Derived off of original work done by Leonidas Spyropoulos
at https://gitlab.archlinux.org/archlinux/aurweb/-/merge_requests/503
This revision of that original work finishes off the inconsistencies
mentioned in the original MR and adds a small bit of testing for more
regression checks.
Fixes: #360
Signed-off-by: Kevin Morris <kevr@0cost.org>
Found along with the previous commit to be a security hole in our
implementation. This commit resolves an issue regarding comment editing.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This addresses a severe security issue, which is omitted from this
git message for obscurity purposes.
Otherwise, it allows co-maintainers to see the keyword form when
viewing a package they co-maintain.
Closes#378
Signed-off-by: Kevin Morris <kevr@0cost.org>
Remove all extra whitespace when parsing Keywords to ensure we don't add
empty keywords in the DB.
Closes: #332
Signed-off-by: Leonidas Spyropoulos <artafinde@archlinux.org>
It was found in the aur.al database that some records have
a non-null flagger, but are not flagged. Using the flagger
relationship, we were false redirecting away from the flag
page.
Signed-off-by: Kevin Morris <kevr@0cost.org>
