Merge branch 'main' into 'wei'

# Conflicts:
#   locale/fr/LC_MESSAGES/django.po

apps/food/forms.py

@@ -145,7 +145,7 @@ class AddIngredientForms(forms.ModelForm):
             polymorphic_ctype__model="transformedfood",
             is_ready=False,
             end_of_life='',
-        ).filter(PermissionBackend.filter_queryset(get_current_request(), TransformedFood, "change")).exclude(pk=pk)
+        ).filter(PermissionBackend.filter_queryset(get_current_request(), Food, "change")).exclude(pk=pk)
 
     class Meta:
         model = TransformedFood

apps/food/templates/food/food_detail.html

@@ -12,18 +12,21 @@ SPDX-License-Identifier: GPL-3.0-or-later
   </h3>
   <div class="card-body">
     <ul>
+      {% if QR_code %}
+      <li> {{QR_code}} </li>
+      {% endif %}
       {% for field, value in fields %}
       <li> {{ field }} : {{ value }}</li>
       {% endfor %}
       {% if meals %}
-      <li> {% trans "Contained in" %} : 
+      <li> {% trans "Contained in" %} :
       {% for meal in meals %}
-      <a href="{% url "food:transformedfood_view" pk=meal.pk %}">{{ meal.name }}</a>{% if not forloop.last %},{% endif %} 
+      <a href="{% url "food:transformedfood_view" pk=meal.pk %}">{{ meal.name }}</a>{% if not forloop.last %},{% endif %}
       {% endfor %}
       </li>
       {% endif %}
       {% if foods %}
-      <li> {% trans "Contain" %} : 
+      <li> {% trans "Contain" %} :
       {% for food in foods %}
         <a href="{% url "food:food_view" pk=food.pk %}">{{ food.name }}</a>{% if not forloop.last %},{% endif %}
       {% endfor %}
@@ -31,23 +34,23 @@ SPDX-License-Identifier: GPL-3.0-or-later
       {% endif %}
     </ul>
       {% if update %}
-	<a class="btn btn-sm btn-secondary" href="{% url "food:food_update" pk=food.pk %}">
-	  {% trans "Update" %}
-	</a>
+        <a class="btn btn-sm btn-secondary" href="{% url "food:food_update" pk=food.pk %}">
+          {% trans "Update" %}
+        </a>
       {% endif %}
       {% if add_ingredient %}
-	<a class="btn btn-sm btn-primary" href="{% url "food:add_ingredient" pk=food.pk %}">
-	  {% trans "Add to a meal" %}
-	</a>
+        <a class="btn btn-sm btn-primary" href="{% url "food:add_ingredient" pk=food.pk %}">
+          {% trans "Add to a meal" %}
+        </a>
       {% endif %}
       {% if manage_ingredients %}
         <a class="btn btn-sm btn-secondary" href="{% url "food:manage_ingredients" pk=food.pk %}">
-	  {% trans "Manage ingredients" %}
-	</a>
+          {% trans "Manage ingredients" %}
+        </a>
       {% endif %}
-	<a class="btn btn-sm btn-primary" href="{% url "food:food_list" %}">
-	  {% trans "Return to the food list" %}
-	</a>
+        <a class="btn btn-sm btn-primary" href="{% url "food:food_list" %}">
+          {% trans "Return to the food list" %}
+        </a>
   </div>
 </div>
-{% endblock %}
+{% endblock %}

apps/food/templates/food/food_list.html

@@ -7,7 +7,52 @@ SPDX-License-Identifier: GPL-3.0-or-later
 {% load i18n %}
 
 {% block content %}
-{{ block.super }}
+<div class="card bg-light">
+  <h3 class="card-header text-center">
+      {{ title }}
+  </h3>
+  <div class="card-body">
+    <style>
+      input[type=number]::-webkit-inner-spin-button,
+      input[type=number]::-webkit-outer-spin-button {
+          -webkit-appearance: none;
+          margin: 0;
+      }
+      input[type=number] {
+          appearance: textfield;
+          padding: 6px;
+          border: 1px solid #ccc;
+          border-radius: 4px;
+          width: 100px;
+      }
+    </style>
+    <div class="d-flex align-items-center" style="max-width: 300px;">
+      <form method="get" action="{% url 'food:redirect_view' %}" class="d-flex w-100">
+        <input type="number" name="slug" placeholder="QR-code" required class="form-control form-control-sm" style="max-width: 120px;">
+        <button type="submit" class="btn btn-sm btn-primary">{% trans "View food" %}</button>
+      </form>
+    </div>
+  </div>
+  <div class="card-body">
+      <input id="searchbar" type="text" class="form-control"
+          placeholder="{% trans "Search by attribute such as name..." %}">
+  </div>
+
+  {% block extra_inside_card %}
+  {% endblock %}
+
+  <div id="dynamic-table">
+      {% if table.data %}
+      {% render_table table %}
+      {% else %}
+      <div class="card-body">
+          <div class="alert alert-warning">
+              {% trans "There is no results." %}
+          </div>
+      </div>
+      {% endif %}
+  </div>
+</div>
 <br>
 <div class="card bg-light mb-3">
   <h3 class="card-header text-center">
@@ -68,4 +113,20 @@ SPDX-License-Identifier: GPL-3.0-or-later
   {% endfor %}
   {% endif %}
 </div>
-{% endblock %}
+
+
+<script>
+  document.addEventListener('DOMContentLoaded', function() {
+      document.getElementById('goButton').addEventListener('click', function(event) {
+          event.preventDefault();
+          const slug = document.getElementById('slugInput').value;
+          if (slug && !isNaN(slug)) {
+              window.location.href = `/food/${slug}/`;
+          } else {
+              alert("Veuillez entrer un nombre valide.");
+          }
+      });
+  });
+  </script>
+
+{% endblock %}

