summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2016-08-05git-interface: Do not use UNIX_TIMESTAMPLukas Fleischer2-4/+7
Avoid using UNIX_TIMESTAMP which is not part of the SQL standard. Retrieve the current UNIX time in Python and substitute it into the SQL queries instead. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-08-05git-interface: Do not use rowcountLukas Fleischer2-7/+11
Avoid using Cursor.rowcount to obtain the number of rows returned by a SELECT statement as this is not guaranteed to be supported by every database engine. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-08-05git-interface: Add AUR_CONFIG environment variableLukas Fleischer1-1/+5
Introduce a new environment variable that can be used to specify the path to an aurweb configuration file. If the environment variable is unset, the default search path is used. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-08-05git-interface: Factor out configuration file parsingLukas Fleischer5-18/+32
Add a new module that automatically locates the configuration file and provides methods to obtain the values of configuration options. Use the new module instead of ConfigParser everywhere. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-08-05git-interface: Add database abstraction layerLukas Fleischer4-146/+150
Add a new class that connects to the database specified in the configuration file and provides an interface to execute SQL queries. Prepared statements with qmark ("?") placeholders are supported. Replace all direct database accesses with calls to the new abstraction layer. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-08-05git-update: Make maximum blob size configurableLukas Fleischer2-2/+18
Support setting the maximum blob size in the configuration file. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-08-05git-update: Use AUR_PRIVILEGED for forced pushesLukas Fleischer1-5/+2
Instead of looking up the account type of the current user again, use the AUR_PRIVILEGED environment variable to check whether the user is allowed to perform non-fast-forward ref updates. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-08-05git-update: Fix some issues reported by pyflakesLukas Fleischer1-2/+5
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-08-04Change default SSH options to "restrict"Lukas Fleischer1-1/+1
From the sshd(8) man page: Enable all restrictions, i.e. disable port, agent and X11 forwarding, as well as disabling PTY allocation and execution of ~/.ssh/rc. If any future restriction capabilities are added to authorized_keys files they will be included in this set. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-08-04git-serve: Deprecate setup-repoLukas Fleischer1-0/+5
Since 02dd9c5 (git-serve.py: Automatically create repositories, 2015-01-06), one can create new package bases by running `git push`. It is no longer necessary to run setup-repo manually. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-08-04git-update: Notify privileged users of forced uploadsLukas Fleischer1-4/+5
Show a warning when a Trusted User or a developer creates a package that is blacklisted or already provided by an official package. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-08-04git-serve: Refactor environment variable accessLukas Fleischer1-10/+10
Read all environment variables at the beginning of the script and immediately pre-process their values. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-07-24Fix plural stringSafa AlFulaij1-1/+1
Even though the singular form never occurs, we need to use _n() here to obtain the correct behavior for languages with multiple plural forms. Signed-off-by: Safa AlFulaij <safa1996alfulaij@gmail.com> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-07-24Make LangPreference DB field wide enough to fit es_419Johannes Löthberg2-1/+7
The language code for Latin American Spanish is es_419, which is longer than the 5 characters previously allowed. Signed-off-by: Johannes Löthberg <johannes@kyriasis.com> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-07-23Remove wearout factor from translatable stringLukas Fleischer1-1/+1
Even though that number is hardcoded in the source code, it is better to make it not appear in the message catalog such that it can be made configurable easily later. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-07-11Update the Git/SSH interface documentationLukas Fleischer1-19/+20
Add information on the new set-keywords command and slightly reword some paragraphs. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-06-30Distinguish auto-accepted requestsLukas Fleischer2-7/+14
Before commit 9746a65 (Port notification routines to Python, 2015-06-27), notification emails for automatically closed requests explicitly stated that the action was taken "automatically by the Arch User Repository package request system". When porting the notification routines to Python, this feature was overlooked and emails sent by the new script always reported that the requester triggered the acceptance or rejection of a request. This patch reimplements the old behavior such that notifications no longer look as if the requester had accepted the request himself. Reported-by: Johannes Löthberg <johannes@kyriasis.com> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-06-26Add hard limit for the length of dependency listsLukas Fleischer3-6/+10
Introduce a configuration option max_depends which can be used to specify a maximum number of (reverse) dependencies to display on the package details pages. Fixes FS#49059. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-06-25Update message catalogLukas Fleischer1-3/+38
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-06-25Make request type hints translatableLukas Fleischer1-3/+3
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-06-25Linkify user homepage URLsJohannes Löthberg1-1/+1
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-06-25Add missing database and account fieldsJohannes Löthberg3-11/+44
Commits 6ec4a35 (Send notifications when changing ownership, 2016-02-21) and e3670ef (Add a homepage field to accounts, 2016-06-02) forgot to change some usages of display_account_form() and process_account_form() to account for the new parameter. The former also forgot to add the new column to the database schema. Signed-off-by: Johannes Löthberg <johannes@kyriasis.com> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-06-08Add a homepage field to accountsLukas Fleischer6-19/+62
Allow users to add a link to their homepage to their profile. Implements FS#22774. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-06-08Update READMELukas Fleischer1-23/+25
Reword most parts of the README file, add information on new features and update the directory layout. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-06-08Update Arch Linux projects subdomainLukas Fleischer4-4/+4
The projects.archlinux.org subdomain was moved to git.archlinux.org. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-06-02pkgbasefuncs.inc.php: Remove debug statementLukas Fleischer1-1/+0
Remove a leftover var_dump() invocation that was introduced in commit 5fb7a74 (Replace categories with keywords, 2015-06-13). Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-05-23Add request type hintsLukas Fleischer1-1/+18
Add a text that explains when the currently selected request type should be used. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-05-18Use the official provider list to detect duplicatesLukas Fleischer2-8/+6
Instead of automatically adding packages from the official binary repositories to the package blacklist, use the official provider list to prevent users from uploading duplicates. This does not only result in reduced disk usage but also has a nice visible side effect. The error messages printed by the update hook now look like error: package already provided by [community]: powerline-fonts instead of error: package is blacklisted: powerline-fonts which was confusing to most end users. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-05-18Add repository information to official providersLukas Fleischer3-2/+13
When updating the list of packages provided by the official repositories, also save the repository names.
