GitWeb requires authenticated access if there are no public
repositories left.
1. Create a public repository
2. Delete the repository (i.e. delete the last/only repository)
3. GitWeb app shows as disabled, but is still usable
4. If another repository is created, the app becomes enabled again
Not considering the component GitwebWebserverAuth when determining
whether the app is enabled or disabled.
This commit fixes the status shown in the configuration page, but keeps
the authentication requirement if there are no public repositories.
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
This prevents logging usernames and passwords to the journal logs and to the
Git repo configuration. Also, avoids usernames and passwords appear in the
process list when cloning a repository.
Tests performed:
- Create a new repository by cloning an existing repository URL with basic
auth credentials. Check that:
- Cloning succeeds.
- Journal logs don't contain URLs with credential info.
- The configuration of the cloned repository doesn't contain credential info.
- Try to clone a non-existing repository URL that contains credential
info. Cloning fails and there are no credential info in the journal logs.
- Cloning a public git repository without credential info succeeds.
- All the gitweb module tests pass.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
[sunil: Add/fix some more type hints]
[sunil: Add tests for URL parsing]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Instead implement running specific commands inside the privileged action as a
specific user.
Tests:
- Gitweb functional tests and unit tests work.
- Running various operations such as clone, create, set branch, rename, etc. all
result in repositories (and all their contents) owned by www-data:www-data.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@riseup.net>
Tests:
- Existing gitweb repos are listed properly. Newly created repos are reported
properly.
- Directories without .git extension or starting with . are not shown.
- Private repos are shown as private and public ones as public.
- Cloning progress is shown properly in the list of repos.
- Cloning starts with 0%.
- Cloning file is removed after completion of cloning process.
- Cloning is done into .temp directory.
- After cloning repo can be checked out as expected.
- Getting/setting of default branch/description/owner/private works.
- Getting the list of branches work when selecting the default branch.
- Creating new blank repo works.
- Deleting a repo works
- Uninstalling the app works. All repos are removed.
- Retrieving non-existent repo shows error as expected
- Backup/restore of repos works as expected.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@riseup.net>
- Add typing information for init methods Info, Shortcut, and Menu to easily
identify problems.
- Update docstrings for these components.
- Updates test cases to deal with tags instead of short description.
- Update custom shortcuts code to read tags and ignore short description.
- Update API to send tags instead of custom shortcuts.
- OpenVPN special treatment of info.description in Shortcut
Tests:
- All unit tests pass and type checking succeeds.
- All apps show icons with tags in apps and system section.
- In help section cards don't show tags.
- In front page, enabled apps show shortcuts with tags.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@riseup.net>
Fixes#2460
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
[sunil: Update the style to provide spacing after tags lines]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Add tags to Info component of apps. Use only English tags for all operations.
Localized tags are used for presentation to the user only. Add tags to all the
apps. Conventions (English):
1. Tags describing use cases should be in kebab case.
2. Protocols in tag names should be in their canonical format.
3. Tags needn't be 100% technically correct. This can get in the way of
comparing apps using a tag. Words that describe use cases that users can
easily understand should be preferred over being pedantic.
4. Tags should be short, ideally not more than 2 words. Avoid conjunctions
like "and", "or" in tags.
5. Avoid redundant words like "server", or "web-clients". Most apps on
FreedomBox are either servers or web clients.
6. Keep your nouns singular in tags.
- Use query
params to filter the Apps page by tags. When all tags are removed, redirect to /apps.
- Add UI elements to add and remove tag filters in the Apps page. Make the UI
similar to GitLab issue tags. Since there are 40 apps, there will be at least 40
tags. Selecting a tag from a dropdown will be difficult on mobile devices. A
fuzzy search is useful to find tags to add to the filter. Allow user to find the
best match for the search term and highlight it visually. The user can then
press Enter to select the highlighted tag. Make tag search case-insensitive.
Make the dropdown menu scrollable with a fixed size. User input is debounced by
300 ms during search.
- tests: Add missing mock in test_module_loader.py
- Add functional tests
[sunil]
- 'list' can be used instead of 'List' for typing in recent Python versions.
- Reserve tripe-quoted strings for docstrings.
- Undo some changes in module initialization, use module_name for logging
errors.
- isort and yapf changes.
- Encode parameters before adding them to the URL.
Tests:
- Tested the functionality of filtering by tag with one tag and two tags.
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- This is so that the methods will be checked by mypy. This should help identify
any incorrect initialization of components.
- Remove unused self.repos in GitwebApp.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Fixes#2408.
