diff options
| -rw-r--r-- | devel/admin.py | 12 | ||||
| -rw-r--r-- | devel/management/commands/generate_keyring.py | 33 | ||||
| -rw-r--r-- | devel/management/commands/reporead.py | 170 | ||||
| -rw-r--r-- | devel/migrations/0001_initial.py | 18 | ||||
| -rw-r--r-- | devel/migrations/0002_auto__add_masterkey.py | 76 | ||||
| -rw-r--r-- | devel/migrations/__init__.py | 0 | ||||
| -rw-r--r-- | devel/models.py | 20 | ||||
| -rw-r--r-- | main/fields.py | 42 | ||||
| -rw-r--r-- | main/models.py | 48 | ||||
| -rw-r--r-- | main/templatetags/pgp.py | 13 | ||||
| -rw-r--r-- | media/archweb.js | 13 | ||||
| -rw-r--r-- | public/views.py | 19 | ||||
| -rw-r--r-- | sitemaps.py | 22 | ||||
| -rw-r--r-- | templates/devel/profile.html | 2 | ||||
| -rw-r--r-- | templates/packages/signoffs.html | 4 | ||||
| -rw-r--r-- | templates/public/index.html | 2 | ||||
| -rw-r--r-- | templates/public/keys.html | 57 | ||||
| -rw-r--r-- | urls.py | 1 |
18 files changed, 429 insertions, 123 deletions
diff --git a/devel/admin.py b/devel/admin.py new file mode 100644 index 00000000..84082fb8 --- /dev/null +++ b/devel/admin.py @@ -0,0 +1,12 @@ +from django.contrib import admin + +from .models import MasterKey + + +class MasterKeyAdmin(admin.ModelAdmin): + list_display = ('pgp_key', 'owner', 'created', 'revoker', 'revoked') + search_fields = ('pgp_key', 'owner', 'revoker') + +admin.site.register(MasterKey, MasterKeyAdmin) + +# vim: set ts=4 sw=4 et: diff --git a/devel/management/commands/generate_keyring.py b/devel/management/commands/generate_keyring.py index 35ab8874..062c738b 100644 --- a/devel/management/commands/generate_keyring.py +++ b/devel/management/commands/generate_keyring.py @@ -13,6 +13,7 @@ import logging import subprocess import sys +from devel.models import MasterKey from main.models import UserProfile logging.basicConfig( @@ -23,7 +24,7 @@ logging.basicConfig( logger = logging.getLogger() class Command(BaseCommand): - args = "<keyserver> <keyring_path>" + args = "<keyserver> <keyring_path> [ownertrust_path]" help = "Assemble a GPG keyring with all known developer keys." def handle(self, *args, **options): @@ -35,10 +36,14 @@ class Command(BaseCommand): elif v == 2: logger.level = logging.DEBUG - if len(args) != 2: + if len(args) < 2: raise CommandError("keyserver and keyring_path must be provided") - return generate_keyring(args[0], args[1]) + generate_keyring(args[0], args[1]) + + if len(args) > 2: + generate_ownertrust(args[2]) + def generate_keyring(keyserver, keyring): logger.info("getting all known key IDs") @@ -48,12 +53,34 @@ def generate_keyring(keyserver, keyring): pgp_key__isnull=False).extra(where=["pgp_key != ''"]).values_list( "pgp_key", flat=True) logger.info("%d keys fetched from user profiles", len(key_ids)) + master_key_ids = MasterKey.objects.values_list("pgp_key", flat=True) + logger.info("%d keys fetched from master keys", len(master_key_ids)) gpg_cmd = ["gpg", "--no-default-keyring", "--keyring", keyring, "--keyserver", keyserver, "--recv-keys"] logger.info("running command: %r", gpg_cmd) gpg_cmd.extend(key_ids) + gpg_cmd.extend(master_key_ids) subprocess.check_call(gpg_cmd) logger.info("keyring at %s successfully updated", keyring) + +TRUST_LEVELS = { + 'unknown': 0, + 'expired': 1, + 'undefined': 2, + 'never': 3, + 'marginal': 4, + 'fully': 5, + 'ultimate': 6, +} + + +def generate_ownertrust(trust_path): + master_key_ids = MasterKey.objects.values_list("pgp_key", flat=True) + with open(trust_path, "w") as trustfile: + for key_id in master_key_ids: + trustfile.write("%s:%d:\n" % (key_id, TRUST_LEVELS['marginal'])) + logger.info("trust file at %s created or overwritten", trust_path) + # vim: set ts=4 sw=4 et: diff --git a/devel/management/commands/reporead.py b/devel/management/commands/reporead.py index cf101d97..c444538b 