Add basic dependency resolution

Fixes #130

.gitignore

@@ -1,6 +1,7 @@
 config.cfg
 *.env
 *.sqlite
+.vscode
 custom.css
 tmp
 log.txt

app/__init__.py

@@ -24,6 +24,7 @@ from flaskext.markdown import Markdown
 from flask_github import GitHub
 from flask_wtf.csrf import CsrfProtect
 from flask_flatpages import FlatPages
+from flask_babel import Babel
 import os
 
 app = Flask(__name__, static_folder="public/static")
@@ -37,6 +38,7 @@ github = GitHub(app)
 csrf = CsrfProtect(app)
 mail = Mail(app)
 pages = FlatPages(app)
+babel = Babel(app)
 gravatar = Gravatar(app,
 		size=58,
 		rating='g',
@@ -50,5 +52,11 @@ if not app.debug:
 	from .maillogger import register_mail_error_handler
 	register_mail_error_handler(app, mail)
 
+
+@babel.localeselector
+def get_locale():
+    return request.accept_languages.best_match(app.config['LANGUAGES'].keys())
+
+
 from . import models, tasks
 from .views import *

app/flatpages/policy_and_guidance.md

@@ -10,36 +10,45 @@ ContentDB is for the community, and as such listings should be useful to the
 community. To help with this, there are a few rules to improve the quality of
 the listings and to combat abuse.
 
-* No inappropriate content.
-* Content must be playable/useful, but not necessarily finished.
-* Don't use the name of another mod unless your mod is a fork or reimplementation.
-* Licenses must allow derivatives, redistribution, and must not discriminate.
-* Don't put promotions are advertisements in package listings, except for
-  donation and personal website links which are permitted in the long description.
+* No inappropriate content. <sup>2.1</sup>
+* Content must be playable/useful, but not necessarily finished. <sup>2.2</sup>
+* Don't use the name of another mod unless your mod is a fork or reimplementation. <sup>3</sup>
+* Licenses must allow derivatives, redistribution, and must not discriminate. <sup>4</sup>
+* Don't put promotions or advertisements in package listings, except for
+  donation and personal website links which are permitted in the
+  long description. <sup>5</sup>
+* The ContentDB admin reserves the right to remove packages for any reason,
+  including ones not covered by this document, and to ban users who abuse
+  this service. <sup>1</sup>
 
 
 ## 1. General
 
-It is not permitted to submit abusive, obscene, vulgar, slanderous, hateful,
-threatening, sexually-orientated or any material that may violate any laws be
-it of your country, the country where "Content DB” is hosted or International Law.
-
 The ContentDB admin reserves the right to remove packages for any reason,
 including ones not covered by this document, and to ban users who abuse this service.
 
 Also see the [help page on tags](/help/package_tags/).
 
 
-## 2. Accepted Content and State of Completion
+## 2. Accepted Content
+
+### 2.1. Acceptable Content
+
+Sexually-orientated content is not permitted.
+
+Mature content, including that relating to drugs, excessive gore, violence, or
+horror, is not currently permitted - but will be in the future.
 
 The submission of malware is strictly prohibited. This includes software which
 does not do as it advertises, for example if it posts telemetry without stating
 clearly that it does in the package meta.
 
+### 2.2. State of Completion
+
 ContentDB should only currently contain playable content - content which is
 sufficiently complete to be useful to end users. It's fine to add stuff which
 is still a work in progress (WIP) as long as it adds sufficient value -
-Mineclone 2 is a good example of a WIP package which may break between releases
+MineClone 2 is a good example of a WIP package which may break between releases
 but still has value. Note that this doesn't mean that you should add a thing
 you started working on yesterday, it's worth adding all the basic stuff to
 make your package useful.
@@ -116,15 +125,15 @@ Public domain is not a valid license in many countries, please use CC0 or MIT in
 
 ## 5. Promotions and Advertisements (inc. asking for donations)
 
-Any information other than the long description - including screenshots - must
-not contain any promotions or advertisements. This includes asking for donations,
-promoting online shops, or linking to personal websites and social media.
+You may note place any promotions or advertisements in any meta data including
+screensthos. This includes asking for donations, promoting online shops,
+or linking to personal websites and social media. Please instead use the
+fields provided on your user profile page to place links to websites and
+donation pages.
 
 ContentDB is for the community. We may remove any promotions if we feel that
 they're inappropriate.
 
-Paid promotions are not allowed at all, anywhere.
-
 
 ## 6. Reporting Violations
 

app/models.py

@@ -37,7 +37,7 @@ make_searchable(db.metadata)
 
 
 class ArticleQuery(BaseQuery, SearchQueryMixin):
-    pass
+	pass
 
 
 class UserRank(enum.Enum):
@@ -76,6 +76,7 @@ class Permission(enum.Enum):
 	APPROVE_CHANGES    = "APPROVE_CHANGES"
 	DELETE_PACKAGE     = "DELETE_PACKAGE"
 	CHANGE_AUTHOR      = "CHANGE_AUTHOR"
+	CHANGE_NAME        = "CHANGE_NAME"
 	MAKE_RELEASE       = "MAKE_RELEASE"
 	ADD_SCREENSHOTS    = "ADD_SCREENSHOTS"
 	APPROVE_SCREENSHOT = "APPROVE_SCREENSHOT"
@@ -129,6 +130,10 @@ class User(db.Model, UserMixin):
 	active        = db.Column("is_active", db.Boolean, nullable=False, server_default="0")
 	display_name  = db.Column(db.String(100), nullable=False, server_default="")
 
+	# Links
+	website_url   = db.Column(db.String(255), nullable=True, default=None)
+	donate_url    = db.Column(db.String(255), nullable=True, default=None)
+
 	# Content
 	notifications = db.relationship("Notification", primaryjoin="User.id==Notification.user_id")
 
@@ -208,6 +213,9 @@ class Notification(db.Model):
 	url       = db.Column(db.String(200), nullable=True)
 
 	def __init__(self, us, cau, titl, ur):
+		if len(titl) > 100:
+			title = title[:99] + "…"
+
 		self.user   = us
 		self.causer = cau
 		self.title  = titl
@@ -390,7 +398,7 @@ class Package(db.Model):
 	forums       = db.Column(db.Integer,     nullable=True)
 
 	provides = db.relationship("MetaPackage", secondary=provides, lazy="subquery",
-			backref=db.backref("packages", lazy="dynamic"))
+			backref=db.backref("packages", lazy="dynamic", order_by=db.desc("score")))
 
 	dependencies = db.relationship("Dependency", backref="depender", lazy="dynamic", foreign_keys=[Dependency.depender_id])
 
@@ -417,21 +425,46 @@ class Package(db.Model):
 		for e in PackagePropertyKey:
 			setattr(self, e.name, getattr(package, e.name))
 
-	def getAsDictionaryShort(self, base_url, protonum=None):
+	def getState(self):
+		if self.approved:
+			return "approved"
+		elif self.review_thread_id:
+			return "thread"
+		elif (self.type == PackageType.GAME or \
+					self.type == PackageType.TXP) and \
+				self.screenshots.count() == 0:
+			return "wip"
+		elif not self.getDownloadRelease():
+			return "wip"
+		elif "Other" in self.license.name or "Other" in self.media_license.name:
+			return "license"
+		else:
+			return "ready"
+
+	def getAsDictionaryKey(self):
+		return {
+			"name": self.name,
+			"author": self.author.display_name,
+			"type": self.type.toName(),
+		}
+
+	def getAsDictionaryShort(self, base_url, version=None, protonum=None):
 		tnurl = self.getThumbnailURL(1)
+		release = self.getDownloadRelease(version=version, protonum=protonum)
 		return {
 			"name": self.name,
 			"title": self.title,
 			"author": self.author.display_name,
 			"short_description": self.short_desc,
 			"type": self.type.toName(),
-			"release": self.getDownloadRelease(protonum).id if self.getDownloadRelease(protonum) is not None else None,
+			"release": release and release.id,
 			"thumbnail": (base_url + tnurl) if tnurl is not None else None,
 			"score": round(self.score * 10) / 10
 		}
 
