Merge branch 'nix-shell' into 'main'

Nix shell

See merge request bde/nk20!201

.gitignore

@@ -48,7 +48,6 @@ backups/
 env/
 venv/
 db.sqlite3
-shell.nix
 
 # ansibles customs host
 ansible/host_vars/*.yaml

README.md

@@ -58,13 +58,7 @@ Bien que cela permette de créer une instance sur toutes les distributions,
     (env)$ ./manage.py createsuperuser  # Création d'un⋅e utilisateur⋅rice initial
     ```
 
-6. (Optionnel) **Création d'une clé privée OpenID Connect**
+6.  Enjoy :
-
-Pour activer le support d'OpenID Connect, il faut générer une clé privée, par
-exemple avec openssl (`openssl genrsa -out oidc.key 4096`), et renseigner son
-emplacement dans `OIDC_RSA_PRIVATE_KEY` (par défaut `/var/secrets/oidc.key`).
-
-7.  Enjoy :
 
     ```bash
     (env)$ ./manage.py runserver 0.0.0.0:8000
@@ -234,13 +228,7 @@ Sinon vous pouvez suivre les étapes décrites ci-dessous.
         (env)$ ./manage.py check # pas de bêtise qui traine
         (env)$ ./manage.py migrate
 
-7. **Création d'une clé privée OpenID Connect**
+7.  *Enjoy \o/*
-
-Pour activer le support d'OpenID Connect, il faut générer une clé privée, par
-exemple avec openssl (`openssl genrsa -out oidc.key 4096`), et renseigner son
-emplacement dans `OIDC_RSA_PRIVATE_KEY` (par défaut `/var/secrets/oidc.key`).
-
-8.  *Enjoy \o/*
 
 ### Installation avec Docker
 

apps/activity/admin.py

@@ -35,7 +35,7 @@ class GuestAdmin(admin.ModelAdmin):
     """
     Admin customisation for Guest
     """
-    list_display = ('last_name', 'first_name', 'school', 'activity', 'inviter')
+    list_display = ('last_name', 'first_name', 'activity', 'inviter')
     form = GuestForm
 
 

apps/activity/api/views.py

@@ -51,9 +51,9 @@ class GuestViewSet(ReadProtectedModelViewSet):
     queryset = Guest.objects.order_by('id')
     serializer_class = GuestSerializer
     filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
-    filterset_fields = ['activity', 'activity__name', 'last_name', 'first_name', 'school', 'inviter', 'inviter__alias__name',
+    filterset_fields = ['activity', 'activity__name', 'last_name', 'first_name', 'inviter', 'inviter__alias__name',
                         'inviter__alias__normalized_name', ]
-    search_fields = ['$activity__name', '$last_name', '$first_name', '$school', '$inviter__user__email', '$inviter__alias__name',
+    search_fields = ['$activity__name', '$last_name', '$first_name', '$inviter__user__email', '$inviter__alias__name',
                      '$inviter__alias__normalized_name', ]
 
 

apps/activity/forms.py

@@ -107,7 +107,7 @@ class GuestForm(forms.ModelForm):
 
     class Meta:
         model = Guest
-        fields = ('last_name', 'first_name', 'school', 'inviter', )
+        fields = ('last_name', 'first_name', 'inviter', )
         widgets = {
             "inviter": Autocomplete(
                 NoteUser,

apps/activity/migrations/0006_guest_school.py

@@ -1,18 +0,0 @@
-# Generated by Django 4.2.20 on 2025-03-25 09:58
-
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-    dependencies = [
-        ("activity", "0005_alter_opener_options_alter_opener_opener"),
-    ]
-
-    operations = [
-        migrations.AddField(
-            model_name="guest",
-            name="school",
-            field=models.CharField(default="", max_length=255, verbose_name="school"),
-            preserve_default=False,
-        ),
-    ]

apps/activity/models.py

@@ -247,11 +247,6 @@ class Guest(models.Model):
         verbose_name=_("first name"),
     )
 
-    school = models.CharField(
-        max_length=255,
-        verbose_name=_("school"),
-    )
-
     inviter = models.ForeignKey(
         NoteUser,
         on_delete=models.PROTECT,

apps/activity/tables.py

@@ -51,7 +51,7 @@ class GuestTable(tables.Table):
         }
         model = Guest
         template_name = 'django_tables2/bootstrap4.html'
-        fields = ("last_name", "first_name", "inviter", "school")
+        fields = ("last_name", "first_name", "inviter", )
 
     def render_entry(self, record):
         if record.has_entry:

apps/activity/tests/test_activities.py

@@ -50,7 +50,6 @@ class TestActivities(TestCase):
             inviter=self.user.note,
             last_name="GUEST",
             first_name="Guest",
-            school="School",
         )
 
     def test_activity_list(self):
@@ -157,7 +156,6 @@ class TestActivities(TestCase):
             inviter=self.user.note.id,
             last_name="GUEST2",
             first_name="Guest",
-            school="School",
         ))
         self.assertEqual(response.status_code, 200)
 
