Remove unused file

.ansible-lint

@@ -0,0 +1,3 @@
+skip_list:
+  - command-instead-of-shell  # Use shell only when shell functionality is required
+  - experimental  # all rules tagged as experimental

.gitlab-ci.yml

@@ -10,50 +10,22 @@ variables:
 # Debian Buster
 py37-django22:
   stage: test
-  image: debian:buster-backports
-  before_script:
-    - >
-        apt-get update &&
-        apt-get install --no-install-recommends -t buster-backports -y
-        python3-django python3-django-crispy-forms
-        python3-django-extensions python3-django-filters python3-django-polymorphic
-        python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil
-        python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache
-        python3-bs4 python3-setuptools tox texlive-xetex
+  image: otthorn/nk20_ci_37
   script: tox -e py37-django22
 
 # Ubuntu 20.04
 py38-django22:
   stage: test
-  image: ubuntu:20.04
-  before_script:
-    # Fix tzdata prompt
-    - ln -sf /usr/share/zoneinfo/Europe/Paris /etc/localtime && echo Europe/Paris > /etc/timezone
-    - >
-        apt-get update &&
-        apt-get install --no-install-recommends -y
-        python3-django python3-django-crispy-forms
-        python3-django-extensions python3-django-filters python3-django-polymorphic
-        python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil
-        python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache
-        python3-bs4 python3-setuptools tox texlive-xetex
+  image: otthorn/nk20_ci_38
   script: tox -e py38-django22
 
 # Debian Bullseye
 py39-django22:
   stage: test
-  image: debian:bullseye
-  before_script:
-    - >
-        apt-get update &&
-        apt-get install --no-install-recommends -y
-        python3-django python3-django-crispy-forms
-        python3-django-extensions python3-django-filters python3-django-polymorphic
-        python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil
-        python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache
-        python3-bs4 python3-setuptools tox texlive-xetex
+  image: otthorn/nk20_ci_39
   script: tox -e py39-django22
 
+# Tox linter
 linters:
   stage: quality-assurance
   image: debian:buster-backports
@@ -64,6 +36,20 @@ linters:
   # Be nice to new contributors, but please use `tox`
   allow_failure: true
 
+# Ansible linter
+ansible-linter:
+  stage: quality-assurance
+  image: otthorn/nk20_ci_ansiblelint
+  script: ansible-lint ansible/
+
+# Docker linter
+docker-linter:
+  stage: quality-assurance
+  image: hadolint/hadolint
+  script:
+    - hadolint -c .hadolint Dockerfile
+    - hadolint -c .hadolint docker_ci/Dockerfile.*
+
 # Compile documentation
 documentation:
   stage: docs

.hadolint

@@ -0,0 +1,4 @@
+ignored:
+  - DL3008  # Do not force to pin version in apt (Debian)
+  - DL3013  # Do not force to pin version in pip (PyPI)
+  - DL3018  # Do not force to pin version in apk (Alpine)

apps/api/serializers.py

@@ -4,14 +4,10 @@
 
 from django.contrib.contenttypes.models import ContentType
 from django.contrib.auth.models import User
-from django.utils import timezone
-from rest_framework import serializers
-
-from member.api.serializers import ProfileSerializer, MembershipSerializer
-from note.models import Alias
+from rest_framework.serializers import ModelSerializer
 
 
-class UserSerializer(serializers.ModelSerializer):
+class UserSerializer(ModelSerializer):
     """
     REST API Serializer for Users.
     The djangorestframework plugin will analyse the model `User` and parse all fields in the API.
@@ -26,7 +22,7 @@ class UserSerializer(serializers.ModelSerializer):
         )
 
 
-class ContentTypeSerializer(serializers.ModelSerializer):
+class ContentTypeSerializer(ModelSerializer):
     """
     REST API Serializer for Users.
     The djangorestframework plugin will analyse the model `User` and parse all fields in the API.
@@ -35,39 +31,3 @@ class ContentTypeSerializer(serializers.ModelSerializer):
     class Meta:
         model = ContentType
         fields = '__all__'
-
-
-class OAuthSerializer(serializers.ModelSerializer):
-    """
-    Informations that are transmitted by OAuth.
-    For now, this includes user, profile and valid memberships.
-    This should be better managed later.
-    """
-    normalized_name = serializers.SerializerMethodField()
-
-    profile = ProfileSerializer()
-
-    memberships = serializers.SerializerMethodField()
-
-    def get_normalized_name(self, obj):
-        return Alias.normalize(obj.username)
-
-    def get_memberships(self, obj):
-        return serializers.ListSerializer(child=MembershipSerializer()).to_representation(
-            obj.memberships.filter(date_start__lte=timezone.now(), date_end__gte=timezone.now()))
-
-    class Meta:
-        model = User
-        fields = (
-            'id',
-            'username',
-            'normalized_name',
-            'first_name',
-            'last_name',
-            'email',
-            'is_superuser',
-            'is_active',
-            'is_staff',
-            'profile',
-            'memberships',
-        )

apps/api/urls.py

@@ -5,7 +5,6 @@ from django.conf import settings
 from django.conf.urls import url, include
 from rest_framework import routers
 
