gestioCOF/gestioasso/settings_cof.py

"""
Django settings for the gestioCOF project.
"""

import os
from datetime import datetime, timedelta
from pathlib import Path

from django.urls import reverse_lazy
from loadcredential import Credentials

credentials = Credentials(env_prefix="GESTIOCOF_")

# Build paths inside the project like this: BASE_DIR / 'subdir'.
BASE_DIR = Path(__file__).resolve().parent.parent

# WARNING: keep the secret key used in production secret!
SECRET_KEY = credentials["SECRET_KEY"]

# WARNING: don't run with debug turned on in production!
DEBUG = credentials.get_json("DEBUG", False)

ALLOWED_HOSTS = credentials.get_json("ALLOWED_HOSTS", [])
ADMINS = credentials.get_json("ADMINS", [])

SERVER_EMAIL = credentials.get("SERVER_EMAIL")
EMAIL_HOST = credentials.get("EMAIL_HOST")

LDAP_SERVER_URL = credentials.get("LDAP_SERVER_URL")

DEFAULT_AUTO_FIELD = "django.db.models.AutoField"


##
# Installed Apps configuration

INSTALLED_APPS = [
    "gestioncof",
    # Must be before django admin
    # https://github.com/infoportugal/wagtail-modeltranslation/issues/193
    "wagtail_modeltranslation",
    "wagtail_modeltranslation.makemigrations",
    "wagtail_modeltranslation.migrate",
    "modeltranslation",
    "shared",
    # Must be before 'django.contrib.admin'.
    # https://django-autocomplete-light.readthedocs.io/en/master/install.html
    "dal",
    "dal_select2",
    "django.contrib.auth",
    "django.contrib.contenttypes",
    "django.contrib.sessions",
    "django.contrib.sites",
    "django.contrib.messages",
    "django.contrib.admin",
    "django.contrib.admindocs",
    "gestioasso.apps.IgnoreSrcStaticFilesConfig",
    "django_cas_ng",
    "bootstrapform",
    "widget_tweaks",
    "bda",
    "petitscours",
    "hcaptcha",
    "kfet",
    "kfet.open",
    "channels",
    "djconfig",
    "wagtail.contrib.forms",
    "wagtail.contrib.redirects",
    "wagtail.embeds",
    "wagtail.sites",
    "wagtail.users",
    "wagtail.snippets",
    "wagtail.documents",
    "wagtail.images",
    "wagtail.search",
    "wagtail.admin",
    "wagtail",
    # "wagtail.contrib.modeladmin",
    "wagtail.contrib.routable_page",
    "wagtailmenus",
    "modelcluster",
    "taggit",
    "kfet.auth",
    "kfet.cms",
    "gestioncof.cms",
    "django_js_reverse",
]


##
# Middleware configuration

MIDDLEWARE = [
    "corsheaders.middleware.CorsMiddleware",
    "django.contrib.sessions.middleware.SessionMiddleware",
    "django.middleware.common.CommonMiddleware",
    "django.middleware.csrf.CsrfViewMiddleware",
    "django.contrib.auth.middleware.AuthenticationMiddleware",
    "django.contrib.messages.middleware.MessageMiddleware",
    "django.middleware.clickjacking.XFrameOptionsMiddleware",
    "django.middleware.security.SecurityMiddleware",
    "django.middleware.locale.LocaleMiddleware",
    "djconfig.middleware.DjConfigMiddleware",
    "wagtail.contrib.redirects.middleware.RedirectMiddleware",
]


##
# URL configuration

ROOT_URLCONF = "gestioasso.urls"


##
# Templates configuration

TEMPLATES = [
    {
        "BACKEND": "django.template.backends.django.DjangoTemplates",
        "APP_DIRS": True,
        "OPTIONS": {
            "context_processors": [
                "wagtailmenus.context_processors.wagtailmenus",
                "djconfig.context_processors.config",
                "gestioncof.shared.context_processor",
                "kfet.auth.context_processors.temporary_auth",
                "kfet.context_processors.config",
                "django.template.context_processors.debug",
                "django.template.context_processors.request",
                "django.contrib.auth.context_processors.auth",
                "django.contrib.messages.context_processors.messages",
                "django.template.context_processors.i18n",
                "django.template.context_processors.media",
                "django.template.context_processors.static",
            ]
        },
    }
]


