Indicate stuck releases in todo list and allow admins to delete them

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,13 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: Unconfirmed Bug
+assignees: ''
+---
+
+## Summary
+Describe your problem here
+
+##### Steps to reproduce
+For bug reports or build issues, explain how the problem happened

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,25 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: Feature
+assignees: ''
+---
+
+## Problem
+
+A clear and concise description of what the problem is.
+ie: Why is this needed?
+Ex. I'm always frustrated when [...]
+
+## Solutions
+
+A clear and concise description of what you want to happen.
+
+## Alternatives
+
+A clear and concise description of any alternative solutions or features you've considered.
+
+## Additional context
+
+Add any other context or screenshots about the feature request here.

.github/ISSUE_TEMPLATE/policy.md

@@ -0,0 +1,7 @@
+---
+name: Policy suggestion
+about: Suggest a change to the guidelines
+title: ''
+labels: Policy
+assignees: ''
+---

.github/SECURITY.md

@@ -0,0 +1,19 @@
+# Security Policy
+
+## Supported Versions
+
+We only support the latest production version, deployed to <https://content.minetest.net>.
+See the [releases page](https://github.com/minetest/contentdb/releases).
+
+## Reporting a Vulnerability
+
+We ask that you report vulnerabilities privately, by contacting rubenwardy,
+to give us time to fix them. You can do that by using one of the methods outlined in the following link:
+
+* https://rubenwardy.com/contact/
+
+Depending on severity, we will either create a private issue for the vulnerability
+and release a security update, or give you permission to file the issue publicly.
+
+For more information on the justification of this policy, see
+[Responsible Disclosure](https://en.wikipedia.org/wiki/Responsible_disclosure).

Dockerfile

@@ -1,17 +1,19 @@
 FROM python:3.6
 
+RUN groupadd -g 5123 cdb && \
+    useradd -r -u 5123 -g cdb cdb
+
 WORKDIR /home/cdb
 
 COPY requirements.txt requirements.txt
 RUN pip install -r ./requirements.txt
 RUN pip install gunicorn
-RUN pip install psycopg2
 
-COPY runprodguni.sh ./
-COPY rundebug.sh ./
-RUN chmod +x runprodguni.sh
-
-COPY setup.py ./setup.py
+COPY utils utils
 COPY app app
 COPY migrations migrations
 COPY config.cfg ./config.cfg
+
+RUN chown cdb:cdb /home/cdb -R
+
+USER cdb

README.md

@@ -13,7 +13,7 @@ Note: you should first read one of the guides on the [Github repo wiki](https://
 FLASK_CONFIG=../config.cfg celery -A app.tasks.celery worker
 
 # if sqlite
-python setup.py -t
+python utils/setup.py -t
 rm db.sqlite && python setup.py -t && FLASK_CONFIG=../config.cfg FLASK_APP=app/__init__.py flask db stamp head
 
 # Create migration

app/__init__.py

@@ -48,7 +48,7 @@ gravatar = Gravatar(app,
 		use_ssl=True,
 		base_url=None)
 
-if not app.debug:
+if not app.debug and app.config["MAIL_UTILS_ERROR_SEND_TO"]:
 	from .maillogger import register_mail_error_handler
 	register_mail_error_handler(app, mail)
 

app/flatpages/policy_and_guidance.md

@@ -37,7 +37,7 @@ Also see the [help page on tags](/help/package_tags/).
 Sexually-orientated content is not permitted.
 
 Mature content, including that relating to drugs, excessive gore, violence, or
-horror, is not currently permitted - but will be in the future.
+excessive horror, is not currently permitted - but will be in the future.
 
 The submission of malware is strictly prohibited. This includes software which
 does not do as it advertises, for example if it posts telemetry without stating

app/templates/admin/list.html

@@ -19,7 +19,8 @@
 		<form method="post" action="" class="card-body">
 			<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
 			<select name="action">
-				<option value="importmodlist" selected>Import forum topics</option>
+				<option value="delstuckreleases" selected>Delete stuck releases</option>
+				<option value="importmodlist">Import forum topics</option>
 				<option value="recalcscores">Recalculate package scores</option>
 				<option value="checkusers">Check forum users</option>
 				<option value="importscreenshots">Import screenshots from VCS</option>

app/templates/base.html

@@ -135,6 +135,12 @@
 		<a href="{{ url_for('flatpage', path='policy_and_guidance') }}">{{ _("Policy and Guidance") }}</a> |
 		<a href="{{ url_for('flatpage', path='help/reporting') }}">{{ _("Report / DMCA") }}</a> |
 		<a href="{{ url_for('user_list_page') }}">{{ _("User List") }}</a>
+
+		{% if debug %}
+			<p style="color: red">
+				DEBUG MODE ENABLED
+			</p>
+		{% endif %}
 	</footer>
 
 	<script src="/static/jquery.min.js"></script>

app/templates/threads/new.html

@@ -37,7 +37,7 @@
 
 	{{ render_checkbox_field(form.private, class_="my-3") }}
 	<p>
-		Only the you, the package author, and users of Editor rank
+		Only you, the package author, and users of Editor rank
 		and above can read private threads.
 	</p>
 

app/templates/todo/list.html

@@ -42,6 +42,9 @@
 				<ul class="list-group list-group-flush">
 					{% for r in releases %}
 						<li class="list-group-item">
+							{% if r.task_id %}
+								<span class="mr-2 badge badge-warning">Importing</span>
+							{% endif %}
 							<a href="{{ r.getEditURL() }}">{{ r.title }}</a>
 							on
 							<a href="{{ r.package.getDetailsURL() }}">

app/views/__init__.py

@@ -25,6 +25,10 @@ from urllib.parse import urlparse
 from sqlalchemy.sql.expression import func
 cache = SimpleCache()
 
