.home")){
                         System.setProperty("gitbucket.home", dim[1]);
+                    } else if(dim[0].equals("--temp_dir")){
+                        tmpDirPath = dim[1];
                     }
                 }
             }
         }
 
-        Server server = new Server(port);
+        if(host != null) {
+            address = new InetSocketAddress(host, port);
+        } else {
+            address = new InetSocketAddress(port);
+        }
+
+        Server server = new Server(address);
 
 //        SelectChannelConnector connector = new SelectChannelConnector();
 //        if(host != null) {
@@ -42,9 +56,21 @@ public class JettyLauncher {
 
         WebAppContext context = new WebAppContext();
 
-        File tmpDir = new File(getGitBucketHome(), "tmp");
-        if(!tmpDir.exists()){
-            tmpDir.mkdirs();
+        File tmpDir;
+        if(tmpDirPath.equals("")){
+            tmpDir = new File(getGitBucketHome(), "tmp");
+            if(!tmpDir.exists()){
+                tmpDir.mkdirs();
+            }
+        } else {
+            tmpDir = new File(tmpDirPath);
+            if(!tmpDir.exists()){
+                throw new java.io.FileNotFoundException(
+                    String.format("temp_dir \"%s\" not found", tmpDirPath));
+            } else if(!tmpDir.isDirectory()) {
+                throw new IllegalArgumentException(
+                    String.format("temp_dir \"%s\" is not a directory", tmpDirPath));
+            }
         }
         context.setTempDirectory(tmpDir);
 
@@ -60,6 +86,8 @@ public class JettyLauncher {
         }
 
         server.setHandler(context);
+        server.setStopAtShutdown(true);
+        server.setStopTimeout(7_000);
         server.start();
         server.join();
     }

src/main/resources/update/gitbucket-core_4.6.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<changeSet>
+    <addColumn tableName="REPOSITORY">
+        <column name="ALLOW_FORK" type="boolean" nullable="false" defaultValueBoolean="true"/>
+    </addColumn>
+</changeSet>

src/main/resources/update/gitbucket-core_4.7.sql

@@ -0,0 +1,2 @@
+-- DELETE COLLABORATORS IN GROUP REPOSITORIES
+DELETE FROM COLLABORATOR WHERE USER_NAME IN (SELECT USER_NAME FROM ACCOUNT WHERE GROUP_ACCOUNT = TRUE)

src/main/resources/update/gitbucket-core_4.7.xml

@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<changeSet>
+    <addColumn tableName="COLLABORATOR">
+        <column name="ROLE" type="varchar(10)" nullable="false" defaultValue="ADMIN"/>
+    </addColumn>
+    <addColumn tableName="REPOSITORY">
+        <column name="WIKI_OPTION" type="varchar(10)" nullable="false" defaultValue="DISABLE"/>
+        <column name="ISSUES_OPTION" type="varchar(10)" nullable="false" defaultValue="DISABLE"/>
+    </addColumn>
+    <update tableName="REPOSITORY">
+        <column name="WIKI_OPTION" value="DISABLE"/>
+        <where>ENABLE_WIKI = FALSE</where>
+    </update>
+    <update tableName="REPOSITORY">
+        <column name="WIKI_OPTION" value="PRIVATE"/>
+        <where>ENABLE_WIKI = TRUE AND ALLOW_WIKI_EDITING = FALSE</where>
+    </update>
+    <update tableName="REPOSITORY">
+        <column name="WIKI_OPTION" value="PUBLIC"/>
+        <where>ENABLE_WIKI = TRUE AND ALLOW_WIKI_EDITING = TRUE</where>
+    </update>
+    <update tableName="REPOSITORY">
+        <column name="ISSUES_OPTION" value="DISABLE"/>
+        <where>ENABLE_ISSUES = FALSE</where>
+    </update>
+    <update tableName="REPOSITORY">
+        <column name="ISSUES_OPTION" value="PUBLIC"/>
+        <where>ENABLE_ISSUES = TRUE</where>
+    </update>
+    <dropColumn tableName="REPOSITORY" columnName="ENABLE_WIKI"/>
+    <dropColumn tableName="REPOSITORY" columnName="ALLOW_WIKI_EDITING"/>
+    <dropColumn tableName="REPOSITORY" columnName="ENABLE_ISSUES"/>
+</changeSet>

src/main/resources/update/gitbucket-core_4.9.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<changeSet>
+  <addColumn tableName="ACCOUNT">
+    <column name="DESCRIPTION" type="text" nullable="true" />
+  </addColumn>
+</changeSet>

src/main/scala/ScalatraBootstrap.scala

@@ -1,24 +1,33 @@
 
-import gitbucket.core.controller._
-import gitbucket.core.plugin.PluginRegistry
-import gitbucket.core.servlet.{AccessTokenAuthenticationFilter, BasicAuthenticationFilter, Database, TransactionFilter}
-import gitbucket.core.util.Directory
-
 import java.util.EnumSet
 import javax.servlet._
 
+import gitbucket.core.controller._
+import gitbucket.core.plugin.PluginRegistry
+import gitbucket.core.service.SystemSettingsService
+import gitbucket.core.servlet._
+import gitbucket.core.util.Directory
 import org.scalatra._
 
 
-class ScalatraBootstrap extends LifeCycle {
+class ScalatraBootstrap extends LifeCycle with SystemSettingsService {
   override def init(context: ServletContext) {
+
+    val settings = loadSystemSettings()
+    if(settings.baseUrl.exists(_.startsWith("https://"))) {
+      context.getSessionCookieConfig.setSecure(true)
+    }
+
     // Register TransactionFilter and BasicAuthenticationFilter at first
     context.addFilter("transactionFilter", new TransactionFilter)
     context.getFilterRegistration("transactionFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/*")
-    context.addFilter("basicAuthenticationFilter", new BasicAuthenticationFilter)
-    context.getFilterRegistration("basicAuthenticationFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/git/*")
-    context.addFilter("accessTokenAuthenticationFilter", new AccessTokenAuthenticationFilter)
-    context.getFilterRegistration("accessTokenAuthenticationFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/api/v3/*")
+    context.addFilter("gitAuthenticationFilter", new GitAuthenticationFilter)
+    context.getFilterRegistration("gitAuthenticationFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/git/*")
+    context.addFilter("apiAuthenticationFilter", new ApiAuthenticationFilter)
+    context.getFilterRegistration("apiAuthenticationFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/api/v3/*")
+    context.addFilter("ghCompatRepositoryAccessFilter", new GHCompatRepositoryAccessFilter)
+    context.getFilterRegistration("ghCompatRepositoryAccessFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/*")
+
     // Register controllers
     context.mount(new AnonymousAccessController, "/*")
 

src/main/scala/gitbucket/core/GitBucketCoreModule.scala

@@ -12,5 +12,21 @@ object GitBucketCoreModule extends Module("gitbucket-core",
   new Version("4.2.0",
     new LiquibaseMigration("update/gitbucket-core_4.2.xml")
   ),
-  new Version("4.2.1")
+  new Version("4.2.1"),
+  new Version("4.3.0"),
+  new Version("4.4.0"),
+  new Version("4.5.0"),
+  new Version("4.6.0",
+    new LiquibaseMigration("update/gitbucket-core_4.6.xml")
+  ),
+  new Version("4.7.0",
+    new LiquibaseMigration("update/gitbucket-core_4.7.xml"),
+    new SqlMigration("update/gitbucket-core_4.7.sql")
+  ),
+  new Version("4.7.1"),
+  new Version("4.8"),
+  new Version("4.9.0",
+    new LiquibaseMigration("update/gitbucket-core_4.9.xml")
+  ),
+  new Version("4.10.0")
 )

src/main/scala/gitbucket/core/api/ApiBranch.scala

@@ -14,3 +14,10 @@ case class ApiBranch(
    "self" -> ApiPath(s"/api/v3/repos/${repositoryName.fullName}/branches/${name}"),
    "html" -> ApiPath(s"/${repositoryName.fullName}/tree/${name}"))
 }
+
+case class ApiBranchCommit(sha: String)
+
+case class ApiBranchForList(
+  name: String,
+  commit: ApiBranchCommit
+)

src/main/scala/gitbucket/core/api/ApiContents.scala

@@ -0,0 +1,18 @@
+package gitbucket.core.api
+
+import gitbucket.core.util.JGitUtil.FileInfo
+import org.apache.commons.codec.binary.Base64
+
+case class ApiContents(`type`: String, name: String, content: Option[String], encoding: Option[String])
+
+object ApiContents{
+  def apply(fileInfo: FileInfo, content: Option[Array[Byte]]): ApiContents = {
+    if(fileInfo.isDirectory) {
+      ApiContents("dir", fileInfo.name, None, None)
+    } else {
+      content.map(arr =>
+        ApiContents("file", fileInfo.name, Some(Base64.encodeBase64String(arr)), Some("base64"))
+      ).getOrElse(ApiContents("file", fileInfo.name, None, None))
+    }
+  }
+}

src/main/scala/gitbucket/core/api/ApiEndPoint.scala

@@ -0,0 +1,3 @@
+package gitbucket.core.api
+
+case class ApiEndPoint(rate_limit_url: ApiPath = ApiPath("/api/v3/rate_limit"))

src/main/scala/gitbucket/core/api/ApiPullRequest.scala

@@ -1,7 +1,6 @@
 package gitbucket.core.api
 
-import gitbucket.core.model.{Issue, PullRequest}
-
+import gitbucket.core.model.{Account, Issue, IssueComment, PullRequest}
 import java.util.Date
 
 
@@ -15,6 +14,9 @@ case class ApiPullRequest(
   head: ApiPullRequest.Commit,
   base: ApiPullRequest.Commit,
   mergeable: Option[Boolean],
+  merged: Boolean,
+  merged_at: Option[Date],
+  merged_by: Option[ApiUser],
   title: String,
   body: String,
   user: ApiUser) {
@@ -31,7 +33,14 @@ case class ApiPullRequest(
 }
 
 object ApiPullRequest{
-  def apply(issue: Issue, pullRequest: PullRequest, headRepo: ApiRepository, baseRepo: ApiRepository, user: ApiUser): ApiPullRequest =
+  def apply(
+    issue: Issue,
+    pullRequest: PullRequest,
+    headRepo: ApiRepository,
+    baseRepo: ApiRepository,
+    user: ApiUser,
+    mergedComment: Option[(IssueComment, Account)]
+  ): ApiPullRequest =
     ApiPullRequest(
       number     = issue.issueId,
       updated_at = issue.updatedDate,
@@ -45,6 +54,9 @@ object ApiPullRequest{
                      ref  = pullRequest.branch,
                      repo = baseRepo)(issue.userName),
       mergeable  = None, // TODO: need check mergeable.
+      merged     = mergedComment.isDefined,
+      merged_at  = mergedComment.map { case (comment, _) => comment.registeredDate },
+      merged_by  = mergedComment.map { case (_, account) => ApiUser(account) },
       title      = issue.title,
       body       = issue.content.getOrElse(""),
       user       = user

src/main/scala/gitbucket/core/api/ApiRef.scala

@@ -0,0 +1,5 @@
+package gitbucket.core.api
+
+case class ApiObject(sha: String)
+
+case class ApiRef(ref: String, `object`: ApiObject)

src/main/scala/gitbucket/core/api/ApiUser.scala

@@ -13,6 +13,7 @@ case class ApiUser(
   created_at: Date) {
   val url                 = ApiPath(s"/api/v3/users/${login}")
   val html_url            = ApiPath(s"/${login}")
+  val avatar_url          = ApiPath(s"/${login}/_avatar")
   // val followers_url       = ApiPath(s"/api/v3/users/${login}/followers")
   // val following_url       = ApiPath(s"/api/v3/users/${login}/following{/other_user}")
   // val gists_url           = ApiPath(s"/api/v3/users/${login}/gists{/gist_id}")
@@ -29,7 +30,7 @@ object ApiUser{
   def apply(user: Account): ApiUser = ApiUser(
     login      = user.userName,
     email      = user.mailAddress,
-    `type`     = if(user.isGroupAccount){ "Organization" }else{ "User" },
+    `type`     = if(user.isGroupAccount){ "Organization" } else { "User" },
     site_admin = user.isAdmin,
     created_at = user.registeredDate
   )

src/main/scala/gitbucket/core/api/CreateARepository.scala

@@ -11,7 +11,7 @@ case class CreateARepository(
     auto_init: Boolean = false
 ) {
   def isValid: Boolean = {
-    name.length<=40 &&
+    name.length <= 100 &&
         name.matches("[a-zA-Z0-9\\-\\+_.]+") &&
         !name.startsWith("_") &&
         !name.startsWith("-")

src/main/scala/gitbucket/core/api/CreateAnIssue.scala

@@ -0,0 +1,11 @@
+package gitbucket.core.api
+
+/**
+  * https://developer.github.com/v3/issues/#create-an-issue
+  */
+case class CreateAnIssue(
+    title: String,
+    body: Option[String],
+    assignees: List[String],
+    milestone: Option[Int],
+    labels: List[String])

src/main/scala/gitbucket/core/controller/AccountController.scala

@@ -14,6 +14,7 @@ import gitbucket.core.util._
 import io.github.gitbucket.scalatra.forms._
 import org.apache.commons.io.FileUtils
 import org.scalatra.i18n.Messages
+import org.scalatra.BadRequest
 
 
 class AccountController extends AccountControllerBase
@@ -28,20 +29,21 @@ trait AccountControllerBase extends AccountManagementControllerBase {
     with AccessTokenService with WebHookService with RepositoryCreationService =>
 
   case class AccountNewForm(userName: String, password: String, fullName: String, mailAddress: String,
-                            url: Option[String], fileId: Option[String])
+                            description: Option[String], url: Option[String], fileId: Option[String])
 
   case class AccountEditForm(password: Option[String], fullName: String, mailAddress: String,
-                             url: Option[String], fileId: Option[String], clearImage: Boolean)
+                             description: Option[String], url: Option[String], fileId: Option[String], clearImage: Boolean)
 
   case class SshKeyForm(title: String, publicKey: String)
 
   case class PersonalTokenForm(note: String)
 
   val newForm = mapping(
-    "userName"    -> trim(label("User name"    , text(required, maxlength(100), identifier, uniqueUserName))),
+    "userName"    -> trim(label("User name"    , text(required, maxlength(100), identifier, uniqueUserName, reservedNames))),
     "password"    -> trim(label("Password"     , text(required, maxlength(20)))),
     "fullName"    -> trim(label("Full Name"    , text(required, maxlength(100)))),
     "mailAddress" -> trim(label("Mail Address" , text(required, maxlength(100), uniqueMailAddress()))),
+    "description" -> trim(label("bio"          , optional(text()))),
     "url"         -> trim(label("URL"          , optional(text(maxlength(200))))),
     "fileId"      -> trim(label("File ID"      , optional(text())))
   )(AccountNewForm.apply)
@@ -50,6 +52,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
     "password"    -> trim(label("Password"     , optional(text(maxlength(20))))),
     "fullName"    -> trim(label("Full Name"    , text(required, maxlength(100)))),
     "mailAddress" -> trim(label("Mail Address" , text(required, maxlength(100), uniqueMailAddress("userName")))),
+    "description" -> trim(label("bio"          , optional(text()))),
     "url"         -> trim(label("URL"          , optional(text(maxlength(200))))),
     "fileId"      -> trim(label("File ID"      , optional(text()))),
     "clearImage"  -> trim(label("Clear image"  , boolean()))
@@ -64,11 +67,12 @@ trait AccountControllerBase extends AccountManagementControllerBase {
     "note"     -> trim(label("Token", text(required, maxlength(100))))
   )(PersonalTokenForm.apply)
 
-  case class NewGroupForm(groupName: String, url: Option[String], fileId: Option[String], members: String)
-  case class EditGroupForm(groupName: String, url: Option[String], fileId: Option[String], members: String, clearImage: Boolean)
+  case class NewGroupForm(groupName: String, description: Option[String], url: Option[String], fileId: Option[String], members: String)
+  case class EditGroupForm(groupName: String, description: Option[String], url: Option[String], fileId: Option[String], members: String, clearImage: Boolean)
 
   val newGroupForm = mapping(
-    "groupName" -> trim(label("Group name" ,text(required, maxlength(100), identifier, uniqueUserName))),
+    "groupName" -> trim(label("Group name" ,text(required, maxlength(100), identifier, uniqueUserName, reservedNames))),
+    "description" -> trim(label("Group description", optional(text()))),
     "url"       -> trim(label("URL"        ,optional(text(maxlength(200))))),
     "fileId"    -> trim(label("File ID"    ,optional(text()))),
     "members"   -> trim(label("Members"    ,text(required, members)))
@@ -76,6 +80,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
 
   val editGroupForm = mapping(
     "groupName"  -> trim(label("Group name"  ,text(required, maxlength(100), identifier))),
+    "description" -> trim(label("Group description", optional(text()))),
     "url"        -> trim(label("URL"         ,optional(text(maxlength(200))))),
     "fileId"     -> trim(label("File ID"     ,optional(text()))),
     "members"    -> trim(label("Members"     ,text(required, members))),
@@ -120,7 +125,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
         // Members
         case "members" if(account.isGroupAccount) => {
           val members = getGroupMembers(account.userName)
-          gitbucket.core.account.html.members(account, members.map(_.userName),
+          gitbucket.core.account.html.members(account, members,
             context.loginAccount.exists(x => members.exists { member => member.userName == x.userName && member.isManager }))
         }
 
@@ -133,7 +138,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
             context.loginAccount.exists(x => members.exists { member => member.userName == x.userName && member.isManager }))
         }
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   }
 
   get("/:userName.atom") {
@@ -156,7 +161,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
     val userName = params("userName")
     getAccountByUserName(userName).map { x =>
       html.edit(x, flash.get("info"), flash.get("error"))
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   post("/:userName/_edit", editForm)(oneselfOnly { form =>
@@ -166,13 +171,14 @@ trait AccountControllerBase extends AccountManagementControllerBase {
         password    = form.password.map(sha1).getOrElse(account.password),
         fullName    = form.fullName,
         mailAddress = form.mailAddress,
+        description = form.description,
         url         = form.url))
 
       updateImage(userName, form.fileId, form.clearImage)
       flash += "info" -> "Account information has been updated."
       redirect(s"/${userName}/_edit")
 
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   get("/:userName/_delete")(oneselfOnly {
@@ -196,14 +202,14 @@ trait AccountControllerBase extends AccountManagementControllerBase {
         session.invalidate
         redirect("/")
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   get("/:userName/_ssh")(oneselfOnly {
     val userName = params("userName")
     getAccountByUserName(userName).map { x =>
       html.ssh(x, getPublicKeys(x.userName))
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   post("/:userName/_ssh", sshKeyForm)(oneselfOnly { form =>
@@ -234,7 +240,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
         case _ => None
       }
       html.application(x, tokens, generatedToken)
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   post("/:userName/_personalToken", personalTokenForm)(oneselfOnly { form =>
@@ -260,15 +266,15 @@ trait AccountControllerBase extends AccountManagementControllerBase {
       } else {
         html.register()
       }
-    } else NotFound
+    } else NotFound()
   }
 
   post("/register", newForm){ form =>
     if(context.settings.allowAccountRegistration){
-      createAccount(form.userName, sha1(form.password), form.fullName, form.mailAddress, false, form.url)
+      createAccount(form.userName, sha1(form.password), form.fullName, form.mailAddress, false, form.description, form.url)
       updateImage(form.userName, form.fileId, false)
       redirect("/signin")
-    } else NotFound
+    } else NotFound()
   }
 
   get("/groups/new")(usersOnly {
@@ -276,7 +282,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
   })
 
   post("/groups/new", newGroupForm)(usersOnly { form =>
-    createGroup(form.groupName, form.url)
+    createGroup(form.groupName, form.description, form.url)
     updateGroupMembers(form.groupName, form.members.split(",").map {
       _.split(":") match {
         case Array(userName, isManager) => (userName, isManager.toBoolean)
@@ -314,22 +320,22 @@ trait AccountControllerBase extends AccountManagementControllerBase {
       }
     }.toList){ case (groupName, members) =>
       getAccountByUserName(groupName, true).map { account =>
-        updateGroup(groupName, form.url, false)
+        updateGroup(groupName, form.description, form.url, false)
 
         // Update GROUP_MEMBER
         updateGroupMembers(form.groupName, members)
-        // Update COLLABORATOR for group repositories
-        getRepositoryNamesOfUser(form.groupName).foreach { repositoryName =>
-          removeCollaborators(form.groupName, repositoryName)
-          members.foreach { case (userName, isManager) =>
-            addCollaborator(form.groupName, repositoryName, userName)
-          }
-        }
+//        // Update COLLABORATOR for group repositories
+//        getRepositoryNamesOfUser(form.groupName).foreach { repositoryName =>
+//          removeCollaborators(form.groupName, repositoryName)
+//          members.foreach { case (userName, isManager) =>
+//            addCollaborator(form.groupName, repositoryName, userName)
+//          }
+//        }
 
         updateImage(form.groupName, form.fileId, form.clearImage)
         redirect(s"/${form.groupName}")
 
-      } getOrElse NotFound
+      } getOrElse NotFound()
     }
   })
 
@@ -355,76 +361,80 @@ trait AccountControllerBase extends AccountManagementControllerBase {
   })
 
   get("/:owner/:repository/fork")(readableUsersOnly { repository =>
-    val loginAccount   = context.loginAccount.get
-    val loginUserName  = loginAccount.userName
-    val groups         = getGroupsByUserName(loginUserName)
-    groups match {
-      case _: List[String] =>
-        val managerPermissions = groups.map { group =>
-          val members = getGroupMembers(group)
-          context.loginAccount.exists(x => members.exists { member => member.userName == x.userName && member.isManager })
-        }
-        helper.html.forkrepository(
-          repository,
-          (groups zip managerPermissions).toMap
-        )
-      case _ => redirect(s"/${loginUserName}")
-    }
+    if(repository.repository.options.allowFork){
+      val loginAccount   = context.loginAccount.get
+      val loginUserName  = loginAccount.userName
+      val groups         = getGroupsByUserName(loginUserName)
+      groups match {
+        case _: List[String] =>
+          val managerPermissions = groups.map { group =>
+            val members = getGroupMembers(group)
+            context.loginAccount.exists(x => members.exists { member => member.userName == x.userName && member.isManager })
+          }
+          helper.html.forkrepository(
+            repository,
+            (groups zip managerPermissions).toMap
+          )
+        case _ => redirect(s"/${loginUserName}")
+      }
+    } else BadRequest()
   })
 
   post("/:owner/:repository/fork", accountForm)(readableUsersOnly { (form, repository) =>
-    val loginAccount  = context.loginAccount.get
-    val loginUserName = loginAccount.userName
-    val accountName   = form.accountName
+    if(repository.repository.options.allowFork){
+      val loginAccount  = context.loginAccount.get
+      val loginUserName = loginAccount.userName
+      val accountName   = form.accountName
 
-    LockUtil.lock(s"${accountName}/${repository.name}"){
-      if(getRepository(accountName, repository.name).isDefined ||
-          (accountName != loginUserName && !getGroupsByUserName(loginUserName).contains(accountName))){
-        // redirect to the repository if repository already exists
-        redirect(s"/${accountName}/${repository.name}")
-      } else {
-        // Insert to the database at first
-        val originUserName = repository.repository.originUserName.getOrElse(repository.owner)
-        val originRepositoryName = repository.repository.originRepositoryName.getOrElse(repository.name)
+      LockUtil.lock(s"${accountName}/${repository.name}"){
+        if(getRepository(accountName, repository.name).isDefined ||
+            (accountName != loginUserName && !getGroupsByUserName(loginUserName).contains(accountName))){
+          // redirect to the repository if repository already exists
+          redirect(s"/${accountName}/${repository.name}")
+        } else {
+          // Insert to the database at first
+          val originUserName = repository.repository.originUserName.getOrElse(repository.owner)
+          val originRepositoryName = repository.repository.originRepositoryName.getOrElse(repository.name)
 
-        insertRepository(
-          repositoryName       = repository.name,
-          userName             = accountName,
-          description          = repository.repository.description,
-          isPrivate            = repository.repository.isPrivate,
-          originRepositoryName = Some(originRepositoryName),
-          originUserName       = Some(originUserName),
-          parentRepositoryName = Some(repository.name),
-          parentUserName       = Some(repository.owner)
-        )
+          insertRepository(
+            repositoryName       = repository.name,
+            userName             = accountName,
+            description          = repository.repository.description,
+            isPrivate            = repository.repository.isPrivate,
+            originRepositoryName = Some(originRepositoryName),
+            originUserName       = Some(originUserName),
+            parentRepositoryName = Some(repository.name),
+            parentUserName       = Some(repository.owner)
+          )
 
-        // Add collaborators for group repository
-        val ownerAccount = getAccountByUserName(accountName).get
-        if(ownerAccount.isGroupAccount){
-          getGroupMembers(accountName).foreach { member =>
-            addCollaborator(accountName, repository.name, member.userName)
-          }
+//          // Add collaborators for group repository
+//          val ownerAccount = getAccountByUserName(accountName).get
+//          if(ownerAccount.isGroupAccount){
+//            getGroupMembers(accountName).foreach { member =>
+//              addCollaborator(accountName, repository.name, member.userName)
+//            }
+//          }
+
+          // Insert default labels
+          insertDefaultLabels(accountName, repository.name)
+
+          // clone repository actually
+          JGitUtil.cloneRepository(
+            getRepositoryDir(repository.owner, repository.name),
+            getRepositoryDir(accountName, repository.name))
+
+          // Create Wiki repository
+          JGitUtil.cloneRepository(
+            getWikiRepositoryDir(repository.owner, repository.name),
+            getWikiRepositoryDir(accountName, repository.name))
+
+          // Record activity
+          recordForkActivity(repository.owner, repository.name, loginUserName, accountName)
+          // redirect to the repository
+          redirect(s"/${accountName}/${repository.name}")
         }
-
-        // Insert default labels
-        insertDefaultLabels(accountName, repository.name)
-
-        // clone repository actually
-        JGitUtil.cloneRepository(
-          getRepositoryDir(repository.owner, repository.name),
-          getRepositoryDir(accountName, repository.name))
-
-        // Create Wiki repository
-        JGitUtil.cloneRepository(
-          getWikiRepositoryDir(repository.owner, repository.name),
-          getWikiRepositoryDir(accountName, repository.name))
-
-        // Record activity
-        recordForkActivity(repository.owner, repository.name, loginUserName, accountName)
-        // redirect to the repository
-        redirect(s"/${accountName}/${repository.name}")
       }
-    }
+    } else BadRequest()
   })
 
   private def existsAccount: Constraint = new Constraint(){

src/main/scala/gitbucket/core/controller/ApiController.scala

@@ -7,9 +7,10 @@ import gitbucket.core.service.PullRequestService._
 import gitbucket.core.service._
 import gitbucket.core.util.ControlUtil._
 import gitbucket.core.util.Directory._
-import gitbucket.core.util.JGitUtil.CommitInfo
+import gitbucket.core.util.JGitUtil._
 import gitbucket.core.util._
 import gitbucket.core.util.Implicits._
+import gitbucket.core.view.helpers.{renderMarkup, isRenderable}
 import org.eclipse.jgit.api.Git
 import org.scalatra.{NoContent, UnprocessableEntity, Created}
 import scala.collection.JavaConverters._
@@ -20,9 +21,12 @@ class ApiController extends ApiControllerBase
   with ProtectedBranchService
   with IssuesService
   with LabelsService
+  with MilestonesService
   with PullRequestService
+  with CommitsService
   with CommitStatusService
   with RepositoryCreationService
+  with IssueCreationService
   with HandleCommentService
   with WebHookService
   with WebHookPullRequestService
@@ -34,7 +38,7 @@ class ApiController extends ApiControllerBase
   with GroupManagerAuthenticator
   with ReferrerAuthenticator
   with ReadableUsersAuthenticator
-  with CollaboratorsAuthenticator
+  with WritableUsersAuthenticator
 
 trait ApiControllerBase extends ControllerBase {
   self: RepositoryService
@@ -42,35 +46,178 @@ trait ApiControllerBase extends ControllerBase {
     with ProtectedBranchService
     with IssuesService
     with LabelsService
+    with MilestonesService
     with PullRequestService
     with CommitStatusService
     with RepositoryCreationService
+    with IssueCreationService
     with HandleCommentService
     with OwnerAuthenticator
     with UsersAuthenticator
     with GroupManagerAuthenticator
     with ReferrerAuthenticator
     with ReadableUsersAuthenticator
-    with CollaboratorsAuthenticator =>
+    with WritableUsersAuthenticator =>
+
+  /**
+    * 404 for non-implemented api
+    */
+  get("/api/v3/*") {
+    NotFound()
+  }
+
+  /**
+    * https://developer.github.com/v3/#root-endpoint
+    */
+  get("/api/v3/") {
+    JsonFormat(ApiEndPoint())
+  }
+
+  /**
+    * https://developer.github.com/v3/orgs/#get-an-organization
+    */
+  get("/api/v3/orgs/:groupName") {
+    getAccountByUserName(params("groupName")).filter(account => account.isGroupAccount).map { account =>
+      JsonFormat(ApiUser(account))
+    } getOrElse NotFound()
+  }
 
   /**
    * https://developer.github.com/v3/users/#get-a-single-user
    */
   get("/api/v3/users/:userName") {
-    getAccountByUserName(params("userName")).map { account =>
+    getAccountByUserName(params("userName")).filterNot(account => account.isGroupAccount).map { account =>
       JsonFormat(ApiUser(account))
-    } getOrElse NotFound
+    } getOrElse NotFound()
   }
 
+  /**
+    * https://developer.github.com/v3/repos/#list-organization-repositories
+    */
+  get("/api/v3/orgs/:orgName/repos") {
+    JsonFormat(getVisibleRepositories(context.loginAccount, Some(params("orgName"))).map{ r => ApiRepository(r, getAccountByUserName(r.owner).get)})
+  }
+  /**
+   * https://developer.github.com/v3/repos/#list-user-repositories
+   */
+  get("/api/v3/users/:userName/repos") {
+    JsonFormat(getVisibleRepositories(context.loginAccount, Some(params("userName"))).map{ r => ApiRepository(r, getAccountByUserName(r.owner).get)})
+  }
+
+  /*
+   * https://developer.github.com/v3/repos/branches/#list-branches
+   */
+  get ("/api/v3/repos/:owner/:repo/branches")(referrersOnly { repository =>
+    JsonFormat(JGitUtil.getBranches(
+      owner         = repository.owner,
+      name          = repository.name,
+      defaultBranch = repository.repository.defaultBranch,
+      origin        = repository.repository.originUserName.isEmpty
+    ).map { br =>
+      ApiBranchForList(br.name, ApiBranchCommit(br.commitId))
+    })
+  })
+
+  /*
+   * https://developer.github.com/v3/repos/contents/#get-contents
+   */
+  get("/api/v3/repos/:owner/:repo/contents/*")(referrersOnly { repository =>
+    def getFileInfo(git: Git, revision: String, pathStr: String): Option[FileInfo] = {
+      val path = new java.io.File(pathStr)
+      val dirName = path.getParent match {
+        case null => "."
+        case s => s
+      }
+      getFileList(git, revision, dirName).find(f => f.name.equals(path.getName))
+    }
+
+    val path = multiParams("splat").head match {
+      case s if s.isEmpty => "."
+      case s => s
+    }
+    val refStr = params.getOrElse("ref", repository.repository.defaultBranch)
+
+    using(Git.open(getRepositoryDir(params("owner"), params("repo")))){ git =>
+      val fileList = getFileList(git, refStr, path)
+      if (fileList.isEmpty) { // file or NotFound
+        getFileInfo(git, refStr, path).flatMap(f => {
+          val largeFile = params.get("large_file").exists(s => s.equals("true"))
+          val content = getContentFromId(git, f.id, largeFile)
+          request.getHeader("Accept") match {
+            case "application/vnd.github.v3.raw" => {
+              contentType = "application/vnd.github.v3.raw"
+              content
+            }
+            case "application/vnd.github.v3.html" if isRenderable(f.name) => {
+              contentType = "application/vnd.github.v3.html"
+              content.map(c =>
+                List(
+                  "<div data-path=\"", path, "\" id=\"file\">", "<article>",
+                  renderMarkup(path.split("/").toList, new String(c), refStr, repository, false, false, true).body,
+                  "</article>", "</div>"
+                ).mkString
+              )
+            }
+            case "application/vnd.github.v3.html" => {
+              contentType = "application/vnd.github.v3.html"
+              content.map(c =>
+                List(
+                  "<div data-path=\"", path, "\" id=\"file\">", "<div class=\"plain\">", "<pre>",
+                  play.twirl.api.HtmlFormat.escape(new String(c)).body,
+                  "</pre>", "</div>", "</div>"
+                ).mkString
+              )
+            }
+            case _ =>
+              Some(JsonFormat(ApiContents(f, content)))
+          }
+        }).getOrElse(NotFound())
+      } else { // directory
+        JsonFormat(fileList.map{f => ApiContents(f, None)})
+      }
+    }
+  })
+
+  /*
+   * https://developer.github.com/v3/git/refs/#get-a-reference
+   */
+  get("/api/v3/repos/:owner/:repo/git/*") (referrersOnly { repository =>
+    val revstr = multiParams("splat").head
+    using(Git.open(getRepositoryDir(params("owner"), params("repo")))) { git =>
+      //JsonFormat( (revstr, git.getRepository().resolve(revstr)) )
+      // getRef is deprecated by jgit-4.2. use exactRef() or findRef()
+      val sha = git.getRepository().exactRef(revstr).getObjectId().name()
+      JsonFormat(ApiRef(revstr, ApiObject(sha)))
+    }
+  })
+
+  /**
+   * https://developer.github.com/v3/repos/collaborators/#list-collaborators
+   */
+  get("/api/v3/repos/:owner/:repo/collaborators") (referrersOnly { repository =>
+    // TODO Should ApiUser take permission? getCollaboratorUserNames does not return owner group members.
+    JsonFormat(getCollaboratorUserNames(params("owner"), params("repo")).map(u => ApiUser(getAccountByUserName(u).get)))
+  })
+
   /**
    * https://developer.github.com/v3/users/#get-the-authenticated-user
    */
   get("/api/v3/user") {
     context.loginAccount.map { account =>
       JsonFormat(ApiUser(account))
-    } getOrElse Unauthorized
+    } getOrElse Unauthorized()
   }
 
+  /**
+   * List user's own repository
+   * https://developer.github.com/v3/repos/#list-your-repositories
+   */
+  get("/api/v3/user/repos")(usersOnly{
+    JsonFormat(getVisibleRepositories(context.loginAccount, Option(context.loginAccount.get.userName)).map{
+      r => ApiRepository(r, getAccountByUserName(r.owner).get)
+    })
+  })
+
   /**
    * Create user repository
    * https://developer.github.com/v3/repos/#create
@@ -92,7 +239,7 @@ trait ApiControllerBase extends ControllerBase {
           )
         }
       }
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
   })
 
   /**
@@ -116,7 +263,7 @@ trait ApiControllerBase extends ControllerBase {
           )
         }
       }
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
   })
 
   /**
@@ -125,7 +272,7 @@ trait ApiControllerBase extends ControllerBase {
   patch("/api/v3/repos/:owner/:repo/branches/:branch")(ownerOnly { repository =>
     import gitbucket.core.api._
     (for{
-      branch <- params.get("branch") if repository.branchList.find(_ == branch).isDefined
+      branch     <- params.get("branch") if repository.branchList.find(_ == branch).isDefined
       protection <- extractFromJsonBody[ApiBranchProtection.EnablingAndDisabling].map(_.protection)
     } yield {
       if(protection.enabled){
@@ -134,7 +281,7 @@ trait ApiControllerBase extends ControllerBase {
         disableBranchProtection(repository.owner, repository.name, branch)
       }
       JsonFormat(ApiBranch(branch, protection)(RepositoryName(repository)))
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
   })
 
   /**
@@ -147,16 +294,78 @@ trait ApiControllerBase extends ControllerBase {
     org.scalatra.NotFound(ApiError("Rate limiting is not enabled."))
   }
 
+  /**
+    * https://developer.github.com/v3/issues/#list-issues-for-a-repository
+    */
+  get("/api/v3/repos/:owner/:repository/issues")(referrersOnly { repository =>
+    val page = IssueSearchCondition.page(request)
+    // TODO: more api spec condition
+    val condition = IssueSearchCondition(request)
+    val baseOwner = getAccountByUserName(repository.owner).get
+
+    val issues: List[(Issue, Account)] =
+      searchIssueByApi(
+        condition = condition,
+        offset    = (page - 1) * PullRequestLimit,
+        limit     = PullRequestLimit,
+        repos     = repository.owner -> repository.name
+      )
+
+    JsonFormat(issues.map { case (issue, issueUser) =>
+      ApiIssue(
+        issue          = issue,
+        repositoryName = RepositoryName(repository),
+        user           = ApiUser(issueUser)
+      )
+    })
+  })
+
+  /**
+   * https://developer.github.com/v3/issues/#get-a-single-issue
+   */
+  get("/api/v3/repos/:owner/:repository/issues/:id")(referrersOnly { repository =>
+    (for{
+      issueId  <- params("id").toIntOpt
+      issue <- getIssue(repository.owner, repository.name, issueId.toString)
+      openedUser <- getAccountByUserName(issue.openedUserName)
+    } yield {
+      JsonFormat(ApiIssue(issue, RepositoryName(repository), ApiUser(openedUser)))
+    }) getOrElse NotFound()
+  })
+
+  /**
+    * https://developer.github.com/v3/issues/#create-an-issue
+    */
+  post("/api/v3/repos/:owner/:repository/issues")(readableUsersOnly { repository =>
+    if(isIssueEditable(repository)){ // TODO Should this check is provided by authenticator?
+      (for{
+        data <- extractFromJsonBody[CreateAnIssue]
+        loginAccount <- context.loginAccount
+      } yield {
+        val milestone = data.milestone.flatMap(getMilestone(repository.owner, repository.name, _))
+        val issue = createIssue(
+          repository,
+          data.title,
+          data.body,
+          data.assignees.headOption,
+          milestone.map(_.milestoneId),
+          data.labels,
+          loginAccount)
+        JsonFormat(ApiIssue(issue, RepositoryName(repository), ApiUser(loginAccount)))
+      }) getOrElse NotFound()
+    } else Unauthorized()
+  })
+
   /**
    * https://developer.github.com/v3/issues/comments/#list-comments-on-an-issue
    */
   get("/api/v3/repos/:owner/:repository/issues/:id/comments")(referrersOnly { repository =>
     (for{
-      issueId <- params("id").toIntOpt
-      comments = getCommentsForApi(repository.owner, repository.name, issueId.toInt)
+      issueId  <- params("id").toIntOpt
+      comments =  getCommentsForApi(repository.owner, repository.name, issueId.toInt)
     } yield {
       JsonFormat(comments.map{ case (issueComment, user, issue) => ApiComment(issueComment, RepositoryName(repository), issueId, ApiUser(user), issue.isPullRequest) })
-    }).getOrElse(NotFound)
+    }) getOrElse NotFound()
   })
 
   /**
@@ -172,7 +381,7 @@ trait ApiControllerBase extends ControllerBase {
       issueComment <- getComment(repository.owner, repository.name, id.toString())
     } yield {
       JsonFormat(ApiComment(issueComment, RepositoryName(repository), issueId, ApiUser(context.loginAccount.get), issue.isPullRequest))
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
   })
 
   /**
@@ -199,7 +408,7 @@ trait ApiControllerBase extends ControllerBase {
    * Create a label
    * https://developer.github.com/v3/issues/labels/#create-a-label
    */
-  post("/api/v3/repos/:owner/:repository/labels")(collaboratorsOnly { repository =>
+  post("/api/v3/repos/:owner/:repository/labels")(writableUsersOnly { repository =>
     (for{
       data <- extractFromJsonBody[CreateALabel] if data.isValid
     } yield {
@@ -224,7 +433,7 @@ trait ApiControllerBase extends ControllerBase {
    * Update a label
    * https://developer.github.com/v3/issues/labels/#update-a-label
    */
-  patch("/api/v3/repos/:owner/:repository/labels/:labelName")(collaboratorsOnly { repository =>
+  patch("/api/v3/repos/:owner/:repository/labels/:labelName")(writableUsersOnly { repository =>
     (for{
       data <- extractFromJsonBody[CreateALabel] if data.isValid
     } yield {
@@ -234,12 +443,14 @@ trait ApiControllerBase extends ControllerBase {
             updateLabel(repository.owner, repository.name, label.labelId, data.name, data.color)
             JsonFormat(ApiLabel(
               getLabel(repository.owner, repository.name, label.labelId).get,
-              RepositoryName(repository)))
+              RepositoryName(repository)
+            ))
           } else {
             // TODO ApiError should support errors field to enhance compatibility of GitHub API
             UnprocessableEntity(ApiError(
               "Validation Failed",
-              Some("https://developer.github.com/v3/issues/labels/#create-a-label")))
+              Some("https://developer.github.com/v3/issues/labels/#create-a-label")
+            ))
           }
         } getOrElse NotFound()
       }
@@ -250,7 +461,7 @@ trait ApiControllerBase extends ControllerBase {
    * Delete a label
    * https://developer.github.com/v3/issues/labels/#delete-a-label
    */
-  delete("/api/v3/repos/:owner/:repository/labels/:labelName")(collaboratorsOnly { repository =>
+  delete("/api/v3/repos/:owner/:repository/labels/:labelName")(writableUsersOnly { repository =>
     LockUtil.lock(RepositoryName(repository).fullName) {
       getLabel(repository.owner, repository.name, params("labelName")).map { label =>
         deleteLabel(repository.owner, repository.name, label.labelId)
@@ -278,11 +489,12 @@ trait ApiControllerBase extends ControllerBase {
 
     JsonFormat(issues.map { case (issue, issueUser, commentCount, pullRequest, headRepo, headOwner) =>
       ApiPullRequest(
-        issue,
-        pullRequest,
-        ApiRepository(headRepo, ApiUser(headOwner)),
-        ApiRepository(repository, ApiUser(baseOwner)),
-        ApiUser(issueUser)
+        issue         = issue,
+        pullRequest   = pullRequest,
+        headRepo      = ApiRepository(headRepo, ApiUser(headOwner)),
+        baseRepo      = ApiRepository(repository, ApiUser(baseOwner)),
+        user          = ApiUser(issueUser),
+        mergedComment = getMergedComment(repository.owner, repository.name, issue.issueId)
       )
     })
   })
@@ -292,21 +504,23 @@ trait ApiControllerBase extends ControllerBase {
    */
   get("/api/v3/repos/:owner/:repository/pulls/:id")(referrersOnly { repository =>
     (for{
-      issueId <- params("id").toIntOpt
+      issueId   <- params("id").toIntOpt
       (issue, pullRequest) <- getPullRequest(repository.owner, repository.name, issueId)
-      users = getAccountsByUserNames(Set(repository.owner, pullRequest.requestUserName, issue.openedUserName), Set())
+      users     =  getAccountsByUserNames(Set(repository.owner, pullRequest.requestUserName, issue.openedUserName), Set.empty)
       baseOwner <- users.get(repository.owner)
       headOwner <- users.get(pullRequest.requestUserName)
       issueUser <- users.get(issue.openedUserName)
       headRepo  <- getRepository(pullRequest.requestUserName, pullRequest.requestRepositoryName)
     } yield {
       JsonFormat(ApiPullRequest(
-        issue,
-        pullRequest,
-        ApiRepository(headRepo, ApiUser(headOwner)),
-        ApiRepository(repository, ApiUser(baseOwner)),
-        ApiUser(issueUser)))
-    }).getOrElse(NotFound)
+        issue         = issue,
+        pullRequest   = pullRequest,
+        headRepo      = ApiRepository(headRepo, ApiUser(headOwner)),
+        baseRepo      = ApiRepository(repository, ApiUser(baseOwner)),
+        user          = ApiUser(issueUser),
+        mergedComment = getMergedComment(repository.owner, repository.name, issue.issueId)
+      ))
+    }) getOrElse NotFound()
   })
 
   /**
@@ -321,11 +535,11 @@ trait ApiControllerBase extends ControllerBase {
           val oldId = git.getRepository.resolve(pullreq.commitIdFrom)
           val newId = git.getRepository.resolve(pullreq.commitIdTo)
           val repoFullName = RepositoryName(repository)
-          val commits = git.log.addRange(oldId, newId).call.iterator.asScala.map(c => ApiCommitListItem(new CommitInfo(c), repoFullName)).toList
+          val commits = git.log.addRange(oldId, newId).call.iterator.asScala.map { c => ApiCommitListItem(new CommitInfo(c), repoFullName) }.toList
           JsonFormat(commits)
         }
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   /**
@@ -338,19 +552,19 @@ trait ApiControllerBase extends ControllerBase {
   /**
    * https://developer.github.com/v3/repos/statuses/#create-a-status
    */
-  post("/api/v3/repos/:owner/:repo/statuses/:sha")(collaboratorsOnly { repository =>
+  post("/api/v3/repos/:owner/:repo/statuses/:sha")(writableUsersOnly { repository =>
     (for{
-      ref <- params.get("sha")
-      sha <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
-      data <- extractFromJsonBody[CreateAStatus] if data.isValid
-      creator <- context.loginAccount
-      state <- CommitState.valueOf(data.state)
-      statusId = createCommitStatus(repository.owner, repository.name, sha, data.context.getOrElse("default"),
-        state, data.target_url, data.description, new java.util.Date(), creator)
-      status <- getCommitStatus(repository.owner, repository.name, statusId)
+      ref      <- params.get("sha")
+      sha      <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
+      data     <- extractFromJsonBody[CreateAStatus] if data.isValid
+      creator  <- context.loginAccount
+      state    <- CommitState.valueOf(data.state)
+      statusId =  createCommitStatus(repository.owner, repository.name, sha, data.context.getOrElse("default"),
+                                     state, data.target_url, data.description, new java.util.Date(), creator)
+      status   <- getCommitStatus(repository.owner, repository.name, statusId)
     } yield {
       JsonFormat(ApiCommitStatus(status, ApiUser(creator)))
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
   })
 
   /**
@@ -366,7 +580,7 @@ trait ApiControllerBase extends ControllerBase {
       JsonFormat(getCommitStatuesWithCreator(repository.owner, repository.name, sha).map{ case(status, creator) =>
         ApiCommitStatus(status, ApiUser(creator))
       })
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
   })
 
   /**
@@ -385,17 +599,17 @@ trait ApiControllerBase extends ControllerBase {
    */
   get("/api/v3/repos/:owner/:repo/commits/:ref/status")(referrersOnly { repository =>
     (for{
-      ref <- params.get("ref")
+      ref   <- params.get("ref")
       owner <- getAccountByUserName(repository.owner)
-      sha <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
+      sha   <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
     } yield {
       val statuses = getCommitStatuesWithCreator(repository.owner, repository.name, sha)
       JsonFormat(ApiCombinedCommitStatus(sha, statuses, ApiRepository(repository, owner)))
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
   })
 
   private def isEditable(owner: String, repository: String, author: String)(implicit context: Context): Boolean =
-    hasWritePermission(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
+    hasDeveloperRole(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
 
 }
 

src/main/scala/gitbucket/core/controller/ControllerBase.scala

@@ -9,7 +9,6 @@ import gitbucket.core.util.Implicits._
 import gitbucket.core.util._
 
 import io.github.gitbucket.scalatra.forms._
-import org.apache.commons.io.FileUtils
 import org.json4s._
 import org.scalatra._
 import org.scalatra.i18n._
@@ -20,6 +19,8 @@ import javax.servlet.{FilterChain, ServletResponse, ServletRequest}
 
 import scala.util.Try
 
+import net.coobird.thumbnailator.Thumbnails
+
 
 /**
  * Provides generic features for controller implementations.
@@ -57,7 +58,7 @@ abstract class ControllerBase extends ScalatraFilter
         // Redirect to dashboard
         httpResponse.sendRedirect(baseUrl + "/")
       }
-    } else if(path.startsWith("/git/")){
+    } else if(path.startsWith("/git/") || path.startsWith("/git-lfs/")){
       // Git repository
       chain.doFilter(request, response)
     } else {
@@ -191,6 +192,7 @@ case class Context(settings: SystemSettingsService.SystemSettings, loginAccount:
     case agent if agent.contains("Win") => "windows"
     case _ => null
   }
+  val sidebarCollapse = request.getSession.getAttribute("sidebar-collapse") != null
 
   /**
    * Get object from cache.
@@ -224,10 +226,13 @@ trait AccountManagementControllerBase extends ControllerBase {
     } else {
       fileId.map { fileId =>
         val filename = "avatar." + FileUtil.getExtension(session.getAndRemove(Keys.Session.Upload(fileId)).get)
-        FileUtils.moveFile(
-          new java.io.File(getTemporaryDir(session.getId), fileId),
-          new java.io.File(getUserUploadDir(userName), filename)
-        )
+        val uploadDir = getUserUploadDir(userName)
+        if(!uploadDir.exists){
+          uploadDir.mkdirs()
+        }
+        Thumbnails.of(new java.io.File(getTemporaryDir(session.getId), fileId))
+          .size(324, 324)
+          .toFile(new java.io.File(uploadDir, filename))
         updateAvatarImage(userName, Some(filename))
       }
     }
@@ -244,4 +249,13 @@ trait AccountManagementControllerBase extends ControllerBase {
         .map    { _ => "Mail address is already registered." }
   }
 
+  val allReservedNames = Set("git", "admin", "upload", "api")
+  protected def reservedNames(): Constraint = new Constraint(){
+    override def validate(name: String, value: String, messages: Messages): Option[String] = if(allReservedNames.contains(value)){
+      Some(s"${value} is reserved")
+    } else {
+      None
+    }
+  }
+
 }

src/main/scala/gitbucket/core/controller/DashboardController.scala

@@ -1,13 +1,13 @@
 package gitbucket.core.controller
 
 import gitbucket.core.dashboard.html
-import gitbucket.core.service.{RepositoryService, PullRequestService, AccountService, IssuesService}
-import gitbucket.core.util.{StringUtil, Keys, UsersAuthenticator}
+import gitbucket.core.service._
+import gitbucket.core.util.{Keys, UsersAuthenticator}
 import gitbucket.core.util.Implicits._
 import gitbucket.core.service.IssuesService._
 
 class DashboardController extends DashboardControllerBase
-  with IssuesService with PullRequestService with RepositoryService with AccountService
+  with IssuesService with PullRequestService with RepositoryService with AccountService with CommitsService
   with UsersAuthenticator
 
 trait DashboardControllerBase extends ControllerBase {
@@ -15,20 +15,7 @@ trait DashboardControllerBase extends ControllerBase {
     with UsersAuthenticator =>
 
   get("/dashboard/issues")(usersOnly {
-    val q = request.getParameter("q")
-    val account = context.loginAccount.get
-    Option(q).map { q =>
-      val condition = IssueSearchCondition(q, Map[String, Int]())
-      q match {
-        case q if(q.contains("is:pr")) => redirect(s"/dashboard/pulls?q=${StringUtil.urlEncode(q)}")
-        case q if(q.contains(s"author:${account.userName}")) => redirect(s"/dashboard/issues/created_by${condition.toURL}")
-        case q if(q.contains(s"assignee:${account.userName}")) => redirect(s"/dashboard/issues/assigned${condition.toURL}")
-        case q if(q.contains(s"mentions:${account.userName}")) => redirect(s"/dashboard/issues/mentioned${condition.toURL}")
-        case _ => searchIssues("created_by")
-      }
-    } getOrElse {
-      searchIssues("created_by")
-    }
+    searchIssues("created_by")
   })
 
   get("/dashboard/issues/assigned")(usersOnly {
@@ -44,20 +31,7 @@ trait DashboardControllerBase extends ControllerBase {
   })
 
   get("/dashboard/pulls")(usersOnly {
-    val q = request.getParameter("q")
-    val account = context.loginAccount.get
-    Option(q).map { q =>
-      val condition = IssueSearchCondition(q, Map[String, Int]())
-      q match {
-        case q if(q.contains("is:issue")) => redirect(s"/dashboard/issues?q=${StringUtil.urlEncode(q)}")
-        case q if(q.contains(s"author:${account.userName}")) => redirect(s"/dashboard/pulls/created_by${condition.toURL}")
-        case q if(q.contains(s"assignee:${account.userName}")) => redirect(s"/dashboard/pulls/assigned${condition.toURL}")
-        case q if(q.contains(s"mentions:${account.userName}")) => redirect(s"/dashboard/pulls/mentioned${condition.toURL}")
-        case _ => searchPullRequests("created_by")
-      }
-    } getOrElse {
-      searchPullRequests("created_by")
-    }
+    searchPullRequests("created_by")
   })
 
   get("/dashboard/pulls/created_by")(usersOnly {
@@ -73,14 +47,7 @@ trait DashboardControllerBase extends ControllerBase {
   })
 
   private def getOrCreateCondition(key: String, filter: String, userName: String) = {
-    val condition = session.putAndGet(key, if(request.hasQueryString){
-      val q = request.getParameter("q")
-      if(q == null){
-        IssueSearchCondition(request)
-      } else {
-        IssueSearchCondition(q, Map[String, Int]())
-      }
-    } else session.getAs[IssueSearchCondition](key).getOrElse(IssueSearchCondition()))
+    val condition = IssueSearchCondition(request)
 
     filter match {
       case "assigned"  => condition.copy(assigned = Some(Some(userName)), author = None, mentioned = None)
@@ -109,7 +76,7 @@ trait DashboardControllerBase extends ControllerBase {
       },
       filter,
       getGroupNames(userName),
-      getVisibleRepositories(context.loginAccount, withoutPhysicalInfo = true),
+      Nil,
       getUserRepositories(userName, withoutPhysicalInfo = true))
   }
 
@@ -134,7 +101,7 @@ trait DashboardControllerBase extends ControllerBase {
       },
       filter,
       getGroupNames(userName),
-      getVisibleRepositories(context.loginAccount, withoutPhysicalInfo = true),
+      Nil,
       getUserRepositories(userName, withoutPhysicalInfo = true))
   }
 

src/main/scala/gitbucket/core/controller/FileUploadController.scala

@@ -1,6 +1,7 @@
 package gitbucket.core.controller
 
 import gitbucket.core.model.Account
+import gitbucket.core.service.RepositoryService.RepositoryInfo
 import gitbucket.core.service.{AccountService, RepositoryService}
 import gitbucket.core.servlet.Database
 import gitbucket.core.util._
@@ -9,11 +10,10 @@ import gitbucket.core.util.Directory._
 import gitbucket.core.util.Implicits._
 import org.eclipse.jgit.api.Git
 import org.eclipse.jgit.dircache.DirCache
-import org.eclipse.jgit.lib.{FileMode, Constants}
-import org.scalatra
+import org.eclipse.jgit.lib.{Constants, FileMode}
 import org.scalatra._
-import org.scalatra.servlet.{MultipartConfig, FileUploadSupport, FileItem}
-import org.apache.commons.io.{IOUtils, FileUtils}
+import org.scalatra.servlet.{FileItem, FileUploadSupport, MultipartConfig}
+import org.apache.commons.io.{FileUtils, IOUtils}
 
 /**
  * Provides Ajax based file upload functionality.
@@ -46,9 +46,9 @@ class FileUploadController extends ScalatraServlet with FileUploadSupport with R
       val repository = params("repository")
 
       // Check whether logged-in user is collaborator
-      collaboratorsOnly(owner, repository, loginAccount){
+      onlyWikiEditable(owner, repository, loginAccount){
         execute({ (file, fileId) =>
-          val fileName   = file.getName
+          val fileName = file.getName
           LockUtil.lock(s"${owner}/${repository}/wiki") {
             using(Git.open(Directory.getWikiRepositoryDir(owner, repository))) { git =>
               val builder  = DirCache.newInCore.builder()
@@ -75,30 +75,29 @@ class FileUploadController extends ScalatraServlet with FileUploadSupport with R
           }
         }, FileUtil.isUploadableType)
       }
-    } getOrElse BadRequest
+    } getOrElse BadRequest()
   }
 
   post("/import") {
+    import JDBCUtil._
     session.get(Keys.Session.LoginAccount).collect { case loginAccount: Account if loginAccount.isAdmin =>
       execute({ (file, fileId) =>
-        if(file.getName.endsWith(".xml")){
-          import JDBCUtil._
-          val conn = request2Session(request).conn
-          conn.importAsXML(file.getInputStream)
-        } else {
-          throw new RuntimeException("Import is available for only the XML file.")
-        }
+        request2Session(request).conn.importAsSQL(file.getInputStream)
       }, _ => true)
     }
     redirect("/admin/data")
   }
 
-  private def collaboratorsOnly(owner: String, repository: String, loginAccount: Account)(action: => Any): Any = {
+  private def onlyWikiEditable(owner: String, repository: String, loginAccount: Account)(action: => Any): Any = {
     implicit val session = Database.getSession(request)
-    loginAccount match {
-      case x if(x.isAdmin) => action
-      case x if(getCollaborators(owner, repository).contains(x.userName)) => action
-      case _ => BadRequest
+    getRepository(owner, repository) match {
+      case Some(x) => x.repository.options.wikiOption match {
+        case "ALL"     if !x.repository.isPrivate => action
+        case "PUBLIC"  if hasGuestRole(owner, repository, Some(loginAccount)) => action
+        case "PRIVATE" if hasDeveloperRole(owner, repository, Some(loginAccount)) => action
+        case _  => BadRequest()
+      }
+      case None => BadRequest()
     }
   }
 
@@ -106,10 +105,9 @@ class FileUploadController extends ScalatraServlet with FileUploadSupport with R
     case Some(file) if(mimeTypeChcker(file.name)) =>
       defining(FileUtil.generateFileId){ fileId =>
         f(file, fileId)
-
         Ok(fileId)
       }
-    case _ => BadRequest
+    case _ => BadRequest()
   }
 
 }

src/main/scala/gitbucket/core/controller/IndexController.scala

@@ -5,9 +5,9 @@ import gitbucket.core.model.Account
 import gitbucket.core.service._
 import gitbucket.core.util.Implicits._
 import gitbucket.core.util.ControlUtil._
-import gitbucket.core.util.{LDAPUtil, Keys, UsersAuthenticator, ReferrerAuthenticator, StringUtil}
-
+import gitbucket.core.util.{Keys, LDAPUtil, ReferrerAuthenticator, UsersAuthenticator}
 import io.github.gitbucket.scalatra.forms._
+import org.scalatra.Ok
 
 
 class IndexController extends IndexControllerBase 
@@ -36,23 +36,11 @@ trait IndexControllerBase extends ControllerBase {
 
 
   get("/"){
-    val loginAccount = context.loginAccount
-    if(loginAccount.isEmpty) {
-        gitbucket.core.html.index(getRecentActivities(),
-            getVisibleRepositories(loginAccount, withoutPhysicalInfo = true),
-            loginAccount.map{ account => getUserRepositories(account.userName, withoutPhysicalInfo = true) }.getOrElse(Nil)
-        )
-    } else {
-        val loginUserName = loginAccount.get.userName
-        val loginUserGroups = getGroupsByUserName(loginUserName)
-        var visibleOwnerSet : Set[String] = Set(loginUserName)
-        
-        visibleOwnerSet ++= loginUserGroups
-
-        gitbucket.core.html.index(getRecentActivitiesByOwners(visibleOwnerSet),
-            getVisibleRepositories(loginAccount, withoutPhysicalInfo = true),
-            loginAccount.map{ account => getUserRepositories(account.userName, withoutPhysicalInfo = true) }.getOrElse(Nil) 
-        )
+    context.loginAccount.map { account =>
+      val visibleOwnerSet: Set[String] = Set(account.userName) ++ getGroupsByUserName(account.userName)
+      gitbucket.core.html.index(getRecentActivitiesByOwners(visibleOwnerSet), Nil, getUserRepositories(account.userName, withoutPhysicalInfo = true))
+    }.getOrElse {
+      gitbucket.core.html.index(getRecentActivities(), getVisibleRepositories(None, withoutPhysicalInfo = true), Nil)
     }
   }
 
@@ -61,13 +49,18 @@ trait IndexControllerBase extends ControllerBase {
     if(redirect.isDefined && redirect.get.startsWith("/")){
       flash += Keys.Flash.Redirect -> redirect.get
     }
-    gitbucket.core.html.signin()
+    gitbucket.core.html.signin(flash.get("userName"), flash.get("password"), flash.get("error"))
   }
 
   post("/signin", signinForm){ form =>
     authenticate(context.settings, form.userName, form.password) match {
       case Some(account) => signin(account)
-      case None          => redirect("/signin")
+      case None          => {
+        flash += "userName" -> form.userName
+        flash += "password" -> form.password
+        flash += "error" -> "Sorry, your Username and/or Password is incorrect. Please try again."
+        redirect("/signin")
+      }
     }
   }
 
@@ -81,6 +74,15 @@ trait IndexControllerBase extends ControllerBase {
     xml.feed(getRecentActivities())
   }
 
+  get("/sidebar-collapse"){
+    if(params("collapse") == "true"){
+      session.setAttribute("sidebar-collapse", "true")
+    }  else {
+      session.setAttribute("sidebar-collapse", null)
+    }
+    Ok()
+  }
+
   /**
    * Set account information into HttpSession and redirect.
    */
@@ -108,29 +110,35 @@ trait IndexControllerBase extends ControllerBase {
    */
   get("/_user/proposals")(usersOnly {
     contentType = formats("json")
+    val user  = params("user").toBoolean
+    val group = params("group").toBoolean
     org.json4s.jackson.Serialization.write(
-      Map("options" -> getAllUsers(false).filter(!_.isGroupAccount).map(_.userName).toArray)
+      Map("options" -> (
+        getAllUsers(false)
+          .withFilter { t => (user, group) match {
+            case (true, true) => true
+            case (true, false) => !t.isGroupAccount
+            case (false, true) => t.isGroupAccount
+            case (false, false) => false
+          }}.map { t => t.userName }
+      ))
     )
   })
 
   /**
-   * JSON API for checking user existence.
+   * JSON API for checking user or group existence.
+   * Returns a single string which is any of "group", "user" or "".
    */
   post("/_user/existence")(usersOnly {
     getAccountByUserName(params("userName")).map { account =>
-      if(params.get("userOnly").isDefined) !account.isGroupAccount else true
-    } getOrElse false
+      if(account.isGroupAccount) "group" else "user"
+    } getOrElse ""
   })
 
-  // TODO Move to RepositoryViwerController?
-  post("/search", searchForm){ form =>
-    redirect(s"/${form.owner}/${form.repository}/search?q=${StringUtil.urlEncode(form.query)}")
-  }
-
   // TODO Move to RepositoryViwerController?
   get("/:owner/:repository/search")(referrersOnly { repository =>
-    defining(params("q").trim, params.getOrElse("type", "code")){ case (query, target) =>
-      val page   = try {
+    defining(params.getOrElse("q", "").trim, params.getOrElse("type", "code")){ case (query, target) =>
+      val page = try {
         val i = params.getOrElse("page", "1").toInt
         if(i <= 0) 1 else i
       } catch {
@@ -139,23 +147,31 @@ trait IndexControllerBase extends ControllerBase {
 
       target.toLowerCase match {
         case "issue" => gitbucket.core.search.html.issues(
-          countFiles(repository.owner, repository.name, query),
-          searchIssues(repository.owner, repository.name, query),
-          countWikiPages(repository.owner, repository.name, query),
+          if(query.nonEmpty) searchIssues(repository.owner, repository.name, query) else Nil,
           query, page, repository)
 
         case "wiki" => gitbucket.core.search.html.wiki(
-          countFiles(repository.owner, repository.name, query),
-          countIssues(repository.owner, repository.name, query),
-          searchWikiPages(repository.owner, repository.name, query),
+          if(query.nonEmpty) searchWikiPages(repository.owner, repository.name, query) else Nil,
           query, page, repository)
 
         case _ => gitbucket.core.search.html.code(
-          searchFiles(repository.owner, repository.name, query),
-          countIssues(repository.owner, repository.name, query),
-          countWikiPages(repository.owner, repository.name, query),
+          if(query.nonEmpty) searchFiles(repository.owner, repository.name, query) else Nil,
           query, page, repository)
       }
     }
   })
+
+  get("/search"){
+    val query = params.getOrElse("query", "").trim.toLowerCase
+    val visibleRepositories = getVisibleRepositories(context.loginAccount, None)
+    val repositories = visibleRepositories.filter { repository =>
+      repository.name.toLowerCase.indexOf(query) >= 0 || repository.owner.toLowerCase.indexOf(query) >= 0
+    }
+    context.loginAccount.map { account =>
+      gitbucket.core.search.html.repositories(query, repositories, Nil, getUserRepositories(account.userName, withoutPhysicalInfo = true))
+    }.getOrElse {
+      gitbucket.core.search.html.repositories(query, repositories, visibleRepositories, Nil)
+    }
+  }
+
 }

src/main/scala/gitbucket/core/controller/IssuesController.scala

@@ -8,18 +8,40 @@ import gitbucket.core.util.Implicits._
 import gitbucket.core.util._
 import gitbucket.core.view
 import gitbucket.core.view.Markdown
-
 import io.github.gitbucket.scalatra.forms._
-import org.scalatra.Ok
+import org.scalatra.{BadRequest, Ok}
 
 
 class IssuesController extends IssuesControllerBase
-  with IssuesService with RepositoryService with AccountService with LabelsService with MilestonesService with ActivityService with HandleCommentService
-  with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with WebHookIssueCommentService
+  with IssuesService
+  with RepositoryService
+  with AccountService
+  with LabelsService
+  with MilestonesService
+  with ActivityService
+  with HandleCommentService
+  with IssueCreationService
+  with ReadableUsersAuthenticator
+  with ReferrerAuthenticator
+  with WritableUsersAuthenticator
+  with PullRequestService
+  with WebHookIssueCommentService
+  with CommitsService
 
 trait IssuesControllerBase extends ControllerBase {
-  self: IssuesService with RepositoryService with AccountService with LabelsService with MilestonesService with ActivityService with HandleCommentService
-    with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with WebHookIssueCommentService =>
+  self: IssuesService
+    with RepositoryService
+    with AccountService
+    with LabelsService
+    with MilestonesService
+    with ActivityService
+    with HandleCommentService
+    with IssueCreationService
+    with ReadableUsersAuthenticator
+    with ReferrerAuthenticator
+    with WritableUsersAuthenticator
+    with PullRequestService
+    with WebHookIssueCommentService =>
 
   case class IssueCreateForm(title: String, content: Option[String],
     assignedUserName: Option[String], milestoneId: Option[Int], labelNames: Option[String])
@@ -67,145 +89,121 @@ trait IssuesControllerBase extends ControllerBase {
           _,
           getComments(owner, name, issueId.toInt),
           getIssueLabels(owner, name, issueId.toInt),
-          (getCollaborators(owner, name) ::: (if(getAccountByUserName(owner).get.isGroupAccount) Nil else List(owner))).sorted,
+          getAssignableUserNames(owner, name),
           getMilestonesWithIssueCount(owner, name),
           getLabels(owner, name),
-          hasWritePermission(owner, name, context.loginAccount),
+          isIssueEditable(repository),
+          isIssueManageable(repository),
           repository)
-      } getOrElse NotFound
+      } getOrElse NotFound()
     }
   })
 
   get("/:owner/:repository/issues/new")(readableUsersOnly { repository =>
-    defining(repository.owner, repository.name){ case (owner, name) =>
-      html.create(
-        (getCollaborators(owner, name) ::: (if(getAccountByUserName(owner).get.isGroupAccount) Nil else List(owner))).sorted,
+    if(isIssueEditable(repository)){ // TODO Should this check is provided by authenticator?
+      defining(repository.owner, repository.name){ case (owner, name) =>
+        html.create(
+          getAssignableUserNames(owner, name),
           getMilestones(owner, name),
           getLabels(owner, name),
-          hasWritePermission(owner, name, context.loginAccount),
+          isIssueManageable(repository),
+          getContentTemplate(repository, "ISSUE_TEMPLATE"),
           repository)
-    }
+      }
+    } else Unauthorized()
   })
 
   post("/:owner/:repository/issues/new", issueCreateForm)(readableUsersOnly { (form, repository) =>
-    defining(repository.owner, repository.name){ case (owner, name) =>
-      val writable = hasWritePermission(owner, name, context.loginAccount)
-      val userName = context.loginAccount.get.userName
+    if(isIssueEditable(repository)){ // TODO Should this check is provided by authenticator?
+      val issue = createIssue(
+        repository,
+        form.title,
+        form.content,
+        form.assignedUserName,
+        form.milestoneId,
+        form.labelNames.toArray.flatMap(_.split(",")),
+        context.loginAccount.get)
 
-      // insert issue
-      val issueId = createIssue(owner, name, userName, form.title, form.content,
-        if(writable) form.assignedUserName else None,
-        if(writable) form.milestoneId else None)
-
-      // insert labels
-      if(writable){
-        form.labelNames.map { value =>
-          val labels = getLabels(owner, name)
-          value.split(",").foreach { labelName =>
-            labels.find(_.labelName == labelName).map { label =>
-              registerIssueLabel(owner, name, issueId, label.labelId)
-            }
-          }
-        }
-      }
-
-      // record activity
-      recordCreateIssueActivity(owner, name, userName, issueId, form.title)
-
-      getIssue(owner, name, issueId.toString).foreach { issue =>
-        // extract references and create refer comment
-        createReferComment(owner, name, issue, form.title + " " + form.content.getOrElse(""), context.loginAccount.get)
-
-        // call web hooks
-        callIssuesWebHook("opened", repository, issue, context.baseUrl, context.loginAccount.get)
-
-        // notifications
-        Notifier().toNotify(repository, issue, form.content.getOrElse("")){
-          Notifier.msgIssue(s"${context.baseUrl}/${owner}/${name}/issues/${issueId}")
-        }
-      }
-
-      redirect(s"/${owner}/${name}/issues/${issueId}")
-    }
+      redirect(s"/${issue.userName}/${issue.repositoryName}/issues/${issue.issueId}")
+    } else Unauthorized()
   })
 
   ajaxPost("/:owner/:repository/issues/edit_title/:id", issueTitleEditForm)(readableUsersOnly { (title, repository) =>
     defining(repository.owner, repository.name){ case (owner, name) =>
       getIssue(owner, name, params("id")).map { issue =>
-        if(isEditable(owner, name, issue.openedUserName)){
+        if(isEditableContent(owner, name, issue.openedUserName)){
           // update issue
           updateIssue(owner, name, issue.issueId, title, issue.content)
           // extract references and create refer comment
           createReferComment(owner, name, issue.copy(title = title), title, context.loginAccount.get)
 
           redirect(s"/${owner}/${name}/issues/_data/${issue.issueId}")
-        } else Unauthorized
-      } getOrElse NotFound
+        } else Unauthorized()
+      } getOrElse NotFound()
     }
   })
 
   ajaxPost("/:owner/:repository/issues/edit/:id", issueEditForm)(readableUsersOnly { (content, repository) =>
     defining(repository.owner, repository.name){ case (owner, name) =>
       getIssue(owner, name, params("id")).map { issue =>
-        if(isEditable(owner, name, issue.openedUserName)){
+        if(isEditableContent(owner, name, issue.openedUserName)){
           // update issue
           updateIssue(owner, name, issue.issueId, issue.title, content)
           // extract references and create refer comment
           createReferComment(owner, name, issue, content.getOrElse(""), context.loginAccount.get)
 
           redirect(s"/${owner}/${name}/issues/_data/${issue.issueId}")
-        } else Unauthorized
-      } getOrElse NotFound
+        } else Unauthorized()
+      } getOrElse NotFound()
     }
   })
 
   post("/:owner/:repository/issue_comments/new", commentForm)(readableUsersOnly { (form, repository) =>
     getIssue(repository.owner, repository.name, form.issueId.toString).flatMap { issue =>
-      val actionOpt = params.get("action").filter(_ => isEditable(issue.userName, issue.repositoryName, issue.openedUserName))
+      val actionOpt = params.get("action").filter(_ => isEditableContent(issue.userName, issue.repositoryName, issue.openedUserName))
       handleComment(issue, Some(form.content), repository, actionOpt) map { case (issue, id) =>
         redirect(s"/${repository.owner}/${repository.name}/${
           if(issue.isPullRequest) "pull" else "issues"}/${form.issueId}#comment-${id}")
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   post("/:owner/:repository/issue_comments/state", issueStateForm)(readableUsersOnly { (form, repository) =>
     getIssue(repository.owner, repository.name, form.issueId.toString).flatMap { issue =>
-      val actionOpt = params.get("action").filter(_ => isEditable(issue.userName, issue.repositoryName, issue.openedUserName))
+      val actionOpt = params.get("action").filter(_ => isEditableContent(issue.userName, issue.repositoryName, issue.openedUserName))
       handleComment(issue, form.content, repository, actionOpt) map { case (issue, id) =>
         redirect(s"/${repository.owner}/${repository.name}/${
           if(issue.isPullRequest) "pull" else "issues"}/${form.issueId}#comment-${id}")
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   ajaxPost("/:owner/:repository/issue_comments/edit/:id", commentForm)(readableUsersOnly { (form, repository) =>
     defining(repository.owner, repository.name){ case (owner, name) =>
       getComment(owner, name, params("id")).map { comment =>
-        if(isEditable(owner, name, comment.commentedUserName)){
+        if(isEditableContent(owner, name, comment.commentedUserName)){
           updateComment(comment.commentId, form.content)
           redirect(s"/${owner}/${name}/issue_comments/_data/${comment.commentId}")
-        } else Unauthorized
-      } getOrElse NotFound
+        } else Unauthorized()
+      } getOrElse NotFound()
     }
   })
 
   ajaxPost("/:owner/:repository/issue_comments/delete/:id")(readableUsersOnly { repository =>
     defining(repository.owner, repository.name){ case (owner, name) =>
       getComment(owner, name, params("id")).map { comment =>
-        if(isEditable(owner, name, comment.commentedUserName)){
+        if(isEditableContent(owner, name, comment.commentedUserName)){
           Ok(deleteComment(comment.commentId))
-        } else Unauthorized
-      } getOrElse NotFound
+        } else Unauthorized()
+      } getOrElse NotFound()
     }
   })
 
   ajaxGet("/:owner/:repository/issues/_data/:id")(readableUsersOnly { repository =>
     getIssue(repository.owner, repository.name, params("id")) map { x =>
-      if(isEditable(x.userName, x.repositoryName, x.openedUserName)){
+      if(isEditableContent(x.userName, x.repositoryName, x.openedUserName)){
         params.get("dataType") collect {
-          case t if t == "html" => html.editissue(
-              x.content, x.issueId, x.userName, x.repositoryName)
+          case t if t == "html" => html.editissue(x.content, x.issueId, repository)
         } getOrElse {
           contentType = formats("json")
           org.json4s.jackson.Serialization.write(
@@ -219,21 +217,20 @@ trait IssuesControllerBase extends ControllerBase {
                 enableAnchor = true,
                 enableLineBreaks = true,
                 enableTaskList = true,
-                hasWritePermission = isEditable(x.userName, x.repositoryName, x.openedUserName)
+                hasWritePermission = true
               )
             )
           )
         }
-      } else Unauthorized
-    } getOrElse NotFound
+      } else Unauthorized()
+    } getOrElse NotFound()
   })
 
   ajaxGet("/:owner/:repository/issue_comments/_data/:id")(readableUsersOnly { repository =>
     getComment(repository.owner, repository.name, params("id")) map { x =>
-      if(isEditable(x.userName, x.repositoryName, x.commentedUserName)){
+      if(isEditableContent(x.userName, x.repositoryName, x.commentedUserName)){
         params.get("dataType") collect {
-          case t if t == "html" => html.editcomment(
-              x.content, x.commentId, x.userName, x.repositoryName)
+          case t if t == "html" => html.editcomment(x.content, x.commentId, repository)
         } getOrElse {
           contentType = formats("json")
           org.json4s.jackson.Serialization.write(
@@ -246,51 +243,51 @@ trait IssuesControllerBase extends ControllerBase {
                 enableAnchor = true,
                 enableLineBreaks = true,
                 enableTaskList = true,
-                hasWritePermission = isEditable(x.userName, x.repositoryName, x.commentedUserName)
+                hasWritePermission = true
               )
             )
           )
         }
-      } else Unauthorized
-    } getOrElse NotFound
+      } else Unauthorized()
+    } getOrElse NotFound()
   })
 
-  ajaxPost("/:owner/:repository/issues/new/label")(collaboratorsOnly { repository =>
+  ajaxPost("/:owner/:repository/issues/new/label")(writableUsersOnly { repository =>
     val labelNames = params("labelNames").split(",")
     val labels = getLabels(repository.owner, repository.name).filter(x => labelNames.contains(x.labelName))
     html.labellist(labels)
   })
 
-  ajaxPost("/:owner/:repository/issues/:id/label/new")(collaboratorsOnly { repository =>
+  ajaxPost("/:owner/:repository/issues/:id/label/new")(writableUsersOnly { repository =>
     defining(params("id").toInt){ issueId =>
       registerIssueLabel(repository.owner, repository.name, issueId, params("labelId").toInt)
       html.labellist(getIssueLabels(repository.owner, repository.name, issueId))
     }
   })
 
-  ajaxPost("/:owner/:repository/issues/:id/label/delete")(collaboratorsOnly { repository =>
+  ajaxPost("/:owner/:repository/issues/:id/label/delete")(writableUsersOnly { repository =>
     defining(params("id").toInt){ issueId =>
       deleteIssueLabel(repository.owner, repository.name, issueId, params("labelId").toInt)
       html.labellist(getIssueLabels(repository.owner, repository.name, issueId))
     }
   })
 
-  ajaxPost("/:owner/:repository/issues/:id/assign")(collaboratorsOnly { repository =>
+  ajaxPost("/:owner/:repository/issues/:id/assign")(writableUsersOnly { repository =>
     updateAssignedUserName(repository.owner, repository.name, params("id").toInt, assignedUserName("assignedUserName"))
     Ok("updated")
   })
 
-  ajaxPost("/:owner/:repository/issues/:id/milestone")(collaboratorsOnly { repository =>
+  ajaxPost("/:owner/:repository/issues/:id/milestone")(writableUsersOnly { repository =>
     updateMilestoneId(repository.owner, repository.name, params("id").toInt, milestoneId("milestoneId"))
     milestoneId("milestoneId").map { milestoneId =>
       getMilestonesWithIssueCount(repository.owner, repository.name)
           .find(_._1.milestoneId == milestoneId).map { case (_, openCount, closeCount) =>
         gitbucket.core.issues.milestones.html.progress(openCount + closeCount, closeCount)
-      } getOrElse NotFound
+      } getOrElse NotFound()
     } getOrElse Ok()
   })
 
-  post("/:owner/:repository/issues/batchedit/state")(collaboratorsOnly { repository =>
+  post("/:owner/:repository/issues/batchedit/state")(writableUsersOnly { repository =>
     defining(params.get("value")){ action =>
       action match {
         case Some("open")  => executeBatch(repository) { issueId =>
@@ -303,22 +300,22 @@ trait IssuesControllerBase extends ControllerBase {
             handleComment(issue, None, repository, Some("close"))
           }
         }
-        case _ => // TODO BadRequest
+        case _ => BadRequest()
       }
     }
   })
 
-  post("/:owner/:repository/issues/batchedit/label")(collaboratorsOnly { repository =>
+  post("/:owner/:repository/issues/batchedit/label")(writableUsersOnly { repository =>
     params("value").toIntOpt.map{ labelId =>
       executeBatch(repository) { issueId =>
         getIssueLabel(repository.owner, repository.name, issueId, labelId) getOrElse {
           registerIssueLabel(repository.owner, repository.name, issueId, labelId)
         }
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
-  post("/:owner/:repository/issues/batchedit/assign")(collaboratorsOnly { repository =>
+  post("/:owner/:repository/issues/batchedit/assign")(writableUsersOnly { repository =>
     defining(assignedUserName("value")){ value =>
       executeBatch(repository) {
         updateAssignedUserName(repository.owner, repository.name, _, value)
@@ -326,7 +323,7 @@ trait IssuesControllerBase extends ControllerBase {
     }
   })
 
-  post("/:owner/:repository/issues/batchedit/milestone")(collaboratorsOnly { repository =>
+  post("/:owner/:repository/issues/batchedit/milestone")(writableUsersOnly { repository =>
     defining(milestoneId("value")){ value =>
       executeBatch(repository) {
         updateMilestoneId(repository.owner, repository.name, _, value)
@@ -342,15 +339,12 @@ trait IssuesControllerBase extends ControllerBase {
           RawData(FileUtil.getMimeType(file.getName), file)
         }
       case _ => None
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
   })
 
   val assignedUserName = (key: String) => params.get(key) filter (_.trim != "")
   val milestoneId: String => Option[Int] = (key: String) => params.get(key).flatMap(_.toIntOpt)
 
-  private def isEditable(owner: String, repository: String, author: String)(implicit context: Context): Boolean =
-    hasWritePermission(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
-
   private def executeBatch(repository: RepositoryService.RepositoryInfo)(execute: Int => Unit) = {
     params("checked").split(',') map(_.toInt) foreach execute
     params("from") match {
@@ -361,37 +355,31 @@ trait IssuesControllerBase extends ControllerBase {
 
   private def searchIssues(repository: RepositoryService.RepositoryInfo) = {
     defining(repository.owner, repository.name){ case (owner, repoName) =>
-      val page       = IssueSearchCondition.page(request)
-      val sessionKey = Keys.Session.Issues(owner, repoName)
+      val page = IssueSearchCondition.page(request)
 
       // retrieve search condition
-      val condition = session.putAndGet(sessionKey,
-        if(request.hasQueryString){
-          val q = request.getParameter("q")
-          if(q == null || q.trim.isEmpty){
-            IssueSearchCondition(request)
-          } else {
-            IssueSearchCondition(q, getMilestones(owner, repoName).map(x => (x.title, x.milestoneId)).toMap)
-          }
-        } else session.getAs[IssueSearchCondition](sessionKey).getOrElse(IssueSearchCondition())
-      )
+      val condition = IssueSearchCondition(request)
 
       html.list(
           "issues",
           searchIssue(condition, false, (page - 1) * IssueLimit, IssueLimit, owner -> repoName),
           page,
-          if(!getAccountByUserName(owner).exists(_.isGroupAccount)){
-            (getCollaborators(owner, repoName) :+ owner).sorted
-          } else {
-            getCollaborators(owner, repoName)
-          },
+          getAssignableUserNames(owner, repoName),
           getMilestones(owner, repoName),
           getLabels(owner, repoName),
           countIssue(condition.copy(state = "open"  ), false, owner -> repoName),
           countIssue(condition.copy(state = "closed"), false, owner -> repoName),
           condition,
           repository,
-          hasWritePermission(owner, repoName, context.loginAccount))
+          isIssueEditable(repository),
+          isIssueManageable(repository))
     }
   }
+
+  /**
+   * Tests whether an issue or a comment is editable by a logged-in user.
+   */
+  private def isEditableContent(owner: String, repository: String, author: String)(implicit context: Context): Boolean = {
+    hasDeveloperRole(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
+  }
 }

src/main/scala/gitbucket/core/controller/LabelsController.scala

@@ -2,7 +2,7 @@ package gitbucket.core.controller
 
 import gitbucket.core.issues.labels.html
 import gitbucket.core.service.{RepositoryService, AccountService, IssuesService, LabelsService}
-import gitbucket.core.util.{ReferrerAuthenticator, CollaboratorsAuthenticator}
+import gitbucket.core.util.{ReferrerAuthenticator, WritableUsersAuthenticator}
 import gitbucket.core.util.Implicits._
 import io.github.gitbucket.scalatra.forms._
 import org.scalatra.i18n.Messages
@@ -10,11 +10,11 @@ import org.scalatra.Ok
 
 class LabelsController extends LabelsControllerBase
   with LabelsService with IssuesService with RepositoryService with AccountService
-with ReferrerAuthenticator with CollaboratorsAuthenticator
+with ReferrerAuthenticator with WritableUsersAuthenticator
 
 trait LabelsControllerBase extends ControllerBase {
   self: LabelsService with IssuesService with RepositoryService
-    with ReferrerAuthenticator with CollaboratorsAuthenticator =>
+    with ReferrerAuthenticator with WritableUsersAuthenticator =>
 
   case class LabelForm(labelName: String, color: String)
 
