Merge branch 'release/v2.0.6'

* release/v2.0.6: (1214 commits)
  Create release branch for current production version
  Removed run-redis.sh
  Changes for v2.0.3
  Changes to Postgresql Configuration and .gitignore
  Removing crts from git; updated postgres configuration
  Added vagrant to .gitignore
  Added Vagrant setup
  changes for pr comments
  == -> = (for shame)
  added convenience method Responses.make_public
  ignore response tokens if public
  add local moment.min.js
  oops
  fix for codacy
  add manage account popover; increase logout tab close delay to 1 second
  restore user_type_auth.py to before OAuth branch
  finish manage account
  manage account WIP
  error messaging for web services requests
  add migration
  ...

# Conflicts:
#	.env.example
#	.gitignore
#	Procfile
#	README.md
#	requirements.txt

.coveragerc

@@ -0,0 +1,29 @@
+# .coveragerc to control coverage.py
+[run]
+branch = True
+
+[report]
+# Regexes for lines to exclude from consideration
+exclude_lines =
+    # Have to re-enable the standard pragma
+    pragma: no cover
+
+    # Don't complain about missing debug-only code:
+    def __repr__
+    if self\.debug
+
+    # Don't complain if tests don't hit defensive assertion code:
+    raise AssertionError
+    raise NotImplementedError
+
+    # Don't complain if non-runnable code isn't run:
+    if 0:
+    if __name__ == .__main__.:
+
+ignore_errors = True
+
+[html]
+directory = tmp/coverage_html_report
+
+[xml]
+output = tmp/coverage_xml_report/coverage.xml

.env.example

@@ -1,58 +1,80 @@
-# Application Settings
-AGENCY_NAME='City Name'
-LIAISONS_URL=
-STAFF_URL=
-LIST_OF_ADMINS=
-DEFAULT_MAIL_SENDER='[email protected]'
-DEFAULT_OWNER_EMAIL=
-DEFAULT_OWNER_REASON=
-DAYS_AFTER_EXTENSION=14
-DAYS_TO_FULFILL=5
-DAYS_UNTIL_OVERDUE=5
-NYC_GOV_BASE=nyc.gov
-
-# Flask Settings
-PUBLIC_APPLICATION_URL=http://127.0.0.1:8080/
-AGENCY_APPLICATION_URL=http://127.0.0.1:8080/
-ENVIRONMENT=LOCAL
-SECRET_KEY=str('change this before deploying to production')
-DATABASE_URL=postgresql://testuser:testpwd@localhost/recordtrac?sslmode=require
-DATABASE_URL=postgresql://testuser:testpwd@localhost/recordtrac
+# Flask Config
+SECRET_KEY=<FLASK SECRET KEY>
+BASE_URL=<BASE URL FOR DEPLOYED APP>
+VIEW_REQUEST_ENDPOINT=<ENDPOINT FOR VIEWING A REQUEST>
+APP_TIMEZONE=<LOCAL APPLICATION TIMEZONE>
 SESSION_COOKIE_SECURE=True
-LOGFILE_DIRECTORY=.
 
-# Flask Mail Settings
-MAIL_USERNAME=
-MAIL_PASSWORD=
-MAIL_SERVER=
-MAIL_USE_TLS=
-MAIL_PORT=
-SEND_EMAILS=
+# Log Settings
+APP_VERSION_STRING=<STRING OF APP VERSION>
+LOGFILE_DIRECTORY=<PATH TO LOG DIRECTORY>
 
-#Flask Session Settings
-PERMANENT_SESSION_LIFETIME=120
+# Data
+AGENCY_DATA=<FULL PATH TO "agencies.csv">
+REASON_DATA=<FULL PATH TO "reasons.csv">
+STAFF_DATA=<FULL PATH TO "staff.csv">
 
