Rename the cof/ folder to gestioasso/

This is a much more sensible name since it contains configuration
applicable to both GestioCOF and GestioBDS.

The next logical step would be to rename the `gestioncof/` folder to
`cof/`.

gestioasso/settings/.gitignore

@@ -0,0 +1 @@
+secret.py

gestioasso/settings/bds_prod.py

@@ -0,0 +1,36 @@
+"""
+Django development settings for the cof project.
+The settings that are not listed here are imported from .common
+"""
+from .common import *  # NOQA
+from .common import INSTALLED_APPS
+
+# ---
+# BDS-only Django settings
+# ---
+
+ALLOWED_HOSTS = ["bds.ens.fr", "www.bds.ens.fr", "dev.cof.ens.fr"]
+
+INSTALLED_APPS += ["bds", "events", "clubs", "authens"]
+
+STATIC_ROOT = "/srv/bds.ens.fr/public/gestion2/static"
+STATIC_URL = "/gestion2/static/"
+MEDIA_ROOT = "/srv/bds.ens.fr/gestion2/media"
+MEDIA_URL = "/gestion2/media/"
+
+
+# ---
+# Auth-related stuff
+# ---
+
+AUTHENTICATION_BACKENDS = [
+    "django.contrib.auth.backends.ModelBackend",
+    "authens.backends.ENSCASBackend",
+    "authens.backends.OldCASBackend",
+]
+
+AUTHENS_USE_OLDCAS = False
+
+LOGIN_URL = "authens:login"
+LOGIN_REDIRECT_URL = "bds:home"
+LOGOUT_REDIRECT_URL = "bds:home"