apps/food/urls.py

@@ -18,4 +18,5 @@ urlpatterns = [
     path('detail/basic/<int:pk>', views.BasicFoodDetailView.as_view(), name='basicfood_view'),
     path('detail/transformed/<int:pk>', views.TransformedFoodDetailView.as_view(), name='transformedfood_view'),
     path('add/ingredient/<int:pk>', views.AddIngredientView.as_view(), name='add_ingredient'),
+    path('redirect/', views.QRCodeRedirectView.as_view(), name='redirect_view'),
 ]

apps/food/views.py

@@ -10,6 +10,7 @@ from django.db.models import Q
 from django.http import HttpResponseRedirect, Http404
 from django.views.generic import DetailView, UpdateView, CreateView
 from django.views.generic.list import ListView
+from django.views.generic.base import RedirectView
 from django.urls import reverse_lazy
 from django.utils import timezone
 from django.utils.translation import gettext_lazy as _
@@ -63,7 +64,8 @@ class FoodListView(ProtectQuerysetMixin, LoginRequiredMixin, MultiTableMixin, Li
             valid_regex = is_regex(pattern)
             suffix = '__iregex' if valid_regex else '__istartswith'
             prefix = '^' if valid_regex else ''
-            qs = qs.filter(Q(**{f'name{suffix}': prefix + pattern}))
+            qs = qs.filter(Q(**{f'name{suffix}': prefix + pattern})
+                           | Q(**{f'owner__name{suffix}': prefix + pattern}))
         else:
             qs = qs.none()
         search_table = qs.filter(PermissionBackend.filter_queryset(self.request, Food, 'view'))
@@ -453,6 +455,8 @@ class FoodDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
         context["fields"] = [(
             Food._meta.get_field(field).verbose_name.capitalize(),
             value) for field, value in fields.items()]
+        if self.object.QR_code.exists():
+            context["QR_code"] = self.object.QR_code.first()
         context["meals"] = self.object.transformed_ingredient_inv.all()
         context["update"] = PermissionBackend.check_perm(self.request, "food.change_food")
         context["add_ingredient"] = (self.object.end_of_life == '' and PermissionBackend.check_perm(self.request, "food.change_transformedfood"))
@@ -506,3 +510,14 @@ class TransformedFoodDetailView(FoodDetailView):
         if Food.objects.filter(pk=kwargs['pk']).count() == 1:
             kwargs['stop_redirect'] = (Food.objects.get(pk=kwargs['pk']).polymorphic_ctype.model == 'transformedfood')
         return super().get(*args, **kwargs)
+
+
+class QRCodeRedirectView(RedirectView):
+    """
+    Redirects to the QR code creation page from Food List
+    """
+    def get_redirect_url(self, *args, **kwargs):
+        slug = self.request.GET.get('slug')
+        if slug:
+            return reverse_lazy('food:qrcode_create', kwargs={'slug': slug})
+        return reverse_lazy('food:list')

apps/member/tests/test_login.py

@@ -44,7 +44,7 @@ class TemplateLoggedInTests(TestCase):
         self.assertRedirects(response, settings.LOGIN_REDIRECT_URL, 302, 302)
 
     def test_logout(self):
-        response = self.client.get(reverse("logout"))
+        response = self.client.post(reverse("logout"))
         self.assertEqual(response.status_code, 200)
 
     def test_admin_index(self):

apps/note/api/urls.py

@@ -13,7 +13,7 @@ def register_note_urls(router, path):
     router.register(path + '/note', NotePolymorphicViewSet)
     router.register(path + '/alias', AliasViewSet)
     router.register(path + '/trust', TrustViewSet)
-    router.register(path + '/consumer', ConsumerViewSet)
+    router.register(path + '/consumer', ConsumerViewSet, basename='alias2')
 
     router.register(path + '/transaction/category', TemplateCategoryViewSet)
     router.register(path + '/transaction/transaction', TransactionViewSet)

apps/permission/scopes.py

@@ -1,8 +1,10 @@
 # Copyright (C) 2018-2025 by BDE ENS Paris-Saclay
 # SPDX-License-Identifier: GPL-3.0-or-later
+
 from oauth2_provider.oauth2_validators import OAuth2Validator
 from oauth2_provider.scopes import BaseScopes
 from member.models import Club
+from note.models import Alias
 from note_kfet.middlewares import get_current_request
 
 from .backends import PermissionBackend
@@ -16,26 +18,58 @@ class PermissionScopes(BaseScopes):
     and can be useful to make queries through the API with limited privileges.
     """
 
