settings_local.py.tmpl

# -*- coding: utf8 -*-
# This file is part of PyBossa.
#
# Copyright (C) 2013 SF Isle of Man Limited
#
# PyBossa is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# PyBossa is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with PyBossa.  If not, see <http://www.gnu.org/licenses/>.

# DEBUG = False

## host for local development
# HOST = '0.0.0.0'

## PORT used for local development, in production environment let nginx handle this
# PORT = 5000

## use SERVER_NAME instead of HOST for production environment with real URLs
# SERVER_NAME = 'somecoolurl.com'

SECRET = 'foobar'
SECRET_KEY = 'my-session-secret'

SQLALCHEMY_DATABASE_URI = 'postgresql://pybossa:tester@localhost/pybossa'

##Slave configuration for DB
#SQLALCHEMY_BINDS = {
#    'slave': 'postgresql://user:password@server/db'
#    'bulkdel': 'postgresql://suser:spassword@server/db'
#}

ITSDANGEROUSKEY = 'its-dangerous-key'

## project configuration
BRAND = 'PyBossa'
TITLE = 'PyBossa'
LOGO = 'default_logo.svg'
COPYRIGHT = 'Set Your Institution'
DESCRIPTION = 'Set the description in your config'
TERMSOFUSE = 'http://okfn.org/terms-of-use/'
DATAUSE = 'http://opendatacommons.org/licenses/by/'
CONTACT_EMAIL = 'info@pybossa.com'
CONTACT_TWITTER = 'PyBossa'

## Default number of projects per page
## APPS_PER_PAGE = 20

## External Auth providers
# TWITTER_CONSUMER_KEY=''
# TWITTER_CONSUMER_SECRET=''
# FACEBOOK_APP_ID=''
# FACEBOOK_APP_SECRET=''
# GOOGLE_CLIENT_ID=''
# GOOGLE_CLIENT_SECRET=''

## Supported Languages
## NOTE: You need to create a symbolic link to the translations folder, otherwise
## this wont work.
## ln -s pybossa/themes/your-theme/translations pybossa/translations
#DEFAULT_LOCALE = 'en'
#LOCALES = [('en', 'English'), ('es', u'Español'),
#           ('it', 'Italiano'), ('fr', u'Français'),
#           ('ja', u'日本語'),('pt_BR','Brazilian Portuguese')]


## list of administrator emails to which error emails get sent
# ADMINS = ['me@sysadmin.org']

## CKAN URL for API calls
#CKAN_NAME = "Demo CKAN server"
#CKAN_URL = "http://demo.ckan.org"


## logging config
# Sentry configuration
# SENTRY_DSN=''
## https://docs.python.org/2/library/logging.config.html#logging.config.dictConfig
# When logging to stdout, the python logs and uwsgi may be mixed together.  You
# can configure uwsgi to log only errors using, e.g., the ini configs:
#       log-4xx = true
#       log-5xx = true
#       disable-logging = true
# Also note that
#   app.logger == logging.getLogging(app.name)
# so to be sure to add the appropriate logger handlers.
# LOG_DICT_CONFIG = {
#     'version': 1,
#     'formatters': {
#         'default': {
#             'format': '%(name)s:%(levelname)s:[%(asctime)s] %(message)s [in %(pathname)s:%(lineno)d]',
#         }
#     },
#     'handlers': {
#         'log_file': {
#             'class': 'logging.handlers.RotatingFileHandler',
#             'filename': '/var/log/pybossa/pybossa.log',
#             'level': 'DEBUG',
#             'formatter': 'default'
#         },
#         'stdout': {
#             'class': 'logging.StreamHandler',
#             'stream': 'ext://sys.stdout',
#             'level': 'DEBUG',
#             'formatter': 'default'
#         }
#     },
#     'loggers': {
#         'pybossa': {
#             'level': 'DEBUG',
#             'handlers': ['stdout', 'log_file'],
#             'formatter': 'default'
#         }
#     }
# }

