external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'pu_auth_redirect_vars' into pu

Browse source
This commit is contained in:
Kevin Morris 2021-10-07 12:42:53 -07:00
commit 55ebfa0d01
No known key found for this signature in database
GPG key ID: F7E46DED420788F3
6 changed files with 96 additions and 120 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
aurweb/auth.py
View file

@ -1,4 +1,5 @@
import functools import functools
import re
from datetime import datetime from datetime import datetime
from http import HTTPStatus from http import HTTPStatus
@ -121,6 +122,7 @@ class BasicAuthBackend(AuthenticationBackend):
def auth_required(is_required: bool = True, def auth_required(is_required: bool = True,
login: bool = True,
redirect: str = "/", redirect: str = "/",
template: tuple = None, template: tuple = None,
status_code: HTTPStatus = HTTPStatus.UNAUTHORIZED): status_code: HTTPStatus = HTTPStatus.UNAUTHORIZED):
@ -150,6 +152,7 @@ def auth_required(is_required: bool = True,
applying any format operations. applying any format operations.
:param is_required: A boolean indicating whether the function requires auth :param is_required: A boolean indicating whether the function requires auth
:param login: Redirect to `/login`, passing `next=<redirect>`
:param redirect: Path to redirect to if is_required isn't True :param redirect: Path to redirect to if is_required isn't True
:param template: A three-element template tuple: :param template: A three-element template tuple:
(path, title_iterable, variable_iterable) (path, title_iterable, variable_iterable)
@ -162,8 +165,16 @@ def auth_required(is_required: bool = True,
async def wrapper(request, *args, **kwargs): async def wrapper(request, *args, **kwargs):
if request.user.is_authenticated() != is_required: if request.user.is_authenticated() != is_required:
url = "/" url = "/"
if redirect: if redirect:
url = redirect path_params_expr = re.compile(r'\{(\w+)\}')
match = re.findall(path_params_expr, redirect)
args = {k: request.path_params.get(k) for k in match}
url = redirect.format(**args)
if login:
url = "/login?" + util.urlencode({"next": url})
if template: if template:
# template=("template.html", # template=("template.html",
# ["Some Title", "someFormatted {}"], # ["Some Title", "someFormatted {}"],

20
aurweb/routers/accounts.py
View file

@ -30,14 +30,14 @@ logger = logging.getLogger(__name__)
@router.get("/passreset", response_class=HTMLResponse) @router.get("/passreset", response_class=HTMLResponse)
@auth_required(False) @auth_required(False, login=False)
async def passreset(request: Request): async def passreset(request: Request):
context = await make_variable_context(request, "Password Reset") context = await make_variable_context(request, "Password Reset")
return render_template(request, "passreset.html", context) return render_template(request, "passreset.html", context)
@router.post("/passreset", response_class=HTMLResponse) @router.post("/passreset", response_class=HTMLResponse)
@auth_required(False) @auth_required(False, login=False)
async def passreset_post(request: Request, async def passreset_post(request: Request,
user: str = Form(...), user: str = Form(...),
resetkey: str = Form(default=None), resetkey: str = Form(default=None),
@ -315,7 +315,7 @@ def make_account_form_context(context: dict,
@router.get("/register", response_class=HTMLResponse) @router.get("/register", response_class=HTMLResponse)
@auth_required(False) @auth_required(False, login=False)
async def account_register(request: Request, async def account_register(request: Request,
U: str = Form(default=str()), # Username U: str = Form(default=str()), # Username
E: str = Form(default=str()), # Email E: str = Form(default=str()), # Email
@ -341,7 +341,7 @@ async def account_register(request: Request,
@router.post("/register", response_class=HTMLResponse) @router.post("/register", response_class=HTMLResponse)
@auth_required(False) @auth_required(False, login=False)
async def account_register_post(request: Request, async def account_register_post(request: Request,
U: str = Form(default=str()), # Username U: str = Form(default=str()), # Username
E: str = Form(default=str()), # Email E: str = Form(default=str()), # Email
@ -432,7 +432,7 @@ def cannot_edit(request, user):
@router.get("/account/{username}/edit", response_class=HTMLResponse) @router.get("/account/{username}/edit", response_class=HTMLResponse)
@auth_required(True) @auth_required(True, redirect="/account/{username}")
async def account_edit(request: Request, async def account_edit(request: Request,
username: str): username: str):
user = db.query(User, User.Username == username).first() user = db.query(User, User.Username == username).first()
@ -448,7 +448,7 @@ async def account_edit(request: Request,
@router.post("/account/{username}/edit", response_class=HTMLResponse) @router.post("/account/{username}/edit", response_class=HTMLResponse)
@auth_required(True) @auth_required(True, redirect="/account/{username}")
async def account_edit_post(request: Request, async def account_edit_post(request: Request,
username: str, username: str,
U: str = Form(default=str()), # Username U: str = Form(default=str()), # Username
@ -594,7 +594,7 @@ async def account(request: Request, username: str):
@router.get("/accounts/") @router.get("/accounts/")
@auth_required(True) @auth_required(True, redirect="/accounts/")
@account_type_required({TRUSTED_USER, DEVELOPER, TRUSTED_USER_AND_DEV}) @account_type_required({TRUSTED_USER, DEVELOPER, TRUSTED_USER_AND_DEV})
async def accounts(request: Request): async def accounts(request: Request):
context = make_context(request, "Accounts") context = make_context(request, "Accounts")
@ -602,7 +602,7 @@ async def accounts(request: Request):
@router.post("/accounts/") @router.post("/accounts/")
@auth_required(True) @auth_required(True, redirect="/accounts/")
@account_type_required({TRUSTED_USER, DEVELOPER, TRUSTED_USER_AND_DEV}) @account_type_required({TRUSTED_USER, DEVELOPER, TRUSTED_USER_AND_DEV})
async def accounts_post(request: Request, async def accounts_post(request: Request,
O: int = Form(default=0), # Offset O: int = Form(default=0), # Offset
@ -688,7 +688,7 @@ def render_terms_of_service(request: Request,
@router.get("/tos") @router.get("/tos")
@auth_required(True, redirect="/") @auth_required(True, redirect="/tos")
async def terms_of_service(request: Request): async def terms_of_service(request: Request):
# Query the database for terms that were previously accepted, # Query the database for terms that were previously accepted,
# but now have a bumped Revision that needs to be accepted. # but now have a bumped Revision that needs to be accepted.
@ -709,7 +709,7 @@ async def terms_of_service(request: Request):
@router.post("/tos") @router.post("/tos")
@auth_required(True, redirect="/") @auth_required(True, redirect="/tos")
async def terms_of_service_post(request: Request, async def terms_of_service_post(request: Request,
accept: bool = Form(default=False)): accept: bool = Form(default=False)):
# Query the database for terms that were previously accepted, # Query the database for terms that were previously accepted,

