add package request endpoint

src/ahriman/core/auth/auth.py

@@ -33,9 +33,9 @@ from ahriman.models.user_access import UserAccess
 class Auth:
     """
     helper to deal with user authorization
-    :ivar allow_read_only: allow read only access to the index page
     :ivar enabled: indicates if authorization is enabled
     :ivar max_age: session age in seconds. It will be used for both client side and server side checks
+    :ivar safe_build_status: allow read only access to the index page
     """
 
     def __init__(self, configuration: Configuration, provider: AuthSettings = AuthSettings.Disabled) -> None:
@@ -46,7 +46,7 @@ class Auth:
         """
         self.logger = logging.getLogger("http")
 
-        self.allow_read_only = configuration.getboolean("auth", "allow_read_only")
+        self.safe_build_status = configuration.getboolean("auth", "safe_build_status")
 
         self.enabled = provider.is_enabled
         self.max_age = configuration.getint("auth", "max_age", fallback=7 * 24 * 3600)

src/ahriman/web/routes.py

@@ -24,6 +24,7 @@ from ahriman.web.views.index import IndexView
 from ahriman.web.views.service.add import AddView
 from ahriman.web.views.service.reload_auth import ReloadAuthView
 from ahriman.web.views.service.remove import RemoveView
+from ahriman.web.views.service.request import RequestView
 from ahriman.web.views.service.search import SearchView
 from ahriman.web.views.status.ahriman import AhrimanView
 from ahriman.web.views.status.package import PackageView
@@ -48,6 +49,8 @@ def setup_routes(application: Application, static_path: Path) -> None:
 
         POST /service-api/v1/remove            remove existing package from repository
 
+        POST /service-api/v1/request           request to add new packages to repository
+
         GET /service-api/v1/search             search for substring in AUR
 
         POST /service-api/v1/update            update packages in repository, actually it is just alias for add
@@ -82,6 +85,8 @@ def setup_routes(application: Application, static_path: Path) -> None:
 
     application.router.add_post("/service-api/v1/remove", RemoveView)
 
+    application.router.add_post("/service-api/v1/request", RequestView)
+
     application.router.add_get("/service-api/v1/search", SearchView, allow_head=False)
 
     application.router.add_post("/service-api/v1/update", AddView)

src/ahriman/web/views/index.py

@@ -93,8 +93,9 @@ class IndexView(BaseView):
 
         # auth block
         auth_username = await authorized_userid(self.request)
+        authenticated = not self.validator.enabled or self.validator.safe_build_status or auth_username is not None
         auth = {
-            "authenticated": not self.validator.enabled or self.validator.allow_read_only or auth_username is not None,
+            "authenticated": authenticated,
             "control": self.validator.auth_control,
             "enabled": self.validator.enabled,
             "username": auth_username,

src/ahriman/web/views/service/add.py

@@ -37,8 +37,7 @@ class AddView(BaseView):
 
         JSON body must be supplied, the following model is used:
         {
-            "packages": "ahriman",   # either list of packages or package name as in AUR
-            "build_now": true       # optional flag which runs build
+            "packages": "ahriman"   # either list of packages or package name as in AUR
         }
 
         :return: redirect to main page on success
@@ -46,11 +45,10 @@ class AddView(BaseView):
         data = await self.extract_data(["packages"])
 
         try:
-            now = data.get("build_now", True)
             packages = data["packages"]
         except Exception as e:
             return json_response(data=str(e), status=400)
 
-        self.spawner.packages_add(packages, now)
+        self.spawner.packages_add(packages, now=True)
 
         raise HTTPFound("/")

src/ahriman/web/views/service/request.py

@@ -0,0 +1,54 @@
+#
+# Copyright (c) 2021 ahriman team.
+#
+# This file is part of ahriman
+# (see https://github.com/arcan1s/ahriman).
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+from aiohttp.web import HTTPFound, Response, json_response
+
+from ahriman.models.user_access import UserAccess
+from ahriman.web.views.base import BaseView
+
+
+class RequestView(BaseView):
+    """
+    request package web view. It is actually the same as AddView, but without now
+    :cvar POST_PERMISSION: post permissions of self
+    """
+
+    POST_PERMISSION = UserAccess.Read
+
+    async def post(self) -> Response:
+        """
+        request to add new package
+
+        JSON body must be supplied, the following model is used:
+        {
+            "packages": "ahriman"   # either list of packages or package name as in AUR
+        }
+
+        :return: redirect to main page on success
+        """
+        data = await self.extract_data(["packages"])
+
+        try:
+            packages = data["packages"]
+        except Exception as e:
+            return json_response(data=str(e), status=400)
+
+        self.spawner.packages_add(packages, now=False)
+
+        raise HTTPFound("/")