arthexis 0.1.15__py3-none-any.whl → 0.1.16__py3-none-any.whl

core/mailer.py

@@ -45,11 +45,15 @@ def send(
     )
     if attachments:
         for attachment in attachments:
-            if not isinstance(attachment, (list, tuple)) or len(attachment) != 3:
-                raise ValueError(
-                    "attachments must contain (name, content, mimetype) tuples"
-                )
-            email.attach(*attachment)
+            if isinstance(attachment, (list, tuple)):
+                length = len(attachment)
+                if length not in {2, 3}:
+                    raise ValueError(
+                        "attachments must contain 2- or 3-item (name, content, mimetype) tuples"
+                    )
+                email.attach(*attachment)
+            else:
+                email.attach(attachment)
     if content_subtype:
         email.content_subtype = content_subtype
     email.send(fail_silently=fail_silently)

core/models.py

@@ -586,10 +586,10 @@ class OdooProfile(Profile):
         """Return the display label for this profile."""
 
         username = self._resolved_field_value("username")
+        if username:
+            return username
         database = self._resolved_field_value("database")
-        if username and database:
-            return f"{username}@{database}"
-        return username or database or ""
+        return database or ""
 
     def save(self, *args, **kwargs):
         if self.pk:
@@ -1816,17 +1816,22 @@ class RFID(Entity):
         blank=True,
         help_text="Optional command executed during validation.",
     )
+    post_auth_command = models.TextField(
+        default="",
+        blank=True,
+        help_text="Optional command executed after successful validation.",
+    )
     BLACK = "B"
     WHITE = "W"
     BLUE = "U"
     RED = "R"
     GREEN = "G"
     COLOR_CHOICES = [
-        (BLACK, "Black"),
-        (WHITE, "White"),
-        (BLUE, "Blue"),
-        (RED, "Red"),
-        (GREEN, "Green"),
+        (BLACK, _("Black")),
+        (WHITE, _("White")),
+        (BLUE, _("Blue")),
+        (RED, _("Red")),
+        (GREEN, _("Green")),
     ]
     SCAN_LABEL_STEP = 10
     COPY_LABEL_STEP = 1
@@ -1838,8 +1843,8 @@ class RFID(Entity):
     CLASSIC = "CLASSIC"
     NTAG215 = "NTAG215"
     KIND_CHOICES = [
-        (CLASSIC, "MIFARE Classic"),
-        (NTAG215, "NTAG215"),
+        (CLASSIC, _("MIFARE Classic")),
+        (NTAG215, _("NTAG215")),
     ]
     kind = models.CharField(
         max_length=8,
@@ -3057,7 +3062,16 @@ class ReleaseManager(Profile):
         ),
     )
     pypi_password = SigilShortAutoField("PyPI password", max_length=200, blank=True)
-    pypi_url = SigilShortAutoField("PyPI URL", max_length=200, blank=True)
+    pypi_url = SigilShortAutoField(
+        "PyPI URL",
+        max_length=200,
+        blank=True,
+        help_text=(
+            "Link to the PyPI user profile (for example, https://pypi.org/user/username/). "
+            "Use the account's user page, not a project-specific URL. "
+            "This value is informational and not used for uploads."
+        ),
+    )
     secondary_pypi_url = SigilShortAutoField(
         "Secondary PyPI URL",
         max_length=200,
@@ -3103,6 +3117,13 @@ class ReleaseManager(Profile):
         username = (self.git_username or "").strip()
         password_source = self.git_password or self.github_token or ""
         password = password_source.strip()
+
+        if password and not username and password_source == self.github_token:
+            # GitHub personal access tokens require a username when used for
+            # HTTPS pushes. Default to the recommended ``x-access-token`` so
+            # release managers only need to provide their token.
+            username = "x-access-token"
+
         if username and password:
             return GitCredentials(username=username, password=password)
         return None
@@ -3217,13 +3238,22 @@ class PackageRelease(Entity):
     def dump_fixture(cls) -> None:
         base = Path("core/fixtures")
         base.mkdir(parents=True, exist_ok=True)
-        for old in base.glob("releases__*.json"):
-            old.unlink()
+        existing = {path.name: path for path in base.glob("releases__*.json")}
+        expected: set[str] = set()
         for release in cls.objects.all():
             name = f"releases__packagerelease_{release.version.replace('.', '_')}.json"
             path = base / name
             data = serializers.serialize("json", [release])
-            path.write_text(data)
+            expected.add(name)
+            try:
+                current = path.read_text(encoding="utf-8")
+            except FileNotFoundError:
+                current = None
+            if current != data:
+                path.write_text(data, encoding="utf-8")
+        for old_name, old_path in existing.items():
+            if old_name not in expected and old_path.exists():
+                old_path.unlink()
 
     def __str__(self) -> str:  # pragma: no cover - trivial
         return f"{self.package.name} {self.version}"
@@ -3236,7 +3266,18 @@ class PackageRelease(Entity):
         """Return :class:`Credentials` from the associated release manager."""
         manager = self.release_manager or self.package.release_manager
         if manager:
-            return manager.to_credentials()
+            creds = manager.to_credentials()
+            if creds and creds.has_auth():
+                return creds
+
+        token = (os.environ.get("PYPI_API_TOKEN") or "").strip()
+        username = (os.environ.get("PYPI_USERNAME") or "").strip()
+        password = (os.environ.get("PYPI_PASSWORD") or "").strip()
+
+        if token:
+            return Credentials(token=token)
+        if username and password:
+            return Credentials(username=username, password=password)
         return None
 
     def get_github_token(self) -> str | None:
@@ -3252,12 +3293,8 @@ class PackageRelease(Entity):
         manager = self.release_manager or self.package.release_manager
         targets: list[RepositoryTarget] = []
 
-        primary_url = ""
-        if manager and manager.pypi_url:
-            primary_url = manager.pypi_url.strip()
-        if not primary_url:
-            env_primary = os.environ.get("PYPI_REPOSITORY_URL", "")
-            primary_url = env_primary.strip()
+        env_primary = os.environ.get("PYPI_REPOSITORY_URL", "")
+        primary_url = env_primary.strip()
 
         primary_creds = self.to_credentials()
         targets.append(
@@ -3381,10 +3418,12 @@ class PackageRelease(Entity):
 
     @classmethod
     def latest(cls):
-        """Return the latest release by version."""
+        """Return the latest release by version, preferring active packages."""
         from packaging.version import Version
 
-        releases = list(cls.objects.all())
+        releases = list(cls.objects.filter(package__is_active=True))
+        if not releases:
+            releases = list(cls.objects.all())
         if not releases:
             return None
         return max(releases, key=lambda r: Version(r.version))
@@ -3572,6 +3611,8 @@ class Todo(Entity):
         max_length=200, blank=True, default="", validators=[validate_relative_url]
     )
     request_details = models.TextField(blank=True, default="")
+    generated_for_version = models.CharField(max_length=20, blank=True, default="")
+    generated_for_revision = models.CharField(max_length=40, blank=True, default="")
     done_on = models.DateTimeField(null=True, blank=True)
     on_done_condition = ConditionTextField(blank=True, default="")
 

core/release.py

@@ -303,6 +303,47 @@ def _git_remote_url(remote: str = "origin") -> Optional[str]:
     return (proc.stdout or "").strip() or None
 
 
+def _git_tag_commit(tag_name: str) -> Optional[str]:
+    """Return the commit referenced by ``tag_name`` in the local repository."""
+
+    for ref in (f"{tag_name}^{{}}", tag_name):
+        proc = subprocess.run(
+            ["git", "rev-parse", ref],
+            capture_output=True,
+            text=True,
+            check=False,
+        )
+        if proc.returncode == 0:
+            commit = (proc.stdout or "").strip()
+            if commit:
+                return commit
+    return None
+
+
+def _git_remote_tag_commit(remote: str, tag_name: str) -> Optional[str]:
+    """Return the commit referenced by ``tag_name`` on ``remote`` if it exists."""
+
+    proc = subprocess.run(
+        ["git", "ls-remote", "--tags", remote, tag_name],
+        capture_output=True,
+        text=True,
+        check=False,
+    )
+    if proc.returncode != 0:
+        return None
+
+    commit = None
+    for line in (proc.stdout or "").splitlines():
+        parts = line.strip().split()
+        if len(parts) != 2:
+            continue
+        sha, ref = parts
+        commit = sha
+        if ref.endswith("^{}"):
+            return sha
+    return commit
+
+
 def _remote_with_credentials(url: str, creds: GitCredentials) -> Optional[str]:
     if not creds.has_auth():
         return None
@@ -335,6 +376,17 @@ def _push_tag(tag_name: str, package: Package) -> None:
         _run(["git", "push", "origin", tag_name])
         return
     except subprocess.CalledProcessError as exc:
+        remote_commit = _git_remote_tag_commit("origin", tag_name)
+        local_commit = _git_tag_commit(tag_name)
+        if remote_commit:
+            if local_commit and remote_commit == local_commit:
+                # Another process already pushed the tag; treat as success.
+                return
+            message = (
+                "Git rejected tag {tag} because it already exists on the remote. "
+                "Delete the remote tag or choose a new version before retrying."
+            ).format(tag=tag_name)
+            raise ReleaseError(message) from exc
         if not _git_authentication_missing(exc):
             raise
         auth_error = exc

core/system.py

@@ -20,10 +20,18 @@ from django.http import HttpResponseRedirect
 from django.urls import path, reverse
 from django.utils import timezone
 from django.utils.formats import date_format
+from django.utils.html import format_html, format_html_join
 from django.utils.translation import gettext_lazy as _, ngettext
 
 from core.auto_upgrade import AUTO_UPGRADE_TASK_NAME, AUTO_UPGRADE_TASK_PATH
 from core import changelog as changelog_utils
+from core.release import (
+    _git_authentication_missing,
+    _git_remote_url,
+    _manager_git_credentials,
+    _remote_with_credentials,
+)
+from core.tasks import check_github_updates
 from utils import revision
 
 
@@ -173,6 +181,120 @@ def _regenerate_changelog() -> None:
     changelog_path.write_text(content, encoding="utf-8")
 
 
+def _format_git_command_output(
+    command: list[str], result: subprocess.CompletedProcess[str]
+) -> str:
+    """Return a readable summary of a git command execution."""
+
+    command_display = "$ " + " ".join(command)
+    message_parts = []
+    if result.stdout:
+        message_parts.append(result.stdout.strip())
+    if result.stderr:
+        message_parts.append(result.stderr.strip())
+    if result.returncode != 0:
+        message_parts.append(f"[exit status {result.returncode}]")
+    if message_parts:
+        return command_display + "\n" + "\n".join(part for part in message_parts if part)
+    return command_display
+
+
+def _git_status() -> str:
+    """Return the repository status after attempting to commit."""
+
+    status_result = subprocess.run(
+        ["git", "status", "--short", "--branch"],
+        capture_output=True,
+        text=True,
+        check=False,
+    )
+    stdout = status_result.stdout.strip()
+    stderr = status_result.stderr.strip()
+    if stdout and stderr:
+        return stdout + "\n" + stderr
+    return stdout or stderr
+
+
+def _commit_changelog() -> tuple[bool, str, str]:
+    """Stage, commit, and push the changelog file."""
+
+    def _retry_push_with_release_credentials(
+        command: list[str],
+        result: subprocess.CompletedProcess[str],
+    ) -> bool:
+        exc = subprocess.CalledProcessError(
+            result.returncode,
+            command,
+            output=result.stdout,
+            stderr=result.stderr,
+        )
+        if not _git_authentication_missing(exc):
+            return False
+
+        creds = _manager_git_credentials()
+        if not creds or not creds.has_auth():
+            return False
+
+        remote_url = _git_remote_url("origin")
+        if not remote_url:
+            return False
+
+        authed_url = _remote_with_credentials(remote_url, creds)
+        if not authed_url:
+            return False
+
+        retry_command = ["git", "push", authed_url]
+        retry_result = subprocess.run(
+            retry_command,
+            capture_output=True,
+            text=True,
+            check=False,
+        )
+        formatted_retry = _format_git_command_output(retry_command, retry_result)
+        if formatted_retry:
+            outputs.append(formatted_retry)
+        logger.info(
+            "Executed %s with exit code %s",
+            retry_command,
+            retry_result.returncode,
+        )
+        return retry_result.returncode == 0
+
+    git_commands: list[list[str]] = [
+        ["git", "add", "CHANGELOG.rst"],
+        [
+            "git",
+            "commit",
+            "-m",
+            "chore: update changelog",
+            "--",
+            "CHANGELOG.rst",
+        ],
+        ["git", "push"],
+    ]
+    outputs: list[str] = []
+    success = True
+
+    for command in git_commands:
+        result = subprocess.run(
+            command, capture_output=True, text=True, check=False
+        )
+        formatted = _format_git_command_output(command, result)
+        outputs.append(formatted)
+        logger.info("Executed %s with exit code %s", command, result.returncode)
+        if result.returncode != 0:
+            if command[:2] == ["git", "push"] and _retry_push_with_release_credentials(
+                command, result
+            ):
+                continue
+            success = False
+            break
+
+    command_output = "\n\n".join(output for output in outputs if output)
+    repo_status = _git_status()
+    return success, command_output, repo_status
+
+
 @dataclass(frozen=True)
 class SystemField:
     """Metadata describing a single entry on the system admin page."""
@@ -716,7 +838,14 @@ def _gather_info() -> dict:
     info["service"] = service_file.read_text().strip() if service_file.exists() else ""
 
