|Version 22 (modified by 13 years ago) ( diff ),|
Blueprint for Web Setup
Provide a 1st-time configuration screen.
Setting the 1st username/password here & then running
models/zzz_1st_run.py means that:
- User can be given admin rights even on databases which support referential integrity.
Configuration settings are in the file
models/000_config.py which will have a simple structured format.
models/00_settings.pyreads these settings to do the actual configuration.
- The Web Setup should ideally read in the
000_config.pyfile, make any amendments as-required & then write it out.
- This means that developers can edit the settings live (we remain RAD) & there are no unncessary DB calls every request.
- Ideally the Web setup should have a UI which works via introspection, so doesn't need to be maintained separately when settings are added/amended (this means the settings file needs to include labels/help text).
- 000_config.py instantiates the S3Config class as deployment_settings:
- S3Config is a subclass of Storage and can therefore be written in dot-notation
- S3Config implements methods to read the config values (instead of accessing the instance attributes themselves), which also implement any fallback values. These methods should be used throughout the application (=do not store their return values in any global variables).
- additionally, a S3Config instance could (should) be made read-only during the current request (=safer) by amending the __setattr__ method to not accept updates
- S3Config could contain a method to generate a web form to create a new instance (+pre-populate the form with values of another instance)
- S3Config could then even contain a method to write the instance to a config file like 000_config.py
These are the settings which will be configured:
- Randomising the hmac_key during web setup before 1st admin password is created is important.
- Securing the self-registration
Provide an option to import themes of settings (e.g. 'FEMA') using
shn_import from CSV files in
- Symbology (icons on maps)
- Terminology of Labels
- Forms used (which fields are used, which are mandatory, etc)
- Which modules are active