Fix web hooks updating deleted packages

This commit is contained in:
rubenwardy 2023-03-18 14:22:39 +00:00
parent 32f353af8f
commit 7eca06a097
5 changed files with 16 additions and 14 deletions

@ -23,7 +23,7 @@ from flask import redirect, url_for, request, flash, jsonify, current_app
from flask_login import current_user from flask_login import current_user
from sqlalchemy import func, or_, and_ from sqlalchemy import func, or_, and_
from app import github, csrf from app import github, csrf
from app.models import db, User, APIToken, Package, Permission, AuditSeverity from app.models import db, User, APIToken, Package, Permission, AuditSeverity, PackageState
from app.utils import abs_url_for, addAuditLog, login_user_set_active from app.utils import abs_url_for, addAuditLog, login_user_set_active
from app.blueprints.api.support import error, api_create_vcs_release from app.blueprints.api.support import error, api_create_vcs_release
import hmac, requests import hmac, requests
@ -89,13 +89,14 @@ def webhook():
# Get package # Get package
github_url = "github.com/" + json["repository"]["full_name"] github_url = "github.com/" + json["repository"]["full_name"]
package = Package.query.filter(Package.repo.ilike("%{}%".format(github_url))).first() package = Package.query.filter(
Package.repo.ilike("%{}%".format(github_url)), Package.state != PackageState.DELETED).first()
if package is None: if package is None:
return error(400, "Could not find package, did you set the VCS repo in CDB correctly? Expected {}".format(github_url)) return error(400, "Could not find package, did you set the VCS repo in CDB correctly? Expected {}".format(github_url))
# Get all tokens for package # Get all tokens for package
tokens_query = APIToken.query.filter(or_(APIToken.package==package, tokens_query = APIToken.query.filter(or_(APIToken.package==package,
and_(APIToken.package==None, APIToken.owner==package.author))) and_(APIToken.package.is_(None), APIToken.owner==package.author)))
possible_tokens = tokens_query.all() possible_tokens = tokens_query.all()
actual_token = None actual_token = None

@ -19,7 +19,7 @@ from flask import Blueprint, request, jsonify
bp = Blueprint("gitlab", __name__) bp = Blueprint("gitlab", __name__)
from app import csrf from app import csrf
from app.models import Package, APIToken, Permission from app.models import Package, APIToken, Permission, PackageState
from app.blueprints.api.support import error, api_create_vcs_release from app.blueprints.api.support import error, api_create_vcs_release
@ -28,7 +28,8 @@ def webhook_impl():
# Get package # Get package
gitlab_url = json["project"]["web_url"].replace("https://", "").replace("http://", "") gitlab_url = json["project"]["web_url"].replace("https://", "").replace("http://", "")
package = Package.query.filter(Package.repo.ilike("%{}%".format(gitlab_url))).first() package = Package.query.filter(
Package.repo.ilike("%{}%".format(gitlab_url)), Package.state != PackageState.DELETED).first()
if package is None: if package is None:
return error(400, return error(400,
"Could not find package, did you set the VCS repo in CDB correctly? Expected {}".format(gitlab_url)) "Could not find package, did you set the VCS repo in CDB correctly? Expected {}".format(gitlab_url))

@ -131,7 +131,7 @@ def tags():
only_no_tags = isYes(request.args.get("no_tags")) only_no_tags = isYes(request.args.get("no_tags"))
if only_no_tags: if only_no_tags:
query = query.filter(Package.tags==None) query = query.filter(Package.tags.is_(None))
tags = Tag.query.order_by(db.asc(Tag.title)).all() tags = Tag.query.order_by(db.asc(Tag.title)).all()
@ -307,7 +307,7 @@ def mtver_support():
current_stable = MinetestRelease.query.filter(~MinetestRelease.name.like("%-dev")).order_by(db.desc(MinetestRelease.id)).first() current_stable = MinetestRelease.query.filter(~MinetestRelease.name.like("%-dev")).order_by(db.desc(MinetestRelease.id)).first()
query = db.session.query(Package) \ query = db.session.query(Package) \
.filter(~Package.releases.any(or_(PackageRelease.max_rel==None, PackageRelease.max_rel == current_stable))) \ .filter(~Package.releases.any(or_(PackageRelease.max_rel.is_(None), PackageRelease.max_rel == current_stable))) \
.filter(Package.state == PackageState.APPROVED) .filter(Package.state == PackageState.APPROVED)
if is_mtm_only: if is_mtm_only:

@ -109,9 +109,9 @@ class QueryBuilder:
if self.version: if self.version:
releases_query = releases_query \ releases_query = releases_query \
.filter(or_(PackageRelease.min_rel_id == None, .filter(or_(PackageRelease.min_rel_id.is_(None),
PackageRelease.min_rel_id <= self.version.id)) \ PackageRelease.min_rel_id <= self.version.id)) \
.filter(or_(PackageRelease.max_rel_id == None, .filter(or_(PackageRelease.max_rel_id.is_(None),
PackageRelease.max_rel_id >= self.version.id)) PackageRelease.max_rel_id >= self.version.id))
return releases_query.all() return releases_query.all()
@ -173,16 +173,16 @@ class QueryBuilder:
query = query.filter(Package.media_license.has(License.is_foss == True)) query = query.filter(Package.media_license.has(License.is_foss == True))
if self.hide_wip: if self.hide_wip:
query = query.filter(or_(Package.dev_state == None, Package.dev_state != PackageDevState.WIP)) query = query.filter(or_(Package.dev_state.is_(None), Package.dev_state != PackageDevState.WIP))
if self.hide_deprecated: if self.hide_deprecated:
query = query.filter(or_(Package.dev_state == None, Package.dev_state != PackageDevState.DEPRECATED)) query = query.filter(or_(Package.dev_state.is_(None), Package.dev_state != PackageDevState.DEPRECATED))
if self.version: if self.version:
query = query.join(Package.releases) \ query = query.join(Package.releases) \
.filter(PackageRelease.approved == True) \ .filter(PackageRelease.approved == True) \
.filter(or_(PackageRelease.min_rel_id == None, .filter(or_(PackageRelease.min_rel_id.is_(None),
PackageRelease.min_rel_id <= self.version.id)) \ PackageRelease.min_rel_id <= self.version.id)) \
.filter(or_(PackageRelease.max_rel_id == None, .filter(or_(PackageRelease.max_rel_id.is_(None),
PackageRelease.max_rel_id >= self.version.id)) PackageRelease.max_rel_id >= self.version.id))
return query return query

@ -27,7 +27,7 @@ from app.tasks import celery
def delete_inactive_users(): def delete_inactive_users():
threshold = datetime.datetime.now() - datetime.timedelta(hours=5) threshold = datetime.datetime.now() - datetime.timedelta(hours=5)
users = User.query.filter(User.is_active == False, User.packages == None, User.forum_topics == None, users = User.query.filter(User.is_active == False, User.packages.is_(None), User.forum_topics.is_(None),
User.created_at <= threshold, User.rank == UserRank.NOT_JOINED).all() User.created_at <= threshold, User.rank == UserRank.NOT_JOINED).all()
for user in users: for user in users:
db.session.delete(user) db.session.delete(user)