This change removes cookie re-emission of AURLANG and AURTZ,
adds the AURREMEMBER cookie (the state of the "Remember Me"
checkbox on login), and re-emits AURSID based on the AURREMEMBER
cookie.
Previously, re-emission of AURSID was forcefully modifying
the expiration of the AURSID cookie. The introduction of
AURREMEMBER allows us to deduct the correct cookie expiration
timing based on configuration variables. With this addition,
we now re-emit the AURSID cookie with an updated expiration
based on the "Remember Me" checkbox on login.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Two new options have been added:
- [devel] commit_url
- URL including an %s format specifier that can be used to link
to a webpage for the commit.
- [devel] commit_hash
- HEAD's commit hash (produced via `git rev-parse HEAD`)
If a `[devel] commit_hash` is configured, a link to the commit based on
`[devel] commit_url` will be displayed in the aurweb footer in
the form: `HEAD@<commit_hash>`. If no `[devel] commit_url` is
configured, a non-linked hash will be displayed.
Signed-off-by: Kevin Morris <kevr@0cost.org>
The default recursion limit used by Docker's archlinux:base-devel
Python package becomes problematic in some cases when running tests
against our FastAPI application using starlette.testclient.TestClient
(aliased to fastapi.testclient.TestClient). starlette ends up with
test failures because it exceeds the recursion limit, but this only
happens when using the `TestClient`. When the ASGI servers are run,
this is not an issue and so in that case, the recursion limit has
not been touched.
This change uses a `TEST_RECURSION_LIMIT` environment variable to
modify the recursion limit of the FastAPI application. This variable
is, by default, only supplied when running pytests in Docker, but
can be force-supplied by the user.
TEST_RECURSION_LIMIT=10000 has been added to `.env` and `.gitlab-ci.yml`.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Changes:
- `via` is not required in FastAPI. We deduce the involved
requests via their PackageBaseName / MergeBaseName columns
and set them to Accepted when merged.
- When erroneous input is given, the error is now presented
on the merge page instead of sending the user to the pkgbase
page.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Improvements:
- Package deletion now creates a PackageRequest on behalf of
the deleter if one does not yet exist.
- All package deletions are now logged to keep track of who did what.
Signed-off-by: Kevin Morris <kevr@0cost.org>
New configuration options:
- `[ratelimit] cache`
- A boolean indicating whether we should use configured cache (1)
or database (0) for ratelimiting.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Additionally, added RPC.error, which produces an RPC-compatible
error based on the version passed during construction.
Signed-off-by: Kevin Morris <kevr@0cost.org>
With this change, we provide a wrapper to `logging.getLogger`
in the `aurweb.logging` module. Modules wishing to log using
logging.conf should get their module-local loggers by calling
`aurweb.logging.getLogger(__name__)`, similar to `logging.getLogger`,
this way initialization with logging.conf is guaranteed.
Signed-off-by: Kevin Morris <kevr@0cost.org>
When using this input on `live` as a TU, the field is not
taken into account. Tried with no action and with the
Delete Packages action, which ended up deleting the packages
but not merging into the given target.
So, this commit removes that input from the page.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This reworks the base implementation of the RPC to use a
class called RPC for handling of requests. Took a bit of
a different approach than PHP in terms of exposed methods,
but it does end up achieving the same goal, with one additional
error: "Request type '{type}' is not yet implemented."
For FastAPI development, we'll stick with:
- If the supplied 'type' argument has an alias mapping in
RPC.ALIASES, we convert the type argument over to its alias
before doing anything. Example: 'info' is aliased to 'multiinfo',
so when a user requests type=info, it is converted to type=multiinfo.
- If the type does not exist in RPC.EXPOSED_TYPES, the following
error is produced: "No request type/data specified."
- If the type **does** exist in RPC.EXPOSED_TYPES, but does not
have an implemented `RPC._handle_{type}_type` function, the
following error is produced: "Request type '{type}' is not yet
implemented."
Signed-off-by: Kevin Morris <kevr@0cost.org>
Previously, we passed the straight up request type instance from
SQLAlchemy and had a .title() function that was transparently
treating the instance the same as the instance's Name in terms
of notify.py's use of it.
This commit removes that transparent behavior; it was not actually
intended.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This is in addition to the current recipients. Co-maintainers should
also be made aware when their package has pending requests.
NOTE: This commit was slightly modified to resolve cherry-pick
conflicts in `pu`.
With our FastAPI server, trailing slashes causes a 307 redirect
which ends up redirecting users to routes which do not contain
trailing slashes. This removes trailing slashes from our templates
where FastAPI is concerned to avoid unnecessary redirects.
There may still be links or usages around which have unnecessary
usages of a trailing slash; please keep a look out for these and
remove them where possible.
Signed-off-by: Kevin Morris <kevr@0cost.org>
The POST /packages route takes an `action`, `merge_into` and `confirm`
form data arguments. It then routes over to `action`'s callback provided
by `PACKAGE_ACTIONS`. This commit does not implement actions, but
mocks out the flow we would expect from the POST route.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This gives developers the ability to import models without importing
them directly from their module:
from aurweb.models import Ban, AccountType
This provides more conciseness:
from aurweb import models
def some_func(ban: models.Ban):
pass
def some_other_func(user: models.User):
pass
This more aligns with a Django-style of core model bases.
NOTE: Docker images must be rebuilt with this change, as setup.cfg
has changed. Old Docker images will cause flake8 violation reports.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Usage of EXPECTATION_FAILED in these cases is totally wrong.
EXPECTATION_FAILED is a failure in terms of the HTTP protocol,
not user input. Change all usage of EXPECTATION_FAILED to BAD_REQUEST.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Now, we allow the direct relationships and their foreign keys to
be set in all of our models. Previously, we constrained this to
direct relationships, and this forced users to perform a query
in most situations to satisfy that requirement. Now, IDs can be
passed directly.
Additionally, this change removes the need for extraneous imports
when users which to use relationships. We now import and use models
directly instead of passing string-references to them.
Signed-off-by: Kevin Morris <kevr@0cost.org>
The `aurweb.scripts.popupdate` script is used to maintain
the NumVotes and Popularity field. We could do the NumVotes
change more simply; however, since this is already a long-term
implementation, we're going to use it until we move scripts
over to ORM.
Signed-off-by: Kevin Morris <kevr@0cost.org>
