mirror of
https://github.com/bookwyrm-social/bookwyrm.git
synced 2024-11-26 03:21:05 +00:00
Merge pull request #3226 from hughrun/disable-exports
Disable user exports
This commit is contained in:
commit
a585321ef9
11 changed files with 127 additions and 5 deletions
|
@ -137,3 +137,6 @@ TWO_FACTOR_LOGIN_MAX_SECONDS=60
|
||||||
# and AWS_S3_CUSTOM_DOMAIN (if used) are added by default.
|
# and AWS_S3_CUSTOM_DOMAIN (if used) are added by default.
|
||||||
# Value should be a comma-separated list of host names.
|
# Value should be a comma-separated list of host names.
|
||||||
CSP_ADDITIONAL_HOSTS=
|
CSP_ADDITIONAL_HOSTS=
|
||||||
|
# The last number here means "megabytes"
|
||||||
|
# Increase if users are having trouble uploading BookWyrm export files.
|
||||||
|
DATA_UPLOAD_MAX_MEMORY_SIZE = (1024**2 * 100)
|
|
@ -0,0 +1,18 @@
|
||||||
|
# Generated by Django 3.2.23 on 2024-01-16 10:28
|
||||||
|
|
||||||
|
from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
("bookwyrm", "0191_merge_20240102_0326"),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.AddField(
|
||||||
|
model_name="sitesettings",
|
||||||
|
name="user_exports_enabled",
|
||||||
|
field=models.BooleanField(default=False),
|
||||||
|
),
|
||||||
|
]
|
|
@ -96,6 +96,7 @@ class SiteSettings(SiteModel):
|
||||||
imports_enabled = models.BooleanField(default=True)
|
imports_enabled = models.BooleanField(default=True)
|
||||||
import_size_limit = models.IntegerField(default=0)
|
import_size_limit = models.IntegerField(default=0)
|
||||||
import_limit_reset = models.IntegerField(default=0)
|
import_limit_reset = models.IntegerField(default=0)
|
||||||
|
user_exports_enabled = models.BooleanField(default=False)
|
||||||
user_import_time_limit = models.IntegerField(default=48)
|
user_import_time_limit = models.IntegerField(default=48)
|
||||||
|
|
||||||
field_tracker = FieldTracker(fields=["name", "instance_tagline", "logo"])
|
field_tracker = FieldTracker(fields=["name", "instance_tagline", "logo"])
|
||||||
|
|
|
@ -442,3 +442,5 @@ if HTTP_X_FORWARDED_PROTO:
|
||||||
# Do not change this setting unless you already have an existing
|
# Do not change this setting unless you already have an existing
|
||||||
# user with the same username - in which case you should change it!
|
# user with the same username - in which case you should change it!
|
||||||
INSTANCE_ACTOR_USERNAME = "bookwyrm.instance.actor"
|
INSTANCE_ACTOR_USERNAME = "bookwyrm.instance.actor"
|
||||||
|
|
||||||
|
DATA_UPLOAD_MAX_MEMORY_SIZE = env.int("DATA_UPLOAD_MAX_MEMORY_SIZE", (1024**2 * 100))
|
||||||
|
|
|
@ -46,7 +46,11 @@
|
||||||
{% trans "If you wish to migrate any statuses (comments, reviews, or quotes) you must either set the account you are moving to as an <strong>alias</strong> of this one, or <strong>move</strong> this account to the new account, before you import your user data." %}
|
{% trans "If you wish to migrate any statuses (comments, reviews, or quotes) you must either set the account you are moving to as an <strong>alias</strong> of this one, or <strong>move</strong> this account to the new account, before you import your user data." %}
|
||||||
{% endspaceless %}
|
{% endspaceless %}
|
||||||
</p>
|
</p>
|
||||||
{% if next_available %}
|
{% if not site.user_exports_enabled %}
|
||||||
|
<p class="notification is-danger">
|
||||||
|
{% trans "New user exports are currently disabled." %}
|
||||||
|
</p>
|
||||||
|
{% elif next_available %}
|
||||||
<p class="notification is-warning">
|
<p class="notification is-warning">
|
||||||
{% blocktrans trimmed %}
|
{% blocktrans trimmed %}
|
||||||
You will be able to create a new export file at {{ next_available }}
|
You will be able to create a new export file at {{ next_available }}
|
||||||
|
|
|
@ -90,6 +90,33 @@
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
{% if site.user_exports_enabled %}
|
||||||
|
<details class="details-panel box">
|
||||||
|
<summary>
|
||||||
|
<span role="heading" aria-level="2" class="title is-6">
|
||||||
|
{% trans "Disable starting new user exports" %}
|
||||||
|
</span>
|
||||||
|
<span class="details-close icon icon-x" aria-hidden="true"></span>
|
||||||
|
</summary>
|
||||||
|
<form
|
||||||
|
name="disable-user-exports"
|
||||||
|
id="disable-user-exports"
|
||||||
|
method="POST"
|
||||||
|
action="{% url 'settings-user-exports-disable' %}"
|
||||||
|
>
|
||||||
|
<div class="notification">
|
||||||
|
{% trans "This is only intended to be used when things have gone very wrong with exports and you need to pause the feature while addressing issues." %}
|
||||||
|
{% trans "While exports are disabled, users will not be allowed to start new user exports, but existing exports will not be affected." %}
|
||||||
|
</div>
|
||||||
|
{% csrf_token %}
|
||||||
|
<div class="control">
|
||||||
|
<button type="submit" class="button is-danger">
|
||||||
|
{% trans "Disable user exports" %}
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
</details>
|
||||||
<details class="details-panel box">
|
<details class="details-panel box">
|
||||||
<summary>
|
<summary>
|
||||||
<span role="heading" aria-level="2" class="title is-6">
|
<span role="heading" aria-level="2" class="title is-6">
|
||||||
|
@ -108,7 +135,7 @@
|
||||||
{% trans "Set the value to 0 to not enforce any limit." %}
|
{% trans "Set the value to 0 to not enforce any limit." %}
|
||||||
</div>
|
</div>
|
||||||
<div class="align.to-t">
|
<div class="align.to-t">
|
||||||
<label for="limit">{% trans "Restrict user imports and exports to once every " %}</label>
|
<label for="limit">{% trans "Limit how often users can import and export user data" %}</label>
|
||||||
<input name="limit" class="input is-w-xs is-h-em" type="text" placeholder="0" value="{{ user_import_time_limit }}">
|
<input name="limit" class="input is-w-xs is-h-em" type="text" placeholder="0" value="{{ user_import_time_limit }}">
|
||||||
<label>{% trans "hours" %}</label>
|
<label>{% trans "hours" %}</label>
|
||||||
{% csrf_token %}
|
{% csrf_token %}
|
||||||
|
@ -120,6 +147,28 @@
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
</details>
|
</details>
|
||||||
|
{% else %}
|
||||||
|
<form
|
||||||
|
name="enable-user-imports"
|
||||||
|
id="enable-user-imports"
|
||||||
|
method="POST"
|
||||||
|
action="{% url 'settings-user-exports-enable' %}"
|
||||||
|
class="box"
|
||||||
|
>
|
||||||
|
<div class="notification is-danger is-light">
|
||||||
|
<p class="my-2">{% trans "Users are currently unable to start new user exports. This is the default setting." %}</p>
|
||||||
|
{% if use_s3 %}
|
||||||
|
<p>{% trans "It is not currently possible to provide user exports when using s3 storage. The BookWyrm development team are working on a fix for this." %}</p>
|
||||||
|
{% endif %}
|
||||||
|
</div>
|
||||||
|
{% csrf_token %}
|
||||||
|
<div class="control">
|
||||||
|
<button type="submit" class="button is-success" {% if use_s3 %}disabled{% endif %}>
|
||||||
|
{% trans "Enable user exports" %}
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
{% endif %}
|
||||||
</div>
|
</div>
|
||||||
<div class="block">
|
<div class="block">
|
||||||
<h4 class="title is-4">{% trans "Book Imports" %}</h4>
|
<h4 class="title is-4">{% trans "Book Imports" %}</h4>
|
||||||
|
|
|
@ -338,6 +338,16 @@ urlpatterns = [
|
||||||
views.disable_imports,
|
views.disable_imports,
|
||||||
name="settings-imports-disable",
|
name="settings-imports-disable",
|
||||||
),
|
),
|
||||||
|
re_path(
|
||||||
|
r"^settings/user-exports/enable/?$",
|
||||||
|
views.enable_user_exports,
|
||||||
|
name="settings-user-exports-enable",
|
||||||
|
),
|
||||||
|
re_path(
|
||||||
|
r"^settings/user-exports/disable/?$",
|
||||||
|
views.disable_user_exports,
|
||||||
|
name="settings-user-exports-disable",
|
||||||
|
),
|
||||||
re_path(
|
re_path(
|
||||||
r"^settings/imports/enable/?$",
|
r"^settings/imports/enable/?$",
|
||||||
views.enable_imports,
|
views.enable_imports,
|
||||||
|
|
|
@ -18,6 +18,8 @@ from .admin.imports import (
|
||||||
set_import_size_limit,
|
set_import_size_limit,
|
||||||
set_user_import_completed,
|
set_user_import_completed,
|
||||||
set_user_import_limit,
|
set_user_import_limit,
|
||||||
|
enable_user_exports,
|
||||||
|
disable_user_exports,
|
||||||
)
|
)
|
||||||
from .admin.ip_blocklist import IPBlocklist
|
from .admin.ip_blocklist import IPBlocklist
|
||||||
from .admin.invite import ManageInvites, Invite, InviteRequest
|
from .admin.invite import ManageInvites, Invite, InviteRequest
|
||||||
|
|
|
@ -9,7 +9,7 @@ from django.views.decorators.http import require_POST
|
||||||
|
|
||||||
from bookwyrm import models
|
from bookwyrm import models
|
||||||
from bookwyrm.views.helpers import redirect_to_referer
|
from bookwyrm.views.helpers import redirect_to_referer
|
||||||
from bookwyrm.settings import PAGE_LENGTH
