This commit fixes two of our tests in test_templates.py to go along
with our new template modifications, as well as a new test in
test_packages_routes.py which constructs two packages belonging
to the same package base, then tests that viewing their pages
produces their independent descriptions.
Signed-off-by: Kevin Morris <kevr@0cost.org>
...What in the world happened here. We were literally just populating
`pkg` based on `pkgbase.packages.first()`. We should have been focusing
on the package passed by the context, which is always available when
`show_package_details` is true.
Closes#384
Signed-off-by: Kevin Morris <kevr@0cost.org>
Since we support requests which have no associated user, we must
support the case where we are displaying such a request.
Signed-off-by: Kevin Morris <kevr@0cost.org>
In accordance with black's defined style, we now expect a maximum
of 88 columns for any one particular line.
This change fixes remaining violations of 88 columns in the codebase
(not many), and introduces the modified flake8 configuration.
Signed-off-by: Kevin Morris <kevr@0cost.org>
The reason behind this is to make checking and formatting consistent between
contributors and CI. It is also easier to incorporate new hooks, since many
tools already provides pre-commit hooks
In addition this commit also adds `black` and `autoflake` along with a few
other useful hooks from the `pre-commit-hooks` repository.
Derived off of original work done by Leonidas Spyropoulos
at https://gitlab.archlinux.org/archlinux/aurweb/-/merge_requests/503
This revision of that original work finishes off the inconsistencies
mentioned in the original MR and adds a small bit of testing for more
regression checks.
Fixes: #360
Signed-off-by: Kevin Morris <kevr@0cost.org>
in addition, remove cookie expiration for AURREMEMBER --
we don't really care about a session time for this cookie, it merely
acts as a flag given out on login to remember what the user selected
Signed-off-by: Kevin Morris <kevr@0cost.org>
Found along with the previous commit to be a security hole in our
implementation. This commit resolves an issue regarding comment editing.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This addresses a severe security issue, which is omitted from this
git message for obscurity purposes.
Otherwise, it allows co-maintainers to see the keyword form when
viewing a package they co-maintain.
Closes#378
Signed-off-by: Kevin Morris <kevr@0cost.org>
This was incorrectly using the particular Package record's name
to format options.snapshot_uri in order to produce URLPath.
It should, instead, use the PackageBase record's name, which
this commit resolves.
Bug reported by thomy2000
Closes#382
Signed-off-by: Kevin Morris <kevr@0cost.org>
Redis's get() method can return None which makes an RPC request error
out:
File "/srv/http/aurweb/aurweb/ratelimit.py", line 103, in check_ratelimit
requests = int(requests.decode())
AttributeError: 'NoneType' object has no attribute 'decode'
