Added a first pass for automatically entering an activity with a qrcode

Harden Django project configuration

See merge request bde/nk20!194

.gitignore

@@ -47,6 +47,7 @@ backups/
 env/
 venv/
 db.sqlite3
+shell.nix
 
 # ansibles customs host
 ansible/host_vars/*.yaml

README.md

@@ -1,8 +1,8 @@
 # NoteKfet 2020
 
 [![License: GPL v3](https://img.shields.io/badge/License-GPL%20v3-blue.svg)](https://www.gnu.org/licenses/gpl-3.0.txt)
-[![pipeline status](https://gitlab.crans.org/bde/nk20/badges/master/pipeline.svg)](https://gitlab.crans.org/bde/nk20/commits/master)
-[![coverage report](https://gitlab.crans.org/bde/nk20/badges/master/coverage.svg)](https://gitlab.crans.org/bde/nk20/commits/master)
+[![pipeline status](https://gitlab.crans.org/bde/nk20/badges/main/pipeline.svg)](https://gitlab.crans.org/bde/nk20/commits/main)
+[![coverage report](https://gitlab.crans.org/bde/nk20/badges/main/coverage.svg)](https://gitlab.crans.org/bde/nk20/commits/main)
 
 ## Table des matières
 

ansible/base.yml

@@ -7,7 +7,7 @@
       prompt: "Password of the database (leave it blank to skip database init)"
       private: yes
   vars:
-    mirror: mirror.crans.org
+    mirror: eclats.crans.org
   roles:
     - 1-apt-basic
     - 2-nk20

ansible/host_vars/bde-nk20-beta.adh.crans.org.yml

@@ -1,6 +0,0 @@
----
-note:
-  server_name: note-beta.crans.org
-  git_branch: beta
-  cron_enabled: false
-  email: notekfet2020@lists.crans.org

ansible/host_vars/bde-note-dev.adh.crans.org.yml

@@ -2,5 +2,6 @@
 note:
   server_name: note-dev.crans.org
   git_branch: beta
+  serve_static: false
   cron_enabled: false
   email: notekfet2020@lists.crans.org

ansible/host_vars/bde-note.adh.crans.org.yml

@@ -1,6 +1,7 @@
 ---
 note:
   server_name: note.crans.org
-  git_branch: master
+  git_branch: main
+  serve_static: true
   cron_enabled: true
   email: notekfet2020@lists.crans.org

ansible/hosts_example

@@ -1,6 +1,5 @@
 [dev]
 bde-note-dev.adh.crans.org
-bde-nk20-beta.adh.crans.org
 
 [prod]
 bde-note.adh.crans.org

ansible/roles/1-apt-basic/tasks/main.yml

@@ -1,14 +1,15 @@
 ---
-- name: Add buster-backports to apt sources
+- name: Add buster-backports to apt sources if needed
   apt_repository:
     repo: deb http://{{ mirror }}/debian buster-backports main
     state: present
-  when: ansible_facts['distribution'] == "Debian"
+  when:
+    - ansible_distribution == "Debian"
+    - ansible_distribution_major_version | int == 10
 
 - name: Install note_kfet APT dependencies
   apt:
     update_cache: true
-    default_release: "{{ 'buster-backports' if ansible_facts['distribution'] == 'Debian' }}"
     install_recommends: false
     name:
       # Common tools

ansible/roles/5-nginx/templates/nginx_note.conf

@@ -41,6 +41,7 @@ server {
     # max upload size
     client_max_body_size 75M;   # adjust to taste
 
+{% if note.serve_static %}
     # Django media
     location /media  {
         alias /var/www/note_kfet/media;  # your Django project's media files - amend as required
@@ -50,6 +51,7 @@ server {
         alias /var/www/note_kfet/static; # your Django project's static files - amend as required
     }
 
+{% endif %}
     location /doc {
         alias /var/www/documentation;    # The documentation of the project
     }

apps/activity/forms.py

@@ -28,6 +28,12 @@ class ActivityForm(forms.ModelForm):
         shuffle(clubs)
         self.fields["organizer"].widget.attrs["placeholder"] = ", ".join(club.name for club in clubs[:4]) + ", ..."
 
+    def clean_organizer(self):
+        organizer = self.cleaned_data['organizer']
+        if not organizer.note.is_active:
+            self.add_error('organiser', _('The note of this club is inactive.'))
+        return organizer
+
     def clean_date_end(self):
         date_end = self.cleaned_data["date_end"]
         date_start = self.cleaned_data["date_start"]

apps/activity/tables.py

@@ -1,7 +1,9 @@
 # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay
 # SPDX-License-Identifier: GPL-3.0-or-later
+
 from django.utils import timezone
-from django.utils.html import format_html
+from django.utils.html import escape
+from django.utils.safestring import mark_safe
 from django.utils.translation import gettext_lazy as _
 import django_tables2 as tables
 from django_tables2 import A
@@ -52,8 +54,8 @@ class GuestTable(tables.Table):
     def render_entry(self, record):
         if record.has_entry:
             return str(_("Entered on ") + str(_("{:%Y-%m-%d %H:%M:%S}").format(record.entry.time, )))
-        return format_html('<button id="{id}" class="btn btn-danger btn-sm" onclick="remove_guest(this.id)"> '
-                           '{delete_trans}</button>'.format(id=record.id, delete_trans=_("remove").capitalize()))
+        return mark_safe('<button id="{id}" class="btn btn-danger btn-sm" onclick="remove_guest(this.id)"> '
+                         '{delete_trans}</button>'.format(id=record.id, delete_trans=_("remove").capitalize()))
 
 
 def get_row_class(record):
@@ -91,7 +93,7 @@ class EntryTable(tables.Table):
         if hasattr(record, 'username'):
             username = record.username
             if username != value:
-                return format_html(value + " <em>aka.</em> " + username)
+                return mark_safe(escape(value) + " <em>aka.</em> " + escape(username))
         return value
 
     def render_balance(self, value):

apps/activity/templates/activity/activity_entry.html

@@ -38,6 +38,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
 </a>
 
 <input id="alias" type="text" class="form-control" placeholder="Nom/note ...">
+<button id="trigger" class="btn btn-secondary">Click me !</button>
 
 <hr>
 
@@ -63,10 +64,46 @@ SPDX-License-Identifier: GPL-3.0-or-later
         refreshBalance();
     }
 
-    alias_obj.keyup(reloadTable);
+    function process_qrcode() {
+        let name = alias_obj.val();
+        $.get("/api/note/note?search=" + name + "&format=json").done(
+            function (res) {
+                let note = res.results[0];
+                $.post("/api/activity/entry/?format=json", {
+                    csrfmiddlewaretoken: CSRF_TOKEN,
+                    activity: {{ activity.id }},
+                    note: note.id,
+                    guest: null
+                }).done(function () {
+                    addMsg(interpolate(gettext(
+                        "Entry made for %s whose balance is %s €"),
+                        [note.name, note.balance / 100]), "success", 4000);
+                    reloadTable(true);
+                }).fail(function (xhr) {
+                    errMsg(xhr.responseJSON, 4000);
+                });
+            }).fail(function (xhr) {
+                errMsg(xhr.responseJSON, 4000);
+            });
+    }
+
+    alias_obj.keyup(function(event) {
+        let code = event.originalEvent.keyCode
+        if (65 <= code <= 122 || code === 13) {
+            debounce(reloadTable)()
+        }
+        if (code === 0)
+            process_qrcode();
+    });
 
     $(document).ready(init);
 
+    alias_obj2 = document.getElementById("alias");
+    $("#trigger").click(function (e) {
+        addMsg("Clicked", "success", 1000);
+        alias_obj.val(alias_obj.val() + "\0");
+        alias_obj2.dispatchEvent(new KeyboardEvent('keyup'));
+    })
     function init() {
         $(".table-row").click(function (e) {
             let target = e.target.parentElement;
@@ -163,4 +200,4 @@ SPDX-License-Identifier: GPL-3.0-or-later
         });
     }
 </script>
-{% endblock %}
+{% endblock %}

apps/activity/views.py

@@ -66,8 +66,8 @@ class ActivityListView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTableView
     ordering = ('-date_start',)
     extra_context = {"title": _("Activities")}
 
-    def get_queryset(self):
-        return super().get_queryset().distinct()
+    def get_queryset(self, **kwargs):
+        return super().get_queryset(**kwargs).distinct()
 
     def get_context_data(self, **kwargs):
         context = super().get_context_data(**kwargs)
@@ -78,9 +78,7 @@ class ActivityListView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTableView
             prefix='upcoming-',
         )
 
-        started_activities = Activity.objects\
-            .filter(PermissionBackend.filter_queryset(self.request, Activity, "view"))\
-            .filter(open=True, valid=True).all()
+        started_activities = self.get_queryset().filter(open=True, valid=True).distinct().all()
         context["started_activities"] = started_activities
 
         return context
@@ -145,7 +143,7 @@ class ActivityInviteView(ProtectQuerysetMixin, ProtectedCreateView):
     def get_form(self, form_class=None):
         form = super().get_form(form_class)
         form.activity = Activity.objects.filter(PermissionBackend.filter_queryset(self.request, Activity, "view"))\
-            .get(pk=self.kwargs["pk"])
+            .filter(pk=self.kwargs["pk"]).first()
         form.fields["inviter"].initial = self.request.user.note
         return form
 
@@ -170,6 +168,9 @@ class ActivityEntryView(LoginRequiredMixin, TemplateView):
         Don't display the entry interface if the user has no right to see it (no right to add an entry for itself),
         it is closed or doesn't manage entries.
         """
+        if not self.request.user.is_authenticated:
+            return self.handle_no_permission()
+
         activity = Activity.objects.get(pk=self.kwargs["pk"])
 
         sample_entry = Entry(activity=activity, note=self.request.user.note)
@@ -192,7 +193,7 @@ class ActivityEntryView(LoginRequiredMixin, TemplateView):
             .annotate(balance=F("inviter__balance"), note_name=F("inviter__user__username"))\
             .filter(activity=activity)\
             .filter(PermissionBackend.filter_queryset(self.request, Guest, "view"))\
-            .order_by('last_name', 'first_name').distinct()
+            .order_by('last_name', 'first_name')
 
         if "search" in self.request.GET and self.request.GET["search"]:
             pattern = self.request.GET["search"]
@@ -206,7 +207,7 @@ class ActivityEntryView(LoginRequiredMixin, TemplateView):
             )
         else:
             guest_qs = guest_qs.none()
-        return guest_qs
+        return guest_qs.distinct()
 
     def get_invited_note(self, activity):
         """

apps/api/serializers.py

@@ -7,8 +7,11 @@ from django.contrib.auth.models import User
 from django.utils import timezone
 from rest_framework import serializers
 from member.api.serializers import ProfileSerializer, MembershipSerializer
+from member.models import Membership
 from note.api.serializers import NoteSerializer
 from note.models import Alias
+from note_kfet.middlewares import get_current_request
+from permission.backends import PermissionBackend
 
 
 class UserSerializer(serializers.ModelSerializer):
@@ -45,18 +48,30 @@ class OAuthSerializer(serializers.ModelSerializer):
     """
     normalized_name = serializers.SerializerMethodField()
 
-    profile = ProfileSerializer()
+    profile = serializers.SerializerMethodField()
 
-    note = NoteSerializer()
+    note = serializers.SerializerMethodField()
 
     memberships = serializers.SerializerMethodField()
 
     def get_normalized_name(self, obj):
         return Alias.normalize(obj.username)
 
+    def get_profile(self, obj):
+        # Display the profile of the user only if we have rights to see it.
+        return ProfileSerializer().to_representation(obj.profile) \
+            if PermissionBackend.check_perm(get_current_request(), 'member.view_profile', obj.profile) else None
+
+    def get_note(self, obj):
+        # Display the note of the user only if we have rights to see it.
+        return NoteSerializer().to_representation(obj.note) \
+            if PermissionBackend.check_perm(get_current_request(), 'note.view_note', obj.note) else None
+
     def get_memberships(self, obj):
+        # Display only memberships that we are allowed to see.
         return serializers.ListSerializer(child=MembershipSerializer()).to_representation(
-            obj.memberships.filter(date_start__lte=timezone.now(), date_end__gte=timezone.now()))
+            obj.memberships.filter(date_start__lte=timezone.now(), date_end__gte=timezone.now())
+                           .filter(PermissionBackend.filter_queryset(get_current_request(), Membership, 'view')))
 
     class Meta:
         model = User

apps/member/migrations/0003_create_bde_and_kfet.py

@@ -19,8 +19,8 @@ def create_bde_and_kfet(apps, schema_editor):
         membership_fee_paid=500,
         membership_fee_unpaid=500,
         membership_duration=396,
-        membership_start="2020-08-01",
-        membership_end="2021-09-30",
+        membership_start="2021-08-01",
+        membership_end="2022-09-30",
     )
     Club.objects.get_or_create(
         id=2,
@@ -31,8 +31,8 @@ def create_bde_and_kfet(apps, schema_editor):
         membership_fee_paid=3500,
         membership_fee_unpaid=3500,
         membership_duration=396,
-        membership_start="2020-08-01",
-        membership_end="2021-09-30",
+        membership_start="2021-08-01",
+        membership_end="2022-09-30",
     )
 
