Coverage for product_risk_suite/product_risk_suite/settings.py: 94%

35 statements  

« prev     ^ index     » next       coverage.py v7.15.0, created at 2026-07-07 12:45 +0000

1""" 

2Django settings for product_risk_suite project. 

3 

4Generated by 'django-admin startproject' using Django 6.0.3. 

5 

6For more information on this file, see 

7https://docs.djangoproject.com/en/6.0/topics/settings/ 

8 

9For the full list of settings and their values, see 

10https://docs.djangoproject.com/en/6.0/ref/settings/ 

11""" 

12 

13from pathlib import Path 

14import os 

15import logging 

16 

17# Build paths inside the project like this: BASE_DIR / 'subdir'. 

18BASE_DIR = Path(__file__).resolve().parent.parent 

19 

20# enforce it even if its true by default 

21APPEND_SLASH = True 

22 

23# Quick-start development settings - unsuitable for production 

24# See https://docs.djangoproject.com/en/6.0/howto/deployment/checklist/ 

25 

26# SECURITY WARNING: keep the secret key used in production secret! 

27SECRET_KEY = os.environ.get("DJANGO_SECRET_KEY", 'django-insecure-scwz(sj+*te-dbfuc)vnkju5y1=p1en^d#8mz5*keg2(fj^mn-dudi-bla%') 

28 

29# SECURITY WARNING: don't run with debug turned on in production! 

30DEBUG = bool(os.environ.get("DJANGO_DEBUG", default=False)) 

31IN_DOCKER = bool(os.environ.get("IN_DOCKER", default=False)) 

32 

33ALLOWED_HOSTS = os.environ.get("DJANGO_ALLOWED_HOSTS","127.0.0.1,localhost").split(",") 

34CSRF_TRUSTED_ORIGINS = os.environ.get("DJANGO_CSRF_TRUSTED_ORIGINS", "https://localhost:8443,http://localhost:80").split(",") 

35 

36# Application definition 

37INSTALLED_APPS = [ 

38 'django.contrib.admin', 

39 'django.contrib.auth', 

40 'django.contrib.contenttypes', 

41 'django.contrib.sessions', 

42 'django.contrib.messages', 

43 'django.contrib.staticfiles', 

44 'django_summernote', 

45 "graphene_django", 

46 'guardian', 

47 'product_risk_suite', 

48 'risk_assessment', 

49 'threat_model', 

50 'product', 

51 'api', 

52] 

53 

54GRAPHENE = { 

55 "SCHEMA": "api.schema.schema", 

56} 

57 

58MIDDLEWARE = [ 

59 'django.middleware.security.SecurityMiddleware', 

60 'django.contrib.sessions.middleware.SessionMiddleware', 

61 'django.middleware.common.CommonMiddleware', 

62 'django.middleware.csrf.CsrfViewMiddleware', 

63 'django.contrib.auth.middleware.AuthenticationMiddleware', 

64 'django.contrib.messages.middleware.MessageMiddleware', 

65 'django.middleware.clickjacking.XFrameOptionsMiddleware', 

66] 

67 

68ROOT_URLCONF = 'product_risk_suite.urls' 

69 

70TEMPLATES = [ 

71 { 

72 'BACKEND': 'django.template.backends.django.DjangoTemplates', 

73 'DIRS': [BASE_DIR / 'product_risk_suite' / 'templates'], 

74 'APP_DIRS': True, 

75 'OPTIONS': { 

76 'context_processors': [ 

77 'django.template.context_processors.request', 

78 'django.contrib.auth.context_processors.auth', 

79 'django.contrib.messages.context_processors.messages', 

80 ], 

81 }, 

82 }, 

83] 

84 

85WSGI_APPLICATION = 'product_risk_suite.wsgi.application' 

86 

87SUMMERNOTE_CONFIG = { 

88 # Using SummernoteWidget - iframe mode, default 

89 'iframe': True, 

90 'summernote': { 

91 'lang': 'en-US', 

92 

93 # Toolbar customization 

94 # https://summernote.org/deep-dive/#custom-toolbar-popover 

95 'toolbar': [ 

96 ['font', ['bold', 'italic', 'underline', 'clear']], 

97 ['para', ['ul', 'ol', 'paragraph']], 

98 ['insert', ['link']], 

99 ['view', ['fullscreen', 'codeview', 'help']], 

100 ], 

101 } 

102} 

103 

104# Database 

105# https://docs.djangoproject.com/en/6.0/ref/settings/#databases 

106 

107DATABASES = { 

108 'default': { 

109 'ENGINE': f"django.db.backends.{os.getenv('DATABASE_ENGINE', 'sqlite3')}", 

110 'NAME': os.getenv('DATABASE_NAME', BASE_DIR / 'db.sqlite3'), 

111 'USER': os.getenv('DATABASE_USERNAME'), 

112 'PASSWORD': os.getenv('DATABASE_PASSWORD'), 

113 'HOST': os.getenv('DATABASE_HOST'), 

114 'PORT': os.getenv('DATABASE_PORT'), 

115 } 

116} 

117 

118# Password validation 

119# https://docs.djangoproject.com/en/6.0/ref/settings/#auth-password-validators 

120 

121AUTH_PASSWORD_VALIDATORS = [ 

122 { 

123 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', 

124 }, 

125 { 

126 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', 

127 }, 

128 { 

129 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', 

130 }, 

131 { 

132 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', 

133 }, 

134] 

135 

136LOGGING = { 

137 'version': 1, 

138 'disable_existing_loggers': False, 

139 'formatters': { 

140 'verbose': { 

141 'format': '{levelname} {asctime} {module} {message}', 

142 'style': '{', 

143 }, 

144 }, 

145 'handlers': { 

146 'console': { 

147 'level': os.getenv("DJANGO_LOG_LEVEL", "INFO"), 

148 'class': 'logging.StreamHandler', 

149 'formatter': 'verbose', 

150 }, 

151 }, 

152 'root': { 

153 'handlers': ['console'], 

154 'level': os.getenv("DJANGO_LOG_LEVEL", "INFO"), 

155 }, 

156 'loggers': { 

157 'django': { 

158 'handlers': ['console'], 

159 'level': os.getenv("DJANGO_LOG_LEVEL", "INFO"), 

160 'propagate': True, 

161 }, 

162 # For your app-specific logs (e.g., `myapp`) 

163 'myapp': { 

164 'handlers': ['console'], 

165 'level': os.getenv("DJANGO_LOG_LEVEL", "INFO"), 

166 'propagate': True, 

167 }, 

168 }, 

169} 

170 

171AUTHENTICATION_BACKENDS = ( 

172 'django.contrib.auth.backends.ModelBackend', # Default backend 

173 'guardian.backends.ObjectPermissionBackend', # For object permissions 

174) 

175 

176# Internationalization 

177# https://docs.djangoproject.com/en/6.0/topics/i18n/ 

178 

179LANGUAGE_CODE = 'en-us' 

180 

181TIME_ZONE = 'UTC' 

182 

183USE_I18N = True 

184 

185USE_TZ = True 

186 

187LOGIN_URL = '/login' 

188 

189# Static files (CSS, JavaScript, Images) 

190# https://docs.djangoproject.com/en/6.0/howto/static-files/ 

191 

192STATIC_URL = '/static/' 

193if IN_DOCKER: 

194 STATIC_ROOT = "/app/staticfiles" 

195else: 

196 STATIC_ROOT = BASE_DIR / "staticfiles" 

197 

198STATICFILES_DIRS = [ 

199 BASE_DIR / "static", 

200] 

201 

202# uploaded files 

203MEDIA_URL = '/media/' 

204if IN_DOCKER: 

205 MEDIA_ROOT = "/data/media" 

206else: 

207 MEDIA_ROOT = BASE_DIR / "media"