@@ -29,40 +29,40 @@ trait LabelsControllerBase extends ControllerBase {
       getLabels(repository.owner, repository.name),
       countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
       repository,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount))
+      hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
   })
 
-  ajaxGet("/:owner/:repository/issues/labels/new")(collaboratorsOnly { repository =>
+  ajaxGet("/:owner/:repository/issues/labels/new")(writableUsersOnly { repository =>
     html.edit(None, repository)
   })
 
-  ajaxPost("/:owner/:repository/issues/labels/new", labelForm)(collaboratorsOnly { (form, repository) =>
+  ajaxPost("/:owner/:repository/issues/labels/new", labelForm)(writableUsersOnly { (form, repository) =>
     val labelId = createLabel(repository.owner, repository.name, form.labelName, form.color.substring(1))
     html.label(
       getLabel(repository.owner, repository.name, labelId).get,
       // TODO futility
       countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
       repository,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount))
+      hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
   })
 
-  ajaxGet("/:owner/:repository/issues/labels/:labelId/edit")(collaboratorsOnly { repository =>
+  ajaxGet("/:owner/:repository/issues/labels/:labelId/edit")(writableUsersOnly { repository =>
     getLabel(repository.owner, repository.name, params("labelId").toInt).map { label =>
       html.edit(Some(label), repository)
     } getOrElse NotFound()
   })
 
-  ajaxPost("/:owner/:repository/issues/labels/:labelId/edit", labelForm)(collaboratorsOnly { (form, repository) =>
+  ajaxPost("/:owner/:repository/issues/labels/:labelId/edit", labelForm)(writableUsersOnly { (form, repository) =>
     updateLabel(repository.owner, repository.name, params("labelId").toInt, form.labelName, form.color.substring(1))
     html.label(
       getLabel(repository.owner, repository.name, params("labelId").toInt).get,
       // TODO futility
       countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
       repository,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount))
+      hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
   })
 
-  ajaxPost("/:owner/:repository/issues/labels/:labelId/delete")(collaboratorsOnly { repository =>
+  ajaxPost("/:owner/:repository/issues/labels/:labelId/delete")(writableUsersOnly { repository =>
     deleteLabel(repository.owner, repository.name, params("labelId").toInt)
     Ok()
   })

src/main/scala/gitbucket/core/controller/MilestonesController.scala

@@ -2,17 +2,17 @@ package gitbucket.core.controller
 
 import gitbucket.core.issues.milestones.html
 import gitbucket.core.service.{RepositoryService, MilestonesService, AccountService}
-import gitbucket.core.util.{ReferrerAuthenticator, CollaboratorsAuthenticator}
+import gitbucket.core.util.{ReferrerAuthenticator, WritableUsersAuthenticator}
 import gitbucket.core.util.Implicits._
 import io.github.gitbucket.scalatra.forms._
 
 class MilestonesController extends MilestonesControllerBase
   with MilestonesService with RepositoryService with AccountService
-  with ReferrerAuthenticator with CollaboratorsAuthenticator
+  with ReferrerAuthenticator with WritableUsersAuthenticator
 
 trait MilestonesControllerBase extends ControllerBase {
   self: MilestonesService with RepositoryService
-    with ReferrerAuthenticator with CollaboratorsAuthenticator  =>
+    with ReferrerAuthenticator with WritableUsersAuthenticator  =>
 
   case class MilestoneForm(title: String, description: Option[String], dueDate: Option[java.util.Date])
 
@@ -27,58 +27,58 @@ trait MilestonesControllerBase extends ControllerBase {
       params.getOrElse("state", "open"),
       getMilestonesWithIssueCount(repository.owner, repository.name),
       repository,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount))
+      hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
   })
 
-  get("/:owner/:repository/issues/milestones/new")(collaboratorsOnly {
+  get("/:owner/:repository/issues/milestones/new")(writableUsersOnly {
     html.edit(None, _)
   })
 
-  post("/:owner/:repository/issues/milestones/new", milestoneForm)(collaboratorsOnly { (form, repository) =>
+  post("/:owner/:repository/issues/milestones/new", milestoneForm)(writableUsersOnly { (form, repository) =>
     createMilestone(repository.owner, repository.name, form.title, form.description, form.dueDate)
     redirect(s"/${repository.owner}/${repository.name}/issues/milestones")
   })
 
-  get("/:owner/:repository/issues/milestones/:milestoneId/edit")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/issues/milestones/:milestoneId/edit")(writableUsersOnly { repository =>
     params("milestoneId").toIntOpt.map{ milestoneId =>
       html.edit(getMilestone(repository.owner, repository.name, milestoneId), repository)
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
-  post("/:owner/:repository/issues/milestones/:milestoneId/edit", milestoneForm)(collaboratorsOnly { (form, repository) =>
+  post("/:owner/:repository/issues/milestones/:milestoneId/edit", milestoneForm)(writableUsersOnly { (form, repository) =>
     params("milestoneId").toIntOpt.flatMap{ milestoneId =>
       getMilestone(repository.owner, repository.name, milestoneId).map { milestone =>
         updateMilestone(milestone.copy(title = form.title, description = form.description, dueDate = form.dueDate))
         redirect(s"/${repository.owner}/${repository.name}/issues/milestones")
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
-  get("/:owner/:repository/issues/milestones/:milestoneId/close")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/issues/milestones/:milestoneId/close")(writableUsersOnly { repository =>
     params("milestoneId").toIntOpt.flatMap{ milestoneId =>
       getMilestone(repository.owner, repository.name, milestoneId).map { milestone =>
         closeMilestone(milestone)
         redirect(s"/${repository.owner}/${repository.name}/issues/milestones")
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
-  get("/:owner/:repository/issues/milestones/:milestoneId/open")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/issues/milestones/:milestoneId/open")(writableUsersOnly { repository =>
     params("milestoneId").toIntOpt.flatMap{ milestoneId =>
       getMilestone(repository.owner, repository.name, milestoneId).map { milestone =>
         openMilestone(milestone)
         redirect(s"/${repository.owner}/${repository.name}/issues/milestones")
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
-  get("/:owner/:repository/issues/milestones/:milestoneId/delete")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/issues/milestones/:milestoneId/delete")(writableUsersOnly { repository =>
     params("milestoneId").toIntOpt.flatMap{ milestoneId =>
       getMilestone(repository.owner, repository.name, milestoneId).map { milestone =>
         deleteMilestone(repository.owner, repository.name, milestone.milestoneId)
         redirect(s"/${repository.owner}/${repository.name}/issues/milestones")
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
 }

src/main/scala/gitbucket/core/controller/PullRequestsController.scala

@@ -6,36 +6,32 @@ import gitbucket.core.service.CommitStatusService
 import gitbucket.core.service.MergeService
 import gitbucket.core.service.IssuesService._
 import gitbucket.core.service.PullRequestService._
+import gitbucket.core.service.RepositoryService.RepositoryInfo
 import gitbucket.core.service._
 import gitbucket.core.util.ControlUtil._
 import gitbucket.core.util.Directory._
 import gitbucket.core.util.Implicits._
-import gitbucket.core.util.JGitUtil._
 import gitbucket.core.util._
-import gitbucket.core.view
-import gitbucket.core.view.helpers
-
 import io.github.gitbucket.scalatra.forms._
 import org.eclipse.jgit.api.Git
 import org.eclipse.jgit.lib.PersonIdent
-import org.slf4j.LoggerFactory
 
 import scala.collection.JavaConverters._
 
 
 class PullRequestsController extends PullRequestsControllerBase
   with RepositoryService with AccountService with IssuesService with PullRequestService with MilestonesService with LabelsService
-  with CommitsService with ActivityService with WebHookPullRequestService with ReferrerAuthenticator with CollaboratorsAuthenticator
+  with CommitsService with ActivityService with WebHookPullRequestService
+  with ReadableUsersAuthenticator with ReferrerAuthenticator with WritableUsersAuthenticator
   with CommitStatusService with MergeService with ProtectedBranchService
 
 
 trait PullRequestsControllerBase extends ControllerBase {
   self: RepositoryService with AccountService with IssuesService with MilestonesService with LabelsService
-    with CommitsService with ActivityService with PullRequestService with WebHookPullRequestService with ReferrerAuthenticator with CollaboratorsAuthenticator
+    with CommitsService with ActivityService with PullRequestService with WebHookPullRequestService
+    with ReadableUsersAuthenticator with ReferrerAuthenticator with WritableUsersAuthenticator
     with CommitStatusService with MergeService with ProtectedBranchService =>
 
-  private val logger = LoggerFactory.getLogger(classOf[PullRequestsControllerBase])
-
   val pullRequestForm = mapping(
     "title"                 -> trim(label("Title"  , text(required, maxlength(100)))),
     "content"               -> trim(label("Content", optional(text()))),
@@ -94,17 +90,18 @@ trait PullRequestsControllerBase extends ControllerBase {
             (commits.flatten.map(commit => getCommitComments(owner, name, commit.id, true)).flatten.toList ::: getComments(owner, name, issueId))
               .sortWith((a, b) => a.registeredDate before b.registeredDate),
             getIssueLabels(owner, name, issueId),
-            (getCollaborators(owner, name) ::: (if(getAccountByUserName(owner).get.isGroupAccount) Nil else List(owner))).sorted,
+            getAssignableUserNames(owner, name),
             getMilestonesWithIssueCount(owner, name),
             getLabels(owner, name),
             commits,
             diffs,
-            hasWritePermission(owner, name, context.loginAccount),
+            isEditable(repository),
+            isManageable(repository),
             repository,
             flash.toMap.map(f => f._1 -> f._2.toString))
         }
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   ajaxGet("/:owner/:repository/pull/:id/mergeguide")(referrersOnly { repository =>
@@ -115,7 +112,7 @@ trait PullRequestsControllerBase extends ControllerBase {
         val hasConflict = LockUtil.lock(s"${owner}/${name}"){
           checkConflict(owner, name, pullreq.branch, issueId)
         }
-        val hasMergePermission = hasWritePermission(owner, name, context.loginAccount)
+        val hasMergePermission = hasDeveloperRole(owner, name, context.loginAccount)
         val branchProtection = getProtectedBranchInfo(owner, name, pullreq.branch)
         val mergeStatus = PullRequestService.MergeStatus(
            hasConflict         = hasConflict,
@@ -125,7 +122,7 @@ trait PullRequestsControllerBase extends ControllerBase {
            needStatusCheck     = context.loginAccount.map{ u =>
                                    branchProtection.needStatusCheck(u.userName)
                                  }.getOrElse(true),
-           hasUpdatePermission = hasWritePermission(pullreq.requestUserName, pullreq.requestRepositoryName, context.loginAccount) &&
+           hasUpdatePermission = hasDeveloperRole(pullreq.requestUserName, pullreq.requestRepositoryName, context.loginAccount) &&
                                    context.loginAccount.map{ u =>
                                      !getProtectedBranchInfo(pullreq.requestUserName, pullreq.requestRepositoryName, pullreq.requestBranch).needStatusCheck(u.userName)
                                    }.getOrElse(false),
@@ -138,10 +135,10 @@ trait PullRequestsControllerBase extends ControllerBase {
           repository,
           getRepository(pullreq.requestUserName, pullreq.requestRepositoryName).get)
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
-  get("/:owner/:repository/pull/:id/delete/*")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/pull/:id/delete/*")(writableUsersOnly { repository =>
     params("id").toIntOpt.map { issueId =>
       val branchName = multiParams("splat").head
       val userName   = context.loginAccount.get.userName
@@ -153,27 +150,27 @@ trait PullRequestsControllerBase extends ControllerBase {
       }
       createComment(repository.owner, repository.name, userName, issueId, branchName, "delete_branch")
       redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
-  post("/:owner/:repository/pull/:id/update_branch")(referrersOnly { baseRepository =>
+  post("/:owner/:repository/pull/:id/update_branch")(writableUsersOnly { baseRepository =>
     (for {
       issueId <- params("id").toIntOpt
       loginAccount <- context.loginAccount
       (issue, pullreq) <- getPullRequest(baseRepository.owner, baseRepository.name, issueId)
       owner = pullreq.requestUserName
       name  = pullreq.requestRepositoryName
-      if hasWritePermission(owner, name, context.loginAccount)
+      if hasDeveloperRole(owner, name, context.loginAccount)
     } yield {
+      val repository = getRepository(owner, name).get
       val branchProtection = getProtectedBranchInfo(owner, name, pullreq.requestBranch)
       if(branchProtection.needStatusCheck(loginAccount.userName)){
         flash += "error" -> s"branch ${pullreq.requestBranch} is protected need status check."
       } else {
-        val repository = getRepository(owner, name).get
         LockUtil.lock(s"${owner}/${name}"){
           val alias = if(pullreq.repositoryName == pullreq.requestRepositoryName && pullreq.userName == pullreq.requestUserName){
             pullreq.branch
-          }else{
+          } else {
             s"${pullreq.userName}:${pullreq.branch}"
           }
           val existIds = using(Git.open(Directory.getRepositoryDir(owner, name))) { git => JGitUtil.getAllCommitIds(git) }.toSet
@@ -187,11 +184,10 @@ trait PullRequestsControllerBase extends ControllerBase {
 
               using(Git.open(Directory.getRepositoryDir(owner, name))) { git =>
                 //  after update branch
-
                 val newCommitId = git.getRepository.resolve(s"refs/heads/${pullreq.requestBranch}")
                 val commits = git.log.addRange(oldId, newCommitId).call.iterator.asScala.map(c => new JGitUtil.CommitInfo(c)).toList
 
-                commits.foreach{ commit =>
+                commits.foreach { commit =>
                   if(!existIds.contains(commit.id)){
                     createIssueComment(owner, name, commit)
                   }
@@ -220,12 +216,13 @@ trait PullRequestsControllerBase extends ControllerBase {
               flash += "info" -> s"Merge branch '${alias}' into ${pullreq.requestBranch}"
           }
         }
-        redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
       }
-    }) getOrElse NotFound
+      redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
+
+    }) getOrElse NotFound()
   })
 
-  post("/:owner/:repository/pull/:id/merge", mergeForm)(collaboratorsOnly { (form, repository) =>
+  post("/:owner/:repository/pull/:id/merge", mergeForm)(writableUsersOnly { (form, repository) =>
     params("id").toIntOpt.flatMap { issueId =>
       val owner = repository.owner
       val name  = repository.name
@@ -273,7 +270,7 @@ trait PullRequestsControllerBase extends ControllerBase {
           }
         }
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   get("/:owner/:repository/compare")(referrersOnly { forkedRepository =>
@@ -290,7 +287,7 @@ trait PullRequestsControllerBase extends ControllerBase {
 
             redirect(s"/${forkedRepository.owner}/${forkedRepository.name}/compare/${originUserName}:${oldBranch}...${newBranch}")
           }
-        } getOrElse NotFound
+        } getOrElse NotFound()
       }
       case _ => {
         using(Git.open(getRepositoryDir(forkedRepository.owner, forkedRepository.name))){ git =>
@@ -371,11 +368,12 @@ trait PullRequestsControllerBase extends ControllerBase {
               forkedId,
               oldId.getName,
               newId.getName,
+              getContentTemplate(originRepository, "PULL_REQUEST_TEMPLATE"),
               forkedRepository,
               originRepository,
               forkedRepository,
-              hasWritePermission(originRepository.owner, originRepository.name, context.loginAccount),
-              (getCollaborators(originRepository.owner, originRepository.name) ::: (if(getAccountByUserName(originRepository.owner).get.isGroupAccount) Nil else List(originRepository.owner))).sorted,
+              hasDeveloperRole(originRepository.owner, originRepository.name, context.loginAccount),
+              getAssignableUserNames(originRepository.owner, originRepository.name),
               getMilestones(originRepository.owner, originRepository.name),
               getLabels(originRepository.owner, originRepository.name)
             )
@@ -386,10 +384,10 @@ trait PullRequestsControllerBase extends ControllerBase {
                      s"${forkedOwner}:${newId.map(_ => forkedId).getOrElse(forkedRepository.repository.defaultBranch)}")
         }
       }
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
   })
 
-  ajaxGet("/:owner/:repository/compare/*...*/mergecheck")(collaboratorsOnly { forkedRepository =>
+  ajaxGet("/:owner/:repository/compare/*...*/mergecheck")(readableUsersOnly { forkedRepository =>
     val Seq(origin, forked) = multiParams("splat")
     val (originOwner, tmpOriginBranch) = parseCompareIdentifie(origin, forkedRepository.owner)
     val (forkedOwner, tmpForkedBranch) = parseCompareIdentifie(forked, forkedRepository.owner)
@@ -416,67 +414,71 @@ trait PullRequestsControllerBase extends ControllerBase {
         }
         html.mergecheck(conflict)
       }
-    }) getOrElse NotFound
+    }) getOrElse NotFound()
   })
 
-  post("/:owner/:repository/pulls/new", pullRequestForm)(referrersOnly { (form, repository) =>
+  post("/:owner/:repository/pulls/new", pullRequestForm)(readableUsersOnly { (form, repository) =>
     defining(repository.owner, repository.name){ case (owner, name) =>
-      val writable = hasWritePermission(owner, name, context.loginAccount)
-      val loginUserName = context.loginAccount.get.userName
+      val manageable = isManageable(repository)
+      val editable = isEditable(repository)
 
-      val issueId = createIssue(
-        owner            = repository.owner,
-        repository       = repository.name,
-        loginUser        = loginUserName,
-        title            = form.title,
-        content          = form.content,
-        assignedUserName = if(writable) form.assignedUserName else None,
-        milestoneId      = if(writable) form.milestoneId else None,
-        isPullRequest    = true)
+      if(editable) {
+        val loginUserName = context.loginAccount.get.userName
 
-      createPullRequest(
-        originUserName        = repository.owner,
-        originRepositoryName  = repository.name,
-        issueId               = issueId,
-        originBranch          = form.targetBranch,
-        requestUserName       = form.requestUserName,
-        requestRepositoryName = form.requestRepositoryName,
-        requestBranch         = form.requestBranch,
-        commitIdFrom          = form.commitIdFrom,
-        commitIdTo            = form.commitIdTo)
+        val issueId = insertIssue(
+          owner = repository.owner,
+          repository = repository.name,
+          loginUser = loginUserName,
+          title = form.title,
+          content = form.content,
+          assignedUserName = if (manageable) form.assignedUserName else None,
+          milestoneId = if (manageable) form.milestoneId else None,
+          isPullRequest = true)
 
-      // insert labels
-      if(writable){
-        form.labelNames.map { value =>
-          val labels = getLabels(owner, name)
-          value.split(",").foreach { labelName =>
-            labels.find(_.labelName == labelName).map { label =>
-              registerIssueLabel(repository.owner, repository.name, issueId, label.labelId)
+        createPullRequest(
+          originUserName = repository.owner,
+          originRepositoryName = repository.name,
+          issueId = issueId,
+          originBranch = form.targetBranch,
+          requestUserName = form.requestUserName,
+          requestRepositoryName = form.requestRepositoryName,
+          requestBranch = form.requestBranch,
+          commitIdFrom = form.commitIdFrom,
+          commitIdTo = form.commitIdTo)
+
+        // insert labels
+        if (manageable) {
+          form.labelNames.map { value =>
+            val labels = getLabels(owner, name)
+            value.split(",").foreach { labelName =>
+              labels.find(_.labelName == labelName).map { label =>
+                registerIssueLabel(repository.owner, repository.name, issueId, label.labelId)
+              }
             }
           }
         }
-      }
 
-      // fetch requested branch
-      fetchAsPullRequest(owner, name, form.requestUserName, form.requestRepositoryName, form.requestBranch, issueId)
+        // fetch requested branch
+        fetchAsPullRequest(owner, name, form.requestUserName, form.requestRepositoryName, form.requestBranch, issueId)
 
-      // record activity
-      recordPullRequestActivity(owner, name, loginUserName, issueId, form.title)
+        // record activity
+        recordPullRequestActivity(owner, name, loginUserName, issueId, form.title)
 
-      // call web hook
-      callPullRequestWebHook("opened", repository, issueId, context.baseUrl, context.loginAccount.get)
+        // call web hook
+        callPullRequestWebHook("opened", repository, issueId, context.baseUrl, context.loginAccount.get)
 
-      getIssue(owner, name, issueId.toString) foreach { issue =>
-        // extract references and create refer comment
-        createReferComment(owner, name, issue, form.title + " " + form.content.getOrElse(""), context.loginAccount.get)
+        getIssue(owner, name, issueId.toString) foreach { issue =>
+          // extract references and create refer comment
+          createReferComment(owner, name, issue, form.title + " " + form.content.getOrElse(""), context.loginAccount.get)
 
-        // notifications
-        Notifier().toNotify(repository, issue, form.content.getOrElse("")){
-          Notifier.msgPullRequest(s"${context.baseUrl}/${owner}/${name}/pull/${issueId}")
+          // notifications
+          Notifier().toNotify(repository, issue, form.content.getOrElse("")) {
+            Notifier.msgPullRequest(s"${context.baseUrl}/${owner}/${name}/pull/${issueId}")
+          }
         }
-      }
 
-      redirect(s"/${owner}/${name}/pull/${issueId}")
+        redirect(s"/${owner}/${name}/pull/${issueId}")
+      } else Unauthorized()
     }
   })
 
@@ -494,53 +496,45 @@ trait PullRequestsControllerBase extends ControllerBase {
       (defaultOwner, value)
     }
 
-  private def getRequestCompareInfo(userName: String, repositoryName: String, branch: String,
-      requestUserName: String, requestRepositoryName: String, requestCommitId: String): (Seq[Seq[CommitInfo]], Seq[DiffInfo]) =
-    using(
-      Git.open(getRepositoryDir(userName, repositoryName)),
-      Git.open(getRepositoryDir(requestUserName, requestRepositoryName))
-    ){ (oldGit, newGit) =>
-      val oldId = oldGit.getRepository.resolve(branch)
-      val newId = newGit.getRepository.resolve(requestCommitId)
-
-      val commits = newGit.log.addRange(oldId, newId).call.iterator.asScala.map { revCommit =>
-        new CommitInfo(revCommit)
-      }.toList.splitWith { (commit1, commit2) =>
-        helpers.date(commit1.commitTime) == view.helpers.date(commit2.commitTime)
-      }
-
-      val diffs = JGitUtil.getDiffs(newGit, oldId.getName, newId.getName, true)
-
-      (commits, diffs)
-    }
-
   private def searchPullRequests(userName: Option[String], repository: RepositoryService.RepositoryInfo) =
     defining(repository.owner, repository.name){ case (owner, repoName) =>
-      val page       = IssueSearchCondition.page(request)
-      val sessionKey = Keys.Session.Pulls(owner, repoName)
+      val page = IssueSearchCondition.page(request)
 
       // retrieve search condition
-      val condition = session.putAndGet(sessionKey,
-        if(request.hasQueryString) IssueSearchCondition(request)
-        else session.getAs[IssueSearchCondition](sessionKey).getOrElse(IssueSearchCondition())
-      )
+      val condition = IssueSearchCondition(request)
 
       gitbucket.core.issues.html.list(
         "pulls",
         searchIssue(condition, true, (page - 1) * PullRequestLimit, PullRequestLimit, owner -> repoName),
         page,
-        if(!getAccountByUserName(owner).exists(_.isGroupAccount)){
-          (getCollaborators(owner, repoName) :+ owner).sorted
-        } else {
-          getCollaborators(owner, repoName)
-        },
+        getAssignableUserNames(owner, repoName),
         getMilestones(owner, repoName),
         getLabels(owner, repoName),
         countIssue(condition.copy(state = "open"  ), true, owner -> repoName),
         countIssue(condition.copy(state = "closed"), true, owner -> repoName),
         condition,
         repository,
-        hasWritePermission(owner, repoName, context.loginAccount))
+        isEditable(repository),
+        isManageable(repository))
     }
 
+  /**
+   * Tests whether an logged-in user can manage pull requests.
+   */
+  private def isManageable(repository: RepositoryInfo)(implicit context: Context): Boolean = {
+    hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
+  }
+
+  /**
+   * Tests whether an logged-in user can post pull requests.
+   */
+  private def isEditable(repository: RepositoryInfo)(implicit context: Context): Boolean = {
+    repository.repository.options.issuesOption match {
+      case "ALL"     => !repository.repository.isPrivate && context.loginAccount.isDefined
+      case "PUBLIC"  => hasGuestRole(repository.owner, repository.name, context.loginAccount)
+      case "PRIVATE" => hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
+      case "DISABLE" => false
+    }
+  }
+
 }

src/main/scala/gitbucket/core/controller/RepositorySettingsController.scala

@@ -31,22 +31,22 @@ trait RepositorySettingsControllerBase extends ControllerBase {
     repositoryName: String,
     description: Option[String],
     isPrivate: Boolean,
-    enableIssues: Boolean,
+    issuesOption: String,
     externalIssuesUrl: Option[String],
-    enableWiki: Boolean,
-    allowWikiEditing: Boolean,
-    externalWikiUrl: Option[String]
+    wikiOption: String,
+    externalWikiUrl: Option[String],
+    allowFork: Boolean
   )
   
   val optionsForm = mapping(
-    "repositoryName"    -> trim(label("Repository Name"    , text(required, maxlength(40), identifier, renameRepositoryName))),
+    "repositoryName"    -> trim(label("Repository Name"    , text(required, maxlength(100), identifier, renameRepositoryName))),
     "description"       -> trim(label("Description"        , optional(text()))),
     "isPrivate"         -> trim(label("Repository Type"    , boolean())),
-    "enableIssues"      -> trim(label("Enable Issues"      , boolean())),
+    "issuesOption"      -> trim(label("Issues Option"      , text(required, featureOption))),
     "externalIssuesUrl" -> trim(label("External Issues URL", optional(text(maxlength(200))))),
-    "enableWiki"        -> trim(label("Enable Wiki"        , boolean())),
-    "allowWikiEditing"  -> trim(label("Allow Wiki Editing" , boolean())),
-    "externalWikiUrl"   -> trim(label("External Wiki URL"  , optional(text(maxlength(200)))))
+    "wikiOption"        -> trim(label("Wiki Option"        , text(required, featureOption))),
+    "externalWikiUrl"   -> trim(label("External Wiki URL"  , optional(text(maxlength(200))))),
+    "allowFork"         -> trim(label("Allow Forking"      , boolean()))
   )(OptionsForm.apply)
 
   // for default branch
@@ -56,12 +56,12 @@ trait RepositorySettingsControllerBase extends ControllerBase {
     "defaultBranch"  -> trim(label("Default Branch" , text(required, maxlength(100))))
   )(DefaultBranchForm.apply)
 
-  // for collaborator addition
-  case class CollaboratorForm(userName: String)
-
-  val collaboratorForm = mapping(
-    "userName" -> trim(label("Username", text(required, collaborator)))
-  )(CollaboratorForm.apply)
+//  // for collaborator addition
+//  case class CollaboratorForm(userName: String)
+//
+//  val collaboratorForm = mapping(
+//    "userName" -> trim(label("Username", text(required, collaborator)))
+//  )(CollaboratorForm.apply)
 
   // for web hook url addition
   case class WebHookForm(url: String, events: Set[WebHook.Event], ctype: WebHookContentType, token: Option[String])
@@ -107,11 +107,11 @@ trait RepositorySettingsControllerBase extends ControllerBase {
       repository.repository.parentUserName.map { _ =>
         repository.repository.isPrivate
       } getOrElse form.isPrivate,
-      form.enableIssues,
+      form.issuesOption,
       form.externalIssuesUrl,
-      form.enableWiki,
-      form.allowWikiEditing,
-      form.externalWikiUrl
+      form.wikiOption,
+      form.externalWikiUrl,
+      form.allowFork
     )
     // Change repository name
     if(repository.name != form.repositoryName){
@@ -119,12 +119,24 @@ trait RepositorySettingsControllerBase extends ControllerBase {
       renameRepository(repository.owner, repository.name, repository.owner, form.repositoryName)
       // Move git repository
       defining(getRepositoryDir(repository.owner, repository.name)){ dir =>
-        FileUtils.moveDirectory(dir, getRepositoryDir(repository.owner, form.repositoryName))
+        if(dir.isDirectory){
+          FileUtils.moveDirectory(dir, getRepositoryDir(repository.owner, form.repositoryName))
+        }
       }
       // Move wiki repository
       defining(getWikiRepositoryDir(repository.owner, repository.name)){ dir =>
-        FileUtils.moveDirectory(dir, getWikiRepositoryDir(repository.owner, form.repositoryName))
+        if(dir.isDirectory) {
+          FileUtils.moveDirectory(dir, getWikiRepositoryDir(repository.owner, form.repositoryName))
+        }
       }
+      // Move lfs directory
+      defining(getLfsDir(repository.owner, repository.name)){ dir =>
+        if(dir.isDirectory) {
+          FileUtils.moveDirectory(dir, getLfsDir(repository.owner, form.repositoryName))
+        }
+      }
+      // Delete parent directory
+      FileUtil.deleteDirectoryIfEmpty(getRepositoryFilesDir(repository.owner, repository.name))
     }
     flash += "info" -> "Repository settings has been updated."
     redirect(s"/${repository.owner}/${form.repositoryName}/settings/options")
@@ -175,22 +187,12 @@ trait RepositorySettingsControllerBase extends ControllerBase {
       repository)
   })
 
-  /**
-   * Add the collaborator.
-   */
-  post("/:owner/:repository/settings/collaborators/add", collaboratorForm)(ownerOnly { (form, repository) =>
-    if(!getAccountByUserName(repository.owner).get.isGroupAccount){
-      addCollaborator(repository.owner, repository.name, form.userName)
-    }
-    redirect(s"/${repository.owner}/${repository.name}/settings/collaborators")
-  })
-
-  /**
-   * Add the collaborator.
-   */
-  get("/:owner/:repository/settings/collaborators/remove")(ownerOnly { repository =>
-    if(!getAccountByUserName(repository.owner).get.isGroupAccount){
-      removeCollaborator(repository.owner, repository.name, params("name"))
+  post("/:owner/:repository/settings/collaborators")(ownerOnly { repository =>
+    val collaborators = params("collaborators")
+    removeCollaborators(repository.owner, repository.name)
+    collaborators.split(",").withFilter(_.nonEmpty).map { collaborator =>
+      val userName :: role :: Nil = collaborator.split(":").toList
+      addCollaborator(repository.owner, repository.name, userName, role)
     }
     redirect(s"/${repository.owner}/${repository.name}/settings/collaborators")
   })
@@ -248,7 +250,7 @@ trait RepositorySettingsControllerBase extends ControllerBase {
       val dummyWebHookInfo = WebHook(repository.owner, repository.name, url, ctype, token)
       val dummyPayload = {
         val ownerAccount = getAccountByUserName(repository.owner).get
-        val commits = if(repository.commitCount == 0) List.empty else git.log
+        val commits = if(JGitUtil.isEmpty(git)) List.empty else git.log
           .add(git.getRepository.resolve(repository.repository.defaultBranch))
           .setMaxCount(4)
           .call.iterator.asScala.map(new CommitInfo(_)).toList
@@ -297,7 +299,7 @@ trait RepositorySettingsControllerBase extends ControllerBase {
   get("/:owner/:repository/settings/hooks/edit")(ownerOnly { repository =>
     getWebHook(repository.owner, repository.name, params("url")).map{ case (webhook, events) =>
       html.edithooks(webhook, events, repository, flash.get("info"), false)
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   /**
@@ -327,12 +329,24 @@ trait RepositorySettingsControllerBase extends ControllerBase {
         renameRepository(repository.owner, repository.name, form.newOwner, repository.name)
         // Move git repository
         defining(getRepositoryDir(repository.owner, repository.name)){ dir =>
-          FileUtils.moveDirectory(dir, getRepositoryDir(form.newOwner, repository.name))
+          if(dir.isDirectory){
+            FileUtils.moveDirectory(dir, getRepositoryDir(form.newOwner, repository.name))
+          }
         }
         // Move wiki repository
         defining(getWikiRepositoryDir(repository.owner, repository.name)){ dir =>
-          FileUtils.moveDirectory(dir, getWikiRepositoryDir(form.newOwner, repository.name))
+          if(dir.isDirectory) {
+            FileUtils.moveDirectory(dir, getWikiRepositoryDir(form.newOwner, repository.name))
+          }
         }
+        // Move lfs directory
+        defining(getLfsDir(repository.owner, repository.name)){ dir =>
+          if(dir.isDirectory()) {
+            FileUtils.moveDirectory(dir, getLfsDir(form.newOwner, repository.name))
+          }
+        }
+        // Delere parent directory
+        FileUtil.deleteDirectoryIfEmpty(getRepositoryFilesDir(repository.owner, repository.name))
       }
     }
     redirect(s"/${form.newOwner}/${repository.name}")
@@ -348,6 +362,9 @@ trait RepositorySettingsControllerBase extends ControllerBase {
       FileUtils.deleteDirectory(getRepositoryDir(repository.owner, repository.name))
       FileUtils.deleteDirectory(getWikiRepositoryDir(repository.owner, repository.name))
       FileUtils.deleteDirectory(getTemporaryDir(repository.owner, repository.name))
+      val lfsDir = getLfsDir(repository.owner, repository.name)
+      FileUtils.deleteDirectory(lfsDir)
+      FileUtil.deleteDirectoryIfEmpty(lfsDir.getParentFile())
     }
     redirect(s"/${repository.owner}")
   })
@@ -394,20 +411,20 @@ trait RepositorySettingsControllerBase extends ControllerBase {
     }
   }
 
-  /**
-   * Provides Constraint to validate the collaborator name.
-   */
-  private def collaborator: Constraint = new Constraint(){
-    override def validate(name: String, value: String, messages: Messages): Option[String] =
-      getAccountByUserName(value) match {
-        case None => Some("User does not exist.")
-        case Some(x) if(x.isGroupAccount)
-                  => Some("User does not exist.")
-        case Some(x) if(x.userName == params("owner") || getCollaborators(params("owner"), params("repository")).contains(x.userName))
-                  => Some("User can access this repository already.")
-        case _    => None
-      }
-  }
+//  /**
+//   * Provides Constraint to validate the collaborator name.
+//   */
+//  private def collaborator: Constraint = new Constraint(){
+//    override def validate(name: String, value: String, messages: Messages): Option[String] =
+//      getAccountByUserName(value) match {
+//        case None => Some("User does not exist.")
+////        case Some(x) if(x.isGroupAccount)
+////                  => Some("User does not exist.")
+//        case Some(x) if(x.userName == params("owner") || getCollaborators(params("owner"), params("repository")).contains(x.userName))
+//                  => Some(value + " is repository owner.") // TODO also group members?
+//        case _    => None
+//      }
+//  }
 
   /**
    * Duplicate check for the rename repository name.
@@ -421,6 +438,15 @@ trait RepositorySettingsControllerBase extends ControllerBase {
       }
   }
 
+  /**
+   *
+   */
+  private def featureOption: Constraint = new Constraint(){
+    override def validate(name: String, value: String, params: Map[String, String], messages: Messages): Option[String] =
+      if(Seq("DISABLE", "PRIVATE", "PUBLIC", "ALL").contains(value)) None else Some("Option is invalid.")
+  }
+
+
   /**
    * Provides Constraint to validate the repository transfer user.
    */

src/main/scala/gitbucket/core/controller/RepositoryViewerController.scala

@@ -1,6 +1,7 @@
 package gitbucket.core.controller
 
-import javax.servlet.http.{HttpServletResponse, HttpServletRequest}
+import java.io.FileInputStream
+import javax.servlet.http.{HttpServletRequest, HttpServletResponse}
 
 import gitbucket.core.plugin.PluginRegistry
 import gitbucket.core.repo.html
@@ -16,9 +17,8 @@ import gitbucket.core.model.{Account, WebHook}
 import gitbucket.core.service.WebHookService._
 import gitbucket.core.view
 import gitbucket.core.view.helpers
-
 import io.github.gitbucket.scalatra.forms._
-import org.apache.commons.io.FileUtils
+import org.apache.commons.io.IOUtils
 import org.eclipse.jgit.api.{ArchiveCommand, Git}
 import org.eclipse.jgit.archive.{TgzFormat, ZipFormat}
 import org.eclipse.jgit.dircache.DirCache
@@ -31,7 +31,7 @@ import org.scalatra._
 
 class RepositoryViewerController extends RepositoryViewerControllerBase
   with RepositoryService with AccountService with ActivityService with IssuesService with WebHookService with CommitsService
-  with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with CommitStatusService
+  with ReadableUsersAuthenticator with ReferrerAuthenticator with WritableUsersAuthenticator with PullRequestService with CommitStatusService
   with WebHookPullRequestService with WebHookPullRequestReviewCommentService with ProtectedBranchService
 
 /**
@@ -39,7 +39,7 @@ class RepositoryViewerController extends RepositoryViewerControllerBase
  */
 trait RepositoryViewerControllerBase extends ControllerBase {
   self: RepositoryService with AccountService with ActivityService with IssuesService with WebHookService with CommitsService
-    with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with CommitStatusService
+    with ReadableUsersAuthenticator with ReferrerAuthenticator with WritableUsersAuthenticator with PullRequestService with CommitStatusService
     with WebHookPullRequestService with WebHookPullRequestReviewCommentService with ProtectedBranchService =>
 
   ArchiveCommand.registerFormat("zip", new ZipFormat)
@@ -102,30 +102,47 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    */
   post("/:owner/:repository/_preview")(referrersOnly { repository =>
     contentType = "text/html"
-    helpers.markdown(
-      markdown = params("content"),
-      repository = repository,
-      enableWikiLink = params("enableWikiLink").toBoolean,
-      enableRefsLink = params("enableRefsLink").toBoolean,
-      enableLineBreaks = params("enableLineBreaks").toBoolean,
-      enableTaskList = params("enableTaskList").toBoolean,
-      enableAnchor = false,
-      hasWritePermission = hasWritePermission(repository.owner, repository.name, context.loginAccount)
-    )
+    val filename = params.get("filename")
+    filename match {
+      case Some(f) => helpers.renderMarkup(
+          filePath = List(f),
+          fileContent = params("content"),
+          branch = "master",
+          repository = repository,
+          enableWikiLink = params("enableWikiLink").toBoolean,
+          enableRefsLink = params("enableRefsLink").toBoolean,
+          enableAnchor = false
+        )
+      case None => helpers.markdown(
+          markdown = params("content"),
+          repository = repository,
+          enableWikiLink = params("enableWikiLink").toBoolean,
+          enableRefsLink = params("enableRefsLink").toBoolean,
+          enableLineBreaks = params("enableLineBreaks").toBoolean,
+          enableTaskList = params("enableTaskList").toBoolean,
+          enableAnchor = false,
+          hasWritePermission = hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
+        )
+    }
   })
 
   /**
    * Displays the file list of the repository root and the default branch.
    */
-  get("/:owner/:repository")(referrersOnly {
-    fileList(_)
-  })
+  get("/:owner/:repository") {
+    params.get("go-get") match {
+      case Some("1") => defining(request.paths){ paths =>
+        getRepository(paths(0), paths(1)).map(gitbucket.core.html.goget(_))getOrElse NotFound()
+      }
+      case _ => referrersOnly(fileList(_))
+    }
+  }
 
   /**
    * Displays the file list of the specified path and branch.
    */
   get("/:owner/:repository/tree/*")(referrersOnly { repository =>
-    val (id, path) = splitPath(repository, multiParams("splat").head)
+    val (id, path) = repository.splitPath(multiParams("splat").head)
     if(path.isEmpty){
       fileList(repository, id)
     } else {
@@ -137,7 +154,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    * Displays the commit list of the specified resource.
    */
   get("/:owner/:repository/commits/*")(referrersOnly { repository =>
-    val (branchName, path) = splitPath(repository, multiParams("splat").head)
+    val (branchName, path) = repository.splitPath(multiParams("splat").head)
     val page = params.get("page").flatMap(_.toIntOpt).getOrElse(1)
 
     using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
@@ -146,22 +163,22 @@ trait RepositoryViewerControllerBase extends ControllerBase {
           html.commits(if(path.isEmpty) Nil else path.split("/").toList, branchName, repository,
             logs.splitWith{ (commit1, commit2) =>
               view.helpers.date(commit1.commitTime) == view.helpers.date(commit2.commitTime)
-            }, page, hasNext, hasWritePermission(repository.owner, repository.name, context.loginAccount))
-        case Left(_) => NotFound
+            }, page, hasNext, hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
+        case Left(_) => NotFound()
       }
     }
   })
 
-  get("/:owner/:repository/new/*")(collaboratorsOnly { repository =>
-    val (branch, path) = splitPath(repository, multiParams("splat").head)
+  get("/:owner/:repository/new/*")(writableUsersOnly { repository =>
+    val (branch, path) = repository.splitPath(multiParams("splat").head)
     val protectedBranch = getProtectedBranchInfo(repository.owner, repository.name, branch).needStatusCheck(context.loginAccount.get.userName)
     html.editor(branch, repository, if(path.length == 0) Nil else path.split("/").toList,
-      None, JGitUtil.ContentInfo("text", None, Some("UTF-8")),
+      None, JGitUtil.ContentInfo("text", None, None, Some("UTF-8")),
       protectedBranch)
   })
 
-  get("/:owner/:repository/edit/*")(collaboratorsOnly { repository =>
-    val (branch, path) = splitPath(repository, multiParams("splat").head)
+  get("/:owner/:repository/edit/*")(writableUsersOnly { repository =>
+    val (branch, path) = repository.splitPath(multiParams("splat").head)
     val protectedBranch = getProtectedBranchInfo(repository.owner, repository.name, branch).needStatusCheck(context.loginAccount.get.userName)
 
     using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
@@ -172,12 +189,12 @@ trait RepositoryViewerControllerBase extends ControllerBase {
         html.editor(branch, repository, paths.take(paths.size - 1).toList, Some(paths.last),
           JGitUtil.getContentInfo(git, path, objectId),
           protectedBranch)
-      } getOrElse NotFound
+      } getOrElse NotFound()
     }
   })
 
-  get("/:owner/:repository/remove/*")(collaboratorsOnly { repository =>
-    val (branch, path) = splitPath(repository, multiParams("splat").head)
+  get("/:owner/:repository/remove/*")(writableUsersOnly { repository =>
+    val (branch, path) = repository.splitPath(multiParams("splat").head)
     using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
       val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(branch))
 
@@ -185,11 +202,11 @@ trait RepositoryViewerControllerBase extends ControllerBase {
         val paths = path.split("/")
         html.delete(branch, repository, paths.take(paths.size - 1).toList, paths.last,
           JGitUtil.getContentInfo(git, path, objectId))
-      } getOrElse NotFound
+      } getOrElse NotFound()
     }
   })
 
-  post("/:owner/:repository/create", editorForm)(collaboratorsOnly { (form, repository) =>
+  post("/:owner/:repository/create", editorForm)(writableUsersOnly { (form, repository) =>
     commitFile(
       repository  = repository,
       branch      = form.branch,
@@ -206,7 +223,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
     }")
   })
 
-  post("/:owner/:repository/update", editorForm)(collaboratorsOnly { (form, repository) =>
+  post("/:owner/:repository/update", editorForm)(writableUsersOnly { (form, repository) =>
     commitFile(
       repository  = repository,
       branch      = form.branch,
@@ -227,7 +244,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
     }")
   })
 
-  post("/:owner/:repository/remove", deleteForm)(collaboratorsOnly { (form, repository) =>
+  post("/:owner/:repository/remove", deleteForm)(writableUsersOnly { (form, repository) =>
     commitFile(repository, form.branch, form.path, None, Some(form.fileName), "", "",
       form.message.getOrElse(s"Delete ${form.fileName}"))
 
@@ -235,17 +252,13 @@ trait RepositoryViewerControllerBase extends ControllerBase {
   })
 
   get("/:owner/:repository/raw/*")(referrersOnly { repository =>
-    val (id, path) = splitPath(repository, multiParams("splat").head)
+    val (id, path) = repository.splitPath(multiParams("splat").head)
     using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
       val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(id))
-      getPathObjectId(git, path, revCommit).flatMap { objectId =>
-        JGitUtil.getObjectLoaderFromId(git, objectId){ loader =>
-          contentType = FileUtil.getMimeType(path)
-          response.setContentLength(loader.getSize.toInt)
-          loader.copyTo(response.outputStream)
-          ()
-        }
-      } getOrElse NotFound
+
+      getPathObjectId(git, path, revCommit).map { objectId =>
+        responseRawFile(git, objectId, path, repository)
+      } getOrElse NotFound()
     }
   })
 
@@ -253,30 +266,64 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    * Displays the file content of the specified branch or commit.
    */
   val blobRoute = get("/:owner/:repository/blob/*")(referrersOnly { repository =>
-    val (id, path) = splitPath(repository, multiParams("splat").head)
+    val (id, path) = repository.splitPath(multiParams("splat").head)
     val raw = params.get("raw").getOrElse("false").toBoolean
     using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
       val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(id))
       getPathObjectId(git, path, revCommit).map { objectId =>
         if(raw){
           // Download (This route is left for backword compatibility)
-          JGitUtil.getObjectLoaderFromId(git, objectId){ loader =>
-            contentType = FileUtil.getMimeType(path)
-            response.setContentLength(loader.getSize.toInt)
-            loader.copyTo(response.outputStream)
-            ()
-          } getOrElse NotFound
+          responseRawFile(git, objectId, path, repository)
         } else {
           html.blob(id, repository, path.split("/").toList,
             JGitUtil.getContentInfo(git, path, objectId),
             new JGitUtil.CommitInfo(JGitUtil.getLastModifiedCommit(git, revCommit, path)),
-            hasWritePermission(repository.owner, repository.name, context.loginAccount),
-            request.paths(2) == "blame")
+            hasDeveloperRole(repository.owner, repository.name, context.loginAccount),
+            request.paths(2) == "blame",
+            isLfsFile(git, objectId))
         }
-      } getOrElse NotFound
+      } getOrElse NotFound()
     }
   })
 
+  private def isLfsFile(git: Git, objectId: ObjectId): Boolean = {
+    JGitUtil.getObjectLoaderFromId(git, objectId){ loader =>
+      if(loader.isLarge){
+        false
+      } else {
+        new String(loader.getCachedBytes, "UTF-8").startsWith("version https://git-lfs.github.com/spec/v1")
+      }
+    }.getOrElse(false)
+  }
+
+  private def responseRawFile(git: Git, objectId: ObjectId, path: String,
+                              repository: RepositoryService.RepositoryInfo): Unit = {
+    JGitUtil.getObjectLoaderFromId(git, objectId){ loader =>
+      contentType = FileUtil.getMimeType(path)
+
+      if(loader.isLarge){
+        response.setContentLength(loader.getSize.toInt)
+        loader.copyTo(response.outputStream)
+      } else {
+        val bytes = loader.getCachedBytes
+        val text = new String(bytes, "UTF-8")
+
+        val attrs = JGitUtil.getLfsObjects(text)
+        if(attrs.nonEmpty) {
+          response.setContentLength(attrs("size").toInt)
+          val oid = attrs("oid").split(":")(1)
+
+          using(new FileInputStream(FileUtil.getLfsFilePath(repository.owner, repository.name, oid))){ in =>
+            IOUtils.copy(in, response.getOutputStream)
+          }
+        } else {
+          response.setContentLength(loader.getSize.toInt)
+          response.getOutputStream.write(bytes)
+        }
+      }
+    }
+  }
+
   get("/:owner/:repository/blame/*"){
     blobRoute.action()
   }
@@ -285,7 +332,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    * Blame data.
    */
   ajaxGet("/:owner/:repository/get-blame/*")(referrersOnly { repository =>
-    val (id, path) = splitPath(repository, multiParams("splat").head)
+    val (id, path) = repository.splitPath(multiParams("splat").head)
     contentType = formats("json")
     using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
       val last = git.log.add(git.getRepository.resolve(id)).addPath(path).setMaxCount(1).call.iterator.next.name
@@ -323,13 +370,13 @@ trait RepositoryViewerControllerBase extends ControllerBase {
               html.commit(id, new JGitUtil.CommitInfo(revCommit),
                 JGitUtil.getBranchesOfCommit(git, revCommit.getName),
                 JGitUtil.getTagsOfCommit(git, revCommit.getName),
-                getCommitComments(repository.owner, repository.name, id, false),
-                repository, diffs, oldCommitId, hasWritePermission(repository.owner, repository.name, context.loginAccount))
+                getCommitComments(repository.owner, repository.name, id, true),
+                repository, diffs, oldCommitId, hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
           }
         }
       }
     } catch {
-      case e:MissingObjectException => NotFound
+      case e:MissingObjectException => NotFound()
     }
   })
 
@@ -353,7 +400,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
     html.commentform(
       commitId = id,
       fileName, oldLineNumber, newLineNumber, issueId,
-      hasWritePermission = hasWritePermission(repository.owner, repository.name, context.loginAccount),
+      hasWritePermission = hasDeveloperRole(repository.owner, repository.name, context.loginAccount),
       repository = repository
     )
   })
@@ -369,15 +416,14 @@ trait RepositoryViewerControllerBase extends ControllerBase {
         callPullRequestReviewCommentWebHook("create", comment, repository, issueId, context.baseUrl, context.loginAccount.get)
       case None => recordCommentCommitActivity(repository.owner, repository.name, context.loginAccount.get.userName, id, form.content)
     }
-    helper.html.commitcomment(comment, hasWritePermission(repository.owner, repository.name, context.loginAccount), repository)
+    helper.html.commitcomment(comment, hasDeveloperRole(repository.owner, repository.name, context.loginAccount), repository)
   })
 
   ajaxGet("/:owner/:repository/commit_comments/_data/:id")(readableUsersOnly { repository =>
     getCommitComment(repository.owner, repository.name, params("id")) map { x =>
       if(isEditable(x.userName, x.repositoryName, x.commentedUserName)){
         params.get("dataType") collect {
-          case t if t == "html" => html.editcomment(
-            x.content, x.commentId, x.userName, x.repositoryName)
+          case t if t == "html" => html.editcomment(x.content, x.commentId, repository)
         } getOrElse {
           contentType = formats("json")
           org.json4s.jackson.Serialization.write(
@@ -389,12 +435,12 @@ trait RepositoryViewerControllerBase extends ControllerBase {
                 enableRefsLink = true,
                 enableAnchor = true,
                 enableLineBreaks = true,
-                hasWritePermission = isEditable(x.userName, x.repositoryName, x.commentedUserName)
+                hasWritePermission = true
               )
             ))
         }
-      } else Unauthorized
-    } getOrElse NotFound
+      } else Unauthorized()
+    } getOrElse NotFound()
   })
 
   ajaxPost("/:owner/:repository/commit_comments/edit/:id", commentForm)(readableUsersOnly { (form, repository) =>
@@ -403,8 +449,8 @@ trait RepositoryViewerControllerBase extends ControllerBase {
         if(isEditable(owner, name, comment.commentedUserName)){
           updateCommitComment(comment.commentId, form.content)
           redirect(s"/${owner}/${name}/commit_comments/_data/${comment.commentId}")
-        } else Unauthorized
-      } getOrElse NotFound
+        } else Unauthorized()
+      } getOrElse NotFound()
     }
   })
 
@@ -413,8 +459,8 @@ trait RepositoryViewerControllerBase extends ControllerBase {
       getCommitComment(owner, name, params("id")).map { comment =>
         if(isEditable(owner, name, comment.commentedUserName)){
           Ok(deleteCommitComment(comment.commentId))
-        } else Unauthorized
-      } getOrElse NotFound
+        } else Unauthorized()
+      } getOrElse NotFound()
     }
   })
 
@@ -433,13 +479,13 @@ trait RepositoryViewerControllerBase extends ControllerBase {
     .map(br => (br, getPullRequestByRequestCommit(repository.owner, repository.name, repository.repository.defaultBranch, br.name, br.commitId), protectedBranches.contains(br.name)))
     .reverse
 
-    html.branches(branches, hasWritePermission(repository.owner, repository.name, context.loginAccount), repository)
+    html.branches(branches, hasDeveloperRole(repository.owner, repository.name, context.loginAccount), repository)
   })
 
   /**
    * Creates a branch.
    */
-  post("/:owner/:repository/branches")(collaboratorsOnly { repository =>
+  post("/:owner/:repository/branches")(writableUsersOnly { repository =>
     val newBranchName = params.getOrElse("new", halt(400))
     val fromBranchName = params.getOrElse("from", halt(400))
     using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
@@ -457,7 +503,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
   /**
    * Deletes branch.
    */
-  get("/:owner/:repository/delete/*")(collaboratorsOnly { repository =>
+  get("/:owner/:repository/delete/*")(writableUsersOnly { repository =>
     val branchName = multiParams("splat").head
     val userName   = context.loginAccount.get.userName
     if(repository.repository.defaultBranch != branchName){
@@ -485,23 +531,25 @@ trait RepositoryViewerControllerBase extends ControllerBase {
         archiveRepository(name, ".zip", repository)
       case name if name.endsWith(".tar.gz") =>
         archiveRepository(name, ".tar.gz", repository)
-      case _ => BadRequest
+      case _ => BadRequest()
     }
   })
 
   get("/:owner/:repository/network/members")(referrersOnly { repository =>
-    html.forked(
-      getRepository(
-        repository.repository.originUserName.getOrElse(repository.owner),
-        repository.repository.originRepositoryName.getOrElse(repository.name)),
-      getForkedRepositories(
-        repository.repository.originUserName.getOrElse(repository.owner),
-        repository.repository.originRepositoryName.getOrElse(repository.name)),
-      context.loginAccount match {
-        case None => List()
-        case account: Option[Account] => getGroupsByUserName(account.get.userName)
-      }, // groups of current user
-      repository)
+    if(repository.repository.options.allowFork) {
+      html.forked(
+        getRepository(
+          repository.repository.originUserName.getOrElse(repository.owner),
+          repository.repository.originRepositoryName.getOrElse(repository.name)),
+        getForkedRepositories(
+          repository.repository.originUserName.getOrElse(repository.owner),
+          repository.repository.originRepositoryName.getOrElse(repository.name)),
+        context.loginAccount match {
+          case None => List()
+          case account: Option[Account] => getGroupsByUserName(account.get.userName)
+        }, // groups of current user
+        repository)
+    } else BadRequest()
   })
 
   /**
@@ -512,7 +560,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
       val ref = multiParams("splat").head
       JGitUtil.getTreeId(git, ref).map{ treeId =>
         html.find(ref, treeId, repository)
-      } getOrElse NotFound
+      } getOrElse NotFound()
     }
   })
 
@@ -527,17 +575,6 @@ trait RepositoryViewerControllerBase extends ControllerBase {
     }
   })
 
-  private def splitPath(repository: RepositoryService.RepositoryInfo, path: String): (String, String) = {
-    val id = repository.branchList.collectFirst {
-      case branch if(path == branch || path.startsWith(branch + "/")) => branch
-    } orElse repository.tags.collectFirst {
-      case tag if(path == tag.name || path.startsWith(tag.name + "/")) => tag.name
-    } getOrElse path.split("/")(0)
-
-    (id, path.substring(id.length).stripPrefix("/"))
-  }
-
-
   private val readmeFiles = PluginRegistry().renderableExtensions.map { extension =>
     s"readme.${extension}"
   } ++ Seq("readme.txt", "readme")
@@ -551,10 +588,10 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    * @return HTML of the file list
    */
   private def fileList(repository: RepositoryService.RepositoryInfo, revstr: String = "", path: String = ".") = {
-    if(repository.commitCount == 0){
-      html.guide(repository, hasWritePermission(repository.owner, repository.name, context.loginAccount))
-    } else {
-      using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
+    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
+      if(JGitUtil.isEmpty(git)){
+        html.guide(repository, hasDeveloperRole(repository.owner, repository.name, context.loginAccount))
+      } else {
         // get specified commit
         JGitUtil.getDefaultBranch(git, repository, revstr).map { case (objectId, revision) =>
           defining(JGitUtil.getRevCommitFromId(git, objectId)) { revCommit =>
@@ -574,11 +611,16 @@ trait RepositoryViewerControllerBase extends ControllerBase {
             html.files(revision, repository,
               if(path == ".") Nil else path.split("/").toList, // current path
               new JGitUtil.CommitInfo(lastModifiedCommit), // last modified commit
-              files, readme, hasWritePermission(repository.owner, repository.name, context.loginAccount),
+              JGitUtil.getCommitCount(repository.owner, repository.name, lastModifiedCommit.getName),
+              files,
+              readme,
+              hasDeveloperRole(repository.owner, repository.name, context.loginAccount),
               getPullRequestFromBranch(repository.owner, repository.name, revstr, repository.repository.defaultBranch),
-              flash.get("info"), flash.get("error"))
+              flash.get("info"),
+              flash.get("error")
+            )
           }
-        } getOrElse NotFound
+        } getOrElse NotFound()
       }
     }
   }
@@ -598,14 +640,18 @@ trait RepositoryViewerControllerBase extends ControllerBase {
         val headName = s"refs/heads/${branch}"
         val headTip  = git.getRepository.resolve(headName)
 
-        JGitUtil.processTree(git, headTip){ (path, tree) =>
+        val permission = JGitUtil.processTree(git, headTip){ (path, tree) =>
+          // Add all entries except the editing file
           if(!newPath.exists(_ == path) && !oldPath.exists(_ == path)){
             builder.add(JGitUtil.createDirCacheEntry(path, tree.getEntryFileMode, tree.getEntryObjectId))
           }
-        }
+          // Retrieve permission if file exists to keep it
+          oldPath.collect { case x if x == path => tree.getEntryFileMode.getBits }
+        }.flatten.headOption
 
         newPath.foreach { newPath =>
-          builder.add(JGitUtil.createDirCacheEntry(newPath, FileMode.REGULAR_FILE,
+          builder.add(JGitUtil.createDirCacheEntry(newPath,
+            permission.map { bits => FileMode.fromBits(bits) } getOrElse FileMode.REGULAR_FILE,
             inserter.insert(Constants.OBJ_BLOB, content.getBytes(charset))))
         }
         builder.finish()
@@ -628,8 +674,11 @@ trait RepositoryViewerControllerBase extends ControllerBase {
         updatePullRequests(repository.owner, repository.name, branch)
 
         // record activity
-        recordPushActivity(repository.owner, repository.name, loginAccount.userName, branch,
-          List(new CommitInfo(JGitUtil.getRevCommitFromId(git, commitId))))
+        val commitInfo = new CommitInfo(JGitUtil.getRevCommitFromId(git, commitId))
+        recordPushActivity(repository.owner, repository.name, loginAccount.userName, branch, List(commitInfo))
+
+        // create issue comment by commit message
+        createIssueComment(repository.owner, repository.name, commitInfo)
 
         // close issue by commit message
         closeIssuesFromMessage(message, loginAccount.userName, repository.owner, repository.name)
@@ -664,11 +713,6 @@ trait RepositoryViewerControllerBase extends ControllerBase {
 
   private def archiveRepository(name: String, suffix: String, repository: RepositoryService.RepositoryInfo): Unit = {
     val revision = name.stripSuffix(suffix)
-    val workDir = getDownloadWorkDir(repository.owner, repository.name, session.getId)
-    if(workDir.exists) {
-      FileUtils.deleteDirectory(workDir)
-    }
-    workDir.mkdirs
 
     val filename = repository.name + "-" +
       (if(revision.length == 40) revision.substring(0, 10) else revision).replace('/', '_') + suffix
@@ -682,14 +726,14 @@ trait RepositoryViewerControllerBase extends ControllerBase {
 
       git.archive
          .setFormat(suffix.tail)
-         .setTree(revCommit.getTree)
+         .setTree(revCommit)
          .setOutputStream(response.getOutputStream)
          .call()
     }
   }
 
   private def isEditable(owner: String, repository: String, author: String)(implicit context: Context): Boolean =
-    hasWritePermission(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
+    hasDeveloperRole(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
 
   override protected def renderUncaughtException(e: Throwable)(implicit request: HttpServletRequest, response: HttpServletResponse): Unit = {
     e.printStackTrace()

src/main/scala/gitbucket/core/controller/SystemSettingsController.scala

@@ -14,7 +14,6 @@ import gitbucket.core.util.Directory._
 import gitbucket.core.util.StringUtil._
 import io.github.gitbucket.scalatra.forms._
 import org.apache.commons.io.{FileUtils, IOUtils}
-import org.apache.commons.mail.{DefaultAuthenticator, HtmlEmail}
 import org.scalatra.i18n.Messages
 
 class SystemSettingsController extends SystemSettingsControllerBase
@@ -42,6 +41,7 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
         "user"                     -> trim(label("SMTP User", optional(text()))),
         "password"                 -> trim(label("SMTP Password", optional(text()))),
         "ssl"                      -> trim(label("Enable SSL", optional(boolean()))),
+        "starttls"                 -> trim(label("Enable STARTTLS", optional(boolean()))),
         "fromAddress"              -> trim(label("FROM Address", optional(text()))),
         "fromName"                 -> trim(label("FROM Name", optional(text())))
     )(Smtp.apply)),
@@ -78,6 +78,7 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
       "user"        -> trim(label("SMTP User", optional(text()))),
       "password"    -> trim(label("SMTP Password", optional(text()))),
       "ssl"         -> trim(label("Enable SSL", optional(boolean()))),
+      "starttls"    -> trim(label("Enable STARTTLS", optional(boolean()))),
       "fromAddress" -> trim(label("FROM Address", optional(text()))),
       "fromName"    -> trim(label("FROM Name", optional(text())))
     )(Smtp.apply),
@@ -90,25 +91,26 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
 
   case class NewUserForm(userName: String, password: String, fullName: String,
                          mailAddress: String, isAdmin: Boolean,
-                         url: Option[String], fileId: Option[String])
+                         description: Option[String], url: Option[String], fileId: Option[String])
 
   case class EditUserForm(userName: String, password: Option[String], fullName: String,
-                          mailAddress: String, isAdmin: Boolean, url: Option[String],
+                          mailAddress: String, isAdmin: Boolean, description: Option[String], url: Option[String],
                           fileId: Option[String], clearImage: Boolean, isRemoved: Boolean)
 
-  case class NewGroupForm(groupName: String, url: Option[String], fileId: Option[String],
+  case class NewGroupForm(groupName: String, description: Option[String], url: Option[String], fileId: Option[String],
                           members: String)
 
-  case class EditGroupForm(groupName: String, url: Option[String], fileId: Option[String],
+  case class EditGroupForm(groupName: String, description: Option[String], url: Option[String], fileId: Option[String],
                            members: String, clearImage: Boolean, isRemoved: Boolean)
 
 
   val newUserForm = mapping(
-    "userName"    -> trim(label("Username"     ,text(required, maxlength(100), identifier, uniqueUserName))),
+    "userName"    -> trim(label("Username"     ,text(required, maxlength(100), identifier, uniqueUserName, reservedNames))),
     "password"    -> trim(label("Password"     ,text(required, maxlength(20)))),
     "fullName"    -> trim(label("Full Name"    ,text(required, maxlength(100)))),
     "mailAddress" -> trim(label("Mail Address" ,text(required, maxlength(100), uniqueMailAddress()))),
     "isAdmin"     -> trim(label("User Type"    ,boolean())),
+    "description" -> trim(label("bio"          ,optional(text()))),
     "url"         -> trim(label("URL"          ,optional(text(maxlength(200))))),
     "fileId"      -> trim(label("File ID"      ,optional(text())))
   )(NewUserForm.apply)
@@ -119,6 +121,7 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
     "fullName"    -> trim(label("Full Name"    ,text(required, maxlength(100)))),
     "mailAddress" -> trim(label("Mail Address" ,text(required, maxlength(100), uniqueMailAddress("userName")))),
     "isAdmin"     -> trim(label("User Type"    ,boolean())),
+    "description" -> trim(label("bio"          ,optional(text()))),
     "url"         -> trim(label("URL"          ,optional(text(maxlength(200))))),
     "fileId"      -> trim(label("File ID"      ,optional(text()))),
     "clearImage"  -> trim(label("Clear image"  ,boolean())),
@@ -126,7 +129,8 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
   )(EditUserForm.apply)
 
   val newGroupForm = mapping(
-    "groupName" -> trim(label("Group name" ,text(required, maxlength(100), identifier, uniqueUserName))),
+    "groupName" -> trim(label("Group name" ,text(required, maxlength(100), identifier, uniqueUserName, reservedNames))),
+    "description" -> trim(label("Group description", optional(text()))),
     "url"       -> trim(label("URL"        ,optional(text(maxlength(200))))),
     "fileId"    -> trim(label("File ID"    ,optional(text()))),
     "members"   -> trim(label("Members"    ,text(required, members)))
@@ -134,6 +138,7 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
 
   val editGroupForm = mapping(
     "groupName"  -> trim(label("Group name"  ,text(required, maxlength(100), identifier))),
+    "description" -> trim(label("Group description", optional(text()))),
     "url"        -> trim(label("URL"         ,optional(text(maxlength(200))))),
     "fileId"     -> trim(label("File ID"     ,optional(text()))),
     "members"    -> trim(label("Members"     ,text(required, members))),
@@ -165,7 +170,8 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
   post("/admin/system/sendmail", sendMailForm)(adminOnly { form =>
     try {
       new Mailer(form.smtp).send(form.testAddress,
-        "Test message from GitBucket", "This is a test message from GitBucket.")
+        "Test message from GitBucket", "This is a test message from GitBucket.",
+        context.loginAccount.get)
 
       "Test mail has been sent to: " + form.testAddress
 
@@ -194,7 +200,7 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
   })
 
   post("/admin/users/_newuser", newUserForm)(adminOnly { form =>
-    createAccount(form.userName, sha1(form.password), form.fullName, form.mailAddress, form.isAdmin, form.url)
+    createAccount(form.userName, sha1(form.password), form.fullName, form.mailAddress, form.isAdmin, form.description, form.url)
     updateImage(form.userName, form.fileId, false)
     redirect("/admin/users")
   })
@@ -228,13 +234,14 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
           fullName     = form.fullName,
           mailAddress  = form.mailAddress,
           isAdmin      = form.isAdmin,
+          description  = form.description,
           url          = form.url,
           isRemoved    = form.isRemoved))
 
         updateImage(userName, form.fileId, form.clearImage)
         redirect("/admin/users")
       }
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   get("/admin/users/_newgroup")(adminOnly {
@@ -242,7 +249,7 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
   })
 
   post("/admin/users/_newgroup", newGroupForm)(adminOnly { form =>
-    createGroup(form.groupName, form.url)
+    createGroup(form.groupName, form.description, form.url)
     updateGroupMembers(form.groupName, form.members.split(",").map {
       _.split(":") match {
         case Array(userName, isManager) => (userName, isManager.toBoolean)
@@ -265,7 +272,7 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
       }
     }.toList){ case (groupName, members) =>
       getAccountByUserName(groupName, true).map { account =>
-        updateGroup(groupName, form.url, form.isRemoved)
+        updateGroup(groupName, form.url, form.description, form.isRemoved)
 
         if(form.isRemoved){
           // Remove from GROUP_MEMBER
@@ -280,19 +287,19 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
         } else {
           // Update GROUP_MEMBER
           updateGroupMembers(form.groupName, members)
-          // Update COLLABORATOR for group repositories
-          getRepositoryNamesOfUser(form.groupName).foreach { repositoryName =>
-            removeCollaborators(form.groupName, repositoryName)
-            members.foreach { case (userName, isManager) =>
-              addCollaborator(form.groupName, repositoryName, userName)
-            }
-          }
+//          // Update COLLABORATOR for group repositories
+//          getRepositoryNamesOfUser(form.groupName).foreach { repositoryName =>
+//            removeCollaborators(form.groupName, repositoryName)
+//            members.foreach { case (userName, isManager) =>
+//              addCollaborator(form.groupName, repositoryName, userName)
+//            }
+//          }
         }
 
         updateImage(form.groupName, form.fileId, form.clearImage)
         redirect("/admin/users")
 
-      } getOrElse NotFound
+      } getOrElse NotFound()
     }
   })
 
@@ -304,12 +311,7 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
 
   post("/admin/export")(adminOnly {
     import gitbucket.core.util.JDBCUtil._
-    val session = request2Session(request)
-    val file = if(params("type") == "sql"){
-      session.conn.exportAsSQL(request.getParameterValues("tableNames").toSeq)
-    } else {
-      session.conn.exportAsXML(request.getParameterValues("tableNames").toSeq)
-    }
+    val file = request2Session(request).conn.exportAsSQL(request.getParameterValues("tableNames").toSeq)
 
     contentType = "application/octet-stream"
     response.setHeader("Content-Disposition", "attachment; filename=" + file.getName)

src/main/scala/gitbucket/core/controller/WikiController.scala

@@ -14,10 +14,10 @@ import org.scalatra.i18n.Messages
 
 class WikiController extends WikiControllerBase 
   with WikiService with RepositoryService with AccountService with ActivityService
-  with CollaboratorsAuthenticator with ReferrerAuthenticator
+  with ReadableUsersAuthenticator with ReferrerAuthenticator
 
 trait WikiControllerBase extends ControllerBase {
-  self: WikiService with RepositoryService with ActivityService with CollaboratorsAuthenticator with ReferrerAuthenticator =>
+  self: WikiService with RepositoryService with ActivityService with ReadableUsersAuthenticator with ReferrerAuthenticator =>
 
   case class WikiPageEditForm(pageName: String, content: String, message: Option[String], currentPageName: String, id: String)
   
@@ -62,7 +62,7 @@ trait WikiControllerBase extends ControllerBase {
 
     using(Git.open(getWikiRepositoryDir(repository.owner, repository.name))){ git =>
       JGitUtil.getCommitLog(git, "master", path = pageName + ".md") match {
-        case Right((logs, hasNext)) => html.history(Some(pageName), logs, repository)
+        case Right((logs, hasNext)) => html.history(Some(pageName), logs, repository, isEditable(repository))
         case Left(_) => NotFound()
       }
     }
@@ -87,7 +87,7 @@ trait WikiControllerBase extends ControllerBase {
     }
   })
 
-  get("/:owner/:repository/wiki/:page/_revert/:commitId")(referrersOnly { repository =>
+  get("/:owner/:repository/wiki/:page/_revert/:commitId")(readableUsersOnly { repository =>
     if(isEditable(repository)){
       val pageName = StringUtil.urlDecode(params("page"))
       val Array(from, to) = params("commitId").split("\\.\\.\\.")
@@ -101,7 +101,7 @@ trait WikiControllerBase extends ControllerBase {
     } else Unauthorized()
   })
 
-  get("/:owner/:repository/wiki/_revert/:commitId")(referrersOnly { repository =>
+  get("/:owner/:repository/wiki/_revert/:commitId")(readableUsersOnly { repository =>
     if(isEditable(repository)){
       val Array(from, to) = params("commitId").split("\\.\\.\\.")
 
@@ -114,14 +114,14 @@ trait WikiControllerBase extends ControllerBase {
     } else Unauthorized()
   })
 
-  get("/:owner/:repository/wiki/:page/_edit")(referrersOnly { repository =>
+  get("/:owner/:repository/wiki/:page/_edit")(readableUsersOnly { repository =>
     if(isEditable(repository)){
       val pageName = StringUtil.urlDecode(params("page"))
       html.edit(pageName, getWikiPage(repository.owner, repository.name, pageName), repository)
     } else Unauthorized()
   })
   
-  post("/:owner/:repository/wiki/_edit", editForm)(referrersOnly { (form, repository) =>
+  post("/:owner/:repository/wiki/_edit", editForm)(readableUsersOnly { (form, repository) =>
     if(isEditable(repository)){
       defining(context.loginAccount.get){ loginAccount =>
         saveWikiPage(
@@ -146,13 +146,13 @@ trait WikiControllerBase extends ControllerBase {
     } else Unauthorized()
   })
   
-  get("/:owner/:repository/wiki/_new")(referrersOnly { repository =>
+  get("/:owner/:repository/wiki/_new")(readableUsersOnly { repository =>
     if(isEditable(repository)){
       html.edit("", None, repository)
     } else Unauthorized()
   })
   
-  post("/:owner/:repository/wiki/_new", newForm)(referrersOnly { (form, repository) =>
+  post("/:owner/:repository/wiki/_new", newForm)(readableUsersOnly { (form, repository) =>
     if(isEditable(repository)){
       defining(context.loginAccount.get){ loginAccount =>
         saveWikiPage(repository.owner, repository.name, form.currentPageName, form.pageName,
@@ -170,7 +170,7 @@ trait WikiControllerBase extends ControllerBase {
     } else Unauthorized()
   })
   
-  get("/:owner/:repository/wiki/:page/_delete")(referrersOnly { repository =>
+  get("/:owner/:repository/wiki/:page/_delete")(readableUsersOnly { repository =>
     if(isEditable(repository)){
       val pageName = StringUtil.urlDecode(params("page"))
 
@@ -182,7 +182,7 @@ trait WikiControllerBase extends ControllerBase {
       }
     } else Unauthorized()
   })
-  
+
   get("/:owner/:repository/wiki/_pages")(referrersOnly { repository =>
     html.pages(getWikiPageList(repository.owner, repository.name), repository, isEditable(repository))
   })
@@ -190,7 +190,7 @@ trait WikiControllerBase extends ControllerBase {
   get("/:owner/:repository/wiki/_history")(referrersOnly { repository =>
     using(Git.open(getWikiRepositoryDir(repository.owner, repository.name))){ git =>
       JGitUtil.getCommitLog(git, "master") match {
-        case Right((logs, hasNext)) => html.history(None, logs, repository)
+        case Right((logs, hasNext)) => html.history(None, logs, repository, isEditable(repository))
         case Left(_) => NotFound()
       }
     }
@@ -201,7 +201,7 @@ trait WikiControllerBase extends ControllerBase {
 
     getFileContent(repository.owner, repository.name, path).map { bytes =>
       RawData(FileUtil.getContentType(path, bytes), bytes)
-    } getOrElse NotFound
+    } getOrElse NotFound()
   })
 
   private def unique: Constraint = new Constraint(){
@@ -240,9 +240,13 @@ trait WikiControllerBase extends ControllerBase {
 
   private def targetWikiPage = getWikiPage(params("owner"), params("repository"), params("pageName"))
 
-  private def isEditable(repository: RepositoryInfo)(implicit context: Context): Boolean =
-    repository.repository.allowWikiEditing || (
-      hasWritePermission(repository.owner, repository.name, context.loginAccount)
-    )
+  private def isEditable(repository: RepositoryInfo)(implicit context: Context): Boolean = {
+    repository.repository.options.wikiOption match {
+      case "ALL"     => !repository.repository.isPrivate && context.loginAccount.isDefined
+      case "PUBLIC"  => hasGuestRole(repository.owner, repository.name, context.loginAccount)
+      case "PRIVATE" => hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
+      case "DISABLE" => false
+    }
+  }
 
 }

src/main/scala/gitbucket/core/model/AccessToken.scala

@@ -2,7 +2,8 @@ package gitbucket.core.model
 
 
 trait AccessTokenComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
+
   lazy val AccessTokens = TableQuery[AccessTokens]
 
   class AccessTokens(tag: Tag) extends Table[AccessToken](tag, "ACCESS_TOKEN") {

src/main/scala/gitbucket/core/model/Account.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 trait AccountComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
   import self._
 
   lazy val Accounts = TableQuery[Accounts]
@@ -19,7 +19,8 @@ trait AccountComponent { self: Profile =>
     val image = column[String]("IMAGE")
     val groupAccount = column[Boolean]("GROUP_ACCOUNT")
     val removed = column[Boolean]("REMOVED")
-    def * = (userName, fullName, mailAddress, password, isAdmin, url.?, registeredDate, updatedDate, lastLoginDate.?, image.?, groupAccount, removed) <> (Account.tupled, Account.unapply)
+    val description = column[String]("DESCRIPTION")
+    def * = (userName, fullName, mailAddress, password, isAdmin, url.?, registeredDate, updatedDate, lastLoginDate.?, image.?, groupAccount, removed, description.?) <> (Account.tupled, Account.unapply)
   }
 }
 
@@ -35,5 +36,6 @@ case class Account(
   lastLoginDate: Option[java.util.Date],
   image: Option[String],
   isGroupAccount: Boolean,
-  isRemoved: Boolean
+  isRemoved: Boolean,
+  description: Option[String]
 )

src/main/scala/gitbucket/core/model/Activity.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 trait ActivityComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
   import self._
 
   lazy val Activities = TableQuery[Activities]

src/main/scala/gitbucket/core/model/BasicTemplate.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 protected[model] trait TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
 
   trait BasicTemplate { self: Table[_] =>
     val userName = column[String]("USER_NAME")
@@ -10,7 +10,7 @@ protected[model] trait TemplateComponent { self: Profile =>
     def byRepository(owner: String, repository: String) =
       (userName === owner.bind) && (repositoryName === repository.bind)
 
-    def byRepository(userName: Column[String], repositoryName: Column[String]) =
+    def byRepository(userName: Rep[String], repositoryName: Rep[String]) =
       (this.userName === userName) && (this.repositoryName === repositoryName)
   }
 
@@ -20,7 +20,7 @@ protected[model] trait TemplateComponent { self: Profile =>
     def byIssue(owner: String, repository: String, issueId: Int) =
       byRepository(owner, repository) && (this.issueId === issueId.bind)
 
-    def byIssue(userName: Column[String], repositoryName: Column[String], issueId: Column[Int]) =
+    def byIssue(userName: Rep[String], repositoryName: Rep[String], issueId: Rep[Int]) =
       byRepository(userName, repositoryName) && (this.issueId === issueId)
   }
 
@@ -31,7 +31,7 @@ protected[model] trait TemplateComponent { self: Profile =>
     def byLabel(owner: String, repository: String, labelId: Int) =
       byRepository(owner, repository) && (this.labelId === labelId.bind)
 
-    def byLabel(userName: Column[String], repositoryName: Column[String], labelId: Column[Int]) =
+    def byLabel(userName: Rep[String], repositoryName: Rep[String], labelId: Rep[Int]) =
       byRepository(userName, repositoryName) && (this.labelId === labelId)
 
     def byLabel(owner: String, repository: String, labelName: String) =
@@ -44,7 +44,7 @@ protected[model] trait TemplateComponent { self: Profile =>
     def byMilestone(owner: String, repository: String, milestoneId: Int) =
       byRepository(owner, repository) && (this.milestoneId === milestoneId.bind)
 
-    def byMilestone(userName: Column[String], repositoryName: Column[String], milestoneId: Column[Int]) =
+    def byMilestone(userName: Rep[String], repositoryName: Rep[String], milestoneId: Rep[Int]) =
       byRepository(userName, repositoryName) && (this.milestoneId === milestoneId)
   }
 
@@ -54,13 +54,13 @@ protected[model] trait TemplateComponent { self: Profile =>
     def byCommit(owner: String, repository: String, commitId: String) =
       byRepository(owner, repository) && (this.commitId === commitId)
 
-    def byCommit(owner: Column[String], repository: Column[String], commitId: Column[String]) =
+    def byCommit(owner: Rep[String], repository: Rep[String], commitId: Rep[String]) =
       byRepository(userName, repositoryName) && (this.commitId === commitId)
   }
 
   trait BranchTemplate extends BasicTemplate{ self: Table[_] =>
     val branch = column[String]("BRANCH")
     def byBranch(owner: String, repository: String, branchName: String) = byRepository(owner, repository) && (branch === branchName.bind)
-    def byBranch(owner: Column[String], repository: Column[String], branchName: Column[String]) = byRepository(owner, repository) && (this.branch === branchName)
+    def byBranch(owner: Rep[String], repository: Rep[String], branchName: Rep[String]) = byRepository(owner, repository) && (this.branch === branchName)
   }
 }

src/main/scala/gitbucket/core/model/Collaborator.scala

@@ -1,13 +1,14 @@
 package gitbucket.core.model
 
 trait CollaboratorComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
 
   lazy val Collaborators = TableQuery[Collaborators]
 
   class Collaborators(tag: Tag) extends Table[Collaborator](tag, "COLLABORATOR") with BasicTemplate {
     val collaboratorName = column[String]("COLLABORATOR_NAME")
-    def * = (userName, repositoryName, collaboratorName) <> (Collaborator.tupled, Collaborator.unapply)
+    val role = column[String]("ROLE")
+    def * = (userName, repositoryName, collaboratorName, role) <> (Collaborator.tupled, Collaborator.unapply)
 
     def byPrimaryKey(owner: String, repository: String, collaborator: String) =
       byRepository(owner, repository) && (collaboratorName === collaborator.bind)
@@ -17,5 +18,23 @@ trait CollaboratorComponent extends TemplateComponent { self: Profile =>
 case class Collaborator(
   userName: String,
   repositoryName: String,
-  collaboratorName: String
+  collaboratorName: String,
+  role: String
 )
+
+sealed abstract class Role(val name: String)
+
+object Role {
+  object ADMIN extends Role("ADMIN")
+  object DEVELOPER extends Role("DEVELOPER")
+  object GUEST extends Role("GUEST")
+
+//  val values: Vector[Permission] = Vector(ADMIN, WRITE, READ)
+//
+//  private val map: Map[String, Permission] = values.map(enum => enum.name -> enum).toMap
+//
+//  def apply(name: String): Permission = map(name)
+//
+//  def valueOf(name: String): Option[Permission] = map.get(name)
+
+}

src/main/scala/gitbucket/core/model/Comment.scala

@@ -6,12 +6,10 @@ trait Comment {
 }
 
 trait IssueCommentComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
   import self._
 
-  lazy val IssueComments = new TableQuery(tag => new IssueComments(tag)){
-    def autoInc = this returning this.map(_.commentId)
-  }
+  lazy val IssueComments = TableQuery[IssueComments]
 
   class IssueComments(tag: Tag) extends Table[IssueComment](tag, "ISSUE_COMMENT") with IssueTemplate {
     val commentId = column[Int]("COMMENT_ID", O AutoInc)
@@ -39,12 +37,10 @@ case class IssueComment (
 ) extends Comment
 
 trait CommitCommentComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
   import self._
 
-  lazy val CommitComments = new TableQuery(tag => new CommitComments(tag)){
-    def autoInc = this returning this.map(_.commentId)
-  }
+  lazy val CommitComments = TableQuery[CommitComments]
 
   class CommitComments(tag: Tag) extends Table[CommitComment](tag, "COMMIT_COMMENT") with CommitTemplate {
     val commentId = column[Int]("COMMENT_ID", O AutoInc)

src/main/scala/gitbucket/core/model/CommitStatus.scala

@@ -1,10 +1,7 @@
 package gitbucket.core.model
 
-import scala.slick.lifted.MappedTo
-import scala.slick.jdbc._
-
 trait CommitStatusComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
   import self._
 
   implicit val commitStateColumnType = MappedColumnType.base[CommitState, String](b => b.name , i => CommitState(i))
@@ -90,7 +87,5 @@ object CommitState {
     }
   }
 
-  implicit val getResult: GetResult[CommitState] = GetResult(r => CommitState(r.<<))
-  implicit val getResultOpt: GetResult[Option[CommitState]] = GetResult(r => r.<<?[String].map(CommitState(_)))
 }
 

src/main/scala/gitbucket/core/model/GroupMembers.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 trait GroupMemberComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
 
   lazy val GroupMembers = TableQuery[GroupMembers]
 

src/main/scala/gitbucket/core/model/Issue.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 trait IssueComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
   import self._
 
   lazy val IssueId = TableQuery[IssueId]

src/main/scala/gitbucket/core/model/IssueLabels.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 trait IssueLabelComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
 
   lazy val IssueLabels = TableQuery[IssueLabels]
 

src/main/scala/gitbucket/core/model/Labels.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 trait LabelComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
 
   lazy val Labels = TableQuery[Labels]
 
@@ -12,7 +12,7 @@ trait LabelComponent extends TemplateComponent { self: Profile =>
     def * = (userName, repositoryName, labelId, labelName, color) <> (Label.tupled, Label.unapply)
 
     def byPrimaryKey(owner: String, repository: String, labelId: Int) = byLabel(owner, repository, labelId)
-    def byPrimaryKey(userName: Column[String], repositoryName: Column[String], labelId: Column[Int]) = byLabel(userName, repositoryName, labelId)
+    def byPrimaryKey(userName: Rep[String], repositoryName: Rep[String], labelId: Rep[Int]) = byLabel(userName, repositoryName, labelId)
   }
 }
 

src/main/scala/gitbucket/core/model/Milestone.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 trait MilestoneComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
   import self._
 
   lazy val Milestones = TableQuery[Milestones]
@@ -15,7 +15,7 @@ trait MilestoneComponent extends TemplateComponent { self: Profile =>
     def * = (userName, repositoryName, milestoneId, title, description.?, dueDate.?, closedDate.?) <> (Milestone.tupled, Milestone.unapply)
 
     def byPrimaryKey(owner: String, repository: String, milestoneId: Int) = byMilestone(owner, repository, milestoneId)
-    def byPrimaryKey(userName: Column[String], repositoryName: Column[String], milestoneId: Column[Int]) = byMilestone(userName, repositoryName, milestoneId)
+    def byPrimaryKey(userName: Rep[String], repositoryName: Rep[String], milestoneId: Rep[Int]) = byMilestone(userName, repositoryName, milestoneId)
   }
 }
 

src/main/scala/gitbucket/core/model/Profile.scala

@@ -1,10 +1,11 @@
 package gitbucket.core.model
 
 import gitbucket.core.util.DatabaseConfig
+import com.github.takezoe.slick.blocking.BlockingJdbcProfile
 
 trait Profile {
-  val profile: slick.driver.JdbcProfile
-  import profile.simple._
+  val profile: BlockingJdbcProfile
+  import profile.blockingApi._
 
   /**
    * java.util.Date Mapped Column Types
@@ -17,8 +18,8 @@ trait Profile {
   /**
    * Extends Column to add conditional condition
    */
-  implicit class RichColumn(c1: Column[Boolean]){
-    def &&(c2: => Column[Boolean], guard: => Boolean): Column[Boolean] = if(guard) c1 && c2 else c1
+  implicit class RichColumn(c1: Rep[Boolean]){
+    def &&(c2: => Rep[Boolean], guard: => Boolean): Rep[Boolean] = if(guard) c1 && c2 else c1
   }
 
   /**

src/main/scala/gitbucket/core/model/ProtectedBranch.scala

@@ -1,10 +1,7 @@
 package gitbucket.core.model
 
-import scala.slick.lifted.MappedTo
-import scala.slick.jdbc._
-
 trait ProtectedBranchComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
   import self._
 
   lazy val ProtectedBranches = TableQuery[ProtectedBranches]
@@ -12,7 +9,7 @@ trait ProtectedBranchComponent extends TemplateComponent { self: Profile =>
     val statusCheckAdmin = column[Boolean]("STATUS_CHECK_ADMIN")
     def * = (userName, repositoryName, branch, statusCheckAdmin) <> (ProtectedBranch.tupled, ProtectedBranch.unapply)
     def byPrimaryKey(userName: String, repositoryName: String, branch: String) = byBranch(userName, repositoryName, branch)
-    def byPrimaryKey(userName: Column[String], repositoryName: Column[String], branch: Column[String]) = byBranch(userName, repositoryName, branch)
+    def byPrimaryKey(userName: Rep[String], repositoryName: Rep[String], branch: Rep[String]) = byBranch(userName, repositoryName, branch)
   }
 
   lazy val ProtectedBranchContexts = TableQuery[ProtectedBranchContexts]

src/main/scala/gitbucket/core/model/PullRequest.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 trait PullRequestComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
 
   lazy val PullRequests = TableQuery[PullRequests]
 
@@ -15,7 +15,7 @@ trait PullRequestComponent extends TemplateComponent { self: Profile =>
     def * = (userName, repositoryName, issueId, branch, requestUserName, requestRepositoryName, requestBranch, commitIdFrom, commitIdTo) <> (PullRequest.tupled, PullRequest.unapply)
 
     def byPrimaryKey(userName: String, repositoryName: String, issueId: Int) = byIssue(userName, repositoryName, issueId)
-    def byPrimaryKey(userName: Column[String], repositoryName: Column[String], issueId: Column[Int]) = byIssue(userName, repositoryName, issueId)
+    def byPrimaryKey(userName: Rep[String], repositoryName: Rep[String], issueId: Rep[Int]) = byIssue(userName, repositoryName, issueId)
   }
 }
 

src/main/scala/gitbucket/core/model/Repository.scala

@@ -1,30 +1,67 @@
 package gitbucket.core.model
 
 trait RepositoryComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
   import self._
 
   lazy val Repositories = TableQuery[Repositories]
 
   class Repositories(tag: Tag) extends Table[Repository](tag, "REPOSITORY") with BasicTemplate {
-    val isPrivate = column[Boolean]("PRIVATE")
-    val description = column[String]("DESCRIPTION")
-    val defaultBranch = column[String]("DEFAULT_BRANCH")
-    val registeredDate = column[java.util.Date]("REGISTERED_DATE")
-    val updatedDate = column[java.util.Date]("UPDATED_DATE")
-    val lastActivityDate = column[java.util.Date]("LAST_ACTIVITY_DATE")
-    val originUserName = column[String]("ORIGIN_USER_NAME")
+    val isPrivate            = column[Boolean]("PRIVATE")
+    val description          = column[String]("DESCRIPTION")
+    val defaultBranch        = column[String]("DEFAULT_BRANCH")
+    val registeredDate       = column[java.util.Date]("REGISTERED_DATE")
+    val updatedDate          = column[java.util.Date]("UPDATED_DATE")
+    val lastActivityDate     = column[java.util.Date]("LAST_ACTIVITY_DATE")
+    val originUserName       = column[String]("ORIGIN_USER_NAME")
     val originRepositoryName = column[String]("ORIGIN_REPOSITORY_NAME")
-    val parentUserName = column[String]("PARENT_USER_NAME")
+    val parentUserName       = column[String]("PARENT_USER_NAME")
     val parentRepositoryName = column[String]("PARENT_REPOSITORY_NAME")
-    val enableIssues = column[Boolean]("ENABLE_ISSUES")
-    val externalIssuesUrl = column[String]("EXTERNAL_ISSUES_URL")
-    val enableWiki = column[Boolean]("ENABLE_WIKI")
-    val allowWikiEditing = column[Boolean]("ALLOW_WIKI_EDITING")
-    val externalWikiUrl = column[String]("EXTERNAL_WIKI_URL")
-    def * = (userName, repositoryName, isPrivate, description.?, defaultBranch,
-      registeredDate, updatedDate, lastActivityDate, originUserName.?, originRepositoryName.?, parentUserName.?, parentRepositoryName.?,
-      enableIssues, externalIssuesUrl.?, enableWiki, allowWikiEditing, externalWikiUrl.?) <> (Repository.tupled, Repository.unapply)
+    val issuesOption         = column[String]("ISSUES_OPTION")
+    val externalIssuesUrl    = column[String]("EXTERNAL_ISSUES_URL")
+    val wikiOption           = column[String]("WIKI_OPTION")
+    val externalWikiUrl      = column[String]("EXTERNAL_WIKI_URL")
+    val allowFork            = column[Boolean]("ALLOW_FORK")
+
+    def * = (
+      (userName, repositoryName, isPrivate, description.?, defaultBranch,
+      registeredDate, updatedDate, lastActivityDate, originUserName.?, originRepositoryName.?, parentUserName.?, parentRepositoryName.?),
+      (issuesOption, externalIssuesUrl.?, wikiOption, externalWikiUrl.?, allowFork)
+    ).shaped <> (
+      { case (repository, options) =>
+        Repository(
+          repository._1,
+          repository._2,
+          repository._3,
+          repository._4,
+          repository._5,
+          repository._6,
+          repository._7,
+          repository._8,
+          repository._9,
+          repository._10,
+          repository._11,
+          repository._12,
+          RepositoryOptions.tupled.apply(options)
+        )
+      }, { (r: Repository) =>
+        Some(((
+          r.userName,
+          r.repositoryName,
+          r.isPrivate,
+          r.description,
+          r.defaultBranch,
+          r.registeredDate,
+          r.updatedDate,
+          r.lastActivityDate,
+          r.originUserName,
+          r.originRepositoryName,
+          r.parentUserName,
+          r.parentRepositoryName
+        ),(
+          RepositoryOptions.unapply(r.options).get
+        )))
+      })
 
     def byPrimaryKey(owner: String, repository: String) = byRepository(owner, repository)
   }
@@ -43,9 +80,13 @@ case class Repository(
   originRepositoryName: Option[String],
   parentUserName: Option[String],
   parentRepositoryName: Option[String],
-  enableIssues: Boolean,
-  externalIssuesUrl: Option[String],
-  enableWiki: Boolean,
-  allowWikiEditing: Boolean,
-  externalWikiUrl: Option[String]
+  options: RepositoryOptions
+)
+
+case class RepositoryOptions(
+  issuesOption: String,
+  externalIssuesUrl: Option[String],
+  wikiOption: String,
+  externalWikiUrl: Option[String],
+  allowFork: Boolean
 )

src/main/scala/gitbucket/core/model/SshKey.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 trait SshKeyComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
 
   lazy val SshKeys = TableQuery[SshKeys]
 

src/main/scala/gitbucket/core/model/WebHook.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 trait WebHookComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
 
   implicit val whContentTypeColumnType = MappedColumnType.base[WebHookContentType, String](whct => whct.code , code => WebHookContentType.valueOf(code))
   
@@ -9,19 +9,18 @@ trait WebHookComponent extends TemplateComponent { self: Profile =>
 
   class WebHooks(tag: Tag) extends Table[WebHook](tag, "WEB_HOOK") with BasicTemplate {
     val url = column[String]("URL")
-    val token = column[Option[String]]("TOKEN", O.Nullable)
-    val ctype = column[WebHookContentType]("CTYPE", O.NotNull)
+    val token = column[Option[String]]("TOKEN")
+    val ctype = column[WebHookContentType]("CTYPE")
     def * = (userName, repositoryName, url, ctype, token) <> ((WebHook.apply _).tupled, WebHook.unapply)
 
     def byPrimaryKey(owner: String, repository: String, url: String) = byRepository(owner, repository) && (this.url === url.bind)
   }
 }
 
-case class WebHookContentType(val code: String, val ctype: String)
+abstract sealed case class WebHookContentType(code: String, ctype: String)
 
 object WebHookContentType {
   object JSON extends WebHookContentType("json", "application/json")
-
   object FORM extends WebHookContentType("form", "application/x-www-form-urlencoded")
 
   val values: Vector[WebHookContentType] = Vector(JSON, FORM)
@@ -43,7 +42,8 @@ case class WebHook(
 )
 
 object WebHook {
-  sealed class Event(var name: String)
+  abstract sealed class Event(val name: String)
+
   case object CommitComment extends Event("commit_comment")
   case object Create extends Event("create")
   case object Delete extends Event("delete")
@@ -63,9 +63,30 @@ object WebHook {
   case object Status extends Event("status")
   case object TeamAdd extends Event("team_add")
   case object Watch extends Event("watch")
+
   object Event{
-    val values = List(CommitComment,Create,Delete,Deployment,DeploymentStatus,Fork,Gollum,IssueComment,Issues,Member,PageBuild,Public,PullRequest,PullRequestReviewComment,Push,Release,Status,TeamAdd,Watch)
-    private val map:Map[String,Event] = values.map(e => e.name -> e).toMap
+    val values = List(
+      CommitComment,
+      Create,
+      Delete,
+      Deployment,
+      DeploymentStatus,
+      Fork,
+      Gollum,
+      IssueComment,
+      Issues,
+      Member,
+      PageBuild,
+      Public,
+      PullRequest,
+      PullRequestReviewComment,
+      Push,
+      Release,
+      Status,
+      TeamAdd,
+      Watch
+    )
+    private val map: Map[String,Event] = values.map(e => e.name -> e).toMap
     def valueOf(name: String): Event = map(name)
     def valueOpt(name: String): Option[Event] = map.get(name)
   }

src/main/scala/gitbucket/core/model/WebHookEvent.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.model
 
 trait WebHookEventComponent extends TemplateComponent { self: Profile =>
-  import profile.simple._
+  import profile.api._
   import gitbucket.core.model.Profile.WebHooks
 
   lazy val WebHookEvents = TableQuery[WebHookEvents]
@@ -14,7 +14,7 @@ trait WebHookEventComponent extends TemplateComponent { self: Profile =>
     def * = (userName, repositoryName, url, event) <> ((WebHookEvent.apply _).tupled, WebHookEvent.unapply)
 
     def byWebHook(owner: String, repository: String, url: String) = byRepository(owner, repository) && (this.url === url.bind)
-    def byWebHook(owner: Column[String], repository: Column[String], url: Column[String]) =
+    def byWebHook(owner: Rep[String], repository: Rep[String], url: Rep[String]) =
       byRepository(userName, repositoryName) && (this.url === url)
     def byWebHook(webhook: WebHooks) =
       byRepository(webhook.userName, webhook.repositoryName) && (this.url === webhook.url)

src/main/scala/gitbucket/core/plugin/Plugin.scala

@@ -149,6 +149,36 @@ abstract class Plugin {
    */
   def dashboardTabs(registry: PluginRegistry, context: ServletContext, settings: SystemSettings): Seq[(Context) => Option[Link]] = Nil
 
+  /**
+   * Override to add assets mappings.
+   */
+  val assetsMappings: Seq[(String, String)] = Nil
+
+  /**
+   * Override to add assets mappings.
+   */
+  def assetsMappings(registry: PluginRegistry, context: ServletContext, settings: SystemSettings): Seq[(String, String)] = Nil
+
+  /**
+   * Override to add text decorators.
+   */
+  val textDecorators: Seq[TextDecorator] = Nil
+
+  /**
+   * Override to add text decorators.
+   */
+  def textDecorators(registry: PluginRegistry, context: ServletContext, settings: SystemSettings): Seq[TextDecorator] = Nil
+
+  /**
+   * Override to add suggestion provider.
+   */
+  val suggestionProviders: Seq[SuggestionProvider] = Nil
+
+  /**
+   * Override to add suggestion provider.
+   */
+  def suggestionProviders(registry: PluginRegistry, context: ServletContext, settings: SystemSettings): Seq[SuggestionProvider] = Nil
+
   /**
    * This method is invoked in initialization of plugin system.
    * Register plugin functionality to PluginRegistry.
@@ -193,6 +223,15 @@ abstract class Plugin {
     (dashboardTabs ++ dashboardTabs(registry, context, settings)).foreach { dashboardTab =>
       registry.addDashboardTab(dashboardTab)
     }
+    (assetsMappings ++ assetsMappings(registry, context, settings)).foreach { assetMapping =>
+      registry.addAssetsMapping((assetMapping._1, assetMapping._2, getClass.getClassLoader))
+    }
+    (textDecorators ++ textDecorators(registry, context, settings)).foreach { textDecorator =>
+      registry.addTextDecorator(textDecorator)
+    }
+    (suggestionProviders ++ suggestionProviders(registry, context, settings)).foreach { suggestionProvider =>
+      registry.addSuggestionProvider(suggestionProvider)
+    }
   }
 
   /**

src/main/scala/gitbucket/core/plugin/PluginRegistory.scala

@@ -13,8 +13,8 @@ import gitbucket.core.util.ControlUtil._
 import gitbucket.core.util.DatabaseConfig
 import gitbucket.core.util.Directory._
 import io.github.gitbucket.solidbase.Solidbase
+import io.github.gitbucket.solidbase.manager.JDBCVersionManager
 import io.github.gitbucket.solidbase.model.Module
-import liquibase.database.core.H2Database
 import org.apache.commons.codec.binary.{Base64, StringUtils}
 import org.slf4j.LoggerFactory
 
@@ -42,10 +42,13 @@ class PluginRegistry {
   private val systemSettingMenus = new ListBuffer[(Context) => Option[Link]]
   private val accountSettingMenus = new ListBuffer[(Context) => Option[Link]]
   private val dashboardTabs = new ListBuffer[(Context) => Option[Link]]
+  private val assetsMappings = new ListBuffer[(String, String, ClassLoader)]
+  private val textDecorators = new ListBuffer[TextDecorator]
 
-  def addPlugin(pluginInfo: PluginInfo): Unit = {
-    plugins += pluginInfo
-  }
+  private val suggestionProviders = new ListBuffer[SuggestionProvider]
+  suggestionProviders += new UserNameSuggestionProvider()
+
+  def addPlugin(pluginInfo: PluginInfo): Unit = plugins += pluginInfo
 
   def getPlugins(): List[PluginInfo] = plugins.toList
 
@@ -66,42 +69,26 @@ class PluginRegistry {
 
   def getImage(id: String): String = images(id)
 
-  def addController(path: String, controller: ControllerBase): Unit = {
-    controllers += ((controller, path))
-  }
+  def addController(path: String, controller: ControllerBase): Unit = controllers += ((controller, path))
 
   @deprecated("Use addController(path: String, controller: ControllerBase) instead", "3.4.0")
-  def addController(controller: ControllerBase, path: String): Unit = {
-    addController(path, controller)
-  }
+  def addController(controller: ControllerBase, path: String): Unit = addController(path, controller)
 
   def getControllers(): Seq[(ControllerBase, String)] = controllers.toSeq
 
-  def addJavaScript(path: String, script: String): Unit = {
-    javaScripts += ((path, script))
-  }
+  def addJavaScript(path: String, script: String): Unit = javaScripts += ((path, script))
 
-  def getJavaScript(currentPath: String): List[String] = {
-    javaScripts.filter(x => currentPath.matches(x._1)).toList.map(_._2)
-  }
+  def getJavaScript(currentPath: String): List[String] = javaScripts.filter(x => currentPath.matches(x._1)).toList.map(_._2)
 
-  def addRenderer(extension: String, renderer: Renderer): Unit = {
-    renderers += ((extension, renderer))
-  }
+  def addRenderer(extension: String, renderer: Renderer): Unit = renderers += ((extension, renderer))
 
-  def getRenderer(extension: String): Renderer = {
-    renderers.get(extension).getOrElse(DefaultRenderer)
-  }
+  def getRenderer(extension: String): Renderer = renderers.get(extension).getOrElse(DefaultRenderer)
 
   def renderableExtensions: Seq[String] = renderers.keys.toSeq
 
-  def addRepositoryRouting(routing: GitRepositoryRouting): Unit = {
-    repositoryRoutings += routing
-  }
+  def addRepositoryRouting(routing: GitRepositoryRouting): Unit = repositoryRoutings += routing
 
-  def getRepositoryRoutings(): Seq[GitRepositoryRouting] = {
-    repositoryRoutings.toSeq
-  }
+  def getRepositoryRoutings(): Seq[GitRepositoryRouting] = repositoryRoutings.toSeq
 
   def getRepositoryRouting(repositoryPath: String): Option[GitRepositoryRouting] = {
     PluginRegistry().getRepositoryRoutings().find {
@@ -111,54 +98,49 @@ class PluginRegistry {
     }
   }
 
-  def addReceiveHook(commitHook: ReceiveHook): Unit = {
-    receiveHooks += commitHook
-  }
+  def addReceiveHook(commitHook: ReceiveHook): Unit = receiveHooks += commitHook
 
   def getReceiveHooks: Seq[ReceiveHook] = receiveHooks.toSeq
 
-  def addGlobalMenu(globalMenu: (Context) => Option[Link]): Unit = {
-    globalMenus += globalMenu
-  }
+  def addGlobalMenu(globalMenu: (Context) => Option[Link]): Unit = globalMenus += globalMenu
 
   def getGlobalMenus: Seq[(Context) => Option[Link]] = globalMenus.toSeq
 
-  def addRepositoryMenu(repositoryMenu: (RepositoryInfo, Context) => Option[Link]): Unit = {
-    repositoryMenus += repositoryMenu
-  }
+  def addRepositoryMenu(repositoryMenu: (RepositoryInfo, Context) => Option[Link]): Unit = repositoryMenus += repositoryMenu
 
   def getRepositoryMenus: Seq[(RepositoryInfo, Context) => Option[Link]] = repositoryMenus.toSeq
 
-  def addRepositorySettingTab(repositorySettingTab: (RepositoryInfo, Context) => Option[Link]): Unit = {
-    repositorySettingTabs += repositorySettingTab
-  }
+  def addRepositorySettingTab(repositorySettingTab: (RepositoryInfo, Context) => Option[Link]): Unit = repositorySettingTabs += repositorySettingTab
 
   def getRepositorySettingTabs: Seq[(RepositoryInfo, Context) => Option[Link]] = repositorySettingTabs.toSeq
 
-  def addProfileTab(profileTab: (Account, Context) => Option[Link]): Unit = {
-    profileTabs += profileTab
-  }
+  def addProfileTab(profileTab: (Account, Context) => Option[Link]): Unit = profileTabs += profileTab
 
   def getProfileTabs: Seq[(Account, Context) => Option[Link]] = profileTabs.toSeq
 
-  def addSystemSettingMenu(systemSettingMenu: (Context) => Option[Link]): Unit = {
-    systemSettingMenus += systemSettingMenu
-  }
+  def addSystemSettingMenu(systemSettingMenu: (Context) => Option[Link]): Unit = systemSettingMenus += systemSettingMenu
 
   def getSystemSettingMenus: Seq[(Context) => Option[Link]] = systemSettingMenus.toSeq
 
-  def addAccountSettingMenu(accountSettingMenu: (Context) => Option[Link]): Unit = {
-    accountSettingMenus += accountSettingMenu
-  }
+  def addAccountSettingMenu(accountSettingMenu: (Context) => Option[Link]): Unit = accountSettingMenus += accountSettingMenu
 
   def getAccountSettingMenus: Seq[(Context) => Option[Link]] = accountSettingMenus.toSeq
 
-  def addDashboardTab(dashboardTab: (Context) => Option[Link]): Unit = {
-    dashboardTabs += dashboardTab
-  }
+  def addDashboardTab(dashboardTab: (Context) => Option[Link]): Unit = dashboardTabs += dashboardTab
 
   def getDashboardTabs: Seq[(Context) => Option[Link]] = dashboardTabs.toSeq
 
+  def addAssetsMapping(assetsMapping: (String, String, ClassLoader)): Unit = assetsMappings += assetsMapping
+
+  def getAssetsMappings: Seq[(String, String, ClassLoader)] = assetsMappings.toSeq
+
+  def addTextDecorator(textDecorator: TextDecorator): Unit = textDecorators += textDecorator
+
+  def getTextDecorators: Seq[TextDecorator] = textDecorators.toSeq
+
+  def addSuggestionProvider(suggestionProvider: SuggestionProvider): Unit = suggestionProviders += suggestionProvider
+
+  def getSuggestionProviders: Seq[SuggestionProvider] = suggestionProviders.toSeq
 }
 
 /**
@@ -180,6 +162,8 @@ object PluginRegistry {
    */
   def initialize(context: ServletContext, settings: SystemSettings, conn: java.sql.Connection): Unit = {
     val pluginDir = new File(PluginHome)
+    val manager = new JDBCVersionManager(conn)
+
     if(pluginDir.exists && pluginDir.isDirectory){
       pluginDir.listFiles(new FilenameFilter {
         override def accept(dir: File, name: String): Boolean = name.endsWith(".jar")
@@ -192,19 +176,26 @@ object PluginRegistry {
           val solidbase = new Solidbase()
           solidbase.migrate(conn, classLoader, DatabaseConfig.liquiDriver, new Module(plugin.pluginId, plugin.versions: _*))
 
+          // Check version
+          val databaseVersion = manager.getCurrentVersion(plugin.pluginId)
+          val pluginVersion = plugin.versions.last.getVersion
+          if(databaseVersion != pluginVersion){
+            throw new IllegalStateException(s"Plugin version is ${pluginVersion}, but database version is ${databaseVersion}")
+          }
+
           // Initialize
           plugin.initialize(instance, context, settings)
           instance.addPlugin(PluginInfo(
-            pluginId    = plugin.pluginId,
-            pluginName  = plugin.pluginName,
-            version     = plugin.versions.head.getVersion,
-            description = plugin.description,
-            pluginClass = plugin
+            pluginId      = plugin.pluginId,
+            pluginName    = plugin.pluginName,
+            pluginVersion = plugin.versions.last.getVersion,
+            description   = plugin.description,
+            pluginClass   = plugin
           ))
 
         } catch {
           case e: Throwable => {
-            logger.error(s"Error during plugin initialization", e)
+            logger.error(s"Error during plugin initialization: ${pluginJar.getAbsolutePath}", e)
           }
         }
       }
@@ -231,7 +222,7 @@ case class Link(id: String, label: String, path: String, icon: Option[String] =
 case class PluginInfo(
   pluginId: String,
   pluginName: String,
-  version: String,
+  pluginVersion: String,
   description: String,
   pluginClass: Plugin
 )

src/main/scala/gitbucket/core/plugin/ReceiveHook.scala

@@ -2,7 +2,7 @@ package gitbucket.core.plugin
 
 import gitbucket.core.model.Profile._
 import org.eclipse.jgit.transport.{ReceivePack, ReceiveCommand}
-import profile.simple._
+import profile.api._
 
 trait ReceiveHook {
 

src/main/scala/gitbucket/core/plugin/Sessions.scala

@@ -1,6 +1,6 @@
 package gitbucket.core.plugin
 
-import scala.slick.jdbc.JdbcBackend.Session
+import slick.jdbc.JdbcBackend.Session
 
 /**
  * Provides Slick Session to Plug-ins.

src/main/scala/gitbucket/core/plugin/SuggestionProvider.scala

@@ -0,0 +1,27 @@
+package gitbucket.core.plugin
+
+import gitbucket.core.controller.Context
+import gitbucket.core.service.RepositoryService.RepositoryInfo
+
+trait SuggestionProvider {
+
+  val id: String
+  val prefix: String
+  val suffix: String = " "
+  val context: Seq[String]
+
+  def values(repository: RepositoryInfo): Seq[String]
+  def template(implicit context: Context): String = "value"
+  def additionalScript(implicit context: Context): String = ""
+
+}
+
+class UserNameSuggestionProvider extends SuggestionProvider {
+  override val id: String = "user"
+  override val prefix: String = "@"
+  override val context: Seq[String] = Seq("issues")
+  override def values(repository: RepositoryInfo): Seq[String] = Nil
+  override def template(implicit context: Context): String = "'@' + value"
+  override def additionalScript(implicit context: Context): String =
+    s"""$$.get('${context.path}/_user/proposals', { query: '', user: true, group: false }, function (data) { user = data.options; });"""
+}

src/main/scala/gitbucket/core/plugin/TextDecorator.scala

@@ -0,0 +1,10 @@
+package gitbucket.core.plugin
+
+import gitbucket.core.controller.Context
+import gitbucket.core.service.RepositoryService.RepositoryInfo
+
+trait TextDecorator {
+
+  def decorate(text: String, repository: RepositoryInfo)(implicit context: Context): String
+
+}

src/main/scala/gitbucket/core/service/AccessTokenService.scala

@@ -1,8 +1,7 @@
 package gitbucket.core.service
 
 import gitbucket.core.model.Profile._
-import profile.simple._
-
+import gitbucket.core.model.Profile.profile.blockingApi._
 import gitbucket.core.model.{Account, AccessToken}
 import gitbucket.core.util.StringUtil
 
@@ -20,28 +19,30 @@ trait AccessTokenService {
   def tokenToHash(token: String): String = StringUtil.sha1(token)
 
   /**
-   * @retuen (TokenId, Token)
+   * @return (TokenId, Token)
    */
   def generateAccessToken(userName: String, note: String)(implicit s: Session): (Int, String) = {
     var token: String = null
     var hash: String = null
-    do{
+
+    do {
       token = makeAccessTokenString
       hash = tokenToHash(token)
-    }while(AccessTokens.filter(_.tokenHash === hash.bind).exists.run)
+    //} while (AccessTokens.filter(_.tokenHash === hash.bind).exists.run)
+  } while (AccessTokens.filter(_.tokenHash === hash.bind).exists.run)
     val newToken = AccessToken(
         userName = userName,
         note = note,
         tokenHash = hash)
-    val tokenId = (AccessTokens returning AccessTokens.map(_.accessTokenId)) += newToken
+    val tokenId = (AccessTokens returning AccessTokens.map(_.accessTokenId)) insert newToken
     (tokenId, token)
   }
 
   def getAccountByAccessToken(token: String)(implicit s: Session): Option[Account] =
     Accounts
-      .innerJoin(AccessTokens)
-      .filter{ case (ac, t) => (ac.userName === t.userName) && (t.tokenHash === tokenToHash(token).bind) && (ac.removed === false.bind) }
-      .map{ case (ac, t) => ac }
+      .join(AccessTokens)
+      .filter { case (ac, t) => (ac.userName === t.userName) && (t.tokenHash === tokenToHash(token).bind) && (ac.removed === false.bind) }
+      .map { case (ac, t) => ac }
       .firstOption
 
   def getAccessTokens(userName: String)(implicit s: Session): List[AccessToken] =

src/main/scala/gitbucket/core/service/AccountService.scala

@@ -1,26 +1,32 @@
 package gitbucket.core.service
 
+import org.slf4j.LoggerFactory
 import gitbucket.core.model.{GroupMember, Account}
 import gitbucket.core.model.Profile._
-import gitbucket.core.util.{StringUtil, LDAPUtil}
-import gitbucket.core.service.SystemSettingsService.SystemSettings
-import profile.simple._
-import StringUtil._
-import org.slf4j.LoggerFactory
-// TODO Why is direct import required?
+import gitbucket.core.model.Profile.profile.blockingApi._
 import gitbucket.core.model.Profile.dateColumnType
+import gitbucket.core.util.{StringUtil, LDAPUtil}
+import StringUtil._
+import gitbucket.core.service.SystemSettingsService.SystemSettings
 
 trait AccountService {
 
   private val logger = LoggerFactory.getLogger(classOf[AccountService])
 
-  def authenticate(settings: SystemSettings, userName: String, password: String)(implicit s: Session): Option[Account] =
-    if(settings.ldapAuthentication){
+  def authenticate(settings: SystemSettings, userName: String, password: String)(implicit s: Session): Option[Account] = {
+    val account = if (settings.ldapAuthentication) {
       ldapAuthentication(settings, userName, password)
     } else {
       defaultAuthentication(userName, password)
     }
 
+    if(account.isEmpty){
+      logger.info(s"Failed to authenticate: $userName")
+    }
+
+    account
+  }
+
   /**
    * Authenticate by internal database.
    */
@@ -61,14 +67,14 @@ trait AccountService {
               defaultAuthentication(userName, password)
             }
             case None => {
-              createAccount(ldapUserInfo.userName, "", ldapUserInfo.fullName, ldapUserInfo.mailAddress, false, None)
+              createAccount(ldapUserInfo.userName, "", ldapUserInfo.fullName, ldapUserInfo.mailAddress, false, None, None)
               getAccountByUserName(ldapUserInfo.userName)
             }
           }
         }
       }
       case Left(errorMessage) => {
-        logger.info(s"LDAP Authentication Failed: ${errorMessage}")
+        logger.info(s"LDAP error: ${errorMessage}")
         defaultAuthentication(userName, password)
       }
     }
@@ -103,7 +109,7 @@ trait AccountService {
     } else false
   }
 
-  def createAccount(userName: String, password: String, fullName: String, mailAddress: String, isAdmin: Boolean, url: Option[String])
+  def createAccount(userName: String, password: String, fullName: String, mailAddress: String, isAdmin: Boolean, description: Option[String], url: Option[String])
                    (implicit s: Session): Unit =
     Accounts insert Account(
       userName       = userName,
@@ -117,12 +123,13 @@ trait AccountService {
       lastLoginDate  = None,
       image          = None,
       isGroupAccount = false,
-      isRemoved      = false)
+      isRemoved      = false,
+      description    = description)
 
   def updateAccount(account: Account)(implicit s: Session): Unit =
     Accounts
       .filter { a =>  a.userName === account.userName.bind }
-      .map    { a => (a.password, a.fullName, a.mailAddress, a.isAdmin, a.url.?, a.registeredDate, a.updatedDate, a.lastLoginDate.?, a.removed) }
+      .map    { a => (a.password, a.fullName, a.mailAddress, a.isAdmin, a.url.?, a.registeredDate, a.updatedDate, a.lastLoginDate.?, a.removed, a.description.?) }
       .update (
         account.password,
         account.fullName,
@@ -132,7 +139,8 @@ trait AccountService {
         account.registeredDate,
         currentDate,
         account.lastLoginDate,
-        account.isRemoved)
+        account.isRemoved,
+        account.description)
 
   def updateAvatarImage(userName: String, image: Option[String])(implicit s: Session): Unit =
     Accounts.filter(_.userName === userName.bind).map(_.image.?).update(image)
@@ -140,7 +148,7 @@ trait AccountService {
   def updateLastLoginDate(userName: String)(implicit s: Session): Unit =
     Accounts.filter(_.userName === userName.bind).map(_.lastLoginDate).update(currentDate)
 
-  def createGroup(groupName: String, url: Option[String])(implicit s: Session): Unit =
+  def createGroup(groupName: String, description: Option[String], url: Option[String])(implicit s: Session): Unit =
     Accounts insert Account(
       userName       = groupName,
       password       = "",
@@ -153,10 +161,13 @@ trait AccountService {
       lastLoginDate  = None,
       image          = None,
       isGroupAccount = true,
-      isRemoved      = false)
+      isRemoved      = false,
+      description    = description)
 
-  def updateGroup(groupName: String, url: Option[String], removed: Boolean)(implicit s: Session): Unit =
-    Accounts.filter(_.userName === groupName.bind).map(t => t.url.? -> t.removed).update(url, removed)
+  def updateGroup(groupName: String, description: Option[String], url: Option[String], removed: Boolean)(implicit s: Session): Unit =
+    Accounts.filter(_.userName === groupName.bind)
+      .map(t => (t.url.?, t.description.?, t.removed))
+      .update(url, description, removed)
 
   def updateGroupMembers(groupName: String, members: List[(String, Boolean)])(implicit s: Session): Unit = {
     GroupMembers.filter(_.groupName === groupName.bind).delete
@@ -181,12 +192,11 @@ trait AccountService {
   def removeUserRelatedData(userName: String)(implicit s: Session): Unit = {
     GroupMembers.filter(_.userName === userName.bind).delete
     Collaborators.filter(_.collaboratorName === userName.bind).delete
-    Repositories.filter(_.userName === userName.bind).delete
   }
 
   def getGroupNames(userName: String)(implicit s: Session): List[String] = {
     List(userName) ++
-      Collaborators.filter(_.collaboratorName === userName.bind).sortBy(_.userName).map(_.userName).list
+      Collaborators.filter(_.collaboratorName === userName.bind).sortBy(_.userName).map(_.userName).list.distinct
   }
 
 }

src/main/scala/gitbucket/core/service/ActivityService.scala

@@ -1,9 +1,9 @@
 package gitbucket.core.service
 
 import gitbucket.core.model.Activity
-import gitbucket.core.model.Profile._
 import gitbucket.core.util.JGitUtil
-import profile.simple._
+import gitbucket.core.model.Profile._
+import gitbucket.core.model.Profile.profile.blockingApi._
 
 trait ActivityService {
 
@@ -15,7 +15,7 @@ trait ActivityService {
 
   def getActivitiesByUser(activityUserName: String, isPublic: Boolean)(implicit s: Session): List[Activity] =
     Activities
-      .innerJoin(Repositories).on((t1, t2) => t1.byRepository(t2.userName, t2.repositoryName))
+      .join(Repositories).on((t1, t2) => t1.byRepository(t2.userName, t2.repositoryName))
       .filter { case (t1, t2) =>
         if(isPublic){
           (t1.activityUserName === activityUserName.bind) && (t2.isPrivate === false.bind)
@@ -30,7 +30,7 @@ trait ActivityService {
 
   def getRecentActivities()(implicit s: Session): List[Activity] =
     Activities
-      .innerJoin(Repositories).on((t1, t2) => t1.byRepository(t2.userName, t2.repositoryName))
+      .join(Repositories).on((t1, t2) => t1.byRepository(t2.userName, t2.repositoryName))
       .filter { case (t1, t2) =>  t2.isPrivate === false.bind }
       .sortBy { case (t1, t2) => t1.activityId desc }
       .map    { case (t1, t2) => t1 }
@@ -39,7 +39,7 @@ trait ActivityService {
 
   def getRecentActivitiesByOwners(owners : Set[String])(implicit s: Session): List[Activity] =
     Activities
-      .innerJoin(Repositories).on((t1, t2) => t1.byRepository(t2.userName, t2.repositoryName))
+      .join(Repositories).on((t1, t2) => t1.byRepository(t2.userName, t2.repositoryName))
       .filter { case (t1, t2) => (t2.isPrivate === false.bind) || (t2.userName inSetBind owners) }
       .sortBy { case (t1, t2) => t1.activityId desc }
       .map    { case (t1, t2) => t1 }

src/main/scala/gitbucket/core/service/CommitStatusService.scala

@@ -1,14 +1,9 @@
 package gitbucket.core.service
 
 import gitbucket.core.model.Profile._
-import profile.simple._
-
-import gitbucket.core.model.{CommitState, CommitStatus, Account}
-import gitbucket.core.util.Implicits._
-import gitbucket.core.util.StringUtil._
-import gitbucket.core.service.RepositoryService.RepositoryInfo
-import org.joda.time.LocalDateTime
+import gitbucket.core.model.Profile.profile.blockingApi._
 import gitbucket.core.model.Profile.dateColumnType
+import gitbucket.core.model.{CommitState, CommitStatus, Account}
 
 trait CommitStatusService {
   /** insert or update */
@@ -23,7 +18,7 @@ trait CommitStatusService {
           }.update((state, targetUrl, now, creator.userName, description))
           id
         }
-        case None => (CommitStatuses returning CommitStatuses.map(_.commitStatusId)) += CommitStatus(
+        case None => (CommitStatuses returning CommitStatuses.map(_.commitStatusId)) insert CommitStatus(
             userName       = userName,
             repositoryName = repositoryName,
             commitId       = sha,
@@ -49,9 +44,9 @@ trait CommitStatusService {
     CommitStatuses.filter(t => t.byRepository(userName, repositoryName)).filter(t => t.updatedDate > time.bind).groupBy(_.context).map(_._1).list
 
   def getCommitStatuesWithCreator(userName: String, repositoryName: String, sha: String)(implicit s: Session) :List[(CommitStatus, Account)] =
-    byCommitStatues(userName, repositoryName, sha).innerJoin(Accounts).filter { case (t, a) => t.creator === a.userName }.list
+    byCommitStatues(userName, repositoryName, sha).join(Accounts).filter { case (t, a) => t.creator === a.userName }.list
 
   protected def byCommitStatues(userName: String, repositoryName: String, sha: String)(implicit s: Session) = 
     CommitStatuses.filter(t => t.byCommit(userName, repositoryName, sha)).sortBy(_.updatedDate desc)
 
-}
+}

src/main/scala/gitbucket/core/service/CommitsService.scala

@@ -1,15 +1,9 @@
 package gitbucket.core.service
 
 import gitbucket.core.model.CommitComment
-import gitbucket.core.util.{StringUtil, Implicits}
-
-import scala.slick.jdbc.{StaticQuery => Q}
-import Q.interpolation
 import gitbucket.core.model.Profile._
-import profile.simple._
-import Implicits._
-import StringUtil._
-
+import gitbucket.core.model.Profile.profile.blockingApi._
+import gitbucket.core.model.Profile.dateColumnType
 
 trait CommitsService {
 
@@ -29,7 +23,7 @@ trait CommitsService {
   def createCommitComment(owner: String, repository: String, commitId: String, loginUser: String,
                           content: String, fileName: Option[String], oldLine: Option[Int], newLine: Option[Int],
                           issueId: Option[Int])(implicit s: Session): Int =
-    CommitComments.autoInc insert CommitComment(
+    CommitComments returning CommitComments.map(_.commentId) insert CommitComment(
       userName          = owner,
       repositoryName    = repository,
       commitId          = commitId,
@@ -42,12 +36,18 @@ trait CommitsService {
       updatedDate       = currentDate,
       issueId           = issueId)
 
-  def updateCommitComment(commentId: Int, content: String)(implicit s: Session) =
+  def updateCommitCommentPosition(commentId: Int, commitId: String, oldLine: Option[Int], newLine: Option[Int])(implicit s: Session): Unit =
+    CommitComments.filter(_.byPrimaryKey(commentId))
+      .map { t =>
+        (t.commitId, t.oldLine, t.newLine)
+      }.update(commitId, oldLine, newLine)
+
+  def updateCommitComment(commentId: Int, content: String)(implicit s: Session) = {
     CommitComments
       .filter (_.byPrimaryKey(commentId))
-      .map { t =>
-      t.content -> t.updatedDate
-    }.update (content, currentDate)
+      .map { t => (t.content, t.updatedDate) }
+      .update (content, currentDate)
+  }
 
   def deleteCommitComment(commentId: Int)(implicit s: Session) =
     CommitComments filter (_.byPrimaryKey(commentId)) delete

src/main/scala/gitbucket/core/service/HandleCommentService.scala

@@ -3,88 +3,91 @@ package gitbucket.core.service
 import gitbucket.core.controller.Context
 import gitbucket.core.model.Issue
 import gitbucket.core.model.Profile._
+import gitbucket.core.model.Profile.profile.blockingApi._
 import gitbucket.core.util.ControlUtil._
 import gitbucket.core.util.Implicits._
 import gitbucket.core.util.Notifier
-import profile.simple._
 
 trait HandleCommentService {
   self: RepositoryService with IssuesService with ActivityService
     with WebHookService with WebHookIssueCommentService with WebHookPullRequestService =>
 
   /**
-   * @see [[https://github.com/takezoe/gitbucket/wiki/CommentAction]]
+   * @see [[https://github.com/gitbucket/gitbucket/wiki/CommentAction]]
    */
   def handleComment(issue: Issue, content: Option[String], repository: RepositoryService.RepositoryInfo, actionOpt: Option[String])
                    (implicit context: Context, s: Session) = {
+    context.loginAccount.flatMap { loginAccount =>
+      defining(repository.owner, repository.name){ case (owner, name) =>
+        val userName = loginAccount.userName
 
