Updated FontAwesome from 4.7.0 to 6.4.0

Used icons instead of text & updated layout accordingly
Fix rebase
2025-07-12 12:59:24 +00:00 · 2023-05-11 14:56:04 +02:00 · 2023-05-11 14:54:51 +02:00 · 2023-05-11 14:53:59 +02:00 · 2023-05-11 14:51:44 +02:00 · 2023-05-11 14:47:49 +02:00
505 changed files with 24868 additions and 17813 deletions
--- a/.envrc
+++ b/.envrc
@ -0,0 +1,14 @@
+if [[ ! -f pyproject.toml ]]; then
+  log_error 'No pyproject.toml found. Use `poetry new` or `poetry init` to create one first.'
+  exit 2
+fi
+
+local VENV=$(poetry env list --full-path | cut -d' ' -f1)
+if [[ -z $VENV || ! -d $VENV/bin ]]; then
+  log_error 'No poetry virtual environment found. Use `poetry install` to create one first.'
+  exit 2
+fi
+
+export VIRTUAL_ENV=$VENV
+export POETRY_ACTIVE=1
+PATH_add "$VENV/bin"
--- a/.github/actions/compile_messages/action.yml
+++ b/.github/actions/compile_messages/action.yml
@ -0,0 +1,8 @@
+name: "Compile messages"
+description: "Compile the gettext translation messages"
+runs:
+  using: composite
+  steps:
+      - name: Setup project
+        run: poetry run ./manage.py compilemessages
+        shell: bash
--- a/.github/actions/setup_project/action.yml
+++ b/.github/actions/setup_project/action.yml
@ -0,0 +1,53 @@
+name: "Setup project"
+description: "Setup Python and Poetry"
+runs:
+  using: composite
+  steps:
+    - name: Install apt packages
+      uses: awalsh128/cache-apt-pkgs-action@latest
+      with:
+        packages: gettext libxapian-dev libgraphviz-dev
+        version: 1.0  # increment to reset cache
+
+    - name: Install dependencies
+      run: |
+        sudo apt update
+        sudo apt install gettext libxapian-dev libgraphviz-dev
+      shell: bash
+
+    - name: Set up python
+      uses: actions/setup-python@v4
+      with:
+        python-version: "3.10"
+
+    - name: Load cached Poetry installation
+      id: cached-poetry
+      uses: actions/cache@v3
+      with:
+        path: ~/.local
+        key: poetry-0  # increment to reset cache
+
+    - name: Install Poetry
+      if: steps.cached-poetry.outputs.cache-hit != 'true'
+      shell: bash
+      run: curl -sSL https://install.python-poetry.org | python3 -
+
+    - name: Check pyproject.toml syntax
+      shell: bash
+      run: poetry check
+
+    - name: Load cached dependencies
+      uses: actions/cache@v3
+      with:
+        path: ~/.cache/pypoetry
+        key: ${{ runner.os }}-poetry-${{ hashFiles('**/poetry.lock') }}
+        restore-keys: |
+          ${{ runner.os }}-poetry-
+
+    - name: Install dependencies
+      run: poetry install -E testing -E docs
+      shell: bash
+
+    - name: Compile gettext messages
+      run: poetry run ./manage.py compilemessages
+      shell: bash
--- a/.github/actions/setup_xapian/action.yml
+++ b/.github/actions/setup_xapian/action.yml
@ -0,0 +1,10 @@
+name: "Setup xapian"
+description: "Setup the xapian indexes"
+runs:
+  using: composite
+  steps:
+    - name: Setup xapian index
+      run: |
+        mkdir -p /dev/shm/search_indexes
+        ln -s /dev/shm/search_indexes sith/search_indexes
+      shell: bash
--- a/.github/auto_assign.yml
+++ b/.github/auto_assign.yml
@ -0,0 +1,13 @@
+# Set to true to add reviewers to pull requests
+addReviewers: true
+
+# Set to true to add assignees to pull requests
+addAssignees: author
+
+# A list of team reviewers to be added to pull requests (GitHub team slug)
+reviewers:
+  - ae-utbm/sith-3-developers
+
+# Number of reviewers has no impact on GitHub teams
+# Set 0 to add all the reviewers (default: 0)
+numberOfReviewers: 0
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -0,0 +1,18 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "pip" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "daily"
+    # Raise pull requests for version updates
+    # to pip against the `develop` branch
+    target-branch: "taiste"
+    reviewers:
+      - "ae-utbm/developpers-v3"
+    commit-message:
+      prefix: "[UPDATE] "
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -0,0 +1,43 @@
+name: Sith 3 CI
+
+on:
+  push:
+    branches:
+      - master
+      - taiste
+  pull_request:
+    branches:
+      - master
+      - taiste
+
+jobs:
+  black:
+    name: Black format
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v3
+      - name: Setup Project
+        uses: ./.github/actions/setup_project
+      - run: poetry run black --check .
+
+  tests:
+    name: Run tests and generate coverage report
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v3
+      - uses: ./.github/actions/setup_project
+      - uses: ./.github/actions/setup_xapian
+      - uses: ./.github/actions/compile_messages
+      - name: Run tests
+        run: poetry run coverage run ./manage.py test
+      - name: Generate coverage report
+        run: |
+          poetry run coverage report
+          poetry run coverage html
+      - name: Archive code coverage results
+        uses: actions/upload-artifact@v3
+        with:
+          name: coverage-report
+          path: coverage_report
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@ -0,0 +1,64 @@
+name: Deploy to production
+concurrency: production
+
+on:
+  push:
+    branches: [master]
+  workflow_dispatch:
+
+jobs:
+  deployment:
+    runs-on: ubuntu-latest
+    environment: production
+    timeout-minutes: 30
+  
+    steps:
+    - name: SSH Remote Commands
+      uses: appleboy/ssh-action@dce9d565de8d876c11d93fa4fe677c0285a66d78
+      with:
+        # Proxy
+        proxy_host : ${{secrets.PROXY_HOST}}
+        proxy_port : ${{secrets.PROXY_PORT}}
+        proxy_username : ${{secrets.PROXY_USER}}
+        proxy_passphrase: ${{secrets.PROXY_PASSPHRASE}}
+        proxy_key: ${{secrets.PROXY_KEY}}
+        
+        # Serveur web
+        host: ${{secrets.HOST}}
+        port : ${{secrets.PORT}}
+        username : ${{secrets.USER}}
+        key: ${{secrets.KEY}}
+
+        script_stop: true
+
+        # See https://github.com/ae-utbm/sith3/wiki/GitHub-Actions#deployment-action
+        script: |
+          export PATH="/home/sith/.local/bin:$PATH"
+          pushd ${{secrets.SITH_PATH}}
+
+          git pull
+          poetry install
+          poetry run ./manage.py migrate
+          echo "yes" | poetry run ./manage.py collectstatic
+          poetry run ./manage.py compilestatic
+          poetry run ./manage.py compilemessages
+
+          sudo systemctl restart uwsgi
+  
+  sentry:
+    runs-on: ubuntu-latest
+    environment: production
+    timeout-minutes: 30
+    needs: deployment
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Sentry Release
+        uses: getsentry/action-release@v1.2.0
+        env:
+          SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
+          SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
+          SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
+          SENTRY_URL: ${{ secrets.SENTRY_URL }}
+        with:
+          environment: production
--- a/.github/workflows/taiste.yml
+++ b/.github/workflows/taiste.yml
@ -0,0 +1,62 @@
+name: Sith3 taiste
+
+on:
+  push:
+    branches: [ taiste ]
+
+jobs:
+  deployment:
+    runs-on: ubuntu-latest
+    environment: taiste
+    timeout-minutes: 30
+
+    steps:
+    - name: SSH Remote Commands
+      uses: appleboy/ssh-action@dce9d565de8d876c11d93fa4fe677c0285a66d78
+      with:
+        # Proxy
+        proxy_host : ${{secrets.PROXY_HOST}}
+        proxy_port : ${{secrets.PROXY_PORT}}
+        proxy_username : ${{secrets.PROXY_USER}}
+        proxy_passphrase: ${{secrets.PROXY_PASSPHRASE}}
+        proxy_key: ${{secrets.PROXY_KEY}}
+
+        # Serveur web
+        host: ${{secrets.HOST}}
+        port : ${{secrets.PORT}}
+        username : ${{secrets.USER}}
+        key: ${{secrets.KEY}}
+
+        script_stop: true
+
+        # See https://github.com/ae-utbm/sith3/wiki/GitHub-Actions#deployment-action
+        script: |
+          export PATH="$HOME/.poetry/bin:$PATH"
+          pushd ${{secrets.SITH_PATH}}
+
+          git pull
+          poetry install
+          poetry run ./manage.py migrate
+          echo "yes" | poetry run ./manage.py collectstatic
+          poetry run ./manage.py compilestatic
+          poetry run ./manage.py compilemessages
+
+          sudo systemctl restart uwsgi
+
+  sentry:
+    runs-on: ubuntu-latest
+    environment: taiste
+    timeout-minutes: 30
+    needs: deployment
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Sentry Release
+        uses: getsentry/action-release@v1.2.0
+        env:
+          SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
+          SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
+          SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
+          SENTRY_URL: ${{ secrets.SENTRY_URL }}
+        with:
+          environment: taiste
--- a/.gitignore
+++ b/.gitignore
@ -4,12 +4,17 @@ db.sqlite3
 *.mo
 *__pycache__*
 .DS_Store
+pyrightconfig.json
+dist/
 .vscode/
+.idea/
 env/
 doc/html
 data/
+galaxy/test_galaxy_state.json
 /static/
 sith/settings_custom.py
 sith/search_indexes/
 .coverage
 coverage_report/
+doc/_build
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -1,26 +0,0 @@
-stages:
-  - test
-
-test:
-  stage: test
-  script:
-  - apt-get update
-  - apt-get install -y gettext python3-xapian
-  - pushd /usr/lib/python3/dist-packages/xapian && ln -s _xapian* _xapian.so && popd
-  - export PYTHONPATH="/usr/lib/python3/dist-packages:$PYTHONPATH"
-  - python -c 'import xapian' # Fail immediately if there is a problem with xapian
-  - pip install -r requirements.txt
-  - pip install coverage
-  - ./manage.py compilemessages
-  - coverage run ./manage.py test
-  - coverage html
-  - coverage report
-  artifacts:
-    paths:
-      - coverage_report/
-
-black:
-  stage: test
-  script:
-    - pip install black
-    - black --check .
--- a/.mailmap
+++ b/.mailmap
@ -0,0 +1,19 @@
+Code <gregoire.duvauchelle@utbm.fr>
+Cyl <labetowiez@aol.fr>
+Juste <maaxleblanc@gmail.com>
+Krophil <pierre.brunet@krophil.fr>
+Lo-J <renaudg779@gmail.com>
+Nabos <gnikwo@hotmail.com>
+Och <francescowitz68@gmail.com>
+Partoo <joqaste@gmail.com>
+Skia <skia@hya.sk> <lordbanana25@mailoo.org>
+Skia <skia@hya.sk> <skia@libskia.so>
+Sli <klmp200@klmp200.net> <antoine@bartuccio.fr>
+Soldat <ryan-68@live.fr>
+Terre <jbaptiste.lenglet+git@gmail.com>
+Vial <robin.trioux@utbm.fr>
+Zar <antoine.charmeau@utbm.fr> <antoine.charmeau@laposte.net>
+root <root@localhost.localdomain>
+tleb <tleb@openmailbox.org> <theo.lebrun@live.fr>
+tleb <tleb@openmailbox.org> <theo.lebrun@utbm.fr>
+Maréchal <thgirod@hotmail.com>
--- a/.readthedocs.yml
+++ b/.readthedocs.yml
@ -0,0 +1,26 @@
+# Read the Docs configuration file
+# See https://docs.readthedocs.io/en/stable/config-file/v2.html for details
+
+# Required
+version: 2
+
+# Allow installing xapian-bindings in pip
+build:
+  apt_packages:
+    - libxapian-dev
+
+# Build documentation in the doc/ directory with Sphinx
+sphinx:
+  configuration: doc/conf.py
+
+# Optionally build your docs in additional formats such as PDF and ePub
+formats: all
+
+# Optionally set the version of Python and requirements required to build your docs
+python:
+  version: "3.8"
+  install:
+    - method: pip
+      path: .
+      extra_requirements:
+        - docs
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -1,106 +0,0 @@
-*Contribuer c'est la vie*
-=========================
-
-Hey ! Tu veux devenir un mec bien et en plus devenir bon en python si tu l'es pas déjà ?
-Il se trouve que le sith AE prévu pour l'été 2016 a besoin de toi !
-
-Pour faire le sith, on utilise le framework Web [Django](https://docs.djangoproject.com/fr/1.11/intro/)  
-N'hésite pas à lire les tutos et à nous demander (ae.info@utbm.fr).
-
-Bon, passons aux choses sérieuses, pour bidouiller le sith sans le casser :  
-Ben en fait, tu peux pas le casser, tu vas juste t'amuser comme un petit fou sur un clone du sith.
-
-C'est pas compliqué, il suffit d'avoir [Git](http://www.git-scm.com/book/fr/v2), python et pip (pour faciliter la gestion des paquets python).
-
-Tout d'abord, tu vas avoir besoin d'un compte Gitlab pour pouvoir te connecter.  
-Ensuite, tu fais :
-`git clone https://ae-dev.utbm.fr/ae/Sith.git`
-Avec cette commande, tu clones le sith AE dans le dossier courant.
-
-```bash
-cd Sith
-virtualenv --system-site-packages --python=python3 env
-source env/bin/activate
-pip install -r requirements.txt
-./manage runserver
-```
-
-Attention aux dépendances système, à voir dans le README.md
-
-Maintenant, faut passer le sith en mode debug dans le fichier de settings personnalisé.
-
-```bash
-echo "DEBUG=True" > sith/settings_custom.py
-echo 'SITH_URL = "localhost:8000"' >> sith/settings_custom.py
-```
-
-Enfin, il s'agit de créer la base de donnée de test lors de la première utilisation
-
-```bash
-./manage.py setup
-```
-
-Et pour lancer le sith, tu fais `python3 manage.py runserver`
-
-Voilà, c'est le sith AE. Il y a des issues dans le gitlab qui sont à régler. Si tu as un domaine qui t'intéresse, une appli que tu voudrais développer, n'hésites pas et contacte-nous.
-Va, et que l'AE soit avec toi.
-
-# Black
-
-Pour uniformiser le formattage du code nous utilisons [Black](https://github.com/ambv/black). Cela permet d'avoir le même codestyle et donc le codereview prend moins de temps. Tout étant dans le même format, il est plus facile pour chacun de comprendre le code de chacun ! Cela permet aussi d'éviter des erreurs (y parait 🤷‍♀️).
-
-Installation de black:
-
-```bash
-pip install black
-```
-
-## Sous VsCode:
-Attention, pour VsCode, Black doit être installé dans votre virtualenv !
-Ajouter ces deux lignes dans les settings de VsCode
-
-```json
-{
-    "python.formatting.provider": "black",
-    "editor.formatOnSave": true
-}
-```
-
-## Sous Sublime Text
-Il faut installer le plugin [sublack](https://packagecontrol.io/packages/sublack) depuis Package Control.
-
-Il suffit ensuite d'ajouter dans les settings du projet (ou en global)
-
-```json
-{
-    "sublack.black_on_save": true
-}
-```
-
-Si vous utilisez le plugin [anaconda](http://damnwidget.github.io/anaconda/), pensez à modifier les paramètres du linter pep8 pour éviter de recevoir des warnings dans le formatage de black
-
-```json
-{
-    "pep8_ignore": [
-      "E203",
-      "E266",
-      "E501",
-      "W503"
-    ]
-}
-```
-
-Sites et doc cools
------------------
-
-[Classy Class-Based Views](http://ccbv.co.uk/projects/Django/1.11/)
-
-Helpers:
-
-`./manage.py makemessages --ignore "env/*" -e py,jinja`
-
-`for f in $(find . -name "*.py" ! -path "*migration*" ! -path "./env/*" ! -path "./doc/*"); do cat ./doc/header "$f" > /tmp/temp && mv /tmp/temp "$f"; done`
-
-
-
-
--- a/CONTRIBUTING.rst
+++ b/CONTRIBUTING.rst
@ -0,0 +1,3 @@
+Pour contribuer au projet, vous pouvez vous référer à la documentation disponible à https://sith-ae.readthedocs.io/.
+
+Et n'oubliez pas, contribuer c'est la vie !
--- a/2320
+++ b/2320
--- a/LICENSE.old
+++ b/LICENSE.old
@ -1,21 +0,0 @@
-The MIT License (MIT)
-
-Copyright (c) 2016 Skia
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
--- a/README.md
+++ b/README.md
@ -1,104 +1,40 @@
-[![pipeline status](https://ae-dev.utbm.fr/ae/Sith/badges/master/pipeline.svg)](https://ae-dev.utbm.fr/ae/Sith/commits/master)
-[![coverage report](https://ae-dev.utbm.fr/ae/Sith/badges/master/coverage.svg)](https://ae-dev.utbm.fr/ae/Sith/commits/master)
-[![Code style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/ambv/black)
-[![project chat](https://img.shields.io/badge/zulip-join_chat-brightgreen.svg)](https://ae-dev.zulipchat.com)
+<p align="center">
+  <a href="#">
+    <img src="https://img.shields.io/badge/Code%20Style-Black-000000?style=for-the-badge">
+  </a>
+  <a href="#">
+    <img src="https://img.shields.io/github/checks-status/ae-utbm/sith3/master?logo=github&style=for-the-badge&label=BUILD">
+  </a>
+  <a href="https://sith-ae.readthedocs.io/">
+    <img src="https://img.shields.io/readthedocs/sith-ae?logo=readthedocs&style=for-the-badge">
+  </a>
+  <a href="https://discord.gg/XK9WfPsUFm">
+    <img src="https://img.shields.io/discord/971448179075731476?label=Discord&logo=discord&style=for-the-badge">
+  </a>
+</p>

-## Sith AE
+<h3 align="center">This is the source code of the UTBM's student association available at https://ae.utbm.fr/.</h3>

-### Dependencies:
-See requirements.txt
+<p align="justify">All documentation is in the <code>docs</code> directory and online at https://sith-ae.readthedocs.io/. This documentation is written in French because it targets a French audience and it's too much work to maintain two versions. The code and code comments are strictly written in English.</p>

-You may need to install some dev libraries like `libmysqlclient-dev`, `libssl-dev`, `libjpeg-dev`, `python3-xapian`, or `zlib1g-dev` to install all the
-requiered dependancies with pip. You may also need `mysql-client`. Don't also forget `python3-dev` if you don't have it
-already.
-
-You can check all of them with:
-
-```bash
-sudo apt install libmysqlclient-dev libssl-dev libjpeg-dev zlib1g-dev python3-dev libffi-dev python3-dev libgraphviz-dev pkg-config python3-xapian gettext
-```
-
-On macos, you will need homebrew
-
-```bash
-brew install xapian
-```
-
-If it doesn't work it's because it need [this pull request](https://github.com/Homebrew/homebrew-core/pull/34835) to be validated.
-
-The development is done with sqlite, but it is advised to set a more robust DBMS for production (Postgresql for example)
-
-### Get started
-
-To start working on the project, just run the following commands:
-
-```bash
-git clone https://ae-dev.utbm.fr/ae/Sith.git
-cd Sith
-virtualenv --system-site-packages --python=python3 env
-source env/bin/activate
-pip install -r requirements.txt
-./manage.py setup
-```
-
-To start the simple development server, just run `python3 manage.py runserver`
-
-For more informations, check out the CONTRIBUTING.md file.
-
-### Logging errors with sentry
-
-To connect the app to sentry.io, you must set the variable SENTRY_DSN in your settings custom. It's composed of the full link given on your sentry project
-
-### Generating documentation
-
-There is a Doxyfile at the root of the project, meaning that if you have Doxygen, you can run `doxygen Doxyfile` to
-generate a complete HTML documentation that will be available in the *./doc/html/* folder.
-
-### Collecting statics for production:
-
-We use scss in the project. In development environment (DEBUG=True), scss is compiled every time the file is needed. For production, it assumes you have already compiled every files and to do so, you need to use the following commands : 
-
-```bash
-./manage.py collectstatic # To collect statics
-./manage.py compilestatic # To compile scss in those statics
-```
-
-### Misc about development
-
-#### Controlling the rights
-
-When you need to protect an object, there are three levels:
-  * Editing the object properties
-  * Editing the object various values
-  * Viewing the object
-
-Now you have many solutions in your model:
-  * You can define a `is_owned_by(self, user)`, a `can_be_edited_by(self, user)`, and/or a `can_be_viewed_by(self, user)`
-    method, each returning True is the user passed can edit/view the object, False otherwise.   
-    This allows you to make complex request when the group solution is not powerful enough.    
-    It's useful too when you want to define class-wide permissions, e.g. the club members, that are viewable only for
-    Subscribers.
-  * You can add an `owner_group` field, as a ForeignKey to Group.  Second is an `edit_groups` field, as a ManyToMany to
-    Group, and third is a `view_groups`, same as for edit.
-
-Finally, when building a class based view, which is highly advised, you just have to inherit it from CanEditPropMixin,
-CanEditMixin, or CanViewMixin, which are located in core.views. Your view will then be protected using either the
-appropriate group fields, or the right method to check user permissions.
-
-#### Counting the number of line of code
-
-```bash
-sudo apt install cloc
-cloc --exclude-dir=doc,env .
-```
-
-#### Updating doc/SYNTAX.md
-
-If you make an update in the Markdown syntax parser, it's good to document
-update the syntax reference page in `doc/SYNTAX.md`. But updating this file will
-break the tests if you don't update the corresponding `doc/SYNTAX.html` file at
-the same time.  
-To do that, simply run `./manage.py markdown > doc/SYNTAX.html`,
-and the tests should pass again.
+<h4>If you want to contribute, here's how we recommend to read the docs:</h4>

+<ul>
+  <li>
+    <p align="justify">
+      First, it's advised to read the about part of the project to understand the goals and the mindset of the current and previous maintainers and know what to expect to learn.
+    </p>
+  </li>
+  <li>
+    <p align="justify">
+      If in the first part you realize that you need more background about what we use, we provide some links to tutorials and documentation at the end of our documentation. Feel free to use it and complete it with what you found helpful.
+    </p>
+  </li>
+  <li>
+    <p align="justify">
+      Keep in mind that this documentation is thought to be read in order.
+    </p>
+  </li>
+</ul>

+> This project is licensed under GNU GPL, see the LICENSE file at the top of the repository for more details.
--- a/TODO.md
+++ b/TODO.md
@ -1,9 +0,0 @@
-# TODO
-
-## Easter eggs
-
-  * 'A' 'L' 'L' 'O': Entendre le Allooo de Madame Coucoune
-  * idem avec cacafe
-  * Un meat spin quelque part
-  * Konami code
-
--- a/accounting/init.py
+++ b/accounting/init.py
@ -1,23 +1,15 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #
--- a/accounting/admin.py
+++ b/accounting/admin.py
@ -1,24 +1,16 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #

--- a/accounting/migrations/0001_initial.py
+++ b/accounting/migrations/0001_initial.py
@ -4,10 +4,10 @@ from __future__ import unicode_literals
 from django.db import migrations, models
 import django.core.validators
 import accounting.models
+import django.db.models.deletion


 class Migration(migrations.Migration):
-
    dependencies = []

    operations = [
@ -243,6 +243,7 @@ class Migration(migrations.Migration):
                        verbose_name="accounting type",
                        to="accounting.AccountingType",
                        blank=True,
+                        on_delete=django.db.models.deletion.CASCADE,
                    ),
                ),
            ],
@ -267,6 +268,7 @@ class Migration(migrations.Migration):
                        verbose_name="simplified accounting types",
                        to="accounting.AccountingType",
                        related_name="simplified_types",
+                        on_delete=django.db.models.deletion.CASCADE,
                    ),
                ),
            ],
--- a/accounting/migrations/0002_auto_20160824_2152.py
+++ b/accounting/migrations/0002_auto_20160824_2152.py
@ -2,10 +2,10 @@
 from __future__ import unicode_literals

 from django.db import migrations, models
+import django.db.models.deletion


 class Migration(migrations.Migration):
-
    dependencies = [
        ("club", "0001_initial"),
        ("accounting", "0001_initial"),
@ -22,6 +22,7 @@ class Migration(migrations.Migration):
                verbose_name="invoice",
                to="core.SithFile",
                blank=True,
+                on_delete=django.db.models.deletion.CASCADE,
            ),
        ),
        migrations.AddField(
@ -31,12 +32,14 @@ class Migration(migrations.Migration):
                verbose_name="journal",
                to="accounting.GeneralJournal",
                related_name="operations",
+                on_delete=django.db.models.deletion.CASCADE,
            ),
        ),
        migrations.AddField(
            model_name="operation",
            name="linked_operation",
            field=models.OneToOneField(
+                on_delete=django.db.models.deletion.CASCADE,
                blank=True,
                to="accounting.Operation",
                null=True,
@ -54,6 +57,7 @@ class Migration(migrations.Migration):
                verbose_name="simple type",
                to="accounting.SimplifiedAccountingType",
                blank=True,
+                on_delete=django.db.models.deletion.CASCADE,
            ),
        ),
        migrations.AddField(
@ -63,6 +67,7 @@ class Migration(migrations.Migration):
                verbose_name="club account",
                to="accounting.ClubAccount",
                related_name="journals",
+                on_delete=django.db.models.deletion.CASCADE,
            ),
        ),
        migrations.AddField(
@ -72,20 +77,27 @@ class Migration(migrations.Migration):
                verbose_name="bank account",
                to="accounting.BankAccount",
                related_name="club_accounts",
+                on_delete=django.db.models.deletion.CASCADE,
            ),
        ),
        migrations.AddField(
            model_name="clubaccount",
            name="club",
            field=models.ForeignKey(
-                verbose_name="club", to="club.Club", related_name="club_account"
+                verbose_name="club",
+                to="club.Club",
+                related_name="club_account",
+                on_delete=django.db.models.deletion.CASCADE,
            ),
        ),
        migrations.AddField(
            model_name="bankaccount",
            name="club",
            field=models.ForeignKey(
-                verbose_name="club", to="club.Club", related_name="bank_accounts"
+                verbose_name="club",
+                to="club.Club",
+                related_name="bank_accounts",
+                on_delete=django.db.models.deletion.CASCADE,
            ),
        ),
        migrations.AlterUniqueTogether(
--- a/accounting/migrations/0003_auto_20160824_2203.py
+++ b/accounting/migrations/0003_auto_20160824_2203.py
@ -6,7 +6,6 @@ import phonenumber_field.modelfields


 class Migration(migrations.Migration):
-
    dependencies = [("accounting", "0002_auto_20160824_2152")]

    operations = [
--- a/accounting/migrations/0004_auto_20161005_1505.py
+++ b/accounting/migrations/0004_auto_20161005_1505.py
@ -6,7 +6,6 @@ import django.db.models.deletion


 class Migration(migrations.Migration):
-
    dependencies = [("accounting", "0003_auto_20160824_2203")]

    operations = [
@ -29,6 +28,7 @@ class Migration(migrations.Migration):
                        related_name="labels",
                        verbose_name="club account",
                        to="accounting.ClubAccount",
+                        on_delete=django.db.models.deletion.CASCADE,
                    ),
                ),
            ],
--- a/accounting/migrations/0005_auto_20170324_0917.py
+++ b/accounting/migrations/0005_auto_20170324_0917.py
@ -5,7 +5,6 @@ from django.db import migrations, models


 class Migration(migrations.Migration):
-
    dependencies = [("accounting", "0004_auto_20161005_1505")]

    operations = [
--- a/accounting/models.py
+++ b/accounting/models.py
@ -1,33 +1,25 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #

-from django.core.urlresolvers import reverse
+from django.urls import reverse
 from django.core.exceptions import ValidationError
 from django.core import validators
 from django.db import models
 from django.conf import settings
-from django.utils.translation import ugettext_lazy as _
+from django.utils.translation import gettext_lazy as _
 from django.template import defaultfilters

 from phonenumber_field.modelfields import PhoneNumberField
@ -74,7 +66,7 @@ class Company(models.Model):
        """
        Method to see if that object can be edited by the given user
        """
-        if user.is_in_group(settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
+        if user.is_in_group(pk=settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
            return True
        return False

@ -110,7 +102,12 @@ class BankAccount(models.Model):
    name = models.CharField(_("name"), max_length=30)
    iban = models.CharField(_("iban"), max_length=255, blank=True)
    number = models.CharField(_("account number"), max_length=255, blank=True)
-    club = models.ForeignKey(Club, related_name="bank_accounts", verbose_name=_("club"))
+    club = models.ForeignKey(
+        Club,
+        related_name="bank_accounts",
+        verbose_name=_("club"),
+        on_delete=models.CASCADE,
+    )

    class Meta:
        verbose_name = _("Bank account")
@ -120,7 +117,9 @@ class BankAccount(models.Model):
        """
        Method to see if that object can be edited by the given user
        """
-        if user.is_in_group(settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
+        if user.is_anonymous:
+            return False
+        if user.is_in_group(pk=settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
            return True
        m = self.club.get_membership_for(user)
        if m is not None and m.role >= settings.SITH_CLUB_ROLES_ID["Treasurer"]:
@ -136,9 +135,17 @@ class BankAccount(models.Model):

 class ClubAccount(models.Model):
    name = models.CharField(_("name"), max_length=30)
-    club = models.ForeignKey(Club, related_name="club_account", verbose_name=_("club"))
+    club = models.ForeignKey(
+        Club,
+        related_name="club_account",
+        verbose_name=_("club"),
+        on_delete=models.CASCADE,
+    )
    bank_account = models.ForeignKey(
-        BankAccount, related_name="club_accounts", verbose_name=_("bank account")
+        BankAccount,
+        related_name="club_accounts",
+        verbose_name=_("bank account"),
+        on_delete=models.CASCADE,
    )

    class Meta:
@ -149,7 +156,9 @@ class ClubAccount(models.Model):
        """
        Method to see if that object can be edited by the given user
        """
-        if user.is_in_group(settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
+        if user.is_anonymous:
+            return False
+        if user.is_in_group(pk=settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
            return True
        return False

@ -203,7 +212,11 @@ class GeneralJournal(models.Model):
    name = models.CharField(_("name"), max_length=40)
    closed = models.BooleanField(_("is closed"), default=False)
    club_account = models.ForeignKey(
-        ClubAccount, related_name="journals", null=False, verbose_name=_("club account")
+        ClubAccount,
+        related_name="journals",
+        null=False,
+        verbose_name=_("club account"),
+        on_delete=models.CASCADE,
    )
    amount = CurrencyField(_("amount"), default=0)
    effective_amount = CurrencyField(_("effective_amount"), default=0)
@ -216,7 +229,9 @@ class GeneralJournal(models.Model):
        """
        Method to see if that object can be edited by the given user
        """
-        if user.is_in_group(settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
+        if user.is_anonymous:
+            return False
+        if user.is_in_group(pk=settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
            return True
        if self.club_account.can_be_edited_by(user):
            return True
@ -226,7 +241,7 @@ class GeneralJournal(models.Model):
        """
        Method to see if that object can be edited by the given user
        """
-        if user.is_in_group(settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
+        if user.is_in_group(pk=settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
            return True
        if self.club_account.can_be_edited_by(user):
            return True
@ -263,7 +278,11 @@ class Operation(models.Model):

    number = models.IntegerField(_("number"))
    journal = models.ForeignKey(
-        GeneralJournal, related_name="operations", null=False, verbose_name=_("journal")
+        GeneralJournal,
+        related_name="operations",
+        null=False,
+        verbose_name=_("journal"),
+        on_delete=models.CASCADE,
    )
    amount = CurrencyField(_("amount"))
    date = models.DateField(_("date"))
@ -282,6 +301,7 @@ class Operation(models.Model):
        verbose_name=_("invoice"),
        null=True,
        blank=True,
+        on_delete=models.CASCADE,
    )
    done = models.BooleanField(_("is done"), default=False)
    simpleaccounting_type = models.ForeignKey(
@ -290,6 +310,7 @@ class Operation(models.Model):
        verbose_name=_("simple type"),
        null=True,
        blank=True,
+        on_delete=models.CASCADE,
    )
    accounting_type = models.ForeignKey(
        "AccountingType",
@ -297,6 +318,7 @@ class Operation(models.Model):
        verbose_name=_("accounting type"),
        null=True,
        blank=True,
+        on_delete=models.CASCADE,
    )
    label = models.ForeignKey(
        "Label",
@ -328,6 +350,7 @@ class Operation(models.Model):
        null=True,
        blank=True,
        default=None,
+        on_delete=models.CASCADE,
    )

    class Meta:
@ -397,7 +420,9 @@ class Operation(models.Model):
        """
        Method to see if that object can be edited by the given user
        """
-        if user.is_in_group(settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
+        if user.is_anonymous:
+            return False
+        if user.is_in_group(pk=settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
            return True
        if self.journal.closed:
            return False
@ -410,7 +435,7 @@ class Operation(models.Model):
        """
        Method to see if that object can be edited by the given user
        """
-        if user.is_in_group(settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
+        if user.is_in_group(pk=settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
            return True
        if self.journal.closed:
            return False
@ -466,7 +491,9 @@ class AccountingType(models.Model):
        """
        Method to see if that object can be edited by the given user
        """
-        if user.is_in_group(settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
+        if user.is_anonymous:
+            return False
+        if user.is_in_group(pk=settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
            return True
        return False

@ -487,6 +514,7 @@ class SimplifiedAccountingType(models.Model):
        AccountingType,
        related_name="simplified_types",
        verbose_name=_("simplified accounting types"),
+        on_delete=models.CASCADE,
    )

    class Meta:
@ -518,7 +546,10 @@ class Label(models.Model):

    name = models.CharField(_("label"), max_length=64)
    club_account = models.ForeignKey(
-        ClubAccount, related_name="labels", verbose_name=_("club account")
+        ClubAccount,
+        related_name="labels",
+        verbose_name=_("club account"),
+        on_delete=models.CASCADE,
    )

    class Meta:
@ -533,6 +564,8 @@ class Label(models.Model):
        )

    def is_owned_by(self, user):
+        if user.is_anonymous:
+            return False
        return self.club_account.is_owned_by(user)

    def can_be_edited_by(self, user):
--- a/accounting/templates/accounting/bank_account_details.jinja
+++ b/accounting/templates/accounting/bank_account_details.jinja
@ -12,7 +12,7 @@
        </p>
        <hr>
        <h2>{% trans %}Bank account: {% endtrans %}{{ object.name }}</h2>
-        {% if user.is_in_group(settings.SITH_GROUP_ACCOUNTING_ADMIN_ID) and not object.club_accounts.exists() %}
+        {% if user.is_in_group(pk=settings.SITH_GROUP_ACCOUNTING_ADMIN_ID) and not object.club_accounts.exists() %}
        <a href="{{ url('accounting:bank_delete', b_account_id=object.id) }}">{% trans %}Delete{% endtrans %}</a>
        {% endif %}
        <h4>{% trans %}Infos{% endtrans %}</h4>
--- a/accounting/templates/accounting/bank_account_list.jinja
+++ b/accounting/templates/accounting/bank_account_list.jinja
@ -9,7 +9,7 @@
        <h4>
        {% trans %}Accounting{% endtrans %}
        </h4>
-        {% if user.is_in_group(settings.SITH_GROUP_ACCOUNTING_ADMIN_ID) %}
+        {% if user.is_in_group(pk=settings.SITH_GROUP_ACCOUNTING_ADMIN_ID) %}
        <p><a href="{{ url('accounting:simple_type_list') }}">{% trans %}Manage simplified types{% endtrans %}</a></p>
        <p><a href="{{ url('accounting:type_list') }}">{% trans %}Manage accounting types{% endtrans %}</a></p>
        <p><a href="{{ url('accounting:bank_new') }}">{% trans %}New bank account{% endtrans %}</a></p>
--- a/accounting/templates/accounting/club_account_details.jinja
+++ b/accounting/templates/accounting/club_account_details.jinja
@ -16,7 +16,7 @@
        {% if user.is_root and not object.journals.exists() %}
        <a href="{{ url('accounting:club_delete', c_account_id=object.id) }}">{% trans %}Delete{% endtrans %}</a>
        {% endif %}
-        {% if user.is_in_group(settings.SITH_GROUP_ACCOUNTING_ADMIN_ID) %}
+        {% if user.is_in_group(pk=settings.SITH_GROUP_ACCOUNTING_ADMIN_ID) %}
        <p><a href="{{ url('accounting:label_new') }}?parent={{ object.id }}">{% trans %}New label{% endtrans %}</a></p>
        {% endif %}
        <p><a href="{{ url('accounting:label_list', clubaccount_id=object.id) }}">{% trans %}Label list{% endtrans %}</a></p>
@ -56,7 +56,7 @@
                {% endif %}
                <td> <a href="{{ url('accounting:journal_details', j_id=j.id) }}">{% trans %}View{% endtrans %}</a>
                    <a href="{{ url('accounting:journal_edit', j_id=j.id) }}">{% trans %}Edit{% endtrans %}</a>
-                    {% if user.is_in_group(settings.SITH_GROUP_ACCOUNTING_ADMIN_ID) and j.operations.count() == 0 %}
+                    {% if user.is_in_group(pk=settings.SITH_GROUP_ACCOUNTING_ADMIN_ID) and j.operations.count() == 0 %}
                        <a href="{{ url('accounting:journal_delete', j_id=j.id) }}">{% trans %}Delete{% endtrans %}</a>
                    {% endif %}
                    </td>
--- a/accounting/templates/accounting/co_list.jinja
+++ b/accounting/templates/accounting/co_list.jinja
@ -6,11 +6,12 @@

 {% block content %}
    <div id="accounting">
-        {% if user.is_in_group(settings.SITH_GROUP_ACCOUNTING_ADMIN_ID) or user.is_root %}
+        {% if user.is_root
+           or user.is_in_group(pk=settings.SITH_GROUP_ACCOUNTING_ADMIN_ID)
+        %}
        <p><a href="{{ url('accounting:co_new') }}">{% trans %}Create new company{% endtrans %}</a></p>
        {% endif %}
-
-        </br>
+        <br/>
        <table>
            <thead>
            <tr>
--- a/accounting/templates/accounting/journal_details.jinja
+++ b/accounting/templates/accounting/journal_details.jinja
@ -84,10 +84,13 @@
                <td>-</td>
                {% endif %}
                <td>
-                    {% if o.journal.club_account.bank_account.name != "AE TI" and o.journal.club_account.bank_account.name != "TI" or user.is_in_group(settings.SITH_GROUP_ACCOUNTING_ADMIN_ID) %}
-                    {% if not o.journal.closed %}
-                    <a href="{{ url('accounting:op_edit', op_id=o.id) }}">{% trans %}Edit{% endtrans %}</a>
-                    {% endif %}
+                    {%
+                        if o.journal.club_account.bank_account.name not in ["AE TI", "TI"]
+                        or user.is_in_group(pk=settings.SITH_GROUP_ACCOUNTING_ADMIN_ID)
+                    %}
+                        {% if not o.journal.closed %}
+                            <a href="{{ url('accounting:op_edit', op_id=o.id) }}">{% trans %}Edit{% endtrans %}</a>
+                        {% endif %}
                    {% endif %}
                </td>
                <td><a href="{{ url('accounting:op_pdf', op_id=o.id) }}">{% trans %}Generate{% endtrans %}</a></td>
--- a/accounting/templates/accounting/journal_statement_accounting.jinja
+++ b/accounting/templates/accounting/journal_statement_accounting.jinja
@ -20,14 +20,14 @@
            {% for k,v in statement.items() %}
            <tr>
                <td>{{ k }}</td>
-                <td>{{ v }}</td>
+                <td>{{ "%.2f" % v }}</td>
            </tr>
            {% endfor %}
        </tbody>

    </table>

-    <p><strong>{% trans %}Amount: {% endtrans %}</strong>{{ object.amount }} €</p>
-    <p><strong>{% trans %}Effective amount: {% endtrans %}</strong>{{ object.effective_amount }} €</p>
+    <p><strong>{% trans %}Amount: {% endtrans %}</strong>{{ "%.2f" % object.amount }} €</p>
+    <p><strong>{% trans %}Effective amount: {% endtrans %}</strong>{{ "%.2f" %object.effective_amount }} €</p>
 </div>
 {% endblock %}
--- a/accounting/templates/accounting/journal_statement_nature.jinja
+++ b/accounting/templates/accounting/journal_statement_nature.jinja
@ -18,12 +18,12 @@
            {% for k,v in dict['CREDIT'].items() %}
            <tr>
                <td>{{ k }}</td>
-                <td>{{ v }}</td>
+                <td>{{ "%.2f" % v }}</td>
            </tr>
            {% endfor %}
        </tbody>
    </table>
-    {% trans %}Total: {% endtrans %}{{ dict['CREDIT_sum'] }}
+    {% trans %}Total: {% endtrans %}{{ "%.2f" % dict['CREDIT_sum'] }}

    <h6>{% trans %}Debit{% endtrans %}</h6>
    <table>
@ -37,19 +37,19 @@
            {% for k,v in dict['DEBIT'].items() %}
            <tr>
                <td>{{ k }}</td>
-                <td>{{ v }}</td>
+                <td>{{ "%.2f" % v }}</td>
            </tr>
            {% endfor %}
        </tbody>
    </table>
-    {% trans %}Total: {% endtrans %}{{ dict['DEBIT_sum'] }}
+    {% trans %}Total: {% endtrans %}{{ "%.2f" % dict['DEBIT_sum'] }}
    {% endmacro %}

    {% block content %}
    <h3>{% trans %}Statement by nature: {% endtrans %} {{ object.name }}</h3>

    {% for k,v in statement.items() %}
-        <h4 style="background: lightblue; padding: 4px;">{{ k }} : {{ v['CREDIT_sum'] - v['DEBIT_sum'] }}</h4>
+        <h4 style="background: lightblue; padding: 4px;">{{ k }} : {{ "%.2f" % (v['CREDIT_sum'] - v['DEBIT_sum']) }}</h4>
    {{ display_tables(v) }}
    <hr>
    {% endfor %}
--- a/accounting/templates/accounting/journal_statement_person.jinja
+++ b/accounting/templates/accounting/journal_statement_person.jinja
@ -28,14 +28,14 @@
                {% else %}
                <td></td>
                {% endif %}
-                <td>{{ credit_statement[key] }}</td>
+                <td>{{ "%.2f" % credit_statement[key] }}</td>
            </tr>
            {% endfor %}
        </tbody>

    </table>

-    <p>Total : {{ total_credit }}</p>
+    <p>Total : {{ "%.2f" % total_credit }}</p>

    <h4>{% trans %}Debit{% endtrans %}</h4>

@ -56,13 +56,13 @@
                {% else %}
                <td></td>
                {% endif %}
-                <td>{{ debit_statement[key] }}</td>
+                <td>{{ "%.2f" % debit_statement[key] }}</td>
            </tr>
            {% endfor %}
        </tbody>

    </table>

-    <p>Total : {{ total_debit }}</p>
+    <p>Total : {{ "%.2f" % total_debit }}</p>
 </div>
 {% endblock %}
--- a/accounting/templates/accounting/label_list.jinja
+++ b/accounting/templates/accounting/label_list.jinja
@ -13,7 +13,7 @@
        </p>
        <hr>
        <p><a href="{{ url('accounting:club_details', c_account_id=object.id) }}">{% trans %}Back to club account{% endtrans %}</a></p>
-        {% if user.is_in_group(settings.SITH_GROUP_ACCOUNTING_ADMIN_ID) %}
+        {% if user.is_in_group(pk=settings.SITH_GROUP_ACCOUNTING_ADMIN_ID) %}
        <p><a href="{{ url('accounting:label_new') }}?parent={{ object.id }}">{% trans %}New label{% endtrans %}</a></p>
        {% endif %}
        {% if object.labels.all() %}
@ -21,7 +21,7 @@
        <ul>
            {% for l in object.labels.all()  %}
            <li><a href="{{ url('accounting:label_edit', label_id=l.id) }}">{{ l }}</a>
-            {% if user.is_in_group(settings.SITH_GROUP_ACCOUNTING_ADMIN_ID) %}
+            {% if user.is_in_group(pk=settings.SITH_GROUP_ACCOUNTING_ADMIN_ID) %}
             -
                <a href="{{ url('accounting:label_delete', label_id=l.id) }}">{% trans %}Delete{% endtrans %}</a>
            {% endif %}
--- a/accounting/tests.py
+++ b/accounting/tests.py
@ -1,31 +1,23 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #

 from django.test import TestCase
-from django.core.urlresolvers import reverse
+from django.urls import reverse
 from django.core.management import call_command
-from datetime import date
+from datetime import date, timedelta

 from core.models import User
 from accounting.models import (
@ -39,7 +31,6 @@ from accounting.models import (

 class RefoundAccountTest(TestCase):
    def setUp(self):
-        call_command("populate")
        self.skia = User.objects.filter(username="skia").first()
        # reffil skia's account
        self.skia.customer.amount = 800
@ -81,7 +72,6 @@ class RefoundAccountTest(TestCase):

 class JournalTest(TestCase):
    def setUp(self):
-        call_command("populate")
        self.journal = GeneralJournal.objects.filter(id=1).first()

    def test_permission_granted(self):
@ -109,7 +99,9 @@ class JournalTest(TestCase):

 class OperationTest(TestCase):
    def setUp(self):
-        call_command("populate")
+        self.tomorrow_formatted = (date.today() + timedelta(days=1)).strftime(
+            "%d/%m/%Y"
+        )
        self.journal = GeneralJournal.objects.filter(id=1).first()
        self.skia = User.objects.filter(username="skia").first()
        at = AccountingType(
@ -158,7 +150,7 @@ class OperationTest(TestCase):
                "target_type": "OTHER",
                "target_id": "",
                "target_label": "Le fantome de la nuit",
-                "date": "04/12/2020",
+                "date": self.tomorrow_formatted,
                "mode": "CASH",
                "cheque_number": "",
                "invoice": "",
@ -191,7 +183,7 @@ class OperationTest(TestCase):
                "target_type": "OTHER",
                "target_id": "",
                "target_label": "Le fantome de la nuit",
-                "date": "04/12/2020",
+                "date": self.tomorrow_formatted,
                "mode": "CASH",
                "cheque_number": "",
                "invoice": "",
@ -218,7 +210,7 @@ class OperationTest(TestCase):
                "target_type": "OTHER",
                "target_id": "",
                "target_label": "Le fantome du jour",
-                "date": "04/12/2020",
+                "date": self.tomorrow_formatted,
                "mode": "CASH",
                "cheque_number": "",
                "invoice": "",
@ -245,7 +237,7 @@ class OperationTest(TestCase):
                "target_type": "OTHER",
                "target_id": "",
                "target_label": "Le fantome de l'aurore",
-                "date": "04/12/2020",
+                "date": self.tomorrow_formatted,
                "mode": "CASH",
                "cheque_number": "",
                "invoice": "",
@ -272,30 +264,50 @@ class OperationTest(TestCase):

    def test_nature_statement(self):
        self.client.login(username="comptable", password="plop")
-        response_get = self.client.get(
+        response = self.client.get(
            reverse("accounting:journal_nature_statement", args=[self.journal.id])
        )
-        self.assertTrue(
-            "bob (Troll Pench\\xc3\\xa9) : 3.00" in str(response_get.content)
-        )
+        self.assertContains(response, "bob (Troll Penché) : 3.00", status_code=200)

    def test_person_statement(self):
        self.client.login(username="comptable", password="plop")
-        response_get = self.client.get(
+        response = self.client.get(
            reverse("accounting:journal_person_statement", args=[self.journal.id])
        )
-        self.assertTrue(
-            "<td>3.00</td>" in str(response_get.content)
-            and '<td><a href="/user/1/">S&#39; Kia</a></td>'
-            in str(response_get.content)
+        self.assertContains(response, "Total : 5575.72", status_code=200)
+        self.assertContains(response, "Total : 71.42")
+        self.assertContains(
+            response,
+            """
+                <td><a href="/user/1/">S&#39; Kia</a></td>
+                
+                <td>3.00</td>""",
+        )
+        self.assertContains(
+            response,
+            """
+                <td><a href="/user/1/">S&#39; Kia</a></td>
+                
+                <td>823.00</td>""",
        )

    def test_accounting_statement(self):
        self.client.login(username="comptable", password="plop")
-        response_get = self.client.get(
+        response = self.client.get(
            reverse("accounting:journal_accounting_statement", args=[self.journal.id])
        )
-        self.assertTrue(
-            "<td>443 - Cr\\xc3\\xa9dit - Ce code n&#39;existe pas</td>"
-            in str(response_get.content)
+        self.assertContains(
+            response,
+            """
+            <tr>
+                <td>443 - Crédit - Ce code n&#39;existe pas</td>
+                <td>3.00</td>
+            </tr>""",
+            status_code=200,
+        )
+        self.assertContains(
+            response,
+            """
+    <p><strong>Montant : </strong>-5504.30 €</p>
+    <p><strong>Montant effectif: </strong>-5504.30 €</p>""",
        )
--- a/accounting/urls.py
+++ b/accounting/urls.py
@ -1,152 +1,140 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #

-from django.conf.urls import url
+from django.urls import path

 from accounting.views import *

 urlpatterns = [
    # Accounting types
-    url(
-        r"^simple_type$",
+    path(
+        "simple_type/",
        SimplifiedAccountingTypeListView.as_view(),
        name="simple_type_list",
    ),
-    url(
-        r"^simple_type/create$",
+    path(
+        "simple_type/create/",
        SimplifiedAccountingTypeCreateView.as_view(),
        name="simple_type_new",
    ),
-    url(
-        r"^simple_type/(?P<type_id>[0-9]+)/edit$",
+    path(
+        "simple_type/<int:type_id>/edit/",
        SimplifiedAccountingTypeEditView.as_view(),
        name="simple_type_edit",
    ),
    # Accounting types
-    url(r"^type$", AccountingTypeListView.as_view(), name="type_list"),
-    url(r"^type/create$", AccountingTypeCreateView.as_view(), name="type_new"),
-    url(
-        r"^type/(?P<type_id>[0-9]+)/edit$",
+    path("type/", AccountingTypeListView.as_view(), name="type_list"),
+    path("type/create/", AccountingTypeCreateView.as_view(), name="type_new"),
+    path(
+        "type/<int:type_id>/edit/",
        AccountingTypeEditView.as_view(),
        name="type_edit",
    ),
    # Bank accounts
-    url(r"^$", BankAccountListView.as_view(), name="bank_list"),
-    url(r"^bank/create$", BankAccountCreateView.as_view(), name="bank_new"),
-    url(
-        r"^bank/(?P<b_account_id>[0-9]+)$",
+    path("", BankAccountListView.as_view(), name="bank_list"),
+    path("bank/create", BankAccountCreateView.as_view(), name="bank_new"),
+    path(
+        "bank/<int:b_account_id>/",
        BankAccountDetailView.as_view(),
        name="bank_details",
    ),
-    url(
-        r"^bank/(?P<b_account_id>[0-9]+)/edit$",
+    path(
+        "bank/<int:b_account_id>/edit/",
        BankAccountEditView.as_view(),
        name="bank_edit",
    ),
-    url(
-        r"^bank/(?P<b_account_id>[0-9]+)/delete$",
+    path(
+        "bank/<int:b_account_id>/delete/",
        BankAccountDeleteView.as_view(),
        name="bank_delete",
    ),
    # Club accounts
-    url(r"^club/create$", ClubAccountCreateView.as_view(), name="club_new"),
-    url(
-        r"^club/(?P<c_account_id>[0-9]+)$",
+    path("club/create/", ClubAccountCreateView.as_view(), name="club_new"),
+    path(
+        "club/<int:c_account_id>/",
        ClubAccountDetailView.as_view(),
        name="club_details",
    ),
-    url(
-        r"^club/(?P<c_account_id>[0-9]+)/edit$",
+    path(
+        "club/<int:c_account_id>/edit/",
        ClubAccountEditView.as_view(),
        name="club_edit",
    ),
-    url(
-        r"^club/(?P<c_account_id>[0-9]+)/delete$",
+    path(
+        "club/<int:c_account_id>/delete/",
        ClubAccountDeleteView.as_view(),
        name="club_delete",
    ),
    # Journals
-    url(r"^journal/create$", JournalCreateView.as_view(), name="journal_new"),
-    url(
-        r"^journal/(?P<j_id>[0-9]+)$",
+    path("journal/create/", JournalCreateView.as_view(), name="journal_new"),
+    path(
+        "journal/<int:j_id>/",
        JournalDetailView.as_view(),
        name="journal_details",
    ),
-    url(
-        r"^journal/(?P<j_id>[0-9]+)/edit$",
+    path(
+        "journal/<int:j_id>/edit/",
        JournalEditView.as_view(),
        name="journal_edit",
    ),
-    url(
-        r"^journal/(?P<j_id>[0-9]+)/delete$",
+    path(
+        "journal/<int:j_id>/delete/",
        JournalDeleteView.as_view(),
        name="journal_delete",
    ),
-    url(
-        r"^journal/(?P<j_id>[0-9]+)/statement/nature$",
+    path(
+        "journal/<int:j_id>/statement/nature/",
        JournalNatureStatementView.as_view(),
        name="journal_nature_statement",
    ),
-    url(
-        r"^journal/(?P<j_id>[0-9]+)/statement/person$",
+    path(
+        "journal/<int:j_id>/statement/person/",
        JournalPersonStatementView.as_view(),
        name="journal_person_statement",
    ),
-    url(
-        r"^journal/(?P<j_id>[0-9]+)/statement/accounting$",
+    path(
+        "journal/<int:j_id>/statement/accounting/",
        JournalAccountingStatementView.as_view(),
        name="journal_accounting_statement",
    ),
    # Operations
-    url(
-        r"^operation/create/(?P<j_id>[0-9]+)$",
+    path(
+        "operation/create/<int:j_id>/",
        OperationCreateView.as_view(),
        name="op_new",
    ),
-    url(r"^operation/(?P<op_id>[0-9]+)$", OperationEditView.as_view(), name="op_edit"),
-    url(
-        r"^operation/(?P<op_id>[0-9]+)/pdf$", OperationPDFView.as_view(), name="op_pdf"
-    ),
+    path("operation/<int:op_id>/", OperationEditView.as_view(), name="op_edit"),
+    path("operation/<int:op_id>/pdf/", OperationPDFView.as_view(), name="op_pdf"),
    # Companies
-    url(r"^company/list$", CompanyListView.as_view(), name="co_list"),
-    url(r"^company/create$", CompanyCreateView.as_view(), name="co_new"),
-    url(r"^company/(?P<co_id>[0-9]+)$", CompanyEditView.as_view(), name="co_edit"),
+    path("company/list/", CompanyListView.as_view(), name="co_list"),
+    path("company/create/", CompanyCreateView.as_view(), name="co_new"),
+    path("company/<int:co_id>/", CompanyEditView.as_view(), name="co_edit"),
    # Labels
-    url(r"^label/new$", LabelCreateView.as_view(), name="label_new"),
-    url(
-        r"^label/(?P<clubaccount_id>[0-9]+)$",
+    path("label/new/", LabelCreateView.as_view(), name="label_new"),
+    path(
+        "label/<int:clubaccount_id>/",
        LabelListView.as_view(),
        name="label_list",
    ),
-    url(
-        r"^label/(?P<label_id>[0-9]+)/edit$", LabelEditView.as_view(), name="label_edit"
-    ),
-    url(
-        r"^label/(?P<label_id>[0-9]+)/delete$",
+    path("label/<int:label_id>/edit/", LabelEditView.as_view(), name="label_edit"),
+    path(
+        "label/<int:label_id>/delete/",
        LabelDeleteView.as_view(),
        name="label_delete",
    ),
    # User account
-    url(r"^refound/account$", RefoundAccountView.as_view(), name="refound_account"),
+    path("refound/account/", RefoundAccountView.as_view(), name="refound_account"),
 ]
--- a/accounting/views.py
+++ b/accounting/views.py
@ -1,31 +1,23 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #

 from django.views.generic import ListView, DetailView
 from django.views.generic.edit import UpdateView, CreateView, DeleteView, FormView
-from django.core.urlresolvers import reverse_lazy, reverse
-from django.utils.translation import ugettext_lazy as _
+from django.urls import reverse_lazy, reverse
+from django.utils.translation import gettext_lazy as _
 from django.forms.models import modelform_factory
 from django.core.exceptions import PermissionDenied, ValidationError
 from django.forms import HiddenInput
@ -496,7 +488,7 @@ class OperationCreateView(CanCreateMixin, CreateView):
        return ret

    def get_context_data(self, **kwargs):
-        """ Add journal to the context """
+        """Add journal to the context"""
        kwargs = super(OperationCreateView, self).get_context_data(**kwargs)
        if self.journal:
            kwargs["object"] = self.journal
@ -514,7 +506,7 @@ class OperationEditView(CanEditMixin, UpdateView):
    template_name = "accounting/operation_edit.jinja"

    def get_context_data(self, **kwargs):
-        """ Add journal to the context """
+        """Add journal to the context"""
        kwargs = super(OperationEditView, self).get_context_data(**kwargs)
        kwargs["object"] = self.object.journal
        return kwargs
@ -735,7 +727,7 @@ class JournalNatureStatementView(JournalTabsMixin, CanViewMixin, DetailView):
        return statement

    def get_context_data(self, **kwargs):
-        """ Add infos to the context """
+        """Add infos to the context"""
        kwargs = super(JournalNatureStatementView, self).get_context_data(**kwargs)
        kwargs["statement"] = self.big_statement()
        return kwargs
@ -774,7 +766,7 @@ class JournalPersonStatementView(JournalTabsMixin, CanViewMixin, DetailView):
        return sum(self.statement(movement_type).values())

    def get_context_data(self, **kwargs):
-        """ Add journal to the context """
+        """Add journal to the context"""
        kwargs = super(JournalPersonStatementView, self).get_context_data(**kwargs)
        kwargs["credit_statement"] = self.statement("CREDIT")
        kwargs["debit_statement"] = self.statement("DEBIT")
@ -804,7 +796,7 @@ class JournalAccountingStatementView(JournalTabsMixin, CanViewMixin, DetailView)
        return statement

    def get_context_data(self, **kwargs):
-        """ Add journal to the context """
+        """Add journal to the context"""
        kwargs = super(JournalAccountingStatementView, self).get_context_data(**kwargs)
        kwargs["statement"] = self.statement()
        return kwargs
@ -899,7 +891,7 @@ class RefoundAccountView(FormView):
    form_class = CloseCustomerAccountForm

    def permission(self, user):
-        if user.is_root or user.is_in_group(settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
+        if user.is_root or user.is_in_group(pk=settings.SITH_GROUP_ACCOUNTING_ADMIN_ID):
            return True
        else:
            raise PermissionDenied
--- a/api/init.py
+++ b/api/init.py
@ -1,23 +1,15 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #
--- a/api/admin.py
+++ b/api/admin.py
@ -1,24 +1,16 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #

--- a/api/models.py
+++ b/api/models.py
@ -1,24 +1,16 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #

--- a/api/tests.py
+++ b/api/tests.py
@ -1,24 +1,16 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #

--- a/api/urls.py
+++ b/api/urls.py
@ -1,56 +1,50 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #

-from django.conf.urls import url, include
+from django.urls import re_path, path, include

 from api.views import *
 from rest_framework import routers

 # Router config
 router = routers.DefaultRouter()
-router.register(r"counter", CounterViewSet, base_name="api_counter")
-router.register(r"user", UserViewSet, base_name="api_user")
-router.register(r"club", ClubViewSet, base_name="api_club")
-router.register(r"group", GroupViewSet, base_name="api_group")
+router.register(r"counter", CounterViewSet, basename="api_counter")
+router.register(r"user", UserViewSet, basename="api_user")
+router.register(r"club", ClubViewSet, basename="api_club")
+router.register(r"group", GroupViewSet, basename="api_group")

 # Launderette
 router.register(
-    r"launderette/place", LaunderettePlaceViewSet, base_name="api_launderette_place"
+    r"launderette/place", LaunderettePlaceViewSet, basename="api_launderette_place"
 )
 router.register(
    r"launderette/machine",
    LaunderetteMachineViewSet,
-    base_name="api_launderette_machine",
+    basename="api_launderette_machine",
 )
 router.register(
-    r"launderette/token", LaunderetteTokenViewSet, base_name="api_launderette_token"
+    r"launderette/token", LaunderetteTokenViewSet, basename="api_launderette_token"
 )

 urlpatterns = [
    # API
-    url(r"^", include(router.urls)),
-    url(r"^login/", include("rest_framework.urls", namespace="rest_framework")),
-    url(r"^markdown$", RenderMarkdown, name="api_markdown"),
-    url(r"^mailings$", FetchMailingLists, name="mailings_fetch"),
+    re_path(r"^", include(router.urls)),
+    re_path(r"^login/", include("rest_framework.urls", namespace="rest_framework")),
+    re_path(r"^markdown$", RenderMarkdown, name="api_markdown"),
+    re_path(r"^mailings$", FetchMailingLists, name="mailings_fetch"),
+    re_path(r"^uv$", uv_endpoint, name="uv_endpoint"),
+    path("sas/<int:user>", all_pictures_of_user_endpoint, name="all_pictures_of_user"),
 ]
--- a/api/views/init.py
+++ b/api/views/init.py
@ -1,31 +1,23 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #

 from rest_framework.response import Response
 from rest_framework import viewsets
 from django.core.exceptions import PermissionDenied
-from rest_framework.decorators import detail_route
+from rest_framework.decorators import action
 from django.db.models.query import QuerySet

 from core.views import can_view, can_edit
@ -33,8 +25,8 @@ from core.views import can_view, can_edit

 def check_if(obj, user, test):
    """
-        Detect if it's a single object or a queryset
-        aply a given test on individual object and return global permission
+    Detect if it's a single object or a queryset
+    aply a given test on individual object and return global permission
    """
    if isinstance(obj, QuerySet):
        for o in obj:
@ -46,10 +38,10 @@ def check_if(obj, user, test):


 class ManageModelMixin:
-    @detail_route()
+    @action(detail=True)
    def id(self, request, pk=None):
        """
-            Get by id (api/v1/router/{pk}/id/)
+        Get by id (api/v1/router/{pk}/id/)
        """
        self.queryset = get_object_or_404(self.queryset.filter(id=pk))
        serializer = self.get_serializer(self.queryset)
@ -77,3 +69,5 @@ from .user import *
 from .club import *
 from .group import *
 from .launderette import *
+from .uv import *
+from .sas import *
--- a/api/views/api.py
+++ b/api/views/api.py
@ -1,31 +1,22 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #

 from rest_framework.response import Response
 from rest_framework.decorators import api_view, renderer_classes
 from rest_framework.renderers import StaticHTMLRenderer
-from rest_framework.views import APIView

 from core.templatetags.renderer import markdown

@ -34,7 +25,7 @@ from core.templatetags.renderer import markdown
@renderer_classes((StaticHTMLRenderer,))
 def RenderMarkdown(request):
    """
-        Render Markdown
+    Render Markdown
    """
    try:
        data = markdown(request.POST["text"])
--- a/api/views/club.py
+++ b/api/views/club.py
@ -1,24 +1,16 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #

@ -43,7 +35,7 @@ class ClubSerializer(serializers.ModelSerializer):

 class ClubViewSet(RightModelViewSet):
    """
-        Manage Clubs (api/v1/club/)
+    Manage Clubs (api/v1/club/)
    """

    serializer_class = ClubSerializer
--- a/api/views/counter.py
+++ b/api/views/counter.py
@ -1,30 +1,22 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #

 from rest_framework import serializers
 from rest_framework.response import Response
-from rest_framework.decorators import list_route
+from rest_framework.decorators import action

 from counter.models import Counter

@ -32,7 +24,6 @@ from api.views import RightModelViewSet


 class CounterSerializer(serializers.ModelSerializer):
-
    is_open = serializers.BooleanField(read_only=True)
    barman_list = serializers.ListField(
        child=serializers.IntegerField(), read_only=True
@ -45,16 +36,16 @@ class CounterSerializer(serializers.ModelSerializer):

 class CounterViewSet(RightModelViewSet):
    """
-        Manage Counters (api/v1/counter/)
+    Manage Counters (api/v1/counter/)
    """

    serializer_class = CounterSerializer
    queryset = Counter.objects.all()

-    @list_route()
+    @action(detail=False)
    def bar(self, request):
        """
-            Return all bars (api/v1/counter/bar/)
+        Return all bars (api/v1/counter/bar/)
        """
        self.queryset = self.queryset.filter(type="BAR")
        serializer = self.get_serializer(self.queryset, many=True)
--- a/api/views/group.py
+++ b/api/views/group.py
@ -1,24 +1,16 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #

@ -36,7 +28,7 @@ class GroupSerializer(serializers.ModelSerializer):

 class GroupViewSet(RightModelViewSet):
    """
-        Manage Groups (api/v1/group/)
+    Manage Groups (api/v1/group/)
    """

    serializer_class = GroupSerializer
--- a/api/views/launderette.py
+++ b/api/views/launderette.py
@ -1,30 +1,22 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #

 from rest_framework import serializers
 from rest_framework.response import Response
-from rest_framework.decorators import list_route
+from rest_framework.decorators import action

 from launderette.models import Launderette, Machine, Token

@ -32,7 +24,6 @@ from api.views import RightModelViewSet


 class LaunderettePlaceSerializer(serializers.ModelSerializer):
-
    machine_list = serializers.ListField(
        child=serializers.IntegerField(), read_only=True
    )
@ -72,7 +63,7 @@ class LaunderetteTokenSerializer(serializers.ModelSerializer):

 class LaunderettePlaceViewSet(RightModelViewSet):
    """
-        Manage Launderette (api/v1/launderette/place/)
+    Manage Launderette (api/v1/launderette/place/)
    """

    serializer_class = LaunderettePlaceSerializer
@ -81,7 +72,7 @@ class LaunderettePlaceViewSet(RightModelViewSet):

 class LaunderetteMachineViewSet(RightModelViewSet):
    """
-        Manage Washing Machines (api/v1/launderette/machine/)
+    Manage Washing Machines (api/v1/launderette/machine/)
    """

    serializer_class = LaunderetteMachineSerializer
@ -90,34 +81,34 @@ class LaunderetteMachineViewSet(RightModelViewSet):

 class LaunderetteTokenViewSet(RightModelViewSet):
    """
-        Manage Launderette's tokens (api/v1/launderette/token/)
+    Manage Launderette's tokens (api/v1/launderette/token/)
    """

    serializer_class = LaunderetteTokenSerializer
    queryset = Token.objects.all()

-    @list_route()
+    @action(detail=False)
    def washing(self, request):
        """
-            Return all washing tokens (api/v1/launderette/token/washing)
+        Return all washing tokens (api/v1/launderette/token/washing)
        """
        self.queryset = self.queryset.filter(type="WASHING")
        serializer = self.get_serializer(self.queryset, many=True)
        return Response(serializer.data)

-    @list_route()
+    @action(detail=False)
    def drying(self, request):
        """
-            Return all drying tokens (api/v1/launderette/token/drying)
+        Return all drying tokens (api/v1/launderette/token/drying)
        """
        self.queryset = self.queryset.filter(type="DRYING")
        serializer = self.get_serializer(self.queryset, many=True)
        return Response(serializer.data)

-    @list_route()
+    @action(detail=False)
    def avaliable(self, request):
        """
-            Return all avaliable tokens (api/v1/launderette/token/avaliable)
+        Return all avaliable tokens (api/v1/launderette/token/avaliable)
        """
        self.queryset = self.queryset.filter(
            borrow_date__isnull=True, user__isnull=True
@ -125,10 +116,10 @@ class LaunderetteTokenViewSet(RightModelViewSet):
        serializer = self.get_serializer(self.queryset, many=True)
        return Response(serializer.data)

-    @list_route()
+    @action(detail=False)
    def unavaliable(self, request):
        """
-            Return all unavaliable tokens (api/v1/launderette/token/unavaliable)
+        Return all unavaliable tokens (api/v1/launderette/token/unavaliable)
        """
        self.queryset = self.queryset.filter(
            borrow_date__isnull=False, user__isnull=False
--- a/api/views/sas.py
+++ b/api/views/sas.py
@ -0,0 +1,42 @@
+from typing import List
+from rest_framework.decorators import api_view, renderer_classes
+from rest_framework.exceptions import PermissionDenied
+from rest_framework.generics import get_object_or_404
+from rest_framework.renderers import JSONRenderer
+from rest_framework.request import Request
+from rest_framework.response import Response
+
+from core.views import can_edit
+from core.models import User
+from sas.models import Picture
+
+
+def all_pictures_of_user(user: User) -> List[Picture]:
+    return [
+        relation.picture
+        for relation in user.pictures.exclude(picture=None)
+        .order_by("-picture__parent__date", "id")
+        .select_related("picture__parent")
+    ]
+
+
+@api_view(["GET"])
+@renderer_classes((JSONRenderer,))
+def all_pictures_of_user_endpoint(request: Request, user: int):
+    requested_user: User = get_object_or_404(User, pk=user)
+    if not can_edit(requested_user, request.user):
+        raise PermissionDenied
+
+    return Response(
+        [
+            {
+                "name": f"{picture.parent.name} - {picture.name}",
+                "date": picture.date,
+                "author": str(picture.owner),
+                "full_size_url": picture.get_download_url(),
+                "compressed_url": picture.get_download_compressed_url(),
+                "thumb_url": picture.get_download_thumb_url(),
+            }
+            for picture in all_pictures_of_user(requested_user)
+        ]
+    )
--- a/api/views/user.py
+++ b/api/views/user.py
@ -1,24 +1,16 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #

@ -26,7 +18,7 @@ import datetime

 from rest_framework import serializers
 from rest_framework.response import Response
-from rest_framework.decorators import list_route
+from rest_framework.decorators import action

 from core.models import User

@ -50,17 +42,17 @@ class UserSerializer(serializers.ModelSerializer):

 class UserViewSet(RightModelViewSet):
    """
-        Manage Users (api/v1/user/)
-        Only show active users
+    Manage Users (api/v1/user/)
+    Only show active users
    """

    serializer_class = UserSerializer
    queryset = User.objects.filter(is_active=True)

-    @list_route()
+    @action(detail=False)
    def birthday(self, request):
        """
-            Return all users born today (api/v1/user/birstdays)
+        Return all users born today (api/v1/user/birstdays)
        """
        date = datetime.datetime.today()
        self.queryset = self.queryset.filter(date_of_birth=date)
--- a/api/views/uv.py
+++ b/api/views/uv.py
@ -0,0 +1,127 @@
+from rest_framework.response import Response
+from rest_framework.decorators import api_view, renderer_classes
+from rest_framework.renderers import JSONRenderer
+from django.core.exceptions import PermissionDenied
+from django.conf import settings
+from rest_framework import serializers
+import urllib.request
+import json
+
+from pedagogy.views import CanCreateUVFunctionMixin
+
+
+@api_view(["GET"])
+@renderer_classes((JSONRenderer,))
+def uv_endpoint(request):
+    if not CanCreateUVFunctionMixin.can_create_uv(request.user):
+        raise PermissionDenied
+
+    params = request.query_params
+    if "year" not in params or "code" not in params:
+        raise serializers.ValidationError("Missing query parameter")
+
+    short_uv, full_uv = find_uv("fr", params["year"], params["code"])
+    if short_uv is None or full_uv is None:
+        return Response(status=204)
+
+    return Response(make_clean_uv(short_uv, full_uv))
+
+
+def find_uv(lang, year, code):
+    """
+    Uses the UTBM API to find an UV.
+    short_uv is the UV entry in the UV list. It is returned as it contains
+    information which are not in full_uv.
+    full_uv is the detailed representation of an UV.
+    """
+    # query the UV list
+    uvs_url = settings.SITH_PEDAGOGY_UTBM_API + "/uvs/{}/{}".format(lang, year)
+    response = urllib.request.urlopen(uvs_url)
+    uvs = json.loads(response.read().decode("utf-8"))
+
+    try:
+        # find the first UV which matches the code
+        short_uv = next(uv for uv in uvs if uv["code"] == code)
+    except StopIteration:
+        return (None, None)
+
+    # get detailed information about the UV
+    uv_url = settings.SITH_PEDAGOGY_UTBM_API + "/uv/{}/{}/{}/{}".format(
+        lang, year, code, short_uv["codeFormation"]
+    )
+    response = urllib.request.urlopen(uv_url)
+    full_uv = json.loads(response.read().decode("utf-8"))
+
+    return (short_uv, full_uv)
+
+
+def make_clean_uv(short_uv, full_uv):
+    """
+    Cleans the data up so that it corresponds to our data representation.
+    """
+    res = {}
+
+    res["credit_type"] = short_uv["codeCategorie"]
+
+    # probably wrong on a few UVs as we pick the first UV we find but
+    # availability depends on the formation
+    semesters = {
+        (True, True): "AUTUMN_AND_SPRING",
+        (True, False): "AUTUMN",
+        (False, True): "SPRING",
+    }
+    res["semester"] = semesters.get(
+        (short_uv["ouvertAutomne"], short_uv["ouvertPrintemps"]), "CLOSED"
+    )
+
+    langs = {"es": "SP", "en": "EN", "de": "DE"}
+    res["language"] = langs.get(full_uv["codeLangue"], "FR")
+
+    if full_uv["departement"] == "Pôle Humanités":
+        res["department"] = "HUMA"
+    else:
+        departments = {
+            "AL": "IMSI",
+            "AE": "EE",
+            "GI": "GI",
+            "GC": "EE",
+            "GM": "MC",
+            "TC": "TC",
+            "GP": "IMSI",
+            "ED": "EDIM",
+            "AI": "GI",
+            "AM": "MC",
+        }
+        res["department"] = departments.get(full_uv["codeFormation"], "NA")
+
+    res["credits"] = full_uv["creditsEcts"]
+
+    activities = ("CM", "TD", "TP", "THE", "TE")
+    for activity in activities:
+        res["hours_{}".format(activity)] = 0
+    for activity in full_uv["activites"]:
+        if activity["code"] in activities:
+            res["hours_{}".format(activity["code"])] += activity["nbh"] // 60
+
+    # wrong if the manager changes depending on the semester
+    semester = full_uv.get("automne", None)
+    if not semester:
+        semester = full_uv.get("printemps", {})
+    res["manager"] = semester.get("responsable", "")
+
+    res["title"] = full_uv["libelle"]
+
+    descriptions = {
+        "objectives": "objectifs",
+        "program": "programme",
+        "skills": "acquisitionCompetences",
+        "key_concepts": "acquisitionNotions",
+    }
+
+    for res_key, full_uv_key in descriptions.items():
+        res[res_key] = full_uv[full_uv_key]
+        # if not found or the API did not return a string
+        if type(res[res_key]) != str:
+            res[res_key] = ""
+
+    return res
--- a/club/init.py
+++ b/club/init.py
@ -1,23 +1,15 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #
--- a/club/admin.py
+++ b/club/admin.py
@ -1,31 +1,36 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #
-
+from ajax_select import make_ajax_form
 from django.contrib import admin

 from club.models import Club, Membership


-admin.site.register(Club)
-admin.site.register(Membership)
+@admin.register(Club)
+class ClubAdmin(admin.ModelAdmin):
+    list_display = ("name", "unix_name", "parent", "is_active")
+
+
+@admin.register(Membership)
+class MembershipAdmin(admin.ModelAdmin):
+    list_display = ("user", "club", "role", "start_date", "end_date")
+    search_fields = (
+        "user__username",
+        "user__first_name",
+        "user__last_name",
+        "club__name",
+    )
+    form = make_ajax_form(Membership, {"user": "users"})
--- a/club/forms.py
+++ b/club/forms.py
@ -25,7 +25,7 @@

 from django.conf import settings
 from django import forms
-from django.utils.translation import ugettext_lazy as _
+from django.utils.translation import gettext_lazy as _

 from ajax_select.fields import AutoCompleteSelectField, AutoCompleteSelectMultipleField

@ -34,6 +34,7 @@ from club.models import Mailing, MailingSubscription, Club, Membership
 from core.models import User
 from core.views.forms import SelectDate, SelectDateTime
 from counter.models import Counter
+from core.views.forms import TzAwareDateTimeField


 class ClubEditForm(forms.ModelForm):
@ -66,7 +67,7 @@ class MailingForm(forms.Form):
        super(MailingForm, self).__init__(*args, **kwargs)

        self.fields["action"] = forms.TypedChoiceField(
-            (
+            choices=(
                (self.ACTION_NEW_MAILING, _("New Mailing")),
                (self.ACTION_NEW_SUBSCRIPTION, _("Subscribe")),
                (self.ACTION_REMOVE_SUBSCRIPTION, _("Remove")),
@ -157,23 +158,27 @@ class MailingForm(forms.Form):
        return cleaned_data


-class SellingsFormBase(forms.Form):
-    begin_date = forms.DateTimeField(
-        ["%Y-%m-%d %H:%M:%S"],
-        label=_("Begin date"),
-        required=False,
-        widget=SelectDateTime,
-    )
-    end_date = forms.DateTimeField(
-        ["%Y-%m-%d %H:%M:%S"],
-        label=_("End date"),
-        required=False,
-        widget=SelectDateTime,
-    )
-    counter = forms.ModelChoiceField(
+class SellingsForm(forms.Form):
+    begin_date = TzAwareDateTimeField(label=_("Begin date"), required=False)
+    end_date = TzAwareDateTimeField(label=_("End date"), required=False)
+
+    counters = forms.ModelMultipleChoiceField(
        Counter.objects.order_by("name").all(), label=_("Counter"), required=False
    )

+    def __init__(self, club, *args, **kwargs):
+        super(SellingsForm, self).__init__(*args, **kwargs)
+        self.fields["products"] = forms.ModelMultipleChoiceField(
+            club.products.order_by("name").filter(archived=False).all(),
+            label=_("Products"),
+            required=False,
+        )
+        self.fields["archived_products"] = forms.ModelMultipleChoiceField(
+            club.products.order_by("name").filter(archived=True).all(),
+            label=_("Archived products"),
+            required=False,
+        )
+

 class ClubMemberForm(forms.Form):
    """
@ -224,9 +229,7 @@ class ClubMemberForm(forms.Form):
                id__in=[
                    ms.user.id
                    for ms in self.club_members
-                    if ms.can_be_edited_by(
-                        self.request_user, self.request_user_membership
-                    )
+                    if ms.can_be_edited_by(self.request_user)
                ]
            ).all(),
            label=_("Mark as old"),
@ -238,8 +241,8 @@ class ClubMemberForm(forms.Form):

    def clean_users(self):
        """
-            Check that the user is not trying to add an user already in the club
-            Also check that the user is valid and has a valid subscription
+        Check that the user is not trying to add an user already in the club
+        Also check that the user is valid and has a valid subscription
        """
        cleaned_data = super(ClubMemberForm, self).clean()
        users = []
@ -262,7 +265,7 @@ class ClubMemberForm(forms.Form):

    def clean(self):
        """
-            Check user rights for adding an user
+        Check user rights for adding an user
        """
        cleaned_data = super(ClubMemberForm, self).clean()

