nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-04-29 10:10:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

main: Drop initializing Django when listing dependencies

Browse Source 
- Avoid any potential problems with sqlite3 not being present.

- Avoid any potential problems with secret key not being available. Avoid
accidentally creating the secret key hardware/container images.

Tests:

- --list-dependencies works with and without secret key and plinth sqlite3.

- --list-dependencies works with plinth and root users.

- --list-dependencies does not create the sqlite3 database or the secret key.

- Running app works in normal mode and creates the secret key.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This commit is contained in:
Sunil Mohan Adapa 2021-11-15 12:54:07 -08:00 committed by James Valleroy
parent 00e42a42b9
commit abf389aaa1
No known key found for this signature in database
GPG Key ID: 77C0C75E7B650808
2 changed files with 3 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
plinth/__main__.py
View File

@ -108,9 +108,6 @@ def main():
if arguments.list_dependencies is not False: if arguments.list_dependencies is not False:
log.default_level = 'ERROR' log.default_level = 'ERROR'
web_framework.init(read_only=True)
module_loader.include_urls()
menu.init()
module_loader.load_modules() module_loader.load_modules()
module_loader.apps_init() module_loader.apps_init()
list_dependencies(arguments.list_dependencies) list_dependencies(arguments.list_dependencies)

9
plinth/web_framework.py
View File

@ -20,7 +20,7 @@ from . import cfg, glib, log, module_loader, settings
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
def init(read_only=False): def init():
"""Setup Django configuration in the absence of .settings file""" """Setup Django configuration in the absence of .settings file"""
# Workaround for django-simple-captcha 0.5.6 not being compatible with # Workaround for django-simple-captcha 0.5.6 not being compatible with
# Django 3.2. 0.5.14 is almost there in Debian. Workaround only until then. # Django 3.2. 0.5.14 is almost there in Debian. Workaround only until then.
@ -40,7 +40,7 @@ def init(read_only=False):
settings.LANGUAGES = get_languages() settings.LANGUAGES = get_languages()
settings.LOGGING = log.get_configuration() settings.LOGGING = log.get_configuration()
settings.MESSAGE_TAGS = {message_constants.ERROR: 'danger'} settings.MESSAGE_TAGS = {message_constants.ERROR: 'danger'}
settings.SECRET_KEY = _get_secret_key(read_only) settings.SECRET_KEY = _get_secret_key()
settings.SESSION_FILE_PATH = os.path.join(cfg.data_dir, 'sessions') settings.SESSION_FILE_PATH = os.path.join(cfg.data_dir, 'sessions')
settings.STATIC_URL = '/'.join([cfg.server_dir, settings.STATIC_URL = '/'.join([cfg.server_dir,
'static/']).replace('//', '/') 'static/']).replace('//', '/')
@ -69,7 +69,7 @@ def post_init():
glib.schedule(24 * 3600, _cleanup_expired_sessions, in_thread=True) glib.schedule(24 * 3600, _cleanup_expired_sessions, in_thread=True)
def _get_secret_key(read_only=False): def _get_secret_key():
"""Retrieve or create a new Django secret key.""" """Retrieve or create a new Django secret key."""
secret_key_file = pathlib.Path(cfg.data_dir) / 'django-secret.key' secret_key_file = pathlib.Path(cfg.data_dir) / 'django-secret.key'
if secret_key_file.exists(): if secret_key_file.exists():
@ -77,9 +77,6 @@ def _get_secret_key(read_only=False):
if len(secret_key) >= 128: if len(secret_key) >= 128:
return secret_key return secret_key
if read_only:
return ''
secret_key = _generate_secret_key() secret_key = _generate_secret_key()
# File should be created with permission 0o700 # File should be created with permission 0o700
old_umask = os.umask(0o077) old_umask = os.umask(0o077)