finish and document Limited mode

Kwpolska · Kwpolska · commit 707141aa855a · 2015-05-09T12:05:24.000+02:00
Signed-off-by: Chris Warrick &lt;kwpolska@gmail.com&gt;
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -2,6 +2,12 @@
 Appendix A. Changelog
 =====================
 
+v1.2.0
+------
+
+* Added support for a Limited mode, which does not require Redis and rq
+* Nikola v7.4.0 compatibility
+
 v1.1.0
 ------
 
diff --git a/coil/data/templates/jinja/coil_account_single.tmpl b/coil/data/templates/jinja/coil_account_single.tmpl
@@ -0,0 +1,56 @@
+{#  -*- coding: utf-8 -*- #}
+{% extends 'base.tmpl' %}
+{% block content %}
+<div class="page-header">
+<h1>Account <tt>{{ current_user.username }}</tt></h1>
+</div>
+
+{% if alert %}
+<div class="alert alert-{{ alert_status }}" role="alert">{{ alert }}</div>
+{% endif %}
+
+    <div class="panel panel-primary">
+        <div class="panel-heading">
+            <h3 class="panel-title">Profile</h3>
+        </div>
+        <div class="panel-body form-horizontal">
+
+        <p>In order to change your details, please contact an
+        administrator.</p>
+            <div class="form-group">
+                <label for="name" class="col-sm-2 control-label">Real name</label>
+                <div class="col-sm-10"><input class="form-control" id="realname" name="realname" value="{{ current_user.realname }}" placeholder="Real name" required disabled></div>
+            </div>
+            <div class="form-group">
+                <label for="name" class="col-sm-2 control-label">E-mail address</label>
+                <div class="col-sm-10"><input class="form-control" id="email" name="email" type="email" value="{{ current_user.email }}" placeholder="E-mail address" required disabled></div>
+            </div>
+        </div>
+    </div>
+
+<form action="{{ url_for('acp_pwdhash') }}" method="POST" class="form-horizontal">
+    <div class="panel panel-primary">
+        <div class="panel-heading">
+            <h3 class="panel-title">Password change</h3>
+        </div>
+        <div class="panel-body">
+        <p>In order to change your password, please contact an
+        administrator and provide them with a <strong>hash</strong> of your
+        desired password. Generate a secure hash below.</p>
+            <div class="form-group">
+                <label for="newpwd1" class="col-sm-2 control-label">New password</label>
+                <div class="col-sm-10"><input type="password" class="form-control" id="newpwd1" name="newpwd1" placeholder="New password"></div>
+            </div>
+            <div class="form-group">
+                <label for="newpwd2" class="col-sm-2 control-label">Repeat password</label>
+                <div class="col-sm-10"><input type="password" class="form-control" id="newpwd2" name="newpwd2" placeholder="Repeat new password"></div>
+            </div>
+        </div>
+    </div>
+    {{ form.csrf_token }}
+    <div style="text-align: center;">
+        <button type="submit" class="btn btn-primary btn-lg save-btn"><i class="fa fa-key fa-fw"></i> Generate hash</button>
+    </div>
+</form>
+
+{% endblock %}
diff --git a/coil/data/templates/jinja/coil_pwdhash.tmpl b/coil/data/templates/jinja/coil_pwdhash.tmpl
@@ -0,0 +1,39 @@
+{#  -*- coding: utf-8 -*- #}
+{% extends 'base.tmpl' %}
+{% block content %}
+<div class="page-header">
+<h1>Account <tt>{{ current_user.username }}</tt></h1>
+</div>
+
+<form action="{{ url_for('acp_pwdhash') }}" method="POST" class="form-horizontal">
+    <div class="panel panel-primary">
+        <div class="panel-heading">
+            <h3 class="panel-title">Password change</h3>
+        </div>
+        {% if status %}
+        <div class="panel-body">
+            <p class="text-success">Please provide the following hash to your
+            administrator:</p>
+            <p><code>{{ pwdhash }}</code></p>
+        </div>
+        {% else %}
+        <div class="panel-body">
+        <p class="text-danger">The passwords did not match.  Please try again.</p>
+            <div class="form-group">
+                <label for="newpwd1" class="col-sm-2 control-label">New password</label>
+                <div class="col-sm-10"><input type="password" class="form-control" id="newpwd1" name="newpwd1" placeholder="New password"></div>
+            </div>
+            <div class="form-group">
+                <label for="newpwd2" class="col-sm-2 control-label">Repeat password</label>
+                <div class="col-sm-10"><input type="password" class="form-control" id="newpwd2" name="newpwd2" placeholder="Repeat new password"></div>
+            </div>
+        </div>
+    </div>
+    {{ form.csrf_token }}
+    <div style="text-align: center;">
+        <button type="submit" class="btn btn-primary btn-lg save-btn"><i class="fa fa-key fa-fw"></i> Generate hash</button>
+    </div>
+    {% endif %}
+</form>
+
+{% endblock %}
diff --git a/coil/data/templates/jinja/coil_rebuild_single.tmpl b/coil/data/templates/jinja/coil_rebuild_single.tmpl
@@ -25,13 +25,11 @@
 $(document).ready(function() {
     fs = $('.build-status-icon');
     fsc = $('.build-status-caption');
-    if ({{ bstatus }} == 1) {
+    if ({{ status }} == 1) {
         fs.removeClass('fa-cog');
         fs.addClass('fa-check');
         fsc.addClass('text-success');
-        clearInterval(intID);
     } else {
-        pb.addClass('progress-bar-danger');
         fs.removeClass('fa-cog');
         fs.addClass('fa-times');
         fsc.addClass('text-danger');
diff --git a/coil/data/templates/mako/coil_account_single.tmpl b/coil/data/templates/mako/coil_account_single.tmpl
@@ -0,0 +1,56 @@
+## -*- coding: utf-8 -*-
+<%inherit file="base.tmpl"/>
+<%block name="content">
+<div class="page-header">
+<h1>Account <tt>${current_user.username}</tt></h1>
+</div>
+
+% if alert:
+<div class="alert alert-${alert_status}" role="alert">${alert}</div>
+% endif
+
+    <div class="panel panel-primary">
+        <div class="panel-heading">
+            <h3 class="panel-title">Profile</h3>
+        </div>
+        <div class="panel-body form-horizontal">
+
+        <p>In order to change your details, please contact an
+        administrator.</p>
+            <div class="form-group">
+                <label for="name" class="col-sm-2 control-label">Real name</label>
+                <div class="col-sm-10"><input class="form-control" id="realname" name="realname" value="${current_user.realname}" placeholder="Real name" required disabled></div>
+            </div>
+            <div class="form-group">
+                <label for="name" class="col-sm-2 control-label">E-mail address</label>
+                <div class="col-sm-10"><input class="form-control" id="email" name="email" type="email" value="${current_user.email}" placeholder="E-mail address" required disabled></div>
+            </div>
+        </div>
+    </div>
+
+<form action="${url_for('acp_pwdhash')}" method="POST" class="form-horizontal">
+    <div class="panel panel-primary">
+        <div class="panel-heading">
+            <h3 class="panel-title">Password change</h3>
+        </div>
+        <div class="panel-body">
+        <p>In order to change your password, please contact an
+        administrator and provide them with a <strong>hash</strong> of your
+        desired password. Generate a secure hash below.</p>
+            <div class="form-group">
+                <label for="newpwd1" class="col-sm-2 control-label">New password</label>
+                <div class="col-sm-10"><input type="password" class="form-control" id="newpwd1" name="newpwd1" placeholder="New password"></div>
+            </div>
+            <div class="form-group">
+                <label for="newpwd2" class="col-sm-2 control-label">Repeat password</label>
+                <div class="col-sm-10"><input type="password" class="form-control" id="newpwd2" name="newpwd2" placeholder="Repeat new password"></div>
+            </div>
+        </div>
+    </div>
+    ${form.csrf_token}
+    <div style="text-align: center;">
+        <button type="submit" class="btn btn-primary btn-lg save-btn"><i class="fa fa-key fa-fw"></i> Generate hash</button>
