GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

Commit 003623a3 authored by asu1996's avatar asu1996

fixed conflicts

parents d5ff5951 e89ce6fb
......@@ -3,3 +3,4 @@
src/static/
src/core/migrations
.env
src/secrets.json
......@@ -15,13 +15,14 @@ We currently run a trial instance of this project on
# To run it locally
You need to start by setting the `SECRET_KEY` variable in
`src/lobby/settings.py`. This value can be an arbitrary string, and you should
never commit changes to `settings.py`.
`src/secrets.json'. This value can be an arbitrary string, and you should
never commit changes to `settings.py`. Secrets.json is currently added to
the .gitignore to avoid commits.
Then run the following commands:
```
$ virtualenv -p python3.7 .env
$ virtualenv -p python3.7 .env
$ source .env/bin/activate
$ pip install -r requirements.txt
$ python src/manage.py makemigrations
......
......@@ -2,6 +2,22 @@ from django.db import models
from django import forms
from datetime import datetime
from django.utils import timezone
from django.utils.translation import gettext_lazy as _
def is_valid_username(name):
if not all(x.isalpha() or x=='_' or x.isnumeric() for x in name):
raise forms.ValidationError(
_('%(name)s is not a valid username. Should be A-Z, a-z, 0-9 and _.'),
params={'name': name},
)
def is_username_exists(name):
if GitlabAccountRequest.objects.filter(username=name).count() > 0:
raise forms.ValidationError(
_('%(name)s already exists.'),
params={'name': name},
)
class GitlabAccountRequest(models.Model):
......@@ -11,7 +27,7 @@ class GitlabAccountRequest(models.Model):
('RR', 'Rejected')
]
username = models.CharField(max_length=64)
username = models.CharField(max_length=64, validators=[is_valid_username,is_username_exists])
email = models.EmailField()
reason = models.CharField(max_length=256)
approved = models.CharField(choices=STATUS, max_length=2, default='PR')
......
......@@ -12,6 +12,10 @@
<label for="input-username" class="sr-only">Username</label>
<input type="text" id="input-username" name="username" class="form-control" placeholder="Username" required>
<div style="color: red; margin-bottom:10px">
{{ form.username.errors | striptags }}
</div>
<p>Please explain why you want to collaborate with the Tor community</p>
<textarea class="form-control" name="reason" maxlength="256" placeholder="For Example: I wish to report an issue in Tor Browser." rows="3"></textarea>
......
......@@ -23,6 +23,8 @@ def index(request):
approve_user(model)
return HttpResponseRedirect('/success/')
else:
return render(request, 'core/signup.html', {'form': form})
return HttpResponseRedirect('/failure/')
......
import os
import json
from django.core.exceptions import ImproperlyConfigured
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
# Assign secrets.json to variable secrets_filepath
secrets_filepath = os.path.join(BASE_DIR,'secrets.json')
# Retrieve secrets from secrets json dictionary and load into memory
with open(secrets_filepath) as secrets_contents:
secrets = json.load(secrets_contents)
def get_secret(setting, secrets=secrets):
"""Get secret setting from json, or fail with ImproperlyConfigured"""
try:
return secrets[setting]
except KeyError:
raise ImproperlyConfigured(f"You have not set the {setting} setting")
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/3.0/howto/deployment/checklist/
......@@ -101,14 +117,15 @@ ALLOWED_HOSTS = ["localhost"]
DEBUG = True
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = ""
SECRET_KEY = get_secret('SECRET_KEY')
# SECURITY WARNING: Gitlab credentials.
GITLAB_URL = "https://gitlab.torproject.org/"
GITLAB_SECRET_TOKEN = ""
GITLAB_SECRET_TOKEN = get_secret('GITLAB_SECRET_TOKEN')
# SECURITY: List of suffixes to automatic approve for email accounts.
AUTO_ACCEPT_LIST = ["riseup.net"]
AUTO_ACCEPT_LIST = get_secret('AUTO_ACCEPT_LIST')
CRONJOBS = [
('0 0 * * *', 'core.cron.auto_delete'),
......
{
"SECRET_KEY":"",
"GITLAB_SECRET_TOKEN":"",
"AUTO_ACCEPT_LIST":""
}
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment