If the If-None-Match header is supplied with a previously
obtained ETag from the same query, a 304 Not Modified is
returned with no content.
This allows clients to completely leverage the ETag header.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Since we're in the hot path, a constant re.compiled
JSONP_EXPR is defined for checks against the callback.
Additionally, reorganized `content_type` and `content`
to avoid performing a DB query when we encounter a
regex mismatch.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This change introduces alternate rendering of text/javascript
JSONP-compatible callback content. The `examples/jsonp.html`
HTML document can be used to test this functionality against
a running aurweb server.
Signed-off-by: Kevin Morris <kevr@0cost.org>
When by == 'maintainer', we allow an unspecified keyword,
resulting in a search of orphan packages. Fix our search
check so that when no arg is given, it is set to an empty
str().
We already check for valid args when type is not maintainer,
so there's no need to worry about other args falling through.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This commit introduces a PackageSearch-derivative class: `RPCSearch`.
This derivative modifies callback behavior of PackageSearch to
suit RPC searches, including [make|check|opt]depends `by` types.
Signed-off-by: Kevin Morris <kevr@0cost.org>
The previous method was super bad. Even if a variable was declared,
if it was empty, we would run into a false-positive. Additionally,
the previous method did not allow us to not specify the COMMIT_HASH
variable; which is problematic for development environments.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This is needed so that users can edit comments when they don't have
Javascript being used in their browser.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This definitely leaked through in more areas. We'll need to reuse
this new utility function in a few other routes in upcoming commits.
Signed-off-by: Kevin Morris <kevr@0cost.org>
With this change, we've decoupled some partials shared between
`/pkgbase/{name}` and `/account/{username}/comments`. The comment
actions template now resolves its package base via the `comment`
instance instead of requiring `pkgbase`.
We've also modified the existing package comment routes to
support execution from any location using the `next` parameter.
This allows us to reuse code from package comments for
account comments actions.
Moved the majority of comment editing javascript to its own
.js file.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This uses the internally defined docker volume `git_data`,
but the variable is configurable for changes in the future.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Previously CGIT_CLONE_PREFIX_(PHP|FASTAPI), we found that we could
use the same env var in multiple places, including non-cgit-clone-prefix
areas.
So, they were renamed, and one additional prefix was added.
- CGIT_CLONE_PREFIX_PHP -> AURWEB_PHP_PREFIX
- Used for cgit's clone prefix and AUR_CONFIG's aur_location for PHP
- CGIT_CLONE_PREFIX_FASTAPI -> AURWEB_FASTAPI_PREFIX
- Used for cgit's clone prefix and AUR_CONFIG's aur_location for FastAPI
- AURWEB_SSHD_PREFIX
- Used for aurweb's sshd clone prefix shown on package pages
Signed-off-by: Kevin Morris <kevr@0cost.org>
Additionally, for now, no-op usage of the MARIADB_SOCKET_DIR
environment variable. This is particularly useful for a serious
production setup, but we don't currently use that.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This change removes cookie re-emission of AURLANG and AURTZ,
adds the AURREMEMBER cookie (the state of the "Remember Me"
checkbox on login), and re-emits AURSID based on the AURREMEMBER
cookie.
Previously, re-emission of AURSID was forcefully modifying
the expiration of the AURSID cookie. The introduction of
AURREMEMBER allows us to deduct the correct cookie expiration
timing based on configuration variables. With this addition,
we now re-emit the AURSID cookie with an updated expiration
based on the "Remember Me" checkbox on login.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Two new options have been added:
- [devel] commit_url
- URL including an %s format specifier that can be used to link
to a webpage for the commit.
- [devel] commit_hash
- HEAD's commit hash (produced via `git rev-parse HEAD`)
If a `[devel] commit_hash` is configured, a link to the commit based on
`[devel] commit_url` will be displayed in the aurweb footer in
the form: `HEAD@<commit_hash>`. If no `[devel] commit_url` is
configured, a non-linked hash will be displayed.
Signed-off-by: Kevin Morris <kevr@0cost.org>
The default recursion limit used by Docker's archlinux:base-devel
Python package becomes problematic in some cases when running tests
against our FastAPI application using starlette.testclient.TestClient
(aliased to fastapi.testclient.TestClient). starlette ends up with
test failures because it exceeds the recursion limit, but this only
happens when using the `TestClient`. When the ASGI servers are run,
this is not an issue and so in that case, the recursion limit has
not been touched.
This change uses a `TEST_RECURSION_LIMIT` environment variable to
modify the recursion limit of the FastAPI application. This variable
is, by default, only supplied when running pytests in Docker, but
can be force-supplied by the user.
TEST_RECURSION_LIMIT=10000 has been added to `.env` and `.gitlab-ci.yml`.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Changes:
- `via` is not required in FastAPI. We deduce the involved
requests via their PackageBaseName / MergeBaseName columns
and set them to Accepted when merged.
- When erroneous input is given, the error is now presented
on the merge page instead of sending the user to the pkgbase
page.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Improvements:
- Package deletion now creates a PackageRequest on behalf of
the deleter if one does not yet exist.
- All package deletions are now logged to keep track of who did what.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This merge requires production users to specify an host
directory to bind as the git repository within Docker containers.
This means that a repository can be shared between host
and container, so that the repository does not need to be
managed within Docker alone.
New environment variables:
- GIT_DATA_DIR: Path to aur.git repository that is bind mounted
Do note, this variable only takes affect when users run
production Docker services, by supplying:
$ docker-compose -f docker-compose.yml -f docker-compose.prod.yml ...
This deprecation warning is not fixed in a tagged release yet.
Ignoring it for now; it has nothing to do with user code.
Upstream bug at https://bugs.python.org/issue45097
Signed-off-by: Kevin Morris <kevr@0cost.org>
