arthexis 0.1.9__py3-none-any.whl → 0.1.11__py3-none-any.whl

core/apps.py

@@ -104,7 +104,11 @@ class CoreConfig(AppConfig):
 
         lock = Path(settings.BASE_DIR) / "locks" / "celery.lck"
 
+        from django.db.backends.signals import connection_created
+
         if lock.exists():
+            from .auto_upgrade import ensure_auto_upgrade_periodic_task
+            from django.db import DEFAULT_DB_ALIAS, connections
 
             def ensure_email_collector_task(**kwargs):
                 try:  # pragma: no cover - optional dependency
@@ -131,8 +135,32 @@ class CoreConfig(AppConfig):
                     pass
 
             post_migrate.connect(ensure_email_collector_task, sender=self)
+            post_migrate.connect(ensure_auto_upgrade_periodic_task, sender=self)
 
-        from django.db.backends.signals import connection_created
+            auto_upgrade_dispatch_uid = "core.apps.ensure_auto_upgrade_periodic_task"
+
+            def ensure_auto_upgrade_on_connection(**kwargs):
+                connection = kwargs.get("connection")
+                if connection is not None and connection.alias != "default":
+                    return
+
+                try:
+                    ensure_auto_upgrade_periodic_task()
+                finally:
+                    connection_created.disconnect(
+                        receiver=ensure_auto_upgrade_on_connection,
+                        dispatch_uid=auto_upgrade_dispatch_uid,
+                    )
+
+            connection_created.connect(
+                ensure_auto_upgrade_on_connection,
+                dispatch_uid=auto_upgrade_dispatch_uid,
+                weak=False,
+            )
+
+            default_connection = connections[DEFAULT_DB_ALIAS]
+            if default_connection.connection is not None:
+                ensure_auto_upgrade_on_connection(connection=default_connection)
 
         def enable_sqlite_wal(**kwargs):
             connection = kwargs.get("connection")

core/auto_upgrade.py

@@ -0,0 +1,57 @@
+"""Helpers for managing the auto-upgrade scheduler."""
+
+from __future__ import annotations
+
+from pathlib import Path
+
+from django.conf import settings
+
+
+AUTO_UPGRADE_TASK_NAME = "auto-upgrade-check"
+AUTO_UPGRADE_TASK_PATH = "core.tasks.check_github_updates"
+
+
+def ensure_auto_upgrade_periodic_task(
+    sender=None, *, base_dir: Path | None = None, **kwargs
+) -> None:
+    """Ensure the auto-upgrade periodic task exists.
+
+    The function is signal-safe so it can be wired to Django's
+    ``post_migrate`` hook. When called directly the ``sender`` and
+    ``**kwargs`` parameters are ignored.
+    """
+
+    del sender, kwargs  # Unused when invoked as a Django signal handler.
+
+    if base_dir is None:
+        base_dir = Path(settings.BASE_DIR)
+    else:
+        base_dir = Path(base_dir)
+
+    lock_dir = base_dir / "locks"
+    mode_file = lock_dir / "auto_upgrade.lck"
+    if not mode_file.exists():
+        return
+
+    try:  # pragma: no cover - optional dependency failures
+        from django_celery_beat.models import IntervalSchedule, PeriodicTask
+        from django.db.utils import OperationalError, ProgrammingError
+    except Exception:
+        return
+
+    mode = mode_file.read_text().strip() or "version"
+    interval_minutes = 5 if mode == "latest" else 10
+
+    try:
+        schedule, _ = IntervalSchedule.objects.get_or_create(
+            every=interval_minutes, period=IntervalSchedule.MINUTES
+        )
+        PeriodicTask.objects.update_or_create(
+            name=AUTO_UPGRADE_TASK_NAME,
+            defaults={
+                "interval": schedule,
+                "task": AUTO_UPGRADE_TASK_PATH,
+            },
+        )
+    except (OperationalError, ProgrammingError):  # pragma: no cover - DB not ready
+        return

core/backends.py

@@ -4,10 +4,65 @@ import contextlib
 import ipaddress
 import socket
 
+from django.conf import settings
 from django.contrib.auth import get_user_model
 from django.contrib.auth.backends import ModelBackend
+from django.core.exceptions import DisallowedHost
+from django.http.request import split_domain_port
+from django_otp.plugins.otp_totp.models import TOTPDevice
 
