mirror of
https://github.com/ae-utbm/sith.git
synced 2026-04-22 03:03:13 +00:00
Compare commits
13 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 imperosol
|
ce00b09584 | ||
|
imperosol
|
ade9934c66 | ||
|
imperosol
|
7282d0a569 | ||
|
imperosol
|
0b657cf9be | ||
|
imperosol
|
8cb1402d62 | ||
|
imperosol
|
9e0cdfc6e1 | ||
|
imperosol
|
2d24275bf5 | ||
|
imperosol
|
c22eeb2b78 | ||
|
imperosol
|
246fb5838d | ||
|
imperosol
|
78f1cf5dc1 | ||
|
imperosol
|
fc0179c10e | ||
 klmp200
|
da3602329c | ||
|
klmp200
|
8b18999514
|
@@ -17,6 +17,15 @@ class ApiClientAdmin(admin.ModelAdmin):
|
||||
"owner__nick_name",
|
||||
)
|
||||
autocomplete_fields = ("owner", "groups", "client_permissions")
|
||||
readonly_fields = ("hmac_key",)
|
||||
actions = ("reset_hmac_key",)
|
||||
|
||||
@admin.action(permissions=["change"], description=_("Reset HMAC key"))
|
||||
def reset_hmac_key(self, _request: HttpRequest, queryset: QuerySet[ApiClient]):
|
||||
objs = list(queryset)
|
||||
for obj in objs:
|
||||
obj.reset_hmac(commit=False)
|
||||
ApiClient.objects.bulk_update(objs, fields=["hmac_key"])
|
||||
|
||||
|
||||
@admin.register(ApiKey)
|
||||
|
||||
+16
@@ -0,0 +1,16 @@
|
||||
from ninja_extra import ControllerBase, api_controller, route
|
||||
|
||||
from api.auth import ApiKeyAuth
|
||||
from api.schemas import ApiClientSchema
|
||||
|
||||
|
||||
@api_controller("/client")
|
||||
class ApiClientController(ControllerBase):
|
||||
@route.get(
|
||||
"/me",
|
||||
auth=[ApiKeyAuth()],
|
||||
response=ApiClientSchema,
|
||||
url_name="api-client-infos",
|
||||
)
|
||||
def get_client_info(self):
|
||||
return self.context.request.auth
|
||||
@@ -0,0 +1,35 @@
|
||||
from django import forms
|
||||
from django.forms import HiddenInput
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
|
||||
|
||||
class ThirdPartyAuthForm(forms.Form):
|
||||
"""Form to complete to authenticate on the sith from a third-party app.
|
||||
|
||||
For the form to be valid, the user approve the EULA (french: CGU)
|
||||
and give its username from the third-party app.
|
||||
"""
|
||||
|
||||
cgu_accepted = forms.BooleanField(
|
||||
required=True,
|
||||
label=_("I have read and I accept the terms and conditions of use"),
|
||||
error_messages={
|
||||
"required": _("You must approve the terms and conditions of use.")
|
||||
},
|
||||
)
|
||||
is_username_valid = forms.BooleanField(
|
||||
required=True,
|
||||
error_messages={"required": _("You must confirm that this is your username.")},
|
||||
)
|
||||
client_id = forms.IntegerField(widget=HiddenInput())
|
||||
third_party_app = forms.CharField(widget=HiddenInput())
|
||||
privacy_link = forms.URLField(widget=HiddenInput())
|
||||
username = forms.CharField(widget=HiddenInput())
|
||||
callback_url = forms.URLField(widget=HiddenInput())
|
||||
signature = forms.CharField(widget=HiddenInput())
|
||||
|
||||
def __init__(self, *args, label_suffix: str = "", initial, **kwargs):
|
||||
super().__init__(*args, label_suffix=label_suffix, initial=initial, **kwargs)
|
||||
self.fields["is_username_valid"].label = _(
|
||||
"I confirm that %(username)s is my username on %(app)s"
|
||||
) % {"username": initial.get("username"), "app": initial.get("third_party_app")}
|
||||
@@ -0,0 +1,19 @@
|
||||
# Generated by Django 5.2.3 on 2025-10-26 10:15
|
||||
|
||||
from django.db import migrations, models
|
||||
|
||||
import api.models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
dependencies = [("api", "0001_initial")]
|
||||
|
||||
operations = [
|
||||
migrations.AddField(
|
||||
model_name="apiclient",
|
||||
name="hmac_key",
|
||||
field=models.CharField(
|
||||
default=api.models.get_hmac_key, max_length=128, verbose_name="HMAC Key"
|
||||
),
|
||||
),
|
||||
]
|
||||
+33
-22
@@ -1,13 +1,20 @@
|
||||
import secrets
|
||||
from typing import Iterable
|
||||
|
||||
from django.contrib.auth.models import Permission
|
||||
from django.db import models
|
||||
from django.db.models import Q
|
||||
from django.utils.functional import cached_property
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
from django.utils.translation import pgettext_lazy
|
||||
|
||||
from core.models import Group, User
|
||||
|
||||
|
||||
def get_hmac_key():
|
||||
return secrets.token_hex(64)
|
||||
|
||||
|
||||
class ApiClient(models.Model):
|
||||
name = models.CharField(_("name"), max_length=64)
|
||||
owner = models.ForeignKey(
|
||||
@@ -26,11 +33,10 @@ class ApiClient(models.Model):
|
||||
help_text=_("Specific permissions for this api client."),
|
||||
related_name="clients",
|
||||
)
|
||||
hmac_key = models.CharField(_("HMAC Key"), max_length=128, default=get_hmac_key)
|
||||
created_at = models.DateTimeField(auto_now_add=True)
|
||||
updated_at = models.DateTimeField(auto_now=True)
|
||||
|
||||
_perm_cache: set[str] | None = None
|
||||
|
||||
class Meta:
|
||||
verbose_name = _("api client")
|
||||
verbose_name_plural = _("api clients")
|
||||
@@ -38,33 +44,38 @@ class ApiClient(models.Model):
|
||||
def __str__(self):
|
||||
return self.name
|
||||
|
||||
@cached_property
|
||||
def all_permissions(self) -> set[str]:
|
||||
permissions = (
|
||||
Permission.objects.filter(
|
||||
Q(group__group__in=self.groups.all()) | Q(clients=self)
|
||||
)
|
||||
.values_list("content_type__app_label", "codename")
|
||||
.order_by()
|
||||
)
|
||||
return {f"{content_type}.{name}" for content_type, name in permissions}
|
||||
|
||||
def has_perm(self, perm: str):
|
||||
"""Return True if the client has the specified permission."""
|
||||
return perm in self.all_permissions
|
||||
|
||||
if self._perm_cache is None:
|
||||
group_permissions = (
|
||||
Permission.objects.filter(group__group__in=self.groups.all())
|
||||
.values_list("content_type__app_label", "codename")
|
||||
.order_by()
|
||||
)
|
||||
client_permissions = self.client_permissions.values_list(
|
||||
"content_type__app_label", "codename"
|
||||
).order_by()
|
||||
self._perm_cache = {
|
||||
f"{content_type}.{name}"
|
||||
for content_type, name in (*group_permissions, *client_permissions)
|
||||
}
|
||||
return perm in self._perm_cache
|
||||
|
||||
def has_perms(self, perm_list):
|
||||
"""
|
||||
Return True if the client has each of the specified permissions. If
|
||||
object is passed, check if the client has all required perms for it.
|
||||
"""
|
||||
def has_perms(self, perm_list: Iterable[str]) -> bool:
|
||||
"""Return True if the client has each of the specified permissions."""
|
||||
if not isinstance(perm_list, Iterable) or isinstance(perm_list, str):
|
||||
raise ValueError("perm_list must be an iterable of permissions.")
|
||||
return all(self.has_perm(perm) for perm in perm_list)
|
||||
|
||||
def reset_hmac(self, *, commit: bool = True) -> str:
|
||||
"""Reset and return the HMAC key for this client.
|
||||
|
||||
Args:
|
||||
commit: if True (the default), persist the new hmac in db.
|
||||
"""
|
||||
self.hmac_key = get_hmac_key()
|
||||
if commit:
|
||||
self.save()
|
||||
return self.hmac_key
|
||||
|
||||
|
||||
class ApiKey(models.Model):
|
||||
PREFIX_LENGTH = 5
|
||||
|
||||
@@ -0,0 +1,23 @@
|
||||
from ninja import ModelSchema, Schema
|
||||
from pydantic import Field, HttpUrl
|
||||
|
||||
from api.models import ApiClient
|
||||
from core.schemas import SimpleUserSchema
|
||||
|
||||
|
||||
class ApiClientSchema(ModelSchema):
|
||||
class Meta:
|
||||
model = ApiClient
|
||||
fields = ["id", "name"]
|
||||
|
||||
owner: SimpleUserSchema
|
||||
permissions: list[str] = Field(alias="all_permissions")
|
||||
|
||||
|
||||
class ThirdPartyAuthParamsSchema(Schema):
|
||||
client_id: int
|
||||
third_party_app: str
|
||||
privacy_link: HttpUrl
|
||||
username: str
|
||||
callback_url: HttpUrl
|
||||
signature: str
|
||||
+32
@@ -0,0 +1,32 @@
|
||||
{% extends "core/base.jinja" %}
|
||||
|
||||
{% block content %}
|
||||
<form method="post">
|
||||
{% csrf_token %}
|
||||
<h3>{% trans %}Confidentiality{% endtrans %}</h3>
|
||||
<p>
|
||||
{% trans trimmed app=third_party_app %}
|
||||
By ticking this box and clicking on the send button, you
|
||||
acknowledge and agree to provide {{ app }} with your
|
||||
first name, last name, nickname and any other information
|
||||
that was the third party app was explicitly authorized to fetch
|
||||
and that it must have acknowledged to you, in a complete and accurate manner.
|
||||
{% endtrans %}
|
||||
</p>
|
||||
<p class="margin-bottom">
|
||||
{% trans trimmed app=third_party_app, privacy_link=third_party_cgu, sith_cgu_link=sith_cgu %}
|
||||
The privacy policies of <a href="{{ privacy_link }}">{{ app }}</a>
|
||||
and of <a href="{{ sith_cgu_link }}">the Students' Association</a>
|
||||
applies as soon as the form is submitted.
|
||||
{% endtrans %}
|
||||
</p>
|
||||
<div class="row">{{ form.cgu_accepted }} {{ form.cgu_accepted.label_tag() }}</div>
|
||||
<br>
|
||||
<h3 class="margin-bottom">{% trans %}Confirmation of identity{% endtrans %}</h3>
|
||||
<div class="row margin-bottom">
|
||||
{{ form.is_username_valid }} {{ form.is_username_valid.label_tag() }}
|
||||
</div>
|
||||
{% for field in form.hidden_fields() %}{{ field }}{% endfor %}
|
||||
<input type="submit" class="btn btn-blue">
|
||||
</form>
|
||||
{% endblock %}
|
||||
@@ -0,0 +1,24 @@
|
||||
import pytest
|
||||
from django.contrib.admin import AdminSite
|
||||
from django.http import HttpRequest
|
||||
from model_bakery import baker
|
||||
from pytest_django.asserts import assertNumQueries
|
||||
|
||||
from api.admin import ApiClientAdmin
|
||||
from api.models import ApiClient
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_reset_hmac_action():
|
||||
client_admin = ApiClientAdmin(ApiClient, AdminSite())
|
||||
api_clients = baker.make(ApiClient, _quantity=4, _bulk_create=True)
|
||||
old_hmac_keys = [c.hmac_key for c in api_clients]
|
||||
with assertNumQueries(2):
|
||||
qs = ApiClient.objects.filter(id__in=[c.id for c in api_clients[2:4]])
|
||||
client_admin.reset_hmac_key(HttpRequest(), qs)
|
||||
for c in api_clients:
|
||||
c.refresh_from_db()
|
||||
assert api_clients[0].hmac_key == old_hmac_keys[0]
|
||||
assert api_clients[1].hmac_key == old_hmac_keys[1]
|
||||
assert api_clients[2].hmac_key != old_hmac_keys[2]
|
||||
assert api_clients[3].hmac_key != old_hmac_keys[3]
|
||||
@@ -0,0 +1,18 @@
|
||||
import pytest
|
||||
from django.test import Client
|
||||
from django.urls import reverse
|
||||
from model_bakery import baker
|
||||
|
||||
from api.hashers import generate_key
|
||||
from api.models import ApiClient, ApiKey
|
||||
from api.schemas import ApiClientSchema
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_api_client_controller(client: Client):
|
||||
key, hashed = generate_key()
|
||||
api_client = baker.make(ApiClient)
|
||||
baker.make(ApiKey, client=api_client, hashed_key=hashed)
|
||||
res = client.get(reverse("api:api-client-infos"), headers={"X-APIKey": key})
|
||||
assert res.status_code == 200
|
||||
assert res.json() == ApiClientSchema.from_orm(api_client).model_dump()
|
||||
@@ -0,0 +1,59 @@
|
||||
import pytest
|
||||
from django.contrib.auth.models import Permission
|
||||
from django.test import TestCase
|
||||
from model_bakery import baker
|
||||
|
||||
from api.models import ApiClient
|
||||
from core.models import Group
|
||||
|
||||
|
||||
class TestClientPermissions(TestCase):
|
||||
@classmethod
|
||||
def setUpTestData(cls):
|
||||
cls.api_client = baker.make(ApiClient)
|
||||
cls.perms = baker.make(Permission, _quantity=10, _bulk_create=True)
|
||||
cls.api_client.groups.set(
|
||||
[
|
||||
baker.make(Group, permissions=cls.perms[0:3]),
|
||||
baker.make(Group, permissions=cls.perms[3:5]),
|
||||
]
|
||||
)
|
||||
cls.api_client.client_permissions.set(
|
||||
[cls.perms[3], cls.perms[5], cls.perms[6], cls.perms[7]]
|
||||
)
|
||||
|
||||
def test_all_permissions(self):
|
||||
assert self.api_client.all_permissions == {
|
||||
f"{p.content_type.app_label}.{p.codename}" for p in self.perms[0:8]
|
||||
}
|
||||
|
||||
def test_has_perm(self):
|
||||
assert self.api_client.has_perm(
|
||||
f"{self.perms[1].content_type.app_label}.{self.perms[1].codename}"
|
||||
)
|
||||
assert not self.api_client.has_perm(
|
||||
f"{self.perms[9].content_type.app_label}.{self.perms[9].codename}"
|
||||
)
|
||||
|
||||
def test_has_perms(self):
|
||||
assert self.api_client.has_perms(
|
||||
[
|
||||
f"{self.perms[1].content_type.app_label}.{self.perms[1].codename}",
|
||||
f"{self.perms[2].content_type.app_label}.{self.perms[2].codename}",
|
||||
]
|
||||
)
|
||||
assert not self.api_client.has_perms(
|
||||
[
|
||||
f"{self.perms[1].content_type.app_label}.{self.perms[1].codename}",
|
||||
f"{self.perms[9].content_type.app_label}.{self.perms[9].codename}",
|
||||
],
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_reset_hmac_key():
|
||||
client = baker.make(ApiClient)
|
||||
original_key = client.hmac_key
|
||||
client.reset_hmac(commit=True)
|
||||
assert len(client.hmac_key) == len(original_key)
|
||||
assert client.hmac_key != original_key
|
||||
@@ -0,0 +1,114 @@
|
||||
from unittest import mock
|
||||
from unittest.mock import Mock
|
||||
|
||||
from django.db.models import Max
|
||||
from django.test import TestCase
|
||||
from django.urls import reverse
|
||||
from model_bakery import baker
|
||||
from pytest_django.asserts import assertRedirects
|
||||
|
||||
from api.models import ApiClient, get_hmac_key
|
||||
from core.baker_recipes import subscriber_user
|
||||
from core.schemas import UserProfileSchema
|
||||
from core.utils import hmac_hexdigest
|
||||
|
||||
|
||||
def mocked_post(*, ok: bool):
|
||||
class MockedResponse(Mock):
|
||||
@property
|
||||
def ok(self):
|
||||
return ok
|
||||
|
||||
def mocked():
|
||||
return MockedResponse()
|
||||
|
||||
return mocked
|
||||
|
||||
|
||||
class TestThirdPartyAuth(TestCase):
|
||||
@classmethod
|
||||
def setUpTestData(cls):
|
||||
cls.user = subscriber_user.make()
|
||||
cls.api_client = baker.make(ApiClient)
|
||||
|
||||
def setUp(self):
|
||||
self.query = {
|
||||
"client_id": self.api_client.id,
|
||||
"third_party_app": "app",
|
||||
"privacy_link": "https://foobar.fr/",
|
||||
"username": "bibou",
|
||||
"callback_url": "https://callback.fr/",
|
||||
}
|
||||
self.query["signature"] = hmac_hexdigest(self.api_client.hmac_key, self.query)
|
||||
self.callback_data = {
|
||||
"user": UserProfileSchema.from_orm(self.user).model_dump()
|
||||
}
|
||||
self.callback_data["signature"] = hmac_hexdigest(
|
||||
self.api_client.hmac_key, self.callback_data["user"]
|
||||
)
|
||||
|
||||
def test_auth_ok(self):
|
||||
self.client.force_login(self.user)
|
||||
res = self.client.get(reverse("api-link:third-party-auth", query=self.query))
|
||||
assert res.status_code == 200
|
||||
with mock.patch("requests.post", new_callable=mocked_post(ok=True)) as mocked:
|
||||
res = self.client.post(
|
||||
reverse("api-link:third-party-auth"),
|
||||
data={"cgu_accepted": True, "is_username_valid": True, **self.query},
|
||||
)
|
||||
mocked.assert_called_once_with(
|
||||
self.query["callback_url"], json=self.callback_data
|
||||
)
|
||||
assertRedirects(
|
||||
res,
|
||||
reverse("api-link:third-party-auth-result", kwargs={"result": "success"}),
|
||||
)
|
||||
|
||||
def test_callback_error(self):
|
||||
"""Test that the user see the failure page if the callback request failed."""
|
||||
self.client.force_login(self.user)
|
||||
with mock.patch("requests.post", new_callable=mocked_post(ok=False)) as mocked:
|
||||
res = self.client.post(
|
||||
reverse("api-link:third-party-auth"),
|
||||
data={"cgu_accepted": True, "is_username_valid": True, **self.query},
|
||||
)
|
||||
mocked.assert_called_once_with(
|
||||
self.query["callback_url"], json=self.callback_data
|
||||
)
|
||||
assertRedirects(
|
||||
res,
|
||||
reverse("api-link:third-party-auth-result", kwargs={"result": "failure"}),
|
||||
)
|
||||
|
||||
def test_wrong_signature(self):
|
||||
"""Test that a 403 is raised if the signature of the query is wrong."""
|
||||
self.client.force_login(subscriber_user.make())
|
||||
new_key = get_hmac_key()
|
||||
del self.query["signature"]
|
||||
self.query["signature"] = hmac_hexdigest(new_key, self.query)
|
||||
res = self.client.get(reverse("api-link:third-party-auth", query=self.query))
|
||||
assert res.status_code == 403
|
||||
|
||||
def test_cgu_not_accepted(self):
|
||||
self.client.force_login(self.user)
|
||||
res = self.client.get(reverse("api-link:third-party-auth", query=self.query))
|
||||
assert res.status_code == 200
|
||||
res = self.client.post(reverse("api-link:third-party-auth"), data=self.query)
|
||||
assert res.status_code == 200 # no redirect means invalid form
|
||||
res = self.client.post(
|
||||
reverse("api-link:third-party-auth"),
|
||||
data={"cgu_accepted": False, "is_username_valid": False, **self.query},
|
||||
)
|
||||
assert res.status_code == 200
|
||||
|
||||
def test_invalid_client(self):
|
||||
self.query["client_id"] = ApiClient.objects.aggregate(res=Max("id"))["res"] + 1
|
||||
res = self.client.get(reverse("api-link:third-party-auth", query=self.query))
|
||||
assert res.status_code == 403
|
||||
|
||||
def test_missing_parameter(self):
|
||||
"""Test that a 403 is raised if there is a missing parameter."""
|
||||
del self.query["username"]
|
||||
self.query["signature"] = hmac_hexdigest(self.api_client.hmac_key, self.query)
|
||||
res = self.client.get(reverse("api-link:third-party-auth", query=self.query))
|
||||
assert res.status_code == 403
|
||||
+15
@@ -1,6 +1,10 @@
|
||||
from django.urls import path, register_converter
|
||||
from ninja.security import SessionAuth
|
||||
from ninja_extra import NinjaExtraAPI
|
||||
|
||||
from api.views import ThirdPartyAuthResultView, ThirdPartyAuthView
|
||||
from core.converters import ResultConverter
|
||||
|
||||
api = NinjaExtraAPI(
|
||||
title="PICON",
|
||||
description="Portail Interactif de Communication avec les Outils Numériques",
|
||||
@@ -9,3 +13,14 @@ api = NinjaExtraAPI(
|
||||
auth=[SessionAuth()],
|
||||
)
|
||||
api.auto_discover_controllers()
|
||||
|
||||
register_converter(ResultConverter, "res")
|
||||
|
||||
urlpatterns = [
|
||||
path("auth/", ThirdPartyAuthView.as_view(), name="third-party-auth"),
|
||||
path(
|
||||
"auth/<res:result>/",
|
||||
ThirdPartyAuthResultView.as_view(),
|
||||
name="third-party-auth-result",
|
||||
),
|
||||
]
|
||||
|
||||
+119
@@ -0,0 +1,119 @@
|
||||
import hmac
|
||||
from urllib.parse import unquote
|
||||
|
||||
import pydantic
|
||||
import requests
|
||||
from django.conf import settings
|
||||
from django.contrib import messages
|
||||
from django.contrib.auth.mixins import LoginRequiredMixin
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.urls import reverse, reverse_lazy
|
||||
from django.utils.translation import gettext as _
|
||||
from django.views.generic import FormView, TemplateView
|
||||
from ninja_extra.shortcuts import get_object_or_none
|
||||
|
||||
from api.forms import ThirdPartyAuthForm
|
||||
from api.models import ApiClient
|
||||
from api.schemas import ThirdPartyAuthParamsSchema
|
||||
from core.models import SithFile
|
||||
from core.schemas import UserProfileSchema
|
||||
from core.utils import hmac_hexdigest
|
||||
|
||||
|
||||
class ThirdPartyAuthView(LoginRequiredMixin, FormView):
|
||||
form_class = ThirdPartyAuthForm
|
||||
template_name = "api/third_party/auth.jinja"
|
||||
success_url = reverse_lazy("core:index")
|
||||
|
||||
def parse_params(self) -> ThirdPartyAuthParamsSchema:
|
||||
"""Parse and check the authentication parameters.
|
||||
|
||||
Raises:
|
||||
PermissionDenied: if the verification failed.
|
||||
"""
|
||||
# This is here rather than in ThirdPartyAuthForm because
|
||||
# the given parameters and their signature are checked during both
|
||||
# POST (for obvious reasons) and GET (in order not to make
|
||||
# the user fill a form just to get an error he won't understand)
|
||||
params = self.request.GET or self.request.POST
|
||||
params = {key: unquote(val) for key, val in params.items()}
|
||||
try:
|
||||
params = ThirdPartyAuthParamsSchema(**params)
|
||||
except pydantic.ValidationError as e:
|
||||
raise PermissionDenied("Wrong data format") from e
|
||||
client: ApiClient = get_object_or_none(ApiClient, id=params.client_id)
|
||||
if not client:
|
||||
raise PermissionDenied
|
||||
if not hmac.compare_digest(
|
||||
hmac_hexdigest(client.hmac_key, params.model_dump(exclude={"signature"})),
|
||||
params.signature,
|
||||
):
|
||||
raise PermissionDenied("Bad signature")
|
||||
return params
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
self.params = self.parse_params()
|
||||
return super().dispatch(request, *args, **kwargs)
|
||||
|
||||
def get(self, *args, **kwargs):
|
||||
messages.warning(
|
||||
self.request,
|
||||
_(
|
||||
"You are going to link your AE account and your %(app)s account. "
|
||||
"Continue only if this page was opened from %(app)s."
|
||||
)
|
||||
% {"app": self.params.third_party_app},
|
||||
)
|
||||
return super().get(*args, **kwargs)
|
||||
|
||||
def get_initial(self):
|
||||
return self.params.model_dump()
|
||||
|
||||
def form_valid(self, form):
|
||||
client = ApiClient.objects.get(id=form.cleaned_data["client_id"])
|
||||
user = UserProfileSchema.from_orm(self.request.user).model_dump()
|
||||
data = {"user": user, "signature": hmac_hexdigest(client.hmac_key, user)}
|
||||
response = requests.post(form.cleaned_data["callback_url"], json=data)
|
||||
self.success_url = reverse(
|
||||
"api-link:third-party-auth-result",
|
||||
kwargs={"result": "success" if response.ok else "failure"},
|
||||
)
|
||||
return super().form_valid(form)
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
return super().get_context_data(**kwargs) | {
|
||||
"third_party_app": self.params.third_party_app,
|
||||
"third_party_cgu": self.params.privacy_link,
|
||||
"sith_cgu": SithFile.objects.get(id=settings.SITH_CGU_FILE_ID),
|
||||
}
|
||||
|
||||
|
||||
class ThirdPartyAuthResultView(LoginRequiredMixin, TemplateView):
|
||||
"""View that the user will see if its authentication on sith was successful.
|
||||
|
||||
This can show either a success or a failure message :
|
||||
- success : everything is good, the user is successfully authenticated
|
||||
and can close the page
|
||||
- failure : the authentication has been processed on the sith side,
|
||||
but the request to the callback url received an error.
|
||||
In such a case, there is nothing much we can do but to advice
|
||||
the user to contact the developers of the third-party app.
|
||||
"""
|
||||
|
||||
template_name = "core/base.jinja"
|
||||
success_message = _(
|
||||
"You have been successfully authenticated. You can now close this page."
|
||||
)
|
||||
error_message = _(
|
||||
"Your authentication on the AE website was successful, "
|
||||
"but an error happened during the interaction "
|
||||
"with the third-party application. "
|
||||
"Please contact the managers of the latter."
|
||||
)
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
if self.kwargs.get("result") == "success":
|
||||
messages.success(request, self.success_message)
|
||||
else:
|
||||
messages.error(request, self.error_message)
|
||||
return super().get(request, *args, **kwargs)
|
||||
+1
-28
@@ -13,10 +13,8 @@
|
||||
#
|
||||
#
|
||||
from django.contrib import admin
|
||||
from django.forms.models import ModelForm
|
||||
from django.http import HttpRequest
|
||||
|
||||
from club.models import Club, ClubRole, Membership
|
||||
from club.models import Club, Membership
|
||||
|
||||
|
||||
@admin.register(Club)
|
||||
@@ -31,31 +29,6 @@ class ClubAdmin(admin.ModelAdmin):
|
||||
"page",
|
||||
)
|
||||
|
||||
def save_model(
|
||||
self,
|
||||
request: HttpRequest,
|
||||
obj: Club,
|
||||
form: ModelForm,
|
||||
change: bool, # noqa: FBT001
|
||||
):
|
||||
super().save_model(request, obj, form, change)
|
||||
if not change:
|
||||
obj.create_default_roles()
|
||||
|
||||
|
||||
@admin.register(ClubRole)
|
||||
class ClubRoleAdmin(admin.ModelAdmin):
|
||||
list_display = ("name", "club", "is_board", "is_presidency")
|
||||
search_fields = ("name",)
|
||||
autocomplete_fields = ("club",)
|
||||
list_select_related = ("club",)
|
||||
list_filter = (
|
||||
"is_board",
|
||||
"is_presidency",
|
||||
("club", admin.RelatedOnlyFieldListFilter),
|
||||
)
|
||||
show_facets = admin.ModelAdmin.show_facets.ALWAYS
|
||||
|
||||
|
||||
@admin.register(Membership)
|
||||
class MembershipAdmin(admin.ModelAdmin):
|
||||
|
||||
+2
-3
@@ -37,8 +37,7 @@ class ClubController(ControllerBase):
|
||||
)
|
||||
def fetch_club(self, club_id: int):
|
||||
prefetch = Prefetch(
|
||||
"members",
|
||||
queryset=Membership.objects.ongoing().select_related("user", "role"),
|
||||
"members", queryset=Membership.objects.ongoing().select_related("user")
|
||||
)
|
||||
return self.get_object_or_exception(
|
||||
Club.objects.prefetch_related(prefetch), id=club_id
|
||||
@@ -60,5 +59,5 @@ class UserClubController(ControllerBase):
|
||||
return (
|
||||
Membership.objects.ongoing()
|
||||
.filter(user=user)
|
||||
.select_related("club", "user", "role")
|
||||
.select_related("club", "user")
|
||||
)
|
||||
|
||||
+27
-79
@@ -23,12 +23,13 @@
|
||||
#
|
||||
|
||||
from django import forms
|
||||
from django.db.models import Exists, OuterRef, Q, QuerySet
|
||||
from django.conf import settings
|
||||
from django.db.models import Exists, OuterRef, Q
|
||||
from django.db.models.functions import Lower
|
||||
from django.utils.functional import cached_property
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
|
||||
from club.models import Club, ClubRole, Mailing, MailingSubscription, Membership
|
||||
from club.models import Club, Mailing, MailingSubscription, Membership
|
||||
from core.models import User
|
||||
from core.views.forms import SelectDateTime
|
||||
from core.views.widgets.ajax_select import (
|
||||
@@ -214,7 +215,9 @@ class ClubOldMemberForm(forms.Form):
|
||||
|
||||
def __init__(self, *args, user: User, club: Club, **kwargs):
|
||||
super().__init__(*args, **kwargs)
|
||||
self.fields["members_old"].queryset = club.members.ongoing().editable_by(user)
|
||||
self.fields["members_old"].queryset = (
|
||||
Membership.objects.ongoing().filter(club=club).editable_by(user)
|
||||
)
|
||||
|
||||
|
||||
class ClubMemberForm(forms.ModelForm):
|
||||
@@ -232,14 +235,19 @@ class ClubMemberForm(forms.ModelForm):
|
||||
self.request_user = request_user
|
||||
self.request_user_membership = self.club.get_membership_for(self.request_user)
|
||||
super().__init__(*args, **kwargs)
|
||||
self.fields["role"].queryset = self.available_roles
|
||||
self.fields["role"].required = True
|
||||
self.fields["role"].choices = [
|
||||
(value, name)
|
||||
for value, name in settings.SITH_CLUB_ROLES.items()
|
||||
if value <= self.max_available_role
|
||||
]
|
||||
self.instance.club = club
|
||||
|
||||
@property
|
||||
def available_roles(self) -> QuerySet[ClubRole]:
|
||||
"""The roles that will be obtainable with this form."""
|
||||
def max_available_role(self):
|
||||
"""The greatest role that will be obtainable with this form."""
|
||||
# this is unreachable, because it will be overridden by subclasses
|
||||
return ClubRole.objects.none() # pragma: no cover
|
||||
return -1 # pragma: no cover
|
||||
|
||||
|
||||
class ClubAddMemberForm(ClubMemberForm):
|
||||
@@ -250,22 +258,21 @@ class ClubAddMemberForm(ClubMemberForm):
|
||||
widgets = {"user": AutoCompleteSelectUser}
|
||||
|
||||
@cached_property
|
||||
def available_roles(self):
|
||||
"""The roles that will be obtainable with this form.
|
||||
def max_available_role(self):
|
||||
"""The greatest role that will be obtainable with this form.
|
||||
|
||||
Admins and the club president can attribute any role.
|
||||
Board members can attribute roles lower than their own.
|
||||
Other users cannot attribute roles with this form
|
||||
"""
|
||||
qs = self.club.roles.filter(is_active=True)
|
||||
if self.request_user.has_perm("club.add_membership"):
|
||||
return qs.all()
|
||||
return settings.SITH_CLUB_ROLES_ID["President"]
|
||||
membership = self.request_user_membership
|
||||
if membership is None or not membership.role.is_board:
|
||||
return ClubRole.objects.none()
|
||||
if membership.role.is_presidency:
|
||||
return qs.all()
|
||||
return qs.above_instance(membership.role)
|
||||
if membership is None or membership.role <= settings.SITH_MAXIMUM_FREE_ROLE:
|
||||
return -1
|
||||
if membership.role == settings.SITH_CLUB_ROLES_ID["President"]:
|
||||
return membership.role
|
||||
return membership.role - 1
|
||||
|
||||
def clean_user(self):
|
||||
"""Check that the user is not trying to add a user already in the club.
|
||||
@@ -289,11 +296,13 @@ class JoinClubForm(ClubMemberForm):
|
||||
|
||||
def __init__(self, *args, club: Club, request_user: User, **kwargs):
|
||||
super().__init__(*args, club=club, request_user=request_user, **kwargs)
|
||||
# this form doesn't manage the user who will join the club,
|
||||
# so we must set this here to avoid errors
|
||||
self.instance.user = self.request_user
|
||||
|
||||
@cached_property
|
||||
def available_roles(self):
|
||||
return self.club.roles.filter(is_board=False, is_active=True)
|
||||
def max_available_role(self):
|
||||
return settings.SITH_MAXIMUM_FREE_ROLE
|
||||
|
||||
def clean(self):
|
||||
"""Check that the user is subscribed and isn't already in the club."""
|
||||
@@ -330,64 +339,3 @@ class ClubSearchForm(forms.ModelForm):
|
||||
# so we enforce it.
|
||||
self.fields["club_status"].value = True
|
||||
self.fields["name"].required = False
|
||||
|
||||
|
||||
class ClubRoleForm(forms.ModelForm):
|
||||
error_css_class = "error"
|
||||
required_css_class = "required"
|
||||
|
||||
class Meta:
|
||||
model = ClubRole
|
||||
fields = ["name", "description", "is_presidency", "is_board", "is_active"]
|
||||
widgets = {
|
||||
"is_presidency": forms.HiddenInput(),
|
||||
"is_board": forms.HiddenInput(),
|
||||
"is_active": forms.CheckboxInput(attrs={"class": "switch"}),
|
||||
}
|
||||
|
||||
def clean(self):
|
||||
cleaned_data = super().clean()
|
||||
if "ORDER" in cleaned_data:
|
||||
self.instance.order = cleaned_data["ORDER"] - 1
|
||||
return cleaned_data
|
||||
|
||||
|
||||
class ClubRoleCreateForm(forms.ModelForm):
|
||||
"""Form to create a club role.
|
||||
|
||||
Notes:
|
||||
For UX purposes, users are not meant to fill `is_presidency`
|
||||
and `is_board`, so those values are required by the form constructor
|
||||
in order to initialize the instance properly.
|
||||
"""
|
||||
|
||||
error_css_class = "error"
|
||||
required_css_class = "required"
|
||||
|
||||
class Meta:
|
||||
model = ClubRole
|
||||
fields = ["name", "description"]
|
||||
|
||||
def __init__(
|
||||
self, *args, club: Club, is_presidency: bool, is_board: bool, **kwargs
|
||||
):
|
||||
super().__init__(*args, **kwargs)
|
||||
self.instance.club = club
|
||||
self.instance.is_presidency = is_presidency
|
||||
self.instance.is_board = is_board
|
||||
|
||||
|
||||
class ClubRoleBaseFormSet(forms.BaseInlineFormSet):
|
||||
ordering_widget = forms.HiddenInput()
|
||||
|
||||
|
||||
ClubRoleFormSet = forms.inlineformset_factory(
|
||||
Club,
|
||||
ClubRole,
|
||||
ClubRoleForm,
|
||||
ClubRoleBaseFormSet,
|
||||
can_delete=False,
|
||||
can_order=True,
|
||||
edit_only=True,
|
||||
extra=0,
|
||||
)
|
||||
|
||||
@@ -2,15 +2,12 @@
|
||||
|
||||
import django.db.models.deletion
|
||||
import django.db.models.functions.datetime
|
||||
from django.conf import settings
|
||||
from django.db import migrations, models
|
||||
from django.db.migrations.state import StateApps
|
||||
from django.db.models import Q
|
||||
from django.utils.timezone import localdate
|
||||
|
||||
# Before the club role rework, the maximum free role
|
||||
# was the hardcoded highest non-board role
|
||||
MAXIMUM_FREE_ROLE = 1
|
||||
|
||||
|
||||
def migrate_meta_groups(apps: StateApps, schema_editor):
|
||||
"""Attach the existing meta groups to the clubs.
|
||||
@@ -49,7 +46,10 @@ def migrate_meta_groups(apps: StateApps, schema_editor):
|
||||
).select_related("user")
|
||||
club.members_group.users.set([m.user for m in memberships])
|
||||
club.board_group.users.set(
|
||||
[m.user for m in memberships.filter(role__gt=MAXIMUM_FREE_ROLE)]
|
||||
[
|
||||
m.user
|
||||
for m in memberships.filter(role__gt=settings.SITH_MAXIMUM_FREE_ROLE)
|
||||
]
|
||||
)
|
||||
|
||||
|
||||
|
||||
@@ -1,161 +0,0 @@
|
||||
# Generated by Django 5.2.3 on 2025-06-21 21:59
|
||||
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
from django.db.migrations.state import StateApps
|
||||
from django.db.models import Case, When
|
||||
|
||||
PRESIDENCY_ROLES = [10, 9]
|
||||
MAXIMUM_FREE_ROLE = 1
|
||||
SITH_CLUB_ROLES = {
|
||||
10: "Président⸱e",
|
||||
9: "Vice-Président⸱e",
|
||||
7: "Trésorier⸱e",
|
||||
5: "Responsable communication",
|
||||
4: "Secrétaire",
|
||||
3: "Responsable info",
|
||||
2: "Membre du bureau",
|
||||
1: "Membre actif⸱ve",
|
||||
0: "Curieux⸱euse",
|
||||
}
|
||||
|
||||
|
||||
def migrate_roles(apps: StateApps, schema_editor):
|
||||
ClubRole = apps.get_model("club", "ClubRole")
|
||||
Membership = apps.get_model("club", "Membership")
|
||||
|
||||
updates = []
|
||||
for club_id, role in Membership.objects.values_list("club", "role").distinct():
|
||||
new_role = ClubRole.objects.create(
|
||||
name=SITH_CLUB_ROLES[role],
|
||||
is_board=role > MAXIMUM_FREE_ROLE,
|
||||
is_presidency=role in PRESIDENCY_ROLES,
|
||||
club_id=club_id,
|
||||
order=max(SITH_CLUB_ROLES) - role,
|
||||
)
|
||||
updates.append(When(role=role, then=new_role.id))
|
||||
# all updates must happen at the same time
|
||||
# otherwise, the 10 first created ClubRole would be
|
||||
# re-modified after their initial creation, and it would
|
||||
# result in an incoherent state.
|
||||
# To avoid that, all updates are wrapped in a single giant Case(When) statement
|
||||
# cf. https://docs.djangoproject.com/fr/stable/ref/models/conditional-expressions/#conditional-update
|
||||
Membership.objects.update(role=Case(*updates))
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
dependencies = [
|
||||
("club", "0014_alter_club_options_rename_unix_name_club_slug_name_and_more"),
|
||||
("core", "0047_alter_notification_date_alter_notification_type"),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AlterField(
|
||||
model_name="club",
|
||||
name="page",
|
||||
field=models.OneToOneField(
|
||||
blank=True,
|
||||
on_delete=django.db.models.deletion.PROTECT,
|
||||
related_name="club",
|
||||
to="core.page",
|
||||
),
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name="ClubRole",
|
||||
fields=[
|
||||
(
|
||||
"id",
|
||||
models.AutoField(
|
||||
auto_created=True,
|
||||
primary_key=True,
|
||||
serialize=False,
|
||||
verbose_name="ID",
|
||||
),
|
||||
),
|
||||
(
|
||||
"order",
|
||||
models.PositiveIntegerField(
|
||||
db_index=True, editable=False, verbose_name="order"
|
||||
),
|
||||
),
|
||||
(
|
||||
"club",
|
||||
models.ForeignKey(
|
||||
help_text="The club with which this role is associated",
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
related_name="roles",
|
||||
to="club.club",
|
||||
verbose_name="club",
|
||||
),
|
||||
),
|
||||
("name", models.CharField(max_length=50, verbose_name="name")),
|
||||
(
|
||||
"description",
|
||||
models.TextField(
|
||||
default="", blank=True, verbose_name="description"
|
||||
),
|
||||
),
|
||||
(
|
||||
"is_board",
|
||||
models.BooleanField(default=False, verbose_name="Board role"),
|
||||
),
|
||||
(
|
||||
"is_presidency",
|
||||
models.BooleanField(default=False, verbose_name="Presidency role"),
|
||||
),
|
||||
(
|
||||
"is_active",
|
||||
models.BooleanField(
|
||||
default=True,
|
||||
help_text=(
|
||||
"If the role is inactive, people joining the club "
|
||||
"won't be able to get it."
|
||||
),
|
||||
verbose_name="is active",
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
"ordering": ("order",),
|
||||
"verbose_name": "club role",
|
||||
"verbose_name_plural": "club roles",
|
||||
},
|
||||
),
|
||||
migrations.AlterField(
|
||||
model_name="club",
|
||||
name="board_group",
|
||||
field=models.OneToOneField(
|
||||
editable=False,
|
||||
on_delete=django.db.models.deletion.PROTECT,
|
||||
related_name="club_board",
|
||||
to="core.group",
|
||||
),
|
||||
),
|
||||
migrations.AlterField(
|
||||
model_name="club",
|
||||
name="members_group",
|
||||
field=models.OneToOneField(
|
||||
editable=False,
|
||||
on_delete=django.db.models.deletion.PROTECT,
|
||||
related_name="club",
|
||||
to="core.group",
|
||||
),
|
||||
),
|
||||
migrations.AddConstraint(
|
||||
model_name="clubrole",
|
||||
constraint=models.CheckConstraint(
|
||||
condition=models.Q(
|
||||
("is_presidency", False), ("is_board", True), _connector="OR"
|
||||
),
|
||||
name="clubrole_presidency_implies_board",
|
||||
violation_error_message=(
|
||||
"A role cannot be in the presidency while not being in the board"
|
||||
),
|
||||
),
|
||||
),
|
||||
migrations.RunPython(migrate_roles, migrations.RunPython.noop),
|
||||
# because Postgres migrations run in a single transaction,
|
||||
# we cannot change the actual values of Membership.role
|
||||
# and apply the FOREIGN KEY constraint in the same migration.
|
||||
# The constraint is created in the next migration
|
||||
]
|
||||
@@ -1,25 +0,0 @@
|
||||
# Generated by Django 5.2.3 on 2025-09-27 09:57
|
||||
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
dependencies = [("club", "0015_clubrole_alter_membership_role")]
|
||||
|
||||
operations = [
|
||||
# because Postgres migrations run in a single transaction,
|
||||
# we cannot change the actual values of Membership.role
|
||||
# and apply the FOREIGN KEY constraint in the same migration.
|
||||
# The data migration was made in the previous migration.
|
||||
migrations.AlterField(
|
||||
model_name="membership",
|
||||
name="role",
|
||||
field=models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.PROTECT,
|
||||
related_name="members",
|
||||
to="club.clubrole",
|
||||
verbose_name="role",
|
||||
),
|
||||
),
|
||||
]
|
||||
+29
-162
@@ -28,15 +28,15 @@ from typing import Iterable, Self
|
||||
from django.conf import settings
|
||||
from django.core.exceptions import ObjectDoesNotExist, ValidationError
|
||||
from django.core.validators import RegexValidator, validate_email
|
||||
from django.db import ProgrammingError, models, transaction
|
||||
from django.db.models import Exists, F, OuterRef, Q
|
||||
from django.db import models, transaction
|
||||
from django.db.models import Exists, F, OuterRef, Q, Value
|
||||
from django.db.models.functions import Greatest
|
||||
from django.urls import reverse
|
||||
from django.utils import timezone
|
||||
from django.utils.functional import cached_property
|
||||
from django.utils.text import slugify
|
||||
from django.utils.timezone import localdate
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
from ordered_model.models import OrderedModel
|
||||
|
||||
from core.fields import ResizedImageField
|
||||
from core.models import Group, Notification, Page, SithFile, User
|
||||
@@ -89,13 +89,13 @@ class Club(models.Model):
|
||||
on_delete=models.SET_NULL,
|
||||
)
|
||||
page = models.OneToOneField(
|
||||
Page, related_name="club", blank=True, on_delete=models.PROTECT
|
||||
Page, related_name="club", blank=True, on_delete=models.CASCADE
|
||||
)
|
||||
members_group = models.OneToOneField(
|
||||
Group, related_name="club", on_delete=models.PROTECT, editable=False
|
||||
Group, related_name="club", on_delete=models.PROTECT
|
||||
)
|
||||
board_group = models.OneToOneField(
|
||||
Group, related_name="club_board", on_delete=models.PROTECT, editable=False
|
||||
Group, related_name="club_board", on_delete=models.PROTECT
|
||||
)
|
||||
|
||||
objects = ClubQuerySet.as_manager()
|
||||
@@ -138,7 +138,9 @@ class Club(models.Model):
|
||||
@cached_property
|
||||
def president(self) -> Membership | None:
|
||||
"""Fetch the membership of the current president of this club."""
|
||||
return self.members.filter(end_date=None).order_by("role__order").first()
|
||||
return self.members.filter(
|
||||
role=settings.SITH_CLUB_ROLES_ID["President"], end_date=None
|
||||
).first()
|
||||
|
||||
def check_loop(self):
|
||||
"""Raise a validation error when a loop is found within the parent list."""
|
||||
@@ -183,40 +185,6 @@ class Club(models.Model):
|
||||
self.page.parent = self.parent.page
|
||||
self.page.save(force_lock=True)
|
||||
|
||||
def create_default_roles(self):
|
||||
"""Create some roles that should exist by default for this club.
|
||||
|
||||
The created roles are : president, treasurer, active member and curious.
|
||||
|
||||
Warnings:
|
||||
When calling this method, no club must exist yet for this club.
|
||||
"""
|
||||
if self.roles.exists():
|
||||
raise ProgrammingError(
|
||||
"Default roles can be created only for clubs "
|
||||
"that don't have associated roles yet"
|
||||
)
|
||||
# The names are written in French, because there is no gettext involved
|
||||
# for strings stored in database, and the majority of users are french.
|
||||
roles = [
|
||||
ClubRole(name="Président⸱e", is_board=True, is_presidency=True),
|
||||
ClubRole(name="Trésorier⸱e", is_board=True, is_presidency=False),
|
||||
ClubRole(name="Membre actif⸱ve", is_board=False, is_presidency=False),
|
||||
ClubRole(
|
||||
name="Curieux⸱euse",
|
||||
description=(
|
||||
"Les gens qui suivent l'activité "
|
||||
"du club sans forcément y participer"
|
||||
),
|
||||
is_board=False,
|
||||
is_presidency=False,
|
||||
),
|
||||
]
|
||||
for i, role in enumerate(roles):
|
||||
role.club = self
|
||||
role.order = i
|
||||
ClubRole.objects.bulk_create(roles)
|
||||
|
||||
def delete(self, *args, **kwargs) -> tuple[int, dict[str, int]]:
|
||||
self.board_group.delete()
|
||||
self.members_group.delete()
|
||||
@@ -238,20 +206,9 @@ class Club(models.Model):
|
||||
"""Method to see if that object can be edited by the given user."""
|
||||
return self.has_rights_in_club(user)
|
||||
|
||||
def can_roles_be_edited_by(self, user: User) -> bool:
|
||||
"""Return True if the given user can edit the roles of this club"""
|
||||
return user.is_authenticated and (
|
||||
user.has_perm("club.change_clubrole")
|
||||
or self.members.ongoing()
|
||||
.filter(user=user, role__is_presidency=True)
|
||||
.exists()
|
||||
)
|
||||
|
||||
@cached_property
|
||||
def current_members(self) -> list[Membership]:
|
||||
return list(
|
||||
self.members.ongoing().select_related("user", "role").order_by("-role")
|
||||
)
|
||||
return list(self.members.ongoing().select_related("user").order_by("-role"))
|
||||
|
||||
def get_membership_for(self, user: User) -> Membership | None:
|
||||
"""Return the current membership of the given user."""
|
||||
@@ -263,95 +220,6 @@ class Club(models.Model):
|
||||
return user.is_in_group(pk=self.board_group_id)
|
||||
|
||||
|
||||
class ClubRole(OrderedModel):
|
||||
club = models.ForeignKey(
|
||||
Club,
|
||||
verbose_name=_("club"),
|
||||
help_text=_("The club with which this role is associated"),
|
||||
related_name="roles",
|
||||
on_delete=models.CASCADE,
|
||||
)
|
||||
name = models.CharField(_("name"), max_length=50)
|
||||
description = models.TextField(_("description"), blank=True, default="")
|
||||
is_board = models.BooleanField(_("Board role"), default=False)
|
||||
is_presidency = models.BooleanField(_("Presidency role"), default=False)
|
||||
is_active = models.BooleanField(
|
||||
_("is active"),
|
||||
default=True,
|
||||
help_text=_(
|
||||
"If the role is inactive, people joining the club won't be able to get it."
|
||||
),
|
||||
)
|
||||
|
||||
order_with_respect_to = "club"
|
||||
|
||||
class Meta(OrderedModel.Meta):
|
||||
verbose_name = _("club role")
|
||||
verbose_name_plural = _("club roles")
|
||||
constraints = [
|
||||
# presidency IMPLIES board <=> NOT presidency OR board
|
||||
# cf. MT1 :)
|
||||
models.CheckConstraint(
|
||||
condition=Q(is_presidency=False) | Q(is_board=True),
|
||||
name="clubrole_presidency_implies_board",
|
||||
violation_error_message=_(
|
||||
"A role cannot be in the presidency while not being in the board"
|
||||
),
|
||||
)
|
||||
]
|
||||
|
||||
def __str__(self):
|
||||
return self.name
|
||||
|
||||
def get_display_name(self):
|
||||
return f"{self.name} - {self.club.name}"
|
||||
|
||||
def clean(self):
|
||||
errors = []
|
||||
roles = list(self.club.roles.all())
|
||||
if (
|
||||
self.is_board
|
||||
and self.order
|
||||
and any(r.order < self.order and not r.is_board for r in roles)
|
||||
):
|
||||
errors.append(
|
||||
ValidationError(
|
||||
_("Role %(role)s cannot be placed below a member role")
|
||||
% {"role": self.name}
|
||||
)
|
||||
)
|
||||
if (
|
||||
self.is_presidency
|
||||
and self.order
|
||||
and any(r.order < self.order and not r.is_presidency for r in roles)
|
||||
):
|
||||
errors.append(
|
||||
ValidationError(
|
||||
_("Role %(role)s cannot be placed below a non-presidency role")
|
||||
% {"role": self.name}
|
||||
)
|
||||
)
|
||||
if errors:
|
||||
raise ValidationError(errors)
|
||||
return super().clean()
|
||||
|
||||
def save(self, *args, **kwargs):
|
||||
auto_order = self.order is None and self.is_board
|
||||
if not auto_order:
|
||||
super().save(*args, **kwargs)
|
||||
return
|
||||
# get the role that should be placed after the role we are dealing with.
|
||||
# So, if this is role is presidency, get the first board role ;
|
||||
# if it is a board role, get the first member role ;
|
||||
# and if it is a member role, get nothing (OrderedModel.save will
|
||||
# automatically put it in the last position anyway)
|
||||
filters = {"is_board": self.is_presidency, "is_presidency": False}
|
||||
next_role = self.club.roles.filter(**filters).order_by("order").first()
|
||||
super().save(*args, **kwargs)
|
||||
if next_role:
|
||||
self.above(next_role)
|
||||
|
||||
|
||||
class MembershipQuerySet(models.QuerySet):
|
||||
def ongoing(self) -> Self:
|
||||
"""Filter all memberships which are not finished yet."""
|
||||
@@ -364,10 +232,9 @@ class MembershipQuerySet(models.QuerySet):
|
||||
are included, even if there are no more members.
|
||||
|
||||
If you want to get the users who are currently in the board,
|
||||
mind combining this with the [MembershipQuerySet.ongoing][]
|
||||
queryset method
|
||||
mind combining this with the `ongoing` queryset method
|
||||
"""
|
||||
return self.filter(role__is_board=True)
|
||||
return self.filter(role__gt=settings.SITH_MAXIMUM_FREE_ROLE)
|
||||
|
||||
def editable_by(self, user: User) -> Self:
|
||||
"""Filter Memberships that this user can edit.
