Statistics
| Branch: | Tag: | Revision:

root / snf-astakos-app / README @ d2c9adac

History | View | Annotate | Download (19.2 kB)

1 e0bfcf77 Antony Chazapis
README
2 e0bfcf77 Antony Chazapis
======
3 e0bfcf77 Antony Chazapis
4 e0bfcf77 Antony Chazapis
Astakos is an identity management service, built by GRNET using Django (https://www.djangoproject.com/).
5 e0bfcf77 Antony Chazapis
Learn more about Astakos at: http://code.grnet.gr/projects/astakos
6 e0bfcf77 Antony Chazapis
7 e0bfcf77 Antony Chazapis
Consult COPYRIGHT for licensing information.
8 e0bfcf77 Antony Chazapis
9 e0bfcf77 Antony Chazapis
About Astakos application
10 e0bfcf77 Antony Chazapis
-------------------------
11 e0bfcf77 Antony Chazapis
12 e0bfcf77 Antony Chazapis
This package contains the Django application that implements all identity management functions.
13 e0bfcf77 Antony Chazapis
14 e0bfcf77 Antony Chazapis
How to run
15 e0bfcf77 Antony Chazapis
----------
16 e0bfcf77 Antony Chazapis
17 e0bfcf77 Antony Chazapis
Use snf-webproject to run Astakos automatically.
18 e0bfcf77 Antony Chazapis
19 e0bfcf77 Antony Chazapis
To use Astakos in a custom Django project, add ``astakos.im`` to ``INSTALLED_APPS``. Astakos requires South (http://south.aeracode.org/).
20 e0bfcf77 Antony Chazapis
21 e0bfcf77 Antony Chazapis
Also, add the following to your ``settings.py``::
22 e0bfcf77 Antony Chazapis
23 e0bfcf77 Antony Chazapis
    TEMPLATE_CONTEXT_PROCESSORS = (
24 e0bfcf77 Antony Chazapis
        ...
25 e0bfcf77 Antony Chazapis
        'astakos.im.context_processors.cloudbar',
26 e0bfcf77 Antony Chazapis
        'astakos.im.context_processors.im_modules',
27 e0bfcf77 Antony Chazapis
        'astakos.im.context_processors.next',
28 e0bfcf77 Antony Chazapis
        'astakos.im.context_processors.code',
29 e0bfcf77 Antony Chazapis
        'astakos.im.context_processors.invitations')
30 e0bfcf77 Antony Chazapis
    
31 e0bfcf77 Antony Chazapis
    AUTHENTICATION_BACKENDS = ('astakos.im.auth_backends.EmailBackend',
32 e0bfcf77 Antony Chazapis
                               'astakos.im.auth_backends.TokenBackend')
33 e0bfcf77 Antony Chazapis
    
34 e0bfcf77 Antony Chazapis
    CUSTOM_USER_MODEL = 'astakos.im.AstakosUser'
35 e0bfcf77 Antony Chazapis
    
36 e0bfcf77 Antony Chazapis
    LOGIN_URL = '/im'
37 e0bfcf77 Antony Chazapis
38 e0bfcf77 Antony Chazapis
Settings
39 e0bfcf77 Antony Chazapis
--------
40 e0bfcf77 Antony Chazapis
41 e0bfcf77 Antony Chazapis
Configure in ``settings.py`` or a ``.conf`` file in ``/etc/synnefo`` if using snf-webproject.
