Merge branch 'main' into potvieux

Update invoice template

See merge request bde/nk20!307

.gitignore

@@ -48,6 +48,7 @@ backups/
 env/
 venv/
 db.sqlite3
+shell.nix
 
 # ansibles customs host
 ansible/host_vars/*.yaml

README.md

@@ -58,7 +58,13 @@ Bien que cela permette de créer une instance sur toutes les distributions,
     (env)$ ./manage.py createsuperuser  # Création d'un⋅e utilisateur⋅rice initial
     ```
 
-6.  Enjoy :
+6. (Optionnel) **Création d'une clé privée OpenID Connect**
+
+Pour activer le support d'OpenID Connect, il faut générer une clé privée, par
+exemple avec openssl (`openssl genrsa -out oidc.key 4096`), et renseigner son
+emplacement dans `OIDC_RSA_PRIVATE_KEY` (par défaut `/var/secrets/oidc.key`).
+
+7.  Enjoy :
 
     ```bash
     (env)$ ./manage.py runserver 0.0.0.0:8000
@@ -228,7 +234,13 @@ Sinon vous pouvez suivre les étapes décrites ci-dessous.
         (env)$ ./manage.py check # pas de bêtise qui traine
         (env)$ ./manage.py migrate
 
-7.  *Enjoy \o/*
+7. **Création d'une clé privée OpenID Connect**
+
+Pour activer le support d'OpenID Connect, il faut générer une clé privée, par
+exemple avec openssl (`openssl genrsa -out oidc.key 4096`), et renseigner son
+emplacement dans `OIDC_RSA_PRIVATE_KEY` (par défaut `/var/secrets/oidc.key`).
+
+8.  *Enjoy \o/*
 
 ### Installation avec Docker
 

apps/activity/admin.py

@@ -35,7 +35,7 @@ class GuestAdmin(admin.ModelAdmin):
     """
     Admin customisation for Guest
     """
-    list_display = ('last_name', 'first_name', 'activity', 'inviter')
+    list_display = ('last_name', 'first_name', 'school', 'activity', 'inviter')
     form = GuestForm
 
 

apps/activity/api/views.py

@@ -51,9 +51,9 @@ class GuestViewSet(ReadProtectedModelViewSet):
     queryset = Guest.objects.order_by('id')
     serializer_class = GuestSerializer
     filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
-    filterset_fields = ['activity', 'activity__name', 'last_name', 'first_name', 'inviter', 'inviter__alias__name',
+    filterset_fields = ['activity', 'activity__name', 'last_name', 'first_name', 'school', 'inviter', 'inviter__alias__name',
                         'inviter__alias__normalized_name', ]
-    search_fields = ['$activity__name', '$last_name', '$first_name', '$inviter__user__email', '$inviter__alias__name',
+    search_fields = ['$activity__name', '$last_name', '$first_name', '$school', '$inviter__user__email', '$inviter__alias__name',
                      '$inviter__alias__normalized_name', ]
 
 

apps/activity/forms.py

@@ -107,7 +107,7 @@ class GuestForm(forms.ModelForm):
 
     class Meta:
         model = Guest
-        fields = ('last_name', 'first_name', 'inviter', )
+        fields = ('last_name', 'first_name', 'school', 'inviter', )
         widgets = {
             "inviter": Autocomplete(
                 NoteUser,

apps/activity/migrations/0006_guest_school.py

@@ -0,0 +1,18 @@
+# Generated by Django 4.2.20 on 2025-03-25 09:58
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("activity", "0005_alter_opener_options_alter_opener_opener"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="guest",
+            name="school",
+            field=models.CharField(default="", max_length=255, verbose_name="school"),
+            preserve_default=False,
+        ),
+    ]

apps/activity/models.py

@@ -201,7 +201,8 @@ class Entry(models.Model):
     def save(self, *args, **kwargs):
         qs = Entry.objects.filter(~Q(pk=self.pk), activity=self.activity, note=self.note, guest=self.guest)
         if qs.exists():
-            raise ValidationError(_("Already entered on ") + _("{:%Y-%m-%d %H:%M:%S}").format(qs.get().time, ))
+            raise ValidationError(_("Already entered on ")
+                                  + _("{:%Y-%m-%d %H:%M:%S}").format(timezone.localtime(qs.get().time), ))
 
         if self.guest:
             self.note = self.guest.inviter
@@ -247,6 +248,11 @@ class Guest(models.Model):
         verbose_name=_("first name"),
     )
 
+    school = models.CharField(
+        max_length=255,
+        verbose_name=_("school"),
+    )
+
     inviter = models.ForeignKey(
         NoteUser,
         on_delete=models.PROTECT,

apps/activity/tables.py

@@ -1,6 +1,8 @@
 # Copyright (C) 2018-2025 by BDE ENS Paris-Saclay
 # SPDX-License-Identifier: GPL-3.0-or-later
 
+import datetime
+
 from django.utils import timezone
 from django.utils.html import escape
 from django.utils.safestring import mark_safe
@@ -51,11 +53,11 @@ class GuestTable(tables.Table):
         }
         model = Guest
         template_name = 'django_tables2/bootstrap4.html'
-        fields = ("last_name", "first_name", "inviter", )
+        fields = ("last_name", "first_name", "inviter", "school")
 
     def render_entry(self, record):
         if record.has_entry:
-            return str(_("Entered on ") + str(_("{:%Y-%m-%d %H:%M:%S}").format(record.entry.time, )))
+            return str(_("Entered on ") + str(_("{:%Y-%m-%d %H:%M:%S}").format(timezone.localtime(record.entry.time))))
         return mark_safe('<button id="{id}" class="btn btn-danger btn-sm" onclick="remove_guest(this.id)"> '
                          '{delete_trans}</button>'.format(id=record.id, delete_trans=_("remove").capitalize()))
 
