Fix edit audit log entries being created for no changes

This commit is contained in:
rubenwardy 2024-08-26 11:53:13 +01:00
parent 1166cca357
commit 9aa8886309
3 changed files with 15 additions and 8 deletions

@ -112,9 +112,9 @@ def api_edit_package(token: APIToken, package: Package, data: dict, reason: str
reason += ", token=" + token.name reason += ", token=" + token.name
package = guard(do_edit_package)(token.owner, package, False, False, data, reason) was_modified = guard(do_edit_package)(token.owner, package, False, False, data, reason)
return jsonify({ return jsonify({
"success": True, "success": True,
"package": package.as_dict(current_app.config["BASE_URL"]) "package": package.as_dict(current_app.config["BASE_URL"]),
"was_modified": was_modified,
}) })

@ -80,7 +80,7 @@ curl -X DELETE https://content.minetest.net/api/delete-token/ \
* GET `/api/packages/<username>/<name>/` (Read) * GET `/api/packages/<username>/<name>/` (Read)
* PUT `/api/packages/<author>/<name>/` (Update) * PUT `/api/packages/<author>/<name>/` (Update)
* Requires authentication. * Requires authentication.
* JSON dictionary with any of these keys (all are optional, null to delete Nullables): * JSON object with any of these keys (all are optional, null to delete Nullables):
* `type`: One of `GAME`, `MOD`, `TXP`. * `type`: One of `GAME`, `MOD`, `TXP`.
* `title`: Human-readable title. * `title`: Human-readable title.
* `name`: Technical name (needs permission if already approved). * `name`: Technical name (needs permission if already approved).
@ -99,7 +99,11 @@ curl -X DELETE https://content.minetest.net/api/delete-token/ \
* `video_url`: URL to a video. * `video_url`: URL to a video.
* `donate_url`: URL to a donation page. * `donate_url`: URL to a donation page.
* `translation_url`: URL to send users interested in translating your package. * `translation_url`: URL to send users interested in translating your package.
* `game_support`: Array of game support information objects. Not currently documented, as subject to change. * `game_support`: Array of game support information objects. Not currently documented,
* Returns a JSON object with:
* `success`
* `package`: updated package
* `was_modified`: bool, whether anything changed
* GET `/api/packages/<username>/<name>/for-client/` * GET `/api/packages/<username>/<name>/for-client/`
* Similar to the read endpoint, but optimised for the Minetest client * Similar to the read endpoint, but optimised for the Minetest client
* `long_description` is given as a hypertext object, see `/hypertext/` below. * `long_description` is given as a hypertext object, see `/hypertext/` below.

@ -107,7 +107,7 @@ def validate(data: dict):
def do_edit_package(user: User, package: Package, was_new: bool, was_web: bool, data: dict, def do_edit_package(user: User, package: Package, was_new: bool, was_web: bool, data: dict,
reason: str = None): reason: str = None) -> bool:
if not package.check_perm(user, Permission.EDIT_PACKAGE): if not package.check_perm(user, Permission.EDIT_PACKAGE):
raise LogicError(403, lazy_gettext("You don't have permission to edit this package")) raise LogicError(403, lazy_gettext("You don't have permission to edit this package"))
@ -192,9 +192,11 @@ def do_edit_package(user: User, package: Package, was_new: bool, was_web: bool,
raise LogicError(400, "Unknown warning: " + warning_id) raise LogicError(400, "Unknown warning: " + warning_id)
package.content_warnings.append(warning) package.content_warnings.append(warning)
was_modified = was_new
if not was_new: if not was_new:
after_dict = package.as_dict("/") after_dict = package.as_dict("/")
diff = diff_dictionaries(before_dict, after_dict) diff = diff_dictionaries(before_dict, after_dict)
was_modified = len(diff) > 0
if reason is None: if reason is None:
msg = "Edited {}".format(package.title) msg = "Edited {}".format(package.title)
@ -208,6 +210,7 @@ def do_edit_package(user: User, package: Package, was_new: bool, was_web: bool,
severity = AuditSeverity.NORMAL if user in package.maintainers else AuditSeverity.EDITOR severity = AuditSeverity.NORMAL if user in package.maintainers else AuditSeverity.EDITOR
add_audit_log(severity, user, msg, package.get_url("packages.view"), package, json.dumps(diff, indent=4)) add_audit_log(severity, user, msg, package.get_url("packages.view"), package, json.dumps(diff, indent=4))
if was_modified:
db.session.commit() db.session.commit()
return package return was_modified