# HG changeset patch # User durandn # Date 1457613138 -3600 # Node ID 8004d8fc9b38bd4b0ee7deac7829bb6c719fc336 # Parent b1a4d7c43e097388be7b8ed68cf1c84a481ca2ba Corrected settings to support deployment in a subdirectory + protected front_list and front_delete so only staff users can access it + added version display in front_list diff -r b1a4d7c43e09 -r 8004d8fc9b38 server/src/metaeducation/middleware.py --- a/server/src/metaeducation/middleware.py Wed Mar 09 16:38:39 2016 +0100 +++ b/server/src/metaeducation/middleware.py Thu Mar 10 13:32:18 2016 +0100 @@ -4,8 +4,8 @@ from re import compile EXEMPT_URLS = [compile(settings.LOGIN_URL.lstrip('/'))] -if hasattr(settings, 'LOGIN_EXEMPT_URLS'): - EXEMPT_URLS += [compile(expr) for expr in settings.LOGIN_EXEMPT_URLS] +if hasattr(settings, 'OAUTH_EXEMPT_URLS'): + EXEMPT_URLS += [compile(expr) for expr in settings.OAUTH_EXEMPT_URLS] class MtdcLoginRequiredWithContextMiddleware: """ @@ -18,5 +18,6 @@ if request.GET.get("context", ""): context = request.GET["context"] response = redirect(settings.LOGIN_URL) - response["LOCATION"] += "?"+urlencode({"context": context, "next": "/"+path}) + print(path) + response["LOCATION"] += "?"+urlencode({"context": context, "next": settings.URL_SUBDIRECTORY+"/"+path}) return response diff -r b1a4d7c43e09 -r 8004d8fc9b38 server/src/metaeducation/settings/__init__.py --- a/server/src/metaeducation/settings/__init__.py Wed Mar 09 16:38:39 2016 +0100 +++ b/server/src/metaeducation/settings/__init__.py Thu Mar 10 13:32:18 2016 +0100 @@ -101,18 +101,16 @@ # Static files (CSS, JavaScript, Images) # https://docs.djangoproject.com/en/1.8/howto/static-files/ -STATIC_URL = '/static/' BASE_STATIC_ROOT = os.path.abspath(BASE_DIR + "../../web/static/").rstrip("/")+"/" STATIC_ROOT = BASE_STATIC_ROOT + "site/" -STATICFILES_DIRS = ( - BASE_DIR+'/metaeducation/static/metaeducation/', -) LOGIN_URL = '/accounts/mtdc/login/' -LOGIN_EXEMPT_URLS = ( +OAUTH_EXEMPT_URLS = ( r'^accounts/', r'^api/', r'^admin/', + r'^front/list' + r'^front/delete/*' ) # Guardian config @@ -128,20 +126,26 @@ } } +MTDC_USERNAME_FIELD_NAME = "displayName" +MTDC_USERID_FIELD_NAME = "id" + +ANONYMOUS_USER_ID = -1 + DEFAULT_RENKAN_ICON = "" -RENKAN_TOOL_ID = "" # Renkan ID, provided by ITOP +RENKAN_TOOL_ID = "" -MTDC_ACCESS_TOKEN_URL = "" # This URL is the access token endpoint URL, relative to a Base url that will be passed as query arg to the server -MTDC_AUTHORIZE_URL = "" # This URL is the authorize endpoint URL, relative to a Base url that will be passed as query arg to the server -MTDC_PROFILE_URL = "" # This URL is the user profile endpoint URL, relative to a Base url that will be passed as query arg to the server +ITOP_PF_CODE = "" # Parameter for the reference request, should be provided by Itop + +MTDC_CLIENT_ID = "" +MTDC_CLIENT_SECRET = "" +MTDC_AUTH_CODE = "" + +MTDC_ACCESS_TOKEN_URL = "" # This URL is relative to a Base url that will be passed as query arg to the server +MTDC_AUTHORIZE_URL = "" # This URL is relative to a Base url that will be passed as query arg to the server +MTDC_PROFILE_URL = "" # This URL is relative to a Base url that will be passed as query arg to the server MTDC_GED_BASE_URL = "" # Base URL of the GED server -MTDC_VALIDATE_TOKEN_URL = "" # This URL is the ABSOLUTE url for validating a token. There will be no context involved for validation token from server to server. -MTDC_CLIENT_CREDENTIALS_TOKEN_URL = "" # This URL is the ABSOLUTE url for getting a token via Client Credentials from server to server. -MTDC_REFERENCE_RESOURCE_BASE_URL = "" # This URL is the ABSOLUTE url for the GED resource referencement service from server to server. -OAUTH_REDIRECT_URI = "" # Redirect URI for the GED server, used when validating GED tokens during client credentials flow. - -MTDC_USERNAME_FIELD_NAME = "displayName" # Name of the username field that will be transmitted in response to the profile url request (usually "username", for metaeduc will probably be "displayName") -MTDC_USERID_FIELD_NAME = "id" # Name of the user id field that will be transmitted in response to the profile url request (usually "id") - -ITOP_PF_CODE = "ITOPPP" # Parameter for the reference request, should be provided by Itop +MTDC_VALIDATE_TOKEN_BASE_URL = "" # "https://dev.enteduc.fr/rest/oauth/validate/" +MTDC_CLIENT_CREDENTIALS_TOKEN_URL = "" # "https://dev.enteduc.fr/oauth/oauth2/token" +MTDC_REFERENCE_RESOURCE_BASE_URL = MTDC_GED_BASE_URL + "" # "http://192.168.1.62:20411/ws/resource/" # MTDC_GED_BASE_URL + "/ws/resource/" +OAUTH_REDIRECT_URI = "" # Redirect URI for the GED server, when validating tokens diff -r b1a4d7c43e09 -r 8004d8fc9b38 server/src/metaeducation/settings/dev.py.tmpl --- a/server/src/metaeducation/settings/dev.py.tmpl Wed Mar 09 16:38:39 2016 +0100 +++ b/server/src/metaeducation/settings/dev.py.tmpl Thu Mar 10 13:32:18 2016 +0100 @@ -2,6 +2,26 @@ from metaeducation.settings import * import os, logging, base64 +BASE_URL = '/' +WEB_URL = '' + +FORCE_SCRIPT_NAME = '/mtdc' +URL_SUBDIRECTORY = FORCE_SCRIPT_NAME # must be set to /mtdc in one way or another else during OAuth AuthCode the redirect won't work properly +USE_X_FORWARDED_HOST = True + +BASE_STATIC_URL = WEB_URL + BASE_URL + 'static/' +BASE_STATIC_ROOT = os.path.abspath(BASE_DIR + "../../web/static/").rstrip("/")+"/" + +STATIC_URL = BASE_STATIC_URL + "site/" + +# Absolute path to the directory that static files (js, css, swf...) +# DO NOT forget to do command line ./manage.py collectstatic to gather static media into the web/static folder +STATIC_ROOT = BASE_STATIC_ROOT + "site/" + +SRC_BASE_URL = BASE_URL + 'mtdc/' + +LOGIN_URL = SRC_BASE_URL + 'accounts/mtdc/login/' + #TODO override DEBUG = True diff -r b1a4d7c43e09 -r 8004d8fc9b38 server/src/metaeducation/templates/renkan_list.html --- a/server/src/metaeducation/templates/renkan_list.html Wed Mar 09 16:38:39 2016 +0100 +++ b/server/src/metaeducation/templates/renkan_list.html Thu Mar 10 13:32:18 2016 +0100 @@ -37,4 +37,10 @@ {% endfor %} +
+
+ Metaeducation - Prototype {{version}} +

+
+
