Document ways of locking down Weblate (issue #131)

c9106209 · Michal Čihař · ab6b5d9c · c9106209 · c9106209 · c9106209
Commit c9106209 authored Oct 24, 2012 by Michal Čihař
Hide whitespace changes
Inline Side-by-side

Showing with 53 additions and 0 deletions

docs/admin.rst docs/admin.rst +4 -0

docs/config.rst docs/config.rst +35 -0

weblate/settings_example.py weblate/settings_example.py +14 -0

No files found.
--- a/docs/admin.rst
+++ b/docs/admin.rst
@@ -263,6 +263,10 @@ group, which will be allowed to save translations and manage suggestions) and
 add selected users to this group. You can do all this from Django admin
 interface.

+To completely lock down your Weblate installation you can use
+:setting:`LOGIN_REQUIRED_URLS` for forcing users to login and
+:setting:`REGISTRATION_OPEN` for disallowing new registrations.
+
 .. _lazy-commit:

 Lazy commits

--- a/docs/config.rst
+++ b/docs/config.rst
@@ -51,6 +51,41 @@ translator.

 .. seealso:: :ref:`locking`

+.. setting:: LOGIN_REQUIRED_URLS
+
+LOGIN_REQUIRED_URLS
+-------------------
+
+List of URL which require login (besides standard rules built into Weblate).
+This allows you to password protect whole installation using:
+
+.. code-block:: python
+
+    LOGIN_REQUIRED_URLS = (
+        r'/(.*)$',
+    )
+
+.. setting:: LOGIN_REQUIRED_URLS_EXCEPTIONS
+
+LOGIN_REQUIRED_URLS_EXCEPTIONS
+------------------------------
+
+List of exceptions for :setting:`LOGIN_REQUIRED_URLS`, in case you won't
+specify this list, the default value will be used, which allows users to access
+login page.
+
+Some of exceptions you might want to include:
+
+.. code-block:: python
+
+    LOGIN_REQUIRED_URLS_EXCEPTIONS = (
+        r'/accounts/(.*)$', # Required for login
+        r'/media/(.*)$',    # Required for development mode
+        r'/widgets/(.*)$',  # Allowing public access to widgets
+        r'/data/(.*)$',     # Allowing public access to data exports
+        r'/hooks/(.*)$',    # Allowing public access to notification hooks
+    )
+
 .. setting:: CHECK_LIST

 CHECK_LIST

--- a/weblate/settings_example.py
+++ b/weblate/settings_example.py
@@ -344,3 +344,17 @@ DEFAULT_FROM_EMAIL = 'webmaster@localhost'
 #        'LOCATION': '127.0.0.1:11211',
 #    }
 #}
+
+# Example for restricting access to logged in users
+#LOGIN_REQUIRED_URLS = (
+#    r'/(.*)$',
+#)
+
+# In such case you will want to include some of the exceptions
+#LOGIN_REQUIRED_URLS_EXCEPTIONS = (
+#   r'/accounts/(.*)$', # Required for login
+#   r'/media/(.*)$',    # Required for development mode
+#   r'/widgets/(.*)$',  # Allowing public access to widgets
+#   r'/data/(.*)$',     # Allowing public access to data exports
+#   r'/hooks/(.*)$',    # Allowing public access to notification hooks
+#)