-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 26/02/13 16:20, Daniel Wallace wrote:
Hello, I have been having to deal with some idiot who is pissed off in the aur for some reason. He keeps marking all my packages out of date. And somehow he is able to continually do this even after I have suspended his account. I am not sure if this is because of the cookie still working and him still being logged in.
Would it be possible to add captchas to flag packages out of date, or to make it so that suspending an account kills the cookie?
https://aur.archlinux.org/account/YyTe/ https://aur.archlinux.org/account/293oHrnk/ https://aur.archlinux.org/account/iou https://aur.archlinux.org/account/b2qLe1Np/
Thanks,
For solving the problem right now -quick and dirty-, we just have to add a validation (tsk tsk anyone who wants to sum contributions can code this silly patch), if the user is suspended don't let him flag the package and actually redirect him to the logout page (to kill those cookies). Then again, we must re-think how to handle this issue better, is horrible to repeat that validation everywhere. Don't we have a magic function/class which we should invoke for checking permissions on every interaction with the user? -long time without checking the aur code-. Cheers. - -- Be a local everywhere! Angel Velasquez CTO/Co-Founder @ citibuddies Arch Linux Developer @citibuddies @angvp #citibuddies http://www.citibuddies.com http://www.angvp.com.ar -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJRLiEqAAoJEEKh2xXsEzutq3IH/jviDOZJhmy9aZoSqzqe27vZ yGNropWpdSNH6WW3NF1FWFeXFBWKG7crQP77hOvVshbWJRvMJpVbDM6236boPa1r wTwFofHBo6/+T7j0KUm6GdG21B5kHxh8pNFTUzg3GZn8d0QkFnCtr3X9IB+l/VTM KP8Wc6uiIFI6CwQLAEmYueSwD6uJAMLKK0sxDW1rSxBBKExbImnGBjSSN11grtL7 E9Cj/QlphlTZAWTs054LyJbQSRm0uu8IT363long2pbWYLxnONqNzKyWJcxiyX0R CHaGl/28MQfyiYpGFb153qAR7Qp0rZfsGM2lOANweSJYIW/XHVdE1Mgn7yXpXtk= =6Bnl -----END PGP SIGNATURE-----