This should work around a bug in Celery where long Celery tasks would
time out and be re-queued, causing an infinite loop.
See https://github.com/celery/celery/issues/3430 for more info.
Synchronisation is performed in the background by the Celery Beat, every
10 minutes. It has a time limit of 9 minutes to prevent multiple refresh
tasks from running at the same time.
Synchronisation is also possible with the `manage.py badges sync` CLI
command, which can sync either a single user or all users.
This partially reverts commit c57aefd48b10ca3cabc9df162bc32efa62a6a21e.
The code to check against hashed tokens remains, because existing tokens
should still work.
The unhashed tokens are necessary for fetching badges from Blender ID.
String concatenation is bound to mess up; in this case it was producing
double slashes instead of single ones when `BLENDER_ID_ENDPOINT` ends in
a slash. Since URLs generally end in a slash, this should be supported.
Now BLENDER_ID_ENDPOINT is used for the Blender ID OAuth config,
and it's directly accessed when building requests for Blender ID token
validation (without using utility functions).
By default CSRF protection is disabled for all views, since most
web endpoints and all API endpoints do not need it.
On the views that require it, we use the
current_app.csrf.protect() method.
Static files are now served with an 8-character hash before the last
extension. For example, `tutti.min.js` is now served as
`tutti.min.abcd1234.js`. When doing a request the hash is removed before
serving the static file.
The hash must be 8 characters long, and is taken from STATIC_FILE_HASH.
It is up to the deployment to change this configuration variable
whenever static files change. This forces browsers that download newly
deployed HTML to also refresh the dependencies (most importantly
JS/CSS).
For this to work, the URL must be built with `url_for('static_xxx',
filename='/path/to/file')`. The 'static' module still returns regular,
hashless URLs.
Upon IOError or OSError (which includes SMTP protocol errors) the mail
sending task is retried after MAIL_RETRY seconds. It is retried three
times (default setting of Celery) only.
Both 'video-encoder' and 'admin' roles get 'encode-video' capability,
which allows users to upload video that gets encoded & displayed as a
video. For users without this capability videos are handled as regular
downloads.
Note that pillar/bugsnag_extra.py still exists; I'm keeping it around for
a while until we know what info we miss in Sentry, can port it, and then
remove/refactor it.
Added this button in the /u/ user/embed view, so that admins can easily force a re-check from Blender ID without requiring the user themselves to perform any actions.
Instead of performing a call to the Blender Store, call to Blender ID to
get the user's subscription status.
Currently this is performed as a second HTTP call after logging in; in the
future we may want to include the roles in the login response from Blender
ID, so that we can do this in one call instead of two.
- Include release stage, which should be 'production' or 'development',
and gets postfixed by '-debug' when running in debug mode.
- Properly logging remote IP address when proxied through HAProxy;
- Log user ID, email, username, roles, and capabilities;
- Remove authentication tokens from logged session;
- Log request data and JSON separately.
- Added request endpoint.
User experience
===============
For users it means we can provide localized web-sites to enrich their
overall experiences.
Although for the Blender Cloud this doesn't make much sense (since the
content is in English), Flamenco and Attract can really benefit from
this.
New configuration settings
==========================
There are two new parameters in config.py:
* DEFAULT_LOCALE='en_US'
* SUPPORT_ENGLISH=True
They are both properly documented in the `config.py` file.
Technicall details
==================
We are using the 'Accept-Languages' header to match the
available translations with the user supported languages.
If an extension has a `translations` folder, it's used for translations.
However the main application (e.g., Blender Cloud) is the one that
determines the supported languages based on its `languages` folder.
How to mark strings for translation
===================================
See the documentation in README.md.
But as an example, 404.pug and pillar/__init__.py::handle_sdk_resource_invalid
have marked up strings that will be extracted once you install pillar,
or run any of the translations commangs.
Remember to **gulp** after you update the template files.
How to setup translations
=========================
You will need to create translation for the main project, and for each
extension that you want to see translated. I added a new entry-point to
the installation of Pillar.
So all you need is to use the `translations`
script to initialize, update and compile your translations.
Pending tasks
=============
Aside from marking more strings for extraction and start the translation
effort it would be interesting to replace the pretty_date routine with
momentjs.
Acknowledgement
===============
Many thanks for Sybren Stüvel for the suggestions and throughout code
review. Thanks also to Francesco Siddi for the original documentation
and suggesting me to tackle this. And Kudos for Pablo Vazquez for the
motivational support and for the upcoming "strings mark up" task force!
The core of the implementation is based on Miguel Grinberg i18n chapter
of his great 'The Mega Flask Tutorial'.
Reviewers: sybren
Differential Revision: https://developer.blender.org/D2826
Also added SERVER_NAME in config_testing and pre-populated the keys of OAUTH_CREDENTIALS, since the implementation of providers is part of the application.
