Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(api): set User.limit_domains to zero by default #862

Merged
merged 7 commits into from
Jan 8, 2024
Merged

feat(api): set User.limit_domains to zero by default #862

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
50b3ac8
fix(api): use corrects settings object
peterthomassen Jan 8, 2024
4c3a984
feat(api): reduce User.limit_domains to 1 by default
peterthomassen Dec 26, 2023
4026c8c
feat(api): allow disabling LPS domain registration during sign-up
peterthomassen Dec 26, 2023
3570ef1
feat(webapp): clarify privacy policy scope
peterthomassen Jan 2, 2024
66c9056
chore(deps): update coverage requirement from ~=7.3.2 to ~=7.4.0 in /api
dependabot[bot] Jan 1, 2024
cc6f2fb
chore(deps): update psycopg requirement in /api
dependabot[bot] Jan 8, 2024
68d20ca
chore(deps): update django requirement from ~=5.0.0 to ~=5.0.1 in /api
dependabot[bot] Jan 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 6 additions & 1 deletion api/api/settings.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -217,11 +217,16 @@
MINIMUM_TTL_DEFAULT = int(os.environ["DESECSTACK_MINIMUM_TTL_DEFAULT"])
MAXIMUM_TTL = 86400
AUTH_USER_MODEL = "desecapi.User"
LIMIT_USER_DOMAIN_COUNT_DEFAULT = 15
LIMIT_USER_DOMAIN_COUNT_DEFAULT = int(
os.environ.get("DESECSTACK_API_LIMIT_USER_DOMAIN_COUNT_DEFAULT", "1")
)
USER_ACTIVATION_REQUIRED = True
VALIDITY_PERIOD_VERIFICATION_SIGNATURE = timedelta(
hours=int(os.environ.get("DESECSTACK_API_AUTHACTION_VALIDITY", "0"))
)
REGISTER_LPS_ON_SIGNUP = bool(
int(os.environ.get("DESECSTACK_API_REGISTER_LPS_ON_SIGNUP", "1"))
)

# CAPTCHA
CAPTCHA_VALIDITY_PERIOD = timedelta(hours=24)
Expand Down
2 changes: 2 additions & 0 deletions api/api/settings_quick_test.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,4 +36,6 @@
# Carry email backend connection over to test mail outbox
CELERY_EMAIL_MESSAGE_EXTRA_ATTRIBUTES = ["connection"]

LIMIT_USER_DOMAIN_COUNT_DEFAULT = 15

PCH_API = "http://api.invalid"
5 changes: 1 addition & 4 deletions api/desecapi/management/commands/limit.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,6 @@
from django.core.management import BaseCommand, CommandError
from django.db.models import Q

from api import settings
from desecapi.models import RRset, Domain, User
from desecapi.pdns_change_tracker import PDNSChangeTracker
from desecapi.models import Domain, User


class Command(BaseCommand):
Expand Down
2 changes: 1 addition & 1 deletion api/desecapi/management/commands/stop-abuse.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
import dns.resolver
from django.conf import settings
from django.core.management import BaseCommand
from django.db.models import Q

from api import settings
from desecapi.models import BlockedSubnet, Domain, RR, RRset, User
from desecapi.pdns_change_tracker import PDNSChangeTracker

Expand Down
2 changes: 1 addition & 1 deletion api/desecapi/serializers/authenticated_actions.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,11 @@
import json
from datetime import timedelta

from django.conf import settings
from rest_framework import fields, serializers
from rest_framework.settings import api_settings
from rest_framework.validators import UniqueValidator, qs_filter

from api import settings
from desecapi import crypto, models

from .captcha import CaptchaSolutionSerializer
Expand Down
2 changes: 1 addition & 1 deletion api/desecapi/serializers/captcha.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@

from captcha.audio import AudioCaptcha
from captcha.image import ImageCaptcha
from django.conf import settings
from rest_framework import serializers

from api import settings
from desecapi.models import Captcha


Expand Down
2 changes: 1 addition & 1 deletion api/desecapi/serializers/domains.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
import dns.name
import dns.zone
from django.conf import settings
from rest_framework import serializers

from api import settings
from desecapi.models import Domain, RR_SET_TYPES_AUTOMATIC
from desecapi.validators import ReadOnlyOnUpdateValidator

Expand Down
2 changes: 1 addition & 1 deletion api/desecapi/serializers/records.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
import django.core.exceptions
import dns.name
import dns.zone
from django.conf import settings
from django.core.validators import MinValueValidator
from django.db.models import F, Q
from django.utils import timezone
Expand All @@ -11,7 +12,6 @@
from rest_framework.settings import api_settings
from rest_framework.validators import UniqueTogetherValidator

from api import settings
from desecapi import metrics, models, validators


Expand Down
8 changes: 8 additions & 0 deletions api/desecapi/serializers/users.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
from django.conf import settings
from django.contrib.auth.password_validation import validate_password
from rest_framework import serializers

Expand Down Expand Up @@ -83,6 +84,13 @@ def validate_domain(self, value):
serializer.default_error_messages["name_unavailable"],
code="name_unavailable",
)
if (
not settings.REGISTER_LPS_ON_SIGNUP
and DomainSerializer.Meta.model(name=value).is_locally_registrable
):
raise serializers.ValidationError(
"Registration during sign-up disabled; please create account without a domain name.",
)
return value

def create(self, validated_data):
Expand Down
2 changes: 1 addition & 1 deletion api/desecapi/tests/test_captcha.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,13 @@
from unittest import mock

from PIL import Image
from django.conf import settings
from django.test import TestCase
from django.utils import timezone
from rest_framework import status
from rest_framework.reverse import reverse
from rest_framework.test import APIClient

from api import settings
from desecapi.models import Captcha
from desecapi.serializers import CaptchaSolutionSerializer
from desecapi.tests.base import DesecTestCase
Expand Down
2 changes: 1 addition & 1 deletion api/desecapi/tests/test_stop_abuse.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
from django.conf import settings
from django.core import management

from api import settings
from desecapi import models
from desecapi.tests.base import DomainOwnerTestCase

Expand Down
2 changes: 1 addition & 1 deletion api/desecapi/tests/test_user_management.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
from urllib.parse import urlparse

from django.contrib.auth.hashers import is_password_usable
from django.conf import settings
from django.core import mail
from django.core.management import call_command
from django.urls import resolve
Expand All @@ -29,7 +30,6 @@
from rest_framework.reverse import reverse
from rest_framework.test import APIClient

from api import settings
from desecapi.models import Domain, User, Captcha
from desecapi.tests.base import (
DesecTestCase,
Expand Down
6 changes: 3 additions & 3 deletions api/requirements.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
captcha~=0.5.0
celery~=5.3.6
coverage~=7.3.2
coverage~=7.4.0
cryptography~=41.0.7
Django~=5.0.0
Django~=5.0.1
django-cors-headers~=4.3.1
djangorestframework~=3.14.0
django-celery-email~=3.0.0
Expand All @@ -12,7 +12,7 @@ django-prometheus~=2.3.1
dnspython~=2.4.2
httpretty~=1.0.5 # 1.1 breaks tests. Does not run in production, so stick to it.
pyotp~=2.9.0
psycopg~=3.1.14
psycopg~=3.1.17
psl-dns~=1.1.0
pylibmc~=1.6.3
pyyaml~=6.0.1
Expand Down
8 changes: 8 additions & 0 deletions www/webapp/src/views/HomePage.vue
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -487,6 +487,14 @@ export default {
"have not expired in the meantime are now working when opened. Direct login to the web interface and " +
"deSEC DNS operations were not affected.",
},
{
id: 'news-20231226001',
start: new Date(Date.UTC(2023, 12 - 1, 26)), // first day of showing
end: new Date(Date.UTC(2024, 1 - 1, 8)), // first day of not showing
icon: 'mdi-heart-broken',
teaser: "Due to a recent spike in abusive domain registrations, new accounts need manual verification before " +
"domains can be created. Please contact support explaining your use case to enable domain creation.",
},
],
})
}
Expand Down
4 changes: 4 additions & 0 deletions www/webapp/src/views/PrivacyPolicy.vue
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,10 @@
<v-row class="pt-8">
<v-col class="text-center">
<h1>Privacy Policy</h1>
<p>
This privacy policy applies to web content at desec.io. Our forum has a
<a href="https://talk.desec.io/privacy">separate privacy policy</a>.
</p>
</v-col>
</v-row>
<v-row class="pb-8">
Expand Down
Loading