Merge remote-tracking branch 'upstream/2.6.x' into labs_geonode_2.6.x

.travis.yml

@@ -11,17 +11,20 @@ branches:
     - master
     - 2.6.x
 
+dist: precise
+
 install:
   - sudo apt-get -qq -y update
-  - sudo apt-get install -y libgdal1h python-gdal
+  - sudo apt-get install -y libgdal1h libgdal-dev python-gdal gdal-bin
   - sudo apt-get install -y python-virtualenv python-imaging python-lxml python-pyproj python-shapely python-nose python-httplib2 python-httplib2 gettext
   - sudo add-apt-repository -y ppa:webupd8team/java
   - sudo apt-get update
-  - sudo apt-get install -y --force-yes oracle-java8-installer ant maven2 libjai-imageio-core-java --no-install-recommends
+  - sudo apt-get install -y --force-yes oracle-java8-installer --no-install-recommends
   - sudo update-java-alternatives --set java-8-oracle
-  - pip install -r requirements.txt --use-mirrors
-  - pip install -e . --use-mirrors --no-deps
+  - pip install -r requirements.txt
+  - pip install -e . --no-deps
   - pip install coveralls
+  - pip install pygdal==`gdal-config --version`
 
 before_script:
   - paver setup

docs/conf.py

@@ -44,16 +44,16 @@
 
 # General information about the project.
 project = u'GeoNode'
-copyright = u'2016, Open Source Geospatial Foundation, CC-SA'
+copyright = u'2017, Open Source Geospatial Foundation, CC-SA'
 
 # The version info for the project you're documenting, acts as replacement for
 # |version| and |release|, also used in various other places throughout the
 # built documents.
 #
 # The short X.Y version.
-version = '2.4'
+version = '2.6'
 # The full version, including alpha/beta/rc tags.
-release = '2.4'
+release = '2.6'
 
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.
@@ -232,7 +232,7 @@
 epub_title = u'GeoNode'
 epub_author = u'GeoNode Development Team'
 epub_publisher = u'GeoNode Development Team'
-epub_copyright = u'2016, Open Source Geospatial Foundation, CC-SA'
+epub_copyright = u'2017, Open Source Geospatial Foundation, CC-SA'
 
 # The language of the text. It defaults to the language option
 # or en if the language is not set.

docs/tutorials/advanced/geonode_production/geosites.txt

@@ -21,8 +21,7 @@ The master site, and all of the individual GeoSites, share a single database. Ob
 
 GeoServer
 =========
-A single GeoServer instance is used to serve data to all of the GeoSites.  To keep data organized each site specifies a default workspace (DEFAULT_WORKSPACE) that GeoServer will use to partition the data depending on which site uploaded the data.   The workspaces themselves don't have any impact on permissions, since data can be added and removed from different sites, however it provides at least some organization of the data based on the initial site.
-
+A single GeoServer instance is used to serve data to all of the GeoSites.  
 Data that is common to all sites can be added to the master site which will appear in the generic 'geonode' workspace.
 
 
@@ -31,7 +30,7 @@ Settings Files and Templates
 
 A key component in managing multiple sites is keeping data organized and using a structured series of settings files so that common settings can be shared and only site specific settings are separated out. It is also best to import the default GeoNode settings from the GeoNode installation.  This prevents the settings from having to be manually upgraded if there is any default change the GeoNode settings.
 
-Settings which are common to all GeoSites, but differ from the default GeoNode, are separated into a master_settings.py file.  Then, each individual site has settings file which imports from the master site and will then only need to specify a small selection that make that site unique, such as:
+Settings which are common to all GeoSites, but differ from the default GeoNode, are separated into a contrib/geosites/settings.py file.  Then, each individual site has settings file which imports from the master site and will then only need to specify a small selection that make that site unique, such as:
 
 * SITE_ID: Each one is unique, the master site should have a SITE_ID of 1.
 * SITENAME
@@ -61,7 +60,7 @@ The TEMPLATE_DIRS, and STATICFILES_DIRS will then include all three directories
         os.path.join(GEONODE_ROOT, 'static/')
     )
 
-At the end of the settings_global.py the following variables will be set based on site specific settings::
+At the end of the post_settings.py the following variables will be set based on site specific settings::
 
     STATIC_URL = os.path.join(SITEURL,’static/’)
     GEONODE_CLIENT_LOCATION = os.path.join(STATIC_URL,’geonode/’)
@@ -74,7 +73,7 @@ Templates and Static Files
 
 As mentioned above for each website there will be three directories used for template and static files.  The first template file found will be the one used so templates in the SITE_ROOT/templates directory will override those in PROJECT_ROOT/templates, which will override those in GEONODE_ROOT/templates.
 
-Static files work differently because (at least on a production server) they are collected and stored in a single location.  Because of this care must be taken to avoid clobbering of files between sites, so each site directory should contain all static files in a subdirectory with the name of the site (e.g., static/siteA/logo.png )
+Static files work differently because (at least on a production server) they are collected and stored in a single location.  Because of this care must be taken to avoid clobbering of files between sites, so each site directory should contain all static files in a subdirectory with the name of the site (e.g., static_root/siteA/logo.png )
 
 The location of the proper static directory can then be found in the templates syntax such as::
 
@@ -84,6 +83,31 @@ Permissions by Site
 ===================
 By default GeoNode is publicly available. In the case of GeoSites, new data will be publicly available, but only for the site it was added to, and the master site (all data is added to the master site). 
 
+Activate geosites app
+================
+In order to use geonode in Multi-tenancy mode, follow these steps:
+1. check in settings.py if 'geonode.contrib.geosites' in GEONODE_CONTRIB_APPS is rightly uncommented
+2. add in settings.py 'geonode.contrib.geosites' in INSTALLED_APPS
+3. run python manage.py syncdb
+
 Adding New Sites
 ================
-A management command exists to easily create a new site.  This will create all the needed directories, as well as a site specific settings file.  The command may also create a website configuration file.
+To add a new site follow the following steps:
+
+1. copy the directory site_template in your geonode-project folder and give it a name
+2. from geonode administration pannel add 'new site'
+3. create a virtualhost in the webserver related to the new created site. Remember to setup the WSGIDeamonProcess with the name you gave to the folder created at point 1. and the path to the geosites directory. WSGIProcessGroup have to be pointed to the name you choose for the folder you created at point 1. Eventually, WSGIScriptAlias have to be set to the wsgi.py you have in your site folder.
+4. check the configuration files: local_settings.py, pre_settings.py, post_settings.py in /geonode-project as well as local_settings.py and settings.py in your site folder:
+    - in /geonode-project/local_settings.py set the variable SERVE_PATH. It has to point geosites folder.
+    - in the local_setting of the site folder insert the values to the following variables: 
+            * SITE_ID
+            * SITE_NAME
+            * SITE_URL
+5. create static_root directory where you usually let the webserver serve webpages (e.g., /var/www ) and give it grants to be accessed by the user www-data
+6. create an uploaded/layers and uploaded/thumbs folder in your geonode-project folder and give them grants as follow:
+    sudo mkdir -p geonode-project/uploaded/thumbs
+    sudo mkdir -p geonode-project/uploaded/layers
+    sudo chmod -Rf 755 geonode-project/uploaded/thumbs
+    sudo chmod -Rf 755 geonode-project/uploaded/layers
+7. run python manage.py collectstatics - Pay attention on the folder where you are running the command and the folder structure of your geonode/geosites project, in case pass to the path the settings file by using --settings to the python command
+8. you can customize the look and feel of your site working on the css and html file you find in your template site directory. After a change, run again collectstatics command.  

docs/tutorials/install_and_admin/index.txt

@@ -24,14 +24,15 @@ At the end of this section you will be able to setup from scratch the whole GeoN
 .. toctree::
     :hidden:
     :maxdepth: 5
-    
+
     quick_install
     linux_admin_intro/index
     running_ansible
     vm_setup_virtualbox
     vm_running_vagrant
     geonode_install/index
     setup_on_centos/index
+    network_conf_issues
 
 :ref:`quick_installation`
     This section is a quick guide to get GeoNode up and running in most common operating systems. This is meant to be run on a fresh machine with no previously installed packages or GeoNode versions.
@@ -46,3 +47,7 @@ At the end of this section you will be able to setup from scratch the whole GeoN
     This section will guide the user through the steps necessary to install GeoNode on CentOS.
 
