xle/troggle-unchained
2
0
Fork 0
forked from expo/troggle
Code Issues 4 Pull Requests Projects 1 Wiki Activity

merged in proper CSRF changes from server

Browse Source
This commit is contained in:
Wookey 2013-07-02 20:23:55 +01:00
commit ecfa6b19a0
8 changed files with 58 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
core/views_survex.py
View File

@ -213,11 +213,6 @@ def err(request, survex_file):
def identifycavedircontents(gcavedir): def identifycavedircontents(gcavedir):
# find the primary survex file in each cave directory # find the primary survex file in each cave directory
# name is the directory, nf is the base name of the file we are currently trying
# primesvx is the 'controlling' .svx for this dir. This code currently wrongly assumes that every dir has one
# The in-scan exceptions are a bad idea.
# subsvx is all the svx files in this dir, with 'primesvx' listed first
# subdirs is sibdirs of the current dir.
name = os.path.split(gcavedir)[1] name = os.path.split(gcavedir)[1]
subdirs = [ ] subdirs = [ ]
subsvx = [ ] subsvx = [ ]
@ -236,7 +231,7 @@ def identifycavedircontents(gcavedir):
elif f[-4:] == ".svx": elif f[-4:] == ".svx":
nf = f[:-4] nf = f[:-4]
if nf.lower() == name.lower() or nf[:3] == "all" or (name, nf) in [("resurvey2005", "145-2005"),("cucc","142"),("cucc","cu115")]: if nf.lower() == name.lower() or nf[:3] == "all" or (name, nf) in [("resurvey2005", "145-2005"), ("cucc", "cu115")]:
if primesvx: if primesvx:
if nf[:3] == "all": if nf[:3] == "all":
assert primesvx[:3] != "all", (name, nf, primesvx, gcavedir, subsvx) assert primesvx[:3] != "all", (name, nf, primesvx, gcavedir, subsvx)
@ -247,14 +242,9 @@ def identifycavedircontents(gcavedir):
primesvx = nf primesvx = nf
else: else:
subsvx.append(nf) subsvx.append(nf)
#else: else:
# This assert means that having a .ods file in the dir is fatal - that's not a good thing assert re.match(".*?(?:.3d|.log|.err|.txt|.tmp|.diff|.e?spec|~)$", f), (gcavedir, f)
# so commented out [W]
#assert re.match(".*?(?:.3d|.log|.err|.txt|.tmp|.diff|.e?spec|~)$", f), (gcavedir, f)
subsvx.sort() subsvx.sort()
#If this code fails then _no_ survey files are vieable.
#This assert means that any wierd file someone checks in to the dataset can make _everything_ unveiwable.
#If we don't grok it then just skip it.?
#assert primesvx, (gcavedir, subsvx) #assert primesvx, (gcavedir, subsvx)
if primesvx: if primesvx:
subsvx.insert(0, primesvx) subsvx.insert(0, primesvx)

14
databaseReset.py
View File

@ -11,20 +11,20 @@ from django.core.urlresolvers import reverse
from core.models import Cave, Entrance from core.models import Cave, Entrance
import flatpages.models import flatpages.models
databasename=settings.DATABASES['default']['NAME']
def reload_db(): def reload_db():
if settings.DATABASE_ENGINE == 'sqlite3': if settings.DATABASES['default']['ENGINE'] == 'django.db.backends.sqlite3':
try: try:
os.remove(settings.DATABASE_NAME) os.remove(databasename)
except OSError: except OSError:
pass pass
else: else:
cursor = connection.cursor() cursor = connection.cursor()
cursor.execute("DROP DATABASE %s" % settings.DATABASE_NAME) cursor.execute("DROP DATABASE %s" % databasename)
cursor.execute("CREATE DATABASE %s" % settings.DATABASE_NAME) cursor.execute("CREATE DATABASE %s" % databasename)
cursor.execute("ALTER DATABASE %s CHARACTER SET=utf8" % settings.DATABASE_NAME) cursor.execute("ALTER DATABASE %s CHARACTER SET=utf8" % databasename)
cursor.execute("USE %s" % settings.DATABASE_NAME) cursor.execute("USE %s" % databasename)
management.call_command('syncdb', interactive=False) management.call_command('syncdb', interactive=False)
user = User.objects.create_user('expo', 'goatchurch@gmail.com', 'gosser') user = User.objects.create_user('expo', 'goatchurch@gmail.com', 'gosser')
user.is_staff = True user.is_staff = True

