Age | Commit message (Collapse) | Author | Files | Lines |
|
Add a missing space to the SQL statement performing the disown
operation.
Fixes FS#55068.
Note that the broken query was not discovered by the test suite since
SQLite parses "?AND" inside prepared statements gracefully while MySQL
does not.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Since commit c5302d3 (Require TUs to explicitly request to overwrite a
pkgbase, 2017-07-24), non-fast-forward pushes are denied even for
Trusted Users, unless the AUR_OVERWRITE environment variable is set.
Mark the test case performing a non-fast-forward push from a TU
account as test_must_fail and add another test case performing the
same operation with AUR_OVERWRITE=1.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Add installation instructions for python-bleach and python-markdown
which are required for the rendercomment script.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
In addition to the packages list and the package base list, also create
a list of registered user names.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
When removing an account, remove the user from all last packager fields
before deletion to make sure that no package bases are deleted, even if
propagation constraints are missing.
Fixes FS#53956.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
AUR_PRIVILEGED allows people with privileged AUR accounts to evade the
block on non-fast-forward commits. While valid in this case, we should
not do so by default, since in at least one case a TU did this without
realizing there was an existing package.
( https://aur.archlinux.org/packages/rtmidi/ )
Switch to using allow_overwrite to check for destructive actions.
Use .ssh/config "SendEnv" on the TU's side and and sshd_config
"AcceptEnv" in the AUR server to specifically request overwrite access.
TUs should use: `AUR_OVERWRITE=1 git push --force`
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
This was broken in commit 8914a41db938194efc021f842c89d47ff6b522c9 which
refactored the argument parsing. Instead of checking for at least the
set-keywords command and a pkgbase name, we were checking for *exactly*
the command and pkgbase name, leaving no room for keywords...
As a result, while we could clear the keywords, we could not set them.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
PackageBases.FlaggerComment and PackageComments.RenderedComment cannot
be NULL and would cause problems in the output file for sqlite users.
This patch adds empty strings ("") as values for these fields.
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
This allows for adding Terms of Service documents to the database that
registered users need to accept before using the AUR. A revision field
can be used to indicate whether a document was updated. If it is
increased, all users are again asked to accept the new terms.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Instead of calling check_sid() from every single PHP script representing
a web page, add the call to aur.inc.php which is sourced by all of them.
Also, remove set_lang() calls from the scripts since these are also
already included in aur.inc.php.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Since commit 09cb61a (schema: Remove invalid default values for TEXT
columns, 2017-04-15), the PackageRequests.Comments and
PackageRequests.ClosureComment fields no longer have a default value.
Initialize these fields explicitly whenever a new row is added to the
PackageRequests table.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Since commit 09cb61a (schema: Remove invalid default values for TEXT
columns, 2017-04-15), the PackageBases.FlaggerComment field no longer
has a default value. Initialize this field explicitly whenever a new row
is added to the PackageBases table.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
In commit 4abde89 (Use JavaScript to collapse long comments,
2017-04-19), support for collapsing/expanding long comments was added.
This was broken by the recent Markdown support since comments no longer
live inside a single HTML paragraph. Fix this by wrapping each comment
in another div container.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
With the new Markdown support, text paragraphs are now properly
converted to HTML paragraphs, so we no longer need to keep line breaks.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Automatically detect Git commit identifiers, shorten them, and make them
link to the cgit interface.
Implements FS#43290.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Before switching to the new comment rendering script and Markdown, no
special syntax was needed to make URLs clickable. Reintroduce this
feature and automatically detect links in addition to the hyperlink
syntax already supported by Markdown.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Support Markdown syntax in package comments. Among other things, this
makes it easier to paste command line output and patches.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Instead of converting package comments from plain text to HTML code when
they are displayed, do the conversion when the comment is posted and
store the rendered result in the database. The conversion itself is done
by a Python script which uses Bleach for sanitizing the text.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Instead of using CSS to limit the height of package comments as
implemented in 7b13203 (Limit comment height to 15 lines, 2016-03-12),
use JavaScript to collapse long comments and add a link to expand them.
Clicking the same link twice results in the corresponding comment being
collapsed again.
If JavaScript is disabled, the full comments are shown (without any
possibility to collapse or expand).
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Split optional dependency descriptions from dependency names before
storing them in the database and use a separate column to store the
descriptions.
This allows us to simplify and optimize the SQL queries in
pkg_dependencies() as well as pkg_required().
Suggested-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Make sure that the get_extended_fields() invocation succeeded before
merging regular and extended fields in process_query().
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Instead of unconditionally calling fetch on the return value of query(),
error out early if the value evaluates to false.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Instead of unconditionally calling fetch on the return value of query(),
error out early if the value evaluates to false. Also, make sure that
the results array is always initialized, even if the result set is
empty.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Instead of unconditionally calling fetch on the return value of query(),
error out early if the value evaluates to false.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
>From the mysql 5.7 breaking change page:
Columns in a PRIMARY KEY must be NOT NULL, but if declared explicitly as
NULL produced no error. Now an error occurs. For example, a statement
such as CREATE TABLE t (i INT NULL PRIMARY KEY) is rejected. The same
occurs for similar ALTER TABLE statements. (Bug #13995622, Bug #66987,
Bug #15967545, Bug #16545198)
References:
http://stackoverflow.com/a/22314073
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
When running in strict mode, mysql throws an error upon encountering
these definitions since they are not supported.
References:
https://dev.mysql.com/doc/refman/5.7/en/data-type-defaults.html
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Add instructions to test aurweb's web interface via the PHP built-in web
server.
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Reject commits containing .SRCINFO files without any pkgname entries.
Suggested-by: Bruno Pagani <bruno.n.pagani@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Instead of making all tests fail, error out during initialization if the
SQLite schema has not been generated.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Sqlite3 does not support the MD5 function like MySQL does, instead of the
database program hash the passwords, have Python's hashlib module do it
instead.
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Allow for automatically converting the schema into a schema that works
with SQLite by running `make` from the schema/ subdirectory. Use the new
Makefile in the test suite.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Modify the schema such that it only creates the necessary tables,
indices and predefined data. This makes it easier to import the schema
into a database with a name other than "AUR".
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Do not trigger a PHP warning if there are no votes to be added or
removed.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Only show the comment paragraph if the package base is actually flagged
out-of-date.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
The variable $action is always undefined in pkgbase_delete() which makes
the if-statement always true and triggers a warning whenever a package
base is removed.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
In commit e171f6f (Migrate all DB code to use PDO, 2012-08-08),
PDOStatement::fetchAll() was introduced as a drop-in replacement for
mysql_fetch_array(). However, PDOStatement::fetchAll() returns a list of
all results while mysql_fetch_array() returns a single result only.
Instead of adding the missing indirection, simplify the code by using
PDO::fetchColumn().
Also add some safeguards to prevent warnings if the result set returned
by the query is empty.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|