rename TUNNEL_DATA as DRAWINGS_DATA

9 files changed, 19 insertions, 19 deletions

diff --git a/core/views/statistics.py b/core/views/statistics.py
index c317d43..395858b 100644
--- a/core/views/statistics.py
+++ b/core/views/statistics.py
@@ -53,7 +53,7 @@ def pathsreport(request):
         "SURVEYS_URL" : str( settings.SURVEYS_URL),
         "SURVEXPORT" : str( settings.SURVEXPORT),
         "THREEDCACHEDIR" : str( settings.THREEDCACHEDIR),
-        "TUNNEL_DATA" : str( settings.TUNNEL_DATA),
+        "DRAWINGS_DATA" : str( settings.DRAWINGS_DATA),
         "URL_ROOT" : str( settings.URL_ROOT)
         }
     except:
@@ -90,7 +90,7 @@ def pathsreport(request):
         "SURVEYS_URL" : type(settings.SURVEYS_URL),
         "SURVEXPORT" : type(settings.SURVEXPORT),
         "THREEDCACHEDIR" : type(settings.THREEDCACHEDIR),
-        "TUNNEL_DATA" : type(settings.TUNNEL_DATA),
+        "DRAWINGS_DATA" : type(settings.DRAWINGS_DATA),
         "URL_ROOT" : type(settings.URL_ROOT)
         }
     except:
diff --git a/core/views/surveys.py b/core/views/surveys.py
index d2d2fac..c54d6de 100644
--- a/core/views/surveys.py
+++ b/core/views/surveys.py
@@ -64,7 +64,7 @@ def dwgfilesingle(request, path):
         message = f'Drawing file error or not found \'{path}\' .'
         return render(request, 'errors/generic.html', {'message': message})   
         
-    tfile = Path(settings.TUNNEL_DATA, dwgfile.dwgpath)
+    tfile = Path(settings.DRAWINGS_DATA, dwgfile.dwgpath)
     try: # for display not download
         return HttpResponse(content=open(tfile, errors='strict'), content_type="text/xhtml") 
     except UnicodeDecodeError:
@@ -86,7 +86,7 @@ def dwgfileupload(request, path):
     except:
         message = f'Drawing file error or not found \'{path}\' .'
         return render(request, 'errors/generic.html', {'message': message})   
-    tfile = Path(settings.TUNNEL_DATA, dwgfile.dwgpath)
+    tfile = Path(settings.DRAWINGS_DATA, dwgfile.dwgpath)
     
     project, user, password, tunnelversion = request.POST["tunnelproject"], request.POST["tunneluser"], request.POST["tunnelpassword"], request.POST["tunnelversion"]
     print(project, user, tunnelversion)
diff --git a/localsettingsWSL.py b/localsettingsWSL.py
index 76dc3aa..f9e2dd1 100644
--- a/localsettingsWSL.py
+++ b/localsettingsWSL.py
@@ -112,14 +112,14 @@ TEMPLATES = [
             'context_processors': [ 
                 # django.template.context_processors.csrf, # is always enabled and cannot be removed, sets csrf_token
                 'django.contrib.auth.context_processors.auth', # knowledge of logged-on user & permissions
-                'core.context.troggle_context',    # in core/troggle.py
+                'core.context.troggle_context',    # in core/troggle.py - only used in expedition.html
                 'django.template.context_processors.debug',
-                #'django.template.context_processors.request', # copy of current request, added in trying to make csrf work
                 'django.template.context_processors.i18n',
                 'django.template.context_processors.media',  # includes a variable MEDIA_URL
                 'django.template.context_processors.static', # includes a variable STATIC_URL
                 'django.template.context_processors.tz',
-                'django.contrib.messages.context_processors.messages',
+                'django.template.context_processors.request', # must be enabled in DjangoTemplates (TEMPLATES) in order to use the admin navigation sidebar. 
+               'django.contrib.messages.context_processors.messages',
             ],
             'loaders': [
                 'django.template.loaders.filesystem.Loader', # default lcation is troggle/templates/
@@ -145,7 +145,7 @@ EMAIL_USE_TLS = True
 DEFAULT_FROM_EMAIL = 'django-test@klebos.net'
 
