Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Dec 08 15:36
    mworrell milestoned #3045
  • Dec 08 15:36
    mworrell milestoned #3164
  • Dec 08 15:36
    mworrell demilestoned #3164
  • Dec 08 15:36
    mworrell demilestoned #3164
  • Dec 08 15:36
    mworrell milestoned #3164
  • Dec 08 15:36
    mworrell demilestoned #3045
  • Dec 08 15:36
    mworrell milestoned #3045
  • Dec 08 15:36
    mworrell demilestoned #3045
  • Dec 08 15:35

    mworrell on master

    docs: add 0.73 release notes. … (compare)

  • Dec 08 15:32

    mworrell on 0.73.0

    (compare)

  • Dec 08 15:31

    mworrell on release-0.73.0

    (compare)

  • Dec 08 15:31

    mworrell on 0.x

    Set version to 0.73.0 (#3209) (compare)

  • Dec 08 15:31
    mworrell closed #3209
  • Dec 08 15:26
    mworrell opened #3209
  • Dec 08 15:26
    mworrell milestoned #3209
  • Dec 08 15:26
    mworrell milestoned #3209
  • Dec 08 15:25

    mworrell on release-0.73.0

    Set version to 0.73.0 (compare)

  • Dec 07 19:58

    mworrell on l10n_master

    (compare)

  • Dec 07 19:58

    mworrell on master

    New Crowdin updates (#3208) (compare)

  • Dec 07 19:58
    mworrell closed #3208
Arthur Clemens
@ArthurClemens
Great
Marc Worrell
@mworrell
Oooppsss 🙈😇
Arthur Clemens
@ArthurClemens
Is there a way to make all current users Editor?
Arthur Clemens
@ArthurClemens
Trying to wrap my head around this.
"Hierarchy for: Content Group” => isn’t is strange that “Default Content Group” has Access Control “System Content”?
Maas-Maarten Zeeman
@mmzeeman
The default content group itself is system content.
Arthur Clemens
@ArthurClemens
Is it correct that for ACL rules to apply, I must first add the connection "In User Group” in the user page?
Arthur Clemens
@ArthurClemens
If so, the connection pane does not allow me to find the page, even though I just created it when editing another user.
The console shows this error:
{function_clause,[{z_convert,to_binary,[{19324}],[{file,"/home/zotonic/zotonic/_build/default/lib/zotonic_stdlib/src/
z_convert.erl"},{line,99}]},{z_search_terms,add_or_append,3,[{file,"/home/zotonic/zotonic/apps/zotonic_core/src/
support/z_search_terms.erl"},{line,269}]},{lists,foldl,3,[{file,"lists.erl"},{line,1267}]},{z_search_terms,combine,
2,[{file,"/home/zotonic/zotonic/apps/zotonic_core/src/support/z_search_terms.erl"},{line,164}]},{z_search_terms,
combine,1,[{file,"/home/zotonic/zotonic/apps/zotonic_core/src/support/z_search_terms.erl"},{line,39}]},
{z_search_terms,combine,1,[{file,"/home/zotonic/zotonic/apps/zotonic_core/src/support/z_search_terms.erl"},
{line,33}]},{z_search,handle_search_result,7,[{file,"/home/zotonic/zotonic/apps/zotonic_core/src/support/
z_search.erl"},{line,224}]},{z_search,search_pager,4,[{file,"/home/zotonic/zotonic/apps/zotonic_core/src/
support/z_search.erl"},{line,125}]}]}
My workaround is to add a Relation, and then drag the relation to the “In User Group” box
Arthur Clemens
@ArthurClemens
Should I be able to see the progress on a database-only backup? I don’t see anything on the page, nor in the console.
I see backup files in the data directory, but the Backups page does not show them
Maas-Maarten Zeeman
@mmzeeman
Screenshot 2021-12-30 at 15.39.50.png
There should be buttons on the download page.
Something like the picture above
Arthur Clemens
@ArthurClemens
Yes I remember this, but they ain’t there…
I’ve looked at the generated files in .local/…/files/backup and they look fine
Maas-Maarten Zeeman
@mmzeeman
As admin you should be able to see them, otherwise the user should be able use mod-backup
Also, don't forget to press the "Publish" button on the access control rule page, otherwise you new rules won't be active.
I forget that often because it is scrolled out of view.
Arthur Clemens
@ArthurClemens
I am playing the code in the console.
Dir = z_path:files_subdir_ensure("backup", Context). => returns the correct directory = ok
Files = z_utils:wildcard(filename:join(Dir, "*.sql")). => empty array
filename:join(Dir, "*.sql”). => path/to/site//files/backup/*.sql = ok
z_utils:wildcard(filename:join(Dir, "*.sql")). => empty array
Arthur Clemens
@ArthurClemens

In mod_backup line 412:

