From 67d1d9f7b72f11a58e947909ccc198284afe2c43 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Wed, 18 Sep 2019 14:26:42 +0200 Subject: [PATCH 001/119] Added permission app --- apps/member/backends.py | 33 +++++++++++ apps/member/models.py | 22 +++++++ apps/permission/__init__.py | 0 apps/permission/admin.py | 3 + apps/permission/apps.py | 5 ++ apps/permission/models.py | 112 ++++++++++++++++++++++++++++++++++++ apps/permission/tests.py | 3 + apps/permission/views.py | 3 + note_kfet/settings.py | 1 + 9 files changed, 182 insertions(+) create mode 100644 apps/member/backends.py create mode 100644 apps/permission/__init__.py create mode 100644 apps/permission/admin.py create mode 100644 apps/permission/apps.py create mode 100644 apps/permission/models.py create mode 100644 apps/permission/tests.py create mode 100644 apps/permission/views.py diff --git a/apps/member/backends.py b/apps/member/backends.py new file mode 100644 index 00000000..0b2edad8 --- /dev/null +++ b/apps/member/backends.py @@ -0,0 +1,33 @@ +from django.contribs.contenttype.models import ContentType +from member.models import Club, Membership, RolePermissions + + +class PermissionBackend(object): + supports_object_permissions = True + supports_anonymous_user = False + supports_inactive_user = False + + def authenticate(self, username, password): + return None + + def permissions(self, user, obj): + for membership in user.memberships.all(): + if not membership.valid() or membership.role is None: + continue + for permission in RolePermissions.objects.get(role=membership.role).permissions.objects.all(): + permission = permission.about(user=user, club=membership.club) + yield permission + + def has_perm(self, user_obj, perm, obj=None): + if obj is None: + return False + perm = perm.split('_') + perm_type = perm[1] + perm_field = perm[2] if len(perm) == 3 else None + return any(permission.applies(obj, perm_type, perm_field) for obj in self.permissions(user_obj, obj)) + + def get_all_permissions(self, user_obj, obj=None): + if obj is None: + return [] + else: + return list(self.permissions(user_obj, obj)) diff --git a/apps/member/models.py b/apps/member/models.py index 70f8ccf7..7eacdc60 100644 --- a/apps/member/models.py +++ b/apps/member/models.py @@ -2,6 +2,8 @@ # Copyright (C) 2018-2019 by BDE ENS Paris-Saclay # SPDX-License-Identifier: GPL-3.0-or-later +import datetime + from django.conf import settings from django.db import models from django.db.models.signals import post_save @@ -9,6 +11,7 @@ from django.dispatch import receiver from django.utils.translation import gettext_lazy as _ from django.urls import reverse + class Profile(models.Model): """ An user profile @@ -51,6 +54,7 @@ class Profile(models.Model): def get_absolute_url(self): return reverse('user_detail',args=(self.pk,)) + class Club(models.Model): """ A student club @@ -141,11 +145,29 @@ class Membership(models.Model): verbose_name=_('fee'), ) + def valid(self): + return self.date_start <= datetime.datetime.now() < self.date_end + class Meta: verbose_name = _('membership') verbose_name_plural = _('memberships') +class RolePermissions(models.Model): + """ + Permissions associated with a Role + """ + role = models.ForeignKey( + Role, + on_delete=models.PROTECT, + related_name='+', + verbose_name=_('role'), + ) + permissions = models.ManyToManyField( + 'permission.Permission' + ) + + # @receiver(post_save, sender=settings.AUTH_USER_MODEL) # def save_user_profile(instance, created, **_kwargs): # """ diff --git a/apps/permission/__init__.py b/apps/permission/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/apps/permission/admin.py b/apps/permission/admin.py new file mode 100644 index 00000000..8c38f3f3 --- /dev/null +++ b/apps/permission/admin.py @@ -0,0 +1,3 @@ +from django.contrib import admin + +# Register your models here. diff --git a/apps/permission/apps.py b/apps/permission/apps.py new file mode 100644 index 00000000..0f46ef08 --- /dev/null +++ b/apps/permission/apps.py @@ -0,0 +1,5 @@ +from django.apps import AppConfig + + +class PermissionConfig(AppConfig): + name = 'permission' diff --git a/apps/permission/models.py b/apps/permission/models.py new file mode 100644 index 00000000..b7cc8845 --- /dev/null +++ b/apps/permission/models.py @@ -0,0 +1,112 @@ +import json + +from django.contrib.contenttypes.models import ContentType +from django.core.exceptions import ValidationError +from django.db import models +from django.db.models import Q +from django.utils.translation import gettext_lazy as _ + + +class InstancedPermission: + + def __init__(self, model, permission, type, field): + self.model = model + self.permission = permission + self.type = type + self.field = field + + def applies(self, obj, permission_type, field_name=None): + if ContentType.objects.get_for_model(obj) != self.model: + # The permission does not apply to the object + return False + if self.permission is None: + if permission_type == self.type: + if field_name is not None: + return field_name == self.field + else: + return True + else: + return False + elif isinstance(self.permission, dict): + for field in self.permission: + value = getattr(obj, field) + if isinstance(value, models.Model): + value = value.pk + if value != self.permission[field]: + return False + elif isinstance(self.permission, type(obj.pk)): + if obj.pk != self.permission: + return False + if permission_type == self.type: + if field_name: + return field_name == self.field + else: + return True + return False + + def __repr__(self): + if self.field: + return _("Can {type} {model}.{field} in {permission}").format(type=self.type, model=self.model, field=self.field, permission=self.permission) + else: + return _("Can {type} {model} in {permission}").format(type=self.type, model=self.model, permission=self.permission) + + +class Permission(models.Model): + + PERMISSION_TYPES = [ + ('C', 'add'), + ('R', 'view'), + ('U', 'change'), + ('D', 'delete') + ] + + model = models.ForeignKey(ContentType, on_delete=models.CASCADE, related_name='+') + + permission = models.TextField() + + type = models.CharField(max_length=15, choices=PERMISSION_TYPES) + + field = models.CharField(max_length=255, blank=True) + + class Meta: + unique_together = ('model', 'permission', 'type', 'field') + + def clean(self): + if self.field and self.type not in {'R', 'U'}: + raise ValidationError(_("Specifying field applies only to view and change permission types.")) + + def save(self): + self.full_clean() + super().save() + + def _about(_self, _permission, **kwargs): + if _permission[0] == 'all': + return None + elif _permission[0] == 'pk': + if _permission[1] in kwargs: + return kwargs[_permission[1]].pk + else: + return None + elif _permission[0] == 'filter': + return {field: _self._about(_permission[1][field], **kwargs) for field in _permission[1]} + else: + return _permission + + def about(self, **kwargs): + permission = json.loads(self.permission) + permission = self._about(permission, **kwargs) + return InstancedPermission(self.model, permission, self.type, self.field) + + def __str__(self): + if self.field: + return _("Can {type} {model}.{field} in {permission}").format(type=self.type, model=self.model, field=self.field, permission=self.permission) + else: + return _("Can {type} {model} in {permission}").format(type=self.type, model=self.model, permission=self.permission) + + +class UserPermission(models.Model): + + user = models.ForeignKey('auth.User', on_delete=models.CASCADE) + + permission = models.ForeignKey(Permission, on_delete=models.CASCADE) + diff --git a/apps/permission/tests.py b/apps/permission/tests.py new file mode 100644 index 00000000..7ce503c2 --- /dev/null +++ b/apps/permission/tests.py @@ -0,0 +1,3 @@ +from django.test import TestCase + +# Create your tests here. diff --git a/apps/permission/views.py b/apps/permission/views.py new file mode 100644 index 00000000..91ea44a2 --- /dev/null +++ b/apps/permission/views.py @@ -0,0 +1,3 @@ +from django.shortcuts import render + +# Create your views here. diff --git a/note_kfet/settings.py b/note_kfet/settings.py index cfe09f7b..3cd3b717 100644 --- a/note_kfet/settings.py +++ b/note_kfet/settings.py @@ -56,6 +56,7 @@ INSTALLED_APPS = [ 'activity', 'member', 'note', + 'permission' ] MIDDLEWARE = [ From 2a4ab0975353a3c9bb4ba82149c6768cff3c06c1 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Wed, 18 Sep 2019 16:39:37 +0200 Subject: [PATCH 002/119] [permission] Use full names for permission types --- apps/permission/models.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/apps/permission/models.py b/apps/permission/models.py index b7cc8845..73000cbd 100644 --- a/apps/permission/models.py +++ b/apps/permission/models.py @@ -54,10 +54,10 @@ class InstancedPermission: class Permission(models.Model): PERMISSION_TYPES = [ - ('C', 'add'), - ('R', 'view'), - ('U', 'change'), - ('D', 'delete') + ('add', 'add'), + ('view', 'view'), + ('change', 'change'), + ('delete', 'delete') ] model = models.ForeignKey(ContentType, on_delete=models.CASCADE, related_name='+') @@ -72,7 +72,7 @@ class Permission(models.Model): unique_together = ('model', 'permission', 'type', 'field') def clean(self): - if self.field and self.type not in {'R', 'U'}: + if self.field and self.type not in {'view', 'change'}: raise ValidationError(_("Specifying field applies only to view and change permission types.")) def save(self): From d826dc9d2076fcc032eafaf9cbe80f38a5c8f2f1 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Wed, 18 Sep 2019 16:40:21 +0200 Subject: [PATCH 003/119] [permission] Permission admin view --- apps/permission/admin.py | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/apps/permission/admin.py b/apps/permission/admin.py index 8c38f3f3..4594468d 100644 --- a/apps/permission/admin.py +++ b/apps/permission/admin.py @@ -1,3 +1,11 @@ from django.contrib import admin -# Register your models here. +from .models import Permission + + +@admin.register(Permission) +class PermissionAdmin(admin.ModelAdmin): + """ + Admin customisation for Permission + """ + list_display = ('type', 'model', 'field', 'permission') From 1ac63cbed1981005e4bf2b6a0518177b41b81598 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Wed, 18 Sep 2019 16:41:01 +0200 Subject: [PATCH 004/119] [member] Handle unlimited memberships --- apps/member/models.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/apps/member/models.py b/apps/member/models.py index 2e84dc75..d1c3dea2 100644 --- a/apps/member/models.py +++ b/apps/member/models.py @@ -146,7 +146,10 @@ class Membership(models.Model): ) def valid(self): - return self.date_start <= datetime.datetime.now() < self.date_end + if self.date_end is not None: + return self.date_start <= datetime.datetime.now() < self.date_end + else: + return self.date_start <= datetime.datetime.now() class Meta: verbose_name = _('membership') From 3766a1905df1abff26affb74cae5ecd41e194446 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Wed, 18 Sep 2019 16:44:04 +0200 Subject: [PATCH 005/119] [permission] track migrations directory --- apps/permission/migrations/__init__.py | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 apps/permission/migrations/__init__.py diff --git a/apps/permission/migrations/__init__.py b/apps/permission/migrations/__init__.py new file mode 100644 index 00000000..e69de29b From 94c3a994470efc9f8d58b428a2ccda5caca0b5b9 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Sun, 9 Feb 2020 17:35:15 +0100 Subject: [PATCH 006/119] [permission] Rewrite with comments --- apps/permission/models.py | 87 +++++++++++++++++++++++++-------------- 1 file changed, 55 insertions(+), 32 deletions(-) diff --git a/apps/permission/models.py b/apps/permission/models.py index 73000cbd..b75496ab 100644 --- a/apps/permission/models.py +++ b/apps/permission/models.py @@ -1,4 +1,6 @@ +import functools import json +import operator from django.contrib.contenttypes.models import ContentType from django.core.exceptions import ValidationError @@ -9,15 +11,19 @@ from django.utils.translation import gettext_lazy as _ class InstancedPermission: - def __init__(self, model, permission, type, field): + def __init__(self, model, query, type, field): self.model = model - self.permission = permission + self.query = query self.type = type self.field = field def applies(self, obj, permission_type, field_name=None): + """ + Returns True if the permission applies to + the field `field_name` object `obj` + """ if ContentType.objects.get_for_model(obj) != self.model: - # The permission does not apply to the object + # The permission does not apply to the model return False if self.permission is None: if permission_type == self.type: @@ -27,22 +33,10 @@ class InstancedPermission: return True else: return False - elif isinstance(self.permission, dict): - for field in self.permission: - value = getattr(obj, field) - if isinstance(value, models.Model): - value = value.pk - if value != self.permission[field]: - return False - elif isinstance(self.permission, type(obj.pk)): - if obj.pk != self.permission: - return False - if permission_type == self.type: - if field_name: - return field_name == self.field - else: - return True - return False + elif obj in self.model.objects.get(self.query): + return True + else: + return False def __repr__(self): if self.field: @@ -62,11 +56,24 @@ class Permission(models.Model): model = models.ForeignKey(ContentType, on_delete=models.CASCADE, related_name='+') + # A json encoded Q object with the following grammar + # permission -> [] | {} (the empty permission representing all objects) + # permission -> ['AND', permission, …] + # -> ['OR', permission, …] + # -> ['NOT', permission] + # permission -> {key: value, …} + # key -> string + # value -> int | string | bool | null + # -> [parameter] + # + # Examples: + # Q(is_admin=True) := {'is_admin': ['TYPE', 'bool', 'True']} + # ~Q(is_admin=True) := ['NOT', {'is_admin': ['TYPE', 'bool', 'True']}] permission = models.TextField() - type = models.CharField(max_length=15, choices=PERMISSION_TYPES) + type = models.CharField(max_length=16, choices=PERMISSION_TYPES) - field = models.CharField(max_length=255, blank=True) + field = models.CharField(max_length=256, blank=True) class Meta: unique_together = ('model', 'permission', 'type', 'field') @@ -80,22 +87,38 @@ class Permission(models.Model): super().save() def _about(_self, _permission, **kwargs): - if _permission[0] == 'all': + self = _self + permission = _permission + if len(permission) == 0: + # The permission is either [] or {} and + # applies to all objects of the model + # to represent this we return None return None - elif _permission[0] == 'pk': - if _permission[1] in kwargs: - return kwargs[_permission[1]].pk - else: - return None - elif _permission[0] == 'filter': - return {field: _self._about(_permission[1][field], **kwargs) for field in _permission[1]} + if isinstance(permission, list): + if permission[0] == 'AND': + return functools.reduce(operator.and_, [self._about(permission, **kwargs) for permission in permission[1:]]) + elif permission[0] == 'OR': + return functools.reduce(operator.or_, [self._about(permission, **kwargs) for permission in permission[1:]]) + elif permission[0] == 'NOT': + return ~self._about(permission[1], **kwargs) + elif isinstance(permission, dict): + q_kwargs = {} + for key in permission: + value = permission[key] + if isinstance(value, list): + # It is a parameter we query its primary key + q_kwargs[key] = kwargs[value[0]].pk + else: + q_kwargs[key] = value + return Q(**q_kwargs) else: - return _permission + # TODO: find a better way to crash here + raise Exception("Permission {} is wrong".format(self.permission)) def about(self, **kwargs): permission = json.loads(self.permission) - permission = self._about(permission, **kwargs) - return InstancedPermission(self.model, permission, self.type, self.field) + query = self._about(permission, **kwargs) + return InstancedPermission(self.model, query, self.type, self.field) def __str__(self): if self.field: From 72955ae2d6e58901775a43707716e2141dd23eb7 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Sun, 9 Feb 2020 18:14:36 +0100 Subject: [PATCH 007/119] [permission] Renamed Permission.permission and added description field --- apps/permission/models.py | 68 +++++++++++++++++++++------------------ 1 file changed, 37 insertions(+), 31 deletions(-) diff --git a/apps/permission/models.py b/apps/permission/models.py index b75496ab..5c016806 100644 --- a/apps/permission/models.py +++ b/apps/permission/models.py @@ -57,26 +57,28 @@ class Permission(models.Model): model = models.ForeignKey(ContentType, on_delete=models.CASCADE, related_name='+') # A json encoded Q object with the following grammar - # permission -> [] | {} (the empty permission representing all objects) - # permission -> ['AND', permission, …] - # -> ['OR', permission, …] - # -> ['NOT', permission] - # permission -> {key: value, …} - # key -> string - # value -> int | string | bool | null - # -> [parameter] + # query -> [] | {} (the empty query representing all objects) + # query -> ['AND', query, …] + # -> ['OR', query, …] + # -> ['NOT', query] + # query -> {key: value, …} + # key -> string + # value -> int | string | bool | null + # -> [parameter] # # Examples: # Q(is_admin=True) := {'is_admin': ['TYPE', 'bool', 'True']} # ~Q(is_admin=True) := ['NOT', {'is_admin': ['TYPE', 'bool', 'True']}] - permission = models.TextField() + query = models.TextField() - type = models.CharField(max_length=16, choices=PERMISSION_TYPES) + type = models.CharField(max_length=15, choices=PERMISSION_TYPES) - field = models.CharField(max_length=256, blank=True) + field = models.CharField(max_length=255, blank=True) + + description = models.CharField(max_length=255, blank=True) class Meta: - unique_together = ('model', 'permission', 'type', 'field') + unique_together = ('model', 'query', 'type', 'field') def clean(self): if self.field and self.type not in {'view', 'change'}: @@ -86,25 +88,25 @@ class Permission(models.Model): self.full_clean() super().save() - def _about(_self, _permission, **kwargs): + def _about(_self, _query, **kwargs): self = _self - permission = _permission - if len(permission) == 0: - # The permission is either [] or {} and + query = _query + if len(query) == 0: + # The query is either [] or {} and # applies to all objects of the model # to represent this we return None return None - if isinstance(permission, list): - if permission[0] == 'AND': - return functools.reduce(operator.and_, [self._about(permission, **kwargs) for permission in permission[1:]]) - elif permission[0] == 'OR': - return functools.reduce(operator.or_, [self._about(permission, **kwargs) for permission in permission[1:]]) - elif permission[0] == 'NOT': - return ~self._about(permission[1], **kwargs) - elif isinstance(permission, dict): + if isinstance(query, list): + if query[0] == 'AND': + return functools.reduce(operator.and_, [self._about(query, **kwargs) for query in query[1:]]) + elif query[0] == 'OR': + return functools.reduce(operator.or_, [self._about(query, **kwargs) for query in query[1:]]) + elif query[0] == 'NOT': + return ~self._about(query[1], **kwargs) + elif isinstance(query, dict): q_kwargs = {} - for key in permission: - value = permission[key] + for key in query: + value = query[key] if isinstance(value, list): # It is a parameter we query its primary key q_kwargs[key] = kwargs[value[0]].pk @@ -113,18 +115,22 @@ class Permission(models.Model): return Q(**q_kwargs) else: # TODO: find a better way to crash here - raise Exception("Permission {} is wrong".format(self.permission)) + raise Exception("query {} is wrong".format(self.query)) def about(self, **kwargs): - permission = json.loads(self.permission) - query = self._about(permission, **kwargs) + """ + Return an InstancedPermission with the parameters + replaced by their values and the query interpreted + """ + query = json.loads(self.query) + query = self._about(query, **kwargs) return InstancedPermission(self.model, query, self.type, self.field) def __str__(self): if self.field: - return _("Can {type} {model}.{field} in {permission}").format(type=self.type, model=self.model, field=self.field, permission=self.permission) + return _("Can {type} {model}.{field} in {query}").format(type=self.type, model=self.model, field=self.field, query=self.query) else: - return _("Can {type} {model} in {permission}").format(type=self.type, model=self.model, permission=self.permission) + return _("Can {type} {model} in {query}").format(type=self.type, model=self.model, query=self.query) class UserPermission(models.Model): From 2b49effebbf3e09bc0cfb2bd64a7a8f56cebc309 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Sun, 9 Feb 2020 18:30:37 +0100 Subject: [PATCH 008/119] [permission] Update admin --- apps/permission/admin.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/permission/admin.py b/apps/permission/admin.py index 4594468d..e93de0c5 100644 --- a/apps/permission/admin.py +++ b/apps/permission/admin.py @@ -8,4 +8,4 @@ class PermissionAdmin(admin.ModelAdmin): """ Admin customisation for Permission """ - list_display = ('type', 'model', 'field', 'permission') + list_display = ('type', 'model', 'field', 'description') From 982a5ae0099eca14d58dcb2cb0f9d50d88c10934 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Thu, 13 Feb 2020 15:59:19 +0100 Subject: [PATCH 009/119] [permission] Add F object support --- apps/permission/models.py | 46 ++++++++++++++++++++++++++++++++------- 1 file changed, 38 insertions(+), 8 deletions(-) diff --git a/apps/permission/models.py b/apps/permission/models.py index 5c016806..2ca17e4c 100644 --- a/apps/permission/models.py +++ b/apps/permission/models.py @@ -5,7 +5,7 @@ import operator from django.contrib.contenttypes.models import ContentType from django.core.exceptions import ValidationError from django.db import models -from django.db.models import Q +from django.db.models import F, Q from django.utils.translation import gettext_lazy as _ @@ -58,13 +58,20 @@ class Permission(models.Model): # A json encoded Q object with the following grammar # query -> [] | {} (the empty query representing all objects) - # query -> ['AND', query, …] - # -> ['OR', query, …] - # -> ['NOT', query] - # query -> {key: value, …} - # key -> string - # value -> int | string | bool | null - # -> [parameter] + # query -> ['AND', query, …] AND multiple queries + # | ['OR', query, …] OR multiple queries + # | ['NOT', query] Opposite of query + # query -> {key: value, …} A list of fields and values of a Q object + # key -> string A field name + # value -> int | string | bool | null Literal values + # | [parameter] A parameter + # | {'F': oper} An F object + # oper -> [string] A parameter + # | ['ADD', oper, …] Sum multiple F objects or literal + # | ['SUB', oper, oper] Substract two F objects or literal + # | ['MUL', oper, …] Multiply F objects or literals + # | int | string | bool | null Literal values + # | ['F', string] A field # # Examples: # Q(is_admin=True) := {'is_admin': ['TYPE', 'bool', 'True']} @@ -88,6 +95,26 @@ class Permission(models.Model): self.full_clean() super().save() + @staticmethod + def compute_f(_oper, **kwargs): + oper = _oper + if isinstance(oper, list): + if len(oper) == 1: + return kwargs[oper[0]].pk + elif len(oper) >= 2: + if oper[0] == 'ADD': + return functools.reduce(operator.add, [compute_f(oper, **kwargs) for oper in oper[1:]]) + elif oper[0] == 'SUB': + return compute_f(oper[1], **kwargs) - compute_f(oper[2], **kwargs) + elif oper[0] == 'MUL': + return functools.reduce(operator.mul, [compute_f(oper, **kwargs) for oper in oper[1:]]) + elif oper[0] == 'F': + return F(oper[1]) + else: + return oper + # TODO: find a better way to crash here + raise Exception("F is wrong") + def _about(_self, _query, **kwargs): self = _self query = _query @@ -110,6 +137,9 @@ class Permission(models.Model): if isinstance(value, list): # It is a parameter we query its primary key q_kwargs[key] = kwargs[value[0]].pk + elif isinstance(value, dict): + # It is an F object + q_kwargs[key] = compute_f(query['F'], **kwargs) else: q_kwargs[key] = value return Q(**q_kwargs) From 8a9ad0a6e50ef24c3cc2c1519c2be0f0d955e19c Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Sat, 7 Mar 2020 09:30:22 +0100 Subject: [PATCH 010/119] [permission] Handle add rights --- apps/permission/models.py | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/apps/permission/models.py b/apps/permission/models.py index 2ca17e4c..2fcb23cb 100644 --- a/apps/permission/models.py +++ b/apps/permission/models.py @@ -22,6 +22,9 @@ class InstancedPermission: Returns True if the permission applies to the field `field_name` object `obj` """ + if self.type == 'add': + if permission_type == self.type: + return self.query(obj) if ContentType.objects.get_for_model(obj) != self.model: # The permission does not apply to the model return False @@ -118,6 +121,9 @@ class Permission(models.Model): def _about(_self, _query, **kwargs): self = _self query = _query + if self.type == 'add'): + # Handle add permission differently + return self._about_add(query, **kwargs) if len(query) == 0: # The query is either [] or {} and # applies to all objects of the model @@ -147,6 +153,38 @@ class Permission(models.Model): # TODO: find a better way to crash here raise Exception("query {} is wrong".format(self.query)) + def _about_add(_self, _query, **kwargs): + self = _self + query = _query + if len(query) == 0: + return lambda _: True + if isinstance(query, list): + if query[0] == 'AND': + return lambda obj: functools.reduce(operator.and_, [self._about_add(query, **kwargs)(obj) for query in query[1:]]) + elif query[0] == 'OR': + return lambda obj: functools.reduce(operator.or_, [self._about_add(query, **kwargs)(obj) for query in query[1:]]) + elif query[0] == 'NOT': + return lambda obj: not self._about_add(query[1], **kwargs)(obj) + elif isinstance(query, dict): + q_kwargs = {} + for key in query: + value = query[key] + if isinstance(value, list): + # It is a parameter we query its primary key + q_kwargs[key] = kwargs[value[0]].pk + elif isinstance(value, dict): + # It is an F object + q_kwargs[key] = compute_f(query['F'], **kwargs) + else: + q_kwargs[key] = value + def func(obj): + nonlocal q_kwargs + for arg in q_kwargs: + if getattr(obj, arg) != q_kwargs(arg): + return False + return True + return func + def about(self, **kwargs): """ Return an InstancedPermission with the parameters From 5df1f42f435a7ff0c4e895d06c7de6e45a3baeb0 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Sat, 7 Mar 2020 10:48:38 +0100 Subject: [PATCH 011/119] [permission] Syntax error --- apps/permission/models.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/permission/models.py b/apps/permission/models.py index 2fcb23cb..000fe69f 100644 --- a/apps/permission/models.py +++ b/apps/permission/models.py @@ -121,7 +121,7 @@ class Permission(models.Model): def _about(_self, _query, **kwargs): self = _self query = _query - if self.type == 'add'): + if self.type == 'add': # Handle add permission differently return self._about_add(query, **kwargs) if len(query) == 0: From 9d61e217e9994eb3d60d0c53c65af0f294601f84 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Sat, 7 Mar 2020 11:21:19 +0100 Subject: [PATCH 012/119] [permission] Only split permission up to 3 --- apps/member/backends.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/member/backends.py b/apps/member/backends.py index 0b2edad8..9ef9706f 100644 --- a/apps/member/backends.py +++ b/apps/member/backends.py @@ -21,7 +21,7 @@ class PermissionBackend(object): def has_perm(self, user_obj, perm, obj=None): if obj is None: return False - perm = perm.split('_') + perm = perm.split('_', 3) perm_type = perm[1] perm_field = perm[2] if len(perm) == 3 else None return any(permission.applies(obj, perm_type, perm_field) for obj in self.permissions(user_obj, obj)) From 30ce17b644c238183f5e0904c1df621dc209d323 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Sat, 7 Mar 2020 13:12:17 +0100 Subject: [PATCH 013/119] Update a lot of things --- apps/logs/signals.py | 4 +++ apps/member/admin.py | 3 +- apps/member/backends.py | 36 +++++++++++--------- apps/member/models.py | 4 +-- apps/permission/admin.py | 3 ++ apps/permission/apps.py | 3 ++ apps/permission/models.py | 70 ++++++++++++++++++-------------------- apps/permission/tests.py | 3 ++ apps/permission/views.py | 3 ++ note_kfet/settings/base.py | 7 ++-- requirements.txt | 1 - 11 files changed, 75 insertions(+), 62 deletions(-) diff --git a/apps/logs/signals.py b/apps/logs/signals.py index 55e0f041..13194e5b 100644 --- a/apps/logs/signals.py +++ b/apps/logs/signals.py @@ -78,6 +78,10 @@ def save_object(sender, instance, **kwargs): user, ip = get_user_and_ip(sender) + from django.contrib.auth.models import AnonymousUser + if isinstance(user, AnonymousUser): + user = None + if user is not None and instance._meta.label_lower == "auth.user" and previous: # Don't save last login modifications if instance.last_login != previous.last_login: diff --git a/apps/member/admin.py b/apps/member/admin.py index fb107377..70b00459 100644 --- a/apps/member/admin.py +++ b/apps/member/admin.py @@ -6,7 +6,7 @@ from django.contrib.auth.admin import UserAdmin from django.contrib.auth.models import User from .forms import ProfileForm -from .models import Club, Membership, Profile, Role +from .models import Club, Membership, Profile, Role, RolePermissions class ProfileInline(admin.StackedInline): @@ -40,3 +40,4 @@ admin.site.register(User, CustomUserAdmin) admin.site.register(Club) admin.site.register(Membership) admin.site.register(Role) +admin.site.register(RolePermissions) diff --git a/apps/member/backends.py b/apps/member/backends.py index 9ef9706f..db227cdb 100644 --- a/apps/member/backends.py +++ b/apps/member/backends.py @@ -1,33 +1,37 @@ -from django.contribs.contenttype.models import ContentType +# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay +# SPDX-License-Identifier: GPL-3.0-or-later + from member.models import Club, Membership, RolePermissions +from django.contrib.auth.backends import ModelBackend -class PermissionBackend(object): +class PermissionBackend(ModelBackend): supports_object_permissions = True supports_anonymous_user = False supports_inactive_user = False - def authenticate(self, username, password): - return None - - def permissions(self, user, obj): - for membership in user.memberships.all(): - if not membership.valid() or membership.role is None: + def permissions(self, user): + for membership in Membership.objects.filter(user=user).all(): + if not membership.valid() or membership.roles is None: continue - for permission in RolePermissions.objects.get(role=membership.role).permissions.objects.all(): - permission = permission.about(user=user, club=membership.club) - yield permission + for role_permissions in RolePermissions.objects.filter(role=membership.roles).all(): + for permission in role_permissions.permissions.all(): + permission = permission.about(user=user, club=membership.club) + yield permission def has_perm(self, user_obj, perm, obj=None): + if user_obj.is_superuser: + return True + if obj is None: return False perm = perm.split('_', 3) perm_type = perm[1] perm_field = perm[2] if len(perm) == 3 else None - return any(permission.applies(obj, perm_type, perm_field) for obj in self.permissions(user_obj, obj)) + return any(permission.applies(obj, perm_type, perm_field) for permission in self.permissions(user_obj)) + + def has_module_perms(self, user_obj, app_label): + return False def get_all_permissions(self, user_obj, obj=None): - if obj is None: - return [] - else: - return list(self.permissions(user_obj, obj)) + return list(self.permissions(user_obj)) diff --git a/apps/member/models.py b/apps/member/models.py index c90ab15c..1ca82af0 100644 --- a/apps/member/models.py +++ b/apps/member/models.py @@ -154,9 +154,9 @@ class Membership(models.Model): def valid(self): if self.date_end is not None: - return self.date_start <= datetime.datetime.now() < self.date_end + return self.date_start.toordinal() <= datetime.datetime.now().toordinal() < self.date_end.toordinal() else: - return self.date_start <= datetime.datetime.now() + return self.date_start.toordinal() <= datetime.datetime.now().toordinal() class Meta: verbose_name = _('membership') diff --git a/apps/permission/admin.py b/apps/permission/admin.py index e93de0c5..f7a9b4b5 100644 --- a/apps/permission/admin.py +++ b/apps/permission/admin.py @@ -1,3 +1,6 @@ +# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay +# SPDX-License-Identifier: GPL-3.0-or-lateré + from django.contrib import admin from .models import Permission diff --git a/apps/permission/apps.py b/apps/permission/apps.py index 0f46ef08..c9c912a5 100644 --- a/apps/permission/apps.py +++ b/apps/permission/apps.py @@ -1,3 +1,6 @@ +# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay +# SPDX-License-Identifier: GPL-3.0-or-later + from django.apps import AppConfig diff --git a/apps/permission/models.py b/apps/permission/models.py index 000fe69f..9584f59f 100644 --- a/apps/permission/models.py +++ b/apps/permission/models.py @@ -1,3 +1,6 @@ +# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay +# SPDX-License-Identifier: GPL-3.0-or-later + import functools import json import operator @@ -24,28 +27,25 @@ class InstancedPermission: """ if self.type == 'add': if permission_type == self.type: - return self.query(obj) + return obj in self.model.modelclass().objects.get(self.query) if ContentType.objects.get_for_model(obj) != self.model: # The permission does not apply to the model return False - if self.permission is None: - if permission_type == self.type: - if field_name is not None: - return field_name == self.field - else: - return True - else: + if permission_type == self.type: + if field_name and field_name != self.field: return False - elif obj in self.model.objects.get(self.query): - return True + return obj in self.model.model_class().objects.filter(self.query).all() else: return False def __repr__(self): if self.field: - return _("Can {type} {model}.{field} in {permission}").format(type=self.type, model=self.model, field=self.field, permission=self.permission) + return _("Can {type} {model}.{field} in {query}").format(type=self.type, model=self.model, field=self.field, query=self.query) else: - return _("Can {type} {model} in {permission}").format(type=self.type, model=self.model, permission=self.permission) + return _("Can {type} {model} in {query}").format(type=self.type, model=self.model, query=self.query) + + def __str__(self): + return self.__repr__() class Permission(models.Model): @@ -61,24 +61,24 @@ class Permission(models.Model): # A json encoded Q object with the following grammar # query -> [] | {} (the empty query representing all objects) - # query -> ['AND', query, …] AND multiple queries - # | ['OR', query, …] OR multiple queries - # | ['NOT', query] Opposite of query + # query -> ["AND", query, …] AND multiple queries + # | ["OR", query, …] OR multiple queries + # | ["NOT", query] Opposite of query # query -> {key: value, …} A list of fields and values of a Q object # key -> string A field name # value -> int | string | bool | null Literal values # | [parameter] A parameter - # | {'F': oper} An F object + # | {"F": oper} An F object # oper -> [string] A parameter - # | ['ADD', oper, …] Sum multiple F objects or literal - # | ['SUB', oper, oper] Substract two F objects or literal - # | ['MUL', oper, …] Multiply F objects or literals + # | ["ADD", oper, …] Sum multiple F objects or literal + # | ["SUB", oper, oper] Substract two F objects or literal + # | ["MUL", oper, …] Multiply F objects or literals # | int | string | bool | null Literal values - # | ['F', string] A field + # | ["F", string] A field # # Examples: - # Q(is_admin=True) := {'is_admin': ['TYPE', 'bool', 'True']} - # ~Q(is_admin=True) := ['NOT', {'is_admin': ['TYPE', 'bool', 'True']}] + # Q(is_superuser=True) := {"is_superuser": true} + # ~Q(is_superuser=True) := ["NOT", {"is_superuser": true}] query = models.TextField() type = models.CharField(max_length=15, choices=PERMISSION_TYPES) @@ -94,23 +94,22 @@ class Permission(models.Model): if self.field and self.type not in {'view', 'change'}: raise ValidationError(_("Specifying field applies only to view and change permission types.")) - def save(self): + def save(self, **kwargs): self.full_clean() super().save() @staticmethod - def compute_f(_oper, **kwargs): - oper = _oper + def compute_f(oper, **kwargs): if isinstance(oper, list): if len(oper) == 1: return kwargs[oper[0]].pk elif len(oper) >= 2: if oper[0] == 'ADD': - return functools.reduce(operator.add, [compute_f(oper, **kwargs) for oper in oper[1:]]) + return functools.reduce(operator.add, [Permission.compute_f(oper, **kwargs) for oper in oper[1:]]) elif oper[0] == 'SUB': - return compute_f(oper[1], **kwargs) - compute_f(oper[2], **kwargs) + return Permission.compute_f(oper[1], **kwargs) - Permission.compute_f(oper[2], **kwargs) elif oper[0] == 'MUL': - return functools.reduce(operator.mul, [compute_f(oper, **kwargs) for oper in oper[1:]]) + return functools.reduce(operator.mul, [Permission.compute_f(oper, **kwargs) for oper in oper[1:]]) elif oper[0] == 'F': return F(oper[1]) else: @@ -118,9 +117,7 @@ class Permission(models.Model): # TODO: find a better way to crash here raise Exception("F is wrong") - def _about(_self, _query, **kwargs): - self = _self - query = _query + def _about(self, query, **kwargs): if self.type == 'add': # Handle add permission differently return self._about_add(query, **kwargs) @@ -145,7 +142,7 @@ class Permission(models.Model): q_kwargs[key] = kwargs[value[0]].pk elif isinstance(value, dict): # It is an F object - q_kwargs[key] = compute_f(query['F'], **kwargs) + q_kwargs[key] = Permission.compute_f(query['F'], **kwargs) else: q_kwargs[key] = value return Q(**q_kwargs) @@ -153,16 +150,15 @@ class Permission(models.Model): # TODO: find a better way to crash here raise Exception("query {} is wrong".format(self.query)) - def _about_add(_self, _query, **kwargs): - self = _self + def _about_add(self, _query, **kwargs): query = _query if len(query) == 0: return lambda _: True if isinstance(query, list): if query[0] == 'AND': - return lambda obj: functools.reduce(operator.and_, [self._about_add(query, **kwargs)(obj) for query in query[1:]]) + return lambda obj: functools.reduce(operator.and_, [self._about_add(q, **kwargs)(obj) for q in query[1:]]) elif query[0] == 'OR': - return lambda obj: functools.reduce(operator.or_, [self._about_add(query, **kwargs)(obj) for query in query[1:]]) + return lambda obj: functools.reduce(operator.or_, [self._about_add(q, **kwargs)(obj) for q in query[1:]]) elif query[0] == 'NOT': return lambda obj: not self._about_add(query[1], **kwargs)(obj) elif isinstance(query, dict): @@ -174,7 +170,7 @@ class Permission(models.Model): q_kwargs[key] = kwargs[value[0]].pk elif isinstance(value, dict): # It is an F object - q_kwargs[key] = compute_f(query['F'], **kwargs) + q_kwargs[key] = Permission.compute_f(query['F'], **kwargs) else: q_kwargs[key] = value def func(obj): diff --git a/apps/permission/tests.py b/apps/permission/tests.py index 7ce503c2..b5d5752e 100644 --- a/apps/permission/tests.py +++ b/apps/permission/tests.py @@ -1,3 +1,6 @@ +# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay +# SPDX-License-Identifier: GPL-3.0-or-later + from django.test import TestCase # Create your tests here. diff --git a/apps/permission/views.py b/apps/permission/views.py index 91ea44a2..8d81fd33 100644 --- a/apps/permission/views.py +++ b/apps/permission/views.py @@ -1,3 +1,6 @@ +# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay +# SPDX-License-Identifier: GPL-3.0-or-later + from django.shortcuts import render # Create your views here. diff --git a/note_kfet/settings/base.py b/note_kfet/settings/base.py index 63b7ff24..20937fac 100644 --- a/note_kfet/settings/base.py +++ b/note_kfet/settings/base.py @@ -37,7 +37,6 @@ INSTALLED_APPS = [ # External apps 'polymorphic', - 'guardian', 'reversion', 'crispy_forms', 'django_tables2', @@ -134,8 +133,8 @@ PASSWORD_HASHERS = [ # Django Guardian object permissions AUTHENTICATION_BACKENDS = ( - 'django.contrib.auth.backends.ModelBackend', # this is default - 'guardian.backends.ObjectPermissionBackend', + #'django.contrib.auth.backends.ModelBackend', # this is default + 'member.backends.PermissionBackend', 'cas.backends.CASBackend', ) @@ -153,8 +152,6 @@ REST_FRAMEWORK = { ANONYMOUS_USER_NAME = None # Disable guardian anonymous user -GUARDIAN_GET_CONTENT_TYPE = 'polymorphic.contrib.guardian.get_polymorphic_base_content_type' - # Internationalization # https://docs.djangoproject.com/en/2.2/topics/i18n/ diff --git a/requirements.txt b/requirements.txt index 244690bc..9a5eaa22 100644 --- a/requirements.txt +++ b/requirements.txt @@ -9,7 +9,6 @@ django-cas-server==1.1.0 django-crispy-forms==1.7.2 django-extensions==2.1.9 django-filter==2.2.0 -django-guardian==2.1.0 django-polymorphic==2.0.3 djangorestframework==3.9.0 django-rest-polymorphic==0.1.8 From 205fd5c17a0bcd83e69e1b2934078a7daea6b6a8 Mon Sep 17 00:00:00 2001 From: Pierre-antoine Comby Date: Mon, 9 Mar 2020 19:03:36 +0100 Subject: [PATCH 014/119] initiate submodule for scripts --- .gitmodules | 3 +++ apps/scripts | 1 + 2 files changed, 4 insertions(+) create mode 100644 .gitmodules create mode 160000 apps/scripts diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 00000000..94cf1be6 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "apps/scripts"] + path = apps/scripts + url = git@gitlab.crans.org:bde/nk20-scripts.git diff --git a/apps/scripts b/apps/scripts new file mode 160000 index 00000000..123466cf --- /dev/null +++ b/apps/scripts @@ -0,0 +1 @@ +Subproject commit 123466cfa914422422cd372197e64adf65ef05f7 From 462a9e0f2d6f9693917992378370444e74206685 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Mon, 9 Mar 2020 22:13:11 +0100 Subject: [PATCH 015/119] Fix CAS settings --- note_kfet/settings/__init__.py | 5 +++++ note_kfet/settings/base.py | 2 ++ 2 files changed, 7 insertions(+) diff --git a/note_kfet/settings/__init__.py b/note_kfet/settings/__init__.py index 6d871599..c1df7477 100644 --- a/note_kfet/settings/__init__.py +++ b/note_kfet/settings/__init__.py @@ -1,4 +1,9 @@ +# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay +# SPDX-License-Identifier: GPL-3.0-or-later + +from django.utils.translation import gettext_lazy as _ import re + from .base import * diff --git a/note_kfet/settings/base.py b/note_kfet/settings/base.py index 4fe12fbf..3a5c3200 100644 --- a/note_kfet/settings/base.py +++ b/note_kfet/settings/base.py @@ -39,6 +39,8 @@ INSTALLED_APPS = [ 'polymorphic', 'crispy_forms', 'django_tables2', + 'cas_server', + 'cas', # Django contrib 'django.contrib.admin', 'django.contrib.admindocs', From 83b1ad47515b6fa9ce875709b4813bbe92d823ce Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Mon, 9 Mar 2020 22:23:47 +0100 Subject: [PATCH 016/119] Multi-connexions --- note_kfet/urls.py | 4 ++-- templates/registration/login.html | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/note_kfet/urls.py b/note_kfet/urls.py index 896c0655..407659f8 100644 --- a/note_kfet/urls.py +++ b/note_kfet/urls.py @@ -37,8 +37,8 @@ if "cas" in settings.INSTALLED_APPS: from cas import views as cas_views urlpatterns += [ # Include CAS Client routers - path('accounts/login/', cas_views.login, name='login'), - path('accounts/logout/', cas_views.logout, name='logout'), + path('accounts/login/cas/', cas_views.login, name='cas_login'), + path('accounts/logout/cas/', cas_views.logout, name='cas_logout'), ] if "debug_toolbar" in settings.INSTALLED_APPS: diff --git a/templates/registration/login.html b/templates/registration/login.html index 04ef8d7d..5a4322d1 100644 --- a/templates/registration/login.html +++ b/templates/registration/login.html @@ -17,6 +17,10 @@ SPDX-License-Identifier: GPL-2.0-or-later

{% endif %} +
+ Vous pouvez aussi vous connecter via l'authentification centralisée en suivant ce lien. +
+
{% csrf_token %} {{ form | crispy }} From fffd674c44c034361ede6f010f8ea3c16365befd Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Mon, 9 Mar 2020 22:29:14 +0100 Subject: [PATCH 017/119] Fix initial fixture hardcode --- apps/note/fixtures/initial.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/apps/note/fixtures/initial.json b/apps/note/fixtures/initial.json index f80332c0..01242b22 100644 --- a/apps/note/fixtures/initial.json +++ b/apps/note/fixtures/initial.json @@ -3,7 +3,7 @@ "model": "note.note", "pk": 1, "fields": { - "polymorphic_ctype": 39, + "polymorphic_ctype": 37, "balance": 0, "is_active": true, "display_image": "", @@ -14,7 +14,7 @@ "model": "note.note", "pk": 2, "fields": { - "polymorphic_ctype": 39, + "polymorphic_ctype": 37, "balance": 0, "is_active": true, "display_image": "", @@ -25,7 +25,7 @@ "model": "note.note", "pk": 3, "fields": { - "polymorphic_ctype": 39, + "polymorphic_ctype": 37, "balance": 0, "is_active": true, "display_image": "", @@ -36,7 +36,7 @@ "model": "note.note", "pk": 4, "fields": { - "polymorphic_ctype": 39, + "polymorphic_ctype": 37, "balance": 0, "is_active": true, "display_image": "", @@ -47,7 +47,7 @@ "model": "note.note", "pk": 5, "fields": { - "polymorphic_ctype": 38, + "polymorphic_ctype": 36, "balance": 0, "is_active": true, "display_image": "", @@ -58,7 +58,7 @@ "model": "note.note", "pk": 6, "fields": { - "polymorphic_ctype": 38, + "polymorphic_ctype": 36, "balance": 0, "is_active": true, "display_image": "", From 20e2d41563a1f38c4c36b82a434080b3666d5148 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Tue, 10 Mar 2020 00:01:40 +0100 Subject: [PATCH 018/119] Use a middleware rather than inspect the stack to get current user and IP --- apps/logs/middlewares.py | 55 ++++++++++++++++++++++++++++++++++ apps/logs/signals.py | 45 ++++------------------------ note_kfet/settings/__init__.py | 6 +++- 3 files changed, 65 insertions(+), 41 deletions(-) create mode 100644 apps/logs/middlewares.py diff --git a/apps/logs/middlewares.py b/apps/logs/middlewares.py new file mode 100644 index 00000000..69bbef92 --- /dev/null +++ b/apps/logs/middlewares.py @@ -0,0 +1,55 @@ +# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay +# SPDX-License-Identifier: GPL-3.0-or-later + +from django.conf import settings +from django.contrib.auth.models import AnonymousUser +from threading import local + + +USER_ATTR_NAME = getattr(settings, 'LOCAL_USER_ATTR_NAME', '_current_user') +IP_ATTR_NAME = getattr(settings, 'LOCAL_IP_ATTR_NAME', '_current_ip') + +_thread_locals = local() + + +def _set_current_user_and_ip(user=None, ip=None): + """ + Sets current user in local thread. + Can be used as a hook e.g. for shell jobs (when request object is not + available). + """ + setattr(_thread_locals, USER_ATTR_NAME, user) + setattr(_thread_locals, IP_ATTR_NAME, ip) + + +def get_current_user(): + return getattr(_thread_locals, USER_ATTR_NAME, None) + + +def get_current_ip(): + return getattr(_thread_locals, IP_ATTR_NAME, None) + + +def get_current_authenticated_user(): + current_user = get_current_user() + if isinstance(current_user, AnonymousUser): + return None + return current_user + + +class LogsMiddleware(object): + def __init__(self, get_response): + self.get_response = get_response + + def __call__(self, request): + user = request.user + if 'HTTP_X_FORWARDED_FOR' in request.META: + ip = request.META.get('HTTP_X_FORWARDED_FOR') + else: + ip = request.META.get('REMOTE_ADDR') + + _set_current_user_and_ip(user, ip) + + response = self.get_response(request) + + return response diff --git a/apps/logs/signals.py b/apps/logs/signals.py index 415e7c1c..e4e47e18 100644 --- a/apps/logs/signals.py +++ b/apps/logs/signals.py @@ -1,48 +1,15 @@ # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay # SPDX-License-Identifier: GPL-3.0-or-later -import inspect - from django.contrib.contenttypes.models import ContentType from django.core import serializers from django.db.models.signals import pre_save, post_save, post_delete from django.dispatch import receiver +from .middlewares import get_current_authenticated_user, get_current_ip from .models import Changelog -def get_request_in_signal(sender): - req = None - for entry in reversed(inspect.stack()): - try: - req = entry[0].f_locals['request'] - # Check if there is a user - # noinspection PyStatementEffect - req.user - break - except: - pass - - if not req: - print("WARNING: Attempt to save " + str(sender) + " with no user") - - return req - - -def get_user_and_ip(sender): - req = get_request_in_signal(sender) - try: - user = req.user - if 'HTTP_X_FORWARDED_FOR' in req.META: - ip = req.META.get('HTTP_X_FORWARDED_FOR') - else: - ip = req.META.get('REMOTE_ADDR') - except: - user = None - ip = None - return user, ip - - EXCLUDED = [ 'admin.logentry', 'authtoken.token', @@ -75,13 +42,11 @@ def save_object(sender, instance, **kwargs): if instance._meta.label_lower in EXCLUDED: return + print("LOGGING SOMETHING") + previous = instance._previous - user, ip = get_user_and_ip(sender) - - from django.contrib.auth.models import AnonymousUser - if isinstance(user, AnonymousUser): - user = None + user, ip = get_current_authenticated_user(), get_current_ip() if user is not None and instance._meta.label_lower == "auth.user" and previous: # Don't save last login modifications @@ -111,7 +76,7 @@ def delete_object(sender, instance, **kwargs): if instance._meta.label_lower in EXCLUDED: return - user, ip = get_user_and_ip(sender) + user, ip = get_current_authenticated_user(), get_current_ip() instance_json = serializers.serialize('json', [instance, ])[1:-1] Changelog.objects.create(user=user, diff --git a/note_kfet/settings/__init__.py b/note_kfet/settings/__init__.py index c1df7477..b370a430 100644 --- a/note_kfet/settings/__init__.py +++ b/note_kfet/settings/__init__.py @@ -73,7 +73,11 @@ if "cas" in INSTALLED_APPS: 'cas_explained', ] AUTHENTICATION_BACKENDS += ('cas.backends.CASBackend',) - + + +if "logs" in INSTALLED_APPS: + MIDDLEWARE += ('logs.middlewares.LogsMiddleware',) + if "debug_toolbar" in INSTALLED_APPS: MIDDLEWARE.insert(1,"debug_toolbar.middleware.DebugToolbarMiddleware") INTERNAL_IPS = [ '127.0.0.1'] From db69091d9fe8dc7f2b229462fec3eb4cc3fddcc3 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Tue, 10 Mar 2020 01:04:00 +0100 Subject: [PATCH 019/119] When an update is made from the shell, the username of the user connected to the shell is queried --- apps/logs/middlewares.py | 11 +++++------ apps/logs/signals.py | 38 ++++++++++++++++++++++++++++++++------ 2 files changed, 37 insertions(+), 12 deletions(-) diff --git a/apps/logs/middlewares.py b/apps/logs/middlewares.py index 69bbef92..cc6e1f4c 100644 --- a/apps/logs/middlewares.py +++ b/apps/logs/middlewares.py @@ -13,11 +13,6 @@ _thread_locals = local() def _set_current_user_and_ip(user=None, ip=None): - """ - Sets current user in local thread. - Can be used as a hook e.g. for shell jobs (when request object is not - available). - """ setattr(_thread_locals, USER_ATTR_NAME, user) setattr(_thread_locals, IP_ATTR_NAME, ip) @@ -38,6 +33,10 @@ def get_current_authenticated_user(): class LogsMiddleware(object): + """ + Ce middleware permet de récupérer l'utilisateur actif ainsi que son adresse IP à chaque connexion. + """ + def __init__(self, get_response): self.get_response = get_response @@ -49,7 +48,7 @@ class LogsMiddleware(object): ip = request.META.get('REMOTE_ADDR') _set_current_user_and_ip(user, ip) - response = self.get_response(request) + _set_current_user_and_ip(None, None) return response diff --git a/apps/logs/signals.py b/apps/logs/signals.py index e4e47e18..85f0c585 100644 --- a/apps/logs/signals.py +++ b/apps/logs/signals.py @@ -5,11 +5,14 @@ from django.contrib.contenttypes.models import ContentType from django.core import serializers from django.db.models.signals import pre_save, post_save, post_delete from django.dispatch import receiver +import getpass +from note.models import NoteUser, Alias from .middlewares import get_current_authenticated_user, get_current_ip from .models import Changelog +# Ces modèles ne nécessitent pas de logs EXCLUDED = [ 'admin.logentry', 'authtoken.token', @@ -22,13 +25,15 @@ EXCLUDED = [ 'note.noteclub', 'note.notespecial', 'sessions.session', - 'reversion.revision', - 'reversion.version', ] @receiver(pre_save) def pre_save_object(sender, instance, **kwargs): + """ + Avant la sauvegarde d'un modèle, on récupère l'ancienne instance actuellement en base de données + que l'on garde en mémoire + """ qs = sender.objects.filter(pk=instance.pk).all() if qs.exists(): instance._previous = qs.get() @@ -38,26 +43,43 @@ def pre_save_object(sender, instance, **kwargs): @receiver(post_save) def save_object(sender, instance, **kwargs): + """ + Dès qu'un modèle est sauvegardé, une entrée dans la table `Changelog` est ajouté dans la base de données + afin de répertorier chaque modification effectuée + """ # noinspection PyProtectedMember if instance._meta.label_lower in EXCLUDED: return - print("LOGGING SOMETHING") - + # noinspection PyProtectedMember previous = instance._previous + # Si un utilisateur est connecté, on récupère l'utilisateur courant ainsi que son adresse IP user, ip = get_current_authenticated_user(), get_current_ip() + if user is None: + # Si la modification n'a pas été faite via le client Web, on suppose que c'est du à `manage.py` + # On récupère alors l'utilisateur·trice connecté·e à la VM, et on récupère la note associée + # IMPORTANT : l'utilisateur dans la VM doit être un des alias note du respo info + ip = "127.0.0.1" + username = Alias.normalize(getpass.getuser()) + note = NoteUser.objects.filter(alias__normalized_name__regex="^" + username + "$") + if not note.exists(): + print("WARNING: A model attempted to be saved in the DB, but the actor is unknown: " + username) + else: + user = note.get().user + if user is not None and instance._meta.label_lower == "auth.user" and previous: - # Don't save last login modifications + # On n'enregistre pas les connexions if instance.last_login != previous.last_login: return + # Les modèles sont sauvegardés au format JSON previous_json = serializers.serialize('json', [previous, ])[1:-1] if previous else None instance_json = serializers.serialize('json', [instance, ])[1:-1] if previous_json == instance_json: - # No modification + # Pas de log s'il n'y a pas de modification return Changelog.objects.create(user=user, @@ -72,10 +94,14 @@ def save_object(sender, instance, **kwargs): @receiver(post_delete) def delete_object(sender, instance, **kwargs): + """ + Dès qu'un modèle est supprimé, une entrée dans la table `Changelog` est ajouté dans la base de données + """ # noinspection PyProtectedMember if instance._meta.label_lower in EXCLUDED: return + # Si un utilisateur est connecté, on récupère l'utilisateur courant ainsi que son adresse IP user, ip = get_current_authenticated_user(), get_current_ip() instance_json = serializers.serialize('json', [instance, ])[1:-1] From 185f6ce4e31c2bbd090a8d53071799e95e0241be Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Tue, 10 Mar 2020 01:07:37 +0100 Subject: [PATCH 020/119] Alias have to be exact --- apps/logs/signals.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/logs/signals.py b/apps/logs/signals.py index 85f0c585..89354210 100644 --- a/apps/logs/signals.py +++ b/apps/logs/signals.py @@ -63,7 +63,7 @@ def save_object(sender, instance, **kwargs): # IMPORTANT : l'utilisateur dans la VM doit être un des alias note du respo info ip = "127.0.0.1" username = Alias.normalize(getpass.getuser()) - note = NoteUser.objects.filter(alias__normalized_name__regex="^" + username + "$") + note = NoteUser.objects.filter(alias__normalized_name="^" + username + "$") if not note.exists(): print("WARNING: A model attempted to be saved in the DB, but the actor is unknown: " + username) else: From 94ab2c81f79852cee24e14c1851fe3c00f4eb402 Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Tue, 10 Mar 2020 08:07:09 +0100 Subject: [PATCH 021/119] Use TableView for conso page --- apps/note/forms.py | 32 +------------------------------- apps/note/tables.py | 2 +- apps/note/views.py | 21 ++++++++++----------- templates/note/conso_form.html | 2 +- 4 files changed, 13 insertions(+), 44 deletions(-) diff --git a/apps/note/forms.py b/apps/note/forms.py index 20804412..2e8e4456 100644 --- a/apps/note/forms.py +++ b/apps/note/forms.py @@ -6,7 +6,7 @@ from django import forms from django.utils.translation import gettext_lazy as _ from .models import Alias -from .models import Transaction, TransactionTemplate, TemplateTransaction +from .models import Transaction, TransactionTemplate class AliasForm(forms.ModelForm): @@ -99,33 +99,3 @@ class TransactionForm(forms.ModelForm): }, ), } - - -class ConsoForm(forms.ModelForm): - def save(self, commit=True): - button: TransactionTemplate = TransactionTemplate.objects.filter( - name=self.data['button']).get() - self.instance.destination = button.destination - self.instance.amount = button.amount - self.instance.reason = '{} ({})'.format(button.name, button.category) - self.instance.template = button - self.instance.category = button.category - super().save(commit) - - class Meta: - model = TemplateTransaction - fields = ('source',) - - # Le champ d'utilisateur est remplacé par un champ d'auto-complétion. - # Quand des lettres sont tapées, une requête est envoyée sur l'API d'auto-complétion - # et récupère les aliases de note valides - widgets = { - 'source': - autocomplete.ModelSelect2( - url='note:note_autocomplete', - attrs={ - 'data-placeholder': 'Note ...', - 'data-minimum-input-length': 1, - }, - ), - } diff --git a/apps/note/tables.py b/apps/note/tables.py index e85fcbae..d26ffedc 100644 --- a/apps/note/tables.py +++ b/apps/note/tables.py @@ -6,7 +6,7 @@ from django.db.models import F from django_tables2.utils import A from .models.notes import Alias -from .models.transactions import Transaction, TransactionTemplate +from .models.transactions import Transaction from .templatetags.pretty_money import pretty_money diff --git a/apps/note/views.py b/apps/note/views.py index 09846057..fb5e98c5 100644 --- a/apps/note/views.py +++ b/apps/note/views.py @@ -7,9 +7,11 @@ from django.db.models import Q from django.urls import reverse from django.utils.translation import gettext_lazy as _ from django.views.generic import CreateView, ListView, UpdateView +from django_tables2 import SingleTableView -from .forms import TransactionForm, TransactionTemplateForm, ConsoForm -from .models import Transaction, TransactionTemplate, Alias, TemplateTransaction +from .forms import TransactionForm, TransactionTemplateForm +from .models import Transaction, TransactionTemplate, Alias +from .tables import HistoryTable class TransactionCreate(LoginRequiredMixin, CreateView): @@ -121,13 +123,16 @@ class TransactionTemplateUpdateView(LoginRequiredMixin, UpdateView): form_class = TransactionTemplateForm -class ConsoView(LoginRequiredMixin, CreateView): +class ConsoView(LoginRequiredMixin, SingleTableView): """ Consume """ - model = TemplateTransaction + model = Transaction template_name = "note/conso_form.html" - form_class = ConsoForm + + # Transaction history table + table_class = HistoryTable + table_pagination = {"per_page": 10} def get_context_data(self, **kwargs): """ @@ -142,9 +147,3 @@ class ConsoView(LoginRequiredMixin, CreateView): context['no_cache'] = True return context - - def get_success_url(self): - """ - When clicking a button, reload the same page - """ - return reverse('note:consos') diff --git a/templates/note/conso_form.html b/templates/note/conso_form.html index 10b06589..286b4285 100644 --- a/templates/note/conso_form.html +++ b/templates/note/conso_form.html @@ -1,6 +1,6 @@ {% extends "base.html" %} -{% load i18n static pretty_money %} +{% load i18n static pretty_money django_tables2 %} {# Remove page title #} {% block contenttitle %}{% endblock %} From f3b44f3170c1223c580a39748f2152b13d01ffe4 Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Tue, 10 Mar 2020 08:11:43 +0100 Subject: [PATCH 022/119] Bootstrap for conso page --- templates/base.html | 3 - templates/note/conso_form.html | 174 +++++++++++++++++++++------------ 2 files changed, 114 insertions(+), 63 deletions(-) diff --git a/templates/base.html b/templates/base.html index 887bc970..dbe59c41 100644 --- a/templates/base.html +++ b/templates/base.html @@ -75,9 +75,6 @@ SPDX-License-Identifier: GPL-3.0-or-later
  • {% trans 'Activities' %}
    • -
  • - {% trans 'Button' %} -
  • {% trans 'Transfer' %}
    • diff --git a/templates/note/conso_form.html b/templates/note/conso_form.html index 286b4285..2c2066e8 100644 --- a/templates/note/conso_form.html +++ b/templates/note/conso_form.html @@ -6,75 +6,129 @@ {% block contenttitle %}{% endblock %} {% block content %} - {# Regroup buttons under categories #} - {% regroup transaction_templates by category as categories %} - - - {% csrf_token %} - -
    -
    - {% if form.non_field_errors %} -