-from .views import UserInformationView
 from .viewsets import ContentTypeViewSet, UserViewSet
 
 # Routers provide an easy way of automatically determining the URL conf.
@@ -48,6 +47,5 @@ app_name = 'api'
 # Additionally, we include login URLs for the browsable API.
 urlpatterns = [
     url('^', include(router.urls)),
-    url('me', UserInformationView.as_view()),
     url('^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
 ]

apps/api/views.py

@@ -1,20 +0,0 @@
-# Copyright (C) 2018-2021 by BDE ENS Paris-Saclay
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-from django.contrib.auth.models import User
-from rest_framework.generics import RetrieveAPIView
-
-from .serializers import OAuthSerializer
-
-
-class UserInformationView(RetrieveAPIView):
-    """
-    These fields are give to OAuth authenticators.
-    """
-    serializer_class = OAuthSerializer
-
-    def get_queryset(self):
-        return User.objects.filter(pk=self.request.user.pk)
-
-    def get_object(self):
-        return self.request.user

apps/member/auth.py

@@ -1,15 +0,0 @@
-from cas_server.auth import DjangoAuthUser  # pragma: no cover
-
-from note.models import Alias
-
-
-class CustomAuthUser(DjangoAuthUser):  # pragma: no cover
-    """
-    Override Django Auth User model to define a custom Matrix username.
-    """
-
-    def attributs(self):
-        d = super().attributs()
-        if self.user:
-            d["normalized_name"] = Alias.normalize(self.user.username)
-        return d

apps/permission/backends.py

@@ -134,6 +134,8 @@ class PermissionBackend(ModelBackend):
             return False
 
         sess = get_current_session()
+        if sess is not None and sess.session_key is None:
+            return False
 
         if user_obj.is_superuser and sess.get("permission_mask", -1) >= 42:
             return True

docker_ci/Dockerfile.37

@@ -0,0 +1,18 @@
+FROM debian:buster-backports
+
+LABEL maintainer="otthorn@crans.org"
+LABEL description="Debian Buster backports image with django and tox \
+installed for testing purposes"
+
+RUN apt-get update \
+        && apt-get install --no-install-recommends -t buster-backports -y \
+        python3-django python3-django-crispy-forms \
+        python3-django-extensions python3-django-filters \
+		python3-django-polymorphic \
+        python3-djangorestframework python3-django-oauth-toolkit \
+		python3-psycopg2 python3-pil \
+        python3-babel python3-lockfile python3-pip python3-phonenumbers \
+		python3-memcache \
+        python3-bs4 python3-setuptools tox texlive-xetex \
+		&&  apt-get clean \
+		&& rm -rf /var/lib/apt/lists/*

docker_ci/Dockerfile.38

@@ -0,0 +1,22 @@
+FROM ubuntu:20.04
+
+LABEL maintainer="otthorn@crans.org"
+LABEL description="Ubuntu 20.04 image with django and tox \
+installed for testing purposes"
+
+# fix tzdata prompt
+RUN ln -sf /usr/share/zoneinfo/Europe/Paris /etc/localtime && echo Europe/Paris > /etc/timezone
+
+RUN apt-get update \
+        && apt-get install --no-install-recommends -y \
+        python3-django python3-django-crispy-forms \
+        python3-django-extensions python3-django-filters \
+		python3-django-polymorphic \
+        python3-djangorestframework python3-django-oauth-toolkit \
+		python3-psycopg2 python3-pil \
+        python3-babel python3-lockfile python3-pip python3-phonenumbers \
+		python3-memcache \
+        python3-bs4 python3-setuptools tox texlive-xetex \
+		&&  apt-get clean \
+		&& rm -rf /var/lib/apt/lists/*
+

docker_ci/Dockerfile.39

@@ -0,0 +1,18 @@
+FROM debian:bullseye
+
+LABEL maintainer="otthorn@crans.org"
+LABEL description="Debian Bulleye image with django and tox \
+installed for testing purposes"
+
+RUN apt-get update \
+        && apt-get install --no-install-recommends -y \
+        python3-django python3-django-crispy-forms \
+        python3-django-extensions python3-django-filters \
+		python3-django-polymorphic \
+        python3-djangorestframework python3-django-oauth-toolkit \
+		python3-psycopg2 python3-pil \
+        python3-babel python3-lockfile python3-pip python3-phonenumbers \
+		python3-memcache \
+        python3-bs4 python3-setuptools tox texlive-xetex \
+		&&  apt-get clean \
+		&& rm -rf /var/lib/apt/lists/*

docker_ci/Dockerfile.ansiblelint

@@ -0,0 +1,10 @@
+FROM python:3.9-alpine
+
+LABEL maintainer="otthorn@crans.org"
+LABEL description="Alpine image with ansible-lint and yamllint \
+installed for linting purposes"
+
+RUN apk add --no-cache gcc musl-dev python3-dev libffi-dev openssl-dev cargo
+RUN pip install --no-cache-dir "yamllint>=1.26.0,<2.0"
+RUN pip install --no-cache-dir "ansible-lint==5.0.0"
+RUN pip install --no-cache-dir "ansible>=2.10,<2.11"

docker_ci/Dockerfile.tox

@@ -0,0 +1,8 @@
+FROM alpine:3.13
+
+LABEL maintainer="otthorn@crans.org"
+LABEL description="Alpine image with tox \
+installed for linting purposes"
+
+RUN apk --no-cache add py3-pip=20.3.4-r0
+RUN pip install --no-cache-dir tox==3.22.0

docker_ci/README.md

@@ -0,0 +1,21 @@
+# Docker CI
+
+Ce dossier contient les images docker à construire pour la CI.  L'idée est
+d'avoir une image pré-construire, au dessus laquel il y a besoin de faire
+tourner uniquement les commandes qui nous intéresse. Cela permet notamment de
+réduire drastiquement le temps que nécessite chaque test car seul la dernière
+couche (layer) de l'image a besoin d'etre éxécuter.
+
+## Build les images
+
+Pour build les images il suffit de lancer les commandes suivantes
+
+```
+cd docker_ci/
+docker build -t nk20_ci_37 -f Dockerfile.37 .
+docker build -t nk20_ci_38 -f Dockerfile.38 .
+docker build -t nk20_ci_39 -f Dockerfile.39 .
+```
+
+Elles sont acutellement build et disponible sur dockerhub
+https://hub.docker.com/otthorn/nk20_ci_37

note_kfet/admin.py

@@ -52,9 +52,3 @@ if "rest_framework" in settings.INSTALLED_APPS:
     from rest_framework.authtoken.admin import *
     from rest_framework.authtoken.models import *
     admin_site.register(Token, TokenAdmin)
-
-if "cas_server" in settings.INSTALLED_APPS:
-    from cas_server.admin import *
-    from cas_server.models import *
-    admin_site.register(ServicePattern, ServicePatternAdmin)
-    admin_site.register(FederatedIendityProvider, FederatedIendityProviderAdmin)

note_kfet/settings/__init__.py

@@ -12,7 +12,7 @@ def read_env():
     directory.
     """
     try:
-        with open(os.path.join(BASE_DIR, '.env')) as f:
+        with open('.env') as f:
             content = f.read()
     except IOError:
         content = ''
@@ -30,7 +30,6 @@ def read_env():
 
 
 # Try to load environment variables from project .env
-BASE_DIR = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
 read_env()
 
 # Load base settings

note_kfet/settings/base.py

@@ -239,7 +239,6 @@ REST_FRAMEWORK = {
     'DEFAULT_AUTHENTICATION_CLASSES': [
         'rest_framework.authentication.SessionAuthentication',
         'rest_framework.authentication.TokenAuthentication',
-        'oauth2_provider.contrib.rest_framework.OAuth2Authentication',
     ],
     'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
     'PAGE_SIZE': 20,
@@ -274,6 +273,3 @@ PIC_RATIO = 1
 # Custom phone number format
 PHONENUMBER_DB_FORMAT = 'NATIONAL'
 PHONENUMBER_DEFAULT_REGION = 'FR'
-
-# We add custom information to CAS, in order to give a normalized name to other services
-CAS_AUTH_CLASS = 'member.auth.CustomAuthUser'

note_kfet/urls.py

@@ -45,11 +45,6 @@ if "oauth2_provider" in settings.INSTALLED_APPS:
         path('o/', include('oauth2_provider.urls', namespace='oauth2_provider'))
     )
 
-if "cas_server" in settings.INSTALLED_APPS:
-    urlpatterns.append(
-        path('cas/', include('cas_server.urls', namespace='cas_server'))
-    )
-
 if "debug_toolbar" in settings.INSTALLED_APPS:
     import debug_toolbar
     urlpatterns = [

requirements.txt

@@ -1,7 +1,6 @@
 beautifulsoup4~=4.7.1
 Django~=2.2.15
 django-bootstrap-datepicker-plus~=3.0.5
-django-cas-server~=1.2.0
 django-colorfield~=0.3.2
 django-crispy-forms~=1.7.2
 django-extensions~=2.1.4