Commit b69f5480 authored by Lukas Fleischer's avatar Lukas Fleischer
Browse files

Add a package name blacklist.



Can be used to blacklist package names for normal users. TUs and
developers are not affected. This is especially useful if used together
with a cron job that updates the blacklist periodically, e.g. to reject
packages which are available in the binary repos (FS#12902).
Signed-off-by: default avatarLukas Fleischer <archlinux@cryptocrack.de>
parent 881bfcce
......@@ -27,6 +27,12 @@ ALTER TABLE PackageSources
MODIFY Source VARCHAR(255) NOT NULL DEFAULT "/dev/null";
ALTER TABLE TU_VoteInfo
MODIFY User VARCHAR(32) collate latin1_general_ci NOT NULL;
CREATE TABLE PackageBlacklist (
ID INTEGER UNSIGNED NOT NULL AUTO_INCREMENT,
Name CHAR(64) NOT NULL,
PRIMARY KEY (ID),
UNIQUE (Name)
);
----
2. Drop all fulltext indexes from the "Packages" table:
......
......@@ -177,6 +177,15 @@ CREATE TABLE CommentNotify (
);
CREATE UNIQUE INDEX NotifyUserIDPkgID ON CommentNotify (UserID, PkgID);
-- Package name blacklist
--
CREATE TABLE PackageBlacklist (
ID INTEGER UNSIGNED NOT NULL AUTO_INCREMENT,
Name CHAR(64) NOT NULL,
PRIMARY KEY (ID),
UNIQUE (Name)
);
-- Vote information
--
CREATE TABLE IF NOT EXISTS TU_VoteInfo (
......
......@@ -215,6 +215,15 @@ if ($_COOKIE["AURSID"]):
$incoming_pkgdir = INCOMING_DIR . $pkg_name;
}
if (!$error) {
# Check if package name is blacklisted.
if (pkgname_is_blacklisted($pkg_name)) {
if (!canSubmitBlacklisted(account_from_sid($_COOKIE["AURSID"]))) {
$error = __( "%s is on the package blacklist, please check if it's available in the official repos.", $pkg_name);
}
}
}
if (!$error) {
# First, see if this package already exists, and if it can be overwritten
$pkg_exists = package_exists($pkg_name);
......
......@@ -64,6 +64,18 @@ function canManagePackage($uid=0,$AURMUID=0, $MUID=0, $SUID=0, $managed=0) {
return 0;
}
# Check if the current user can submit blacklisted packages.
#
function canSubmitBlacklisted($atype = "") {
if ($atype == "Trusted User" || $atype == "Developer") {
# Only TUs/Devs can submit blacklisted packages.
return TRUE;
}
else {
return FALSE;
}
}
# grab the current list of PackageCategories
#
function pkgCategories() {
......@@ -286,6 +298,17 @@ function pkgname_from_id($id="") {
return $id;
}
# Check if a package name is blacklisted.
#
function pkgname_is_blacklisted($name) {
$dbh = db_connect();
$q = "SELECT COUNT(*) FROM PackageBlacklist WHERE Name = '" . mysql_real_escape_string($name) . "'";
$result = db_query($q, $dbh);
if (!$result) return false;
return (mysql_result($result, 0) > 0);
}
# display package details
#
function package_details($id=0, $SID="") {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment