From b7dd8737a79ae0d93180b8562313772649f454c2 Mon Sep 17 00:00:00 2001 From: wh1te909 Date: Sat, 27 Feb 2021 23:19:35 +0000 Subject: [PATCH] make django admin disabled by default --- .devcontainer/entrypoint.sh | 1 + api/tacticalrmm/tacticalrmm/settings.py | 18 ++++++++++++------ api/tacticalrmm/tacticalrmm/urls.py | 7 +++++-- docker/containers/tactical/entrypoint.sh | 1 + install.sh | 1 + update.sh | 9 +++++++++ 6 files changed, 29 insertions(+), 8 deletions(-) diff --git a/.devcontainer/entrypoint.sh b/.devcontainer/entrypoint.sh index 1c514e1f..4f69c271 100644 --- a/.devcontainer/entrypoint.sh +++ b/.devcontainer/entrypoint.sh @@ -100,6 +100,7 @@ MESH_USERNAME = '${MESH_USER}' MESH_SITE = 'https://${MESH_HOST}' MESH_TOKEN_KEY = '${MESH_TOKEN}' REDIS_HOST = '${REDIS_HOST}' +ADMIN_ENABLED = True EOF )" diff --git a/api/tacticalrmm/tacticalrmm/settings.py b/api/tacticalrmm/tacticalrmm/settings.py index 130d6ad1..a51f3b99 100644 --- a/api/tacticalrmm/tacticalrmm/settings.py +++ b/api/tacticalrmm/tacticalrmm/settings.py @@ -2,7 +2,7 @@ import os from datetime import timedelta from pathlib import Path -BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) +BASE_DIR = Path(__file__).resolve().parent.parent SCRIPTS_DIR = "/srv/salt/scripts" @@ -39,11 +39,9 @@ except ImportError: pass INSTALLED_APPS = [ - "django.contrib.admin", "django.contrib.auth", "django.contrib.contenttypes", "django.contrib.sessions", - "django.contrib.messages", "django.contrib.staticfiles", "rest_framework", "rest_framework.authtoken", @@ -66,10 +64,17 @@ INSTALLED_APPS = [ "natsapi", ] -if not "TRAVIS" in os.environ and not "AZPIPELINE" in os.environ: - if DEBUG: +if not "AZPIPELINE" in os.environ: + if DEBUG: # type: ignore INSTALLED_APPS += ("django_extensions",) +if ADMIN_ENABLED: # type: ignore + INSTALLED_APPS += ( + "django.contrib.admin", + "django.contrib.messages", + ) + + MIDDLEWARE = [ "django.middleware.security.SecurityMiddleware", "django.contrib.sessions.middleware.SessionMiddleware", @@ -78,10 +83,11 @@ MIDDLEWARE = [ "django.middleware.csrf.CsrfViewMiddleware", "django.contrib.auth.middleware.AuthenticationMiddleware", "tacticalrmm.middleware.AuditMiddleware", - "django.contrib.messages.middleware.MessageMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware", ] +if ADMIN_ENABLED: # type: ignore + MIDDLEWARE += ("django.contrib.messages.middleware.MessageMiddleware",) REST_KNOX = { "TOKEN_TTL": timedelta(hours=5), diff --git a/api/tacticalrmm/tacticalrmm/urls.py b/api/tacticalrmm/tacticalrmm/urls.py index 2ce4dcce..4fb54499 100644 --- a/api/tacticalrmm/tacticalrmm/urls.py +++ b/api/tacticalrmm/tacticalrmm/urls.py @@ -1,12 +1,10 @@ from django.conf import settings -from django.contrib import admin from django.urls import include, path from knox import views as knox_views from accounts.views import CheckCreds, LoginView urlpatterns = [ - path(settings.ADMIN_URL, admin.site.urls), path("checkcreds/", CheckCreds.as_view()), path("login/", LoginView.as_view()), path("logout/", knox_views.LogoutView.as_view()), @@ -27,3 +25,8 @@ urlpatterns = [ path("accounts/", include("accounts.urls")), path("natsapi/", include("natsapi.urls")), ] + +if hasattr(settings, "ADMIN_ENABLED") and settings.ADMIN_ENABLED: + from django.contrib import admin + + urlpatterns += (path(settings.ADMIN_URL, admin.site.urls),) diff --git a/docker/containers/tactical/entrypoint.sh b/docker/containers/tactical/entrypoint.sh index f81bf6cd..63f684b3 100644 --- a/docker/containers/tactical/entrypoint.sh +++ b/docker/containers/tactical/entrypoint.sh @@ -106,6 +106,7 @@ MESH_SITE = 'https://${MESH_HOST}' MESH_TOKEN_KEY = '${MESH_TOKEN}' REDIS_HOST = '${REDIS_HOST}' MESH_WS_URL = 'ws://${MESH_CONTAINER}:443' +ADMIN_ENABLED = False EOF )" diff --git a/install.sh b/install.sh index ab628f5a..a026d423 100644 --- a/install.sh +++ b/install.sh @@ -366,6 +366,7 @@ MESH_USERNAME = "${meshusername}" MESH_SITE = "https://${meshdomain}" REDIS_HOST = "localhost" KEEP_SALT = False +ADMIN_ENABLED = False EOF )" echo "${localvars}" > /rmm/api/tacticalrmm/tacticalrmm/local_settings.py diff --git a/update.sh b/update.sh index 342ed90f..b83885e3 100644 --- a/update.sh +++ b/update.sh @@ -261,6 +261,15 @@ sudo chown -R $USER:$GROUP /home/${USER}/.cache sudo chown ${USER}:${USER} -R /etc/letsencrypt sudo chmod 775 -R /etc/letsencrypt +CHECK_ADMIN_ENABLED=$(grep ADMIN_ENABLED /rmm/api/tacticalrmm/tacticalrmm/local_settings.py) +if ! [[ $CHECK_ADMIN_ENABLED ]]; then +adminenabled="$(cat << EOF +ADMIN_ENABLED = False +EOF +)" +echo "${adminenabled}" | tee --append /rmm/api/tacticalrmm/tacticalrmm/local_settings.py > /dev/null +fi + CHECK_REMOVE_SALT=$(grep KEEP_SALT /rmm/api/tacticalrmm/tacticalrmm/local_settings.py) if ! [[ $CHECK_REMOVE_SALT ]]; then printf >&2 "${YELLOW}This update removes salt from the rmm${NC}\n"