We pretty much want @auth_required to send users to login
if we enforce auth requirements but don't otherwise specify
a way to deal with it.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Currently, the config parser converts all keys to lowercase which is
inconsistent with the old PHP behavior. This has been fixed and relevant
fingerprint-getting functions have been simplified without changes in
behavior.
Signed-off-by: Steven Guikal <void@fluix.one>
This commit adds a new Arch dependency: `libeatmydata`, which
provides the `eatmydata` executable that stubs out fsync() operations.
We use `eatmydata` to run our sharness and pytests in Docker now.
With `autocommit=True`, required by SQLAlchemy to keep the
session up to date with external DB modifications, many fsync
calls are used in the SQLite backend; especially because we're wiping
and creating records in every DB-bound test.
**Before:**
- mysql: 1m42s (elapsed during pytest run)
- sqlite: 3m06s (elapsed during pytest run)
**After:**
- mysql: 1m40s (elapsed during pytest run)
- sqlite: 1m50s (elapsed during pytest run)
Shout out to @klausenbusk, who suggested this as a possible fix,
and it was. Thanks, Kristian!
Closes#120
Signed-off-by: Kevin Morris <kevr@0cost.org>
Changes from PHP:
- If a user submits a POST request with an invalid reason,
they are returned back to the closure form with a BAD_REQUEST status.
- Now, users which created a PackageRequest have the ability to close
their own.
- Form action has been changed to `/requests/{id}/close`.
Closes https://gitlab.archlinux.org/archlinux/aurweb/-/issues/20
Signed-off-by: Kevin Morris <kevr@0cost.org>
This change implements the FastAPI version of the
/pkgbase/{name}/request form's action.
Changes from PHP:
- Additional errors are now displayed for the **merge_into** field,
which are only displayed when the Merge type is selected.
- If the **merge_into** field is empty, a new error is displayed:
'The "Merge into" field must not be empty.'
- If the **merge_into** field is given the name of a package base
which does not exist, a new error is displayed:
"The package base you want to merge into does not exist."
- If the **merge_into** field is given the name of the package
base that a request is being created for, a new error is
displayed: "You cannot merge a package base into itself."
- When an error is encountered, users are now brought back to
the request form which they submitted and an error is displayed
at the top of the page.
- If an invalid type is provided, users are returned to a BAD_REQUEST
status rendering of the request form.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This change required a slight modification of how we handle
the Requests page. It is now available to all users.
This commit provides 1/2 of the implementation which actually
satisfies this feature. 2/2 will contain the actual implementation
of closures of requests, which will also allow users who created
the request to decide to close it.
Issue: https://gitlab.archlinux.org/archlinux/aurweb/-/issues/20
Signed-off-by: Kevin Morris <kevr@0cost.org>
Introduces `aurweb.defaults` and `aurweb.filters`.
`aurweb.filters` is a location developers can put their additional
Jinja2 filters and/or functions. We should slowly move all of our
filters over here, where it makes sense.
`aurweb.defaults` is a new module which hosts some default constants
and utility functions, starting with offsets (O) and per page values
(PP).
As far as the new GET /requests is concerned, we match up here to
PHP's implementation, with some minor improvements:
Improvements:
* PP on this page is now configurable: 50 (default), 100, or 250.
* Example: `https://localhost:8444/requests?PP=250`
Modifications:
* The pagination is a bit different, but serves the exact same purpose.
* "Last" no longer goes to an empty page.
* Closes: https://gitlab.archlinux.org/archlinux/aurweb/-/issues/14
Signed-off-by: Kevin Morris <kevr@0cost.org>
Along with this, created a new test suite at test/test_html.py,
which has the responsibility of testing various HTML things
that are not suitable for another test suite.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Changes from PHP:
- Form action now points to `/pkgbase/{name}/comaintainers`.
- When an error occurs, users are sent back to
`/pkgbase/{name}/comaintainers` with an error at the top of the page.
(PHP used to send people to /pkgbase/, which ended up at a blank
search page).
Closes: https://gitlab.archlinux.org/archlinux/aurweb/-/issues/51
Signed-off-by: Kevin Morris <kevr@0cost.org>
Along with this initial requests metric implementation,
we also now serve the `/metrics` route, which grabs request
metrics out of cache and renders them properly for Prometheus.
**NOTE** Metrics are only enabled when the aurweb system admin
has enabled caching by configuring `options.cache` correctly
in `$AUR_CONFIG`. Otherwise, an error is logged about no cache
being configured.
New dependencies have been added which require the use of
`composer`. See `INSTALL` for the dependency section in regards
to composer dependencies and how to install them properly for
aurweb.
Metrics are in the following forms:
aurweb_http_requests_count(method="GET",route="/some_route")
aurweb_api_requests_count(method="GET",route="/rpc",type="search")
This should allow us to search through the requests for specific routes
and queries.
Signed-off-by: Kevin Morris <kevr@0cost.org>
In addition, fix up some templates to display pinned comments,
and include the unpin form input for pinned comments, which is
not yet implemented.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Deleters and edits were not previously taken into account.
This fix addresses that issue using User.has_credential.
Signed-off-by: Kevin Morris <kevr@0cost.org>
In PHP, this was implemented using an /rpc type 'get-comment-form'.
With FastAPI, we've decided to reorganize this into a non-RPC route:
`/pkgbase/{name}/comments/{id}/form`, rendered via the new
`templates/partials/packages/comment_form.html` template.
When the comment_form.html template is provided a `comment` object,
it will produce an edit comment form. Otherwise, it will produce a new
comment form.
A few new FastAPI routes have been introduced:
- GET `/pkgbase/{name}/comments/{id}/form`
- Produces a JSON response based on {"form": "<form_markup>"}.
- POST `/pkgbase/{name}/comments'
- Creates a new comment.
- POST `/pkgbase/{name}/comments/{id}`
- Edits an existing comment.
In addition, some Javascript has been modified for our new routes.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This commit decouples most of the rendercomment.py logic into
a function, `update_comment_render`, which can be used by other
Python modules to perform comment rendering.
In addition, we silence some deprecation warnings from python-markdown
by removing `md_globals` parameters from python-markdown callbacks.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This function is now used as `render_template`'s underlying
implementation of rendering a template, and uses that render
in its HTMLResponse path.
This separation allows users to directly render a template
without producing a Response object.
Signed-off-by: Kevin Morris <kevr@0cost.org>
`get_pkgbase` has been replaced with `get_pkg_or_base`, which is
quite similar, but it does take a new `cls` keyword argument which
is to be the model class which we search for via its `Name` column.
Additionally, this change fixes a bug in the `/packages/{name}` route
by supplying the Package object in question to the context and modifying
the template to use it instead of a hacky through-base workaround.
Examples:
pkgbase = get_pkg_or_base("some_pkgbase_name", PackageBase)
pkg = get_pkg_or_base("some_package_name", Package)
Signed-off-by: Kevin Morris <kevr@0cost.org>
For the dev environment, we use a no-op address. We don't want
to be spamming aur-requests with development notifications.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Additionally, `up -d` will no longer run tests unless `--profile dev`
is specified by the Docker user.
People should now be running docker with two files:
$ docker-compose -f docker-compose.yml -f docker-compose.override.yml up -d nginx
$ docker-compose -f docker-compose.yml -f docker-compose.dev.yml run test
Contributed by @klausenbusk. Thanks!
