Merge branch 'beta' into JS_translations

# Conflicts:
#	apps/note/static/note/js/consos.js
#	locale/de/LC_MESSAGES/django.po
#	locale/es/LC_MESSAGES/django.po
#	locale/fr/LC_MESSAGES/django.po

.gitlab-ci.yml

@@ -16,8 +16,8 @@ py37-django22:
         apt-get install --no-install-recommends -t buster-backports -y
         python3-django python3-django-crispy-forms
         python3-django-extensions python3-django-filters python3-django-polymorphic
-        python3-djangorestframework python3-django-cas-server python3-psycopg2 python3-pil
-        python3-babel python3-lockfile python3-pip python3-phonenumbers
+        python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil
+        python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache
         python3-bs4 python3-setuptools tox texlive-xetex
   script: tox -e py37-django22
 
@@ -33,8 +33,8 @@ py38-django22:
         apt-get install --no-install-recommends -y
         python3-django python3-django-crispy-forms
         python3-django-extensions python3-django-filters python3-django-polymorphic
-        python3-djangorestframework python3-django-cas-server python3-psycopg2 python3-pil
-        python3-babel python3-lockfile python3-pip python3-phonenumbers
+        python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil
+        python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache
         python3-bs4 python3-setuptools tox texlive-xetex
   script: tox -e py38-django22
 

Dockerfile

@@ -8,8 +8,8 @@ RUN apt-get update && \
     apt-get install --no-install-recommends -t buster-backports -y \
     python3-django python3-django-crispy-forms \
     python3-django-extensions python3-django-filters python3-django-polymorphic \
-    python3-djangorestframework python3-django-cas-server python3-psycopg2 python3-pil \
-    python3-babel python3-lockfile python3-pip python3-phonenumbers ipython3 \
+    python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil \
+    python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache ipython3 \
     python3-bs4 python3-setuptools \
     uwsgi uwsgi-plugin-python3 \
     texlive-xetex gettext libjs-bootstrap4 fonts-font-awesome && \

README.md

@@ -93,10 +93,10 @@ Sinon vous pouvez suivre les étapes décrites ci-dessous.
     $ sudo apt install --no-install-recommends -t buster-backports -y \
         python3-django python3-django-crispy-forms \
         python3-django-extensions python3-django-filters python3-django-polymorphic \
-        python3-djangorestframework python3-django-cas-server python3-psycopg2 python3-pil \
-        python3-babel python3-lockfile python3-pip python3-phonenumbers ipython3 \
-        python3-bs4 python3-setuptools \
-        uwsgi uwsgi-plugin-python3 \
+        python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil \
+        python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache ipython3 \
+        python3-bs4 python3-setuptools python3-docutils \
+        memcached uwsgi uwsgi-plugin-python3 \
         texlive-xetex gettext libjs-bootstrap4 fonts-font-awesome \
         nginx python3-venv git acl
     ```
@@ -267,14 +267,18 @@ La documentation plus haut niveau sur le développement est disponible sur [le W
 
 ### Regénérer les fichiers de traduction
 
-Pour regénérer les traductions vous pouvez vous placer à la racine du projet et lancer le script `makemessages`. Il faut penser à ignorer les dossiers ne contenant pas notre code, dont le virtualenv.
+Pour regénérer les traductions vous pouvez vous placer à la racine du projet et lancer le script `makemessages`.
+Il faut penser à ignorer les dossiers ne contenant pas notre code, dont le virtualenv.
+De plus, il faut aussi extraire les variables des fichiers JavaScript.
 
 ```bash
-django-admin makemessages -i env
+python3 manage.py makemessages -i env
+python3 manage.py makemessages -i env -e js -d djangojs
 ```
 
 Une fois les fichiers édités, vous pouvez compiler les nouvelles traductions avec
 
 ```bash
-django-admin compilemessages
+python3 manage.py compilemessages
+python3 manage.py compilejsmessages
 ```

ansible/roles/1-apt-basic/tasks/main.yml

@@ -23,13 +23,14 @@
       - python3-babel
       - python3-bs4
       - python3-django
-      - python3-django-cas-server
       - python3-django-crispy-forms
       - python3-django-extensions
       - python3-django-filters
+      - python3-django-oauth-toolkit
       - python3-django-polymorphic
       - python3-djangorestframework
       - python3-lockfile
+      - python3-memcache
       - python3-phonenumbers
       - python3-pil
       - python3-pip
@@ -40,6 +41,9 @@
       # LaTeX (PDF generation)
       - texlive-xetex
 
+      # Cache server
+      - memcached
+
       # WSGI server
       - uwsgi
       - uwsgi-plugin-python3

ansible/roles/7-postinstall/tasks/main.yml

@@ -1,4 +1,10 @@
 ---
+- name: Collect static files
+  command: /var/www/note_kfet/env/bin/python manage.py collectstatic --noinput
+  args:
+    chdir: /var/www/note_kfet
+  become_user: www-data
+
 - name: Migrate Django database
   command: /var/www/note_kfet/env/bin/python manage.py migrate
   args:
@@ -11,14 +17,14 @@
     chdir: /var/www/note_kfet
   become_user: www-data
 
+- name: Compile JavaScript messages
+  command: /var/www/note_kfet/env/bin/python manage.py compilejsmessages
+  args:
+    chdir: /var/www/note_kfet
+  become_user: www-data
+
 - name: Install initial fixtures
   command: /var/www/note_kfet/env/bin/python manage.py loaddata initial
   args:
     chdir: /var/www/note_kfet
   become_user: postgres
-
-- name: Collect static files
-  command: /var/www/note_kfet/env/bin/python manage.py collectstatic --noinput
-  args:
-    chdir: /var/www/note_kfet
-  become_user: www-data

apps/activity/templates/activity/activity_detail.html

@@ -30,7 +30,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
          headers: {"X-CSRFTOKEN": CSRF_TOKEN}
      })
       .done(function() {
-          addMsg('Invité supprimé','success');
+          addMsg('{% trans "Guest deleted" %}', 'success');
           $("#guests_table").load(location.pathname + " #guests_table");
       })
       .fail(function(xhr, textStatus, error) {

apps/activity/templates/activity/activity_entry.html

@@ -86,10 +86,10 @@ SPDX-License-Identifier: GPL-3.0-or-later
                 }).done(function () {
                     if (target.hasClass("table-info"))
                         addMsg(
-                            "Entrée effectuée, mais attention : la personne n'est plus adhérente Kfet.",
+                            "{% trans "Entry done, but caution: the user is not a Kfet member." %}",
                             "warning", 10000);
                     else
-                        addMsg("Entrée effectuée !", "success", 4000);
+                        addMsg("Entry made!", "success", 4000);
                     reloadTable(true);
                 }).fail(function (xhr) {
                     errMsg(xhr.responseJSON, 4000);
@@ -121,10 +121,10 @@ SPDX-License-Identifier: GPL-3.0-or-later
                     }).done(function () {
                         if (target.hasClass("table-info"))
                             addMsg(
-                                "Entrée effectuée, mais attention : la personne n'est plus adhérente Kfet.",
+                                "{% trans "Entry done, but caution: the user is not a Kfet member." %}",
                                 "warning", 10000);
                         else
-                            addMsg("Entrée effectuée !", "success", 4000);
+                            addMsg("{% trans "Entry done!" %}", "success", 4000);
                         reloadTable(true);
                     }).fail(function (xhr) {
                         errMsg(xhr.responseJSON, 4000);

apps/activity/views.py

@@ -12,8 +12,10 @@ from django.db.models import F, Q
 from django.http import HttpResponse
 from django.urls import reverse_lazy
 from django.utils import timezone
+from django.utils.decorators import method_decorator
 from django.utils.translation import gettext_lazy as _
 from django.views import View
+from django.views.decorators.cache import cache_page
 from django.views.generic import DetailView, TemplateView, UpdateView
 from django_tables2.views import SingleTableView
 from note.models import Alias, NoteSpecial, NoteUser
@@ -288,6 +290,8 @@ class ActivityEntryView(LoginRequiredMixin, TemplateView):
         return context
 
 
+# Cache for 1 hour
+@method_decorator(cache_page(60 * 60), name='dispatch')
 class CalendarView(View):
     """
     Render an ICS calendar with all valid activities.

apps/member/forms.py

@@ -150,6 +150,7 @@ class ClubForm(forms.ModelForm):
             "membership_fee_unpaid": AmountInput(),
             "parent_club": Autocomplete(
                 Club,
+                resetable=True,
                 attrs={
                     'api_url': '/api/members/club/',
                 }

apps/member/migrations/0003_create_bde_and_kfet.py

@@ -7,6 +7,7 @@ def create_bde_and_kfet(apps, schema_editor):
     """
     Club = apps.get_model("member", "club")
     NoteClub = apps.get_model("note", "noteclub")
+    Alias = apps.get_model("note", "alias")
     ContentType = apps.get_model('contenttypes', 'ContentType')
     polymorphic_ctype_id = ContentType.objects.get_for_model(NoteClub).id
 
@@ -45,6 +46,19 @@ def create_bde_and_kfet(apps, schema_editor):
         polymorphic_ctype_id=polymorphic_ctype_id,
     )
 
+    Alias.objects.get_or_create(
+        id=5,
+        note_id=5,
+        name="BDE",
+        normalized_name="bde",
+    )
+    Alias.objects.get_or_create(
+        id=6,
+        note_id=6,
+        name="Kfet",
+        normalized_name="kfet",
+    )
+
 
 class Migration(migrations.Migration):
     dependencies = [

apps/member/migrations/0006_create_note_account_bde_membership.py

@@ -0,0 +1,50 @@
+import sys
+
+from django.db import migrations
+
+
+def give_note_account_permissions(apps, schema_editor):
+    """
+    Automatically manage the membership of the Note account.
+    """
+    User = apps.get_model("auth", "user")
+    Membership = apps.get_model("member", "membership")
+    Role = apps.get_model("permission", "role")
+
+    note = User.objects.filter(username="note")
+    if not note.exists():
+        # We are in a test environment, don't log error message
+        if len(sys.argv) > 1 and sys.argv[1] == 'test':
+            return
+        print("Warning: Note account was not found. The note account was not imported.")
+        print("Make sure you have imported the NK15 database. The new import script handles correctly the permissions.")
+        print("This migration will be ignored, you can re-run it if you forgot the note account or ignore it if you "
+              "don't want this account.")
+        return
+
+    note = note.get()
+
+    # Set for the two clubs a large expiration date and the correct role.
+    for m in Membership.objects.filter(user_id=note.id).all():
+        m.date_end = "3142-12-12"
+        m.roles.set(Role.objects.filter(name="PC Kfet").all())
+        m.save()
+    # By default, the note account is only authorized to be logged from localhost.
+    note.password = "ipbased$127.0.0.1"
+    note.is_active = True
+    note.save()
+    # Ensure that the note of the account is disabled
+    note.note.inactivity_reason = 'forced'
+    note.note.is_active = False
+    note.save()
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ('member', '0005_remove_null_tag_on_charfields'),
+        ('permission', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.RunPython(give_note_account_permissions),
+    ]

apps/member/static/member/js/alias.js

@@ -14,7 +14,7 @@ function create_alias (e) {
   }).done(function () {
     // Reload table
     $('#alias_table').load(location.pathname + ' #alias_table')
-    addMsg('Alias ajouté', 'success')
+    addMsg(gettext('Alias successfully added'), 'success')
   }).fail(function (xhr, _textStatus, _error) {
     errMsg(xhr.responseJSON)
   })
@@ -22,7 +22,7 @@ function create_alias (e) {
 
