Commit e5dff985 authored by Matthieu FAURE's avatar Matthieu FAURE
Browse files

Comptoir-srv v2.4.8-rc.2

parents 94c3dc30 67fbe336
Pipeline #1599 failed with stage
in 8 minutes and 53 seconds
......@@ -33,3 +33,6 @@ Docker/E2E-Testing-local/tests/
venv/
*geckodriver.log
*.pyc
# Source code copied files for Docker
Docker/Comptoir-dev-local/Comptoir-source-code
......@@ -5,9 +5,31 @@ Tous les changements notables de ce projet sont documentés dans ce fichier.
Le format s'appuie sur [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
et le projet suit [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
## [Unreleased]
## Unreleased yet
## [2.4.8-rc.1] - 2018-08-07
## [2.4.8-rc.2](https://gitlab.adullact.net/Comptoir/Comptoir-srv/tags/v2.4.8-rc.2) - 2018-08-14
### Added
* [#547](https://gitlab.adullact.net/Comptoir/Comptoir-srv/issues/547) (Développeurs) Amélioration de la doc d'install sur Ubuntu 16.04
* [#562](https://gitlab.adullact.net/Comptoir/Comptoir-srv/issues/562) (Développeurs) Création d'une image Docker utilisant le code source local (plus besoin de faire un git clone)
* [#563](https://gitlab.adullact.net/Comptoir/Comptoir-srv/issues/563) (Développeurs) Ajout de la dernière version de DebugKit dans l'image Docker "locale"
* [#564](https://gitlab.adullact.net/Comptoir/Comptoir-srv/issues/564) (Développeurs) Mise à jour de l'image Docker Comptoir base en v1.0.0-rc.2
### Changed
### Deprecated
### Removed
### Fixed
* [#559](https://gitlab.adullact.net/Comptoir/Comptoir-srv/issues/559) Page d'accueil : Corrigé le lien vers les derniers logiciels ajoutés
* [#557](https://gitlab.adullact.net/Comptoir/Comptoir-srv/issues/557) Rétabli la mise en page du bouton "mot de passe perdu" (mauvaise grammaire HTML)
* [#560](https://gitlab.adullact.net/Comptoir/Comptoir-srv/issues/560) Supprimé bouton en double ("liste de tags")
### Security
* [#467](https://gitlab.adullact.net/Comptoir/Comptoir-srv/issues/467) Correction XSS sur les formulaires
## [2.4.8-rc.1](https://gitlab.adullact.net/Comptoir/Comptoir-srv/tags/v2.4.8-rc.1) - 2018-08-07
### Added
......@@ -18,25 +40,26 @@ et le projet suit [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
* Les prestataires sont maintenant séparés des utilisateurs et disposent d'une entrée propre dans la barre de navigation.
### Security
### Fixed
* Correction de bugs d'internationalisation (tout est censé être traduit de l'anglais vers le français)
## [2.4.7] - 2018-03-30
## 2.4.7 - 2018-03-30
## 2.4.6 - 2018-03-02
## 2.4.5 - 2018-02-02
## [2.4.6] - 2018-03-02
## 2.4.4 - 2018-01-05
## [2.4.5] - 2018-02-02
## 2.4.3 - 2017-12-22
## [2.4.4] - 2018-01-05
## 2.4.2 - 2017-11-24
## [2.4.3] - 2017-12-22
## 2.4.1 - 2017-08-18
## [2.4.2] - 2017-11-24
## 2.4.0 - 2017-08-04
## [2.4.1] - 2017-08-18
## [2.3.2](https://gitlab.adullact.net/Comptoir/Comptoir-srv/tags/v2.3.2) - 2017-07-21
## [2.4.0] - 2017-08-04
## [2.3.2] - 2017-07-21
......@@ -17,6 +17,7 @@ RUN apt-get update -q \
php-xml \
php-pgsql \
php-curl \
php-sqlite3 \
&& apt-get clean \
# Enable mod rewrite and listen to localhost
&& a2enmod rewrite \
......
......@@ -7,16 +7,16 @@ This image is used to save time when building the actual image for Comptoir app.
```
docker login gitlab.adullact.net:4567
docker build -t gitlab.adullact.net:4567/comptoir/comptoir-srv/comptoir-ubuntu-base:v1.0.0-rc.1 .
docker build -t gitlab.adullact.net:4567/comptoir/comptoir-srv/comptoir-ubuntu-base:v1.0.0-rc.2 .
docker images
```
check that the image has been built.
```
docker push gitlab.adullact.net:4567/comptoir/comptoir-srv/comptoir-ubuntu-base:v1.0.0-rc.1
docker push gitlab.adullact.net:4567/comptoir/comptoir-srv/comptoir-ubuntu-base:v1.0.0-rc.2
```
Be careful to the tag of the version. Set up the right version you want to.
Be careful to the tag of the version. Set up the right version you want to use.
If no tag specified, by default it will be tag `latest`.
In time the build of the image will be done directly on the gitlab.
One time the build of the image will be done directly on the gitlab.
FROM gitlab.adullact.net:4567/comptoir/comptoir-srv/comptoir-ubuntu-base:v1.0.0-rc.2
ENV DEBIAN_FRONTEND noninteractive
####################################################
# Comptoir specifics #
####################################################
WORKDIR /var/www/html
RUN rm -rf /var/www/html/*
COPY Comptoir-source-code/ /var/www/html/
RUN composer install --no-progress \
&& cp config/app.default.php config/app.php \
&& sed -i -e "s/\/\/COMPTOIR-DEBUG//" config/app.php \
# Inject some non random salt for this example
&& sed -i -e "s/__SALT__/somerandomsalt/" config/app.php \
# Make sessionhandler based on env file
&& sed -i -e "s/'php',/env('SESSION_DEFAULTS', 'php'),/" config/app.php \
&& cp config/comptoir.default.php config/comptoir.php \
&& tar zxvf tests/TestFiles/FunctionalsTests/files.tar.gz -C webroot/img/ \
&& groupadd comptoir \
&& usermod -aG comptoir root \
&& usermod -aG comptoir www-data \
&& chgrp -R comptoir logs tmp webroot \
&& chmod -R g+rw logs tmp webroot \
&& chmod g+s tmp/cache/persistent/
####################################################
# Apache: adjust conf and run #
####################################################
EXPOSE 80
CMD ["/usr/sbin/apache2ctl", "-DFOREGROUND"]
.idea/
.git/
Docker/
logs/
tmp/
vendor/
venv/
FROM gitlab.adullact.net:4567/comptoir/comptoir-srv/comptoir-ubuntu-base:v1.0.0-rc.1
FROM gitlab.adullact.net:4567/comptoir/comptoir-srv/comptoir-ubuntu-base:v1.0.0-rc.2
ENV DEBIAN_FRONTEND noninteractive
ARG my_branch
......
FROM gitlab.adullact.net:4567/comptoir/comptoir-srv/comptoir-ubuntu-base:v1.0.0-rc.1
FROM gitlab.adullact.net:4567/comptoir/comptoir-srv/comptoir-ubuntu-base:v1.0.0-rc.2
ENV DEBIAN_FRONTEND noninteractive
ARG my_branch
......
#!/usr/bin/env bash
# Shell script to build and run Comptoir with local files in a Docker container
# /!\ must be run from this very directory
# ====== Step 0 =====
# Remove previous containers and images
docker-compose -f ./compose-Comptoir-dev-local.yml rm -s -v
# ====== Step 1 =====
# Copy source code files into Docker scope, so they can be included within the Docker image
rsync -av --delete --exclude-from=./Comptoir-dev-local/rsync_exclude.txt ../ ./Comptoir-dev-local/Comptoir-source-code/
# ====== Step 2 =====
# Build
docker-compose -f ./compose-Comptoir-dev-local.yml build
# ====== Step 3 =====
# Run
docker-compose -f ./compose-Comptoir-dev-local.yml up -d
echo -en "\n"
echo -en "Go to http://localhost:8080/ \n"
echo -en "Thanks for being here :) \n"
version: '2'
services:
postgres_comptoir_dev:
build: Postgres-Comptoir-Dev/
ports:
- "5432:5432"
comptoir_dev_local:
build:
context: ./Comptoir-dev-local/
# Note: if building is too slow, you may add the following options to the docker build: --ulimit nofile=1024
# See https://askubuntu.com/questions/991773/package-installations-are-very-slow-in-docker-build
ulimits:
nofile: 1024
volumes:
- ./Comptoir-dev-local/Comptoir-source-code/src:/var/www/html/src
links:
- postgres_comptoir_dev
environment:
DEBUG: 'true'
DB_HOST: 'postgres_comptoir_dev'
DB_USERNAME: 'comptoir'
DB_PASSWORD: 'comptoir'
DB_DATABASE: 'comptoir'
SECURITY_SALT: 'FAKE_FOR_TESTING'
ports:
- "8080:80"
......@@ -3,39 +3,20 @@
## 1. Change version in source code
* Create an issue "prepare vX.Y.Z" and the associated branch + merge request.
