- 02 Aug, 2022 3 commits
-
-
Jérôme Charaoui authored
this applies folder name filtering to top-level folders (shares) in addition to subfolders, which allows us now to exclude to Common folder from having its contents sanitized without prejudice
-
Jérôme Charaoui authored
This reverts commit e015c7fb. This only works if "Common" is *inside* the folder, it does not prevent processing the contents of the folder itself.
-
Jérôme Charaoui authored
-
- 07 Dec, 2021 2 commits
-
- 06 Dec, 2021 3 commits
-
-
anarcat authored
I was getting weird output from the script when trying to diagnose a blocked dangerbot (e.g. #17 or #18). I couldn't figure out what was going on and went to look at the code, then ended up staring at this line for 2 minutes: # non-empty folder or regular file if len(listing) > 1 or not path.endswith("/"): It stuck with me. I couldn't actually remember (let alone figure out) what that was supposed to do. I was so confused I actually ended up re-proving De Morgan's Laws: https://en.wikipedia.org/wiki/De_Morgan%27s_laws The gist of the change is that we change this: logging.info("sanitizing %s %s", folder, path) # non-empty folder or regular file if len(listing) > 1 or not path.endswith("/"): # [...] do everything To this: if path.endswith("/") and len(listing) <= 1: logging.info("skipping empty folder: %s/%s", folder, path) return logging.info("sanitizing %s %s", folder, path) # [...] do everything The diff looks huge because we reindent the entire "# [...] do everything" block, but it's otherwise basically a noop, except we have a better error message. The output before: anarcat@curie:dangerzone-webdav-processor(main)$ ./dangerzone-webdav-processor -l https://nc.torproject.net/remote.php/dav/files/dangerzone-bot/ -u dangerzone-bot -n -v authenticated with webdav https://nc.torproject.net/remote.php/dav/files/dangerzone-bot/ sanitizing CVs (4)/ Candidate 33/ sanitizing CVs (4)/ Candidate 35/ after: anarcat@curie:dangerzone-webdav-processor(main)$ ./dangerzone-webdav-processor -l https://nc.torproject.net/remote.php/dav/files/dangerzone-bot/ -u dangerzone-bot -n -v authenticated with webdav https://nc.torproject.net/remote.php/dav/files/dangerzone-bot/ skipping empty folder: CVs (4)//Candidate 33/ skipping empty folder: CVs (4)//Candidate 35/
-
anarcat authored
We do it in a rather convoluted way (ie. tox) but it will allow us to hook more goodies later, e.g. mypy, unit tests, etc.
-
anarcat authored
-
- 27 Jul, 2021 2 commits
- 15 Jun, 2021 4 commits
- 14 Jun, 2021 3 commits
- 10 Jun, 2021 17 commits
-
-
anarcat authored
-
anarcat authored
-
anarcat authored
We need an extra control after argument passing to make sure it's there when the options are not given though.
-
anarcat authored
This is the proper place to this level of abstraction, i think.
-
anarcat authored
This makes it possible to enable verbose without reloading systemd.
-
anarcat authored
-
anarcat authored
I'm not exactly sure we'll go that route, but it will make deployment clearer. Note that this involves renaming the main script, which makes the directory listing a little more confusing and redundant, but it makes the `setup.py` stuff easier (because we don't need to rename the file). The downside is that it doesn't look like a python module anymore, which confuses some tools, but we can always add a symlink in the source (like we do in undertime) to workaround that problem, in the future. Closes: #3
-
anarcat authored
-
anarcat authored
This hasn't actually been tested but, really, "how hard can this be?" We're pretty good at avoiding race conditions (by moving stuff to `dangerzone/processing`, mostly) but we definitely should avoid two processors in parallel. Thankfully, it seems that systemd takes care of this for us and will not run two services in parallel. Obviously, the user can still shoot themselves in the foot and run another processor in parallel, but that's when our race avoidance stuff should save us. Closes: #1
-
anarcat authored
For some reason, we have files in the processing folder that are already present before moving. Skip those files instead of crashing with: webdav3.exceptions.ResponseErrorCode: Request to https://nc.torproject.net/remote.php/dav/files/dangerzone-bot/CVS/dangerzone-processing/2/ failed with code 412 and message: b'<?xml version="1.0" encoding="utf-8"?>\n<d:error xmlns:d="DAV:" xmlns:s="http://sabredav.org/ns">\n <s:exception>Sabre\\DAV\\Exception\\PreconditionFailed</s:exception>\n <s:message>The destination node already exists, and the overwrite header is set to false</s:message>\n <s:header>Overwrite</s:header>\n</d:error>\n'
-
anarcat authored
Right now we have `dangerzene-processed/`, `dangerzone-rejected/`, `dangerzone-processing/`... that's noisy, at best, and dangerous, at worst: at least one user thought that `dangerzone-processed` was where processed (so: safe) files ended up. Just have `dangerzone/` and `safe/` folders at the toplevel, with the `processed/`, `rejected/`, `processing/` stuff inside `dangerzone/`. Closes: #4
-
kezzle authored
-
- 09 Jun, 2021 6 commits