December 2016 - Aur-dev - lists.archlinux.org

[aur-dev] [PATCH] Add user set timestamps
by Mark Weiman 20 Jan '17

20 Jan '17

Currently, aurweb displays all dates and times in UTC time. This patch adds a capability for each logged in user to set their preferred timezone. Implements: FS#48729 Signed-off-by: Mark Weiman <mark.weiman(a)markzz.com> --- schema/aur-schema.sql | 1 + upgrading/4.5.0.txt | 5 +++ web/html/account.php | 3 ++ web/html/register.php | 4 ++- web/html/voters.php | 2 +- web/lib/acctfuncs.inc.php | 16 ++++++--- web/lib/aur.inc.php | 4 +++ web/lib/pkgreqfuncs.inc.php | 2 +- web/lib/timezone.inc.php | 69 ++++++++++++++++++++++++++++++++++++ web/template/account_edit_form.php | 15 ++++++++ web/template/flag_comment.php | 2 +- web/template/pkg_comments.php | 6 ++-- web/template/pkg_details.php | 6 ++-- web/template/pkgbase_details.php | 6 ++-- web/template/pkgreq_results.php | 2 +- web/template/stats/updates_table.php | 2 +- web/template/tu_details.php | 4 +-- web/template/tu_list.php | 4 +-- 18 files changed, 129 insertions(+), 24 deletions(-) create mode 100644 upgrading/4.5.0.txt create mode 100644 web/lib/timezone.inc.php diff --git a/schema/aur-schema.sql b/schema/aur-schema.sql index 30209bd..95a4373 100644 --- a/schema/aur-schema.sql +++ b/schema/aur-schema.sql @@ -32,6 +32,7 @@ CREATE TABLE Users ( ResetKey CHAR(32) NOT NULL DEFAULT '', RealName VARCHAR(64) NOT NULL DEFAULT '', LangPreference VARCHAR(6) NOT NULL DEFAULT 'en', + Timezone VARCHAR(50) NOT NULL DEFAULT 'UTC', Homepage TEXT NULL DEFAULT NULL, IRCNick VARCHAR(32) NOT NULL DEFAULT '', PGPKey VARCHAR(40) NULL DEFAULT NULL, diff --git a/upgrading/4.5.0.txt b/upgrading/4.5.0.txt new file mode 100644 index 0000000..a9c0220 --- /dev/null +++ b/upgrading/4.5.0.txt @@ -0,0 +1,5 @@ +1. Add Timezone column to Users + +--- +ALTER TABLE Users ADD COLUMN Timezone VARCHAR(50) NOT NULL DEFAULT 'UTC'; +--- \ No newline at end of file diff --git a/web/html/account.php b/web/html/account.php index 2892f04..91e5703 100644 --- a/web/html/account.php +++ b/web/html/account.php @@ -34,6 +34,7 @@ if ($action == "UpdateAccount") { in_request("U"), in_request("T"), in_request("S"), in_request("E"), in_request("H"), in_request("P"), in_request("C"), in_request("R"), in_request("L"), + in_request("TZ"), in_request("HP"), in_request("I"), in_request("K"), in_request("PK"), in_request("J"), in_request("CN"), in_request("UN"), in_request("ON"), in_request("ID"), @@ -89,6 +90,7 @@ if (isset($_COOKIE["AURSID"])) { "", $row["RealName"], $row["LangPreference"], + $row["Timezone"], $row["Homepage"], $row["IRCNick"], $row["PGPKey"], @@ -141,6 +143,7 @@ if (isset($_COOKIE["AURSID"])) { in_request("C"), in_request("R"), in_request("L"), + in_request("TZ"), in_request("HP"), in_request("I"), in_request("K"), diff --git a/web/html/register.php b/web/html/register.php index 6c6d52e..72092a7 100644 --- a/web/html/register.php +++ b/web/html/register.php @@ -31,6 +31,7 @@ if (in_request("Action") == "NewAccount") { '', in_request("R"), in_request("L"), + in_request("TZ"), in_request("HP"), in_request("I"), in_request("K"), @@ -53,6 +54,7 @@ if (in_request("Action") == "NewAccount") { '', in_request("R"), in_request("L"), + in_request("TZ"), in_request("HP"), in_request("I"), in_request("K"), @@ -64,7 +66,7 @@ if (in_request("Action") == "NewAccount") { } } else { print '' . __("Use this form to create an account.") . ''; - display_account_form("NewAccount", "", "", "", "", "", "", "", "", $LANG); + display_account_form("NewAccount", "", "", "", "", "", "", "", "", $LANG, "UTC"); } echo '</div>'; diff --git a/web/html/voters.php b/web/html/voters.php index 8833be1..4180933 100644 --- a/web/html/voters.php +++ b/web/html/voters.php @@ -20,7 +20,7 @@ if (has_credential(CRED_PKGBASE_LIST_VOTERS)): <li> <a href="<?= get_user_uri($row['Username']); ?>"><?= htmlspecialchars($row['Username']) ?></a> <?php if ($row["VoteTS"] > 0): ?> - (<?= gmdate("Y-m-d H:i", intval($row["VoteTS"])) ?>) + (<?= gmdate("Y-m-d H:i", tz_timestamp(intval($row["VoteTS"]))) ?>) <?php endif; ?> </li> <?php endwhile; ?> diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php index 172b962..46dbce7 100644 --- a/web/lib/acctfuncs.inc.php +++ b/web/lib/acctfuncs.inc.php @@ -1,5 +1,4 @@ <?php - /** * Determine if an HTTP request variable is set * @@ -52,6 +51,7 @@ function html_format_pgp_fingerprint($fingerprint) { * @param string $C The confirmed password value of the displayed user * @param string $R The real name of the displayed user * @param string $L The language preference of the displayed user + * @param string $TZ The timezone preference of the displayed user * @param string $HP The homepage of the displayed user * @param string $I The IRC nickname of the displayed user * @param string $K The PGP key fingerprint of the displayed user @@ -66,7 +66,7 @@ function html_format_pgp_fingerprint($fingerprint) { * @return void */ function display_account_form($A,$U="",$T="",$S="",$E="",$H="",$P="",$C="",$R="", - $L="",$HP="",$I="",$K="",$PK="",$J="",$CN="",$UN="",$ON="",$UID=0,$N="") { + $L="",$TZ="",$HP="",$I="",$K="",$PK="",$J="",$CN="",$UN="",$ON="",$UID=0,$N="") { global $SUPPORTED_LANGS; include("account_edit_form.php"); @@ -88,6 +88,7 @@ function display_account_form($A,$U="",$T="",$S="",$E="",$H="",$P="",$C="",$R="" * @param string $C The confirmed password for the user * @param string $R The real name of the user * @param string $L The language preference of the user + * @param string $TZ The timezone preference of the user * @param string $HP The homepage of the displayed user * @param string $I The IRC nickname of the user * @param string $K The PGP fingerprint of the user @@ -102,7 +103,7 @@ function display_account_form($A,$U="",$T="",$S="",$E="",$H="",$P="",$C="",$R="" * @return array Boolean indicating success and message to be printed */ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$H="",$P="",$C="", - $R="",$L="",$HP="",$I="",$K="",$PK="",$J="",$CN="",$UN="",$ON="",$UID=0,$N="") { + $R="",$L="",$TZ="",$HP="",$I="",$K="",$PK="",$J="",$CN="",$UN="",$ON="",$UID=0,$N="") { global $SUPPORTED_LANGS; $error = ''; @@ -278,13 +279,14 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$H="",$P="",$C="" $salt = $dbh->quote($salt); $R = $dbh->quote($R); $L = $dbh->quote($L); + $TZ = $dbh->quote($TZ); $HP = $dbh->quote($HP); $I = $dbh->quote($I); $K = $dbh->quote(str_replace(" ", "", $K)); $q = "INSERT INTO Users (AccountTypeID, Suspended, "; $q.