Synchronisation is performed in the background by the Celery Beat, every
10 minutes. It has a time limit of 9 minutes to prevent multiple refresh
tasks from running at the same time.
Synchronisation is also possible with the `manage.py badges sync` CLI
command, which can sync either a single user or all users.
By default CSRF protection is disabled for all views, since most
web endpoints and all API endpoints do not need it.
On the views that require it, we use the
current_app.csrf.protect() method.
Static files are now served with an 8-character hash before the last
extension. For example, `tutti.min.js` is now served as
`tutti.min.abcd1234.js`. When doing a request the hash is removed before
serving the static file.
The hash must be 8 characters long, and is taken from STATIC_FILE_HASH.
It is up to the deployment to change this configuration variable
whenever static files change. This forces browsers that download newly
deployed HTML to also refresh the dependencies (most importantly
JS/CSS).
For this to work, the URL must be built with `url_for('static_xxx',
filename='/path/to/file')`. The 'static' module still returns regular,
hashless URLs.
We can now store IP ranges with Organizations. The aim is to have any user
logging in with a remote IP address within such a race will get the
organization roles assigned to the user object stored in the Flask session.
This commit just contains the MongoDB storage and querying, and not yet the
updates to the user.
It's marginally faster (on our production DB user reindexing goes down from
5+ minutes to 4 minutes), but will likely become significantly faster when
we run ElasticSearch on its own machine.
Upon IOError or OSError (which includes SMTP protocol errors) the mail
sending task is retried after MAIL_RETRY seconds. It is retried three
times (default setting of Celery) only.
abs_url(x) is a shortcut for url_for(x, _external=True,
_schema=app.config['SCHEMA']), and should be used for all URLs that should
include the hostname and schema.
Both 'video-encoder' and 'admin' roles get 'encode-video' capability,
which allows users to upload video that gets encoded & displayed as a
video. For users without this capability videos are handled as regular
downloads.
Note that pillar/bugsnag_extra.py still exists; I'm keeping it around for
a while until we know what info we miss in Sentry, can port it, and then
remove/refactor it.
- Include release stage, which should be 'production' or 'development',
and gets postfixed by '-debug' when running in debug mode.
- Properly logging remote IP address when proxied through HAProxy;
- Log user ID, email, username, roles, and capabilities;
- Remove authentication tokens from logged session;
- Log request data and JSON separately.
- Added request endpoint.
User experience
===============
For users it means we can provide localized web-sites to enrich their
overall experiences.
Although for the Blender Cloud this doesn't make much sense (since the
content is in English), Flamenco and Attract can really benefit from
this.
New configuration settings
==========================
There are two new parameters in config.py:
* DEFAULT_LOCALE='en_US'
* SUPPORT_ENGLISH=True
They are both properly documented in the `config.py` file.
Technicall details
==================
We are using the 'Accept-Languages' header to match the
available translations with the user supported languages.
If an extension has a `translations` folder, it's used for translations.
However the main application (e.g., Blender Cloud) is the one that
determines the supported languages based on its `languages` folder.
How to mark strings for translation
===================================
See the documentation in README.md.
But as an example, 404.pug and pillar/__init__.py::handle_sdk_resource_invalid
have marked up strings that will be extracted once you install pillar,
or run any of the translations commangs.
Remember to **gulp** after you update the template files.
How to setup translations
=========================
You will need to create translation for the main project, and for each
extension that you want to see translated. I added a new entry-point to
the installation of Pillar.
So all you need is to use the `translations`
script to initialize, update and compile your translations.
Pending tasks
=============
Aside from marking more strings for extraction and start the translation
effort it would be interesting to replace the pretty_date routine with
momentjs.
Acknowledgement
===============
Many thanks for Sybren Stüvel for the suggestions and throughout code
review. Thanks also to Francesco Siddi for the original documentation
and suggesting me to tackle this. And Kudos for Pablo Vazquez for the
motivational support and for the upcoming "strings mark up" task force!
The core of the implementation is based on Miguel Grinberg i18n chapter
of his great 'The Mega Flask Tutorial'.
Reviewers: sybren
Differential Revision: https://developer.blender.org/D2826
This is a Flamenco/Attract-style Manager object that's instantiated by
the PillarApplication. It can create Organizations and assign/remove
users.
Also I updated the Organization schema to reflect the currently desired
design.
NOTA BENE: this does not include any security/authorisation checks on Eve's
organizations collection.
