Skip to content

Commit 4625f25

Browse files
angela-tranthekaveman
authored andcommitted
refactor(admin): admin interface is always enabled
1 parent e4794bc commit 4625f25

File tree

7 files changed

+85
-116
lines changed

7 files changed

+85
-116
lines changed

benefits/core/admin.py

+37-37
Original file line numberDiff line numberDiff line change
@@ -2,43 +2,43 @@
22
The core application: Admin interface configuration.
33
"""
44

5+
import logging
56
import requests
67

78
from django.conf import settings
8-
9-
if settings.ADMIN:
10-
import logging
11-
from django.contrib import admin
12-
from . import models
13-
14-
logger = logging.getLogger(__name__)
15-
16-
for model in [
17-
models.EligibilityType,
18-
models.EligibilityVerifier,
19-
models.PaymentProcessor,
20-
models.PemData,
21-
models.TransitAgency,
22-
]:
23-
logger.debug(f"Register {model.__name__}")
24-
admin.site.register(model)
25-
26-
def pre_login_user(user, request):
27-
logger.debug(f"Running pre-login callback for user: {user.username}")
28-
token = request.session.get("google_sso_access_token")
29-
if token:
30-
headers = {
31-
"Authorization": f"Bearer {token}",
32-
}
33-
34-
# Request Google user info to get name and email
35-
url = "https://www.googleapis.com/oauth2/v3/userinfo"
36-
response = requests.get(url, headers=headers, timeout=settings.REQUESTS_TIMEOUT)
37-
user_data = response.json()
38-
logger.debug(f"Updating admin user data from Google for user with email: {user_data['email']}")
39-
40-
user.first_name = user_data["given_name"]
41-
user.last_name = user_data["family_name"]
42-
user.username = user_data["email"]
43-
user.email = user_data["email"]
44-
user.save()
9+
from django.contrib import admin
10+
from . import models
11+
12+
logger = logging.getLogger(__name__)
13+
14+
15+
for model in [
16+
models.EligibilityType,
17+
models.EligibilityVerifier,
18+
models.PaymentProcessor,
19+
models.PemData,
20+
models.TransitAgency,
21+
]:
22+
logger.debug(f"Register {model.__name__}")
23+
admin.site.register(model)
24+
25+
26+
def pre_login_user(user, request):
27+
logger.debug(f"Running pre-login callback for user: {user.username}")
28+
token = request.session.get("google_sso_access_token")
29+
if token:
30+
headers = {
31+
"Authorization": f"Bearer {token}",
32+
}
33+
34+
# Request Google user info to get name and email
35+
url = "https://www.googleapis.com/oauth2/v3/userinfo"
36+
response = requests.get(url, headers=headers, timeout=settings.REQUESTS_TIMEOUT)
37+
user_data = response.json()
38+
logger.debug(f"Updating admin user data from Google for user with email: {user_data['email']}")
39+
40+
user.first_name = user_data["given_name"]
41+
user.last_name = user_data["family_name"]
42+
user.username = user_data["email"]
43+
user.email = user_data["email"]
44+
user.save()

benefits/settings.py

+40-57
Original file line numberDiff line numberDiff line change
@@ -45,39 +45,33 @@ def RUNTIME_ENVIRONMENT():
4545
# Application definition
4646

4747
INSTALLED_APPS = [
48+
"django.contrib.admin",
49+
"django.contrib.auth",
50+
"django.contrib.contenttypes",
4851
"django.contrib.messages",
4952
"django.contrib.sessions",
5053
"django.contrib.staticfiles",
54+
"django_google_sso",
5155
"benefits.core",
5256
"benefits.enrollment",
5357
"benefits.eligibility",
5458
"benefits.oauth",
5559
]
5660

57-
if ADMIN:
58-
GOOGLE_SSO_CLIENT_ID = os.environ.get("GOOGLE_SSO_CLIENT_ID", "secret")
59-
GOOGLE_SSO_PROJECT_ID = os.environ.get("GOOGLE_SSO_PROJECT_ID", "benefits-admin")
60-
GOOGLE_SSO_CLIENT_SECRET = os.environ.get("GOOGLE_SSO_CLIENT_SECRET", "secret")
61-
GOOGLE_SSO_ALLOWABLE_DOMAINS = _filter_empty(os.environ.get("GOOGLE_SSO_ALLOWABLE_DOMAINS", "compiler.la").split(","))
62-
GOOGLE_SSO_STAFF_LIST = _filter_empty(os.environ.get("GOOGLE_SSO_STAFF_LIST", "").split(","))
63-
GOOGLE_SSO_SUPERUSER_LIST = _filter_empty(os.environ.get("GOOGLE_SSO_SUPERUSER_LIST", "").split(","))
64-
GOOGLE_SSO_LOGO_URL = "/static/img/icon/google_sso_logo.svg"
65-
GOOGLE_SSO_SAVE_ACCESS_TOKEN = True
66-
GOOGLE_SSO_PRE_LOGIN_CALLBACK = "benefits.core.admin.pre_login_user"
67-
GOOGLE_SSO_SCOPES = [
68-
"openid",
69-
"https://www.googleapis.com/auth/userinfo.email",
70-
"https://www.googleapis.com/auth/userinfo.profile",
71-
]
72-
73-
INSTALLED_APPS.extend(
74-
[
75-
"django.contrib.admin",
76-
"django.contrib.auth",
77-
"django.contrib.contenttypes",
78-
"django_google_sso", # Add django_google_sso
79-
]
80-
)
61+
GOOGLE_SSO_CLIENT_ID = os.environ.get("GOOGLE_SSO_CLIENT_ID", "secret")
62+
GOOGLE_SSO_PROJECT_ID = os.environ.get("GOOGLE_SSO_PROJECT_ID", "benefits-admin")
63+
GOOGLE_SSO_CLIENT_SECRET = os.environ.get("GOOGLE_SSO_CLIENT_SECRET", "secret")
64+
GOOGLE_SSO_ALLOWABLE_DOMAINS = _filter_empty(os.environ.get("GOOGLE_SSO_ALLOWABLE_DOMAINS", "compiler.la").split(","))
65+
GOOGLE_SSO_STAFF_LIST = _filter_empty(os.environ.get("GOOGLE_SSO_STAFF_LIST", "").split(","))
66+
GOOGLE_SSO_SUPERUSER_LIST = _filter_empty(os.environ.get("GOOGLE_SSO_SUPERUSER_LIST", "").split(","))
67+
GOOGLE_SSO_LOGO_URL = "/static/img/icon/google_sso_logo.svg"
68+
GOOGLE_SSO_SAVE_ACCESS_TOKEN = True
69+
GOOGLE_SSO_PRE_LOGIN_CALLBACK = "benefits.core.admin.pre_login_user"
70+
GOOGLE_SSO_SCOPES = [
71+
"openid",
72+
"https://www.googleapis.com/auth/userinfo.email",
73+
"https://www.googleapis.com/auth/userinfo.profile",
74+
]
8175

8276
MIDDLEWARE = [
8377
"django.middleware.security.SecurityMiddleware",
@@ -91,16 +85,10 @@ def RUNTIME_ENVIRONMENT():
9185
"django.middleware.clickjacking.XFrameOptionsMiddleware",
9286
"csp.middleware.CSPMiddleware",
9387
"benefits.core.middleware.ChangedLanguageEvent",
88+
"django.contrib.auth.middleware.AuthenticationMiddleware",
89+
"django.contrib.messages.middleware.MessageMiddleware",
9490
]
9591

96-
if ADMIN:
97-
MIDDLEWARE.extend(
98-
[
99-
"django.contrib.auth.middleware.AuthenticationMiddleware",
100-
"django.contrib.messages.middleware.MessageMiddleware",
101-
]
102-
)
103-
10492
if DEBUG:
10593
MIDDLEWARE.append("benefits.core.middleware.DebugSession")
10694

@@ -162,13 +150,12 @@ def RUNTIME_ENVIRONMENT():
162150
]
163151
)
164152

165-
if ADMIN:
166-
template_ctx_processors.extend(
167-
[
168-
"django.contrib.auth.context_processors.auth",
169-
"django.contrib.messages.context_processors.messages",
170-
]
171-
)
153+
template_ctx_processors.extend(
154+
[
155+
"django.contrib.auth.context_processors.auth",
156+
"django.contrib.messages.context_processors.messages",
157+
]
158+
)
172159

173160
TEMPLATES = [
174161
{
@@ -193,25 +180,21 @@ def RUNTIME_ENVIRONMENT():
193180

194181
# Password validation
195182

196-
AUTH_PASSWORD_VALIDATORS = []
183+
AUTH_PASSWORD_VALIDATORS = [
184+
{
185+
"NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
186+
},
187+
{
188+
"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
189+
},
190+
{
191+
"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
192+
},
193+
{
194+
"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
195+
},
196+
]
197197

198-
if ADMIN:
199-
AUTH_PASSWORD_VALIDATORS.extend(
200-
[
201-
{
202-
"NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
203-
},
204-
{
205-
"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
206-
},
207-
{
208-
"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
209-
},
210-
{
211-
"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
212-
},
213-
]
214-
)
215198

216199
# Internationalization
217200

benefits/urls.py

+4-9
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@
88
import logging
99

1010
from django.conf import settings
11+
from django.contrib import admin
1112
from django.http import HttpResponse
1213
from django.urls import include, path
1314

@@ -46,12 +47,6 @@ def test_secret(request):
4647

4748
urlpatterns.append(path("testsecret/", test_secret))
4849

49-
50-
if settings.ADMIN:
51-
from django.contrib import admin
52-
53-
logger.debug("Register admin urls")
54-
urlpatterns.append(path("admin/", admin.site.urls))
55-
urlpatterns.append(path("google_sso/", include("django_google_sso.urls", namespace="django_google_sso")))
56-
else:
57-
logger.debug("Skip url registrations for admin")
50+
logger.debug("Register admin urls")
51+
urlpatterns.append(path("admin/", admin.site.urls))
52+
urlpatterns.append(path("google_sso/", include("django_google_sso.urls", namespace="django_google_sso")))

docs/configuration/README.md

+3-3
Original file line numberDiff line numberDiff line change
@@ -55,10 +55,10 @@ from django.config import settings
5555

5656
# ...
5757

58-
if settings.ADMIN:
59-
# do something when admin is enabled
58+
if settings.DEBUG:
59+
# do something when debug is enabled
6060
else:
61-
# do something else when admin is disabled
61+
# do something else when debug is disabled
6262
```
6363

6464
Through the [Django model][django-model] framework, `benefits.core.models` instances are used to access the configuration data:

docs/configuration/environment-variables.md

-7
Original file line numberDiff line numberDiff line change
@@ -48,13 +48,6 @@ If blank or an invalid key, analytics events aren't captured (though may still b
4848

4949
## Django
5050

51-
### `DJANGO_ADMIN`
52-
53-
Boolean:
54-
55-
- `True`: activates Django's built-in admin interface for content authoring.
56-
- `False` (default): skips this activation.
57-
5851
### `DJANGO_ALLOWED_HOSTS`
5952

6053
!!! warning "Deployment configuration"

docs/getting-started/README.md

+1-2
Original file line numberDiff line numberDiff line change
@@ -56,8 +56,7 @@ docker compose up client
5656

5757
After initialization, the client is running running on `http://localhost:8000` by default.
5858

59-
If `DJANGO_ADMIN=true`, the backend administrative interface can be accessed at the `/admin` route using the superuser account
60-
you setup as part of initialization.
59+
The backend administrative interface can be accessed at the `/admin` route using the superuser account you setup as part of initialization.
6160

6261
By default, sample values are used to initialize Django. Alternatively you may:
6362

terraform/app_service.tf

-1
Original file line numberDiff line numberDiff line change
@@ -66,7 +66,6 @@ resource "azurerm_linux_web_app" "main" {
6666
"REQUESTS_READ_TIMEOUT" = "${local.secret_prefix}requests-read-timeout)",
6767

6868
# Django settings
69-
"DJANGO_ADMIN" = "${local.secret_prefix}django-admin)",
7069
"DJANGO_ALLOWED_HOSTS" = "${local.secret_prefix}django-allowed-hosts)",
7170
"DJANGO_DB_DIR" = "${local.secret_prefix}django-db-dir)",
7271
"DJANGO_DEBUG" = local.is_prod ? null : "${local.secret_prefix}django-debug)",

0 commit comments

Comments
 (0)