Feat/legacy cleanup redis security worker fix#10
Open
lorenzobrg wants to merge 11 commits into
Open
Conversation
- Add REDIS_PASSWORD env var and enforce it on Redis container via --requirepass - Update CELERY_BROKER_URL and CELERY_RESULT_BACKEND defaults to include password - Update .env.example with Redis password configuration template
- Delete modality_processing_handlers.py — never imported, Job state already tracked via file_utils.mark_job_completed/mark_job_failed in runner_api_service - Remove unreachable duplicate 'processing' template branch (shadowed by preceding branch with identical condition)
- Add ios_job_status / cbct_job_status properties on Patient that query
the Job model (statuses normalized: pending/processing/retrying→processing,
completed→processed, failed→failed, no job→not_uploaded)
- Remove save() auto-transition on legacy FileField uploads (obsolete —
Jobs are created explicitly in upload views)
- Route is_ios_processed/is_cbct_processed through Job-backed properties
- Update all callers: templates, view functions, API endpoints, file_utils
- Remove dead patient.X_processing_status SET calls in file_utils (Job
mark_completed/mark_failed already handles this)
- Remove dead setattr(patient, f"{modality}_processing_status",...) in
admin view — generic per-modality Job status replaces this
- Both maxillo and brain Patient models updated
- Remove upper_scan_raw, lower_scan_raw, upper_scan_norm, lower_scan_norm, cbct FileFields from maxillo and brain Patient models - Remove ios_processing_status, cbct_processing_status CharFields (already replaced by Job-backed ios_job_status / cbct_job_status properties) - Remove save() auto-transition from legacy FileField uploads - Slim has_ios_scans() / has_cbct_scan() to use FileRegistry only (no legacy fallback) - Remove dead validate_cbct_file validator, dead FileField imports - Keep upload_path functions for migration compatibility (0001_initial) - Remove cbct FileField from brain PatientUploadForm - Remove legacy FileField file listing blocks from API endpoints - Clean up management commands, JS selectors, and test files All file serving at runtime already goes through FileRegistry → ObjectStorage (S3). The legacy fields were only used for boolean existence checks — not URL generation.
…t/legacy-cleanup-redis-security-worker-fix
LucaLumetti
requested changes
May 6, 2026
| logger = logging.getLogger(__name__) | ||
|
|
||
|
|
||
| # Kept for migration compatibility (referenced by brain/migrations/0004_initial.py). |
Collaborator
There was a problem hiding this comment.
Forse si puo' rimuovere questo?
|
|
||
| # Kept for migration compatibility (referenced by maxillo/migrations/0001_initial.py). | ||
| # These are not used by the current Patient model — files go through FileRegistry. | ||
| def scan_upload_path(instance, filename): |
Collaborator
There was a problem hiding this comment.
Anche questi rimuoverei
| @@ -45,8 +45,8 @@ | |||
| # Alternative file paths for Linux/Docker environment (if running from within container) | |||
| # Uncomment and modify these if running the script from inside the Docker container | |||
| LINUX_FILES_CONFIG = { | |||
Collaborator
There was a problem hiding this comment.
questo file non so bene da dove esca, rimuoverei e' un po strano da vedere e leggere
| FILES_CONFIG = { | ||
| "upper_scan_raw": r"path\to\upper.stl", | ||
| "lower_scan_raw": r"path\to\lower.stl", | ||
| "upper_scan": r"path\to\upper.stl", |
| FILES_CONFIG = { | ||
| "upper_scan_raw": r"E:\ToothFairy4M\Dataset_Progetto_AI\IOS\Progetto AI\Bits2Bites\1\upper.stl", | ||
| "lower_scan_raw": r"E:\ToothFairy4M\Dataset_Progetto_AI\IOS\Progetto AI\Bits2Bites\1\lower.stl", | ||
| "upper_scan": r"E:\ToothFairy4M\Dataset_Progetto_AI\IOS\Progetto AI\Bits2Bites\1\upper.stl", |
| # Async jobs (distributed runners) | ||
| CELERY_BROKER_URL = config("CELERY_BROKER_URL", default="redis://redis:6379/0") | ||
| CELERY_RESULT_BACKEND = config("CELERY_RESULT_BACKEND", default="redis://redis:6379/1") | ||
| _REDIS_PASSWORD = config("REDIS_PASSWORD", default="") |
Collaborator
There was a problem hiding this comment.
No default. se manca crasha
| CELERY_BROKER_URL=redis://redis:6379/2 | ||
| CELERY_RESULT_BACKEND=redis://redis:6379/3 | ||
| REDIS_PASSWORD=change-me-redis-password | ||
| CELERY_BROKER_URL=redis://:change-me-redis-password@redis:6379/2 |
Collaborator
There was a problem hiding this comment.
ora quindi devo scrivere tre volte la password di redis nel .env?
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
redis now needs password and legacy usage of /dataset is completely removed so now only FileRegistry and Job are used.