+    </div>
+</form>
+
+</%block>
diff --git a/coil/data/templates/mako/coil_pwdhash.tmpl b/coil/data/templates/mako/coil_pwdhash.tmpl
@@ -0,0 +1,39 @@
+## -*- coding: utf-8 -*-
+<%inherit file="base.tmpl"/>
+<%block name="content">
+<div class="page-header">
+<h1>Account <tt>${current_user.username}</tt></h1>
+</div>
+
+<form action="${url_for('acp_pwdhash')}" method="POST" class="form-horizontal">
+    <div class="panel panel-primary">
+        <div class="panel-heading">
+            <h3 class="panel-title">Password change</h3>
+        </div>
+        % if status:
+        <div class="panel-body">
+            <p class="text-success">Please provide the following hash to your
+            administrator:</p>
+            <p><code>${pwdhash}</code></p>
+        </div>
+        % else:
+        <div class="panel-body">
+        <p class="text-danger">The passwords did not match.  Please try again.</p>
+            <div class="form-group">
+                <label for="newpwd1" class="col-sm-2 control-label">New password</label>
+                <div class="col-sm-10"><input type="password" class="form-control" id="newpwd1" name="newpwd1" placeholder="New password"></div>
+            </div>
+            <div class="form-group">
+                <label for="newpwd2" class="col-sm-2 control-label">Repeat password</label>
+                <div class="col-sm-10"><input type="password" class="form-control" id="newpwd2" name="newpwd2" placeholder="Repeat new password"></div>
+            </div>
+        </div>
+    </div>
+    ${form.csrf_token}
+    <div style="text-align: center;">
+        <button type="submit" class="btn btn-primary btn-lg save-btn"><i class="fa fa-key fa-fw"></i> Generate hash</button>
+    </div>
+    % endif
+</form>
+
+</%block>
diff --git a/coil/data/templates/mako/coil_rebuild_single.tmpl b/coil/data/templates/mako/coil_rebuild_single.tmpl
@@ -25,13 +25,11 @@
 $(document).ready(function() {
     fs = $('.build-status-icon');
     fsc = $('.build-status-caption');
-    if (${bstatus} == 1) {
+    if (${status} == 1) {
         fs.removeClass('fa-cog');
         fs.addClass('fa-check');
         fsc.addClass('text-success');
-        clearInterval(intID);
     } else {
-        pb.addClass('progress-bar-danger');
         fs.removeClass('fa-cog');
         fs.addClass('fa-times');
         fsc.addClass('text-danger');
diff --git a/coil/forms.py b/coil/forms.py
@@ -73,11 +73,19 @@ class UserImportForm(Form):
     """A user import form."""
     tsv = FileField("TSV File")
 
+
 class UserEditForm(Form):
     """A user editor form, used for CSRF protection only."""
     pass
 
 
+
 class PermissionsForm(Form):
     """A permissions form, used for CSRF protection only."""
     pass
+
+
+class PwdHashForm(Form):
+    """A password hash form."""
+    newpwd1 = TextField('New password', validators=[Required()])
+    newpwd2 = TextField('Repeat new password', validators=[Required()])
diff --git a/coil/tasks.py b/coil/tasks.py
@@ -88,7 +88,7 @@ def orphans(dburl, sitedir):
     job = get_current_job(db)
     job.meta.update({'out': '', 'return': None, 'status': None})
     job.save()
-    returncode, out = orphans_single()
+    returncode, out = orphans_single(default_exec=True)
 
     job.meta.update({'out': out, 'return': returncode, 'status':
                      returncode == 0})
@@ -102,15 +102,25 @@ def build_single(mode):
         amode = ['-a']
     else:
         amode = []
-    p = subprocess.Popen([executable, '-m', 'nikola', 'build'] + amode,
+    if executable.endswith('uwsgi'):
+        # hack, might fail in some environments!
+        _executable = executable[:-5] + 'python'
+    else:
+        _executable = executable
+    p = subprocess.Popen([_executable, '-m', 'nikola', 'build'] + amode,
                          stderr=subprocess.PIPE)
     p.wait()
     out = ''.join(p.stderr.readlines())
     return (p.returncode == 0), out
 
-def orphans_single():
+def orphans_single(default_exec=False):
     """Remove all orphans in the site, in the single user-mode."""
