summaryrefslogtreecommitdiffstats
path: root/web
AgeCommit message (Collapse)AuthorFilesLines
2014-10-16Add a time stamp to package base votesLukas Fleischer1-3/+3
This can potentially be used to identify trending packages. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-11Merge branch 'maint'Lukas Fleischer1-1/+1
2014-10-10Add support for architecture-specific sourcesLukas Fleischer3-28/+44
As a follow-up to 4d7da95 (Add support for architecture-specific fields, 2014-08-10), handle architecture-specific source fields as well. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-10Add a script to generate package listsLukas Fleischer1-0/+6
This can be used to regularly generate lists of packages and package bases that are made available under /packages.gz and /pkgbase.gz, respectively. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-10Use readfile() instead of include for static filesLukas Fleischer1-4/+4
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-10Use proper email address in send_resetkey()Lukas Fleischer1-1/+1
Fixes FS#41860. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-03Merge branch 'maint'Lukas Fleischer2-2/+3
2014-10-03Include proper timestamp in auto-accept emailsLukas Fleischer1-1/+1
Fixes a regression introduced in c70b340 (Close requests before accepting, 2014-07-29). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-03Fix permission check in pkgreq_close()Lukas Fleischer1-1/+1
Make sure that requests can be auto-accepted if filed by a regular user. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-03rss.php: Include package functionsLukas Fleischer1-0/+1
This is needed since 4426877 (Move latest_pkgs() to pkgfuncs.inc.php, 2014-05-29). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-08-11Merge branch 'maint'Lukas Fleischer7-7/+21
2014-08-10Add support for architecture-specific fieldsLukas Fleischer3-37/+106
This adds support for architecture-specific dependencies and relations. Support for this has recently been added to makepkg, see commit 2b556d8 (PKGBUILD: handle arch specific attributes, 2014-07-25) in the pacman repository for details. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-08-10Group dependencies by dependency typeLukas Fleischer1-0/+10
Implements FS#40888. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-08-08Add permission checks to the request featureLukas Fleischer3-0/+14
* Only show the request form to users that are logged in. * Only show the close request form to Trusted Users and developers. * Check for a valid login in pkgreq_file(). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-08-08Fix the return value of save_salt()Lukas Fleischer1-1/+1
Return true if and only if the SQL query was executed successfully. Logins with an unsalted password no longer fail now. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-08-06Fix notification handling on submission and adoptionLukas Fleischer2-2/+2
Automatically add users to the notification list when adopting a package. This used to work bug was broken by 03c6304 (Rework permission handling, 2014-07-15). Fixes FS#41426. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-08-06Add PCRE_DOLLAR_ENDONLY to preg_match()Lukas Fleischer3-4/+4
When using preg_match() to check for a match that starts at the beginning of the string and ends at the last character of the string, we do not want to allow an additional newline character to sneak in. Amongst other potential loopholes, adding the PCRE_DOLLAR_ENDONLY modifier prevents users from registering with user names that end with a newline character. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-08-02Release 3.4.3Lukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-08-02Count users in "Trusted User & Developer" group as TUBalló György2-3/+3
This reflects the changes in 3610f3c. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Release 3.4.2Lukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Lock fresh orphan requestsLukas Fleischer1-2/+18
Trusted Users should almost always wait for two weeks before accepting an orphan request. Lock orphan requests during the first two weeks. Package bases can still be orphaned and package requests can still be closed manually during that period of time. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Close requests before acceptingLukas Fleischer2-11/+29
When auto-accepting a request, we need to close the package request before performing the actual action (disown/deletion/merge). Otherwise, the former maintainer is not included in the Cc list of the acceptance/rejection notification email. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Remove duplicate recipients from CcLukas Fleischer1-0/+2
When a user files a request for a package maintained by himself, he is currently included in the Cc list twice. Use array_unique() to omit repeated entries. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Allow users to delete their own commentsLukas Fleischer1-13/+5
Fixes a regression introduced in 03c6304 (Rework permission handling, 2014-07-15). Fixes FS#41379. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Release 3.4.1Lukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Suppress PHP notice in process_account_form()Lukas Fleischer1-3/+6
Add a check to remove a notice which is displayed after registration since commit 03c6304 (Rework permission handling, 2014-07-15). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Fix the registration formLukas Fleischer1-3/+3
Pass the right parameters to display_account_form() and process_account_form() when showing/processing the registration form. Fixes a regression introduced in 03c6304 (Rework permission handling, 2014-07-15). Reported-by: Karthik K <hashken.distro@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Do not show deletion link on the registration pageLukas Fleischer1-1/+1
