summaryrefslogtreecommitdiffstats
path: root/devel
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2013-02-03 22:08:21 +0100
committerDan McGee <dan@archlinux.org>2013-02-03 22:08:21 +0100
commit508d06af810c787b2644331444279407ccfa27af (patch)
tree377e89db9c82a7ec66f49d0270b589b39c5bcfa8 /devel
parentd63a800348f81823f157ec9ed03f9985308c3ea3 (diff)
downloadarchweb-508d06af810c787b2644331444279407ccfa27af.tar.gz
archweb-508d06af810c787b2644331444279407ccfa27af.tar.xz
Use DeveloperKey model on package page and reports
This introduces the new model to the package page so subkey signings show up as attributed to the original developer. We also teach the mismatched signatures report to recognize all keys and subkeys of a given developer, cutting down on some of the bogus results. Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'devel')
-rw-r--r--devel/views.py33
1 files changed, 23 insertions, 10 deletions
diff --git a/devel/views.py b/devel/views.py
index 9083984..ff1dec1 100644
--- a/devel/views.py
+++ b/devel/views.py
@@ -20,6 +20,7 @@ from django.utils.http import http_date
from django.utils.timezone import now
from .forms import ProfileForm, UserProfileForm, NewUserForm
+from .models import DeveloperKey
from main.models import Package, PackageFile
from main.models import Arch, Repo
from news.models import News
@@ -27,7 +28,7 @@ from packages.models import PackageRelation, Signoff, FlagRequest, Depend
from packages.utils import get_signoff_groups
from todolists.models import TodolistPackage
from todolists.utils import get_annotated_todolists
-from .utils import get_annotated_maintainers, UserFinder
+from .utils import get_annotated_maintainers
@login_required
@@ -262,18 +263,30 @@ def report(request, report_name, username=None):
names = [ 'Signature Date', 'Signed By', 'Packager' ]
attrs = [ 'sig_date', 'sig_by', 'packager' ]
cutoff = timedelta(hours=24)
- finder = UserFinder()
filtered = []
- packages = packages.filter(pgp_signature__isnull=False)
+ packages = packages.select_related(
+ 'arch', 'repo', 'packager').filter(pgp_signature__isnull=False)
+ known_keys = DeveloperKey.objects.select_related(
+ 'owner').filter(owner__isnull=False)
+ known_keys = {dk.key: dk for dk in known_keys}
for package in packages:
- sig_date = package.signature.creation_time.replace(tzinfo=pytz.utc)
+ bad = False
+ sig = package.signature
+ sig_date = sig.creation_time.replace(tzinfo=pytz.utc)
package.sig_date = sig_date.date()
- key_id = package.signature.key_id
- signer = finder.find_by_pgp_key(key_id)
- package.sig_by = signer or key_id
- if signer is None or signer.id != package.packager_id:
- filtered.append(package)
- elif sig_date > package.build_date + cutoff:
+ dev_key = known_keys.get(sig.key_id, None)
+ if dev_key:
+ package.sig_by = dev_key.owner
+ if dev_key.owner_id != package.packager_id:
+ bad = True
+ else:
+ package.sig_by = sig.key_id
+ bad = True
+
+ if sig_date > package.build_date + cutoff:
+ bad = True
+
+ if bad:
filtered.append(package)
packages = filtered
else: