.gitignore

@@ -47,7 +47,6 @@ backups/
 env/
 venv/
 db.sqlite3
-shell.nix
 
 # ansibles customs host
 ansible/host_vars/*.yaml

apps/activity/views.py

@@ -168,9 +168,6 @@ class ActivityEntryView(LoginRequiredMixin, TemplateView):
         Don't display the entry interface if the user has no right to see it (no right to add an entry for itself),
         it is closed or doesn't manage entries.
         """
-        if not self.request.user.is_authenticated:
-            return self.handle_no_permission()
-
         activity = Activity.objects.get(pk=self.kwargs["pk"])
 
         sample_entry = Entry(activity=activity, note=self.request.user.note)

apps/member/migrations/0008_auto_20211005_1544.py

@@ -1,18 +0,0 @@
-# Generated by Django 2.2.24 on 2021-10-05 13:44
-
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('member', '0007_auto_20210313_1235'),
-    ]
-
-    operations = [
-        migrations.AlterField(
-            model_name='profile',
-            name='department',
-            field=models.CharField(choices=[('A0', 'Informatics (A0)'), ('A1', 'Mathematics (A1)'), ('A2', 'Physics (A2)'), ("A'2", "Applied physics (A'2)"), ("A''2", "Chemistry (A''2)"), ('A3', 'Biology (A3)'), ('B1234', 'SAPHIRE (B1234)'), ('B1', 'Mechanics (B1)'), ('B2', 'Civil engineering (B2)'), ('B3', 'Mechanical engineering (B3)'), ('B4', 'EEA (B4)'), ('C', 'Design (C)'), ('D2', 'Economy-management (D2)'), ('D3', 'Social sciences (D3)'), ('E', 'English (E)'), ('EXT', 'External (EXT)')], max_length=8, verbose_name='department'),
-        ),
-    ]

apps/member/views.py

@@ -18,7 +18,7 @@ from django.views.generic import DetailView, UpdateView, TemplateView
 from django.views.generic.edit import FormMixin
 from django_tables2.views import SingleTableView
 from rest_framework.authtoken.models import Token
-from note.models import Alias, NoteUser, NoteClub
+from note.models import Alias, NoteUser
 from note.models.transactions import Transaction, SpecialTransaction
 from note.tables import HistoryTable, AliasTable
 from note_kfet.middlewares import _set_current_request
@@ -174,7 +174,7 @@ class UserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
             modified_note = NoteUser.objects.get(pk=user.note.pk)
             # Don't log these tests
             modified_note._no_signal = True
-            modified_note.is_active = False
+            modified_note.is_active = True
             modified_note.inactivity_reason = 'manual'
             context["can_lock_note"] = user.note.is_active and PermissionBackend\
                                            .check_perm(self.request, "note.change_noteuser_is_active", modified_note)
@@ -183,14 +183,14 @@ class UserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
             modified_note._force_save = True
             modified_note.save()
             context["can_force_lock"] = user.note.is_active and PermissionBackend\
-                .check_perm(self.request, "note.change_noteuser_is_active", modified_note)
+                .check_perm(self.request, "note.change_note_is_active", modified_note)
             old_note._force_save = True
             old_note._no_signal = True
             old_note.save()
             modified_note.refresh_from_db()
             modified_note.is_active = True
             context["can_unlock_note"] = not user.note.is_active and PermissionBackend\
-                .check_perm(self.request, "note.change_noteuser_is_active", modified_note)
+                .check_perm(self.request, "note.change_note_is_active", modified_note)
 
         return context
 
@@ -256,8 +256,7 @@ class ProfileAliasView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
         context = super().get_context_data(**kwargs)
         note = context['object'].note
         context["aliases"] = AliasTable(
-            note.alias.filter(PermissionBackend.filter_queryset(self.request, Alias, "view")).distinct()
+            note.alias.filter(PermissionBackend.filter_queryset(self.request, Alias, "view")).distinct().all())
-            .order_by('normalized_name').all())
         context["can_create"] = PermissionBackend.check_perm(self.request, "note.add_alias", Alias(
             note=context["object"].note,
             name="",
@@ -404,12 +403,9 @@ class ClubDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
         """
         context = super().get_context_data(**kwargs)
 
