forked from TagesschuleElementa/www.tagesschule-elementa.ch
downgrade aldryn-sso 1.4.2 to 1.3.1
This commit is contained in:
@@ -1,141 +1,141 @@
|
||||
# -*- coding: utf-8 -*-
|
||||
from aldryn_client import forms
|
||||
|
||||
|
||||
class Form(forms.BaseForm):
|
||||
hide_user_management = forms.CheckboxField(
|
||||
'Hide user management',
|
||||
required=False,
|
||||
initial=False,
|
||||
)
|
||||
|
||||
def to_settings(self, data, settings):
|
||||
from functools import partial
|
||||
from aldryn_addons.exceptions import ImproperlyConfigured
|
||||
from aldryn_addons.utils import boolean_ish
|
||||
from aldryn_addons.utils import djsenv
|
||||
from simple_sso.compat import reverse_lazy
|
||||
|
||||
def boolean_ish_or(value, or_values=()):
|
||||
if value in or_values:
|
||||
return value
|
||||
return boolean_ish(value)
|
||||
|
||||
env = partial(djsenv, settings=settings)
|
||||
|
||||
if settings.get('MIDDLEWARE'):
|
||||
# Django>=1.10
|
||||
MIDDLEWARE = settings['MIDDLEWARE']
|
||||
else:
|
||||
# Django<1.10
|
||||
MIDDLEWARE = settings['MIDDLEWARE_CLASSES']
|
||||
|
||||
settings['ALDRYN_SSO_HIDE_USER_MANAGEMENT'] = data['hide_user_management']
|
||||
|
||||
# if the SSO button is the only configured login option: redirect right
|
||||
# to the login without showing the page.
|
||||
settings['ALDRYN_SSO_ENABLE_AUTO_SSO_LOGIN'] = boolean_ish(
|
||||
env('ALDRYN_SSO_ENABLE_AUTO_SSO_LOGIN', True)
|
||||
)
|
||||
|
||||
settings['SSO_DSN'] = env('SSO_DSN')
|
||||
|
||||
settings['LOGIN_REDIRECT_URL'] = '/'
|
||||
|
||||
settings['ALDRYN_SSO_ENABLE_SSO_LOGIN'] = boolean_ish(
|
||||
env(
|
||||
'ALDRYN_SSO_ENABLE_SSO_LOGIN',
|
||||
default=boolean_ish(settings['SSO_DSN']),
|
||||
)
|
||||
)
|
||||
|
||||
settings['ALDRYN_SSO_ENABLE_LOGIN_FORM'] = boolean_ish(
|
||||
env(
|
||||
'ALDRYN_SSO_ENABLE_LOGIN_FORM',
|
||||
default=not settings['ALDRYN_SSO_HIDE_USER_MANAGEMENT'],
|
||||
)
|
||||
)
|
||||
|
||||
settings['ALDRYN_SSO_ENABLE_LOCALDEV'] = boolean_ish(
|
||||
env(
|
||||
'ALDRYN_SSO_ENABLE_LOCALDEV',
|
||||
default=env('STAGE') == 'local',
|
||||
)
|
||||
)
|
||||
|
||||
settings['ALDRYN_SSO_ALWAYS_REQUIRE_LOGIN'] = boolean_ish_or(
|
||||
env(
|
||||
'ALDRYN_SSO_ALWAYS_REQUIRE_LOGIN',
|
||||
default=env('STAGE') == 'test',
|
||||
),
|
||||
or_values=(
|
||||
'basicauth',
|
||||
)
|
||||
)
|
||||
|
||||
settings['ALDRYN_SSO_LOGIN_WHITE_LIST'] = env(
|
||||
'ALDRYN_SSO_LOGIN_WHITE_LIST',
|
||||
default=[]
|
||||
)
|
||||
|
||||
settings['ADDON_URLS'].append('aldryn_sso.urls')
|
||||
settings['ADDON_URLS_I18N'].append('aldryn_sso.urls_i18n')
|
||||
|
||||
# aldryn_sso must be after django.contrib.admin so it can unregister
|
||||
# the User/Group Admin if necessary.
|
||||
settings['INSTALLED_APPS'].insert(
|
||||
settings['INSTALLED_APPS'].index('django.contrib.admin'),
|
||||
'aldryn_sso'
|
||||
)
|
||||
|
||||
if settings['ALDRYN_SSO_ENABLE_SSO_LOGIN']:
|
||||
# Expire user session every day because:
|
||||
# Users can change their data on the SSO server.
|
||||
# We cannot do a sync of "recently changed" user data due to these reasons:
|
||||
# - security risk, leaking user data to unauthorized websites,
|
||||
# - it would require some periodic tasks (celery?),
|
||||
# - stage websites are being paused during which the sync wouldn't work
|
||||
settings['CLOUD_USER_SESSION_EXPIRATION'] = 24 * 60 * 60 # 24h = 1day
|
||||
if not settings['SSO_DSN']:
|
||||
raise ImproperlyConfigured(
|
||||
'ALDRYN_SSO_ENABLE_SSO_LOGIN is True, but no SSO_DSN is set.')