= "InactivityTS, Username, Email, Passwd, Salt, "; - $q.= "RealName, LangPreference, Homepage, IRCNick, PGPKey) "; - $q.= "VALUES (1, 0, 0, $U, $E, $P, $salt, $R, $L, "; + $q.= "RealName, LangPreference, Timezone, Homepage, IRCNick, PGPKey) "; + $q.= "VALUES (1, 0, 0, $U, $E, $P, $salt, $R, $L, $TZ "; $q.= "$HP, $I, $K)"; $result = $dbh->exec($q); if (!$result) { @@ -347,6 +349,7 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$H="",$P="",$C="" } $q.= ", RealName = " . $dbh->quote($R); $q.= ", LangPreference = " . $dbh->quote($L); + $q.= ", Timezone = " . $dbh->quote($TZ); $q.= ", Homepage = " . $dbh->quote($HP); $q.= ", IRCNick = " . $dbh->quote($I); $q.= ", PGPKey = " . $dbh->quote(str_replace(" ", "", $K)); @@ -359,6 +362,9 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$H="",$P="",$C="" $ssh_key_result = account_set_ssh_keys($UID, $ssh_keys, $ssh_fingerprints); + error_log($result ? "t" : "f"); + error_log($ssh_key_result ? "t" : "f"); + error_log($q); if ($result === false || $ssh_key_result === false) { $message = __("No changes were made to the account, %s%s%s.", "", htmlspecialchars($U,ENT_QUOTES), ""); diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php index 9015ae8..38dcdd0 100644 --- a/web/lib/aur.inc.php +++ b/web/lib/aur.inc.php @@ -18,6 +18,9 @@ include_once("cachefuncs.inc.php"); include_once("confparser.inc.php"); include_once("credentials.inc.php"); +include_once('timezone.inc.php'); +set_tz(); + /** * Check if a visitor is logged in * @@ -356,6 +359,7 @@ function uid_from_sid($sid="") { function html_header($title="", $details=array()) { global $LANG; global $SUPPORTED_LANGS; + global $TZ; include('header.php'); return; diff --git a/web/lib/pkgreqfuncs.inc.php b/web/lib/pkgreqfuncs.inc.php index 8ceac8d..e7512c1 100644 --- a/web/lib/pkgreqfuncs.inc.php +++ b/web/lib/pkgreqfuncs.inc.php @@ -172,7 +172,7 @@ function pkgreq_file($ids, $type, $merge_into, $comments) { * maintainer will not be included in the Cc list of the * request notification email. */ - $out_of_date_time = gmdate("Y-m-d", intval($details["OutOfDateTS"])); + $out_of_date_time = gmdate("Y-m-d", tz_timestamp(intval($details["OutOfDateTS"]))); pkgreq_close($request_id, "accepted", "The package base has been flagged out-of-date " . "since " . $out_of_date_time . ".", true); diff --git a/web/lib/timezone.inc.php b/web/lib/timezone.inc.php new file mode 100644 index 0000000..e69e35c --- /dev/null +++ b/web/lib/timezone.inc.php @@ -0,0 +1,69 @@ +<?php +set_include_path(get_include_path() . PATH_SEPARATOR . '../lib'); + +/** + * Generate an associative of the PHP timezones and display text. + * + * @return array PHP Timezone => Displayed Description + */ +function generate_timezone_list() { + $php_timezones = DateTimeZone::listIdentifiers(DateTimeZone::ALL); + + $offsets = array(); + foreach ($php_timezones as $timezone) { + $tz = new DateTimeZone($timezone); + $offset = $tz->getOffset(new DateTime()); + $offsets[$timezone] = "(UTC" . ($offset < 0 ? "-" : "+") . gmdate("H:i", abs($offset)) . + ") " . $timezone; + } + + asort($offsets); + return $offsets; +} + +/** + * Set the $TZ global variable. + * + * @global string $TZ Timezone set for session. + * + * @return null + */ +function set_tz() { + global $TZ; + + $timezones = generate_timezone_list(); + + if (isset($_COOKIE['AURSID'])) { + $dbh = DB::connect(); + $q = "SELECT Timezone FROM Users, Sessions "; + $q.= "WHERE Users.ID = Sessions.UsersID "; + $q.= "AND Sessions.SessionID = "; + $q.= $dbh->quote($_COOKIE['AURSID']); + $result = $dbh->query($q); + + if ($result) { + $row = $result->fetchAll(); + $TZ = $row[0][0]; + } else { + $TZ = config_get("options", "default_timezone"); + } + + if (!array_key_exists($TZ, $timezones)) { + error_log("Am I Here?"); + $TZ = config_get("options", "default_timezone"); + } + } +} + +/** + * Add the selected timezone's offset to a timestamp. + * + * @param $timestamp int Timestamp to be manipulated + * + * @return int Manipulated timestamp + */ +function tz_timestamp($timestamp) { + global $TZ; + $offset = isset($TZ) ? timezone_offset_get(new DateTimeZone($TZ), new DateTime()) : 0; + return $timestamp + $offset; +} \ No newline at end of file diff --git a/web/template/account_edit_form.php b/web/template/account_edit_form.php index 19821a0..17c9d14 100644 --- a/web/template/account_edit_form.php +++ b/web/template/account_edit_form.php @@ -129,6 +129,21 @@ ?> </select> + + <label for="id_timezone"><?= __("Timezone") ?></label> + <select name="TZ" id="id_timezone"> +<?php + $timezones = generate_timezone_list(); + while (list($key, $val) = each($timezones)) { + if ($TZ == $key) { + print "<option value=\"".$key."\" selected=\"selected\"> ".$val."</option>\n"; + } else { + print "<option value=\"".$key."\"> ".$val."</option>\n"; + } + } +?> + </select> + </fieldset> <fieldset> diff --git a/web/template/flag_comment.php b/web/template/flag_comment.php index 36af43e..a0e91b8 100644 --- a/web/template/flag_comment.php +++ b/web/template/flag_comment.php @@ -5,7 +5,7 @@ <?= __('%s%s%s flagged %s%s%s out-of-date on %s%s%s for the following reason:', '', html_format_username($message['Username']), '', '', htmlspecialchars($pkgbase_name), '', - '', gmdate('Y-m-d', $message['OutOfDateTS']), ''); ?> + '', gmdate('Y-m-d', tz_timestamp($message['OutOfDateTS'])), ''); ?> <?php else: ?> <?= __('%s%s%s is not flagged out-of-date.', '', htmlspecialchars($pkgbase_name), ''); ?