mirror of
https://expo.survex.com/repositories/troggle/.git
synced 2024-11-25 16:51:54 +00:00
Better error message with permissions problems
This commit is contained in:
parent
d29f3030a4
commit
ccd386ff4e
@ -30,7 +30,7 @@ print(" * importing troggle/localsettings.py")
|
|||||||
|
|
||||||
SECRET_KEY = "real-SECRET_KEY--imported-from-localsettings.py"
|
SECRET_KEY = "real-SECRET_KEY--imported-from-localsettings.py"
|
||||||
EXPOUSERPASS = "nnn:gggggg - real-expo-password---imported-from-localsettings.py"
|
EXPOUSERPASS = "nnn:gggggg - real-expo-password---imported-from-localsettings.py"
|
||||||
EXPOADMINUSERPASS = "gggggg:nnn" #- real-expo-password---imported-from-localsettings.py"
|
EXPOADMINUSERPASS = "gggggg:nnn - real-expo-password---imported-from-localsettings.py"
|
||||||
EMAIL_HOST_PASSWORD = "real-email-password---imported-from-localsettings.py"
|
EMAIL_HOST_PASSWORD = "real-email-password---imported-from-localsettings.py"
|
||||||
|
|
||||||
EXPOFILESREMOTE = True # if True, then re-routes urls in expofiles to remote sever. Tests are then less accurate.
|
EXPOFILESREMOTE = True # if True, then re-routes urls in expofiles to remote sever. Tests are then less accurate.
|
||||||
|
10
pre-push.sh
10
pre-push.sh
@ -1,10 +1,17 @@
|
|||||||
#! /bin/sh
|
#! /bin/sh
|
||||||
# create and sanitise files for pushing to repo
|
# create and sanitise files for pushing to repo
|
||||||
# catatrophically forgot to sanitize localsettingsWSL.py - oops.
|
# catatrophically forgot to sanitize localsettingsWSL.py - oops.
|
||||||
# Philip Sargent 2021/10/23
|
|
||||||
|
#Make sure you have the WSL permissions system working, or you will push unsanitized files as this will fail
|
||||||
|
# Philip Sargent 2022/04/12
|
||||||
echo deprecations.
|
echo deprecations.
|
||||||
python -Wall manage.py check -v 3 2>deprecations.txt >/dev/null
|
python -Wall manage.py check -v 3 2>deprecations.txt >/dev/null
|
||||||
echo diffsettings.
|
echo diffsettings.
|
||||||
|
rm diffsettings.txt
|
||||||
|
if test -f "diffsettings.txt"; then
|
||||||
|
echo "diffsettings.txt not deleted. You have a serious permissions problem. Aborting.."
|
||||||
|
exit
|
||||||
|
fi
|
||||||
python manage.py diffsettings | grep "###" > diffsettings.txt
|
python manage.py diffsettings | grep "###" > diffsettings.txt
|
||||||
echo pip freeze.
|
echo pip freeze.
|
||||||
pip freeze > requirements.txt
|
pip freeze > requirements.txt
|
||||||
@ -30,6 +37,7 @@ sed -i '/SECRET_KEY/ s/^.*$/SECRET_KEY = "real-SECRET_KEY--imported-from-localse
|
|||||||
sed -i '/SECRET_KEY/ s/^.*$/SECRET_KEY = "real-SECRET_KEY--imported-from-localsettings.py"/' localsettingsWSL.py
|
sed -i '/SECRET_KEY/ s/^.*$/SECRET_KEY = "real-SECRET_KEY--imported-from-localsettings.py"/' localsettingsWSL.py
|
||||||
echo " reset: SECRET_KEY = \"real-SECRET_KEY--imported-from-localsettings.py\""
|
echo " reset: SECRET_KEY = \"real-SECRET_KEY--imported-from-localsettings.py\""
|
||||||
|
|
||||||
|
mv _deploy/wsl/localsettingsWSL.py _deploy/wsl/localsettingsWSL.py.bak
|
||||||
mv localsettingsWSL.py _deploy/wsl
|
mv localsettingsWSL.py _deploy/wsl
|
||||||
#
|
#
|
||||||
# Do these before final testing, *not* just before pushing:
|
# Do these before final testing, *not* just before pushing:
|
||||||
|
@ -2,8 +2,9 @@ System check identified some issues:
|
|||||||
|
|
||||||
WARNINGS:
|
WARNINGS:
|
||||||
?: (security.W001) You do not have 'django.middleware.security.SecurityMiddleware' in your MIDDLEWARE so the SECURE_HSTS_SECONDS, SECURE_CONTENT_TYPE_NOSNIFF, SECURE_BROWSER_XSS_FILTER, SECURE_REFERRER_POLICY, and SECURE_SSL_REDIRECT settings will have no effect.
|
?: (security.W001) You do not have 'django.middleware.security.SecurityMiddleware' in your MIDDLEWARE so the SECURE_HSTS_SECONDS, SECURE_CONTENT_TYPE_NOSNIFF, SECURE_BROWSER_XSS_FILTER, SECURE_REFERRER_POLICY, and SECURE_SSL_REDIRECT settings will have no effect.
|
||||||
|
?: (security.W009) Your SECRET_KEY has less than 50 characters, less than 5 unique characters, or it's prefixed with 'django-insecure-' indicating that it was generated automatically by Django. Please generate a long and random SECRET_KEY, otherwise many of Django's security-critical features will be vulnerable to attack.
|
||||||
?: (security.W012) SESSION_COOKIE_SECURE is not set to True. Using a secure-only session cookie makes it more difficult for network traffic sniffers to hijack user sessions.
|
?: (security.W012) SESSION_COOKIE_SECURE is not set to True. Using a secure-only session cookie makes it more difficult for network traffic sniffers to hijack user sessions.
|
||||||
?: (security.W016) You have 'django.middleware.csrf.CsrfViewMiddleware' in your MIDDLEWARE, but you have not set CSRF_COOKIE_SECURE to True. Using a secure-only CSRF cookie makes it more difficult for network traffic sniffers to steal the CSRF token.
|
?: (security.W016) You have 'django.middleware.csrf.CsrfViewMiddleware' in your MIDDLEWARE, but you have not set CSRF_COOKIE_SECURE to True. Using a secure-only CSRF cookie makes it more difficult for network traffic sniffers to steal the CSRF token.
|
||||||
?: (security.W018) You should not have DEBUG set to True in deployment.
|
?: (security.W018) You should not have DEBUG set to True in deployment.
|
||||||
|
|
||||||
System check identified 4 issues (0 silenced).
|
System check identified 5 issues (0 silenced).
|
||||||
|
Loading…
Reference in New Issue
Block a user