|
||||
if settings['ALDRYN_SSO_ALWAYS_REQUIRE_LOGIN'] == 'basicauth':
|
||||
basicauth_user = env('ALDRYN_SSO_BASICAUTH_USER')
|
||||
basicauth_password = env('ALDRYN_SSO_BASICAUTH_PASSWORD')
|
||||
if basicauth_user and basicauth_password:
|
||||
settings['ALDRYN_SSO_BASICAUTH_USER'] = basicauth_user
|
||||
settings['ALDRYN_SSO_BASICAUTH_PASSWORD'] = basicauth_password
|
||||
else:
|
||||
raise ImproperlyConfigured(
|
||||
'ALDRYN_SSO_ALWAYS_REQUIRE_LOGIN set to "basicauth", but ALDRYN_SSO_BASICAUTH_USER and ALDRYN_SSO_BASICAUTH_PASSWORD not set'
|
||||
)
|
||||
position = MIDDLEWARE.index('django.contrib.auth.middleware.AuthenticationMiddleware') + 1
|
||||
MIDDLEWARE.insert(position, 'aldryn_sso.middleware.BasicAuthAccessControlMiddleware')
|
||||
elif settings['ALDRYN_SSO_ALWAYS_REQUIRE_LOGIN']:
|
||||
position = MIDDLEWARE.index('django.contrib.auth.middleware.AuthenticationMiddleware') + 1
|
||||
MIDDLEWARE.insert(position, 'aldryn_sso.middleware.AccessControlMiddleware')
|
||||
settings['ALDRYN_SSO_LOGIN_WHITE_LIST'].extend([
|
||||
reverse_lazy('simple-sso-login'),
|
||||
reverse_lazy('aldryn_sso_login'),
|
||||
reverse_lazy('aldryn_sso_localdev_login'),
|
||||
reverse_lazy('aldryn_localdev_create_user'),
|
||||
])
|
||||
|
||||
if settings['ALDRYN_SSO_ALWAYS_REQUIRE_LOGIN']:
|
||||
settings['SHARING_VIEW_ONLY_TOKEN_KEY_NAME'] = env('SHARING_VIEW_ONLY_TOKEN_KEY_NAME')
|
||||
settings['SHARING_VIEW_ONLY_SECRET_TOKEN'] = env('SHARING_VIEW_ONLY_SECRET_TOKEN')
|
||||
|
||||
settings['ALDRYN_SSO_OVERIDE_ADMIN_LOGIN_VIEW'] = env(
|
||||
'ALDRYN_SSO_OVERIDE_ADMIN_LOGIN_VIEW',
|
||||
any([
|
||||
settings['ALDRYN_SSO_ENABLE_SSO_LOGIN'],
|
||||
settings['ALDRYN_SSO_ENABLE_LOGIN_FORM'],
|
||||
settings['ALDRYN_SSO_ENABLE_LOCALDEV'],
|
||||
])
|
||||
)
|
||||
|
||||
if settings['ALDRYN_SSO_OVERIDE_ADMIN_LOGIN_VIEW']:
|
||||
# configure our combined login view to be the default
|
||||
settings['LOGIN_URL'] = 'aldryn_sso_login'
|
||||
# see admin.py for how we force admin to use this view as well
|
||||
return settings
|
||||
# -*- coding: utf-8 -*-
|
||||
from aldryn_client import forms
|
||||
|
||||
|
||||
class Form(forms.BaseForm):
|
||||
hide_user_management = forms.CheckboxField(
|
||||
'Hide user management',
|
||||
required=False,
|
||||
initial=False,
|
||||
)
|
||||
|
||||
def to_settings(self, data, settings):
|
||||
from functools import partial
|
||||
from aldryn_addons.exceptions import ImproperlyConfigured
|
||||
from aldryn_addons.utils import boolean_ish
|
||||
from aldryn_addons.utils import djsenv
|
||||
from simple_sso.compat import reverse_lazy
|
||||
|
||||
def boolean_ish_or(value, or_values=()):
|
||||
if value in or_values:
|
||||
return value
|
||||
return boolean_ish(value)
|
||||
|
||||
env = partial(djsenv, settings=settings)
|
||||
|
||||
if settings.get('MIDDLEWARE'):
|
||||
# Django>=1.10
|
||||
MIDDLEWARE = settings['MIDDLEWARE']
|
||||
else:
|
||||
# Django<1.10
|
||||
MIDDLEWARE = settings['MIDDLEWARE_CLASSES']
|
||||
|
||||
settings['ALDRYN_SSO_HIDE_USER_MANAGEMENT'] = data['hide_user_management']
