lock again

domdinicola · domdinicola · commit 6e00fac1b106 · 2024-11-01T01:30:15.000+01:00
diff --git a/src/donor_reporting_portal/__init__.py b/src/donor_reporting_portal/__init__.py
@@ -1,2 +1,2 @@
 NAME = "donor-reporting-portal"
-VERSION = __version__ = "2.3.0"
+VERSION = __version__ = "2.3.1"
diff --git a/src/donor_reporting_portal/apps/core/backends.py b/src/donor_reporting_portal/apps/core/backends.py
@@ -1,5 +1,8 @@
 from django.contrib.auth.backends import ModelBackend
 
+from anymail.backends.mailjet import EmailBackend as MailjetEmailBackend
+from unicef_notification.backends import EmailBackend as UNICEFEmailBackend
+
 from donor_reporting_portal.apps.report_metadata.models import Donor
 from donor_reporting_portal.apps.roles.models import UserRole
 
@@ -33,3 +36,7 @@ def has_perm(self, user_obj, perm, context_obj):
         else:
             return set()
         return perm in {f"{app_label}.{perm_name}" for app_label, perm_name in perms}
+
+
+class EmailBackend(MailjetEmailBackend, UNICEFEmailBackend):
+    pass
diff --git a/src/donor_reporting_portal/config/fragments/__init__.py b/src/donor_reporting_portal/config/fragments/__init__.py
@@ -0,0 +1,13 @@
+from .cache import *  # noqa
+from .celery import *  # noqa
+from .cors import *  # noqa
+from .drp import *  # noqa
+from .email import *  # noqa
+from .impersonate import *  # noqa
+from .insight import *  # noqa
+from .jwt import *  # noqa
+from .logging import *  # noqa
+from .matomo import *  # noqa
+from .rest import *  # noqa
+from .sentry import *  # noqa
+from .social_auth import *  # noqa
diff --git a/src/donor_reporting_portal/config/fragments/cache.py b/src/donor_reporting_portal/config/fragments/cache.py
@@ -0,0 +1,8 @@
+from ..settings import env
+
+CACHES = {
+    "default": {
+        "BACKEND": "redis_cache.RedisCache",
+        "LOCATION": env("REDIS_URL", default="redis://localhost:6379/0"),
+    }
+}
diff --git a/src/donor_reporting_portal/config/fragments/celery.py b/src/donor_reporting_portal/config/fragments/celery.py
@@ -0,0 +1,17 @@
+from ..settings import env
+
+CELERY_ACCEPT_CONTENT = ["pickle", "json", "application/text"]
+CELERY_BROKER_URL = env("REDIS_URL", default="redis://localhost:6379/0")
+CELERY_BROKER_VISIBILITY_VAR = env("CELERY_VISIBILITY_TIMEOUT", default=1800)  # in seconds
+CELERY_BROKER_TRANSPORT_OPTIONS = {"visibility_timeout": int(CELERY_BROKER_VISIBILITY_VAR)}
+CELERY_RESULT_BACKEND = "django-db"
+CELERY_BEAT_SCHEDULER = "django_celery_beat.schedulers.DatabaseScheduler"
+# Sensible settings for celery
+CELERY_TASK_ALWAYS_EAGER = env("CELERY_TASK_ALWAYS_EAGER", default=False)
+CELERY_TASK_ACKS_LATE = True
+CELERY_TASK_PUBLISH_RETRY = True
+CELERY_WORKER_DISABLE_RATE_LIMITS = False
+CELERY_TASK_IGNORE_RESULT = True
+CELERY_SEND_TASK_ERROR_EMAILS = False
+CELERY_RESULT_EXPIRES = 600
+CELERY_WORKER_PREFETCH_MULTIPLIER = 1
diff --git a/src/donor_reporting_portal/config/fragments/cors.py b/src/donor_reporting_portal/config/fragments/cors.py
@@ -0,0 +1,3 @@
+from ..settings import env
+
+CORS_ORIGIN_ALLOW_ALL = env("CORS_ORIGIN_ALLOW_ALL", default=False)
diff --git a/src/donor_reporting_portal/config/fragments/drp.py b/src/donor_reporting_portal/config/fragments/drp.py
@@ -0,0 +1,14 @@
+from ..settings import env
+
+DRP_SOURCE_IDS = {
+    "internal": env("DRP_SOURCE_ID_INTERNAL", default=None),
+    "external": env("DRP_SOURCE_ID_EXTERNAL", default=None),
+    "pool_internal": env("DRP_SOURCE_ID_POOL_INTERNAL", default=None),
+    "pool_external": env("DRP_SOURCE_ID_POOL_EXTERNAL", default=None),
+    "thematic_internal": env("DRP_SOURCE_ID_THEMATIC_INTERNAL", default=None),
+    "thematic_external": env("DRP_SOURCE_ID_THEMATIC_EXTERNAL", default=None),
+    "gavi": env("DRP_SOURCE_ID_GAVI", default=None),
+    "gavi_soa": env("DRP_SOURCE_ID_GAVI_SOA", default=None),
+}
+
+GAVI_DONOR_CODE = "I49928"
diff --git a/src/donor_reporting_portal/config/fragments/email.py b/src/donor_reporting_portal/config/fragments/email.py
@@ -0,0 +1,22 @@
+from ..settings import env
+
+DEFAULT_FROM_EMAIL = "donor_reporting_portal@mail.unicef.org"
+EMAIL_BACKEND = "unicef_notification.backends.EmailBackend"
+# EMAIL_BACKEND = "donor_reporting_portal.apps.core.backends.EmailBackend"
+
+EMAIL_HOST = env("EMAIL_HOST", default="")
+EMAIL_HOST_USER = env("EMAIL_HOST_USER", default="")
+EMAIL_HOST_PASSWORD = env("EMAIL_HOST_PASSWORD", default="")
+EMAIL_PORT = env("EMAIL_PORT", default=25)
+EMAIL_USE_TLS = env("EMAIL_USE_TLS", default=False)
+EMAIL_USE_SSL = env("EMAIL_USE_SSL", default=False)
+
+ANYMAIL = {
+    "MAILJET_API_KEY": env("MAILJET_API_KEY"),
+    "MAILJET_SECRET_KEY": env("MAILJET_SECRET_KEY"),
+}
+
+POST_OFFICE = {
+    "DEFAULT_PRIORITY": "now",
+    "BACKENDS": {"default": "djcelery_email.backends.CeleryEmailBackend"},
+}
diff --git a/src/donor_reporting_portal/config/fragments/impersonate.py b/src/donor_reporting_portal/config/fragments/impersonate.py
@@ -0,0 +1,5 @@
+IMPERSONATE = {
+    "PAGINATE_COUNT": 50,
+    "REQUIRE_SUPERUSER": True,
+    "CUSTOM_USER_QUERYSET": "donor_reporting_portal.libs.impersonate.queryset",
+}
diff --git a/src/donor_reporting_portal/config/fragments/insight.py b/src/donor_reporting_portal/config/fragments/insight.py
@@ -0,0 +1,5 @@
+from ..settings import env
+
+INSIGHT_URL = env.str("INSIGHT_URL", "http://invalid_vision_url")
+INSIGHT_LOGGER_MODEL = "vision.VisionLog"
+INSIGHT_SUB_KEY = env.str("INSIGHT_SUB_KEY", "invalid_vision_password")
diff --git a/src/donor_reporting_portal/config/fragments/jwt.py b/src/donor_reporting_portal/config/fragments/jwt.py
@@ -0,0 +1,22 @@
+import datetime
+
+from ..settings import env
+
+JWT_AUTH = {
+    "JWT_VERIFY": False,  # this requires private key
+    "JWT_VERIFY_EXPIRATION": True,
+    "JWT_LEEWAY": 60,
+    "JWT_EXPIRATION_DELTA": datetime.timedelta(seconds=30000),
+    "JWT_AUDIENCE": None,
+    "JWT_ISSUER": None,
+    "JWT_ALLOW_REFRESH": False,
+    "JWT_REFRESH_EXPIRATION_DELTA": datetime.timedelta(days=7),
+    "JWT_AUTH_HEADER_PREFIX": "JWT",
+    "JWT_SECRET_KEY": env("SECRET_KEY"),
+    "JWT_DECODE_HANDLER": "rest_framework_jwt.utils.jwt_decode_handler",
+    # Keys will be set in core.apps.Config.ready()
+    "JWT_PUBLIC_KEY": "?",
+    # 'JWT_PRIVATE_KEY': wallet.get_private(),
+    # 'JWT_PRIVATE_KEY': None,
+    "JWT_ALGORITHM": "RS256",
+}
diff --git a/src/donor_reporting_portal/config/fragments/logging.py b/src/donor_reporting_portal/config/fragments/logging.py
@@ -0,0 +1,11 @@
+LOGGING = {
+    "version": 1,
+    "disable_existing_loggers": False,
+    "handlers": {
+        "console": {"class": "logging.StreamHandler", "level": "INFO"},
+    },
+    "root": {
+        "handlers": ["console"],
+        "level": "WARNING",
+    },
+}
diff --git a/src/donor_reporting_portal/config/fragments/matomo.py b/src/donor_reporting_portal/config/fragments/matomo.py
@@ -0,0 +1,4 @@
+from ..settings import env
+
+MATOMO_SITE_TRACKER = env("MATOMO_SITE_TRACKER", default="https://unisitetracker.unicef.io/")
+MATOMO_SITE_ID = env("MATOMO_SITE_ID", default=None)
diff --git a/src/donor_reporting_portal/config/fragments/rest.py b/src/donor_reporting_portal/config/fragments/rest.py
@@ -0,0 +1,5 @@
+REST_FRAMEWORK = {
+    "DEFAULT_PERMISSION_CLASSES": [
+        "rest_framework.permissions.IsAuthenticated",
+    ],
+}
diff --git a/src/donor_reporting_portal/config/fragments/sentry.py b/src/donor_reporting_portal/config/fragments/sentry.py
@@ -0,0 +1,15 @@
+import sentry_sdk
+from sentry_sdk.integrations.celery import CeleryIntegration
+from sentry_sdk.integrations.django import DjangoIntegration
+
+from ..settings import env
+
+SENTRY_DSN = env("SENTRY_DSN", default=None)  # noqa: F405
+
+if SENTRY_DSN:  # pragma: no cover
+    sentry_sdk.init(
+        dsn=SENTRY_DSN,
+        # by default this is False, must be set to True so the library attaches the request data to the event
+        send_default_pii=True,
+        integrations=[DjangoIntegration(), CeleryIntegration()],
+    )
diff --git a/src/donor_reporting_portal/config/fragments/social_auth.py b/src/donor_reporting_portal/config/fragments/social_auth.py
@@ -0,0 +1,29 @@
+from ..settings import env
+
+KEY = SOCIAL_AUTH_KEY = env("AZURE_B2C_CLIENT_ID", default=None)
+SOCIAL_AUTH_SECRET = env("AZURE_B2C_CLIENT_SECRET", default=None)
+SOCIAL_AUTH_TENANT_NAME = env("TENANT_NAME", default="unicefpartners")
+SOCIAL_AUTH_TENANT_ID = f"{SOCIAL_AUTH_TENANT_NAME}.onmicrosoft.com"
+SOCIAL_AUTH_TENANT_B2C_URL = f"{SOCIAL_AUTH_TENANT_NAME}.b2clogin.com"
+
+SOCIAL_AUTH_URL_NAMESPACE = "social"
+SOCIAL_AUTH_SANITIZE_REDIRECTS = False
+SOCIAL_AUTH_JSONFIELD_ENABLED = True
+SOCIAL_AUTH_POLICY = env("AZURE_B2C_POLICY_NAME", default="B2C_1_UNICEF_SOCIAL_signup_signin")
+SOCIAL_AUTH_USER_MODEL = "core.User"
+
+SOCIAL_AUTH_PIPELINE = (
+    "unicef_security.pipeline.social_details",
+    "social_core.pipeline.social_auth.social_uid",
+    "social_core.pipeline.social_auth.auth_allowed",
+    "social_core.pipeline.social_auth.social_user",
+    "social_core.pipeline.user.get_username",
+    "social_core.pipeline.social_auth.associate_by_email",
+    "unicef_security.pipeline.create_unicef_user",
+    "social_core.pipeline.social_auth.associate_user",
+    "social_core.pipeline.social_auth.load_extra_data",
+    "social_core.pipeline.user.user_details",
+)
+
+USER_FIELDS = ["username", "email", "first_name", "last_name"]
+USERNAME_IS_FULL_EMAIL = True
diff --git a/src/donor_reporting_portal/config/settings.py b/src/donor_reporting_portal/config/settings.py

Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,2 @@`
`1`	`1`	`NAME = "donor-reporting-portal"`
`2`		`-VERSION = __version__ = "2.3.0"`
	`2`	`+VERSION = __version__ = "2.3.1"`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+from ..settings import env`
	`2`	`+`
	`3`	`+CORS_ORIGIN_ALLOW_ALL = env("CORS_ORIGIN_ALLOW_ALL", default=False)`