 /**
  * On click of "delete", delete the alias
- * @param Integer button_id Alias id to remove
+ * @param button_id:Integer Alias id to remove
  */
 function delete_button (button_id) {
   $.ajax({
@@ -30,7 +30,7 @@ function delete_button (button_id) {
     method: 'DELETE',
     headers: { 'X-CSRFTOKEN': CSRF_TOKEN }
   }).done(function () {
-    addMsg('Alias supprimé', 'success')
+    addMsg(gettext('Alias successfully deleted'), 'success')
     $('#alias_table').load(location.pathname + ' #alias_table')
   }).fail(function (xhr, _textStatus, _error) {
     errMsg(xhr.responseJSON)

apps/member/tables.py

@@ -43,8 +43,24 @@ class UserTable(tables.Table):
 
     section = tables.Column(accessor='profile__section')
 
+    # Override the column to let replace the URL
+    email = tables.EmailColumn(linkify=lambda record: "mailto:{}".format(record.email))
+
     balance = tables.Column(accessor='note__balance', verbose_name=_("Balance"))
 
+    def render_email(self, record, value):
+        # Replace the email by a dash if the user can't see the profile detail
+        # Replace also the URL
+        if not PermissionBackend.check_perm(get_current_authenticated_user(), "member.view_profile", record.profile):
+            value = "—"
+            record.email = value
+        return value
+
+    def render_section(self, record, value):
+        return value \
+            if PermissionBackend.check_perm(get_current_authenticated_user(), "member.view_profile", record.profile) \
+            else "—"
+
     def render_balance(self, record, value):
         return pretty_money(value)\
             if PermissionBackend.check_perm(get_current_authenticated_user(), "note.view_note", record.note) else "—"
@@ -112,7 +128,7 @@ class MembershipTable(tables.Table):
                     fee=0,
                 )
                 if PermissionBackend.check_perm(get_current_authenticated_user(),
-                                                "member:add_membership", empty_membership):  # If the user has right
+                                                "member.add_membership", empty_membership):  # If the user has right
                     renew_url = reverse_lazy('member:club_renew_membership',
                                              kwargs={"pk": record.pk})
                     t = format_html(

apps/member/templates/member/add_members.html

@@ -13,15 +13,29 @@ SPDX-License-Identifier: GPL-3.0-or-later
         {% if additional_fee_renewal %}
         <div class="alert alert-warning">
             {% if renewal %}
-            {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %}
-            The user is not a member of the club·s {{ clubs }}. An additional fee of {{ pretty_fee }}
-            will be charged to renew automatically the membership in this/these club·s.
-            {% endblocktrans %}
+                {% if club.name == "Kfet" %} {# Auto-renewal #}
+                    {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %}
+                    The user is not a member of the club·s {{ clubs }}. An additional fee of {{ pretty_fee }}
+                    will be charged to renew automatically the membership in this/these club·s.
+                    {% endblocktrans %}
+                {% else %}
+                    {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %}
+                        The user is not a member of the club·s {{ clubs }}. Please create the required memberships,
+                        otherwise it will fail.
+                    {% endblocktrans %}
+                {% endif %}
             {% else %}
-            {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %}
-            This club has parents {{ clubs }}. An additional fee of {{ pretty_fee }}
-            will be charged to adhere automatically to this/these club·s.
-            {% endblocktrans %}
+                {% if club.name == "Kfet" %}
+                    {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %}
+                    This club has parents {{ clubs }}. An additional fee of {{ pretty_fee }}
+                    will be charged to adhere automatically to this/these club·s.
+                    {% endblocktrans %}
+                {% else %}
+                    {% blocktrans trimmed with clubs=clubs_renewal|join:", " pretty_fee=additional_fee_renewal|pretty_money %}
+                        This club has parents {{ clubs }}. Please make sure that the user is a member of this or these club·s,
+                        otherwise the creation of this membership will fail.
+                    {% endblocktrans %}
+                {% endif %}
             {% endif %}
         </div>
         {% endif %}

apps/member/templates/member/includes/profile_info.html

@@ -25,25 +25,27 @@
         </a>
     </dd>
 
-    <dt class="col-xl-6">{% trans 'section'|capfirst %}</dt>
-    <dd class="col-xl-6">{{ user_object.profile.section }}</dd>
+    {% if "member.view_profile"|has_perm:user_object.profile %}
+        <dt class="col-xl-6">{% trans 'section'|capfirst %}</dt>
+        <dd class="col-xl-6">{{ user_object.profile.section }}</dd>
 
-    <dt class="col-xl-6">{% trans 'email'|capfirst %}</dt>
-    <dd class="col-xl-6"><a href="mailto:{{ user_object.email }}">{{ user_object.email }}</a></dd>
+        <dt class="col-xl-6">{% trans 'email'|capfirst %}</dt>
+        <dd class="col-xl-6"><a href="mailto:{{ user_object.email }}">{{ user_object.email }}</a></dd>
 
-    <dt class="col-xl-6">{% trans 'phone number'|capfirst %}</dt>
-    <dd class="col-xl-6"><a href="tel:{{ user_object.profile.phone_number }}">{{ user_object.profile.phone_number }}</a>
-    </dd>
+        <dt class="col-xl-6">{% trans 'phone number'|capfirst %}</dt>
+        <dd class="col-xl-6"><a href="tel:{{ user_object.profile.phone_number }}">{{ user_object.profile.phone_number }}</a>
+        </dd>
 
-    <dt class="col-xl-6">{% trans 'address'|capfirst %}</dt>
-    <dd class="col-xl-6">{{ user_object.profile.address }}</dd>
+        <dt class="col-xl-6">{% trans 'address'|capfirst %}</dt>
+        <dd class="col-xl-6">{{ user_object.profile.address }}</dd>
 
-    {% if user_object.note and "note.view_note"|has_perm:user_object.note %}
-    <dt class="col-xl-6">{% trans 'balance'|capfirst %}</dt>
-    <dd class="col-xl-6">{{ user_object.note.balance | pretty_money }}</dd>
+        {% if user_object.note and "note.view_note"|has_perm:user_object.note %}
+        <dt class="col-xl-6">{% trans 'balance'|capfirst %}</dt>
+        <dd class="col-xl-6">{{ user_object.note.balance | pretty_money }}</dd>
 
-    <dt class="col-xl-6">{% trans 'paid'|capfirst %}</dt>
-    <dd class="col-xl-6">{{ user_object.profile.paid|yesno }}</dd>
+        <dt class="col-xl-6">{% trans 'paid'|capfirst %}</dt>
+        <dd class="col-xl-6">{{ user_object.profile.paid|yesno }}</dd>
+        {% endif %}
     {% endif %}
 </dl>
 

apps/member/templates/member/user_list.html

@@ -5,7 +5,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
 {% load i18n perms %}
 
 {% block content %}
-{% if "member.change_profile_registration_valid"|has_perm:user %}
+{% if can_manage_registrations %}
 <a class="btn btn-block btn-secondary mb-3" href="{% url 'registration:future_user_list' %}">
     <i class="fa fa-user-plus"></i> {% trans "Registrations" %}
 </a>

apps/member/templatetags/memberinfo.py

@@ -0,0 +1,22 @@
+# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+from datetime import date
+
+from django import template
+from django.contrib.auth.models import User
+
+from ..models import Club, Membership
+
+
+def is_member(user, club):
+    if isinstance(user, str):
+        club = User.objects.get(username=user)
+    if isinstance(club, str):
+        club = Club.objects.get(name=club)
+    return Membership.objects\
+        .filter(user=user, club=club, date_start__lte=date.today(), date_end__gte=date.today()).exists()
+
+
+register = template.Library()
+register.filter("is_member", is_member)

apps/member/tests/test_login.py

@@ -41,7 +41,7 @@ class TemplateLoggedInTests(TestCase):
             password="adminadmin",
             permission_mask=3,
         ))
-        self.assertRedirects(response, settings.LOGIN_REDIRECT_URL, 302, 200)
+        self.assertRedirects(response, settings.LOGIN_REDIRECT_URL, 302, 302)
 
     def test_logout(self):
         response = self.client.get(reverse("logout"))

apps/member/tests/test_memberships.py

@@ -205,7 +205,7 @@ class TestMemberships(TestCase):
                 first_name="Toto",
                 bank="Le matelas",
             ))
-            self.assertRedirects(response, club.get_absolute_url(), 302, 200)
+            self.assertRedirects(response, user.profile.get_absolute_url(), 302, 200)
 
             self.assertTrue(Membership.objects.filter(user=user, club=club).exists())
 
@@ -244,9 +244,9 @@ class TestMemberships(TestCase):
                 first_name="Toto",
                 bank="Bank",
             ))
-            self.assertRedirects(response, club.get_absolute_url(), 302, 200)
+            self.assertRedirects(response, user.profile.get_absolute_url(), 302, 200)
 
-            response = self.client.get(user.profile.get_absolute_url())
+            response = self.client.get(club.get_absolute_url())
             self.assertEqual(response.status_code, 200)
 
     def test_auto_join_kfet_when_join_bde_with_soge(self):
@@ -273,7 +273,7 @@ class TestMemberships(TestCase):
             first_name="Toto",
             bank="Société générale",
         ))
-        self.assertRedirects(response, bde.get_absolute_url(), 302, 200)
+        self.assertRedirects(response, user.profile.get_absolute_url(), 302, 200)
 
         self.assertTrue(Membership.objects.filter(user=user, club=bde).exists())
         self.assertTrue(Membership.objects.filter(user=user, club=kfet).exists())

apps/member/views.py

@@ -70,10 +70,11 @@ class UserUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):
         form.fields['email'].required = True
         form.fields['email'].help_text = _("This address must be valid.")
 
-        context['profile_form'] = self.profile_form(instance=context['user_object'].profile,
-                                                    data=self.request.POST if self.request.POST else None)
-        if not self.object.profile.report_frequency:
-            del context['profile_form'].fields["last_report"]
+        if PermissionBackend.check_perm(self.request.user, "member.change_profile", context['user_object'].profile):
+            context['profile_form'] = self.profile_form(instance=context['user_object'].profile,
+                                                        data=self.request.POST if self.request.POST else None)
+            if not self.object.profile.report_frequency:
+                del context['profile_form'].fields["last_report"]
 
         return context
 
@@ -157,8 +158,12 @@ class UserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
         history_table.paginate(per_page=20, page=self.request.GET.get("transaction-page", 1))
         context['history_list'] = history_table
 
-        club_list = Membership.objects.filter(user=user, date_end__gte=date.today())\
-            .filter(PermissionBackend.filter_queryset(self.request.user, Membership, "view"))
+        club_list = Membership.objects.filter(user=user, date_end__gte=date.today() - timedelta(days=15))\
+            .filter(PermissionBackend.filter_queryset(self.request.user, Membership, "view"))\
+            .order_by("club__name", "-date_start")
+        # Display only the most recent membership
+        club_list = club_list.distinct("club__name")\
+            if settings.DATABASES["default"]["ENGINE"] == 'django.db.backends.postgresql' else club_list
         membership_table = MembershipTable(data=club_list, prefix='membership-')
         membership_table.paginate(per_page=10, page=self.request.GET.get("membership-page", 1))
         context['club_list'] = membership_table
@@ -166,6 +171,8 @@ class UserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
         # Check permissions to see if the authenticated user can lock/unlock the note
         with transaction.atomic():
             modified_note = NoteUser.objects.get(pk=user.note.pk)
+            # Don't log these tests
+            modified_note._no_signal = True
             modified_note.is_active = True
             modified_note.inactivity_reason = 'manual'
             context["can_lock_note"] = user.note.is_active and PermissionBackend\
@@ -178,6 +185,7 @@ class UserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
             context["can_force_lock"] = user.note.is_active and PermissionBackend\
                 .check_perm(self.request.user, "note.change_note_is_active", modified_note)
             old_note._force_save = True
+            old_note._no_signal = True
             old_note.save()
             modified_note.refresh_from_db()
             modified_note.is_active = True
@@ -227,6 +235,13 @@ class UserListView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTableView):
 
         return qs
 
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        pre_registered_users = User.objects.filter(PermissionBackend.filter_queryset(self.request.user, User, "view"))\
+            .filter(profile__registration_valid=False)
+        context["can_manage_registrations"] = pre_registered_users.exists()
+        return context
+
 
