tikka
/
coin
forked from FFDN/coin


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252
							# -*- coding: utf-8 -*-
import os
import ldap
from django_auth_ldap.config import LDAPSearch, PosixGroupType
# from custom.coin_posix_group_type import CoinPosixGroupType

# Django settings for coin project.

# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(__file__))

PROJECT_PATH = os.path.abspath(os.path.dirname(__file__))
DEBUG = TEMPLATE_DEBUG = False

ADMINS = (
    # ('Your Name', 'your_email@example.com'),
)

MANAGERS = ADMINS

DATABASES = {
    # Base de donnée du SI
    'default': {
        'ENGINE': 'django.db.backends.postgresql_psycopg2',
        'NAME': 'illyse_coin',
        'USER': 'illyse_coin',
        'PASSWORD': '',
        'HOST': '',  # Empty for localhost through domain sockets
        'PORT': '',  # Empty for default
    },
    # LDAP backend pour stockage et mise à jour de données
    'ldap': {
        'ENGINE': 'ldapdb.backends.ldap',
        'NAME': 'ldap://ldapdev.illyse.org:390/',
        'TLS': True,
        'GLOBAL_OPTIONS': {ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER},
        'USER': 'cn=illysedev,ou=services,o=ILLYSE,l=Villeurbanne,st=RHA,c=FR',
        'PASSWORD': 'gfj83-E8ECgGh23JK_Ol12'
    }
}

DATABASE_ROUTERS = ['ldapdb.router.Router']

# Hosts/domain names that are valid for this site; required if DEBUG is False
# See https://docs.djangoproject.com/en/1.5/ref/settings/#allowed-hosts
ALLOWED_HOSTS = []

# Local time zone for this installation. Choices can be found here:
# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name
# although not all choices may be available on all operating systems.
# In a Windows environment this must be set to your system time zone.
TIME_ZONE = 'Europe/Paris'

# Language code for this installation. All choices can be found here:
# http://www.i18nguy.com/unicode/language-identifiers.html
LANGUAGE_CODE = 'fr-fr'

SITE_ID = 1

# If you set this to False, Django will make some optimizations so as not
# to load the internationalization machinery.
USE_I18N = True

# If you set this to False, Django will not format dates, numbers and
# calendars according to the current locale.
USE_L10N = True

# If you set this to False, Django will not use timezone-aware datetimes.
USE_TZ = True

# Default URL for login and logout
LOGIN_URL = '/members/login'
LOGIN_REDIRECT_URL = '/members'
LOGOUT_URL = '/members/logout'

# Absolute filesystem path to the directory that will hold user-uploaded files.
# Example: "/var/www/example.com/media/"
MEDIA_ROOT = os.path.join(BASE_DIR, 'media/')

# URL that handles the media served from MEDIA_ROOT. Make sure to use a
# trailing slash.
# Examples: "http://example.com/media/", "http://media.example.com/"
MEDIA_URL = '/media/'

# Absolute path to the directory static files should be collected to.
# Don't put anything in this directory yourself; store your static files
# in apps' "static/" subdirectories and in STATICFILES_DIRS.
# Example: "/var/www/example.com/static/"
STATIC_ROOT = os.path.join(BASE_DIR, 'static/')

# URL prefix for static files.
# Example: "http://example.com/static/", "http://static.example.com/"
STATIC_URL = '/static/'

# Additional locations of static files
STATICFILES_DIRS = (
    # Put strings here, like "/home/html/static" or "C:/www/django/static".
    # Always use forward slashes, even on Windows.
    # Don't forget to use absolute paths, not relative paths.
)

# List of finder classes that know how to find static files in
# various locations.
STATICFILES_FINDERS = (
    'django.contrib.staticfiles.finders.FileSystemFinder',
    'django.contrib.staticfiles.finders.AppDirectoriesFinder',
    #'django.contrib.staticfiles.finders.DefaultStorageFinder',
)

# Make this unique, and don't share it with anybody.
SECRET_KEY = '!qy_)gao6q)57#mz1s-d$5^+dp1nt=lk1d19&9bb3co37vn)!3'

# List of callables that know how to import templates from various sources.
TEMPLATE_LOADERS = (
    'django.template.loaders.filesystem.Loader',
    'django.template.loaders.app_directories.Loader',
    #'django.template.loaders.eggs.Loader',
)

MIDDLEWARE_CLASSES = (
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    # Uncomment the next line for simple clickjacking protection:
    # 'django.middleware.clickjacking.XFrameOptionsMiddleware',
)

ROOT_URLCONF = 'coin.urls'

# Python dotted path to the WSGI application used by Django's runserver.
WSGI_APPLICATION = 'coin.wsgi.application'

TEMPLATE_DIRS = (
    # Only absolute paths, always forward slashes
    os.path.join(PROJECT_PATH, 'templates/'),
)

INSTALLED_APPS = (
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    #'django.contrib.sites',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    # Uncomment the next line to enable the admin:
    'django.contrib.admin',
    # Uncomment the next line to enable admin documentation:
    #'django.contrib.admindocs',
    'south',
    'ldapdb',  # LDAP as database backend
    'autocomplete_light', #Automagic autocomplete foreingkey form component
    'activelink', #Detect if a link match actual page
    'coin',
    'coin.members',
    'coin.offers',
    'coin.billing',
    'coin.resources',
    'coin.reverse_dns',
    'coin.vpn'
)

# A sample logging configuration. The only tangible logging
# performed by this configuration is to send an email to
# the site admins on every HTTP 500 error when DEBUG=False.
# See http://docs.djangoproject.com/en/dev/topics/logging for
# more details on how to customize your logging configuration.
LOGGING = {
    'version': 1,
    'disable_existing_loggers': False,
    'filters': {
        'require_debug_false': {
            '()': 'django.utils.log.RequireDebugFalse'
        }
    },
    'handlers': {
        'mail_admins': {
            'level': 'ERROR',
            'filters': ['require_debug_false'],
            'class': 'django.utils.log.AdminEmailHandler'
        }
    },
    'loggers': {
        'django.request': {
            'handlers': ['mail_admins'],
            'level': 'ERROR',
            'propagate': True,
        },
    }
}

TEMPLATE_CONTEXT_PROCESSORS = (
    "django.contrib.auth.context_processors.auth",
    "django.core.context_processors.debug",
    "django.core.context_processors.i18n",
    "django.core.context_processors.media",
    "django.core.context_processors.static",
    "django.core.context_processors.tz",
    "django.core.context_processors.request",
    "django.contrib.messages.context_processors.messages")

AUTHENTICATION_BACKENDS = (
    'django_auth_ldap.backend.LDAPBackend',
    'django.contrib.auth.backends.ModelBackend',
)

# LDAP Backend pour authentification

AUTH_LDAP_SERVER_URI = "ldap://ldapdev.illyse.org:390"
AUTH_LDAP_START_TLS = True
AUTH_LDAP_GLOBAL_OPTIONS = {ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER}

AUTH_LDAP_BIND_DN = "cn=illysedev,ou=services,o=ILLYSE,l=Villeurbanne,st=RHA,c=FR"
AUTH_LDAP_BIND_PASSWORD = "gfj83-E8ECgGh23JK_Ol12"

AUTH_LDAP_USER_SEARCH = LDAPSearch(
    "ou=users,ou=unix,o=ILLYSE,l=Villeurbanne,st=RHA,c=FR",
    ldap.SCOPE_SUBTREE,
    "(cn=%(user)s)"
)

AUTH_LDAP_CACHE_GROUPS = False

AUTH_LDAP_GROUP_SEARCH = LDAPSearch(
    "ou=groups,ou=unix,o=ILLYSE,l=Villeurbanne,st=RHA,c=FR",
    ldap.SCOPE_SUBTREE,
    "(objectClass=posixGroup)"
)

AUTH_LDAP_GROUP_TYPE = PosixGroupType()

# AUTH_LDAP_REQUIRE_GROUP = "cn=admin,ou=groups,o=ILLYSE,"
#                           "l=Villeurbanne,st=RHA,c=FR"

AUTH_LDAP_USER_ATTR_MAP = {
    "first_name": "givenName",
    "last_name": "sn"
}

AUTH_LDAP_USER_FLAGS_BY_GROUP = {
    "is_active": "cn=coin,ou=groups,ou=unix,o=ILLYSE,l=Villeurbanne,st=RHA,c=FR",
    "is_staff": "cn=coin_admin,ou=groups,ou=unix,o=ILLYSE,l=Villeurbanne,st=RHA,c=FR",
    "is_superuser": "cn=coin_admin,ou=groups,ou=unix,o=ILLYSE,l=Villeurbanne,st=RHA,c=FR"
}


# Surcharge les paramètres en utilisant le fichier settings-local.py
try:
    from settings_local import *
except ImportError:
    pass