gestioasso/settings/cof_prod.py

@@ -0,0 +1,202 @@
+"""
+Django development settings for the cof project.
+The settings that are not listed here are imported from .common
+"""
+import os
+
+from .common import *  # NOQA
+from .common import (
+    AUTHENTICATION_BACKENDS,
+    BASE_DIR,
+    INSTALLED_APPS,
+    MIDDLEWARE,
+    TEMPLATES,
+    import_secret,
+)
+
+# ---
+# COF-specific secrets
+# ---
+
+REDIS_PASSWD = import_secret("REDIS_PASSWD")
+REDIS_DB = import_secret("REDIS_DB")
+REDIS_HOST = import_secret("REDIS_HOST")
+REDIS_PORT = import_secret("REDIS_PORT")
+
+RECAPTCHA_PUBLIC_KEY = import_secret("RECAPTCHA_PUBLIC_KEY")
+RECAPTCHA_PRIVATE_KEY = import_secret("RECAPTCHA_PRIVATE_KEY")
+KFETOPEN_TOKEN = import_secret("KFETOPEN_TOKEN")
+
+# ---
+# COF-only Django settings
+# ---
+
+ALLOWED_HOSTS = ["cof.ens.fr", "www.cof.ens.fr", "dev.cof.ens.fr"]
+
+INSTALLED_APPS = (
+    [
+        "gestioncof",
+        # Must be before django admin
+        # https://github.com/infoportugal/wagtail-modeltranslation/issues/193
+        "wagtail_modeltranslation",
+        "wagtail_modeltranslation.makemigrations",
+        "wagtail_modeltranslation.migrate",
+        "modeltranslation",
+    ]
+    + INSTALLED_APPS
+    + [
+        "bda",
+        "petitscours",
+        "captcha",
+        "kfet",
+        "kfet.open",
+        "channels",
+        "djconfig",
+        "wagtail.contrib.forms",
+        "wagtail.contrib.redirects",
+        "wagtail.embeds",
+        "wagtail.sites",
+        "wagtail.users",
+        "wagtail.snippets",
+        "wagtail.documents",
+        "wagtail.images",
+        "wagtail.search",
+        "wagtail.admin",
+        "wagtail.core",
+        "wagtail.contrib.modeladmin",
+        "wagtail.contrib.routable_page",
+        "wagtailmenus",
+        "modelcluster",
+        "taggit",
+        "kfet.auth",
+        "kfet.cms",
+        "gestioncof.cms",
+        "django_js_reverse",
+    ]
+)
+
+MIDDLEWARE = (
+    ["corsheaders.middleware.CorsMiddleware"]
+    + MIDDLEWARE
+    + [
+        "djconfig.middleware.DjConfigMiddleware",
+        "wagtail.core.middleware.SiteMiddleware",
+        "wagtail.contrib.redirects.middleware.RedirectMiddleware",
+    ]
+)
+
+TEMPLATES[0]["OPTIONS"]["context_processors"] += [
+    "wagtailmenus.context_processors.wagtailmenus",
+    "djconfig.context_processors.config",
+    "gestioncof.shared.context_processor",
+    "kfet.auth.context_processors.temporary_auth",
+    "kfet.context_processors.config",
+]
+
+STATIC_ROOT = os.path.join(
+    os.path.dirname(os.path.dirname(BASE_DIR)), "public", "gestion", "static"
+)
+
+STATIC_URL = "/gestion/static/"
+MEDIA_ROOT = os.path.join(os.path.dirname(BASE_DIR), "media")
+MEDIA_URL = "/gestion/media/"
+
+CORS_ORIGIN_WHITELIST = ("bda.ens.fr", "www.bda.ens.fr" "cof.ens.fr", "www.cof.ens.fr")
+
+
+# ---
+# Auth-related stuff
+# ---
+
+AUTHENTICATION_BACKENDS += [
+    "gestioncof.shared.COFCASBackend",
+    "kfet.auth.backends.GenericBackend",
+]
+
+LOGIN_URL = "cof-login"
+LOGIN_REDIRECT_URL = "home"
+
+# ---
+# Cache settings
+# ---
+
+CACHES = {
+    "default": {
+        "BACKEND": "redis_cache.RedisCache",
+        "LOCATION": "redis://:{passwd}@{host}:{port}/{db}".format(
+            passwd=REDIS_PASSWD, host=REDIS_HOST, port=REDIS_PORT, db=REDIS_DB
+        ),
+    }
+}
+
+
+# ---
+# Channels settings
+# ---
+
+CHANNEL_LAYERS = {
+    "default": {
+        "BACKEND": "asgi_redis.RedisChannelLayer",
+        "CONFIG": {
+            "hosts": [
+                (
+                    "redis://:{passwd}@{host}:{port}/{db}".format(
+                        passwd=REDIS_PASSWD,
+                        host=REDIS_HOST,
+                        port=REDIS_PORT,
+                        db=REDIS_DB,
+                    )
+                )
+            ]
+        },
+        "ROUTING": "gestioasso.routing.routing",
+    }
+}
+
+
+# ---
+# reCAPTCHA settings
+# https://github.com/praekelt/django-recaptcha
+#
+# Default settings authorize reCAPTCHA usage for local developement.
+# Public and private keys are appended in the 'prod' module settings.
+# ---
+
+NOCAPTCHA = True
+RECAPTCHA_USE_SSL = True
+
+
+# ---
+# Wagtail settings
+# ---
+
+WAGTAIL_SITE_NAME = "GestioCOF"
+WAGTAIL_ENABLE_UPDATE_CHECK = False
+TAGGIT_CASE_INSENSITIVE = True
+
+
+# ---
+# Django-js-reverse settings
+# ---
+
+JS_REVERSE_JS_VAR_NAME = "django_urls"
+# Quand on aura namespace les urls...
+# JS_REVERSE_INCLUDE_ONLY_NAMESPACES = ['k-fet']
+
+
+# ---
+# Mail config
+# ---
+
+MAIL_DATA = {
+    "petits_cours": {
+        "FROM": "Le COF <cof@ens.fr>",
+        "BCC": "archivescof@gmail.com",
+        "REPLYTO": "cof@ens.fr",
+    },
+    "rappels": {"FROM": "Le BdA <bda@ens.fr>", "REPLYTO": "Le BdA <bda@ens.fr>"},
+    "revente": {
+        "FROM": "BdA-Revente <bda-revente@ens.fr>",
+        "REPLYTO": "BdA-Revente <bda-revente@ens.fr>",
+    },
+}