-	def getAsDictionary(self, base_url, protonum=None):
+	def getAsDictionary(self, base_url, version=None, protonum=None):
 		tnurl = self.getThumbnailURL(1)
+		release = self.getDownloadRelease(version=version, protonum=protonum)
 		return {
 			"author": self.author.display_name,
 			"name": self.name,
@@ -454,7 +487,7 @@ class Package(db.Model):
 			"screenshots": [base_url + ss.url for ss in self.screenshots],
 
 			"url": base_url + self.getDownloadURL(),
-			"release": self.getDownloadRelease(protonum).id if self.getDownloadRelease(protonum) is not None else None,
+			"release": release and release.id,
 
 			"score": round(self.score * 10) / 10
 		}
@@ -503,9 +536,8 @@ class Package(db.Model):
 		return url_for("package_download_page",
 				author=self.author.username, name=self.name)
 
-	def getDownloadRelease(self, protonum=None):
-		version = None
-		if protonum is not None:
+	def getDownloadRelease(self, version=None, protonum=None):
+		if version is None and protonum is not None:
 			version = MinetestRelease.query.filter(MinetestRelease.protocol >= int(protonum)).first()
 			if version is not None:
 				version = version.id
@@ -514,7 +546,7 @@ class Package(db.Model):
 
 
 		for rel in self.releases:
-			if rel.approved and (protonum is None or
+			if rel.approved and (version is None or
 					((rel.min_rel is None or rel.min_rel_id <= version) and \
 					(rel.max_rel is None or rel.max_rel_id >= version))):
 				return rel
@@ -551,6 +583,10 @@ class Package(db.Model):
 			else:
 				return user.rank.atLeast(UserRank.EDITOR)
 
+		# Anyone can change the package name when not approved, but only editors when approved
+		elif perm == Permission.CHANGE_NAME:
+			return not self.approved or user.rank.atLeast(UserRank.EDITOR)
+
 		# Editors can change authors and approve new packages
 		elif perm == Permission.APPROVE_NEW or perm == Permission.CHANGE_AUTHOR:
 			return user.rank.atLeast(UserRank.EDITOR)
@@ -695,6 +731,16 @@ class PackageRelease(db.Model):
 	def __init__(self):
 		self.releaseDate = datetime.datetime.now()
 
+	def approve(self, user):
+		if self.package.approved and \
+				not self.package.checkPerm(user, Permission.APPROVE_RELEASE):
+			return False
+
+		assert(self.task_id is None and self.url is not None and self.url != "")
+
+		self.approved = True
+		return True
+
 
 class PackageReview(db.Model):
 	id         = db.Column(db.Integer, primary_key=True)

app/querybuilder.py

@@ -1,5 +1,5 @@
 from .models import db, PackageType, Package, ForumTopic, License, MinetestRelease, PackageRelease
-from .utils import isNo
+from .utils import isNo, isYes
 from sqlalchemy.sql.expression import func
 from flask import abort
 from sqlalchemy import or_
@@ -28,13 +28,33 @@ class QueryBuilder:
 		self.lucky  = self.random or "lucky" in args
 		self.hide_nonfree = "nonfree" in hide_flags
 		self.limit  = 1 if self.lucky else None
-		self.order_by  = args.get("sort") or "score"
+		self.order_by  = args.get("sort")
 		self.order_dir = args.get("order") or "desc"
 		self.protocol_version = args.get("protocol_version")
 
+		self.show_discarded = isYes(args.get("show_discarded"))
+		self.show_added = args.get("show_added")
+		if self.show_added is not None:
+			self.show_added = isYes(self.show_added)
+
 		if self.search is not None and self.search.strip() == "":
 			self.search = None
 
+	def setSortIfNone(self, name):
+		if self.order_by is None:
+			self.order_by = name
+
+	def getMinetestVersion(self):
+		if not self.protocol_version:
+			return None
+
+		self.protocol_version = int(self.protocol_version)
+		version = MinetestRelease.query.filter(MinetestRelease.protocol>=self.protocol_version).first()
+		if version is not None:
+			return version.id
+		else:
+			return 10000000
+
 	def buildPackageQuery(self):
 		query = Package.query.filter_by(soft_deleted=False, approved=True)
 
@@ -48,7 +68,7 @@ class QueryBuilder:
 			query = query.order_by(func.random())
 		else:
 			to_order = None
-			if self.order_by == "score":
+			if self.order_by is None or self.order_by == "score":
 				to_order = Package.score
 			elif self.order_by == "created_at":
 				to_order = Package.created_at
@@ -69,14 +89,9 @@ class QueryBuilder:
 			query = query.filter(Package.media_license.has(License.is_foss == True))
 
 		if self.protocol_version:
-			self.protocol_version = int(self.protocol_version)
-			version = MinetestRelease.query.filter(MinetestRelease.protocol>=self.protocol_version).first()
-			if version is not None:
-				version = version.id
-			else:
-				version = 10000000
-
+			version = self.getMinetestVersion()
 			query = query.join(Package.releases) \
+				.filter(PackageRelease.approved==True) \
 				.filter(or_(PackageRelease.min_rel_id==None, PackageRelease.min_rel_id<=version)) \
 				.filter(or_(PackageRelease.max_rel_id==None, PackageRelease.max_rel_id>=version))
 
@@ -85,18 +100,31 @@ class QueryBuilder:
 
 		return query
 
-	def buildTopicQuery(self):
-		topics = ForumTopic.query \
-				.filter(~ db.exists().where(Package.forums==ForumTopic.topic_id)) \
-				.order_by(db.asc(ForumTopic.wip), db.asc(ForumTopic.name), db.asc(ForumTopic.title))
+	def buildTopicQuery(self, show_added=False):
+		query = ForumTopic.query
+
+		if not self.show_discarded:
+			query = query.filter_by(discarded=False)
+
+		show_added = self.show_added == True or (self.show_added is None and show_added)
+		if not show_added:
+			query = query.filter(~ db.exists().where(Package.forums==ForumTopic.topic_id))
+
+		if self.order_by is None or self.order_by == "name":
+			query = query.order_by(db.asc(ForumTopic.wip), db.asc(ForumTopic.name), db.asc(ForumTopic.title))
+		elif self.order_by == "views":
+			query = query.order_by(db.desc(ForumTopic.views))
+		elif self.order_by == "date":
+			query = query.order_by(db.asc(ForumTopic.created_at))
+			sort_by = "date"
 
 		if self.search:
-			topics = topics.filter(ForumTopic.title.ilike('%' + self.search + '%'))
+			query = query.filter(ForumTopic.title.ilike('%' + self.search + '%'))
 
 		if len(self.types) > 0:
-			topics = topics.filter(ForumTopic.type.in_(self.types))
+			query = query.filter(ForumTopic.type.in_(self.types))
 
 		if self.limit:
-			topics = topics.limit(self.limit)
+			query = query.limit(self.limit)
 
-		return topics
+		return query

app/tasks/forumtasks.py

@@ -99,11 +99,19 @@ def parseTitle(title):
 def getLinksFromModSearch():
 	links = {}
 
-	contents = urllib.request.urlopen("https://krock-works.uk.to/minetest/modList.php").read().decode("utf-8")
-	for x in json.loads(contents):
-		link = x.get("link")
-		if link is not None:
-			links[int(x["topicId"])] = link
+	try:
+		contents = urllib.request.urlopen("https://krock-works.uk.to/minetest/modList.php").read().decode("utf-8")
+		for x in json.loads(contents):
+			try:
+				link = x.get("link")
+				if link is not None:
+					links[int(x["topicId"])] = link
+			except ValueError:
+				pass
+
+	except urllib.error.URLError:
+		print("Unable to open krocks mod search!")
+		return links
 
 	return links
 

app/tasks/importtasks.py

@@ -29,6 +29,10 @@ from app.utils import randomString
 
 class GithubURLMaker:
 	def __init__(self, url):
+		self.baseUrl = None
+		self.user = None
+		self.repo = None
+
 		# Rewrite path
 		import re
 		m = re.search("^\/([^\/]+)\/([^\/]+)\/?$", url.path)
@@ -51,6 +55,9 @@ class GithubURLMaker:
 	def getScreenshotURL(self):
 		return self.baseUrl + "/screenshot.png"
 
+	def getModConfURL(self):
+		return self.baseUrl + "/mod.conf"
+
 	def getCommitsURL(self, branch):
 		return "https://api.github.com/repos/{}/{}/commits?sha={}" \
 				.format(self.user, self.repo, urllib.parse.quote_plus(branch))
@@ -292,15 +299,17 @@ def cloneRepo(urlstr, ref=None, recursive=False):
 		gitUrl = generateGitURL(urlstr)
 		print("Cloning from " + gitUrl)
 		repo = git.Repo.clone_from(gitUrl, gitDir, \
-				progress=None, env=None, depth=1, recursive=recursive, kill_after_timeout=15)
+				progress=None, env=None, depth=1, recursive=recursive, kill_after_timeout=15, b=ref)
 
-		if ref is not None:
-			repo.create_head("myhead", ref).checkout()
 		return gitDir, repo
+
 	except GitCommandError as e:
 		# This is needed to stop the backtrace being weird
 		err = e.stderr
 
+	except gitdb.exc.BadName as e:
+		err = "Unable to find the reference " + (ref or "?") + "\n" + e.stderr
+
 	raise TaskError(err.replace("stderr: ", "") \
 			.replace("Cloning into '" + gitDir + "'...", "") \
 			.strip())
@@ -339,8 +348,11 @@ def makeVCSReleaseFromGithub(id, branch, release, url):
 		raise TaskError("Invalid github repo URL")
 
 	commitsURL = urlmaker.getCommitsURL(branch)
-	contents = urllib.request.urlopen(commitsURL).read().decode("utf-8")
-	commits = json.loads(contents)
+	try:
+		contents = urllib.request.urlopen(commitsURL).read().decode("utf-8")
+		commits = json.loads(contents)
+	except HTTPError:
+		raise TaskError("Unable to get commits for Github repository. Either the repository or reference doesn't exist.")
 
 	if len(commits) == 0 or not "sha" in commits[0]:
 		raise TaskError("No commits found")
@@ -348,7 +360,7 @@ def makeVCSReleaseFromGithub(id, branch, release, url):
 	release.url          = urlmaker.getCommitDownload(commits[0]["sha"])
 	release.task_id     = None
 	release.commit_hash = commits[0]["sha"]
-	print(release.url)
+	release.approve(release.package.author)
 	db.session.commit()
 
 	return release.url
@@ -379,6 +391,7 @@ def makeVCSRelease(id, branch):
 			release.url         = "/uploads/" + filename
 			release.task_id     = None
 			release.commit_hash = repo.head.object.hexsha
+			release.approve(release.package.author)
 			print(release.url)
 			db.session.commit()
 

app/templates/base.html

@@ -7,8 +7,11 @@
 	<meta name="viewport" content="width=device-width, initial-scale=1">
 	<title>{% block title %}title{% endblock %} - {{ config.USER_APP_NAME }}</title>
 	<link rel="stylesheet" type="text/css" href="/static/bootstrap.css">
-	<link rel="stylesheet" type="text/css" href="/static/custom.css?v=6">
+	<link rel="stylesheet" type="text/css" href="/static/custom.css?v=7">
 	<link rel="search" type="application/opensearchdescription+xml" href="/static/opensearch.xml" title="ContentDB" />
+	<link rel="shortcut icon" href="/favicon-16.png" sizes="16x16">
+	<link rel="icon" href="/favicon-128.png" sizes="128x128">
+	<link rel="icon" href="/favicon-32.png" sizes="32x32">
 	{% block headextra %}{% endblock %}
 </head>
 
@@ -76,24 +79,24 @@
 									<a class="nav-link" href="{{ url_for('user_profile_page', username=current_user.username) }}#unadded-topics">Your unadded topics</a>
 								</li>
 								{% if current_user.canAccessTodoList() %}
-									<li class="nav-item"><a class="nav-link" href="{{ url_for('todo_page') }}">Work Queue</a></li>
-									<li class="nav-item"><a  class="nav-link" href="{{ url_for('user_list_page') }}">User list</a></li>
+									<li class="nav-item"><a class="nav-link" href="{{ url_for('todo_page') }}">{{ _("Work Queue") }}</a></li>
+									<li class="nav-item"><a  class="nav-link" href="{{ url_for('user_list_page') }}">{{ _("User list") }}</a></li>
 								{% endif %}
 								<li class="nav-item">
-									<a class="nav-link" href="{{ url_for('todo_topics_page') }}">All unadded topics</a>
+									<a class="nav-link" href="{{ url_for('todo_topics_page') }}">{{ _("All unadded topics") }}</a>
 								</li>
 								{% if current_user.rank == current_user.rank.ADMIN %}
-									<li class="nav-item"><a class="nav-link" href="{{ url_for('admin_page') }}">Admin</a></li>
+									<li class="nav-item"><a class="nav-link" href="{{ url_for('admin_page') }}">{{ _("Admin") }}</a></li>
 								{% endif %}
 								{% if current_user.rank == current_user.rank.MODERATOR %}
-									<li class="nav-item"><a class="nav-link" href="{{ url_for('tag_list_page') }}">Tag Editor</a></li>
-									<li class="nav-item"><a class="nav-link" href="{{ url_for('license_list_page') }}">License Editor</a></li>
+									<li class="nav-item"><a class="nav-link" href="{{ url_for('tag_list_page') }}">{{ _("Tag Editor") }}</a></li>
+									<li class="nav-item"><a class="nav-link" href="{{ url_for('license_list_page') }}">{{ _("License Editor") }}</a></li>
 								{% endif %}
-								<li class="nav-item"><a class="nav-link" href="{{ url_for('user.logout') }}">Sign out</a></li>
+								<li class="nav-item"><a class="nav-link" href="{{ url_for('user.logout') }}">{{ _("Sign out") }}</a></li>
 							</ul>
 						</li>
 					{% else %}
-						<li><a class="nav-link" href="{{ url_for('user.login') }}">Sign in</a></li>
+						<li><a class="nav-link" href="{{ url_for('user.login') }}">{{ _("Sign in") }}</a></li>
 					{% endif %}
 				</ul>
 			</div>
@@ -126,10 +129,12 @@
 	{% endblock %}
 
 	<footer class="container footer-copyright my-5 page-footer font-small text-center">
-		ContentDB &copy; 2018 to <a href="https://rubenwardy.com/">rubenwardy</a> |
+		ContentDB &copy; 2018-9 to <a href="https://rubenwardy.com/">rubenwardy</a> |
 		<a href="https://github.com/minetest/contentdb">GitHub</a> |
-		<a href="{{ url_for('flatpage', path='help') }}">Help</a> |
-		<a href="{{ url_for('flatpage', path='help/reporting') }}">Report / DMCA</a>
+		<a href="{{ url_for('flatpage', path='help') }}">{{ _("Help") }}</a> |
+		<a href="{{ url_for('flatpage', path='policy_and_guidance') }}">{{ _("Policy and Guidance") }}</a> |
+		<a href="{{ url_for('flatpage', path='help/reporting') }}">{{ _("Report / DMCA") }}</a> |
+		<a href="{{ url_for('user_list_page') }}">{{ _("User List") }}</a>
 	</footer>
 
 	<script src="/static/jquery.min.js"></script>

app/templates/index.html

@@ -1,7 +1,7 @@
 {% extends "base.html" %}
 
 {% block title %}
-Welcome
+{{ _("Welcome") }}
 {% endblock %}
 
 {% block scriptextra %}
@@ -38,35 +38,35 @@ Welcome
 
 
 	<a href="{{ url_for('packages_page', sort='created_at', order='desc') }}" class="btn btn-secondary float-right">
-		See more
+		{{ _("See more") }}
 	</a>
-	<h2 class="my-3">Recently Added</h2>
+	<h2 class="my-3">{{ _("Recently Added") }}</h2>
 	{{ render_pkggrid(new) }}
 
 
 	<a href="{{ url_for('packages_page', type='mod', sort='score', order='desc') }}" class="btn btn-secondary float-right">
-		See more
+		{{ _("See more") }}
 	</a>
-	<h2 class="my-3">Top Mods</h2>
+	<h2 class="my-3">{{ _("Top Mods") }}</h2>
 	{{ render_pkggrid(pop_mod) }}
 
 
 	<a href="{{ url_for('packages_page', type='game', sort='score', order='desc') }}" class="btn btn-secondary float-right">
-		See more
+		{{ _("See more") }}
 	</a>
-	<h2 class="my-3">Top Games</h2>
+	<h2 class="my-3">{{ _("Top Games") }}</h2>
 	{{ render_pkggrid(pop_gam) }}
 
 
 	<a href="{{ url_for('packages_page', type='txp', sort='score', order='desc') }}" class="btn btn-secondary float-right">
-		See more
+		{{ _("See more") }}
 	</a>
-	<h2 class="my-3">Top Texture Packs</h2>
+	<h2 class="my-3">{{ _("Top Texture Packs") }}</h2>
 	{{ render_pkggrid(pop_txp) }}
 
 	<div class="text-center">
 		<small>
-			CDB has {{ count }} packages, with a total of {{ downloads }} downloads.
+			{{ _("CDB has %(count)d packages, with a total of %(downloads)d downloads.", count=count, downloads=downloads) }}
 		</small>
 	</div>
 <!-- </main> -->

app/templates/packages/create_edit.html

@@ -20,19 +20,19 @@
 {% endblock %}
 
 {% block content %}
-	<h1>Create Package</h1>
+	<h1>{{ _("Create Package") }}</h1>
 
 	<div class="alert alert-info">
-		<a class="float-right btn btn-sm btn-default" href="{{ url_for('flatpage', path='policy_and_guidance') }}">View</a>
+		<a class="float-right btn btn-sm btn-default" href="{{ url_for('flatpage', path='policy_and_guidance') }}">{{ _("View") }}</a>
 
-		Have you read the Package Inclusion Policy and Guidance yet?
+		{{ _("Have you read the Package Inclusion Policy and Guidance yet?") }}
 	</div>
 
 	<noscript>
 		<div class="alert alert-warning">
-			Javascript is needed to improve the user interface, and is needed for features
-			such as finding metadata from git, and autocompletion.<br />
-			Whilst disabled Javascript may work, it is not officially supported.
+			{{ _("Javascript is needed to improve the user interface, and is needed for features
+			such as finding metadata from git, and autocompletion.") }}<br />
+			{{ _("Whilst disabled Javascript may work, it is not officially supported.") }}
 		</div>
 	</noscript>
 
@@ -42,12 +42,16 @@
 		{{ form.hidden_tag() }}
 
 		<fieldset>
-			<legend>Package</legend>
+			<legend>{{ _("Package") }}</legend>
 
 			<div class="row">
 			{{ render_field(form.type, class_="pkg_meta col-sm-2") }}
 			{{ render_field(form.title, class_="pkg_meta col-sm-7") }}
-			{{ render_field(form.name, class_="pkg_meta col-sm-3") }}
+			{% if package and package.approved and not package.checkPerm(current_user, "CHANGE_NAME") %}
+				{{ render_field(form.name, class_="pkg_meta col-sm-3", readonly=True) }}
+			{% else %}
+				{{ render_field(form.name, class_="pkg_meta col-sm-3") }}
+			{% endif %}
 			</div>
 			{{ render_field(form.short_desc, class_="pkg_meta") }}
 			{{ render_multiselect_field(form.tags, class_="pkg_meta") }}
@@ -55,11 +59,15 @@
 				{{ render_field(form.license, class_="not_txp col-sm-6") }}
 				{{ render_field(form.media_license, class_="col-sm-6") }}
 			</div>
+			<div class="pkg_meta row">
+				<div class="not_txp col-sm-6"></div>
+				<div class="not_txp col-sm-6">{{ _("If there is no media, set the Media License to the same as the License.") }}</div>
+			</div>
 			{{ render_field(form.desc, class_="pkg_meta", fieldclass="form-control markdown") }}
 		</fieldset>
 
 		<fieldset class="pkg_meta">
-			<legend class="not_txp">Dependencies</legend>
+			<legend class="not_txp">{{ _("Dependencies") }}</legend>
 
 			{{ render_mpackage_field(form.provides_str, class_="not_txp", placeholder="Comma separated list") }}
 			{{ render_deps_field(form.harddep_str, class_="not_txp not_game", placeholder="Comma separated list") }}
@@ -67,30 +75,29 @@
 		</fieldset>
 
 		<fieldset>
-			<legend class="pkg_meta">Repository and Links</legend>
+			<legend class="pkg_meta">{{ _("Repository and Links") }}</legend>
 
 			<div class="pkg_wiz_1">
-				<p>Enter the repo URL for the package.
-				If the repo uses git then the metadata will be automatically imported.</p>
+				<p>{{ _("Enter the repo URL for the package.
+				If the repo uses git then the metadata will be automatically imported.") }}</p>
 
-				<p>Leave blank if you don't have a repo. Click skip if the import fails.</p>
+				<p>{{ _("Leave blank if you don't have a repo. Click skip if the import fails.") }}</p>
 			</div>
 
 			{{ render_field(form.repo, class_="pkg_repo") }}
 
-
 			<div class="pkg_wiz_1">
-				<a id="pkg_wiz_1_next" class="btn btn-primary">Next (Autoimport)</a>
-				<a id="pkg_wiz_1_skip" class="btn btn-default">Skip Autoimport</a>
+				<a id="pkg_wiz_1_next" class="btn btn-primary">{{ _("Next (Autoimport)") }}</a>
+				<a id="pkg_wiz_1_skip" class="btn btn-default">{{ _("Skip Autoimport") }}</a>
 			</div>
 
