[sso-admin] Fix import and config issues

FileStorage is in werkzeug.datastructures, this didn't get caught by
mypy due to lack of type hints.

AdminFlaskApp now loads the configuration earlier, otherwise the
connection to other systems gets started with the wrong values.
While there, use .update since values from the environment are exactly what
we want to be using and the way it was written, they are expected to be
set up.

We also had swapped creation of the admin.lib.admin.Admin object and
processing admin.lib.postup.Postup; which loads some secrets needed for
moodle.
Xnet-DigitalDemocratic-main-patch-41273
Evilham 2022-07-29 19:34:59 +02:00
parent 64c0869e46
commit 4421c5a5df
No known key found for this signature in database
GPG Key ID: AE3EE30D970886BF
2 changed files with 17 additions and 28 deletions

View File

@ -74,11 +74,9 @@ class AdminFlaskApp(Flask):
def __init__(self, *args: Any, **kwargs: Any): def __init__(self, *args: Any, **kwargs: Any):
super().__init__(*args, **kwargs) super().__init__(*args, **kwargs)
self.url_map.strict_slashes = False self.url_map.strict_slashes = False
from admin.lib.admin import Admin self._load_config()
self.admin = Admin(self)
# Minor setup tasks # Minor setup tasks
self._load_validators() self._load_validators()
self._load_config()
self._setup_routes() self._setup_routes()
setup_api_views(self) setup_api_views(self)
setup_app_views(self) setup_app_views(self)
@ -101,6 +99,9 @@ class AdminFlaskApp(Flask):
""" """
from admin.lib.postup import Postup from admin.lib.postup import Postup
Postup(self) Postup(self)
# This must happen after Postup since it, e.g. fetches moodle secrets
from admin.lib.admin import Admin
self.admin = Admin(self)
def json_route(self, rule: str, **options: Any) -> Callable[..., OptionalJsonResponse]: def json_route(self, rule: str, **options: Any) -> Callable[..., OptionalJsonResponse]:
return self.route(rule, **options) # type: ignore # mypy issue #7187 return self.route(rule, **options) # type: ignore # mypy issue #7187
@ -136,30 +137,18 @@ class AdminFlaskApp(Flask):
f.write(secrets.token_hex()) f.write(secrets.token_hex())
self.secret_key = open(secret_key_file, "r").read() self.secret_key = open(secret_key_file, "r").read()
# Move on with ISARD's settings # Move on with settings from the environment
self.config.setdefault("DOMAIN", os.environ["DOMAIN"]) self.config.update({
self.config.setdefault( "DOMAIN": os.environ["DOMAIN"],
"KEYCLOAK_POSTGRES_USER", os.environ["KEYCLOAK_DB_USER"] "KEYCLOAK_POSTGRES_USER": os.environ["KEYCLOAK_DB_USER"],
) "KEYCLOAK_POSTGRES_PASSWORD": os.environ["KEYCLOAK_DB_PASSWORD"],
self.config.setdefault( "MOODLE_POSTGRES_USER": os.environ["MOODLE_POSTGRES_USER"],
"KEYCLOAK_POSTGRES_PASSWORD", os.environ["KEYCLOAK_DB_PASSWORD"] "MOODLE_POSTGRES_PASSWORD": os.environ["MOODLE_POSTGRES_PASSWORD"],
) "NEXTCLOUD_POSTGRES_USER": os.environ["NEXTCLOUD_POSTGRES_USER"],
self.config.setdefault( "NEXTCLOUD_POSTGRES_PASSWORD": os.environ["NEXTCLOUD_POSTGRES_PASSWORD"],
"MOODLE_POSTGRES_USER", os.environ["MOODLE_POSTGRES_USER"] "VERIFY": os.environ["VERIFY"] == "true",
) "API_SECRET": os.environ.get("API_SECRET"),
self.config.setdefault( })
"MOODLE_POSTGRES_PASSWORD", os.environ["MOODLE_POSTGRES_PASSWORD"]
)
self.config.setdefault(
"NEXTCLOUD_POSTGRES_USER", os.environ["NEXTCLOUD_POSTGRES_USER"]
)
self.config.setdefault(
"NEXTCLOUD_POSTGRES_PASSWORD", os.environ["NEXTCLOUD_POSTGRES_PASSWORD"]
)
self.config.setdefault(
"VERIFY", True if os.environ["VERIFY"] == "true" else False
)
self.config.setdefault("API_SECRET", os.environ.get("API_SECRET"))
except Exception as e: except Exception as e:
log.error(traceback.format_exc()) log.error(traceback.format_exc())
raise raise

View File

@ -34,7 +34,7 @@ from typing import TYPE_CHECKING, Any, Dict
if TYPE_CHECKING: if TYPE_CHECKING:
from admin.flaskapp import AdminFlaskApp from admin.flaskapp import AdminFlaskApp
from werkzeug import FileStorage from werkzeug.datastructures import FileStorage
class Dashboard: class Dashboard:
app : "AdminFlaskApp" app : "AdminFlaskApp"