@@ -77,6 +79,9 @@ def get_row_class(record):
             c += " table-info"
         elif record.note.balance < 0:
             c += " table-danger"
+        # MODE VIEUXCON=ON
+        if (datetime.datetime.utcnow().timestamp() - record.note.created_at.timestamp()) > 3600 * 24 * 365 * 2.5:
+            c += " font-weight-bold underline"
     return c
 
 

apps/activity/tests/test_activities.py

@@ -50,6 +50,7 @@ class TestActivities(TestCase):
             inviter=self.user.note,
             last_name="GUEST",
             first_name="Guest",
+            school="School",
         )
 
     def test_activity_list(self):
@@ -156,6 +157,7 @@ class TestActivities(TestCase):
             inviter=self.user.note.id,
             last_name="GUEST2",
             first_name="Guest",
+            school="School",
         ))
         self.assertEqual(response.status_code, 200)
 
@@ -167,6 +169,7 @@ class TestActivities(TestCase):
             inviter=self.user.note.id,
             last_name="GUEST2",
             first_name="Guest",
+            school="School",
         ))
         self.assertRedirects(response, reverse("activity:activity_detail", args=(self.activity.pk,)), 302, 200)
 
@@ -200,6 +203,7 @@ class TestActivityAPI(TestAPI):
             inviter=self.user.note,
             last_name="GUEST",
             first_name="Guest",
+            school="School",
         )
 
         self.entry = Entry.objects.create(

apps/activity/views.py

@@ -168,6 +168,7 @@ class ActivityInviteView(ProtectQuerysetMixin, ProtectedCreateView):
             activity=activity,
             first_name="",
             last_name="",
+            school="",
             inviter=self.request.user.note,
         )
 
@@ -263,13 +264,22 @@ class ActivityEntryView(LoginRequiredMixin, SingleTableMixin, TemplateView):
                                          balance=F("note__balance"))
 
         # Keep only users that have a note
-        note_qs = note_qs.filter(note__noteuser__isnull=False)
+        note_qs = note_qs.filter(note__noteuser__isnull=False).exclude(note__inactivity_reason='forced')
 
-        # Keep only valid members
+        if activity.activity_type.name != "Pot Vieux":
+            # Keep only members
             note_qs = note_qs.filter(
                 note__noteuser__user__memberships__club=activity.attendees_club,
                 note__noteuser__user__memberships__date_start__lte=timezone.now(),
-            note__noteuser__user__memberships__date_end__gte=timezone.now()).exclude(note__inactivity_reason='forced')
+                note__noteuser__user__memberships__date_end__gte=timezone.now(),
+            )
+
+        # Keep only valid members
+#        note_qs = note_qs.filter(
+#            note__noteuser__user__memberships__club=activity.attendees_club,
+#            note__noteuser__user__memberships__date_start__lte=timezone.now(),
+#            note__noteuser__user__memberships__date_end__gte=timezone.now(),
+#       )
 
         # Filter with permission backend
         note_qs = note_qs.filter(PermissionBackend.filter_queryset(self.request, Alias, "view"))

apps/member/forms.py

@@ -23,7 +23,7 @@ from .models import Profile, Club, Membership
 class CustomAuthenticationForm(AuthenticationForm):
     permission_mask = forms.ModelChoiceField(
         label=_("Permission mask"),
-        queryset=PermissionMask.objects.order_by("rank"),
+        queryset=PermissionMask.objects.order_by("-rank"),
         empty_label=None,
     )
 

apps/member/templates/member/picture_update.html

@@ -20,11 +20,13 @@ SPDX-License-Identifier: GPL-3.0-or-later
       </form>
     </div>
     <!-- MODAL TO CROP THE IMAGE -->
-    <div class="modal fade" id="modalCrop">
+    <div class="modal fade" id="modalCrop" data-backdrop="static">
       <div class="modal-dialog">
         <div class="modal-content">
-          <div class="modal-body">
-            <img src="" id="modal-image" style="max-width: 100%;">
+            <div class="modal-body-wrapper" style="width: 500px; height: 500px; padding: 16px;">
+              <div class="modal-body" style="width: 100%; height: 100%; padding: 0">
+                <img src="" id="modal-image" style="display: block; max-width: 100%;">
+              </div>
             </div>
           <div class="modal-footer">
             <div class="btn-group pull-left" role="group">

apps/note/templates/note/transaction_form.html

@@ -89,7 +89,7 @@ SPDX-License-Identifier: GPL-2.0-or-later
                 </ul>
                 <div class="card-body">
                     <select id="debit_type" class="form-control custom-select d-none">
-                        {% for special_type in special_types %}
+                        {% for special_type in special_types|slice:"::-1" %}
                             <option value="{{ special_type.id }}">{{ special_type.special_type }}</option>
                         {% endfor %}
                     </select>

apps/permission/fixtures/initial.json

@@ -3815,7 +3815,7 @@
             "mask": 2,
             "field": "",
             "permanent": false,
-            "description": "Créer une transaction vers la note d'un club tant que la source reste au dessus de -20 €"
+            "description": "Créer une transaction vers la note d'un club"
 	}
     },
     {
@@ -4812,8 +4812,10 @@
                 168,
                 176,
                 177,
+		178,
                 197,
-                211
+                211,
+		244
             ]
         }
     },

apps/treasury/migrations/0010_alter_invoice_bde.py

@@ -0,0 +1,18 @@
+# Generated by Django 4.2.20 on 2025-04-14 20:21
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('treasury', '0009_alter_sogecredit_transactions'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='invoice',
+            name='bde',
+            field=models.CharField(choices=[('Diolistos', 'Diol[list]os'), ('RavePartlist', 'RavePart[list]'), ('SecretStorlist', 'SecretStor[list]'), ('TotalistSpies', 'Tota[list]Spies'), ('Saperlistpopette', 'Saper[list]popette'), ('Finalist', 'Fina[list]'), ('Listorique', '[List]orique'), ('Satellist', 'Satel[list]'), ('Monopolist', 'Monopo[list]'), ('Kataclist', 'Katac[list]')], default='Diolistos', max_length=32, verbose_name='BDE'),
+        ),
+    ]

