admin: malware refactor and small features (#16047)

pypi · Jun 4, 2024 · 750693f · 750693f
1 parent 3accdda
commit 750693f
Show file tree

Hide file tree

Showing 4 changed files with 35 additions and 39 deletions.
diff --git a/warehouse/admin/templates/admin/base.html b/warehouse/admin/templates/admin/base.html
@@ -92,7 +92,7 @@
           <img src="{{ gravatar(request, request.user.email, size=160) }}" class="img-circle elevation-2" alt="User Image">
         </div>
         <div class="info">
-          <a class="d-block">{{ request.user.name|default(request.user.username, true) }}</a>
+          <a class="d-block" href="{{ request.route_path('admin.user.detail', username=request.user.username) }}">{{ request.user.name|default(request.user.username, true) }}</a>
         </div>
       </div>
 

diff --git a/warehouse/admin/templates/admin/projects/detail.html b/warehouse/admin/templates/admin/projects/detail.html
@@ -255,6 +255,9 @@ <h4 class="modal-title" id="exampleModalLabel">Remove role for {{ role.user.user
   <div class="card-header">
     <h3 class="card-title">Project Observations</h3>
     <div class="card-tools">
+      {% if observations %}
+      <span class="badge badge-warning">{{ observations|length }}</span>
+      {% endif %}
       <button type="button" class="btn btn-tool" data-card-widget="collapse"><i class="fas fa-plus"></i>
       </button>
     </div>

diff --git a/warehouse/admin/views/prohibited_project_names.py b/warehouse/admin/views/prohibited_project_names.py
@@ -32,7 +32,7 @@
 )
 from warehouse.utils.http import is_safe_url
 from warehouse.utils.paginate import paginate_url_factory
-from warehouse.utils.project import remove_project
+from warehouse.utils.project import prohibit_and_remove_project
 
 
 @view_config(
@@ -250,23 +250,7 @@ def add_prohibited_project_names(request):
         )
         return HTTPSeeOther(request.route_path("admin.prohibited_project_names.list"))
 
-    # Add our requested prohibition.
-    request.db.add(
-        ProhibitedProjectName(
-            name=project_name, comment=comment, prohibited_by=request.user
-        )
-    )
-
-    # Go through and delete the project and everything related to it so that
-    # our prohibition actually blocks things and isn't ignored (since the
-    # prohibition only takes effect on new project registration).
-    project = (
-        request.db.query(Project)
-        .filter(Project.normalized_name == func.normalize_pep426_name(project_name))
-        .first()
-    )
-    if project is not None:
-        remove_project(project, request)
+    prohibit_and_remove_project(project_name, request, comment)
 
     request.session.flash(f"Prohibited Project Name {project_name!r}", queue="success")
 
@@ -334,25 +318,7 @@ def bulk_add_prohibited_project_names(request):
             ):
                 continue
 
-            # Add our requested prohibition.
-            request.db.add(
-                ProhibitedProjectName(
-                    name=project_name, comment=comment, prohibited_by=request.user
-                )
-            )
-
-            # Go through and delete the project and everything related to it so that
-            # our prohibition actually blocks things and isn't ignored (since the
-            # prohibition only takes effect on new project registration).
-            project = (
-                request.db.query(Project)
-                .filter(
-                    Project.normalized_name == func.normalize_pep426_name(project_name)
-                )
-                .first()
-            )
-            if project is not None:
-                remove_project(project, request, flash=False)
+            prohibit_and_remove_project(project_name, request, comment, flash=False)
 
         request.session.flash(
             f"Prohibited {len(project_names)!r} projects", queue="success"

diff --git a/warehouse/utils/project.py b/warehouse/utils/project.py
@@ -13,9 +13,10 @@
 import re
 
 from pyramid.httpexceptions import HTTPSeeOther
+from sqlalchemy.sql import func
 
 from warehouse.packaging.interfaces import IDocsStorage
-from warehouse.packaging.models import JournalEntry
+from warehouse.packaging.models import JournalEntry, ProhibitedProjectName, Project
 from warehouse.tasks import task
 
 
@@ -65,6 +66,32 @@ def confirm_project(
         )
 
 
+def prohibit_and_remove_project(
+    project: Project | str, request, comment: str, flash: bool = True
+):
+    """
+    View helper to prohibit and remove a project.
+    """
+    # TODO: See if we can constrain `project` to be a `Project` only.
+    project_name = project.name if isinstance(project, Project) else project
+    # Add our requested prohibition.
+    request.db.add(
+        ProhibitedProjectName(
+            name=project_name, comment=comment, prohibited_by=request.user
+        )
+    )
+    # Go through and delete the project and everything related to it so that
+    # our prohibition actually blocks things and isn't ignored (since the
+    # prohibition only takes effect on new project registration).
+    project = (
+        request.db.query(Project)
+        .filter(Project.normalized_name == func.normalize_pep426_name(project_name))
+        .first()
+    )
+    if project is not None:
+        remove_project(project, request, flash=flash)
+
+
 def remove_project(project, request, flash=True):
     # TODO: We don't actually delete files from the data store. We should add
     #       some kind of garbage collection at some point.