-    defining(repository.owner, repository.name){ case (owner, name) =>
-      val userName = context.loginAccount.get.userName
-
-      val (action, recordActivity) = actionOpt
-        .collect {
-          case "close" if(!issue.closed) => true  ->
-            (Some("close")  -> Some(if(issue.isPullRequest) recordClosePullRequestActivity _ else recordCloseIssueActivity _))
-          case "reopen" if(issue.closed) => false ->
-            (Some("reopen") -> Some(recordReopenIssueActivity _))
-        }
-        .map { case (closed, t) =>
-          updateClosed(owner, name, issue.issueId, closed)
-          t
-        }
-        .getOrElse(None -> None)
-
-      val commentId = (content, action) match {
-        case (None, None) => None
-        case (None, Some(action)) => Some(createComment(owner, name, userName, issue.issueId, action.capitalize, action))
-        case (Some(content), _) => Some(createComment(owner, name, userName, issue.issueId, content, action.map(_+ "_comment").getOrElse("comment")))
-      }
-
-      // record comment activity if comment is entered
-      content foreach {
-        (if(issue.isPullRequest) recordCommentPullRequestActivity _ else recordCommentIssueActivity _)
-        (owner, name, userName, issue.issueId, _)
-      }
-      recordActivity foreach ( _ (owner, name, userName, issue.issueId, issue.title) )
-
-      // extract references and create refer comment
-      content.map { content =>
-        createReferComment(owner, name, issue, content, context.loginAccount.get)
-      }
-
-      // call web hooks
-      action match {
-        case None => commentId.map{ commentIdSome => callIssueCommentWebHook(repository, issue, commentIdSome, context.loginAccount.get) }
-        case Some(act) => val webHookAction = act match {
-          case "open"   => "opened"
-          case "reopen" => "reopened"
-          case "close"  => "closed"
-          case _ => act
-        }
-          if(issue.isPullRequest){
-            callPullRequestWebHook(webHookAction, repository, issue.issueId, context.baseUrl, context.loginAccount.get)
-          } else {
-            callIssuesWebHook(webHookAction, repository, issue, context.baseUrl, context.loginAccount.get)
+        val (action, recordActivity) = actionOpt
+          .collect {
+            case "close" if(!issue.closed) => true  ->
+              (Some("close")  -> Some(if(issue.isPullRequest) recordClosePullRequestActivity _ else recordCloseIssueActivity _))
+            case "reopen" if(issue.closed) => false ->
+              (Some("reopen") -> Some(recordReopenIssueActivity _))
           }
-      }
+          .map { case (closed, t) =>
+            updateClosed(owner, name, issue.issueId, closed)
+            t
+          }
+          .getOrElse(None -> None)
 
-      // notifications
-      Notifier() match {
-        case f =>
-          content foreach {
-            f.toNotify(repository, issue, _){
-              Notifier.msgComment(s"${context.baseUrl}/${owner}/${name}/${
-                if(issue.isPullRequest) "pull" else "issues"}/${issue.issueId}#comment-${commentId.get}")
+        val commentId = (content, action) match {
+          case (None, None) => None
+          case (None, Some(action)) => Some(createComment(owner, name, userName, issue.issueId, action.capitalize, action))
+          case (Some(content), _) => Some(createComment(owner, name, userName, issue.issueId, content, action.map(_+ "_comment").getOrElse("comment")))
+        }
+
+        // record comment activity if comment is entered
+        content foreach {
+          (if(issue.isPullRequest) recordCommentPullRequestActivity _ else recordCommentIssueActivity _)
+          (owner, name, userName, issue.issueId, _)
+        }
+        recordActivity foreach ( _ (owner, name, userName, issue.issueId, issue.title) )
+
+        // extract references and create refer comment
+        content.map { content =>
+          createReferComment(owner, name, issue, content, loginAccount)
+        }
+
+        // call web hooks
+        action match {
+          case None => commentId.map { commentIdSome => callIssueCommentWebHook(repository, issue, commentIdSome, loginAccount) }
+          case Some(act) => {
+            val webHookAction = act match {
+              case "open"   => "opened"
+              case "reopen" => "reopened"
+              case "close"  => "closed"
+              case _ => act
+            }
+            if (issue.isPullRequest) {
+              callPullRequestWebHook(webHookAction, repository, issue.issueId, context.baseUrl, loginAccount)
+            } else {
+              callIssuesWebHook(webHookAction, repository, issue, context.baseUrl, loginAccount)
             }
           }
-          action foreach {
-            f.toNotify(repository, issue, _){
-              Notifier.msgStatus(s"${context.baseUrl}/${owner}/${name}/issues/${issue.issueId}")
-            }
-          }
-      }
+        }
 
-      commentId.map( issue -> _ )
+        // notifications
+        Notifier() match {
+          case f =>
+            content foreach {
+              f.toNotify(repository, issue, _){
+                Notifier.msgComment(s"${context.baseUrl}/${owner}/${name}/${
+                  if(issue.isPullRequest) "pull" else "issues"}/${issue.issueId}#comment-${commentId.get}")
+              }
+            }
+            action foreach {
+              f.toNotify(repository, issue, _){
+                Notifier.msgStatus(s"${context.baseUrl}/${owner}/${name}/issues/${issue.issueId}")
+              }
+            }
+        }
+
+        commentId.map( issue -> _ )
+      }
     }
   }
 

src/main/scala/gitbucket/core/service/IssueCreationService.scala

@@ -0,0 +1,74 @@
+package gitbucket.core.service
+
+import gitbucket.core.controller.Context
+import gitbucket.core.model.{Account, Issue}
+import gitbucket.core.model.Profile.profile.blockingApi._
+import gitbucket.core.service.RepositoryService.RepositoryInfo
+import gitbucket.core.util.Notifier
+import gitbucket.core.util.Implicits._
+
+// TODO: Merged with IssuesService?
+trait IssueCreationService {
+
+  self: RepositoryService with WebHookIssueCommentService with LabelsService with IssuesService with ActivityService =>
+
+  def createIssue(repository: RepositoryInfo, title:String, body:Option[String],
+                  assignee: Option[String], milestoneId: Option[Int], labelNames: Seq[String],
+                  loginAccount: Account)(implicit context: Context, s: Session) : Issue = {
+
+    val owner = repository.owner
+    val name  = repository.name
+    val userName   = loginAccount.userName
+    val manageable = isIssueManageable(repository)
+
+    // insert issue
+    val issueId = insertIssue(owner, name, userName, title, body,
+      if (manageable) assignee else None,
+      if (manageable) milestoneId else None)
+    val issue: Issue = getIssue(owner, name, issueId.toString).get
+
+    // insert labels
+    if (manageable) {
+      val labels = getLabels(owner, name)
+      labelNames.map { labelName =>
+        labels.find(_.labelName == labelName).map { label =>
+          registerIssueLabel(owner, name, issueId, label.labelId)
+        }
+      }
+    }
+
+    // record activity
+    recordCreateIssueActivity(owner, name, userName, issueId, title)
+
+    // extract references and create refer comment
+    createReferComment(owner, name, issue, title + " " + body.getOrElse(""), loginAccount)
+
+    // call web hooks
+    callIssuesWebHook("opened", repository, issue, context.baseUrl, loginAccount)
+
+    // notifications
+    Notifier().toNotify(repository, issue, body.getOrElse("")) {
+      Notifier.msgIssue(s"${context.baseUrl}/${owner}/${name}/issues/${issueId}")
+    }
+    issue
+  }
+
+  /**
+   * Tests whether an logged-in user can manage issues.
+   */
+  protected def isIssueManageable(repository: RepositoryInfo)(implicit context: Context, s: Session): Boolean = {
+    hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
+  }
+
+  /**
+   * Tests whether an logged-in user can post issues.
+   */
+  protected def isIssueEditable(repository: RepositoryInfo)(implicit context: Context, s: Session): Boolean = {
+    repository.repository.options.issuesOption match {
+      case "ALL"     => !repository.repository.isPrivate && context.loginAccount.isDefined
+      case "PUBLIC"  => hasGuestRole(repository.owner, repository.name, context.loginAccount)
+      case "PRIVATE" => hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
+      case "DISABLE" => false
+    }
+  }
+}

src/main/scala/gitbucket/core/service/IssuesService.scala

@@ -1,20 +1,18 @@
 package gitbucket.core.service
 
-import gitbucket.core.model.Profile._
 import gitbucket.core.util.JGitUtil.CommitInfo
-import gitbucket.core.util.StringUtil
-import profile.simple._
-
 import gitbucket.core.util.StringUtil._
 import gitbucket.core.util.Implicits._
-import gitbucket.core.model._
+import gitbucket.core.model.{Issue, PullRequest, IssueComment, IssueLabel, Label, Account, Repository, CommitState, Role}
+import gitbucket.core.model.Profile._
+import gitbucket.core.model.Profile.profile._
+import gitbucket.core.model.Profile.profile.blockingApi._
+import gitbucket.core.model.Profile.dateColumnType
 
-import scala.slick.jdbc.{StaticQuery => Q}
-import Q.interpolation
 
 
 trait IssuesService {
-  self: AccountService =>
+  self: AccountService with RepositoryService =>
   import IssuesService._
 
   def getIssue(owner: String, repository: String, issueId: String)(implicit s: Session) =
@@ -23,17 +21,21 @@ trait IssuesService {
     else None
 
   def getComments(owner: String, repository: String, issueId: Int)(implicit s: Session) =
-    IssueComments filter (_.byIssue(owner, repository, issueId)) list
+    IssueComments filter (_.byIssue(owner, repository, issueId)) sortBy(_.commentId asc) list
 
   /** @return IssueComment and commentedUser and Issue */
   def getCommentsForApi(owner: String, repository: String, issueId: Int)(implicit s: Session): List[(IssueComment, Account, Issue)] =
     IssueComments.filter(_.byIssue(owner, repository, issueId))
     .filter(_.action inSetBind Set("comment" , "close_comment", "reopen_comment"))
-    .innerJoin(Accounts).on( (t1, t2) => t1.commentedUserName === t2.userName )
-    .innerJoin(Issues).on{ case ((t1, t2), t3) => t3.byIssue(t1.userName, t1.repositoryName, t1.issueId) }
+    .join(Accounts).on( (t1, t2) => t1.commentedUserName === t2.userName )
+    .join(Issues).on{ case ((t1, t2), t3) => t3.byIssue(t1.userName, t1.repositoryName, t1.issueId) }
     .map{ case ((t1, t2), t3) => (t1, t2, t3) }
     .list
 
+  def getMergedComment(owner: String, repository: String, issueId: Int)(implicit s: Session): Option[(IssueComment, Account)] = {
+    getCommentsForApi(owner, repository, issueId).collectFirst { case (comment, account, _) if comment.action == "merged" => (comment, account) }
+  }
+
   def getComment(owner: String, repository: String, commentId: String)(implicit s: Session) =
     if (commentId forall (_.isDigit))
       IssueComments filter { t =>
@@ -43,7 +45,7 @@ trait IssuesService {
 
   def getIssueLabels(owner: String, repository: String, issueId: Int)(implicit s: Session) =
     IssueLabels
-      .innerJoin(Labels).on { (t1, t2) =>
+      .join(Labels).on { (t1, t2) =>
         t1.byLabel(t2.userName, t2.repositoryName, t2.labelId)
       }
       .filter ( _._1.byIssue(owner, repository, issueId) )
@@ -77,10 +79,10 @@ trait IssuesService {
                               filterUser: Map[String, String])(implicit s: Session): Map[String, Int] = {
 
     searchIssueQuery(Seq(owner -> repository), condition.copy(labels = Set.empty), false)
-      .innerJoin(IssueLabels).on { (t1, t2) =>
+      .join(IssueLabels).on { (t1, t2) =>
         t1.byIssue(t2.userName, t2.repositoryName, t2.issueId)
       }
-      .innerJoin(Labels).on { case ((t1, t2), t3) =>
+      .join(Labels).on { case ((t1, t2), t3) =>
         t2.byLabel(t3.userName, t3.repositoryName, t3.labelId)
       }
       .groupBy { case ((t1, t2), t3) =>
@@ -89,63 +91,27 @@ trait IssuesService {
       .map { case (labelName, t) =>
         labelName -> t.length
       }
-      .toMap
+      .list.toMap
   }
 
-  def getCommitStatues(issueList:Seq[(String, String, Int)])(implicit s: Session) :Map[(String, String, Int), CommitStatusInfo] ={
-    if(issueList.isEmpty){
-      Map.empty
+  def getCommitStatues(userName: String, repositoryName: String, issueId: Int)(implicit s: Session): Option[CommitStatusInfo] = {
+    val status = PullRequests
+      .filter { pr => (pr.userName === userName.bind) && (pr.repositoryName === repositoryName.bind) && (pr.issueId === issueId.bind) }
+      .join(CommitStatuses).on((pr, cs) => pr.userName === cs.userName && pr.repositoryName === cs.repositoryName && pr.commitIdTo === cs.commitId)
+      .list
+
+    if(status.nonEmpty){
+      val (_, cs) = status.head
+      Some(CommitStatusInfo(
+        count        = status.length,
+        successCount = status.filter(_._2.state == CommitState.SUCCESS).length,
+        context      = (if(status.length == 1) Some(cs.context) else None),
+        state        = (if(status.length == 1) Some(cs.state)   else None),
+        targetUrl    = (if(status.length == 1) cs.targetUrl     else None),
+        description  = (if(status.length == 1) cs.description   else None)
+      ))
     } else {
-      import scala.slick.jdbc._
-      val issueIdQuery = issueList.map(i => "(PR.USER_NAME=? AND PR.REPOSITORY_NAME=? AND PR.ISSUE_ID=?)").mkString(" OR ")
-      implicit val qset = SetParameter[Seq[(String, String, Int)]] {
-        case (seq, pp) =>
-          for (a <- seq) {
-            pp.setString(a._1)
-            pp.setString(a._2)
-            pp.setInt(a._3)
-          }
-      }
-      import gitbucket.core.model.Profile.commitStateColumnType
-      val query = Q.query[Seq[(String, String, Int)], (String, String, Int, Int, Int, Option[String], Option[CommitState], Option[String], Option[String])](s"""
-        SELECT
-          SUMM.USER_NAME,
-          SUMM.REPOSITORY_NAME,
-          SUMM.ISSUE_ID,
-          CS_ALL,
-          CS_SUCCESS,
-          CSD.CONTEXT,
-          CSD.STATE,
-          CSD.TARGET_URL,
-          CSD.DESCRIPTION
-        FROM (
-          SELECT
-            PR.USER_NAME,
-            PR.REPOSITORY_NAME,
-            PR.ISSUE_ID,
-            COUNT(CS.STATE) AS CS_ALL,
-            CSS.CS_SUCCESS  AS CS_SUCCESS,
-            PR.COMMIT_ID_TO AS COMMIT_ID
-          FROM PULL_REQUEST PR
-          JOIN COMMIT_STATUS CS
-            ON PR.USER_NAME = CS.USER_NAME AND PR.REPOSITORY_NAME = CS.REPOSITORY_NAME AND PR.COMMIT_ID_TO = CS.COMMIT_ID
-          JOIN (
-            SELECT
-              COUNT(*) AS CS_SUCCESS,
-              USER_NAME,
-              REPOSITORY_NAME,
-              COMMIT_ID
-            FROM COMMIT_STATUS WHERE STATE = 'success' GROUP BY USER_NAME, REPOSITORY_NAME, COMMIT_ID
-          ) CSS ON PR.USER_NAME = CSS.USER_NAME AND PR.REPOSITORY_NAME = CSS.REPOSITORY_NAME AND PR.COMMIT_ID_TO = CSS.COMMIT_ID
-          WHERE $issueIdQuery
-          GROUP BY PR.USER_NAME, PR.REPOSITORY_NAME, PR.ISSUE_ID, CSS.CS_SUCCESS
-        ) as SUMM
-        LEFT OUTER JOIN COMMIT_STATUS CSD
-          ON SUMM.CS_ALL = 1 AND SUMM.COMMIT_ID = CSD.COMMIT_ID""");
-      query(issueList).list.map {
-        case(userName, repositoryName, issueId, count, successCount, context, state, targetUrl, description) =>
-          (userName, repositoryName, issueId) -> CommitStatusInfo(count, successCount, context, state, targetUrl, description)
-        }.toMap
+      None
     }
   }
 
@@ -163,66 +129,77 @@ trait IssuesService {
                  (implicit s: Session): List[IssueInfo] = {
     // get issues and comment count and labels
     val result = searchIssueQueryBase(condition, pullRequest, offset, limit, repos)
-        .leftJoin (IssueLabels) .on { case ((t1, t2), t3) => t1.byIssue(t3.userName, t3.repositoryName, t3.issueId) }
-        .leftJoin (Labels)      .on { case (((t1, t2), t3), t4) => t3.byLabel(t4.userName, t4.repositoryName, t4.labelId) }
-        .leftJoin (Milestones)  .on { case ((((t1, t2), t3), t4), t5) => t1.byMilestone(t5.userName, t5.repositoryName, t5.milestoneId) }
-        .map { case ((((t1, t2), t3), t4), t5) =>
-          (t1, t2.commentCount, t4.labelId.?, t4.labelName.?, t4.color.?, t5.title.?)
+        .joinLeft (IssueLabels) .on { case (((t1, t2), i), t3) => t1.byIssue(t3.userName, t3.repositoryName, t3.issueId) }
+        .joinLeft (Labels)      .on { case ((((t1, t2), i), t3), t4) => t3.map(_.byLabel(t4.userName, t4.repositoryName, t4.labelId)) }
+        .joinLeft (Milestones)  .on { case (((((t1, t2), i), t3), t4), t5) => t1.byMilestone(t5.userName, t5.repositoryName, t5.milestoneId) }
+        .sortBy { case (((((t1, t2), i), t3), t4), t5) => i asc }
+        .map { case (((((t1, t2), i), t3), t4), t5) =>
+          (t1, t2.commentCount, t4.map(_.labelId), t4.map(_.labelName), t4.map(_.color), t5.map(_.title))
         }
         .list
-        .splitWith { (c1, c2) =>
-          c1._1.userName       == c2._1.userName &&
-          c1._1.repositoryName == c2._1.repositoryName &&
-          c1._1.issueId        == c2._1.issueId
-        }
-    val status = getCommitStatues(result.map(_.head._1).map(is => (is.userName, is.repositoryName, is.issueId)))
+        .splitWith { (c1, c2) => c1._1.userName == c2._1.userName && c1._1.repositoryName == c2._1.repositoryName && c1._1.issueId == c2._1.issueId }
 
     result.map { issues => issues.head match {
-          case (issue, commentCount, _, _, _, milestone) =>
-            IssueInfo(issue,
-             issues.flatMap { t => t._3.map (
-                 Label(issue.userName, issue.repositoryName, _, t._4.get, t._5.get)
-             )} toList,
-             milestone,
-             commentCount,
-             status.get(issue.userName, issue.repositoryName, issue.issueId))
-        }} toList
+      case (issue, commentCount, _, _, _, milestone) =>
+        IssueInfo(issue,
+         issues.flatMap { t => t._3.map (Label(issue.userName, issue.repositoryName, _, t._4.get, t._5.get))} toList,
+         milestone,
+         commentCount,
+         getCommitStatues(issue.userName, issue.repositoryName, issue.issueId))
+    }} toList
+  }
+
+  /** for api
+   * @return (issue, issueUser, commentCount)
+   */
+  def searchIssueByApi(condition: IssueSearchCondition, offset: Int, limit: Int, repos: (String, String)*)
+                            (implicit s: Session): List[(Issue, Account)] = {
+    // get issues and comment count and labels
+    searchIssueQueryBase(condition, false, offset, limit, repos)
+      .join(Accounts).on { case (((t1, t2), i), t3) => t3.userName === t1.openedUserName }
+      .sortBy { case (((t1, t2), i), t3) => i asc }
+      .map { case (((t1, t2), i), t3) => (t1, t3) }
+      .list
   }
 
   /** for api
    * @return (issue, issueUser, commentCount, pullRequest, headRepo, headOwner)
    */
   def searchPullRequestByApi(condition: IssueSearchCondition, offset: Int, limit: Int, repos: (String, String)*)
-                 (implicit s: Session): List[(Issue, Account, Int, PullRequest, Repository, Account)] = {
+                            (implicit s: Session): List[(Issue, Account, Int, PullRequest, Repository, Account)] = {
     // get issues and comment count and labels
     searchIssueQueryBase(condition, true, offset, limit, repos)
-      .innerJoin(PullRequests).on { case ((t1, t2), t3) => t3.byPrimaryKey(t1.userName, t1.repositoryName, t1.issueId) }
-      .innerJoin(Repositories).on { case (((t1, t2), t3), t4) => t4.byRepository(t1.userName, t1.repositoryName) }
-      .innerJoin(Accounts).on { case ((((t1, t2), t3), t4), t5) => t5.userName === t1.openedUserName }
-      .innerJoin(Accounts).on { case (((((t1, t2), t3), t4), t5), t6) => t6.userName === t4.userName }
-      .map { case (((((t1, t2), t3), t4), t5), t6) =>
-          (t1, t5, t2.commentCount, t3, t4, t6)
-      }
+      .join(PullRequests).on { case (((t1, t2), i), t3) => t3.byPrimaryKey(t1.userName, t1.repositoryName, t1.issueId) }
+      .join(Repositories).on { case ((((t1, t2), i), t3), t4) => t4.byRepository(t1.userName, t1.repositoryName) }
+      .join(Accounts).on { case (((((t1, t2), i), t3), t4), t5) => t5.userName === t1.openedUserName }
+      .join(Accounts).on { case ((((((t1, t2), i), t3), t4), t5), t6) => t6.userName === t4.userName }
+      .sortBy { case ((((((t1, t2), i), t3), t4), t5), t6) => i asc }
+      .map { case ((((((t1, t2), i), t3), t4), t5), t6) => (t1, t5, t2.commentCount, t3, t4, t6) }
       .list
   }
 
   private def searchIssueQueryBase(condition: IssueSearchCondition, pullRequest: Boolean, offset: Int, limit: Int, repos: Seq[(String, String)])
-                 (implicit s: Session) =
+                                  (implicit s: Session) =
     searchIssueQuery(repos, condition, pullRequest)
-        .innerJoin(IssueOutline).on { (t1, t2) => t1.byIssue(t2.userName, t2.repositoryName, t2.issueId) }
-        .sortBy { case (t1, t2) =>
-          (condition.sort match {
-            case "created"  => t1.registeredDate
-            case "comments" => t2.commentCount
-            case "updated"  => t1.updatedDate
-          }) match {
-            case sort => condition.direction match {
-              case "asc"  => sort asc
-              case "desc" => sort desc
-            }
+      .join(IssueOutline).on { (t1, t2) => t1.byIssue(t2.userName, t2.repositoryName, t2.issueId) }
+      .sortBy { case (t1, t2) => t1.issueId desc }
+      .sortBy { case (t1, t2) =>
+        condition.sort match {
+          case "created" => condition.direction match {
+            case "asc"  => t1.registeredDate asc
+            case "desc" => t1.registeredDate desc
+          }
+          case "comments" => condition.direction match {
+            case "asc"  => t2.commentCount asc
+            case "desc" => t2.commentCount desc
+          }
+          case "updated" => condition.direction match {
+            case "asc"  => t1.updatedDate asc
+            case "desc" => t1.updatedDate desc
           }
         }
-        .drop(offset).take(limit)
+      }
+      .drop(offset).take(limit).zipWithIndex
 
 
   /**
@@ -232,7 +209,7 @@ trait IssuesService {
     Issues filter { t1 =>
       repos
         .map { case (owner, repository) => t1.byRepository(owner, repository) }
-        .foldLeft[Column[Boolean]](false) ( _ || _ ) &&
+        .foldLeft[Rep[Boolean]](false) ( _ || _ ) &&
       (t1.closed           === (condition.state == "closed").bind) &&
       (t1.milestoneId.?      isEmpty, condition.milestone == Some(None)) &&
       (t1.assignedUserName.? isEmpty, condition.assigned  == Some(None)) &&
@@ -268,7 +245,7 @@ trait IssuesService {
         } exists), condition.mentioned.isDefined)
     }
 
-  def createIssue(owner: String, repository: String, loginUser: String, title: String, content: Option[String],
+  def insertIssue(owner: String, repository: String, loginUser: String, title: String, content: Option[String],
                   assignedUserName: Option[String], milestoneId: Option[Int],
                   isPullRequest: Boolean = false)(implicit s: Session) =
     // next id number
@@ -302,25 +279,24 @@ trait IssuesService {
     IssueLabels filter(_.byPrimaryKey(owner, repository, issueId, labelId)) delete
 
   def createComment(owner: String, repository: String, loginUser: String,
-      issueId: Int, content: String, action: String)(implicit s: Session): Int =
-    IssueComments.autoInc insert IssueComment(
-        userName          = owner,
-        repositoryName    = repository,
-        issueId           = issueId,
-        action            = action,
-        commentedUserName = loginUser,
-        content           = content,
-        registeredDate    = currentDate,
-        updatedDate       = currentDate)
+      issueId: Int, content: String, action: String)(implicit s: Session): Int = {
+    IssueComments returning IssueComments.map(_.commentId) insert IssueComment(
+      userName          = owner,
+      repositoryName    = repository,
+      issueId           = issueId,
+      action            = action,
+      commentedUserName = loginUser,
+      content           = content,
+      registeredDate    = currentDate,
+      updatedDate       = currentDate)
+  }
 
-  def updateIssue(owner: String, repository: String, issueId: Int,
-      title: String, content: Option[String])(implicit s: Session) =
+  def updateIssue(owner: String, repository: String, issueId: Int, title: String, content: Option[String])(implicit s: Session) = {
     Issues
       .filter (_.byPrimaryKey(owner, repository, issueId))
-      .map { t =>
-        (t.title, t.content.?, t.updatedDate)
-      }
+      .map { t => (t.title, t.content.?, t.updatedDate) }
       .update (title, content, currentDate)
+  }
 
   def updateAssignedUserName(owner: String, repository: String, issueId: Int,
                              assignedUserName: Option[String])(implicit s: Session) =
@@ -330,24 +306,16 @@ trait IssuesService {
                         milestoneId: Option[Int])(implicit s: Session) =
     Issues.filter (_.byPrimaryKey(owner, repository, issueId)).map(_.milestoneId?).update (milestoneId)
 
-  def updateComment(commentId: Int, content: String)(implicit s: Session) =
-    IssueComments
-      .filter (_.byPrimaryKey(commentId))
-      .map { t =>
-        t.content -> t.updatedDate
-      }
-      .update (content, currentDate)
+  def updateComment(commentId: Int, content: String)(implicit s: Session) = {
+    IssueComments.filter (_.byPrimaryKey(commentId)).map(t => (t.content, t.updatedDate)).update(content, currentDate)
+  }
 
   def deleteComment(commentId: Int)(implicit s: Session) =
     IssueComments filter (_.byPrimaryKey(commentId)) delete
 
-  def updateClosed(owner: String, repository: String, issueId: Int, closed: Boolean)(implicit s: Session) =
-    Issues
-      .filter (_.byPrimaryKey(owner, repository, issueId))
-      .map { t =>
-        t.closed -> t.updatedDate
-      }
-      .update (closed, currentDate)
+  def updateClosed(owner: String, repository: String, issueId: Int, closed: Boolean)(implicit s: Session) = {
+    (Issues filter (_.byPrimaryKey(owner, repository, issueId)) map(t => (t.closed, t.updatedDate))).update((closed, currentDate))
+  }
 
   /**
    * Search issues by keyword.
@@ -359,13 +327,13 @@ trait IssuesService {
    */
   def searchIssuesByKeyword(owner: String, repository: String, query: String)
                            (implicit s: Session): List[(Issue, Int, String)] = {
-    import slick.driver.JdbcDriver.likeEncode
+    //import slick.driver.JdbcDriver.likeEncode
     val keywords = splitWords(query.toLowerCase)
 
     // Search Issue
     val issues = Issues
       .filter(_.byRepository(owner, repository))
-      .innerJoin(IssueOutline).on { case (t1, t2) =>
+      .join(IssueOutline).on { case (t1, t2) =>
         t1.byIssue(t2.userName, t2.repositoryName, t2.issueId)
       }
       .filter { case (t1, t2) =>
@@ -381,10 +349,10 @@ trait IssuesService {
     // Search IssueComment
     val comments = IssueComments
       .filter(_.byRepository(owner, repository))
-      .innerJoin(Issues).on { case (t1, t2) =>
+      .join(Issues).on { case (t1, t2) =>
         t1.byIssue(t2.userName, t2.repositoryName, t2.issueId)
       }
-      .innerJoin(IssueOutline).on { case ((t1, t2), t3) =>
+      .join(IssueOutline).on { case ((t1, t2), t3) =>
         t2.byIssue(t3.userName, t3.repositoryName, t3.issueId)
       }
       .filter { case ((t1, t2), t3) =>
@@ -416,7 +384,7 @@ trait IssuesService {
   }
 
   def createReferComment(owner: String, repository: String, fromIssue: Issue, message: String, loginAccount: Account)(implicit s: Session) = {
-    StringUtil.extractIssueId(message).foreach { issueId =>
+    extractIssueId(message).foreach { issueId =>
       val content = fromIssue.issueId + ":" + fromIssue.title
       if(getIssue(owner, repository, issueId).isDefined){
         // Not add if refer comment already exist.
@@ -428,7 +396,7 @@ trait IssuesService {
   }
 
   def createIssueComment(owner: String, repository: String, commit: CommitInfo)(implicit s: Session) = {
-    StringUtil.extractIssueId(commit.fullMessage).foreach { issueId =>
+    extractIssueId(commit.fullMessage).foreach { issueId =>
       if(getIssue(owner, repository, issueId).isDefined){
         getAccountByMailAddress(commit.committerEmailAddress).foreach { account =>
           createComment(owner, repository, account.userName, issueId.toInt, commit.fullMessage + " " + commit.id, "commit")
@@ -437,6 +405,11 @@ trait IssuesService {
     }
   }
 
+  def getAssignableUserNames(owner: String, repository: String)(implicit s: Session): List[String] = {
+    (getCollaboratorUserNames(owner, repository, Seq(Role.ADMIN, Role.DEVELOPER)) :::
+      (if (getAccountByUserName(owner).get.isGroupAccount) getGroupMembers(owner).map(_.userName) else List(owner))).distinct.sorted
+  }
+
 }
 
 object IssuesService {
@@ -483,6 +456,7 @@ object IssuesService {
           case ("comments", "asc" ) => Some("sort:comments-asc")
           case ("updated" , "desc") => Some("sort:updated-desc")
           case ("updated" , "asc" ) => Some("sort:updated-asc")
+          case x                    => throw new MatchError(x)
         },
         visibility.map(visibility => s"visibility:${visibility}")
       ).flatten ++
@@ -518,50 +492,6 @@ object IssuesService {
       if(value == null || value.isEmpty || (allow.nonEmpty && !allow.contains(value))) None else Some(value)
     }
 
-    /**
-     * Restores IssueSearchCondition instance from filter query.
-     */
-    def apply(filter: String, milestones: Map[String, Int]): IssueSearchCondition = {
-      val conditions = filter.split("[ 　\t]+").flatMap { x =>
-        x.split(":") match {
-           case Array(key, value) => Some((key, value))
-           case _ => None
-        }
-      }.groupBy(_._1).map { case (key, values) =>
-        key -> values.map(_._2).toSeq
-      }
-
-      val (sort, direction) = conditions.get("sort").flatMap(_.headOption).getOrElse("created-desc") match {
-        case "created-asc"   => ("created" , "asc" )
-        case "comments-desc" => ("comments", "desc")
-        case "comments-asc"  => ("comments", "asc" )
-        case "updated-desc"  => ("comments", "desc")
-        case "updated-asc"   => ("comments", "asc" )
-        case _               => ("created" , "desc")
-      }
-
-      IssueSearchCondition(
-        conditions.get("label").map(_.toSet).getOrElse(Set.empty),
-        conditions.get("milestone").flatMap(_.headOption) match {
-          case None         => None
-          case Some("none") => Some(None)
-          case Some(x)      => Some(Some(x))
-        },
-        conditions.get("author").flatMap(_.headOption),
-        conditions.get("assignee").flatMap(_.headOption) match {
-          case None         => None
-          case Some("none") => Some(None)
-          case Some(x)      => Some(Some(x))
-        },
-        conditions.get("mentions").flatMap(_.headOption),
-        conditions.get("is").getOrElse(Seq.empty).find(x => x == "open" || x == "closed").getOrElse("open"),
-        sort,
-        direction,
-        conditions.get("visibility").flatMap(_.headOption),
-        conditions.get("group").map(_.toSet).getOrElse(Set.empty)
-      )
-    }
-
     /**
      * Restores IssueSearchCondition instance from request parameters.
      */

src/main/scala/gitbucket/core/service/LabelsService.scala

@@ -2,7 +2,7 @@ package gitbucket.core.service
 
 import gitbucket.core.model.Label
 import gitbucket.core.model.Profile._
-import profile.simple._
+import gitbucket.core.model.Profile.profile.blockingApi._
 
 trait LabelsService {
 
@@ -15,13 +15,14 @@ trait LabelsService {
   def getLabel(owner: String, repository: String, labelName: String)(implicit s: Session): Option[Label] =
     Labels.filter(_.byLabel(owner, repository, labelName)).firstOption
 
-  def createLabel(owner: String, repository: String, labelName: String, color: String)(implicit s: Session): Int =
-    Labels returning Labels.map(_.labelId) += Label(
+  def createLabel(owner: String, repository: String, labelName: String, color: String)(implicit s: Session): Int = {
+    Labels returning Labels.map(_.labelId) insert Label(
       userName       = owner,
       repositoryName = repository,
       labelName      = labelName,
       color          = color
     )
+  }
 
   def updateLabel(owner: String, repository: String, labelId: Int, labelName: String, color: String)
                  (implicit s: Session): Unit =

src/main/scala/gitbucket/core/service/MergeService.scala

@@ -1,9 +1,7 @@
 package gitbucket.core.service
 
 import gitbucket.core.model.Account
-import gitbucket.core.util.LockUtil
 import gitbucket.core.util.Directory._
-import gitbucket.core.util.Implicits._
 import gitbucket.core.util.ControlUtil._
 
 import org.eclipse.jgit.merge.MergeStrategy
@@ -197,4 +195,4 @@ object MergeService{
 
     private def parseCommit(id:ObjectId) = using(new RevWalk( repository ))(_.parseCommit(id))
   }
-}
+}

src/main/scala/gitbucket/core/service/MilestonesService.scala

@@ -2,8 +2,7 @@ package gitbucket.core.service
 
 import gitbucket.core.model.Milestone
 import gitbucket.core.model.Profile._
-import profile.simple._
-// TODO Why is direct import required?
+import gitbucket.core.model.Profile.profile.blockingApi._
 import gitbucket.core.model.Profile.dateColumnType
 
 trait MilestonesService {
@@ -41,9 +40,10 @@ trait MilestonesService {
 
   def getMilestonesWithIssueCount(owner: String, repository: String)(implicit s: Session): List[(Milestone, Int, Int)] = {
     val counts = Issues
-      .filter  { t => (t.byRepository(owner, repository)) && (t.milestoneId.? isDefined) }
+      .filter  { t => t.byRepository(owner, repository) && (t.milestoneId.? isDefined) }
       .groupBy { t => t.milestoneId -> t.closed }
       .map     { case (t1, t2) => t1._1 -> t1._2 -> t2.length }
+      .list
       .toMap
 
     getMilestones(owner, repository).map { milestone =>
@@ -52,6 +52,6 @@ trait MilestonesService {
   }
 
   def getMilestones(owner: String, repository: String)(implicit s: Session): List[Milestone] =
-    Milestones.filter(_.byRepository(owner, repository)).sortBy(_.milestoneId asc).list
+    Milestones.filter(_.byRepository(owner, repository)).sortBy(t => (t.dueDate.asc, t.closedDate.desc, t.milestoneId.desc)).list
 
 }

src/main/scala/gitbucket/core/service/ProtectedBranchService.scala

@@ -1,9 +1,9 @@
 package gitbucket.core.service
 
-import gitbucket.core.model._
-import gitbucket.core.model.Profile._
+import gitbucket.core.model.{ProtectedBranch, ProtectedBranchContext, CommitState}
 import gitbucket.core.plugin.ReceiveHook
-import profile.simple._
+import gitbucket.core.model.Profile._
+import gitbucket.core.model.Profile.profile.blockingApi._
 
 import org.eclipse.jgit.transport.{ReceivePack, ReceiveCommand}
 
@@ -12,14 +12,14 @@ trait ProtectedBranchService {
   import ProtectedBranchService._
   private def getProtectedBranchInfoOpt(owner: String, repository: String, branch: String)(implicit session: Session): Option[ProtectedBranchInfo] =
     ProtectedBranches
-      .leftJoin(ProtectedBranchContexts)
-      .on{ case (pb, c) => pb.byBranch(c.userName, c.repositoryName, c.branch) }
-      .map{ case (pb, c) => pb -> c.context.? }
+      .joinLeft(ProtectedBranchContexts)
+      .on  { case (pb, c) => pb.byBranch(c.userName, c.repositoryName, c.branch) }
+      .map { case (pb, c) => pb -> c.map(_.context) }
       .filter(_._1.byPrimaryKey(owner, repository, branch))
       .list
       .groupBy(_._1)
-      .map(p => p._1 -> p._2.flatMap(_._2))
-      .map{ case (t1, contexts) =>
+      .map { p => p._1 -> p._2.flatMap(_._2) }
+      .map { case (t1, contexts) =>
         new ProtectedBranchInfo(t1.userName, t1.repositoryName, true, contexts, t1.statusCheckAdmin)
       }.headOption
 
@@ -86,7 +86,7 @@ object ProtectedBranchService {
     def getStopReason(isAllowNonFastForwards: Boolean, command: ReceiveCommand, pusher: String)(implicit session: Session): Option[String] = {
       if(enabled){
         command.getType() match {
-          case ReceiveCommand.Type.UPDATE|ReceiveCommand.Type.UPDATE_NONFASTFORWARD if isAllowNonFastForwards =>
+          case ReceiveCommand.Type.UPDATE_NONFASTFORWARD if isAllowNonFastForwards =>
             Some("Cannot force-push to a protected branch")
           case ReceiveCommand.Type.UPDATE|ReceiveCommand.Type.UPDATE_NONFASTFORWARD if needStatusCheck(pusher) =>
             unSuccessedContexts(command.getNewId.name) match {
@@ -98,7 +98,7 @@ object ProtectedBranchService {
             Some("Cannot delete a protected branch")
           case _ => None
         }
-      }else{
+      } else {
         None
       }
     }

src/main/scala/gitbucket/core/service/PullRequestService.scala

@@ -1,12 +1,21 @@
 package gitbucket.core.service
 
-import gitbucket.core.model.{Account, Issue, PullRequest, WebHook, CommitStatus, CommitState}
+import gitbucket.core.model.{Issue, PullRequest, CommitStatus, CommitState, CommitComment}
 import gitbucket.core.model.Profile._
+import gitbucket.core.model.Profile.profile.blockingApi._
+import difflib.{Delta, DiffUtils}
+import gitbucket.core.util.ControlUtil._
+import gitbucket.core.util.Directory._
+import gitbucket.core.util.Implicits._
 import gitbucket.core.util.JGitUtil
-import profile.simple._
+import gitbucket.core.util.JGitUtil.{CommitInfo, DiffInfo}
+import gitbucket.core.view
+import gitbucket.core.view.helpers
+import org.eclipse.jgit.api.Git
+import scala.collection.JavaConverters._
 