--- a/club/migrations/0001_initial.py
+++ b/club/migrations/0001_initial.py
@ -3,10 +3,10 @@ from __future__ import unicode_literals

 from django.db import migrations, models
 import django.core.validators
+import django.db.models.deletion


 class Migration(migrations.Migration):
-
    dependencies = []

    operations = [
@ -90,7 +90,10 @@ class Migration(migrations.Migration):
                (
                    "club",
                    models.ForeignKey(
-                        verbose_name="club", to="club.Club", related_name="members"
+                        verbose_name="club",
+                        to="club.Club",
+                        related_name="members",
+                        on_delete=django.db.models.deletion.CASCADE,
                    ),
                ),
            ],
--- a/club/migrations/0002_auto_20160824_2152.py
+++ b/club/migrations/0002_auto_20160824_2152.py
@ -3,10 +3,10 @@ from __future__ import unicode_literals

 from django.db import migrations, models
 from django.conf import settings
+import django.db.models.deletion


 class Migration(migrations.Migration):
-
    dependencies = [
        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
        ("club", "0001_initial"),
@ -18,6 +18,7 @@ class Migration(migrations.Migration):
            model_name="membership",
            name="user",
            field=models.ForeignKey(
+                on_delete=django.db.models.deletion.CASCADE,
                verbose_name="user",
                to=settings.AUTH_USER_MODEL,
                related_name="membership",
@ -34,6 +35,7 @@ class Migration(migrations.Migration):
            model_name="club",
            name="home",
            field=models.OneToOneField(
+                on_delete=django.db.models.deletion.CASCADE,
                blank=True,
                null=True,
                related_name="home_of_club",
@ -45,14 +47,21 @@ class Migration(migrations.Migration):
            model_name="club",
            name="owner_group",
            field=models.ForeignKey(
-                default=1, to="core.Group", related_name="owned_club"
+                on_delete=django.db.models.deletion.CASCADE,
+                default=1,
+                to="core.Group",
+                related_name="owned_club",
            ),
        ),
        migrations.AddField(
            model_name="club",
            name="parent",
            field=models.ForeignKey(
-                null=True, to="club.Club", related_name="children", blank=True
+                on_delete=django.db.models.deletion.CASCADE,
+                null=True,
+                to="club.Club",
+                related_name="children",
+                blank=True,
            ),
        ),
        migrations.AddField(
--- a/club/migrations/0003_auto_20160902_2042.py
+++ b/club/migrations/0003_auto_20160902_2042.py
@ -5,7 +5,6 @@ from django.db import migrations, models


 class Migration(migrations.Migration):
-
    dependencies = [("club", "0002_auto_20160824_2152")]

    operations = [
--- a/club/migrations/0004_auto_20160915_1057.py
+++ b/club/migrations/0004_auto_20160915_1057.py
@ -3,10 +3,10 @@ from __future__ import unicode_literals

 from django.db import migrations, models
 from django.conf import settings
+import django.db.models.deletion


 class Migration(migrations.Migration):
-
    dependencies = [("club", "0003_auto_20160902_2042")]

    operations = [
@ -14,6 +14,7 @@ class Migration(migrations.Migration):
            model_name="membership",
            name="user",
            field=models.ForeignKey(
+                on_delete=django.db.models.deletion.CASCADE,
                verbose_name="user",
                related_name="memberships",
                to=settings.AUTH_USER_MODEL,
--- a/club/migrations/0005_auto_20161120_1149.py
+++ b/club/migrations/0005_auto_20161120_1149.py
@ -6,7 +6,6 @@ import django.db.models.deletion


 class Migration(migrations.Migration):
-
    dependencies = [("club", "0004_auto_20160915_1057")]

    operations = [
--- a/club/migrations/0006_auto_20161229_0040.py
+++ b/club/migrations/0006_auto_20161229_0040.py
@ -6,7 +6,6 @@ import django.utils.timezone


 class Migration(migrations.Migration):
-
    dependencies = [("club", "0005_auto_20161120_1149")]

    operations = [
--- a/club/migrations/0007_auto_20170324_0917.py
+++ b/club/migrations/0007_auto_20170324_0917.py
@ -5,7 +5,6 @@ from django.db import migrations, models


 class Migration(migrations.Migration):
-
    dependencies = [("club", "0006_auto_20161229_0040")]

    operations = [
--- a/club/migrations/0008_auto_20170515_2214.py
+++ b/club/migrations/0008_auto_20170515_2214.py
@ -5,7 +5,6 @@ from django.db import migrations, models


 class Migration(migrations.Migration):
-
    dependencies = [("club", "0007_auto_20170324_0917")]

    operations = [
--- a/club/migrations/0009_auto_20170822_2232.py
+++ b/club/migrations/0009_auto_20170822_2232.py
@ -5,10 +5,10 @@ from django.db import migrations, models
 from django.conf import settings
 import re
 import django.core.validators
+import django.db.models.deletion


 class Migration(migrations.Migration):
-
    dependencies = [
        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
        ("club", "0008_auto_20170515_2214"),
@ -51,12 +51,16 @@ class Migration(migrations.Migration):
                (
                    "club",
                    models.ForeignKey(
-                        verbose_name="Club", related_name="mailings", to="club.Club"
+                        on_delete=django.db.models.deletion.CASCADE,
+                        verbose_name="Club",
+                        related_name="mailings",
+                        to="club.Club",
                    ),
                ),
                (
                    "moderator",
                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
                        null=True,
                        verbose_name="moderator",
                        related_name="moderated_mailings",
@ -84,6 +88,7 @@ class Migration(migrations.Migration):
                (
                    "mailing",
                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
                        verbose_name="Mailing",
                        related_name="subscriptions",
                        to="club.Mailing",
@ -92,6 +97,7 @@ class Migration(migrations.Migration):
                (
                    "user",
                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
                        null=True,
                        verbose_name="User",
                        related_name="mailing_subscriptions",
--- a/club/migrations/0010_auto_20170912_2028.py
+++ b/club/migrations/0010_auto_20170912_2028.py
@ -5,6 +5,7 @@ from django.db import migrations, models

 from club.models import Club
 from core.operations import PsqlRunOnly
+import django.db.models.deletion


 def generate_club_pages(apps, schema_editor):
@ -18,7 +19,6 @@ def generate_club_pages(apps, schema_editor):


 class Migration(migrations.Migration):
-
    dependencies = [("core", "0024_auto_20170906_1317"), ("club", "0010_club_logo")]

    operations = [
@ -31,7 +31,11 @@ class Migration(migrations.Migration):
            model_name="club",
            name="page",
            field=models.OneToOneField(
-                related_name="club", blank=True, null=True, to="core.Page"
+                on_delete=django.db.models.deletion.CASCADE,
+                related_name="club",
+                blank=True,
+                null=True,
+                to="core.Page",
            ),
        ),
        migrations.AddField(
--- a/club/migrations/0010_club_logo.py
+++ b/club/migrations/0010_club_logo.py
@ -5,7 +5,6 @@ from django.db import migrations, models


 class Migration(migrations.Migration):
-
    dependencies = [("club", "0009_auto_20170822_2232")]

    operations = [
--- a/club/migrations/0011_auto_20180426_2013.py
+++ b/club/migrations/0011_auto_20180426_2013.py
@ -3,10 +3,10 @@ from __future__ import unicode_literals

 from django.db import migrations, models
 import club.models
+import django.db.models.deletion


 class Migration(migrations.Migration):
-
    dependencies = [("club", "0010_auto_20170912_2028")]

    operations = [
@ -14,6 +14,7 @@ class Migration(migrations.Migration):
            model_name="club",
            name="owner_group",
            field=models.ForeignKey(
+                on_delete=django.db.models.deletion.CASCADE,
                default=club.models.Club.get_default_owner_group,
                related_name="owned_club",
                to="core.Group",
--- a/club/models.py
+++ b/club/models.py
@ -22,14 +22,18 @@
 # Place - Suite 330, Boston, MA 02111-1307, USA.
 #
 #
+from typing import Optional

+from django.core.cache import cache
 from django.db import models
 from django.core import validators
 from django.conf import settings
-from django.utils.translation import ugettext_lazy as _
+from django.db.models import Q
+from django.utils.timezone import now
+from django.utils.translation import gettext_lazy as _
 from django.core.exceptions import ValidationError, ObjectDoesNotExist
 from django.db import transaction
-from django.core.urlresolvers import reverse
+from django.urls import reverse
 from django.utils import timezone
 from django.core.validators import RegexValidator, validate_email
 from django.utils.functional import cached_property
@ -46,7 +50,9 @@ class Club(models.Model):

    id = models.AutoField(primary_key=True, db_index=True)
    name = models.CharField(_("name"), max_length=64)
-    parent = models.ForeignKey("Club", related_name="children", null=True, blank=True)
+    parent = models.ForeignKey(
+        "Club", related_name="children", null=True, blank=True, on_delete=models.CASCADE
+    )
    unix_name = models.CharField(
        _("unix name"),
        max_length=30,
@ -70,12 +76,16 @@ class Club(models.Model):
        _("short description"), max_length=1000, default="", blank=True, null=True
    )
    address = models.CharField(_("address"), max_length=254)
+
    # This function prevents generating migration upon settings change
    def get_default_owner_group():
        return settings.SITH_GROUP_ROOT_ID

    owner_group = models.ForeignKey(
-        Group, related_name="owned_club", default=get_default_owner_group
+        Group,
+        related_name="owned_club",
+        default=get_default_owner_group,
+        on_delete=models.CASCADE,
    )
    edit_groups = models.ManyToManyField(
        Group, related_name="editable_club", blank=True
@ -91,7 +101,9 @@ class Club(models.Model):
        blank=True,
        on_delete=models.SET_NULL,
    )
-    page = models.OneToOneField(Page, related_name="club", blank=True, null=True)
+    page = models.OneToOneField(
+        Page, related_name="club", blank=True, null=True, on_delete=models.CASCADE
+    )

    class Meta:
        ordering = ["name", "unix_name"]
@ -115,12 +127,22 @@ class Club(models.Model):
    def clean(self):
        self.check_loop()

-    def _change_unixname(self, new_name):
+    def _change_unixname(self, old_name, new_name):
        c = Club.objects.filter(unix_name=new_name).first()
        if c is None:
+            # Update all the groups names
+            Group.objects.filter(name=old_name).update(name=new_name)
+            Group.objects.filter(name=old_name + settings.SITH_BOARD_SUFFIX).update(
+                name=new_name + settings.SITH_BOARD_SUFFIX
+            )
+            Group.objects.filter(name=old_name + settings.SITH_MEMBER_SUFFIX).update(
+                name=new_name + settings.SITH_MEMBER_SUFFIX
+            )
+
            if self.home:
                self.home.name = new_name
                self.home.save()
+
        else:
            raise ValidationError(_("A club with that unix_name already exists"))

@ -164,29 +186,34 @@ class Club(models.Model):
            self.page.parent = self.parent.page
            self.page.save(force_lock=True)

+    @transaction.atomic()
    def save(self, *args, **kwargs):
-        with transaction.atomic():
-            creation = False
-            old = Club.objects.filter(id=self.id).first()
-            if not old:
-                creation = True
-            else:
-                if old.unix_name != self.unix_name:
-                    self._change_unixname(self.unix_name)
-            super(Club, self).save(*args, **kwargs)
-            if creation:
-                board = MetaGroup(name=self.unix_name + settings.SITH_BOARD_SUFFIX)
-                board.save()
-                member = MetaGroup(name=self.unix_name + settings.SITH_MEMBER_SUFFIX)
-                member.save()
-                subscribers = Group.objects.filter(
-                    name=settings.SITH_MAIN_MEMBERS_GROUP
-                ).first()
-                self.make_home()
-                self.home.edit_groups = [board]
-                self.home.view_groups = [member, subscribers]
-                self.home.save()
-            self.make_page()
+        old = Club.objects.filter(id=self.id).first()
+        creation = old is None
+        if not creation and old.unix_name != self.unix_name:
+            self._change_unixname(self.unix_name)
+        super(Club, self).save(*args, **kwargs)
+        if creation:
+            board = MetaGroup(name=self.unix_name + settings.SITH_BOARD_SUFFIX)
+            board.save()
+            member = MetaGroup(name=self.unix_name + settings.SITH_MEMBER_SUFFIX)
+            member.save()
+            subscribers = Group.objects.filter(
+                name=settings.SITH_MAIN_MEMBERS_GROUP
+            ).first()
+            self.make_home()
+            self.home.edit_groups.set([board])
+            self.home.view_groups.set([member, subscribers])
+            self.home.save()
+        self.make_page()
+        cache.set(f"sith_club_{self.unix_name}", self)
+
+    def delete(self, *args, **kwargs):
+        super().delete(*args, **kwargs)
+        # Invalidate the cache of this club and of its memberships
+        for membership in self.members.ongoing().select_related("user"):
+            cache.delete(f"membership_{self.id}_{membership.user.id}")
+        cache.delete(f"sith_club_{self.unix_name}")

    def __str__(self):
        return self.name
@ -201,7 +228,9 @@ class Club(models.Model):
        """
        Method to see if that object can be super edited by the given user
        """
-        return user.is_in_group(settings.SITH_MAIN_BOARD_GROUP)
+        if user.is_anonymous:
+            return False
+        return user.is_board_member

    def get_full_logo_url(self):
        return "https://%s%s" % (settings.SITH_URL, self.logo.url)
@ -221,28 +250,89 @@ class Club(models.Model):
            return False
        return sub.was_subscribed

-    _memberships = {}
-
-    def get_membership_for(self, user):
+    def get_membership_for(self, user: User) -> Optional["Membership"]:
        """
-        Returns the current membership the given user
+        Return the current membership the given user.
+        The result is cached.
        """
-        try:
-            return Club._memberships[self.id][user.id]
-        except:
-            m = self.members.filter(user=user.id).filter(end_date=None).first()
-            try:
-                Club._memberships[self.id][user.id] = m
-            except:
-                Club._memberships[self.id] = {}
-                Club._memberships[self.id][user.id] = m
-            return m
+        if user.is_anonymous:
+            return None
+        membership = cache.get(f"membership_{self.id}_{user.id}")
+        if membership == "not_member":
+            return None
+        if membership is None:
+            membership = self.members.filter(user=user, end_date=None).first()
+            if membership is None:
+                cache.set(f"membership_{self.id}_{user.id}", "not_member")
+            else:
+                cache.set(f"membership_{self.id}_{user.id}", membership)
+        return membership

    def has_rights_in_club(self, user):
        m = self.get_membership_for(user)
        return m is not None and m.role > settings.SITH_MAXIMUM_FREE_ROLE


+class MembershipQuerySet(models.QuerySet):
+    def ongoing(self) -> "MembershipQuerySet":
+        """
+        Filter all memberships which are not finished yet
+        """
+        # noinspection PyTypeChecker
+        return self.filter(Q(end_date=None) | Q(end_date__gte=timezone.now()))
+
+    def board(self) -> "MembershipQuerySet":
+        """
+        Filter all memberships where the user is/was in the board.
+
+        Be aware that users who were in the board in the past
+        are included, even if there are no more members.
+
+        If you want to get the users who are currently in the board,
+        mind combining this with the :meth:`ongoing` queryset method
+        """
+        # noinspection PyTypeChecker
+        return self.filter(role__gt=settings.SITH_MAXIMUM_FREE_ROLE)
+
+    def update(self, **kwargs):
+        """
+        Work just like the default Django's update() method,
+        but add a cache refresh for the elements of the queryset.
+
+        Be aware that this adds a db query to retrieve the updated objects
+        """
+        nb_rows = super().update(**kwargs)
+        if nb_rows > 0:
+            # if at least a row was affected, refresh the cache
+            for membership in self.all():
+                if membership.end_date is not None:
+                    cache.set(
+                        f"membership_{membership.club_id}_{membership.user_id}",
+                        "not_member",
+                    )
+                else:
+                    cache.set(
+                        f"membership_{membership.club_id}_{membership.user_id}",
+                        membership,
+                    )
+
+    def delete(self):
+        """
+        Work just like the default Django's delete() method,
+        but add a cache invalidation for the elements of the queryset
+        before the deletion.
+
+        Be aware that this adds a db query to retrieve the deleted element.
+        As this first query take place before the deletion operation,
+        it will be performed even if the deletion fails.
+        """
+        ids = list(self.values_list("club_id", "user_id"))
+        nb_rows, _ = super().delete()
+        if nb_rows > 0:
+            for club_id, user_id in ids:
+                cache.set(f"membership_{club_id}_{user_id}", "not_member")
+
+
 class Membership(models.Model):
    """
    The Membership class makes the connection between User and Clubs
@ -261,9 +351,15 @@ class Membership(models.Model):
        related_name="memberships",
        null=False,
        blank=False,
+        on_delete=models.CASCADE,
    )
    club = models.ForeignKey(
-        Club, verbose_name=_("club"), related_name="members", null=False, blank=False
+        Club,
+        verbose_name=_("club"),
+        related_name="members",
+        null=False,
+        blank=False,
+        on_delete=models.CASCADE,
    )
    start_date = models.DateField(_("start date"), default=timezone.now)
    end_date = models.DateField(_("end date"), null=True, blank=True)
@ -276,6 +372,8 @@ class Membership(models.Model):
        _("description"), max_length=128, null=False, blank=True
    )

+    objects = MembershipQuerySet.as_manager()
+
    def __str__(self):
        return (
            self.club.name
@ -290,24 +388,34 @@ class Membership(models.Model):
        """
        Method to see if that object can be super edited by the given user
        """
-        return user.is_in_group(settings.SITH_MAIN_BOARD_GROUP)
+        if user.is_anonymous:
+            return False
+        return user.is_board_member

-    def can_be_edited_by(self, user, membership=None):
+    def can_be_edited_by(self, user: User) -> bool:
        """
-        Method to see if that object can be edited by the given user
+        Check if that object can be edited by the given user
        """
-        if user.memberships:
-            if membership:  # This is for optimisation purpose
-                ms = membership
-            else:
-                ms = user.memberships.filter(club=self.club, end_date=None).first()
-            return (ms and ms.role >= self.role) or user.is_in_group(
-                settings.SITH_MAIN_BOARD_GROUP
-            )
-        return user.is_in_group(settings.SITH_MAIN_BOARD_GROUP)
+        if user.is_root or user.is_board_member:
+            return True
+        membership = self.club.get_membership_for(user)
+        if membership is not None and membership.role >= self.role:
+            return True
+        return False

    def get_absolute_url(self):
-        return reverse("club:club_members", kwargs={"club_id": self.club.id})
+        return reverse("club:club_members", kwargs={"club_id": self.club_id})
+
+    def save(self, *args, **kwargs):
+        super().save(*args, **kwargs)
+        if self.end_date is None:
+            cache.set(f"membership_{self.club_id}_{self.user_id}", self)
+        else:
+            cache.set(f"membership_{self.club_id}_{self.user_id}", "not_member")
+
+    def delete(self, *args, **kwargs):
+        super().delete(*args, **kwargs)
+        cache.delete(f"membership_{self.club_id}_{self.user_id}")


 class Mailing(models.Model):
@ -317,7 +425,12 @@ class Mailing(models.Model):
    """

    club = models.ForeignKey(
-        Club, verbose_name=_("Club"), related_name="mailings", null=False, blank=False
+        Club,
+        verbose_name=_("Club"),
+        related_name="mailings",
+        null=False,
+        blank=False,
+        on_delete=models.CASCADE,
    )
    email = models.CharField(
        _("Email address"),
@ -334,7 +447,11 @@ class Mailing(models.Model):
    )
    is_moderated = models.BooleanField(_("is moderated"), default=False)
    moderator = models.ForeignKey(
-        User, related_name="moderated_mailings", verbose_name=_("moderator"), null=True
+        User,
+        related_name="moderated_mailings",
+        verbose_name=_("moderator"),
+        null=True,
+        on_delete=models.CASCADE,
    )

    def clean(self):
@ -351,14 +468,12 @@ class Mailing(models.Model):
        return self.email + "@" + settings.SITH_MAILING_DOMAIN

    def can_moderate(self, user):
-        return user.is_root or user.is_in_group(settings.SITH_GROUP_COM_ADMIN_ID)
+        return user.is_root or user.is_com_admin

    def is_owned_by(self, user):
-        return (
-            user.is_in_group(self)
-            or user.is_root
-            or user.is_in_group(settings.SITH_GROUP_COM_ADMIN_ID)
-        )
+        if user.is_anonymous:
+            return False
+        return user.is_root or user.is_com_admin

    def can_view(self, user):
        return self.club.has_rights_in_club(user)
@ -366,9 +481,8 @@ class Mailing(models.Model):
    def can_be_edited_by(self, user):
        return self.club.has_rights_in_club(user)

-    def delete(self):
-        for sub in self.subscriptions.all():
-            sub.delete()
+    def delete(self, *args, **kwargs):
+        self.subscriptions.all().delete()
        super(Mailing, self).delete()

    def fetch_format(self):
@ -409,6 +523,7 @@ class MailingSubscription(models.Model):
        related_name="subscriptions",
        null=False,
        blank=False,
+        on_delete=models.CASCADE,
    )
    user = models.ForeignKey(
        User,
@ -416,6 +531,7 @@ class MailingSubscription(models.Model):
        related_name="mailing_subscriptions",
        null=True,
        blank=True,
+        on_delete=models.CASCADE,
    )
    email = models.EmailField(_("Email address"), blank=False, null=False)

@ -439,10 +555,12 @@ class MailingSubscription(models.Model):
        super(MailingSubscription, self).clean()

    def is_owned_by(self, user):
+        if user.is_anonymous:
+            return False
        return (
            self.mailing.club.has_rights_in_club(user)
            or user.is_root
-            or self.user.is_in_group(settings.SITH_GROUP_COM_ADMIN_ID)
+            or self.user.is_com_admin
        )

    def can_be_edited_by(self, user):
--- a/club/templates/club/club_members.jinja
+++ b/club/templates/club/club_members.jinja
@ -13,13 +13,15 @@
        {% endif %}
        <table>
            <thead>
-                <td>{% trans %}User{% endtrans %}</td>
-                <td>{% trans %}Role{% endtrans %}</td>
-                <td>{% trans %}Description{% endtrans %}</td>
-                <td>{% trans %}Since{% endtrans %}</td>
-                {% if users_old %}
-                    <td>{% trans %}Mark as old{% endtrans %}</td>
-                {% endif %}
+                <tr>
+                    <td>{% trans %}User{% endtrans %}</td>
+                    <td>{% trans %}Role{% endtrans %}</td>
+                    <td>{% trans %}Description{% endtrans %}</td>
+                    <td>{% trans %}Since{% endtrans %}</td>
+                    {% if users_old %}
+                        <td>{% trans %}Mark as old{% endtrans %}</td>
+                    {% endif %}
+                </tr>
            </thead>
            <tbody>
            {% for m in members %}
--- a/club/templates/club/club_sellings.jinja
+++ b/club/templates/club/club_sellings.jinja
@ -1,9 +1,9 @@
 {% extends "core/base.jinja" %}
-{% from 'core/macros.jinja' import user_profile_link %}
+{% from 'core/macros.jinja' import user_profile_link, paginate %}

 {% block content %}
 <h3>{% trans %}Sellings{% endtrans %}</h3>
-<form action="" method="get">
+<form id="form" action="?page=1" method="post">
    {% csrf_token %}
    {{ form }}
    <p><input type="submit" value="{% trans %}Show{% endtrans %}" /></p>
@ -28,7 +28,7 @@
        </tr>
    </thead>
    <tbody>
-    {% for s in result %}
+    {% for s in paginated_result %}
        <tr>
            <td>{{ s.date|localtime|date(DATETIME_FORMAT) }} {{ s.date|localtime|time(DATETIME_FORMAT) }}</td>
            <td>{{ s.counter }}</td>
@ -53,6 +53,14 @@
    {% endfor %}
    </tbody>
 </table>
+<script type="text/javascript">
+    function formPagination(link){
+        $("form").attr("action", link.href);
+        link.href = "javascript:void(0)"; // block link action
+        $("form").submit();
+    }
+</script>
+{{ paginate(paginated_result, paginator, "formPagination(this)") }}
 {% endblock %}


--- a/club/templates/club/mailing.jinja
+++ b/club/templates/club/mailing.jinja
@ -45,7 +45,7 @@
            </thead>
            <tbody>
                {% for widget in form_mailing_removal.subwidgets %}
-                {% set user = ms[widget.data.value][0] %}
+                {% set user = ms[widget.data.value.value][0] %}
                <tr>
                    <td>{{ user.get_username }}</td>
                    <td>{{ user.get_email }}</td>
--- a/club/tests.py
+++ b/club/tests.py
@ -1,395 +1,576 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #
+from datetime import timedelta

 from django.conf import settings
+from django.core.cache import cache
 from django.test import TestCase
 from django.utils import timezone, html
-from django.utils.translation import ugettext as _
-from django.core.urlresolvers import reverse
+from django.utils.timezone import now, localtime
+from django.utils.translation import gettext as _
+from django.urls import reverse
 from django.core.management import call_command
-from django.core.exceptions import ValidationError, NON_FIELD_ERRORS

-from core.models import User
+from core.models import User, AnonymousUser
 from club.models import Club, Membership, Mailing
 from club.forms import MailingForm
-
-# Create your tests here.
+from sith.settings import SITH_BAR_MANAGER, SITH_MAIN_CLUB_ID


 class ClubTest(TestCase):
+    """
+    Set up data for test cases related to clubs and membership
+    The generated dataset is the one created by the populate command,
+    plus the following modifications :
+
+    - `self.club` is a dummy club recreated for each test
+    - `self.club` has two board members : skia (role 3) and comptable (role 10)
+    - `self.club` has one regular member : richard
+    - `self.club` has one former member : sli (who had role 2)
+    - None of the `self.club` members are in the AE club.
+    """
+
+    @classmethod
+    def setUpTestData(cls):
+        # subscribed users - initial members
+        cls.skia = User.objects.get(username="skia")
+        cls.richard = User.objects.get(username="rbatsbak")
+        cls.comptable = User.objects.get(username="comptable")
+        cls.sli = User.objects.get(username="sli")
+
+        # subscribed users - not initial members
+        cls.krophil = User.objects.get(username="krophil")
+        cls.subscriber = User.objects.get(username="subscriber")
+
+        # old subscriber
+        cls.old_subscriber = User.objects.get(username="old_subscriber")
+
+        # not subscribed
+        cls.public = User.objects.get(username="public")
+
+        cls.ae = Club.objects.filter(pk=SITH_MAIN_CLUB_ID)[0]
+
    def setUp(self):
-        call_command("populate")
-        self.skia = User.objects.filter(username="skia").first()
-        self.rbatsbak = User.objects.filter(username="rbatsbak").first()
-        self.guy = User.objects.filter(username="guy").first()
-        self.bdf = Club.objects.filter(unix_name="bdf").first()
+        # by default, Skia is in the AE, which creates side effect
+        self.skia.memberships.all().delete()

-    def test_create_add_user_to_club_from_root_ok(self):
-        self.client.login(username="root", password="plop")
-        self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users": self.skia.id, "start_date": "12/06/2016", "role": 3},
+        # create a fake club
+        self.club = Club.objects.create(
+            name="Fake Club",
+            unix_name="fake-club",
+            address="5 rue de la République, 90000 Belfort",
        )
-        response = self.client.get(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id})
+        self.members_url = reverse(
+            "club:club_members", kwargs={"club_id": self.club.id}
        )
-        self.assertTrue(response.status_code == 200)
-        self.assertTrue(
-            "S&#39; Kia</a></td>\\n                    <td>Responsable info</td>"
-            in str(response.content)
+        a_month_ago = now() - timedelta(days=30)
+        yesterday = now() - timedelta(days=1)
+        Membership.objects.create(
+            club=self.club, user=self.skia, start_date=a_month_ago, role=3
+        )
+        Membership.objects.create(club=self.club, user=self.richard, role=1)
+        Membership.objects.create(
+            club=self.club, user=self.comptable, start_date=a_month_ago, role=10
        )

-    def test_create_add_multiple_user_to_club_from_root_ok(self):
+        # sli was a member but isn't anymore
+        Membership.objects.create(
+            club=self.club,
+            user=self.sli,
+            start_date=a_month_ago,
+            end_date=yesterday,
+            role=2,
+        )
+        cache.clear()
+
+
+class MembershipQuerySetTest(ClubTest):
+    def test_ongoing(self):
+        """
+        Test that the ongoing queryset method returns the memberships that
+        are not ended.
+        """
+        current_members = self.club.members.ongoing()
+        expected = [
+            self.skia.memberships.get(club=self.club),
+            self.comptable.memberships.get(club=self.club),
+            self.richard.memberships.get(club=self.club),
+        ]
+        self.assertEqual(len(current_members), len(expected))
+        for member in current_members:
+            self.assertIn(member, expected)
+
+    def test_board(self):
+        """
+        Test that the board queryset method returns the memberships
+        of user in the club board
+        """
+        board_members = list(self.club.members.board())
+        expected = [
+            self.skia.memberships.get(club=self.club),
+            self.comptable.memberships.get(club=self.club),
+            # sli is no more member, but he was in the board
+            self.sli.memberships.get(club=self.club),
+        ]
+        self.assertEqual(len(board_members), len(expected))
+        for member in board_members:
+            self.assertIn(member, expected)
+
+    def test_ongoing_board(self):
+        """
+        Test that combining ongoing and board returns users
+        who are currently board members of the club
+        """
+        members = list(self.club.members.ongoing().board())
+        expected = [
+            self.skia.memberships.get(club=self.club),
+            self.comptable.memberships.get(club=self.club),
+        ]
+        self.assertEqual(len(members), len(expected))
+        for member in members:
+            self.assertIn(member, expected)
+
+    def test_update_invalidate_cache(self):
+        """
+        Test that the `update` queryset method properly invalidate cache
+        """
+        mem_skia = self.skia.memberships.get(club=self.club)
+        cache.set(f"membership_{mem_skia.club_id}_{mem_skia.user_id}", mem_skia)
+        self.skia.memberships.update(end_date=localtime(now()).date())
+        self.assertEqual(
+            cache.get(f"membership_{mem_skia.club_id}_{mem_skia.user_id}"), "not_member"
+        )
+
+        mem_richard = self.richard.memberships.get(club=self.club)
+        cache.set(
+            f"membership_{mem_richard.club_id}_{mem_richard.user_id}", mem_richard
+        )
+        self.richard.memberships.update(role=5)
+        new_mem = self.richard.memberships.get(club=self.club)
+        self.assertNotEqual(new_mem, "not_member")
+        self.assertEqual(new_mem.role, 5)
+
+    def test_delete_invalidate_cache(self):
+        """
+        Test that the `delete` queryset properly invalidate cache
+        """
+
+        mem_skia = self.skia.memberships.get(club=self.club)
+        mem_comptable = self.comptable.memberships.get(club=self.club)
+        cache.set(f"membership_{mem_skia.club_id}_{mem_skia.user_id}", mem_skia)
+        cache.set(
+            f"membership_{mem_comptable.club_id}_{mem_comptable.user_id}", mem_comptable
+        )
+
+        # should delete the subscriptions of skia and comptable
+        self.club.members.ongoing().board().delete()
+
+        self.assertEqual(
+            cache.get(f"membership_{mem_skia.club_id}_{mem_skia.user_id}"), "not_member"
+        )
+        self.assertEqual(
+            cache.get(f"membership_{mem_comptable.club_id}_{mem_comptable.user_id}"),
+            "not_member",
+        )
+
+
+class ClubModelTest(ClubTest):
+    def assert_membership_just_started(self, user: User, role: int):
+        """
+        Assert that the given membership is active and started today
+        """
+        membership = user.memberships.ongoing().filter(club=self.club).first()
+        self.assertIsNotNone(membership)
+        self.assertEqual(localtime(now()).date(), membership.start_date)
+        self.assertIsNone(membership.end_date)
+        self.assertEqual(membership.role, role)
+        self.assertEqual(membership.club.get_membership_for(user), membership)
+        member_group = self.club.unix_name + settings.SITH_MEMBER_SUFFIX
+        board_group = self.club.unix_name + settings.SITH_BOARD_SUFFIX
+        self.assertTrue(user.is_in_group(name=member_group))
+        self.assertTrue(user.is_in_group(name=board_group))
+
+    def assert_membership_just_ended(self, user: User):
+        """
+        Assert that the given user have a membership which ended today
+        """
+        today = localtime(now()).date()
+        self.assertIsNotNone(
+            user.memberships.filter(club=self.club, end_date=today).first()
+        )
+        self.assertIsNone(self.club.get_membership_for(user))
+
+    def test_access_unauthorized(self):
+        """
+        Test that users who never subscribed and anonymous users
+        cannot see the page
+        """
+        response = self.client.post(self.members_url)
+        self.assertEqual(response.status_code, 403)
+
+        self.client.login(username="public", password="plop")
+        response = self.client.post(self.members_url)
+        self.assertEqual(response.status_code, 403)
+
+    def test_display(self):
+        """
+        Test that a GET request return a page where the requested
+        information are displayed.
+        """
+        self.client.login(username=self.skia.username, password="plop")
+        response = self.client.get(self.members_url)
+        self.assertEqual(response.status_code, 200)
+        expected_html = (
+            "<table><thead><tr>"
+            "<td>Utilisateur</td><td>Rôle</td><td>Description</td>"
+            "<td>Depuis</td><td>Marquer comme ancien</td>"
+            "</tr></thead><tbody>"
+        )
+        memberships = self.club.members.ongoing().order_by("-role")
+        input_id = 0
+        for membership in memberships.select_related("user"):
+            user = membership.user
+            expected_html += (
+                f"<tr><td><a href=\"{reverse('core:user_profile', args=[user.id])}\">"
+                f"{user.get_display_name()}</a></td>"
+                f"<td>{settings.SITH_CLUB_ROLES[membership.role]}</td>"
+                f"<td>{membership.description}</td>"
+                f"<td>{membership.start_date}</td><td>"
+            )
+            if membership.role <= 3:  # 3 is the role of skia
+                expected_html += (
+                    '<input type="checkbox" name="users_old" '
+                    f'value="{user.id}" '
+                    f'id="id_users_old_{input_id}">'
+                )
+                input_id += 1
+            expected_html += "</td></tr>"
+        expected_html += "</tbody></table>"
+        self.assertInHTML(expected_html, response.content.decode())
+
+    def test_root_add_one_club_member(self):
+        """
+        Test that root users can add members to clubs, one at a time
+        """
        self.client.login(username="root", password="plop")
-        self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
+        response = self.client.post(
+            self.members_url,
+            {"users": self.subscriber.id, "role": 3},
+        )
+        self.assertRedirects(response, self.members_url)
+        self.subscriber.refresh_from_db()
+        self.assert_membership_just_started(self.subscriber, role=3)
+
+    def test_root_add_multiple_club_member(self):
+        """
+        Test that root users can add multiple members at once to clubs
+        """
+        self.client.login(username="root", password="plop")
+        response = self.client.post(
+            self.members_url,
            {
-                "users": "|%d|%d|" % (self.skia.id, self.rbatsbak.id),
-                "start_date": "12/06/2016",
+                "users": f"|{self.subscriber.id}|{self.krophil.id}|",
                "role": 3,
            },
        )
-        response = self.client.get(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id})
-        )
-        self.assertTrue(response.status_code == 200)
-        content = str(response.content)
-        self.assertTrue(
-            "S&#39; Kia</a></td>\\n                    <td>Responsable info</td>"
-            in content
-        )
-        self.assertTrue(
-            "Richard Batsbak</a></td>\\n                    <td>Responsable info</td>"
-            in content
-        )
+        self.assertRedirects(response, self.members_url)
+        self.subscriber.refresh_from_db()
+        self.assert_membership_just_started(self.subscriber, role=3)
+        self.assert_membership_just_started(self.krophil, role=3)

-    def test_create_add_user_to_club_from_root_fail_not_subscriber(self):
+    def test_add_unauthorized_members(self):
+        """
+        Test that users who are not currently subscribed
+        cannot be members of clubs.
+        """
        self.client.login(username="root", password="plop")
        response = self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users": self.guy.id, "start_date": "12/06/2016", "role": 3},
+            self.members_url,
+            {"users": self.public.id, "role": 1},
        )
-        self.assertTrue(response.status_code == 200)
+        self.assertIsNone(self.public.memberships.filter(club=self.club).first())
        self.assertTrue('<ul class="errorlist"><li>' in str(response.content))
-        response = self.client.get(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id})
-        )
-        self.assertFalse(
-            "Guy Carlier</a></td>\\n                    <td>Responsable info</td>"
-            in str(response.content)
-        )

-    def test_create_add_user_to_club_from_root_fail_already_in_club(self):
+        response = self.client.post(
+            self.members_url,
+            {"users": self.old_subscriber.id, "role": 1},
+        )
+        self.assertIsNone(self.public.memberships.filter(club=self.club).first())
+        self.assertIsNone(self.club.get_membership_for(self.public))
+        self.assertTrue('<ul class="errorlist"><li>' in str(response.content))
+
+    def test_add_members_already_members(self):
+        """
+        Test that users who are already members of a club
+        cannot be added again to this club
+        """
        self.client.login(username="root", password="plop")
+        current_membership = self.skia.memberships.ongoing().get(club=self.club)
+        nb_memberships = self.skia.memberships.count()
        self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users": self.skia.id, "start_date": "12/06/2016", "role": 3},
-        )
-        response = self.client.get(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id})
-        )
-        self.assertTrue(
-            "S&#39; Kia</a></td>\\n                    <td>Responsable info</td>"
-            in str(response.content)
-        )
-        response = self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users": self.skia.id, "start_date": "12/06/2016", "role": 4},
-        )
-        self.assertTrue(response.status_code == 200)
-        self.assertFalse(
-            "S&#39; Kia</a></td>\\n                <td>Secrétaire</td>"
-            in str(response.content)
+            self.members_url,
+            {"users": self.skia.id, "role": current_membership.role + 1},
        )
+        self.skia.refresh_from_db()
+        self.assertEqual(nb_memberships, self.skia.memberships.count())
+        new_membership = self.skia.memberships.ongoing().get(club=self.club)
+        self.assertEqual(current_membership, new_membership)
+        self.assertEqual(self.club.get_membership_for(self.skia), new_membership)

-    def test_create_add_user_non_existent_to_club_from_root_fail(self):
+    def test_add_not_existing_users(self):
+        """
+        Test that not existing users cannot be added in clubs.
+        If one user in the request is invalid, no membership creation at all
+        can take place.
+        """
        self.client.login(username="root", password="plop")
+        nb_memberships = self.club.members.count()
        response = self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users": [9999], "start_date": "12/06/2016", "role": 3},
+            self.members_url,
+            {"users": [9999], "role": 1},
        )
-        self.assertTrue(response.status_code == 200)
-        content = str(response.content)
-        self.assertTrue('<ul class="errorlist"><li>' in content)
-        self.assertFalse("<td>Responsable info</td>" in content)
-        self.client.login(username="root", password="plop")
+        self.assertContains(response, '<ul class="errorlist"><li>')
+        self.club.refresh_from_db()
+        self.assertEqual(self.club.members.count(), nb_memberships)
        response = self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
+            self.members_url,
            {
-                "users": "|%d|%d|" % (self.skia.id, 9999),
+                "users": f"|{self.subscriber.id}|{9999}|",
                "start_date": "12/06/2016",
                "role": 3,
            },
        )
-        self.assertTrue(response.status_code == 200)
-        content = str(response.content)
-        self.assertTrue('<ul class="errorlist"><li>' in content)
-        self.assertFalse("<td>Responsable info</td>" in content)
+        self.assertContains(response, '<ul class="errorlist"><li>')
+        self.club.refresh_from_db()
+        self.assertEqual(self.club.members.count(), nb_memberships)

-    def test_create_add_user_to_club_from_skia_ok(self):
-        self.client.login(username="root", password="plop")
-        self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users": self.skia.id, "start_date": "12/06/2016", "role": 10},
-        )
-        self.client.login(username="skia", password="plop")
-        self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users": self.rbatsbak.id, "start_date": "12/06/2016", "role": 9},
-        )
-        response = self.client.get(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id})
-        )
-        self.assertTrue(response.status_code == 200)
-        self.assertTrue(
-            """Richard Batsbak</a></td>\\n                    <td>Vice-Pr\\xc3\\xa9sident</td>"""
-            in str(response.content)
-        )
-
-    def test_create_add_user_to_club_from_richard_fail(self):
-        self.client.login(username="root", password="plop")
-        self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users": self.rbatsbak.id, "start_date": "12/06/2016", "role": 3},
-        )
-        self.client.login(username="rbatsbak", password="plop")
+    def test_president_add_members(self):
+        """
+        Test that the president of the club can add members
+        """
+        president = self.club.members.get(role=10).user
+        nb_club_membership = self.club.members.count()
+        nb_subscriber_memberships = self.subscriber.memberships.count()
+        self.client.login(username=president.username, password="plop")
        response = self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users": self.skia.id, "start_date": "12/06/2016", "role": 10},
+            self.members_url,
+            {"users": self.subscriber.id, "role": 9},
        )
-        self.assertTrue(response.status_code == 200)
-        self.assertTrue(
-            "<li>Vous n&#39;avez pas la permission de faire cela</li>"
-            in str(response.content)
+        self.assertRedirects(response, self.members_url)
+        self.club.refresh_from_db()
+        self.subscriber.refresh_from_db()
+        self.assertEqual(self.club.members.count(), nb_club_membership + 1)
+        self.assertEqual(
+            self.subscriber.memberships.count(), nb_subscriber_memberships + 1
        )
+        self.assert_membership_just_started(self.subscriber, role=9)

-    def test_role_required_if_users_specified(self):
+    def test_add_member_greater_role(self):
+        """
+        Test that a member of the club member cannot create
+        a membership with a greater role than its own.
+        """
+        self.client.login(username=self.skia.username, password="plop")
+        nb_memberships = self.club.members.count()
+        response = self.client.post(
+            self.members_url,
+            {"users": self.subscriber.id, "role": 10},
+        )
+        self.assertEqual(response.status_code, 200)
+        self.assertInHTML(
+            "<li>Vous n'avez pas la permission de faire cela</li>",
+            response.content.decode(),
+        )
+        self.club.refresh_from_db()
+        self.assertEqual(nb_memberships, self.club.members.count())
+        self.assertIsNone(self.subscriber.memberships.filter(club=self.club).first())
+
+    def test_add_member_without_role(self):
+        """
+        Test that trying to add members without specifying their role fails
+        """
        self.client.login(username="root", password="plop")
        response = self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users": self.rbatsbak.id, "start_date": "12/06/2016"},
+            self.members_url,
+            {"users": self.subscriber.id, "start_date": "12/06/2016"},
        )
        self.assertTrue(
            '<ul class="errorlist"><li>Vous devez choisir un r' in str(response.content)
        )

-    def test_mark_old_user_to_club_from_skia_ok(self):
-        self.client.login(username="root", password="plop")
-        self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {
-                "users": "|%d|%d|" % (self.skia.id, self.rbatsbak.id),
-                "start_date": "12/06/2016",
-                "role": 3,
-            },
-        )
+    def test_end_membership_self(self):
+        """
+        Test that a member can end its own membership
+        """
        self.client.login(username="skia", password="plop")
-        response = self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users_old": self.rbatsbak.id},
-        )
-        self.assertTrue(response.status_code == 302)
-
-        response = self.client.get(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id})
-        )
-        self.assertTrue(response.status_code == 200)
-        content = str(response.content)
-        self.assertFalse(
-            "Richard Batsbak</a></td>\\n                    <td>Responsable info</td>"
-            in content
-        )
-        self.assertTrue(
-            "S&#39; Kia</a></td>\\n                    <td>Responsable info</td>"
-            in content
-        )
-
-        # Skia is board member so he should be able to mark as old even without being in the club
-        response = self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
+        self.client.post(
+            self.members_url,
            {"users_old": self.skia.id},
        )
+        self.skia.refresh_from_db()
+        self.assert_membership_just_ended(self.skia)
+
+    def test_end_membership_lower_role(self):
+        """
+        Test that board members of the club can end memberships
+        of users with lower roles
+        """
+        # remainder : skia has role 3, comptable has role 10, richard has role 1
+        self.client.login(username=self.skia.username, password="plop")
+        response = self.client.post(
+            self.members_url,
+            {"users_old": self.richard.id},
+        )
+        self.assertRedirects(response, self.members_url)
+        self.club.refresh_from_db()
+        self.assert_membership_just_ended(self.richard)
+
+    def test_end_membership_higher_role(self):
+        """
+        Test that board members of the club cannot end memberships
+        of users with higher roles
+        """
+        membership = self.comptable.memberships.filter(club=self.club).first()
+        self.client.login(username=self.skia.username, password="plop")
+        self.client.post(
+            self.members_url,
+            {"users_old": self.comptable.id},
+        )
+        self.club.refresh_from_db()
+        new_membership = self.club.get_membership_for(self.comptable)
+        self.assertIsNotNone(new_membership)
+        self.assertEqual(new_membership, membership)
+
+        membership = self.comptable.memberships.filter(club=self.club).first()
+        self.assertIsNone(membership.end_date)
+
+    def test_end_membership_as_main_club_board(self):
+        """
+        Test that board members of the main club can end the membership
+        of anyone
+        """
+        # make subscriber a board member
+        self.subscriber.memberships.all().delete()
+        Membership.objects.create(club=self.ae, user=self.subscriber, role=3)
+
+        nb_memberships = self.club.members.count()
+        self.client.login(username=self.subscriber.username, password="plop")
+        response = self.client.post(
+            self.members_url,
+            {"users_old": self.comptable.id},
+        )
+        self.assertRedirects(response, self.members_url)
+        self.assert_membership_just_ended(self.comptable)
+        self.assertEqual(self.club.members.ongoing().count(), nb_memberships - 1)
+
+    def test_end_membership_as_root(self):
+        """
+        Test that root users can end the membership of anyone
+        """
+        nb_memberships = self.club.members.count()
        self.client.login(username="root", password="plop")
-        self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users": self.rbatsbak.id, "start_date": "12/06/2016", "role": 3},
-        )
-        self.client.login(username="skia", password="plop")
        response = self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users_old": self.rbatsbak.id},
-        )
-        self.assertFalse(
-            "Richard Batsbak</a></td>\\n                    <td>Responsable info</td>"
-            in str(response.content)
+            self.members_url,
+            {"users_old": [self.comptable.id]},
        )
+        self.assertRedirects(response, self.members_url)
+        self.assert_membership_just_ended(self.comptable)
+        self.assertEqual(self.club.members.ongoing().count(), nb_memberships - 1)
+        self.assertEqual(self.club.members.count(), nb_memberships)

-    def test_mark_old_multiple_users_from_skia_ok(self):
-        self.client.login(username="root", password="plop")
+    def test_end_membership_as_foreigner(self):
+        """
+        Test that users who are not in this club cannot end its memberships
+        """
+        nb_memberships = self.club.members.count()
+        membership = self.richard.memberships.filter(club=self.club).first()
+        self.client.login(username="subscriber", password="root")
        self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {
-                "users": "|%d|%d|" % (self.skia.id, self.rbatsbak.id),
-                "start_date": "12/06/2016",
-                "role": 3,
-            },
+            self.members_url,
+            {"users_old": [self.richard.id]},
        )
-        self.client.login(username="skia", password="plop")
-        response = self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users_old": [self.rbatsbak.id, self.skia.id]},
-        )
-        self.assertTrue(response.status_code == 302)
+        # nothing should have changed
+        new_mem = self.club.get_membership_for(self.richard)
+        self.assertIsNotNone(new_mem)
+        self.assertEqual(self.club.members.count(), nb_memberships)
+        self.assertEqual(membership, new_mem)

-        response = self.client.get(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id})
-        )
-        self.assertTrue(response.status_code == 200)
-        content = str(response.content)
-        self.assertFalse(
-            "Richard Batsbak</a></td>\\n                    <td>Responsable info</td>"
-            in content
-        )
-        self.assertFalse(
-            "S&#39; Kia</a></td>\\n                    <td>Responsable info</td>"
-            in content
-        )
+    def test_delete_remove_from_meta_group(self):
+        """
+        Test that when a club is deleted, all its members are removed from the
+        associated metagroup
+        """
+        memberships = self.club.members.select_related("user")
+        users = [membership.user for membership in memberships]
+        meta_group = self.club.unix_name + settings.SITH_MEMBER_SUFFIX

-    def test_mark_old_user_to_club_from_richard_ok(self):
-        self.client.login(username="root", password="plop")
-        self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {
-                "users": "|%d|%d|" % (self.skia.id, self.rbatsbak.id),
-                "start_date": "12/06/2016",
-                "role": 3,
-            },
-        )
+        self.club.delete()
+        for user in users:
+            self.assertFalse(user.is_in_group(name=meta_group))

-        # Test with equal rights
-        self.client.login(username="rbatsbak", password="plop")
-        response = self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users_old": self.skia.id},
-        )
-        self.assertTrue(response.status_code == 302)
+    def test_add_to_meta_group(self):
+        """
+        Test that when a membership begins, the user is added to the meta group
+        """
+        group_members = self.club.unix_name + settings.SITH_MEMBER_SUFFIX
+        board_members = self.club.unix_name + settings.SITH_BOARD_SUFFIX
+        self.assertFalse(self.subscriber.is_in_group(name=group_members))
+        self.assertFalse(self.subscriber.is_in_group(name=board_members))
+        Membership.objects.create(club=self.club, user=self.subscriber, role=3)
+        self.assertTrue(self.subscriber.is_in_group(name=group_members))
+        self.assertTrue(self.subscriber.is_in_group(name=board_members))

-        response = self.client.get(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id})
-        )
-        self.assertTrue(response.status_code == 200)
-        content = str(response.content)
-        self.assertTrue(
-            "Richard Batsbak</a></td>\\n                    <td>Responsable info</td>"
-            in content
-        )
-        self.assertFalse(
-            "S&#39; Kia</a></td>\\n                    <td>Responsable info</td>"
-            in content
-        )
+    def test_remove_from_meta_group(self):
+        """
+        Test that when a membership ends, the user is removed from meta group
+        """
+        group_members = self.club.unix_name + settings.SITH_MEMBER_SUFFIX
+        board_members = self.club.unix_name + settings.SITH_BOARD_SUFFIX
+        self.assertTrue(self.comptable.is_in_group(name=group_members))
+        self.assertTrue(self.comptable.is_in_group(name=board_members))
+        self.comptable.memberships.update(end_date=localtime(now()))
+        self.assertFalse(self.comptable.is_in_group(name=group_members))
+        self.assertFalse(self.comptable.is_in_group(name=board_members))

-        # Test with lower rights
-        self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users": self.skia.id, "start_date": "12/06/2016", "role": 0},
-        )
+    def test_club_owner(self):
+        """
+        Test that a club is owned only by board members of the main club
+        """
+        anonymous = AnonymousUser()
+        self.assertFalse(self.club.is_owned_by(anonymous))
+        self.assertFalse(self.club.is_owned_by(self.subscriber))

-        self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users_old": self.skia.id},
-        )
-        response = self.client.get(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id})
-        )
-        self.assertTrue(response.status_code == 200)
-        content = str(response.content)
-        self.assertTrue(
-            "Richard Batsbak</a></td>\\n                    <td>Responsable info</td>"
-            in content
-        )
-        self.assertFalse(
-            "S&#39; Kia</a></td>\\n                    <td>Curieux</td>" in content
-        )
-
-    def test_mark_old_user_to_club_from_richard_fail(self):
-        self.client.login(username="root", password="plop")
-        self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users": self.skia.id, "start_date": "12/06/2016", "role": 3},
-        )
-
-        # Test with richard outside of the club
-        self.client.login(username="rbatsbak", password="plop")
-        response = self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users_old": self.skia.id},
-        )
-        self.assertTrue(response.status_code == 200)
-
-        response = self.client.get(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id})
-        )
-        self.assertTrue(response.status_code == 200)
-        self.assertTrue(
-            "S&#39; Kia</a></td>\\n                    <td>Responsable info</td>"
-            in str(response.content)
-        )
-
-        # Test with lower rights
-        self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users": self.rbatsbak.id, "start_date": "12/06/2016", "role": 0},
-        )
-
-        self.client.post(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id}),
-            {"users_old": self.skia.id},
-        )
-        response = self.client.get(
-            reverse("club:club_members", kwargs={"club_id": self.bdf.id})
-        )
-        self.assertTrue(response.status_code == 200)
-        content = str(response.content)
-        self.assertTrue(
-            "Richard Batsbak</a></td>\\n                    <td>Curieux</td>" in content
-        )
-        self.assertTrue(
-            "S&#39; Kia</a></td>\\n                    <td>Responsable info</td>"
-            in content
-        )
+        # make sli a board member
+        self.sli.memberships.all().delete()
+        Membership(club=self.ae, user=self.sli, role=3).save()
+        self.assertTrue(self.club.is_owned_by(self.sli))


 class MailingFormTest(TestCase):
    """Perform validation tests for MailingForm"""

+    @classmethod
+    def setUpTestData(cls):
+        cls.skia = User.objects.filter(username="skia").first()
+        cls.rbatsbak = User.objects.filter(username="rbatsbak").first()
+        cls.krophil = User.objects.filter(username="krophil").first()
+        cls.comunity = User.objects.filter(username="comunity").first()
+        cls.bdf = Club.objects.filter(unix_name=SITH_BAR_MANAGER["unix_name"]).first()
+
    def setUp(self):
-        call_command("populate")
-        self.skia = User.objects.filter(username="skia").first()
-        self.rbatsbak = User.objects.filter(username="rbatsbak").first()
-        self.krophil = User.objects.filter(username="krophil").first()
-        self.comunity = User.objects.filter(username="comunity").first()
-        self.bdf = Club.objects.filter(unix_name="bdf").first()
        Membership(
            user=self.rbatsbak,
            club=self.bdf,
@ -641,7 +822,7 @@ class MailingFormTest(TestCase):
            {"action": MailingForm.ACTION_NEW_MAILING, "mailing_email": "mde"},
        )
        mde = Mailing.objects.get(email="mde")
-        response = self.client.post(
+        self.client.post(
            reverse("club:mailing", kwargs={"club_id": self.bdf.id}),
            {
                "action": MailingForm.ACTION_NEW_SUBSCRIPTION,
@ -650,6 +831,11 @@ class MailingFormTest(TestCase):
                "subscription_mailing": mde.id,
            },
        )
+
+        response = self.client.get(
+            reverse("club:mailing", kwargs={"club_id": self.bdf.id})
+        )
+
        self.assertContains(response, "comunity@git.an")
        self.assertContains(response, "richard@git.an")
        self.assertContains(response, "krophil@git.an")
@ -699,7 +885,6 @@ class ClubSellingViewTest(TestCase):
    """

    def setUp(self):
-        call_command("populate")
        self.ae = Club.objects.filter(unix_name="ae").first()

    def test_page_not_internal_error(self):
--- a/club/urls.py
+++ b/club/urls.py
@ -23,81 +23,84 @@
 #
 #

-from django.conf.urls import url
+from django.urls import path

 from club.views import *

 urlpatterns = [
-    url(r"^$", ClubListView.as_view(), name="club_list"),
-    url(r"^new$", ClubCreateView.as_view(), name="club_new"),
-    url(r"^stats$", ClubStatView.as_view(), name="club_stats"),
-    url(r"^(?P<club_id>[0-9]+)/$", ClubView.as_view(), name="club_view"),
-    url(
-        r"^(?P<club_id>[0-9]+)/rev/(?P<rev_id>[0-9]+)/$",
+    path("", ClubListView.as_view(), name="club_list"),
+    path("new/", ClubCreateView.as_view(), name="club_new"),
+    path("stats/", ClubStatView.as_view(), name="club_stats"),
+    path("<int:club_id>/", ClubView.as_view(), name="club_view"),
+    path(
+        "<int:club_id>/rev/<int:rev_id>/",
        ClubRevView.as_view(),
        name="club_view_rev",
    ),
-    url(r"^(?P<club_id>[0-9]+)/hist$", ClubPageHistView.as_view(), name="club_hist"),
-    url(r"^(?P<club_id>[0-9]+)/edit$", ClubEditView.as_view(), name="club_edit"),
-    url(
-        r"^(?P<club_id>[0-9]+)/edit/page$",
+    path("<int:club_id>/hist/", ClubPageHistView.as_view(), name="club_hist"),
+    path("<int:club_id>/edit/", ClubEditView.as_view(), name="club_edit"),
+    path(
+        "<int:club_id>/edit/page/",
        ClubPageEditView.as_view(),
        name="club_edit_page",
    ),
-    url(
-        r"^(?P<club_id>[0-9]+)/members$", ClubMembersView.as_view(), name="club_members"
-    ),
-    url(
-        r"^(?P<club_id>[0-9]+)/elderlies$",
+    path("<int:club_id>/members/", ClubMembersView.as_view(), name="club_members"),
+    path(
+        "<int:club_id>/elderlies/",
        ClubOldMembersView.as_view(),
        name="club_old_members",
    ),
-    url(
-        r"^(?P<club_id>[0-9]+)/sellings$",
+    path(
+        "<int:club_id>/sellings/",
        ClubSellingView.as_view(),
        name="club_sellings",
    ),
-    url(
-        r"^(?P<club_id>[0-9]+)/sellings/csv$",
+    path(
+        "<int:club_id>/sellings/csv/",
        ClubSellingCSVView.as_view(),
        name="sellings_csv",
    ),
-    url(r"^(?P<club_id>[0-9]+)/prop$", ClubEditPropView.as_view(), name="club_prop"),
-    url(r"^(?P<club_id>[0-9]+)/tools$", ClubToolsView.as_view(), name="tools"),
-    url(r"^(?P<club_id>[0-9]+)/mailing$", ClubMailingView.as_view(), name="mailing"),
-    url(
-        r"^(?P<mailing_id>[0-9]+)/mailing/generate$",
+    path("<int:club_id>/prop/", ClubEditPropView.as_view(), name="club_prop"),
+    path("<int:club_id>/tools/", ClubToolsView.as_view(), name="tools"),
+    path("<int:club_id>/mailing/", ClubMailingView.as_view(), name="mailing"),
+    path(
+        "<int:mailing_id>/mailing/generate/",
        MailingAutoGenerationView.as_view(),
        name="mailing_generate",
    ),
-    url(
-        r"^(?P<mailing_id>[0-9]+)/mailing/delete$",
+    path(
+        "<int:mailing_id>/mailing/delete/",
        MailingDeleteView.as_view(),
        name="mailing_delete",
    ),
-    url(
-        r"^(?P<mailing_subscription_id>[0-9]+)/mailing/delete/subscription$",
+    path(
+        "<int:mailing_subscription_id>/mailing/delete/subscription/",
        MailingSubscriptionDeleteView.as_view(),
        name="mailing_subscription_delete",
    ),
-    url(
-        r"^membership/(?P<membership_id>[0-9]+)/set_old$",
+    path(
+        "membership/<int:membership_id>/set_old/",
        MembershipSetOldView.as_view(),
        name="membership_set_old",
    ),
-    url(r"^(?P<club_id>[0-9]+)/poster$", PosterListView.as_view(), name="poster_list"),
-    url(
-        r"^(?P<club_id>[0-9]+)/poster/create$",
+    path(
+        "membership/<int:membership_id>/delete/",
+        MembershipDeleteView.as_view(),
+        name="membership_delete",
+    ),
+    path("<int:club_id>/poster/", PosterListView.as_view(), name="poster_list"),
+    path(
+        "<int:club_id>/poster/create/",
        PosterCreateView.as_view(),
        name="poster_create",
    ),
-    url(
-        r"^(?P<club_id>[0-9]+)/poster/(?P<poster_id>[0-9]+)/edit$",
+    path(
+        "<int:club_id>/poster/<int:poster_id>/edit/",
        PosterEditView.as_view(),
        name="poster_edit",
    ),
-    url(
-        r"^(?P<club_id>[0-9]+)/poster/(?P<poster_id>[0-9]+)/delete$",
+    path(
+        "<int:club_id>/poster/<int:poster_id>/delete/",
        PosterDeleteView.as_view(),
        name="poster_delete",
    ),
--- a/club/views.py
+++ b/club/views.py
@ -23,6 +23,7 @@
 #
 #

+import csv

 from django.conf import settings
 from django import forms
@ -30,19 +31,28 @@ from django.views.generic import ListView, DetailView, TemplateView, View
 from django.views.generic.edit import DeleteView
 from django.views.generic.detail import SingleObjectMixin
 from django.views.generic.edit import UpdateView, CreateView
-from django.http import HttpResponseRedirect, HttpResponse, Http404
-from django.core.urlresolvers import reverse, reverse_lazy
+from django.http import (
+    HttpResponseRedirect,
+    HttpResponse,
+    Http404,
+    StreamingHttpResponse,
+)
+from django.urls import reverse, reverse_lazy
 from django.utils import timezone
-from django.utils.translation import ugettext_lazy as _
-from django.utils.translation import ugettext as _t
+from django.utils.translation import gettext_lazy as _
+from django.utils.translation import gettext as _t
 from django.core.exceptions import PermissionDenied, ValidationError, NON_FIELD_ERRORS
+from django.core.paginator import Paginator, InvalidPage
 from django.shortcuts import get_object_or_404, redirect
+from django.db.models import Sum
+

 from core.views import (
    CanCreateMixin,
    CanViewMixin,
    CanEditMixin,
    CanEditPropMixin,
+    UserIsRootMixin,
    TabedViewMixin,
    PageEditViewBase,
    DetailFormView,
@ -59,7 +69,7 @@ from com.views import (
 )

 from club.models import Club, Membership, Mailing, MailingSubscription
-from club.forms import MailingForm, ClubEditForm, ClubMemberForm, SellingsFormBase
+from club.forms import MailingForm, ClubEditForm, ClubMemberForm, SellingsForm


 class ClubTabsMixin(TabedViewMixin):
@ -280,7 +290,7 @@ class ClubMembersView(ClubTabsMixin, CanViewMixin, DetailFormView):

    def form_valid(self, form):
        """
-            Check user rights
+        Check user rights
        """
        resp = super(ClubMembersView, self).form_valid(form)

@ -296,9 +306,7 @@ class ClubMembersView(ClubTabsMixin, CanViewMixin, DetailFormView):
        return resp

    def dispatch(self, request, *args, **kwargs):
-        self.members = (
-            self.get_object().members.filter(end_date=None).order_by("-role").all()
-        )
+        self.members = self.get_object().members.ongoing().order_by("-role")
        return super(ClubMembersView, self).dispatch(request, *args, **kwargs)

    def get_success_url(self, **kwargs):
@ -318,7 +326,7 @@ class ClubOldMembersView(ClubTabsMixin, CanViewMixin, DetailView):
    current_tab = "elderlies"


-class ClubSellingView(ClubTabsMixin, CanEditMixin, DetailView):
+class ClubSellingView(ClubTabsMixin, CanEditMixin, DetailFormView):
    """
    Sellings of a club
    """
@ -327,21 +335,35 @@ class ClubSellingView(ClubTabsMixin, CanEditMixin, DetailView):
    pk_url_kwarg = "club_id"
    template_name = "club/club_sellings.jinja"
    current_tab = "sellings"
+    form_class = SellingsForm
+    paginate_by = 70

-    def get_form_class(self):
-        kwargs = {
-            "product": forms.ModelChoiceField(
-                self.object.products.order_by("name").all(),
-                label=_("Product"),
-                required=False,
-            )
-        }
-        return type("SellingsForm", (SellingsFormBase,), kwargs)
+    def dispatch(self, request, *args, **kwargs):
+        try:
+            self.asked_page = int(request.GET.get("page", 1))
+        except ValueError:
+            raise Http404
+        return super(ClubSellingView, self).dispatch(request, *args, **kwargs)
+
+    def get_form_kwargs(self):
+        kwargs = super(ClubSellingView, self).get_form_kwargs()
+        kwargs["club"] = self.object
+        return kwargs
+
+    def post(self, request, *args, **kwargs):
+        return self.get(request, *args, **kwargs)

    def get_context_data(self, **kwargs):
        kwargs = super(ClubSellingView, self).get_context_data(**kwargs)
-        form = self.get_form_class()(self.request.GET)
        qs = Selling.objects.filter(club=self.object)
+
+        kwargs["result"] = qs[:0]
+        kwargs["paginated_result"] = kwargs["result"]
+        kwargs["total"] = 0
+        kwargs["total_quantity"] = 0
+        kwargs["benefit"] = 0
+
+        form = self.get_form()
        if form.is_valid():
            if not len([v for v in form.cleaned_data.values() if v is not None]):
                qs = Selling.objects.filter(id=-1)
@ -349,19 +371,36 @@ class ClubSellingView(ClubTabsMixin, CanEditMixin, DetailView):
                qs = qs.filter(date__gte=form.cleaned_data["begin_date"])
            if form.cleaned_data["end_date"]:
                qs = qs.filter(date__lte=form.cleaned_data["end_date"])
-            if form.cleaned_data["counter"]:
-                qs = qs.filter(counter=form.cleaned_data["counter"])
-            if form.cleaned_data["product"]:
-                qs = qs.filter(product__id=form.cleaned_data["product"].id)
+
+            if form.cleaned_data["counters"]:
+                qs = qs.filter(counter__in=form.cleaned_data["counters"])
+
+            selected_products = []
+            if form.cleaned_data["products"]:
+                selected_products.extend(form.cleaned_data["products"])
+            if form.cleaned_data["archived_products"]:
+                selected_products.extend(form.cleaned_data["archived_products"])
+
+            if len(selected_products) > 0:
+                qs = qs.filter(product__in=selected_products)
+
            kwargs["result"] = qs.all().order_by("-id")
-            kwargs["total"] = sum([s.quantity * s.unit_price for s in qs.all()])
-            kwargs["total_quantity"] = sum([s.quantity for s in qs.all()])
-            kwargs["benefit"] = kwargs["total"] - sum(
-                [s.product.purchase_price for s in qs.exclude(product=None)]
+            kwargs["total"] = sum([s.quantity * s.unit_price for s in kwargs["result"]])
+            total_quantity = qs.all().aggregate(Sum("quantity"))
+            if total_quantity["quantity__sum"]:
+                kwargs["total_quantity"] = total_quantity["quantity__sum"]
+            benefit = (
+                qs.exclude(product=None).all().aggregate(Sum("product__purchase_price"))
            )
-        else:
-            kwargs["result"] = qs[:0]
-        kwargs["form"] = form
+            if benefit["product__purchase_price__sum"]:
+                kwargs["benefit"] = benefit["product__purchase_price__sum"]
+
+        kwargs["paginator"] = Paginator(kwargs["result"], self.paginate_by)
+        try:
+            kwargs["paginated_result"] = kwargs["paginator"].page(self.asked_page)
+        except InvalidPage:
+            raise Http404
+
        return kwargs


@ -370,16 +409,45 @@ class ClubSellingCSVView(ClubSellingView):
    Generate sellings in csv for a given period
    """

-    def get(self, request, *args, **kwargs):
-        import csv
+    class StreamWriter:
+        """Implements a file-like interface for streaming the CSV"""

-        response = HttpResponse(content_type="text/csv")
+        def write(self, value):
+            """Write the value by returning it, instead of storing in a buffer."""
+            return value
+
+    def write_selling(self, selling):
+        row = [selling.date, selling.counter]
+        if selling.seller:
+            row.append(selling.seller.get_display_name())
+        else:
+            row.append("")
+        if selling.customer:
+            row.append(selling.customer.user.get_display_name())
+        else:
+            row.append("")
+        row = row + [
+            selling.label,
+            selling.quantity,
+            selling.quantity * selling.unit_price,
+            selling.get_payment_method_display(),
+        ]
+        if selling.product:
+            row.append(selling.product.selling_price)
+            row.append(selling.product.purchase_price)
+            row.append(selling.product.selling_price - selling.product.purchase_price)
+        else:
+            row = row + ["", "", ""]
+        return row
+
+    def get(self, request, *args, **kwargs):
        self.object = self.get_object()
-        name = _("Sellings") + "_" + self.object.name + ".csv"
-        response["Content-Disposition"] = "filename=" + name
        kwargs = self.get_context_data(**kwargs)
+
+        # Use the StreamWriter class instead of request for streaming
+        pseudo_buffer = self.StreamWriter()
        writer = csv.writer(
-            response, delimiter=";", lineterminator="\n", quoting=csv.QUOTE_ALL
+            pseudo_buffer, delimiter=";", lineterminator="\n", quoting=csv.QUOTE_ALL
        )

        writer.writerow([_t("Quantity"), kwargs["total_quantity"]])
@ -400,29 +468,17 @@ class ClubSellingCSVView(ClubSellingView):
                _t("Benefit"),
            ]
        )
-        for o in kwargs["result"]:
-            row = [o.date, o.counter]
-            if o.seller:
-                row.append(o.seller.get_display_name())
-            else:
-                row.append("")
-            if o.customer:
-                row.append(o.customer.user.get_display_name())
-            else:
-                row.append("")
-            row = row + [
-                o.label,
-                o.quantity,
-                o.quantity * o.unit_price,
-                o.get_payment_method_display(),
-            ]
-            if o.product:
-                row.append(o.product.selling_price)
-                row.append(o.product.purchase_price)
-                row.append(o.product.selling_price - o.product.purchase_price)
-            else:
-                row = row + ["", "", ""]
-            writer.writerow(row)
+
+        # Stream response
+        response = StreamingHttpResponse(
+            (
+                writer.writerow(self.write_selling(selling))
+                for selling in kwargs["result"]
+            ),
+            content_type="text/csv",
+        )
+        name = _("Sellings") + "_" + self.object.name + ".csv"
+        response["Content-Disposition"] = "filename=" + name

        return response

@ -451,7 +507,7 @@ class ClubEditPropView(ClubTabsMixin, CanEditPropMixin, UpdateView):
    current_tab = "props"


-class ClubCreateView(CanEditPropMixin, CreateView):
+class ClubCreateView(CanCreateMixin, CreateView):
    """
    Create a club (for the Sith admin)
    """
@ -493,6 +549,19 @@ class MembershipSetOldView(CanEditMixin, DetailView):
        )


+class MembershipDeleteView(UserIsRootMixin, DeleteView):
+    """
+    Delete a membership (for admins only)
+    """
+
+    model = Membership
+    pk_url_kwarg = "membership_id"
+    template_name = "core/delete_confirm.jinja"
+
+    def get_success_url(self):
+        return reverse_lazy("core:user_clubs", kwargs={"user_id": self.object.user.id})
+
+
 class ClubStatView(TemplateView):
    template_name = "club/stats.jinja"

@ -574,7 +643,8 @@ class ClubMailingView(ClubTabsMixin, CanEditMixin, DetailFormView):
            except ValidationError as validation_error:
                return validation_error

-            users_to_save.append(sub.save())
+            sub.save()
+            users_to_save.append(sub)

        if cleaned_data["subscription_email"]:
            sub = MailingSubscription(
@ -633,7 +703,6 @@ class ClubMailingView(ClubTabsMixin, CanEditMixin, DetailFormView):


 class MailingDeleteView(CanEditMixin, DeleteView):
-
    model = Mailing
    template_name = "core/delete_confirm.jinja"
    pk_url_kwarg = "mailing_id"
@ -651,7 +720,6 @@ class MailingDeleteView(CanEditMixin, DeleteView):


 class MailingSubscriptionDeleteView(CanEditMixin, DeleteView):
-
    model = MailingSubscription
    template_name = "core/delete_confirm.jinja"
    pk_url_kwarg = "mailing_subscription_id"
--- a/com/init.py
+++ b/com/init.py
@ -1,23 +1,15 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #
--- a/com/admin.py
+++ b/com/admin.py
@ -1,43 +1,49 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #
-
+from ajax_select import make_ajax_form
 from django.contrib import admin
 from haystack.admin import SearchModelAdmin

 from com.models import *


+@admin.register(News)
 class NewsAdmin(SearchModelAdmin):
-    search_fields = ["title", "summary", "content"]
+    list_display = ("title", "type", "club", "author")
+    search_fields = ("title", "summary", "content")
+    form = make_ajax_form(
+        News,
+        {
+            "author": "users",
+            "moderator": "users",
+        },
+    )


+@admin.register(Poster)
+class PosterAdmin(SearchModelAdmin):
+    list_display = ("name", "club", "date_begin", "date_end", "moderator")
+    form = make_ajax_form(Poster, {"moderator": "users"})
+
+
+@admin.register(Weekmail)
 class WeekmailAdmin(SearchModelAdmin):
-    search_fields = ["title"]
+    list_display = ("title", "sent")
+    search_fields = ("title",)


 admin.site.register(Sith)
-admin.site.register(News, NewsAdmin)
-admin.site.register(Weekmail, WeekmailAdmin)
 admin.site.register(Screen)
-admin.site.register(Poster)
--- a/com/migrations/0001_initial.py
+++ b/com/migrations/0001_initial.py
@ -5,7 +5,6 @@ from django.db import migrations, models


 class Migration(migrations.Migration):
-
    dependencies = []

    operations = [
--- a/com/migrations/0002_news_newsdate.py
+++ b/com/migrations/0002_news_newsdate.py
@ -3,10 +3,10 @@ from __future__ import unicode_literals

 from django.db import migrations, models
 from django.conf import settings
+import django.db.models.deletion


 class Migration(migrations.Migration):
-
    dependencies = [
        ("club", "0005_auto_20161120_1149"),
        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
@ -50,6 +50,7 @@ class Migration(migrations.Migration):
                (
                    "author",
                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
                        related_name="owned_news",
                        to=settings.AUTH_USER_MODEL,
                        verbose_name="author",
@ -58,12 +59,16 @@ class Migration(migrations.Migration):
                (
                    "club",
                    models.ForeignKey(
-                        related_name="news", to="club.Club", verbose_name="club"
+                        on_delete=django.db.models.deletion.CASCADE,
+                        related_name="news",
+                        to="club.Club",
+                        verbose_name="club",
                    ),
                ),
                (
                    "moderator",
                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
                        related_name="moderated_news",
                        null=True,
                        to=settings.AUTH_USER_MODEL,
@ -99,7 +104,10 @@ class Migration(migrations.Migration):
                (
                    "news",
                    models.ForeignKey(
-                        related_name="dates", to="com.News", verbose_name="news_date"
+                        on_delete=django.db.models.deletion.CASCADE,
+                        related_name="dates",
+                        to="com.News",
+                        verbose_name="news_date",
                    ),
                ),
            ],
--- a/com/migrations/0003_auto_20170115_2300.py
+++ b/com/migrations/0003_auto_20170115_2300.py
@ -3,10 +3,10 @@ from __future__ import unicode_literals

 from django.db import migrations, models
 from django.conf import settings
+import django.db.models.deletion


 class Migration(migrations.Migration):
-
    dependencies = [
        ("club", "0006_auto_20161229_0040"),
        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
@ -56,6 +56,7 @@ class Migration(migrations.Migration):
                (
                    "author",
                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
                        to=settings.AUTH_USER_MODEL,
                        verbose_name="author",
                        related_name="owned_weekmail_articles",
@ -64,6 +65,7 @@ class Migration(migrations.Migration):
                (
                    "club",
                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
                        to="club.Club",
                        verbose_name="club",
                        related_name="weekmail_articles",
@ -72,6 +74,7 @@ class Migration(migrations.Migration):
                (
                    "weekmail",
                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
                        to="com.Weekmail",
                        verbose_name="weekmail",
                        related_name="articles",
--- a/com/migrations/0004_auto_20171221_1614.py
+++ b/com/migrations/0004_auto_20171221_1614.py
@ -4,10 +4,10 @@ from __future__ import unicode_literals
 from django.db import migrations, models
 import django.utils.timezone
 from django.conf import settings
+import django.db.models.deletion


 class Migration(migrations.Migration):
-
    dependencies = [
        ("club", "0010_auto_20170912_2028"),
        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
@ -48,12 +48,16 @@ class Migration(migrations.Migration):
                (
                    "club",
                    models.ForeignKey(
-                        verbose_name="club", related_name="posters", to="club.Club"
+                        on_delete=django.db.models.deletion.CASCADE,
+                        verbose_name="club",
+                        related_name="posters",
+                        to="club.Club",
                    ),
                ),
                (
                    "moderator",
                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
                        verbose_name="moderator",
                        blank=True,
                        null=True,
--- a/com/migrations/0005_auto_20180318_2227.py
+++ b/com/migrations/0005_auto_20180318_2227.py
@ -5,7 +5,6 @@ from django.db import migrations, models


 class Migration(migrations.Migration):
-
    dependencies = [("com", "0004_auto_20171221_1614")]

    operations = [
--- a/com/migrations/0006_remove_sith_index_page.py
+++ b/com/migrations/0006_remove_sith_index_page.py
@ -0,0 +1,11 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.11.23 on 2019-08-18 17:00
+from __future__ import unicode_literals
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+    dependencies = [("com", "0005_auto_20180318_2227")]
+
+    operations = [migrations.RemoveField(model_name="sith", name="index_page")]
--- a/com/models.py
+++ b/com/models.py
@ -26,16 +26,17 @@
 from django.shortcuts import render
 from django.db import models, transaction
 from django.db.models import Q
-from django.utils.translation import ugettext_lazy as _
+from django.utils.translation import gettext_lazy as _
 from django.utils import timezone
-from django.core.urlresolvers import reverse
+from django.urls import reverse
 from django.conf import settings
-from django.contrib.staticfiles.templatetags.staticfiles import static
+from django.templatetags.static import static
 from django.core.mail import EmailMultiAlternatives
 from django.core.exceptions import ValidationError

 from django.utils import timezone

+from core import utils
 from core.models import User, Preferences, RealGroup, Notification, SithFile
 from club.models import Club

