root / snf-astakos-app / README @ 075b91de
History | View | Annotate | Download (19.2 kB)
1 | e0bfcf77 | Antony Chazapis | README |
---|---|---|---|
2 | e0bfcf77 | Antony Chazapis | ====== |
3 | e0bfcf77 | Antony Chazapis | |
4 | e0bfcf77 | Antony Chazapis | Astakos is an identity management service, built by GRNET using Django (https://www.djangoproject.com/). |
5 | e0bfcf77 | Antony Chazapis | Learn more about Astakos at: http://code.grnet.gr/projects/astakos |
6 | e0bfcf77 | Antony Chazapis | |
7 | e0bfcf77 | Antony Chazapis | Consult COPYRIGHT for licensing information. |
8 | e0bfcf77 | Antony Chazapis | |
9 | e0bfcf77 | Antony Chazapis | About Astakos application |
10 | e0bfcf77 | Antony Chazapis | ------------------------- |
11 | e0bfcf77 | Antony Chazapis | |
12 | e0bfcf77 | Antony Chazapis | This package contains the Django application that implements all identity management functions. |
13 | e0bfcf77 | Antony Chazapis | |
14 | e0bfcf77 | Antony Chazapis | How to run |
15 | e0bfcf77 | Antony Chazapis | ---------- |
16 | e0bfcf77 | Antony Chazapis | |
17 | e0bfcf77 | Antony Chazapis | Use snf-webproject to run Astakos automatically. |
18 | e0bfcf77 | Antony Chazapis | |
19 | e0bfcf77 | Antony Chazapis | To use Astakos in a custom Django project, add ``astakos.im`` to ``INSTALLED_APPS``. Astakos requires South (http://south.aeracode.org/). |
20 | e0bfcf77 | Antony Chazapis | |
21 | e0bfcf77 | Antony Chazapis | Also, add the following to your ``settings.py``:: |
22 | e0bfcf77 | Antony Chazapis | |
23 | e0bfcf77 | Antony Chazapis | TEMPLATE_CONTEXT_PROCESSORS = ( |
24 | e0bfcf77 | Antony Chazapis | ... |
25 | e0bfcf77 | Antony Chazapis | 'astakos.im.context_processors.cloudbar', |
26 | e0bfcf77 | Antony Chazapis | 'astakos.im.context_processors.im_modules', |
27 | e0bfcf77 | Antony Chazapis | 'astakos.im.context_processors.next', |
28 | e0bfcf77 | Antony Chazapis | 'astakos.im.context_processors.code', |
29 | e0bfcf77 | Antony Chazapis | 'astakos.im.context_processors.invitations') |
30 | e0bfcf77 | Antony Chazapis | |
31 | e0bfcf77 | Antony Chazapis | AUTHENTICATION_BACKENDS = ('astakos.im.auth_backends.EmailBackend', |
32 | e0bfcf77 | Antony Chazapis | 'astakos.im.auth_backends.TokenBackend') |
33 | e0bfcf77 | Antony Chazapis | |
34 | e0bfcf77 | Antony Chazapis | CUSTOM_USER_MODEL = 'astakos.im.AstakosUser' |
35 | e0bfcf77 | Antony Chazapis | |
36 | e0bfcf77 | Antony Chazapis | LOGIN_URL = '/im' |
37 | e0bfcf77 | Antony Chazapis | |
38 | e0bfcf77 | Antony Chazapis | Settings |
39 | e0bfcf77 | Antony Chazapis | -------- |
40 | e0bfcf77 | Antony Chazapis | |
41 | e0bfcf77 | Antony Chazapis | Configure in ``settings.py`` or a ``.conf`` file in ``/etc/synnefo`` if using snf-webproject. |
42 | e0bfcf77 | Antony Chazapis | |
43 | b03877be | Sofia Papagiannaki | =========================================== ============================================================================= =========================================================================================== |
44 | b03877be | Sofia Papagiannaki | Name Default value Description |
45 | b03877be | Sofia Papagiannaki | =========================================== ============================================================================= =========================================================================================== |
46 | b03877be | Sofia Papagiannaki | ASTAKOS_AUTH_TOKEN_DURATION one month Expiration time of newly created auth tokens |
47 | b03877be | Sofia Papagiannaki | ASTAKOS_DEFAULT_USER_LEVEL 4 Default (not-invited) user level |
48 | b03877be | Sofia Papagiannaki | ASTAKOS_INVITATIONS_PER_LEVEL {0:100, 1:2, 2:0, 3:0, 4:0} Number of user invitations per user level |
49 | b03877be | Sofia Papagiannaki | ASTAKOS_DEFAULT_FROM_EMAIL GRNET Cloud <no-reply\@grnet.gr> ``from`` parameter passed in ``django.core.mail.send_mail`` |
50 | b03877be | Sofia Papagiannaki | ASTAKOS_DEFAULT_CONTACT_EMAIL support\@cloud.grnet.gr Contact email |
51 | 5a3921a1 | Sofia Papagiannaki | SERVER_EMAIL None |
52 | 5a3921a1 | Sofia Papagiannaki | ADMINS None |
53 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_IM_MODULES ['local'] Signup modules |
54 | b03877be | Sofia Papagiannaki | ASTAKOS_FORCE_PROFILE_UPDATE True Force user profile verification |
55 | b03877be | Sofia Papagiannaki | ASTAKOS_INVITATIONS_ENABLED True Enable invitations |
56 | b03877be | Sofia Papagiannaki | ASTAKOS_COOKIE_NAME _pithos2_a ``Key`` parameter passed in ``django.http.HttpResponse.set_cookie`` |
57 | b03877be | Sofia Papagiannaki | ASTAKOS_COOKIE_DOMAIN None ``Domain`` parameter passed in ``django.http.HttpResponse.set_cookie`` |
58 | b03877be | Sofia Papagiannaki | ASTAKOS_COOKIE_SECURE True ``Secure`` parameter passed in ``django.http.HttpResponse.set_cookie`` |
59 | b03877be | Sofia Papagiannaki | ASTAKOS_IM_STATIC_URL /static/im/ URL to use when referring to static files |
60 | b03877be | Sofia Papagiannaki | ASTAKOS_MODERATION_ENABLED True If False and invitations are not enabled newly created user will be automatically accepted |
61 | b03877be | Sofia Papagiannaki | ASTAKOS_BASEURL \http://pithos.dev.grnet.gr Astakos baseurl |
62 | b03877be | Sofia Papagiannaki | ASTAKOS_SITENAME GRNET Cloud Service name that appears in emails |
63 | b03877be | Sofia Papagiannaki | ASTAKOS_RECAPTCHA_PUBLIC_KEY Recaptcha public key obtained after registration here: http://recaptcha.net |
64 | b03877be | Sofia Papagiannaki | ASTAKOS_RECAPTCHA_PRIVATE_KEY Recaptcha private key obtained after registration here: http://recaptcha.net |
65 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_RECAPTCHA_OPTIONS {'theme': 'custom', 'custom_theme_widget': 'okeanos_recaptcha'} Options for customizing reCAPTCHA look and feel |
66 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_RECAPTCHA_USE_SSL True |
67 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_RECAPTCHA_ENABLED False Enable recaptcha |
68 | b03877be | Sofia Papagiannaki | (see: http://code.google.com/intl/el-GR/apis/recaptcha/docs/customization.html) |
69 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_BILLING_FIELDS ['is_active'] AstakosUser fields to propagate in the billing system |
70 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_QUEUE_CONNECTION The queue connection ex. 'rabbitmq://guest:guest@localhost:5672/astakos' |
71 | b03877be | Sofia Papagiannaki | ASTAKOS_LOGOUT_NEXT Where the user should be redirected after logout |
72 | b03877be | Sofia Papagiannaki | (if not set and no next parameter is defined it renders login page with message) |
73 | b03877be | Sofia Papagiannaki | (if it is not set, it does not send messages) |
74 | b03877be | Sofia Papagiannaki | ASTAKOS_RE_USER_EMAIL_PATTERNS [] Email patterns that are automatically activated ex. ['^[a-zA-Z0-9\._-]+@grnet\.gr$'] |
75 | 76776df1 | Kostas Papadimitriou | |
76 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_LOGIN_MESSAGES [] Notification messages to display on login page header |
77 | 5a3921a1 | Sofia Papagiannaki | e.g. {'warning': 'Warning message (can contain html)'} |
78 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_SIGNUP_MESSAGES [] Notification messages to display on signup page header |
79 | 5a3921a1 | Sofia Papagiannaki | e.g. {'warning': 'Warning message (can contain html)'} |
80 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_PROFILE_MESSAGES [] Notification messages to display on profile page header |
81 | 5a3921a1 | Sofia Papagiannaki | e.g. {'warning': 'Warning message (can contain html)'} |
82 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_GLOBAL_MESSAGES [] Notification messages to display on every page header |
83 | b03877be | Sofia Papagiannaki | e.g. {'warning': 'Warning message (can contain html)'} |
84 | b03877be | Sofia Papagiannaki | ASTAKOS_PROFILE_EXTRA_LINKS {} Messages to display as extra actions in account forms |
85 | b03877be | Sofia Papagiannaki | e.g. {'https://cms.okeanos.grnet.gr/': 'Back to ~okeanos'} |
86 | b03877be | Sofia Papagiannaki | ASTAKOS_RATELIMIT_RETRIES_ALLOWED 3 Number of unsuccessful login requests per minute allowed for a specific account. |
87 | b03877be | Sofia Papagiannaki | When this number exceeds and ASTAKOS_RECAPTCHA_ENABLED is set the user has to solve a |
88 | b03877be | Sofia Papagiannaki | captcha challenge. |
89 | b03877be | Sofia Papagiannaki | ASTAKOS_EMAILCHANGE_ENABLED False Enable email change mechanism |
90 | b03877be | Sofia Papagiannaki | ASTAKOS_EMAILCHANGE_ACTIVATION_DAYS 10 Number of days that email change requests remain active |
91 | b03877be | Sofia Papagiannaki | ASTAKOS_LOGGING_LEVEL INFO Message logging severity |
92 | b03877be | Sofia Papagiannaki | ASTAKOS_INVITATION_EMAIL_SUBJECT 'Invitation to %s alpha2 testing' % SITENAME Invitation email subject |
93 | b03877be | Sofia Papagiannaki | ASTAKOS_GREETING_EMAIL_SUBJECT 'Welcome to %s alpha2 testing' % SITENAME Welcome email subject |
94 | b03877be | Sofia Papagiannaki | ASTAKOS_FEEDBACK_EMAIL_SUBJECT 'Feedback from %s alpha2 testing' % SITENAME Feedback email subject |
95 | b03877be | Sofia Papagiannaki | ASTAKOS_VERIFICATION_EMAIL_SUBJECT '%s alpha2 testing account activation is needed' % SITENAME Account activation email subject |
96 | 952c0979 | Sofia Papagiannaki | ASTAKOS_ACCOUNT_CREATION_SUBJECT '%s alpha2 testing account created (%%(user)s)' % SITENAME Account creation email subject |
97 | 952c0979 | Sofia Papagiannaki | ASTAKOS_GROUP_CREATION_SUBJECT '%s alpha2 testing group created (%%(group)s)' % SITENAME Group creation email subject |
98 | b03877be | Sofia Papagiannaki | ASTAKOS_HELPDESK_NOTIFICATION_EMAIL_SUBJECT '%s alpha2 testing account activated (%%(user)s)' % SITENAME Account activation helpdesk notification email subject |
99 | b03877be | Sofia Papagiannaki | ASTAKOS_EMAIL_CHANGE_EMAIL_SUBJECT 'Email change on %s alpha2 testing' % SITENAME Email change subject |
100 | b03877be | Sofia Papagiannaki | ASTAKOS_PASSWORD_RESET_EMAIL_SUBJECT 'Password reset on %s alpha2 testing' % SITENAME Password change email subject |
101 | c4d1b547 | Sofia Papagiannaki | ASTAKOS_PROJECT_CREATION_SUBJECT '%s alpha2 testing project application created (%%(name)s)' % SITENAME Project application creation subject |
102 | c4d1b547 | Sofia Papagiannaki | ASTAKOS_PROJECT_APPROVED_SUBJECT '%s alpha2 testing project application approved (%%(name)s)' % SITENAME Project application approval subject |
103 | c4d1b547 | Sofia Papagiannaki | ASTAKOS_PROJECT_TERMINATION_SUBJECT '%s alpha2 testing project terminated (%%(name)s)' % SITENAME Project termination subject |
104 | c4d1b547 | Sofia Papagiannaki | ASTAKOS_PROJECT_SUSPENSION_SUBJECT '%s alpha2 testing project suspended (%%(name)s)' % SITENAME Project suspension subject |
105 | c4d1b547 | Sofia Papagiannaki | ASTAKOS_PROJECT_MEMBERSHIP_CHANGE_SUBJECT '%s alpha2 testing project membership changed (%%(name)s)' % SITENAME Project membership change subject |
106 | 485c713e | Sofia Papagiannaki | |
107 | 30d92d1e | Georgios D. Tsoukalas | ASTAKOS_QUOTAHOLDER_URL '' The quotaholder URI |
108 | 952c0979 | Sofia Papagiannaki | e.g. ``http://localhost:8080/api/quotaholder/v`` |
109 | 30d92d1e | Georgios D. Tsoukalas | ASTAKOS_QUOTAHOLDER_TOKEN '' The secret token for accessing the quotaholder URI |
110 | 30d92d1e | Georgios D. Tsoukalas | |
111 | 952c0979 | Sofia Papagiannaki | ASTAKOS_SERVICES {'cyclades': {'resources': [{'desc': 'Number of virtual machines', Default cloud service information |
112 | 1f3ad141 | Sofia Papagiannaki | 'group': 'compute', |
113 | 952c0979 | Sofia Papagiannaki | 'name': 'vm', |
114 | 952c0979 | Sofia Papagiannaki | 'uplimit': 2}, |
115 | 952c0979 | Sofia Papagiannaki | {'desc': 'Virtual machine disk size', |
116 | 1f3ad141 | Sofia Papagiannaki | 'group': 'compute', |
117 | 1f3ad141 | Sofia Papagiannaki | 'name': 'diskspace', |
118 | 952c0979 | Sofia Papagiannaki | 'unit': 'GB', |
119 | 952c0979 | Sofia Papagiannaki | 'uplimit': 5}, |
120 | 952c0979 | Sofia Papagiannaki | {'desc': 'Number of virtual machine processors', |
121 | 1f3ad141 | Sofia Papagiannaki | 'group': 'compute', |
122 | 952c0979 | Sofia Papagiannaki | 'name': 'cpu', |
123 | 952c0979 | Sofia Papagiannaki | 'uplimit': 1}, |
124 | 952c0979 | Sofia Papagiannaki | {'desc': 'Virtual machines', |
125 | 1f3ad141 | Sofia Papagiannaki | 'group': 'compute', |
126 | 952c0979 | Sofia Papagiannaki | 'name': 'ram', |
127 | 952c0979 | Sofia Papagiannaki | 'unit': 'MB', |
128 | 952c0979 | Sofia Papagiannaki | 'uplimit': 1024}], |
129 | 952c0979 | Sofia Papagiannaki | 'url': 'https://node1.example.com/ui/'}, |
130 | 952c0979 | Sofia Papagiannaki | 'pithos+': {'resources': [{'desc': 'Pithos account diskspace', |
131 | 1f3ad141 | Sofia Papagiannaki | 'group': 'storage', |
132 | 952c0979 | Sofia Papagiannaki | 'name': 'diskspace', |
133 | 952c0979 | Sofia Papagiannaki | 'unit': 'bytes', |
134 | 952c0979 | Sofia Papagiannaki | 'uplimit': 5368709120}], |
135 | 5a3921a1 | Sofia Papagiannaki | 'url': 'https://node2.example.com/ui/'}} |
136 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_PAGINATE_BY 8 Number of object to be displayed per page |
137 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_PAGINATE_BY_ALL 15 Number of object to be displayed per pagein show all projects page |
138 | 485c713e | Sofia Papagiannaki | |
139 | ee210d1d | Sofia Papagiannaki | ASTAKOS_NEWPASSWD_INVALIDATE_TOKEN True Enforce token renewal on password change/reset. If set to False, user can optionally decide |
140 | 48e9f076 | Sofia Papagiannaki | whether to renew the token or not. |
141 | 678b2236 | Sofia Papagiannaki | ASTAKOS_ENABLE_LOCAL_ACCOUNT_MIGRATION True Permit local account migration to third party account |
142 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_RESOURCES_PRESENTATION_DATA {} Customizes resource presentation |
143 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_ENABLE_LOCAL_ACCOUNT_MIGRATION True Permits local account migration |
144 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_SHIBBOLETH_REQUIRE_NAME_INFO False Strict shibboleth usage |
145 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_PROJECT_MEMBER_JOIN_POLICIES {'1':'automatically accepted', '2':'owner accepts', '3':'closed'} Text to be displayed in project member join policy dropdown |
146 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_PROJECT_MEMBER_LEAVE_POLICIES {'1':'automatically accepted', '2':'owner accepts', '3':'closed'} Text to be displayed in project member leave policy dropdown |
147 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_ACTIVATION_REDIRECT_URL "/im/landing" |
148 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_TRANSLATE_UUIDS False If true, this enables a ui compatibility layer for the introduction of UUIDs in identity management. |
149 | 5a3921a1 | Sofia Papagiannaki | WARNING: Setting to True will break your installation. |
150 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_PROJECT_ADMINS set() Users to approve/deny project applications |
151 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_TWITTER_TOKEN '' Oauth2 twitter token |
152 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_TWITTER_SECRET '' Oauth2 twitter secret |
153 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_TWITTER_AUTH_FORCE_LOGIN Fals |
154 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_GOOGLE_CLIENT_ID '' Oauth2 google client id |
155 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_GOOGLE_SECRET '' Oauth2 google secret |
156 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_LINKEDIN_TOKEN '' Oauth2 LinkedIn token |
157 | 5a3921a1 | Sofia Papagiannaki | ASTAKOS_LINKEDIN_SECRET '' Oauth2 LinkedIn secret |
158 | b03877be | Sofia Papagiannaki | =========================================== ============================================================================= =========================================================================================== |
159 | e0bfcf77 | Antony Chazapis | |
160 | e0bfcf77 | Antony Chazapis | Administrator functions |
161 | e0bfcf77 | Antony Chazapis | ----------------------- |
162 | e0bfcf77 | Antony Chazapis | |
163 | e0bfcf77 | Antony Chazapis | Available as extensions to Django's command-line management utility: |
164 | e0bfcf77 | Antony Chazapis | |
165 | f85992bc | Sofia Papagiannaki | ============================ =========================== |
166 | f85992bc | Sofia Papagiannaki | Name Description |
167 | f85992bc | Sofia Papagiannaki | ============================ =========================== |
168 | f85992bc | Sofia Papagiannaki | fix-superusers Transform superusers created by syncdb into AstakosUser instances |
169 | f85992bc | Sofia Papagiannaki | full-cleanup Cleanup sessions and session catalog |
170 | f85992bc | Sofia Papagiannaki | invitation-list List invitation |
171 | f85992bc | Sofia Papagiannaki | invitation-show Show invitation details |
172 | f85992bc | Sofia Papagiannaki | project-control Manage projects and applications |
173 | f85992bc | Sofia Papagiannaki | project-list List projects |
174 | f85992bc | Sofia Papagiannaki | project-show Show project details |
175 | 075b91de | Giorgos Korfiatis | quota List and check the integrity of user quota |
176 | f85992bc | Sofia Papagiannaki | reconcile-resources-astakos Reconcile resource usage of Quotaholder with Astakos DB |
177 | f85992bc | Sofia Papagiannaki | resource-add Add resource |
178 | f85992bc | Sofia Papagiannaki | resource-export-astakos Export astakos resources in json format |
179 | f85992bc | Sofia Papagiannaki | resource-import Import resources |
180 | f85992bc | Sofia Papagiannaki | resource-list List resources |
181 | f85992bc | Sofia Papagiannaki | resource-modify Modify resources |
182 | f85992bc | Sofia Papagiannaki | resource-remove Remove resource |
183 | f85992bc | Sofia Papagiannaki | service-add Add service |
184 | f85992bc | Sofia Papagiannaki | service-list List services |
185 | f85992bc | Sofia Papagiannaki | service-modify Modify service |
186 | f85992bc | Sofia Papagiannaki | service-remove Remove service |
187 | f85992bc | Sofia Papagiannaki | term-add Add approval terms |
188 | f85992bc | Sofia Papagiannaki | user-activation-send Send user activation |
189 | f85992bc | Sofia Papagiannaki | user-add Add user |
190 | f85992bc | Sofia Papagiannaki | user-auth-policy-add Create a new authentication provider policy profile |
191 | f85992bc | Sofia Papagiannaki | user-auth-policy-list List existing authentication provider policy profiles |
192 | f85992bc | Sofia Papagiannaki | user-auth-policy-remove Remove an authentication provider policy |
193 | f85992bc | Sofia Papagiannaki | user-auth-policy-set Assign an existing authentication provider policy profile to a user or group |
194 | f85992bc | Sofia Papagiannaki | user-auth-policy-show Show authentication provider profile details |
195 | f85992bc | Sofia Papagiannaki | user-group-add Create a group with the given name |
196 | f85992bc | Sofia Papagiannaki | user-group-list List available groups |
197 | f85992bc | Sofia Papagiannaki | user-invite Invite somebody |
198 | f85992bc | Sofia Papagiannaki | user-list List users |
199 | f85992bc | Sofia Papagiannaki | user-modify Modify user |
200 | f85992bc | Sofia Papagiannaki | user-show Show user details |
201 | f85992bc | Sofia Papagiannaki | ============================ =========================== |