core.config
¶
Module Contents¶
Classes¶
An abstract class for configurations. |
|
Administration tool configuration |
|
Security related settings |
|
Several debug flags |
|
Email related settings. |
|
All i18n, multilang related settings. |
|
User, session, login related settings |
|
All app instance related settings information |
|
Conf class wraps the conf dict and allows to handle |
Attributes¶
- core.config._T¶
- core.config.Multiple: TypeAlias¶
- class core.config.ConfigType(*, strict_mode=None, parent=None)¶
An abstract class for configurations.
It ensures nesting and backward compatibility for the viur-core config
- Parameters:
strict_mode (bool) –
parent (Union[ConfigType, None]) –
- property _path¶
Get the path in dot-Notation to the current config instance.
- property strict_mode¶
Determine if the config runs in strict mode.
In strict mode, the dict-item-access backward compatibility is disabled, only attribute access is allowed. Alias mapping is also disabled. Only the real attribute names are allowed.
If self._strict_mode is None, it would inherit the value of the parent. If it’s explicitly set to True or False, that value will be used.
- _mapping¶
Mapping from old dict-key (must not be the entire key in case of nesting) to new attribute name
- _strict_mode¶
Internal strict mode for this instance.
Use the property getter and setter to access it!
- _parent¶
Parent config instance
- _resolve_mapping(key)¶
Resolve the mapping old dict -> new attribute.
This method must not be called in strict mode! It can be overwritten to apply additional mapping.
- Parameters:
key (str) –
- Return type:
str
- items(full_path=False, recursive=True)¶
Get all setting of this config as key-value mapping.
- Parameters:
full_path (bool) – Show prefix oder only the key.
recursive (bool) – Call .items() on ConfigType members (children)?
- Returns:
- Return type:
Iterator[tuple[str, Any]]
- get(key, default=None)¶
Return an item from the config, if it doesn’t exist default is returned.
- Parameters:
key (str) – The key for the attribute lookup.
default (Any) – The fallback value.
- Returns:
The attribute value or the fallback value.
- Return type:
Any
- __getitem__(key)¶
Support the old dict-like syntax (getter).
Not allowed in strict mode.
- Parameters:
key (str) –
- Return type:
Any
- __getattr__(key)¶
Resolve dot-notation and name mapping in not strict mode.
This method is mostly executed by __getitem__, by the old dict-like access or by attr(conf, “key”). In strict mode it does nothing except raising an AttributeError.
- Parameters:
key (str) –
- Return type:
Any
- __setitem__(key, value)¶
Support the old dict-like syntax (setter).
Not allowed in strict mode.
- Parameters:
key (str) –
value (Any) –
- Return type:
None
- __setattr__(key, value)¶
Set attributes after applying the old -> new mapping
In strict mode it does nothing except a super call for the default object behavior.
- Parameters:
key (str) –
value (Any) –
- Return type:
None
- __repr__()¶
Representation of this config
- Return type:
str
- core.config._project_id¶
- core.config._app_version¶
- core.config._project_base_path¶
- core.config._core_base_path¶
- class core.config.Admin(*, strict_mode=None, parent=None)¶
Bases:
ConfigType
Administration tool configuration
- Parameters:
strict_mode (bool) –
parent (Union[ConfigType, None]) –
- name: str = 'ViUR'¶
Administration tool configuration
- logo: str = ''¶
URL for the Logo in the Topbar of the VI
- login_background: str = ''¶
URL for the big Image in the background of the VI Login screen
- login_logo: str = ''¶
URL for the Logo over the VI Login screen
- color_primary: str = '#d00f1c'¶
primary color for viur-admin
- color_secondary: str = '#333333'¶
secondary color for viur-admin
- module_groups: dict[str, dict[Literal[Admin.name, icon, sortindex], str | int]]¶
Module Groups for the admin tool
Group modules in the sidebar in categories (groups).
- Example:
- conf.admin.module_groups = {
- “content”: {
“name”: “Content”, “icon”: “file-text-fill”, “sortindex”: 10,
}, “shop”: {
“name”: “Shop”, “icon”: “cart-fill”, “sortindex”: 20,
},
}
To add a module to one of these groups (e.g. content), add moduleGroup to the admin_info of the module:
“moduleGroup”: “content”,
- _mapping: dict[str, str]¶
- class core.config.Security(*, strict_mode=None, parent=None)¶
Bases:
ConfigType
Security related settings
- Parameters:
strict_mode (bool) –
parent (Union[ConfigType, None]) –
- force_ssl: bool = True¶
If true, all requests must be encrypted (ignored on development server)
- no_ssl_check_urls: Multiple[str] = ['/_tasks*', '/ah/*']¶
List of URLs for which force_ssl is ignored. Add an asterisk to mark that entry as a prefix (exact match otherwise)
- content_security_policy: dict[str, dict[str, list[str]]] | None¶
If set, viur will emit a CSP http-header with each request. Use security.addCspRule to set this property
- referrer_policy: str = 'strict-origin'¶
Per default, we’ll emit Referrer-Policy: strict-origin so no referrers leak to external services
- permissions_policy: dict[str, list[str]]¶
Include a default permissions-policy. To use the camera or microphone, you’ll have to call :meth: securityheaders.setPermissionPolicyDirective to include at least “self”
- enable_coep: bool = False¶
Shall we emit Cross-Origin-Embedder-Policy: require-corp?
- enable_coop: Literal[unsafe-none, same-origin-allow-popups, same-origin, same-origin-plus-COEP] = 'same-origin'¶
Emit a Cross-Origin-Opener-Policy Header?
See https://html.spec.whatwg.org/multipage/browsers.html#cross-origin-opener-policy-value
- enable_corp: Literal[same-origin, same-site, cross-origin] = 'same-origin'¶
Emit a Cross-Origin-Resource-Policy Header?
See https://fetch.spec.whatwg.org/#cross-origin-resource-policy-header
- strict_transport_security: str | None = 'max-age=22118400'¶
If set, ViUR will emit a HSTS HTTP-header with each request. Use security.enableStrictTransportSecurity to set this property
- x_frame_options: Optional[tuple[Literal[deny, sameorigin, allow-from], Optional[str]]] = ('sameorigin', None)¶
If set, ViUR will emit an X-Frame-Options header
In case of allow-from, the second parameters must be the host-url. Otherwise, it can be None.
- x_xss_protection: bool | None = True¶
ViUR will emit an X-XSS-Protection header if set (the default)
- x_content_type_options: bool = True¶
ViUR will emit X-Content-Type-Options: nosniff Header unless set to False
- x_permitted_cross_domain_policies: Optional[Literal[none, master-only, by-content-type, all]] = 'none'¶
Unless set to logical none; ViUR will emit a X-Permitted-Cross-Domain-Policies with each request
- captcha_default_credentials: dict[Literal[sitekey, secret], str] | None¶
The default sitekey and secret to use for the captcha-bone. If set, must be a dictionary of “sitekey” and “secret”.
- password_recovery_key_length: int = 42¶
Length of the Password recovery key
- closed_system: bool = False¶
If True it activates a mode in which only authenticated users can access all routes.
- admin_allowed_paths: Iterable[str] = ['vi', 'vi/skey', 'vi/settings', 'vi/user/auth_*', 'vi/user/f2_*', 'vi/user/getAuthMethods',...¶
Specifies admin tool paths which are being accessible without authenticated user.
- closed_system_allowed_paths: Iterable[str]¶
Paths that are accessible without authentication in a closed system, see closed_system for details.
- _mapping¶
- class core.config.Debug(*, strict_mode=None, parent=None)¶
Bases:
ConfigType
Several debug flags
- Parameters:
strict_mode (bool) –
parent (Union[ConfigType, None]) –
- trace: bool = False¶
If enabled, trace any routing, HTTPExceptions and decorations for debugging and insight
- trace_exceptions: bool = False¶
If enabled, user-generated exceptions from the viur.core.errors module won’t be caught and handled
- trace_external_call_routing: bool = False¶
If enabled, ViUR will log which (exposed) function are called from outside with what arguments
- trace_internal_call_routing: bool = False¶
If enabled, ViUR will log which (internal-exposed) function are called from templates with what arguments
- skeleton_from_client: bool = False¶
If enabled, log errors raises from skeleton.fromClient()
- dev_server_cloud_logging: bool = False¶
If disabled the local logging will not send with requestLogger to the cloud
- disable_cache: bool = False¶
If set to true, the decorator @enableCache from viur.core.cache has no effect
- _mapping¶
- class core.config.Email(*, strict_mode=None, parent=None)¶
Bases:
ConfigType
Email related settings.
- Parameters:
strict_mode (bool) –
parent (Union[ConfigType, None]) –
- log_retention: datetime.timedelta¶
For how long we’ll keep successfully send emails in the viur-emails table
- transport_class: Type[viur.core.email.EmailTransport]¶
Class that actually delivers the email using the service provider of choice. See email.py for more details
- sendinblue_api_key: str | None¶
API Key for SendInBlue (now Brevo) for the EmailTransportSendInBlue
- sendinblue_thresholds: tuple[int] | list[int] = (1000, 500, 100)¶
Warning thresholds for remaining email quota
Used by email.EmailTransportSendInBlue.check_sib_quota
- send_from_local_development_server: bool = False¶
If set, we’ll enable sending emails from the local development server. Otherwise, they’ll just be logged.
- recipient_override: str | list[str] | Callable[[], str | list[str]] | Literal[False]¶
If set, all outgoing emails will be sent to this address (overriding the ‘dests’-parameter in email.sendEmail)
- sender_override: str | None¶
If set, this sender will be used, regardless of what the templates advertise as sender
- admin_recipients: str | list[str] | Callable[[], str | list[str]]¶
Sets recipients for mails send with email.sendEMailToAdmins. If not set, all root users will be used.
- _mapping¶
- class core.config.I18N(*, strict_mode=None, parent=None)¶
Bases:
ConfigType
All i18n, multilang related settings.
- Parameters:
strict_mode (bool) –
parent (Union[ConfigType, None]) –
- property available_dialects: list[str]¶
Main languages and language aliases
- Return type:
list[str]
- available_languages: Multiple[str] = ['en']¶
List of language-codes, which are valid for this application
- default_language: str = 'en'¶
Unless overridden by the Project: Use english as default language
- domain_language_mapping: dict[str, str]¶
Maps Domains to alternative default languages
- language_alias_map: dict[str, str]¶
Allows mapping of certain languages to one translation (i.e. us->en)
- language_method: Literal[session, url, domain] = 'session'¶
Defines how translations are applied: - session: Per Session - url: inject language prefix in url - domain: one domain per language
- language_module_map: dict[str, dict[str, str]]¶
Maps modules to their translation (if set)
- add_missing_translations: bool = False¶
Add missing translation into datastore.
If a key is not found in the translation table when a translation is rendered, a database entry is created with the key and hint and default value (if set) so that the translations can be entered in the administration.
- class core.config.User(*, strict_mode=None, parent=None)¶
Bases:
ConfigType
User, session, login related settings
- Parameters:
strict_mode (bool) –
parent (Union[ConfigType, None]) –
- access_rights: Multiple[str] = ['root', 'admin']¶
Additional access rights available on this project
- roles: dict[str, str]¶
User roles available on this project
- session_life_time: int¶
Default is 60 minutes lifetime for ViUR sessions
- session_persistent_fields_on_login: Multiple[str] = ['language']¶
If set, these Fields will survive the session.reset() called on user/login
- session_persistent_fields_on_logout: Multiple[str] = ['language']¶
If set, these Fields will survive the session.reset() called on user/logout
- max_password_length: int = 512¶
Prevent Denial of Service attacks using large inputs for pbkdf2
- otp_issuer: str | None¶
The name of the issuer for the opt token
- google_client_id: str | None¶
OAuth Client ID for Google Login
- google_gsuite_domains: list[str] = []¶
A list of domains. When a user signs in for the first time with a Google account using Google OAuth sign-in, and the user’s email address belongs to one of the listed domains, a user account (UserSkel) is created. If the user’s email address belongs to any other domain, no account is created.