@@ -169,7 +167,6 @@ class TestActivities(TestCase):
             inviter=self.user.note.id,
             last_name="GUEST2",
             first_name="Guest",
-            school="School",
         ))
         self.assertRedirects(response, reverse("activity:activity_detail", args=(self.activity.pk,)), 302, 200)
 
@@ -203,7 +200,6 @@ class TestActivityAPI(TestAPI):
             inviter=self.user.note,
             last_name="GUEST",
             first_name="Guest",
-            school="School",
         )
 
         self.entry = Entry.objects.create(

apps/activity/views.py

@@ -168,7 +168,6 @@ class ActivityInviteView(ProtectQuerysetMixin, ProtectedCreateView):
             activity=activity,
             first_name="",
             last_name="",
-            school="",
             inviter=self.request.user.note,
         )
 

apps/treasury/migrations/0010_alter_invoice_bde.py

@@ -1,18 +0,0 @@
-# Generated by Django 4.2.20 on 2025-04-14 20:21
-
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('treasury', '0009_alter_sogecredit_transactions'),
-    ]
-
-    operations = [
-        migrations.AlterField(
-            model_name='invoice',
-            name='bde',
-            field=models.CharField(choices=[('Diolistos', 'Diol[list]os'), ('RavePartlist', 'RavePart[list]'), ('SecretStorlist', 'SecretStor[list]'), ('TotalistSpies', 'Tota[list]Spies'), ('Saperlistpopette', 'Saper[list]popette'), ('Finalist', 'Fina[list]'), ('Listorique', '[List]orique'), ('Satellist', 'Satel[list]'), ('Monopolist', 'Monopo[list]'), ('Kataclist', 'Katac[list]')], default='Diolistos', max_length=32, verbose_name='BDE'),
-        ),
-    ]

apps/treasury/models.py

@@ -27,9 +27,8 @@ class Invoice(models.Model):
 
     bde = models.CharField(
         max_length=32,
-        default='Diolistos',
+        default='RavePartlist',
         choices=(
-            ('Diolistos', 'Diol[list]os'),
             ('RavePartlist', 'RavePart[list]'),
             ('SecretStorlist', 'SecretStor[list]'),
             ('TotalistSpies', 'Tota[list]Spies'),

docs/apps/activity.rst

@@ -55,7 +55,6 @@ Les adhérent⋅es ont la possibilité d'inviter des ami⋅es. Pour cela, les di
 * Activité concernée (clé étrangère)
 * Nom de famille
 * Prénom
-* École
 * Note de la personne ayant invité
 
 Certaines contraintes s'appliquent :

docs/external_services/oauth2.rst

@@ -43,11 +43,6 @@ On a ensuite besoin de définir nos propres scopes afin d'avoir des permissions
        'SCOPES_BACKEND_CLASS': 'permission.scopes.PermissionScopes',
        'OAUTH2_VALIDATOR_CLASS': "permission.scopes.PermissionOAuth2Validator",
        'REFRESH_TOKEN_EXPIRE_SECONDS': timedelta(days=14),
-       'PKCE_REQUIRED': False,
-       'OIDC_ENABLED': True,
-       'OIDC_RSA_PRIVATE_KEY':
-           os.getenv('OIDC_RSA_PRIVATE_KEY', '/var/secrets/oidc.key'),
-       'SCOPES': { 'openid': "OpenID Connect scope" },
    }
 
 Cela a pour effet d'avoir des scopes sous la forme ``PERMISSION_CLUB``,
@@ -62,14 +57,6 @@ On ajoute enfin les routes dans ``urls.py`` :
         path('o/', include('oauth2_provider.urls', namespace='oauth2_provider'))
     )
 
-Enfin pour utiliser OIDC, il faut générer une clé privé que l'on va, par défaut,
-mettre dans `/var/secrets/oidc.key` :
-
-.. code:: bash
-
-   cd /var/secrets/
-   openssl genrsa -out oidc.key 4096
-
 L'OAuth2 est désormais prêt à être utilisé.
 
