diff --git a/docs/changelog.rst b/docs/changelog.rst index b86c63156..0bcf0a01f 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -1,6 +1,17 @@ Changelog ######### +* 0.6.0 + * Abandon the shared-secret trick we were using for the POST API in favour + of BasicAuth or Django session. + * Fix the POST API so it actually works. `#236`_ + * **Breaking change**: We've dropped the use of ``PAPERLESS_SHARED_SECRET`` + as it was being used both for the API (now replaced with a normal auth) + and form email polling. Now that we're only using it for email, this + variable has been renamed to ``PAPERLESS_EMAIL_SECRET``. The old value + will still work for a while, but you should change your config if you've + been using the email polling feature. Thanks to `Joshua Gilman`_ for all + the help with this feature. * 0.5.0 * Support for fuzzy matching in the auto-tagger & auto-correspondent systems thanks to `Jake Gysland`_'s patch `#220`_. @@ -11,7 +22,8 @@ Changelog thanks to `CkuT`_ for finding this shortcoming and doing the work to get it fixed in `#224`_. * All of the following changes are thanks to `David Martin`_: - * Bumped the dependency on pyocr to 0.4.7 so new users can make use of Tesseract 4 if they so prefer (`#226`_). + * Bumped the dependency on pyocr to 0.4.7 so new users can make use of + Tesseract 4 if they so prefer (`#226`_). * Fixed a number of issues with the automated mail handler (`#227`_, `#228`_) * Amended the documentation for better handling of systemd service files (`#229`_) * Amended the Django Admin configuration to have nice headers (`#230`_) @@ -206,6 +218,7 @@ Changelog .. _CkuT: https://github.com/CkuT .. _David Martin: https://github.com/ddddavidmartin .. _Paperless Desktop: https://github.com/thomasbrueggemann/paperless-desktop +.. _Joshua Gilman: https://github.com/jmgilman .. _#20: https://github.com/danielquinn/paperless/issues/20 .. _#44: https://github.com/danielquinn/paperless/issues/44 @@ -243,4 +256,5 @@ Changelog .. _#228: https://github.com/danielquinn/paperless/pull/228 .. _#229: https://github.com/danielquinn/paperless/pull/229 .. _#230: https://github.com/danielquinn/paperless/pull/230 +.. _#236: https://github.com/danielquinn/paperless/issues/236 diff --git a/docs/consumption.rst b/docs/consumption.rst index 641aa196f..61517b5bf 100644 --- a/docs/consumption.rst +++ b/docs/consumption.rst @@ -125,7 +125,7 @@ So, with all that in mind, here's what you do to get it running: ``PATHS AND FOLDERS`` and ``SECURITY``. If you decided to use a subfolder of an existing account, then make sure you set ``PAPERLESS_CONSUME_MAIL_INBOX`` accordingly here. You also have to set - the ``PAPERLESS_SHARED_SECRET`` to something you can remember 'cause you'll + the ``PAPERLESS_EMAIL_SECRET`` to something you can remember 'cause you'll have to include that in every email you send. 3. Restart the :ref:`consumer `. The consumer will check the configured email account at startup and from then on every 10 minutes diff --git a/paperless.conf.example b/paperless.conf.example index 1ba573cfb..c37442ce0 100644 --- a/paperless.conf.example +++ b/paperless.conf.example @@ -5,7 +5,7 @@ ############################################################################### -#### Paths and folders #### +#### Paths & Folders #### ############################################################################### # This where your documents should go to be consumed. Make sure that it exists @@ -39,7 +39,11 @@ PAPERLESS_CONSUME_MAIL_PASS="" # Override the default IMAP inbox here. If not set Paperless defaults to # "INBOX". -#PAPERLESS_CONSUME_MAIL_INBOX="" +#PAPERLESS_CONSUME_MAIL_INBOX="INBOX" + +# Any email sent to the target account that does not contain this text will be +# ignored. +PAPERLESS_EMAIL_SECRET="" ############################################################################### @@ -61,11 +65,6 @@ PAPERLESS_CONSUME_MAIL_PASS="" PAPERLESS_PASSPHRASE="secret" -# If you intend to consume documents either via HTTP POST or by email, you must -# have a shared secret here. -PAPERLESS_SHARED_SECRET="" - - # The secret key has a default that should be fine so long as you're hosting # Paperless on a closed network. However, if you're putting this anywhere # public, you should change the key to something unique and verbose. diff --git a/src/documents/forms.py b/src/documents/forms.py index 9c87642d9..28b30df3e 100644 --- a/src/documents/forms.py +++ b/src/documents/forms.py @@ -13,7 +13,6 @@ class UploadForm(forms.Form): - SECRET = settings.SHARED_SECRET TYPE_LOOKUP = { "application/pdf": Document.TYPE_PDF, "image/png": Document.TYPE_PNG, diff --git a/src/documents/mail.py b/src/documents/mail.py index af4371652..7666ae49a 100644 --- a/src/documents/mail.py +++ b/src/documents/mail.py @@ -43,7 +43,10 @@ class Message(Loggable): and n attachments, and that we don't care about the message body. """ - SECRET = settings.SHARED_SECRET + SECRET = os.getenv( + "PAPERLESS_EMAIL_SECRET", + os.getenv("PAPERLESS_SHARED_SECRET") # TODO: Remove after 2017/09 + ) def __init__(self, data, group=None): """ @@ -153,15 +156,16 @@ def __init__(self): Loggable.