|
||||
|
||||
# if the SSO button is the only configured login option: redirect right
|
||||
# to the login without showing the page.
|
||||
settings['ALDRYN_SSO_ENABLE_AUTO_SSO_LOGIN'] = boolean_ish(
|
||||
env('ALDRYN_SSO_ENABLE_AUTO_SSO_LOGIN', True)
|
||||
)
|
||||
|
||||
settings['SSO_DSN'] = env('SSO_DSN')
|
||||
|
||||
settings['LOGIN_REDIRECT_URL'] = '/'
|
||||
|
||||
settings['ALDRYN_SSO_ENABLE_SSO_LOGIN'] = boolean_ish(
|
||||
env(
|
||||
'ALDRYN_SSO_ENABLE_SSO_LOGIN',
|
||||
default=boolean_ish(settings['SSO_DSN']),
|
||||
)
|
||||
)
|
||||
|
||||
settings['ALDRYN_SSO_ENABLE_LOGIN_FORM'] = boolean_ish(
|
||||
env(
|
||||
'ALDRYN_SSO_ENABLE_LOGIN_FORM',
|
||||
default=not settings['ALDRYN_SSO_HIDE_USER_MANAGEMENT'],
|
||||
)
|
||||
)
|
||||
|
||||
settings['ALDRYN_SSO_ENABLE_LOCALDEV'] = boolean_ish(
|
||||
env(
|
||||
'ALDRYN_SSO_ENABLE_LOCALDEV',
|
||||
default=env('STAGE') == 'local',
|
||||
)
|
||||
)
|
||||
|
||||
settings['ALDRYN_SSO_ALWAYS_REQUIRE_LOGIN'] = boolean_ish_or(
|
||||
env(
|
||||
'ALDRYN_SSO_ALWAYS_REQUIRE_LOGIN',
|
||||
default=env('STAGE') == 'test',
|
||||
),
|
||||
or_values=(
|
||||
'basicauth',
|
||||
)
|
||||
)
|
||||
|
||||
settings['ALDRYN_SSO_LOGIN_WHITE_LIST'] = env(
|
||||
'ALDRYN_SSO_LOGIN_WHITE_LIST',
|
||||
default=[]
|
||||
)
|
||||
|
||||
settings['ADDON_URLS'].append('aldryn_sso.urls')
|
||||
settings['ADDON_URLS_I18N'].append('aldryn_sso.urls_i18n')
|
||||
|
||||
# aldryn_sso must be after django.contrib.admin so it can unregister
|
||||
# the User/Group Admin if necessary.
|
||||
settings['INSTALLED_APPS'].insert(
|
||||
settings['INSTALLED_APPS'].index('django.contrib.admin'),
|
||||
'aldryn_sso'
|
||||
)
|
||||
|
||||
if settings['ALDRYN_SSO_ENABLE_SSO_LOGIN']:
|
||||
# Expire user session every day because:
|
||||
# Users can change their data on the SSO server.
|
||||
# We cannot do a sync of "recently changed" user data due to these reasons:
|
||||
# - security risk, leaking user data to unauthorized websites,
|
||||
# - it would require some periodic tasks (celery?),
|
||||
# - stage websites are being paused during which the sync wouldn't work
|
||||
settings['CLOUD_USER_SESSION_EXPIRATION'] = 24 * 60 * 60 # 24h = 1day
|
||||
if not settings['SSO_DSN']:
|
||||
raise ImproperlyConfigured(
|
||||
'ALDRYN_SSO_ENABLE_SSO_LOGIN is True, but no SSO_DSN is set.')