    - {% for error in form.non_field_errors %} - {{ error }} - {% endfor %} -

    - {% endif %} - {% for field in form %} -
    - {{ field.errors }} -
    - {{ field.label_tag }} - {% if field.is_readonly %} -
    {{ field.contents }}
    - {% else %} - {{ field }} - {% endif %} - {% if field.field.help_text %} -
    {{ field.field.help_text|safe }}
    - {% endif %} +
    +
    +
    + {# User details column #} +
    +
    + +
    + Paquito (aka. PAC) : -230 €
    - {% endfor %} -
    +
    -
    -
    - {# Tabs for button categories #} -
    -
      - {% for category in categories %} -
    • - - {{ category.grouper }} - -
      • - {% endfor %} + {# User selection column #} +
      +
      +
      +

      + Sélection des émitteurs +

      +
      +
        +
      • + Cras justo odio + 14 +
        • +
      • + Dapibus ac facilisis in + 1 +
      -
      - - {# Tabs content #} -
      -
      - {% for category in categories %} -
      -
      - {% for button in category.list %} - - {% endfor %} -
      -
      - {% endfor %} +
      + TODO: reimplement select2 here in JS
    - + + {# Buttons column #} +
    + {# Show last used buttons #} +
    +
    +

    + Les boutons les plus utilisés s'afficheront ici. +

    +
    +
    + + {# Regroup buttons under categories #} + {% regroup transaction_templates by template_type as template_types %} + +
    + {# Tabs for button categories #} +
    + +
    + + {# Tabs content #} +
    +
    + {% for template_type in template_types %} +
    +
    + {% for button in template_type.list %} + + {% endfor %} +
    +
    + {% endfor %} +
    +
    + + {# Mode switch #} +
    + + Éditer + +
    + + +
    +
    +
    +
    +
    + +
    +
    +

    + Historique des transactions récentes +

    +
    + {% render_table table %} +
    +{% endblock %} + +{% block extracss %} + {% endblock %} {% block extrajavascript %} From aa731d1ae4a3ed68b22af39b147c74370ecca8aa Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Tue, 10 Mar 2020 17:16:03 +0100 Subject: [PATCH 023/119] Regexp must begin with `^` --- apps/member/views.py | 2 +- apps/note/api/views.py | 6 +++--- apps/note/views.py | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/apps/member/views.py b/apps/member/views.py index 21c8de5f..82c15b99 100644 --- a/apps/member/views.py +++ b/apps/member/views.py @@ -300,7 +300,7 @@ class UserAutocomplete(autocomplete.Select2QuerySetView): qs = User.objects.all() if self.q: - qs = qs.filter(username__regex=self.q) + qs = qs.filter(username__regex="^" + self.q) return qs diff --git a/apps/note/api/views.py b/apps/note/api/views.py index cf0136f2..abcf915b 100644 --- a/apps/note/api/views.py +++ b/apps/note/api/views.py @@ -69,8 +69,8 @@ class NotePolymorphicViewSet(viewsets.ModelViewSet): alias = self.request.query_params.get("alias", ".*") queryset = queryset.filter( - Q(alias__name__regex=alias) - | Q(alias__normalized_name__regex=alias.lower())) + Q(alias__name__regex="^" + alias) + | Q(alias__normalized_name__regex="^" + alias.lower())) note_type = self.request.query_params.get("type", None) if note_type: @@ -107,7 +107,7 @@ class AliasViewSet(viewsets.ModelViewSet): alias = self.request.query_params.get("alias", ".*") queryset = queryset.filter( - Q(name__regex=alias) | Q(normalized_name__regex=alias.lower())) + Q(name__regex="^" + alias) | Q(normalized_name__regex="^" + alias.lower())) note_id = self.request.query_params.get("note", None) if note_id: diff --git a/apps/note/views.py b/apps/note/views.py index 09846057..ccba8c9f 100644 --- a/apps/note/views.py +++ b/apps/note/views.py @@ -67,7 +67,7 @@ class NoteAutocomplete(autocomplete.Select2QuerySetView): # self.q est le paramètre de la recherche if self.q: - qs = qs.filter(Q(name__regex=self.q) | Q(normalized_name__regex=Alias.normalize(self.q))) \ + qs = qs.filter(Q(name__regex="^" + self.q) | Q(normalized_name__regex="^" + Alias.normalize(self.q))) \ .order_by('normalized_name').distinct() # Filtrage par type de note (user, club, special) From 6baf437eefedfe3fd7214077577d1885f628a795 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Tue, 10 Mar 2020 23:37:54 +0100 Subject: [PATCH 024/119] Fix Dockerfile --- Dockerfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index a2f45b00..d42bdd1f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -9,13 +9,13 @@ RUN apt update && \ apt install -y gettext nginx uwsgi uwsgi-plugin-python3 && \ rm -rf /var/lib/apt/lists/* -COPY requirements.txt /code/ +COPY . /code/ + +# Comment what is not needed RUN pip install -r requirements/base.txt RUN pip install -r requirements/api.txt RUN pip install -r requirements/cas.txt RUN pip install -r requirements/production.txt -COPY . /code/ - ENTRYPOINT ["/code/entrypoint.sh"] EXPOSE 8000 From be877276f8a6b2ca554a46c7d0e28ecda7a51490 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 00:41:37 +0100 Subject: [PATCH 025/119] Fix JSON serialization --- apps/logs/signals.py | 32 ++++++++++++++++++++++---------- 1 file changed, 22 insertions(+), 10 deletions(-) diff --git a/apps/logs/signals.py b/apps/logs/signals.py index 89354210..1cd74067 100644 --- a/apps/logs/signals.py +++ b/apps/logs/signals.py @@ -2,9 +2,10 @@ # SPDX-License-Identifier: GPL-3.0-or-later from django.contrib.contenttypes.models import ContentType -from django.core import serializers from django.db.models.signals import pre_save, post_save, post_delete from django.dispatch import receiver +from rest_framework.renderers import JSONRenderer +from rest_framework.serializers import ModelSerializer import getpass from note.models import NoteUser, Alias @@ -19,11 +20,10 @@ EXCLUDED = [ 'cas_server.user', 'cas_server.userattributes', 'contenttypes.contenttype', - 'logs.changelog', + 'logs.changelog', # Never remove this line 'migrations.migration', - 'note.noteuser', - 'note.noteclub', - 'note.notespecial', + 'note.note' # We only store the subclasses + 'note.transaction', 'sessions.session', ] @@ -63,7 +63,7 @@ def save_object(sender, instance, **kwargs): # IMPORTANT : l'utilisateur dans la VM doit être un des alias note du respo info ip = "127.0.0.1" username = Alias.normalize(getpass.getuser()) - note = NoteUser.objects.filter(alias__normalized_name="^" + username + "$") + note = NoteUser.objects.filter(alias__normalized_name=username) if not note.exists(): print("WARNING: A model attempted to be saved in the DB, but the actor is unknown: " + username) else: @@ -74,9 +74,14 @@ def save_object(sender, instance, **kwargs): if instance.last_login != previous.last_login: return - # Les modèles sont sauvegardés au format JSON - previous_json = serializers.serialize('json', [previous, ])[1:-1] if previous else None - instance_json = serializers.serialize('json', [instance, ])[1:-1] + # On crée notre propre sérialiseur JSON pour pouvoir sauvegarder les modèles + class CustomSerializer(ModelSerializer): + class Meta: + model = instance.__class__ + fields = '__all__' + + previous_json = JSONRenderer().render(CustomSerializer(previous).data) + instance_json = JSONRenderer().render(CustomSerializer(instance).data) if previous_json == instance_json: # Pas de log s'il n'y a pas de modification @@ -104,7 +109,14 @@ def delete_object(sender, instance, **kwargs): # Si un utilisateur est connecté, on récupère l'utilisateur courant ainsi que son adresse IP user, ip = get_current_authenticated_user(), get_current_ip() - instance_json = serializers.serialize('json', [instance, ])[1:-1] + # On crée notre propre sérialiseur JSON pour pouvoir sauvegarder les modèles + class CustomSerializer(ModelSerializer): + class Meta: + model = instance.__class__ + fields = '__all__' + + instance_json = JSONRenderer().render(CustomSerializer(instance).data) + Changelog.objects.create(user=user, ip=ip, model=ContentType.objects.get_for_model(instance), From 0f1d662d251fdb919d744358c4cc15c0fadf453e Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 00:47:43 +0100 Subject: [PATCH 026/119] Anonymous users don't have any access to the API (fix it later with rights...), fix CI --- apps/note/tables.py | 2 +- note_kfet/settings/__init__.py | 4 ++-- note_kfet/settings/base.py | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/apps/note/tables.py b/apps/note/tables.py index e85fcbae..d26ffedc 100644 --- a/apps/note/tables.py +++ b/apps/note/tables.py @@ -6,7 +6,7 @@ from django.db.models import F from django_tables2.utils import A from .models.notes import Alias -from .models.transactions import Transaction, TransactionTemplate +from .models.transactions import Transaction from .templatetags.pretty_money import pretty_money diff --git a/note_kfet/settings/__init__.py b/note_kfet/settings/__init__.py index b370a430..ce31b39f 100644 --- a/note_kfet/settings/__init__.py +++ b/note_kfet/settings/__init__.py @@ -79,5 +79,5 @@ if "logs" in INSTALLED_APPS: MIDDLEWARE += ('logs.middlewares.LogsMiddleware',) if "debug_toolbar" in INSTALLED_APPS: - MIDDLEWARE.insert(1,"debug_toolbar.middleware.DebugToolbarMiddleware") - INTERNAL_IPS = [ '127.0.0.1'] + MIDDLEWARE.insert(1, "debug_toolbar.middleware.DebugToolbarMiddleware") + INTERNAL_IPS = ['127.0.0.1'] diff --git a/note_kfet/settings/base.py b/note_kfet/settings/base.py index 3a5c3200..737350e2 100644 --- a/note_kfet/settings/base.py +++ b/note_kfet/settings/base.py @@ -137,7 +137,7 @@ REST_FRAMEWORK = { # or allow read-only access for unauthenticated users. 'DEFAULT_PERMISSION_CLASSES': [ # TODO Maybe replace it with our custom permissions system - 'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly' + 'rest_framework.permissions.DjangoModelPermissions' ], 'DEFAULT_AUTHENTICATION_CLASSES': [ 'rest_framework.authentication.TokenAuthentication', From 38ad8709390128af6fb0b657ab05588ecbc3262b Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 01:03:15 +0100 Subject: [PATCH 027/119] Add one missing model to the API --- apps/note/api/serializers.py | 13 ++++++++++++- apps/note/api/urls.py | 3 ++- apps/note/api/views.py | 14 ++++++++++++-- 3 files changed, 26 insertions(+), 4 deletions(-) diff --git a/apps/note/api/serializers.py b/apps/note/api/serializers.py index 1696bfee..61257ec4 100644 --- a/apps/note/api/serializers.py +++ b/apps/note/api/serializers.py @@ -5,7 +5,7 @@ from rest_framework import serializers from rest_polymorphic.serializers import PolymorphicSerializer from ..models.notes import Note, NoteClub, NoteSpecial, NoteUser, Alias -from ..models.transactions import TransactionTemplate, Transaction, MembershipTransaction +from ..models.transactions import TransactionTemplate, Transaction, MembershipTransaction, TemplateCategory class NoteSerializer(serializers.ModelSerializer): @@ -78,6 +78,17 @@ class NotePolymorphicSerializer(PolymorphicSerializer): } +class TemplateCategorySerializer(serializers.ModelSerializer): + """ + REST API Serializer for Transaction templates. + The djangorestframework plugin will analyse the model `TemplateCategory` and parse all fields in the API. + """ + + class Meta: + model = TemplateCategory + fields = '__all__' + + class TransactionTemplateSerializer(serializers.ModelSerializer): """ REST API Serializer for Transaction templates. diff --git a/apps/note/api/urls.py b/apps/note/api/urls.py index 54218796..5e176ec5 100644 --- a/apps/note/api/urls.py +++ b/apps/note/api/urls.py @@ -2,7 +2,7 @@ # SPDX-License-Identifier: GPL-3.0-or-later from .views import NotePolymorphicViewSet, AliasViewSet, \ - TransactionViewSet, TransactionTemplateViewSet, MembershipTransactionViewSet + TemplateCategoryViewSet, TransactionViewSet, TransactionTemplateViewSet, MembershipTransactionViewSet def register_note_urls(router, path): @@ -12,6 +12,7 @@ def register_note_urls(router, path): router.register(path + '/note', NotePolymorphicViewSet) router.register(path + '/alias', AliasViewSet) + router.register(path + '/transaction/category', TemplateCategoryViewSet) router.register(path + '/transaction/transaction', TransactionViewSet) router.register(path + '/transaction/template', TransactionTemplateViewSet) router.register(path + '/transaction/membership', MembershipTransactionViewSet) diff --git a/apps/note/api/views.py b/apps/note/api/views.py index abcf915b..4fbb9481 100644 --- a/apps/note/api/views.py +++ b/apps/note/api/views.py @@ -6,9 +6,9 @@ from rest_framework import viewsets from .serializers import NoteSerializer, NotePolymorphicSerializer, NoteClubSerializer, NoteSpecialSerializer, \ NoteUserSerializer, AliasSerializer, \ - TransactionTemplateSerializer, TransactionSerializer, MembershipTransactionSerializer + TemplateCategorySerializer, TransactionTemplateSerializer, TransactionSerializer, MembershipTransactionSerializer from ..models.notes import Note, NoteClub, NoteSpecial, NoteUser, Alias -from ..models.transactions import TransactionTemplate, Transaction, MembershipTransaction +from ..models.transactions import TransactionTemplate, Transaction, MembershipTransaction, TemplateCategory class NoteViewSet(viewsets.ModelViewSet): @@ -131,6 +131,16 @@ class AliasViewSet(viewsets.ModelViewSet): return queryset +class TemplateCategoryViewSet(viewsets.ModelViewSet): + """ + REST API View set. + The djangorestframework plugin will get all `TemplateCategory` objects, serialize it to JSON with the given serializer, + then render it on /api/note/transaction/category/ + """ + queryset = TemplateCategory.objects.all() + serializer_class = TemplateCategorySerializer + + class TransactionTemplateViewSet(viewsets.ModelViewSet): """ REST API View set. From bc97eb1eb4bb3943ad60bf3569c05255386953d0 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 10:08:28 +0100 Subject: [PATCH 028/119] Add logs to the API (this right should only be given to superusers) --- apps/api/urls.py | 2 ++ apps/logs/api/__init__.py | 0 apps/logs/api/serializers.py | 17 +++++++++++++++++ apps/logs/api/urls.py | 11 +++++++++++ apps/logs/api/views.py | 17 +++++++++++++++++ apps/logs/models.py | 6 ++++++ apps/logs/signals.py | 7 ++++--- note_kfet/settings/base.py | 1 + 8 files changed, 58 insertions(+), 3 deletions(-) create mode 100644 apps/logs/api/__init__.py create mode 100644 apps/logs/api/serializers.py create mode 100644 apps/logs/api/urls.py create mode 100644 apps/logs/api/views.py diff --git a/apps/api/urls.py b/apps/api/urls.py index c1b6bf48..bb1fdce2 100644 --- a/apps/api/urls.py +++ b/apps/api/urls.py @@ -7,6 +7,7 @@ from rest_framework import routers, serializers, viewsets from activity.api.urls import register_activity_urls from member.api.urls import register_members_urls from note.api.urls import register_note_urls +from logs.api.urls import register_logs_urls class UserSerializer(serializers.ModelSerializer): @@ -41,6 +42,7 @@ router.register('user', UserViewSet) register_members_urls(router, 'members') register_activity_urls(router, 'activity') register_note_urls(router, 'note') +register_logs_urls(router, 'logs') app_name = 'api' diff --git a/apps/logs/api/__init__.py b/apps/logs/api/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/apps/logs/api/serializers.py b/apps/logs/api/serializers.py new file mode 100644 index 00000000..7de7bc1a --- /dev/null +++ b/apps/logs/api/serializers.py @@ -0,0 +1,17 @@ +# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay +# SPDX-License-Identifier: GPL-3.0-or-later + +from rest_framework import serializers + +from ..models import Changelog + + +class ChangelogSerializer(serializers.ModelSerializer): + """ + REST API Serializer for Changelog types. + The djangorestframework plugin will analyse the model `Changelog` and parse all fields in the API. + """ + + class Meta: + model = Changelog + fields = '__all__' diff --git a/apps/logs/api/urls.py b/apps/logs/api/urls.py new file mode 100644 index 00000000..9a0ceaa8 --- /dev/null +++ b/apps/logs/api/urls.py @@ -0,0 +1,11 @@ +# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay +# SPDX-License-Identifier: GPL-3.0-or-later + +from .views import ChangelogViewSet + + +def register_logs_urls(router, path): + """ + Configure router for Activity REST API. + """ + router.register(path, ChangelogViewSet) diff --git a/apps/logs/api/views.py b/apps/logs/api/views.py new file mode 100644 index 00000000..60da612b --- /dev/null +++ b/apps/logs/api/views.py @@ -0,0 +1,17 @@ +# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay +# SPDX-License-Identifier: GPL-3.0-or-later + +from rest_framework import viewsets + +from .serializers import ChangelogSerializer +from ..models import Changelog + + +class ChangelogViewSet(viewsets.ModelViewSet): + """ + REST API View set. + The djangorestframework plugin will get all `Changelog` objects, serialize it to JSON with the given serializer, + then render it on /api/logs/ + """ + queryset = Changelog.objects.all() + serializer_class = ChangelogSerializer diff --git a/apps/logs/models.py b/apps/logs/models.py index 9ab3cf6a..10e2651f 100644 --- a/apps/logs/models.py +++ b/apps/logs/models.py @@ -56,6 +56,12 @@ class Changelog(models.Model): max_length=16, null=False, blank=False, + choices=[ + ('create', _('create')), + ('edit', _('edit')), + ('delete', _('delete')), + ], + default='edit', verbose_name=_('action'), ) diff --git a/apps/logs/signals.py b/apps/logs/signals.py index 1cd74067..41f87cda 100644 --- a/apps/logs/signals.py +++ b/apps/logs/signals.py @@ -69,6 +69,7 @@ def save_object(sender, instance, **kwargs): else: user = note.get().user + # noinspection PyProtectedMember if user is not None and instance._meta.label_lower == "auth.user" and previous: # On n'enregistre pas les connexions if instance.last_login != previous.last_login: @@ -80,8 +81,8 @@ def save_object(sender, instance, **kwargs): model = instance.__class__ fields = '__all__' - previous_json = JSONRenderer().render(CustomSerializer(previous).data) - instance_json = JSONRenderer().render(CustomSerializer(instance).data) + previous_json = JSONRenderer().render(CustomSerializer(previous).data).decode("UTF-8") + instance_json = JSONRenderer().render(CustomSerializer(instance).data).decode("UTF-8") if previous_json == instance_json: # Pas de log s'il n'y a pas de modification @@ -115,7 +116,7 @@ def delete_object(sender, instance, **kwargs): model = instance.__class__ fields = '__all__' - instance_json = JSONRenderer().render(CustomSerializer(instance).data) + instance_json = JSONRenderer().render(CustomSerializer(instance).data).decode("UTF-8") Changelog.objects.create(user=user, ip=ip, diff --git a/note_kfet/settings/base.py b/note_kfet/settings/base.py index 737350e2..84f07b6c 100644 --- a/note_kfet/settings/base.py +++ b/note_kfet/settings/base.py @@ -140,6 +140,7 @@ REST_FRAMEWORK = { 'rest_framework.permissions.DjangoModelPermissions' ], 'DEFAULT_AUTHENTICATION_CLASSES': [ + 'rest_framework.authentication.SessionAuthentication', 'rest_framework.authentication.TokenAuthentication', ] } From 417cd5da04c1d74dc52f9f72e6b1ea00c33654a4 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 11:15:03 +0100 Subject: [PATCH 029/119] Improve REST API with filters --- apps/activity/api/views.py | 9 ++++++- apps/api/urls.py | 5 ++++ apps/logs/api/views.py | 3 +++ apps/logs/signals.py | 2 +- apps/logs/urls.py | 8 ------- apps/member/api/views.py | 5 ++++ apps/note/api/serializers.py | 22 ++++++++++++++++- apps/note/api/urls.py | 3 +-- apps/note/api/views.py | 24 +++++++++---------- apps/note/fixtures/initial.json | 12 +++++----- note_kfet/settings/base.py | 6 +++-- note_kfet/urls.py | 3 +-- .../rest_framework/crispy_form.html | 5 ++++ .../django_filters/rest_framework/form.html | 6 +++++ .../django_filters/widgets/multiwidget.html | 1 + 15 files changed, 78 insertions(+), 36 deletions(-) delete mode 100644 apps/logs/urls.py create mode 100644 templates/django_filters/rest_framework/crispy_form.html create mode 100644 templates/django_filters/rest_framework/form.html create mode 100644 templates/django_filters/widgets/multiwidget.html diff --git a/apps/activity/api/views.py b/apps/activity/api/views.py index 6a6c024e..4ee2194d 100644 --- a/apps/activity/api/views.py +++ b/apps/activity/api/views.py @@ -1,7 +1,8 @@ # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay # SPDX-License-Identifier: GPL-3.0-or-later - +from django_filters.rest_framework import DjangoFilterBackend from rest_framework import viewsets +from rest_framework.filters import SearchFilter from .serializers import ActivityTypeSerializer, ActivitySerializer, GuestSerializer from ..models import ActivityType, Activity, Guest @@ -15,6 +16,8 @@ class ActivityTypeViewSet(viewsets.ModelViewSet): """ queryset = ActivityType.objects.all() serializer_class = ActivityTypeSerializer + filter_backends = [DjangoFilterBackend] + filterset_fields = ['name', 'can_invite', ] class ActivityViewSet(viewsets.ModelViewSet): @@ -25,6 +28,8 @@ class ActivityViewSet(viewsets.ModelViewSet): """ queryset = Activity.objects.all() serializer_class = ActivitySerializer + filter_backends = [DjangoFilterBackend] + filterset_fields = ['name', 'description', 'activity_type', ] class GuestViewSet(viewsets.ModelViewSet): @@ -35,3 +40,5 @@ class GuestViewSet(viewsets.ModelViewSet): """ queryset = Guest.objects.all() serializer_class = GuestSerializer + filter_backends = [SearchFilter] + search_fields = ['$name', ] diff --git a/apps/api/urls.py b/apps/api/urls.py index bb1fdce2..8e0f6415 100644 --- a/apps/api/urls.py +++ b/apps/api/urls.py @@ -3,7 +3,9 @@ from django.conf.urls import url, include from django.contrib.auth.models import User +from django_filters.rest_framework import DjangoFilterBackend from rest_framework import routers, serializers, viewsets +from rest_framework.filters import SearchFilter from activity.api.urls import register_activity_urls from member.api.urls import register_members_urls from note.api.urls import register_note_urls @@ -33,6 +35,9 @@ class UserViewSet(viewsets.ModelViewSet): """ queryset = User.objects.all() serializer_class = UserSerializer + filter_backends = [DjangoFilterBackend, SearchFilter] + filterset_fields = ['id', 'username', 'first_name', 'last_name', 'email', 'is_superuser', 'is_staff', 'is_active', ] + search_fields = ['$username', '$first_name', '$last_name', ] # Routers provide an easy way of automatically determining the URL conf. diff --git a/apps/logs/api/views.py b/apps/logs/api/views.py index 60da612b..5b1b3ff6 100644 --- a/apps/logs/api/views.py +++ b/apps/logs/api/views.py @@ -1,6 +1,7 @@ # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay # SPDX-License-Identifier: GPL-3.0-or-later +from django_filters.rest_framework import DjangoFilterBackend from rest_framework import viewsets from .serializers import ChangelogSerializer @@ -15,3 +16,5 @@ class ChangelogViewSet(viewsets.ModelViewSet): """ queryset = Changelog.objects.all() serializer_class = ChangelogSerializer + filter_backends = [DjangoFilterBackend] + filterset_fields = ['model', 'action', "instance_pk", 'user', 'ip',] diff --git a/apps/logs/signals.py b/apps/logs/signals.py index 41f87cda..ab196291 100644 --- a/apps/logs/signals.py +++ b/apps/logs/signals.py @@ -81,7 +81,7 @@ def save_object(sender, instance, **kwargs): model = instance.__class__ fields = '__all__' - previous_json = JSONRenderer().render(CustomSerializer(previous).data).decode("UTF-8") + previous_json = JSONRenderer().render(CustomSerializer(previous).data).decode("UTF-8") if previous else None instance_json = JSONRenderer().render(CustomSerializer(instance).data).decode("UTF-8") if previous_json == instance_json: diff --git a/apps/logs/urls.py b/apps/logs/urls.py deleted file mode 100644 index 6d76674c..00000000 --- a/apps/logs/urls.py +++ /dev/null @@ -1,8 +0,0 @@ -# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay -# SPDX-License-Identifier: GPL-3.0-or-later - -app_name = 'logs' - -# TODO User interface -urlpatterns = [ -] diff --git a/apps/member/api/views.py b/apps/member/api/views.py index 7e7dcd1d..c85df903 100644 --- a/apps/member/api/views.py +++ b/apps/member/api/views.py @@ -2,6 +2,7 @@ # SPDX-License-Identifier: GPL-3.0-or-later from rest_framework import viewsets +from rest_framework.filters import SearchFilter from .serializers import ProfileSerializer, ClubSerializer, RoleSerializer, MembershipSerializer from ..models import Profile, Club, Role, Membership @@ -25,6 +26,8 @@ class ClubViewSet(viewsets.ModelViewSet): """ queryset = Club.objects.all() serializer_class = ClubSerializer + filter_backends = [SearchFilter] + search_fields = ['$name', ] class RoleViewSet(viewsets.ModelViewSet): @@ -35,6 +38,8 @@ class RoleViewSet(viewsets.ModelViewSet): """ queryset = Role.objects.all() serializer_class = RoleSerializer + filter_backends = [SearchFilter] + search_fields = ['$name', ] class MembershipViewSet(viewsets.ModelViewSet): diff --git a/apps/note/api/serializers.py b/apps/note/api/serializers.py index 61257ec4..73beead1 100644 --- a/apps/note/api/serializers.py +++ b/apps/note/api/serializers.py @@ -5,7 +5,8 @@ from rest_framework import serializers from rest_polymorphic.serializers import PolymorphicSerializer from ..models.notes import Note, NoteClub, NoteSpecial, NoteUser, Alias -from ..models.transactions import TransactionTemplate, Transaction, MembershipTransaction, TemplateCategory +from ..models.transactions import TransactionTemplate, Transaction, MembershipTransaction, TemplateCategory, \ + TemplateTransaction class NoteSerializer(serializers.ModelSerializer): @@ -111,6 +112,17 @@ class TransactionSerializer(serializers.ModelSerializer): fields = '__all__' +class TemplateTransactionSerializer(serializers.ModelSerializer): + """ + REST API Serializer for Transactions. + The djangorestframework plugin will analyse the model `TemplateTransaction` and parse all fields in the API. + """ + + class Meta: + model = TemplateTransaction + fields = '__all__' + + class MembershipTransactionSerializer(serializers.ModelSerializer): """ REST API Serializer for Membership transactions. @@ -120,3 +132,11 @@ class MembershipTransactionSerializer(serializers.ModelSerializer): class Meta: model = MembershipTransaction fields = '__all__' + + +class TransactionPolymorphicSerializer(PolymorphicSerializer): + model_serializer_mapping = { + Transaction: TransactionSerializer, + TemplateTransaction: TemplateTransactionSerializer, + MembershipTransaction: MembershipTransactionSerializer, + } diff --git a/apps/note/api/urls.py b/apps/note/api/urls.py index 5e176ec5..796a397f 100644 --- a/apps/note/api/urls.py +++ b/apps/note/api/urls.py @@ -2,7 +2,7 @@ # SPDX-License-Identifier: GPL-3.0-or-later from .views import NotePolymorphicViewSet, AliasViewSet, \ - TemplateCategoryViewSet, TransactionViewSet, TransactionTemplateViewSet, MembershipTransactionViewSet + TemplateCategoryViewSet, TransactionViewSet, TransactionTemplateViewSet def register_note_urls(router, path): @@ -15,4 +15,3 @@ def register_note_urls(router, path): router.register(path + '/transaction/category', TemplateCategoryViewSet) router.register(path + '/transaction/transaction', TransactionViewSet) router.register(path + '/transaction/template', TransactionTemplateViewSet) - router.register(path + '/transaction/membership', MembershipTransactionViewSet) diff --git a/apps/note/api/views.py b/apps/note/api/views.py index 4fbb9481..14f64003 100644 --- a/apps/note/api/views.py +++ b/apps/note/api/views.py @@ -2,13 +2,15 @@ # SPDX-License-Identifier: GPL-3.0-or-later from django.db.models import Q +from django_filters.rest_framework import DjangoFilterBackend from rest_framework import viewsets +from rest_framework.filters import SearchFilter from .serializers import NoteSerializer, NotePolymorphicSerializer, NoteClubSerializer, NoteSpecialSerializer, \ NoteUserSerializer, AliasSerializer, \ - TemplateCategorySerializer, TransactionTemplateSerializer, TransactionSerializer, MembershipTransactionSerializer + TemplateCategorySerializer, TransactionTemplateSerializer, TransactionPolymorphicSerializer from ..models.notes import Note, NoteClub, NoteSpecial, NoteUser, Alias -from ..models.transactions import TransactionTemplate, Transaction, MembershipTransaction, TemplateCategory +from ..models.transactions import TransactionTemplate, Transaction, TemplateCategory class NoteViewSet(viewsets.ModelViewSet): @@ -139,6 +141,8 @@ class TemplateCategoryViewSet(viewsets.ModelViewSet): """ queryset = TemplateCategory.objects.all() serializer_class = TemplateCategorySerializer + filter_backends = [SearchFilter] + search_fields = ['$name', ] class TransactionTemplateViewSet(viewsets.ModelViewSet): @@ -149,6 +153,8 @@ class TransactionTemplateViewSet(viewsets.ModelViewSet): """ queryset = TransactionTemplate.objects.all() serializer_class = TransactionTemplateSerializer + filter_backends = [DjangoFilterBackend] + filterset_fields = ['name', 'amount', 'display', 'category', ] class TransactionViewSet(viewsets.ModelViewSet): @@ -158,14 +164,6 @@ class TransactionViewSet(viewsets.ModelViewSet): then render it on /api/note/transaction/transaction/ """ queryset = Transaction.objects.all() - serializer_class = TransactionSerializer - - -class MembershipTransactionViewSet(viewsets.ModelViewSet): - """ - REST API View set. - The djangorestframework plugin will get all `MembershipTransaction` objects, serialize it to JSON with the given serializer, - then render it on /api/note/transaction/membership/ - """ - queryset = MembershipTransaction.objects.all() - serializer_class = MembershipTransactionSerializer + serializer_class = TransactionPolymorphicSerializer + filter_backends = [SearchFilter] + search_fields = ['$reason', ] diff --git a/apps/note/fixtures/initial.json b/apps/note/fixtures/initial.json index 01242b22..3654fa2f 100644 --- a/apps/note/fixtures/initial.json +++ b/apps/note/fixtures/initial.json @@ -3,7 +3,7 @@ "model": "note.note", "pk": 1, "fields": { - "polymorphic_ctype": 37, + "polymorphic_ctype": 40, "balance": 0, "is_active": true, "display_image": "", @@ -14,7 +14,7 @@ "model": "note.note", "pk": 2, "fields": { - "polymorphic_ctype": 37, + "polymorphic_ctype": 40, "balance": 0, "is_active": true, "display_image": "", @@ -25,7 +25,7 @@ "model": "note.note", "pk": 3, "fields": { - "polymorphic_ctype": 37, + "polymorphic_ctype": 40, "balance": 0, "is_active": true, "display_image": "", @@ -36,7 +36,7 @@ "model": "note.note", "pk": 4, "fields": { - "polymorphic_ctype": 37, + "polymorphic_ctype": 40, "balance": 0, "is_active": true, "display_image": "", @@ -47,7 +47,7 @@ "model": "note.note", "pk": 5, "fields": { - "polymorphic_ctype": 36, + "polymorphic_ctype": 39, "balance": 0, "is_active": true, "display_image": "", @@ -58,7 +58,7 @@ "model": "note.note", "pk": 6, "fields": { - "polymorphic_ctype": 36, + "polymorphic_ctype": 39, "balance": 0, "is_active": true, "display_image": "", diff --git a/note_kfet/settings/base.py b/note_kfet/settings/base.py index 84f07b6c..0694390d 100644 --- a/note_kfet/settings/base.py +++ b/note_kfet/settings/base.py @@ -137,12 +137,14 @@ REST_FRAMEWORK = { # or allow read-only access for unauthenticated users. 'DEFAULT_PERMISSION_CLASSES': [ # TODO Maybe replace it with our custom permissions system - 'rest_framework.permissions.DjangoModelPermissions' + 'rest_framework.permissions.DjangoModelPermissions', ], 'DEFAULT_AUTHENTICATION_CLASSES': [ 'rest_framework.authentication.SessionAuthentication', 'rest_framework.authentication.TokenAuthentication', - ] + ], + 'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination', + 'PAGE_SIZE': 20, } # Internationalization diff --git a/note_kfet/urls.py b/note_kfet/urls.py index 407659f8..da2f9d6c 100644 --- a/note_kfet/urls.py +++ b/note_kfet/urls.py @@ -20,8 +20,7 @@ urlpatterns = [ path('accounts/', include('django.contrib.auth.urls')), path('admin/doc/', include('django.contrib.admindocs.urls')), path('admin/', admin.site.urls), - path('logs/', include('logs.urls')), - path('api/', include('api.urls')), + path('api/', include('api.urls')), ] urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT) diff --git a/templates/django_filters/rest_framework/crispy_form.html b/templates/django_filters/rest_framework/crispy_form.html new file mode 100644 index 00000000..171767c0 --- /dev/null +++ b/templates/django_filters/rest_framework/crispy_form.html @@ -0,0 +1,5 @@ +{% load crispy_forms_tags %} +{% load i18n %} + +