## Mail setup
MAIL_SERVER = 'localhost'
MAIL_USERNAME = None
MAIL_PASSWORD = None
MAIL_PORT = 25
MAIL_FAIL_SILENTLY = False
MAIL_DEFAULT_SENDER = 'PyBossa Support <info@pybossa.com>'

## Announcement messages
## Use any combination of the next type of messages: root, user, and app owners
## ANNOUNCEMENT = {'admin': 'Root Message', 'user': 'User Message', 'owner': 'Owner Message'}
ANNOUNCEMENT_LEVELS = {
    'admin': {'display': 'Admin', 'level': 0},
    'owner': {'display': 'Project Creator', 'level': 10},
    'subadmin': {'display': 'Subadmin', 'level': 20},
    'user': {'display': 'User', 'level': 30}
}
ANNOUNCEMENT_LEVEL_OPTIONS = [
    {'text': v['display'], 'value': v['level']} for k, v in ANNOUNCEMENT_LEVELS.iteritems()
]

## Enforce Privacy Mode, by default is disabled
## This config variable will disable all related user pages except for admins
## Stats, top users, leaderboard, etc
ENFORCE_PRIVACY = False


## Cache setup. By default it is enabled
## Redis Sentinel
# List of Sentinel servers (IP, port)
REDIS_SENTINEL = [('localhost', 26379)]
REDIS_MASTER = 'mymaster'
REDIS_DB = 0
REDIS_KEYPREFIX = 'pybossa_cache'
REDIS_MASTER_DNS = 'myredis.master.cache.dns.com'
REDIS_SLAVE_DNS = 'myredis.slave.cache.dns.com'
REDIS_PWD = 'hellothere'

## Allowed upload extensions
ALLOWED_EXTENSIONS = ['js', 'css', 'png', 'jpg', 'jpeg', 'gif', 'zip']

## If you want to use the local uploader configure which folder
UPLOAD_METHOD = 'local'
UPLOAD_FOLDER = 'uploads'

## If you want to use Rackspace for uploads, configure it here
# RACKSPACE_USERNAME = 'username'
# RACKSPACE_API_KEY = 'apikey'
# RACKSPACE_REGION = 'ORD'

## Default number of users shown in the leaderboard
# LEADERBOARD = 20

## Task presenter editor config
# PRESENTERS = ["basic", "image", "sound", "video", "map", "pdf"]
# S3_PRESENTER_BUCKET = "presenter-bucket"
# S3_PRESENTERS = {"presenter_name": "path/to/presenter.html"}
# DISABLE_TASK_PRESENTER_EDITOR = False

# Default Google Docs spreadsheet template tasks URLs
TEMPLATE_TASKS = {
    'image': "https://docs.google.com/spreadsheet/ccc?key=0AsNlt0WgPAHwdHFEN29mZUF0czJWMUhIejF6dWZXdkE&usp=sharing",
    'sound': "https://docs.google.com/spreadsheet/ccc?key=0AsNlt0WgPAHwdEczcWduOXRUb1JUc1VGMmJtc2xXaXc&usp=sharing",
    'video': "https://docs.google.com/spreadsheet/ccc?key=0AsNlt0WgPAHwdGZ2UGhxSTJjQl9YNVhfUVhGRUdoRWc&usp=sharing",
    'map': "https://docs.google.com/spreadsheet/ccc?key=0AsNlt0WgPAHwdGZnbjdwcnhKRVNlN1dGXy0tTnNWWXc&usp=sharing",
    'pdf': "https://docs.google.com/spreadsheet/ccc?key=0AsNlt0WgPAHwdEVVamc0R0hrcjlGdXRaUXlqRXlJMEE&usp=sharing"}

