Revision b83ebddd
b/snf-astakos-app/astakos/im/settings.py | ||
---|---|---|
9 | 9 |
BASE_PATH = settings.ASTAKOS_BASE_PATH |
10 | 10 |
|
11 | 11 |
synnefo_services = settings.SYNNEFO_SERVICES |
12 |
|
|
13 |
# Set service name |
|
14 |
SITENAME = getattr(settings, 'ASTAKOS_SITENAME', synnefo_settings.SERVICE_NAME) |
|
15 |
|
|
12 | 16 |
ACCOUNTS_PREFIX = get_service_prefix(synnefo_services, 'astakos_account') |
13 | 17 |
VIEWS_PREFIX = get_service_prefix(synnefo_services, 'astakos_ui') |
14 | 18 |
KEYSTONE_PREFIX = get_service_prefix(synnefo_services, 'astakos_identity') |
15 | 19 |
WEBLOGIN_PREFIX = get_service_prefix(synnefo_services, 'astakos_weblogin') |
16 | 20 |
|
17 |
# Set the expiration time of newly created auth tokens |
|
18 |
# to be this many hours after their creation time. |
|
19 |
AUTH_TOKEN_DURATION = getattr(settings, 'ASTAKOS_AUTH_TOKEN_DURATION', 30 * 24) |
|
20 |
|
|
21 |
DEFAULT_USER_LEVEL = getattr(settings, 'ASTAKOS_DEFAULT_USER_LEVEL', 4) |
|
22 |
|
|
23 |
INVITATIONS_PER_LEVEL = getattr(settings, 'ASTAKOS_INVITATIONS_PER_LEVEL', { |
|
24 |
0: 100, |
|
25 |
1: 2, |
|
26 |
2: 0, |
|
27 |
3: 0, |
|
28 |
4: 0 |
|
29 |
}) |
|
30 |
|
|
31 |
ADMINS = tuple(getattr(settings, 'ADMINS', ())) |
|
32 |
MANAGERS = tuple(getattr(settings, 'MANAGERS', ())) |
|
33 |
HELPDESK = tuple(getattr(settings, 'HELPDESK', ())) |
|
34 |
|
|
21 |
# These get annotated by snf-webproject |
|
22 |
ADMINS = settings.ADMINS |
|
23 |
MANAGERS = settings.MANAGERS |
|
24 |
HELPDESK = settings.HELPDESK |
|
35 | 25 |
CONTACT_EMAIL = settings.CONTACT_EMAIL |
36 | 26 |
SERVER_EMAIL = settings.SERVER_EMAIL |
37 | 27 |
SECRET_KEY = settings.SECRET_KEY |
38 | 28 |
SESSION_ENGINE = settings.SESSION_ENGINE |
39 | 29 |
|
40 |
# Identity Management enabled modules
|
|
41 |
# Supported modules are: 'local', 'twitter' and 'shibboleth'
|
|
42 |
IM_MODULES = getattr(settings, 'ASTAKOS_IM_MODULES', ['local'])
|
|
30 |
# Set the astakos main functions logging severity (None to disable)
|
|
31 |
from logging import INFO
|
|
32 |
LOGGING_LEVEL = getattr(settings, 'ASTAKOS_LOGGING_LEVEL', INFO)
|
|
43 | 33 |
|
44 |
# Force user profile verification |
|
45 |
FORCE_PROFILE_UPDATE = getattr(settings, 'ASTAKOS_FORCE_PROFILE_UPDATE', False) |
|
34 |
default_activation_redirect_url = join_urls('/', BASE_PATH, VIEWS_PREFIX, |
|
35 |
"landing") |
|
36 |
ACTIVATION_REDIRECT_URL = getattr(settings, 'ASTAKOS_ACTIVATION_REDIRECT_URL', |
|
37 |
default_activation_redirect_url) |
|
46 | 38 |
|
47 |
#Enable invitations |
|
48 |
INVITATIONS_ENABLED = getattr(settings, 'ASTAKOS_INVITATIONS_ENABLED', False) |
|
39 |
# URL to redirect the user after successful login when no next parameter is set |
|
40 |
default_success_url = join_urls('/', BASE_PATH, VIEWS_PREFIX, "landing") |
|
41 |
LOGIN_SUCCESS_URL = getattr(settings, 'ASTAKOS_LOGIN_SUCCESS_URL', |
|
42 |
default_success_url) |
|
49 | 43 |
|
50 |
COOKIE_NAME = getattr(settings, 'ASTAKOS_COOKIE_NAME', '_pithos2_a')
|
|
51 |
COOKIE_DOMAIN = getattr(settings, 'ASTAKOS_COOKIE_DOMAIN', None)
|
|
52 |
COOKIE_SECURE = getattr(settings, 'ASTAKOS_COOKIE_SECURE', True)
|
|
44 |
#
|
|
45 |
# Local defaults
|
|
46 |
#
|
|
53 | 47 |
|
54 |
IM_STATIC_URL = getattr(settings, 'ASTAKOS_IM_STATIC_URL', '/static/im/')
|
|
48 |
AUTH_TOKEN_DURATION = settings.ASTAKOS_AUTH_TOKEN_DURATION
|
|
55 | 49 |
|
56 |
# If set to False and invitations not enabled newly created user |
|
57 |
# will be automatically accepted |
|
58 |
MODERATION_ENABLED = getattr(settings, 'ASTAKOS_MODERATION_ENABLED', True) |
|
50 |
IM_MODULES = settings.ASTAKOS_IM_MODULES |
|
59 | 51 |
|
60 |
# Set service name |
|
61 |
SITENAME = getattr(settings, 'ASTAKOS_SITENAME', synnefo_settings.SERVICE_NAME) |
|
52 |
COOKIE_DOMAIN = settings.ASTAKOS_COOKIE_DOMAIN |
|
53 |
COOKIE_NAME = settings.ASTAKOS_COOKIE_NAME |
|
54 |
COOKIE_SECURE = settings.ASTAKOS_COOKIE_SECURE |
|
62 | 55 |
|
63 |
# Set recaptcha keys |
|
64 |
RECAPTCHA_PUBLIC_KEY = getattr(settings, 'ASTAKOS_RECAPTCHA_PUBLIC_KEY', '') |
|
65 |
RECAPTCHA_PRIVATE_KEY = getattr(settings, 'ASTAKOS_RECAPTCHA_PRIVATE_KEY', '') |
|
66 |
RECAPTCHA_OPTIONS = getattr(settings, 'ASTAKOS_RECAPTCHA_OPTIONS', |
|
67 |
{'theme': 'custom', |
|
68 |
'custom_theme_widget': 'okeanos_recaptcha'}) |
|
69 |
RECAPTCHA_USE_SSL = getattr(settings, 'ASTAKOS_RECAPTCHA_USE_SSL', True) |
|
70 |
RECAPTCHA_ENABLED = getattr(settings, 'ASTAKOS_RECAPTCHA_ENABLED', False) |
|
71 |
|
|
72 |
# Set where the user should be redirected after logout |
|
73 |
LOGOUT_NEXT = getattr(settings, 'ASTAKOS_LOGOUT_NEXT', '') |
|
74 |
|
|
75 |
# Set user email patterns that are automatically activated |
|
76 |
RE_USER_EMAIL_PATTERNS = getattr( |
|
77 |
settings, 'ASTAKOS_RE_USER_EMAIL_PATTERNS', []) |
|
78 |
|
|
79 |
# Messages to display on login page header |
|
80 |
# e.g. {'warning': |
|
81 |
# 'This warning message will be displayed on the top of login page'} |
|
82 |
LOGIN_MESSAGES = getattr(settings, 'ASTAKOS_LOGIN_MESSAGES', []) |
|
83 |
|
|
84 |
# Messages to display on login page header |
|
85 |
# e.g. {'warning': |
|
86 |
# 'This warning message will be displayed on the top of signup page'} |
|
87 |
SIGNUP_MESSAGES = getattr(settings, 'ASTAKOS_SIGNUP_MESSAGES', []) |
|
88 |
|
|
89 |
# Messages to display on login page header |
|
90 |
# e.g. {'warning': |
|
91 |
# 'This warning message will be displayed on the top of profile page'} |
|
92 |
PROFILE_MESSAGES = getattr(settings, 'ASTAKOS_PROFILE_MESSAGES', []) |
|
93 |
|
|
94 |
# Messages to display on all pages |
|
95 |
# e.g. {'warning': |
|
96 |
# 'This warning message will be displayed on the top of every page'} |
|
97 |
GLOBAL_MESSAGES = getattr(settings, 'ASTAKOS_GLOBAL_MESSAGES', []) |
|
98 |
|
|
99 |
# messages to display as extra actions in account forms |
|
100 |
# e.g. {'https://www.myhomepage.com': 'Back to <service_name>'} |
|
101 |
PROFILE_EXTRA_LINKS = getattr(settings, 'ASTAKOS_PROFILE_EXTRA_LINKS', {}) |
|
102 |
|
|
103 |
# The number of unsuccessful login requests per minute allowed |
|
104 |
# for a specific user |
|
105 |
RATELIMIT_RETRIES_ALLOWED = getattr( |
|
106 |
settings, 'ASTAKOS_RATELIMIT_RETRIES_ALLOWED', 3) |
|
107 |
|
|
108 |
# If False the email change mechanism is disabled |
|
109 |
EMAILCHANGE_ENABLED = getattr(settings, 'ASTAKOS_EMAILCHANGE_ENABLED', False) |
|
110 |
|
|
111 |
# Set the expiration time (in days) of email change requests |
|
112 |
EMAILCHANGE_ACTIVATION_DAYS = getattr( |
|
113 |
settings, 'ASTAKOS_EMAILCHANGE_ACTIVATION_DAYS', 10) |
|
56 |
MODERATION_ENABLED = settings.ASTAKOS_MODERATION_ENABLED |
|
57 |
RE_USER_EMAIL_PATTERNS = settings.ASTAKOS_RE_USER_EMAIL_PATTERNS |
|
114 | 58 |
|
115 |
# Set the astakos main functions logging severity (None to disable) |
|
116 |
from logging import INFO |
|
117 |
LOGGING_LEVEL = getattr(settings, 'ASTAKOS_LOGGING_LEVEL', INFO) |
|
59 |
RECAPTCHA_ENABLED = settings.ASTAKOS_RECAPTCHA_ENABLED |
|
60 |
RECAPTCHA_PUBLIC_KEY = settings.ASTAKOS_RECAPTCHA_PUBLIC_KEY |
|
61 |
RECAPTCHA_PRIVATE_KEY = settings.ASTAKOS_RECAPTCHA_PRIVATE_KEY |
|
62 |
RECAPTCHA_OPTIONS = settings.ASTAKOS_RECAPTCHA_OPTIONS |
|
63 |
RECAPTCHA_USE_SSL = settings.ASTAKOS_RECAPTCHA_USE_SSL |
|
118 | 64 |
|
119 |
# Set how many objects should be displayed per page |
|
120 |
PAGINATE_BY = getattr(settings, 'ASTAKOS_PAGINATE_BY', 50) |
|
65 |
LOGIN_MESSAGES = settings.ASTAKOS_LOGIN_MESSAGES |
|
66 |
SIGNUP_MESSAGES = settings.ASTAKOS_SIGNUP_MESSAGES |
|
67 |
PROFILE_MESSAGES = settings.ASTAKOS_PROFILE_MESSAGES |
|
68 |
GLOBAL_MESSAGES = settings.ASTAKOS_GLOBAL_MESSAGES |
|
69 |
PROFILE_EXTRA_LINKS = settings.ASTAKOS_PROFILE_EXTRA_LINKS |
|
121 | 70 |
|
122 |
# Set how many objects should be displayed per page in show all projects page |
|
123 |
PAGINATE_BY_ALL = getattr(settings, 'ASTAKOS_PAGINATE_BY_ALL', 50) |
|
71 |
EMAILCHANGE_ENABLED = settings.ASTAKOS_EMAILCHANGE_ENABLED |
