[copr] master: The API should not use csrf in the form (0cf3ddd)
by Pierre-YvesChibon
Repository : http://git.fedorahosted.org/cgit/copr.git
On branch : master
>---------------------------------------------------------------
commit 0cf3dddf89d86e5806e07b2b250e09f67251623c
Author: Pierre-Yves Chibon <pingou(a)pingoured.fr>
Date: Sat Feb 9 20:27:40 2013 +0100
The API should not use csrf in the form
>---------------------------------------------------------------
coprs_frontend/coprs/views/api_ns/api_general.py | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/coprs_frontend/coprs/views/api_ns/api_general.py b/coprs_frontend/coprs/views/api_ns/api_general.py
index d12ea7e..081aceb 100644
--- a/coprs_frontend/coprs/views/api_ns/api_general.py
+++ b/coprs_frontend/coprs/views/api_ns/api_general.py
@@ -132,7 +132,7 @@ def api_coprs_by_owner(username=None):
methods=["POST"])
@login_required
def copr_new_build(username, coprname):
- form = forms.BuildForm()
+ form = forms.BuildForm(csrf_enabled=False)
copr = coprs_logic.CoprsLogic.get(flask.g.user, username,
coprname).first()
httpcode = 200
11 years, 2 months
Priorities for production
by Seth Vidal
We're still in a testing-mode for coprs right now and I'd like to think
about what our highest priorities are for production.
Right now things I care about/ I have been told I should care about - no
particular order:
- copr-cli
- fixing up the cases where a backend builder will hang/become
abandoned
- figure out how we manage sizing of the prodcution cloud instance(s)
- way for user to specify that they need a larger builder for their
software
- deletable coprs
- private coprs
what else is on other folks' lists?
-sv
11 years, 2 months
Introduction + Ticket 21
by Tomas Radej
Hi,
my name is Tomas Radej and I would like to contribute to COPR. I am a coworker of Slavek's at Red Hat. I take the liberty to fix the ticket 21 [1], and I shall post the patch here.
TR
--
Tomas Radej <tradej(a)redhat.com>
11 years, 2 months
[copr] master: Sigh... order descending, of course (e8ed56b)
by bkabrda@fedoraproject.org
Repository : http://git.fedorahosted.org/cgit/copr.git
On branch : master
>---------------------------------------------------------------
commit e8ed56b5ab170eb84b06bd5889d8b23d65c58387
Author: Bohuslav Kabrda <bkabrda(a)redhat.com>
Date: Mon Feb 4 14:53:42 2013 +0100
Sigh... order descending, of course
>---------------------------------------------------------------
coprs_frontend/coprs/models.py | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/coprs_frontend/coprs/models.py b/coprs_frontend/coprs/models.py
index fd95f10..18d8dfe 100644
--- a/coprs_frontend/coprs/models.py
+++ b/coprs_frontend/coprs/models.py
@@ -128,7 +128,7 @@ class Copr(db.Model, Serializer):
mock_chroots = association_proxy('copr_chroots', 'mock_chroot')
__mapper_args__ = {
- 'order_by' : created_on
+ 'order_by' : created_on.desc()
}
@property
11 years, 2 months
[copr] master: Sort coprs by created_on properly (4822ddb)
by bkabrda@fedoraproject.org
Repository : http://git.fedorahosted.org/cgit/copr.git
On branch : master
>---------------------------------------------------------------
commit 4822ddb055cd54261850e2baad988655ab183ad3
Author: Bohuslav Kabrda <bkabrda(a)redhat.com>
Date: Mon Feb 4 14:50:43 2013 +0100
Sort coprs by created_on properly
>---------------------------------------------------------------
coprs_frontend/coprs/models.py | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/coprs_frontend/coprs/models.py b/coprs_frontend/coprs/models.py
index e6b2fb3..fd95f10 100644
--- a/coprs_frontend/coprs/models.py
+++ b/coprs_frontend/coprs/models.py
@@ -127,6 +127,10 @@ class Copr(db.Model, Serializer):
owner = db.relationship('User', backref = db.backref('coprs'))
mock_chroots = association_proxy('copr_chroots', 'mock_chroot')
+ __mapper_args__ = {
+ 'order_by' : created_on
+ }
+
@property
def repos_list(self):
return self.repos.split()
11 years, 2 months
[copr] master: Use subquery load for mock_chroots, so that limit doesn't lower num of coprs. (3f85459)
by bkabrda@fedoraproject.org
Repository : http://git.fedorahosted.org/cgit/copr.git
On branch : master
>---------------------------------------------------------------
commit 3f85459cfe3b2af6f88240298e6ba6e9a7cc121c
Author: Bohuslav Kabrda <bkabrda(a)redhat.com>
Date: Mon Feb 4 14:44:13 2013 +0100
Use subquery load for mock_chroots, so that limit doesn't lower num of coprs.
>---------------------------------------------------------------
coprs_frontend/coprs/logic/coprs_logic.py | 3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/coprs_frontend/coprs/logic/coprs_logic.py b/coprs_frontend/coprs/logic/coprs_logic.py
index 36aa51f..afdeadb 100644
--- a/coprs_frontend/coprs/logic/coprs_logic.py
+++ b/coprs_frontend/coprs/logic/coprs_logic.py
@@ -46,8 +46,7 @@ class CoprsLogic(object):
join(aliased_user, models.CoprPermission.user).\
filter(aliased_user.openid_name == models.User.openidize_name(username))
if with_mock_chroots:
- query = query.outerjoin(*models.Copr.mock_chroots.attr).\
- options(db.contains_eager(*models.Copr.mock_chroots.attr))
+ query = query.options(db.subqueryload(*models.Copr.mock_chroots.attr))
return query
@classmethod
11 years, 2 months
[copr] master: Fix displaying the search form for unauthorized user (0769773)
by bkabrda@fedoraproject.org
Repository : http://git.fedorahosted.org/cgit/copr.git
On branch : master
>---------------------------------------------------------------
commit 07697737080e943b342c8aaa24bed1659aad9f11
Author: Bohuslav Kabrda <bkabrda(a)redhat.com>
Date: Mon Feb 4 14:00:57 2013 +0100
Fix displaying the search form for unauthorized user
>---------------------------------------------------------------
coprs_frontend/coprs/static/copr.css | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/coprs_frontend/coprs/static/copr.css b/coprs_frontend/coprs/static/copr.css
index c147a30..a2349a7 100644
--- a/coprs_frontend/coprs/static/copr.css
+++ b/coprs_frontend/coprs/static/copr.css
@@ -61,15 +61,17 @@ div.login, div.login a {
text-align: right;
position: relative;
- float: right;
margin-left: 0.3em;
}
+div.login {
+ float: right;
+}
+
div.login .text {
font-weight: normal;
}
-
div.page, div.menu-inner {
width: 780px;
margin-left: auto;
11 years, 2 months
[copr] master: Alter the fulltext search to match any of the input string parts (b99fe34)
by bkabrda@fedoraproject.org
Repository : http://git.fedorahosted.org/cgit/copr.git
On branch : master
>---------------------------------------------------------------
commit b99fe34a65130ebe8e392733cb1864c62c5f0b28
Author: Bohuslav Kabrda <bkabrda(a)redhat.com>
Date: Mon Feb 4 12:23:50 2013 +0100
Alter the fulltext search to match any of the input string parts
>---------------------------------------------------------------
coprs_frontend/coprs/sql_custom.py | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/coprs_frontend/coprs/sql_custom.py b/coprs_frontend/coprs/sql_custom.py
index 8a4aa62..3be56ed 100644
--- a/coprs_frontend/coprs/sql_custom.py
+++ b/coprs_frontend/coprs/sql_custom.py
@@ -20,6 +20,7 @@ def compile_tsvector(element, compiler, **kw):
class FullTextQuery(db.Query):
def fulltext(self, column, search_string):
if db.engine.dialect.name == 'postgresql':
- return self.filter(column.op('@@@')(func.plainto_tsquery(search_string)))
+ search_with_or = ' | '.join(search_string.split())
+ return self.filter(column.op('@@@')(func.to_tsquery(search_with_or)))
else:
return self.filter(column.like('%{0}%'.format(search_string)))
11 years, 2 months
[copr] master: This test isn't useful anymore (02e9007)
by bkabrda@fedoraproject.org
Repository : http://git.fedorahosted.org/cgit/copr.git
On branch : master
>---------------------------------------------------------------
commit 02e900750b5d56dc141dac82650c00a4f53b60fa
Author: Bohuslav Kabrda <bkabrda(a)redhat.com>
Date: Mon Feb 4 12:01:51 2013 +0100
This test isn't useful anymore
>---------------------------------------------------------------
.../tests/test_views/test_coprs_ns/test_general.py | 4 ----
1 files changed, 0 insertions(+), 4 deletions(-)
diff --git a/coprs_frontend/tests/test_views/test_coprs_ns/test_general.py b/coprs_frontend/tests/test_views/test_coprs_ns/test_general.py
index 9f3fad6..e81b857 100644
--- a/coprs_frontend/tests/test_views/test_coprs_ns/test_general.py
+++ b/coprs_frontend/tests/test_views/test_coprs_ns/test_general.py
@@ -141,10 +141,6 @@ class TestCoprDetail(CoprsTestCase):
assert '<td>{0}'.format(self.u3.name) in r.data
assert '<td>{0}'.format(self.u1.name) in r.data
- def test_copr_detail_doesnt_contain_forms_for_anonymous_user(self, f_users, f_coprs):
- r = self.tc.get('/coprs/detail/{0}/{1}/'.format(self.u2.name, self.c3.name))
- assert '<form' not in r.data
-
def test_copr_detail_allows_asking_for_permissions(self, f_users, f_coprs, f_copr_permissions):
with self.tc as c:
with c.session_transaction() as s:
11 years, 2 months
[copr] master: Change from using parameters to HTTP Basic access authentication (5c6fb54)
by bkabrda@fedoraproject.org
Repository : http://git.fedorahosted.org/cgit/copr.git
On branch : master
>---------------------------------------------------------------
commit 5c6fb54ad2d70688361db28923404be9bf3a1c06
Author: Pierre-Yves Chibon <pingou(a)pingoured.fr>
Date: Mon Feb 4 11:56:09 2013 +0100
Change from using parameters to HTTP Basic access authentication
This change prevent the username/API token from being displayed in the server logs
and makes the API actually working in a more standardized maner, using the http
headers as they are expected to be.
>---------------------------------------------------------------
copr_cli/subcommands.py | 4 +++-
coprs_frontend/coprs/views/misc.py | 10 ++++++++--
2 files changed, 11 insertions(+), 3 deletions(-)
diff --git a/copr_cli/subcommands.py b/copr_cli/subcommands.py
index ce267a2..c1af50a 100644
--- a/copr_cli/subcommands.py
+++ b/copr_cli/subcommands.py
@@ -101,7 +101,9 @@ class AddCopr(Command):
for chroot in args.chroots:
data[chroot] = 'y'
- req = requests.post(URL, params=user, data=data)
+ req = requests.post(URL,
+ auth=(user['username'], user['token']),
+ data=data)
output = json.loads(req.text)
if output['output'] == 'ok':
print output['message']
diff --git a/coprs_frontend/coprs/views/misc.py b/coprs_frontend/coprs/views/misc.py
index 48a1f3a..d7eb73e 100644
--- a/coprs_frontend/coprs/views/misc.py
+++ b/coprs_frontend/coprs/views/misc.py
@@ -1,3 +1,4 @@
+import base64
import datetime
import functools
@@ -79,8 +80,13 @@ def logout():
def login_required(f):
@functools.wraps(f)
def decorated_function(*args, **kwargs):
- token = flask.request.args.get('token')
- username = flask.request.args.get('username')
+ token = None
+ username = None
+ if 'Authorization' in flask.request.headers:
+ base64string = flask.request.headers['Authorization']
+ base64string = base64string.split()[1].strip()
+ userstring = base64.b64decode(base64string)
+ (username, token) = userstring.split(':')
token_auth = False
if token and username:
user = models.User.query.filter(
11 years, 2 months