Revision b83ebddd
| b/snf-astakos-app/astakos/im/settings.py | ||
|---|---|---|
| 9 | 9 |
BASE_PATH = settings.ASTAKOS_BASE_PATH |
| 10 | 10 |
|
| 11 | 11 |
synnefo_services = settings.SYNNEFO_SERVICES |
| 12 |
|
|
| 13 |
# Set service name |
|
| 14 |
SITENAME = getattr(settings, 'ASTAKOS_SITENAME', synnefo_settings.SERVICE_NAME) |
|
| 15 |
|
|
| 12 | 16 |
ACCOUNTS_PREFIX = get_service_prefix(synnefo_services, 'astakos_account') |
| 13 | 17 |
VIEWS_PREFIX = get_service_prefix(synnefo_services, 'astakos_ui') |
| 14 | 18 |
KEYSTONE_PREFIX = get_service_prefix(synnefo_services, 'astakos_identity') |
| 15 | 19 |
WEBLOGIN_PREFIX = get_service_prefix(synnefo_services, 'astakos_weblogin') |
| 16 | 20 |
|
| 17 |
# Set the expiration time of newly created auth tokens |
|
| 18 |
# to be this many hours after their creation time. |
|
| 19 |
AUTH_TOKEN_DURATION = getattr(settings, 'ASTAKOS_AUTH_TOKEN_DURATION', 30 * 24) |
|
| 20 |
|
|
| 21 |
DEFAULT_USER_LEVEL = getattr(settings, 'ASTAKOS_DEFAULT_USER_LEVEL', 4) |
|
| 22 |
|
|
| 23 |
INVITATIONS_PER_LEVEL = getattr(settings, 'ASTAKOS_INVITATIONS_PER_LEVEL', {
|
|
| 24 |
0: 100, |
|
| 25 |
1: 2, |
|
| 26 |
2: 0, |
|
| 27 |
3: 0, |
|
| 28 |
4: 0 |
|
| 29 |
}) |
|
| 30 |
|
|
| 31 |
ADMINS = tuple(getattr(settings, 'ADMINS', ())) |
|
| 32 |
MANAGERS = tuple(getattr(settings, 'MANAGERS', ())) |
|
| 33 |
HELPDESK = tuple(getattr(settings, 'HELPDESK', ())) |
|
| 34 |
|
|
| 21 |
# These get annotated by snf-webproject |
|
| 22 |
ADMINS = settings.ADMINS |
|
| 23 |
MANAGERS = settings.MANAGERS |
|
| 24 |
HELPDESK = settings.HELPDESK |
|
| 35 | 25 |
CONTACT_EMAIL = settings.CONTACT_EMAIL |
| 36 | 26 |
SERVER_EMAIL = settings.SERVER_EMAIL |
| 37 | 27 |
SECRET_KEY = settings.SECRET_KEY |
| 38 | 28 |
SESSION_ENGINE = settings.SESSION_ENGINE |
| 39 | 29 |
|
| 40 |
# Identity Management enabled modules
|
|
| 41 |
# Supported modules are: 'local', 'twitter' and 'shibboleth'
|
|
| 42 |
IM_MODULES = getattr(settings, 'ASTAKOS_IM_MODULES', ['local'])
|
|
| 30 |
# Set the astakos main functions logging severity (None to disable)
|
|
| 31 |
from logging import INFO
|
|
| 32 |
LOGGING_LEVEL = getattr(settings, 'ASTAKOS_LOGGING_LEVEL', INFO)
|
|
| 43 | 33 |
|
| 44 |
# Force user profile verification |
|
| 45 |
FORCE_PROFILE_UPDATE = getattr(settings, 'ASTAKOS_FORCE_PROFILE_UPDATE', False) |
|
| 34 |
default_activation_redirect_url = join_urls('/', BASE_PATH, VIEWS_PREFIX,
|
|
| 35 |
"landing") |
|
| 36 |
ACTIVATION_REDIRECT_URL = getattr(settings, 'ASTAKOS_ACTIVATION_REDIRECT_URL', |
|
| 37 |
default_activation_redirect_url) |
|
| 46 | 38 |
|
| 47 |
#Enable invitations |
|
| 48 |
INVITATIONS_ENABLED = getattr(settings, 'ASTAKOS_INVITATIONS_ENABLED', False) |
|
| 39 |
# URL to redirect the user after successful login when no next parameter is set |
|
| 40 |
default_success_url = join_urls('/', BASE_PATH, VIEWS_PREFIX, "landing")
|
|
| 41 |
LOGIN_SUCCESS_URL = getattr(settings, 'ASTAKOS_LOGIN_SUCCESS_URL', |
|
| 42 |
default_success_url) |
|
| 49 | 43 |
|
| 50 |
COOKIE_NAME = getattr(settings, 'ASTAKOS_COOKIE_NAME', '_pithos2_a')
|
|
| 51 |
COOKIE_DOMAIN = getattr(settings, 'ASTAKOS_COOKIE_DOMAIN', None)
|
|
| 52 |
COOKIE_SECURE = getattr(settings, 'ASTAKOS_COOKIE_SECURE', True)
|
|
| 44 |
#
|
|
| 45 |
# Local defaults
|
|
| 46 |
#
|
|
| 53 | 47 |
|
| 54 |
IM_STATIC_URL = getattr(settings, 'ASTAKOS_IM_STATIC_URL', '/static/im/')
|
|
| 48 |
AUTH_TOKEN_DURATION = settings.ASTAKOS_AUTH_TOKEN_DURATION
|
|
| 55 | 49 |
|
| 56 |
# If set to False and invitations not enabled newly created user |
|
| 57 |
# will be automatically accepted |
|
| 58 |
MODERATION_ENABLED = getattr(settings, 'ASTAKOS_MODERATION_ENABLED', True) |
|
| 50 |
IM_MODULES = settings.ASTAKOS_IM_MODULES |
|
| 59 | 51 |
|
| 60 |
# Set service name |
|
| 61 |
SITENAME = getattr(settings, 'ASTAKOS_SITENAME', synnefo_settings.SERVICE_NAME) |
|
| 52 |
COOKIE_DOMAIN = settings.ASTAKOS_COOKIE_DOMAIN |
|
| 53 |
COOKIE_NAME = settings.ASTAKOS_COOKIE_NAME |
|
| 54 |
COOKIE_SECURE = settings.ASTAKOS_COOKIE_SECURE |
|
| 62 | 55 |
|
| 63 |
# Set recaptcha keys |
|
| 64 |
RECAPTCHA_PUBLIC_KEY = getattr(settings, 'ASTAKOS_RECAPTCHA_PUBLIC_KEY', '') |
|
| 65 |
RECAPTCHA_PRIVATE_KEY = getattr(settings, 'ASTAKOS_RECAPTCHA_PRIVATE_KEY', '') |
|
| 66 |
RECAPTCHA_OPTIONS = getattr(settings, 'ASTAKOS_RECAPTCHA_OPTIONS', |
|
| 67 |
{'theme': 'custom',
|
|
| 68 |
'custom_theme_widget': 'okeanos_recaptcha'}) |
|
| 69 |
RECAPTCHA_USE_SSL = getattr(settings, 'ASTAKOS_RECAPTCHA_USE_SSL', True) |
|
| 70 |
RECAPTCHA_ENABLED = getattr(settings, 'ASTAKOS_RECAPTCHA_ENABLED', False) |
|
| 71 |
|
|
| 72 |
# Set where the user should be redirected after logout |
|
| 73 |
LOGOUT_NEXT = getattr(settings, 'ASTAKOS_LOGOUT_NEXT', '') |
|
| 74 |
|
|
| 75 |
# Set user email patterns that are automatically activated |
|
| 76 |
RE_USER_EMAIL_PATTERNS = getattr( |
|
| 77 |
settings, 'ASTAKOS_RE_USER_EMAIL_PATTERNS', []) |
|
| 78 |
|
|
| 79 |
# Messages to display on login page header |
|
| 80 |
# e.g. {'warning':
|
|
| 81 |
# 'This warning message will be displayed on the top of login page'} |
|
| 82 |
LOGIN_MESSAGES = getattr(settings, 'ASTAKOS_LOGIN_MESSAGES', []) |
|
| 83 |
|
|
| 84 |
# Messages to display on login page header |
|
| 85 |
# e.g. {'warning':
|
|
| 86 |
# 'This warning message will be displayed on the top of signup page'} |
|
| 87 |
SIGNUP_MESSAGES = getattr(settings, 'ASTAKOS_SIGNUP_MESSAGES', []) |
|
| 88 |
|
|
| 89 |
# Messages to display on login page header |
|
| 90 |
# e.g. {'warning':
|
|
| 91 |
# 'This warning message will be displayed on the top of profile page'} |
|
| 92 |
PROFILE_MESSAGES = getattr(settings, 'ASTAKOS_PROFILE_MESSAGES', []) |
|
| 93 |
|
|
| 94 |
# Messages to display on all pages |
|
| 95 |
# e.g. {'warning':
|
|
| 96 |
# 'This warning message will be displayed on the top of every page'} |
|
| 97 |
GLOBAL_MESSAGES = getattr(settings, 'ASTAKOS_GLOBAL_MESSAGES', []) |
|
| 98 |
|
|
| 99 |
# messages to display as extra actions in account forms |
|
| 100 |
# e.g. {'https://www.myhomepage.com': 'Back to <service_name>'}
|
|
| 101 |
PROFILE_EXTRA_LINKS = getattr(settings, 'ASTAKOS_PROFILE_EXTRA_LINKS', {})
|
|
| 102 |
|
|
| 103 |
# The number of unsuccessful login requests per minute allowed |
|
| 104 |
# for a specific user |
|
| 105 |
RATELIMIT_RETRIES_ALLOWED = getattr( |
|
| 106 |
settings, 'ASTAKOS_RATELIMIT_RETRIES_ALLOWED', 3) |
|
| 107 |
|
|
| 108 |
# If False the email change mechanism is disabled |
|
| 109 |
EMAILCHANGE_ENABLED = getattr(settings, 'ASTAKOS_EMAILCHANGE_ENABLED', False) |
|
| 110 |
|
|
| 111 |
# Set the expiration time (in days) of email change requests |
|
| 112 |
EMAILCHANGE_ACTIVATION_DAYS = getattr( |
|
| 113 |
settings, 'ASTAKOS_EMAILCHANGE_ACTIVATION_DAYS', 10) |
|
| 56 |
MODERATION_ENABLED = settings.ASTAKOS_MODERATION_ENABLED |
|
| 57 |
RE_USER_EMAIL_PATTERNS = settings.ASTAKOS_RE_USER_EMAIL_PATTERNS |
|
| 114 | 58 |
|
| 115 |
# Set the astakos main functions logging severity (None to disable) |
|
| 116 |
from logging import INFO |
|
| 117 |
LOGGING_LEVEL = getattr(settings, 'ASTAKOS_LOGGING_LEVEL', INFO) |
|
| 59 |
RECAPTCHA_ENABLED = settings.ASTAKOS_RECAPTCHA_ENABLED |
|
| 60 |
RECAPTCHA_PUBLIC_KEY = settings.ASTAKOS_RECAPTCHA_PUBLIC_KEY |
|
| 61 |
RECAPTCHA_PRIVATE_KEY = settings.ASTAKOS_RECAPTCHA_PRIVATE_KEY |
|
| 62 |
RECAPTCHA_OPTIONS = settings.ASTAKOS_RECAPTCHA_OPTIONS |
|
| 63 |
RECAPTCHA_USE_SSL = settings.ASTAKOS_RECAPTCHA_USE_SSL |
|
| 118 | 64 |
|
| 119 |
# Set how many objects should be displayed per page |
|
| 120 |
PAGINATE_BY = getattr(settings, 'ASTAKOS_PAGINATE_BY', 50) |
|
| 65 |
LOGIN_MESSAGES = settings.ASTAKOS_LOGIN_MESSAGES |
|
| 66 |
SIGNUP_MESSAGES = settings.ASTAKOS_SIGNUP_MESSAGES |
|
| 67 |
PROFILE_MESSAGES = settings.ASTAKOS_PROFILE_MESSAGES |
|
| 68 |
GLOBAL_MESSAGES = settings.ASTAKOS_GLOBAL_MESSAGES |
|
| 69 |
PROFILE_EXTRA_LINKS = settings.ASTAKOS_PROFILE_EXTRA_LINKS |
|
| 121 | 70 |
|
| 122 |
# Set how many objects should be displayed per page in show all projects page |
|
| 123 |
PAGINATE_BY_ALL = getattr(settings, 'ASTAKOS_PAGINATE_BY_ALL', 50) |
|
| 71 |
EMAILCHANGE_ENABLED = settings.ASTAKOS_EMAILCHANGE_ENABLED |
|
| 72 |
EMAILCHANGE_ACTIVATION_DAYS = settings.ASTAKOS_EMAILCHANGE_ACTIVATION_DAYS |
|
| 73 |
SKIP_EMAIL_VERIFICATION = settings.ASTAKOS_SKIP_EMAIL_VERIFICATION |
|
| 124 | 74 |
|
| 125 |
# Enforce token renewal on password change/reset |
|
| 126 |
NEWPASSWD_INVALIDATE_TOKEN = getattr( |
|
| 127 |
settings, 'ASTAKOS_NEWPASSWD_INVALIDATE_TOKEN', True) |
|
| 75 |
PAGINATE_BY = settings.ASTAKOS_PAGINATE_BY |
|
| 76 |
PAGINATE_BY_ALL = settings.ASTAKOS_PAGINATE_BY_ALL |
|
| 128 | 77 |
|
| 129 |
# Interval at which to update the user's available quota in astakos usage |
|
| 130 |
# profile view |
|
| 131 |
USAGE_UPDATE_INTERVAL = getattr(settings, 'ASTAKOS_USAGE_UPDATE_INTERVAL', |
|
| 132 |
5000) |
|
| 78 |
PROJECTS_VISIBLE = settings.ASTAKOS_PROJECTS_VISIBLE |
|
| 79 |
PROJECT_ADMINS = settings.ASTAKOS_PROJECT_ADMINS |
|
| 133 | 80 |
|
| 134 |
# Permit local account migration |
|
| 135 |
ENABLE_LOCAL_ACCOUNT_MIGRATION = getattr( |
|
| 136 |
settings, 'ASTAKOS_ENABLE_LOCAL_ACCOUNT_MIGRATION', True) |
|
| 81 |
SHIBBOLETH_REQUIRE_NAME_INFO = settings.ASTAKOS_SHIBBOLETH_REQUIRE_NAME_INFO |
|
| 137 | 82 |
|
| 138 |
# Strict shibboleth usage |
|
| 139 |
SHIBBOLETH_REQUIRE_NAME_INFO = getattr(settings, |
|
| 140 |
'ASTAKOS_SHIBBOLETH_REQUIRE_NAME_INFO', |
|
| 141 |
False) |
|
| 83 |
TWITTER_TOKEN = settings.ASTAKOS_TWITTER_TOKEN |
|
| 84 |
TWITTER_SECRET = settings.ASTAKOS_TWITTER_SECRET |
|
| 85 |
TWITTER_AUTH_FORCE_LOGIN = settings.ASTAKOS_TWITTER_AUTH_FORCE_LOGIN |
|
| 142 | 86 |
|
| 143 |
default_activation_redirect_url = join_urls('/', BASE_PATH, VIEWS_PREFIX,
|
|
| 144 |
"landing") |
|
| 145 |
ACTIVATION_REDIRECT_URL = getattr(settings, 'ASTAKOS_ACTIVATION_REDIRECT_URL', |
|
| 146 |
default_activation_redirect_url) |
|
| 87 |
GOOGLE_CLIENT_ID = settings.ASTAKOS_GOOGLE_CLIENT_ID |
|
| 88 |
GOOGLE_SECRET = settings.ASTAKOS_GOOGLE_SECRET |
|
| 147 | 89 |
|
| 148 |
# If true, this enables a ui compatibility layer for the introduction of UUIDs |
|
| 149 |
# in identity management. WARNING: Setting to True will break your installation |
|
| 150 |
TRANSLATE_UUIDS = getattr(settings, 'ASTAKOS_TRANSLATE_UUIDS', False) |
|
| 90 |
LINKEDIN_TOKEN = settings.ASTAKOS_LINKEDIN_TOKEN |
|
| 91 |
LINKEDIN_SECRET = settings.ASTAKOS_LINKEDIN_SECRET |
|
| 151 | 92 |
|
| 152 |
# Users that can approve or deny project applications from the web.
|
|
| 153 |
PROJECT_ADMINS = getattr(settings, 'ASTAKOS_PROJECT_ADMINS', set())
|
|
| 93 |
COMPONENTS_META = settings.ASTAKOS_COMPONENTS_META
|
|
| 94 |
RESOURCES_META = settings.ASTAKOS_RESOURCES_META
|
|
| 154 | 95 |
|
| 155 |
# OAuth2 Twitter credentials. |
|
| 156 |
TWITTER_TOKEN = getattr(settings, 'ASTAKOS_TWITTER_TOKEN', '') |
|
| 157 |
TWITTER_SECRET = getattr(settings, 'ASTAKOS_TWITTER_SECRET', '') |
|
| 158 |
TWITTER_AUTH_FORCE_LOGIN = getattr( |
|
| 159 |
settings, 'ASTAKOS_TWITTER_AUTH_FORCE_LOGIN', False) |
|
| 96 |
API_CLIENT_URL = settings.ASTAKOS_API_CLIENT_URL |
|
| 97 |
KAMAKI_CONFIG_CLOUD_NAME = settings.ASTAKOS_KAMAKI_CONFIG_CLOUD_NAME |
|
| 160 | 98 |
|
| 161 |
# OAuth2 Google credentials. |
|
| 162 |
GOOGLE_CLIENT_ID = getattr(settings, 'ASTAKOS_GOOGLE_CLIENT_ID', '') |
|
| 163 |
GOOGLE_SECRET = getattr(settings, 'ASTAKOS_GOOGLE_SECRET', '') |
|
| 99 |
RATELIMIT_RETRIES_ALLOWED = settings.ASTAKOS_RATELIMIT_RETRIES_ALLOWED |
|
| 164 | 100 |
|
| 165 |
# OAuth2 LinkedIn credentials. |
|
| 166 |
LINKEDIN_TOKEN = getattr(settings, 'ASTAKOS_LINKEDIN_TOKEN', '') |
|
| 167 |
LINKEDIN_SECRET = getattr(settings, 'ASTAKOS_LINKEDIN_SECRET', '') |
|
| 101 |
NEWPASSWD_INVALIDATE_TOKEN = settings.ASTAKOS_NEWPASSWD_INVALIDATE_TOKEN |
|
| 168 | 102 |
|
| 169 |
# URL to redirect the user after successful login when no next parameter is set |
|
| 170 |
default_success_url = join_urls('/', BASE_PATH, VIEWS_PREFIX, "landing")
|
|
| 171 |
LOGIN_SUCCESS_URL = getattr(settings, 'ASTAKOS_LOGIN_SUCCESS_URL', |
|
| 172 |
default_success_url) |
|
| 103 |
USAGE_UPDATE_INTERVAL = settings.ASTAKOS_USAGE_UPDATE_INTERVAL |
|
| 104 |
|
|
| 105 |
REDIRECT_ALLOWED_SCHEMES = settings.ASTAKOS_REDIRECT_ALLOWED_SCHEMES |
|
| 173 | 106 |
|
| 174 |
# Whether or not to display projects in astakos menu |
|
| 175 |
PROJECTS_VISIBLE = getattr(settings, 'ASTAKOS_PROJECTS_VISIBLE', False) |
|
| 107 |
LOGOUT_NEXT = settings.ASTAKOS_LOGOUT_NEXT |
|
| 176 | 108 |
|
| 177 |
# A way to extend the components presentation metadata |
|
| 178 |
COMPONENTS_META = getattr(settings, 'ASTAKOS_COMPONENTS_META', {})
|
|
| 109 |
IM_STATIC_URL = settings.ASTAKOS_IM_STATIC_URL |
|
| 179 | 110 |
|
| 180 |
# A way to extend the resources presentation metadata |
|
| 181 |
RESOURCES_META = getattr(settings, 'ASTAKOS_RESOURCES_META', {})
|
|
| 182 | 111 |
|
| 183 |
# Do not require email verification for new users
|
|
| 184 |
SKIP_EMAIL_VERIFICATION = getattr(settings,
|
|
| 185 |
'ASTAKOS_SKIP_EMAIL_VERIFICATION', False)
|
|
| 112 |
# |
|
| 113 |
# Obsolete settings, should go away along with the relevant code.
|
|
| 114 |
#
|
|
| 186 | 115 |
|
| 187 |
# Kamaki download url. Displayed in api access view
|
|
| 188 |
API_CLIENT_URL = getattr(settings, 'ASTAKOS_API_CLIENT_URL',
|
|
| 189 |
'https://pypi.python.org/pypi/kamaki')
|
|
| 116 |
INVITATIONS_ENABLED = settings.ASTAKOS_INVITATIONS_ENABLED
|
|
| 117 |
DEFAULT_USER_LEVEL = settings.ASTAKOS_DEFAULT_USER_LEVEL
|
|
| 118 |
INVITATIONS_PER_LEVEL = settings.ASTAKOS_INVITATIONS_PER_LEVEL
|
|
| 190 | 119 |
|
| 191 |
KAMAKI_CONFIG_CLOUD_NAME = getattr(settings, |
|
| 192 |
'ASTAKOS_KAMAKI_CONFIG_CLOUD_NAME', |
|
| 193 |
None) |
|
| 120 |
FORCE_PROFILE_UPDATE = settings.ASTAKOS_FORCE_PROFILE_UPDATE |
|
| 194 | 121 |
|
| 195 |
REDIRECT_ALLOWED_SCHEMES = getattr(settings, |
|
| 196 |
'ASTAKOS_REDIRECT_ALLOWED_SCHEMES', |
|
| 197 |
('pithos', 'pithosdev'))
|
|
| 122 |
TRANSLATE_UUIDS = settings.ASTAKOS_TRANSLATE_UUIDS |
|
| b/snf-astakos-app/astakos/settings/default/__init__.py | ||
|---|---|---|
| 1 |
from synnefo.settings.setup import Setting, Mandatory, Default, Constant |
|
| 2 |
|
|
| 3 |
ASTAKOS_COOKIE_DOMAIN = Mandatory( |
|
| 4 |
example_value=".example.synnefo.org", |
|
| 5 |
description=( |
|
| 6 |
"The domain at which the astakos authentication cookie will be " |
|
| 7 |
"published. Warning: all websites under this domain can access the " |
|
| 8 |
"cookie and its secret authorization data."), |
|
| 9 |
category="misc", |
|
| 10 |
) |
|
| 11 |
|
|
| 12 |
ASTAKOS_COOKIE_NAME = Constant( |
|
| 13 |
default_value='_pithos2_a', |
|
| 14 |
description="The astakos cookie name.", |
|
| 15 |
) |
|
| 16 |
|
|
| 17 |
ASTAKOS_COOKIE_SECURE = Constant( |
|
| 18 |
default_value=True, |
|
| 19 |
description=("Whether to require an encrypted connection "
|
|
| 20 |
"to transmit the cookie."), |
|
| 21 |
) |
|
| 22 |
|
|
| 23 |
# The following settings will replace the default django settings |
|
| 24 |
AUTHENTICATION_BACKENDS = ( |
|
| 25 |
'astakos.im.auth_backends.EmailBackend', |
|
| 26 |
'astakos.im.auth_backends.TokenBackend') |
|
| 27 |
|
|
| 28 |
CUSTOM_USER_MODEL = 'astakos.im.AstakosUser' |
|
| 29 |
|
|
| 30 |
#SOUTH_TESTS_MIGRATE = False |
|
| 31 |
|
|
| 32 |
BROKER_URL = '' |
|
| 33 |
|
|
| 34 |
# INTERNAL_IPS = ('127.0.0.1',)
|
|
| 1 |
# Copyright 2013 GRNET S.A. All rights reserved. |
|
| 2 |
# |
|
| 3 |
# Redistribution and use in source and binary forms, with or |
|
| 4 |
# without modification, are permitted provided that the following |
|
