vcs: fix get_changesets filtering on hg repo to AND the criteria instead of OR
Mercurial scmutil.revrange takes a list of filters ... and OR them. But when for example a user uses the api and sets branch name and date, he would expect to only get revisions from the provided branch. So we need to use AND when filtering.
When using AND, the special handling of start_date and end_date is no longer necessary.
vcs: introduce 'branches' attribute on changesets, making it possible for Git to show multiple branches for a changeset
Mercurial changesets will always have have exactly one branch (which might be "default"). The VCS data model was the same.
Git allows for a changeset to have 0 or more branches ... and possibly one of them as active. The right data model is thus to have an enumerable of branches.
We thus add a 'branches' attribute and use it where applicable.
The existing 'branch' attribute used some heuristics to decide which branch use as "the" branch ... and in some places code (and tests) rely on that. We thus keep that old method, knowing that some of its uses probably should move to 'branches'.
The code for retrieving Git branches is based on work by Dominik Ruf.
Up to commit 85d812ab4c64, the api 'pull' method can either pull from the repository's specified remote (clone_uri) or, if the repository is a fork, from the fork origin.
The existing test case only covered pulling from a remote, and pulling from a repo (non-fork) that does not have a remote specified.
Update the test method naming to clarify this, and add a test to pull from a fork.
tests: notification: clarify that cs_target_repo is a URL
In analogy with the fake URLs used for pullrequest notification testing, use an URL for cs_target_repo. When testing the resulting HTML in a real email client, it will become obvious that the mail client transforms URLs to something clickable, regardless of any present <a> tag.
The rendering of HTML emails in Outlook is very restricted and based on old Internet Explorer versions (more or less the same rendering as in Microsoft Word). To make the Kallithea emails look the same as in the browser, some adaptations are needed.
HTML email templates: Outlook: fix width and height attributes to preserve whitespace
The rendering of HTML emails in Outlook is very restricted and based on old Internet Explorer versions (more or less the same rendering as in Microsoft Word). To make the Kallithea emails look the same as in the browser, some adaptations are needed.
HTML width and height attributes do not have any effect, the size is interpreted as 0px. A CSS-based width and height do work in Outlook and result in the expected spacing between and within elements of the email.
For Outlook rendering, the CSS variant is probably sufficient, but as it is unclear how other mail agents will interpret this, leave the HTML width and height attributes as well.
HTML email templates: Outlook: fix padding inside of action button
The rendering of HTML emails in Outlook is very restricted and based on old Internet Explorer versions (more or less the same rendering as in Microsoft Word). To make the Kallithea emails look the same as in the browser, some adaptations are needed.
The padding inside the button is completely lost in Outlook, the text sticks to the border. This can be fixed by moving the padding styling from the <center> tag to the <td> cell.
HTML email templates: Outlook: center action button
The rendering of HTML emails in Outlook is very restricted and based on old Internet Explorer versions (more or less the same rendering as in Microsoft Word). To make the Kallithea emails look the same as in the browser, some adaptations are needed.
One of the problems is that the action button is not centered. An extra <center> tag solves this issue.
This removes the deprecation warning at the end of the test run: pytest-catchlog plugin has been merged into the core, please remove it from your requirements.
home: make sure users and group autocomplete is case insensitive
Both SQLite and MySQL have a case-insensitive LIKE operator by default, but PostgreSQL does not. As a result, a query for 'john' does not match the user 'John Doe'.
As case-insensitivity is most user-friendly in the context of autocompletion of users and groups, switch to the ilike() method of SQLAlchemy rather than like().
templates: mark site as IE10+ compatible to bypass Compatibility mode
Internet Explorer 11 (and probably other versions) seems to ship with the setting "Display intranet sites in Compatibility View" enabled by default. This compatibility view means that modern elements of CSS and JavaScript are not (well) support and makes Kallithea look very bad and become unusable.
This is a problem when hosting Kallithea in a corporate environment where its URL is detected as 'the intranet'.
Solve the issue by explicitly marking Kallithea to be compatible with IE10, so that Internet Explorer 10 and above will show Kallithea correctly in Intranet environments.
If no recipients are set, emails are sent to all admins and the address specified in the config file setting 'email_to'.
However, the existing code did not cater for the fact that multiple addresses could be set there: the setting was treated as a single string and passed along as-is.
Adapt the code to split the email_to contents on a comma, as this is the separator expected by backlash.
ini: error email settings are comma-separated under backlash
Document how it email_to works under backlash.
When specifying multiple email addresses to receive error emails, they should be comma-separated under backlash, rather than space-separated previously. Extra spaces should not be a problem but is not "supported"/"recommended".
- Updated Git repository implementation to ensure context falls within 0 to 2**31-1 range (inclusive) when fetching a diff. - Added tests for Git repositories for checking passed-in negative and overflowing contexts (for the --unified option). - Updated Mercurial repository implementation to ensure context is not negative when fetching a diff. - Added tests for Mercurial repositories for checking passed-in negative context (for the --unified option).
Dominik Ruf found that aa25ef34ebab introduced a regression in anonymous access to repositories ... if that is enabled.
The refactoring was too strict when it missed that not all repo permission checks require a logged in user. Read access can be granted to the default user ... but not write or admin.
Instead of the commands used in aa25ef34ebab, the following commands are used to consistently also allow the default user in all decorators where we only need repo read access:
# Introduce explicit allow_default_user=True - that was the default before aa25ef34ebab sed -i 's/@LoginRequired()/@LoginRequired(allow_default_user=True)/g' `hg mani` sed -i 's/@LoginRequired(\(..*\))/@LoginRequired(\1, allow_default_user=True)/g' `hg mani` # The primary case: Replace @NotAnonymous with removal of allow_default_user=True perl -0pi -e 's/\@LoginRequired\((?:(.*), )?allow_default_user=True\)\n\s*\@NotAnonymous\(\)/\@LoginRequired(\1)/g' `hg mani` # If there is a global permission check, no anonymous is ever allowed perl -0pi -e 's/\@LoginRequired\(allow_default_user=True\)(\n\s*\@HasPermission)/\@LoginRequired()\1/g' `hg mani` # Repo access for write or admin also assume no default user perl -0pi -e 's/\@LoginRequired\(allow_default_user=True\)(\n\s*\@HasRepoPermissionLevelDecorator\('"'(write|admin)'"'\))/\@LoginRequired()\1/g' `hg mani`
setup: updated dependencies to accept latest Pylons release (1.0.3).
A couple of weeks ago the Pylons project has released version 1.0.3, removing the previously stable version 1.0.2 in the process. In turn, this would mean that new installation of Kallithea will end-up with older version of Pylons than what is actually available, and in particular a much older release than 1.0.2.
- use table-layout: fixed Since we already use a fixed width for the most cells, this makes it easier (faster) for the browser to render specially big tables. And it allows to use 'text-overflow: ellipsis'. The old ellipsis settings have no effect.
- use nowrap and 'text-overflow: ellipsis' for all cells A table is easier (faster) to read for a user if all the row have the same height. Therefore don't wrap lines and in case of overflow use ellipsis.
- remove unnecessary height Up until now the row was bigger then 31px so this had no effect. And it look wrong to make the row bigger then its content.
- remove unnecessary border-color bootstrap default is almost the same color
- remove unnecessary text-align left is the default
- remove font-size or use bootstrap .small Making fonts too small hurts the readability.
- remove some padding and margin
- don't use special colors The differences are hardly noticable or in case of the gray dates hurt readability.
less: we should be consistent with diffstat-ish colors
With this change, on the changeset page, the 'change counters' for the whole changeset (in the top right corner) use the same colors as the counters for the lines (a little bit below) and the line change highlighting.
- move .changed from kallithea.less to kallithea-diff.less - be more generic with selectors in kallithea-diff - remove remaining style from kallithea.less
less: cleanup nav-pills menu style used in settings
- remove obsolete padding for li - remove style for 'li > a' that is aready set by bootstrap via .nav-pills - use usual color: inherit only for non active elements - override nav-pills-active-link-hover-color and nav-pills-active-link-hover-bg instead custom style
- use official dataTables.bootstrap.css and dataTables.bootstrap.js - add datatable less style block to use kallithea font icons - move dataTables related style to this new block to have them in one place - remove style that is obsolete, overrides or gets overriden by dataTables.bootstrap.css
In the future we'll probably use it to manage more then just less/css stuff. So the less directory is the wrong place. The most common place is the root directory, so lets put it there. Also, this way the --prefix parameter for npm is no longer required.
Where the additional spacing is needed, we already have a padding-right, so these spaces are unnecessary. But more importantly they cause trouble if text-decoration is used (i.e. underline on hover).
auth: refactor to introduce @LoginRequired(allow_default_user=True) and deprecate @NotAnonymous()
It was error prone that @LoginRequired defaulted to allow anonymous users (if 'default' user is enabled). See also 245b4e3abf39.
Refactor code to make it more explicit and safe by default: Deprecate @NotAnonymous by making it the default of @LoginRequired. That will make it safe by default.
To preserve same functionality, set allow_default_user=True in all the cases where @LoginRequired was *not* followed by @NotAnonymous or other permission checks - that was done with some script hacks: sed -i 's/@LoginRequired(\(..*\))/@LoginRequired(\1, allow_default_user=True)/g' `hg mani` sed -i 's/@LoginRequired()/@LoginRequired(allow_default_user=True)/g' `hg mani` perl -0pi -e 's/\@LoginRequired\(allow_default_user=True\)\n\s*\@NotAnonymous\(\)/\@LoginRequired()/g' `hg mani` perl -0pi -e 's/\@LoginRequired\(allow_default_user=True\)(\n\s*\@Has(Repo)?Permission)/\@LoginRequired()\1/g' `hg mani`
It has been reviewed that all uses of allow_default_user=True are in places where the there indeed wasn't any checking for default user before. These may or may not be correct, but now they are explicit and can be spotted and fixed.
The few remaining uses of @NotAnonymous should probably be removed somehow.
css: use pseudo-content trick to prevent diff line numbers from being pasted to text
When copy-pasting a diff from Chrome to a text editor, line numbers (on separate lines) would be pasted as well. Even though 'user-select: none' prevents text from being visually selected, in Chrome, the text still gets copied to the clipboard when the user for example presses ctrl-c. (It worked in Firefox.)
Instead, don't put the line numbers directly in the DOM, but put them in a data attribute and render them as :before. That will give the same rendering as before but prevent it from being copied.
(Firefox will however still add empty lines - that is how <pre> is hardcoded to be rendered when pasting to text.)
setup-db: print completion message to avoid confusion (issue #303)
There are cases where the last message of setup-db is a warning, giving the impression that the overall command failed which may not actually be the case.
For example, when git is not installed, warnings are given, but they are not an actual error. Kallithea will work fine for Mercurial repositories.
To avoid any confusion, print a completion message at the end. Any real errors will abort the command and not make it this far.
Instead of using a hack, that removes the 'set' parameter from the request, don't give the submit button a name and therefore don't submit the parameter in the first place.
tests: git changeset authors need to have the format 'username <user@example.com>'
New verions of dulwich caused tests like test_compare_forks_on_branch_extra_commits_git to fail because of this. Since this is fixed now, re-allow dulwich versions 0.18.6 and newer.
login: fix crash when entering non-ASCII password for login (Issue #300)
Avoid errors like UnicodeEncodeError: 'ascii' codec can't encode characters in position X: ordinal not in range(128) when the user enters non-ASCII passwords for existing internal accounts in the login prompt.
The password forms have "always" rejected non-ASCII passwords with Invalid characters (non-ASCII) in password
less: base .metatag styling on Bootstrap .label styling
Metatags kind of are and kind of look like labels, except some differences: Labels use smaller but bold font. The sizing is also different, as labels are not inline-block and will not expand the line height but might overflow into previous/next line, especially if these also have labels.
We still keep the custom colors for font and background.
Alternatively, we could put the "label" class in the markup and just let the metatag markup set the colors, similar to what Bootstrap "label-*" does.
style: fix changeset tag container - fix vertical alignment of right aligned tags
Tags and comment count were not aligned with the line text at all, and a solid background were hiding the separator lines and made it look even more messy.
extra-container and comments-container are now simplified with top right positioning and less margin tweaking.
Minimal changes to the tags - just touching some external sizing so it fits in the container: line-height and margin.
- use default font weight for footer - it doesn't need special attention and doesn't have to be bold - use class selector for the footer instead of ID selector - add comment for the styling that is removing margin below footer
less: run lessc with --relative-urls so relative paths are rewritten
25e079891ff5 broke select2 - it did for example no longer display the search symbol in the input field. The css had a relative path to 'select2.png' which no longer was correct when the literal reference moved to style.css .
Bootstrap had the same issue with '../fonts/glyphicons-halflings-regular.*' ... but we do not rely much on that.
As a quick fix, just adjust the relative reference and keep pointing at the original location.
A next step might be to copy files around in a cross platform compliant way, reliably at the right point in the development/build/install process.
MANIFEST: only include bootstrap from node_modules when packaging or installing
With the 'less' source folder placed under 'public', the whole folder happened to be fully included in source distribution and installed. *If* 'npm install' has been run, 'kallithea/public/less/node_modules/' will contain both build/development tools ('less' and dependencies) and the source of Bootstrap.
We do want Bootstrap source to be included so it automatically gets 'vendored', but we don't want all the build tools.
We thus prune the whole 'node_modules' directory, but add 'node_modules/bootstrap' back in.
This is exactly what it is. It might seem a bit fragile: There is no verification that it only is the 'bootstrap' directory that should be added back in, and there is no verification that it actually is present and included.
- there are no #quick_login .links elements - there are no #quick_login .buttons elements - there are no #quick_login .form-group elements - there are no #quick_login .unread elements - there are no #quick_login .notifications elements - color is already set on #quick_login * - background and padding is already set for all dropdown menus - h4 already has margin-bottom 10px
less: use default Bootstrap styling for buttons, customized with variables
The gradient styling of buttons is dropped, but we still use grey buttons (using the average color from the gradient) instead of the Bootstrap default of white buttons.
less: build custom Bootstrap from bootstrap.less instead of using plain upstream version
- add current version of bootstrap to package.json dependencies - import bootstrap.less in main.less - remove bootstrap.css from root.html (the file will be removed later)