Premier passage à la configuration unifiée (#38)

app/models/users.py

@@ -1,5 +1,5 @@
 from datetime import date
-from app import db
+from app import app, db
 from flask import flash
 from flask_login import UserMixin
 from app.models.privs import SpecialPrivilege, Group, GroupMember, \
@@ -9,7 +9,6 @@ from app.models.notification import Notification
 import app.utils.unicode_names as unicode_names
 from app.utils.notify import notify
 from config import V5Config
-from local_config import USE_LDAP
 import app.utils.ldap as ldap
 
 import werkzeug.security
@@ -110,7 +109,7 @@ class Member(User):
         self.name = name
         self.norm = unicode_names.normalize(name)
         self.email = email
-        if not USE_LDAP:
+        if not app.config.USE_LDAP:
             self.set_password(password)
         # Workflow with LDAP enabled is User → Postgresql → LDAP → set password
         self.xp = 0
@@ -170,7 +169,7 @@ class Member(User):
         # Beware of LDAP injections
         if "email" in data:
             self.email = data["email"]
-            if USE_LDAP:
+            if app.config.USE_LDAP:
                 ldap.set_email(self.norm, self.email)
         if "password" in data:
             self.set_password(data["password"])
@@ -210,7 +209,7 @@ class Member(User):
         Set the user's password. Check whether the request sender has the right
         to do this!
         """
-        if USE_LDAP:
+        if app.config.USE_LDAP:
             ldap.set_password(self, password)
         else:
             self.password_hash = werkzeug.security.generate_password_hash(
@@ -218,7 +217,7 @@ class Member(User):
 
     def check_password(self, password):
         """Compares password against member hash."""
-        if USE_LDAP:
+        if app.config.USE_LDAP:
             return ldap.check_password(self, password)
         else:
             return werkzeug.security.check_password_hash(self.password_hash,

app/routes/account/account.py

@@ -5,7 +5,6 @@ from app.forms.account import UpdateAccountForm, RegistrationForm, DeleteAccount
 from app.models.users import Member
 from app.utils.render import render
 import app.utils.ldap as ldap
-from local_config import USE_LDAP
 
 
 @app.route('/account', methods=['GET', 'POST'])
@@ -63,7 +62,7 @@ def register():
         db.session.add(member)
         db.session.commit()
         # Workflow with LDAP is User → Postgresql → LDAP → Change password
-        if USE_LDAP:
+        if app.config.USE_LDAP:
             ldap.add_member(member)
             ldap.set_password(member, form.password.data)
         flash('Inscription réussie', 'ok')

app/utils/ldap.py

@@ -1,13 +1,14 @@
 import ldap
+from app import app
 from ldap.modlist import addModlist, modifyModlist
-from local_config import LDAP_PASSWORD, LDAP_ORGANIZATION
 
 
 def get_member(username):
     """ Get informations about member. Username must be normalized! """
     conn = ldap.initialize("ldap://localhost")
     # Search for user
-    r = conn.search_s(LDAP_ORGANIZATION, ldap.SCOPE_SUBTREE, f'(cn={username})')
+    r = conn.search_s(app.config.LDAP_ORGANIZATION, ldap.SCOPE_SUBTREE,
+        f'(cn={username})')
     if len(r) > 0:
         return r[0]
     else:
@@ -34,16 +35,18 @@ def set_password(user, password):
     """ Set password for a user. """
     conn = ldap.initialize("ldap://localhost")
     # Connect as root
-    conn.simple_bind_s(f'cn=ldap-root,{LDAP_ORGANIZATION}',
-        LDAP_PASSWORD)
-    conn.passwd_s(f"cn={user.norm},{LDAP_ORGANIZATION}", None, password)
+    conn.simple_bind_s(f'cn=ldap-root,{app.config.LDAP_ORGANIZATION}',
+        app.config.LDAP_PASSWORD)
+    conn.passwd_s(f"cn={user.norm},{app.config.LDAP_ORGANIZATION}",
+        None, password)
 
 
 def check_password(user, password):
     """ Try to login a user through LDAP register. """
     conn = ldap.initialize("ldap://localhost")
     try:
-        conn.simple_bind_s(f"cn={user.norm},{LDAP_ORGANIZATION}", password)
+        conn.simple_bind_s(f"cn={user.norm},{app.config.LDAP_ORGANIZATION}",
+            password)
     except ldap.INVALID_CREDENTIALS:
         return False
     return True
@@ -56,9 +59,10 @@ def add_member(member):
         return
     conn = ldap.initialize("ldap://localhost")
     # Connect as root
-    conn.simple_bind_s(f'cn=ldap-root,{LDAP_ORGANIZATION}', LDAP_PASSWORD)
+    conn.simple_bind_s(f'cn=ldap-root,{app.config.LDAP_ORGANIZATION}',
+        app.config.LDAP_PASSWORD)
     # Create fields
-    dn = f'cn={member.norm},{LDAP_ORGANIZATION}'
+    dn = f'cn={member.norm},{app.config.LDAP_ORGANIZATION}'
     modlist = addModlist({
         'objectClass': [bytes('inetOrgPerson', 'UTF8')],
         'cn': [bytes(member.norm, 'UTF8')],
@@ -76,8 +80,9 @@ def delete_member(member):
     """ Remove a member from LDAP register """
     conn = ldap.initialize("ldap://localhost")
     # Connect as root
-    conn.simple_bind_s(f'cn=ldap-root,{LDAP_ORGANIZATION}', LDAP_PASSWORD)
+    conn.simple_bind_s(f'cn=ldap-root,{app.config.LDAP_ORGANIZATION}',
+        app.config.LDAP_PASSWORD)
     # Create fields
-    dn = f'cn={member.norm},{LDAP_ORGANIZATION}'
+    dn = f'cn={member.norm},{app.config.LDAP_ORGANIZATION}'
     # Delete the user
     conn.delete_s(dn)

app/utils/validators.py

@@ -5,7 +5,7 @@ from app.utils.valid_name import valid_name
 from app.utils.unicode_names import normalize
 import app.utils.ldap as ldap
 from config import V5Config
-from local_config import USE_LDAP
+from app import app
 
 
 def name_valid(form, name):
@@ -45,7 +45,7 @@ def name_available(form, name):
         raise ValidationError("Ce nom d'utilisateur est indisponible.")
 
     # Double check with LDAP if needed
-    if USE_LDAP:
+    if app.config.USE_LDAP:
         member = ldap.get_member(norm)
         if member is not None:
             raise ValidationError("Ce nom d'utilisateur est indisponible.")

config.py

@@ -1,12 +1,12 @@
 import os
 import datetime
-from local_config import DB_NAME, SECRET_KEY
+from local_config import LocalConfig
 
-
-class Config(object):
-    SECRET_KEY = os.environ.get('SECRET_KEY') or SECRET_KEY
+class Config(LocalConfig):
+    SECRET_KEY = os.environ.get('SECRET_KEY') or LocalConfig.SECRET_KEY
     SQLALCHEMY_DATABASE_URI = os.environ.get('DATABASE_URL') or \
-        'postgresql+psycopg2://' + os.environ.get('USER') + ':@/' + DB_NAME
+        'postgresql+psycopg2://' + os.environ.get('USER') + ':@/' \
+        + LocalConfig.DB_NAME
     SQLALCHEMY_TRACK_MODIFICATIONS = False
     UPLOAD_FOLDER = './app/static/avatars'