From 19325fa9606239390b6e9ece5c647f65cddc696d Mon Sep 17 00:00:00 2001 From: Winnie Kiragu <11174326+WinnyTroy@users.noreply.github.com> Date: Tue, 12 Jan 2021 10:29:54 +0300 Subject: [PATCH] Two db updates (#19) * Update system wide requirements, removing python 2 packages and upgrading those to python 3 Updating python source version and python vars to use python 3 Update to using python -venv instead of python-virtualenv for python 3 compatibility Update to use custom Dockerfile to install ca-certs to docker container Update postgresql extensions for new KPI DB * Removing deprecated CORS Model setting. See https://github.com/adamchainz/django-cors-headers/blob/master/src/corsheaders/checks.py#L153 * Add a playbook to prepare the hosts * Update Molecule tests to run Ubuntu 18.04 Update postgresql and postgis ext versions --- .travis.yml | 2 +- defaults/main.yml | 45 ++++++--- meta/main.yml | 4 +- molecule/default/converge.yml | 29 +----- molecule/default/files/ssl/root.crt | 54 ---------- molecule/default/files/ssl/root.key | 28 ----- molecule/default/molecule.yml | 5 +- molecule/default/prepare.yml | 12 +++ molecule/default/tests/vagranttest.yml | 12 +-- tasks/main.yml | 7 +- templates/kpi/config.es6.j2 | 6 +- templates/kpi/settings.py.j2 | 135 ++++++++++++++----------- 12 files changed, 131 insertions(+), 208 deletions(-) delete mode 100644 molecule/default/files/ssl/root.crt delete mode 100644 molecule/default/files/ssl/root.key create mode 100644 molecule/default/prepare.yml diff --git a/.travis.yml b/.travis.yml index e983a2b..79e521c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -6,7 +6,7 @@ services: before_install: - sudo apt-get -qq update install: - - pip install molecule + - pip install molecule==3.0.8 - pip install testinfra - pip install docker-py script: diff --git a/defaults/main.yml b/defaults/main.yml index 3574f89..4834427 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -12,12 +12,11 @@ kpi_system_requirements: - libxml2-dev - libxslt1-dev - python-celery - - python-pip - - python-psycopg2 - - python-setuptools + - python3-pip + - python3-psycopg2 + - python3-setuptools - software-properties-common - - python-virtualenv - - python2.7-dev + - virtualenv - ttfautohint - zlib1g-dev - binutils @@ -26,8 +25,6 @@ kpi_system_requirements: kpi_npm_requirements: - webpack kpi_django_setup_commands: - - syncdb --noinput - - migrate --noinput - collectstatic --noinput - compilemessages kpi_pip_paths: "{{ kpi_checkout_path }}/dependencies/pip/external_services.txt" @@ -43,12 +40,12 @@ kpi_git_key_ssh_file: kpi_git_key_filename: id_ed25519 kpi_copy_key_from_file: false kpi_remove_git_key: true -kpi_python_source_version: 2.7 -kpi_python_version: "python2.7" +kpi_python_source_version: "3" +kpi_python_version: python{{ kpi_python_source_version }} kpi_checkout_path: "{{ kpi_versioned_path }}/{{ kpi_git_branch }}" kpi_app_path: "{{ kpi_system_user_home }}/app" kpi_versioned_path: "{{ kpi_app_path }}-versioned" -kpi_git_branch: ona-custom-changes +kpi_git_branch: kpi_2.0 kpi_service_name: "{{ kpi_system_user }}" kpi_venv_path: "{{ kpi_system_user_home }}/.virtualenvs/{{ kpi_service_name }}" kpi_nvm_install_path: "{{ kpi_system_user_home }}/.nvm" @@ -69,24 +66,40 @@ kpi_python_packages: # Use the exact anonymous_user_id as the one set on the onadata/formhub/kobocat app. kpi_anonymous_user_id: "-1" -kpi_pgsql_db: "onadata" +kpi_pgsql_db: "kpi" kpi_pgsql_user: "kpi" -kpi_pgsql_password: "random_password" +kpi_pgsql_password: "kpi" kpi_pgsql_host: "localhost" kpi_pgsql_port: 5432 +ona_pgsql_db: "ona" +ona_pgsql_user: "onadata" +ona_pgsql_password: "onadata" +ona_pgsql_host: "localhost" +ona_pgsql_port: 5432 kpi_google_analytics_token: "random_string" kpi_kobocat_url: "http://localhost:8002" kpi_enketo_url: "http://localhost:8005" kpi_enketo_api_token: "qwertyuiop" -kpi_broker_url: "amqp://{{ kpi_system_user }}:{{ kpi_system_user }}@localhost:5672" +kpi_broker_url: 'redis://localhost:6379/1' kpi_log_path: "/var/log/{{ kpi_service_name }}" -kpi_cors_origin_whitelist: [] # TODO: Add documentation for this config -kpi_frontend_domain: "locahost:3001" +kpi_frontend_domain: "http://locahost:3001" kpi_frontend_login_url: "http://{{ kpi_frontend_domain }}/login" -kpi_cors_whitelist: +kpi_cors_origin_whitelist: - "{{ kpi_frontend_domain }}" + - 'http://localhost:3000' + - 'http://localhost:3001' + - 'http://localhost:4000' + - 'http://0.0.0.0:3000' + - 'http://127.0.0.1:3000' + - 'http://127.0.0.1:3001' + - 'http://127.0.0.1:4000' + - 'http://localhost:8000' + - 'http://localhost:8080' + - 'http://127.0.0.1:8080' + - 'http://localhost:8005' + kpi_wsgi_module: kobo.wsgi:application kpi_wsgi_processes: 12 kpi_wsgi_env: "HTTPS=on" diff --git a/meta/main.yml b/meta/main.yml index 10233d4..bb893f3 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -4,11 +4,11 @@ galaxy_info: description: Installs and configures KPI Formbuilder company: Ona Systems Inc license: Apache-2.0 - min_ansible_version: 2.6 + min_ansible_version: 2.8 platforms: - name: Ubuntu versions: - - 16.04 + - 18.04 galaxy_tags: - kpi - formbuilder diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index 6358247..2ac2d5e 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -2,37 +2,10 @@ - name: Converge hosts: all roles: - - role: onaio.postgresql - postgresql_backup_enabled: false - postgresql_version: 9.6 - postgresql_users: - - name: kpi - pass: kpi - encrypted: true - postgresql_databases: - - name: kpi - owner: kpi - encoding: "UTF-8" - hstore: true - gis: true - postgresql_database_extensions: - - db: kpi - extensions: - - postgis - postgresql_ext_install_postgis: true - postgresql_ext_postgis_version: "2.3" - postgresql_ext_postgis_deps: - - libgeos-c1v5 - - "postgresql-{{ postgresql_version }}-postgis-{{ postgresql_ext_postgis_version }}" - - "postgresql-{{ postgresql_version }}-postgis-{{ postgresql_ext_postgis_version }}-scripts" - postgresql_enable_ssl: true - postgresql_ssl_domain: "db.example.com" - postgresql_ssl_ca_key: "{{ lookup('file', 'ssl/root.key') }}" - postgresql_ssl_ca_cert: "{{ lookup('file', 'ssl/root.crt') }}" - role: ansible-kpi kpi_pgsql_db: kpi kpi_pgsql_user: kpi kpi_pgsql_password: kpi kpi_enable_monitoring: false kpi_git_url: "https://github.com/onaio/kpi.git" - kpi_git_branch: "ona-custom-changes" + kpi_git_branch: "kpi_2.0" diff --git a/molecule/default/files/ssl/root.crt b/molecule/default/files/ssl/root.crt deleted file mode 100644 index 42750a1..0000000 --- a/molecule/default/files/ssl/root.crt +++ /dev/null @@ -1,54 +0,0 @@ -Certificate: - Data: - Version: 1 (0x0) - Serial Number: - 0f:ee:79:1c:40:7b:c0:48:9f:10:3d:b7:ea:5a:7c:66:40:56:84:c6 - Signature Algorithm: NULL - Issuer: CN = root.example.com - Validity - Not Before: Jun 10 07:05:51 2020 GMT - Not After : Jun 8 07:05:51 2030 GMT - Subject: CN = root.example.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public-Key: (2048 bit) - Modulus: - 00:df:f3:f7:40:ed:49:1c:13:98:fd:2a:59:25:da: - f6:b5:94:4a:5e:cd:4b:54:51:c0:d3:9b:f3:3f:24: - 53:03:cf:62:4f:95:ca:e4:65:a2:e2:23:5a:e9:8b: - 5f:26:8c:98:6b:c8:49:dc:b8:78:3f:97:c9:c1:8c: - 96:cc:ba:9e:68:6f:2d:d7:cc:01:79:e7:b1:6b:38: - 36:84:c5:d4:60:2c:ed:dd:31:c4:2a:9e:7e:b5:05: - 14:1d:30:39:53:de:bf:69:33:46:46:70:58:33:f3: - 72:b4:bd:e4:16:84:f8:19:80:8c:df:4a:b3:b1:b3: - 17:2c:75:ad:9d:5f:35:85:ed:ac:c7:c7:30:a7:ea: - 4e:a3:33:3f:e8:6a:2b:11:a1:39:34:b7:67:a5:39: - b6:90:db:dc:41:b5:c5:73:d2:b7:5f:01:2f:e4:5d: - ee:b6:53:b8:45:0c:b9:ed:f5:8a:be:12:06:f5:c9: - 10:1e:40:8b:dc:71:5c:10:5e:ad:af:39:ff:79:fc: - dc:8c:10:c9:99:db:66:c8:0b:85:0b:15:85:15:80: - a0:16:84:df:1a:cc:b3:2f:3f:05:cd:5d:00:e1:bd: - 58:89:02:d1:a6:6b:7b:b8:98:df:8c:1e:90:6a:a3: - 9f:a6:04:f0:ba:63:f7:ca:36:95:f6:59:be:ac:48: - ae:25 - Exponent: 65537 (0x10001) - Signature Algorithm: NULL ------BEGIN CERTIFICATE----- -MIIDFzCCAf+gAwIBAgIUD+55HEB7wEifED236lp8ZkBWhMYwDQYJKoZIhvcNAQEL -BQAwGzEZMBcGA1UEAwwQcm9vdC5leGFtcGxlLmNvbTAeFw0yMDA2MTAwNzA1NTFa -Fw0zMDA2MDgwNzA1NTFaMBsxGTAXBgNVBAMMEHJvb3QuZXhhbXBsZS5jb20wggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDf8/dA7UkcE5j9Klkl2va1lEpe -zUtUUcDTm/M/JFMDz2JPlcrkZaLiI1rpi18mjJhryEncuHg/l8nBjJbMup5oby3X -zAF557FrODaExdRgLO3dMcQqnn61BRQdMDlT3r9pM0ZGcFgz83K0veQWhPgZgIzf -SrOxsxcsda2dXzWF7azHxzCn6k6jMz/oaisRoTk0t2elObaQ29xBtcVz0rdfAS/k -Xe62U7hFDLnt9Yq+Egb1yRAeQIvccVwQXq2vOf95/NyMEMmZ22bIC4ULFYUVgKAW -hN8azLMvPwXNXQDhvViJAtGma3u4mN+MHpBqo5+mBPC6Y/fKNpX2Wb6sSK4lAgMB -AAGjUzBRMB0GA1UdDgQWBBQnT3L8gTd623QqUSTk1cB2yi832zAfBgNVHSMEGDAW -gBQnT3L8gTd623QqUSTk1cB2yi832zAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3 -DQEBCwUAA4IBAQCZ1qbWbFtm2pkupt/AbIoTRw3C/Bc4MSHDyb+lorG93mJkwlcz -Ew/W9e1iTRVjcf4giLr4tUivpCdUcDj4DPgpVxNxPoTDsKqXXftTDNLPl5mnhgQN -60IIDpnB/0vWJPyW7lGssiAi9iDcy1pqDL4Yr8SgSUmC1RxnX1GpAhuHEsrgEJ5W -4r+0wFw+aidhL4z0+4C+P97Oths6sM3qmWC2OqkOYqqjRdDND0Q3TqoNzCcN6NY0 -HwHaQmehWT9dNATDybduzKuyWG7K7YgSjHzD0Xn7b7BK6ltbxyZFkR/aeTf8l7Kp -Sa6pUmD5/vAQ6xKTVyyKIW1Tg1EQ5q3Xt+Be ------END CERTIFICATE----- \ No newline at end of file diff --git a/molecule/default/files/ssl/root.key b/molecule/default/files/ssl/root.key deleted file mode 100644 index e509e50..0000000 --- a/molecule/default/files/ssl/root.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDf8/dA7UkcE5j9 -Klkl2va1lEpezUtUUcDTm/M/JFMDz2JPlcrkZaLiI1rpi18mjJhryEncuHg/l8nB -jJbMup5oby3XzAF557FrODaExdRgLO3dMcQqnn61BRQdMDlT3r9pM0ZGcFgz83K0 -veQWhPgZgIzfSrOxsxcsda2dXzWF7azHxzCn6k6jMz/oaisRoTk0t2elObaQ29xB -tcVz0rdfAS/kXe62U7hFDLnt9Yq+Egb1yRAeQIvccVwQXq2vOf95/NyMEMmZ22bI -C4ULFYUVgKAWhN8azLMvPwXNXQDhvViJAtGma3u4mN+MHpBqo5+mBPC6Y/fKNpX2 -Wb6sSK4lAgMBAAECggEBAIOOKraHLSVDFeHR2KB2Keqse6uI6TFU/PLRb2iuC933 -GwcpNRBJ7A7vOd5rMq/Qc1ENTOZNrsWcgrYhwgvtrFQoy0My4cMcqYoUcWI5W/JL -Mkd3joaCqGfp3dDvnR15gfNoXWXPZODPp5go3C2mWp+QdjBND5XZYEmLrzr8zNIo -nMA2DEW90IioB2+jCmlw5wFBLl7x6hq9TUZQbK5hX6bBp5QwgZMkHjbXXR57tu2z -wor09YdJ2jIp7CK2f42fE3LcXrUi8/3KkvIAKls99uV9OvHaKjq8WrRsSKo6kAMg -U3456fct5P3duIjMWrQJrCp4yRnmcavkLQ1t3bymMQECgYEA8I05jlAnXhTxWCZw -7Nm0/61c5DcMS4KUe+B6Hh65rTR0RpAYwmAKjhkYQFx9fT4g8NBzEpcWnpofaKcz -g2WZLg84u1XMONgE4QgzoJ0N9NBHYWSPnfFDMM1bgMNWAAH/X3l7DUpOX3ZY9i4b -oAHPkncllXJXBun6KCz3Ps4WeYUCgYEA7lXaAmR2OhkjpgjKKbG8h7b9oggMqwjo -6SqngU3ZaksZQfh9k9XUOjsh5H8SAqomQX9Bo5iJckrzXRH8pGN2+JWNLfTB3WWJ -U/B4yTW7KFpDLTnRNm/cRm/VTwbk0ocWCY/A9AEX9l7TR4zRxkmm7OC+2w6043Rh -BcLtruQkNCECgYB8I5WJUOoQDmTCZgwu3ucebzwZ9iKdMUUpbJ34v0h5DzHWXHS6 -ks+/p0mxpUmJga+ENz67YEdnEAiXfHoEHEFh2K8hVlSvHSPfcdka0RIrvfSoWToY -ezJ+k+vd1nCiTmWYwtty717kuvGMEh1lhKm3X0+BAWHSCptzckkiGz7T9QKBgQCW -yzjRVLC815UHgv4t3SeUkoHtF7y0JkH+7J7on9HUf8luRQNnGt5ZLXqnMIK7rt3f -iN2F3YfxCVzq4OuBMvFeHHkjv309T/XQZxB09gsBYAKqxa8KC0JKSo2in5D9ZrzZ -tdt2Ro7bsWlqFr3PAGCd9SCsRqTKWKLeW1O42N3TIQKBgQDP0BaNWmVt3J7OGbUV -rE6LAdQHq7Iu1UBu4O5KxUkjGtK7rc0LgzvRnQzf9+yt4w2fcswldt8sgfK//dZU -gaelB76034arSq5t1HKBsptvlJuBP1Qt8Ht5YSfyFavzC8ChPhrG6FuuSzIfVpn1 -mwq043FrVFIfL0caro2Jo0o1Rg== ------END PRIVATE KEY----- \ No newline at end of file diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index 7718b1b..aa1109c 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -6,8 +6,9 @@ driver: lint: | yamllint . platforms: - - name: ubuntu-16.04 - image: solita/ubuntu-systemd:16.04 + - name: kpi-ubuntu-18.04 + image: solita/ubuntu-systemd:18.04 + dockerfile: Dockerfile.j2 privileged: true command: /sbin/init scenario: diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml new file mode 100644 index 0000000..8a5ce13 --- /dev/null +++ b/molecule/default/prepare.yml @@ -0,0 +1,12 @@ + +--- +- name: Prepare + hosts: all + tasks: + - name: Make sure system dependencies are installed + apt: + pkg: + - gpg + - python3-psycopg2 + state: present + when: ansible_lsb.major_release|int > 16 diff --git a/molecule/default/tests/vagranttest.yml b/molecule/default/tests/vagranttest.yml index b79eca3..1815721 100644 --- a/molecule/default/tests/vagranttest.yml +++ b/molecule/default/tests/vagranttest.yml @@ -2,12 +2,6 @@ - name: Pre-install stuff hosts: all tasks: - - name: Install python 2 if not there - raw: | - test -e /usr/bin/python3 || \ - (apt -y update && apt install -y python-minimal) - register: output - changed_when: output.stdout|trim() != "" - name: Install sudo if not there raw: | test -e /usr/bin/sudo || apt install -y sudo @@ -20,10 +14,10 @@ hosts: all vars: # postgres - kpi_anonymous_user_id: "-1" - kpi_pgsql_db: "onadata" + kpi_anonymous_user_id: "1" + kpi_pgsql_db: "kpi" kpi_pgsql_user: "kpi" - kpi_pgsql_password: "random_password" + kpi_pgsql_password: "kpi" kpi_pgsql_host: "localhost" kpi_pgsql_port: 5432 # django diff --git a/tasks/main.yml b/tasks/main.yml index b4d91a9..266bc7f 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -30,12 +30,7 @@ notify: - restart_service -- name: Patch libgeos.py file for updated regex - patch: - src: templates/django_virtualenv_dir/site-packages/django/contrib/gis/geos/libgeos.py - dest: "{{ kpi_venv_path }}/lib/python2.7/site-packages/django/contrib/gis/geos/libgeos.py" - -- name: syncdb, migrate and collect static files +- name: Migrate and collect static files django_manage: command: "{{ item }}" app_path: "{{ kpi_checkout_path }}" diff --git a/templates/kpi/config.es6.j2 b/templates/kpi/config.es6.j2 index b2a14db..7a59697 100644 --- a/templates/kpi/config.es6.j2 +++ b/templates/kpi/config.es6.j2 @@ -1,11 +1,11 @@ -const KPI_LOGIN_URL = "{{ kpi_frontend_login_url }}"; +const ZEBRA_LOGIN_URL = "{{ kpi_frontend_login_url }}"; export function getAuthUrl(url) { - return KPI_LOGIN_URL + "?return_url=" + url; + return ZEBRA_LOGIN_URL + "?return_url=" + url; } export function getZebraLoginUrl() { - return KPI_LOGIN_URL; + return ZEBRA_LOGIN_URL; } const SENTY_DSN = "{{ kpi_raven_js_dsn }}"; diff --git a/templates/kpi/settings.py.j2 b/templates/kpi/settings.py.j2 index a3f3768..24cf73e 100644 --- a/templates/kpi/settings.py.j2 +++ b/templates/kpi/settings.py.j2 @@ -6,22 +6,16 @@ import multiprocessing import os import subprocess +from celery.schedules import crontab import django.conf.locale from django.conf import global_settings from django.conf.global_settings import LOGIN_URL -from django.core.urlresolvers import reverse_lazy +from django.urls import reverse_lazy from django.utils.translation import get_language_info import dj_database_url from pymongo import MongoClient -EXTRA_LANG_INFO = { - 'ku': { - 'bidi': True, - 'code': 'ku', - 'name': 'Kurdish', - 'name_local': 'كوردی', - }, -} +from .static_lists import EXTRA_LANG_INFO # Build paths inside the project like this: os.path.join(BASE_DIR, ...) @@ -60,16 +54,7 @@ if os.environ.get('CSRF_COOKIE_DOMAIN'): SESSION_COOKIE_DOMAIN = CSRF_COOKIE_DOMAIN SESSION_COOKIE_NAME = 'kobonaut' -# Instances of this model will be treated as allowed origins; see -# https://github.com/ottoyiu/django-cors-headers#cors_model -CORS_MODEL = 'external_integrations.CorsModel' - CORS_ORIGIN_WHITELIST = ( - '127.0.0.1:3001', - '127.0.0.1:3000', - 'localhost:8000', - 'localhost:3001', - 'localhost:3000', {% for origin in kpi_cors_origin_whitelist %} '{{ origin }}', {% endfor %} @@ -115,14 +100,15 @@ LOGIN_REDIRECT_URL = '/' # apps both define templates for the same view, the first app listed receives # precedence INSTALLED_APPS = ( - 'django.contrib.auth', + # Always put `contenttypes` before `auth`; see + # https://code.djangoproject.com/ticket/10827 'django.contrib.contenttypes', + 'django.contrib.auth', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'reversion', 'mptt', - 'haystack', 'private_storage', 'kobo.apps.KpiConfig', 'hub', @@ -142,28 +128,28 @@ INSTALLED_APPS = ( 'constance', 'constance.backends.database', 'kobo.apps.hook', + 'django_celery_beat', 'corsheaders', 'kobo.apps.external_integrations.ExternalIntegrationsAppConfig', 'markdownx', 'kobo.apps.help', ) -MIDDLEWARE_CLASSES = ( +MIDDLEWARE = [ 'corsheaders.middleware.CorsMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.locale.LocaleMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', - 'corsheaders.middleware.CorsPostCsrfMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', - # TODO: Uncomment this when interoperability with dkobo is no longer - # needed. See https://code.djangoproject.com/ticket/21649 - #'django.contrib.auth.middleware.SessionAuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', - 'hub.middleware.OtherFormBuilderRedirectMiddleware', 'hub.middleware.UsernameInResponseHeaderMiddleware', -) + 'django_userforeignkey.middleware.UserForeignKeyMiddleware', + 'django_request_cache.middleware.RequestCacheMiddleware', + 'debug_toolbar.middleware.DebugToolbarMiddleware', +] + if os.environ.get('DEFAULT_FROM_EMAIL'): DEFAULT_FROM_EMAIL = os.environ.get('DEFAULT_FROM_EMAIL') @@ -175,30 +161,55 @@ if os.environ.get('DEFAULT_FROM_EMAIL'): # must use `constance.config.THE_SETTING` instead of # `django.conf.settings.THE_SETTING` CONSTANCE_CONFIG = { - 'REGISTRATION_OPEN': (True, 'Allow new users to register accounts for ' - 'themselves'), - 'TERMS_OF_SERVICE_URL': ('http://www.kobotoolbox.org/terms', - 'URL for terms of service document'), - 'PRIVACY_POLICY_URL': ('http://www.kobotoolbox.org/privacy', - 'URL for privacy policy'), - 'SOURCE_CODE_URL': ('https://github.com/kobotoolbox/', - 'URL of source code repository. When empty, a link ' - 'will not be shown in the user interface'), - 'SUPPORT_URL': (os.environ.get('KOBO_SUPPORT_URL', - 'http://help.kobotoolbox.org/'), - 'URL of user support portal. When empty, a link will not ' - 'be shown in the user interface'), - 'SUPPORT_EMAIL': (os.environ.get('KOBO_SUPPORT_EMAIL') or - os.environ.get('DEFAULT_FROM_EMAIL', - 'help@kobotoolbox.org'), - 'Email address for users to contact, e.g. when they ' - 'encounter unhandled errors in the application'), - 'ALLOW_UNSECURED_HOOK_ENDPOINTS': (True, - 'Allow the use of unsecured endpoints for hooks. ' - '(e.g http://hook.example.com)'), - 'HOOK_MAX_RETRIES': (3, - 'Number of times the system will retry ' - 'to send data to remote server before giving up') + 'REGISTRATION_OPEN': ( + False, + "Don't Allow new users to register accounts for themselves", + ), + 'TERMS_OF_SERVICE_URL': ( + 'https://ona.io/tos.html', + 'URL for terms of service document'), + 'PRIVACY_POLICY_URL': ( + 'https://ona.io/privacy.html', + 'URL for privacy policy'), + 'SOURCE_CODE_URL': ( + 'https://github.com/onaio/kpi/', + 'URL of source code repository. When empty, a link will not be shown ' + 'in the user interface', + ), + 'SUPPORT_EMAIL': ( + os.environ.get('KOBO_SUPPORT_EMAIL') + or os.environ.get('DEFAULT_FROM_EMAIL', 'https://help.ona.io'), + 'Email address for users to contact, e.g. when they encounter ' + 'unhandled errors in the application', + ), + 'SUPPORT_URL': ( + os.environ.get('KOBO_SUPPORT_URL', 'https://support@ona.io'), + 'URL for "KoBoToolbox Help Center"', + ), + 'COMMUNITY_URL': ( + os.environ.get( + 'KOBO_COMMUNITY_URL', 'https://community.kobotoolbox.org/' + ), + 'URL for "KoBoToolbox Community Forum"', + ), + 'ALLOW_UNSECURED_HOOK_ENDPOINTS': ( + True, + 'Allow the use of unsecured endpoints for hooks. ' + '(e.g http://hook.example.com)', + ), + 'HOOK_MAX_RETRIES': ( + 3, + 'Number of times the system will retry to send data to remote server ' + 'before giving up', + ), + 'SSRF_ALLOWED_IP_ADDRESS': ( + '', + 'Whitelisted IP addresses to bypass SSRF protection\nOne per line', + ), + 'SSRF_DENIED_IP_ADDRESS': ( + '', + 'Blacklisted IP addresses to bypass SSRF protection\nOne per line', + ), } # Tell django-constance to use a database model instead of Redis CONSTANCE_BACKEND = 'constance.backends.database.DatabaseBackend' @@ -212,6 +223,9 @@ class DoNotUseRunner(object): TEST_RUNNER = __name__ + '.DoNotUseRunner' +# A flag set by unit tests to bypass KoBoCAT user syncing +TESTING = True + # used in kpi.models.sitewide_messages MARKITUP_FILTER = ('markdown.markdown', {'safe_mode': False}) @@ -236,6 +250,7 @@ ANONYMOUS_USER_ID = {{ kpi_anonymous_user_id }} ALLOWED_ANONYMOUS_PERMISSIONS = ( 'kpi.view_collection', 'kpi.view_asset', + 'kpi.view_submissions', ) # run heavy migration scripts by default @@ -243,11 +258,6 @@ ALLOWED_ANONYMOUS_PERMISSIONS = ( SKIP_HEAVY_MIGRATIONS = os.environ.get('SKIP_HEAVY_MIGRATIONS', 'False') == 'True' # Database -# https://docs.djangoproject.com/en/1.7/ref/settings/#databases -# DATABASES = { -# 'default': dj_database_url.config(default="sqlite:///%s/db.sqlite3" % BASE_DIR), -# 'kobocat': dj_database_url.config(default="sqlite:///%s/db.sqlite3" % BASE_DIR), -# } DATABASES = { 'default': { @@ -257,8 +267,14 @@ DATABASES = { 'PASSWORD': '{{ kpi_pgsql_password }}', 'HOST': '{{ kpi_pgsql_host }}', 'PORT': {{ kpi_pgsql_port }}, - 'TEST_CHARSET': 'utf8', - 'TEST_COLLATION': 'utf8_general_ci', + }, + 'kobocat': { + 'ENGINE': 'django.contrib.gis.db.backends.postgis', + 'NAME': '{{ ona_pgsql_db }}', + 'USER': '{{ ona_pgsql_user }}', + 'PASSWORD': '{{ ona_pgsql_password }}', + 'HOST': '{{ ona_pgsql_host }}', + 'PORT': {{ ona_pgsql_port }}, } } @@ -343,7 +359,7 @@ if os.path.exists(os.path.join(BASE_DIR, 'dkobo', 'jsapp')): REST_FRAMEWORK = { 'URL_FIELD_NAME': 'url', - 'DEFAULT_PAGINATION_CLASS': 'kpi.serializers.Paginated', + 'DEFAULT_PAGINATION_CLASS': 'kpi.paginators.Paginated', 'PAGE_SIZE': 100, 'DEFAULT_AUTHENTICATION_CLASSES': [ # SessionAuthentication and BasicAuthentication would be included by @@ -523,6 +539,7 @@ See http://celery.readthedocs.org/en/latest/getting-started/brokers/rabbitmq.htm ''' BROKER_URL = os.environ.get('KPI_BROKER_URL', '{{ kpi_broker_url }}') + # http://django-registration-redux.readthedocs.org/en/latest/quickstart.html#settings ACCOUNT_ACTIVATION_DAYS = 3 REGISTRATION_AUTO_LOGIN = True