Age | Commit message (Collapse) | Author | Files | Lines |
|
We already check for a minimum password length on the account edit page.
Add the same check to the password reset form (which is also used to set
an initial password).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
pacman officially supports .SRCINFO since commit 6029a77 (makepkg:
introduce .SRCINFO files for source packages, 2014-11-08).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Replace web/lib/config.inc.php with an INI-style configuration file.
This allows us to get rid of several globals and makes it easier to use
the same configuration file in external scripts.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
As a follow-up to 4d7da95 (Add support for architecture-specific fields,
2014-08-10), handle architecture-specific source fields as well.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This can be used to regularly generate lists of packages and package
bases that are made available under /packages.gz and /pkgbase.gz,
respectively.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
|
|
This is needed since 4426877 (Move latest_pkgs() to pkgfuncs.inc.php,
2014-05-29).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
|
|
This adds support for architecture-specific dependencies and relations.
Support for this has recently been added to makepkg, see commit 2b556d8
(PKGBUILD: handle arch specific attributes, 2014-07-25) in the pacman
repository for details.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
* Only show the request form to users that are logged in.
* Only show the close request form to Trusted Users and developers.
* Check for a valid login in pkgreq_file().
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Automatically add users to the notification list when adopting a
package. This used to work bug was broken by 03c6304 (Rework permission
handling, 2014-07-15). Fixes FS#41426.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
When using preg_match() to check for a match that starts at the
beginning of the string and ends at the last character of the string, we
do not want to allow an additional newline character to sneak in.
Amongst other potential loopholes, adding the PCRE_DOLLAR_ENDONLY
modifier prevents users from registering with user names that end with a
newline character.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Pass the right parameters to display_account_form() and
process_account_form() when showing/processing the registration form.
Fixes a regression introduced in 03c6304 (Rework permission handling,
2014-07-15).
Reported-by: Karthik K <hashken.distro@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Users can now delete their own accounts by clicking a link in the
account edit form and confirming the deletion on a follow-up page.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This allows Trusted Users to check whether a user posted a politically
incorrect comment, even if he already deleted it.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Add the typeahead implementation we already use for the package search
to the merge target text field. Instead of suggesting packages, suggest
package base names.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Instead of deleting the package, show an error message if a user tries
to merge a package base with itself.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Disallow uploading source tarballs that do not contain .AURINFO. Also,
drop the PKGBUILD parser which is no longer needed.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
In 676595f (Prefix package functions with pkg_/pkgbase_, 2014-04-05),
votes_for_pkgname() was renamed to pkgbase_votes_from_name() without
changing the semantics. Slightly adapt the implementation and interpret
the argument as a package base name instead of a package name. Also fix
the call site.
Reported-by: Felix Yan <felixonmars@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
There is a "file request" link in the "Package Actions" box
for every package.
Signed-off-by: Johannes Dewender <arch@JonnyJD.net>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Add a new function has_credential() that checks whether the currently
logged in user is allowed to perform a given action. Moving all
permission handling to this central place makes adding new user groups
and adjusting permissions much more convenient.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Move the check introduced in 06b7099 (Validate package base name when
filing requests, 2014-07-02) from pkgbase.php to pkgreq_file().
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This allows Trusted Users to optionally add a comment when closing a
request. The comment is included in the notification email that is sent
to the requests mailing list.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
When closing a package request, Trusted Users can now pick a reason
("Accepted" or "Rejected"). This allows for marking a request as
accepted, even if the corresponding package base has already been
deleted.
Also, the notification email now always explicitly states whether a
request has been accepted or closed in the message body.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Fixes FS#41052.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This was not implemented properly in commit 8260111 (Add a package
request list, 2014-06-24).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Make sure that error messages above the package list are actually
visible to the user.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Make sure that the package base to merge into does not contain any
invalid characters.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Use "Requests" instead of "File Request" as title for the package
request list.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Display user statistics under the general package statistics table.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
When sending notification emails after closing a request, be explicit
about whether the request has been accepted or not.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Suggested-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Since these functions now reside in a separate module, use the module
name as function name prefix.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Move the permission check so that regular users can file requests,
whereas the request list is only available to Trusted Users and
developers.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This adds a new "Merge" category to the list of available request types
and also adds a new "Merge into" field that is hidden via JavaScript
when "Deletion" or "Orphan" is selected.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This button allows for accepting a request, disowning the affected
package or redirecting to the package deletion page. The request is
closed automatically when the action has been performed.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This allows Trusted Users to close package requests via the request
list. Also, entries are now sorted such that open requests are shown
before closed requests.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Introduce a new navigation point "Requests" that shows a list of pending
package requests. This functionality is only available to Trusted Users.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Add a new entry to the package actions box that allows for filing
deletion and orphan requests. When choosing that action, the user is
redirected to a new page that allows for selecting a request type and
entering a comment. When submitting the request, a new entry in the
request database is created and an email is sent to a configurable
mailing list (defaults to aur-general).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Return null instead of the string "None" in username_from_id(),
uid_from_email() and uid_from_username().
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
In commit e582cfe (Collapse long dependency lists, 2014-04-18), we added
code to automatically collapse dependency and requirement lists with
more than 20 entries. Add the same functionality to source lists.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Fixes FS#40206.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Use "Welcome to the Arch User Repository" instead of "AUR Password
Reset" as subject for the initial password reset email.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
All files contained in the source tarball must have permissions of 644
or 755. All directories must have permissions of 755.
Implements FS#27754.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Move some elseif statements to the same line as the closing brace.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
If a depends (makedepends, checkdepends, optdepends, conflicts,
provides, replaces, license, groups, source) line appears in a package
section, it replaces the corresponding array from the pkgbase section.
If there is a single "depends = " line in the package section, the
depends array of that package is considered empty.
This partly reverts the behavior introduced in commit 137a9ae (Fix
parsing of array overrides, 2014-05-03).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|