|
from bookwyrm.settings import PAGE_LENGTH, USE_S3
|
||||||
|
|
||||||
|
|
||||||
# pylint: disable=no-self-use
|
# pylint: disable=no-self-use
|
||||||
|
@ -59,6 +59,7 @@ class ImportList(View):
|
||||||
"import_size_limit": site_settings.import_size_limit,
|
"import_size_limit": site_settings.import_size_limit,
|
||||||
"import_limit_reset": site_settings.import_limit_reset,
|
"import_limit_reset": site_settings.import_limit_reset,
|
||||||
"user_import_time_limit": site_settings.user_import_time_limit,
|
"user_import_time_limit": site_settings.user_import_time_limit,
|
||||||
|
"use_s3": USE_S3,
|
||||||
}
|
}
|
||||||
return TemplateResponse(request, "settings/imports/imports.html", data)
|
return TemplateResponse(request, "settings/imports/imports.html", data)
|
||||||
|
|
||||||
|
@ -126,3 +127,25 @@ def set_user_import_limit(request):
|
||||||
site.user_import_time_limit = int(request.POST.get("limit"))
|
site.user_import_time_limit = int(request.POST.get("limit"))
|
||||||
site.save(update_fields=["user_import_time_limit"])
|
site.save(update_fields=["user_import_time_limit"])
|
||||||
return redirect("settings-imports")
|
return redirect("settings-imports")
|
||||||
|
|
||||||
|
|
||||||
|
@require_POST
|
||||||
|
@permission_required("bookwyrm.edit_instance_settings", raise_exception=True)
|
||||||
|
# pylint: disable=unused-argument
|
||||||
|
def enable_user_exports(request):
|
||||||
|
"""Allow users to export account data"""
|
||||||
|
site = models.SiteSettings.objects.get()
|
||||||
|
site.user_exports_enabled = True
|
||||||
|
site.save(update_fields=["user_exports_enabled"])
|
||||||
|
return redirect("settings-imports")
|
||||||
|
|
||||||
|
|
||||||
|
@require_POST
|
||||||
|
@permission_required("bookwyrm.edit_instance_settings", raise_exception=True)
|
||||||
|
# pylint: disable=unused-argument
|
||||||
|
def disable_user_exports(request):
|
||||||
|
"""Don't allow users to export account data"""
|
||||||
|
site = models.SiteSettings.objects.get()
|
||||||
|
site.user_exports_enabled = False
|
||||||
|
site.save(update_fields=["user_exports_enabled"])
|
||||||
|
return redirect("settings-imports")
|
||||||
|
|
|
@ -64,13 +64,18 @@ server {
|
||||||
# directly serve images and static files from the
|
# directly serve images and static files from the
|
||||||
# bookwyrm filesystem using sendfile.
|
# bookwyrm filesystem using sendfile.
|
||||||
# make the logs quieter by not reporting these requests
|
# make the logs quieter by not reporting these requests
|
||||||
location ~ ^/(images|static)/ {
|
location ~ \.(bmp|ico|jpg|jpeg|png|tif|tiff|webp|css|js)$ {
|
||||||
root /app;
|
root /app;
|
||||||
try_files $uri =404;
|
try_files $uri =404;
|
||||||
add_header X-Cache-Status STATIC;
|
add_header X-Cache-Status STATIC;
|
||||||
access_log off;
|
access_log off;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# block access to any non-image files from images or static
|
||||||
|
location ~ ^/images/ {
|
||||||
|
return 403;
|
||||||
|
}
|
||||||
|
|
||||||
# monitor the celery queues with flower, no caching enabled
|
# monitor the celery queues with flower, no caching enabled
|
||||||
location /flower/ {
|
location /flower/ {
|
||||||
proxy_pass http://flower:8888;
|
proxy_pass http://flower:8888;
|
||||||
|
|
|
@ -96,12 +96,17 @@ server {
|
||||||
# # directly serve images and static files from the
|
# # directly serve images and static files from the
|
||||||
# # bookwyrm filesystem using sendfile.
|
# # bookwyrm filesystem using sendfile.
|
||||||
# # make the logs quieter by not reporting these requests
|
# # make the logs quieter by not reporting these requests
|
||||||
# location ~ ^/(images|static)/ {
|
# location ~ \.(bmp|ico|jpg|jpeg|png|tif|tiff|webp|css|js)$ {
|
||||||
# root /app;
|
# root /app;
|
||||||
# try_files $uri =404;
|
# try_files $uri =404;
|
||||||
# add_header X-Cache-Status STATIC;
|
# add_header X-Cache-Status STATIC;
|
||||||
# access_log off;
|
# access_log off;
|
||||||
# }
|
# }
|
||||||
|
|
||||||
|
# # block access to any non-image files from images or static
|
||||||
|
# location ~ ^/images/ {
|
||||||
|
# return 403;
|
||||||
|
# }
|
||||||
#
|
#
|
||||||
# # monitor the celery queues with flower, no caching enabled
|
# # monitor the celery queues with flower, no caching enabled
|
||||||
# location /flower/ {
|
# location /flower/ {
|
||||||
|
|
Loading…
Reference in a new issue