|
||||
if settings['ALDRYN_SSO_ALWAYS_REQUIRE_LOGIN'] == 'basicauth':
|
||||
basicauth_user = env('ALDRYN_SSO_BASICAUTH_USER')
|
||||
basicauth_password = env('ALDRYN_SSO_BASICAUTH_PASSWORD')
|
||||
if basicauth_user and basicauth_password:
|
||||
settings['ALDRYN_SSO_BASICAUTH_USER'] = basicauth_user
|
||||
settings['ALDRYN_SSO_BASICAUTH_PASSWORD'] = basicauth_password
|
||||
else:
|
||||
raise ImproperlyConfigured(
|
||||
'ALDRYN_SSO_ALWAYS_REQUIRE_LOGIN set to "basicauth", but ALDRYN_SSO_BASICAUTH_USER and ALDRYN_SSO_BASICAUTH_PASSWORD not set'
|
||||
)
|
||||
position = MIDDLEWARE.index('django.contrib.auth.middleware.AuthenticationMiddleware') + 1
|
||||
MIDDLEWARE.insert(position, 'aldryn_sso.middleware.BasicAuthAccessControlMiddleware')
|
||||
elif settings['ALDRYN_SSO_ALWAYS_REQUIRE_LOGIN']:
|
||||
position = MIDDLEWARE.index('django.contrib.auth.middleware.AuthenticationMiddleware') + 1
|
||||
MIDDLEWARE.insert(position, 'aldryn_sso.middleware.AccessControlMiddleware')
|
||||
settings['ALDRYN_SSO_LOGIN_WHITE_LIST'].extend([
|
||||
reverse_lazy('simple-sso-login'),
|
||||
reverse_lazy('aldryn_sso_login'),
|
||||
reverse_lazy('aldryn_sso_localdev_login'),
|
||||
reverse_lazy('aldryn_localdev_create_user'),
|
||||
])
|
||||
|
||||
if settings['ALDRYN_SSO_ALWAYS_REQUIRE_LOGIN']:
|
||||
settings['SHARING_VIEW_ONLY_TOKEN_KEY_NAME'] = env('SHARING_VIEW_ONLY_TOKEN_KEY_NAME')
|
||||
settings['SHARING_VIEW_ONLY_SECRET_TOKEN'] = env('SHARING_VIEW_ONLY_SECRET_TOKEN')
|
||||
|
||||
settings['ALDRYN_SSO_OVERIDE_ADMIN_LOGIN_VIEW'] = env(
|
||||
'ALDRYN_SSO_OVERIDE_ADMIN_LOGIN_VIEW',
|
||||
any([
|
||||
settings['ALDRYN_SSO_ENABLE_SSO_LOGIN'],
|
||||
settings['ALDRYN_SSO_ENABLE_LOGIN_FORM'],
|
||||
settings['ALDRYN_SSO_ENABLE_LOCALDEV'],
|
||||
])
|
||||
)
|
||||
|
||||
if settings['ALDRYN_SSO_OVERIDE_ADMIN_LOGIN_VIEW']:
|
||||
# configure our combined login view to be the default
|
||||
settings['LOGIN_URL'] = 'aldryn_sso_login'
|
||||
# see admin.py for how we force admin to use this view as well
|
||||
return settings
|
||||
@@ -1,7 +1,7 @@
|
||||
# <INSTALLED_ADDONS> # Warning: text inside the INSTALLED_ADDONS tags is auto-generated. Manual changes will be overwritten.
|
||||
https://control.divio.com/api/v1/apps/serve/aldryn-addons/1.0.2/24f5d1c8-66fe-43b2-a540-17d61045a72b/aldryn-addons-1.0.2.tar.gz#egg=aldryn-addons==1.0.2
|
||||
https://control.divio.com/api/v1/apps/serve/aldryn-django/1.11.15.1/f9e543d2-3127-4458-b0f5-d69d282bf0ac/aldryn-django-1.11.15.1.tar.gz#egg=aldryn-django==1.11.15.1
|
||||
https://control.divio.com/api/v1/apps/serve/aldryn-sso/1.4.2/c412d140-5f9b-429a-801f-785f386c3228/aldryn-sso-1.4.2.tar.gz#egg=aldryn-sso==1.4.2
|
||||
https://control.divio.com/api/v1/apps/serve/aldryn-sso/1.3.1/f6351558-64b2-4205-b407-cd49b6372463/aldryn-sso-1.3.1.tar.gz#egg=aldryn-sso==1.3.1
|
||||
https://control.divio.com/api/v1/apps/serve/aldryn-django-cms/3.5.2.2/88bf7991-90a3-4c98-acf5-42c3fa14e2a4/aldryn-django-cms-3.5.2.2.tar.gz#egg=aldryn-django-cms==3.5.2.2
|
||||
https://control.divio.com/api/v1/apps/serve/aldryn-forms/3.0.4/7e972f96-36f6-484b-96c7-bce255b87aa9/aldryn-forms-3.0.4.tar.gz#egg=aldryn-forms==3.0.4
|
||||
https://control.divio.com/api/v1/apps/serve/aldryn-haystack/0.5.1/bf04cc01-9855-4659-843e-05379cec9ac6/aldryn-haystack-0.5.1.tar.gz#egg=aldryn-haystack==0.5.1
|
||||
|
||||
Reference in New Issue
Block a user