42 e0bfcf77 Antony Chazapis
43 b03877be Sofia Papagiannaki
=========================================== =============================================================================   ===========================================================================================
44 b03877be Sofia Papagiannaki
Name                                        Default value                                                                   Description
45 b03877be Sofia Papagiannaki
=========================================== =============================================================================   ===========================================================================================
46 b03877be Sofia Papagiannaki
ASTAKOS_AUTH_TOKEN_DURATION                 one month                                                                       Expiration time of newly created auth tokens
47 b03877be Sofia Papagiannaki
ASTAKOS_DEFAULT_USER_LEVEL                  4                                                                               Default (not-invited) user level
48 b03877be Sofia Papagiannaki
ASTAKOS_INVITATIONS_PER_LEVEL               {0:100, 1:2, 2:0, 3:0, 4:0}                                                     Number of user invitations per user level
49 b03877be Sofia Papagiannaki
ASTAKOS_DEFAULT_FROM_EMAIL                  GRNET Cloud <no-reply\@grnet.gr>                                                ``from`` parameter passed in ``django.core.mail.send_mail``
50 b03877be Sofia Papagiannaki
ASTAKOS_DEFAULT_CONTACT_EMAIL               support\@cloud.grnet.gr                                                         Contact email
51 5a3921a1 Sofia Papagiannaki
SERVER_EMAIL                                None
52 5a3921a1 Sofia Papagiannaki
ADMINS                                      None
53 5a3921a1 Sofia Papagiannaki
ASTAKOS_IM_MODULES                          ['local']                                                                       Signup modules
54 b03877be Sofia Papagiannaki
ASTAKOS_FORCE_PROFILE_UPDATE                True                                                                            Force user profile verification
55 b03877be Sofia Papagiannaki
ASTAKOS_INVITATIONS_ENABLED                 True                                                                            Enable invitations
56 b03877be Sofia Papagiannaki
ASTAKOS_COOKIE_NAME                         _pithos2_a                                                                      ``Key`` parameter passed in ``django.http.HttpResponse.set_cookie``
57 b03877be Sofia Papagiannaki
ASTAKOS_COOKIE_DOMAIN                       None                                                                            ``Domain`` parameter passed in ``django.http.HttpResponse.set_cookie``
58 b03877be Sofia Papagiannaki
ASTAKOS_COOKIE_SECURE                       True                                                                            ``Secure`` parameter passed in ``django.http.HttpResponse.set_cookie``
59 b03877be Sofia Papagiannaki
ASTAKOS_IM_STATIC_URL                       /static/im/                                                                     URL to use when referring to static files
60 b03877be Sofia Papagiannaki
ASTAKOS_MODERATION_ENABLED                  True                                                                            If False and invitations are not enabled newly created user will be automatically accepted
61 b03877be Sofia Papagiannaki
ASTAKOS_BASEURL                             \http://pithos.dev.grnet.gr                                                     Astakos baseurl
62 b03877be Sofia Papagiannaki
ASTAKOS_SITENAME                            GRNET Cloud                                                                     Service name that appears in emails
63 b03877be Sofia Papagiannaki
ASTAKOS_RECAPTCHA_PUBLIC_KEY                                                                                                Recaptcha public key obtained after registration here: http://recaptcha.net
64 b03877be Sofia Papagiannaki
ASTAKOS_RECAPTCHA_PRIVATE_KEY                                                                                               Recaptcha private key obtained after registration here: http://recaptcha.net
65 5a3921a1 Sofia Papagiannaki
ASTAKOS_RECAPTCHA_OPTIONS                   {'theme': 'custom', 'custom_theme_widget': 'okeanos_recaptcha'}                 Options for customizing reCAPTCHA look and feel
66 5a3921a1 Sofia Papagiannaki
