xle/troggle-unchained
2
0
Fork 0
forked from expo/troggle
Code Issues 4 Pull Requests Projects 1 Wiki Activity

merged in proper CSRF changes from server

Browse Source
This commit is contained in:
Wookey 2013-07-02 20:23:55 +01:00
commit ecfa6b19a0
8 changed files with 58 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
core/views_survex.py
View File

@ -213,11 +213,6 @@ def err(request, survex_file):
def identifycavedircontents(gcavedir):
# find the primary survex file in each cave directory
# name is the directory, nf is the base name of the file we are currently trying
# primesvx is the 'controlling' .svx for this dir. This code currently wrongly assumes that every dir has one
# The in-scan exceptions are a bad idea.
# subsvx is all the svx files in this dir, with 'primesvx' listed first
# subdirs is sibdirs of the current dir.
name = os.path.split(gcavedir)[1]
subdirs = [ ]
subsvx = [ ]
@ -236,7 +231,7 @@ def identifycavedircontents(gcavedir):
elif f[-4:] == ".svx":
nf = f[:-4]
if nf.lower() == name.lower() or nf[:3] == "all" or (name, nf) in [("resurvey2005", "145-2005"),("cucc","142"),("cucc","cu115")]:
if nf.lower() == name.lower() or nf[:3] == "all" or (name, nf) in [("resurvey2005", "145-2005"), ("cucc", "cu115")]:
if primesvx:
if nf[:3] == "all":
assert primesvx[:3] != "all", (name, nf, primesvx, gcavedir, subsvx)
@ -247,14 +242,9 @@ def identifycavedircontents(gcavedir):
primesvx = nf
else:
subsvx.append(nf)
#else:
# This assert means that having a .ods file in the dir is fatal - that's not a good thing
# so commented out [W]
#assert re.match(".*?(?:.3d|.log|.err|.txt|.tmp|.diff|.e?spec|~)$", f), (gcavedir, f)
else:
assert re.match(".*?(?:.3d|.log|.err|.txt|.tmp|.diff|.e?spec|~)$", f), (gcavedir, f)
subsvx.sort()
#If this code fails then _no_ survey files are vieable.
#This assert means that any wierd file someone checks in to the dataset can make _everything_ unveiwable.
#If we don't grok it then just skip it.?
#assert primesvx, (gcavedir, subsvx)
if primesvx:
subsvx.insert(0, primesvx)

14
databaseReset.py
View File

@ -11,20 +11,20 @@ from django.core.urlresolvers import reverse
from core.models import Cave, Entrance
import flatpages.models
databasename=settings.DATABASES['default']['NAME']
def reload_db():
if settings.DATABASE_ENGINE == 'sqlite3':
if settings.DATABASES['default']['ENGINE'] == 'django.db.backends.sqlite3':
try:
os.remove(settings.DATABASE_NAME)
os.remove(databasename)
except OSError:
pass
else:
cursor = connection.cursor()
cursor.execute("DROP DATABASE %s" % settings.DATABASE_NAME)
cursor.execute("CREATE DATABASE %s" % settings.DATABASE_NAME)
cursor.execute("ALTER DATABASE %s CHARACTER SET=utf8" % settings.DATABASE_NAME)
cursor.execute("USE %s" % settings.DATABASE_NAME)
cursor.execute("DROP DATABASE %s" % databasename)
cursor.execute("CREATE DATABASE %s" % databasename)
cursor.execute("ALTER DATABASE %s CHARACTER SET=utf8" % databasename)
cursor.execute("USE %s" % databasename)
management.call_command('syncdb', interactive=False)
user = User.objects.create_user('expo', 'goatchurch@gmail.com', 'gosser')
user.is_staff = True

16
localsettingsserver.py
View File

@ -1,12 +1,16 @@
import sys
sys.path.append("/home/expo/troggle")
DATABASE_ENGINE = 'mysql' # 'postgresql_psycopg2', 'postgresql', 'mysql', 'sqlite3' or 'oracle'.
DATABASE_NAME = 'troggle' # Or path to database file if using sqlite3.
DATABASE_USER = 'undemocracy' # Not used with sqlite3.
DATABASE_PASSWORD = 'aiGohsh5' # Not used with sqlite3.
DATABASE_HOST = '' # Set to empty string for localhost. Not used with sqlite3.
DATABASE_PORT = '' # Set to empty string for default. Not used with sqlite3.
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql', # Add 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'.
'NAME': 'troggle', # Or path to database file if using sqlite3.
'USER': 'expo', # Not used with sqlite3.
'PASSWORD': 'gosser', # Not used with sqlite3.
'HOST': '', # Set to empty string for localhost. Not used with sqlite3.
'PORT': '', # Set to empty string for default. Not used with sqlite3.
}
}
REPOS_ROOT_PATH = '/home/expo/'
sys.path.append(REPOS_ROOT_PATH)

26
localsettingsubuntu.py
View File

@ -1,12 +1,16 @@
import sys
# link localsettings to this file for use on expo computer in austria
DATABASE_ENGINE = 'mysql' # 'postgresql_psycopg2', 'postgresql', 'mysql', 'sqlite3' or 'oracle'.
DATABASE_NAME = 'troggle' # Or path to database file if using sqlite3.
DATABASE_USER = 'expo' # Not used with sqlite3.
DATABASE_PASSWORD = 'gosser' # Not used with sqlite3.
DATABASE_HOST = '' # Set to empty string for localhost. Not used with sqlite3.
DATABASE_PORT = '' # Set to empty string for default. Not used with sqlite3.
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql', # Add 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'.
'NAME': 'troggle', # Or path to database file if using sqlite3.
'USER': 'expo', # Not used with sqlite3.
'PASSWORD': 'gosser', # Not used with sqlite3.
'HOST': '', # Set to empty string for localhost. Not used with sqlite3.
'PORT': '', # Set to empty string for default. Not used with sqlite3.
}
}
REPOS_ROOT_PATH = '/home/expo/expofiles/'
@ -21,12 +25,12 @@ TUNNEL_DATA = REPOS_ROOT_PATH + 'tunneldata/'
CAVERN = 'cavern'
THREEDTOPOS = '3dtopos'
EXPOWEB = REPOS_ROOT_PATH + 'expoweb/'
SURVEYS = '/home/expo/'
SURVEYS = REPOS_ROOT_PATH
SURVEY_SCANS = REPOS_ROOT_PATH + 'expoimages/'
FILES = REPOS_ROOT_PATH + 'expoimages'
PYTHON_PATH = '/home/expo/expofiles/troggle/'
PYTHON_PATH = REPOS_ROOT_PATH + 'hg/troggle/'
#URL_ROOT = 'http://127.0.0.1:8000'
URL_ROOT = "http://expoweb/"
@ -36,17 +40,17 @@ EXPOWEB_URL = '/'
SURVEYS_URL = '/survey_scans/'
MEDIA_URL = URL_ROOT + DIR_ROOT + '/site_media/'
MEDIA_ROOT = '/home/expo/expofiles/troggle/media/'
MEDIA_ROOT = REPOS_ROOT_PATH + '/troggle/media/'
MEDIA_ADMIN_DIR = '/usr/lib/python2.4/site-packages/django/contrib/admin/media/'
TINY_MCE_MEDIA_ROOT = '/usr/share/tinymce/www/'
TINY_MCE_MEDIA_URL = URL_ROOT + DIR_ROOT + '/tinymce_media/'
TEMPLATE_DIRS = (
"/home/expo/expofiles/troggle/templates",
PYTHON_PATH + "templates",
# Put strings here, like "/home/html/django_templates" or "C:/www/django/templates".
# Always use forward slashes, even on Windows.
# Don't forget to use absolute paths, not relative paths.
)
LOGFILE = '/home/expo/expofiles/troggle/parsing_log.txt'
LOGFILE = PYTHON_PATH + 'parsing_log.txt'

16
localsettingswindows.py
View File

@ -1,9 +1,13 @@
DATABASE_ENGINE = '' # 'postgresql_psycopg2', 'postgresql', 'mysql', 'sqlite3' or 'oracle'.
DATABASE_NAME = '' # Or path to database file if using sqlite3.
DATABASE_USER = '' # Not used with sqlite3.
DATABASE_PASSWORD = '' # Not used with sqlite3.
DATABASE_HOST = '' # Set to empty string for localhost. Not used with sqlite3.
DATABASE_PORT = '' # Set to empty string for default. Not used with sqlite3.
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql', # Add 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'.
'NAME': 'troggle', # Or path to database file if using sqlite3.
'USER': 'expo', # Not used with sqlite3.
'PASSWORD': 'gosser', # Not used with sqlite3.
'HOST': '', # Set to empty string for localhost. Not used with sqlite3.
'PORT': '', # Set to empty string for default. Not used with sqlite3.
}
}
SURVEX_DATA = 'c:\\Expo\\loser\\'
CAVERN = 'cavern'