|
||||
@@ -390,16 +257,21 @@ class MembershipQuerySet(models.QuerySet):
|
||||
"""
|
||||
if user.has_perm("club.change_membership"):
|
||||
return self.all()
|
||||
return self.ongoing().filter(
|
||||
return self.filter(
|
||||
Q(user=user)
|
||||
| Exists(
|
||||
Membership.objects.ongoing().filter(
|
||||
Membership.objects.filter(
|
||||
Q(
|
||||
role__gt=Greatest(
|
||||
OuterRef("role"), Value(settings.SITH_MAXIMUM_FREE_ROLE)
|
||||
)
|
||||
),
|
||||
user=user,
|
||||
end_date=None,
|
||||
club=OuterRef("club"),
|
||||
role__is_board=True,
|
||||
role__order__lt=OuterRef("role__order"),
|
||||
)
|
||||
)
|
||||
),
|
||||
end_date=None,
|
||||
)
|
||||
|
||||
def update(self, **kwargs) -> int:
|
||||
@@ -469,11 +341,10 @@ class Membership(models.Model):
|
||||
)
|
||||
start_date = models.DateField(_("start date"), default=timezone.now)
|
||||
end_date = models.DateField(_("end date"), null=True, blank=True)
|
||||
role = models.ForeignKey(
|
||||
ClubRole,
|
||||
verbose_name=_("role"),
|
||||
related_name="members",
|
||||
on_delete=models.PROTECT,
|
||||
role = models.IntegerField(
|
||||
_("role"),
|
||||
choices=sorted(settings.SITH_CLUB_ROLES.items()),
|
||||
default=sorted(settings.SITH_CLUB_ROLES.items())[0][0],
|
||||
)
|
||||
description = models.CharField(
|
||||
_("description"), max_length=128, null=False, blank=True
|
||||
@@ -491,7 +362,7 @@ class Membership(models.Model):
|
||||
def __str__(self):
|
||||
return (
|
||||
f"{self.club.name} - {self.user.username} "
|
||||
f"- {self.role.name} "
|
||||
f"- {settings.SITH_CLUB_ROLES[self.role]} "
|
||||
f"- {str(_('past member')) if self.end_date is not None else ''}"
|
||||
)
|
||||
|
||||
@@ -520,11 +391,7 @@ class Membership(models.Model):
|
||||
if user.is_root or user.is_board_member:
|
||||
return True
|
||||
membership = self.club.get_membership_for(user)
|
||||
if not membership:
|
||||
return False
|
||||
return membership.user_id == user.id or (
|
||||
membership.is_board and membership.role.order < self.role.order
|
||||
)
|
||||
return membership is not None and membership.role >= self.role
|
||||
|
||||
def delete(self, *args, **kwargs):
|
||||
self._remove_club_groups([self])
|
||||
@@ -600,7 +467,7 @@ class Membership(models.Model):
|
||||
group_id=membership.club.members_group_id,
|
||||
)
|
||||
)
|
||||
if membership.role.is_board:
|
||||
if membership.role > settings.SITH_MAXIMUM_FREE_ROLE:
|
||||
club_groups.append(
|
||||
User.groups.through(
|
||||
user_id=membership.user_id,
|
||||
|
||||
+3
-11
@@ -3,7 +3,7 @@ from typing import Annotated
|
||||
from django.db.models import Q
|
||||
from ninja import FilterLookup, FilterSchema, ModelSchema
|
||||
|
||||
from club.models import Club, ClubRole, Membership
|
||||
from club.models import Club, Membership
|
||||
from core.schemas import NonEmptyStr, SimpleUserSchema
|
||||
|
||||
|
||||
@@ -39,21 +39,14 @@ class ClubProfileSchema(ModelSchema):
|
||||
return obj.get_absolute_url()
|
||||
|
||||
|
||||
class ClubRoleSchema(ModelSchema):
|
||||
class Meta:
|
||||
model = ClubRole
|
||||
fields = ["id", "name", "is_presidency", "is_board"]
|
||||
|
||||
|
||||
class ClubMemberSchema(ModelSchema):
|
||||
"""A schema to represent all memberships in a club."""
|
||||
|
||||
class Meta:
|
||||
model = Membership
|
||||
fields = ["start_date", "end_date", "description"]
|
||||
fields = ["start_date", "end_date", "role", "description"]
|
||||
|
||||
user: SimpleUserSchema
|
||||
role: ClubRoleSchema
|
||||
|
||||
|
||||
class ClubSchema(ModelSchema):
|
||||
@@ -69,7 +62,6 @@ class UserMembershipSchema(ModelSchema):
|
||||
|
||||
class Meta:
|
||||
model = Membership
|
||||
fields = ["id", "start_date", "description"]
|
||||
fields = ["id", "start_date", "role", "description"]
|
||||
|
||||
club: SimpleClubSchema
|
||||
role: ClubRoleSchema
|
||||
|
||||
@@ -1,61 +0,0 @@
|
||||
import type { AlpineComponent } from "alpinejs";
|
||||
|
||||
interface RoleGroupData {
|
||||
isBoard: boolean;
|
||||
isPresidency: boolean;
|
||||
roleId: number;
|
||||
}
|
||||
|
||||
document.addEventListener("alpine:init", () => {
|
||||
Alpine.data("clubRoleList", (config: { userRoleId: number | null }) => ({
|
||||
confirmOnSubmit: false,
|
||||
|
||||
/**
|
||||
* Edit relevant item data after it has been moved by x-sort
|
||||
*/
|
||||
reorder(item: AlpineComponent<RoleGroupData>, conf: RoleGroupData) {
|
||||
item.isBoard = conf.isBoard;
|
||||
item.isPresidency = conf.isPresidency;
|
||||
// if the user has moved its own role outside the presidency,
|
||||
// submitting the form will require a confirmation
|
||||
this.confirmOnSubmit = config.userRoleId === item.roleId && !item.isPresidency;
|
||||
this.resetOrder();
|
||||
},
|
||||
/**
|
||||
* Reset the value of the ORDER input of all items in the list.
|
||||
* This is to be called after any reordering operation, in order to make sure
|
||||
* that the order that will be saved is coherent with what is displayed.
|
||||
*/
|
||||
resetOrder() {
|
||||
// When moving items with x-sort, the only information we truly have is
|
||||
// the end position in the target group, not the previous position nor
|
||||
// the position in the global list.
|
||||
// To overcome this, we loop through an enumeration of all inputs
|
||||
// that are in the form `roles-X-ORDER` and sequentially set the value of the field.
|
||||
const inputs = document.querySelectorAll<HTMLInputElement>(
|
||||
"input[name^='roles'][name$='ORDER']",
|
||||
);
|
||||
for (const [i, elem] of inputs.entries()) {
|
||||
elem.value = (i + 1).toString();
|
||||
}
|
||||
},
|
||||
|
||||
/**
|
||||
* If the user moved its role out of the presidency, ask a confirmation
|
||||
* before submitting the form
|
||||
*/
|
||||
confirmSubmission(event: SubmitEvent) {
|
||||
if (
|
||||
this.confirmOnSubmit &&
|
||||
!confirm(
|
||||
gettext(
|
||||
"You're going to remove your own role from the presidency. " +
|
||||
"You may lock yourself out of this page. Do you want to continue ? ",
|
||||
),
|
||||
)
|
||||
) {
|
||||
event.preventDefault();
|
||||
}
|
||||
},
|
||||
}));
|
||||
});
|
||||
@@ -1,7 +0,0 @@
|
||||
.fa-grip-vertical {
|
||||
display: flex;
|
||||
flex-direction: column;
|
||||
justify-content: center;
|
||||
cursor: pointer;
|
||||
margin-right: .5em;
|
||||
}
|
||||
@@ -12,15 +12,6 @@
|
||||
|
||||
<h2>{% trans %}Club members{% endtrans %}</h2>
|
||||
|
||||
{% if club.can_roles_be_edited_by(user) %}
|
||||
<a
|
||||
href="{{ url("club:club_roles", club_id=object.id) }}"
|
||||
class="btn btn-blue margin-bottom"
|
||||
>
|
||||
<i class="fa fa-users-gear"></i> {% trans %}Manage roles{% endtrans %}
|
||||
</a>
|
||||
{% endif %}
|
||||
|
||||
{% if add_member_fragment %}
|
||||
<br />
|
||||
{{ add_member_fragment }}
|
||||
@@ -50,7 +41,7 @@
|
||||
{% for m in members %}
|
||||
<tr>
|
||||
<td>{{ user_profile_link(m.user) }}</td>
|
||||
<td>{{ m.role.name }}</td>
|
||||
<td>{{ settings.SITH_CLUB_ROLES[m.role] }}</td>
|
||||
<td>{{ m.description }}</td>
|
||||
<td>{{ m.start_date }}</td>
|
||||
{%- if can_end_membership -%}
|
||||
|
||||
@@ -17,7 +17,7 @@
|
||||
{% for member in old_members %}
|
||||
<tr>
|
||||
<td>{{ user_profile_link(member.user) }}</td>
|
||||
<td>{{ member.role.name }}</td>
|
||||
<td>{{ settings.SITH_CLUB_ROLES[member.role] }}</td>
|
||||
<td>{{ member.description }}</td>
|
||||
<td>{{ member.start_date }}</td>
|
||||
<td>{{ member.end_date }}</td>
|
||||
|
||||
@@ -1,172 +0,0 @@
|
||||
{% extends "core/base.jinja" %}
|
||||
|
||||
{% block additional_js %}
|
||||
<script type="module" src="{{ static("bundled/club/role-list-index.ts") }}" xmlns="http://www.w3.org/1999/html"></script>
|
||||
{% endblock %}
|
||||
|
||||
{% block additional_css %}
|
||||
<link rel="stylesheet" href="{{ static("club/roles.scss") }}">
|
||||
{% endblock %}
|
||||
|
||||
{% macro display_subform(subform) %}
|
||||
<div
|
||||
class="row"
|
||||
x-data="{
|
||||
isPresidency: {{ subform.is_presidency.value()|lower }},
|
||||
isBoard: {{ subform.is_board.value()|lower }},
|
||||
roleId: {{ subform.id.value() }},
|
||||
}"
|
||||
x-sort:item="$data"
|
||||
>
|
||||
{# hidden fields #}
|
||||
{{ subform.ORDER }}
|
||||
{{ subform.id }}
|
||||
{{ subform.club }}
|
||||
{{ subform.is_presidency|add_attr("x-model=isPresidency") }}
|
||||
{{ subform.is_board|add_attr("x-model=isBoard") }}
|
||||
<i class="fa fa-grip-vertical" x-sort:handle></i>
|
||||
<details class="accordion grow" {% if subform.errors %}open{% endif %}>
|
||||
<summary>
|
||||
{{ subform.name.value() }}
|
||||
{% if not subform.instance.is_active -%}
|
||||
({% trans %}inactive{% endtrans %})
|
||||
{%- endif %}
|
||||
</summary>
|
||||
<div class="accordion-content">
|
||||
{{ subform.non_field_errors() }}
|
||||
<div class="form-group">
|
||||
{{ subform.name.as_field_group() }}
|
||||
</div>
|
||||
<div class="form-group">
|
||||
{{ subform.description.as_field_group() }}
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div>
|
||||
{{ subform.is_active }}
|
||||
{{ subform.is_active.label_tag() }}
|
||||
</div>
|
||||
<span class="helptext">
|
||||
{{ subform.is_active.help_text }}
|
||||
</span>
|
||||
</div>
|
||||
</div>
|
||||
</details>
|
||||
</div>
|
||||
{% endmacro %}
|
||||
|
||||
{% block content %}
|
||||
<p>
|
||||
{% trans trimmed %}
|
||||
Roles give rights on the club.
|
||||
Higher roles grant more rights, and the members having them are displayed higher
|
||||
in the club members list.
|
||||
{% endtrans %}
|
||||
</p>
|
||||
<p>
|
||||
{% trans trimmed %}
|
||||
On this page, you can edit their name and description, as well as their order.
|
||||
You can also drag roles from a category to another
|
||||
(e.g. a board role can be made into a presidency role).
|
||||
{% endtrans %}
|
||||
</p>
|
||||
<form
|
||||
method="post"
|
||||
x-data="clubRoleList({ userRoleId: {{ user_role or "null" }} })"
|
||||
@submit="confirmSubmission"
|
||||
>
|
||||
{% csrf_token %}
|
||||
{{ form.management_form }}
|
||||
{{ form.non_form_errors() }}
|
||||
<h3>{% trans %}Presidency{% endtrans %}</h3>
|
||||
<a class="btn btn-grey margin-bottom" href="{{ url("club:new_role_president", club_id=club.id) }}">
|
||||
<i class="fa fa-plus"></i> {% trans %}add role{% endtrans %}
|
||||
</a>
|
||||
<details class="clickable margin-bottom">
|
||||
<summary>{% trans %}Help{% endtrans %}</summary>
|
||||
{# The style we use for markdown rendering is quite nice for what we want to display,
|
||||
so we are just gonna reuse it. #}
|
||||
<div class="markdown">
|
||||
<p>{% trans %}Users with a presidency role can :{% endtrans %}</p>
|
||||
<ul>
|
||||
<li>{% trans %}create new club roles and edit existing ones{% endtrans %}</li>
|
||||
<li>{% trans %}manage the club counters{% endtrans %}</li>
|
||||
<li>{% trans %}add new members with any active role and end any membership{% endtrans %}</li>
|
||||
</ul>
|
||||
<p>{% trans %}They also have all the rights of the club board.{% endtrans %}</p>
|
||||
</div>
|
||||
</details>
|
||||
<div
|
||||
x-sort="reorder($item, { isBoard: true, isPresidency: true })"
|
||||
x-sort:group="roles"
|
||||
>
|
||||
{% for subform in form %}
|
||||
{% if subform.is_presidency.value() %}
|
||||
{{ display_subform(subform) }}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
</div>
|
||||
<br>
|
||||
<h3>{% trans %}Board{% endtrans %}</h3>
|
||||
<a class="btn btn-grey margin-bottom" href="{{ url("club:new_role_board", club_id=club.id) }}">
|
||||
<i class="fa fa-plus"></i> {% trans %}add role{% endtrans %}
|
||||
</a>
|
||||
<details class="clickable margin-bottom">
|
||||
<summary>{% trans %}Help{% endtrans %}</summary>
|
||||
<div class="markdown">
|
||||
<p>
|
||||
{% trans trimmed %}
|
||||
Board members can do most administrative actions in the club, including :
|
||||
{% endtrans %}
|
||||
</p>
|
||||
<ul>
|
||||
<li>{% trans %}manage the club posters{% endtrans %}</li>
|
||||
<li>{% trans %}create news for the club{% endtrans %}</li>
|
||||
<li>{% trans %}click users on the club's counters{% endtrans %}</li>
|
||||
<li>
|
||||
{% trans trimmed %}
|
||||
add new members and end active memberships
|
||||
for roles that are lower than their own.