ASTAKOS_RECAPTCHA_USE_SSL                   True
67 5a3921a1 Sofia Papagiannaki
ASTAKOS_RECAPTCHA_ENABLED                   False                                                                           Enable recaptcha
68 b03877be Sofia Papagiannaki
                                                                                                                            (see: http://code.google.com/intl/el-GR/apis/recaptcha/docs/customization.html)
69 5a3921a1 Sofia Papagiannaki
ASTAKOS_BILLING_FIELDS                      ['is_active']                                                                   AstakosUser fields to propagate in the billing system
70 5a3921a1 Sofia Papagiannaki
ASTAKOS_QUEUE_CONNECTION                                                                                                    The queue connection ex. 'rabbitmq://guest:guest@localhost:5672/astakos'
71 b03877be Sofia Papagiannaki
ASTAKOS_LOGOUT_NEXT                                                                                                         Where the user should be redirected after logout
72 b03877be Sofia Papagiannaki
                                                                                                                            (if not set and no next parameter is defined it renders login page with message)
73 b03877be Sofia Papagiannaki
                                                                                                                            (if it is not set, it does not send messages)
74 b03877be Sofia Papagiannaki
ASTAKOS_RE_USER_EMAIL_PATTERNS              []                                                                              Email patterns that are automatically activated ex. ['^[a-zA-Z0-9\._-]+@grnet\.gr$']
75 76776df1 Kostas Papadimitriou
76 5a3921a1 Sofia Papagiannaki
ASTAKOS_LOGIN_MESSAGES                      []                                                                              Notification messages to display on login page header
77 5a3921a1 Sofia Papagiannaki
                                                                                                                            e.g. {'warning': 'Warning message (can contain html)'}
78 5a3921a1 Sofia Papagiannaki
ASTAKOS_SIGNUP_MESSAGES                     []                                                                              Notification messages to display on signup page header
79 5a3921a1 Sofia Papagiannaki
                                                                                                                            e.g. {'warning': 'Warning message (can contain html)'}
80 5a3921a1 Sofia Papagiannaki
ASTAKOS_PROFILE_MESSAGES                    []                                                                              Notification messages to display on profile page header
81 5a3921a1 Sofia Papagiannaki
                                                                                                                            e.g. {'warning': 'Warning message (can contain html)'}
82 5a3921a1 Sofia Papagiannaki
ASTAKOS_GLOBAL_MESSAGES                     []                                                                              Notification messages to display on every page header
83 b03877be Sofia Papagiannaki
                                                                                                                            e.g. {'warning': 'Warning message (can contain html)'}
84 b03877be Sofia Papagiannaki
ASTAKOS_PROFILE_EXTRA_LINKS                 {}                                                                              Messages to display as extra actions in account forms
85 b03877be Sofia Papagiannaki
                                                                                                                            e.g. {'https://cms.okeanos.grnet.gr/': 'Back to ~okeanos'}
86 b03877be Sofia Papagiannaki
ASTAKOS_RATELIMIT_RETRIES_ALLOWED           3                                                                               Number of unsuccessful login requests per minute allowed for a specific account.
87 b03877be Sofia Papagiannaki
                                                                                                                            When this number exceeds and ASTAKOS_RECAPTCHA_ENABLED is set the user has to solve a
88 b03877be Sofia Papagiannaki
                                                                                                                            captcha challenge.
89 b03877be Sofia Papagiannaki
ASTAKOS_EMAILCHANGE_ENABLED                 False                                                                           Enable email change mechanism
90 b03877be Sofia Papagiannaki
ASTAKOS_EMAILCHANGE_ACTIVATION_DAYS         10                                                                              Number of days that email change requests remain active
91 b03877be Sofia Papagiannaki
ASTAKOS_LOGGING_LEVEL                       INFO                                                                            Message logging severity
92 b03877be Sofia Papagiannaki
ASTAKOS_INVITATION_EMAIL_SUBJECT            'Invitation to %s alpha2 testing' % SITENAME                                    Invitation email subject
93 b03877be Sofia Papagiannaki
ASTAKOS_GREETING_EMAIL_SUBJECT              'Welcome to %s alpha2 testing' % SITENAME                                       Welcome email subject
94 b03877be Sofia Papagiannaki
ASTAKOS_FEEDBACK_EMAIL_SUBJECT              'Feedback from %s alpha2 testing' % SITENAME                                    Feedback email subject
95 b03877be Sofia Papagiannaki
ASTAKOS_VERIFICATION_EMAIL_SUBJECT          '%s alpha2 testing account activation is needed' % SITENAME                     Account activation email subject
96 952c0979 Sofia Papagiannaki
ASTAKOS_ACCOUNT_CREATION_SUBJECT            '%s alpha2 testing account created (%%(user)s)' % SITENAME                      Account creation email subject
97 952c0979 Sofia Papagiannaki
ASTAKOS_GROUP_CREATION_SUBJECT              '%s alpha2 testing group created (%%(group)s)' % SITENAME                       Group creation email subject
98 b03877be Sofia Papagiannaki
ASTAKOS_HELPDESK_NOTIFICATION_EMAIL_SUBJECT '%s alpha2 testing account activated (%%(user)s)' % SITENAME                    Account activation helpdesk notification email subject
99 b03877be Sofia Papagiannaki
ASTAKOS_EMAIL_CHANGE_EMAIL_SUBJECT          'Email change on %s alpha2 testing' % SITENAME                                  Email change subject               
100 b03877be Sofia Papagiannaki
ASTAKOS_PASSWORD_RESET_EMAIL_SUBJECT        'Password reset on %s alpha2 testing' % SITENAME                                Password change email subject
101 c4d1b547 Sofia Papagiannaki
ASTAKOS_PROJECT_CREATION_SUBJECT            '%s alpha2 testing project application created (%%(name)s)' % SITENAME          Project application creation subject
102 c4d1b547 Sofia Papagiannaki
ASTAKOS_PROJECT_APPROVED_SUBJECT            '%s alpha2 testing project application approved (%%(name)s)' % SITENAME         Project application approval subject
103 c4d1b547 Sofia Papagiannaki
ASTAKOS_PROJECT_TERMINATION_SUBJECT         '%s alpha2 testing project terminated (%%(name)s)' % SITENAME                   Project termination subject
104 c4d1b547 Sofia Papagiannaki
ASTAKOS_PROJECT_SUSPENSION_SUBJECT          '%s alpha2 testing project suspended (%%(name)s)' % SITENAME                    Project suspension subject
105 c4d1b547 Sofia Papagiannaki
ASTAKOS_PROJECT_MEMBERSHIP_CHANGE_SUBJECT   '%s alpha2 testing project membership changed (%%(name)s)' % SITENAME           Project membership change subject
106 485c713e Sofia Papagiannaki
107 30d92d1e Georgios D. Tsoukalas
ASTAKOS_QUOTAHOLDER_URL                     ''                                                                              The quotaholder URI
108 952c0979 Sofia Papagiannaki
                                                                                                                            e.g. ``http://localhost:8080/api/quotaholder/v``
109 30d92d1e Georgios D. Tsoukalas
ASTAKOS_QUOTAHOLDER_TOKEN                   ''                                                                              The secret token for accessing the quotaholder URI
110 30d92d1e Georgios D. Tsoukalas
111 952c0979 Sofia Papagiannaki
ASTAKOS_SERVICES                            {'cyclades': {'resources': [{'desc': 'Number of virtual machines',              Default cloud service information
112 1f3ad141 Sofia Papagiannaki
                                            'group': 'compute',
113 952c0979 Sofia Papagiannaki
                                            'name': 'vm',
114 952c0979 Sofia Papagiannaki
                                            'uplimit': 2},
115 952c0979 Sofia Papagiannaki
                                            {'desc': 'Virtual machine disk size',
116 1f3ad141 Sofia Papagiannaki
                                            'group': 'compute',
117 1f3ad141 Sofia Papagiannaki
                                            'name': 'diskspace',
118 952c0979 Sofia Papagiannaki
                                            'unit': 'GB',
119 952c0979 Sofia Papagiannaki
                                            'uplimit': 5},
120 952c0979 Sofia Papagiannaki
                                            {'desc': 'Number of virtual machine processors',
121 1f3ad141 Sofia Papagiannaki
                                            'group': 'compute',
122 952c0979 Sofia Papagiannaki
                                            'name': 'cpu',
123 952c0979 Sofia Papagiannaki
                                            'uplimit': 1},
124 952c0979 Sofia Papagiannaki
                                            {'desc': 'Virtual machines',
125 1f3ad141 Sofia Papagiannaki
                                            'group': 'compute',
126 952c0979 Sofia Papagiannaki
                                            'name': 'ram',
127 952c0979 Sofia Papagiannaki
                                            'unit': 'MB',
128 952c0979 Sofia Papagiannaki
                                            'uplimit': 1024}],
129 952c0979 Sofia Papagiannaki
                                            'url': 'https://node1.example.com/ui/'},
130 952c0979 Sofia Papagiannaki
                                            'pithos+': {'resources': [{'desc': 'Pithos account diskspace',
131 1f3ad141 Sofia Papagiannaki
                                            'group': 'storage',
132 952c0979 Sofia Papagiannaki
                                            'name': 'diskspace',
133 952c0979 Sofia Papagiannaki
                                            'unit': 'bytes',
134 952c0979 Sofia Papagiannaki
                                            'uplimit': 5368709120}],
135 5a3921a1 Sofia Papagiannaki
                                            'url': 'https://node2.example.com/ui/'}}
136 5a3921a1 Sofia Papagiannaki
ASTAKOS_PAGINATE_BY                         8                                                                               Number of object to be displayed per page
137 5a3921a1 Sofia Papagiannaki
ASTAKOS_PAGINATE_BY_ALL                     15                                                                              Number of object to be displayed per pagein show all projects page
138 485c713e Sofia Papagiannaki
139 ee210d1d Sofia Papagiannaki
ASTAKOS_NEWPASSWD_INVALIDATE_TOKEN          True                                                                            Enforce token renewal on password change/reset. If set to False, user can optionally decide
140 48e9f076 Sofia Papagiannaki
                                                                                                                            whether to renew the token or not.
141 678b2236 Sofia Papagiannaki
ASTAKOS_ENABLE_LOCAL_ACCOUNT_MIGRATION      True                                                                            Permit local account migration to third party account
142 5a3921a1 Sofia Papagiannaki
ASTAKOS_RESOURCES_PRESENTATION_DATA         {}                                                                              Customizes resource presentation
143 5a3921a1 Sofia Papagiannaki
ASTAKOS_ENABLE_LOCAL_ACCOUNT_MIGRATION      True                                                                            Permits local account migration
144 5a3921a1 Sofia Papagiannaki
ASTAKOS_SHIBBOLETH_REQUIRE_NAME_INFO        False                                                                           Strict shibboleth usage
145 5a3921a1 Sofia Papagiannaki
ASTAKOS_PROJECT_MEMBER_JOIN_POLICIES        {'1':'automatically accepted', '2':'owner accepts', '3':'closed'}               Text to be displayed in project member join policy dropdown
146 5a3921a1 Sofia Papagiannaki
ASTAKOS_PROJECT_MEMBER_LEAVE_POLICIES       {'1':'automatically accepted', '2':'owner accepts', '3':'closed'}               Text to be displayed in project member leave policy dropdown
147 5a3921a1 Sofia Papagiannaki
ASTAKOS_ACTIVATION_REDIRECT_URL             "/im/landing"
148 5a3921a1 Sofia Papagiannaki
ASTAKOS_TRANSLATE_UUIDS                     False                                                                           If true, this enables a ui compatibility layer for the introduction of UUIDs in identity management.
149 5a3921a1 Sofia Papagiannaki
                                                                                                                            WARNING: Setting to True will break your installation.
150 5a3921a1 Sofia Papagiannaki
ASTAKOS_PROJECT_ADMINS                      set()                                                                           Users to approve/deny project applications
151 5a3921a1 Sofia Papagiannaki
ASTAKOS_TWITTER_TOKEN                       ''                                                                              Oauth2 twitter token
152 5a3921a1 Sofia Papagiannaki
ASTAKOS_TWITTER_SECRET                      ''                                                                              Oauth2 twitter secret
153 5a3921a1 Sofia Papagiannaki
ASTAKOS_TWITTER_AUTH_FORCE_LOGIN            Fals
154 5a3921a1 Sofia Papagiannaki
ASTAKOS_GOOGLE_CLIENT_ID                    ''                                                                              Oauth2 google client id
155 5a3921a1 Sofia Papagiannaki
ASTAKOS_GOOGLE_SECRET                       ''                                                                              Oauth2 google secret
156 5a3921a1 Sofia Papagiannaki
ASTAKOS_LINKEDIN_TOKEN                      ''                                                                              Oauth2 LinkedIn token
157 5a3921a1 Sofia Papagiannaki
ASTAKOS_LINKEDIN_SECRET                     ''                                                                              Oauth2 LinkedIn secret
158 b03877be Sofia Papagiannaki
=========================================== =============================================================================   ===========================================================================================
159 e0bfcf77 Antony Chazapis
160 e0bfcf77 Antony Chazapis
Administrator functions
161 e0bfcf77 Antony Chazapis
-----------------------
162 e0bfcf77 Antony Chazapis
163 e0bfcf77 Antony Chazapis
Available as extensions to Django's command-line management utility:
164 e0bfcf77 Antony Chazapis
165 f85992bc Sofia Papagiannaki
============================  ===========================
166 f85992bc Sofia Papagiannaki
Name                          Description
167 f85992bc Sofia Papagiannaki
============================  ===========================
168 f85992bc Sofia Papagiannaki
fix-superusers                Transform superusers created by syncdb into AstakosUser instances
169 f85992bc Sofia Papagiannaki
full-cleanup                  Cleanup sessions and session catalog
170 f85992bc Sofia Papagiannaki
invitation-list               List invitation
171 f85992bc Sofia Papagiannaki
invitation-show               Show invitation details
172 f85992bc Sofia Papagiannaki
project-control               Manage projects and applications
173 f85992bc Sofia Papagiannaki
project-list                  List projects
174 f85992bc Sofia Papagiannaki
project-show                  Show project details
175 075b91de Giorgos Korfiatis
quota                         List and check the integrity of user quota
176 f85992bc Sofia Papagiannaki
reconcile-resources-astakos   Reconcile resource usage of Quotaholder with Astakos DB
177 f85992bc Sofia Papagiannaki
resource-add                  Add resource
178 f85992bc Sofia Papagiannaki
resource-export-astakos       Export astakos resources in json format
179 f85992bc Sofia Papagiannaki
resource-import               Import resources
180 f85992bc Sofia Papagiannaki
resource-list                 List resources
181 f85992bc Sofia Papagiannaki
resource-modify               Modify resources
182 f85992bc Sofia Papagiannaki
resource-remove               Remove resource
183 f85992bc Sofia Papagiannaki
service-add                   Add service
184 f85992bc Sofia Papagiannaki
service-list                  List services
185 f85992bc Sofia Papagiannaki
service-modify                Modify service
186 f85992bc Sofia Papagiannaki
service-remove                Remove service
187 f85992bc Sofia Papagiannaki
term-add                      Add approval terms
188 f85992bc Sofia Papagiannaki
user-activation-send          Send user activation
189 f85992bc Sofia Papagiannaki
user-add                      Add user
190 f85992bc Sofia Papagiannaki
user-auth-policy-add          Create a new authentication provider policy profile
191 f85992bc Sofia Papagiannaki
user-auth-policy-list         List existing authentication provider policy profiles
192 f85992bc Sofia Papagiannaki
user-auth-policy-remove       Remove an authentication provider policy
193 f85992bc Sofia Papagiannaki
user-auth-policy-set          Assign an existing authentication provider policy profile to a user or group
194 f85992bc Sofia Papagiannaki
user-auth-policy-show         Show authentication provider profile details
195 f85992bc Sofia Papagiannaki
user-group-add                Create a group with the given name
196 f85992bc Sofia Papagiannaki
user-group-list               List available groups
197 f85992bc Sofia Papagiannaki
user-invite                   Invite somebody
198 f85992bc Sofia Papagiannaki
user-list                     List users
199 f85992bc Sofia Papagiannaki
user-modify                   Modify user
200 f85992bc Sofia Papagiannaki
user-show                     Show user details
201 f85992bc Sofia Papagiannaki
============================  ===========================