Hello community, here is the log from the commit of package webyast-base for openSUSE:Factory checked in at 2013-08-28 21:20:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/webyast-base (Old) and /work/SRC/openSUSE:Factory/.webyast-base.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "webyast-base" Changes: -------- --- /work/SRC/openSUSE:Factory/webyast-base/webyast-base.changes 2013-06-11 09:38:25.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.webyast-base.new/webyast-base.changes 2013-08-28 21:20:45.000000000 +0200 @@ -1,0 +2,13 @@ +Fri Aug 2 14:18:41 UTC 2013 - [email protected] + +- fix migration for devise 3.0 +- updated tests to make it build again +- resolve issues with PolicyKit and PackageKit + (bnc#809579, bnc#810336, bnc#809028) +- redirect to root_path after login and remove templates for + sessions.create +- other minor fixes +- support for the new polkit (bnc#808762, bnc#816478) (lslezak) +- 0.3.45 + +------------------------------------------------------------------- New: ---- 40-default-webyast-base.rules ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ webyast-base.spec ++++++ --- /var/tmp/diff_new_pack.NRRYeW/_old 2013-08-28 21:20:46.000000000 +0200 +++ /var/tmp/diff_new_pack.NRRYeW/_new 2013-08-28 21:20:46.000000000 +0200 @@ -17,7 +17,7 @@ Name: webyast-base -Version: 0.3.44 +Version: 0.3.45 Release: 0 Provides: yast2-webservice = %{version} Obsoletes: yast2-webservice < %{version} @@ -62,13 +62,13 @@ Requires: syslog Requires: yast2-dbus-server -Requires: rubygem-webyast-rake-tasks >= 0.3.5 +PreReq: rubygem-webyast-rake-tasks >= 0.3.7 Requires: webyast-base-branding PreReq: rubygem-bundler # 634404 Recommends: logrotate %if 0%{?suse_version} == 0 || %suse_version > 1110 -PreReq: polkit, rubygem-polkit1 +PreReq: polkit, rubygem-polkit1 >= 0.1.0 PreReq: rubygem-rake %else # <11.1 or SLES11 @@ -136,6 +136,7 @@ Source14: config.yml Source15: config.yml.new Source16: update_webyast_service +Source17: 40-default-webyast-base.rules BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: pkg-config @@ -147,7 +148,7 @@ BuildRequires: rubygem-rails-3_2 BuildRequires: rubygem-ruby-dbus BuildRequires: rubygem-sqlite3 >= 1.3.6 -BuildRequires: rubygem-webyast-rake-tasks >= 0.3.5 +BuildRequires: rubygem-webyast-rake-tasks >= 0.3.7 %if 0%{?suse_version} == 0 || %suse_version > 1110 BuildRequires: polkit BuildRequires: rubygem-polkit1 @@ -349,6 +350,10 @@ install -m 0644 %SOURCE4 $RPM_BUILD_ROOT/usr/share/%{webyast_polkit_dir} install -m 0644 %SOURCE6 $RPM_BUILD_ROOT/etc/ install -m 0555 %SOURCE5 $RPM_BUILD_ROOT/usr/sbin/ +%if %suse_version >= 1230 +mkdir -p $RPM_BUILD_ROOT/etc/polkit-1/rules.d/ +install -m 0644 %SOURCE17 $RPM_BUILD_ROOT/etc/polkit-1/rules.d/ +%endif # firewall service definition, bnc#545627 mkdir -p $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/services @@ -466,14 +471,19 @@ #--------------------------------------------------------------- %post %fillup_and_insserv %{webyast_service} + +%if %suse_version < 1230 # #granting permissions for webyast # /usr/sbin/grantwebyastrights --user %{webyast_user} --action grant --policy org.opensuse.yast.module-manager.import > /dev/null ||: + # # granting all permissions for root # /usr/sbin/grantwebyastrights --user root --action grant > /dev/null ||: +%endif + # # create database # @@ -615,6 +625,9 @@ %config /etc/sysconfig/SuSEfirewall2.d/services/webyast %config /usr/share/%{webyast_polkit_dir}/org.opensuse.yast.permissions.policy +%if %suse_version >= 1230 +/etc/polkit-1/rules.d/40-default-webyast-base.rules +%endif %config %{webyast_dir}/config/initializers/secret_token.rb %config %{webyast_dir}/config/environment.rb %config(noreplace) /etc/yast_user_roles ++++++ 40-default-webyast-base.rules ++++++ // default permissions for "webyast" user polkit.addRule(function(action, subject) { if ((action.id == "org.opensuse.yast.module-manager.import" || action.id == "org.opensuse.yast.permissions.read" || action.id == "org.opensuse.yast.permissions.write" ) && subject.user == "webyast") { return polkit.Result.YES; } }); // vim: syntax=javascript ++++++ grantwebyastrights ++++++ --- /var/tmp/diff_new_pack.NRRYeW/_old 2013-08-28 21:20:46.000000000 +0200 +++ /var/tmp/diff_new_pack.NRRYeW/_new 2013-08-28 21:20:46.000000000 +0200 @@ -46,8 +46,6 @@ $debug = 0 -POLKIT_SECTION = "55-webyast.d" - def usage why STDERR.puts why STDERR.puts "" @@ -139,7 +137,7 @@ unless single_policy == nil STDOUT.puts "granting: #{single_policy}" if @polkit1 - PolKit1::polkit1_write(POLKIT_SECTION, single_policy, true, user) + PolKit1::polkit1_write(single_policy, true, user) else out = `polkit-auth --user '#{user}' --grant '#{single_policy}'` #do NOT raise if an error happens here cause while the package installation this call can return an error for already existing @@ -152,7 +150,7 @@ non_granted.each do |policy| STDOUT.puts "granting: #{policy}" if @polkit1 - PolKit1::polkit1_write(POLKIT_SECTION, policy, true, user) + PolKit1::polkit1_write(policy, true, user) else out = `polkit-auth --user '#{user}' --grant '#{policy}'` #do NOT raise if an error happens here cause while the package installation this call can return an error for already existing @@ -171,7 +169,7 @@ unless single_policy == nil STDOUT.puts "revoking: #{single_policy}" if @polkit1 - PolKit1::polkit1_write(POLKIT_SECTION, single_policy, false, user) + PolKit1::polkit1_write(single_policy, false, user) else out = `polkit-auth --user '#{user}' --revoke '#{single_policy}'` raise "Revoking permissions failed with ret code #{$?.exitstatus}. Output: #{out}" unless $?.exitstatus.zero? @@ -181,7 +179,7 @@ granted.each do |policy| STDOUT.puts "revoking: #{policy}" if @polkit1 - PolKit1::polkit1_write(POLKIT_SECTION, policy, false, user) + PolKit1::polkit1_write(policy, false, user) else out = `polkit-auth --user '#{user}' --revoke '#{policy}'` raise "Revoking permissions failed with ret code #{$?.exitstatus}. Output: #{out}" unless $?.exitstatus.zero? ++++++ webyastPermissionsService.rb ++++++ --- /var/tmp/diff_new_pack.NRRYeW/_old 2013-08-28 21:20:46.000000000 +0200 +++ /var/tmp/diff_new_pack.NRRYeW/_new 2013-08-28 21:20:46.000000000 +0200 @@ -92,7 +92,6 @@ USER_REGEX=/\A[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_][ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.-]*[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.$-]?\Z/ USER_WITH_DOMAIN_REGEX=/\A[a-zA-Z0-9][a-zA-Z0-9\-.]*\\[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_][ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.-]*[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.$-]?\Z/ -POLKIT_SECTION = "55-webyast.d" def execute (command, permissions, user, sender) #TODO polkit check, user escaping, perm whitespacing @@ -108,7 +107,7 @@ when :grant then begin if @polkit1 - PolKit1::polkit1_write(POLKIT_SECTION, p, true, user) + PolKit1::polkit1_write(p, true, user) result << "true" else #whitespace check for valid permission string to avoid attack @@ -124,7 +123,7 @@ when :revoke then begin if @polkit1 - PolKit1::polkit1_write(POLKIT_SECTION, p, false, user) + PolKit1::polkit1_write(p, false, user) result << "true" else #whitespace check for valid permission string to avoid attack ++++++ www.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/www/Gemfile new/www/Gemfile --- old/www/Gemfile 2013-06-10 17:19:27.000000000 +0200 +++ new/www/Gemfile 2013-08-27 14:34:32.000000000 +0200 @@ -2,6 +2,8 @@ source 'http://rubygems.org' end +require 'yaml' + gem 'rails', '~> 3.2.3' gem 'devise' @@ -23,8 +25,7 @@ #checking which policykit is used WEBYAST_CONFIG_FILE = "/etc/webyast/config.yml" if File.exist?