web: clean up, remove dead code, update readme

This commit is contained in:
radex 2024-07-08 21:53:12 +02:00
parent b3ec38bffe
commit 505074064d
Signed by: radex
SSH key fingerprint: SHA256:hvqRXAGG1h89yqnS+cyFTLKQbzjWD4uXIqw7Y+0ws30
9 changed files with 27 additions and 71 deletions

View file

@ -14,4 +14,4 @@ ADD web /usr/src/web
ADD fetch /usr/src/fetch
STOPSIGNAL SIGINT
CMD ["uwsgi", "--http-socket", "0.0.0.0:5000", "--plugins", "python3", "--wsgi", "webapp.wsgi:app", "--threads", "10", "--master"]
CMD ["uwsgi", "--http-socket", "0.0.0.0:5000", "--wsgi", "webapp.wsgi:app", "--threads", "10", "--master"]

View file

@ -1,25 +1,12 @@
Kasownik
========
Warsaw Hackerspace Membership Management System.
# Kasownik
> „100 linii pythona!” - enki o skrypcie do składek
Warsaw Hackerspace Membership Management System
Summary
-------
## Summary
This project is divided into two separate modules:
* `web` - web frontend and basic logic, public-facing service
* `fetch` - bank account data fetcher, to be run in some secure domain
(at least separate UID) - supports "old" IdeaBank web interface
* `fetch` - bank account data fetcher
More info about these can be found in their respective `README.md` files.
Quick Start
-----------
1. [Register new SSO application](https://sso.hackerspace.pl/client/create) - client name and URI don't matter, redirect URI should be `http://localhost:5000/oauth/callback` (by default), other settings can stay default
2. Set `SPACEAUTH_CONSUMER_KEY` and `SPACEAUTH_CONSUMER_SECRET` envs to the client generated above
3. `docker-compose run --rm kasownik-web ./manage.py syncdb` (one time)
4. Run the app: `docker-compose up --build`
5. (TODO: Add missing table for fetcher, add example data)

View file

@ -1,24 +1,23 @@
Kasownik webapp
===============
# Kasownik webapp
Setup
-----
## Quick start (old school)
pip install -r requirements.txt
# Copy example development environment config
cp config.py.dist config.py
1. [Register new SSO application](https://sso.hackerspace.pl/client/create) - client name and URI don't matter, redirect URI should be `http://localhost:5000/oauth/callback` (by default), other settings can stay default.
2. ```sh
pip install -r requirements.txt
# (set up database, one time)
./manage.py syncdb
```
3. Run dev server: `SPACEAUTH_CONSUMER_KEY=xxxx SPACEAUTH_CONSUMER_SECRET=yyyy DISABLE_LDAP=true ./manage.py run -p 5000`
Database initialization
-----------------------
See `config.py` for more envs you can set
./manage.py syncdb
## Quick start (Dockerized)
Development server
------------------
1. Set `SPACEAUTH_CONSUMER_KEY` and `SPACEAUTH_CONSUMER_SECRET` envs
2. `docker-compose run --rm kasownik-web ./manage.py syncdb` (one time)
3. Run the app: `docker-compose up --build`
FLASK_DEBUG=1 ./manage.py run
## TODO
WSGI deployment
---------------
`webapp/wsgi.py` exports `app` object suitable for wsgi deployments.
Add missing table for fetcher, add example data

View file

@ -1,9 +0,0 @@
[uwsgi]
plugins = python27
master = 1
threads = 10
chdir = /var/www/kasownik
venv = /var/www/kasownik/.env
module = webapp.wsgi
callable = app
debug = true

View file

@ -1,4 +1,4 @@
#!/usr/bin/env python
#!/usr/bin/env python3
import os
import click
from flask.cli import FlaskGroup

View file

@ -1,5 +1,3 @@
# - * - coding=utf-8 - * -
import datetime
from email.mime.text import MIMEText
from subprocess import Popen, PIPE

View file

@ -11,7 +11,7 @@
# and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
@ -58,7 +58,7 @@ def get_ldap_group_diff(members):
active_members = list(filter(lambda m: m['judgement'], members))
fatty = set([member['username'] for member in active_members if member['type'] in ['fatty', 'supporting']])
starving = set([member['username'] for member in active_members if member['type'] in ['starving']])
ldap_fatty = set(get_group_members(g.ldap, 'fatty'))
ldap_starving = set(get_group_members(g.ldap, 'starving'))
ldap_potato = set(get_group_members(g.ldap, 'potato'))
@ -94,22 +94,8 @@ def update_member_groups(c, changes):
for username in target_members:
values.append('uid={},{}'.format(username,app.config['LDAP_USER_BASE']).encode('utf-8'))
modlist = [(ldap.MOD_REPLACE,'uniqueMember',values)]
#print group,modlist
c.modify_s('cn={},{}'.format(group,app.config['LDAP_GROUP_BASE']), modlist)
# keeping it here instead of git history because it's preferable to the other method, as long as LDAP stops crashing
def update_member_groups_fucked(c, changes):
ops = {'add': ldap.MOD_ADD, 'remove': ldap.MOD_DELETE}
for group in changes:
modlist = []
for op in changes[group]:
values = []
for username in changes[group][op]:
values.append('uid={},{}'.format(username.encode('utf-8'),app.config['LDAP_USER_BASE']))
if values:
modlist.append((ops[op],'uniqueMember',values))
#print group, modlist
c.modify_s('cn={},{}'.format(group.encode('utf-8'),app.config['LDAP_GROUP_BASE']), modlist)
c.modify_s('cn={},{}'.format(group,app.config['LDAP_GROUP_BASE']), modlist)
def get_group_members(c, group):
if app.config.get('DISABLE_LDAP'):
@ -118,7 +104,7 @@ def get_group_members(c, group):
lfilter = '(&(cn={}){})'.format(group, app.config['LDAP_GROUP_FILTER'])
data = c.search_s(app.config['LDAP_GROUP_BASE'], ldap.SCOPE_SUBTREE,
lfilter, tuple(['uniqueMember',]))
members = []
for dn, obj in data:
for k, v in obj.items():

View file

@ -1,6 +1,3 @@
#!/usr/bin/env python2
# - * - coding=utf-8 - * -
# Copyright (c) 2015, Sergiusz Bazanski <q3k@q3k.org>
# Copyright (c) 2015, Remigiusz Marcinkiewicz <enleth@enleth.com>
# All rights reserved.
@ -15,7 +12,7 @@
# and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR

View file

@ -1,5 +1,3 @@
# - * - coding=utf-8 - * -
# Copyright (c) 2015, Sergiusz Bazanski <q3k@q3k.org>
# All rights reserved.
#