Skip to content

Commit

Permalink
updates - fixes CSP
Browse files Browse the repository at this point in the history
  • Loading branch information
@saxix
saxix committed Nov 23, 2023
1 parent f04070f commit 49769ab
Show file tree
Hide file tree
Showing 57 changed files with 1,287 additions and 1,266 deletions.
8 changes: 4 additions & 4 deletions .flake8
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
[flake8]
max-complexity = 20
max-line-length = 120
exclude =
~*
ignore = E401,W391,E128,E261,E731,Q000,W504,W606,W503
putty-ignore =
exclude = ~*
ignore = E401,W391,E128,E261,E731,Q000,W504,W606,W503,E203
;putty-ignore =
; tests/test_choice_as_instance.py : E501

per-file-ignores =
*/__init__.py:F401,F403
*/migrations/*:E501
58 changes: 42 additions & 16 deletions .pre-commit-config.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,51 @@
exclude: '^$'
fail_fast: false
repos:
- repo: local
hooks:
# Configuration for black exists in pyproject.toml,
# but we let pre-commit take care of the file filtering.
- id: black
name: black
args: [ '--check' ]
entry: black
language: python
types: [ python ]
require_serial: true
additional_dependencies: [black]

# Configuration for isort exists in pyproject.toml,
# but we let pre-commit take care of the file filtering.
- id: isort
name: isort
args: [ '--version']
# args: [ '--src', 'src/','--check-only' ]
entry: isort
language: python
types: [ python ]
additional_dependencies: [isort]
# Configuration for black exists in .flake8,
# but we let pre-commit take care of the file filtering.
- id: flake8
name: flake8
args: ["--config", ".flake8"]
entry: flake8
language: python
types: [ python ]
additional_dependencies: [flake8]


- repo: https://github.com/Yelp/detect-secrets
rev: 0.9.1
hooks:
- id: detect-secrets
args: [ '--baseline', '.secrets.baseline' ]
exclude: (tests/.*|.*/tenant\.sql|Pipfile\.lock|.*\.js|.gitlab-ci.yml|poetry.lock)
stages: [ push ]

- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.1.0
hooks:
# - id: double-quote-string-fixer
# stages: [commit]

- id: debug-statements
stages: [commit]
Expand Down Expand Up @@ -41,17 +81,3 @@ repos:
- -p
- /print\(111/
stages: [commit]

# - repo: https://github.com/psf/black
# rev: 22.1.0
# hooks:
# - id: black
# stages: [ commit ]

- repo: https://github.com/PyCQA/flake8
rev: 4.0.1
hooks:
- id: flake8
additional_dependencies:
- flake8-black>=0.1.1
language_version: python3
64 changes: 0 additions & 64 deletions exorcist.py
View file

This file was deleted.

35 changes: 27 additions & 8 deletions pyproject.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,19 +99,38 @@ django-stubs = {extras = ["compatible-mypy"], version = "^1.16.0"}
requires = ["poetry-core>=1.1.4"]
build-backend = "poetry.core.masonry.api"

[tool.isort]
profile = "black"

[tool.black]
line-length = 120
target-version = ['py39']
include = '\.pyi?$'
exclude = '''
/(
\.toml
|\.sh
|\.git
|\.ini
|Dockerfile
\.git
| \.hg
| \.mypy_cache
| \.tox
| \.venv
| venv
| _build
| buck-out
| build
| dist
| migrations
| snapshots
)/
'''

[tool.isort]
combine_as_imports = true
default_section = "THIRDPARTY"
include_trailing_comma = true
known_django = "django"
known_typing = ["typing"]
known_tests = ["unittest", "pytest"]
known_app = "hope_country_report"
sections = ["FUTURE", 'TYPING', 'STDLIB',"TESTS",'DJANGO','THIRDPARTY','APP','LOCALFOLDER']
multi_line_output = 3
line_length = 120
balanced_wrapping = true
order_by_type = false
skip_glob = ["**/migrations/**"]
2 changes: 1 addition & 1 deletion src/aurora/api/router.py
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
from django.http import HttpResponseForbidden
from rest_framework.routers import DefaultRouter, APIRootView
from rest_framework.routers import APIRootView, DefaultRouter


class AuroraAPIRootView(APIRootView):
Expand Down
2 changes: 1 addition & 1 deletion src/aurora/api/urls.py
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
from django.urls import include, path
from .router import AuroraRouter

from . import viewsets
from .router import AuroraRouter

app_name = "api"

Expand Down
7 changes: 3 additions & 4 deletions src/aurora/api/viewsets/registration.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
from collections import OrderedDict
from urllib import parse

from django.http import HttpResponse, HttpRequest
from django.http import HttpRequest, HttpResponse
from django.utils.cache import get_conditional_response
from django_filters import rest_framework as filters
from django_filters.rest_framework import DjangoFilterBackend
Expand All @@ -17,7 +17,7 @@
from rest_framework.renderers import JSONRenderer
from rest_framework.response import Response

from ...core.utils import get_etag, get_session_id, build_dict
from ...core.utils import build_dict, get_etag, get_session_id
from ...registration.models import Record, Registration
from ..serializers import RegistrationDetailSerializer, RegistrationListSerializer
from ..serializers.record import DataTableRecordSerializer
Expand Down Expand Up @@ -161,9 +161,8 @@ def csv(self, request: HttpRequest, pk):
}
"""
reg: Registration = self.get_object()
from aurora.core.forms import CSVOptionsForm, DateFormatsForm
from aurora.registration.forms import RegistrationExportForm
from aurora.core.forms import CSVOptionsForm
from aurora.core.forms import DateFormatsForm

try:
form = RegistrationExportForm(request.GET, initial=RegistrationExportForm.defaults)
Expand Down
17 changes: 9 additions & 8 deletions src/aurora/config/asgi.py
View file
Original file line number Diff line number Diff line change
@@ -1,20 +1,21 @@
import os

from channels.auth import AuthMiddlewareStack
from channels.routing import ProtocolTypeRouter, URLRouter
from channels.security.websocket import AllowedHostsOriginValidator
# from channels.auth import AuthMiddlewareStack
from channels.routing import ProtocolTypeRouter

# from channels.security.websocket import AllowedHostsOriginValidator
from django.core.asgi import get_asgi_application

import aurora.core.channels
# import aurora.core.channels

os.environ.setdefault("DJANGO_SETTINGS_MODULE", "aurora.config.settings")

application = ProtocolTypeRouter(
{
"http": get_asgi_application(),
# Just HTTP for now. (We can add other protocols later.)
"websocket": AllowedHostsOriginValidator(
AuthMiddlewareStack(URLRouter(aurora.core.channels.websocket_urlpatterns))
),
# # Just HTTP for now. (We can add other protocols later.)
# "websocket": AllowedHostsOriginValidator(
# AuthMiddlewareStack(URLRouter(aurora.core.channels.websocket_urlpatterns))
# ),
}
)
39 changes: 19 additions & 20 deletions src/aurora/config/settings.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,10 +50,9 @@
"reversion_compare", # https://github.com/jedie/django-reversion-compare
"django_filters",
# ---
# "aurora.admin.apps.AuroraAdminUIConfig",
"smart_admin.apps.SmartLogsConfig",
"smart_admin.apps.SmartTemplateConfig",
# "smart_admin.apps.SmartAuthConfig",
"smart_admin.apps.SmartAuthConfig",
"smart_admin.apps.SmartConfig",
"aurora.administration.apps.AuroraAdminConfig",
"front_door.contrib",
Expand Down Expand Up @@ -571,7 +570,7 @@ def show_ddt(request): # pragma: no-cover
AZURE_TOKEN_URL = "https://login.microsoftonline.com/unicef.org/oauth2/token"

# Social Auth settings.
SOCIAL_AUTH_BACKEND_NAME = 'macioce'
SOCIAL_AUTH_BACKEND_NAME = "macioce"
SOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_SECRET = env.str("AZURE_CLIENT_SECRET")
SOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_TENANT_ID = env("AZURE_TENANT_ID")
SOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_KEY = env.str("AZURE_CLIENT_KEY")
Expand Down Expand Up @@ -638,6 +637,7 @@ def show_ddt(request): # pragma: no-cover
"browser.sentry-cdn.com",
"cdnjs.cloudflare.com",
"unisitetracker.unicef.io",
"cdn.jsdelivr.net",
"register.unicef.org",
"uni-hope-ukr-sr.azurefd.net",
"uni-hope-ukr-sr-dev.azurefd.net",
Expand All @@ -647,9 +647,7 @@ def show_ddt(request): # pragma: no-cover
"csp.middleware.CSPMiddleware",
]
CSP_DEFAULT_SRC = SOURCES
CSP_FRAME_ANCESTORS = (
"'self'",
)
CSP_FRAME_ANCESTORS = ("'self'",)
# CSP_SCRIPT_SRC = SOURCES
# CSP_STYLE_SRC = (
# "'self'",
Expand All @@ -671,20 +669,21 @@ def show_ddt(request): # pragma: no-cover
# CSP_MEDIA_SRC = ("self",)
# CSP_REPORT_URI = ("https://624948b721ea44ac2a6b4de4.endpoint.csper.io/?v=0;",)
# CSP_WORKER_SRC = ("self",)
"""default-src 'self';
script-src 'report-sample' 'self';
style-src 'report-sample' 'self';
object-src 'none';
base-uri 'self';
connect-src 'self';
font-src 'self';
frame-src 'self';
img-src 'self';
manifest-src 'self';
media-src 'self';
report-uri https://624948b721ea44ac2a6b4de4.endpoint.csper.io/?v=0;
worker-src 'none';
"""
# """default-src 'self';
# script-src 'report-sample' 'self';
# style-src 'report-sample' 'self';
# object-src 'none';
#
# base-uri 'self';
# connect-src 'self';
# font-src 'self';
# frame-src 'self';
# img-src 'self';
# manifest-src 'self';
# media-src 'self';
# report-uri https://624948b721ea44ac2a6b4de4.endpoint.csper.io/?v=0;
# worker-src 'none';
# """

# CSP_INCLUDE_NONCE_IN = env("CSP_INCLUDE_NONCE_IN")
# CSP_REPORT_ONLY = env("CSP_REPORT_ONLY")
Expand Down
4 changes: 2 additions & 2 deletions src/aurora/core/admin/field_editor.py
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
import json
from django.conf import settings
from typing import Dict

from django import forms
from django.conf import settings
from django.core.cache import caches
from django.http import HttpResponse, HttpResponseRedirect, JsonResponse
from django.shortcuts import render
from django.template import Context, Template
from django.utils.functional import cached_property

from aurora.core.fields.widgets import JavascriptEditor
from aurora.core.forms import VersionMedia, FlexFormBaseForm
from aurora.core.forms import FlexFormBaseForm, VersionMedia
from aurora.core.models import FlexFormField, OptionSet
from aurora.core.utils import merge_data

Expand Down
Loading

0 comments on commit 49769ab

Please sign in to comment.