     mode_file = lock_dir / "nginx_mode.lck"
-    mode = mode_file.read_text().strip() if mode_file.exists() else "internal"
+    if mode_file.exists():
+        try:
+            raw_mode = mode_file.read_text().strip()
+        except OSError:
+            raw_mode = ""
+    else:
+        raw_mode = ""
+    mode = raw_mode.lower() or "internal"
     info["mode"] = mode
     default_port = 8000 if mode == "public" else 8888
     detected_port: int | None = None
@@ -882,6 +1011,36 @@ def _system_changelog_report_view(request):
                         request,
                         _("Select at least one changelog entry to exclude."),
                     )
+        elif action == "commit":
+            success, command_output, repo_status = _commit_changelog()
+            details: list[str] = []
+            if command_output:
+                details.append(
+                    format_html(
+                        "<div class=\"changelog-git-output\"><strong>{}</strong><pre>{}</pre></div>",
+                        _("Command log"),
+                        command_output,
+                    )
+                )
+            if repo_status:
+                details.append(
+                    format_html(
+                        "<div class=\"changelog-git-status\"><strong>{}</strong><pre>{}</pre></div>",
+                        _("Repository status"),
+                        repo_status,
+                    )
+                )
+            details_html = (
+                format_html_join("", "{}", ((detail,) for detail in details))
+                if details
+                else ""
+            )
+            if success:
+                base_message = _("Committed the changelog and pushed to the current branch.")
+                messages.success(request, format_html("{}{}", base_message, details_html))
+            else:
+                base_message = _("Unable to commit the changelog.")
+                messages.error(request, format_html("{}{}", base_message, details_html))
         else:
             try:
                 _regenerate_changelog()
@@ -927,6 +1086,49 @@ def _system_upgrade_report_view(request):
     return TemplateResponse(request, "admin/system_upgrade_report.html", context)
 
 
+def _trigger_upgrade_check() -> bool:
+    """Return ``True`` when the upgrade check was queued asynchronously."""
+
+    try:
+        check_github_updates.delay()
+    except Exception:
+        logger.exception("Failed to enqueue upgrade check; running synchronously instead")
+        check_github_updates()
+        return False
+    return True
+
+
+def _system_trigger_upgrade_check_view(request):
+    if request.method != "POST":
+        return HttpResponseRedirect(reverse("admin:system-upgrade-report"))
+
+    try:
+        queued = _trigger_upgrade_check()
+    except Exception as exc:  # pragma: no cover - unexpected failure
+        logger.exception("Unable to trigger upgrade check")
+        messages.error(
+            request,
+            _("Unable to trigger an upgrade check: %(error)s")
+            % {"error": str(exc)},
+        )
+    else:
+        if queued:
+            messages.success(
+                request,
+                _("Upgrade check requested. The task will run shortly."),
+            )
+        else:
+            messages.success(
+                request,
+                _(
+                    "Upgrade check started locally. Review the auto-upgrade log for"
+                    " progress."
+                ),
+            )
+
+    return HttpResponseRedirect(reverse("admin:system-upgrade-report"))
+
+
 def patch_admin_system_view() -> None:
     """Add custom admin view for system information."""
     original_get_urls = admin.site.get_urls
@@ -945,6 +1147,11 @@ def patch_admin_system_view() -> None:
                 admin.site.admin_view(_system_upgrade_report_view),
                 name="system-upgrade-report",
             ),
+            path(
+                "system/upgrade-report/run-check/",
+                admin.site.admin_view(_system_trigger_upgrade_check_view),
+                name="system-upgrade-run-check",
+            ),
         ]
         return custom + urls
 

core/tasks.py

@@ -132,11 +132,15 @@ def check_github_updates() -> None:
     mode = "version"
     if mode_file.exists():
         try:
-            mode = mode_file.read_text().strip() or "version"
+            raw_mode = mode_file.read_text().strip()
         except (OSError, UnicodeDecodeError):
             logger.warning(
                 "Failed to read auto-upgrade mode lockfile", exc_info=True
             )
+        else:
+            cleaned_mode = raw_mode.lower()
+            if cleaned_mode:
+                mode = cleaned_mode
 
     branch = "main"
     subprocess.run(["git", "fetch", "origin", branch], cwd=base_dir, check=True)

core/test_system_info.py

@@ -55,6 +55,22 @@ class SystemInfoScreenModeTests(SimpleTestCase):
                 lock_dir.rmdir()
 
 
+class SystemInfoModeTests(SimpleTestCase):
+    def test_public_mode_case_insensitive(self):
+        lock_dir = Path(settings.BASE_DIR) / "locks"
+        lock_dir.mkdir(exist_ok=True)
+        lock_file = lock_dir / "nginx_mode.lck"
+        lock_file.write_text("PUBLIC", encoding="utf-8")
+        try:
+            info = _gather_info()
+            self.assertEqual(info["mode"], "public")
+            self.assertEqual(info["port"], 8000)
+        finally:
+            lock_file.unlink()
+            if not any(lock_dir.iterdir()):
+                lock_dir.rmdir()
+
+
 class SystemInfoRevisionTests(SimpleTestCase):
     @patch("core.system.revision.get_revision", return_value="abcdef1234567890")
     def test_includes_full_revision(self, mock_revision):