| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
| |
Django version 1.6 deprecates some of the django.core.management API, so
we need a post-1.4 version.
The semantics with app include paths have changed with this version, so
update the urlconf to use the same path as manage.py.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In situations where SSL is terminated at the load-balancer, we cannot
rely on guessing the scheme based on whether patchwork itself was
accessed via http or https, since the last-leg is always going to be
done over http.
Unfortunately, wrongly using http:// URLs results in unusable
.pwclientrc files, since xmlrpc does not handle http->https redirects
and instead displays a traceback.
This change introduces a FORCE_HTTPS_LINKS option, which forces
pwclientrc links to always return "https" regardless of how the project
itself is accessed.
It appears that the http/https check is currently only used for
generating pwclientrc -- a lot of other places seem to hardcode
"http://" and rely on the server to transparently upgrade the
connection. This is not a secure approach (it allows for MITM and
SSL-Strip attacks) and therefore all places currently hardcoding
http://{{site.domain}} and similar should be switched to using the
"sheme" variable, the same as done for generating pwclientrc files.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Having two views for bundles (public and non-public) can cause confusion
when bundle owners want to share a URL; it's not obvious that the
private URL isn't shareable.
This change removes the private URLs, and puts all bundles under the
/bundle/<username>/<bundlename>/ URL space. For non-public bundles, this
will just 404 for non-owners.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
| |
|
|
|
|
| |
Since django 1.2 auth module is in contrib, not core.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
| |
|
|
|
|
|
| |
The TEMPLATE_LOADERS setting changed in django-1.2. Template loaders are
now based on calsses rather than callables.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
| |
|
|
|
|
| |
This seems to be required for admin updates.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
| |\ |
|
| | |
| |
| |
| |
| |
| | |
Allow a separate From: address for notificaton emails.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a function (patchwork.utils.send_notifications) to process the
PatchChangeNotification queue. We try to group mail to the same sender,
by waiting settings.NOTIFICATION_DELAY_MINUTES to allow other
notifications to arrive.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since we have infrastructure for email confirmations, we no longer need
the separate registration app.
Requires a migration script, which will delete all inactive users,
including those newly added and pending confirmation. Use carefully.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
| |/
|
|
|
|
|
|
|
|
| |
The DATABASE_* settings have been deprecated in django 1.3, replaced by
the multiple-database style format (introduced in 1.2, which patchwork
requires anyway).
This change modifies the default settings.py to use the new format.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
| |
|
|
|
|
|
|
| |
This is so that you don't have to change a dozen variables when you
deploy an instance somewhere other than on /srv/patchwork.
Signed-off-by: Guilherme Salgado <guilherme.salgado@linaro.org>
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Since we've got the csrf token present, we may as well check it for
requests.
We're using RequestContext already (via PatchworkRequestContext), so we
just need to switch it on in the settings, and add an exemption on the
xmlrpc interface.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
| |
|
|
|
|
|
| |
As the 'postgres' engine seems to have been deprecated, use the
postgres_psycopg2 engine instead
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
| |
|
|
|
|
|
|
| |
This requires a new xmlrpc function, 'patch_set'. To do this, we
need HTTP Authentication support, which means changing to a custom
XMLRPC distpatcher that is aware of the Authorization: header.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce a new XML-RPC Patchwork interface inspired by the SOAP
interface from the old Patchwork. The interface itself is fairly
lightweight and generic, and provides read-only access to a limited
subset of the Patchwork database, along with server-side search
and flexible filtering capabilities.
The command line client is modeled after the old one with some
additional filtering options.
The XML-RPC interface is disabled by default. You can enable it
by setting ENABLE_XMLRPC = True in local_settings.py
This feature uses the django-xmlrpc package available from
http://django-xmlrpc.googlecode.com.
Signed-off-by: Nate Case <ncase@xes-inc.com>
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
| |
|
|
|
|
| |
This makes checkouts into a working patchwork site much easier.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
| |
|
|
| |
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
| |
|
|
| |
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
| |
|
|
|
|
|
| |
To do this, we need to allow sucessive requests for the same
confirmation URL.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|
|
|
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
|