From e1c789d8e302037cca657fdfe76471ff9146b267 Mon Sep 17 00:00:00 2001 From: Bradlee Speice Date: Fri, 18 Oct 2013 22:42:08 -0400 Subject: [PATCH] Remove the settings.py file (for security) Also get the rate lot totally working --- .gitignore | 1 + uncc_gameday/gameday/models.py | 2 +- uncc_gameday/gameday/views.py | 3 +- uncc_gameday/uncc_gameday/settings.py | 161 -------------------------- 4 files changed, 4 insertions(+), 163 deletions(-) delete mode 100755 uncc_gameday/uncc_gameday/settings.py diff --git a/.gitignore b/.gitignore index 991e24d..46a5e73 100644 --- a/.gitignore +++ b/.gitignore @@ -7,3 +7,4 @@ include/ lib/ local/ .codeintel/ +uncc_gameday/uncc_gameday/settings.py diff --git a/uncc_gameday/gameday/models.py b/uncc_gameday/gameday/models.py index 392704c..cdab57c 100755 --- a/uncc_gameday/gameday/models.py +++ b/uncc_gameday/gameday/models.py @@ -84,6 +84,6 @@ class ParkingRating(models.Model): RATING_FULL: 100, } - rating = models.CharField(max_length=10, choices=RATING_CHOICES) + rating = models.CharField(max_length=3, choices=RATING_CHOICES) created = models.DateTimeField(default=datetime.now) parking_lot = models.ForeignKey(ParkingLot) diff --git a/uncc_gameday/gameday/views.py b/uncc_gameday/gameday/views.py index 5689938..ee6f774 100755 --- a/uncc_gameday/gameday/views.py +++ b/uncc_gameday/gameday/views.py @@ -8,6 +8,7 @@ from rest_framework.decorators import api_view from django.core.urlresolvers import reverse from django.shortcuts import get_object_or_404 +from django.views.decorators.csrf import csrf_exempt @api_view(('GET',)) def api_root(request): @@ -33,7 +34,6 @@ class SingleParkingLotList(APIView): """ def get(self, request, lot): - print "Received lot: '" + lot + "'" parking_lot = get_object_or_404(ParkingLot, location=lot) return Response(ParkingLotSerializer(parking_lot).data) @@ -44,6 +44,7 @@ class RateLot(APIView): **POST**: Rate a parking lot """ + @csrf_exempt def post(self, request): 'Rate a parking lot' rating = ParkingRatingSerializer(data=request.DATA) diff --git a/uncc_gameday/uncc_gameday/settings.py b/uncc_gameday/uncc_gameday/settings.py deleted file mode 100755 index 0c9adee..0000000 --- a/uncc_gameday/uncc_gameday/settings.py +++ /dev/null @@ -1,161 +0,0 @@ -# Django settings for uncc_gameday project. - -DEBUG = True -TEMPLATE_DEBUG = DEBUG - -ADMINS = ( - # ('Your Name', 'your_email@example.com'), -) - -MANAGERS = ADMINS - -DATABASES = { - 'default': { - 'ENGINE': 'django.db.backends.sqlite3', # Add 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'. - 'NAME': '/home/bspeice/github/UNCCGameDay-Server/uncc_gameday/gameday.sqlite', # Or path to database file if using sqlite3. - # The following settings are not used with sqlite3: - 'USER': '', - 'PASSWORD': '', - 'HOST': '', # Empty for localhost through domain sockets or '127.0.0.1' for localhost through TCP. - 'PORT': '', # Set to empty string for default. - } -} - -# Hosts/domain names that are valid for this site; required if DEBUG is False -# See https://docs.djangoproject.com/en/1.5/ref/settings/#allowed-hosts -ALLOWED_HOSTS = [] - -# Local time zone for this installation. Choices can be found here: -# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name -# although not all choices may be available on all operating systems. -# In a Windows environment this must be set to your system time zone. -TIME_ZONE = 'America/New_York' - -# Language code for this installation. All choices can be found here: -# http://www.i18nguy.com/unicode/language-identifiers.html -LANGUAGE_CODE = 'en-us' - -SITE_ID = 1 - -# If you set this to False, Django will make some optimizations so as not -# to load the internationalization machinery. -USE_I18N = True - -# If you set this to False, Django will not format dates, numbers and -# calendars according to the current locale. -USE_L10N = True - -# If you set this to False, Django will not use timezone-aware datetimes. -USE_TZ = True - -# Absolute filesystem path to the directory that will hold user-uploaded files. -# Example: "/var/www/example.com/media/" -MEDIA_ROOT = '' - -# URL that handles the media served from MEDIA_ROOT. Make sure to use a -# trailing slash. -# Examples: "http://example.com/media/", "http://media.example.com/" -MEDIA_URL = '' - -# Absolute path to the directory static files should be collected to. -# Don't put anything in this directory yourself; store your static files -# in apps' "static/" subdirectories and in STATICFILES_DIRS. -# Example: "/var/www/example.com/static/" -STATIC_ROOT = '' - -# URL prefix for static files. -# Example: "http://example.com/static/", "http://static.example.com/" -STATIC_URL = '/static/' - -# Additional locations of static files -STATICFILES_DIRS = ( - # Put strings here, like "/home/html/static" or "C:/www/django/static". - # Always use forward slashes, even on Windows. - # Don't forget to use absolute paths, not relative paths. -) - -# List of finder classes that know how to find static files in -# various locations. -STATICFILES_FINDERS = ( - 'django.contrib.staticfiles.finders.FileSystemFinder', - 'django.contrib.staticfiles.finders.AppDirectoriesFinder', -# 'django.contrib.staticfiles.finders.DefaultStorageFinder', -) - -# Make this unique, and don't share it with anybody. -SECRET_KEY = 'yrp=*6lvw_il!+(vop&kxqki42-s2gbcdy-o548^&r@g@tn4^p' - -# List of callables that know how to import templates from various sources. -TEMPLATE_LOADERS = ( - 'django.template.loaders.filesystem.Loader', - 'django.template.loaders.app_directories.Loader', -# 'django.template.loaders.eggs.Loader', -) - -MIDDLEWARE_CLASSES = ( - 'django.middleware.common.CommonMiddleware', - 'django.contrib.sessions.middleware.SessionMiddleware', - 'django.middleware.csrf.CsrfViewMiddleware', - 'django.contrib.auth.middleware.AuthenticationMiddleware', - 'django.contrib.messages.middleware.MessageMiddleware', - # Uncomment the next line for simple clickjacking protection: - # 'django.middleware.clickjacking.XFrameOptionsMiddleware', -) - -ROOT_URLCONF = 'uncc_gameday.urls' - -# Python dotted path to the WSGI application used by Django's runserver. -WSGI_APPLICATION = 'uncc_gameday.wsgi.application' - -TEMPLATE_DIRS = ( - # Put strings here, like "/home/html/django_templates" or "C:/www/django/templates". - # Always use forward slashes, even on Windows. - # Don't forget to use absolute paths, not relative paths. -) - -INSTALLED_APPS = ( - #'django.contrib.auth', - #'django.contrib.contenttypes', - #'django.contrib.sessions', - #'django.contrib.sites', - #'django.contrib.messages', - 'django.contrib.staticfiles', - # Uncomment the next line to enable the admin: - # 'django.contrib.admin', - # Uncomment the next line to enable admin documentation: - # 'django.contrib.admindocs', - 'rest_framework', - - 'gameday', -) - -SESSION_SERIALIZER = 'django.contrib.sessions.serializers.JSONSerializer' - -# A sample logging configuration. The only tangible logging -# performed by this configuration is to send an email to -# the site admins on every HTTP 500 error when DEBUG=False. -# See http://docs.djangoproject.com/en/dev/topics/logging for -# more details on how to customize your logging configuration. -LOGGING = { - 'version': 1, - 'disable_existing_loggers': False, - 'filters': { - 'require_debug_false': { - '()': 'django.utils.log.RequireDebugFalse' - } - }, - 'handlers': { - 'mail_admins': { - 'level': 'ERROR', - 'filters': ['require_debug_false'], - 'class': 'django.utils.log.AdminEmailHandler' - } - }, - 'loggers': { - 'django.request': { - 'handlers': ['mail_admins'], - 'level': 'ERROR', - 'propagate': True, - }, - } -}