Merge remote-tracking branch 'origin/master' into tresorerie

# Conflicts:
#	locale/de/LC_MESSAGES/django.po
#	locale/fr/LC_MESSAGES/django.po
#	note_kfet/settings/base.py
#	templates/base.html

note_kfet/settings/__init__.py

@@ -41,6 +41,8 @@ else:
 try:
     #in secrets.py defines everything you want
     from .secrets import *
+    INSTALLED_APPS += OPTIONAL_APPS
+
 except ImportError:
     pass
 
@@ -74,7 +76,7 @@ if "cas" in INSTALLED_APPS:
 
 
 if "logs" in INSTALLED_APPS:
-    MIDDLEWARE += ('logs.middlewares.LogsMiddleware',)
+    MIDDLEWARE += ('note_kfet.middlewares.SessionMiddleware',)
 
 if "debug_toolbar" in INSTALLED_APPS:
     MIDDLEWARE.insert(1, "debug_toolbar.middleware.DebugToolbarMiddleware")

note_kfet/settings/base.py

@@ -39,8 +39,6 @@ INSTALLED_APPS = [
     'polymorphic',
     'crispy_forms',
     'django_tables2',
-    'cas_server',
-    'cas',
     # Django contrib
     'django.contrib.admin',
     'django.contrib.admindocs',
@@ -62,6 +60,7 @@ INSTALLED_APPS = [
     'member',
     'note',
     'treasury',
+    'permission',
     'api',
     'logs',
 ]
@@ -127,18 +126,15 @@ PASSWORD_HASHERS = [
     'member.hashers.CustomNK15Hasher',
 ]
 
-# Django Guardian object permissions
-
 AUTHENTICATION_BACKENDS = (
-    'django.contrib.auth.backends.ModelBackend',  # this is default
+    'permission.backends.PermissionBackend',  # Custom role-based permission system
+    'cas.backends.CASBackend',  # For CAS connections
 )
 
 REST_FRAMEWORK = {
-    # Use Django's standard `django.contrib.auth` permissions,
-    # or allow read-only access for unauthenticated users.
     'DEFAULT_PERMISSION_CLASSES': [
-        # TODO Maybe replace it with our custom permissions system
-        'rest_framework.permissions.DjangoModelPermissions',
+        # Control API access with our role-based permission system
+        'permission.permissions.StrongDjangoObjectPermissions',
     ],
     'DEFAULT_AUTHENTICATION_CLASSES': [
         'rest_framework.authentication.SessionAuthentication',