Commit Graph

258 Commits

Author SHA1 Message Date
Georges-Antoine Assi
ec8583016b mega ton of fixes for 4.8 2026-04-03 10:54:31 -04:00
Georges-Antoine Assi
4a8c3423df run trunk fmt 2026-04-02 10:21:43 -04:00
Eric Daras
9d659bf00b move proxy env handling into config 2026-04-02 06:23:53 +02:00
Vargash
2b17da0c6c fix: manage the new export.gamelist.media configs via _update_config_file 2026-03-31 15:29:23 +02:00
Vargash
f4c965be33 feat: add new export.gamelist.media.image configuration
also fix broken title_screen/miximage/physical key name usage
2026-03-31 11:16:40 +02:00
Vargash
3e072873e1 feat: new export.gamelist.media.thumbnail configuration 2026-03-31 11:00:49 +02:00
Eric Daras
8540514b46 add outbound HTTP proxy support for backend requests 2026-03-27 07:02:14 +01:00
Georges-Antoine Assi
2f695dd4d0 mini fix 2026-03-23 16:43:24 -04:00
Georges-Antoine Assi
3ffb11fb84 fix tests 2026-03-22 17:43:16 -04:00
Georges-Antoine Assi
f107dc2752 changes from bot rview 2026-03-22 17:17:14 -04:00
Georges-Antoine Assi
4c97eddfc3 fix trunk check 2026-03-22 16:30:14 -04:00
nendo
75302ed59a Add play session ingest for game time tracking
Backend API for collecting and querying play sessions, modeled after
the Argosy session data format. Clients submit batches per device,
recording both the session window and screen-on time.
2026-03-22 20:22:55 +09:00
Georges-Antoine Assi
d13e7b6783 fix tests again 2026-03-22 00:03:29 -04:00
Georges-Antoine Assi
51a4b4d473 fix tests 2026-03-21 23:52:41 -04:00
Georges-Antoine Assi
5bf3a435ee moer fixes 2026-03-21 22:57:44 -04:00
Georges-Antoine Assi
8e8baef6f6 fix check 2026-03-21 22:52:23 -04:00
Georges-Antoine Assi
26affaaf36 cleanup 2026-03-21 22:46:05 -04:00
Georges-Antoine Assi
4536deff65 more twekas 2026-03-21 22:30:10 -04:00
Georges-Antoine Assi
49a73e8944 export media to assets folder 2026-03-21 21:55:11 -04:00
zurdi
f1729b15ab fix: update mock_proc.wait return value to 0 for successful hash calculations 2026-03-20 13:33:31 +00:00
nendo
c59ea7790c test: add coverage for sync session handler, sync watcher, device masking, and auth utils
- test_sync_sessions_handler: increment_operations_completed (atomic
  counter, no-op on missing), NoResultFound on update/complete/fail
  with nonexistent session
- test_sync_watcher: _extract_device_and_platform path parsing (valid,
  non-incoming, too few parts, nested, outside base), _ensure_conflicts_dir
  creation and idempotency, process_sync_changes empty/disabled
- test_sync (endpoints): negotiate with untracked saves (no_op),
  server saves not mentioned by client (download), deleted-by-client
  detection (skip), complete on FAILED/CANCELLED session (400),
  trigger_push_pull passes session_id in enqueue kwargs
- test_device (endpoints): sync_config SSH credential masking
  (ssh_password/ssh_key_path -> "********"), null config passthrough,
  config without sensitive fields
- test_utils_auth: _get_device_name UA parsing (browser+OS, browser
  only, OS only, neither), create_or_find_web_device (creates new,
  returns existing on fingerprint match, updates last_seen)
2026-03-16 11:19:30 +09:00
nendo
55638d15dc fix: address bugs, security issues, and convention violations in save-sync
- Fix broken path construction in FSSyncHandler: build_* methods now
  return relative paths; sync_watcher uses paths relative to sync base
  instead of CWD (was completely non-functional in production)
- Fix SSH connection leak in push-pull task: conn.close() now in finally
- Add log.warning for disabled SSH host key verification
- Fix race condition in session operation counter: use atomic SQL
  increment instead of read-then-write
- Extract _increment_session_counter helper, add exc_info to warnings
- Replace legacy session.query() with select() in sync_sessions_handler
- Fix orphaned session: trigger_push_pull now passes session_id to job
- Fix wasteful SSH download when no matched_save exists
- Fix BaseModel import collision in sync.py (pydantic -> project base)
- Fix ORM mutation in UserSchema.from_orm_with_request: set field on
  schema instance instead of mutating live ORM object
- Mask ssh_password and ssh_key_path in DeviceSchema API response
- Fix migration PostgreSQL compatibility: condition ON UPDATE clause
  on MySQL, drop enum in downgrade
- Rename copy-paste artifact rom_user_status_enum
2026-03-16 10:56:43 +09:00
Georges-Antoine Assi
55ca39cacb fix deprecations in pydantic 2026-03-15 09:34:48 -04:00
Georges-Antoine Assi
ed6f9f5907 cleanup endpoint tests 2026-03-14 23:56:46 -04:00
Georges-Antoine Assi
b3fbbf59fb add tests 2026-03-14 23:35:04 -04:00
Georges-Antoine Assi
ffbd997940 remove unused test 2026-03-12 23:14:17 -04:00
Georges-Antoine Assi
a2be62154b Merge pull request #3118 from rommapp/copilot/update-game-status-retroachievements
feat: Auto-update game status from RetroAchievements award kind during progress sync
2026-03-12 20:31:35 -04:00
Georges-Antoine Assi
72e884a83c run fmt 2026-03-12 19:02:24 -04:00
copilot-swe-agent[bot]
4234ca3953 fix: always update rom_user status from RA award on each sync run
Co-authored-by: gantoine <3247106+gantoine@users.noreply.github.com>
2026-03-12 22:59:47 +00:00
HydroSulphide
6a1c1597ce Fix: directly import constants from config and preventing silent fallback on wrong user input for env variable 2026-03-12 20:18:48 +01:00
HydroSulphide
48091225c7 Fix: imports in all test files with renamed constants 2026-03-12 20:04:19 +01:00
HydroSulphide
61c0d401d4 Fix: conftest.py now using the renamed constants 2026-03-12 19:55:50 +01:00
Georges-Antoine Assi
b1cd003625 run fmt 2026-03-11 22:27:33 -04:00
copilot-swe-agent[bot]
d45530cd8b Add typed RomUserData model for documented partial ROM user props update
Co-authored-by: gantoine <3247106+gantoine@users.noreply.github.com>
2026-03-12 01:41:10 +00:00
Georges-Antoine Assi
122cdf072d fix tests 2026-03-11 20:52:23 -04:00
Georges-Antoine Assi
7961af6525 run fmt 2026-03-11 19:13:19 -04:00
copilot-swe-agent[bot]
24fe5b941f refactor: move get_pico8_cover_url to FSRomsHandler, use validate_path for safe path construction
Co-authored-by: gantoine <3247106+gantoine@users.noreply.github.com>
2026-03-11 22:17:22 +00:00
copilot-swe-agent[bot]
2958e6f12b feat: use PICO-8 built-in cover art from .p8.png cartridge files
Co-authored-by: gantoine <3247106+gantoine@users.noreply.github.com>
2026-03-11 02:35:18 +00:00
copilot-swe-agent[bot]
da30e4daf1 feat: auto-update game status from RetroAchievements award kind
Co-authored-by: gantoine <3247106+gantoine@users.noreply.github.com>
2026-03-11 02:27:38 +00:00
nendo
fb37c5cafe fix fork to match upstream changes and verify tests 2026-03-11 11:01:23 +09:00
nendo
ea5b7546aa refactor: address PR #3114 review feedback
- Use atomic getdel for pairing code exchange
- Add cascade="all, delete-orphan" to User.client_tokens
- Move generate/hash_client_token into AuthHandler as static methods
- Extract endpoint helpers to utils/client_tokens.py
2026-03-11 10:56:35 +09:00
nendo
bd5b3375f0 fix: remove unused User import and add i18n keys to all locales
Fixes trunk_check (unused import) and check-translations (missing
keys in non-en_US locales) CI failures.
2026-03-11 10:56:35 +09:00
nendo
e0b25fbc6c feat(client-tokens): add client API tokens with QR pairing flow
Long-lived, revocable, scope-restricted tokens for external clients
(mobile apps, retro handhelds, third-party tools). Includes:

- Backend: model, migration, DB handler, auth integration (rmm_ prefix
  routing in HybridAuthBackend), CRUD + pairing + exchange endpoints,
  rate limiting, scope intersection enforcement, admin oversight
- Frontend: settings page with token management table, stepped
  create/deliver dialog (config -> copy/pair), QR code with RomM logo,
  admin token table, standalone /pair page for QR scan landing
- /pair page supports custom-scheme callbacks for app deep linking,
  falls back to displaying code for manual entry
- 33 backend tests across 5 classes (CRUD, auth, isolation, pairing,
  admin)
2026-03-11 10:56:35 +09:00
Georges-Antoine Assi
f0e5abadc9 fix tests again 2026-03-10 09:23:12 -04:00
HydroSulphide
b9ea937373 Merge branch 'master' into fix-oauth-token-expiry-and-refresh-rotation 2026-03-10 08:51:44 +01:00
HydroSulphide
02336974a6 Implemented greptile suggestions 2026-03-10 08:04:07 +01:00
HydroSulphide
8758cb31b7 Tried to fix everything the bot complained about and the failed pytests.
Three tests were also implemented to check initial implementation that now invalidates expired access and refresh tokens and also rotating refresh tokens.

Since I introduced wrapper functions for create_oauth_token to distinguish between access and refresh token there is no need to set the token type in the data dict, since the type is now enforced in the wrapper functions create_access_token and create_refresh_token.

By convention I renamed create_oauth_token to _create_oauth_token as it is considered a private helper function now.
2026-03-10 07:22:02 +01:00
Georges-Antoine Assi
11c16e92bd run fmt 2026-03-09 22:53:30 -04:00
copilot-swe-agent[bot]
980360805b Fix test: use async_cache instead of sync_cache to inject OIDC session data
Co-authored-by: gantoine <3247106+gantoine@users.noreply.github.com>
2026-03-10 02:39:36 +00:00
copilot-swe-agent[bot]
4992731265 Address code review feedback: log OIDC metadata errors, remove redundant import
Co-authored-by: gantoine <3247106+gantoine@users.noreply.github.com>
2026-03-10 02:01:59 +00:00