From e9212f6d131f59bf7b12599a1653ed9640863b2a Mon Sep 17 00:00:00 2001 From: Florian Aucomte Date: Fri, 1 Nov 2024 21:25:31 +0000 Subject: [PATCH] fix: Disable DB gateways (#2374) * fix: Disable logging in, verifying, resetting password and registering * Disable anonymisation cron job view --- portal/urls.py | 80 +++++++++++++++++++++++---------------- portal/views/cron/user.py | 72 +++++++++++++++++------------------ portal/views/home.py | 2 +- 3 files changed, 84 insertions(+), 70 deletions(-) diff --git a/portal/urls.py b/portal/urls.py index 0dd8127ce..5d9b77cf0 100644 --- a/portal/urls.py +++ b/portal/urls.py @@ -223,53 +223,63 @@ ), url(r"^$", home, name="home"), url(r"^home-learning", home_learning, name="home-learning"), - url(r"^register_form", register_view, name="register"), + url( + r"^register_form", + # register_view, + home, + name="register", + ), url( r"^login/teacher/$", - # The ratelimit decorator checks how often a POST request is performed on that view. - # It checks against the username value specifically. If the number of requests - # exceeds the specified rate, then the user will be blocked (if block = True). - ratelimit( - group=RATELIMIT_LOGIN_GROUP, - key="post:auth-username", - method=RATELIMIT_METHOD, - rate=RATELIMIT_LOGIN_RATE, - block=True, - )(TeacherLoginView.as_view()), + # # The ratelimit decorator checks how often a POST request is performed on that view. + # # It checks against the username value specifically. If the number of requests + # # exceeds the specified rate, then the user will be blocked (if block = True). + # ratelimit( + # group=RATELIMIT_LOGIN_GROUP, + # key="post:auth-username", + # method=RATELIMIT_METHOD, + # rate=RATELIMIT_LOGIN_RATE, + # block=True, + # )(TeacherLoginView.as_view()), + home, name="teacher_login", ), url( rf"^login/student/(?P{ACCESS_CODE_REGEX})/(?:(?Pclassform)/)?$", - ratelimit( - group=RATELIMIT_LOGIN_GROUP, - key=school_student_key, - method=RATELIMIT_METHOD, - rate=RATELIMIT_LOGIN_RATE_SCHOOL_STUDENT, - block=True, - is_teacher=False, - )(StudentLoginView.as_view()), + # ratelimit( + # group=RATELIMIT_LOGIN_GROUP, + # key=school_student_key, + # method=RATELIMIT_METHOD, + # rate=RATELIMIT_LOGIN_RATE_SCHOOL_STUDENT, + # block=True, + # is_teacher=False, + # )(StudentLoginView.as_view()), + home, name="student_login", ), url( r"^login/student/$", - StudentClassCodeView.as_view(), + # StudentClassCodeView.as_view(), + home, name="student_login_access_code", ), url( r"^u/(?P[0-9]+)/(?P[a-z0-9]+)/$", - student_direct_login, + # student_direct_login, + home, name="student_direct_login", ), url( r"^login/independent/$", - ratelimit( - group=RATELIMIT_LOGIN_GROUP, - key="post:username", - method=RATELIMIT_METHOD, - rate=RATELIMIT_LOGIN_RATE, - block=True, - is_teacher=False, - )(IndependentStudentLoginView.as_view()), + # ratelimit( + # group=RATELIMIT_LOGIN_GROUP, + # key="post:username", + # method=RATELIMIT_METHOD, + # rate=RATELIMIT_LOGIN_RATE, + # block=True, + # is_teacher=False, + # )(IndependentStudentLoginView.as_view()), + home, name="independent_student_login", ), url(r"^login_form", old_login_form_redirect, name="old_login_form"), @@ -290,17 +300,20 @@ ), url( rf"^verify_email/(?P{JWT_REGEX})/$", - verify_email, + # verify_email, + home, name="verify_email", ), url( r"^user/password/reset/student/$", - student_password_reset, + # student_password_reset, + home, name="student_password_reset", ), url( r"^user/password/reset/teacher/$", - teacher_password_reset, + # teacher_password_reset, + home, name="teacher_password_reset", ), url( @@ -310,7 +323,8 @@ ), url( r"^user/password/reset/(?P[0-9A-Za-z]+)-(?P.