There is not always an error

Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>

.env_example

@@ -10,7 +10,6 @@ DJANGO_SECRET_KEY=CHANGE_ME
 DJANGO_SETTINGS_MODULE=note_kfet.settings
 CONTACT_EMAIL=tresorerie.bde@localhost
 NOTE_URL=localhost
-DOMAIN=localhost
 
 # Config for mails. Only used in production
 NOTE_MAIL=notekfet@localhost

.gitignore

@@ -47,3 +47,8 @@ backups/
 env/
 venv/
 db.sqlite3
+
+# ansibles customs host
+ansible/host_vars/*.yaml
+!ansible/host_vars/bde*
+ansible/hosts

.gitlab-ci.yml

@@ -1,6 +1,7 @@
 stages:
   - test
   - quality-assurance
+  - docs
 
 # Also fetch submodules
 variables:
@@ -16,8 +17,8 @@ py37-django22:
         apt-get install --no-install-recommends -t buster-backports -y
         python3-django python3-django-crispy-forms
         python3-django-extensions python3-django-filters python3-django-polymorphic
-        python3-djangorestframework python3-django-cas-server python3-psycopg2 python3-pil
-        python3-babel python3-lockfile python3-pip python3-phonenumbers
+        python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil
+        python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache
         python3-bs4 python3-setuptools tox texlive-xetex
   script: tox -e py37-django22
 
@@ -33,11 +34,26 @@ py38-django22:
         apt-get install --no-install-recommends -y
         python3-django python3-django-crispy-forms
         python3-django-extensions python3-django-filters python3-django-polymorphic
-        python3-djangorestframework python3-django-cas-server python3-psycopg2 python3-pil
-        python3-babel python3-lockfile python3-pip python3-phonenumbers
+        python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil
+        python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache
         python3-bs4 python3-setuptools tox texlive-xetex
   script: tox -e py38-django22
 
+# Debian Bullseye
+py39-django22:
+  stage: test
+  image: debian:bullseye
+  before_script:
+    - >
+        apt-get update &&
+        apt-get install --no-install-recommends -y
+        python3-django python3-django-crispy-forms
+        python3-django-extensions python3-django-filters python3-django-polymorphic
+        python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil
+        python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache
+        python3-bs4 python3-setuptools tox texlive-xetex
+  script: tox -e py39-django22
+
 linters:
   stage: quality-assurance
   image: debian:buster-backports
@@ -47,3 +63,17 @@ linters:
 
   # Be nice to new contributors, but please use `tox`
   allow_failure: true
+
+# Compile documentation
+documentation:
+  stage: docs
+  image: sphinxdoc/sphinx
+  before_script:
+    - pip install sphinx-rtd-theme
+    - cd docs
+  script:
+    - make dirhtml
+  artifacts:
+    paths:
+      - docs/_build
+    expire_in: 1 day

Dockerfile

@@ -8,8 +8,8 @@ RUN apt-get update && \
     apt-get install --no-install-recommends -t buster-backports -y \
     python3-django python3-django-crispy-forms \
     python3-django-extensions python3-django-filters python3-django-polymorphic \
-    python3-djangorestframework python3-django-cas-server python3-psycopg2 python3-pil \
-    python3-babel python3-lockfile python3-pip python3-phonenumbers ipython3 \
+    python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil \
+    python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache ipython3 \
     python3-bs4 python3-setuptools \
     uwsgi uwsgi-plugin-python3 \
     texlive-xetex gettext libjs-bootstrap4 fonts-font-awesome && \

README.md

@@ -69,13 +69,31 @@ accessible depuis l'ensemble de votre réseau, pratique pour tester le rendu
 de la note sur un téléphone !
 
 ## Installation d'une instance de production
+Pour déployer facilement la note il est possible d'utiliser le playbook Ansible (sinon vous pouvez toujours le faire a la main, voir plus bas).
+### Avec ansible
+Il vous faudra un serveur sous debian ou ubuntu connecté à internet et que vous souhaiterez accéder à cette instance de la note sur `note.nomdedomaine.tld`.
+
+0. Installer Ansible sur votre machine personnelle.
+
+0. (bis) cloner le dépot sur votre machine personelle.
+
+1.  Copier le fichier `ansible/host_example`
+``` bash
+$ cp ansible/hosts_example ansible/hosts
+```
+et ajouter sous [dev] et/ou [prod] les serveurs sur lesquels vous souhaitez installer la note.
+2.  Créer un fichier `ansible/host_vars/<note.nomdedomaine.tld.yaml>` sur le modèle des fichiers existants dans `ansible/hosts` et compléter les variables nécessaires.
+
+3. lancer `ansible/base.yaml -l <nomdedomaine.tld.yaml>`
+4. Aller vous faire un café, ca peux durer un moment.
+
+### Installation manuelle
 
 **En production on souhaite absolument utiliser les modules Python packagées dans le gestionnaire de paquet.**
 Cela permet de mettre à jour facilement les dépendances critiques telles que Django.
 
 L'installation d'une instance de production néccessite **une installation de Debian Buster ou d'Ubuntu 20.04**.
 
-Pour aller vite vous pouvez lancer le Playbook Ansible fournit dans ce dépôt en l'adaptant.
 Sinon vous pouvez suivre les étapes décrites ci-dessous.
 
 0.  Sous Debian Buster, **activer Debian Backports.** En effet Django 2.2 LTS n'est que disponible dans les backports.
@@ -93,10 +111,10 @@ Sinon vous pouvez suivre les étapes décrites ci-dessous.
     $ sudo apt install --no-install-recommends -t buster-backports -y \
         python3-django python3-django-crispy-forms \
         python3-django-extensions python3-django-filters python3-django-polymorphic \
-        python3-djangorestframework python3-django-cas-server python3-psycopg2 python3-pil \
-        python3-babel python3-lockfile python3-pip python3-phonenumbers ipython3 \
-        python3-bs4 python3-setuptools \
-        uwsgi uwsgi-plugin-python3 \
+        python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil \
+        python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache ipython3 \
+        python3-bs4 python3-setuptools python3-docutils \
+        memcached uwsgi uwsgi-plugin-python3 \
         texlive-xetex gettext libjs-bootstrap4 fonts-font-awesome \
         nginx python3-venv git acl
     ```
@@ -261,20 +279,25 @@ Le cahier des charges initial est disponible [sur le Wiki Crans](https://wiki.cr
 La documentation des classes et fonctions est directement dans le code et est explorable à partir de la partie documentation de l'interface d'administration de Django.
 **Commentez votre code !**
 
-La documentation plus haut niveau sur le développement est disponible sur [le Wiki associé au dépôt Git](https://gitlab.crans.org/bde/nk20/-/wikis/home).
+La documentation plus haut niveau sur le développement et sur l'utilisation
+est disponible sur <https://note.crans.org/doc> et également dans le dossier `docs`.
 
 ## FAQ
 
 ### Regénérer les fichiers de traduction
 
-Pour regénérer les traductions vous pouvez vous placer à la racine du projet et lancer le script `makemessages`. Il faut penser à ignorer les dossiers ne contenant pas notre code, dont le virtualenv.
+Pour regénérer les traductions vous pouvez vous placer à la racine du projet et lancer le script `makemessages`.
+Il faut penser à ignorer les dossiers ne contenant pas notre code, dont le virtualenv.
+De plus, il faut aussi extraire les variables des fichiers JavaScript.
 
 ```bash
-django-admin makemessages -i env
+python3 manage.py makemessages -i env
+python3 manage.py makemessages -i env -e js -d djangojs
 ```
 
 Une fois les fichiers édités, vous pouvez compiler les nouvelles traductions avec
 
 ```bash
-django-admin compilemessages
+python3 manage.py compilemessages
+python3 manage.py compilejsmessages
 ```

ansible/base.yml

@@ -7,7 +7,7 @@
       prompt: "Password of the database (leave it blank to skip database init)"
       private: yes
   vars:
-    mirror: deb.debian.org
+    mirror: mirror.crans.org
   roles:
     - 1-apt-basic
     - 2-nk20
@@ -16,3 +16,4 @@
     - 5-nginx
     - 6-psql
     - 7-postinstall
+    - 8-docs

ansible/host_vars/bde-nk20-beta.adh.crans.org.yml

@@ -3,3 +3,4 @@ note:
   server_name: note-beta.crans.org
   git_branch: beta
   cron_enabled: false
+  email: notekfet2020@lists.crans.org

ansible/host_vars/bde-note-dev.adh.crans.org.yml

@@ -3,3 +3,4 @@ note:
   server_name: note-dev.crans.org
   git_branch: beta
   cron_enabled: false
+  email: notekfet2020@lists.crans.org

ansible/host_vars/bde-note.adh.crans.org.yml

@@ -3,3 +3,4 @@ note:
   server_name: note.crans.org
   git_branch: master
   cron_enabled: true
+  email: notekfet2020@lists.crans.org

ansible/hosts_example

@@ -1,5 +1,5 @@
 [dev]
-bde3-virt.adh.crans.org
+bde-note-dev.adh.crans.org
 bde-nk20-beta.adh.crans.org
 
 [prod]

ansible/roles/1-apt-basic/tasks/main.yml

@@ -3,11 +3,12 @@
   apt_repository:
     repo: deb http://{{ mirror }}/debian buster-backports main
     state: present
+  when: ansible_facts['distribution'] == "Debian"
 
 - name: Install note_kfet APT dependencies
   apt:
     update_cache: true
-    default_release: buster-backports
+    default_release: "{{ 'buster-backports' if ansible_facts['distribution'] == 'Debian' }}"
     install_recommends: false
     name:
       # Common tools
@@ -23,13 +24,14 @@
       - python3-babel
       - python3-bs4
       - python3-django
-      - python3-django-cas-server
       - python3-django-crispy-forms
       - python3-django-extensions
       - python3-django-filters
+      - python3-django-oauth-toolkit
       - python3-django-polymorphic
       - python3-djangorestframework
       - python3-lockfile
+      - python3-memcache
       - python3-phonenumbers
       - python3-pil
       - python3-pip
@@ -40,6 +42,9 @@
       # LaTeX (PDF generation)
       - texlive-xetex
 
+      # Cache server
+      - memcached
+
       # WSGI server
       - uwsgi
       - uwsgi-plugin-python3

ansible/roles/2-nk20/tasks/main.yml

@@ -16,7 +16,7 @@
 
 - name: Use default env vars (should be updated!)
   template:
-    src: "env_example"
+    src: "env.j2"
     dest: "/var/www/note_kfet/.env"
     mode: 0644
     force: false
@@ -36,3 +36,13 @@
     dest: /etc/cron.d/note
     owner: root
     group: root
+
+- name: Set default directory to /var/www/note_kfet
+  lineinfile:
+    path: /etc/skel/.bashrc
+    line: 'cd /var/www/note_kfet'
+
+- name: Automatically source Python virtual environment
+  lineinfile:
+    path: /etc/skel/.bashrc
+    line: 'source /var/www/note_kfet/env/bin/activate'

ansible/roles/2-nk20/templates/env.j2

@@ -0,0 +1,23 @@
+DJANGO_APP_STAGE=prod
+# Only used in dev mode, change to "postgresql" if you want to use PostgreSQL in dev
+DJANGO_DEV_STORE_METHOD=sqlite
+DJANGO_DB_HOST=localhost
+DJANGO_DB_NAME=note_db
+DJANGO_DB_USER=note
+DJANGO_DB_PASSWORD={{ DB_PASSWORD }}
+DJANGO_DB_PORT=
+DJANGO_SECRET_KEY=CHANGE_ME
+DJANGO_SETTINGS_MODULE=note_kfet.settings
+CONTACT_EMAIL=tresorerie.bde@localhost
+NOTE_URL= {{note.server_name}}
+
+# Config for mails. Only used in production
+NOTE_MAIL=notekfet@localhost
+EMAIL_HOST=smtp.localhost
+EMAIL_PORT=25
+EMAIL_USER=notekfet@localhost
+EMAIL_PASSWORD=CHANGE_ME
+
+# Wiki configuration
+WIKI_USER=NoteKfet2020
+WIKI_PASSWORD=

ansible/roles/4-certbot/tasks/main.yml

@@ -9,6 +9,11 @@
   retries: 3
   until: pkg_result is succeeded
 
+- name: Check if certificate already exists.
+  stat:
+    path: /etc/letsencrypt/live/{{note.server_name}}/cert.pem
+  register: letsencrypt_cert
+
 - name: Create /etc/letsencrypt/conf.d
   file:
     path: /etc/letsencrypt/conf.d
@@ -19,3 +24,17 @@
     src: "letsencrypt/conf.d/nk20.ini.j2"
     dest: "/etc/letsencrypt/conf.d/nk20.ini"
     mode: 0644
+
+- name: Stop services to allow certbot to generate a cert.
+  service:
+    name: nginx
+    state: stopped
+
+- name: Generate new certificate if one doesn't exist.
+  shell: "certbot certonly --non-interactive --agree-tos --config /etc/letsencrypt/conf.d/nk20.ini -d {{note.server_name}}"
+  when: letsencrypt_cert.stat.exists == False
+
+- name: Restart services to allow certbot to generate a cert.
+  service:
+    name: nginx
+    state: started

ansible/roles/4-certbot/templates/letsencrypt/conf.d/nk20.ini.j2

@@ -10,7 +10,7 @@ rsa-key-size = 4096
 # server = https://acme-staging.api.letsencrypt.org/directory
 
 # Uncomment and update to register with the specified e-mail address
-email = notekfet2020@lists.crans.org
+email = {{ note.email }}
 
 # Uncomment to use a text interface instead of ncurses
 text = True

ansible/roles/5-nginx/templates/nginx_note.conf

@@ -1,5 +1,5 @@
 # the upstream component nginx needs to connect to
-upstream note{
+upstream note {
     server unix:///var/www/note_kfet/note_kfet.sock; # file socket
 }
 
@@ -50,6 +50,10 @@ server {
         alias /var/www/note_kfet/static; # your Django project's static files - amend as required
     }
 
+    location /doc {
+        alias /var/www/documentation;    # The documentation of the project
+    }
+
     # Finally, send all non-media requests to the Django server.
     location / {
         uwsgi_pass note;

ansible/roles/6-psql/tasks/main.yml

@@ -11,14 +11,14 @@
   until: pkg_result is succeeded
 
 - name: Create role note
-  when: "DB_PASSWORD|bool"    # If the password is not defined, skip the installation
+  when: DB_PASSWORD|length > 0 # If the password is not defined, skip the installation
   postgresql_user:
     name: note
     password: "{{ DB_PASSWORD }}"
   become_user: postgres
 
 - name: Create NK20 database
-  when: "DB_PASSWORD|bool"
+  when: DB_PASSWORD|length >0
   postgresql_db:
     name: note_db
     owner: note

ansible/roles/7-postinstall/tasks/main.yml

@@ -1,4 +1,10 @@
 ---
+- name: Collect static files
+  command: /var/www/note_kfet/env/bin/python manage.py collectstatic --noinput
+  args:
+    chdir: /var/www/note_kfet
+  become_user: www-data
+
 - name: Migrate Django database
   command: /var/www/note_kfet/env/bin/python manage.py migrate
   args:
@@ -11,14 +17,14 @@
     chdir: /var/www/note_kfet
   become_user: www-data
 
+- name: Compile JavaScript messages
+  command: /var/www/note_kfet/env/bin/python manage.py compilejsmessages
+  args:
+    chdir: /var/www/note_kfet
+  become_user: www-data
+
 - name: Install initial fixtures
   command: /var/www/note_kfet/env/bin/python manage.py loaddata initial
   args:
     chdir: /var/www/note_kfet
   become_user: postgres
-
-- name: Collect static files
-  command: /var/www/note_kfet/env/bin/python manage.py collectstatic --noinput
-  args:
-    chdir: /var/www/note_kfet
-  become_user: www-data

ansible/roles/8-docs/tasks/main.yml

@@ -0,0 +1,20 @@
+---
+- name: Install Sphinx and RTD theme
+  pip:
+    requirements: /var/www/note_kfet/docs/requirements.txt
+    virtualenv: /var/www/note_kfet/env
+    virtualenv_command: /usr/bin/python3 -m venv
+    virtualenv_site_packages: true
+  become_user: www-data
+
+- name: Create documentation directory with good permissions
+  file:
+    path: /var/www/documentation
+    state: directory
+    owner: www-data
+    group: www-data
+    mode: u=rwx,g=rwxs,o=rx
+
+- name: Build HTML documentation
+  command: /var/www/note_kfet/env/bin/sphinx-build -b dirhtml /var/www/note_kfet/docs/ /var/www/documentation/
+  become_user: www-data

apps/activity/api/views.py

@@ -15,10 +15,10 @@ class ActivityTypeViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `ActivityType` objects, serialize it to JSON with the given serializer,
     then render it on /api/activity/type/
     """
-    queryset = ActivityType.objects.all()
+    queryset = ActivityType.objects.order_by('id')
     serializer_class = ActivityTypeSerializer
     filter_backends = [DjangoFilterBackend]
-    filterset_fields = ['name', 'can_invite', ]
+    filterset_fields = ['name', 'manage_entries', 'can_invite', 'guest_entry_fee', ]
 
 
 class ActivityViewSet(ReadProtectedModelViewSet):
@@ -27,10 +27,16 @@ class ActivityViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `Activity` objects, serialize it to JSON with the given serializer,
     then render it on /api/activity/activity/
     """
-    queryset = Activity.objects.all()
+    queryset = Activity.objects.order_by('id')
     serializer_class = ActivitySerializer
-    filter_backends = [DjangoFilterBackend]
-    filterset_fields = ['name', 'description', 'activity_type', ]
+    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filterset_fields = ['name', 'description', 'activity_type', 'location', 'creater', 'organizer', 'attendees_club',
+                        'date_start', 'date_end', 'valid', 'open', ]
+    search_fields = ['$name', '$description', '$location', '$creater__last_name', '$creater__first_name',
+                     '$creater__email', '$creater__note__alias__name', '$creater__note__alias__normalized_name',
+                     '$organizer__name', '$organizer__email', '$organizer__note__alias__name',
+                     '$organizer__note__alias__normalized_name', '$attendees_club__name', '$attendees_club__email',
+                     '$attendees_club__note__alias__name', '$attendees_club__note__alias__normalized_name', ]
 
 
 class GuestViewSet(ReadProtectedModelViewSet):
@@ -39,10 +45,13 @@ class GuestViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `Guest` objects, serialize it to JSON with the given serializer,
     then render it on /api/activity/guest/
     """
-    queryset = Guest.objects.all()
+    queryset = Guest.objects.order_by('id')
     serializer_class = GuestSerializer
-    filter_backends = [SearchFilter]
-    search_fields = ['$last_name', '$first_name', '$inviter__alias__name', '$inviter__alias__normalized_name', ]
+    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filterset_fields = ['activity', 'activity__name', 'last_name', 'first_name', 'inviter', 'inviter__alias__name',
+                        'inviter__alias__normalized_name', ]
+    search_fields = ['$activity__name', '$last_name', '$first_name', '$inviter__user__email', '$inviter__alias__name',
+                     '$inviter__alias__normalized_name', ]
 
 
 class EntryViewSet(ReadProtectedModelViewSet):
@@ -51,7 +60,9 @@ class EntryViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `Entry` objects, serialize it to JSON with the given serializer,
     then render it on /api/activity/entry/
     """
-    queryset = Entry.objects.all()
+    queryset = Entry.objects.order_by('id')
     serializer_class = EntrySerializer
-    filter_backends = [SearchFilter]
-    search_fields = ['$last_name', '$first_name', '$inviter__alias__name', '$inviter__alias__normalized_name', ]
+    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filterset_fields = ['activity', 'time', 'note', 'guest', ]
+    search_fields = ['$activity__name', '$note__user__email', '$note__alias__name', '$note__alias__normalized_name',
+                     '$guest__last_name', '$guest__first_name', ]

apps/activity/models.py

@@ -7,7 +7,7 @@ from threading import Thread
 
 from django.conf import settings
 from django.contrib.auth.models import User
-from django.db import models
+from django.db import models, transaction
 from django.db.models import Q
 from django.utils import timezone
 from django.utils.translation import gettext_lazy as _
@@ -123,6 +123,7 @@ class Activity(models.Model):
         verbose_name=_('open'),
     )
 
+    @transaction.atomic
     def save(self, *args, **kwargs):
         """
         Update the activity wiki page each time the activity is updated (validation, change description, ...)
@@ -194,8 +195,8 @@ class Entry(models.Model):
             else _("Entry for {note} to the activity {activity}").format(
             guest=str(self.guest), note=str(self.note), activity=str(self.activity))
 
+    @transaction.atomic
     def save(self, *args, **kwargs):
-
         qs = Entry.objects.filter(~Q(pk=self.pk), activity=self.activity, note=self.note, guest=self.guest)
         if qs.exists():
             raise ValidationError(_("Already entered on ") + _("{:%Y-%m-%d %H:%M:%S}").format(qs.get().time, ))
@@ -260,6 +261,7 @@ class Guest(models.Model):
         except AttributeError:
             return False
 
+    @transaction.atomic
     def save(self, force_insert=False, force_update=False, using=None, update_fields=None):
         one_year = timedelta(days=365)
 

apps/activity/templates/activity/activity_detail.html

@@ -30,7 +30,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
          headers: {"X-CSRFTOKEN": CSRF_TOKEN}
      })
       .done(function() {
-          addMsg('Invité supprimé','success');
+          addMsg('{% trans "Guest deleted" %}', 'success');
           $("#guests_table").load(location.pathname + " #guests_table");
       })
       .fail(function(xhr, textStatus, error) {

apps/activity/templates/activity/activity_entry.html

@@ -86,10 +86,10 @@ SPDX-License-Identifier: GPL-3.0-or-later
                 }).done(function () {
                     if (target.hasClass("table-info"))
                         addMsg(
-                            "Entrée effectuée, mais attention : la personne n'est plus adhérente Kfet.",
+                            "{% trans "Entry done, but caution: the user is not a Kfet member." %}",
                             "warning", 10000);
                     else
-                        addMsg("Entrée effectuée !", "success", 4000);
+                        addMsg("Entry made!", "success", 4000);
                     reloadTable(true);
                 }).fail(function (xhr) {
                     errMsg(xhr.responseJSON, 4000);
@@ -121,10 +121,10 @@ SPDX-License-Identifier: GPL-3.0-or-later
                     }).done(function () {
                         if (target.hasClass("table-info"))
                             addMsg(
-                                "Entrée effectuée, mais attention : la personne n'est plus adhérente Kfet.",
+                                "{% trans "Entry done, but caution: the user is not a Kfet member." %}",
                                 "warning", 10000);
                         else
-                            addMsg("Entrée effectuée !", "success", 4000);
+                            addMsg("{% trans "Entry done!" %}", "success", 4000);
                         reloadTable(true);
                     }).fail(function (xhr) {
                         errMsg(xhr.responseJSON, 4000);

apps/activity/tests/test_activities.py

@@ -3,13 +3,16 @@
 
 from datetime import timedelta
 
+from api.tests import TestAPI
 from django.contrib.auth.models import User
 from django.test import TestCase
 from django.urls import reverse
 from django.utils import timezone
-from activity.models import Activity, ActivityType, Guest, Entry
 from member.models import Club
 
+from ..api.views import ActivityTypeViewSet, ActivityViewSet, EntryViewSet, GuestViewSet
+from ..models import Activity, ActivityType, Guest, Entry
+
 
 class TestActivities(TestCase):
     """
@@ -173,3 +176,58 @@ class TestActivities(TestCase):
         """
         response = self.client.get(reverse("activity:calendar_ics"))
         self.assertEqual(response.status_code, 200)
+
+
+class TestActivityAPI(TestAPI):
+    def setUp(self) -> None:
+        super().setUp()
+
+        self.activity = Activity.objects.create(
+            name="Activity",
+            description="This is a test activity\non two very very long lines\nbecause this is very important.",
+            location="Earth",
+            activity_type=ActivityType.objects.get(name="Pot"),
+            creater=self.user,
+            organizer=Club.objects.get(name="Kfet"),
+            attendees_club=Club.objects.get(name="Kfet"),
+            date_start=timezone.now(),
+            date_end=timezone.now() + timedelta(days=2),
+            valid=True,
+        )
+
+        self.guest = Guest.objects.create(
+            activity=self.activity,
+            inviter=self.user.note,
+            last_name="GUEST",
+            first_name="Guest",
+        )
+
+        self.entry = Entry.objects.create(
+            activity=self.activity,
+            note=self.user.note,
+            guest=self.guest,
+        )
+
+    def test_activity_api(self):
+        """
+        Load Activity API page and test all filters and permissions
+        """
+        self.check_viewset(ActivityViewSet, "/api/activity/activity/")
+
+    def test_activity_type_api(self):
+        """
+        Load ActivityType API page and test all filters and permissions
+        """
+        self.check_viewset(ActivityTypeViewSet, "/api/activity/type/")
+
+    def test_entry_api(self):
+        """
+        Load Entry API page and test all filters and permissions
+        """
+        self.check_viewset(EntryViewSet, "/api/activity/entry/")
+
+    def test_guest_api(self):
+        """
+        Load Guest API page and test all filters and permissions
+        """
+        self.check_viewset(GuestViewSet, "/api/activity/guest/")

apps/activity/views.py

@@ -7,12 +7,15 @@ from django.conf import settings
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.contenttypes.models import ContentType
 from django.core.exceptions import PermissionDenied
+from django.db import transaction
 from django.db.models import F, Q
 from django.http import HttpResponse
 from django.urls import reverse_lazy
 from django.utils import timezone
+from django.utils.decorators import method_decorator
 from django.utils.translation import gettext_lazy as _
 from django.views import View
+from django.views.decorators.cache import cache_page
 from django.views.generic import DetailView, TemplateView, UpdateView
 from django_tables2.views import SingleTableView
 from note.models import Alias, NoteSpecial, NoteUser
@@ -44,6 +47,7 @@ class ActivityCreateView(ProtectQuerysetMixin, ProtectedCreateView):
             date_end=timezone.now(),
         )
 
+    @transaction.atomic
     def form_valid(self, form):
         form.instance.creater = self.request.user
         return super().form_valid(form)
@@ -145,6 +149,7 @@ class ActivityInviteView(ProtectQuerysetMixin, ProtectedCreateView):
         form.fields["inviter"].initial = self.request.user.note
         return form
 
+    @transaction.atomic
     def form_valid(self, form):
         form.instance.activity = Activity.objects\
             .filter(PermissionBackend.filter_queryset(self.request.user, Activity, "view")).get(pk=self.kwargs["pk"])
@@ -285,6 +290,8 @@ class ActivityEntryView(LoginRequiredMixin, TemplateView):
         return context
 
 
+# Cache for 1 hour
+@method_decorator(cache_page(60 * 60), name='dispatch')
 class CalendarView(View):
     """
     Render an ICS calendar with all valid activities.

apps/api/serializers.py

@@ -4,10 +4,14 @@
 
 from django.contrib.contenttypes.models import ContentType
 from django.contrib.auth.models import User
-from rest_framework.serializers import ModelSerializer
+from django.utils import timezone
+from rest_framework import serializers
+from member.api.serializers import ProfileSerializer, MembershipSerializer
+from note.api.serializers import NoteSerializer
+from note.models import Alias
 
 
-class UserSerializer(ModelSerializer):
+class UserSerializer(serializers.ModelSerializer):
     """
     REST API Serializer for Users.
     The djangorestframework plugin will analyse the model `User` and parse all fields in the API.
@@ -22,7 +26,7 @@ class UserSerializer(ModelSerializer):
         )
 
 
-class ContentTypeSerializer(ModelSerializer):
+class ContentTypeSerializer(serializers.ModelSerializer):
     """
     REST API Serializer for Users.
     The djangorestframework plugin will analyse the model `User` and parse all fields in the API.
@@ -31,3 +35,42 @@ class ContentTypeSerializer(ModelSerializer):
     class Meta:
         model = ContentType
         fields = '__all__'
+
+
+class OAuthSerializer(serializers.ModelSerializer):
+    """
+    Informations that are transmitted by OAuth.
+    For now, this includes user, profile and valid memberships.
+    This should be better managed later.
+    """
+    normalized_name = serializers.SerializerMethodField()
+
+    profile = ProfileSerializer()
+
+    note = NoteSerializer()
+
+    memberships = serializers.SerializerMethodField()
+
+    def get_normalized_name(self, obj):
+        return Alias.normalize(obj.username)
+
+    def get_memberships(self, obj):
+        return serializers.ListSerializer(child=MembershipSerializer()).to_representation(
+            obj.memberships.filter(date_start__lte=timezone.now(), date_end__gte=timezone.now()))
+
+    class Meta:
+        model = User
+        fields = (
+            'id',
+            'username',
+            'normalized_name',
+            'first_name',
+            'last_name',
+            'email',
+            'is_superuser',
+            'is_active',
+            'is_staff',
+            'profile',
+            'note',
+            'memberships',
+        )

apps/api/tests.py

@@ -0,0 +1,240 @@
+# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+import json
+from datetime import datetime, date
+from decimal import Decimal
+from urllib.parse import quote_plus
+from warnings import warn
+
+from django.contrib.auth.models import User
+from django.contrib.contenttypes.models import ContentType
+from django.db.models.fields.files import ImageFieldFile
+from django.test import TestCase
+from django_filters.rest_framework import DjangoFilterBackend
+from member.models import Membership, Club
+from note.models import NoteClub, NoteUser, Alias, Note
+from permission.models import PermissionMask, Permission, Role
+from phonenumbers import PhoneNumber
+from rest_framework.filters import SearchFilter, OrderingFilter
+
+from .viewsets import ContentTypeViewSet, UserViewSet
+
+
+class TestAPI(TestCase):
+    """
+    Load API pages and check that filters are working.
+    """
+    fixtures = ('initial', )
+
+    def setUp(self) -> None:
+        self.user = User.objects.create_superuser(
+            username="adminapi",
+            password="adminapi",
+            email="adminapi@example.com",
+            last_name="Admin",
+            first_name="Admin",
+        )
+        self.client.force_login(self.user)
+
+        sess = self.client.session
+        sess["permission_mask"] = 42
+        sess.save()
+
+    def check_viewset(self, viewset, url):
+        """
+        This function should be called inside a unit test.
+        This loads the viewset and for each filter entry, it checks that the filter is running good.
+        """
+        resp = self.client.get(url + "?format=json")
+        self.assertEqual(resp.status_code, 200)
+
+        model = viewset.serializer_class.Meta.model
+
+        if not model.objects.exists():  # pragma: no cover
+            warn(f"Warning: unable to test API filters for the model {model._meta.verbose_name} "
+                 "since there is no instance of it.")
+            return
+
+        if hasattr(viewset, "filter_backends"):
+            backends = viewset.filter_backends
+            obj = model.objects.last()
+
+            if DjangoFilterBackend in backends:
+                # Specific search
+                for field in viewset.filterset_fields:
+                    obj = self.fix_note_object(obj, field)
+
+                    value = self.get_value(obj, field)
+                    if value is None:  # pragma: no cover
+                        warn(f"Warning: the filter {field} for the model {model._meta.verbose_name} "
+                             "has not been tested.")
+                        continue
+                    resp = self.client.get(url + f"?format=json&{field}={quote_plus(str(value))}")
+                    self.assertEqual(resp.status_code, 200, f"The filter {field} for the model "
+                                                            f"{model._meta.verbose_name} does not work. "
+                                                            f"Given parameter: {value}")
+                    content = json.loads(resp.content)
+                    self.assertGreater(content["count"], 0, f"The filter {field} for the model "
+                                                            f"{model._meta.verbose_name} does not work. "
+                                                            f"Given parameter: {value}")
+
+            if OrderingFilter in backends:
+                # Ensure that ordering is working well
+                for field in viewset.ordering_fields:
+                    resp = self.client.get(url + f"?ordering={field}")
+                    self.assertEqual(resp.status_code, 200)
+                    resp = self.client.get(url + f"?ordering=-{field}")
+                    self.assertEqual(resp.status_code, 200)
+
+            if SearchFilter in backends:
+                # Basic search
+                for field in viewset.search_fields:
+                    obj = self.fix_note_object(obj, field)
+
+                    if field[0] == '$' or field[0] == '=':
+                        field = field[1:]
+                    value = self.get_value(obj, field)
+                    if value is None:  # pragma: no cover
+                        warn(f"Warning: the filter {field} for the model {model._meta.verbose_name} "
+                             "has not been tested.")
+                        continue
+                    resp = self.client.get(url + f"?format=json&search={quote_plus(str(value))}")
+                    self.assertEqual(resp.status_code, 200, f"The filter {field} for the model "
+                                                            f"{model._meta.verbose_name} does not work. "
+                                                            f"Given parameter: {value}")
+                    content = json.loads(resp.content)
+                    self.assertGreater(content["count"], 0, f"The filter {field} for the model "
+                                                            f"{model._meta.verbose_name} does not work. "
+                                                            f"Given parameter: {value}")
+
+            self.check_permissions(url, obj)
+
+    def check_permissions(self, url, obj):
+        """
+        Check that permissions are working
+        """
+        # Drop rights
+        self.user.is_superuser = False
+        self.user.save()
+        sess = self.client.session
+        sess["permission_mask"] = 0
+        sess.save()
+
+        # Delete user permissions
+        for m in Membership.objects.filter(user=self.user).all():
+            m.roles.clear()
+            m.save()
+
+        # Create a new role, which will have the checking permission
+        role = Role.objects.get_or_create(name="β-tester")[0]
+        role.permissions.clear()
+        role.save()
+        membership = Membership.objects.get_or_create(user=self.user, club=Club.objects.get(name="BDE"))[0]
+        membership.roles.set([role])
+        membership.save()
+
+        # Ensure that the access to the object is forbidden without permission
+        resp = self.client.get(url + f"{obj.pk}/")
+        self.assertEqual(resp.status_code, 404, f"Mysterious access to {url}{obj.pk}/ for {obj}")
+
+        obj.refresh_from_db()
+
+        # There are problems with polymorphism
+        if isinstance(obj, Note) and hasattr(obj, "note_ptr"):
+            obj = obj.note_ptr
+
+        mask = PermissionMask.objects.get(rank=0)
+
+        for field in obj._meta.fields:
+            # Build permission query
+            value = self.get_value(obj, field.name)
+            if isinstance(value, date) or isinstance(value, datetime):
+                value = value.isoformat()
+            elif isinstance(value, ImageFieldFile):
+                value = value.name
+            elif isinstance(value, Decimal):
+                value = str(value)
+            query = json.dumps({field.name: value})
+
+            # Create sample permission
+            permission = Permission.objects.get_or_create(
+                model=ContentType.objects.get_for_model(obj._meta.model),
+                query=query,
+                mask=mask,
+                type="view",
+                permanent=False,
+                description=f"Can view {obj._meta.verbose_name}",
+            )[0]
+            role.permissions.set([permission])
+            role.save()
+
+            # Check that the access is possible
+            resp = self.client.get(url + f"{obj.pk}/")
+            self.assertEqual(resp.status_code, 200, f"Permission {permission.query} is not working "
+                                                    f"for the model {obj._meta.verbose_name}")
+
+        # Restore rights
+        self.user.is_superuser = True
+        self.user.save()
+        sess = self.client.session
+        sess["permission_mask"] = 42
+        sess.save()
+
+    @staticmethod
+    def get_value(obj, key: str):
+        """
+        Resolve the queryset filter to get the Python value of an object.
+        """
+        if hasattr(obj, "all"):
+            # obj is a RelatedManager
+            obj = obj.last()
+
+        if obj is None:  # pragma: no cover
+            return None
+
+        if '__' not in key:
+            obj = getattr(obj, key)
+            if hasattr(obj, "pk"):
+                return obj.pk
+            elif hasattr(obj, "all"):
+                if not obj.exists():  # pragma: no cover
+                    return None
+                return obj.last().pk
+            elif isinstance(obj, bool):
+                return int(obj)
+            elif isinstance(obj, datetime):
+                return obj.isoformat()
+            elif isinstance(obj, PhoneNumber):
+                return obj.raw_input
+            return obj
+
+        key, remaining = key.split('__', 1)
+        return TestAPI.get_value(getattr(obj, key), remaining)
+
+    @staticmethod
+    def fix_note_object(obj, field):
+        """
+        When querying an object that has a noteclub or a noteuser field,
+        ensure that the object has a good value.
+        """
+        if isinstance(obj, Alias):
+            if "noteuser" in field:
+                return NoteUser.objects.last().alias.last()
+            elif "noteclub" in field:
+                return NoteClub.objects.last().alias.last()
+        elif isinstance(obj, Note):
+            if "noteuser" in field:
+                return NoteUser.objects.last()
+            elif "noteclub" in field:
+                return NoteClub.objects.last()
+        return obj
+
+
+class TestBasicAPI(TestAPI):
+    def test_user_api(self):
+        """
+        Load the user page.
+        """
+        self.check_viewset(ContentTypeViewSet, "/api/models/")
+        self.check_viewset(UserViewSet, "/api/user/")

apps/api/urls.py

@@ -5,6 +5,7 @@ from django.conf import settings
 from django.conf.urls import url, include
 from rest_framework import routers
 
+from .views import UserInformationView
 from .viewsets import ContentTypeViewSet, UserViewSet
 
 # Routers provide an easy way of automatically determining the URL conf.
@@ -47,5 +48,6 @@ app_name = 'api'
 # Additionally, we include login URLs for the browsable API.
 urlpatterns = [
     url('^', include(router.urls)),
+    url('^me/', UserInformationView.as_view()),
     url('^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
 ]

apps/api/views.py

@@ -0,0 +1,20 @@
+# Copyright (C) 2018-2021 by BDE ENS Paris-Saclay
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+from django.contrib.auth.models import User
+from rest_framework.generics import RetrieveAPIView
+
+from .serializers import OAuthSerializer
+
+
+class UserInformationView(RetrieveAPIView):
+    """
+    These fields are give to OAuth authenticators.
+    """
+    serializer_class = OAuthSerializer
+
+    def get_queryset(self):
+        return User.objects.filter(pk=self.request.user.pk)
+
+    def get_object(self):
+        return self.request.user

apps/api/viewsets.py

@@ -6,6 +6,7 @@ from django_filters.rest_framework import DjangoFilterBackend
 from django.db.models import Q
 from django.conf import settings
 from django.contrib.auth.models import User
+from rest_framework.filters import SearchFilter
 from rest_framework.viewsets import ReadOnlyModelViewSet, ModelViewSet
 from permission.backends import PermissionBackend
 from note_kfet.middlewares import get_current_session
@@ -48,12 +49,13 @@ class UserViewSet(ReadProtectedModelViewSet):
     """
     REST API View set.
     The djangorestframework plugin will get all `User` objects, serialize it to JSON with the given serializer,
-    then render it on /api/users/
+    then render it on /api/user/
     """
-    queryset = User.objects.all()
+    queryset = User.objects
     serializer_class = UserSerializer
     filter_backends = [DjangoFilterBackend]
-    filterset_fields = ['id', 'username', 'first_name', 'last_name', 'email', 'is_superuser', 'is_staff', 'is_active', ]
+    filterset_fields = ['id', 'username', 'first_name', 'last_name', 'email', 'is_superuser', 'is_staff', 'is_active',
+                        'note__alias__name', 'note__alias__normalized_name', ]
 
     def get_queryset(self):
         queryset = super().get_queryset()
@@ -106,7 +108,10 @@ class ContentTypeViewSet(ReadOnlyModelViewSet):
     """
     REST API View set.
     The djangorestframework plugin will get all `User` objects, serialize it to JSON with the given serializer,
-    then render it on /api/users/
+    then render it on /api/models/
     """
-    queryset = ContentType.objects.all()
+    queryset = ContentType.objects.order_by('id')
     serializer_class = ContentTypeSerializer
+    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filterset_fields = ['id', 'app_label', 'model', ]
+    search_fields = ['$app_label', '$model', ]

apps/logs/api/views.py

@@ -15,7 +15,7 @@ class ChangelogViewSet(ReadOnlyProtectedModelViewSet):
     The djangorestframework plugin will get all `Changelog` objects, serialize it to JSON with the given serializer,
     then render it on /api/logs/
     """
-    queryset = Changelog.objects.all()
+    queryset = Changelog.objects.order_by('id')
     serializer_class = ChangelogSerializer
     filter_backends = [DjangoFilterBackend, OrderingFilter]
     filterset_fields = ['model', 'action', "instance_pk", 'user', 'ip', ]

apps/member/api/views.py

@@ -1,7 +1,8 @@
 # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
 # SPDX-License-Identifier: GPL-3.0-or-later
 
-from rest_framework.filters import SearchFilter
+from django_filters.rest_framework import DjangoFilterBackend
+from rest_framework.filters import OrderingFilter, SearchFilter
 from api.viewsets import ReadProtectedModelViewSet
 
 from .serializers import ProfileSerializer, ClubSerializer, MembershipSerializer
@@ -14,8 +15,15 @@ class ProfileViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `Profile` objects, serialize it to JSON with the given serializer,
     then render it on /api/members/profile/
     """
-    queryset = Profile.objects.all()
+    queryset = Profile.objects.order_by('id')
     serializer_class = ProfileSerializer
+    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filterset_fields = ['user', 'user__first_name', 'user__last_name', 'user__username', 'user__email',
+                        'user__note__alias__name', 'user__note__alias__normalized_name', 'phone_number', "section",
+                        'department', 'promotion', 'address', 'paid', 'ml_events_registration', 'ml_sport_registration',
+                        'ml_art_registration', 'report_frequency', 'email_confirmed', 'registration_valid', ]
+    search_fields = ['$user__first_name', '$user__last_name', '$user__username', '$user__email',
+                     '$user__note__alias__name', '$user__note__alias__normalized_name', ]
 
 
 class ClubViewSet(ReadProtectedModelViewSet):
@@ -24,10 +32,13 @@ class ClubViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `Club` objects, serialize it to JSON with the given serializer,
     then render it on /api/members/club/
     """
-    queryset = Club.objects.all()
+    queryset = Club.objects.order_by('id')
     serializer_class = ClubSerializer
-    filter_backends = [SearchFilter]
-    search_fields = ['$name', ]
+    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filterset_fields = ['name', 'email', 'note__alias__name', 'note__alias__normalized_name', 'parent_club',
+                        'parent_club__name', 'require_memberships', 'membership_fee_paid', 'membership_fee_unpaid',
+                        'membership_duration', 'membership_start', 'membership_end', ]
+    search_fields = ['$name', '$email', '$note__alias__name', '$note__alias__normalized_name', ]
 
 
 class MembershipViewSet(ReadProtectedModelViewSet):
@@ -36,5 +47,14 @@ class MembershipViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `Membership` objects, serialize it to JSON with the given serializer,
     then render it on /api/members/membership/
     """
-    queryset = Membership.objects.all()
+    queryset = Membership.objects.order_by('id')
     serializer_class = MembershipSerializer
+    filter_backends = [DjangoFilterBackend, OrderingFilter, SearchFilter]
+    filterset_fields = ['club__name', 'club__email', 'club__note__alias__name', 'club__note__alias__normalized_name',
+                        'user__username', 'user__last_name', 'user__first_name', 'user__email',
+                        'user__note__alias__name', 'user__note__alias__normalized_name',
+                        'date_start', 'date_end', 'fee', 'roles', ]
+    ordering_fields = ['id', 'date_start', 'date_end', ]
+    search_fields = ['$club__name', '$club__email', '$club__note__alias__name', '$club__note__alias__normalized_name',
+                     '$user__username', '$user__last_name', '$user__first_name', '$user__email',
+                     '$user__note__alias__name', '$user__note__alias__normalized_name', '$roles__name', ]

apps/member/auth.py

@@ -0,0 +1,17 @@
+# Copyright (C) 2018-2021 by BDE ENS Paris-Saclay
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+from cas_server.auth import DjangoAuthUser  # pragma: no cover
+from note.models import Alias
+
+
+class CustomAuthUser(DjangoAuthUser):  # pragma: no cover
+    """
+    Override Django Auth User model to define a custom Matrix username.
+    """
+
+    def attributs(self):
+        d = super().attributs()
+        if self.user:
+            d["normalized_name"] = Alias.normalize(self.user.username)
+        return d

apps/member/forms.py

@@ -8,6 +8,7 @@ from django import forms
 from django.conf import settings
 from django.contrib.auth.forms import AuthenticationForm
 from django.contrib.auth.models import User
+from django.db import transaction
 from django.forms import CheckboxSelectMultiple
 from django.utils import timezone
 from django.utils.translation import gettext_lazy as _
@@ -57,6 +58,7 @@ class ProfileForm(forms.ModelForm):
         self.fields['address'].widget.attrs.update({"placeholder": "4 avenue des Sciences, 91190 GIF-SUR-YVETTE"})
         self.fields['promotion'].widget.attrs.update({"max": timezone.now().year})
 
+    @transaction.atomic
     def save(self, commit=True):
         if not self.instance.section or (("department" in self.changed_data
                                          or "promotion" in self.changed_data) and "section" not in self.changed_data):
@@ -148,6 +150,7 @@ class ClubForm(forms.ModelForm):
             "membership_fee_unpaid": AmountInput(),
             "parent_club": Autocomplete(
                 Club,
+                resetable=True,
                 attrs={
                     'api_url': '/api/members/club/',
                 }
@@ -161,7 +164,7 @@ class MembershipForm(forms.ModelForm):
     soge = forms.BooleanField(
         label=_("Inscription paid by Société Générale"),
         required=False,
-        help_text=_("Check this case is the Société Générale paid the inscription."),
+        help_text=_("Check this case if the Société Générale paid the inscription."),
     )
 
     credit_type = forms.ModelChoiceField(

apps/member/migrations/0003_create_bde_and_kfet.py

@@ -7,6 +7,7 @@ def create_bde_and_kfet(apps, schema_editor):
     """
     Club = apps.get_model("member", "club")
     NoteClub = apps.get_model("note", "noteclub")
+    Alias = apps.get_model("note", "alias")
     ContentType = apps.get_model('contenttypes', 'ContentType')
     polymorphic_ctype_id = ContentType.objects.get_for_model(NoteClub).id
 
@@ -45,6 +46,19 @@ def create_bde_and_kfet(apps, schema_editor):
         polymorphic_ctype_id=polymorphic_ctype_id,
     )
 
+    Alias.objects.get_or_create(
+        id=5,
+        note_id=5,
+        name="BDE",
+        normalized_name="bde",
+    )
+    Alias.objects.get_or_create(
+        id=6,
+        note_id=6,
+        name="Kfet",
+        normalized_name="kfet",
+    )
+
 
 class Migration(migrations.Migration):
     dependencies = [

apps/member/migrations/0006_create_note_account_bde_membership.py

@@ -0,0 +1,50 @@
+import sys
+
+from django.db import migrations
+
+
+def give_note_account_permissions(apps, schema_editor):
+    """
+    Automatically manage the membership of the Note account.
+    """
+    User = apps.get_model("auth", "user")
+    Membership = apps.get_model("member", "membership")
+    Role = apps.get_model("permission", "role")
+
+    note = User.objects.filter(username="note")
+    if not note.exists():
+        # We are in a test environment, don't log error message
+        if len(sys.argv) > 1 and sys.argv[1] == 'test':
+            return
+        print("Warning: Note account was not found. The note account was not imported.")
+        print("Make sure you have imported the NK15 database. The new import script handles correctly the permissions.")
+        print("This migration will be ignored, you can re-run it if you forgot the note account or ignore it if you "
+              "don't want this account.")
+        return
+
+    note = note.get()
+
+    # Set for the two clubs a large expiration date and the correct role.
+    for m in Membership.objects.filter(user_id=note.id).all():
+        m.date_end = "3142-12-12"
+        m.roles.set(Role.objects.filter(name="PC Kfet").all())
+        m.save()
+    # By default, the note account is only authorized to be logged from localhost.
+    note.password = "ipbased$127.0.0.1"
+    note.is_active = True
+    note.save()
+    # Ensure that the note of the account is disabled
+    note.note.inactivity_reason = 'forced'
+    note.note.is_active = False
+    note.save()
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ('member', '0005_remove_null_tag_on_charfields'),
+        ('permission', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.RunPython(give_note_account_permissions),
+    ]

apps/member/migrations/0007_auto_20210313_1235.py

@@ -0,0 +1,23 @@
+# Generated by Django 2.2.19 on 2021-03-13 11:35
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('member', '0006_create_note_account_bde_membership'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='membership',
+            name='roles',
+            field=models.ManyToManyField(related_name='memberships', to='permission.Role', verbose_name='roles'),
+        ),
+        migrations.AlterField(
+            model_name='profile',
+            name='promotion',
+            field=models.PositiveSmallIntegerField(default=2021, help_text='Year of entry to the school (None if not ENS student)', null=True, verbose_name='promotion'),
+        ),
+    ]

apps/member/models.py

@@ -7,7 +7,7 @@ import os
 from django.conf import settings
 from django.contrib.auth.models import User
 from django.core.exceptions import ValidationError
-from django.db import models
+from django.db import models, transaction
 from django.db.models import Q
 from django.template import loader
 from django.urls import reverse, reverse_lazy
@@ -271,6 +271,7 @@ class Club(models.Model):
             self._force_save = True
             self.save(force_update=True)
 
+    @transaction.atomic
     def save(self, force_insert=False, force_update=False, using=None,
              update_fields=None):
         if not self.require_memberships:
@@ -312,6 +313,7 @@ class Membership(models.Model):
 
     roles = models.ManyToManyField(
         "permission.Role",
+        related_name="memberships",
         verbose_name=_("roles"),
     )
 
@@ -406,6 +408,7 @@ class Membership(models.Model):
                 parent_membership.roles.set(Role.objects.filter(name="Membre de club").all())
             parent_membership.save()
 
+    @transaction.atomic
     def save(self, *args, **kwargs):
         """
         Calculate fee and end date before saving the membership and creating the transaction if needed.
@@ -475,8 +478,13 @@ class Membership(models.Model):
                 # to treasurers.
                 transaction.valid = False
                 from treasury.models import SogeCredit
-                soge_credit = SogeCredit.objects.get_or_create(user=self.user)[0]
-                soge_credit.refresh_from_db()
+                if SogeCredit.objects.filter(user=self.user).exists():
+                    soge_credit = SogeCredit.objects.get(user=self.user)
+                else:
+                    soge_credit = SogeCredit(user=self.user)
+                    soge_credit._force_save = True
+                    soge_credit.save(force_insert=True)
+                    soge_credit.refresh_from_db()
                 transaction.save(force_insert=True)
                 transaction.refresh_from_db()
                 soge_credit.transactions.add(transaction)

apps/member/static/member/js/alias.js

@@ -14,7 +14,7 @@ function create_alias (e) {
   }).done(function () {
     // Reload table
     $('#alias_table').load(location.pathname + ' #alias_table')
-    addMsg('Alias ajouté', 'success')
+    addMsg(gettext('Alias successfully added'), 'success')
   }).fail(function (xhr, _textStatus, _error) {
     errMsg(xhr.responseJSON)
   })
@@ -22,7 +22,7 @@ function create_alias (e) {
 
 /**
  * On click of "delete", delete the alias
- * @param Integer button_id Alias id to remove
+ * @param button_id:Integer Alias id to remove
  */
 function delete_button (button_id) {
   $.ajax({
@@ -30,7 +30,7 @@ function delete_button (button_id) {
     method: 'DELETE',
     headers: { 'X-CSRFTOKEN': CSRF_TOKEN }
   }).done(function () {
-    addMsg('Alias supprimé', 'success')
+    addMsg(gettext('Alias successfully deleted'), 'success')
     $('#alias_table').load(location.pathname + ' #alias_table')
   }).fail(function (xhr, _textStatus, _error) {
     errMsg(xhr.responseJSON)

apps/member/tables.py

@@ -43,8 +43,24 @@ class UserTable(tables.Table):
 
     section = tables.Column(accessor='profile__section')
 
+    # Override the column to let replace the URL
+    email = tables.EmailColumn(linkify=lambda record: "mailto:{}".format(record.email))
+
     balance = tables.Column(accessor='note__balance', verbose_name=_("Balance"))
 
