catalinux / rocketgit (public) (License: Affero GPLv3) (since 2015-03-19) (hash sha1)
Main RocketGit repo
Clone URLs: https://rocketgit.com/user/catalinux/rocketgit ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit git://git.rocketgit.com/user/catalinux/rocketgit
v0.0 v0.1 v0.10 v0.11 v0.12 v0.13 v0.14 v0.15 v0.17 v0.18 v0.19 v0.2 v0.20 v0.21 v0.22 v0.23 v0.24 v0.25 v0.27 v0.28 v0.29 v0.31 v0.32 v0.33 v0.34 v0.35 v0.36 v0.38 v0.39 v0.40 v0.41 v0.42 v0.43 v0.44 v0.45 v0.46 v0.47 v0.48 v0.49 v0.50 v0.51 v0.52 v0.53 v0.54 v0.55 v0.56 v0.57 v0.58 v0.60 v0.61 v0.62 v0.63 v0.64 v0.65 v0.66 v0.67 v0.68 v0.69 v0.70 v0.71 v0.72 v0.73 v0.77 v0.78 group1/branch1 group2/subgroup1/branch2 main master release
List of commits:
Subject Hash Author Date (UTC)
Fixed delete account op 4157f88a19d1b24934743d0193755a6dc3f98c13 Catalin(ux) M. BOIE 2023-06-14 17:10:22
Render readme files on the project page a8c09adb1bceed31f8070386158561b06470a98f Catalin(ux) M. BOIE 2023-06-14 17:09:17
Added rg_sid global variable to simplify the function calling 0047908fcd2ed0302a826487ddd15ca2579a9a83 Catalin(ux) M. BOIE 2023-06-14 17:06:39
Removed delta support for rpms because Fedora will remove it 2c26be90f4bc08a06ab03ab016e9ccaa843780e5 Catalin(ux) M. BOIE 2023-05-03 05:04:40
Added first payments option; fixes all around 7102aed9f239d529723799171553e8c4bd018440 Catalin(ux) M. BOIE 2023-05-02 22:36:28
Fixed a nasty typo in the build system; doc update; cosmetic 1934732b297d6476be7954fabdcaf9eb87678f5e Catalin(ux) M. BOIE 2022-12-21 12:51:53
Send client features to the builder dcf648353662409b9e39a422228ddb6a7c43358c Catalin(ux) M. BOIE 2022-12-21 11:10:00
Add support for SHA-256 git repos 8b88927d353c7b588909d0b1220c8922b32129c0 Catalin(ux) M. BOIE 2022-12-21 11:03:19
Look-up pkg_repo using pkg_repo uid f2b188b8cb151c376d8ee8c81f8e82c02ed93cd1 Catalin(ux) M. BOIE 2022-12-12 05:29:13
Cosmetic 04ae5ac6b9805198966a21755d1d430ef5b6a6dd Catalin(ux) M. BOIE 2022-12-11 17:17:39
Keep-alive mechanism for builder/worker 7e3add2ab41feefe37a858439934b8599fb30933 Catalin(ux) M. BOIE 2022-12-10 19:36:53
Bumped version to 0.76 09bb0cc92a9dfce513ce1289a22e71faf4ad1fe1 Catalin(ux) M. BOIE 2022-10-22 06:27:35
Cosmetic 45c59081c97489ccccd35efffa522607fee25a63 Catalin(ux) M. BOIE 2022-10-22 05:52:56
Mostly worker stuff ccf3a8d8da2ad1b0d97418fabb5028b40721835f Catalin(ux) M. BOIE 2022-10-22 05:50:04
wh: lambda: seems we cannot pass x-Amz-Client-Context header empty anymore 7f065b0fb6ceed5d2339afd7590f5a795ed3582e Catalin(ux) M. BOIE 2022-10-21 19:33:58
workers: wrong URL for delete a2b2ff5925b1ee9b4a033da93084c008b7af8c64 Catalin(ux) M. BOIE 2022-10-21 16:03:56
Typo 4557595fb985fb2a0a482a387ef0a61293b511ed Catalin(ux) M. BOIE 2022-03-29 17:06:57
Builder improvements 2c27620922c4990454dc3039b2f1c4a86388501f Catalin(ux) M. BOIE 2022-03-29 06:28:16
Extra space in debian/conffiles preventing Debian build 416ed9995151c29bffb4ca3f0f6901aab7cbaa8e Catalin(ux) M. BOIE 2022-03-28 19:36:06
Show global pkg sub repos; cosmetic 43f60158b760b2789261e703ff2fa0781f590e04 Catalin(ux) M. BOIE 2022-03-28 18:21:07
Commit 4157f88a19d1b24934743d0193755a6dc3f98c13 - Fixed delete account op
Author: Catalin(ux) M. BOIE
Author date (UTC): 2023-06-14 17:10
Committer name: Catalin(ux) M. BOIE
Committer date (UTC): 2023-06-14 17:10
Parent(s): a8c09adb1bceed31f8070386158561b06470a98f
Signing key:
Tree: 0d3eac6bb571d9172e8065bf58a50a0ab2091ea3
File Lines added Lines deleted
inc/rights.inc.php 2 0
inc/user.inc.php 12 5
tests/_run_tests.sh 1 0
tests/http_del_account.php 96 0
File inc/rights.inc.php changed (mode: 100644) (index 53f4ec2..df5579e)
... ... function rg_rights_test($list, $needed_rights, $ip, $misc)
760 760 */ */
761 761 function rg_rights_allow($db, $a) function rg_rights_allow($db, $a)
762 762 { {
763 rg_log_debug('rights_allow: a: ' . serialize($a));
764
763 765 $obj_id = $a['obj_id']; $obj_id = $a['obj_id'];
764 766 $type = $a['type']; $type = $a['type'];
765 767 if (isset($a['owner'])) { if (isset($a['owner'])) {
File inc/user.inc.php changed (mode: 100644) (index 88dbfa4..b9cc58e)
... ... $rg_user_rights = array(
19 19 "R" => "Remove user", "R" => "Remove user",
20 20 "S" => "Suspend user", "S" => "Suspend user",
21 21 "G" => "Grant rights", "G" => "Grant rights",
22 'R' => 'Revoke rights',
22 'K' => 'Revoke rights',
23 23 "M" => "Give admin rights" "M" => "Give admin rights"
24 24 ); );
25 25
 
... ... function rg_user_edit($db, $d)
759 759 * @uid - the uid of the user to be removed * @uid - the uid of the user to be removed
760 760 * This function only marks the user to be removed. * This function only marks the user to be removed.
761 761 */ */
762 function rg_user_remove($db, $rg, $uid)
762 function rg_user_remove($db)
763 763 { {
764 764 rg_prof_start('user_remove'); rg_prof_start('user_remove');
765 rg_log_enter('user_remove: uid=$uid');
765 rg_log_enter('user_remove');
766 766
767 767 $ret = FALSE; $ret = FALSE;
768 768 while (1) { while (1) {
769 if (rg_rights_allow($db, $rg, 'user', $uid, 'R', '') !== TRUE) {
769 $ui_login = rg_ui_login();
770
771 $x = array();
772 $x['type'] = 'user';
773 $x['obj_id'] = $ui_login['uid'];
774 $x['owner'] = $ui_login['uid'];
775 $x['needed_rights'] = 'R';
776 if (rg_rights_allow($db, $x) !== TRUE) {
770 777 rg_user_set_error('no rights'); rg_user_set_error('no rights');
771 778 break; break;
772 779 } }
 
... ... function rg_user_remove($db, $rg, $uid)
774 781 $now = time(); $now = time();
775 782 $params = array( $params = array(
776 783 'now' => $now, 'now' => $now,
777 'uid' => $uid
784 'uid' => $ui_login['uid']
778 785 ); );
779 786 $sql = 'UPDATE users SET deleted = @@now@@' $sql = 'UPDATE users SET deleted = @@now@@'
780 787 . ' WHERE uid = @@uid@@'; . ' WHERE uid = @@uid@@';
File tests/_run_tests.sh changed (mode: 100755) (index 18ab942..b176ef4)
4 4
5 5 # wh_build must be at the end because takes a lot of time # wh_build must be at the end because takes a lot of time
6 6 tests="migrate1 \ tests="migrate1 \
7 http_del_account \
7 8 git-sha256 pkg_subrepo pkg_rpm gpg http_api http_304 ldap_core ldap \ git-sha256 pkg_subrepo pkg_rpm gpg http_api http_304 ldap_core ldap \
8 9 admin_set_web git_big_push admin_set_git by_http wh_lambda http_keys \ admin_set_web git_big_push admin_set_git by_http wh_lambda http_keys \
9 10 http_forgot \ http_forgot \
File tests/http_del_account.php added (mode: 100644) (index 0000000..38bfae0)
1 <?php
2 error_reporting(E_ALL | E_STRICT);
3 ini_set("track_errors", "On");
4
5 $rg_cache_debug = TRUE;
6 $test_normal = TRUE;
7
8 $INC = dirname(__FILE__) . "/../inc";
9 require_once(dirname(__FILE__) . "/config.php");
10 require_once($INC . "/init.inc.php");
11 require_once($INC . "/util.inc.php");
12 require_once("helpers.inc.php");
13 require_once("http.inc.php");
14
15 rg_log_set_file("http_del_account.log");
16
17 require_once("common.php");
18
19 $_testns = 'http_del_account';
20
21
22 $now = time();
23
24 rg_test_create_user($db, $rg_ui);
25 $info = array('id' => $rg_ui['username']);
26 prepare_http($info);
27
28
29 rg_log('');
30 rg_log_enter("Loading delete account form - without being logged-in");
31 $data = array();
32 $headers = array();
33 $r = do_req($info, $test_url . "/op/settings/delete_account?t=load_delete_account_form_no_login", $data, $headers);
34 if (!strstr($r['body'], 'Please <a href="/op/login">login</a> first.')) {
35 rg_log_ml('r: ' . print_r($r, TRUE));
36 rg_log("Seems we can load the delete account form without being logged in! Not good!");
37 exit(1);
38 }
39 rg_log_exit();
40
41
42
43 $r = test_login($test_url, $rg_ui);
44 if ($r === FALSE) {
45 rg_log("Cannot login!");
46 exit(1);
47 }
48
49
50
51 rg_log('');
52 rg_log_enter("Loading delete account form");
53 $data = array();
54 $headers = array();
55 $r = do_req($info, $test_url . "/op/settings/delete_account?t=load_delete_account_form", $data, $headers);
56 if (!strstr($r['body'], "action=\"/op/settings/delete_account\"")) {
57 rg_log_ml('r: ' . print_r($r, TRUE));
58 rg_log("Cannot load form!");
59 exit(1);
60 }
61 $good_token = $r['tokens']['delete_account'];
62 rg_log_exit();
63
64
65 rg_log('');
66 rg_log_enter('Posting delete account form');
67 $data = array(
68 'doit' => 1,
69 'token' => $good_token,
70 'are_you_sure' => '1'
71 );
72 $headers = array();
73 $r = do_req($info, $test_url . "/op/settings/delete_account?t=post_delete_account_form", $data, $headers);
74 if (!strstr($r['body'], 'The user account has been deleted.')) {
75 rg_log_ml('r: ' . print_r($r, TRUE));
76 rg_log("Cannot delete account!");
77 exit(1);
78 }
79 rg_log_exit();
80
81
82 rg_log('');
83 rg_log_enter('Checking if user is still accessible...');
84 $data = array();
85 $headers = array();
86 $r = do_req($info, $test_url . '/user/' . $rg_ui['username'], $data, $headers);
87 if (!strstr($r['body'], 'Invalid user.')) {
88 rg_log_ml('r: ' . print_r($r, TRUE));
89 rg_log('We still can access the user page!');
90 exit(1);
91 }
92 rg_log_exit();
93
94
95
96 rg_log('OK!');
Hints:
Before first commit, do not forget to setup your git environment:
git config --global user.name "your_name_here"
git config --global user.email "your@email_here"

Clone this repository using HTTP(S):
git clone https://rocketgit.com/user/catalinux/rocketgit

Clone this repository using ssh (do not forget to upload a key first):
git clone ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit

Clone this repository using git:
git clone git://git.rocketgit.com/user/catalinux/rocketgit

You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a merge request:
... clone the repository ...
... make some changes and some commits ...
git push origin main