28
aurweb/routers/packages.py
View file

@ -222,7 +222,7 @@ async def package_base_voters(request: Request, name: str) -> Response:
@router.post("/pkgbase/{name}/comments") @router.post("/pkgbase/{name}/comments")
@auth_required(True) @auth_required(True, redirect="/pkgbase/{name}/comments")
async def pkgbase_comments_post( async def pkgbase_comments_post(
request: Request, name: str, request: Request, name: str,
comment: str = Form(default=str()), comment: str = Form(default=str()),
@ -254,7 +254,7 @@ async def pkgbase_comments_post(
@router.get("/pkgbase/{name}/comments/{id}/form") @router.get("/pkgbase/{name}/comments/{id}/form")
@auth_required(True) @auth_required(True, login=False)
async def pkgbase_comment_form(request: Request, name: str, id: int): async def pkgbase_comment_form(request: Request, name: str, id: int):
""" Produce a comment form for comment {id}. """ """ Produce a comment form for comment {id}. """
pkgbase = get_pkg_or_base(name, PackageBase) pkgbase = get_pkg_or_base(name, PackageBase)
@ -274,7 +274,7 @@ async def pkgbase_comment_form(request: Request, name: str, id: int):
@router.post("/pkgbase/{name}/comments/{id}") @router.post("/pkgbase/{name}/comments/{id}")
@auth_required(True) @auth_required(True, redirect="/pkgbase/{name}/comments/{id}")
async def pkgbase_comment_post( async def pkgbase_comment_post(
request: Request, name: str, id: int, request: Request, name: str, id: int,
comment: str = Form(default=str()), comment: str = Form(default=str()),
@ -309,7 +309,7 @@ async def pkgbase_comment_post(
@router.post("/pkgbase/{name}/comments/{id}/delete") @router.post("/pkgbase/{name}/comments/{id}/delete")
@auth_required(True) @auth_required(True, redirect="/pkgbase/{name}/comments/{id}/delete")
async def pkgbase_comment_delete(request: Request, name: str, id: int): async def pkgbase_comment_delete(request: Request, name: str, id: int):
pkgbase = get_pkg_or_base(name, PackageBase) pkgbase = get_pkg_or_base(name, PackageBase)
comment = get_pkgbase_comment(pkgbase, id) comment = get_pkgbase_comment(pkgbase, id)
@ -332,7 +332,7 @@ async def pkgbase_comment_delete(request: Request, name: str, id: int):
@router.post("/pkgbase/{name}/comments/{id}/undelete") @router.post("/pkgbase/{name}/comments/{id}/undelete")
@auth_required(True) @auth_required(True, redirect="/pkgbase/{name}/comments/{id}/undelete")
async def pkgbase_comment_undelete(request: Request, name: str, id: int): async def pkgbase_comment_undelete(request: Request, name: str, id: int):
pkgbase = get_pkg_or_base(name, PackageBase) pkgbase = get_pkg_or_base(name, PackageBase)
comment = get_pkgbase_comment(pkgbase, id) comment = get_pkgbase_comment(pkgbase, id)
@ -354,7 +354,7 @@ async def pkgbase_comment_undelete(request: Request, name: str, id: int):
@router.post("/pkgbase/{name}/comments/{id}/pin") @router.post("/pkgbase/{name}/comments/{id}/pin")
@auth_required(True) @auth_required(True, redirect="/pkgbase/{name}/comments/{id}/pin")
async def pkgbase_comment_pin(request: Request, name: str, id: int): async def pkgbase_comment_pin(request: Request, name: str, id: int):
pkgbase = get_pkg_or_base(name, PackageBase) pkgbase = get_pkg_or_base(name, PackageBase)
comment = get_pkgbase_comment(pkgbase, id) comment = get_pkgbase_comment(pkgbase, id)
@ -376,7 +376,7 @@ async def pkgbase_comment_pin(request: Request, name: str, id: int):
@router.post("/pkgbase/{name}/comments/{id}/unpin") @router.post("/pkgbase/{name}/comments/{id}/unpin")
@auth_required(True) @auth_required(True, redirect="/pkgbase/{name}/comments/{id}/unpin")
async def pkgbase_comment_unpin(request: Request, name: str, id: int): async def pkgbase_comment_unpin(request: Request, name: str, id: int):