 			<div class="pkg_wiz_2">
-				Importing... (This may take a while)
+					{{ _("Importing... (This may take a while)") }}
 			</div>
 
 			{{ render_field(form.website, class_="pkg_meta") }}
 			{{ render_field(form.issueTracker, class_="pkg_meta") }}
-			{{ render_field(form.forums, class_="pkg_meta", placeholder="Tip: paste in a forum topic URL") }}
+			{{ render_field(form.forums, class_="pkg_meta", placeholder=_("Tip: paste in a forum topic URL")) }}
 		</fieldset>
 
 		<div class="pkg_meta">{{ render_submit_field(form.submit) }}</div>

app/templates/packages/release_new.html

@@ -17,7 +17,7 @@
 			{{ render_field(form.vcsLabel, class_="mt-3") }}
 		{% endif %}
 
-		{{ render_field(form.fileUpload, fieldclass="form-control-file", class_="mt-3") }}
+		{{ render_field(form.fileUpload, fieldclass="form-control-file", class_="mt-3", accept=".zip") }}
 
 		<div class="row">
 			{{ render_field(form.min_rel, class_="col-sm-6") }}

app/templates/packages/screenshot_new.html

@@ -10,7 +10,7 @@
 		{{ form.hidden_tag() }}
 
 		{{ render_field(form.title) }}
-		{{ render_field(form.fileUpload, fieldclass="form-control-file") }}
+		{{ render_field(form.fileUpload, fieldclass="form-control-file", accept="image/png,image/jpeg") }}
 		{{ render_submit_field(form.submit) }}
 	</form>
 {% endblock %}

app/templates/packages/view.html

@@ -217,6 +217,13 @@
 				</table>
 			</div>
 
+			{% if package.author.donate_url %}
+				<div class="alert alert-secondary">
+					Like {{ package.author.display_name }}'s work?
+					<a href="{{ package.author.donate_url }}" rel="nofollow">Donate now!</a>
+				</div>
+			{% endif %}
+
 			{% if package.type == package.type.MOD %}
 				<div class="card my-4">
 					<div class="card-header">Dependencies</div>

app/templates/threads/new.html

@@ -6,13 +6,11 @@
 
 {% block content %}
 
-{% if package and current_user != package.author and not current_user.rank.atLeast(current_user.rank.EDITOR) %}
-	{% if package.issueTracker %}
-		<div class="alert alert-warning">
-		Found a bug? Post on the <a href="{{ package.issue_tracker }}">issue tracker</a> instead.<br />
+{% if package and current_user != package.author and not current_user.rank.atLeast(current_user.rank.EDITOR) and package.issueTracker %}
+	<div class="alert alert-warning">
+		Found a bug? Post on the <a href="{{ package.issueTracker }}">issue tracker</a> instead.<br />
 		If the package shouldn't be on CDB - for example, if it doesn't work at all - then please let us know here.
-		</div>
-	{% endif %}
+	</div>
 {% endif %}
 
 {% from "macros/forms.html" import render_field, render_submit_field, render_checkbox_field %}

app/templates/todo/list.html

@@ -5,53 +5,89 @@
 {% endblock %}
 
 {% block content %}
-	<h2>Awaiting Approval</h2>
+	<h2 class="mb-4">Approval Queue</h2>
 
-	{% if canApproveNew and packages %}
-		<h3>Packages</h3>
-		<ul>
-			{% for p in packages %}
-				<li><a href="{{ p.getDetailsURL() }}">
-					{{ p.title }} by {{ p.author.display_name }}
-				</a></li>
-			{% else %}
-				<li><i>No packages need reviewing.</i></ul>
-			{% endfor %}
-		</ul>
-	{% endif %}
+	<div class="row">
+		{% if canApproveNew and packages %}
+		<div class="col-sm-6">
+			<div class="card">
+				<h3 class="card-header">Packages</h3>
+				<div class="list-group list-group-flush">
+					{% for p in packages %}
+						<a href="{{ p.getDetailsURL() }}" class="list-group-item list-group-item-action">
+							{% if p.getState() == "thread" %}
+								<span class="mr-2 badge badge-danger">Thread</span>
+							{% elif p.getState() == "ready" %}
+								<span class="mr-2 badge badge-success">Ready</span>
+							{% elif p.getState() == "wip" %}
+								<span class="mr-2 badge badge-warning">WIP</span>
+							{% elif p.getState() == "license" %}
+								<span class="mr-2 badge badge-info">WIP</span>
+							{% endif %}
+
+							{{ p.title }} by {{ p.author.display_name }}
+						</a>
+					{% else %}
+						<li class="list-group-item"><i>No packages need reviewing.</i></li>
+					{% endfor %}
+				</div>
+			</div>
+		</div>
+		{% endif %}
+
+		{% if canApproveRel and releases %}
+		<div class="col-sm-6">
+			<div class="card">
+				<h3 class="card-header">Releases</h3>
+				<ul class="list-group list-group-flush">
+					{% for r in releases %}
+						<li class="list-group-item">
+							<a href="{{ r.getEditURL() }}">{{ r.title }}</a>
+							on
+							<a href="{{ r.package.getDetailsURL() }}">
+								{{ r.package.title }} by {{ r.package.author.display_name }}
+							</a>
+						</li>
+					{% else %}
+						<li class="list-group-item"><i>No releases need reviewing.</i></li>
+					{% endfor %}
+				</ul>
+			</div>
+		</div>
+		{% endif %}
+	</div>
 
 	{% if canApproveScn and screenshots %}
-		<h3>Screenshots</h3>
-		<ul>
-			{% for s in screenshots %}
-				<li>
-					<a href="{{ s.getEditURL() }}">{{ s.title }}</a>
-					on
-					<a href="{{ s.package.getDetailsURL() }}">
-						{{ s.package.title }} by {{ s.package.author.display_name }}
-					</a>
-				</li>
-			{% else %}
-				<li><i>No screenshots need reviewing.</i></ul>
-			{% endfor %}
-		</ul>
-	{% endif %}
-
-	{% if canApproveRel and releases %}
-		<h3>Releases</h3>
-		<ul>
-			{% for r in releases %}
-				<li>
-					<a href="{{ r.getEditURL() }}">{{ r.title }}</a>
-					on
-					<a href="{{ r.package.getDetailsURL() }}">
-						{{ r.package.title }} by {{ r.package.author.display_name }}
-					</a>
-				</li>
-			{% else %}
-				<li><i>No releases need reviewing.</i></ul>
-			{% endfor %}
-		</ul>
+		<div class="card my-4">
+			<h3 class="card-header">Screenshots
+				<form class="float-right"  method="post" action="{{ url_for('todo_page') }}">
+					<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
+					<input type="hidden" name="action" value="screenshots_approve_all" />
+					<input class="btn btn-sm btn-primary" type="submit" value="Approve All" />
+				</form>
+			</h3>
+			<ul class="card-body d-flex p-0 flex-row flex-wrap justify-content-start align-content-start p-4">
+				{% for s in screenshots %}
+					<li class="packagetile flex-fill"><a href="{{ s.getEditURL() }}"
+						style="background-image: url({{ s.getThumbnailURL(3) or '/static/placeholder.png' }});">
+						<div class="packagegridscrub"></div>
+						<div class="packagegridinfo">
+							<h3>
+								{{ s.title }}
+								<br />
+								<small>{{ s.package.title }} by {{ s.package.author.display_name }}</small>
+							</h3>
+							<p></p>
+						</div>
+					</a></li>
+				{% else %}
+					<li><i>No screenshots need reviewing.</i></li>
+				{% endfor %}
+				{% for i in range(4) %}
+					<li class="packagetile flex-fill"></li>
+				{% endfor %}
+			</ul>
+		</div>
 	{% endif %}
 