|
72 |
EMAILCHANGE_ACTIVATION_DAYS = settings.ASTAKOS_EMAILCHANGE_ACTIVATION_DAYS |
|
73 |
SKIP_EMAIL_VERIFICATION = settings.ASTAKOS_SKIP_EMAIL_VERIFICATION |
|
124 | 74 |
|
125 |
# Enforce token renewal on password change/reset |
|
126 |
NEWPASSWD_INVALIDATE_TOKEN = getattr( |
|
127 |
settings, 'ASTAKOS_NEWPASSWD_INVALIDATE_TOKEN', True) |
|
75 |
PAGINATE_BY = settings.ASTAKOS_PAGINATE_BY |
|
76 |
PAGINATE_BY_ALL = settings.ASTAKOS_PAGINATE_BY_ALL |
|
128 | 77 |
|
129 |
# Interval at which to update the user's available quota in astakos usage |
|
130 |
# profile view |
|
131 |
USAGE_UPDATE_INTERVAL = getattr(settings, 'ASTAKOS_USAGE_UPDATE_INTERVAL', |
|
132 |
5000) |
|
78 |
PROJECTS_VISIBLE = settings.ASTAKOS_PROJECTS_VISIBLE |
|
79 |
PROJECT_ADMINS = settings.ASTAKOS_PROJECT_ADMINS |
|
133 | 80 |
|
134 |
# Permit local account migration |
|
135 |
ENABLE_LOCAL_ACCOUNT_MIGRATION = getattr( |
|
136 |
settings, 'ASTAKOS_ENABLE_LOCAL_ACCOUNT_MIGRATION', True) |
|
81 |
SHIBBOLETH_REQUIRE_NAME_INFO = settings.ASTAKOS_SHIBBOLETH_REQUIRE_NAME_INFO |
|
137 | 82 |
|
138 |
# Strict shibboleth usage |
|
139 |
SHIBBOLETH_REQUIRE_NAME_INFO = getattr(settings, |
|
140 |
'ASTAKOS_SHIBBOLETH_REQUIRE_NAME_INFO', |
|
141 |
False) |
|
83 |
TWITTER_TOKEN = settings.ASTAKOS_TWITTER_TOKEN |
|
84 |
TWITTER_SECRET = settings.ASTAKOS_TWITTER_SECRET |
|
85 |
TWITTER_AUTH_FORCE_LOGIN = settings.ASTAKOS_TWITTER_AUTH_FORCE_LOGIN |
|
142 | 86 |
|
143 |
default_activation_redirect_url = join_urls('/', BASE_PATH, VIEWS_PREFIX, |
|
144 |
"landing") |
|
145 |
ACTIVATION_REDIRECT_URL = getattr(settings, 'ASTAKOS_ACTIVATION_REDIRECT_URL', |
|
146 |
default_activation_redirect_url) |
|
87 |
GOOGLE_CLIENT_ID = settings.ASTAKOS_GOOGLE_CLIENT_ID |
|
88 |
GOOGLE_SECRET = settings.ASTAKOS_GOOGLE_SECRET |
|
147 | 89 |
|
148 |
# If true, this enables a ui compatibility layer for the introduction of UUIDs |
|
149 |
# in identity management. WARNING: Setting to True will break your installation |
|
150 |
TRANSLATE_UUIDS = getattr(settings, 'ASTAKOS_TRANSLATE_UUIDS', False) |
|
90 |
LINKEDIN_TOKEN = settings.ASTAKOS_LINKEDIN_TOKEN |
|
91 |
LINKEDIN_SECRET = settings.ASTAKOS_LINKEDIN_SECRET |
|
151 | 92 |
|
152 |
# Users that can approve or deny project applications from the web.
|
|
153 |
PROJECT_ADMINS = getattr(settings, 'ASTAKOS_PROJECT_ADMINS', set())
|
|
93 |
COMPONENTS_META = settings.ASTAKOS_COMPONENTS_META
|
|
94 |
RESOURCES_META = settings.ASTAKOS_RESOURCES_META
|
|
154 | 95 |
|
155 |
# OAuth2 Twitter credentials. |
|
156 |
TWITTER_TOKEN = getattr(settings, 'ASTAKOS_TWITTER_TOKEN', '') |
|
157 |
TWITTER_SECRET = getattr(settings, 'ASTAKOS_TWITTER_SECRET', '') |
|
158 |
TWITTER_AUTH_FORCE_LOGIN = getattr( |
|
159 |
settings, 'ASTAKOS_TWITTER_AUTH_FORCE_LOGIN', False) |
|
96 |
API_CLIENT_URL = settings.ASTAKOS_API_CLIENT_URL |
|
97 |
KAMAKI_CONFIG_CLOUD_NAME = settings.ASTAKOS_KAMAKI_CONFIG_CLOUD_NAME |
|
160 | 98 |
|
161 |
# OAuth2 Google credentials. |
|
162 |
GOOGLE_CLIENT_ID = getattr(settings, 'ASTAKOS_GOOGLE_CLIENT_ID', '') |
|
163 |
GOOGLE_SECRET = getattr(settings, 'ASTAKOS_GOOGLE_SECRET', '') |
|
99 |
RATELIMIT_RETRIES_ALLOWED = settings.ASTAKOS_RATELIMIT_RETRIES_ALLOWED |
|
164 | 100 |
|
165 |
# OAuth2 LinkedIn credentials. |
|
166 |
LINKEDIN_TOKEN = getattr(settings, 'ASTAKOS_LINKEDIN_TOKEN', '') |
|
167 |
LINKEDIN_SECRET = getattr(settings, 'ASTAKOS_LINKEDIN_SECRET', '') |
|
101 |
NEWPASSWD_INVALIDATE_TOKEN = settings.ASTAKOS_NEWPASSWD_INVALIDATE_TOKEN |
|
168 | 102 |
|
169 |
# URL to redirect the user after successful login when no next parameter is set |
|
170 |
default_success_url = join_urls('/', BASE_PATH, VIEWS_PREFIX, "landing") |
|
171 |
LOGIN_SUCCESS_URL = getattr(settings, 'ASTAKOS_LOGIN_SUCCESS_URL', |
|
172 |
default_success_url) |
|
103 |
USAGE_UPDATE_INTERVAL = settings.ASTAKOS_USAGE_UPDATE_INTERVAL |
|
104 |
|
|
105 |
REDIRECT_ALLOWED_SCHEMES = settings.ASTAKOS_REDIRECT_ALLOWED_SCHEMES |
|
173 | 106 |
|
174 |
# Whether or not to display projects in astakos menu |
|
175 |
PROJECTS_VISIBLE = getattr(settings, 'ASTAKOS_PROJECTS_VISIBLE', False) |
|
107 |
LOGOUT_NEXT = settings.ASTAKOS_LOGOUT_NEXT |
|
176 | 108 |
|
177 |
# A way to extend the components presentation metadata |
|
178 |
COMPONENTS_META = getattr(settings, 'ASTAKOS_COMPONENTS_META', {}) |
|
109 |
IM_STATIC_URL = settings.ASTAKOS_IM_STATIC_URL |
|
179 | 110 |
|
180 |
# A way to extend the resources presentation metadata |
|
181 |
RESOURCES_META = getattr(settings, 'ASTAKOS_RESOURCES_META', {}) |
|
182 | 111 |
|
183 |
# Do not require email verification for new users
|
|
184 |
SKIP_EMAIL_VERIFICATION = getattr(settings,
|
|
185 |
'ASTAKOS_SKIP_EMAIL_VERIFICATION', False)
|
|
112 |
# |
|
113 |
# Obsolete settings, should go away along with the relevant code.
|
|
114 |
#
|
|
186 | 115 |
|
187 |
# Kamaki download url. Displayed in api access view
|
|
188 |
API_CLIENT_URL = getattr(settings, 'ASTAKOS_API_CLIENT_URL',
|
|
189 |
'https://pypi.python.org/pypi/kamaki')
|
|
116 |
INVITATIONS_ENABLED = settings.ASTAKOS_INVITATIONS_ENABLED
|
|
117 |
DEFAULT_USER_LEVEL = settings.ASTAKOS_DEFAULT_USER_LEVEL
|
|
118 |
INVITATIONS_PER_LEVEL = settings.ASTAKOS_INVITATIONS_PER_LEVEL
|
|
190 | 119 |
|
191 |
KAMAKI_CONFIG_CLOUD_NAME = getattr(settings, |
|
192 |
'ASTAKOS_KAMAKI_CONFIG_CLOUD_NAME', |
|
193 |
None) |
|
120 |
FORCE_PROFILE_UPDATE = settings.ASTAKOS_FORCE_PROFILE_UPDATE |
|
194 | 121 |
|
195 |
REDIRECT_ALLOWED_SCHEMES = getattr(settings, |
|
196 |
'ASTAKOS_REDIRECT_ALLOWED_SCHEMES', |
|
197 |
('pithos', 'pithosdev')) |
|
122 |
TRANSLATE_UUIDS = settings.ASTAKOS_TRANSLATE_UUIDS |
b/snf-astakos-app/astakos/settings/default/__init__.py | ||
---|---|---|
1 |
from synnefo.settings.setup import Setting, Mandatory, Default, Constant |
|
2 |
|
|
3 |
ASTAKOS_COOKIE_DOMAIN = Mandatory( |
|
4 |
example_value=".example.synnefo.org", |
|
5 |
description=( |
|
6 |
"The domain at which the astakos authentication cookie will be " |
|
7 |
"published. Warning: all websites under this domain can access the " |
|
8 |
"cookie and its secret authorization data."), |
|
9 |
category="misc", |
|
10 |
) |
|
11 |
|
|
12 |
ASTAKOS_COOKIE_NAME = Constant( |
|
13 |
default_value='_pithos2_a', |
|
14 |
description="The astakos cookie name.", |
|
15 |
) |
|
16 |
|
|
17 |
ASTAKOS_COOKIE_SECURE = Constant( |
|
18 |
default_value=True, |
|
19 |
description=("Whether to require an encrypted connection " |
|
20 |
"to transmit the cookie."), |
|
21 |
) |
|
22 |
|
|
23 |
# The following settings will replace the default django settings |
|
24 |
AUTHENTICATION_BACKENDS = ( |
|
25 |
'astakos.im.auth_backends.EmailBackend', |
|
26 |
'astakos.im.auth_backends.TokenBackend') |
|
27 |
|
|
28 |
CUSTOM_USER_MODEL = 'astakos.im.AstakosUser' |
|
29 |
|
|
30 |
#SOUTH_TESTS_MIGRATE = False |
|
31 |
|
|
32 |
BROKER_URL = '' |
|
33 |
|
|
34 |
# INTERNAL_IPS = ('127.0.0.1',) |
|
1 |
# Copyright 2013 GRNET S.A. All rights reserved. |
|
2 |
# |
|
3 |
# Redistribution and use in source and binary forms, with or |
|
4 |
# without modification, are permitted provided that the following |
|
5 |
# conditions are met: |
|
6 |
# |
|
7 |
# 1. Redistributions of source code must retain the above |
|
8 |
# copyright notice, this list of conditions and the following |
|
9 |
# disclaimer. |
|
10 |
# |
|
11 |
# 2. Redistributions in binary form must reproduce the above |
|
12 |
# copyright notice, this list of conditions and the following |
|
13 |
# disclaimer in the documentation and/or other materials |
|
14 |
# provided with the distribution. |
|
15 |
# |
|
16 |
# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS |
|
17 |
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
|
18 |
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
19 |
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR |
|
20 |
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
21 |
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
|
22 |
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF |
|
23 |
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED |
|
24 |
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|
25 |
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
|
26 |
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
27 |
# POSSIBILITY OF SUCH DAMAGE. |
|
28 |
# |
|
29 |
# The views and conclusions contained in the software and |
|
30 |
# documentation are those of the authors and should not be |
|
31 |
# interpreted as representing official policies, either expressed |
|
32 |
# or implied, of GRNET S.A. |
|
33 |
|
|
34 |
from astakos.settings.default.settings import * |
b/snf-astakos-app/astakos/settings/default/settings.py | ||
---|---|---|
1 |
from synnefo.settings.setup import Setting, Mandatory, Default, SubMandatory |
|
2 |
|
|
3 |
# |
|
4 |
# Astakos configuration |
|
5 |
# |
|
6 |
|
|
7 |
ASTAKOS_AUTH_TOKEN_DURATION = Default( |
|
8 |
default_value=30*24, |
|
9 |
description="Expiration time for newly created authentication tokens. " |
|
10 |
"Time is counted in hours.", |
|
11 |
category="snf-astakos-app-settings", |
|
12 |
export=True, |
|
13 |
) |
|
14 |
|
|
15 |
ASTAKOS_IM_MODULES = Default( |
|
16 |
default_value=["local"], |
|
17 |
example_value=["local", "twitter", "google", "linkedin", "shibboleth"], |
|
18 |
description="Identity management enabled methods.", |
|
19 |
category="snf-astakos-app-settings", |
|
20 |
export=True, |
|
21 |
) |
|
22 |
|
|
23 |
ASTAKOS_COOKIE_DOMAIN = Mandatory( |
|
24 |
example_value=".example.synnefo.org", |
|
25 |
description="The domain at which the Astakos authentication cookie will be " |
|
26 |
"published. Warning: all websites under this domain can access the " |
|
27 |
"and its secret authorization data.", |
|
28 |
category="snf-astakos-app-settings", |
|
29 |
) |
|
30 |
|
|
31 |
ASTAKOS_COOKIE_NAME = Default( |
|
32 |
default_value="_pithos2_a", |
|
33 |
example_value="my_service_cookie_name_here", |
|
34 |
description="The astakos cookie name.", |
|
35 |
export=False, |
|
36 |
) |
|
37 |
|
|
38 |
ASTAKOS_COOKIE_SECURE = Default( |
|
39 |
default_value=True, |
|
40 |
description="Whether to require an encrypted connection to transmit the " |
|
41 |
"cookie.", |
|
42 |
export=False, |
|
43 |
) |
|
44 |
|
|
45 |
# |
|
46 |
# User moderation configuration |
|
47 |
# |
|
48 |
|
|
49 |
ASTAKOS_MODERATION_ENABLED = Default( |
|
50 |
default_value=True, |
|
51 |
description="Whether to moderate newly created users. If set to False all " |
|
52 |
"users that have signed up and verified their email address will get " |
|
53 |
"automatically accepted/activated. ", |
|
54 |
category="snf-astakos-app-settings", |
|
55 |
export=True, |
|
56 |
) |
|
57 |
|
|
58 |
ASTAKOS_RE_USER_EMAIL_PATTERNS = Default( |
|
59 |
default_value=[], |
|
60 |
description="If a new user's email matches any regex in this list, the " |
|
61 |
"user will get automatically accepted/activated.", |
|
62 |
dependencies=[ASTAKOS_MODERATION_ENABLED], |
|
63 |
category="snf-astakos-app-settings", |
|
64 |
export=True, |
|
65 |
) |
|
66 |
|
|
67 |
# |
|
68 |
# reCAPTCHA configuration |
|
69 |
# |
|
70 |
|
|
71 |
ASTAKOS_RECAPTCHA_ENABLED = Default( |
|
72 |
default_value=False, |
|
73 |
description="Whether to enable reCAPTCHA during sign up. ", |
|
74 |
category="snf-astakos-app-settings", |
|
75 |
export=True, |
|
76 |
) |
|
77 |
|
|
78 |
ASTAKOS_RECAPTCHA_PUBLIC_KEY = SubMandatory( |
|
79 |
example_value="recaptcha_public_key_here", |
|
80 |
description="The reCAPTCHA public key.", |
|
81 |
dependencies=[ASTAKOS_RECAPTCHA_ENABLED], |
|
82 |
) |
|
83 |
|
|
84 |
ASTAKOS_RECAPTCHA_PRIVATE_KEY = SubMandatory( |
|
85 |
example_value="recaptcha_private_key_here", |
|
86 |
description="The reCAPTCHA private key.", |
|
87 |
dependencies=[ASTAKOS_RECAPTCHA_ENABLED], |
|
88 |
) |
|
89 |
|
|
90 |
ASTAKOS_RECAPTCHA_OPTIONS = Default( |
|
91 |
default_value={ |
|
92 |
"theme": "custom", |
|
93 |
"custom_theme_widget": "okeanos_recaptcha" |
|
94 |
}, |
|
95 |
description="Additional reCAPTCHA options. We define a custom theme here. ", |
|
96 |
dependencies=[ASTAKOS_RECAPTCHA_ENABLED], |
|
97 |
export=False, |
|
98 |
) |
|
99 |
|
|
100 |
ASTAKOS_RECAPTCHA_USE_SSL = Default( |
|
101 |
default_value=True, |
|
102 |
description="Whether to use SSL.", |
|
103 |
dependencies=[ASTAKOS_RECAPTCHA_ENABLED], |
|
104 |
export=False, |
|
105 |
) |
|
106 |
|
|
107 |
# |
|
108 |
# UI messages configuration |
|