* On this branch, change the version in: `config/bootstrap.php`
* On this branch:
* change the version in `config/bootstrap.php`
* update `CHANGELOG.md`
* Eventually make other adjustments
## 2. Merge and tag Develop
## 2. Merge, tag and push
* Merge the branch into develop
* Place an RC tag on develop: `vX.Y.Z-rc.1`
## 3. Test on pre-prod server
* Deploy on http://comptoir1404-srv.dev.adullact.lan (following the UPGRADE instructions)
* If something's missing: repeat from step 1 ; else go next step
## 4. Merge into Master
```sh
git checkout master
git merge develop --no-ff -m "Comptoir-srv vX.Y.Z"
```
## 5. Tag Master
Create the tag:
Once the MR for "prepare vX.Y.Z" is OK **in develop**:
```sh
git checkout master
MYTAG="vX.Y.Z"
git merge develop --no-ff -m "Comptoir-srv $MYTAG"
git tag -a $MYTAG -m "$MYTAG"
```
Push the tag and the merge:
```sh
git push origin master
git push origin $MYTAG
```
\ No newline at end of file
```
......@@ -49,7 +49,6 @@ As `root` user, do:
```shell
apt-get purge --auto-remove \
libicu \
zlib1g
```
......@@ -167,12 +166,14 @@ As any user, do:
## POSTGRESQL Insert content + binary files
Let say the archived content is stored in the two following files:
Let say the archived content is:
* `/tmp/SAVE_COMPTOIR_2017-01-10-18h05m44_Data_only.sql.bz2`
* `/tmp/SAVE_COMPTOIR_2017-01-10-18h05m44_Dir_Files.tar.bz2`
1. compound of the two following files:
* `SAVE_COMPTOIR_2017-01-10-18h05m44_Data_only.sql.bz2`
* `SAVE_COMPTOIR_2017-01-10-18h05m44_Dir_Files.tar.bz2`
1. files which are located in `/home/comptoir/Comptoir-EXPORT/` directory
To import content, run as `root` user:
To import content, run as `comptoir` user:
```shell
/home/comptoir/Comptoir-srv/bin/COMPTOIR_import_DB_data_AND_images.sh \
......@@ -182,50 +183,60 @@ To import content, run as `root` user:
/!\ Caution:
* Files **must** be in `/tmp' folder.
* Files **must** be in `/home/comptoir/Comptoir-EXPORT/' folder.
* The `-t` parameter is the **exact** timestamp copied/pasted from the filenames.
## Set UNIX permissions on imported binary files
## Comptoir **SRV**: Composer install
As `root` user, do
```shell
cd /home/comptoir/Comptoir-srv/ \
&& /usr/local/bin/composer install --no-dev
/home/comptoir/Comptoir-srv/bin/COMPTOIR_import_set_unix_permissions.sh \
-d /home/comptoir/Comptoir-srv \
```
## Comptoir **SRV**: app.php
## Comptoir: Composer install
As user `comptoir`, do:
```shell
cd /home/comptoir/Comptoir-srv/ \
&& /usr/local/bin/composer install --no-dev \
&& sed -i "s/'debug' => true/'debug' => false/" config/app.php
```
Then edit `config/app.php` and set the values for:
## Comptoir: configuration > app.php
As user `comptoir`, edit `config/app.php` and set the values for:
* Section `EmailTransport`: `password`
* Section `Datasource/Default`: DB credential
## Comptoir **SRV**: comptoir.php
## Comptoir: configuration > comptoir.php
As user `comptoir`, do:
```shell
cd /home/comptoir/Comptoir-srv/ \
&& cp config/comptoir.default.php config/comptoir.php \
&& cp config/comptoir.default.php config/comptoir.php
```
### Comptoir.php >> Piwik
Then edit `config/comptoir.php` and set the values for:
* the Piwik stanza (or any analytics HTML code)
### Categories.PickOfTheMonth
### Comptoir.php >> PickOfTheMonth
The array `Categories => PickOfTheMonth` contain the four ids of softwares you want see in the section `Pick of the month` on the home page.
