[Fixes #14021] Replace deprecated distutils with shutil and custom strtobool

[nrjadkry]

Fixes #14021

Checklist

Reviewing is a process done by project maintainers, mostly on a volunteer basis. We try to keep the overhead as small as possible and appreciate if you help us to do so by completing the following items. Feel free to ask in a comment if you have troubles with any of them.

For all pull requests:

• Confirm you have read the contribution guidelines
• You have sent a Contribution Licence Agreement (CLA) as necessary (not required for small changes, e.g., fixing typos in the documentation)
• Make sure the first PR targets the master branch, eventual backports will be managed later. This can be ignored if the PR is fixing an issue that only happens in a specific branch, but not in newer ones.

The following are required only for core and extension modules (they are welcomed, but not required, for contrib modules):

• There is a ticket in https://github.com/GeoNode/geonode/issues describing the issue/improvement/feature (a notable exemption is, changes not visible to end-users)
• The issue connected to the PR must have Labels and Milestone assigned
• PR for bug fixes and small new features are presented as a single commit
• PR title must be in the form "[Fixes #<issue_number>] Title of the PR"
• New unit tests have been added covering the changes, unless there is an explanation on why the tests are not necessary/implemented

Submitting the PR does not require you to check all items, but by the time it gets merged, they should be either satisfied or inapplicable.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses the deprecation of the distutils module in Python by replacing its functionalities with modern alternatives. It introduces a custom strtobool utility to handle boolean string conversions and updates directory copying operations to use shutil, thereby improving the project's compatibility with current Python standards and enhancing overall code health.

Highlights

• Deprecation Fix: Replaced the deprecated distutils.util.strtobool function with a new custom implementation within geonode.utils to ensure compatibility and maintainability with newer Python versions.
• Directory Operations Update: Migrated from the deprecated distutils.dir_util.copy_tree to shutil.copytree for directory copying operations, specifically in the backup and restore functionality.
• Centralized Utility Function: Introduced a new strtobool utility function in geonode/utils.py to provide a consistent and robust way to convert string representations to boolean values across the codebase.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request refactors the strtobool utility function by moving its implementation from distutils.util to geonode.utils and updating all import paths across the codebase. Additionally, it replaces the deprecated distutils.dir_util.copy_tree with shutil.copytree in the restore.py command. A critical security and stability concern was raised regarding the shutil.copytree operation, as it currently copies external resources directly to the filesystem root, which could lead to data loss or system vulnerabilities.

[gemini-code-assist]

The change correctly replaces the deprecated distutils.dir_util.copy_tree with shutil.copytree. However, copying the contents of external_folder directly to the root directory (/) is a critical security and stability concern. This operation could overwrite essential system files, lead to data loss, or introduce vulnerabilities if the external_folder contains unexpected or malicious content. It is highly recommended to use a specific, configurable, and secure destination path for external resources, rather than the filesystem root.

Suggested change

	shutil.copytree(external_folder, "/", dirs_exist_ok=True)
	# Consider replacing "/" with a configurable and secure destination path for external resources.
	shutil.copytree(external_folder, "/path/to/secure/external_resources", dirs_exist_ok=True)

[codecov]

Codecov Report

❌ Patch coverage is 66.66667% with 5 lines in your changes missing coverage. Please review.
✅ Project coverage is 74.57%. Comparing base (15d278b) to head (d8bff57).
⚠️ Report is 3 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #14081      +/-   ##
==========================================
- Coverage   74.58%   74.57%   -0.01%     
==========================================
  Files         951      951              
  Lines       57245    57255      +10     
  Branches     7771     7775       +4     
==========================================
+ Hits        42694    42700       +6     
- Misses      12833    12835       +2     
- Partials     1718     1720       +2     

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.