Age | Commit message (Collapse) | Author | Files | Lines |
|
Users can now add an SSH public key on the account edit page. This will
later be used to authenticate users via SSH.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
We do not want PHP to parse the values for us. Use raw scanner mode to
avoid issues with certain values, such as regular expressions.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Refactor some of the URI generation code to avoid double slashes in
absolute URIs.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Support for non-virtual URLs has been broken for a long time and is no
longer used on the official AUR setup.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Replace web/lib/config.inc.php with an INI-style configuration file.
This allows us to get rid of several globals and makes it easier to use
the same configuration file in external scripts.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This can potentially be used to identify trending packages.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
|
|
As a follow-up to 4d7da95 (Add support for architecture-specific fields,
2014-08-10), handle architecture-specific source fields as well.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Fixes FS#41860.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
|
|
Fixes a regression introduced in c70b340 (Close requests before
accepting, 2014-07-29).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Make sure that requests can be auto-accepted if filed by a regular user.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
|
|
This adds support for architecture-specific dependencies and relations.
Support for this has recently been added to makepkg, see commit 2b556d8
(PKGBUILD: handle arch specific attributes, 2014-07-25) in the pacman
repository for details.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
* Only show the request form to users that are logged in.
* Only show the close request form to Trusted Users and developers.
* Check for a valid login in pkgreq_file().
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Return true if and only if the SQL query was executed successfully.
Logins with an unsalted password no longer fail now.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Automatically add users to the notification list when adopting a
package. This used to work bug was broken by 03c6304 (Rework permission
handling, 2014-07-15). Fixes FS#41426.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
When using preg_match() to check for a match that starts at the
beginning of the string and ends at the last character of the string, we
do not want to allow an additional newline character to sneak in.
Amongst other potential loopholes, adding the PCRE_DOLLAR_ENDONLY
modifier prevents users from registering with user names that end with a
newline character.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This reflects the changes in 3610f3c.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
When auto-accepting a request, we need to close the package request
before performing the actual action (disown/deletion/merge). Otherwise,
the former maintainer is not included in the Cc list of the
acceptance/rejection notification email.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
When a user files a request for a package maintained by himself, he is
currently included in the Cc list twice. Use array_unique() to omit
repeated entries.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Fixes a regression introduced in 03c6304 (Rework permission handling,
2014-07-15). Fixes FS#41379.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Add a check to remove a notice which is displayed after registration
since commit 03c6304 (Rework permission handling, 2014-07-15).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Fixes a regression introduced in 03c6304 (Rework permission handling,
2014-07-15).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Explicitly clean up all references before deleting a user.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This allows Trusted Users to check whether a user posted a politically
incorrect comment, even if he already deleted it.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Add the typeahead implementation we already use for the package search
to the merge target text field. Instead of suggesting packages, suggest
package base names.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Instead of deleting the package, show an error message if a user tries
to merge a package base with itself.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Make sure that the target of a merge operation is either empty or an
existing package base name.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Disallow uploading source tarballs that do not contain .AURINFO. Also,
drop the PKGBUILD parser which is no longer needed.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
If an orphan request is filed for a package that has been flagged
out-of-date for at least 180 days, it is disowned automatically.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
In 676595f (Prefix package functions with pkg_/pkgbase_, 2014-04-05),
votes_for_pkgname() was renamed to pkgbase_votes_from_name() without
changing the semantics. Slightly adapt the implementation and interpret
the argument as a package base name instead of a package name. Also fix
the call site.
Reported-by: Felix Yan <felixonmars@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
When sending the initial notification email for a merge request, include
the name of the package base that is the target of the requested merge
operation.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Add the request creator and the current package maintainer to Cc instead
of Bcc when sending notification emails for package requests. This
allows users to forward any discussion to both of them by using the
"Group Reply" function of their MUA.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Add both the request creator and the current package maintainer to the
Bcc list of notification emails for package requests.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This group has full permissions on everything.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Prevent Trusted Users and developers from accidentally using a name that
contains invalid characters. Also, remove user_is_privileged() which is
no longer needed after this change.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Add a new function has_credential() that checks whether the currently
logged in user is allowed to perform a given action. Moving all
permission handling to this central place makes adding new user groups
and adjusting permissions much more convenient.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
For packages with pending package requests, display the number of
requests above the "File Request" link.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Use ngettext() to handle plurals properly. Also, split pagination
captions into two strings.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|