|
||||
{% endtrans %}
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
||||
</details>
|
||||
<div
|
||||
x-sort="reorder($item, { isBoard: true, isPresidency: false })"
|
||||
x-sort:group="roles"
|
||||
>
|
||||
{% for subform in form %}
|
||||
{% if subform.is_board.value() and not subform.is_presidency.value() %}
|
||||
{{ display_subform(subform) }}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
</div>
|
||||
<br>
|
||||
<h3>{% trans %}Members{% endtrans %}</h3>
|
||||
<a class="btn btn-grey margin-bottom" href="{{ url("club:new_role_member", club_id=club.id) }}">
|
||||
<i class="fa fa-plus"></i> {% trans %}add role{% endtrans %}
|
||||
</a>
|
||||
<details class="clickable margin-bottom">
|
||||
<summary>{% trans %}Help{% endtrans %}</summary>
|
||||
<div class="markdown">
|
||||
<p>{% trans %}Simple members cannot perform administrative actions.{% endtrans %}</p>
|
||||
</div>
|
||||
</details>
|
||||
<div
|
||||
x-sort="reorder($item, { isBoard: false, isPresidency: false })"
|
||||
x-sort:group="roles"
|
||||
>
|
||||
{% for subform in form %}
|
||||
{% if not subform.is_board.value() %}
|
||||
{{ display_subform(subform) }}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
</div>
|
||||
<br>
|
||||
<p>
|
||||
<button type="submit" class="btn btn-blue">
|
||||
<i class="fa fa-check"></i>{% trans %}Save{% endtrans %}
|
||||
</button>
|
||||
</p>
|
||||
</form>
|
||||
{% endblock content %}
|
||||
@@ -5,19 +5,8 @@
|
||||
<div>
|
||||
<h4>{% trans %}Communication:{% endtrans %}</h4>
|
||||
<ul>
|
||||
<li>
|
||||
<a href="{{ url('com:news_new') }}?club={{ object.id }}">
|
||||
{% trans %}Create a news{% endtrans %}
|
||||
</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="{{ url('com:weekmail_article') }}?club={{ object.id }}">
|
||||
{% trans %}Post in the Weekmail{% endtrans %}
|
||||
</a>
|
||||
</li>
|
||||
{% if object.can_roles_be_edited_by(user) %}
|
||||
<li><a href="{{ url("club:club_roles", club_id=object.id) }}"></a></li>
|
||||
{% endif %}
|
||||
<li> <a href="{{ url('com:news_new') }}?club={{ object.id }}">{% trans %}Create a news{% endtrans %}</a></li>
|
||||
<li> <a href="{{ url('com:weekmail_article') }}?club={{ object.id }}">{% trans %}Post in the Weekmail{% endtrans %}</a></li>
|
||||
{% if object.trombi %}
|
||||
<li> <a href="{{ url('trombi:detail', trombi_id=object.trombi.id) }}">{% trans %}Edit Trombi{% endtrans %}</a></li>
|
||||
{% else %}
|
||||
|
||||
+5
-15
@@ -8,7 +8,7 @@ from django.utils.timezone import now
|
||||
from model_bakery import baker
|
||||
from model_bakery.recipe import Recipe
|
||||
|
||||
from club.models import Club, ClubRole, Membership
|
||||
from club.models import Club, Membership
|
||||
from core.baker_recipes import old_subscriber_user, subscriber_user
|
||||
from core.models import User
|
||||
|
||||
@@ -43,11 +43,6 @@ class TestClub(TestCase):
|
||||
|
||||
cls.ae = Club.objects.get(pk=settings.SITH_MAIN_CLUB_ID)
|
||||
cls.club = baker.make(Club)
|
||||
cls.president_role = baker.make(
|
||||
ClubRole, club=cls.club, is_board=True, is_presidency=True, order=0
|
||||
)
|
||||
cls.board_role = baker.make(ClubRole, club=cls.club, is_board=True, order=1)
|
||||
cls.member_role = baker.make(ClubRole, club=cls.club, order=2)
|
||||
cls.new_members_url = reverse(
|
||||
"club:club_new_members", kwargs={"club_id": cls.club.id}
|
||||
)
|
||||
@@ -56,17 +51,12 @@ class TestClub(TestCase):
|
||||
yesterday = now() - timedelta(days=1)
|
||||
membership_recipe = Recipe(Membership, club=cls.club)
|
||||
membership_recipe.make(
|
||||
user=cls.simple_board_member, start_date=a_month_ago, role=cls.board_role
|
||||
)
|
||||
membership_recipe.make(user=cls.richard, role=cls.member_role)
|
||||
membership_recipe.make(
|
||||
user=cls.president, start_date=a_month_ago, role=cls.president_role
|
||||
user=cls.simple_board_member, start_date=a_month_ago, role=3
|
||||
)
|
||||
membership_recipe.make(user=cls.richard, role=1)
|
||||
membership_recipe.make(user=cls.president, start_date=a_month_ago, role=10)
|
||||
membership_recipe.make( # sli was a member but isn't anymore
|
||||
user=cls.sli,
|
||||
start_date=a_month_ago,
|
||||
end_date=yesterday,
|
||||
role=cls.board_role,
|
||||
user=cls.sli, start_date=a_month_ago, end_date=yesterday, role=2
|
||||
)
|
||||
|
||||
def setUp(self):
|
||||
|
||||
+5
-91
@@ -1,16 +1,13 @@
|
||||
from datetime import timedelta
|
||||
|
||||
import pytest
|
||||
from django.conf import settings
|
||||
from django.db import ProgrammingError
|
||||
from django.test import Client
|
||||
from django.urls import reverse
|
||||
from django.utils.timezone import localdate
|
||||
from model_bakery import baker
|
||||
from model_bakery.recipe import Recipe
|
||||
from pytest_django.asserts import assertRedirects
|
||||
|
||||
from club.models import Club, ClubRole, Membership
|
||||
from club.models import Club, Membership
|
||||
from core.baker_recipes import subscriber_user
|
||||
from core.models import User
|
||||
|
||||
@@ -22,19 +19,11 @@ def test_club_queryset_having_board_member():
|
||||
membership_recipe = Recipe(
|
||||
Membership, user=user, start_date=localdate() - timedelta(days=3)
|
||||
)
|
||||
membership_recipe.make(club=clubs[0], role=1)
|
||||
membership_recipe.make(club=clubs[1], role=3)
|
||||
membership_recipe.make(club=clubs[2], role=7)
|
||||
membership_recipe.make(
|
||||
club=clubs[0], role=baker.make(ClubRole, club=clubs[0], is_board=False)
|
||||
)
|
||||
membership_recipe.make(
|
||||
club=clubs[1], role=baker.make(ClubRole, club=clubs[1], is_board=True)
|
||||
)
|
||||
membership_recipe.make(
|
||||
club=clubs[2], role=baker.make(ClubRole, club=clubs[2], is_board=True)
|
||||
)
|
||||
membership_recipe.make(
|
||||
club=clubs[3],
|
||||
role=baker.make(ClubRole, club=clubs[3], is_board=True),
|
||||
end_date=localdate() - timedelta(days=1),
|
||||
club=clubs[3], role=3, end_date=localdate() - timedelta(days=1)
|
||||
)
|
||||
|
||||
club_ids = Club.objects.having_board_member(user).values_list("id", flat=True)
|
||||
@@ -50,78 +39,3 @@ def test_club_list(client: Client, nb_additional_clubs: int, is_fragment):
|
||||
headers = {"HX-Request": True} if is_fragment else {}
|
||||
res = client.get(reverse("club:club_list"), headers=headers)
|
||||
assert res.status_code == 200
|
||||
|
||||
|
||||
def assert_club_created(club_name: str):
|
||||
club = Club.objects.last()
|
||||
assert club.name == club_name
|
||||
assert club.board_group.name == f"{club_name} - Bureau"
|
||||
assert club.members_group.name == f"{club_name} - Membres"
|
||||
# default roles should be added on club creation,
|
||||
# whether the creation happens on the admin site or on the user site
|
||||
assert list(club.roles.values("name", "is_presidency", "is_board")) == [
|
||||
{"name": "Président⸱e", "is_presidency": True, "is_board": True},
|
||||
{"name": "Trésorier⸱e", "is_presidency": False, "is_board": True},
|
||||
{"name": "Membre actif⸱ve", "is_presidency": False, "is_board": False},
|
||||
{"name": "Curieux⸱euse", "is_presidency": False, "is_board": False},
|
||||
]
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_create_view(admin_client: Client):
|
||||
"""Test that the club creation view works well"""
|
||||
res = admin_client.get(reverse("club:club_new"))
|
||||
assert res.status_code == 200
|
||||
res = admin_client.post(
|
||||
reverse("club:club_new"),
|
||||
data={"name": "foo", "parent": settings.SITH_MAIN_CLUB_ID},
|
||||
)
|
||||
club = Club.objects.last()
|
||||
assertRedirects(res, club.get_absolute_url())
|
||||
assert_club_created("foo")
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_default_roles_for_club_with_roles_fails():
|
||||
"""Test that an Error is raised if trying to create
|
||||
default roles for a club that already has roles.
|
||||
"""
|
||||
club = baker.make(Club)
|
||||
baker.make(ClubRole, club=club)
|
||||
with pytest.raises(ProgrammingError):
|
||||
club.create_default_roles()
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
class TestAdminInterface:
|
||||
def test_create(self, admin_client: Client):
|
||||
"""Test the creation of a club via the admin interface."""
|
||||
res = admin_client.post(
|
||||
reverse("admin:club_club_add"),
|
||||
data={
|
||||
"name": "foo",
|
||||
"parent": settings.SITH_MAIN_CLUB_ID,
|
||||
"address": "Rome",
|
||||
},
|
||||
)
|
||||
assertRedirects(res, reverse("admin:club_club_changelist"))
|
||||
assert_club_created("foo")
|
||||
|
||||
def test_change(self, admin_client: Client):
|
||||
"""Test the edition of a club via the admin interface."""
|
||||
club = baker.make(Club)
|
||||
res = admin_client.post(
|
||||
reverse("admin:club_club_change", kwargs={"object_id": club.id}),
|
||||
data={
|
||||
"name": "foo",
|
||||
"page": club.page_id,
|
||||
"home": club.home_id,
|
||||
"address": club.address,
|
||||
},
|
||||
)
|
||||
assertRedirects(res, reverse("admin:club_club_changelist"))
|
||||
club.refresh_from_db()
|
||||
assert club.name == "foo"
|
||||
# Club roles shouldn't be modified when editing the club on the admin interface
|
||||
# This club had no roles beforehand, therefore it shouldn't have roles now.
|
||||
assert not club.roles.exists()
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
from datetime import date, timedelta
|
||||
|
||||
import pytest
|
||||
from django.conf import settings
|
||||
from django.contrib.auth.models import Permission
|
||||
from django.test import Client, TestCase
|
||||
from django.urls import reverse
|
||||
@@ -9,7 +8,7 @@ from model_bakery import baker
|
||||
from model_bakery.recipe import Recipe
|
||||
from pytest_django.asserts import assertNumQueries
|
||||
|
||||
from club.models import Club, ClubRole, Membership
|
||||
from club.models import Club, Membership
|
||||
from core.baker_recipes import subscriber_user
|
||||
from core.models import Group, Page, User
|
||||
|
||||
@@ -27,10 +26,8 @@ class TestClubSearch(TestCase):
|
||||
"id", flat=True
|
||||
)
|
||||
)
|
||||
Membership.objects.all().delete()
|
||||
ClubRole.objects.all().delete()
|
||||
Page.objects.exclude(club=None).delete()
|
||||
Club.objects.all().delete()
|
||||
Page.objects.exclude(name=settings.SITH_CLUB_ROOT_PAGE).delete()
|
||||
Group.objects.filter(id__in=groups).delete()
|
||||
|
||||
cls.clubs = baker.make(
|
||||
|
||||
@@ -1,253 +0,0 @@
|
||||
from collections.abc import Callable
|
||||
|
||||
import pytest
|
||||
from django.contrib.auth.models import Permission
|
||||
from django.test import Client, TestCase
|
||||
from django.urls import reverse
|
||||
from model_bakery import baker, seq
|
||||
from model_bakery.recipe import Recipe
|
||||
from pytest_django.asserts import assertRedirects
|
||||
|
||||
from club.forms import ClubRoleFormSet
|
||||
from club.models import Club, ClubRole, Membership
|
||||
from core.baker_recipes import subscriber_user
|
||||
from core.models import AnonymousUser, User
|
||||
|
||||
|
||||
def make_club():
|
||||
# unittest-style tests cannot use fixture, so we create a function
|
||||
# that will be callable either by a pytest fixture or inside
|
||||
# a TestCase.setUpTestData method.
|
||||
club = baker.make(Club)
|
||||
recipe = Recipe(ClubRole, club=club, name=seq("role "))
|
||||
recipe.make(
|
||||
is_board=iter([True, True, False]),
|
||||
is_presidency=iter([True, False, False]),
|
||||
order=iter([0, 1, 2]),
|
||||
_quantity=3,
|
||||
_bulk_create=True,
|
||||
)
|
||||
return club
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def club(db):
|
||||
"""A club with a presidency role, a board role and a member role"""
|
||||
return make_club()
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_order_auto(club):
|
||||
"""Test that newly created roles are put in the right place."""