{% endblock main_content %} \ No newline at end of file diff -r b1a4d7c43e09 -r 8004d8fc9b38 server/src/metaeducation/urls.py --- a/server/src/metaeducation/urls.py Wed Mar 09 16:38:39 2016 +0100 +++ b/server/src/metaeducation/urls.py Thu Mar 10 13:32:18 2016 +0100 @@ -15,19 +15,24 @@ """ from django.conf.urls import include, url from django.contrib import admin -from django.views.generic import RedirectView +from django.contrib.admin.views.decorators import staff_member_required +from django.contrib.staticfiles.urls import staticfiles_urlpatterns from django.core.urlresolvers import reverse_lazy -from django.contrib.auth.decorators import login_required +from django.views.generic import RedirectView + from .views import ListRenkansView, NewRenkanView, EditRenkanView, ViewRenkanView, DeleteRenkanView + urlpatterns = [ url(r'^$', RedirectView.as_view(url=reverse_lazy("front_list_renkans"))), url(r'^admin/', include(admin.site.urls)), url(r'^api/', include('renkanmanager.urls')), url(r'^accounts/', include('allauth.urls')), - url(r'^front/list/$', ListRenkansView.as_view(), name='front_list_renkans'), + url(r'^front/list/$', staff_member_required(ListRenkansView.as_view()), name='front_list_renkans'), url(r'^front/new/$', NewRenkanView.as_view(), name='front_new_renkan'), url(r'^front/edit/(?P[\w-]+)/$', EditRenkanView.as_view(), name='front_edit_renkan'), url(r'^front/view/(?P[\w-]+)/$', ViewRenkanView.as_view(), name='front_view_renkan'), - url(r'^front/delete/(?P[\w-]+)/$', DeleteRenkanView.as_view(), name='front_delete_renkan') + url(r'^front/delete/(?P[\w-]+)/$', staff_member_required(DeleteRenkanView.as_view()), name='front_delete_renkan') ] + +urlpatterns += staticfiles_urlpatterns() \ No newline at end of file diff -r b1a4d7c43e09 -r 8004d8fc9b38 server/src/metaeducation/views.py --- a/server/src/metaeducation/views.py Wed Mar 09 16:38:39 2016 +0100 +++ b/server/src/metaeducation/views.py Thu Mar 10 13:32:18 2016 +0100 @@ -1,20 +1,21 @@ +from django.conf import settings from django.core.urlresolvers import reverse from django.http import HttpResponse, HttpResponseRedirect from django.shortcuts import render, get_object_or_404 from django.views.decorators.csrf import csrf_exempt from django.views.generic import TemplateView, View -from rest_framework.renderers import TemplateHTMLRenderer - +from renkanmanager.api.views import RenkanDetail from renkanmanager.models import Renkan from renkanmanager.serializers import RenkanSerializer -from renkanmanager.api.views import RenkanDetail +from rest_framework.renderers import TemplateHTMLRenderer +from metaeducation import __version__ class ListRenkansView(View): template_name = "renkan_list.html" def get(self, request): renkans = Renkan.objects.filter(creator=request.user) - return render(request, self.template_name, {'renkans': renkans}) + return render(request, self.template_name, {'renkans': renkans, 'version': __version__}) def post(self, request): create_data = { @@ -24,7 +25,7 @@ serializer = RenkanSerializer(data=create_data) if serializer.is_valid(): serializer.save(creator=request.user) - return HttpResponseRedirect(request.META.get('HTTP_REFERER', '/')) + return HttpResponseRedirect(request.META.get('HTTP_REFERER', settings.BASE_URL)) class NewRenkanView(View): @@ -45,10 +46,9 @@ class EditRenkanView(TemplateView): template_name = "renkan_edit.html" - class DeleteRenkanView(View): def get(self, request, renkan_guid): request.method = "DELETE" delete_response = RenkanDetail.as_view()(request, renkan_guid) - return HttpResponseRedirect(request.META.get('HTTP_REFERER', '/')) + return HttpResponseRedirect(request.META.get('HTTP_REFERER', settings.BASE_URL)) \ No newline at end of file