100644 --- a/devel/management/commands/reporead.py +++ b/devel/management/commands/reporead.py @@ -282,40 +282,20 @@ def select_pkg_for_update(dbpkg): return list(new_pkg)[0] -def db_update(archname, reponame, pkgs, options): - """ - Parses a list and updates the Arch dev database accordingly. - - Arguments: - pkgs -- A list of Pkg objects. - - """ - logger.info('Updating Arch: %s', archname) - force = options.get('force', False) - filesonly = options.get('filesonly', False) - +def update_common(archname, reponame, pkgs, sanity_check=True): with transaction.commit_manually(): repository = Repo.objects.get(name__iexact=reponame) architecture = Arch.objects.get(name__iexact=archname) # no-arg order_by() removes even the default ordering; we don't need it dbpkgs = Package.objects.filter( arch=architecture, repo=repository).order_by() - # This makes our inner loop where we find packages by name *way* more - # efficient by not having to go to the database for each package to - # SELECT them by name. - dbdict = dict((dbpkg.pkgname, dbpkg) for dbpkg in dbpkgs) - - logger.debug("Creating sets") - dbset = set(dbdict.keys()) - syncset = set([pkg.name for pkg in pkgs]) - logger.info("%d packages in current web DB", len(dbset)) - logger.info("%d packages in new updating db", len(syncset)) - in_sync_not_db = syncset - dbset - logger.info("%d packages in sync not db", len(in_sync_not_db)) + + logger.info("%d packages in current web DB", len(dbpkgs)) + logger.info("%d packages in new updating DB", len(pkgs)) # Try to catch those random package deletions that make Eric so unhappy. - if len(dbset): - dbpercent = 100.0 * len(syncset) / len(dbset) + if len(dbpkgs): + dbpercent = 100.0 * len(pkgs) / len(dbpkgs) else: dbpercent = 0.0 logger.info("DB package ratio: %.1f%%", dbpercent) @@ -324,11 +304,13 @@ def db_update(archname, reponame, pkgs, options): # means we expect the repo to fluctuate a lot. msg = "Package database has %.1f%% the number of packages in the " \ "web database" % dbpercent - if len(dbset) == 0 and len(syncset) == 0: + if not sanity_check: + pass + elif repository.testing or repository.staging: pass - elif not filesonly and \ - len(dbset) > 20 and dbpercent < 50.0 and \ - not repository.testing and not repository.staging: + elif len(dbpkgs) == 0 and len(pkgs) == 0: + pass + elif len(dbpkgs) > 20 and dbpercent < 50.0: logger.error(msg) raise Exception(msg) elif dbpercent < 75.0: @@ -339,27 +321,47 @@ def db_update(archname, reponame, pkgs, options): # to guard against simultaneous updates transaction.commit() - if not filesonly: - # packages in syncdb and not in database (add to database) - for pkg in (pkg for pkg in pkgs if pkg.name in in_sync_not_db): - logger.info("Adding package %s", pkg.name) - dbpkg = Package(pkgname=pkg.name, arch=architecture, repo=repository) - try: - with transaction.commit_on_success(): - populate_pkg(dbpkg, pkg, timestamp=datetime.utcnow()) - except IntegrityError: - logger.warning("Could not add package %s; " - "not fatal if another thread beat us to it.", - pkg.name, exc_info=True) - - # packages in database and not in syncdb (remove from database) - for pkgname in (dbset - syncset): - logger.info("Removing package %s", pkgname) - dbpkg = dbdict[pkgname] + return dbpkgs + +def db_update(archname, reponame, pkgs, force=False): + """ + Parses a list of packages and updates the packages database accordingly. + """ + logger.info('Updating %s (%s)', reponame, archname) + dbpkgs = update_common(archname, reponame, pkgs, True) + repository = Repo.objects.get(name__iexact=reponame) + architecture = Arch.objects.get(name__iexact=archname) + + # This makes our inner loop where we find packages by name *way* more + # efficient by not having to go to the database for each package to + # SELECT them by name. + dbdict = dict((dbpkg.pkgname, dbpkg) for dbpkg in dbpkgs) + + dbset = set(dbdict.keys()) + syncset = set([pkg.name for pkg in pkgs]) + + in_sync_not_db = syncset - dbset + logger.info("%d packages in sync not db", len(in_sync_not_db)) + # packages in syncdb and not in database (add to database) + for pkg in (pkg for pkg in pkgs if pkg.name in in_sync_not_db): + logger.info("Adding package %s", pkg.name) + dbpkg = Package(pkgname=pkg.name, arch=architecture, repo=repository) + try: with transaction.commit_on_success(): - # no race condition here as long as simultaneous threads both - # issue deletes; second delete will be a no-op - dbpkg.delete() + populate_pkg(dbpkg, pkg, timestamp=datetime.utcnow()) + except IntegrityError: + logger.warning("Could not add package %s; " + "not fatal if another thread beat us to it.", + pkg.name, exc_info=True) + + # packages in database and not in syncdb (remove from database) + for pkgname in (dbset - syncset): + logger.info("Removing package %s", pkgname) + dbpkg = dbdict[pkgname] + with transaction.commit_on_success(): + # no race condition here as long as simultaneous threads both + # issue deletes; second delete will be a no-op + dbpkg.delete() # packages in both database and in syncdb (update in database) pkg_in_both = syncset & dbset @@ -369,9 +371,7 @@ def db_update(archname, reponame, pkgs, options): timestamp = None # for a force, we don't want to update the timestamp. # for a non-force, we don't want to do anything at all. - if filesonly: - pass - elif pkg_same_version(pkg, dbpkg): + if pkg_same_version(pkg, dbpkg): if not force: continue else: @@ -380,26 +380,45 @@ def db_update(archname, reponame, pkgs, options): # The odd select_for_update song and dance here are to ensure # simultaneous updates don't happen on a package, causing # files/depends/all related items to be double-imported. - if filesonly: - with transaction.commit_on_success(): - # TODO Django 1.4 select_for_update() will work once released - dbpkg = select_pkg_for_update(dbpkg) - if pkg_same_version(pkg, dbpkg): - logger.debug("Package %s was already updated", pkg.name) - continue - logger.debug("Checking files for package %s", pkg.name) - populate_files(dbpkg, pkg, force=force) - else: - with transaction.commit_on_success(): - # TODO Django 1.4 select_for_update() will work once released - dbpkg = select_pkg_for_update(dbpkg) - if pkg_same_version(pkg, dbpkg): - logger.debug("Package %s was already updated", pkg.name) - continue - logger.info("Updating package %s", pkg.name) - populate_pkg(dbpkg, pkg, force=force, timestamp=timestamp) + with transaction.commit_on_success(): + # TODO Django 1.4 select_for_update() will work once released + dbpkg = select_pkg_for_update(dbpkg) + if pkg_same_version(pkg, dbpkg): + logger.debug("Package %s was already updated", pkg.name) + continue + logger.info("Updating package %s", pkg.name) + populate_pkg(dbpkg, pkg, force=force, timestamp=timestamp) + + logger.info('Finished updating arch: %s', archname) + + +def filesonly_update(archname, reponame, pkgs, force=False): + """ + Parses a list of packages and updates the packages database accordingly. + """ + logger.info('Updating files for %s (%s)', reponame, archname) + dbpkgs = update_common(archname, reponame, pkgs, False) + dbdict = dict((dbpkg.pkgname, dbpkg) for dbpkg in dbpkgs) + dbset = set(dbdict.keys()) + + for pkg in (pkg for pkg in pkgs if pkg.name in dbset): + dbpkg = dbdict[pkg.name] + + # The odd select_for_update song and dance here are to ensure + # simultaneous updates don't happen on a package, causing + # files to be double-imported. + with transaction.commit_on_success(): + if not dbpkg.files_last_update or not dbpkg.last_update: + pass + elif dbpkg.files_last_update > dbpkg.last_update: + logger.debug("Files for %s