-    p = subprocess.Popen([executable, '-m', 'nikola', 'orphans'],
+    if not default_exec and executable.endswith('uwsgi'):
+        # default_exec => rq => sys.executable is sane
+        _executable = executable[:-5] + 'python'
+    else:
+        _executable = executable
+    p = subprocess.Popen([_executable, '-m', 'nikola', 'orphans'],
                          stdout=subprocess.PIPE)
     p.wait()
     files = [l.strip() for l in p.stdout.readlines()]
diff --git a/coil/web.py b/coil/web.py
diff --git a/docs/admin/setup.rst b/docs/admin/setup.rst
diff --git a/docs/user/account.rst b/docs/user/account.rst

-Original file line number
+Diff line change
 from coil.utils import USER_FIELDS, PERMISSIONS, PERMISSIONS_E, SiteProxy
 from coil.forms import (LoginForm, NewPostForm, NewPageForm, DeleteForm,
                          UserDeleteForm, UserEditForm, AccountForm,
 -                         PermissionsForm, UserImportForm)
 +                         PermissionsForm, UserImportForm, PwdHashForm)
 _site = None
 site = None
 def scan_site():
     """Rescan the site."""
 -    site.scan_posts(really=True, quiet=True)
 +    site.scan_posts(really=True, ignore_quit=False, quiet=True)
 def configure_url(url):
     nikola.__main__._RETURN_DOITNIKOLA = True
     _dn = nikola.__main__.main([])
 -    _dn.sub_cmds = _dn.get_commands()
 +    _dn.sub_cmds = _dn.get_cmds()
     _site = _dn.nikola
     app.config['NIKOLA_ROOT'] = os.getcwd()
     app.config['DEBUG'] = False
     app.secret_key = _site.config.get('COIL_SECRET_KEY')
     app.config['COIL_URL'] = _site.config.get('COIL_URL')
 -    app.config['COIL_SINGLE'] = _site.config.get('COIL_SINGLE', False)
 +    app.config['COIL_LIMITED'] = _site.config.get('COIL_LIMITED', False)
     app.config['REDIS_URL'] = _site.config.get('COIL_REDIS_URL',
                                                'redis://localhost:6379/0')
 -    if app.config['COIL_SINGLE']:
 +    if app.config['COIL_LIMITED']:
         app.config['COIL_USERS'] = _site.config.get('COIL_USERS', {})
 +        _site.coil_needs_rebuild = '0'
     else:
         db = redis.StrictRedis.from_url(app.config['REDIS_URL'])
         q = rq.Queue(name='coil', connection=db)
         # Inject tmpl_dir low in the theme chain
         _site.template_system.inject_directory(tmpl_dir)
 +    # Commands proxy (only for Nikola commands)
 +    _site.commands = nikola.utils.Commands(
 +        _site.doit,
 +        None,
 +        {'cmds': _site._commands}
 +    )
++
     # Site proxy
 -    if app.config['COIL_SINGLE']:
 +    if app.config['COIL_LIMITED']:
         site = _site
 +        scan_site()
     else:
         site = SiteProxy(db, _site, app.logger)
     bcrypt = Bcrypt(app)
     return bcrypt.check_password_hash(pwdhash, password)
++
 def generate_menu():
     """Generate ``menu`` with the rebuild link.