 class ProfileAliasView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
     """
@@ -240,8 +255,8 @@ class ProfileAliasView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
     def get_context_data(self, **kwargs):
         context = super().get_context_data(**kwargs)
         note = context['object'].note
-        context["aliases"] = AliasTable(note.alias_set.filter(PermissionBackend
-                                                              .filter_queryset(self.request.user, Alias, "view")).all())
+        context["aliases"] = AliasTable(
+            note.alias_set.filter(PermissionBackend.filter_queryset(self.request.user, Alias, "view")).distinct().all())
         context["can_create"] = PermissionBackend.check_perm(self.request.user, "note.add_alias", Alias(
             note=context["object"].note,
             name="",
@@ -392,7 +407,8 @@ class ClubDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
         if PermissionBackend.check_perm(self.request.user, "member.change_club_membership_start", club):
             club.update_membership_dates()
         # managers list
-        managers = Membership.objects.filter(club=self.object, roles__name="Bureau de club")\
+        managers = Membership.objects.filter(club=self.object, roles__name="Bureau de club",
+                                             date_start__lte=date.today(), date_end__gte=date.today())\
             .order_by('user__last_name').all()
         context["managers"] = ClubManagerTable(data=managers, prefix="managers-")
         # transaction history
@@ -405,8 +421,12 @@ class ClubDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
         # member list
         club_member = Membership.objects.filter(
             club=club,
-            date_end__gte=date.today(),
-        ).filter(PermissionBackend.filter_queryset(self.request.user, Membership, "view"))
+            date_end__gte=date.today() - timedelta(days=15),
+        ).filter(PermissionBackend.filter_queryset(self.request.user, Membership, "view"))\
+            .order_by("user__username", "-date_start")
+        # Display only the most recent membership
+        club_member = club_member.distinct("user__username")\
+            if settings.DATABASES["default"]["ENGINE"] == 'django.db.backends.postgresql' else club_member
 
         membership_table = MembershipTable(data=club_member, prefix="membership-")
         membership_table.paginate(per_page=5, page=self.request.GET.get('membership-page', 1))
@@ -438,8 +458,8 @@ class ClubAliasView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
     def get_context_data(self, **kwargs):
         context = super().get_context_data(**kwargs)
         note = context['object'].note
-        context["aliases"] = AliasTable(note.alias_set.filter(PermissionBackend
-                                                              .filter_queryset(self.request.user, Alias, "view")).all())
+        context["aliases"] = AliasTable(note.alias_set.filter(
+            PermissionBackend.filter_queryset(self.request.user, Alias, "view")).distinct().all())
         context["can_create"] = PermissionBackend.check_perm(self.request.user, "note.add_alias", Alias(
             note=context["object"].note,
             name="",
@@ -610,6 +630,9 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView):
         bank = form.cleaned_data["bank"]
         soge = form.cleaned_data["soge"] and not user.profile.soge and (club.name == "BDE" or club.name == "Kfet")
 
+        if not credit_type:
+            credit_amount = 0
+
         if not soge and user.note.balance + credit_amount < fee and not Membership.objects.filter(
                 club__name="Kfet",
                 user=user,
@@ -631,6 +654,16 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView):
             form.add_error('user', _('User is already a member of the club'))
             error = True
 
+        # Must join the parent club before joining this club, except for the Kfet club where it can be at the same time.
+        if club.name != "Kfet" and club.parent_club and not Membership.objects.filter(
+                user=form.instance.user,
+                club=club.parent_club,
+                date_start__gte=club.parent_club.membership_start,
+                date_end__lte=club.parent_club.membership_end,
+        ).exists():
+            form.add_error('user', _('User is not a member of the parent club') + ' ' + club.parent_club.name)
+            error = True
+
         if club.membership_start and form.instance.date_start < club.membership_start:
             form.add_error('user', _("The membership must start after {:%m-%d-%Y}.")
                            .format(form.instance.club.membership_start))
@@ -645,11 +678,13 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView):
             if not last_name or not first_name or (not bank and credit_type.special_type == "Chèque"):
                 if not last_name:
                     form.add_error('last_name', _("This field is required."))
+                    error = True
                 if not first_name:
                     form.add_error('first_name', _("This field is required."))
+                    error = True
                 if not bank and credit_type.special_type == "Chèque":
                     form.add_error('bank', _("This field is required."))
-                return self.form_invalid(form)
+                    error = True
 
         return not error
 
@@ -663,6 +698,7 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView):
             club = Club.objects.filter(PermissionBackend.filter_queryset(self.request.user, Club, "view")) \
                 .get(pk=self.kwargs["club_pk"])
             user = form.instance.user
+            old_membership = None
         else:  # get from url for renewal
             old_membership = self.get_queryset().get(pk=self.kwargs["pk"])
             club = old_membership.club
@@ -737,6 +773,9 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView):
         member_role = Role.objects.filter(Q(name="Adhérent BDE") | Q(name="Membre de club")).all() \
             if club.name == "BDE" else Role.objects.filter(Q(name="Adhérent Kfet") | Q(name="Membre de club")).all() \
             if club.name == "Kfet"else Role.objects.filter(name="Membre de club").all()
+        # Set the same roles as before
+        if old_membership:
+            member_role = member_role.union(old_membership.roles.all())
         form.instance.roles.set(member_role)
         form.instance._force_save = True
         form.instance.save()
@@ -774,7 +813,7 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView):
         return ret
 
     def get_success_url(self):
-        return reverse_lazy('member:club_detail', kwargs={'pk': self.object.club.id})
+        return reverse_lazy('member:user_detail', kwargs={'pk': self.object.user.id})
 
 
 class ClubManageRolesView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):

apps/note/apps.py

@@ -3,7 +3,7 @@
 
 from django.apps import AppConfig
 from django.conf import settings
-from django.db.models.signals import post_save, pre_delete
+from django.db.models.signals import pre_delete, pre_save, post_save
 from django.utils.translation import gettext_lazy as _
 
 from . import signals
@@ -17,6 +17,15 @@ class NoteConfig(AppConfig):
         """
         Define app internal signals to interact with other apps
         """
+        pre_save.connect(
+            signals.pre_save_note,
+            sender="note.noteuser",
+        )
+        pre_save.connect(
+            signals.pre_save_note,
+            sender="note.noteclub",
+        )
+
         post_save.connect(
             signals.save_user_note,
             sender=settings.AUTH_USER_MODEL,

apps/note/models/notes.py

@@ -159,20 +159,6 @@ class NoteUser(Note):
     def pretty(self):
         return _("%(user)s's note") % {'user': str(self.user)}
 
-    @transaction.atomic
-    def save(self, *args, **kwargs):
-        if self.pk and self.balance < 0:
-            old_note = NoteUser.objects.get(pk=self.pk)
-            super().save(*args, **kwargs)
-            if old_note.balance >= 0:
-                # Passage en négatif
-                self.last_negative = timezone.now()
-                self._force_save = True
-                self.save(*args, **kwargs)
-                self.send_mail_negative_balance()
-        else:
-            super().save(*args, **kwargs)
-
     def send_mail_negative_balance(self):
         plain_text = render_to_string("note/mails/negative_balance.txt", dict(note=self))
         html = render_to_string("note/mails/negative_balance.html", dict(note=self))
@@ -201,20 +187,6 @@ class NoteClub(Note):
     def pretty(self):
         return _("Note of %(club)s club") % {'club': str(self.club)}
 
-    @transaction.atomic
-    def save(self, *args, **kwargs):
-        if self.pk and self.balance < 0:
-            old_note = NoteClub.objects.get(pk=self.pk)
-            super().save(*args, **kwargs)
-            if old_note.balance >= 0:
-                # Passage en négatif
-                self.last_negative = timezone.now()
-                self._force_save = True
-                self.save(*args, **kwargs)
-                self.send_mail_negative_balance()
-        else:
-            super().save(*args, **kwargs)
-
     def send_mail_negative_balance(self):
         plain_text = render_to_string("note/mails/negative_balance.txt", dict(note=self))
         html = render_to_string("note/mails/negative_balance.html", dict(note=self))

apps/note/models/transactions.py

@@ -217,6 +217,9 @@ class Transaction(PolymorphicModel):
             # When source == destination, no money is transferred and no transaction is created
             return
 
+        self.source = Note.objects.select_for_update().get(pk=self.source_id)
+        self.destination = Note.objects.select_for_update().get(pk=self.destination_id)
+
         # Check that the amounts stay between big integer bounds
         diff_source, diff_dest = self.validate()
 

apps/note/signals.py

@@ -1,6 +1,8 @@
 # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
 # SPDX-License-Identifier: GPL-3.0-or-later
 
+from django.utils import timezone
+
 
 def save_user_note(instance, raw, **_kwargs):
     """
@@ -25,6 +27,16 @@ def save_club_note(instance, raw, **_kwargs):
         instance.note.save()
 
 
+def pre_save_note(instance, raw, **_kwargs):
+    if not raw and instance.pk and not hasattr(instance, "_no_signal") and instance.balance < 0:
+        from note.models import Note
+        old_note = Note.objects.get(pk=instance.pk)
+        if old_note.balance >= 0:
+            # Passage en négatif
+            instance.last_negative = timezone.now()
+            instance.send_mail_negative_balance()
+
+
 def delete_transaction(instance, **_kwargs):
     """
     Whenever we want to delete a transaction (caution with this), we ensure the transaction is invalid first.

apps/note/static/note/js/consos.js

@@ -222,17 +222,14 @@ function consume (source, source_alias, dest, quantity, amount, reason, type, ca
       if (!isNaN(source.balance)) {
         const newBalance = source.balance - quantity * amount
         if (newBalance <= -5000) {
-          addMsg('Attention, La transaction depuis la note ' + source_alias + ' a été réalisée avec ' +
-                        'succès, mais la note émettrice ' + source_alias + ' est en négatif sévère.',
-          'danger', 30000)
+          addMsg(interpolate(gettext('Warning, the transaction from the note %s succeed, ' +
+              'but the emitter note %s is very negative.', [source_alias, source_alias])), 'danger', 30000)
         } else if (newBalance < 0) {
-          addMsg('Attention, La transaction depuis la note ' + source_alias + ' a été réalisée avec ' +
-                        'succès, mais la note émettrice ' + source_alias + ' est en négatif.',
-          'warning', 30000)
+          addMsg(interpolate(gettext('Warning, the transaction from the note %s succeed, ' +
+              'but the emitter note %s is negative.', [source_alias, source_alias])), 'warning', 30000)
         }
         if (source.membership && source.membership.date_end < new Date().toISOString()) {
-          addMsg('Attention : la note émettrice ' + source.name + " n'est plus adhérente.",
-            'danger', 30000)
+          addMsg(interpolate(gettext('Warning, the emitter note %s is no more a BDE member.', [source_alias])), 'danger', 30000)
         }
       }
       reset()
@@ -253,7 +250,7 @@ function consume (source, source_alias, dest, quantity, amount, reason, type, ca
           template: template
         }).done(function () {
         reset()
-        addMsg("La transaction n'a pas pu être validée pour cause de solde insuffisant.", 'danger', 10000)
+        addMsg(gettext("The transaction couldn't be validated because of insufficient balance."), 'danger', 10000)
       }).fail(function () {
         reset()
         errMsg(e.responseJSON)

apps/note/static/note/js/transfer.js

@@ -67,7 +67,11 @@ $(document).ready(function () {
 
       last.quantity = 1
 
-      if (!last.note.user) {
+      if (last.note.club) {
+        $('#last_name').val(last.note.name)
+        $('#first_name').val(last.note.name)
+      }
+      else if (!last.note.user) {
         $.getJSON('/api/note/note/' + last.note.id + '/?format=json', function (note) {
           last.note.user = note.user
           $.getJSON('/api/user/' + last.note.user + '/', function (user) {
@@ -235,20 +239,20 @@ $('#btn_transfer').click(function () {
 
   if (!amount_field.val() || isNaN(amount_field.val()) || amount_field.val() <= 0) {
     amount_field.addClass('is-invalid')
-    $('#amount-required').html('<strong>Ce champ est requis et doit comporter un nombre décimal strictement positif.</strong>')
+    $('#amount-required').html('<strong>' + gettext('This field is required and must contain a decimal positive number.') + '</strong>')
     error = true
   }
 
   const amount = Math.floor(100 * amount_field.val())
   if (amount > 2147483647) {
     amount_field.addClass('is-invalid')
-    $('#amount-required').html('<strong>Le montant ne doit pas excéder 21474836.47 €.</strong>')
+    $('#amount-required').html('<strong>' + gettext('The amount must stay under 21,474,836.47 €.') + '</strong>')
     error = true
   }
 