> diff --git a/web/template/pkg_comments.php b/web/template/pkg_comments.php index a28e41b..dcd6901 100644 --- a/web/template/pkg_comments.php +++ b/web/template/pkg_comments.php @@ -17,7 +17,7 @@ if (!isset($count)) { <?php while (list($indx, $row) = each($comments)): ?> <?php - $date_fmtd = gmdate('Y-m-d H:i', $row['CommentTS']); + $date_fmtd = gmdate('Y-m-d H:i', tz_timestamp($row['CommentTS'])); if ($row['UserName']) { $user_fmtd = html_format_username($row['UserName']); $heading = __('%s commented on %s', $user_fmtd, $date_fmtd); @@ -30,7 +30,7 @@ if (!isset($count)) { $is_pinned = $row['PinnedTS']; if ($uid && $is_deleted) { - $date_fmtd = gmdate('Y-m-d H:i', $row['DelTS']); + $date_fmtd = gmdate('Y-m-d H:i', tz_timestamp($row['DelTS'])); $heading .= ' ('; if ($row['DelUserName']) { $user_fmtd = html_format_username($row['DelUserName']); @@ -40,7 +40,7 @@ if (!isset($count)) { } $heading .= ')'; } elseif ($uid && $is_edited) { - $date_fmtd = gmdate('Y-m-d H:i', $row['EditedTS']); + $date_fmtd = gmdate('Y-m-d H:i', tz_timestamp($row['EditedTS'])); $heading .= ' ('; if ($row['EditUserName']) { $user_fmtd = html_format_username($row['EditUserName']); diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php index b9c66d4..8cca437 100644 --- a/web/template/pkg_details.php +++ b/web/template/pkg_details.php @@ -34,9 +34,9 @@ $msg = __('unknown'); $license = empty($row['License']) ? $msg : $row['License']; # Print the timestamps for last updates -$updated_time = ($row["ModifiedTS"] == 0) ? $msg : gmdate("Y-m-d H:i", intval($row["ModifiedTS"])); -$submitted_time = ($row["SubmittedTS"] == 0) ? $msg : gmdate("Y-m-d H:i", intval($row["SubmittedTS"])); -$out_of_date_time = ($row["OutOfDateTS"] == 0) ? $msg : gmdate("Y-m-d", intval($row["OutOfDateTS"])); +$updated_time = ($row["ModifiedTS"] == 0) ? $msg : gmdate("Y-m-d H:i", tz_timestamp(intval($row["ModifiedTS"]))); +$submitted_time = ($row["SubmittedTS"] == 0) ? $msg : gmdate("Y-m-d H:i", tz_timestamp(intval($row["SubmittedTS"]))); +$out_of_date_time = ($row["OutOfDateTS"] == 0) ? $msg : gmdate("Y-m-d", tz_timestamp(intval($row["OutOfDateTS"]))); $lics = pkg_licenses($row["ID"]); $grps = pkg_groups($row["ID"]); diff --git a/web/template/pkgbase_details.php b/web/template/pkgbase_details.php index 1012c4e..819ad68 100644 --- a/web/template/pkgbase_details.php +++ b/web/template/pkgbase_details.php @@ -31,9 +31,9 @@ $popularity = $row['Popularity']; $msg = __('unknown'); # Print the timestamps for last updates -$updated_time = ($row["ModifiedTS"] == 0) ? $msg : gmdate("Y-m-d H:i", intval($row["ModifiedTS"])); -$submitted_time = ($row["SubmittedTS"] == 0) ? $msg : gmdate("Y-m-d H:i", intval($row["SubmittedTS"])); -$out_of_date_time = ($row["OutOfDateTS"] == 0) ? $msg : gmdate("Y-m-d", intval($row["OutOfDateTS"])); +$updated_time = ($row["ModifiedTS"] == 0) ? $msg : gmdate("Y-m-d H:i", tz_timestamp(intval($row["ModifiedTS"]))); +$submitted_time = ($row["SubmittedTS"] == 0) ? $msg : gmdate("Y-m-d H:i", tz_timestamp(intval($row["SubmittedTS"]))); +$out_of_date_time = ($row["OutOfDateTS"] == 0) ? $msg : gmdate("Y-m-d", tz_timestamp(intval($row["OutOfDateTS"]))); $pkgs = pkgbase_get_pkgnames($base_id); diff --git a/web/template/pkgreq_results.php b/web/template/pkgreq_results.php index b27963b..38f9f23 100644 --- a/web/template/pkgreq_results.php +++ b/web/template/pkgreq_results.php @@ -67,7 +67,7 @@ <td> <a href="<?= get_uri('/account/') . htmlspecialchars($row['User'], ENT_QUOTES) ?>" title="<?= __('View account information for %s', htmlspecialchars($row['User'])) ?>"><?= htmlspecialchars($row['User']) ?></a> </td> - <td<?php if ($due): ?> class="flagged"<?php endif; ?>><?= gmdate("Y-m-d H:i", intval($row['RequestTS'])) ?></td> + <td<?php if ($due): ?> class="flagged"<?php endif; ?>><?= gmdate("Y-m-d H:i", tz_timestamp(intval($row['RequestTS']))) ?></td> <?php if ($row['Open']): ?> <td> <?php if ($row['BaseID']): ?> diff --git a/web/template/stats/updates_table.php b/web/template/stats/updates_table.php index 580583b..2addf0a 100644 --- a/web/template/stats/updates_table.php +++ b/web/template/stats/updates_table.php @@ -10,7 +10,7 @@ <a href="<?= get_pkg_uri($row["Name"]); ?>" title="<?= htmlspecialchars($row["Name"]) . ' ' . htmlspecialchars($row["Version"]); ?>"><?= htmlspecialchars($row["Name"]) . ' ' . htmlspecialchars($row["Version"]); ?></a> </td> <td class="pkg-date"> - <?= gmdate("Y-m-d H:i", intval($row["ModifiedTS"])); ?> + <?= gmdate("Y-m-d H:i", tz_timestamp(intval($row["ModifiedTS"]))); ?> </td> </tr> <?php endforeach; ?> diff --git a/web/template/tu_details.php b/web/template/tu_details.php index 38f6c0d..b0f77cd 100644 --- a/web/template/tu_details.php +++ b/web/template/tu_details.php @@ -39,10 +39,10 @@ if ($yes > $active_tus / 2) { <?php endif; ?> - <?= __("Submitted: %s by %s", gmdate("Y-m-d H:i", $row['Submitted']), html_format_username(username_from_id($row['SubmitterID']))) ?> + <?= __("Submitted: %s by %s", gmdate("Y-m-d H:i", tz_timestamp($row['Submitted'])), html_format_username(username_from_id($row['SubmitterID']))) ?> <?= __("End") ?>: - <?= gmdate("Y-m-d H:i", $row['End']) ?> + <?= gmdate("Y-m-d H:i", tz_timestamp($row['End'])) ?> <?php if ($isrunning == 0): ?> <?= __("Result") ?>: diff --git a/web/template/tu_list.php b/web/template/tu_list.php index b3e1073..707169b 100644 --- a/web/template/tu_list.php +++ b/web/template/tu_list.php @@ -38,8 +38,8 @@ <td><?php $row["Agenda"] = htmlspecialchars(substr($row["Agenda"], 0, $prev_Len)); ?> <a href="<?= get_uri('/tu/'); ?>?id=<?= $row['ID'] ?>"><?= $row["Agenda"] ?></a> </td> - <td><?= gmdate("Y-m-d", $row["Submitted"]) ?></td> - <td><?= gmdate("Y-m-d", $row["End"]) ?></td> + <td><?= gmdate("Y-m-d", tz_timestamp($row["Submitted"])) ?></td> + <td><?= gmdate("Y-m-d", tz_timestamp($row["End"])) ?></td> <td> <?php if (!empty($row['User'])): ?> <a href="<?= get_uri('/packages/'); ?>?K=<?= $row['User'] ?>&SeB=m"><?= $row['User'] ?></a> -- 2.10.2

