1
0
mirror of https://gitlab.crans.org/bde/nk20 synced 2025-07-01 13:31:16 +02:00

Compare commits

..

53 Commits

Author SHA1 Message Date
420a24ebac enable JavaScriptCatalog view 2020-09-19 22:42:35 +02:00
d566def706 Try to translate js, not working... 2020-09-19 22:03:45 +02:00
eaf6769e8b Treasurers can make transactions with people that are no longer a member 2020-09-19 16:33:52 +02:00
a61ec81cff note.crans.org is the default domain 2020-09-19 16:03:32 +02:00
60f2a73cc5 Don't check if the user is a member of the parent club if there is no parent club 2020-09-18 13:35:55 +02:00
bcd96b2ed8 The BDE membership and the club membership must now be in two parts 2020-09-18 12:35:36 +02:00
905d65371f The user validation form was ugly 2020-09-14 09:56:15 +02:00
180cd3e1ec Fix registration permissions and procedure 2020-09-14 09:49:30 +02:00
73ca65aa91 Merge branch 'atomicity' into 'beta'
Atomicité

See merge request bde/nk20!122
2020-09-14 09:38:54 +02:00
5ed0560953 Fix linting 2020-09-14 09:09:20 +02:00
dbc6fbbf71 Fix the validation clicker issue, now the note is safe 2020-09-14 09:05:35 +02:00
872fd8f86d Don't cache permissions in debug mode, that's very slow 2020-09-14 08:58:12 +02:00
f89234b69a JS was broken, please close your HTML tags 2020-09-13 23:18:00 +02:00
36a980555b Revert "Make the nk20 usable for pirates"
This reverts commit 0f53ac45f7.
2020-09-13 20:42:44 +02:00
826cd4d87f Revert "Use underscore in locales"
This reverts commit 2270a0aa82.
2020-09-13 20:42:34 +02:00
e8005a6c58 Update Django locale selector 2020-09-13 20:17:59 +02:00
2270a0aa82 Use underscore in locales 2020-09-13 20:10:26 +02:00
0f53ac45f7 Make the nk20 usable for pirates 2020-09-13 20:05:06 +02:00
670556c59e Merge branch 'traduction' into 'beta'
End of Spanish translation

See merge request bde/nk20!121
2020-09-13 18:55:56 +02:00
5b02ba48e0 Some OTL, but so much remain 2020-09-13 12:40:10 +02:00
f3f18bc25e Merge branch 'beta' into traduction 2020-09-13 12:17:25 +02:00
03124e124c Translation : typo 2020-09-13 11:52:43 +02:00
6308964e93 Translation : French OTL 2020-09-13 11:52:13 +02:00
ed79097288 Spanish translation : ~end 2020-09-13 11:51:29 +02:00
d7eaef8cee Spanish translation : 88%, ¡ quedan 77 para mañana ! 2020-09-12 22:54:41 +02:00
01d405e54b Spanish translation : 70%, a comer! 2020-09-12 20:18:11 +02:00
80e3cba4c6 BDE Treasurers can see the remittance interface 2020-09-12 18:40:14 +02:00
f190053e84 Display the right amount in soge credit detail 2020-09-12 18:36:05 +02:00
218960adb5 Spanish translation : 57%, not always 57 2020-09-12 16:34:24 +02:00
88a1eae631 Spanish translation : 42%, always 42 2020-09-12 11:59:59 +02:00
2a2ecb2acc Activate es locale 2020-09-12 09:17:15 +02:00
f5486bdb63 Merge branch 'traduction' into 'beta'
Traduction

See merge request bde/nk20!120
2020-09-12 09:19:04 +02:00
9b090a145c All transactions are now atomic 2020-09-11 22:52:16 +02:00
860c7b50e5 Filter a consumer by its note id 2020-09-10 14:42:52 +02:00
afdc75c0bd Access to consumer object wa buggy 2020-09-10 14:41:09 +02:00
c6603e8aa7 Add more filters in the API 2020-09-10 14:37:11 +02:00
72cc1638e6 Authenticate correctly users that connect with an authorization token 2020-09-10 09:31:27 +02:00
6a0dc4cb10 Users can see every API page since querysets are filtered and modifications are protected 2020-09-09 22:27:07 +02:00
0f1f3b9560 Do not serve static files outside of debug server 2020-09-09 17:14:03 +02:00
c720e5483e Move transfer.js where it belongs 2020-09-09 16:45:15 +02:00
0fd3e9db78 Move consos.js where it belongs 2020-09-09 16:42:45 +02:00
c34296c923 Merge branch 'fixed_width_image' into 'beta'
Fix profile picture width

See merge request bde/nk20!119
2020-09-09 15:18:50 +02:00
ce4c22a4a1 Smaller text and larger padding on note label 2020-09-09 15:03:34 +02:00
3e0f665ef8 Resync es translation 2020-09-09 14:32:01 +02:00
be8751c815 Merge branch 'beta' into traduction 2020-09-09 14:28:19 +02:00
8225445c3e Update translations 2020-09-09 14:10:07 +02:00
f333e6a875 Fix profile picture width 2020-09-09 14:03:49 +02:00
e5835b46a5 Backups are sent to Zamok 2020-09-08 13:31:22 +02:00
fe937405a6 Merge remote-tracking branch 'origin/beta' into beta 2020-09-08 10:11:44 +02:00
0741c8ad2b Refactor the script to extract the mails that are registered to an events mailing list 2020-09-08 10:11:33 +02:00
428de69d93 Fix permissions to let treasurers to make some initial registrations 2020-09-07 23:36:50 +02:00
0888afe439 I am hungry, so I ham hungry 2020-09-04 20:38:57 +02:00
3111c30e56 Add spanish translation 2020-09-04 18:24:49 +02:00
40 changed files with 4095 additions and 640 deletions

View File

@ -7,7 +7,7 @@ from threading import Thread
from django.conf import settings from django.conf import settings
from django.contrib.auth.models import User from django.contrib.auth.models import User
from django.db import models from django.db import models, transaction
from django.db.models import Q from django.db.models import Q
from django.utils import timezone from django.utils import timezone
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
@ -123,6 +123,7 @@ class Activity(models.Model):
verbose_name=_('open'), verbose_name=_('open'),
) )
@transaction.atomic
def save(self, *args, **kwargs): def save(self, *args, **kwargs):
""" """
Update the activity wiki page each time the activity is updated (validation, change description, ...) Update the activity wiki page each time the activity is updated (validation, change description, ...)
@ -194,8 +195,8 @@ class Entry(models.Model):
else _("Entry for {note} to the activity {activity}").format( else _("Entry for {note} to the activity {activity}").format(
guest=str(self.guest), note=str(self.note), activity=str(self.activity)) guest=str(self.guest), note=str(self.note), activity=str(self.activity))
@transaction.atomic
def save(self, *args, **kwargs): def save(self, *args, **kwargs):
qs = Entry.objects.filter(~Q(pk=self.pk), activity=self.activity, note=self.note, guest=self.guest) qs = Entry.objects.filter(~Q(pk=self.pk), activity=self.activity, note=self.note, guest=self.guest)
if qs.exists(): if qs.exists():
raise ValidationError(_("Already entered on ") + _("{:%Y-%m-%d %H:%M:%S}").format(qs.get().time, )) raise ValidationError(_("Already entered on ") + _("{:%Y-%m-%d %H:%M:%S}").format(qs.get().time, ))
@ -260,6 +261,7 @@ class Guest(models.Model):
except AttributeError: except AttributeError:
return False return False
@transaction.atomic
def save(self, force_insert=False, force_update=False, using=None, update_fields=None): def save(self, force_insert=False, force_update=False, using=None, update_fields=None):
one_year = timedelta(days=365) one_year = timedelta(days=365)

View File

@ -7,6 +7,7 @@ from django.conf import settings
from django.contrib.auth.mixins import LoginRequiredMixin from django.contrib.auth.mixins import LoginRequiredMixin
from django.contrib.contenttypes.models import ContentType from django.contrib.contenttypes.models import ContentType
from django.core.exceptions import PermissionDenied from django.core.exceptions import PermissionDenied
from django.db import transaction
from django.db.models import F, Q from django.db.models import F, Q
from django.http import HttpResponse from django.http import HttpResponse
from django.urls import reverse_lazy from django.urls import reverse_lazy
@ -44,6 +45,7 @@ class ActivityCreateView(ProtectQuerysetMixin, ProtectedCreateView):
date_end=timezone.now(), date_end=timezone.now(),
) )
@transaction.atomic
def form_valid(self, form): def form_valid(self, form):
form.instance.creater = self.request.user form.instance.creater = self.request.user
return super().form_valid(form) return super().form_valid(form)
@ -145,6 +147,7 @@ class ActivityInviteView(ProtectQuerysetMixin, ProtectedCreateView):
form.fields["inviter"].initial = self.request.user.note form.fields["inviter"].initial = self.request.user.note
return form return form
@transaction.atomic
def form_valid(self, form): def form_valid(self, form):
form.instance.activity = Activity.objects\ form.instance.activity = Activity.objects\
.filter(PermissionBackend.filter_queryset(self.request.user, Activity, "view")).get(pk=self.kwargs["pk"]) .filter(PermissionBackend.filter_queryset(self.request.user, Activity, "view")).get(pk=self.kwargs["pk"])

View File

@ -8,6 +8,7 @@ from django import forms
from django.conf import settings from django.conf import settings
from django.contrib.auth.forms import AuthenticationForm from django.contrib.auth.forms import AuthenticationForm
from django.contrib.auth.models import User from django.contrib.auth.models import User
from django.db import transaction
from django.forms import CheckboxSelectMultiple from django.forms import CheckboxSelectMultiple
from django.utils import timezone from django.utils import timezone
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
@ -57,6 +58,7 @@ class ProfileForm(forms.ModelForm):
self.fields['address'].widget.attrs.update({"placeholder": "4 avenue des Sciences, 91190 GIF-SUR-YVETTE"}) self.fields['address'].widget.attrs.update({"placeholder": "4 avenue des Sciences, 91190 GIF-SUR-YVETTE"})
self.fields['promotion'].widget.attrs.update({"max": timezone.now().year}) self.fields['promotion'].widget.attrs.update({"max": timezone.now().year})
@transaction.atomic
def save(self, commit=True): def save(self, commit=True):
if not self.instance.section or (("department" in self.changed_data if not self.instance.section or (("department" in self.changed_data
or "promotion" in self.changed_data) and "section" not in self.changed_data): or "promotion" in self.changed_data) and "section" not in self.changed_data):
@ -161,7 +163,7 @@ class MembershipForm(forms.ModelForm):
soge = forms.BooleanField( soge = forms.BooleanField(
label=_("Inscription paid by Société Générale"), label=_("Inscription paid by Société Générale"),
required=False, required=False,
help_text=_("Check this case is the Société Générale paid the inscription."), help_text=_("Check this case if the Société Générale paid the inscription."),
) )
credit_type = forms.ModelChoiceField( credit_type = forms.ModelChoiceField(

View File

@ -7,7 +7,7 @@ import os
from django.conf import settings from django.conf import settings
from django.contrib.auth.models import User from django.contrib.auth.models import User
from django.core.exceptions import ValidationError from django.core.exceptions import ValidationError
from django.db import models from django.db import models, transaction
from django.db.models import Q from django.db.models import Q
from django.template import loader from django.template import loader
from django.urls import reverse, reverse_lazy from django.urls import reverse, reverse_lazy
@ -271,6 +271,7 @@ class Club(models.Model):
self._force_save = True self._force_save = True
self.save(force_update=True) self.save(force_update=True)
@transaction.atomic
def save(self, force_insert=False, force_update=False, using=None, def save(self, force_insert=False, force_update=False, using=None,
update_fields=None): update_fields=None):
if not self.require_memberships: if not self.require_memberships:
@ -406,6 +407,7 @@ class Membership(models.Model):
parent_membership.roles.set(Role.objects.filter(name="Membre de club").all()) parent_membership.roles.set(Role.objects.filter(name="Membre de club").all())
parent_membership.save() parent_membership.save()
@transaction.atomic
def save(self, *args, **kwargs): def save(self, *args, **kwargs):
""" """
Calculate fee and end date before saving the membership and creating the transaction if needed. Calculate fee and end date before saving the membership and creating the transaction if needed.
@ -475,8 +477,13 @@ class Membership(models.Model):
# to treasurers. # to treasurers.
transaction.valid = False transaction.valid = False
from treasury.models import SogeCredit from treasury.models import SogeCredit
soge_credit = SogeCredit.objects.get_or_create(user=self.user)[0] if SogeCredit.objects.filter(user=self.user).exists():
soge_credit.refresh_from_db() soge_credit = SogeCredit.objects.get(user=self.user)
else:
soge_credit = SogeCredit(user=self.user)
soge_credit._force_save = True
soge_credit.save(force_insert=True)
soge_credit.refresh_from_db()
transaction.save(force_insert=True) transaction.save(force_insert=True)
transaction.refresh_from_db() transaction.refresh_from_db()
soge_credit.transactions.add(transaction) soge_credit.transactions.add(transaction)

View File

@ -13,15 +13,29 @@ SPDX-License-Identifier: GPL-3.0-or-later
{% if additional_fee_renewal %} {% if additional_fee_renewal %}
<div class="alert alert-warning"> <div class="alert alert-warning">
{% if renewal %} {% if renewal %}
{% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %} {% if club.name == "Kfet" %} {# Auto-renewal #}
The user is not a member of the club·s {{ clubs }}. An additional fee of {{ pretty_fee }} {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %}
will be charged to renew automatically the membership in this/these club·s. The user is not a member of the club·s {{ clubs }}. An additional fee of {{ pretty_fee }}
{% endblocktrans %} will be charged to renew automatically the membership in this/these club·s.
{% endblocktrans %}
{% else %}
{% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %}
The user is not a member of the club·s {{ clubs }}. Please create the required memberships,
otherwise it will fail.
{% endblocktrans %}
{% endif %}
{% else %} {% else %}
{% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %} {% if club.name == "Kfet" %}
This club has parents {{ clubs }}. An additional fee of {{ pretty_fee }} {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %}
will be charged to adhere automatically to this/these club·s. This club has parents {{ clubs }}. An additional fee of {{ pretty_fee }}
{% endblocktrans %} will be charged to adhere automatically to this/these club·s.
{% endblocktrans %}
{% else %}
{% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %}
This club has parents {{ clubs }}. Please make sure that the user is a member of this or these club·s,
otherwise the creation of this membership will fail.
{% endblocktrans %}
{% endif %}
{% endif %} {% endif %}
</div> </div>
{% endif %} {% endif %}

View File

@ -38,7 +38,7 @@
<dt class="col-xl-6">{% trans 'address'|capfirst %}</dt> <dt class="col-xl-6">{% trans 'address'|capfirst %}</dt>
<dd class="col-xl-6">{{ user_object.profile.address }}</dd> <dd class="col-xl-6">{{ user_object.profile.address }}</dd>
{% if "note.view_note"|has_perm:user_object.note %} {% if user_object.note and "note.view_note"|has_perm:user_object.note %}
<dt class="col-xl-6">{% trans 'balance'|capfirst %}</dt> <dt class="col-xl-6">{% trans 'balance'|capfirst %}</dt>
<dd class="col-xl-6">{{ user_object.note.balance | pretty_money }}</dd> <dd class="col-xl-6">{{ user_object.note.balance | pretty_money }}</dd>
@ -47,7 +47,7 @@
{% endif %} {% endif %}
</dl> </dl>
{% if user_object.pk == user_object.pk %} {% if user_object.pk == user.pk %}
<div class="text-center"> <div class="text-center">
<a class="small badge badge-secondary" href="{% url 'member:auth_token' %}"> <a class="small badge badge-secondary" href="{% url 'member:auth_token' %}">
<i class="fa fa-cogs"></i>{% trans 'API token' %} <i class="fa fa-cogs"></i>{% trans 'API token' %}

View File

@ -38,6 +38,7 @@ class CustomLoginView(LoginView):
""" """
form_class = CustomAuthenticationForm form_class = CustomAuthenticationForm
@transaction.atomic
def form_valid(self, form): def form_valid(self, form):
logout(self.request) logout(self.request)
_set_current_user_and_ip(form.get_user(), self.request.session, None) _set_current_user_and_ip(form.get_user(), self.request.session, None)
@ -76,6 +77,7 @@ class UserUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):
return context return context
@transaction.atomic
def form_valid(self, form): def form_valid(self, form):
""" """
Check if ProfileForm is correct Check if ProfileForm is correct
@ -269,6 +271,7 @@ class PictureUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, FormMixin, Det
self.object = self.get_object() self.object = self.get_object()
return self.form_valid(form) if form.is_valid() else self.form_invalid(form) return self.form_valid(form) if form.is_valid() else self.form_invalid(form)
@transaction.atomic
def form_valid(self, form): def form_valid(self, form):
"""Save image to note""" """Save image to note"""
image = form.cleaned_data['image'] image = form.cleaned_data['image']
@ -607,6 +610,9 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView):
bank = form.cleaned_data["bank"] bank = form.cleaned_data["bank"]
soge = form.cleaned_data["soge"] and not user.profile.soge and (club.name == "BDE" or club.name == "Kfet") soge = form.cleaned_data["soge"] and not user.profile.soge and (club.name == "BDE" or club.name == "Kfet")
if not credit_type:
credit_amount = 0
if not soge and user.note.balance + credit_amount < fee and not Membership.objects.filter( if not soge and user.note.balance + credit_amount < fee and not Membership.objects.filter(
club__name="Kfet", club__name="Kfet",
user=user, user=user,
@ -628,6 +634,16 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView):
form.add_error('user', _('User is already a member of the club')) form.add_error('user', _('User is already a member of the club'))
error = True error = True
# Must join the parent club before joining this club, except for the Kfet club where it can be at the same time.
if club.name != "Kfet" and club.parent_club and not Membership.objects.filter(
user=form.instance.user,
club=club.parent_club,
date_start__lte=club.parent_club.membership_start,
date_end__gte=club.parent_club.membership_end,
).exists():
form.add_error('user', _('User is not a member of the parent club') + ' ' + club.parent_club.name)
error = True
if club.membership_start and form.instance.date_start < club.membership_start: if club.membership_start and form.instance.date_start < club.membership_start:
form.add_error('user', _("The membership must start after {:%m-%d-%Y}.") form.add_error('user', _("The membership must start after {:%m-%d-%Y}.")
.format(form.instance.club.membership_start)) .format(form.instance.club.membership_start))
@ -650,6 +666,7 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView):
return not error return not error
@transaction.atomic
def form_valid(self, form): def form_valid(self, form):
""" """
Create membership, check that all is good, make transactions Create membership, check that all is good, make transactions

View File

@ -1,5 +1,6 @@
# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
# SPDX-License-Identifier: GPL-3.0-or-later # SPDX-License-Identifier: GPL-3.0-or-later
from django.conf import settings from django.conf import settings
from django.db.models import Q from django.db.models import Q
from django.core.exceptions import ValidationError from django.core.exceptions import ValidationError
@ -56,8 +57,9 @@ class AliasViewSet(ReadProtectedModelViewSet):
""" """
queryset = Alias.objects.all() queryset = Alias.objects.all()
serializer_class = AliasSerializer serializer_class = AliasSerializer
filter_backends = [SearchFilter, OrderingFilter] filter_backends = [SearchFilter, DjangoFilterBackend, OrderingFilter]
search_fields = ['$normalized_name', '$name', '$note__polymorphic_ctype__model', ] search_fields = ['$normalized_name', '$name', '$note__polymorphic_ctype__model', ]
filterset_fields = ['note']
ordering_fields = ['name', 'normalized_name'] ordering_fields = ['name', 'normalized_name']
def get_serializer_class(self): def get_serializer_class(self):
@ -106,8 +108,9 @@ class AliasViewSet(ReadProtectedModelViewSet):
class ConsumerViewSet(ReadOnlyProtectedModelViewSet): class ConsumerViewSet(ReadOnlyProtectedModelViewSet):
queryset = Alias.objects.all() queryset = Alias.objects.all()
serializer_class = ConsumerSerializer serializer_class = ConsumerSerializer
filter_backends = [SearchFilter, OrderingFilter] filter_backends = [SearchFilter, OrderingFilter, DjangoFilterBackend]
search_fields = ['$normalized_name', '$name', '$note__polymorphic_ctype__model', ] search_fields = ['$normalized_name', '$name', '$note__polymorphic_ctype__model', ]
filterset_fields = ['note']
ordering_fields = ['name', 'normalized_name'] ordering_fields = ['name', 'normalized_name']
def get_queryset(self): def get_queryset(self):
@ -116,29 +119,31 @@ class ConsumerViewSet(ReadOnlyProtectedModelViewSet):
:return: The filtered set of requested aliases :return: The filtered set of requested aliases
""" """
queryset = super().get_queryset() queryset = super().get_queryset().distinct()
# Sqlite doesn't support ORDER BY in subqueries # Sqlite doesn't support ORDER BY in subqueries
queryset = queryset.order_by("name") \ queryset = queryset.order_by("name") \
if settings.DATABASES[queryset.db]["ENGINE"] == 'django.db.backends.postgresql' else queryset if settings.DATABASES[queryset.db]["ENGINE"] == 'django.db.backends.postgresql' else queryset
alias = self.request.query_params.get("alias", ".*") alias = self.request.query_params.get("alias", None)
queryset = queryset.prefetch_related('note') queryset = queryset.prefetch_related('note')
# We match first an alias if it is matched without normalization,
# then if the normalized pattern matches a normalized alias. if alias:
queryset = queryset.filter( # We match first an alias if it is matched without normalization,
name__iregex="^" + alias # then if the normalized pattern matches a normalized alias.
).union( queryset = queryset.filter(
queryset.filter( name__iregex="^" + alias
Q(normalized_name__iregex="^" + Alias.normalize(alias)) ).union(
& ~Q(name__iregex="^" + alias) queryset.filter(
), Q(normalized_name__iregex="^" + Alias.normalize(alias))
all=True).union( & ~Q(name__iregex="^" + alias)
queryset.filter( ),
Q(normalized_name__iregex="^" + alias.lower()) all=True).union(
& ~Q(normalized_name__iregex="^" + Alias.normalize(alias)) queryset.filter(
& ~Q(name__iregex="^" + alias) Q(normalized_name__iregex="^" + alias.lower())
), & ~Q(normalized_name__iregex="^" + Alias.normalize(alias))
all=True) & ~Q(name__iregex="^" + alias)
),
all=True)
queryset = queryset if settings.DATABASES[queryset.db]["ENGINE"] == 'django.db.backends.postgresql' \ queryset = queryset if settings.DATABASES[queryset.db]["ENGINE"] == 'django.db.backends.postgresql' \
else queryset.order_by("name") else queryset.order_by("name")
@ -179,8 +184,11 @@ class TransactionViewSet(ReadProtectedModelViewSet):
""" """
queryset = Transaction.objects.order_by("-created_at").all() queryset = Transaction.objects.order_by("-created_at").all()
serializer_class = TransactionPolymorphicSerializer serializer_class = TransactionPolymorphicSerializer
filter_backends = [SearchFilter] filter_backends = [SearchFilter, DjangoFilterBackend, OrderingFilter]
filterset_fields = ["source", "source_alias", "destination", "destination_alias", "quantity",
"polymorphic_ctype", "amount", "created_at", ]
search_fields = ['$reason', ] search_fields = ['$reason', ]
ordering_fields = ['created_at', 'amount']
def get_queryset(self): def get_queryset(self):
user = self.request.user user = self.request.user

