summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2013-02-03 22:08:21 +0100
committerDan McGee <dan@archlinux.org>2013-02-03 22:08:21 +0100
commit508d06af810c787b2644331444279407ccfa27af (patch)
tree377e89db9c82a7ec66f49d0270b589b39c5bcfa8
parentd63a800348f81823f157ec9ed03f9985308c3ea3 (diff)
downloadarchweb-508d06af810c787b2644331444279407ccfa27af.tar.gz
archweb-508d06af810c787b2644331444279407ccfa27af.tar.xz
Use DeveloperKey model on package page and reports
This introduces the new model to the package page so subkey signings show up as attributed to the original developer. We also teach the mismatched signatures report to recognize all keys and subkeys of a given developer, cutting down on some of the bogus results. Signed-off-by: Dan McGee <dan@archlinux.org>
-rw-r--r--devel/views.py33
-rw-r--r--main/models.py6
2 files changed, 27 insertions, 12 deletions
diff --git a/devel/views.py b/devel/views.py
index 9083984..ff1dec1 100644
--- a/devel/views.py
+++ b/devel/views.py
@@ -20,6 +20,7 @@ from django.utils.http import http_date
from django.utils.timezone import now
from .forms import ProfileForm, UserProfileForm, NewUserForm
+from .models import DeveloperKey
from main.models import Package, PackageFile
from main.models import Arch, Repo
from news.models import News
@@ -27,7 +28,7 @@ from packages.models import PackageRelation, Signoff, FlagRequest, Depend
from packages.utils import get_signoff_groups
from todolists.models import TodolistPackage
from todolists.utils import get_annotated_todolists
-from .utils import get_annotated_maintainers, UserFinder
+from .utils import get_annotated_maintainers
@login_required
@@ -262,18 +263,30 @@ def report(request, report_name, username=None):
names = [ 'Signature Date', 'Signed By', 'Packager' ]
attrs = [ 'sig_date', 'sig_by', 'packager' ]
cutoff = timedelta(hours=24)
- finder = UserFinder()
filtered = []
- packages = packages.filter(pgp_signature__isnull=False)
+ packages = packages.select_related(
+ 'arch', 'repo', 'packager').filter(pgp_signature__isnull=False)
+ known_keys = DeveloperKey.objects.select_related(
+ 'owner').filter(owner__isnull=False)
+ known_keys = {dk.key: dk for dk in known_keys}
for package in packages:
- sig_date = package.signature.creation_time.replace(tzinfo=pytz.utc)
+ bad = False
+ sig = package.signature
+ sig_date = sig.creation_time.replace(tzinfo=pytz.utc)
package.sig_date = sig_date.date()
- key_id = package.signature.key_id
- signer = finder.find_by_pgp_key(key_id)
- package.sig_by = signer or key_id
- if signer is None or signer.id != package.packager_id:
- filtered.append(package)
- elif sig_date > package.build_date + cutoff:
+ dev_key = known_keys.get(sig.key_id, None)
+ if dev_key:
+ package.sig_by = dev_key.owner
+ if dev_key.owner_id != package.packager_id:
+ bad = True
+ else:
+ package.sig_by = sig.key_id
+ bad = True
+
+ if sig_date > package.build_date + cutoff:
+ bad = True
+
+ if bad:
filtered.append(package)
packages = filtered
else:
diff --git a/main/models.py b/main/models.py
index 40466d6..53a24ff 100644
--- a/main/models.py
+++ b/main/models.py
@@ -11,6 +11,7 @@ from django.utils.timezone import now
from .fields import PositiveBigIntegerField
from .utils import cache_function, set_created_field
+from devel.models import DeveloperKey
from packages.alpm import AlpmAPI
@@ -153,8 +154,9 @@ class Package(models.Model):
sig = self.signature
if sig and sig.key_id:
try:
- user = User.objects.get(
- userprofile__pgp_key__endswith=sig.key_id)
+ matching_key = DeveloperKey.objects.select_related(
+ 'owner').get(key=sig.key_id, owner_id__isnull=False)
+ user = matching_key.owner
except User.DoesNotExist:
user = None
return user