Add option to require authentication

doc/general/install.rst

@@ -236,6 +236,22 @@ These are the settings available to Enhydris, in addition to the
 
 .. _django settings: http://docs.djangoproject.com/en/3.2/ref/settings/
 
+Authentication settings
+-----------------------
+
+.. data:: ENHYDRIS_REQUIRE_AUTHENTICATION
+
+   If ``True``, users must be logged on to do anything, such as view a
+   list of stations. All API views except for login will return 401, and
+   all non-API views except for login will redirect to the login page.
+   In that case, :attr:`enhydris.models.Timeseries.publicly_available`
+   and :data:`ENHYDRIS_DEFAULT_PUBLICLY_AVAILABLE` will obviously not
+   have any effect. :data:`REGISTRATION_OPEN` will also not work
+   (because the registration page will also redirect to the login page),
+   but it should be kept at ``False``.
+
+   The default for ``ENHYDRIS_REQUIRE_AUTHENTICATION`` is ``False``.
+
 .. data:: REGISTRATION_OPEN
 
    If ``True``, users can register, otherwise they have to be created
@@ -270,7 +286,7 @@ These are the settings available to Enhydris, in addition to the
 
    If this is ``False`` (the default), all logged on users have
    permission to download the time series data for all time series (for
-   anonymous user there's a
+   anonymous users there's a
    :attr:`enhydris.models.Timeseries.publicly_available` attribute for
    each individual time series; see also
    :data:`ENHYDRIS_DEFAULT_PUBLICLY_AVAILABLE`). Note that if you want
@@ -286,6 +302,9 @@ These are the settings available to Enhydris, in addition to the
    applies to all time series of a station. Individual time series can
    again be marked as publicly available.
 
+Map settings
+------------
+
 .. data:: ENHYDRIS_MAP_BASE_LAYERS
 
    A dictionary of JavaScript definitions of base layers to use on the map.
@@ -317,7 +336,7 @@ These are the settings available to Enhydris, in addition to the
 .. data:: ENHYDRIS_MAP_DEFAULT_BASE_LAYER
 
    The name of the base layer that is visible by default; it must be a key in
-   data:`ENHYDRIS_MAP_BASE_LAYERS`. The default is "Open Street Map".
+   :data:`ENHYDRIS_MAP_BASE_LAYERS`. The default is "Open Street Map".
 
 .. data:: ENHYDRIS_MAP_MIN_VIEWPORT_SIZE
 
@@ -336,6 +355,9 @@ These are the settings available to Enhydris, in addition to the
    lat is in decimal degrees, positive for north/east, negative for
    west/south.
 
+Miscellaneous settings
+----------------------
+
 .. data:: ENHYDRIS_SITES_FOR_NEW_STATIONS
 
    A set of site (i.e. domain) ids of the Django sites framework. The

doc/general/release-notes.rst

@@ -113,6 +113,9 @@ Another important difference is that these new settings apply only
 to time series data, not to gentity files, so gentity files are now
 always publicly available.
 
+In addition, setting :data:`ENHYDRIS_AUTHENTICATION_REQUIRED` has been
+added and can make Enhydris fully closed.
+
 Version 3.0
 ===========
 

enhydris/api/tests/test_auth.py

@@ -16,6 +16,7 @@
 from rest_framework.test import APITestCase
 
 
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class AuthTestCase(APITestCase):
     def setUp(self):
         User = get_user_model()

enhydris/api/tests/test_views/test_bounding_box.py

@@ -7,6 +7,7 @@
 from enhydris import models
 
 
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class SimpleBoundingBoxTestCase(APITestCase):
     def setUp(self):
         mommy.make(
@@ -36,6 +37,7 @@ def test_y2(self):
 
 
 @override_settings(ENHYDRIS_MAP_DEFAULT_VIEWPORT=(1.0, 2.0, 3.0, 4.0))
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class DefaultBoundingBoxTestCase(APITestCase):
     def setUp(self):
         response = self.client.get("/api/stations/")
@@ -55,6 +57,7 @@ def test_y2(self):
 
 
 @override_settings(ENHYDRIS_MAP_MIN_VIEWPORT_SIZE=1.0)
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class TooSmallBoundingBoxTestCase(APITestCase):
     def setUp(self):
         mommy.make(

enhydris/api/tests/test_views/test_gentity_file.py

@@ -1,13 +1,15 @@
 from unittest.mock import MagicMock, mock_open, patch
 
 from django.db.models.fields.files import FieldFile
+from django.test import override_settings
 from rest_framework.test import APITestCase
 
 from model_mommy import mommy
 
 from enhydris import models
 
 
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class GentityFileTestCase(APITestCase):
     def setUp(self):
         self.station = mommy.make(models.Station)
@@ -48,6 +50,7 @@ def test_detail_returns_nothing_if_wrong_station(self):
         self.assertEqual(r.status_code, 404)
 
 
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class GentityFileContentTestCase(APITestCase):
     def setUp(self):
         # Mocking. We mock several things in Django and Python so that:
@@ -82,6 +85,7 @@ def test_content_type(self):
         self.assertEqual(self.response["Content-Type"], "image/jpeg")
 