    {% trans "Field filters" %}

    +{% crispy filter.form %} diff --git a/templates/django_filters/rest_framework/form.html b/templates/django_filters/rest_framework/form.html new file mode 100644 index 00000000..b116e353 --- /dev/null +++ b/templates/django_filters/rest_framework/form.html @@ -0,0 +1,6 @@ +{% load i18n %} +

    {% trans "Field filters" %}

    +
    + {{ filter.form.as_p }} + +
    diff --git a/templates/django_filters/widgets/multiwidget.html b/templates/django_filters/widgets/multiwidget.html new file mode 100644 index 00000000..089ddb20 --- /dev/null +++ b/templates/django_filters/widgets/multiwidget.html @@ -0,0 +1 @@ +{% for widget in widget.subwidgets %}{% include widget.template_name %}{% if forloop.first %}-{% endif %}{% endfor %} From 13797598033f7841e66f70fe934e0ff96a19bda6 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 11:25:40 +0100 Subject: [PATCH 030/119] Changelogs are read-only protected --- apps/logs/api/serializers.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/apps/logs/api/serializers.py b/apps/logs/api/serializers.py index 7de7bc1a..108f2087 100644 --- a/apps/logs/api/serializers.py +++ b/apps/logs/api/serializers.py @@ -15,3 +15,5 @@ class ChangelogSerializer(serializers.ModelSerializer): class Meta: model = Changelog fields = '__all__' + # noinspection PyProtectedMember + read_only_fields = [f.name for f in model._meta.get_fields()] # Changelogs are read-only protected From 2c440062cec1b20c3823651b59e0a9a9ab53b0d7 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 11:33:14 +0100 Subject: [PATCH 031/119] Changelogs are read-only protected --- apps/logs/api/views.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/logs/api/views.py b/apps/logs/api/views.py index 5b1b3ff6..1ddfd7bc 100644 --- a/apps/logs/api/views.py +++ b/apps/logs/api/views.py @@ -8,7 +8,7 @@ from .serializers import ChangelogSerializer from ..models import Changelog -class ChangelogViewSet(viewsets.ModelViewSet): +class ChangelogViewSet(viewsets.ReadOnlyModelViewSet): """ REST API View set. The djangorestframework plugin will get all `Changelog` objects, serialize it to JSON with the given serializer, From b89028b3dca54a5bb67894878947ad59d6e936ff Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 11:37:47 +0100 Subject: [PATCH 032/119] Add models in the API --- apps/api/urls.py | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/apps/api/urls.py b/apps/api/urls.py index 8e0f6415..9bbe1978 100644 --- a/apps/api/urls.py +++ b/apps/api/urls.py @@ -3,6 +3,7 @@ from django.conf.urls import url, include from django.contrib.auth.models import User +from django.contrib.contenttypes.models import ContentType from django_filters.rest_framework import DjangoFilterBackend from rest_framework import routers, serializers, viewsets from rest_framework.filters import SearchFilter @@ -26,6 +27,16 @@ class UserSerializer(serializers.ModelSerializer): 'user_permissions', ) +class ContentTypeSerializer(serializers.ModelSerializer): + """ + REST API Serializer for Users. + The djangorestframework plugin will analyse the model `User` and parse all fields in the API. + """ + + class Meta: + model = ContentType + fields = '__all__' + class UserViewSet(viewsets.ModelViewSet): """ @@ -40,9 +51,20 @@ class UserViewSet(viewsets.ModelViewSet): search_fields = ['$username', '$first_name', '$last_name', ] +class ContentTypeViewSet(viewsets.ReadOnlyModelViewSet): + """ + REST API View set. + The djangorestframework plugin will get all `User` objects, serialize it to JSON with the given serializer, + then render it on /api/users/ + """ + queryset = ContentType.objects.all() + serializer_class = ContentTypeSerializer + + # Routers provide an easy way of automatically determining the URL conf. # Register each app API router and user viewset router = routers.DefaultRouter() +router.register('models', ContentTypeViewSet) router.register('user', UserViewSet) register_members_urls(router, 'members') register_activity_urls(router, 'activity') From f082f8523ad78c30f7e44b142421cca858728a8f Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 12:05:29 +0100 Subject: [PATCH 033/119] Update translations --- apps/note/models/notes.py | 2 +- apps/note/views.py | 2 +- locale/de/LC_MESSAGES/django.po | 161 ++++++++------ locale/fr/LC_MESSAGES/django.po | 216 +++++++++++-------- templates/base.html | 2 +- templates/member/club_form.html | 5 +- templates/member/club_list.html | 3 +- templates/member/signup.html | 6 +- templates/note/transactiontemplate_form.html | 3 +- 9 files changed, 234 insertions(+), 166 deletions(-) diff --git a/apps/note/models/notes.py b/apps/note/models/notes.py index 74cda3ea..c53c0140 100644 --- a/apps/note/models/notes.py +++ b/apps/note/models/notes.py @@ -231,7 +231,7 @@ class Alias(models.Model): try: sim_alias = Alias.objects.get(normalized_name=normalized_name) if self != sim_alias: - raise ValidationError(_('An alias with a similar name already exists: {} '.format(sim_alias)), + raise ValidationError(_('An alias with a similar name already exists: {} ').format(sim_alias), code="same_alias" ) except Alias.DoesNotExist: diff --git a/apps/note/views.py b/apps/note/views.py index ccba8c9f..7064370a 100644 --- a/apps/note/views.py +++ b/apps/note/views.py @@ -136,7 +136,7 @@ class ConsoView(LoginRequiredMixin, CreateView): context = super().get_context_data(**kwargs) context['transaction_templates'] = TransactionTemplate.objects.filter(display=True) \ .order_by('category') - context['title'] = _("Consommations") + context['title'] = _("Consumptions") # select2 compatibility context['no_cache'] = True diff --git a/locale/de/LC_MESSAGES/django.po b/locale/de/LC_MESSAGES/django.po index ce17f5de..6c60a9fe 100644 --- a/locale/de/LC_MESSAGES/django.po +++ b/locale/de/LC_MESSAGES/django.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2020-03-07 18:01+0100\n" +"POT-Creation-Date: 2020-03-11 11:44+0100\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -24,7 +24,7 @@ msgstr "" #: apps/activity/models.py:19 apps/activity/models.py:44 #: apps/member/models.py:60 apps/member/models.py:111 -#: apps/note/models/notes.py:187 apps/note/models/transactions.py:24 +#: apps/note/models/notes.py:188 apps/note/models/transactions.py:24 #: apps/note/models/transactions.py:44 templates/member/profile_detail.html:15 msgid "name" msgstr "" @@ -49,7 +49,7 @@ msgstr "" msgid "description" msgstr "" -#: apps/activity/models.py:54 apps/note/models/notes.py:163 +#: apps/activity/models.py:54 apps/note/models/notes.py:164 #: apps/note/models/transactions.py:62 msgid "type" msgstr "" @@ -90,7 +90,7 @@ msgstr "" msgid "Logs" msgstr "" -#: apps/logs/models.py:21 apps/note/models/notes.py:116 +#: apps/logs/models.py:21 apps/note/models/notes.py:117 msgid "user" msgstr "" @@ -114,15 +114,27 @@ msgstr "" msgid "new data" msgstr "" -#: apps/logs/models.py:59 +#: apps/logs/models.py:60 +msgid "create" +msgstr "" + +#: apps/logs/models.py:61 +msgid "edit" +msgstr "" + +#: apps/logs/models.py:62 +msgid "delete" +msgstr "" + +#: apps/logs/models.py:65 msgid "action" msgstr "" -#: apps/logs/models.py:67 +#: apps/logs/models.py:73 msgid "timestamp" msgstr "" -#: apps/logs/models.py:71 +#: apps/logs/models.py:77 msgid "Logs cannot be destroyed." msgstr "" @@ -188,7 +200,7 @@ msgid "" "members can renew their membership." msgstr "" -#: apps/member/models.py:93 apps/note/models/notes.py:138 +#: apps/member/models.py:93 apps/note/models/notes.py:139 msgid "club" msgstr "" @@ -237,7 +249,7 @@ msgstr "" msgid "Account #%(id)s: %(username)s" msgstr "" -#: apps/member/views.py:200 +#: apps/member/views.py:202 msgid "Alias successfully deleted" msgstr "" @@ -250,127 +262,127 @@ msgstr "" msgid "destination" msgstr "" -#: apps/note/apps.py:14 apps/note/models/notes.py:57 +#: apps/note/apps.py:14 apps/note/models/notes.py:58 msgid "note" msgstr "" -#: apps/note/forms.py:26 +#: apps/note/forms.py:20 msgid "New Alias" msgstr "" -#: apps/note/forms.py:31 +#: apps/note/forms.py:25 msgid "select an image" msgstr "" -#: apps/note/forms.py:32 +#: apps/note/forms.py:26 msgid "Maximal size: 2MB" msgstr "" -#: apps/note/forms.py:77 +#: apps/note/forms.py:70 msgid "Source and destination must be different." msgstr "" -#: apps/note/models/notes.py:26 +#: apps/note/models/notes.py:27 msgid "account balance" msgstr "" -#: apps/note/models/notes.py:27 +#: apps/note/models/notes.py:28 msgid "in centimes, money credited for this instance" msgstr "" -#: apps/note/models/notes.py:31 +#: apps/note/models/notes.py:32 msgid "last negative date" msgstr "" -#: apps/note/models/notes.py:32 +#: apps/note/models/notes.py:33 msgid "last time the balance was negative" msgstr "" -#: apps/note/models/notes.py:37 +#: apps/note/models/notes.py:38 msgid "active" msgstr "" -#: apps/note/models/notes.py:40 +#: apps/note/models/notes.py:41 msgid "" "Designates whether this note should be treated as active. Unselect this " "instead of deleting notes." msgstr "" -#: apps/note/models/notes.py:44 +#: apps/note/models/notes.py:45 msgid "display image" msgstr "" -#: apps/note/models/notes.py:52 apps/note/models/transactions.py:102 +#: apps/note/models/notes.py:53 apps/note/models/transactions.py:102 msgid "created at" msgstr "" -#: apps/note/models/notes.py:58 +#: apps/note/models/notes.py:59 msgid "notes" msgstr "" -#: apps/note/models/notes.py:66 +#: apps/note/models/notes.py:67 msgid "Note" msgstr "" -#: apps/note/models/notes.py:76 apps/note/models/notes.py:100 +#: apps/note/models/notes.py:77 apps/note/models/notes.py:101 msgid "This alias is already taken." msgstr "" -#: apps/note/models/notes.py:120 +#: apps/note/models/notes.py:121 msgid "one's note" msgstr "" -#: apps/note/models/notes.py:121 +#: apps/note/models/notes.py:122 msgid "users note" msgstr "" -#: apps/note/models/notes.py:127 +#: apps/note/models/notes.py:128 #, python-format msgid "%(user)s's note" msgstr "" -#: apps/note/models/notes.py:142 +#: apps/note/models/notes.py:143 msgid "club note" msgstr "" -#: apps/note/models/notes.py:143 +#: apps/note/models/notes.py:144 msgid "clubs notes" msgstr "" -#: apps/note/models/notes.py:149 +#: apps/note/models/notes.py:150 #, python-format msgid "Note of %(club)s club" msgstr "" -#: apps/note/models/notes.py:169 +#: apps/note/models/notes.py:170 msgid "special note" msgstr "" -#: apps/note/models/notes.py:170 +#: apps/note/models/notes.py:171 msgid "special notes" msgstr "" -#: apps/note/models/notes.py:193 +#: apps/note/models/notes.py:194 msgid "Invalid alias" msgstr "" -#: apps/note/models/notes.py:209 +#: apps/note/models/notes.py:210 msgid "alias" msgstr "" -#: apps/note/models/notes.py:210 templates/member/profile_detail.html:37 +#: apps/note/models/notes.py:211 templates/member/profile_detail.html:37 msgid "aliases" msgstr "" -#: apps/note/models/notes.py:228 +#: apps/note/models/notes.py:229 msgid "Alias is too long." msgstr "" -#: apps/note/models/notes.py:233 +#: apps/note/models/notes.py:234 msgid "An alias with a similar name already exists: {} " msgstr "" -#: apps/note/models/notes.py:242 +#: apps/note/models/notes.py:243 msgid "You can't delete your main alias." msgstr "" @@ -422,11 +434,11 @@ msgstr "" msgid "transactions" msgstr "" -#: apps/note/models/transactions.py:184 +#: apps/note/models/transactions.py:185 msgid "membership transaction" msgstr "" -#: apps/note/models/transactions.py:185 +#: apps/note/models/transactions.py:186 msgid "membership transactions" msgstr "" @@ -434,34 +446,54 @@ msgstr "" msgid "Transfer money from your account to one or others" msgstr "" -#: apps/note/views.py:138 +#: apps/note/views.py:139 msgid "Consommations" msgstr "" -#: note_kfet/settings/base.py:162 -msgid "German" -msgstr "" - -#: note_kfet/settings/base.py:163 -msgid "English" -msgstr "" - -#: note_kfet/settings/base.py:164 -msgid "French" -msgstr "" - -#: note_kfet/settings/base.py:215 +#: note_kfet/settings/__init__.py:63 msgid "" "The Central Authentication Service grants you access to most of our websites " "by authenticating only once, so you don't need to type your credentials " "again unless your session expires or you logout." msgstr "" +#: note_kfet/settings/base.py:156 +msgid "German" +msgstr "" + +#: note_kfet/settings/base.py:157 +msgid "English" +msgstr "" + +#: note_kfet/settings/base.py:158 +msgid "French" +msgstr "" + #: templates/base.html:13 msgid "The ENS Paris-Saclay BDE note." msgstr "" -#: templates/cas_server/base.html:7 templates/cas_server/base.html:26 +#: templates/base.html:70 +msgid "Consumptions" +msgstr "" + +#: templates/base.html:73 +msgid "Clubs" +msgstr "" + +#: templates/base.html:76 +msgid "Activities" +msgstr "" + +#: templates/base.html:79 +msgid "Button" +msgstr "" + +#: templates/base.html:82 templates/note/transaction_form.html:35 +msgid "Transfer" +msgstr "" + +#: templates/cas_server/base.html:7 msgid "Central Authentication Service" msgstr "" @@ -511,6 +543,15 @@ msgstr "" msgid "Connect to the service" msgstr "" +#: templates/django_filters/rest_framework/crispy_form.html:4 +#: templates/django_filters/rest_framework/form.html:2 +msgid "Field filters" +msgstr "" + +#: templates/django_filters/rest_framework/form.html:5 +msgid "Submit" +msgstr "" + #: templates/member/club_detail.html:10 msgid "Membership starts on" msgstr "" @@ -583,10 +624,6 @@ msgstr "" msgid "Sign Up" msgstr "" -#: templates/note/transaction_form.html:35 -msgid "Transfer" -msgstr "" - #: templates/registration/logged_out.html:8 msgid "Thanks for spending some quality time with the Web site today." msgstr "" @@ -596,7 +633,7 @@ msgid "Log in again" msgstr "" #: templates/registration/login.html:7 templates/registration/login.html:8 -#: templates/registration/login.html:22 +#: templates/registration/login.html:26 #: templates/registration/password_reset_complete.html:10 msgid "Log in" msgstr "" @@ -608,7 +645,7 @@ msgid "" "page. Would you like to login to a different account?" msgstr "" -#: templates/registration/login.html:23 +#: templates/registration/login.html:27 msgid "Forgotten your password or username?" msgstr "" diff --git a/locale/fr/LC_MESSAGES/django.po b/locale/fr/LC_MESSAGES/django.po index 3a8cfb79..05836a54 100644 --- a/locale/fr/LC_MESSAGES/django.po +++ b/locale/fr/LC_MESSAGES/django.po @@ -3,7 +3,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2020-03-07 18:01+0100\n" +"POT-Creation-Date: 2020-03-11 11:44+0100\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -19,7 +19,7 @@ msgstr "activité" #: apps/activity/models.py:19 apps/activity/models.py:44 #: apps/member/models.py:60 apps/member/models.py:111 -#: apps/note/models/notes.py:187 apps/note/models/transactions.py:24 +#: apps/note/models/notes.py:188 apps/note/models/transactions.py:24 #: apps/note/models/transactions.py:44 templates/member/profile_detail.html:15 msgid "name" msgstr "nom" @@ -44,7 +44,7 @@ msgstr "types d'activité" msgid "description" msgstr "description" -#: apps/activity/models.py:54 apps/note/models/notes.py:163 +#: apps/activity/models.py:54 apps/note/models/notes.py:164 #: apps/note/models/transactions.py:62 msgid "type" msgstr "type" @@ -85,15 +85,13 @@ msgstr "" msgid "Logs" msgstr "" -#: apps/logs/models.py:21 apps/note/models/notes.py:116 +#: apps/logs/models.py:21 apps/note/models/notes.py:117 msgid "user" msgstr "utilisateur" #: apps/logs/models.py:27 -#, fuzzy -#| msgid "address" msgid "IP Address" -msgstr "adresse" +msgstr "Adresse IP" #: apps/logs/models.py:35 msgid "model" @@ -108,22 +106,30 @@ msgid "previous data" msgstr "Données précédentes" #: apps/logs/models.py:52 -#, fuzzy -#| msgid "end date" msgid "new data" msgstr "Nouvelles données" -#: apps/logs/models.py:59 -#, fuzzy -#| msgid "section" +#: apps/logs/models.py:60 +msgid "create" +msgstr "Créer" + +#: apps/logs/models.py:61 +msgid "edit" +msgstr "Modifier" + +#: apps/logs/models.py:62 +msgid "delete" +msgstr "Supprimer" + +#: apps/logs/models.py:65 msgid "action" msgstr "Action" -#: apps/logs/models.py:67 +#: apps/logs/models.py:73 msgid "timestamp" msgstr "Date" -#: apps/logs/models.py:71 +#: apps/logs/models.py:77 msgid "Logs cannot be destroyed." msgstr "Les logs ne peuvent pas être détruits." @@ -193,10 +199,16 @@ msgstr "" "Combien de temps l'adhésion peut durer après le 1er Janvier de l'année " "suivante avant que les adhérents peuvent renouveler leur adhésion." -#: apps/member/models.py:93 apps/note/models/notes.py:138 +#: apps/member/models.py:93 apps/note/models/notes.py:139 msgid "club" msgstr "club" +msgid "New club" +msgstr "Nouveau club" + +msgid "Clubs list" +msgstr "Liste des clubs" + #: apps/member/models.py:94 msgid "clubs" msgstr "clubs" @@ -242,9 +254,9 @@ msgstr "Un alias avec un nom similaire existe déjà." msgid "Account #%(id)s: %(username)s" msgstr "Compte n°%(id)s : %(username)s" -#: apps/member/views.py:200 +#: apps/member/views.py:202 msgid "Alias successfully deleted" -msgstr "" +msgstr "L'alias a bien été supprimé" #: apps/note/admin.py:120 apps/note/models/transactions.py:93 msgid "source" @@ -255,132 +267,128 @@ msgstr "source" msgid "destination" msgstr "destination" -#: apps/note/apps.py:14 apps/note/models/notes.py:57 +#: apps/note/apps.py:14 apps/note/models/notes.py:58 msgid "note" msgstr "note" -#: apps/note/forms.py:26 +#: apps/note/forms.py:20 msgid "New Alias" -msgstr "" +msgstr "Nouvel alias" -#: apps/note/forms.py:31 -#, fuzzy -#| msgid "display image" +#: apps/note/forms.py:25 msgid "select an image" -msgstr "image affichée" +msgstr "Choisissez une image" -#: apps/note/forms.py:32 +#: apps/note/forms.py:26 msgid "Maximal size: 2MB" -msgstr "" +msgstr "Taille maximale : 2 Mo" -#: apps/note/forms.py:77 +#: apps/note/forms.py:70 msgid "Source and destination must be different." msgstr "La source et la destination doivent être différentes." -#: apps/note/models/notes.py:26 +#: apps/note/models/notes.py:27 msgid "account balance" msgstr "solde du compte" -#: apps/note/models/notes.py:27 +#: apps/note/models/notes.py:28 msgid "in centimes, money credited for this instance" msgstr "en centimes, argent crédité pour cette instance" -#: apps/note/models/notes.py:31 +#: apps/note/models/notes.py:32 msgid "last negative date" msgstr "dernier date de négatif" -#: apps/note/models/notes.py:32 +#: apps/note/models/notes.py:33 msgid "last time the balance was negative" msgstr "dernier instant où la note était en négatif" -#: apps/note/models/notes.py:37 +#: apps/note/models/notes.py:38 msgid "active" msgstr "actif" -#: apps/note/models/notes.py:40 +#: apps/note/models/notes.py:41 msgid "" "Designates whether this note should be treated as active. Unselect this " "instead of deleting notes." msgstr "" "Indique si la note est active. Désactiver cela plutôt que supprimer la note." -#: apps/note/models/notes.py:44 +#: apps/note/models/notes.py:45 msgid "display image" msgstr "image affichée" -#: apps/note/models/notes.py:52 apps/note/models/transactions.py:102 +#: apps/note/models/notes.py:53 apps/note/models/transactions.py:102 msgid "created at" msgstr "créée le" -#: apps/note/models/notes.py:58 +#: apps/note/models/notes.py:59 msgid "notes" msgstr "notes" -#: apps/note/models/notes.py:66 +#: apps/note/models/notes.py:67 msgid "Note" msgstr "Note" -#: apps/note/models/notes.py:76 apps/note/models/notes.py:100 +#: apps/note/models/notes.py:77 apps/note/models/notes.py:101 msgid "This alias is already taken." msgstr "Cet alias est déjà pris." -#: apps/note/models/notes.py:120 +#: apps/note/models/notes.py:121 msgid "one's note" msgstr "note d'un utilisateur" -#: apps/note/models/notes.py:121 +#: apps/note/models/notes.py:122 msgid "users note" msgstr "notes des utilisateurs" -#: apps/note/models/notes.py:127 +#: apps/note/models/notes.py:128 #, python-format msgid "%(user)s's note" msgstr "Note de %(user)s" -#: apps/note/models/notes.py:142 +#: apps/note/models/notes.py:143 msgid "club note" msgstr "note d'un club" -#: apps/note/models/notes.py:143 +#: apps/note/models/notes.py:144 msgid "clubs notes" msgstr "notes des clubs" -#: apps/note/models/notes.py:149 +#: apps/note/models/notes.py:150 #, python-format msgid "Note of %(club)s club" msgstr "Note du club %(club)s" -#: apps/note/models/notes.py:169 +#: apps/note/models/notes.py:170 msgid "special note" msgstr "note spéciale" -#: apps/note/models/notes.py:170 +#: apps/note/models/notes.py:171 msgid "special notes" msgstr "notes spéciales" -#: apps/note/models/notes.py:193 +#: apps/note/models/notes.py:194 msgid "Invalid alias" msgstr "Alias invalide" -#: apps/note/models/notes.py:209 +#: apps/note/models/notes.py:210 msgid "alias" msgstr "alias" -#: apps/note/models/notes.py:210 templates/member/profile_detail.html:37 +#: apps/note/models/notes.py:211 templates/member/profile_detail.html:37 msgid "aliases" msgstr "alias" -#: apps/note/models/notes.py:228 +#: apps/note/models/notes.py:229 msgid "Alias is too long." msgstr "L'alias est trop long." -#: apps/note/models/notes.py:233 -#, fuzzy -#| msgid "An alias with a similar name already exists:" +#: apps/note/models/notes.py:234 msgid "An alias with a similar name already exists: {} " -msgstr "Un alias avec un nom similaire existe déjà." +msgstr "Un alias avec un nom similaire existe déjà : {}" -#: apps/note/models/notes.py:242 +#: apps/note/models/notes.py:243 msgid "You can't delete your main alias." msgstr "Vous ne pouvez pas supprimer votre alias principal." @@ -393,7 +401,6 @@ msgid "transaction categories" msgstr "catégories de transaction" #: apps/note/models/transactions.py:47 -#, fuzzy msgid "A template with this name already exist" msgstr "Un modèle de transaction avec un nom similaire existe déjà." @@ -433,11 +440,11 @@ msgstr "transaction" msgid "transactions" msgstr "transactions" -#: apps/note/models/transactions.py:184 +#: apps/note/models/transactions.py:185 msgid "membership transaction" msgstr "transaction d'adhésion" -#: apps/note/models/transactions.py:185 +#: apps/note/models/transactions.py:186 msgid "membership transactions" msgstr "transactions d'adhésion" @@ -445,34 +452,53 @@ msgstr "transactions d'adhésion" msgid "Transfer money from your account to one or others" msgstr "Transfert d'argent de ton compte vers un ou plusieurs autres" -#: apps/note/views.py:138 -msgid "Consommations" -msgstr "transactions" - -#: note_kfet/settings/base.py:162 -msgid "German" -msgstr "" - -#: note_kfet/settings/base.py:163 -msgid "English" -msgstr "" - -#: note_kfet/settings/base.py:164 -msgid "French" -msgstr "" - -#: note_kfet/settings/base.py:215 +#: note_kfet/settings/__init__.py:63 msgid "" "The Central Authentication Service grants you access to most of our websites " "by authenticating only once, so you don't need to type your credentials " "again unless your session expires or you logout." msgstr "" +#: note_kfet/settings/base.py:156 +msgid "German" +msgstr "" + +#: note_kfet/settings/base.py:157 +msgid "English" +msgstr "" + +#: note_kfet/settings/base.py:158 +msgid "French" +msgstr "" + #: templates/base.html:13 msgid "The ENS Paris-Saclay BDE note." msgstr "La note du BDE de l'ENS Paris-Saclay." -#: templates/cas_server/base.html:7 templates/cas_server/base.html:26 +#: templates/base.html:70 +msgid "Consumptions" +msgstr "Consommations" + +#: templates/base.html:73 +msgid "Clubs" +msgstr "Clubs" + +#: templates/base.html:76 +msgid "Activities" +msgstr "Activités" + +#: templates/base.html:79 +msgid "Buttons" +msgstr "Boutons" + +msgid "Buttons list" +msgstr "Liste des boutons" + +#: templates/base.html:82 templates/note/transaction_form.html:35 +msgid "Transfer" +msgstr "Virement" + +#: templates/cas_server/base.html:7 msgid "Central Authentication Service" msgstr "" @@ -510,11 +536,11 @@ msgstr "" #: templates/cas_server/login.html:11 msgid "" -"If you don't have any Note Kfet account, please follow this link to sign up." +"If you don't have any Note Kfet account, please follow this link to sign up." msgstr "" -"Si vous n'avez pas de compte Note Kfet, veuillez suivre ce lien pour vous inscrire." +"Si vous n'avez pas de compte Note Kfet, veuillez suivre ce lien pour vous inscrire." #: templates/cas_server/login.html:17 msgid "Login" @@ -524,6 +550,15 @@ msgstr "" msgid "Connect to the service" msgstr "" +#: templates/django_filters/rest_framework/crispy_form.html:4 +#: templates/django_filters/rest_framework/form.html:2 +msgid "Field filters" +msgstr "" + +#: templates/django_filters/rest_framework/form.html:5 +msgid "Submit" +msgstr "" + #: templates/member/club_detail.html:10 msgid "Membership starts on" msgstr "L'adhésion commence le" @@ -557,10 +592,8 @@ msgid "Regenerate token" msgstr "Regénérer le jeton" #: templates/member/profile_alias.html:10 -#, fuzzy -#| msgid "alias" msgid "Add alias" -msgstr "alias" +msgstr "Ajouter un alias" #: templates/member/profile_detail.html:15 msgid "first name" @@ -583,10 +616,8 @@ msgid "Manage auth token" msgstr "Gérer les jetons d'authentification" #: templates/member/profile_detail.html:49 -#, fuzzy -#| msgid "Update Profile" msgid "View Profile" -msgstr "Modifier le profil" +msgstr "Voir le profil" #: templates/member/profile_detail.html:62 msgid "View my memberships" @@ -596,13 +627,10 @@ msgstr "Voir mes adhésions" msgid "Save Changes" msgstr "Sauvegarder les changements" +#: templates/member/signup.html:8 #: templates/member/signup.html:14 -msgid "Sign Up" -msgstr "" - -#: templates/note/transaction_form.html:35 -msgid "Transfer" -msgstr "Virement" +msgid "Sign up" +msgstr "Inscription" #: templates/registration/logged_out.html:8 msgid "Thanks for spending some quality time with the Web site today." @@ -613,7 +641,7 @@ msgid "Log in again" msgstr "" #: templates/registration/login.html:7 templates/registration/login.html:8 -#: templates/registration/login.html:22 +#: templates/registration/login.html:26 #: templates/registration/password_reset_complete.html:10 msgid "Log in" msgstr "" @@ -625,7 +653,7 @@ msgid "" "page. Would you like to login to a different account?" msgstr "" -#: templates/registration/login.html:23 +#: templates/registration/login.html:27 msgid "Forgotten your password or username?" msgstr "" diff --git a/templates/base.html b/templates/base.html index 887bc970..94810b87 100644 --- a/templates/base.html +++ b/templates/base.html @@ -76,7 +76,7 @@ SPDX-License-Identifier: GPL-3.0-or-later {% trans 'Activities' %}
  • - {% trans 'Button' %} + {% trans 'Buttons' %}
  • {% trans 'Transfer' %} diff --git a/templates/member/club_form.html b/templates/member/club_form.html index 3fc2dd8b..577297bb 100644 --- a/templates/member/club_form.html +++ b/templates/member/club_form.html @@ -1,11 +1,12 @@ {% extends "base.html" %} {% load static %} +{% load i18n %} {% load crispy_forms_tags %} {% block content %} -

    Template Listing

    +

    {% trans "Clubs list" %}

    {% csrf_token %} {{form|crispy}} - +
    {% endblock %} diff --git a/templates/member/club_list.html b/templates/member/club_list.html index f807c25c..16571113 100644 --- a/templates/member/club_list.html +++ b/templates/member/club_list.html @@ -1,10 +1,11 @@ {% extends "base.html" %} {% load render_table from django_tables2 %} +{% load i18n %} {% block content %} {% render_table table %} -New Club +{% trans "New club" %} {% endblock %} {% block extrajavascript %} diff --git a/templates/member/signup.html b/templates/member/signup.html index e682bd9b..d7b3c23e 100644 --- a/templates/member/signup.html +++ b/templates/member/signup.html @@ -2,16 +2,16 @@ {% extends 'base.html' %} {% load crispy_forms_tags %} {% load i18n %} -{% block title %}Sign Up{% endblock %} +{% block title %}{% trans "Sign up" %}{% endblock %} {% block content %} -

    Sign up

    +

    {% trans "Sign up" %}

    {% csrf_token %} {{ form|crispy }} {{ profile_form|crispy }}
    {% endblock %} diff --git a/templates/note/transactiontemplate_form.html b/templates/note/transactiontemplate_form.html index 3fc2dd8b..1f9a574a 100644 --- a/templates/note/transactiontemplate_form.html +++ b/templates/note/transactiontemplate_form.html @@ -1,8 +1,9 @@ {% extends "base.html" %} {% load static %} +{% load i18n %} {% load crispy_forms_tags %} {% block content %} -

