summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJohannes Krampf <johannes.krampf@gmail.com>2011-12-03 11:59:46 +0100
committerJohannes Krampf <johannes.krampf@gmail.com>2011-12-03 11:59:46 +0100
commitc6deca08fa2a4a71483ad5d7ba9f16e0795bcf02 (patch)
tree49123983cc2150dc232a966a124dc9e5d98cef68
parentce034483ab02eca8921fe3441012b48a646de47b (diff)
parent4d02cd5b5d4437dd1543e2d45044db72da1989f4 (diff)
Merge https://projects.archlinux.org/git/archweb
-rw-r--r--devel/admin.py12
-rw-r--r--devel/management/commands/generate_keyring.py33
-rw-r--r--devel/management/commands/reporead.py170
-rw-r--r--devel/migrations/0001_initial.py18
-rw-r--r--devel/migrations/0002_auto__add_masterkey.py76
-rw-r--r--devel/migrations/__init__.py0
-rw-r--r--devel/models.py20
-rw-r--r--main/fields.py42
-rw-r--r--main/models.py48
-rw-r--r--main/templatetags/pgp.py13
-rw-r--r--media/archweb.js13
-rw-r--r--public/views.py19
-rw-r--r--sitemaps.py22
-rw-r--r--templates/devel/profile.html2
-rw-r--r--templates/packages/signoffs.html4
-rw-r--r--templates/public/index.html2
-rw-r--r--templates/public/keys.html57
-rw-r--r--urls.py1
18 files changed, 429 insertions, 123 deletions
diff --git a/devel/admin.py b/devel/admin.py
new file mode 100644
index 00000000..84082fb8
--- /dev/null
+++ b/devel/admin.py
@@ -0,0 +1,12 @@
+from django.contrib import admin
+
+from .models import MasterKey
+
+
+class MasterKeyAdmin(admin.ModelAdmin):
+ list_display = ('pgp_key', 'owner', 'created', 'revoker', 'revoked')
+ search_fields = ('pgp_key', 'owner', 'revoker')
+
+admin.site.register(MasterKey, MasterKeyAdmin)
+
+# vim: set ts=4 sw=4 et:
diff --git a/devel/management/commands/generate_keyring.py b/devel/management/commands/generate_keyring.py
index 35ab8874..062c738b 100644
--- a/devel/management/commands/generate_keyring.py
+++ b/devel/management/commands/generate_keyring.py
@@ -13,6 +13,7 @@ import logging
import subprocess
import sys
+from devel.models import MasterKey
from main.models import UserProfile
logging.basicConfig(
@@ -23,7 +24,7 @@ logging.basicConfig(
logger = logging.getLogger()
class Command(BaseCommand):
- args = "<keyserver> <keyring_path>"
+ args = "<keyserver> <keyring_path> [ownertrust_path]"
help = "Assemble a GPG keyring with all known developer keys."
def handle(self, *args, **options):
@@ -35,10 +36,14 @@ class Command(BaseCommand):
elif v == 2:
logger.level = logging.DEBUG
- if len(args) != 2:
+ if len(args) < 2:
raise CommandError("keyserver and keyring_path must be provided")
- return generate_keyring(args[0], args[1])
+ generate_keyring(args[0], args[1])
+
+ if len(args) > 2:
+ generate_ownertrust(args[2])
+
def generate_keyring(keyserver, keyring):
logger.info("getting all known key IDs")
@@ -48,12 +53,34 @@ def generate_keyring(keyserver, keyring):
pgp_key__isnull=False).extra(where=["pgp_key != ''"]).values_list(
"pgp_key", flat=True)
logger.info("%d keys fetched from user profiles", len(key_ids))
+ master_key_ids = MasterKey.objects.values_list("pgp_key", flat=True)
+ logger.info("%d keys fetched from master keys", len(master_key_ids))
gpg_cmd = ["gpg", "--no-default-keyring", "--keyring", keyring,
"--keyserver", keyserver, "--recv-keys"]
logger.info("running command: %r", gpg_cmd)
gpg_cmd.extend(key_ids)
+ gpg_cmd.extend(master_key_ids)
subprocess.check_call(gpg_cmd)
logger.info("keyring at %s successfully updated", keyring)
+
+TRUST_LEVELS = {
+ 'unknown': 0,
+ 'expired': 1,
+ 'undefined': 2,
+ 'never': 3,
+ 'marginal': 4,
+ 'fully': 5,
+ 'ultimate': 6,
+}
+
+
+def generate_ownertrust(trust_path):
+ master_key_ids = MasterKey.objects.values_list("pgp_key", flat=True)
+ with open(trust_path, "w") as trustfile:
+ for key_id in master_key_ids:
+ trustfile.write("%s:%d:\n" % (key_id, TRUST_LEVELS['marginal']))
+ logger.info("trust file at %s created or overwritten", trust_path)
+
# vim: set ts=4 sw=4 et:
diff --git a/devel/management/commands/reporead.py b/devel/management/commands/reporead.py
index cf101d97..c444538b 100644
--- a/devel/management/commands/reporead.py
+++ b/devel/management/commands/reporead.py
@@ -282,40 +282,20 @@ def select_pkg_for_update(dbpkg):
return list(new_pkg)[0]
-def db_update(archname, reponame, pkgs, options):
- """
- Parses a list and updates the Arch dev database accordingly.
