From f85297a5d223b4f083845bfef765ba04887454c7 Mon Sep 17 00:00:00 2001 From: Raoul Snyman Date: Mon, 18 Jan 2010 22:04:49 +0200 Subject: [PATCH 1/2] Fixed up the setup-app procedure to bypass pulling a theme. --- scribeengine/config/environment.py | 12 ++++++------ scribeengine/websetup.py | 7 ++++--- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/scribeengine/config/environment.py b/scribeengine/config/environment.py index ef1d3a7..9bc287b 100644 --- a/scribeengine/config/environment.py +++ b/scribeengine/config/environment.py @@ -20,12 +20,12 @@ def load_environment(global_conf, app_conf): engine = engine_from_config(app_conf, 'sqlalchemy.') init_model(engine) - # Pull out theme variable - theme = Session.query(Variable).get(u'theme') - if theme: - theme_name = theme.value - else: - theme_name = None + theme_name = None + if not app_conf.get('setup-app'): + # Pull out theme variable + theme = Session.query(Variable).get(u'theme') + if theme: + theme_name = theme.value # Set up Pylons paths root = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) diff --git a/scribeengine/websetup.py b/scribeengine/websetup.py index 75568b3..cc90443 100644 --- a/scribeengine/websetup.py +++ b/scribeengine/websetup.py @@ -32,6 +32,7 @@ log = logging.getLogger(__name__) def setup_app(command, conf, vars): """Place any commands to setup scribeengine here""" + conf.local_conf['setup-app'] = True load_environment(conf.global_conf, conf.local_conf) import hashlib @@ -56,10 +57,10 @@ def setup_app(command, conf, vars): role_admin = Role(name=u'Administrator') role_admin.permissions.extend([perm_addposts, perm_editmyposts, perm_delmyposts]) - password = unicode(hmac.new(conf[u'security.salt'], u'omigosh', + password = unicode(hmac.new(conf[u'security.salt'], u'password', hashlib.sha256).hexdigest(), u'utf-8') - user = User(email=u'raoul.snyman@saturnlaboratories.co.za', - password=password, nick=u'raoul') + user = User(email=u'admin@scribeengine.org', + password=password, nick=u'admin') user.roles.append(role_admin) Session.add_all([blog_title, blog_slogan, user]) From 805382516481dee7f54d343634c773ef8cb53240 Mon Sep 17 00:00:00 2001 From: Raoul Snyman Date: Mon, 18 Jan 2010 22:09:58 +0200 Subject: [PATCH 2/2] Removed sensitive data. --- development.ini | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/development.ini b/development.ini index 349fcbd..db85be5 100644 --- a/development.ini +++ b/development.ini @@ -39,13 +39,13 @@ paths.images = %(here)s/images paths.themes = %(here)s/themes # Security settings -security.salt = xgH,{@1pgtU9,nLd +security.salt = secretsalt -mail.on = true +mail.on = false mail.manager = immediate -mail.smtp.server = mail.saturnlaboratories.co.za -mail.smtp.username = raoul.snyman+saturnlaboratories.co.za -mail.smtp.password = 0miG0sh89 +mail.smtp.server = mail.mydomain.com +mail.smtp.username = mymailusername +mail.smtp.password = mymailpassword # WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* # Debug mode will enable the interactive debugging tool, allowing ANYONE to