 
-trait PullRequestService { self: IssuesService =>
+trait PullRequestService { self: IssuesService with CommitsService =>
   import PullRequestService._
 
   def getPullRequest(owner: String, repository: String, issueId: Int)
@@ -26,7 +35,7 @@ trait PullRequestService { self: IssuesService =>
   def getPullRequestCountGroupByUser(closed: Boolean, owner: Option[String], repository: Option[String])
                                     (implicit s: Session): List[PullRequestCount] =
     PullRequests
-      .innerJoin(Issues).on { (t1, t2) => t1.byPrimaryKey(t2.userName, t2.repositoryName, t2.issueId) }
+      .join(Issues).on { (t1, t2) => t1.byPrimaryKey(t2.userName, t2.repositoryName, t2.issueId) }
       .filter { case (t1, t2) =>
         (t2.closed         === closed.bind) &&
         (t1.userName       === owner.get.bind, owner.isDefined) &&
@@ -73,7 +82,7 @@ trait PullRequestService { self: IssuesService =>
   def getPullRequestsByRequest(userName: String, repositoryName: String, branch: String, closed: Boolean)
                               (implicit s: Session): List[PullRequest] =
     PullRequests
-      .innerJoin(Issues).on { (t1, t2) => t1.byPrimaryKey(t2.userName, t2.repositoryName, t2.issueId) }
+      .join(Issues).on { (t1, t2) => t1.byPrimaryKey(t2.userName, t2.repositoryName, t2.issueId) }
       .filter { case (t1, t2) =>
         (t1.requestUserName       === userName.bind) &&
         (t1.requestRepositoryName === repositoryName.bind) &&
@@ -93,7 +102,7 @@ trait PullRequestService { self: IssuesService =>
   def getPullRequestFromBranch(userName: String, repositoryName: String, branch: String, defaultBranch: String)
                               (implicit s: Session): Option[(PullRequest, Issue)] =
     PullRequests
-      .innerJoin(Issues).on { (t1, t2) => t1.byPrimaryKey(t2.userName, t2.repositoryName, t2.issueId) }
+      .join(Issues).on { (t1, t2) => t1.byPrimaryKey(t2.userName, t2.repositoryName, t2.issueId) }
       .filter { case (t1, t2) =>
         (t1.requestUserName       === userName.bind) &&
         (t1.requestRepositoryName === repositoryName.bind) &&
@@ -111,9 +120,26 @@ trait PullRequestService { self: IssuesService =>
   def updatePullRequests(owner: String, repository: String, branch: String)(implicit s: Session): Unit =
     getPullRequestsByRequest(owner, repository, branch, false).foreach { pullreq =>
       if(Repositories.filter(_.byRepository(pullreq.userName, pullreq.repositoryName)).exists.run){
+        // Update the git repository
         val (commitIdTo, commitIdFrom) = JGitUtil.updatePullRequest(
           pullreq.userName, pullreq.repositoryName, pullreq.branch, pullreq.issueId,
           pullreq.requestUserName, pullreq.requestRepositoryName, pullreq.requestBranch)
+
+        // Collect comment positions
+        val positions = getCommitComments(pullreq.userName, pullreq.repositoryName, pullreq.commitIdTo, true)
+          .collect {
+            case CommitComment(_, _, _, commentId, _, _, Some(file), None, Some(newLine), _, _, _) => (file, commentId, Right(newLine))
+            case CommitComment(_, _, _, commentId, _, _, Some(file), Some(oldLine), None, _, _, _) => (file, commentId, Left(oldLine))
+          }
+          .groupBy { case (file, _, _) => file }
+          .map { case (file, comments) => file ->
+            comments.map { case (_, commentId, lineNumber) => (commentId, lineNumber) }
+          }
+
+        // Update comments position
+        updatePullRequestCommentPositions(positions, pullreq.requestUserName, pullreq.requestRepositoryName, pullreq.commitIdTo, commitIdTo)
+
+        // Update commit id in the PULL_REQUEST table
         updateCommitId(pullreq.userName, pullreq.repositoryName, pullreq.issueId, commitIdTo, commitIdFrom)
       }
     }
@@ -124,7 +150,7 @@ trait PullRequestService { self: IssuesService =>
       None
     } else {
       PullRequests
-        .innerJoin(Issues).on { (t1, t2) => t1.byPrimaryKey(t2.userName, t2.repositoryName, t2.issueId) }
+        .join(Issues).on { (t1, t2) => t1.byPrimaryKey(t2.userName, t2.repositoryName, t2.issueId) }
         .filter { case (t1, t2) =>
           (t1.userName              === userName.bind) &&
           (t1.repositoryName        === repositoryName.bind) &&
@@ -137,6 +163,78 @@ trait PullRequestService { self: IssuesService =>
         .firstOption
     }
   }
+
+  private def updatePullRequestCommentPositions(positions: Map[String, Seq[(Int, Either[Int, Int])]], userName: String, repositoryName: String,
+                                                oldCommitId: String, newCommitId: String)(implicit s: Session): Unit = {
+
+    val (_, diffs) = getRequestCompareInfo(userName, repositoryName, oldCommitId, userName, repositoryName, newCommitId)
+
+    val patchs = positions.map { case (file, _) =>
+      diffs.find(x => x.oldPath == file).map { diff =>
+        (diff.oldContent, diff.newContent) match {
+          case (Some(oldContent), Some(newContent)) => {
+            val oldLines = oldContent.replace("\r\n", "\n").split("\n")
+            val newLines = newContent.replace("\r\n", "\n").split("\n")
+            file -> Option(DiffUtils.diff(oldLines.toList.asJava, newLines.toList.asJava))
+          }
+          case _ =>
+            file -> None
+        }
+      }.getOrElse {
+        file -> None
+      }
+    }
+
+    positions.foreach { case (file, comments) =>
+      patchs(file) match {
+        case Some(patch) => file -> comments.foreach { case (commentId, lineNumber) => lineNumber match {
+          case Left(oldLine)  => updateCommitCommentPosition(commentId, newCommitId, Some(oldLine), None)
+          case Right(newLine) =>
+            var counter = newLine
+            patch.getDeltas.asScala.filter(_.getOriginal.getPosition < newLine).foreach { delta =>
+              delta.getType match {
+                case Delta.TYPE.CHANGE =>
+                  if(delta.getOriginal.getPosition <= newLine - 1 && newLine <= delta.getOriginal.getPosition + delta.getRevised.getLines.size){
+                    counter = -1
+                  } else {
+                    counter = counter + (delta.getRevised.getLines.size - delta.getOriginal.getLines.size)
+                  }
+                case Delta.TYPE.INSERT => counter = counter + delta.getRevised.getLines.size
+                case Delta.TYPE.DELETE => counter = counter - delta.getOriginal.getLines.size
+              }
+            }
+            if(counter >= 0){
+              updateCommitCommentPosition(commentId, newCommitId, None, Some(counter))
+            }
+        }}
+        case _ => comments.foreach { case (commentId, lineNumber) => lineNumber match {
+          case Right(oldLine) => updateCommitCommentPosition(commentId, newCommitId, Some(oldLine), None)
+          case Left(newLine)  => updateCommitCommentPosition(commentId, newCommitId, None, Some(newLine))
+        }}
+      }
+    }
+  }
+
+  def getRequestCompareInfo(userName: String, repositoryName: String, branch: String,
+                            requestUserName: String, requestRepositoryName: String, requestCommitId: String): (Seq[Seq[CommitInfo]], Seq[DiffInfo]) =
+    using(
+      Git.open(getRepositoryDir(userName, repositoryName)),
+      Git.open(getRepositoryDir(requestUserName, requestRepositoryName))
+    ){ (oldGit, newGit) =>
+      val oldId = oldGit.getRepository.resolve(branch)
+      val newId = newGit.getRepository.resolve(requestCommitId)
+
+      val commits = newGit.log.addRange(oldId, newId).call.iterator.asScala.map { revCommit =>
+        new CommitInfo(revCommit)
+      }.toList.splitWith { (commit1, commit2) =>
+        helpers.date(commit1.commitTime) == view.helpers.date(commit2.commitTime)
+      }
+
+      val diffs = JGitUtil.getDiffs(newGit, oldId.getName, newId.getName, true)
+
+      (commits, diffs)
+    }
+
 }
 
 object PullRequestService {

src/main/scala/gitbucket/core/service/RepositoryCreationService.scala

@@ -1,6 +1,6 @@
 package gitbucket.core.service
 
-import gitbucket.core.model.Profile._
+import gitbucket.core.model.Profile.profile.blockingApi._
 import gitbucket.core.util.ControlUtil._
 import gitbucket.core.util.Directory._
 import gitbucket.core.util.JGitUtil
@@ -8,7 +8,6 @@ import gitbucket.core.model.Account
 import org.eclipse.jgit.api.Git
 import org.eclipse.jgit.dircache.DirCache
 import org.eclipse.jgit.lib.{FileMode, Constants}
-import profile.simple._
 
 trait RepositoryCreationService {
   self: AccountService with RepositoryService with LabelsService with WikiService with ActivityService =>
@@ -21,12 +20,12 @@ trait RepositoryCreationService {
     // Insert to the database at first
     insertRepository(name, owner, description, isPrivate)
 
-    // Add collaborators for group repository
-    if(ownerAccount.isGroupAccount){
-      getGroupMembers(owner).foreach { member =>
-        addCollaborator(owner, name, member.userName)
-      }
-    }
+//    // Add collaborators for group repository
+//    if(ownerAccount.isGroupAccount){
+//      getGroupMembers(owner).foreach { member =>
+//        addCollaborator(owner, name, member.userName)
+//      }
+//    }
 
     // Insert default labels
     insertDefaultLabels(owner, name)

src/main/scala/gitbucket/core/service/RepositorySearchService.scala

@@ -9,8 +9,7 @@ import org.eclipse.jgit.revwalk.RevWalk
 import org.eclipse.jgit.treewalk.TreeWalk
 import org.eclipse.jgit.lib.FileMode
 import org.eclipse.jgit.api.Git
-import gitbucket.core.model.Profile._
-import profile.simple._
+import gitbucket.core.model.Profile.profile.blockingApi._
 
 trait RepositorySearchService { self: IssuesService =>
   import RepositorySearchService._

src/main/scala/gitbucket/core/service/RepositoryService.scala

@@ -1,10 +1,14 @@
 package gitbucket.core.service
 
 import gitbucket.core.controller.Context
-import gitbucket.core.model.{Collaborator, Repository, Account}
+import gitbucket.core.util._
+import gitbucket.core.util.ControlUtil._
+import gitbucket.core.model.{Account, Collaborator, Repository, RepositoryOptions, Role}
 import gitbucket.core.model.Profile._
-import gitbucket.core.util.JGitUtil
-import profile.simple._
+import gitbucket.core.model.Profile.profile.blockingApi._
+import gitbucket.core.model.Profile.dateColumnType
+import gitbucket.core.util.JGitUtil.FileInfo
+import org.eclipse.jgit.api.Git
 
 trait RepositoryService { self: AccountService =>
   import RepositoryService._
@@ -37,11 +41,13 @@ trait RepositoryService { self: AccountService =>
         originRepositoryName = originRepositoryName,
         parentUserName       = parentUserName,
         parentRepositoryName = parentRepositoryName,
-        enableIssues         = true,
-        externalIssuesUrl    = None,
-        enableWiki           = true,
-        allowWikiEditing     = true,
-        externalWikiUrl      = None
+        options              = RepositoryOptions(
+          issuesOption         = "PUBLIC", // TODO DISABLE for the forked repository?
+          externalIssuesUrl    = None,
+          wikiOption           = "PUBLIC", // TODO DISABLE for the forked repository?
+          externalWikiUrl      = None,
+          allowFork            = true
+        )
       )
 
     IssueId insert (userName, repositoryName, 0)
@@ -120,12 +126,14 @@ trait RepositoryService { self: AccountService =>
           userName       = newUserName,
           repositoryName = newRepositoryName
         )) :_*)
+        IssueLabels.insertAll(issueLabels.map(x => x.copy(
+          labelId        = newLabelMap(oldLabelMap(x.labelId)),
+          userName       = newUserName,
+          repositoryName = newRepositoryName
+        )) :_*)
 
-        if(account.isGroupAccount){
-          Collaborators.insertAll(getGroupMembers(newUserName).map(m => Collaborator(newUserName, newRepositoryName, m.userName)) :_*)
-        } else {
-          Collaborators.insertAll(collaborators.map(_.copy(userName = newUserName, repositoryName = newRepositoryName)) :_*)
-        }
+        // TODO Drop transfered owner from collaborators?
+        Collaborators.insertAll(collaborators.map(_.copy(userName = newUserName, repositoryName = newRepositoryName)) :_*)
 
         // Update activity messages
         Activities.filter { t =>
@@ -224,7 +232,7 @@ trait RepositoryService { self: AccountService =>
   }
 
   /**
-   * Returns the repositories without private repository that user does not have access right.
+   * Returns the repositories except private repository that user does not have access right.
    * Include public repository, private own repository and private but collaborator repository.
    *
    * @param userName the user name of collaborator
@@ -233,18 +241,21 @@ trait RepositoryService { self: AccountService =>
   def getAllRepositories(userName: String)(implicit s: Session): List[(String, String)] = {
     Repositories.filter { t1 =>
       (t1.isPrivate === false.bind) ||
-      (t1.userName  === userName.bind) ||
-      (Collaborators.filter { t2 => t2.byRepository(t1.userName, t1.repositoryName) && (t2.collaboratorName === userName.bind)} exists)
+      (t1.userName  === userName.bind) || (t1.userName in (GroupMembers.filter(_.userName === userName.bind).map(_.groupName))) ||
+      (Collaborators.filter { t2 => t2.byRepository(t1.userName, t1.repositoryName) &&
+        ((t2.collaboratorName === userName.bind) || (t2.collaboratorName in GroupMembers.filter(_.userName === userName.bind).map(_.groupName)))
+      } exists)
     }.sortBy(_.lastActivityDate desc).map{ t =>
       (t.userName, t.repositoryName)
     }.list
   }
 
-  def getUserRepositories(userName: String, withoutPhysicalInfo: Boolean = false)
-                         (implicit s: Session): List[RepositoryInfo] = {
+  def getUserRepositories(userName: String, withoutPhysicalInfo: Boolean = false)(implicit s: Session): List[RepositoryInfo] = {
     Repositories.filter { t1 =>
-      (t1.userName === userName.bind) ||
-        (Collaborators.filter { t2 => t2.byRepository(t1.userName, t1.repositoryName) && (t2.collaboratorName === userName.bind)} exists)
+      (t1.userName === userName.bind) || (t1.userName in (GroupMembers.filter(_.userName === userName.bind).map(_.groupName))) ||
+      (Collaborators.filter { t2 => t2.byRepository(t1.userName, t1.repositoryName) &&
+        ((t2.collaboratorName === userName.bind) || (t2.collaboratorName in GroupMembers.filter(_.userName === userName.bind).map(_.groupName)))
+      } exists)
     }.sortBy(_.lastActivityDate desc).list.map{ repository =>
       new RepositoryInfo(
         if(withoutPhysicalInfo){
@@ -279,8 +290,13 @@ trait RepositoryService { self: AccountService =>
       case Some(x) if(x.isAdmin) => Repositories
       // for Normal Users
       case Some(x) if(!x.isAdmin) =>
-        Repositories filter { t => (t.isPrivate === false.bind) || (t.userName === x.userName) ||
-          (Collaborators.filter { t2 => t2.byRepository(t.userName, t.repositoryName) && (t2.collaboratorName === x.userName.bind)} exists)
+        Repositories filter { t =>
+          (t.isPrivate === false.bind) || (t.userName === x.userName) ||
+          (t.userName in GroupMembers.filter(_.userName === x.userName.bind).map(_.groupName)) ||
+          (Collaborators.filter { t2 =>
+            t2.byRepository(t.userName, t.repositoryName) &&
+              ((t2.collaboratorName === x.userName.bind) || (t2.collaboratorName in GroupMembers.filter(_.userName === x.userName.bind).map(_.groupName)))
+          } exists)
         }
       // for Guests
       case None => Repositories filter(_.isPrivate === false.bind)
@@ -312,19 +328,21 @@ trait RepositoryService { self: AccountService =>
   /**
    * Updates the last activity date of the repository.
    */
-  def updateLastActivityDate(userName: String, repositoryName: String)(implicit s: Session): Unit =
+  def updateLastActivityDate(userName: String, repositoryName: String)(implicit s: Session): Unit = {
     Repositories.filter(_.byRepository(userName, repositoryName)).map(_.lastActivityDate).update(currentDate)
+  }
 
   /**
    * Save repository options.
    */
   def saveRepositoryOptions(userName: String, repositoryName: String,
       description: Option[String], isPrivate: Boolean,
-      enableIssues: Boolean, externalIssuesUrl: Option[String],
-      enableWiki: Boolean, allowWikiEditing: Boolean, externalWikiUrl: Option[String])(implicit s: Session): Unit =
+      issuesOption: String, externalIssuesUrl: Option[String],
+      wikiOption: String, externalWikiUrl: Option[String],
+      allowFork: Boolean)(implicit s: Session): Unit =
     Repositories.filter(_.byRepository(userName, repositoryName))
-      .map { r => (r.description.?, r.isPrivate, r.enableIssues, r.externalIssuesUrl.?, r.enableWiki, r.allowWikiEditing, r.externalWikiUrl.?, r.updatedDate) }
-      .update (description, isPrivate, enableIssues, externalIssuesUrl, enableWiki, allowWikiEditing, externalWikiUrl, currentDate)
+      .map { r => (r.description.?, r.isPrivate, r.issuesOption, r.externalIssuesUrl.?, r.wikiOption, r.externalWikiUrl.?, r.allowFork, r.updatedDate) }
+      .update (description, isPrivate, issuesOption, externalIssuesUrl, wikiOption, externalWikiUrl, allowFork, currentDate)
 
   def saveRepositoryDefaultBranch(userName: String, repositoryName: String,
       defaultBranch: String)(implicit s: Session): Unit =
@@ -333,49 +351,64 @@ trait RepositoryService { self: AccountService =>
       .update (defaultBranch)
 
   /**
-   * Add collaborator to the repository.
-   *
-   * @param userName the user name of the repository owner
-   * @param repositoryName the repository name
-   * @param collaboratorName the collaborator name
+   * Add collaborator (user or group) to the repository.
    */
-  def addCollaborator(userName: String, repositoryName: String, collaboratorName: String)(implicit s: Session): Unit =
-    Collaborators insert Collaborator(userName, repositoryName, collaboratorName)
-
-  /**
-   * Remove collaborator from the repository.
-   * 
-   * @param userName the user name of the repository owner
-   * @param repositoryName the repository name
-   * @param collaboratorName the collaborator name
-   */
-  def removeCollaborator(userName: String, repositoryName: String, collaboratorName: String)(implicit s: Session): Unit =
-    Collaborators.filter(_.byPrimaryKey(userName, repositoryName, collaboratorName)).delete
+  def addCollaborator(userName: String, repositoryName: String, collaboratorName: String, role: String)(implicit s: Session): Unit =
+    Collaborators insert Collaborator(userName, repositoryName, collaboratorName, role)
 
   /**
    * Remove all collaborators from the repository.
-   *
-   * @param userName the user name of the repository owner
-   * @param repositoryName the repository name
    */
   def removeCollaborators(userName: String, repositoryName: String)(implicit s: Session): Unit =
     Collaborators.filter(_.byRepository(userName, repositoryName)).delete
 
   /**
-   * Returns the list of collaborators name which is sorted with ascending order.
-   * 
-   * @param userName the user name of the repository owner
-   * @param repositoryName the repository name
-   * @return the list of collaborators name
+   * Returns the list of collaborators name (user name or group name) which is sorted with ascending order.
    */
-  def getCollaborators(userName: String, repositoryName: String)(implicit s: Session): List[String] =
-    Collaborators.filter(_.byRepository(userName, repositoryName)).sortBy(_.collaboratorName).map(_.collaboratorName).list
+  def getCollaborators(userName: String, repositoryName: String)(implicit s: Session): List[(Collaborator, Boolean)] =
+    Collaborators
+      .join(Accounts).on(_.collaboratorName === _.userName)
+      .filter { case (t1, t2) => t1.byRepository(userName, repositoryName) }
+      .map { case (t1, t2) => (t1, t2.groupAccount) }
+      .sortBy { case (t1, t2) => t1.collaboratorName }
+      .list
 
-  def hasWritePermission(owner: String, repository: String, loginAccount: Option[Account])(implicit s: Session): Boolean = {
+  /**
+   * Returns the list of all collaborator name and permission which is sorted with ascending order.
+   * If a group is added as a collaborator, this method returns users who are belong to that group.
+   */
+  def getCollaboratorUserNames(userName: String, repositoryName: String, filter: Seq[Role] = Nil)(implicit s: Session): List[String] = {
+    val q1 = Collaborators
+      .join(Accounts).on { case (t1, t2) => (t1.collaboratorName === t2.userName) && (t2.groupAccount === false.bind) }
+      .filter { case (t1, t2) => t1.byRepository(userName, repositoryName) }
+      .map { case (t1, t2) => (t1.collaboratorName, t1.role) }
+
+    val q2 = Collaborators
+      .join(Accounts).on { case (t1, t2) => (t1.collaboratorName === t2.userName) && (t2.groupAccount === true.bind) }
+      .join(GroupMembers).on { case ((t1, t2), t3) => t2.userName === t3.groupName }
+      .filter { case ((t1, t2), t3) => t1.byRepository(userName, repositoryName) }
+      .map { case ((t1, t2), t3) => (t3.userName, t1.role) }
+
+    q1.union(q2).list.filter { x => filter.isEmpty || filter.exists(_.name == x._2) }.map(_._1)
+  }
+
+
+  def hasDeveloperRole(owner: String, repository: String, loginAccount: Option[Account])(implicit s: Session): Boolean = {
     loginAccount match {
       case Some(a) if(a.isAdmin) => true
       case Some(a) if(a.userName == owner) => true
-      case Some(a) if(getCollaborators(owner, repository).contains(a.userName)) => true
+      case Some(a) if(getGroupMembers(owner).exists(_.userName == a.userName)) => true
+      case Some(a) if(getCollaboratorUserNames(owner, repository, Seq(Role.ADMIN, Role.DEVELOPER)).contains(a.userName)) => true
+      case _ => false
+    }
+  }
+
+  def hasGuestRole(owner: String, repository: String, loginAccount: Option[Account])(implicit s: Session): Boolean = {
+    loginAccount match {
+      case Some(a) if(a.isAdmin) => true
+      case Some(a) if(a.userName == owner) => true
+      case Some(a) if(getGroupMembers(owner).exists(_.userName == a.userName)) => true
+      case Some(a) if(getCollaboratorUserNames(owner, repository, Seq(Role.ADMIN, Role.DEVELOPER, Role.GUEST)).contains(a.userName)) => true
       case _ => false
     }
   }
@@ -392,34 +425,68 @@ trait RepositoryService { self: AccountService =>
     }
     .sortBy(_.userName asc).map(t => t.userName -> t.repositoryName).list
 
+  private val templateExtensions = Seq("md", "markdown")
+
+  /**
+    * Returns content of template set per repository.
+    *
+    * @param repository the repository information
+    * @param fileBaseName the file basename without extension of template
+    * @return The content of template if the repository has it, otherwise empty string.
+   */
+  def getContentTemplate(repository: RepositoryInfo, fileBaseName: String)(implicit s: Session): String = {
+    val withExtFilenames = templateExtensions.map(extension => s"${fileBaseName.toLowerCase()}.${extension}")
+
+    def choiceTemplate(files: List[FileInfo]): Option[FileInfo] =
+      files.find { f =>
+        f.name.toLowerCase() == fileBaseName
+      }.orElse {
+        files.find(f => withExtFilenames.contains(f.name.toLowerCase()))
+      }
+
+    // Get template file from project root. When didn't find, will lookup default folder.
+    using(Git.open(Directory.getRepositoryDir(repository.owner, repository.name))) { git =>
+      choiceTemplate(JGitUtil.getFileList(git, repository.repository.defaultBranch, ".")).orElse {
+        choiceTemplate(JGitUtil.getFileList(git, repository.repository.defaultBranch, ".gitbucket"))
+      }.map { file =>
+        JGitUtil.getContentFromId(git, file.id, true).collect {
+          case bytes if FileUtil.isText(bytes) => StringUtil.convertFromByteArray(bytes)
+        }
+      } getOrElse None
+    } getOrElse ""
+  }
 }
 
 object RepositoryService {
 
   case class RepositoryInfo(owner: String, name: String, repository: Repository,
-    issueCount: Int, pullCount: Int, commitCount: Int, forkedCount: Int,
+    issueCount: Int, pullCount: Int, forkedCount: Int,
     branchList: Seq[String], tags: Seq[JGitUtil.TagInfo], managers: Seq[String]) {
 
     /**
      * Creates instance with issue count and pull request count.
      */
     def this(repo: JGitUtil.RepositoryInfo, model: Repository, issueCount: Int, pullCount: Int, forkedCount: Int, managers: Seq[String]) =
-      this(
-        repo.owner, repo.name, model,
-        issueCount, pullCount, repo.commitCount, forkedCount,
-        repo.branchList, repo.tags, managers)
+      this(repo.owner, repo.name, model, issueCount, pullCount, forkedCount, repo.branchList, repo.tags, managers)
 
     /**
      * Creates instance without issue count and pull request count.
      */
     def this(repo: JGitUtil.RepositoryInfo, model: Repository, 	forkedCount: Int, managers: Seq[String]) =
-      this(
-        repo.owner, repo.name, model,
-        0, 0, repo.commitCount, forkedCount,
-        repo.branchList, repo.tags, managers)
+      this(repo.owner, repo.name, model, 0, 0, forkedCount, repo.branchList, repo.tags, managers)
 
     def httpUrl(implicit context: Context): String = RepositoryService.httpUrl(owner, name)
     def sshUrl(implicit context: Context): Option[String] = RepositoryService.sshUrl(owner, name)
+
+    def splitPath(path: String): (String, String) = {
+      val id = branchList.collectFirst {
+        case branch if(path == branch || path.startsWith(branch + "/")) => branch
+      } orElse tags.collectFirst {
+        case tag if(path == tag.name || path.startsWith(tag.name + "/")) => tag.name
+      } getOrElse path.split("/")(0)
+
+      (id, path.substring(id.length).stripPrefix("/"))
+    }
   }
 
   def httpUrl(owner: String, name: String)(implicit context: Context): String = s"${context.baseUrl}/git/${owner}/${name}.git"

src/main/scala/gitbucket/core/service/RequestCache.scala

@@ -11,7 +11,7 @@ import Implicits.request2Session
  * It may be called many times in one request, so each method stores
  * its result into the cache which available during a request.
  */
-trait RequestCache extends SystemSettingsService with AccountService with IssuesService {
+trait RequestCache extends SystemSettingsService with AccountService with IssuesService with RepositoryService {
 
   private implicit def context2Session(implicit context: Context): Session =
     request2Session(context.request)

src/main/scala/gitbucket/core/service/SshKeyService.scala

@@ -2,7 +2,7 @@ package gitbucket.core.service
 
 import gitbucket.core.model.SshKey
 import gitbucket.core.model.Profile._
-import profile.simple._
+import gitbucket.core.model.Profile.profile.blockingApi._
 
 trait SshKeyService {
 

src/main/scala/gitbucket/core/service/SystemSettingsService.scala

@@ -32,6 +32,7 @@ trait SystemSettingsService {
           smtp.user.foreach(props.setProperty(SmtpUser, _))
           smtp.password.foreach(props.setProperty(SmtpPassword, _))
           smtp.ssl.foreach(x => props.setProperty(SmtpSsl, x.toString))
+          smtp.starttls.foreach(x => props.setProperty(SmtpStarttls, x.toString))
           smtp.fromAddress.foreach(props.setProperty(SmtpFromAddress, _))
           smtp.fromName.foreach(props.setProperty(SmtpFromName, _))
         }
@@ -73,7 +74,7 @@ trait SystemSettingsService {
         getValue(props, AllowAccountRegistration, false),
         getValue(props, AllowAnonymousAccess, true),
         getValue(props, IsCreateRepoOptionPublic, true),
-        getValue(props, Gravatar, true),
+        getValue(props, Gravatar, false),
         getValue(props, Notification, false),
         getOptionValue[Int](props, ActivityLogLimit, None),
         getValue(props, Ssh, false),
@@ -87,6 +88,7 @@ trait SystemSettingsService {
             getOptionValue(props, SmtpUser, None),
             getOptionValue(props, SmtpPassword, None),
             getOptionValue[Boolean](props, SmtpSsl, None),
+            getOptionValue[Boolean](props, SmtpStarttls, None),
             getOptionValue(props, SmtpFromAddress, None),
             getOptionValue(props, SmtpFromName, None)))
         } else {
@@ -168,6 +170,7 @@ object SystemSettingsService {
     user: Option[String],
     password: Option[String],
     ssl: Option[Boolean],
+    starttls: Option[Boolean],
     fromAddress: Option[String],
     fromName: Option[String])
 
@@ -176,6 +179,9 @@ object SystemSettingsService {
     port:Int,
     genericUser:String)
 
+  case class Lfs(
+    serverUrl: Option[String])
+
   val DefaultSshPort = 29418
   val DefaultSmtpPort = 25
   val DefaultLdapPort = 389
@@ -197,6 +203,7 @@ object SystemSettingsService {
   private val SmtpUser = "smtp.user"
   private val SmtpPassword = "smtp.password"
   private val SmtpSsl = "smtp.ssl"
+  private val SmtpStarttls = "smtp.starttls"
   private val SmtpFromAddress = "smtp.from_address"
   private val SmtpFromName = "smtp.from_name"
   private val LdapAuthentication = "ldap_authentication"

src/main/scala/gitbucket/core/service/WebHookService.scala

@@ -1,13 +1,12 @@
 package gitbucket.core.service
 
-import java.io.ByteArrayInputStream
 import fr.brouillard.oss.security.xhub.XHub
-import fr.brouillard.oss.security.xhub.XHub.{XHubDigest, XHubConverter}
+import fr.brouillard.oss.security.xhub.XHub.{XHubConverter, XHubDigest}
 import gitbucket.core.api._
-import gitbucket.core.model.{WebHook, Account, Issue, PullRequest, IssueComment, WebHookEvent, CommitComment}
+import gitbucket.core.model.{Account, CommitComment, Issue, IssueComment, PullRequest, WebHook, WebHookEvent}
 import gitbucket.core.model.Profile._
+import gitbucket.core.model.Profile.profile.blockingApi._
 import org.apache.http.client.utils.URLEncodedUtils
-import profile.simple._
 import gitbucket.core.util.JGitUtil.CommitInfo
 import gitbucket.core.util.RepositoryName
 import gitbucket.core.service.RepositoryService.RepositoryInfo
@@ -17,11 +16,14 @@ import org.apache.http.message.BasicNameValuePair
 import org.eclipse.jgit.api.Git
 import org.eclipse.jgit.lib.ObjectId
 import org.slf4j.LoggerFactory
+
 import scala.concurrent._
+import scala.util.{Success, Failure}
 import org.apache.http.HttpRequest
 import org.apache.http.HttpResponse
 import gitbucket.core.model.WebHookContentType
 import org.apache.http.client.entity.EntityBuilder
+import org.apache.http.entity.ContentType
 
 
 trait WebHookService {
@@ -32,15 +34,15 @@ trait WebHookService {
   /** get All WebHook informations of repository */
   def getWebHooks(owner: String, repository: String)(implicit s: Session): List[(WebHook, Set[WebHook.Event])] =
     WebHooks.filter(_.byRepository(owner, repository))
-      .innerJoin(WebHookEvents).on { (w, t) => t.byWebHook(w) }
-      .map{ case (w,t) => w -> t.event }
+      .join(WebHookEvents).on { (w, t) => t.byWebHook(w) }
+      .map { case (w, t) => w -> t.event }
       .list.groupBy(_._1).mapValues(_.map(_._2).toSet).toList.sortBy(_._1.url)
 
   /** get All WebHook informations of repository event */
   def getWebHooksByEvent(owner: String, repository: String, event: WebHook.Event)(implicit s: Session): List[WebHook] =
      WebHooks.filter(_.byRepository(owner, repository))
-       .innerJoin(WebHookEvents).on { (wh, whe) => whe.byWebHook(wh) }
-       .filter{ case (wh, whe) => whe.event === event.bind}
+       .join(WebHookEvents).on { (wh, whe) => whe.byWebHook(wh) }
+       .filter { case (wh, whe) => whe.event === event.bind}
        .map{ case (wh, whe) => wh }
        .list.distinct
 
@@ -48,13 +50,13 @@ trait WebHookService {
   def getWebHook(owner: String, repository: String, url: String)(implicit s: Session): Option[(WebHook, Set[WebHook.Event])] =
     WebHooks
       .filter(_.byPrimaryKey(owner, repository, url))
-      .innerJoin(WebHookEvents).on { (w, t) => t.byWebHook(w) }
-      .map{ case (w,t) => w -> t.event }
+      .join(WebHookEvents).on { (w, t) => t.byWebHook(w) }
+      .map { case (w, t) => w -> t.event }
       .list.groupBy(_._1).mapValues(_.map(_._2).toSet).headOption
 
-  def addWebHook(owner: String, repository: String, url :String, events: Set[WebHook.Event], ctype: WebHookContentType,  token: Option[String])(implicit s: Session): Unit = {
+  def addWebHook(owner: String, repository: String, url :String, events: Set[WebHook.Event], ctype: WebHookContentType, token: Option[String])(implicit s: Session): Unit = {
     WebHooks insert WebHook(owner, repository, url, ctype, token)
-    events.toSet.map{ event: WebHook.Event =>
+    events.map { event: WebHook.Event =>
       WebHookEvents insert WebHookEvent(owner, repository, url, event)
     }
   }
@@ -62,7 +64,7 @@ trait WebHookService {
   def updateWebHook(owner: String, repository: String, url :String, events: Set[WebHook.Event], ctype: WebHookContentType, token: Option[String])(implicit s: Session): Unit = {
     WebHooks.filter(_.byPrimaryKey(owner, repository, url)).map(w => (w.ctype, w.token)).update((ctype, token))
     WebHookEvents.filter(_.byWebHook(owner, repository, url)).delete
-    events.toSet.map{ event: WebHook.Event =>
+    events.map { event: WebHook.Event =>
       WebHookEvents insert WebHookEvent(owner, repository, url, event)
     }
   }
@@ -81,7 +83,7 @@ trait WebHookService {
   def callWebHook(event: WebHook.Event, webHooks: List[WebHook], payload: WebHookPayload)
                  (implicit c: JsonFormat.Context): List[(WebHook, String, Future[HttpRequest], Future[HttpResponse])] = {
     import org.apache.http.impl.client.HttpClientBuilder
-    import ExecutionContext.Implicits.global
+    import ExecutionContext.Implicits.global // TODO Shouldn't use the default execution context
     import org.apache.http.protocol.HttpContext
     import org.apache.http.client.methods.HttpPost
 
@@ -91,7 +93,7 @@ trait WebHookService {
       webHooks.map { webHook =>
         val reqPromise = Promise[HttpRequest]
         val f = Future {
-          val itcp = new org.apache.http.HttpRequestInterceptor{
+          val itcp = new org.apache.http.HttpRequestInterceptor {
             def process(res: HttpRequest, ctx: HttpContext): Unit = {
               reqPromise.success(res)
             }
@@ -118,7 +120,7 @@ trait WebHookService {
                 }
               }
               case WebHookContentType.JSON => {
-            	  httpPost.setEntity(EntityBuilder.create().setText(json).build())
+            	  httpPost.setEntity(EntityBuilder.create().setContentType(ContentType.APPLICATION_JSON).setText(json).build())
                 if (webHook.token.exists(_.trim.nonEmpty)) {
                   httpPost.addHeader("X-Hub-Signature", XHub.generateHeaderXHubToken(XHubConverter.HEXA_LOWERCASE, XHubDigest.SHA1, webHook.token.orNull, json.getBytes("UTF-8")))
                 }
@@ -129,8 +131,8 @@ trait WebHookService {
             httpPost.releaseConnection()
             logger.debug(s"end web hook invocation for ${webHook}")
             res
-          }catch{
-            case e:Throwable => {
+          } catch {
+            case e: Throwable => {
               if(!reqPromise.isCompleted){
                 reqPromise.failure(e)
               }
@@ -138,11 +140,9 @@ trait WebHookService {
             }
           }
         }
-        f.onSuccess {
-          case s => logger.debug(s"Success: web hook request to ${webHook.url}")
-        }
-        f.onFailure {
-          case t => logger.error(s"Failed: web hook request to ${webHook.url}", t)
+        f.onComplete {
+          case Success(_) => logger.debug(s"Success: web hook request to ${webHook.url}")
+          case Failure(t) => logger.error(s"Failed: web hook request to ${webHook.url}", t)
         }
         (webHook, json, reqPromise.future, f)
       }
@@ -168,11 +168,11 @@ trait WebHookPullRequestService extends WebHookService {
         issueUser <- users.get(issue.openedUserName)
       } yield {
         WebHookIssuesPayload(
-          action       = action,
-          number       = issue.issueId,
-          repository   = ApiRepository(repository, ApiUser(repoOwner)),
-          issue        = ApiIssue(issue, RepositoryName(repository), ApiUser(issueUser)),
-          sender       = ApiUser(sender))
+          action     = action,
+          number     = issue.issueId,
+          repository = ApiRepository(repository, ApiUser(repoOwner)),
+          issue      = ApiIssue(issue, RepositoryName(repository), ApiUser(issueUser)),
+          sender     = ApiUser(sender))
       }
     }
   }
@@ -198,7 +198,9 @@ trait WebHookPullRequestService extends WebHookService {
           headOwner      = headOwner,
           baseRepository = repository,
           baseOwner      = baseOwner,
-          sender         = sender)
+          sender         = sender,
+          mergedComment  = getMergedComment(repository.owner, repository.name, issueId)
+        )
       }
     }
   }
@@ -237,7 +239,10 @@ trait WebHookPullRequestService extends WebHookService {
         headOwner      = headOwner,
         baseRepository = baseRepo,
         baseOwner      = baseOwner,
-        sender         = sender)
+        sender         = sender,
+        mergedComment  = getMergedComment(baseRepo.owner, baseRepo.name, issue.issueId)
+      )
+
       callWebHook(WebHook.PullRequest, webHooks, payload)
     }
   }
@@ -267,7 +272,9 @@ trait WebHookPullRequestReviewCommentService extends WebHookService {
           headOwner      = headOwner,
           baseRepository = repository,
           baseOwner      = baseOwner,
-          sender         = sender)
+          sender         = sender,
+          mergedComment  = getMergedComment(repository.owner, repository.name, issue.issueId)
+        )
       }
     }
   }
@@ -365,11 +372,21 @@ object WebHookService {
         headOwner: Account,
         baseRepository: RepositoryInfo,
         baseOwner: Account,
-        sender: Account): WebHookPullRequestPayload = {
+        sender: Account,
+        mergedComment: Option[(IssueComment, Account)]): WebHookPullRequestPayload = {
+
       val headRepoPayload = ApiRepository(headRepository, headOwner)
       val baseRepoPayload = ApiRepository(baseRepository, baseOwner)
       val senderPayload = ApiUser(sender)
-      val pr = ApiPullRequest(issue, pullRequest, headRepoPayload, baseRepoPayload, ApiUser(issueUser))
+      val pr = ApiPullRequest(
+        issue         = issue,
+        pullRequest   = pullRequest,
+        headRepo      = headRepoPayload,
+        baseRepo      = baseRepoPayload,
+        user          = ApiUser(issueUser),
+        mergedComment = mergedComment
+      )
+
       WebHookPullRequestPayload(
         action       = action,
         number       = issue.issueId,
@@ -389,7 +406,7 @@ object WebHookService {
     sender: ApiUser
   ) extends WebHookPayload
 
-  object WebHookIssueCommentPayload{
+  object WebHookIssueCommentPayload {
     def apply(
         issue: Issue,
         issueUser: Account,
@@ -415,28 +432,42 @@ object WebHookService {
     sender: ApiUser
   ) extends WebHookPayload
 
-  object WebHookPullRequestReviewCommentPayload{
+  object WebHookPullRequestReviewCommentPayload {
     def apply(
-        action: String,
-        comment: CommitComment,
-        issue: Issue,
-        issueUser: Account,
-        pullRequest: PullRequest,
-        headRepository: RepositoryInfo,
-        headOwner: Account,
-        baseRepository: RepositoryInfo,
-        baseOwner: Account,
-        sender: Account
-      ) : WebHookPullRequestReviewCommentPayload = {
+      action: String,
+      comment: CommitComment,
+      issue: Issue,
+      issueUser: Account,
+      pullRequest: PullRequest,
+      headRepository: RepositoryInfo,
+      headOwner: Account,
+      baseRepository: RepositoryInfo,
+      baseOwner: Account,
+      sender: Account,
+      mergedComment: Option[(IssueComment, Account)]
+    ) : WebHookPullRequestReviewCommentPayload = {
       val headRepoPayload = ApiRepository(headRepository, headOwner)
       val baseRepoPayload = ApiRepository(baseRepository, baseOwner)
       val senderPayload = ApiUser(sender)
+
       WebHookPullRequestReviewCommentPayload(
-        action = action,
-        comment = ApiPullRequestReviewComment(comment, senderPayload, RepositoryName(baseRepository), issue.issueId),
-        pull_request = ApiPullRequest(issue, pullRequest, headRepoPayload, baseRepoPayload, ApiUser(issueUser)),
-        repository = baseRepoPayload,
-        sender = senderPayload)
+        action       = action,
+        comment      = ApiPullRequestReviewComment(
+          comment        = comment,
+          commentedUser  = senderPayload,
+          repositoryName = RepositoryName(baseRepository),
+          issueId        = issue.issueId
+        ),
+        pull_request = ApiPullRequest(
+          issue         = issue,
+          pullRequest   = pullRequest,
+          headRepo      = headRepoPayload,
+          baseRepo      = baseRepoPayload,
+          user          = ApiUser(issueUser),
+          mergedComment = mergedComment
+        ),
+        repository   = baseRepoPayload,
+        sender       = senderPayload)
     }
   }
 }

src/main/scala/gitbucket/core/servlet/ApiAuthenticationFilter.scala

@@ -4,15 +4,12 @@ import javax.servlet._
 import javax.servlet.http.{HttpServletRequest, HttpServletResponse}
 
 import gitbucket.core.model.Account
-import gitbucket.core.service.AccessTokenService
-import gitbucket.core.util.Keys
-
-import org.scalatra.servlet.ServletApiImplicits._
-import org.scalatra._
+import gitbucket.core.service.SystemSettingsService.SystemSettings
+import gitbucket.core.service.{AccessTokenService, AccountService, SystemSettingsService}
+import gitbucket.core.util.{AuthUtil, Keys}
 
 
-class AccessTokenAuthenticationFilter extends Filter with AccessTokenService {
-  private val tokenHeaderPrefix = "token "
+class ApiAuthenticationFilter extends Filter with AccessTokenService with AccountService with SystemSettingsService {
 
   override def init(filterConfig: FilterConfig): Unit = {}
 
@@ -23,9 +20,9 @@ class AccessTokenAuthenticationFilter extends Filter with AccessTokenService {
     implicit val session = req.getAttribute(Keys.Request.DBSession).asInstanceOf[slick.jdbc.JdbcBackend#Session]
     val response = res.asInstanceOf[HttpServletResponse]
     Option(request.getHeader("Authorization")).map{
-      case auth if auth.startsWith("token ") => AccessTokenService.getAccountByAccessToken(auth.substring(6).trim).toRight(Unit)
-      // TODO Basic Authentication Support
-      case _ => Left(Unit)
+      case auth if auth.startsWith("token ") => AccessTokenService.getAccountByAccessToken(auth.substring(6).trim).toRight(())
+      case auth if auth.startsWith("Basic ") => doBasicAuth(auth, loadSystemSettings(), request).toRight(())
+      case _ => Left(())
     }.orElse{
       Option(request.getSession.getAttribute(Keys.Session.LoginAccount).asInstanceOf[Account]).map(Right(_))
     } match {
@@ -40,4 +37,10 @@ class AccessTokenAuthenticationFilter extends Filter with AccessTokenService {
       }
     }
   }
+
+  def doBasicAuth(auth: String, settings: SystemSettings, request: HttpServletRequest): Option[Account] = {
+    implicit val session = request.getAttribute(Keys.Request.DBSession).asInstanceOf[slick.jdbc.JdbcBackend#Session]
+    val Array(username, password) = AuthUtil.decodeAuthHeader(auth).split(":", 2)
+    authenticate(settings, username, password)
+  }
 }

src/main/scala/gitbucket/core/servlet/GHCompatRepositoryAccessFilter.scala

@@ -0,0 +1,37 @@
+package gitbucket.core.servlet
+
+import javax.servlet._
+import javax.servlet.http.{HttpServletRequest, HttpServletResponse}
+
+import gitbucket.core.service.SystemSettingsService
+
+/**
+  * A controller to provide GitHub compatible URL for Git clients.
+  */
+class GHCompatRepositoryAccessFilter extends Filter with SystemSettingsService {
+
+  /**
+    * Pattern of GitHub compatible repository URL.
+    * <code>/:user/:repo.git/</code>
+    */
+  private val githubRepositoryPattern = """^/[^/]+/[^/]+\.git/.*""".r
+
+  override def init(filterConfig: FilterConfig) = {}
+
+  override def doFilter(req: ServletRequest, res: ServletResponse, chain: FilterChain) = {
+    implicit val request = req.asInstanceOf[HttpServletRequest]
+    val agent = request.getHeader("USER-AGENT")
+    val response = res.asInstanceOf[HttpServletResponse]
+    val requestPath = request.getRequestURI.substring(request.getContextPath.length)
+
+    requestPath match {
+      case githubRepositoryPattern() if agent != null && agent.toLowerCase.indexOf("git") >= 0 =>
+        response.sendRedirect(baseUrl + "/git" + requestPath)
+      case _ =>
+        chain.doFilter(req, res)
+    }
+  }
+
+  override def destroy() = {}
+
+}

src/main/scala/gitbucket/core/servlet/GitAuthenticationFilter.scala

@@ -5,16 +5,17 @@ import javax.servlet.http._
 import gitbucket.core.plugin.{GitRepositoryFilter, GitRepositoryRouting, PluginRegistry}
 import gitbucket.core.service.SystemSettingsService.SystemSettings
 import gitbucket.core.service.{RepositoryService, AccountService, SystemSettingsService}
-import gitbucket.core.util.{Keys, Implicits}
+import gitbucket.core.util.{Keys, Implicits, AuthUtil}
+import gitbucket.core.model.Profile.profile.blockingApi._
 import org.slf4j.LoggerFactory
 import Implicits._
 