-# Upload Settings
-UPLOAD_DOCS=True
-UPLOAD_FOLDER=
-HOST_URL=
+# Database
+DATABASE_URL=postgresql://<DATABASE USERNAME>:<DATABASE PASSWORD>@<DATABASE HOSTNAME>:<DATABASE PORT>/<DATABASE NAME>
+
+# E-Mail Settings
+MAIL_SERVER=<MAIL SERVER HOSTNAME>
+MAIL_PORT=<MAIL SERVER PORT>
+MAIL_SENDER=[email protected]
+MAIL_SUBJECT_PREFIX=[OpenRecords]
+MAIL_USERNAME=<MAIL USERNAME>
+MAIL_PASSWORD=<MAIL PASSWORD>
+
+# Upload
+MAGIC_FILE=<FULL PATH TO MAGIC FILE>
+VIRUS_SCAN_ENABLED=True
+UPLOAD_QUARANTINE_DIRECTORY=<FULL PATH TO INCOMING FILES DIRECTORY>
+UPLOAD_SERVING_DIRECTORY=<FULL PATH TO OUTGOING FILES DIRECTORY>
+UPLOAD_DIRECTORY=<FULL PATH TO POST-SCAN FILES DIRECTORY>
+
+# ElasticSearch
+ELASTICSEARCH_ENABLED=True
+ELASTICSEARCH_HOST=<ELASTICSEARCH SERVER HOSTNAME>
+ELASTICSEARCH_USERNAME=<ELASTICSEARCH SERVICE ACCOUNT USERNAME>
+ELASTICSEARCH_PASSWORD=<ELASTICSEARCH SERVICE ACCOUNT PASSWORD>
+ELASTICSEARCH_INDEX=<ELASTICSEARCH INDEX NAME>
+ELASTICSEARCH_USE_SSL=TRUE
+ELASTICSEARCH_VERIFY_CERTS=FALSE
+
+# Redis
+REDIS_HOST=<REDIS HOSTNAME>
+REDIS_PORT=<REDIS PORT>
+
+# SFTP
+USE_SFTP=True
+SFTP_HOSTNAME=<SFTP SERVER HOSTNAME>
+SFTP_PORT=22
+SFTP_USERNAME=<USERNAME FOR SFTP SERVICE ACCOUNT>
+SFTP_PASSWORD=<PASSWORD FOR SFTP SERVICE ACCOUNT>
+SFTP_RSA_KEY_FILE=<PATH TO RSA PRIVATE KEY>
+SFTP_UPLOAD_DIRECTORY=<PATH TO UPLOADS FOR SFTP>
+
+
+# Authentication Settings
+PERMANENT_SESSION_LIFETIME=30
+
+# OAUTH
+USE_OAUTH=<USE OAUTH AUTHENTICATION FOR LOGIN?>
+WEB_SERVICES_URL=<NYC.ID WEB SERVICES URL>
+VERIFY_WEB_SERVICES=<VERIFY SSL CERTIFICATES FOR NYC.ID WEB SERVICES>
+NYC_ID_USERNAME=<NYC.ID SERVICE ACCOUNT USERNAME>
+NYC_ID_PASSWORD=<NYC.ID SERVICE ACCOUNT PASSWORD>
+
+# LDAP
+USE_LDAP=<USE LDAP AUTHENTICATION FOR LOGIN?>
+LDAP_SERVER=<LDAP SERVER HOSTNAME>
+LDAP_PORT=636
+LDAP_USE_TLS=True
+LDAP_KEY_PATH=<PATH TO LDAP KEY>
+LDAP_SA_BIND_DN=<BIND DN FOR LDAP SERVICE ACCOUNT>
+LDAP_SA_PASSWORD=<PASSWORD FOR LDAP SERVICE ACCOUNT>
+LDAP_BASE_DN=<LDAP SEARCH BASE>
 
 # ReCaptcha
-RECAPTCHA_SECRET_KEY=
-RECAPTCHA_SITE_KEY=
-
-# ICAP Server Vars
-HOST=
-SERVICE=
-PORT=
-SHOULD_SCAN_FILES=
-
-# LDAP Authentication
-USE_LDAP=True
-LDAP_SERVER=
-LDAP_PORT=
-LDAP_USE_TLS=
-LDAP_CERT_PATH=
-LDAP_SA_BIND_DN=
-LDAP_SA_PASSWORD=
-LDAP_BASE_DN=
+RECAPTCHA_SITE_KEY=<SITE KEY>
+RECAPTCHA_SECRET_KEY=<SECRET KEY>