-    def get_all_scopes(self):
-        return {f"{p.id}_{club.id}": f"{p.description} (club {club.name})"
-                for p in Permission.objects.all() for club in Club.objects.all()}
+    def get_all_scopes(self, **kwargs):
+        scopes = {}
+        if 'scopes' in kwargs:
+            for scope in kwargs['scopes']:
+                if scope == 'openid':
+                    scopes['openid'] = "OpenID Connect"
+                else:
+                    p = Permission.objects.get(id=scope.split('_')[0])
+                    club = Club.objects.get(id=scope.split('_')[1])
+                    scopes[scope] = f"{p.description} (club {club.name})"
+            return scopes
+
+        scopes = {f"{p.id}_{club.id}": f"{p.description} (club {club.name})"
+                  for p in Permission.objects.all() for club in Club.objects.all()}
+        scopes['openid'] = "OpenID Connect"
+        return scopes
 
     def get_available_scopes(self, application=None, request=None, *args, **kwargs):
         if not application:
             return []
-        return [f"{p.id}_{p.membership.club.id}"
-                for t in Permission.PERMISSION_TYPES
-                for p in PermissionBackend.get_raw_permissions(get_current_request(), t[0])]
+        scopes = [f"{p.id}_{p.membership.club.id}"
+                  for t in Permission.PERMISSION_TYPES
+                  for p in PermissionBackend.get_raw_permissions(get_current_request(), t[0])]
+        scopes.append('openid')
+        return scopes
 
     def get_default_scopes(self, application=None, request=None, *args, **kwargs):
         if not application:
             return []
-        return [f"{p.id}_{p.membership.club.id}"
-                for p in PermissionBackend.get_raw_permissions(get_current_request(), 'view')]
+        scopes = [f"{p.id}_{p.membership.club.id}"
+                  for p in PermissionBackend.get_raw_permissions(get_current_request(), 'view')]
+        scopes.append('openid')
+        return scopes
 
 
 class PermissionOAuth2Validator(OAuth2Validator):
-    oidc_claim_scope = None  # fix breaking change of django-oauth-toolkit 2.0.0
+    oidc_claim_scope = OAuth2Validator.oidc_claim_scope
+    oidc_claim_scope.update({"name": 'openid',
+                             "normalized_name": 'openid',
+                             "email": 'openid',
+                             })
+
+    def get_additional_claims(self, request):
+        return {
+            "name": request.user.username,
+            "normalized_name": Alias.normalize(request.user.username),
+            "email": request.user.email,
+        }
+
+    def get_discovery_claims(self, request):
+        claims = super().get_discovery_claims(self)
+        return claims + ["name", "normalized_name", "email"]
 
     def validate_scopes(self, client_id, scopes, client, request, *args, **kwargs):
         """
@@ -54,6 +88,8 @@ class PermissionOAuth2Validator(OAuth2Validator):
                 if scope in scopes:
                     valid_scopes.add(scope)
 
-        request.scopes = valid_scopes
+        if 'openid' in scopes:
+            valid_scopes.add('openid')
 
+        request.scopes = valid_scopes
         return valid_scopes

apps/permission/signals.py

@@ -13,12 +13,14 @@ EXCLUDED = [
     'cas_server.serviceticket',
     'cas_server.user',
     'cas_server.userattributes',
+    'constance.constance',
     'contenttypes.contenttype',
     'logs.changelog',
     'migrations.migration',
     'oauth2_provider.accesstoken',
     'oauth2_provider.grant',
     'oauth2_provider.refreshtoken',
+    'oauth2_provider.idtoken',
     'sessions.session',
 ]
 

apps/permission/views.py

@@ -164,14 +164,24 @@ class ScopesView(LoginRequiredMixin, TemplateView):
         from oauth2_provider.models import Application
         from .scopes import PermissionScopes
 
-        scopes = PermissionScopes()
+        oidc = False
         context["scopes"] = {}
-        all_scopes = scopes.get_all_scopes()
         for app in Application.objects.filter(user=self.request.user).all():
-            available_scopes = scopes.get_available_scopes(app)
+            available_scopes = PermissionScopes().get_available_scopes(app)
             context["scopes"][app] = OrderedDict()
-            items = [(k, v) for (k, v) in all_scopes.items() if k in available_scopes]
+            all_scopes = PermissionScopes().get_all_scopes(scopes=available_scopes)
+            scopes = {}
+            for scope in available_scopes:
+                scopes[scope] = all_scopes[scope]
+            # remove OIDC scope for sort
+            if 'openid' in scopes:
+                del scopes['openid']
+                oidc = True
+            items = [(k, v) for (k, v) in scopes.items()]
             items.sort(key=lambda x: (int(x[0].split("_")[1]), int(x[0].split("_")[0])))
+            # add oidc if necessary
+            if oidc:
+                items.append(('openid', PermissionScopes().get_all_scopes(scopes=['openid'])['openid']))
             for k, v in items:
                 context["scopes"][app][k] = v