109 |
# |
|
110 |
|
|
111 |
ASTAKOS_LOGIN_MESSAGES = Default( |
|
112 |
default_value=[], |
|
113 |
example_value=[{ |
|
114 |
"warning": "This will be displayed on the top of the login page. " |
|
115 |
}], |
|
116 |
description="Type and body of the message to get displayed on the login " |
|
117 |
"page header. Types are color coded on the UI, valid keys are: " |
|
118 |
"'warning', 'success', 'error', 'info'", |
|
119 |
export=False, |
|
120 |
) |
|
121 |
|
|
122 |
ASTAKOS_SIGNUP_MESSAGES = Default( |
|
123 |
default_value=[], |
|
124 |
example_value=[{ |
|
125 |
"warning": "This will be displayed on the top of the signup page. " |
|
126 |
}], |
|
127 |
description="Type and body of the message to get displayed on the signup " |
|
128 |
"page header. Types are color coded on the UI, valid keys are: " |
|
129 |
"'warning', 'success', 'error', 'info'", |
|
130 |
export=False, |
|
131 |
) |
|
132 |
|
|
133 |
ASTAKOS_PROFILE_MESSAGES = Default( |
|
134 |
default_value=[], |
|
135 |
example_value=[{ |
|
136 |
"warning": "This will be displayed on the top of the profile page. " |
|
137 |
}], |
|
138 |
description="Type and body of the message to get displayed on the profile " |
|
139 |
"page header. Types are color coded on the UI, valid keys are: " |
|
140 |
"'warning', 'success', 'error', 'info'", |
|
141 |
export=False, |
|
142 |
) |
|
143 |
|
|
144 |
ASTAKOS_GLOBAL_MESSAGES = Default( |
|
145 |
default_value=[], |
|
146 |
example_value=[{ |
|
147 |
"warning": "This will be displayed on the top of every page. " |
|
148 |
}], |
|
149 |
description="Type and body of the message to get displayed on every " |
|
150 |
"page header. Types are color coded on the UI, valid keys are: " |
|
151 |
"'warning', 'success', 'error', 'info'", |
|
152 |
export=False, |
|
153 |
) |
|
154 |
|
|
155 |
ASTAKOS_PROFILE_EXTRA_LINKS = Default( |
|
156 |
default_value={}, |
|
157 |
example_value={ |
|
158 |
"https://landingpage.example.synnefo.org": "Back to <service_name>" |
|
159 |
}, |
|
160 |
description="Additional link to get displayed on the profile page.", |
|
161 |
export=False, |
|
162 |
) |
|
163 |
|
|
164 |
# |
|
165 |
# Email change/verify configuration |
|
166 |
# |
|
167 |
|
|
168 |
ASTAKOS_EMAILCHANGE_ENABLED = Default( |
|
169 |
default_value=False, |
|
170 |
description="Whether the user can change his/her email on the profile " |
|
171 |
"page. ", |
|
172 |
category="snf-astakos-app-settings", |
|
173 |
export=True, |
|
174 |
) |
|
175 |
|
|
176 |
ASTAKOS_EMAILCHANGE_ACTIVATION_DAYS = Default( |
|
177 |
default_value=10, |
|
178 |
description="Expiration time in days of email change requests. The user " |
|
179 |
"should verify his/her new email inside this period for it to switch " |
|
180 |
"to the new value.", |
|
181 |
dependencies=[ASTAKOS_EMAILCHANGE_ENABLED], |
|
182 |
category="snf-astakos-app-settings", |
|
183 |
export=True, |
|
184 |
) |
|
185 |
|
|
186 |
ASTAKOS_SKIP_EMAIL_VERIFICATION = Default( |
|
187 |
default_value=False, |
|
188 |
description="If False, Astakos will verify the email of a newly created " |
|
189 |
"user, by sending him/her a verification email which will contain a " |
|
190 |
"verification URL.", |
|
191 |
export=False, |
|
192 |
) |
|
193 |
|
|
194 |
# |
|
195 |
# UI pagination configuration |
|
196 |
# |
|
197 |
|
|
198 |
ASTAKOS_PAGINATE_BY = Default( |
|
199 |
default_value=50, |
|
200 |
description="How many objects should be displayed per page.", |
|
201 |
export=False, |
|
202 |
) |
|
203 |
|
|
204 |
ASTAKOS_PAGINATE_BY_ALL = Default( |
|
205 |
default_value=50, |
|
206 |
description="How many objects should be displayed per page in the " |
|
207 |
"'show all' projects' page.", |
|
208 |
export=False, |
|
209 |
) |
|
210 |
|
|
211 |
# |
|
212 |
# Projects configuration |
|
213 |
# |
|
214 |
|
|
215 |
ASTAKOS_PROJECTS_VISIBLE = Default( |
|
216 |
default_value=False, |
|
217 |
description="Whether to show Projects under the Astakos menu on the UI. ", |
|
218 |
category="snf-astakos-app-settings", |
|
219 |
export=True, |
|
220 |
) |
|
221 |
|
|
222 |
ASTAKOS_PROJECT_ADMINS = Default( |
|
223 |
default_value=[], |
|
224 |
description="Users that can approve or deny project applications. List of " |
|
225 |
"user UUIDs.", |
|
226 |
category="snf-astakos-app-settings", |
|
227 |
export=True, |
|
228 |
) |
|
229 |
|
|
230 |
# |
|
231 |
# Auth methods configuration |
|
232 |
# |
|
233 |
|
|
234 |
ASTAKOS_SHIBBOLETH_REQUIRE_NAME_INFO = Default( |
|
235 |
default_value=False, |
|
236 |
description="If True, require shibboleth IdP's to provide attributes that " |
|
237 |
"contain account name information. If no such attributes provided, " |
|
238 |
"users of that IdP won't be able to use their shibboleth credentials " |
|
239 |
"to create or login to their astakos account.", |
|
240 |
export=False, |
|
241 |
) |
|
242 |
|
|
243 |
# FIXME: Mandatory with condition |
|
244 |
ASTAKOS_TWITTER_TOKEN = Default( |
|
245 |
default_value="", |
|
246 |
description="OAuth2 twitter token.", |
|
247 |
category="snf-astakos-app-authmethods", |
|
248 |
export=True, |
|
249 |
) |
|
250 |
|
|
251 |
# FIXME: Mandatory with condition |
|
252 |
ASTAKOS_TWITTER_SECRET = Default( |
|
253 |
default_value="", |
|
254 |
description="0Auth2 twitter secret.", |
|
255 |
category="snf-astakos-app-authmethods", |
|
256 |
export=True, |
|
257 |
) |
|
258 |
|
|
259 |
ASTAKOS_TWITTER_AUTH_FORCE_LOGIN = Default( |
|
260 |
default_value=False, |
|
261 |
description="If True, prevent Twitter automatic authentication for users " |
|
262 |
"who try to login using their Twitter account. This means that Twitter " |
|
263 |
"will always prompt users to login to their account even if an " |
|
264 |
"existing Twitter session exists.", |
|
265 |
export=False, |
|
266 |
) |
|
267 |
|
|
268 |
# FIXME: Mandatory with condition |
|
269 |
ASTAKOS_GOOGLE_CLIENT_ID = Default( |
|
270 |
default_value="", |
|
271 |
description="OAuth google client id.", |
|
272 |
category="snf-astakos-app-authmethods", |
|
273 |
export=True, |
|
274 |
) |
|
275 |
|
|
276 |
# FIXME: Mandatory with condition |
|
277 |
ASTAKOS_GOOGLE_SECRET = Default( |
|
278 |
default_value="", |
|
279 |
description="OAuth google sercret.", |
|
280 |
category="snf-astakos-app-authmethods", |
|
281 |
export=True, |
|
282 |
) |
|
283 |
|
|
284 |
# FIXME: Mandatory with condition |
|
285 |
ASTAKOS_LINKEDIN_TOKEN = Default( |
|
286 |
default_value="", |
|
287 |
description="OAuth linkedin token.", |
|
288 |
category="snf-astakos-app-authmethods", |
|
289 |
export=True, |
|
290 |
) |
|
291 |
|
|
292 |
# FIXME: Mandatory with condition |
|
293 |
ASTAKOS_LINKEDIN_SECRET = Default( |
|
294 |
default_value="", |
|
295 |
description="OAuth linkedin secret.", |
|
296 |
category="snf-astakos-app-authmethods", |
|
297 |
export=True, |
|
298 |
) |
|
299 |
|
|
300 |
# |
|
301 |
# UI presentation configuration |
|
302 |
# |
|
303 |
|
|
304 |
ASTAKOS_COMPONENTS_META = Default( |
|
305 |
default_value={}, |
|
306 |
example_value={ |
|
307 |
"synnefo": { |
|
308 |
"url": "http://example.synnefo.org", |
|
309 |
"order": 1, |
|
310 |
"dashboard": { |
|
311 |
"order": 4, |
|
312 |
"show": True, |
|
313 |
"description": 'Synnefo homepage', |
|
314 |
"icon": "/static/branding/images/synnefo-logo.png" |
|
315 |
}, |
|
316 |
"cloudbar": { |
|
317 |
"show": True, |
|
318 |
"icon": "https://example.synnefo.org/static/branding/images/cloudbar_home.png" |
|
319 |
} |
|
320 |
}, |
|
321 |
"cyclades": { |
|
322 |
"order": 2, |
|
323 |
"dashboard": { |
|
324 |
"order": 1, |
|
325 |
}, |
|
326 |
}, |
|
327 |
"pithos": { |
|
328 |
"order": 3, |
|
329 |
"dashboard": { |
|
330 |
"order": 2, |
|
331 |
}, |
|
332 |
} |
|
333 |
}, |
|
334 |
description="A way to extend the components presentation metadata on the " |
|
335 |
"UI.", |
|
336 |
export=False, |
|
337 |
) |
|
338 |
|
|
339 |
ASTAKOS_RESOURCES_META = Default( |
|
340 |
default_value={}, |
|
341 |
description="A way to extend the services presentation metadata on the UI.", |
|
342 |
export=False, |
|
343 |
) |
|
344 |
|
|
345 |
# |
|
346 |
# API access page links |
|
347 |
# |
|
348 |
|
|
349 |
ASTAKOS_API_CLIENT_URL = Default( |
|
350 |
default_value="https://pypi.python.org/pypi/kamaki", |
|
351 |
description="URL to the official kamaki package. Displayed in the API " |
|
352 |
"access tab.", |
|
353 |
export=False, |
|
354 |
) |
|
355 |
|
|
356 |
ASTAKOS_KAMAKI_CONFIG_CLOUD_NAME = Default( |
|
357 |
default_value=None, |
|
358 |
description="Override the cloud name in the suggested downloadable " |
|
359 |
"'.kamakirc' in the API access tab.", |
|
360 |
export=False, |
|
361 |
) |
|
362 |
|
|
363 |
# |
|
364 |
# Misc configuration |
|
365 |
# |
|
366 |
|
|
367 |
ASTAKOS_RATELIMIT_RETRIES_ALLOWED = Default( |
|
368 |
default_value=3, |
|
369 |
description="The number of unsuccessful login requests per minute a user " |
|
370 |
"can issue.", |
|
371 |
export=False, |
|
372 |
) |
|
373 |
|
|
374 |
ASTAKOS_NEWPASSWD_INVALIDATE_TOKEN = Default( |
|
375 |
default_value=True, |
|
376 |
description="Enforce token renewal on password change/reset.", |
|
377 |
export=False, |
|
378 |
) |
|
379 |
|
|
380 |
ASTAKOS_USAGE_UPDATE_INTERVAL = Default( |
|
381 |
default_value=5000, |
|
382 |
description="Refresh the user's available quota in the Usage tab every " |
|
383 |
"that many milliseconds.", |
|
384 |
export=False, |
|
385 |
) |
|
386 |
|
|
387 |
|
|
388 |
ASTAKOS_REDIRECT_ALLOWED_SCHEMES = Default( |
|
389 |
default_value=("pithos", "pithosdev"), |
|
390 |
description="Allowed schemes to be passed at the 'next' parameter during " |
|
391 |
"Astakos redirects.", |
|
392 |
export=False, |
|
393 |
) |
|
394 |
|
|
395 |
ASTAKOS_LOGOUT_NEXT = Default( |
|
396 |
default_value="", |
|
397 |
example_value="http://landingpage.example.synnefo.org/welcome", |
|
398 |
description="URL that the user will get redirected to after logging out. ", |
|
399 |
export=False, |
|
400 |
) |
|
401 |
|
|
402 |
ASTAKOS_IM_STATIC_URL = Default( |
|
403 |
default_value=MEDIA_URL + "im/", |
|
404 |
description="Base URL for Astakos static files.", |
|
405 |
dependencies=[MEDIA_URL], |
|
406 |
export=False, |
|
407 |
) |
|
408 |
|
|
409 |
# |
|
410 |
# FIXME: Document the following |
|
411 |
# |
|
412 |
|
|
413 |
# The following settings will replace the default django settings |
|
414 |
AUTHENTICATION_BACKENDS = ( |
|
415 |
'astakos.im.auth_backends.EmailBackend', |
|
416 |
'astakos.im.auth_backends.TokenBackend') |
|
417 |
|
|
418 |
CUSTOM_USER_MODEL = 'astakos.im.AstakosUser' |
|
419 |
|
|
420 |
#SOUTH_TESTS_MIGRATE = False |
|
421 |
|
|
422 |
BROKER_URL = '' |
|
423 |
|
|
424 |
# INTERNAL_IPS = ('127.0.0.1',) |
|
425 |
|
|
426 |
|
|
427 |
# |
|
428 |
# Obsolete settings |
|
429 |
# |
|
430 |
|
|
431 |
# FIXME: Invitations mechanism will be re-written if needed. Those have to go |
|
432 |
# for now along with the relevant code. |
|
433 |
ASTAKOS_INVITATIONS_ENABLED = Default( |
|
434 |
default_value=False, |
|
435 |
description="Whether to enable the invitations mechanism.", |
|
436 |
export=False, |
|
437 |
) |
|
438 |
|
|
439 |
ASTAKOS_DEFAULT_USER_LEVEL = Default( |
|
440 |
default_value=4, |
|
441 |
description="The user's default invitation level.", |
|
442 |
export=False, |
|
443 |
) |
|
444 |
|
|
445 |
ASTAKOS_INVITATIONS_PER_LEVEL = Default( |
|
446 |
default_value={ |
|
447 |
0: 100, |
|
448 |
1: 2, |
|
449 |
2: 0, |
|
450 |
3: 0, |
|
451 |
4: 0 |
|
452 |
}, |
|
453 |
description="Dict that maps how many are the available invitations for " |
|
454 |
"each invitation level. ", |
|
455 |
export=False, |
|
456 |
) |
|
457 |
|
|
458 |
# FIXME: This is not needed any more, has to go along with relevant code. |
|
459 |
ASTAKOS_FORCE_PROFILE_UPDATE = Default( |
|
460 |
default_value=False, |
|
461 |
description="Force the user to update his/her profile page on the first " |
|
462 |
"successful login.", |
|
463 |
export=False, |
|
464 |
) |
|
465 |
|
|
466 |
# FIXME: This was needed for transitional reasons, now needs to go away along |
|
467 |
# with the corresponding code. |
|
468 |
# This enables a ui compatibility layer for the introduction of UUIDs in |
|
469 |
# identity management. WARNING: Setting to True will break your installation. |
|
470 |
ASTAKOS_TRANSLATE_UUIDS = Default( |
|
471 |
default_value=False, |
|
472 |
description="Transitional setting to allow UUID translations.", |
|
473 |
export=False, |
|
474 |
) |
Also available in: Unified diff