web_framework: Don't create Django secret key when listing depends

This allows --list-dependencies to run without having to write to disk. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
2026-01-21 07:55:00 +00:00 · 2020-06-24 18:08:07 -07:00 · 2020-06-24 18:08:07 -07:00 · e5177289dc
commit e5177289dc
parent 28fe8c8c3e
1 changed files with 6 additions and 3 deletions
--- a/plinth/web_framework.py
+++ b/plinth/web_framework.py
@ -20,7 +20,7 @@ from . import cfg, glib, log, module_loader, settings
 logger = logging.getLogger(__name__)


-def init():
+def init(read_only=False):
    """Setup Django configuration in the absence of .settings file"""
    if cfg.secure_proxy_ssl_header:
        settings.SECURE_PROXY_SSL_HEADER = (cfg.secure_proxy_ssl_header,
@ -36,7 +36,7 @@ def init():
    settings.LANGUAGES = get_languages()
    settings.LOGGING = log.get_configuration()
    settings.MESSAGE_TAGS = {message_constants.ERROR: 'danger'}
-    settings.SECRET_KEY = _get_secret_key()
+    settings.SECRET_KEY = _get_secret_key(read_only)
    settings.SESSION_FILE_PATH = os.path.join(cfg.data_dir, 'sessions')
    settings.STATIC_URL = '/'.join([cfg.server_dir,
                                    'static/']).replace('//', '/')
@ -65,7 +65,7 @@ def post_init():
    glib.schedule(24 * 3600, _cleanup_expired_sessions, in_thread=True)


-def _get_secret_key():
+def _get_secret_key(read_only=False):
    """Retrieve or create a new Django secret key."""
    secret_key_file = pathlib.Path(cfg.data_dir) / 'django-secret.key'
    if secret_key_file.exists():
@ -73,6 +73,9 @@ def _get_secret_key():
        if len(secret_key) >= 128:
            return secret_key

+    if read_only:
+        return ''
+
    secret_key = _generate_secret_key()
    # File should be created with permission 0o700
    old_umask = os.umask(0o077)