From 5f890b55ca46a87721e38bc568fc3ff41d812ecf Mon Sep 17 00:00:00 2001
From: Carlos Felgueiras <carlosfelgueiras@tecnico.ulisboa.pt>
Date: Fri, 10 May 2024 15:58:31 +0000
Subject: [PATCH 01/16] feat(pin): implemented base code for pins on the
 backend

- Created the pin model, and basic CRUD operations.
- Implemented checks for lost of visibility of owner, to automatically
  delete the repository.
- Implemented check for the lack of visibility of a viewer, when
  requesting the repos of another user, excluding those repositories
  from the list that is returned.
- Added the deletion of all the pins of a repository when it is deleted.
- Implemented the ability for a user to pin on the profile of an org
  user, checking if the user is admin of the org, and the org is owner
  of the repo.

Co-authored-by: Daniel Carvalho <daniel.m.carvalho@tecnico.ulisboa.pt>
---
 models/repo/pin.go            |  65 ++++++++++++++
 models/repo/user_repo.go      |  31 +++++++
 services/repository/delete.go |   1 +
 services/user/pin.go          | 162 ++++++++++++++++++++++++++++++++++
 4 files changed, 259 insertions(+)
 create mode 100644 models/repo/pin.go
 create mode 100644 services/user/pin.go

diff --git a/models/repo/pin.go b/models/repo/pin.go
new file mode 100644
index 0000000000000..579a31125b1b9
--- /dev/null
+++ b/models/repo/pin.go
@@ -0,0 +1,65 @@
+// Copyright 2024 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repo
+
+import (
+	"context"
+
+	"code.gitea.io/gitea/models/db"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/timeutil"
+)
+
+type Pin struct {
+	ID          int64              `xorm:"pk autoincr"`
+	UID         int64              `xorm:"UNIQUE(s)"`
+	RepoID      int64              `xorm:"UNIQUE(s)"`
+	CreatedUnix timeutil.TimeStamp `xorm:"INDEX created"`
+}
+
+// TableName sets the table name for the pin struct
+func (s *Pin) TableName() string {
+	return "repo_pin"
+}
+
+func init() {
+	db.RegisterModel(new(Pin))
+}
+
+func IsPinned(ctx context.Context, userID, repoID int64) bool {
+	exists, _ := db.GetEngine(ctx).Get(&Pin{UID: userID, RepoID: repoID})
+	return exists
+}
+
+func PinRepo(ctx context.Context, doer *user_model.User, repo *Repository, pin bool) error {
+	ctx, commiter, err := db.TxContext(ctx)
+	if err != nil {
+		return err
+	}
+
+	defer commiter.Close()
+	pinned := IsPinned(ctx, doer.ID, repo.ID)
+
+	if pin {
+		// Already pinned, nothing to do
+		if pinned {
+			return nil
+		}
+
+		if err = db.Insert(ctx, &Pin{UID: doer.ID, RepoID: repo.ID}); err != nil {
+			return err
+		}
+	} else {
+		// Not pinned, nothing to do
+		if !pinned {
+			return nil
+		}
+
+		if _, err = db.DeleteByBean(ctx, &Pin{UID: doer.ID, RepoID: repo.ID}); err != nil {
+			return err
+		}
+	}
+
+	return commiter.Commit()
+}
diff --git a/models/repo/user_repo.go b/models/repo/user_repo.go
index c305603e02070..9af72da11d655 100644
--- a/models/repo/user_repo.go
+++ b/models/repo/user_repo.go
@@ -54,6 +54,37 @@ func GetStarredRepos(ctx context.Context, opts *StarredReposOptions) ([]*Reposit
 	return db.Find[Repository](ctx, opts)
 }
 
+type PinnedReposOptions struct {
+	db.ListOptions
+	PinnerID    int64
+	RepoOwnerID int64
+}
+
+func (opts *PinnedReposOptions) ToConds() builder.Cond {
+	var cond builder.Cond = builder.Eq{
+		"repo_pin.uid": opts.PinnerID,
+	}
+	if opts.RepoOwnerID != 0 {
+		cond = cond.And(builder.Eq{
+			"repository.owner_id": opts.RepoOwnerID,
+		})
+	}
+	return cond
+}
+
+func (opts *PinnedReposOptions) ToJoins() []db.JoinFunc {
+	return []db.JoinFunc{
+		func(e db.Engine) error {
+			e.Join("INNER", "repo_pin", "`repository`.id=`repo_pin`.repo_id")
+			return nil
+		},
+	}
+}
+
+func GetPinnedRepos(ctx context.Context, opts *PinnedReposOptions) (RepositoryList, error) {
+	return db.Find[Repository](ctx, opts)
+}
+
 type WatchedReposOptions struct {
 	db.ListOptions
 	WatcherID      int64
diff --git a/services/repository/delete.go b/services/repository/delete.go
index cd779b05c3501..2805eed3a53f0 100644
--- a/services/repository/delete.go
+++ b/services/repository/delete.go
@@ -151,6 +151,7 @@ func DeleteRepositoryDirectly(ctx context.Context, doer *user_model.User, repoID
 		&repo_model.Redirect{RedirectRepoID: repoID},
 		&repo_model.RepoUnit{RepoID: repoID},
 		&repo_model.Star{RepoID: repoID},
+		&repo_model.Pin{RepoID: repoID},
 		&admin_model.Task{RepoID: repoID},
 		&repo_model.Watch{RepoID: repoID},
 		&webhook.Webhook{RepoID: repoID},
diff --git a/services/user/pin.go b/services/user/pin.go
new file mode 100644
index 0000000000000..8f9c5f90a1f55
--- /dev/null
+++ b/services/user/pin.go
@@ -0,0 +1,162 @@
+// Copyright 2024 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package user
+
+import (
+	"errors"
+
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/models/organization"
+	access_model "code.gitea.io/gitea/models/perm/access"
+	repo_model "code.gitea.io/gitea/models/repo"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/services/context"
+)
+
+// Check if a user have a new pinned repo in it's profile, meaning that it
+// has permissions to pin said repo and also has enough space on the pinned list.
+func CanPin(ctx *context.Context, u *user_model.User, r *repo_model.Repository) bool {
+	repos, err := repo_model.GetPinnedRepos(*ctx, &repo_model.PinnedReposOptions{
+		ListOptions: db.ListOptions{
+			ListAll: true,
+		},
+		PinnerID: u.ID,
+	})
+	if err != nil {
+		ctx.ServerError("GetPinnedRepos", err)
+		return false
+	}
+	if len(repos) >= 6 {
+		return false
+	}
+
+	return HasPermsToPin(ctx, u, r)
+}
+
+// Checks if the user has permission to have the repo pinned in it's profile.
+func HasPermsToPin(ctx *context.Context, u *user_model.User, r *repo_model.Repository) bool {
+	// If user is an organization, it can only pin its own repos
+	if u.IsOrganization() {
+		return r.OwnerID == u.ID
+	}
+
+	// For normal users, anyone that has read access to the repo can pin it
+	return canSeePin(ctx, u, r)
+}
+
+// Check if a user can see a pin
+// A user can see a pin if he has read access to the repo
+func canSeePin(ctx *context.Context, u *user_model.User, r *repo_model.Repository) bool {
+	perm, err := access_model.GetUserRepoPermission(ctx, r, u)
+	if err != nil {
+		ctx.ServerError("GetUserRepoPermission", err)
+		return false
+	}
+	return perm.HasAnyUnitAccess()
+}
+
+// CleanupPins iterates over the repos pinned by a user and removes
+// the invalid pins. (Needs to be called everytime before we read/write a pin)
+func CleanupPins(ctx *context.Context, u *user_model.User) error {
+	pinnedRepos, err := repo_model.GetPinnedRepos(*ctx, &repo_model.PinnedReposOptions{
+		ListOptions: db.ListOptions{
+			ListAll: true,
+		},
+		PinnerID: u.ID,
+	})
+	if err != nil {
+		return err
+	}
+
+	for _, repo := range pinnedRepos {
+		if !HasPermsToPin(ctx, u, repo) {
+			if err := repo_model.PinRepo(*ctx, u, repo, false); err != nil {
+				return err
+			}
+		}
+	}
+
+	return nil
+}
+
+// Returns the pinned repos of a user that the viewer can see
+func GetUserPinnedRepos(ctx *context.Context, user, viewer *user_model.User) ([]*repo_model.Repository, error) {
+	// Start by cleaning up the invalid pins
+	err := CleanupPins(ctx, user)
+	if err != nil {
+		return nil, err
+	}
+
+	// Get all of the user's pinned repos
+	pinnedRepos, err := repo_model.GetPinnedRepos(*ctx, &repo_model.PinnedReposOptions{
+		ListOptions: db.ListOptions{
+			ListAll: true,
+		},
+		PinnerID: user.ID,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	var repos []*repo_model.Repository
+
+	// Only include the repos that the viewer can see
+	for _, repo := range pinnedRepos {
+		if canSeePin(ctx, viewer, repo) {
+			repos = append(repos, repo)
+		}
+	}
+
+	return repos, nil
+}
+
+func PinRepo(ctx *context.Context, doer *user_model.User, repo *repo_model.Repository, pin, toOrg bool) error {
+	// Determine the user which profile is the target for the pin
+	var targetUser *user_model.User
+	if toOrg {
+		targetUser = repo.Owner
+	} else {
+		targetUser = doer
+	}
+
+	// Start by cleaning up the invalid pins
+	err := CleanupPins(ctx, targetUser)
+	if err != nil {
+		return err
+	}
+
+	// If target is org profile, need to check if the doer can pin the repo
+	// on said org profile
+	if toOrg {
+		err = assertUserOrgPerms(ctx, doer, repo)
+		if err != nil {
+			return err
+		}
+	}
+
+	if pin {
+		if !CanPin(ctx, targetUser, repo) {
+			return errors.New("user cannot pin this repository")
+		}
+	}
+
+	return repo_model.PinRepo(*ctx, targetUser, repo, pin)
+}
+
+func assertUserOrgPerms(ctx *context.Context, doer *user_model.User, repo *repo_model.Repository) error {
+	if !ctx.Repo.Owner.IsOrganization() {
+		return errors.New("owner is not an organization")
+	}
+
+	isAdmin, err := organization.OrgFromUser(repo.Owner).IsOrgAdmin(ctx, doer.ID)
+	if err != nil {
+		return err
+	}
+
+	if !isAdmin {
+		return errors.New("user is not an admin of this organization")
+	}
+
+	return nil
+}