View File

@ -8,7 +8,7 @@ from django.conf.global_settings import DEFAULT_FROM_EMAIL
from django.core.exceptions import ValidationError from django.core.exceptions import ValidationError
from django.core.mail import send_mail from django.core.mail import send_mail
from django.core.validators import RegexValidator from django.core.validators import RegexValidator
from django.db import models from django.db import models, transaction
from django.template.loader import render_to_string from django.template.loader import render_to_string
from django.utils import timezone from django.utils import timezone
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
@ -93,6 +93,7 @@ class Note(PolymorphicModel):
delta = timezone.now() - self.last_negative delta = timezone.now() - self.last_negative
return "{:d} jours".format(delta.days) return "{:d} jours".format(delta.days)
@transaction.atomic
def save(self, *args, **kwargs): def save(self, *args, **kwargs):
""" """
Save note with it's alias (called in polymorphic children) Save note with it's alias (called in polymorphic children)
@ -108,12 +109,16 @@ class Note(PolymorphicModel):
# Save alias # Save alias
a.note = self a.note = self
# Consider that if the name of the note could be changed, then the alias can be created.
# It does not mean that any alias can be created.
a._force_save = True
a.save(force_insert=True) a.save(force_insert=True)
else: else:
# Check if the name of the note changed without changing the normalized form of the alias # Check if the name of the note changed without changing the normalized form of the alias
alias = Alias.objects.get(normalized_name=Alias.normalize(str(self))) alias = Alias.objects.get(normalized_name=Alias.normalize(str(self)))
if alias.name != str(self): if alias.name != str(self):
alias.name = str(self) alias.name = str(self)
alias._force_save = True
alias.save() alias.save()
def clean(self, *args, **kwargs): def clean(self, *args, **kwargs):
@ -154,6 +159,7 @@ class NoteUser(Note):
def pretty(self): def pretty(self):
return _("%(user)s's note") % {'user': str(self.user)} return _("%(user)s's note") % {'user': str(self.user)}
@transaction.atomic
def save(self, *args, **kwargs): def save(self, *args, **kwargs):
if self.pk and self.balance < 0: if self.pk and self.balance < 0:
old_note = NoteUser.objects.get(pk=self.pk) old_note = NoteUser.objects.get(pk=self.pk)
@ -195,6 +201,7 @@ class NoteClub(Note):
def pretty(self): def pretty(self):
return _("Note of %(club)s club") % {'club': str(self.club)} return _("Note of %(club)s club") % {'club': str(self.club)}
@transaction.atomic
def save(self, *args, **kwargs): def save(self, *args, **kwargs):
if self.pk and self.balance < 0: if self.pk and self.balance < 0:
old_note = NoteClub.objects.get(pk=self.pk) old_note = NoteClub.objects.get(pk=self.pk)
@ -310,6 +317,7 @@ class Alias(models.Model):
pass pass
self.normalized_name = normalized_name self.normalized_name = normalized_name
@transaction.atomic
def save(self, *args, **kwargs): def save(self, *args, **kwargs):
self.clean() self.clean()
super().save(*args, **kwargs) super().save(*args, **kwargs)

View File

@ -170,19 +170,21 @@ class Transaction(PolymorphicModel):
previous_source_balance = self.source.balance previous_source_balance = self.source.balance
previous_dest_balance = self.destination.balance previous_dest_balance = self.destination.balance
source_balance = self.source.balance source_balance = previous_source_balance
dest_balance = self.destination.balance dest_balance = previous_dest_balance
created = self.pk is None created = self.pk is None
to_transfer = self.amount * self.quantity to_transfer = self.total
if not created and not self.valid and not hasattr(self, "_force_save"): if not created:
# Revert old transaction # Revert old transaction
old_transaction = Transaction.objects.get(pk=self.pk) # We make a select for update to avoid concurrency issues
old_transaction = Transaction.objects.select_for_update().get(pk=self.pk)
# Check that nothing important changed # Check that nothing important changed
for field_name in ["source_id", "destination_id", "quantity", "amount"]: if not hasattr(self, "_force_save"):
if getattr(self, field_name) != getattr(old_transaction, field_name): for field_name in ["source_id", "destination_id", "quantity", "amount"]:
raise ValidationError(_("You can't update the {field} on a Transaction. " if getattr(self, field_name) != getattr(old_transaction, field_name):
"Please invalidate it and create one other.").format(field=field_name)) raise ValidationError(_("You can't update the {field} on a Transaction. "
"Please invalidate it and create one other.").format(field=field_name))
if old_transaction.valid == self.valid: if old_transaction.valid == self.valid:
# Don't change anything # Don't change anything
@ -215,10 +217,6 @@ class Transaction(PolymorphicModel):
# When source == destination, no money is transferred and no transaction is created # When source == destination, no money is transferred and no transaction is created
return return
# We refresh the notes with the "select for update" tag to avoid concurrency issues
self.source = Note.objects.filter(pk=self.source_id).select_for_update().get()
self.destination = Note.objects.filter(pk=self.destination_id).select_for_update().get()
# Check that the amounts stay between big integer bounds # Check that the amounts stay between big integer bounds
diff_source, diff_dest = self.validate() diff_source, diff_dest = self.validate()
@ -237,9 +235,11 @@ class Transaction(PolymorphicModel):
super().save(*args, **kwargs) super().save(*args, **kwargs)
# Save notes # Save notes
self.source.refresh_from_db()
self.source.balance += diff_source self.source.balance += diff_source
self.source._force_save = True self.source._force_save = True
self.source.save() self.source.save()
self.destination.refresh_from_db()
self.destination.balance += diff_dest self.destination.balance += diff_dest
self.destination._force_save = True self.destination._force_save = True
self.destination.save() self.destination.save()
@ -273,6 +273,7 @@ class RecurrentTransaction(Transaction):
_("The destination of this transaction must equal to the destination of the template.")) _("The destination of this transaction must equal to the destination of the template."))
return super().clean() return super().clean()
@transaction.atomic
def save(self, *args, **kwargs): def save(self, *args, **kwargs):
self.clean() self.clean()
return super().save(*args, **kwargs) return super().save(*args, **kwargs)
@ -323,6 +324,7 @@ class SpecialTransaction(Transaction):
raise(ValidationError(_("A special transaction is only possible between a" raise(ValidationError(_("A special transaction is only possible between a"
" Note associated to a payment method and a User or a Club"))) " Note associated to a payment method and a User or a Club")))
@transaction.atomic
def save(self, *args, **kwargs): def save(self, *args, **kwargs):
self.clean() self.clean()
super().save(*args, **kwargs) super().save(*args, **kwargs)

View File

@ -29,7 +29,6 @@ $(document).ready(function () {
// Switching in double consumptions mode should update the layout // Switching in double consumptions mode should update the layout
$('#double_conso').change(function () { $('#double_conso').change(function () {
$('#consos_list_div').removeClass('d-none') $('#consos_list_div').removeClass('d-none')
$('#user_select_div').attr('class', 'col-xl-4')
$('#infos_div').attr('class', 'col-sm-5 col-xl-6') $('#infos_div').attr('class', 'col-sm-5 col-xl-6')
const note_list_obj = $('#note_list') const note_list_obj = $('#note_list')
@ -48,7 +47,6 @@ $(document).ready(function () {
$('#single_conso').change(function () { $('#single_conso').change(function () {
$('#consos_list_div').addClass('d-none') $('#consos_list_div').addClass('d-none')
$('#user_select_div').attr('class', 'col-xl-7')
$('#infos_div').attr('class', 'col-sm-5 col-md-4') $('#infos_div').attr('class', 'col-sm-5 col-md-4')
const consos_list_obj = $('#consos_list') const consos_list_obj = $('#consos_list')
@ -255,7 +253,7 @@ function consume (source, source_alias, dest, quantity, amount, reason, type, ca
template: template template: template
}).done(function () { }).done(function () {
reset() reset()
addMsg("La transaction n'a pas pu être validée pour cause de solde insuffisant.", 'danger', 10000) addMsg(gettext("La transaction n'a pas pu être validée pour cause de solde insuffisant."), 'danger', 10000)
}).fail(function () { }).fail(function () {
reset() reset()
errMsg(e.responseJSON) errMsg(e.responseJSON)

