linters

OIDC 0 Quark 1
oidc
2025-06-24 11:18:46 +02:00 · 2025-06-17 11:46:33 +02:00 · 2025-06-17 00:38:11 +02:00 · 2025-06-14 18:01:42 +02:00 · 2025-06-12 18:48:29 +02:00
10 changed files with 41 additions and 83 deletions
--- a/apps/activity/migrations/0007_alter_guest_activity.py
+++ b/apps/activity/migrations/0007_alter_guest_activity.py
@ -1,19 +0,0 @@
 # Generated by Django 4.2.20 on 2025-05-08 19:07
 from django.db import migrations, models
 import django.db.models.deletion
 class Migration(migrations.Migration):
    dependencies = [
        ('activity', '0006_guest_school'),
    ]
    operations = [
        migrations.AlterField(
            model_name='guest',
            name='activity',
            field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='+', to='activity.activity'),
        ),
    ]
--- a/apps/activity/models.py
+++ b/apps/activity/models.py
@ -234,7 +234,7 @@ class Guest(models.Model):
    """
    activity = models.ForeignKey(
        Activity,
-        on_delete=models.CASCADE,
+        on_delete=models.PROTECT,
        related_name='+',
    )
--- a/apps/activity/templates/activity/activity_detail.html
+++ b/apps/activity/templates/activity/activity_detail.html
@ -95,23 +95,5 @@ SPDX-License-Identifier: GPL-3.0-or-later
            errMsg(xhr.responseJSON);
        });
    });
    $("#delete_activity").click(function () {
        if (!confirm("{% trans 'Are you sure you want to delete this activity?' %}")) {
            return;
        }
        $.ajax({
            url: "/api/activity/activity/{{ activity.pk }}/",
            type: "DELETE",
            headers: {
                "X-CSRFTOKEN": CSRF_TOKEN
            }
        }).done(function () {
            addMsg("{% trans 'Activity deleted' %}", "success");
            window.location.href = "/activity/";  // Redirige vers la liste des activités
        }).fail(function (xhr) {
            errMsg(xhr.responseJSON);
        });
    });
 </script>
 {% endblock %}
--- a/apps/activity/templates/activity/includes/activity_info.html
+++ b/apps/activity/templates/activity/includes/activity_info.html
@ -70,10 +70,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
            {% if ".change_"|has_perm:activity %}
                <a class="btn btn-primary btn-sm my-1" href="{% url 'activity:activity_update' pk=activity.pk %}" data-turbolinks="false"> {% trans "edit"|capfirst %}</a>
            {% endif %}
-            {% if not activity.valid and ".delete_"|has_perm:activity %}
+            {% if activity.activity_type.can_invite and not activity_started %}
                <a class="btn btn-danger btn-sm my-1" id="delete_activity"> {% trans "delete"|capfirst %} </a>
            {% endif %}
            {% if activity.activity_type.can_invite and not activity_started and activity.valid %}
                <a class="btn btn-primary btn-sm my-1" href="{% url 'activity:activity_invite' pk=activity.pk %}" data-turbolinks="false"> {% trans "Invite" %}</a>
            {% endif %}
        {% endif %}
--- a/apps/activity/urls.py
+++ b/apps/activity/urls.py
@ -15,5 +15,4 @@ urlpatterns = [
    path('<int:pk>/update/', views.ActivityUpdateView.as_view(), name='activity_update'),
    path('new/', views.ActivityCreateView.as_view(), name='activity_create'),
    path('calendar.ics', views.CalendarView.as_view(), name='calendar_ics'),
    path('<int:pk>/delete', views.ActivityDeleteView.as_view(), name='delete_activity'),
 ]
--- a/apps/activity/views.py
+++ b/apps/activity/views.py
@ -9,7 +9,7 @@ from django.contrib.contenttypes.models import ContentType
 from django.core.exceptions import PermissionDenied
 from django.db import transaction
 from django.db.models import F, Q
-from django.http import HttpResponse, JsonResponse
+from django.http import HttpResponse
 from django.urls import reverse_lazy
 from django.utils import timezone
 from django.utils.decorators import method_decorator
@ -153,34 +153,6 @@ class ActivityUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):
        return reverse_lazy('activity:activity_detail', kwargs={"pk": self.kwargs["pk"]})
 class ActivityDeleteView(View):
    """
    Deletes an Activity
    """
    def delete(self, request, pk):
        try:
            activity = Activity.objects.get(pk=pk)
            activity.delete()
            return JsonResponse({"message": "Activity deleted"})
        except Activity.DoesNotExist:
            return JsonResponse({"error": "Activity not found"}, status=404)
    def dispatch(self, *args, **kwargs):
        """
        Don't display the delete button if the user has no right to delete.
