Age | Commit message (Collapse) | Author | Files | Lines |
|
Replace web/lib/config.inc.php with an INI-style configuration file.
This allows us to get rid of several globals and makes it easier to use
the same configuration file in external scripts.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This can potentially be used to identify trending packages.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
|
|
As a follow-up to 4d7da95 (Add support for architecture-specific fields,
2014-08-10), handle architecture-specific source fields as well.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Fixes FS#41860.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
|
|
Fixes a regression introduced in c70b340 (Close requests before
accepting, 2014-07-29).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Make sure that requests can be auto-accepted if filed by a regular user.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
|
|
This adds support for architecture-specific dependencies and relations.
Support for this has recently been added to makepkg, see commit 2b556d8
(PKGBUILD: handle arch specific attributes, 2014-07-25) in the pacman
repository for details.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
* Only show the request form to users that are logged in.
* Only show the close request form to Trusted Users and developers.
* Check for a valid login in pkgreq_file().
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Return true if and only if the SQL query was executed successfully.
Logins with an unsalted password no longer fail now.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Automatically add users to the notification list when adopting a
package. This used to work bug was broken by 03c6304 (Rework permission
handling, 2014-07-15). Fixes FS#41426.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
When using preg_match() to check for a match that starts at the
beginning of the string and ends at the last character of the string, we
do not want to allow an additional newline character to sneak in.
Amongst other potential loopholes, adding the PCRE_DOLLAR_ENDONLY
modifier prevents users from registering with user names that end with a
newline character.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This reflects the changes in 3610f3c.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
When auto-accepting a request, we need to close the package request
before performing the actual action (disown/deletion/merge). Otherwise,
the former maintainer is not included in the Cc list of the
acceptance/rejection notification email.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
When a user files a request for a package maintained by himself, he is
currently included in the Cc list twice. Use array_unique() to omit
repeated entries.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Fixes a regression introduced in 03c6304 (Rework permission handling,
2014-07-15). Fixes FS#41379.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Add a check to remove a notice which is displayed after registration
since commit 03c6304 (Rework permission handling, 2014-07-15).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Fixes a regression introduced in 03c6304 (Rework permission handling,
2014-07-15).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Explicitly clean up all references before deleting a user.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This allows Trusted Users to check whether a user posted a politically
incorrect comment, even if he already deleted it.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Add the typeahead implementation we already use for the package search
to the merge target text field. Instead of suggesting packages, suggest
package base names.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Instead of deleting the package, show an error message if a user tries
to merge a package base with itself.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Make sure that the target of a merge operation is either empty or an
existing package base name.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Disallow uploading source tarballs that do not contain .AURINFO. Also,
drop the PKGBUILD parser which is no longer needed.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
If an orphan request is filed for a package that has been flagged
out-of-date for at least 180 days, it is disowned automatically.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
In 676595f (Prefix package functions with pkg_/pkgbase_, 2014-04-05),
votes_for_pkgname() was renamed to pkgbase_votes_from_name() without
changing the semantics. Slightly adapt the implementation and interpret
the argument as a package base name instead of a package name. Also fix
the call site.
Reported-by: Felix Yan <felixonmars@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
When sending the initial notification email for a merge request, include
the name of the package base that is the target of the requested merge
operation.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Add the request creator and the current package maintainer to Cc instead
of Bcc when sending notification emails for package requests. This
allows users to forward any discussion to both of them by using the
"Group Reply" function of their MUA.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Add both the request creator and the current package maintainer to the
Bcc list of notification emails for package requests.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This group has full permissions on everything.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Prevent Trusted Users and developers from accidentally using a name that
contains invalid characters. Also, remove user_is_privileged() which is
no longer needed after this change.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Add a new function has_credential() that checks whether the currently
logged in user is allowed to perform a given action. Moving all
permission handling to this central place makes adding new user groups
and adjusting permissions much more convenient.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
For packages with pending package requests, display the number of
requests above the "File Request" link.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Use ngettext() to handle plurals properly. Also, split pagination
captions into two strings.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Move the check introduced in 06b7099 (Validate package base name when
filing requests, 2014-07-02) from pkgbase.php to pkgreq_file().
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Store whether a package request is accepted or rejected and display the
reason of each closed request in the request list.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Change the subject of notification emails sent when closing a request to
be either "Request Accepted" or "Request Rejected".
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This allows Trusted Users to optionally add a comment when closing a
request. The comment is included in the notification email that is sent
to the requests mailing list.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
When closing a package request, Trusted Users can now pick a reason
("Accepted" or "Rejected"). This allows for marking a request as
accepted, even if the corresponding package base has already been
deleted.
Also, the notification email now always explicitly states whether a
request has been accepted or closed in the message body.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This was not implemented properly in commit 8260111 (Add a package
request list, 2014-06-24).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
When sending the first notification email that belongs to a certain
package request, set the Message-ID instead of the In-Reply-To and
References headers. This is not only more RFC compliant but also fixes
thread views in several clients, such as Pipermail.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|