mirror of
https://github.com/bookwyrm-social/bookwyrm.git
synced 2024-11-25 11:01:12 +00:00
disable user exports by default
- new setting to enable user exports defaults to False - add setting to enable and disable user exports - do not allow user exports when using s3 storage - do not serve non-image files from /images/ (requires update to nginx settings) - increase default file upload limit to 100MB to enable user exports to be imported (can be changed in .env)
This commit is contained in:
parent
b04ebe397b
commit
d640e4ac96
11 changed files with 127 additions and 5 deletions
|
@ -137,3 +137,6 @@ TWO_FACTOR_LOGIN_MAX_SECONDS=60
|
|||
# and AWS_S3_CUSTOM_DOMAIN (if used) are added by default.
|
||||
# Value should be a comma-separated list of host names.
|
||||
CSP_ADDITIONAL_HOSTS=
|
||||
# The last number here means "megabytes"
|
||||
# Increase if users are having trouble uploading BookWyrm export files.
|
||||
DATA_UPLOAD_MAX_MEMORY_SIZE = (1024**2 * 100)
|
|
@ -0,0 +1,18 @@
|
|||
# Generated by Django 3.2.23 on 2024-01-16 10:28
|
||||
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
("bookwyrm", "0191_merge_20240102_0326"),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AddField(
|
||||
model_name="sitesettings",
|
||||
name="user_exports_enabled",
|
||||
field=models.BooleanField(default=False),
|
||||
),
|
||||
]
|
|
@ -96,6 +96,7 @@ class SiteSettings(SiteModel):
|
|||
imports_enabled = models.BooleanField(default=True)
|
||||
import_size_limit = models.IntegerField(default=0)
|
||||
import_limit_reset = models.IntegerField(default=0)
|
||||
user_exports_enabled = models.BooleanField(default=False)
|
||||
user_import_time_limit = models.IntegerField(default=48)
|
||||
|
||||
field_tracker = FieldTracker(fields=["name", "instance_tagline", "logo"])
|
||||
|
|
|
@ -442,3 +442,5 @@ if HTTP_X_FORWARDED_PROTO:
|
|||
# Do not change this setting unless you already have an existing
|
||||
# user with the same username - in which case you should change it!
|
||||
INSTANCE_ACTOR_USERNAME = "bookwyrm.instance.actor"
|
||||
|
||||
DATA_UPLOAD_MAX_MEMORY_SIZE = env.int("DATA_UPLOAD_MAX_MEMORY_SIZE", (1024**2 * 100))
|
||||
|
|
|
@ -46,7 +46,11 @@
|
|||
{% trans "If you wish to migrate any statuses (comments, reviews, or quotes) you must either set the account you are moving to as an <strong>alias</strong> of this one, or <strong>move</strong> this account to the new account, before you import your user data." %}
|
||||
{% endspaceless %}
|
||||
</p>
|
||||
{% if next_available %}
|
||||
{% if not site.user_exports_enabled %}
|
||||
<p class="notification is-danger">
|
||||
{% trans "New user exports are currently disabled." %}
|
||||
</p>
|
||||
{% elif next_available %}
|
||||
<p class="notification is-warning">
|
||||
{% blocktrans trimmed %}
|
||||
You will be able to create a new export file at {{ next_available }}
|
||||
|
|
|
@ -90,6 +90,33 @@
|
|||
</div>
|
||||
</form>
|
||||
</details>
|
||||
|
||||
{% if site.user_exports_enabled %}
|
||||
<details class="details-panel box">
|
||||
<summary>
|
||||
<span role="heading" aria-level="2" class="title is-6">
|
||||
{% trans "Disable starting new user exports" %}
|
||||
</span>
|
||||
<span class="details-close icon icon-x" aria-hidden="true"></span>
|
||||
</summary>
|
||||
<form
|
||||
name="disable-user-exports"
|
||||
id="disable-user-exports"
|
||||
method="POST"
|
||||
action="{% url 'settings-user-exports-disable' %}"
|
||||
>
|
||||
<div class="notification">
|
||||
{% trans "This is only intended to be used when things have gone very wrong with exports and you need to pause the feature while addressing issues." %}
|
||||
{% trans "While exports are disabled, users will not be allowed to start new user exports, but existing exports will not be affected." %}
|
||||
</div>
|
||||
{% csrf_token %}
|
||||
<div class="control">
|
||||
<button type="submit" class="button is-danger">
|
||||
{% trans "Disable user exports" %}
|
||||
</button>
|
||||
</div>
|
||||
</form>
|
||||
</details>
|
||||
<details class="details-panel box">
|
||||
<summary>
|
||||
<span role="heading" aria-level="2" class="title is-6">
|
||||
|
@ -108,7 +135,7 @@
|
|||
{% trans "Set the value to 0 to not enforce any limit." %}
|
||||
</div>
|
||||
<div class="align.to-t">
|
||||
<label for="limit">{% trans "Restrict user imports and exports to once every " %}</label>
|
||||
<label for="limit">{% trans "Limit how often users can import and export user data" %}</label>
|
||||
<input name="limit" class="input is-w-xs is-h-em" type="text" placeholder="0" value="{{ user_import_time_limit }}">
|
||||
<label>{% trans "hours" %}</label>
|
||||
{% csrf_token %}
|
||||
|
@ -120,6 +147,28 @@
|
|||
</div>
|
||||
</form>
|
||||
</details>
|
||||
{% else %}
|
||||
<form
|
||||
name="enable-user-imports"
|
||||
id="enable-user-imports"
|
||||
method="POST"
|
||||
action="{% url 'settings-user-exports-enable' %}"
|
||||
class="box"
|
||||
>
|
||||
<div class="notification is-danger is-light">
|
||||
<p class="my-2">{% trans "Users are currently unable to start new user exports. This is the default setting." %}</p>
|
||||
{% if use_s3 %}
|
||||
<p>{% trans "It is not currently possible to provide user exports when using s3 storage. The BookWyrm development team are working on a fix for this." %}</p>
|
||||
{% endif %}
|
||||
</div>
|
||||
{% csrf_token %}
|
||||
<div class="control">
|
||||
<button type="submit" class="button is-success" {% if use_s3 %}disabled{% endif %}>
|
||||
{% trans "Enable user exports" %}
|
||||
</button>
|
||||
</div>
|
||||
</form>
|
||||
{% endif %}
|
||||
</div>
|
||||
<div class="block">
|
||||
<h4 class="title is-4">{% trans "Book Imports" %}</h4>
|
||||
|
|
|
@ -338,6 +338,16 @@ urlpatterns = [
|
|||
views.disable_imports,
|
||||
name="settings-imports-disable",
|
||||
),
|
||||
re_path(
|
||||
r"^settings/user-exports/enable/?$",
|
||||
views.enable_user_exports,
|
||||
name="settings-user-exports-enable",
|
||||
),
|
||||
re_path(
|
||||
r"^settings/user-exports/disable/?$",
|
||||
views.disable_user_exports,
|
||||
name="settings-user-exports-disable",
|
||||
),
|
||||
re_path(
|
||||
r"^settings/imports/enable/?$",
|
||||
views.enable_imports,
|
||||
|
|
|
@ -18,6 +18,8 @@ from .admin.imports import (
|
|||
set_import_size_limit,
|
||||
set_user_import_completed,
|
||||
set_user_import_limit,
|
||||
enable_user_exports,
|
||||
disable_user_exports,
|
||||
)
|
||||
from .admin.ip_blocklist import IPBlocklist
|
||||
from .admin.invite import ManageInvites, Invite, InviteRequest
|
||||
|
|
|
@ -9,7 +9,7 @@ from django.views.decorators.http import require_POST
|
|||
|
||||
from bookwyrm import models
|
||||
from bookwyrm.views.helpers import redirect_to_referer
|
||||
from bookwyrm.settings import PAGE_LENGTH
|
||||
from bookwyrm.settings import PAGE_LENGTH, USE_S3
|
||||
|
||||
|
||||
# pylint: disable=no-self-use
|
||||
|
@ -59,6 +59,7 @@ class ImportList(View):
|
|||
"import_size_limit": site_settings.import_size_limit,
|
||||
"import_limit_reset": site_settings.import_limit_reset,
|
||||
"user_import_time_limit": site_settings.user_import_time_limit,
|
||||
"use_s3": USE_S3,
|
||||
}
|
||||
return TemplateResponse(request, "settings/imports/imports.html", data)
|
||||
|
||||
|
@ -126,3 +127,25 @@ def set_user_import_limit(request):
|
|||
site.user_import_time_limit = int(request.POST.get("limit"))
|
||||
site.save(update_fields=["user_import_time_limit"])
|
||||
return redirect("settings-imports")
|
||||
|
||||
|
||||
@require_POST
|
||||
@permission_required("bookwyrm.edit_instance_settings", raise_exception=True)
|
||||
# pylint: disable=unused-argument
|
||||
def enable_user_exports(request):
|
||||
"""Allow users to export account data"""
|
||||
site = models.SiteSettings.objects.get()
|
||||
site.user_exports_enabled = True
|
||||
site.save(update_fields=["user_exports_enabled"])
|
||||
return redirect("settings-imports")
|
||||
|
||||
|
||||
@require_POST
|
||||
@permission_required("bookwyrm.edit_instance_settings", raise_exception=True)
|
||||
# pylint: disable=unused-argument
|
||||
def disable_user_exports(request):
|
||||
"""Don't allow users to export account data"""
|
||||
site = models.SiteSettings.objects.get()
|
||||
site.user_exports_enabled = False
|
||||
site.save(update_fields=["user_exports_enabled"])
|
||||
return redirect("settings-imports")
|
||||
|
|
|
@ -64,13 +64,18 @@ server {
|
|||
# directly serve images and static files from the
|
||||
# bookwyrm filesystem using sendfile.
|
||||
# make the logs quieter by not reporting these requests
|
||||
location ~ ^/(images|static)/ {
|
||||
location ~ \.(bmp|ico|jpg|jpeg|png|tif|tiff|webp)$ {
|
||||
root /app;
|
||||
try_files $uri =404;
|
||||
add_header X-Cache-Status STATIC;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
# block access to any non-image files from images or static
|
||||
location ~ ^/(images|static)/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# monitor the celery queues with flower, no caching enabled
|
||||
location /flower/ {
|
||||
proxy_pass http://flower:8888;
|
||||
|
|
|
@ -96,12 +96,17 @@ server {
|
|||
# # directly serve images and static files from the
|
||||
# # bookwyrm filesystem using sendfile.
|
||||
# # make the logs quieter by not reporting these requests
|
||||
# location ~ ^/(images|static)/ {
|
||||
# location ~ \.(bmp|ico|jpg|jpeg|png|tif|tiff|webp)$ {
|
||||
# root /app;
|
||||
# try_files $uri =404;
|
||||
# add_header X-Cache-Status STATIC;
|
||||
# access_log off;
|
||||
# }
|
||||
|
||||
# # block access to any non-image files from images or static
|
||||
# location ~ ^/(images|static)/ {
|
||||
# return 403;
|
||||
# }
|
||||
#
|
||||
# # monitor the celery queues with flower, no caching enabled
|
||||
# location /flower/ {
|
||||
|
|
Loading…
Reference in a new issue