This repository is archived due to us using the newer version avaiable here. Please don't use this software anymore. This was the repository for the C3FOC web site. Follow @c3foc on twitter for upcoming news. The website is written for and using python3.6.
Due to the ussage of pythons new type safety system (a good idea for security) the software only works with python >= 3.6
On FreeBSD it might be required to run the following comman before
installing the packages listed below using pip3:
[sudo] pkg install jpeg tiff webp lcms2 freetype2
- django
- markdown==3.0.1
- MarkdownSuperscript
- MarkdownSubscript
- pyembed-markdown
- django_extensions
- pillow
- markdown-checklist
- reportlab
- qrcode
- django-email-extras
When building the ticket server it is also required to install the following:
- django-helpdesk
- django-bootstrap4
For testing:
- django-nose
- coverage
While it is fine to test the software using sqlite the intendet engine for production ussage is postgresql. The software works with pgsql version 9.6 but may work with older versions.
- The entire content of the website is located inside the frontpage app.
- While django provides a way to access the database directly (the admin interface) the C3FOC site features an self implemented admin panel. This is not me being super stupid but thinking that editing the database content from hand (including compiling posts from hand) is stupid.
- Djangos internal admin system is also implemented inside the website but only accessible to the root users and meant to be used if something horrible happens
- Djangos internal rendering engine (templates and forms) isn't used in here since it can be very slow and is very complex. After all we deploy this website to thousands of hackers and don't want the website to be DDOSed by accident or having to notice some SQL injections :-)
The user writes the text of posts and article descriptions as markdown. The website will then save the markdown source and parse it. The generated html will be stored inside the database as well (under the 'cachedText' attributes) and a query will only display the cached text rather than recompiling the markdown every time the website gets accessed. Since the markdown package is used the behaviour is altered a bit. The following extensions are loaded when compiling markdown sources:
- markdown.extensions.extra
- markdown.extensions.admonition
- markdown.extensions.toc
- markdown.extensions.wikilinks
- superscript
- subscript
- pyembed
I'm not convinced by the usage of the django-markdown package since it requires the usage of the sometimes buggy django-forms but doesn't give enough extra functionality in order to take on the hassle of maintaining it properly. A simple 'show preview' button should do the trick as well.
The following rights show what logged in users are allowed to do. This
corresponds to the c3shop.frontpage.models.Profile.rights
value. A user who has a higher rights value is allowed to do all the
stuff that requires a lower rights value. The reason this isn't bound to
django's right management is due to me not wanting to allow other apps
to mess with these permissions. The ones from django keep in existence
and apply to other apps and django's native admin panel.
- 0 -> No special permits
- 1 -> Use the 'N units sold button' on articles
- 2 -> Edit other properties of articles and add new ones
- 3 -> Write and edit posts
- 4 -> Add users and change settings
The C3FOC site uses cookies. Before you start to cry: it's not about tracking anyone. Cookies are used for the following cases:
- keeping track of logged in users (should be obvious why)
- implementing CSFR protection
- beeing able to modify reservations before submitting them
In case you're not a registered user: don't panic, we won't track you. In case you don't believe us: read the source code.
Have a look at PushToProduction file for detailed information on how to deploy this website.
The frontpage.store.open setting manages the store icon
on the index page. When it contains a true it will render
the store as open, or otherwise (false) as closed.
The frontpage.chestsize setting contains a positive integer
defining the amount that should be subtracted from the quantity of an
article after the 'quick-substract' button was presses. It defaults to
50 and is the default if there is no individual chest size defined inside
the article entity.
The settings for the navigation bar located in the header contains the following setting keys:
frontpage.ui.navbar.content- The content of this variable is used to determine which items the nav bar should contain.
- The setting contains multiple items notated in JSON format.
- Each item must contain a
typeobject - Only the
linktype is supported yet but others may come - A valid example may look like the following:
[{ "type":"link", "href":"example.com","text":"Visit example.com" },{"type":"link","text":"Visit the top level website", "href":".."}] - The example above would display two links displaying "Visit example.com" and "Visit the top level website" and would redirect to example.com and ..
frontpage.ui.footer.content- This setting entry is basically the same as the one above but handles the footer of the content parts.
- It uses the same JSON syntax
First install all dependencies using pip3. After doing so setup your database server and alter the settings.py file. Make sure to change the following settings:
- Disable debug mode
- Change the database engine to your server
- Change the secret key to something secret
Then run the following commands:
python3 manage.py migratepython3 manage.py collectstaticsPYCAM="from test.init_database import *\ninit_db()"python3 manage.py shell_plus < echo $PYCAMAt last configure your web server to serve the static files and last but not least django. We suggest using nginx as your webserver but using apache >= 2.4 should be fine as well.
At the moment there are the following rules for creating a new password:
- At least 6 characters long
- must contain upper and lower case letters
The following mapping represents the different article types: 0. unisex clothes
- female clothes
- male clothes
- kids clothes Shall there be more types required in the future this list may be expanded. In order to do so the following files would need to be changed:
c3shop/frontpage/uitools/body.py: Sectionget_type_string(type_sym)c3shop/frontpage/management/article_actions.py>