 	{% if not (packages or screenshots or releases) %}
@@ -60,11 +96,19 @@
 		</p>
 	{% endif %}
 
-	<h2>Unadded Topic List</h2>
+	<h2 class="mt-4">Unadded Topic List</h2>
 
 	<p>
-		There are
-		<a href="{{ url_for('todo_topics_page') }}">{{ topics_to_add }} packages</a>
-		to be added to cdb, based on cdb's forum parser.
+		{{ total_topics - topics_to_add }} / {{ total_topics }} packages have been been added to cdb,
+		based on cdb's forum parser. {{ topics_to_add }} remaining.
 	</p>
+
+	<div class="progress my-4">
+		{% set perc = 32 %}
+		<div class="progress-bar bg-success" role="progressbar"
+			style="width: {{ perc }}%" aria-valuenow="{{ perc }}" aria-valuemin="0" aria-valuemax="100"></div>
+	</div>
+
+	<a class="btn btn-primary" href="{{ url_for('todo_topics_page') }}">View Unadded Topic List</a>
+
 {% endblock %}

app/templates/users/list.html

@@ -11,8 +11,10 @@
 			<a href="{{ url_for('user_profile_page', username=user.username) }}">
 				{{ user.display_name }}
 			</a> -
-			{{ user.rank.getTitle() }} -
-			{{ user.packages.count() }} packages.
+			{{ user.rank.getTitle() }}
+			{% if current_user.is_authenticated %}
+				- {{ user.packages.count() }} packages.
+			{% endif %}
 	{% endfor %}
 </ul>
 {% endblock %}

app/templates/users/user_profile_page.html

@@ -7,7 +7,7 @@
 {% block content %}
 
 {% if not current_user.is_authenticated and user.rank == user.rank.NOT_JOINED and user.forums_username %}
-<div class="alert alert-info alert alert-info">
+<div class="alert alert-info">
 	<a class="float-right btn btn-default btn-sm"
 		href="{{ url_for('user_claim_page', username=user.forums_username) }}">Claim</a>
 
@@ -40,7 +40,7 @@
 							</td>
 						</tr>
 						<tr>
-							<td>Accounts:</td>
+							<td>Links:</td>
 							<td>
 								{% if user.forums_username %}
 									<a href="https://forum.minetest.net/memberlist.php?mode=viewprofile&un={{ user.forums_username }}">
@@ -50,7 +50,7 @@
 									No forum account
 								{% endif %}
 
-								{% if (user.forums_username and user.github_username) or user == current_user %}
+								{% if user.github_username or user == current_user %}
 									|
 								{% endif %}
 
@@ -60,8 +60,16 @@
 									<a href="{{ url_for('github_signin_page') }}">Link Github</a>
 								{% endif %}
 
+								{% if user.website_url %}
+									| <a href="{{ user.website_url }}" rel="nofollow">Website</a>
+								{% endif %}
+
 								{% if user == current_user %}
-									&#x1f30e;
+									<br>
+									<small class="text-muted">
+										<span style="padding-right: 5px;">&#x1f30e;</span>
+										Visible to everyone
+									</small>
 								{% endif %}
 							</td>
 						</tr>
@@ -136,6 +144,8 @@
 
 					{% if user.checkPerm(current_user, "CHANGE_DNAME") %}
 						{{ render_field(form.display_name, tabindex=230) }}
+						{{ render_field(form.website_url, tabindex=232) }}
+						{{ render_field(form.donate_url, tabindex=233) }}
 					{% endif %}
 
 					{% if user.checkPerm(current_user, "CHANGE_EMAIL") %}
@@ -158,6 +168,13 @@
 {% from "macros/packagegridtile.html" import render_pkggrid %}
 {{ render_pkggrid(packages, show_author=False) }}
 
+{% if user.donate_url %}
+	<div class="alert alert-secondary">
+		Like {{ user.display_name }}'s work?
+		<a href="{{ user.donate_url }}" rel="nofollow">Donate now!</a>
+	</div>
+{% endif %}
+
 {% if current_user == user or (current_user.is_authenticated and current_user.rank.atLeast(current_user.rank.EDITOR)) %}
 	<div class="card mt-3">
 		<a name="unadded-topics"></a>

app/utils.py

@@ -20,7 +20,7 @@ from flask_user import *
 from flask_login import login_user, logout_user
 from app.models import *
 from app import app
-import random, string, os
+import random, string, os, imghdr
 
 def getExtension(filename):
 	return filename.rsplit(".", 1)[1].lower() if "." in filename else None
@@ -28,6 +28,10 @@ def getExtension(filename):
 def isFilenameAllowed(filename, exts):
 	return getExtension(filename) in exts
 
+ALLOWED_IMAGES = set(["jpeg", "png"])
+def isAllowedImage(data):
+	return imghdr.what(None, data) in ALLOWED_IMAGES
+
 def shouldReturnJson():
 	return "application/json" in request.accept_mimetypes and \
 			not "text/html" in request.accept_mimetypes
@@ -36,16 +40,32 @@ def randomString(n):
 	return ''.join(random.choice(string.ascii_lowercase + \
 			string.ascii_uppercase + string.digits) for _ in range(n))
 
-def doFileUpload(file, allowedExtensions, fileTypeName):
+def doFileUpload(file, fileType, fileTypeDesc):
 	if not file or file is None or file.filename == "":
 		flash("No selected file", "error")
 		return None
 
+	allowedExtensions = []
+	isImage = False
+	if fileType == "image":
+		allowedExtensions = ["jpg", "jpeg", "png"]
+		isImage = True
+	elif fileType == "zip":
+		allowedExtensions = ["zip"]
+	else:
+		raise Exception("Invalid fileType")
+
 	ext = getExtension(file.filename)
 	if ext is None or not ext in allowedExtensions:
-		flash("Please upload load " + fileTypeName, "error")
+		flash("Please upload load " + fileTypeDesc, "danger")
 		return None
 
+	if isImage and not isAllowedImage(file.stream.read()):
+		flash("Uploaded image isn't actually an image", "danger")
+		return None
+
+	file.stream.seek(0)
+
 	filename = randomString(10) + "." + ext
 	file.save(os.path.join("app/public/uploads", filename))
 	return "/uploads/" + filename

app/views/admin/todo.py

@@ -20,8 +20,9 @@ from flask_user import *
 import flask_menu as menu
 from app import app
 from app.models import *
+from app.querybuilder import QueryBuilder
 
-@app.route("/todo/")
+@app.route("/todo/", methods=["GET", "POST"])
 @login_required
 def todo_page():
 	canApproveNew = Permission.APPROVE_NEW.check(current_user)
@@ -40,60 +41,61 @@ def todo_page():
 	if canApproveScn:
 		screenshots = PackageScreenshot.query.filter_by(approved=False).all()
 
+	if not canApproveNew and not canApproveRel and not canApproveScn:
+		abort(403)
 
