Francesco Siddi
2a2d35827c
Added local accounts
2016-04-26 12:34:16 +02:00
Francesco Siddi
aa47c2b4a6
Allow overriding Eve settings from env in test
...
Environment variables for Eve settings are now used in unit tests.
2016-04-26 12:34:16 +02:00
Sybren A. Stüvel
974f135e63
Measure unit test coverage.
...
Coverage is reported with py.test, and also "Run unit tests in ... with
coverage" is now supported in PyCharm.
2016-04-25 16:43:09 +02:00
Sybren A. Stüvel
c83f64d36f
Allow deletion of projects by members of its admin group.
2016-04-25 16:41:57 +02:00
Sybren A. Stüvel
31e802619e
Support soft-deleting projects.
...
See http://python-eve.org/features.html#soft-delete for more info.
2016-04-25 16:14:05 +02:00
Sybren A. Stüvel
5116b74d1d
Updated Eve to 0.6.3
...
This also updates Cerberus to 0.9.2 and simplejson to 3.8.2.
I've also changed the way we get to the application object, by replacing
from application import app
with
from flask import current_app
2016-04-25 16:14:05 +02:00
Sybren A. Stüvel
a6258f5193
Limit project editing for subscribers.
...
Certain fields are limited for subscribers. Also, subscribers are checked
against the project permissions.
Users with the 'admin' role can edit all fields, on any project.
2016-04-25 16:14:05 +02:00
Sybren A. Stüvel
4edb8cfd39
Ensure that the returned project contains the correct etag.
...
The etag of the post_internal response was used, which is NOT the
same as the etag of the project document itself.
2016-04-25 16:14:05 +02:00
Sybren A. Stüvel
5c590c4dc4
Put Eve in debug mode when unittesting.
...
This gives us much more concrete information when a test fails.
Note that this info is generally put into the HTTP response data,
and not logged to any logger.
2016-04-25 16:14:05 +02:00
Sybren A. Stüvel
9083a31812
Renamed variable to something more sensible.
2016-04-25 16:14:05 +02:00
Francesco Siddi
48b1bda545
Merge remote-tracking branch 'origin/master'
2016-04-25 11:58:41 +02:00
Francesco Siddi
34b95116dc
Tweak comment ownership
2016-04-22 18:48:28 +02:00
Francesco Siddi
728a900e68
Remove unused imports
2016-04-22 16:09:49 +02:00
Sybren A. Stüvel
9a400d5414
Use the new /p/create function from manage.py too.
2016-04-19 16:50:51 +02:00
Sybren A. Stüvel
4b9dd29ad5
Added /p/create entry point to create new projects.
...
This requires the user to be logged in. The project will be owned by that
user.
2016-04-19 16:50:46 +02:00
Sybren A. Stüvel
c3f0882a10
changed default scheme to HTTPS
2016-04-18 12:05:17 +02:00
Sybren A. Stüvel
7df278ef1f
Added manage.py cmd to refresh all file links of a certain backend.
2016-04-18 11:03:21 +02:00
Sybren A. Stüvel
d808b76d65
Store is_subclient_token bool in token collection.
2016-04-15 16:27:24 +02:00
Sybren A. Stüvel
15dffa3d28
Attract node type permissions: from project & allow DELETE by default.
...
Instead of using default permissions (with only write access by admin
group), we now copy the project permissions. Then, for everyone who
has PUT access, DELETE on the node is also allowed.
2016-04-15 14:30:12 +02:00
Sybren A. Stüvel
222b2e95e2
Simplified effective permission computation.
2016-04-15 14:28:44 +02:00
Sybren A. Stüvel
4e9182ef38
Missed BlenderID API change in unittest
2016-04-15 14:27:54 +02:00
Sybren A. Stüvel
36b31fee7c
Missed one BlenderID API change
2016-04-15 12:33:26 +02:00
Sybren A. Stüvel
0bdd3b0a31
Updated for changes in BlenderID validate_token URL and response.
...
See BlenderID change 432034f858fbfd695f3ce0a0b3724524de7a05bb
2016-04-15 12:19:43 +02:00
Sybren A. Stüvel
66eeb25529
Unify tokens and subclient tokens
...
SCST tokens are now stored in the 'tokens' table.
This unifies old token handling and new subclient-specific tokens.
Also ensures the BlenderID expiry of the token is taken into account.
Removes use of httpretty, in favour of responses.
2016-04-13 15:33:54 +02:00
Sybren A. Stüvel
0f6eeef32b
Upgraded to gcloud-0.12.0
...