apps/treasury/models.py

@@ -27,8 +27,9 @@ class Invoice(models.Model):
 
     bde = models.CharField(
         max_length=32,
-        default='RavePartlist',
+        default='Diolistos',
         choices=(
+            ('Diolistos', 'Diol[list]os'),
             ('RavePartlist', 'RavePart[list]'),
             ('SecretStorlist', 'SecretStor[list]'),
             ('TotalistSpies', 'Tota[list]Spies'),

apps/wrapped/management/commands/generate_wrapped.py

@@ -38,7 +38,7 @@ class Command(BaseCommand):
             required=False,
             help="""User will have their(s) wrapped generated,
             all = all users
-            adh = all users who have a valid memberships to BDE during the BDE considered
+            adh = all users who have a valid cd memberships to BDE during the BDE considered
             supersuser = all superusers
             custom user1,user2,... = a list of username,
             custom_id id1,id2,... = a list of user id""",
@@ -70,15 +70,7 @@ class Command(BaseCommand):
             dest='create',
         )
 
-    def handle(self, *args, **options):
-        # useful string for output
-        red = '\033[31;1m'
-        yellow = '\033[33;1m'
-        green = '\033[32;1m'
-        abort = red + 'ABORT'
-        warning = yellow + 'WARNING'
-        success = green + 'SUCCESS'
-
+    def handle(self, *args, **options): # NOQA
         # Traitement des paramètres
         verb = options['verbosity']
         bde = []
@@ -89,11 +81,11 @@ class Command(BaseCommand):
         if options['bde_id']:
             if bde:
                 if verb >= 1:
-                    print(warning)
-                    print(yellow + 'You already defined bde with their name !')
+                    self.stdout.write(self.style.WARNING(
+                        "WARNING\nYou already defined bde with their name !"))
                 if verb >= 0:
-                    print(abort)
-                return
+                    self.stdout.write(self.style.ERROR("ABORT"))
+                exit(1)
             bde_id = options['bde_id'].split(',')
             bde = [Bde.objects.get(pk=i) for i in bde_id]
 
@@ -113,11 +105,11 @@ class Command(BaseCommand):
                 user = ['custom_id', [User.objects.get(pk=u) for u in user_id]]
             else:
                 if verb >= 1:
-                    print(warning)
-                    print(yellow + 'You user option is not recognized')
+                    self.sdtout.write(self.style.WARNING(
+                        "WARNING\nYou user option is not recognized"))
                 if verb >= 0:
-                    print(abort)
-                return
+                    self.stdout.write(self.style.ERROR("ABORT"))
+                exit(1)
 
         club = []
         if options['club']:
@@ -133,11 +125,11 @@ class Command(BaseCommand):
                 club = ['custom_id', [Club.objects.get(pk=c) for c in club_id]]
             else:
                 if verb >= 1:
-                    print(warning)
-                    print(yellow + 'You club option is not recognized')
+                    self.stdout.write(self.style.WARNING(
+                        "WARNING\nYou club option is not recognized"))
                 if verb >= 0:
-                    print(abort)
-                return
+                    self.stdout.write(self.style.ERROR("ABORT"))
+                exit(1)
 
         change = options['change']
         create = options['create']
@@ -145,72 +137,75 @@ class Command(BaseCommand):
         # check if parameters are sufficient for generate wrapped with the desired option
         if not bde:
             if verb >= 1:
-                print(warning)
-                print(yellow + 'You have not selectionned a BDE !')
+                self.stdout.write(self.style.WARNING(
+                    "WARNING\nYou have not selectionned a BDE !"))
             if verb >= 0:
-                print(abort)
-            return
+                self.stdout.write(self.style.ERROR("ABORT"))
+            exit(1)
         if not (user or club):
             if verb >= 1:
-                print(warning)
-                print(yellow + 'No club or user selected !')
+                self.stdout.write(self.style.WARNING(
+                    "WARNING\nNo club or user selected !"))
             if verb >= 0:
-                print(abort)
-            return
+                self.stdout.write(self.style.ERROR("ABORT"))
+            exit(1)
 
         if verb >= 3:
-            print('\033[1mOptions:\033[m')
+            self.stdout.write("Options:")
             bde_str = ''
             for b in bde:
-                bde_str += str(b)
-            print('BDE: ' + bde_str)
+                bde_str += str(b) + '\n'
+            self.stdout.write("BDE: " + bde_str)
             if user:
-                print('User: ' + user[0])
+                self.stdout.write('User: ' + user[0])
             if club:
-                print('Club: ' + club[0])
-            print('change: ' + str(change))
-            print('create: ' + str(create))
-            print('')
+                self.stdout.write('Club: ' + club[0])
+            self.stdout.write('change: ' + str(change))
+            self.stdout.write('create: ' + str(create) + '\n')
         if not (change or create):
             if verb >= 1:
-                print(warning)
-                print(yellow + 'change and create is set to false, none wrapped will be created')
+                self.stdout.write(self.style.WARNING(
+                    "WARNING\nchange and create is set to false, none wrapped will be created"))
             if verb >= 0:
-                print(abort)
-            return
+                self.stdout.write(self.style.ERROR("ABORT"))
+            exit(1)
         if verb >= 1 and change:
-            print(warning)
-            print(yellow + 'change is set to true, some wrapped may be replaced !')
+            self.stdout.write(self.style.WARNING(
+                "WARNING\nchange is set to true, some wrapped may be replaced !"))
         if verb >= 1 and not create:
-            print(warning)
-            print(yellow + 'create is set to false, wrapped will not be created !')
+            self.stdout.write(self.style.WARNING(
+                "WARNING\ncreate is set to false, wrapped will not be created !"))
         if verb >= 3 or change or not create:
             a = str(input('\033[mContinue ? (y/n) ')).lower()
             if a in ['n', 'no', 'non', '0']:
                 if verb >= 0:
-                    print(abort)
-                return
+                    self.stdout.write(self.style.ERROR("ABORT"))
+                exit(1)
 