+)/$", - password_reset_check_and_confirm, + # password_reset_check_and_confirm, + home, name="password_reset_check_and_confirm", ), url( diff --git a/portal/views/cron/user.py b/portal/views/cron/user.py index 9531703dc..6c09fc7ac 100644 --- a/portal/views/cron/user.py +++ b/portal/views/cron/user.py @@ -172,42 +172,42 @@ def get(self, request): class AnonymiseUnverifiedAccounts(CronMixin, APIView): def get(self, request): - user_count = User.objects.filter(is_active=True).count() - - teacher_queryset, independent_student_queryset = get_unverified_users( - USER_DELETE_UNVERIFIED_ACCOUNT_DAYS, - same_day=False, - ) - teacher_count = teacher_queryset.count() - indy_count = independent_student_queryset.count() - - user_queryset = teacher_queryset.union(independent_student_queryset) - - for user in user_queryset.iterator(chunk_size=100): - try: - anonymise(user) - except Exception as ex: - logging.error(f"Failed to anonymise user with id: {user.id}") - logging.exception(ex) - - user_count -= User.objects.filter(is_active=True).count() - logging.info(f"{user_count} unverified users anonymised.") - - activity_today = DailyActivity.objects.get_or_create( - date=datetime.now().date() - )[0] - activity_today.anonymised_unverified_teachers = teacher_count - activity_today.anonymised_unverified_independents = indy_count - activity_today.save() - - TotalActivity.objects.update( - anonymised_unverified_teachers=F("anonymised_unverified_teachers") - + teacher_count, - anonymised_unverified_independents=F( - "anonymised_unverified_independents" - ) - + indy_count, - ) + # user_count = User.objects.filter(is_active=True).count() + # + # teacher_queryset, independent_student_queryset = get_unverified_users( + # USER_DELETE_UNVERIFIED_ACCOUNT_DAYS, + # same_day=False, + # ) + # teacher_count = teacher_queryset.count() + # indy_count = independent_student_queryset.count() + # + # user_queryset = teacher_queryset.union(independent_student_queryset) + # + # for user in user_queryset.iterator(chunk_size=100): + # try: + # anonymise(user) + # except Exception as ex: + # logging.error(f"Failed to anonymise user with id: {user.id}") + # logging.exception(ex) + # + # user_count -= User.objects.filter(is_active=True).count() + # logging.info(f"{user_count} unverified users anonymised.") + # + # activity_today = DailyActivity.objects.get_or_create( + # date=datetime.now().date() + # )[0] + # activity_today.anonymised_unverified_teachers = teacher_count + # activity_today.anonymised_unverified_independents = indy_count + # activity_today.save() + # + # TotalActivity.objects.update( + # anonymised_unverified_teachers=F("anonymised_unverified_teachers") + # + teacher_count, + # anonymised_unverified_independents=F( + # "anonymised_unverified_independents" + # ) + # + indy_count, + # ) return Response() diff --git a/portal/views/home.py b/portal/views/home.py index 47baa59e4..8a4abc09d 100644 --- a/portal/views/home.py +++ b/portal/views/home.py @@ -255,7 +255,7 @@ def coding_club(request): def download_student_pack(request, student_pack_type): if request.method == "POST": - count_student_pack_downloads_click(int(student_pack_type)) + # count_student_pack_downloads_click(int(student_pack_type)) link = cloud_storage("club_packs/PrimaryCodingClub.zip") return redirect(link)