Commit Graph

293 Commits

Author SHA1 Message Date
imperosol
b0884c6b04 return 404 when accessing not existing account 2024-10-08 15:30:35 +02:00
imperosol
58d3a7ee2c Optimize user account pages 2024-10-04 13:41:39 +02:00
thomas girod
a4fe4996aa
Merge pull request #834 from ae-utbm/real-name
Restore real name
2024-10-03 10:12:23 +02:00
Sli
655d72a2b1 Completely integrate wepack in django
* Migrate alpine
* Migrate jquery and jquery-ui
* Migrate shorten
* Add babel for javascript
* Introduce staticfiles django app
* Only bundle -index.js files in static/webpack
* Unify scss and webpack generated files
* Convert scss calls to static
* Add --clear-generated option to collectstatic
* Fix docs warnings
2024-10-02 16:11:02 +02:00
thomas girod
c5f5ad3f75 fix 500 when searching users 2024-09-29 23:01:55 +02:00
thomas girod
f182de5929 restore user ordering 2024-09-24 12:52:40 +02:00
thomas girod
c6657bffd2 fix: profile picture deletion by board members 2024-09-23 23:35:14 +02:00
Sli
9c93162741 Add missing files 2024-09-23 10:25:27 +02:00
Sli
6068c6048a Use real name of the website once again 2024-09-23 01:37:25 +02:00
Bartuccio Antoine
f624b7c66d
Graph de famille en frontend (#820)
* Remove graphviz and use cytoscape.js instead

* Frontend generated graphs
* Make installation easier and faster
* Better user experience
* Family api and improved interface
* Fix url history when using 0, improve button selection and reset reverse with reset button
* Use klay layout
* Add js translations and apply review comments
2024-09-17 12:10:06 +02:00
thomas girod
55ad1f99fd fix undeletable SAS pictures 2024-09-10 21:38:13 +02:00
thomas girod
dd07c374d7 convert uploaded images to webp 2024-09-01 19:05:54 +02:00
thomas girod
b3e59b3829 remove unused view GET user/<user_id>/profile_upload 2024-09-01 18:49:50 +02:00
thomas girod
a4d801bed4
Merge pull request #798 from ae-utbm/fix-content-disposition
repair name of protected files
2024-08-30 10:44:49 +02:00
thomas girod
fbff38c5c3 repair name of protected files
Depuis l'implémentation de l'envoi des fichiers par le reverse-proxy, le nom des fichiers n'était plus envoyé.
2024-08-30 10:27:03 +02:00
Sli
cc5df9b171 Better form for user submiting images, fix potential attack vector on bad file being resized and treated as an image 2024-08-27 17:05:37 +02:00
thomas girod
d295cc5223 move vendored files into their own folder 2024-08-26 22:34:32 +02:00
thomas girod
4036bfd703
Merge pull request #775 from ae-utbm/user-pictures-ajax
Render user picture page with ajax to improve performances
2024-08-18 12:40:07 +02:00
thomas girod
7a0fa9f1a0 remove doku/bbcode to markdown 2024-08-10 14:23:01 +02:00
Sli
0eeaf1ce21 Render user picture page with ajax to improve performances 2024-08-09 18:09:58 +02:00
thomas girod
0b9ccf6a57 paginate GET /api/sas/picture 2024-08-08 11:50:45 +02:00
thomas girod
62bb15317c T2 ruff rule 2024-08-06 11:42:10 +02:00
thomas girod
a637742bb0 apply review comment 2024-08-05 10:52:15 +02:00
thomas girod
a5e4db99fb Use X-Accel-Redirect to send files in prod 2024-08-05 10:52:15 +02:00
thomas girod
a9f66e2cd9 extract sent_from_logged_counter(request) 2024-08-05 10:52:15 +02:00
Sli
181e74b1d1 Add antispam app
* update_spam_database command to update suspicious domains from an
   external provider
* Add a AntiSpamEmailField that deny emails from suspicious domains
* Update documentation
2024-08-04 22:34:40 +02:00
thomas girod
e5434961de
Merge pull request #736 from ae-utbm/better-scss
Better scss
2024-07-28 16:35:12 +02:00
thomas girod
2737cae4ab update django-phonenumber-field 2024-07-26 21:45:18 +02:00
thomas girod
63b6b262c6 repair BASE_DIR 2024-07-26 18:21:57 +02:00
thomas girod
424639ea80 better scss 2024-07-26 15:55:15 +02:00
thomas girod
3c76c5e0f1 fix grouping 2024-07-26 00:39:29 +02:00
thomas girod
d348e6314a fix the pictures order (not just the album) 2024-07-26 00:39:29 +02:00
thomas girod
b3fa6f352b fix album order for user pictures 2024-07-26 00:39:29 +02:00
Sli
15f51fb03f Create an NFC button for browser supporting NFC API 2024-07-25 07:18:39 +02:00
thomas girod
04e7f65e8e
Merge pull request #725 from ae-utbm/drop-jquery-calendar
Remove jquery datetimepicker
2024-07-25 01:20:41 +02:00
thomas girod
9295325d21 remove jquery datetime picker 2024-07-23 23:26:48 +02:00
thomas girod
3046438cb1 replace drf by django-ninja 2024-07-23 19:57:33 +02:00
thomas girod
8c69a94488 use google convention for docstrings 2024-07-21 00:57:04 +02:00
thomas girod
e15bcfae07 Send an email when creating an account via POST /register 2024-07-10 17:21:07 +02:00
Sli
72cf5a3d5e Introduce honeypot for login/registering/password changing 2024-07-10 14:51:39 +02:00
thomas girod
2ac578c3ad ruff rule DJ
Co-authored-by: Bartuccio Antoine <klmp200@users.noreply.github.com>
2024-07-08 15:37:10 +02:00
thomas girod
171a1cb876 ruff rule FBT 2024-07-08 15:37:09 +02:00
thomas girod
cfc19434d0 ruff rules UP008 and UP009 2024-07-08 15:37:09 +02:00
thomas girod
688871a680 ruff rule A 2024-07-08 15:37:08 +02:00
thomas girod
3143d3d91a reorganize imports with ruff 2024-06-26 12:35:38 +02:00
thomas girod
9bdf3fc4ac use ruff for formating
Co-authored-by: Bartuccio Antoine <klmp200@users.noreply.github.com>
2024-06-26 12:35:14 +02:00
Sli
e1bf7caa9a Fix CVE-2023-31047 2024-06-24 13:27:22 +02:00
Julien Constant
b30ee0a27a
[FIX] Correction de bugs (#617)
* Fix #600