are up to date", pkg.name) + continue + # TODO Django 1.4 select_for_update() will work once released + dbpkg = select_pkg_for_update(dbpkg) + logger.debug("Checking files for package %s", pkg.name) + populate_files(dbpkg, pkg, force=force) - logger.info('Finished updating Arch: %s', archname) + logger.info('Finished updating arch: %s', archname) def parse_info(iofile): @@ -488,6 +507,8 @@ def read_repo(primary_arch, repo_file, options): """ # always returns an Arch object, regardless of what is passed in primary_arch = locate_arch(primary_arch) + force = options.get('force', False) + filesonly = options.get('filesonly', False) repo, packages = parse_repo(repo_file) @@ -507,7 +528,10 @@ def read_repo(primary_arch, repo_file, options): logger.info('Starting database updates for %s.', repo_file) for arch in sorted(packages_arches.keys()): - db_update(arch, repo, packages_arches[arch], options) + if filesonly: + filesonly_update(arch, repo, packages_arches[arch], force) + else: + db_update(arch, repo, packages_arches[arch], force) logger.info('Finished database updates for %s.', repo_file) return 0 diff --git a/devel/migrations/0001_initial.py b/devel/migrations/0001_initial.py new file mode 100644 index 00000000..c28fc20f --- /dev/null +++ b/devel/migrations/0001_initial.py @@ -0,0 +1,18 @@ +# encoding: utf-8 +from south.db import db +from south.v2 import SchemaMigration +from django.db import models + +class Migration(SchemaMigration): + + def forwards(self, orm): + pass + + + def backwards(self, orm): + pass + + + models = {} + + complete_apps = ['devel'] diff --git a/devel/migrations/0002_auto__add_masterkey.py b/devel/migrations/0002_auto__add_masterkey.py new file mode 100644 index 00000000..ac1f745a --- /dev/null +++ b/devel/migrations/0002_auto__add_masterkey.py @@ -0,0 +1,76 @@ +# encoding: utf-8 +from south.db import db +from south.v2 import SchemaMigration +from django.db import models + +class Migration(SchemaMigration): + + depends_on = ( + ("main", "0051_auto__chg_field_userprofile_pgp_key"), + ) + + def forwards(self, orm): + # Adding model 'MasterKey' + db.create_table('devel_masterkey', ( + ('id', self.gf('django.db.models.fields.AutoField')(primary_key=True)), + ('owner', self.gf('django.db.models.fields.related.ForeignKey')(related_name='masterkey_owner', to=orm['auth.User'])), + ('revoker', self.gf('django.db.models.fields.related.ForeignKey')(related_name='masterkey_revoker', to=orm['auth.User'])), + ('pgp_key', self.gf('main.fields.PGPKeyField')(max_length=40)), + ('created', self.gf('django.db.models.fields.DateTimeField')()), + ('revoked', self.gf('django.db.models.fields.DateTimeField')(null=True, blank=True)), + )) + db.send_create_signal('devel', ['MasterKey']) + + def backwards(self, orm): + db.delete_table('devel_masterkey') + + + models = { + 'auth.group': { + 'Meta': {'object_name': 'Group'}, + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '80'}), + 'permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}) + }, + 'auth.permission': { + 'Meta': {'ordering': "('content_type__app_label', 'content_type__model', 'codename')", 'unique_together': "(('content_type', 'codename'),)", 'object_name': 'Permission'}, + 'codename': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'content_type': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['contenttypes.ContentType']"}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '50'}) + }, + 'auth.user': { + 'Meta': {'object_name': 'User'}, + 'date_joined': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}), + 'email': ('django.db.models.fields.EmailField', [], {'max_length': '75', 'blank': 'True'}), + 'first_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}), + 'groups': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Group']", 'symmetrical': 