summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2021-05-11Use the clipboard API for copy pasteorigin/puJelle van der Waa2-14/+6
The Document.execCommand API is deprecated and no longer recommended to be used. It's replacement is the much simpler navigator.clipboard API which is supported in all browsers except internet explorer. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
2021-05-07Add error color when package is orphanedMarcus Andersson1-1/+1
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
2021-05-02dos2unix a file with Windows linebreaks that editors and human reviewers hateEli Schwartz1-1542/+1542
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
2021-05-02aurweb: Globalize a Translator instance, add more utilityKevin Morris6-123/+240
+ Added SUPPORTED_LANGUAGES, a global constant dictionary of language => display pairs for languages we support. + Add Translator.get_translator, a function used to retrieve a translator after initializing it (if needed). Use `fallback=True` while creating languages, in case we setup a language that we don't have a translation for, it will noop the translation. This is particularly useful for "en," since we do not translate it, but doing this will allow us to go through our normal translation flow in any case. + Added typing. + Added get_request_language, a function that grabs the language for a request session, defaulting to aurweb.config [options] default_lang. + Added get_raw_translator_for_request, a function that retrieves the concrete translation object for a given language. + Added tr, a jinja2 contextfilter that can be used to inline translate strings in jinja2 templates. + Added `python-jinja` dep to .gitlab-ci.yml. This needs to be included in documentation before this set is merged in. + Introduce pytest units (test_l10n.py) in `test` along with __init__.py, which marks `test` as a test package. + Additionally, fix up notify.py to use the global translator. Also reduce its source width to <= 80 by newlining some code. + Additionally, prepare locale in .gitlab-ci.yml and add aurweb.config [options] localedir to config.dev with YOUR_AUR_ROOT like others. Signed-off-by: Kevin Morris <kevr@0cost.org> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-04-30Filter out current username from co-maintainers list.Leonidas Spyropoulos1-3/+7
Closes: #8 Signed-off-by: Leonidas Spyropoulos <artafinde@gmail.com> Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
2021-04-29add https://EditorConfig.org setup to ensure consistent styleEli Schwartz1-0/+13
Mostly here to make sure people continue to use tabbed indents for php and the TAP tests, since that is what they are currently using. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
2021-04-27git update hook: gracefully error on completely broken .SRCINFOEli Schwartz1-1/+5
I've seen this happen a bunch of times now. Someone cannot push to the AUR, and the error report is some traceback with a KeyError which is difficult to understand without context: remote: Traceback (most recent call last): remote: File "/srv/http/aurweb/aur.git/hooks/update", line 33, in <module> remote: sys.exit(load_entry_point('aurweb==5.0.0', 'console_scripts', 'aurweb-git-update')()) remote: File "/usr/lib/python3.9/site-packages/aurweb-5.0.0-py3.9.egg/aurweb/git/update.py", line 306, in main remote: KeyError: 'pkgbase' Eventually it turns out that their .SRCINFO file is... badly corrupted. Generally, they managed to accidentally commit an *empty* file instead of a .SRCINFO, and in all cases, the problem was on the very first lookup for 'pkgbase'. Point people to the actual failing commit, and have a nicely formatted message indicating that the .SRCINFO is completely invalid. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
2021-03-30Resolve SQL Error when deleting an accountJelle van der Waa1-1/+1
The account deletion code tries to remove user from PackageNotifications using the wrong column UsersID to identify the user by id. In the PackagePackageNotifications table the foreign key is called UserID. In the future ideally this would be unified into UserID for all tables. Closes: #12 Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20add DockerfileKevin Morris1-0/+30
This docker file downloads deps, sets up some things beforehand and finishes with running our entire collection of tests. Signed-off-by: Kevin Morris <kevr@0cost.org> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20update documentation for FastAPI tests and deps.Kevin Morris4-7/+68
Additionally, we now ask for two more favors from contributors: 1. All source modified or added within a patchset **must** maintain equivalent or increased coverage by providing tests that use the functionality. 2. Please keep your source within an 80 column width. PS: Sneak a few test Makefile and gitlab fixes. Signed-off-by: Kevin Morris <kevr@0cost.org>
2021-02-20install aurweb package & init db on GitLab CIKevin Morris1-0/+3
Signed-off-by: Kevin Morris <kevr@0cost.org>
2021-02-20add test_popupdate.pyKevin Morris3-1/+8