        """
        if not self.request.user.is_authenticated:
            return self.handle_no_permission()
        activity = Activity.objects.get(pk=self.kwargs["pk"])
        if not PermissionBackend.check_perm(self.request, "activity.delete_activity", activity):
            raise PermissionDenied(_("You are not allowed to delete this activity."))
        if activity.valid:
            raise PermissionDenied(_("This activity is valid."))
        return super().dispatch(*args, **kwargs)
 class ActivityInviteView(ProtectQuerysetMixin, ProtectedCreateView):
    """
    Invite a Guest, The rules to invites someone are defined in `forms:activity.GuestForm`
--- a/apps/food/views.py
+++ b/apps/food/views.py
@ -63,7 +63,8 @@ class FoodListView(ProtectQuerysetMixin, LoginRequiredMixin, MultiTableMixin, Li
            valid_regex = is_regex(pattern)
            suffix = '__iregex' if valid_regex else '__istartswith'
            prefix = '^' if valid_regex else ''
-            qs = qs.filter(Q(**{f'name{suffix}': prefix + pattern}))
+            qs = qs.filter(Q(**{f'name{suffix}': prefix + pattern})
                           | Q(**{f'owner__name{suffix}': prefix + pattern}))
        else:
            qs = qs.none()
        search_table = qs.filter(PermissionBackend.filter_queryset(self.request, Food, 'view'))
--- a/apps/permission/scopes.py
+++ b/apps/permission/scopes.py
@ -1,8 +1,10 @@
 # Copyright (C) 2018-2025 by BDE ENS Paris-Saclay
 # SPDX-License-Identifier: GPL-3.0-or-later
 from oauth2_provider.oauth2_validators import OAuth2Validator
 from oauth2_provider.scopes import BaseScopes
 from member.models import Club
 from note.models import Alias
 from note_kfet.middlewares import get_current_request
 from .backends import PermissionBackend
@ -17,25 +19,46 @@ class PermissionScopes(BaseScopes):
    """
    def get_all_scopes(self):
-        return {f"{p.id}_{club.id}": f"{p.description} (club {club.name})"
+        scopes = {f"{p.id}_{club.id}": f"{p.description} (club {club.name})"
-                for p in Permission.objects.all() for club in Club.objects.all()}
+                  for p in Permission.objects.all() for club in Club.objects.all()}
        scopes['openid'] = "OpenID Connect"
        return scopes
    def get_available_scopes(self, application=None, request=None, *args, **kwargs):
        if not application:
            return []
-        return [f"{p.id}_{p.membership.club.id}"
+        scopes = [f"{p.id}_{p.membership.club.id}"
-                for t in Permission.PERMISSION_TYPES
+                  for t in Permission.PERMISSION_TYPES
-                for p in PermissionBackend.get_raw_permissions(get_current_request(), t[0])]
+                  for p in PermissionBackend.get_raw_permissions(get_current_request(), t[0])]
        scopes.append('openid')
        return scopes
    def get_default_scopes(self, application=None, request=None, *args, **kwargs):
        if not application:
            return []
-        return [f"{p.id}_{p.membership.club.id}"
+        scopes = [f"{p.id}_{p.membership.club.id}"
-                for p in PermissionBackend.get_raw_permissions(get_current_request(), 'view')]
+                  for p in PermissionBackend.get_raw_permissions(get_current_request(), 'view')]
        scopes.append('openid')
        return scopes
 class PermissionOAuth2Validator(OAuth2Validator):
-    oidc_claim_scope = None  # fix breaking change of django-oauth-toolkit 2.0.0
+    oidc_claim_scope = OAuth2Validator.oidc_claim_scope
    oidc_claim_scope.update({"name": 'openid',
                             "normalized_name": 'openid',
                             "email": 'openid',
                             })
    def get_additional_claims(self, request):
        return {
            "name": request.user.username,
            "normalized_name": Alias.normalize(request.user.username),
            "email": request.user.email,
        }
    def get_discovery_claims(self, request):
        claims = super().get_discovery_claims(self)
        return claims + ["name", "normalized_name", "email"]
    def validate_scopes(self, client_id, scopes, client, request, *args, **kwargs):
        """
@ -54,6 +77,8 @@ class PermissionOAuth2Validator(OAuth2Validator):
                if scope in scopes:
                    valid_scopes.add(scope)
-        request.scopes = valid_scopes
+        if 'openid' in scopes:
            valid_scopes.add('openid')
        request.scopes = valid_scopes
        return valid_scopes
--- a/apps/permission/signals.py
+++ b/apps/permission/signals.py
@ -19,6 +19,7 @@ EXCLUDED = [
    'oauth2_provider.accesstoken',
    'oauth2_provider.grant',
    'oauth2_provider.refreshtoken',
    'oauth2_provider.idtoken',
    'sessions.session',
 ]
--- a/apps/permission/views.py
+++ b/apps/permission/views.py
@ -171,7 +171,7 @@ class ScopesView(LoginRequiredMixin, TemplateView):
            available_scopes = scopes.get_available_scopes(app)
            context["scopes"][app] = OrderedDict()
            items = [(k, v) for (k, v) in all_scopes.items() if k in available_scopes]
-            items.sort(key=lambda x: (int(x[0].split("_")[1]), int(x[0].split("_")[0])))
+            # items.sort(key=lambda x: (int(x[0].split("_")[1]), int(x[0].split("_")[0])))
            for k, v in items:
                context["scopes"][app][k] = v
Author	SHA1	Message	Date
quark	df0d886db9	linters	2025-06-17 11:46:33 +02:00
quark	092cc37320	OIDC 0 Quark 1	2025-06-17 00:38:11 +02:00
quark	d71105976f	oidc	2025-06-14 18:01:42 +02:00
quark	89cc03141b	allow search with club name	2025-06-12 18:48:29 +02:00