[ENG-6025] Hotfix - API and admin aren't inheriting settings from website

admin/base/settings/defaults.py

@@ -3,7 +3,9 @@
 """
 
 from django.contrib import messages
+
 from api.base.settings import *  # noqa
+
 # TODO ALL SETTINGS FROM API WILL BE IMPORTED AND WILL NEED TO BE OVERRRIDEN
 # TODO THIS IS A STEP TOWARD INTEGRATING ADMIN & API INTO ONE PROJECT
 
@@ -15,27 +17,17 @@
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/1.8/howto/deployment/checklist/
 
-# from the OSF settings
-# SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = osf_settings.SECRET_KEY
-
 
 # Don't allow migrations
 DATABASE_ROUTERS = ['admin.base.db.router.NoMigrationRouter']
 
 # SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = osf_settings.DEBUG_MODE
-DEBUG_PROPAGATE_EXCEPTIONS = True
-
 
 # session:
 SESSION_COOKIE_NAME = 'admin'
-SESSION_COOKIE_SECURE = osf_settings.SECURE_MODE
-SESSION_COOKIE_HTTPONLY = osf_settings.SESSION_COOKIE_HTTPONLY
 
 # csrf:
 CSRF_COOKIE_NAME = 'admin-csrf'
-CSRF_COOKIE_SECURE = osf_settings.SECURE_MODE
 # set to False for admin draft registration uses a SPA and ajax and grab the token to use it in the requests
 CSRF_COOKIE_HTTPONLY = False
 
@@ -63,9 +55,9 @@
 # Sendgrid Email Settings - Using OSF credentials.
 # Add settings references to local.py
 
-EMAIL_HOST = osf_settings.MAIL_SERVER
-EMAIL_HOST_USER = osf_settings.MAIL_USERNAME
-EMAIL_HOST_PASSWORD = osf_settings.MAIL_PASSWORD
+EMAIL_HOST = MAIL_SERVER
+EMAIL_HOST_USER = MAIL_USERNAME
+EMAIL_HOST_PASSWORD = MAIL_PASSWORD
 EMAIL_PORT = 587
 EMAIL_USE_TLS = True
 
@@ -115,23 +107,25 @@
     'addons_twofactor': None,
 }
 
-USE_TZ = True
-TIME_ZONE = 'UTC'
-
 # local development using https
-if osf_settings.SECURE_MODE and osf_settings.DEBUG_MODE:
+if SECURE_MODE and DEBUG_MODE:
     INSTALLED_APPS += ('sslserver',)
 
-# Custom user model (extends AbstractBaseUser)
-AUTH_USER_MODEL = 'osf.OSFUser'
-
-# Settings related to CORS Headers addon: allow API to receive authenticated requests from OSF
-# CORS plugin only matches based on "netloc" part of URL, so as workaround we add that to the list
-CORS_ORIGIN_ALLOW_ALL = False
-CORS_ORIGIN_WHITELIST = (
-    osf_settings.DOMAIN.rstrip('/'),
-)
-CORS_ALLOW_CREDENTIALS = True
+TEMPLATES = [
+    {
+        'BACKEND': 'django.template.backends.django.DjangoTemplates',
+        'DIRS': [os.path.join(BASE_DIR, 'templates')],
+        'APP_DIRS': True,
+        'OPTIONS': {
+            'context_processors': [
+                'django.template.context_processors.debug',
+                'django.template.context_processors.request',
+                'django.contrib.auth.context_processors.auth',
+                'django.contrib.messages.context_processors.messages',
+            ],
+        }
+    }
+]
 
 MIDDLEWARE = (
     # TokuMX transaction support
@@ -158,20 +152,6 @@
     messages.WARNING: 'text-warning',
 }
 
-TEMPLATES = [
-    {
-        'BACKEND': 'django.template.backends.django.DjangoTemplates',
-        'DIRS': [os.path.join(BASE_DIR, 'templates')],
-        'APP_DIRS': True,
-        'OPTIONS': {
-            'context_processors': [
-                'django.template.context_processors.debug',
-                'django.template.context_processors.request',
-                'django.contrib.auth.context_processors.auth',
-                'django.contrib.messages.context_processors.messages',
-            ],
-        }
-    }]
 
 ROOT_URLCONF = 'admin.base.urls'
 WSGI_APPLICATION = 'admin.base.wsgi.application'
@@ -187,7 +167,6 @@
     os.path.join(BASE_DIR, '../website/static'),
 )
 
-LANGUAGE_CODE = 'en-us'
 
 WEBPACK_LOADER = {
     'DEFAULT': {
@@ -200,9 +179,9 @@
 NOSE_ARGS = ['--verbosity=2']
 
 # Keen.io settings in local.py
-KEEN_PROJECT_ID = osf_settings.KEEN['private']['project_id']
-KEEN_READ_KEY = osf_settings.KEEN['private']['read_key']
-KEEN_WRITE_KEY = osf_settings.KEEN['private']['write_key']
+KEEN_PROJECT_ID = KEEN['private']['project_id']
+KEEN_READ_KEY = KEEN['private']['read_key']
+KEEN_WRITE_KEY = KEEN['private']['write_key']
 
 KEEN_CREDENTIALS = {
     'keen_ready': False
@@ -222,8 +201,6 @@
 
 TINYMCE_APIKEY = ''
 
-SHARE_URL = osf_settings.SHARE_URL
-API_DOMAIN = osf_settings.API_DOMAIN
 
 if DEBUG:
     INSTALLED_APPS += ('debug_toolbar', 'nplusone.ext.django',)

admin/base/settings/local-dist.py

@@ -1,3 +1,8 @@
 ## The default development email backend is the django console backend, as set in
 ## defaults.py. If you wish to enable sendgrid, uncomment the following line:
 # EMAIL_BACKEND = 'sendgrid_backend.SendgridBackend'
+ALLOWED_HOSTS = [
+    '.osf.io',
+    'localhost:8001',
+    'localhost',
+]

api/base/settings/defaults.py

@@ -14,7 +14,7 @@
 
 from corsheaders.defaults import default_headers
 
-from website import settings as osf_settings
+from website.settings import *  # noqa: F403
 
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
 # Quick-start development settings - unsuitable for production
@@ -43,32 +43,26 @@
 
 AUTH_USER_MODEL = 'osf.OSFUser'
 
-# SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = osf_settings.SECRET_KEY
-
 AUTHENTICATION_BACKENDS = (
     'api.base.authentication.backends.ODMBackend',
     'guardian.backends.ObjectPermissionBackend',
 )
 
+DEBUG = DEBUG_MODE
 # SECURITY WARNING: don't run with debug turned on in production!
-DEV_MODE = osf_settings.DEV_MODE
-DEBUG = osf_settings.DEBUG_MODE
 DEBUG_PROPAGATE_EXCEPTIONS = True
 
 # session:
-SESSION_COOKIE_NAME = osf_settings.COOKIE_NAME
-SESSION_COOKIE_SECURE = osf_settings.SECURE_MODE
-SESSION_COOKIE_HTTPONLY = osf_settings.SESSION_COOKIE_HTTPONLY
-SESSION_COOKIE_SAMESITE = osf_settings.SESSION_COOKIE_SAMESITE
+SESSION_COOKIE_NAME = COOKIE_NAME
+SESSION_COOKIE_SECURE = SECURE_MODE
 SESSION_COOKIE_AGE = 2592000  # 30 days in seconds
 SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
 SESSION_CACHE_ALIAS = 'redis'
 
 # csrf:
 CSRF_COOKIE_NAME = 'api-csrf'
-CSRF_COOKIE_SECURE = osf_settings.SECURE_MODE
-CSRF_COOKIE_HTTPONLY = osf_settings.SECURE_MODE
+CSRF_COOKIE_SECURE = SECURE_MODE
+CSRF_COOKIE_HTTPONLY = SECURE_MODE
 