-        club = self.object
+        club = context["club"]
-        context["note"] = club.note
-
         if PermissionBackend.check_perm(self.request, "member.change_club_membership_start", club):
             club.update_membership_dates()
-
         # managers list
         managers = Membership.objects.filter(club=self.object, roles__name="Bureau de club",
                                              date_start__lte=date.today(), date_end__gte=date.today())\
@@ -447,29 +443,6 @@ class ClubDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
         context["can_add_members"] = PermissionBackend()\
             .has_perm(self.request.user, "member.add_membership", empty_membership)
 
-        # Check permissions to see if the authenticated user can lock/unlock the note
-        with transaction.atomic():
-            modified_note = NoteClub.objects.get(pk=club.note.pk)
-            # Don't log these tests
-            modified_note._no_signal = True
-            modified_note.is_active = False
-            modified_note.inactivity_reason = 'manual'
-            context["can_lock_note"] = club.note.is_active and PermissionBackend \
-                .check_perm(self.request, "note.change_noteclub_is_active", modified_note)
-            old_note = NoteClub.objects.select_for_update().get(pk=club.note.pk)
-            modified_note.inactivity_reason = 'forced'
-            modified_note._force_save = True
-            modified_note.save()
-            context["can_force_lock"] = club.note.is_active and PermissionBackend \
-                .check_perm(self.request, "note.change_noteclub_is_active", modified_note)
-            old_note._force_save = True
-            old_note._no_signal = True
-            old_note.save()
-            modified_note.refresh_from_db()
-            modified_note.is_active = True
-            context["can_unlock_note"] = not club.note.is_active and PermissionBackend \
-                .check_perm(self.request, "note.change_noteclub_is_active", modified_note)
-
         return context
 
 

apps/note/tables.py

@@ -4,7 +4,7 @@
 import html
 
 import django_tables2 as tables
-from django.utils.html import format_html, mark_safe
+from django.utils.html import format_html
 from django_tables2.utils import A
 from django.utils.translation import gettext_lazy as _
 from note_kfet.middlewares import get_current_request
@@ -197,17 +197,6 @@ class ButtonTable(tables.Table):
         verbose_name=_("Edit"),
     )
 
-    hideshow = tables.Column(
-        verbose_name=_("Hide/Show"),
-        accessor="pk",
-        attrs={
-            'td': {
-                'class': 'col-sm-1',
-                'id': lambda record: "hideshow_" + str(record.pk),
-            }
-        },
-    )
-
     delete_col = tables.TemplateColumn(template_code=DELETE_TEMPLATE,
                                        extra_context={"delete_trans": _('delete')},
                                        attrs={'td': {'class': 'col-sm-1'}},
@@ -215,16 +204,3 @@ class ButtonTable(tables.Table):
 
     def render_amount(self, value):
         return pretty_money(value)
-
-    def order_category(self, queryset, is_descending):
-        return queryset.order_by(f"{'-' if is_descending else ''}category__name"), True
-
-    def render_hideshow(self, record):
-        val = '<button id="'
-        val += str(record.pk)
-        val += '" class="btn btn-secondary btn-sm" \
-            onclick="hideshow(' + str(record.id) + ',' + \
-            str(record.display).lower() + ')">'
-        val += str(_("Hide/Show"))
-        val += '</button>'
-        return mark_safe(val)

apps/note/templates/note/transactiontemplate_list.html

@@ -31,9 +31,14 @@ SPDX-License-Identifier: GPL-3.0-or-later
 
 {% block extrajavascript %}
 <script type="text/javascript">
+    $(document).ready(function() {
+        let searchbar_obj = $("#search_field");
+        let timer_on = false;
+        let timer;
+
         function refreshMatchedWords() {
             $("tr").each(function() {
-            let pattern = $('#search_field').val();
+                let pattern = searchbar_obj.val();
                 if (pattern) {
                     $(this).find("td:eq(0), td:eq(1), td:eq(3), td:eq(6)").each(function () {
                         $(this).html($(this).text().replace(new RegExp(pattern, 'i'), "<mark>$&</mark>"));
@@ -42,18 +47,13 @@ SPDX-License-Identifier: GPL-3.0-or-later
             });
         }
 
+        refreshMatchedWords();
+
         function reloadTable() {
-        let pattern = $('#search_field').val();
+            let pattern = searchbar_obj.val();
             $("#buttons_table").load(location.pathname + "?search=" + pattern.replace(" ", "%20") + " #buttons_table", refreshMatchedWords);
         }
 
-    $(document).ready(function() {
-        let searchbar_obj = $("#search_field");
-        let timer_on = false;
-        let timer;
-
-        refreshMatchedWords();
-
         searchbar_obj.keyup(function() {
             if (timer_on)
                 clearTimeout(timer);
@@ -77,28 +77,5 @@ SPDX-License-Identifier: GPL-3.0-or-later
               addMsg('{% trans "Unable to delete button "%} #' + button_id, 'danger')
           });
      }
-
-    // on click of button "hide/show", call the API
-    function hideshow(id, displayed) {
-            $.ajax({
-                url: '/api/note/transaction/template/' + id + '/',
-                type: 'PATCH',
-                dataType: 'json',
-                headers: {
-                    'X-CSRFTOKEN': CSRF_TOKEN
-                },
-                data: {
-                    display: !displayed
-                },
-                success: function() {
-                    if(displayed)
-                        addMsg("{% trans "Button hidden"%}", 'success', 1000)
-                    else addMsg("{% trans "Button displayed"%}", 'success', 1000)
-                    reloadTable()
-                },
-                error: function (err) {
-                    addMsg("{% trans "An error occured"%}", 'danger')
-                }})
-        }
 </script>
 {% endblock %}

apps/note/views.py

@@ -90,9 +90,9 @@ class TransactionTemplateListView(ProtectQuerysetMixin, LoginRequiredMixin, Sing
         if "search" in self.request.GET:
             pattern = self.request.GET["search"]
             qs = qs.filter(
-                Q(name__iregex=pattern)
+                Q(name__iregex="^" + pattern)
-                | Q(destination__club__name__iregex=pattern)
+                | Q(destination__club__name__iregex="^" + pattern)
-                | Q(category__name__iregex=pattern)
+                | Q(category__name__iregex="^" + pattern)
                 | Q(description__iregex=pattern)
             )
 

apps/permission/fixtures/initial.json

@@ -977,7 +977,7 @@
 			],
 			"query": "[\"OR\", {\"source\": [\"club\", \"note\"]}, {\"destination\": [\"club\", \"note\"]}]",
 			"type": "view",
-			"mask": 2,
+			"mask": 1,
 			"field": "",
 			"permanent": false,
 			"description": "Voir les transactions d'un club"
@@ -2511,7 +2511,7 @@
 				"note",
 				"noteuser"
 			],
-			"query": "[\"AND\", {\"user\": [\"user\"]}, [\"OR\", {\"inactivity_reason\": \"manual\"}, {\"is_active\": true}]]",
+			"query": "[\"AND\", {\"user\": [\"user\"]}, [\"OR\", {\"inactivity_reason\": \"manual\"}, {\"inactivity_reason\": null}]]",
 			"type": "change",
 			"mask": 1,
 			"field": "is_active",
@@ -2527,7 +2527,7 @@
 				"note",
 				"noteuser"
 			],
-			"query": "[\"AND\", {\"user\": [\"user\"]}, [\"OR\", {\"inactivity_reason\": \"manual\"}, {\"is_active\": true}]]",
+			"query": "[\"AND\", {\"user\": [\"user\"]}, [\"OR\", {\"inactivity_reason\": \"manual\"}, {\"inactivity_reason\": null}]]",
 			"type": "change",
 			"mask": 1,
 			"field": "inactivity_reason",
@@ -2871,38 +2871,6 @@
 			"description": "Changer l'image de n'importe quelle note"
 		}
 	},
-	{
-		"model": "permission.permission",
-		"pk": 184,
-		"fields": {
-			"model": [
-				"note",
-				"noteclub"
-			],
-			"query": "[\"AND\", {\"club\": [\"club\"]}, [\"OR\", {\"inactivity_reason\": \"manual\"}, {\"is_active\": true}]]",
-			"type": "change",
-			"mask": 3,
-			"field": "is_active",
-			"permanent": true,
-			"description": "(Dé)bloquer la note de son club manuellement"
-		}
-	},
-	{
-		"model": "permission.permission",
-		"pk": 185,
-		"fields": {
-			"model": [
-				"note",
-				"noteclub"
-			],
-			"query": "[\"AND\", {\"club\": [\"club\"]}, [\"OR\", {\"inactivity_reason\": \"manual\"}, {\"is_active\": true}]]",
-			"type": "change",
-			"mask": 3,
-			"field": "inactivity_reason",
-			"permanent": true,
-			"description": "(Dé)bloquer la note de son club et indiquer que cela a été fait manuellement"
-		}
-	},
 	{
 		"model": "permission.role",
 		"pk": 1,
@@ -3042,9 +3010,7 @@
 				166,
 				167,
 				168,
-				182,
+				182
-				184,
-				185
 			]
 		}
 	},
@@ -3312,9 +3278,7 @@
 				180,
 				181,
 				182,
-				183,
+				183
-				184,
-				185
 			]
 		}
 	},
@@ -3374,8 +3338,7 @@
 				45,
 				46,
 				148,
-				149,
+				149
-				182
 			]
 		}
 	},

apps/scripts

@@ -1 +1 @@
-Subproject commit 86bc2d269853ad60391e242ff655f0dc83b5967d
+Subproject commit 7a022b9407bdcbe97a78bfc10b2812c9b0aaf314

apps/treasury/migrations/0004_auto_20211005_1544.py

@@ -1,18 +0,0 @@
-# Generated by Django 2.2.24 on 2021-10-05 13:44
-
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('treasury', '0003_auto_20210321_1034'),
-    ]
-
-    operations = [
-        migrations.AlterField(
-            model_name='sogecredit',
-            name='transactions',
-            field=models.ManyToManyField(blank=True, related_name='_sogecredit_transactions_+', to='note.MembershipTransaction', verbose_name='membership transactions'),
-        ),
-    ]

locale/fr/LC_MESSAGES/django.po

@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2021-10-07 22:55+0200\n"
+"POT-Creation-Date: 2021-09-28 17:02+0200\n"
 "PO-Revision-Date: 2020-11-16 20:02+0000\n"
 "Last-Translator: Yohann D'ANELLO <ynerant@crans.org>\n"
 "Language-Team: French <http://translate.ynerant.fr/projects/nk20/nk20/fr/>\n"
@@ -279,7 +279,7 @@ msgstr "Prénom"
 msgid "Note"
 msgstr "Note"
 
-#: apps/activity/tables.py:90 apps/member/tables.py:50
+#: apps/activity/tables.py:90 apps/member/tables.py:49
 msgid "Balance"
 msgstr "Solde du compte"
 
@@ -320,13 +320,13 @@ msgstr "Entrées"
 msgid "Return to activity page"
 msgstr "Retour à la page de l'activité"
 
-#: apps/activity/templates/activity/activity_entry.html:94
+#: apps/activity/templates/activity/activity_entry.html:89
-#: apps/activity/templates/activity/activity_entry.html:129
+#: apps/activity/templates/activity/activity_entry.html:124
 msgid "Entry done, but caution: the user is not a Kfet member."
 msgstr ""
 "Entrée effectuée, mais attention : la personne n'est pas un adhérent Kfet."
 
-#: apps/activity/templates/activity/activity_entry.html:132
+#: apps/activity/templates/activity/activity_entry.html:127
 msgid "Entry done!"
 msgstr "Entrée effectuée !"
 
@@ -404,33 +404,33 @@ msgstr "Créer une nouvelle activité"
 msgid "Activities"
 msgstr "Activités"
 
-#: apps/activity/views.py:93
+#: apps/activity/views.py:95
 msgid "Activity detail"
 msgstr "Détails de l'activité"
 
-#: apps/activity/views.py:113
+#: apps/activity/views.py:115
 msgid "Update activity"
 msgstr "Modifier l'activité"
 
-#: apps/activity/views.py:140
+#: apps/activity/views.py:142
 msgid "Invite guest to the activity \"{}\""
 msgstr "Invitation pour l'activité « {} »"
 
-#: apps/activity/views.py:178
+#: apps/activity/views.py:177
 msgid "You are not allowed to display the entry interface for this activity."
 msgstr ""
 "Vous n'êtes pas autorisé à afficher l'interface des entrées pour cette "
 "activité."
 
-#: apps/activity/views.py:181
+#: apps/activity/views.py:180
 msgid "This activity does not support activity entries."
 msgstr "Cette activité ne requiert pas d'entrées."
 
-#: apps/activity/views.py:184
+#: apps/activity/views.py:183
 msgid "This activity is closed."
 msgstr "Cette activité est fermée."
 
-#: apps/activity/views.py:280
+#: apps/activity/views.py:279
 msgid "Entry for activity \"{}\""
 msgstr "Entrées pour l'activité « {} »"
 
@@ -466,7 +466,7 @@ msgstr "nouvelles données"
 msgid "create"
 msgstr "créer"
 
-#: apps/logs/models.py:65 apps/note/tables.py:165 apps/note/tables.py:211
+#: apps/logs/models.py:65 apps/note/tables.py:165 apps/note/tables.py:201
 #: apps/permission/models.py:127 apps/treasury/tables.py:38
 #: apps/wei/tables.py:74
 msgid "delete"
@@ -850,33 +850,33 @@ msgstr "l'adhésion commence le"
 msgid "membership ends on"
 msgstr "l'adhésion finit le"
 
-#: apps/member/models.py:428
+#: apps/member/models.py:422
 #, python-brace-format
 msgid "The role {role} does not apply to the club {club}."
 msgstr "Le rôle {role} ne s'applique pas au club {club}."
 
-#: apps/member/models.py:437 apps/member/views.py:651
+#: apps/member/models.py:431 apps/member/views.py:651
 msgid "User is already a member of the club"
 msgstr "L'utilisateur est déjà membre du club"
 
-#: apps/member/models.py:449 apps/member/views.py:660
+#: apps/member/models.py:443 apps/member/views.py:660
 msgid "User is not a member of the parent club"
 msgstr "L'utilisateur n'est pas membre du club parent"
 
-#: apps/member/models.py:502
+#: apps/member/models.py:496
 #, python-brace-format
 msgid "Membership of {user} for the club {club}"
 msgstr "Adhésion de {user} pour le club {club}"
 
-#: apps/member/models.py:505 apps/note/models/transactions.py:389
+#: apps/member/models.py:499 apps/note/models/transactions.py:389
 msgid "membership"
 msgstr "adhésion"
 
-#: apps/member/models.py:506
+#: apps/member/models.py:500
 msgid "memberships"
 msgstr "adhésions"
 
