- Handle groups needed by an app.
- Handle reserved usernames for an app.
- Updated documentation
- Updated unit tests
Tests performed:
- Reserved usernames: ez-ipupd, ejabberd, Debian-minetest, mldonkey,
monkeysphere, mumble-server, privoxy, quasselcore, radicale, debian-tor,
debian-transmission
- Reserved usernames checks should work in the following forms:
- Create user
- Update user
- First boot user creation
- Full list of available groups should appear in following cases:
- Create user form
- Update user form
- Full list of groups should get created in Django DB during:
- Update user form display
- First boot form save
- When updating the last admin user, the 'admin' group choice is checked
and disabled.
- Following groups show up (sorted by group name):
- bit-torrent: Download files using BitTorrent applications
- git-access: Read-write access to Git repositories
- i2p: Manage I2P application
- wiki: View and edit wiki applications
- minidlna: Media streaming server
- ed2k: Download files using eDonkey applications
- freedombox-share: Access to the private shares
- web-search: Search the web
- syncthing: Administer Syncthing application
- feed-reader: Read and subscribe to news feeds
- admin: Access to all services and system settings
- Directory validation form checks for write permissions for following apps:
- deluge with debian-deluged user
- transmission with debian-transmission user
- Sharing app should show all the groups in add/edit share forms
- The following apps should get added to share group during setup:
debian-transmission
debian-deluged
- Unit tests pass
- Functional tests for users and groups pass
- Test that an app (example syncthing) provides the necessary
permissions to users in that group (but not in admin group).
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
[sunil: Fix i18n of group descriptions]
[sunil: Update developer documentation]
[sunil: Separate out cosmetic changes]
[sunil: Fix component ID for mumble]
[sunil: sharing: Remove unneeded dependency on users app]
[sunil: Implement better API for getting groups in component]
[sunil: Fix incorrect regression change ttrss app]
[sunil: Make iterating over gourps more readable]
[sunil: Improve tests, drop single use fixtures]
[sunil: Simplify test_view.py fixture]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Tested-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
If at least one related service/daemon is not running, show the alert if app
is enabled, otherwise set alert as hidden (for functional tests).
Closes#1752
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
[sunil: Minor code simplification in app template, status section]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Remove the need to pass all the individual information elements to the AppView
separately. This eliminates many issues with elements that were mistakenly not
sent to AppView. Also reduces a lot of code duplication.
- Create App classes for power and sso for consistency.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Reuse the app_id already available to the view.
- Implement automatically detecting if an app has implemented diagnostics.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- move header section to it's own file so that it can be imported across
the app (app.html, simple_app.html, setup.html)
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- add and use "icon_filename" property to almost all of the modules
being displayed in the apps page
- sharing and tor modules do not seem to be using setup.html template
file and so the variable is not added to their __init__.py files,
therefore the icon will not be displayed on these app pages.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Also make it the default button rather than primary button to avoid multiple
primary buttons in the page.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Allow to enter either name or URL when creating repository
- Validate a repository URL, allow only http and https schemes
- Set autocomplete off on the name/URL field because URL may contain
username:password
- Check whether the repository actually exists before cloning
- Show progress info while cloning
- Actions script: new subcommand check-repo-exists and new arguments
for the create-repo: --url, --prepare-only and --skip-prepare
- Add test for invalid URLs
Closes#1670
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
[sunil: Fix validating repo name in edit form]
[sunil: Don't pipe stdin of clone process, it may lead to a hang]
[sunil: Always run clone process with 'C' locale since we are parsing output]
[sunil: Cosmetic changes]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
This prevents writing to an arbitrary directory if running actions script
as a root user.
- Included tests for invalid names
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
[sunil@medhas.org Parametrize the test case]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
On the Gitweb site, links that end with /HEAD (for example menu links after
selecting 'tree' on the front page) are mistakenly redirected
to the git-http-backend cgi script and an empty page is shown to the user.
Modified Apache2 ScriptAliasMatch regex so that git-http-backend services get
redirected only if they immediately follow repository's name path component.
Links on Gitweb site have additional action component before /HEAD and those
will be handled by the gitweb cgi script.
The relevant git-http-backend source:
https://repo.or.cz/git/debian.git/blob/refs/tags/v2.20.1:/http-backend.c#l706
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Otherwise, if the backup contains public repos and state before backup is all
private repos, then gitweb interface is not available publicly after restore.
Similar case happens when all restore repos are private and state before that
contains a public repos.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- add eleven functional tests
- gitweb_configure.html template: add id to the repository list element
to distinct it better.
Closes#1668
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- after enabling application, do not enable Apache auth configuration
if a public repository exist.
Closes#1669
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
When using git-http-backend, both URLs ending with and without .git are allowed.
However, access restriction has only be applied for URLs ending with .git. This
means that private git repositories are clone-able by anonymous users by
removing the .git suffix in the URLs.
Fix the issue by extending the access restriction to cover URLs not ending with
.git.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Remove cancel button in favor of back button.
- In create/edit form, make the form full width to make it consistent with other
forms. The styling for all the forms can be changed together, if desired.
- Remove dead HTML code outside block context in inherited template.
- Add missing 'list-group' parent for repository list as suggested by bootstrap.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Since Wiki Commons and Icons project seems to be referring to each other for
license about the git icon, point to the upstream git as source for copyright.
- Rename the is_running() method so that it won't clash with the semantics of
is_running method in other components.
- Fix incorrect call to have_public_repos() in is_enabled() method for gitweb
auth configuration.
- Use {{ block.super }} to avoid repeating inherited block.
- Send the repository data as context data rather than form data in AppView.
This seems more appropriate.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
