From 89f6aee8147e36e2b940ca2d3033a8e24dde43b7 Mon Sep 17 00:00:00 2001 From: mb-wali Date: Wed, 26 May 2021 12:02:53 +0200 Subject: [PATCH] migrate: invenioRDM v4 deb: bump in app-rdm --- invenio_config_tugraz/config.py | 28 +++++-------- invenio_config_tugraz/rdm_permissions.py | 52 ++++++++++++------------ setup.py | 2 +- 3 files changed, 38 insertions(+), 44 deletions(-) diff --git a/invenio_config_tugraz/config.py b/invenio_config_tugraz/config.py index 06af9f3..0664964 100644 --- a/invenio_config_tugraz/config.py +++ b/invenio_config_tugraz/config.py @@ -54,8 +54,6 @@ APP_DEFAULT_SECURE_HEADERS = { "'unsafe-eval'", "blob:", "ub-support.tugraz.at", # zammad contact form - "api.datacite.org/dois", # datacite - "api.test.datacite.org/dois", # datacite test ], }, "content_security_policy_report_only": False, @@ -113,19 +111,22 @@ Set this to False when sending actual emails. # =========== # See https://invenio-userprofiles.readthedocs.io/en/latest/configuration.html -USERPROFILES_EXTEND_SECURITY_FORMS = False +USERPROFILES_EXTEND_SECURITY_FORMS = True """Set True in order to register user_profile. This also forces user to add username and fullname when register. """ -USERPROFILES_EMAIL_ENABLED = False +USERPROFILES_EMAIL_ENABLED = True """Exclude the user email in the profile form.""" -# Invenio-shibboleth +USERPROFILES_READ_ONLY = True +"""Allow users to change profile info (name, email, etc...).""" + +# Invenio-saml # =========== -# See https://invenio-shibboleth.readthedocs.io/en/latest/configuration.html +# See https://invenio-saml.readthedocs.io/en/latest/configuration.html SSO_SAML_IDPS = {} """Configuration of IDPS. Actual values can be find in to invenio.cfg file""" @@ -153,13 +154,16 @@ SSO_SAML_DEFAULT_SLS_ROUTE = "/sls/" # =========== # See https://invenio-accounts.readthedocs.io/en/latest/configuration.html +ACCOUNTS_LOCAL_LOGIN_ENABLED = True +"""Allow local login.""" + SECURITY_CHANGEABLE = False """Allow password change by users.""" SECURITY_RECOVERABLE = False """Allow password recovery by users.""" -SECURITY_REGISTERABLE = False +SECURITY_REGISTERABLE = True """"Allow users to register. With this variable set to "False" users will not be @@ -228,16 +232,6 @@ password from ``users.yaml`` will be used. If that is also absent, a password will be generated randomly. """ -# Custom Access Right -# RDM_RECORDS_CUSTOM_VOCABULARIES = { -# 'access_right': { -# 'path': join( -# dirname(abspath(__file__)), -# 'restrictions', 'access_right', 'access_right_limit.csv' -# ) -# } -# } - # Invenio-app-rdm # ========================= # See https://github.com/inveniosoftware/invenio-app-rdm/blob/master/invenio_app_rdm/config.py diff --git a/invenio_config_tugraz/rdm_permissions.py b/invenio_config_tugraz/rdm_permissions.py index d15e2cb..714d171 100644 --- a/invenio_config_tugraz/rdm_permissions.py +++ b/invenio_config_tugraz/rdm_permissions.py @@ -53,34 +53,34 @@ Using Custom Generator for a policy: Permissions for Invenio (RDM) Records. """ -from invenio_rdm_records.services import RDMRecordPermissionPolicy -from invenio_rdm_records.services.config import RDMRecordServiceConfig -from invenio_rdm_records.services.generators import IfDraft, IfRestricted, RecordOwners -from invenio_records_permissions.generators import ( - Admin, - AnyUser, - AuthenticatedUser, - Disable, - SuperUser, - SystemProcess, -) +# from invenio_rdm_records.services import RDMRecordPermissionPolicy +# from invenio_rdm_records.services.config import RDMRecordServiceConfig +# from invenio_rdm_records.services.generators import IfDraft, IfRestricted, RecordOwners +# from invenio_records_permissions.generators import ( +# Admin, +# AnyUser, +# AuthenticatedUser, +# Disable, +# SuperUser, +# SystemProcess, +# ) -class TUGRAZPermissionPolicy(RDMRecordPermissionPolicy): - """Access control configuration for rdm records. +# class TUGRAZPermissionPolicy(RDMRecordPermissionPolicy): +# """Access control configuration for rdm records. - This overrides the origin: - https://github.com/inveniosoftware/invenio-rdm-records/blob/master/invenio_rdm_records/services/permissions.py. - Access control configuration for records. - Note that even if the array is empty, the invenio_access Permission class - always adds the ``superuser-access``, so admins will always be allowed. - - Create action given to everyone for now. - - Read access given to everyone if public record and given to owners - always. (inherited) - - Update access given to record owners. (inherited) - - Delete access given to admins only. (inherited) - """ +# This overrides the origin: +# https://github.com/inveniosoftware/invenio-rdm-records/blob/master/invenio_rdm_records/services/permissions.py. +# Access control configuration for records. +# Note that even if the array is empty, the invenio_access Permission class +# always adds the ``superuser-access``, so admins will always be allowed. +# - Create action given to everyone for now. +# - Read access given to everyone if public record and given to owners +# always. (inherited) +# - Update access given to record owners. (inherited) +# - Delete access given to admins only. (inherited) +# """ -class TUGRAZRDMRecordServiceConfig(RDMRecordServiceConfig): - """Overriding BibliographicRecordServiceConfig.""" +# class TUGRAZRDMRecordServiceConfig(RDMRecordServiceConfig): +# """Overriding BibliographicRecordServiceConfig.""" diff --git a/setup.py b/setup.py index 4caf9f6..f02de30 100644 --- a/setup.py +++ b/setup.py @@ -54,7 +54,7 @@ setup_requires = [ install_requires = [ "Flask-BabelEx>=0.9.4", # keep this in sync with invenioRDM release - "invenio_app_rdm==3.0.0", + "invenio_app_rdm==4.0.0", ] packages = find_packages()