+@app.context_processor
+def inject_debug():
+    return dict(debug=app.debug)
+
 @app.template_filter()
 def throw(err):
 	raise Exception(err)

app/views/admin/admin.py

@@ -33,7 +33,11 @@ import datetime
 def admin_page():
 	if request.method == "POST":
 		action = request.form["action"]
-		if action == "importmodlist":
+		if action == "delstuckreleases":
+			PackageRelease.query.filter(PackageRelease.task_id != None).delete()
+			db.session.commit()
+			return redirect(url_for("admin_page"))
+		elif action == "importmodlist":
 			task = importTopicList.delay()
 			return redirect(url_for("check_task", id=task.id, r=url_for("todo_topics_page")))
 		elif action == "checkusers":

app/views/admin/todo.py

@@ -31,7 +31,7 @@ def todo_page():
 
 	packages = None
 	if canApproveNew:
-		packages = Package.query.filter_by(approved=False, soft_deleted=False).all()
+		packages = Package.query.filter_by(approved=False, soft_deleted=False).order_by(db.desc(Package.created_at)).all()
 
 	releases = None
 	if canApproveRel:

app/views/threads.py

@@ -140,7 +140,7 @@ def new_thread_page():
 		abort(403)
 
 	def_is_private   = request.args.get("private") or False
-	if package is None or not package.approved:
+	if package is None:
 		def_is_private = True
 	allow_change     = package and package.approved
 	is_review_thread = package and not package.approved

docker-compose.yml

@@ -15,12 +15,14 @@ services:
 
   app:
     build: .
-    command: ./rundebug.sh
+    command: ./utils/run.sh
+    env_file:
+      - config.env
     ports:
       - 5123:5123
     volumes:
       - "./data/uploads:/home/cdb/app/public/uploads"
-      - "./app:/home/cdb/app"
+      - "./app:/home/cdb/appsrc"
       - "./migrations:/home/cdb/migrations"
     depends_on:
       - db
@@ -31,8 +33,9 @@ services:
     command: celery -A app.tasks.celery worker
     env_file:
       - config.env
+    environment:
+      - FLASK_CONFIG=../config.cfg
     volumes:
       - "./data/uploads:/home/cdb/app/public/uploads"
-      - "./app:/home/cdb/app"
     depends_on:
       - redis

requirements.txt

@@ -19,3 +19,4 @@ lxml~=4.2
 pillow~=5.3
 pyScss~=1.3
 redis==2.10.6
+psycopg2~=2.7

rundebug.sh

@@ -1,3 +0,0 @@
-#!/bin/bash
-
-FLASK_APP=app/__init__.py FLASK_CONFIG=../config.cfg FLASK_DEBUG=1 python3 -m flask run -h 0.0.0.0 -p 5123

runprod.sh

@@ -1,3 +0,0 @@
-#!/bin/bash
-
-FLASK_APP=app/__init__.py FLASK_CONFIG=../config.cfg FLASK_DEBUG=0 python3 -m flask run -h 0.0.0.0 -p 5123

runprodguni.sh

@@ -1,3 +0,0 @@
-#!/bin/bash
-
-gunicorn -w 4 -b :5123 -e FLASK_APP=app/__init__.py -e FLASK_CONFIG=../config.cfg -e FLASK_DEBUG=0 app:app

utils/run.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+
+# Debug
+# FLASK_APP=app/__init__.py FLASK_CONFIG=../config.cfg FLASK_DEBUG=1 python3 -m flask run -h 0.0.0.0 -p 5123
+
+if [ -z "$FLASK_DEBUG" ]; then
+	echo "FLASK_DEBUG is required in config.env"
+	exit 1
+fi
+
+ENV="-e FLASK_APP=app/__init__.py -e FLASK_CONFIG=../config.cfg -e FLASK_DEBUG=$FLASK_DEBUG"
+
+if [ "$FLASK_DEBUG" -eq "1" ]; then
+	EXTRA="--reload"
+fi
+
+echo "Running gunicorn with:"
+echo " - env: $ENV"
+echo " - extra: $EXTRA"
+
+gunicorn -w 4 -b :5123 $ENV $EXTRA app:app

utils/setup.py

@@ -15,7 +15,7 @@
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
 
-import os, sys, datetime
+import os, sys, datetime, inspect
 
 if not "FLASK_CONFIG" in os.environ:
 	os.environ["FLASK_CONFIG"] = "../config.cfg"
@@ -24,6 +24,11 @@ delete_db = len(sys.argv) >= 2 and sys.argv[1].strip() == "-d"
 create_db = not (len(sys.argv) >= 2 and sys.argv[1].strip() == "-o")
 test_data = len(sys.argv) >= 2 and sys.argv[1].strip() == "-t" or not create_db
 
+# Allow finding the `app` module
+currentdir = os.path.dirname(os.path.abspath(inspect.getfile(inspect.currentframe())))
+parentdir = os.path.dirname(currentdir)
+sys.path.insert(0,parentdir) 
+
 from app.models import *
 from app.utils import make_flask_user_password