| 5 |
# conditions are met: |
|
| 6 |
# |
|
| 7 |
# 1. Redistributions of source code must retain the above |
|
| 8 |
# copyright notice, this list of conditions and the following |
|
| 9 |
# disclaimer. |
|
| 10 |
# |
|
| 11 |
# 2. Redistributions in binary form must reproduce the above |
|
| 12 |
# copyright notice, this list of conditions and the following |
|
| 13 |
# disclaimer in the documentation and/or other materials |
|
| 14 |
# provided with the distribution. |
|
| 15 |
# |
|
| 16 |
# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS |
|
| 17 |
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
|
| 18 |
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
| 19 |
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR |
|
| 20 |
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
| 21 |
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
|
| 22 |
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF |
|
| 23 |
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED |
|
| 24 |
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|
| 25 |
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
|
| 26 |
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
| 27 |
# POSSIBILITY OF SUCH DAMAGE. |
|
| 28 |
# |
|
| 29 |
# The views and conclusions contained in the software and |
|
| 30 |
# documentation are those of the authors and should not be |
|
| 31 |
# interpreted as representing official policies, either expressed |
|
| 32 |
# or implied, of GRNET S.A. |
|
| 33 |
|
|
| 34 |
from astakos.settings.default.settings import * |
|
| b/snf-astakos-app/astakos/settings/default/settings.py | ||
|---|---|---|
| 1 |
from synnefo.settings.setup import Setting, Mandatory, Default, SubMandatory |
|
| 2 |
|
|
| 3 |
# |
|
| 4 |
# Astakos configuration |
|
| 5 |
# |
|
| 6 |
|
|
| 7 |
ASTAKOS_AUTH_TOKEN_DURATION = Default( |
|
| 8 |
default_value=30*24, |
|
| 9 |
description="Expiration time for newly created authentication tokens. " |
|
| 10 |
"Time is counted in hours.", |
|
| 11 |
category="snf-astakos-app-settings", |
|
| 12 |
export=True, |
|
| 13 |
) |
|
| 14 |
|
|
| 15 |
ASTAKOS_IM_MODULES = Default( |
|
| 16 |
default_value=["local"], |
|
| 17 |
example_value=["local", "twitter", "google", "linkedin", "shibboleth"], |
|
| 18 |
description="Identity management enabled methods.", |
|
| 19 |
category="snf-astakos-app-settings", |
|
| 20 |
export=True, |
|
| 21 |
) |
|
| 22 |
|
|
| 23 |
ASTAKOS_COOKIE_DOMAIN = Mandatory( |
|
| 24 |
example_value=".example.synnefo.org", |
|
| 25 |
description="The domain at which the Astakos authentication cookie will be " |
|
| 26 |
"published. Warning: all websites under this domain can access the " |
|
| 27 |
"and its secret authorization data.", |
|
| 28 |
category="snf-astakos-app-settings", |
|
| 29 |
) |
|
| 30 |
|
|
| 31 |
ASTAKOS_COOKIE_NAME = Default( |
|
| 32 |
default_value="_pithos2_a", |
|
| 33 |
example_value="my_service_cookie_name_here", |
|
| 34 |
description="The astakos cookie name.", |
|
| 35 |
export=False, |
|
| 36 |
) |
|
| 37 |
|
|
| 38 |
ASTAKOS_COOKIE_SECURE = Default( |
|
| 39 |
default_value=True, |
|
| 40 |
description="Whether to require an encrypted connection to transmit the " |
|
| 41 |
"cookie.", |
|
| 42 |
export=False, |
|
| 43 |
) |
|
| 44 |
|
|
| 45 |
# |
|
| 46 |
# User moderation configuration |
|
| 47 |
# |
|
| 48 |
|
|
| 49 |
ASTAKOS_MODERATION_ENABLED = Default( |
|
| 50 |
default_value=True, |
|
| 51 |
description="Whether to moderate newly created users. If set to False all " |
|
| 52 |
"users that have signed up and verified their email address will get " |
|
| 53 |
"automatically accepted/activated. ", |
|
| 54 |
category="snf-astakos-app-settings", |
|
| 55 |
export=True, |
|
| 56 |
) |
|
| 57 |
|
|
| 58 |
ASTAKOS_RE_USER_EMAIL_PATTERNS = Default( |
|
| 59 |
default_value=[], |
|
| 60 |
description="If a new user's email matches any regex in this list, the " |
|
| 61 |
"user will get automatically accepted/activated.", |
|
| 62 |
dependencies=[ASTAKOS_MODERATION_ENABLED], |
|
| 63 |
category="snf-astakos-app-settings", |
|
| 64 |
export=True, |
|
| 65 |
) |
|
| 66 |
|
|
| 67 |
# |
|
| 68 |
# reCAPTCHA configuration |
|
| 69 |
# |
|
| 70 |
|
|
| 71 |
ASTAKOS_RECAPTCHA_ENABLED = Default( |
|
| 72 |
default_value=False, |
|
| 73 |
description="Whether to enable reCAPTCHA during sign up. ", |
|
| 74 |
category="snf-astakos-app-settings", |
|
| 75 |
export=True, |
|
| 76 |
) |
|
| 77 |
|
|
| 78 |
ASTAKOS_RECAPTCHA_PUBLIC_KEY = SubMandatory( |
|
| 79 |
example_value="recaptcha_public_key_here", |
|
| 80 |
description="The reCAPTCHA public key.", |
|
| 81 |
dependencies=[ASTAKOS_RECAPTCHA_ENABLED], |
