mirror of
				https://gitlab.crans.org/bde/nk20
				synced 2025-10-25 06:13:07 +02:00 
			
		
		
		
	Compare commits
	
		
			269 Commits
		
	
	
		
			v1.0.0
			...
			43d214b982
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 43d214b982 | |||
| b93e4a8d11 | |||
| b9a9704061 | |||
| fee52f326a | |||
| 317966d5c1 | |||
| 9f0a22d3d1 | |||
| a5ecdd100c | |||
| f60691846b | |||
| d5ecb72a71 | |||
| 8cf9dfb9b9 | |||
| c3ab61bd04 | |||
| 0b4b6dcb3e | |||
| 0d5f6c0332 | |||
| 7b28938cde | |||
| 35ffb36fbd | |||
|  | c4c4e9594f | ||
|  | 4166823d55 | ||
|  | dc0f3dbcef | ||
|  | b3abe9ab18 | ||
|  | 27f23b48b6 | ||
|  | 67e170d4a6 | ||
|  | 8f895dc4d7 | ||
|  | 1187577728 | ||
|  | 8a58af3b31 | ||
|  | 0c23625147 | ||
|  | 21219b9c62 | ||
|  | 5ab8beecef | ||
|  | 1ca5133026 | ||
|  | 93bc6bb245 | ||
|  | 952c4383e7 | ||
| 15dd2b8f0c | |||
| c540b6334c | |||
| 0b93968b9e | |||
| 97375ef6c0 | |||
| 36cfcd533f | |||
| 21dbc53615 | |||
| e6f10ebdac | |||
| 47968844ce | |||
| a435460e29 | |||
| b7c4360108 | |||
|  | 8d8c417c50 | ||
| 2b189af25b | |||
| 5a07c8a94f | |||
| 6cc1857eb6 | |||
| 601534d610 | |||
| c271593839 | |||
| f351794aa0 | |||
| 2793fee58c | |||
| 7a715df121 | |||
| 9308878054 | |||
| b5ccf5b800 | |||
| 5e63254439 | |||
| da96506218 | |||
| b4714b896a | |||
| cdb2647a4d | |||
| cc12e3ec63 | |||
| be168c5ada | |||
| b46ae6f856 | |||
| ec0bcbf015 | |||
| 81303b8ef8 | |||
| 910b98fefc | |||
| 5a7a219ba8 | |||
| 116451603c | |||
| b2437ef9b5 | |||
| d8c9618772 | |||
| c825dee95a | |||
| 73d27e820b | |||
| 40e1b42078 | |||
| 72806f0ace | |||
| b244e01231 | |||
| 76d1784aea | |||
| 56c5fa4057 | |||
| b5ef937a03 | |||
| e95a8b6e18 | |||
| 635adf1360 | |||
| d5a9bf175f | |||
| b597a6ac5b | |||
|  | a704b92c3d | ||
| 53090b1a21 | |||
| c49af0b83a | |||
| 5a05997d9d | |||
|  | c109cd3ddd | ||
|  | 84304971d7 | ||
| b8b781f9a2 | |||
| 002128eed2 | |||
| 8d71783c42 | |||
|  | a6f23df7d5 | ||
|  | d9c97628e2 | ||
|  | 893534955d | ||
|  | dfbf9972c2 | ||
|  | b5f3b3ffc1 | ||
|  | 3aad4e7398 | ||
|  | b4a1b513cc | ||
| c0c64f225c | |||
|  | 9d8f47115c | ||
|  | f4156f1b94 | ||
|  | e60994e065 | ||
|  | 801f711994 | ||
|  | e4568b410f | ||
| c8f7986d5a | |||
|  | d3a9c442a5 | ||
|  | 016ab5a9c9 | ||
|  | 7866ab7ec0 | ||
|  | f570ff3cd5 | ||
|  | 6b2638c271 | ||
|  | 5cb4183e9f | ||
|  | 3a20555663 | ||
|  | 95be0042e9 | ||
|  | 48880e7fd3 | ||
|  | e0030771e4 | ||
|  | d47799e6ee | ||
|  | eae091625a | ||
|  | aceb77ffb9 | ||
|  | 338c94ed05 | ||
|  | 290848f904 | ||
|  | 72dca54bbf | ||
|  | 117d9da3ba | ||
|  | 37efebe85b | ||
|  | 3af2ec71b6 | ||
|  | 0b4a95525b | ||
|  | af664e481f | ||
|  | 0171f16311 | ||
|  | 296b94d237 | ||
|  | 4942553335 | ||
|  | c1efb87180 | ||
|  | 72eead8595 | ||
|  | ade7e583e5 | ||
| 4a8a101822 | |||
| dd2cfa6327 | |||
| 2adf84b7fc | |||
|  | 2f54e64ea2 | ||
|  | 8434c0062c | ||
|  | 6d976f32bf | ||
|  | b9d49d53f2 | ||
|  | 23243e09bb | ||
|  | 2682e9a610 | ||
|  | 5635598bbc | ||
|  | b58a0c43cd | ||
|  | e1f647bd02 | ||
|  | 39fd3a2471 | ||
|  | 1072e227b8 | ||
|  | cbf7e6fe6c | ||
|  | 950922d041 | ||
|  | 78fe070cd3 | ||
|  | 51d5733578 | ||
|  | 7bd895c1df | ||
|  | e5e94c52f2 | ||
|  | 051591cb7a | ||
|  | 0e7390b669 | ||
|  | fe4363b83d | ||
|  | 6e80016b38 | ||
|  | 08e50ffc22 | ||
|  | 9cb65277f3 | ||
|  | 224a0fdd8c | ||
|  | 6dc7604e90 | ||
|  | cb7f3c9f18 | ||
|  | f910feca9e | ||
|  | 91f784872c | ||
|  | b655135a42 | ||
|  | 58aa4983e3 | ||
|  | 6cc3cf4174 | ||
|  | 2097e67321 | ||
|  | d773303d18 | ||
|  | 3cabcf40e7 | ||
|  | bf29efda0a | ||
|  | ceccba0d71 | ||
|  | 3eced33082 | ||
|  | acb3fb4a91 | ||
|  | 1c5e951c2f | ||
|  | beb1853aef | ||
|  | 0078eb8f90 | ||
|  | e5e758f9d9 | ||
|  | 4a78328717 | ||
|  | 65a2e8c08c | ||
|  | b5fa428bad | ||
|  | fb72385773 | ||
|  | 2f68601e8b | ||
|  | 0b1bed8048 | ||
|  | 8ada0e51f2 | ||
|  | c3d613947f | ||
|  | 36b8157372 | ||
|  | 992cfe8e23 | ||
|  | 18a8ff1b8a | ||
|  | c61bb2e90d | ||
|  | 4b12e3ed08 | ||
|  | af07ed9807 | ||
|  | bbe53b3b63 | ||
|  | 536f0ec226 | ||
|  | 541ed59f40 | ||
|  | e172b4f4bb | ||
|  | d666179037 | ||
|  | f22e92132c | ||
|  | ca7ad05746 | ||
|  | f55ca2f725 | ||
|  | d4e4ed580f | ||
|  | 8756751344 | ||
|  | fd83fe19bf | ||
|  | a00d95608b | ||
|  | 3303edd01f | ||
|  | e48ef92137 | ||
|  | 919d0b7e85 | ||
|  | 439bf35b62 | ||
|  | 74b26335d1 | ||
|  | 3d733ed6af | ||
|  | d54ab94ceb | ||
|  | 4f188ca3e5 | ||
|  | 72bac75fbd | ||
|  | 6d54aae614 | ||
|  | 8052152ea5 | ||
|  | 70448db8e5 | ||
|  | ac2d1e8111 | ||
|  | 3ba61385a3 | ||
|  | 7353348d7a | ||
|  | f63e2e088e | ||
|  | 420a24ebac | ||
|  | d566def706 | ||
|  | eaf6769e8b | ||
|  | a61ec81cff | ||
|  | 60f2a73cc5 | ||
|  | bcd96b2ed8 | ||
|  | 5c702187e5 | ||
|  | 905d65371f | ||
|  | 180cd3e1ec | ||
|  | 73ca65aa91 | ||
|  | 5ed0560953 | ||
|  | dbc6fbbf71 | ||
|  | 872fd8f86d | ||
|  | f89234b69a | ||
|  | 36a980555b | ||
|  | 826cd4d87f | ||
|  | e8005a6c58 | ||
|  | 2270a0aa82 | ||
|  | 0f53ac45f7 | ||
|  | 670556c59e | ||
|  | 5b02ba48e0 | ||
|  | f3f18bc25e | ||
|  | 03124e124c | ||
|  | 6308964e93 | ||
|  | ed79097288 | ||
|  | d7eaef8cee | ||
|  | 01d405e54b | ||
|  | 80e3cba4c6 | ||
|  | f190053e84 | ||
|  | 218960adb5 | ||
|  | 88a1eae631 | ||
|  | 2a2ecb2acc | ||
|  | f5486bdb63 | ||
|  | 9b090a145c | ||
|  | 860c7b50e5 | ||
|  | afdc75c0bd | ||
|  | c6603e8aa7 | ||
|  | 72cc1638e6 | ||
|  | 6a0dc4cb10 | ||
|  | 0f1f3b9560 | ||
|  | c720e5483e | ||
|  | 0fd3e9db78 | ||
|  | c34296c923 | ||
|  | ce4c22a4a1 | ||
|  | 3e0f665ef8 | ||
|  | be8751c815 | ||
|  | 8225445c3e | ||
|  | f333e6a875 | ||
|  | e5835b46a5 | ||
|  | fe937405a6 | ||
|  | 0741c8ad2b | ||
|  | 3191dba31f | ||
|  | 428de69d93 | ||
|  | 0888afe439 | ||
|  | 3111c30e56 | 
| @@ -10,7 +10,6 @@ DJANGO_SECRET_KEY=CHANGE_ME | ||||
| DJANGO_SETTINGS_MODULE=note_kfet.settings | ||||
| CONTACT_EMAIL=tresorerie.bde@localhost | ||||
| NOTE_URL=localhost | ||||
| DOMAIN=localhost | ||||
|  | ||||
| # Config for mails. Only used in production | ||||
| NOTE_MAIL=notekfet@localhost | ||||
|   | ||||
							
								
								
									
										5
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										5
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							| @@ -47,3 +47,8 @@ backups/ | ||||
| env/ | ||||
| venv/ | ||||
| db.sqlite3 | ||||
|  | ||||
| # ansibles customs host | ||||
| ansible/host_vars/*.yaml | ||||
| !ansible/host_vars/bde* | ||||
| ansible/hosts | ||||
|   | ||||
| @@ -1,6 +1,7 @@ | ||||
| stages: | ||||
|   - test | ||||
|   - quality-assurance | ||||
|   - docs | ||||
|  | ||||
| # Also fetch submodules | ||||
| variables: | ||||
| @@ -16,8 +17,8 @@ py37-django22: | ||||
|         apt-get install --no-install-recommends -t buster-backports -y | ||||
|         python3-django python3-django-crispy-forms | ||||
|         python3-django-extensions python3-django-filters python3-django-polymorphic | ||||
|         python3-djangorestframework python3-django-cas-server python3-psycopg2 python3-pil | ||||
|         python3-babel python3-lockfile python3-pip python3-phonenumbers | ||||
|         python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil | ||||
|         python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache | ||||
|         python3-bs4 python3-setuptools tox texlive-xetex | ||||
|   script: tox -e py37-django22 | ||||
|  | ||||
| @@ -33,11 +34,26 @@ py38-django22: | ||||
|         apt-get install --no-install-recommends -y | ||||
|         python3-django python3-django-crispy-forms | ||||
|         python3-django-extensions python3-django-filters python3-django-polymorphic | ||||
|         python3-djangorestframework python3-django-cas-server python3-psycopg2 python3-pil | ||||
|         python3-babel python3-lockfile python3-pip python3-phonenumbers | ||||
|         python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil | ||||
|         python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache | ||||
|         python3-bs4 python3-setuptools tox texlive-xetex | ||||
|   script: tox -e py38-django22 | ||||
|  | ||||
| # Debian Bullseye | ||||
| py39-django22: | ||||
|   stage: test | ||||
|   image: debian:bullseye | ||||
|   before_script: | ||||
|     - > | ||||
|         apt-get update && | ||||
|         apt-get install --no-install-recommends -y | ||||
|         python3-django python3-django-crispy-forms | ||||
|         python3-django-extensions python3-django-filters python3-django-polymorphic | ||||
|         python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil | ||||
|         python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache | ||||
|         python3-bs4 python3-setuptools tox texlive-xetex | ||||
|   script: tox -e py39-django22 | ||||
|  | ||||
| linters: | ||||
|   stage: quality-assurance | ||||
|   image: debian:buster-backports | ||||
| @@ -47,3 +63,17 @@ linters: | ||||
|  | ||||
|   # Be nice to new contributors, but please use `tox` | ||||
|   allow_failure: true | ||||
|  | ||||
| # Compile documentation | ||||
| documentation: | ||||
|   stage: docs | ||||
|   image: sphinxdoc/sphinx | ||||
|   before_script: | ||||
|     - pip install sphinx-rtd-theme | ||||
|     - cd docs | ||||
|   script: | ||||
|     - make dirhtml | ||||
|   artifacts: | ||||
|     paths: | ||||
|       - docs/_build | ||||
|     expire_in: 1 day | ||||
|   | ||||
| @@ -8,8 +8,8 @@ RUN apt-get update && \ | ||||
|     apt-get install --no-install-recommends -t buster-backports -y \ | ||||
|     python3-django python3-django-crispy-forms \ | ||||
|     python3-django-extensions python3-django-filters python3-django-polymorphic \ | ||||
|     python3-djangorestframework python3-django-cas-server python3-psycopg2 python3-pil \ | ||||
|     python3-babel python3-lockfile python3-pip python3-phonenumbers ipython3 \ | ||||
|     python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil \ | ||||
|     python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache ipython3 \ | ||||
|     python3-bs4 python3-setuptools \ | ||||
|     uwsgi uwsgi-plugin-python3 \ | ||||
|     texlive-xetex gettext libjs-bootstrap4 fonts-font-awesome && \ | ||||
|   | ||||
							
								
								
									
										41
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										41
									
								
								README.md
									
									
									
									
									
								
							| @@ -69,13 +69,31 @@ accessible depuis l'ensemble de votre réseau, pratique pour tester le rendu | ||||
| de la note sur un téléphone ! | ||||
|  | ||||
| ## Installation d'une instance de production | ||||
| Pour déployer facilement la note il est possible d'utiliser le playbook Ansible (sinon vous pouvez toujours le faire a la main, voir plus bas). | ||||
| ### Avec ansible | ||||
| Il vous faudra un serveur sous debian ou ubuntu connecté à internet et que vous souhaiterez accéder à cette instance de la note sur `note.nomdedomaine.tld`. | ||||
|  | ||||
| 0. Installer Ansible sur votre machine personnelle. | ||||
|  | ||||
| 0. (bis) cloner le dépot sur votre machine personelle. | ||||
|  | ||||
| 1.  Copier le fichier `ansible/host_example` | ||||
| ``` bash | ||||
| $ cp ansible/hosts_example ansible/hosts | ||||
| ``` | ||||
| et ajouter sous [dev] et/ou [prod] les serveurs sur lesquels vous souhaitez installer la note. | ||||
| 2.  Créer un fichier `ansible/host_vars/<note.nomdedomaine.tld.yaml>` sur le modèle des fichiers existants dans `ansible/hosts` et compléter les variables nécessaires. | ||||
|  | ||||
| 3. lancer `ansible/base.yaml -l <nomdedomaine.tld.yaml>` | ||||
| 4. Aller vous faire un café, ca peux durer un moment. | ||||
|  | ||||
| ### Installation manuelle | ||||
|  | ||||
| **En production on souhaite absolument utiliser les modules Python packagées dans le gestionnaire de paquet.** | ||||
| Cela permet de mettre à jour facilement les dépendances critiques telles que Django. | ||||
|  | ||||
| L'installation d'une instance de production néccessite **une installation de Debian Buster ou d'Ubuntu 20.04**. | ||||
|  | ||||
| Pour aller vite vous pouvez lancer le Playbook Ansible fournit dans ce dépôt en l'adaptant. | ||||
| Sinon vous pouvez suivre les étapes décrites ci-dessous. | ||||
|  | ||||
| 0.  Sous Debian Buster, **activer Debian Backports.** En effet Django 2.2 LTS n'est que disponible dans les backports. | ||||
| @@ -93,10 +111,10 @@ Sinon vous pouvez suivre les étapes décrites ci-dessous. | ||||
|     $ sudo apt install --no-install-recommends -t buster-backports -y \ | ||||
|         python3-django python3-django-crispy-forms \ | ||||
|         python3-django-extensions python3-django-filters python3-django-polymorphic \ | ||||
|         python3-djangorestframework python3-django-cas-server python3-psycopg2 python3-pil \ | ||||
|         python3-babel python3-lockfile python3-pip python3-phonenumbers ipython3 \ | ||||
|         python3-bs4 python3-setuptools \ | ||||
|         uwsgi uwsgi-plugin-python3 \ | ||||
|         python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil \ | ||||
|         python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache ipython3 \ | ||||
|         python3-bs4 python3-setuptools python3-docutils \ | ||||
|         memcached uwsgi uwsgi-plugin-python3 \ | ||||
|         texlive-xetex gettext libjs-bootstrap4 fonts-font-awesome \ | ||||
|         nginx python3-venv git acl | ||||
|     ``` | ||||
| @@ -261,20 +279,25 @@ Le cahier des charges initial est disponible [sur le Wiki Crans](https://wiki.cr | ||||
| La documentation des classes et fonctions est directement dans le code et est explorable à partir de la partie documentation de l'interface d'administration de Django. | ||||
| **Commentez votre code !** | ||||
|  | ||||
| La documentation plus haut niveau sur le développement est disponible sur [le Wiki associé au dépôt Git](https://gitlab.crans.org/bde/nk20/-/wikis/home). | ||||
| La documentation plus haut niveau sur le développement et sur l'utilisation | ||||
| est disponible sur <https://note.crans.org/doc> et également dans le dossier `docs`. | ||||
|  | ||||
| ## FAQ | ||||
|  | ||||
| ### Regénérer les fichiers de traduction | ||||
|  | ||||
| Pour regénérer les traductions vous pouvez vous placer à la racine du projet et lancer le script `makemessages`. Il faut penser à ignorer les dossiers ne contenant pas notre code, dont le virtualenv. | ||||
| Pour regénérer les traductions vous pouvez vous placer à la racine du projet et lancer le script `makemessages`. | ||||
| Il faut penser à ignorer les dossiers ne contenant pas notre code, dont le virtualenv. | ||||
| De plus, il faut aussi extraire les variables des fichiers JavaScript. | ||||
|  | ||||
| ```bash | ||||
| django-admin makemessages -i env | ||||
| python3 manage.py makemessages -i env | ||||
| python3 manage.py makemessages -i env -e js -d djangojs | ||||
| ``` | ||||
|  | ||||
| Une fois les fichiers édités, vous pouvez compiler les nouvelles traductions avec | ||||
|  | ||||
| ```bash | ||||
| django-admin compilemessages | ||||
| python3 manage.py compilemessages | ||||
| python3 manage.py compilejsmessages | ||||
| ``` | ||||
|   | ||||
| @@ -7,7 +7,7 @@ | ||||
|       prompt: "Password of the database (leave it blank to skip database init)" | ||||
|       private: yes | ||||
|   vars: | ||||
|     mirror: deb.debian.org | ||||
|     mirror: mirror.crans.org | ||||
|   roles: | ||||
|     - 1-apt-basic | ||||
|     - 2-nk20 | ||||
| @@ -16,3 +16,4 @@ | ||||
|     - 5-nginx | ||||
|     - 6-psql | ||||
|     - 7-postinstall | ||||
|     - 8-docs | ||||
|   | ||||
| @@ -3,3 +3,4 @@ note: | ||||
|   server_name: note-beta.crans.org | ||||
|   git_branch: beta | ||||
|   cron_enabled: false | ||||
|   email: notekfet2020@lists.crans.org | ||||
|   | ||||
| @@ -3,3 +3,4 @@ note: | ||||
|   server_name: note-dev.crans.org | ||||
|   git_branch: beta | ||||
|   cron_enabled: false | ||||
|   email: notekfet2020@lists.crans.org | ||||
| @@ -3,3 +3,4 @@ note: | ||||
|   server_name: note.crans.org | ||||
|   git_branch: master | ||||
|   cron_enabled: true | ||||
|   email: notekfet2020@lists.crans.org | ||||
|   | ||||
| @@ -1,5 +1,5 @@ | ||||
| [dev] | ||||
| bde3-virt.adh.crans.org | ||||
| bde-note-dev.adh.crans.org | ||||
| bde-nk20-beta.adh.crans.org | ||||
| 
 | ||||
| [prod] | ||||
| @@ -3,11 +3,12 @@ | ||||
|   apt_repository: | ||||
|     repo: deb http://{{ mirror }}/debian buster-backports main | ||||
|     state: present | ||||
|   when: ansible_facts['distribution'] == "Debian" | ||||
|  | ||||
| - name: Install note_kfet APT dependencies | ||||
|   apt: | ||||
|     update_cache: true | ||||
|     default_release: buster-backports | ||||
|     default_release: "{{ 'buster-backports' if ansible_facts['distribution'] == 'Debian' }}" | ||||
|     install_recommends: false | ||||
|     name: | ||||
|       # Common tools | ||||
| @@ -23,13 +24,14 @@ | ||||
|       - python3-babel | ||||
|       - python3-bs4 | ||||
|       - python3-django | ||||
|       - python3-django-cas-server | ||||
|       - python3-django-crispy-forms | ||||
|       - python3-django-extensions | ||||
|       - python3-django-filters | ||||
|       - python3-django-oauth-toolkit | ||||
|       - python3-django-polymorphic | ||||
|       - python3-djangorestframework | ||||
|       - python3-lockfile | ||||
|       - python3-memcache | ||||
|       - python3-phonenumbers | ||||
|       - python3-pil | ||||
|       - python3-pip | ||||
| @@ -40,6 +42,9 @@ | ||||
|       # LaTeX (PDF generation) | ||||
|       - texlive-xetex | ||||
|  | ||||
|       # Cache server | ||||
|       - memcached | ||||
|  | ||||
|       # WSGI server | ||||
|       - uwsgi | ||||
|       - uwsgi-plugin-python3 | ||||
|   | ||||
| @@ -16,7 +16,7 @@ | ||||
|  | ||||
| - name: Use default env vars (should be updated!) | ||||
|   template: | ||||
|     src: "env_example" | ||||
|     src: "env.j2" | ||||
|     dest: "/var/www/note_kfet/.env" | ||||
|     mode: 0644 | ||||
|     force: false | ||||
| @@ -36,3 +36,13 @@ | ||||
|     dest: /etc/cron.d/note | ||||
|     owner: root | ||||
|     group: root | ||||
|  | ||||
| - name: Set default directory to /var/www/note_kfet | ||||
|   lineinfile: | ||||
|     path: /etc/skel/.bashrc | ||||
|     line: 'cd /var/www/note_kfet' | ||||
|  | ||||
| - name: Automatically source Python virtual environment | ||||
|   lineinfile: | ||||
|     path: /etc/skel/.bashrc | ||||
|     line: 'source /var/www/note_kfet/env/bin/activate' | ||||
|   | ||||
							
								
								
									
										23
									
								
								ansible/roles/2-nk20/templates/env.j2
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										23
									
								
								ansible/roles/2-nk20/templates/env.j2
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,23 @@ | ||||
| DJANGO_APP_STAGE=prod | ||||
| # Only used in dev mode, change to "postgresql" if you want to use PostgreSQL in dev | ||||
| DJANGO_DEV_STORE_METHOD=sqlite | ||||
| DJANGO_DB_HOST=localhost | ||||
| DJANGO_DB_NAME=note_db | ||||
| DJANGO_DB_USER=note | ||||
| DJANGO_DB_PASSWORD={{ DB_PASSWORD }} | ||||
| DJANGO_DB_PORT= | ||||
| DJANGO_SECRET_KEY=CHANGE_ME | ||||
| DJANGO_SETTINGS_MODULE=note_kfet.settings | ||||
| CONTACT_EMAIL=tresorerie.bde@localhost | ||||
| NOTE_URL= {{note.server_name}} | ||||
|  | ||||
| # Config for mails. Only used in production | ||||
| NOTE_MAIL=notekfet@localhost | ||||
| EMAIL_HOST=smtp.localhost | ||||
| EMAIL_PORT=25 | ||||
| EMAIL_USER=notekfet@localhost | ||||
| EMAIL_PASSWORD=CHANGE_ME | ||||
|  | ||||
| # Wiki configuration | ||||
| WIKI_USER=NoteKfet2020 | ||||
| WIKI_PASSWORD= | ||||
| @@ -9,6 +9,11 @@ | ||||
|   retries: 3 | ||||
|   until: pkg_result is succeeded | ||||
|  | ||||
| - name: Check if certificate already exists. | ||||
|   stat: | ||||
|     path: /etc/letsencrypt/live/{{note.server_name}}/cert.pem | ||||
|   register: letsencrypt_cert | ||||
|  | ||||
| - name: Create /etc/letsencrypt/conf.d | ||||
|   file: | ||||
|     path: /etc/letsencrypt/conf.d | ||||
| @@ -19,3 +24,17 @@ | ||||
|     src: "letsencrypt/conf.d/nk20.ini.j2" | ||||
|     dest: "/etc/letsencrypt/conf.d/nk20.ini" | ||||
|     mode: 0644 | ||||
|  | ||||
| - name: Stop services to allow certbot to generate a cert. | ||||
|   service: | ||||
|     name: nginx | ||||
|     state: stopped | ||||
|  | ||||
| - name: Generate new certificate if one doesn't exist. | ||||
|   shell: "certbot certonly --non-interactive --agree-tos --config /etc/letsencrypt/conf.d/nk20.ini -d {{note.server_name}}" | ||||
|   when: letsencrypt_cert.stat.exists == False | ||||
|  | ||||
| - name: Restart services to allow certbot to generate a cert. | ||||
|   service: | ||||
|     name: nginx | ||||
|     state: started | ||||
|   | ||||
| @@ -10,7 +10,7 @@ rsa-key-size = 4096 | ||||
| # server = https://acme-staging.api.letsencrypt.org/directory | ||||
|  | ||||
| # Uncomment and update to register with the specified e-mail address | ||||
| email = notekfet2020@lists.crans.org | ||||
| email = {{ note.email }} | ||||
|  | ||||
| # Uncomment to use a text interface instead of ncurses | ||||
| text = True | ||||
|   | ||||
| @@ -1,5 +1,5 @@ | ||||
| # the upstream component nginx needs to connect to | ||||
| upstream note{ | ||||
| upstream note { | ||||
|     server unix:///var/www/note_kfet/note_kfet.sock; # file socket | ||||
| } | ||||
|  | ||||
| @@ -50,6 +50,10 @@ server { | ||||
|         alias /var/www/note_kfet/static; # your Django project's static files - amend as required | ||||
|     } | ||||
|  | ||||
|     location /doc { | ||||
|         alias /var/www/documentation;    # The documentation of the project | ||||
|     } | ||||
|  | ||||
|     # Finally, send all non-media requests to the Django server. | ||||
|     location / { | ||||
|         uwsgi_pass note; | ||||
|   | ||||
| @@ -11,14 +11,14 @@ | ||||
|   until: pkg_result is succeeded | ||||
|  | ||||
| - name: Create role note | ||||
|   when: "DB_PASSWORD|bool"    # If the password is not defined, skip the installation | ||||
|   when: DB_PASSWORD|length > 0 # If the password is not defined, skip the installation | ||||
|   postgresql_user: | ||||
|     name: note | ||||
|     password: "{{ DB_PASSWORD }}" | ||||
|   become_user: postgres | ||||
|  | ||||
| - name: Create NK20 database | ||||
|   when: "DB_PASSWORD|bool" | ||||
|   when: DB_PASSWORD|length >0 | ||||
|   postgresql_db: | ||||
|     name: note_db | ||||
|     owner: note | ||||
|   | ||||
| @@ -1,4 +1,10 @@ | ||||
| --- | ||||
| - name: Collect static files | ||||
|   command: /var/www/note_kfet/env/bin/python manage.py collectstatic --noinput | ||||
|   args: | ||||
|     chdir: /var/www/note_kfet | ||||
|   become_user: www-data | ||||
|  | ||||
| - name: Migrate Django database | ||||
|   command: /var/www/note_kfet/env/bin/python manage.py migrate | ||||
|   args: | ||||
| @@ -11,14 +17,14 @@ | ||||
|     chdir: /var/www/note_kfet | ||||
|   become_user: www-data | ||||
|  | ||||
| - name: Compile JavaScript messages | ||||
|   command: /var/www/note_kfet/env/bin/python manage.py compilejsmessages | ||||
|   args: | ||||
|     chdir: /var/www/note_kfet | ||||
|   become_user: www-data | ||||
|  | ||||
| - name: Install initial fixtures | ||||
|   command: /var/www/note_kfet/env/bin/python manage.py loaddata initial | ||||
|   args: | ||||
|     chdir: /var/www/note_kfet | ||||
|   become_user: postgres | ||||
|  | ||||
| - name: Collect static files | ||||
|   command: /var/www/note_kfet/env/bin/python manage.py collectstatic --noinput | ||||
|   args: | ||||
|     chdir: /var/www/note_kfet | ||||
|   become_user: www-data | ||||
|   | ||||
							
								
								
									
										20
									
								
								ansible/roles/8-docs/tasks/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										20
									
								
								ansible/roles/8-docs/tasks/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,20 @@ | ||||
| --- | ||||
| - name: Install Sphinx and RTD theme | ||||
|   pip: | ||||
|     requirements: /var/www/note_kfet/docs/requirements.txt | ||||
|     virtualenv: /var/www/note_kfet/env | ||||
|     virtualenv_command: /usr/bin/python3 -m venv | ||||
|     virtualenv_site_packages: true | ||||
|   become_user: www-data | ||||
|  | ||||
| - name: Create documentation directory with good permissions | ||||
|   file: | ||||
|     path: /var/www/documentation | ||||
|     state: directory | ||||
|     owner: www-data | ||||
|     group: www-data | ||||
|     mode: u=rwx,g=rwxs,o=rx | ||||
|  | ||||
| - name: Build HTML documentation | ||||
|   command: /var/www/note_kfet/env/bin/sphinx-build -b dirhtml /var/www/note_kfet/docs/ /var/www/documentation/ | ||||
|   become_user: www-data | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| default_app_config = 'activity.apps.ActivityConfig' | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.contrib import admin | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from rest_framework import serializers | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from .views import ActivityTypeViewSet, ActivityViewSet, EntryViewSet, GuestViewSet | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from api.viewsets import ReadProtectedModelViewSet | ||||
| @@ -15,10 +15,10 @@ class ActivityTypeViewSet(ReadProtectedModelViewSet): | ||||
|     The djangorestframework plugin will get all `ActivityType` objects, serialize it to JSON with the given serializer, | ||||
|     then render it on /api/activity/type/ | ||||
|     """ | ||||
|     queryset = ActivityType.objects.all() | ||||
|     queryset = ActivityType.objects.order_by('id') | ||||
|     serializer_class = ActivityTypeSerializer | ||||
|     filter_backends = [DjangoFilterBackend] | ||||
|     filterset_fields = ['name', 'can_invite', ] | ||||
|     filterset_fields = ['name', 'manage_entries', 'can_invite', 'guest_entry_fee', ] | ||||
|  | ||||
|  | ||||
| class ActivityViewSet(ReadProtectedModelViewSet): | ||||
| @@ -27,10 +27,16 @@ class ActivityViewSet(ReadProtectedModelViewSet): | ||||
|     The djangorestframework plugin will get all `Activity` objects, serialize it to JSON with the given serializer, | ||||
|     then render it on /api/activity/activity/ | ||||
|     """ | ||||
|     queryset = Activity.objects.all() | ||||
|     queryset = Activity.objects.order_by('id') | ||||
|     serializer_class = ActivitySerializer | ||||
|     filter_backends = [DjangoFilterBackend] | ||||
|     filterset_fields = ['name', 'description', 'activity_type', ] | ||||
|     filter_backends = [DjangoFilterBackend, SearchFilter] | ||||
|     filterset_fields = ['name', 'description', 'activity_type', 'location', 'creater', 'organizer', 'attendees_club', | ||||
|                         'date_start', 'date_end', 'valid', 'open', ] | ||||
|     search_fields = ['$name', '$description', '$location', '$creater__last_name', '$creater__first_name', | ||||
|                      '$creater__email', '$creater__note__alias__name', '$creater__note__alias__normalized_name', | ||||
|                      '$organizer__name', '$organizer__email', '$organizer__note__alias__name', | ||||
|                      '$organizer__note__alias__normalized_name', '$attendees_club__name', '$attendees_club__email', | ||||
|                      '$attendees_club__note__alias__name', '$attendees_club__note__alias__normalized_name', ] | ||||
|  | ||||
|  | ||||
| class GuestViewSet(ReadProtectedModelViewSet): | ||||
| @@ -39,10 +45,13 @@ class GuestViewSet(ReadProtectedModelViewSet): | ||||
|     The djangorestframework plugin will get all `Guest` objects, serialize it to JSON with the given serializer, | ||||
|     then render it on /api/activity/guest/ | ||||
|     """ | ||||
|     queryset = Guest.objects.all() | ||||
|     queryset = Guest.objects.order_by('id') | ||||
|     serializer_class = GuestSerializer | ||||
|     filter_backends = [SearchFilter] | ||||
|     search_fields = ['$last_name', '$first_name', '$inviter__alias__name', '$inviter__alias__normalized_name', ] | ||||
|     filter_backends = [DjangoFilterBackend, SearchFilter] | ||||
|     filterset_fields = ['activity', 'activity__name', 'last_name', 'first_name', 'inviter', 'inviter__alias__name', | ||||
|                         'inviter__alias__normalized_name', ] | ||||
|     search_fields = ['$activity__name', '$last_name', '$first_name', '$inviter__user__email', '$inviter__alias__name', | ||||
|                      '$inviter__alias__normalized_name', ] | ||||
|  | ||||
|  | ||||
| class EntryViewSet(ReadProtectedModelViewSet): | ||||
| @@ -51,7 +60,9 @@ class EntryViewSet(ReadProtectedModelViewSet): | ||||
|     The djangorestframework plugin will get all `Entry` objects, serialize it to JSON with the given serializer, | ||||
|     then render it on /api/activity/entry/ | ||||
|     """ | ||||
|     queryset = Entry.objects.all() | ||||
|     queryset = Entry.objects.order_by('id') | ||||
|     serializer_class = EntrySerializer | ||||
|     filter_backends = [SearchFilter] | ||||
|     search_fields = ['$last_name', '$first_name', '$inviter__alias__name', '$inviter__alias__normalized_name', ] | ||||
|     filter_backends = [DjangoFilterBackend, SearchFilter] | ||||
|     filterset_fields = ['activity', 'time', 'note', 'guest', ] | ||||
|     search_fields = ['$activity__name', '$note__user__email', '$note__alias__name', '$note__alias__normalized_name', | ||||
|                      '$guest__last_name', '$guest__first_name', ] | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.apps import AppConfig | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from datetime import timedelta | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| import os | ||||
| @@ -7,7 +7,7 @@ from threading import Thread | ||||
|  | ||||
| from django.conf import settings | ||||
| from django.contrib.auth.models import User | ||||
| from django.db import models | ||||
| from django.db import models, transaction | ||||
| from django.db.models import Q | ||||
| from django.utils import timezone | ||||
| from django.utils.translation import gettext_lazy as _ | ||||
| @@ -123,6 +123,7 @@ class Activity(models.Model): | ||||
|         verbose_name=_('open'), | ||||
|     ) | ||||
|  | ||||
|     @transaction.atomic | ||||
|     def save(self, *args, **kwargs): | ||||
|         """ | ||||
|         Update the activity wiki page each time the activity is updated (validation, change description, ...) | ||||
| @@ -194,8 +195,8 @@ class Entry(models.Model): | ||||
|             else _("Entry for {note} to the activity {activity}").format( | ||||
|             guest=str(self.guest), note=str(self.note), activity=str(self.activity)) | ||||
|  | ||||
|     @transaction.atomic | ||||
|     def save(self, *args, **kwargs): | ||||
|  | ||||
|         qs = Entry.objects.filter(~Q(pk=self.pk), activity=self.activity, note=self.note, guest=self.guest) | ||||
|         if qs.exists(): | ||||
|             raise ValidationError(_("Already entered on ") + _("{:%Y-%m-%d %H:%M:%S}").format(qs.get().time, )) | ||||
| @@ -260,6 +261,7 @@ class Guest(models.Model): | ||||
|         except AttributeError: | ||||
|             return False | ||||
|  | ||||
|     @transaction.atomic | ||||
|     def save(self, force_insert=False, force_update=False, using=None, update_fields=None): | ||||
|         one_year = timedelta(days=365) | ||||
|  | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
| from django.utils import timezone | ||||
| from django.utils.html import format_html | ||||
|   | ||||
| @@ -30,7 +30,7 @@ SPDX-License-Identifier: GPL-3.0-or-later | ||||
|          headers: {"X-CSRFTOKEN": CSRF_TOKEN} | ||||
|      }) | ||||
|       .done(function() { | ||||
|           addMsg('Invité supprimé','success'); | ||||
|           addMsg('{% trans "Guest deleted" %}', 'success'); | ||||
|           $("#guests_table").load(location.pathname + " #guests_table"); | ||||
|       }) | ||||
|       .fail(function(xhr, textStatus, error) { | ||||
|   | ||||
| @@ -86,10 +86,10 @@ SPDX-License-Identifier: GPL-3.0-or-later | ||||
|                 }).done(function () { | ||||
|                     if (target.hasClass("table-info")) | ||||
|                         addMsg( | ||||
|                             "Entrée effectuée, mais attention : la personne n'est plus adhérente Kfet.", | ||||
|                             "{% trans "Entry done, but caution: the user is not a Kfet member." %}", | ||||
|                             "warning", 10000); | ||||
|                     else | ||||
|                         addMsg("Entrée effectuée !", "success", 4000); | ||||
|                         addMsg("Entry made!", "success", 4000); | ||||
|                     reloadTable(true); | ||||
|                 }).fail(function (xhr) { | ||||
|                     errMsg(xhr.responseJSON, 4000); | ||||
| @@ -121,10 +121,10 @@ SPDX-License-Identifier: GPL-3.0-or-later | ||||
|                     }).done(function () { | ||||
|                         if (target.hasClass("table-info")) | ||||
|                             addMsg( | ||||
|                                 "Entrée effectuée, mais attention : la personne n'est plus adhérente Kfet.", | ||||
|                                 "{% trans "Entry done, but caution: the user is not a Kfet member." %}", | ||||
|                                 "warning", 10000); | ||||
|                         else | ||||
|                             addMsg("Entrée effectuée !", "success", 4000); | ||||
|                             addMsg("{% trans "Entry done!" %}", "success", 4000); | ||||
|                         reloadTable(true); | ||||
|                     }).fail(function (xhr) { | ||||
|                         errMsg(xhr.responseJSON, 4000); | ||||
|   | ||||
| @@ -1,15 +1,18 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from datetime import timedelta | ||||
|  | ||||
| from api.tests import TestAPI | ||||
| from django.contrib.auth.models import User | ||||
| from django.test import TestCase | ||||
| from django.urls import reverse | ||||
| from django.utils import timezone | ||||
| from activity.models import Activity, ActivityType, Guest, Entry | ||||
| from member.models import Club | ||||
|  | ||||
| from ..api.views import ActivityTypeViewSet, ActivityViewSet, EntryViewSet, GuestViewSet | ||||
| from ..models import Activity, ActivityType, Guest, Entry | ||||
|  | ||||
|  | ||||
| class TestActivities(TestCase): | ||||
|     """ | ||||
| @@ -173,3 +176,58 @@ class TestActivities(TestCase): | ||||
|         """ | ||||
|         response = self.client.get(reverse("activity:calendar_ics")) | ||||
|         self.assertEqual(response.status_code, 200) | ||||
|  | ||||
|  | ||||
| class TestActivityAPI(TestAPI): | ||||
|     def setUp(self) -> None: | ||||
|         super().setUp() | ||||
|  | ||||
|         self.activity = Activity.objects.create( | ||||
|             name="Activity", | ||||
|             description="This is a test activity\non two very very long lines\nbecause this is very important.", | ||||
|             location="Earth", | ||||
|             activity_type=ActivityType.objects.get(name="Pot"), | ||||
|             creater=self.user, | ||||
|             organizer=Club.objects.get(name="Kfet"), | ||||
|             attendees_club=Club.objects.get(name="Kfet"), | ||||
|             date_start=timezone.now(), | ||||
|             date_end=timezone.now() + timedelta(days=2), | ||||
|             valid=True, | ||||
|         ) | ||||
|  | ||||
|         self.guest = Guest.objects.create( | ||||
|             activity=self.activity, | ||||
|             inviter=self.user.note, | ||||
|             last_name="GUEST", | ||||
|             first_name="Guest", | ||||
|         ) | ||||
|  | ||||
|         self.entry = Entry.objects.create( | ||||
|             activity=self.activity, | ||||
|             note=self.user.note, | ||||
|             guest=self.guest, | ||||
|         ) | ||||
|  | ||||
|     def test_activity_api(self): | ||||
|         """ | ||||
|         Load Activity API page and test all filters and permissions | ||||
|         """ | ||||
|         self.check_viewset(ActivityViewSet, "/api/activity/activity/") | ||||
|  | ||||
|     def test_activity_type_api(self): | ||||
|         """ | ||||
|         Load ActivityType API page and test all filters and permissions | ||||
|         """ | ||||
|         self.check_viewset(ActivityTypeViewSet, "/api/activity/type/") | ||||
|  | ||||
|     def test_entry_api(self): | ||||
|         """ | ||||
|         Load Entry API page and test all filters and permissions | ||||
|         """ | ||||
|         self.check_viewset(EntryViewSet, "/api/activity/entry/") | ||||
|  | ||||
|     def test_guest_api(self): | ||||
|         """ | ||||
|         Load Guest API page and test all filters and permissions | ||||
|         """ | ||||
|         self.check_viewset(GuestViewSet, "/api/activity/guest/") | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.urls import path | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from hashlib import md5 | ||||
| @@ -7,12 +7,15 @@ from django.conf import settings | ||||
| from django.contrib.auth.mixins import LoginRequiredMixin | ||||
| from django.contrib.contenttypes.models import ContentType | ||||
| from django.core.exceptions import PermissionDenied | ||||
| from django.db import transaction | ||||
| from django.db.models import F, Q | ||||
| from django.http import HttpResponse | ||||
| from django.urls import reverse_lazy | ||||
| from django.utils import timezone | ||||
| from django.utils.decorators import method_decorator | ||||
| from django.utils.translation import gettext_lazy as _ | ||||
| from django.views import View | ||||
| from django.views.decorators.cache import cache_page | ||||
| from django.views.generic import DetailView, TemplateView, UpdateView | ||||
| from django_tables2.views import SingleTableView | ||||
| from note.models import Alias, NoteSpecial, NoteUser | ||||
| @@ -44,6 +47,7 @@ class ActivityCreateView(ProtectQuerysetMixin, ProtectedCreateView): | ||||
|             date_end=timezone.now(), | ||||
|         ) | ||||
|  | ||||
|     @transaction.atomic | ||||
|     def form_valid(self, form): | ||||
|         form.instance.creater = self.request.user | ||||
|         return super().form_valid(form) | ||||
| @@ -145,6 +149,7 @@ class ActivityInviteView(ProtectQuerysetMixin, ProtectedCreateView): | ||||
|         form.fields["inviter"].initial = self.request.user.note | ||||
|         return form | ||||
|  | ||||
|     @transaction.atomic | ||||
|     def form_valid(self, form): | ||||
|         form.instance.activity = Activity.objects\ | ||||
|             .filter(PermissionBackend.filter_queryset(self.request.user, Activity, "view")).get(pk=self.kwargs["pk"]) | ||||
| @@ -285,6 +290,8 @@ class ActivityEntryView(LoginRequiredMixin, TemplateView): | ||||
|         return context | ||||
|  | ||||
|  | ||||
| # Cache for 1 hour | ||||
| @method_decorator(cache_page(60 * 60), name='dispatch') | ||||
| class CalendarView(View): | ||||
|     """ | ||||
|     Render an ICS calendar with all valid activities. | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| default_app_config = 'api.apps.APIConfig' | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.apps import AppConfig | ||||
|   | ||||
| @@ -1,13 +1,17 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
|  | ||||
| from django.contrib.contenttypes.models import ContentType | ||||
| from django.contrib.auth.models import User | ||||
| from rest_framework.serializers import ModelSerializer | ||||
| from django.utils import timezone | ||||
| from rest_framework import serializers | ||||
| from member.api.serializers import ProfileSerializer, MembershipSerializer | ||||
| from note.api.serializers import NoteSerializer | ||||
| from note.models import Alias | ||||
|  | ||||
|  | ||||
| class UserSerializer(ModelSerializer): | ||||
| class UserSerializer(serializers.ModelSerializer): | ||||
|     """ | ||||
|     REST API Serializer for Users. | ||||
|     The djangorestframework plugin will analyse the model `User` and parse all fields in the API. | ||||
| @@ -22,7 +26,7 @@ class UserSerializer(ModelSerializer): | ||||
|         ) | ||||
|  | ||||
|  | ||||
| class ContentTypeSerializer(ModelSerializer): | ||||
| class ContentTypeSerializer(serializers.ModelSerializer): | ||||
|     """ | ||||
|     REST API Serializer for Users. | ||||
|     The djangorestframework plugin will analyse the model `User` and parse all fields in the API. | ||||
| @@ -31,3 +35,42 @@ class ContentTypeSerializer(ModelSerializer): | ||||
|     class Meta: | ||||
|         model = ContentType | ||||
|         fields = '__all__' | ||||
|  | ||||
|  | ||||
| class OAuthSerializer(serializers.ModelSerializer): | ||||
|     """ | ||||
|     Informations that are transmitted by OAuth. | ||||
|     For now, this includes user, profile and valid memberships. | ||||
|     This should be better managed later. | ||||
|     """ | ||||
|     normalized_name = serializers.SerializerMethodField() | ||||
|  | ||||
|     profile = ProfileSerializer() | ||||
|  | ||||
|     note = NoteSerializer() | ||||
|  | ||||
|     memberships = serializers.SerializerMethodField() | ||||
|  | ||||
|     def get_normalized_name(self, obj): | ||||
|         return Alias.normalize(obj.username) | ||||
|  | ||||
|     def get_memberships(self, obj): | ||||
|         return serializers.ListSerializer(child=MembershipSerializer()).to_representation( | ||||
|             obj.memberships.filter(date_start__lte=timezone.now(), date_end__gte=timezone.now())) | ||||
|  | ||||
|     class Meta: | ||||
|         model = User | ||||
|         fields = ( | ||||
|             'id', | ||||
|             'username', | ||||
|             'normalized_name', | ||||
|             'first_name', | ||||
|             'last_name', | ||||
|             'email', | ||||
|             'is_superuser', | ||||
|             'is_active', | ||||
|             'is_staff', | ||||
|             'profile', | ||||
|             'note', | ||||
|             'memberships', | ||||
|         ) | ||||
|   | ||||
							
								
								
									
										240
									
								
								apps/api/tests.py
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										240
									
								
								apps/api/tests.py
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,240 @@ | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| import json | ||||
| from datetime import datetime, date | ||||
| from decimal import Decimal | ||||
| from urllib.parse import quote_plus | ||||
| from warnings import warn | ||||
|  | ||||
| from django.contrib.auth.models import User | ||||
| from django.contrib.contenttypes.models import ContentType | ||||
| from django.db.models.fields.files import ImageFieldFile | ||||
| from django.test import TestCase | ||||
| from django_filters.rest_framework import DjangoFilterBackend | ||||
| from member.models import Membership, Club | ||||
| from note.models import NoteClub, NoteUser, Alias, Note | ||||
| from permission.models import PermissionMask, Permission, Role | ||||
| from phonenumbers import PhoneNumber | ||||
| from rest_framework.filters import SearchFilter, OrderingFilter | ||||
|  | ||||
| from .viewsets import ContentTypeViewSet, UserViewSet | ||||
|  | ||||
|  | ||||
| class TestAPI(TestCase): | ||||
|     """ | ||||
|     Load API pages and check that filters are working. | ||||
|     """ | ||||
|     fixtures = ('initial', ) | ||||
|  | ||||
|     def setUp(self) -> None: | ||||
|         self.user = User.objects.create_superuser( | ||||
|             username="adminapi", | ||||
|             password="adminapi", | ||||
|             email="adminapi@example.com", | ||||
|             last_name="Admin", | ||||
|             first_name="Admin", | ||||
|         ) | ||||
|         self.client.force_login(self.user) | ||||
|  | ||||
|         sess = self.client.session | ||||
|         sess["permission_mask"] = 42 | ||||
|         sess.save() | ||||
|  | ||||
|     def check_viewset(self, viewset, url): | ||||
|         """ | ||||
|         This function should be called inside a unit test. | ||||
|         This loads the viewset and for each filter entry, it checks that the filter is running good. | ||||
|         """ | ||||
|         resp = self.client.get(url + "?format=json") | ||||
|         self.assertEqual(resp.status_code, 200) | ||||
|  | ||||
|         model = viewset.serializer_class.Meta.model | ||||
|  | ||||
|         if not model.objects.exists():  # pragma: no cover | ||||
|             warn(f"Warning: unable to test API filters for the model {model._meta.verbose_name} " | ||||
|                  "since there is no instance of it.") | ||||
|             return | ||||
|  | ||||
|         if hasattr(viewset, "filter_backends"): | ||||
|             backends = viewset.filter_backends | ||||
|             obj = model.objects.last() | ||||
|  | ||||
|             if DjangoFilterBackend in backends: | ||||
|                 # Specific search | ||||
|                 for field in viewset.filterset_fields: | ||||
|                     obj = self.fix_note_object(obj, field) | ||||
|  | ||||
|                     value = self.get_value(obj, field) | ||||
|                     if value is None:  # pragma: no cover | ||||
|                         warn(f"Warning: the filter {field} for the model {model._meta.verbose_name} " | ||||
|                              "has not been tested.") | ||||
|                         continue | ||||
|                     resp = self.client.get(url + f"?format=json&{field}={quote_plus(str(value))}") | ||||
|                     self.assertEqual(resp.status_code, 200, f"The filter {field} for the model " | ||||
|                                                             f"{model._meta.verbose_name} does not work. " | ||||
|                                                             f"Given parameter: {value}") | ||||
|                     content = json.loads(resp.content) | ||||
|                     self.assertGreater(content["count"], 0, f"The filter {field} for the model " | ||||
|                                                             f"{model._meta.verbose_name} does not work. " | ||||
|                                                             f"Given parameter: {value}") | ||||
|  | ||||
|             if OrderingFilter in backends: | ||||
|                 # Ensure that ordering is working well | ||||
|                 for field in viewset.ordering_fields: | ||||
|                     resp = self.client.get(url + f"?ordering={field}") | ||||
|                     self.assertEqual(resp.status_code, 200) | ||||
|                     resp = self.client.get(url + f"?ordering=-{field}") | ||||
|                     self.assertEqual(resp.status_code, 200) | ||||
|  | ||||
|             if SearchFilter in backends: | ||||
|                 # Basic search | ||||
|                 for field in viewset.search_fields: | ||||
|                     obj = self.fix_note_object(obj, field) | ||||
|  | ||||
|                     if field[0] == '$' or field[0] == '=': | ||||
|                         field = field[1:] | ||||
|                     value = self.get_value(obj, field) | ||||
|                     if value is None:  # pragma: no cover | ||||
|                         warn(f"Warning: the filter {field} for the model {model._meta.verbose_name} " | ||||
|                              "has not been tested.") | ||||
|                         continue | ||||
|                     resp = self.client.get(url + f"?format=json&search={quote_plus(str(value))}") | ||||
|                     self.assertEqual(resp.status_code, 200, f"The filter {field} for the model " | ||||
|                                                             f"{model._meta.verbose_name} does not work. " | ||||
|                                                             f"Given parameter: {value}") | ||||
|                     content = json.loads(resp.content) | ||||
|                     self.assertGreater(content["count"], 0, f"The filter {field} for the model " | ||||
|                                                             f"{model._meta.verbose_name} does not work. " | ||||
|                                                             f"Given parameter: {value}") | ||||
|  | ||||
|             self.check_permissions(url, obj) | ||||
|  | ||||
|     def check_permissions(self, url, obj): | ||||
|         """ | ||||
|         Check that permissions are working | ||||
|         """ | ||||
|         # Drop rights | ||||
|         self.user.is_superuser = False | ||||
|         self.user.save() | ||||
|         sess = self.client.session | ||||
|         sess["permission_mask"] = 0 | ||||
|         sess.save() | ||||
|  | ||||
|         # Delete user permissions | ||||
|         for m in Membership.objects.filter(user=self.user).all(): | ||||
|             m.roles.clear() | ||||
|             m.save() | ||||
|  | ||||
|         # Create a new role, which will have the checking permission | ||||
|         role = Role.objects.get_or_create(name="β-tester")[0] | ||||
|         role.permissions.clear() | ||||
|         role.save() | ||||
|         membership = Membership.objects.get_or_create(user=self.user, club=Club.objects.get(name="BDE"))[0] | ||||
|         membership.roles.set([role]) | ||||
|         membership.save() | ||||
|  | ||||
|         # Ensure that the access to the object is forbidden without permission | ||||
|         resp = self.client.get(url + f"{obj.pk}/") | ||||
|         self.assertEqual(resp.status_code, 404, f"Mysterious access to {url}{obj.pk}/ for {obj}") | ||||
|  | ||||
|         obj.refresh_from_db() | ||||
|  | ||||
|         # There are problems with polymorphism | ||||
|         if isinstance(obj, Note) and hasattr(obj, "note_ptr"): | ||||
|             obj = obj.note_ptr | ||||
|  | ||||
|         mask = PermissionMask.objects.get(rank=0) | ||||
|  | ||||
|         for field in obj._meta.fields: | ||||
|             # Build permission query | ||||
|             value = self.get_value(obj, field.name) | ||||
|             if isinstance(value, date) or isinstance(value, datetime): | ||||
|                 value = value.isoformat() | ||||
|             elif isinstance(value, ImageFieldFile): | ||||
|                 value = value.name | ||||
|             elif isinstance(value, Decimal): | ||||
|                 value = str(value) | ||||
|             query = json.dumps({field.name: value}) | ||||
|  | ||||
|             # Create sample permission | ||||
|             permission = Permission.objects.get_or_create( | ||||
|                 model=ContentType.objects.get_for_model(obj._meta.model), | ||||
|                 query=query, | ||||
|                 mask=mask, | ||||
|                 type="view", | ||||
|                 permanent=False, | ||||
|                 description=f"Can view {obj._meta.verbose_name}", | ||||
|             )[0] | ||||
|             role.permissions.set([permission]) | ||||
|             role.save() | ||||
|  | ||||
|             # Check that the access is possible | ||||
|             resp = self.client.get(url + f"{obj.pk}/") | ||||
|             self.assertEqual(resp.status_code, 200, f"Permission {permission.query} is not working " | ||||
|                                                     f"for the model {obj._meta.verbose_name}") | ||||
|  | ||||
|         # Restore rights | ||||
|         self.user.is_superuser = True | ||||
|         self.user.save() | ||||
|         sess = self.client.session | ||||
|         sess["permission_mask"] = 42 | ||||
|         sess.save() | ||||
|  | ||||
|     @staticmethod | ||||
|     def get_value(obj, key: str): | ||||
|         """ | ||||
|         Resolve the queryset filter to get the Python value of an object. | ||||
|         """ | ||||
|         if hasattr(obj, "all"): | ||||
|             # obj is a RelatedManager | ||||
|             obj = obj.last() | ||||
|  | ||||
|         if obj is None:  # pragma: no cover | ||||
|             return None | ||||
|  | ||||
|         if '__' not in key: | ||||
|             obj = getattr(obj, key) | ||||
|             if hasattr(obj, "pk"): | ||||
|                 return obj.pk | ||||
|             elif hasattr(obj, "all"): | ||||
|                 if not obj.exists():  # pragma: no cover | ||||
|                     return None | ||||
|                 return obj.last().pk | ||||
|             elif isinstance(obj, bool): | ||||
|                 return int(obj) | ||||
|             elif isinstance(obj, datetime): | ||||
|                 return obj.isoformat() | ||||
|             elif isinstance(obj, PhoneNumber): | ||||
|                 return obj.raw_input | ||||
|             return obj | ||||
|  | ||||
|         key, remaining = key.split('__', 1) | ||||
|         return TestAPI.get_value(getattr(obj, key), remaining) | ||||
|  | ||||
|     @staticmethod | ||||
|     def fix_note_object(obj, field): | ||||
|         """ | ||||
|         When querying an object that has a noteclub or a noteuser field, | ||||
|         ensure that the object has a good value. | ||||
|         """ | ||||
|         if isinstance(obj, Alias): | ||||
|             if "noteuser" in field: | ||||
|                 return NoteUser.objects.last().alias.last() | ||||
|             elif "noteclub" in field: | ||||
|                 return NoteClub.objects.last().alias.last() | ||||
|         elif isinstance(obj, Note): | ||||
|             if "noteuser" in field: | ||||
|                 return NoteUser.objects.last() | ||||
|             elif "noteclub" in field: | ||||
|                 return NoteClub.objects.last() | ||||
|         return obj | ||||
|  | ||||
|  | ||||
| class TestBasicAPI(TestAPI): | ||||
|     def test_user_api(self): | ||||
|         """ | ||||
|         Load the user page. | ||||
|         """ | ||||
|         self.check_viewset(ContentTypeViewSet, "/api/models/") | ||||
|         self.check_viewset(UserViewSet, "/api/user/") | ||||
| @@ -1,10 +1,11 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.conf import settings | ||||
| from django.conf.urls import url, include | ||||
| from rest_framework import routers | ||||
|  | ||||
| from .views import UserInformationView | ||||
| from .viewsets import ContentTypeViewSet, UserViewSet | ||||
|  | ||||
| # Routers provide an easy way of automatically determining the URL conf. | ||||
| @@ -47,5 +48,6 @@ app_name = 'api' | ||||
| # Additionally, we include login URLs for the browsable API. | ||||
| urlpatterns = [ | ||||
|     url('^', include(router.urls)), | ||||
|     url('^me/', UserInformationView.as_view()), | ||||
|     url('^api-auth/', include('rest_framework.urls', namespace='rest_framework')), | ||||
| ] | ||||
|   | ||||
							
								
								
									
										20
									
								
								apps/api/views.py
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										20
									
								
								apps/api/views.py
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,20 @@ | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.contrib.auth.models import User | ||||
| from rest_framework.generics import RetrieveAPIView | ||||
|  | ||||
| from .serializers import OAuthSerializer | ||||
|  | ||||
|  | ||||
| class UserInformationView(RetrieveAPIView): | ||||
|     """ | ||||
|     These fields are give to OAuth authenticators. | ||||
|     """ | ||||
|     serializer_class = OAuthSerializer | ||||
|  | ||||
|     def get_queryset(self): | ||||
|         return User.objects.filter(pk=self.request.user.pk) | ||||
|  | ||||
|     def get_object(self): | ||||
|         return self.request.user | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.contrib.contenttypes.models import ContentType | ||||
| @@ -6,6 +6,7 @@ from django_filters.rest_framework import DjangoFilterBackend | ||||
| from django.db.models import Q | ||||
| from django.conf import settings | ||||
| from django.contrib.auth.models import User | ||||
| from rest_framework.filters import SearchFilter | ||||
| from rest_framework.viewsets import ReadOnlyModelViewSet, ModelViewSet | ||||
| from permission.backends import PermissionBackend | ||||
| from note_kfet.middlewares import get_current_session | ||||
| @@ -48,12 +49,13 @@ class UserViewSet(ReadProtectedModelViewSet): | ||||
|     """ | ||||
|     REST API View set. | ||||
|     The djangorestframework plugin will get all `User` objects, serialize it to JSON with the given serializer, | ||||
|     then render it on /api/users/ | ||||
|     then render it on /api/user/ | ||||
|     """ | ||||
|     queryset = User.objects.all() | ||||
|     queryset = User.objects | ||||
|     serializer_class = UserSerializer | ||||
|     filter_backends = [DjangoFilterBackend] | ||||
|     filterset_fields = ['id', 'username', 'first_name', 'last_name', 'email', 'is_superuser', 'is_staff', 'is_active', ] | ||||
|     filterset_fields = ['id', 'username', 'first_name', 'last_name', 'email', 'is_superuser', 'is_staff', 'is_active', | ||||
|                         'note__alias__name', 'note__alias__normalized_name', ] | ||||
|  | ||||
|     def get_queryset(self): | ||||
|         queryset = super().get_queryset() | ||||
| @@ -106,7 +108,10 @@ class ContentTypeViewSet(ReadOnlyModelViewSet): | ||||
|     """ | ||||
|     REST API View set. | ||||
|     The djangorestframework plugin will get all `User` objects, serialize it to JSON with the given serializer, | ||||
|     then render it on /api/users/ | ||||
|     then render it on /api/models/ | ||||
|     """ | ||||
|     queryset = ContentType.objects.all() | ||||
|     queryset = ContentType.objects.order_by('id') | ||||
|     serializer_class = ContentTypeSerializer | ||||
|     filter_backends = [DjangoFilterBackend, SearchFilter] | ||||
|     filterset_fields = ['id', 'app_label', 'model', ] | ||||
|     search_fields = ['$app_label', '$model', ] | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| default_app_config = 'logs.apps.LogsConfig' | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from rest_framework import serializers | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from .views import ChangelogViewSet | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django_filters.rest_framework import DjangoFilterBackend | ||||
| @@ -15,7 +15,7 @@ class ChangelogViewSet(ReadOnlyProtectedModelViewSet): | ||||
|     The djangorestframework plugin will get all `Changelog` objects, serialize it to JSON with the given serializer, | ||||
|     then render it on /api/logs/ | ||||
|     """ | ||||
|     queryset = Changelog.objects.all() | ||||
|     queryset = Changelog.objects.order_by('id') | ||||
|     serializer_class = ChangelogSerializer | ||||
|     filter_backends = [DjangoFilterBackend, OrderingFilter] | ||||
|     filterset_fields = ['model', 'action', "instance_pk", 'user', 'ip', ] | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.apps import AppConfig | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.conf import settings | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.contrib.contenttypes.models import ContentType | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| default_app_config = 'member.apps.MemberConfig' | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.contrib import admin | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from rest_framework import serializers | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from .views import ProfileViewSet, ClubViewSet, MembershipViewSet | ||||
|   | ||||
| @@ -1,7 +1,8 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from rest_framework.filters import SearchFilter | ||||
| from django_filters.rest_framework import DjangoFilterBackend | ||||
| from rest_framework.filters import OrderingFilter, SearchFilter | ||||
| from api.viewsets import ReadProtectedModelViewSet | ||||
|  | ||||
| from .serializers import ProfileSerializer, ClubSerializer, MembershipSerializer | ||||
| @@ -14,8 +15,15 @@ class ProfileViewSet(ReadProtectedModelViewSet): | ||||
|     The djangorestframework plugin will get all `Profile` objects, serialize it to JSON with the given serializer, | ||||
|     then render it on /api/members/profile/ | ||||
|     """ | ||||
|     queryset = Profile.objects.all() | ||||
|     queryset = Profile.objects.order_by('id') | ||||
|     serializer_class = ProfileSerializer | ||||
|     filter_backends = [DjangoFilterBackend, SearchFilter] | ||||
|     filterset_fields = ['user', 'user__first_name', 'user__last_name', 'user__username', 'user__email', | ||||
|                         'user__note__alias__name', 'user__note__alias__normalized_name', 'phone_number', "section", | ||||
|                         'department', 'promotion', 'address', 'paid', 'ml_events_registration', 'ml_sport_registration', | ||||
|                         'ml_art_registration', 'report_frequency', 'email_confirmed', 'registration_valid', ] | ||||
|     search_fields = ['$user__first_name', '$user__last_name', '$user__username', '$user__email', | ||||
|                      '$user__note__alias__name', '$user__note__alias__normalized_name', ] | ||||
|  | ||||
|  | ||||
| class ClubViewSet(ReadProtectedModelViewSet): | ||||
| @@ -24,10 +32,13 @@ class ClubViewSet(ReadProtectedModelViewSet): | ||||
|     The djangorestframework plugin will get all `Club` objects, serialize it to JSON with the given serializer, | ||||
|     then render it on /api/members/club/ | ||||
|     """ | ||||
|     queryset = Club.objects.all() | ||||
|     queryset = Club.objects.order_by('id') | ||||
|     serializer_class = ClubSerializer | ||||
|     filter_backends = [SearchFilter] | ||||
|     search_fields = ['$name', ] | ||||
|     filter_backends = [DjangoFilterBackend, SearchFilter] | ||||
|     filterset_fields = ['name', 'email', 'note__alias__name', 'note__alias__normalized_name', 'parent_club', | ||||
|                         'parent_club__name', 'require_memberships', 'membership_fee_paid', 'membership_fee_unpaid', | ||||
|                         'membership_duration', 'membership_start', 'membership_end', ] | ||||
|     search_fields = ['$name', '$email', '$note__alias__name', '$note__alias__normalized_name', ] | ||||
|  | ||||
|  | ||||
| class MembershipViewSet(ReadProtectedModelViewSet): | ||||
| @@ -36,5 +47,14 @@ class MembershipViewSet(ReadProtectedModelViewSet): | ||||
|     The djangorestframework plugin will get all `Membership` objects, serialize it to JSON with the given serializer, | ||||
|     then render it on /api/members/membership/ | ||||
|     """ | ||||
|     queryset = Membership.objects.all() | ||||
|     queryset = Membership.objects.order_by('id') | ||||
|     serializer_class = MembershipSerializer | ||||
|     filter_backends = [DjangoFilterBackend, OrderingFilter, SearchFilter] | ||||
|     filterset_fields = ['club__name', 'club__email', 'club__note__alias__name', 'club__note__alias__normalized_name', | ||||
|                         'user__username', 'user__last_name', 'user__first_name', 'user__email', | ||||
|                         'user__note__alias__name', 'user__note__alias__normalized_name', | ||||
|                         'date_start', 'date_end', 'fee', 'roles', ] | ||||
|     ordering_fields = ['id', 'date_start', 'date_end', ] | ||||
|     search_fields = ['$club__name', '$club__email', '$club__note__alias__name', '$club__note__alias__normalized_name', | ||||
|                      '$user__username', '$user__last_name', '$user__first_name', '$user__email', | ||||
|                      '$user__note__alias__name', '$user__note__alias__normalized_name', '$roles__name', ] | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.apps import AppConfig | ||||
|   | ||||
							
								
								
									
										17
									
								
								apps/member/auth.py
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										17
									
								
								apps/member/auth.py
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,17 @@ | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from cas_server.auth import DjangoAuthUser  # pragma: no cover | ||||
| from note.models import Alias | ||||
|  | ||||
|  | ||||
| class CustomAuthUser(DjangoAuthUser):  # pragma: no cover | ||||
|     """ | ||||
|     Override Django Auth User model to define a custom Matrix username. | ||||
|     """ | ||||
|  | ||||
|     def attributs(self): | ||||
|         d = super().attributs() | ||||
|         if self.user: | ||||
|             d["normalized_name"] = Alias.normalize(self.user.username) | ||||
|         return d | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| import io | ||||
| @@ -8,6 +8,7 @@ from django import forms | ||||
| from django.conf import settings | ||||
| from django.contrib.auth.forms import AuthenticationForm | ||||
| from django.contrib.auth.models import User | ||||
| from django.db import transaction | ||||
| from django.forms import CheckboxSelectMultiple | ||||
| from django.utils import timezone | ||||
| from django.utils.translation import gettext_lazy as _ | ||||
| @@ -57,6 +58,7 @@ class ProfileForm(forms.ModelForm): | ||||
|         self.fields['address'].widget.attrs.update({"placeholder": "4 avenue des Sciences, 91190 GIF-SUR-YVETTE"}) | ||||
|         self.fields['promotion'].widget.attrs.update({"max": timezone.now().year}) | ||||
|  | ||||
|     @transaction.atomic | ||||
|     def save(self, commit=True): | ||||
|         if not self.instance.section or (("department" in self.changed_data | ||||
|                                          or "promotion" in self.changed_data) and "section" not in self.changed_data): | ||||
| @@ -148,6 +150,7 @@ class ClubForm(forms.ModelForm): | ||||
|             "membership_fee_unpaid": AmountInput(), | ||||
|             "parent_club": Autocomplete( | ||||
|                 Club, | ||||
|                 resetable=True, | ||||
|                 attrs={ | ||||
|                     'api_url': '/api/members/club/', | ||||
|                 } | ||||
| @@ -161,7 +164,7 @@ class MembershipForm(forms.ModelForm): | ||||
|     soge = forms.BooleanField( | ||||
|         label=_("Inscription paid by Société Générale"), | ||||
|         required=False, | ||||
|         help_text=_("Check this case is the Société Générale paid the inscription."), | ||||
|         help_text=_("Check this case if the Société Générale paid the inscription."), | ||||
|     ) | ||||
|  | ||||
|     credit_type = forms.ModelChoiceField( | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| import hashlib | ||||
|   | ||||
| @@ -7,6 +7,7 @@ def create_bde_and_kfet(apps, schema_editor): | ||||
|     """ | ||||
|     Club = apps.get_model("member", "club") | ||||
|     NoteClub = apps.get_model("note", "noteclub") | ||||
|     Alias = apps.get_model("note", "alias") | ||||
|     ContentType = apps.get_model('contenttypes', 'ContentType') | ||||
|     polymorphic_ctype_id = ContentType.objects.get_for_model(NoteClub).id | ||||
|  | ||||
| @@ -45,6 +46,19 @@ def create_bde_and_kfet(apps, schema_editor): | ||||
|         polymorphic_ctype_id=polymorphic_ctype_id, | ||||
|     ) | ||||
|  | ||||
|     Alias.objects.get_or_create( | ||||
|         id=5, | ||||
|         note_id=5, | ||||
|         name="BDE", | ||||
|         normalized_name="bde", | ||||
|     ) | ||||
|     Alias.objects.get_or_create( | ||||
|         id=6, | ||||
|         note_id=6, | ||||
|         name="Kfet", | ||||
|         normalized_name="kfet", | ||||
|     ) | ||||
|  | ||||
|  | ||||
| class Migration(migrations.Migration): | ||||
|     dependencies = [ | ||||
|   | ||||
| @@ -0,0 +1,50 @@ | ||||
| import sys | ||||
|  | ||||
| from django.db import migrations | ||||
|  | ||||
|  | ||||
| def give_note_account_permissions(apps, schema_editor): | ||||
|     """ | ||||
|     Automatically manage the membership of the Note account. | ||||
|     """ | ||||
|     User = apps.get_model("auth", "user") | ||||
|     Membership = apps.get_model("member", "membership") | ||||
|     Role = apps.get_model("permission", "role") | ||||
|  | ||||
|     note = User.objects.filter(username="note") | ||||
|     if not note.exists(): | ||||
|         # We are in a test environment, don't log error message | ||||
|         if len(sys.argv) > 1 and sys.argv[1] == 'test': | ||||
|             return | ||||
|         print("Warning: Note account was not found. The note account was not imported.") | ||||
|         print("Make sure you have imported the NK15 database. The new import script handles correctly the permissions.") | ||||
|         print("This migration will be ignored, you can re-run it if you forgot the note account or ignore it if you " | ||||
|               "don't want this account.") | ||||
|         return | ||||
|  | ||||
|     note = note.get() | ||||
|  | ||||
|     # Set for the two clubs a large expiration date and the correct role. | ||||
|     for m in Membership.objects.filter(user_id=note.id).all(): | ||||
|         m.date_end = "3142-12-12" | ||||
|         m.roles.set(Role.objects.filter(name="PC Kfet").all()) | ||||
|         m.save() | ||||
|     # By default, the note account is only authorized to be logged from localhost. | ||||
|     note.password = "ipbased$127.0.0.1" | ||||
|     note.is_active = True | ||||
|     note.save() | ||||
|     # Ensure that the note of the account is disabled | ||||
|     note.note.inactivity_reason = 'forced' | ||||
|     note.note.is_active = False | ||||
|     note.save() | ||||
|  | ||||
|  | ||||
| class Migration(migrations.Migration): | ||||
|     dependencies = [ | ||||
|         ('member', '0005_remove_null_tag_on_charfields'), | ||||
|         ('permission', '0001_initial'), | ||||
|     ] | ||||
|  | ||||
|     operations = [ | ||||
|         migrations.RunPython(give_note_account_permissions), | ||||
|     ] | ||||
							
								
								
									
										23
									
								
								apps/member/migrations/0007_auto_20210313_1235.py
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										23
									
								
								apps/member/migrations/0007_auto_20210313_1235.py
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,23 @@ | ||||
| # Generated by Django 2.2.19 on 2021-03-13 11:35 | ||||
|  | ||||
| from django.db import migrations, models | ||||
|  | ||||
|  | ||||
| class Migration(migrations.Migration): | ||||
|  | ||||
|     dependencies = [ | ||||
|         ('member', '0006_create_note_account_bde_membership'), | ||||
|     ] | ||||
|  | ||||
|     operations = [ | ||||
|         migrations.AlterField( | ||||
|             model_name='membership', | ||||
|             name='roles', | ||||
|             field=models.ManyToManyField(related_name='memberships', to='permission.Role', verbose_name='roles'), | ||||
|         ), | ||||
|         migrations.AlterField( | ||||
|             model_name='profile', | ||||
|             name='promotion', | ||||
|             field=models.PositiveSmallIntegerField(default=2021, help_text='Year of entry to the school (None if not ENS student)', null=True, verbose_name='promotion'), | ||||
|         ), | ||||
|     ] | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| import datetime | ||||
| @@ -7,7 +7,7 @@ import os | ||||
| from django.conf import settings | ||||
| from django.contrib.auth.models import User | ||||
| from django.core.exceptions import ValidationError | ||||
| from django.db import models | ||||
| from django.db import models, transaction | ||||
| from django.db.models import Q | ||||
| from django.template import loader | ||||
| from django.urls import reverse, reverse_lazy | ||||
| @@ -271,6 +271,7 @@ class Club(models.Model): | ||||
|             self._force_save = True | ||||
|             self.save(force_update=True) | ||||
|  | ||||
|     @transaction.atomic | ||||
|     def save(self, force_insert=False, force_update=False, using=None, | ||||
|              update_fields=None): | ||||
|         if not self.require_memberships: | ||||
| @@ -312,6 +313,7 @@ class Membership(models.Model): | ||||
|  | ||||
|     roles = models.ManyToManyField( | ||||
|         "permission.Role", | ||||
|         related_name="memberships", | ||||
|         verbose_name=_("roles"), | ||||
|     ) | ||||
|  | ||||
| @@ -406,6 +408,7 @@ class Membership(models.Model): | ||||
|                 parent_membership.roles.set(Role.objects.filter(name="Membre de club").all()) | ||||
|             parent_membership.save() | ||||
|  | ||||
|     @transaction.atomic | ||||
|     def save(self, *args, **kwargs): | ||||
|         """ | ||||
|         Calculate fee and end date before saving the membership and creating the transaction if needed. | ||||
| @@ -475,8 +478,13 @@ class Membership(models.Model): | ||||
|                 # to treasurers. | ||||
|                 transaction.valid = False | ||||
|                 from treasury.models import SogeCredit | ||||
|                 soge_credit = SogeCredit.objects.get_or_create(user=self.user)[0] | ||||
|                 soge_credit.refresh_from_db() | ||||
|                 if SogeCredit.objects.filter(user=self.user).exists(): | ||||
|                     soge_credit = SogeCredit.objects.get(user=self.user) | ||||
|                 else: | ||||
|                     soge_credit = SogeCredit(user=self.user) | ||||
|                     soge_credit._force_save = True | ||||
|                     soge_credit.save(force_insert=True) | ||||
|                     soge_credit.refresh_from_db() | ||||
|                 transaction.save(force_insert=True) | ||||
|                 transaction.refresh_from_db() | ||||
|                 soge_credit.transactions.add(transaction) | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
|  | ||||
|   | ||||
| @@ -14,7 +14,7 @@ function create_alias (e) { | ||||
|   }).done(function () { | ||||
|     // Reload table | ||||
|     $('#alias_table').load(location.pathname + ' #alias_table') | ||||
|     addMsg('Alias ajouté', 'success') | ||||
|     addMsg(gettext('Alias successfully added'), 'success') | ||||
|   }).fail(function (xhr, _textStatus, _error) { | ||||
|     errMsg(xhr.responseJSON) | ||||
|   }) | ||||
| @@ -22,7 +22,7 @@ function create_alias (e) { | ||||
|  | ||||
| /** | ||||
|  * On click of "delete", delete the alias | ||||
|  * @param Integer button_id Alias id to remove | ||||
|  * @param button_id:Integer Alias id to remove | ||||
|  */ | ||||
| function delete_button (button_id) { | ||||
|   $.ajax({ | ||||
| @@ -30,7 +30,7 @@ function delete_button (button_id) { | ||||
|     method: 'DELETE', | ||||
|     headers: { 'X-CSRFTOKEN': CSRF_TOKEN } | ||||
|   }).done(function () { | ||||
|     addMsg('Alias supprimé', 'success') | ||||
|     addMsg(gettext('Alias successfully deleted'), 'success') | ||||
|     $('#alias_table').load(location.pathname + ' #alias_table') | ||||
|   }).fail(function (xhr, _textStatus, _error) { | ||||
|     errMsg(xhr.responseJSON) | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from datetime import date | ||||
| @@ -43,8 +43,24 @@ class UserTable(tables.Table): | ||||
|  | ||||
|     section = tables.Column(accessor='profile__section') | ||||
|  | ||||
|     # Override the column to let replace the URL | ||||
|     email = tables.EmailColumn(linkify=lambda record: "mailto:{}".format(record.email)) | ||||
|  | ||||
|     balance = tables.Column(accessor='note__balance', verbose_name=_("Balance")) | ||||
|  | ||||
|     def render_email(self, record, value): | ||||
|         # Replace the email by a dash if the user can't see the profile detail | ||||
|         # Replace also the URL | ||||
|         if not PermissionBackend.check_perm(get_current_authenticated_user(), "member.view_profile", record.profile): | ||||
|             value = "—" | ||||
|             record.email = value | ||||
|         return value | ||||
|  | ||||
|     def render_section(self, record, value): | ||||
|         return value \ | ||||
|             if PermissionBackend.check_perm(get_current_authenticated_user(), "member.view_profile", record.profile) \ | ||||
|             else "—" | ||||
|  | ||||
|     def render_balance(self, record, value): | ||||
|         return pretty_money(value)\ | ||||
|             if PermissionBackend.check_perm(get_current_authenticated_user(), "note.view_note", record.note) else "—" | ||||
| @@ -112,7 +128,7 @@ class MembershipTable(tables.Table): | ||||
|                     fee=0, | ||||
|                 ) | ||||
|                 if PermissionBackend.check_perm(get_current_authenticated_user(), | ||||
|                                                 "member:add_membership", empty_membership):  # If the user has right | ||||
|                                                 "member.add_membership", empty_membership):  # If the user has right | ||||
|                     renew_url = reverse_lazy('member:club_renew_membership', | ||||
|                                              kwargs={"pk": record.pk}) | ||||
|                     t = format_html( | ||||
|   | ||||
| @@ -13,15 +13,29 @@ SPDX-License-Identifier: GPL-3.0-or-later | ||||
|         {% if additional_fee_renewal %} | ||||
|         <div class="alert alert-warning"> | ||||
|             {% if renewal %} | ||||
|             {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %} | ||||
|             The user is not a member of the club·s {{ clubs }}. An additional fee of {{ pretty_fee }} | ||||
|             will be charged to renew automatically the membership in this/these club·s. | ||||
|             {% endblocktrans %} | ||||
|                 {% if club.name == "Kfet" %} {# Auto-renewal #} | ||||
|                     {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %} | ||||
|                     The user is not a member of the club·s {{ clubs }}. An additional fee of {{ pretty_fee }} | ||||
|                     will be charged to renew automatically the membership in this/these club·s. | ||||
|                     {% endblocktrans %} | ||||
|                 {% else %} | ||||
|                     {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %} | ||||
|                         The user is not a member of the club·s {{ clubs }}. Please create the required memberships, | ||||
|                         otherwise it will fail. | ||||
|                     {% endblocktrans %} | ||||
|                 {% endif %} | ||||
|             {% else %} | ||||
|             {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %} | ||||
|             This club has parents {{ clubs }}. An additional fee of {{ pretty_fee }} | ||||
|             will be charged to adhere automatically to this/these club·s. | ||||
|             {% endblocktrans %} | ||||
|                 {% if club.name == "Kfet" %} | ||||
|                     {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %} | ||||
|                     This club has parents {{ clubs }}. An additional fee of {{ pretty_fee }} | ||||
|                     will be charged to adhere automatically to this/these club·s. | ||||
|                     {% endblocktrans %} | ||||
|                 {% else %} | ||||
|                     {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %} | ||||
|                         This club has parents {{ clubs }}. Please make sure that the user is a member of this or these club·s, | ||||
|                         otherwise the creation of this membership will fail. | ||||
|                     {% endblocktrans %} | ||||
|                 {% endif %} | ||||
|             {% endif %} | ||||
|         </div> | ||||
|         {% endif %} | ||||
|   | ||||
| @@ -48,7 +48,7 @@ | ||||
|     <dd class="col-xl-6"> | ||||
|         <a class="badge badge-secondary" href="{% url 'member:club_alias' club.pk %}"> | ||||
|             <i class="fa fa-edit"></i> | ||||
|             {% trans 'Manage aliases' %} ({{ club.note.alias_set.all|length }}) | ||||
|             {% trans 'Manage aliases' %} ({{ club.note.alias.all|length }}) | ||||
|         </a> | ||||
|     </dd> | ||||
|  | ||||
|   | ||||
| @@ -21,33 +21,35 @@ | ||||
|     <dd class="col-xl-6"> | ||||
|         <a class="badge badge-secondary" href="{% url 'member:user_alias' user_object.pk %}"> | ||||
|             <i class="fa fa-edit"></i> | ||||
|             {% trans 'Manage aliases' %} ({{ user_object.note.alias_set.all|length }}) | ||||
|             {% trans 'Manage aliases' %} ({{ user_object.note.alias.all|length }}) | ||||
|         </a> | ||||
|     </dd> | ||||
|  | ||||
|     <dt class="col-xl-6">{% trans 'section'|capfirst %}</dt> | ||||
|     <dd class="col-xl-6">{{ user_object.profile.section }}</dd> | ||||
|     {% if "member.view_profile"|has_perm:user_object.profile %} | ||||
|         <dt class="col-xl-6">{% trans 'section'|capfirst %}</dt> | ||||
|         <dd class="col-xl-6">{{ user_object.profile.section }}</dd> | ||||
|  | ||||
|     <dt class="col-xl-6">{% trans 'email'|capfirst %}</dt> | ||||
|     <dd class="col-xl-6"><a href="mailto:{{ user_object.email }}">{{ user_object.email }}</a></dd> | ||||
|         <dt class="col-xl-6">{% trans 'email'|capfirst %}</dt> | ||||
|         <dd class="col-xl-6"><a href="mailto:{{ user_object.email }}">{{ user_object.email }}</a></dd> | ||||
|  | ||||
|     <dt class="col-xl-6">{% trans 'phone number'|capfirst %}</dt> | ||||
|     <dd class="col-xl-6"><a href="tel:{{ user_object.profile.phone_number }}">{{ user_object.profile.phone_number }}</a> | ||||
|     </dd> | ||||
|         <dt class="col-xl-6">{% trans 'phone number'|capfirst %}</dt> | ||||
|         <dd class="col-xl-6"><a href="tel:{{ user_object.profile.phone_number }}">{{ user_object.profile.phone_number }}</a> | ||||
|         </dd> | ||||
|  | ||||
|     <dt class="col-xl-6">{% trans 'address'|capfirst %}</dt> | ||||
|     <dd class="col-xl-6">{{ user_object.profile.address }}</dd> | ||||
|         <dt class="col-xl-6">{% trans 'address'|capfirst %}</dt> | ||||
|         <dd class="col-xl-6">{{ user_object.profile.address }}</dd> | ||||
|  | ||||
|     {% if "note.view_note"|has_perm:user_object.note %} | ||||
|     <dt class="col-xl-6">{% trans 'balance'|capfirst %}</dt> | ||||
|     <dd class="col-xl-6">{{ user_object.note.balance | pretty_money }}</dd> | ||||
|         {% if user_object.note and "note.view_note"|has_perm:user_object.note %} | ||||
|         <dt class="col-xl-6">{% trans 'balance'|capfirst %}</dt> | ||||
|         <dd class="col-xl-6">{{ user_object.note.balance | pretty_money }}</dd> | ||||
|  | ||||
|     <dt class="col-xl-6">{% trans 'paid'|capfirst %}</dt> | ||||
|     <dd class="col-xl-6">{{ user_object.profile.paid|yesno }}</dd> | ||||
|         <dt class="col-xl-6">{% trans 'paid'|capfirst %}</dt> | ||||
|         <dd class="col-xl-6">{{ user_object.profile.paid|yesno }}</dd> | ||||
|         {% endif %} | ||||
|     {% endif %} | ||||
| </dl> | ||||
|  | ||||
| {% if user_object.pk == user_object.pk %} | ||||
| {% if user_object.pk == user.pk %} | ||||
|     <div class="text-center"> | ||||
|         <a class="small badge badge-secondary" href="{% url 'member:auth_token' %}"> | ||||
|             <i class="fa fa-cogs"></i>{% trans 'API token' %} | ||||
|   | ||||
| @@ -5,7 +5,7 @@ SPDX-License-Identifier: GPL-3.0-or-later | ||||
| {% load i18n perms %} | ||||
|  | ||||
| {% block content %} | ||||
| {% if "member.change_profile_registration_valid"|has_perm:user %} | ||||
| {% if can_manage_registrations %} | ||||
| <a class="btn btn-block btn-secondary mb-3" href="{% url 'registration:future_user_list' %}"> | ||||
|     <i class="fa fa-user-plus"></i> {% trans "Registrations" %} | ||||
| </a> | ||||
|   | ||||
							
								
								
									
										0
									
								
								apps/member/templatetags/__init__.py
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										0
									
								
								apps/member/templatetags/__init__.py
									
									
									
									
									
										Normal file
									
								
							
							
								
								
									
										22
									
								
								apps/member/templatetags/memberinfo.py
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										22
									
								
								apps/member/templatetags/memberinfo.py
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,22 @@ | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from datetime import date | ||||
|  | ||||
| from django import template | ||||
| from django.contrib.auth.models import User | ||||
|  | ||||
| from ..models import Club, Membership | ||||
|  | ||||
|  | ||||
| def is_member(user, club): | ||||
|     if isinstance(user, str): | ||||
|         club = User.objects.get(username=user) | ||||
|     if isinstance(club, str): | ||||
|         club = Club.objects.get(name=club) | ||||
|     return Membership.objects\ | ||||
|         .filter(user=user, club=club, date_start__lte=date.today(), date_end__gte=date.today()).exists() | ||||
|  | ||||
|  | ||||
| register = template.Library() | ||||
| register.filter("is_member", is_member) | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
| from django.conf import settings | ||||
| from django.contrib.auth.models import User | ||||
| @@ -41,7 +41,7 @@ class TemplateLoggedInTests(TestCase): | ||||
|             password="adminadmin", | ||||
|             permission_mask=3, | ||||
|         )) | ||||
|         self.assertRedirects(response, settings.LOGIN_REDIRECT_URL, 302, 200) | ||||
|         self.assertRedirects(response, settings.LOGIN_REDIRECT_URL, 302, 302) | ||||
|  | ||||
|     def test_logout(self): | ||||
|         response = self.client.get(reverse("logout")) | ||||
|   | ||||
| @@ -1,21 +1,24 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| import hashlib | ||||
| import os | ||||
| from datetime import date, timedelta | ||||
|  | ||||
| from api.tests import TestAPI | ||||
| from django.contrib.auth.models import User | ||||
| from django.core.files.uploadedfile import SimpleUploadedFile | ||||
| from django.db.models import Q | ||||
| from django.test import TestCase | ||||
| from django.urls import reverse | ||||
| from django.utils import timezone | ||||
| from member.models import Club, Membership, Profile | ||||
| from note.models import Alias, NoteSpecial | ||||
| from permission.models import Role | ||||
| from treasury.models import SogeCredit | ||||
|  | ||||
| from ..api.views import ClubViewSet, MembershipViewSet, ProfileViewSet | ||||
| from ..models import Club, Membership, Profile | ||||
|  | ||||
| """ | ||||
| Create some users and clubs and test that all pages are rendering properly | ||||
| and that memberships are working. | ||||
| @@ -205,7 +208,7 @@ class TestMemberships(TestCase): | ||||
|                 first_name="Toto", | ||||
|                 bank="Le matelas", | ||||
|             )) | ||||
|             self.assertRedirects(response, club.get_absolute_url(), 302, 200) | ||||
|             self.assertRedirects(response, user.profile.get_absolute_url(), 302, 200) | ||||
|  | ||||
|             self.assertTrue(Membership.objects.filter(user=user, club=club).exists()) | ||||
|  | ||||
| @@ -244,9 +247,9 @@ class TestMemberships(TestCase): | ||||
|                 first_name="Toto", | ||||
|                 bank="Bank", | ||||
|             )) | ||||
|             self.assertRedirects(response, club.get_absolute_url(), 302, 200) | ||||
|             self.assertRedirects(response, user.profile.get_absolute_url(), 302, 200) | ||||
|  | ||||
|             response = self.client.get(user.profile.get_absolute_url()) | ||||
|             response = self.client.get(club.get_absolute_url()) | ||||
|             self.assertEqual(response.status_code, 200) | ||||
|  | ||||
|     def test_auto_join_kfet_when_join_bde_with_soge(self): | ||||
| @@ -273,7 +276,7 @@ class TestMemberships(TestCase): | ||||
|             first_name="Toto", | ||||
|             bank="Société générale", | ||||
|         )) | ||||
|         self.assertRedirects(response, bde.get_absolute_url(), 302, 200) | ||||
|         self.assertRedirects(response, user.profile.get_absolute_url(), 302, 200) | ||||
|  | ||||
|         self.assertTrue(Membership.objects.filter(user=user, club=bde).exists()) | ||||
|         self.assertTrue(Membership.objects.filter(user=user, club=kfet).exists()) | ||||
| @@ -403,3 +406,46 @@ class TestMemberships(TestCase): | ||||
|         self.user.password = "custom_nk15$1$" + salt + "|" + hashed | ||||
|         self.user.save() | ||||
|         self.assertTrue(self.user.check_password(password)) | ||||
|  | ||||
|  | ||||
| class TestMemberAPI(TestAPI): | ||||
|     def setUp(self) -> None: | ||||
|         super().setUp() | ||||
|  | ||||
|         self.user.profile.registration_valid = True | ||||
|         self.user.profile.email_confirmed = True | ||||
|         self.user.profile.phone_number = "0600000000" | ||||
|         self.user.profile.section = "1A0" | ||||
|         self.user.profile.department = "A0" | ||||
|         self.user.profile.address = "Earth" | ||||
|         self.user.profile.save() | ||||
|  | ||||
|         self.club = Club.objects.create( | ||||
|             name="totoclub", | ||||
|             parent_club=Club.objects.get(name="BDE"), | ||||
|             membership_start=date(year=1970, month=1, day=1), | ||||
|             membership_end=date(year=2040, month=1, day=1), | ||||
|             membership_duration=365 * 10, | ||||
|         ) | ||||
|         self.bde_membership = Membership.objects.create(user=self.user, club=Club.objects.get(name="BDE")) | ||||
|         self.membership = Membership.objects.create(user=self.user, club=self.club) | ||||
|         self.membership.roles.add(Role.objects.get(name="Bureau de club")) | ||||
|         self.membership.save() | ||||
|  | ||||
|     def test_club_api(self): | ||||
|         """ | ||||
|         Load Club API page and test all filters and permissions | ||||
|         """ | ||||
|         self.check_viewset(ClubViewSet, "/api/members/club/") | ||||
|  | ||||
|     def test_profile_api(self): | ||||
|         """ | ||||
|         Load Profile API page and test all filters and permissions | ||||
|         """ | ||||
|         self.check_viewset(ProfileViewSet, "/api/members/profile/") | ||||
|  | ||||
|     def test_membership_api(self): | ||||
|         """ | ||||
|         Load Membership API page and test all filters and permissions | ||||
|         """ | ||||
|         self.check_viewset(MembershipViewSet, "/api/members/membership/") | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.urls import path | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from datetime import timedelta, date | ||||
| @@ -38,6 +38,7 @@ class CustomLoginView(LoginView): | ||||
|     """ | ||||
|     form_class = CustomAuthenticationForm | ||||
|  | ||||
|     @transaction.atomic | ||||
|     def form_valid(self, form): | ||||
|         logout(self.request) | ||||
|         _set_current_user_and_ip(form.get_user(), self.request.session, None) | ||||
| @@ -69,13 +70,15 @@ class UserUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView): | ||||
|         form.fields['email'].required = True | ||||
|         form.fields['email'].help_text = _("This address must be valid.") | ||||
|  | ||||
|         context['profile_form'] = self.profile_form(instance=context['user_object'].profile, | ||||
|                                                     data=self.request.POST if self.request.POST else None) | ||||
|         if not self.object.profile.report_frequency: | ||||
|             del context['profile_form'].fields["last_report"] | ||||
|         if PermissionBackend.check_perm(self.request.user, "member.change_profile", context['user_object'].profile): | ||||
|             context['profile_form'] = self.profile_form(instance=context['user_object'].profile, | ||||
|                                                         data=self.request.POST if self.request.POST else None) | ||||
|             if not self.object.profile.report_frequency: | ||||
|                 del context['profile_form'].fields["last_report"] | ||||
|  | ||||
|         return context | ||||
|  | ||||
|     @transaction.atomic | ||||
|     def form_valid(self, form): | ||||
|         """ | ||||
|         Check if ProfileForm is correct | ||||
| @@ -155,8 +158,12 @@ class UserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView): | ||||
|         history_table.paginate(per_page=20, page=self.request.GET.get("transaction-page", 1)) | ||||
|         context['history_list'] = history_table | ||||
|  | ||||
|         club_list = Membership.objects.filter(user=user, date_end__gte=date.today())\ | ||||
|             .filter(PermissionBackend.filter_queryset(self.request.user, Membership, "view")) | ||||
|         club_list = Membership.objects.filter(user=user, date_end__gte=date.today() - timedelta(days=15))\ | ||||
|             .filter(PermissionBackend.filter_queryset(self.request.user, Membership, "view"))\ | ||||
|             .order_by("club__name", "-date_start") | ||||
|         # Display only the most recent membership | ||||
|         club_list = club_list.distinct("club__name")\ | ||||
|             if settings.DATABASES["default"]["ENGINE"] == 'django.db.backends.postgresql' else club_list | ||||
|         membership_table = MembershipTable(data=club_list, prefix='membership-') | ||||
|         membership_table.paginate(per_page=10, page=self.request.GET.get("membership-page", 1)) | ||||
|         context['club_list'] = membership_table | ||||
| @@ -164,6 +171,8 @@ class UserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView): | ||||
|         # Check permissions to see if the authenticated user can lock/unlock the note | ||||
|         with transaction.atomic(): | ||||
|             modified_note = NoteUser.objects.get(pk=user.note.pk) | ||||
|             # Don't log these tests | ||||
|             modified_note._no_signal = True | ||||
|             modified_note.is_active = True | ||||
|             modified_note.inactivity_reason = 'manual' | ||||
|             context["can_lock_note"] = user.note.is_active and PermissionBackend\ | ||||
| @@ -176,6 +185,7 @@ class UserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView): | ||||
|             context["can_force_lock"] = user.note.is_active and PermissionBackend\ | ||||
|                 .check_perm(self.request.user, "note.change_note_is_active", modified_note) | ||||
|             old_note._force_save = True | ||||
|             old_note._no_signal = True | ||||
|             old_note.save() | ||||
|             modified_note.refresh_from_db() | ||||
|             modified_note.is_active = True | ||||
| @@ -225,6 +235,13 @@ class UserListView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTableView): | ||||
|  | ||||
|         return qs | ||||
|  | ||||
|     def get_context_data(self, **kwargs): | ||||
|         context = super().get_context_data(**kwargs) | ||||
|         pre_registered_users = User.objects.filter(PermissionBackend.filter_queryset(self.request.user, User, "view"))\ | ||||
|             .filter(profile__registration_valid=False) | ||||
|         context["can_manage_registrations"] = pre_registered_users.exists() | ||||
|         return context | ||||
|  | ||||
|  | ||||
| class ProfileAliasView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView): | ||||
|     """ | ||||
| @@ -238,8 +255,8 @@ class ProfileAliasView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView): | ||||
|     def get_context_data(self, **kwargs): | ||||
|         context = super().get_context_data(**kwargs) | ||||
|         note = context['object'].note | ||||
|         context["aliases"] = AliasTable(note.alias_set.filter(PermissionBackend | ||||
|                                                               .filter_queryset(self.request.user, Alias, "view")).all()) | ||||
|         context["aliases"] = AliasTable( | ||||
|             note.alias.filter(PermissionBackend.filter_queryset(self.request.user, Alias, "view")).distinct().all()) | ||||
|         context["can_create"] = PermissionBackend.check_perm(self.request.user, "note.add_alias", Alias( | ||||
|             note=context["object"].note, | ||||
|             name="", | ||||
| @@ -269,6 +286,7 @@ class PictureUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, FormMixin, Det | ||||
|         self.object = self.get_object() | ||||
|         return self.form_valid(form) if form.is_valid() else self.form_invalid(form) | ||||
|  | ||||
|     @transaction.atomic | ||||
|     def form_valid(self, form): | ||||
|         """Save image to note""" | ||||
|         image = form.cleaned_data['image'] | ||||
| @@ -389,7 +407,8 @@ class ClubDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView): | ||||
|         if PermissionBackend.check_perm(self.request.user, "member.change_club_membership_start", club): | ||||
|             club.update_membership_dates() | ||||
|         # managers list | ||||
|         managers = Membership.objects.filter(club=self.object, roles__name="Bureau de club")\ | ||||
|         managers = Membership.objects.filter(club=self.object, roles__name="Bureau de club", | ||||
|                                              date_start__lte=date.today(), date_end__gte=date.today())\ | ||||
|             .order_by('user__last_name').all() | ||||
|         context["managers"] = ClubManagerTable(data=managers, prefix="managers-") | ||||
|         # transaction history | ||||
| @@ -402,8 +421,12 @@ class ClubDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView): | ||||
|         # member list | ||||
|         club_member = Membership.objects.filter( | ||||
|             club=club, | ||||
|             date_end__gte=date.today(), | ||||
|         ).filter(PermissionBackend.filter_queryset(self.request.user, Membership, "view")) | ||||
|             date_end__gte=date.today() - timedelta(days=15), | ||||
|         ).filter(PermissionBackend.filter_queryset(self.request.user, Membership, "view"))\ | ||||
|             .order_by("user__username", "-date_start") | ||||
|         # Display only the most recent membership | ||||
|         club_member = club_member.distinct("user__username")\ | ||||
|             if settings.DATABASES["default"]["ENGINE"] == 'django.db.backends.postgresql' else club_member | ||||
|  | ||||
|         membership_table = MembershipTable(data=club_member, prefix="membership-") | ||||
|         membership_table.paginate(per_page=5, page=self.request.GET.get('membership-page', 1)) | ||||
| @@ -435,8 +458,8 @@ class ClubAliasView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView): | ||||
|     def get_context_data(self, **kwargs): | ||||
|         context = super().get_context_data(**kwargs) | ||||
|         note = context['object'].note | ||||
|         context["aliases"] = AliasTable(note.alias_set.filter(PermissionBackend | ||||
|                                                               .filter_queryset(self.request.user, Alias, "view")).all()) | ||||
|         context["aliases"] = AliasTable(note.alias.filter( | ||||
|             PermissionBackend.filter_queryset(self.request.user, Alias, "view")).distinct().all()) | ||||
|         context["can_create"] = PermissionBackend.check_perm(self.request.user, "note.add_alias", Alias( | ||||
|             note=context["object"].note, | ||||
|             name="", | ||||
| @@ -602,11 +625,11 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView): | ||||
|         # Retrieve form data | ||||
|         credit_type = form.cleaned_data["credit_type"] | ||||
|         credit_amount = form.cleaned_data["credit_amount"] | ||||
|         last_name = form.cleaned_data["last_name"] | ||||
|         first_name = form.cleaned_data["first_name"] | ||||
|         bank = form.cleaned_data["bank"] | ||||
|         soge = form.cleaned_data["soge"] and not user.profile.soge and (club.name == "BDE" or club.name == "Kfet") | ||||
|  | ||||
|         if not credit_type: | ||||
|             credit_amount = 0 | ||||
|  | ||||
|         if not soge and user.note.balance + credit_amount < fee and not Membership.objects.filter( | ||||
|                 club__name="Kfet", | ||||
|                 user=user, | ||||
| @@ -628,6 +651,16 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView): | ||||
|             form.add_error('user', _('User is already a member of the club')) | ||||
|             error = True | ||||
|  | ||||
|         # Must join the parent club before joining this club, except for the Kfet club where it can be at the same time. | ||||
|         if club.name != "Kfet" and club.parent_club and not Membership.objects.filter( | ||||
|                 user=form.instance.user, | ||||
|                 club=club.parent_club, | ||||
|                 date_start__lte=timezone.now(), | ||||
|                 date_end__gte=club.parent_club.membership_end, | ||||
|         ).exists(): | ||||
|             form.add_error('user', _('User is not a member of the parent club') + ' ' + club.parent_club.name) | ||||
|             error = True | ||||
|  | ||||
|         if club.membership_start and form.instance.date_start < club.membership_start: | ||||
|             form.add_error('user', _("The membership must start after {:%m-%d-%Y}.") | ||||
|                            .format(form.instance.club.membership_start)) | ||||
| @@ -638,18 +671,13 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView): | ||||
|                            .format(form.instance.club.membership_end)) | ||||
|             error = True | ||||
|  | ||||
|         if credit_amount: | ||||
|             if not last_name or not first_name or (not bank and credit_type.special_type == "Chèque"): | ||||
|                 if not last_name: | ||||
|                     form.add_error('last_name', _("This field is required.")) | ||||
|                 if not first_name: | ||||
|                     form.add_error('first_name', _("This field is required.")) | ||||
|                 if not bank and credit_type.special_type == "Chèque": | ||||
|                     form.add_error('bank', _("This field is required.")) | ||||
|                 return self.form_invalid(form) | ||||
|         if credit_amount and not SpecialTransaction.validate_payment_form(form): | ||||
|             # Check that special information for payment are filled | ||||
|             error = True | ||||
|  | ||||
|         return not error | ||||
|  | ||||
|     @transaction.atomic | ||||
|     def form_valid(self, form): | ||||
|         """ | ||||
|         Create membership, check that all is good, make transactions | ||||
| @@ -659,6 +687,7 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView): | ||||
|             club = Club.objects.filter(PermissionBackend.filter_queryset(self.request.user, Club, "view")) \ | ||||
|                 .get(pk=self.kwargs["club_pk"]) | ||||
|             user = form.instance.user | ||||
|             old_membership = None | ||||
|         else:  # get from url for renewal | ||||
|             old_membership = self.get_queryset().get(pk=self.kwargs["pk"]) | ||||
|             club = old_membership.club | ||||
| @@ -706,6 +735,7 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView): | ||||
|             # When we renew the BDE membership, we update the profile section | ||||
|             # that should happens at least once a year. | ||||
|             user.profile.section = user.profile.section_generated | ||||
|             user.profile._force_save = True | ||||
|             user.profile.save() | ||||
|  | ||||
|         # Credit note before the membership is created. | ||||
| @@ -733,6 +763,9 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView): | ||||
|         member_role = Role.objects.filter(Q(name="Adhérent BDE") | Q(name="Membre de club")).all() \ | ||||
|             if club.name == "BDE" else Role.objects.filter(Q(name="Adhérent Kfet") | Q(name="Membre de club")).all() \ | ||||
|             if club.name == "Kfet"else Role.objects.filter(name="Membre de club").all() | ||||
|         # Set the same roles as before | ||||
|         if old_membership: | ||||
|             member_role = member_role.union(old_membership.roles.all()) | ||||
|         form.instance.roles.set(member_role) | ||||
|         form.instance._force_save = True | ||||
|         form.instance.save() | ||||
| @@ -770,7 +803,7 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView): | ||||
|         return ret | ||||
|  | ||||
|     def get_success_url(self): | ||||
|         return reverse_lazy('member:club_detail', kwargs={'pk': self.object.club.id}) | ||||
|         return reverse_lazy('member:user_detail', kwargs={'pk': self.object.user.id}) | ||||
|  | ||||
|  | ||||
| class ClubManageRolesView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView): | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| default_app_config = 'note.apps.NoteConfig' | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.contrib import admin | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.conf import settings | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from .views import NotePolymorphicViewSet, AliasViewSet, ConsumerViewSet, \ | ||||
|   | ||||
| @@ -1,5 +1,6 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.conf import settings | ||||
| from django.db.models import Q | ||||
| from django.core.exceptions import ValidationError | ||||
| @@ -14,29 +15,37 @@ from permission.backends import PermissionBackend | ||||
|  | ||||
| from .serializers import NotePolymorphicSerializer, AliasSerializer, ConsumerSerializer,\ | ||||
|     TemplateCategorySerializer, TransactionTemplateSerializer, TransactionPolymorphicSerializer | ||||
| from ..models.notes import Note, Alias | ||||
| from ..models.notes import Note, Alias, NoteUser, NoteClub, NoteSpecial | ||||
| from ..models.transactions import TransactionTemplate, Transaction, TemplateCategory | ||||
|  | ||||
|  | ||||
| class NotePolymorphicViewSet(ReadProtectedModelViewSet): | ||||
|     """ | ||||
|     REST API View set. | ||||
|     The djangorestframework plugin will get all `Note` objects (with polymorhism), serialize it to JSON with the given serializer, | ||||
|     The djangorestframework plugin will get all `Note` objects (with polymorhism), | ||||
|     serialize it to JSON with the given serializer, | ||||
|     then render it on /api/note/note/ | ||||
|     """ | ||||
|     queryset = Note.objects.all() | ||||
|     queryset = Note.objects.order_by('id') | ||||
|     serializer_class = NotePolymorphicSerializer | ||||
|     filter_backends = [DjangoFilterBackend, SearchFilter, OrderingFilter] | ||||
|     filterset_fields = ['polymorphic_ctype', 'is_active', ] | ||||
|     search_fields = ['$alias__normalized_name', '$alias__name', '$polymorphic_ctype__model', ] | ||||
|     ordering_fields = ['alias__name', 'alias__normalized_name'] | ||||
|     filterset_fields = ['alias__name', 'polymorphic_ctype', 'is_active', 'balance', 'last_negative', 'created_at', ] | ||||
|     search_fields = ['$alias__normalized_name', '$alias__name', '$polymorphic_ctype__model', | ||||
|                      '$noteuser__user__last_name', '$noteuser__user__first_name', '$noteuser__user__email', | ||||
|                      '$noteuser__user__email', '$noteclub__club__email', ] | ||||
|     ordering_fields = ['alias__name', 'alias__normalized_name', 'balance', 'created_at', ] | ||||
|  | ||||
|     def get_queryset(self): | ||||
|         """ | ||||
|         Parse query and apply filters. | ||||
|         :return: The filtered set of requested notes | ||||
|         """ | ||||
|         queryset = super().get_queryset().distinct() | ||||
|         user = self.request.user | ||||
|         get_current_session().setdefault("permission_mask", 42) | ||||
|         queryset = self.queryset.filter(PermissionBackend.filter_queryset(user, Note, "view") | ||||
|                                         | PermissionBackend.filter_queryset(user, NoteUser, "view") | ||||
|                                         | PermissionBackend.filter_queryset(user, NoteClub, "view") | ||||
|                                         | PermissionBackend.filter_queryset(user, NoteSpecial, "view")).distinct() | ||||
|  | ||||
|         alias = self.request.query_params.get("alias", ".*") | ||||
|         queryset = queryset.filter( | ||||
| @@ -54,17 +63,18 @@ class AliasViewSet(ReadProtectedModelViewSet): | ||||
|     The djangorestframework plugin will get all `Alias` objects, serialize it to JSON with the given serializer, | ||||
|     then render it on /api/aliases/ | ||||
|     """ | ||||
|     queryset = Alias.objects.all() | ||||
|     queryset = Alias.objects | ||||
|     serializer_class = AliasSerializer | ||||
|     filter_backends = [SearchFilter, OrderingFilter] | ||||
|     filter_backends = [SearchFilter, DjangoFilterBackend, OrderingFilter] | ||||
|     search_fields = ['$normalized_name', '$name', '$note__polymorphic_ctype__model', ] | ||||
|     ordering_fields = ['name', 'normalized_name'] | ||||
|     filterset_fields = ['note', 'note__noteuser__user', 'note__noteclub__club', 'note__polymorphic_ctype__model', ] | ||||
|     ordering_fields = ['name', 'normalized_name', ] | ||||
|  | ||||
|     def get_serializer_class(self): | ||||
|         serializer_class = self.serializer_class | ||||
|         if self.request.method in ['PUT', 'PATCH']: | ||||
|             # alias owner cannot be change once establish | ||||
|             setattr(serializer_class.Meta, 'read_only_fields', ('note',)) | ||||
|             serializer_class.Meta.read_only_fields = ('note',) | ||||
|         return serializer_class | ||||
|  | ||||
|     def destroy(self, request, *args, **kwargs): | ||||
| @@ -72,7 +82,7 @@ class AliasViewSet(ReadProtectedModelViewSet): | ||||
|         try: | ||||
|             self.perform_destroy(instance) | ||||
|         except ValidationError as e: | ||||
|             return Response({e.code: e.message}, status.HTTP_400_BAD_REQUEST) | ||||
|             return Response({e.code: str(e)}, status.HTTP_400_BAD_REQUEST) | ||||
|         return Response(status=status.HTTP_204_NO_CONTENT) | ||||
|  | ||||
|     def get_queryset(self): | ||||
| @@ -104,11 +114,12 @@ class AliasViewSet(ReadProtectedModelViewSet): | ||||
|  | ||||
|  | ||||
| class ConsumerViewSet(ReadOnlyProtectedModelViewSet): | ||||
|     queryset = Alias.objects.all() | ||||
|     queryset = Alias.objects | ||||
|     serializer_class = ConsumerSerializer | ||||
|     filter_backends = [SearchFilter, OrderingFilter] | ||||
|     filter_backends = [SearchFilter, OrderingFilter, DjangoFilterBackend] | ||||
|     search_fields = ['$normalized_name', '$name', '$note__polymorphic_ctype__model', ] | ||||
|     ordering_fields = ['name', 'normalized_name'] | ||||
|     filterset_fields = ['note', 'note__noteuser__user', 'note__noteclub__club', 'note__polymorphic_ctype__model', ] | ||||
|     ordering_fields = ['name', 'normalized_name', ] | ||||
|  | ||||
|     def get_queryset(self): | ||||
|         """ | ||||
| @@ -116,29 +127,31 @@ class ConsumerViewSet(ReadOnlyProtectedModelViewSet): | ||||
|         :return: The filtered set of requested aliases | ||||
|         """ | ||||
|  | ||||
|         queryset = super().get_queryset() | ||||
|         queryset = super().get_queryset().distinct() | ||||
|         # Sqlite doesn't support ORDER BY in subqueries | ||||
|         queryset = queryset.order_by("name") \ | ||||
|             if settings.DATABASES[queryset.db]["ENGINE"] == 'django.db.backends.postgresql' else queryset | ||||
|  | ||||
|         alias = self.request.query_params.get("alias", ".*") | ||||
|         alias = self.request.query_params.get("alias", None) | ||||
|         queryset = queryset.prefetch_related('note') | ||||
|         # We match first an alias if it is matched without normalization, | ||||
|         # then if the normalized pattern matches a normalized alias. | ||||
|         queryset = queryset.filter( | ||||
|             name__iregex="^" + alias | ||||
|         ).union( | ||||
|             queryset.filter( | ||||
|                 Q(normalized_name__iregex="^" + Alias.normalize(alias)) | ||||
|                 & ~Q(name__iregex="^" + alias) | ||||
|             ), | ||||
|             all=True).union( | ||||
|             queryset.filter( | ||||
|                 Q(normalized_name__iregex="^" + alias.lower()) | ||||
|                 & ~Q(normalized_name__iregex="^" + Alias.normalize(alias)) | ||||
|                 & ~Q(name__iregex="^" + alias) | ||||
|             ), | ||||
|             all=True) | ||||
|  | ||||
|         if alias: | ||||
|             # We match first an alias if it is matched without normalization, | ||||
|             # then if the normalized pattern matches a normalized alias. | ||||
|             queryset = queryset.filter( | ||||
|                 name__iregex="^" + alias | ||||
|             ).union( | ||||
|                 queryset.filter( | ||||
|                     Q(normalized_name__iregex="^" + Alias.normalize(alias)) | ||||
|                     & ~Q(name__iregex="^" + alias) | ||||
|                 ), | ||||
|                 all=True).union( | ||||
|                 queryset.filter( | ||||
|                     Q(normalized_name__iregex="^" + alias.lower()) | ||||
|                     & ~Q(normalized_name__iregex="^" + Alias.normalize(alias)) | ||||
|                     & ~Q(name__iregex="^" + alias) | ||||
|                 ), | ||||
|                 all=True) | ||||
|  | ||||
|         queryset = queryset if settings.DATABASES[queryset.db]["ENGINE"] == 'django.db.backends.postgresql' \ | ||||
|             else queryset.order_by("name") | ||||
| @@ -152,10 +165,11 @@ class TemplateCategoryViewSet(ReadProtectedModelViewSet): | ||||
|     The djangorestframework plugin will get all `TemplateCategory` objects, serialize it to JSON with the given serializer, | ||||
|     then render it on /api/note/transaction/category/ | ||||
|     """ | ||||
|     queryset = TemplateCategory.objects.order_by("name").all() | ||||
|     queryset = TemplateCategory.objects.order_by('name') | ||||
|     serializer_class = TemplateCategorySerializer | ||||
|     filter_backends = [SearchFilter] | ||||
|     search_fields = ['$name', ] | ||||
|     filter_backends = [DjangoFilterBackend, SearchFilter] | ||||
|     filterset_fields = ['name', 'templates', 'templates__name'] | ||||
|     search_fields = ['$name', '$templates__name', ] | ||||
|  | ||||
|  | ||||
| class TransactionTemplateViewSet(viewsets.ModelViewSet): | ||||
| @@ -164,11 +178,12 @@ class TransactionTemplateViewSet(viewsets.ModelViewSet): | ||||
|     The djangorestframework plugin will get all `TransactionTemplate` objects, serialize it to JSON with the given serializer, | ||||
|     then render it on /api/note/transaction/template/ | ||||
|     """ | ||||
|     queryset = TransactionTemplate.objects.order_by("name").all() | ||||
|     queryset = TransactionTemplate.objects.order_by('name') | ||||
|     serializer_class = TransactionTemplateSerializer | ||||
|     filter_backends = [SearchFilter, DjangoFilterBackend] | ||||
|     filterset_fields = ['name', 'amount', 'display', 'category', ] | ||||
|     search_fields = ['$name', ] | ||||
|     filter_backends = [SearchFilter, DjangoFilterBackend, OrderingFilter] | ||||
|     filterset_fields = ['name', 'amount', 'display', 'category', 'category__name', ] | ||||
|     search_fields = ['$name', '$category__name', ] | ||||
|     ordering_fields = ['amount', ] | ||||
|  | ||||
|  | ||||
| class TransactionViewSet(ReadProtectedModelViewSet): | ||||
| @@ -177,10 +192,17 @@ class TransactionViewSet(ReadProtectedModelViewSet): | ||||
|     The djangorestframework plugin will get all `Transaction` objects, serialize it to JSON with the given serializer, | ||||
|     then render it on /api/note/transaction/transaction/ | ||||
|     """ | ||||
|     queryset = Transaction.objects.order_by("-created_at").all() | ||||
|     queryset = Transaction.objects.order_by('-created_at') | ||||
|     serializer_class = TransactionPolymorphicSerializer | ||||
|     filter_backends = [SearchFilter] | ||||
|     search_fields = ['$reason', ] | ||||
|     filter_backends = [SearchFilter, DjangoFilterBackend, OrderingFilter] | ||||
|     filterset_fields = ['source', 'source_alias', 'source__alias__name', 'source__alias__normalized_name', | ||||
|                         'destination', 'destination_alias', 'destination__alias__name', | ||||
|                         'destination__alias__normalized_name', 'quantity', 'polymorphic_ctype', 'amount', | ||||
|                         'created_at', 'valid', 'invalidity_reason', ] | ||||
|     search_fields = ['$reason', '$source_alias', '$source__alias__name', '$source__alias__normalized_name', | ||||
|                      '$destination_alias', '$destination__alias__name', '$destination__alias__normalized_name', | ||||
|                      '$invalidity_reason', ] | ||||
|     ordering_fields = ['created_at', 'amount', ] | ||||
|  | ||||
|     def get_queryset(self): | ||||
|         user = self.request.user | ||||
|   | ||||
| @@ -1,9 +1,9 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.apps import AppConfig | ||||
| from django.conf import settings | ||||
| from django.db.models.signals import post_save, pre_delete | ||||
| from django.db.models.signals import pre_delete, pre_save, post_save | ||||
| from django.utils.translation import gettext_lazy as _ | ||||
|  | ||||
| from . import signals | ||||
| @@ -17,6 +17,15 @@ class NoteConfig(AppConfig): | ||||
|         """ | ||||
|         Define app internal signals to interact with other apps | ||||
|         """ | ||||
|         pre_save.connect( | ||||
|             signals.pre_save_note, | ||||
|             sender="note.noteuser", | ||||
|         ) | ||||
|         pre_save.connect( | ||||
|             signals.pre_save_note, | ||||
|             sender="note.noteclub", | ||||
|         ) | ||||
|  | ||||
|         post_save.connect( | ||||
|             signals.save_user_note, | ||||
|             sender=settings.AUTH_USER_MODEL, | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
| from datetime import datetime | ||||
|  | ||||
|   | ||||
							
								
								
									
										19
									
								
								apps/note/migrations/0005_auto_20210313_1235.py
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								apps/note/migrations/0005_auto_20210313_1235.py
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,19 @@ | ||||
| # Generated by Django 2.2.19 on 2021-03-13 11:35 | ||||
|  | ||||
| from django.db import migrations, models | ||||
| import django.db.models.deletion | ||||
|  | ||||
|  | ||||
| class Migration(migrations.Migration): | ||||
|  | ||||
|     dependencies = [ | ||||
|         ('note', '0004_remove_null_tag_on_charfields'), | ||||
|     ] | ||||
|  | ||||
|     operations = [ | ||||
|         migrations.AlterField( | ||||
|             model_name='alias', | ||||
|             name='note', | ||||
|             field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='alias', to='note.Note'), | ||||
|         ), | ||||
|     ] | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from .notes import Alias, Note, NoteClub, NoteSpecial, NoteUser | ||||
|   | ||||
| @@ -1,14 +1,13 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| import unicodedata | ||||
|  | ||||
| from django.conf import settings | ||||
| from django.conf.global_settings import DEFAULT_FROM_EMAIL | ||||
| from django.core.exceptions import ValidationError | ||||
| from django.core.mail import send_mail | ||||
| from django.core.validators import RegexValidator | ||||
| from django.db import models | ||||
| from django.db import models, transaction | ||||
| from django.template.loader import render_to_string | ||||
| from django.utils import timezone | ||||
| from django.utils.translation import gettext_lazy as _ | ||||
| @@ -93,6 +92,7 @@ class Note(PolymorphicModel): | ||||
|         delta = timezone.now() - self.last_negative | ||||
|         return "{:d} jours".format(delta.days) | ||||
|  | ||||
|     @transaction.atomic | ||||
|     def save(self, *args, **kwargs): | ||||
|         """ | ||||
|         Save note with it's alias (called in polymorphic children) | ||||
| @@ -108,12 +108,16 @@ class Note(PolymorphicModel): | ||||
|  | ||||
|             # Save alias | ||||
|             a.note = self | ||||
|             # Consider that if the name of the note could be changed, then the alias can be created. | ||||
|             # It does not mean that any alias can be created. | ||||
|             a._force_save = True | ||||
|             a.save(force_insert=True) | ||||
|         else: | ||||
|             # Check if the name of the note changed without changing the normalized form of the alias | ||||
|             alias = Alias.objects.get(normalized_name=Alias.normalize(str(self))) | ||||
|             if alias.name != str(self): | ||||
|                 alias.name = str(self) | ||||
|                 alias._force_save = True | ||||
|                 alias.save() | ||||
|  | ||||
|     def clean(self, *args, **kwargs): | ||||
| @@ -154,19 +158,6 @@ class NoteUser(Note): | ||||
|     def pretty(self): | ||||
|         return _("%(user)s's note") % {'user': str(self.user)} | ||||
|  | ||||
|     def save(self, *args, **kwargs): | ||||
|         if self.pk and self.balance < 0: | ||||
|             old_note = NoteUser.objects.get(pk=self.pk) | ||||
|             super().save(*args, **kwargs) | ||||
|             if old_note.balance >= 0: | ||||
|                 # Passage en négatif | ||||
|                 self.last_negative = timezone.now() | ||||
|                 self._force_save = True | ||||
|                 self.save(*args, **kwargs) | ||||
|                 self.send_mail_negative_balance() | ||||
|         else: | ||||
|             super().save(*args, **kwargs) | ||||
|  | ||||
|     def send_mail_negative_balance(self): | ||||
|         plain_text = render_to_string("note/mails/negative_balance.txt", dict(note=self)) | ||||
|         html = render_to_string("note/mails/negative_balance.html", dict(note=self)) | ||||
| @@ -195,24 +186,11 @@ class NoteClub(Note): | ||||
|     def pretty(self): | ||||
|         return _("Note of %(club)s club") % {'club': str(self.club)} | ||||
|  | ||||
|     def save(self, *args, **kwargs): | ||||
|         if self.pk and self.balance < 0: | ||||
|             old_note = NoteClub.objects.get(pk=self.pk) | ||||
|             super().save(*args, **kwargs) | ||||
|             if old_note.balance >= 0: | ||||
|                 # Passage en négatif | ||||
|                 self.last_negative = timezone.now() | ||||
|                 self._force_save = True | ||||
|                 self.save(*args, **kwargs) | ||||
|                 self.send_mail_negative_balance() | ||||
|         else: | ||||
|             super().save(*args, **kwargs) | ||||
|  | ||||
|     def send_mail_negative_balance(self): | ||||
|         plain_text = render_to_string("note/mails/negative_balance.txt", dict(note=self)) | ||||
|         html = render_to_string("note/mails/negative_balance.html", dict(note=self)) | ||||
|         send_mail("[Note Kfet] Passage en négatif (club {})".format(self.club.name), plain_text, DEFAULT_FROM_EMAIL, | ||||
|                   [self.club.email], html_message=html) | ||||
|         send_mail("[Note Kfet] Passage en négatif (club {})".format(self.club.name), plain_text, | ||||
|                   settings.DEFAULT_FROM_EMAIL, [self.club.email], html_message=html) | ||||
|  | ||||
|  | ||||
| class NoteSpecial(Note): | ||||
| @@ -269,6 +247,7 @@ class Alias(models.Model): | ||||
|     note = models.ForeignKey( | ||||
|         Note, | ||||
|         on_delete=models.PROTECT, | ||||
|         related_name="alias", | ||||
|     ) | ||||
|  | ||||
|     class Meta: | ||||
| @@ -310,6 +289,7 @@ class Alias(models.Model): | ||||
|             pass | ||||
|         self.normalized_name = normalized_name | ||||
|  | ||||
|     @transaction.atomic | ||||
|     def save(self, *args, **kwargs): | ||||
|         self.clean() | ||||
|         super().save(*args, **kwargs) | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.core.exceptions import ValidationError | ||||
| @@ -170,19 +170,21 @@ class Transaction(PolymorphicModel): | ||||
|         previous_source_balance = self.source.balance | ||||
|         previous_dest_balance = self.destination.balance | ||||
|  | ||||
|         source_balance = self.source.balance | ||||
|         dest_balance = self.destination.balance | ||||
|         source_balance = previous_source_balance | ||||
|         dest_balance = previous_dest_balance | ||||
|  | ||||
|         created = self.pk is None | ||||
|         to_transfer = self.amount * self.quantity | ||||
|         if not created and not self.valid and not hasattr(self, "_force_save"): | ||||
|         to_transfer = self.total | ||||
|         if not created: | ||||
|             # Revert old transaction | ||||
|             old_transaction = Transaction.objects.get(pk=self.pk) | ||||
|             # We make a select for update to avoid concurrency issues | ||||
|             old_transaction = Transaction.objects.select_for_update().get(pk=self.pk) | ||||
|             # Check that nothing important changed | ||||
|             for field_name in ["source_id", "destination_id", "quantity", "amount"]: | ||||
|                 if getattr(self, field_name) != getattr(old_transaction, field_name): | ||||
|                     raise ValidationError(_("You can't update the {field} on a Transaction. " | ||||
|                                             "Please invalidate it and create one other.").format(field=field_name)) | ||||
|             if not hasattr(self, "_force_save"): | ||||
|                 for field_name in ["source_id", "destination_id", "quantity", "amount"]: | ||||
|                     if getattr(self, field_name) != getattr(old_transaction, field_name): | ||||
|                         raise ValidationError(_("You can't update the {field} on a Transaction. " | ||||
|                                                 "Please invalidate it and create one other.").format(field=field_name)) | ||||
|  | ||||
|             if old_transaction.valid == self.valid: | ||||
|                 # Don't change anything | ||||
| @@ -215,14 +217,14 @@ class Transaction(PolymorphicModel): | ||||
|             # When source == destination, no money is transferred and no transaction is created | ||||
|             return | ||||
|  | ||||
|         # We refresh the notes with the "select for update" tag to avoid concurrency issues | ||||
|         self.source = Note.objects.filter(pk=self.source_id).select_for_update().get() | ||||
|         self.destination = Note.objects.filter(pk=self.destination_id).select_for_update().get() | ||||
|         self.source = Note.objects.select_for_update().get(pk=self.source_id) | ||||
|         self.destination = Note.objects.select_for_update().get(pk=self.destination_id) | ||||
|  | ||||
|         # Check that the amounts stay between big integer bounds | ||||
|         diff_source, diff_dest = self.validate() | ||||
|  | ||||
|         if not self.source.is_active or not self.destination.is_active: | ||||
|         if not (hasattr(self, '_force_save') and self._force_save) \ | ||||
|                 and (not self.source.is_active or not self.destination.is_active): | ||||
|             raise ValidationError(_("The transaction can't be saved since the source note " | ||||
|                                     "or the destination note is not active.")) | ||||
|  | ||||
| @@ -237,9 +239,11 @@ class Transaction(PolymorphicModel): | ||||
|         super().save(*args, **kwargs) | ||||
|  | ||||
|         # Save notes | ||||
|         self.source.refresh_from_db() | ||||
|         self.source.balance += diff_source | ||||
|         self.source._force_save = True | ||||
|         self.source.save() | ||||
|         self.destination.refresh_from_db() | ||||
|         self.destination.balance += diff_dest | ||||
|         self.destination._force_save = True | ||||
|         self.destination.save() | ||||
| @@ -268,11 +272,12 @@ class RecurrentTransaction(Transaction): | ||||
|     ) | ||||
|  | ||||
|     def clean(self): | ||||
|         if self.template.destination != self.destination: | ||||
|         if self.template.destination != self.destination and not (hasattr(self, '_force_save') and self._force_save): | ||||
|             raise ValidationError( | ||||
|                 _("The destination of this transaction must equal to the destination of the template.")) | ||||
|         return super().clean() | ||||
|  | ||||
|     @transaction.atomic | ||||
|     def save(self, *args, **kwargs): | ||||
|         self.clean() | ||||
|         return super().save(*args, **kwargs) | ||||
| @@ -323,10 +328,41 @@ class SpecialTransaction(Transaction): | ||||
|             raise(ValidationError(_("A special transaction is only possible between a" | ||||
|                                     " Note associated to a payment method and a User or a Club"))) | ||||
|  | ||||
|     @transaction.atomic | ||||
|     def save(self, *args, **kwargs): | ||||
|         self.clean() | ||||
|         super().save(*args, **kwargs) | ||||
|  | ||||
|     @staticmethod | ||||
|     def validate_payment_form(form): | ||||
|         """ | ||||
|         Ensure that last name and first name are filled for a form that creates a SpecialTransaction, | ||||
|         and check that if the user pays with a check, then the bank field is filled. | ||||
|  | ||||
|         Return True iff there is no error. | ||||
|         Whenever there is an error, they are inserted in the form errors. | ||||
|         """ | ||||
|  | ||||
|         credit_type = form.cleaned_data["credit_type"] | ||||
|         last_name = form.cleaned_data["last_name"] | ||||
|         first_name = form.cleaned_data["first_name"] | ||||
|         bank = form.cleaned_data["bank"] | ||||
|  | ||||
|         error = False | ||||
|  | ||||
|         if not last_name or not first_name or (not bank and credit_type.special_type == "Chèque"): | ||||
|             if not last_name: | ||||
|                 form.add_error('last_name', _("This field is required.")) | ||||
|                 error = True | ||||
|             if not first_name: | ||||
|                 form.add_error('first_name', _("This field is required.")) | ||||
|                 error = True | ||||
|             if not bank and credit_type.special_type == "Chèque": | ||||
|                 form.add_error('bank', _("This field is required.")) | ||||
|                 error = True | ||||
|  | ||||
|         return not error | ||||
|  | ||||
|     class Meta: | ||||
|         verbose_name = _("Special transaction") | ||||
|         verbose_name_plural = _("Special transactions") | ||||
|   | ||||
| @@ -1,6 +1,8 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.utils import timezone | ||||
|  | ||||
|  | ||||
| def save_user_note(instance, raw, **_kwargs): | ||||
|     """ | ||||
| @@ -25,10 +27,21 @@ def save_club_note(instance, raw, **_kwargs): | ||||
|         instance.note.save() | ||||
|  | ||||
|  | ||||
| def pre_save_note(instance, raw, **_kwargs): | ||||
|     if not raw and instance.pk and not hasattr(instance, "_no_signal") and instance.balance < 0: | ||||
|         from note.models import Note | ||||
|         old_note = Note.objects.get(pk=instance.pk) | ||||
|         if old_note.balance >= 0: | ||||
|             # Passage en négatif | ||||
|             instance.last_negative = timezone.now() | ||||
|             instance.send_mail_negative_balance() | ||||
|  | ||||
|  | ||||
| def delete_transaction(instance, **_kwargs): | ||||
|     """ | ||||
|     Whenever we want to delete a transaction (caution with this), we ensure the transaction is invalid first. | ||||
|     """ | ||||
|     if not hasattr(instance, "_no_signal"): | ||||
|         instance.valid = False | ||||
|         instance._force_save = True | ||||
|         instance.save() | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| // Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
 | ||||
| // Copyright (C) 2018-2021 by BDE ENS Paris-Saclay
 | ||||
| // SPDX-License-Identifier: GPL-3.0-or-later
 | ||||
| 
 | ||||
| // When a transaction is performed, lock the interface to prevent spam clicks.
 | ||||
| @@ -28,8 +28,7 @@ $(document).ready(function () { | ||||
| 
 | ||||
|   // Switching in double consumptions mode should update the layout
 | ||||
|   $('#double_conso').change(function () { | ||||
|     $('#consos_list_div').removeClass('d-none') | ||||
|     $('#user_select_div').attr('class', 'col-xl-4') | ||||
|     document.getElementById('consos_list_div').classList.remove('d-none') | ||||
|     $('#infos_div').attr('class', 'col-sm-5 col-xl-6') | ||||
| 
 | ||||
|     const note_list_obj = $('#note_list') | ||||
| @@ -38,7 +37,7 @@ $(document).ready(function () { | ||||
|       note_list_obj.html('') | ||||
| 
 | ||||
|       buttons.forEach(function (button) { | ||||
|         $('#conso_button_' + button.id).click(function () { | ||||
|         document.getElementById(`conso_button_${button.id}`).addEventListener('click', () => { | ||||
|           if (LOCK) { return } | ||||
|           removeNote(button, 'conso_button', buttons, 'consos_list')() | ||||
|         }) | ||||
| @@ -47,8 +46,7 @@ $(document).ready(function () { | ||||
|   }) | ||||
| 
 | ||||
|   $('#single_conso').change(function () { | ||||
|     $('#consos_list_div').addClass('d-none') | ||||
|     $('#user_select_div').attr('class', 'col-xl-7') | ||||
|     document.getElementById('consos_list_div').classList.add('d-none') | ||||
|     $('#infos_div').attr('class', 'col-sm-5 col-md-4') | ||||
| 
 | ||||
|     const consos_list_obj = $('#consos_list') | ||||
| @@ -70,9 +68,9 @@ $(document).ready(function () { | ||||
|   }) | ||||
| 
 | ||||
|   // Ensure we begin in single consumption. Fix issue with TurboLinks and BootstrapJS
 | ||||
|   $("label[for='double_conso']").removeClass('active') | ||||
|   document.querySelector("label[for='double_conso']").classList.remove('active') | ||||
| 
 | ||||
|   $('#consume_all').click(consumeAll) | ||||
|   document.getElementById("consume_all").addEventListener('click', consumeAll) | ||||
| }) | ||||
| 
 | ||||
| notes = [] | ||||
| @@ -129,11 +127,10 @@ function addConso (dest, amount, type, category_id, category_name, template_id, | ||||
|       html += li('conso_button_' + button.id, button.name + | ||||
|                 '<span class="badge badge-dark badge-pill">' + button.quantity + '</span>') | ||||
|     }) | ||||
|     document.getElementById(list).innerHTML = html | ||||
| 
 | ||||
|     $('#' + list).html(html) | ||||
| 
 | ||||
|     buttons.forEach(function (button) { | ||||
|       $('#conso_button_' + button.id).click(function () { | ||||
|     buttons.forEach((button) => { | ||||
|       document.getElementById(`conso_button_${button.id}`).addEventListener('click', () => { | ||||
|         if (LOCK) { return } | ||||
|         removeNote(button, 'conso_button', buttons, list)() | ||||
|       }) | ||||
| @@ -148,12 +145,13 @@ function reset () { | ||||
|   notes_display.length = 0 | ||||
|   notes.length = 0 | ||||
|   buttons.length = 0 | ||||
|   $('#note_list').html('') | ||||
|   $('#consos_list').html('') | ||||
|   $('#note').val('') | ||||
|   $('#note').attr('data-original-title', '').tooltip('hide') | ||||
|   $('#profile_pic').attr('src', '/static/member/img/default_picture.png') | ||||
|   $('#profile_pic_link').attr('href', '#') | ||||
|   document.getElementById('note_list').innerHTML = '' | ||||
|   document.getElementById('consos_list').innerHTML = '' | ||||
|   document.getElementById('note').value = '' | ||||
|   document.getElementById('note').dataset.originTitle = '' | ||||
|   $('#note').tooltip('hide') | ||||
|   document.getElementById('profile_pic').src = '/static/member/img/default_picture.png' | ||||
|   document.getElementById('profile_pic_link').href = '#' | ||||
|   refreshHistory() | ||||
|   refreshBalance() | ||||
|   LOCK = false | ||||
| @@ -170,7 +168,7 @@ function consumeAll () { | ||||
|   let error = false | ||||
| 
 | ||||
|   if (notes_display.length === 0) { | ||||
|     $('#note').addClass('is-invalid') | ||||
|     document.getElementById('note').classList.add('is-invalid') | ||||
|     $('#note_list').html(li('', '<strong>Ajoutez des émetteurs.</strong>', 'text-danger')) | ||||
|     error = true | ||||
|   } | ||||
| @@ -224,17 +222,15 @@ function consume (source, source_alias, dest, quantity, amount, reason, type, ca | ||||
|       if (!isNaN(source.balance)) { | ||||
|         const newBalance = source.balance - quantity * amount | ||||
|         if (newBalance <= -5000) { | ||||
|           addMsg('Attention, La transaction depuis la note ' + source_alias + ' a été réalisée avec ' + | ||||
|                         'succès, mais la note émettrice ' + source_alias + ' est en négatif sévère.', | ||||
|           'danger', 30000) | ||||
|           addMsg(interpolate(gettext('Warning, the transaction from the note %s succeed, ' + | ||||
|               'but the emitter note %s is very negative.'), [source_alias, source_alias]), 'danger', 30000) | ||||
|         } else if (newBalance < 0) { | ||||
|           addMsg('Attention, La transaction depuis la note ' + source_alias + ' a été réalisée avec ' + | ||||
|                         'succès, mais la note émettrice ' + source_alias + ' est en négatif.', | ||||
|           'warning', 30000) | ||||
|           addMsg(interpolate(gettext('Warning, the transaction from the note %s succeed, ' + | ||||
|               'but the emitter note %s is negative.'), [source_alias, source_alias]), 'warning', 30000) | ||||
|         } | ||||
|         if (source.membership && source.membership.date_end < new Date().toISOString()) { | ||||
|           addMsg('Attention : la note émettrice ' + source.name + " n'est plus adhérente.", | ||||
|             'danger', 30000) | ||||
|           addMsg(interpolate(gettext('Warning, the emitter note %s is no more a BDE member.'), [source_alias]), | ||||
|               'danger', 30000) | ||||
|         } | ||||
|       } | ||||
|       reset() | ||||
| @@ -255,7 +251,7 @@ function consume (source, source_alias, dest, quantity, amount, reason, type, ca | ||||
|           template: template | ||||
|         }).done(function () { | ||||
|         reset() | ||||
|         addMsg("La transaction n'a pas pu être validée pour cause de solde insuffisant.", 'danger', 10000) | ||||
|         addMsg(gettext("The transaction couldn't be validated because of insufficient balance."), 'danger', 10000) | ||||
|       }).fail(function () { | ||||
|         reset() | ||||
|         errMsg(e.responseJSON) | ||||
| @@ -67,7 +67,11 @@ $(document).ready(function () { | ||||
| 
 | ||||
|       last.quantity = 1 | ||||
| 
 | ||||
|       if (!last.note.user) { | ||||
|       if (last.note.club) { | ||||
|         $('#last_name').val(last.note.name) | ||||
|         $('#first_name').val(last.note.name) | ||||
|       } | ||||
|       else if (!last.note.user) { | ||||
|         $.getJSON('/api/note/note/' + last.note.id + '/?format=json', function (note) { | ||||
|           last.note.user = note.user | ||||
|           $.getJSON('/api/user/' + last.note.user + '/', function (user) { | ||||
| @@ -235,20 +239,20 @@ $('#btn_transfer').click(function () { | ||||
| 
 | ||||
|   if (!amount_field.val() || isNaN(amount_field.val()) || amount_field.val() <= 0) { | ||||
|     amount_field.addClass('is-invalid') | ||||
|     $('#amount-required').html('<strong>Ce champ est requis et doit comporter un nombre décimal strictement positif.</strong>') | ||||
|     $('#amount-required').html('<strong>' + gettext('This field is required and must contain a decimal positive number.') + '</strong>') | ||||
|     error = true | ||||
|   } | ||||
| 
 | ||||
|   const amount = Math.floor(100 * amount_field.val()) | ||||
|   const amount = Math.round(100 * amount_field.val()) | ||||
|   if (amount > 2147483647) { | ||||
|     amount_field.addClass('is-invalid') | ||||
|     $('#amount-required').html('<strong>Le montant ne doit pas excéder 21474836.47 €.</strong>') | ||||
|     $('#amount-required').html('<strong>' + gettext('The amount must stay under 21,474,836.47 €.') + '</strong>') | ||||
|     error = true | ||||
|   } | ||||
| 
 | ||||
|   if (!reason_field.val()) { | ||||
|   if (!reason_field.val() && $('#type_transfer').is(':checked')) { | ||||
|     reason_field.addClass('is-invalid') | ||||
|     $('#reason-required').html('<strong>Ce champ est requis.</strong>') | ||||
|     $('#reason-required').html('<strong>' + gettext('This field is required.') + '</strong>') | ||||
|     error = true | ||||
|   } | ||||
| 
 | ||||
| @@ -274,9 +278,8 @@ $('#btn_transfer').click(function () { | ||||
|     [...sources_notes_display].forEach(function (source) { | ||||
|       [...dests_notes_display].forEach(function (dest) { | ||||
|         if (source.note.id === dest.note.id) { | ||||
|           addMsg('Attention : la transaction de ' + pretty_money(amount) + ' de la note ' + source.name + | ||||
|                         ' vers la note ' + dest.name + " n'a pas été faite car il s'agit de la même note au départ" + | ||||
|                         " et à l'arrivée.", 'warning', 10000) | ||||
|           addMsg(interpolate(gettext('Warning: the transaction of %s from %s to %s was not made because ' + | ||||
|               'it is the same source and destination note.'), [pretty_money(amount), source.name, dest.name]), 'warning', 10000) | ||||
|           LOCK = false | ||||
|           return | ||||
|         } | ||||
| @@ -296,43 +299,35 @@ $('#btn_transfer').click(function () { | ||||
|             destination_alias: dest.name | ||||
|           }).done(function () { | ||||
|           if (source.note.membership && source.note.membership.date_end < new Date().toISOString()) { | ||||
|             addMsg('Attention : la note émettrice ' + source.name + " n'est plus adhérente.", | ||||
|               'danger', 30000) | ||||
|             addMsg(interpolate(gettext('Warning, the emitter note %s is no more a BDE member.'), [source.name]), 'danger', 30000) | ||||
|           } | ||||
|           if (dest.note.membership && dest.note.membership.date_end < new Date().toISOString()) { | ||||
|             addMsg('Attention : la note destination ' + dest.name + " n'est plus adhérente.", | ||||
|               'danger', 30000) | ||||
|             addMsg(interpolate(gettext('Warning, the destination note %s is no more a BDE member.'), [dest.name]), 'danger', 30000) | ||||
|           } | ||||
| 
 | ||||
|           if (!isNaN(source.note.balance)) { | ||||
|             const newBalance = source.note.balance - source.quantity * dest.quantity * amount | ||||
|             if (newBalance <= -5000) { | ||||
|               addMsg('Le transfert de ' + | ||||
|                                     pretty_money(source.quantity * dest.quantity * amount) + ' de la note ' + | ||||
|                                     source.name + ' vers la note ' + dest.name + ' a été fait avec succès, ' + | ||||
|                                     'mais la note émettrice est en négatif sévère.', 'danger', 10000) | ||||
|               addMsg(interpolate(gettext('Warning, the transaction of %s from the note %s to the note %s succeed, but the emitter note %s is very negative.'), | ||||
|                   [pretty_money(source.quantity * dest.quantity * amount), source.name, dest.name, source.name]), 'danger', 10000) | ||||
|               reset() | ||||
|               return | ||||
|             } else if (newBalance < 0) { | ||||
|               addMsg('Le transfert de ' + | ||||
|                                     pretty_money(source.quantity * dest.quantity * amount) + ' de la note ' + | ||||
|                                     source.name + ' vers la note ' + dest.name + ' a été fait avec succès, ' + | ||||
|                                     'mais la note émettrice est en négatif.', 'warning', 10000) | ||||
|               addMsg(interpolate(gettext('Warning, the transaction of %s from the note %s to the note %s succeed, but the emitter note %s is negative.'), | ||||
|                   [pretty_money(source.quantity * dest.quantity * amount), source.name, dest.name, source.name]), 'danger', 10000) | ||||
|               reset() | ||||
|               return | ||||
|             } | ||||
|           } | ||||
|           addMsg('Le transfert de ' + | ||||
|                             pretty_money(source.quantity * dest.quantity * amount) + ' de la note ' + source.name + | ||||
|                             ' vers la note ' + dest.name + ' a été fait avec succès !', 'success', 10000) | ||||
|           addMsg(interpolate(gettext('Transfer of %s from %s to %s succeed!'), | ||||
|               [pretty_money(source.quantity * dest.quantity * amount), source.name, dest.name]), 'success', 10000) | ||||
| 
 | ||||
|           reset() | ||||
|         }).fail(function (err) { // do it again but valid = false
 | ||||
|           const errObj = JSON.parse(err.responseText) | ||||
|           if (errObj.non_field_errors) { | ||||
|             addMsg('Le transfert de ' + | ||||
|                                 pretty_money(source.quantity * dest.quantity * amount) + ' de la note ' + source.name + | ||||
|                                 ' vers la note ' + dest.name + ' a échoué : ' + errObj.non_field_errors, 'danger') | ||||
|             addMsg(interpolate(gettext('Transfer of %s from %s to %s failed: %s'), | ||||
|                 [pretty_money(source.quantity * dest.quantity * amount), source.name, dest.name, errObj.non_field_errors]), 'danger') | ||||
|             LOCK = false | ||||
|             return | ||||
|           } | ||||
| @@ -352,17 +347,15 @@ $('#btn_transfer').click(function () { | ||||
|               destination: dest.note.id, | ||||
|               destination_alias: dest.name | ||||
|             }).done(function () { | ||||
|             addMsg('Le transfert de ' + | ||||
|                                 pretty_money(source.quantity * dest.quantity * amount) + ' de la note ' + source.name + | ||||
|                                 ' vers la note ' + dest.name + ' a échoué : Solde insuffisant', 'danger', 10000) | ||||
|             addMsg(interpolate(gettext('Transfer of %s from %s to %s failed: %s'), | ||||
|                 [pretty_money(source.quantity * dest.quantity * amount), source.name, + dest.name, gettext('insufficient funds')]), 'danger', 10000) | ||||
|             reset() | ||||
|           }).fail(function (err) { | ||||
|             const errObj = JSON.parse(err.responseText) | ||||
|             let error = errObj.detail ? errObj.detail : errObj.non_field_errors | ||||
|             if (!error) { error = err.responseText } | ||||
|             addMsg('Le transfert de ' + | ||||
|                                 pretty_money(source.quantity * dest.quantity * amount) + ' de la note ' + source.name + | ||||
|                                 ' vers la note ' + dest.name + ' a échoué : ' + error, 'danger') | ||||
|             addMsg(interpolate(gettext('Transfer of %s from %s to %s failed: %s'), | ||||
|                 [pretty_money(source.quantity * dest.quantity * amount), source.name, + dest.name, error]), 'danger') | ||||
|             LOCK = false | ||||
|           }) | ||||
|         }) | ||||
| @@ -388,7 +381,7 @@ $('#btn_transfer').click(function () { | ||||
|       alias = sources_notes_display[0].name | ||||
|       source_id = user_note.id | ||||
|       dest_id = special_note | ||||
|       reason = 'Retrait ' + $('#credit_type option:selected').text().toLowerCase() | ||||
|       reason = 'Retrait ' + $('#debit_type option:selected').text().toLowerCase() | ||||
|       if (given_reason.length > 0) { reason += ' (' + given_reason + ')' } | ||||
|     } | ||||
|     $.post('/api/note/transaction/transaction/', | ||||
| @@ -408,14 +401,14 @@ $('#btn_transfer').click(function () { | ||||
|         first_name: $('#first_name').val(), | ||||
|         bank: $('#bank').val() | ||||
|       }).done(function () { | ||||
|       addMsg('Le crédit/retrait a bien été effectué !', 'success', 10000) | ||||
|       if (user_note.membership && user_note.membership.date_end < new Date().toISOString()) { addMsg('Attention : la note ' + alias + " n'est plus adhérente.", 'danger', 10000) } | ||||
|       addMsg(gettext('Credit/debit succeed!'), 'success', 10000) | ||||
|       if (user_note.membership && user_note.membership.date_end < new Date().toISOString()) { addMsg(gettext('Warning, the emitter note %s is no more a BDE member.'), 'danger', 10000) } | ||||
|       reset() | ||||
|     }).fail(function (err) { | ||||
|       const errObj = JSON.parse(err.responseText) | ||||
|       let error = errObj.detail ? errObj.detail : errObj.non_field_errors | ||||
|       if (!error) { error = err.responseText } | ||||
|       addMsg('Le crédit/retrait a échoué : ' + error, 'danger', 10000) | ||||
|       addMsg(interpolate(gettext('Credit/debit failed: %s'), [error]), 'danger', 10000) | ||||
|       LOCK = false | ||||
|     }) | ||||
|   } | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| import html | ||||
|   | ||||
| @@ -10,22 +10,22 @@ SPDX-License-Identifier: GPL-3.0-or-later | ||||
| {% block content %} | ||||
|     <div class="row mt-4"> | ||||
|         <div class="col-sm-5 col-md-4" id="infos_div"> | ||||
|             <div class="row"> | ||||
|             <div class="row justify-content-center justify-content-md-end"> | ||||
|                 {# User details column #} | ||||
|                 <div class="col"> | ||||
|                     <div class="card bg-light border-success mb-4 text-center"> | ||||
|                 <div class="col picture-col"> | ||||
|                     <div class="card bg-light mb-4 text-center"> | ||||
|                         <a id="profile_pic_link" href="#"> | ||||
|                             <img src="{% static "member/img/default_picture.png" %}" | ||||
|                                  id="profile_pic" alt="" class="card-img-top"> | ||||
|                                  id="profile_pic" alt="" class="card-img-top d-none d-sm-block"> | ||||
|                         </a> | ||||
|                         <div class="card-body text-center text-break"> | ||||
|                             <span id="user_note"></span> | ||||
|                         <div class="card-body text-center text-break p-2"> | ||||
|                             <span id="user_note"><i class="small">{% trans "Please select a note" %}</i></span> | ||||
|                         </div> | ||||
|                     </div> | ||||
|                 </div> | ||||
|  | ||||
|                 {# User selection column #} | ||||
|                 <div class="col-xl-7" id="user_select_div"> | ||||
|                 <div class="col-xl" id="user_select_div"> | ||||
|                     <div class="card bg-light border-success mb-4"> | ||||
|                         <div class="card-header"> | ||||
|                             <p class="card-text font-weight-bold"> | ||||
| @@ -44,6 +44,7 @@ SPDX-License-Identifier: GPL-3.0-or-later | ||||
|                         </div> | ||||
|                     </div> | ||||
|                 </div> | ||||
|  | ||||
|                 {# Summary of consumption and consume button #} | ||||
|                 <div class="col-xl-5 d-none" id="consos_list_div"> | ||||
|                     <div class="card bg-light border-info mb-4"> | ||||
| @@ -65,7 +66,6 @@ SPDX-License-Identifier: GPL-3.0-or-later | ||||
|                 </div> | ||||
|             </div> | ||||
|  | ||||
|  | ||||
|             {# Show last used buttons #} | ||||
|             <div class="card bg-light mb-4"> | ||||
|                 <div class="card-header"> | ||||
| @@ -159,7 +159,7 @@ SPDX-License-Identifier: GPL-3.0-or-later | ||||
| {% endblock %} | ||||
|  | ||||
| {% block extrajavascript %} | ||||
|     <script type="text/javascript" src="{% static "js/consos.js" %}"></script> | ||||
|     <script type="text/javascript" src="{% static "note/js/consos.js" %}"></script> | ||||
|     <script type="text/javascript"> | ||||
|         {% for button in highlighted %} | ||||
|             {% if button.display %} | ||||
|   | ||||
| @@ -34,21 +34,21 @@ SPDX-License-Identifier: GPL-2.0-or-later | ||||
|         </div> | ||||
|     </div> | ||||
|     <hr> | ||||
|     <div class="row"> | ||||
|     <div class="row justify-content-center"> | ||||
|         {#  Preview note profile (picture, username and balance) #} | ||||
|         <div class="col-md-3" id="note_infos_div"> | ||||
|             <div class="card bg-light border-success shadow mb-4 pt-4 text-center"> | ||||
|         <div class="col-md picture-col" id="note_infos_div"> | ||||
|             <div class="card bg-light mb-4 text-center"> | ||||
|                 <a id="profile_pic_link" href="#"><img src="{% static "member/img/default_picture.png" %}" | ||||
|                         id="profile_pic" alt="" class="img-fluid rounded mx-auto"></a> | ||||
|                 <div class="card-body text-center"> | ||||
|                     <span id="user_note"></span> | ||||
|                 <div class="card-body text-center p-2"> | ||||
|                     <span id="user_note"><i class="small">{% trans "Please select a note" %}</i></span> | ||||
|                 </div> | ||||
|             </div> | ||||
|         </div> | ||||
|  | ||||
|         {# list of emitters #} | ||||
|         <div class="col-md-3" id="emitters_div"> | ||||
|             <div class="card bg-light border-success shadow mb-4"> | ||||
|             <div class="card bg-light mb-4"> | ||||
|                 <div class="card-header"> | ||||
|                     <p class="card-text font-weight-bold"> | ||||
|                         <label for="source_note" id="source_note_label">{% trans "Select emitters" %}</label> | ||||
| @@ -57,7 +57,7 @@ SPDX-License-Identifier: GPL-2.0-or-later | ||||
|                 <ul class="list-group list-group-flush" id="source_note_list"> | ||||
|                 </ul> | ||||
|                 <div class="card-body"> | ||||
|                     <select id="credit_type" class="custom-select d-none"> | ||||
|                     <select id="credit_type" class="form-control custom-select d-none"> | ||||
|                         {% for special_type in special_types %} | ||||
|                             <option value="{{ special_type.id }}">{{ special_type.special_type }}</option> | ||||
|                         {% endfor %} | ||||
| @@ -75,7 +75,7 @@ SPDX-License-Identifier: GPL-2.0-or-later | ||||
|  | ||||
|         {# list of receiver #} | ||||
|         <div class="col-md-3" id="dests_div"> | ||||
|             <div class="card bg-light border-info shadow mb-4"> | ||||
|             <div class="card bg-light mb-4"> | ||||
|                 <div class="card-header"> | ||||
|                     <p class="card-text font-weight-bold" id="dest_title"> | ||||
|                         <label for="dest_note" id="dest_note_label">{% trans "Select receivers" %}</label> | ||||
| @@ -84,7 +84,7 @@ SPDX-License-Identifier: GPL-2.0-or-later | ||||
|                 <ul class="list-group list-group-flush" id="dest_note_list"> | ||||
|                 </ul> | ||||
|                 <div class="card-body"> | ||||
|                     <select id="debit_type" class="custom-select d-none"> | ||||
|                     <select id="debit_type" class="form-control custom-select d-none"> | ||||
|                         {% for special_type in special_types %} | ||||
|                             <option value="{{ special_type.id }}">{{ special_type.special_type }}</option> | ||||
|                         {% endfor %} | ||||
| @@ -97,8 +97,8 @@ SPDX-License-Identifier: GPL-2.0-or-later | ||||
|         </div> | ||||
|  | ||||
|         {# Information on transaction (amount, reason, name,...) #} | ||||
|         <div class="col-md-3" id="external_div"> | ||||
|             <div class="card bg-light border-warning shadow mb-4"> | ||||
|         <div class="col-md" id="external_div"> | ||||
|             <div class="card bg-light mb-4"> | ||||
|                 <div class="card-header"> | ||||
|                     <p class="card-text font-weight-bold"> | ||||
|                         {% trans "Action" %} | ||||
| @@ -153,7 +153,7 @@ SPDX-License-Identifier: GPL-2.0-or-later | ||||
|         </div> | ||||
|     </div> | ||||
| {# transaction history #} | ||||
|     <div class="card shadow mb-4" id="history"> | ||||
|     <div class="card mb-4" id="history"> | ||||
|         <div class="card-header"> | ||||
|             <p class="card-text font-weight-bold"> | ||||
|                 {% trans "Recent transactions history" %} | ||||
| @@ -176,5 +176,5 @@ SPDX-License-Identifier: GPL-2.0-or-later | ||||
|         select_receveirs_label = "{% trans "Select receivers" %}"; | ||||
|         transfer_type_label = "{% trans "Transfer type" %}"; | ||||
|     </script> | ||||
|     <script src="/static/js/transfer.js"></script> | ||||
|     <script src="{% static "note/js/transfer.js" %}"></script> | ||||
| {% endblock %} | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django import template | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django import template | ||||
|   | ||||
| @@ -1,15 +1,20 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from api.tests import TestAPI | ||||
| from member.models import Club, Membership | ||||
| from django.contrib.auth.models import User | ||||
| from django.contrib.contenttypes.models import ContentType | ||||
| from django.test import TestCase | ||||
| from django.urls import reverse | ||||
| from member.models import Club, Membership | ||||
| from note.models import NoteUser, Transaction, TemplateCategory, TransactionTemplate, RecurrentTransaction, \ | ||||
|     MembershipTransaction, SpecialTransaction, NoteSpecial, Alias | ||||
| from django.utils import timezone | ||||
| from permission.models import Role | ||||
|  | ||||
| from ..api.views import AliasViewSet, ConsumerViewSet, NotePolymorphicViewSet, TemplateCategoryViewSet,\ | ||||
|     TransactionTemplateViewSet, TransactionViewSet | ||||
| from ..models import NoteUser, Transaction, TemplateCategory, TransactionTemplate, RecurrentTransaction, \ | ||||
|     MembershipTransaction, SpecialTransaction, NoteSpecial, Alias, Note | ||||
|  | ||||
|  | ||||
| class TestTransactions(TestCase): | ||||
|     fixtures = ('initial', ) | ||||
| @@ -297,8 +302,8 @@ class TestTransactions(TestCase): | ||||
|  | ||||
|     def test_render_search_transactions(self): | ||||
|         response = self.client.get(reverse("note:transactions", args=(self.user.note.pk,)), data=dict( | ||||
|             source=self.second_user.note.alias_set.first().id, | ||||
|             destination=self.user.note.alias_set.first().id, | ||||
|             source=self.second_user.note.alias.first().id, | ||||
|             destination=self.user.note.alias.first().id, | ||||
|             type=[ContentType.objects.get_for_model(Transaction).id], | ||||
|             reason="test", | ||||
|             valid=True, | ||||
| @@ -363,3 +368,69 @@ class TestTransactions(TestCase): | ||||
|         self.assertTrue(Alias.objects.filter(name="test_updated_alias").exists()) | ||||
|         response = self.client.delete("/api/note/alias/" + str(alias.pk) + "/") | ||||
|         self.assertEqual(response.status_code, 204) | ||||
|  | ||||
|  | ||||
| class TestNoteAPI(TestAPI): | ||||
|     def setUp(self) -> None: | ||||
|         super().setUp() | ||||
|  | ||||
|         membership = Membership.objects.create(club=Club.objects.get(name="BDE"), user=self.user) | ||||
|         membership.roles.add(Role.objects.get(name="Respo info")) | ||||
|         membership.save() | ||||
|         Membership.objects.create(club=Club.objects.get(name="Kfet"), user=self.user) | ||||
|         self.user.note.last_negative = timezone.now() | ||||
|         self.user.note.save() | ||||
|  | ||||
|         self.transaction = Transaction.objects.create( | ||||
|             source=Note.objects.first(), | ||||
|             destination=self.user.note, | ||||
|             amount=4200, | ||||
|             reason="Test transaction", | ||||
|         ) | ||||
|         self.user.note.refresh_from_db() | ||||
|         Alias.objects.create(note=self.user.note, name="I am a ¢omplex alias") | ||||
|  | ||||
|         self.category = TemplateCategory.objects.create(name="Test") | ||||
|         self.template = TransactionTemplate.objects.create( | ||||
|             name="Test", | ||||
|             destination=Club.objects.get(name="BDE").note, | ||||
|             category=self.category, | ||||
|             amount=100, | ||||
|             description="Test template", | ||||
|         ) | ||||
|  | ||||
|     def test_alias_api(self): | ||||
|         """ | ||||
|         Load Alias API page and test all filters and permissions | ||||
|         """ | ||||
|         self.check_viewset(AliasViewSet, "/api/note/alias/") | ||||
|  | ||||
|     def test_consumer_api(self): | ||||
|         """ | ||||
|         Load Consumer API page and test all filters and permissions | ||||
|         """ | ||||
|         self.check_viewset(ConsumerViewSet, "/api/note/consumer/") | ||||
|  | ||||
|     def test_note_api(self): | ||||
|         """ | ||||
|         Load Note API page and test all filters and permissions | ||||
|         """ | ||||
|         self.check_viewset(NotePolymorphicViewSet, "/api/note/note/") | ||||
|  | ||||
|     def test_template_category_api(self): | ||||
|         """ | ||||
|         Load TemplateCategory API page and test all filters and permissions | ||||
|         """ | ||||
|         self.check_viewset(TemplateCategoryViewSet, "/api/note/transaction/category/") | ||||
|  | ||||
|     def test_transaction_template_api(self): | ||||
|         """ | ||||
|         Load TemplateTemplate API page and test all filters and permissions | ||||
|         """ | ||||
|         self.check_viewset(TransactionTemplateViewSet, "/api/note/transaction/template/") | ||||
|  | ||||
|     def test_transaction_api(self): | ||||
|         """ | ||||
|         Load Transaction API page and test all filters and permissions | ||||
|         """ | ||||
|         self.check_viewset(TransactionViewSet, "/api/note/transaction/transaction/") | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django.urls import path | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| import json | ||||
| @@ -144,7 +144,7 @@ class TransactionTemplateUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, Up | ||||
| class ConsoView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTableView): | ||||
|     """ | ||||
|     The Magic View that make people pay their beer and burgers. | ||||
|     (Most of the magic happens in the dark world of Javascript see `note_kfet/static/js/consos.js`) | ||||
|     (Most of the magic happens in the dark world of Javascript see `static/note/js/consos.js`) | ||||
|     """ | ||||
|     model = Transaction | ||||
|     template_name = "note/conso_form.html" | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| default_app_config = 'permission.apps.PermissionConfig' | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-lateré | ||||
|  | ||||
| from django.contrib import admin | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from rest_framework import serializers | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from .views import PermissionViewSet, RoleViewSet | ||||
|   | ||||
| @@ -1,8 +1,9 @@ | ||||
| # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay | ||||
| # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay | ||||
| # SPDX-License-Identifier: GPL-3.0-or-later | ||||
|  | ||||
| from django_filters.rest_framework import DjangoFilterBackend | ||||
| from api.viewsets import ReadOnlyProtectedModelViewSet | ||||
| from django_filters.rest_framework import DjangoFilterBackend | ||||
| from rest_framework.filters import SearchFilter | ||||
|  | ||||
| from .serializers import PermissionSerializer, RoleSerializer | ||||
| from ..models import Permission, Role | ||||
| @@ -14,10 +15,11 @@ class PermissionViewSet(ReadOnlyProtectedModelViewSet): | ||||
|     The djangorestframework plugin will get all `Permission` objects, serialize it to JSON with the given serializer, | ||||
|     then render it on /api/permission/permission/ | ||||
|     """ | ||||
|     queryset = Permission.objects.all() | ||||
|     queryset = Permission.objects.order_by('id') | ||||
|     serializer_class = PermissionSerializer | ||||
|     filter_backends = [DjangoFilterBackend] | ||||
|     filterset_fields = ['model', 'type', ] | ||||
|     filter_backends = [DjangoFilterBackend, SearchFilter] | ||||
|     filterset_fields = ['model', 'type', 'query', 'mask', 'field', 'permanent', ] | ||||
|     search_fields = ['$model__name', '$query', '$description', ] | ||||
|  | ||||
|  | ||||
| class RoleViewSet(ReadOnlyProtectedModelViewSet): | ||||
| @@ -26,7 +28,8 @@ class RoleViewSet(ReadOnlyProtectedModelViewSet): | ||||
|     The djangorestframework plugin will get all `RolePermission` objects, serialize it to JSON with the given serializer | ||||
|     then render it on /api/permission/roles/ | ||||
|     """ | ||||
|     queryset = Role.objects.all() | ||||
|     queryset = Role.objects.order_by('id') | ||||
|     serializer_class = RoleSerializer | ||||
|     filter_backends = [DjangoFilterBackend] | ||||
|     filterset_fields = ['role', ] | ||||
|     filter_backends = [DjangoFilterBackend, SearchFilter] | ||||
|     filterset_fields = ['name', 'permissions', 'for_club', 'memberships__user', ] | ||||
|     search_fields = ['$name', '$for_club__name', ] | ||||
|   | ||||
Some files were not shown because too many files have changed in this diff Show More
		Reference in New Issue
	
	Block a user