3 21

[aur-dev] [PATCH 1/1] Fix for issue FS#49134 - AUR site search includes packages' keywords when searching by name and description
by Nodiv Byzero 10 Jan '17

10 Jan '17

--- web/lib/pkgfuncs.inc.php | 5 +++++ 1 files changed, 5 insertions(+), 0 deletions(-) diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php index 4b0fdba..f61e52c 100644 --- a/web/lib/pkgfuncs.inc.php +++ b/web/lib/pkgfuncs.inc.php @@ -755,6 +755,11 @@ function pkg_search_page($SID="") { $K = "%" . addcslashes($_GET['K'], '%_') . "%"; $q_where .= "AND (Packages.Name LIKE " . $dbh->quote($K) . ") "; } + elseif (isset($_GET["SeB"]) && $_GET["SeB"] == "nd") { + /* Search by name. */ + $K = "%" . addcslashes($_GET['K'], '%_') . "%"; + $q_where .= "AND (Packages.Name LIKE " . $dbh->quote($K) . " OR Packages.Description LIKE " . $dbh->quote($K) . ") "; + } elseif (isset($_GET["SeB"]) && $_GET["SeB"] == "b") { /* Search by package base name. */ $K = "%" . addcslashes($_GET['K'], '%_') . "%"; -- 1.7.3.4

2 4

[aur-dev] [PATCH] git-serve: Use Python exceptions for error handling
by Lukas Fleischer 25 Dec '16