-  if (!reason_field.val()) {
+  if (!reason_field.val() && $('#type_transfer').is(':checked')) {
     reason_field.addClass('is-invalid')
-    $('#reason-required').html('<strong>Ce champ est requis.</strong>')
+    $('#reason-required').html('<strong>' + gettext('This field is required.') + '</strong>')
     error = true
   }
 
@@ -274,9 +278,8 @@ $('#btn_transfer').click(function () {
     [...sources_notes_display].forEach(function (source) {
       [...dests_notes_display].forEach(function (dest) {
         if (source.note.id === dest.note.id) {
-          addMsg('Attention : la transaction de ' + pretty_money(amount) + ' de la note ' + source.name +
-                        ' vers la note ' + dest.name + " n'a pas été faite car il s'agit de la même note au départ" +
-                        " et à l'arrivée.", 'warning', 10000)
+          addMsg(interpolate(gettext('Warning: the transaction of %s from %s to %s was not made because ' +
+              'it is the same source and destination note.'), [pretty_money(amount), source.name, dest.name]), 'warning', 10000)
           LOCK = false
           return
         }
@@ -296,43 +299,35 @@ $('#btn_transfer').click(function () {
             destination_alias: dest.name
           }).done(function () {
           if (source.note.membership && source.note.membership.date_end < new Date().toISOString()) {
-            addMsg('Attention : la note émettrice ' + source.name + " n'est plus adhérente.",
-              'danger', 30000)
+            addMsg(interpolate(gettext('Warning, the emitter note %s is no more a BDE member.'), [source.name]), 'danger', 30000)
           }
           if (dest.note.membership && dest.note.membership.date_end < new Date().toISOString()) {
-            addMsg('Attention : la note destination ' + dest.name + " n'est plus adhérente.",
-              'danger', 30000)
+            addMsg(interpolate(gettext('Warning, the destination note %s is no more a BDE member.'), [source.name]), 'danger', 30000)
           }
 
           if (!isNaN(source.note.balance)) {
             const newBalance = source.note.balance - source.quantity * dest.quantity * amount
             if (newBalance <= -5000) {
-              addMsg('Le transfert de ' +
-                                    pretty_money(source.quantity * dest.quantity * amount) + ' de la note ' +
-                                    source.name + ' vers la note ' + dest.name + ' a été fait avec succès, ' +
-                                    'mais la note émettrice est en négatif sévère.', 'danger', 10000)
+              addMsg(interpolate(gettext('Warning, the transaction of %s from the note %s to the note %s succeed, but the emitter note %s is very negative.'),
+                  [pretty_money(source.quantity * dest.quantity * amount), source.name, dest.name, source.name]), 'danger', 10000)
               reset()
               return
             } else if (newBalance < 0) {
-              addMsg('Le transfert de ' +
-                                    pretty_money(source.quantity * dest.quantity * amount) + ' de la note ' +
-                                    source.name + ' vers la note ' + dest.name + ' a été fait avec succès, ' +
-                                    'mais la note émettrice est en négatif.', 'warning', 10000)
+              addMsg(interpolate(gettext('Warning, the transaction of %s from the note %s to the note %s succeed, but the emitter note %s is negative.'),
+                  [pretty_money(source.quantity * dest.quantity * amount), source.name, dest.name, source.name]), 'danger', 10000)
               reset()
               return
             }
           }
-          addMsg('Le transfert de ' +
-                            pretty_money(source.quantity * dest.quantity * amount) + ' de la note ' + source.name +
-                            ' vers la note ' + dest.name + ' a été fait avec succès !', 'success', 10000)
+          addMsg(interpolate(gettext('Transfer of %s from %s to %s succeed!'),
+              [pretty_money(source.quantity * dest.quantity * amount), source.name, dest.name]), 'success', 10000)
 
           reset()
         }).fail(function (err) { // do it again but valid = false
           const errObj = JSON.parse(err.responseText)
           if (errObj.non_field_errors) {
-            addMsg('Le transfert de ' +
-                                pretty_money(source.quantity * dest.quantity * amount) + ' de la note ' + source.name +
-                                ' vers la note ' + dest.name + ' a échoué : ' + errObj.non_field_errors, 'danger')
+            addMsg(interpolate(gettext('Transfer of %s from %s to %s failed: %s'),
+                [pretty_money(source.quantity * dest.quantity * amount), source.name, dest.name, errObj.non_field_errors]), 'danger')
             LOCK = false
             return
           }
@@ -352,17 +347,15 @@ $('#btn_transfer').click(function () {
               destination: dest.note.id,
               destination_alias: dest.name
             }).done(function () {
-            addMsg('Le transfert de ' +
-                                pretty_money(source.quantity * dest.quantity * amount) + ' de la note ' + source.name +
-                                ' vers la note ' + dest.name + ' a échoué : Solde insuffisant', 'danger', 10000)
+            addMsg(interpolate(gettext('Transfer of %s from %s to %s failed: %s'),
+                [pretty_money(source.quantity * dest.quantity * amount), source.name, + dest.name, gettext('insufficient funds')]), 'danger', 10000)
             reset()
           }).fail(function (err) {
             const errObj = JSON.parse(err.responseText)
             let error = errObj.detail ? errObj.detail : errObj.non_field_errors
             if (!error) { error = err.responseText }
-            addMsg('Le transfert de ' +
-                                pretty_money(source.quantity * dest.quantity * amount) + ' de la note ' + source.name +
-                                ' vers la note ' + dest.name + ' a échoué : ' + error, 'danger')
+            addMsg(interpolate(gettext('Transfer of %s from %s to %s failed: %s'),
+                [pretty_money(source.quantity * dest.quantity * amount), source.name, + dest.name, error]), 'danger')
             LOCK = false
           })
         })
@@ -388,7 +381,7 @@ $('#btn_transfer').click(function () {
       alias = sources_notes_display[0].name
       source_id = user_note.id
       dest_id = special_note
-      reason = 'Retrait ' + $('#credit_type option:selected').text().toLowerCase()
+      reason = 'Retrait ' + $('#debit_type option:selected').text().toLowerCase()
       if (given_reason.length > 0) { reason += ' (' + given_reason + ')' }
     }
     $.post('/api/note/transaction/transaction/',
@@ -408,14 +401,14 @@ $('#btn_transfer').click(function () {
         first_name: $('#first_name').val(),
         bank: $('#bank').val()
       }).done(function () {
-      addMsg('Le crédit/retrait a bien été effectué !', 'success', 10000)
-      if (user_note.membership && user_note.membership.date_end < new Date().toISOString()) { addMsg('Attention : la note ' + alias + " n'est plus adhérente.", 'danger', 10000) }
+      addMsg(gettext('Credit/debit succeed!'), 'success', 10000)
+      if (user_note.membership && user_note.membership.date_end < new Date().toISOString()) { addMsg(gettext('Warning, the emitter note %s is no more a BDE member.'), 'danger', 10000) }
       reset()
     }).fail(function (err) {
       const errObj = JSON.parse(err.responseText)
       let error = errObj.detail ? errObj.detail : errObj.non_field_errors
       if (!error) { error = err.responseText }
-      addMsg('Le crédit/retrait a échoué : ' + error, 'danger', 10000)
+      addMsg(interpolate(gettext('Credit/debit failed: %s'), [error]), 'danger', 10000)
       LOCK = false
     })
   }

apps/permission/fixtures/initial.json

@@ -115,7 +115,7 @@
 			"type": "view",
 			"mask": 1,
 			"field": "",
-			"permanent": true,
+			"permanent": false,
 			"description": "Voir les aliases des notes des clubs et des adhérents du club Kfet"
 		}
 	},
@@ -799,12 +799,12 @@
 				"member",
 				"membership"
 			],
-			"query": "{\"club\": [\"club\"]}",
+			"query": "{}",
 			"type": "change",
 			"mask": 3,
 			"field": "roles",
 			"permanent": false,
-			"description": "Modifier les rôles d'un adhérent d'un club"
+			"description": "Modifier les rôles d'une adhésion"
 		}
 	},
 	{
@@ -2081,7 +2081,7 @@
 			],
 			"query": "{}",
 			"type": "change",
-			"mask": 1,
+			"mask": 2,
 			"field": "invalidity_reason",
 			"permanent": false,
 			"description": "Modifier la raison d'invalidité d'une transaction"
@@ -2775,6 +2775,102 @@
 			"description": "Modifier n'importe quel profil non encore inscrit"
 		}
 	},
+	{
+		"model": "permission.permission",
+		"pk": 178,
+		"fields": {
+			"model": [
+				"note",
+				"alias"
+			],
+			"query": "{}",
+			"type": "view",
+			"mask": 3,
+			"field": "",
+			"permanent": false,
+			"description": "Voir tous les alias, y compris ceux des non adhérents"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 179,
+		"fields": {
+			"model": [
+				"note",
+				"alias"
+			],
+			"query": "{\"note__noteuser__user\": [\"user\"]}",
+			"type": "view",
+			"mask": 1,
+			"field": "",
+			"permanent": true,
+			"description": "Voir ses propres alias, pour toujours"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 180,
+		"fields": {
+			"model": [
+				"auth",
+				"user"
+			],
+			"query": "{\"profile__registration_valid\": false}",
+			"type": "view",
+			"mask": 2,
+			"field": "",
+			"permanent": false,
+			"description": "Voir n'importe quel utilisateur non encore inscrit"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 181,
+		"fields": {
+			"model": [
+				"member",
+				"profile"
+			],
+			"query": "{\"registration_valid\": false}",
+			"type": "view",
+			"mask": 2,
+			"field": "",
+			"permanent": false,
+			"description": "Voir n'importe quel profil non encore inscrit"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 182,
+		"fields": {
+			"model": [
+				"auth",
+				"user"
+			],
+			"query": "{\"memberships__club__name\": \"BDE\", \"memberships__roles__name\": \"Adhérent BDE\", \"memberships__date_start__lte\": [\"today\"], \"memberships__date_end__gte\": [\"today\"]}",
+			"type": "view",
+			"mask": 2,
+			"field": "",
+			"permanent": false,
+			"description": "Voir n'importe quel utilisateur qui est adhérent BDE"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 183,
+		"fields": {
+			"model": [
+				"note",
+				"note"
+			],
+			"query": "{}",
+			"type": "change",
+			"mask": 1,
+			"field": "display_image",
+			"permanent": false,
+			"description": "Changer l'image de n'importe quelle note"
+		}
+	},
 	{
 		"model": "permission.role",
 		"pk": 1,
@@ -2845,7 +2941,8 @@
 				157,
 				158,
 				159,
-				160
+				160,
+				179
 			]
 		}
 	},
@@ -2906,14 +3003,14 @@
 				62,
 				127,
 				133,
-				135,
 				136,
 				141,
 				142,
 				150,
 				166,
 				167,
-				168
+				168,
+				182
 			]
 		}
 	},
@@ -2949,6 +3046,7 @@
 				31,
 				32,
 				33,
+				51,
 				53,
 				54,
 				55,
@@ -2972,6 +3070,7 @@
 				137,
 				138,
 				139,
+				140,
 				143,
 				146,
 				147,
@@ -2986,7 +3085,9 @@
 				174,
 				175,
 				176,
-				177
+				177,
+				178,
+				183
 			]
 		}
 	},
@@ -3168,7 +3269,13 @@
 				174,
 				175,
 				176,
-				177
+				177,
+				178,
+				179,
+				180,
+				181,
+				182,
+				183
 			]
 		}
 	},
@@ -3202,7 +3309,12 @@
 				170,
 				171,
 				176,
-				177
+				177,
+				178,
+				179,
+				180,
+				181,
+				182
 			]
 		}
 	},
@@ -3365,7 +3477,6 @@
 				135,
 				136,
 				137,
-				138,
 				139,
 				140,
 				143,
@@ -3378,6 +3489,41 @@
 			]
 		}
 	},
+	{
+		"model": "permission.role",
+		"pk": 20,
+		"fields": {
+			"for_club": 2,
+			"name": "PC Kfet",
+			"permissions": [
+				6,
+				22,
+				24,
+				25,
+				26,
+				27,
+				30,
+				49,
+				50,
+				55,
+				56,
+				57,
+				58,
+				137,
+				143,
+				147,
+				150,
+				166,
+				167,
+				168,
+				176,
+				177,
+				180,
+				181,
+				182
+			]
+		}
+	},
 	{
 		"model": "wei.weirole",
 		"pk": 12,

apps/permission/models.py

@@ -43,7 +43,9 @@ class InstancedPermission:
                 obj = copy(obj)
                 obj.pk = 0
                 with transaction.atomic():
+                    sid = transaction.savepoint()
                     for o in self.model.model_class().objects.filter(pk=0).all():
+                        o._no_signal = True
                         o._force_delete = True
                         Model.delete(o)
                         # An object with pk 0 wouldn't deleted. That's not normal, we alert admins.
@@ -61,9 +63,7 @@ class InstancedPermission:
                     obj._no_signal = True
                     Model.save(obj, force_insert=True)
                     ret = self.model.model_class().objects.filter(self.query & Q(pk=0)).exists()
-                    # Delete testing object
-                    obj._force_delete = True
-                    Model.delete(obj)
+                    transaction.savepoint_rollback(sid)
 
                 return ret
 

apps/permission/views.py

@@ -51,8 +51,10 @@ class ProtectQuerysetMixin:
         # No worry if the user change the hidden fields: a 403 error will be performed if the user tries to make
         # a custom request.
         # We could also delete the field, but some views might be affected.
+        meta = form.instance._meta
         for key in form.base_fields:
-            if not PermissionBackend.check_perm(self.request.user, "wei.change_weiregistration_" + key, self.object):
+            if not PermissionBackend.check_perm(self.request.user,
+                                                f"{meta.app_label}.change_{meta.model_name}_" + key, self.object):
                 form.fields[key].widget = HiddenInput()
 
         return form

apps/registration/forms.py

@@ -44,6 +44,15 @@ class SignUpForm(UserCreationForm):
         fields = ('first_name', 'last_name', 'username', 'email', )
 
 
+class DeclareSogeAccountOpenedForm(forms.Form):
+    soge_account = forms.BooleanField(
+        label=_("I declare that I opened a bank account in the Société générale with the BDE partnership."),
+        help_text=_("Warning: this engages you to open your bank account. If you finally decides to don't open your "
+                    "account, you will have to pay the BDE membership."),
+        required=False,
+    )
+
+
 class WEISignupForm(forms.Form):
     wei_registration = forms.BooleanField(
         label=_("Register to the WEI"),

apps/registration/tables.py

@@ -4,6 +4,8 @@
 import django_tables2 as tables
 from django.contrib.auth.models import User
 
+from treasury.models import SogeCredit
+
 
 class FutureUserTable(tables.Table):
     """
@@ -21,6 +23,7 @@ class FutureUserTable(tables.Table):
         fields = ('last_name', 'first_name', 'username', 'email', )
         model = User
         row_attrs = {
-            'class': 'table-row',
+            'class': lambda record: 'table-row'
+                                    + (' bg-warning' if SogeCredit.objects.filter(user=record).exists() else ''),
             'data-href': lambda record: record.pk
         }

apps/registration/templates/registration/future_profile_detail.html

@@ -56,6 +56,13 @@ SPDX-License-Identifier: GPL-3.0-or-later
                     <div class="card-header text-center" >
                         <h4> {% trans "Validate account" %}</h4>
                     </div>
+
+                    {% if declare_soge_account %}
+                        <div class="alert alert-info">
+                        {% trans "The user declared that he/she opened a bank account in the Société générale." %}
+                        </div>
+                    {% endif %}
+
                     <div class="card-body" id="profile_infos">
                         {% csrf_token %}
                         {{ form|crispy }}
@@ -104,7 +111,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
 
         soge_field.change(fillFields);
 
-        {% if object.profile.soge %}
+        {% if declare_soge_account %}
             soge_field.attr('checked', true);
             fillFields();
         {% endif %}

apps/registration/views.py

@@ -24,7 +24,7 @@ from permission.models import Role
 from permission.views import ProtectQuerysetMixin
 from treasury.models import SogeCredit
 
-from .forms import SignUpForm, ValidationForm
+from .forms import SignUpForm, ValidationForm, DeclareSogeAccountOpenedForm
 from .tables import FutureUserTable
 from .tokens import email_validation_token
 
@@ -42,6 +42,7 @@ class UserCreateView(CreateView):
     def get_context_data(self, **kwargs):
         context = super().get_context_data(**kwargs)
         context["profile_form"] = self.second_form(self.request.POST if self.request.POST else None)
+        context["soge_form"] = DeclareSogeAccountOpenedForm(self.request.POST if self.request.POST else None)
         del context["profile_form"].fields["section"]
         del context["profile_form"].fields["report_frequency"]
         del context["profile_form"].fields["last_report"]
@@ -72,6 +73,13 @@ class UserCreateView(CreateView):
 
         user.profile.send_email_validation_link()
 
+        soge_form = DeclareSogeAccountOpenedForm(self.request.POST)
+        if "soge_account" in soge_form.data and soge_form.data["soge_account"]:
+            # If the user declares that a bank account got opened, prepare the soge credit to warn treasurers
+            soge_credit = SogeCredit(user=user)
+            soge_credit._force_save = True
+            soge_credit.save()
+
         return super().form_valid(form)
 
     def get_success_url(self):
@@ -182,7 +190,7 @@ class FutureUserListView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTableVi
                 | Q(username__iregex="^" + pattern)
             )
 
-        return qs[:20]
+        return qs
 
     def get_context_data(self, **kwargs):
         context = super().get_context_data(**kwargs)
@@ -227,6 +235,8 @@ class FutureUserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, FormMixin,
         fee += 8000
         ctx["total_fee"] = "{:.02f}".format(fee / 100, )
 
+        ctx["declare_soge_account"] = SogeCredit.objects.filter(user=user).exists()
+
         return ctx
 
     def get_form(self, form_class=None):
@@ -307,6 +317,13 @@ class FutureUserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, FormMixin,
         user.profile.save()
         user.refresh_from_db()
 
+        if not soge and SogeCredit.objects.filter(user=user).exists():
+            # If the user declared that a bank account was opened but in the validation form the SoGé case was
+            # unchecked, delete the associated credit
+            soge_credit = SogeCredit.objects.get(user=user)
+            soge_credit._force_delete = True
+            soge_credit.delete()
+
         if credit_type is not None and credit_amount > 0:
             # Credit the note
             SpecialTransaction.objects.create(
@@ -373,6 +390,8 @@ class FutureUserInvalidateView(ProtectQuerysetMixin, LoginRequiredMixin, View):
         user = User.objects.filter(profile__registration_valid=False)\
             .filter(PermissionBackend.filter_queryset(request.user, User, "change", "is_valid"))\
             .get(pk=self.kwargs["pk"])
+        # Delete associated soge credits before
+        SogeCredit.objects.filter(user=user).delete()
 
         user.delete()
 

apps/treasury/apps.py

@@ -28,6 +28,8 @@ class TreasuryConfig(AppConfig):
                     source__in=NoteSpecial.objects.filter(~Q(remittancetype=None)),
                     specialtransactionproxy=None,
             ):
-                SpecialTransactionProxy.objects.create(transaction=transaction, remittance=None)
+                proxy = SpecialTransactionProxy(transaction=transaction, remittance=None)
+                proxy._force_save = True
+                proxy.save()
 
         post_migrate.connect(setup_specialtransactions_proxies, sender=SpecialTransactionProxy)

apps/treasury/models.py

@@ -10,7 +10,7 @@ from django.db.models import Q
 from django.template.loader import render_to_string
 from django.utils import timezone
 from django.utils.translation import gettext_lazy as _
-from note.models import NoteSpecial, SpecialTransaction, MembershipTransaction
+from note.models import NoteSpecial, SpecialTransaction, MembershipTransaction, NoteUser
 
 
 class Invoice(models.Model):
@@ -335,6 +335,11 @@ class SogeCredit(models.Model):
 
     @transaction.atomic
     def save(self, *args, **kwargs):
+        # This is a pre-registered user that declared that a SoGé account was opened.
+        # No note exists yet.
+        if not NoteUser.objects.filter(user=self.user).exists():
+            return super().save(*args, **kwargs)
+
         if not self.credit_transaction:
             credit_transaction = SpecialTransaction(
                 source=NoteSpecial.objects.get(special_type="Virement bancaire"),

apps/treasury/signals.py

@@ -10,9 +10,8 @@ def save_special_transaction(instance, created, **kwargs):
     """
 
     if not hasattr(instance, "_no_signal"):
-        if instance.is_credit():
-            if created and RemittanceType.objects.filter(note=instance.source).exists():
-                SpecialTransactionProxy.objects.create(transaction=instance, remittance=None).save()
-        else:
-            if created and RemittanceType.objects.filter(note=instance.destination).exists():
-                SpecialTransactionProxy.objects.create(transaction=instance, remittance=None).save()
+        if created and RemittanceType.objects.filter(
+                note=instance.source if instance.is_credit() else instance.destination).exists():
+            proxy = SpecialTransactionProxy(transaction=instance, remittance=None)
+            proxy._force_save = True
+            proxy.save()

apps/treasury/tables.py

@@ -147,4 +147,4 @@ class SogeCreditTable(tables.Table):
 
     class Meta:
         model = SogeCredit
-        fields = ('user', 'amount', 'valid', )
+        fields = ('user', 'user__last_name', 'user__first_name', 'amount', 'valid', )

apps/treasury/templates/treasury/sogecredit_detail.html

@@ -11,8 +11,14 @@ SPDX-License-Identifier: GPL-3.0-or-later
     </div>
     <div class="card-body">
         <dl class="row">
-            <dt class="col-xl-6 text-right">{% trans 'user'|capfirst %}</dt>
-            <dd class="col-xl-6"><a href="{% url 'member:user_detail' pk=object.user.pk %}">{{ object.user }}</a></dd>
+            <dt class="col-xl-6 text-right">{% trans 'last name'|capfirst %}</dt>
+            <dd class="col-xl-6">{{ object.user.last_name }}</dd>
+
+            <dt class="col-xl-6 text-right">{% trans 'first name'|capfirst %}</dt>
+            <dd class="col-xl-6">{{ object.user.first_name }}</dd>
+
+            <dt class="col-xl-6 text-right">{% trans 'username'|capfirst %}</dt>
+            <dd class="col-xl-6"><a href="{% url 'member:user_detail' pk=object.user.pk %}">{{ object.user.username }}</a></dd>
 
             {% if "note.view_note_balance"|has_perm:object.user.note %}
             <dt class="col-xl-6 text-right">{% trans 'balance'|capfirst %}</dt>

apps/treasury/templates/treasury/sogecredit_list.html

@@ -60,7 +60,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
             let pattern = searchbar_obj.val();
 
             $("#credits_table").load(location.pathname + "?search=" + pattern.replace(" ", "%20") + (
-                invalid_only_obj.is(':checked') ? "&valid=false" : "") + " #credits_table");
+                invalid_only_obj.is(':checked') ? "" : "&valid=1") + " #credits_table");
 