 from .models import EnergyAccount
+from . import temp_passwords
+
+
+TOTP_DEVICE_NAME = "authenticator"
+
+
+class TOTPBackend(ModelBackend):
+    """Authenticate using a TOTP code from an enrolled authenticator app."""
+
+    def authenticate(self, request, username=None, otp_token=None, **kwargs):
+        if not username or otp_token in (None, ""):
+            return None
+
+        token = str(otp_token).strip().replace(" ", "")
+        if not token:
+            return None
+
+        UserModel = get_user_model()
+        try:
+            user = UserModel._default_manager.get_by_natural_key(username)
+        except UserModel.DoesNotExist:
+            return None
+
+        if not user.is_active:
+            return None
+
+        device_qs = TOTPDevice.objects.filter(user=user, confirmed=True)
+        if TOTP_DEVICE_NAME:
+            device_qs = device_qs.filter(name=TOTP_DEVICE_NAME)
+
+        device = device_qs.order_by("-id").first()
+        if device is None:
+            return None
+
+        try:
+            verified = device.verify_token(token)
+        except Exception:
+            return None
+
+        if not verified:
+            return None
+
+        user.otp_device = device
+        return user
+
+    def get_user(self, user_id):
+        UserModel = get_user_model()
+        try:
+            return UserModel._default_manager.get(pk=user_id)
+        except UserModel.DoesNotExist:
+            return None
 
 
 class RFIDBackend:
@@ -69,15 +124,33 @@ def _collect_local_ip_addresses():
 class LocalhostAdminBackend(ModelBackend):
     """Allow default admin credentials only from local networks."""
 
-    _ALLOWED_NETWORKS = [
+    _ALLOWED_NETWORKS = (
         ipaddress.ip_network("::1/128"),
         ipaddress.ip_network("127.0.0.0/8"),
+        ipaddress.ip_network("10.42.0.0/16"),
         ipaddress.ip_network("192.168.0.0/16"),
-    ]
+    )
+    _CONTROL_ALLOWED_NETWORKS = (ipaddress.ip_network("10.0.0.0/8"),)
     _LOCAL_IPS = _collect_local_ip_addresses()
 
+    def _iter_allowed_networks(self):
+        yield from self._ALLOWED_NETWORKS
+        if getattr(settings, "NODE_ROLE", "") == "Control":
+            yield from self._CONTROL_ALLOWED_NETWORKS
+
     def authenticate(self, request, username=None, password=None, **kwargs):
         if username == "admin" and password == "admin" and request is not None:
+            try:
+                host = request.get_host()
+            except DisallowedHost:
+                return None
+            host, _port = split_domain_port(host)
+            if host.startswith("[") and host.endswith("]"):
+                host = host[1:-1]
+            try:
+                ipaddress.ip_address(host)
+            except ValueError:
+                return None
             forwarded = request.META.get("HTTP_X_FORWARDED_FOR")
             if forwarded:
                 remote = forwarded.split(",")[0].strip()
@@ -87,7 +160,7 @@ class LocalhostAdminBackend(ModelBackend):
                 ip = ipaddress.ip_address(remote)
             except ValueError:
                 return None
-            allowed = any(ip in net for net in self._ALLOWED_NETWORKS)
+            allowed = any(ip in net for net in self._iter_allowed_networks())
             if not allowed and ip in self._LOCAL_IPS:
                 allowed = True
             if not allowed:
@@ -100,6 +173,8 @@ class LocalhostAdminBackend(ModelBackend):
                     "is_superuser": True,
                 },
             )
+            if not created and not user.is_active:
+                return None
             arthexis_user = (
                 User.all_objects.filter(username="arthexis").exclude(pk=user.pk).first()
             )
@@ -122,3 +197,40 @@ class LocalhostAdminBackend(ModelBackend):
             return User.all_objects.get(pk=user_id)
         except User.DoesNotExist:
             return None
+
+
+class TempPasswordBackend(ModelBackend):
+    """Authenticate using a temporary password stored in a lockfile."""
+
+    def authenticate(self, request, username=None, password=None, **kwargs):
+        if not username or not password:
+            return None
+
+        UserModel = get_user_model()
+        manager = getattr(UserModel, "all_objects", UserModel._default_manager)
+        try:
+            user = manager.get_by_natural_key(username)
+        except UserModel.DoesNotExist:
+            return None
+
+        entry = temp_passwords.load_temp_password(user.username)
+        if entry is None:
+            return None
+        if entry.is_expired:
+            temp_passwords.discard_temp_password(user.username)
+            return None
+        if not entry.check_password(password):
+            return None
+
+        if not user.is_active:
+            user.is_active = True
+            user.save(update_fields=["is_active"])
+        return user
+
+    def get_user(self, user_id):
+        UserModel = get_user_model()
+        manager = getattr(UserModel, "all_objects", UserModel._default_manager)
+        try:
+            return manager.get(pk=user_id)
+        except UserModel.DoesNotExist:
+            return None

core/environment.py

@@ -9,22 +9,35 @@ from django.urls import path
 from django.utils.translation import gettext_lazy as _
 
 
-def _environment_view(request):
-    env_vars = sorted(os.environ.items())
-    django_settings = sorted(
+def _get_django_settings():
+    return sorted(
         [(name, getattr(settings, name)) for name in dir(settings) if name.isupper()]
     )
+
+
+def _environment_view(request):
+    env_vars = sorted(os.environ.items())
     context = admin.site.each_context(request)
     context.update(
         {
-            "title": _("Environment"),
+            "title": _("Environ"),
             "env_vars": env_vars,
-            "django_settings": django_settings,
         }
     )
     return TemplateResponse(request, "admin/environment.html", context)
 
 
+def _config_view(request):
+    context = admin.site.each_context(request)
+    context.update(
+        {
+            "title": _("Config"),
+            "django_settings": _get_django_settings(),
+        }
+    )
+    return TemplateResponse(request, "admin/config.html", context)
+
+
 def patch_admin_environment_view() -> None:
     """Add custom admin view for environment information."""
     original_get_urls = admin.site.get_urls
@@ -37,6 +50,11 @@ def patch_admin_environment_view() -> None:
                 admin.site.admin_view(_environment_view),
                 name="environment",
             ),
+            path(
+                "config/",
+                admin.site.admin_view(_config_view),
+                name="config",
+            ),
         ]
         return custom + urls
 

core/fields.py

@@ -1,5 +1,10 @@
+from dataclasses import dataclass
+import re
+import sqlite3
+
 from django.db import models
 from django.db.models.fields import DeferredAttribute
+from django.utils.translation import gettext_lazy as _
 
 
 class _BaseSigilDescriptor(DeferredAttribute):
@@ -73,3 +78,91 @@ class SigilShortAutoField(SigilAutoFieldMixin, models.CharField):
 
 class SigilLongAutoField(SigilAutoFieldMixin, models.TextField):
     pass
+
+
+class ConditionEvaluationError(Exception):
+    """Raised when a condition expression cannot be evaluated."""
+
+
+@dataclass
+class ConditionCheckResult:
+    """Represents the outcome of evaluating a condition field."""
+
+    passed: bool
+    resolved: str
+    error: str | None = None
+
+
+_COMMENT_PATTERN = re.compile(r"(--|/\*)")
+_FORBIDDEN_KEYWORDS = re.compile(
+    r"\b(ATTACH|DETACH|ALTER|ANALYZE|CREATE|DROP|INSERT|UPDATE|DELETE|REPLACE|"
+    r"VACUUM|TRIGGER|TABLE|INDEX|VIEW|PRAGMA|BEGIN|COMMIT|ROLLBACK|SAVEPOINT|WITH)\b",
+    re.IGNORECASE,
+)
+
+
+def _evaluate_sql_condition(expression: str) -> bool:
+    """Evaluate a SQL expression in an isolated SQLite connection."""
+
+    if ";" in expression:
+        raise ConditionEvaluationError(
+            _("Semicolons are not allowed in conditions."),
+        )
+    if _COMMENT_PATTERN.search(expression):
+        raise ConditionEvaluationError(
+            _("SQL comments are not allowed in conditions."),
+        )
+    match = _FORBIDDEN_KEYWORDS.search(expression)
+    if match:
+        raise ConditionEvaluationError(
+            _("Disallowed keyword in condition: %(keyword)s")
+            % {"keyword": match.group(1)},
+        )
+
+    try:
+        conn = sqlite3.connect(":memory:")
+        try:
+            conn.execute("PRAGMA trusted_schema = OFF")
+            conn.execute("PRAGMA foreign_keys = OFF")
+            try:
+                conn.enable_load_extension(False)
+            except AttributeError:
+                # ``enable_load_extension`` is not available on some platforms.
+                pass
+            cursor = conn.execute(
+                f"SELECT CASE WHEN ({expression}) THEN 1 ELSE 0 END"
+            )
+            row = cursor.fetchone()
+            return bool(row[0]) if row else False
+        finally:
+            conn.close()
+    except sqlite3.Error as exc:  # pragma: no cover - exact error message varies
+        raise ConditionEvaluationError(str(exc)) from exc
+
+
+class ConditionTextField(models.TextField):
+    """Field storing a conditional SQL expression resolved through [sigils]."""
+
+    def evaluate(self, instance) -> ConditionCheckResult:
+        """Evaluate the stored expression for ``instance``."""
+
+        value = self.value_from_object(instance)
+        if hasattr(instance, "resolve_sigils"):
+            resolved = instance.resolve_sigils(self.name)
+        else:
+            resolved = value
+
+        if resolved is None:
+            resolved_text = ""
+        else:
+            resolved_text = str(resolved)
+
+        resolved_text = resolved_text.strip()
+        if not resolved_text:
+            return ConditionCheckResult(True, resolved_text)
+
+        try:
+            passed = _evaluate_sql_condition(resolved_text)
+            return ConditionCheckResult(passed, resolved_text)
+        except ConditionEvaluationError as exc:
+            return ConditionCheckResult(False, resolved_text, str(exc))

core/mailer.py

@@ -61,7 +61,9 @@ def can_send_email() -> bool:
 
     from nodes.models import EmailOutbox  # imported lazily to avoid circular deps
 
-    has_outbox = EmailOutbox.objects.exclude(host="").exists()
+    has_outbox = (
+        EmailOutbox.objects.filter(is_enabled=True).exclude(host="").exists()
+    )
     if has_outbox:
         return True