         note = self.convert_to_note(change, create, bde=bde, user=user, club=club, verb=verb)
         if verb >= 1:
-            print("\033[32mUser and/or Club given has successfully convert in their note\033[m")
+            self.stdout.write(self.style.SUCCESS(
+                "User and/or Club given has successfully convert in their note"))
+
         global_data = self.global_data(bde, verb=verb)
         if verb >= 1:
-            print("\033[32mGlobal data has been successfully generated\033[m")
+            self.stdout.write(self.style.SUCCESS(
+                "Global data has been successfully generated"))
 
         unique_data = self.unique_data(bde, note, global_data=global_data, verb=verb)
         if verb >= 1:
-            print("\033[32mUnique data has been successfully generated\033[m")
+            self.stdout.write(self.style.SUCCESS(
+                "Unique data has been successfully generated"))
 
         self.make_wrapped(unique_data, note, bde, change, create, verb=verb)
         if verb >= 1:
-            print(green + "The wrapped has been generated !")
+            self.stdout.write(self.style.SUCCESS(
+                "The wrapped has been generated !"))
         if verb >= 0:
-            print(success)
+            self.stdout.write(self.style.SUCCESS("SUCCESS"))
+        exit(0)
 
-        return
-
-    def convert_to_note(self, change, create, bde=None, user=None, club=None, verb=1):
+    def convert_to_note(self, change, create, bde=None, user=None, club=None, verb=1): # NOQA
         notes = []
         for b in bde:
             note_for_bde = Note.objects.filter(pk__lte=-1)
@@ -253,17 +248,17 @@ class Command(BaseCommand):
             note_for_bde = self.filter_note(b, note_for_bde, change, create, verb=verb)
             notes.append(note_for_bde)
             if verb >= 2:
-                print("\033[m{nb} note selectionned for bde {bde}".format(nb=len(note_for_bde), bde=b.name))
+                self.stdout.write(f"{len(note_for_bde)} note selectionned for bde {b.name}")
         return notes
 
-    def global_data(self, bde, verb=1):
+    def global_data(self, bde, verb=1): # NOQA
         data = {}
         for b in bde:
             if b.name == 'Rave Part[list]':
                 if verb >= 2:
-                    print("Begin to make global data")
+                    self.stdout.write("Begin to make global data")
                 if verb >= 3:
-                    print('nb_transaction')
+                    self.stdout.write("nb_transaction")
                 # nb total de transactions
                 data['nb_transaction'] = Transaction.objects.filter(
                     created_at__gte=b.date_start,
@@ -271,7 +266,7 @@ class Command(BaseCommand):
                     valid=True).count()
 
                 if verb >= 3:
-                    print('nb_vieux_con')
+                    self.stdout.write("nb_vieux_con")
                 # nb total de vielleux con·ne·s derrière le bar
                 button_id = [2884, 2585]
                 transactions = Transaction.objects.filter(
@@ -286,7 +281,7 @@ class Command(BaseCommand):
                 data['nb_vieux_con'] = q
 
                 if verb >= 3:
-                    print('nb_soiree')
+                    self.stdout.write("nb_soiree")
                 # nb total de soirée
                 a_type_id = [1, 2, 4, 5, 7, 10]
                 data['nb_soiree'] = Activity.objects.filter(
@@ -296,7 +291,7 @@ class Command(BaseCommand):
                     activity_type__pk__in=a_type_id).count()
 
                 if verb >= 3:
-                    print('pots, nb_entree_pot')
+                    self.stdout.write('pots, nb_entree_pot')
                 # nb d'entrée totale aux pots
                 pot_id = [1, 4, 10]
                 pots = Activity.objects.filter(
@@ -310,7 +305,7 @@ class Command(BaseCommand):
                     data['nb_entree_pot'] += Entry.objects.filter(activity=pot).count()
 
                 if verb >= 3:
-                    print('top3_buttons')
+                    self.stdout.write('top3_buttons')
                 # top 3 des boutons les plus cliqués
                 transactions = Transaction.objects.filter(
                     created_at__gte=b.date_start,
@@ -329,7 +324,7 @@ class Command(BaseCommand):
                 data['top3_buttons'] = list(sorted(d.items(), key=lambda item: item[1], reverse=True))[:3]
 
                 if verb >= 3:
-                    print('class_conso_all')
+                    self.stdout.write('class_conso_all')
                 # le classement des plus gros consommateurs (BDE + club)
                 transactions = Transaction.objects.filter(
                     created_at__gte=b.date_start,
@@ -348,7 +343,7 @@ class Command(BaseCommand):
                 data['class_conso_all'] = dict(sorted(d.items(), key=lambda item: item[1], reverse=True))
 
                 if verb >= 3:
-                    print('class_conso_bde')
+                    self.stdout.write('class_conso_bde')
                 # le classement des plus gros consommateurs BDE
                 transactions = Transaction.objects.filter(
                     created_at__gte=b.date_start,
@@ -368,11 +363,10 @@ class Command(BaseCommand):
 
             else:
                 # make your wrapped or reuse previous wrapped
-                raise NotImplementedError("The BDE: {bde_name} has not personalized wrapped, make it !"
-                                          .format(bde_name=b.name))
+                raise NotImplementedError(f"The BDE: {b.name} has not personalized wrapped, make it !")
         return data
 