    Template Listing

    +

    {% trans "Buttons list" %}

    {% csrf_token %} {{form|crispy}} From 06c97d75a076934bf2c8e89db6b31ecc466dde31 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 12:41:44 +0100 Subject: [PATCH 034/119] Logs are decreasing ordered --- apps/api/urls.py | 1 + apps/logs/api/views.py | 7 +++++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/apps/api/urls.py b/apps/api/urls.py index 9bbe1978..95ed5f99 100644 --- a/apps/api/urls.py +++ b/apps/api/urls.py @@ -27,6 +27,7 @@ class UserSerializer(serializers.ModelSerializer): 'user_permissions', ) + class ContentTypeSerializer(serializers.ModelSerializer): """ REST API Serializer for Users. diff --git a/apps/logs/api/views.py b/apps/logs/api/views.py index 1ddfd7bc..2c47b7a2 100644 --- a/apps/logs/api/views.py +++ b/apps/logs/api/views.py @@ -3,6 +3,7 @@ from django_filters.rest_framework import DjangoFilterBackend from rest_framework import viewsets +from rest_framework.filters import OrderingFilter from .serializers import ChangelogSerializer from ..models import Changelog @@ -16,5 +17,7 @@ class ChangelogViewSet(viewsets.ReadOnlyModelViewSet): """ queryset = Changelog.objects.all() serializer_class = ChangelogSerializer - filter_backends = [DjangoFilterBackend] - filterset_fields = ['model', 'action', "instance_pk", 'user', 'ip',] + filter_backends = [DjangoFilterBackend, OrderingFilter] + filterset_fields = ['model', 'action', "instance_pk", 'user', 'ip', ] + ordering_fields = ['timestamp', ] + ordering = ['-timestamp', ] From a128ed480339d5c9c2541535a86a60a1b48a87a7 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 13:24:48 +0100 Subject: [PATCH 035/119] Use environment rather than hardcoding strings, closes #36 --- README.md | 8 ++++++-- apps/note/templatetags/__init__.py | 12 ++++++++++++ apps/note/templatetags/getenv.py | 8 ++++++++ apps/note/templatetags/pretty_money.py | 6 ------ note_kfet/settings/__init__.py | 2 ++ note_kfet/settings/development.py | 2 +- note_kfet/settings/production.py | 6 ++++-- templates/base.html | 4 ++-- 8 files changed, 35 insertions(+), 13 deletions(-) create mode 100644 apps/note/templatetags/getenv.py diff --git a/README.md b/README.md index 14ec5f42..c53ee38d 100644 --- a/README.md +++ b/README.md @@ -133,10 +133,14 @@ Il est possible de travailler sur une instance Docker. build: /chemin/vers/nk20 volumes: - /chemin/vers/nk20:/code/ + environment: + MAILING_LIST_DOMAIN: lists.example.com + NOTE_URL: nk20.example.com + DOMAIN: example.com restart: always labels: - - traefik.domain=ndd.exemple.com - - traefik.frontend.rule=Host:ndd.exemple.com + - traefik.domain=ndd.example.com + - traefik.frontend.rule=Host:ndd.example.com - traefik.port=8000 3. Enjoy : diff --git a/apps/note/templatetags/__init__.py b/apps/note/templatetags/__init__.py index e69de29b..19b8e45b 100644 --- a/apps/note/templatetags/__init__.py +++ b/apps/note/templatetags/__init__.py @@ -0,0 +1,12 @@ +# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay +# SPDX-License-Identifier: GPL-3.0-or-later + +from django import template + +from .getenv import getenv +from .pretty_money import pretty_money + +register = template.Library() + +register.filter('getenv', getenv) +register.filter('pretty_money', pretty_money) diff --git a/apps/note/templatetags/getenv.py b/apps/note/templatetags/getenv.py new file mode 100644 index 00000000..7710a389 --- /dev/null +++ b/apps/note/templatetags/getenv.py @@ -0,0 +1,8 @@ +# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay +# SPDX-License-Identifier: GPL-3.0-or-later + +import os + + +def getenv(value): + return os.getenv(value) diff --git a/apps/note/templatetags/pretty_money.py b/apps/note/templatetags/pretty_money.py index 12530c6e..5db2a1c0 100644 --- a/apps/note/templatetags/pretty_money.py +++ b/apps/note/templatetags/pretty_money.py @@ -1,8 +1,6 @@ # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay # SPDX-License-Identifier: GPL-3.0-or-later -from django import template - def pretty_money(value): if value % 100 == 0: @@ -16,7 +14,3 @@ def pretty_money(value): abs(value) // 100, abs(value) % 100, ) - - -register = template.Library() -register.filter('pretty_money', pretty_money) diff --git a/note_kfet/settings/__init__.py b/note_kfet/settings/__init__.py index ce31b39f..10b21970 100644 --- a/note_kfet/settings/__init__.py +++ b/note_kfet/settings/__init__.py @@ -51,12 +51,14 @@ except ImportError: if "cas" in INSTALLED_APPS: MIDDLEWARE += ['cas.middleware.CASMiddleware'] # CAS Settings + CAS_SERVER_URL = "https://" + os.getenv("NOTE_URL") + "/cas/" CAS_AUTO_CREATE_USER = False CAS_LOGO_URL = "/static/img/Saperlistpopette.png" CAS_FAVICON_URL = "/static/favicon/favicon-32x32.png" CAS_SHOW_SERVICE_MESSAGES = True CAS_SHOW_POWERED = False CAS_REDIRECT_TO_LOGIN_AFTER_LOGOUT = False + CAS_PROVIDE_URL_TO_LOGOUT = True CAS_INFO_MESSAGES = { "cas_explained": { "message": _( diff --git a/note_kfet/settings/development.py b/note_kfet/settings/development.py index cf738f33..61f6d530 100644 --- a/note_kfet/settings/development.py +++ b/note_kfet/settings/development.py @@ -39,7 +39,7 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' # EMAIL_HOST_USER = 'change_me' # EMAIL_HOST_PASSWORD = 'change_me' -SERVER_EMAIL = 'no-reply@example.org' +SERVER_EMAIL = 'no-reply@' + os.getenv("DOMAIN") # Security settings SECURE_CONTENT_TYPE_NOSNIFF = False diff --git a/note_kfet/settings/production.py b/note_kfet/settings/production.py index 4512dc85..ea1e9739 100644 --- a/note_kfet/settings/production.py +++ b/note_kfet/settings/production.py @@ -1,6 +1,8 @@ # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay # SPDX-License-Identifier: GPL-3.0-or-later +import os + ######################## # Production Settings # ######################## @@ -37,7 +39,7 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' # EMAIL_HOST_USER = 'change_me' # EMAIL_HOST_PASSWORD = 'change_me' -SERVER_EMAIL = 'no-reply@example.org' +SERVER_EMAIL = 'no-reply@' + os.getenv("DOMAIN") # Security settings SECURE_CONTENT_TYPE_NOSNIFF = False @@ -49,4 +51,4 @@ X_FRAME_OPTIONS = 'DENY' SESSION_COOKIE_AGE = 60 * 60 * 3 # CAS Client settings -CAS_SERVER_URL = "https://note.crans.org/cas/" +CAS_SERVER_URL = "https://" + os.getenv("NOTE_URL") + "/cas/" diff --git a/templates/base.html b/templates/base.html index 94810b87..57c741d0 100644 --- a/templates/base.html +++ b/templates/base.html @@ -1,4 +1,4 @@ -{% load static i18n pretty_money static %} +{% load static i18n pretty_money static getenv %} {% comment %} SPDX-License-Identifier: GPL-3.0-or-later {% endcomment %} @@ -128,7 +128,7 @@ SPDX-License-Identifier: GPL-3.0-or-later class="form-inline"> NoteKfet2020 — - Nous contacter {% csrf_token %} From c8f5451ea4e2055a5b028722798ef0ff39a5db28 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Wed, 11 Mar 2020 13:46:47 +0100 Subject: [PATCH 036/119] Added indexes for Transaction, Alias and Profile --- apps/member/models.py | 1 + apps/note/models/notes.py | 4 ++++ apps/note/models/transactions.py | 5 +++++ 3 files changed, 10 insertions(+) diff --git a/apps/member/models.py b/apps/member/models.py index 50b0bea1..b596357f 100644 --- a/apps/member/models.py +++ b/apps/member/models.py @@ -46,6 +46,7 @@ class Profile(models.Model): class Meta: verbose_name = _('user profile') verbose_name_plural = _('user profile') + indexes = [ models.Index(fields=['user']) ] def get_absolute_url(self): return reverse('user_detail', args=(self.pk,)) diff --git a/apps/note/models/notes.py b/apps/note/models/notes.py index 74cda3ea..70810ad8 100644 --- a/apps/note/models/notes.py +++ b/apps/note/models/notes.py @@ -209,6 +209,10 @@ class Alias(models.Model): class Meta: verbose_name = _("alias") verbose_name_plural = _("aliases") + indexes = [ + models.Index(fields=['name']), + models.Index(fields=['normalized_name']), + ] def __str__(self): return self.name diff --git a/apps/note/models/transactions.py b/apps/note/models/transactions.py index 3bb7ca76..809e7c44 100644 --- a/apps/note/models/transactions.py +++ b/apps/note/models/transactions.py @@ -119,6 +119,11 @@ class Transaction(PolymorphicModel): class Meta: verbose_name = _("transaction") verbose_name_plural = _("transactions") + indexes = [ + models.Index(fields=['created_at']), + models.Index(fields=['source']), + models.Index(fields=['destination']), + ] def save(self, *args, **kwargs): """ From b17ff59984844709bd69be53e19d61910d2371cd Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Wed, 11 Mar 2020 13:51:26 +0100 Subject: [PATCH 037/119] Added indexes for Membership --- apps/member/models.py | 1 + 1 file changed, 1 insertion(+) diff --git a/apps/member/models.py b/apps/member/models.py index b596357f..5cdc4c77 100644 --- a/apps/member/models.py +++ b/apps/member/models.py @@ -153,6 +153,7 @@ class Membership(models.Model): class Meta: verbose_name = _('membership') verbose_name_plural = _('memberships') + indexes = [ models.Index(fields=['user']) ] # @receiver(post_save, sender=settings.AUTH_USER_MODEL) # def save_user_profile(instance, created, **_kwargs): From 58ea6abce48d3f385cb225577d2178261407635b Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 15:13:34 +0100 Subject: [PATCH 038/119] Fix template tags to make tox happy --- apps/logs/signals.py | 3 +++ apps/note/templatetags/__init__.py | 11 +++-------- apps/note/templatetags/getenv.py | 6 ++++++ apps/note/templatetags/pretty_money.py | 6 ++++++ note_kfet/settings/__init__.py | 2 +- note_kfet/settings/development.py | 2 +- note_kfet/settings/production.py | 4 ++-- 7 files changed, 22 insertions(+), 12 deletions(-) diff --git a/apps/logs/signals.py b/apps/logs/signals.py index ab196291..a6b75b50 100644 --- a/apps/logs/signals.py +++ b/apps/logs/signals.py @@ -17,6 +17,9 @@ from .models import Changelog EXCLUDED = [ 'admin.logentry', 'authtoken.token', + 'cas_server.proxygrantingticket', + 'cas_server.proxyticket', + 'cas_server.serviceticket', 'cas_server.user', 'cas_server.userattributes', 'contenttypes.contenttype', diff --git a/apps/note/templatetags/__init__.py b/apps/note/templatetags/__init__.py index 19b8e45b..6f6700c5 100644 --- a/apps/note/templatetags/__init__.py +++ b/apps/note/templatetags/__init__.py @@ -1,12 +1,7 @@ # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay # SPDX-License-Identifier: GPL-3.0-or-later -from django import template +from . import getenv +from . import pretty_money -from .getenv import getenv -from .pretty_money import pretty_money - -register = template.Library() - -register.filter('getenv', getenv) -register.filter('pretty_money', pretty_money) +print(getenv, pretty_money, file=None) # Useless, but tox is happy diff --git a/apps/note/templatetags/getenv.py b/apps/note/templatetags/getenv.py index 7710a389..c133cb8f 100644 --- a/apps/note/templatetags/getenv.py +++ b/apps/note/templatetags/getenv.py @@ -1,8 +1,14 @@ # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay # SPDX-License-Identifier: GPL-3.0-or-later +from django import template + import os def getenv(value): return os.getenv(value) + + +register = template.Library() +register.filter('getenv', getenv) diff --git a/apps/note/templatetags/pretty_money.py b/apps/note/templatetags/pretty_money.py index 5db2a1c0..12530c6e 100644 --- a/apps/note/templatetags/pretty_money.py +++ b/apps/note/templatetags/pretty_money.py @@ -1,6 +1,8 @@ # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay # SPDX-License-Identifier: GPL-3.0-or-later +from django import template + def pretty_money(value): if value % 100 == 0: @@ -14,3 +16,7 @@ def pretty_money(value): abs(value) // 100, abs(value) % 100, ) + + +register = template.Library() +register.filter('pretty_money', pretty_money) diff --git a/note_kfet/settings/__init__.py b/note_kfet/settings/__init__.py index 10b21970..4a5deff8 100644 --- a/note_kfet/settings/__init__.py +++ b/note_kfet/settings/__init__.py @@ -51,7 +51,7 @@ except ImportError: if "cas" in INSTALLED_APPS: MIDDLEWARE += ['cas.middleware.CASMiddleware'] # CAS Settings - CAS_SERVER_URL = "https://" + os.getenv("NOTE_URL") + "/cas/" + CAS_SERVER_URL = "https://" + os.getenv("NOTE_URL", "note.example.com") + "/cas/" CAS_AUTO_CREATE_USER = False CAS_LOGO_URL = "/static/img/Saperlistpopette.png" CAS_FAVICON_URL = "/static/favicon/favicon-32x32.png" diff --git a/note_kfet/settings/development.py b/note_kfet/settings/development.py index 61f6d530..a949013b 100644 --- a/note_kfet/settings/development.py +++ b/note_kfet/settings/development.py @@ -39,7 +39,7 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' # EMAIL_HOST_USER = 'change_me' # EMAIL_HOST_PASSWORD = 'change_me' -SERVER_EMAIL = 'no-reply@' + os.getenv("DOMAIN") +SERVER_EMAIL = 'no-reply@' + os.getenv("DOMAIN", "example.com") # Security settings SECURE_CONTENT_TYPE_NOSNIFF = False diff --git a/note_kfet/settings/production.py b/note_kfet/settings/production.py index ea1e9739..c23a29e3 100644 --- a/note_kfet/settings/production.py +++ b/note_kfet/settings/production.py @@ -39,7 +39,7 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' # EMAIL_HOST_USER = 'change_me' # EMAIL_HOST_PASSWORD = 'change_me' -SERVER_EMAIL = 'no-reply@' + os.getenv("DOMAIN") +SERVER_EMAIL = 'no-reply@' + os.getenv("DOMAIN", "example.com") # Security settings SECURE_CONTENT_TYPE_NOSNIFF = False @@ -51,4 +51,4 @@ X_FRAME_OPTIONS = 'DENY' SESSION_COOKIE_AGE = 60 * 60 * 3 # CAS Client settings -CAS_SERVER_URL = "https://" + os.getenv("NOTE_URL") + "/cas/" +CAS_SERVER_URL = "https://" + os.getenv("NOTE_URL", "note.example.com") + "/cas/" From 523e27694a5589a6b6f9fafa5b249efb5d063522 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 15:14:51 +0100 Subject: [PATCH 039/119] Remove useless code --- apps/note/templatetags/__init__.py | 7 ------- 1 file changed, 7 deletions(-) diff --git a/apps/note/templatetags/__init__.py b/apps/note/templatetags/__init__.py index 6f6700c5..e69de29b 100644 --- a/apps/note/templatetags/__init__.py +++ b/apps/note/templatetags/__init__.py @@ -1,7 +0,0 @@ -# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay -# SPDX-License-Identifier: GPL-3.0-or-later - -from . import getenv -from . import pretty_money - -print(getenv, pretty_money, file=None) # Useless, but tox is happy From daef806507aa7203d6ff25bfc259efde5bb52da3 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 15:54:12 +0100 Subject: [PATCH 040/119] More envs --- .env_example | 13 +++++++ README.md | 57 ++++++++++++++++++------------- note_kfet/settings/__init__.py | 4 --- note_kfet/settings/development.py | 22 +++++++++--- note_kfet/settings/production.py | 14 ++++---- 5 files changed, 71 insertions(+), 39 deletions(-) create mode 100644 .env_example diff --git a/.env_example b/.env_example new file mode 100644 index 00000000..91e56ec7 --- /dev/null +++ b/.env_example @@ -0,0 +1,13 @@ +DJANGO_APP_STAGE=dev +# Only used in dev mode, change to "postgresql" if you want to use PostgreSQL in dev +DJANGO_DEV_STORE_METHOD=sqllite +DJANGO_DB_HOST=localhost +DJANGO_DB_NAME=note_db +DJANGO_DB_USER=note +DJANGO_DB_PASSWORD=CHANGE_ME +DJANGO_DB_PORT= +DJANGO_SECRET_KEY=CHANGE_ME +DJANGO_SETTINGS_MODULE=note_kfet.settings +DOMAIN=localhost +MAILING_LIST_DOMAIN=localhost +NOTE_URL=localhost diff --git a/README.md b/README.md index c53ee38d..097980a0 100644 --- a/README.md +++ b/README.md @@ -40,14 +40,13 @@ On supposera pour la suite que vous utiliser debian/ubuntu sur un serveur tout n $ cp nginx_note.conf_example nginx_note.conf -***Modifier le fichier pour être en accord avec le reste de votre config*** + ***Modifier le fichier pour être en accord avec le reste de votre config*** On utilise uwsgi et Nginx pour gérer le coté serveur : - $ sudo ln -sf /var/www/note_kfet/nginx_note.conf /etc/nginx/sites-enabled/ + $ sudo ln -sf /var/www/note_kfet/nginx_note.conf /etc/nginx/sites-enabled/ - - Si l'on a un emperor (plusieurs instance uwsgi): + Si l'on a un emperor (plusieurs instance uwsgi): $ sudo ln -sf /var/www/note_kfet/uwsgi_note.ini /etc/uwsgi/sites/ @@ -85,7 +84,7 @@ On supposera pour la suite que vous utiliser debian/ubuntu sur un serveur tout n postgres=# CREATE DATABASE note_db OWNER note; CREATE DATABASE - Si tout va bien: + Si tout va bien : postgres=#\list List of databases @@ -96,22 +95,29 @@ On supposera pour la suite que vous utiliser debian/ubuntu sur un serveur tout n template0 | postgres | UTF8 | fr_FR.UTF-8 | fr_FR.UTF-8 | =c/postgres+postgres=CTc/postgres template1 | postgres | UTF8 | fr_FR.UTF-8 | fr_FR.UTF-8 | =c/postgres +postgres=CTc/postgres (4 rows) - - Dans un fichier `.env` à la racine du projet on renseigne des secrets: - DJANGO_APP_STAGE='prod' - DJANGO_DB_PASSWORD='le_mot_de_passe_de_la_bdd' - DJANGO_SECRET_KEY='une_secret_key_longue_et_compliquee' - ALLOWED_HOSTS='le_ndd_de_votre_instance' - - 6. Variable d'environnement et Migrations + On copie le fichier `.env_example` vers le fichier `.env` à la racine du projet + et on renseigne des secrets et des paramètres : + + DJANGO_APP_STAGE=dev + DJANGO_DEV_STORE_METHOD=sqllite + DJANGO_DB_HOST=localhost + DJANGO_DB_NAME=note_db + DJANGO_DB_USER=note + DJANGO_DB_PASSWORD=CHANGE_ME + DJANGO_DB_PORT= + DJANGO_SECRET_KEY=CHANGE_ME + DJANGO_SETTINGS_MODULE=note_kfet.settings + DOMAIN=localhost + MAILING_LIST_DOMAIN=localhost + NOTE_URL=localhost -Ensuite on (re)bascule dans l'environement virtuel et on lance les migrations + Ensuite on (re)bascule dans l'environement virtuel et on lance les migrations $ source /env/bin/activate - (env)$ ./manage.py check # pas de bétise qui traine + (env)$ ./manage.py check # pas de bêtise qui traine (env)$ ./manage.py makemigrations (env)$ ./manage.py migrate @@ -126,17 +132,17 @@ Il est possible de travailler sur une instance Docker. $ git clone git@gitlab.crans.org:bde/nk20.git -2. Dans le fichier `docker_compose.yml`, qu'on suppose déjà configuré, +2. Copiez le fichier `.env_example` à la racine du projet vers le fichier `.env`, +et mettez à jour vos variables d'environnement + +3. Dans le fichier `docker_compose.yml`, qu'on suppose déjà configuré, ajouter les lignes suivantes, en les adaptant à la configuration voulue : nk20: build: /chemin/vers/nk20 volumes: - /chemin/vers/nk20:/code/ - environment: - MAILING_LIST_DOMAIN: lists.example.com - NOTE_URL: nk20.example.com - DOMAIN: example.com + env_file: /chemin/vers/nk20/.env restart: always labels: - traefik.domain=ndd.example.com @@ -163,17 +169,20 @@ un serveur de développement par exemple sur son ordinateur. $ source venv/bin/activate (env)$ pip install -r requirements.txt -3. Migrations et chargement des données initiales : +3. Copier le fichier `.env_example` vers `.env` à la racine du projet et mettre à jour +ce qu'il faut + +4. Migrations et chargement des données initiales : (env)$ ./manage.py makemigrations (env)$ ./manage.py migrate (env)$ ./manage.py loaddata initial -4. Créer un super-utilisateur : +5. Créer un super-utilisateur : (env)$ ./manage.py createsuperuser -5. Enjoy : +6. Enjoy : (env)$ ./manage.py runserver 0.0.0.0:8000 @@ -188,4 +197,4 @@ Il est disponible [ici](https://wiki.crans.org/NoteKfet/NoteKfet2018/CdC). ## Documentation La documentation est générée par django et son module admindocs. -**Commenter votre code !** +**Commentez votre code !** diff --git a/note_kfet/settings/__init__.py b/note_kfet/settings/__init__.py index 4a5deff8..28935deb 100644 --- a/note_kfet/settings/__init__.py +++ b/note_kfet/settings/__init__.py @@ -35,10 +35,6 @@ read_env() app_stage = os.environ.get('DJANGO_APP_STAGE', 'dev') if app_stage == 'prod': from .production import * - - DATABASES["default"]["PASSWORD"] = os.environ.get('DJANGO_DB_PASSWORD', 'CHANGE_ME_IN_ENV_SETTINGS') - SECRET_KEY = os.environ.get('DJANGO_SECRET_KEY', 'CHANGE_ME_IN_ENV_SETTINGS') - ALLOWED_HOSTS = [os.environ.get('ALLOWED_HOSTS', 'localhost')] else: from .development import * diff --git a/note_kfet/settings/development.py b/note_kfet/settings/development.py index a949013b..66ad4fd4 100644 --- a/note_kfet/settings/development.py +++ b/note_kfet/settings/development.py @@ -17,12 +17,24 @@ import os # https://docs.djangoproject.com/en/2.2/ref/settings/#databases from . import * -DATABASES = { - 'default': { - 'ENGINE': 'django.db.backends.sqlite3', - 'NAME': os.path.join(BASE_DIR, 'db.sqlite3'), +if os.getenv("DJANGO_DEV_STORE_METHOD", "sqllite") == "postgresql": + DATABASES = { + 'default': { + 'ENGINE': 'django.db.backends.postgresql_psycopg2', + 'NAME': os.environ.get('DJANGO_DB_NAME', 'note_db'), + 'USER': os.environ.get('DJANGO_DB_USER', 'note'), + 'PASSWORD': os.environ.get('DJANGO_DB_PASSWORD', 'CHANGE_ME_IN_ENV_SETTINGS'), + 'HOST': os.environ.get('DJANGO_DB_HOST', 'localhost'), + 'PORT': os.environ.get('DJANGO_DB_PORT', ''), # Use default port + } + } +else: + DATABASES = { + 'default': { + 'ENGINE': 'django.db.backends.sqlite3', + 'NAME': os.path.join(BASE_DIR, 'db.sqlite3'), + } } -} # Break it, fix it! DEBUG = True diff --git a/note_kfet/settings/production.py b/note_kfet/settings/production.py index c23a29e3..5be8a3b8 100644 --- a/note_kfet/settings/production.py +++ b/note_kfet/settings/production.py @@ -16,11 +16,11 @@ import os DATABASES = { 'default': { 'ENGINE': 'django.db.backends.postgresql_psycopg2', - 'NAME': 'note_db', - 'USER': 'note', - 'PASSWORD': 'update_in_env_variable', - 'HOST': '127.0.0.1', - 'PORT': '', + 'NAME': os.environ.get('DJANGO_DB_NAME', 'note_db'), + 'USER': os.environ.get('DJANGO_DB_USER', 'note'), + 'PASSWORD': os.environ.get('DJANGO_DB_PASSWORD', 'CHANGE_ME_IN_ENV_SETTINGS'), + 'HOST': os.environ.get('DJANGO_DB_HOST', 'localhost'), + 'PORT': os.environ.get('DJANGO_DB_PORT', ''), # Use default port } } @@ -28,7 +28,9 @@ DATABASES = { DEBUG = True # Mandatory ! -ALLOWED_HOSTS = [] +ALLOWED_HOSTS = [os.environ.get('NOTE_URL', 'localhost')] + +SECRET_KEY = os.environ.get('DJANGO_SECRET_KEY', 'CHANGE_ME_IN_ENV_SETTINGS') # Emails EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' From 6c2cdf06673e6f67bf3fc331694866ee3f44c346 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 16:10:26 +0100 Subject: [PATCH 041/119] Remove warning when no user is detected while a modification is made --- apps/logs/signals.py | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/apps/logs/signals.py b/apps/logs/signals.py index a6b75b50..f3694cd3 100644 --- a/apps/logs/signals.py +++ b/apps/logs/signals.py @@ -67,9 +67,10 @@ def save_object(sender, instance, **kwargs): ip = "127.0.0.1" username = Alias.normalize(getpass.getuser()) note = NoteUser.objects.filter(alias__normalized_name=username) - if not note.exists(): - print("WARNING: A model attempted to be saved in the DB, but the actor is unknown: " + username) - else: + # if not note.exists(): + # print("WARNING: A model attempted to be saved in the DB, but the actor is unknown: " + username) + # else: + if note.exists(): user = note.get().user # noinspection PyProtectedMember @@ -113,6 +114,19 @@ def delete_object(sender, instance, **kwargs): # Si un utilisateur est connecté, on récupère l'utilisateur courant ainsi que son adresse IP user, ip = get_current_authenticated_user(), get_current_ip() + if user is None: + # Si la modification n'a pas été faite via le client Web, on suppose que c'est du à `manage.py` + # On récupère alors l'utilisateur·trice connecté·e à la VM, et on récupère la note associée + # IMPORTANT : l'utilisateur dans la VM doit être un des alias note du respo info + ip = "127.0.0.1" + username = Alias.normalize(getpass.getuser()) + note = NoteUser.objects.filter(alias__normalized_name=username) + # if not note.exists(): + # print("WARNING: A model attempted to be saved in the DB, but the actor is unknown: " + username) + # else: + if note.exists(): + user = note.get().user + # On crée notre propre sérialiseur JSON pour pouvoir sauvegarder les modèles class CustomSerializer(ModelSerializer): class Meta: From 5f441490bec882cec63529efe99ff1a2e659849f Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 16:39:27 +0100 Subject: [PATCH 042/119] Update Docker entrypoint to use environment in initial fixtures --- entrypoint.sh | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index f05e962a..97efb023 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -2,12 +2,17 @@ # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay # SPDX-License-Identifier: GPL-3.0-or-later +if [ -z ${NOTE_URL+x} ]; then + echo "Warning: your env files are not configurated." +else + sed -i -e "s/example.com/$MAILING_LIST_DOMAIN/g" /code/apps/member/fixtures/initial.json + sed -i -e "s/localhost/$NOTE_URL/g" /code/note_kfet/fixtures/initial.json + sed -i -e "s/\.\*/https?:\/\/$NOTE_URL\/.*/g" /code/note_kfet/fixtures/cas.json + sed -i -e "s/REPLACEME/La Note Kfet \\\\ud83c\\\\udf7b/g" /code/note_kfet/fixtures/cas.json +fi + python manage.py compilemessages python manage.py makemigrations - -# Wait for database -sleep 5 python manage.py migrate -# TODO: use uwsgi in production python manage.py runserver 0.0.0.0:8000 From 2bd59544ec3eccc7d5aa29090cbf790ccb28b91d Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 17:10:16 +0100 Subject: [PATCH 043/119] Remove two whitespaces for tox --- apps/member/models.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/member/models.py b/apps/member/models.py index 5cdc4c77..b6d17a08 100644 --- a/apps/member/models.py +++ b/apps/member/models.py @@ -46,7 +46,7 @@ class Profile(models.Model): class Meta: verbose_name = _('user profile') verbose_name_plural = _('user profile') - indexes = [ models.Index(fields=['user']) ] + indexes = [models.Index(fields=['user'])] def get_absolute_url(self): return reverse('user_detail', args=(self.pk,)) @@ -153,7 +153,7 @@ class Membership(models.Model): class Meta: verbose_name = _('membership') verbose_name_plural = _('memberships') - indexes = [ models.Index(fields=['user']) ] + indexes = [models.Index(fields=['user'])] # @receiver(post_save, sender=settings.AUTH_USER_MODEL) # def save_user_profile(instance, created, **_kwargs): From 5d25f9830cf212b984bedf4d97f072df4ebab3f9 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 17:13:19 +0100 Subject: [PATCH 044/119] Add quotes in env file --- .env_example | 24 ++++++++++++------------ README.md | 24 ++++++++++++------------ 2 files changed, 24 insertions(+), 24 deletions(-) diff --git a/.env_example b/.env_example index 91e56ec7..e29b0af2 100644 --- a/.env_example +++ b/.env_example @@ -1,13 +1,13 @@ -DJANGO_APP_STAGE=dev +DJANGO_APP_STAGE="dev" # Only used in dev mode, change to "postgresql" if you want to use PostgreSQL in dev -DJANGO_DEV_STORE_METHOD=sqllite -DJANGO_DB_HOST=localhost -DJANGO_DB_NAME=note_db -DJANGO_DB_USER=note -DJANGO_DB_PASSWORD=CHANGE_ME -DJANGO_DB_PORT= -DJANGO_SECRET_KEY=CHANGE_ME -DJANGO_SETTINGS_MODULE=note_kfet.settings -DOMAIN=localhost -MAILING_LIST_DOMAIN=localhost -NOTE_URL=localhost +DJANGO_DEV_STORE_METHOD="sqllite" +DJANGO_DB_HOST="localhost" +DJANGO_DB_NAME="note_db" +DJANGO_DB_USER="note" +DJANGO_DB_PASSWORD="CHANGE_ME" +DJANGO_DB_PORT="" +DJANGO_SECRET_KEY="CHANGE_ME" +DJANGO_SETTINGS_MODULE="note_kfet.settings" +DOMAIN="localhost" +MAILING_LIST_DOMAIN="localhost" +NOTE_URL="localhost" diff --git a/README.md b/README.md index 097980a0..67a99d7a 100644 --- a/README.md +++ b/README.md @@ -101,18 +101,18 @@ On supposera pour la suite que vous utiliser debian/ubuntu sur un serveur tout n On copie le fichier `.env_example` vers le fichier `.env` à la racine du projet et on renseigne des secrets et des paramètres : - DJANGO_APP_STAGE=dev - DJANGO_DEV_STORE_METHOD=sqllite - DJANGO_DB_HOST=localhost - DJANGO_DB_NAME=note_db - DJANGO_DB_USER=note - DJANGO_DB_PASSWORD=CHANGE_ME - DJANGO_DB_PORT= - DJANGO_SECRET_KEY=CHANGE_ME - DJANGO_SETTINGS_MODULE=note_kfet.settings - DOMAIN=localhost - MAILING_LIST_DOMAIN=localhost - NOTE_URL=localhost + DJANGO_APP_STAGE="dev" + DJANGO_DEV_STORE_METHOD="sqllite" + DJANGO_DB_HOST="localhost" + DJANGO_DB_NAME="note_db" + DJANGO_DB_USER="note" + DJANGO_DB_PASSWORD="CHANGE_ME" + DJANGO_DB_PORT="" + DJANGO_SECRET_KEY="CHANGE_ME" + DJANGO_SETTINGS_MODULE="note_kfet.settings" + DOMAIN="localhost" + MAILING_LIST_DOMAIN="localhost" + NOTE_URL="localhost" Ensuite on (re)bascule dans l'environement virtuel et on lance les migrations From 695ef446ec717670a7a8342b07a335560a3cfa6b Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 17:20:16 +0100 Subject: [PATCH 045/119] Add logs in tox settings --- apps/logs/api/serializers.py | 2 +- apps/logs/apps.py | 6 +++++- apps/logs/middlewares.py | 1 + apps/logs/signals.py | 11 ++++------- tox.ini | 2 +- 5 files changed, 12 insertions(+), 10 deletions(-) diff --git a/apps/logs/api/serializers.py b/apps/logs/api/serializers.py index 108f2087..c76e3a5d 100644 --- a/apps/logs/api/serializers.py +++ b/apps/logs/api/serializers.py @@ -16,4 +16,4 @@ class ChangelogSerializer(serializers.ModelSerializer): model = Changelog fields = '__all__' # noinspection PyProtectedMember - read_only_fields = [f.name for f in model._meta.get_fields()] # Changelogs are read-only protected + read_only_fields = [f.name for f in model._meta.get_fields()] # Changelogs are read-only protected diff --git a/apps/logs/apps.py b/apps/logs/apps.py index f48820c7..239f86cf 100644 --- a/apps/logs/apps.py +++ b/apps/logs/apps.py @@ -2,6 +2,7 @@ # SPDX-License-Identifier: GPL-3.0-or-later from django.apps import AppConfig +from django.db.models.signals import pre_save, post_save, post_delete from django.utils.translation import gettext_lazy as _ @@ -11,4 +12,7 @@ class LogsConfig(AppConfig): def ready(self): # noinspection PyUnresolvedReferences - import logs.signals + from . import signals + pre_save.connect(signals.pre_save_object) + post_save.connect(signals.save_object) + post_delete.connect(signals.delete_object) diff --git a/apps/logs/middlewares.py b/apps/logs/middlewares.py index cc6e1f4c..4378e165 100644 --- a/apps/logs/middlewares.py +++ b/apps/logs/middlewares.py @@ -3,6 +3,7 @@ from django.conf import settings from django.contrib.auth.models import AnonymousUser + from threading import local diff --git a/apps/logs/signals.py b/apps/logs/signals.py index f3694cd3..f77f5ef7 100644 --- a/apps/logs/signals.py +++ b/apps/logs/signals.py @@ -2,13 +2,13 @@ # SPDX-License-Identifier: GPL-3.0-or-later from django.contrib.contenttypes.models import ContentType -from django.db.models.signals import pre_save, post_save, post_delete -from django.dispatch import receiver from rest_framework.renderers import JSONRenderer from rest_framework.serializers import ModelSerializer + import getpass from note.models import NoteUser, Alias + from .middlewares import get_current_authenticated_user, get_current_ip from .models import Changelog @@ -23,15 +23,14 @@ EXCLUDED = [ 'cas_server.user', 'cas_server.userattributes', 'contenttypes.contenttype', - 'logs.changelog', # Never remove this line + 'logs.changelog', # Never remove this line 'migrations.migration', - 'note.note' # We only store the subclasses + 'note.note' # We only store the subclasses 'note.transaction', 'sessions.session', ] -@receiver(pre_save) def pre_save_object(sender, instance, **kwargs): """ Avant la sauvegarde d'un modèle, on récupère l'ancienne instance actuellement en base de données @@ -44,7 +43,6 @@ def pre_save_object(sender, instance, **kwargs): instance._previous = None -@receiver(post_save) def save_object(sender, instance, **kwargs): """ Dès qu'un modèle est sauvegardé, une entrée dans la table `Changelog` est ajouté dans la base de données @@ -102,7 +100,6 @@ def save_object(sender, instance, **kwargs): ).save() -@receiver(post_delete) def delete_object(sender, instance, **kwargs): """ Dès qu'un modèle est supprimé, une entrée dans la table `Changelog` est ajouté dans la base de données diff --git a/tox.ini b/tox.ini index 7c432d55..2217b6bf 100644 --- a/tox.ini +++ b/tox.ini @@ -32,7 +32,7 @@ deps = pep8-naming pyflakes commands = - flake8 apps/activity apps/api apps/member apps/note + flake8 apps/activity apps/api apps/logs apps/member apps/note [flake8] # Ignore too many errors, should be reduced in the future From d8a785d3090464a45be2af7762c130ee3d2463f0 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 17:51:42 +0100 Subject: [PATCH 046/119] Replace contact email --- .env_example | 2 +- README.md | 2 +- entrypoint.sh | 2 +- templates/base.html | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.env_example b/.env_example index e29b0af2..5aba0d14 100644 --- a/.env_example +++ b/.env_example @@ -9,5 +9,5 @@ DJANGO_DB_PORT="" DJANGO_SECRET_KEY="CHANGE_ME" DJANGO_SETTINGS_MODULE="note_kfet.settings" DOMAIN="localhost" -MAILING_LIST_DOMAIN="localhost" +CONTACT_EMAIL="tresorerie.bde@localhost" NOTE_URL="localhost" diff --git a/README.md b/README.md index 67a99d7a..91f2f17d 100644 --- a/README.md +++ b/README.md @@ -111,7 +111,7 @@ On supposera pour la suite que vous utiliser debian/ubuntu sur un serveur tout n DJANGO_SECRET_KEY="CHANGE_ME" DJANGO_SETTINGS_MODULE="note_kfet.settings" DOMAIN="localhost" - MAILING_LIST_DOMAIN="localhost" + CONTACT_EMAIL="tresorerie.bde@localhost" NOTE_URL="localhost" Ensuite on (re)bascule dans l'environement virtuel et on lance les migrations diff --git a/entrypoint.sh b/entrypoint.sh index 97efb023..e5a22a5a 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -5,7 +5,7 @@ if [ -z ${NOTE_URL+x} ]; then echo "Warning: your env files are not configurated." else - sed -i -e "s/example.com/$MAILING_LIST_DOMAIN/g" /code/apps/member/fixtures/initial.json + sed -i -e "s/example.com/$DOMAIN/g" /code/apps/member/fixtures/initial.json sed -i -e "s/localhost/$NOTE_URL/g" /code/note_kfet/fixtures/initial.json sed -i -e "s/\.\*/https?:\/\/$NOTE_URL\/.*/g" /code/note_kfet/fixtures/cas.json sed -i -e "s/REPLACEME/La Note Kfet \\\\ud83c\\\\udf7b/g" /code/note_kfet/fixtures/cas.json diff --git a/templates/base.html b/templates/base.html index 57c741d0..d57dab89 100644 --- a/templates/base.html +++ b/templates/base.html @@ -128,7 +128,7 @@ SPDX-License-Identifier: GPL-3.0-or-later class="form-inline"> NoteKfet2020 — - Nous contacter {% csrf_token %} From 0c00a934bd952924786df519c198dac7c09c2f60 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 17:54:54 +0100 Subject: [PATCH 047/119] Translate some docs --- apps/logs/middlewares.py | 2 +- apps/logs/signals.py | 9 ++++----- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/apps/logs/middlewares.py b/apps/logs/middlewares.py index 4378e165..77f749b9 100644 --- a/apps/logs/middlewares.py +++ b/apps/logs/middlewares.py @@ -35,7 +35,7 @@ def get_current_authenticated_user(): class LogsMiddleware(object): """ - Ce middleware permet de récupérer l'utilisateur actif ainsi que son adresse IP à chaque connexion. + This middleware get the current user with his or her IP address on each request. """ def __init__(self, get_response): diff --git a/apps/logs/signals.py b/apps/logs/signals.py index f77f5ef7..fb17157a 100644 --- a/apps/logs/signals.py +++ b/apps/logs/signals.py @@ -33,8 +33,7 @@ EXCLUDED = [ def pre_save_object(sender, instance, **kwargs): """ - Avant la sauvegarde d'un modèle, on récupère l'ancienne instance actuellement en base de données - que l'on garde en mémoire + Before a model get saved, we get the previous instance that is currently in the database """ qs = sender.objects.filter(pk=instance.pk).all() if qs.exists(): @@ -45,8 +44,8 @@ def pre_save_object(sender, instance, **kwargs): def save_object(sender, instance, **kwargs): """ - Dès qu'un modèle est sauvegardé, une entrée dans la table `Changelog` est ajouté dans la base de données - afin de répertorier chaque modification effectuée + Each time a model is saved, an entry in the table `Changelog` is added in the database + in order to store each modification made """ # noinspection PyProtectedMember if instance._meta.label_lower in EXCLUDED: @@ -102,7 +101,7 @@ def save_object(sender, instance, **kwargs): def delete_object(sender, instance, **kwargs): """ - Dès qu'un modèle est supprimé, une entrée dans la table `Changelog` est ajouté dans la base de données + Each time a model is deleted, an entry in the table `Changelog` is added in the database """ # noinspection PyProtectedMember if instance._meta.label_lower in EXCLUDED: From 3ad6d9e87031383906db64b9f7418018b9863035 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 20:36:38 +0100 Subject: [PATCH 048/119] Documentation logs middleware --- apps/logs/middlewares.py | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/apps/logs/middlewares.py b/apps/logs/middlewares.py index 77f749b9..e4d76f07 100644 --- a/apps/logs/middlewares.py +++ b/apps/logs/middlewares.py @@ -14,19 +14,31 @@ _thread_locals = local() def _set_current_user_and_ip(user=None, ip=None): + """ + Store current user and IP address in the local thread. + """ setattr(_thread_locals, USER_ATTR_NAME, user) setattr(_thread_locals, IP_ATTR_NAME, ip) def get_current_user(): + """ + :return: The user that performed a request (may be anonymous) + """ return getattr(_thread_locals, USER_ATTR_NAME, None) def get_current_ip(): + """ + :return: The IP address of the user that has performed a request + """ return getattr(_thread_locals, IP_ATTR_NAME, None) def get_current_authenticated_user(): + """ + :return: The user that performed a request (must be authenticated, return None if anonymous) + """ current_user = get_current_user() if isinstance(current_user, AnonymousUser): return None @@ -35,21 +47,31 @@ def get_current_authenticated_user(): class LogsMiddleware(object): """ - This middleware get the current user with his or her IP address on each request. + This middleware gets the current user with his or her IP address on each request. """ def __init__(self, get_response): self.get_response = get_response def __call__(self, request): + """ + This function is called on each request. + :param request: The HTTP Request + :return: The HTTP Response + """ user = request.user + # Get request IP from the headers + # The `REMOTE_ADDR` field may not contain the true IP, if there is a proxy if 'HTTP_X_FORWARDED_FOR' in request.META: ip = request.META.get('HTTP_X_FORWARDED_FOR') else: ip = request.META.get('REMOTE_ADDR') + # The user and the IP address are stored in the current thread _set_current_user_and_ip(user, ip) + # The request is then analysed, and the response is generated response = self.get_response(request) + # We flush the connected user and the IP address for the next requests _set_current_user_and_ip(None, None) return response From 7f432f5bc5c12d77b366db9e199795125f75f94c Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 20:59:15 +0100 Subject: [PATCH 049/119] Fix categories in front (fields weren't well named) --- templates/note/conso_form.html | 14 +++++++------- templates/note/transactiontemplate_list.html | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/templates/note/conso_form.html b/templates/note/conso_form.html index 2c2066e8..8945a919 100644 --- a/templates/note/conso_form.html +++ b/templates/note/conso_form.html @@ -58,16 +58,16 @@
    • {# Regroup buttons under categories #} - {% regroup transaction_templates by template_type as template_types %} + {% regroup transaction_templates by category as categories %}
    {# Tabs for button categories #}
      - {% for template_type in template_types %} + {% for category in categories %}
    • - - {{ template_type.grouper }} + + {{ category.grouper }}
      • {% endfor %} @@ -77,10 +77,10 @@ {# Tabs content #}
      - {% for template_type in template_types %} -
      + {% for category in categories %} +
      - {% for button in template_type.list %} + {% for button in category.list %}
      @@ -82,7 +84,7 @@
      {% for button in category.list %} {% endfor %} @@ -146,6 +148,46 @@ $(document.body).on("click", "a[data-toggle='tab']", function(event) { location.hash = this.getAttribute("href"); }); + + {% for button in transaction_templates %} + $("#button{{ button.id }}").click(function() { + $.post("/api/note/transaction/transaction/", + { + "csrfmiddlewaretoken": "{{ csrf_token }}", + "quantity": 1, + "amount": {{ button.amount }}, + "reason": "{{ button.name }} ({{ button.category.name }})", + "valid": true, + "polymorphic_ctype": {{ polymorphic_ctype }}, + "resourcetype": "TemplateTransaction", + "source": 6, + "destination": 7, + "category": {{ button.category.id }}, + "template": {{ button.id }} + }, + function(data, status) { + reloadWithTurbolinks(); + }); + }); + {% endfor %} }); + + var reloadWithTurbolinks = (function () { + var scrollPosition; + + function reload () { + scrollPosition = [window.scrollX, window.scrollY]; + Turbolinks.visit(window.location.toString(), { action: 'replace' }) + } + + document.addEventListener('turbolinks:load', function () { + if (scrollPosition) { + window.scrollTo.apply(window, scrollPosition); + scrollPosition = null; + } + }); + + return reload; + })(); {% endblock %} From c4f54d9d5b0bcd84ef7c2257b9e01686eecf68bd Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Wed, 11 Mar 2020 22:51:46 +0100 Subject: [PATCH 051/119] Multiple select --- apps/note/models/transactions.py | 1 + apps/note/tables.py | 2 +- templates/note/conso_form.html | 83 ++++++++++++++++++++++---------- 3 files changed, 59 insertions(+), 27 deletions(-) diff --git a/apps/note/models/transactions.py b/apps/note/models/transactions.py index 809e7c44..ed8619d6 100644 --- a/apps/note/models/transactions.py +++ b/apps/note/models/transactions.py @@ -132,6 +132,7 @@ class Transaction(PolymorphicModel): if self.source.pk == self.destination.pk: # When source == destination, no money is transfered + super().save(*args, **kwargs) return created = self.pk is None diff --git a/apps/note/tables.py b/apps/note/tables.py index 08a4d2d9..3306cb3b 100644 --- a/apps/note/tables.py +++ b/apps/note/tables.py @@ -18,7 +18,7 @@ class HistoryTable(tables.Table): } model = Transaction exclude = ("polymorphic_ctype", ) - order_by = ('-created_at', ) + order_by = ('-id', ) template_name = 'django_tables2/bootstrap4.html' sequence = ('...', 'total', 'valid') diff --git a/templates/note/conso_form.html b/templates/note/conso_form.html index 89adb264..5072a1e7 100644 --- a/templates/note/conso_form.html +++ b/templates/note/conso_form.html @@ -30,18 +30,15 @@ Sélection des émitteurs

      -
        -
      • - Cras justo odio - 14 -
        • -
      • - Dapibus ac facilisis in - 1 -
        • +
        - TODO: reimplement select2 here in JS +
      @@ -83,10 +80,12 @@
      {% for button in category.list %} + {% if button.display %} + {% endif %} {% endfor %}
      @@ -131,10 +130,23 @@ min-width: 100%; } + + + + + + + + + + + {% endblock %} {% block extrajavascript %} {% endblock %} From e0c650a039aba673840bca938cc899ab611ed7d9 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Thu, 12 Mar 2020 11:12:21 +0100 Subject: [PATCH 056/119] Add true note name if we use an alias --- apps/note/api/serializers.py | 18 ++++++++++++------ apps/note/api/views.py | 2 +- templates/note/conso_form.html | 9 +++++++-- 3 files changed, 20 insertions(+), 9 deletions(-) diff --git a/apps/note/api/serializers.py b/apps/note/api/serializers.py index 73beead1..b2d0ab66 100644 --- a/apps/note/api/serializers.py +++ b/apps/note/api/serializers.py @@ -18,12 +18,6 @@ class NoteSerializer(serializers.ModelSerializer): class Meta: model = Note fields = '__all__' - extra_kwargs = { - 'url': { - 'view_name': 'project-detail', - 'lookup_field': 'pk' - }, - } class NoteClubSerializer(serializers.ModelSerializer): @@ -31,33 +25,45 @@ class NoteClubSerializer(serializers.ModelSerializer): REST API Serializer for Club's notes. The djangorestframework plugin will analyse the model `NoteClub` and parse all fields in the API. """ + name = serializers.SerializerMethodField() class Meta: model = NoteClub fields = '__all__' + def get_name(self, obj): + return str(obj) + class NoteSpecialSerializer(serializers.ModelSerializer): """ REST API Serializer for special notes. The djangorestframework plugin will analyse the model `NoteSpecial` and parse all fields in the API. """ + name = serializers.SerializerMethodField() class Meta: model = NoteSpecial fields = '__all__' + def get_name(self, obj): + return str(obj) + class NoteUserSerializer(serializers.ModelSerializer): """ REST API Serializer for User's notes. The djangorestframework plugin will analyse the model `NoteUser` and parse all fields in the API. """ + name = serializers.SerializerMethodField() class Meta: model = NoteUser fields = '__all__' + def get_name(self, obj): + return str(obj) + class AliasSerializer(serializers.ModelSerializer): """ diff --git a/apps/note/api/views.py b/apps/note/api/views.py index cace7e40..2745a034 100644 --- a/apps/note/api/views.py +++ b/apps/note/api/views.py @@ -86,7 +86,7 @@ class NotePolymorphicViewSet(viewsets.ModelViewSet): else: queryset = queryset.none() - return queryset + return queryset.distinct() class AliasViewSet(viewsets.ModelViewSet): diff --git a/templates/note/conso_form.html b/templates/note/conso_form.html index 10b6e25f..64205108 100644 --- a/templates/note/conso_form.html +++ b/templates/note/conso_form.html @@ -187,7 +187,10 @@ notes += note; let alias_obj = $("#alias_" + alias.normalized_name); alias_obj.hover(function() { - $("#user_note").text(alias.name + " : " + pretty_money(note.balance)); + var name = alias.name; + if (name !== note.name) + name += " (aka. " + note.name + ")"; + $("#user_note").text(name + " : " + pretty_money(note.balance)); if (note.display_image == null) $("#profile_pic").attr('src', '/media/pic/default.png'); else @@ -257,8 +260,8 @@ }); }); }); - aliases_matched_obj.html(aliases_matched_html); }); + aliases_matched_obj.html(aliases_matched_html); }); }); @@ -283,6 +286,8 @@ consos = []; $("#note_list").html(""); $("#alias_matched").html(""); + $("#profile_pic").attr("src", "/media/pic/default.png"); + $("#user_note").text(""); refreshHistory(); refreshBalance(); }); From f9451da7f185ed441ad6a3aa03d6bd27c4f58512 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Thu, 12 Mar 2020 16:53:35 +0100 Subject: [PATCH 057/119] Better JS --- apps/note/templatetags/pretty_money.py | 2 +- apps/note/views.py | 2 +- apps/scripts | 1 - static/js/base.js | 54 ++++++ static/js/consos.js | 227 +++++++++++++++++++++++++ templates/base.html | 1 + templates/note/conso_form.html | 185 ++------------------ 7 files changed, 295 insertions(+), 177 deletions(-) delete mode 160000 apps/scripts create mode 100644 static/js/base.js create mode 100644 static/js/consos.js diff --git a/apps/note/templatetags/pretty_money.py b/apps/note/templatetags/pretty_money.py index 12530c6e..265870a8 100644 --- a/apps/note/templatetags/pretty_money.py +++ b/apps/note/templatetags/pretty_money.py @@ -11,7 +11,7 @@ def pretty_money(value): abs(value) // 100, ) else: - return "{:s}{:d} € {:02d}".format( + return "{:s}{:d}.{:02d} €".format( "- " if value < 0 else "", abs(value) // 100, abs(value) % 100, diff --git a/apps/note/views.py b/apps/note/views.py index 82f2f4aa..f950fd73 100644 --- a/apps/note/views.py +++ b/apps/note/views.py @@ -141,7 +141,7 @@ class ConsoView(LoginRequiredMixin, SingleTableView): """ context = super().get_context_data(**kwargs) context['transaction_templates'] = TransactionTemplate.objects.filter(display=True) \ - .order_by('category').order_by('name') + .order_by('category__name', 'name') context['title'] = _("Consumptions") context['polymorphic_ctype'] = ContentType.objects.get_for_model(TemplateTransaction).pk diff --git a/apps/scripts b/apps/scripts deleted file mode 160000 index 123466cf..00000000 --- a/apps/scripts +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 123466cfa914422422cd372197e64adf65ef05f7 diff --git a/static/js/base.js b/static/js/base.js new file mode 100644 index 00000000..a2ad87c9 --- /dev/null +++ b/static/js/base.js @@ -0,0 +1,54 @@ +// Copyright (C) 2018-2020 by BDE ENS Paris-Saclay +// SPDX-License-Identifier: GPL-3.0-or-later + +/** + * Perform a request on an URL and get result + * @param url The url where the request is performed + * @param success The function to call with the request + * @param data The data for the request (optional) + */ +function getJSONSync(url, success, data) { + $.ajax({ + url: url, + dataType: 'json', + data: data, + async: false, + success: success + }); +} + +/** + * Convert balance in cents to a human readable amount + * @param value the balance, in cents + * @returns {string} + */ +function pretty_money(value) { + if (value % 100 === 0) + return (value < 0 ? "- " : "") + Math.floor(Math.abs(value) / 100) + " €"; + else + return (value < 0 ? "- " : "") + Math.floor(Math.abs(value) / 100) + "." + (Math.abs(value) % 100) + " €"; +} + +/** + * Reload the balance of the user on the right top corner + */ +function refreshBalance() { + $("#user_balance").load("/ #user_balance"); +} + +/** + * Query the 20 first matched notes with a given pattern + * @param pattern The pattern that is queried + * @param fun For each found note with the matched alias `alias`, fun(note, alias) is called. + * This function is synchronous. + */ +function getMatchedNotes(pattern, fun) { + getJSONSync("/api/note/alias/?format=json&alias=" + pattern + "&search=user|club", function(aliases) { + aliases.results.forEach(function(alias) { + getJSONSync("/api/note/note/" + alias.note + "/?format=json", function (note) { + fun(note, alias); + console.log(alias.name); + }); + }); + }); +} diff --git a/static/js/consos.js b/static/js/consos.js new file mode 100644 index 00000000..d3075edd --- /dev/null +++ b/static/js/consos.js @@ -0,0 +1,227 @@ +// Copyright (C) 2018-2020 by BDE ENS Paris-Saclay +// SPDX-License-Identifier: GPL-3.0-or-later + +/** + * Refresh the history table on the consumptions page. + */ +function refreshHistory() { + $("#history").load("/note/consos/ #history"); +} + +$(document).ready(function() { + // If hash of a category in the URL, then select this category + // else select the first one + if (location.hash) { + $("a[href='" + location.hash + "']").tab("show"); + } else { + $("a[data-toggle='tab']").first().tab("show"); + } + + // When selecting a category, change URL + $(document.body).on("click", "a[data-toggle='tab']", function() { + location.hash = this.getAttribute("href"); + }); +}); + +let old_pattern = null; +let notes = []; +let notes_display = []; +let buttons = []; + +// When the user clicks on the search field, it is immediately cleared +let note_obj = $("#note"); +note_obj.click(function() { + note_obj.val(""); +}); + +function li(id, text) { + return "
    • " + text + "
      • \n"; +} + +/** + * Render note name and picture + * @param note The note to render + * @param alias The alias to be displayed + * @param user_note_field + * @param profile_pic_field + */ +function displayNote(note, alias, user_note_field=null, profile_pic_field=null) { + let img = note == null ? null : note.display_image; + if (img == null) + img = '/media/pic/default.png'; + if (note !== null && alias !== note.name) + alias += " (aka. " + note.name + ")"; + if (note !== null && user_note_field !== null) + $("#" + user_note_field).text(alias + " : " + pretty_money(note.balance)); + if (profile_pic_field != null) + $("#" + profile_pic_field).attr('src', img); +} + +function remove_conso(c, obj, note_prefix="note") { + return (function() { + let new_notes_display = []; + let html = ""; + notes_display.forEach(function (disp) { + if (disp[3] > 1 || disp[1] !== c[1]) { + disp[3] -= disp[1] === c[1] ? 1 : 0; + new_notes_display = new_notes_display.concat([disp]); + html += li(note_prefix + "_" + disp[1], disp[0] + + "" + disp[3] + ""); + } + }); + $("#note_list").html(html); + notes_display.forEach(function (disp) { + obj = $("#" + note_prefix + "_" + disp[1]); + obj.click(remove_conso(disp, obj, note_prefix)); + obj.hover(function() { + displayNote(disp[2], disp[0]); + }); + }); + notes_display = new_notes_display; + }); +} + + +function autoCompleteNote(field_id, alias_matched_id, alias_prefix="alias", note_prefix="note", + user_note_field=null, profile_pic_field=null) { + let field = $("#" + field_id); + field.keyup(function() { + let pattern = field.val(); + // If the pattern is not modified, or if the field is empty, we don't query the API + if (pattern === old_pattern || pattern === "") + return; + + old_pattern = pattern; + + notes = []; + let aliases_matched_obj = $("#" + alias_matched_id); + let aliases_matched_html = ""; + getMatchedNotes(pattern, function(note, alias) { + aliases_matched_html += li("alias_" + alias.normalized_name, alias.name); + note.alias = alias; + notes = notes.concat([note]); + }); + + aliases_matched_obj.html(aliases_matched_html); + + notes.forEach(function (note) { + let alias = note.alias; + let alias_obj = $("#" + alias_prefix + "_" + alias.normalized_name); + alias_obj.hover(function() { + displayNote(note, alias.name, user_note_field, profile_pic_field); + }); + + alias_obj.click(function() { + field.val(""); + var disp = null; + notes_display.forEach(function(d) { + if (d[1] === note.id) { + d[3] += 1; + disp = d; + } + }); + if (disp == null) + notes_display = notes_display.concat([[alias.name, note.id, note, 1]]); + let note_list = $("#note_list"); + let html = ""; + notes_display.forEach(function(disp) { + html += li("note_" + disp[1], disp[0] + + "" + disp[3] + ""); + }); + + note_list.html(html); + + notes_display.forEach(function(disp) { + let line_obj = $("#" + note_prefix + "_" + disp[1]); + line_obj.hover(function() { + displayNote(disp[2], disp[0], user_note_field, profile_pic_field); + }); + + line_obj.click(remove_conso(disp, note_prefix)); + }); + }); + }); + }); +} + + +// When the user searches an alias, we update the auto-completion +autoCompleteNote("note", "alias_matched", "alias", "note", + "user_note", "profile_pic"); + +/** + * Add a transaction from a button. + * @param dest Where the money goes + * @param amount The price of the item + * @param type The type of the transaction (content type id for TemplateTransaction) + * @param category_id The category identifier + * @param category_name The category name + * @param template_id The identifier of the button + * @param template_name The name of the button + */ +function addConso(dest, amount, type, category_id, category_name, template_id, template_name) { + var button = null; + buttons.forEach(function(b) { + if (b[5] === template_id) { + b[1] += 1; + button = b; + } + }); + if (button == null) + buttons = buttons.concat([[dest, 1, amount, type, category_id, category_name, template_id, template_name]]); + + // TODO Only in simple consumption mode + if (notes.length > 0) + consumeAll(); +} + +/** + * Apply all transactions: all notes in `notes` buy each item in `buttons` + */ +function consumeAll() { + notes.forEach(function(note) { + buttons.forEach(function(button) { + consume(note.id, button[0], button[1], button[2], button[7] + " (" + button[5] + ")", + button[3], button[4], button[6]); + }); + }); +} + +/** + * Create a new transaction from a button through the API. + * @param source The note that paid the item (type: int) + * @param dest The note that sold the item (type: int) + * @param quantity The quantity sold (type: int) + * @param amount The price of one item, in cents (type: int) + * @param reason The transaction details (type: str) + * @param type The type of the transaction (content type id for TemplateTransaction) + * @param category The category id of the button (type: int) + * @param template The button id (type: int) + */ +function consume(source, dest, quantity, amount, reason, type, category, template) { + $.post("/api/note/transaction/transaction/", + { + "csrfmiddlewaretoken": CSRF_TOKEN, + "quantity": quantity, + "amount": amount, + "reason": reason, + "valid": true, + "polymorphic_ctype": type, + "resourcetype": "TemplateTransaction", + "source": source, + "destination": dest, + "category": category, + "template": template + }, function() { + notes_display = []; + notes = []; + buttons = []; + old_pattern = null; + $("#note_list").html(""); + $("#alias_matched").html(""); + displayNote(null, ""); + refreshHistory(); + refreshBalance(); + }); +} diff --git a/templates/base.html b/templates/base.html index 43f1ae5f..2f2f4ab4 100644 --- a/templates/base.html +++ b/templates/base.html @@ -46,6 +46,7 @@ SPDX-License-Identifier: GPL-3.0-or-later crossorigin="anonymous"> + {# Si un formulaire requiert des données supplémentaires (notamment JS), les données sont chargées #} {% if form.media %} diff --git a/templates/note/conso_form.html b/templates/note/conso_form.html index 64205108..9b096df3 100644 --- a/templates/note/conso_form.html +++ b/templates/note/conso_form.html @@ -25,7 +25,7 @@

      - Sélection des émitteurs + Sélection des émetteurs

        @@ -125,184 +125,21 @@ min-width: 100%; } - - - - - - - - - - - {% endblock %} {% block extrajavascript %} + {% endblock %} From 5782e91aa885a3a466a043aa806ed14bf718749d Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Thu, 12 Mar 2020 21:05:43 +0100 Subject: [PATCH 058/119] Auto-completer is more independant, comment code --- static/js/base.js | 158 +++++++++++++++++++++++++++++++++ static/js/consos.js | 138 ++-------------------------- templates/note/conso_form.html | 2 +- 3 files changed, 168 insertions(+), 130 deletions(-) diff --git a/static/js/base.js b/static/js/base.js index a2ad87c9..0c63fb26 100644 --- a/static/js/base.js +++ b/static/js/base.js @@ -52,3 +52,161 @@ function getMatchedNotes(pattern, fun) { }); }); } + +/** + * Generate a
      • entry with a given id and text + */ +function li(id, text) { + return "
      • " + text + "
        • \n"; +} + +/** + * Render note name and picture + * @param note The note to render + * @param alias The alias to be displayed + * @param user_note_field + * @param profile_pic_field + */ +function displayNote(note, alias, user_note_field=null, profile_pic_field=null) { + let img = note == null ? null : note.display_image; + if (img == null) + img = '/media/pic/default.png'; + if (note !== null && alias !== note.name) + alias += " (aka. " + note.name + ")"; + if (note !== null && user_note_field !== null) + $("#" + user_note_field).text(alias + " : " + pretty_money(note.balance)); + if (profile_pic_field != null) + $("#" + profile_pic_field).attr('src', img); +} + +/** + * Remove a note from the emitters. + * @param d The note to remove + * @param note_prefix The prefix of the identifiers of the
      • blocks of the emitters + * @param notes_display An array containing the infos of the buyers: [alias, note id, note object, quantity] + * @param user_note_field The identifier of the field that display the note of the hovered note (useful in + * consumptions, put null if not used) + * @param profile_pic_field The identifier of the field that display the profile picture of the hovered note + * (useful in consumptions, put null if not used) + * @returns an anonymous function to be compatible with jQuery events + */ +function removeNote(d, note_prefix="note", notes_display, user_note_field=null, profile_pic_field=null) { + return (function() { + let new_notes_display = []; + let html = ""; + notes_display.forEach(function (disp) { + if (disp[3] > 1 || disp[1] !== d[1]) { + disp[3] -= disp[1] === d[1] ? 1 : 0; + new_notes_display.push(disp); + html += li(note_prefix + "_" + disp[1], disp[0] + + "" + disp[3] + ""); + } + }); + $("#note_list").html(html); + notes_display.forEach(function (disp) { + obj = $("#" + note_prefix + "_" + disp[1]); + obj.click(removeNote(disp, note_prefix, notes_display, user_note_field, profile_pic_field)); + obj.hover(function() { + displayNote(disp[2], disp[0], user_note_field, profile_pic_field); + }); + }); + notes_display = new_notes_display; + }); +} + +/** + * Generate an auto-complete field to query a note with its alias + * @param field_id The identifier of the text field where the alias is typed + * @param alias_matched_id The div block identifier where the matched aliases are displayed + * @param note_list_id The div block identifier where the notes of the buyers are displayed + * @param notes An array containing the note objects of the buyers + * @param notes_display An array containing the infos of the buyers: [alias, note id, note object, quantity] + * @param alias_prefix The prefix of the
      • blocks for the matched aliases + * @param note_prefix The prefix of the
      • blocks for the notes of the buyers + * @param user_note_field The identifier of the field that display the note of the hovered note (useful in + * consumptions, put null if not used) + * @param profile_pic_field The identifier of the field that display the profile picture of the hovered note + * (useful in consumptions, put null if not used) + */ +function autoCompleteNote(field_id, alias_matched_id, note_list_id, notes, notes_display, alias_prefix="alias", + note_prefix="note", user_note_field=null, profile_pic_field=null) { + let field = $("#" + field_id); + // When the user clicks on the search field, it is immediately cleared + field.click(function() { + field.val(""); + }); + + let old_pattern = null; + + // When the user type something, the matched aliases are refreshed + field.keyup(function() { + let pattern = field.val(); + // If the pattern is not modified, or if the field is empty, we don't query the API + if (pattern === old_pattern || pattern === "") + return; + + old_pattern = pattern; + + // Clear old matched notes + notes.length = 0; + + let aliases_matched_obj = $("#" + alias_matched_id); + let aliases_matched_html = ""; + // Get matched notes with the given pattern + getMatchedNotes(pattern, function(note, alias) { + aliases_matched_html += li("alias_" + alias.normalized_name, alias.name); + note.alias = alias; + notes.push(note); + }); + + // Display the list of matched aliases + aliases_matched_obj.html(aliases_matched_html); + + notes.forEach(function (note) { + let alias = note.alias; + let alias_obj = $("#" + alias_prefix + "_" + alias.normalized_name); + // When an alias is hovered, the profile picture and the balance are displayed at the right place + alias_obj.hover(function() { + displayNote(note, alias.name, user_note_field, profile_pic_field); + }); + + // When the user click on an alias, the associated note is added to the emitters + alias_obj.click(function() { + field.val(""); + // If the note is already an emitter, we increase the quantity + var disp = null; + notes_display.forEach(function(d) { + // We compare the note ids + if (d[1] === note.id) { + d[3] += 1; + disp = d; + } + }); + // In the other case, we add a new emitter + if (disp == null) + notes_display.push([alias.name, note.id, note, 1]); + let note_list = $("#" + note_list_id); + let html = ""; + notes_display.forEach(function(disp) { + html += li("note_" + disp[1], disp[0] + + "" + disp[3] + ""); + }); + + // Emitters are displayed + note_list.html(html); + + notes_display.forEach(function(disp) { + let line_obj = $("#" + note_prefix + "_" + disp[1]); + // Hover an emitter display also the profile picture + line_obj.hover(function() { + displayNote(disp[2], disp[0], user_note_field, profile_pic_field); + }); + + // When an emitter is clicked, it is removed + line_obj.click(removeNote(disp, note_prefix, notes_display, user_note_field, profile_pic_field)); + }); + }); + }); + }); +} diff --git a/static/js/consos.js b/static/js/consos.js index d3075edd..9d56672a 100644 --- a/static/js/consos.js +++ b/static/js/consos.js @@ -23,132 +23,13 @@ $(document).ready(function() { }); }); -let old_pattern = null; let notes = []; let notes_display = []; let buttons = []; -// When the user clicks on the search field, it is immediately cleared -let note_obj = $("#note"); -note_obj.click(function() { - note_obj.val(""); -}); - -function li(id, text) { - return "
      • " + text + "
        • \n"; -} - -/** - * Render note name and picture - * @param note The note to render - * @param alias The alias to be displayed - * @param user_note_field - * @param profile_pic_field - */ -function displayNote(note, alias, user_note_field=null, profile_pic_field=null) { - let img = note == null ? null : note.display_image; - if (img == null) - img = '/media/pic/default.png'; - if (note !== null && alias !== note.name) - alias += " (aka. " + note.name + ")"; - if (note !== null && user_note_field !== null) - $("#" + user_note_field).text(alias + " : " + pretty_money(note.balance)); - if (profile_pic_field != null) - $("#" + profile_pic_field).attr('src', img); -} - -function remove_conso(c, obj, note_prefix="note") { - return (function() { - let new_notes_display = []; - let html = ""; - notes_display.forEach(function (disp) { - if (disp[3] > 1 || disp[1] !== c[1]) { - disp[3] -= disp[1] === c[1] ? 1 : 0; - new_notes_display = new_notes_display.concat([disp]); - html += li(note_prefix + "_" + disp[1], disp[0] - + "" + disp[3] + ""); - } - }); - $("#note_list").html(html); - notes_display.forEach(function (disp) { - obj = $("#" + note_prefix + "_" + disp[1]); - obj.click(remove_conso(disp, obj, note_prefix)); - obj.hover(function() { - displayNote(disp[2], disp[0]); - }); - }); - notes_display = new_notes_display; - }); -} - - -function autoCompleteNote(field_id, alias_matched_id, alias_prefix="alias", note_prefix="note", - user_note_field=null, profile_pic_field=null) { - let field = $("#" + field_id); - field.keyup(function() { - let pattern = field.val(); - // If the pattern is not modified, or if the field is empty, we don't query the API - if (pattern === old_pattern || pattern === "") - return; - - old_pattern = pattern; - - notes = []; - let aliases_matched_obj = $("#" + alias_matched_id); - let aliases_matched_html = ""; - getMatchedNotes(pattern, function(note, alias) { - aliases_matched_html += li("alias_" + alias.normalized_name, alias.name); - note.alias = alias; - notes = notes.concat([note]); - }); - - aliases_matched_obj.html(aliases_matched_html); - - notes.forEach(function (note) { - let alias = note.alias; - let alias_obj = $("#" + alias_prefix + "_" + alias.normalized_name); - alias_obj.hover(function() { - displayNote(note, alias.name, user_note_field, profile_pic_field); - }); - - alias_obj.click(function() { - field.val(""); - var disp = null; - notes_display.forEach(function(d) { - if (d[1] === note.id) { - d[3] += 1; - disp = d; - } - }); - if (disp == null) - notes_display = notes_display.concat([[alias.name, note.id, note, 1]]); - let note_list = $("#note_list"); - let html = ""; - notes_display.forEach(function(disp) { - html += li("note_" + disp[1], disp[0] - + "" + disp[3] + ""); - }); - - note_list.html(html); - - notes_display.forEach(function(disp) { - let line_obj = $("#" + note_prefix + "_" + disp[1]); - line_obj.hover(function() { - displayNote(disp[2], disp[0], user_note_field, profile_pic_field); - }); - - line_obj.click(remove_conso(disp, note_prefix)); - }); - }); - }); - }); -} - - // When the user searches an alias, we update the auto-completion -autoCompleteNote("note", "alias_matched", "alias", "note", - "user_note", "profile_pic"); +autoCompleteNote("note", "alias_matched", "note_list", notes, notes_display, + "alias", "note", "user_note", "profile_pic"); /** * Add a transaction from a button. @@ -169,7 +50,7 @@ function addConso(dest, amount, type, category_id, category_name, template_id, t } }); if (button == null) - buttons = buttons.concat([[dest, 1, amount, type, category_id, category_name, template_id, template_name]]); + buttons.push([dest, 1, amount, type, category_id, category_name, template_id, template_name]); // TODO Only in simple consumption mode if (notes.length > 0) @@ -180,10 +61,10 @@ function addConso(dest, amount, type, category_id, category_name, template_id, t * Apply all transactions: all notes in `notes` buy each item in `buttons` */ function consumeAll() { - notes.forEach(function(note) { + notes_display.forEach(function(note_display) { buttons.forEach(function(button) { - consume(note.id, button[0], button[1], button[2], button[7] + " (" + button[5] + ")", - button[3], button[4], button[6]); + consume(note_display[1], button[0], button[1] * note_display[3], button[2], + button[7] + " (" + button[5] + ")", button[3], button[4], button[6]); }); }); } @@ -214,10 +95,9 @@ function consume(source, dest, quantity, amount, reason, type, category, templat "category": category, "template": template }, function() { - notes_display = []; - notes = []; - buttons = []; - old_pattern = null; + notes_display.length = 0; + notes.length = 0; + buttons.length = 0; $("#note_list").html(""); $("#alias_matched").html(""); displayNote(null, ""); diff --git a/templates/note/conso_form.html b/templates/note/conso_form.html index 9b096df3..5cfccb37 100644 --- a/templates/note/conso_form.html +++ b/templates/note/conso_form.html @@ -31,7 +31,7 @@
        - +
        From 7b69ffdefe302963dbdc702c3d44fcda8c96e39c Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Thu, 12 Mar 2020 23:12:49 +0100 Subject: [PATCH 059/119] Better transfers --- apps/note/forms.py | 49 --------- apps/note/views.py | 28 +---- locale/fr/LC_MESSAGES/django.po | 7 ++ static/js/base.js | 26 +++-- templates/base.html | 1 + templates/note/conso_form.html | 2 +- templates/note/transaction_form.html | 155 ++++++++++++++++++++++----- 7 files changed, 158 insertions(+), 110 deletions(-) diff --git a/apps/note/forms.py b/apps/note/forms.py index 2e8e4456..933e29f5 100644 --- a/apps/note/forms.py +++ b/apps/note/forms.py @@ -50,52 +50,3 @@ class TransactionTemplateForm(forms.ModelForm): }, ), } - - -class TransactionForm(forms.ModelForm): - def save(self, commit=True): - super().save(commit) - - def clean(self): - """ - If the user has no right to transfer funds, then it will be the source of the transfer by default. - Transactions between a note and the same note are not authorized. - """ - - cleaned_data = super().clean() - if "source" not in cleaned_data: # TODO Replace it with "if %user has no right to transfer funds" - cleaned_data["source"] = self.user.note - - if cleaned_data["source"].pk == cleaned_data["destination"].pk: - self.add_error("destination", _("Source and destination must be different.")) - - return cleaned_data - - class Meta: - model = Transaction - fields = ( - 'source', - 'destination', - 'reason', - 'amount', - ) - - # Voir ci-dessus - widgets = { - 'source': - autocomplete.ModelSelect2( - url='note:note_autocomplete', - attrs={ - 'data-placeholder': 'Note ...', - 'data-minimum-input-length': 1, - }, - ), - 'destination': - autocomplete.ModelSelect2( - url='note:note_autocomplete', - attrs={ - 'data-placeholder': 'Note ...', - 'data-minimum-input-length': 1, - }, - ), - } diff --git a/apps/note/views.py b/apps/note/views.py index f950fd73..e323a4fd 100644 --- a/apps/note/views.py +++ b/apps/note/views.py @@ -5,24 +5,22 @@ from dal import autocomplete from django.contrib.auth.mixins import LoginRequiredMixin from django.contrib.contenttypes.models import ContentType from django.db.models import Q -from django.urls import reverse from django.utils.translation import gettext_lazy as _ -from django.views.generic import CreateView, ListView, UpdateView +from django.views.generic import CreateView, ListView, UpdateView, TemplateView from django_tables2 import SingleTableView -from .forms import TransactionForm, TransactionTemplateForm +from .forms import TransactionTemplateForm from .models import Transaction, TransactionTemplate, Alias, TemplateTransaction from .tables import HistoryTable -class TransactionCreate(LoginRequiredMixin, CreateView): +class TransactionCreate(LoginRequiredMixin, TemplateView): """ Show transfer page TODO: If user have sufficient rights, they can transfer from an other note """ - model = Transaction - form_class = TransactionForm + template_name = "note/transaction_form.html" def get_context_data(self, **kwargs): """ @@ -31,26 +29,10 @@ class TransactionCreate(LoginRequiredMixin, CreateView): context = super().get_context_data(**kwargs) context['title'] = _('Transfer money from your account ' 'to one or others') - - context['no_cache'] = True + context['polymorphic_ctype'] = ContentType.objects.get_for_model(Transaction).pk return context - def get_form(self, form_class=None): - """ - If the user has no right to transfer funds, then it won't have the choice of the source of the transfer. - """ - form = super().get_form(form_class) - - if False: # TODO: fix it with "if %user has no right to transfer funds" - del form.fields['source'] - form.user = self.request.user - - return form - - def get_success_url(self): - return reverse('note:transfer') - class NoteAutocomplete(autocomplete.Select2QuerySetView): """ diff --git a/locale/fr/LC_MESSAGES/django.po b/locale/fr/LC_MESSAGES/django.po index 05836a54..6fb317ad 100644 --- a/locale/fr/LC_MESSAGES/django.po +++ b/locale/fr/LC_MESSAGES/django.po @@ -408,6 +408,10 @@ msgstr "Un modèle de transaction avec un nom similaire existe déjà." msgid "amount" msgstr "montant" +#: apps/note/models/transactions.py:56 apps/note/models/transactions.py:109 +msgid "Amount" +msgstr "Montant" + #: apps/note/models/transactions.py:57 msgid "in centimes" msgstr "en centimes" @@ -428,6 +432,9 @@ msgstr "quantité" msgid "reason" msgstr "raison" +msgid "Reason" +msgstr "Raison" + #: apps/note/models/transactions.py:115 msgid "valid" msgstr "valide" diff --git a/static/js/base.js b/static/js/base.js index 0c63fb26..cfd8f70e 100644 --- a/static/js/base.js +++ b/static/js/base.js @@ -26,7 +26,8 @@ function pretty_money(value) { if (value % 100 === 0) return (value < 0 ? "- " : "") + Math.floor(Math.abs(value) / 100) + " €"; else - return (value < 0 ? "- " : "") + Math.floor(Math.abs(value) / 100) + "." + (Math.abs(value) % 100) + " €"; + return (value < 0 ? "- " : "") + Math.floor(Math.abs(value) / 100) + "." + + (Math.abs(value) % 100 < 10 ? "0" : "") + (Math.abs(value) % 100) + " €"; } /** @@ -47,7 +48,6 @@ function getMatchedNotes(pattern, fun) { aliases.results.forEach(function(alias) { getJSONSync("/api/note/note/" + alias.note + "/?format=json", function (note) { fun(note, alias); - console.log(alias.name); }); }); }); @@ -85,13 +85,14 @@ function displayNote(note, alias, user_note_field=null, profile_pic_field=null) * @param d The note to remove * @param note_prefix The prefix of the identifiers of the
      • blocks of the emitters * @param notes_display An array containing the infos of the buyers: [alias, note id, note object, quantity] + * @param note_list_id The div block identifier where the notes of the buyers are displayed * @param user_note_field The identifier of the field that display the note of the hovered note (useful in * consumptions, put null if not used) * @param profile_pic_field The identifier of the field that display the profile picture of the hovered note * (useful in consumptions, put null if not used) * @returns an anonymous function to be compatible with jQuery events */ -function removeNote(d, note_prefix="note", notes_display, user_note_field=null, profile_pic_field=null) { +function removeNote(d, note_prefix="note", notes_display, note_list_id, user_note_field=null, profile_pic_field=null) { return (function() { let new_notes_display = []; let html = ""; @@ -103,15 +104,20 @@ function removeNote(d, note_prefix="note", notes_display, user_note_field=null, + "" + disp[3] + ""); } }); - $("#note_list").html(html); + + notes_display.length = 0; + new_notes_display.forEach(function(disp) { + notes_display.push(disp); + }); + + $("#" + note_list_id).html(html); notes_display.forEach(function (disp) { - obj = $("#" + note_prefix + "_" + disp[1]); - obj.click(removeNote(disp, note_prefix, notes_display, user_note_field, profile_pic_field)); + let obj = $("#" + note_prefix + "_" + disp[1]); + obj.click(removeNote(disp, note_prefix, notes_display, note_list_id, user_note_field, profile_pic_field)); obj.hover(function() { displayNote(disp[2], disp[0], user_note_field, profile_pic_field); }); }); - notes_display = new_notes_display; }); } @@ -155,7 +161,7 @@ function autoCompleteNote(field_id, alias_matched_id, note_list_id, notes, notes let aliases_matched_html = ""; // Get matched notes with the given pattern getMatchedNotes(pattern, function(note, alias) { - aliases_matched_html += li("alias_" + alias.normalized_name, alias.name); + aliases_matched_html += li(alias_prefix + "_" + alias.normalized_name, alias.name); note.alias = alias; notes.push(note); }); @@ -189,7 +195,7 @@ function autoCompleteNote(field_id, alias_matched_id, note_list_id, notes, notes let note_list = $("#" + note_list_id); let html = ""; notes_display.forEach(function(disp) { - html += li("note_" + disp[1], disp[0] + html += li(note_prefix + "_" + disp[1], disp[0] + "" + disp[3] + ""); }); @@ -204,7 +210,7 @@ function autoCompleteNote(field_id, alias_matched_id, note_list_id, notes, notes }); // When an emitter is clicked, it is removed - line_obj.click(removeNote(disp, note_prefix, notes_display, user_note_field, profile_pic_field)); + line_obj.click(removeNote(disp, note_prefix, notes_display, note_list_id, user_note_field, profile_pic_field)); }); }); }); diff --git a/templates/base.html b/templates/base.html index 2f2f4ab4..6af81fe8 100644 --- a/templates/base.html +++ b/templates/base.html @@ -117,6 +117,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
        {% block contenttitle %}

