1
0
Fork 0
mirror of https://code.sup39.dev/repos/Wqawg synced 2025-01-04 08:34:51 +09:00
Commit graph

67 commits

Author SHA1 Message Date
fr33domlover
e325175a9c Publish 2 rotating instance-scope keys instead of the one-implicitly-shared-key
Before, there was a single key used as a personal key for all actors. Now,
things work like this:

- There are 2 keys, each time one is rotated, this way the old key remains
  valid and we can freely rotate without a risk of race conditions on other
  servers and end up with our posts being rejected
- The keys are explicitly instance-scope keys, all actors refer to them
- We add the ActivityPub-Actor header to all activity POSTs we send, to declare
  for which specific actor our signature applies. Activities and otherwise
  different payloads may have varying ways to specify attribution; using this
  header will be a standard uniform way to specify the actor, regardless of
  payload format. Of course, servers should make sure the actual activity is
  attributed to the same actor we specified in the header. (This is important
  with instance-scope keys; for personal keys it's not critical)
2019-02-07 10:34:33 +00:00
fr33domlover
c0965a4c47 Default roles for repos and turn user/anon collab tables into proj/repo fields
* Repo collab now supports basic default roles developer/user/guest like
  project collab does
* User/Anon collab for repos and projects are now stored as fields instead of
  in dedicated tables, there was never a need for dedicated tables but I didn't
  see that before
* Repo push op is now part of `ProjectOperation`
* `RepoRole` and related code has been entirely removed, only project roles
  remain and they're used for both repos and projects
* This is the first not-totally-trivial DB migration in Vervis, it's automatic
  but please be careful and report errors
2019-01-29 22:24:32 +00:00
fr33domlover
1f47ca39eb Federation test outbox page with form for entering JSON 2019-01-21 15:54:57 +00:00
fr33domlover
df01560ea6 ActivityPub inbox test page
This patch includes some ugliness and commented out code. Sorry for that. I'll
clean it up soon.

Basically there's a TVar holding a Vector of at most 10 AP activities. You can
freely POST stuff to /inbox, and then GET /inbox and see what you posted, or an
error description saying why your activity was rejected.
2019-01-19 01:44:21 +00:00
fr33domlover
ce89bded73 Add a commit view route, nothing displayed yet 2018-05-17 15:46:57 +00:00
fr33domlover
f149da8ec6 getPersonR respond with minimal ActivityPub actor 2018-03-25 19:26:30 +00:00
fr33domlover
f196bf38d6 Unverified variants of setCreds and clearCreds 2018-03-17 22:16:02 +00:00
fr33domlover
21192fef26 Route for accepting a New ticket 2016-08-11 07:58:51 +00:00
fr33domlover
17643c6d49 Field enums aren't useful if you can't define values 2016-08-08 17:05:09 +00:00
fr33domlover
7ee28b97d2 Per-workflow custom ticket field enum types 2016-08-08 14:48:38 +00:00
fr33domlover
01385c480b Per-workflow custom ticket fields 2016-08-08 14:01:06 +00:00
fr33domlover
687aa68a04 Per-sharer ticket workflows
A workflow is a new entity in Vervis. It defines the workflow of a
projects' ticket system. That includes the possible ticket states,
custom ticket fields, various filters and so on. All ticket system
customization is currently planned to be managed using workflows.

Currently workflows are private and per sharer, but the plan is to
support public workflows that can be shared and cloned.
2016-08-08 11:05:19 +00:00
fr33domlover
dc54a89503 Ticket tree view page 2016-08-04 07:36:24 +00:00
fr33domlover
5c153b0294 Ticket dependency add/remove and some fixes to recursive SQL 2016-07-28 16:40:10 +00:00
fr33domlover
188905f9aa Git clone over HTTP(S) using git binary 2016-07-27 15:17:03 +00:00
fr33domlover
d1e1f3c0f7 Reverse dependencies page for tickets 2016-07-27 08:35:50 +00:00
fr33domlover
55945e30f9 Ticket claim request submission 2016-06-08 01:28:18 +00:00
fr33domlover
5557e65f66 Ticket dependencies in DB and per-ticket list of children 2016-06-07 20:16:15 +00:00
fr33domlover
11d4a955d8 Per-ticket list of claim requests with full info 2016-06-07 16:31:55 +00:00
fr33domlover
047b9c00c9 Per-project list of ticket claim requests 2016-06-07 15:29:26 +00:00
fr33domlover
5e04f951f2 Ticket claim requests in DB and personal list view of them 2016-06-07 10:01:57 +00:00
fr33domlover
ae83a5f3ad Ticket un/assign (like un/claim but for other people) 2016-06-07 07:33:19 +00:00
fr33domlover
23c06c535a Put roles under sharers, now groups' roles can be managed too 2016-06-06 19:41:22 +00:00
fr33domlover
a3af63d368 Ticket claim and unclaim routes with access checks 2016-06-06 09:03:49 +00:00
fr33domlover
5305caf0b0 Repo settings page, allow repos to move between projects 2016-06-05 21:11:05 +00:00
fr33domlover
91266dd421 Project settings route, with wiki repo selector 2016-06-05 10:43:28 +00:00
fr33domlover
f8e1442e72 Initial minimal optional per-project wiki 2016-06-04 06:57:54 +00:00
fr33domlover
18394a1213 Split ticket open/close out of TicketEditR into new routes 2016-06-01 19:50:41 +00:00
fr33domlover
4e0e8cb736 Add project roles, basically a copy of the repo role code 2016-06-01 08:52:14 +00:00
fr33domlover
10c27464dd Make all role-related code repo-specific 2016-06-01 07:35:22 +00:00
fr33domlover
2d4fb85fca Dummy routes for repo team members 2016-05-29 14:13:25 +00:00
fr33domlover
c0e8ed0d2e Initial minimal limited per-repo RBAC system 2016-05-29 13:17:55 +00:00
fr33domlover
16d33da4de Add group member related dummy routes 2016-05-25 17:48:17 +00:00
fr33domlover
3687687457 Add group members page and breadcrumbs for group routes 2016-05-25 16:03:58 +00:00
fr33domlover
bc66463776 Add group routes 2016-05-24 21:48:21 +00:00
fr33domlover
ac893b6040 Fix layout of routes file ruined during recent route change 2016-05-24 08:50:19 +00:00
fr33domlover
49807ed27f Start big route change, doesn't build yet
I decided to add some safety to routes:

- Use dedicated newtypes
- Use CI for the CI-unique DB fields

Since such a change requires so many changes in many source files, this
is also a chance to do other such breaking changes. I'm recording the
change gradually. It won't build until I finish, so for now don't waste
time trying to build the app.
2016-05-23 12:24:14 +00:00
fr33domlover
9368e68ab5 Enable new top-level comments, discussion system works now 2016-05-21 20:01:31 +00:00
fr33domlover
a56a7575fe Implement reply-to-existing-comment 2016-05-19 22:07:25 +00:00
fr33domlover
c942c7d398 Ticket discussion and message routes 2016-05-19 16:58:23 +00:00
fr33domlover
298bbc57e4 SSH key deletion button 2016-05-13 21:41:46 +00:00
fr33domlover
4d16203e5d Repo deletion button 2016-05-13 19:23:56 +00:00
fr33domlover
80576d9caa Darcs pull over HTTP 2016-05-13 10:58:42 +00:00
fr33domlover
ed2df29b66 Refactor git log view, make room for darcs 2016-05-05 16:30:30 +00:00
fr33domlover
3ed04941e8 Refactor git source view code and implement the same for Darcs 2016-05-05 07:29:19 +00:00
fr33domlover
e8befc41ee Multiplex ticket PUT and DELETE over POST
HTML forms support only GET and POST methods. One way to bypass that is
to send the form using JS. But I don't want that. Another is to send a
POST with a hidden form field which specifies the read method. This is
what 'postTicketR' does.
2016-05-02 11:34:11 +00:00
fr33domlover
88569a08ad Dummy handlers for ticket editing and deletion 2016-05-02 06:13:57 +00:00
fr33domlover
eaadbc050c Ticket list page 2016-04-30 23:02:44 +00:00
fr33domlover
09b767a037 New ticket post form 2016-04-30 22:32:22 +00:00
fr33domlover
4065143d8f Remove upload-pack over HTTP, 'hit' opens too many file descriptors 2016-04-29 18:08:05 +00:00