|
||||
roles = list(club.roles.all())
|
||||
# create new roles one by one (like they will be in prod)
|
||||
# each new role should be placed at the end of its category
|
||||
recipe = Recipe(ClubRole, club=club, name=seq("new role "))
|
||||
role_a = recipe.make(is_board=True, is_presidency=True, order=None)
|
||||
role_b = recipe.make(is_board=True, is_presidency=False, order=None)
|
||||
role_c = recipe.make(is_board=False, is_presidency=False, order=None)
|
||||
assert list(club.roles.order_by("order")) == [
|
||||
roles[0],
|
||||
role_a,
|
||||
roles[1],
|
||||
role_b,
|
||||
roles[2],
|
||||
role_c,
|
||||
]
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
@pytest.mark.parametrize(
|
||||
("user_factory", "is_allowed"),
|
||||
[
|
||||
(
|
||||
lambda club: baker.make(
|
||||
User,
|
||||
user_permissions=[Permission.objects.get(codename="change_clubrole")],
|
||||
),
|
||||
True,
|
||||
),
|
||||
( # user with presidency roles can edit the club roles
|
||||
lambda club: subscriber_user.make(
|
||||
memberships=[
|
||||
baker.make(
|
||||
Membership,
|
||||
club=club,
|
||||
role=club.roles.filter(is_presidency=True).first(),
|
||||
)
|
||||
]
|
||||
),
|
||||
True,
|
||||
),
|
||||
( # user in the board but not in the presidency cannot edit roles
|
||||
lambda club: subscriber_user.make(
|
||||
memberships=[
|
||||
baker.make(
|
||||
Membership,
|
||||
club=club,
|
||||
role=club.roles.filter(
|
||||
is_presidency=False, is_board=True
|
||||
).first(),
|
||||
)
|
||||
]
|
||||
),
|
||||
False,
|
||||
),
|
||||
(lambda _: AnonymousUser(), False),
|
||||
],
|
||||
)
|
||||
def test_can_roles_be_edited_by(
|
||||
club: Club, user_factory: Callable[[Club], User], is_allowed
|
||||
):
|
||||
"""Test that `Club.can_roles_be_edited_by` return the right value"""
|
||||
user = user_factory(club)
|
||||
assert club.can_roles_be_edited_by(user) == is_allowed
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
@pytest.mark.parametrize(
|
||||
["route", "is_presidency", "is_board"],
|
||||
[
|
||||
("club:new_role_president", True, True),
|
||||
("club:new_role_board", False, True),
|
||||
("club:new_role_member", False, False),
|
||||
],
|
||||
)
|
||||
def test_create_role_view(client: Client, route: str, is_presidency, is_board):
|
||||
"""Test that the role creation views work."""
|
||||
club = baker.make(Club)
|
||||
role = baker.make(ClubRole, club=club, is_presidency=True, is_board=True)
|
||||
user = subscriber_user.make()
|
||||
baker.make(Membership, club=club, role=role, user=user, end_date=None)
|
||||
url = reverse(route, kwargs={"club_id": club.id})
|
||||
client.force_login(user)
|
||||
|
||||
res = client.get(url)
|
||||
assert res.status_code == 200
|
||||
|
||||
res = client.post(url, data={"name": "foo"})
|
||||
assertRedirects(res, reverse("club:club_roles", kwargs={"club_id": club.id}))
|
||||
new_role = club.roles.last()
|
||||
assert new_role.name == "foo"
|
||||
assert new_role.is_presidency == is_presidency
|
||||
assert new_role.is_board == is_board
|
||||
|
||||
|
||||
class TestClubRoleUpdate(TestCase):
|
||||
@classmethod
|
||||
def setUpTestData(cls):
|
||||
cls.club = make_club()
|
||||
cls.roles = list(cls.club.roles.all())
|
||||
cls.user = subscriber_user.make()
|
||||
baker.make(
|
||||
Membership, club=cls.club, role=cls.roles[0], user=cls.user, end_date=None
|
||||
)
|
||||
cls.url = reverse("club:club_roles", kwargs={"club_id": cls.club.id})
|
||||
cls.redirect_url = reverse("club:club_members", kwargs={"club_id": cls.club.id})
|
||||
|
||||
def setUp(self):
|
||||
self.payload = {
|
||||
"roles-TOTAL_FORMS": 3,
|
||||
"roles-INITIAL_FORMS": 3,
|
||||
"roles-MIN_NUM_FORMS": 0,
|
||||
"roles-MAX_NUM_FORMS": 1000,
|
||||
"roles-0-ORDER": 1,
|
||||
"roles-0-id": self.roles[0].id,
|
||||
"roles-0-club": self.club.id,
|
||||
"roles-0-is_presidency": True,
|
||||
"roles-0-is_board": True,
|
||||
"roles-0-name": self.roles[0].name,
|
||||
"roles-0-description": self.roles[0].description,
|
||||
"roles-0-is_active": True,
|
||||
"roles-1-ORDER": 2,
|
||||
"roles-1-id": self.roles[1].id,
|
||||
"roles-1-club": self.club.id,
|
||||
"roles-1-is_presidency": False,
|
||||
"roles-1-is_board": True,
|
||||
"roles-1-name": self.roles[1].name,
|
||||
"roles-1-description": self.roles[1].description,
|
||||
"roles-1-is_active": True,
|
||||
"roles-2-ORDER": 3,
|
||||
"roles-2-id": self.roles[2].id,
|
||||
"roles-2-club": self.club.id,
|
||||
"roles-2-is_presidency": False,
|
||||
"roles-2-is_board": False,
|
||||
"roles-2-name": self.roles[2].name,
|
||||
"roles-2-description": self.roles[2].description,
|
||||
"roles-2-is_active": True,
|
||||
}
|
||||
|
||||
def test_view_ok(self):
|
||||
"""Basic test to check that the view works."""
|
||||
self.client.force_login(self.user)
|
||||
res = self.client.get(self.url)
|
||||
assert res.status_code == 200
|
||||
self.payload["roles-2-name"] = "foo"
|
||||
res = self.client.post(self.url, data=self.payload)
|
||||
assertRedirects(res, self.redirect_url)
|
||||
self.roles[2].refresh_from_db()
|
||||
assert self.roles[2].name == "foo"
|
||||
|
||||
def test_incoherent_order(self):
|
||||
"""Test that placing a member role over a board role fails."""
|
||||
self.payload["roles-0-ORDER"] = 4
|
||||
formset = ClubRoleFormSet(data=self.payload, instance=self.club)
|
||||
assert not formset.is_valid()
|
||||
assert formset.errors == [
|
||||
{
|
||||
"__all__": [
|
||||
f"Le rôle {self.roles[0].name} ne peut pas "
|
||||
"être placé en-dessous d'un rôle de membre.",
|
||||
f"Le rôle {self.roles[0].name} ne peut pas être placé "
|
||||
"en-dessous d'un rôle qui n'est pas de la présidence.",
|
||||
]
|
||||
},
|
||||
{},
|
||||
{},
|
||||
]
|
||||
|
||||
def test_change_order_ok(self):
|
||||
"""Test that changing order the intended way works"""
|
||||
self.payload["roles-1-ORDER"] = 3
|
||||
self.payload["roles-1-is_board"] = False
|
||||
self.payload["roles-2-ORDER"] = 2
|
||||
formset = ClubRoleFormSet(data=self.payload, instance=self.club)
|
||||
assert formset.is_valid()
|
||||
formset.save()
|
||||
assert list(self.club.roles.order_by("order")) == [
|
||||
self.roles[0],
|
||||
self.roles[2],
|
||||
self.roles[1],
|
||||
]
|
||||
self.roles[1].refresh_from_db()
|
||||
assert not self.roles[1].is_board
|
||||
|
||||
def test_non_board_presidency_is_forbidden(self):
|
||||
"""Test that a role cannot be in the presidency without being in the board."""
|
||||
self.payload["roles-0-is_board"] = False
|
||||
formset = ClubRoleFormSet(data=self.payload, instance=self.club)
|
||||
assert not formset.is_valid()
|
||||
assert formset.errors == [
|
||||
{
|
||||
"__all__": [
|
||||
"Un rôle ne peut pas appartenir à la présidence sans être dans le bureau",
|
||||
]
|
||||
},
|
||||
{},
|
||||
{},
|
||||
]
|
||||
|
||||
def test_president_moves_itself_out_of_the_presidency(self):
|
||||
"""Test that if the user moves its own role out of the presidency,
|
||||
then it's redirected to another page and loses access to the update page."""
|
||||
self.payload["roles-0-is_presidency"] = False
|
||||
self.client.force_login(self.user)
|
||||
res = self.client.post(self.url, data=self.payload)
|
||||
assertRedirects(res, self.redirect_url)
|
||||
# When the user clicked that button, it still had the right to update roles,
|
||||
# so the modification should be applied
|
||||
self.roles[0].refresh_from_db()
|
||||
assert self.roles[0].is_presidency is False
|
||||
|
||||
res = self.client.get(self.url)
|
||||
assert res.status_code == 403
|
||||
+3
-13
@@ -4,7 +4,7 @@ from django.urls import reverse
|
||||
from model_bakery import baker
|
||||
from pytest_django.asserts import assertRedirects
|
||||
|
||||
from club.models import Club, ClubRole, Membership
|
||||
from club.models import Club, Membership
|
||||
from core.baker_recipes import subscriber_user
|
||||
|
||||
|
||||
@@ -12,12 +12,7 @@ from core.baker_recipes import subscriber_user
|
||||
def test_club_board_member_cannot_edit_club_properties(client: Client):
|
||||
user = subscriber_user.make()
|
||||
club = baker.make(Club, name="old name", is_active=True, address="old address")
|
||||
baker.make(
|
||||
Membership,
|
||||
club=club,
|
||||
user=user,
|
||||
role=baker.make(ClubRole, club=club, is_board=True),
|
||||
)
|
||||
baker.make(Membership, club=club, user=user, role=7)
|
||||
client.force_login(user)
|
||||
res = client.post(
|
||||
reverse("club:club_edit", kwargs={"club_id": club.id}),
|
||||
@@ -37,12 +32,7 @@ def test_edit_club_page_doesnt_crash(client: Client):
|
||||
"""crash test for club:club_edit"""
|
||||
club = baker.make(Club)
|
||||
user = subscriber_user.make()
|
||||
baker.make(
|
||||
Membership,
|
||||
club=club,
|
||||
user=user,
|
||||
role=baker.make(ClubRole, club=club, is_board=True),
|
||||
)
|
||||
baker.make(Membership, club=club, user=user, role=3)
|
||||
client.force_login(user)
|
||||
res = client.get(reverse("club:club_edit", kwargs={"club_id": club.id}))
|
||||
assert res.status_code == 200
|
||||
|
||||
@@ -3,10 +3,9 @@ from django.test import TestCase
|
||||
from django.urls import reverse
|
||||
from django.utils import timezone
|
||||
from django.utils.translation import gettext as _
|
||||
from model_bakery import baker
|
||||
|
||||
from club.forms import MailingForm
|
||||
from club.models import Club, ClubRole, Mailing, Membership
|
||||
from club.models import Club, Mailing, Membership
|
||||
from core.models import User
|
||||
|
||||
|
||||
@@ -26,7 +25,7 @@ class TestMailingForm(TestCase):
|
||||
user=cls.rbatsbak,
|
||||
club=cls.club,
|
||||
start_date=timezone.now(),
|
||||
role=baker.make(ClubRole, club=cls.club, is_board=True),
|
||||
role=settings.SITH_CLUB_ROLES_ID["Board member"],
|
||||
).save()
|
||||
|
||||
def test_mailing_list_add_no_moderation(self):
|
||||
|
||||
+90
-159
@@ -1,20 +1,20 @@
|
||||
import itertools
|
||||
from collections.abc import Callable
|
||||
from datetime import timedelta
|
||||
|
||||
import pytest
|
||||
from bs4 import BeautifulSoup
|
||||
from django.conf import settings
|
||||
from django.contrib.auth.models import Permission
|
||||
from django.core.cache import cache
|
||||
from django.db.models import Max
|
||||
from django.test import Client, TestCase
|
||||
from django.urls import reverse
|
||||
from django.utils.timezone import localdate, localtime, now
|
||||
from model_bakery import baker, seq
|
||||
from model_bakery import baker
|
||||
from pytest_django.asserts import assertRedirects
|
||||
|
||||
from club.forms import ClubAddMemberForm, JoinClubForm
|
||||
from club.models import Club, ClubRole, Membership
|
||||
from club.models import Club, Membership
|
||||
from club.tests.base import TestClub
|
||||
from core.baker_recipes import subscriber_user
|
||||
from core.models import AnonymousUser, User
|
||||
@@ -75,22 +75,17 @@ class TestMembershipQuerySet(TestClub):
|
||||
def test_update_change_club_groups(self):
|
||||
"""Test that `update` set the user groups accordingly."""
