added environment watermark
... | ... | @@ -7,29 +7,31 @@ ROOT_DIR = os.path.dirname(BASE_DIR) |
DEBUG = True | ||
ENV = '${SHORT_ENV_NAME}' | ||
ADMINS = ( | ||
('UCC Committee', '[email protected]'), | ||
('UCC Committee', '[email protected]'), | ||
) | ||
### Database connection options ### | ||
DATABASES = { | ||
'default': { | ||
'ENGINE': '${DB_ENGINE}', # Add 'postgresql', 'mysql', 'sqlite3' or 'oracle'. | ||
# this should end up in uccportal/.db/members.db | ||
'NAME': '${DB_NAME}', # Or path to database file if using sqlite3. | ||
'USER': '${DB_USER}', # Not used with sqlite3. | ||
'PASSWORD': '${DB_SECRET}', # Not used with sqlite3. | ||
'HOST': '${DB_HOST}', # Set to empty string for localhost. Not used with sqlite3. | ||
'PORT': '', # Set to empty string for default. Not used with sqlite3. | ||
}, | ||
'memberdb_old': { | ||
'ENGINE': 'django.db.backends.postgresql', | ||
'NAME': 'uccmemberdb_2018', | ||
'USER': 'uccmemberdb', | ||
'PASSWORD': '${OLDDB_SECRET}', | ||
'HOST': 'mussel.ucc.gu.uwa.edu.au', | ||
'PORT': '', | ||
} | ||
'default': { | ||
'ENGINE': '${DB_ENGINE}', # Add 'postgresql', 'mysql', 'sqlite3' or 'oracle'. | ||
# this should end up in uccportal/.db/members.db | ||
'NAME': '${DB_NAME}', # Or path to database file if using sqlite3. | ||
'USER': '${DB_USER}', # Not used with sqlite3. | ||
'PASSWORD': '${DB_SECRET}', # Not used with sqlite3. | ||
'HOST': '${DB_HOST}', # Set to empty string for localhost. Not used with sqlite3. | ||
'PORT': '', # Set to empty string for default. Not used with sqlite3. | ||
}, | ||
'memberdb_old': { | ||
'ENGINE': 'django.db.backends.postgresql', | ||
'NAME': 'uccmemberdb_2018', | ||
'USER': 'uccmemberdb', | ||
'PASSWORD': '${OLDDB_SECRET}', | ||
'HOST': 'mussel.ucc.gu.uwa.edu.au', | ||
'PORT': '', | ||
} | ||
} | ||
# Make this unique, and don't share it with anybody. | ||
... | ... | @@ -56,7 +58,7 @@ AUTH_LDAP_SERVER_URI = 'ldaps://ad.ucc.gu.uwa.edu.au/' |
# This is also a bad idea, should be changed in production | ||
AUTH_LDAP_GLOBAL_OPTIONS = { | ||
ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER, | ||
ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER, | ||
} | ||
# directly attempt to authenticate users to bind to LDAP | ||
... | ... | @@ -69,27 +71,27 @@ AUTH_LDAP_FIND_GROUP_PERMS = False |
AUTH_LDAP_USER_DN_TEMPLATE = 'CN=%(user)s,CN=Users,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au' | ||
AUTH_LDAP_GROUP_SEARCH = LDAPSearch("OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au", | ||
ldap.SCOPE_SUBTREE, "(objectClass=group)") | ||
ldap.SCOPE_SUBTREE, "(objectClass=group)") | ||
# Populate the Django user from the LDAP directory. | ||
# note: somehow the LDAP/AD users don't have firstName/sn, rather the full name is in name or displayName | ||
AUTH_LDAP_USER_ATTR_MAP = { | ||
"first_name": "givenName", | ||
"last_name": "sn", | ||
"email": "email", | ||
"first_name": "givenName", | ||
"last_name": "sn", | ||
"email": "email", | ||
} | ||
ADMIN_ACCESS_QUERY = \ | ||
LDAPGroupQuery("CN=committee,OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au") | \ | ||
LDAPGroupQuery("CN=door,OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au") | \ | ||
LDAPGroupQuery("CN=wheel,OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au") | ||
LDAPGroupQuery("CN=committee,OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au") | \ | ||
LDAPGroupQuery("CN=door,OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au") | \ | ||
LDAPGroupQuery("CN=wheel,OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au") | ||
AUTH_LDAP_USER_FLAGS_BY_GROUP = { | ||
# staff can login to the admin site | ||
"is_staff": ADMIN_ACCESS_QUERY, | ||
# staff can login to the admin site | ||
"is_staff": ADMIN_ACCESS_QUERY, | ||
# superusers have all permissions (but also need staff to login to admin site) | ||
"is_superuser": ADMIN_ACCESS_QUERY, | ||
# superusers have all permissions (but also need staff to login to admin site) | ||
"is_superuser": ADMIN_ACCESS_QUERY, | ||
} | ||
# the Square app and location data (set to sandbox unless you want it to charge people) | ||
... | ... |
Please register or sign in to comment