* Fix #602

* Fixes & améliorations du nouveau CSS (#616)

* Fix #604

* should fix #605

* Fix #608

* Update core/views/site.py

Co-Authored-By: thomas girod <56346771+imperosol@users.noreply.github.com>

* Added back the permission denied

* Should fix #609

* Fix failing test when 2 user are merged

* Should fix #610

* Should fix #627

* Should fix #109

Block les URLs suivantes lorsque le fichier se trouve dans le dir `profiles` ou `SAS` :
- `/file/<id>/`
- `/file/<id>/[delete|prop|edit]`

> Les urls du SAS restent accessiblent pour les roots & les admins SAS
> Les urls de profiles sont uniquement accessiblent aux roots

* Fix root dir of SAS being unnaccessible for sas admins

⚠️ need to edit the SAS directory & save it (no changes required in sas directory properties)

* Remove overwritten code

* Should fix duplicated albums in user profile (wtf)

* Fix typo

* Extended profiles picture access to board members

* Should fix #607

* Fix keyboard navigation not working properly

* Fix user tagged pictures section inside python rather than in the template

* Update utils.py

* Apply suggested changes

* Fix #604

* Fix #608

* Added back the permission denied

* Should fix duplicated albums in user profile (wtf)

* Fix user tagged pictures section inside python rather than in the template

* Apply suggested changes

---------

Co-authored-by: thomas girod <56346771+imperosol@users.noreply.github.com>
2023-05-02 13:07:36 +02:00
thomas girod
ef968f3673
Better usage of cache for groups and clubs related operations (#634)
* Better usage of cache for group retrieval

* Cache clearing on object deletion or update

* replace signals by save and delete override

* add is_anonymous check in is_owned_by

Add in many is_owned_by(self, user) methods that user is not anonymous. Since many of those functions do db queries, this should reduce a little bit the load of the db.

* Stricter usage of User.is_in_group

Constrain the parameters that can be passed to the function to make sure only a str or an int can be used. Also force to explicitly specify if the group id or the group name is used.

* write test and correct bugs

* remove forgotten populate commands

* Correct test
2023-05-02 12:36:59 +02:00
thomas girod
b5a40cfda9
Mise à jour de Black vers la version 23.3 (#629) 2023-04-22 15:32:31 +02:00