cam: port to mandaye 0.8 and ini configuration file

2014-06-24 18:56:48 +02:00 · 2014-06-24 18:56:48 +02:00 · 6fcde68b2e
parent 9e83ad6fbd
commit 6fcde68b2e
6 changed files with 109 additions and 94 deletions
--- a/cam/config.py
+++ b/cam/config.py
@ -2,26 +2,36 @@
 import logging
 import os

-_PROJECT_PATH = os.path.join(os.path.dirname(__file__), '..')
+from ConfigParser import SafeConfigParser
+from mandaye.exceptions import ImproperlyConfigured

-## Virtual hosts configuration
-hosts = {
-        'linuxfr.local:8000': [
-            {'path': r'/',
-                'target': 'http://linuxfr.org',
-                'mapping': 'mandaye.configs.linuxfr_saml_example.linuxfr_mapping'
-                },
-            ],
-        }
+# get configuration files from :
+# 1. default-settings.ini from source code
+# 2. os.environ.get('SETTINGS_INI') if it exists
+#    else /etc/mandaye-cam/config.ini
+#         and then /etc/mandaye-cam/local-config.ini
+BASE_DIR = os.path.dirname(os.path.abspath(__file__))
+SETTINGS_INI = (os.path.join(BASE_DIR, 'default-config.ini'),)
+if os.environ.get('SETTINGS_INI'):
+    SETTINGS_INI += (os.environ.get('SETTINGS_INI'),)
+else:
+    ETC_DIR = os.path.join('/', 'etc', 'mandaye-cam')
+    SETTINGS_INI += (
+        os.path.join(ETC_DIR, 'config.ini'),
+        os.path.join(ETC_DIR, 'local-config.ini')
+    )
+
+config = SafeConfigParser()
+config.read(SETTINGS_INI)

 ## SQL Backend config
 # Database configuration
 # http://docs.sqlalchemy.org/en/rel_0_7/core/engines.html
 # rfc 1738 https://tools.ietf.org/html/rfc1738
 # dialect+driver://username:password@host:port/database
-db_url = 'sqlite:///' + os.path.join(_PROJECT_PATH, 'test.db')
+db_url = config.get('database', 'url')

-debug = False
+debug = config.getboolean('debug', 'debug')

 # Log configuration
 LOGGING = {
@ -45,7 +55,7 @@ LOGGING = {
                'formatter': 'console'
                },
            'syslog': {
-                'level': 'INFO',
+                'level': 'DEBUG',
                'class': 'entrouvert.logging.handlers.SysLogHandler',
                'formatter': 'file',
                'address': '/dev/log'
@ -54,31 +64,38 @@ LOGGING = {
        'loggers': {
            '': {
                'handlers': ['console'],
-                'level': 'DEBUG',
+                'level': 'INFO',
                'propagate': False,
                },
            'mandaye': {
                'handlers': ['console', 'syslog'],
-                'level': 'DEBUG',
+                'level': 'INFO',
                'propagate': False,
                },
            'cam': {
                'handlers': ['console', 'syslog'],
-                'level': 'DEBUG',
+                'level': 'INFO',
                'propagate': False,
                },
            },
        }

+if config.getboolean('debug', 'log_debug'):
+    LOGGING['loggers']['']['level'] = 'DEBUG'
+    LOGGING['loggers']['mandaye']['level'] = 'DEBUG'
+    LOGGING['loggers']['cam']['level'] = 'DEBUG'
+
 ## PATH
+# Configuration directory
+config_root = config.get('dirs', 'config_root')
 # Template directory
-template_directory = os.path.join(_PROJECT_PATH, 'cam/templates')
+template_directory = config.get('dirs', 'template_directory')
 # Static url
-static_url = '/mandaye/static'
+static_url = config.get('dirs', 'static_url')
 # Static folder
-static_root = os.path.join(_PROJECT_PATH, 'cam/static')
+static_root = config.get('dirs', 'static_root')
 # Data dir
-data_dir = os.path.join(_PROJECT_PATH, 'data')
+data_dir = config.get('dirs', 'data_dir')

 # Supported authentification
 authentifications = {
@ -87,48 +104,54 @@ authentifications = {

 # sp mappers
 mappers = {
-    'linuxfr': 'rp_meyzieu.mappers.linuxfr_example',
-    'portail_famille_ecities': 'rp_meyzieu.mappers.portail_famille_ecities',
+    'archimed': 'cam.mappers.archimed_saml',
 }

 # Raven Sentry configuration
-raven_dsn = None
+raven_dsn = config.get('debug', 'raven_dsn')

 # Email notification configuration
-email_notification = False
-email_prefix = '[Mandaye CAM]'
-smtp_host = 'localhost'
-smtp_port = 25
-email_from = 'traceback@entrouvert.com'
-email_to = ['admin@localhost']
-
-# platform : should be prod, recette or dev
-platform = "prod"
+email_notification = config.getboolean('email', 'notification')
+email_prefix = config.get('email', 'prefix')
+smtp_host = config.get('email', 'smtp_host')
+smtp_port = config.getint('email', 'smtp_port')
+email_from = config.get('email', 'from')
+email_to = config.get('email', 'to').split()

 # Use long traceback with xtraceback
-use_long_trace = True
+use_long_trace = config.getboolean('debug', 'use_long_trace')

 # Ask Mandaye to auto decompress a response message
 # Decompress response only if you load a filter
-auto_decompress = True
-
-# Encrypt service provider passwords with a secret
-# You should install pycypto to use this feature
-encrypt_sp_password = False
-# Must be a 16, 24, or 32 bytes long
-encrypt_secret = ''
-
-# Beaker session configuration
-session_opts = {
-    'session.type': 'file',
-    'session.cookie_expires': True,
-    'session.timeout': 3600,
-    'session.data_dir': '/var/tmp/beaker'
-}
+auto_decompress = config.getboolean('mandaye', 'auto_decompress')

 # Choose storage
 # Only mandaye.backends.sql at the moment
-storage_backend = "mandaye.backends.sql"
+if config.get('mandaye', 'storage_backend') == 'sql':
+    storage_backend = "mandaye.backends.sql"
+else:
+    ImproperlyConfigured('Storage backend must be sql')
+
+# Encrypt service provider passwords with a secret
+# You should install pycypto to use this feature
+encrypt_sp_password = config.getboolean('mandaye', 'encrypt_sp_password')
+# Must be a 15, 24, or 32 bytes long
+encrypt_secret = config.get('mandaye', 'encrypt_secret')
+
+session_type = config.get('session', 'type')
+if session_type not in ('file', 'dbm', 'memory', 'memcached'):
+    raise ImproperlyConfigured('Sesssion type %r not supported' % session_type)
+if session_type == 'memcached':
+    session_type = 'ext:memcached'
+
+# Beaker session configuration
+session_opts = {
+    'session.type': session_type,
+    'session.url': config.get('session', 'url'),
+    'session.cookie_expires': config.get('session', 'cookie_expires'),
+    'session.timeout': config.getint('session', 'timeout'),
+    'session.data_dir': config.get('session', 'data_dir')
+}

 # Import local config
 try:
--- a/cam/filters/archimed.py
+++ b/cam/filters/archimed.py
@ -26,6 +26,10 @@ def default_req(env, values, request):
    return request

 def default_resp(env, values, request, response):
+    try:
+        response.msg = response.msg.decode('utf-8')
+    except UnicodeDecodeError:
+        response.msg = response.msg.decode('iso8859-15')
    response.msg = response.msg.replace(
            env['target'].geturl(),
            env['mandaye.scheme'] + '://' + env["HTTP_HOST"]
@ -33,7 +37,8 @@ def default_resp(env, values, request, response):
    response.msg = response.msg.replace(
            'http:\\/\\/mediatheque.montpellier-agglo.com',
            env['mandaye.scheme'] + ':\\/\\/' + env["HTTP_HOST"]
-            )
+    )
+    response.msg = response.msg.encode('utf-8')
    return response

 def associate_req(env, values, request):
--- a/cam/mappers/init.py
+++ b/cam/mappers/init.py
--- a/cam/mappers/archimed_saml.py
+++ b/cam/mappers/archimed_saml.py
@ -1,6 +1,6 @@

 from mandaye.auth.saml2 import SAML2Auth
-from mandaye.configs import saml2 as saml2_config
+from mandaye.auth.saml2 import END_POINTS_PATH

 from cam.filters import archimed
 from cam import config
@ -15,19 +15,13 @@ form_values = {
        'password_field': 'password',
        }

-if config.platform == "dev":
-    saml2_config.IDP_METADATA = "http://idp-montpellier.entrouvert.org/idp/saml2/metadata"
-elif config.platform == "recette":
-    saml2_config.IDP_METADATA = "https://idp-test-entrouvert.montpellier-agglo.com/idp/saml2/metadata"
-else:
-    saml2_config.IDP_METADATA = "https://compte-citoyen.montpellier-agglo.com/idp/saml2/metadata"
+urls = {
+        'login_url': '/mandaye/login',
+        'connection_url': '/mandaye/sso',
+        'associate_url': '/mandaye/associate',
+        }

-saml2_config.SAML_SIGNATURE_PUBLIC_KEY = config.SAML_SIGNATURE_PUBLIC_KEY
-saml2_config.SAML_SIGNATURE_PRIVATE_KEY = config.SAML_SIGNATURE_PRIVATE_KEY
-
-auth = SAML2Auth(form_values, 'archimed', saml2_config)
-
-archimed_mapping = [
+mapping = [
        {
            'path': r'/',
            'on_request': [{
@ -59,7 +53,7 @@ archimed_mapping = [
            'path': r'/mandaye/login$',
            'method': 'GET',
            'response': [{
-                'filter': auth.login,
+                'auth': 'login',
                'values': {
                    'associate_url': '/mandaye/associate',
                    },
@ -70,28 +64,21 @@ archimed_mapping = [
            'path': r'/mandaye/sso$',
            'method': 'GET',
            'response': [{
-                'filter': auth.sso,
+                'auth': 'sso',
                }]
            },
        {
            'path': r'/mandaye/slo$',
            'method': 'GET',
            'response': [{
-                'filter': auth.slo,
+                'auth': 'slo',
                }]
            },
        {
-            'path': r'%s$' % auth.config.END_POINTS_PATH['metadata'],
-            'method': 'GET',
-            'response': [{
-                'filter': auth.metadata,
-                }]
-            },
-        {
-                'path': r'%s$' % auth.config.END_POINTS_PATH['single_sign_on_post'],
+                'path': r'%s$' % END_POINTS_PATH['single_sign_on_post'],
                'method': 'POST',
                'response': [{
-                    'filter': auth.single_sign_on_post,
+                    'auth': 'single_sign_on_post',
                    'values': {
                        'login_url': '/mandaye/login',
                        'next_url': '/%s/' % base
@ -99,17 +86,17 @@ archimed_mapping = [
                    }]
                },
        {
-                'path': r'%s$' % auth.config.END_POINTS_PATH['single_logout'],
+                'path': r'%s$' % END_POINTS_PATH['single_logout'],
                'method': 'GET',
                'response': [{
-                    'filter': auth.single_logout,
+                    'auth': 'single_logout',
                    }]
                },
        {
-                'path': r'%s$' % auth.config.END_POINTS_PATH['single_logout_return'],
+                'path': r'%s$' % END_POINTS_PATH['single_logout_return'],
                'method': 'GET',
                'response': [{
-                    'filter': auth.single_logout_return,
+                    'auth': 'single_logout_return',
                    'values': {
                        'next_url': '/%s' % base
                        }
@ -141,7 +128,7 @@ archimed_mapping = [
                'path': r'/mandaye/disassociate$',
                'method': 'GET',
                'response': [{
-                    'filter': auth.disassociate,
+                    'auth': 'disassociate',
                    }],
                },
        {
@ -160,11 +147,7 @@ archimed_mapping = [
                'method': 'POST',
                'response': [
                    {
-                        'filter': auth.associate_submit,
-                        'values': {
-                            'connection_url': '/mandaye/sso',
-                            'associate_url': '/mandaye/associate',
-                            },
+                        'auth': 'associate_submit',
                        'condition': "'\"success\":true' in response.msg"
                        },
                    ],
--- a/cam/wsgi.py
+++ b/cam/wsgi.py
@ -1,12 +1,17 @@

 import os
-os.environ['MANDAYE_CONFIG_MODULE'] = 'cam.config'

 from mandaye.server import MandayeApp

-from mandaye import config
+from cam import config
 from beaker.middleware import SessionMiddleware
+from whitenoise import WhiteNoise
+
+os.environ['MANDAYE_CONFIG_MODULE'] = 'cam.config'
+
+from mandaye import config

 application = SessionMiddleware(MandayeApp(), config.session_opts)
+application_dev = WhiteNoise(application, root=config.static_root, prefix=config.static_url)


--- a/13
+++ b/13
@ -12,20 +12,19 @@ import sys
 from mandaye.log import logger
 from gunicorn.app.wsgiapp import WSGIApplication

-class WSGIApplication(WSGIApplication):
+class MandayeWSGIApplication(WSGIApplication):

    def init(self, parser, opts, args):
-        self.cfg.set("default_proc_name", "cam.wsgi:application")
-        self.app_uri = "cam.wsgi:application"
-
-        sys.path.insert(0, os.getcwd())
+        self.cfg.set("default_proc_name", "cam.wsgi:application_dev")
+        self.app_uri = "cam.wsgi:application_dev"

 def main():
    """ The ``gunicorn`` command line runner for launcing Gunicorn with
    generic WSGI applications.
    """
-    logger.info('CAM rp start')
-    WSGIApplication("%prog [OPTIONS]").run()
+    logger.info('CAM reverse-proxy start')
+    MandayeWSGIApplication("%(prog)s [OPTIONS]").run()

 if __name__ == "__main__":
    main()
+