(WEBYAST_CONFIG_FILE) - require 'yaml' - values = YAML::load(File.open(WEBYAST_CONFIG_FILE, 'r').read) + values = YAML::load_file WEBYAST_CONFIG_FILE ENV['WEBYAST_POLICYKIT']= 'true' if values["polkit1"] == false end @@ -34,21 +35,32 @@ gem 'polkit1' end -plugin_path = File.expand_path("../../plugins", __FILE__) -gemspecs = Dir.glob(File.join(plugin_path, "**", "*.gemspec")) - -unless gemspecs.empty? - #We are in devel. mode. Loading all plugins - gemspecs.each do |gemspec| - plugin_name = gemspec.split("/").pop.split(".").first - gem plugin_name, :path => File.expand_path("../../plugins/#{gemspec.split("/").pop(2).first}", __FILE__) +if ENV["WEBYAST_LOAD_GEMS"] != "false" + plugin_path = File.expand_path("../../plugins", __FILE__) + gemspecs = Dir.glob(File.join(plugin_path, "**", "*.gemspec")) + + if gemspecs.empty? + # Loading webyast gems from the gem path + Dir.glob(Gem.default_path.map{|p| File.join(p, "gems/webyast-*")}).each do |pth| + # get gem name from path: /usr/lib64/ruby/gems/1.8/gems/webyast-users-0.1 => webyast-users + gem File.basename(pth).split("-")[0..-2].join("-") + end + else + #We are in devel. mode. Loading all plugins + gemspecs.each do |gemspec| + plugin_name = gemspec.split("/").pop.split(".").first + gem plugin_name, :path => File.expand_path("../../plugins/#{gemspec.split("/").pop(2).first}", __FILE__) + end end +end + +# make sure the rake tasks are always loaded, +# load the local tasks when running from Git +local_tasks_path = File.expand_path("../../webyast-tasks", __FILE__) +if File.exist?(local_tasks_path) + gem "webyast-rake-tasks", :path => local_tasks_path else - #Loading webyast gems from the gem path - Dir.glob(Gem.default_path.map{|p| File.join(p, "gems/webyast-*")}).each do |pth| - # get gem name from path: /usr/lib64/ruby/gems/1.8/gems/webyast-users-0.1 => webyast-users - gem File.basename(pth).split("-")[0..-2].join("-") - end + gem "webyast-rake-tasks" end group :development do @@ -56,7 +68,6 @@ end group :test do - gem "factory_girl_rails" gem "mocha", :require => false end @@ -72,7 +83,8 @@ # needed for rake gettext:find gem 'ruby_parser' - #gem "debugger" + # uncomment to enable debugger support + # gem "debugger" end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/www/Rakefile new/www/Rakefile --- old/www/Rakefile 2012-10-12 12:54:54.000000000 +0200 +++ new/www/Rakefile 2013-08-27 14:34:32.000000000 +0200 @@ -23,8 +23,6 @@ # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake. require(File.join(File.dirname(__FILE__), 'config', 'boot')) -$:.unshift File.join(File.dirname(__FILE__), "..", "webyast-tasks", "lib") - require 'rake' require 'rake/testtask' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/www/app/controllers/application_controller.rb new/www/app/controllers/application_controller.rb --- old/www/app/controllers/application_controller.rb 2013-06-10 17:19:27.000000000 +0200 +++ new/www/app/controllers/application_controller.rb 2013-08-27 11:08:08.000000000 +0200 @@ -1,18 +1,18 @@ #-- # Webyast framework # -# Copyright (C) 2009, 2010 Novell, Inc. +# Copyright (C) 2009, 2010 Novell, Inc. # This library is free software; you can redistribute it and/or modify # it only under the terms of version 2.1 of the GNU Lesser General Public -# License as published by the Free Software Foundation. +# License as published by the Free Software Foundation. # # This library is distributed in the hope that it will be useful, but WITHOUT # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS -# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more -# details. +# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more +# details. # # You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software +# License along with this library; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA #++ @@ -201,7 +201,7 @@ Rails.logger.info "Reading all permissions for #{current_account.username} again" Permission.reset(current_account.username) - super + root_path end def after_sign_out_path_for(resource_or_scope) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/www/app/models/permission.rb new/www/app/models/permission.rb --- old/www/app/models/permission.rb 2013-06-10 17:19:27.000000000 +0200 +++ new/www/app/models/permission.rb 2013-08-27 11:08:08.000000000 +0200 @@ -31,28 +31,34 @@ private + def self.mtime_list list + list.map do |f| + File.mtime(f) if File.exist?(f) + end + end + def self.get_cache_timestamp lst = [] if YaST::POLKIT1 - lst = [ + lst = mtime_list([ # policies - File.mtime('/usr/share/polkit-1/'), + '/usr/share/polkit-1/', # default - File.mtime('/var/lib/polkit-1/'), + '/var/lib/polkit/', # explicit user authorizations - File.mtime('/etc/polkit-1'), - ] + '/etc/polkit-1' + ]) else - lst = [ + lst = mtime_list([ # the global config file - File.mtime('/etc/PolicyKit/PolicyKit.conf'), + '/etc/PolicyKit/PolicyKit.conf', # policies - File.mtime('/usr/share/PolicyKit/policy/'), + '/usr/share/PolicyKit/policy/', # explicit user authorizations - File.mtime('/var/lib/PolicyKit/'), + '/var/lib/PolicyKit/', # default overrides - File.mtime('/var/lib/PolicyKit-public/'), - ] + '/var/lib/PolicyKit-public/' + ]) end lst.compact! diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/www/app/views/layouts/application.html.erb new/www/app/views/layouts/application.html.erb --- old/www/app/views/layouts/application.html.erb 2013-06-10 17:19:27.000000000 +0200 +++ new/www/app/views/layouts/application.html.erb 2013-08-27 11:08:08.000000000 +0200 @@ -122,10 +122,12 @@ <%= link_to _("Home"), '/controlpanel'%> </span> <span class="userbar-icon user-icon"> - <% if WebyastEngine.find("Users").present? %> - <%= link_to(current_account.username, :controller => :users) %> + <% if current_account.username == 'root' %> + <%= link_to_if(WebyastEngine.find("Administrator").present?, + current_account.username, {:controller=>:administrator, :action=>:index}) %> <% else %> - <%= current_account.username %> + <%= link_to_if(WebyastEngine.find("Users").present?, + current_account.username, {:controller=>:users, :action=>:index}) %> <% end %> </span> <span class="userbar-icon" style=" text-align:center;"> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/www/app/views/sessions/create.builder new/www/app/views/sessions/create.builder --- old/www/app/views/sessions/create.builder 2013-06-10 17:19:27.000000000 +0200 +++ new/www/app/views/sessions/create.builder 1970-01-01 01:00:00.000000000 +0100 @@ -1,6 +0,0 @@ -# ugly workaround to avoid rendering result in Devise::SessionsController -if current_account.blank? - xml << {:login => "denied"}.to_xml -else - xml << {:login => "granted", :auth_token => { :value => current_account.authentication_token, :expires => current_account.token_expires_at} }.to_xml -end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/www/app/views/sessions/create.json.erb new/www/app/views/sessions/create.json.erb --- old/www/app/views/sessions/create.json.erb 2013-06-10 17:19:27.000000000 +0200 +++ new/www/app/views/sessions/create.json.erb 1970-01-01 01:00:00.000000000 +0100 @@ -1,5 +0,0 @@ -<% if current_account.blank? %> - <%= { :login => 'denied' }.to_json.html_safe -%> -<% else %> - <%= { :login => 'granted', :auth_token => {:value => current_account.authentication_token, :expires => current_account.token_expires_at} }.to_json.html_safe -%> -<% end %> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/www/config/routes.rb new/www/config/routes.rb --- old/www/config/routes.rb 2012-08-30 18:11:56.000000000 +0200 +++ new/www/config/routes.rb 2013-08-27 11:08:08.000000000 +0200 @@ -27,6 +27,7 @@ resource :vendor_settings, :only => :show resources :restdoc, :only => [:index, :show] resources :resources, :only => [:index, :show], :constraints => { :id => /[-\w]+/ } + resources :controlpanel, :only => :index #mounting each plugin if defined? WebYaST diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/www/db/migrate/20111115091940_devise_columns.rb