-
- Arguments:
- pkgs -- A list of Pkg objects.
-
- """
- logger.info('Updating Arch: %s', archname)
- force = options.get('force', False)
- filesonly = options.get('filesonly', False)
-
+def update_common(archname, reponame, pkgs, sanity_check=True):
with transaction.commit_manually():
repository = Repo.objects.get(name__iexact=reponame)
architecture = Arch.objects.get(name__iexact=archname)
# no-arg order_by() removes even the default ordering; we don't need it
dbpkgs = Package.objects.filter(
arch=architecture, repo=repository).order_by()
- # This makes our inner loop where we find packages by name *way* more
- # efficient by not having to go to the database for each package to
- # SELECT them by name.
- dbdict = dict((dbpkg.pkgname, dbpkg) for dbpkg in dbpkgs)
-
- logger.debug("Creating sets")
- dbset = set(dbdict.keys())
- syncset = set([pkg.name for pkg in pkgs])
- logger.info("%d packages in current web DB", len(dbset))
- logger.info("%d packages in new updating db", len(syncset))
- in_sync_not_db = syncset - dbset
- logger.info("%d packages in sync not db", len(in_sync_not_db))
+
+ logger.info("%d packages in current web DB", len(dbpkgs))
+ logger.info("%d packages in new updating DB", len(pkgs))
# Try to catch those random package deletions that make Eric so unhappy.
- if len(dbset):
- dbpercent = 100.0 * len(syncset) / len(dbset)
+ if len(dbpkgs):
+ dbpercent = 100.0 * len(pkgs) / len(dbpkgs)
else:
dbpercent = 0.0
logger.info("DB package ratio: %.1f%%", dbpercent)
@@ -324,11 +304,13 @@ def db_update(archname, reponame, pkgs, options):
# means we expect the repo to fluctuate a lot.
msg = "Package database has %.1f%% the number of packages in the " \
"web database" % dbpercent
- if len(dbset) == 0 and len(syncset) == 0:
+ if not sanity_check:
+ pass
+ elif repository.testing or repository.staging:
pass
- elif not filesonly and \
- len(dbset) > 20 and dbpercent < 50.0 and \
- not repository.testing and not repository.staging:
+ elif len(dbpkgs) == 0 and len(pkgs) == 0:
+ pass
+ elif len(dbpkgs) > 20 and dbpercent < 50.0:
logger.error(msg)
raise Exception(msg)
elif dbpercent < 75.0:
@@ -339,27 +321,47 @@ def db_update(archname, reponame, pkgs, options):
# to guard against simultaneous updates
transaction.commit()
- if not filesonly:
- # packages in syncdb and not in database (add to database)
- for pkg in (pkg for pkg in pkgs if pkg.name in in_sync_not_db):
- logger.info("Adding package %s", pkg.name)
- dbpkg = Package(pkgname=pkg.name, arch=architecture, repo=repository)
- try:
- with transaction.commit_on_success():
- populate_pkg(dbpkg, pkg, timestamp=datetime.utcnow())
- except IntegrityError:
- logger.warning("Could not add package %s; "
- "not fatal if another thread beat us to it.",
- pkg.name, exc_info=True)
-
- # packages in database and not in syncdb (remove from database)
- for pkgname in (dbset - syncset):
- logger.info("Removing package %s", pkgname)
- dbpkg = dbdict[pkgname]
+ return dbpkgs
+
+def db_update(archname, reponame, pkgs, force=False):
+ """
+ Parses a list of packages and updates the packages database accordingly.