+    def render_email(self, record, value):
+        # Replace the email by a dash if the user can't see the profile detail
+        # Replace also the URL
+        if not PermissionBackend.check_perm(get_current_authenticated_user(), "member.view_profile", record.profile):
+            value = "—"
+            record.email = value
+        return value
+
+    def render_section(self, record, value):
+        return value \
+            if PermissionBackend.check_perm(get_current_authenticated_user(), "member.view_profile", record.profile) \
+            else "—"
+
     def render_balance(self, record, value):
         return pretty_money(value)\
             if PermissionBackend.check_perm(get_current_authenticated_user(), "note.view_note", record.note) else "—"
@@ -112,7 +128,7 @@ class MembershipTable(tables.Table):
                     fee=0,
                 )
                 if PermissionBackend.check_perm(get_current_authenticated_user(),
-                                                "member:add_membership", empty_membership):  # If the user has right
+                                                "member.add_membership", empty_membership):  # If the user has right
                     renew_url = reverse_lazy('member:club_renew_membership',
                                              kwargs={"pk": record.pk})
                     t = format_html(

apps/member/templates/member/add_members.html

@@ -13,15 +13,29 @@ SPDX-License-Identifier: GPL-3.0-or-later
         {% if additional_fee_renewal %}
         <div class="alert alert-warning">
             {% if renewal %}
-            {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %}
-            The user is not a member of the club·s {{ clubs }}. An additional fee of {{ pretty_fee }}
-            will be charged to renew automatically the membership in this/these club·s.
-            {% endblocktrans %}
+                {% if club.name == "Kfet" %} {# Auto-renewal #}
+                    {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %}
+                    The user is not a member of the club·s {{ clubs }}. An additional fee of {{ pretty_fee }}
+                    will be charged to renew automatically the membership in this/these club·s.
+                    {% endblocktrans %}
+                {% else %}
+                    {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %}
+                        The user is not a member of the club·s {{ clubs }}. Please create the required memberships,
+                        otherwise it will fail.
+                    {% endblocktrans %}
+                {% endif %}
             {% else %}
-            {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %}
-            This club has parents {{ clubs }}. An additional fee of {{ pretty_fee }}
-            will be charged to adhere automatically to this/these club·s.
-            {% endblocktrans %}
+                {% if club.name == "Kfet" %}
+                    {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %}
+                    This club has parents {{ clubs }}. An additional fee of {{ pretty_fee }}
+                    will be charged to adhere automatically to this/these club·s.
+                    {% endblocktrans %}
+                {% else %}
+                    {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %}
+                        This club has parents {{ clubs }}. Please make sure that the user is a member of this or these club·s,
+                        otherwise the creation of this membership will fail.
+                    {% endblocktrans %}
+                {% endif %}
             {% endif %}
         </div>
         {% endif %}

apps/member/templates/member/includes/club_info.html

@@ -48,7 +48,7 @@
     <dd class="col-xl-6">
         <a class="badge badge-secondary" href="{% url 'member:club_alias' club.pk %}">
             <i class="fa fa-edit"></i>
-            {% trans 'Manage aliases' %} ({{ club.note.alias_set.all|length }})
+            {% trans 'Manage aliases' %} ({{ club.note.alias.all|length }})
         </a>
     </dd>
 

apps/member/templates/member/includes/profile_info.html

@@ -21,33 +21,35 @@
     <dd class="col-xl-6">
         <a class="badge badge-secondary" href="{% url 'member:user_alias' user_object.pk %}">
             <i class="fa fa-edit"></i>
-            {% trans 'Manage aliases' %} ({{ user_object.note.alias_set.all|length }})
+            {% trans 'Manage aliases' %} ({{ user_object.note.alias.all|length }})
         </a>
     </dd>
 
-    <dt class="col-xl-6">{% trans 'section'|capfirst %}</dt>
-    <dd class="col-xl-6">{{ user_object.profile.section }}</dd>
+    {% if "member.view_profile"|has_perm:user_object.profile %}
+        <dt class="col-xl-6">{% trans 'section'|capfirst %}</dt>
+        <dd class="col-xl-6">{{ user_object.profile.section }}</dd>
 
-    <dt class="col-xl-6">{% trans 'email'|capfirst %}</dt>
-    <dd class="col-xl-6"><a href="mailto:{{ user_object.email }}">{{ user_object.email }}</a></dd>
+        <dt class="col-xl-6">{% trans 'email'|capfirst %}</dt>
+        <dd class="col-xl-6"><a href="mailto:{{ user_object.email }}">{{ user_object.email }}</a></dd>
 
-    <dt class="col-xl-6">{% trans 'phone number'|capfirst %}</dt>
-    <dd class="col-xl-6"><a href="tel:{{ user_object.profile.phone_number }}">{{ user_object.profile.phone_number }}</a>
-    </dd>
+        <dt class="col-xl-6">{% trans 'phone number'|capfirst %}</dt>
+        <dd class="col-xl-6"><a href="tel:{{ user_object.profile.phone_number }}">{{ user_object.profile.phone_number }}</a>
+        </dd>
 
-    <dt class="col-xl-6">{% trans 'address'|capfirst %}</dt>
-    <dd class="col-xl-6">{{ user_object.profile.address }}</dd>
+        <dt class="col-xl-6">{% trans 'address'|capfirst %}</dt>
+        <dd class="col-xl-6">{{ user_object.profile.address }}</dd>
 
-    {% if "note.view_note"|has_perm:user_object.note %}
-    <dt class="col-xl-6">{% trans 'balance'|capfirst %}</dt>
-    <dd class="col-xl-6">{{ user_object.note.balance | pretty_money }}</dd>
+        {% if user_object.note and "note.view_note"|has_perm:user_object.note %}
+        <dt class="col-xl-6">{% trans 'balance'|capfirst %}</dt>
+        <dd class="col-xl-6">{{ user_object.note.balance | pretty_money }}</dd>
 
-    <dt class="col-xl-6">{% trans 'paid'|capfirst %}</dt>
-    <dd class="col-xl-6">{{ user_object.profile.paid|yesno }}</dd>
+        <dt class="col-xl-6">{% trans 'paid'|capfirst %}</dt>
+        <dd class="col-xl-6">{{ user_object.profile.paid|yesno }}</dd>
+        {% endif %}
     {% endif %}
 </dl>
 
-{% if user_object.pk == user_object.pk %}
+{% if user_object.pk == user.pk %}
     <div class="text-center">
         <a class="small badge badge-secondary" href="{% url 'member:auth_token' %}">
             <i class="fa fa-cogs"></i>{% trans 'API token' %}

apps/member/templates/member/user_list.html

@@ -5,7 +5,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
 {% load i18n perms %}
 
 {% block content %}
-{% if "member.change_profile_registration_valid"|has_perm:user %}
+{% if can_manage_registrations %}
 <a class="btn btn-block btn-secondary mb-3" href="{% url 'registration:future_user_list' %}">
     <i class="fa fa-user-plus"></i> {% trans "Registrations" %}
 </a>

apps/member/templatetags/memberinfo.py

@@ -0,0 +1,22 @@
+# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+from datetime import date
+
+from django import template
+from django.contrib.auth.models import User
+
+from ..models import Club, Membership
+
+
+def is_member(user, club):
+    if isinstance(user, str):
+        club = User.objects.get(username=user)
+    if isinstance(club, str):
+        club = Club.objects.get(name=club)
+    return Membership.objects\
+        .filter(user=user, club=club, date_start__lte=date.today(), date_end__gte=date.today()).exists()
+
+
+register = template.Library()
+register.filter("is_member", is_member)

apps/member/tests/test_login.py

@@ -41,7 +41,7 @@ class TemplateLoggedInTests(TestCase):
             password="adminadmin",
             permission_mask=3,
         ))
-        self.assertRedirects(response, settings.LOGIN_REDIRECT_URL, 302, 200)
+        self.assertRedirects(response, settings.LOGIN_REDIRECT_URL, 302, 302)
 
     def test_logout(self):
         response = self.client.get(reverse("logout"))

apps/member/tests/test_memberships.py

@@ -5,17 +5,20 @@ import hashlib
 import os
 from datetime import date, timedelta
 
+from api.tests import TestAPI
 from django.contrib.auth.models import User
 from django.core.files.uploadedfile import SimpleUploadedFile
 from django.db.models import Q
 from django.test import TestCase
 from django.urls import reverse
 from django.utils import timezone
-from member.models import Club, Membership, Profile
 from note.models import Alias, NoteSpecial
 from permission.models import Role
 from treasury.models import SogeCredit
 
+from ..api.views import ClubViewSet, MembershipViewSet, ProfileViewSet
+from ..models import Club, Membership, Profile
+
 """
 Create some users and clubs and test that all pages are rendering properly
 and that memberships are working.
@@ -205,7 +208,7 @@ class TestMemberships(TestCase):
                 first_name="Toto",
                 bank="Le matelas",
             ))
-            self.assertRedirects(response, club.get_absolute_url(), 302, 200)
+            self.assertRedirects(response, user.profile.get_absolute_url(), 302, 200)
 
             self.assertTrue(Membership.objects.filter(user=user, club=club).exists())
 
@@ -244,9 +247,9 @@ class TestMemberships(TestCase):
                 first_name="Toto",
                 bank="Bank",
             ))
-            self.assertRedirects(response, club.get_absolute_url(), 302, 200)
+            self.assertRedirects(response, user.profile.get_absolute_url(), 302, 200)
 
-            response = self.client.get(user.profile.get_absolute_url())
+            response = self.client.get(club.get_absolute_url())
             self.assertEqual(response.status_code, 200)
 
     def test_auto_join_kfet_when_join_bde_with_soge(self):
@@ -273,7 +276,7 @@ class TestMemberships(TestCase):
             first_name="Toto",
             bank="Société générale",
         ))
-        self.assertRedirects(response, bde.get_absolute_url(), 302, 200)
+        self.assertRedirects(response, user.profile.get_absolute_url(), 302, 200)
 
         self.assertTrue(Membership.objects.filter(user=user, club=bde).exists())
         self.assertTrue(Membership.objects.filter(user=user, club=kfet).exists())
@@ -403,3 +406,46 @@ class TestMemberships(TestCase):
         self.user.password = "custom_nk15$1$" + salt + "|" + hashed
         self.user.save()
         self.assertTrue(self.user.check_password(password))
+
+
+class TestMemberAPI(TestAPI):
+    def setUp(self) -> None:
+        super().setUp()
+
+        self.user.profile.registration_valid = True
+        self.user.profile.email_confirmed = True
+        self.user.profile.phone_number = "0600000000"
+        self.user.profile.section = "1A0"
+        self.user.profile.department = "A0"
+        self.user.profile.address = "Earth"
+        self.user.profile.save()
+
+        self.club = Club.objects.create(
+            name="totoclub",
+            parent_club=Club.objects.get(name="BDE"),
+            membership_start=date(year=1970, month=1, day=1),
+            membership_end=date(year=2040, month=1, day=1),
+            membership_duration=365 * 10,
+        )
+        self.bde_membership = Membership.objects.create(user=self.user, club=Club.objects.get(name="BDE"))
+        self.membership = Membership.objects.create(user=self.user, club=self.club)
+        self.membership.roles.add(Role.objects.get(name="Bureau de club"))
+        self.membership.save()
+
+    def test_club_api(self):
+        """
+        Load Club API page and test all filters and permissions
+        """
+        self.check_viewset(ClubViewSet, "/api/members/club/")
+
+    def test_profile_api(self):
+        """
+        Load Profile API page and test all filters and permissions
+        """
+        self.check_viewset(ProfileViewSet, "/api/members/profile/")
+
+    def test_membership_api(self):
+        """
+        Load Membership API page and test all filters and permissions
+        """
+        self.check_viewset(MembershipViewSet, "/api/members/membership/")

apps/member/views.py

@@ -38,6 +38,7 @@ class CustomLoginView(LoginView):
     """
     form_class = CustomAuthenticationForm
 
+    @transaction.atomic
     def form_valid(self, form):
         logout(self.request)
         _set_current_user_and_ip(form.get_user(), self.request.session, None)
@@ -69,13 +70,15 @@ class UserUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):
         form.fields['email'].required = True
         form.fields['email'].help_text = _("This address must be valid.")
 
-        context['profile_form'] = self.profile_form(instance=context['user_object'].profile,
-                                                    data=self.request.POST if self.request.POST else None)
-        if not self.object.profile.report_frequency:
-            del context['profile_form'].fields["last_report"]
+        if PermissionBackend.check_perm(self.request.user, "member.change_profile", context['user_object'].profile):
+            context['profile_form'] = self.profile_form(instance=context['user_object'].profile,
+                                                        data=self.request.POST if self.request.POST else None)
+            if not self.object.profile.report_frequency:
+                del context['profile_form'].fields["last_report"]
 
         return context
 
+    @transaction.atomic
     def form_valid(self, form):
         """
         Check if ProfileForm is correct
@@ -155,8 +158,12 @@ class UserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
         history_table.paginate(per_page=20, page=self.request.GET.get("transaction-page", 1))
         context['history_list'] = history_table
 
-        club_list = Membership.objects.filter(user=user, date_end__gte=date.today())\
-            .filter(PermissionBackend.filter_queryset(self.request.user, Membership, "view"))
+        club_list = Membership.objects.filter(user=user, date_end__gte=date.today() - timedelta(days=15))\
+            .filter(PermissionBackend.filter_queryset(self.request.user, Membership, "view"))\
+            .order_by("club__name", "-date_start")
+        # Display only the most recent membership
+        club_list = club_list.distinct("club__name")\
+            if settings.DATABASES["default"]["ENGINE"] == 'django.db.backends.postgresql' else club_list
         membership_table = MembershipTable(data=club_list, prefix='membership-')
         membership_table.paginate(per_page=10, page=self.request.GET.get("membership-page", 1))
         context['club_list'] = membership_table
@@ -164,6 +171,8 @@ class UserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
         # Check permissions to see if the authenticated user can lock/unlock the note
         with transaction.atomic():
             modified_note = NoteUser.objects.get(pk=user.note.pk)
+            # Don't log these tests
+            modified_note._no_signal = True
             modified_note.is_active = True
             modified_note.inactivity_reason = 'manual'
             context["can_lock_note"] = user.note.is_active and PermissionBackend\
@@ -176,6 +185,7 @@ class UserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
             context["can_force_lock"] = user.note.is_active and PermissionBackend\
                 .check_perm(self.request.user, "note.change_note_is_active", modified_note)
             old_note._force_save = True
+            old_note._no_signal = True
             old_note.save()
             modified_note.refresh_from_db()
             modified_note.is_active = True
@@ -225,6 +235,13 @@ class UserListView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTableView):
 
         return qs
 
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        pre_registered_users = User.objects.filter(PermissionBackend.filter_queryset(self.request.user, User, "view"))\
+            .filter(profile__registration_valid=False)
+        context["can_manage_registrations"] = pre_registered_users.exists()
+        return context
+
 
 class ProfileAliasView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
     """
@@ -238,8 +255,8 @@ class ProfileAliasView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
     def get_context_data(self, **kwargs):
         context = super().get_context_data(**kwargs)
         note = context['object'].note
-        context["aliases"] = AliasTable(note.alias_set.filter(PermissionBackend
-                                                              .filter_queryset(self.request.user, Alias, "view")).all())
+        context["aliases"] = AliasTable(
+            note.alias.filter(PermissionBackend.filter_queryset(self.request.user, Alias, "view")).distinct().all())
         context["can_create"] = PermissionBackend.check_perm(self.request.user, "note.add_alias", Alias(
             note=context["object"].note,
             name="",
@@ -269,6 +286,7 @@ class PictureUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, FormMixin, Det
         self.object = self.get_object()
         return self.form_valid(form) if form.is_valid() else self.form_invalid(form)
 
+    @transaction.atomic
     def form_valid(self, form):
         """Save image to note"""
         image = form.cleaned_data['image']
@@ -389,7 +407,8 @@ class ClubDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
         if PermissionBackend.check_perm(self.request.user, "member.change_club_membership_start", club):
             club.update_membership_dates()
         # managers list
-        managers = Membership.objects.filter(club=self.object, roles__name="Bureau de club")\
+        managers = Membership.objects.filter(club=self.object, roles__name="Bureau de club",
+                                             date_start__lte=date.today(), date_end__gte=date.today())\
             .order_by('user__last_name').all()
         context["managers"] = ClubManagerTable(data=managers, prefix="managers-")
         # transaction history
@@ -402,8 +421,12 @@ class ClubDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
         # member list
         club_member = Membership.objects.filter(
             club=club,
-            date_end__gte=date.today(),
-        ).filter(PermissionBackend.filter_queryset(self.request.user, Membership, "view"))
+            date_end__gte=date.today() - timedelta(days=15),
+        ).filter(PermissionBackend.filter_queryset(self.request.user, Membership, "view"))\
+            .order_by("user__username", "-date_start")
+        # Display only the most recent membership
+        club_member = club_member.distinct("user__username")\
+            if settings.DATABASES["default"]["ENGINE"] == 'django.db.backends.postgresql' else club_member
 
         membership_table = MembershipTable(data=club_member, prefix="membership-")
         membership_table.paginate(per_page=5, page=self.request.GET.get('membership-page', 1))
@@ -435,8 +458,8 @@ class ClubAliasView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
     def get_context_data(self, **kwargs):
         context = super().get_context_data(**kwargs)
         note = context['object'].note
-        context["aliases"] = AliasTable(note.alias_set.filter(PermissionBackend
-                                                              .filter_queryset(self.request.user, Alias, "view")).all())
+        context["aliases"] = AliasTable(note.alias.filter(
+            PermissionBackend.filter_queryset(self.request.user, Alias, "view")).distinct().all())
         context["can_create"] = PermissionBackend.check_perm(self.request.user, "note.add_alias", Alias(
             note=context["object"].note,
             name="",
@@ -602,11 +625,11 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView):
         # Retrieve form data
         credit_type = form.cleaned_data["credit_type"]
         credit_amount = form.cleaned_data["credit_amount"]
-        last_name = form.cleaned_data["last_name"]
-        first_name = form.cleaned_data["first_name"]
-        bank = form.cleaned_data["bank"]
         soge = form.cleaned_data["soge"] and not user.profile.soge and (club.name == "BDE" or club.name == "Kfet")
 
+        if not credit_type:
+            credit_amount = 0
+
         if not soge and user.note.balance + credit_amount < fee and not Membership.objects.filter(
                 club__name="Kfet",
                 user=user,
@@ -628,6 +651,16 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView):
             form.add_error('user', _('User is already a member of the club'))
             error = True
 
+        # Must join the parent club before joining this club, except for the Kfet club where it can be at the same time.
+        if club.name != "Kfet" and club.parent_club and not Membership.objects.filter(
+                user=form.instance.user,
+                club=club.parent_club,
+                date_start__lte=timezone.now(),
+                date_end__gte=club.parent_club.membership_end,
+        ).exists():
+            form.add_error('user', _('User is not a member of the parent club') + ' ' + club.parent_club.name)
+            error = True
+
         if club.membership_start and form.instance.date_start < club.membership_start:
             form.add_error('user', _("The membership must start after {:%m-%d-%Y}.")
                            .format(form.instance.club.membership_start))
@@ -638,18 +671,13 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView):
                            .format(form.instance.club.membership_end))
             error = True
 
-        if credit_amount:
-            if not last_name or not first_name or (not bank and credit_type.special_type == "Chèque"):
-                if not last_name:
-                    form.add_error('last_name', _("This field is required."))
-                if not first_name:
-                    form.add_error('first_name', _("This field is required."))
-                if not bank and credit_type.special_type == "Chèque":
-                    form.add_error('bank', _("This field is required."))
-                return self.form_invalid(form)
+        if credit_amount and not SpecialTransaction.validate_payment_form(form):
+            # Check that special information for payment are filled
+            error = True
 
         return not error
 
+    @transaction.atomic
     def form_valid(self, form):
         """
         Create membership, check that all is good, make transactions
@@ -659,6 +687,7 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView):
             club = Club.objects.filter(PermissionBackend.filter_queryset(self.request.user, Club, "view")) \
                 .get(pk=self.kwargs["club_pk"])
             user = form.instance.user
+            old_membership = None
         else:  # get from url for renewal
             old_membership = self.get_queryset().get(pk=self.kwargs["pk"])
             club = old_membership.club
@@ -706,6 +735,7 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView):
             # When we renew the BDE membership, we update the profile section
             # that should happens at least once a year.
             user.profile.section = user.profile.section_generated
+            user.profile._force_save = True
             user.profile.save()
 
         # Credit note before the membership is created.
@@ -733,6 +763,9 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView):
         member_role = Role.objects.filter(Q(name="Adhérent BDE") | Q(name="Membre de club")).all() \
             if club.name == "BDE" else Role.objects.filter(Q(name="Adhérent Kfet") | Q(name="Membre de club")).all() \
             if club.name == "Kfet"else Role.objects.filter(name="Membre de club").all()
+        # Set the same roles as before
+        if old_membership:
+            member_role = member_role.union(old_membership.roles.all())
         form.instance.roles.set(member_role)
         form.instance._force_save = True
         form.instance.save()
@@ -770,7 +803,7 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView):
         return ret
 
     def get_success_url(self):
-        return reverse_lazy('member:club_detail', kwargs={'pk': self.object.club.id})
+        return reverse_lazy('member:user_detail', kwargs={'pk': self.object.user.id})
 
 
 class ClubManageRolesView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):

apps/note/api/views.py

@@ -1,5 +1,6 @@
 # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
 # SPDX-License-Identifier: GPL-3.0-or-later
+
 from django.conf import settings
 from django.db.models import Q
 from django.core.exceptions import ValidationError
@@ -14,29 +15,37 @@ from permission.backends import PermissionBackend
 
 from .serializers import NotePolymorphicSerializer, AliasSerializer, ConsumerSerializer,\
     TemplateCategorySerializer, TransactionTemplateSerializer, TransactionPolymorphicSerializer
-from ..models.notes import Note, Alias
+from ..models.notes import Note, Alias, NoteUser, NoteClub, NoteSpecial
 from ..models.transactions import TransactionTemplate, Transaction, TemplateCategory
 
 
 class NotePolymorphicViewSet(ReadProtectedModelViewSet):
     """
     REST API View set.
-    The djangorestframework plugin will get all `Note` objects (with polymorhism), serialize it to JSON with the given serializer,
+    The djangorestframework plugin will get all `Note` objects (with polymorhism),
+    serialize it to JSON with the given serializer,
     then render it on /api/note/note/
     """
-    queryset = Note.objects.all()
+    queryset = Note.objects.order_by('id')
     serializer_class = NotePolymorphicSerializer
     filter_backends = [DjangoFilterBackend, SearchFilter, OrderingFilter]
-    filterset_fields = ['polymorphic_ctype', 'is_active', ]
-    search_fields = ['$alias__normalized_name', '$alias__name', '$polymorphic_ctype__model', ]
-    ordering_fields = ['alias__name', 'alias__normalized_name']
+    filterset_fields = ['alias__name', 'polymorphic_ctype', 'is_active', 'balance', 'last_negative', 'created_at', ]
+    search_fields = ['$alias__normalized_name', '$alias__name', '$polymorphic_ctype__model',
+                     '$noteuser__user__last_name', '$noteuser__user__first_name', '$noteuser__user__email',
+                     '$noteuser__user__email', '$noteclub__club__email', ]
+    ordering_fields = ['alias__name', 'alias__normalized_name', 'balance', 'created_at', ]
 
     def get_queryset(self):
         """
         Parse query and apply filters.
         :return: The filtered set of requested notes
         """
-        queryset = super().get_queryset().distinct()
+        user = self.request.user
+        get_current_session().setdefault("permission_mask", 42)
+        queryset = self.queryset.filter(PermissionBackend.filter_queryset(user, Note, "view")
+                                        | PermissionBackend.filter_queryset(user, NoteUser, "view")
+                                        | PermissionBackend.filter_queryset(user, NoteClub, "view")
+                                        | PermissionBackend.filter_queryset(user, NoteSpecial, "view")).distinct()
 
         alias = self.request.query_params.get("alias", ".*")
         queryset = queryset.filter(
@@ -54,17 +63,18 @@ class AliasViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `Alias` objects, serialize it to JSON with the given serializer,
     then render it on /api/aliases/
     """
-    queryset = Alias.objects.all()
+    queryset = Alias.objects
     serializer_class = AliasSerializer
-    filter_backends = [SearchFilter, OrderingFilter]
+    filter_backends = [SearchFilter, DjangoFilterBackend, OrderingFilter]
     search_fields = ['$normalized_name', '$name', '$note__polymorphic_ctype__model', ]
-    ordering_fields = ['name', 'normalized_name']
+    filterset_fields = ['note', 'note__noteuser__user', 'note__noteclub__club', 'note__polymorphic_ctype__model', ]
+    ordering_fields = ['name', 'normalized_name', ]
 
     def get_serializer_class(self):
         serializer_class = self.serializer_class
         if self.request.method in ['PUT', 'PATCH']:
             # alias owner cannot be change once establish
-            setattr(serializer_class.Meta, 'read_only_fields', ('note',))
+            serializer_class.Meta.read_only_fields = ('note',)
         return serializer_class
 
     def destroy(self, request, *args, **kwargs):
@@ -72,7 +82,7 @@ class AliasViewSet(ReadProtectedModelViewSet):
         try:
             self.perform_destroy(instance)
         except ValidationError as e:
-            return Response({e.code: e.message}, status.HTTP_400_BAD_REQUEST)
+            return Response({e.code: str(e)}, status.HTTP_400_BAD_REQUEST)
         return Response(status=status.HTTP_204_NO_CONTENT)
 
     def get_queryset(self):
@@ -104,11 +114,12 @@ class AliasViewSet(ReadProtectedModelViewSet):
 
 
 class ConsumerViewSet(ReadOnlyProtectedModelViewSet):
-    queryset = Alias.objects.all()
+    queryset = Alias.objects
     serializer_class = ConsumerSerializer
-    filter_backends = [SearchFilter, OrderingFilter]
+    filter_backends = [SearchFilter, OrderingFilter, DjangoFilterBackend]
     search_fields = ['$normalized_name', '$name', '$note__polymorphic_ctype__model', ]
-    ordering_fields = ['name', 'normalized_name']
+    filterset_fields = ['note', 'note__noteuser__user', 'note__noteclub__club', 'note__polymorphic_ctype__model', ]
+    ordering_fields = ['name', 'normalized_name', ]
 
     def get_queryset(self):
         """
@@ -116,29 +127,31 @@ class ConsumerViewSet(ReadOnlyProtectedModelViewSet):
         :return: The filtered set of requested aliases
         """
 
-        queryset = super().get_queryset()
+        queryset = super().get_queryset().distinct()
         # Sqlite doesn't support ORDER BY in subqueries
         queryset = queryset.order_by("name") \
             if settings.DATABASES[queryset.db]["ENGINE"] == 'django.db.backends.postgresql' else queryset
 
-        alias = self.request.query_params.get("alias", ".*")
+        alias = self.request.query_params.get("alias", None)
         queryset = queryset.prefetch_related('note')
-        # We match first an alias if it is matched without normalization,
-        # then if the normalized pattern matches a normalized alias.
-        queryset = queryset.filter(
-            name__iregex="^" + alias
-        ).union(
-            queryset.filter(
-                Q(normalized_name__iregex="^" + Alias.normalize(alias))
-                & ~Q(name__iregex="^" + alias)
-            ),
-            all=True).union(
-            queryset.filter(
-                Q(normalized_name__iregex="^" + alias.lower())
-                & ~Q(normalized_name__iregex="^" + Alias.normalize(alias))
-                & ~Q(name__iregex="^" + alias)
-            ),
-            all=True)
+
+        if alias:
+            # We match first an alias if it is matched without normalization,
+            # then if the normalized pattern matches a normalized alias.
+            queryset = queryset.filter(
+                name__iregex="^" + alias
+            ).union(
+                queryset.filter(
+                    Q(normalized_name__iregex="^" + Alias.normalize(alias))
+                    & ~Q(name__iregex="^" + alias)
+                ),
+                all=True).union(
+                queryset.filter(
+                    Q(normalized_name__iregex="^" + alias.lower())
+                    & ~Q(normalized_name__iregex="^" + Alias.normalize(alias))
+                    & ~Q(name__iregex="^" + alias)
+                ),
+                all=True)
 
         queryset = queryset if settings.DATABASES[queryset.db]["ENGINE"] == 'django.db.backends.postgresql' \
             else queryset.order_by("name")
@@ -152,10 +165,11 @@ class TemplateCategoryViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `TemplateCategory` objects, serialize it to JSON with the given serializer,
     then render it on /api/note/transaction/category/
     """
-    queryset = TemplateCategory.objects.order_by("name").all()
+    queryset = TemplateCategory.objects.order_by('name')
     serializer_class = TemplateCategorySerializer
-    filter_backends = [SearchFilter]
-    search_fields = ['$name', ]
+    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filterset_fields = ['name', 'templates', 'templates__name']
+    search_fields = ['$name', '$templates__name', ]
 
 
 class TransactionTemplateViewSet(viewsets.ModelViewSet):
@@ -164,11 +178,12 @@ class TransactionTemplateViewSet(viewsets.ModelViewSet):
     The djangorestframework plugin will get all `TransactionTemplate` objects, serialize it to JSON with the given serializer,
     then render it on /api/note/transaction/template/
     """
-    queryset = TransactionTemplate.objects.order_by("name").all()
+    queryset = TransactionTemplate.objects.order_by('name')
     serializer_class = TransactionTemplateSerializer
-    filter_backends = [SearchFilter, DjangoFilterBackend]
-    filterset_fields = ['name', 'amount', 'display', 'category', ]
-    search_fields = ['$name', ]
+    filter_backends = [SearchFilter, DjangoFilterBackend, OrderingFilter]
+    filterset_fields = ['name', 'amount', 'display', 'category', 'category__name', ]
+    search_fields = ['$name', '$category__name', ]
+    ordering_fields = ['amount', ]
 
 
 class TransactionViewSet(ReadProtectedModelViewSet):
@@ -177,10 +192,17 @@ class TransactionViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `Transaction` objects, serialize it to JSON with the given serializer,
     then render it on /api/note/transaction/transaction/
     """
-    queryset = Transaction.objects.order_by("-created_at").all()
+    queryset = Transaction.objects.order_by('-created_at')
     serializer_class = TransactionPolymorphicSerializer
-    filter_backends = [SearchFilter]
-    search_fields = ['$reason', ]
+    filter_backends = [SearchFilter, DjangoFilterBackend, OrderingFilter]
+    filterset_fields = ['source', 'source_alias', 'source__alias__name', 'source__alias__normalized_name',
+                        'destination', 'destination_alias', 'destination__alias__name',
+                        'destination__alias__normalized_name', 'quantity', 'polymorphic_ctype', 'amount',
+                        'created_at', 'valid', 'invalidity_reason', ]
+    search_fields = ['$reason', '$source_alias', '$source__alias__name', '$source__alias__normalized_name',
+                     '$destination_alias', '$destination__alias__name', '$destination__alias__normalized_name',
+                     '$invalidity_reason', ]
+    ordering_fields = ['created_at', 'amount', ]
 
     def get_queryset(self):
         user = self.request.user

apps/note/apps.py

@@ -3,7 +3,7 @@
 
 from django.apps import AppConfig
 from django.conf import settings
-from django.db.models.signals import post_save, pre_delete
+from django.db.models.signals import pre_delete, pre_save, post_save
 from django.utils.translation import gettext_lazy as _
 
 from . import signals
@@ -17,6 +17,15 @@ class NoteConfig(AppConfig):
         """
         Define app internal signals to interact with other apps
         """
+        pre_save.connect(
+            signals.pre_save_note,
+            sender="note.noteuser",
+        )
+        pre_save.connect(
+            signals.pre_save_note,
+            sender="note.noteclub",
+        )
+
         post_save.connect(
             signals.save_user_note,
             sender=settings.AUTH_USER_MODEL,

apps/note/migrations/0005_auto_20210313_1235.py

@@ -0,0 +1,19 @@
+# Generated by Django 2.2.19 on 2021-03-13 11:35
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('note', '0004_remove_null_tag_on_charfields'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='alias',
+            name='note',
+            field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='alias', to='note.Note'),
+        ),
+    ]

apps/note/models/notes.py

@@ -8,7 +8,7 @@ from django.conf.global_settings import DEFAULT_FROM_EMAIL
 from django.core.exceptions import ValidationError
 from django.core.mail import send_mail
 from django.core.validators import RegexValidator
-from django.db import models
+from django.db import models, transaction
 from django.template.loader import render_to_string
 from django.utils import timezone
 from django.utils.translation import gettext_lazy as _
@@ -93,6 +93,7 @@ class Note(PolymorphicModel):
         delta = timezone.now() - self.last_negative
         return "{:d} jours".format(delta.days)
 
+    @transaction.atomic
     def save(self, *args, **kwargs):
         """
         Save note with it's alias (called in polymorphic children)
@@ -108,12 +109,16 @@ class Note(PolymorphicModel):
 
             # Save alias
             a.note = self
+            # Consider that if the name of the note could be changed, then the alias can be created.
+            # It does not mean that any alias can be created.
+            a._force_save = True
             a.save(force_insert=True)
         else:
             # Check if the name of the note changed without changing the normalized form of the alias
             alias = Alias.objects.get(normalized_name=Alias.normalize(str(self)))
             if alias.name != str(self):
                 alias.name = str(self)
+                alias._force_save = True
                 alias.save()
 
     def clean(self, *args, **kwargs):
@@ -154,19 +159,6 @@ class NoteUser(Note):
     def pretty(self):
         return _("%(user)s's note") % {'user': str(self.user)}
 
-    def save(self, *args, **kwargs):
-        if self.pk and self.balance < 0:
-            old_note = NoteUser.objects.get(pk=self.pk)
-            super().save(*args, **kwargs)
-            if old_note.balance >= 0:
-                # Passage en négatif
-                self.last_negative = timezone.now()
-                self._force_save = True
-                self.save(*args, **kwargs)
-                self.send_mail_negative_balance()
-        else:
-            super().save(*args, **kwargs)
-
     def send_mail_negative_balance(self):
         plain_text = render_to_string("note/mails/negative_balance.txt", dict(note=self))
         html = render_to_string("note/mails/negative_balance.html", dict(note=self))
@@ -195,19 +187,6 @@ class NoteClub(Note):
     def pretty(self):
         return _("Note of %(club)s club") % {'club': str(self.club)}
 
-    def save(self, *args, **kwargs):
-        if self.pk and self.balance < 0:
-            old_note = NoteClub.objects.get(pk=self.pk)
-            super().save(*args, **kwargs)
-            if old_note.balance >= 0:
-                # Passage en négatif
-                self.last_negative = timezone.now()
-                self._force_save = True
-                self.save(*args, **kwargs)
-                self.send_mail_negative_balance()
-        else:
-            super().save(*args, **kwargs)
-
     def send_mail_negative_balance(self):
         plain_text = render_to_string("note/mails/negative_balance.txt", dict(note=self))
         html = render_to_string("note/mails/negative_balance.html", dict(note=self))
@@ -269,6 +248,7 @@ class Alias(models.Model):
     note = models.ForeignKey(
         Note,
         on_delete=models.PROTECT,
+        related_name="alias",
     )
 
     class Meta:
@@ -310,6 +290,7 @@ class Alias(models.Model):
             pass
         self.normalized_name = normalized_name
 
+    @transaction.atomic
     def save(self, *args, **kwargs):
         self.clean()
         super().save(*args, **kwargs)

apps/note/models/transactions.py

@@ -170,19 +170,21 @@ class Transaction(PolymorphicModel):
         previous_source_balance = self.source.balance
         previous_dest_balance = self.destination.balance
 
-        source_balance = self.source.balance
-        dest_balance = self.destination.balance
+        source_balance = previous_source_balance
+        dest_balance = previous_dest_balance
 
         created = self.pk is None
-        to_transfer = self.amount * self.quantity
-        if not created and not self.valid and not hasattr(self, "_force_save"):
+        to_transfer = self.total
+        if not created:
             # Revert old transaction
-            old_transaction = Transaction.objects.get(pk=self.pk)
+            # We make a select for update to avoid concurrency issues
+            old_transaction = Transaction.objects.select_for_update().get(pk=self.pk)
             # Check that nothing important changed
-            for field_name in ["source_id", "destination_id", "quantity", "amount"]:
-                if getattr(self, field_name) != getattr(old_transaction, field_name):
-                    raise ValidationError(_("You can't update the {field} on a Transaction. "
-                                            "Please invalidate it and create one other.").format(field=field_name))
+            if not hasattr(self, "_force_save"):
+                for field_name in ["source_id", "destination_id", "quantity", "amount"]:
+                    if getattr(self, field_name) != getattr(old_transaction, field_name):
+                        raise ValidationError(_("You can't update the {field} on a Transaction. "
+                                                "Please invalidate it and create one other.").format(field=field_name))
 
             if old_transaction.valid == self.valid:
                 # Don't change anything
@@ -215,14 +217,14 @@ class Transaction(PolymorphicModel):
             # When source == destination, no money is transferred and no transaction is created
             return
 
-        # We refresh the notes with the "select for update" tag to avoid concurrency issues
-        self.source = Note.objects.filter(pk=self.source_id).select_for_update().get()
-        self.destination = Note.objects.filter(pk=self.destination_id).select_for_update().get()
+        self.source = Note.objects.select_for_update().get(pk=self.source_id)
+        self.destination = Note.objects.select_for_update().get(pk=self.destination_id)
 
         # Check that the amounts stay between big integer bounds
         diff_source, diff_dest = self.validate()
 
-        if not self.source.is_active or not self.destination.is_active:
+        if not (hasattr(self, '_force_save') and self._force_save) \
+                and (not self.source.is_active or not self.destination.is_active):
             raise ValidationError(_("The transaction can't be saved since the source note "
                                     "or the destination note is not active."))
 
@@ -237,9 +239,11 @@ class Transaction(PolymorphicModel):
         super().save(*args, **kwargs)
 
         # Save notes
+        self.source.refresh_from_db()
         self.source.balance += diff_source
         self.source._force_save = True
         self.source.save()
+        self.destination.refresh_from_db()
         self.destination.balance += diff_dest
         self.destination._force_save = True
         self.destination.save()
@@ -268,11 +272,12 @@ class RecurrentTransaction(Transaction):
     )
 
     def clean(self):
-        if self.template.destination != self.destination:
+        if self.template.destination != self.destination and not (hasattr(self, '_force_save') and self._force_save):
             raise ValidationError(
                 _("The destination of this transaction must equal to the destination of the template."))
         return super().clean()
 
+    @transaction.atomic
     def save(self, *args, **kwargs):
         self.clean()
         return super().save(*args, **kwargs)
@@ -323,10 +328,41 @@ class SpecialTransaction(Transaction):
             raise(ValidationError(_("A special transaction is only possible between a"
                                     " Note associated to a payment method and a User or a Club")))
 
+    @transaction.atomic
     def save(self, *args, **kwargs):
         self.clean()
         super().save(*args, **kwargs)
 
+    @staticmethod
+    def validate_payment_form(form):
+        """
+        Ensure that last name and first name are filled for a form that creates a SpecialTransaction,
+        and check that if the user pays with a check, then the bank field is filled.
+
+        Return True iff there is no error.
+        Whenever there is an error, they are inserted in the form errors.
+        """
+
+        credit_type = form.cleaned_data["credit_type"]
+        last_name = form.cleaned_data["last_name"]
+        first_name = form.cleaned_data["first_name"]
+        bank = form.cleaned_data["bank"]
+
+        error = False
+
+        if not last_name or not first_name or (not bank and credit_type.special_type == "Chèque"):
+            if not last_name:
+                form.add_error('last_name', _("This field is required."))
+                error = True
+            if not first_name:
+                form.add_error('first_name', _("This field is required."))
+                error = True
+            if not bank and credit_type.special_type == "Chèque":
+                form.add_error('bank', _("This field is required."))
+                error = True
+
+        return not error
+
     class Meta:
         verbose_name = _("Special transaction")
         verbose_name_plural = _("Special transactions")

apps/note/signals.py

@@ -1,6 +1,8 @@
 # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
 # SPDX-License-Identifier: GPL-3.0-or-later
 
+from django.utils import timezone
+
 
 def save_user_note(instance, raw, **_kwargs):
     """
@@ -25,10 +27,21 @@ def save_club_note(instance, raw, **_kwargs):
         instance.note.save()
 
 
+def pre_save_note(instance, raw, **_kwargs):
+    if not raw and instance.pk and not hasattr(instance, "_no_signal") and instance.balance < 0:
+        from note.models import Note
+        old_note = Note.objects.get(pk=instance.pk)
+        if old_note.balance >= 0:
+            # Passage en négatif
+            instance.last_negative = timezone.now()
+            instance.send_mail_negative_balance()
+
+
 def delete_transaction(instance, **_kwargs):
     """
     Whenever we want to delete a transaction (caution with this), we ensure the transaction is invalid first.
     """
     if not hasattr(instance, "_no_signal"):
         instance.valid = False
+        instance._force_save = True
         instance.save()

apps/note/static/note/js/consos.js

@@ -28,8 +28,7 @@ $(document).ready(function () {
 
   // Switching in double consumptions mode should update the layout
   $('#double_conso').change(function () {
-    $('#consos_list_div').removeClass('d-none')
-    $('#user_select_div').attr('class', 'col-xl-4')
+    document.getElementById('consos_list_div').classList.remove('d-none')
     $('#infos_div').attr('class', 'col-sm-5 col-xl-6')
 
     const note_list_obj = $('#note_list')
@@ -38,7 +37,7 @@ $(document).ready(function () {
       note_list_obj.html('')
 
       buttons.forEach(function (button) {
-        $('#conso_button_' + button.id).click(function () {
+        document.getElementById(`conso_button_${button.id}`).addEventListener('click', () => {
           if (LOCK) { return }
           removeNote(button, 'conso_button', buttons, 'consos_list')()
         })
@@ -47,8 +46,7 @@ $(document).ready(function () {
   })
 
   $('#single_conso').change(function () {
-    $('#consos_list_div').addClass('d-none')
-    $('#user_select_div').attr('class', 'col-xl-7')
+    document.getElementById('consos_list_div').classList.add('d-none')
     $('#infos_div').attr('class', 'col-sm-5 col-md-4')
 
     const consos_list_obj = $('#consos_list')
@@ -70,9 +68,9 @@ $(document).ready(function () {
   })
 
   // Ensure we begin in single consumption. Fix issue with TurboLinks and BootstrapJS
-  $("label[for='double_conso']").removeClass('active')
+  document.querySelector("label[for='double_conso']").classList.remove('active')
 
-  $('#consume_all').click(consumeAll)
+  document.getElementById("consume_all").addEventListener('click', consumeAll)
 })
 
 notes = []
@@ -129,11 +127,10 @@ function addConso (dest, amount, type, category_id, category_name, template_id,
       html += li('conso_button_' + button.id, button.name +
                 '<span class="badge badge-dark badge-pill">' + button.quantity + '</span>')
     })
+    document.getElementById(list).innerHTML = html
 
-    $('#' + list).html(html)
-
-    buttons.forEach(function (button) {
-      $('#conso_button_' + button.id).click(function () {
+    buttons.forEach((button) => {
+      document.getElementById(`conso_button_${button.id}`).addEventListener('click', () => {
         if (LOCK) { return }
         removeNote(button, 'conso_button', buttons, list)()
       })
@@ -148,12 +145,13 @@ function reset () {
   notes_display.length = 0
   notes.length = 0
   buttons.length = 0
-  $('#note_list').html('')
-  $('#consos_list').html('')
-  $('#note').val('')
-  $('#note').attr('data-original-title', '').tooltip('hide')
-  $('#profile_pic').attr('src', '/static/member/img/default_picture.png')
-  $('#profile_pic_link').attr('href', '#')
+  document.getElementById('note_list').innerHTML = ''
+  document.getElementById('consos_list').innerHTML = ''
+  document.getElementById('note').value = ''
+  document.getElementById('note').dataset.originTitle = ''
+  $('#note').tooltip('hide')
+  document.getElementById('profile_pic').src = '/static/member/img/default_picture.png'
+  document.getElementById('profile_pic_link').href = '#'
   refreshHistory()
   refreshBalance()
   LOCK = false
@@ -170,7 +168,7 @@ function consumeAll () {
   let error = false
 
   if (notes_display.length === 0) {
-    $('#note').addClass('is-invalid')
+    document.getElementById('note').classList.add('is-invalid')
     $('#note_list').html(li('', '<strong>Ajoutez des émetteurs.</strong>', 'text-danger'))
     error = true
   }
@@ -224,17 +222,15 @@ function consume (source, source_alias, dest, quantity, amount, reason, type, ca
       if (!isNaN(source.balance)) {
         const newBalance = source.balance - quantity * amount
         if (newBalance <= -5000) {
-          addMsg('Attention, La transaction depuis la note ' + source_alias + ' a été réalisée avec ' +
-                        'succès, mais la note émettrice ' + source_alias + ' est en négatif sévère.',
-          'danger', 30000)
+          addMsg(interpolate(gettext('Warning, the transaction from the note %s succeed, ' +
+              'but the emitter note %s is very negative.'), [source_alias, source_alias]), 'danger', 30000)
         } else if (newBalance < 0) {
-          addMsg('Attention, La transaction depuis la note ' + source_alias + ' a été réalisée avec ' +
-                        'succès, mais la note émettrice ' + source_alias + ' est en négatif.',
-          'warning', 30000)
+          addMsg(interpolate(gettext('Warning, the transaction from the note %s succeed, ' +
+              'but the emitter note %s is negative.'), [source_alias, source_alias]), 'warning', 30000)
         }
         if (source.membership && source.membership.date_end < new Date().toISOString()) {
-          addMsg('Attention : la note émettrice ' + source.name + " n'est plus adhérente.",
-            'danger', 30000)
+          addMsg(interpolate(gettext('Warning, the emitter note %s is no more a BDE member.'), [source_alias]),
+              'danger', 30000)
         }
       }
       reset()
@@ -255,7 +251,7 @@ function consume (source, source_alias, dest, quantity, amount, reason, type, ca
           template: template
         }).done(function () {
         reset()
-        addMsg("La transaction n'a pas pu être validée pour cause de solde insuffisant.", 'danger', 10000)
+        addMsg(gettext("The transaction couldn't be validated because of insufficient balance."), 'danger', 10000)
       }).fail(function () {
         reset()
         errMsg(e.responseJSON)

apps/note/static/note/js/transfer.js

@@ -67,7 +67,11 @@ $(document).ready(function () {
 
       last.quantity = 1
 
-      if (!last.note.user) {
+      if (last.note.club) {
+        $('#last_name').val(last.note.name)
+        $('#first_name').val(last.note.name)
+      }
+      else if (!last.note.user) {
         $.getJSON('/api/note/note/' + last.note.id + '/?format=json', function (note) {
           last.note.user = note.user
           $.getJSON('/api/user/' + last.note.user + '/', function (user) {
@@ -235,20 +239,20 @@ $('#btn_transfer').click(function () {
 
   if (!amount_field.val() || isNaN(amount_field.val()) || amount_field.val() <= 0) {
     amount_field.addClass('is-invalid')
-    $('#amount-required').html('<strong>Ce champ est requis et doit comporter un nombre décimal strictement positif.</strong>')
+    $('#amount-required').html('<strong>' + gettext('This field is required and must contain a decimal positive number.') + '</strong>')
     error = true
   }
 
   const amount = Math.floor(100 * amount_field.val())
   if (amount > 2147483647) {
     amount_field.addClass('is-invalid')
-    $('#amount-required').html('<strong>Le montant ne doit pas excéder 21474836.47 €.</strong>')
+    $('#amount-required').html('<strong>' + gettext('The amount must stay under 21,474,836.47 €.') + '</strong>')
     error = true
   }
 
-  if (!reason_field.val()) {
+  if (!reason_field.val() && $('#type_transfer').is(':checked')) {
     reason_field.addClass('is-invalid')
-    $('#reason-required').html('<strong>Ce champ est requis.</strong>')
+    $('#reason-required').html('<strong>' + gettext('This field is required.') + '</strong>')
     error = true
   }
 
@@ -274,9 +278,8 @@ $('#btn_transfer').click(function () {
     [...sources_notes_display].forEach(function (source) {
       [...dests_notes_display].forEach(function (dest) {
         if (source.note.id === dest.note.id) {
-          addMsg('Attention : la transaction de ' + pretty_money(amount) + ' de la note ' + source.name +
-                        ' vers la note ' + dest.name + " n'a pas été faite car il s'agit de la même note au départ" +
-                        " et à l'arrivée.", 'warning', 10000)
+          addMsg(interpolate(gettext('Warning: the transaction of %s from %s to %s was not made because ' +
+              'it is the same source and destination note.'), [pretty_money(amount), source.name, dest.name]), 'warning', 10000)
           LOCK = false
           return
         }
@@ -296,43 +299,35 @@ $('#btn_transfer').click(function () {
             destination_alias: dest.name
           }).done(function () {
           if (source.note.membership && source.note.membership.date_end < new Date().toISOString()) {
-            addMsg('Attention : la note émettrice ' + source.name + " n'est plus adhérente.",
-              'danger', 30000)
+            addMsg(interpolate(gettext('Warning, the emitter note %s is no more a BDE member.'), [source.name]), 'danger', 30000)
           }
           if (dest.note.membership && dest.note.membership.date_end < new Date().toISOString()) {
-            addMsg('Attention : la note destination ' + dest.name + " n'est plus adhérente.",
-              'danger', 30000)
+            addMsg(interpolate(gettext('Warning, the destination note %s is no more a BDE member.'), [dest.name]), 'danger', 30000)
           }
 
           if (!isNaN(source.note.balance)) {
             const newBalance = source.note.balance - source.quantity * dest.quantity * amount
             if (newBalance <= -5000) {
-              addMsg('Le transfert de ' +
-                                    pretty_money(source.quantity * dest.quantity * amount) + ' de la note ' +
-                                    source.name + ' vers la note ' + dest.name + ' a été fait avec succès, ' +
-                                    'mais la note émettrice est en négatif sévère.', 'danger', 10000)
+              addMsg(interpolate(gettext('Warning, the transaction of %s from the note %s to the note %s succeed, but the emitter note %s is very negative.'),
+                  [pretty_money(source.quantity * dest.quantity * amount), source.name, dest.name, source.name]), 'danger', 10000)
               reset()
               return
             } else if (newBalance < 0) {
-              addMsg('Le transfert de ' +
-                                    pretty_money(source.quantity * dest.quantity * amount) + ' de la note ' +
-                                    source.name + ' vers la note ' + dest.name + ' a été fait avec succès, ' +
-                                    'mais la note émettrice est en négatif.', 'warning', 10000)
+              addMsg(interpolate(gettext('Warning, the transaction of %s from the note %s to the note %s succeed, but the emitter note %s is negative.'),
+                  [pretty_money(source.quantity * dest.quantity * amount), source.name, dest.name, source.name]), 'danger', 10000)
               reset()
               return
             }
           }
-          addMsg('Le transfert de ' +
-                            pretty_money(source.quantity * dest.quantity * amount) + ' de la note ' + source.name +
-                            ' vers la note ' + dest.name + ' a été fait avec succès !', 'success', 10000)
+          addMsg(interpolate(gettext('Transfer of %s from %s to %s succeed!'),
+              [pretty_money(source.quantity * dest.quantity * amount), source.name, dest.name]), 'success', 10000)
 
           reset()
         }).fail(function (err) { // do it again but valid = false
           const errObj = JSON.parse(err.responseText)
           if (errObj.non_field_errors) {
-            addMsg('Le transfert de ' +
-                                pretty_money(source.quantity * dest.quantity * amount) + ' de la note ' + source.name +
-                                ' vers la note ' + dest.name + ' a échoué : ' + errObj.non_field_errors, 'danger')
+            addMsg(interpolate(gettext('Transfer of %s from %s to %s failed: %s'),
+                [pretty_money(source.quantity * dest.quantity * amount), source.name, dest.name, errObj.non_field_errors]), 'danger')
             LOCK = false
             return
           }
@@ -352,17 +347,15 @@ $('#btn_transfer').click(function () {
               destination: dest.note.id,
               destination_alias: dest.name
             }).done(function () {
-            addMsg('Le transfert de ' +
-                                pretty_money(source.quantity * dest.quantity * amount) + ' de la note ' + source.name +
-                                ' vers la note ' + dest.name + ' a échoué : Solde insuffisant', 'danger', 10000)
+            addMsg(interpolate(gettext('Transfer of %s from %s to %s failed: %s'),
+                [pretty_money(source.quantity * dest.quantity * amount), source.name, + dest.name, gettext('insufficient funds')]), 'danger', 10000)
             reset()
           }).fail(function (err) {
             const errObj = JSON.parse(err.responseText)
             let error = errObj.detail ? errObj.detail : errObj.non_field_errors
             if (!error) { error = err.responseText }
-            addMsg('Le transfert de ' +
-                                pretty_money(source.quantity * dest.quantity * amount) + ' de la note ' + source.name +
-                                ' vers la note ' + dest.name + ' a échoué : ' + error, 'danger')
+            addMsg(interpolate(gettext('Transfer of %s from %s to %s failed: %s'),
+                [pretty_money(source.quantity * dest.quantity * amount), source.name, + dest.name, error]), 'danger')
             LOCK = false
           })
         })
@@ -388,7 +381,7 @@ $('#btn_transfer').click(function () {
       alias = sources_notes_display[0].name
       source_id = user_note.id
       dest_id = special_note
-      reason = 'Retrait ' + $('#credit_type option:selected').text().toLowerCase()
+      reason = 'Retrait ' + $('#debit_type option:selected').text().toLowerCase()
       if (given_reason.length > 0) { reason += ' (' + given_reason + ')' }
     }
     $.post('/api/note/transaction/transaction/',
@@ -408,14 +401,14 @@ $('#btn_transfer').click(function () {
         first_name: $('#first_name').val(),
         bank: $('#bank').val()
       }).done(function () {
-      addMsg('Le crédit/retrait a bien été effectué !', 'success', 10000)
-      if (user_note.membership && user_note.membership.date_end < new Date().toISOString()) { addMsg('Attention : la note ' + alias + " n'est plus adhérente.", 'danger', 10000) }
+      addMsg(gettext('Credit/debit succeed!'), 'success', 10000)
+      if (user_note.membership && user_note.membership.date_end < new Date().toISOString()) { addMsg(gettext('Warning, the emitter note %s is no more a BDE member.'), 'danger', 10000) }
       reset()
     }).fail(function (err) {
       const errObj = JSON.parse(err.responseText)
       let error = errObj.detail ? errObj.detail : errObj.non_field_errors
       if (!error) { error = err.responseText }
-      addMsg('Le crédit/retrait a échoué : ' + error, 'danger', 10000)
+      addMsg(interpolate(gettext('Credit/debit failed: %s'), [error]), 'danger', 10000)
       LOCK = false
     })
   }

apps/note/templates/note/conso_form.html

@@ -10,22 +10,22 @@ SPDX-License-Identifier: GPL-3.0-or-later
 {% block content %}
     <div class="row mt-4">
         <div class="col-sm-5 col-md-4" id="infos_div">
-            <div class="row">
+            <div class="row justify-content-center justify-content-md-end">
                 {# User details column #}
-                <div class="col">
-                    <div class="card bg-light border-success mb-4 text-center">
+                <div class="col picture-col">
+                    <div class="card bg-light mb-4 text-center">
                         <a id="profile_pic_link" href="#">
                             <img src="{% static "member/img/default_picture.png" %}"
-                                 id="profile_pic" alt="" class="card-img-top">
+                                 id="profile_pic" alt="" class="card-img-top d-none d-sm-block">
                         </a>
-                        <div class="card-body text-center text-break">
-                            <span id="user_note"></span>
+                        <div class="card-body text-center text-break p-2">
+                            <span id="user_note"><i class="small">{% trans "Please select a note" %}</i></span>
                         </div>
                     </div>
                 </div>
 
                 {# User selection column #}
-                <div class="col-xl-7" id="user_select_div">
+                <div class="col-xl" id="user_select_div">
                     <div class="card bg-light border-success mb-4">
                         <div class="card-header">
                             <p class="card-text font-weight-bold">
@@ -44,6 +44,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
                         </div>
                     </div>
                 </div>
+
                 {# Summary of consumption and consume button #}
                 <div class="col-xl-5 d-none" id="consos_list_div">
                     <div class="card bg-light border-info mb-4">
@@ -65,7 +66,6 @@ SPDX-License-Identifier: GPL-3.0-or-later
                 </div>
             </div>
 
-
             {# Show last used buttons #}
             <div class="card bg-light mb-4">
                 <div class="card-header">
@@ -159,7 +159,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
 {% endblock %}
 
 {% block extrajavascript %}
-    <script type="text/javascript" src="{% static "js/consos.js" %}"></script>
+    <script type="text/javascript" src="{% static "note/js/consos.js" %}"></script>
     <script type="text/javascript">
         {% for button in highlighted %}
             {% if button.display %}

apps/note/templates/note/transaction_form.html

@@ -34,21 +34,21 @@ SPDX-License-Identifier: GPL-2.0-or-later
         </div>
     </div>
     <hr>
-    <div class="row">
+    <div class="row justify-content-center">
         {#  Preview note profile (picture, username and balance) #}
-        <div class="col-md-3" id="note_infos_div">
-            <div class="card bg-light border-success shadow mb-4 pt-4 text-center">
+        <div class="col-md picture-col" id="note_infos_div">
+            <div class="card bg-light mb-4 text-center">
                 <a id="profile_pic_link" href="#"><img src="{% static "member/img/default_picture.png" %}"
                         id="profile_pic" alt="" class="img-fluid rounded mx-auto"></a>
-                <div class="card-body text-center">
-                    <span id="user_note"></span>
+                <div class="card-body text-center p-2">
+                    <span id="user_note"><i class="small">{% trans "Please select a note" %}</i></span>
                 </div>
             </div>
         </div>
 
         {# list of emitters #}
         <div class="col-md-3" id="emitters_div">
-            <div class="card bg-light border-success shadow mb-4">
+            <div class="card bg-light mb-4">
                 <div class="card-header">
                     <p class="card-text font-weight-bold">
                         <label for="source_note" id="source_note_label">{% trans "Select emitters" %}</label>
@@ -75,7 +75,7 @@ SPDX-License-Identifier: GPL-2.0-or-later
 
         {# list of receiver #}
         <div class="col-md-3" id="dests_div">
-            <div class="card bg-light border-info shadow mb-4">
+            <div class="card bg-light mb-4">
                 <div class="card-header">
                     <p class="card-text font-weight-bold" id="dest_title">
                         <label for="dest_note" id="dest_note_label">{% trans "Select receivers" %}</label>
@@ -97,8 +97,8 @@ SPDX-License-Identifier: GPL-2.0-or-later
         </div>
 
         {# Information on transaction (amount, reason, name,...) #}
-        <div class="col-md-3" id="external_div">
-            <div class="card bg-light border-warning shadow mb-4">
+        <div class="col-md" id="external_div">
+            <div class="card bg-light mb-4">
                 <div class="card-header">
                     <p class="card-text font-weight-bold">
                         {% trans "Action" %}
@@ -153,7 +153,7 @@ SPDX-License-Identifier: GPL-2.0-or-later
         </div>
     </div>
 {# transaction history #}
-    <div class="card shadow mb-4" id="history">
+    <div class="card mb-4" id="history">
         <div class="card-header">
             <p class="card-text font-weight-bold">
                 {% trans "Recent transactions history" %}
@@ -176,5 +176,5 @@ SPDX-License-Identifier: GPL-2.0-or-later
         select_receveirs_label = "{% trans "Select receivers" %}";
         transfer_type_label = "{% trans "Transfer type" %}";
     </script>
-    <script src="/static/js/transfer.js"></script>
+    <script src="{% static "note/js/transfer.js" %}"></script>
 {% endblock %}

apps/note/tests/test_transactions.py

@@ -1,15 +1,20 @@
 # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
 # SPDX-License-Identifier: GPL-3.0-or-later
 
+from api.tests import TestAPI
+from member.models import Club, Membership
 from django.contrib.auth.models import User
 from django.contrib.contenttypes.models import ContentType
 from django.test import TestCase
 from django.urls import reverse
-from member.models import Club, Membership
-from note.models import NoteUser, Transaction, TemplateCategory, TransactionTemplate, RecurrentTransaction, \
-    MembershipTransaction, SpecialTransaction, NoteSpecial, Alias
+from django.utils import timezone
 from permission.models import Role
 
+from ..api.views import AliasViewSet, ConsumerViewSet, NotePolymorphicViewSet, TemplateCategoryViewSet,\
+    TransactionTemplateViewSet, TransactionViewSet
+from ..models import NoteUser, Transaction, TemplateCategory, TransactionTemplate, RecurrentTransaction, \
+    MembershipTransaction, SpecialTransaction, NoteSpecial, Alias, Note
+
 
 class TestTransactions(TestCase):
     fixtures = ('initial', )
@@ -297,8 +302,8 @@ class TestTransactions(TestCase):
 
     def test_render_search_transactions(self):
         response = self.client.get(reverse("note:transactions", args=(self.user.note.pk,)), data=dict(
-            source=self.second_user.note.alias_set.first().id,
-            destination=self.user.note.alias_set.first().id,
+            source=self.second_user.note.alias.first().id,
+            destination=self.user.note.alias.first().id,
             type=[ContentType.objects.get_for_model(Transaction).id],
             reason="test",
             valid=True,
@@ -363,3 +368,69 @@ class TestTransactions(TestCase):
         self.assertTrue(Alias.objects.filter(name="test_updated_alias").exists())
         response = self.client.delete("/api/note/alias/" + str(alias.pk) + "/")
         self.assertEqual(response.status_code, 204)
+
+
+class TestNoteAPI(TestAPI):
+    def setUp(self) -> None:
+        super().setUp()
+
+        membership = Membership.objects.create(club=Club.objects.get(name="BDE"), user=self.user)
+        membership.roles.add(Role.objects.get(name="Respo info"))
+        membership.save()
+        Membership.objects.create(club=Club.objects.get(name="Kfet"), user=self.user)
+        self.user.note.last_negative = timezone.now()
+        self.user.note.save()
+
+        self.transaction = Transaction.objects.create(
+            source=Note.objects.first(),
+            destination=self.user.note,
+            amount=4200,
+            reason="Test transaction",
+        )
+        self.user.note.refresh_from_db()
+        Alias.objects.create(note=self.user.note, name="I am a ¢omplex alias")
+
+        self.category = TemplateCategory.objects.create(name="Test")
+        self.template = TransactionTemplate.objects.create(
+            name="Test",
+            destination=Club.objects.get(name="BDE").note,
+            category=self.category,
+            amount=100,
+            description="Test template",
+        )
+
+    def test_alias_api(self):
+        """
+        Load Alias API page and test all filters and permissions
+        """
+        self.check_viewset(AliasViewSet, "/api/note/alias/")
+
+    def test_consumer_api(self):
+        """
+        Load Consumer API page and test all filters and permissions
+        """
+        self.check_viewset(ConsumerViewSet, "/api/note/consumer/")
+
+    def test_note_api(self):
+        """
+        Load Note API page and test all filters and permissions
+        """
+        self.check_viewset(NotePolymorphicViewSet, "/api/note/note/")
+
+    def test_template_category_api(self):
+        """
+        Load TemplateCategory API page and test all filters and permissions
+        """
+        self.check_viewset(TemplateCategoryViewSet, "/api/note/transaction/category/")
+
+    def test_transaction_template_api(self):
+        """
+        Load TemplateTemplate API page and test all filters and permissions
+        """
+        self.check_viewset(TransactionTemplateViewSet, "/api/note/transaction/template/")
+
+    def test_transaction_api(self):
+        """
+        Load Transaction API page and test all filters and permissions
+        """
+        self.check_viewset(TransactionViewSet, "/api/note/transaction/transaction/")

apps/note/views.py

@@ -144,7 +144,7 @@ class TransactionTemplateUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, Up
 class ConsoView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTableView):
     """
     The Magic View that make people pay their beer and burgers.
-    (Most of the magic happens in the dark world of Javascript see `note_kfet/static/js/consos.js`)
+    (Most of the magic happens in the dark world of Javascript see `static/note/js/consos.js`)
     """
     model = Transaction
     template_name = "note/conso_form.html"

apps/permission/api/views.py

@@ -1,8 +1,9 @@
 # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
 # SPDX-License-Identifier: GPL-3.0-or-later
 
-from django_filters.rest_framework import DjangoFilterBackend
 from api.viewsets import ReadOnlyProtectedModelViewSet
+from django_filters.rest_framework import DjangoFilterBackend
+from rest_framework.filters import SearchFilter
 
 from .serializers import PermissionSerializer, RoleSerializer
 from ..models import Permission, Role
@@ -14,10 +15,11 @@ class PermissionViewSet(ReadOnlyProtectedModelViewSet):
     The djangorestframework plugin will get all `Permission` objects, serialize it to JSON with the given serializer,
     then render it on /api/permission/permission/
     """
-    queryset = Permission.objects.all()
+    queryset = Permission.objects.order_by('id')
     serializer_class = PermissionSerializer
-    filter_backends = [DjangoFilterBackend]
-    filterset_fields = ['model', 'type', ]
+    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filterset_fields = ['model', 'type', 'query', 'mask', 'field', 'permanent', ]
+    search_fields = ['$model__name', '$query', '$description', ]
 
 
 class RoleViewSet(ReadOnlyProtectedModelViewSet):
@@ -26,7 +28,8 @@ class RoleViewSet(ReadOnlyProtectedModelViewSet):
     The djangorestframework plugin will get all `RolePermission` objects, serialize it to JSON with the given serializer
     then render it on /api/permission/roles/
     """
-    queryset = Role.objects.all()
+    queryset = Role.objects.order_by('id')
     serializer_class = RoleSerializer
-    filter_backends = [DjangoFilterBackend]
-    filterset_fields = ['role', ]
+    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filterset_fields = ['name', 'permissions', 'for_club', 'memberships__user', ]
+    search_fields = ['$name', '$for_club__name', ]

apps/permission/backends.py

@@ -134,8 +134,6 @@ class PermissionBackend(ModelBackend):
             return False
 
         sess = get_current_session()
-        if sess is not None and sess.session_key is None:
-            return False
 
         if user_obj.is_superuser and sess.get("permission_mask", -1) >= 42:
             return True

apps/permission/decorators.py

@@ -1,10 +1,9 @@
 # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
 # SPDX-License-Identifier: GPL-3.0-or-later
-
+import sys
 from functools import lru_cache
 from time import time
 
-from django.conf import settings
 from django.contrib.sessions.models import Session
 from note_kfet.middlewares import get_current_session
 
@@ -33,12 +32,16 @@ def memoize(f):
         sess_funs = new_sess_funs
 
     def func(*args, **kwargs):
-        if settings.DEBUG:
-            # Don't memoize in DEBUG mode
-            return f(*args, **kwargs)
+        # if settings.DEBUG:
+        #     # Don't memoize in DEBUG mode
+        #     return f(*args, **kwargs)
 
         nonlocal last_collect
 
+        if "test" in sys.argv:
+            # In a test environment, don't memoize permissions
+            return f(*args, **kwargs)
+
         if time() - last_collect > 60:
             # Clear cache
             collect()

apps/permission/fixtures/initial.json

@@ -115,7 +115,7 @@
 			"type": "view",
 			"mask": 1,
 			"field": "",
-			"permanent": true,
+			"permanent": false,
 			"description": "Voir les aliases des notes des clubs et des adhérents du club Kfet"
 		}
 	},
@@ -799,12 +799,12 @@
 				"member",
 				"membership"
 			],
-			"query": "{\"club\": [\"club\"]}",
+			"query": "{}",
 			"type": "change",
 			"mask": 3,
 			"field": "roles",
 			"permanent": false,
-			"description": "Modifier les rôles d'un adhérent d'un club"
+			"description": "Modifier les rôles d'une adhésion"
 		}
 	},
 	{
@@ -819,7 +819,7 @@
 			"type": "change",
 			"mask": 1,
 			"field": "",
-			"permanent": false,
+			"permanent": true,
 			"description": "Modifier son profil"
 		}
 	},
@@ -1103,7 +1103,7 @@
 				"treasury",
 				"sogecredit"
 			],
-			"query": "{\"credit_transaction\": null}",
+			"query": "{}",
 			"type": "add",
 			"mask": 1,
 			"field": "",
@@ -2081,7 +2081,7 @@
 			],
 			"query": "{}",
 			"type": "change",
-			"mask": 1,
+			"mask": 2,
 			"field": "invalidity_reason",
 			"permanent": false,
 			"description": "Modifier la raison d'invalidité d'une transaction"
@@ -2647,6 +2647,230 @@
 			"description": "Changer l'image de la note de son club"
 		}
 	},
+	{
+		"model": "permission.permission",
+		"pk": 170,
+		"fields": {
+			"model": [
+				"note",
+				"alias"
+			],
+			"query": "{\"note__is_active\": true}",
+			"type": "add",
+			"mask": 1,
+			"field": "",
+			"permanent": false,
+			"description": "Ajouter n'importe quel alias à une note non bloquée"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 171,
+		"fields": {
+			"model": [
+				"note",
+				"alias"
+			],
+			"query": "{\"note__is_active\": true}",
+			"type": "delete",
+			"mask": 3,
+			"field": "",
+			"permanent": false,
+			"description": "Supprimer n'importe quel alias à une note non bloquée"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 172,
+		"fields": {
+			"model": [
+				"treasury",
+				"remittance"
+			],
+			"query": "{}",
+			"type": "view",
+			"mask": 3,
+			"field": "",
+			"permanent": false,
+			"description": "Voir toutes les remises"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 173,
+		"fields": {
+			"model": [
+				"treasury",
+				"remittance"
+			],
+			"query": "{}",
+			"type": "add",
+			"mask": 3,
+			"field": "",
+			"permanent": false,
+			"description": "Ajouter une remise"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 174,
+		"fields": {
+			"model": [
+				"treasury",
+				"remittance"
+			],
+			"query": "{}",
+			"type": "change",
+			"mask": 3,
+			"field": "",
+			"permanent": false,
+			"description": "Modifier une remise"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 175,
+		"fields": {
+			"model": [
+				"treasury",
+				"remittance"
+			],
+			"query": "{}",
+			"type": "delete",
+			"mask": 3,
+			"field": "",
+			"permanent": false,
+			"description": "Supprimer une remise"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 176,
+		"fields": {
+			"model": [
+				"auth",
+				"user"
+			],
+			"query": "{\"profile__registration_valid\": false}",
+			"type": "change",
+			"mask": 1,
+			"field": "",
+			"permanent": false,
+			"description": "Modifier n'importe quel utilisateur non encore inscrit"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 177,
+		"fields": {
+			"model": [
+				"member",
+				"profile"
+			],
+			"query": "{\"registration_valid\": false}",
+			"type": "change",
+			"mask": 1,
+			"field": "",
+			"permanent": false,
+			"description": "Modifier n'importe quel profil non encore inscrit"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 178,
+		"fields": {
+			"model": [
+				"note",
+				"alias"
+			],
+			"query": "{}",
+			"type": "view",
+			"mask": 3,
+			"field": "",
+			"permanent": false,
+			"description": "Voir tous les alias, y compris ceux des non adhérents"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 179,
+		"fields": {
+			"model": [
+				"note",
+				"alias"
+			],
+			"query": "{\"note__noteuser__user\": [\"user\"]}",
+			"type": "view",
+			"mask": 1,
+			"field": "",
+			"permanent": true,
+			"description": "Voir ses propres alias, pour toujours"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 180,
+		"fields": {
+			"model": [
+				"auth",
+				"user"
+			],
+			"query": "{\"profile__registration_valid\": false}",
+			"type": "view",
+			"mask": 2,
+			"field": "",
+			"permanent": false,
+			"description": "Voir n'importe quel utilisateur non encore inscrit"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 181,
+		"fields": {
+			"model": [
+				"member",
+				"profile"
+			],
+			"query": "{\"registration_valid\": false}",
+			"type": "view",
+			"mask": 2,
+			"field": "",
+			"permanent": false,
+			"description": "Voir n'importe quel profil non encore inscrit"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 182,
+		"fields": {
+			"model": [
+				"auth",
+				"user"
+			],
+			"query": "{\"memberships__club__name\": \"BDE\", \"memberships__roles__name\": \"Adhérent BDE\", \"memberships__date_start__lte\": [\"today\"], \"memberships__date_end__gte\": [\"today\"]}",
+			"type": "view",
+			"mask": 2,
+			"field": "",
+			"permanent": false,
+			"description": "Voir n'importe quel utilisateur qui est adhérent BDE"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 183,
+		"fields": {
+			"model": [
+				"note",
+				"note"
+			],
+			"query": "{}",
+			"type": "change",
+			"mask": 1,
+			"field": "display_image",
+			"permanent": false,
+			"description": "Changer l'image de n'importe quelle note"
+		}
+	},
 	{
 		"model": "permission.role",
 		"pk": 1,
@@ -2717,7 +2941,8 @@
 				157,
 				158,
 				159,
-				160
+				160,
+				179
 			]
 		}
 	},
@@ -2778,14 +3003,14 @@
 				62,
 				127,
 				133,
-				135,
 				136,
 				141,
 				142,
 				150,
 				166,
 				167,
-				168
+				168,
+				182
 			]
 		}
 	},
@@ -2799,7 +3024,9 @@
 				24,
 				25,
 				26,
-				27
+				27,
+				30,
+				33
 			]
 		}
 	},
@@ -2821,6 +3048,7 @@
 				31,
 				32,
 				33,
+				51,
 				53,
 				54,
 				55,
@@ -2844,13 +3072,24 @@
 				137,
 				138,
 				139,
+				140,
 				143,
 				146,
 				147,
 				150,
 				151,
 				163,
-				164
+				164,
+				170,
+				171,
+				172,
+				173,
+				174,
+				175,
+				176,
+				177,
+				178,
+				183
 			]
 		}
 	},
@@ -3024,7 +3263,21 @@
 				166,
 				167,
 				168,
-				169
+				169,
+				170,
+				171,
+				172,
+				173,
+				174,
+				175,
+				176,
+				177,
+				178,
+				179,
+				180,
+				181,
+				182,
+				183
 			]
 		}
 	},
@@ -3050,10 +3303,20 @@
 				29,
 				30,
 				31,
+				70,
 				143,
 				166,
 				167,
-				168
+				168,
+				170,
+				171,
+				176,
+				177,
+				178,
+				179,
+				180,
+				181,
+				182
 			]
 		}
 	},
@@ -3216,13 +3479,50 @@
 				135,
 				136,
 				137,
-				138,
 				139,
 				140,
+				143,
 				145,
 				146,
 				147,
-				150
+				150,
+				176,
+				177
+			]
+		}
+	},
+	{
+		"model": "permission.role",
+		"pk": 20,
+		"fields": {
+			"for_club": 2,
+			"name": "PC Kfet",
+			"permissions": [
+				6,
+				22,
+				24,
+				25,
+				26,
+				27,
+				30,
+				49,
+				50,
+				55,
+				56,
+				57,
+				58,
+				135,
+				137,
+				143,
+				147,
+				150,
+				166,
+				167,
+				168,
+				176,
+				177,
+				180,
+				181
 			]
 		}
 	},

apps/permission/models.py

@@ -43,7 +43,9 @@ class InstancedPermission:
                 obj = copy(obj)
                 obj.pk = 0
                 with transaction.atomic():
+                    sid = transaction.savepoint()
                     for o in self.model.model_class().objects.filter(pk=0).all():
+                        o._no_signal = True
                         o._force_delete = True
                         Model.delete(o)
                         # An object with pk 0 wouldn't deleted. That's not normal, we alert admins.
@@ -61,9 +63,7 @@ class InstancedPermission:
                     obj._no_signal = True
                     Model.save(obj, force_insert=True)
                     ret = self.model.model_class().objects.filter(self.query & Q(pk=0)).exists()
-                    # Delete testing object
-                    obj._force_delete = True
-                    Model.delete(obj)
+                    transaction.savepoint_rollback(sid)
 
                 return ret
 
@@ -199,6 +199,7 @@ class Permission(models.Model):
         if self.field and self.type not in {'view', 'change'}:
             raise ValidationError(_("Specifying field applies only to view and change permission types."))
 
+    @transaction.atomic
     def save(self, **kwargs):
         self.full_clean()
         super().save()

apps/permission/permissions.py

@@ -14,6 +14,7 @@ class StrongDjangoObjectPermissions(DjangoObjectPermissions):
     This is a simple patch of this class that controls view access.
     """
 
+    # The queryset is filtered, and permissions are more powerful than a simple check than just "can view this model"
     perms_map = {
         'GET': ['%(app_label)s.view_%(model_name)s'],
         'OPTIONS': [],

apps/permission/templatetags/perms.py

@@ -5,7 +5,6 @@ from django.contrib.auth.models import AnonymousUser
 from django.contrib.contenttypes.models import ContentType
 from django.template.defaultfilters import stringfilter
 from django import template
-from note.models import Transaction
 from note_kfet.middlewares import get_current_authenticated_user, get_current_session
 from permission.backends import PermissionBackend
 
@@ -25,21 +24,6 @@ def not_empty_model_list(model_name):
     return qs.exists()
 
 
-@stringfilter
-def not_empty_model_change_list(model_name):
-    """
-    Return True if and only if the current user has right to change any object of the given model.
-    """
-    user = get_current_authenticated_user()
-    session = get_current_session()
-    if user is None or isinstance(user, AnonymousUser):
-        return False
-    elif user.is_superuser and session.get("permission_mask", -1) >= 42:
-        return True
-    qs = model_list(model_name, "change")
-    return qs.exists()
-
-
 @stringfilter
 def model_list(model_name, t="view", fetch=True):
     """
@@ -68,33 +52,8 @@ def has_perm(perm, obj):
     return PermissionBackend.check_perm(get_current_authenticated_user(), perm, obj)
 
 
-def can_create_transaction():
-    """
-    :return: True iff the authenticated user can create a transaction.
-    """
-    user = get_current_authenticated_user()
-    session = get_current_session()
-    if user is None or isinstance(user, AnonymousUser):
-        return False
-    elif user.is_superuser and session.get("permission_mask", -1) >= 42:
-        return True
-    if session.get("can_create_transaction", None):
-        return session.get("can_create_transaction", None) == 1
-
-    empty_transaction = Transaction(
-        source=user.note,
-        destination=user.note,
-        quantity=1,
-        amount=0,
-        reason="Check permissions",
-    )
-    session["can_create_transaction"] = PermissionBackend.check_perm(user, "note.add_transaction", empty_transaction)
-    return session.get("can_create_transaction") == 1
-
-
 register = template.Library()
 register.filter('not_empty_model_list', not_empty_model_list)
-register.filter('not_empty_model_change_list', not_empty_model_change_list)
 register.filter('model_list', model_list)
 register.filter('model_list_length', model_list_length)
 register.filter('has_perm', has_perm)

apps/permission/tests/test_permission_queries.py

@@ -78,7 +78,7 @@ class PermissionQueryTestCase(TestCase):
                 query = instanced.query
                 model = perm.model.model_class()
                 model.objects.filter(query).all()
-            except (FieldError, AttributeError, ValueError, TypeError, JSONDecodeError):
+            except (FieldError, AttributeError, ValueError, TypeError, JSONDecodeError):  # pragma: no cover
                 print("Query error for permission", perm)
                 print("Query:", perm.query)
                 if instanced.query:

apps/permission/views.py

@@ -6,6 +6,7 @@ from datetime import date
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.models import User
 from django.core.exceptions import PermissionDenied
+from django.db import transaction
 from django.db.models import Q
 from django.forms import HiddenInput
 from django.http import Http404
@@ -50,12 +51,15 @@ class ProtectQuerysetMixin:
         # No worry if the user change the hidden fields: a 403 error will be performed if the user tries to make
         # a custom request.
         # We could also delete the field, but some views might be affected.
+        meta = form.instance._meta
         for key in form.base_fields:
-            if not PermissionBackend.check_perm(self.request.user, "wei.change_weiregistration_" + key, self.object):
+            if not PermissionBackend.check_perm(self.request.user,
+                                                f"{meta.app_label}.change_{meta.model_name}_" + key, self.object):
                 form.fields[key].widget = HiddenInput()
 
         return form
 
+    @transaction.atomic
     def form_valid(self, form):
         """
         Submit the form, if the page is a FormView.
@@ -81,7 +85,7 @@ class ProtectedCreateView(LoginRequiredMixin, CreateView):
     If not, a 403 error is displayed.
     """
 
-    def get_sample_object(self):
+    def get_sample_object(self):  # pragma: no cover
         """
         return a sample instance of the Model.
         It should be valid (can be stored properly in database), but must not collide with existing data.

apps/registration/forms.py

@@ -44,6 +44,15 @@ class SignUpForm(UserCreationForm):
         fields = ('first_name', 'last_name', 'username', 'email', )
 
 
+class DeclareSogeAccountOpenedForm(forms.Form):
+    soge_account = forms.BooleanField(
+        label=_("I declare that I opened a bank account in the Société générale with the BDE partnership."),
+        help_text=_("Warning: this engages you to open your bank account. If you finally decides to don't open your "
+                    "account, you will have to pay the BDE membership."),
+        required=False,
+    )
+
+
 class WEISignupForm(forms.Form):
     wei_registration = forms.BooleanField(
         label=_("Register to the WEI"),
@@ -60,7 +69,7 @@ class ValidationForm(forms.Form):
     soge = forms.BooleanField(
         label=_("Inscription paid by Société Générale"),
         required=False,
-        help_text=_("Check this case is the Société Générale paid the inscription."),
+        help_text=_("Check this case if the Société Générale paid the inscription."),
     )
 
     credit_type = forms.ModelChoiceField(
@@ -92,14 +101,14 @@ class ValidationForm(forms.Form):
         required=False,
     )
 
-    join_BDE = forms.BooleanField(
+    join_bde = forms.BooleanField(
         label=_("Join BDE Club"),
         required=False,
         initial=True,
     )
 
     # The user can join the Kfet club at the inscription
-    join_Kfet = forms.BooleanField(
+    join_kfet = forms.BooleanField(
         label=_("Join Kfet Club"),
         required=False,
         initial=True,

apps/registration/tables.py

@@ -3,6 +3,7 @@
 
 import django_tables2 as tables
 from django.contrib.auth.models import User
+from treasury.models import SogeCredit
 
 
 class FutureUserTable(tables.Table):
@@ -21,6 +22,7 @@ class FutureUserTable(tables.Table):
         fields = ('last_name', 'first_name', 'username', 'email', )
         model = User
         row_attrs = {
-            'class': 'table-row',
+            'class': lambda record: 'table-row'
+                                    + (' bg-warning' if SogeCredit.objects.filter(user=record).exists() else ''),
             'data-href': lambda record: record.pk
         }

apps/registration/templates/registration/future_profile_detail.html

@@ -6,7 +6,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
 
 {% block content %}
     <div class="row mt-4">
-        <div class="col-md-3 mb-4">
+        <div class="col-xl-5 mb-4">
             <div class="card bg-light shadow">
                 <div class="card-header text-center" >
                     <h4> {% trans "Account #" %}  {{ object.pk }}</h4>
@@ -50,12 +50,19 @@ SPDX-License-Identifier: GPL-3.0-or-later
                 </div>
             </div>
         </div>
-        <div class="col-md-9">
+        <div class="col-md-7">
             <div class="card bg-light shadow">
                 <form method="post">
                     <div class="card-header text-center" >
                         <h4> {% trans "Validate account" %}</h4>
                     </div>
+
+                    {% if declare_soge_account %}
+                        <div class="alert alert-info">
+                        {% trans "The user declared that he/she opened a bank account in the Société générale." %}
+                        </div>
+                    {% endif %}
+
                     <div class="card-body" id="profile_infos">
                         {% csrf_token %}
                         {{ form|crispy }}
@@ -93,20 +100,21 @@ SPDX-License-Identifier: GPL-3.0-or-later
             bank.attr('disabled', true);
             bank.val('Société générale');
 
-            let join_BDE = $("#id_join_BDE");
-            join_BDE.attr('disabled', true);
-            join_BDE.attr('checked', 'checked');
+            let join_bde = $("#id_join_bde");
 
-            let join_Kfet = $("#id_join_Kfet");
-            join_Kfet.attr('disabled', true);
-            join_Kfet.attr('checked', 'checked');
+            join_bde.attr('disabled', true);
+            join_bde.attr('checked', 'checked');
+
+            let join_kfet = $("#id_join_kfet");
+            join_kfet.attr('disabled', true);
+            join_kfet.attr('checked', 'checked');
         }
 
         soge_field.change(fillFields);
 
-        {% if object.profile.soge %}
+        {% if declare_soge_account %}
             soge_field.attr('checked', true);
             fillFields();
         {% endif %}
     </script>
-{% endblock %}
+{% endblock %}

apps/registration/tests/test_registration.py

@@ -196,8 +196,8 @@ class TestValidateRegistration(TestCase):
             last_name="TOTO",
             first_name="Toto",
             bank="Société générale",
-            join_BDE=False,
-            join_Kfet=False,
+            join_bde=False,
+            join_kfet=False,
         ))
         self.assertEqual(response.status_code, 200)
         self.assertTrue(response.context["form"].errors)
@@ -210,8 +210,8 @@ class TestValidateRegistration(TestCase):
             last_name="TOTO",
             first_name="Toto",
             bank="Société générale",
-            join_BDE=False,
-            join_Kfet=True,
+            join_bde=False,
+            join_kfet=True,
         ))
         self.assertEqual(response.status_code, 200)
         self.assertTrue(response.context["form"].errors)
@@ -224,8 +224,8 @@ class TestValidateRegistration(TestCase):
             last_name="TOTO",
             first_name="Toto",
             bank="J'ai pas d'argent",
-            join_BDE=True,
-            join_Kfet=True,
+            join_bde=True,
+            join_kfet=True,
         ))
         self.assertEqual(response.status_code, 200)
         self.assertTrue(response.context["form"].errors)
@@ -238,8 +238,8 @@ class TestValidateRegistration(TestCase):
             last_name="",
             first_name="",
             bank="",
-            join_BDE=True,
-            join_Kfet=True,
+            join_bde=True,
+            join_kfet=True,
         ))
         self.assertEqual(response.status_code, 200)
         self.assertTrue(response.context["form"].errors)
@@ -255,8 +255,8 @@ class TestValidateRegistration(TestCase):
             last_name="TOTO",
             first_name="Toto",
             bank="Société générale",
-            join_BDE=True,
-            join_Kfet=False,
+            join_bde=True,
+            join_kfet=False,
         ))
         self.assertEqual(response.status_code, 200)
         self.assertTrue(response.context["form"].errors)
@@ -281,8 +281,8 @@ class TestValidateRegistration(TestCase):
             last_name="TOTO",
             first_name="Toto",
             bank="Société générale",
-            join_BDE=True,
-            join_Kfet=False,
+            join_bde=True,
+            join_kfet=False,
         ))
         self.assertRedirects(response, self.user.profile.get_absolute_url(), 302, 200)
         self.user.profile.refresh_from_db()
@@ -317,8 +317,8 @@ class TestValidateRegistration(TestCase):
             last_name="TOTO",
             first_name="Toto",
             bank="Société générale",
-            join_BDE=True,
-            join_Kfet=True,
+            join_bde=True,
+            join_kfet=True,
         ))
         self.assertRedirects(response, self.user.profile.get_absolute_url(), 302, 200)
         self.user.profile.refresh_from_db()
@@ -353,8 +353,8 @@ class TestValidateRegistration(TestCase):
             last_name="TOTO",
             first_name="Toto",
             bank="Société générale",
-            join_BDE=True,
-            join_Kfet=True,
+            join_bde=True,
+            join_kfet=True,
         ))
         self.assertRedirects(response, self.user.profile.get_absolute_url(), 302, 200)
         self.user.profile.refresh_from_db()

apps/registration/tokens.py

@@ -9,6 +9,7 @@ class AccountActivationTokenGenerator(PasswordResetTokenGenerator):
     """
     Create a unique token generator to confirm email addresses.
     """
+
     def _make_hash_value(self, user, timestamp):
         """
         Hash the user's primary key and some user state that's sure to change
@@ -23,9 +24,18 @@ class AccountActivationTokenGenerator(PasswordResetTokenGenerator):
         """
         # Truncate microseconds so that tokens are consistent even if the
         # database doesn't support microseconds.
-        login_timestamp = '' if user.last_login is None else user.last_login.replace(microsecond=0, tzinfo=None)
-        return str(user.pk) + str(user.email) + str(user.profile.email_confirmed)\
-               + str(login_timestamp) + str(timestamp)
+        login_timestamp = (
+            ""
+            if user.last_login is None
+            else user.last_login.replace(microsecond=0, tzinfo=None)
+        )
+        return (
+            str(user.pk)
+            + str(user.email)
+            + str(user.profile.email_confirmed)
+            + str(login_timestamp)
+            + str(timestamp)
+        )
 
 
 email_validation_token = AccountActivationTokenGenerator()

apps/registration/views.py

@@ -5,6 +5,7 @@ from django.conf import settings
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.models import User
 from django.core.exceptions import ValidationError
+from django.db import transaction
 from django.db.models import Q
 from django.shortcuts import resolve_url, redirect
 from django.urls import reverse_lazy
@@ -23,7 +24,7 @@ from permission.models import Role
 from permission.views import ProtectQuerysetMixin
 from treasury.models import SogeCredit
 
-from .forms import SignUpForm, ValidationForm
+from .forms import SignUpForm, ValidationForm, DeclareSogeAccountOpenedForm
 from .tables import FutureUserTable
 from .tokens import email_validation_token
 
@@ -41,12 +42,14 @@ class UserCreateView(CreateView):
     def get_context_data(self, **kwargs):
         context = super().get_context_data(**kwargs)
         context["profile_form"] = self.second_form(self.request.POST if self.request.POST else None)
+        context["soge_form"] = DeclareSogeAccountOpenedForm(self.request.POST if self.request.POST else None)
         del context["profile_form"].fields["section"]
         del context["profile_form"].fields["report_frequency"]
         del context["profile_form"].fields["last_report"]
 
         return context
 
+    @transaction.atomic
     def form_valid(self, form):
         """
         If the form is valid, then the user is created with is_active set to False
@@ -70,6 +73,13 @@ class UserCreateView(CreateView):
 
         user.profile.send_email_validation_link()
 
+        soge_form = DeclareSogeAccountOpenedForm(self.request.POST)
+        if "soge_account" in soge_form.data and soge_form.data["soge_account"]:
+            # If the user declares that a bank account got opened, prepare the soge credit to warn treasurers
+            soge_credit = SogeCredit(user=user)
+            soge_credit._force_save = True
+            soge_credit.save()
+
         return super().form_valid(form)
 
     def get_success_url(self):
@@ -180,7 +190,7 @@ class FutureUserListView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTableVi
                 | Q(username__iregex="^" + pattern)
             )
 
-        return qs[:20]
+        return qs
 
     def get_context_data(self, **kwargs):
         context = super().get_context_data(**kwargs)
@@ -225,6 +235,8 @@ class FutureUserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, FormMixin,
         fee += 8000
         ctx["total_fee"] = "{:.02f}".format(fee / 100, )
 
+        ctx["declare_soge_account"] = SogeCredit.objects.filter(user=user).exists()
+
         return ctx
 
     def get_form(self, form_class=None):
@@ -234,10 +246,15 @@ class FutureUserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, FormMixin,
         form.fields["first_name"].initial = user.first_name
         return form
 
+    @transaction.atomic
     def form_valid(self, form):
+        """
+        Finally validate the registration, with creating the membership.
+        """
         user = self.get_object()
 
         if Alias.objects.filter(normalized_name=Alias.normalize(user.username)).exists():
+            # Don't try to hack an existing account.
             form.add_error(None, _("An alias with a similar name already exists."))
             return self.form_invalid(form)
 
@@ -248,35 +265,36 @@ class FutureUserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, FormMixin,
         last_name = form.cleaned_data["last_name"]
         first_name = form.cleaned_data["first_name"]
         bank = form.cleaned_data["bank"]
-        join_BDE = form.cleaned_data["join_BDE"]
-        join_Kfet = form.cleaned_data["join_Kfet"]
+        join_bde = form.cleaned_data["join_bde"]
+        join_kfet = form.cleaned_data["join_kfet"]
 
         if soge:
-            # If Société Générale pays the inscription, the user joins the two clubs
-            join_BDE = True
-            join_Kfet = True
+            # If Société Générale pays the inscription, the user automatically joins the two clubs.
+            join_bde = True
+            join_kfet = True
 
-        if not join_BDE:
-            form.add_error('join_BDE', _("You must join the BDE."))
+        if not join_bde:
+            # This software belongs to the BDE.
+            form.add_error('join_bde', _("You must join the BDE."))
             return super().form_invalid(form)
 
+        # Calculate required registration fee
         fee = 0
         bde = Club.objects.get(name="BDE")
         bde_fee = bde.membership_fee_paid if user.profile.paid else bde.membership_fee_unpaid
-        if join_BDE:
-            fee += bde_fee
+        # This is mandatory.
+        fee += bde_fee if join_bde else 0
         kfet = Club.objects.get(name="Kfet")
         kfet_fee = kfet.membership_fee_paid if user.profile.paid else kfet.membership_fee_unpaid
-        if join_Kfet:
-            fee += kfet_fee
+        # Add extra fee for the full membership
+        fee += kfet_fee if join_kfet else 0
 
-        if soge:
-            # If the bank pays, then we don't credit now. Treasurers will validate the transaction
-            # and credit the note later.
-            credit_type = None
+        # If the bank pays, then we don't credit now. Treasurers will validate the transaction
+        # and credit the note later.
+        credit_type = None if soge else credit_type
 
-        if credit_type is None:
-            credit_amount = 0
+        # If the user does not select any payment method, then no credit will be performed.
+        credit_amount = 0 if credit_type is None else credit_amount
 
         if fee > credit_amount and not soge:
             # Check if the user credits enough money
@@ -285,15 +303,9 @@ class FutureUserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, FormMixin,
                            .format(pretty_money(fee)))
             return self.form_invalid(form)
 
-        if credit_type is not None and credit_amount > 0:
-            if not last_name or not first_name or (not bank and credit_type.special_type == "Chèque"):
-                if not last_name:
-                    form.add_error('last_name', _("This field is required."))
-                if not first_name:
-                    form.add_error('first_name', _("This field is required."))
-                if not bank and credit_type.special_type == "Chèque":
-                    form.add_error('bank', _("This field is required."))
-                return self.form_invalid(form)
+        # Check that payment information are filled, like last name and first name
+        if credit_type is not None and credit_amount > 0 and not SpecialTransaction.validate_payment_form(form):
+            return self.form_invalid(form)
 
         # Save the user and finally validate the registration
         # Saving the user creates the associated note
@@ -304,6 +316,13 @@ class FutureUserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, FormMixin,
         user.profile.save()
         user.refresh_from_db()
 
+        if not soge and SogeCredit.objects.filter(user=user).exists():
+            # If the user declared that a bank account was opened but in the validation form the SoGé case was
+            # unchecked, delete the associated credit
+            soge_credit = SogeCredit.objects.get(user=user)
+            soge_credit._force_delete = True
+            soge_credit.delete()
+
         if credit_type is not None and credit_amount > 0:
             # Credit the note
             SpecialTransaction.objects.create(
@@ -318,7 +337,7 @@ class FutureUserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, FormMixin,
                 valid=True,
             )
 
-        if join_BDE:
+        if join_bde:
             # Create membership for the user to the BDE starting today
             membership = Membership(
                 club=bde,
@@ -332,7 +351,7 @@ class FutureUserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, FormMixin,
             membership.roles.add(Role.objects.get(name="Adhérent BDE"))
             membership.save()
 
-        if join_Kfet:
+        if join_kfet:
             # Create membership for the user to the Kfet starting today
             membership = Membership(
                 club=kfet,
@@ -370,6 +389,8 @@ class FutureUserInvalidateView(ProtectQuerysetMixin, LoginRequiredMixin, View):
         user = User.objects.filter(profile__registration_valid=False)\
             .filter(PermissionBackend.filter_queryset(request.user, User, "change", "is_valid"))\
             .get(pk=self.kwargs["pk"])
+        # Delete associated soge credits before
+        SogeCredit.objects.filter(user=user).delete()
 
         user.delete()
 

apps/treasury/api/views.py

@@ -16,10 +16,11 @@ class InvoiceViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `Invoice` objects, serialize it to JSON with the given serializer,
     then render it on /api/treasury/invoice/
     """
-    queryset = Invoice.objects.order_by("id").all()
+    queryset = Invoice.objects.order_by('id')
     serializer_class = InvoiceSerializer
-    filter_backends = [DjangoFilterBackend]
-    filterset_fields = ['bde', ]
+    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filterset_fields = ['bde', 'object', 'description', 'name', 'address', 'date', 'acquitted', 'locked', ]
+    search_fields = ['$object', '$description', '$name', '$address', ]
 
 
 class ProductViewSet(ReadProtectedModelViewSet):
@@ -28,10 +29,11 @@ class ProductViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `Product` objects, serialize it to JSON with the given serializer,
     then render it on /api/treasury/product/
     """
-    queryset = Product.objects.order_by("invoice_id", "id").all()
+    queryset = Product.objects.order_by('invoice_id', 'id')
     serializer_class = ProductSerializer
-    filter_backends = [SearchFilter]
-    search_fields = ['$designation', ]
+    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filterset_fields = ['invoice', 'designation', 'quantity', 'amount', ]
+    search_fields = ['$designation', '$invoice__object', ]
 
 
 class RemittanceTypeViewSet(ReadProtectedModelViewSet):
@@ -40,8 +42,11 @@ class RemittanceTypeViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `RemittanceType` objects, serialize it to JSON with the given serializer
     then render it on /api/treasury/remittance_type/
     """
-    queryset = RemittanceType.objects.order_by("id")
+    queryset = RemittanceType.objects.order_by('id')
     serializer_class = RemittanceTypeSerializer
+    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filterset_fields = ['note', ]
+    search_fields = ['$note__special_type', ]
 
 
 class RemittanceViewSet(ReadProtectedModelViewSet):
@@ -50,8 +55,11 @@ class RemittanceViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `Remittance` objects, serialize it to JSON with the given serializer,
     then render it on /api/treasury/remittance/
     """
-    queryset = Remittance.objects.order_by("id")
+    queryset = Remittance.objects.order_by('id')
     serializer_class = RemittanceSerializer
+    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filterset_fields = ['date', 'remittance_type', 'comment', 'closed', 'transaction_proxies__transaction', ]
+    search_fields = ['$remittance_type__note__special_type', '$comment', ]
 
 
 class SogeCreditViewSet(ReadProtectedModelViewSet):
@@ -60,5 +68,10 @@ class SogeCreditViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `SogeCredit` objects, serialize it to JSON with the given serializer,
     then render it on /api/treasury/soge_credit/
     """
-    queryset = SogeCredit.objects.order_by("id")
+    queryset = SogeCredit.objects.order_by('id')
     serializer_class = SogeCreditSerializer
+    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filterset_fields = ['user', 'user__last_name', 'user__first_name', 'user__email', 'user__note__alias__name',
+                        'user__note__alias__normalized_name', 'transactions', 'credit_transaction', ]
+    search_fields = ['$user__last_name', '$user__first_name', '$user__email', '$user__note__alias__name',
+                     '$user__note__alias__normalized_name', ]

apps/treasury/apps.py

@@ -28,6 +28,8 @@ class TreasuryConfig(AppConfig):
                     source__in=NoteSpecial.objects.filter(~Q(remittancetype=None)),
                     specialtransactionproxy=None,
             ):
-                SpecialTransactionProxy.objects.create(transaction=transaction, remittance=None)
+                proxy = SpecialTransactionProxy(transaction=transaction, remittance=None)
+                proxy._force_save = True
+                proxy.save()
 
         post_migrate.connect(setup_specialtransactions_proxies, sender=SpecialTransactionProxy)

apps/treasury/forms.py

@@ -4,6 +4,7 @@
 from crispy_forms.helper import FormHelper
 from crispy_forms.layout import Submit
 from django import forms
+from django.db import transaction
 from django.utils.translation import gettext_lazy as _
 from note_kfet.inputs import AmountInput
 
@@ -149,6 +150,7 @@ class LinkTransactionToRemittanceForm(forms.ModelForm):
         self.instance.transaction.bank = cleaned_data["bank"]
         return cleaned_data
 
+    @transaction.atomic
     def save(self, commit=True):
         """
         Save the transaction and the remittance.

apps/treasury/migrations/0003_auto_20210321_1034.py

@@ -0,0 +1,25 @@
+# Generated by Django 2.2.19 on 2021-03-21 09:34
+
+import django.core.validators
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('treasury', '0002_invoice_remove_png_extension'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='product',
+            name='quantity',
+            field=models.DecimalField(decimal_places=2, max_digits=7, validators=[django.core.validators.MinValueValidator(0)], verbose_name='Quantity'),
+        ),
+        migrations.AlterField(
+            model_name='specialtransactionproxy',
+            name='remittance',
+            field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.PROTECT, related_name='transaction_proxies', to='treasury.Remittance', verbose_name='Remittance'),
+        ),
+    ]

apps/treasury/models.py

@@ -5,12 +5,13 @@ from datetime import date
 
 from django.contrib.auth.models import User
 from django.core.exceptions import ValidationError
-from django.db import models
+from django.core.validators import MinValueValidator
+from django.db import models, transaction
 from django.db.models import Q
 from django.template.loader import render_to_string
 from django.utils import timezone
 from django.utils.translation import gettext_lazy as _
-from note.models import NoteSpecial, SpecialTransaction, MembershipTransaction
+from note.models import NoteSpecial, SpecialTransaction, MembershipTransaction, NoteUser
 
 
 class Invoice(models.Model):
@@ -76,6 +77,7 @@ class Invoice(models.Model):
         verbose_name=_("tex source"),
     )
 
+    @transaction.atomic
     def save(self, *args, **kwargs):
         """
         When an invoice is generated, we store the tex source.
@@ -130,12 +132,15 @@ class Product(models.Model):
         verbose_name=_("Designation"),
     )
 
-    quantity = models.PositiveIntegerField(
-        verbose_name=_("Quantity")
+    quantity = models.DecimalField(
+        decimal_places=2,
+        max_digits=7,
+        verbose_name=_("Quantity"),
+        validators=[MinValueValidator(0)],
     )
 
     amount = models.IntegerField(
-        verbose_name=_("Unit price")
+        verbose_name=_("Unit price"),
     )
 
     @property
@@ -228,6 +233,7 @@ class Remittance(models.Model):
         """
         return sum(transaction.total for transaction in self.transactions.all())
 
+    @transaction.atomic
     def save(self, force_insert=False, force_update=False, using=None, update_fields=None):
         # Check if all transactions have the right type.
         if self.transactions.exists() and self.transactions.filter(~Q(source=self.remittance_type.note)).exists():
@@ -255,6 +261,7 @@ class SpecialTransactionProxy(models.Model):
         Remittance,
         on_delete=models.PROTECT,
         null=True,
+        related_name="transaction_proxies",
         verbose_name=_("Remittance"),
     )
 
@@ -291,11 +298,12 @@ class SogeCredit(models.Model):
 
     @property
     def valid(self):
-        return self.credit_transaction.valid
+        return self.credit_transaction and self.credit_transaction.valid
 
     @property
     def amount(self):
-        return sum(transaction.total for transaction in self.transactions.all()) + 8000
+        return self.credit_transaction.total if self.valid \
+            else sum(transaction.total for transaction in self.transactions.all()) + 8000
 
     def invalidate(self):
         """
@@ -305,10 +313,10 @@ class SogeCredit(models.Model):
         if self.valid:
             self.credit_transaction.valid = False
             self.credit_transaction.save()
-        for transaction in self.transactions.all():
-            transaction.valid = False
-            transaction._force_save = True
-            transaction.save()
+        for tr in self.transactions.all():
+            tr.valid = False
+            tr._force_save = True
+            tr.save()
 
     def validate(self, force=False):
         if self.valid and not force:
@@ -320,18 +328,25 @@ class SogeCredit(models.Model):
         # Refresh credit amount
         self.save()
         self.credit_transaction.valid = True
+        self.credit_transaction._force_save = True
         self.credit_transaction.save()
         self.save()
 
-        for transaction in self.transactions.all():
-            transaction.valid = True
-            transaction._force_save = True
-            transaction.created_at = timezone.now()
-            transaction.save()
+        for tr in self.transactions.all():
+            tr.valid = True
+            tr._force_save = True
+            tr.created_at = timezone.now()
+            tr.save()
 
+    @transaction.atomic
     def save(self, *args, **kwargs):
+        # This is a pre-registered user that declared that a SoGé account was opened.
+        # No note exists yet.
+        if not NoteUser.objects.filter(user=self.user).exists():
+            return super().save(*args, **kwargs)
+
         if not self.credit_transaction:
-            self.credit_transaction = SpecialTransaction.objects.create(
+            credit_transaction = SpecialTransaction(
                 source=NoteSpecial.objects.get(special_type="Virement bancaire"),
                 destination=self.user.note,
                 quantity=1,
@@ -342,6 +357,10 @@ class SogeCredit(models.Model):
                 bank="Société générale",
                 valid=False,
             )
+            credit_transaction._force_save = True
+            credit_transaction.save()
+            credit_transaction.refresh_from_db()
+            self.credit_transaction = credit_transaction
         elif not self.valid:
             self.credit_transaction.amount = self.amount
             self.credit_transaction._force_save = True
@@ -361,14 +380,19 @@ class SogeCredit(models.Model):
                                     "Please ask her/him to credit the note before invalidating this credit."))
 
         self.invalidate()
-        for transaction in self.transactions.all():
-            transaction._force_save = True
-            transaction.valid = True
-            transaction.created_at = timezone.now()
-            transaction.save()
-        self.credit_transaction.valid = False
-        self.credit_transaction.reason += " (invalide)"
-        self.credit_transaction.save()
+        for tr in self.transactions.all():
+            tr._force_save = True
+            tr.valid = True
+            tr.created_at = timezone.now()
+            tr.save()
+        if self.credit_transaction:
+            # If the soge credit is deleted while the user is not validated yet,
+            # there is not credit transaction.
+            # There is a credit transaction iff the user declares that no bank account
+            # was opened after the validation of the account.
+            self.credit_transaction.valid = False
+            self.credit_transaction.reason += " (invalide)"
+            self.credit_transaction.save()
         super().delete(**kwargs)
 
     class Meta:

apps/treasury/signals.py

@@ -10,9 +10,8 @@ def save_special_transaction(instance, created, **kwargs):
     """
 
     if not hasattr(instance, "_no_signal"):
-        if instance.is_credit():
-            if created and RemittanceType.objects.filter(note=instance.source).exists():
-                SpecialTransactionProxy.objects.create(transaction=instance, remittance=None).save()
-        else:
-            if created and RemittanceType.objects.filter(note=instance.destination).exists():
-                SpecialTransactionProxy.objects.create(transaction=instance, remittance=None).save()
+        if created and RemittanceType.objects.filter(
+                note=instance.source if instance.is_credit() else instance.destination).exists():
+            proxy = SpecialTransactionProxy(transaction=instance, remittance=None)
+            proxy._force_save = True
+            proxy.save()

apps/treasury/tables.py

@@ -109,9 +109,6 @@ class SpecialTransactionTable(tables.Table):
                                               'a': {'class': 'btn btn-primary btn-danger'}
                                           }, )
 
-    def render_id(self, record):
-        return record.specialtransactionproxy.pk
-
     def render_amount(self, value):
         return pretty_money(value)
 
@@ -147,4 +144,4 @@ class SogeCreditTable(tables.Table):
 
     class Meta:
         model = SogeCredit
-        fields = ('user', 'amount', 'valid', )
+        fields = ('user', 'user__last_name', 'user__first_name', 'amount', 'valid', )

apps/treasury/templates/treasury/invoice_sample.tex

@@ -1,4 +1,5 @@
-{% load escape_tex %}
+{% load escape_tex i18n %}
+{% language fr %}
 \documentclass[a4paper,11pt]{article}
 
 \usepackage{fontspec}
@@ -176,3 +177,4 @@ TVA non applicable, article 293 B du CGI.
 \end{center}
 
 \end{document}
+{% endlanguage %}

apps/treasury/templates/treasury/sogecredit_detail.html

@@ -11,8 +11,14 @@ SPDX-License-Identifier: GPL-3.0-or-later
     </div>
     <div class="card-body">
         <dl class="row">
-            <dt class="col-xl-6 text-right">{% trans 'user'|capfirst %}</dt>
-            <dd class="col-xl-6"><a href="{% url 'member:user_detail' pk=object.user.pk %}">{{ object.user }}</a></dd>
+            <dt class="col-xl-6 text-right">{% trans 'last name'|capfirst %}</dt>
+            <dd class="col-xl-6">{{ object.user.last_name }}</dd>
+
+            <dt class="col-xl-6 text-right">{% trans 'first name'|capfirst %}</dt>
+            <dd class="col-xl-6">{{ object.user.first_name }}</dd>
+
+            <dt class="col-xl-6 text-right">{% trans 'username'|capfirst %}</dt>
+            <dd class="col-xl-6"><a href="{% url 'member:user_detail' pk=object.user.pk %}">{{ object.user.username }}</a></dd>
 
             {% if "note.view_note_balance"|has_perm:object.user.note %}
             <dt class="col-xl-6 text-right">{% trans 'balance'|capfirst %}</dt>

apps/treasury/templates/treasury/sogecredit_list.html

@@ -60,7 +60,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
             let pattern = searchbar_obj.val();
 
             $("#credits_table").load(location.pathname + "?search=" + pattern.replace(" ", "%20") + (
-                invalid_only_obj.is(':checked') ? "&valid=false" : "") + " #credits_table");
+                invalid_only_obj.is(':checked') ? "" : "&valid=1") + " #credits_table");
 
             $(".table-row").click(function () {
                 window.document.location = $(this).data("href");

apps/treasury/tests/test_treasury.py

@@ -1,6 +1,7 @@
 # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
 # SPDX-License-Identifier: GPL-3.0-or-later
 
+from api.tests import TestAPI
 from django.contrib.auth.models import User
 from django.core.exceptions import ValidationError
 from django.db.models import Q
@@ -8,7 +9,10 @@ from django.test import TestCase
 from django.urls import reverse
 from member.models import Membership, Club
 from note.models import SpecialTransaction, NoteSpecial, Transaction
-from treasury.models import Invoice, Product, Remittance, RemittanceType, SogeCredit
+
+from ..api.views import InvoiceViewSet, ProductViewSet, RemittanceViewSet, RemittanceTypeViewSet, \
+    SogeCreditViewSet
+from ..models import Invoice, Product, Remittance, RemittanceType, SogeCredit
 
 
 class TestInvoices(TestCase):
@@ -366,11 +370,8 @@ class TestSogeCredits(TestCase):
         response = self.client.get(reverse("treasury:manage_soge_credit", args=(soge_credit.pk,)))
         self.assertEqual(response.status_code, 200)
 
-        try:
-            self.client.post(reverse("treasury:manage_soge_credit", args=(soge_credit.pk,)), data=dict(delete=True))
-            raise AssertionError("It is not possible to delete the soge credit until the note is not credited.")
-        except ValidationError:
-            pass
+        self.assertRaises(ValidationError, self.client.post,
+                          reverse("treasury:manage_soge_credit", args=(soge_credit.pk,)), data=dict(delete=True))
 
         SpecialTransaction.objects.create(
             source=NoteSpecial.objects.get(special_type="Carte bancaire"),
@@ -399,3 +400,82 @@ class TestSogeCredits(TestCase):
         """
         response = self.client.get("/api/treasury/soge_credit/")
         self.assertEqual(response.status_code, 200)
+
+
+class TestTreasuryAPI(TestAPI):
+    def setUp(self) -> None:
+        super().setUp()
+
+        self.invoice = Invoice.objects.create(
+            id=1,
+            object="Object",
+            description="Description",
+            name="Me",
+            address="Earth",
+            acquitted=False,
+        )
+        self.product = Product.objects.create(
+            invoice=self.invoice,
+            designation="Product",
+            quantity=3,
+            amount=3.14,
+        )
+
+        self.credit = SpecialTransaction.objects.create(
+            source=NoteSpecial.objects.get(special_type="Chèque"),
+            destination=self.user.note,
+            amount=4200,
+            reason="Credit",
+            last_name="TOTO",
+            first_name="Toto",
+            bank="Société générale",
+        )
+
+        self.remittance = Remittance.objects.create(
+            remittance_type=RemittanceType.objects.get(),
+            comment="Test remittance",
+            closed=False,
+        )
+        self.credit.specialtransactionproxy.remittance = self.remittance
+        self.credit.specialtransactionproxy.save()
+
+        self.kfet = Club.objects.get(name="Kfet")
+        self.bde = self.kfet.parent_club
+
+        self.kfet_membership = Membership(
+            user=self.user,
+            club=self.kfet,
+        )
+        self.kfet_membership._force_renew_parent = True
+        self.kfet_membership._soge = True
+        self.kfet_membership.save()
+
+    def test_invoice_api(self):
+        """
+        Load Invoice API page and test all filters and permissions
+        """
+        self.check_viewset(InvoiceViewSet, "/api/treasury/invoice/")
+
+    def test_product_api(self):
+        """
+        Load Product API page and test all filters and permissions
+        """
+        self.check_viewset(ProductViewSet, "/api/treasury/product/")
+
+    def test_remittance_api(self):
+        """
+        Load Remittance API page and test all filters and permissions
+        """
+        self.check_viewset(RemittanceViewSet, "/api/treasury/remittance/")
+
+    def test_remittance_type_api(self):
+        """
+        Load RemittanceType API page and test all filters and permissions
+        """
+        self.check_viewset(RemittanceTypeViewSet, "/api/treasury/remittance_type/")
+
+    def test_sogecredit_api(self):
+        """
+        Load SogeCredit API page and test all filters and permissions
+        """
+        self.check_viewset(SogeCreditViewSet, "/api/treasury/soge_credit/")

apps/treasury/views.py

@@ -9,6 +9,7 @@ from tempfile import mkdtemp
 from crispy_forms.helper import FormHelper
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.core.exceptions import ValidationError, PermissionDenied
+from django.db import transaction
 from django.db.models import Q
 from django.forms import Form
 from django.http import HttpResponse
@@ -65,6 +66,7 @@ class InvoiceCreateView(ProtectQuerysetMixin, ProtectedCreateView):
         del form.fields["locked"]
         return form
 
+    @transaction.atomic
     def form_valid(self, form):
         ret = super().form_valid(form)
 
@@ -144,6 +146,7 @@ class InvoiceUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):
         del form.fields["id"]
         return form
 
+    @transaction.atomic
     def form_valid(self, form):
         ret = super().form_valid(form)
 
@@ -207,7 +210,7 @@ class InvoiceRenderView(LoginRequiredMixin, View):
             del tex
 
             # The file has to be rendered twice
-            for ignored in range(2):
+            for _ignored in range(2):
                 error = subprocess.Popen(
                     ["/usr/bin/xelatex", "-interaction=nonstopmode", "invoice-{}.tex".format(pk)],
                     cwd=tmp_dir,
@@ -428,7 +431,7 @@ class SogeCreditListView(LoginRequiredMixin, ProtectQuerysetMixin, SingleTableVi
         if "valid" not in self.request.GET or not self.request.GET["valid"]:
             qs = qs.filter(credit_transaction__valid=False)
 
-        return qs[:20]
+        return qs
 
 
 class SogeCreditManageView(LoginRequiredMixin, ProtectQuerysetMixin, BaseFormView, DetailView):
@@ -439,6 +442,7 @@ class SogeCreditManageView(LoginRequiredMixin, ProtectQuerysetMixin, BaseFormVie
     form_class = Form
     extra_context = {"title": _("Manage credits from the Société générale")}
 
+    @transaction.atomic
     def form_valid(self, form):
         if "validate" in form.data:
             self.get_object().validate(True)

apps/wei/api/views.py

@@ -1,7 +1,8 @@
 # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
 # SPDX-License-Identifier: GPL-3.0-or-later
+
 from django_filters.rest_framework import DjangoFilterBackend
-from rest_framework.filters import SearchFilter
+from rest_framework.filters import OrderingFilter, SearchFilter
 from api.viewsets import ReadProtectedModelViewSet
 
 from .serializers import WEIClubSerializer, BusSerializer, BusTeamSerializer, WEIRoleSerializer, \
@@ -15,11 +16,14 @@ class WEIClubViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `WEIClub` objects, serialize it to JSON with the given serializer,
     then render it on /api/wei/club/
     """
-    queryset = WEIClub.objects.all()
+    queryset = WEIClub.objects.order_by('id')
     serializer_class = WEIClubSerializer
-    filter_backends = [SearchFilter, DjangoFilterBackend]
-    search_fields = ['$name', ]
-    filterset_fields = ['name', 'year', ]
+    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filterset_fields = ['name', 'year', 'date_start', 'date_end', 'email', 'note__alias__name',
+                        'note__alias__normalized_name', 'parent_club', 'parent_club__name', 'require_memberships',
+                        'membership_fee_paid', 'membership_fee_unpaid', 'membership_duration', 'membership_start',
+                        'membership_end', ]
+    search_fields = ['$name', '$email', '$note__alias__name', '$note__alias__normalized_name', ]
 
 
 class BusViewSet(ReadProtectedModelViewSet):
@@ -28,11 +32,11 @@ class BusViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `Bus` objects, serialize it to JSON with the given serializer,
     then render it on /api/wei/bus/
     """
-    queryset = Bus.objects
+    queryset = Bus.objects.order_by('id')
     serializer_class = BusSerializer
-    filter_backends = [SearchFilter, DjangoFilterBackend]
-    search_fields = ['$name', ]
-    filterset_fields = ['name', 'wei', ]
+    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filterset_fields = ['name', 'wei', 'description', ]
+    search_fields = ['$name', '$wei__name', '$description', ]
 
 
 class BusTeamViewSet(ReadProtectedModelViewSet):
@@ -41,11 +45,11 @@ class BusTeamViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `BusTeam` objects, serialize it to JSON with the given serializer,
     then render it on /api/wei/team/
     """
-    queryset = BusTeam.objects
+    queryset = BusTeam.objects.order_by('id')
     serializer_class = BusTeamSerializer
-    filter_backends = [SearchFilter, DjangoFilterBackend]
-    search_fields = ['$name', ]
-    filterset_fields = ['name', 'bus', 'bus__wei', ]
+    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filterset_fields = ['name', 'bus', 'color', 'description', 'bus__wei', ]
+    search_fields = ['$name', '$bus__name', '$bus__wei__name', '$description', ]
 
 
 class WEIRoleViewSet(ReadProtectedModelViewSet):
@@ -54,9 +58,10 @@ class WEIRoleViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `WEIRole` objects, serialize it to JSON with the given serializer,
     then render it on /api/wei/role/
     """
-    queryset = WEIRole.objects
+    queryset = WEIRole.objects.order_by('id')
     serializer_class = WEIRoleSerializer
-    filter_backends = [SearchFilter]
+    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filterset_fields = ['name', 'permissions', 'memberships', ]
     search_fields = ['$name', ]
 
 
@@ -66,11 +71,17 @@ class WEIRegistrationViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all WEIRegistration objects, serialize it to JSON with the given serializer,
     then render it on /api/wei/registration/
     """
-    queryset = WEIRegistration.objects
+    queryset = WEIRegistration.objects.order_by('id')
     serializer_class = WEIRegistrationSerializer
-    filter_backends = [SearchFilter, DjangoFilterBackend]
-    search_fields = ['$user__username', ]
-    filterset_fields = ['user', 'wei', ]
+    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filterset_fields = ['user', 'user__username', 'user__first_name', 'user__last_name', 'user__email',
+                        'user__note__alias__name', 'user__note__alias__normalized_name', 'wei', 'wei__name',
+                        'wei__email', 'wei__year', 'soge_credit', 'caution_check', 'birth_date', 'gender',
+                        'clothing_cut', 'clothing_size', 'first_year', 'emergency_contact_name',
+                        'emergency_contact_phone', ]
+    search_fields = ['$user__username', '$user__first_name', '$user__last_name', '$user__email',
+                     '$user__note__alias__name', '$user__note__alias__normalized_name', '$wei__name',
+                     '$wei__email', '$health_issues', '$emergency_contact_name', '$emergency_contact_phone', ]
 
 
 class WEIMembershipViewSet(ReadProtectedModelViewSet):
@@ -79,8 +90,16 @@ class WEIMembershipViewSet(ReadProtectedModelViewSet):
     The djangorestframework plugin will get all `BusTeam` objects, serialize it to JSON with the given serializer,
     then render it on /api/wei/membership/
     """
-    queryset = WEIMembership.objects
+    queryset = WEIMembership.objects.order_by('id')
     serializer_class = WEIMembershipSerializer
-    filter_backends = [SearchFilter, DjangoFilterBackend]
-    search_fields = ['$user__username', '$bus__name', '$team__name', ]
-    filterset_fields = ['user', 'club', 'bus', 'team', ]
+    filter_backends = [DjangoFilterBackend, OrderingFilter, SearchFilter]
+    filterset_fields = ['club__name', 'club__email', 'club__note__alias__name',
+                        'club__note__alias__normalized_name', 'user__username', 'user__last_name',
+                        'user__first_name', 'user__email', 'user__note__alias__name',
+                        'user__note__alias__normalized_name', 'date_start', 'date_end', 'fee', 'roles', 'bus',
+                        'bus__name', 'team', 'team__name', 'registration', ]
+    ordering_fields = ['id', 'date_start', 'date_end', ]
+    search_fields = ['$club__name', '$club__email', '$club__note__alias__name',
+                     '$club__note__alias__normalized_name', '$user__username', '$user__last_name',
+                     '$user__first_name', '$user__email', '$user__note__alias__name',
+                     '$user__note__alias__normalized_name', '$roles__name', '$bus__name', '$team__name', ]

apps/wei/forms/surveys/wei2020.py

@@ -4,6 +4,7 @@
 from random import choice
 
 from django import forms
+from django.db import transaction
 from django.utils.translation import gettext_lazy as _
 
 from .base import WEISurvey, WEISurveyInformation, WEISurveyAlgorithm, WEIBusInformation
@@ -88,6 +89,7 @@ class WEISurvey2020(WEISurvey):
         """
         form.set_registration(self.registration)
 
+    @transaction.atomic
     def form_valid(self, form):
         word = form.cleaned_data["word"]
         self.information.step += 1

apps/wei/management/commands/extract_ml_registrations.py

@@ -1,59 +0,0 @@
-# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-from datetime import date
-
-from django.core.management import BaseCommand
-from django.db.models import Q
-from member.models import Membership, Club
-from wei.models import WEIClub
-
-
-class Command(BaseCommand):
-    help = "Get mailing list registrations from the last wei. " \
-           "Usage: manage.py extract_ml_registrations -t {events,art,sport}. " \
-           "You can write this into a file with a pipe, then paste the document into your mail manager."
-
-    def add_arguments(self, parser):
-        parser.add_argument('--type', '-t', choices=["members", "clubs", "events", "art", "sport"], default="members",
-                            help='Select the type of the mailing list (default members)')
-        parser.add_argument('--year', '-y', type=int, default=None,
-                            help='Select the year of the concerned WEI. Default: last year')
-
-    def handle(self, *args, **options):
-        ###########################################################
-        #                         WARNING                         #
-        ###########################################################
-        #
-        # This code is obsolete.
-        # TODO: Improve the mailing list extraction system, and link it automatically with Mailman.
-
-        if options["type"] == "members":
-            for membership in Membership.objects.filter(
-                club__name="BDE",
-                date_start__lte=date.today(),
-                date_end__gte=date.today(),
-            ).all():
-                self.stdout.write(membership.user.email)
-            return
-
-        if options["type"] == "clubs":
-            for club in Club.objects.all():
-                self.stdout.write(club.email)
-            return
-
-        if options["year"] is None:
-            wei = WEIClub.objects.order_by('-year').first()
-        else:
-            wei = WEIClub.objects.filter(year=options["year"])
-            if wei.exists():
-                wei = wei.get()
-            else:
-                wei = WEIClub.objects.order_by('-year').first()
-                self.stderr.write(self.style.WARNING("Warning: there was no WEI in year " + str(options["year"]) + ". "
-                                                     + "Assuming the last WEI (year " + str(wei.year) + ")"))
-        q = Q(ml_events_registration=True) if options["type"] == "events" else Q(ml_art_registration=True)\
-            if options["type"] == "art" else Q(ml_sport_registration=True)
-        registrations = wei.users.filter(q)
-        for registration in registrations.all():
-            self.stdout.write(registration.user.email)

apps/wei/migrations/0002_auto_20210313_1235.py

@@ -0,0 +1,23 @@
+# Generated by Django 2.2.19 on 2021-03-13 11:35
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('wei', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='weiclub',
+            name='year',
+            field=models.PositiveIntegerField(default=2021, unique=True, verbose_name='year'),
+        ),
+        migrations.AlterField(
+            model_name='weiregistration',
+            name='information_json',
+            field=models.TextField(default='{}', help_text='Information about the registration (buses for old members, survey for the new members), encoded in JSON', verbose_name='registration information'),
+        ),
+    ]

apps/wei/models.py

@@ -238,7 +238,7 @@ class WEIRegistration(models.Model):
     information_json = models.TextField(
         default="{}",
         verbose_name=_("registration information"),
-        help_text=_("Information about the registration (buses for old members, survey fot the new members), "
+        help_text=_("Information about the registration (buses for old members, survey for the new members), "
                     "encoded in JSON"),
     )
 

apps/wei/templates/wei/base.html

@@ -61,10 +61,10 @@ SPDX-License-Identifier: GPL-3.0-or-later
                     <dd class="col-xl-6">{{ club.note.balance | pretty_money }}</dd>
                     {% endif %}
 
-                    {% if "note.change_alias"|has_perm:club.note.alias_set.first %}
+                    {% if "note.change_alias"|has_perm:club.note.alias.first %}
                     <dt class="col-xl-4"><a
                             href="{% url 'member:club_alias' club.pk %}">{% trans 'aliases'|capfirst %}</a></dt>
-                    <dd class="col-xl-8 text-truncate">{{ club.note.alias_set.all|join:", " }}</dd>
+                    <dd class="col-xl-8 text-truncate">{{ club.note.alias.all|join:", " }}</dd>
                     {% endif %}
 
                     <dt class="col-xl-4">{% trans 'email'|capfirst %}</dt>

apps/wei/tests/test_wei_registration.py

@@ -4,16 +4,19 @@
 import subprocess
 from datetime import timedelta, date
 
+from api.tests import TestAPI
 from django.conf import settings
 from django.contrib.auth.models import User
 from django.db.models import Q
 from django.test import TestCase
 from django.urls import reverse
 from django.utils import timezone
-from member.models import Membership
+from member.models import Membership, Club
 from note.models import NoteClub, SpecialTransaction
 from treasury.models import SogeCredit
 
+from ..api.views import BusViewSet, BusTeamViewSet, WEIClubViewSet, WEIMembershipViewSet, WEIRegistrationViewSet, \
+    WEIRoleViewSet
 from ..forms import CurrentSurvey, WEISurveyAlgorithm, WEISurvey
 from ..models import WEIClub, Bus, BusTeam, WEIRole, WEIRegistration, WEIMembership
 
@@ -524,7 +527,7 @@ class TestWEIRegistration(TestCase):
         sess["permission_mask"] = 0
         sess.save()
         response = self.client.get(reverse("wei:wei_update_registration", kwargs=dict(pk=self.registration.pk)))
-        self.assertEqual(response.status_code, 200)
+        self.assertEqual(response.status_code, 403)
         sess["permission_mask"] = 42
         sess.save()
 
@@ -807,3 +810,97 @@ class TestWEISurveyAlgorithm(TestCase):
 
     def test_survey_algorithm(self):
         CurrentSurvey.get_algorithm_class()().run_algorithm()
+
+
+class TestWeiAPI(TestAPI):
+    def setUp(self) -> None:
+        super().setUp()
+
+        self.year = timezone.now().year
+        self.wei = WEIClub.objects.create(
+            name="Test WEI",
+            email="gc.wei@example.com",
+            parent_club_id=2,
+            membership_fee_paid=12500,
+            membership_fee_unpaid=5500,
+            membership_start=date(self.year, 1, 1),
+            membership_end=date(self.year, 12, 31),
+            membership_duration=396,
+            year=self.year,
+            date_start=date.today() + timedelta(days=2),
+            date_end=date(self.year, 12, 31),
+        )
+        NoteClub.objects.create(club=self.wei)
+        self.bus = Bus.objects.create(
+            name="Test Bus",
+            wei=self.wei,
+            description="Test Bus",
+        )
+        self.team = BusTeam.objects.create(
+            name="Test Team",
+            bus=self.bus,
+            color=0xFFFFFF,
+            description="Test Team",
+        )
+        self.registration = WEIRegistration.objects.create(
+            user_id=self.user.id,
+            wei_id=self.wei.id,
+            soge_credit=True,
+            caution_check=True,
+            birth_date=date(2000, 1, 1),
+            gender="nonbinary",
+            clothing_cut="male",
+            clothing_size="XL",
+            health_issues="I am a bot",
+            emergency_contact_name="Pikachu",
+            emergency_contact_phone="+33123456789",
+            first_year=False,
+        )
+        Membership.objects.create(user=self.user, club=Club.objects.get(name="BDE"))
+        Membership.objects.create(user=self.user, club=Club.objects.get(name="Kfet"))
+        self.membership = WEIMembership.objects.create(
+            user=self.user,
+            club=self.wei,
+            fee=125,
+            bus=self.bus,
+            team=self.team,
+            registration=self.registration,
+        )
+        self.membership.roles.add(WEIRole.objects.last())
+        self.membership.save()
+
+    def test_weiclub_api(self):
+        """
+        Load WEI API page and test all filters and permissions
+        """
+        self.check_viewset(WEIClubViewSet, "/api/wei/club/")
+
+    def test_wei_bus_api(self):
+        """
+        Load Bus API page and test all filters and permissions
+        """
+        self.check_viewset(BusViewSet, "/api/wei/bus/")
+
+    def test_wei_team_api(self):
+        """
+        Load BusTeam API page and test all filters and permissions
+        """
+        self.check_viewset(BusTeamViewSet, "/api/wei/team/")
+
+    def test_weirole_api(self):
+        """
+        Load WEIRole API page and test all filters and permissions
+        """
+        self.check_viewset(WEIRoleViewSet, "/api/wei/role/")
+
+    def test_weiregistration_api(self):
+        """
+        Load WEIRegistration API page and test all filters and permissions
+        """
+        self.check_viewset(WEIRegistrationViewSet, "/api/wei/registration/")
+
+    def test_weimembership_api(self):
+        """
+        Load WEIMembership API page and test all filters and permissions
+        """
+        self.check_viewset(WEIMembershipViewSet, "/api/wei/membership/")

apps/wei/views.py

@@ -10,6 +10,7 @@ from tempfile import mkdtemp
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.models import User
 from django.core.exceptions import PermissionDenied
+from django.db import transaction
 from django.db.models import Q, Count
 from django.db.models.functions.text import Lower
 from django.forms import HiddenInput
@@ -84,6 +85,7 @@ class WEICreateView(ProtectQuerysetMixin, ProtectedCreateView):
             date_end=date.today(),
         )
 
+    @transaction.atomic
     def form_valid(self, form):
         form.instance.requires_membership = True
         form.instance.parent_club = Club.objects.get(name="Kfet")
@@ -517,6 +519,7 @@ class WEIRegister1AView(ProtectQuerysetMixin, ProtectedCreateView):
         del form.fields["information_json"]
         return form
 
+    @transaction.atomic
     def form_valid(self, form):
         form.instance.wei = WEIClub.objects.get(pk=self.kwargs["wei_pk"])
         form.instance.first_year = True
@@ -597,6 +600,7 @@ class WEIRegister2AView(ProtectQuerysetMixin, ProtectedCreateView):
 
         return form
 
+    @transaction.atomic
     def form_valid(self, form):
         form.instance.wei = WEIClub.objects.get(pk=self.kwargs["wei_pk"])
         form.instance.first_year = False
@@ -688,6 +692,7 @@ class WEIUpdateRegistrationView(ProtectQuerysetMixin, LoginRequiredMixin, Update
             del form.fields["information_json"]
         return form
 
+    @transaction.atomic
     def form_valid(self, form):
         # If the membership is already validated, then we update the bus and the team (and the roles)
         if form.instance.is_validated:
@@ -866,6 +871,7 @@ class WEIValidateRegistrationView(ProtectQuerysetMixin, ProtectedCreateView):
                 ).all()
         return form
 
+    @transaction.atomic
     def form_valid(self, form):
         """
         Create membership, check that all is good, make transactions
@@ -1016,6 +1022,7 @@ class WEISurveyView(LoginRequiredMixin, BaseFormView, DetailView):
         context["club"] = self.object.wei
         return context
 
+    @transaction.atomic
     def form_valid(self, form):
         """
         Update the survey with the data of the form.

docs/Makefile

@@ -0,0 +1,20 @@
+# Minimal makefile for Sphinx documentation
+#
+
+# You can set these variables from the command line, and also
+# from the environment for the first two.
+SPHINXOPTS    ?=
+SPHINXBUILD   ?= sphinx-build
+SOURCEDIR     = .
+BUILDDIR      = _build
+
+# Put it first so that "make" without argument is like "make help".
+help:
+	@$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
+
+.PHONY: help Makefile
+
+# Catch-all target: route all unknown targets to Sphinx using the new
+# "make mode" option.  $(O) is meant as a shortcut for $(SPHINXOPTS).
+%: Makefile
+	@$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)

docs/_static/img/graphs/activity.svg

@@ -0,0 +1,344 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN"
+ "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<!-- Generated by graphviz version 2.44.1 (0)
+ -->
+<!-- Title: model_graph Pages: 1 -->
+<svg width="578pt" height="729pt"
+ viewBox="0.00 0.00 578.00 729.00" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
+<g id="graph0" class="graph" transform="scale(1 1) rotate(0) translate(4 725)">
+<title>model_graph</title>
+<polygon fill="white" stroke="transparent" points="-4,4 -4,-725 574,-725 574,4 -4,4"/>
+<!-- activity_models_ActivityType -->
+<g id="node1" class="node">
+<title>activity_models_ActivityType</title>
+<polygon fill="white" stroke="transparent" points="8,-4 8,-92 186,-92 186,-4 8,-4"/>
+<polygon fill="#1b563f" stroke="transparent" points="9,-70 9,-91 185,-91 185,-70 9,-70"/>
+<text text-anchor="start" x="51" y="-79" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="61" y="-79" font-family="Roboto" font-weight="bold" font-size="10.00" fill="white"> &#160;&#160;&#160;ActivityType &#160;&#160;&#160;</text>
+<text text-anchor="start" x="11" y="-62.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="21" y="-62.6" font-family="Roboto" font-weight="bold" font-size="8.00">id</text>
+<text text-anchor="start" x="29" y="-62.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="93" y="-62.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="103" y="-62.6" font-family="Roboto" font-weight="bold" font-size="8.00">AutoField</text>
+<text text-anchor="start" x="141" y="-62.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="11" y="-49.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="21" y="-49.6" font-family="Roboto" font-size="8.00">can_invite</text>
+<text text-anchor="start" x="57" y="-49.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="93" y="-49.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="103" y="-49.6" font-family="Roboto" font-size="8.00">BooleanField</text>
+<text text-anchor="start" x="149" y="-49.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="11" y="-36.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="21" y="-36.6" font-family="Roboto" font-size="8.00">guest_entry_fee</text>
+<text text-anchor="start" x="79" y="-36.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="93" y="-36.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="103" y="-36.6" font-family="Roboto" font-size="8.00">PositiveIntegerField</text>
+<text text-anchor="start" x="173" y="-36.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="11" y="-23.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="21" y="-23.6" font-family="Roboto" font-size="8.00">manage_entries</text>
+<text text-anchor="start" x="79" y="-23.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="93" y="-23.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="103" y="-23.6" font-family="Roboto" font-size="8.00">BooleanField</text>
+<text text-anchor="start" x="149" y="-23.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="11" y="-10.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="21" y="-10.6" font-family="Roboto" font-size="8.00">name</text>
+<text text-anchor="start" x="42" y="-10.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="93" y="-10.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="103" y="-10.6" font-family="Roboto" font-size="8.00">CharField</text>
+<text text-anchor="start" x="138" y="-10.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<polygon fill="none" stroke="black" points="8,-4 8,-92 186,-92 186,-4 8,-4"/>
+</g>
+<!-- activity_models_Activity -->
+<g id="node2" class="node">
+<title>activity_models_Activity</title>
+<polygon fill="white" stroke="transparent" points="197,-145 197,-324 369,-324 369,-145 197,-145"/>
+<polygon fill="#1b563f" stroke="transparent" points="198,-301.5 198,-322.5 368,-322.5 368,-301.5 198,-301.5"/>
+<text text-anchor="start" x="248" y="-310.5" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="258" y="-310.5" font-family="Roboto" font-weight="bold" font-size="10.00" fill="white"> &#160;&#160;&#160;Activity &#160;&#160;&#160;</text>
+<text text-anchor="start" x="200" y="-294.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="210" y="-294.1" font-family="Roboto" font-weight="bold" font-size="8.00">id</text>
+<text text-anchor="start" x="218" y="-294.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="285" y="-294.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="295" y="-294.1" font-family="Roboto" font-weight="bold" font-size="8.00">AutoField</text>
+<text text-anchor="start" x="333" y="-294.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="200" y="-281.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="210" y="-281.1" font-family="Roboto" font-weight="bold" font-size="8.00">activity_type</text>
+<text text-anchor="start" x="261" y="-281.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="285" y="-281.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="295" y="-281.1" font-family="Roboto" font-weight="bold" font-size="8.00">ForeignKey (id)</text>
+<text text-anchor="start" x="356" y="-281.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="200" y="-268.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="210" y="-268.1" font-family="Roboto" font-weight="bold" font-size="8.00">attendees_club</text>
+<text text-anchor="start" x="271" y="-268.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="285" y="-268.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="295" y="-268.1" font-family="Roboto" font-weight="bold" font-size="8.00">ForeignKey (id)</text>
+<text text-anchor="start" x="356" y="-268.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="200" y="-255.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="210" y="-255.1" font-family="Roboto" font-weight="bold" font-size="8.00">creater</text>
+<text text-anchor="start" x="238" y="-255.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="285" y="-255.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="295" y="-255.1" font-family="Roboto" font-weight="bold" font-size="8.00">ForeignKey (id)</text>
+<text text-anchor="start" x="356" y="-255.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="200" y="-242.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="210" y="-242.1" font-family="Roboto" font-weight="bold" font-size="8.00">organizer</text>
+<text text-anchor="start" x="247" y="-242.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="285" y="-242.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="295" y="-242.1" font-family="Roboto" font-weight="bold" font-size="8.00">ForeignKey (id)</text>
+<text text-anchor="start" x="356" y="-242.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="200" y="-229.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="210" y="-229.1" font-family="Roboto" font-size="8.00">date_end</text>
+<text text-anchor="start" x="244" y="-229.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="285" y="-229.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="295" y="-229.1" font-family="Roboto" font-size="8.00">DateTimeField</text>
+<text text-anchor="start" x="347" y="-229.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="200" y="-216.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="210" y="-216.1" font-family="Roboto" font-size="8.00">date_start</text>
+<text text-anchor="start" x="247" y="-216.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="285" y="-216.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="295" y="-216.1" font-family="Roboto" font-size="8.00">DateTimeField</text>
+<text text-anchor="start" x="347" y="-216.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="200" y="-203.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="210" y="-203.1" font-family="Roboto" font-size="8.00">description</text>
+<text text-anchor="start" x="249" y="-203.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="285" y="-203.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="295" y="-203.1" font-family="Roboto" font-size="8.00">TextField</text>
+<text text-anchor="start" x="327" y="-203.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="200" y="-190.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="210" y="-190.1" font-family="Roboto" font-size="8.00" fill="#7b7b7b">location</text>
+<text text-anchor="start" x="238" y="-190.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="285" y="-190.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="295" y="-190.1" font-family="Roboto" font-size="8.00" fill="#7b7b7b">CharField</text>
+<text text-anchor="start" x="330" y="-190.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="200" y="-177.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="210" y="-177.1" font-family="Roboto" font-size="8.00">name</text>
+<text text-anchor="start" x="231" y="-177.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="285" y="-177.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="295" y="-177.1" font-family="Roboto" font-size="8.00">CharField</text>
+<text text-anchor="start" x="330" y="-177.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="200" y="-164.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="210" y="-164.1" font-family="Roboto" font-size="8.00">open</text>
+<text text-anchor="start" x="229" y="-164.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="285" y="-164.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="295" y="-164.1" font-family="Roboto" font-size="8.00">BooleanField</text>
+<text text-anchor="start" x="341" y="-164.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="200" y="-151.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="210" y="-151.1" font-family="Roboto" font-size="8.00">valid</text>
+<text text-anchor="start" x="226" y="-151.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="285" y="-151.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="295" y="-151.1" font-family="Roboto" font-size="8.00">BooleanField</text>
+<text text-anchor="start" x="341" y="-151.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<polygon fill="none" stroke="black" points="197,-145 197,-324 369,-324 369,-145 197,-145"/>
+</g>
+<!-- activity_models_Activity&#45;&gt;activity_models_ActivityType -->
+<g id="edge1" class="edge">
+<title>activity_models_Activity&#45;&gt;activity_models_ActivityType</title>
+<path fill="none" stroke="black" d="M183.88,-135.18C170.27,-121.68 156.83,-108.35 144.74,-96.35"/>
+<ellipse fill="black" stroke="black" cx="186.89" cy="-138.16" rx="4" ry="4"/>
+<text text-anchor="middle" x="197" y="-116.6" font-family="Roboto" font-size="8.00"> activity_type (+)</text>
+</g>
+<!-- django_contrib_auth_models_User -->
+<g id="node6" class="node">
+<title>django_contrib_auth_models_User</title>
+<polygon fill="white" stroke="transparent" points="220,-37.5 220,-58.5 264,-58.5 264,-37.5 220,-37.5"/>
+<polygon fill="#1b563f" stroke="transparent" points="220,-37 220,-58 264,-58 264,-37 220,-37"/>
+<text text-anchor="start" x="224" y="-45.4" font-family="Roboto" font-size="8.00"> &#160;</text>
+<text text-anchor="start" x="229" y="-45.4" font-family="Roboto" font-size="12.00" fill="white">User</text>
+<text text-anchor="start" x="255" y="-45.4" font-family="Roboto" font-size="8.00"> &#160;</text>
+</g>
+<!-- activity_models_Activity&#45;&gt;django_contrib_auth_models_User -->
+<g id="edge2" class="edge">
+<title>activity_models_Activity&#45;&gt;django_contrib_auth_models_User</title>
+<path fill="none" stroke="black" d="M245.08,-133.07C244.3,-129.69 243.61,-126.33 243,-123 239.5,-103.79 239.8,-81.3 240.63,-66.2"/>
+<ellipse fill="black" stroke="black" cx="246.06" cy="-137.08" rx="4" ry="4"/>
+<text text-anchor="middle" x="272.5" y="-116.6" font-family="Roboto" font-size="8.00"> creater (activity)</text>
+</g>
+<!-- member_models_Club -->
+<g id="node7" class="node">
+<title>member_models_Club</title>
+<polygon fill="white" stroke="transparent" points="338,-37.5 338,-58.5 382,-58.5 382,-37.5 338,-37.5"/>
+<polygon fill="#1b563f" stroke="transparent" points="338,-37 338,-58 382,-58 382,-37 338,-37"/>
+<text text-anchor="start" x="342" y="-45.4" font-family="Roboto" font-size="8.00"> &#160;</text>
+<text text-anchor="start" x="347" y="-45.4" font-family="Roboto" font-size="12.00" fill="white">Club</text>
+<text text-anchor="start" x="373" y="-45.4" font-family="Roboto" font-size="8.00"> &#160;</text>
+</g>
+<!-- activity_models_Activity&#45;&gt;member_models_Club -->
+<g id="edge3" class="edge">
+<title>activity_models_Activity&#45;&gt;member_models_Club</title>
+<path fill="none" stroke="black" d="M316.94,-133.22C319.56,-126.67 322.25,-120.22 325,-114 332.41,-97.23 342.46,-78.92 349.89,-66.01"/>
+<ellipse fill="black" stroke="black" cx="315.37" cy="-137.22" rx="4" ry="4"/>
+<text text-anchor="middle" x="349.5" y="-116.6" font-family="Roboto" font-size="8.00"> organizer (+)</text>
+</g>
+<!-- activity_models_Activity&#45;&gt;member_models_Club -->
+<g id="edge4" class="edge">
+<title>activity_models_Activity&#45;&gt;member_models_Club</title>
+<path fill="none" stroke="black" d="M369.62,-133.72C371.23,-130.19 372.7,-126.61 374,-123 380.76,-104.17 374.44,-81.42 368.26,-66.15"/>
+<ellipse fill="black" stroke="black" cx="367.85" cy="-137.32" rx="4" ry="4"/>
+<text text-anchor="middle" x="412" y="-116.6" font-family="Roboto" font-size="8.00"> attendees_club (+)</text>
+</g>
+<!-- activity_models_Entry -->
+<g id="node3" class="node">
+<title>activity_models_Entry</title>
+<polygon fill="white" stroke="transparent" points="284,-518 284,-606 448,-606 448,-518 284,-518"/>
+<polygon fill="#1b563f" stroke="transparent" points="285,-584 285,-605 447,-605 447,-584 285,-584"/>
+<text text-anchor="start" x="336.5" y="-593" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="346.5" y="-593" font-family="Roboto" font-weight="bold" font-size="10.00" fill="white"> &#160;&#160;&#160;Entry &#160;&#160;&#160;</text>
+<text text-anchor="start" x="287" y="-576.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="297" y="-576.6" font-family="Roboto" font-weight="bold" font-size="8.00">id</text>
+<text text-anchor="start" x="305" y="-576.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="340" y="-576.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="350" y="-576.6" font-family="Roboto" font-weight="bold" font-size="8.00">AutoField</text>
+<text text-anchor="start" x="388" y="-576.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="287" y="-563.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="297" y="-563.6" font-family="Roboto" font-weight="bold" font-size="8.00">activity</text>
+<text text-anchor="start" x="326" y="-563.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="340" y="-563.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="350" y="-563.6" font-family="Roboto" font-weight="bold" font-size="8.00">ForeignKey (id)</text>
+<text text-anchor="start" x="411" y="-563.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="287" y="-550.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="297" y="-550.6" font-family="Roboto" font-weight="bold" font-size="8.00">guest</text>
+<text text-anchor="start" x="320" y="-550.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="340" y="-550.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="350" y="-550.6" font-family="Roboto" font-weight="bold" font-size="8.00">OneToOneField (id)</text>
+<text text-anchor="start" x="426" y="-550.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="287" y="-537.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="297" y="-537.6" font-family="Roboto" font-weight="bold" font-size="8.00">note</text>
+<text text-anchor="start" x="315" y="-537.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="340" y="-537.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="350" y="-537.6" font-family="Roboto" font-weight="bold" font-size="8.00">ForeignKey (note_ptr)</text>
+<text text-anchor="start" x="435" y="-537.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="287" y="-524.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="297" y="-524.6" font-family="Roboto" font-size="8.00">time</text>
+<text text-anchor="start" x="313" y="-524.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="340" y="-524.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="350" y="-524.6" font-family="Roboto" font-size="8.00">DateTimeField</text>
+<text text-anchor="start" x="402" y="-524.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<polygon fill="none" stroke="black" points="284,-518 284,-606 448,-606 448,-518 284,-518"/>
+</g>
+<!-- activity_models_Entry&#45;&gt;activity_models_Activity -->
+<g id="edge5" class="edge">
+<title>activity_models_Entry&#45;&gt;activity_models_Activity</title>
+<path fill="none" stroke="black" d="M268.49,-526.87C243.03,-513.01 218.65,-494.17 204,-469 178.65,-425.45 193.33,-372.56 216.59,-328.14"/>
+<ellipse fill="black" stroke="black" cx="272.15" cy="-528.79" rx="4" ry="4"/>
+<text text-anchor="middle" x="233" y="-419.1" font-family="Roboto" font-size="8.00"> activity (entries)</text>
+</g>
+<!-- activity_models_Guest -->
+<g id="node4" class="node">
+<title>activity_models_Guest</title>
+<polygon fill="white" stroke="transparent" points="279.5,-377 279.5,-465 452.5,-465 452.5,-377 279.5,-377"/>
+<polygon fill="#1b563f" stroke="transparent" points="281,-443 281,-464 452,-464 452,-443 281,-443"/>
+<text text-anchor="start" x="335.5" y="-452" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="345.5" y="-452" font-family="Roboto" font-weight="bold" font-size="10.00" fill="white"> &#160;&#160;&#160;Guest &#160;&#160;&#160;</text>
+<text text-anchor="start" x="283" y="-435.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="293" y="-435.6" font-family="Roboto" font-weight="bold" font-size="8.00">id</text>
+<text text-anchor="start" x="301" y="-435.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="345" y="-435.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="355" y="-435.6" font-family="Roboto" font-weight="bold" font-size="8.00">AutoField</text>
+<text text-anchor="start" x="393" y="-435.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="283" y="-422.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="293" y="-422.6" font-family="Roboto" font-weight="bold" font-size="8.00">activity</text>
+<text text-anchor="start" x="322" y="-422.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="345" y="-422.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="355" y="-422.6" font-family="Roboto" font-weight="bold" font-size="8.00">ForeignKey (id)</text>
+<text text-anchor="start" x="416" y="-422.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="283" y="-409.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="293" y="-409.6" font-family="Roboto" font-weight="bold" font-size="8.00">inviter</text>
+<text text-anchor="start" x="318" y="-409.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="345" y="-409.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="355" y="-409.6" font-family="Roboto" font-weight="bold" font-size="8.00">ForeignKey (note_ptr)</text>
+<text text-anchor="start" x="440" y="-409.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="283" y="-396.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="293" y="-396.6" font-family="Roboto" font-size="8.00">first_name</text>
+<text text-anchor="start" x="331" y="-396.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="345" y="-396.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="355" y="-396.6" font-family="Roboto" font-size="8.00">CharField</text>
+<text text-anchor="start" x="390" y="-396.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="283" y="-383.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="293" y="-383.6" font-family="Roboto" font-size="8.00">last_name</text>
+<text text-anchor="start" x="330" y="-383.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="345" y="-383.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="355" y="-383.6" font-family="Roboto" font-size="8.00">CharField</text>
+<text text-anchor="start" x="390" y="-383.6" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<polygon fill="none" stroke="black" points="279.5,-377 279.5,-465 452.5,-465 452.5,-377 279.5,-377"/>
+</g>
+<!-- activity_models_Entry&#45;&gt;activity_models_Guest -->
+<g id="edge7" class="edge">
+<title>activity_models_Entry&#45;&gt;activity_models_Guest</title>
+<path fill="none" stroke="black" d="M366,-513.94C366,-499.45 366,-483.5 366,-469.01"/>
+<text text-anchor="middle" x="390.5" y="-489.6" font-family="Roboto" font-size="8.00"> guest (entry)</text>
+</g>
+<!-- note_models_notes_NoteUser -->
+<g id="node8" class="node">
+<title>note_models_notes_NoteUser</title>
+<polygon fill="white" stroke="transparent" points="411,-224 411,-245 481,-245 481,-224 411,-224"/>
+<polygon fill="#1b563f" stroke="transparent" points="411,-223.5 411,-244.5 481,-244.5 481,-223.5 411,-223.5"/>
+<text text-anchor="start" x="415" y="-231.9" font-family="Roboto" font-size="8.00"> &#160;</text>
+<text text-anchor="start" x="420" y="-231.9" font-family="Roboto" font-size="12.00" fill="white">NoteUser</text>
+<text text-anchor="start" x="472" y="-231.9" font-family="Roboto" font-size="8.00"> &#160;</text>
+</g>
+<!-- activity_models_Entry&#45;&gt;note_models_notes_NoteUser -->
+<g id="edge6" class="edge">
+<title>activity_models_Entry&#45;&gt;note_models_notes_NoteUser</title>
+<path fill="none" stroke="black" d="M442.25,-507.94C453.52,-496.48 463.51,-483.41 470,-469 503.73,-394.13 469.49,-292.46 453.39,-252.56"/>
+<ellipse fill="black" stroke="black" cx="439.12" cy="-510.99" rx="4" ry="4"/>
+<text text-anchor="middle" x="506.5" y="-419.1" font-family="Roboto" font-size="8.00"> note (entry)</text>
+</g>
+<!-- activity_models_Guest&#45;&gt;activity_models_Activity -->
+<g id="edge8" class="edge">
+<title>activity_models_Guest&#45;&gt;activity_models_Activity</title>
+<path fill="none" stroke="black" d="M341.43,-365.38C336.13,-353.6 330.39,-340.84 324.64,-328.06"/>
+<ellipse fill="black" stroke="black" cx="343.2" cy="-369.32" rx="4" ry="4"/>
+<text text-anchor="middle" x="354.5" y="-348.6" font-family="Roboto" font-size="8.00"> activity (+)</text>
+</g>
+<!-- activity_models_Guest&#45;&gt;note_models_notes_NoteUser -->
+<g id="edge9" class="edge">
+<title>activity_models_Guest&#45;&gt;note_models_notes_NoteUser</title>
+<path fill="none" stroke="black" d="M389.66,-365.44C406.3,-327.05 427.51,-278.15 438.55,-252.68"/>
+<ellipse fill="black" stroke="black" cx="387.99" cy="-369.3" rx="4" ry="4"/>
+<text text-anchor="middle" x="424.5" y="-348.6" font-family="Roboto" font-size="8.00"> inviter (guests)</text>
+</g>
+<!-- activity_models_GuestTransaction -->
+<g id="node5" class="node">
+<title>activity_models_GuestTransaction</title>
+<polygon fill="white" stroke="transparent" points="350.5,-668 350.5,-717 537.5,-717 537.5,-668 350.5,-668"/>
+<polygon fill="#1b563f" stroke="transparent" points="352,-694.5 352,-715.5 537,-715.5 537,-694.5 352,-694.5"/>
+<text text-anchor="start" x="386.5" y="-703.5" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="396.5" y="-703.5" font-family="Roboto" font-weight="bold" font-size="10.00" fill="white"> &#160;&#160;&#160;GuestTransaction &#160;&#160;&#160;</text>
+<text text-anchor="start" x="354" y="-687.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="364" y="-687.1" font-family="Roboto" font-weight="bold" font-size="8.00">transaction_ptr</text>
+<text text-anchor="start" x="425" y="-687.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="439" y="-687.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="449" y="-687.1" font-family="Roboto" font-weight="bold" font-size="8.00">OneToOneField (id)</text>
+<text text-anchor="start" x="525" y="-687.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="354" y="-674.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="364" y="-674.1" font-family="Roboto" font-weight="bold" font-size="8.00">entry</text>
+<text text-anchor="start" x="385" y="-674.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="439" y="-674.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<text text-anchor="start" x="449" y="-674.1" font-family="Roboto" font-weight="bold" font-size="8.00">OneToOneField (id)</text>
+<text text-anchor="start" x="525" y="-674.1" font-family="Roboto" font-size="8.00"> &#160;&#160;&#160;</text>
+<polygon fill="none" stroke="black" points="350.5,-668 350.5,-717 537.5,-717 537.5,-668 350.5,-668"/>
+</g>
+<!-- activity_models_GuestTransaction&#45;&gt;activity_models_Entry -->
+<g id="edge10" class="edge">
+<title>activity_models_GuestTransaction&#45;&gt;activity_models_Entry</title>
+<path fill="none" stroke="black" d="M423.89,-663.91C419.84,-658.07 415.69,-651.89 412,-646 404.83,-634.55 397.53,-621.92 390.93,-610.04"/>
+<text text-anchor="middle" x="456" y="-635.1" font-family="Roboto" font-size="8.00"> entry (guesttransaction)</text>
+</g>
+<!-- note_models_transactions_Transaction -->
+<g id="node9" class="node">
+<title>note_models_transactions_Transaction</title>
+<polygon fill="white" stroke="transparent" points="482,-551.5 482,-572.5 562,-572.5 562,-551.5 482,-551.5"/>
+<polygon fill="#1b563f" stroke="transparent" points="482,-551 482,-572 562,-572 562,-551 482,-551"/>
+<text text-anchor="start" x="486" y="-559.4" font-family="Roboto" font-size="8.00"> &#160;</text>
+<text text-anchor="start" x="491" y="-559.4" font-family="Roboto" font-size="12.00" fill="white">Transaction</text>
+<text text-anchor="start" x="553" y="-559.4" font-family="Roboto" font-size="8.00"> &#160;</text>
+</g>
+<!-- activity_models_GuestTransaction&#45;&gt;note_models_transactions_Transaction -->
+<g id="edge11" class="edge">
+<title>activity_models_GuestTransaction&#45;&gt;note_models_transactions_Transaction</title>
+<path fill="none" stroke="black" d="M484.47,-663.95C490.33,-658.55 495.78,-652.52 500,-646 510.86,-629.2 516.38,-607.22 519.17,-590.09"/>
+<polygon fill="none" stroke="black" points="522.64,-590.54 520.58,-580.15 515.71,-589.56 522.64,-590.54"/>
+<text text-anchor="middle" x="528" y="-639.6" font-family="Roboto" font-size="8.00"> multi&#45;table</text>
+<text text-anchor="middle" x="528" y="-630.6" font-family="Roboto" font-size="8.00">inheritance</text>
+</g>
+</g>
+</svg>