We'll just prefer falling back on X-Forwarded-For for now.
Forwarded is the newer header, we'll need to change this in
the near future.
Signed-off-by: Kevin Morris <kevr@0cost.org>
On aur-dev.archlinux.org, we use a proxy tunnel through our
internal nginx. This allows us to rewrite the Host header
based on whatever port we wish within internal nginx config.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This patch brings in the use of .with_entities on our
RPC search query. This primarily fixes performance issues
we were seeing with large queries.
That being said, we do see a bit of a slowdown on
large record count rpc queries, but it's quite negligible
at this point.
We still do aim to perform better than the older PHP
implementation, so this is not a finishing patch by
any means.
Signed-off-by: Kevin Morris <kevr@0cost.org>
We were allowing erroneous URLs through, raising exceptions,
from e.g. `http://[localhost:8444/blah`. This patch catches
any ValueErrors raised during the parse process and returns
False, indicating that the validation failed.
This patch also adds testing specifically for `util.valid_homepage`.
We didn't have specific testing for this before; this will allow us
to catch regressions in this area.
Closes#250
Signed-off-by: Kevin Morris <kevr@0cost.org>
Without this rewriting, we've been running into conversing with
HTTP over HTTPS (400 Bad Request).
TODO: Refactor this entire nginx config to something a bit more
simple and clean.
Signed-off-by: Kevin Morris <kevr@0cost.org>
We don't need the https certificates being dealt with in the fastapi
service; we will define our certificates in any frontend nginx
running on top.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This commit does quite a bit:
- Catches unhandled exceptions raised in the route handler and
produces a 500 Internal Server Error Arch-themed response.
- Each unhandled exception causes a notification to be sent to new
`notifications.postmaster` email with a "Traceback ID."
- Traceback ID is logged to the server along with the traceback which
caused the 500: `docker-compose logs fastapi | grep '<traceback_id>'`
- If `options.traceback` is set to `1`, traceback is displayed in
the new 500.html template.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Originally left at util/adduser.py, this script allows administrators
to simply add a user to the configured aurweb database.
See --help for options.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This gets raised when a client closes a connection before receiving
a valid response; this is not controllable from our side.
Signed-off-by: Kevin Morris <kevr@0cost.org>
After two months, this finally got merged by somebody else.
Still largely considering moving away from FastAPI in the
long run, but this is better than relying on kevr's fork
for starlette 0.17.1 compat.
Other packages have also been upgraded and locked to versions.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This migration modifies the Yes, No, Abstain and ActiveTUs columns
of the TUVoteInfo table from unsigned TINYINT to unsigned INTEGER.
TINYINT supports a total of 1 byte (up to 255 trusted users). This
is quite limited and we don't spend too much more by storing a
standard 4-byte INTEGER.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Previous conversion was causing a straight up bug when submitting
new proposals. This patch fixes that issue.
Signed-off-by: Kevin Morris <kevr@0cost.org>
In addition, we display the Voters partial regardless of them existing
or not; with no voters, an empty Voters list is displayed.
Closes#236
Signed-off-by: Kevin Morris <kevr@0cost.org>
Conflicts, Provides and Replaces did not have consistent
ordering with PHP. This patch fixes that issue.
Closes#228
Signed-off-by: Kevin Morris <kevr@0cost.org>