From fd47c820771c33649ed4414e995de9cf2d150f84 Mon Sep 17 00:00:00 2001
From: Carlos Felgueiras <carlosfelgueiras@tecnico.ulisboa.pt>
Date: Fri, 10 May 2024 16:08:24 +0000
Subject: [PATCH 02/16] feat(pin): implemented the list of pinned repositories
 on the profile

- Added list and count of pinned repos to the context data
  of the routes of a user and org profile.
- Added a template for the list of pinned repo cards.
- Included said template in the user and org profile templates.

Co-authored-by: Daniel Carvalho <daniel.m.carvalho@tecnico.ulisboa.pt>
---
 options/locale/locale_en-US.ini         |  1 +
 routers/web/org/home.go                 | 20 ++++++--
 routers/web/user/profile.go             | 21 +++++++--
 templates/org/home.tmpl                 |  3 ++
 templates/shared/pinned_repo_cards.tmpl | 62 +++++++++++++++++++++++++
 templates/user/profile.tmpl             |  3 ++
 6 files changed, 103 insertions(+), 7 deletions(-)
 create mode 100644 templates/shared/pinned_repo_cards.tmpl

diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index 6a08041a7c8b6..8964bb456aaf5 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -1102,6 +1102,7 @@ transfer.no_permission_to_reject = You do not have permission to reject this tra
 desc.private = Private
 desc.public = Public
 desc.template = Template
+desc.private_template = Private Template
 desc.internal = Internal
 desc.archived = Archived
 desc.sha256 = SHA256
diff --git a/routers/web/org/home.go b/routers/web/org/home.go
index 846b1de18ab13..b23bbeefa04f5 100644
--- a/routers/web/org/home.go
+++ b/routers/web/org/home.go
@@ -20,6 +20,7 @@ import (
 	"code.gitea.io/gitea/modules/util"
 	shared_user "code.gitea.io/gitea/routers/web/shared/user"
 	"code.gitea.io/gitea/services/context"
+	user_service "code.gitea.io/gitea/services/user"
 )
 
 const (
@@ -101,9 +102,11 @@ func Home(ctx *context.Context) {
 	ctx.Data["IsPrivate"] = private
 
 	var (
-		repos []*repo_model.Repository
-		count int64
-		err   error
+		repos       []*repo_model.Repository
+		count       int64
+		pinnedRepos []*repo_model.Repository
+		pinnedCount int64
+		err         error
 	)
 	repos, count, err = repo_model.SearchRepository(ctx, &repo_model.SearchRepoOptions{
 		ListOptions: db.ListOptions{
@@ -139,8 +142,19 @@ func Home(ctx *context.Context) {
 		return
 	}
 
+	// Get pinned repos
+	pinnedRepos, err = user_service.GetUserPinnedRepos(ctx, org.AsUser(), ctx.Doer)
+	if err != nil {
+		ctx.ServerError("GetUserPinnedRepos", err)
+		return
+	}
+
+	pinnedCount = int64(len(pinnedRepos))
+
 	ctx.Data["Repos"] = repos
 	ctx.Data["Total"] = count
+	ctx.Data["PinnedRepos"] = pinnedRepos
+	ctx.Data["PinnedTotal"] = pinnedCount
 	ctx.Data["Members"] = members
 	ctx.Data["Teams"] = ctx.Org.Teams
 	ctx.Data["DisableNewPullMirrors"] = setting.Mirror.DisableNewPull
diff --git a/routers/web/user/profile.go b/routers/web/user/profile.go
index f0749e10216ee..ef8072f8cf065 100644
--- a/routers/web/user/profile.go
+++ b/routers/web/user/profile.go
@@ -26,6 +26,7 @@ import (
 	"code.gitea.io/gitea/routers/web/org"
 	shared_user "code.gitea.io/gitea/routers/web/shared/user"
 	"code.gitea.io/gitea/services/context"
+	user_service "code.gitea.io/gitea/services/user"
 )
 
 const (
@@ -104,10 +105,12 @@ func prepareUserProfileTabData(ctx *context.Context, showPrivate bool, profileDb
 	pagingNum := setting.UI.User.RepoPagingNum
 	topicOnly := ctx.FormBool("topic")
 	var (
-		repos   []*repo_model.Repository
-		count   int64
-		total   int
-		orderBy db.SearchOrderBy
+		repos       []*repo_model.Repository
+		pinnedRepos []*repo_model.Repository
+		count       int64
+		pinnedCount int64
+		total       int
+		orderBy     db.SearchOrderBy
 	)
 
 	ctx.Data["SortType"] = ctx.FormString("sort")
@@ -312,9 +315,19 @@ func prepareUserProfileTabData(ctx *context.Context, showPrivate bool, profileDb
 		}
 
 		total = int(count)
+
+		pinnedRepos, err = user_service.GetUserPinnedRepos(ctx, ctx.ContextUser, ctx.Doer)
+		if err != nil {
+			ctx.ServerError("GetUserPinnedRepos", err)
+			return
+		}
+
+		pinnedCount = int64(len(pinnedRepos))
 	}
 	ctx.Data["Repos"] = repos
 	ctx.Data["Total"] = total
+	ctx.Data["PinnedRepos"] = pinnedRepos
+	ctx.Data["PinnedCount"] = pinnedCount
 
 	err = shared_user.LoadHeaderCount(ctx)
 	if err != nil {
diff --git a/templates/org/home.tmpl b/templates/org/home.tmpl
index 4851b6997967b..1f83dddda68c7 100644
--- a/templates/org/home.tmpl
+++ b/templates/org/home.tmpl
@@ -8,6 +8,9 @@
 				{{if .ProfileReadme}}
 					<div id="readme_profile" class="markup">{{.ProfileReadme}}</div>
 				{{end}}
+				{{if .PinnedRepos}}
+					{{template "shared/pinned_repo_cards" .}}
+				{{end}}
 				{{template "shared/repo_search" .}}
 				{{template "explore/repo_list" .}}
 				{{template "base/paginate" .}}
diff --git a/templates/shared/pinned_repo_cards.tmpl b/templates/shared/pinned_repo_cards.tmpl
new file mode 100644
index 0000000000000..d32a52a5e9d54
--- /dev/null
+++ b/templates/shared/pinned_repo_cards.tmpl
@@ -0,0 +1,62 @@
+<div class="ui three stackable cards">
+	{{range .PinnedRepos}}
+		<div class="ui card">
+			<div class="content">
+				<div class="header">
+					<div class="flex-item tw-items-center">
+						<div class="flex-item-main">
+							<a class="name" href="{{.Link}}">
+								{{if or $.PageIsExplore $.PageIsProfileStarList}}{{if .Owner}}{{.Owner.Name}} / {{end}}{{end}}{{.Name}}
+							</a>
+						</div>
+						<div class="flex-item-trailing">
+							{{if .IsArchived}}
+								<span class="ui basic label">{{ctx.Locale.Tr "repo.desc.archived"}}</span>
+							{{end}}
+							{{if .IsTemplate}}
+								{{if .IsPrivate}}
+									<span class="ui basic label">{{ctx.Locale.Tr "repo.desc.private_template"}}</span>
+								{{end}}
+							{{else}}
+								{{if .IsPrivate}}
+									<span class="ui basic label">{{ctx.Locale.Tr "repo.desc.private"}}</span>
+								{{end}}
+							{{end}}
+							{{if .IsFork}}
+								{{svg "octicon-repo-forked"}}
+							{{else if .IsMirror}}
+								{{svg "octicon-mirror"}}
+							{{end}}
+						</div>
+					</div>
+				</div>
+				<div class="extra content">
+					<div class="metas df ac">
+						{{if .PrimaryLanguage}}
+						<span class="text grey df ac mr-3"><i class="color-icon mr-3" style="background-color: {{.PrimaryLanguage.Color}}"></i>{{.PrimaryLanguage.Language}}</span>
+						{{end}}
+						{{if not $.DisableStars}}
+						<span class="text grey df ac mr-3">{{svg "octicon-star" 16 "mr-3"}}{{.NumStars}}</span>
+						{{end}}
+						<span class="text grey df ac mr-3">{{svg "octicon-git-branch" 16 "mr-3"}}{{.NumForks}}</span>
+					</div>
+				</div>
+				<div class="description">
+					{{$description := .DescriptionHTML $.Context}}
+					{{if $description}}<p>{{$description}}</p>{{end}}
+					{{if .Topics}}
+					<div class="ui tags">
+						{{range .Topics}}
+						{{if ne . ""}}
+						<a href="{{AppSubUrl}}/explore/repos?q={{.}}&topic=1">
+							<div class="ui small label topic">{{.}}</div>
+						</a>
+						{{end}}
+						{{end}}
+					</div>
+					{{end}}
+				</div>
+			</div>
+		</div>
+	{{end}}
+</div>
diff --git a/templates/user/profile.tmpl b/templates/user/profile.tmpl
index cf61bb906a172..d38292077d297 100644
--- a/templates/user/profile.tmpl
+++ b/templates/user/profile.tmpl
@@ -28,6 +28,9 @@
 				{{else if eq .TabName "overview"}}
 					<div id="readme_profile" class="markup">{{.ProfileReadme}}</div>
 				{{else}}
+					{{if .PinnedRepos}}
+						{{template "shared/pinned_repo_cards" .}}
+					{{end}}
 					{{template "shared/repo_search" .}}
 					{{template "explore/repo_list" .}}
 					{{template "base/paginate" .}}

From e8dca1ecd4a1b184af6aa1d799d7e9cbdaba13bb Mon Sep 17 00:00:00 2001
From: Carlos Felgueiras <carlosfelgueiras@tecnico.ulisboa.pt>
Date: Fri, 10 May 2024 16:14:29 +0000
Subject: [PATCH 03/16] feat(pin): implemented the pin/unpin button on repo
 main page

- Added the unpin octicon svg from a previous attempt to implement this
  feature.
- Added the template for the button/set of buttons for pinning/unpinning
  a repo.
- Added the use of said template in the header of a repo main page.
- Added the routes for the POST requests for pinning/unpinning to
  user/org.

Co-authored-by: Daniel Carvalho <daniel.m.carvalho@tecnico.ulisboa.pt>
---
 options/locale/locale_en-US.ini               |  5 +++
 .../assets/img/svg/octicon-custom-pin-off.svg |  1 +
 routers/web/repo/repo.go                      |  9 +++++
 routers/web/repo/view.go                      | 37 +++++++++++++++++++
 templates/repo/header.tmpl                    |  1 +
 templates/repo/pin_unpin.tmpl                 | 30 +++++++++++++++
 web_src/svg/octicon-custom-pin-off.svg        |  1 +
 7 files changed, 84 insertions(+)
 create mode 100644 public/assets/img/svg/octicon-custom-pin-off.svg
 create mode 100644 templates/repo/pin_unpin.tmpl
 create mode 100644 web_src/svg/octicon-custom-pin-off.svg

diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index 8964bb456aaf5..78c80305fc00d 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -1188,10 +1188,15 @@ fork_from_self = You cannot fork a repository you own.
 fork_guest_user = Sign in to fork this repository.
 watch_guest_user = Sign in to watch this repository.
 star_guest_user = Sign in to star this repository.
+pin_guest_user = Sign in to pin this repository.
 unwatch = Unwatch
 watch = Watch
 unstar = Unstar
 star = Star
+pin = Pin
+unpin = Unpin
+pin-org = Pin to %s
+unpin-org = Unpin from %s
 fork = Fork
 action.blocked_user = Cannot perform action because you are blocked by the repository owner.
 download_archive = Download Repository
diff --git a/public/assets/img/svg/octicon-custom-pin-off.svg b/public/assets/img/svg/octicon-custom-pin-off.svg
new file mode 100644
index 0000000000000..763953c2aca17
--- /dev/null
+++ b/public/assets/img/svg/octicon-custom-pin-off.svg
@@ -0,0 +1 @@
+<svg aria-hidden="true" viewBox="0 0 16 16" class="svg octicon-custom-pin-off" xmlns="http://www.w3.org/2000/svg" width="16" height="16"><path d="M14.779 13.721 11.061 10l2.205-2.204c.967-.968.5-2.623-.832-2.94l-.73-.174 2.645-2.625a.7.7 0 0 0-.986-.994L1.023 13.308a.7.7 0 0 0 .986.994l2.662-2.642.184.773c.317 1.332 1.972 1.799 2.94.832L10 11.061l3.719 3.719a.75.75 0 0 0 1.08.001.747.747 0 0 0-.02-1.06m-8.045-1.517a.25.25 0 0 1-.42-.121l-.396-1.661 4.532-4.498 1.634.389a.25.25 0 0 1 .12.42zm-2.2-4.677a1 1 0 0 0-.078-.082 3.6 3.6 0 0 0-1.262-.912L1.866 5.92a.252.252 0 0 1-.073-.404l3.722-3.722a.25.25 0 0 1 .405.072l.612 1.327c.27.585.409.881.875 1.293l.012.012q.01.008.019.018l.003-.003a.74.74 0 0 0 .496.197c.41 0 .742-.332.742-.742a.73.73 0 0 0-.147-.421l.007-.007c-.211-.294-.442-.538-.644-.975l-.613-1.327A1.75 1.75 0 0 0 4.456.734L.734 4.456a1.75 1.75 0 0 0 .504 2.826l1.327.613c.428.197.59.272.882.626a.742.742 0 0 0 1.269-.522.72.72 0 0 0-.139-.409"/></svg>
\ No newline at end of file
diff --git a/routers/web/repo/repo.go b/routers/web/repo/repo.go
index 48be1c22968fb..231047d59fb2b 100644
--- a/routers/web/repo/repo.go
+++ b/routers/web/repo/repo.go
@@ -36,6 +36,7 @@ import (
 	repo_service "code.gitea.io/gitea/services/repository"
 	archiver_service "code.gitea.io/gitea/services/repository/archiver"
 	commitstatus_service "code.gitea.io/gitea/services/repository/commitstatus"
+	user_service "code.gitea.io/gitea/services/user"
 )
 
 const (
@@ -321,6 +322,14 @@ func Action(ctx *context.Context) {
 		err = repo_model.StarRepo(ctx, ctx.Doer, ctx.Repo.Repository, true)
 	case "unstar":
 		err = repo_model.StarRepo(ctx, ctx.Doer, ctx.Repo.Repository, false)
+	case "pin":
+		err = user_service.PinRepo(ctx, ctx.Doer, ctx.Repo.Repository, true, false)
+	case "unpin":
+		err = user_service.PinRepo(ctx, ctx.Doer, ctx.Repo.Repository, false, false)
+	case "pin-org":
+		err = user_service.PinRepo(ctx, ctx.Doer, ctx.Repo.Repository, true, true)
+	case "unpin-org":
+		err = user_service.PinRepo(ctx, ctx.Doer, ctx.Repo.Repository, false, true)
 	case "accept_transfer":
 		err = acceptOrRejectRepoTransfer(ctx, true)
 	case "reject_transfer":
diff --git a/routers/web/repo/view.go b/routers/web/repo/view.go
index e4e6201c24abd..1e85f91d58e75 100644
--- a/routers/web/repo/view.go
+++ b/routers/web/repo/view.go
@@ -29,6 +29,7 @@ import (
 	"code.gitea.io/gitea/models/db"
 	git_model "code.gitea.io/gitea/models/git"
 	issue_model "code.gitea.io/gitea/models/issues"
+	"code.gitea.io/gitea/models/organization"
 	repo_model "code.gitea.io/gitea/models/repo"
 	unit_model "code.gitea.io/gitea/models/unit"
 	user_model "code.gitea.io/gitea/models/user"
@@ -50,6 +51,7 @@ import (
 	"code.gitea.io/gitea/services/context"
 	issue_service "code.gitea.io/gitea/services/issue"
 	files_service "code.gitea.io/gitea/services/repository/files"
+	user_services "code.gitea.io/gitea/services/user"
 
 	"github.com/nektos/act/pkg/model"
 
@@ -791,6 +793,13 @@ func Home(ctx *context.Context) {
 		return
 	}
 
+	if ctx.IsSigned {
+		err := loadPinData(ctx)
+		if err != nil {
+			ctx.ServerError("loadPinData", err)
+		}
+	}
+
 	renderHomeCode(ctx)
 }
 
@@ -1168,3 +1177,31 @@ func Forks(ctx *context.Context) {
 
 	ctx.HTML(http.StatusOK, tplForks)
 }
+
+func loadPinData(ctx *context.Context) error {
+	// First, cleanup any pins that are no longer valid
+	err := user_services.CleanupPins(ctx, ctx.Doer)
+	if err != nil {
+		return err
+	}
+
+	ctx.Data["IsPinningRepo"] = repo_model.IsPinned(ctx, ctx.Doer.ID, ctx.Repo.Repository.ID)
+	ctx.Data["CanPinRepo"] = user_services.CanPin(ctx, ctx.Doer, ctx.Repo.Repository)
+
+	if ctx.Repo.Repository.Owner.IsOrganization() {
+		org := organization.OrgFromUser(ctx.Repo.Repository.Owner)
+
+		isAdmin, err := org.IsOrgAdmin(ctx, ctx.Doer.ID)
+		if err != nil {
+			return err
+		}
+
+		if isAdmin {
+			ctx.Data["CanUserPinToOrg"] = true
+			ctx.Data["IsOrgPinningRepo"] = repo_model.IsPinned(ctx, ctx.Repo.Repository.OwnerID, ctx.Repo.Repository.ID)
+			ctx.Data["CanOrgPinRepo"] = user_services.CanPin(ctx, ctx.Repo.Repository.Owner, ctx.Repo.Repository)
+		}
+	}
+
+	return nil
+}
diff --git a/templates/repo/header.tmpl b/templates/repo/header.tmpl
index 34f47b7d89a1f..07e607c475bea 100644
--- a/templates/repo/header.tmpl
+++ b/templates/repo/header.tmpl
@@ -60,6 +60,7 @@
 						{{svg "octicon-rss" 16}}
 					</a>
 					{{end}}
+					{{template "repo/pin_unpin" $}}
 					{{template "repo/watch_unwatch" $}}
 					{{if not $.DisableStars}}
 					{{template "repo/star_unstar" $}}
diff --git a/templates/repo/pin_unpin.tmpl b/templates/repo/pin_unpin.tmpl
new file mode 100644
index 0000000000000..f06f898fda338
--- /dev/null
+++ b/templates/repo/pin_unpin.tmpl
@@ -0,0 +1,30 @@
+<div class="ui buttons">
+	<form hx-boost="true" hx-target="this" method="post" action="{{$.RepoLink}}/action/{{if .IsPinningRepo}}unpin{{else}}pin{{end}}">
+		<div class="ui labeled item" {{if not $.IsSigned}}data-tooltip-content="{{ctx.Locale.Tr "repo.pin_guest_user"}}"{{end}}>
+			{{$buttonText := ctx.Locale.Tr "repo.pin"}}
+			{{if $.IsPinningRepo}}{{$buttonText = ctx.Locale.Tr "repo.unpin"}}{{end}}
+			<button type="submit" class="ui compact small basic button"{{if or (not $.IsSigned) (and (not $.IsPinningRepo) (not .CanPinRepo))}} disabled{{end}} aria-label="{{$buttonText}}">
+				{{if $.IsPinningRepo}}{{svg "octicon-custom-pin-off"}}{{else}}{{svg "octicon-pin"}}{{end}}
+				<span class="not-mobile" aria-hidden="true">{{$buttonText}}</span>
+			</button>
+		</div>
+	</form>
+
+	{{if .CanUserPinToOrg}}
+	<div class="ui floating dropdown icon button">
+		<i class="dropdown icon"></i>
+		<div class="compact menu">
+			<form hx-boost="true" hx-target="this" method="post" action="{{$.RepoLink}}/action/{{if .IsOrgPinningRepo}}unpin{{else}}pin{{end}}-org">
+				<div class="ui labeled button item" {{if not $.IsSigned}}data-tooltip-content="{{ctx.Locale.Tr "repo.pin_guest_user"}}"{{end}}>
+					{{$buttonText = ctx.Locale.Tr "repo.pin-org" .Owner.Name}}
+					{{if $.IsOrgPinningRepo}}{{$buttonText = ctx.Locale.Tr "repo.unpin-org" .Owner.Name}}{{end}}
+					<button type="submit" class="ui compact small basic button"{{if or (not $.IsSigned) (and (not $.IsOrgPinningRepo) (not .CanOrgPinRepo))}} disabled{{end}} aria-label="{{$buttonText}}">
+						{{if $.IsOrgPinningRepo}}{{svg "octicon-custom-pin-off"}}{{else}}{{svg "octicon-pin"}}{{end}}
+						<span class="not-mobile" aria-hidden="true">{{$buttonText}}</span>
+					</button>
+				</div>
+			</form>
+		</div>
+	</div>
+	{{end}}
+</div>
diff --git a/web_src/svg/octicon-custom-pin-off.svg b/web_src/svg/octicon-custom-pin-off.svg
new file mode 100644
index 0000000000000..a5e6fda34193a
--- /dev/null
+++ b/web_src/svg/octicon-custom-pin-off.svg
@@ -0,0 +1 @@
+<svg aria-hidden="true" viewBox="0 0 16 16" width="16" height="16"><path d="M14.779 13.721 11.061 10l2.205-2.204c.967-.968.5-2.623-.832-2.94l-.73-.174 2.645-2.625a.7.7 0 0 0-.986-.994L1.023 13.308a.7.7 0 0 0 .986.994l2.662-2.642.184.773c.317 1.332 1.972 1.799 2.94.832L10 11.061l3.719 3.719a.751.751 0 0 0 1.08.001.747.747 0 0 0-.02-1.06zm-8.045-1.517a.25.25 0 0 1-.42-.121l-.396-1.661 4.532-4.498 1.634.389a.25.25 0 0 1 .12.42l-5.47 5.471zM4.534 7.527a.86.86 0 0 0-.078-.082 3.634 3.634 0 0 0-1.262-.912L1.866 5.92a.252.252 0 0 1-.073-.404l3.722-3.722a.251.251 0 0 1 .405.072l.612 1.327c.27.585.409.881.875 1.293l.012.012c.007.005.012.012.019.018l.003-.003a.74.74 0 0 0 .496.197c.41 0 .742-.332.742-.742a.73.73 0 0 0-.147-.421l.007-.007c-.211-.294-.442-.538-.644-.975l-.613-1.327A1.75 1.75 0 0 0 4.456.734L.734 4.456a1.75 1.75 0 0 0 .504 2.826l1.327.613c.428.197.59.272.882.626a.742.742 0 0 0 1.269-.522.724.724 0 0 0-.139-.409"/></svg>
\ No newline at end of file

From 0754ed7c186f58d9e83e1520b52e7f63f6fe0e00 Mon Sep 17 00:00:00 2001
From: Carlos Felgueiras <carlosfelgueiras@tecnico.ulisboa.pt>
Date: Fri, 10 May 2024 16:17:42 +0000
Subject: [PATCH 04/16] test(pin): created basic tests for the pin/unpin
 feature

- Created unit tests that check the basic functionality of the model
  functions
- Created integration tests that check the functionality of the POST
  routes, verifying the effects directly on the database.