```
Default ids [ 27, // Authentik
49, // Maarch Courrier
9, // Asqatasun
23 // OpenADS ]
```
## Set UNIX permissions
......@@ -284,8 +295,23 @@ service apache2 reload
## 5. Test
* Comptoir-SRV with: [http://srv.comptoir-du-libre/api/v1/softwares.json](http://srv.comptoir-du-libre/api/v1/softwares.json)
* Comptoir-SRV with: [http://srv.comptoir-du-libre.org/api/v1/softwares.json](http://srv.comptoir-du-libre.org/api/v1/softwares.json)
## 6. Functionnal Testing
## 6. Install HTTPS
... with Let's Encrypt
## 7. Functionnal Testing
### Manually
* Verify a user can recover its lots password
### Automatically
@@@TODO
## 8. Details host-specific
* automatic export
* automatic backup
......@@ -84,12 +84,12 @@ fi
echo "Extracting files"
cd "${DIR_WEBROOT_FILES_PARENT}"
sudo tar xvfj "${SAVE_WEBROOT_FILES_FILE}"
sudo chown -R www-data.comptoir files/
find "${DIR_WEBROOT_FILES}" -type f -exec sudo chmod 664 {} \;
find "${DIR_WEBROOT_FILES}" -type d -exec sudo chmod 775 {} \;
tar xvfj "${SAVE_WEBROOT_FILES_FILE}"
echo ""
echo "Please, verify in the app everything is OK"
echo "then do: sudo rm -rf \"${DIR_WEBROOT_FILES_TMP}/\""
echo "Please, now do the following steps:"
echo "1. Run COMPTOIR_import_set_unix_permissions.sh"
echo "2. Verify in the application everythiong is OK"
echo "3. Then do: sudo rm -rf \"${DIR_WEBROOT_FILES_TMP}/\""
echo ""
#!/usr/bin/env bash
set -o errexit
# #############################################################################
# Option management
# #############################################################################
TEMP=`getopt -o d:t: -- "$@"`
if [ $? != 0 ] ; then echo "Terminating..." >&2 ; exit 1 ; fi
usage () {
echo 'Set suitable UNIX permissions to binary files imported into Comptoir'
echo 'NOTE: this must be run as a user with *sudo* privileges'
echo ''
echo 'usage: $0 [OPTIONS]...'
echo ''
echo ' -d <comptoir-srv-dir> (MANDATORY) Absolute directory to Comptoir-srv, *without* trailing slash, eg "/home/comptoir/comptoir-srv"'
echo ''
exit 2
}
# Note the double quotes around $TEMP: they are essential!
eval set -- "${TEMP}"
declare COMPTOIR_SRV_DIR=
while true; do
case "$1" in
-d ) COMPTOIR_SRV_DIR="$2"; shift 2 ;;
-- ) shift; break ;;
* ) break ;;
esac
done
# check mandatory options
if [ "${COMPTOIR_SRV_DIR}" = "" ]
then
echo ''
echo 'Mandatory option is missing'
echo ''
usage
fi
# #############################################################################
# Variables
# #############################################################################
DIR_WEBROOT_FILES="${COMPTOIR_SRV_DIR}/webroot/img/files"
# #############################################################################
# Actual action
# #############################################################################
sudo chown -R www-data.comptoir "${DIR_WEBROOT_FILES}/"
find "${DIR_WEBROOT_FILES}" -type f -exec sudo chmod 664 {} \;
find "${DIR_WEBROOT_FILES}" -type d -exec sudo chmod 775 {} \;
......@@ -247,9 +247,7 @@ return [
*/
//'init' => ['SET GLOBAL innodb_stats_on_metadata = 0'],
],
/**
* The test connection is used during the test suite.