16
localsettingsserver.py
View File

@ -1,12 +1,16 @@
import sys import sys
sys.path.append("/home/expo/troggle") sys.path.append("/home/expo/troggle")
DATABASE_ENGINE = 'mysql' # 'postgresql_psycopg2', 'postgresql', 'mysql', 'sqlite3' or 'oracle'. DATABASES = {
DATABASE_NAME = 'troggle' # Or path to database file if using sqlite3. 'default': {
DATABASE_USER = 'undemocracy' # Not used with sqlite3. 'ENGINE': 'django.db.backends.mysql', # Add 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'.
DATABASE_PASSWORD = 'aiGohsh5' # Not used with sqlite3. 'NAME': 'troggle', # Or path to database file if using sqlite3.
DATABASE_HOST = '' # Set to empty string for localhost. Not used with sqlite3. 'USER': 'expo', # Not used with sqlite3.
DATABASE_PORT = '' # Set to empty string for default. Not used with sqlite3. 'PASSWORD': 'gosser', # Not used with sqlite3.
'HOST': '', # Set to empty string for localhost. Not used with sqlite3.
'PORT': '', # Set to empty string for default. Not used with sqlite3.
}
}
REPOS_ROOT_PATH = '/home/expo/' REPOS_ROOT_PATH = '/home/expo/'
sys.path.append(REPOS_ROOT_PATH) sys.path.append(REPOS_ROOT_PATH)

26
localsettingsubuntu.py
View File

@ -1,12 +1,16 @@
import sys import sys
# link localsettings to this file for use on expo computer in austria # link localsettings to this file for use on expo computer in austria
DATABASE_ENGINE = 'mysql' # 'postgresql_psycopg2', 'postgresql', 'mysql', 'sqlite3' or 'oracle'. DATABASES = {
DATABASE_NAME = 'troggle' # Or path to database file if using sqlite3. 'default': {
DATABASE_USER = 'expo' # Not used with sqlite3. 'ENGINE': 'django.db.backends.mysql', # Add 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'.
DATABASE_PASSWORD = 'gosser' # Not used with sqlite3. 'NAME': 'troggle', # Or path to database file if using sqlite3.
DATABASE_HOST = '' # Set to empty string for localhost. Not used with sqlite3. 'USER': 'expo', # Not used with sqlite3.
DATABASE_PORT = '' # Set to empty string for default. Not used with sqlite3. 'PASSWORD': 'gosser', # Not used with sqlite3.
'HOST': '', # Set to empty string for localhost. Not used with sqlite3.
'PORT': '', # Set to empty string for default. Not used with sqlite3.
}
}
REPOS_ROOT_PATH = '/home/expo/expofiles/' REPOS_ROOT_PATH = '/home/expo/expofiles/'
@ -21,12 +25,12 @@ TUNNEL_DATA = REPOS_ROOT_PATH + 'tunneldata/'
CAVERN = 'cavern' CAVERN = 'cavern'
THREEDTOPOS = '3dtopos' THREEDTOPOS = '3dtopos'
EXPOWEB = REPOS_ROOT_PATH + 'expoweb/' EXPOWEB = REPOS_ROOT_PATH + 'expoweb/'
SURVEYS = '/home/expo/' SURVEYS = REPOS_ROOT_PATH
SURVEY_SCANS = REPOS_ROOT_PATH + 'expoimages/' SURVEY_SCANS = REPOS_ROOT_PATH + 'expoimages/'
FILES = REPOS_ROOT_PATH + 'expoimages' FILES = REPOS_ROOT_PATH + 'expoimages'
PYTHON_PATH = '/home/expo/expofiles/troggle/' PYTHON_PATH = REPOS_ROOT_PATH + 'hg/troggle/'
#URL_ROOT = 'http://127.0.0.1:8000' #URL_ROOT = 'http://127.0.0.1:8000'
URL_ROOT = "http://expoweb/" URL_ROOT = "http://expoweb/"
@ -36,17 +40,17 @@ EXPOWEB_URL = '/'
SURVEYS_URL = '/survey_scans/' SURVEYS_URL = '/survey_scans/'
MEDIA_URL = URL_ROOT + DIR_ROOT + '/site_media/' MEDIA_URL = URL_ROOT + DIR_ROOT + '/site_media/'
MEDIA_ROOT = '/home/expo/expofiles/troggle/media/' MEDIA_ROOT = REPOS_ROOT_PATH + '/troggle/media/'
MEDIA_ADMIN_DIR = '/usr/lib/python2.4/site-packages/django/contrib/admin/media/' MEDIA_ADMIN_DIR = '/usr/lib/python2.4/site-packages/django/contrib/admin/media/'
TINY_MCE_MEDIA_ROOT = '/usr/share/tinymce/www/' TINY_MCE_MEDIA_ROOT = '/usr/share/tinymce/www/'
TINY_MCE_MEDIA_URL = URL_ROOT + DIR_ROOT + '/tinymce_media/' TINY_MCE_MEDIA_URL = URL_ROOT + DIR_ROOT + '/tinymce_media/'
TEMPLATE_DIRS = ( TEMPLATE_DIRS = (
"/home/expo/expofiles/troggle/templates", PYTHON_PATH + "templates",
# Put strings here, like "/home/html/django_templates" or "C:/www/django/templates". # Put strings here, like "/home/html/django_templates" or "C:/www/django/templates".
# Always use forward slashes, even on Windows. # Always use forward slashes, even on Windows.
# Don't forget to use absolute paths, not relative paths. # Don't forget to use absolute paths, not relative paths.
) )
LOGFILE = '/home/expo/expofiles/troggle/parsing_log.txt' LOGFILE = PYTHON_PATH + 'parsing_log.txt'

16
localsettingswindows.py
View File

@ -1,9 +1,13 @@
DATABASE_ENGINE = '' # 'postgresql_psycopg2', 'postgresql', 'mysql', 'sqlite3' or 'oracle'. DATABASES = {
DATABASE_NAME = '' # Or path to database file if using sqlite3. 'default': {
DATABASE_USER = '' # Not used with sqlite3. 'ENGINE': 'django.db.backends.mysql', # Add 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'.
DATABASE_PASSWORD = '' # Not used with sqlite3. 'NAME': 'troggle', # Or path to database file if using sqlite3.
DATABASE_HOST = '' # Set to empty string for localhost. Not used with sqlite3. 'USER': 'expo', # Not used with sqlite3.
DATABASE_PORT = '' # Set to empty string for default. Not used with sqlite3. 'PASSWORD': 'gosser', # Not used with sqlite3.
'HOST': '', # Set to empty string for localhost. Not used with sqlite3.
'PORT': '', # Set to empty string for default. Not used with sqlite3.
}
}
SURVEX_DATA = 'c:\\Expo\\loser\\' SURVEX_DATA = 'c:\\Expo\\loser\\'
CAVERN = 'cavern' CAVERN = 'cavern'

13
registration/forms.py
View File

@ -15,15 +15,15 @@ from registration.models import RegistrationProfile
# on them with CSS or JavaScript if they have a class of "required" # on them with CSS or JavaScript if they have a class of "required"
# in the HTML. Your mileage may vary. If/when Django ticket #3515 # in the HTML. Your mileage may vary. If/when Django ticket #3515
# lands in trunk, this will no longer be necessary. # lands in trunk, this will no longer be necessary.
attrs_dict = { 'class': 'required' } # This was fixed in 2007, so I guess we don't need this any more. [W]
#attrs_dict = { 'class': 'required' }
class RegistrationForm(forms.Form): class RegistrationForm(forms.Form):
""" """
Form for registering a new user account. Form for registering a new user account.
Validates that the requested username is not already in use, and Validates that the requested username is not already in use.
requires the password to be entered twice to catch typos.
Subclasses should feel free to add any additional validation they Subclasses should feel free to add any additional validation they
need, but should either preserve the base ``save()`` or implement need, but should either preserve the base ``save()`` or implement
@ -39,8 +39,7 @@ class RegistrationForm(forms.Form):
label=_(u'email address')) label=_(u'email address'))
password1 = forms.CharField(widget=forms.PasswordInput(attrs=attrs_dict, render_value=False), password1 = forms.CharField(widget=forms.PasswordInput(attrs=attrs_dict, render_value=False),
label=_(u'password')) label=_(u'password'))
password2 = forms.CharField(widget=forms.PasswordInput(attrs=attrs_dict, render_value=False),
label=_(u'password (again)'))
def clean_username(self): def clean_username(self):
""" """
@ -62,9 +61,7 @@ class RegistrationForm(forms.Form):
field. field.
""" """
if 'password1' in self.cleaned_data and 'password2' in self.cleaned_data: if 'password1' in self.cleaned_data:
if self.cleaned_data['password1'] != self.cleaned_data['password2']:
raise forms.ValidationError(_(u'You must type the same password each time'))
if len(self.cleaned_data['password1']) < 6: if len(self.cleaned_data['password1']) < 6:
raise forms.ValidationError(_(u'Your password must be at least 6 characters')) raise forms.ValidationError(_(u'Your password must be at least 6 characters'))
return self.cleaned_data return self.cleaned_data

18
registration/views.py
View File

@ -7,12 +7,13 @@ from django.contrib.auth import authenticate
from django.conf import settings from django.conf import settings
from django.core.urlresolvers import reverse from django.core.urlresolvers import reverse
from django.core.context_processors import csrf
from django.http import HttpResponseRedirect from django.http import HttpResponseRedirect
from django.shortcuts import render_to_response from django.shortcuts import render_to_response
from django.template import RequestContext from django.template import RequestContext
from django.contrib.auth import login from django.contrib.auth import login
#Add CSRF protection:
from django.core.context_processors import csrf
from django.shortcuts import render_to_response
from registration.forms import RegistrationForm from registration.forms import RegistrationForm
from registration.models import RegistrationProfile from registration.models import RegistrationProfile
@ -69,7 +70,6 @@ def activate(request, activation_key,
c = {} c = {}
c.update(csrf(request)) c.update(csrf(request))
activation_key = activation_key.lower() # Normalize before trying anything with it. activation_key = activation_key.lower() # Normalize before trying anything with it.
account = RegistrationProfile.objects.activate_user(activation_key) account = RegistrationProfile.objects.activate_user(activation_key)
try: try:
@ -81,11 +81,10 @@ def activate(request, activation_key,
context = RequestContext(request) context = RequestContext(request)
for key, value in extra_context.items(): for key, value in extra_context.items():
context[key] = callable(value) and value() or value context[key] = callable(value) and value() or value
# merge local settings dict with csrf token dict and render. (could use render()from django 1.34 onwards)
return render_to_response(template_name, return render_to_response(template_name,
c.update({ 'account': account, { 'account': account,
'expiration_days': settings.ACCOUNT_ACTIVATION_DAYS, 'settings':settings, }), 'expiration_days': settings.ACCOUNT_ACTIVATION_DAYS, 'settings':settings},
context_instance=context) context_instance=context, c)
def register(request, success_url=None, def register(request, success_url=None,
@ -168,7 +167,6 @@ def register(request, success_url=None,
context = RequestContext(request) context = RequestContext(request)
for key, value in extra_context.items(): for key, value in extra_context.items():
context[key] = callable(value) and value() or value context[key] = callable(value) and value() or value
# merge local settings dict with csrf token dict and render. (could use render()from django 1.34 onwards)
return render_to_response(template_name, return render_to_response(template_name,
c.update({ 'form': form,'settings':settings }), { 'form': form,'settings':settings },
context_instance=context) context_instance=context, c)

9
templates/registration/registration_form.html
View File

@ -41,15 +41,6 @@ registration_form.html | {{ block.super }}
{% endfor %} {% endfor %}
</td> </td>
</tr> </tr>
<tr>
<td align="right" valign="top">Password (again):</td>
<td>
{{ form.password2 }} <br/>
{% for error in form.password2.errors %}
<span style="color:red">{{ error }}</span>
{% endfor %}
</td>
</tr>
<tr> <tr>
<td>&nbsp;</td> <td>&nbsp;</td>
<td><input type="submit" value="Register" /></td> <td><input type="submit" value="Register" /></td>