     Packaging for automatic installation are provided for Ubuntu, so, the only option for installing GeoNode on a CentOS platform is installing it from source.
+
+:ref:`network_configuration_issues`
+    This section will guide the user through the steps necessary to understand and possibly solve any of the most common configuration issues on communication between Django and GeoServer.
+

docs/tutorials/install_and_admin/network_conf_issues.txt

@@ -0,0 +1,104 @@
+.. _network_configuration_issues:
+
+============================
+Network configuration issues
+============================
+
+In this section you will find instructions how to understand any problem of connectivity when GeoNode is being exposed through a network different either from a local computer or a server.
+
+GeoNode being proxied
+=====================
+
+A similar situations can be encountered in this scenarios:
+
+    - GeoNode behind a proxy server like `HAProxy`_ or `Squid`_.
+    - GeoNode in a Vagrant machine with NAT mode and port forwarding
+
+    .. _HAProxy: http://www.haproxy.org/
+    .. _Squid: http://www.squid-cache.org/
+
+Development mode
+----------------
+
+.. note:: Please note that this section is relevant **only** if your development machine is a Vagrant box and the GeoNode application is being accessed from a browser and an IP address of your host machine, usually your computer.
+
+Assuming the following port forwarding configuration::
+
++------------------------+------------+------------+
+| Component              | Host  port | Guest port |
++========================+============+============+
+| Django                 | 8001       | 8000       |
++------------------------+------------+------------+
+| GeoServer              | 8080       | 8080       |
++------------------------+------------+------------+
+
+.. important:: In such a situation it is mandatory to start your development server on all IPv4 addresses of your guest machine in order to be reachable from the host.
+
+    .. code-block:: console
+
+        python manage.py runserver 0.0.0.0:8000
+
+        or with Paver
+
+    .. code-block:: console
+
+        paver start_django -b 0.0.0.0:8000
+
+
+You have to review and make sure the following configurations are applied in GeoServer for correct communications::
+
+- Configuration of GeoNode REST role service with proper `baseUrl` in the :file:`config.xml` under the directory `$GEOSERVER_DATA_DIR/security/role/geonode\ REST\ role\ service/`
+
+    .. code-block:: xml
+
+        <baseUrl>http://localhost:8000/</baseUrl>
+        <!-- base url of geonode web server -->
+
+- Configuration of GeoServer security for the oauth2 provider in the :file:`config.xml` under the directory `$GEOSERVER_DATA_DIR/security/filter/geonode-oauth2/`
+
+    .. code-block:: xml
+
+        <!-- GeoNode accessTokenUri -->
+        <accessTokenUri>http://localhost:8000/o/token/</accessTokenUri>
+
+        <!-- GeoNode userAuthorizationUri -->
+        <userAuthorizationUri>http://localhost:8001/o/authorize/</userAuthorizationUri>
+
+        <!-- GeoServer Public URL -->
+        <redirectUri>http://localhost:8080/geoserver</redirectUri>
+
+        <!-- GeoNode checkTokenEndpointUrl -->
+        <checkTokenEndpointUrl>http://localhost:8000/api/o/v4/tokeninfo/</checkTokenEndpointUrl>
+
+        <!-- GeoNode logoutUri -->
+        <logoutUri>http://localhost:8001/account/logout/</logoutUri>
+    .. code-block:: xml
+
+        <proxyBaseUrl>http://localhost:80/geoserver</proxyBaseUrl>
+        <!-- proxy base url of geonode web server -->
+
+GeoNode outbound connections
+============================
+
+SELinux
+-------
+
+Security-Enhanced Linux (**SELinux**) is a security mechanism implemented at kernel level. Generally when SELinux is *enabled* communication issues could arise.
+First of all let's see how to have a look at its status with this command::
+
+    .. code-block:: console
+
+        sestatus
+
+The possible values of `SELinux status` can be `enabled` or `disabled` while if it is enabled the `Current mode` can vary between `enforcing` and `permissive`.
+If SELinux is enabled its policies will only allow services access to recognized ports associated with those services. For example if we wanted to allow Django server to listen on tcp port 800 then a new rule has to be added for such purpose. Simply by using the command `semanage` below::
+
+    .. code-block:: console
+
+        sudo semanage port -a -t http_port_t -p tcp 8000
+
+Verify if the rule has been achieved by running::
+
+    .. code-block:: console
+
+        sudo semanage port -l