# Expiration time for password protected project cookies
PASSWD_COOKIE_TIMEOUT = 60 * 30

# Login settings
REMEMBER_COOKIE_NAME = 'gw_remember_token'
PERMANENT_SESSION_LIFETIME = 12 * 60

# Expiration time for account confirmation / password recovery links
ACCOUNT_LINK_EXPIRATION = 5 * 60 * 60

## Ratelimit configuration
# LIMIT = 300
# PER = 15 * 60

# Disable new account confirmation (via email)
ACCOUNT_CONFIRMATION_DISABLED = True

# Mailchimp API key
# MAILCHIMP_API_KEY = "your-key"
# MAILCHIMP_LIST_ID = "your-list-ID"

# Flickr API key and secret
# FLICKR_API_KEY = 'your-key'
# FLICKR_SHARED_SECRET = 'your-secret'

# Dropbox app key
# DROPBOX_APP_KEY = 'your-key'

# Send emails weekly update every
# WEEKLY_UPDATE_STATS = 'Sunday'

# Youtube API server key
# YOUTUBE_API_SERVER_KEY = 'your-key'

# Enable Server Sent Events
# WARNING: this will require to run PyBossa in async mode. Check the docs.
# WARNING: if you don't enable async when serving PyBossa, the server will lock
# WARNING: and it will not work. For this reason, it's disabled by default.
# SSE = False

# Add here any other ATOM feed that you want to get notified.
NEWS_URL = ['https://github.com/Scifabric/enki/releases.atom',
            'https://github.com/Scifabric/pybossa-client/releases.atom',
            'https://github.com/Scifabric/pbs/releases.atom']

# Pro user features. False will make the feature available to all regular users,
# while True will make it available only to pro users
PRO_FEATURES = {
    'auditlog':              True,
    'webhooks':              True,
    'updated_exports':       True,
    'notify_blog_updates':   True,
    'project_weekly_report': True,
    'autoimporter':          True,
    'better_stats':          True
}

# Libsass style. You can use nested, expanded, compact and compressed
LIBSASS_STYLE = 'compressed'

# CORS resources configuration.
# WARNING: Only modify this if you know what you are doing. The below config
# are the defaults, allowing PYBOSSA to have full CORS api.
# For more options, check the Flask-Cors documentation: https://flask-cors.readthedocs.io/en/latest/
# CORS_RESOURCES = {r"/api/*": {"origins": "*",
#                               "allow_headers": ['Content-Type',
#                                                 'Authorization'],
#                               "methods": "*"
#                               }}

# Email notifications for background jobs.
# FAILED_JOBS_MAILS = 7
# FAILED_JOBS_RETRIES = 3

# Language to use stems, full text search, etc. from postgresql.
# FULLTEXTSEARCH_LANGUAGE = 'english'


# Use strict slashes at endpoints, by default True
# This will return a 404 if and endpoint does not have the api/endpoint/
# while if you configured as False, it will return the resource with and without the trailing /
# STRICT_SLASHES = True

# Use SSO on Disqus.com
# DISQUS_SECRET_KEY = 'secret-key'
# DISQUS_PUBLIC_KEY = 'public-key'

# Use Web Push Notifications
# ONESIGNAL_APP_ID = 'Your-app-id'
# ONESIGNAL_API_KEY = 'your-app-key'

# Enable two factor authentication
# ENABLE_TWO_FACTOR_AUTH = True

# Strong password policy for user accounts
# ENABLE_STRONG_PASSWORD = True

# Create new leaderboards based on info field keys from user
# LEADERBOARDS = ['foo', 'bar']

# AVAILABLE_IMPORTERS = ['localCSV']

# Unpublish inactive projects
# UNPUBLISH_PROJECTS = True

# Use this config variable to create valid URLs for your SPA
# SPA_SERVER_NAME = 'https://yourserver.com'

# LDAP
# LDAP_HOST = '127.0.0.1'
# LDAP_BASE_DN = 'ou=users,dc=scifabric,dc=com'
# LDAP_USERNAME = 'cn=yourusername,dc=scifabric,dc=com'
# LDAP_PASSWORD = 'yourpassword'
# LDAP_OBJECTS_DN = 'dn'
# LDAP_OPENLDAP = True
# Adapt it to your specific needs in your LDAP org
# LDAP_USER_OBJECT_FILTER = '(&(objectclass=inetOrgPerson)(cn=%s))'
# LDAP_USER_FILTER_FIELD = 'cn'
# LDAP_PYBOSSA_FIELDS = {'fullname': 'givenName',
#                        'name': 'uid',
#                        'email_addr': 'cn'}

# Flask profiler
# FLASK_PROFILER = {
#     "enabled": True,
#     "storage": {
#         "engine": "sqlite"
#     },
#     "basicAuth":{
#         "enabled": True,
#         "username": "admin",
#         "password": "admin"
#     },
#     "ignore": [
# 	    "^/static/.*"
# 	]
# }

# disallow api access without login using api key that can bypass two factor authentication
# SECURE_APP_ACCESS = True

# allow admin access to particular email addresses or to specific email accounts
# SUPERUSER_WHITELIST_EMAILS = ['@mycompany.com$', '^admin@mycompany.com$', '^subadmin@mycompany.com$']

S3_CONN_KWARGS = {
    # 'host': None,
    'port': None,
    'is_secure': True
}

S3_SSL_NO_VERIFY = False
S3_HOST_SUFFIX = ''
S3_CUSTOM_HEADERS = []
S3_CUSTOM_HANDLER_HOSTS = []

TASK_REQUIRED_FIELDS = {
    'data_owner': {'val': None, 'check_val': False},
    'data_source_id': {'val': None, 'check_val': False},
    'data_type': {'val': ['NUMERICAL', 'CATEGORICAL'], 'check_val': True},
    'data_classifier': {'val': ['C1', 'C2'], 'check_val': True}
}

# Specify which key from the info field of task, task_run or result is going to be used as the root key
# for exporting in CSV format
# TASK_CSV_EXPORT_INFO_KEY = 'key'
# TASK_RUN_CSV_EXPORT_INFO_KEY = 'key2'
# RESULT_CSV_EXPORT_INFO_KEY = 'key3'

# A 32 char string for AES encryption of public IPs.
# NOTE: this is really important, don't use the following one
# as anyone with the source code of pybossa will be able to reverse
# the anonymization of the IPs.
CRYPTOPAN_KEY = '32-char-str-for-AES-key-and-pad.'

# TTL for ZIP files of personal data
TTL_ZIP_SEC_FILES = 3

# Request signature secret key
# SIGNATURE_SECRET = 'my-sig-secret'

REDUNDANCY_UPDATE_EXPIRATION=30

# Access control configurations
ENABLE_ACCESS_CONTROL = True

VALID_ACCESS_LEVELS  = [("L1", "L1"), ("L2", "L2"),
        ("L3", "L3"), ("L4", "L4")]

# Given project/task level, return valid user levels
# Project/task with L1, users only with level L1 permitted
# Project/task with L2, users with levels L1, L2 permitted ...
# Key: project/task level, Value: implicit valid user levels
VALID_USER_LEVELS_FOR_PROJECT_TASK_LEVEL = dict(L1=[],
    L2=["L1"], L3=["L1", "L2"], L4=["L1", "L2", "L3"])

# Given a user level, return valid project/task levels
# Users with L1 can work on project/tasks with level L2, L3, L4
# Key: user level, Value: implicit valid levels for project/task
VALID_TASK_LEVELS_FOR_USER_LEVEL = dict(L1=["L2", "L3", "L4"],
    L2=["L3", "L4"], L3=["L4"], L4=[])

# Given the access control level for a task (key), a project must have one of
# the access control levels in the value list in order for the task to be
# assignable to the project.
VALID_PROJECT_LEVELS_FOR_TASK_LEVEL = dict(
    L1=["L1"], L2=["L1", "L2"], L3=["L1", "L2", "L3"], L4=["L1", "L2", "L3", "L4"])

# Given the access control level of a project (key), a task must be one of
# the access control levels in the value list in order for the task to be
# assignable to the project.
VALID_TASK_LEVELS_FOR_PROJECT_LEVEL = dict(
    L1=["L1", "L2", "L3", "L4"], L2=["L2", "L3", "L4"], L3=["L3", "L4"], L4=["L4"])

ENABLE_ENCRYPTION = False
ENCRYPTION_KEY = abcde