View File

@ -10,22 +10,22 @@ SPDX-License-Identifier: GPL-3.0-or-later
{% block content %} {% block content %}
<div class="row mt-4"> <div class="row mt-4">
<div class="col-sm-5 col-md-4" id="infos_div"> <div class="col-sm-5 col-md-4" id="infos_div">
<div class="row"> <div class="row justify-content-center justify-content-md-end">
{# User details column #} {# User details column #}
<div class="col"> <div class="col picture-col">
<div class="card bg-light border-success mb-4 text-center"> <div class="card bg-light mb-4 text-center">
<a id="profile_pic_link" href="#"> <a id="profile_pic_link" href="#">
<img src="{% static "member/img/default_picture.png" %}" <img src="{% static "member/img/default_picture.png" %}"
id="profile_pic" alt="" class="card-img-top"> id="profile_pic" alt="" class="card-img-top d-none d-sm-block">
</a> </a>
<div class="card-body text-center text-break"> <div class="card-body text-center text-break p-2">
<span id="user_note"></span> <span id="user_note"><i class="small">{% trans "Please select a note" %}</i></span>
</div> </div>
</div> </div>
</div> </div>
{# User selection column #} {# User selection column #}
<div class="col-xl-7" id="user_select_div"> <div class="col-xl" id="user_select_div">
<div class="card bg-light border-success mb-4"> <div class="card bg-light border-success mb-4">
<div class="card-header"> <div class="card-header">
<p class="card-text font-weight-bold"> <p class="card-text font-weight-bold">
@ -44,6 +44,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
</div> </div>
</div> </div>
</div> </div>
{# Summary of consumption and consume button #} {# Summary of consumption and consume button #}
<div class="col-xl-5 d-none" id="consos_list_div"> <div class="col-xl-5 d-none" id="consos_list_div">
<div class="card bg-light border-info mb-4"> <div class="card bg-light border-info mb-4">
@ -65,7 +66,6 @@ SPDX-License-Identifier: GPL-3.0-or-later
</div> </div>
</div> </div>
{# Show last used buttons #} {# Show last used buttons #}
<div class="card bg-light mb-4"> <div class="card bg-light mb-4">
<div class="card-header"> <div class="card-header">
@ -159,7 +159,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
{% endblock %} {% endblock %}
{% block extrajavascript %} {% block extrajavascript %}
<script type="text/javascript" src="{% static "js/consos.js" %}"></script> <script type="text/javascript" src="{% static "note/js/consos.js" 'javascript-catalog' %}"></script>
<script type="text/javascript"> <script type="text/javascript">
{% for button in highlighted %} {% for button in highlighted %}
{% if button.display %} {% if button.display %}

View File

@ -34,21 +34,21 @@ SPDX-License-Identifier: GPL-2.0-or-later
</div> </div>
</div> </div>
<hr> <hr>
<div class="row"> <div class="row justify-content-center">
{# Preview note profile (picture, username and balance) #} {# Preview note profile (picture, username and balance) #}
<div class="col-md-3" id="note_infos_div"> <div class="col-md picture-col" id="note_infos_div">
<div class="card bg-light border-success shadow mb-4 pt-4 text-center"> <div class="card bg-light mb-4 text-center">
<a id="profile_pic_link" href="#"><img src="{% static "member/img/default_picture.png" %}" <a id="profile_pic_link" href="#"><img src="{% static "member/img/default_picture.png" %}"
id="profile_pic" alt="" class="img-fluid rounded mx-auto"></a> id="profile_pic" alt="" class="img-fluid rounded mx-auto"></a>
<div class="card-body text-center"> <div class="card-body text-center p-2">
<span id="user_note"></span> <span id="user_note"><i class="small">{% trans "Please select a note" %}</i></span>
</div> </div>
</div> </div>
</div> </div>
{# list of emitters #} {# list of emitters #}
<div class="col-md-3" id="emitters_div"> <div class="col-md-3" id="emitters_div">
<div class="card bg-light border-success shadow mb-4"> <div class="card bg-light mb-4">
<div class="card-header"> <div class="card-header">
<p class="card-text font-weight-bold"> <p class="card-text font-weight-bold">
<label for="source_note" id="source_note_label">{% trans "Select emitters" %}</label> <label for="source_note" id="source_note_label">{% trans "Select emitters" %}</label>
@ -75,7 +75,7 @@ SPDX-License-Identifier: GPL-2.0-or-later
{# list of receiver #} {# list of receiver #}
<div class="col-md-3" id="dests_div"> <div class="col-md-3" id="dests_div">
<div class="card bg-light border-info shadow mb-4"> <div class="card bg-light mb-4">
<div class="card-header"> <div class="card-header">
<p class="card-text font-weight-bold" id="dest_title"> <p class="card-text font-weight-bold" id="dest_title">
<label for="dest_note" id="dest_note_label">{% trans "Select receivers" %}</label> <label for="dest_note" id="dest_note_label">{% trans "Select receivers" %}</label>
@ -97,8 +97,8 @@ SPDX-License-Identifier: GPL-2.0-or-later
</div> </div>
{# Information on transaction (amount, reason, name,...) #} {# Information on transaction (amount, reason, name,...) #}
<div class="col-md-3" id="external_div"> <div class="col-md" id="external_div">
<div class="card bg-light border-warning shadow mb-4"> <div class="card bg-light mb-4">
<div class="card-header"> <div class="card-header">
<p class="card-text font-weight-bold"> <p class="card-text font-weight-bold">
{% trans "Action" %} {% trans "Action" %}
@ -153,7 +153,7 @@ SPDX-License-Identifier: GPL-2.0-or-later
</div> </div>
</div> </div>
{# transaction history #} {# transaction history #}
<div class="card shadow mb-4" id="history"> <div class="card mb-4" id="history">
<div class="card-header"> <div class="card-header">
<p class="card-text font-weight-bold"> <p class="card-text font-weight-bold">
{% trans "Recent transactions history" %} {% trans "Recent transactions history" %}
@ -176,5 +176,5 @@ SPDX-License-Identifier: GPL-2.0-or-later
select_receveirs_label = "{% trans "Select receivers" %}"; select_receveirs_label = "{% trans "Select receivers" %}";
transfer_type_label = "{% trans "Transfer type" %}"; transfer_type_label = "{% trans "Transfer type" %}";
</script> </script>
<script src="/static/js/transfer.js"></script> <script src="{% static "note/js/transfer.js" %}"></script>
{% endblock %} {% endblock %}

View File

@ -144,7 +144,7 @@ class TransactionTemplateUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, Up
class ConsoView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTableView): class ConsoView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTableView):
""" """
The Magic View that make people pay their beer and burgers. The Magic View that make people pay their beer and burgers.
(Most of the magic happens in the dark world of Javascript see `note_kfet/static/js/consos.js`) (Most of the magic happens in the dark world of Javascript see `static/note/js/consos.js`)
""" """
model = Transaction model = Transaction
template_name = "note/conso_form.html" template_name = "note/conso_form.html"

View File

@ -4,7 +4,6 @@
from functools import lru_cache from functools import lru_cache
from time import time from time import time
from django.conf import settings
from django.contrib.sessions.models import Session from django.contrib.sessions.models import Session
from note_kfet.middlewares import get_current_session from note_kfet.middlewares import get_current_session
@ -33,9 +32,9 @@ def memoize(f):
sess_funs = new_sess_funs sess_funs = new_sess_funs
def func(*args, **kwargs): def func(*args, **kwargs):
if settings.DEBUG: # if settings.DEBUG:
# Don't memoize in DEBUG mode # # Don't memoize in DEBUG mode
return f(*args, **kwargs) # return f(*args, **kwargs)
nonlocal last_collect nonlocal last_collect

