Activity for Apache Allura™
-
Dave Brondsema committed [7e3774]
Prevent private projects by disallowing access to 'permissions' page
-
Prevent Private Projects by removing legacy /admin/permissions/
-
Dillon Walls created merge request #354
Prevent Private Projects by removing legacy /admin/permissions/
-
Prevent private projects by disallowing access to 'permissions' page
-
Bump gunicorn version
-
Update req-dev.txt to match versions from req.txt
-
Kenton Taylor committed [d7ca5d]
Small tweaks to controls around user messaging
-
Small tweaks to controls around user messaging
-
Change test image url, since via.placeholder.com https cert is expired
-
Ingo posted a comment on ticket #8385
I played around a bit with it. And to overcome the performance issue, I now delayed the display of the result. Might sound insane, but to me this doesn't feel wrong. Because the tooltip just displays recommendations, and no exact match. https://forge-allura.apache.org/u/labi/allura/ And I only start searching globally, if nothing was found in the project user list.
-
Small tweaks to controls around user messaging
-
Correct, this works. But it is so unintuitive, that people aren't doing it. [#8293] would also be great. Another cracy idea... Why not doing a search in the following order: search in the project if we found nothing: search in the thread if we still found nothing: search in all users
-
Yea performance would have to be a consideration for autocompleting all usernames. We do have [#8293] with the idea of suggesting other people who have participated on the thread already. Additionally its worth noting that you can type @anyone and even if it doesn't autocomplete I believe it'll still notify them and be a link when saved.
-
review licenses of python dependencies
-
Mention: Search for all users, who can view the artifact
-
Allow newer versions of Pygments to be used
-
[#7712] fix bulk edit after ticket filter (collaborated with Vrinda A)
-
Bulk edit with filter on gives 500
-
Fixed after collaboration with you 😄
-
Vrinda A posted a comment on ticket #7712
I have also encountered the 500 Error after applying a filter and clicking on 'Bulk Edit' or 'Bulk Move'. The error on the server terminal is 'unicode' object has no attribute 'iteritems' in allura/lib/serach.py
-
added new app.sitemap_xml() that is used when generating sitemap.xml
-
wiki pages with noindex are omitted from sitemap.xml
-
wiki pages with noindex are omitted from sitemap.xml
-
added new app.sitemap_xml() that is used when generating sitemap.xml
-
Avoid error on incorrect url
-
py3: Fix icon handling when error (like SVG uploaded)
-
Make memorable.js usable on mobile browsers
-
py3 fix for kwargs on admin task view
-
a py3 fix and some other misc fixes
-
a py3 fix and some other misc fixes
-
added noindex tag to profiles with no activity and no projects
-
Added noindex tag to profiles with no activity and no projects
-
Thanks for the contribution!
-
Put a general network socket timeout around RSS feed fetching (default otherwise is no timeout)
-
guillermo.cruz created merge request #351
Added noindex tag to profiles with no activity and no projects
-
Handle better invalid URLs like /_list/ with no path after
-
No activity
-
The activitystream library prevents concurrent updates, but if an update failed then the flag was never reset, and activity updates would never run for that node again. Fixed with mongo cmd: db.nodes.update({is_aggregating:true}, {$set: {is_aggregating:false}}, {multi:true})
-
Remove very-old unused commit hooks (which use py2 syntax also)
-
Switch web debugger from Backlash (fork of werkzeug) to current werkzeug
-
shorter tracebacks on error debug pages
-
Catherine modified a wiki page
Feature Comparison
-
Sorry for the big delay in reviewing this. Here's my feedback below. What do you think? Are you still interested/able in making some more updates to this? I can help some (especially python 3) but maybe you could make another set of updates first to do what you can with this feedback? Thanks for beginning this contribution. It's a big chunk of code, and a useful feature for sure. nice work adding the license header to the new files. that is important. However, can you make it the very top of the...
-
My suggestions were based just on reading the documentation, I haven't actually tried anything. So I'm not too surprised that they didn't work out. I guess 2 URLs is the simplest way to make it work with mod_wsgi. I think simple is better than trying to deal with a proxy. Another idea though is what if we just kept using mod_python? If it is already working nicely, is it really beneficial to switch to mod_wsgi? I thought it would be good to switch, because mod_python is not popular any more and wsgi...
-
SF-5746 use project icon file hash for cache busting
-
SF-5746 use project icon file hash for cache busting
-
fixup! SF-5746 use project icon file hash for cache busting
-
Hey Dave, either I didn't understand your proposed approach, or it doesn't work. WSGIAuthGroupScript has the same problem as WSGIAuthUserScript, it forces the user initially to login, because it relies on credentials. So when I configure one of those two methods, I am always initially prompted for a password. And I guess this is what we want to avoid. 😉 I played around with the other Apache configurations, as I am not that confident with it, yet. And one solution which worked with two URLs, but without...
-
jenkins tests running in py3
-
Upgrade pygments package from 2.4.2 -> 2.5.2
-
Upgrade cryptography
-
Switch web debugger from Backlash (fork of werkzeug) to current werkzeug
-
shorter tracebacks on error debug pages
-
SF-5746 use project icon file hash for cache busting
-
Upgrade pygments package from 2.4.2 -> 2.5.2
-
Update httplib2
-
Have you tried WSGIAuthGroupScript yet? That seems to provide a way to list "groups" and then a "group" can be checked with a Require directive which is a normal httpd directive. And it seems both 401 and 403 statuses are options then. https://httpd.apache.org/docs/2.4/mod/mod_authz_core.html#authzsendforbiddenonfailure As for other ideas, the two URL solution obviously would work and be simple, but I feel like it is not very user-friendly and elegant. But maybe an option if the other choices are...
-
Upgrade jinja2
-
@brondsem Do you have any directions? The only solution, which I came up with, is the "two URL solution". For example: "/svn/..." and "/git/..." are using allow_access() to check if the repo has anonymous access allowed If it has no access allowed, it will forbid the access "/svn/restricted/..." and "/git/restricted/..." are using check_password() to check the user login Now we can have two scenarios: easiest: we configure two access URLs for the tools. One with login, one for anonymous more complex:...
-
@brondsem Do you have any directions? The only solution, which I came up with, is the "two URL solution". For example: "/svn/..." and "/git/..." are using allow_access() to check if the repo has anonymous access allowed If it has no access allowed, it will forbid the access * "/svn/restricted/..." and "/git/restricted/..." are using check_password() to check the user login Now we can have two scenarios: easiest: we configure two access URLs for the tools. One with login, one for anonymous more complex:...
-
Update bleach package
-
https://ci-builds.apache.org/job/Allura/job/Allura-py3/ using python 3.6.9. Newer versions would be nice, but that's what's available on the ubuntu machies for Apache's jenkins setup
-
jenkins tests running in py3
-
Looks good!
-
Enforce login throughout phone verification process
-
[#8384] enforce auth during phone verification
-
[#8384] enforce auth during phone verification
-
db/8384
-
Enforce login throughout phone verification process
-
py3: ensure unicode before all markup handling paths here
-
py3: encoding fixes in some less common commands
-
py3: icon param is bytes when empty
-
Yes, exactly those functions. "allow_acces" can only return OK or Forbidden. Unauthorized is not possible with WSGI, as far as I saw from the mod_wsgi source. I have no idea what the best solution will be. Maybe we should live with different URLs for anonymous and for authorized access? Because this would work with WSGI. Or should we use a reverse proxy, which is doing the authentication and permission checks!? Any more ideas? ;)
-
Hmm, I forgot this integrated so closely with apache, that it won't be a regular WSGI app. The auth functions you reference are these, right? https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-authentication-provider I haven't dealt with those before. What happens when you return true/false from allow_access? It seems like that woud be similar to returning unauthorized or not.
-
[#8382] avoid a py3 ming error (on py2 I think flush silently misses the task until the next request flushes)
-
[#8382] encoding fixes in import_api used by trac wiki importer
-
[#8382] simpler version of smart_str, handles already encoded/binary better too
-
[#8382] py3: avoid error if global 'c' isn't set yet
-
I played around with it more. The good thing: Looking at it in detail, I found, that the structure of the existing handler is not the worst, when we want to stay with the interface between the apache instance, and the allura instance itself. So I would not change this fundamentally at the moment. The bad thing: I didn't find a way to allow this optional anonymous access, how we do it with mod_python, for WSGI. Background: With mod_python we are able to return HTTP error codes. So we can "simply"...
-
py3: icon param is bytes when empty
-
py3: ensure unicode before all markup handling paths here
-
py3: encoding fixes in some less common commands
-
Those are intentional yes :)
-
py3: forgepastebin, tracwikiimporter
-
in trac importer, were these two page['text']/page['labels'] lines intended to be removed? tracwikiimporter/scripts/wiki_from_trac/loaders.py, diff --git tracwikiimporter/scripts/wiki_from_trac/loaders.py tracwikiimporter/scripts/wiki_from_trac/loaders.py index e9ab881..c877f45 100644 --- tracwikiimporter/scripts/wiki_from_trac/loaders.py +++ tracwikiimporter/scripts/wiki_from_trac/loaders.py @@ -69,11 +74,9 @@ def import_wiki(cli, project, tool, options, doc_txt): else: pages = doc if options.verbose:...
-
Youtube oembed test: be ok with different but similar outcomes
-
Handle more status codes from youtube oembed
-
Update to latest cryptography
-
A bit more logging before phone validation
-
travis: fix pip cmd; enable py3 testing
-
remove old Makefile
-
forgepastebin,tracwikiimporter,allura:db/8382 Need to do releases and version bumps. I found http://www.cansas.org/trac/wiki as a small real trac instance you can test importing from.
-
py3: forgepastebin, tracwikiimporter
-
[#8382] avoid a py3 ming error (on py2 I think flush silently misses the task until the next request flushes)
-
[#8382] simpler version of smart_str, handles already encoded/binary better too
-
[#8382] encoding fixes in import_api used by trac wiki importer
-
[#8382] py3: avoid error if global 'c' isn't set yet
-
Hi Ingo, The ApacheAccessHandler.py file has always been a bit rough in my opinion, so improving it and adding features would be great. I have not done anything yet to convert it to mod_wsgi (or python 3), so definitely your contributions would be welcome. SAML support sounds nice. I don't think we have any ticket about that, but it could probably be a nice config option that can help somebody else in the future too. Flattened SVN directory support would for sure be good. [#7940] is a related ticket....