pkgbase = get_pkg_or_base(name, PackageBase) pkgbase = get_pkg_or_base(name, PackageBase)
comment = get_pkgbase_comment(pkgbase, id) comment = get_pkgbase_comment(pkgbase, id)
@ -397,7 +397,7 @@ async def pkgbase_comment_unpin(request: Request, name: str, id: int):
@router.get("/pkgbase/{name}/comaintainers") @router.get("/pkgbase/{name}/comaintainers")
@auth_required(True) @auth_required(True, redirect="/pkgbase/{name}/comaintainers")
async def package_base_comaintainers(request: Request, name: str) -> Response: async def package_base_comaintainers(request: Request, name: str) -> Response:
# Get the PackageBase. # Get the PackageBase.
pkgbase = get_pkg_or_base(name, PackageBase) pkgbase = get_pkg_or_base(name, PackageBase)
@ -444,7 +444,7 @@ def remove_users(pkgbase, usernames):
@router.post("/pkgbase/{name}/comaintainers") @router.post("/pkgbase/{name}/comaintainers")
@auth_required(True) @auth_required(True, redirect="/pkgbase/{name}/comaintainers")
async def package_base_comaintainers_post( async def package_base_comaintainers_post(
request: Request, name: str, request: Request, name: str,
users: str = Form(default=str())) -> Response: users: str = Form(default=str())) -> Response:
@ -539,7 +539,7 @@ async def package_base_comaintainers_post(
@router.get("/requests") @router.get("/requests")
@auth_required(True, redirect="/") @auth_required(True, redirect="/requests")
async def requests(request: Request, async def requests(request: Request,
O: int = Query(default=defaults.O), O: int = Query(default=defaults.O),
PP: int = Query(default=defaults.PP)): PP: int = Query(default=defaults.PP)):
@ -571,7 +571,7 @@ async def requests(request: Request,
@router.get("/pkgbase/{name}/request") @router.get("/pkgbase/{name}/request")
@auth_required(True) @auth_required(True, redirect="/pkgbase/{name}")
async def package_request(request: Request, name: str): async def package_request(request: Request, name: str):
context = make_context(request, "Submit Request") context = make_context(request, "Submit Request")
@ -585,7 +585,7 @@ async def package_request(request: Request, name: str):
@router.post("/pkgbase/{name}/request") @router.post("/pkgbase/{name}/request")
@auth_required(True) @auth_required(True, redirect="/pkgbase/{name}/request")
async def pkgbase_request_post(request: Request, name: str, async def pkgbase_request_post(request: Request, name: str,
type: str = Form(...), type: str = Form(...),
merge_into: str = Form(default=None), merge_into: str = Form(default=None),
@ -654,7 +654,7 @@ async def pkgbase_request_post(request: Request, name: str,
@router.get("/requests/{id}/close") @router.get("/requests/{id}/close")
@auth_required(True) @auth_required(True, redirect="/requests/{id}/close")
async def requests_close(request: Request, id: int): async def requests_close(request: Request, id: int):
pkgreq = db.query(PackageRequest).filter(PackageRequest.ID == id).first() pkgreq = db.query(PackageRequest).filter(PackageRequest.ID == id).first()
if not request.user.is_elevated() and request.user != pkgreq.User: if not request.user.is_elevated() and request.user != pkgreq.User:
@ -667,7 +667,7 @@ async def requests_close(request: Request, id: int):
@router.post("/requests/{id}/close") @router.post("/requests/{id}/close")
@auth_required(True) @auth_required(True, redirect="/requests/{id}/close")
async def requests_close_post(request: Request, id: int, async def requests_close_post(request: Request, id: int,
reason: int = Form(default=0), reason: int = Form(default=0),
comments: str = Form(default=str())): comments: str = Form(default=str())):

10
aurweb/routers/trusted_user.py
View file

@ -45,7 +45,7 @@ ADDVOTE_SPECIFICS = {
@router.get("/tu") @router.get("/tu")
@auth_required(True, redirect="/") @auth_required(True, redirect="/tu")
@account_type_required(REQUIRED_TYPES) @account_type_required(REQUIRED_TYPES)
async def trusted_user(request: Request, async def trusted_user(request: Request,
coff: int = 0, # current offset coff: int = 0, # current offset
@ -149,7 +149,7 @@ def render_proposal(request: Request,
@router.get("/tu/{proposal}") @router.get("/tu/{proposal}")
@auth_required(True, redirect="/") @auth_required(True, redirect="/tu/{proposal}")
@account_type_required(REQUIRED_TYPES) @account_type_required(REQUIRED_TYPES)
async def trusted_user_proposal(request: Request, proposal: int): async def trusted_user_proposal(request: Request, proposal: int):
context = await make_variable_context(request, "Trusted User") context = await make_variable_context(request, "Trusted User")
@ -175,7 +175,7 @@ async def trusted_user_proposal(request: Request, proposal: int):
@router.post("/tu/{proposal}") @router.post("/tu/{proposal}")
@auth_required(True, redirect="/") @auth_required(True, redirect="/tu/{proposal}")
@account_type_required(REQUIRED_TYPES) @account_type_required(REQUIRED_TYPES)
async def trusted_user_proposal_post(request: Request, async def trusted_user_proposal_post(request: Request,
proposal: int, proposal: int,
@ -223,7 +223,7 @@ async def trusted_user_proposal_post(request: Request,
@router.get("/addvote") @router.get("/addvote")
@auth_required(True) @auth_required(True, redirect="/addvote")
@account_type_required({"Trusted User", "Trusted User & Developer"}) @account_type_required({"Trusted User", "Trusted User & Developer"})
async def trusted_user_addvote(request: Request, async def trusted_user_addvote(request: Request,
user: str = str(), user: str = str(),
@ -243,7 +243,7 @@ async def trusted_user_addvote(request: Request,
@router.post("/addvote") @router.post("/addvote")
@auth_required(True) @auth_required(True, redirect="/addvote")
@account_type_required({TRUSTED_USER, TRUSTED_USER_AND_DEV}) @account_type_required({TRUSTED_USER, TRUSTED_USER_AND_DEV})
async def trusted_user_addvote_post(request: Request, async def trusted_user_addvote_post(request: Request,
user: str = Form(default=str()), user: str = Form(default=str()),

139
templates/partials/packages/actions.html
View file

@ -23,99 +23,68 @@
{{ "Search wiki" | tr }} {{ "Search wiki" | tr }}
</a> </a>
</li> </li>
{% if not request.user.is_authenticated() %} {% if not out_of_date %}
{% if not out_of_date %}
<li> <li>
<a href="/pkgbase/{{ result.Name }}/flag/"> <a href="/pkgbase/{{ result.Name }}/flag/">
{{ "Flag package out-of-date" | tr }} {{ "Flag package out-of-date" | tr }}
</a> </a>
</li> </li>
{% else %}
<li>
<span class="flagged">
{% set ood_ts = result.OutOfDateTS | dt | as_timezone(timezone) %}
{{
"Flagged out-of-date (%s)"
| tr | format(ood_ts.strftime("%Y-%m-%d"))
}}
</span>
</li>
{% endif %}
<li>
<a href="/login?next={{ request.url.path | quote_plus }}">
{{ "Vote for this package" | tr }}
</a>
</li>
<li>
<a href="/login?next={{ request.url.path | quote_plus }}">
{{ "Enable notifications" | tr }}
</a>
</li>
{% else %} {% else %}
{% if not out_of_date %} <li>
<li> <span class="flagged">
<a href="/pkgbase/{{ result.Name }}/flag/"> {% set ood_ts = result.OutOfDateTS | dt | as_timezone(timezone) %}
{{ "Flag package out-of-date" | tr }} {{
</a> "Flagged out-of-date (%s)"
</li> | tr | format(ood_ts.strftime("%Y-%m-%d"))
{% else %} }}
<li> </span>
<span class="flagged"> </li>
{% set ood_ts = result.OutOfDateTS | dt | as_timezone(timezone) %} <li>
{{ <form action="/pkgbase/{{ result.Name }}/unflag" method="post">
"Flagged out-of-date (%s)" <input class="button text-button"
| tr | format(ood_ts.strftime("%Y-%m-%d")) type="submit"
}} name="do_UnFlag"
</span> value="{{ 'Unflag package' | tr }}"
</li> />
<li> </form>
<form action="/pkgbase/{{ result.Name }}/unflag" method="post"> </li>
<input class="button text-button" {% endif %}
type="submit" <li>
name="do_UnFlag" {% if not voted %}
value="{{ 'Unflag package' | tr }}" <form action="/pkgbase/{{ result.Name }}/vote/" method="post">
<input type="submit"
class="button text-button"
name="do_Vote"
value="{{ 'Vote for this package' | tr }}" />
</form>
{% else %}
<form action="/pkgbase/{{ result.Name }}/unvote/" method="post">
<input type="submit"
class="button text-button"
name="do_UnVote"
value="{{ 'Remove vote' | tr }}" />
</form>
{% endif %}
</li>
<li>
{% if notified %}
<form action="/pkgbase/{{ result.Name }}/unnotify/" method="post">
<input type="submit"
class="button text-button"
name="do_UnNotify"
value="{{ 'Disable notifications' | tr }}"
/> />
</form> </form>
</li> {% else %}
{% endif %} <form action="/pkgbase/{{ result.Name }}/notify/" method="post">
<li>
{% if not voted %}
<form action="/pkgbase/{{ result.Name }}/vote/" method="post">
<input type="submit" <input type="submit"
class="button text-button" class="button text-button"
name="do_Vote" name="do_Notify"
value="{{ 'Vote for this package' | tr }}" /> value="{{ 'Enable notifications' | tr }}"
/>
</form> </form>
{% else %} {% endif %}
<form action="/pkgbase/{{ result.Name }}/unvote/" method="post"> </li>
<input type="submit"
class="button text-button"
name="do_UnVote"
value="{{ 'Remove vote' | tr }}" />
</form>
{% endif %}
</li>
<li>
{% if notified %}
<form action="/pkgbase/{{ result.Name }}/unnotify/" method="post">
<input type="submit"
class="button text-button"
name="do_UnNotify"
value="{{ 'Disable notifications' | tr }}"
/>
</form>
{% else %}
<form action="/pkgbase/{{ result.Name }}/notify/" method="post">
<input type="submit"
class="button text-button"
name="do_Notify"
value="{{ 'Enable notifications' | tr }}"
/>
</form>
{% endif %}
</li>
{% endif %}
</form> </form>
{% if request.user.has_credential('CRED_PKGBASE_EDIT_COMAINTAINERS', approved=[pkgbase.Maintainer]) %} {% if request.user.has_credential('CRED_PKGBASE_EDIT_COMAINTAINERS', approved=[pkgbase.Maintainer]) %}
<li> <li>
@ -132,15 +101,9 @@
</li> </li>
{% endif %} {% endif %}
<li> <li>
{% if not request.user.is_authenticated() %}
<a href="/login?next={{ '/pkgbase/%s/request' | format(result.Name) | quote_plus }}">
{{ "Submit Request" | tr }}
</a>
{% else %}
<a href="/pkgbase/{{ result.Name }}/request/"> <a href="/pkgbase/{{ result.Name }}/request/">
{{ "Submit Request" | tr }} {{ "Submit Request" | tr }}
</a> </a>
{% endif %}
</li> </li>
{% if request.user.has_credential("CRED_PKGBASE_DELETE") %} {% if request.user.has_credential("CRED_PKGBASE_DELETE") %}
<li> <li>

6
test/test_trusted_user_routes.py
View file

@ -9,7 +9,7 @@ import pytest
from fastapi.testclient import TestClient from fastapi.testclient import TestClient
from aurweb import db from aurweb import db, util
from aurweb.models.account_type import AccountType from aurweb.models.account_type import AccountType
from aurweb.models.tu_vote import TUVote from aurweb.models.tu_vote import TUVote
from aurweb.models.tu_voteinfo import TUVoteInfo from aurweb.models.tu_voteinfo import TUVoteInfo
@ -128,7 +128,9 @@ def test_tu_index_guest(client):
with client as request: with client as request:
response = request.get("/tu", allow_redirects=False) response = request.get("/tu", allow_redirects=False)
assert response.status_code == int(HTTPStatus.SEE_OTHER) assert response.status_code == int(HTTPStatus.SEE_OTHER)
assert response.headers.get("location") == "/"
params = util.urlencode({"next": "/tu"})
assert response.headers.get("location") == f"/login?{params}"
def test_tu_index_unauthorized(client, user): def test_tu_index_unauthorized(client, user):