View File

@ -1103,7 +1103,7 @@
"treasury", "treasury",
"sogecredit" "sogecredit"
], ],
"query": "{\"credit_transaction\": null}", "query": "{}",
"type": "add", "type": "add",
"mask": 1, "mask": 1,
"field": "", "field": "",
@ -2647,6 +2647,150 @@
"description": "Changer l'image de la note de son club" "description": "Changer l'image de la note de son club"
} }
}, },
{
"model": "permission.permission",
"pk": 170,
"fields": {
"model": [
"note",
"alias"
],
"query": "{\"note__is_active\": true}",
"type": "add",
"mask": 1,
"field": "",
"permanent": false,
"description": "Ajouter n'importe quel alias à une note non bloquée"
}
},
{
"model": "permission.permission",
"pk": 171,
"fields": {
"model": [
"note",
"alias"
],
"query": "{\"note__is_active\": true}",
"type": "delete",
"mask": 3,
"field": "",
"permanent": false,
"description": "Supprimer n'importe quel alias à une note non bloquée"
}
},
{
"model": "permission.permission",
"pk": 172,
"fields": {
"model": [
"treasury",
"remittance"
],
"query": "{}",
"type": "view",
"mask": 3,
"field": "",
"permanent": false,
"description": "Voir toutes les remises"
}
},
{
"model": "permission.permission",
"pk": 173,
"fields": {
"model": [
"treasury",
"remittance"
],
"query": "{}",
"type": "add",
"mask": 3,
"field": "",
"permanent": false,
"description": "Ajouter une remise"
}
},
{
"model": "permission.permission",
"pk": 174,
"fields": {
"model": [
"treasury",
"remittance"
],
"query": "{}",
"type": "change",
"mask": 3,
"field": "",
"permanent": false,
"description": "Modifier une remise"
}
},
{
"model": "permission.permission",
"pk": 175,
"fields": {
"model": [
"treasury",
"remittance"
],
"query": "{}",
"type": "delete",
"mask": 3,
"field": "",
"permanent": false,
"description": "Supprimer une remise"
}
},
{
"model": "permission.permission",
"pk": 176,
"fields": {
"model": [
"auth",
"user"
],
"query": "{\"profile__registration_valid\": false}",
"type": "change",
"mask": 1,
"field": "",
"permanent": false,
"description": "Modifier n'importe quel utilisateur non encore inscrit"
}
},
{
"model": "permission.permission",
"pk": 177,
"fields": {
"model": [
"member",
"profile"
],
"query": "{\"registration_valid\": false}",
"type": "change",
"mask": 1,
"field": "",
"permanent": false,
"description": "Modifier n'importe quel profil non encore inscrit"
}
},
{
"model": "permission.permission",
"pk": 178,
"fields": {
"model": [
"note",
"alias"
],
"query": "{}",
"type": "view",
"mask": 3,
"field": "",
"permanent": false,
"description": "Voir tous les alias, y compris ceux des non adhérents"
}
},
{ {
"model": "permission.role", "model": "permission.role",
"pk": 1, "pk": 1,
@ -2850,7 +2994,16 @@
150, 150,
151, 151,
163, 163,
164 164,
170,
171,
172,
173,
174,
175,
176,
177,
178
] ]
} }
}, },
@ -3024,7 +3177,16 @@
166, 166,
167, 167,
168, 168,
169 169,
170,
171,
172,
173,
174,
175,
176,
177,
178
] ]
} }
}, },
@ -3050,10 +3212,15 @@
29, 29,
30, 30,
31, 31,
70,
143, 143,
166, 166,
167, 167,
168 168,
170,
171,
176,
177
] ]
} }
}, },
@ -3219,10 +3386,13 @@
138, 138,
139, 139,
140, 140,
143,
145, 145,
146, 146,
147, 147,
150 150,
176,
177
] ]
} }
}, },

View File

@ -199,6 +199,7 @@ class Permission(models.Model):
if self.field and self.type not in {'view', 'change'}: if self.field and self.type not in {'view', 'change'}:
raise ValidationError(_("Specifying field applies only to view and change permission types.")) raise ValidationError(_("Specifying field applies only to view and change permission types."))
@transaction.atomic
def save(self, **kwargs): def save(self, **kwargs):
self.full_clean() self.full_clean()
super().save() super().save()

View File

@ -14,6 +14,7 @@ class StrongDjangoObjectPermissions(DjangoObjectPermissions):
This is a simple patch of this class that controls view access. This is a simple patch of this class that controls view access.
""" """
# The queryset is filtered, and permissions are more powerful than a simple check than just "can view this model"
perms_map = { perms_map = {
'GET': ['%(app_label)s.view_%(model_name)s'], 'GET': ['%(app_label)s.view_%(model_name)s'],
'OPTIONS': [], 'OPTIONS': [],

View File

@ -6,6 +6,7 @@ from datetime import date
from django.contrib.auth.mixins import LoginRequiredMixin from django.contrib.auth.mixins import LoginRequiredMixin
from django.contrib.auth.models import User from django.contrib.auth.models import User
from django.core.exceptions import PermissionDenied from django.core.exceptions import PermissionDenied
from django.db import transaction
from django.db.models import Q from django.db.models import Q
from django.forms import HiddenInput from django.forms import HiddenInput
from django.http import Http404 from django.http import Http404
@ -56,6 +57,7 @@ class ProtectQuerysetMixin:
return form return form
@transaction.atomic
def form_valid(self, form): def form_valid(self, form):
""" """
Submit the form, if the page is a FormView. Submit the form, if the page is a FormView.

View File

@ -60,7 +60,7 @@ class ValidationForm(forms.Form):
soge = forms.BooleanField( soge = forms.BooleanField(
label=_("Inscription paid by Société Générale"), label=_("Inscription paid by Société Générale"),
required=False, required=False,
help_text=_("Check this case is the Société Générale paid the inscription."), help_text=_("Check this case if the Société Générale paid the inscription."),
) )
credit_type = forms.ModelChoiceField( credit_type = forms.ModelChoiceField(

View File

@ -6,7 +6,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
{% block content %} {% block content %}
<div class="row mt-4"> <div class="row mt-4">
<div class="col-md-3 mb-4"> <div class="col-xl-5 mb-4">
<div class="card bg-light shadow"> <div class="card bg-light shadow">
<div class="card-header text-center" > <div class="card-header text-center" >
<h4> {% trans "Account #" %} {{ object.pk }}</h4> <h4> {% trans "Account #" %} {{ object.pk }}</h4>
@ -50,7 +50,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
</div> </div>
</div> </div>
</div> </div>
<div class="col-md-9"> <div class="col-md-7">
<div class="card bg-light shadow"> <div class="card bg-light shadow">
<form method="post"> <form method="post">
<div class="card-header text-center" > <div class="card-header text-center" >

View File

@ -5,6 +5,7 @@ from django.conf import settings
from django.contrib.auth.mixins import LoginRequiredMixin from django.contrib.auth.mixins import LoginRequiredMixin
from django.contrib.auth.models import User from django.contrib.auth.models import User
from django.core.exceptions import ValidationError from django.core.exceptions import ValidationError
from django.db import transaction
from django.db.models import Q from django.db.models import Q
from django.shortcuts import resolve_url, redirect from django.shortcuts import resolve_url, redirect
from django.urls import reverse_lazy from django.urls import reverse_lazy
@ -47,6 +48,7 @@ class UserCreateView(CreateView):
return context return context
@transaction.atomic
def form_valid(self, form): def form_valid(self, form):
""" """
If the form is valid, then the user is created with is_active set to False If the form is valid, then the user is created with is_active set to False
@ -234,6 +236,7 @@ class FutureUserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, FormMixin,
form.fields["first_name"].initial = user.first_name form.fields["first_name"].initial = user.first_name
return form return form
@transaction.atomic
def form_valid(self, form): def form_valid(self, form):
user = self.get_object() user = self.get_object()

View File

@ -4,6 +4,7 @@
from crispy_forms.helper import FormHelper from crispy_forms.helper import FormHelper
from crispy_forms.layout import Submit from crispy_forms.layout import Submit
from django import forms from django import forms
from django.db import transaction
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from note_kfet.inputs import AmountInput from note_kfet.inputs import AmountInput
@ -149,6 +150,7 @@ class LinkTransactionToRemittanceForm(forms.ModelForm):
self.instance.transaction.bank = cleaned_data["bank"] self.instance.transaction.bank = cleaned_data["bank"]
return cleaned_data return cleaned_data
@transaction.atomic
def save(self, commit=True): def save(self, commit=True):
""" """
Save the transaction and the remittance. Save the transaction and the remittance.

View File

@ -5,7 +5,7 @@ from datetime import date
from django.contrib.auth.models import User from django.contrib.auth.models import User
from django.core.exceptions import ValidationError from django.core.exceptions import ValidationError
from django.db import models from django.db import models, transaction
from django.db.models import Q from django.db.models import Q
from django.template.loader import render_to_string from django.template.loader import render_to_string
from django.utils import timezone from django.utils import timezone
@ -76,6 +76,7 @@ class Invoice(models.Model):
verbose_name=_("tex source"), verbose_name=_("tex source"),
) )
@transaction.atomic
def save(self, *args, **kwargs): def save(self, *args, **kwargs):
""" """
When an invoice is generated, we store the tex source. When an invoice is generated, we store the tex source.
@ -228,6 +229,7 @@ class Remittance(models.Model):
""" """
return sum(transaction.total for transaction in self.transactions.all()) return sum(transaction.total for transaction in self.transactions.all())
@transaction.atomic
def save(self, force_insert=False, force_update=False, using=None, update_fields=None): def save(self, force_insert=False, force_update=False, using=None, update_fields=None):
# Check if all transactions have the right type. # Check if all transactions have the right type.
if self.transactions.exists() and self.transactions.filter(~Q(source=self.remittance_type.note)).exists(): if self.transactions.exists() and self.transactions.filter(~Q(source=self.remittance_type.note)).exists():
@ -291,11 +293,12 @@ class SogeCredit(models.Model):
@property @property
def valid(self): def valid(self):
return self.credit_transaction.valid return self.credit_transaction and self.credit_transaction.valid
@property @property
def amount(self): def amount(self):
return sum(transaction.total for transaction in self.transactions.all()) + 8000 return self.credit_transaction.total if self.valid \
else sum(transaction.total for transaction in self.transactions.all()) + 8000
def invalidate(self): def invalidate(self):
""" """
@ -305,10 +308,10 @@ class SogeCredit(models.Model):
if self.valid: if self.valid:
self.credit_transaction.valid = False self.credit_transaction.valid = False
self.credit_transaction.save() self.credit_transaction.save()
for transaction in self.transactions.all(): for tr in self.transactions.all():
transaction.valid = False tr.valid = False
transaction._force_save = True tr._force_save = True
transaction.save() tr.save()
def validate(self, force=False): def validate(self, force=False):
if self.valid and not force: if self.valid and not force:
@ -320,18 +323,20 @@ class SogeCredit(models.Model):
# Refresh credit amount # Refresh credit amount
self.save() self.save()
self.credit_transaction.valid = True self.credit_transaction.valid = True
self.credit_transaction._force_save = True
self.credit_transaction.save() self.credit_transaction.save()
self.save() self.save()
for transaction in self.transactions.all(): for tr in self.transactions.all():
transaction.valid = True tr.valid = True
transaction._force_save = True tr._force_save = True
transaction.created_at = timezone.now() tr.created_at = timezone.now()
transaction.save() tr.save()
@transaction.atomic
def save(self, *args, **kwargs): def save(self, *args, **kwargs):
if not self.credit_transaction: if not self.credit_transaction:
self.credit_transaction = SpecialTransaction.objects.create( credit_transaction = SpecialTransaction(
source=NoteSpecial.objects.get(special_type="Virement bancaire"), source=NoteSpecial.objects.get(special_type="Virement bancaire"),
destination=self.user.note, destination=self.user.note,
quantity=1, quantity=1,
@ -342,6 +347,10 @@ class SogeCredit(models.Model):
bank="Société générale", bank="Société générale",
valid=False, valid=False,
) )
credit_transaction._force_save = True
credit_transaction.save()
credit_transaction.refresh_from_db()
self.credit_transaction = credit_transaction
elif not self.valid: elif not self.valid:
self.credit_transaction.amount = self.amount self.credit_transaction.amount = self.amount
self.credit_transaction._force_save = True self.credit_transaction._force_save = True
@ -361,11 +370,11 @@ class SogeCredit(models.Model):
"Please ask her/him to credit the note before invalidating this credit.")) "Please ask her/him to credit the note before invalidating this credit."))
self.invalidate() self.invalidate()
for transaction in self.transactions.all(): for tr in self.transactions.all():
transaction._force_save = True tr._force_save = True
transaction.valid = True tr.valid = True
transaction.created_at = timezone.now() tr.created_at = timezone.now()
transaction.save() tr.save()
self.credit_transaction.valid = False self.credit_transaction.valid = False
self.credit_transaction.reason += " (invalide)" self.credit_transaction.reason += " (invalide)"
self.credit_transaction.save() self.credit_transaction.save()

View File

@ -9,6 +9,7 @@ from tempfile import mkdtemp
from crispy_forms.helper import FormHelper from crispy_forms.helper import FormHelper
from django.contrib.auth.mixins import LoginRequiredMixin from django.contrib.auth.mixins import LoginRequiredMixin
from django.core.exceptions import ValidationError, PermissionDenied from django.core.exceptions import ValidationError, PermissionDenied
from django.db import transaction
from django.db.models import Q from django.db.models import Q
from django.forms import Form from django.forms import Form
from django.http import HttpResponse from django.http import HttpResponse
@ -65,6 +66,7 @@ class InvoiceCreateView(ProtectQuerysetMixin, ProtectedCreateView):
del form.fields["locked"] del form.fields["locked"]
return form return form
@transaction.atomic
def form_valid(self, form): def form_valid(self, form):
ret = super().form_valid(form) ret = super().form_valid(form)
@ -144,6 +146,7 @@ class InvoiceUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):
del form.fields["id"] del form.fields["id"]
return form return form
@transaction.atomic
def form_valid(self, form): def form_valid(self, form):
ret = super().form_valid(form) ret = super().form_valid(form)
@ -439,6 +442,7 @@ class SogeCreditManageView(LoginRequiredMixin, ProtectQuerysetMixin, BaseFormVie
form_class = Form form_class = Form
extra_context = {"title": _("Manage credits from the Société générale")} extra_context = {"title": _("Manage credits from the Société générale")}
@transaction.atomic
def form_valid(self, form): def form_valid(self, form):
if "validate" in form.data: if "validate" in form.data:
self.get_object().validate(True) self.get_object().validate(True)

View File

@ -4,6 +4,7 @@
from random import choice from random import choice
from django import forms from django import forms
from django.db import transaction
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from .base import WEISurvey, WEISurveyInformation, WEISurveyAlgorithm, WEIBusInformation from .base import WEISurvey, WEISurveyInformation, WEISurveyAlgorithm, WEIBusInformation
@ -88,6 +89,7 @@ class WEISurvey2020(WEISurvey):
""" """
form.set_registration(self.registration) form.set_registration(self.registration)
@transaction.atomic
def form_valid(self, form): def form_valid(self, form):
word = form.cleaned_data["word"] word = form.cleaned_data["word"]
self.information.step += 1 self.information.step += 1

View File

@ -1,59 +0,0 @@
# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
# SPDX-License-Identifier: GPL-3.0-or-later
from datetime import date
from django.core.management import BaseCommand
from django.db.models import Q
from member.models import Membership, Club
from wei.models import WEIClub
class Command(BaseCommand):
help = "Get mailing list registrations from the last wei. " \
"Usage: manage.py extract_ml_registrations -t {events,art,sport}. " \
"You can write this into a file with a pipe, then paste the document into your mail manager."
def add_arguments(self, parser):
parser.add_argument('--type', '-t', choices=["members", "clubs", "events", "art", "sport"], default="members",
help='Select the type of the mailing list (default members)')
parser.add_argument('--year', '-y', type=int, default=None,
help='Select the year of the concerned WEI. Default: last year')
def handle(self, *args, **options):
###########################################################
# WARNING #
###########################################################
#
# This code is obsolete.
# TODO: Improve the mailing list extraction system, and link it automatically with Mailman.
if options["type"] == "members":
for membership in Membership.objects.filter(
club__name="BDE",
date_start__lte=date.today(),
date_end__gte=date.today(),
).all():
self.stdout.write(membership.user.email)
return
if options["type"] == "clubs":
for club in Club.objects.all():
self.stdout.write(club.email)
return
if options["year"] is None:
wei = WEIClub.objects.order_by('-year').first()
else:
wei = WEIClub.objects.filter(year=options["year"])
if wei.exists():
wei = wei.get()
else:
wei = WEIClub.objects.order_by('-year').first()
self.stderr.write(self.style.WARNING("Warning: there was no WEI in year " + str(options["year"]) + ". "
+ "Assuming the last WEI (year " + str(wei.year) + ")"))
q = Q(ml_events_registration=True) if options["type"] == "events" else Q(ml_art_registration=True)\
if options["type"] == "art" else Q(ml_sport_registration=True)
registrations = wei.users.filter(q)
for registration in registrations.all():
self.stdout.write(registration.user.email)

View File

@ -238,7 +238,7 @@ class WEIRegistration(models.Model):
information_json = models.TextField( information_json = models.TextField(
default="{}", default="{}",
verbose_name=_("registration information"), verbose_name=_("registration information"),
help_text=_("Information about the registration (buses for old members, survey fot the new members), " help_text=_("Information about the registration (buses for old members, survey for the new members), "
"encoded in JSON"), "encoded in JSON"),
) )

View File

@ -10,6 +10,7 @@ from tempfile import mkdtemp
from django.contrib.auth.mixins import LoginRequiredMixin from django.contrib.auth.mixins import LoginRequiredMixin
from django.contrib.auth.models import User from django.contrib.auth.models import User
from django.core.exceptions import PermissionDenied from django.core.exceptions import PermissionDenied
from django.db import transaction
from django.db.models import Q, Count from django.db.models import Q, Count
from django.db.models.functions.text import Lower from django.db.models.functions.text import Lower
from django.forms import HiddenInput from django.forms import HiddenInput
@ -84,6 +85,7 @@ class WEICreateView(ProtectQuerysetMixin, ProtectedCreateView):
date_end=date.today(), date_end=date.today(),
) )
@transaction.atomic
def form_valid(self, form): def form_valid(self, form):
form.instance.requires_membership = True form.instance.requires_membership = True
form.instance.parent_club = Club.objects.get(name="Kfet") form.instance.parent_club = Club.objects.get(name="Kfet")
@ -517,6 +519,7 @@ class WEIRegister1AView(ProtectQuerysetMixin, ProtectedCreateView):
del form.fields["information_json"] del form.fields["information_json"]
return form return form
@transaction.atomic
def form_valid(self, form): def form_valid(self, form):
form.instance.wei = WEIClub.objects.get(pk=self.kwargs["wei_pk"]) form.instance.wei = WEIClub.objects.get(pk=self.kwargs["wei_pk"])
form.instance.first_year = True form.instance.first_year = True
@ -597,6 +600,7 @@ class WEIRegister2AView(ProtectQuerysetMixin, ProtectedCreateView):
return form return form
@transaction.atomic
def form_valid(self, form): def form_valid(self, form):
form.instance.wei = WEIClub.objects.get(pk=self.kwargs["wei_pk"]) form.instance.wei = WEIClub.objects.get(pk=self.kwargs["wei_pk"])
form.instance.first_year = False form.instance.first_year = False
@ -688,6 +692,7 @@ class WEIUpdateRegistrationView(ProtectQuerysetMixin, LoginRequiredMixin, Update
del form.fields["information_json"] del form.fields["information_json"]
return form return form
@transaction.atomic
def form_valid(self, form): def form_valid(self, form):
# If the membership is already validated, then we update the bus and the team (and the roles) # If the membership is already validated, then we update the bus and the team (and the roles)
if form.instance.is_validated: if form.instance.is_validated:
@ -866,6 +871,7 @@ class WEIValidateRegistrationView(ProtectQuerysetMixin, ProtectedCreateView):
).all() ).all()
return form return form
@transaction.atomic
def form_valid(self, form): def form_valid(self, form):
""" """
Create membership, check that all is good, make transactions Create membership, check that all is good, make transactions
@ -1016,6 +1022,7 @@ class WEISurveyView(LoginRequiredMixin, BaseFormView, DetailView):
context["club"] = self.object.wei context["club"] = self.object.wei
return context return context
@transaction.atomic
def form_valid(self, form): def form_valid(self, form):
""" """
Update the survey with the data of the form. Update the survey with the data of the form.

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -3,7 +3,7 @@
"model": "sites.site", "model": "sites.site",
"pk": 1, "pk": 1,
"fields": { "fields": {
"domain": "localhost", "domain": "note.crans.org",
"name": "La Note Kfet \ud83c\udf7b" "name": "La Note Kfet \ud83c\udf7b"
} }
} }

View File

@ -50,6 +50,20 @@ class SessionMiddleware(object):
def __call__(self, request): def __call__(self, request):
user = request.user user = request.user
# If we authenticate through a token to connect to the API, then we query the good user
if 'HTTP_AUTHORIZATION' in request.META and request.path.startswith("/api"):
token = request.META.get('HTTP_AUTHORIZATION')
if token.startswith("Token "):
token = token[6:]
from rest_framework.authtoken.models import Token
if Token.objects.filter(key=token).exists():
token_obj = Token.objects.get(key=token)
user = token_obj.user
session = request.session
session["permission_mask"] = 42
session.save()
if 'HTTP_X_REAL_IP' in request.META: if 'HTTP_X_REAL_IP' in request.META:
ip = request.META.get('HTTP_X_REAL_IP') ip = request.META.get('HTTP_X_REAL_IP')
elif 'HTTP_X_FORWARDED_FOR' in request.META: elif 'HTTP_X_FORWARDED_FOR' in request.META:

View File

@ -154,6 +154,7 @@ from django.utils.translation import gettext_lazy as _
LANGUAGES = [ LANGUAGES = [
('de', _('German')), ('de', _('German')),
('en', _('English')), ('en', _('English')),
('es', _('Spanish')),
('fr', _('French')), ('fr', _('French')),
] ]

View File

@ -22,6 +22,11 @@
border-bottom-color: rgba(0, 0, 0, .250); border-bottom-color: rgba(0, 0, 0, .250);
} }
/* Fixed width picture column */
.picture-col {
max-width: 202px;
}
/* Limit fluid container to a max size */ /* Limit fluid container to a max size */
.container-fluid { .container-fluid {
max-width: 1600px; max-width: 1600px;

View File

@ -177,12 +177,11 @@ SPDX-License-Identifier: GPL-3.0-or-later
onchange="this.form.submit()"> onchange="this.form.submit()">
{% get_current_language as LANGUAGE_CODE %} {% get_current_language as LANGUAGE_CODE %}
{% get_available_languages as LANGUAGES %} {% get_available_languages as LANGUAGES %}
{% get_language_info_list for LANGUAGES as languages %} {% for lang_code, lang_name in LANGUAGES %}
{% for language in languages %} <option value="{{ lang_code }}"
<option value="{{ language.code }}" {% if lang_code == LANGUAGE_CODE %}
{% if language.code == LANGUAGE_CODE %}
selected{% endif %}> selected{% endif %}>
{{ language.name_local }} ({{ language.code }}) {{ lang_name }} ({{ lang_code }})
</option> </option>
{% endfor %} {% endfor %}
</select> </select>

View File

@ -6,6 +6,7 @@ from django.conf.urls.static import static
from django.urls import path, include from django.urls import path, include
from django.views.defaults import bad_request, permission_denied, page_not_found, server_error from django.views.defaults import bad_request, permission_denied, page_not_found, server_error
from django.views.generic import RedirectView from django.views.generic import RedirectView
from django.views.i18n import JavaScriptCatalog
from member.views import CustomLoginView from member.views import CustomLoginView
@ -34,10 +35,14 @@ urlpatterns = [
# Make coffee # Make coffee
path('coffee/', include('django_htcpcp_tea.urls')), path('coffee/', include('django_htcpcp_tea.urls')),
# Translate js
path('jsi18n/', JavaScriptCatalog.as_view(), name='javascript-catalog'),
] ]
urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT) # During development, serve media files
urlpatterns += static(settings.STATIC_URL, document_root=settings.STATIC_ROOT) if settings.DEBUG:
urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
if "cas_server" in settings.INSTALLED_APPS: if "cas_server" in settings.INSTALLED_APPS: