diff --git a/.gitignore b/.gitignore
index 8eb353e9872d522aaefd7e051e78b7908d95a093..c8019cdc311750931c309c5f01b5c0ed8b78f8a5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -11,9 +11,13 @@ misc/pg.json
# local virtalenv
env/
+# static files from `gms/manage.py collectstatic`
+gms/static
+
# Logs
logs
*.log
+*.log.*
npm-debug.log*
yarn-debug.log*
yarn-error.log*
diff --git a/gms/gms/settings.py b/gms/gms/settings.py
index 79e346e6d3c7eb24e2a18db99f7153ebf0c0cc96..606e6a2f0c791429ff761d1eba6aa29625289a0f 100644
--- a/gms/gms/settings.py
+++ b/gms/gms/settings.py
@@ -11,9 +11,6 @@ https://docs.djangoproject.com/en/2.1/ref/settings/
# import local settings
from gms.settings_local import *
-DEBUG = True
-TEMPLATE_DEBUG = DEBUG
-
# Application definition
INSTALLED_APPS = (
@@ -87,13 +84,16 @@ TEMPLATES = [
},
]
+TEMPLATE_DEBUG = DEBUG
+
from django.contrib.messages import constants as message_constants
MESSAGE_LEVEL = message_constants.DEBUG
+### Logging configuration ###
import logging
LOGGING = {
'version': 1,
- 'disable_existing_loggers': True,
+ 'disable_existing_loggers': False,
'formatters': {
'standard': {
'format' : "[%(asctime)s] %(levelname)s [%(name)s:%(lineno)s] %(message)s",
@@ -101,38 +101,38 @@ LOGGING = {
},
},
'handlers': {
- # 'logfile': {
- # 'level':'DEBUG',
- # 'class':'logging.handlers.RotatingFileHandler',
- # 'filename': SITE_ROOT + "/logfile",
- # 'maxBytes': 50000,
- # 'backupCount': 2,
- # 'formatter': 'standard',
- # },
+ 'logfile': {
+ 'level': LOG_LEVEL,
+ 'class':'logging.handlers.RotatingFileHandler',
+ 'filename': LOG_FILENAME,
+ 'maxBytes': 500000,
+ 'backupCount': 2,
+ 'formatter': 'standard',
+ },
'console':{
- 'level':'INFO',
+ 'level': LOG_LEVEL,
'class':'logging.StreamHandler',
'formatter': 'standard'
},
},
'loggers': {
'django': {
- 'handlers':['console'],
+ 'handlers':['logfile', 'console'],
'propagate': True,
- 'level':'DEBUG',
+ 'level': LOG_LEVEL,
},
'django.db.backends': {
- 'handlers': ['console'],
- 'level': 'DEBUG',
+ 'handlers': ['logfile', 'console'],
+ 'level': LOG_LEVEL,
'propagate': False,
},
'django.contrib.auth': {
- 'handlers': ['console'],
- 'level': 'DEBUG',
+ 'handlers': ['logfile', 'console'],
+ 'level': LOG_LEVEL,
},
'django_auth_ldap': {
- 'level': 'DEBUG',
- 'handlers': ['console'],
+ 'level': LOG_LEVEL,
+ 'handlers': ['logfile', 'console'],
},
},
}
\ No newline at end of file
diff --git a/gms/gms/settings_local.example.py b/gms/gms/settings_local.example.py
index 326b5999c3b24266e5f1c7a07b203583ed4f93ac..5d5edde7367035293fd7186f5bb5b84901d8c47f 100644
--- a/gms/gms/settings_local.example.py
+++ b/gms/gms/settings_local.example.py
@@ -3,6 +3,7 @@
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
import os
BASE_DIR = os.path.dirname(os.path.dirname(__file__))
+ROOT_DIR = os.path.dirname(BASE_DIR)
DEBUG = True
@@ -10,11 +11,12 @@ ADMINS = (
('UCC Committee', 'committee-only@ucc.asn.au'),
)
+### Database connection options ###
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3', # Add 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'.
# this should end up in uccportal/.db/members.db
- 'NAME': os.path.join(os.path.dirname(BASE_DIR), '.db', 'members.db'), # Or path to database file if using sqlite3.
+ 'NAME': os.path.join(ROOT_DIR, '.db', 'members.db'), # Or path to database file if using sqlite3.
'USER': '', # Not used with sqlite3.
'PASSWORD': '', # Not used with sqlite3.
'HOST': '', # Set to empty string for localhost. Not used with sqlite3.
@@ -25,8 +27,12 @@ DATABASES = {
# Make this unique, and don't share it with anybody.
SECRET_KEY = 'something-unique-here'
+# Set this to whatever your ServerName/ServerAlias(es) are
ALLOWED_HOSTS = []
+LOG_LEVEL = 'DEBUG'
+LOG_FILENAME = os.path.join(ROOT_DIR, "django.log")
+
import ldap
from django_auth_ldap.config import LDAPSearch, ActiveDirectoryGroupType, LDAPGroupQuery
@@ -40,37 +46,34 @@ AUTH_LDAP_GLOBAL_OPTIONS = {
}
# directly attempt to authenticate users to bind to LDAP
-AUTH_LDAP_USER_DN_TEMPLATE = 'CN=%(user)s,CN=Users,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au'
AUTH_LDAP_BIND_AS_AUTHENTICATING_USER = True
+AUTH_LDAP_ALWAYS_UPDATE_USER = True
+AUTH_LDAP_MIRROR_GROUPS = False
+AUTH_LDAP_GROUP_TYPE = ActiveDirectoryGroupType()
+AUTH_LDAP_FIND_GROUP_PERMS = False
-AUTH_LDAP_FIND_GROUP_PERMS = True
-
-AUTH_LDAP_USER_SEARCH = LDAPSearch("CN=Users,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au",
- ldap.SCOPE_SUBTREE, "(objectClass=user)")
+AUTH_LDAP_USER_DN_TEMPLATE = 'CN=%(user)s,CN=Users,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au'
AUTH_LDAP_GROUP_SEARCH = LDAPSearch("OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au",
ldap.SCOPE_SUBTREE, "(objectClass=group)")
-AUTH_LDAP_GROUP_TYPE = ActiveDirectoryGroupType()
# Populate the Django user from the LDAP directory.
# note: somehow the LDAP/AD users don't have firstName/sn, rather the full name is in name or displayName
AUTH_LDAP_USER_ATTR_MAP = {
- "first_name": "displayName",
- "last_name": "name",
+ "first_name": "givenName",
+ "last_name": "sn",
"email": "email",
}
-AUTH_LDAP_USER_FLAGS_BY_GROUP = {
- "is_staff": (
- LDAPGroupQuery("CN=committee,OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au") |
- LDAPGroupQuery("CN=door,OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au")
- ),
- "is_superuser": (
- LDAPGroupQuery("CN=committee,OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au") |
+ADMIN_ACCESS_QUERY = \
+ LDAPGroupQuery("CN=committee,OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au") | \
+ LDAPGroupQuery("CN=door,OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au") | \
LDAPGroupQuery("CN=wheel,OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au")
- )
-}
-AUTH_LDAP_ALWAYS_UPDATE_USER = True
+AUTH_LDAP_USER_FLAGS_BY_GROUP = {
+ # staff can login to the admin site
+ "is_staff": ADMIN_ACCESS_QUERY,
-AUTH_LDAP_MIRROR_GROUPS = False
\ No newline at end of file
+ # superusers have all permissions (but also need staff to login to admin site)
+ "is_superuser": ADMIN_ACCESS_QUERY,
+}
\ No newline at end of file