[aur-dev] [PATCH 1/2] Emit warning when TUs use their supowerpowers to overwrite a pkgbase

[Eli Schwartz]

AUR_PRIVILEGED allows people with privileged AUR accounts to evade the
block on non-fast-forward commits. While valid in this case, we should
still provide a message saying that this happened, since in at least one
case ( https://aur.archlinux.org/packages/rtmidi/ ) a TU did this
without realizing there was an existing package.

Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>
---

Similar to the warn_or_die function, except that doesn't take
alternative messages and there is no nice universal message here.

I think I prefer something that allows the TU to set whether they really
mean to perform a privileged TU action, since accidentally overwriting
something is kind of bad either way.
The follow-up patch implements this -- instead? alongside? Either patch
stands on its own, though I think I'd like to see both.


 aurweb/git/update.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/aurweb/git/update.py b/aurweb/git/update.py
index c9a98d0..3b9ff97 100755
--- a/aurweb/git/update.py
+++ b/aurweb/git/update.py
@@ -258,11 +258,14 @@ def main():
     conn = aurweb.db.Connection()
 
     # Detect and deny non-fast-forwards.
-    if sha1_old != "0" * 40 and not privileged:
+    if sha1_old != "0" * 40:
         walker = repo.walk(sha1_old, pygit2.GIT_SORT_TOPOLOGICAL)
         walker.hide(sha1_new)
         if next(walker, None) is not None:
-            die("denying non-fast-forward (you should pull first)")
+            if privileged:
+                warn("non-fast-forward push (are you absolutely sure you mean this?)")
+            else:
+                die("denying non-fast-forward (you should pull first)")
 
     # Prepare the walker that validates new commits.
     walker = repo.walk(sha1_new, pygit2.GIT_SORT_TOPOLOGICAL)
-- 
2.13.3