external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add a package name blacklist.

Browse source 
Can be used to blacklist package names for normal users. TUs and
developers are not affected. This is especially useful if used together
with a cron job that updates the blacklist periodically, e.g. to reject
packages which are available in the binary repos (FS#12902).

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This commit is contained in:
Lukas Fleischer 2011-02-02 18:03:09 +01:00
parent 881bfcced4
commit b69f548065
4 changed files with 47 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
UPGRADING
View file

@ -27,6 +27,12 @@ ALTER TABLE PackageSources
MODIFY Source VARCHAR(255) NOT NULL DEFAULT "/dev/null"; MODIFY Source VARCHAR(255) NOT NULL DEFAULT "/dev/null";
ALTER TABLE TU_VoteInfo ALTER TABLE TU_VoteInfo
MODIFY User VARCHAR(32) collate latin1_general_ci NOT NULL; MODIFY User VARCHAR(32) collate latin1_general_ci NOT NULL;
CREATE TABLE PackageBlacklist (
ID INTEGER UNSIGNED NOT NULL AUTO_INCREMENT,
Name CHAR(64) NOT NULL,
PRIMARY KEY (ID),
UNIQUE (Name)
);
---- ----
2. Drop all fulltext indexes from the "Packages" table: 2. Drop all fulltext indexes from the "Packages" table:

9
support/schema/aur-schema.sql
View file

@ -177,6 +177,15 @@ CREATE TABLE CommentNotify (
); );
CREATE UNIQUE INDEX NotifyUserIDPkgID ON CommentNotify (UserID, PkgID); CREATE UNIQUE INDEX NotifyUserIDPkgID ON CommentNotify (UserID, PkgID);
-- Package name blacklist
--
CREATE TABLE PackageBlacklist (
ID INTEGER UNSIGNED NOT NULL AUTO_INCREMENT,
Name CHAR(64) NOT NULL,
PRIMARY KEY (ID),
UNIQUE (Name)
);
-- Vote information -- Vote information
-- --
CREATE TABLE IF NOT EXISTS TU_VoteInfo ( CREATE TABLE IF NOT EXISTS TU_VoteInfo (

9
web/html/pkgsubmit.php
View file

@ -215,6 +215,15 @@ if ($_COOKIE["AURSID"]):
$incoming_pkgdir = INCOMING_DIR . $pkg_name; $incoming_pkgdir = INCOMING_DIR . $pkg_name;
} }
if (!$error) {
# Check if package name is blacklisted.
if (pkgname_is_blacklisted($pkg_name)) {
if (!canSubmitBlacklisted(account_from_sid($_COOKIE["AURSID"]))) {
$error = __( "%s is on the package blacklist, please check if it's available in the official repos.", $pkg_name);
}
}
}
if (!$error) { if (!$error) {
# First, see if this package already exists, and if it can be overwritten # First, see if this package already exists, and if it can be overwritten
$pkg_exists = package_exists($pkg_name); $pkg_exists = package_exists($pkg_name);

23
web/lib/pkgfuncs.inc
View file

@ -64,6 +64,18 @@ function canManagePackage($uid=0,$AURMUID=0, $MUID=0, $SUID=0, $managed=0) {
return 0; return 0;
} }
# Check if the current user can submit blacklisted packages.
#
function canSubmitBlacklisted($atype = "") {
if ($atype == "Trusted User" || $atype == "Developer") {
# Only TUs/Devs can submit blacklisted packages.
return TRUE;
}
else {
return FALSE;
}
}
# grab the current list of PackageCategories # grab the current list of PackageCategories
# #
function pkgCategories() { function pkgCategories() {
@ -286,6 +298,17 @@ function pkgname_from_id($id="") {
return $id; return $id;
} }
# Check if a package name is blacklisted.
#
function pkgname_is_blacklisted($name) {
$dbh = db_connect();
$q = "SELECT COUNT(*) FROM PackageBlacklist WHERE Name = '" . mysql_real_escape_string($name) . "'";
$result = db_query($q, $dbh);
if (!$result) return false;
return (mysql_result($result, 0) > 0);
}
# display package details # display package details
# #
function package_details($id=0, $SID="") { function package_details($id=0, $SID="") {