Commit graph

2395 commits

Author SHA1 Message Date
Eli Schwartz
be5197a5fe prevent running mysql-specific query in sqlite
We usually guard such queries and have both mysql and sqlite branches.
But I have not implemented the sqlite branch. Given sqlite is typically
used for local dev setups, the fact that "users with more than the
configured max simultaneous logins" can avoid getting some logins
annulled is probably not a huge risk.

And this always *used* to fail on sqlite, silently. Now, in php 8, it
raises PDOException, which prevents running the test server

Document this as a FIXME for now, until someone reimplements the query
for sqlite.

Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20 11:22:11 -05:00
Eli Schwartz
d92dd69aa3 fix broken SQL query that always failed
Due to missing whitespace at the end of strings during joining, we ended
up with the query fragment

"DelTS IS NULLAND NOT PinnedTS"

which should be

"DelTS IS NULL AND NOT PinnedTS"

So the check for pinned comments > 5 likely always failed.

In php 7, a completely broken query that raises exceptions in the
database engine was silently ignored... in php 8, it raises

Uncaught PDOException: SQLSTATE[HY000]: General error: 1 near "PinnedTS": syntax error in <file>

and aborts the page building. End result: users with permission to pin
comments cannot see any comments, or indeed page content below the first
comment header

Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20 11:22:11 -05:00
Frederik Schwan
d5e308550a Fix requests not being sent to the Cc recipients
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-10-13 20:26:51 -04:00
Morten Linderud
613364b773 pkg_search_page: Limit number of results on package search
The current package search query is quite poorly optimized and becomes a
resource hog when the offsets gets large enough. This DoSes the service.

A quick fix is to just ensure we have some limit to the number of hits
we return. The current hardcoding of 2500 is based on the following:

    * 250 hits per page max
    * 10 pages

We can maybe consider having it lower, but it seems easier to just have
this a multiple of 250 in the first iteration.

Signed-off-by: Morten Linderud <morten@linderud.pw>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-09-05 10:21:16 -04:00
Lukas Fleischer
c4f4ac510b Deliver emails to Cc in smtplib code path
When using the sendmail() function with smtplib.SMTP or
smtplib.SMTP_SSL, the list of actual recipients for the email (to be
translated to RCPT commands) has to be provided as a parameter.

Update the notification script and add all Cc recipients to that
parameter.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-08-27 07:19:57 -04:00
Jelle van der Waa
03a6fa2f7e Call sendmail with to, not recipient
After f7a57c8 (Localize notification emails, 2018-05-17), the
server.sendmail line was not updated to now send the to the email
address but instead sends to (email, 'en') and as sendmail accepts an
iterable an email is also send to 'en'.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-08-26 08:32:32 -04:00
Lukas Fleischer
169607f153 Fix PHP notices in the account form
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-04-05 15:59:56 -04:00
Lukas Fleischer
1369eb87b3 Fix invalid session ID check
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-04-05 15:59:55 -04:00
Lukas Fleischer
853ed9a950 Release 5.0.0
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-03-27 08:51:15 -04:00
Lukas Fleischer
279d8042e3 Add new upgrade instructions
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-03-27 08:49:34 -04:00
Lukas Fleischer
a09c4d8168 Translation updates from Transifex
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-03-27 08:31:46 -04:00
Frédéric Mangano-Tarumi
31a5b40b5c Map BIGINT to INTEGER for SQLite
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-03-22 16:50:10 -04:00
Frédéric Mangano-Tarumi
28ba3f77dc Write test/README.md to help working with tests
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-29 14:57:46 +01:00
Frédéric Mangano-Tarumi
bf7c49158c test/Makefile: Run tests with prove when available
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-29 14:56:47 +01:00
Frédéric Mangano-Tarumi
90c0a361b5 Support running tests from any directory
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-29 14:56:47 +01:00
Frédéric Mangano-Tarumi
e374a91feb Change the extension of TAP test suites to .t
This is the common convention for TAP, and makes harnesses like prove
automatically detect them. Plus, test suites don’t have to be shell
scripts anymore.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-27 16:44:36 +01:00
Frédéric Mangano-Tarumi
81d55e70ee Disable Alembic support on test databases
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-27 16:44:36 +01:00
Frédéric Mangano-Tarumi
e4cbe264cf Create an initial Alembic migration
This way the database will get stamped, and Git will create the
`versions` directory without which Alembic won’t work.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-27 16:44:36 +01:00
Frédéric Mangano-Tarumi
a8a1f74a92 Set up Alembic for database migrations
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-27 16:44:36 +01:00
Frédéric Mangano-Tarumi
7188743fc3 Migrate the database schema to SQLAlchemy
The new schema was generated with sqlacodegen and then manually adjusted
to fit schema/aur-schema.sql faithfully, both in the organisation of the
code and in the SQL generated by SQLAlchemy.

Initializing the database now requires the new tool aurweb.initdb.
References to aur-schema.sql have been updated and the old schema
dropped.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-27 16:44:36 +01:00
Lukas Fleischer
4b2102ceb2 Properly escape passwords in the account edit form
Addresses FS#65639.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-27 16:44:36 +01:00
Lukas Fleischer
cbab9870c1 Fix HTML code in the account search results table
Do not add an opening <tbody> tag for every row. Instead, wrap all rows
in <tbody></tbody>.

While at it, also simplify the code used to color the rows.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-26 13:51:18 +01:00
Lukas Fleischer
afe3f5d0e5 README.md: add references to Transifex
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-26 13:51:18 +01:00
Yaron Shahrabani
33d8fe035e README.md: fix a small typo
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-26 13:51:18 +01:00
Eli Schwartz
050b08081a Fix more PHP 7.4 warnings
The try_login() function documents it returns an array containing an
'error' key, and our only caller *only* consults the 'error' key. Then
the function returns null instead of an array, if the login succeeded!

I question why we bother returning the new SID if we never use it,
surely we could either return the error or return default null. But, for
now, I'm just going to fix it to return what it's actually supposed to,
without changing the API.

Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-13 09:11:34 +01:00
Eli Schwartz
5ca1e271f9 Fix PHP 7.4 warnings
If a db query returned NULL instead of an array, then accessing $row[0]
now throws a warning. The undocumented behavior of evaluating to NULL
is maintained, and we want to return NULL anyway, so add a check for the
value and fall back on the default function return type.

Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-13 09:11:28 +01:00
Lukas Fleischer
65c98d1216 Use relative URIs for {source_file,log,commit}_uri
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-11 13:21:28 +01:00
Lukas Fleischer
b855ce9452 Make SMTP port and authentication configurable
Add more options to configure the smtplib implementation for sending
notification emails.

The port can be changed using the new smtp-port option.

Encryption can be configured using smtp-use-ssl and smtp-use-starttls.
Keep in mind that you usually also need to change the port when enabling
either of these options.

Authentication can be configured using smtp-user and smtp-password.
Authentication is disabled if either of these values is empty.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-11 12:19:56 +01:00
Lukas Fleischer
de549fb2d5 Support smtplib for sending emails
Support mail delivery without a local MTA. Instead, an SMTP server can
now be configured using the smtp-server option in the [notifications]
section. In order to use this option, the value of the sendmail option
must be empty.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-11 12:19:56 +01:00
Lukas Fleischer
3f2654e79e Update README and convert to Markdown syntax
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-11 12:19:56 +01:00
Lukas Fleischer
d4632aaffa Translation updates from Transifex
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-10 11:05:27 +01:00
Frédéric Mangano-Tarumi
e15d5c8180 rendercomment: use python-markdown's new registration API
First, this gets rid of the deprecation warnings Python displayed.

Second, this fixes the case where a link contained a pair of
underscores, which used to be interpreted as an emphasis because the
linkify processor ran after the emphasis processor.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-02 20:49:16 +01:00
Frédéric Mangano-Tarumi
81faab9978 rendercomment: test headings lowering
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-02 20:49:16 +01:00
Frédéric Mangano-Tarumi
127bb4c84c rendercomment: safer Flyspray task linkification
When an FS#123 is part of a code block, it must not be converted into a
link. FS#123 may also appear inside an URL, in which case regular
linkifaction of URLs must take precedence.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-02 20:49:16 +01:00
Frédéric Mangano-Tarumi
199f34e42e rendercomment: safer auto-linkification of URLs
Fixes a few edge cases:

- URLs within code blocks used to get redundant <> added, breaking bash
  code snippets like `curl https://...` into `curl <https://...>`.

- Links written with markdown's <https://...> syntax also used to get an
  extra pair of brackets.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-02 12:12:43 +01:00
Frédéric Mangano-Tarumi
0fc69e96bd rendercomment: add a test for Git commit links
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-02 12:12:43 +01:00
Frédéric Mangano-Tarumi
c277a3de8f rendercomment: respectful linkification of Git commits
Turn the git-commits markdown processor into an inline processor, which
is smart enough not to convert Git hashes contained in code blocks or
links.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-02 12:12:43 +01:00
Lukas Fleischer
8ff21fd39c Update message catalog
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-02 12:12:43 +01:00
Lukas Fleischer
aa555f9ae5 Explain syntax/features in the comments section
Addresses FS#64983.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-02 12:12:43 +01:00
Lukas Fleischer
e5f8fe5528 Explain the hide email address setting
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-02 12:12:43 +01:00
Lukas Fleischer
ee2aa9755f Add support for backup email addresses
Support secondary email addresses that can be used to recover an account
in case access to the primary email address is lost. Reset keys for an
account are always sent to both the primary and the backup email
address.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-02 12:12:42 +01:00
Lukas Fleischer
e5a839bf0b Add option to send reset key for a given user name
In addition to supporting email addresses in the reset key form, also
support user names. The reset key is then sent to the email address in
the user's profile.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-02-02 12:12:42 +01:00
Lukas Fleischer
23c0c9c372 Update copyright range in the cgit footer 2020-01-30 14:23:28 +01:00
Lukas Fleischer
def2787b45 Require password when changing account information
Since commits daee20c (Require current password when setting a new one,
2020-01-30) and 8fc8898 (Require password when deleting an account,
2020-01-30), changing a password and deleting an account require the
current password. Extend this to all other profile changes.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-01-30 14:05:24 +01:00
Lukas Fleischer
8fc8898fef Require password when deleting an account
Further reduce the attack surface in case of a stolen session ID.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-01-30 13:25:15 +01:00
Lukas Fleischer
7aa420d24d Verify current password against logged in user
When changing the password of an account, instead of asking for the old
password of the account, ask for the password of the currently logged in
user. This allows privileged users to edit other accounts without
knowing their passwords.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-01-30 13:25:15 +01:00
Lukas Fleischer
f090896fa1 Undo accidental code addition
Rollback an accidental change that sneaked into commit daee20c (Require
current password when setting a new one, 2020-01-30).

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-01-30 13:25:15 +01:00
Lukas Fleischer
d0e5c3db69 t2500: fix test cases
Since commit eeaa1c3 (Separate text from footer in notification emails,
2020-01-04), information about unsubscribing from notifications is added
in a signature block. Fix the test cases accordingly.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-01-30 13:25:15 +01:00
Lukas Fleischer
4ececd6041 Keep signature delimiters intact in notifications
Since commit eeaa1c3 (Separate text from footer in notification emails,
2020-01-04), information about unsubscribing from notifications is added
in a signature block. However, the code to format the email body trimmed
the RFC 3676 signature delimiter, replacing "-- " by "--". Fix this by
adding a special case for signature delimiters.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-01-30 13:25:15 +01:00
Lukas Fleischer
daee20c694 Require current password when setting a new one
Prevent from easily taking over an account by changing the password with
a stolen session ID.

Fixes FS#65325.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2020-01-30 10:31:26 +01:00