2024-04-30 10:48:38 +02:00
6 changed files with 40 additions and 33 deletions
--- a/extensions/models.py
+++ b/extensions/models.py
@ -294,7 +294,9 @@ class Extension(CreatedModifiedMixin, RatingMixin, TrackChangesMixin, models.Mod
    def latest_version(self):
        """Retrieve the latest version."""
        versions = [
-            v for v in self.versions.all() if v.file and v.file.status in self.valid_file_statuses
+            v
+            for v in self.versions.select_related('file', 'file__validation').all()
+            if v.file and v.file.status in self.valid_file_statuses
        ]
        if not versions:
            return None
@ -353,7 +355,7 @@ class Extension(CreatedModifiedMixin, RatingMixin, TrackChangesMixin, models.Mod
        """Return True if given user is listed as a maintainer."""
        if user is None or user.is_anonymous:
            return False
-        return self.authors.filter(maintainer__user_id=user.pk).exists()
+        return user in self.authors.all()

    def can_rate(self, user) -> bool:
        """Return True if given user can rate this extension.
@ -368,6 +370,14 @@ class Extension(CreatedModifiedMixin, RatingMixin, TrackChangesMixin, models.Mod
            ).exists()
        )

+    def suspicious_files(self):
+        versions = (
+            self.versions.select_related('file', 'file__validation')
+            .filter(file__validation__is_ok=False)
+            .all()
+        )
+        return [v.file for v in versions]
+
    @classmethod
    def get_lookup_field(cls, identifier):
        lookup_field = 'pk'
--- a/extensions/templates/extensions/detail.html
+++ b/extensions/templates/extensions/detail.html
@ -5,11 +5,7 @@
 {% block page_title %}{{ extension.name }}{% endblock page_title %}

 {% block content %}
-  {% if extension.latest_version %}
-    {% with latest=extension.latest_version %}
-      {% include "files/components/scan_details.html" with file=latest.file %}
-    {% endwith %}
-  {% endif %}
+  {% include "files/components/scan_details.html" with suspicious_files=extension.suspicious_files %}

  {% has_maintainer extension as is_maintainer %}
  {% with latest=extension.latest_version %}
@ -55,7 +51,7 @@
        {% if extension.versions.listed|length > 1 %}
        <p>
          <a href="{{ extension.get_versions_url }}" class="d-block mt-3">
-            See all changelogs
+            See all versions
          </a>
        </p>
        {% endif %}
--- a/extensions/views/manage.py
+++ b/extensions/views/manage.py
@ -42,7 +42,12 @@ class ExtensionDetailView(ExtensionQuerysetMixin, DetailView):
        * maintainers should be able to preview their yet unlisted add-ons;
        * staff should be able to preview yet unlisted add-ons;
        """
-        return self.get_extension_queryset()
+        return self.get_extension_queryset().prefetch_related(
+            'authors',
+            'versions',
+            'versions__file',
+            'versions__file__validation',
+        )

    def get_object(self, queryset=None):
        """Record a page view when returning the Extension object."""
--- a/files/templates/files/components/scan_details.html
+++ b/files/templates/files/components/scan_details.html
@ -1,21 +1,19 @@
 {% load common i18n %}
 {# FIXME: we might want to rephrase is_moderator in terms of Django's (group) permissions #}
 {% if perms.files.view_file or request.user.is_moderator %}
-  {% with file_validation=file.validation %}
-    {% if file_validation and not file_validation.is_ok %}
+  {% if suspicious_files %}
    <section>
      <div class="card pb-3 pt-4 px-4 mb-3 ext-detail-download-danger">
        <h3>⚠&nbsp;{% trans "Suspicious upload" %}</h3>
-          {% blocktrans asvar alert_text %}Scan of the {{ file }} indicates malicious content.{% endblocktrans %}
+	{% blocktrans asvar alert_text %}Scan of the {{ suspicious_files.0 }} indicates malicious content.{% endblocktrans %}
        <h4>
          {{ alert_text }}
          {% if perms.files.view_file %}{# Moderators don't necessarily have access to the admin #}
-              {% url 'admin:files_file_change' file.pk as admin_file_url %}
+            {% url 'admin:files_file_change' suspicious_files.0.pk as admin_file_url %}
            <a href="{{ admin_file_url }}" target="_blank">{% trans "See details" %}</a>
          {% endif %}
        </h4>
      </div>
    </section>
  {% endif %}
-  {% endwith %}
 {% endif %}
--- a/files/templates/files/components/scan_details_flag.html
+++ b/files/templates/files/components/scan_details_flag.html
@ -1,10 +1,8 @@
 {% load common i18n %}
 {# FIXME: we might want to rephrase is_moderator in terms of Django's (group) permissions #}
 {% if perms.files.view_file or request.user.is_moderator %}
-  {% with file_validation=file.validation %}
-    {% if file_validation and not file_validation.is_ok %}
-      {% blocktrans asvar alert_text %}Scan of the {{ file }} indicates malicious content.{% endblocktrans %}
+  {% if suspicious_files %}
+    {% blocktrans asvar alert_text %}Scan of the {{ suspicious_files.0 }} indicates malicious content.{% endblocktrans %}
    <b class="text-danger pt-2" title="{{ alert_text }}">⚠</b>
  {% endif %}
-  {% endwith %}
 {% endif %}
--- a/reviewers/templates/reviewers/components/review_list_item.html
+++ b/reviewers/templates/reviewers/components/review_list_item.html
@ -15,7 +15,7 @@
    <a href="{{ extension.get_review_url }}#activity-{{ stats.last_activity.id }}" class="ml-3">
      <span>{{ stats.last_activity.date_created|naturaltime_compact }}</span>
    </a>
-    {% include "files/components/scan_details_flag.html" with file=extension.latest_version.file %}
+    {% include "files/components/scan_details_flag.html" with suspicious_files=extension.suspicious_files %}
  </td>
  <td>
    <a href="{{ extension.get_review_url }}" class="text-decoration-none">