 

docs/install.rst

@@ -227,22 +227,6 @@ En production, ce fichier contient :
    )
 
 
-Génération d'une clé privé pour OIDC
-------------------------------------
-
-Pour pouvoir proposer le service de connexion Openid Connect (OIDC) par OAuth2, il y a
-besoin d'une clé privé. Par défaut, elle est cherché dans le fichier `/var/secrets/oidc.key`
-(sinon, il faut modifier l'emplacement dans les fichiers de configurations).
-
-Pour générer la clé, il faut aller dans le dossier `/var/secrets` (à créer, si nécessaire) puis
-utiliser la commande de génération :
-
-.. code:: bash
-
-   cd /var/secrets
-   openssl genrsa -out oidc.key 4096
-
-
 Configuration des tâches récurrentes
 ------------------------------------
 

locale/fr/LC_MESSAGES/django.po

@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2025-03-25 11:16+0100\n"
+"POT-Creation-Date: 2025-03-13 21:08+0100\n"
 "PO-Revision-Date: 2022-04-11 22:05+0200\n"
 "Last-Translator: bleizi <bleizi@crans.org>\n"
 "Language-Team: French <http://translate.ynerant.fr/projects/nk20/nk20/fr/>\n"
@@ -25,7 +25,7 @@ msgid "This opener already exists"
 msgstr "Cette amitié existe déjà"
 
 #: apps/activity/apps.py:10 apps/activity/models.py:129
-#: apps/activity/models.py:169 apps/activity/models.py:328
+#: apps/activity/models.py:169 apps/activity/models.py:323
 msgid "activity"
 msgstr "activité"
 
@@ -37,24 +37,24 @@ msgstr "La note du club est inactive."
 msgid "The end date must be after the start date."
 msgstr "La date de fin doit être après celle de début."
 
-#: apps/activity/forms.py:83 apps/activity/models.py:276
+#: apps/activity/forms.py:83 apps/activity/models.py:271
 msgid "You can't invite someone once the activity is started."
 msgstr ""
 "Vous ne pouvez pas inviter quelqu'un une fois que l'activité a démarré."
 
-#: apps/activity/forms.py:86 apps/activity/models.py:279
+#: apps/activity/forms.py:86 apps/activity/models.py:274
 msgid "This activity is not validated yet."
 msgstr "Cette activité n'est pas encore validée."
 
-#: apps/activity/forms.py:96 apps/activity/models.py:287
+#: apps/activity/forms.py:96 apps/activity/models.py:282
 msgid "This person has been already invited 5 times this year."
 msgstr "Cette personne a déjà été invitée 5 fois cette année."
 
-#: apps/activity/forms.py:100 apps/activity/models.py:291
+#: apps/activity/forms.py:100 apps/activity/models.py:286
 msgid "This person is already invited."
 msgstr "Cette personne est déjà invitée."
 
-#: apps/activity/forms.py:104 apps/activity/models.py:295
+#: apps/activity/forms.py:104 apps/activity/models.py:290
 msgid "You can't invite more than 3 people to this activity."
 msgstr "Vous ne pouvez pas inviter plus de 3 personnes à cette activité."
 
@@ -228,36 +228,32 @@ msgstr "nom de famille"
 msgid "first name"
 msgstr "prénom"
 
-#: apps/activity/models.py:252
+#: apps/activity/models.py:254
-msgid "school"
-msgstr "école"
-
-#: apps/activity/models.py:259
 msgid "inviter"
 msgstr "hôte"
 
-#: apps/activity/models.py:263
+#: apps/activity/models.py:258
 msgid "guest"
 msgstr "invité·e"
 
-#: apps/activity/models.py:264
+#: apps/activity/models.py:259
 msgid "guests"
 msgstr "invité·e·s"
 
-#: apps/activity/models.py:317
+#: apps/activity/models.py:312
 msgid "Invitation"
 msgstr "Invitation"
 
-#: apps/activity/models.py:335 apps/activity/models.py:339
+#: apps/activity/models.py:330 apps/activity/models.py:334
 msgid "Opener"
 msgstr "Ouvreur⋅se"
 
-#: apps/activity/models.py:340
+#: apps/activity/models.py:335
 #: apps/activity/templates/activity/activity_detail.html:16
 msgid "Openers"
 msgstr "Ouvreur⋅ses"
 
-#: apps/activity/models.py:344
+#: apps/activity/models.py:339
 #, fuzzy, python-brace-format
 #| msgid "Entry for {note} to the activity {activity}"
 msgid "{opener} is opener of activity {acivity}"
@@ -467,25 +463,25 @@ msgstr "Détails de l'activité"
 msgid "Update activity"
 msgstr "Modifier l'activité"
 
-#: apps/activity/views.py:178
+#: apps/activity/views.py:177
 msgid "Invite guest to the activity \"{}\""
 msgstr "Invitation pour l'activité « {} »"
 
-#: apps/activity/views.py:218
+#: apps/activity/views.py:217
 msgid "You are not allowed to display the entry interface for this activity."
 msgstr ""
 "Vous n'êtes pas autorisé·e à afficher l'interface des entrées pour cette "
 "activité."
 