 /**
  * Provides BASIC Authentication for [[GitRepositoryServlet]].
  */
-class BasicAuthenticationFilter extends Filter with RepositoryService with AccountService with SystemSettingsService {
+class GitAuthenticationFilter extends Filter with RepositoryService with AccountService with SystemSettingsService {
 
-  private val logger = LoggerFactory.getLogger(classOf[BasicAuthenticationFilter])
+  private val logger = LoggerFactory.getLogger(classOf[GitAuthenticationFilter])
 
   def init(config: FilterConfig) = {}
   
@@ -43,7 +44,7 @@ class BasicAuthenticationFilter extends Filter with RepositoryService with Accou
     } catch {
       case ex: Exception => {
         logger.error("error", ex)
-        requireAuth(response)
+        AuthUtil.requireAuth(response)
       }
     }
   }
@@ -54,7 +55,7 @@ class BasicAuthenticationFilter extends Filter with RepositoryService with Accou
 
     val account = for {
       auth <- Option(request.getHeader("Authorization"))
-      Array(username, password) = decodeAuthHeader(auth).split(":", 2)
+      Array(username, password) = AuthUtil.decodeAuthHeader(auth).split(":", 2)
       account <- authenticate(settings, username, password)
     } yield {
       request.setAttribute(Keys.Request.UserName, account.userName)
@@ -64,61 +65,53 @@ class BasicAuthenticationFilter extends Filter with RepositoryService with Accou
     if(filter.filter(request.gitRepositoryPath, account.map(_.userName), settings, isUpdating)){
       chain.doFilter(request, response)
     } else {
-      requireAuth(response)
+      AuthUtil.requireAuth(response)
     }
   }
 
   private def defaultRepository(request: HttpServletRequest, response: HttpServletResponse, chain: FilterChain,
                                 settings: SystemSettings, isUpdating: Boolean): Unit = {
-    implicit val r = request
-
-    request.paths match {
+    val action = request.paths match {
       case Array(_, repositoryOwner, repositoryName, _*) =>
-        getRepository(repositoryOwner, repositoryName.replaceFirst("\\.wiki\\.git$|\\.git$", "")) match {
-          case Some(repository) => {
-            if(!isUpdating && !repository.repository.isPrivate && settings.allowAnonymousAccess){
-              chain.doFilter(request, response)
-            } else {
-              val passed = for {
-                auth <- Option(request.getHeader("Authorization"))
-                Array(username, password) = decodeAuthHeader(auth).split(":", 2)
-                account <- authenticate(settings, username, password)
-              } yield if(isUpdating || repository.repository.isPrivate){
-                  if(hasWritePermission(repository.owner, repository.name, Some(account))){
+        Database() withSession { implicit session =>
+          getRepository(repositoryOwner, repositoryName.replaceFirst("\\.wiki\\.git$|\\.git$", "")) match {
+            case Some(repository) => {
+              val execute = if (!isUpdating && !repository.repository.isPrivate && settings.allowAnonymousAccess) {
+                // Authentication is not required
+                true
+              } else {
+                // Authentication is required
+                val passed = for {
+                  auth <- Option(request.getHeader("Authorization"))
+                  Array(username, password) = AuthUtil.decodeAuthHeader(auth).split(":", 2)
+                  account <- authenticate(settings, username, password)
+                } yield if (isUpdating || repository.repository.isPrivate) {
+                  if (hasDeveloperRole(repository.owner, repository.name, Some(account))) {
                     request.setAttribute(Keys.Request.UserName, account.userName)
                     true
                   } else false
                 } else true
+                passed.getOrElse(false)
+              }
 
-              if(passed.getOrElse(false)){
-                chain.doFilter(request, response)
+              if (execute) {
+                () => chain.doFilter(request, response)
               } else {
-                requireAuth(response)
+                () => AuthUtil.requireAuth(response)
               }
             }
-          }
-          case None => {
-            logger.debug(s"Repository ${repositoryOwner}/${repositoryName} is not found.")
-            response.sendError(HttpServletResponse.SC_NOT_FOUND)
+            case None => () => {
+              logger.debug(s"Repository ${repositoryOwner}/${repositoryName} is not found.")
+              response.sendError(HttpServletResponse.SC_NOT_FOUND)
+            }
           }
         }
-      case _ => {
+      case _ => () => {
         logger.debug(s"Not enough path arguments: ${request.paths}")
         response.sendError(HttpServletResponse.SC_NOT_FOUND)
       }
     }
-  }
 
-  private def requireAuth(response: HttpServletResponse): Unit = {
-    response.setHeader("WWW-Authenticate", "BASIC realm=\"GitBucket\"")
-    response.sendError(HttpServletResponse.SC_UNAUTHORIZED)
-  }
-  
-  private def decodeAuthHeader(header: String): String = {
-    try {
-      new String(new sun.misc.BASE64Decoder().decodeBuffer(header.substring(6)))
-    } catch {
-      case _: Throwable => ""
-    }
+    action()
   }
 }

src/main/scala/gitbucket/core/servlet/GitLfsTransferServlet.scala

@@ -0,0 +1,83 @@
+package gitbucket.core.servlet
+
+import java.io.{File, FileInputStream, FileOutputStream}
+import java.text.MessageFormat
+import javax.servlet.http.{HttpServlet, HttpServletRequest, HttpServletResponse}
+
+import gitbucket.core.util.{FileUtil, StringUtil}
+import org.apache.commons.io.{FileUtils, IOUtils}
+import org.json4s.jackson.Serialization._
+import org.apache.http.HttpStatus
+import gitbucket.core.util.ControlUtil._
+
+/**
+ * Provides GitLFS Transfer API
+ * https://github.com/git-lfs/git-lfs/blob/master/docs/api/basic-transfers.md
+ */
+class GitLfsTransferServlet extends HttpServlet {
+
+  private implicit val jsonFormats = gitbucket.core.api.JsonFormat.jsonFormats
+  private val LongObjectIdLength = 32
+  private val LongObjectIdStringLength = LongObjectIdLength * 2
+
+  override protected def doGet(req: HttpServletRequest, res: HttpServletResponse): Unit = {
+    for {
+      (owner, repository, oid) <- getPathInfo(req, res) if checkToken(req, oid)
+    } yield {
+      val file = new File(FileUtil.getLfsFilePath(owner, repository, oid))
+      if(file.exists()){
+        res.setStatus(HttpStatus.SC_OK)
+        res.setContentType("application/octet-stream")
+        res.setContentLength(file.length.toInt)
+        using(new FileInputStream(file), res.getOutputStream){ (in, out) =>
+          IOUtils.copy(in, out)
+          out.flush()
+        }
+      } else {
+        sendError(res, HttpStatus.SC_NOT_FOUND,
+          MessageFormat.format("Object ''{0}'' not found", oid))
+      }
+    }
+  }
+
+  override protected def doPut(req: HttpServletRequest, res: HttpServletResponse): Unit = {
+    for {
+      (owner, repository, oid) <- getPathInfo(req, res) if checkToken(req, oid)
+    } yield {
+      val file = new File(FileUtil.getLfsFilePath(owner, repository, oid))
+      FileUtils.forceMkdir(file.getParentFile)
+      using(req.getInputStream, new FileOutputStream(file)){ (in, out) =>
+        IOUtils.copy(in, out)
+      }
+      res.setStatus(HttpStatus.SC_OK)
+    }
+  }
+
+  private def checkToken(req: HttpServletRequest, oid: String): Boolean = {
+    val token = req.getHeader("Authorization")
+    if(token != null){
+      val Array(expireAt, targetOid) = StringUtil.decodeBlowfish(token).split(" ")
+      oid == targetOid && expireAt.toLong > System.currentTimeMillis
+    } else {
+      false
+    }
+  }
+
+  private def getPathInfo(req: HttpServletRequest, res: HttpServletResponse): Option[(String, String, String)] = {
+    req.getRequestURI.substring(1).split("/").reverse match {
+      case Array(oid, repository, owner, _*) => Some((owner, repository, oid))
+      case _ => None
+    }
+  }
+
+  private def sendError(res: HttpServletResponse, status: Int, message: String): Unit = {
+    res.setStatus(status)
+    using(res.getWriter()){ out =>
+      out.write(write(GitLfs.Error(message)))
+      out.flush()
+    }
+  }
+
+}
+
+

src/main/scala/gitbucket/core/servlet/GitRepositoryServlet.scala

@@ -1,9 +1,11 @@
 package gitbucket.core.servlet
 
 import java.io.File
+import java.util.Date
 
 import gitbucket.core.api
-import gitbucket.core.model.{Session, WebHook}
+import gitbucket.core.model.WebHook
+import gitbucket.core.model.Profile.profile.blockingApi._
 import gitbucket.core.plugin.{GitRepositoryRouting, PluginRegistry}
 import gitbucket.core.service.IssuesService.IssueSearchCondition
 import gitbucket.core.service.WebHookService._
@@ -11,28 +13,29 @@ import gitbucket.core.service._
 import gitbucket.core.util.ControlUtil._
 import gitbucket.core.util.Implicits._
 import gitbucket.core.util._
-
 import org.eclipse.jgit.api.Git
 import org.eclipse.jgit.http.server.GitServlet
 import org.eclipse.jgit.lib._
 import org.eclipse.jgit.transport._
 import org.eclipse.jgit.transport.resolver._
 import org.slf4j.LoggerFactory
-
 import javax.servlet.ServletConfig
-import javax.servlet.http.{HttpServletResponse, HttpServletRequest}
+import javax.servlet.http.{HttpServletRequest, HttpServletResponse}
+
+import org.json4s.jackson.Serialization._
 
 
 /**
  * Provides Git repository via HTTP.
  * 
  * This servlet provides only Git repository functionality.
- * Authentication is provided by [[BasicAuthenticationFilter]].
+ * Authentication is provided by [[GitAuthenticationFilter]].
  */
 class GitRepositoryServlet extends GitServlet with SystemSettingsService {
 
   private val logger = LoggerFactory.getLogger(classOf[GitRepositoryServlet])
-  
+  private implicit val jsonFormats = gitbucket.core.api.JsonFormat.jsonFormats
+
   override def init(config: ServletConfig): Unit = {
     setReceivePackFactory(new GitBucketReceivePackFactory())
 
@@ -45,15 +48,75 @@ class GitRepositoryServlet extends GitServlet with SystemSettingsService {
   override def service(req: HttpServletRequest, res: HttpServletResponse): Unit = {
     val agent = req.getHeader("USER-AGENT")
     val index = req.getRequestURI.indexOf(".git")
-    if(index >= 0 && (agent == null || agent.toLowerCase.indexOf("git/") < 0)){
+    if(index >= 0 && (agent == null || agent.toLowerCase.indexOf("git") < 0)){
       // redirect for browsers
       val paths = req.getRequestURI.substring(0, index).split("/")
       res.sendRedirect(baseUrl(req) + "/" + paths.dropRight(1).last + "/" + paths.last)
+
+    } else if(req.getMethod.toUpperCase == "POST" && req.getRequestURI.endsWith("/info/lfs/objects/batch")){
+      serviceGitLfsBatchAPI(req, res)
+
     } else {
       // response for git client
       super.service(req, res)
     }
   }
+
+  /**
+   * Provides GitLFS Batch API
+   * https://github.com/git-lfs/git-lfs/blob/master/docs/api/batch.md
+   */
+  protected def serviceGitLfsBatchAPI(req: HttpServletRequest, res: HttpServletResponse): Unit = {
+    val batchRequest = read[GitLfs.BatchRequest](req.getInputStream)
+    val settings = loadSystemSettings()
+
+    settings.baseUrl match {
+      case None => {
+        throw new IllegalStateException("lfs.server_url is not configured.")
+      }
+      case Some(baseUrl) => {
+        val index = req.getRequestURI.indexOf(".git")
+        if(index >= 0){
+          req.getRequestURI.substring(0, index).split("/").reverse match {
+            case Array(repository, owner, _*) =>
+              val timeout = System.currentTimeMillis + (60000 * 10) // 10 min.
+              val batchResponse = batchRequest.operation match {
+                case "upload" =>
+                  GitLfs.BatchUploadResponse("basic", batchRequest.objects.map { requestObject =>
+                    GitLfs.BatchResponseObject(requestObject.oid, requestObject.size, true,
+                      GitLfs.Actions(
+                        upload = Some(GitLfs.Action(
+                          href = baseUrl + "/git-lfs/" + owner + "/" + repository + "/" + requestObject.oid,
+                          header = Map("Authorization" -> StringUtil.encodeBlowfish(timeout + " " + requestObject.oid)),
+                          expires_at = new Date(timeout)
+                        ))
+                      )
+                    )
+                  })
+                case "download" =>
+                  GitLfs.BatchUploadResponse("basic", batchRequest.objects.map { requestObject =>
+                    GitLfs.BatchResponseObject(requestObject.oid, requestObject.size, true,
+                      GitLfs.Actions(
+                        download = Some(GitLfs.Action(
+                          href = baseUrl + "/git-lfs/" + owner + "/" + repository + "/" + requestObject.oid,
+                          header = Map("Authorization" -> StringUtil.encodeBlowfish(timeout + " " + requestObject.oid)),
+                          expires_at = new Date(timeout)
+                        ))
+                      )
+                    )
+                  })
+              }
+
+              res.setContentType("application/vnd.git-lfs+json")
+              using(res.getWriter){ out =>
+                out.print(write(batchResponse))
+                out.flush()
+              }
+          }
+        }
+      }
+    }
+  }
 }
 
 class GitBucketRepositoryResolver(parent: FileResolver[HttpServletRequest]) extends RepositoryResolver[HttpServletRequest] {
@@ -107,126 +170,183 @@ class GitBucketReceivePackFactory extends ReceivePackFactory[HttpServletRequest]
 
 import scala.collection.JavaConverters._
 
-class CommitLogHook(owner: String, repository: String, pusher: String, baseUrl: String)(implicit session: Session)
+class CommitLogHook(owner: String, repository: String, pusher: String, baseUrl: String)/*(implicit session: Session)*/
   extends PostReceiveHook with PreReceiveHook
   with RepositoryService with AccountService with IssuesService with ActivityService with PullRequestService with WebHookService
-  with WebHookPullRequestService with ProtectedBranchService {
+  with WebHookPullRequestService with CommitsService {
   
   private val logger = LoggerFactory.getLogger(classOf[CommitLogHook])
   private var existIds: Seq[String] = Nil
 
   def onPreReceive(receivePack: ReceivePack, commands: java.util.Collection[ReceiveCommand]): Unit = {
-    try {
-      commands.asScala.foreach { command =>
-        // call pre-commit hook
-        PluginRegistry().getReceiveHooks
-          .flatMap(_.preReceive(owner, repository, receivePack, command, pusher))
-          .headOption.foreach { error =>
-          command.setResult(ReceiveCommand.Result.REJECTED_OTHER_REASON, error)
+    Database() withTransaction { implicit session =>
+      try {
+        commands.asScala.foreach { command =>
+          // call pre-commit hook
+          PluginRegistry().getReceiveHooks
+            .flatMap(_.preReceive(owner, repository, receivePack, command, pusher))
+            .headOption.foreach { error =>
+            command.setResult(ReceiveCommand.Result.REJECTED_OTHER_REASON, error)
+          }
+        }
+        using(Git.open(Directory.getRepositoryDir(owner, repository))) { git =>
+          existIds = JGitUtil.getAllCommitIds(git)
+        }
+      } catch {
+        case ex: Exception => {
+          logger.error(ex.toString, ex)
+          throw ex
         }
-      }
-      using(Git.open(Directory.getRepositoryDir(owner, repository))) { git =>
-        existIds = JGitUtil.getAllCommitIds(git)
-      }
-    } catch {
-      case ex: Exception => {
-        logger.error(ex.toString, ex)
-        throw ex
       }
     }
   }
 
   def onPostReceive(receivePack: ReceivePack, commands: java.util.Collection[ReceiveCommand]): Unit = {
-    try {
-      using(Git.open(Directory.getRepositoryDir(owner, repository))) { git =>
-        val pushedIds = scala.collection.mutable.Set[String]()
-        commands.asScala.foreach { command =>
-          logger.debug(s"commandType: ${command.getType}, refName: ${command.getRefName}")
-          implicit val apiContext = api.JsonFormat.Context(baseUrl)
-          val refName = command.getRefName.split("/")
-          val branchName = refName.drop(2).mkString("/")
-          val commits = if (refName(1) == "tags") {
-            Nil
-          } else {
-            command.getType match {
-              case ReceiveCommand.Type.DELETE => Nil
-              case _ => JGitUtil.getCommitLog(git, command.getOldId.name, command.getNewId.name)
-            }
-          }
+    Database() withTransaction { implicit session =>
+      try {
+        using(Git.open(Directory.getRepositoryDir(owner, repository))) { git =>
+          JGitUtil.removeCache(git)
 
-          // Retrieve all issue count in the repository
-          val issueCount =
-            countIssue(IssueSearchCondition(state = "open"), false, owner -> repository) +
-            countIssue(IssueSearchCondition(state = "closed"), false, owner -> repository)
-
-          val repositoryInfo = getRepository(owner, repository).get
-
-          // Extract new commit and apply issue comment
-          val defaultBranch = repositoryInfo.repository.defaultBranch
-          val newCommits = commits.flatMap { commit =>
-            if (!existIds.contains(commit.id) && !pushedIds.contains(commit.id)) {
-              if (issueCount > 0) {
-                pushedIds.add(commit.id)
-                createIssueComment(owner, repository, commit)
-                // close issues
-                if(refName(1) == "heads" && branchName == defaultBranch && command.getType == ReceiveCommand.Type.UPDATE){
-                  closeIssuesFromMessage(commit.fullMessage, pusher, owner, repository)
-                }
+          val pushedIds = scala.collection.mutable.Set[String]()
+          commands.asScala.foreach { command =>
+            logger.debug(s"commandType: ${command.getType}, refName: ${command.getRefName}")
+            implicit val apiContext = api.JsonFormat.Context(baseUrl)
+            val refName = command.getRefName.split("/")
+            val branchName = refName.drop(2).mkString("/")
+            val commits = if (refName(1) == "tags") {
+              Nil
+            } else {
+              command.getType match {
+                case ReceiveCommand.Type.DELETE => Nil
+                case _ => JGitUtil.getCommitLog(git, command.getOldId.name, command.getNewId.name)
               }
-              Some(commit)
-            } else None
-          }
-
-          // record activity
-          if(refName(1) == "heads"){
-            command.getType match {
-              case ReceiveCommand.Type.CREATE => recordCreateBranchActivity(owner, repository, pusher, branchName)
-              case ReceiveCommand.Type.UPDATE => recordPushActivity(owner, repository, pusher, branchName, newCommits)
-              case ReceiveCommand.Type.DELETE => recordDeleteBranchActivity(owner, repository, pusher, branchName)
-              case _ =>
             }
-          } else if(refName(1) == "tags"){
-            command.getType match {
-              case ReceiveCommand.Type.CREATE => recordCreateTagActivity(owner, repository, pusher, branchName, newCommits)
-              case ReceiveCommand.Type.DELETE => recordDeleteTagActivity(owner, repository, pusher, branchName, newCommits)
-              case _ =>
-            }
-          }
 
-          if(refName(1) == "heads"){
-            command.getType match {
-              case ReceiveCommand.Type.CREATE |
-                   ReceiveCommand.Type.UPDATE |
-                   ReceiveCommand.Type.UPDATE_NONFASTFORWARD =>
-                updatePullRequests(owner, repository, branchName)
-                getAccountByUserName(pusher).map{ pusherAccount =>
-                  callPullRequestWebHookByRequestBranch("synchronize", repositoryInfo, branchName, baseUrl, pusherAccount)
+            val repositoryInfo = getRepository(owner, repository).get
+
+            // Update default branch if repository is empty and pushed branch is not current default branch
+            if(JGitUtil.isEmpty(git) && commits.nonEmpty && branchName != repositoryInfo.repository.defaultBranch){
+              saveRepositoryDefaultBranch(owner, repository, branchName)
+              // Change repository HEAD
+              using(Git.open(Directory.getRepositoryDir(owner, repository))) { git =>
+                git.getRepository.updateRef(Constants.HEAD, true).link(Constants.R_HEADS + branchName)
+              }
+            }
+
+            // Retrieve all issue count in the repository
+            val issueCount =
+              countIssue(IssueSearchCondition(state = "open"), false, owner -> repository) +
+                countIssue(IssueSearchCondition(state = "closed"), false, owner -> repository)
+
+            // Extract new commit and apply issue comment
+            val defaultBranch = repositoryInfo.repository.defaultBranch
+            val newCommits = commits.flatMap { commit =>
+              if (!existIds.contains(commit.id) && !pushedIds.contains(commit.id)) {
+                if (issueCount > 0) {
+                  pushedIds.add(commit.id)
+                  createIssueComment(owner, repository, commit)
+                  // close issues
+                  if (refName(1) == "heads" && branchName == defaultBranch && command.getType == ReceiveCommand.Type.UPDATE) {
+                    closeIssuesFromMessage(commit.fullMessage, pusher, owner, repository)
+                  }
                 }
-              case _ =>
+                Some(commit)
+              } else None
             }
-          }
 
-          // call web hook
-          callWebHookOf(owner, repository, WebHook.Push){
-            for(pusherAccount <- getAccountByUserName(pusher);
-              ownerAccount   <- getAccountByUserName(owner)) yield {
-              WebHookPushPayload(git, pusherAccount, command.getRefName, repositoryInfo, newCommits, ownerAccount,
-                                 newId = command.getNewId(), oldId = command.getOldId())
+            // record activity
+            if (refName(1) == "heads") {
+              command.getType match {
+                case ReceiveCommand.Type.CREATE => recordCreateBranchActivity(owner, repository, pusher, branchName)
+                case ReceiveCommand.Type.UPDATE => recordPushActivity(owner, repository, pusher, branchName, newCommits)
+                case ReceiveCommand.Type.DELETE => recordDeleteBranchActivity(owner, repository, pusher, branchName)
+                case _ =>
+              }
+            } else if (refName(1) == "tags") {
+              command.getType match {
+                case ReceiveCommand.Type.CREATE => recordCreateTagActivity(owner, repository, pusher, branchName, newCommits)
+                case ReceiveCommand.Type.DELETE => recordDeleteTagActivity(owner, repository, pusher, branchName, newCommits)
+                case _ =>
+              }
             }
-          }
 
-          // call post-commit hook
-          PluginRegistry().getReceiveHooks.foreach(_.postReceive(owner, repository, receivePack, command, pusher))
+            if (refName(1) == "heads") {
+              command.getType match {
+                case ReceiveCommand.Type.CREATE |
+                     ReceiveCommand.Type.UPDATE |
+                     ReceiveCommand.Type.UPDATE_NONFASTFORWARD =>
+                  updatePullRequests(owner, repository, branchName)
+                  getAccountByUserName(pusher).map { pusherAccount =>
+                    callPullRequestWebHookByRequestBranch("synchronize", repositoryInfo, branchName, baseUrl, pusherAccount)
+                  }
+                case _ =>
+              }
+            }
+
+            // call web hook
+            callWebHookOf(owner, repository, WebHook.Push) {
+              for (pusherAccount <- getAccountByUserName(pusher);
+                   ownerAccount <- getAccountByUserName(owner)) yield {
+                WebHookPushPayload(git, pusherAccount, command.getRefName, repositoryInfo, newCommits, ownerAccount,
+                  newId = command.getNewId(), oldId = command.getOldId())
+              }
+            }
+
+            // call post-commit hook
+            PluginRegistry().getReceiveHooks.foreach(_.postReceive(owner, repository, receivePack, command, pusher))
+          }
+        }
+        // update repository last modified time.
+        updateLastActivityDate(owner, repository)
+      } catch {
+        case ex: Exception => {
+          logger.error(ex.toString, ex)
+          throw ex
         }
-      }
-      // update repository last modified time.
-      updateLastActivityDate(owner, repository)
-    } catch {
-      case ex: Exception => {
-        logger.error(ex.toString, ex)
-        throw ex
       }
     }
   }
 
 }
+
+object GitLfs {
+
+  case class BatchRequest(
+    operation: String,
+    transfers: Seq[String],
+    objects: Seq[BatchRequestObject]
+  )
+
+  case class BatchRequestObject(
+    oid: String,
+    size: Long
+  )
+
+  case class BatchUploadResponse(
+    transfer: String,
+    objects: Seq[BatchResponseObject]
+  )
+
+  case class BatchResponseObject(
+    oid: String,
+    size: Long,
+    authenticated: Boolean,
+    actions: Actions
+  )
+
+  case class Actions(
+    download: Option[Action] = None,
+    upload: Option[Action] = None
+  )
+
+  case class Action(
+    href: String,
+    header: Map[String, String] = Map.empty,
+    expires_at: Date
+  )
+
+  case class Error(
+    message: String
+  )
+
+}

src/main/scala/gitbucket/core/servlet/InitializeListener.scala

@@ -10,6 +10,7 @@ import gitbucket.core.service.{ActivityService, SystemSettingsService}
 import gitbucket.core.util.DatabaseConfig
 import gitbucket.core.util.Directory._
 import gitbucket.core.util.JDBCUtil._
+import gitbucket.core.model.Profile.profile.blockingApi._
 import io.github.gitbucket.solidbase.Solidbase
 import io.github.gitbucket.solidbase.manager.JDBCVersionManager
 import javax.servlet.{ServletContextListener, ServletContextEvent}
@@ -17,6 +18,7 @@ import org.apache.commons.io.FileUtils
 import org.slf4j.LoggerFactory
 import akka.actor.{Actor, Props, ActorSystem}
 import com.typesafe.akka.extension.quartz.QuartzSchedulerExtension
+import scala.collection.JavaConverters._
 
 /**
  * Initialize GitBucket system.
@@ -26,6 +28,20 @@ class InitializeListener extends ServletContextListener with SystemSettingsServi
 
   private val logger = LoggerFactory.getLogger(classOf[InitializeListener])
 
+  // ActorSystem for Quartz scheduler
+  private val system = ActorSystem("job", ConfigFactory.parseString(
+    """
+      |akka {
+      |  quartz {
+      |    schedules {
+      |      Daily {
+      |        expression = "0 0 0 * * ?"
+      |      }
+      |    }
+      |  }
+      |}
+    """.stripMargin))
+
   override def contextInitialized(event: ServletContextEvent): Unit = {
     val dataDir = event.getServletContext.getInitParameter("gitbucket.home")
     if(dataDir != null){
@@ -72,43 +88,40 @@ class InitializeListener extends ServletContextListener with SystemSettingsServi
         }
       }
 
-      // Rescue code for users who updated from 3.14 to 4.0.0
-      // https://github.com/gitbucket/gitbucket/issues/1227
-      val currentVersion = manager.getCurrentVersion(GitBucketCoreModule.getModuleId)
-      if(currentVersion == "4.0"){
-        manager.updateVersion(GitBucketCoreModule.getModuleId, "4.0.0")
-      }
-
       // Run normal migration
       logger.info("Start schema update")
       val solidbase = new Solidbase()
       solidbase.migrate(conn, Thread.currentThread.getContextClassLoader, DatabaseConfig.liquiDriver, GitBucketCoreModule)
 
+      // Rescue code for users who updated from 3.14 to 4.0.0
+      // https://github.com/gitbucket/gitbucket/issues/1227
+      val currentVersion = manager.getCurrentVersion(GitBucketCoreModule.getModuleId)
+      val databaseVersion = if(currentVersion == "4.0"){
+        manager.updateVersion(GitBucketCoreModule.getModuleId, "4.0.0")
+        "4.0.0"
+      } else currentVersion
+
+      val gitbucketVersion = GitBucketCoreModule.getVersions.asScala.last.getVersion
+      if(databaseVersion != gitbucketVersion){
+        throw new IllegalStateException(s"Initialization failed. GitBucket version is ${gitbucketVersion}, but database version is ${databaseVersion}.")
+      }
+
       // Load plugins
       logger.info("Initialize plugins")
       PluginRegistry.initialize(event.getServletContext, loadSystemSettings(), conn)
     }
 
     // Start Quartz scheduler
-    val system = ActorSystem("job", ConfigFactory.parseString(
-      """
-        |akka {
-        |  quartz {
-        |    schedules {
-        |      Daily {
-        |        expression = "0 0 0 * * ?"
-        |      }
-        |    }
-        |  }
-        |}
-      """.stripMargin))
-
     val scheduler = QuartzSchedulerExtension(system)
 
     scheduler.schedule("Daily", system.actorOf(Props[DeleteOldActivityActor]), "DeleteOldActivity")
   }
 
+
+
   override def contextDestroyed(event: ServletContextEvent): Unit = {
+    // Shutdown Quartz scheduler
+    system.terminate()
     // Shutdown plugins
     PluginRegistry.shutdown(event.getServletContext, loadSystemSettings())
     // Close datasource

src/main/scala/gitbucket/core/servlet/PluginAssetsServlet.scala

@@ -0,0 +1,39 @@
+package gitbucket.core.servlet
+
+import javax.servlet.http.{HttpServlet, HttpServletRequest, HttpServletResponse}
+
+import gitbucket.core.plugin.PluginRegistry
+import gitbucket.core.util.FileUtil
+import org.apache.commons.io.IOUtils
+
+/**
+ * Supply assets which are provided by plugins.
+ */
+class PluginAssetsServlet extends HttpServlet {
+
+  override def doGet(req: HttpServletRequest, resp: HttpServletResponse): Unit = {
+    val assetsMappings = PluginRegistry().getAssetsMappings
+    val path = req.getRequestURI.substring(req.getContextPath.length)
+
+    assetsMappings
+      .find    { case (prefix, _, _) => path.startsWith("/plugin-assets" + prefix) }
+      .flatMap { case (prefix, resourcePath, classLoader) =>
+        val resourceName = path.substring(("/plugin-assets" + prefix).length)
+        Option(classLoader.getResourceAsStream(resourcePath.replaceFirst("^/", "") + resourceName))
+      }
+      .map { in =>
+        try {
+          val bytes = IOUtils.toByteArray(in)
+          resp.setContentLength(bytes.length)
+          resp.setContentType(FileUtil.getContentType(path, bytes))
+          resp.getOutputStream.write(bytes)
+        } finally {
+          in.close()
+        }
+      }
+      .getOrElse {
+        resp.setStatus(404)
+      }
+  }
+
+}

src/main/scala/gitbucket/core/servlet/TransactionFilter.scala

@@ -8,6 +8,7 @@ import org.scalatra.ScalatraBase
 import org.slf4j.LoggerFactory
 import slick.jdbc.JdbcBackend.{Database => SlickDatabase, Session}
 import gitbucket.core.util.Keys
+import gitbucket.core.model.Profile.profile.blockingApi._
 
 /**
  * Controls the transaction with the open session in view pattern.
@@ -21,15 +22,16 @@ class TransactionFilter extends Filter {
   def destroy(): Unit = {}
 
   def doFilter(req: ServletRequest, res: ServletResponse, chain: FilterChain): Unit = {
-    if(req.asInstanceOf[HttpServletRequest].getServletPath().startsWith("/assets/")){
-      // assets don't need transaction
+    val servletPath = req.asInstanceOf[HttpServletRequest].getServletPath()
+    if(servletPath.startsWith("/assets/")  || servletPath == "/git" || servletPath == "/git-lfs"){
+      // assets and git-lfs don't need transaction
       chain.doFilter(req, res)
     } else {
       Database() withTransaction { session =>
         // Register Scalatra error callback to rollback transaction
         ScalatraBase.onFailure { _ =>
           logger.debug("Rolled back transaction")
-          session.rollback()
+          session.conn.rollback()
         }(req.asInstanceOf[HttpServletRequest])
 
         logger.debug("begin transaction")
@@ -52,12 +54,19 @@ object Database {
     config.setJdbcUrl(DatabaseConfig.url)
     config.setUsername(DatabaseConfig.user)
     config.setPassword(DatabaseConfig.password)
+    config.setAutoCommit(false)
+    DatabaseConfig.connectionTimeout.foreach(config.setConnectionTimeout)
+    DatabaseConfig.idleTimeout.foreach(config.setIdleTimeout)
+    DatabaseConfig.maxLifetime.foreach(config.setMaxLifetime)
+    DatabaseConfig.minimumIdle.foreach(config.setMinimumIdle)
+    DatabaseConfig.maximumPoolSize.foreach(config.setMaximumPoolSize)
+
     logger.debug("load database connection pool")
     new HikariDataSource(config)
   }
 
   private val db: SlickDatabase = {
-    SlickDatabase.forDataSource(dataSource)
+    SlickDatabase.forDataSource(dataSource, Some(dataSource.getMaximumPoolSize))
   }
 
   def apply(): SlickDatabase = db

src/main/scala/gitbucket/core/ssh/GitCommand.scala

@@ -1,19 +1,20 @@
 package gitbucket.core.ssh
 
-import gitbucket.core.model.Session
+import gitbucket.core.model.Profile.profile.blockingApi._
 import gitbucket.core.plugin.{GitRepositoryRouting, PluginRegistry}
-import gitbucket.core.service.{RepositoryService, AccountService, SystemSettingsService}
-import gitbucket.core.servlet.{Database, CommitLogHook}
-import gitbucket.core.util.{Directory, ControlUtil}
-import org.apache.sshd.server.{CommandFactory, Environment, ExitCallback, Command, SessionAware}
+import gitbucket.core.service.{AccountService, RepositoryService, SystemSettingsService}
+import gitbucket.core.servlet.{CommitLogHook, Database}
+import gitbucket.core.util.{ControlUtil, Directory}
+import org.apache.sshd.server.{Command, CommandFactory, Environment, ExitCallback, SessionAware}
 import org.apache.sshd.server.session.ServerSession
 import org.slf4j.LoggerFactory
 import java.io.{File, InputStream, OutputStream}
+
 import ControlUtil._
 import org.eclipse.jgit.api.Git
 import Directory._
 import org.eclipse.jgit.transport.{ReceivePack, UploadPack}
-import org.apache.sshd.server.command.UnknownCommand
+import org.apache.sshd.server.scp.UnknownCommand
 import org.eclipse.jgit.errors.RepositoryNotFoundException
 
 object GitCommand {
@@ -30,24 +31,22 @@ abstract class GitCommand extends Command with SessionAware {
   @volatile protected var callback: ExitCallback = null
   @volatile private var authUser:Option[String] = None
 
-  protected def runTask(authUser: String)(implicit session: Session): Unit
+  protected def runTask(authUser: String): Unit
 
   private def newTask(): Runnable = new Runnable {
     override def run(): Unit = {
       authUser match {
         case Some(authUser) =>
-          Database() withSession { implicit session =>
-            try {
-              runTask(authUser)
-              callback.onExit(0)
-            } catch {
-              case e: RepositoryNotFoundException =>
-                logger.info(e.getMessage)
-                callback.onExit(1, "Repository Not Found")
-              case e: Throwable =>
-                logger.error(e.getMessage, e)
-                callback.onExit(1)
-            }
+          try {
+            runTask(authUser)
+            callback.onExit(0)
+          } catch {
+            case e: RepositoryNotFoundException =>
+              logger.info(e.getMessage)
+              callback.onExit(1, "Repository Not Found")
+            case e: Throwable =>
+              logger.error(e.getMessage, e)
+              callback.onExit(1)
           }
         case None =>
           val message = "User not authenticated"
@@ -92,7 +91,7 @@ abstract class DefaultGitCommand(val owner: String, val repoName: String) extend
   protected def isWritableUser(username: String, repositoryInfo: RepositoryService.RepositoryInfo)
                               (implicit session: Session): Boolean =
     getAccountByUserName(username) match {
-      case Some(account) => hasWritePermission(repositoryInfo.owner, repositoryInfo.name, Some(account))
+      case Some(account) => hasDeveloperRole(repositoryInfo.owner, repositoryInfo.name, Some(account))
       case None => false
     }
 
@@ -102,14 +101,18 @@ abstract class DefaultGitCommand(val owner: String, val repoName: String) extend
 class DefaultGitUploadPack(owner: String, repoName: String) extends DefaultGitCommand(owner, repoName)
     with RepositoryService with AccountService {
 
-  override protected def runTask(user: String)(implicit session: Session): Unit = {
-    getRepository(owner, repoName.replaceFirst("\\.wiki\\Z", "")).foreach { repositoryInfo =>
-      if(!repositoryInfo.repository.isPrivate || isWritableUser(user, repositoryInfo)){
-        using(Git.open(getRepositoryDir(owner, repoName))) { git =>
-          val repository = git.getRepository
-          val upload = new UploadPack(repository)
-          upload.upload(in, out, err)
-        }
+  override protected def runTask(user: String): Unit = {
+    val execute = Database() withSession { implicit session =>
+      getRepository(owner, repoName.replaceFirst("\\.wiki\\Z", "")).map { repositoryInfo =>
+        !repositoryInfo.repository.isPrivate || isWritableUser(user, repositoryInfo)
+      }.getOrElse(false)
+    }
+
+    if(execute){
+      using(Git.open(getRepositoryDir(owner, repoName))) { git =>
+        val repository = git.getRepository
+        val upload = new UploadPack(repository)
+        upload.upload(in, out, err)
       }
     }
   }
@@ -118,19 +121,23 @@ class DefaultGitUploadPack(owner: String, repoName: String) extends DefaultGitCo
 class DefaultGitReceivePack(owner: String, repoName: String, baseUrl: String) extends DefaultGitCommand(owner, repoName)
     with RepositoryService with AccountService {
 
-  override protected def runTask(user: String)(implicit session: Session): Unit = {
-    getRepository(owner, repoName.replaceFirst("\\.wiki\\Z", "")).foreach { repositoryInfo =>
-      if(isWritableUser(user, repositoryInfo)){
-        using(Git.open(getRepositoryDir(owner, repoName))) { git =>
-          val repository = git.getRepository
-          val receive = new ReceivePack(repository)
-          if(!repoName.endsWith(".wiki")){
-            val hook = new CommitLogHook(owner, repoName, user, baseUrl)
-            receive.setPreReceiveHook(hook)
-            receive.setPostReceiveHook(hook)
-          }
-          receive.receive(in, out, err)
+  override protected def runTask(user: String): Unit = {
+    val execute = Database() withSession { implicit session =>
+      getRepository(owner, repoName.replaceFirst("\\.wiki\\Z", "")).map { repositoryInfo =>
+        isWritableUser(user, repositoryInfo)
+      }.getOrElse(false)
+    }
+
+    if(execute) {
+      using(Git.open(getRepositoryDir(owner, repoName))) { git =>
+        val repository = git.getRepository
+        val receive = new ReceivePack(repository)
+        if (!repoName.endsWith(".wiki")) {
+          val hook = new CommitLogHook(owner, repoName, user, baseUrl)
+          receive.setPreReceiveHook(hook)
+          receive.setPostReceiveHook(hook)
         }
+        receive.receive(in, out, err)
       }
     }
   }
@@ -139,8 +146,12 @@ class DefaultGitReceivePack(owner: String, repoName: String, baseUrl: String) ex
 class PluginGitUploadPack(repoName: String, routing: GitRepositoryRouting) extends GitCommand
     with SystemSettingsService {
 
-  override protected def runTask(user: String)(implicit session: Session): Unit = {
-    if(routing.filter.filter("/" + repoName, Some(user), loadSystemSettings(), false)){
+  override protected def runTask(user: String): Unit = {
+    val execute = Database() withSession { implicit session =>
+      routing.filter.filter("/" + repoName, Some(user), loadSystemSettings(), false)
+    }
+
+    if(execute){
       val path = routing.urlPattern.r.replaceFirstIn(repoName, routing.localPath)
       using(Git.open(new File(Directory.GitBucketHome, path))){ git =>
         val repository = git.getRepository
@@ -154,8 +165,11 @@ class PluginGitUploadPack(repoName: String, routing: GitRepositoryRouting) exten
 class PluginGitReceivePack(repoName: String, routing: GitRepositoryRouting) extends GitCommand
     with SystemSettingsService {
 
-  override protected def runTask(user: String)(implicit session: Session): Unit = {
-    if(routing.filter.filter("/" + repoName, Some(user), loadSystemSettings(), true)){
+  override protected def runTask(user: String): Unit = {
+    val execute = Database() withSession { implicit session =>
+      routing.filter.filter("/" + repoName, Some(user), loadSystemSettings(), true)
+    }
+    if(execute){
       val path = routing.urlPattern.r.replaceFirstIn(repoName, routing.localPath)
       using(Git.open(new File(Directory.GitBucketHome, path))){ git =>
         val repository = git.getRepository