Package requests are sent to the ML as well as users (CC).
For those who chose to hide their mail address,
we should add them to the BCC list instead.
Signed-off-by: moson-mo <mo-son@mailbox.org>
- Add package name textbox for filtering requests (with auto-suggest)
- Make "x pending requests" a link for TU/Dev on the package details page
Signed-off-by: moson-mo <mo-son@mailbox.org>
Currently, the "Enable notifications" checkbox
is only shown when editing a comment.
We should also show it when a new comment is about to be added.
Signed-off-by: moson-mo <mo-son@mailbox.org>
Provides a convenient way to check for responses on the
mailing list prior to Accepting/Rejecting requests.
We compute the Message-ID hash that can be used to
link back to the article in the mailing list archive.
Signed-off-by: moson-mo <mo-son@mailbox.org>
Fixes:
Keyword-links on the package page pass wrong query-parameter.
Thus a name/description search is performed instead of keywords
Issue report: #397
Signed-off-by: moson-mo <mo-son@mailbox.org>
Fix glitch on the package page:
"Show more..." not displayed for the "Required by" list
Fix test case:
Function name does not start with "test" hence it was never executed during test runs
Issue report: #363
Signed-off-by: moson-mo <mo-son@mailbox.org>
See doc/git-archive.md for general Git archive specifications
See doc/repos/metadata-repo.md for info and direction related to the new Git metadata archive
This commit fixes two of our tests in test_templates.py to go along
with our new template modifications, as well as a new test in
test_packages_routes.py which constructs two packages belonging
to the same package base, then tests that viewing their pages
produces their independent descriptions.
Signed-off-by: Kevin Morris <kevr@0cost.org>
...What in the world happened here. We were literally just populating
`pkg` based on `pkgbase.packages.first()`. We should have been focusing
on the package passed by the context, which is always available when
`show_package_details` is true.
Closes#384
Signed-off-by: Kevin Morris <kevr@0cost.org>
Since we support requests which have no associated user, we must
support the case where we are displaying such a request.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Derived off of original work done by Leonidas Spyropoulos
at https://gitlab.archlinux.org/archlinux/aurweb/-/merge_requests/503
This revision of that original work finishes off the inconsistencies
mentioned in the original MR and adds a small bit of testing for more
regression checks.
Fixes: #360
Signed-off-by: Kevin Morris <kevr@0cost.org>
This addresses a severe security issue, which is omitted from this
git message for obscurity purposes.
Otherwise, it allows co-maintainers to see the keyword form when
viewing a package they co-maintain.
Closes#378
Signed-off-by: Kevin Morris <kevr@0cost.org>
This patch does not include a javascript implementating, but
provides a pure HTML/HTTP method of paging through these lists.
Also fixes erroneous limiting. We now use a hardcoded limit of 20
by default.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This patch brings in two new features:
- when viewing proposal listings, there is a new Statistics section,
containing the total and active number of Trusted Users found in the
database.
- when viewing a proposal directly, the number of active trusted users
assigned when the proposal was added is now displayed in the details
section.
Closes#323
Signed-off-by: Kevin Morris <kevr@0cost.org>
Not sure where this works, but it doesn't seem to work on my
browser. Achieved the same by forEaching through the array
returned by querySelectorAll instead.
Signed-off-by: Kevin Morris <kevr@0cost.org>
The previous behavior was carried over from PHP. It has been requested
that we use the true defaults when rendering the default form, making
search a bit more sensible.
Closes#269
Signed-off-by: Kevin Morris <kevr@0cost.org>
For requests, we always pass a `next` of /requests, leading us
back to the requests page. For a standard package, we get redirected
to the involved pkgbase, or target pkgbase if a merge action was taken.
Signed-off-by: Kevin Morris <kevr@0cost.org>
There was one blazing issue with the previous implementation regardless
of the multiple records: we were generating fingerprints by storing
the key into a file and reading it with ssh-keygen. This is absolutely
terrible and was not meant to be left around (it was forgotten, my bad).
Took this opportunity to clean up a few things:
- simplify pubkey validation
- centralize things a bit better
Signed-off-by: Kevin Morris <kevr@0cost.org>
- the "Flagged Out-of-date on ..." link in the package action panel does
not contain a timezone specifier.
Signed-off-by: Kevin Morris <kevr@0cost.org>
