arthexis 0.1.16__py3-none-any.whl → 0.1.28__py3-none-any.whl

config/settings_helpers.py

@@ -5,8 +5,12 @@ from __future__ import annotations
 import contextlib
 import ipaddress
 import os
+import socket
+import subprocess
+import urllib.error
+import urllib.request
 from pathlib import Path
-from typing import Mapping, MutableMapping
+from typing import Iterable, Mapping, MutableMapping
 
 from django.core.management.utils import get_random_secret_key
 from django.http import request as http_request
@@ -14,6 +18,7 @@ from django.http.request import split_domain_port
 
 
 __all__ = [
+    "discover_local_ip_addresses",
     "extract_ip_from_host",
     "install_validate_host_with_subnets",
     "load_secret_key",
@@ -78,6 +83,176 @@ def install_validate_host_with_subnets() -> None:
     http_request.validate_host = _patched
 
 
+def _normalize_candidate_ip(candidate: str) -> str | None:
+    """Return a normalized IP string when *candidate* is valid."""
+
+    if not candidate:
+        return None
+
+    normalized = strip_ipv6_brackets(candidate.strip())
+    if not normalized:
+        return None
+
+    # Drop IPv6 zone identifiers (for example ``fe80::1%eth0``)
+    if "%" in normalized:
+        normalized = normalized.split("%", 1)[0]
+
+    try:
+        return ipaddress.ip_address(normalized).compressed
+    except ValueError:
+        return None
+
+
+def _iter_command_addresses(command: Iterable[str]) -> Iterable[str]:
+    """Yield IP addresses parsed from a command's stdout."""
+
+    try:
+        result = subprocess.run(
+            list(command),
+            capture_output=True,
+            text=True,
+            check=False,
+            timeout=1.0,
+        )
+    except (FileNotFoundError, PermissionError, subprocess.SubprocessError):
+        return
+
+    if result.returncode != 0:
+        return
+
+    for token in result.stdout.split():
+        normalized = _normalize_candidate_ip(token)
+        if normalized:
+            yield normalized
+
+
+def _iter_ip_addr_show() -> Iterable[str]:
+    """Yield interface addresses from the ``ip`` command when available."""
+
+    commands = (
+        ("ip", "-o", "-4", "addr", "show"),
+        ("ip", "-o", "-6", "addr", "show"),
+    )
+
+    for command in commands:
+        try:
+            result = subprocess.run(
+                list(command),
+                capture_output=True,
+                text=True,
+                check=False,
+                timeout=1.0,
+            )
+        except (FileNotFoundError, PermissionError, subprocess.SubprocessError):
+            continue
+
+        if result.returncode != 0:
+            continue
+
+        for line in result.stdout.splitlines():
+            parts = line.split()
+            if len(parts) < 4:
+                continue
+            # ``<ifindex>: <ifname> <family> <address>/<prefix>``
+            address = parts[3].split("/", 1)[0]
+            normalized = _normalize_candidate_ip(address)
+            if normalized:
+                yield normalized
+
+
+def _iter_metadata_addresses(env: Mapping[str, str]) -> Iterable[str]:
+    """Yield IP addresses exposed by cloud metadata endpoints when available."""
+
+    disable_env = env.get("DISABLE_METADATA_IP_DISCOVERY", "")
+    if disable_env.strip().lower() in {"1", "true", "yes", "on"}:
+        return
+
+    if env.get("AWS_EC2_METADATA_DISABLED", "").strip().lower() in {"1", "true", "yes", "on"}:
+        return
+
+    endpoints = (
+        "http://169.254.169.254/latest/meta-data/local-ipv4",
+        "http://169.254.169.254/latest/meta-data/public-ipv4",
+        "http://169.254.169.254/latest/meta-data/local-ipv6",
+        "http://169.254.169.254/latest/meta-data/ipv6",
+    )
+
+    for endpoint in endpoints:
+        try:
+            with urllib.request.urlopen(endpoint, timeout=0.5) as response:
+                payload = response.read().decode("utf-8", "ignore").strip()
+        except (urllib.error.URLError, OSError, ValueError):
+            continue
+
+        if not payload:
+            continue
+
+        for line in payload.splitlines():
+            normalized = _normalize_candidate_ip(line)
+            if normalized:
+                yield normalized
+
+
+def discover_local_ip_addresses(
+    env: Mapping[str, str] | MutableMapping[str, str] | None = None,
+) -> set[str]:
+    """Return IP addresses associated with the current host.
+
+    The discovery process aggregates several lightweight heuristics so the
+    project continues to run even when specific mechanisms fail.  All
+    collectors are best-effort and errors are swallowed to avoid blocking
+    Django's startup.
+    """
+
+    if env is None:
+        env = os.environ
+
+    addresses: set[str] = set()
+
+    def _add(candidate: str | None) -> None:
+        normalized = _normalize_candidate_ip(candidate or "")
+        if normalized:
+            addresses.add(normalized)
+
+    for loopback in ("127.0.0.1", "::1"):
+        _add(loopback)
+
+    hostnames: list[str] = []
+    with contextlib.suppress(Exception):
+        hostnames.append(socket.gethostname())
+    with contextlib.suppress(Exception):
+        hostnames.append(socket.getfqdn())
+
+    for hostname in hostnames:
+        if not hostname:
+            continue
+
+        with contextlib.suppress(Exception):
+            _hostname, _aliases, addresses_list = socket.gethostbyname_ex(hostname)
+            for address in addresses_list:
+                _add(address)
+
+        with contextlib.suppress(Exception):
+            for info in socket.getaddrinfo(hostname, None):
+                if len(info) < 5:
+                    continue
+                sock_address = info[4]
+                if not sock_address:
+                    continue
+                _add(sock_address[0])
+
+    for address in _iter_ip_addr_show():
+        _add(address)
+
+    for address in _iter_command_addresses(("hostname", "-I")):
+        _add(address)
+
+    for address in _iter_metadata_addresses(env):
+        _add(address)
+
+    return addresses
+
+
 def load_secret_key(
     base_dir: Path,
     env: Mapping[str, str] | MutableMapping[str, str] | None = None,