        {{ title }}

        {% endblock %} +
        {% block content %}

        Default content...

        {% endblock content %} diff --git a/templates/note/conso_form.html b/templates/note/conso_form.html index 5cfccb37..c5dcef00 100644 --- a/templates/note/conso_form.html +++ b/templates/note/conso_form.html @@ -130,7 +130,7 @@ {% block extrajavascript %} {% endblock %} From e81450e09243460f7b08d74fb04f8f1aac0c44f6 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Fri, 13 Mar 2020 00:11:33 +0100 Subject: [PATCH 060/119] Double consumptions switch (front only) --- templates/note/conso_form.html | 43 +++++++++++++++++++++++++++++----- 1 file changed, 37 insertions(+), 6 deletions(-) diff --git a/templates/note/conso_form.html b/templates/note/conso_form.html index c5dcef00..f5cc82f9 100644 --- a/templates/note/conso_form.html +++ b/templates/note/conso_form.html @@ -7,10 +7,10 @@ {% block content %}
        -
        +
        {# User details column #} -
        +
        @@ -21,7 +21,7 @@
        {# User selection column #} -
        +

        @@ -37,11 +37,24 @@

        + +
        +
        +
        +

        + Sélection des consommations +

        +
        +
          +
        + +
        +
        {# Buttons column #} -
        +
        {# Show last used buttons #}
        @@ -95,11 +108,11 @@
        @@ -132,6 +145,24 @@ {% endblock %} From a1f8ef721a2188ca8caa29069d6cd3d046daa030 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Fri, 13 Mar 2020 09:26:39 +0100 Subject: [PATCH 063/119] Minor fixes on consumptions page --- apps/note/tables.py | 4 ++-- apps/note/views.py | 2 +- static/js/consos.js | 10 +++++----- templates/base.html | 4 ++++ templates/note/conso_form.html | 20 ++++++++++++++++++-- templates/note/transaction_form.html | 12 +++++------- 6 files changed, 35 insertions(+), 17 deletions(-) diff --git a/apps/note/tables.py b/apps/note/tables.py index 3306cb3b..cea2aa8e 100644 --- a/apps/note/tables.py +++ b/apps/note/tables.py @@ -17,8 +17,8 @@ class HistoryTable(tables.Table): 'table table-condensed table-striped table-hover' } model = Transaction - exclude = ("polymorphic_ctype", ) - order_by = ('-id', ) + exclude = ("id", "polymorphic_ctype", ) + order_by = ('-created_at', ) template_name = 'django_tables2/bootstrap4.html' sequence = ('...', 'total', 'valid') diff --git a/apps/note/views.py b/apps/note/views.py index e323a4fd..9b60a642 100644 --- a/apps/note/views.py +++ b/apps/note/views.py @@ -115,7 +115,7 @@ class ConsoView(LoginRequiredMixin, SingleTableView): # Transaction history table table_class = HistoryTable - table_pagination = {"per_page": 10} + table_pagination = {"per_page": 20} def get_context_data(self, **kwargs): """ diff --git a/static/js/consos.js b/static/js/consos.js index 7a38614c..df50bda2 100644 --- a/static/js/consos.js +++ b/static/js/consos.js @@ -23,14 +23,14 @@ $(document).ready(function() { }); }); -let notes = []; -let notes_display = []; -let buttons = []; +notes = []; +notes_display = []; +buttons = []; // When the user searches an alias, we update the auto-completion autoCompleteNote("note", "alias_matched", "note_list", notes, notes_display, "alias", "note", "user_note", "profile_pic", function() { - if (buttons.length > 0) { + if (buttons.length > 0 && $("#single_conso").is(":checked")) { consumeAll(); return false; } @@ -58,7 +58,7 @@ function addConso(dest, amount, type, category_id, category_name, template_id, t if (button == null) buttons.push([dest, 1, amount, type, category_id, category_name, template_id, template_name]); - if ($("#double_conso:checked").length > 0) { + if ($("#double_conso").is(":checked")) { let html = ""; buttons.forEach(function(button) { html += li("conso_button_" + button[6], button[7] diff --git a/templates/base.html b/templates/base.html index 6af81fe8..eefad7c8 100644 --- a/templates/base.html +++ b/templates/base.html @@ -161,6 +161,10 @@ SPDX-License-Identifier: GPL-3.0-or-later
        + + {% block extrajavascript %} {% endblock extrajavascript %} diff --git a/templates/note/conso_form.html b/templates/note/conso_form.html index 6ae643b3..100f46c2 100644 --- a/templates/note/conso_form.html +++ b/templates/note/conso_form.html @@ -143,14 +143,18 @@ {% block extrajavascript %} {% endblock %} From 05fb50965b0c97d43801be7549cb03f69e4cc870 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Sat, 14 Mar 2020 02:09:33 +0100 Subject: [PATCH 071/119] Balance is refreshed after a (de)validation --- templates/note/conso_form.html | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/templates/note/conso_form.html b/templates/note/conso_form.html index a007cecf..46a3b453 100644 --- a/templates/note/conso_form.html +++ b/templates/note/conso_form.html @@ -211,7 +211,10 @@ "resourcetype": "TemplateTransaction", valid: !validated }, - success: refreshHistory + success: function() { + refreshHistory(); + refreshBalance(); + } }); }); From 5d15b8c6138809f9cd8c942e2aa9bf00781e2cb0 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Sat, 14 Mar 2020 12:07:03 +0100 Subject: [PATCH 072/119] Fix (de)validation of transactions --- apps/note/tables.py | 4 +++- templates/note/conso_form.html | 14 ++++++++------ 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/apps/note/tables.py b/apps/note/tables.py index 9309e14c..ceb710df 100644 --- a/apps/note/tables.py +++ b/apps/note/tables.py @@ -27,7 +27,9 @@ class HistoryTable(tables.Table): total = tables.Column() # will use Transaction.total() !! valid = tables.Column(attrs={"td": {"id": lambda record: "validate_" + str(record.id), - "class": lambda record: str(record.valid).lower() + ' validate'}}) + "class": lambda record: str(record.valid).lower() + ' validate', + "onclick": lambda record: 'de_validate(' + str(record.id) + ', ' + + str(record.valid).lower() + ')'}}) def order_total(self, queryset, is_descending): # needed for rendering diff --git a/templates/note/conso_form.html b/templates/note/conso_form.html index 46a3b453..596b3d82 100644 --- a/templates/note/conso_form.html +++ b/templates/note/conso_form.html @@ -192,10 +192,9 @@ {% endif %} {% endfor %} - // When we click on the validate button, the validation status is switched - $(".validate").click(function(e) { - let id = e.target.id.substring(9); - let validated = e.target.classList.contains("true"); + // When a validate button is clicked, we switch the validation status + function de_validate(id, validated) { + $("#validate_" + id).html("⟳ ..."); // Perform a PATCH request to the API in order to update the transaction // If the user has insuffisent rights, an error message will appear @@ -211,11 +210,14 @@ "resourcetype": "TemplateTransaction", valid: !validated }, - success: function() { + success: function () { refreshHistory(); refreshBalance(); + + // Refresh jQuery objects + $(".validate").click(de_validate); } }); - }); + } {% endblock %} From 49952355e609c8fbfc3fd83949f22567ccc663ef Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Sat, 14 Mar 2020 13:16:18 +0100 Subject: [PATCH 073/119] [note] Added type property to transactions --- apps/note/models/transactions.py | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/apps/note/models/transactions.py b/apps/note/models/transactions.py index ed8619d6..7ea2d367 100644 --- a/apps/note/models/transactions.py +++ b/apps/note/models/transactions.py @@ -157,6 +157,10 @@ class Transaction(PolymorphicModel): def total(self): return self.amount * self.quantity + @property + def type(self): + return _('transfert') + class TemplateTransaction(Transaction): """ @@ -174,6 +178,10 @@ class TemplateTransaction(Transaction): on_delete=models.PROTECT, ) + @property + def type(self): + return _('template') + class MembershipTransaction(Transaction): """ @@ -190,3 +198,7 @@ class MembershipTransaction(Transaction): class Meta: verbose_name = _("membership transaction") verbose_name_plural = _("membership transactions") + + @property + def type(self): + return _('membership') From 321927ba1ef9825f48d8d86a9c0b82f07b90e317 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Sat, 14 Mar 2020 13:25:54 +0100 Subject: [PATCH 074/119] [note] tranfert --> transfer --- apps/note/models/transactions.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/note/models/transactions.py b/apps/note/models/transactions.py index 7ea2d367..2fdca76e 100644 --- a/apps/note/models/transactions.py +++ b/apps/note/models/transactions.py @@ -159,7 +159,7 @@ class Transaction(PolymorphicModel): @property def type(self): - return _('transfert') + return _('transfer') class TemplateTransaction(Transaction): From 040bb27528c222b517985fd3c51aaf627183004f Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Sat, 14 Mar 2020 15:13:58 +0100 Subject: [PATCH 075/119] Credit/debit support --- apps/note/api/serializers.py | 14 +- apps/note/models/transactions.py | 22 ++- apps/note/tables.py | 4 - apps/note/views.py | 5 +- templates/note/transaction_form.html | 208 +++++++++++++++++++-------- 5 files changed, 186 insertions(+), 67 deletions(-) diff --git a/apps/note/api/serializers.py b/apps/note/api/serializers.py index 2d85cc41..85f500ed 100644 --- a/apps/note/api/serializers.py +++ b/apps/note/api/serializers.py @@ -6,7 +6,7 @@ from rest_polymorphic.serializers import PolymorphicSerializer from ..models.notes import Note, NoteClub, NoteSpecial, NoteUser, Alias from ..models.transactions import TransactionTemplate, Transaction, MembershipTransaction, TemplateCategory, \ - TemplateTransaction + TemplateTransaction, SpecialTransaction class NoteSerializer(serializers.ModelSerializer): @@ -144,9 +144,21 @@ class MembershipTransactionSerializer(serializers.ModelSerializer): fields = '__all__' +class SpecialTransactionSerializer(serializers.ModelSerializer): + """ + REST API Serializer for Special transactions. + The djangorestframework plugin will analyse the model `SpecialTransaction` and parse all fields in the API. + """ + + class Meta: + model = SpecialTransaction + fields = '__all__' + + class TransactionPolymorphicSerializer(PolymorphicSerializer): model_serializer_mapping = { Transaction: TransactionSerializer, TemplateTransaction: TemplateTransactionSerializer, MembershipTransaction: MembershipTransactionSerializer, + SpecialTransaction: SpecialTransactionSerializer, } diff --git a/apps/note/models/transactions.py b/apps/note/models/transactions.py index 2fdca76e..8997411a 100644 --- a/apps/note/models/transactions.py +++ b/apps/note/models/transactions.py @@ -165,7 +165,6 @@ class Transaction(PolymorphicModel): class TemplateTransaction(Transaction): """ Special type of :model:`note.Transaction` associated to a :model:`note.TransactionTemplate`. - """ template = models.ForeignKey( @@ -183,6 +182,27 @@ class TemplateTransaction(Transaction): return _('template') +class SpecialTransaction(Transaction): + """ + Special type of :model:`note.Transaction` associated to transactions with special notes + """ + + last_name = models.CharField( + max_length=255, + verbose_name=_("name"), + ) + + first_name = models.CharField( + max_length=255, + verbose_name=_("first_name"), + ) + + bank = models.CharField( + max_length=255, + verbose_name=_("bank") + ) + + class MembershipTransaction(Transaction): """ Special type of :model:`note.Transaction` associated to a :model:`member.Membership`. diff --git a/apps/note/tables.py b/apps/note/tables.py index ceb710df..4db13871 100644 --- a/apps/note/tables.py +++ b/apps/note/tables.py @@ -37,20 +37,16 @@ class HistoryTable(tables.Table): .order_by(('-' if is_descending else '') + 'total') return queryset, True - def render_amount(self, value): return pretty_money(value) - def render_total(self, value): return pretty_money(value) - # Django-tables escape strings. That's a wrong thing. def render_reason(self, value): return html.unescape(value) - def render_valid(self, value): return "✔" if value else "✖" diff --git a/apps/note/views.py b/apps/note/views.py index 74da6497..07fd03f8 100644 --- a/apps/note/views.py +++ b/apps/note/views.py @@ -10,7 +10,8 @@ from django.views.generic import CreateView, ListView, UpdateView, TemplateView from django_tables2 import SingleTableView from .forms import TransactionTemplateForm -from .models import Transaction, TransactionTemplate, Alias, TemplateTransaction +from .models import Transaction, TransactionTemplate, Alias, TemplateTransaction, NoteSpecial +from .models.transactions import SpecialTransaction from .tables import HistoryTable @@ -30,6 +31,8 @@ class TransactionCreate(LoginRequiredMixin, TemplateView): context['title'] = _('Transfer money from your account ' 'to one or others') context['polymorphic_ctype'] = ContentType.objects.get_for_model(Transaction).pk + context['special_polymorphic_ctype'] = ContentType.objects.get_for_model(SpecialTransaction).pk + context['special_types'] = NoteSpecial.objects.order_by("special_type").all() return context diff --git a/templates/note/transaction_form.html b/templates/note/transaction_form.html index dc83c171..0543f2d6 100644 --- a/templates/note/transaction_form.html +++ b/templates/note/transaction_form.html @@ -9,7 +9,24 @@ SPDX-License-Identifier: GPL-2.0-or-later
        - +
        + + + + +
        @@ -31,6 +48,48 @@ SPDX-License-Identifier: GPL-2.0-or-later
        + +
        @@ -75,7 +134,23 @@ SPDX-License-Identifier: GPL-2.0-or-later sources_notes_display = []; dests = []; dests_notes_display = []; - transfer_mode = false; + + function reset() { + sources_notes_display.length = 0; + sources.length = 0; + dests_notes_display.length = 0; + dests.length = 0; + $("#source_note_list").html(""); + $("#dest_note_list").html(""); + $("#source_alias_matched").html(""); + $("#dest_alias_matched").html(""); + $("#amount").val(""); + $("#reason").val(""); + $("#last_name").val(""); + $("#first_name").val(""); + $("#bank").val(""); + refreshBalance(); + } $(document).ready(function() { autoCompleteNote("source_note", "source_alias_matched", "source_note_list", sources, sources_notes_display, @@ -84,22 +159,32 @@ SPDX-License-Identifier: GPL-2.0-or-later "dest_alias", "dest_note"); }); - $("#switch_mode").click(function () { - transfer_mode ^= true; - if (transfer_mode) { - $("#switch_mode").text("Passer en mode virement"); - $("#emitters_div").show(); - $("#dests_div").attr('class', 'col-md-6'); - } - else { - $("#switch_mode").text("Passer en mode transfert"); - $("#emitters_div").hide(); - $("#dests_div").attr('class', 'col-md-12'); - } + $("#type_gift").click(function() { + $("#emitters_div").hide(); + $("#external_div").hide(); + $("#dests_div").attr('class', 'col-md-12'); + }); + + $("#type_transfer").click(function() { + $("#emitters_div").show(); + $("#external_div").hide(); + $("#dests_div").attr('class', 'col-md-6'); + }); + + $("#type_credit").click(function() { + $("#emitters_div").hide(); + $("#external_div").show(); + $("#dests_div").attr('class', 'col-md-6'); + }); + + $("#type_debit").click(function() { + $("#emitters_div").hide(); + $("#external_div").show(); + $("#dests_div").attr('class', 'col-md-6'); }); $("#transfer").click(function() { - if (sources_notes_display.length === 0) { + if ($("#type_gift").is(':checked')) { dests_notes_display.forEach(function (dest) { $.post("/api/note/transaction/transaction/", { @@ -120,17 +205,7 @@ SPDX-License-Identifier: GPL-2.0-or-later + " vers la note " + dest[0] + " a été fait avec succès !
        \n"; msgDiv.html(html); - sources_notes_display.length = 0; - sources.length = 0; - dests_notes_display.length = 0; - dests.length = 0; - $("#source_note_list").html(""); - $("#dest_note_list").html(""); - $("#source_alias_matched").html(""); - $("#dest_alias_matched").html(""); - $("#amount").val(""); - $("#reason").val(""); - refreshBalance(); + reset(); }).fail(function (err) { let msgDiv = $("#messages"); let html = msgDiv.html(); @@ -139,21 +214,11 @@ SPDX-License-Identifier: GPL-2.0-or-later + " vers la note " + dest[0] + " a échoué : " + err.responseText + "
        \n"; msgDiv.html(html); - sources_notes_display.length = 0; - sources.length = 0; - dests_notes_display.length = 0; - dests.length = 0; - $("#source_note_list").html(""); - $("#dest_note_list").html(""); - $("#source_alias_matched").html(""); - $("#dest_alias_matched").html(""); - $("#amount").val(""); - $("#reason").val(""); - refreshBalance(); + reset(); }); }); } - else { + else if ($("#type_transfer").is(':checked')) { sources_notes_display.forEach(function (source) { dests_notes_display.forEach(function (dest) { $.post("/api/note/transaction/transaction/", @@ -175,17 +240,7 @@ SPDX-License-Identifier: GPL-2.0-or-later + " vers la note " + dest[0] + " a été fait avec succès !
        \n"; msgDiv.html(html); - sources_notes_display.length = 0; - sources.length = 0; - dests_notes_display.length = 0; - dests.length = 0; - $("#source_note_list").html(""); - $("#dest_note_list").html(""); - $("#source_alias_matched").html(""); - $("#dest_alias_matched").html(""); - $("#amount").val(""); - $("#reason").val(""); - refreshBalance(); + reset(); }).fail(function (err) { let msgDiv = $("#messages"); let html = msgDiv.html(); @@ -194,20 +249,53 @@ SPDX-License-Identifier: GPL-2.0-or-later + " vers la note " + dest[0] + " a échoué : " + err.responseText + "
        \n"; msgDiv.html(html); - sources_notes_display.length = 0; - sources.length = 0; - dests_notes_display.length = 0; - dests.length = 0; - $("#source_note_list").html(""); - $("#dest_note_list").html(""); - $("#source_alias_matched").html(""); - $("#dest_alias_matched").html(""); - $("#amount").val(""); - $("#reason").val(""); - refreshBalance(); + reset(); }); }); }); + } else if ($("#type_credit").is(':checked') || $("#type_debit").is(':checked')) { + let special_note = $("#credit_type").val(); + let user_note = dests_notes_display[0][1]; + let source, dest, reason; + if ($("#type_credit").is(':checked')) { + source = special_note; + dest = user_note; + reason = $("#reason").val() + " (Crédit " + $("#credit_type option:selected").text().toLowerCase() + ")"; + } + else { + source = user_note; + dest = special_note; + reason = $("#reason").val() + " (Retrait " + $("#credit_type option:selected").text().toLowerCase() + ")"; + } + $.post("/api/note/transaction/transaction/", + { + "csrfmiddlewaretoken": CSRF_TOKEN, + "quantity": dest[3], + "amount": $("#amount").val(), + "reason": reason, + "valid": true, + "polymorphic_ctype": {{ special_polymorphic_ctype }}, + "resourcetype": "SpecialTransaction", + "source": source, + "destination": dest, + "last_name": $("#last_name").val(), + "first_name": $("#first_name").val(), + "bank": $("#bank").val() + }, function () { + let msgDiv = $("#messages"); + let html = msgDiv.html(); + html += "
        Le crédit/retrait a bien été effectué !
        \n"; + msgDiv.html(html); + + reset(); + }).fail(function (err) { + let msgDiv = $("#messages"); + let html = msgDiv.html(); + html += "
        Le crédit/transfert a échoué : " + err.responseText + "
        \n"; + msgDiv.html(html); + + reset(); + }); } }); From 717891869de7282bf02a3d83d23e27e6128d7d5b Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Sat, 14 Mar 2020 15:36:03 +0100 Subject: [PATCH 076/119] Auto-complete first and last name for credits and debits --- apps/note/views.py | 3 +-- locale/de/LC_MESSAGES/django.po | 2 +- locale/fr/LC_MESSAGES/django.po | 4 ++-- templates/note/transaction_form.html | 27 ++++++++++++++++++++++----- 4 files changed, 26 insertions(+), 10 deletions(-) diff --git a/apps/note/views.py b/apps/note/views.py index 07fd03f8..23326e5f 100644 --- a/apps/note/views.py +++ b/apps/note/views.py @@ -28,8 +28,7 @@ class TransactionCreate(LoginRequiredMixin, TemplateView): Add some context variables in template such as page title """ context = super().get_context_data(**kwargs) - context['title'] = _('Transfer money from your account ' - 'to one or others') + context['title'] = _('Transfer money') context['polymorphic_ctype'] = ContentType.objects.get_for_model(Transaction).pk context['special_polymorphic_ctype'] = ContentType.objects.get_for_model(SpecialTransaction).pk context['special_types'] = NoteSpecial.objects.order_by("special_type").all() diff --git a/locale/de/LC_MESSAGES/django.po b/locale/de/LC_MESSAGES/django.po index 6c60a9fe..489e64cd 100644 --- a/locale/de/LC_MESSAGES/django.po +++ b/locale/de/LC_MESSAGES/django.po @@ -443,7 +443,7 @@ msgid "membership transactions" msgstr "" #: apps/note/views.py:29 -msgid "Transfer money from your account to one or others" +msgid "Transfer money" msgstr "" #: apps/note/views.py:139 diff --git a/locale/fr/LC_MESSAGES/django.po b/locale/fr/LC_MESSAGES/django.po index 6fb317ad..695a789b 100644 --- a/locale/fr/LC_MESSAGES/django.po +++ b/locale/fr/LC_MESSAGES/django.po @@ -456,8 +456,8 @@ msgid "membership transactions" msgstr "transactions d'adhésion" #: apps/note/views.py:29 -msgid "Transfer money from your account to one or others" -msgstr "Transfert d'argent de ton compte vers un ou plusieurs autres" +msgid "Transfer money" +msgstr "Transferts d'argent" #: note_kfet/settings/__init__.py:63 msgid "" diff --git a/templates/note/transaction_form.html b/templates/note/transaction_form.html index 0543f2d6..c6f3cd9b 100644 --- a/templates/note/transaction_form.html +++ b/templates/note/transaction_form.html @@ -9,7 +9,7 @@ SPDX-License-Identifier: GPL-2.0-or-later
        -
        +
        -