13
registration/forms.py
View File

@ -15,15 +15,15 @@ from registration.models import RegistrationProfile
# on them with CSS or JavaScript if they have a class of "required"
# in the HTML. Your mileage may vary. If/when Django ticket #3515
# lands in trunk, this will no longer be necessary.
attrs_dict = { 'class': 'required' }
# This was fixed in 2007, so I guess we don't need this any more. [W]
#attrs_dict = { 'class': 'required' }
class RegistrationForm(forms.Form):
"""
Form for registering a new user account.
Validates that the requested username is not already in use, and
requires the password to be entered twice to catch typos.
Validates that the requested username is not already in use.
Subclasses should feel free to add any additional validation they
need, but should either preserve the base ``save()`` or implement
@ -39,8 +39,7 @@ class RegistrationForm(forms.Form):
label=_(u'email address'))
password1 = forms.CharField(widget=forms.PasswordInput(attrs=attrs_dict, render_value=False),
label=_(u'password'))
password2 = forms.CharField(widget=forms.PasswordInput(attrs=attrs_dict, render_value=False),
label=_(u'password (again)'))
def clean_username(self):
"""
@ -62,9 +61,7 @@ class RegistrationForm(forms.Form):
field.
"""
if 'password1' in self.cleaned_data and 'password2' in self.cleaned_data:
if self.cleaned_data['password1'] != self.cleaned_data['password2']:
raise forms.ValidationError(_(u'You must type the same password each time'))
if 'password1' in self.cleaned_data:
if len(self.cleaned_data['password1']) < 6:
raise forms.ValidationError(_(u'Your password must be at least 6 characters'))
return self.cleaned_data

18
registration/views.py
View File

@ -7,12 +7,13 @@ from django.contrib.auth import authenticate
from django.conf import settings
from django.core.urlresolvers import reverse
from django.core.context_processors import csrf
from django.http import HttpResponseRedirect
from django.shortcuts import render_to_response
from django.template import RequestContext
from django.contrib.auth import login
#Add CSRF protection:
from django.core.context_processors import csrf
from django.shortcuts import render_to_response
from registration.forms import RegistrationForm
from registration.models import RegistrationProfile
@ -69,7 +70,6 @@ def activate(request, activation_key,
c = {}
c.update(csrf(request))
activation_key = activation_key.lower() # Normalize before trying anything with it.
account = RegistrationProfile.objects.activate_user(activation_key)
try:
@ -81,11 +81,10 @@ def activate(request, activation_key,
context = RequestContext(request)
for key, value in extra_context.items():
context[key] = callable(value) and value() or value
# merge local settings dict with csrf token dict and render. (could use render()from django 1.34 onwards)
return render_to_response(template_name,
c.update({ 'account': account,
'expiration_days': settings.ACCOUNT_ACTIVATION_DAYS, 'settings':settings, }),
context_instance=context)
{ 'account': account,
'expiration_days': settings.ACCOUNT_ACTIVATION_DAYS, 'settings':settings},
context_instance=context, c)
def register(request, success_url=None,
@ -168,7 +167,6 @@ def register(request, success_url=None,
context = RequestContext(request)
for key, value in extra_context.items():
context[key] = callable(value) and value() or value
# merge local settings dict with csrf token dict and render. (could use render()from django 1.34 onwards)
return render_to_response(template_name,
c.update({ 'form': form,'settings':settings }),
context_instance=context)
{ 'form': form,'settings':settings },
context_instance=context, c)

9
templates/registration/registration_form.html
View File

@ -41,15 +41,6 @@ registration_form.html | {{ block.super }}
{% endfor %}
</td>
</tr>
<tr>
<td align="right" valign="top">Password (again):</td>
<td>
{{ form.password2 }} <br/>
{% for error in form.password2.errors %}
<span style="color:red">{{ error }}</span>
{% endfor %}
</td>
</tr>
<tr>
<td>&nbsp;</td>
<td><input type="submit" value="Register" /></td>