2016-03-19Merge branch 'maint'Lukas Fleischer1-1/+1
2016-03-18Change text of enable notifications linkMark Weiman1-1/+1
Since notifications are sent for more than just comments, change the notify link to more generic text. Signed-off-by: Mark Weiman <mark.weiman@markzz.com> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-03-15Resize the LastLoginIPAddress columnLukas Fleischer2-1/+7
Make sure that all valid IPv6 addresses fit into the LastLoginIPAddress field. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-03-15Fix instructions for omitting "have" linesLukas Fleischer2-5/+6
In 002d348 (Describe how to omit "have" lines, 2015-11-14), we added instructions on how to omit "have" lines originating from other package repositories. Fix those instructions such that the HEAD ref of the repository is transferred properly. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-03-13Release 4.2.1v4.2.1Lukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-03-13Merge branch 'maint'Lukas Fleischer4-4/+9
2016-03-13Store last login address as plain textLukas Fleischer3-3/+8
Directly store the information contained in $_SERVER['REMOTE_ADDR'] instead of using ip2long() which does not support IPv6 addresses. Note that the LastLoginIPAddress field is designed to be used by the administrator on rare occasions only (e.g. to fight spam) and is not displayed anywhere. Fixes FS#48557. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-03-13Fix l10n of "more"Lukas Fleischer1-1/+1
Use __() instead of _() to make the string translatable. Fixes FS#48529. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-03-13Remove code referencing non-existent and unused fileIan D. Scott1-4/+0
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-03-13Limit comment height to 15 linesEric Engestrom1-0/+5
Signed-off-by: Eric Engestrom <eric@engestrom.ch> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-03-01Merge branch 'maint'Lukas Fleischer2-2/+1
2016-03-01aurjson: Remove stray GROUP BY clauseLukas Fleischer1-1/+0
The IDs of packages are unique, so there is no need to group search results by package ID. Note that the GROUP BY statement in question was introduced in commit 3447dfc (Support versioned RPC queries, 2014-04-28) for no apparent reason and could even lead to errors in various DBMS. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-03-01popupdate: Avoid NULL entries in the popularity fieldLukas Fleischer1-1/+1
The popularity field is declared as "NOT NULL" in the database schema. Fix the popularity update query such that it uses a popularity of 0.0 instead of NULL for packages with no votes. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-02-21Send notifications when changing ownershipLukas Fleischer5-3/+65
Add a new option that makes it possible to subscribe to package ownership changes (adoption/disownment). Fixes FS#15412. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-02-19Unset $pinned unconditionally when displaying commentsMark Weiman2-2/+2
In pkg_comments.php, the $pinned variable is used to determine whether the template is supposed to print all comments or pinned comments only. If the $pinned variable is unset, the top 10 comments are printed, followed by an "All comments" link. If the $pinned variable is set, the pinned comments are printed and the "All comments" link below the comment listing is skipped. Thus, we need to make sure that this variable is always unset at the time we include the template to display all comments, even if it was empty before. Fixes FS#48194. Signed-off-by: Mark Weiman <mark.weiman@markzz.com> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-02-19Hide orphan request option for disowned package basesLukas Fleischer1-0/+2
If a package base is unmaintained, there is no need to file an orphan request. Hide the option from the front-end in this case. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-02-19notify: Fix notification of request initiatorLukas Fleischer1-7/+9
Reimplement get_request_recipients() such that it always returns the email addresses of the package base maintainer and the request initiator, instead of the email address of the user triggering the request status change. Fixes FS#48238. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-02-19notify: Reintroduce Message-ID againLukas Fleischer1-1/+2
In commit 7b57e0e (Set Message-ID when sending package request emails, 2014-07-01), we changed the code responsible for sending notifications such that the value of the Message-ID header is set deterministically in the first email referring to a request. Unfortunately, this was forgotten when porting the notification routines to Python in 9746a65 (Port notification routines to Python, 2015-06-27) and later fixed by 092e00f (notify: Fix references in request notifications, 2015-10-10). However, when fixing another bug, the old behavior of not setting a Message-ID was restored by d87b138 (notify: Fix merging of header dicts, 2015-10-26). Revert that particular change once more and add a comment such that the line gets extra attention, should it be changed in the future. Fixes FS#48239. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-02-15Release 4.2.0v4.2.0Lukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-02-15Translation updates from TransifexLukas Fleischer29-15680/+5884
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-02-11Add an example post-checkout hookLukas Fleischer1-0/+4
Add a shell script to rebuild the documentation and install translations. Can be executed manually or used as a post-checkout hook in Git. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>