From 82654eabdcc2a19c063d4d8adab5d01f14f23d32 Mon Sep 17 00:00:00 2001
From: Oliver <oliver.henry.walters@gmail.com>
Date: Mon, 18 Mar 2024 15:27:56 +1100
Subject: [PATCH] Site access tweaks (#6738)

* Adjust docker filter

- Run if settings.py changes

* Revert API version

* Adjust logic in settings.py

- Only exit if in main server thread

* Update qc_checks.yaml

* Add wildcard for CSRF_TRUSTED_ORIGINS in DEBUG mode

* Update wildcard

* Simplify settings.py logic
---
 .github/workflows/docker.yaml      |  1 +
 .github/workflows/qc_checks.yaml   |  4 ++--
 InvenTree/InvenTree/api_version.py |  5 +----
 InvenTree/InvenTree/settings.py    | 22 +++++++++++++++++-----
 4 files changed, 21 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
index d682d05a35..1497d7f3f7 100644
--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@@ -44,6 +44,7 @@ jobs:
               - docker-compose.yml
               - docker.dev.env
               - Dockerfile
+              - InvenTree/settings.py
               - requirements.txt
               - tasks.py
 
diff --git a/.github/workflows/qc_checks.yaml b/.github/workflows/qc_checks.yaml
index dfb7433341..5a7e26c352 100644
--- a/.github/workflows/qc_checks.yaml
+++ b/.github/workflows/qc_checks.yaml
@@ -133,7 +133,6 @@ jobs:
       INVENTREE_PYTHON_TEST_SERVER: http://localhost:12345
       INVENTREE_PYTHON_TEST_USERNAME: testuser
       INVENTREE_PYTHON_TEST_PASSWORD: testpassword
-      INVENTREE_SITE_URL: http://localhost:8000
     outputs:
       version: ${{ steps.version.outputs.version }}
 
@@ -218,9 +217,10 @@ jobs:
       INVENTREE_ADMIN_USER: testuser
       INVENTREE_ADMIN_PASSWORD: testpassword
       INVENTREE_ADMIN_EMAIL: test@test.com
-      INVENTREE_PYTHON_TEST_SERVER: http://localhost:12345
+      INVENTREE_PYTHON_TEST_SERVER: http://127.0.0.1:12345
       INVENTREE_PYTHON_TEST_USERNAME: testuser
       INVENTREE_PYTHON_TEST_PASSWORD: testpassword
+      INVENTREE_SITE_URL: http://127.0.0.1:12345
 
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin@v4.1.1
diff --git a/InvenTree/InvenTree/api_version.py b/InvenTree/InvenTree/api_version.py
index 02a19b8bd7..bc69e28ae8 100644
--- a/InvenTree/InvenTree/api_version.py
+++ b/InvenTree/InvenTree/api_version.py
@@ -1,14 +1,11 @@
 """InvenTree API version information."""
 
 # InvenTree API version
-INVENTREE_API_VERSION = 185
+INVENTREE_API_VERSION = 184
 """Increment this API version number whenever there is a significant change to the API that any clients need to know about."""
 
 INVENTREE_API_TEXT = """
 
-v185 - 2024-03-18 : https://github.com/inventree/InvenTree/pull/6731
-    - Adds a default URL to the generated API schema (http://localhost:8000)
-
 v184 - 2024-03-17 : https://github.com/inventree/InvenTree/pull/10464
     - Add additional fields for tests (start/end datetime, test station)
 
diff --git a/InvenTree/InvenTree/settings.py b/InvenTree/InvenTree/settings.py
index 68a4049d39..2897b6d614 100644
--- a/InvenTree/InvenTree/settings.py
+++ b/InvenTree/InvenTree/settings.py
@@ -26,6 +26,7 @@ import pytz
 from dotenv import load_dotenv
 
 from InvenTree.config import get_boolean_setting, get_custom_file, get_setting
+from InvenTree.ready import isInMainThread
 from InvenTree.sentry import default_sentry_dsn, init_sentry
 from InvenTree.version import checkMinPythonVersion, inventreeApiVersion
 
@@ -1006,7 +1007,10 @@ if not ALLOWED_HOSTS:
         logger.error(
             'No ALLOWED_HOSTS specified. Please provide a list of allowed hosts, or specify INVENTREE_SITE_URL'
         )
-        sys.exit(-1)
+
+        # Server cannot run without ALLOWED_HOSTS
+        if isInMainThread():
+            sys.exit(-1)
 
 # Ensure that the ALLOWED_HOSTS do not contain any scheme info
 for i, host in enumerate(ALLOWED_HOSTS):
@@ -1027,10 +1031,18 @@ if SITE_URL and SITE_URL not in CSRF_TRUSTED_ORIGINS:
     CSRF_TRUSTED_ORIGINS.append(SITE_URL)
 
 if not TESTING and len(CSRF_TRUSTED_ORIGINS) == 0:
-    logger.error(
-        'No CSRF_TRUSTED_ORIGINS specified. Please provide a list of trusted origins, or specify INVENTREE_SITE_URL'
-    )
-    sys.exit(-1)
+    if DEBUG:
+        logger.warning(
+            'No CSRF_TRUSTED_ORIGINS specified. Defaulting to http://* for debug mode. This is not recommended for production use'
+        )
+        CSRF_TRUSTED_ORIGINS = ['http://*']
+
+    elif isInMainThread():
+        # Server thread cannot run without CSRF_TRUSTED_ORIGINS
+        logger.error(
+            'No CSRF_TRUSTED_ORIGINS specified. Please provide a list of trusted origins, or specify INVENTREE_SITE_URL'
+        )
+        sys.exit(-1)
 
 USE_X_FORWARDED_HOST = get_boolean_setting(
     'INVENTREE_USE_X_FORWARDED_HOST',