Commit Graph

575 Commits

Author SHA1 Message Date
Drew DeVault 4ff9d6d2af fetchTrackersByOwnerName: fix parameter order 2021-09-27 16:05:45 +02:00
Drew DeVault ffe1c9b652 Overhaul default access lists (API) 2021-09-24 08:21:04 +02:00
Drew DeVault d2f57b98c1 Overhaul default access lists (web)
The changes are:

- Introduce a visibility column, similar to git.sr.ht et al
- Consolodate the default access columns into one
2021-09-24 08:21:04 +02:00
Drew DeVault 4521acc3ca tracker: drop subqueryload on ticket query
This was having some bugs where the participant could end up as None in
some unusual cases.
2021-09-17 10:56:07 +02:00
Ivan Habunek 5ee6052e48 Allow sorting by number of comments 2021-09-14 12:40:41 +02:00
Ivan Habunek 87ff71d4af Store ticket comment counts in the database
This saves a query when rendering the tracker page, and allows sorting
by comment count which can be given as a sorting option.
2021-09-14 12:40:41 +02:00
Ivan Habunek 8b056f3d30 Implement sorting in ticket search
By default tickets are sorted by updated DESC, if not otherwise defined.

Sort order is defined by entering `sort:<term>` in the search box where
`<term>` can be one of `updated` or `created`. More terms can be added
later.

Sort order is descending by default, it can be reversed by specifying
`rsort:<term>` instead.
2021-09-14 12:40:40 +02:00
Drew DeVault 6d1d4764dd API: Update core-go 2021-08-25 12:27:31 +02:00
Steven Guikal af6d7ed514 Add aria-labels for comment count and remove button 2021-08-20 10:44:01 +02:00
Drew DeVault 05f566696b events: fix extra spaces in URLs 2021-08-16 19:38:32 +02:00
Sol Fisher Romanoff 790f8e301b Make tracker names match [A-Za-z0-9._-]+
Fixes an issue where "_" could be used as a wildcard in tracker names.
Also prohibits use of '.git' and '.hg' as tracker names.
2021-08-11 09:41:12 +02:00
Drew DeVault f4cb8f8137 .builds/alpine.yml: upgrade to 3.14 2021-08-03 12:31:11 +02:00
Drew DeVault cb9a219e58 Reconfigure relationships to squelch sqla warnings
We only ever create new records/relationships by linking up IDs
explicitly (rather than, say, appending them to a relationship), so we
can safely set viewonly=True on most relationsihps.
2021-07-26 11:21:18 +02:00
Drew DeVault 6aef73b2c7 API: Upgrade core-go 2021-07-21 09:47:11 +02:00
Drew DeVault 1eb91e2ae1 Fix error in trackers by ID query 2021-06-17 12:35:43 -04:00
Drew DeVault 9f4d75f42c Prohibit trackers named . or .. 2021-06-12 11:55:10 -04:00
Drew DeVault dedc26ad97 API: Fix Flask 2.0.x incompatible blueprint names 2021-05-26 10:05:23 -04:00
Drew DeVault 95d7c18b13 emails: fix issues outside of app context 2021-05-19 10:59:03 -04:00
Drew DeVault e087f50a96 Fix extraneous "None" in ticket_comment email 2021-05-18 12:24:11 -04:00
Drew DeVault 4d7cd02bd7 API: Cursor items are non-nullable 2021-05-17 07:31:00 -04:00
Drew DeVault a78ae0fdd6 Replace pystache with string.Template 2021-05-16 16:14:59 -04:00
Drew DeVault 395c3a6c48 API: clarify schema license 2021-03-25 09:08:47 -04:00
Mark Dain aa6a984704 Identify JavaScript as AGPL-3.0-only for LibreJS
This commit introduces LibreJS compatible `@license' blocks as per
https://www.gnu.org/software/librejs/free-your-javascript.html

The magnet URI can be opened in a BitTorrent client to retrieve a copy
of the GNU AGPL 3.0 license. Section 3.2.2.1 from the above link has
a list of magnet URIs for various free software licenses.
2021-03-24 08:03:27 -04:00
Drew DeVault c69656bbe2 API: trackers: fix cursor 2021-03-22 12:31:45 -04:00
Nguyễn Gia Phong fc40d2a18e Specify color for label link inside event
This unoverride the link color set for .event a:not(.btn),
which I couldn't find where it's defined.  AFAIK, affected pages
include specific tickets and users' overview.
2021-03-20 08:43:25 -04:00
Drew DeVault 06a8eb3ae6 .builds/alpine: restart API 2021-03-08 11:13:29 -05:00
Drew DeVault 09e8425818 API: fix ACL field for trackerByName 2021-03-08 11:12:48 -05:00
Drew DeVault b779e21822 Fix use of relative URLs in "closed tickets" links 2021-03-01 08:57:57 -05:00
Drew DeVault 533ca5c4d5 todosrht-lmtp: fix error reason selection 2021-02-28 08:39:10 -05:00
Drew DeVault f40fbb7f7d API: update core-go 2021-02-27 15:28:47 -05:00
Armin Weigl 72c9a57a73 api: fix SupersededBy 2021-02-25 12:42:57 -05:00
Drew DeVault eed9fe1752 API: Add email queue 2021-02-25 10:39:17 -05:00
Drew DeVault b5b4fbd983 GraphQL: update example query 2021-02-25 10:19:30 -05:00
Drew DeVault d5db6a05e9 Import GQL blueprint from srht 2021-02-25 10:16:12 -05:00
Drew DeVault 42bd96641f Fix error in setup.py 2021-02-25 10:12:24 -05:00
Drew DeVault 9159cbc545 Add Python riggings for GraphQL API 2021-02-25 10:04:22 -05:00
Drew DeVault 6f99ef1660 API: correct SQL query parameters in tracker fetch 2021-02-22 10:44:19 -05:00
Drew DeVault 4dc65f6393 API: typo fix 2021-02-22 09:58:49 -05:00
Drew DeVault 1e9e268d25 API: lock down some transitive resovlers 2021-02-22 09:51:14 -05:00
Drew DeVault 0473a7e73f gofmt 2021-02-22 08:59:18 -05:00
David Florness 6efba83e54 Only care about the mail handler's sock-group when using LMTP
The "not None" logic was copied from listssrht:
372eda06cb/item/listssrht-lmtp (L349-352)
2021-02-22 08:58:48 -05:00
Drew DeVault 837d887647 API: rig up tracker { acl } 2021-02-19 10:52:31 -05:00
Drew DeVault 01df69ef46 API: more ACL riggings 2021-02-16 14:20:46 -05:00
Drew DeVault 56881ae3e4 API: basic ACL riggings 2021-02-16 14:17:52 -05:00
Drew DeVault cccc0c0ea6 API: rig up tracker { subscription } 2021-02-16 10:06:56 -05:00
Drew DeVault 78b187bb75 API: implement ticket { subscription } 2021-02-16 10:04:26 -05:00
Drew DeVault f518bf2904 API: ticket { title, description } => { subject, body } 2021-02-16 09:21:41 -05:00
Drew DeVault 655aafa25e API: Rename CommentsByID => CommentsByIDUnsafe
Because this function makes no attempt at verifying that the user is
permitted to view this comment, and it's the caller's responsibility to
verify that.
2021-02-16 09:14:34 -05:00
Drew DeVault b82659cd0b API: expand tracker access controls 2021-02-15 11:54:11 -05:00
Drew DeVault aa68b89863 API: rig up user trackers 2021-02-15 11:14:48 -05:00