gestioasso/settings/common.py

@@ -0,0 +1,143 @@
+"""
+Django common settings for cof project.
+
+Everything which is supposed to be identical between the production server and
+the local development server should be here.
+"""
+
+import os
+import sys
+
+# ---
+# Secrets
+# ---
+
+try:
+    from . import secret
+except ImportError:
+    raise ImportError(
+        "The secret.py file is missing.\n"
+        "For a development environment, simply copy secret_example.py"
+    )
+
+
+def import_secret(name):
+    """
+    Shorthand for importing a value from the secret module and raising an
+    informative exception if a secret is missing.
+    """
+    try:
+        return getattr(secret, name)
+    except AttributeError:
+        raise RuntimeError("Secret missing: {}".format(name))
+
+
+SECRET_KEY = import_secret("SECRET_KEY")
+ADMINS = import_secret("ADMINS")
+SERVER_EMAIL = import_secret("SERVER_EMAIL")
+EMAIL_HOST = import_secret("EMAIL_HOST")
+
+DBNAME = import_secret("DBNAME")
+DBUSER = import_secret("DBUSER")
+DBPASSWD = import_secret("DBPASSWD")
+
+LDAP_SERVER_URL = import_secret("LDAP_SERVER_URL")
+
+
+# ---
+# Default Django settings
+# ---
+
+DEBUG = False  # False by default feels safer
+TESTING = len(sys.argv) > 1 and sys.argv[1] == "test"
+BASE_DIR = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
+
+INSTALLED_APPS = [
+    "shared",
+    # Must be before 'django.contrib.admin'.
+    # https://django-autocomplete-light.readthedocs.io/en/master/install.html
+    "dal",
+    "dal_select2",
+    "django.contrib.auth",
+    "django.contrib.contenttypes",
+    "django.contrib.sessions",
+    "django.contrib.sites",
+    "django.contrib.messages",
+    "django.contrib.admin",
+    "django.contrib.admindocs",
+    "gestioasso.apps.IgnoreSrcStaticFilesConfig",
+    "django_cas_ng",
+    "bootstrapform",
+    "widget_tweaks",
+]
+
+MIDDLEWARE = [
+    "django.contrib.sessions.middleware.SessionMiddleware",
+    "django.middleware.common.CommonMiddleware",
+    "django.middleware.csrf.CsrfViewMiddleware",
+    "django.contrib.auth.middleware.AuthenticationMiddleware",
+    "django.contrib.messages.middleware.MessageMiddleware",
+    "django.middleware.clickjacking.XFrameOptionsMiddleware",
+    "django.middleware.security.SecurityMiddleware",
+    "django.middleware.locale.LocaleMiddleware",
+]
+
+ROOT_URLCONF = "gestioasso.urls"
+
+TEMPLATES = [
+    {
+        "BACKEND": "django.template.backends.django.DjangoTemplates",
+        "APP_DIRS": True,
+        "OPTIONS": {
+            "context_processors": [
+                "django.template.context_processors.debug",
+                "django.template.context_processors.request",
+                "django.contrib.auth.context_processors.auth",
+                "django.contrib.messages.context_processors.messages",
+                "django.template.context_processors.i18n",
+                "django.template.context_processors.media",
+                "django.template.context_processors.static",
+            ]
+        },
+    }
+]
+
+DATABASES = {
+    "default": {
+        "ENGINE": "django.db.backends.postgresql_psycopg2",
+        "NAME": DBNAME,
+        "USER": DBUSER,
+        "PASSWORD": DBPASSWD,
+        "HOST": os.environ.get("DBHOST", "localhost"),
+    }
+}
+
+SITE_ID = 1
+
+
+# ---
+# Internationalization
+# https://docs.djangoproject.com/en/1.8/topics/i18n/
+# ---
+
+LANGUAGE_CODE = "fr-fr"
+TIME_ZONE = "Europe/Paris"
+USE_I18N = True
+USE_L10N = True
+USE_TZ = True
+LANGUAGES = (("fr", "Français"), ("en", "English"))
+FORMAT_MODULE_PATH = "gestioasso.locale"
+
+
+# ---
+# Auth-related stuff
+# ---
+
+AUTHENTICATION_BACKENDS = ["django.contrib.auth.backends.ModelBackend"]
+
+CAS_SERVER_URL = "https://cas.eleves.ens.fr/"
+CAS_VERSION = "2"
+CAS_LOGIN_MSG = None
+CAS_IGNORE_REFERER = True
+CAS_REDIRECT_URL = "/"
+CAS_EMAIL_FORMAT = "%s@clipper.ens.fr"

gestioasso/settings/dev.py

@@ -0,0 +1,58 @@
+"""Django local development settings."""
+import os
+
+from . import bds_prod
+from .cof_prod import *  # NOQA
+from .cof_prod import INSTALLED_APPS, MIDDLEWARE, TESTING
+
+# ---
+# Merge COF and BDS configs
+# ---
+
+for app in bds_prod.INSTALLED_APPS:
+    if app not in INSTALLED_APPS:
+        INSTALLED_APPS.append(app)
+
+# ---
+# Tweaks for debug/local development
+# ---
+
+ALLOWED_HOSTS = []
+
+DEBUG = True
+EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"
+
+if TESTING:
+    PASSWORD_HASHERS = ["django.contrib.auth.hashers.MD5PasswordHasher"]
+
+STATIC_URL = "/static/"
+STATIC_ROOT = "/srv/gestiocof/static"
+MEDIA_URL = "/media/"
+MEDIA_ROOT = "/srv/gestiocof/media"
+
+
+# ---
+# Debug tool bar
+# ---
+
+
+def show_toolbar(request):
+    """
+    On active la debug-toolbar en mode développement local sauf :
+    - dans l'admin où ça ne sert pas à grand chose;
+    - si la variable d'environnement DJANGO_NO_DDT est à 1 → ça permet de la désactiver
+      sans modifier ce fichier en exécutant `export DJANGO_NO_DDT=1` dans le terminal
+      qui lance `./manage.py runserver`.
+
+    Autre side effect de cette fonction : on ne fait pas la vérification de INTERNAL_IPS
+    que ferait la debug-toolbar par défaut, ce qui la fait fonctionner aussi à
+    l'intérieur de Vagrant (comportement non testé depuis un moment…)
+    """
+    env_no_ddt = bool(os.environ.get("DJANGO_NO_DDT", None))
+    return DEBUG and not env_no_ddt and not request.path.startswith("/admin/")
+
+
+if not TESTING:
+    INSTALLED_APPS += ["debug_toolbar"]
+    MIDDLEWARE = ["debug_toolbar.middleware.DebugToolbarMiddleware"] + MIDDLEWARE
+    DEBUG_TOOLBAR_CONFIG = {"SHOW_TOOLBAR_CALLBACK": show_toolbar}