             $(".table-row").click(function () {
                 window.document.location = $(this).data("href");

apps/treasury/views.py

@@ -431,7 +431,7 @@ class SogeCreditListView(LoginRequiredMixin, ProtectQuerysetMixin, SingleTableVi
         if "valid" not in self.request.GET or not self.request.GET["valid"]:
             qs = qs.filter(credit_transaction__valid=False)
 
-        return qs[:20]
+        return qs
 
 
 class SogeCreditManageView(LoginRequiredMixin, ProtectQuerysetMixin, BaseFormView, DetailView):

entrypoint.sh

@@ -14,6 +14,7 @@ fi
 # Set up Django project
 python3 manage.py collectstatic --noinput
 python3 manage.py compilemessages
+python3 manage.py compilejsmessages
 python3 manage.py migrate
 
 if [ "$1" ]; then

locale/de/LC_MESSAGES/djangojs.po

@@ -0,0 +1,119 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2020-11-15 23:21+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <LL@li.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#: apps/member/static/member/js/alias.js:17
+msgid "Alias successfully added"
+msgstr ""
+
+#: apps/member/static/member/js/alias.js:33
+msgid "Alias successfully deleted"
+msgstr ""
+
+#: apps/note/static/note/js/consos.js:225
+#, javascript-format
+msgid ""
+"Warning, the transaction from the note %s succeed, but the emitter note %s "
+"is very negative."
+msgstr ""
+
+#: apps/note/static/note/js/consos.js:228
+#, javascript-format
+msgid ""
+"Warning, the transaction from the note %s succeed, but the emitter note %s "
+"is negative."
+msgstr ""
+
+#: apps/note/static/note/js/consos.js:232
+#: apps/note/static/note/js/transfer.js:298
+#: apps/note/static/note/js/transfer.js:401
+#, javascript-format
+msgid "Warning, the emitter note %s is no more a BDE member."
+msgstr ""
+
+#: apps/note/static/note/js/consos.js:253
+msgid "The transaction couldn't be validated because of insufficient balance."
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:238
+msgid "This field is required and must contain a decimal positive number."
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:245
+msgid "The amount must stay under 21,474,836.47 €."
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:251
+msgid "This field is required."
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:277
+#, javascript-format
+msgid ""
+"Warning: the transaction of %s from %s to %s was not made because it is the "
+"same source and destination note."
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:301
+#, javascript-format
+msgid "Warning, the destination note %s is no more a BDE member."
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:307
+#, javascript-format
+msgid ""
+"Warning, the transaction of %s from the note %s to the note %s succeed, but "
+"the emitter note %s is very negative."
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:312
+#, javascript-format
+msgid ""
+"Warning, the transaction of %s from the note %s to the note %s succeed, but "
+"the emitter note %s is negative."
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:318
+#, javascript-format
+msgid "Transfer of %s from %s to %s succeed!"
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:325
+#: apps/note/static/note/js/transfer.js:346
+#: apps/note/static/note/js/transfer.js:353
+#, javascript-format
+msgid "Transfer of %s from %s to %s failed: %s"
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:347
+msgid "insufficient funds"
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:400
+msgid "Credit/debit succeed!"
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:407
+#, javascript-format
+msgid "Credit/debit failed: %s"
+msgstr ""
+
+#: note_kfet/static/js/base.js:366
+msgid "An error occured while (in)validating this transaction:"
+msgstr ""

locale/es/LC_MESSAGES/djangojs.po

@@ -0,0 +1,119 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2020-11-15 23:21+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <LL@li.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#: apps/member/static/member/js/alias.js:17
+msgid "Alias successfully added"
+msgstr ""
+
+#: apps/member/static/member/js/alias.js:33
+msgid "Alias successfully deleted"
+msgstr ""
+
+#: apps/note/static/note/js/consos.js:225
+#, javascript-format
+msgid ""
+"Warning, the transaction from the note %s succeed, but the emitter note %s "
+"is very negative."
+msgstr ""
+
+#: apps/note/static/note/js/consos.js:228
+#, javascript-format
+msgid ""
+"Warning, the transaction from the note %s succeed, but the emitter note %s "
+"is negative."
+msgstr ""
+
+#: apps/note/static/note/js/consos.js:232
+#: apps/note/static/note/js/transfer.js:298
+#: apps/note/static/note/js/transfer.js:401
+#, javascript-format
+msgid "Warning, the emitter note %s is no more a BDE member."
+msgstr ""
+
+#: apps/note/static/note/js/consos.js:253
+msgid "The transaction couldn't be validated because of insufficient balance."
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:238
+msgid "This field is required and must contain a decimal positive number."
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:245
+msgid "The amount must stay under 21,474,836.47 €."
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:251
+msgid "This field is required."
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:277
+#, javascript-format
+msgid ""
+"Warning: the transaction of %s from %s to %s was not made because it is the "
+"same source and destination note."
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:301
+#, javascript-format
+msgid "Warning, the destination note %s is no more a BDE member."
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:307
+#, javascript-format
+msgid ""
+"Warning, the transaction of %s from the note %s to the note %s succeed, but "
+"the emitter note %s is very negative."
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:312
+#, javascript-format
+msgid ""
+"Warning, the transaction of %s from the note %s to the note %s succeed, but "
+"the emitter note %s is negative."
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:318
+#, javascript-format
+msgid "Transfer of %s from %s to %s succeed!"
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:325
+#: apps/note/static/note/js/transfer.js:346
+#: apps/note/static/note/js/transfer.js:353
+#, javascript-format
+msgid "Transfer of %s from %s to %s failed: %s"
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:347
+msgid "insufficient funds"
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:400
+msgid "Credit/debit succeed!"
+msgstr ""
+
+#: apps/note/static/note/js/transfer.js:407
+#, javascript-format
+msgid "Credit/debit failed: %s"
+msgstr ""
+
+#: note_kfet/static/js/base.js:366
+msgid "An error occured while (in)validating this transaction:"
+msgstr ""

locale/fr/LC_MESSAGES/djangojs.po

@@ -0,0 +1,134 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2020-11-15 23:21+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <LL@li.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+
+#: apps/member/static/member/js/alias.js:17
+msgid "Alias successfully added"
+msgstr "Alias ajouté avec succès"
+
+#: apps/member/static/member/js/alias.js:33
+msgid "Alias successfully deleted"
+msgstr "Alias supprimé avec succès"
+
+#: apps/note/static/note/js/consos.js:225
+#, javascript-format
+msgid ""
+"Warning, the transaction from the note %s succeed, but the emitter note %s "
+"is very negative."
+msgstr ""
+"Attention, La transaction depuis la note %s a été réalisée avec succès, mais "
+"la note émettrice %s est en négatif sévère."
+
+#: apps/note/static/note/js/consos.js:228
+#, javascript-format
+msgid ""
+"Warning, the transaction from the note %s succeed, but the emitter note %s "
+"is negative."
+msgstr ""
+"Attention, La transaction depuis la note %s a été réalisée avec succès, mais "
+"la note émettrice %s est en négatif."
+
+#: apps/note/static/note/js/consos.js:232
+#: apps/note/static/note/js/transfer.js:298
+#: apps/note/static/note/js/transfer.js:401
+#, javascript-format
+msgid "Warning, the emitter note %s is no more a BDE member."
+msgstr "Attention, la note émettrice %s n'est plus adhérente."
+
+#: apps/note/static/note/js/consos.js:253
+msgid "The transaction couldn't be validated because of insufficient balance."
+msgstr ""
+"La transaction n'a pas pu être validée pour cause de solde insuffisant."
+
+#: apps/note/static/note/js/transfer.js:238
+msgid "This field is required and must contain a decimal positive number."
+msgstr ""
+"Ce champ est requis et doit comporter un nombre décimal strictement positif."
+
+#: apps/note/static/note/js/transfer.js:245
+msgid "The amount must stay under 21,474,836.47 €."
+msgstr "Le montant ne doit pas excéder 21 474 836.47 €."
+
+#: apps/note/static/note/js/transfer.js:251
+msgid "This field is required."
+msgstr "Ce champ est requis."
+
+#: apps/note/static/note/js/transfer.js:277
+#, javascript-format
+msgid ""
+"Warning: the transaction of %s from %s to %s was not made because it is the "
+"same source and destination note."
+msgstr ""
+"Attention : la transaction de %s de la note %s vers la note %s n'a pas été "
+"faite car il s'agit de la même note au départ et à l'arrivée."
+
+#: apps/note/static/note/js/transfer.js:301
+#, javascript-format
+msgid "Warning, the destination note %s is no more a BDE member."
+msgstr "Attention, la note de destination %s n'est plus adhérente."
+
+#: apps/note/static/note/js/transfer.js:307
+#, javascript-format
+msgid ""
+"Warning, the transaction of %s from the note %s to the note %s succeed, but "
+"the emitter note %s is very negative."
+msgstr ""
+"Attention, La transaction de %s depuis la note %s vers la note %s a été "
+"réalisée avec succès, mais la note émettrice %s est en négatif sévère."
+
+#: apps/note/static/note/js/transfer.js:312
+#, javascript-format
+msgid ""
+"Warning, the transaction of %s from the note %s to the note %s succeed, but "
+"the emitter note %s is negative."
+msgstr ""
+"Attention, La transaction de %s depuis la note %s vers la note %s a été "
+"réalisée avec succès, mais la note émettrice %s est en négatif."
+
+#: apps/note/static/note/js/transfer.js:318
+#, javascript-format
+msgid "Transfer of %s from %s to %s succeed!"
+msgstr ""
+"Le transfert de %s de la note %s vers la note %s a été fait avec succès !"
+
+#: apps/note/static/note/js/transfer.js:325
+#: apps/note/static/note/js/transfer.js:346
+#: apps/note/static/note/js/transfer.js:353
+#, javascript-format
+msgid "Transfer of %s from %s to %s failed: %s"
+msgstr "Le transfert de %s de la note %s vers la note %s a échoué : %s"
+
+#: apps/note/static/note/js/transfer.js:347
+msgid "insufficient funds"
+msgstr "solde insuffisant"
+
+#: apps/note/static/note/js/transfer.js:400
+msgid "Credit/debit succeed!"
+msgstr "Le crédit/retrait a bien été effectué !"
+
+#: apps/note/static/note/js/transfer.js:407
+#, javascript-format
+msgid "Credit/debit failed: %s"
+msgstr "Le crédit/retrait a échoué : %s"
+
+#: note_kfet/static/js/base.js:366
+msgid "An error occured while (in)validating this transaction:"
+msgstr ""
+"Une erreur est survenue lors de la validation/dévalidation de cette "
+"transaction :"

note.cron

@@ -20,3 +20,5 @@
  55  6     *   *   *     root   cd /var/www/note_kfet && env/bin/python manage.py send_reports
 # Mettre à jour les boutons mis en avant
  00  9     *   *   *     root   cd /var/www/note_kfet && env/bin/python manage.py refresh_highlighted_buttons
+# Vider les tokens Oauth2
+ 00  6     *   *   *     root   cd /var/www/note_kfet && env/bin/python manage.py cleartokens

note_kfet/admin.py

@@ -26,6 +26,14 @@ admin_site = StrongAdminSite()
 admin_site.register(Site, SiteAdmin)
 
 # Add external apps model
+if "oauth2_provider" in settings.INSTALLED_APPS:
+    from oauth2_provider.admin import Application, ApplicationAdmin, Grant, \
+        GrantAdmin, AccessToken, AccessTokenAdmin, RefreshToken, RefreshTokenAdmin
+    admin_site.register(Application, ApplicationAdmin)
+    admin_site.register(Grant, GrantAdmin)
+    admin_site.register(AccessToken, AccessTokenAdmin)
+    admin_site.register(RefreshToken, RefreshTokenAdmin)
+
 if "django_htcpcp_tea" in settings.INSTALLED_APPS:
     from django_htcpcp_tea.admin import *
     from django_htcpcp_tea.models import *
@@ -44,9 +52,3 @@ if "rest_framework" in settings.INSTALLED_APPS:
     from rest_framework.authtoken.admin import *
     from rest_framework.authtoken.models import *
     admin_site.register(Token, TokenAdmin)
-
-if "cas_server" in settings.INSTALLED_APPS:
-    from cas_server.admin import *
-    from cas_server.models import *
-    admin_site.register(ServicePattern, ServicePatternAdmin)
-    admin_site.register(FederatedIendityProvider, FederatedIendityProviderAdmin)

note_kfet/fixtures/cas.json

@@ -1,11 +0,0 @@
-[
-    {
-        "model": "cas_server.servicepattern",
-        "pk": 1,
-        "fields": {
-            "pos": 1,
-            "pattern": ".*",
-            "name": "REPLACEME"
-        }
-    }
-]

note_kfet/fixtures/initial.json

@@ -3,7 +3,7 @@
         "model": "sites.site",
         "pk": 1,
         "fields": {
-            "domain": "localhost",
+            "domain": "note.crans.org",
             "name": "La Note Kfet \ud83c\udf7b"
         }
     }

note_kfet/middlewares.py

@@ -2,12 +2,12 @@
 # SPDX-License-Identifier: GPL-3.0-or-later
 
 from django.conf import settings
+from django.contrib.auth import login
 from django.contrib.auth.models import AnonymousUser, User
+from django.contrib.sessions.backends.db import SessionStore
 
 from threading import local
 
-from django.contrib.sessions.backends.db import SessionStore
-
 USER_ATTR_NAME = getattr(settings, 'LOCAL_USER_ATTR_NAME', '_current_user')
 SESSION_ATTR_NAME = getattr(settings, 'LOCAL_SESSION_ATTR_NAME', '_current_session')
 IP_ATTR_NAME = getattr(settings, 'LOCAL_IP_ATTR_NAME', '_current_ip')
@@ -78,6 +78,41 @@ class SessionMiddleware(object):
         return response
 
 
+class LoginByIPMiddleware(object):
+    """
+    Allow some users to be authenticated based on their IP address.
+    For example, the "note" account should not be used elsewhere than the Kfet computer,
+    and should not have any password.
+    The password that is stored in database should be on the form "ipbased$my.public.ip.address".
+    """
+
+    def __init__(self, get_response):
+        self.get_response = get_response
+
+    def __call__(self, request):
+        """
+        If the user is not authenticated, get the used IP address
+        and check if an user is authorized to be automatically logged with this address.
+        If it is the case, the logging is performed with the full rights.
+        """
+        if not request.user.is_authenticated:
+            if 'HTTP_X_REAL_IP' in request.META:
+                ip = request.META.get('HTTP_X_REAL_IP')
+            elif 'HTTP_X_FORWARDED_FOR' in request.META:
+                ip = request.META.get('HTTP_X_FORWARDED_FOR').split(', ')[0]
+            else:
+                ip = request.META.get('REMOTE_ADDR')
+
+            qs = User.objects.filter(password=f"ipbased${ip}")
+            if qs.exists():
+                login(request, qs.get())
+                session = request.session
+                session["permission_mask"] = 42
+                session.save()
+
+        return self.get_response(request)
+
+
 class TurbolinksMiddleware(object):
     """
     Send the `Turbolinks-Location` header in response to a visit that was redirected,

note_kfet/settings/__init__.py

@@ -49,16 +49,6 @@ try:
 except ImportError:
     pass
 
-if "cas_server" in INSTALLED_APPS:
-    # CAS Settings
-    CAS_AUTO_CREATE_USER = False
-    CAS_LOGO_URL = "/static/img/Saperlistpopette.png"
-    CAS_FAVICON_URL = "/static/favicon/favicon-32x32.png"
-    CAS_SHOW_POWERED = False
-
-if "logs" in INSTALLED_APPS:
-    MIDDLEWARE += ('note_kfet.middlewares.SessionMiddleware',)
-
 if DEBUG:
     PASSWORD_HASHERS += ['member.hashers.DebugSuperuserBackdoor']
     if "debug_toolbar" in INSTALLED_APPS:

note_kfet/settings/base.py

@@ -35,8 +35,10 @@ INSTALLED_APPS = [
     'mailer',
     'phonenumber_field',
     'polymorphic',
+    'oauth2_provider',
 
     # Django contrib
+    # Django Admin will autodiscover our apps for our custom admin site.
     'django.contrib.admin',
     'django.contrib.admindocs',
     'django.contrib.auth',
@@ -77,6 +79,8 @@ MIDDLEWARE = [
     'django.middleware.locale.LocaleMiddleware',
     'django.contrib.sites.middleware.CurrentSiteMiddleware',
     'django_htcpcp_tea.middleware.HTCPCPTeaMiddleware',
+    'note_kfet.middlewares.SessionMiddleware',
+    'note_kfet.middlewares.LoginByIPMiddleware',
     'note_kfet.middlewares.TurbolinksMiddleware',
 ]
 
@@ -214,6 +218,16 @@ EMAIL_HOST_PASSWORD = os.getenv('EMAIL_PASSWORD', None)
 SERVER_EMAIL = os.getenv("NOTE_MAIL", "notekfet@example.com")
 DEFAULT_FROM_EMAIL = "NoteKfet2020 <" + SERVER_EMAIL + ">"
 
+# Cache
+# https://docs.djangoproject.com/en/2.2/topics/cache/#setting-up-the-cache
+cache_address = os.getenv("CACHE_ADDRESS", "127.0.0.1:11211")
+CACHES = {
+    'default': {
+        'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
+        'LOCATION': cache_address,
+    }
+}
+
 # Django REST Framework
 REST_FRAMEWORK = {
     'DEFAULT_PERMISSION_CLASSES': [
@@ -233,7 +247,7 @@ REST_FRAMEWORK = {
 FORM_RENDERER = 'django.forms.renderers.TemplatesSetting'
 
 # After login redirect user to transfer page
-LOGIN_REDIRECT_URL = '/note/transfer/'
+LOGIN_REDIRECT_URL = '/'
 
 # An user session will expired after 3 hours
 SESSION_COOKIE_AGE = 60 * 60 * 3

note_kfet/settings/development.py

@@ -24,6 +24,14 @@ if os.getenv("DJANGO_DEV_STORE_METHOD", "sqlite") != "postgresql":
         }
     }
 
+# Dummy cache for development
+# https://docs.djangoproject.com/en/2.2/topics/cache/#setting-up-the-cache
+CACHES = {
+    'default': {
+        'BACKEND': 'django.core.cache.backends.dummy.DummyCache',
+    }
+}
+
 # Break it, fix it!
 DEBUG = True
 

note_kfet/settings/secrets_example.py

@@ -3,7 +3,6 @@
 
 # CAS
 OPTIONAL_APPS = [
-#    'cas_server',
 #    'debug_toolbar'
 ]
 

note_kfet/static/js/base.js

@@ -363,8 +363,7 @@ function de_validate (id, validated, resourcetype) {
       const errObj = JSON.parse(err.responseText)
       let error = errObj.detail ? errObj.detail : errObj.non_field_errors
       if (!error) { error = err.responseText }
-      addMsg('Une erreur est survenue lors de la validation/dévalidation ' +
-                'de cette transaction : ' + error, 'danger')
+      addMsg(gettext('An error occured while (in)validating this transaction:') + ' ' + error, 'danger')
 
       refreshBalance()
       // error if this method doesn't exist. Please define it.

note_kfet/static/js/jsi18n/_default.js

@@ -0,0 +1,134 @@
+/*
+* You should never see this file.
+* It is here only for compatibility reasons in case of the command `compilejsmessages` was never executed.
+* Please execute this command to generate translation strings.
+*/
+
+(function(globals) {
+
+  var django = globals.django || (globals.django = {});
+
+
+  django.pluralidx = function(n) {
+    var v=(n != 1);
+    if (typeof(v) == 'boolean') {
+      return v ? 1 : 0;
+    } else {
+      return v;
+    }
+  };
+
+
+  /* gettext library */
+
+  django.catalog = django.catalog || {};
+
+
+  if (!django.jsi18n_initialized) {
+    django.gettext = function(msgid) {
+      var value = django.catalog[msgid];
+      if (typeof(value) == 'undefined') {
+        return msgid;
+      } else {
+        return (typeof(value) == 'string') ? value : value[0];
+      }
+    };
+
+    django.ngettext = function(singular, plural, count) {
+      var value = django.catalog[singular];
+      if (typeof(value) == 'undefined') {
+        return (count == 1) ? singular : plural;
+      } else {
+        return value.constructor === Array ? value[django.pluralidx(count)] : value;
+      }
+    };
+
+    django.gettext_noop = function(msgid) { return msgid; };
+
+    django.pgettext = function(context, msgid) {
+      var value = django.gettext(context + '\x04' + msgid);
+      if (value.indexOf('\x04') != -1) {
+        value = msgid;
+      }
+      return value;
+    };
+
+    django.npgettext = function(context, singular, plural, count) {
+      var value = django.ngettext(context + '\x04' + singular, context + '\x04' + plural, count);
+      if (value.indexOf('\x04') != -1) {
+        value = django.ngettext(singular, plural, count);
+      }
+      return value;
+    };
+
+    django.interpolate = function(fmt, obj, named) {
+      if (named) {
+        return fmt.replace(/%\(\w+\)s/g, function(match){return String(obj[match.slice(2,-2)])});
+      } else {
+        return fmt.replace(/%s/g, function(match){return String(obj.shift())});
+      }
+    };
+
+
+    /* formatting library */
+
+    django.formats = {
+    "DATETIME_FORMAT": "j \\d\\e F \\d\\e Y \\a \\l\\a\\s H:i",
+    "DATETIME_INPUT_FORMATS": [
+      "%d/%m/%Y %H:%M:%S",
+      "%d/%m/%Y %H:%M:%S.%f",
+      "%d/%m/%Y %H:%M",
+      "%d/%m/%y %H:%M:%S",
+      "%d/%m/%y %H:%M:%S.%f",
+      "%d/%m/%y %H:%M",
+      "%Y-%m-%d %H:%M:%S",
+      "%Y-%m-%d %H:%M:%S.%f",
+      "%Y-%m-%d %H:%M",
+      "%Y-%m-%d"
+    ],
+    "DATE_FORMAT": "j \\d\\e F \\d\\e Y",
+    "DATE_INPUT_FORMATS": [
+      "%d/%m/%Y",
+      "%d/%m/%y",
+      "%Y-%m-%d"
+    ],
+    "DECIMAL_SEPARATOR": ",",
+    "FIRST_DAY_OF_WEEK": 1,
+    "MONTH_DAY_FORMAT": "j \\d\\e F",
+    "NUMBER_GROUPING": 3,
+    "SHORT_DATETIME_FORMAT": "d/m/Y H:i",
+    "SHORT_DATE_FORMAT": "d/m/Y",
+    "THOUSAND_SEPARATOR": ".",
+    "TIME_FORMAT": "H:i",
+    "TIME_INPUT_FORMATS": [
+      "%H:%M:%S",
+      "%H:%M:%S.%f",
+      "%H:%M"
+    ],
+    "YEAR_MONTH_FORMAT": "F \\d\\e Y"
+  };
+
+    django.get_format = function(format_type) {
+      var value = django.formats[format_type];
+      if (typeof(value) == 'undefined') {
+        return format_type;
+      } else {
+        return value;
+      }
+    };
+
+    /* add to global namespace */
+    globals.pluralidx = django.pluralidx;
+    globals.gettext = django.gettext;
+    globals.ngettext = django.ngettext;
+    globals.gettext_noop = django.gettext_noop;
+    globals.pgettext = django.pgettext;
+    globals.npgettext = django.npgettext;
+    globals.interpolate = django.interpolate;
+    globals.get_format = django.get_format;
+
+    django.jsi18n_initialized = true;
+  }
+
+}(this));
+

note_kfet/static/js/jsi18n/de.js

@@ -0,0 +1 @@
+_default.js

note_kfet/static/js/jsi18n/es.js

@@ -0,0 +1 @@
+_default.js

note_kfet/static/js/jsi18n/fr.js

@@ -0,0 +1 @@
+_default.js

note_kfet/templates/base.html

@@ -1,4 +1,4 @@
-{% load static i18n pretty_money static getenv perms %}
+{% load static i18n pretty_money static getenv perms memberinfo %}
 {% comment %}
 SPDX-License-Identifier: GPL-3.0-or-later
 {% endcomment %}
@@ -38,6 +38,9 @@ SPDX-License-Identifier: GPL-3.0-or-later
     <script src="{% static "js/base.js" %}"></script>
     <script src="{% static "js/konami.js" %}"></script>
 
+    {# Translation in javascript files #}
+    <script src="{% static "js/jsi18n/jsi18n."|add:LANGUAGE_CODE|add:".js" %}"></script>
+
     {# If extra ressources are needed for a form, load here #}
     {% if form.media %}
         {{ form.media }}
@@ -64,7 +67,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
                             <a class="nav-link {% if request.path_info == url %}active{% endif %}" href="{{ url }}"><i class="fa fa-coffee"></i> {% trans 'Consumptions' %}</a>
                         </li>
                     {% endif %}
-                    {% if "note.transaction"|not_empty_model_list %}
+                    {% if user.is_authenticated and user|is_member:"Kfet" %}
                         <li class="nav-item">
                             {% url 'note:transfer' as url %}
                             <a class="nav-link {% if request.path_info == url %}active{% endif %}" href="{{ url }}"><i class="fa fa-exchange"></i> {% trans 'Transfer' %} </a>
@@ -150,12 +153,36 @@ SPDX-License-Identifier: GPL-3.0-or-later
         </div>
     </nav>
     <div class="{% block containertype %}container{% endblock %} my-3">
-        {% if request.user.is_authenticated and not request.user.profile.email_confirmed %}
-            <div class="alert alert-warning">
-                {% trans "Your e-mail address is not validated. Please check your mail inbox and click on the validation link." %}
-            </div>
-        {% endif %}
-        <div id="messages"></div>
+        <div id="messages">
+            {% if user.is_authenticated %}
+                {% if not user|is_member:"BDE" %}
+                    <div class="alert alert-danger">
+                        {% trans "You are not a BDE member anymore. Please renew your membership if you want to use the note." %}
+                    </div>
+                {% elif not user|is_member:"Kfet" %}
+                    <div class="alert alert-warning">
+                        {% trans "You are not a Kfet member, so you can't use your note account." %}
+                    </div>
+                {% endif %}
+
+                {% if not user.profile.email_confirmed %}
+                    <div class="alert alert-warning">
+                        {% trans "Your e-mail address is not validated. Please check your mail inbox and click on the validation link." %}
+                    </div>
+                {% endif %}
+            {% endif %}
+            {% if user.sogecredit and not user.sogecredit.valid %}
+                <div class="alert alert-info">
+                    {% blocktrans trimmed %}
+                    You declared that you opened a bank account in the Société générale. The bank did not validate the creation of the account to the BDE,
+                        so the registration bonus of 80 € is not credited and the membership is not paid yet.
+                        This verification procedure may last a few days.
+                        Please make sure that you go to the end of the account creation.
+                    {% endblocktrans %}
+                </div>
+            {% endif %}
+            {# TODO Add banners #}
+        </div>
         {% block content %}
             <p>Default content...</p>
         {% endblock %}

note_kfet/templates/cas_server/base.html

@@ -1,99 +0,0 @@
-{% load i18n %}{% load static %}{% get_current_language as LANGUAGE_CODE %}<!DOCTYPE html>
-<html{% if LANGUAGE_CODE %} lang="{{LANGUAGE_CODE}}"{% endif %}>
-    <head>
-        <meta charset="utf-8">
-        <!--[if IE]><meta http-equiv="X-UA-Compatible" content="IE=edge" /><![endif]-->
-        <meta name="viewport" content="width=device-width, initial-scale=1">
-        <title>{% block title %}{% trans "Central Authentication Service"  %}{% endblock %}</title>
-        <link href="{{settings.CAS_COMPONENT_URLS.bootstrap3_css}}" rel="stylesheet">
-        <!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
-        <!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
-        <!--[if lt IE 9]>
-        <script src="{{settings.CAS_COMPONENT_URLS.html5shiv}}"></script>
-        <script src="{{settings.CAS_COMPONENT_URLS.respond}}"></script>
-        <![endif]-->
-        {% if settings.CAS_FAVICON_URL %}<link rel="shortcut icon" href="{{settings.CAS_FAVICON_URL}}" />{% endif %}
-        <link href="{% static "cas_server/styles.css" %}" rel="stylesheet">
-    </head>
-    <body>
-      <div id="wrap">
-        <div class="container">
-            {% if auto_submit %}<noscript>{% endif %}
-            <div class="row">
-              <div class="col-lg-12 col-md-12 col-sm-12 col-xs-12">
-                <h1 id="app-name">
-                    {% if settings.CAS_LOGO_URL %}<img src="{{settings.CAS_LOGO_URL}}" alt="cas-logo" />{% endif %}
-                    Authentification Note Kfet 2020</h1>
-              </div>
-            </div>
-            {% if auto_submit %}</noscript>{% endif %}
-            <div class="row">
-            <div class="col-lg-3 col-md-3 col-sm-2 col-xs-12"></div>
-            <div class="col-lg-6 col-md-6 col-sm-8 col-xs-12">
-            {% if auto_submit %}<noscript>{% endif %}
-            {% for msg in CAS_INFO_RENDER %}
-              <div class="alert alert-{{msg.type}}{% if msg.discardable %} alert-dismissable{% endif %}">
-                {% if msg.discardable %}<button type="button" class="close" data-dismiss="alert" aria-hidden="true" id="info-{{msg.name}}">&#215;</button>{% endif %}
-                <p>{{msg.message}}</p>
-              </div>
-            {% endfor %}
-            {% if settings.CAS_NEW_VERSION_HTML_WARNING and upgrade_available %}
-              <div class="alert alert-info alert-dismissable">
-                <button type="button" class="close" data-dismiss="alert" aria-hidden="true" id="alert-version">&#215;</button>
-                <p>{% blocktrans %}A new version of the application is available. This instance runs {{VERSION}} and the last version is {{LAST_VERSION}}. Please consider upgrading.{% endblocktrans %}</p>
-              </div>
-            {% endif %}
-            {% block ante_messages %}{% endblock %}
-            {% for message in messages %}
-                <div {% spaceless %}
-                    {% if message.level == message_levels.DEBUG %}
-                        class="alert alert-warning"
-                    {% elif message.level == message_levels.INFO %}
-                        class="alert alert-info"
-                    {% elif message.level == message_levels.SUCCESS %}
-                        class="alert alert-success"
-                    {% elif message.level == message_levels.WARNING %}
-                        class="alert alert-warning"
-                    {% else %}
-                        class="alert alert-danger"
-                    {% endif %}
-                {% endspaceless %}>
-                    <p>{{message}}</p>
-                </div>
-            {% endfor %}
-            {% if auto_submit %}</noscript>{% endif %}
-            {% block content %}{% endblock %}
-            </div>
-            <div class="col-lg-3 col-md-3 col-sm-2 col-xs-0"></div>
-            </div>
-        </div> <!-- /container -->
-      </div>
-      <div style="clear: both;"></div>
-      {% if settings.CAS_SHOW_POWERED %}
-      <div id="footer">
-          <p><a class="text-muted" href="https://pypi.org/project/django-cas-server/">django-cas-server powered</a></p>
-      </div>
-      {% endif %}
-      <script src="{{settings.CAS_COMPONENT_URLS.jquery}}"></script>
-      <script src="{{settings.CAS_COMPONENT_URLS.bootstrap3_js}}"></script>
-      <script src="{% static "cas_server/functions.js" %}"></script>
-      <script type="text/javascript">
-{% if settings.CAS_NEW_VERSION_HTML_WARNING and upgrade_available %}
-discard_and_remember("#alert-version", "cas-alert-version", "{{LAST_VERSION}}");
-{% endif %}
-{% for msg in CAS_INFO_RENDER %}
-{% if msg.discardable %}
-discard_and_remember("#info-{{msg.name}}", "cas-info-{{msg.name}}", "{{msg.hash}}");
-{% endif %}
-{% endfor %}
-{% block javascript_inline %}{% endblock %}
-</script>
-      {% block javascript %}{% endblock %}
-    </body>
-</html>
-<!--
-Powered by django-cas-server version {{VERSION}}
-
-Pypi: https://pypi.org/project/django-cas-server/
-github: https://github.com/nitmir/django-cas-server
--->

note_kfet/templates/registration/signup.html

@@ -23,6 +23,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
             {% csrf_token %}
             {{ form|crispy }}
             {{ profile_form|crispy }}
+            {{ soge_form|crispy }}
             <button class="btn btn-success" type="submit">
                 {% trans "Sign up" %}
             </button>

note_kfet/urls.py

@@ -5,15 +5,14 @@ from django.conf import settings
 from django.conf.urls.static import static
 from django.urls import path, include
 from django.views.defaults import bad_request, permission_denied, page_not_found, server_error
-from django.views.generic import RedirectView
-
 from member.views import CustomLoginView
 
 from .admin import admin_site
+from .views import IndexView
 
 urlpatterns = [
     # Dev so redirect to something random
-    path('', RedirectView.as_view(pattern_name='note:transfer'), name='index'),
+    path('', IndexView.as_view(), name='index'),
 
     # Include project routers
     path('note/', include('note.urls')),
@@ -40,12 +39,11 @@ urlpatterns = [
 if settings.DEBUG:
     urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
 
-
-if "cas_server" in settings.INSTALLED_APPS:
-    urlpatterns += [
-        # Include CAS Server routers
-        path('cas/', include('cas_server.urls', namespace="cas_server")),
-    ]
+if "oauth2_provider" in settings.INSTALLED_APPS:
+    # OAuth2 provider
+    urlpatterns.append(
+        path('o/', include('oauth2_provider.urls', namespace='oauth2_provider'))
+    )
 
 if "debug_toolbar" in settings.INSTALLED_APPS:
     import debug_toolbar

note_kfet/views.py

@@ -0,0 +1,30 @@
+# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+from django.contrib.auth.mixins import LoginRequiredMixin
+from django.urls import reverse
+from django.views.generic import RedirectView
+from note.models import Alias
+from permission.backends import PermissionBackend
+
+
+class IndexView(LoginRequiredMixin, RedirectView):
+    def get_redirect_url(self, *args, **kwargs):
+        """
+        Calculate the index page according to the roles.
+        A normal user will have access to the transfer page.
+        A non-Kfet member will have access to its user detail page.
+        The user "note" will display the consumption interface.
+        """
+        user = self.request.user
+
+        # The account note will have the consumption page as default page
+        if not PermissionBackend.check_perm(user, "auth.view_user", user):
+            return reverse("note:consos")
+
+        # People that can see the alias BDE are Kfet members
+        if PermissionBackend.check_perm(user, "alias.view_alias", Alias.objects.get(name="BDE")):
+            return reverse("note:transfer")
+
+        # Non-Kfet members will don't see the transfer page, but their profile page
+        return reverse("member:user_detail", args=(user.pk,))

requirements.txt

@@ -1,17 +1,18 @@
 beautifulsoup4~=4.7.1
 Django~=2.2.15
 django-bootstrap-datepicker-plus~=3.0.5
-django-cas-server>=1.2.0
 django-colorfield~=0.3.2
 django-crispy-forms~=1.7.2
 django-extensions~=2.1.4
 django-filter~=2.1.0
 django-htcpcp-tea~=0.3.1
 django-mailer~=2.0.1
+django-oauth-toolkit~=1.3.3
 django-phonenumber-field~=5.0.0
 django-polymorphic~=2.0.3
 djangorestframework~=3.9.0
 django-rest-polymorphic~=0.1.9
 django-tables2~=2.3.1
+python-memcached~=1.59
 phonenumbers~=8.9.10
 Pillow>=5.4.1