@ -45,11 +46,13 @@ class Sith(models.Model):

    alert_msg = models.TextField(_("alert message"), default="", blank=True)
    info_msg = models.TextField(_("info message"), default="", blank=True)
-    index_page = models.TextField(_("index page"), default="", blank=True)
    weekmail_destinations = models.TextField(_("weekmail destinations"), default="")
+    version = utils.get_git_revision_short_hash()

    def is_owned_by(self, user):
-        return user.is_in_group(settings.SITH_GROUP_COM_ADMIN_ID)
+        if user.is_anonymous:
+            return False
+        return user.is_com_admin

    def __str__(self):
        return "⛩ Sith ⛩"
@ -72,23 +75,34 @@ class News(models.Model):
    type = models.CharField(
        _("type"), max_length=16, choices=NEWS_TYPES, default="EVENT"
    )
-    club = models.ForeignKey(Club, related_name="news", verbose_name=_("club"))
+    club = models.ForeignKey(
+        Club, related_name="news", verbose_name=_("club"), on_delete=models.CASCADE
+    )
    author = models.ForeignKey(
-        User, related_name="owned_news", verbose_name=_("author")
+        User,
+        related_name="owned_news",
+        verbose_name=_("author"),
+        on_delete=models.CASCADE,
    )
    is_moderated = models.BooleanField(_("is moderated"), default=False)
    moderator = models.ForeignKey(
-        User, related_name="moderated_news", verbose_name=_("moderator"), null=True
+        User,
+        related_name="moderated_news",
+        verbose_name=_("moderator"),
+        null=True,
+        on_delete=models.CASCADE,
    )

    def is_owned_by(self, user):
-        return user.is_in_group(settings.SITH_GROUP_COM_ADMIN_ID) or user == self.author
+        if user.is_anonymous:
+            return False
+        return user.is_com_admin or user == self.author

    def can_be_edited_by(self, user):
-        return user.is_in_group(settings.SITH_GROUP_COM_ADMIN_ID)
+        return user.is_com_admin

    def can_be_viewed_by(self, user):
-        return self.is_moderated or user.is_in_group(settings.SITH_GROUP_COM_ADMIN_ID)
+        return self.is_moderated or user.is_com_admin

    def get_absolute_url(self):
        return reverse("com:news_detail", kwargs={"news_id": self.id})
@ -139,7 +153,12 @@ class NewsDate(models.Model):
    we don't have to make copies
    """

-    news = models.ForeignKey(News, related_name="dates", verbose_name=_("news_date"))
+    news = models.ForeignKey(
+        News,
+        related_name="dates",
+        verbose_name=_("news_date"),
+        on_delete=models.CASCADE,
+    )
    start_date = models.DateTimeField(_("start_date"), null=True, blank=True)
    end_date = models.DateTimeField(_("end_date"), null=True, blank=True)

@ -150,6 +169,13 @@ class NewsDate(models.Model):
 class Weekmail(models.Model):
    """
    The weekmail class
+
+    :ivar title: Title of the weekmail
+    :ivar intro: Introduction of the weekmail
+    :ivar joke: Joke of the week
+    :ivar protip: Tip of the week
+    :ivar conclusion: Conclusion of the weekmail
+    :ivar sent: Track if the weekmail has been sent
    """

    title = models.CharField(_("title"), max_length=64, blank=True)
@ -163,6 +189,10 @@ class Weekmail(models.Model):
        ordering = ["-id"]

    def send(self):
+        """
+        Send the weekmail to all users with the receive weekmail option opt-in.
+        Also send the weekmail to the mailing list in settings.SITH_COM_EMAIL.
+        """
        dest = [
            i[0]
            for i in Preferences.objects.filter(receive_weekmail=True).values_list(
@ -184,44 +214,72 @@ class Weekmail(models.Model):
            Weekmail().save()

    def render_text(self):
+        """
+        Renders a pure text version of the mail for readers without HTML support.
+        """
        return render(
            None, "com/weekmail_renderer_text.jinja", context={"weekmail": self}
        ).content.decode("utf-8")

    def render_html(self):
+        """
+        Renders an HTML version of the mail with images and fancy CSS.
+        """
        return render(
            None, "com/weekmail_renderer_html.jinja", context={"weekmail": self}
        ).content.decode("utf-8")

    def get_banner(self):
-        return "http://" + settings.SITH_URL + static("com/img/weekmail_bannerA18.jpg")
+        """
+        Return an absolute link to the banner.
+        """
+        return (
+            "http://" + settings.SITH_URL + static("com/img/weekmail_bannerV2P22.png")
+        )

    def get_footer(self):
-        return "http://" + settings.SITH_URL + static("com/img/weekmail_footerA18.jpg")
+        """
+        Return an absolute link to the footer.
+        """
+        return "http://" + settings.SITH_URL + static("com/img/weekmail_footerP22.png")

    def __str__(self):
        return "Weekmail %s (sent: %s) - %s" % (self.id, self.sent, self.title)

    def is_owned_by(self, user):
-        return user.is_in_group(settings.SITH_GROUP_COM_ADMIN_ID)
+        if user.is_anonymous:
+            return False
+        return user.is_com_admin


 class WeekmailArticle(models.Model):
    weekmail = models.ForeignKey(
-        Weekmail, related_name="articles", verbose_name=_("weekmail"), null=True
+        Weekmail,
+        related_name="articles",
+        verbose_name=_("weekmail"),
+        null=True,
+        on_delete=models.CASCADE,
    )
    title = models.CharField(_("title"), max_length=64)
    content = models.TextField(_("content"))
    author = models.ForeignKey(
-        User, related_name="owned_weekmail_articles", verbose_name=_("author")
+        User,
+        related_name="owned_weekmail_articles",
+        verbose_name=_("author"),
+        on_delete=models.CASCADE,
    )
    club = models.ForeignKey(
-        Club, related_name="weekmail_articles", verbose_name=_("club")
+        Club,
+        related_name="weekmail_articles",
+        verbose_name=_("club"),
+        on_delete=models.CASCADE,
    )
    rank = models.IntegerField(_("rank"), default=-1)

    def is_owned_by(self, user):
-        return user.is_in_group(settings.SITH_GROUP_COM_ADMIN_ID)
+        if user.is_anonymous:
+            return False
+        return user.is_com_admin

    def __str__(self):
        return "%s - %s (%s)" % (self.title, self.author, self.club)
@ -237,7 +295,9 @@ class Screen(models.Model):
        )

    def is_owned_by(self, user):
-        return user.is_in_group(settings.SITH_GROUP_COM_ADMIN_ID)
+        if user.is_anonymous:
+            return False
+        return user.is_com_admin

    def __str__(self):
        return "%s" % (self.name)
@ -249,7 +309,11 @@ class Poster(models.Model):
    )
    file = models.ImageField(_("file"), null=False, upload_to="com/posters")
    club = models.ForeignKey(
-        Club, related_name="posters", verbose_name=_("club"), null=False
+        Club,
+        related_name="posters",
+        verbose_name=_("club"),
+        null=False,
+        on_delete=models.CASCADE,
    )
    screens = models.ManyToManyField(Screen, related_name="posters")
    date_begin = models.DateTimeField(blank=False, null=False, default=timezone.now)
@ -264,6 +328,7 @@ class Poster(models.Model):
        verbose_name=_("moderator"),
        null=True,
        blank=True,
+        on_delete=models.CASCADE,
    )

    def save(self, *args, **kwargs):
@ -285,12 +350,12 @@ class Poster(models.Model):
            raise ValidationError(_("Begin date should be before end date"))

    def is_owned_by(self, user):
-        return user.is_in_group(
-            settings.SITH_GROUP_COM_ADMIN_ID
-        ) or Club.objects.filter(id__in=user.clubs_with_rights)
+        if user.is_anonymous:
+            return False
+        return user.is_com_admin or len(user.clubs_with_rights) > 0

    def can_be_moderated_by(self, user):
-        return user.is_in_group(settings.SITH_GROUP_COM_ADMIN_ID)
+        return user.is_com_admin

    def get_display_name(self):
        return self.club.get_display_name()
--- a/com/templates/com/news_detail.jinja
+++ b/com/templates/com/news_detail.jinja
@ -35,7 +35,7 @@
        <p>{% trans %}Author: {% endtrans %}{{ user_profile_link(news.author) }}</p>
        {% if news.moderator %}
        <p>{% trans %}Moderator: {% endtrans %}{{ user_profile_link(news.moderator) }}</p>
-        {% elif user.is_in_group(settings.SITH_GROUP_COM_ADMIN_ID) %}
+        {% elif user.is_com_admin %}
        <p> <a href="{{ url('com:news_moderate', news_id=news.id) }}">{% trans %}Moderate{% endtrans %}</a></p>
        {% endif %}
        {% if user.can_edit(news) %}
--- a/com/templates/com/news_edit.jinja
+++ b/com/templates/com/news_edit.jinja
@ -49,7 +49,7 @@
    <p>{{ form.club.errors }}<label for="{{ form.club.name }}">{{ form.club.label }}</label> {{ form.club }}</p>
    <p>{{ form.summary.errors }}<label for="{{ form.summary.name }}">{{ form.summary.label }}</label> {{ form.summary }}</p>
    <p>{{ form.content.errors }}<label for="{{ form.content.name }}">{{ form.content.label }}</label> {{ form.content }}</p>
-    {% if user.is_in_group(settings.SITH_GROUP_COM_ADMIN_ID) %}
+    {% if user.is_com_admin %}
    <p>{{ form.automoderation.errors }}<label for="{{ form.automoderation.name }}">{{ form.automoderation.label }}</label>
        {{ form.automoderation }}</p>
    {% endif %}
--- a/com/templates/com/news_list.jinja
+++ b/com/templates/com/news_list.jinja
@ -6,145 +6,159 @@
 {% endblock %}

 {% block content %}
+{% if user.is_com_admin %}
+<div id="news_admin">
+  <a class="button" href="{{ url('com:news_admin_list') }}">{% trans %}Administrate news{% endtrans %}</a>
+</div>
+<br>
+{% endif  %}
+
 <div id="news">
-    {% if user.is_in_group(settings.SITH_GROUP_COM_ADMIN_ID) %}
-    <div id="news_admin">
-      <a href="{{ url('com:news_admin_list') }}">{% trans %}Administrate news{% endtrans %}</a>
+    <div id="left_column" class="news_column">
+        {% for news in object_list.filter(type="NOTICE") %}
+            <section class="news_notice">
+                <h4><a href="{{ url('com:news_detail', news_id=news.id) }}">{{ news.title }}</a></h4>
+                <div class="news_content">{{ news.summary|markdown }}</div>
+            </section>
+        {% endfor %}
+
+        {% for news in object_list.filter(dates__start_date__lte=timezone.now(), dates__end_date__gte=timezone.now(), type="CALL") %}
+            <section class="news_call">
+                <h4> <a href="{{ url('com:news_detail', news_id=news.id) }}">{{ news.title }}</a></h4>
+                <div class="news_date">
+                    <span>{{ news.dates.first().start_date|localtime|date(DATETIME_FORMAT) }}
+                        {{ news.dates.first().start_date|localtime|time(DATETIME_FORMAT) }}</span> -
+                    <span>{{ news.dates.first().end_date|localtime|date(DATETIME_FORMAT) }}
+                        {{ news.dates.first().end_date|localtime|time(DATETIME_FORMAT) }}</span>
+                </div>
+                <div class="news_content">{{ news.summary|markdown }}</div>
+            </section>
+        {% endfor %}
+
+        {% set events_dates = NewsDate.objects.filter(end_date__gte=timezone.now(), start_date__lte=timezone.now()+timedelta(days=5), news__type="EVENT", news__is_moderated=True).datetimes('start_date', 'day') %}
+        <h3>{% trans %}Events today and the next few days{% endtrans %}</h3>
+        {% if events_dates %}
+            {% for d in events_dates %}
+                <div class="news_events_group">
+                    <div class="news_events_group_date">
+                        <div>
+                            <div>{{ d|localtime|date('D') }}</div>
+                            <div class="day">{{ d|localtime|date('d') }}</div>
+                            <div>{{ d|localtime|date('b') }}</div>
+                        </div>
+                    </div>
+                    <div class="news_events_group_items">
+                        {% for news in object_list.filter(dates__start_date__gte=d,
+                        dates__start_date__lte=d+timedelta(days=1),
+                        type="EVENT").exclude(dates__end_date__lt=timezone.now())
+                        .order_by('dates__start_date') %}
+                        <section class="news_event">
+                            <div class="club_logo">
+                                {% if news.club.logo %}
+                                    <img src="{{ news.club.logo.url }}" alt="{{ news.club }}" />
+                                {% else %}
+                                    <img src="{{ static("com/img/news.png") }}" alt="{{ news.club }}" />
+                                {% endif %}
+                            </div>
+                            <h4> <a href="{{ url('com:news_detail', news_id=news.id) }}">{{ news.title }}</a></h4>
+                            <div><a href="{{ news.club.get_absolute_url() }}">{{ news.club }}</a></div>
+                            <div class="news_date">
+                                <span>{{ news.dates.first().start_date|localtime|time(DATETIME_FORMAT) }}</span> -
+                                <span>{{ news.dates.first().end_date|localtime|time(DATETIME_FORMAT) }}</span>
+                            </div>
+                            <div class="news_content">{{ news.summary|markdown }}
+                                <div class="button_bar">
+                                    {{ fb_quick(news) }}
+                                    {{ tweet_quick(news) }}
+                                </div>
+                            </div>
+                        </section>
+                    {% endfor %}
+                    </div>
+                </div>
+            {% endfor %}
+        {% else %}
+            <div class="news_empty">
+                <em>{% trans %}Nothing to come...{% endtrans %}</em>
+            </div>
+        {% endif %}
+
+        {% set coming_soon = object_list.filter(dates__start_date__gte=timezone.now()+timedelta(days=5),
+        type="EVENT").order_by('dates__start_date') %}
+        {% if coming_soon %}
+            <h3>{% trans %}Coming soon... don't miss!{% endtrans %}</h3>
+            {% for news in coming_soon %}
+                <section class="news_coming_soon">
+                    <a href="{{ url('com:news_detail', news_id=news.id) }}">{{ news.title }}</a>
+                    <span class="news_date">{{ news.dates.first().start_date|localtime|date(DATETIME_FORMAT) }}
+                        {{ news.dates.first().start_date|localtime|time(DATETIME_FORMAT) }} -
+                        {{ news.dates.first().end_date|localtime|date(DATETIME_FORMAT) }}
+                        {{ news.dates.first().end_date|localtime|time(DATETIME_FORMAT) }}</span>
+                </section>
+            {% endfor %}
+        {% endif %}
+
+        <h3>{% trans %}All coming events{% endtrans %}</h3>
+        <iframe 
+            src="https://embed.styledcalendar.com/#2mF2is8CEXhr4ADcX6qN" 
+            title="Styled Calendar"
+            class="styled-calendar-container" 
+            style="width: 100%; border: none; height: 1060px" 
+            data-cy="calendar-embed-iframe">
+        </iframe>
    </div>
-    {% endif  %}

    <div id="right_column" class="news_column">
-      <div id="agenda">
-          <div id="agenda_title">{% trans %}Agenda{% endtrans %}</div>
-          <div id="agenda_content">
-          {% for d in NewsDate.objects.filter(end_date__gte=timezone.now(),
-                  news__is_moderated=True, news__type__in=["WEEKLY",
-                  "EVENT"]).order_by('start_date', 'end_date') %}
-              <div class="agenda_item">
-                  <div class="agenda_date">
-                      <strong>{{ d.start_date|localtime|date('D d M Y') }}</strong>
-                  </div>
-                  <div class="agenda_time">
-                      <span>{{ d.start_date|localtime|time(DATETIME_FORMAT) }}</span> -
-                      <span>{{ d.end_date|localtime|time(DATETIME_FORMAT) }}</span>
-                  </div>
-                  <div>
-                      <strong><a href="{{ url('com:news_detail', news_id=d.news.id) }}">{{ d.news.title }}</a></strong>
-                      <a href="{{ d.news.club.get_absolute_url() }}">{{ d.news.club }}</a>
-                  </div>
-                  <div class="agenda_item_content">{{ d.news.summary|markdown }}</div>
-              </div>
-          {% endfor %}
-          </div>
-      </div>
-
-      <div id="birthdays">
-        <div id="birthdays_title">{% trans %}Birthdays{% endtrans %}</div>
-        <div id="birthdays_content">
-          <ul class="birthdays_year">
-          {% for d in birthdays.dates('date_of_birth', 'year', 'DESC') %}
-          <li>
-              {% trans age=timezone.now().year - d.year %}{{ age }} year old{% endtrans %}
-              <ul>
-              {% for u in birthdays.filter(date_of_birth__year=d.year) %}
-                  <li><a href="{{ u.get_absolute_url() }}">{{ u.get_short_name() }}</a></li>
-              {% endfor %}
-              </ul>
-          </li>
-          {% endfor %}
-          </ul>
+        <div id="agenda">
+            <div id="agenda_title">{% trans %}Agenda{% endtrans %}</div>
+            <div id="agenda_content">
+                {% for d in NewsDate.objects.filter(end_date__gte=timezone.now(),
+                news__is_moderated=True, news__type__in=["WEEKLY",
+                "EVENT"]).order_by('start_date', 'end_date') %}
+                <div class="agenda_item">
+                    <div class="agenda_date">
+                        <strong>{{ d.start_date|localtime|date('D d M Y') }}</strong>
+                    </div>
+                    <div class="agenda_time">
+                        <span>{{ d.start_date|localtime|time(DATETIME_FORMAT) }}</span> -
+                        <span>{{ d.end_date|localtime|time(DATETIME_FORMAT) }}</span>
+                    </div>
+                    <div>
+                        <strong><a href="{{ url('com:news_detail', news_id=d.news.id) }}">{{ d.news.title }}</a></strong>
+                        <a href="{{ d.news.club.get_absolute_url() }}">{{ d.news.club }}</a>
+                    </div>
+                    <div class="agenda_item_content">{{ d.news.summary|markdown }}</div>
+                </div>
+            {% endfor %}
+            </div>
+        </div>
+
+        <div id="birthdays">
+            <div id="birthdays_title">{% trans %}Birthdays{% endtrans %}</div>
+            <div id="birthdays_content">
+                {% if user.is_subscribed %}
+                    {# Cache request for 1 hour #}
+                    {% cache 3600 "birthdays" %}
+                    <ul class="birthdays_year">
+                        {% for d in birthdays.dates('date_of_birth', 'year', 'DESC') %}
+                            <li>
+                                {% trans age=timezone.now().year - d.year %}{{ age }} year old{% endtrans %}
+                                <ul>
+                                    {% for u in birthdays.filter(date_of_birth__year=d.year) %}
+                                        <li><a href="{{ u.get_absolute_url() }}">{{ u.get_short_name() }}</a></li>
+                                    {% endfor %}
+                                </ul>
+                            </li>
+                        {% endfor %}
+                    </ul>
+                    {% endcache %}
+                {% else %}
+                    <p>{% trans %}You need an up to date subscription to access this content{% endtrans %}</p>
+                {% endif %}
+            </div>
        </div>
-      </div>
    </div>

-
-    <div id="left_column" class="news_column">
-
-      {% for news in object_list.filter(type="NOTICE") %}
-      <section class="news_notice">
-          <h4><a href="{{ url('com:news_detail', news_id=news.id) }}">{{ news.title }}</a></h4>
-          <div class="news_content">{{ news.summary|markdown }}</div>
-      </section>
-      {% endfor %}
-
-      {% for news in object_list.filter(dates__start_date__lte=timezone.now(),
-          dates__end_date__gte=timezone.now(), type="CALL") %}
-      <section class="news_call">
-          <h4> <a href="{{ url('com:news_detail', news_id=news.id) }}">{{ news.title }}</a></h4>
-          <div class="news_date">
-              <span>{{ news.dates.first().start_date|localtime|date(DATETIME_FORMAT) }}
-                  {{ news.dates.first().start_date|localtime|time(DATETIME_FORMAT) }}</span> -
-              <span>{{ news.dates.first().end_date|localtime|date(DATETIME_FORMAT) }}
-                  {{ news.dates.first().end_date|localtime|time(DATETIME_FORMAT) }}</span>
-          </div>
-          <div class="news_content">{{ news.summary|markdown }}</div>
-      </section>
-      {% endfor %}
-
-      {% set events_dates = NewsDate.objects.filter(end_date__gte=timezone.now(), start_date__lte=timezone.now()+timedelta(days=5),
-                                          news__type="EVENT", news__is_moderated=True).datetimes('start_date', 'day') %}
-      <h3>{% trans %}Events today and the next few days{% endtrans %}</h3>
-      {% if events_dates %}
-      {% for d in events_dates %}
-      <div class="news_events_group">
-          <div class="news_events_group_date">
-              <div>
-                  <div>{{ d|localtime|date('D') }}</div>
-                  <div class="day">{{ d|localtime|date('d') }}</div>
-                  <div>{{ d|localtime|date('b') }}</div>
-              </div>
-          </div>
-          <div class="news_events_group_items">
-              {% for news in object_list.filter(dates__start_date__gte=d,
-                    dates__start_date__lte=d+timedelta(days=1),
-                    type="EVENT").exclude(dates__end_date__lt=timezone.now())
-                    .order_by('dates__start_date') %}
-              <section class="news_event">
-                  <div class="club_logo">
-                    {% if news.club.logo %}
-                    <img src="{{ news.club.logo.url }}" alt="{{ news.club }}" />
-                    {% else %}
-                    <img src="{{ static("com/img/news.png") }}" alt="{{ news.club }}" />
-                    {% endif %}
-                  </div>
-                  <h4> <a href="{{ url('com:news_detail', news_id=news.id) }}">{{ news.title }}</a></h4>
-                  <div><a href="{{ news.club.get_absolute_url() }}">{{ news.club }}</a></div>
-                  <div class="news_date">
-                      <span>{{ news.dates.first().start_date|localtime|time(DATETIME_FORMAT) }}</span> -
-                      <span>{{ news.dates.first().end_date|localtime|time(DATETIME_FORMAT) }}</span>
-                  </div>
-                  <div class="news_content">{{ news.summary|markdown }}
-                  <div class="button_bar">
-                    {{ fb_quick(news) }}
-                    {{ tweet_quick(news) }}
-                  </div>
-                  </div>
-              </section>
-              {% endfor %}
-          </div>
-      </div>
-      {% endfor %}
-      {% else %}
-      <div class="news_empty">
-        <em>{% trans %}Nothing to come...{% endtrans %}</em>
-      </div>
-      {% endif %}
-
-      {% set coming_soon = object_list.filter(dates__start_date__gte=timezone.now()+timedelta(days=5),
-          type="EVENT").order_by('dates__start_date') %}
-      {% if coming_soon %}
-      <h3>{% trans %}Coming soon... don't miss!{% endtrans %}</h3>
-      {% for news in coming_soon %}
-      <section class="news_coming_soon">
-          <a href="{{ url('com:news_detail', news_id=news.id) }}">{{ news.title }}</a>
-          <span class="news_date">{{ news.dates.first().start_date|localtime|date(DATETIME_FORMAT) }}
-              {{ news.dates.first().start_date|localtime|time(DATETIME_FORMAT) }} -
-          {{ news.dates.first().end_date|localtime|date(DATETIME_FORMAT) }}
-          {{ news.dates.first().end_date|localtime|time(DATETIME_FORMAT) }}</span>
-      </section>
-      {% endfor %}
-      {% endif %}
-    </div>
 </div>
 {% endblock %}

--- a/com/templates/com/poster_list.jinja
+++ b/com/templates/com/poster_list.jinja
@ -36,8 +36,8 @@
                    <div class="name">{{ poster.name }}</div>
                    <div class="image"><img src="{{ poster.file.url }}"></img></div>
                    <div class="dates">
-                        <div class="begin">{{ poster.date_begin | date("d/M/Y H:m") }}</div>
-                        <div class="end">{{ poster.date_end | date("d/M/Y H:m") }}</div>
+                        <div class="begin">{{ poster.date_begin | localtime | date("d/M/Y H:m") }}</div>
+                        <div class="end">{{ poster.date_end | localtime | date("d/M/Y H:m") }}</div>
                    </div>
                    {% if app == "com" %}
                        <a class="edit" href="{{ url(app + ":poster_edit", poster.id) }}">{% trans %}Edit{% endtrans %}</a>
--- a/com/templates/com/screen_slideshow.jinja
+++ b/com/templates/com/screen_slideshow.jinja
@ -24,7 +24,7 @@
        <div id="progress_bar"></div>

    </div>
-    <script src="{{ static('core/js/jquery-3.1.0.min.js') }}"></script>
+    <script src="{{ static('core/js/jquery-3.6.2.min.js') }}"></script>
    <script src="{{ static('com/js/slideshow.js') }}"></script>
 </body>
 </html>
--- a/com/templates/com/weekmail_preview.jinja
+++ b/com/templates/com/weekmail_preview.jinja
@ -7,15 +7,33 @@

 {% block content %}
 <a href="{{ url('com:weekmail') }}">{% trans %}Back{% endtrans %}</a>
-{% if request.GET['send'] %}
-<p>{% trans %}Are you sure you want to send this weekmail?{% endtrans %}</p>
-{% if request.LANGUAGE_CODE != settings.LANGUAGE_CODE[:2] %}
-<p><strong>{% trans %}Warning: you are sending the weekmail in another language than the default one!{% endtrans %}</strong></p>
-{% endif %}
-<form method="post" action="">
-    {% csrf_token %}
-    <button type="submit" name="send" value="validate">{% trans %}Send{% endtrans %}</button>
-</form>
+{% if bad_recipients %}
+    <p>
+    <span class="important">
+        {% trans %}The following recipients were refused by the SMTP:{% endtrans %}
+    </span>
+    <ul>
+    {% for r in bad_recipients.keys() %}
+        <li>{{ r }}</li>
+    {% endfor %}
+    </ul>
+    </p>
+
+    <form method="post" action="">
+        {% csrf_token %}
+        <button type="submit" name="send" value="clean">{% trans %}Clean subscribers{% endtrans %}</button>
+    </form>
+{% else %}
+    {% if request.GET['send'] %}
+        <p>{% trans %}Are you sure you want to send this weekmail?{% endtrans %}</p>
+        {% if request.LANGUAGE_CODE != settings.LANGUAGE_CODE[:2] %}
+            <p><strong>{% trans %}Warning: you are sending the weekmail in another language than the default one!{% endtrans %}</strong></p>
+        {% endif %}
+        <form method="post" action="">
+            {% csrf_token %}
+            <button type="submit" name="send" value="validate">{% trans %}Send{% endtrans %}</button>
+        </form>
+    {% endif %}
 {% endif %}
 <hr>
 {{ weekmail_rendered|safe }}
--- a/com/tests.py
+++ b/com/tests.py
@ -1,44 +1,59 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #
-
+from django.core.files.uploadedfile import SimpleUploadedFile
 from django.test import TestCase
 from django.conf import settings
-from django.core.urlresolvers import reverse
+from django.urls import reverse
 from django.core.management import call_command
+from django.utils import html
+from django.utils.timezone import localtime, now
+from django.utils.translation import gettext as _

-from core.models import User, RealGroup
+from club.models import Club, Membership
+from com.models import Sith, News, Weekmail, WeekmailArticle, Poster
+from core.models import User, RealGroup, AnonymousUser
+
+
+class ComAlertTest(TestCase):
+    def test_page_is_working(self):
+        self.client.login(username="comunity", password="plop")
+        response = self.client.get(reverse("com:alert_edit"))
+        self.assertNotEqual(response.status_code, 500)
+        self.assertEqual(response.status_code, 200)
+
+
+class ComInfoTest(TestCase):
+    def test_page_is_working(self):
+        self.client.login(username="comunity", password="plop")
+        response = self.client.get(reverse("com:info_edit"))
+        self.assertNotEqual(response.status_code, 500)
+        self.assertEqual(response.status_code, 200)


 class ComTest(TestCase):
-    def setUp(self):
-        call_command("populate")
-        self.skia = User.objects.filter(username="skia").first()
-        self.com_group = RealGroup.objects.filter(
+    @classmethod
+    def setUpTestData(cls):
+        cls.skia = User.objects.filter(username="skia").first()
+        cls.com_group = RealGroup.objects.filter(
            id=settings.SITH_GROUP_COM_ADMIN_ID
        ).first()
-        self.skia.groups = [self.com_group]
-        self.skia.save()
+        cls.skia.groups.set([cls.com_group])
+        cls.skia.save()
+
+    def setUp(self):
        self.client.login(username=self.skia.username, password="plop")

    def test_alert_msg(self):
@ -54,9 +69,11 @@ class ComTest(TestCase):
        )
        r = self.client.get(reverse("core:index"))
        self.assertTrue(r.status_code == 200)
-        self.assertTrue(
-            """<div id="alert_box">\\n                <div class="markdown"><h3>ALERTE!</h3>\\n<p><strong>Caaaataaaapuuuulte!!!!</strong></p>"""
-            in str(r.content)
+        self.assertContains(
+            r,
+            """<div id="alert_box">
+                            <div class="markdown"><h3>ALERTE!</h3>
+<p><strong>Caaaataaaapuuuulte!!!!</strong></p>""",
        )

    def test_info_msg(self):
@ -70,7 +87,127 @@ class ComTest(TestCase):
        )
        r = self.client.get(reverse("core:index"))
        self.assertTrue(r.status_code == 200)
-        self.assertTrue(
-            """<div id="info_box">\\n                <div class="markdown"><h3>INFO: <strong>Caaaataaaapuuuulte!!!!</strong></h3>"""
-            in str(r.content)
+        self.assertContains(
+            r,
+            """<div id="info_box">
+                            <div class="markdown"><h3>INFO: <strong>Caaaataaaapuuuulte!!!!</strong></h3>""",
        )
+
+    def test_birthday_non_subscribed_user(self):
+        self.client.login(username="guy", password="plop")
+        response = self.client.get(reverse("core:index"))
+        self.assertContains(
+            response,
+            text=html.escape(
+                _("You need an up to date subscription to access this content")
+            ),
+        )
+
+    def test_birthday_subscibed_user(self):
+        response = self.client.get(reverse("core:index"))
+
+        self.assertNotContains(
+            response,
+            text=html.escape(
+                _("You need an up to date subscription to access this content")
+            ),
+        )
+
+
+class SithTest(TestCase):
+    def test_sith_owner(self):
+        """
+        Test that the sith instance is owned by com admins
+        and nobody else
+        """
+        sith: Sith = Sith.objects.first()
+
+        com_admin = User.objects.get(username="comunity")
+        self.assertTrue(sith.is_owned_by(com_admin))
+
+        anonymous = AnonymousUser()
+        self.assertFalse(sith.is_owned_by(anonymous))
+
+        sli = User.objects.get(username="sli")
+        self.assertFalse(sith.is_owned_by(sli))
+
+
+class NewsTest(TestCase):
+    @classmethod
+    def setUpTestData(cls):
+        cls.com_admin = User.objects.get(username="comunity")
+        new = News.objects.create(
+            title="dummy new",
+            summary="This is a dummy new",
+            content="Look at that beautiful dummy new",
+            author=User.objects.get(username="subscriber"),
+            club=Club.objects.first(),
+        )
+        cls.new = new
+        cls.author = new.author
+        cls.sli = User.objects.get(username="sli")
+        cls.anonymous = AnonymousUser()
+
+    def test_news_owner(self):
+        """
+        Test that news are owned by com admins
+        or by their author but nobody else
+        """
+
+        self.assertTrue(self.new.is_owned_by(self.com_admin))
+        self.assertTrue(self.new.is_owned_by(self.author))
+        self.assertFalse(self.new.is_owned_by(self.anonymous))
+        self.assertFalse(self.new.is_owned_by(self.sli))
+
+
+class WeekmailArticleTest(TestCase):
+    @classmethod
+    def setUpTestData(cls):
+        cls.com_admin = User.objects.get(username="comunity")
+        author = User.objects.get(username="subscriber")
+        cls.article = WeekmailArticle.objects.create(
+            weekmail=Weekmail.objects.create(),
+            author=author,
+            title="title",
+            content="Some content",
+            club=Club.objects.first(),
+        )
+        cls.author = author
+        cls.sli = User.objects.get(username="sli")
+        cls.anonymous = AnonymousUser()
+
+    def test_weekmail_owner(self):
+        """
+        Test that weekmails are owned only by com admins
+        """
+        self.assertTrue(self.article.is_owned_by(self.com_admin))
+        self.assertFalse(self.article.is_owned_by(self.author))
+        self.assertFalse(self.article.is_owned_by(self.anonymous))
+        self.assertFalse(self.article.is_owned_by(self.sli))
+
+
+class PosterTest(TestCase):
+    @classmethod
+    def setUpTestData(cls):
+        cls.com_admin = User.objects.get(username="comunity")
+        cls.poster = Poster.objects.create(
+            name="dummy",
+            file=SimpleUploadedFile("dummy.jpg", b"azertyuiop"),
+            club=Club.objects.first(),
+            date_begin=localtime(now()),
+        )
+        cls.sli = User.objects.get(username="sli")
+        cls.sli.memberships.all().delete()
+        Membership(user=cls.sli, club=Club.objects.first(), role=5).save()
+        cls.susbcriber = User.objects.get(username="subscriber")
+        cls.anonymous = AnonymousUser()
+
+    def test_poster_owner(self):
+        """
+        Test that poster are owned by com admins and board members in clubs
+        """
+        self.assertTrue(self.poster.is_owned_by(self.com_admin))
+        self.assertFalse(self.poster.is_owned_by(self.anonymous))
+
+        self.assertFalse(self.poster.is_owned_by(self.susbcriber))
+        self.assertTrue(self.poster.is_owned_by(self.sli))
--- a/com/urls.py
+++ b/com/urls.py
@ -1,120 +1,111 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #

-from django.conf.urls import url
+from django.urls import path

-from com.views import *
 from club.views import MailingDeleteView
+from com.views import *

 urlpatterns = [
-    url(r"^sith/edit/alert$", AlertMsgEditView.as_view(), name="alert_edit"),
-    url(r"^sith/edit/info$", InfoMsgEditView.as_view(), name="info_edit"),
-    url(r"^sith/edit/index$", IndexEditView.as_view(), name="index_edit"),
-    url(
-        r"^sith/edit/weekmail_destinations$",
+    path("sith/edit/alert/", AlertMsgEditView.as_view(), name="alert_edit"),
+    path("sith/edit/info/", InfoMsgEditView.as_view(), name="info_edit"),
+    path(
+        "sith/edit/weekmail_destinations/",
        WeekmailDestinationEditView.as_view(),
        name="weekmail_destinations",
    ),
-    url(r"^weekmail$", WeekmailEditView.as_view(), name="weekmail"),
-    url(r"^weekmail/preview$", WeekmailPreviewView.as_view(), name="weekmail_preview"),
-    url(
-        r"^weekmail/new_article$",
+    path("weekmail/", WeekmailEditView.as_view(), name="weekmail"),
+    path("weekmail/preview/", WeekmailPreviewView.as_view(), name="weekmail_preview"),
+    path(
+        "weekmail/new_article/",
        WeekmailArticleCreateView.as_view(),
        name="weekmail_article",
    ),
-    url(
-        r"^weekmail/article/(?P<article_id>[0-9]+)/delete$",
+    path(
+        "weekmail/article/<int:article_id>/delete/",
        WeekmailArticleDeleteView.as_view(),
        name="weekmail_article_delete",
    ),
-    url(
-        r"^weekmail/article/(?P<article_id>[0-9]+)/edit$",
+    path(
+        "weekmail/article/<int:article_id>/edit/",
        WeekmailArticleEditView.as_view(),
        name="weekmail_article_edit",
    ),
-    url(r"^news$", NewsListView.as_view(), name="news_list"),
-    url(r"^news/admin$", NewsAdminListView.as_view(), name="news_admin_list"),
-    url(r"^news/create$", NewsCreateView.as_view(), name="news_new"),
-    url(
-        r"^news/(?P<news_id>[0-9]+)/delete$",
+    path("news/", NewsListView.as_view(), name="news_list"),
+    path("news/admin/", NewsAdminListView.as_view(), name="news_admin_list"),
+    path("news/create/", NewsCreateView.as_view(), name="news_new"),
+    path(
+        "news/<int:news_id>/delete/",
        NewsDeleteView.as_view(),
        name="news_delete",
    ),
-    url(
-        r"^news/(?P<news_id>[0-9]+)/moderate$",
+    path(
+        "news/<int:news_id>/moderate/",
        NewsModerateView.as_view(),
        name="news_moderate",
    ),
-    url(r"^news/(?P<news_id>[0-9]+)/edit$", NewsEditView.as_view(), name="news_edit"),
-    url(r"^news/(?P<news_id>[0-9]+)$", NewsDetailView.as_view(), name="news_detail"),
-    url(r"^mailings$", MailingListAdminView.as_view(), name="mailing_admin"),
-    url(
-        r"^mailings/(?P<mailing_id>[0-9]+)/moderate$",
+    path("news/<int:news_id>/edit/", NewsEditView.as_view(), name="news_edit"),
+    path("news/<int:news_id>/", NewsDetailView.as_view(), name="news_detail"),
+    path("mailings/", MailingListAdminView.as_view(), name="mailing_admin"),
+    path(
+        "mailings/<int:mailing_id>/moderate/",
        MailingModerateView.as_view(),
        name="mailing_moderate",
    ),
-    url(
-        r"^mailings/(?P<mailing_id>[0-9]+)/delete$",
+    path(
+        "mailings/<int:mailing_id>/delete/",
        MailingDeleteView.as_view(redirect_page="com:mailing_admin"),
        name="mailing_delete",
    ),
-    url(r"^poster$", PosterListView.as_view(), name="poster_list"),
-    url(r"^poster/create$", PosterCreateView.as_view(), name="poster_create"),
-    url(
-        r"^poster/(?P<poster_id>[0-9]+)/edit$",
+    path("poster/", PosterListView.as_view(), name="poster_list"),
+    path("poster/create/", PosterCreateView.as_view(), name="poster_create"),
+    path(
+        "poster/<int:poster_id>/edit/",
        PosterEditView.as_view(),
        name="poster_edit",
    ),
-    url(
-        r"^poster/(?P<poster_id>[0-9]+)/delete$",
+    path(
+        "poster/<int:poster_id>/delete/",
        PosterDeleteView.as_view(),
        name="poster_delete",
    ),
-    url(
-        r"^poster/moderate$",
+    path(
+        "poster/moderate/",
        PosterModerateListView.as_view(),
        name="poster_moderate_list",
    ),
-    url(
-        r"^poster/(?P<object_id>[0-9]+)/moderate$",
+    path(
+        "poster/<int:object_id>/moderate/",
        PosterModerateView.as_view(),
        name="poster_moderate",
    ),
-    url(r"^screen$", ScreenListView.as_view(), name="screen_list"),
-    url(r"^screen/create$", ScreenCreateView.as_view(), name="screen_create"),
-    url(
-        r"^screen/(?P<screen_id>[0-9]+)/slideshow$",
+    path("screen/", ScreenListView.as_view(), name="screen_list"),
+    path("screen/create/", ScreenCreateView.as_view(), name="screen_create"),
+    path(
+        "screen/<int:screen_id>/slideshow/",
        ScreenSlideshowView.as_view(),
        name="screen_slideshow",
    ),
-    url(
-        r"^screen/(?P<screen_id>[0-9]+)/edit$",
+    path(
+        "screen/<int:screen_id>/edit/",
        ScreenEditView.as_view(),
        name="screen_edit",
    ),
-    url(
-        r"^screen/(?P<screen_id>[0-9]+)/delete$",
+    path(
+        "screen/<int:screen_id>/delete/",
        ScreenDeleteView.as_view(),
        name="screen_delete",
    ),
--- a/com/views.py
+++ b/com/views.py
@ -28,8 +28,8 @@ from django.http import HttpResponseRedirect
 from django.views.generic import ListView, DetailView, View
 from django.views.generic.edit import UpdateView, CreateView, DeleteView
 from django.views.generic.detail import SingleObjectMixin
-from django.utils.translation import ugettext_lazy as _
-from django.core.urlresolvers import reverse, reverse_lazy
+from django.utils.translation import gettext_lazy as _
+from django.urls import reverse, reverse_lazy
 from django.core.exceptions import ValidationError
 from django.utils import timezone
 from django.conf import settings
@ -39,6 +39,7 @@ from django.core.exceptions import PermissionDenied
 from django import forms

 from datetime import timedelta
+from smtplib import SMTPRecipientsRefused

 from com.models import Sith, News, NewsDate, Weekmail, WeekmailArticle, Screen, Poster
 from core.views import (
@ -52,6 +53,7 @@ from core.views import (
 from core.views.forms import SelectDateTime, MarkdownInput
 from core.models import Notification, RealGroup, User
 from club.models import Club, Mailing
+from core.views.forms import TzAwareDateTimeField


 # Sith object
@ -72,20 +74,14 @@ class PosterForm(forms.ModelForm):
            "display_time",
        ]
        widgets = {"screens": forms.CheckboxSelectMultiple}
+        help_texts = {"file": _("Format: 16:9 | Resolution: 1920x1080")}

-    date_begin = forms.DateTimeField(
-        ["%Y-%m-%d %H:%M:%S"],
+    date_begin = TzAwareDateTimeField(
        label=_("Start date"),
-        widget=SelectDateTime,
        required=True,
        initial=timezone.now().strftime("%Y-%m-%d %H:%M:%S"),
    )
-    date_end = forms.DateTimeField(
-        ["%Y-%m-%d %H:%M:%S"],
-        label=_("End date"),
-        widget=SelectDateTime,
-        required=False,
-    )
+    date_end = TzAwareDateTimeField(label=_("End date"), required=False)

    def __init__(self, *args, **kwargs):
        self.user = kwargs.pop("user", None)
@ -114,9 +110,6 @@ class ComTabsMixin(TabedViewMixin):
                "name": _("Weekmail destinations"),
            }
        )
-        tab_list.append(
-            {"url": reverse("com:index_edit"), "slug": "index", "name": _("Index page")}
-        )
        tab_list.append(
            {"url": reverse("com:info_edit"), "slug": "info", "name": _("Info message")}
        )
@ -153,7 +146,7 @@ class ComTabsMixin(TabedViewMixin):

 class IsComAdminMixin(View):
    def dispatch(self, request, *args, **kwargs):
-        if not (request.user.is_in_group(settings.SITH_GROUP_COM_ADMIN_ID)):
+        if not request.user.is_com_admin:
            raise PermissionDenied
        return super(IsComAdminMixin, self).dispatch(request, *args, **kwargs)

@ -182,14 +175,6 @@ class InfoMsgEditView(ComEditView):
    success_url = reverse_lazy("com:info_edit")


-class IndexEditView(ComEditView):
-    form_class = modelform_factory(
-        Sith, fields=["index_page"], widgets={"index_page": MarkdownInput}
-    )
-    current_tab = "index"
-    success_url = reverse_lazy("com:index_edit")
-
-
 class WeekmailDestinationEditView(ComEditView):
    fields = ["weekmail_destinations"]
    current_tab = "weekmail_destinations"
@ -210,21 +195,10 @@ class NewsForm(forms.ModelForm):
            "content": MarkdownInput,
        }

-    start_date = forms.DateTimeField(
-        ["%Y-%m-%d %H:%M:%S"],
-        label=_("Start date"),
-        widget=SelectDateTime,
-        required=False,
-    )
-    end_date = forms.DateTimeField(
-        ["%Y-%m-%d %H:%M:%S"],
-        label=_("End date"),
-        widget=SelectDateTime,
-        required=False,
-    )
-    until = forms.DateTimeField(
-        ["%Y-%m-%d %H:%M:%S"], label=_("Until"), widget=SelectDateTime, required=False
-    )
+    start_date = TzAwareDateTimeField(label=_("Start date"), required=False)
+    end_date = TzAwareDateTimeField(label=_("End date"), required=False)
+    until = TzAwareDateTimeField(label=_("Until"), required=False)
+
    automoderation = forms.BooleanField(label=_("Automoderation"), required=False)

    def clean(self):
@ -238,7 +212,11 @@ class NewsForm(forms.ModelForm):
                self.add_error(
                    "end_date", ValidationError(_("This field is required."))
                )
-            if self.cleaned_data["start_date"] > self.cleaned_data["end_date"]:
+            if (
+                not self.has_error("start_date")
+                and not self.has_error("end_date")
+                and self.cleaned_data["start_date"] > self.cleaned_data["end_date"]
+            ):
                self.add_error(
                    "end_date",
                    ValidationError(
@ -305,9 +283,7 @@ class NewsEditView(CanEditMixin, UpdateView):

    def form_valid(self, form):
        self.object = form.save()
-        if form.cleaned_data["automoderation"] and self.request.user.is_in_group(
-            settings.SITH_GROUP_COM_ADMIN_ID
-        ):
+        if form.cleaned_data["automoderation"] and self.request.user.is_com_admin:
            self.object.moderator = self.request.user
            self.object.is_moderated = True
            self.object.save()
@ -355,9 +331,7 @@ class NewsCreateView(CanCreateMixin, CreateView):

    def form_valid(self, form):
        self.object = form.save()
-        if form.cleaned_data["automoderation"] and self.request.user.is_in_group(
-            settings.SITH_GROUP_COM_ADMIN_ID
-        ):
+        if form.cleaned_data["automoderation"] and self.request.user.is_com_admin:
            self.object.moderator = self.request.user
            self.object.is_moderated = True
            self.object.save()
@ -437,23 +411,36 @@ class NewsDetailView(CanViewMixin, DetailView):
 # Weekmail


-class WeekmailPreviewView(ComTabsMixin, CanEditPropMixin, DetailView):
+class WeekmailPreviewView(ComTabsMixin, QuickNotifMixin, CanEditPropMixin, DetailView):
    model = Weekmail
    template_name = "com/weekmail_preview.jinja"
    success_url = reverse_lazy("com:weekmail")
    current_tab = "weekmail"

+    def dispatch(self, request, *args, **kwargs):
+        self.bad_recipients = []
+        return super(WeekmailPreviewView, self).dispatch(request, *args, **kwargs)
+
    def post(self, request, *args, **kwargs):
        self.object = self.get_object()
-        try:
-            if request.POST["send"] == "validate":
+        if request.POST["send"] == "validate":
+            try:
                self.object.send()
                return HttpResponseRedirect(
                    reverse("com:weekmail") + "?qn_weekmail_send_success"
                )
-        except:
-            pass
-        return super(WeekmailEditView, self).get(request, *args, **kwargs)
+            except SMTPRecipientsRefused as e:
+                self.bad_recipients = e.recipients
+        elif request.POST["send"] == "clean":
+            try:
+                self.object.send()  # This should fail
+            except SMTPRecipientsRefused as e:
+                users = User.objects.filter(email__in=e.recipients.keys())
+                for u in users:
+                    u.preferences.receive_weekmail = False
+                    u.preferences.save()
+                self.quick_notif_list += ["qn_success"]
+        return super(WeekmailPreviewView, self).get(request, *args, **kwargs)

    def get_object(self, queryset=None):
        return self.model.objects.filter(sent=False).order_by("-id").first()
@ -462,6 +449,7 @@ class WeekmailPreviewView(ComTabsMixin, CanEditPropMixin, DetailView):
        """Add rendered weekmail"""
        kwargs = super(WeekmailPreviewView, self).get_context_data(**kwargs)
        kwargs["weekmail_rendered"] = self.object.render_html()
+        kwargs["bad_recipients"] = self.bad_recipients
        return kwargs


@ -538,7 +526,7 @@ class WeekmailEditView(ComTabsMixin, QuickNotifMixin, CanEditPropMixin, UpdateVi
        return super(WeekmailEditView, self).get(request, *args, **kwargs)

    def get_context_data(self, **kwargs):
-        """Add orphan articles """
+        """Add orphan articles"""
        kwargs = super(WeekmailEditView, self).get_context_data(**kwargs)
        kwargs["orphans"] = WeekmailArticle.objects.filter(weekmail=None)
        return kwargs
@ -625,10 +613,7 @@ class MailingListAdminView(ComTabsMixin, ListView):
    current_tab = "mailings"

    def dispatch(self, request, *args, **kwargs):
-        if not (
-            request.user.is_in_group(settings.SITH_GROUP_COM_ADMIN_ID)
-            or request.user.is_root
-        ):
+        if not (request.user.is_com_admin or request.user.is_root):
            raise PermissionDenied
        return super(MailingListAdminView, self).dispatch(request, *args, **kwargs)

@ -750,7 +735,7 @@ class PosterEditBaseView(UpdateView):

    def get_context_data(self, **kwargs):
        kwargs = super(PosterEditBaseView, self).get_context_data(**kwargs)
-        if not self.request.user.is_com_admin:
+        if hasattr(self, "club"):
            kwargs["club"] = self.club
        return kwargs

--- a/core/init.py
+++ b/core/init.py
@ -1,25 +1,15 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #
-
-default_app_config = "core.apps.SithConfig"
--- a/core/admin.py
+++ b/core/admin.py
@ -1,40 +1,34 @@
 # -*- coding:utf-8 -*
 #
-# Copyright 2016,2017
-# - Skia <skia@libskia.so>
+# Copyright 2023 © AE UTBM
+# ae@utbm.fr / ae.info@utbm.fr
 #
-# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
-# http://ae.utbm.fr.
+# This file is part of the website of the UTBM Student Association (AE UTBM),
+# https://ae.utbm.fr.
 #
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License a published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# You can find the source code of the website at https://github.com/ae-utbm/sith3
 #
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-# details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
-# Place - Suite 330, Boston, MA 02111-1307, USA.
+# LICENSED UNDER THE GNU GENERAL PUBLIC LICENSE VERSION 3 (GPLv3)
+# SEE : https://raw.githubusercontent.com/ae-utbm/sith3/master/LICENSE
+# OR WITHIN THE LOCAL FILE "LICENSE"
 #
 #

 from django.contrib import admin
 from ajax_select import make_ajax_form
-from core.models import User, Page, RealGroup, SithFile
+from core.models import User, Page, RealGroup, MetaGroup, SithFile
 from django.contrib.auth.models import Group as AuthGroup
 from haystack.admin import SearchModelAdmin


 admin.site.unregister(AuthGroup)
+admin.site.register(MetaGroup)
 admin.site.register(RealGroup)


+@admin.register(User)
 class UserAdmin(SearchModelAdmin):
-    list_display = ["first_name", "last_name", "username", "email", "nick_name"]
+    list_display = ("first_name", "last_name", "username", "email", "nick_name")
    form = make_ajax_form(
        User,
        {
@ -48,11 +42,9 @@ class UserAdmin(SearchModelAdmin):
    search_fields = ["first_name", "last_name", "username"]


-admin.site.register(User, UserAdmin)
-
-
@admin.register(Page)
 class PageAdmin(admin.ModelAdmin):
+    list_display = ("name", "_full_name", "owner_group")
    form = make_ajax_form(
        Page,
        {
@ -66,4 +58,12 @@ class PageAdmin(admin.ModelAdmin):

@admin.register(SithFile)
 class SithFileAdmin(admin.ModelAdmin):
-    form = make_ajax_form(SithFile, {"parent": "files"})  # ManyToManyField
+    list_display = ("name", "owner", "size", "date", "is_in_sas")
+    form = make_ajax_form(
+        SithFile,
+        {
+            "parent": "files",
+            "owner": "users",
+            "moderator": "users",
+        },
+    )  # ManyToManyField
--- a/core/apps.py
+++ b/core/apps.py
@ -25,6 +25,7 @@
 import sys

 from django.apps import AppConfig
+from django.core.cache import cache
 from django.core.signals import request_started


@ -33,26 +34,17 @@ class SithConfig(AppConfig):
    verbose_name = "Core app of the Sith"

    def ready(self):
-        from core.models import User
-        from club.models import Club
        from forum.models import Forum
+        import core.signals

-        def clear_cached_groups(**kwargs):
-            User._group_ids = {}
-            User._group_name = {}
+        cache.clear()

        def clear_cached_memberships(**kwargs):
-            User._club_memberships = {}
-            Club._memberships = {}
            Forum._club_memberships = {}

        print("Connecting signals!", file=sys.stderr)
-        request_started.connect(
-            clear_cached_groups, weak=False, dispatch_uid="clear_cached_groups"
-        )
        request_started.connect(
            clear_cached_memberships,
            weak=False,
            dispatch_uid="clear_cached_memberships",
        )
-        # TODO: there may be a need to add more cache clearing
--- a/core/converters.py
+++ b/core/converters.py
@ -0,0 +1,35 @@
+from core.models import Page
+
+
+class FourDigitYearConverter:
+    regex = "[0-9]{4}"
+
+    def to_python(self, value):
+        return int(value)
+
+    def to_url(self, value):
+        return str(value).zfill(4)
+
+
+class TwoDigitMonthConverter:
+    regex = "[0-9]{2}"
+
+    def to_python(self, value):
+        return int(value)
+
+    def to_url(self, value):
+        return str(value).zfill(2)
+
+
+class BooleanStringConverter:
+    """
+    Converter whose regex match either True or False
+    """
+
+    regex = r"(True)|(False)"
+
+    def to_python(self, value):
+        return str(value) == "True"
+
+    def to_url(self, value):
+        return str(value)
--- a/core/fixtures/images/sas/Family/krophil.jpg
+++ b/core/fixtures/images/sas/Family/krophil.jpg
--- a/core/fixtures/images/sas/Family/richard.jpg
+++ b/core/fixtures/images/sas/Family/richard.jpg
--- a/core/fixtures/images/sas/Family/skia.jpg
+++ b/core/fixtures/images/sas/Family/skia.jpg
--- a/Show More
+++ b/Show More