     NoteClub.objects.get_or_create(

apps/member/migrations/0008_auto_20211005_1544.py

@@ -0,0 +1,18 @@
+# Generated by Django 2.2.24 on 2021-10-05 13:44
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('member', '0007_auto_20210313_1235'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='profile',
+            name='department',
+            field=models.CharField(choices=[('A0', 'Informatics (A0)'), ('A1', 'Mathematics (A1)'), ('A2', 'Physics (A2)'), ("A'2", "Applied physics (A'2)"), ("A''2", "Chemistry (A''2)"), ('A3', 'Biology (A3)'), ('B1234', 'SAPHIRE (B1234)'), ('B1', 'Mechanics (B1)'), ('B2', 'Civil engineering (B2)'), ('B3', 'Mechanical engineering (B3)'), ('B4', 'EEA (B4)'), ('C', 'Design (C)'), ('D2', 'Economy-management (D2)'), ('D3', 'Social sciences (D3)'), ('E', 'English (E)'), ('EXT', 'External (EXT)')], max_length=8, verbose_name='department'),
+        ),
+    ]

apps/member/models.py

@@ -258,16 +258,18 @@ class Club(models.Model):
         This function is called each time the club detail view is displayed.
         Update the year of the membership dates.
         """
-        if not self.membership_start:
+        if not self.membership_start or not self.membership_end:
             return
 
         today = datetime.date.today()
 
         if (today - self.membership_start).days >= 365:
-            self.membership_start = datetime.date(self.membership_start.year + 1,
-                                                  self.membership_start.month, self.membership_start.day)
-            self.membership_end = datetime.date(self.membership_end.year + 1,
-                                                self.membership_end.month, self.membership_end.day)
+            if self.membership_start:
+                self.membership_start = datetime.date(self.membership_start.year + 1,
+                                                      self.membership_start.month, self.membership_start.day)
+            if self.membership_end:
+                self.membership_end = datetime.date(self.membership_end.year + 1,
+                                                    self.membership_end.month, self.membership_end.day)
             self._force_save = True
             self.save(force_update=True)
 
@@ -413,6 +415,12 @@ class Membership(models.Model):
         """
         Calculate fee and end date before saving the membership and creating the transaction if needed.
         """
+        # Ensure that club membership dates are valid
+        old_membership_start = self.club.membership_start
+        self.club.update_membership_dates()
+        if self.club.membership_start != old_membership_start:
+            self.club.save()
+
         created = not self.pk
         if not created:
             for role in self.roles.all():

apps/member/tables.py

@@ -31,7 +31,8 @@ class ClubTable(tables.Table):
         row_attrs = {
             'class': 'table-row',
             'id': lambda record: "row-" + str(record.pk),
-            'data-href': lambda record: record.pk
+            'data-href': lambda record: record.pk,
+            'style': 'cursor:pointer',
         }
 
 
@@ -74,7 +75,8 @@ class UserTable(tables.Table):
         model = User
         row_attrs = {
             'class': 'table-row',
-            'data-href': lambda record: record.pk
+            'data-href': lambda record: record.pk,
+            'style': 'cursor:pointer',
         }
 
 
@@ -118,7 +120,7 @@ class MembershipTable(tables.Table):
                     club=record.club,
                     user=record.user,
                     date_start__gte=record.club.membership_start,
-                    date_end__lte=record.club.membership_end,
+                    date_end__lte=record.club.membership_end or date(9999, 12, 31),
             ).exists():  # If the renew is not yet performed
                 empty_membership = Membership(
                     club=record.club,

apps/member/templates/member/includes/profile_info.html

@@ -52,7 +52,10 @@
 {% if user_object.pk == user.pk %}
     <div class="text-center">
         <a class="small badge badge-secondary" href="{% url 'member:auth_token' %}">
-            <i class="fa fa-cogs"></i>{% trans 'API token' %}
+            <i class="fa fa-cogs"></i>&nbsp;{% trans 'API token' %}
+        </a>
+        <a class="small badge badge-secondary" href="{% url 'member:qr_code' user_object.pk %}">
+            <i class="fa fa-qrcode"></i>&nbsp;{% trans 'QR Code' %}
         </a>
     </div>
 {% endif %}

apps/member/templates/member/qr_code.html

@@ -0,0 +1,36 @@
+{% extends "base.html" %}
+{% comment %}
+SPDX-License-Identifier: GPL-3.0-or-later
+{% endcomment %}
+{% load i18n %}
+
+{% block content %}
+<div class="card bg-light">
+  	<h3 class="card-header text-center">
+		{% trans "QR Code for" %} {{ user_object.username }} ({{ user_object.first_name }} {{user_object.last_name }})
+  	</h3>
+  	<div class="text-center" id="qrcode">
+  	</div>
+</div>
+
+
+{% endblock %}
+
+{% block extrajavascript %}
+<script src="https://cdnjs.cloudflare.com/ajax/libs/qrcodejs/1.0.0/qrcode.min.js" integrity="sha512-CNgIRecGo7nphbeZ04Sc13ka07paqdeTu0WR1IM4kNcpmBAUSHSQX0FslNhTDadL4O5SAGapGt4FodqL8My0mA==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
+<script>
+	var qrc = new QRCode(document.getElementById("qrcode"), {
+		text: "{{ user_object.pk }}\0",
+		width: 1024,
+		height: 1024
+	});
+</script>
+{% endblock %}
+
+{% block extracss %}
+<style>
+img {
+    width: 100%
+}
+</style>
+{% endblock %}

apps/member/urls.py

@@ -24,4 +24,5 @@ urlpatterns = [
     path('user/<int:pk>/update_pic/', views.ProfilePictureUpdateView.as_view(), name="user_update_pic"),
     path('user/<int:pk>/aliases/', views.ProfileAliasView.as_view(), name="user_alias"),
     path('manage-auth-token/', views.ManageAuthTokens.as_view(), name='auth_token'),
+    path('user/<int:pk>/qr_code/', views.QRCodeView.as_view(), name='qr_code'),
 ]

apps/member/views.py

@@ -18,7 +18,7 @@ from django.views.generic import DetailView, UpdateView, TemplateView
 from django.views.generic.edit import FormMixin
 from django_tables2.views import SingleTableView
 from rest_framework.authtoken.models import Token
-from note.models import Alias, NoteUser
+from note.models import Alias, NoteUser, NoteClub
 from note.models.transactions import Transaction, SpecialTransaction
 from note.tables import HistoryTable, AliasTable
 from note_kfet.middlewares import _set_current_request
@@ -174,7 +174,7 @@ class UserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
             modified_note = NoteUser.objects.get(pk=user.note.pk)
             # Don't log these tests
             modified_note._no_signal = True
-            modified_note.is_active = True
+            modified_note.is_active = False
             modified_note.inactivity_reason = 'manual'
             context["can_lock_note"] = user.note.is_active and PermissionBackend\
                                            .check_perm(self.request, "note.change_noteuser_is_active", modified_note)
@@ -183,14 +183,14 @@ class UserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
             modified_note._force_save = True
             modified_note.save()
             context["can_force_lock"] = user.note.is_active and PermissionBackend\
-                .check_perm(self.request, "note.change_note_is_active", modified_note)
+                .check_perm(self.request, "note.change_noteuser_is_active", modified_note)
             old_note._force_save = True
             old_note._no_signal = True
             old_note.save()
             modified_note.refresh_from_db()
             modified_note.is_active = True
             context["can_unlock_note"] = not user.note.is_active and PermissionBackend\
-                .check_perm(self.request, "note.change_note_is_active", modified_note)
+                .check_perm(self.request, "note.change_noteuser_is_active", modified_note)
 
         return context
 
@@ -256,7 +256,8 @@ class ProfileAliasView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
         context = super().get_context_data(**kwargs)
         note = context['object'].note
         context["aliases"] = AliasTable(
-            note.alias.filter(PermissionBackend.filter_queryset(self.request, Alias, "view")).distinct().all())
+            note.alias.filter(PermissionBackend.filter_queryset(self.request, Alias, "view")).distinct()
+            .order_by('normalized_name').all())
         context["can_create"] = PermissionBackend.check_perm(self.request, "note.add_alias", Alias(
             note=context["object"].note,
             name="",
@@ -330,6 +331,14 @@ class ManageAuthTokens(LoginRequiredMixin, TemplateView):
         context['token'] = Token.objects.get_or_create(user=self.request.user)[0]
         return context
 
+class QRCodeView(LoginRequiredMixin, DetailView):
+    """
+    Affiche le QR Code
+    """
+    model = User
+    context_object_name = "user_object"
+    template_name = "member/qr_code.html"
+    extra_context = {"title": _("QR Code")}
 
 # ******************************* #
 #              CLUB               #
@@ -403,9 +412,12 @@ class ClubDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
         """
         context = super().get_context_data(**kwargs)
 
-        club = context["club"]
+        club = self.object
+        context["note"] = club.note
+
         if PermissionBackend.check_perm(self.request, "member.change_club_membership_start", club):
             club.update_membership_dates()
+
         # managers list
         managers = Membership.objects.filter(club=self.object, roles__name="Bureau de club",
                                              date_start__lte=date.today(), date_end__gte=date.today())\
@@ -443,6 +455,29 @@ class ClubDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
         context["can_add_members"] = PermissionBackend()\
             .has_perm(self.request.user, "member.add_membership", empty_membership)
 
+        # Check permissions to see if the authenticated user can lock/unlock the note
+        with transaction.atomic():
+            modified_note = NoteClub.objects.get(pk=club.note.pk)
+            # Don't log these tests
+            modified_note._no_signal = True
+            modified_note.is_active = False
+            modified_note.inactivity_reason = 'manual'
+            context["can_lock_note"] = club.note.is_active and PermissionBackend \
+                .check_perm(self.request, "note.change_noteclub_is_active", modified_note)
+            old_note = NoteClub.objects.select_for_update().get(pk=club.note.pk)
+            modified_note.inactivity_reason = 'forced'
+            modified_note._force_save = True
+            modified_note.save()
+            context["can_force_lock"] = club.note.is_active and PermissionBackend \
+                .check_perm(self.request, "note.change_noteclub_is_active", modified_note)
+            old_note._force_save = True
+            old_note._no_signal = True
+            old_note.save()
+            modified_note.refresh_from_db()
+            modified_note.is_active = True
+            context["can_unlock_note"] = not club.note.is_active and PermissionBackend \
+                .check_perm(self.request, "note.change_noteclub_is_active", modified_note)
+
         return context
 
 

apps/note/static/note/js/transfer.js

@@ -222,6 +222,13 @@ $(document).ready(function () {
   })
 })
 
+// Make transfer when pressing Enter on the amount section
+$('#amount, #reason, #last_name, #first_name, #bank').keypress((event) => {
+  if (event.originalEvent.charCode === 13) {
+    $('#btn_transfer').click()
+  }
+})
+
 $('#btn_transfer').click(function () {
   if (LOCK) { return }
 
@@ -348,14 +355,14 @@ $('#btn_transfer').click(function () {
               destination_alias: dest.name
             }).done(function () {
             addMsg(interpolate(gettext('Transfer of %s from %s to %s failed: %s'),
-                [pretty_money(source.quantity * dest.quantity * amount), source.name, + dest.name, gettext('insufficient funds')]), 'danger', 10000)
+                [pretty_money(source.quantity * dest.quantity * amount), source.name, dest.name, gettext('insufficient funds')]), 'danger', 10000)
             reset()
           }).fail(function (err) {
             const errObj = JSON.parse(err.responseText)
             let error = errObj.detail ? errObj.detail : errObj.non_field_errors
             if (!error) { error = err.responseText }
             addMsg(interpolate(gettext('Transfer of %s from %s to %s failed: %s'),
-                [pretty_money(source.quantity * dest.quantity * amount), source.name, + dest.name, error]), 'danger')
+                [pretty_money(source.quantity * dest.quantity * amount), source.name, dest.name, error]), 'danger')
             LOCK = false
           })
         })

apps/note/tables.py

@@ -4,7 +4,7 @@
 import html
 
 import django_tables2 as tables
-from django.utils.html import format_html
+from django.utils.html import format_html, mark_safe
 from django_tables2.utils import A
 from django.utils.translation import gettext_lazy as _
 from note_kfet.middlewares import get_current_request
@@ -197,6 +197,17 @@ class ButtonTable(tables.Table):
         verbose_name=_("Edit"),
     )
 
+    hideshow = tables.Column(
+        verbose_name=_("Hide/Show"),
+        accessor="pk",
+        attrs={
+            'td': {
+                'class': 'col-sm-1',
+                'id': lambda record: "hideshow_" + str(record.pk),
+            }
+        },
+    )
+
     delete_col = tables.TemplateColumn(template_code=DELETE_TEMPLATE,
                                        extra_context={"delete_trans": _('delete')},
                                        attrs={'td': {'class': 'col-sm-1'}},
@@ -204,3 +215,16 @@ class ButtonTable(tables.Table):
 
     def render_amount(self, value):
         return pretty_money(value)
+
+    def order_category(self, queryset, is_descending):
+        return queryset.order_by(f"{'-' if is_descending else ''}category__name"), True
+
+    def render_hideshow(self, record):
+        val = '<button id="'
+        val += str(record.pk)
+        val += '" class="btn btn-secondary btn-sm" \
+            onclick="hideshow(' + str(record.id) + ',' + \
+            str(record.display).lower() + ')">'
+        val += str(_("Hide/Show"))
+        val += '</button>'
+        return mark_safe(val)

apps/note/templates/note/transaction_form.html

@@ -10,21 +10,25 @@ SPDX-License-Identifier: GPL-2.0-or-later
 {# bandeau transfert/crédit/débit/activité #}
     <div class="row">
         <div class="col-xl-12">
-            <div class="btn-group btn-group-toggle btn-block" data-toggle="buttons">
-                <label for="type_transfer" class="btn btn-sm btn-outline-primary active">
-                    <input type="radio" name="transaction_type" id="type_transfer">
-                    {% trans "Transfer" %}
-                </label>
-                {% if "note.notespecial"|not_empty_model_list %}
-                    <label for="type_credit" class="btn btn-sm btn-outline-primary">
-                        <input type="radio" name="transaction_type" id="type_credit">
-                        {% trans "Credit" %}
+            <div class="btn-group btn-block">
+                <div class="btn-group btn-group-toggle btn-block" data-toggle="buttons">
+                    <label for="type_transfer" class="btn btn-sm btn-outline-primary active">
+                        <input type="radio" name="transaction_type" id="type_transfer">
+                        {% trans "Transfer" %}
                     </label>
-                    <label for="type_debit" class="btn btn-sm btn-outline-primary">
-                        <input type="radio" name="transaction_type" id="type_debit">
-                        {% trans "Debit" %}
-                    </label>
-                {% endif %}
+                    {% if "note.notespecial"|not_empty_model_list %}
+                        <label for="type_credit" class="btn btn-sm btn-outline-primary">
+                            <input type="radio" name="transaction_type" id="type_credit">
+                            {% trans "Credit" %}
+                        </label>
+                        <label for="type_debit" class="btn btn-sm btn-outline-primary">
+                            <input type="radio" name="transaction_type" id="type_debit">
+                            {% trans "Debit" %}
+                        </label>
+                    {% endif %}
+                </div>
+
+                {# Add shortcuts for opened activites if necessary #}
                 {% for activity in activities_open %}
                     <a href="{% url "activity:activity_entry" pk=activity.pk %}" class="btn btn-sm btn-outline-primary">
                         {% trans "Entries" %} {{ activity.name }}

apps/note/templates/note/transactiontemplate_list.html

@@ -31,29 +31,29 @@ SPDX-License-Identifier: GPL-3.0-or-later
 
 {% block extrajavascript %}
 <script type="text/javascript">
+    function refreshMatchedWords() {
+        $("tr").each(function() {
+            let pattern = $('#search_field').val();
+            if (pattern) {
+                $(this).find("td:eq(0), td:eq(1), td:eq(3), td:eq(6)").each(function () {
+                    $(this).html($(this).text().replace(new RegExp(pattern, 'i'), "<mark>$&</mark>"));
+                });
+            }
+        });
+    }
+
+    function reloadTable() {
+        let pattern = $('#search_field').val();
+        $("#buttons_table").load(location.pathname + "?search=" + pattern.replace(" ", "%20") + " #buttons_table", refreshMatchedWords);
+    }
+
     $(document).ready(function() {
         let searchbar_obj = $("#search_field");
         let timer_on = false;
         let timer;
 