##
# Wagtail configuration

WAGTAIL_SITE_NAME = "GestioCOF"
WAGTAIL_ENABLE_UPDATE_CHECK = False
TAGGIT_CASE_INSENSITIVE = True

##
# Django-js-reverse settings

JS_REVERSE_JS_VAR_NAME = "django_urls"
# Quand on aura namespace les urls...
# JS_REVERSE_INCLUDE_ONLY_NAMESPACES = ['k-fet']

##
# K-Fêt history configuration

# L'historique n'est accesible que d'aujourd'hui
# à aujourd'hui - KFET_HISTORY_DATE_LIMIT
KFET_HISTORY_DATE_LIMIT = timedelta(days=7)

# Limite plus longue pour les chefs/trez
# (qui ont la permission kfet.access_old_history)
KFET_HISTORY_LONG_DATE_LIMIT = timedelta(days=30)

# These accounts don't represent actual people and can be freely accessed
# Identification based on trigrammes
KFET_HISTORY_NO_DATE_LIMIT_TRIGRAMMES = ["LIQ", "#13"]
KFET_HISTORY_NO_DATE_LIMIT = datetime(1794, 10, 30)  # AKA the distant past


##
# Database configuration

DATABASES = credentials.get_json(
    "DATABASES",
    default={
        "default": {
            "ENGINE": "django.db.backends.sqlite3",
            "NAME": (BASE_DIR / "db.sqlite3"),
        }
    },
)

CACHES = credentials.get_json(
    "CACHES",
    default={
        "default": {
            "BACKEND": "django.core.cache.backends.locmem.LocMemCache",
        },
    },
)

CHANNEL_LAYERS = credentials.get_json(
    "CHANNEL_LAYERS",
    default={
        "default": {
            "BACKEND": "channels.layers.InMemoryChannelLayer",
        }
    },
)

CORS_ORIGIN_WHITELIST = credentials.get("CORS_ORIGIN_WHITELIST", [])


SITE_ID = 1


###
# Staticfiles configuration

STATIC_ROOT = credentials["STATIC_ROOT"]
STATIC_URL = "/static/"

MEDIA_ROOT = credentials.get("MEDIA_ROOT", (BASE_DIR / "media"))
MEDIA_URL = "/media/"


##
# Authentication configuration

AUTHENTICATION_BACKENDS = [
    "kfet.auth.backends.BlockFrozenAccountBackend",  # Must be in first
    "django.contrib.auth.backends.ModelBackend",
    "gestioncof.shared.COFCASBackend",
    "kfet.auth.backends.GenericBackend",
]

LOGIN_URL = "cof-login"
LOGIN_REDIRECT_URL = reverse_lazy("home")

# FIXME: Switch to authens
CAS_SERVER_URL = "https://cas.eleves.ens.fr/"
CAS_VERSION = "2"
CAS_LOGIN_MSG = None
CAS_IGNORE_REFERER = True
CAS_REDIRECT_URL = "/"
CAS_EMAIL_FORMAT = "%s@clipper.ens.fr"


##
# h-captcha configuration

HCAPTCHA_SITEKEY = credentials["HCAPTCHA_SITEKEY"]
HCAPTCHA_SECRET = credentials["HCAPTCHA_SECRET"]

##
# K-Fêt token for the openness indicator

KFETOPEN_TOKEN = credentials["KFETOPEN_TOKEN"]


##
# Mail configuration

MAIL_DATA = {
    "petits_cours": {
        "FROM": "Le COF <cof@ens.fr>",
        "BCC": "archivescof@gmail.com",
        "REPLYTO": "cof@ens.fr",
    },
    "rappels": {
        "FROM": "Le BdA <bda@ens.fr>",
        "REPLYTO": "Le BdA <bda@ens.fr>",
    },
    "rappel_negatif": {
        "FROM": "La K-Fêt <chefs-k-fet@ens.fr>",
        "REPLYTO": "La K-Fêt <chefs-k-fet@ens.fr>",
    },
    "revente": {
        "FROM": "BdA-Revente <bda-revente@ens.fr>",
        "REPLYTO": "BdA-Revente <bda-revente@ens.fr>",
    },
}


# ---
# Internationalization
# https://docs.djangoproject.com/en/1.8/topics/i18n/
# ---

LANGUAGE_CODE = "fr-fr"
TIME_ZONE = "Europe/Paris"
USE_I18N = True
USE_L10N = True
USE_TZ = True
LANGUAGES = (("fr", "Français"), ("en", "English"))
FORMAT_MODULE_PATH = "gestioasso.locale"

##
# Development configuration

if DEBUG:
    EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"

    def show_toolbar(request):
        """
        On active la debug-toolbar en mode développement local sauf :
        - dans l'admin où ça ne sert pas à grand chose;
        - si la variable d'environnement DJANGO_NO_DDT est à 1 → ça permet de la désactiver
          sans modifier ce fichier en exécutant `export DJANGO_NO_DDT=1` dans le terminal
          qui lance `./manage.py runserver`.

        Autre side effect de cette fonction : on ne fait pas la vérification de INTERNAL_IPS
        que ferait la debug-toolbar par défaut, ce qui la fait fonctionner aussi à
        l'intérieur de Vagrant (comportement non testé depuis un moment…)
        """

        env_no_ddt = bool(os.environ.get("DJANGO_NO_DDT", None))
        return not (env_no_ddt or request.path.startswith("/admin/"))

    ##
    # Django Debug Toolbar configuration

    DEBUG_TOOLBAR_CONFIG = {"SHOW_TOOLBAR_CALLBACK": show_toolbar}
    INSTALLED_APPS += ["debug_toolbar"]
    MIDDLEWARE = ["debug_toolbar.middleware.DebugToolbarMiddleware"] + MIDDLEWARE
feat: Refactor settings 2024-12-28 21:25:06 +01:00			`"""`
			`Django settings for the gestioCOF project.`
			`"""`

			`import os`
			`from datetime import datetime, timedelta`
			`from pathlib import Path`

			`from django.urls import reverse_lazy`
			`from loadcredential import Credentials`

			`credentials = Credentials(env_prefix="GESTIOCOF_")`

			`# Build paths inside the project like this: BASE_DIR / 'subdir'.`
			`BASE_DIR = Path(__file__).resolve().parent.parent`

			`# WARNING: keep the secret key used in production secret!`
			`SECRET_KEY = credentials["SECRET_KEY"]`

			`# WARNING: don't run with debug turned on in production!`
			`DEBUG = credentials.get_json("DEBUG", False)`

			`ALLOWED_HOSTS = credentials.get_json("ALLOWED_HOSTS", [])`
			`ADMINS = credentials.get_json("ADMINS", [])`

			`SERVER_EMAIL = credentials.get("SERVER_EMAIL")`
			`EMAIL_HOST = credentials.get("EMAIL_HOST")`

			`LDAP_SERVER_URL = credentials.get("LDAP_SERVER_URL")`

			`DEFAULT_AUTO_FIELD = "django.db.models.AutoField"`


			`##`
			`# Installed Apps configuration`

			`INSTALLED_APPS = [`
			`"gestioncof",`
			`# Must be before django admin`
			`# https://github.com/infoportugal/wagtail-modeltranslation/issues/193`
			`"wagtail_modeltranslation",`
			`"wagtail_modeltranslation.makemigrations",`
			`"wagtail_modeltranslation.migrate",`
			`"modeltranslation",`
			`"shared",`
			`# Must be before 'django.contrib.admin'.`
			`# https://django-autocomplete-light.readthedocs.io/en/master/install.html`
			`"dal",`
			`"dal_select2",`
			`"django.contrib.auth",`
			`"django.contrib.contenttypes",`
			`"django.contrib.sessions",`
			`"django.contrib.sites",`
			`"django.contrib.messages",`
			`"django.contrib.admin",`
			`"django.contrib.admindocs",`
			`"gestioasso.apps.IgnoreSrcStaticFilesConfig",`
			`"django_cas_ng",`
			`"bootstrapform",`
			`"widget_tweaks",`
			`"bda",`
			`"petitscours",`
			`"hcaptcha",`
			`"kfet",`
			`"kfet.open",`
			`"channels",`
			`"djconfig",`
			`"wagtail.contrib.forms",`
			`"wagtail.contrib.redirects",`
			`"wagtail.embeds",`
			`"wagtail.sites",`
			`"wagtail.users",`
			`"wagtail.snippets",`
			`"wagtail.documents",`
			`"wagtail.images",`
			`"wagtail.search",`
			`"wagtail.admin",`
			`"wagtail",`
			`# "wagtail.contrib.modeladmin",`
			`"wagtail.contrib.routable_page",`
			`"wagtailmenus",`
			`"modelcluster",`
			`"taggit",`
			`"kfet.auth",`
			`"kfet.cms",`
			`"gestioncof.cms",`
			`"django_js_reverse",`
			`]`