|
| 82 |
) |
|
| 83 |
|
|
| 84 |
ASTAKOS_RECAPTCHA_PRIVATE_KEY = SubMandatory( |
|
| 85 |
example_value="recaptcha_private_key_here", |
|
| 86 |
description="The reCAPTCHA private key.", |
|
| 87 |
dependencies=[ASTAKOS_RECAPTCHA_ENABLED], |
|
| 88 |
) |
|
| 89 |
|
|
| 90 |
ASTAKOS_RECAPTCHA_OPTIONS = Default( |
|
| 91 |
default_value={
|
|
| 92 |
"theme": "custom", |
|
| 93 |
"custom_theme_widget": "okeanos_recaptcha" |
|
| 94 |
}, |
|
| 95 |
description="Additional reCAPTCHA options. We define a custom theme here. ", |
|
| 96 |
dependencies=[ASTAKOS_RECAPTCHA_ENABLED], |
|
| 97 |
export=False, |
|
| 98 |
) |
|
| 99 |
|
|
| 100 |
ASTAKOS_RECAPTCHA_USE_SSL = Default( |
|
| 101 |
default_value=True, |
|
| 102 |
description="Whether to use SSL.", |
|
| 103 |
dependencies=[ASTAKOS_RECAPTCHA_ENABLED], |
|
| 104 |
export=False, |
|
| 105 |
) |
|
| 106 |
|
|
| 107 |
# |
|
| 108 |
# UI messages configuration |
|
| 109 |
# |
|
| 110 |
|
|
| 111 |
ASTAKOS_LOGIN_MESSAGES = Default( |
|
| 112 |
default_value=[], |
|
| 113 |
example_value=[{
|
|
| 114 |
"warning": "This will be displayed on the top of the login page. " |
|
| 115 |
}], |
|
| 116 |
description="Type and body of the message to get displayed on the login " |
|
| 117 |
"page header. Types are color coded on the UI, valid keys are: " |
|
| 118 |
"'warning', 'success', 'error', 'info'", |
|
| 119 |
export=False, |
|
| 120 |
) |
|
| 121 |
|
|
| 122 |
ASTAKOS_SIGNUP_MESSAGES = Default( |
|
| 123 |
default_value=[], |
|
| 124 |
example_value=[{
|
|
| 125 |
"warning": "This will be displayed on the top of the signup page. " |
|
| 126 |
}], |
|
| 127 |
description="Type and body of the message to get displayed on the signup " |
|
| 128 |
"page header. Types are color coded on the UI, valid keys are: " |
|
| 129 |
"'warning', 'success', 'error', 'info'", |
|
| 130 |
export=False, |
|
| 131 |
) |
|
| 132 |
|
|
| 133 |
ASTAKOS_PROFILE_MESSAGES = Default( |
|
| 134 |
default_value=[], |
|
| 135 |
example_value=[{
|
|
| 136 |
"warning": "This will be displayed on the top of the profile page. " |
|
| 137 |
}], |
|
| 138 |
description="Type and body of the message to get displayed on the profile " |
|
| 139 |
"page header. Types are color coded on the UI, valid keys are: " |
|
| 140 |
"'warning', 'success', 'error', 'info'", |
|
| 141 |
export=False, |
|
| 142 |
) |
|
| 143 |
|
|
| 144 |
ASTAKOS_GLOBAL_MESSAGES = Default( |
|
| 145 |
default_value=[], |
|
| 146 |
example_value=[{
|
|
| 147 |
"warning": "This will be displayed on the top of every page. " |
|
| 148 |
}], |
|
| 149 |
description="Type and body of the message to get displayed on every " |
|
| 150 |
"page header. Types are color coded on the UI, valid keys are: " |
|
| 151 |
"'warning', 'success', 'error', 'info'", |
|
| 152 |
export=False, |
|
| 153 |
) |
|
| 154 |
|
|
| 155 |
ASTAKOS_PROFILE_EXTRA_LINKS = Default( |
|
| 156 |
default_value={},
|
|
| 157 |
example_value={
|
|
| 158 |
"https://landingpage.example.synnefo.org": "Back to <service_name>" |
|
| 159 |
}, |
|
| 160 |
description="Additional link to get displayed on the profile page.", |
|
| 161 |
export=False, |
|
| 162 |
) |
|
| 163 |
|
|
| 164 |
# |
|
| 165 |
# Email change/verify configuration |
|
| 166 |
# |
|
| 167 |
|
|
| 168 |
ASTAKOS_EMAILCHANGE_ENABLED = Default( |
|
| 169 |
default_value=False, |
|
| 170 |
description="Whether the user can change his/her email on the profile " |
|
| 171 |
"page. ", |
|
| 172 |
category="snf-astakos-app-settings", |
|
| 173 |
export=True, |
|
| 174 |
) |
|
| 175 |
|
|
| 176 |
ASTAKOS_EMAILCHANGE_ACTIVATION_DAYS = Default( |
|
| 177 |
default_value=10, |
|
| 178 |
description="Expiration time in days of email change requests. The user " |
|
| 179 |
"should verify his/her new email inside this period for it to switch " |
|
| 180 |
"to the new value.", |
|
| 181 |
dependencies=[ASTAKOS_EMAILCHANGE_ENABLED], |
|
| 182 |
category="snf-astakos-app-settings", |
|
| 183 |
export=True, |
|
| 184 |
) |
|
| 185 |
|
|
| 186 |
ASTAKOS_SKIP_EMAIL_VERIFICATION = Default( |
|
| 187 |
default_value=False, |
|
| 188 |
description="If False, Astakos will verify the email of a newly created " |
|
| 189 |
"user, by sending him/her a verification email which will contain a " |
|
| 190 |
"verification URL.", |
|
| 191 |
export=False, |
|
| 192 |
) |
|
| 193 |
|
|
| 194 |
# |
|
| 195 |
# UI pagination configuration |
|
| 196 |
# |
|
| 197 |
|
|
| 198 |
ASTAKOS_PAGINATE_BY = Default( |
|
| 199 |
default_value=50, |
|
| 200 |
description="How many objects should be displayed per page.", |
|
| 201 |
export=False, |
|
| 202 |
) |
|
| 203 |
|
|
| 204 |
ASTAKOS_PAGINATE_BY_ALL = Default( |
|
| 205 |
default_value=50, |
|
| 206 |
description="How many objects should be displayed per page in the " |
|
| 207 |
"'show all' projects' page.", |
|
| 208 |
export=False, |
|
| 209 |
) |
|
| 210 |
|
|
| 211 |
# |
|
| 212 |
# Projects configuration |
|
| 213 |
# |
|
| 214 |
|
|
| 215 |
ASTAKOS_PROJECTS_VISIBLE = Default( |
|
| 216 |
default_value=False, |
|
| 217 |
description="Whether to show Projects under the Astakos menu on the UI. ", |
|
| 218 |
category="snf-astakos-app-settings", |
|
| 219 |
export=True, |
|
| 220 |
) |
|
| 221 |
|
|
| 222 |
ASTAKOS_PROJECT_ADMINS = Default( |
|
| 223 |
default_value=[], |
|
| 224 |
description="Users that can approve or deny project applications. List of " |
|
| 225 |
"user UUIDs.", |
|
| 226 |
category="snf-astakos-app-settings", |
|
| 227 |
export=True, |
|
| 228 |
) |
|
| 229 |
|
|
| 230 |
# |
|
| 231 |
# Auth methods configuration |
|
| 232 |
# |
|
| 233 |
|
|
| 234 |
ASTAKOS_SHIBBOLETH_REQUIRE_NAME_INFO = Default( |
|
| 235 |
default_value=False, |
|
| 236 |
description="If True, require shibboleth IdP's to provide attributes that " |
|
| 237 |
"contain account name information. If no such attributes provided, " |
|
| 238 |
"users of that IdP won't be able to use their shibboleth credentials " |
|
| 239 |
"to create or login to their astakos account.", |
|
| 240 |
export=False, |
|
| 241 |
) |
|
| 242 |
|
|
| 243 |
# FIXME: Mandatory with condition |
|
| 244 |
ASTAKOS_TWITTER_TOKEN = Default( |
|
| 245 |
default_value="", |
|
| 246 |
description="OAuth2 twitter token.", |
|
| 247 |
category="snf-astakos-app-authmethods", |
|
| 248 |
export=True, |
|
| 249 |
) |
|
| 250 |
|
|
| 251 |
# FIXME: Mandatory with condition |
|
| 252 |
ASTAKOS_TWITTER_SECRET = Default( |
|
| 253 |
default_value="", |
|
| 254 |
description="0Auth2 twitter secret.", |
|
| 255 |
category="snf-astakos-app-authmethods", |
|
| 256 |
export=True, |
|
| 257 |
) |
|
| 258 |
|
|
| 259 |
ASTAKOS_TWITTER_AUTH_FORCE_LOGIN = Default( |
|
| 260 |
default_value=False, |
|
| 261 |
description="If True, prevent Twitter automatic authentication for users " |
|
| 262 |
"who try to login using their Twitter account. This means that Twitter " |
|
| 263 |
"will always prompt users to login to their account even if an " |
|
| 264 |
"existing Twitter session exists.", |
|
| 265 |
export=False, |
|
| 266 |
) |
|
| 267 |
|
|
| 268 |
# FIXME: Mandatory with condition |
|
| 269 |
ASTAKOS_GOOGLE_CLIENT_ID = Default( |
|
| 270 |
default_value="", |
|
| 271 |
description="OAuth google client id.", |
|
| 272 |
category="snf-astakos-app-authmethods", |
|
| 273 |
export=True, |
|
| 274 |
) |
|
| 275 |
|
|
| 276 |
# FIXME: Mandatory with condition |
|
| 277 |
ASTAKOS_GOOGLE_SECRET = Default( |
|
| 278 |
default_value="", |
|
| 279 |
description="OAuth google sercret.", |
|
| 280 |
category="snf-astakos-app-authmethods", |
|
| 281 |
export=True, |
|
| 282 |
) |
|
| 283 |
|
|
| 284 |
# FIXME: Mandatory with condition |
|
| 285 |
ASTAKOS_LINKEDIN_TOKEN = Default( |
|
| 286 |
default_value="", |
|
| 287 |
description="OAuth linkedin token.", |
|
| 288 |
category="snf-astakos-app-authmethods", |
|
| 289 |
export=True, |
|
| 290 |
) |
|
| 291 |
|
|
| 292 |
# FIXME: Mandatory with condition |
|
| 293 |
ASTAKOS_LINKEDIN_SECRET = Default( |
|
| 294 |
default_value="", |
|
| 295 |
description="OAuth linkedin secret.", |
|
| 296 |
category="snf-astakos-app-authmethods", |
|
| 297 |
export=True, |
|
| 298 |
) |
|
| 299 |
|
|
| 300 |
# |
|
| 301 |
# UI presentation configuration |
|
| 302 |
# |
|
| 303 |
|
|
| 304 |
ASTAKOS_COMPONENTS_META = Default( |
|
| 305 |
default_value={},
|
|
| 306 |
example_value={
|
|
| 307 |
"synnefo": {
|
|
| 308 |
"url": "http://example.synnefo.org", |
|
| 309 |
"order": 1, |
|
| 310 |
"dashboard": {
|
|
| 311 |
"order": 4, |
|
| 312 |
"show": True, |
|
| 313 |
"description": 'Synnefo homepage', |
|
| 314 |
"icon": "/static/branding/images/synnefo-logo.png" |
|
| 315 |
}, |
|
| 316 |
"cloudbar": {
|
|
| 317 |
"show": True, |
|
| 318 |
"icon": "https://example.synnefo.org/static/branding/images/cloudbar_home.png" |
|
| 319 |
} |
|
| 320 |
}, |
|
| 321 |
"cyclades": {
|
|
| 322 |
"order": 2, |
|
| 323 |
"dashboard": {
|
|
| 324 |
"order": 1, |
|
| 325 |
}, |
|
| 326 |
}, |
|
| 327 |
"pithos": {
|
|
| 328 |
"order": 3, |
|
| 329 |
"dashboard": {
|
|
| 330 |
"order": 2, |
|
| 331 |
}, |
|
| 332 |
} |
|
| 333 |
}, |
|
| 334 |
description="A way to extend the components presentation metadata on the " |
|
| 335 |
"UI.", |
|
| 336 |
export=False, |
|
| 337 |
) |
|
| 338 |
|
|
| 339 |
ASTAKOS_RESOURCES_META = Default( |
|
| 340 |
default_value={},
|
|
| 341 |
description="A way to extend the services presentation metadata on the UI.", |
|
| 342 |
export=False, |
|
| 343 |
) |
|
| 344 |
|
|
| 345 |
# |
|
| 346 |
# API access page links |
|
| 347 |
# |
|
| 348 |
|
|
| 349 |
ASTAKOS_API_CLIENT_URL = Default( |
|
| 350 |
default_value="https://pypi.python.org/pypi/kamaki", |
|
| 351 |
description="URL to the official kamaki package. Displayed in the API " |
|
| 352 |
"access tab.", |
|
| 353 |
export=False, |
|
| 354 |
) |
|
| 355 |
|
|
| 356 |
ASTAKOS_KAMAKI_CONFIG_CLOUD_NAME = Default( |
|
| 357 |
default_value=None, |
|
| 358 |
description="Override the cloud name in the suggested downloadable " |
|
| 359 |
"'.kamakirc' in the API access tab.", |
|
| 360 |
export=False, |
|
| 361 |
) |
|
| 362 |
|
|
| 363 |
# |
|
| 364 |
# Misc configuration |
|
| 365 |
# |
|
| 366 |
|
|
| 367 |
ASTAKOS_RATELIMIT_RETRIES_ALLOWED = Default( |
|
| 368 |
default_value=3, |
|
| 369 |
description="The number of unsuccessful login requests per minute a user " |
|
| 370 |
"can issue.", |
|
| 371 |
export=False, |
|
| 372 |
) |
|
| 373 |
|
|
| 374 |
ASTAKOS_NEWPASSWD_INVALIDATE_TOKEN = Default( |
|
| 375 |
default_value=True, |
|
| 376 |
description="Enforce token renewal on password change/reset.", |
|
| 377 |
export=False, |
|
| 378 |
) |
|
| 379 |
|
|
| 380 |
ASTAKOS_USAGE_UPDATE_INTERVAL = Default( |
|
| 381 |
default_value=5000, |
|
| 382 |
description="Refresh the user's available quota in the Usage tab every " |
|
| 383 |
"that many milliseconds.", |
|
| 384 |
export=False, |
|
| 385 |
) |
|
| 386 |
|
|
| 387 |
|
|
| 388 |
ASTAKOS_REDIRECT_ALLOWED_SCHEMES = Default( |
|
| 389 |
default_value=("pithos", "pithosdev"),
|
|
| 390 |
description="Allowed schemes to be passed at the 'next' parameter during " |
|
| 391 |
"Astakos redirects.", |
|
| 392 |
export=False, |
|
| 393 |
) |
|
| 394 |
|
|
| 395 |
ASTAKOS_LOGOUT_NEXT = Default( |
|
| 396 |
default_value="", |
|
| 397 |
example_value="http://landingpage.example.synnefo.org/welcome", |
|
| 398 |
description="URL that the user will get redirected to after logging out. ", |
|
| 399 |
export=False, |
|
| 400 |
) |
|
| 401 |
|
|
| 402 |
ASTAKOS_IM_STATIC_URL = Default( |
|
| 403 |
default_value=MEDIA_URL + "im/", |
|
| 404 |
description="Base URL for Astakos static files.", |
|
| 405 |
dependencies=[MEDIA_URL], |
|
| 406 |
export=False, |
|
| 407 |
) |
|
| 408 |
|
|
| 409 |
# |
|
| 410 |
# FIXME: Document the following |
|
| 411 |
# |
|
| 412 |
|
|
| 413 |
# The following settings will replace the default django settings |
|
| 414 |
AUTHENTICATION_BACKENDS = ( |
|
| 415 |
'astakos.im.auth_backends.EmailBackend', |
|
| 416 |
'astakos.im.auth_backends.TokenBackend') |
|
| 417 |
|
|
| 418 |
CUSTOM_USER_MODEL = 'astakos.im.AstakosUser' |
|
| 419 |
|
|
| 420 |
#SOUTH_TESTS_MIGRATE = False |
|
| 421 |
|
|
| 422 |
BROKER_URL = '' |
|
| 423 |
|
|
| 424 |
# INTERNAL_IPS = ('127.0.0.1',)
|
|
| 425 |
|
|
| 426 |
|
|
| 427 |
# |
|
| 428 |
# Obsolete settings |
|
| 429 |
# |
|
| 430 |
|
|
| 431 |
# FIXME: Invitations mechanism will be re-written if needed. Those have to go |
|
| 432 |
# for now along with the relevant code. |
|
| 433 |
ASTAKOS_INVITATIONS_ENABLED = Default( |
|
| 434 |
default_value=False, |
|
| 435 |
description="Whether to enable the invitations mechanism.", |
|
| 436 |
export=False, |
|
| 437 |
) |
|
| 438 |
|
|
| 439 |
ASTAKOS_DEFAULT_USER_LEVEL = Default( |
|
| 440 |
default_value=4, |
|
| 441 |
description="The user's default invitation level.", |
|
| 442 |
export=False, |
|
| 443 |
) |
|
| 444 |
|
|
| 445 |
ASTAKOS_INVITATIONS_PER_LEVEL = Default( |
|
| 446 |
default_value={
|
|
| 447 |
0: 100, |
|
| 448 |
1: 2, |
|
| 449 |
2: 0, |
|
| 450 |
3: 0, |
|
| 451 |
4: 0 |
|
| 452 |
}, |
|
| 453 |
description="Dict that maps how many are the available invitations for " |
|
| 454 |
"each invitation level. ", |
|
| 455 |
export=False, |
|
| 456 |
) |
|
| 457 |
|
|
| 458 |
# FIXME: This is not needed any more, has to go along with relevant code. |
|
| 459 |
ASTAKOS_FORCE_PROFILE_UPDATE = Default( |
|
| 460 |
default_value=False, |
|
| 461 |
description="Force the user to update his/her profile page on the first " |
|
| 462 |
"successful login.", |
|
| 463 |
export=False, |
|
| 464 |
) |
|
| 465 |
|
|
| 466 |
# FIXME: This was needed for transitional reasons, now needs to go away along |
|
| 467 |
# with the corresponding code. |
|
| 468 |
# This enables a ui compatibility layer for the introduction of UUIDs in |
|
| 469 |
# identity management. WARNING: Setting to True will break your installation. |
|
| 470 |
ASTAKOS_TRANSLATE_UUIDS = Default( |
|
| 471 |
default_value=False, |
|
| 472 |
description="Transitional setting to allow UUID translations.", |
|
| 473 |
export=False, |
|
| 474 |
) |
|
Also available in: Unified diff