Files = z_utils:wildcard(filename:join(dir(Context), "*.sql")),

concatenates the full directory path with the wildcard. This results in an empty array.
But when calling z_utils:wildcard/2 (with the directory as 2nd parameter), it works correctly:

Files = z_utils:wildcard("*.sql", dir(Context)),
z_utils:filter_dot_files removes the files with a dot, and the path contains .local/, so...
You won’t see this on a local dev machine if it is a Mac
Arthur Clemens
@ArthurClemens
It may be that no_dot_file doesn’t do the right thing. It should remove files that start with a dot, not files with a path that contains a dot.
Maas-Maarten Zeeman
@mmzeeman
Ah.. those .local dirs where added at a later stage.
That is probably also the reason why my log files are not available... Those file routines need some tlc.
Marc Worrell
@mworrell
Maybe we should only remove .git and .. ?
or explicitly allow .local and similar?
Arthur Clemens
@ArthurClemens
To prevent future problems I suggest to make the rule as permissive as possible
Marc Worrell
@mworrell
Then only suppress a blacklist, to start .git, . and ... Agree @mmzeeman ?
Maas-Maarten Zeeman
@mmzeeman
In OTP20 filelib:find_file/3 was added. We could have a look to see if that brings any benefit for this. Otherwise restricting the wildcard to something which matches the backup filename a bit more restrictive than *.sql. (Did a rm -rf * .o in a project once. It cleaned up the directory pretty well, but ot didn't help to meet the deadline)
Maas-Maarten Zeeman
@mmzeeman
Hmm... find_file/3 is not for this kind of stuff. OTP 23 added https://www.erlang.org/doc/man/filelib.html#safe_relative_path-2 though to prevent traversal attacks... Including .git is logical I think. Although not strictly needed if the pattern against the backup files are a little bit more strict and contain the date pattern. The module can otherwise accidentally delete aribtrary .sql files.
Marc Worrell
@mworrell
Looking into the find_file issue and the crash.
Arthur Clemens
@ArthurClemens
In the logs I’m seeing another (silent) crash:
2022-01-04 00:26:07.698 [error] <0.26448.8> Cowboy stream 1 with ranch listener zotonic_https_listener_ipv4 
and connection process <0.26442.8> had its request process exit with reason: {nocatch,{stop_request,500,
{function_clause,[{cowmachine_util,parse_qs_name,[<<"=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000">>,[],<<>>],[
  {file,"/home/zotonic/zotonic/_build/default/lib/cowmachine/src/cowmachine_util.erl"},{line,284}]},
  {z_context,ensure_qs,1,[{file,"/home/zotonic/zotonic/apps/zotonic_core/src/support/z_context.erl"},{line,
  523}]},{z_cowmachine_middleware,'-execute/2-fun-0-',1,[{file,"/home/zotonic/zotonic/apps/zotonic_core/src/
  support/z_cowmachine_middleware.erl"},{line,54}]},{cowmachine_decision_core,...},...]}}} in 
  cowmachine_decision_core:handle_request/2 line 40
hmm, someone is testing if the PHP server is exposing sensitive data. Still I don’t think the proces should crash.
Arthur Clemens
@ArthurClemens
This can be solved by returning an empty list if nothing can be parsed.
cowmachine_util.erl:303:
parse_qs_name(_, _Acc, _Name) -> [].
Marc Worrell
@mworrell
Can you add this as an issue in cowmachine? Then we pick it up there.
Arthur Clemens
@ArthurClemens
Sure
Marc Worrell
@mworrell
I am testing fixes for the file dirs and the query crash right now.
Arthur Clemens
@ArthurClemens

I am reading https://test.zotonic.com/page/1790/proxying-zotonic-with-nginx that states:

Remember to add X-Forwarded-Proto to proxied header so that Zotonic knows that HTTPS is used before the proxy even though HTTP is used between the proxy and backend. Also add X-Real-IP and X-Forwarded-For headers.

Isn’t this already included in the provided example?

Marc Worrell
@mworrell
I have a pull request ready for the previous issues zotonic/zotonic#2837
About the nginx config - I think we repeat it to ensure that nobody removes it.
Arthur Clemens
@ArthurClemens
check
Marc Worrell
@mworrell
Merged the cowmachine changes into zotonic master.
Arthur Clemens
@ArthurClemens
great
Marc Worrell
@mworrell
Also merged the fixes for the directory scans and the search crash
Arthur Clemens
@ArthurClemens
Nice
I’ve noticed that my paging counter is off by 2 pages at the end. On page 1 it shows the last page number “260”. When I click it, the page is empty, and so is page 259. When I arrive at page 258 this is now shown as the last page.
When I go back to page 256, the link to page 260 is visible again.
Marc Worrell
@mworrell
That is because psql estimates the number of rows now. We don’t do a physical count of all the rows anymore.
On page 258 we see from the result that it is the last page.