added environment watermark

0e5f40d1 · Zack Wong · 24eb3ce4 · 0e5f40d1 · 0e5f40d1 · 0e5f40d1
Commit 0e5f40d1 authored Feb 24, 2019 by Zack Wong
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
 stages:
-  - test
-  - deploy
+	- test
+	- deploy

 variables:
-  DB_ENGINE : django.db.backends.sqlite3
+	DB_ENGINE : django.db.backends.sqlite3

 before_script:
-  - echo "preparing environment"
-  - virtualenv env -p `which python3`
-  - . env/bin/activate
-  - pip install -r pip-packages.txt
-  
-  
+	- echo "preparing environment"
+	- virtualenv env -p `which python3`
+	- . env/bin/activate
+	- pip install -r pip-packages.txt
+	
+	
 run_tests:
-  stage: test
-  script:
-    - echo "Running tests"
-    - envsubst < src/gms/settings_local.example.py > src/gms/settings_local.py
-    - python src/manage.py check
+	stage: test
+	script:
+		- echo "Running tests"
+		- envsubst < src/gms/settings_local.example.py > src/gms/settings_local.py
+		- python src/manage.py check

 deploy_testing:
-  stage: deploy
-  tags:
-    - test
-  variables:
-    DB_NAME : /var/www/test/$CI_COMMIT_REF_NAME/.db/members.db
-    DEPLOY_HOST : $CI_COMMIT_REF_NAME.test.ucc.asn.au
-  script:
-    - echo "Deploy to test"
-    - rm -f /var/www/test/$CI_COMMIT_REF_NAME
-    - rm -f /etc/uwsgi/vassals/$CI_COMMIT_REF_NAME.ini
-    - mkdir .db
-    - envsubst < src/gms/settings_local.example.py > src/gms/settings_local.py
-    - chmod 600 src/gms/settings_local.py
-    - ln -srT ./ /var/www/test/$CI_COMMIT_REF_NAME
-    - python src/manage.py collectstatic
-    - python src/manage.py makemigrations
-    - python src/manage.py migrate --run-syncdb
-    - ln -s /etc/uwsgi/vassals/test.skel /etc/uwsgi/vassals/$CI_COMMIT_REF_NAME.ini
-  environment:
-    name: test/$CI_COMMIT_REF_NAME
-    url: https://$CI_COMMIT_REF_NAME.test.ucc.asn.au
-    on_stop: stop_testing
-  except:
-      - master
+	stage: deploy
+	tags:
+		- test
+	variables:
+		DB_NAME : /var/www/test/$CI_COMMIT_REF_NAME/.db/members.db
+		DEPLOY_HOST : $CI_COMMIT_REF_NAME.test.ucc.asn.au
+		SHORT_ENV_NAME : TEST
+	script:
+		- echo "Deploy to test"
+		- rm -f /var/www/test/$CI_COMMIT_REF_NAME
+		- rm -f /etc/uwsgi/vassals/$CI_COMMIT_REF_NAME.ini
+		- mkdir .db
+		- envsubst < src/gms/settings_local.example.py > src/gms/settings_local.py
+		- chmod 600 src/gms/settings_local.py
+		- ln -srT ./ /var/www/test/$CI_COMMIT_REF_NAME
+		- python src/manage.py collectstatic
+		- python src/manage.py makemigrations
+		- python src/manage.py migrate --run-syncdb
+		- ln -s /etc/uwsgi/vassals/test.skel /etc/uwsgi/vassals/$CI_COMMIT_REF_NAME.ini
+	environment:
+		name: test/$CI_COMMIT_REF_NAME
+		url: https://$CI_COMMIT_REF_NAME.test.ucc.asn.au
+		on_stop: stop_testing
+	except:
+			- master

 deploy_staging:
-  stage: deploy
-  tags:
-    - stage
-  variables:
-    DB_NAME : /var/www/stage/.db/members.db
-    DEPLOY_HOST : staging.test.ucc.asn.au
-  script:
-    - echo "Deploy to staging"
-    - rm -f /services/$CI_PROJECT_NAME
-    - rm -f /etc/uwsgi/vassals/stage.ini
-    - ln -srT ./ /services/$CI_PROJECT_NAME
-    - envsubst < src/gms/settings_local.example.py > src/gms/settings_local.py
-    - chmod 600 src/gms/settings_local.py
-    - python src/manage.py collectstatic
-    - python src/manage.py makemigrations
-    - python src/manage.py migrate --run-syncdb
-    - ln -s /etc/uwsgi/vassals/stage.skel /etc/uwsgi/vassals/stage.ini
-  environment:
-    name: stage
-    url: https://stage.test.ucc.asn.au
-  only:
-      - master
+	stage: deploy
+	tags:
+		- stage
+	variables:
+		DB_NAME : /var/www/stage/.db/members.db
+		DEPLOY_HOST : staging.test.ucc.asn.au
+		SHORT_ENV_NAME : STAGE
+	script:
+		- echo "Deploy to staging"
+		- rm -f /services/$CI_PROJECT_NAME
+		- rm -f /etc/uwsgi/vassals/stage.ini
+		- ln -srT ./ /services/$CI_PROJECT_NAME
+		- envsubst < src/gms/settings_local.example.py > src/gms/settings_local.py
+		- chmod 600 src/gms/settings_local.py
+		- python src/manage.py collectstatic
+		- python src/manage.py makemigrations
+		- python src/manage.py migrate --run-syncdb
+		- ln -s /etc/uwsgi/vassals/stage.skel /etc/uwsgi/vassals/stage.ini
+	environment:
+		name: stage
+		url: https://stage.test.ucc.asn.au
+	only:
+			- master

 stop_testing:
-  stage: deploy
-  variables:
-    GIT_STRATEGY: none
-  when: manual
-  environment:
-    name: test/$CI_COMMIT_REF_NAME
-    action: stop
-  except: 
-    - master
-  script:
-    - rm -f /var/www/test/$CI_COMMIT_REF_NAME
-    - rm -f /etc/uwsgi/vassals/$CI_COMMIT_REF_NAME.ini
+	stage: deploy
+	variables:
+		GIT_STRATEGY: none
+	when: manual
+	environment:
+		name: test/$CI_COMMIT_REF_NAME
+		action: stop
+	except: 
+		- master
+	script:
+		- rm -f /var/www/test/$CI_COMMIT_REF_NAME
+		- rm -f /etc/uwsgi/vassals/$CI_COMMIT_REF_NAME.ini
--- a/src/gms/context_processors.py
+++ b/src/gms/context_processors.py
+from django.conf import settings
+
+def global_settings(request):
+	return {
+	'DEPLOYMENT_ENV' : settings.ENV
+	}
--- a/src/gms/settings.py
+++ b/src/gms/settings.py
@@ -24,7 +24,7 @@ INSTALLED_APPS = (
 	'memberdb',
 	'import_members',
 	'squarepay',
-	'formtools'
+	'formtools',
 )

 MIDDLEWARE = [
@@ -88,6 +88,7 @@ TEMPLATES = [
 				'django.template.context_processors.request',
 				'django.contrib.auth.context_processors.auth',
 				'django.contrib.messages.context_processors.messages',
+				'gms.context_processors.global_settings'
 			],
 		},
 	},

--- a/src/gms/settings_local.example.py
+++ b/src/gms/settings_local.example.py
@@ -7,29 +7,31 @@ ROOT_DIR = os.path.dirname(BASE_DIR)

 DEBUG = True

+ENV = '${SHORT_ENV_NAME}'
+
 ADMINS = (
-    ('UCC Committee', '[email protected]'),
+	('UCC Committee', '[email protected]'),
 )