__init__(self) self._connection = None - self._host = settings.MAIL_CONSUMPTION["HOST"] - self._port = settings.MAIL_CONSUMPTION["PORT"] - self._username = settings.MAIL_CONSUMPTION["USERNAME"] - self._password = settings.MAIL_CONSUMPTION["PASSWORD"] - self._inbox = settings.MAIL_CONSUMPTION["INBOX"] + self._host = os.getenv("PAPERLESS_CONSUME_MAIL_HOST") + self._port = os.getenv("PAPERLESS_CONSUME_MAIL_PORT") + self._username = os.getenv("PAPERLESS_CONSUME_MAIL_USER") + self._password = os.getenv("PAPERLESS_CONSUME_MAIL_PASS") + self._inbox = os.getenv("PAPERLESS_CONSUME_MAIL_INBOX", "INBOX") self._enabled = bool(self._host) self.last_checked = datetime.datetime.now() + print(self._connection, self._host, self._port, self._username, self._password, self._inbox, self._enabled, self.last_checked) def pull(self): """ diff --git a/src/paperless/checks.py b/src/paperless/checks.py index 2e7bdf8db..3a9408a71 100644 --- a/src/paperless/checks.py +++ b/src/paperless/checks.py @@ -84,3 +84,20 @@ def binaries_check(app_configs, **kwargs): check_messages.append(Warning(error.format(binary), hint)) return check_messages + + +@register() +def config_check(app_configs, **kwargs): + warning = ( + "It looks like you have PAPERLESS_SHARED_SECRET defined. Note that " + "in the \npast, this variable was used for both API authentication " + "and as the mail \nkeyword. As the API no no longer uses it, this " + "variable has been renamed to \nPAPERLESS_EMAIL_SECRET, so if you're " + "using the mail feature, you'd best update \nyour variable name.\n\n" + "The old variable will stop working in a few months." + ) + + if os.getenv("PAPERLESS_SHARED_SECRET"): + return [Warning(warning)] + + return [] diff --git a/src/paperless/settings.py b/src/paperless/settings.py index 0fa1efc5a..2e525ae41 100644 --- a/src/paperless/settings.py +++ b/src/paperless/settings.py @@ -237,20 +237,6 @@ # slowly, you may want to use a higher value than the default. CONSUMER_LOOP_TIME = int(os.getenv("PAPERLESS_CONSUMER_LOOP_TIME", 10)) -# If you want to use IMAP mail consumption, populate this with useful values. -# If you leave HOST set to None, we assume you're not going to use this -# feature. -MAIL_CONSUMPTION = { - "HOST": os.getenv("PAPERLESS_CONSUME_MAIL_HOST"), - "PORT": os.getenv("PAPERLESS_CONSUME_MAIL_PORT"), - "USERNAME": os.getenv("PAPERLESS_CONSUME_MAIL_USER"), - "PASSWORD": os.getenv("PAPERLESS_CONSUME_MAIL_PASS"), - # If True, use SSL/TLS to connect - "USE_SSL": os.getenv("PAPERLESS_CONSUME_MAIL_USE_SSL", "y").lower() == "y", - # The name of the inbox on the server - "INBOX": os.getenv("PAPERLESS_CONSUME_MAIL_INBOX", "INBOX") -} - # This is used to encrypt the original documents and decrypt them later when # you want to download them. Set it and change the permissions on this file to # 0600, or set it to `None` and you'll be prompted for the passphrase at @@ -260,11 +246,6 @@ # files. PASSPHRASE = os.getenv("PAPERLESS_PASSPHRASE") -# If you intend to use the "API" to push files into the consumer, you'll need -# to provide a shared secret here. Leaving this as the default will disable -# the API. -SHARED_SECRET = os.getenv("PAPERLESS_SHARED_SECRET", "") - # Trigger a script after every successful document consumption? PRE_CONSUME_SCRIPT = os.getenv("PAPERLESS_PRE_CONSUME_SCRIPT") POST_CONSUME_SCRIPT = os.getenv("PAPERLESS_POST_CONSUME_SCRIPT") diff --git a/src/paperless/urls.py b/src/paperless/urls.py index 4128064b7..d058fb2a8 100644 --- a/src/paperless/urls.py +++ b/src/paperless/urls.py @@ -34,18 +34,15 @@ name="fetch" ), + # File uploads + url(r"^push$", csrf_exempt(PushView.as_view()), name="push"), + # The Django admin url(r"admin/", admin.site.urls), url(r"", admin.site.urls), # This is going away ] + static.static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT) -if settings.SHARED_SECRET: - urlpatterns.insert( - 0, - url(r"^push$", csrf_exempt(PushView.as_view()), name="push") - ) - # Text in each page's

(and above login form). admin.site.site_header = 'Paperless' # Text at the end of each page's . diff --git a/src/paperless/version.py b/src/paperless/version.py index 09270db56..922daa7cb 100644 --- a/src/paperless/version.py +++ b/src/paperless/version.py @@ -1 +1 @@ -__version__ = (0, 5, 0) +__version__ = (0, 6, 0)