Introduces new router:
- `aurweb.routers.pkgbase`
Introduces new package:
- `aurweb.pkgbase`
Introduces new modules:
- `aurweb.pkgbase.actions`
- `aurweb.pkgbase.util`
Changes:
- `pkgbase_{action}_instance` functions are now located in
`aurweb.pkgbase.actions`.
- `pkgbase`-wise routes have been moved to
`aurweb.routers.pkgbase`.
- `make_single_context` was moved to
`aurweb.pkgbase.util.make_context`.
Signed-off-by: Kevin Morris <kevr@0cost.org>
`delete_package` was processing package deletions through `Package`
instances. This doesn't make sense; if we delete a package, we want
to target its package base.
This new function vastly simplifies the previous.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This new constructor is a beginning to making Request a bit more easy
to deal with for standard testing needs. With this commit, users can
now specify a `user` and `authenticated` state while constructing a
Request:
request = Request(user=some_user, authenticated=True)
By default, the `authenticated` kwarg is set to False and `user` is
set to `aurweb.testing.requests.User()`.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This commit centralizes comaintainer management with a few new
functions and uses them more appropriately within routes:
- aurweb.packages.util.latest_priority
- aurweb.packages.util.remove_comaintainer
- aurweb.packages.util.remove_comaintainers
- aurweb.packages.util.add_comaintainer
- aurweb.packages.util.add_comaintainers
- aurweb.packages.util.rotate_comaintainers
Closes#117
Signed-off-by: Kevin Morris <kevr@0cost.org>
While this does make more sense to me personally, there is no need
to change how the AUR treats its users; it has been accepted for
ages and not found to be ridden with flaws. Stay with the tried
and true method.
Signed-off-by: Kevin Morris <kevr@0cost.org>
- Use queries more closely aligned to PHP's implementation; removes
the need for separate vote/notification queries.
- Default sort by popularity
Closes#214
Signed-off-by: Kevin Morris <kevr@0cost.org>
Instead of allowing an exception to propogate through the framework
routes, catch it and log out an error about notifications not being
sent.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This commit also decouples testing regarding this feature
into several test functions.
Signed-off-by: Kevin Morris <kevr@0cost.org>
bump
Signed-off-by: Kevin Morris <kevr@0cost.org>
This will ensure the state of `request.user` is good to go
for any other users which obtain it after the backend.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This commit changes several things about how we were handling
package requests.
Modifications (requests):
-------------
- `/requests/{id}/close` no longer provides an Accepted selection.
All manual request closures will cause a rejection.
- Relevent `pkgbase` actions now trigger request closures:
`/pkgbase/{name}/delete` (deletion), `/pkgbase/{name}/merge` (merge)
and `/pkgbase/{name}/disown` (orphan).
- Comment fields have been added to
`/pkgbase/{name}/{delete,merge,disown}`, which is used to set the
`PackageRequest.ClosureComment` on pending requests. If the comment
field is left blank, a closure comment is autogenerated.
- Autogenerated request notifications are only sent out once
as a closure notification.
- Some markup has been fixed.
Modifications (disown/orphan):
-----------------------------
- Orphan requests are now handled through the same path as
deletion/merge.
- We now check for due date when disowning as non-maintainer;
previously, this was only done for display and not functionally.
This check applies to Trusted Users' disowning of a package.
This style of notification flow does reduce our visibility, but
accounting can still be done via the close request; it includes
the action, pkgbase name and the user who accepted it.
Closes#204
Signed-off-by: Kevin Morris <kevr@0cost.org>
After actually digging into how the logger does things,
since the root logger is required and we have specific
level-changing loggers for our components, we must no-op
the root logger to avoid it duplicating logs from the others.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Previously, we were just relying on the cookie expiration
for sessions to expire. We were not cleaning up Session
records either.
Rework timing to depend on an AURREMEMBER cookie which is
now emitted on login during BasicAuthBackend processing.
If the SID does still have a session but it's expired,
we now delete the session record before returning.
Otherwise, we update the session's LastUpdateTS to
the current time.
In addition, stored the unauthenticated result value
in a variable to reduce redundancy.
Signed-off-by: Kevin Morris <kevr@0cost.org>
There's a space between every 4 characters in the fingerprint
in PHP; we were missing it in FastAPI. This commit fixes that
inconsistency.
Signed-off-by: Kevin Morris <kevr@0cost.org>