         if uid:
             return get_user(uid)
     else:
 -        for u in app.config['COIL_USERS']:
 +        for uid, u in app.config['COIL_USERS'].items():
             if u['username'] == username:
                 return get_user(uid)
         meta.pop('_wysihtml5_mode', '')
         try:
             meta['author'] = get_user(meta['author.uid']).realname
 +            current_auid = int(meta['author.uid'])
             author_change_success = True
         except:
             author_change_success = False
             if active == '1':
                 users.append((u, realname))
     else:
 -        for u, d in app.config['COIL_USERS'].values():
 +        for u, d in app.config['COIL_USERS'].items():
             if d['active']:
 -                users.append((u, d['realname']))
 +                users.append((int(u), d['realname']))
     context['users'] = sorted(users)
     context['current_auid'] = current_auid
     context['title'] = 'Editing {0}'.format(post.title())
     else:
         status, outputb = coil.tasks.build_single(mode)
         _, outputo = coil.tasks.orphans_single()
 +        site.coil_needs_rebuild = '0'
         return render('coil_rebuild_single.tmpl', {'title': 'Rebuild',
                                                    'status': '1' if status else '0',
                                                    'outputb': outputb,
     else:
         alert = ''
         alert_status = ''
++
 +    if db is None:
 +        form = PwdHashForm()
 +        return render('coil_account_single.tmpl',
 +                      context={'title': 'My account',
 +                               'form': form,
 +                               'alert': alert,
 +                               'alert_status': alert_status})
++
     action = 'edit'
     form = AccountForm()
     if request.method == 'POST':
                            'form': form})
 +@app.route('/account/pwdhash', methods=['POST'])
 +def acp_pwdhash():
 +    form = PwdHashForm()
 +    if not form.validate():
 +        return error("Bad Request", 400)
 +    data = request.form
 +    if data['newpwd1'] == data['newpwd2']:
 +        pwdhash = password_hash(data['newpwd1'])
 +        status = True
 +    else:
 +        pwdhash = None
 +        status = False
 +    return render('coil_pwdhash.tmpl', context={'title': 'My account',
 +                                                'pwdhash': pwdhash,
 +                                                'status': status,
 +                                                'form': form})
++
 @app.route('/users/')
 @login_required
 def acp_users():
-Original file line number
+Diff line change
 Virtualenv
 ==========
 -Create a virtualenv in ``/var/coil`` and install Coil in it.
 +Create a virtualenv in ``/var/coil`` and install Coil, Nikola and uWSGI in it.
 .. code-block:: console
     # virtualenv-2.7 /var/coil
     # cd /var/coil
     # source bin/activate
 -    # pip install coil uwsgi
+-
 -Redis
 -=====
+-
 -You need to set up a `Redis <http://redis.io/>`_ server.  Make sure it starts
 -at boot.
+-
 -RQ
 -==
+-
 -You need to set up a `RQ <http://python-rq.org>`_ worker.  Make sure it starts
 -at boot, after Redis.  Here is a sample ``.service`` file for systemd:
+-
 -.. code-block:: ini
+-
 -    [Unit]
 -    Description=RQWorker Service
 -    After=redis.service
+-
 -    [Service]
 -    Type=simple
 -    ExecStart=/var/coil/bin/rqworker coil
 -    User=nobody
 -    Group=nobody
+-
 -    [Install]
 -    WantedBy=multi-user.target
+-
 +    # pip install nikola coil uwsgi
 Nikola and ``conf.py``
 ======================
    **Store it in a safe place** — git is not one!  You can use
    ``os.urandom(24)`` to generate something good.
  * ``COIL_URL`` — the URL under which Coil can be accessed.
 - * ``COIL_REDIS_URL`` — the URL of your Redis database.
 - * Modify ``POSTS`` and ``PAGES``, replacing ``.txt`` by ``.html``.
 + * ``_MAKO_DISABLE_CACHING = True``
 + * Modify ``POSTS`` and ``PAGES``, replacing ``.txt`` with ``.html``.
 + * You must set the mode (Limited vs Full) and configure it accordingly — see
 +   next section for details.
 -Redis URL syntax
 +CSS for the site
 ----------------
 -* ``redis://[:password]@localhost:6379/0`` (TCP)
 -* ``rediss://[:password]@localhost:6379/0`` (TCP over SSL)
 -* ``unix://[:password]@/path/to/socket.sock?db=0`` (Unix socket)
 +You must add `some CSS`__ for wysihtml5.  The easiest way to do this
 +is by downloading the raw ``.css`` file and saving it as ``files/assets/css/custom.css``.
 -The default URL is ``redis://localhost:6379/0``.
 +__ https://github.com/Voog/wysihtml/blob/master/examples/css/stylesheet.css
 -CSS for the site
 -----------------
 -Finally, you must add `some CSS`__ for wysihtml5.  The easiest way to do this
 -is by downloading the raw ``.css`` file as ``files/assets/css/custom.css``.
 +Limited Mode vs. Full Mode
 +==========================
 -__ https://github.com/Voog/wysihtml/blob/master/examples/css/stylesheet.css
 +Coil can run in two modes: Limited and Full.
 -First build
 -===========
 +**Limited Mode**:
 -When you are done configuring nikola, run ``nikola build``.