We had no coverage over aurweb.scripts.popupdate. This test covers all of its functionality. Signed-off-by: Kevin Morris <kevr@0cost.org>
2021-02-20add test_exceptions.pyKevin Morris1-0/+102
This helps gain coverage over aurweb.exceptions regardless of their actual use in the testing base. Signed-off-by: Kevin Morris <kevr@0cost.org>
2021-02-20Makefile: run pytest unitsKevin Morris14-145/+175
Important note: Python tests will repeatedly clear out tables that they test against; for this reason, one should always run the shell tests first. The __init__.py file is necessary for coverage to collect data from the tests being run. At this point in FastAPI development, I'd like to encourage a few things going forward: 1. Any time you contribute to the FastAPI codebase, you **must** maintain equal or increased coverage on the overall source. Developers are highly appreciated for adding tests in your specific domain of addition or modification that may be missing coverage. Our goal is 100% coverage, and all newly added files **must** have 100% coverage through tests. 2. All source should be formatted with the autopep8 tool and kept within an 80 column width, with the exception of HTML templates. Signed-off-by: Kevin Morris <kevr@0cost.org>
2021-02-20add .coveragerc, update .gitignoreKevin Morris2-0/+15
Now, .coveragerc enforces a minimum overall 82% coverage, as is the current standing. Providing less than 100% coverage for added code should reduce the overall coverage and eventually reach 81% or below, causing coverage report to fail on execution. Developers should increase the failure minimum as they increase coverage across the uncovered code. Signed-off-by: Kevin Morris <kevr@0cost.org>
2021-02-20swap uvicorn out for hypercornKevin Morris3-5/+5
Signed-off-by: Kevin Morris <kevr@0cost.org> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Use jsDelivr instead of Google CDN for jqueryFelix Yan4-4/+4
jsdelivr is another free CDN service for open source projects. The main motivation for this change is that it is the only one that works fairly well across the globe. The Google CDN service is known to be hardly accessible in mainland China, unfortunately. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Fetch Transifex image from https://www.transifex.comLukas Fleischer1-1/+1
Fixes GitLab issue #3. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20.gitignore: add test/trash directory*Lukas Fleischer1-0/+1
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20RSS: Decrease cache time and increase item countJustin Kromlinger1-2/+2
I think after 10-15 years we might want to adjust those values. With a 30min cache and 20 items per creation I would bet some new AUR packages might be swept under the carpet. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20RSS: Always provide a GUIDJustin Kromlinger1-0/+1
https://validator.w3.org/feed/docs/warning/MissingGuid.html Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20RSS: Make sure image title matches channel titleJustin Kromlinger1-1/+1
https://validator.w3.org/feed/docs/warning/ImageTitleDoesntMatch.html Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20RSS: Set proper content type headerJustin Kromlinger1-0/+2
https://validator.w3.org/feed/docs/warning/UnexpectedContentType.html Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20RSS: Add atom self linkJustin Kromlinger1-1/+2
https://validator.w3.org/feed/docs/warning/MissingAtomSelfLink.html Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Fix WHERE clause for keyword search queries with empty keywordsJakub Klinkovský1-5/+5
When the keyword parameter is empty, the AND clause has to be omitted, otherwise we get an SQL syntax error: ... WHERE PackageBases.PackagerUID IS NOT NULL AND () ... This got broken in commit 9e30013aa4fc6ce3a3c9f6f83a6fe789c1fc2456 Author: Kevin Morris <kevr.gtalk@gmail.com> Date: Sun Jul 5 18:19:06 2020 -0700 Support conjunctive keyword search in RPC interface Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20gendummydata.py: optimize iteration for big numbers of pkgsJakub Klinkovský1-4/+7
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20gendummydata.py: set MAX_USERS and MAX_PKGS to more realistic valuesJakub Klinkovský1-3/+3
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20gendummydata.py: set exit code to 1 when there is an errorJakub Klinkovský1-3/+3
Of course the default exit code is 0... Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20gendummydata.py: remove unused database connection variablesJakub Klinkovský1-4/+0
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20doc: simplify database setup instructions in TESTINGFilipe Laíns1-3/+3
Signed-off-by: Filipe Laíns <lains@archlinux.org> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20doc: add missing gendummydata.py dependencies in TESTINGFilipe Laíns1-1/+2
Signed-off-by: Filipe Laíns <lains@archlinux.org> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20doc: fix AUR_CONFIG in TESTINGFilipe Laíns1-2/+2
Signed-off-by: Filipe Laíns <lains@archlinux.org> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20spawn: expand AUR_CONFIG to the full pathFilipe Laíns1-0/+4
This allows using a relative path for the config. PHP didn't play well with it. Signed-off-by: Filipe Laíns <lains@archlinux.org> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Redirect to referer after SSO loginFrédéric Mangano-Tarumi2-12/+29
Introduce a `redirect` query argument to SSO login endpoints so that users are redirected to the page they were originally on when they clicked the Login link. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Remove the per-user session limitFrédéric Mangano-Tarumi3-17/+1
This feature was originally introduced by f961ffd9c7f2d3d51d3e3b060990a4fef9e56c1b as a fix for FS#12898 <https://bugs.archlinux.org/task/12898>. As of today, it is broken because of the `q.SessionID IS NULL` condition in the WHERE clause, which can’t be true because SessionID is not nullable. As a consequence, the session limit was not applied. The fact the absence of the session limit hasn’t caused any issue so far, and hadn’t even been noticed, suggests the feature is unneeded. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Guard OAuth exceptions to provide better messagesFrédéric Mangano-Tarumi1-3/+13
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20HTML error pages for FastAPIFrédéric Mangano-Tarumi1-1/+15
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Update last login information on SSO loginFrédéric Mangano-Tarumi1-1/+7
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Stop redirecting stderr with proc_openFrédéric Mangano-Tarumi2-4/+0
Error outputs were piped to a temporary buffer that wasn’t read by anyone, making debugging hard because errors were completely silenced. By not explicitly redirecting stderr on proc_open, the subprocess inherits its parent stderr. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20aurweb.spawn: Support stdout redirections to non-ttyFrédéric Mangano-Tarumi1-1/+5
Only ttys have a terminal size. If we can’t obtain it, we’ll just use 80 as a sane default. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Exclude suspended Users from being notifiedKevin Morris1-10/+18
The existing notify.py script was grabbing entries regardless of user suspension. This has been modified to only send notifications to unsuspended users. This change was written as a solution to https://bugs.archlinux.org/task/65554. Signed-off-by: Kevin Morris <kevr.gtalk@gmail.com> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Support conjunctive keyword search in RPC interfaceKevin Morris3-24/+43
Newly supported API Version 6 modifies `type=search` for _by_ type `name-desc`: it now behaves the same as `name-desc` search through the https://aur.archlinux.org/packages/ search page. Search for packages containing the literal keyword `blah blah` AND `haha`: https://aur.archlinux.org/rpc/?v=6&type=search&arg="blah blah"%20haha Search for packages containing the literal keyword `abc 123`: https://aur.archlinux.org/rpc/?v=6&type=search&arg="abc 123" The following example searches for packages that contain `blah` AND `abc`: https://aur.archlinux.org/rpc/?v=6&type=search&arg=blah%20abc The legacy method still searches for packages that contain `blah abc`: https://aur.archlinux.org/rpc/?v=5&type=search&arg=blah%20abc https://aur.archlinux.org/rpc/?v=5&type=search&arg=blah%20abc API Version 6 is currently only considered during a `search` of `name-desc`. Note: This change was written as a solution to https://bugs.archlinux.org/task/49133. PS: + Some spacing issues fixed in comments. Signed-off-by: Kevin Morris <kevr.gtalk@gmail.com> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Build a translation facility for FastAPIFrédéric Mangano-Tarumi2-9/+33
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20SSO: Port account suspensionFrédéric Mangano-Tarumi1-1/+10
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20SSO: Port IP ban checkingFrédéric Mangano-Tarumi1-2/+17
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Save id_token for the SSO logoutFrédéric Mangano-Tarumi1-4/+15
As far as I can see, Keycloak ignores it entirely. I can login in as SSO user A, then disconnect from the SSO directly and reconnect as user B, but when I disconnect user A from AUR, Keycloak disconnects B even though AUR passed it an ID token for A. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Implement SSO logoutFrédéric Mangano-Tarumi2-1/+31
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20SSO: Add an SSO option in the login pageFrédéric Mangano-Tarumi1-0/+3
We’ll probably change the whole login page in the future, but this makes development easier. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20SSO: Explain the rationale behind prompt=loginFrédéric Mangano-Tarumi1-0/+7
We might reconsider it in the future. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Fix typos in CONTRIBUTING.mdFrédéric Mangano-Tarumi1-3/+3
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>