summaryrefslogtreecommitdiffstats
path: root/aurweb/git
AgeCommit message (Collapse)AuthorFilesLines
2019-04-28git-auth: deny login if no password has been setLukas Fleischer1-1/+2
After creating a new account, users need to verify their email address and set an initial password. Without setting a password, users cannot use their account on the web interface. However, when logging in via SSH, we did not check whether the account is verified. Fix this by only allowing SSH access once a password is set. Reported-by: Pat Hogan <pathtofile@gmail.com> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2019-01-14Quote MySql 8.0 reserved keywordsFlorian Pritz1-2/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
2018-08-12Fix notifications emails going to the right peopleEli Schwartz1-5/+5
In commit f3b4c5c (Refactor the notification script, 2018-05-17), the parameters of the adopt, disown, comaintainer-add and comaintainer-remove notification modules were accidentally pushed around without changing the order in the callers. The notify script now expects to see the userid followed by additional arguments like the pkgbase id. As a result, some random userid with the same id as the pkgbase, got sent a notification regarding some package with the same id as the real user's id. Fix this by changing the order in every invocation of the aforementioned modules. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2018-05-18git-update: accept any arch in arch-dependent metadataEli Schwartz1-1/+1
Currently we hardcode the architectures the official repos historically supported, which seems both inefficient because of hardcoding, and simply wrong, because many packages support various ARM platforms too. If we were to say "only officially supported arches will be supported in the AUR" we'd have to disable i686, which seems silly and arbitrarily restrictive. Also there's better places to implement such a blacklist (via die_commit in the main loop, via a config option to list supported arches, would make much more sense in terms of logic). As for the metadata extraction itself, there's no reason to hardcode the arches to check for at all. We can get this information too, from the .SRCINFO itself. Detecting this dynamically is not incompatible with a blacklist, should we ever decide to implement such a thing. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2018-01-21Move AUR_OVERWRITE privilege check from git/auth to git/updateJohannes Löthberg2-2/+1
git/auth is run as an AutherizedKeysCommand which does not get the environment variables passed to it, so AUR_OVERWRITE always got hard-set to '0' by it. Instead we need to perform the actual privilege check in git/update instead. Signed-off-by: Johannes Löthberg <johannes@kyriasis.com> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2017-08-25Do not hardcode path to the Python interpreterLukas Fleischer3-3/+3
Use `/usr/bin/env python3` instead of `/usr/bin/python3` in the shebang of Python scripts. This adds support for non-standard Python interpreter paths such as the paths used in virtualenv environments. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2017-08-08git-serve: Fix broken SQL statementLukas Fleischer1-1/+1
Add a missing space to the SQL statement performing the disown operation. Fixes FS#55068. Note that the broken query was not discovered by the test suite since SQLite parses "?AND" inside prepared statements gracefully while MySQL does not. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2017-07-25Require TUs to explicitly request to overwrite a pkgbaseEli Schwartz2-1/+4
AUR_PRIVILEGED allows people with privileged AUR accounts to evade the block on non-fast-forward commits. While valid in this case, we should not do so by default, since in at least one case a TU did this without realizing there was an existing package. ( https://aur.archlinux.org/packages/rtmidi/ ) Switch to using allow_overwrite to check for destructive actions. Use .ssh/config "SendEnv" on the TU's side and and sshd_config "AcceptEnv" in the AUR server to specifically request overwrite access. TUs should use: `AUR_OVERWRITE=1 git push --force` Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2017-07-22Fix setting keywords in the SSH interfaceEli Schwartz1-1/+1
This was broken in commit 8914a41db938194efc021f842c89d47ff6b522c9 which refactored the argument parsing. Instead of checking for at least the set-keywords command and a pkgbase name, we were checking for *exactly* the command and pkgbase name, leaving no room for keywords... As a result, while we could clear the keywords, we could not set them. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2017-04-25Explicitly initialize PackageBases.FlaggerCommentLukas Fleischer2-4/+6
Since commit 09cb61a (schema: Remove invalid default values for TEXT columns, 2017-04-15), the PackageBases.FlaggerComment field no longer has a default value. Initialize this field explicitly whenever a new row is added to the PackageBases table. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2017-04-19Store dependency descriptions in a separate columnLukas Fleischer1-9/+7
Split optional dependency descriptions from dependency names before storing them in the database and use a separate column to store the descriptions. This allows us to simplify and optimize the SQL queries in pkg_dependencies() as well as pkg_required(). Suggested-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2017-04-06git-update: Check for missing pkgname entriesLukas Fleischer1-0/+3
Reject commits containing .SRCINFO files without any pkgname entries. Suggested-by: Bruno Pagani <bruno.n.pagani@gmail.com> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2017-01-25git-serve: Implement IP address bansLukas Fleischer1-0/+12
Currently, IP address bans affect the web interface only. Make sure they are honored in the SSH interface as well. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2017-01-25git-serve: Save last SSH login date and IP addressLukas Fleischer1-0/+13
In addition to logging the last login date and IP address on the web interface, store the time stamp and IP address of the last SSH login in the database. This simplifies user banning if one of the new SSH interface features, such as the voting mechanism implemented in 7ee2fdd (git-serve: Add support for (un-)voting, 2017-01-23), is abused. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2017-01-23git-serve: Add support for (un-)votingLukas Fleischer1-0/+63
Add support for voting for packages and removing votes from the SSH interface. The syntax is `vote <pkgbase>` resp. `unvote <pkgbase>`. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-12-23git-serve: Use Python exceptions for error handlingLukas Fleischer1-79/+78
Make it easier to reuse the helper functions provided by git-serve from another Python script by throwing exceptions instead of terminating the program on errors. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-12-20git-serve: Add support for (un-)flagging packagesLukas Fleischer1-0/+70
Add support for flagging or unflagging packages from the SSH interface. The syntax is `flag <pkgbase> <comment>` resp. `unflag <pkgbase>`. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-10-17aurweb/git: Add missing __init__.py fileLukas Fleischer1-0/+0
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-10-11git-serve: Close orphan requests upon disownLukas Fleischer1-1/+43
When disowning a package base via the SSH interface, auto-accept all pending orphan requests for the affected package. Also, add a test case that checks whether (only) orphan requests belonging to disowned packages are closed correctly. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-10-11git-update: Catch long source URLsLukas Fleischer1-0/+3
Bail out early if the source array contains an entry with more than 8000 characters. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-10-11Make URL columns 8000 characters wideLukas Fleischer1-2/+3
According to RFC 7230, URLs can be up too 8000 characters long. Resize all URL fields accordingly. Also, add a test to verify that URLs with more than 8000 characters are rejected by the update hook. Reported-by: Andreas Linz <klingt.net@gmail.com> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-10-08Reorganize Git interface scriptsLukas Fleischer3-0/+890
Move the Git interface scripts from git-interface/ to aurweb/git/. Use setuptools to automatically create wrappers which can be installed using `python3 setup.py install`. Update the configuration files, the test suite as well as the INSTALL and README files to reflect these changes. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>