gestioasso/settings/local.py

@@ -0,0 +1,75 @@
+"""Django local development settings."""
+import os
+
+from . import bds_prod
+from .cof_prod import *  # NOQA
+from .cof_prod import BASE_DIR, INSTALLED_APPS, MIDDLEWARE, TESTING
+
+# ---
+# Merge COF and BDS configs
+# ---
+
+for app in bds_prod.INSTALLED_APPS:
+    if app not in INSTALLED_APPS:
+        INSTALLED_APPS.append(app)
+
+# ---
+# Tweaks for debug/local development
+# ---
+
+ALLOWED_HOSTS = []
+
+DEBUG = True
+EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"
+
+if TESTING:
+    PASSWORD_HASHERS = ["django.contrib.auth.hashers.MD5PasswordHasher"]
+
+STATIC_URL = "/static/"
+MEDIA_URL = "/media/"
+MEDIA_ROOT = os.path.join(BASE_DIR, "media")
+
+DATABASES = {
+    "default": {
+        "ENGINE": "django.db.backends.sqlite3",
+        "NAME": os.path.join(BASE_DIR, "db.sqlite3"),
+    }
+}
+
+# Use the default cache backend for local development
+CACHES = {"default": {"BACKEND": "django.core.cache.backends.locmem.LocMemCache"}}
+
+# Use the default in memory asgi backend for local development
+CHANNEL_LAYERS = {
+    "default": {
+        "BACKEND": "asgiref.inmemory.ChannelLayer",
+        "ROUTING": "gestioasso.routing.routing",
+    }
+}
+
+
+# ---
+# Debug tool bar
+# ---
+
+
+def show_toolbar(request):
+    """
+    On active la debug-toolbar en mode développement local sauf :
+    - dans l'admin où ça ne sert pas à grand chose;
+    - si la variable d'environnement DJANGO_NO_DDT est à 1 → ça permet de la désactiver
+      sans modifier ce fichier en exécutant `export DJANGO_NO_DDT=1` dans le terminal
+      qui lance `./manage.py runserver`.
+
+    Autre side effect de cette fonction : on ne fait pas la vérification de INTERNAL_IPS
+    que ferait la debug-toolbar par défaut, ce qui la fait fonctionner aussi à
+    l'intérieur de Vagrant (comportement non testé depuis un moment…)
+    """
+    env_no_ddt = bool(os.environ.get("DJANGO_NO_DDT", None))
+    return DEBUG and not env_no_ddt and not request.path.startswith("/admin/")
+
+
+if not TESTING:
+    INSTALLED_APPS += ["debug_toolbar"]
+    MIDDLEWARE = ["debug_toolbar.middleware.DebugToolbarMiddleware"] + MIDDLEWARE
+    DEBUG_TOOLBAR_CONFIG = {"SHOW_TOOLBAR_CALLBACK": show_toolbar}

gestioasso/settings/secret_example.py

@@ -0,0 +1,21 @@
+SECRET_KEY = "q()(zn4m63i%5cp4)f+ww4-28_w+ly3q9=6imw2ciu&_(5_4ah"
+ADMINS = None
+SERVER_EMAIL = "root@vagrant"
+EMAIL_HOST = "localhost"
+
+DBUSER = "cof_gestion"
+DBNAME = "cof_gestion"
+DBPASSWD = "4KZt3nGPLVeWSvtBZPSM3fSzXpzEU4"
+
+REDIS_PASSWD = "dummy"
+REDIS_PORT = 6379
+REDIS_DB = 0
+REDIS_HOST = "127.0.0.1"
+
+RECAPTCHA_PUBLIC_KEY = "DUMMY"
+RECAPTCHA_PRIVATE_KEY = "DUMMY"
+
+EMAIL_HOST = None
+
+KFETOPEN_TOKEN = "plop"
+LDAP_SERVER_URL = None