In addition, this patch brings in display for the vote decision
you cast on it. This is only viewable by the request user; your
vote is not being shared with others.
Signed-off-by: Kevin Morris <kevr@0cost.org>
By implicitly joining, sqlalchemy joined on
`TUVote.UsersID = TUVoteInfo.SubmitterID`. This should be joining on
`TUVote.VoteID = TUVoteInfo.ID` instead to include all TUVote instances
found in the database.
Closes#266
Signed-off-by: Kevin Morris <kevr@0cost.org>
- the "Flagged Out-of-date on ..." link in the package action panel does
not contain a timezone specifier.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This change utilizes pytest-xdist to perform a multiproc test
run and reworks aurweb.db's code. We no longer use a global
engine, session or Session, but we now use a memo of engines
and sessions as they are requested, based on the PYTEST_CURRENT_TEST
environment variable, which is available during testing.
Additionally, this change strips several SQLite components
out of the Python code-base.
SQLite is still compatible with PHP and sharness tests, but
not with our FastAPI implementation.
More changes:
------------
- Remove use of aurweb.db.session global in other code.
- Use new aurweb.db.name() dynamic db name function in env.py.
- Added 'addopts' to pytest.ini which utilizes multiprocessing.
- Highly recommended to leave this be or modify `-n auto` to
`-n {cpu_threads}` where cpu_threads is at least 2.
Signed-off-by: Kevin Morris <kevr@0cost.org>
We pretty much want @auth_required to send users to login
if we enforce auth requirements but don't otherwise specify
a way to deal with it.
Signed-off-by: Kevin Morris <kevr@0cost.org>
For SQLAlchemy to automatically understand updates from the
external world, it must use an `autocommit=True` in its session.
This change breaks how we were using commit previously, as
`autocommit=True` causes SQLAlchemy to commit when a
SessionTransaction context hits __exit__.
So, a refactoring was required of our tests: All usage of
any `db.{create,delete}` must be called **within** a
SessionTransaction context, created via new `db.begin()`.
From this point forward, we're going to require:
```
with db.begin():
db.create(...)
db.delete(...)
db.session.delete(object)
```
With this, we now get external DB modifications automatically
without reloading or restarting the FastAPI server, which we
absolutely need for production.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Another part of the "Trusted User" collection of routes.
This allows a Trusted User to create a proposal.
New Routes:
- get `/addvote/`
- post `/addvote/`
Signed-off-by: Kevin Morris <kevr@0cost.org>
This commit ports the `/tu/?id={proposal_id}` PHP routes to
FastAPI into two individual GET and POST routes.
With this port of the single proposal view and POST logic,
several things have changed.
- The only parameter used is now `decision`, which
must contain `Yes`, `No`, or `Abstain` as a string.
When an invalid value is given, a BAD_REQUEST response
is returned in plaintext: Invalid 'decision' value.
- The `doVote` parameter has been removed.
- The details section has been rearranged into a set
of divs with specific classes that can be used for
testing. CSS has been added to persist the layout with
the element changes.
- Several errors that can be discovered in the POST path
now trigger their own non-200 HTTPStatus codes.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This commit implements the '/tu' Trusted User index page.
In addition to this functionality, this commit introduces
the following jinja2 filters:
- dt: util.timestamp_to_datetime
- as_timezone: util.as_timezone
- dedupe_qs: util.dedupe_qs
- urlencode: urllib.parse.quote_plus
There's also a new decorator that can be used to enforce
permissions: `account_type_required`. If a user does not
meet account type requirements, they are redirected to '/'.
```
@auth_required(True)
@account_type_required({"Trusted User"})
async def some_route(request: fastapi.Request):
return Response("You are a Trusted User!")
```
Routes added:
- `GET /tu`: aurweb.routers.trusted_user.trusted_user
Signed-off-by: Kevin Morris <kevr@0cost.org>
