summaryrefslogtreecommitdiffstats
path: root/web/lib/pkgreqfuncs.inc.php
AgeCommit message (Collapse)AuthorFilesLines
2014-08-08Add permission checks to the request featureLukas Fleischer1-0/+4
* Only show the request form to users that are logged in. * Only show the close request form to Trusted Users and developers. * Check for a valid login in pkgreq_file(). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-08-06Add PCRE_DOLLAR_ENDONLY to preg_match()Lukas Fleischer1-1/+1
When using preg_match() to check for a match that starts at the beginning of the string and ends at the last character of the string, we do not want to allow an additional newline character to sneak in. Amongst other potential loopholes, adding the PCRE_DOLLAR_ENDONLY modifier prevents users from registering with user names that end with a newline character. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Close requests before acceptingLukas Fleischer1-3/+9
When auto-accepting a request, we need to close the package request before performing the actual action (disown/deletion/merge). Otherwise, the former maintainer is not included in the Cc list of the acceptance/rejection notification email. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Remove duplicate recipients from CcLukas Fleischer1-0/+2
When a user files a request for a package maintained by himself, he is currently included in the Cc list twice. Use array_unique() to omit repeated entries. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-23Prevent merging a package base with itselfLukas Fleischer1-0/+4
Instead of deleting the package, show an error message if a user tries to merge a package base with itself. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-23Verify that the target of merge operations existsLukas Fleischer1-0/+4
Make sure that the target of a merge operation is either empty or an existing package base name. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-17Automatically accept orphan requests for old packagesLukas Fleischer1-12/+37
If an orphan request is filed for a package that has been flagged out-of-date for at least 180 days, it is disowned automatically. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-16Mention the target of merge requests in emailsLukas Fleischer1-5/+15
When sending the initial notification email for a merge request, include the name of the package base that is the target of the requested merge operation. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-16Use Cc instead of Bcc in request notificationsLukas Fleischer1-6/+6
Add the request creator and the current package maintainer to Cc instead of Bcc when sending notification emails for package requests. This allows users to forward any discussion to both of them by using the "Group Reply" function of their MUA. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-16Bcc notification emails to the request creatorLukas Fleischer1-14/+27
Add both the request creator and the current package maintainer to the Bcc list of notification emails for package requests. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-15Rework permission handlingLukas Fleischer1-1/+1
Add a new function has_credential() that checks whether the currently logged in user is allowed to perform a given action. Moving all permission handling to this central place makes adding new user groups and adjusting permissions much more convenient. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-04Sanitize merge base name in pkgreq_file()Lukas Fleischer1-0/+4
Move the check introduced in 06b7099 (Validate package base name when filing requests, 2014-07-02) from pkgbase.php to pkgreq_file(). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-04Remember whether a request has been acceptedLukas Fleischer1-4/+12
Store whether a package request is accepted or rejected and display the reason of each closed request in the request list. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-04Include reason for closing a request in the subjectLukas Fleischer1-2/+2
Change the subject of notification emails sent when closing a request to be either "Request Accepted" or "Request Rejected". Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-04Allow for adding a comment when closing a requestLukas Fleischer1-3/+9
This allows Trusted Users to optionally add a comment when closing a request. The comment is included in the notification email that is sent to the requests mailing list. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-04Allow for selecting a reason when closing a requestLukas Fleischer1-4/+23
When closing a package request, Trusted Users can now pick a reason ("Accepted" or "Rejected"). This allows for marking a request as accepted, even if the corresponding package base has already been deleted. Also, the notification email now always explicitly states whether a request has been accepted or closed in the message body. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-02Fix pagination in the package request listLukas Fleischer1-2/+17
This was not implemented properly in commit 8260111 (Add a package request list, 2014-06-24). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-01Set Message-ID when sending package request emailsLukas Fleischer1-2/+1
When sending the first notification email that belongs to a certain package request, set the Message-ID instead of the In-Reply-To and References headers. This is not only more RFC compliant but also fixes thread views in several clients, such as Pipermail. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-01Remove Reply-To header from package request emailsLukas Fleischer1-4/+2
These notification emails are sent to a public mailing list for discussion. Make sure that people can reply. Reported-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-01Be explicit about accepted requests in emailsLukas Fleischer1-2/+5
When sending notification emails after closing a request, be explicit about whether the request has been accepted or not. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-01Fix documentation of pkgreq_*() return typesLukas Fleischer1-2/+2
Reported-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-06-30Rename package request functions to pkgreq_*()Lukas Fleischer1-3/+3
Since these functions now reside in a separate module, use the module name as function name prefix. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-06-30Split out package request functionsLukas Fleischer1-0/+188
Move package request functions to a separate unit pkgreqfuncs.inc.php. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>