+ """
+ logger.info('Updating %s (%s)', reponame, archname)
+ dbpkgs = update_common(archname, reponame, pkgs, True)
+ repository = Repo.objects.get(name__iexact=reponame)
+ architecture = Arch.objects.get(name__iexact=archname)
+
+ # This makes our inner loop where we find packages by name *way* more
+ # efficient by not having to go to the database for each package to
+ # SELECT them by name.
+ dbdict = dict((dbpkg.pkgname, dbpkg) for dbpkg in dbpkgs)
+
+ dbset = set(dbdict.keys())
+ syncset = set([pkg.name for pkg in pkgs])
+
+ in_sync_not_db = syncset - dbset
+ logger.info("%d packages in sync not db", len(in_sync_not_db))
+ # packages in syncdb and not in database (add to database)
+ for pkg in (pkg for pkg in pkgs if pkg.name in in_sync_not_db):
+ logger.info("Adding package %s", pkg.name)
+ dbpkg = Package(pkgname=pkg.name, arch=architecture, repo=repository)
+ try:
with transaction.commit_on_success():
- # no race condition here as long as simultaneous threads both
- # issue deletes; second delete will be a no-op
- dbpkg.delete()
+ populate_pkg(dbpkg, pkg, timestamp=datetime.utcnow())
+ except IntegrityError:
+ logger.warning("Could not add package %s; "
+ "not fatal if another thread beat us to it.",
+ pkg.name, exc_info=True)
+
+ # packages in database and not in syncdb (remove from database)
+ for pkgname in (dbset - syncset):
+ logger.info("Removing package %s", pkgname)
+ dbpkg = dbdict[pkgname]
+ with transaction.commit_on_success():
+ # no race condition here as long as simultaneous threads both
+ # issue deletes; second delete will be a no-op
+ dbpkg.delete()
# packages in both database and in syncdb (update in database)
pkg_in_both = syncset & dbset
@@ -369,9 +371,7 @@ def db_update(archname, reponame, pkgs, options):
timestamp = None
# for a force, we don't want to update the timestamp.
# for a non-force, we don't want to do anything at all.
- if filesonly:
- pass
- elif pkg_same_version(pkg, dbpkg):
+ if pkg_same_version(pkg, dbpkg):
if not force:
continue
else:
@@ -380,26 +380,45 @@ def db_update(archname, reponame, pkgs, options):
# The odd select_for_update song and dance here are to ensure
# simultaneous updates don't happen on a package, causing
# files/depends/all related items to be double-imported.
- if filesonly:
- with transaction.commit_on_success():
- # TODO Django 1.4 select_for_update() will work once released
- dbpkg = select_pkg_for_update(dbpkg)
- if pkg_same_version(pkg, dbpkg):
- logger.debug("Package %s was already updated", pkg.name)
- continue
- logger.debug("Checking files for package %s", pkg.name)
- populate_files(dbpkg, pkg, force=force)
- else:
- with transaction.commit_on_success():
- # TODO Django 1.4 select_for_update() will work once released
- dbpkg = select_pkg_for_update(dbpkg)
- if pkg_same_version(pkg, dbpkg):
- logger.debug("Package %s was already updated", pkg.name)
- continue
- logger.info("Updating package %s", pkg.name)
- populate_pkg(dbpkg, pkg, force=force, timestamp=timestamp)
+ with transaction.commit_on_success():
+ # TODO Django 1.4 select_for_update() will work once released
+ dbpkg = select_pkg_for_update(dbpkg)
+ if pkg_same_version(pkg, dbpkg):
+ logger.debug("Package %s was already updated", pkg.name)
+ continue
+ logger.info("Updating package %s", pkg.name)
+ populate_pkg(dbpkg, pkg, force=force, timestamp=timestamp)
+
+ logger.info('Finished updating arch: %s', archname)
+
+
+def filesonly_update(archname, reponame, pkgs, force=False):
+ """
+ Parses a list of packages and updates the packages database accordingly.
+ """
+ logger.info('Updating files for %s (%s)', reponame, archname)
+ dbpkgs = update_common(archname, reponame, pkgs, False)
+ dbdict = dict((dbpkg.pkgname, dbpkg) for dbpkg in dbpkgs)
+ dbset = set(dbdict.keys())
+
+ for pkg in (pkg for pkg in pkgs if pkg.name in dbset):
+ dbpkg = dbdict[pkg.name]
+
+ # The odd select_for_update song and dance here are to ensure
+ # simultaneous updates don't happen on a package, causing
+ # files to be double-imported.
+ with transaction.commit_on_success():
+ if not dbpkg.files_last_update or not dbpkg.last_update:
+ pass
+ elif dbpkg.files_last_update > dbpkg.last_update:
+ logger.debug("Files for %s are up to date", pkg.name)
+ continue
+ # TODO Django 1.4 select_for_update() will work once released
+ dbpkg = select_pkg_for_update(dbpkg)
+ logger.debug("Checking files for package %s", pkg.name)
+ populate_files(dbpkg, pkg, force=force)
- logger.info('Finished updating Arch: %s', archname)
+ logger.info('Finished updating arch: %s', archname)
def parse_info(iofile):
@@ -488,6 +507,8 @@ def read_repo(primary_arch, repo_file, options):
"""
# always returns an Arch object, regardless of what is passed in
primary_arch = locate_arch(primary_arch)
+ force = options.get('force', False)
+ filesonly = options.get('filesonly', False)
repo, packages = parse_repo(repo_file)
@@ -507,7 +528,10 @@ def read_repo(primary_arch, repo_file, options):
logger.info('Starting database updates for %s.', repo_file)
for arch in sorted(packages_arches.keys()):
- db_update(arch, repo, packages_arches[arch], options)
+ if filesonly:
+ filesonly_update(arch, repo, packages_arches[arch], force)
+ else:
+ db_update(arch, repo, packages_arches[arch], force)
logger.info('Finished database updates for %s.', repo_file)
return 0
diff --git a/devel/migrations/0001_initial.py b/devel/migrations/0001_initial.py
new file mode 100644
index 00000000..c28fc20f
--- /dev/null
+++ b/devel/migrations/0001_initial.py
@@ -0,0 +1,18 @@
+# encoding: utf-8
+from south.db import db
+from south.v2 import SchemaMigration
+from django.db import models
+
+class Migration(SchemaMigration):
+
+ def forwards(self, orm):
+ pass
+
+
+ def backwards(self, orm):
+ pass
+
+
+ models = {}
+
+ complete_apps = ['devel']
diff --git a/devel/migrations/0002_auto__add_masterkey.py b/devel/migrations/0002_auto__add_masterkey.py
new file mode 100644
index 00000000..ac1f745a
--- /dev/null
+++ b/devel/migrations/0002_auto__add_masterkey.py
@@ -0,0 +1,76 @@
+# encoding: utf-8
+from south.db import db
+from south.v2 import SchemaMigration
+from django.db import models
+
+class Migration(SchemaMigration):
+
+ depends_on = (
+ ("main", "0051_auto__chg_field_userprofile_pgp_key"),
+ )
+
+ def forwards(self, orm):
+ # Adding model 'MasterKey'
+ db.create_table('devel_masterkey', (
+ ('id', self.gf('django.db.models.fields.AutoField')(primary_key=True)),
+ ('owner', self.gf('django.db.models.fields.related.ForeignKey')(related_name='masterkey_owner', to=orm['auth.User'])),
+ ('revoker', self.gf('django.db.models.fields.related.ForeignKey')(related_name='masterkey_revoker', to=orm['auth.User'])),
+ ('pgp_key', self.gf('main.fields.PGPKeyField')(max_length=40)),
+ ('created', self.gf('django.db.models.fields.DateTimeField')()),
+ ('revoked', self.gf('django.db.models.fields.DateTimeField')(null=True, blank=True)),
+ ))
+ db.send_create_signal('devel', ['MasterKey'])
+
+ def backwards(self, orm):
+ db.delete_table('devel_masterkey')
+
+
+ models = {
+ 'auth.group': {
+ 'Meta': {'object_name': 'Group'},
+ 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+ 'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '80'}),
+ 'permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'})
+ },
+ 'auth.permission': {
+ 'Meta': {'ordering': "('content_type__app_label', 'content_type__model', 'codename')", 'unique_together': "(('content_type', 'codename'),)", 'object_name': 'Permission'},
+ 'codename': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
+ 'content_type': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['contenttypes.ContentType']"}),
+ 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+ 'name': ('django.db.models.fields.CharField', [], {'max_length': '50'})
+ },
+ 'auth.user': {
+ 'Meta': {'object_name': 'User'},
+ 'date_joined': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),
+ 'email': ('django.db.models.fields.EmailField', [], {'max_length': '75', 'blank': 'True'}),
+ 'first_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),
+ 'groups': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Group']", 'symmetrical': 'False', 'blank': 'True'}),
+ 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+ 'is_active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}),
+ 'is_staff': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
+ 'is_superuser': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
+ 'last_login': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),
+ 'last_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),
+ 'password': ('django.db.models.fields.CharField', [], {'max_length': '128'}),
+ 'user_permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}),
+ 'username': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '30'})
+ },
+ 'contenttypes.contenttype': {
+ 'Meta': {'ordering': "('name',)", 'unique_together': "(('app_label', 'model'),)", 'object_name': 'ContentType', 'db_table': "'django_content_type'"},
+ 'app_label': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
+ 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+ 'model': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
+ 'name': ('django.db.models.fields.CharField', [], {'max_length': '100'})
+ },
+ 'devel.masterkey': {
+ 'Meta': {'object_name': 'MasterKey'},
+ 'created': ('django.db.models.fields.DateTimeField', [], {}),
+ 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+ 'owner': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'masterkey_owner'", 'to': "orm['auth.User']"}),
+ 'pgp_key': ('main.fields.PGPKeyField', [], {'max_length': '40'}),
+ 'revoked': ('django.db.models.fields.DateTimeField', [], {'null': 'True', 'blank': 'True'}),
+ 'revoker': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'masterkey_revoker'", 'to': "orm['auth.User']"})
+ }
+ }
+
+ complete_apps = ['devel']
diff --git a/devel/migrations/__init__.py b/devel/migrations/__init__.py
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/devel/migrations/__init__.py
diff --git a/devel/models.py b/devel/models.py
index e69de29b..f31b8fbb 100644
--- a/devel/models.py
+++ b/devel/models.py
@@ -0,0 +1,20 @@
+from django.db import models
+from django.contrib.auth.models import User
+
+from main.fields import PGPKeyField
+
+
+class MasterKey(models.Model):
+ owner = models.ForeignKey(User, related_name='masterkey_owner',
+ help_text="The developer holding this master key")
+ revoker = models.ForeignKey(User, related_name='masterkey_revoker',
+ help_text="The developer holding the revocation certificate")
+ pgp_key = PGPKeyField(max_length=40, verbose_name="PGP key fingerprint",
+ help_text="consists of 40 hex digits; use `gpg --fingerprint`")
+ created = models.DateTimeField()
+ revoked = models.DateTimeField(null=True, blank=True)
+
+ class Meta:
+ ordering = ('created',)
+
+# vim: set ts=4 sw=4 et:
diff --git a/main/fields.py b/main/fields.py
new file mode 100644
index 00000000..948cb5d9
--- /dev/null
+++ b/main/fields.py
@@ -0,0 +1,42 @@
+from django.db import models
+from django.core.validators import RegexValidator
+
+
+class PositiveBigIntegerField(models.BigIntegerField):
+ _south_introspects = True
+
+ def get_internal_type(self):
+ return "BigIntegerField"
+
+ def formfield(self, **kwargs):
+ defaults = { 'min_value': 0 }
+ defaults.update(kwargs)
+ return super(PositiveBigIntegerField, self).formfield(**defaults)
+
+class PGPKeyField(models.CharField):
+ _south_introspects = True
+
+ def __init__(self, *args, **kwargs):
+ super(PGPKeyField, self).__init__(*args, **kwargs)
+ self.validators.append(RegexValidator(r'^[0-9A-F]{40}$',
+ "Ensure this value consists of 40 hex characters.", 'hex_char'))
+
+ def to_python(self, value):
+ if value == '' or value is None:
+ return None
+ value = super(PGPKeyField, self).to_python(value)
+ # remove all spaces
+ value = value.replace(' ', '')