.gitignore

@@ -1,12 +1,25 @@
+# Project Specific
+saml/
+redis-stable/
+python-sudo.sh
+quarantine/
+tmp/
+.pip-packages/
+logs/
+received-emails/
+ldap/
+Vagrantfile
+.vagrant/
+*.pem
+*.crt
+*.key
+
 # Byte-compiled / optimized / DLL files
-openfoil
 __pycache__/
 *.py[cod]
 *$py.class
-
 # C extensions
 *.so
-
 # Distribution / packaging
 .Python
 env/
@@ -16,21 +29,13 @@ dist/
 downloads/
 eggs/
 .eggs/
-lib/
-lib64/
 parts/
 sdist/
 var/
 *.egg-info/
 .installed.cfg
 *.egg
 
-# PyInstaller
-#  Usually these files are written by a python script from a template
-#  before PyInstaller builds the exe, so as to inject date/other infos into it.
-*.manifest
-*.spec
-
 # Installer logs
 pip-log.txt
 pip-delete-this-directory.txt
@@ -44,109 +49,34 @@ htmlcov/
 nosetests.xml
 coverage.xml
 *,cover
+.hypothesis/
 
-# Translations
-*.mo
-*.pot
-
-# Django stuff:
-*.log
-
-# Sphinx documentation
-docs/_build/
-
-# PyBuilder
-target/
-
-
-# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion
-
-*.iml
-
-## Directory-based project format:
-.idea/
-# if you remove the above rule, at least ignore the following:
-
-# User-specific stuff:
-# .idea/workspace.xml
-# .idea/tasks.xml
-# .idea/dictionaries
-
-# Sensitive or high-churn files:
-# .idea/dataSources.ids
-# .idea/dataSources.xml
-# .idea/sqlDataSources.xml
-# .idea/dynamic.xml
-# .idea/uiDesigner.xml
+# Flask stuff:
+instance/
+.webassets-cache
 
-# Gradle:
-# .idea/gradle.xml
-# .idea/libraries
+# dotenv
+.env
 
-# Mongo Explorer plugin:
-# .idea/mongoSettings.xml
-
-## File-based project format:
-*.ipr
-*.iws
-
-## Plugin-specific files:
-
-# IntelliJ
-/out/
+# virtualenv
+.venv/
+venv/
+ENV/
+[Bb]in
+[Ii]nclude
+[Ll]ib64
+[Ll]ocal
+[Ss]cripts
+pyvenv.cfg
+.venv
+pip-selfcheck.json
+*.DS_Store
+.AppleDouble
+.LSOverride
+
+# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm
+# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
+.idea
 
 # mpeltonen/sbt-idea plugin
-.idea_modules/
-
-# JIRA plugin
-atlassian-ide-plugin.xml
-
-# Crashlytics plugin (for Android Studio and IntelliJ)
-com_crashlytics_export_strings.xml
-crashlytics.properties
-crashlytics-build.properties
-
-# cache files for sublime text
-*.tmlanguage.cache
-*.tmPreferences.cache
-*.stTheme.cache
-
-# workspace files are user-specific
-*.sublime-workspace
-
-# project files should be checked into the repository, unless a significant
-# proportion of contributors will probably not be using SublimeText
-*.sublime-project
-
-# sftp configuration file
-sftp-config.json
-
-# Custom
-*.pyc
-settings.cfg
-websiteconfig.py
-settings.env
-notes/
-.DS_Store
-*.psd
-pdfs/
-
-# @waltz's emacs gitignore partee pak
-*~
-.#*
-#~#
-.env*
-pdfs/
-venv/
-Vagrantfile
-.vagrant/
-.codekit-cache/
-config.codekit
-runserver2.txt
-*.pem
-*.cer
-*.csr
-*.crt
-*.key
-users/liasons_all-agencies.csv
-users/liasons.xlsx
+.idea_modules/

.landscape.yml

@@ -0,0 +1,15 @@
+doc-warnings: true
+test-warnings: false
+strictness: veryhigh
+max-line-length: 120
+uses:
+  - celery
+  - flask
+autodetect: true
+requirements:
+  - requirements.txt
+ignore-paths:
+  - docs
+  - app/lib/onelogin
+python-targets:
+  - 3

.python-version

@@ -0,0 +1 @@
+3.5.2

Procfile

@@ -1 +1,2 @@
-web: ~/.virtualenvs/openfoil/bin/gunicorn -w 3 -t 360 -b 0.0.0.0:8080  public_records_portal.prflask:app
+web: gunicorn manage:app
+