 
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class GentityFileContentWithoutFileTestCase(APITestCase):
     def setUp(self):
         # Mommy creates a GentityFile without an associated file, so the

enhydris/api/tests/test_views/test_misc.py

@@ -1,10 +1,12 @@
+from django.test import override_settings
 from rest_framework.test import APITestCase
 
 from model_mommy import mommy
 
 from enhydris import models
 
 
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class GareaTestCase(APITestCase):
     def setUp(self):
         self.garea = mommy.make(models.Garea)
@@ -14,6 +16,7 @@ def test_get_garea(self):
         self.assertEqual(r.status_code, 200)
 
 
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class OrganizationTestCase(APITestCase):
     def setUp(self):
         self.organization = mommy.make(models.Organization)
@@ -23,6 +26,7 @@ def test_get_organization(self):
         self.assertEqual(r.status_code, 200)
 
 
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class PersonTestCase(APITestCase):
     def setUp(self):
         self.person = mommy.make(models.Person)
@@ -32,6 +36,7 @@ def test_get_person(self):
         self.assertEqual(r.status_code, 200)
 
 
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class EventTypeTestCase(APITestCase):
     def setUp(self):
         self.event_type = mommy.make(models.EventType)
@@ -41,6 +46,7 @@ def test_get_event_type(self):
         self.assertEqual(r.status_code, 200)
 
 
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class VariableTestCase(APITestCase):
     def setUp(self):
         self.variable = mommy.make(models.Variable, descr="Temperature")
@@ -50,6 +56,7 @@ def test_get_variable(self):
         self.assertEqual(r.status_code, 200)
 
 
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class UnitOfMeasurementTestCase(APITestCase):
     def setUp(self):
         self.unit_of_measurement = mommy.make(models.UnitOfMeasurement)
@@ -59,6 +66,7 @@ def test_get_unit_of_measurement(self):
         self.assertEqual(r.status_code, 200)
 
 
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class GentityEventTestCase(APITestCase):
     # We have extensively tested GentityFile, which is practically the same code,
     # so we test this briefly.

enhydris/api/tests/test_views/test_search.py

@@ -29,7 +29,8 @@ def _create_models(self):
 
     def setUp(self):
         self._create_models()
-        self.response = self.client.get("/api/stations/", {"q": self.search_term})
+        with override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False):
+            self.response = self.client.get("/api/stations/", {"q": self.search_term})
 
     @abstractmethod
     def _create_models(self):

enhydris/api/tests/test_views/test_station.py

@@ -12,6 +12,7 @@
 from enhydris import models
 
 
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class StationListTestCase(APITestCase):
     def setUp(self):
         self.station = mommy.make(models.Station, name="Hobbiton")
@@ -28,6 +29,7 @@ def test_name(self):
 
 
 @override_settings(SITE_ID=1)
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class StationListSitesTestCase(APITestCase):
     @classmethod
     def setUpTestData(cls):
@@ -47,6 +49,7 @@ def test_list_does_not_contain_arta(self):
 
 
 @override_settings(SITE_ID=1)
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class StationDetailSitesTestCase(APITestCase):
     @classmethod
     def setUpTestData(cls):
@@ -64,6 +67,7 @@ def test_hobbiton_detail_unavailable_on_site2(self):
         self.assertEquals(response.status_code, 404)
 
 
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class StationCreateTestCase(APITestCase):
     def setUp(self):
         self.user = mommy.make(User, is_active=True, is_superuser=False)
@@ -111,6 +115,7 @@ def test_any_user_can_create_station_when_system_is_open(self):
 
 
 @override_settings(ENHYDRIS_USERS_CAN_ADD_CONTENT=True)
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class StationUpdateAndDeleteTestCase(APITestCase):
     def setUp(self):
         self.user1 = mommy.make(User, is_active=True, is_superuser=False)
@@ -181,6 +186,7 @@ def test_authorized_user_can_delete_station(self):
         self.assertEqual(response.status_code, 204, response.content)
 
 
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class StationCsvTestCase(APITestCase):
     def setUp(self):
         self._create_stations()

enhydris/api/tests/test_views/test_station_sort.py

@@ -1,12 +1,14 @@
 from unittest.mock import patch
 
+from django.test import override_settings
 from rest_framework.test import APITestCase
 
 from model_mommy import mommy
 
 from enhydris import models
 
 
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class StationSortDefaultTestCase(APITestCase):
     def setUp(self):
         mommy.make(models.Station, name="Rivendell")
@@ -23,6 +25,7 @@ def test_hobbiton_is_first(self):
         self.assertEqual(self.response.json()["results"][0]["name"], "Hobbiton")
 
 
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 class StationSortByReverseNameTestCase(APITestCase):
     def setUp(self):
         mommy.make(models.Station, name="Rivendell")
@@ -39,6 +42,7 @@ def test_rivendell_is_first(self):
         self.assertEqual(self.response.json()["results"][0]["name"], "Rivendell")
 
 
+@override_settings(ENHYDRIS_AUTHENTICATION_REQUIRED=False)
 @patch(
     "django.db.models.query.QuerySet.order_by",
     return_value=models.Station.objects.none(),