config/urls.py

@@ -14,12 +14,15 @@ from django.conf import settings
 from django.conf.urls.static import static
 from django.contrib.staticfiles.urls import staticfiles_urlpatterns
 from django.contrib import admin
+from django.core.exceptions import AppRegistryNotReady, ImproperlyConfigured
+from django.db.utils import DatabaseError, OperationalError, ProgrammingError
 from django.urls import include, path
 import teams.admin  # noqa: F401
 from django.views.decorators.csrf import csrf_exempt
 from django.views.generic import RedirectView
 from django.views.i18n import set_language
 from django.utils.translation import gettext_lazy as _
+from django.http import Http404
 from core import views as core_views
 from core.admindocs import (
     CommandsView,
@@ -28,6 +31,44 @@ from core.admindocs import (
 )
 from pages import views as pages_views
 
+try:  # Gate optional GraphQL dependency for roles that do not install it
+    from api.views import EnergyGraphQLView
+except ModuleNotFoundError as exc:  # pragma: no cover - dependency intentionally optional
+    if exc.name in {"graphene_django", "graphene"}:
+        EnergyGraphQLView = None  # type: ignore[assignment]
+    else:  # pragma: no cover - unrelated import error
+        raise
+
+
+def _graphql_feature_enabled() -> bool:
+    """Return ``True`` when the GraphQL endpoint should be exposed."""
+
+    if EnergyGraphQLView is None:
+        return False
+
+    try:
+        from nodes.models import Node, NodeFeature
+    except (ModuleNotFoundError, AppRegistryNotReady, ImproperlyConfigured):
+        return True
+
+    try:
+        feature = NodeFeature.objects.filter(slug="graphql").first()
+    except (DatabaseError, OperationalError, ProgrammingError):
+        return True
+
+    if feature is None:
+        return True
+
+    try:
+        node = Node.get_local()
+    except (DatabaseError, OperationalError, ProgrammingError):
+        return True
+
+    if node and not node.has_feature("graphql"):
+        return False
+
+    return True
+
 admin.site.site_header = _("Constellation")
 admin.site.site_title = _("Constellation")
 
@@ -134,6 +175,11 @@ urlpatterns = [
         core_views.todo_done,
         name="todo-done",
     ),
+    path(
+        "admin/core/todos/<int:pk>/delete/",
+        core_views.todo_delete,
+        name="todo-delete",
+    ),
     path(
         "admin/core/todos/<int:pk>/snapshot/",
         core_views.todo_snapshot,
@@ -149,12 +195,34 @@ urlpatterns = [
         core_views.odoo_quote_report,
         name="odoo-quote-report",
     ),
+    path(
+        "admin/request-temp-password/",
+        core_views.request_temp_password,
+        name="admin-request-temp-password",
+    ),
     path("admin/", admin.site.urls),
     path("i18n/setlang/", csrf_exempt(set_language), name="set_language"),
-    path("api/", include("core.workgroup_urls")),
     path("", include("pages.urls")),
 ]
 
+_GRAPHQL_URLPOSITION = len(urlpatterns)
+
+
+if EnergyGraphQLView is not None:
+
+    class FeatureFlaggedGraphQLView(EnergyGraphQLView):
+        """GraphQL endpoint guarded by the node feature flag."""
+
+        def dispatch(self, request, *args, **kwargs):  # type: ignore[override]
+            if not _graphql_feature_enabled():
+                raise Http404()
+            return super().dispatch(request, *args, **kwargs)
+
+    urlpatterns.insert(
+        _GRAPHQL_URLPOSITION,
+        path("graphql/", FeatureFlaggedGraphQLView.as_view(), name="graphql"),
+    )
+
 urlpatterns += autodiscovered_urlpatterns()
 
 if settings.DEBUG: