temp key authorization on dashboard for now

hotosm · Sep 21, 2022 · 7ad966c · 7ad966c
1 parent 97f9e18
commit 7ad966c
Show file tree

Hide file tree

Showing 6 changed files with 15 additions and 5 deletions.
diff --git a/api/urls.py b/api/urls.py
@@ -35,5 +35,5 @@
     url(r'^groups$',get_groups),
     url(r'^stats$', stats),
     url(r'^status$', machine_status),
-    
+
 ]
diff --git a/api/views.py b/api/views.py
@@ -283,8 +283,6 @@ def permalink(request, uid):
     except DjangoValidationError:
         return HttpResponseNotFound()
 
-
-
 @require_http_methods(['GET'])
 def stats(request):
     if not request.user.is_superuser:

diff --git a/core/settings/project.py b/core/settings/project.py
@@ -73,6 +73,7 @@
 GENERATE_MWM = os.getenv('GENERATE_MWM','/usr/local/bin/generate_mwm.sh')
 GENERATOR_TOOL = os.getenv('GENERATOR_TOOL','/usr/local/bin/generator_tool')
 PLANET_FILE = os.getenv('PLANET_FILE','')
+WORKER_SECRET_KEY = os.getenv('WORKER_SECRET_KEY','nPsOG0vNSEpKdZMjHeQVX910aSoq6Jyp')
 
 """
 Maximum extent of a Job

diff --git a/core/urls.py b/core/urls.py
@@ -11,13 +11,14 @@
 from django.views.generic import TemplateView, RedirectView
 from django.views.i18n import JavaScriptCatalog
 from ui.views import (authorized, login, logout,
-                      redirect_to_v3, v3)
+                      redirect_to_v3, v3, worker_dashboard)
 
 urlpatterns = []
 
 urlpatterns += i18n_patterns(
     url(r'^$', redirect_to_v3, name='index'),
     url(r'^v3/', v3, name="v3"),
+    url(r'^worker-dashboard/$', worker_dashboard),
     url(r'^login/$', login, name="login"),
     url(r'^logout$', logout, name='logout'),
     url(r'^email/$', TemplateView.as_view(template_name='osm/email.html'),

diff --git a/core/wsgi.py b/core/wsgi.py
@@ -10,12 +10,13 @@
 import os
 
 from django.core.wsgi import get_wsgi_application
+from django.conf import settings
 
 import dramatiq_dashboard
 
 os.environ.setdefault("DJANGO_SETTINGS_MODULE", "core.settings.project")
 
 application = get_wsgi_application()
 
-dashboard_middleware = dramatiq_dashboard.make_wsgi_middleware("/worker-dashboard")
+dashboard_middleware = dramatiq_dashboard.make_wsgi_middleware(f"/{settings.WORKER_SECRET_KEY}")
 application = dashboard_middleware(application)
diff --git a/ui/views.py b/ui/views.py
@@ -9,6 +9,8 @@
 from django.contrib import admin
 from django.contrib.auth.admin import User, UserAdmin
 from django.conf import settings
+from django.http import JsonResponse, HttpResponseRedirect, HttpResponse, HttpResponseNotFound, HttpResponseForbidden
+
 
 def authorized(request):
     # the user has now authorized a client application; they no longer need to
@@ -49,6 +51,13 @@ def v3(request):
 def redirect_to_v3(request):
     return redirect('/v3/')
 
+@require_http_methods(['GET'])
+def worker_dashboard(request):
+    if not request.user.is_superuser:
+        return HttpResponseForbidden()
+    # return HttpResponse('test')
+    return HttpResponseRedirect(f"/{settings.WORKER_SECRET_KEY}/")
+
 class ApplicationAdmin(admin.ModelAdmin):
     raw_id_fields = ("user", )