Co-authored-by: Daniel Carvalho <daniel.m.carvalho@tecnico.ulisboa.pt>
---
 models/repo/pin_test.go            | 48 ++++++++++++++++++++++++
 tests/integration/repo_pin_test.go | 60 ++++++++++++++++++++++++++++++
 2 files changed, 108 insertions(+)
 create mode 100644 models/repo/pin_test.go
 create mode 100644 tests/integration/repo_pin_test.go

diff --git a/models/repo/pin_test.go b/models/repo/pin_test.go
new file mode 100644
index 0000000000000..49ef59344da7a
--- /dev/null
+++ b/models/repo/pin_test.go
@@ -0,0 +1,48 @@
+// Copyright 2017 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repo_test
+
+import (
+	"testing"
+
+	"code.gitea.io/gitea/models/db"
+	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestPinRepoFunctionality(t *testing.T) {
+	assert.NoError(t, unittest.PrepareTestDatabase())
+
+	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
+	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
+
+	unittest.AssertNotExistsBean(t, &repo_model.Pin{UID: user.ID, RepoID: repo.ID})
+	assert.NoError(t, repo_model.PinRepo(db.DefaultContext, user, repo, true))
+	unittest.AssertExistsAndLoadBean(t, &repo_model.Pin{UID: user.ID, RepoID: repo.ID})
+	assert.NoError(t, repo_model.PinRepo(db.DefaultContext, user, repo, true))
+	unittest.AssertExistsAndLoadBean(t, &repo_model.Pin{UID: user.ID, RepoID: repo.ID})
+	assert.NoError(t, repo_model.PinRepo(db.DefaultContext, user, repo, false))
+	unittest.AssertNotExistsBean(t, &repo_model.Star{UID: user.ID, RepoID: repo.ID})
+}
+
+func TestIsPinned(t *testing.T) {
+	assert.NoError(t, unittest.PrepareTestDatabase())
+
+	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
+	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
+
+	unittest.AssertNotExistsBean(t, &repo_model.Pin{UID: user.ID, RepoID: repo.ID})
+	assert.NoError(t, repo_model.PinRepo(db.DefaultContext, user, repo, true))
+	unittest.AssertExistsAndLoadBean(t, &repo_model.Pin{UID: user.ID, RepoID: repo.ID})
+
+	assert.True(t, repo_model.IsPinned(db.DefaultContext, user.ID, repo.ID))
+
+	assert.NoError(t, repo_model.PinRepo(db.DefaultContext, user, repo, false))
+	unittest.AssertNotExistsBean(t, &repo_model.Star{UID: user.ID, RepoID: repo.ID})
+
+	assert.False(t, repo_model.IsPinned(db.DefaultContext, user.ID, repo.ID))
+}
diff --git a/tests/integration/repo_pin_test.go b/tests/integration/repo_pin_test.go
new file mode 100644
index 0000000000000..2d3cc40d2d1f6
--- /dev/null
+++ b/tests/integration/repo_pin_test.go
@@ -0,0 +1,60 @@
+package integration
+
+import (
+	"net/http"
+	"net/url"
+	"path"
+	"testing"
+
+	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/models/unittest"
+)
+
+func TestUserRepoPin(t *testing.T) {
+	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		session := loginUser(t, "user2")
+		unittest.AssertNotExistsBean(t, &repo_model.Pin{UID: 2, RepoID: 3})
+		testUserPinRepo(t, session, "org3", "repo3", true, false)
+		unittest.AssertExistsAndLoadBean(t, &repo_model.Pin{UID: 2, RepoID: 3})
+		testUserPinRepo(t, session, "org3", "repo3", false, false)
+		unittest.AssertNotExistsBean(t, &repo_model.Pin{UID: 2, RepoID: 3})
+	})
+}
+
+func TestOrgRepoPin(t *testing.T) {
+	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		session := loginUser(t, "user2")
+		unittest.AssertNotExistsBean(t, &repo_model.Pin{UID: 3, RepoID: 3})
+		testUserPinRepo(t, session, "org3", "repo3", true, true)
+		unittest.AssertExistsAndLoadBean(t, &repo_model.Pin{UID: 3, RepoID: 3})
+		testUserPinRepo(t, session, "org3", "repo3", false, true)
+		unittest.AssertNotExistsBean(t, &repo_model.Pin{UID: 3, RepoID: 3})
+	})
+}
+
+func testUserPinRepo(t *testing.T, session *TestSession, user, repo string, pin, org bool) error {
+	var action string
+	if pin {
+		action = "pin"
+	} else {
+		action = "unpin"
+	}
+
+	if org {
+		action += "-org"
+	}
+
+	// Get repo page to get the CSRF token
+	reqPage := NewRequest(t, "GET", path.Join(user, repo))
+	respPage := session.MakeRequest(t, reqPage, http.StatusOK)
+
+	htmlDoc := NewHTMLParser(t, respPage.Body)
+
+	reqPath := path.Join(user, repo, "action", action)
+	req := NewRequestWithValues(t, "POST", reqPath, map[string]string{
+		"_csrf": htmlDoc.GetCSRF(),
+	})
+	session.MakeRequest(t, req, http.StatusSeeOther)
+
+	return nil
+}

From f8b17560bd91d633e4082720d8abb42ae5152934 Mon Sep 17 00:00:00 2001
From: Carlos Felgueiras <carlosfelgueiras@tecnico.ulisboa.pt>
Date: Mon, 13 May 2024 10:44:12 +0000
Subject: [PATCH 05/16] fix(lint): fixed and added copyright and license
 comment on top of files

---
 models/repo/pin_test.go            | 2 +-
 tests/integration/repo_pin_test.go | 3 +++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/models/repo/pin_test.go b/models/repo/pin_test.go
index 49ef59344da7a..d6d9b2e765f85 100644
--- a/models/repo/pin_test.go
+++ b/models/repo/pin_test.go
@@ -1,4 +1,4 @@
-// Copyright 2017 The Gitea Authors. All rights reserved.
+// Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
 package repo_test
diff --git a/tests/integration/repo_pin_test.go b/tests/integration/repo_pin_test.go
index 2d3cc40d2d1f6..9d659d385c610 100644
--- a/tests/integration/repo_pin_test.go
+++ b/tests/integration/repo_pin_test.go
@@ -1,3 +1,6 @@
+// Copyright 2024 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
 package integration
 
 import (

From 5fba27cbbc599c021685e11cc498cdfda6085903 Mon Sep 17 00:00:00 2001
From: Daniel Carvalho <daniel.m.carvalho@tecnico.ulisboa.pt>
Date: Mon, 13 May 2024 16:06:00 +0000
Subject: [PATCH 06/16] fix(table name): Changed repository pins database name

---
 models/repo/pin.go       | 2 +-
 models/repo/user_repo.go | 4 ++--
 routers/web/repo/view.go | 8 ++++----
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/models/repo/pin.go b/models/repo/pin.go
index 579a31125b1b9..8fd1144310203 100644
--- a/models/repo/pin.go
+++ b/models/repo/pin.go
@@ -20,7 +20,7 @@ type Pin struct {
 