25 Dec '16

Make it easier to reuse the helper functions provided by git-serve from another Python script by throwing exceptions instead of terminating the program on errors. Signed-off-by: Lukas Fleischer <lfleischer(a)archlinux.org> --- aurweb/exceptions.py | 53 +++++++++++++++++ aurweb/git/serve.py | 157 +++++++++++++++++++++++++-------------------------- 2 files changed, 131 insertions(+), 79 deletions(-) create mode 100644 aurweb/exceptions.py diff --git a/aurweb/exceptions.py b/aurweb/exceptions.py new file mode 100644 index 0000000..5922b2d --- /dev/null +++ b/aurweb/exceptions.py @@ -0,0 +1,53 @@ +class AurwebException(Exception): + pass + + +class MaintenanceException(AurwebException): + pass + + +class PermissionDeniedException(AurwebException): + def __init__(self, user): + msg = 'permission denied: {:s}'.format(user) + super(PermissionDeniedException, self).__init__(msg) + + +class InvalidUserException(AurwebException): + def __init__(self, user): + msg = 'unknown user: {:s}'.format(user) + super(InvalidUserException, self).__init__(msg) + + +class InvalidPackageBaseException(AurwebException): + def __init__(self, pkgbase): + msg = 'package base not found: {:s}'.format(pkgbase) + super(InvalidPackageBaseException, self).__init__(msg) + + +class InvalidRepositoryNameException(AurwebException): + def __init__(self, pkgbase): + msg = 'invalid repository name: {:s}'.format(pkgbase) + super(InvalidRepositoryNameException, self).__init__(msg) + + +class PackageBaseExistsException(AurwebException): + def __init__(self, pkgbase): + msg = 'package base already exists: {:s}'.format(pkgbase) + super(PackageBaseExistsException, self).__init__(msg) + + +class InvalidReasonException(AurwebException): + def __init__(self, reason): + msg = 'invalid reason: {:s}'.format(reason) + super(InvalidReasonException, self).__init__(msg) + + +class InvalidCommentException(AurwebException): + def __init__(self, comment): + msg = 'comment is too short: {:s}'.format(comment) + super(InvalidCommentException, self).__init__(msg) + + +class InvalidArgumentsException(AurwebException): + def __init__(self, msg): + super(InvalidArgumentsException, self).__init__(msg) diff --git a/aurweb/git/serve.py b/aurweb/git/serve.py index 08c6541..e33fbeb 100755 --- a/aurweb/git/serve.py +++ b/aurweb/git/serve.py @@ -9,6 +9,7 @@ import time import aurweb.config import aurweb.db +import aurweb.exceptions notify_cmd = aurweb.config.get('notifications', 'notify-cmd') @@ -40,7 +41,7 @@ def list_repos(user): cur = conn.execute("SELECT ID FROM Users WHERE Username = ?", [user]) userid = cur.fetchone()[0] if userid == 0: - die('{:s}: unknown user: {:s}'.format(action, user)) + raise aurweb.exceptions.InvalidUserException(user) cur = conn.execute("SELECT Name, PackagerUID FROM PackageBases " + "WHERE MaintainerUID = ?", [userid]) @@ -51,16 +52,16 @@ def list_repos(user): def create_pkgbase(pkgbase, user): if not re.match(repo_regex, pkgbase): - die('{:s}: invalid repository name: {:s}'.format(action, pkgbase)) + raise aurweb.exceptions.InvalidRepositoryNameException(pkgbase) if pkgbase_exists(pkgbase): - die('{:s}: package base already exists: {:s}'.format(action, pkgbase)) + raise aurweb.exceptions.PackageBaseExistsException(pkgbase) conn = aurweb.db.Connection() cur = conn.execute("SELECT ID FROM Users WHERE Username = ?", [user]) userid = cur.fetchone()[0] if userid == 0: - die('{:s}: unknown user: {:s}'.format(action, user)) + raise aurweb.exceptions.InvalidUserException(user) now = int(time.time()) cur = conn.execute("INSERT INTO PackageBases (Name, SubmittedTS, " + @@ -79,19 +80,19 @@ def create_pkgbase(pkgbase, user): def pkgbase_adopt(pkgbase, user, privileged): pkgbase_id = pkgbase_from_name(pkgbase) if not pkgbase_id: - die('{:s}: package base not found: {:s}'.format(action, pkgbase)) + raise aurweb.exceptions.InvalidPackageBaseException(pkgbase) conn = aurweb.db.Connection() cur = conn.execute("SELECT ID FROM PackageBases WHERE ID = ? AND " + "MaintainerUID IS NULL", [pkgbase_id]) if not privileged and not cur.fetchone(): - die('{:s}: permission denied: {:s}'.format(action, user)) + raise aurweb.exceptions.PermissionDeniedException(user) cur = conn.execute("SELECT ID FROM Users WHERE Username = ?", [user]) userid = cur.fetchone()[0] if userid == 0: - die('{:s}: unknown user: {:s}'.format(action, user)) + raise aurweb.exceptions.InvalidUserException(user) cur = conn.execute("UPDATE PackageBases SET MaintainerUID = ? " + "WHERE ID = ?", [userid, pkgbase_id]) @@ -127,10 +128,10 @@ def pkgbase_get_comaintainers(pkgbase): def pkgbase_set_comaintainers(pkgbase, userlist, user, privileged): pkgbase_id = pkgbase_from_name(pkgbase) if not pkgbase_id: - die('{:s}: package base not found: {:s}'.format(action, pkgbase)) + raise aurweb.exceptions.InvalidPackageBaseException(pkgbase) if not privileged and not pkgbase_has_full_access(pkgbase, user): - die('{:s}: permission denied: {:s}'.format(action, user)) + raise aurweb.exceptions.PermissionDeniedException(user) conn = aurweb.db.Connection() @@ -142,7 +143,7 @@ def pkgbase_set_comaintainers(pkgbase, userlist, user, privileged): [olduser]) userid = cur.fetchone()[0] if userid == 0: - die('{:s}: unknown user: {:s}'.format(action, user)) + raise aurweb.exceptions.InvalidUserException(user) uids_old.add(userid) uids_new = set() @@ -151,7 +152,7 @@ def pkgbase_set_comaintainers(pkgbase, userlist, user, privileged): [newuser]) userid = cur.fetchone()[0] if userid == 0: - die('{:s}: unknown user: {:s}'.format(action, user)) + raise aurweb.exceptions.InvalidUserException(user) uids_new.add(userid) uids_add = uids_new - uids_old @@ -196,10 +197,10 @@ def pkgreq_by_pkgbase(pkgbase_id, reqtype): return [row[0] for row in cur.fetchall()] -def pkgreq_close(reqid, reason, comments, autoclose=False): +def pkgreq_close(reqid, user, reason, comments, autoclose=False): statusmap = {'accepted': 2, 'rejected': 3} if reason not in statusmap: - die('{:s}: invalid reason: {:s}'.format(action, reason)) + raise aurweb.exceptions.InvalidReasonException(reason) status = statusmap[reason] conn = aurweb.db.Connection() @@ -210,7 +211,7 @@ def pkgreq_close(reqid, reason, comments, autoclose=False): cur = conn.execute("SELECT ID FROM Users WHERE Username = ?", [user]) userid = cur.fetchone()[0] if userid == 0: - die('{:s}: unknown user: {:s}'.format(action, user)) + raise aurweb.exceptions.InvalidUserException(user) conn.execute("UPDATE PackageRequests SET Status = ?, ClosureComment = ? " + "WHERE ID = ?", [status, comments, reqid]) @@ -224,18 +225,18 @@ def pkgreq_close(reqid, reason, comments, autoclose=False): def pkgbase_disown(pkgbase, user, privileged): pkgbase_id = pkgbase_from_name(pkgbase) if not pkgbase_id: - die('{:s}: package base not found: {:s}'.format(action, pkgbase)) + raise aurweb.exceptions.InvalidPackageBaseException(pkgbase) initialized_by_owner = pkgbase_has_full_access(pkgbase, user) if not privileged and not initialized_by_owner: - die('{:s}: permission denied: {:s}'.format(action, user)) + raise aurweb.exceptions.PermissionDeniedException(user) # TODO: Support disowning package bases via package request. # Scan through pending orphan requests and close them. comment = 'The user {:s} disowned the package.'.format(user) for reqid in pkgreq_by_pkgbase(pkgbase_id, 'orphan'): - pkgreq_close(reqid, 'accepted', comment, True) + pkgreq_close(reqid, user, 'accepted', comment, True) comaintainers = [] new_maintainer_userid = None @@ -262,7 +263,7 @@ def pkgbase_disown(pkgbase, user, privileged): cur = conn.execute("SELECT ID FROM Users WHERE Username = ?", [user]) userid = cur.fetchone()[0] if userid == 0: - die('{:s}: unknown user: {:s}'.format(action, user)) + raise aurweb.exceptions.InvalidUserException(user) subprocess.Popen((notify_cmd, 'disown', str(pkgbase_id), str(userid))) @@ -272,14 +273,16 @@ def pkgbase_disown(pkgbase, user, privileged): def pkgbase_flag(pkgbase, user, comment): pkgbase_id = pkgbase_from_name(pkgbase) if not pkgbase_id: - die('{:s}: package base not found: {:s}'.format(action, pkgbase)) + raise aurweb.exceptions.InvalidPackageBaseException(pkgbase) + if len(comment) < 3: + raise aurweb.exceptions.InvalidCommentException(comment) conn = aurweb.db.Connection() cur = conn.execute("SELECT ID FROM Users WHERE Username = ?", [user]) userid = cur.fetchone()[0] if userid == 0: - die('{:s}: unknown user: {:s}'.format(action, user)) + raise aurweb.exceptions.InvalidUserException(user) now = int(time.time()) conn.execute("UPDATE PackageBases SET " + @@ -295,14 +298,14 @@ def pkgbase_flag(pkgbase, user, comment): def pkgbase_unflag(pkgbase, user): pkgbase_id = pkgbase_from_name(pkgbase) if not pkgbase_id: - die('{:s}: package base not found: {:s}'.format(action, pkgbase)) + raise aurweb.exceptions.InvalidPackageBaseException(pkgbase) conn = aurweb.db.Connection() cur = conn.execute("SELECT ID FROM Users WHERE Username = ?", [user]) userid = cur.fetchone()[0] if userid == 0: - die('{:s}: unknown user: {:s}'.format(action, user)) + raise aurweb.exceptions.InvalidUserException(user) if user in pkgbase_get_comaintainers(pkgbase): conn.execute("UPDATE PackageBases SET OutOfDateTS = NULL " + @@ -318,7 +321,7 @@ def pkgbase_unflag(pkgbase, user): def pkgbase_set_keywords(pkgbase, keywords): pkgbase_id = pkgbase_from_name(pkgbase) if not pkgbase_id: - die('{:s}: package base not found: {:s}'.format(action, pkgbase)) + raise aurweb.exceptions.InvalidPackageBaseException(pkgbase) conn = aurweb.db.Connection() @@ -377,29 +380,33 @@ def usage(cmds): exit(0) -def main(): - user = os.environ.get('AUR_USER') - privileged = (os.environ.get('AUR_PRIVILEGED', '0') == '1') - ssh_cmd = os.environ.get('SSH_ORIGINAL_COMMAND') - ssh_client = os.environ.get('SSH_CLIENT') +def checkarg_atleast(cmdargv, *argdesc): + if len(cmdargv) - 1 < len(argdesc): + msg = 'missing {:s}'.format(argdesc[len(cmdargv) - 1]) + raise aurweb.exceptions.InvalidArgumentsException(msg) + + +def checkarg_atmost(cmdargv, *argdesc): + if len(cmdargv) - 1 > len(argdesc): + raise aurweb.exceptions.InvalidArgumentsException('too many arguments') - if not ssh_cmd: - die_with_help("Interactive shell is disabled.") - cmdargv = shlex.split(ssh_cmd) - action = cmdargv[0] - remote_addr = ssh_client.split(' ')[0] if ssh_client else None +def checkarg(cmdargv, *argdesc): + checkarg_atleast(cmdargv, *argdesc) + checkarg_atmost(cmdargv, *argdesc) + + +def serve(action, cmdargv, user, privileged, remote_addr): if enable_maintenance: if remote_addr not in maintenance_exc: - die("The AUR is down due to maintenance. We will be back soon.") + raise aurweb.exceptions.MaintenanceException if action == 'git' and cmdargv[1] in ('upload-pack', 'receive-pack'): action = action + '-' + cmdargv[1] del cmdargv[1] if action == 'git-upload-pack' or action == 'git-receive-pack': - if len(cmdargv) < 2: - die_with_help("{:s}: missing path".format(action)) + checkarg(cmdargv, 'path') path = cmdargv[1].rstrip('/') if not path.startswith('/'): @@ -408,11 +415,11 @@ def main(): path = path + '.git' pkgbase = path[1:-4] if not re.match(repo_regex, pkgbase): - die('{:s}: invalid repository name: {:s}'.format(action, pkgbase)) + raise aurweb.exceptions.InvalidRepositoryNameException(pkgbase) if action == 'git-receive-pack' and pkgbase_exists(pkgbase): if not privileged and not pkgbase_has_write_access(pkgbase, user): - die('{:s}: permission denied: {:s}'.format(action, user)) + raise aurweb.exceptions.PermissionDeniedException(user) os.environ["AUR_USER"] = user os.environ["AUR_PKGBASE"] = pkgbase @@ -420,79 +427,48 @@ def main(): cmd = action + " '" + repo_path + "'" os.execl(git_shell_cmd, git_shell_cmd, '-c', cmd) elif action == 'set-keywords': - if len(cmdargv) < 2: - die_with_help("{:s}: missing repository name".format(action)) + checkarg(cmdargv, 'repository name') pkgbase_set_keywords(cmdargv[1], cmdargv[2:]) elif action == 'list-repos': - if len(cmdargv) > 1: - die_with_help("{:s}: too many arguments".format(action)) + checkarg(cmdargv) list_repos(user) elif action == 'setup-repo': - if len(cmdargv) < 2: - die_with_help("{:s}: missing repository name".format(action)) - if len(cmdargv) > 2: - die_with_help("{:s}: too many arguments".format(action)) + checkarg(cmdargv, 'repository name') warn('{:s} is deprecated. ' 'Use `git push` to create new repositories.'.format(action)) create_pkgbase(cmdargv[1], user) elif action == 'restore': - if len(cmdargv) < 2: - die_with_help("{:s}: missing repository name".format(action)) - if len(cmdargv) > 2: - die_with_help("{:s}: too many arguments".format(action)) + checkarg(cmdargv, 'repository name') pkgbase = cmdargv[1] - if not re.match(repo_regex, pkgbase): - die('{:s}: invalid repository name: {:s}'.format(action, pkgbase)) - - if pkgbase_exists(pkgbase): - die('{:s}: package base exists: {:s}'.format(action, pkgbase)) create_pkgbase(pkgbase, user) os.environ["AUR_USER"] = user os.environ["AUR_PKGBASE"] = pkgbase os.execl(git_update_cmd, git_update_cmd, 'restore') elif action == 'adopt': - if len(cmdargv) < 2: - die_with_help("{:s}: missing repository name".format(action)) - if len(cmdargv) > 2: - die_with_help("{:s}: too many arguments".format(action)) + checkarg(cmdargv, 'repository name') pkgbase = cmdargv[1] pkgbase_adopt(pkgbase, user, privileged) elif action == 'disown': - if len(cmdargv) < 2: - die_with_help("{:s}: missing repository name".format(action)) - if len(cmdargv) > 2: - die_with_help("{:s}: too many arguments".format(action)) + checkarg(cmdargv, 'repository name') pkgbase = cmdargv[1] pkgbase_disown(pkgbase, user, privileged) elif action == 'flag': - if len(cmdargv) < 2: - die_with_help("{:s}: missing repository name".format(action)) - if len(cmdargv) < 3: - die_with_help("{:s}: missing comment".format(action)) - if len(cmdargv) > 3: - die_with_help("{:s}: too many arguments".format(action)) + checkarg(cmdargv, 'repository name', 'comment') pkgbase = cmdargv[1] comment = cmdargv[2] - if len(comment) < 3: - die_with_help("{:s}: comment is too short".format(action)) - pkgbase_flag(pkgbase, user, comment) elif action == 'unflag': - if len(cmdargv) < 2: - die_with_help("{:s}: missing repository name".format(action)) - if len(cmdargv) > 2: - die_with_help("{:s}: too many arguments".format(action)) + checkarg(cmdargv, 'repository name') pkgbase = cmdargv[1] pkgbase_unflag(pkgbase, user) elif action == 'set-comaintainers': - if len(cmdargv) < 2: - die_with_help("{:s}: missing repository name".format(action)) + checkarg_atleast(cmdargv, 'repository name') pkgbase = cmdargv[1] userlist = cmdargv[2:] @@ -514,7 +490,30 @@ def main(): } usage(cmds) else: - die_with_help("invalid command: {:s}".format(action)) + msg = 'invalid command: {:s}'.format(action) + raise aurweb.exceptions.InvalidArgumentsException(msg) + + +def main(): + user = os.environ.get('AUR_USER') + privileged = (os.environ.get('AUR_PRIVILEGED', '0') == '1') + ssh_cmd = os.environ.get('SSH_ORIGINAL_COMMAND') + ssh_client = os.environ.get('SSH_CLIENT') + + if not ssh_cmd: + die_with_help("Interactive shell is disabled.") + cmdargv = shlex.split(ssh_cmd) + action = cmdargv[0] + remote_addr = ssh_client.split(' ')[0] if ssh_client else None + + try: + serve(action, cmdargv, user, privileged, remote_addr) + except aurweb.exceptions.MaintenanceException: + die("The AUR is down due to maintenance. We will be back soon.") + except aurweb.exceptions.InvalidArgumentsException as e: + die_with_help('{:s}: {}'.format(action, e)) + except aurweb.exceptions.AurwebException as e: + die('{:s}: {}'.format(action, e)) if __name__ == '__main__': -- 2.11.0

1 0

[aur-dev] [PATCH 1/2] git-serve: Add support for (un-)flagging packages
by Lukas Fleischer 25 Dec '16

25 Dec '16

Add support for flagging or unflagging packages from the SSH interface. The syntax is `flag <pkgbase> <comment>` resp. `unflag <pkgbase>`. Signed-off-by: Lukas Fleischer <lfleischer(a)archlinux.org> --- aurweb/git/serve.py | 70 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) diff --git a/aurweb/git/serve.py b/aurweb/git/serve.py index 476aea8..08c6541 100755 --- a/aurweb/git/serve.py +++ b/aurweb/git/serve.py @@ -269,6 +269,52 @@ def pkgbase_disown(pkgbase, user, privileged): conn.close() +def pkgbase_flag(pkgbase, user, comment): + pkgbase_id = pkgbase_from_name(pkgbase) + if not pkgbase_id: + die('{:s}: package base not found: {:s}'.format(action, pkgbase)) + + conn = aurweb.db.Connection() + + cur = conn.execute("SELECT ID FROM Users WHERE Username = ?", [user]) + userid = cur.fetchone()[0] + if userid == 0: + die('{:s}: unknown user: {:s}'.format(action, user)) + + now = int(time.time()) + conn.execute("UPDATE PackageBases SET " + + "OutOfDateTS = ?, FlaggerUID = ?, FlaggerComment = ? " + + "WHERE ID = ? AND OutOfDateTS IS NULL", + [now, userid, comment, pkgbase_id]) + + conn.commit() + + subprocess.Popen((notify_cmd, 'flag', str(userid), str(pkgbase_id))) + + +def pkgbase_unflag(pkgbase, user): + pkgbase_id = pkgbase_from_name(pkgbase) + if not pkgbase_id: + die('{:s}: package base not found: {:s}'.format(action, pkgbase)) + + conn = aurweb.db.Connection() + + cur = conn.execute("SELECT ID FROM Users WHERE Username = ?", [user]) + userid = cur.fetchone()[0] + if userid == 0: + die('{:s}: unknown user: {:s}'.format(action, user)) + + if user in pkgbase_get_comaintainers(pkgbase): + conn.execute("UPDATE PackageBases SET OutOfDateTS = NULL " + + "WHERE ID = ?", [pkgbase_id]) + else: + conn.execute("UPDATE PackageBases SET OutOfDateTS = NULL " + + "WHERE ID = ? AND (MaintainerUID = ? OR FlaggerUID = ?)", + [pkgbase_id, userid, userid]) + + conn.commit() + + def pkgbase_set_keywords(pkgbase, keywords): pkgbase_id = pkgbase_from_name(pkgbase) if not pkgbase_id: @@ -422,6 +468,28 @@ def main(): pkgbase = cmdargv[1] pkgbase_disown(pkgbase, user, privileged) + elif action == 'flag': + if len(cmdargv) < 2: + die_with_help("{:s}: missing repository name".format(action)) + if len(cmdargv) < 3: + die_with_help("{:s}: missing comment".format(action)) + if len(cmdargv) > 3: + die_with_help("{:s}: too many arguments".format(action)) + + pkgbase = cmdargv[1] + comment = cmdargv[2] + if len(comment) < 3: + die_with_help("{:s}: comment is too short".format(action)) + + pkgbase_flag(pkgbase, user, comment) + elif action == 'unflag': + if len(cmdargv) < 2: + die_with_help("{:s}: missing repository name".format(action)) + if len(cmdargv) > 2: + die_with_help("{:s}: too many arguments".format(action)) + + pkgbase = cmdargv[1] + pkgbase_unflag(pkgbase, user) elif action == 'set-comaintainers': if len(cmdargv) < 2: die_with_help("{:s}: missing repository name".format(action)) @@ -433,12 +501,14 @@ def main(): cmds = { "adopt <name>": "Adopt a package base.", "disown <name>": "Disown a package base.", + "flag <name> <comment>": "Flag a package base out-of-date.", "help": "Show this help message and exit.", "list-repos": "List all your repositories.", "restore <name>": "Restore a deleted package base.", "set-comaintainers <name> [...]": "Set package base co-maintainers.", "set-keywords <name> [...]": "Change package base keywords.", "setup-repo <name>": "Create a repository (deprecated).", + "unflag <name>": "Remove out-of-date flag from a package base.", "git-receive-pack": "Internal command used with Git.", "git-upload-pack": "Internal command used with Git.", } -- 2.11.0

1 1

[aur-dev] [PATCH] t1200: Test maintenance mode
by Lukas Fleischer 25 Dec '16

25 Dec '16

Add a test case to ensure that enabling the maintenance mode disables the SSH interface. Signed-off-by: Lukas Fleischer <lfleischer(a)archlinux.org> --- test/t1200-git-serve.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/test/t1200-git-serve.sh b/test/t1200-git-serve.sh index 5054ce3..6fa6f95 100755 --- a/test/t1200-git-serve.sh +++ b/test/t1200-git-serve.sh @@ -20,6 +20,17 @@ test_expect_success 'Test help.' ' IFS=$save_IFS ' +test_expect_success 'Test maintenance mode.' ' + mv config config.old && + sed "s/^$enable-maintenance = $0$/\\11/" config.old >config && + SSH_ORIGINAL_COMMAND=help test_must_fail "$GIT_SERVE" 2>actual && + cat >expected <<-EOF && + The AUR is down due to maintenance. We will be back soon. + EOF + test_cmp expected actual && + mv config.old config +' + test_expect_success 'Test setup-repo and list-repos.' ' SSH_ORIGINAL_COMMAND="setup-repo foobar" AUR_USER=user \ "$GIT_SERVE" 2>&1 && -- 2.11.0

1 0

[aur-dev] [PATCH] notify: Avoid EXCEPT in SQL statement
by Lukas Fleischer 12 Dec '16

12 Dec '16

Do not use the EXCEPT clause which is unsupported in MySQL. Instead, use a subquery which is standard-compliant and makes the query easier to read at the same time. Signed-off-by: Lukas Fleischer <lfleischer(a)archlinux.org> --- aurweb/scripts/notify.py | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/aurweb/scripts/notify.py b/aurweb/scripts/notify.py index 8fdfeb9..69164fb 100755 --- a/aurweb/scripts/notify.py +++ b/aurweb/scripts/notify.py @@ -139,12 +139,10 @@ def get_request_recipients(conn, reqid): def get_tu_vote_reminder_recipients(conn, vote_id): - cur = conn.execute('SELECT Users.Email FROM Users ' + - 'WHERE AccountTypeID = 2 ' + - 'EXCEPT SELECT Users.Email FROM Users ' + - 'INNER JOIN TU_Votes ' + - 'ON TU_Votes.UserID = Users.ID ' + - 'WHERE TU_Votes.VoteID = ?', [vote_id]) + cur = conn.execute('SELECT Email FROM Users ' + + 'WHERE AccountTypeID = 2 AND ID NOT IN ' + + '(SELECT UserID FROM TU_Votes ' + + 'WHERE TU_Votes.VoteID = ?)', [vote_id]) return [row[0] for row in cur.fetchall()] -- 2.10.2

1 0