 ALLOWED_HOSTS = [
     '.osf.io',
@@ -121,7 +115,7 @@
 )
 
 # local development using https
-if osf_settings.SECURE_MODE and DEBUG:
+if SECURE_MODE and DEBUG:
     INSTALLED_APPS += ('sslserver',)
 
 BULK_SETTINGS = {
@@ -202,9 +196,7 @@
 # Settings related to CORS Headers addon: allow API to receive authenticated requests from OSF
 # CORS plugin only matches based on "netloc" part of URL, so as workaround we add that to the list
 CORS_ORIGIN_ALLOW_ALL = False
-CORS_ORIGIN_WHITELIST = (
-    osf_settings.DOMAIN.rstrip('/'),
-)
+CORS_ORIGIN_WHITELIST = DOMAIN.rstrip('/'),
 # This needs to remain True to allow cross origin requests that are in CORS_ORIGIN_WHITELIST to
 # use cookies.
 CORS_ALLOW_CREDENTIALS = True
@@ -270,7 +262,7 @@
     DEFAULT_FILE_STORAGE = 'api.base.storage.RequestlessURLGoogleCloudStorage'
     GS_BUCKET_NAME = os.environ.get('GS_BUCKET_NAME', 'cos-osf-stage-cdn-us')
     GS_FILE_OVERWRITE = os.environ.get('GS_FILE_OVERWRITE', False)
-elif osf_settings.DEV_MODE or osf_settings.DEBUG_MODE:
+elif DEV_MODE or DEBUG_MODE:
     DEFAULT_FILE_STORAGE = 'api.base.storage.DevFileSystemStorage'
 
 # https://docs.djangoproject.com/en/1.8/howto/static-files/
@@ -281,18 +273,12 @@
 API_PRIVATE_BASE = '_/'
 STATIC_URL = '/static/'
 
-NODE_CATEGORY_MAP = osf_settings.NODE_CATEGORY_MAP
 
 DEBUG_TRANSACTIONS = DEBUG
 
 JWT_SECRET = b'osf_api_cas_login_jwt_secret_32b'
 JWE_SECRET = b'osf_api_cas_login_jwe_secret_32b'
 
-ENABLE_VARNISH = osf_settings.ENABLE_VARNISH
-ENABLE_ESI = osf_settings.ENABLE_ESI
-VARNISH_SERVERS = osf_settings.VARNISH_SERVERS
-ESI_MEDIA_TYPES = osf_settings.ESI_MEDIA_TYPES
-
 ADDONS_FOLDER_CONFIGURABLE = ['box', 'dropbox', 's3', 'googledrive', 'figshare', 'owncloud', 'onedrive']
 ADDONS_OAUTH = ADDONS_FOLDER_CONFIGURABLE + ['dataverse', 'github', 'bitbucket', 'gitlab', 'mendeley', 'zotero', 'forward', 'boa']
 

api/comments/serializers.py

@@ -8,7 +8,7 @@
 from rest_framework.exceptions import ValidationError, PermissionDenied
 from api.base.exceptions import InvalidModelValueError, Conflict
 from api.base.utils import absolute_reverse
-from api.base.settings import osf_settings
+from website import settings as osf_settings
 from api.base.serializers import (
     JSONAPISerializer,
     TargetField,

api_tests/comments/views/test_comment_detail.py

@@ -4,7 +4,7 @@
 
 from addons.wiki.tests.factories import WikiFactory
 from api.base.settings.defaults import API_BASE
-from api.base.settings import osf_settings
+from website import settings as osf_settings
 from api_tests import utils as test_utils
 from framework.auth import core
 from osf.models import Guid

api_tests/nodes/views/test_node_comments_list.py

@@ -1,7 +1,7 @@
 import pytest
 
 from addons.wiki.tests.factories import WikiFactory
-from api.base.settings import osf_settings
+from website import settings as osf_settings
 from api.base.settings.defaults import API_BASE
 from api_tests import utils as test_utils
 from framework.auth import core