- When app is disabled, continue to update the app shortcut's login required
property. Otherwise, the value is current after the app is re-enabled.
- When public access is enabled, the gitweb-freedombox-auth.conf configuration
must be disabled. This can be done even if the configuration is already disabled
or does not exist. So, continue doing this.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
[sunil: Perform enable public access even if app is disabled]
[sunil: Perform shortcut update in all cases even if app is disabled]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Tests:
- Rerun setup after disabling the app. App is not enabled.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
When gitweb is installed and not enabled without any public repos, the
post_inst() method tries to enable gitweb-freedombox-auth.conf apache2
configuration. Due to new approach of symlinking configuration files only when
needed, the file is not found and startup of freedombox service fails.
Fix it by making sure that gitweb auth configuration is only enabled when app
itself is enabled.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Tests:
- Config files are all symlinks /etc/
- Configuration file is effective
- Web interface works
- Web interface authentication works
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
The older code is likely before the card approach was implemented and cached copy
had to updated. It is no longer needed as the shortcuts are not filtered based
on login required property in the template code.
Tests:
- When public visibility is enabled/disabled shortcut is properly shown on the
frontpage.
- When restarting the service the public visibility properly dictates whether
shortcut is show properly.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Fixes#2306.
Tested that all the gitweb tests pass in Debian stable and testing
containers.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Tests:
- Functions tests work
- Initial setup works
- Global default branch is set to 'main'
- Creating an repository works
- Cloning a repository works
- Progress is shown on the app page
- List of repositories is shown properly in the app page
- Deleting a repo works
- Editing a repository works
- Repository information is shown properly in the form
- Renaming a repository
- Setting description
- Setting owner
- Setting a repository private/public
- Setting default branch (list of branches is shown properly)
- Error is thrown properly when a remote repository does not exist
- Errors are handled properly when creating/editing/deleting repo
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
module.app property usage is greatly reduced because setup() and force_upgrade()
method are now part of App class instead of at the module level. Remove the
remaining minor cases of usage and drop the property altogether.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Primary purpose is to complete the App API and allow for multiple apps to be
present in a module without a single clashing setup() method. Secondary
objective is to get rid of SetupHelper instance simple use App instance instead.
- This brings us closer to not needing to implement setup() method for some of
the typical apps.
- Remove default value None for old_version parameter.
- A valid integer value is always passed to this call.
- The value of None is undefined.
- Simplifies the App API slightly.
- Drop setting 'pre', 'post' values to indicate the stage of setup for the App.
- Simplifies the setup methods significantly. Eliminates a class of
bugs (some of them seen earlier).
- The UI can show a simple 'installing...' or progress spinner instead of
individual stages.
- There are currently many inconsistencies where many operations are not
wrapped in helper.call() calls.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
I tested additionally that if the root user has already configured
default branch other than main, it is not changed by the gitweb app
setup process.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This is recommended by PEP-0597: https://peps.python.org/pep-0597/
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Implemented within the backup component. Scope for implementing database
backup/restore in similar way.
- Add new 'settings' key in the backup manifest to allow keys to backed up and
restored.
- Implement by dumping/loading settings from DB into the file.
Tests:
- Unit tests.
- Backup/restore tests for dynamicdns workss.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- For zoph, drop dependency on php7.4 as it will cause issues for future
versions of php. The dependency was a hack and not needed for Bullseye and
higher.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- When a public repo is added, upon startup, the front page shortcut is shown.
- When all public repos are removed, upon startup, the front page shortcut is
not shown.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
[sunil: isort all files]
[sunil: Remove component in datetime component as managed_packages is empty]
[sunil: Minor refactor in minidlna for consistency]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- ugettext functions will be removed in Django 4.0. Each use emits a warning
when running with Django 3.2. Since we have warnings enabled in developer mode,
we see quite a few messages because of this.
- ugettext is already a simple alias of gettext. So, no regressions are
expected.
Tests:
- Accessing an affected app in UI with Django 3.2 and Django 2.2 works fine.
- Using Django 3.2 there are no warnings related to removal of ugettext
functions.
- Ran regular unit tests.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Now it is possible to change default branch when editing a repository.
Gitweb site shows default branch as a main branch and the 'git clone'
command checks out to default branch.
Added unit and functional tests. Splitted one large 'test_actions'
into multiple tests.
Tests performed:
- All gitweb unit and functional tests pass.
- Created a repository from a remote repository which has default
branch other than master. Confirmed that the 'Edit repository'
page shows correct branch and gitweb site shows this branch as
a default branch
Closes#1925
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
* Fixes the gitweb app initalization when there are no public
repositories and the apache2 configuration gitweb-freedombox-auth has
not been enabled before (this may happen when the git repositories or
apache2 configuration has been modified outside the plinth web UI).
* Fix comment in the gitweb-freedombox-auth.conf apache2 configuration
file.
Fixes#1928
Tests performed:
* The gitweb app unit and functional tests pass.
* Configured all gitweb repositories as private. Stopped the plinth
service. Disabled the apache2 configuration gitweb-freedombox-auth.
Then starting the plinth service succeeds and gitweb-freedombox-auth
configuration gets enabled.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Joseph Nuthalapati <njoseph@riseup.net>
- Handle groups needed by an app.
- Handle reserved usernames for an app.
- Updated documentation
- Updated unit tests
Tests performed:
- Reserved usernames: ez-ipupd, ejabberd, Debian-minetest, mldonkey,
monkeysphere, mumble-server, privoxy, quasselcore, radicale, debian-tor,
debian-transmission
- Reserved usernames checks should work in the following forms:
- Create user
- Update user
- First boot user creation
- Full list of available groups should appear in following cases:
- Create user form
- Update user form
- Full list of groups should get created in Django DB during:
- Update user form display
- First boot form save
- When updating the last admin user, the 'admin' group choice is checked
and disabled.
- Following groups show up (sorted by group name):
- bit-torrent: Download files using BitTorrent applications
- git-access: Read-write access to Git repositories
- i2p: Manage I2P application
- wiki: View and edit wiki applications
- minidlna: Media streaming server
- ed2k: Download files using eDonkey applications
- freedombox-share: Access to the private shares
- web-search: Search the web
- syncthing: Administer Syncthing application
- feed-reader: Read and subscribe to news feeds
- admin: Access to all services and system settings
- Directory validation form checks for write permissions for following apps:
- deluge with debian-deluged user
- transmission with debian-transmission user
- Sharing app should show all the groups in add/edit share forms
- The following apps should get added to share group during setup:
debian-transmission
debian-deluged
- Unit tests pass
- Functional tests for users and groups pass
- Test that an app (example syncthing) provides the necessary
permissions to users in that group (but not in admin group).
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
[sunil: Fix i18n of group descriptions]
[sunil: Update developer documentation]
[sunil: Separate out cosmetic changes]
[sunil: Fix component ID for mumble]
[sunil: sharing: Remove unneeded dependency on users app]
[sunil: Implement better API for getting groups in component]
[sunil: Fix incorrect regression change ttrss app]
[sunil: Make iterating over gourps more readable]
[sunil: Improve tests, drop single use fixtures]
[sunil: Simplify test_view.py fixture]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Tested-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Remove the need to pass all the individual information elements to the AppView
separately. This eliminates many issues with elements that were mistakenly not
sent to AppView. Also reduces a lot of code duplication.
- Create App classes for power and sso for consistency.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- add and use "icon_filename" property to almost all of the modules
being displayed in the apps page
- sharing and tor modules do not seem to be using setup.html template
file and so the variable is not added to their __init__.py files,
therefore the icon will not be displayed on these app pages.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Allow to enter either name or URL when creating repository
- Validate a repository URL, allow only http and https schemes
- Set autocomplete off on the name/URL field because URL may contain
username:password
- Check whether the repository actually exists before cloning
- Show progress info while cloning
- Actions script: new subcommand check-repo-exists and new arguments
for the create-repo: --url, --prepare-only and --skip-prepare
- Add test for invalid URLs
Closes#1670
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
[sunil: Fix validating repo name in edit form]
[sunil: Don't pipe stdin of clone process, it may lead to a hang]
[sunil: Always run clone process with 'C' locale since we are parsing output]
[sunil: Cosmetic changes]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Otherwise, if the backup contains public repos and state before backup is all
private repos, then gitweb interface is not available publicly after restore.
Similar case happens when all restore repos are private and state before that
contains a public repos.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- after enabling application, do not enable Apache auth configuration
if a public repository exist.
Closes#1669
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Since Wiki Commons and Icons project seems to be referring to each other for
license about the git icon, point to the upstream git as source for copyright.
- Rename the is_running() method so that it won't clash with the semantics of
is_running method in other components.
- Fix incorrect call to have_public_repos() in is_enabled() method for gitweb
auth configuration.
- Use {{ block.super }} to avoid repeating inherited block.
- Send the repository data as context data rather than form data in AppView.
This seems more appropriate.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