In 7df8dc8 (Add support for deleting user accounts, 2014-07-25), a link to the account deletion page was added to the account edit form. Make sure we only show this link if the user actually wants to edit an account and do not show this link on the account registration page. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-28Release 3.4.0Lukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-25Do not allow regular users to edit all accountsLukas Fleischer1-1/+1
Fixes a regression introduced in 03c6304 (Rework permission handling, 2014-07-15). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-25Add support for deleting user accountsLukas Fleischer4-0/+44
Users can now delete their own accounts by clicking a link in the account edit form and confirming the deletion on a follow-up page. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-25Clean up user references in user_delete()Lukas Fleischer1-0/+35
Explicitly clean up all references before deleting a user. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-25Make deleted comments visible to Trusted UsersLukas Fleischer5-11/+30
This allows Trusted Users to check whether a user posted a politically incorrect comment, even if he already deleted it. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-23Add typeahead suggest to the merge request formLukas Fleischer3-2/+56
Add the typeahead implementation we already use for the package search to the merge target text field. Instead of suggesting packages, suggest package base names. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-23Prevent merging a package base with itselfLukas Fleischer2-4/+11
Instead of deleting the package, show an error message if a user tries to merge a package base with itself. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-23pkgreq_results.php: Only show non-empty merge targetsLukas Fleischer1-1/+6
In the column that contains the merge target, only display the parentheses if the merge target is a non-empty string. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-23Verify that the target of merge operations existsLukas Fleischer1-0/+4
Make sure that the target of a merge operation is either empty or an existing package base name. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-23Display correct comment count on package base pageLukas Fleischer1-1/+7
Show the correct number of package base comments in the tool tip message of the "Latest Comments" link. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-23Drop comment count from translatable messageLukas Fleischer1-2/+2
The title "View all %s comments" becomes "View all %s comment" when adding plural support (which is needed for other languages that have more than one plural form). Simply remove the comment count from the message and add it in parentheses. Suggested-by: Safa Alfulaij <safa1996alfulaij@gmail.com> Suggested-by: Sebastian Wilzbach <sebi@wilzbach.me> Suggested-by: kachelaqa <kachelaqa@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-23Drop support for source packages without .AURINFOLukas Fleischer2-165/+4
Disallow uploading source tarballs that do not contain .AURINFO. Also, drop the PKGBUILD parser which is no longer needed. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-17Automatically accept orphan requests for old packagesLukas Fleischer2-12/+42
If an orphan request is filed for a package that has been flagged out-of-date for at least 180 days, it is disowned automatically. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-16Fix pkgbase_votes_from_name()Lukas Fleischer2-12/+13
In 676595f (Prefix package functions with pkg_/pkgbase_, 2014-04-05), votes_for_pkgname() was renamed to pkgbase_votes_from_name() without changing the semantics. Slightly adapt the implementation and interpret the argument as a package base name instead of a package name. Also fix the call site. Reported-by: Felix Yan <felixonmars@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-16Mention the target of merge requests in emailsLukas Fleischer1-5/+15
When sending the initial notification email for a merge request, include the name of the package base that is the target of the requested merge operation. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-16Use Cc instead of Bcc in request notificationsLukas Fleischer1-6/+6
Add the request creator and the current package maintainer to Cc instead of Bcc when sending notification emails for package requests. This allows users to forward any discussion to both of them by using the "Group Reply" function of their MUA. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-16Bcc notification emails to the request creatorLukas Fleischer1-14/+27
Add both the request creator and the current package maintainer to the Bcc list of notification emails for package requests. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-16Remove unused function pkg_details_by_name()Lukas Fleischer1-24/+0
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-15home: requests should be filed in the web interfaceJohannes Dewender1-1/+3
There is a "file request" link in the "Package Actions" box for every package. Signed-off-by: Johannes Dewender <arch@JonnyJD.net> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-15Add a new user group "Trusted User & Developer"Lukas Fleischer5-5/+20
This group has full permissions on everything. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-15Disallow privileged users to use invalid user namesLukas Fleischer1-22/+1
Prevent Trusted Users and developers from accidentally using a name that contains invalid characters. Also, remove user_is_privileged() which is no longer needed after this change. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-15Rework permission handlingLukas Fleischer24-237/+187
Add a new function has_credential() that checks whether the currently logged in user is allowed to perform a given action. Moving all permission handling to this central place makes adding new user groups and adjusting permissions much more convenient. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>