diff options
author | Dan McGee <dan@archlinux.org> | 2013-02-03 22:08:21 +0100 |
---|---|---|
committer | Dan McGee <dan@archlinux.org> | 2013-02-03 22:08:21 +0100 |
commit | 508d06af810c787b2644331444279407ccfa27af (patch) | |
tree | 377e89db9c82a7ec66f49d0270b589b39c5bcfa8 | |
parent | d63a800348f81823f157ec9ed03f9985308c3ea3 (diff) | |
download | archweb-508d06af810c787b2644331444279407ccfa27af.tar.gz archweb-508d06af810c787b2644331444279407ccfa27af.tar.xz |
Use DeveloperKey model on package page and reports
This introduces the new model to the package page so subkey signings
show up as attributed to the original developer. We also teach the
mismatched signatures report to recognize all keys and subkeys of a
given developer, cutting down on some of the bogus results.
Signed-off-by: Dan McGee <dan@archlinux.org>
-rw-r--r-- | devel/views.py | 33 | ||||
-rw-r--r-- | main/models.py | 6 |
2 files changed, 27 insertions, 12 deletions
diff --git a/devel/views.py b/devel/views.py index 9083984..ff1dec1 100644 --- a/devel/views.py +++ b/devel/views.py @@ -20,6 +20,7 @@ from django.utils.http import http_date from django.utils.timezone import now from .forms import ProfileForm, UserProfileForm, NewUserForm +from .models import DeveloperKey from main.models import Package, PackageFile from main.models import Arch, Repo from news.models import News @@ -27,7 +28,7 @@ from packages.models import PackageRelation, Signoff, FlagRequest, Depend from packages.utils import get_signoff_groups from todolists.models import TodolistPackage from todolists.utils import get_annotated_todolists -from .utils import get_annotated_maintainers, UserFinder +from .utils import get_annotated_maintainers @login_required @@ -262,18 +263,30 @@ def report(request, report_name, username=None): names = [ 'Signature Date', 'Signed By', 'Packager' ] attrs = [ 'sig_date', 'sig_by', 'packager' ] cutoff = timedelta(hours=24) - finder = UserFinder() filtered = [] - packages = packages.filter(pgp_signature__isnull=False) + packages = packages.select_related( + 'arch', 'repo', 'packager').filter(pgp_signature__isnull=False) + known_keys = DeveloperKey.objects.select_related( + 'owner').filter(owner__isnull=False) + known_keys = {dk.key: dk for dk in known_keys} for package in packages: - sig_date = package.signature.creation_time.replace(tzinfo=pytz.utc) + bad = False + sig = package.signature + sig_date = sig.creation_time.replace(tzinfo=pytz.utc) package.sig_date = sig_date.date() - key_id = package.signature.key_id - signer = finder.find_by_pgp_key(key_id) - package.sig_by = signer or key_id - if signer is None or signer.id != package.packager_id: - filtered.append(package) - elif sig_date > package.build_date + cutoff: + dev_key = known_keys.get(sig.key_id, None) + if dev_key: + package.sig_by = dev_key.owner + if dev_key.owner_id != package.packager_id: + bad = True + else: + package.sig_by = sig.key_id + bad = True + + if sig_date > package.build_date + cutoff: + bad = True + + if bad: filtered.append(package) packages = filtered else: diff --git a/main/models.py b/main/models.py index 40466d6..53a24ff 100644 --- a/main/models.py +++ b/main/models.py @@ -11,6 +11,7 @@ from django.utils.timezone import now from .fields import PositiveBigIntegerField from .utils import cache_function, set_created_field +from devel.models import DeveloperKey from packages.alpm import AlpmAPI @@ -153,8 +154,9 @@ class Package(models.Model): sig = self.signature if sig and sig.key_id: try: - user = User.objects.get( - userprofile__pgp_key__endswith=sig.key_id) + matching_key = DeveloperKey.objects.select_related( + 'owner').get(key=sig.key_id, owner_id__isnull=False) + user = matching_key.owner except User.DoesNotExist: user = None return user |