 SURVEX_DATA = REPOS_ROOT_PATH / "loser"
-TUNNEL_DATA = REPOS_ROOT_PATH / "drawings"
+DRAWINGS_DATA = REPOS_ROOT_PATH / "drawings"
 THREEDCACHEDIR  =  REPOS_ROOT_PATH / 'expowebcache' / '3d'
 
 EXPOWEB = REPOS_ROOT_PATH / "expoweb" 
@@ -163,7 +163,7 @@ LOGFILE = os.fspath(LOGFILE)
 SURVEYS = os.fspath(SURVEYS)
 EXPOWEB = os.fspath(EXPOWEB)
 THREEDCACHEDIR  = os.fspath(THREEDCACHEDIR)
-TUNNEL_DATA     = os.fspath(TUNNEL_DATA)
+DRAWINGS_DATA     = os.fspath(DRAWINGS_DATA)
 SURVEX_DATA     = os.fspath(SURVEX_DATA)
 REPOS_ROOT_PATH = os.fspath(REPOS_ROOT_PATH)
 TEMPLATE_PATH   = os.fspath(TROGGLE_PATH)
diff --git a/localsettingsdocker.py b/localsettingsdocker.py
index e9a6650..2e51398 100644
--- a/localsettingsdocker.py
+++ b/localsettingsdocker.py
@@ -23,7 +23,7 @@ sys.path.append(REPOS_ROOT_PATH + 'troggle')
 PUBLIC_SITE = False
 
 SURVEX_DATA = REPOS_ROOT_PATH + 'loser/'
-TUNNEL_DATA = REPOS_ROOT_PATH + 'tunneldata/'
+DRAWINGS_DATA = REPOS_ROOT_PATH + 'tunneldata/'
 
 CAVERN = 'cavern'
 THREEDTOPOS = '3dtopos'
diff --git a/localsettingspotatohut.py b/localsettingspotatohut.py
index 2322b3e..753cce4 100644
--- a/localsettingspotatohut.py
+++ b/localsettingspotatohut.py
@@ -26,7 +26,7 @@ PUBLIC_SITE = True
 FIX_PERMISSIONS = ["sudo", "/usr/local/bin/fix_permissions"]
 
 SURVEX_DATA = REPOS_ROOT_PATH + 'loser/'
-TUNNEL_DATA = REPOS_ROOT_PATH + 'tunneldata/'
+DRAWINGS_DATA = REPOS_ROOT_PATH + 'tunneldata/'
 THREEDCACHEDIR = REPOS_ROOT_PATH + 'expowebcache/3d/'
 
 CAVERN = 'cavern'
diff --git a/localsettingsserver.py b/localsettingsserver.py
index aaceef0..53b638c 100644
--- a/localsettingsserver.py
+++ b/localsettingsserver.py
@@ -73,7 +73,7 @@ PUBLIC_SITE = True
 DEBUG = True
 
 SURVEX_DATA = REPOS_ROOT_PATH + 'loser/'
-TUNNEL_DATA = REPOS_ROOT_PATH + 'tunneldata/'
+DRAWINGS_DATA = REPOS_ROOT_PATH + 'tunneldata/'
 
 CAVERN = 'cavern'
 THREEDTOPOS = 'survexport'
diff --git a/localsettingsubuntu.py b/localsettingsubuntu.py
index 9832176..d0ab9fd 100644
--- a/localsettingsubuntu.py
+++ b/localsettingsubuntu.py
@@ -26,7 +26,7 @@ sys.path.append(REPOS_ROOT_PATH + 'troggle')
 PUBLIC_SITE = False
 
 SURVEX_DATA = REPOS_ROOT_PATH + 'loser/'
-TUNNEL_DATA = REPOS_ROOT_PATH + 'tunneldata/'
+DRAWINGS_DATA = REPOS_ROOT_PATH + 'tunneldata/'
 THREEDCACHEDIR = REPOS_ROOT_PATH + 'expowebcache/3d/'
 
 CAVERN = 'cavern'
diff --git a/parsers/surveys.py b/parsers/surveys.py
index a0cf520..2e75561 100644
--- a/parsers/surveys.py
+++ b/parsers/surveys.py
@@ -179,7 +179,7 @@ def settherionfileinfo(filetuple):
     '''
     thtype, therionfile = filetuple
     
-    ff = os.path.join(settings.TUNNEL_DATA, therionfile.dwgpath)
+    ff = os.path.join(settings.DRAWINGS_DATA, therionfile.dwgpath)
     therionfile.filesize = os.stat(ff)[stat.ST_SIZE]
     if therionfile.filesize <= 0:
         message = "! Zero length therion file {}".format(ff)
@@ -229,7 +229,7 @@ def setdwgfileinfo(dwgfile):
     Should try to read the date too e.g. tunneldate="2010-08-16 22:51:57
     then we could display on the master calendar per expo.
     '''
-    ff = os.path.join(settings.TUNNEL_DATA, dwgfile.dwgpath)
+    ff = os.path.join(settings.DRAWINGS_DATA, dwgfile.dwgpath)
     dwgfile.filesize = os.stat(ff)[stat.ST_SIZE]
     if dwgfile.filesize <= 0:
         message = "! Zero length xml file {}".format(ff)
@@ -260,7 +260,7 @@ def load_drawings_files():
     '''Breadth first search of drawings directory looking for sub-directories and *.xml filesize
     '''
     all_xml = []
-    drawdatadir = settings.TUNNEL_DATA
+    drawdatadir = settings.DRAWINGS_DATA
     DrawingFile.objects.all().delete()
     DataIssue.objects.filter(parser='Drawings').delete()
     DataIssue.objects.filter(parser='Therion').delete()
diff --git a/security-warnings.txt b/security-warnings.txt
index 6c90561..edfad59 100644
--- a/security-warnings.txt
+++ b/security-warnings.txt
@@ -2,9 +2,9 @@ System check identified some issues:
 
 WARNINGS:
 ?: (security.W001) You do not have 'django.middleware.security.SecurityMiddleware' in your MIDDLEWARE so the SECURE_HSTS_SECONDS, SECURE_CONTENT_TYPE_NOSNIFF, SECURE_BROWSER_XSS_FILTER, and SECURE_SSL_REDIRECT settings will have no effect.
-?: (security.W002) You do not have 'django.middleware.clickjacking.XFrameOptionsMiddleware' in your MIDDLEWARE, so your pages will not be served with an 'x-frame-options' header. Unless there is a good reason for your site to be served in a frame, you should consider enabling this header to help prevent clickjacking attacks.
-?: (security.W003) You don't appear to be using Django's built-in cross-site request forgery protection via the middleware ('django.middleware.csrf.CsrfViewMiddleware' is not in your MIDDLEWARE). Enabling the middleware is the safest approach to ensure you don't leave any holes.
-?: (security.W010) You have 'django.contrib.sessions' in your INSTALLED_APPS, but you have not set SESSION_COOKIE_SECURE to True. Using a secure-only session cookie makes it more difficult for network traffic sniffers to hijack user sessions.
+?: (security.W012) SESSION_COOKIE_SECURE is not set to True. Using a secure-only session cookie makes it more difficult for network traffic sniffers to hijack user sessions.
+?: (security.W016) You have 'django.middleware.csrf.CsrfViewMiddleware' in your MIDDLEWARE, but you have not set CSRF_COOKIE_SECURE to True. Using a secure-only CSRF cookie makes it more difficult for network traffic sniffers to steal the CSRF token.
 ?: (security.W018) You should not have DEBUG set to True in deployment.
+?: (security.W019) You have 'django.middleware.clickjacking.XFrameOptionsMiddleware' in your MIDDLEWARE, but X_FRAME_OPTIONS is not set to 'DENY'. The default is 'SAMEORIGIN', but unless there is a good reason for your site to serve other parts of itself in a frame, you should change it to 'DENY'.
 
 System check identified 5 issues (0 silenced).