This removes the need to use a Git checkout, and allows us to use an
actual version number again, with a package from PyPi.
2016-04-13 10:50:49 +02:00
Sybren A. Stüvel
e898fe0315
Use Blender ID subclient-specific token to find the user.
...
TODO: also store expiry timestamp
TODO: allow multiple subclient-specific tokens per user
2016-04-12 16:53:27 +02:00
Sybren A. Stüvel
bd8e0e56a4
Security: don't log subclient token.
2016-04-12 16:05:37 +02:00
Sybren A. Stüvel
aeee165ad8
subclient tokens: bugfix & return proper data.
...
Also introduces responses, as an alternative to httpretty (it works
better).
2016-04-12 15:24:50 +02:00
Sybren A. Stüvel
e0460f8518
Don't crash when Algolia is unavailable, when updating user.
2016-04-12 15:21:37 +02:00
Sybren A. Stüvel
3d9fe76271
Added subclient token verification & storage.
2016-04-08 18:45:35 +02:00
Sybren A. Stüvel
771b091626
Use config when running devserver
2016-04-05 17:38:11 +02:00
Sybren A. Stüvel
5e74120c3f
Use put_internal instead.
2016-04-05 12:32:05 +02:00
Sybren A. Stüvel
1120a59e30
Added management command for adding Attract node types to a project.
...
./manage.py setup_for_attract {project UUID} [--replace]
2016-04-05 12:25:41 +02:00
Sybren A. Stüvel
6f8afbbdc0
Replaced print statement with print function
2016-04-04 17:32:48 +02:00
Sybren A. Stüvel
e433e90dd8
Bugfix
2016-04-04 17:31:06 +02:00
Sybren A. Stüvel
669aea7436
Testing should have debug mode disabled.
2016-04-04 16:10:55 +02:00
Sybren A. Stüvel
7a171f471c
Renamed package 'manage' to 'manage_extra'
...
There already is a Flask-default 'manage.py', and with a subdir 'manage'
in the same directory, 'import manage' is ambiguous.
2016-04-04 15:40:46 +02:00
Sybren A. Stüvel
04d846fd96
Set our specific CDN_SERVICE_DOMAIN to be configured locally.
...
Just set it in your config_local.py file.
2016-04-04 15:14:30 +02:00
Sybren A. Stüvel
465b145609
More flexible, less error-prone configuration system.
...
WARNING: make a backup copy of your local config.py before pulling
this change, as Git will overwrite it without warning.
The configuration defaults to deployment settings, allowing overrides.
Overrides are read from config_local.py and from the file pointed to
by the PILLAR_CONFIG env var.
2016-04-04 14:59:11 +02:00
Sybren A. Stüvel
a1930c63d0
Manage command to expire all links, to test with slow responses.
2016-04-04 13:20:52 +02:00
Sybren A. Stüvel
72d05dea7b
Some nicer logging
2016-04-04 13:20:52 +02:00
Francesco Siddi
077064b7d9
Skip not found attachments
2016-04-01 14:41:58 +02:00
Sybren A. Stüvel
73bb125e7b
Added --quiet option to refresh_project_links mgmt command
2016-04-01 13:29:22 +02:00
Sybren A. Stüvel
ce242e1de3
Added manage.py command to refresh (almost) expired links.
...
manage.py refresh_project_links 5672beecc0261b2005ed1a33 -c 4
This refreshes the oldest 4 links of that project.
2016-04-01 13:03:27 +02:00
Sybren A. Stüvel
c13fca4f30
Use the same expire time in database and current_user dict
2016-03-31 11:17:21 +02:00
Sybren A. Stüvel
655a5b53d1
More debug logging of the auth flow.
2016-03-31 11:16:45 +02:00
Sybren A. Stüvel
91d6175472
When BlenderID is unreachable, log an error and handle as not logged in.
2016-03-31 11:16:27 +02:00
Sybren A. Stüvel
6e04fa072b
Always set g.current_user (to None when not logged in).
...
This allows us to use g.current_user, instead of
g.get('current_user', None), which in turn simply causes an AttributeError
exception when the token validation wasn't performed when it should have.
2016-03-31 11:15:55 +02:00
Sybren A. Stüvel
56bf30c722
Validate authentication token on every request.
2016-03-31 11:10:01 +02:00
Francesco Siddi
9bdba2bc15
Fix for attachment processing
2016-03-25 21:05:33 +01:00