'False', 'blank': 'True'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'is_active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'is_staff': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'is_superuser': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'last_login': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}), + 'last_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}), + 'password': ('django.db.models.fields.CharField', [], {'max_length': '128'}), + 'user_permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}), + 'username': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '30'}) + }, + 'contenttypes.contenttype': { + 'Meta': {'ordering': "('name',)", 'unique_together': "(('app_label', 'model'),)", 'object_name': 'ContentType', 'db_table': "'django_content_type'"}, + 'app_label': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'model': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '100'}) + }, + 'devel.masterkey': { + 'Meta': {'object_name': 'MasterKey'}, + 'created': ('django.db.models.fields.DateTimeField', [], {}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'owner': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'masterkey_owner'", 'to': "orm['auth.User']"}), + 'pgp_key': ('main.fields.PGPKeyField', [], {'max_length': '40'}), + 'revoked': ('django.db.models.fields.DateTimeField', [], {'null': 'True', 'blank': 'True'}), + 'revoker': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'masterkey_revoker'", 'to': "orm['auth.User']"}) + } + } + + complete_apps = ['devel'] diff --git a/devel/migrations/__init__.py b/devel/migrations/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/devel/migrations/__init__.py diff --git a/devel/models.py b/devel/models.py index e69de29b..f31b8fbb 100644 --- a/devel/models.py +++ b/devel/models.py @@ -0,0 +1,20 @@ +from django.db import models +from django.contrib.auth.models import User + +from main.fields import PGPKeyField + + +class MasterKey(models.Model): + owner = models.ForeignKey(User, related_name='masterkey_owner', + help_text="The developer holding this master key") + revoker = models.ForeignKey(User, related_name='masterkey_revoker', + help_text="The developer holding the revocation certificate") + pgp_key = PGPKeyField(max_length=40, verbose_name="PGP key fingerprint", + help_text="consists of 40 hex digits; use `gpg --fingerprint`") + created = models.DateTimeField() + revoked = models.DateTimeField(null=True, blank=True) + + class Meta: + ordering = ('created',) + +# vim: set ts=4 sw=4 et: diff --git a/main/fields.py b/main/fields.py new file mode 100644 index 00000000..948cb5d9 --- /dev/null +++ b/main/fields.py @@ -0,0 +1,42 @@ +from django.db import models +from django.core.validators import RegexValidator + + +class PositiveBigIntegerField(models.BigIntegerField): + _south_introspects = True + + def get_internal_type(self): + return "BigIntegerField" + + def formfield(self, **kwargs): + defaults = { 'min_value': 0 } + defaults.update(kwargs) + return super(PositiveBigIntegerField, self).formfield(**defaults) + +class PGPKeyField(models.CharField): + _south_introspects = True + + def __init__(self, *args, **kwargs): + super(PGPKeyField, self).__init__(*args, **kwargs) + self.validators.append(RegexValidator(r'^[0-9A-F]{40}$', + "Ensure this value consists of 40 hex characters.", 'hex_char')) + + def to_python(self, value): + if value == '' or value is None: + return None + value = super(PGPKeyField, self).to_python(value) + # remove all spaces + value = value.replace(' ', '') + # prune prefixes, either 0x or 2048R/ type + if value.startswith('0x'): + value = value[2:] + value = value.split('/')[-1] + # make all (hex letters) uppercase + return value.upper() + + def formfield(self, **kwargs): + # override so we don't set max_length form field attribute + return models.Field.formfield(self, **kwargs) + + +# vim: set ts=4 sw=4 et: diff --git a/main/models.py b/main/models.py index d7780b91..9156fb51 100644 --- a/main/models.py +++ b/main/models.py @@ -1,47 +1,17 @@ from django.db import models from django.db.models.signals import pre_save -from django.core.validators import RegexValidator from django.contrib.auth.models import User from django.contrib.sites.models import Site from django.forms import ValidationError -from main.utils import cache_function, make_choice, set_created_field +from .fields import PositiveBigIntegerField, PGPKeyField +from .utils import cache_function, make_choice, set_created_field from packages.models import PackageRelation from datetime import datetime from itertools import groupby import pytz -class PositiveBigIntegerField(models.BigIntegerField): - _south_introspects = True - - def get_internal_type(self): - return "BigIntegerField" - - def formfield(self, **kwargs): - defaults = {'min_value': 0} - defaults.update(kwargs) - return super(PositiveBigIntegerField, self).formfield(**defaults) - -class PGPKeyField(models.CharField): - _south_introspects = True - - def to_python(self, value): - if value == '' or value is None: - return None - value = super(PGPKeyField, self).to_python(value) - # remove all spaces - value = value.replace(' ', '') - # prune prefixes, either 0x or 2048R/ type - if value.startswith('0x'): - value = value[2:] - value = value.split('/')[-1] - # make all (hex letters) uppercase - return value.upper() - - def formfield(self, **kwargs): - # override so we don't set max_length form field attribute - return models.Field.formfield(self, **kwargs) class UserProfile(models.Model): notify = models.BooleanField( @@ -62,8 +32,6 @@ class UserProfile(models.Model): other_contact = models.CharField(max_length=100, null=True, blank=True) pgp_key = PGPKeyField(max_length=40, null=True, blank=True, verbose_name="PGP key fingerprint", - validators=[RegexValidator(r'^[0-9A-F]{40}$', - "Ensure this value consists of 40 hex characters.", 'hex_char')], help_text="consists of 40 hex digits; use `gpg --fingerprint`") website = models.CharField(max_length=200, null=True, blank=True) yob = models.IntegerField("Year of birth", null=True, blank=True) @@ -85,6 +53,18 @@ class UserProfile(models.Model): verbose_name = 'Additional Profile Data' verbose_name_plural = 'Additional Profile Data' + def get_absolute_url(self): + # TODO: this is disgusting. find a way to consolidate this logic with + # public.views.userlist among other places, and make some constants or + # something so we aren't using copies of string names everywhere. + group_names = self.user.groups.values_list('name', flat=True) + if "Developers" in group_names: + prefix = "developers" + elif "Trusted Users" in group_names: + prefix = "trustedusers" + else: + prefix = "fellows" + return '/%s/#%s' % (prefix, self.user.username) class TodolistManager(models.Manager): def incomplete(self): diff --git a/main/templatetags/pgp.py b/main/templatetags/pgp.py index 67f5e08d..d69e2918 100644 --- a/main/templatetags/pgp.py +++ b/main/templatetags/pgp.py @@ -1,5 +1,7 @@ from django import template from django.conf import settings +from django.utils.html import conditional_escape +from django.utils.safestring import mark_safe register = template.Library() @@ -26,4 +28,15 @@ def pgp_key_link(key_id): values = (url, format_key(key_id), key_id[-8:]) return '<a href="%s" title="PGP key search for %s">0x%s</a>' % values +@register.filter +def pgp_fingerprint(key_id, autoescape=True): + if not key_id: + return u'' + if autoescape: + esc = conditional_escape + else: + esc = lambda x: x + return mark_safe(format_key(esc(key_id))) +pgp_fingerprint.needs_autoescape = True + # vim: set ts=4 sw=4 et: diff --git a/media/archweb.js b/media/archweb.js index 4f098c7d..151d0f81 100644 --- a/media/archweb.js +++ b/media/archweb.js @@ -55,6 +55,19 @@ if (typeof $.tablesorter !== 'undefined') { type: 'numeric' }); $.tablesorter.addParser({ + id: 'epochdate', + is: function(s) { return false; }, + format: function(s, t, c) { + /* TODO: this assumes our magic class is the only one */ + var epoch = $(c).attr('class'); + if (!epoch.indexOf('epoch-') == 0) { + return 0; + } + return epoch.slice(6); + }, + type: 'numeric' + }); + $.tablesorter.addParser({ id: 'longDateTime', re: /^(\d{4})-(\d{2})-(\d{2}) ([012]\d):([0-5]\d)(:([0-5]\d))?( (\w+))?$/, is: function(s) { diff --git a/public/views.py b/public/views.py index 43b46b12..af46e343 100644 --- a/public/views.py +++ b/public/views.py @@ -1,8 +1,3 @@ -from main.models import Arch, Repo, Donor -from mirrors.models import MirrorUrl -from news.models import News -from . import utils - from django.conf import settings from django.contrib.auth.models import User from django.http import Http404 @@ -10,9 +5,14 @@ from django.shortcuts import redirect from django.views.generic import list_detail from django.views.generic.simple import direct_to_template +from devel.models import MasterKey +from main.models import Arch, Repo, Donor +from mirrors.models import MirrorUrl +from news.models import News +from utils import get_recent_updates def index(request): - pkgs = utils.get_recent_updates() + pkgs = get_recent_updates() context = { 'news_updates': News.objects.order_by('-postdate', '-id')[:15], 'pkg_updates': pkgs, @@ -61,4 +61,11 @@ def feeds(request): } return direct_to_template(request, 'public/feeds.html', context) +def keys(request): + context = { + 'keys': MasterKey.objects.select_related('owner', 'revoker', + 'owner__userprofile', 'revoker__userprofile').all(), + } + return direct_to_template(request, 'public/keys.html', context) + # vim: set ts=4 sw=4 et: diff --git a/sitemaps.py b/sitemaps.py index 7718002d..958d1f44 100644 --- a/sitemaps.py +++ b/sitemaps.py @@ -71,10 +71,24 @@ class BaseSitemap(Sitemap): base_viewnames = ( ('index', 1.0, 'hourly'), ('packages-search', 0.8, 'hourly'), - 'page-about', 'page-art', 'page-svn', 'page-devs', 'page-tus', - 'page-fellows', 'page-donate', 'page-download', 'news-list', - 'feeds-list', 'groups-list', 'mirror-list', 'mirror-status', - 'mirrorlist', 'packages-differences', 'releng-test-overview', + ('page-keys', 0.8, 'weekly'), + ('news-list', 0.7, 'weekly'), + ('groups-list', 0.5, 'weekly'), + ('mirror-status', 0.4, 'hourly'), + 'page-about', + 'page-art', + 'page-svn', + 'page-devs', + 'page-tus', + 'page-fellows', + 'page-donate', + 'page-download', + 'feeds-list', + 'mirror-list', + 'mirrorlist', + 'packages-differences', + 'releng-test-overview', + 'visualize-index', ) def items(self): diff --git a/templates/devel/profile.html b/templates/devel/profile.html index b731b3a7..b497a20a 100644 --- a/templates/devel/profile.html +++ b/templates/devel/profile.html @@ -6,7 +6,7 @@ <h2>Developer Profile</h2> - <form id="edit-profile-form" enctype="multipart/form-data" method="post">{% csrf_token %} + <form id="edit-profile-form" enctype="multipart/form-data" method="post" action="">{% csrf_token %} <p><em>Note:</em> This is the public information shown on the developer and/or TU profiles page, so please be appropriate with the information you provide here.</p> diff --git a/templates/packages/signoffs.html b/templates/packages/signoffs.html index 125b3611..c24774a9 100644 --- a/templates/packages/signoffs.html +++ b/templates/packages/signoffs.html @@ -56,7 +56,7 @@ <td>{{ group.target_repo }}</td> <td>{{ group.packager|default:"Unknown" }}</td> <td>{{ group.packages|length }}</td> - <td>{{ group.last_update|date }}</td> + <td class="epoch-{{ group.last_update|date:'U' }}">{{ group.last_update|date }}</td> {% if group.specification.known_bad %} <td class="approval signoff-bad">Bad</td> {% else %} @@ -85,7 +85,7 @@ $(document).ready(function() { $('a.signoff-link').click(signoff_package); $(".results").tablesorter({widgets: ['zebra'], sortList: [[0,0]], - headers: { 7: { sorter: false }, 8: {sorter: false } } }); + headers: { 5: { sorter: 'epochdate' }, 7: { sorter: false }, 8: {sorter: false } } }); $('#signoffs_filter input').change(filter_signoffs); $('#criteria_reset').click(filter_signoffs_reset); // fire function on page load to ensure the current form selections take effect diff --git a/templates/public/index.html b/templates/public/index.html index 188c572f..36bb5484 100644 --- a/templates/public/index.html +++ b/templates/public/index.html @@ -148,6 +148,8 @@ <h4>Development</h4> <ul> + <li><a href="{% url page-keys %}" + title="Package/Database signing master keys">Master Keys</a></li> <li><a href="/packages/" title="View/search the package repository database">Packages</a></li> <li><a href="/groups/" diff --git a/templates/public/keys.html b/templates/public/keys.html new file mode 100644 index 00000000..2e7fcebe --- /dev/null +++ b/templates/public/keys.html @@ -0,0 +1,57 @@ +{% extends "base.html" %} +{% load pgp %} + +{% block title %}Arch Linux - Master Signing Keys{% endblock %} + +{% block content %} +<div id="signing-keys" class="box"> + <h2>Master Signing Keys</h2> + + <p>This page lists the Arch Linux Master Keys. This is a distributed set of + keys that are seen as "official" signing keys of the distribution. Each key + is held by a different developer, and a revocation certificate for the key + is held by a different developer. Thus, no one developer has absolute hold + on any sort of absolute, root trust.</p> + <p>The {{ keys|length }} key{{ keys|pluralize }} listed below should be + regarded as the current set of master keys. They are available on public + keyservers and should be signed by the owner of the key.</p> + <p>All official Arch Linux developers and trusted users should have their + key signed by at least three of these master keys. This is in accordance + with the PGP <em>web of trust</em> concept. If a user is willing to + marginally trust all of the master keys, three signatures from different + master keys will consider a given developer's key as valid. For more + information on trust, please consult the + <a href="http://www.gnupg.org/gph/en/manual.html">GNU Privacy Handbook</a> + and <a href="http://www.gnupg.org/gph/en/manual.html#AEN385">Using trust to + validate keys</a>.</p> + + <table class="pretty2"> + <thead> + <tr> + <th>Master Key</th> + <th>Full Fingerprint</th> + <th>Owner</th> + <th>Owner's Signing Key</th> + <th>Revoker</th> + <th>Revoker's Signing Key</th> + </tr> + </thead> + <tbody> + {% for key in keys %} + <tr> + <td>{% pgp_key_link key.pgp_key %}</td> + <td>{{ key.pgp_key|pgp_fingerprint }}</td> + {% with key.owner.userprofile as owner_profile %} + <td><a href="{{ owner_profile.get_absolute_url }}">{{ key.owner.get_full_name }}</a></td> + <td>{% pgp_key_link owner_profile.pgp_key %}</td> + {% endwith %} + {% with key.revoker.userprofile as revoker_profile %} + <td><a href="{{ revoker_profile.get_absolute_url }}">{{ key.revoker.get_full_name }}</a></td> + <td>{% pgp_key_link revoker_profile.pgp_key %}</td> + {% endwith %} + </tr> + {% endfor %} + </tbody> + </table> +</div> +{% endblock %} @@ -68,6 +68,7 @@ urlpatterns += patterns('public.views', (r'^fellows/$', 'userlist', { 'user_type':'fellows' }, 'page-fellows'), (r'^donate/$', 'donate', {}, 'page-donate'), (r'^download/$', 'download', {}, 'page-download'), + (r'^master-keys/$', 'keys', {}, 'page-keys'), ) # Includes and other remaining stuff |