Corrected settings to support deployment in a subdirectory + protected front_list and front_delete so only staff users can access it + added version display in front_list
--- a/server/src/metaeducation/middleware.py Wed Mar 09 16:38:39 2016 +0100
+++ b/server/src/metaeducation/middleware.py Thu Mar 10 13:32:18 2016 +0100
@@ -4,8 +4,8 @@
from re import compile
EXEMPT_URLS = [compile(settings.LOGIN_URL.lstrip('/'))]
-if hasattr(settings, 'LOGIN_EXEMPT_URLS'):
- EXEMPT_URLS += [compile(expr) for expr in settings.LOGIN_EXEMPT_URLS]
+if hasattr(settings, 'OAUTH_EXEMPT_URLS'):
+ EXEMPT_URLS += [compile(expr) for expr in settings.OAUTH_EXEMPT_URLS]
class MtdcLoginRequiredWithContextMiddleware:
"""
@@ -18,5 +18,6 @@
if request.GET.get("context", ""):
context = request.GET["context"]
response = redirect(settings.LOGIN_URL)
- response["LOCATION"] += "?"+urlencode({"context": context, "next": "/"+path})
+ print(path)
+ response["LOCATION"] += "?"+urlencode({"context": context, "next": settings.URL_SUBDIRECTORY+"/"+path})
return response
--- a/server/src/metaeducation/settings/__init__.py Wed Mar 09 16:38:39 2016 +0100
+++ b/server/src/metaeducation/settings/__init__.py Thu Mar 10 13:32:18 2016 +0100
@@ -101,18 +101,16 @@
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/1.8/howto/static-files/
-STATIC_URL = '/static/'
BASE_STATIC_ROOT = os.path.abspath(BASE_DIR + "../../web/static/").rstrip("/")+"/"
STATIC_ROOT = BASE_STATIC_ROOT + "site/"
-STATICFILES_DIRS = (
- BASE_DIR+'/metaeducation/static/metaeducation/',
-)
LOGIN_URL = '/accounts/mtdc/login/'
-LOGIN_EXEMPT_URLS = (
+OAUTH_EXEMPT_URLS = (
r'^accounts/',
r'^api/',
r'^admin/',
+ r'^front/list'
+ r'^front/delete/*'
)
# Guardian config
@@ -128,20 +126,26 @@
}
}
+MTDC_USERNAME_FIELD_NAME = "displayName"
+MTDC_USERID_FIELD_NAME = "id"
+
+ANONYMOUS_USER_ID = -1
+
DEFAULT_RENKAN_ICON = ""
-RENKAN_TOOL_ID = "" # Renkan ID, provided by ITOP
+RENKAN_TOOL_ID = ""
-MTDC_ACCESS_TOKEN_URL = "" # This URL is the access token endpoint URL, relative to a <CONTEXT> Base url that will be passed as query arg to the server
-MTDC_AUTHORIZE_URL = "" # This URL is the authorize endpoint URL, relative to a <CONTEXT> Base url that will be passed as query arg to the server
-MTDC_PROFILE_URL = "" # This URL is the user profile endpoint URL, relative to a <CONTEXT> Base url that will be passed as query arg to the server
+ITOP_PF_CODE = "" # Parameter for the reference request, should be provided by Itop
+
+MTDC_CLIENT_ID = ""
+MTDC_CLIENT_SECRET = ""
+MTDC_AUTH_CODE = ""
+
+MTDC_ACCESS_TOKEN_URL = "" # This URL is relative to a <CONTEXT> Base url that will be passed as query arg to the server
+MTDC_AUTHORIZE_URL = "" # This URL is relative to a <CONTEXT> Base url that will be passed as query arg to the server
+MTDC_PROFILE_URL = "" # This URL is relative to a <CONTEXT> Base url that will be passed as query arg to the server
MTDC_GED_BASE_URL = "" # Base URL of the GED server
-MTDC_VALIDATE_TOKEN_URL = "" # This URL is the ABSOLUTE url for validating a token. There will be no context involved for validation token from server to server.
-MTDC_CLIENT_CREDENTIALS_TOKEN_URL = "" # This URL is the ABSOLUTE url for getting a token via Client Credentials from server to server.
-MTDC_REFERENCE_RESOURCE_BASE_URL = "" # This URL is the ABSOLUTE url for the GED resource referencement service from server to server.
-OAUTH_REDIRECT_URI = "" # Redirect URI for the GED server, used when validating GED tokens during client credentials flow.
-
-MTDC_USERNAME_FIELD_NAME = "displayName" # Name of the username field that will be transmitted in response to the profile url request (usually "username", for metaeduc will probably be "displayName")
-MTDC_USERID_FIELD_NAME = "id" # Name of the user id field that will be transmitted in response to the profile url request (usually "id")
-
-ITOP_PF_CODE = "ITOPPP" # Parameter for the reference request, should be provided by Itop
+MTDC_VALIDATE_TOKEN_BASE_URL = "" # "https://dev.enteduc.fr/rest/oauth/validate/"
+MTDC_CLIENT_CREDENTIALS_TOKEN_URL = "" # "https://dev.enteduc.fr/oauth/oauth2/token"
+MTDC_REFERENCE_RESOURCE_BASE_URL = MTDC_GED_BASE_URL + "" # "http://192.168.1.62:20411/ws/resource/" # MTDC_GED_BASE_URL + "/ws/resource/"
+OAUTH_REDIRECT_URI = "" # Redirect URI for the GED server, when validating tokens
--- a/server/src/metaeducation/settings/dev.py.tmpl Wed Mar 09 16:38:39 2016 +0100
+++ b/server/src/metaeducation/settings/dev.py.tmpl Thu Mar 10 13:32:18 2016 +0100
@@ -2,6 +2,26 @@
from metaeducation.settings import *
import os, logging, base64
+BASE_URL = '/'
+WEB_URL = ''
+
+FORCE_SCRIPT_NAME = '/mtdc'
+URL_SUBDIRECTORY = FORCE_SCRIPT_NAME # must be set to /mtdc in one way or another else during OAuth AuthCode the redirect won't work properly
+USE_X_FORWARDED_HOST = True
+
+BASE_STATIC_URL = WEB_URL + BASE_URL + 'static/'
+BASE_STATIC_ROOT = os.path.abspath(BASE_DIR + "../../web/static/").rstrip("/")+"/"
+
+STATIC_URL = BASE_STATIC_URL + "site/"
+
+# Absolute path to the directory that static files (js, css, swf...)
