Skip to main content

Document management service

Project description

alexandria

Build Status Coverage Black License: GPL-3.0-or-later

Our goal is to implement an external document management service to hold and provide uploaded documents. Documents can be uploaded and, depending on user access, managed by internal as well as external users.

The goal is NOT to re implement a complex DMS but rather to have a simple and user-friendly way of managing documents with different permissions.

All User Interface interactions should be as simple as possible and easily understandable.

Original RFC that led to alexandria

Getting started

Installation

Requirements

  • docker
  • docker-compose

After installing and configuring those, download docker-compose.yml and run the following commands:

# only needs to be run once
echo UID=$UID > .env

docker compose up -d

You can now access the api at http://localhost:8000/api/v1/.

Example data

To load a set of categories run the following command:

make load_example_data

Configuration

Alexandria is a 12factor app which means that configuration is stored in environment variables. Different environment variable types are explained at django-environ.

Additional authorization and validation of the models is handled by DGAP.

Common

A list of configuration options which you need

  • Django configuration

    • SECRET_KEY: A secret key used for cryptography. This needs to be a random string of a certain length. See more.
    • ALLOWED_HOSTS: A list of hosts/domains your service will be served from. See more.
    • DATABASE_ENGINE: Database backend to use. See more. (default: django.db.backends.postgresql)
    • DATABASE_HOST: Host to use when connecting to database (default: localhost)
    • DATABASE_PORT: Port to use when connecting to database (default: 5432)
    • DATABASE_NAME: Name of database to use (default: alexandria)
    • DATABASE_USER: Username to use when connecting to the database (default: alexandria)
    • DATABASE_PASSWORD: Password to use when connecting to database
  • Authentication configuration

    • OIDC_OP_USER_ENDPOINT: Userinfo endpoint for OIDC
    • OIDC_VERIFY_SSL: Set to false if you want to disable verifying SSL certs. Useful for development
    • OIDC_DRF_AUTH_BACKEND: Overwrite the default authentication backend with your own
    • ALEXANDRIA_OIDC_USER_FACTORY: Overwrite the default user with your own
    • ALEXANDRIA_CREATED_BY_USER_PROPERTY: Overwrite the default user property which is used for ..._by_user (default: username)
    • ALEXANDRIA_CREATED_BY_GROUP_PROPERTY: Overwrite the default group property which is used for ..._by_group (default: group)
  • Authorization configurations

    • ALEXANDRIA_VISIBILITY_CLASSES: Comma-separated list of DGAP classes that define visibility for all models
    • ALEXANDRIA_PERMISSION_CLASSES: Comma-separated list of DGAP classes that define permissions for all models
  • Data validation configuration

    • ALEXANDRIA_VALIDATION_CLASSES: Comma-separated list of DGAP classes that define custom validations
  • Thumbnail configuration (optional)

    • ALEXANDRIA_ENABLE_THUMBNAIL_GENERATION: Set to false to disable thumbnail generation
      • Check the docker-compose file for an example on how to set up generation with s3 hooks
    • ALEXANDRIA_THUMBNAIL_WIDTH: Width of generated thumbnails
    • ALEXANDRIA_THUMBNAIL_HEIGHT: Height of generated thumbnails
    • ALEXANDRIA_ENABLE_CHECKSUM: Set to false to disable file checksums. Checksums are calculated after upload to allow later verification (not implemented in Alexandria)
  • Storage configuration

    Storage backends are configured globally. The storable object bears information on the encryption status allowing the ORM appropriate handling of the data.

    • ALEXANDRIA_FILE_STORAGE: Set the backend for file uploads. django-storages is available (default: alexandria.storages.backends.s3.S3Storage)

    Encryption:

    • ALEXANDRIA_ENABLE_AT_REST_ENCRYPTION: Set to true to enable at-rest encryption of files (enabling this causes an error unless ALEXANDRIA_ENCRYPTRION_METHOD is set to a supported method)
    • ALEXANDRIA_ENCRYPTION_METHOD: Define encryption method that is applied to uploaded objects. Available values depend on storage backend's capabilities (default: None)
      • available methods
        • None: no at-rest encryption
        • ssec-global: encrypt all files with the same key (requires: ALEXANDRIA_FILE_STORAGE: alexandria.storages.backends.s3.S3Storage)

    Supported backends:

    • FileSystemStorage: files are stored to the MEDIA_ROOT directory

    • S3Storage: files are uploaded to the S3 object storage configured accordingly

      required configuations:

      • ALEXANDRIA_S3_ACCESS_KEY: identity
      • ALEXANDRIA_S3_SECRET_KEY: password to authorize identity
      • ALEXANDRIA_S3_ENDPOINT_URL: the url of the service
      • ALEXANDRIA_S3_BUCKET_NAME: the bucket name of the storage to access objects in path notation (not subdomain)

      The development setup features a minio service, implementing the S3 protocol. To use SSE-C in development make sure to generate a certificate for the minio container and set ALEXANDRIA_S3_VERIFY to false.

For development, you can also set the following environemnt variables to help you:

  • ALEXANDRIA_DEV_AUTH_BACKEND: Set this to "true" to enable a fake auth backend that simulates an authenticated user. Requires DEBUG to be set to True as well.
  • DEBUG: Set this to true for debugging during development. Never enable this in production, as it will leak information to the public if you do.

Contributing

Look at our contributing guidelines to start with your first contribution.

Maintainer's Handbook

Some notes for maintaining this project can be found in the maintainer's handbook.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

caluma_alexandria-3.0.0b9.tar.gz (49.1 kB view details)

Uploaded Source

Built Distribution

caluma_alexandria-3.0.0b9-py3-none-any.whl (60.1 kB view details)

Uploaded Python 3

File details

Details for the file caluma_alexandria-3.0.0b9.tar.gz.

File metadata

  • Download URL: caluma_alexandria-3.0.0b9.tar.gz
  • Upload date:
  • Size: 49.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.0.0 CPython/3.8.18

File hashes

Hashes for caluma_alexandria-3.0.0b9.tar.gz
Algorithm Hash digest
SHA256 4805cf4b054e7a7dba0d90d05ede816451b3bc1b3656addd72f02d081be88b92
MD5 e2ca8a93ac54a9d44ec44fbd390101ca
BLAKE2b-256 29a406c4b8a886e642ee2eff97b09204404a16c7d84d5905c297fbacbbd30ac7

See more details on using hashes here.

File details

Details for the file caluma_alexandria-3.0.0b9-py3-none-any.whl.

File metadata

File hashes

Hashes for caluma_alexandria-3.0.0b9-py3-none-any.whl
Algorithm Hash digest
SHA256 e9cade75ea4a18ffc40936edcd0027f3b2c04cb3b340679ad2f43601a53cb329
MD5 5c05a952dbaa0a66f2bd438ddcffa695
BLAKE2b-256 553fd626362cd5cb85e0c40fc5585febb84eaadb27d0deaa7b164ea9e5d03d41

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page