diff options
author | Dan McGee <dan@archlinux.org> | 2013-02-03 22:08:21 +0100 |
---|---|---|
committer | Dan McGee <dan@archlinux.org> | 2013-02-03 22:08:21 +0100 |
commit | 508d06af810c787b2644331444279407ccfa27af (patch) | |
tree | 377e89db9c82a7ec66f49d0270b589b39c5bcfa8 /devel | |
parent | d63a800348f81823f157ec9ed03f9985308c3ea3 (diff) | |
download | archweb-508d06af810c787b2644331444279407ccfa27af.tar.gz archweb-508d06af810c787b2644331444279407ccfa27af.tar.xz |
Use DeveloperKey model on package page and reports
This introduces the new model to the package page so subkey signings
show up as attributed to the original developer. We also teach the
mismatched signatures report to recognize all keys and subkeys of a
given developer, cutting down on some of the bogus results.
Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'devel')
-rw-r--r-- | devel/views.py | 33 |
1 files changed, 23 insertions, 10 deletions
diff --git a/devel/views.py b/devel/views.py index 9083984..ff1dec1 100644 --- a/devel/views.py +++ b/devel/views.py @@ -20,6 +20,7 @@ from django.utils.http import http_date from django.utils.timezone import now from .forms import ProfileForm, UserProfileForm, NewUserForm +from .models import DeveloperKey from main.models import Package, PackageFile from main.models import Arch, Repo from news.models import News @@ -27,7 +28,7 @@ from packages.models import PackageRelation, Signoff, FlagRequest, Depend from packages.utils import get_signoff_groups from todolists.models import TodolistPackage from todolists.utils import get_annotated_todolists -from .utils import get_annotated_maintainers, UserFinder +from .utils import get_annotated_maintainers @login_required @@ -262,18 +263,30 @@ def report(request, report_name, username=None): names = [ 'Signature Date', 'Signed By', 'Packager' ] attrs = [ 'sig_date', 'sig_by', 'packager' ] cutoff = timedelta(hours=24) - finder = UserFinder() filtered = [] - packages = packages.filter(pgp_signature__isnull=False) + packages = packages.select_related( + 'arch', 'repo', 'packager').filter(pgp_signature__isnull=False) + known_keys = DeveloperKey.objects.select_related( + 'owner').filter(owner__isnull=False) + known_keys = {dk.key: dk for dk in known_keys} for package in packages: - sig_date = package.signature.creation_time.replace(tzinfo=pytz.utc) + bad = False + sig = package.signature + sig_date = sig.creation_time.replace(tzinfo=pytz.utc) package.sig_date = sig_date.date() - key_id = package.signature.key_id - signer = finder.find_by_pgp_key(key_id) - package.sig_by = signer or key_id - if signer is None or signer.id != package.packager_id: - filtered.append(package) - elif sig_date > package.build_date + cutoff: + dev_key = known_keys.get(sig.key_id, None) + if dev_key: + package.sig_by = dev_key.owner + if dev_key.owner_id != package.packager_id: + bad = True + else: + package.sig_by = sig.key_id + bad = True + + if sig_date > package.build_date + cutoff: + bad = True + + if bad: filtered.append(package) packages = filtered else: |