 +* does not require a database, is easier to setup
 +* stores its user data in ``conf.py`` (no ability to modify users on-the-fly)
 +* MUST run as a single process (``processes=1`` in uWSGI config)
 -.. code-block:: console
 +**Full Mode**:
 -    # nikola build
 +* requires Redis and RQ installed and running
 +* stores its user data in the Redis database (you can modify users on-the-fly)
 +* may run as multiple processes
++
 +Configuring Limited Mode
 +------------------------
++
 +You need to add the following to your config file:
++
 +.. code:: python
++
 +    COIL_LIMITED = True
 +    COIL_USERS = {
 +        '1': {
 +            'username': 'admin',
 +            'realname': 'Website Administrator',
 +            'password': '$bcrypt-sha256$2a,12$St3N7xoStL7Doxpvz78Jve$3vKfveUNhMNhvaFEfJllWEarb5oNgNu',
 +            'must_change_password': False,
 +            'email': 'info@getnikola.com',
 +            'active': True,
 +            'is_admin': True,
 +            'can_edit_all_posts': True,
 +            'wants_all_posts': True,
 +            'can_upload_attachments': True,
 +            'can_rebuild_site': True,
 +            'can_transfer_post_authorship': True,
 +        },
 +    }
++
 +The default user is ``admin`` with the password ``admin``.  New users can be
 +created by creating a similar dict.  Password hashes can be calculated on the
 +*Account* page.  Note that you are responsible for changing user passwords
 +(users should provide you with hashes and you must add them manually and
 +restart Coil) — consider not setting ``must_change_password`` in Limited mode.
++
 +Configuring Full Mode
 +---------------------
++
 +Full Mode requires much more extra configuration.
++
 +Redis
 +~~~~~
++
 +You need to set up a `Redis <http://redis.io/>`_ server.  Make sure it starts
 +at boot.
++
 +RQ
 +~~
++
 +You need to set up a `RQ <http://python-rq.org>`_ worker.  Make sure it starts
 +at boot, after Redis.  Here is a sample ``.service`` file for systemd:
++
 +.. code-block:: ini
++
 +    [Unit]
 +    Description=RQWorker Service
 +    After=redis.service
++
 +    [Service]
 +    Type=simple
 +    ExecStart=/var/coil/bin/rqworker coil
 +    User=nobody
 +    Group=nobody
++
 +    [Install]
 +    WantedBy=multi-user.target
 Users
 -=====
 +~~~~~
 Run ``coil write_users``:
 You will be able to add more users and change the admin credentials (which you
 should do!) later.  See also: :doc:`users`.
 +conf.py additions
 +~~~~~~~~~~~~~~~~~
++
 +You must add ``COIL_LIMITED = False`` and ``COIL_REDIS_URL``, which is an URL to
 +your Redis database.  The accepted formats are:
++
 +* ``redis://[:password]@localhost:6379/0`` (TCP)
 +* ``rediss://[:password]@localhost:6379/0`` (TCP over SSL)
 +* ``unix://[:password]@/path/to/socket.sock?db=0`` (Unix socket)
++
 +The default URL is ``redis://localhost:6379/0``.
++
++
 +First build
 +===========
++
 +When you are done configuring Nikola and Coil, run ``nikola build``.
++
 +.. code-block:: console
++
 +    # nikola build
++
 Permissions
 ===========
 .. note::
 -   ``python2`` may also be ``python`` this depending on your environment.
 +   ``python2`` may also be ``python`` depending on your environment.
++
 +.. note::
++
 +   ``processes`` MUST be set to 1 if running in Limited Mode.
 nginx
 -----
-Original file line number
+Diff line change
 Account
 =======
 -You can edit your account in the Account tab.  You can change your real name,
 +You can edit your account in the Account page.  You can change your real name,
 e-mail and password.  You can also set the preferences.
 +Some sites require you contact an administrator to change your details.
 +In this case, the Account page allows you to generate a hash to let your
 +password be changed securely (your administrator cannot recover the password
 +from the hash).
++
 .. warning::
    The real name is not changed on the posts already created.
    If you want to change your username, you must contact an administrator.
++
 .. admonition:: Permissions
    In order to enable the “Show me posts by other users by default” preference, you must