			`##`
			`# Middleware configuration`

			`MIDDLEWARE = [`
			`"corsheaders.middleware.CorsMiddleware",`
			`"django.contrib.sessions.middleware.SessionMiddleware",`
			`"django.middleware.common.CommonMiddleware",`
			`"django.middleware.csrf.CsrfViewMiddleware",`
			`"django.contrib.auth.middleware.AuthenticationMiddleware",`
			`"django.contrib.messages.middleware.MessageMiddleware",`
			`"django.middleware.clickjacking.XFrameOptionsMiddleware",`
			`"django.middleware.security.SecurityMiddleware",`
			`"django.middleware.locale.LocaleMiddleware",`
			`"djconfig.middleware.DjConfigMiddleware",`
			`"wagtail.contrib.redirects.middleware.RedirectMiddleware",`
			`]`


			`##`
			`# URL configuration`

			`ROOT_URLCONF = "gestioasso.urls"`


			`##`
			`# Templates configuration`

			`TEMPLATES = [`
			`{`
			`"BACKEND": "django.template.backends.django.DjangoTemplates",`
			`"APP_DIRS": True,`
			`"OPTIONS": {`
			`"context_processors": [`
			`"wagtailmenus.context_processors.wagtailmenus",`
			`"djconfig.context_processors.config",`
			`"gestioncof.shared.context_processor",`
			`"kfet.auth.context_processors.temporary_auth",`
			`"kfet.context_processors.config",`
			`"django.template.context_processors.debug",`
			`"django.template.context_processors.request",`
			`"django.contrib.auth.context_processors.auth",`
			`"django.contrib.messages.context_processors.messages",`
			`"django.template.context_processors.i18n",`
			`"django.template.context_processors.media",`
			`"django.template.context_processors.static",`
			`]`
			`},`
			`}`
			`]`


			`##`
			`# Wagtail configuration`

			`WAGTAIL_SITE_NAME = "GestioCOF"`
			`WAGTAIL_ENABLE_UPDATE_CHECK = False`
			`TAGGIT_CASE_INSENSITIVE = True`

			`##`
			`# Django-js-reverse settings`

			`JS_REVERSE_JS_VAR_NAME = "django_urls"`
			`# Quand on aura namespace les urls...`
			`# JS_REVERSE_INCLUDE_ONLY_NAMESPACES = ['k-fet']`

			`##`
			`# K-Fêt history configuration`

			`# L'historique n'est accesible que d'aujourd'hui`
			`# à aujourd'hui - KFET_HISTORY_DATE_LIMIT`
			`KFET_HISTORY_DATE_LIMIT = timedelta(days=7)`

			`# Limite plus longue pour les chefs/trez`
			`# (qui ont la permission kfet.access_old_history)`
			`KFET_HISTORY_LONG_DATE_LIMIT = timedelta(days=30)`

			`# These accounts don't represent actual people and can be freely accessed`
			`# Identification based on trigrammes`
			`KFET_HISTORY_NO_DATE_LIMIT_TRIGRAMMES = ["LIQ", "#13"]`
			`KFET_HISTORY_NO_DATE_LIMIT = datetime(1794, 10, 30) # AKA the distant past`


			`##`
			`# Database configuration`

			`DATABASES = credentials.get_json(`
			`"DATABASES",`
			`default={`
			`"default": {`
			`"ENGINE": "django.db.backends.sqlite3",`
			`"NAME": (BASE_DIR / "db.sqlite3"),`
			`}`
			`},`
			`)`

			`CACHES = credentials.get_json(`
			`"CACHES",`
			`default={`
			`"default": {`
			`"BACKEND": "django.core.cache.backends.locmem.LocMemCache",`
			`},`
			`},`
			`)`

			`CHANNEL_LAYERS = credentials.get_json(`
			`"CHANNEL_LAYERS",`
			`default={`
			`"default": {`
			`"BACKEND": "channels.layers.InMemoryChannelLayer",`
			`}`
			`},`
			`)`

			`CORS_ORIGIN_WHITELIST = credentials.get("CORS_ORIGIN_WHITELIST", [])`


			`SITE_ID = 1`


			`###`
			`# Staticfiles configuration`

			`STATIC_ROOT = credentials["STATIC_ROOT"]`
fix(cof_settings): Serve files at the right url 2025-01-11 14:39:49 +01:00			`STATIC_URL = "/static/"`
feat: Refactor settings 2024-12-28 21:25:06 +01:00
			`MEDIA_ROOT = credentials.get("MEDIA_ROOT", (BASE_DIR / "media"))`
fix(cof_settings): Serve files at the right url 2025-01-11 14:39:49 +01:00			`MEDIA_URL = "/media/"`
feat: Refactor settings 2024-12-28 21:25:06 +01:00

			`##`
			`# Authentication configuration`

			`AUTHENTICATION_BACKENDS = [`
			`"kfet.auth.backends.BlockFrozenAccountBackend", # Must be in first`
			`"django.contrib.auth.backends.ModelBackend",`
			`"gestioncof.shared.COFCASBackend",`
			`"kfet.auth.backends.GenericBackend",`
			`]`

			`LOGIN_URL = "cof-login"`
			`LOGIN_REDIRECT_URL = reverse_lazy("home")`

			`# FIXME: Switch to authens`
			`CAS_SERVER_URL = "https://cas.eleves.ens.fr/"`
			`CAS_VERSION = "2"`
			`CAS_LOGIN_MSG = None`
			`CAS_IGNORE_REFERER = True`
			`CAS_REDIRECT_URL = "/"`
			`CAS_EMAIL_FORMAT = "%s@clipper.ens.fr"`


			`##`
			`# h-captcha configuration`

			`HCAPTCHA_SITEKEY = credentials["HCAPTCHA_SITEKEY"]`
			`HCAPTCHA_SECRET = credentials["HCAPTCHA_SECRET"]`

			`##`
			`# K-Fêt token for the openness indicator`

			`KFETOPEN_TOKEN = credentials["KFETOPEN_TOKEN"]`


			`##`
			`# Mail configuration`

			`MAIL_DATA = {`
			`"petits_cours": {`
			`"FROM": "Le COF <cof@ens.fr>",`
			`"BCC": "archivescof@gmail.com",`
			`"REPLYTO": "cof@ens.fr",`
			`},`
			`"rappels": {`
			`"FROM": "Le BdA <bda@ens.fr>",`
			`"REPLYTO": "Le BdA <bda@ens.fr>",`
			`},`
			`"rappel_negatif": {`
			`"FROM": "La K-Fêt <chefs-k-fet@ens.fr>",`
			`"REPLYTO": "La K-Fêt <chefs-k-fet@ens.fr>",`
			`},`
			`"revente": {`
			`"FROM": "BdA-Revente <bda-revente@ens.fr>",`
			`"REPLYTO": "BdA-Revente <bda-revente@ens.fr>",`
			`},`
			`}`


			`# ---`
			`# Internationalization`
			`# https://docs.djangoproject.com/en/1.8/topics/i18n/`
			`# ---`

			`LANGUAGE_CODE = "fr-fr"`
			`TIME_ZONE = "Europe/Paris"`
			`USE_I18N = True`
			`USE_L10N = True`
			`USE_TZ = True`
			`LANGUAGES = (("fr", "Français"), ("en", "English"))`
			`FORMAT_MODULE_PATH = "gestioasso.locale"`

			`##`
			`# Development configuration`

			`if DEBUG:`
			`EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"`

			`def show_toolbar(request):`
			`"""`
			`On active la debug-toolbar en mode développement local sauf :`
			`- dans l'admin où ça ne sert pas à grand chose;`
			`- si la variable d'environnement DJANGO_NO_DDT est à 1 → ça permet de la désactiver`
			sans modifier ce fichier en exécutant `export DJANGO_NO_DDT=1` dans le terminal
			qui lance `./manage.py runserver`.

			`Autre side effect de cette fonction : on ne fait pas la vérification de INTERNAL_IPS`
			`que ferait la debug-toolbar par défaut, ce qui la fait fonctionner aussi à`
			`l'intérieur de Vagrant (comportement non testé depuis un moment…)`
			`"""`

			`env_no_ddt = bool(os.environ.get("DJANGO_NO_DDT", None))`
			`return not (env_no_ddt or request.path.startswith("/admin/"))`

			`##`
			`# Django Debug Toolbar configuration`

			`DEBUG_TOOLBAR_CONFIG = {"SHOW_TOOLBAR_CALLBACK": show_toolbar}`
			`INSTALLED_APPS += ["debug_toolbar"]`
			`MIDDLEWARE = ["debug_toolbar.middleware.DebugToolbarMiddleware"] + MIDDLEWARE`