new/www/db/migrate/20111115091940_devise_columns.rb --- old/www/db/migrate/20111115091940_devise_columns.rb 2012-08-08 16:02:03.000000000 +0200 +++ new/www/db/migrate/20111115091940_devise_columns.rb 2013-08-27 11:08:08.000000000 +0200 @@ -7,7 +7,7 @@ t.rename :login, :username #t.rememberable - if Devise::VERSION.match /^2\./ + if Devise::VERSION.match /\A[2-3]/ ## Trackable t.integer :sign_in_count, :default => 0 t.datetime :current_sign_in_at diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/www/lib/haml_parser.rb new/www/lib/haml_parser.rb --- old/www/lib/haml_parser.rb 2013-06-10 17:19:27.000000000 +0200 +++ new/www/lib/haml_parser.rb 2013-08-27 11:08:08.000000000 +0200 @@ -19,7 +19,7 @@ # Haml gettext parser module # # http://pastie.org/445297 -require 'gettext/tools/rgettext' +require 'gettext/tools/xgettext' require 'gettext/tools/parser/ruby' require 'haml' @@ -88,5 +88,5 @@ end -GetText::RGetText.add_parser(HamlParser) +GetText::Tools::XGetText.add_parser(HamlParser) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/www/test/functional/application_controller_test.rb new/www/test/functional/application_controller_test.rb --- old/www/test/functional/application_controller_test.rb 2013-06-10 17:19:27.000000000 +0200 +++ new/www/test/functional/application_controller_test.rb 2013-08-27 11:08:08.000000000 +0200 @@ -92,7 +92,7 @@ Basesystem.stubs(:installed?).returns(true) get :redirect assert_response :redirect - assert_redirected_to root_path + assert_redirected_to :controller => "controlpanel" end def test_success_redirect_wizard @@ -113,7 +113,7 @@ def test_exception_trap_no_permission get :no_permission assert_response :redirect - assert_redirected_to root_path + assert_redirected_to :controller => "controlpanel" assert flash end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/www/test/functional/raising_controller_test.rb new/www/test/functional/raising_controller_test.rb --- old/www/test/functional/raising_controller_test.rb 2013-06-10 17:19:27.000000000 +0200 +++ new/www/test/functional/raising_controller_test.rb 2013-08-27 11:08:08.000000000 +0200 @@ -55,9 +55,9 @@ end def setup - devise_sign_in(ControlpanelController) # authenticate user/account + # authenticate user/account + devise_sign_in(RaisingController) @controller = RaisingController.new - @routes = Rails.application.routes.dup end def test_catch_not_found diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/www/test/functional/restdoc_controller_test.rb new/www/test/functional/restdoc_controller_test.rb --- old/www/test/functional/restdoc_controller_test.rb 2012-08-29 09:27:53.000000000 +0200 +++ new/www/test/functional/restdoc_controller_test.rb 2013-08-27 11:08:08.000000000 +0200 @@ -22,7 +22,7 @@ require File.expand_path(File.dirname(__FILE__) + "/../test_helper") require File.dirname(__FILE__) + '/../devise_helper' -require 'mocha' +require 'mocha/setup' class RestdocControllerTest < ActionController::TestCase diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/www/test/unit/permission_test.rb new/www/test/unit/permission_test.rb --- old/www/test/unit/permission_test.rb 2013-06-10 17:19:27.000000000 +0200 +++ new/www/test/unit/permission_test.rb 2013-08-27 11:08:08.000000000 +0200 @@ -47,7 +47,7 @@ Permission.stubs(:find).with("org.opensuse.yast.modules.yapi.patches.read", {:user_id => @user}).returns(PATCHES_READ) Permission.stubs(:find).with(:all).returns(TEST_DATA_ACTIONS) File.stubs(:mtime).with('/etc/polkit-1').returns(0) - File.stubs(:mtime).with('/var/lib/polkit-1/').returns(0) + File.stubs(:mtime).with('/var/lib/polkit/').returns(0) File.stubs(:mtime).with('/usr/share/polkit-1/').returns(0) File.stubs(:mtime).with('/etc/PolicyKit/PolicyKit.conf').returns(0) File.stubs(:mtime).with('/usr/share/PolicyKit/policy/').returns(0) -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