-#: apps/member/tables.py:139
+#: apps/member/tables.py:137
 msgid "Renew"
 msgstr "Renouveler"
 
@@ -1535,7 +1535,7 @@ msgstr "Cliquez pour valider"
 msgid "No reason specified"
 msgstr "Pas de motif spécifié"
 
-#: apps/note/tables.py:169 apps/note/tables.py:213 apps/treasury/tables.py:39
+#: apps/note/tables.py:169 apps/note/tables.py:203 apps/treasury/tables.py:39
 #: apps/treasury/templates/treasury/invoice_confirm_delete.html:30
 #: apps/treasury/templates/treasury/sogecredit_detail.html:65
 #: apps/wei/tables.py:75 apps/wei/tables.py:118
@@ -1556,10 +1556,6 @@ msgstr "Supprimer"
 msgid "Edit"
 msgstr "Éditer"
 
-#: apps/note/tables.py:201 apps/note/tables.py:224
-msgid "Hide/Show"
-msgstr "Afficher/Masquer"
-
 #: apps/note/templates/note/conso_form.html:22
 #: apps/note/templates/note/transaction_form.html:48
 msgid "Please select a note"
@@ -1689,18 +1685,6 @@ msgstr "le bouton a bien été supprimé "
 msgid "Unable to delete button "
 msgstr "Impossible de supprimer le bouton "
 
-#: apps/note/templates/note/transactiontemplate_list.html:95
-msgid "Button hidden"
-msgstr "Bouton masqué"
-
-#: apps/note/templates/note/transactiontemplate_list.html:96
-msgid "Button displayed"
-msgstr "Bouton affiché"
-
-#: apps/note/templates/note/transactiontemplate_list.html:100
-msgid "An error occured"
-msgstr "Une erreur s'est produite"
-
 #: apps/note/views.py:36
 msgid "Transfer money"
 msgstr "Transférer de l'argent"
@@ -3517,3 +3501,8 @@ msgstr ""
 "vous connecter. Vous devez vous rendre à la Kfet et payer les frais "
 "d'adhésion. Vous devez également valider votre adresse email en suivant le "
 "lien que vous avez reçu."
+
+#~ msgid "You are not a Kfet member, so you can't use your note account."
+#~ msgstr ""
+#~ "Vous n'êtes pas adhérent Kfet, vous ne pouvez par conséquent pas utiliser "
+#~ "votre compte note."

note_kfet/templates/base.html

@@ -33,7 +33,8 @@ SPDX-License-Identifier: GPL-3.0-or-later
     <script src="{% static "jquery/jquery.min.js" %}"></script>
     <script src="{% static "popper.js/umd/popper.min.js" %}"></script>
     <script src="{% static "bootstrap4/js/bootstrap.min.js" %}"></script>
-    <script src="{% static "js/turbolinks.js" %}"></script>
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/turbolinks/5.2.0/turbolinks.js"
+            crossorigin="anonymous"></script>
     <script src="{% static "js/base.js" %}"></script>
     <script src="{% static "js/konami.js" %}"></script>
 

requirements.txt

@@ -4,14 +4,14 @@ django-bootstrap-datepicker-plus~=3.0.5
 django-cas-server~=1.2.0
 django-colorfield~=0.3.2
 django-crispy-forms~=1.7.2
-django-extensions>=2.1.4
+django-extensions~=2.1.4
-django-filter~=2.1
+django-filter~=2.1.0
 django-htcpcp-tea~=0.3.1
 django-mailer~=2.0.1
 django-oauth-toolkit~=1.3.3
 django-phonenumber-field~=5.0.0
-django-polymorphic>=2.0.3,<3.0.0
+django-polymorphic~=2.0.3
-djangorestframework>=3.9.0,<3.13.0
+djangorestframework~=3.9.0
 django-rest-polymorphic~=0.1.9
 django-tables2~=2.3.1
 python-memcached~=1.59