+# DO NOT forget to do command line ./manage.py collectstatic to gather static media into the web/static folder
+STATIC_ROOT = BASE_STATIC_ROOT + "site/"
+
+SRC_BASE_URL = BASE_URL + 'mtdc/'
+
+LOGIN_URL = SRC_BASE_URL + 'accounts/mtdc/login/'
+
#TODO override
DEBUG = True
--- a/server/src/metaeducation/templates/renkan_list.html Wed Mar 09 16:38:39 2016 +0100
+++ b/server/src/metaeducation/templates/renkan_list.html Thu Mar 10 13:32:18 2016 +0100
@@ -37,4 +37,10 @@
{% endfor %}
</tbody>
</table>
+<footer class="footer">
+ <div class="text-right footer-notes">
+ Metaeducation - Prototype {{version}}
+ <br><br>
+ </div>
+</footer>
{% endblock main_content %}
\ No newline at end of file
--- a/server/src/metaeducation/urls.py Wed Mar 09 16:38:39 2016 +0100
+++ b/server/src/metaeducation/urls.py Thu Mar 10 13:32:18 2016 +0100
@@ -15,19 +15,24 @@
"""
from django.conf.urls import include, url
from django.contrib import admin
-from django.views.generic import RedirectView
+from django.contrib.admin.views.decorators import staff_member_required
+from django.contrib.staticfiles.urls import staticfiles_urlpatterns
from django.core.urlresolvers import reverse_lazy
-from django.contrib.auth.decorators import login_required
+from django.views.generic import RedirectView
+
from .views import ListRenkansView, NewRenkanView, EditRenkanView, ViewRenkanView, DeleteRenkanView
+
urlpatterns = [
url(r'^$', RedirectView.as_view(url=reverse_lazy("front_list_renkans"))),
url(r'^admin/', include(admin.site.urls)),
url(r'^api/', include('renkanmanager.urls')),
url(r'^accounts/', include('allauth.urls')),
- url(r'^front/list/$', ListRenkansView.as_view(), name='front_list_renkans'),
+ url(r'^front/list/$', staff_member_required(ListRenkansView.as_view()), name='front_list_renkans'),
url(r'^front/new/$', NewRenkanView.as_view(), name='front_new_renkan'),
url(r'^front/edit/(?P<renkan_guid>[\w-]+)/$', EditRenkanView.as_view(), name='front_edit_renkan'),
url(r'^front/view/(?P<renkan_guid>[\w-]+)/$', ViewRenkanView.as_view(), name='front_view_renkan'),
- url(r'^front/delete/(?P<renkan_guid>[\w-]+)/$', DeleteRenkanView.as_view(), name='front_delete_renkan')
+ url(r'^front/delete/(?P<renkan_guid>[\w-]+)/$', staff_member_required(DeleteRenkanView.as_view()), name='front_delete_renkan')
]
+
+urlpatterns += staticfiles_urlpatterns()
\ No newline at end of file
--- a/server/src/metaeducation/views.py Wed Mar 09 16:38:39 2016 +0100
+++ b/server/src/metaeducation/views.py Thu Mar 10 13:32:18 2016 +0100
@@ -1,20 +1,21 @@
+from django.conf import settings
from django.core.urlresolvers import reverse
from django.http import HttpResponse, HttpResponseRedirect
from django.shortcuts import render, get_object_or_404
from django.views.decorators.csrf import csrf_exempt
from django.views.generic import TemplateView, View
-from rest_framework.renderers import TemplateHTMLRenderer
-
+from renkanmanager.api.views import RenkanDetail
from renkanmanager.models import Renkan
from renkanmanager.serializers import RenkanSerializer
-from renkanmanager.api.views import RenkanDetail
+from rest_framework.renderers import TemplateHTMLRenderer
+from metaeducation import __version__
class ListRenkansView(View):
template_name = "renkan_list.html"
def get(self, request):
renkans = Renkan.objects.filter(creator=request.user)
- return render(request, self.template_name, {'renkans': renkans})
+ return render(request, self.template_name, {'renkans': renkans, 'version': __version__})
def post(self, request):
create_data = {
@@ -24,7 +25,7 @@
serializer = RenkanSerializer(data=create_data)
if serializer.is_valid():
serializer.save(creator=request.user)
- return HttpResponseRedirect(request.META.get('HTTP_REFERER', '/'))
+ return HttpResponseRedirect(request.META.get('HTTP_REFERER', settings.BASE_URL))
class NewRenkanView(View):
@@ -45,10 +46,9 @@
class EditRenkanView(TemplateView):
template_name = "renkan_edit.html"
-
class DeleteRenkanView(View):
def get(self, request, renkan_guid):
request.method = "DELETE"
delete_response = RenkanDetail.as_view()(request, renkan_guid)
- return HttpResponseRedirect(request.META.get('HTTP_REFERER', '/'))
+ return HttpResponseRedirect(request.META.get('HTTP_REFERER', settings.BASE_URL))
\ No newline at end of file