diff --git a/core/models.py b/core/models.py
index 9fa7cec..8082d6e 100644
--- a/core/models.py
+++ b/core/models.py
@@ -25,10 +25,15 @@ import troggle.core.models_survex
"""This file declares TroggleModel which inherits from django.db.models.Model
All TroggleModel subclasses inherit persistence in the django relational database. This is known as
-the django Object Relkational Mapping (ORM).
+the django Object Relational Mapping (ORM).
There are more subclasses define in models_caves.py models_survex.py etc.
"""
+# This variable is a dictionary holding gloablly visible indexes and cache functions.
+# It is a Global Object, see https://python-patterns.guide/python/module-globals/
+# troggle.models.TROG
+TROG = {}
+
def get_process_memory():
usage=resource.getrusage(resource.RUSAGE_SELF)
return usage[2]/1024.0
diff --git a/core/views/other.py b/core/views/other.py
index 1985096..4f53ead 100644
--- a/core/views/other.py
+++ b/core/views/other.py
@@ -14,7 +14,7 @@ from troggle.core.models_caves import LogbookEntry, QM, Cave, PersonTrip
from .login import login_required_if_public
from troggle.core.forms import UploadFileForm
-print("** importing troggle/core/views.other.py")
+print("** importing troggle/core/views/other.py")
"""Utility functions and code to serve the control panel and individual user's
progress and task list (deprecated as we do not have individual user login).
@@ -140,7 +140,7 @@ def ajax_QM_number(request):
return HttpResponse(res)
-print(" - newFile() is next in troggle/core/views.other.py")
+#print(" - newFile() is next in troggle/core/views/other.py")
@login_required_if_public
def newFile(request, pslug = None):
@@ -194,4 +194,4 @@ def delFile(f):
lbe.delete()
os.remove(lbe.filename)
-print("** Finished importing troggle/core/views.other.py")
\ No newline at end of file
+print("** Finished importing troggle/core/views/other.py")
\ No newline at end of file
diff --git a/core/views/statistics.py b/core/views/statistics.py
index 9d5cd16..1f11bed 100644
--- a/core/views/statistics.py
+++ b/core/views/statistics.py
@@ -61,7 +61,7 @@ def pathsreport(request):
pathstype = {
# "BOGUS" : type(settings.BOGUS),
"JSLIB_URL" : type(settings.JSLIB_URL),
- "JSLIB_ROOT" : str( settings.JSLIB_ROOT),
+ "JSLIB_ROOT" : type( settings.JSLIB_ROOT),
# "CSSLIB_URL" : type(settings.CSSLIB_URL),
"CAVEDESCRIPTIONS" : type(settings.CAVEDESCRIPTIONS),
"DIR_ROOT" : type(settings.DIR_ROOT),
diff --git a/debian/wookey-exposerver-recipe.txt b/debian/wookey-exposerver-recipe.txt
new file mode 100644
index 0000000..f548060
--- /dev/null
+++ b/debian/wookey-exposerver-recipe.txt
@@ -0,0 +1,84 @@
+adduser expo
+apt install openssh-server mosh tmux mc zile emacs-nox mc most ncdu
+apt install python-django apache2 mysql-server survex make rsync
+apt install libjs-openlayers make
+apt install git mercurial mercurial-server?
+
+for boe:
+apt install libcgi-session-perl libcrypt-passwdmd5-perl libfile-slurp-perl libgit-wrapper-perl libhtml-template-perl libhtml-template-pro-perl libmime-lite-perl libtext-password-pronounceable-perl libtime-parsedate-perl libuuid-tiny-perl libcrypt-cracklib-perl
+
+apt install ufraw for PEF image decoding.
+sudo apt install python-django python-django-registration e fonts-freefont-ttf libapache2-mod-wsgi python3-gdbm
+# sudo apt install python-django-imagekit python-django-tinymc
+
+obsolete-packages: bins (move to jigl?)
+ older python-django?
+backports: survex therion
+not-packaged: caveview
+
+
+make these dirs available at top documentroot:
+cuccfiles
+expofiles
+loser
+tunneldata
+troggle
+expoweb
+boc/boe
+
+config
+containing:
+
+setup apache configs for cucc and expo
+#disable default website
+a2dissite 000-default
+a2ensite cucc
+a2ensite expo
+a2enmod cgid
+
+
+Boe config:
+Alias /boe /home/expo/boe/boc/boc.pl
+
+ AddHandler cgi-script .pl
+ SetHandler cgi-script
+ Options +ExecCGI
+ Require all granted
+
+And remember to set both program and data dir to be
+www-data:www-data
+(optionally make file group read/write by treasurer account)
+create empty repo by clicking create in boe interface
+then set names in 'settings'
+
+Set up mysql (as root)
+mysql -p
+CREATE DATABASE troggle;
+GRANT ALL PRIVILEGES ON troggle.* TO 'expo'@'localhost' IDENTIFIED BY 'somepassword';
+
+install django:
+sudo apt install python-django python-django-registration python-django-imagekit python-django-tinymce fonts-freefont-ttf libapache2-mod-wsgi
+
+python-django-imagekit comes from https://salsa.debian.org/python-team/modules/python-django-imagekit
+python-django-tinymce comes from https://salsa.debian.org/python-team/modules/python-django-tinymce
+
+need fonts-freefont-ttf (to have truetype freesans available for troggle via PIL)
+need libapache2-mod-wsgi for apache wsgi support.
+
+On stretch the django 1.10 is no use so get rid of that:
+apt remove python3-django python-django python-django-common python-django-doc
+
+Then replace with django 1.7 (Needs to be built for stretch)
+apt install python-django python-django-common python-django-doc
+apt install python-django-registration python-django-imagekit python-django-tinymce
+
+then hold them to stop them being upgraded by unattended upgrades:
+echo "python-django hold" | sudo dpkg --set-selections
+echo "python-django-common hold" | sudo dpkg --set-selections
+echo "python-django-doc hold" | sudo dpkg --set-selections
+
+Optimizing server
+I've tweaked the apache and mysql settings to make them a bit more suitable for a small machine. Seems to have shaved 200MB or so off the idling footprint.
+https://www.narga.net/optimizing-apachephpmysql-low-memory-server/
+
+(just discovered 'ab' for running apache performance tests - handy).
diff --git a/docker/README.md b/docker/README.md
index 86028fd..25ce966 100644
--- a/docker/README.md
+++ b/docker/README.md
@@ -1,5 +1,8 @@
# Running troggle on Docker
+These notes written by Sam Wenham in Feb., 2019.
+These all pre-date the move to python3, later versions of Django (1.11.+) and debian.
+
## Install
First you need to install
- [docker-ce](https://docs.docker.com/install/)
diff --git a/parsers/caves.py b/parsers/caves.py
index ced0aea..bfb51d6 100644
--- a/parsers/caves.py
+++ b/parsers/caves.py
@@ -48,7 +48,7 @@ def readcaves():
try: # Now create a slug ID
cs = models_caves.CaveSlug.objects.update_or_create(cave = cave,
- slug = "PENDING-" + k,
+ slug = "TEMP-" + k,
primary = False)
except:
message = " ! {:11s} {} PENDING cave slug create failure".format(k)
diff --git a/security-warnings.txt b/security-warnings.txt
index 4b489c0..6c90561 100644
--- a/security-warnings.txt
+++ b/security-warnings.txt
@@ -1,10 +1,10 @@
System check identified some issues:
WARNINGS:
-?: (security.W001) You do not have 'django.middleware.security.SecurityMiddleware' in your MIDDLEWARE_CLASSES so the SECURE_HSTS_SECONDS, SECURE_CONTENT_TYPE_NOSNIFF, SECURE_BROWSER_XSS_FILTER, and SECURE_SSL_REDIRECT settings will have no effect.
-?: (security.W012) SESSION_COOKIE_SECURE is not set to True. Using a secure-only session cookie makes it more difficult for network traffic sniffers to hijack user sessions.
-?: (security.W016) You have 'django.middleware.csrf.CsrfViewMiddleware' in your MIDDLEWARE_CLASSES, but you have not set CSRF_COOKIE_SECURE to True. Using a secure-only CSRF cookie makes it more difficult for network traffic sniffers to steal the CSRF token.
+?: (security.W001) You do not have 'django.middleware.security.SecurityMiddleware' in your MIDDLEWARE so the SECURE_HSTS_SECONDS, SECURE_CONTENT_TYPE_NOSNIFF, SECURE_BROWSER_XSS_FILTER, and SECURE_SSL_REDIRECT settings will have no effect.
+?: (security.W002) You do not have 'django.middleware.clickjacking.XFrameOptionsMiddleware' in your MIDDLEWARE, so your pages will not be served with an 'x-frame-options' header. Unless there is a good reason for your site to be served in a frame, you should consider enabling this header to help prevent clickjacking attacks.
+?: (security.W003) You don't appear to be using Django's built-in cross-site request forgery protection via the middleware ('django.middleware.csrf.CsrfViewMiddleware' is not in your MIDDLEWARE). Enabling the middleware is the safest approach to ensure you don't leave any holes.
+?: (security.W010) You have 'django.contrib.sessions' in your INSTALLED_APPS, but you have not set SESSION_COOKIE_SECURE to True. Using a secure-only session cookie makes it more difficult for network traffic sniffers to hijack user sessions.
?: (security.W018) You should not have DEBUG set to True in deployment.
-?: (security.W019) You have 'django.middleware.clickjacking.XFrameOptionsMiddleware' in your MIDDLEWARE_CLASSES, but X_FRAME_OPTIONS is not set to 'DENY'. The default is 'SAMEORIGIN', but unless there is a good reason for your site to serve other parts of itself in a frame, you should change it to 'DENY'.
System check identified 5 issues (0 silenced).
diff --git a/settings.py b/settings.py
index f42e8eb..8c27be8 100644
--- a/settings.py
+++ b/settings.py
@@ -2,10 +2,10 @@
Django settings for troggle project.
For more information on this file, see
-https://docs.djangoproject.com/en/1.7/topics/settings/
+https://docs.djangoproject.com/en/dev/topics/settings/
For the full list of settings and their values, see
-https://docs.djangoproject.com/en/1.7/ref/settings/
+https://docs.djangoproject.com/en/dev/ref/settings/
"""
#Imports should be grouped in the following order:
diff --git a/urls.py b/urls.py
index d274bb1..505fa5d 100644
--- a/urls.py
+++ b/urls.py
@@ -120,6 +120,7 @@ trogglepatterns = [
url(r'^survexfile/(?P.*?)\.err$', survex.err),
url(r'^survexfile/caves/$', survex.survexcaveslist, name="survexcaveslist"),
+ url(r'^survexfile/caves$', survex.survexcaveslist, name="survexcaveslist"), # auto slash not working
url(r'^survexfile/(?P.*)$', survex.survexcavesingle, name="survexcavessingle"),
url(r'^survey_scans/$', surveys.surveyscansfolders, name="surveyscansfolders"),