 ### Database connection options ###
 DATABASES = {
-    'default': {
-        'ENGINE': '${DB_ENGINE}',     # Add 'postgresql', 'mysql', 'sqlite3' or 'oracle'.
-        # this should end up in uccportal/.db/members.db
-        'NAME': '${DB_NAME}',   # Or path to database file if using sqlite3.
-        'USER': '${DB_USER}',                                 # Not used with sqlite3.
-        'PASSWORD': '${DB_SECRET}',                             # Not used with sqlite3.
-        'HOST': '${DB_HOST}',                                 # Set to empty string for localhost. Not used with sqlite3.
-        'PORT': '',                                 # Set to empty string for default. Not used with sqlite3.
-    },
-    'memberdb_old': {
-        'ENGINE': 'django.db.backends.postgresql',
-        'NAME': 'uccmemberdb_2018',
-        'USER': 'uccmemberdb',
-        'PASSWORD': '${OLDDB_SECRET}',
-        'HOST': 'mussel.ucc.gu.uwa.edu.au',
-        'PORT': '',
-    }
+	'default': {
+		'ENGINE': '${DB_ENGINE}',     # Add 'postgresql', 'mysql', 'sqlite3' or 'oracle'.
+		# this should end up in uccportal/.db/members.db
+		'NAME': '${DB_NAME}',   # Or path to database file if using sqlite3.
+		'USER': '${DB_USER}',                                 # Not used with sqlite3.
+		'PASSWORD': '${DB_SECRET}',                             # Not used with sqlite3.
+		'HOST': '${DB_HOST}',                                 # Set to empty string for localhost. Not used with sqlite3.
+		'PORT': '',                                 # Set to empty string for default. Not used with sqlite3.
+	},
+	'memberdb_old': {
+		'ENGINE': 'django.db.backends.postgresql',
+		'NAME': 'uccmemberdb_2018',
+		'USER': 'uccmemberdb',
+		'PASSWORD': '${OLDDB_SECRET}',
+		'HOST': 'mussel.ucc.gu.uwa.edu.au',
+		'PORT': '',
+	}
 }

 # Make this unique, and don't share it with anybody.
@@ -56,7 +58,7 @@ AUTH_LDAP_SERVER_URI = 'ldaps://ad.ucc.gu.uwa.edu.au/'

 # This is also a bad idea, should be changed in production
 AUTH_LDAP_GLOBAL_OPTIONS = {
-    ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER,
+	ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER,
 }

 # directly attempt to authenticate users to bind to LDAP
@@ -69,27 +71,27 @@ AUTH_LDAP_FIND_GROUP_PERMS = False
 AUTH_LDAP_USER_DN_TEMPLATE = 'CN=%(user)s,CN=Users,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au'

 AUTH_LDAP_GROUP_SEARCH = LDAPSearch("OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au",
-    ldap.SCOPE_SUBTREE, "(objectClass=group)")
+	ldap.SCOPE_SUBTREE, "(objectClass=group)")

 # Populate the Django user from the LDAP directory.
 # note: somehow the LDAP/AD users don't have firstName/sn, rather the full name is in name or displayName
 AUTH_LDAP_USER_ATTR_MAP = {
-    "first_name": "givenName",
-    "last_name": "sn",
-    "email": "email",
+	"first_name": "givenName",
+	"last_name": "sn",
+	"email": "email",
 }

 ADMIN_ACCESS_QUERY = \
-        LDAPGroupQuery("CN=committee,OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au") | \
-        LDAPGroupQuery("CN=door,OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au") | \
-        LDAPGroupQuery("CN=wheel,OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au")
+		LDAPGroupQuery("CN=committee,OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au") | \
+		LDAPGroupQuery("CN=door,OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au") | \
+		LDAPGroupQuery("CN=wheel,OU=Groups,DC=ad,DC=ucc,DC=gu,DC=uwa,DC=edu,DC=au")

 AUTH_LDAP_USER_FLAGS_BY_GROUP = {
-    # staff can login to the admin site
-    "is_staff": ADMIN_ACCESS_QUERY,
+	# staff can login to the admin site
+	"is_staff": ADMIN_ACCESS_QUERY,

-    # superusers have all permissions (but also need staff to login to admin site)
-    "is_superuser": ADMIN_ACCESS_QUERY,
+	# superusers have all permissions (but also need staff to login to admin site)
+	"is_superuser": ADMIN_ACCESS_QUERY,
 }

 # the Square app and location data (set to sandbox unless you want it to charge people)

--- a/src/templates/base.html
+++ b/src/templates/base.html
@@ -2,96 +2,115 @@
 <!DOCTYPE html>
 <html>
 <head>
-    <!-- MemberDB base template -->
-    <title>{% block title %}UCC MemberDB{% endblock %}</title>
-    <link rel="shortcut icon" type="image/png" href="{% static 'ucc-logo.png' %}"/>
-    <link rel="stylesheet" type="text/css" href="{% static "memberdb.css" %}">
-    {% block prestyle %}{% endblock %}
-    <link rel="stylesheet" type="text/css" href="{% static "shared.css" %}">
-    {% block extrahead %}{% endblock %}
-    {% block extrastyle %}{% endblock %}
-    {% block blockbots %}<meta name="robots" content="NONE,NOARCHIVE">{% endblock %}
+	<!-- MemberDB base template -->
+	<title>{% block title %}UCC MemberDB{% endblock %}</title>
+	<link rel="shortcut icon" type="image/png" href="{% static 'ucc-logo.png' %}"/>
+	<link rel="stylesheet" type="text/css" href="{% static "memberdb.css" %}">
+	{% block prestyle %}{% endblock %}
+	<link rel="stylesheet" type="text/css" href="{% static "shared.css" %}">
+	{% block extrahead %}{% endblock %}
+	{% block extrastyle %}{% endblock %}
+	{% block blockbots %}<meta name="robots" content="NONE,NOARCHIVE">{% endblock %}
 </head>

 <body {% block bodyattrs %}{% endblock %}>

+
 <!-- Container -->
 <div id="container">
+	{% block header_div %}<!-- Header -->
+	<div id="header">
+		{% block navbar %}
+		<nav>
+			{% block branding %}
+			<a class="logo" title="UCCPortal homepage">
+				<span></span>
+			</a>
+			{% endblock %}
+
+			{# fancy automatic navbar thing from https://stackoverflow.com/questions/39639264 #}
+			{% with url_name=request.resolver_match.url_name %}
+			{% if request.member %}
+			<a class="navtab {% if url_name == 'home' %}active{% endif %}" href="{% url "memberdb:home" %}">Member home</a>
+			{% endif %}
+			<a class="navtab {% if url_name == 'register' %}active{% endif %}" href="{% url "memberdb:register" %}">Register</a>

-    {% block header_div %}<!-- Header -->
-    <div id="header">
-        {% block navbar %}
-        <nav>
-            {% block branding %}
-            <a class="logo" title="UCCPortal homepage">
-                <span></span>
-            </a>
-            {% endblock %}
-            
-            {# fancy automatic navbar thing from https://stackoverflow.com/questions/39639264 #}
-            {% with url_name=request.resolver_match.url_name %}
-            {% if request.member %}
-            <a class="navtab {% if url_name == 'home' %}active{% endif %}" href="{% url "memberdb:home" %}">Member home</a>
-            {% endif %}
-            <a class="navtab {% if url_name == 'register' %}active{% endif %}" href="{% url "memberdb:register" %}">Register</a>
+			{% if not request.user.is_authenticated %}
+			<a class="navtab {% if url_name == 'login' %}active{% endif %}" href="{% url "memberdb:login" %}">Login</a>
+			{% else %}
+			<a class="navtab {% if url_name == 'renew' %}active{% endif %}" href="{% url "memberdb:renew" %}">Renew membership</a>

-            {% if not request.user.is_authenticated %}
-            <a class="navtab {% if url_name == 'login' %}active{% endif %}" href="{% url "memberdb:login" %}">Login</a>
-            {% else %}
-            <a class="navtab {% if url_name == 'renew' %}active{% endif %}" href="{% url "memberdb:renew" %}">Renew membership</a>
+			{% if request.user.is_staff %}
+			<a class="navtab {% block adminactive %}{% endblock %}" href="{% url "admin:index" %}">Admin site</a>
+			{% endif %}

-            {% if request.user.is_staff %}
-            <a class="navtab {% block adminactive %}{% endblock %}" href="{% url "admin:index" %}">Admin site</a>
-            {% endif %}
+			{% endif %}

-            {% endif %}
+			{% if request.user.is_authenticated or request.member %}
+			<a class="navtab {% if url_name == 'logout' %}active{% endif %}" href="{% url "memberdb:logout" %}">Logout</a>
+			{% endif %}
+			{% endwith %}
+		</nav>
+		{% endblock %}

-            {% if request.user.is_authenticated or request.member %}
-            <a class="navtab {% if url_name == 'logout' %}active{% endif %}" href="{% url "memberdb:logout" %}">Logout</a>
-            {% endif %}
-            {% endwith %}
-        </nav>
-        {% endblock %}
+		{% block header %}{% endblock %}

-        {% block header %}{% endblock %}
-        
-    </div>
-    {% endblock %}<!-- END Header -->
-    {% block breadcrumbs %}{% endblock %}
-    {% block messages %}{% if messages %}
-    <ul class="messagelist">{% for message in messages %}
-        <li{% if message.tags %} class="{{ message.tags }}"{% endif %}>{{ message|capfirst }}</li>
-    {% endfor %}</ul>
-    {% endif %}{% endblock messages %}
+	</div>
+	{% endblock %}<!-- END Header -->
+	{% block breadcrumbs %}{% endblock %}
+	{% block messages %}{% if messages %}
+	<ul class="messagelist">{% for message in messages %}
+		<li{% if message.tags %} class="{{ message.tags }}"{% endif %}>{{ message|capfirst }}</li>
+	{% endfor %}</ul>
+	{% endif %}{% endblock messages %}

-    <!-- Content -->
-    <div id="content">
-        {% block pretitle %}{% endblock %}
-        {% block content_title %}<h1></h1>{% endblock %}
-        {% block content %}
-        {% endblock %}
-        <!-- sidebar -->
-        {% block sidebar %}{% endblock %}
-        <br class="clear">
-    </div>
-    <!-- END Content -->
+	<!-- Content -->
+	<div id="content">
+		{% block pretitle %}{% endblock %}
+		{% block content_title %}<h1></h1>{% endblock %}
+		{% block content %}
+		{% endblock %}
+		<!-- sidebar -->
+		{% block sidebar %}{% endblock %}
+		<br class="clear">
+	</div>
+	<!-- END Content -->

-    <!-- Footer -->
-    {% block footer %}
-    <div id="footer">
-        <p>
-            The University Computer Club Inc.
-            ABN: 98 843 368 069
-        </p>
-        <div class="linkslist">
-            <a href="https://www.ucc.asn.au">main website</a>&#8226;
-            <a href="https://wiki.ucc.asn.au">UCC wiki</a>&#8226;
-            <a href="https://www.ucc.asn.au/aboutucc/contact.ucc">contact us</a>&#8226;
-            <a href="https://gitlab.ucc.asn.au/frekk/uccportal">source code</a>
-        </div>
-    </div>
-    {% endblock %}
-    <!-- END Footer -->    
+	<!-- Footer -->
+	{% block footer %}
+	<div id="footer">
+		<p>
+			The University Computer Club Inc.
+			ABN: 98 843 368 069
+		</p>
+		<div class="linkslist">
+			<a href="https://www.ucc.asn.au">main website</a>&#8226;
+			<a href="https://wiki.ucc.asn.au">UCC wiki</a>&#8226;
+			<a href="https://www.ucc.asn.au/aboutucc/contact.ucc">contact us</a>&#8226;
+			<a href="https://gitlab.ucc.asn.au/frekk/uccportal">source code</a>
+		</div>
+	</div>
+	{% endblock %}
+	<!-- END Footer -->
+{% if DEPLOYMENT_ENV != "PROD" %}
+<div class="watermark">{{DEPLOYMENT_ENV}}</div>
+<style>
+  .watermark {
+	position: absolute;
+	transform: translate(-50%, -50%);
+	opacity: 0.3;
+	{% if DEPLOYMENT_ENV == "STAGE" %}
+	color: RED; 
+	{% else %}
+	color: GREEN; 
+	{% endif %}
+	font-size: 15em;
+	top: 50%;
+	left: 50%;
+	pointer-events: none;
+  }
+</style>
+{%endif %}
 </div>
 <!-- END Container -->