comments: change comment formatting to plain text instead of rst
There might be value in enabling rich markup (especially if it is markdown instead of rst) ... or it might be a waste of time. We might revisit that later.
But either way: Changing to plain text makes it more feasible to do markup of hashes and issues - for now that is more important than rtf.
Eventually this function should support and auto detect multiple formats and is thus not named for a specific format. But for now it is plain text only.
This kind of markup can quite easily and safely support additional magic markup. It is much harder to do that on top of a richer markup format; it must essentially be done in a single pass, with both all the various regexps and the rst formatting done in a single pass.
auth: Fix bug where usernames are not consistently capitalized when using crowd login
If you try to log in to Kallithea via the Crowd auth module then the capitalization of your username in Kallithea changes on every login based on how you capitalized it in the login form.
E.g. Log in with "TestDude", username is entered as "TestDude" then log in again, but this time as "tesTduDe", and your username gets changed to "tesTduDe". etc.
Fix for this is to use the 'name' field returned from Crowd when saving the username. This way the username is always capitalized identically to the record in Crowd.
auth: Fix tomcat throwing '505 HTTP Version Not Supported' when trying to log in to Atlassian Crowd with usernames that contain spaces
If you try to log in to Kallithea via the Crowd auth module, and the username contains a space, it fails. Tomcat on the Crowd server gives error '505 HTTP Version Not Supported'.
Further investigation showed that the username was not being quoted. E.g. for the user 'test account', the REST URL should contain 'test%20account' but actually was containing 'test account'. When Tomcat received this HTTP request it interprets the word 'account' as the HTTP version because of the space. This obviously isn't a valid HTTP version.
This bug is fixed by using urllib2.quote on the username to ensure that special characters are correctly quoted. After making that change on my local install, the user 'test account' was able to log in successfully.
db: make sure all (non-primary) columns have nullable set explicitly
The default of nullable=True is rarely good for us so nullable should always be specified unless there is a reason to allow nullable ... and if the default is fine, xplicit is better than implicit.
The declared nulliness of some fields are changed where it seems like code already enforced it.
Some fields are marked as FIXME when they need (trivial?) data conversion to convert NULLs to default values.
tests: cleanup of unicode in test_create_non_ascii repository test
Repository names are generally conceptually unicode. Prepare for future changes by explicitly encoding repo_name as utf8 before appending a utf8 string.
Drop test_create_non_ascii - test_delete_non_ascii contains exactly the same test.
middleware: decode the repo_name received from http header to unicode
The middlewares seemed to make the incorrect assumption that the headers contained unicode. Or to put it differently: They relied on the Python default encoding to be able to convert to unicode instead of using safe_unicode. It would thus fail if running with LANG=C.
Instead, utilize that the header actually contains str_repo_name and explicitly decode that to unicode.
db: fix unknown exception type in commit error handling
efce61aac33d was a blind fix. It failed because `from sqlalchemy import *` doesn't import exc and the new except clause would thus fail. It also failed because the session has to be rolled back after a commit failure.
Now, rework it to fix these issues.
Note that we are able to detect whether the commit failed for valid reasons ... but we can't use that information to much ...
auth: fail pam and internal authentication attempts if no username is provided (Issue #180)
When the Mercurial client communicates with a server over HTTP, it will always first try to perform operations unauthenticated before providing credentials. Authentication attempts without credentials is usually pointless and will just slow operations down.
Some authentication plugins (such as LDAP) already skipped these unauthenticated requests. Now, do the same for other authentication plugions.
Other authentication plugins also skip if no password is provided ... but that doesn't seem necessary.
diff: get collapse target via .attr instead of .prop
Commit 3f017db297c4 was not fully tested and broke collapse/expand of diffs on changesets. $button is not a link with a target and the target can thus not be retrieved with .prop('target'); $button is just a span that happens to have a custom attribute with the name 'target'.
We thus revert back to the old way of retrieving it with .attr('target'). (It would perhaps be even better to use data attributes and name it data-target and use .data('target') ...)
files: fix Selection Link for multi-line selections
It broke in dacdea9fda2a when wrong casing in the translation lookup caused an undefined value which didn't show up in the UI and thus made the link unusable.
files: treat messages about 'File too big' as sentences and add a dot.
Make it more easy to read: File is too big to display Show full annotation anyway by treating them as two sentences: File is too big to display. Show full annotation anyway.
Similar messages about 'Changeset too big to display' in the changeset and pullrequest code are wrapped in an <h4> tag. Follow the same style when showing files or annotations.
files: support annotation on files larger than cut_off_limit
When requesting the annotation for a file larger than the cut_off_limit configured in the ini file, the only current option is to click the useless 'show as raw' (which is not an annotation).
Replace it with a link 'Show full annotation anyway' instead.
Commit b0774d79c7c95ec14ec6d23389d85ed544dd4b50 broke the 'Compare branches' button on the repository branches page, when attempting to replace a Yahoo UI click handler with jQuery.
Commit b0774d79c7c95ec14ec6d23389d85ed544dd4b50 broke the 'Compare bookmarks' button on the repository bookmarks page, when attempting to replace a Yahoo UI click handler with jQuery.
auth: note that we never emit authuser "cookies" for the default user
The only place where we set "authuser" in the session is in log_in_user, which is called only by the internal auth system and by auth plugins. The internal auth system cannot log a user in as the default user, because the default user doesn't have a password (and cannot have a password assigned). Auth plugins cannot log a user in as the default user, because the user doesn't have the right extern_type. As such, it's a bug if log_in_user is ever called with the default user (which this commit documents with an assert).
This realization makes the is_authenticated field of the authuser cookie redundant, as it's always True. It also emphasizes that is_default_user and is_authenticated are mutually exclusive.