+ # prune prefixes, either 0x or 2048R/ type
+ if value.startswith('0x'):
+ value = value[2:]
+ value = value.split('/')[-1]
+ # make all (hex letters) uppercase
+ return value.upper()
+
+ def formfield(self, **kwargs):
+ # override so we don't set max_length form field attribute
+ return models.Field.formfield(self, **kwargs)
+
+
+# vim: set ts=4 sw=4 et:
diff --git a/main/models.py b/main/models.py
index d7780b91..9156fb51 100644
--- a/main/models.py
+++ b/main/models.py
@@ -1,47 +1,17 @@
from django.db import models
from django.db.models.signals import pre_save
-from django.core.validators import RegexValidator
from django.contrib.auth.models import User
from django.contrib.sites.models import Site
from django.forms import ValidationError
-from main.utils import cache_function, make_choice, set_created_field
+from .fields import PositiveBigIntegerField, PGPKeyField
+from .utils import cache_function, make_choice, set_created_field
from packages.models import PackageRelation
from datetime import datetime
from itertools import groupby
import pytz
-class PositiveBigIntegerField(models.BigIntegerField):
- _south_introspects = True
-
- def get_internal_type(self):
- return "BigIntegerField"
-
- def formfield(self, **kwargs):
- defaults = {'min_value': 0}
- defaults.update(kwargs)
- return super(PositiveBigIntegerField, self).formfield(**defaults)
-
-class PGPKeyField(models.CharField):
- _south_introspects = True
-
- def to_python(self, value):
- if value == '' or value is None:
- return None
- value = super(PGPKeyField, self).to_python(value)
- # remove all spaces
- value = value.replace(' ', '')
- # prune prefixes, either 0x or 2048R/ type
- if value.startswith('0x'):
- value = value[2:]
- value = value.split('/')[-1]
- # make all (hex letters) uppercase
- return value.upper()
-
- def formfield(self, **kwargs):
- # override so we don't set max_length form field attribute
- return models.Field.formfield(self, **kwargs)
class UserProfile(models.Model):
notify = models.BooleanField(
@@ -62,8 +32,6 @@ class UserProfile(models.Model):
other_contact = models.CharField(max_length=100, null=True, blank=True)
pgp_key = PGPKeyField(max_length=40, null=True, blank=True,
verbose_name="PGP key fingerprint",
- validators=[RegexValidator(r'^[0-9A-F]{40}$',
- "Ensure this value consists of 40 hex characters.", 'hex_char')],
help_text="consists of 40 hex digits; use `gpg --fingerprint`")
website = models.CharField(max_length=200, null=True, blank=True)
yob = models.IntegerField("Year of birth", null=True, blank=True)
@@ -85,6 +53,18 @@ class UserProfile(models.Model):
verbose_name = 'Additional Profile Data'
verbose_name_plural = 'Additional Profile Data'
+ def get_absolute_url(self):
+ # TODO: this is disgusting. find a way to consolidate this logic with
+ # public.views.userlist among other places, and make some constants or
+ # something so we aren't using copies of string names everywhere.
+ group_names = self.user.groups.values_list('name', flat=True)
+ if "Developers" in group_names:
+ prefix = "developers"
+ elif "Trusted Users" in group_names:
+ prefix = "trustedusers"
+ else:
+ prefix = "fellows"
+ return '/%s/#%s' % (prefix, self.user.username)
class TodolistManager(models.Manager):
def incomplete(self):
diff --git a/main/templatetags/pgp.py b/main/templatetags/pgp.py
index 67f5e08d..d69e2918 100644
--- a/main/templatetags/pgp.py
+++ b/main/templatetags/pgp.py
@@ -1,5 +1,7 @@
from django import template
from django.conf import settings
+from django.utils.html import conditional_escape
+from django.utils.safestring import mark_safe
register = template.Library()
@@ -26,4 +28,15 @@ def pgp_key_link(key_id):
values = (url, format_key(key_id), key_id[-8:])
return '<a href="%s" title="PGP key search for %s">0x%s</a>' % values
+@register.filter
+def pgp_fingerprint(key_id, autoescape=True):
+ if not key_id:
+ return u''
+ if autoescape:
+ esc = conditional_escape
+ else:
+ esc = lambda x: x
+ return mark_safe(format_key(esc(key_id)))
+pgp_fingerprint.needs_autoescape = True
+
# vim: set ts=4 sw=4 et:
diff --git a/media/archweb.js b/media/archweb.js
index 4f098c7d..151d0f81 100644
--- a/media/archweb.js
+++ b/media/archweb.js
@@ -55,6 +55,19 @@ if (typeof $.tablesorter !== 'undefined') {
type: 'numeric'
});
$.tablesorter.addParser({
+ id: 'epochdate',
+ is: function(s) { return false; },
+ format: function(s, t, c) {
+ /* TODO: this assumes our magic class is the only one */
+ var epoch = $(c).attr('class');
+ if (!epoch.indexOf('epoch-') == 0) {
+ return 0;
+ }
+ return epoch.slice(6);
+ },
+ type: 'numeric'
+ });
+ $.tablesorter.addParser({
id: 'longDateTime',
re: /^(\d{4})-(\d{2})-(\d{2}) ([012]\d):([0-5]\d)(:([0-5]\d))?( (\w+))?$/,
is: function(s) {
diff --git a/public/views.py b/public/views.py
index 43b46b12..af46e343 100644
--- a/public/views.py
+++ b/public/views.py
@@ -1,8 +1,3 @@
-from main.models import Arch, Repo, Donor
-from mirrors.models import MirrorUrl
-from news.models import News
-from . import utils
-
from django.conf import settings
from django.contrib.auth.models import User
from django.http import Http404
@@ -10,9 +5,14 @@ from django.shortcuts import redirect
from django.views.generic import list_detail
from django.views.generic.simple import direct_to_template
+from devel.models import MasterKey
+from main.models import Arch, Repo, Donor
+from mirrors.models import MirrorUrl
+from news.models import News
+from utils import get_recent_updates
def index(request):
- pkgs = utils.get_recent_updates()
+ pkgs = get_recent_updates()
context = {
'news_updates': News.objects.order_by('-postdate', '-id')[:15],
'pkg_updates': pkgs,
@@ -61,4 +61,11 @@ def feeds(request):
}
return direct_to_template(request, 'public/feeds.html', context)
+def keys(request):
+ context = {
+ 'keys': MasterKey.objects.select_related('owner', 'revoker',
+ 'owner__userprofile', 'revoker__userprofile').all(),
+ }
+ return direct_to_template(request, 'public/keys.html', context)
+
# vim: set ts=4 sw=4 et:
diff --git a/sitemaps.py b/sitemaps.py
index 7718002d..958d1f44 100644
--- a/sitemaps.py
+++ b/sitemaps.py
@@ -71,10 +71,24 @@ class BaseSitemap(Sitemap):
base_viewnames = (
('index', 1.0, 'hourly'),
('packages-search', 0.8, 'hourly'),
- 'page-about', 'page-art', 'page-svn', 'page-devs', 'page-tus',
- 'page-fellows', 'page-donate', 'page-download', 'news-list',
- 'feeds-list', 'groups-list', 'mirror-list', 'mirror-status',
- 'mirrorlist', 'packages-differences', 'releng-test-overview',
+ ('page-keys', 0.8, 'weekly'),
+ ('news-list', 0.7, 'weekly'),
+ ('groups-list', 0.5, 'weekly'),
+ ('mirror-status', 0.4, 'hourly'),
+ 'page-about',
+ 'page-art',
+ 'page-svn',
+ 'page-devs',
+ 'page-tus',
+ 'page-fellows',
+ 'page-donate',
+ 'page-download',
+ 'feeds-list',
+ 'mirror-list',
+ 'mirrorlist',
+ 'packages-differences',
+ 'releng-test-overview',
+ 'visualize-index',
)
def items(self):
diff --git a/templates/devel/profile.html b/templates/devel/profile.html
index b731b3a7..b497a20a 100644
--- a/templates/devel/profile.html
+++ b/templates/devel/profile.html
@@ -6,7 +6,7 @@
<h2>Developer Profile</h2>
- <form id="edit-profile-form" enctype="multipart/form-data" method="post">{% csrf_token %}
+ <form id="edit-profile-form" enctype="multipart/form-data" method="post" action="">{% csrf_token %}
<p><em>Note:</em> This is the public information shown on the developer
and/or TU profiles page, so please be appropriate with the information
you provide here.</p>
diff --git a/templates/packages/signoffs.html b/templates/packages/signoffs.html
index 125b3611..c24774a9 100644
--- a/templates/packages/signoffs.html
+++ b/templates/packages/signoffs.html
@@ -56,7 +56,7 @@
<td>{{ group.target_repo }}</td>
<td>{{ group.packager|default:"Unknown" }}</td>
<td>{{ group.packages|length }}</td>
- <td>{{ group.last_update|date }}</td>
+ <td class="epoch-{{ group.last_update|date:'U' }}">{{ group.last_update|date }}</td>
{% if group.specification.known_bad %}
<td class="approval signoff-bad">Bad</td>
{% else %}
@@ -85,7 +85,7 @@
$(document).ready(function() {
$('a.signoff-link').click(signoff_package);
$(".results").tablesorter({widgets: ['zebra'], sortList: [[0,0]],
- headers: { 7: { sorter: false }, 8: {sorter: false } } });
+ headers: { 5: { sorter: 'epochdate' }, 7: { sorter: false }, 8: {sorter: false } } });
$('#signoffs_filter input').change(filter_signoffs);
$('#criteria_reset').click(filter_signoffs_reset);
// fire function on page load to ensure the current form selections take effect
diff --git a/templates/public/index.html b/templates/public/index.html
index 188c572f..36bb5484 100644
--- a/templates/public/index.html
+++ b/templates/public/index.html
@@ -148,6 +148,8 @@
<h4>Development</h4>
<ul>
+ <li><a href="{% url page-keys %}"
+ title="Package/Database signing master keys">Master Keys</a></li>
<li><a href="/packages/"
title="View/search the package repository database">Packages</a></li>
<li><a href="/groups/"
diff --git a/templates/public/keys.html b/templates/public/keys.html
new file mode 100644
index 00000000..2e7fcebe
--- /dev/null
+++ b/templates/public/keys.html
@@ -0,0 +1,57 @@
+{% extends "base.html" %}
+{% load pgp %}
+
+{% block title %}Arch Linux - Master Signing Keys{% endblock %}
+
+{% block content %}
+<div id="signing-keys" class="box">
+ <h2>Master Signing Keys</h2>
+
+ <p>This page lists the Arch Linux Master Keys. This is a distributed set of
+ keys that are seen as "official" signing keys of the distribution. Each key
+ is held by a different developer, and a revocation certificate for the key
+ is held by a different developer. Thus, no one developer has absolute hold
+ on any sort of absolute, root trust.</p>
+ <p>The {{ keys|length }} key{{ keys|pluralize }} listed below should be
+ regarded as the current set of master keys. They are available on public
+ keyservers and should be signed by the owner of the key.</p>
+ <p>All official Arch Linux developers and trusted users should have their
+ key signed by at least three of these master keys. This is in accordance
+ with the PGP <em>web of trust</em> concept. If a user is willing to
+ marginally trust all of the master keys, three signatures from different
+ master keys will consider a given developer's key as valid. For more
+ information on trust, please consult the
+ <a href="http://www.gnupg.org/gph/en/manual.html">GNU Privacy Handbook</a>
+ and <a href="http://www.gnupg.org/gph/en/manual.html#AEN385">Using trust to
+ validate keys</a>.</p>
+
+ <table class="pretty2">
+ <thead>
+ <tr>
+ <th>Master Key</th>
+ <th>Full Fingerprint</th>
+ <th>Owner</th>
+ <th>Owner's Signing Key</th>
+ <th>Revoker</th>
+ <th>Revoker's Signing Key</th>
+ </tr>
+ </thead>
+ <tbody>
+ {% for key in keys %}
+ <tr>
+ <td>{% pgp_key_link key.pgp_key %}</td>
+ <td>{{ key.pgp_key|pgp_fingerprint }}</td>
+ {% with key.owner.userprofile as owner_profile %}
+ <td><a href="{{ owner_profile.get_absolute_url }}">{{ key.owner.get_full_name }}</a></td>
+ <td>{% pgp_key_link owner_profile.pgp_key %}</td>
+ {% endwith %}
+ {% with key.revoker.userprofile as revoker_profile %}
+ <td><a href="{{ revoker_profile.get_absolute_url }}">{{ key.revoker.get_full_name }}</a></td>
+ <td>{% pgp_key_link revoker_profile.pgp_key %}</td>
+ {% endwith %}
+ </tr>
+ {% endfor %}
+ </tbody>
+ </table>
+</div>
+{% endblock %}
diff --git a/urls.py b/urls.py
index cbe7b900..64931968 100644
--- a/urls.py
+++ b/urls.py
@@ -68,6 +68,7 @@ urlpatterns += patterns('public.views',
(r'^fellows/$', 'userlist', { 'user_type':'fellows' }, 'page-fellows'),
(r'^donate/$', 'donate', {}, 'page-donate'),
(r'^download/$', 'download', {}, 'page-download'),
+ (r'^master-keys/$', 'keys', {}, 'page-keys'),
)
# Includes and other remaining stuff