- class core.config.Instance(*, strict_mode=None, parent=None)¶
Bases:
ConfigType
All app instance related settings information
- Parameters:
strict_mode (bool) –
parent (Union[ConfigType, None]) –
- app_version: str¶
Name of this version as deployed to the appengine
- core_base_path: pathlib.Path¶
The base path of the core, can be used to find file in the core folder
- is_dev_server: bool¶
Determine whether instance is running on a local development server
- project_base_path: pathlib.Path¶
The base path of the project, can be used to find file in the project folder
- project_id: str¶
The instance’s project ID
- version_hash: str¶
Version hash that does not reveal the actual version name, can be used for cache-busting static resources
- class core.config.Conf(strict_mode=False)¶
Bases:
ConfigType
Conf class wraps the conf dict and allows to handle deprecated keys or other special operations.
- Parameters:
strict_mode (bool) –
- property tasks_custom_environment_handler: viur.core.tasks.CustomEnvironmentHandler | None¶
Preserve additional environment in deferred tasks.
If set, it must be an instance of CustomEnvironmentHandler for serializing/restoring environment data.
- Return type:
Optional[viur.core.tasks.CustomEnvironmentHandler]
- bone_boolean_str2true: Multiple[str | int] = ('true', 'yes', '1')¶
Allowed values that define a str to evaluate to true
- cache_environment_key: Callable[[], str] | None¶
If set, this function will be called for each cache-attempt and the result will be included in the computed cache-key
- compatibility: Multiple[str] = ['json.bone.structure.camelcasenames', 'json.bone.structure.keytuples', 'json.bone.structure.inlists']¶
Backward compatibility flags; Remove to enforce new layout.
- db_engine: str = 'viur.datastore'¶
Database engine module
- error_handler: Callable[[Exception], str] | None¶
If set, ViUR calls this function instead of rendering the viur.errorTemplate if an exception occurs
- error_logo: str¶
Path to a logo (static file). Will be used for the default error template
- static_embed_svg_path: str = '/static/svgs/'¶
Path to the static SVGs folder. Will be used by the jinja-renderer-method: embedSvg
- file_hmac_key: str¶
Hmac-Key used to sign download urls - set automatically
- file_derivations: dict[str, Callable[[viur.core.skeleton.SkeletonInstance, dict, dict], list[tuple[str, float, str, Any]]]]¶
Call-Map for file pre-processors
- file_thumbnailer_url: str | None¶
- main_app: viur.core.module.Module¶
Reference to our pre-build Application-Instance
- main_resolver: dict[str, dict]¶
Dictionary for Resolving functions for URLs
- max_post_params_count: int = 250¶
Upper limit of the amount of parameters we accept per request. Prevents Hash-Collision-Attacks
- param_filter_function: Callable[[str, str], bool]¶
Function which decides if a request parameter should be used or filtered out. Returning True means to filter out.
- moduleconf_admin_info: dict[str, Any]¶
Describing the internal ModuleConfig-module
- script_admin_info: dict[str, Any]¶
Describing the Script module
- render_html_download_url_expiration: float | int | None¶
The default duration, for which downloadURLs generated by the html renderer will stay valid
- render_json_download_url_expiration: float | int | None¶
The default duration, for which downloadURLs generated by the json renderer will stay valid
- request_preprocessor: Callable[[str], str] | None¶
Allows the application to register a function that’s called before the request gets routed
- search_valid_chars: str = 'abcdefghijklmnopqrstuvwxyzäöüß0123456789'¶
Characters valid for the internal search functionality (all other chars are ignored)
- skeleton_search_path: Multiple[str] = ['/skeletons/', '/viur/core/', '/viur-core/core/']¶
Priority, in which skeletons are loaded
- _tasks_custom_environment_handler: viur.core.tasks.CustomEnvironmentHandler | None¶
- valid_application_ids: list[str] = []¶
Which application-ids we’re supposed to run on
- version: tuple[int, int, int]¶
Semantic version number of viur-core as a tuple of 3 (major, minor, patch-level)
- viur2import_blobsource: dict[Literal[infoURL, gsdir], str] | None¶
Configuration to import file blobs from ViUR2
- _mapping¶
- _resolve_mapping(key)¶
Additional mapping for new sub confs.
- Parameters:
key (str) –
- Return type:
str
- core.config.conf¶