-#: apps/activity/views.py:221
+#: apps/activity/views.py:220
 msgid "This activity does not support activity entries."
 msgstr "Cette activité ne requiert pas d'entrées."
 
-#: apps/activity/views.py:224
+#: apps/activity/views.py:223
 msgid "This activity is closed."
 msgstr "Cette activité est fermée."
 
-#: apps/activity/views.py:329
+#: apps/activity/views.py:328
 msgid "Entry for activity \"{}\""
 msgstr "Entrées pour l'activité « {} »"
 
@@ -1993,6 +1989,10 @@ msgstr "Historique des transactions récentes"
 #: apps/note/templates/note/mails/weekly_report.txt:32
 #: apps/registration/templates/registration/mails/email_validation_email.html:40
 #: apps/registration/templates/registration/mails/email_validation_email.txt:16
+#: apps/scripts/templates/scripts/horaires.html:35
+#: apps/scripts/templates/scripts/horaires.txt:17
+#: apps/scripts/templates/scripts/intro_mail.html:49
+#: apps/scripts/templates/scripts/intro_mail.txt:25
 msgid "Mail generated by the Note Kfet on the"
 msgstr "Mail généré par la Note Kfet le"
 

note_kfet/settings/base.py

@@ -268,10 +268,6 @@ OAUTH2_PROVIDER = {
     'OAUTH2_VALIDATOR_CLASS': "permission.scopes.PermissionOAuth2Validator",
     'REFRESH_TOKEN_EXPIRE_SECONDS': timedelta(days=14),
     'PKCE_REQUIRED': False, # PKCE (fix a breaking change of django-oauth-toolkit 2.0.0)
-    'OIDC_ENABLED': True,
-    'OIDC_RSA_PRIVATE_KEY':
-        os.getenv('OIDC_RSA_PRIVATE_KEY', '/var/secrets/oidc.key'),
-    'SCOPES': { 'openid': "OpenID Connect scope" },
 }
 
 # Take control on how widget templates are sourced

shell-static.nix

@@ -0,0 +1,34 @@
+# This is a workaround meant for use with the nix package manager. If you don't know what it is or don't use it, please ignore this file.
+# 
+# The nk20 javascript static location are hardcoded for imperative system.
+# This make ./manage.py collectstatic hard to use with nixos.
+# 
+# A workaround is to enter a FHSUserEnv with the static placed under /share/javascript/<static>.
+# This emulate a debian like system and enable collecting static normally with ./manage.py collectstatics.
+# The regular shell.nix should be enough for other configurations.
+#
+# Warning, you are still supposed to use pip package with a venv !
+{ pkgs ? import <nixpkgs> {} }:
+(pkgs.buildFHSUserEnv {
+  name = "pipzone";
+  targetPkgs = pkgs: (with pkgs;
+  let
+    fhs-static = stdenv.mkDerivation {
+      name = "fhs-static";
+      buildCommand = ''
+      mkdir -p $out/share/javascript/bootstrap4
+      mkdir -p $out/share/javascript/jquery
+      ln -s ${python39Packages.xstatic-bootstrap}/lib/python3.9/site-packages/xstatic/pkg/bootstrap/data/* $out/share/javascript/bootstrap4
+      ln -s ${python39Packages.xstatic-jquery}/lib/python3.9/site-packages/xstatic/pkg/jquery/data/* $out/share/javascript/jquery
+    '';
+    };
+  in [
+    fhs-static
+    python39
+    gettext
+    python39Packages.pip
+    python39Packages.virtualenv
+    python39Packages.setuptools
+  ]);
+  runScript = "bash";
+}).env

shell.nix

@@ -0,0 +1,23 @@
+# This is meant for use with the nix package manager. If you don't know what it is or don't use it, please ignore this file.
+#
+# This shell.nix contains all dependencies require to create a venv and pip install -r requirements.txt.
+#
+# Please check shell-static.nix for running ./manage.py collectstatics.
+{ pkgs ? import <nixpkgs> {} }:
+pkgs.mkShell {
+  buildInputs = with pkgs; [
+    python39
+    python39Packages.pip
+    python39Packages.setuptools
+    gettext
+
+  ];
+  shellHook = ''
+    # Tells pip to put packages into $PIP_PREFIX instead of the usual locations.
+    # See https://pip.pypa.io/en/stable/user_guide/#environment-variables.
+    export PIP_PREFIX=$(pwd)/_build/pip_packages
+    export PYTHONPATH="$PIP_PREFIX/${pkgs.python39.sitePackages}:$PYTHONPATH"
+    export PATH="$PIP_PREFIX/bin:$PATH"
+    unset SOURCE_DATE_EPOCH
+  '';
+}