 // TableName sets the table name for the pin struct
 func (s *Pin) TableName() string {
-	return "repo_pin"
+	return "repository_pin"
 }
 
 func init() {
diff --git a/models/repo/user_repo.go b/models/repo/user_repo.go
index 9af72da11d655..4b0e1f4e04cd8 100644
--- a/models/repo/user_repo.go
+++ b/models/repo/user_repo.go
@@ -62,7 +62,7 @@ type PinnedReposOptions struct {
 
 func (opts *PinnedReposOptions) ToConds() builder.Cond {
 	var cond builder.Cond = builder.Eq{
-		"repo_pin.uid": opts.PinnerID,
+		"repository_pin.uid": opts.PinnerID,
 	}
 	if opts.RepoOwnerID != 0 {
 		cond = cond.And(builder.Eq{
@@ -75,7 +75,7 @@ func (opts *PinnedReposOptions) ToConds() builder.Cond {
 func (opts *PinnedReposOptions) ToJoins() []db.JoinFunc {
 	return []db.JoinFunc{
 		func(e db.Engine) error {
-			e.Join("INNER", "repo_pin", "`repository`.id=`repo_pin`.repo_id")
+			e.Join("INNER", "repository_pin", "`repository`.id=`repository_pin`.repo_id")
 			return nil
 		},
 	}
diff --git a/routers/web/repo/view.go b/routers/web/repo/view.go
index 1e85f91d58e75..d5993a36c67d9 100644
--- a/routers/web/repo/view.go
+++ b/routers/web/repo/view.go
@@ -51,7 +51,7 @@ import (
 	"code.gitea.io/gitea/services/context"
 	issue_service "code.gitea.io/gitea/services/issue"
 	files_service "code.gitea.io/gitea/services/repository/files"
-	user_services "code.gitea.io/gitea/services/user"
+	user_service "code.gitea.io/gitea/services/user"
 
 	"github.com/nektos/act/pkg/model"
 
@@ -1180,13 +1180,13 @@ func Forks(ctx *context.Context) {
 
 func loadPinData(ctx *context.Context) error {
 	// First, cleanup any pins that are no longer valid
-	err := user_services.CleanupPins(ctx, ctx.Doer)
+	err := user_service.CleanupPins(ctx, ctx.Doer)
 	if err != nil {
 		return err
 	}
 
 	ctx.Data["IsPinningRepo"] = repo_model.IsPinned(ctx, ctx.Doer.ID, ctx.Repo.Repository.ID)
-	ctx.Data["CanPinRepo"] = user_services.CanPin(ctx, ctx.Doer, ctx.Repo.Repository)
+	ctx.Data["CanPinRepo"] = user_service.CanPin(ctx, ctx.Doer, ctx.Repo.Repository)
 
 	if ctx.Repo.Repository.Owner.IsOrganization() {
 		org := organization.OrgFromUser(ctx.Repo.Repository.Owner)
@@ -1199,7 +1199,7 @@ func loadPinData(ctx *context.Context) error {
 		if isAdmin {
 			ctx.Data["CanUserPinToOrg"] = true
 			ctx.Data["IsOrgPinningRepo"] = repo_model.IsPinned(ctx, ctx.Repo.Repository.OwnerID, ctx.Repo.Repository.ID)
-			ctx.Data["CanOrgPinRepo"] = user_services.CanPin(ctx, ctx.Repo.Repository.Owner, ctx.Repo.Repository)
+			ctx.Data["CanOrgPinRepo"] = user_service.CanPin(ctx, ctx.Repo.Repository.Owner, ctx.Repo.Repository)
 		}
 	}
 

From 088727770ea68abf29ea798db6942f04cc5a14bc Mon Sep 17 00:00:00 2001
From: Carlos Felgueiras <carlosfelgueiras@tecnico.ulisboa.pt>
Date: Wed, 15 May 2024 14:28:22 +0200
Subject: [PATCH 07/16] Update templates/repo/pin_unpin.tmpl

Co-authored-by: silverwind <me@silverwind.io>
---
 templates/repo/pin_unpin.tmpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/repo/pin_unpin.tmpl b/templates/repo/pin_unpin.tmpl
index f06f898fda338..095861d9b910c 100644
--- a/templates/repo/pin_unpin.tmpl
+++ b/templates/repo/pin_unpin.tmpl
@@ -12,7 +12,7 @@
 
 	{{if .CanUserPinToOrg}}
 	<div class="ui floating dropdown icon button">
-		<i class="dropdown icon"></i>
+		{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 		<div class="compact menu">
 			<form hx-boost="true" hx-target="this" method="post" action="{{$.RepoLink}}/action/{{if .IsOrgPinningRepo}}unpin{{else}}pin{{end}}-org">
 				<div class="ui labeled button item" {{if not $.IsSigned}}data-tooltip-content="{{ctx.Locale.Tr "repo.pin_guest_user"}}"{{end}}>

From c9d2f492b97504ca52fc11b93d115797c0f0a6aa Mon Sep 17 00:00:00 2001
From: Carlos Felgueiras <carlosfelgueiras@tecnico.ulisboa.pt>
Date: Wed, 15 May 2024 12:47:02 +0000
Subject: [PATCH 08/16] fix(pin): removed octicon-custom-pin-off and replaced
 the places that used it with the already present octicon-pin-slash

---
 public/assets/img/svg/octicon-custom-pin-off.svg | 1 -
 templates/repo/pin_unpin.tmpl                    | 4 ++--
 web_src/svg/octicon-custom-pin-off.svg           | 1 -
 3 files changed, 2 insertions(+), 4 deletions(-)
 delete mode 100644 public/assets/img/svg/octicon-custom-pin-off.svg
 delete mode 100644 web_src/svg/octicon-custom-pin-off.svg

diff --git a/public/assets/img/svg/octicon-custom-pin-off.svg b/public/assets/img/svg/octicon-custom-pin-off.svg
deleted file mode 100644
index 763953c2aca17..0000000000000
--- a/public/assets/img/svg/octicon-custom-pin-off.svg
+++ /dev/null
@@ -1 +0,0 @@
-<svg aria-hidden="true" viewBox="0 0 16 16" class="svg octicon-custom-pin-off" xmlns="http://www.w3.org/2000/svg" width="16" height="16"><path d="M14.779 13.721 11.061 10l2.205-2.204c.967-.968.5-2.623-.832-2.94l-.73-.174 2.645-2.625a.7.7 0 0 0-.986-.994L1.023 13.308a.7.7 0 0 0 .986.994l2.662-2.642.184.773c.317 1.332 1.972 1.799 2.94.832L10 11.061l3.719 3.719a.75.75 0 0 0 1.08.001.747.747 0 0 0-.02-1.06m-8.045-1.517a.25.25 0 0 1-.42-.121l-.396-1.661 4.532-4.498 1.634.389a.25.25 0 0 1 .12.42zm-2.2-4.677a1 1 0 0 0-.078-.082 3.6 3.6 0 0 0-1.262-.912L1.866 5.92a.252.252 0 0 1-.073-.404l3.722-3.722a.25.25 0 0 1 .405.072l.612 1.327c.27.585.409.881.875 1.293l.012.012q.01.008.019.018l.003-.003a.74.74 0 0 0 .496.197c.41 0 .742-.332.742-.742a.73.73 0 0 0-.147-.421l.007-.007c-.211-.294-.442-.538-.644-.975l-.613-1.327A1.75 1.75 0 0 0 4.456.734L.734 4.456a1.75 1.75 0 0 0 .504 2.826l1.327.613c.428.197.59.272.882.626a.742.742 0 0 0 1.269-.522.72.72 0 0 0-.139-.409"/></svg>
\ No newline at end of file
diff --git a/templates/repo/pin_unpin.tmpl b/templates/repo/pin_unpin.tmpl
index 095861d9b910c..80f1a353dc480 100644
--- a/templates/repo/pin_unpin.tmpl
+++ b/templates/repo/pin_unpin.tmpl
@@ -4,7 +4,7 @@
 			{{$buttonText := ctx.Locale.Tr "repo.pin"}}
 			{{if $.IsPinningRepo}}{{$buttonText = ctx.Locale.Tr "repo.unpin"}}{{end}}
 			<button type="submit" class="ui compact small basic button"{{if or (not $.IsSigned) (and (not $.IsPinningRepo) (not .CanPinRepo))}} disabled{{end}} aria-label="{{$buttonText}}">
-				{{if $.IsPinningRepo}}{{svg "octicon-custom-pin-off"}}{{else}}{{svg "octicon-pin"}}{{end}}
+				{{if $.IsPinningRepo}}{{svg "octicon-pin-slash"}}{{else}}{{svg "octicon-pin"}}{{end}}
 				<span class="not-mobile" aria-hidden="true">{{$buttonText}}</span>
 			</button>
 		</div>
@@ -19,7 +19,7 @@
 					{{$buttonText = ctx.Locale.Tr "repo.pin-org" .Owner.Name}}
 					{{if $.IsOrgPinningRepo}}{{$buttonText = ctx.Locale.Tr "repo.unpin-org" .Owner.Name}}{{end}}
 					<button type="submit" class="ui compact small basic button"{{if or (not $.IsSigned) (and (not $.IsOrgPinningRepo) (not .CanOrgPinRepo))}} disabled{{end}} aria-label="{{$buttonText}}">
-						{{if $.IsOrgPinningRepo}}{{svg "octicon-custom-pin-off"}}{{else}}{{svg "octicon-pin"}}{{end}}
+						{{if $.IsOrgPinningRepo}}{{svg "octicon-pin-slash"}}{{else}}{{svg "octicon-pin"}}{{end}}
 						<span class="not-mobile" aria-hidden="true">{{$buttonText}}</span>
 					</button>
 				</div>
diff --git a/web_src/svg/octicon-custom-pin-off.svg b/web_src/svg/octicon-custom-pin-off.svg
deleted file mode 100644
index a5e6fda34193a..0000000000000
--- a/web_src/svg/octicon-custom-pin-off.svg
+++ /dev/null
@@ -1 +0,0 @@
-<svg aria-hidden="true" viewBox="0 0 16 16" width="16" height="16"><path d="M14.779 13.721 11.061 10l2.205-2.204c.967-.968.5-2.623-.832-2.94l-.73-.174 2.645-2.625a.7.7 0 0 0-.986-.994L1.023 13.308a.7.7 0 0 0 .986.994l2.662-2.642.184.773c.317 1.332 1.972 1.799 2.94.832L10 11.061l3.719 3.719a.751.751 0 0 0 1.08.001.747.747 0 0 0-.02-1.06zm-8.045-1.517a.25.25 0 0 1-.42-.121l-.396-1.661 4.532-4.498 1.634.389a.25.25 0 0 1 .12.42l-5.47 5.471zM4.534 7.527a.86.86 0 0 0-.078-.082 3.634 3.634 0 0 0-1.262-.912L1.866 5.92a.252.252 0 0 1-.073-.404l3.722-3.722a.251.251 0 0 1 .405.072l.612 1.327c.27.585.409.881.875 1.293l.012.012c.007.005.012.012.019.018l.003-.003a.74.74 0 0 0 .496.197c.41 0 .742-.332.742-.742a.73.73 0 0 0-.147-.421l.007-.007c-.211-.294-.442-.538-.644-.975l-.613-1.327A1.75 1.75 0 0 0 4.456.734L.734 4.456a1.75 1.75 0 0 0 .504 2.826l1.327.613c.428.197.59.272.882.626a.742.742 0 0 0 1.269-.522.724.724 0 0 0-.139-.409"/></svg>
\ No newline at end of file

From dae3c8ab282f7bc50cfe10780ad91a14f8001ff1 Mon Sep 17 00:00:00 2001
From: Carlos Felgueiras <carlosfelgueiras@tecnico.ulisboa.pt>
Date: Wed, 15 May 2024 14:53:14 +0000
Subject: [PATCH 09/16] feat(pin): made the gap between pin card half the
 previous size

---
 templates/shared/pinned_repo_cards.tmpl | 2 +-
 web_src/css/user.css                    | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/templates/shared/pinned_repo_cards.tmpl b/templates/shared/pinned_repo_cards.tmpl
index d32a52a5e9d54..1ccee6cb63eec 100644
--- a/templates/shared/pinned_repo_cards.tmpl
+++ b/templates/shared/pinned_repo_cards.tmpl
@@ -1,6 +1,6 @@
 <div class="ui three stackable cards">
 	{{range .PinnedRepos}}
-		<div class="ui card">
+		<div class="ui card pin-repo-item">
 			<div class="content">
 				<div class="header">
 					<div class="flex-item tw-items-center">
diff --git a/web_src/css/user.css b/web_src/css/user.css
index af8a2f5adc66a..babd639ff15d2 100644
--- a/web_src/css/user.css
+++ b/web_src/css/user.css
@@ -138,3 +138,8 @@
 .notifications-item:hover .notifications-updated {
   display: none;
 }
+
+.pin-repo-item {
+  width: calc(33.33333333333333% - 1em) !important;
+  margin: 0.4375em 0.5em !important;
+}

From 21400623ec33facab29e8325e7a87a681484aed0 Mon Sep 17 00:00:00 2001
From: Daniel Carvalho <daniel.m.carvalho@tecnico.ulisboa.pt>
Date: Fri, 17 May 2024 15:38:26 +0000
Subject: [PATCH 10/16] fix(user pin service): converted max number of pins to
 a constant

---
 services/user/pin.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/services/user/pin.go b/services/user/pin.go
index 8f9c5f90a1f55..5a7567f6f7761 100644
--- a/services/user/pin.go
+++ b/services/user/pin.go
@@ -14,6 +14,8 @@ import (
 	"code.gitea.io/gitea/services/context"
 )
 
+const maxPins = 6
+
 // Check if a user have a new pinned repo in it's profile, meaning that it
 // has permissions to pin said repo and also has enough space on the pinned list.
 func CanPin(ctx *context.Context, u *user_model.User, r *repo_model.Repository) bool {
@@ -27,7 +29,8 @@ func CanPin(ctx *context.Context, u *user_model.User, r *repo_model.Repository)
 		ctx.ServerError("GetPinnedRepos", err)
 		return false
 	}
-	if len(repos) >= 6 {
+
+	if len(repos) >= maxPins {
 		return false
 	}
 

From b941b04269ff729a71517ee1ab1039fd9ab089e8 Mon Sep 17 00:00:00 2001
From: Daniel Carvalho <daniel.m.carvalho@tecnico.ulisboa.pt>
Date: Fri, 17 May 2024 16:08:20 +0000
Subject: [PATCH 11/16] fix(user pin service): fixed CanPin function to return
 an error

---
 routers/web/repo/view.go | 10 ++++++++--
 services/user/pin.go     | 14 +++++++++-----
 2 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/routers/web/repo/view.go b/routers/web/repo/view.go
index d5993a36c67d9..4e3a968d271f2 100644
--- a/routers/web/repo/view.go
+++ b/routers/web/repo/view.go
@@ -1186,7 +1186,10 @@ func loadPinData(ctx *context.Context) error {
 	}
 
 	ctx.Data["IsPinningRepo"] = repo_model.IsPinned(ctx, ctx.Doer.ID, ctx.Repo.Repository.ID)
-	ctx.Data["CanPinRepo"] = user_service.CanPin(ctx, ctx.Doer, ctx.Repo.Repository)
+	ctx.Data["CanPinRepo"], err = user_service.CanPin(ctx, ctx.Doer, ctx.Repo.Repository)
+	if err != nil {
+		return err
+	}
 
 	if ctx.Repo.Repository.Owner.IsOrganization() {
 		org := organization.OrgFromUser(ctx.Repo.Repository.Owner)
@@ -1199,7 +1202,10 @@ func loadPinData(ctx *context.Context) error {
 		if isAdmin {
 			ctx.Data["CanUserPinToOrg"] = true
 			ctx.Data["IsOrgPinningRepo"] = repo_model.IsPinned(ctx, ctx.Repo.Repository.OwnerID, ctx.Repo.Repository.ID)
-			ctx.Data["CanOrgPinRepo"] = user_service.CanPin(ctx, ctx.Repo.Repository.Owner, ctx.Repo.Repository)
+			ctx.Data["CanOrgPinRepo"], err = user_service.CanPin(ctx, ctx.Repo.Repository.Owner, ctx.Repo.Repository)
+			if err != nil {
+				return err
+			}
 		}
 	}
 
diff --git a/services/user/pin.go b/services/user/pin.go
index 5a7567f6f7761..3203c6f13a64b 100644
--- a/services/user/pin.go
+++ b/services/user/pin.go
@@ -18,7 +18,7 @@ const maxPins = 6
 
 // Check if a user have a new pinned repo in it's profile, meaning that it
 // has permissions to pin said repo and also has enough space on the pinned list.
-func CanPin(ctx *context.Context, u *user_model.User, r *repo_model.Repository) bool {
+func CanPin(ctx *context.Context, u *user_model.User, r *repo_model.Repository) (bool, error) {
 	repos, err := repo_model.GetPinnedRepos(*ctx, &repo_model.PinnedReposOptions{
 		ListOptions: db.ListOptions{
 			ListAll: true,
@@ -27,14 +27,14 @@ func CanPin(ctx *context.Context, u *user_model.User, r *repo_model.Repository)
 	})
 	if err != nil {
 		ctx.ServerError("GetPinnedRepos", err)
-		return false
+		return false, err
 	}
 
 	if len(repos) >= maxPins {
-		return false
+		return false, nil
 	}
 
-	return HasPermsToPin(ctx, u, r)
+	return HasPermsToPin(ctx, u, r), nil
 }
 
 // Checks if the user has permission to have the repo pinned in it's profile.
@@ -139,7 +139,11 @@ func PinRepo(ctx *context.Context, doer *user_model.User, repo *repo_model.Repos
 	}
 
 	if pin {
-		if !CanPin(ctx, targetUser, repo) {
+		canPin, err := CanPin(ctx, targetUser, repo)
+		if err != nil {
+			return err
+		}
+		if !canPin {
 			return errors.New("user cannot pin this repository")
 		}
 	}

From a019e443c445970b621fb1c854edd69f236cbc98 Mon Sep 17 00:00:00 2001
From: Daniel Carvalho <daniel.m.carvalho@tecnico.ulisboa.pt>
Date: Fri, 17 May 2024 16:14:04 +0000
Subject: [PATCH 12/16] fix(pin db): added a function to get the count of
 pinned repos

---
 models/repo/user_repo.go | 4 ++++
 services/user/pin.go     | 6 +++---
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/models/repo/user_repo.go b/models/repo/user_repo.go
index 4b0e1f4e04cd8..72149cdea875f 100644
--- a/models/repo/user_repo.go
+++ b/models/repo/user_repo.go
@@ -85,6 +85,10 @@ func GetPinnedRepos(ctx context.Context, opts *PinnedReposOptions) (RepositoryLi
 	return db.Find[Repository](ctx, opts)
 }
 
+func CountPinnedRepos(ctx context.Context, opts *PinnedReposOptions) (int64, error) {
+	return db.Count[Repository](ctx, opts)
+}
+
 type WatchedReposOptions struct {
 	db.ListOptions
 	WatcherID      int64
diff --git a/services/user/pin.go b/services/user/pin.go
index 3203c6f13a64b..6610f3bb8960b 100644
--- a/services/user/pin.go
+++ b/services/user/pin.go
@@ -19,18 +19,18 @@ const maxPins = 6
 // Check if a user have a new pinned repo in it's profile, meaning that it
 // has permissions to pin said repo and also has enough space on the pinned list.
 func CanPin(ctx *context.Context, u *user_model.User, r *repo_model.Repository) (bool, error) {
-	repos, err := repo_model.GetPinnedRepos(*ctx, &repo_model.PinnedReposOptions{
+	count, err := repo_model.CountPinnedRepos(*ctx, &repo_model.PinnedReposOptions{
 		ListOptions: db.ListOptions{
 			ListAll: true,
 		},
 		PinnerID: u.ID,
 	})
 	if err != nil {
-		ctx.ServerError("GetPinnedRepos", err)
+		ctx.ServerError("CountPinnedRepos", err)
 		return false, err
 	}
 
-	if len(repos) >= maxPins {
+	if count >= maxPins {
 		return false, nil
 	}
 

From 3704d233ebffdb49fc8260d90cb76bf7e4beb936 Mon Sep 17 00:00:00 2001
From: Daniel Carvalho <daniel.m.carvalho@tecnico.ulisboa.pt>
Date: Fri, 17 May 2024 16:22:54 +0000
Subject: [PATCH 13/16] fix(view): Added a missing return function

---
 routers/web/repo/view.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/routers/web/repo/view.go b/routers/web/repo/view.go
index 4e3a968d271f2..07a2fb08f2414 100644
--- a/routers/web/repo/view.go
+++ b/routers/web/repo/view.go
@@ -797,6 +797,7 @@ func Home(ctx *context.Context) {
 		err := loadPinData(ctx)
 		if err != nil {
 			ctx.ServerError("loadPinData", err)
+			return
 		}
 	}
 

From 805dbc7ed46acf6926f00c387aeaab83502bd90b Mon Sep 17 00:00:00 2001
From: Daniel Carvalho <daniel.m.carvalho@tecnico.ulisboa.pt>
Date: Fri, 17 May 2024 17:02:35 +0000
Subject: [PATCH 14/16] fix(transaction): changed the use of the transaction to
 WithTx instead of TxContext

---
 models/repo/pin.go | 50 +++++++++++++++++++++-------------------------
 1 file changed, 23 insertions(+), 27 deletions(-)

diff --git a/models/repo/pin.go b/models/repo/pin.go
index 8fd1144310203..b5280244cba56 100644
--- a/models/repo/pin.go
+++ b/models/repo/pin.go
@@ -33,33 +33,29 @@ func IsPinned(ctx context.Context, userID, repoID int64) bool {
 }
 
 func PinRepo(ctx context.Context, doer *user_model.User, repo *Repository, pin bool) error {
-	ctx, commiter, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-
-	defer commiter.Close()
-	pinned := IsPinned(ctx, doer.ID, repo.ID)
-
-	if pin {
-		// Already pinned, nothing to do
-		if pinned {
-			return nil
-		}
-
-		if err = db.Insert(ctx, &Pin{UID: doer.ID, RepoID: repo.ID}); err != nil {
-			return err
-		}
-	} else {
-		// Not pinned, nothing to do
-		if !pinned {
-			return nil
-		}
-
-		if _, err = db.DeleteByBean(ctx, &Pin{UID: doer.ID, RepoID: repo.ID}); err != nil {
-			return err
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		pinned := IsPinned(ctx, doer.ID, repo.ID)
+
+		if pin {
+			// Already pinned, nothing to do
+			if pinned {
+				return nil
+			}
+
+			if err := db.Insert(ctx, &Pin{UID: doer.ID, RepoID: repo.ID}); err != nil {
+				return err
+			}
+		} else {
+			// Not pinned, nothing to do
+			if !pinned {
+				return nil
+			}
+
+			if _, err := db.DeleteByBean(ctx, &Pin{UID: doer.ID, RepoID: repo.ID}); err != nil {
+				return err
+			}
 		}
-	}
 
-	return commiter.Commit()
+		return nil
+	})
 }

From 859b1ce33fe539294ffc8d70c6a0e9c72587dedd Mon Sep 17 00:00:00 2001
From: Carlos Felgueiras <carlosfelgueiras@tecnico.ulisboa.pt>
Date: Tue, 28 May 2024 10:23:56 +0000
Subject: [PATCH 15/16] refactor(pin): changed method used to check if pin
 exists from Get to Exist

---
 models/repo/pin.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/models/repo/pin.go b/models/repo/pin.go
index b5280244cba56..fb892b1959771 100644
--- a/models/repo/pin.go
+++ b/models/repo/pin.go
@@ -28,7 +28,8 @@ func init() {
 }
 
 func IsPinned(ctx context.Context, userID, repoID int64) bool {
-	exists, _ := db.GetEngine(ctx).Get(&Pin{UID: userID, RepoID: repoID})
+	exists, _ := db.GetEngine(ctx).Exist(&Pin{UID: userID, RepoID: repoID})
+
 	return exists
 }
 

From 764b08b850bebbaae28773709c5c0f9615708c2e Mon Sep 17 00:00:00 2001
From: Carlos Felgueiras <carlosfelgueiras@tecnico.ulisboa.pt>
Date: Tue, 28 May 2024 10:35:41 +0000
Subject: [PATCH 16/16] fix(pin): pins not being deleted when user gets deleted

---
 services/user/delete.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/services/user/delete.go b/services/user/delete.go
index 39c6ef052dca7..3bc92c3d9aebf 100644
--- a/services/user/delete.go
+++ b/services/user/delete.go
@@ -95,6 +95,7 @@ func deleteUser(ctx context.Context, u *user_model.User, purge bool) (err error)
 		&user_model.Blocking{BlockerID: u.ID},
 		&user_model.Blocking{BlockeeID: u.ID},
 		&actions_model.ActionRunnerToken{OwnerID: u.ID},
+		&repo_model.Pin{UID: u.ID},
 	); err != nil {
 		return fmt.Errorf("deleteBeans: %w", err)
 	}