*/
// The "test" connection is used by PHPUnit (not DebugKit that uses SQLite)
//COMPTOIR-DEBUG 'test' => [
//COMPTOIR-DEBUG 'className' => 'Cake\Database\Connection',
//COMPTOIR-DEBUG 'driver' => 'Cake\Database\Driver\Postgres',
......
......@@ -22,8 +22,6 @@ require __DIR__ . '/paths.php';
// Use composer to load the autoloader.
require ROOT . DS . 'vendor' . DS . 'autoload.php';
//require __DIR__ . '/constantes.php';
/**
* Bootstrap CakePHP.
*
......@@ -40,31 +38,22 @@ if (!extension_loaded('intl')) {
trigger_error('You must enable the intl extension to use CakePHP.', E_USER_ERROR);
}
use App\Event\UserListener;
use Cake\Cache\Cache;
use Cake\Console\ConsoleErrorHandler;
use Cake\Core\App;
use Cake\Core\Configure;
use Cake\Core\Configure\Engine\PhpConfig;
use Cake\Core\Plugin;
use Cake\Database\Type;
use Cake\Datasource\ConnectionManager;
use Cake\Error\ErrorHandler;
use Cake\Event\EventManager;
use Cake\Log\Log;
use Cake\Mailer\Email;
use Cake\Network\Request;
use Cake\Routing\DispatcherFactory;
use Cake\Utility\Inflector;
use Cake\Utility\Security;
//ADDED
// ################
use App\Error\AppError;
// ################
/**
* Read configuration file and inject configuration into various
* CakePHP classes.
......@@ -211,15 +200,15 @@ Type::build('date')->useLocaleParser();
Type::build('datetime')->useLocaleParser();
/** ===========================================================================
* COMPTOIR Configuration
*
*/
//CONFIGURATION
Configure::write('DEFAULT_PREFIX', "api/v1");
Configure::write('DEFAULT_PREFIX',"api/v1");
/**
* Initialize the message referring to the manivelle api documentation
*/
Configure::write('Help','Please check the manual at http://manivelle.adullact.org/manual');
//Initialize the message referring to the Comptoir api documentation
Configure::write('Help', 'Please check the manual at http://comptoir.adullact.org/manual');
Configure::write(
'QueryObject',
......@@ -228,82 +217,41 @@ Configure::write(
]
);
/**
* Initialize the limit parameter for a QueryObject.
*/
Configure::write('LIMIT',500);
/**
* Initialize the offset parameter for a QueryObject
*/
Configure::write('OFFSET',1);
/**
* Initialize the order parameter for a QueryObject
*/
Configure::write('ORDER','asc');
/**
* Connect middleware/dispatcher filters.
*/
Configure::write('TIMEOUT',10);
/**
* Define the limit of softxares on the home page
*/
Configure::write('LIMIT_NUMBER_OF_SOFTWARES_HOME_PAGE',4);
/**
* Connect middleware/dispatcher filters.
*/
// Initialize the limit parameter for a QueryObject.
Configure::write('LIMIT', 500);
// Initialize the offset parameter for a QueryObject
Configure::write('OFFSET', 1);
/**
* Database Name
*/
Configure::write('DATABASE','comptoir');
/**
* Schema use in the daabase
*/
Configure::write('SCHEMA','public');
// Initialize the order parameter for a QueryObject
Configure::write('ORDER', 'asc');
//Connect middleware/dispatcher filters.
Configure::write('TIMEOUT', 10);
/**
* Database for tests
*/
Configure::write('DATABASETEST','tests');
// Define the limit of software on the home page
Configure::write('LIMIT_NUMBER_OF_SOFTWARES_HOME_PAGE', 4);
// Database Name
Configure::write('DATABASE', 'comptoir');
Plugin::load('Josegonzalez/Upload');
// Schema use in the database
Configure::write('SCHEMA', 'public');