-        function refreshMatchedWords() {
-            $("tr").each(function() {
-                let pattern = searchbar_obj.val();
-                if (pattern) {
-                    $(this).find("td:eq(0), td:eq(1), td:eq(3), td:eq(6)").each(function () {
-                        $(this).html($(this).text().replace(new RegExp(pattern, 'i'), "<mark>$&</mark>"));
-                    });
-                }
-            });
-        }
-
         refreshMatchedWords();
 
-        function reloadTable() {
-            let pattern = searchbar_obj.val();
-            $("#buttons_table").load(location.pathname + "?search=" + pattern.replace(" ", "%20") + " #buttons_table", refreshMatchedWords);
-        }
-
         searchbar_obj.keyup(function() {
             if (timer_on)
                 clearTimeout(timer);
@@ -77,5 +77,28 @@ SPDX-License-Identifier: GPL-3.0-or-later
               addMsg('{% trans "Unable to delete button "%} #' + button_id, 'danger')
           });
      }
+
+    // on click of button "hide/show", call the API
+    function hideshow(id, displayed) {
+            $.ajax({
+                url: '/api/note/transaction/template/' + id + '/',
+                type: 'PATCH',
+                dataType: 'json',
+                headers: {
+                    'X-CSRFTOKEN': CSRF_TOKEN
+                },
+                data: {
+                    display: !displayed
+                },
+                success: function() {
+                    if(displayed)
+                        addMsg("{% trans "Button hidden"%}", 'success', 1000)
+                    else addMsg("{% trans "Button displayed"%}", 'success', 1000)
+                    reloadTable()
+                },
+                error: function (err) {
+                    addMsg("{% trans "An error occured"%}", 'danger')
+                }})
+        }
 </script>
 {% endblock %}

apps/note/views.py

@@ -53,7 +53,7 @@ class TransactionCreateView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTabl
         # Add a shortcut for entry page for open activities
         if "activity" in settings.INSTALLED_APPS:
             from activity.models import Activity
-            activities_open = Activity.objects.filter(open=True).filter(
+            activities_open = Activity.objects.filter(open=True, activity_type__manage_entries=True).filter(
                 PermissionBackend.filter_queryset(self.request, Activity, "view")).distinct().all()
             context["activities_open"] = [a for a in activities_open
                                           if PermissionBackend.check_perm(self.request,
@@ -90,9 +90,9 @@ class TransactionTemplateListView(ProtectQuerysetMixin, LoginRequiredMixin, Sing
         if "search" in self.request.GET:
             pattern = self.request.GET["search"]
             qs = qs.filter(
-                Q(name__iregex="^" + pattern)
-                | Q(destination__club__name__iregex="^" + pattern)
-                | Q(category__name__iregex="^" + pattern)
+                Q(name__iregex=pattern)
+                | Q(destination__club__name__iregex=pattern)
+                | Q(category__name__iregex=pattern)
                 | Q(description__iregex=pattern)
             )
 

apps/permission/fixtures/initial.json

@@ -111,12 +111,12 @@
 				"note",
 				"alias"
 			],
-			"query": "[\"AND\", [\"OR\", {\"note__noteuser__user__memberships__club__name\": \"Kfet\", \"note__noteuser__user__memberships__date_start__lte\": [\"today\"], \"note__noteuser__user__memberships__date_end__gte\": [\"today\"]}, {\"note__noteclub__isnull\": false}], {\"note__is_active\": true}]",
+			"query": "[\"AND\", [\"OR\", {\"note__noteuser__user__memberships__club__name\": \"BDE\", \"note__noteuser__user__memberships__date_start__lte\": [\"today\"], \"note__noteuser__user__memberships__date_end__gte\": [\"today\"]}, {\"note__noteclub__isnull\": false}], {\"note__is_active\": true}]",
 			"type": "view",
 			"mask": 1,
 			"field": "",
 			"permanent": false,
-			"description": "Voir les aliases des notes des clubs et des adhérents du club Kfet"
+			"description": "Voir les aliases des notes des clubs et des adhérents du club BDE"
 		}
 	},
 	{
@@ -977,7 +977,7 @@
 			],
 			"query": "[\"OR\", {\"source\": [\"club\", \"note\"]}, {\"destination\": [\"club\", \"note\"]}]",
 			"type": "view",
-			"mask": 1,
+			"mask": 2,
 			"field": "",
 			"permanent": false,
 			"description": "Voir les transactions d'un club"
@@ -2511,7 +2511,7 @@
 				"note",
 				"noteuser"
 			],
-			"query": "[\"AND\", {\"user\": [\"user\"]}, [\"OR\", {\"inactivity_reason\": \"manual\"}, {\"inactivity_reason\": null}]]",
+			"query": "[\"AND\", {\"user\": [\"user\"]}, [\"OR\", {\"inactivity_reason\": \"manual\"}, {\"is_active\": true}]]",
 			"type": "change",
 			"mask": 1,
 			"field": "is_active",
@@ -2527,7 +2527,7 @@
 				"note",
 				"noteuser"
 			],
-			"query": "[\"AND\", {\"user\": [\"user\"]}, [\"OR\", {\"inactivity_reason\": \"manual\"}, {\"inactivity_reason\": null}]]",
+			"query": "[\"AND\", {\"user\": [\"user\"]}, [\"OR\", {\"inactivity_reason\": \"manual\"}, {\"is_active\": true}]]",
 			"type": "change",
 			"mask": 1,
 			"field": "inactivity_reason",
@@ -2871,6 +2871,102 @@
 			"description": "Changer l'image de n'importe quelle note"
 		}
 	},
+	{
+		"model": "permission.permission",
+		"pk": 184,
+		"fields": {
+			"model": [
+				"note",
+				"noteclub"
+			],
+			"query": "[\"AND\", {\"club\": [\"club\"]}, [\"OR\", {\"inactivity_reason\": \"manual\"}, {\"is_active\": true}]]",
+			"type": "change",
+			"mask": 3,
+			"field": "is_active",
+			"permanent": true,
+			"description": "(Dé)bloquer la note de son club manuellement"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 185,
+		"fields": {
+			"model": [
+				"note",
+				"noteclub"
+			],
+			"query": "[\"AND\", {\"club\": [\"club\"]}, [\"OR\", {\"inactivity_reason\": \"manual\"}, {\"is_active\": true}]]",
+			"type": "change",
+			"mask": 3,
+			"field": "inactivity_reason",
+			"permanent": true,
+			"description": "(Dé)bloquer la note de son club et indiquer que cela a été fait manuellement"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 186,
+		"fields": {
+			"model": [
+				"oauth2_provider",
+				"application"
+			],
+			"query": "{\"user\": [\"user\"]}",
+			"type": "view",
+			"mask": 1,
+			"field": "",
+			"permanent": true,
+			"description": "Voir ses applications OAuth2"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 187,
+		"fields": {
+			"model": [
+				"oauth2_provider",
+				"application"
+			],
+			"query": "{\"user\": [\"user\"]}",
+			"type": "create",
+			"mask": 1,
+			"field": "",
+			"permanent": true,
+			"description": "Créer une application OAuth2"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 188,
+		"fields": {
+			"model": [
+				"oauth2_provider",
+				"application"
+			],
+			"query": "{\"user\": [\"user\"]}",
+			"type": "change",
+			"mask": 1,
+			"field": "",
+			"permanent": true,
+			"description": "Modifier une application OAuth2"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 189,
+		"fields": {
+			"model": [
+				"oauth2_provider",
+				"application"
+			],
+			"query": "{\"user\": [\"user\"]}",
+			"type": "delete",
+			"mask": 1,
+			"field": "",
+			"permanent": true,
+			"description": "Supprimer une application OAuth2"
+		}
+	},
 	{
 		"model": "permission.role",
 		"pk": 1,
@@ -2901,7 +2997,11 @@
 				126,
 				161,
 				162,
-				165
+				165,
+				186,
+				187,
+				188,
+				189
 			]
 		}
 	},
@@ -3010,7 +3110,9 @@
 				166,
 				167,
 				168,
-				182
+				182,
+				184,
+				185
 			]
 		}
 	},
@@ -3048,6 +3150,7 @@
 				31,
 				32,
 				33,
+				43,
 				51,
 				53,
 				54,
@@ -3277,7 +3380,13 @@
 				180,
 				181,
 				182,
-				183
+				183,
+				184,
+				185,
+				186,
+				187,
+				188,
+				189
 			]
 		}
 	},
@@ -3337,7 +3446,8 @@
 				45,
 				46,
 				148,
-				149
+				149,
+				182
 			]
 		}
 	},

apps/permission/scopes.py

@@ -1,6 +1,6 @@
 # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay
 # SPDX-License-Identifier: GPL-3.0-or-later
-
+from oauth2_provider.oauth2_validators import OAuth2Validator
 from oauth2_provider.scopes import BaseScopes
 from member.models import Club
 from note_kfet.middlewares import get_current_request
@@ -32,3 +32,26 @@ class PermissionScopes(BaseScopes):
             return []
         return [f"{p.id}_{p.membership.club.id}"
                 for p in PermissionBackend.get_raw_permissions(get_current_request(), 'view')]
+
+
+class PermissionOAuth2Validator(OAuth2Validator):
+    def validate_scopes(self, client_id, scopes, client, request, *args, **kwargs):
+        """
+        User can request as many scope as he wants, including invalid scopes,
+        but it will have only the permissions he has.
+
+        This allows clients to request more permission to get finally a
+        subset of permissions.
+        """
+
+        valid_scopes = set()
+
+        for t in Permission.PERMISSION_TYPES:
+            for p in PermissionBackend.get_raw_permissions(get_current_request(), t[0]):
+                scope = f"{p.id}_{p.membership.club.id}"
+                if scope in scopes:
+                    valid_scopes.add(scope)
+
+        request.scopes = valid_scopes
+
+        return valid_scopes

apps/permission/templates/permission/scopes.html

@@ -11,25 +11,25 @@
             <div class="accordion" id="accordionApps">
                 {% for app, app_scopes in scopes.items %}
                     <div class="card">
-                        <div class="card-header" id="app-{{ app.name.lower }}-title">
+                        <div class="card-header" id="app-{{ app.name|slugify }}-title">
                             <a class="text-decoration-none collapsed" href="#" data-toggle="collapse"
-                               data-target="#app-{{ app.name.lower }}" aria-expanded="false"
-                               aria-controls="app-{{ app.name.lower }}">
+                               data-target="#app-{{ app.name|slugify }}" aria-expanded="false"
+                               aria-controls="app-{{ app.name|slugify }}">
                                 {{ app.name }}
                             </a>
                         </div>
-                        <div class="collapse" id="app-{{ app.name.lower }}" aria-labelledby="app-{{ app.name.lower }}" data-target="#accordionApps">
+                        <div class="collapse" id="app-{{ app.name|slugify }}" aria-labelledby="app-{{ app.name|slugify }}" data-target="#accordionApps">
                             <div class="card-body">
                                 {% for scope_id, scope_desc in app_scopes.items %}
                                     <div class="form-group">
-                                        <label class="form-check-label" for="scope-{{ app.name.lower }}-{{ scope_id }}">
-                                            <input type="checkbox" id="scope-{{ app.name.lower }}-{{ scope_id }}"
-                                                   name="scope-{{ app.name.lower }}" class="checkboxinput form-check-input" value="{{ scope_id }}">
+                                        <label class="form-check-label" for="scope-{{ app.name|slugify }}-{{ scope_id }}">
+                                            <input type="checkbox" id="scope-{{ app.name|slugify }}-{{ scope_id }}"
+                                                   name="scope-{{ app.name|slugify }}" class="checkboxinput form-check-input" value="{{ scope_id }}">
                                             {{ scope_desc }}
                                         </label>
                                     </div>
                                 {% endfor %}
-                                <p id="url-{{ app.name.lower }}">
+                                <p id="url-{{ app.name|slugify }}">
                                     <a href="{% url 'oauth2_provider:authorize' %}?client_id={{ app.client_id }}&response_type=code" target="_blank">
                                         {{ request.scheme }}://{{ request.get_host }}{% url 'oauth2_provider:authorize' %}?client_id={{ app.client_id }}&response_type=code
                                     </a>
@@ -51,11 +51,10 @@
 {% block extrajavascript %}
     <script>
         {% for app in scopes.keys %}
-            let elements = document.getElementsByName("scope-{{ app.name.lower }}");
-            for (let element of elements) {
+            for (let element of document.getElementsByName("scope-{{ app.name|slugify }}")) {
                 element.onchange = function (event) {
                     let scope = ""
-                    for (let element of elements) {
+                    for (let element of document.getElementsByName("scope-{{ app.name|slugify }}")) {
                         if (element.checked) {
                             scope += element.value + " "
                         }
@@ -63,7 +62,7 @@
 
                     scope = scope.substr(0, scope.length - 1)
 
-                    document.getElementById("url-{{ app.name.lower }}").innerHTML = 'Scopes : ' + scope
+                    document.getElementById("url-{{ app.name|slugify }}").innerHTML = 'Scopes : ' + scope
                         + '<br><a href="{% url 'oauth2_provider:authorize' %}?client_id={{ app.client_id }}&response_type=code&scope='+ scope.replaceAll(' ', '%20')
                         + '" target="_blank">{{ request.scheme }}://{{ request.get_host }}{% url 'oauth2_provider:authorize' %}?client_id={{ app.client_id }}&response_type=code&scope='
                         + scope.replaceAll(' ', '%20') + '</a>'

apps/registration/forms.py

@@ -46,8 +46,8 @@ class SignUpForm(UserCreationForm):
 
 class DeclareSogeAccountOpenedForm(forms.Form):
     soge_account = forms.BooleanField(
-        label=_("I declare that I opened or I will open soon a bank account in the Société générale with the BDE \
-         partnership."),
+        label=_("I declare that I opened or I will open soon a bank account in the Société générale with the BDE "
+                "partnership."),
         help_text=_("Warning: this engages you to open your bank account. If you finally decides to don't open your "
                     "account, you will have to pay the BDE membership."),
         required=False,

apps/treasury/migrations/0004_auto_20211005_1544.py

@@ -0,0 +1,18 @@
+# Generated by Django 2.2.24 on 2021-10-05 13:44
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('treasury', '0003_auto_20210321_1034'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='sogecredit',
+            name='transactions',
+            field=models.ManyToManyField(blank=True, related_name='_sogecredit_transactions_+', to='note.MembershipTransaction', verbose_name='membership transactions'),
+        ),
+    ]

apps/treasury/models.py

@@ -1,6 +1,6 @@
 # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay
 # SPDX-License-Identifier: GPL-3.0-or-later
-
+import datetime
 from datetime import date
 
 from django.conf import settings
@@ -305,8 +305,16 @@ class SogeCredit(models.Model):
 
     @property
     def amount(self):
-        return self.credit_transaction.total if self.valid \
-            else sum(transaction.total for transaction in self.transactions.all())
+        if self.valid:
+            return self.credit_transaction.total
+        amount = sum(transaction.total for transaction in self.transactions.all())
+        if 'wei' in settings.INSTALLED_APPS:
+            from wei.models import WEIMembership
+            if not WEIMembership.objects.filter(club__weiclub__year=datetime.date.today().year, user=self.user)\
+                    .exists():
+                # 80 € for people that don't go to WEI
+                amount += 8000
+        return amount
 
     def update_transactions(self):
         """
@@ -323,13 +331,15 @@ class SogeCredit(models.Model):
 
         if bde_qs.exists():
             m = bde_qs.get()
-            if m.transaction not in self.transactions.all():
-                self.transactions.add(m.transaction)
+            if MembershipTransaction.objects.filter(membership=m).exists():  # non-free membership
+                if m.transaction not in self.transactions.all():
+                    self.transactions.add(m.transaction)
 
         if kfet_qs.exists():
             m = kfet_qs.get()
-            if m.transaction not in self.transactions.all():
-                self.transactions.add(m.transaction)
+            if MembershipTransaction.objects.filter(membership=m).exists():  # non-free membership
+                if m.transaction not in self.transactions.all():
+                    self.transactions.add(m.transaction)
 
         if 'wei' in settings.INSTALLED_APPS:
             from wei.models import WEIClub
@@ -337,8 +347,9 @@ class SogeCredit(models.Model):
             wei_qs = Membership.objects.filter(user=self.user, club=wei, date_start__gte=wei.membership_start)
             if wei_qs.exists():
                 m = wei_qs.get()
-                if m.transaction not in self.transactions.all():
-                    self.transactions.add(m.transaction)
+                if MembershipTransaction.objects.filter(membership=m).exists():  # non-free membership
+                    if m.transaction not in self.transactions.all():
+                        self.transactions.add(m.transaction)
 
         for tr in self.transactions.all():
             tr.valid = False

apps/wei/forms/surveys/__init__.py

@@ -2,11 +2,11 @@
 # SPDX-License-Identifier: GPL-3.0-or-later
 
 from .base import WEISurvey, WEISurveyInformation, WEISurveyAlgorithm
-from .wei2021 import WEISurvey2021
+from .wei2022 import WEISurvey2022
 
 
 __all__ = [
     'WEISurvey', 'WEISurveyInformation', 'WEISurveyAlgorithm', 'CurrentSurvey',
 ]
 
-CurrentSurvey = WEISurvey2021
+CurrentSurvey = WEISurvey2022

apps/wei/forms/surveys/base.py

@@ -50,15 +50,19 @@ class WEIBusInformation:
         self.bus.information = d
         self.bus.save()
 
-    def free_seats(self, surveys: List["WEISurvey"] = None):
-        size = self.bus.size
-        already_occupied = WEIMembership.objects.filter(bus=self.bus).count()
+    def free_seats(self, surveys: List["WEISurvey"] = None, quotas=None):
+        if not quotas:
+            size = self.bus.size
+            already_occupied = WEIMembership.objects.filter(bus=self.bus).count()
+            quotas = {self.bus: size - already_occupied}
+
+        quota = quotas[self.bus]
         valid_surveys = sum(1 for survey in surveys if survey.information.valid
                             and survey.information.get_selected_bus() == self.bus) if surveys else 0
-        return size - already_occupied - valid_surveys
+        return quota - valid_surveys
 
-    def has_free_seats(self, surveys=None):
-        return self.free_seats(surveys) > 0
+    def has_free_seats(self, surveys=None, quotas=None):
+        return self.free_seats(surveys, quotas) > 0
 
 
 class WEISurveyAlgorithm:
@@ -86,14 +90,20 @@ class WEISurveyAlgorithm:
         """
         Queryset of all first year registrations
         """
-        return WEIRegistration.objects.filter(wei__year=cls.get_survey_class().get_year(), first_year=True)
+        if not hasattr(cls, '_registrations'):
+            cls._registrations = WEIRegistration.objects.filter(wei__year=cls.get_survey_class().get_year(),
+                                                                first_year=True).all()
+
+        return cls._registrations
 
     @classmethod
     def get_buses(cls) -> QuerySet:
         """
         Queryset of all buses of the associated wei.
         """
-        return Bus.objects.filter(wei__year=cls.get_survey_class().get_year(), size__gt=0)
+        if not hasattr(cls, '_buses'):
+            cls._buses = Bus.objects.filter(wei__year=cls.get_survey_class().get_year(), size__gt=0).all()
+        return cls._buses
 
     @classmethod
     def get_bus_information(cls, bus):
@@ -135,7 +145,10 @@ class WEISurvey:
         """
         The WEI associated to this kind of survey.
         """
-        return WEIClub.objects.get(year=cls.get_year())
+        if not hasattr(cls, '_wei'):
+            cls._wei = WEIClub.objects.get(year=cls.get_year())
+
+        return cls._wei
 
     @classmethod
     def get_survey_information_class(cls):
@@ -210,3 +223,15 @@ class WEISurvey:
         self.information.selected_bus_pk = None
         self.information.selected_bus_name = None
         self.information.valid = False
+
+    @classmethod
+    def clear_cache(cls):
+        """
+        Clear stored information.
+        """
+        if hasattr(cls, '_wei'):
+            del cls._wei
+        if hasattr(cls.get_algorithm_class(), '_registrations'):
+            del cls.get_algorithm_class()._registrations
+        if hasattr(cls.get_algorithm_class(), '_buses'):
+            del cls.get_algorithm_class()._buses

apps/wei/forms/surveys/wei2021.py

@@ -1,13 +1,17 @@
 # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay
 # SPDX-License-Identifier: GPL-3.0-or-later
+
 import time
+from functools import lru_cache
 from random import Random
 
 from django import forms
 from django.db import transaction
+from django.db.models import Q
 from django.utils.translation import gettext_lazy as _
 
 from .base import WEISurvey, WEISurveyInformation, WEISurveyAlgorithm, WEIBusInformation
+from ...models import WEIMembership
 
 WORDS = [
     '13 organisé', '3ième mi temps', 'Années 2000', 'Apéro', 'BBQ', 'BP', 'Beauf', 'Binge drinking', 'Bon enfant',
@@ -135,20 +139,41 @@ class WEISurvey2021(WEISurvey):
         """
         return self.information.step == 20
 
+    @classmethod
+    @lru_cache()
+    def word_mean(cls, word):
+        """
+        Calculate the mid-score given by all buses.
+        """
+        buses = cls.get_algorithm_class().get_buses()
+        return sum([cls.get_algorithm_class().get_bus_information(bus).scores[word] for bus in buses]) / buses.count()
+
+    @lru_cache()
     def score(self, bus):
         if not self.is_complete():
             raise ValueError("Survey is not ended, can't calculate score")
-        bus_info = self.get_algorithm_class().get_bus_information(bus)
-        return sum(bus_info.scores[getattr(self.information, 'word' + str(i))] for i in range(1, 21)) / 20
 
+        bus_info = self.get_algorithm_class().get_bus_information(bus)
+        # Score is the given score by the bus subtracted to the mid-score of the buses.
+        s = sum(bus_info.scores[getattr(self.information, 'word' + str(i))]
+                - self.word_mean(getattr(self.information, 'word' + str(i))) for i in range(1, 21)) / 20
+        return s
+
+    @lru_cache()
     def scores_per_bus(self):
         return {bus: self.score(bus) for bus in self.get_algorithm_class().get_buses()}
 
+    @lru_cache()
     def ordered_buses(self):
         values = list(self.scores_per_bus().items())
         values.sort(key=lambda item: -item[1])
         return values
 
+    @classmethod
+    def clear_cache(cls):
+        cls.word_mean.cache_clear()
+        return super().clear_cache()
+
 
 class WEISurveyAlgorithm2021(WEISurveyAlgorithm):
     """
@@ -164,19 +189,72 @@ class WEISurveyAlgorithm2021(WEISurveyAlgorithm):
     def get_bus_information_class(cls):
         return WEIBusInformation2021
 
-    def run_algorithm(self):
+    def run_algorithm(self, display_tqdm=False):
         """
         Gale-Shapley algorithm implementation.
         We modify it to allow buses to have multiple "weddings".
         """
         surveys = list(self.get_survey_class()(r) for r in self.get_registrations())  # All surveys
-        surveys = [s for s in surveys if s.is_complete()]
-        free_surveys = [s for s in surveys if not s.information.valid]  # Remaining surveys
+        surveys = [s for s in surveys if s.is_complete()]  # Don't consider invalid surveys
+        # Don't manage hardcoded people
+        surveys = [s for s in surveys if not hasattr(s.information, 'hardcoded') or not s.information.hardcoded]
+
+        # Reset previous algorithm run
+        for survey in surveys:
+            survey.free()
+            survey.save()
+
+        non_men = [s for s in surveys if s.registration.gender != 'male']
+        men = [s for s in surveys if s.registration.gender == 'male']
+
+        quotas = {}
+        registrations = self.get_registrations()
+        non_men_total = registrations.filter(~Q(gender='male')).count()
+        for bus in self.get_buses():
+            free_seats = bus.size - WEIMembership.objects.filter(bus=bus, registration__first_year=False).count()
+            # Remove hardcoded people
+            free_seats -= WEIMembership.objects.filter(bus=bus, registration__first_year=True,
+                                                       registration__information_json__icontains="hardcoded").count()
+            quotas[bus] = 4 + int(non_men_total / registrations.count() * free_seats)
+
+        tqdm_obj = None
+        if display_tqdm:
+            from tqdm import tqdm
+            tqdm_obj = tqdm(total=len(non_men), desc="Non-hommes")
+
+        # Repartition for non men people first
+        self.make_repartition(non_men, quotas, tqdm_obj=tqdm_obj)
+
+        quotas = {}
+        for bus in self.get_buses():
+            free_seats = bus.size - WEIMembership.objects.filter(bus=bus, registration__first_year=False).count()
+            free_seats -= sum(1 for s in non_men if s.information.selected_bus_pk == bus.pk)
+            # Remove hardcoded people
+            free_seats -= WEIMembership.objects.filter(bus=bus, registration__first_year=True,
+                                                       registration__information_json__icontains="hardcoded").count()
+            quotas[bus] = free_seats
+
+        if display_tqdm:
+            tqdm_obj.close()
+
+            from tqdm import tqdm
+            tqdm_obj = tqdm(total=len(men), desc="Hommes")
+
+        self.make_repartition(men, quotas, tqdm_obj=tqdm_obj)
+
+        if display_tqdm:
+            tqdm_obj.close()
+
+        # Clear cache information after running algorithm
+        WEISurvey2021.clear_cache()
+
+    def make_repartition(self, surveys, quotas=None, tqdm_obj=None):
+        free_surveys = surveys.copy()  # Remaining surveys
         while free_surveys:  # Some students are not affected
             survey = free_surveys[0]
             buses = survey.ordered_buses()  # Preferences of the student
-            for bus, _ignored in buses:
-                if self.get_bus_information(bus).has_free_seats(surveys):
+            for bus, current_score in buses:
+                if self.get_bus_information(bus).has_free_seats(surveys, quotas):
                     # Selected bus has free places. Put student in the bus
                     survey.select_bus(bus)
                     survey.save()
@@ -184,7 +262,6 @@ class WEISurveyAlgorithm2021(WEISurveyAlgorithm):
                     break
                 else:
                     # Current bus has not enough places. Remove the least preferred student from the bus if existing
-                    current_score = survey.score(bus)
                     least_preferred_survey = None
                     least_score = -1
                     # Find the least student in the bus that has a lower score than the current student
@@ -206,6 +283,11 @@ class WEISurveyAlgorithm2021(WEISurveyAlgorithm):
                         free_surveys.append(least_preferred_survey)
                         survey.select_bus(bus)
                         survey.save()
+                        free_surveys.remove(survey)
                         break
             else:
                 raise ValueError(f"User {survey.registration.user} has no free seat")
+
+            if tqdm_obj is not None:
+                tqdm_obj.n = len(surveys) - len(free_surveys)
+                tqdm_obj.refresh()

apps/wei/forms/surveys/wei2022.py

@@ -0,0 +1,293 @@
+# Copyright (C) 2018-2022 by BDE ENS Paris-Saclay
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+import time
+from functools import lru_cache
+from random import Random
+
+from django import forms
+from django.db import transaction
+from django.db.models import Q
+from django.utils.translation import gettext_lazy as _
+
+from .base import WEISurvey, WEISurveyInformation, WEISurveyAlgorithm, WEIBusInformation
+from ...models import WEIMembership
+
+WORDS = [
+    '13 organisé', '3ième mi temps', 'Années 2000', 'Apéro', 'BBQ', 'BP', 'Beauf', 'Binge drinking', 'Bon enfant',
+    'Cartouche', 'Catacombes', 'Chansons paillardes', 'Chansons populaires', 'Chanteur', 'Chartreuse', 'Chill',
+    'Core', 'DJ', 'Dancefloor', 'Danse', 'David Guetta', 'Disco', 'Eau de vie', 'Électro', 'Escalade', 'Familial',
+    'Fanfare', 'Fracassage', 'Féria', 'Hard rock', 'Hoeggarden', 'House', 'Huit-six', 'IPA', 'Inclusif', 'Inferno',
+    'Introverti', 'Jager bomb', 'Jazz', 'Jeux d\'alcool', 'Jeux de rôles', 'Jeux vidéo', 'Jul', 'Jus de fruit',
+    'Karaoké', 'LGBTQI+', 'Lady Gaga', 'Loup garou', 'Morning beer', 'Métal', 'Nuit blanche', 'Ovalie', 'Psychedelic',
+    'Pétanque', 'Rave', 'Reggae', 'Rhum', 'Ricard', 'Rock', 'Rosé', 'Rétro', 'Séducteur', 'Techno', 'Thérapie taxi',
+    'Théâtre', 'Trap', 'Turn up', 'Underground', 'Volley', 'Wati B', 'Zinédine Zidane',
+]
+
+
+class WEISurveyForm2022(forms.Form):
+    """
+    Survey form for the year 2022.
+    Members choose 20 words, from which we calculate the best associated bus.
+    """
+
+    word = forms.ChoiceField(
+        label=_("Choose a word:"),
+        widget=forms.RadioSelect(),
+    )
+
+    def set_registration(self, registration):
+        """
+        Filter the bus selector with the buses of the current WEI.
+        """
+        information = WEISurveyInformation2022(registration)
+        if not information.seed:
+            information.seed = int(1000 * time.time())
+            information.save(registration)
+            registration._force_save = True
+            registration.save()
+
+        if self.data:
+            self.fields["word"].choices = [(w, w) for w in WORDS]
+            if self.is_valid():
+                return
+
+        rng = Random((information.step + 1) * information.seed)
+
+        words = None
+
+        buses = WEISurveyAlgorithm2022.get_buses()
+        informations = {bus: WEIBusInformation2022(bus) for bus in buses}
+        scores = sum((list(informations[bus].scores.values()) for bus in buses), [])
+        average_score = sum(scores) / len(scores)
+
+        preferred_words = {bus: [word for word in WORDS
+                                 if informations[bus].scores[word] >= average_score]
+                           for bus in buses}
+        while words is None or len(set(words)) != len(words):
+            # Ensure that there is no the same word 2 times
+            words = [rng.choice(words) for _ignored2, words in preferred_words.items()]
+        rng.shuffle(words)
+        words = [(w, w) for w in words]
+        self.fields["word"].choices = words
+
+
+class WEIBusInformation2022(WEIBusInformation):
+    """
+    For each word, the bus has a score
+    """
+    scores: dict
+
+    def __init__(self, bus):
+        self.scores = {}
+        for word in WORDS:
+            self.scores[word] = 0.0
+        super().__init__(bus)
+
+
+class WEISurveyInformation2022(WEISurveyInformation):
+    """
+    We store the id of the selected bus. We store only the name, but is not used in the selection:
+    that's only for humans that try to read data.
+    """
+    # Random seed that is stored at the first time to ensure that words are generated only once
+    seed = 0
+    step = 0
+
+    def __init__(self, registration):
+        for i in range(1, 21):
+            setattr(self, "word" + str(i), None)
+        super().__init__(registration)
+
+
+class WEISurvey2022(WEISurvey):
+    """
+    Survey for the year 2022.
+    """
+
+    @classmethod
+    def get_year(cls):
+        return 2022
+
+    @classmethod
+    def get_survey_information_class(cls):
+        return WEISurveyInformation2022
+
+    def get_form_class(self):
+        return WEISurveyForm2022
+
+    def update_form(self, form):
+        """
+        Filter the bus selector with the buses of the WEI.
+        """
+        form.set_registration(self.registration)
+
+    @transaction.atomic
+    def form_valid(self, form):
+        word = form.cleaned_data["word"]
+        self.information.step += 1
+        setattr(self.information, "word" + str(self.information.step), word)
+        self.save()
+
+    @classmethod
+    def get_algorithm_class(cls):
+        return WEISurveyAlgorithm2022
+
+    def is_complete(self) -> bool:
+        """
+        The survey is complete once the bus is chosen.
+        """
+        return self.information.step == 20
+
+    @classmethod
+    @lru_cache()
+    def word_mean(cls, word):
+        """
+        Calculate the mid-score given by all buses.
+        """
+        buses = cls.get_algorithm_class().get_buses()
+        return sum([cls.get_algorithm_class().get_bus_information(bus).scores[word] for bus in buses]) / buses.count()
+
+    @lru_cache()
+    def score(self, bus):
+        if not self.is_complete():
+            raise ValueError("Survey is not ended, can't calculate score")
+
+        bus_info = self.get_algorithm_class().get_bus_information(bus)
+        # Score is the given score by the bus subtracted to the mid-score of the buses.
+        s = sum(bus_info.scores[getattr(self.information, 'word' + str(i))]
+                - self.word_mean(getattr(self.information, 'word' + str(i))) for i in range(1, 21)) / 20
+        return s
+
+    @lru_cache()
+    def scores_per_bus(self):
+        return {bus: self.score(bus) for bus in self.get_algorithm_class().get_buses()}
+
+    @lru_cache()
+    def ordered_buses(self):
+        values = list(self.scores_per_bus().items())
+        values.sort(key=lambda item: -item[1])
+        return values
+
+    @classmethod
+    def clear_cache(cls):
+        cls.word_mean.cache_clear()
+        return super().clear_cache()
+
+
+class WEISurveyAlgorithm2022(WEISurveyAlgorithm):
+    """
+    The algorithm class for the year 2022.
+    We use Gale-Shapley algorithm to attribute 1y students into buses.
+    """
+
+    @classmethod
+    def get_survey_class(cls):
+        return WEISurvey2022
+
+    @classmethod
+    def get_bus_information_class(cls):
+        return WEIBusInformation2022
+
+    def run_algorithm(self, display_tqdm=False):
+        """
+        Gale-Shapley algorithm implementation.
+        We modify it to allow buses to have multiple "weddings".
+        """
+        surveys = list(self.get_survey_class()(r) for r in self.get_registrations())  # All surveys
+        surveys = [s for s in surveys if s.is_complete()]  # Don't consider invalid surveys
+        # Don't manage hardcoded people
+        surveys = [s for s in surveys if not hasattr(s.information, 'hardcoded') or not s.information.hardcoded]
+
+        # Reset previous algorithm run
+        for survey in surveys:
+            survey.free()
+            survey.save()
+
+        non_men = [s for s in surveys if s.registration.gender != 'male']
+        men = [s for s in surveys if s.registration.gender == 'male']
+
+        quotas = {}
+        registrations = self.get_registrations()
+        non_men_total = registrations.filter(~Q(gender='male')).count()
+        for bus in self.get_buses():
+            free_seats = bus.size - WEIMembership.objects.filter(bus=bus, registration__first_year=False).count()
+            # Remove hardcoded people
+            free_seats -= WEIMembership.objects.filter(bus=bus, registration__first_year=True,
+                                                       registration__information_json__icontains="hardcoded").count()
+            quotas[bus] = 4 + int(non_men_total / registrations.count() * free_seats)
+
+        tqdm_obj = None
+        if display_tqdm:
+            from tqdm import tqdm
+            tqdm_obj = tqdm(total=len(non_men), desc="Non-hommes")
+
+        # Repartition for non men people first
+        self.make_repartition(non_men, quotas, tqdm_obj=tqdm_obj)
+
+        quotas = {}
+        for bus in self.get_buses():
+            free_seats = bus.size - WEIMembership.objects.filter(bus=bus, registration__first_year=False).count()
+            free_seats -= sum(1 for s in non_men if s.information.selected_bus_pk == bus.pk)
+            # Remove hardcoded people
+            free_seats -= WEIMembership.objects.filter(bus=bus, registration__first_year=True,
+                                                       registration__information_json__icontains="hardcoded").count()
+            quotas[bus] = free_seats
+
+        if display_tqdm:
+            tqdm_obj.close()
+
+            from tqdm import tqdm
+            tqdm_obj = tqdm(total=len(men), desc="Hommes")
+
+        self.make_repartition(men, quotas, tqdm_obj=tqdm_obj)
+
+        if display_tqdm:
+            tqdm_obj.close()
+
+        # Clear cache information after running algorithm
+        WEISurvey2022.clear_cache()
+
+    def make_repartition(self, surveys, quotas=None, tqdm_obj=None):
+        free_surveys = surveys.copy()  # Remaining surveys
+        while free_surveys:  # Some students are not affected
+            survey = free_surveys[0]
+            buses = survey.ordered_buses()  # Preferences of the student
+            for bus, current_score in buses:
+                if self.get_bus_information(bus).has_free_seats(surveys, quotas):
+                    # Selected bus has free places. Put student in the bus
+                    survey.select_bus(bus)
+                    survey.save()
+                    free_surveys.remove(survey)
+                    break
+                else:
+                    # Current bus has not enough places. Remove the least preferred student from the bus if existing
+                    least_preferred_survey = None
+                    least_score = -1
+                    # Find the least student in the bus that has a lower score than the current student
+                    for survey2 in surveys:
+                        if not survey2.information.valid or survey2.information.get_selected_bus() != bus:
+                            continue
+                        score2 = survey2.score(bus)
+                        if current_score <= score2:  # Ignore better students
+                            continue
+                        if least_preferred_survey is None or score2 < least_score:
+                            least_preferred_survey = survey2
+                            least_score = score2
+
+                    if least_preferred_survey is not None:
+                        # Remove the least student from the bus and put the current student in.
+                        # If it does not exist, choose the next bus.
+                        least_preferred_survey.free()
+                        least_preferred_survey.save()
+                        free_surveys.append(least_preferred_survey)
+                        survey.select_bus(bus)
+                        survey.save()
+                        free_surveys.remove(survey)
+                        break
+            else:
+                raise ValueError(f"User {survey.registration.user} has no free seat")
+
+            if tqdm_obj is not None:
+                tqdm_obj.n = len(surveys) - len(free_surveys)
+                tqdm_obj.refresh()

apps/wei/management/commands/wei_algorithm.py

@@ -24,7 +24,15 @@ class Command(BaseCommand):
         sid = transaction.savepoint()
 
         algorithm = CurrentSurvey.get_algorithm_class()()
-        algorithm.run_algorithm()
+
+        try:
+            from tqdm import tqdm
+            del tqdm
+            display_tqdm = True
+        except ImportError:
+            display_tqdm = False
+
+        algorithm.run_algorithm(display_tqdm=display_tqdm)
 
         output = options['output']
         registrations = algorithm.get_registrations()
@@ -34,8 +42,13 @@ class Command(BaseCommand):
         for bus, members in per_bus.items():
             output.write(bus.name + "\n")
             output.write("=" * len(bus.name) + "\n")
+            _order = -1
             for r in members:
-                output.write(r.user.username + "\n")
+                survey = CurrentSurvey(r)
+                for _order, (b, _score) in enumerate(survey.ordered_buses()):
+                    if b == bus:
+                        break
+                output.write(f"{r.user.username} ({_order + 1})\n")
             output.write("\n")
 
         if not options['doit']:

apps/wei/tests/test_wei_algorithm_2021.py

@@ -25,6 +25,7 @@ class TestWEIAlgorithm(TestCase):
             email="wei2021@example.com",
             date_start='2021-09-17',
             date_end='2021-09-19',
+            year=2021,
         )
 
         self.buses = []

apps/wei/tests/test_wei_algorithm_2022.py

@@ -0,0 +1,110 @@
+# Copyright (C) 2018-2022 by BDE ENS Paris-Saclay
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+import random
+
+from django.contrib.auth.models import User
+from django.test import TestCase
+
+from ..forms.surveys.wei2022 import WEIBusInformation2022, WEISurvey2022, WORDS, WEISurveyInformation2022
+from ..models import Bus, WEIClub, WEIRegistration
+
+
+class TestWEIAlgorithm(TestCase):
+    """
+    Run some tests to ensure that the WEI algorithm is working well.
+    """
+    fixtures = ('initial',)
+
+    def setUp(self):
+        """
+        Create some test data, with one WEI and 10 buses with random score attributions.
+        """
+        self.wei = WEIClub.objects.create(
+            name="WEI 2022",
+            email="wei2022@example.com",
+            date_start='2022-09-16',
+            date_end='2022-09-18',
+            year=2022,
+        )
+
+        self.buses = []
+        for i in range(10):
+            bus = Bus.objects.create(wei=self.wei, name=f"Bus {i}", size=10)
+            self.buses.append(bus)
+            information = WEIBusInformation2022(bus)
+            for word in WORDS:
+                information.scores[word] = random.randint(0, 101)
+            information.save()
+            bus.save()
+
+    def test_survey_algorithm_small(self):
+        """
+        There are only a few people in each bus, ensure that each person has its best bus
+        """
+        # Add a few users
+        for i in range(10):
+            user = User.objects.create(username=f"user{i}")
+            registration = WEIRegistration.objects.create(
+                user=user,
+                wei=self.wei,
+                first_year=True,
+                birth_date='2000-01-01',
+            )
+            information = WEISurveyInformation2022(registration)
+            for j in range(1, 21):
+                setattr(information, f'word{j}', random.choice(WORDS))
+            information.step = 20
+            information.save(registration)
+            registration.save()
+
+        # Run algorithm
+        WEISurvey2022.get_algorithm_class()().run_algorithm()
+
+        # Ensure that everyone has its first choice
+        for r in WEIRegistration.objects.filter(wei=self.wei).all():
+            survey = WEISurvey2022(r)
+            preferred_bus = survey.ordered_buses()[0][0]
+            chosen_bus = survey.information.get_selected_bus()
+            self.assertEqual(preferred_bus, chosen_bus)
+
+    def test_survey_algorithm_full(self):
+        """
+        Buses are full of first year people, ensure that they are happy
+        """
+        # Add a lot of users
+        for i in range(95):
+            user = User.objects.create(username=f"user{i}")
+            registration = WEIRegistration.objects.create(
+                user=user,
+                wei=self.wei,
+                first_year=True,
+                birth_date='2000-01-01',
+            )
+            information = WEISurveyInformation2022(registration)
+            for j in range(1, 21):
+                setattr(information, f'word{j}', random.choice(WORDS))
+            information.step = 20
+            information.save(registration)
+            registration.save()
+
+        # Run algorithm
+        WEISurvey2022.get_algorithm_class()().run_algorithm()
+
+        penalty = 0
+        # Ensure that everyone seems to be happy
+        # We attribute a penalty for each user that didn't have its first choice
+        # The penalty is the square of the distance between the score of the preferred bus
+        # and the score of the attributed bus
+        # We consider it acceptable if the mean of this distance is lower than 5 %
+        for r in WEIRegistration.objects.filter(wei=self.wei).all():
+            survey = WEISurvey2022(r)
+            chosen_bus = survey.information.get_selected_bus()
+            buses = survey.ordered_buses()
+            score = min(v for bus, v in buses if bus == chosen_bus)
+            max_score = buses[0][1]
+            penalty += (max_score - score) ** 2
+
+            self.assertLessEqual(max_score - score, 25)  # Always less than 25 % of tolerance
+
+        self.assertLessEqual(penalty / 100, 25)  # Tolerance of 5 %

apps/wei/tests/test_wei_registration.py

@@ -782,7 +782,7 @@ class TestDefaultWEISurvey(TestCase):
         WEISurvey.update_form(None, None)
 
         self.assertEqual(CurrentSurvey.get_algorithm_class().get_survey_class(), CurrentSurvey)
-        self.assertEqual(CurrentSurvey.get_year(), 2021)
+        self.assertEqual(CurrentSurvey.get_year(), 2022)
 
 
 class TestWeiAPI(TestAPI):

docs/apps/treasury.rst

@@ -86,7 +86,7 @@ Génération
 
 Les factures peuvent s'exporter au format PDF (là est tout leur intérêt). Pour cela, on utilise le template LaTeX
 présent à l'adresse suivante :
-`/templates/treasury/invoice_sample.tex <https://gitlab.crans.org/bde/nk20/-/tree/master/templates/treasury/invoice_sample.tex>`_
+`/templates/treasury/invoice_sample.tex <https://gitlab.crans.org/bde/nk20/-/tree/main/templates/treasury/invoice_sample.tex>`_
 
 On le remplit avec les données de la facture et les données du BDE, hard-codées. On copie le template rempli dans un
 ficher tex dans un dossier temporaire. On fait ensuite 2 appels à ``pdflatex`` pour générer la facture au format PDF.

docs/external_services/oauth2.rst

@@ -41,8 +41,14 @@ On a ensuite besoin de définir nos propres scopes afin d'avoir des permissions
 
    OAUTH2_PROVIDER = {
        'SCOPES_BACKEND_CLASS': 'permission.scopes.PermissionScopes',
+       'OAUTH2_VALIDATOR_CLASS': "permission.scopes.PermissionOAuth2Validator",
+       'REFRESH_TOKEN_EXPIRE_SECONDS': timedelta(days=14),
    }
 
+Cela a pour effet d'avoir des scopes sous la forme ``PERMISSION_CLUB``,
+et de demander des scopes facultatives (voir plus bas).
+Un jeton de rafraîchissement expire de plus au bout de 14 jours, si non-renouvelé.
+
 On ajoute enfin les routes dans ``urls.py`` :
 
 .. code:: python
@@ -94,6 +100,27 @@ du format renvoyé.
    Vous pouvez donc contrôler le plus finement possible les permissions octroyées à vos
    jetons.
 
+.. danger::
+
+   Demander des scopes n'implique pas de les avoir.
+
+   Lorsque des scopes sont demandées par un client, la Note
+   va considérer l'ensemble des permissions accessibles parmi
+   ce qui est demandé. Dans vos programmes, vous devrez donc
+   vérifier les permissions acquises (communiquées lors de la
+   récupération du jeton d'accès à partir du grant code),
+   et prévoir un comportement dans le cas où des permissions
+   sont manquantes.
+
+   Cela offre un intérêt supérieur par rapport au protocole
+   OAuth2 classique, consistant à demander trop de permissions
+   et agir en conséquence.
+
+   Par exemple, vous pourriez demander la permission d'accéder
+   aux membres d'un club ou de faire des transactions, et agir
+   uniquement dans le cas où l'utilisateur connecté possède la
+   permission problématique.
+
 Avec Django-allauth
 ###################
 
@@ -116,6 +143,7 @@ installées (sur votre propre client), puis de bien ajouter l'application social
    SOCIALACCOUNT_PROVIDERS = {
        'notekfet': {
            # 'DOMAIN': 'note.crans.org',
+           'SCOPE': ['1_1', '2_1'],
        },
        ...
    }
@@ -123,6 +151,10 @@ installées (sur votre propre client), puis de bien ajouter l'application social
 Le paramètre ``DOMAIN`` permet de changer d'instance de Note Kfet. Par défaut, il
 se connectera à ``note.crans.org`` si vous ne renseignez rien.
 
+Le paramètre ``SCOPE`` permet de définir les scopes à demander.
+Dans l'exemple ci-dessous, les permissions d'accéder à l'utilisateur
+et au profil sont demandées.
+
 En créant l'application sur la note, vous pouvez renseigner
 ``https://monsite.example.com/accounts/notekfet/login/callback/`` en URL de redirection,
 à adapter selon votre configuration.

docs/install.rst

@@ -88,7 +88,7 @@ On clone donc le dépôt en tant que ``www-data`` :
 
    $ sudo -u www-data git clone https://gitlab.crans.org/bde/nk20.git /var/www/note_kfet
 
-Par défaut, le dépôt est configuré pour suivre la branche ``master``, qui est la branche
+Par défaut, le dépôt est configuré pour suivre la branche ``main``, qui est la branche
 stable, notamment installée sur `<https://note.crans.org/>`_. Pour changer de branche,
 notamment passer sur la branche ``beta`` sur un serveur de pré-production (un peu comme
 `<https://note-dev.crans.org/>`_), on peut faire :
@@ -587,7 +587,7 @@ Dans ce fichier, remplissez :
    ---
    note:
      server_name: note.crans.org
-     git_branch: master
+     git_branch: main
      cron_enabled: true
      email: notekfet2020@lists.crans.org
 

locale/fr/LC_MESSAGES/django.po

@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2021-09-13 23:26+0200\n"
+"POT-Creation-Date: 2021-10-07 22:55+0200\n"
 "PO-Revision-Date: 2020-11-16 20:02+0000\n"
 "Last-Translator: Yohann D'ANELLO <ynerant@crans.org>\n"
 "Language-Team: French <http://translate.ynerant.fr/projects/nk20/nk20/fr/>\n"
@@ -23,28 +23,32 @@ msgstr ""
 msgid "activity"
 msgstr "activité"
 
-#: apps/activity/forms.py:35 apps/activity/models.py:132
+#: apps/activity/forms.py:34
+msgid "The note of this club is inactive."
+msgstr "La note du club est inactive."
+
+#: apps/activity/forms.py:41 apps/activity/models.py:132
 msgid "The end date must be after the start date."
 msgstr "La date de fin doit être après celle de début."
 
-#: apps/activity/forms.py:76 apps/activity/models.py:270
+#: apps/activity/forms.py:82 apps/activity/models.py:270
 msgid "You can't invite someone once the activity is started."
 msgstr ""
 "Vous ne pouvez pas inviter quelqu'un une fois que l'activité a démarré."
 
-#: apps/activity/forms.py:79 apps/activity/models.py:273
+#: apps/activity/forms.py:85 apps/activity/models.py:273
 msgid "This activity is not validated yet."
 msgstr "Cette activité n'est pas encore validée."
 
-#: apps/activity/forms.py:89 apps/activity/models.py:281
+#: apps/activity/forms.py:95 apps/activity/models.py:281
 msgid "This person has been already invited 5 times this year."
 msgstr "Cette personne a déjà été invitée 5 fois cette année."
 
-#: apps/activity/forms.py:93 apps/activity/models.py:285
+#: apps/activity/forms.py:99 apps/activity/models.py:285
 msgid "This person is already invited."
 msgstr "Cette personne est déjà invitée."
 
-#: apps/activity/forms.py:97 apps/activity/models.py:289
+#: apps/activity/forms.py:103 apps/activity/models.py:289
 msgid "You can't invite more than 3 people to this activity."
 msgstr "Vous ne pouvez pas inviter plus de 3 personnes à cette activité."
 
@@ -195,7 +199,7 @@ msgstr "Entrée de la note {note} pour l'activité « {activity} »"
 msgid "Already entered on "
 msgstr "Déjà rentré le "
 
-#: apps/activity/models.py:202 apps/activity/tables.py:54
+#: apps/activity/models.py:202 apps/activity/tables.py:56
 msgid "{:%Y-%m-%d %H:%M:%S}"
 msgstr "{:%d/%m/%Y %H:%M:%S}"
 
@@ -234,48 +238,48 @@ msgstr "invités"
 msgid "Invitation"
 msgstr "Invitation"
 
-#: apps/activity/tables.py:25
+#: apps/activity/tables.py:27
 msgid "The activity is currently open."
 msgstr "Cette activité est actuellement ouverte."
 
-#: apps/activity/tables.py:26
+#: apps/activity/tables.py:28
 msgid "The validation of the activity is pending."
 msgstr "La validation de cette activité est en attente."
 
-#: apps/activity/tables.py:41 apps/treasury/tables.py:107
+#: apps/activity/tables.py:43 apps/treasury/tables.py:107
 msgid "Remove"
 msgstr "Supprimer"
 
-#: apps/activity/tables.py:54
+#: apps/activity/tables.py:56
 msgid "Entered on "
 msgstr "Entré le "
 
-#: apps/activity/tables.py:56
+#: apps/activity/tables.py:58
 msgid "remove"
 msgstr "supprimer"
 
-#: apps/activity/tables.py:80 apps/note/forms.py:68 apps/treasury/models.py:199
+#: apps/activity/tables.py:82 apps/note/forms.py:68 apps/treasury/models.py:199
 msgid "Type"
 msgstr "Type"
 
-#: apps/activity/tables.py:82 apps/member/forms.py:186
-#: apps/registration/forms.py:90 apps/treasury/forms.py:131
+#: apps/activity/tables.py:84 apps/member/forms.py:186
+#: apps/registration/forms.py:91 apps/treasury/forms.py:131
 #: apps/wei/forms/registration.py:104
 msgid "Last name"
 msgstr "Nom de famille"
 
-#: apps/activity/tables.py:84 apps/member/forms.py:191
-#: apps/note/templates/note/transaction_form.html:134
-#: apps/registration/forms.py:95 apps/treasury/forms.py:133
+#: apps/activity/tables.py:86 apps/member/forms.py:191
+#: apps/note/templates/note/transaction_form.html:138
+#: apps/registration/forms.py:96 apps/treasury/forms.py:133
 #: apps/wei/forms/registration.py:109
 msgid "First name"
 msgstr "Prénom"
 
-#: apps/activity/tables.py:86 apps/note/models/notes.py:86
+#: apps/activity/tables.py:88 apps/note/models/notes.py:86
 msgid "Note"
 msgstr "Note"
 
-#: apps/activity/tables.py:88 apps/member/tables.py:49
+#: apps/activity/tables.py:90 apps/member/tables.py:50
 msgid "Balance"
 msgstr "Solde du compte"
 
@@ -289,26 +293,26 @@ msgstr "Invité supprimé"
 
 #: apps/activity/templates/activity/activity_entry.html:14
 #: apps/note/models/transactions.py:257
-#: apps/note/templates/note/transaction_form.html:16
-#: apps/note/templates/note/transaction_form.html:148
+#: apps/note/templates/note/transaction_form.html:17
+#: apps/note/templates/note/transaction_form.html:152
 #: note_kfet/templates/base.html:73
 msgid "Transfer"
 msgstr "Virement"
 
 #: apps/activity/templates/activity/activity_entry.html:18
 #: apps/note/models/transactions.py:317
-#: apps/note/templates/note/transaction_form.html:21
+#: apps/note/templates/note/transaction_form.html:22
 msgid "Credit"
 msgstr "Crédit"
 
 #: apps/activity/templates/activity/activity_entry.html:21
 #: apps/note/models/transactions.py:317
-#: apps/note/templates/note/transaction_form.html:25
+#: apps/note/templates/note/transaction_form.html:26
 msgid "Debit"
 msgstr "Débit"
 
 #: apps/activity/templates/activity/activity_entry.html:27
-#: apps/note/templates/note/transaction_form.html:30
+#: apps/note/templates/note/transaction_form.html:34
 msgid "Entries"
 msgstr "Entrées"
 
@@ -316,13 +320,13 @@ msgstr "Entrées"
 msgid "Return to activity page"
 msgstr "Retour à la page de l'activité"
 
-#: apps/activity/templates/activity/activity_entry.html:89
-#: apps/activity/templates/activity/activity_entry.html:124
+#: apps/activity/templates/activity/activity_entry.html:94
+#: apps/activity/templates/activity/activity_entry.html:129
 msgid "Entry done, but caution: the user is not a Kfet member."
 msgstr ""
 "Entrée effectuée, mais attention : la personne n'est pas un adhérent Kfet."
 
-#: apps/activity/templates/activity/activity_entry.html:127
+#: apps/activity/templates/activity/activity_entry.html:132
 msgid "Entry done!"
 msgstr "Entrée effectuée !"
 
@@ -400,33 +404,33 @@ msgstr "Créer une nouvelle activité"
 msgid "Activities"
 msgstr "Activités"
 
-#: apps/activity/views.py:95
+#: apps/activity/views.py:93
 msgid "Activity detail"
 msgstr "Détails de l'activité"
 
-#: apps/activity/views.py:115
+#: apps/activity/views.py:113
 msgid "Update activity"
 msgstr "Modifier l'activité"
 
-#: apps/activity/views.py:142
+#: apps/activity/views.py:140
 msgid "Invite guest to the activity \"{}\""
 msgstr "Invitation pour l'activité « {} »"
 
-#: apps/activity/views.py:177
+#: apps/activity/views.py:178
 msgid "You are not allowed to display the entry interface for this activity."
 msgstr ""
 "Vous n'êtes pas autorisé à afficher l'interface des entrées pour cette "
 "activité."
 
-#: apps/activity/views.py:180
+#: apps/activity/views.py:181
 msgid "This activity does not support activity entries."
 msgstr "Cette activité ne requiert pas d'entrées."
 
-#: apps/activity/views.py:183
+#: apps/activity/views.py:184
 msgid "This activity is closed."
 msgstr "Cette activité est fermée."
 
-#: apps/activity/views.py:279
+#: apps/activity/views.py:280
 msgid "Entry for activity \"{}\""
 msgstr "Entrées pour l'activité « {} »"
 
@@ -462,7 +466,7 @@ msgstr "nouvelles données"
 msgid "create"
 msgstr "créer"
 
-#: apps/logs/models.py:65 apps/note/tables.py:165 apps/note/tables.py:201
+#: apps/logs/models.py:65 apps/note/tables.py:165 apps/note/tables.py:211
 #: apps/permission/models.py:127 apps/treasury/tables.py:38
 #: apps/wei/tables.py:74
 msgid "delete"
@@ -548,20 +552,20 @@ msgstr "Cette image ne peut pas être chargée."
 msgid "An alias with a similar name already exists."
 msgstr "Un alias avec un nom similaire existe déjà."
 
-#: apps/member/forms.py:165 apps/registration/forms.py:70
+#: apps/member/forms.py:165 apps/registration/forms.py:71
 msgid "Inscription paid by Société Générale"
 msgstr "Inscription payée par la Société générale"
 
-#: apps/member/forms.py:167 apps/registration/forms.py:72
+#: apps/member/forms.py:167 apps/registration/forms.py:73
 msgid "Check this case if the Société Générale paid the inscription."
 msgstr "Cochez cette case si la Société Générale a payé l'inscription."
 
-#: apps/member/forms.py:172 apps/registration/forms.py:77
+#: apps/member/forms.py:172 apps/registration/forms.py:78
 #: apps/wei/forms/registration.py:91
 msgid "Credit type"
 msgstr "Type de rechargement"
 
-#: apps/member/forms.py:173 apps/registration/forms.py:78
+#: apps/member/forms.py:173 apps/registration/forms.py:79
 #: apps/wei/forms/registration.py:92
 msgid "No credit"
 msgstr "Pas de rechargement"
@@ -570,13 +574,13 @@ msgstr "Pas de rechargement"
 msgid "You can credit the note of the user."
 msgstr "Vous pouvez créditer la note de l'utilisateur avant l'adhésion."
 
-#: apps/member/forms.py:179 apps/registration/forms.py:83
+#: apps/member/forms.py:179 apps/registration/forms.py:84
 #: apps/wei/forms/registration.py:97
 msgid "Credit amount"
 msgstr "Montant à créditer"
 
-#: apps/member/forms.py:196 apps/note/templates/note/transaction_form.html:140
-#: apps/registration/forms.py:100 apps/treasury/forms.py:135
+#: apps/member/forms.py:196 apps/note/templates/note/transaction_form.html:144
+#: apps/registration/forms.py:101 apps/treasury/forms.py:135
 #: apps/wei/forms/registration.py:114
 msgid "Bank"
 msgstr "Banque"
@@ -846,33 +850,33 @@ msgstr "l'adhésion commence le"
 msgid "membership ends on"
 msgstr "l'adhésion finit le"
 
-#: apps/member/models.py:422
+#: apps/member/models.py:428
 #, python-brace-format
 msgid "The role {role} does not apply to the club {club}."
 msgstr "Le rôle {role} ne s'applique pas au club {club}."
 
-#: apps/member/models.py:431 apps/member/views.py:651
+#: apps/member/models.py:437 apps/member/views.py:651
 msgid "User is already a member of the club"
 msgstr "L'utilisateur est déjà membre du club"
 
-#: apps/member/models.py:443 apps/member/views.py:660
+#: apps/member/models.py:449 apps/member/views.py:660
 msgid "User is not a member of the parent club"
 msgstr "L'utilisateur n'est pas membre du club parent"
 
-#: apps/member/models.py:496
+#: apps/member/models.py:502
 #, python-brace-format
 msgid "Membership of {user} for the club {club}"
 msgstr "Adhésion de {user} pour le club {club}"
 
-#: apps/member/models.py:499 apps/note/models/transactions.py:389
+#: apps/member/models.py:505 apps/note/models/transactions.py:389
 msgid "membership"
 msgstr "adhésion"
 
-#: apps/member/models.py:500
+#: apps/member/models.py:506
 msgid "memberships"
 msgstr "adhésions"
 
-#: apps/member/tables.py:137
+#: apps/member/tables.py:139
 msgid "Renew"
 msgstr "Renouveler"
 
@@ -1192,7 +1196,7 @@ msgstr "Modifier le club"
 msgid "Add new member to the club"
 msgstr "Ajouter un nouveau membre au club"
 
-#: apps/member/views.py:642 apps/wei/views.py:956
+#: apps/member/views.py:642 apps/wei/views.py:973
 msgid ""
 "This user don't have enough money to join this club, and can't have a "
 "negative balance."
@@ -1247,7 +1251,7 @@ msgstr "Source"
 msgid "Destination"
 msgstr "Destination"
 
-#: apps/note/forms.py:74 apps/note/templates/note/transaction_form.html:119
+#: apps/note/forms.py:74 apps/note/templates/note/transaction_form.html:123
 msgid "Reason"
 msgstr "Raison"
 
@@ -1498,8 +1502,8 @@ msgstr ""
 "mode de paiement et un utilisateur ou un club"
 
 #: apps/note/models/transactions.py:355 apps/note/models/transactions.py:358
-#: apps/note/models/transactions.py:361 apps/wei/views.py:961
-#: apps/wei/views.py:965
+#: apps/note/models/transactions.py:361 apps/wei/views.py:978
+#: apps/wei/views.py:982
 msgid "This field is required."
 msgstr "Ce champ est requis."
 
@@ -1531,7 +1535,7 @@ msgstr "Cliquez pour valider"
 msgid "No reason specified"
 msgstr "Pas de motif spécifié"
 
-#: apps/note/tables.py:169 apps/note/tables.py:203 apps/treasury/tables.py:39
+#: apps/note/tables.py:169 apps/note/tables.py:213 apps/treasury/tables.py:39
 #: apps/treasury/templates/treasury/invoice_confirm_delete.html:30
 #: apps/treasury/templates/treasury/sogecredit_detail.html:65
 #: apps/wei/tables.py:75 apps/wei/tables.py:118
@@ -1552,8 +1556,12 @@ msgstr "Supprimer"
 msgid "Edit"
 msgstr "Éditer"
 
+#: apps/note/tables.py:201 apps/note/tables.py:224
+msgid "Hide/Show"
+msgstr "Afficher/Masquer"
+
 #: apps/note/templates/note/conso_form.html:22
-#: apps/note/templates/note/transaction_form.html:44
+#: apps/note/templates/note/transaction_form.html:48
 msgid "Please select a note"
 msgstr "Sélectionnez une note"
 
@@ -1562,8 +1570,8 @@ msgid "Consum"
 msgstr "Consommer"
 
 #: apps/note/templates/note/conso_form.html:43
-#: apps/note/templates/note/transaction_form.html:65
-#: apps/note/templates/note/transaction_form.html:92
+#: apps/note/templates/note/transaction_form.html:69
+#: apps/note/templates/note/transaction_form.html:96
 msgid "Name or alias..."
 msgstr "Pseudo ou alias ..."
 
@@ -1588,7 +1596,7 @@ msgid "Double consumptions"
 msgstr "Consommations doubles"
 
 #: apps/note/templates/note/conso_form.html:154
-#: apps/note/templates/note/transaction_form.html:159
+#: apps/note/templates/note/transaction_form.html:163
 msgid "Recent transactions history"
 msgstr "Historique des transactions récentes"
 
@@ -1603,45 +1611,45 @@ msgstr "Historique des transactions récentes"
 msgid "Mail generated by the Note Kfet on the"
 msgstr "Mail généré par la Note Kfet le"
 
-#: apps/note/templates/note/transaction_form.html:54
-#: apps/note/templates/note/transaction_form.html:174
+#: apps/note/templates/note/transaction_form.html:58
+#: apps/note/templates/note/transaction_form.html:178
 msgid "Select emitters"
 msgstr "Sélection des émetteurs"
 
-#: apps/note/templates/note/transaction_form.html:69
+#: apps/note/templates/note/transaction_form.html:73
 msgid "I am the emitter"
 msgstr "Je suis l'émetteur"
 
-#: apps/note/templates/note/transaction_form.html:81
-#: apps/note/templates/note/transaction_form.html:176
+#: apps/note/templates/note/transaction_form.html:85
+#: apps/note/templates/note/transaction_form.html:180
 msgid "Select receivers"
 msgstr "Sélection des destinataires"
 
-#: apps/note/templates/note/transaction_form.html:104
+#: apps/note/templates/note/transaction_form.html:108
 msgid "Action"
 msgstr "Action"
 
-#: apps/note/templates/note/transaction_form.html:112
+#: apps/note/templates/note/transaction_form.html:116
 #: apps/treasury/forms.py:137 apps/treasury/tables.py:67
 #: apps/treasury/tables.py:132
 #: apps/treasury/templates/treasury/remittance_form.html:23
 msgid "Amount"
 msgstr "Montant"
 
-#: apps/note/templates/note/transaction_form.html:128
+#: apps/note/templates/note/transaction_form.html:132
 #: apps/treasury/models.py:54
 msgid "Name"
 msgstr "Nom"
 
-#: apps/note/templates/note/transaction_form.html:173
+#: apps/note/templates/note/transaction_form.html:177
 msgid "Select emitter"
 msgstr "Sélection de l'émetteur"
 
-#: apps/note/templates/note/transaction_form.html:175
+#: apps/note/templates/note/transaction_form.html:179
 msgid "Select receiver"
 msgstr "Sélection du destinataire"
 
-#: apps/note/templates/note/transaction_form.html:177
+#: apps/note/templates/note/transaction_form.html:181
 msgid "Transfer type"
 msgstr "Type de transfert"
 
@@ -1681,6 +1689,18 @@ msgstr "le bouton a bien été supprimé "
 msgid "Unable to delete button "
 msgstr "Impossible de supprimer le bouton "
 
+#: apps/note/templates/note/transactiontemplate_list.html:95
+msgid "Button hidden"
+msgstr "Bouton masqué"
+
+#: apps/note/templates/note/transactiontemplate_list.html:96
+msgid "Button displayed"
+msgstr "Bouton affiché"
+
+#: apps/note/templates/note/transactiontemplate_list.html:100
+msgid "An error occured"
+msgstr "Une erreur s'est produite"
+
 #: apps/note/views.py:36
 msgid "Transfer money"
 msgstr "Transférer de l'argent"
@@ -1913,13 +1933,13 @@ msgstr "Cet email est déjà pris."
 
 #: apps/registration/forms.py:49
 msgid ""
-"I declare that I opened or I will open soon a bank account in the Société générale with the BDE "
-"partnership."
+"I declare that I opened or I will open soon a bank account in the Société "
+"générale with the BDE partnership."
 msgstr ""
-"Je déclare avoir ouvert ou ouvrir prochainement un compte à la société générale avec le partenariat "
-"du BDE."
+"Je déclare avoir ouvert ou ouvrir prochainement un compte à la société "
+"générale avec le partenariat du BDE."
 
-#: apps/registration/forms.py:50
+#: apps/registration/forms.py:51
 msgid ""
 "Warning: this engages you to open your bank account. If you finally decides "
 "to don't open your account, you will have to pay the BDE membership."
@@ -1927,11 +1947,11 @@ msgstr ""
 "Attention : cocher cette case vous engage à ouvrir votre compte. Si vous "
 "décidez de ne pas le faire, vous devrez payer l'adhésion au BDE."
 
-#: apps/registration/forms.py:58
+#: apps/registration/forms.py:59
 msgid "Register to the WEI"
 msgstr "S'inscrire au WEI"
 
-#: apps/registration/forms.py:60
+#: apps/registration/forms.py:61
 msgid ""
 "Check this case if you want to register to the WEI. If you hesitate, you "
 "will be able to register later, after validating your account in the Kfet."
@@ -1940,11 +1960,11 @@ msgstr ""
 "pourrez toujours vous inscrire plus tard, après avoir validé votre compte à "
 "la Kfet."
 
-#: apps/registration/forms.py:105
+#: apps/registration/forms.py:106
 msgid "Join BDE Club"
 msgstr "Adhérer au club BDE"
 
-#: apps/registration/forms.py:112
+#: apps/registration/forms.py:113
 msgid "Join Kfet Club"
 msgstr "Adhérer au club Kfet"
 
@@ -2244,7 +2264,7 @@ msgstr "proxys de transactions spéciales"
 msgid "credit transaction"
 msgstr "transaction de crédit"
 
-#: apps/treasury/models.py:419
+#: apps/treasury/models.py:430
 msgid ""
 "This user doesn't have enough money to pay the memberships with its note. "
 "Please ask her/him to credit the note before invalidating this credit."
@@ -2252,16 +2272,16 @@ msgstr ""
 "Cet utilisateur n'a pas assez d'argent pour payer les adhésions avec sa "
 "note. Merci de lui demander de recharger sa note avant d'invalider ce crédit."
 
-#: apps/treasury/models.py:439
+#: apps/treasury/models.py:451
 #: apps/treasury/templates/treasury/sogecredit_detail.html:10
 msgid "Credit from the Société générale"
 msgstr "Crédit de la Société générale"
 
-#: apps/treasury/models.py:440
+#: apps/treasury/models.py:452
 msgid "Credits from the Société générale"
 msgstr "Crédits de la Société générale"
 
-#: apps/treasury/models.py:443
+#: apps/treasury/models.py:455
 #, python-brace-format
 msgid "Soge credit for {user}"
 msgstr "Crédit de la société générale pour l'utilisateur {user}"
@@ -2559,7 +2579,7 @@ msgstr "Sélectionnez les rôles qui vous intéressent."
 msgid "This team doesn't belong to the given bus."
 msgstr "Cette équipe n'appartient pas à ce bus."
 
-#: apps/wei/forms/surveys/wei2021.py:31
+#: apps/wei/forms/surveys/wei2021.py:35
 msgid "Choose a word:"
 msgstr "Choisissez un mot :"
 
@@ -2804,11 +2824,11 @@ msgstr "Prix du WEI (étudiants)"
 msgid "WEI list"
 msgstr "Liste des WEI"
 
-#: apps/wei/templates/wei/base.html:81 apps/wei/views.py:523
+#: apps/wei/templates/wei/base.html:81 apps/wei/views.py:528
 msgid "Register 1A"
 msgstr "Inscrire un 1A"
 
-#: apps/wei/templates/wei/base.html:85 apps/wei/views.py:603
+#: apps/wei/templates/wei/base.html:85 apps/wei/views.py:614
 msgid "Register 2A+"
 msgstr "Inscrire un 2A+"
 
@@ -2837,8 +2857,8 @@ msgstr "Télécharger au format PDF"
 
 #: apps/wei/templates/wei/survey.html:11
 #: apps/wei/templates/wei/survey_closed.html:11
-#: apps/wei/templates/wei/survey_end.html:11 apps/wei/views.py:1011
-#: apps/wei/views.py:1066 apps/wei/views.py:1076
+#: apps/wei/templates/wei/survey_end.html:11 apps/wei/views.py:1028
+#: apps/wei/views.py:1083 apps/wei/views.py:1093
 msgid "Survey WEI"
 msgstr "Questionnaire WEI"
 
@@ -2883,7 +2903,7 @@ msgstr "Inscriptions non validées"
 msgid "Attribute buses"
 msgstr "Répartition dans les bus"
 
-#: apps/wei/templates/wei/weiclub_list.html:14 apps/wei/views.py:78
+#: apps/wei/templates/wei/weiclub_list.html:14 apps/wei/views.py:79
 msgid "Create WEI"
 msgstr "Créer un WEI"
 
@@ -3020,67 +3040,67 @@ msgstr "Il n'y a pas de pré-inscription en attente avec cette entrée."
 msgid "View validated memberships..."
 msgstr "Voir les adhésions validées ..."
 
-#: apps/wei/views.py:57
+#: apps/wei/views.py:58
 msgid "Search WEI"
 msgstr "Chercher un WEI"
 
-#: apps/wei/views.py:108
+#: apps/wei/views.py:109
 msgid "WEI Detail"
 msgstr "Détails du WEI"
 
-#: apps/wei/views.py:203
+#: apps/wei/views.py:208
 msgid "View members of the WEI"
 msgstr "Voir les membres du WEI"
 
-#: apps/wei/views.py:231
+#: apps/wei/views.py:236
 msgid "Find WEI Membership"
 msgstr "Trouver une adhésion au WEI"
 
-#: apps/wei/views.py:241
+#: apps/wei/views.py:246
 msgid "View registrations to the WEI"
 msgstr "Voir les inscriptions au WEI"
 
-#: apps/wei/views.py:265
+#: apps/wei/views.py:270
 msgid "Find WEI Registration"
 msgstr "Trouver une inscription au WEI"
 
-#: apps/wei/views.py:276
+#: apps/wei/views.py:281
 msgid "Update the WEI"
 msgstr "Modifier le WEI"
 
-#: apps/wei/views.py:297
+#: apps/wei/views.py:302
 msgid "Create new bus"
 msgstr "Ajouter un nouveau bus"
 
-#: apps/wei/views.py:335
+#: apps/wei/views.py:340
 msgid "Update bus"
 msgstr "Modifier le bus"
 
-#: apps/wei/views.py:367
+#: apps/wei/views.py:372
 msgid "Manage bus"
 msgstr "Gérer le bus"
 
-#: apps/wei/views.py:394
+#: apps/wei/views.py:399
 msgid "Create new team"
 msgstr "Créer une nouvelle équipe"
 
-#: apps/wei/views.py:434
+#: apps/wei/views.py:439
 msgid "Update team"
 msgstr "Modifier l'équipe"
 
-#: apps/wei/views.py:465
+#: apps/wei/views.py:470
 msgid "Manage WEI team"
 msgstr "Gérer l'équipe WEI"
 
-#: apps/wei/views.py:487
+#: apps/wei/views.py:492
 msgid "Register first year student to the WEI"
 msgstr "Inscrire un 1A au WEI"
 
-#: apps/wei/views.py:545 apps/wei/views.py:638
+#: apps/wei/views.py:550 apps/wei/views.py:649
 msgid "This user is already registered to this WEI."
 msgstr "Cette personne est déjà inscrite au WEI."
 
-#: apps/wei/views.py:550
+#: apps/wei/views.py:555
 msgid ""
 "This user can't be in her/his first year since he/she has already "
 "participated to a WEI."
@@ -3088,35 +3108,35 @@ msgstr ""
 "Cet utilisateur ne peut pas être en première année puisqu'il a déjà "
 "participé à un WEI."
 
-#: apps/wei/views.py:567
+#: apps/wei/views.py:578
 msgid "Register old student to the WEI"
 msgstr "Inscrire un 2A+ au WEI"
 
-#: apps/wei/views.py:622 apps/wei/views.py:704
+#: apps/wei/views.py:633 apps/wei/views.py:721
 msgid "You already opened an account in the Société générale."
 msgstr "Vous avez déjà ouvert un compte auprès de la société générale."
 
-#: apps/wei/views.py:668
+#: apps/wei/views.py:685
 msgid "Update WEI Registration"
 msgstr "Modifier l'inscription WEI"
 
-#: apps/wei/views.py:778
+#: apps/wei/views.py:795
 msgid "Delete WEI registration"
 msgstr "Supprimer l'inscription WEI"
 
-#: apps/wei/views.py:789
+#: apps/wei/views.py:806
 msgid "You don't have the right to delete this WEI registration."
 msgstr "Vous n'avez pas la permission de supprimer cette inscription au WEI."
 
-#: apps/wei/views.py:807
+#: apps/wei/views.py:824
 msgid "Validate WEI registration"
 msgstr "Valider l'inscription WEI"
 
-#: apps/wei/views.py:1169
+#: apps/wei/views.py:1186
 msgid "Attribute buses to first year members"
 msgstr "Répartir les 1A dans les bus"
 
-#: apps/wei/views.py:1191
+#: apps/wei/views.py:1211
 msgid "Attribute bus"
 msgstr "Attribuer un bus"
 
@@ -3266,6 +3286,10 @@ msgstr ""
 msgid "Contact us"
 msgstr "Nous contacter"
 
+#: note_kfet/templates/base.html:197
+msgid "Technical Support"
+msgstr "Support technique"
+
 #: note_kfet/templates/base_search.html:15
 msgid "Search by attribute such as name…"
 msgstr "Chercher par un attribut tel que le nom …"
@@ -3493,8 +3517,3 @@ msgstr ""
 "vous connecter. Vous devez vous rendre à la Kfet et payer les frais "
 "d'adhésion. Vous devez également valider votre adresse email en suivant le "
 "lien que vous avez reçu."
-
-#~ msgid "You are not a Kfet member, so you can't use your note account."
-#~ msgstr ""
-#~ "Vous n'êtes pas adhérent Kfet, vous ne pouvez par conséquent pas utiliser "
-#~ "votre compte note."

note_kfet/settings/base.py

@@ -7,6 +7,8 @@
 import os
 
 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
+from datetime import timedelta
+
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
 
 # Quick-start development settings - unsuitable for production
@@ -22,6 +24,15 @@ ALLOWED_HOSTS = [
     os.getenv('NOTE_URL', 'localhost'),
 ]
 
+# Use secure cookies in production
+SESSION_COOKIE_SECURE = not DEBUG
+CSRF_COOKIE_SECURE = not DEBUG
+
+# Remember HTTPS for 1 year
+SECURE_HSTS_SECONDS = 31536000
+SECURE_HSTS_INCLUDE_SUBDOMAINS = True
+SECURE_HSTS_PRELOAD = True
+
 
 # Application definition
 
@@ -248,6 +259,8 @@ REST_FRAMEWORK = {
 # OAuth2 Provider
 OAUTH2_PROVIDER = {
     'SCOPES_BACKEND_CLASS': 'permission.scopes.PermissionScopes',
+    'OAUTH2_VALIDATOR_CLASS': "permission.scopes.PermissionOAuth2Validator",
+    'REFRESH_TOKEN_EXPIRE_SECONDS': timedelta(days=14),
 }
 
 # Take control on how widget templates are sourced

note_kfet/static/js/base.js

@@ -7,8 +7,8 @@
  * @returns {string}
  */
 function pretty_money (value) {
-  if (value % 100 === 0) { return (value < 0 ? '- ' : '') + Math.round(Math.abs(value) / 100) + ' €' } else {
-    return (value < 0 ? '- ' : '') + Math.round(Math.abs(value) / 100) + '.' +
+  if (value % 100 === 0) { return (value < 0 ? '- ' : '') + Math.floor(Math.abs(value) / 100) + ' €' } else {
+    return (value < 0 ? '- ' : '') + Math.floor(Math.abs(value) / 100) + '.' +
             (Math.abs(value) % 100 < 10 ? '0' : '') + (Math.abs(value) % 100) + ' €'
   }
 }
@@ -96,7 +96,11 @@ function displayStyle (note) {
   if (!note) { return '' }
   const balance = note.balance
   var css = ''
-  if (balance < -5000) { css += ' text-danger bg-dark' } else if (balance < -1000) { css += ' text-danger' } else if (balance < 0) { css += ' text-warning' } else if (!note.email_confirmed) { css += ' text-white bg-primary' } else if (!note.is_active || (note.membership && note.membership.date_end < new Date().toISOString())) { css += 'text-white bg-info' }
+  if (balance < -5000) { css += ' text-danger bg-dark' } 
+  else if (balance < -1000) { css += ' text-danger' } 
+  else if (balance < 0) { css += ' text-warning' }
+  if (!note.email_confirmed) { css += ' bg-primary' }
+  else if (!note.is_active || (note.membership && note.membership.date_end < new Date().toISOString())) { css += ' bg-info' }
   return css
 }
 
@@ -377,11 +381,11 @@ function de_validate (id, validated, resourcetype) {
  * @param callback Function to call
  * @param wait Debounced milliseconds
  */
-function debounce (callback, wait) {
-  let timeout
+let debounce_timeout
+function debounce (callback, wait=500) {
   return (...args) => {
     const context = this
-    clearTimeout(timeout)
-    timeout = setTimeout(() => callback.apply(context, args), wait)
+    clearTimeout(debounce_timeout)
+    debounce_timeout = setTimeout(() => callback.apply(context, args), wait)
   }
 }

note_kfet/templates/base.html

@@ -33,8 +33,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
     <script src="{% static "jquery/jquery.min.js" %}"></script>
     <script src="{% static "popper.js/umd/popper.min.js" %}"></script>
     <script src="{% static "bootstrap4/js/bootstrap.min.js" %}"></script>
-    <script src="https://cdnjs.cloudflare.com/ajax/libs/turbolinks/5.2.0/turbolinks.js"
-            crossorigin="anonymous"></script>
+    <script src="{% static "js/turbolinks.js" %}"></script>
     <script src="{% static "js/base.js" %}"></script>
     <script src="{% static "js/konami.js" %}"></script>
 
@@ -193,6 +192,8 @@ SPDX-License-Identifier: GPL-3.0-or-later
                     <span class="text-muted mr-1">
                         <a href="mailto:{{ "CONTACT_EMAIL" | getenv }}"
                            class="text-muted">{% trans "Contact us" %}</a> &mdash;
+                        <a href="mailto:{{ "SUPPORT_EMAIL" | getenv }}"
+                           class="text-muted">{% trans "Technical Support" %}</a> &mdash;
                     </span>
                     {% csrf_token %}
                     <select title="language" name="language"

note_kfet/urls.py

@@ -35,8 +35,9 @@ urlpatterns = [
     path('coffee/', include('django_htcpcp_tea.urls')),
 ]
 
-# During development, serve media files
+# During development, serve static and media files
 if settings.DEBUG:
+    urlpatterns += static(settings.STATIC_URL, document_root=settings.STATIC_ROOT)
     urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
 
 if "oauth2_provider" in settings.INSTALLED_APPS:

requirements.txt

@@ -4,14 +4,14 @@ django-bootstrap-datepicker-plus~=3.0.5
 django-cas-server~=1.2.0
 django-colorfield~=0.3.2
 django-crispy-forms~=1.7.2
-django-extensions~=2.1.4
-django-filter~=2.1.0
+django-extensions>=2.1.4
+django-filter~=2.1
 django-htcpcp-tea~=0.3.1
 django-mailer~=2.0.1
 django-oauth-toolkit~=1.3.3
 django-phonenumber-field~=5.0.0
-django-polymorphic~=2.0.3
-djangorestframework~=3.9.0
+django-polymorphic>=2.0.3,<3.0.0
+djangorestframework>=3.9.0,<3.13.0
 django-rest-polymorphic~=0.1.9
 django-tables2~=2.3.1
 python-memcached~=1.59