-	topics_to_add = ForumTopic.query \
+	if request.method == "POST":
+		if request.form["action"] == "screenshots_approve_all":
+			if not canApproveScn:
+				abort(403)
+
+			PackageScreenshot.query.update({ "approved": True })
+			db.session.commit()
+			return redirect(url_for("todo_page"))
+		else:
+			abort(400)
+
+	topic_query = ForumTopic.query \
+			.filter_by(discarded=False)
+
+	total_topics = topic_query.count()
+	topics_to_add = topic_query \
 			.filter(~ db.exists().where(Package.forums==ForumTopic.topic_id)) \
-			.filter_by(discarded=False) \
 			.count()
 
 	return render_template("todo/list.html", title="Reports and Work Queue",
 		packages=packages, releases=releases, screenshots=screenshots,
 		canApproveNew=canApproveNew, canApproveRel=canApproveRel, canApproveScn=canApproveScn,
-		topics_to_add=topics_to_add)
+		topics_to_add=topics_to_add, total_topics=total_topics)
 
 
 @app.route("/todo/topics/")
 @login_required
 def todo_topics_page():
-	query = ForumTopic.query
-
-	show_discarded = request.args.get("show_discarded") == "True"
-	if not show_discarded:
-		query = query.filter_by(discarded=False)
-
-	total = query.count()
-
-	query = query.filter(~ db.exists().where(Package.forums==ForumTopic.topic_id)) \
-
-	sort_by = request.args.get("sort")
-	if sort_by == "name":
-		query = query.order_by(db.asc(ForumTopic.wip), db.asc(ForumTopic.name), db.asc(ForumTopic.title))
-	elif sort_by == "views":
-		query = query.order_by(db.desc(ForumTopic.views))
-	elif sort_by is None or sort_by == "date":
-		query = query.order_by(db.asc(ForumTopic.created_at))
-		sort_by = "date"
+	qb    = QueryBuilder(request.args)
+	qb.setSortIfNone("date")
+	query = qb.buildTopicQuery()
 
+	tmp_q = ForumTopic.query
+	if not qb.show_discarded:
+		tmp_q = tmp_q.filter_by(discarded=False)
+	total = tmp_q.count()
 	topic_count = query.count()
 
-	search = request.args.get("q")
-	if search is not None and search.strip() != "":
-		query = query.filter(ForumTopic.title.ilike('%' + search + '%'))
-
 	page  = int(request.args.get("page") or 1)
 	num   = int(request.args.get("n") or 100)
 	if num > 100 and not current_user.rank.atLeast(UserRank.EDITOR):
 		num = 100
 
 	query = query.paginate(page, num, True)
-	next_url = url_for("todo_topics_page", page=query.next_num, query=search, \
-	 	show_discarded=show_discarded, n=num, sort=sort_by) \
+	next_url = url_for("todo_topics_page", page=query.next_num, query=qb.search, \
+	 	show_discarded=qb.show_discarded, n=num, sort=qb.order_by) \
 			if query.has_next else None
-	prev_url = url_for("todo_topics_page", page=query.prev_num, query=search, \
-	 	show_discarded=show_discarded, n=num, sort=sort_by) \
+	prev_url = url_for("todo_topics_page", page=query.prev_num, query=qb.search, \
+	 	show_discarded=qb.show_discarded, n=num, sort=qb.order_by) \
 			if query.has_prev else None
 
 	return render_template("todo/topics.html", topics=query.items, total=total, \
-			topic_count=topic_count, query=search, show_discarded=show_discarded, \
+			topic_count=topic_count, query=qb.search, show_discarded=qb.show_discarded, \
 			next_url=next_url, prev_url=prev_url, page=page, page_max=query.pages, \
-			n=num, sort_by=sort_by)
+			n=num, sort_by=qb.order_by)

app/views/api.py

@@ -26,23 +26,53 @@ from app.querybuilder import QueryBuilder
 def api_packages_page():
 	qb    = QueryBuilder(request.args)
 	query = qb.buildPackageQuery()
+	ver   = qb.getMinetestVersion()
 
-	pkgs = [package.getAsDictionaryShort(app.config["BASE_URL"], request.args.get("protocol_version")) \
-			for package in query.all() if package.getDownloadRelease() is not None]
+	pkgs = [package.getAsDictionaryShort(app.config["BASE_URL"], version=ver) \
+			for package in query.all()]
 	return jsonify(pkgs)
 
+
 @app.route("/api/packages/<author>/<name>/")
 @is_package_page
 def api_package_page(package):
 	return jsonify(package.getAsDictionary(app.config["BASE_URL"]))
 
 
+@app.route("/api/packages/<author>/<name>/dependencies/")
+@is_package_page
+def api_package_deps_page(package):
+	ret = []
+
+	for dep in package.dependencies:
+		name = None
+		fulfilled_by = None
+
+		if dep.package:
+			name = dep.package.name
+			fulfilled_by = [ dep.package.getAsDictionaryKey() ]
+
+		elif dep.meta_package:
+			name = dep.meta_package.name
+			fulfilled_by = [ pkg.getAsDictionaryKey() for pkg in dep.meta_package.packages]
+
+		else:
+			raise "Malformed dependency"
+
+		ret.append({
+			"name": name,
+			"is_optional": dep.optional,
+			"packages": fulfilled_by
+		})
+
+	return jsonify(ret)
+
+
 @app.route("/api/topics/")
 def api_topics_page():
-	query = ForumTopic.query \
-			.order_by(db.asc(ForumTopic.wip), db.asc(ForumTopic.name), db.asc(ForumTopic.title))
-	pkgs = [t.getAsDictionary() for t in query.all()]
-	return jsonify(pkgs)
+	qb     = QueryBuilder(request.args)
+	query  = qb.buildTopicQuery(show_added=True)
+	return jsonify([t.getAsDictionary() for t in query.all()])
 
 
 @app.route("/api/topic_discard/", methods=["POST"])

app/views/packages/packages.py

@@ -74,9 +74,9 @@ def packages_page():
 
 def getReleases(package):
 	if package.checkPerm(current_user, Permission.MAKE_RELEASE):
-		return package.releases
+		return package.releases.limit(5)
 	else:
-		return [rel for rel in package.releases if rel.approved]
+		return package.releases.filter_by(approved=True).limit(5)
 
 
 @app.route("/packages/<author>/<name>/")
@@ -180,9 +180,9 @@ class PackageForm(FlaskForm):
 	tags          = QuerySelectMultipleField('Tags', query_factory=lambda: Tag.query.order_by(db.asc(Tag.name)), get_pk=lambda a: a.id, get_label=lambda a: a.title)
 	harddep_str   = StringField("Hard Dependencies", [Optional()])
 	softdep_str   = StringField("Soft Dependencies", [Optional()])
-	repo          = StringField("VCS Repository URL", [Optional(), URL()])
-	website       = StringField("Website URL", [Optional(), URL()])
-	issueTracker  = StringField("Issue Tracker URL", [Optional(), URL()])
+	repo          = StringField("VCS Repository URL", [Optional(), URL()], filters = [lambda x: x or None])
+	website       = StringField("Website URL", [Optional(), URL()], filters = [lambda x: x or None])
+	issueTracker  = StringField("Issue Tracker URL", [Optional(), URL()], filters = [lambda x: x or None])
 	forums	      = IntegerField("Forum Topic ID", [Optional(), NumberRange(0,999999)])
 	submit	      = SubmitField("Save")
 
@@ -243,12 +243,21 @@ def create_edit_package_page(author=None, name=None):
 			package = Package()
 			package.author = author
 			wasNew = True
+
+		elif package.approved and package.name != form.name.data and \
+				not package.checkPerm(current_user, Permission.CHANGE_NAME):
+			flash("Unable to change package name", "danger")
+			return redirect(url_for("create_edit_package_page", author=author, name=name))
+
 		else:
 			triggerNotif(package.author, current_user,
 					"{} edited".format(package.title), package.getDetailsURL())
 
 		form.populate_obj(package) # copy to row
 
+		if package.type== PackageType.TXP:
+			package.license = package.media_license
+
 		mpackage_cache = {}
 		package.provides.clear()
 		mpackages = MetaPackage.SpecToList(form.provides_str.data, mpackage_cache)

app/views/packages/releases.py

@@ -54,7 +54,7 @@ class CreatePackageReleaseForm(FlaskForm):
 class EditPackageReleaseForm(FlaskForm):
 	title    = StringField("Title", [InputRequired(), Length(1, 30)])
 	url      = StringField("URL", [URL])
-	task_id  = StringField("Task ID")
+	task_id  = StringField("Task ID", filters = [lambda x: x or None])
 	approved = BooleanField("Is Approved")
 	min_rel  = QuerySelectField("Minimum Minetest Version", [InputRequired()],
 			query_factory=lambda: get_mt_releases(False), get_pk=lambda a: a.id, get_label=lambda a: a.name)
@@ -85,7 +85,6 @@ def create_release_page(package):
 			rel.task_id = uuid()
 			rel.min_rel = form["min_rel"].data.getActual()
 			rel.max_rel = form["max_rel"].data.getActual()
-			rel.approved = package.checkPerm(current_user, Permission.APPROVE_RELEASE)
 			db.session.add(rel)
 			db.session.commit()
 
@@ -97,7 +96,7 @@ def create_release_page(package):
 
 			return redirect(url_for("check_task", id=rel.task_id, r=rel.getEditURL()))
 		else:
-			uploadedPath = doFileUpload(form.fileUpload.data, ["zip"], "a zip file")
+			uploadedPath = doFileUpload(form.fileUpload.data, "zip", "a zip file")
 			if uploadedPath is not None:
 				rel = PackageRelease()
 				rel.package = package
@@ -105,7 +104,7 @@ def create_release_page(package):
 				rel.url = uploadedPath
 				rel.min_rel = form["min_rel"].data.getActual()
 				rel.max_rel = form["max_rel"].data.getActual()
-				rel.approved = package.checkPerm(current_user, Permission.APPROVE_RELEASE)
+				rel.approve(current_user)
 				db.session.add(rel)
 				db.session.commit()
 
@@ -165,7 +164,7 @@ def edit_release_page(package, id):
 		if package.checkPerm(current_user, Permission.CHANGE_RELEASE_URL):
 			release.url = form["url"].data
 			release.task_id = form["task_id"].data
-			if release.task_id.strip() == "":
+			if release.task_id is not None:
 				release.task_id = None
 
 		if canApprove:

app/views/packages/screenshots.py

@@ -49,7 +49,7 @@ def create_screenshot_page(package, id=None):
 	# Initial form class from post data and default data
 	form = CreateScreenshotForm()
 	if request.method == "POST" and form.validate():
-		uploadedPath = doFileUpload(form.fileUpload.data, ["png", "jpg", "jpeg"],
+		uploadedPath = doFileUpload(form.fileUpload.data, "image",
 				"a PNG or JPG image file")
 		if uploadedPath is not None:
 			ss = PackageScreenshot()

app/views/users/users.py

@@ -31,12 +31,14 @@ from app.tasks.phpbbparser import getProfile
 # Define the User profile form
 class UserProfileForm(FlaskForm):
 	display_name = StringField("Display name", [Optional(), Length(2, 20)])
-	email = StringField("Email", [Optional(), Email()])
+	email = StringField("Email", [Optional(), Email()], filters = [lambda x: x or None])
+	website_url = StringField("Website URL", [Optional(), URL()], filters = [lambda x: x or None])
+	donate_url = StringField("Donation URL", [Optional(), URL()], filters = [lambda x: x or None])
 	rank = SelectField("Rank", [Optional()], choices=UserRank.choices(), coerce=UserRank.coerce, default=UserRank.NEW_MEMBER)
 	submit = SubmitField("Save")
 
+
 @app.route("/users/", methods=["GET"])
-@login_required
 def user_list_page():
 	users = User.query.order_by(db.desc(User.rank), db.asc(User.display_name)).all()
 	return render_template("users/list.html", users=users)
@@ -60,6 +62,8 @@ def user_profile_page(username):
 			# Copy form fields to user_profile fields
 			if user.checkPerm(current_user, Permission.CHANGE_DNAME):
 				user.display_name = form["display_name"].data
+				user.website_url  = form["website_url"].data
+				user.donate_url   = form["donate_url"].data
 
 			if user.checkPerm(current_user, Permission.CHANGE_RANK):
 				newRank = form["rank"].data
@@ -74,7 +78,7 @@ def user_profile_page(username):
 					token = randomString(32)
 
 					ver = UserEmailVerification()
-					ver.user = user
+					ver.user  = user
 					ver.token = token
 					ver.email = newEmail
 					db.session.add(ver)
@@ -158,8 +162,8 @@ def send_email_page(username):
 
 class SetPasswordForm(FlaskForm):
 	email = StringField("Email", [Optional(), Email()])
-	password = PasswordField("New password", [InputRequired(), Length(2, 20)])
-	password2 = PasswordField("Verify password", [InputRequired(), Length(2, 20)])
+	password = PasswordField("New password", [InputRequired(), Length(2, 100)])
+	password2 = PasswordField("Verify password", [InputRequired(), Length(2, 100)])
 	submit = SubmitField("Save")
 
 @app.route("/user/set-password/", methods=["GET", "POST"])

babel.cfg

@@ -0,0 +1,3 @@
+[python: app/**.py]
+[jinja2: app/templates/**.html]
+extensions=jinja2.ext.autoescape,jinja2.ext.with_

config.example.cfg

@@ -23,3 +23,7 @@ MAIL_SERVER=""
 MAIL_PORT=587
 MAIL_USE_TLS=True
 MAIL_UTILS_ERROR_SEND_TO=[""]
+
+LANGUAGES = {
+    'en': 'English',
+}

docker-compose.yml

@@ -33,5 +33,6 @@ services:
       - config.env
     volumes:
       - "./data/uploads:/home/cdb/app/public/uploads"
+      - "./app:/home/cdb/app"
     depends_on:
       - redis

migrations/versions/d6ae9682c45f_.py

@@ -0,0 +1,30 @@
+"""empty message
+
+Revision ID: d6ae9682c45f
+Revises: 7ff57806ffd5
+Create Date: 2019-07-01 23:27:42.666877
+
+"""
+from alembic import op
+import sqlalchemy as sa
+from sqlalchemy.dialects import postgresql
+
+# revision identifiers, used by Alembic.
+revision = 'd6ae9682c45f'
+down_revision = '7ff57806ffd5'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.add_column('user', sa.Column('donate_url', sa.String(length=255), nullable=True))
+    op.add_column('user', sa.Column('website_url', sa.String(length=255), nullable=True))
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_column('user', 'website_url')
+    op.drop_column('user', 'donate_url')
+    # ### end Alembic commands ###

requirements.txt

@@ -7,13 +7,15 @@ Flask-Menu~=0.7
 Flask-Migrate~=2.3
 Flask-SQLAlchemy~=2.3
 Flask-User~=0.6
+Flask-Babel
 GitHub-Flask~=3.2
 SQLAlchemy-Searchable==1.0.3
 
 beautifulsoup4~=4.6
-celery~=4.2
+celery==4.1.1
+kombu==4.2.0
 GitPython~=2.1
 lxml~=4.2
 pillow~=5.3
 pyScss~=1.3
-redis~=3.0
+redis==2.10.6