+ Added aurweb.models.user.User class. This is the first example
of an sqlalchemy ORM model. We can search for users via for example:
`session.query(User).filter(User.ID==1).first()`, where `session` is
a configured `aurweb.db.session` object.
+ Along with the User class, defined the AccountType class.
Each User maintains a relationship to its AccountType via User.AccountType.
+ Added AccountType.users backref.
Signed-off-by: Kevin Morris <kevr@0cost.org>
+ Added Session class and global session object to aurweb.db,
these are sessions created by sqlalchemy ORM's sessionmaker
and will allow us to use declarative/imperative models.
Signed-off-by: Kevin Morris <kevr@0cost.org>
+ Mounted static files (at web/html) to /static.
+ Added AURWEB_VERSION to aurweb.config (this is used around HTML
to refer back to aurweb's release on git.archlinux.org), so we
need it easily accessible in the Python codebase.
+ Implemented basic Jinja2 partials to put together whole aurweb
pages. This may be missing some things currently and is a WIP
until this set is ready to be merged.
+ Added config [options] aurwebdir = YOUR_AUR_ROOT; this configuration
option should specify the root directory of the aurweb project.
It is used by various parts of the FastAPI codebase to target
project directories.
Added routes via aurweb.routers.html:
* POST /language: Set your session language.
* GET /favicon.ico: Redirect to /static/images/favicon.ico.
* Some browsers always look for $ROOT/favicon.ico to get an icon
for the page being loaded, regardless of a specified "shortcut
icon" given in a <link> directive.
* GET /: Home page; WIP.
* Updated aurweb.routers.html.language passes query parameters to
its next redirection.
When calling aurweb.templates.render_template, the context passed should
be formed via the aurweb.templates.make_context. See
aurweb.routers.html.index for an example of this.
Signed-off-by: Kevin Morris <kevr@0cost.org>
+ Added SUPPORTED_LANGUAGES, a global constant dictionary of
language => display pairs for languages we support.
+ Add Translator.get_translator, a function used to retrieve a
translator after initializing it (if needed). Use `fallback=True`
while creating languages, in case we setup a language that we
don't have a translation for, it will noop the translation.
This is particularly useful for "en," since we do not translate
it, but doing this will allow us to go through our normal translation
flow in any case.
+ Added typing.
+ Added get_request_language, a function that grabs the language for
a request session, defaulting to aurweb.config [options] default_lang.
+ Added get_raw_translator_for_request, a function that retrieves
the concrete translation object for a given language.
+ Added tr, a jinja2 contextfilter that can be used to inline translate
strings in jinja2 templates.
+ Added `python-jinja` dep to .gitlab-ci.yml. This needs to be
included in documentation before this set is merged in.
+ Introduce pytest units (test_l10n.py) in `test` along with
__init__.py, which marks `test` as a test package.
+ Additionally, fix up notify.py to use the global translator. Also
reduce its source width to <= 80 by newlining some code.
+ Additionally, prepare locale in .gitlab-ci.yml and add
aurweb.config [options] localedir to config.dev with YOUR_AUR_ROOT
like others.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Some of the columns that were changed still want to be
case insensitive. Good thing our tables have nice
separation.
Signed-off-by: Kevin Morris <kevr@0cost.org>
MySql defaults to `utf8` and case insensitive collation so migrate these to case sensitive and `utf8mb4`
Closes#21
Signed-off-by: Leonidas Spyropoulos <artafinde@gmail.com>
I've seen this happen a bunch of times now. Someone cannot push to the
AUR, and the error report is some traceback with a KeyError which is
difficult to understand without context:
remote: Traceback (most recent call last):
remote: File "/srv/http/aurweb/aur.git/hooks/update", line 33, in <module>
remote: sys.exit(load_entry_point('aurweb==5.0.0', 'console_scripts', 'aurweb-git-update')())
remote: File "/usr/lib/python3.9/site-packages/aurweb-5.0.0-py3.9.egg/aurweb/git/update.py", line 306, in main
remote: KeyError: 'pkgbase'
Eventually it turns out that their .SRCINFO file is... badly corrupted.
Generally, they managed to accidentally commit an *empty* file instead
of a .SRCINFO, and in all cases, the problem was on the very first
lookup for 'pkgbase'.
Point people to the actual failing commit, and have a nicely formatted
message indicating that the .SRCINFO is completely invalid.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
uvicorn is subjectively nicer to play with for local dev work, but
hypercorn is required in order to do HTTP/2 which is fairly
performance-important.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Co-authored-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
This allows using a relative path for the config. PHP didn't play well
with it.
Signed-off-by: Filipe Laíns <lains@archlinux.org>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Introduce a `redirect` query argument to SSO login endpoints so that
users are redirected to the page they were originally on when they
clicked the Login link.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This feature was originally introduced by
f961ffd9c7 as a fix for FS#12898
<https://bugs.archlinux.org/task/12898>.
As of today, it is broken because of the `q.SessionID IS NULL` condition
in the WHERE clause, which can’t be true because SessionID is not
nullable. As a consequence, the session limit was not applied.
The fact the absence of the session limit hasn’t caused any issue so
far, and hadn’t even been noticed, suggests the feature is unneeded.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
The existing notify.py script was grabbing entries regardless
of user suspension. This has been modified to only send notifications
to unsuspended users.
This change was written as a solution to
https://bugs.archlinux.org/task/65554.
Signed-off-by: Kevin Morris <kevr.gtalk@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
As far as I can see, Keycloak ignores it entirely. I can login in as SSO
user A, then disconnect from the SSO directly and reconnect as user B,
but when I disconnect user A from AUR, Keycloak disconnects B even
though AUR passed it an ID token for A.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This column holds a user ID issed by the single sign-on provider. For
Keycloak, it is an UUID. For more flexibility, we will be using a
standardly-sized VARCHAR field.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
The install method in Python’s gettext API aliases the translator’s
gettext method to an application-global _(). We don’t use that anywhere,
and it’s clear from aurweb’s Translator interface that we want to
translate a piece of text without affecting any global namespace.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Developers can go to /sso/login to get redirected to the SSO. On
successful login, the ID token is displayed.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
aurweb.spawn used to launch only PHP’s built-in server. Now it spawns a
dummy FastAPI application too. Since both stacks spawn their own HTTP
server, aurweb.spawn also spawns nginx as a reverse proxy to mount them
under the same base URL, defined by aur_location in the configuration.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This program makes it easier for developers to spawn the PHP server
since it fetches automatically what it needs from the configuration
file, rather than having the user explicitly pass arguments to the php
executable.
When the setup gets more complicated as we introduce Python,
aurweb.spawn will keep providing the same interface, while under the
hood it is planned to support running multiple sub-processes.
Its Python interface provides an way for the test suite to spawn the
test server when it needs to perform HTTP requests to the test server.
The current implementation is somewhat weak as it doesn’t detect when a
child process dies, but this is not supposed to happen often, and it is
only meant for aurweb developers.
In the long term, aurweb.spawn will eventually become obsolete, and
replaced by Docker or Flask’s tools.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
When using the sendmail() function with smtplib.SMTP or
smtplib.SMTP_SSL, the list of actual recipients for the email (to be
translated to RCPT commands) has to be provided as a parameter.
Update the notification script and add all Cc recipients to that
parameter.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
After f7a57c8 (Localize notification emails, 2018-05-17), the
server.sendmail line was not updated to now send the to the email
address but instead sends to (email, 'en') and as sendmail accepts an
iterable an email is also send to 'en'.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