-    def unique_data(self, bde, note, global_data=None, verb=1):
+    def unique_data(self, bde, note, global_data=None, verb=1): # NOQA
         data = []
         for i in range(len(bde)):
             data_bde = []
@@ -380,8 +374,7 @@ class Command(BaseCommand):
                 if verb >= 3:
                     total = len(note[i])
                     current = 0
-                    print('Make {nb} data for wrapped sponsored by {bde}'
-                          .format(nb=total, bde=bde[i].name))
+                    self.stdout.write(f"Make {total} data for wrapped sponsored by {bde[i].name}")
                 for n in note[i]:
                     d = {}
                     if 'user' in n.__dir__():
@@ -542,12 +535,11 @@ class Command(BaseCommand):
                     data_bde.append(json.dumps(d))
                     if verb >= 3:
                         current += 1
-                        print('\033[2K' + '({c}/{t})'.format(c=current, t=total) + '\033[1A')
+                        self.stdout.write("\033[2K" + f"({current}/{total})" + "\033[1A")
 
             else:
                 # make your wrapped or reuse previous wrapped
-                raise NotImplementedError("The BDE: {bde_name} has not personalized wrapped, make it !"
-                                          .format(bde_name=bde[i].name))
+                raise NotImplementedError(f"The BDE: {bde[i].name} has not personalized wrapped, make it !")
             data.append(data_bde)
         return data
 
@@ -557,7 +549,7 @@ class Command(BaseCommand):
             total = 0
             for n in note:
                 total += len(n)
-            print('\033[mMake {nb} wrapped'.format(nb=total))
+            self.stdout.write(f"Make {total} wrapped")
         for i in range(len(bde)):
             for j in range(len(note[i])):
                 if create and not Wrapped.objects.filter(bde=bde[i], note=note[i][j]):
@@ -572,7 +564,7 @@ class Command(BaseCommand):
                     w.save()
                 if verb >= 3:
                     current += 1
-                    print('\033[2K' + '({c}/{t})'.format(c=current, t=total) + '\033[1A')
+                    self.stdout.write("\033[2K" + f"({current}/{total})" + "\033[1A")
         return
 
     def filter_note(self, bde, note, change, create, verb=1):

apps/wrapped/tests/test_wrapped.py

@@ -0,0 +1,91 @@
+# Copyright (C) 2018-2025 by BDE ENS Paris-Saclay
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+from datetime import timedelta
+
+from api.tests import TestAPI
+from django.contrib.auth.models import User
+from django.test import TestCase
+from django.urls import reverse
+from django.utils import timezone
+
+from ..api.views import WrappedViewSet, BdeViewSet
+from ..models import Bde, Wrapped
+
+
+class TestWrapped(TestCase):
+    """
+    Test activities
+    """
+    fixtures = ('initial',)
+
+    def setUp(self):
+        self.user = User.objects.create_superuser(
+            username="admintoto",
+            password="tototototo",
+            email="toto@example.com"
+        )
+        self.client.force_login(self.user)
+
+        sess = self.client.session
+        sess["permission_mask"] = 42
+        sess.save()
+
+        self.bde = Bde.objects.create(
+            name="The best BDE",
+            date_start=timezone.now() - timedelta(days=365),
+            date_end=timezone.now(),
+        )
+
+        self.wrapped = Wrapped.objects.create(
+            generated=True,
+            public=False,
+            bde=self.bde,
+            note=self.user.note,
+            data_json="{}",
+        )
+
+    def test_wrapped_list(self):
+        """
+        Display the list of all wrapped
+        """
+        response = self.client.get(reverse("wrapped:wrapped_list"))
+        self.assertEqual(response.status_code, 200)
+
+    def test_wrapped_detail(self):
+        """
+        Display the detail of an wrapped
+        """
+        response = self.client.get(reverse("wrapped:wrapped_detail", args=(self.wrapped.pk,)))
+        self.assertEqual(response.status_code, 200)
+
+
+class TestWrappedAPI(TestAPI):
+    def setUp(self) -> None:
+        super().setUp()
+
+        self.bde = Bde.objects.create(
+            name="The best BDE",
+            date_start=timezone.now() - timedelta(days=365),
+            date_end=timezone.now(),
+        )
+
+        self.wrapped = Wrapped.objects.create(
+            generated=True,
+            public=False,
+            bde=self.bde,
+            note=self.user.note,
+            data_json="{}",
+        )
+
+    def test_bde_api(self):
+        """
+        Load Bde API page and test all filters and permissions
+        """
+        self.check_viewset(BdeViewSet, "/api/wrapped/bde/")
+
+    def test_wrapped_api(self):
+        """
+        Load Wrapped API page and test all filters and permissions
+        """
+        self.check_viewset(WrappedViewSet, "/api/wrapped/wrapped/")

docs/apps/activity.rst

@@ -55,6 +55,7 @@ Les adhérent⋅es ont la possibilité d'inviter des ami⋅es. Pour cela, les di
 * Activité concernée (clé étrangère)
 * Nom de famille
 * Prénom
+* École
 * Note de la personne ayant invité
 
 Certaines contraintes s'appliquent :

docs/external_services/oauth2.rst

@@ -43,6 +43,11 @@ On a ensuite besoin de définir nos propres scopes afin d'avoir des permissions
        'SCOPES_BACKEND_CLASS': 'permission.scopes.PermissionScopes',
        'OAUTH2_VALIDATOR_CLASS': "permission.scopes.PermissionOAuth2Validator",
        'REFRESH_TOKEN_EXPIRE_SECONDS': timedelta(days=14),
+       'PKCE_REQUIRED': False,
+       'OIDC_ENABLED': True,
+       'OIDC_RSA_PRIVATE_KEY':
+           os.getenv('OIDC_RSA_PRIVATE_KEY', '/var/secrets/oidc.key'),
+       'SCOPES': { 'openid': "OpenID Connect scope" },
    }
 
 Cela a pour effet d'avoir des scopes sous la forme ``PERMISSION_CLUB``,
@@ -57,6 +62,14 @@ On ajoute enfin les routes dans ``urls.py`` :
         path('o/', include('oauth2_provider.urls', namespace='oauth2_provider'))
     )
 
+Enfin pour utiliser OIDC, il faut générer une clé privé que l'on va, par défaut,
+mettre dans `/var/secrets/oidc.key` :
+
+.. code:: bash
+
+   cd /var/secrets/
+   openssl genrsa -out oidc.key 4096
+
 L'OAuth2 est désormais prêt à être utilisé.
 
 

docs/install.rst

@@ -227,6 +227,22 @@ En production, ce fichier contient :
    )
 
 
+Génération d'une clé privé pour OIDC
+------------------------------------
+
+Pour pouvoir proposer le service de connexion Openid Connect (OIDC) par OAuth2, il y a
+besoin d'une clé privé. Par défaut, elle est cherché dans le fichier `/var/secrets/oidc.key`
+(sinon, il faut modifier l'emplacement dans les fichiers de configurations).
+
+Pour générer la clé, il faut aller dans le dossier `/var/secrets` (à créer, si nécessaire) puis
+utiliser la commande de génération :
+
+.. code:: bash
+
+   cd /var/secrets
+   openssl genrsa -out oidc.key 4096
+
+
 Configuration des tâches récurrentes
 ------------------------------------
 

locale/fr/LC_MESSAGES/django.po

@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2025-03-13 21:08+0100\n"
+"POT-Creation-Date: 2025-03-25 11:16+0100\n"
 "PO-Revision-Date: 2022-04-11 22:05+0200\n"
 "Last-Translator: bleizi <bleizi@crans.org>\n"
 "Language-Team: French <http://translate.ynerant.fr/projects/nk20/nk20/fr/>\n"
@@ -25,7 +25,7 @@ msgid "This opener already exists"
 msgstr "Cette amitié existe déjà"
 
 #: apps/activity/apps.py:10 apps/activity/models.py:129
-#: apps/activity/models.py:169 apps/activity/models.py:323
+#: apps/activity/models.py:169 apps/activity/models.py:328
 msgid "activity"
 msgstr "activité"
 
@@ -37,24 +37,24 @@ msgstr "La note du club est inactive."
 msgid "The end date must be after the start date."
 msgstr "La date de fin doit être après celle de début."
 
-#: apps/activity/forms.py:83 apps/activity/models.py:271
+#: apps/activity/forms.py:83 apps/activity/models.py:276
 msgid "You can't invite someone once the activity is started."
 msgstr ""
 "Vous ne pouvez pas inviter quelqu'un une fois que l'activité a démarré."
 
-#: apps/activity/forms.py:86 apps/activity/models.py:274
+#: apps/activity/forms.py:86 apps/activity/models.py:279
 msgid "This activity is not validated yet."
 msgstr "Cette activité n'est pas encore validée."
 
-#: apps/activity/forms.py:96 apps/activity/models.py:282
+#: apps/activity/forms.py:96 apps/activity/models.py:287
 msgid "This person has been already invited 5 times this year."
 msgstr "Cette personne a déjà été invitée 5 fois cette année."
 
-#: apps/activity/forms.py:100 apps/activity/models.py:286
+#: apps/activity/forms.py:100 apps/activity/models.py:291
 msgid "This person is already invited."
 msgstr "Cette personne est déjà invitée."
 
-#: apps/activity/forms.py:104 apps/activity/models.py:290
+#: apps/activity/forms.py:104 apps/activity/models.py:295
 msgid "You can't invite more than 3 people to this activity."
 msgstr "Vous ne pouvez pas inviter plus de 3 personnes à cette activité."
 
@@ -228,32 +228,36 @@ msgstr "nom de famille"
 msgid "first name"
 msgstr "prénom"
 
-#: apps/activity/models.py:254
+#: apps/activity/models.py:252
+msgid "school"
+msgstr "école"
+
+#: apps/activity/models.py:259
 msgid "inviter"
 msgstr "hôte"
 
-#: apps/activity/models.py:258
+#: apps/activity/models.py:263
 msgid "guest"
 msgstr "invité·e"
 
-#: apps/activity/models.py:259
+#: apps/activity/models.py:264
 msgid "guests"
 msgstr "invité·e·s"
 
-#: apps/activity/models.py:312
+#: apps/activity/models.py:317
 msgid "Invitation"
 msgstr "Invitation"
 
-#: apps/activity/models.py:330 apps/activity/models.py:334
+#: apps/activity/models.py:335 apps/activity/models.py:339
 msgid "Opener"
 msgstr "Ouvreur⋅se"
 
-#: apps/activity/models.py:335
+#: apps/activity/models.py:340
 #: apps/activity/templates/activity/activity_detail.html:16
 msgid "Openers"
 msgstr "Ouvreur⋅ses"
 
-#: apps/activity/models.py:339
+#: apps/activity/models.py:344
 #, fuzzy, python-brace-format
 #| msgid "Entry for {note} to the activity {activity}"
 msgid "{opener} is opener of activity {acivity}"
@@ -463,25 +467,25 @@ msgstr "Détails de l'activité"
 msgid "Update activity"
 msgstr "Modifier l'activité"
 
-#: apps/activity/views.py:177
+#: apps/activity/views.py:178
 msgid "Invite guest to the activity \"{}\""
 msgstr "Invitation pour l'activité « {} »"
 
-#: apps/activity/views.py:217
+#: apps/activity/views.py:218
 msgid "You are not allowed to display the entry interface for this activity."
 msgstr ""
 "Vous n'êtes pas autorisé·e à afficher l'interface des entrées pour cette "
 "activité."
 
-#: apps/activity/views.py:220
+#: apps/activity/views.py:221
 msgid "This activity does not support activity entries."
 msgstr "Cette activité ne requiert pas d'entrées."
 
-#: apps/activity/views.py:223
+#: apps/activity/views.py:224
 msgid "This activity is closed."
 msgstr "Cette activité est fermée."
 
-#: apps/activity/views.py:328
+#: apps/activity/views.py:329
 msgid "Entry for activity \"{}\""
 msgstr "Entrées pour l'activité « {} »"
 
@@ -1989,10 +1993,6 @@ msgstr "Historique des transactions récentes"
 #: apps/note/templates/note/mails/weekly_report.txt:32
 #: apps/registration/templates/registration/mails/email_validation_email.html:40
 #: apps/registration/templates/registration/mails/email_validation_email.txt:16
-#: apps/scripts/templates/scripts/horaires.html:35
-#: apps/scripts/templates/scripts/horaires.txt:17
-#: apps/scripts/templates/scripts/intro_mail.html:49
-#: apps/scripts/templates/scripts/intro_mail.txt:25
 msgid "Mail generated by the Note Kfet on the"
 msgstr "Mail généré par la Note Kfet le"
 

note.cron

@@ -27,5 +27,5 @@ MAILTO=notekfet2020@lists.crans.org
 # Vider les tokens Oauth2
  00  6     *   *   *     root   cd /var/www/note_kfet && env/bin/python manage.py cleartokens -v 0
 # Envoyer la liste des abonnés à la NL BDA
- 00  10     *   *   0     root   cd /var/www/note_kfet && env/bin/python manage.py extract_ml_registrations -t art
+ 00  10     *   *   0     root   cd /var/www/note_kfet && env/bin/python manage.py extract_ml_registrations -t art -e "bda.ensparissaclay@gmail.com"
  

note_kfet/settings/base.py

@@ -268,6 +268,10 @@ OAUTH2_PROVIDER = {
     'OAUTH2_VALIDATOR_CLASS': "permission.scopes.PermissionOAuth2Validator",
     'REFRESH_TOKEN_EXPIRE_SECONDS': timedelta(days=14),
     'PKCE_REQUIRED': False, # PKCE (fix a breaking change of django-oauth-toolkit 2.0.0)
+    'OIDC_ENABLED': True,
+    'OIDC_RSA_PRIVATE_KEY':
+        os.getenv('OIDC_RSA_PRIVATE_KEY', '/var/secrets/oidc.key'),
+    'SCOPES': { 'openid': "OpenID Connect scope" },
 }
 
 # Take control on how widget templates are sourced

note_kfet/static/css/custom.css

@@ -61,20 +61,16 @@ mark {
 /* Make navbar more readable */
 .navbar-dark .navbar-nav .nav-link {
     color: rgba(255, 255, 255, .75);
-    text-shadow: 2px 2px 15px #ffeb40;
+    /* text-shadow: 2px 2px 15px #ffeb40; */
 }
 
-.navbar-brand {
-    text-shadow: 2px 2px 15px #ffeb40;
-}
+/* .navbar-brand { */
+/*     text-shadow: 2px 2px 15px #ffeb40; */
+/* }
 
 /* Last BDE colors */
 .bg-primary {
-/*    background-color: rgb(18, 67, 4) !important; */
-/* MODE VIEUXCON=ON */
-/*    background-color: rgb(166, 0, 2) !important; */
-    background-color: rgb(0, 0, 0);
-    background-image: url('/static/img/rp_bg.png');
+    background-color: rgb(102, 83, 105) !important;
 }
 
 html {
@@ -89,94 +85,52 @@ body {
 .btn-outline-primary:hover,
 .btn-outline-primary:not(:disabled):not(.disabled).active,
 .btn-outline-primary:not(:disabled):not(.disabled):active {
-    color:  rgb(0, 0, 0);
-    background-color: rgb(255, 0, 101);
-    border-color: rgb(255, 203, 32);
+    color: #fff;
+    background-color: rgb(102, 83, 105);
+    border-color: rgb(102, 83, 105);
 }
 
 .btn-outline-primary {
-    color: #000;
-    background-color: #ffcb20;
-    border-color: #000;
+    color: rgb(102, 83, 105);
+    background-color: rgba(248, 249, 250, 0.9);
+    border-color: rgb(102, 83, 105);
 }
 
 .turbolinks-progress-bar {
-    background-color: #ffffff;
+    background-color: #12432E;
 }
 
 .btn-primary:hover,
 .btn-primary:not(:disabled):not(.disabled).active,
 .btn-primary:not(:disabled):not(.disabled):active {
-    color:  rgb(0, 0, 0);
-    background-color: rgb(255, 0, 101);
-    border-color: rgb(255, 203, 32);
+    color: #fff;
+    background-color: rgb(102, 83, 105);
+    border-color: rgb(102, 83, 105);
 }
 
 .btn-primary {
-    color:  #ffcb20; 
-    background-color: #000000;
-    border-color: #ffcd20;
+    color: rgba(248, 249, 250, 0.9); 
+    background-color: rgb(102, 83, 105);
+    border-color: rgb(102, 83, 105);
 }
 
 .border-primary {
-    border-color: rgb(255, 255, 255) !important; 
-}
-
-.btn-secondary {
-    color:  #ff0065;
-    background-color: #000000;
-    border-color: #ff0065;
-}
-
-.btn-secondary:hover,
-.btn-secondary:not(:disabled):not(.disabled).active,
-.btn-secondary:not(:disabled):not(.disabled):active {
-    color:  rgb(0, 0, 0);
-    background-color: rgb(255, 203, 32);
-    border-color: rgb(255, 0, 101);
-}
-
-.btn-outline-dark-shiny {
-    background-color: #222;
-    border-color: #61605b;
-    color: rgba(255, 0, 101, 75%);
-}
-
-.btn-outline-dark-shiny:hover,
-.btn-outline-dark-shiny:not(:disabled):not(.disabled).active,
-.btn-outline-dark-shiny:not(:disabled):not(.disabled):active {
-    color:  rgb(0, 0, 0);
-    background-color: rgb(255, 203, 32);
-    border-color: rgb(255, 0, 101);
-}
-
-.btn-outline-dark {
-    background-color: #222;
-    border-color: #61605b;
-    color: rgba(255, 203, 32, 75%);
-}
-
-.btn-outline-dark:hover,
-.btn-outline-dark:not(:disabled):not(.disabled).active,
-.btn-outline-dark:not(:disabled):not(.disabled):active {
-    color:  rgb(0, 0, 0);
-    background-color: rgb(255, 0, 101);
-    border-color: rgb(255, 203, 32);
+    border-color: rgb(115, 15, 115) !important; 
 }
 
 a {
-    color: rgb(255, 0, 101);
+    color: rgb(102, 83, 105);
 }
 
 a:hover {
-    color: rgb(255, 203, 32);
+    color: rgb(200, 30, 200);
 }
 
 .form-control:focus {
-    box-shadow: 0 0 0 0.25rem rgb(255 0 101 / 50%);
-    border-color: rgb(255, 0, 101);
+    box-shadow: 0 0 0 0.25rem rgba(200, 30, 200, 0.25);
+    border-color: rgb(200, 30, 200);
 }
 
 .btn-outline-primary.focus {
-  box-shadow: 0 0 0 0.25rem rgb(255 203 32 / 22%);
-}
+  box-shadow: 0 0 0 0.25rem rgba(200, 30, 200, 0.5);
+

note_kfet/static/js/base.js

@@ -96,11 +96,13 @@ function displayStyle (note) {
   if (!note) { return '' }
   const balance = note.balance
   var css = ''
+  var ms_per_year = 31536000000 // 365 * 24 * 3600 * 1000
   if (balance < -2000) { css += ' text-danger bg-dark' } 
   else if (balance < -1000) { css += ' text-danger' } 
   else if (balance < 0) { css += ' text-warning' }
   if (!note.email_confirmed) { css += ' bg-primary' }
   else if (!note.is_active || (note.membership && note.membership.date_end < new Date().toISOString())) { css += ' bg-info' }
+  if (((Date.now() - Date.parse(note.created_at))/ms_per_year) > 2.5) { css += ' font-weight-bold underline' }
   return css
 }
 

note_kfet/templates/base.html

@@ -165,6 +165,11 @@ SPDX-License-Identifier: GPL-3.0-or-later
     </nav>
     <div class="{% block containertype %}container{% endblock %} my-3">
         <div id="messages">
+	    {% if user.is_authenticated %}
+	    	<div class="alert alert-info">
+		    Bravo pour votre diplomation les survis !
+		</div>
+	    {% endif %}
             {% if user.is_authenticated %}
                 {% if not user|is_member:"BDE" %}
                     <div class="alert alert-danger">

shell-static.nix

@@ -1,34 +0,0 @@
-# This is a workaround meant for use with the nix package manager. If you don't know what it is or don't use it, please ignore this file.
-# 
-# The nk20 javascript static location are hardcoded for imperative system.
-# This make ./manage.py collectstatic hard to use with nixos.
-# 
-# A workaround is to enter a FHSUserEnv with the static placed under /share/javascript/<static>.
-# This emulate a debian like system and enable collecting static normally with ./manage.py collectstatics.
-# The regular shell.nix should be enough for other configurations.
-#
-# Warning, you are still supposed to use pip package with a venv !
-{ pkgs ? import <nixpkgs> {} }:
-(pkgs.buildFHSUserEnv {
-  name = "pipzone";
-  targetPkgs = pkgs: (with pkgs;
-  let
-    fhs-static = stdenv.mkDerivation {
-      name = "fhs-static";
-      buildCommand = ''
-      mkdir -p $out/share/javascript/bootstrap4
-      mkdir -p $out/share/javascript/jquery
-      ln -s ${python39Packages.xstatic-bootstrap}/lib/python3.9/site-packages/xstatic/pkg/bootstrap/data/* $out/share/javascript/bootstrap4
-      ln -s ${python39Packages.xstatic-jquery}/lib/python3.9/site-packages/xstatic/pkg/jquery/data/* $out/share/javascript/jquery
-    '';
-    };
-  in [
-    fhs-static
-    python39
-    gettext
-    python39Packages.pip
-    python39Packages.virtualenv
-    python39Packages.setuptools
-  ]);
-  runScript = "bash";
-}).env

shell.nix

@@ -1,23 +0,0 @@
-# This is meant for use with the nix package manager. If you don't know what it is or don't use it, please ignore this file.
-#
-# This shell.nix contains all dependencies require to create a venv and pip install -r requirements.txt.
-#
-# Please check shell-static.nix for running ./manage.py collectstatics.
-{ pkgs ? import <nixpkgs> {} }:
-pkgs.mkShell {
-  buildInputs = with pkgs; [
-    python39
-    python39Packages.pip
-    python39Packages.setuptools
-    gettext
-
-  ];
-  shellHook = ''
-    # Tells pip to put packages into $PIP_PREFIX instead of the usual locations.
-    # See https://pip.pypa.io/en/stable/user_guide/#environment-variables.
-    export PIP_PREFIX=$(pwd)/_build/pip_packages
-    export PYTHONPATH="$PIP_PREFIX/${pkgs.python39.sitePackages}:$PYTHONPATH"
-    export PATH="$PIP_PREFIX/bin:$PATH"
-    unset SOURCE_DATE_EPOCH
-  '';
-}