|
||||
user = baker.make(User)
|
||||
board_role, member_role = baker.make(
|
||||
ClubRole, is_board=iter([True, False]), _quantity=2, _bulk_create=True
|
||||
)
|
||||
membership = baker.make(
|
||||
Membership, end_date=None, user=user, role=board_role, club=board_role.club
|
||||
)
|
||||
membership = baker.make(Membership, end_date=None, user=user, role=5)
|
||||
members_group = membership.club.members_group
|
||||
board_group = membership.club.board_group
|
||||
assert user.groups.contains(members_group)
|
||||
assert user.groups.contains(board_group)
|
||||
|
||||
user.memberships.update(role=member_role) # from board to simple member
|
||||
user.memberships.update(role=1) # from board to simple member
|
||||
assert user.groups.contains(members_group)
|
||||
assert not user.groups.contains(board_group)
|
||||
|
||||
user.memberships.update(role=board_role) # from member to board
|
||||
user.memberships.update(role=5) # from member to board
|
||||
assert user.groups.contains(members_group)
|
||||
assert user.groups.contains(board_group)
|
||||
|
||||
@@ -101,17 +96,7 @@ class TestMembershipQuerySet(TestClub):
|
||||
def test_delete_remove_from_groups(self):
|
||||
"""Test that `delete` removes from club groups"""
|
||||
user = baker.make(User)
|
||||
club = baker.make(Club)
|
||||
roles = baker.make(
|
||||
ClubRole,
|
||||
is_board=iter([False, True]),
|
||||
club=club,
|
||||
_quantity=2,
|
||||
_bulk_create=True,
|
||||
)
|
||||
memberships = baker.make(
|
||||
Membership, club=club, role=iter(roles), user=user, _quantity=2
|
||||
)
|
||||
memberships = baker.make(Membership, role=iter([1, 5]), user=user, _quantity=2)
|
||||
club_groups = {
|
||||
memberships[0].club.members_group,
|
||||
memberships[1].club.members_group,
|
||||
@@ -127,20 +112,13 @@ class TestMembershipEditableBy(TestCase):
|
||||
def setUpTestData(cls):
|
||||
Membership.objects.all().delete()
|
||||
cls.club_a, cls.club_b = baker.make(Club, _quantity=2)
|
||||
roles = baker.make(
|
||||
ClubRole,
|
||||
is_presidency=itertools.cycle([True, False, False, False]),
|
||||
is_board=itertools.cycle([True, True, True, False]),
|
||||
order=itertools.cycle(range(4)),
|
||||
club=iter(
|
||||
[*itertools.repeat(cls.club_a, 4), *itertools.repeat(cls.club_b, 4)]
|
||||
),
|
||||
_quantity=8,
|
||||
_bulk_create=True,
|
||||
)
|
||||
cls.memberships = [
|
||||
*baker.make(Membership, role=iter(roles[:4]), club=cls.club_a, _quantity=4),
|
||||
*baker.make(Membership, role=iter(roles[4:]), club=cls.club_b, _quantity=4),
|
||||
*baker.make(
|
||||
Membership, role=iter([7, 3, 3, 1]), club=cls.club_a, _quantity=4
|
||||
),
|
||||
*baker.make(
|
||||
Membership, role=iter([7, 3, 3, 1]), club=cls.club_b, _quantity=4
|
||||
),
|
||||
]
|
||||
|
||||
def test_admin_user(self):
|
||||
@@ -162,7 +140,7 @@ class TestMembershipEditableBy(TestCase):
|
||||
|
||||
|
||||
class TestMembership(TestClub):
|
||||
def assert_membership_started_today(self, user: User, role: ClubRole):
|
||||
def assert_membership_started_today(self, user: User, role: int):
|
||||
"""Assert that the given membership is active and started today."""
|
||||
membership = user.memberships.ongoing().filter(club=self.club).first()
|
||||
assert membership is not None
|
||||
@@ -211,27 +189,21 @@ class TestMembership(TestClub):
|
||||
"Marquer comme ancien",
|
||||
]
|
||||
rows = table.find("tbody").find_all("tr")
|
||||
memberships = (
|
||||
self.club.members.ongoing()
|
||||
.order_by("role__order")
|
||||
.select_related("user", "role")
|
||||
)
|
||||
user_role = ClubRole.objects.get(members__user=self.simple_board_member)
|
||||
for row, membership in zip(rows, memberships, strict=False):
|
||||
memberships = self.club.members.ongoing().order_by("-role")
|
||||
for row, membership in zip(
|
||||
rows, memberships.select_related("user"), strict=False
|
||||
):
|
||||
user = membership.user
|
||||
user_url = reverse("core:user_profile", args=[user.id])
|
||||
cols = row.find_all("td")
|
||||
user_link = cols[0].find("a")
|
||||
assert user_link.attrs["href"] == user_url
|
||||
assert user_link.text == user.get_display_name()
|
||||
assert cols[1].text == membership.role.name
|
||||
assert cols[1].text == settings.SITH_CLUB_ROLES[membership.role]
|
||||
assert cols[2].text == membership.description
|
||||
assert cols[3].text == str(membership.start_date)
|
||||
|
||||
if (
|
||||
membership.role.order > user_role.order
|
||||
or membership.user_id == self.simple_board_member.id
|
||||
):
|
||||
if membership.role < 3 or membership.user_id == self.simple_board_member.id:
|
||||
# 3 is the role of simple_board_member
|
||||
form_input = cols[4].find("input")
|
||||
expected_attrs = {
|
||||
@@ -247,15 +219,14 @@ class TestMembership(TestClub):
|
||||
"""Test that root users can add members to clubs"""
|
||||
self.client.force_login(self.root)
|
||||
response = self.client.post(
|
||||
self.new_members_url,
|
||||
{"user": self.subscriber.id, "role": self.board_role.id},
|
||||
self.new_members_url, {"user": self.subscriber.id, "role": 3}
|
||||
)
|
||||
assert response.status_code == 200
|
||||
assert response.headers.get("HX-Redirect", "") == reverse(
|
||||
"club:club_members", kwargs={"club_id": self.club.id}
|
||||
)
|
||||
self.subscriber.refresh_from_db()
|
||||
self.assert_membership_started_today(self.subscriber, role=self.board_role)
|
||||
self.assert_membership_started_today(self.subscriber, role=3)
|
||||
|
||||
def test_add_unauthorized_members(self):
|
||||
"""Test that users who are not currently subscribed
|
||||
@@ -263,7 +234,7 @@ class TestMembership(TestClub):
|
||||
"""
|
||||
for user in self.public, self.old_subscriber:
|
||||
form = ClubAddMemberForm(
|
||||
data={"user": user.id, "role": self.member_role},
|
||||
data={"user": user.id, "role": 1},
|
||||
request_user=self.root,
|
||||
club=self.club,
|
||||
)
|
||||
@@ -284,7 +255,7 @@ class TestMembership(TestClub):
|
||||
nb_memberships = self.simple_board_member.memberships.count()
|
||||
self.client.post(
|
||||
self.members_url,
|
||||
{"users": self.simple_board_member.id, "role": self.member_role},
|
||||
{"users": self.simple_board_member.id, "role": current_membership.role + 1},
|
||||
)
|
||||
self.simple_board_member.refresh_from_db()
|
||||
assert nb_memberships == self.simple_board_member.memberships.count()
|
||||
@@ -303,7 +274,7 @@ class TestMembership(TestClub):
|
||||
max_id = User.objects.aggregate(id=Max("id"))["id"]
|
||||
for members in [max_id + 1], [max_id + 1, self.subscriber.id]:
|
||||
form = ClubAddMemberForm(
|
||||
data={"user": members, "role": self.member_role},
|
||||
data={"user": members, "role": 1},
|
||||
request_user=self.root,
|
||||
club=self.club,
|
||||
)
|
||||
@@ -317,6 +288,44 @@ class TestMembership(TestClub):
|
||||
self.club.refresh_from_db()
|
||||
assert self.club.members.count() == nb_memberships
|
||||
|
||||
def test_president_add_members(self):
|
||||
"""Test that the president of the club can add members."""
|
||||
president = self.club.members.get(role=10).user
|
||||
nb_club_membership = self.club.members.count()
|
||||
nb_subscriber_memberships = self.subscriber.memberships.count()
|
||||
self.client.force_login(president)
|
||||
response = self.client.post(
|
||||
self.new_members_url, {"user": self.subscriber.id, "role": 9}
|
||||
)
|
||||
assert response.status_code == 200
|
||||
assert response.headers.get("HX-Redirect", "") == reverse(
|
||||
"club:club_members", kwargs={"club_id": self.club.id}
|
||||
)
|
||||
self.club.refresh_from_db()
|
||||
self.subscriber.refresh_from_db()
|
||||
assert self.club.members.count() == nb_club_membership + 1
|
||||
assert self.subscriber.memberships.count() == nb_subscriber_memberships + 1
|
||||
self.assert_membership_started_today(self.subscriber, role=9)
|
||||
|
||||
def test_add_member_greater_role(self):
|
||||
"""Test that a member of the club member cannot create
|
||||
a membership with a greater role than its own.
|
||||
"""
|
||||
form = ClubAddMemberForm(
|
||||
data={"user": self.subscriber.id, "role": 10},
|
||||
request_user=self.simple_board_member,
|
||||
club=self.club,
|
||||
)
|
||||
nb_memberships = self.club.members.count()
|
||||
|
||||
assert not form.is_valid()
|
||||
assert form.errors == {
|
||||
"role": ["Sélectionnez un choix valide. 10 n\u2019en fait pas partie."]
|
||||
}
|
||||
self.club.refresh_from_db()
|
||||
assert nb_memberships == self.club.members.count()
|
||||
assert not self.subscriber.memberships.filter(club=self.club).exists()
|
||||
|
||||
def test_add_member_without_role(self):
|
||||
"""Test that trying to add members without specifying their role fails."""
|
||||
form = ClubAddMemberForm(
|
||||
@@ -327,9 +336,8 @@ class TestMembership(TestClub):
|
||||
assert form.errors == {"role": ["Ce champ est obligatoire."]}
|
||||
|
||||
def test_add_member_already_there(self):
|
||||
role = ClubRole.objects.get(members__user=self.simple_board_member)
|
||||
form = ClubAddMemberForm(
|
||||
data={"user": self.simple_board_member, "role": role.id},
|
||||
data={"user": self.simple_board_member, "role": 3},
|
||||
request_user=self.root,
|
||||
club=self.club,
|
||||
)
|
||||
@@ -340,27 +348,22 @@ class TestMembership(TestClub):
|
||||
|
||||
def test_add_other_member_forbidden(self):
|
||||
non_member = subscriber_user.make()
|
||||
simple_member = baker.make(
|
||||
Membership, club=self.club, role=self.member_role
|
||||
).user
|
||||
simple_member = baker.make(Membership, club=self.club, role=1).user
|
||||
for user in non_member, simple_member:
|
||||
form = ClubAddMemberForm(
|
||||
data={"user": subscriber_user.make(), "role": self.member_role.id},
|
||||
data={"user": subscriber_user.make(), "role": 1},
|
||||
request_user=user,
|
||||
club=self.club,
|
||||
)
|
||||
assert not form.is_valid()
|
||||
assert form.errors == {
|
||||
"role": [
|
||||
"Sélectionnez un choix valide. "
|
||||
"Ce choix ne fait pas partie de ceux disponibles."
|
||||
]
|
||||
"role": ["Sélectionnez un choix valide. 1 n\u2019en fait pas partie."]
|
||||
}
|
||||
|
||||
def test_simple_members_dont_see_form_anymore(self):
|
||||
"""Test that simple club members don't see the form to add members"""
|
||||
user = subscriber_user.make()
|
||||
baker.make(Membership, club=self.club, user=user, role=self.member_role)
|
||||
baker.make(Membership, club=self.club, user=user, role=1)
|
||||
self.client.force_login(user)
|
||||
res = self.client.get(self.members_url)
|
||||
assert res.status_code == 200
|
||||
@@ -379,10 +382,9 @@ class TestMembership(TestClub):
|
||||
"""Test that board members of the club can end memberships
|
||||
of users with lower roles.
|
||||
"""
|
||||
# reminder : simple_board_member has role 3
|
||||
self.client.force_login(self.simple_board_member)
|
||||
role = baker.make(ClubRole, club=self.club, is_board=True)
|
||||
role.below(self.board_role)
|
||||
membership = baker.make(Membership, club=self.club, role=role)
|
||||
membership = baker.make(Membership, club=self.club, role=2, end_date=None)
|
||||
response = self.client.post(self.members_url, {"members_old": [membership.id]})
|
||||
self.assertRedirects(response, self.members_url)
|
||||
self.club.refresh_from_db()
|
||||
@@ -392,9 +394,7 @@ class TestMembership(TestClub):
|
||||
"""Test that board members of the club cannot end memberships
|
||||
of users with higher roles.
|
||||
"""
|
||||
membership = self.president.memberships.filter(
|
||||
club=self.club, end_date=None
|
||||
).first()
|
||||
membership = self.president.memberships.filter(club=self.club).first()
|
||||
self.client.force_login(self.simple_board_member)
|
||||
self.client.post(self.members_url, {"members_old": [membership.id]})
|
||||
self.club.refresh_from_db()
|
||||
@@ -436,9 +436,7 @@ class TestMembership(TestClub):
|
||||
def test_remove_from_club_group(self):
|
||||
"""Test that when a membership ends, the user is removed from club groups."""
|
||||
user = baker.make(User)
|
||||
baker.make(
|
||||
Membership, user=user, club=self.club, end_date=None, role=self.board_role
|
||||
)
|
||||
baker.make(Membership, user=user, club=self.club, end_date=None, role=3)
|
||||
assert user.groups.contains(self.club.members_group)
|
||||
assert user.groups.contains(self.club.board_group)
|
||||
user.memberships.update(end_date=localdate())
|
||||
@@ -449,20 +447,18 @@ class TestMembership(TestClub):
|
||||
"""Test that when a membership begins, the user is added to the club group."""
|
||||
assert not self.subscriber.groups.contains(self.club.members_group)
|
||||
assert not self.subscriber.groups.contains(self.club.board_group)
|
||||
baker.make(
|
||||
Membership, club=self.club, user=self.subscriber, role=self.board_role
|
||||
)
|
||||
baker.make(Membership, club=self.club, user=self.subscriber, role=3)
|
||||
assert self.subscriber.groups.contains(self.club.members_group)
|
||||
assert self.subscriber.groups.contains(self.club.board_group)
|
||||
|
||||
def test_change_position_in_club(self):
|
||||
"""Test that when moving from board to members, club group change"""
|
||||
membership = baker.make(
|
||||
Membership, club=self.club, user=self.subscriber, role=self.board_role
|
||||
Membership, club=self.club, user=self.subscriber, role=3
|
||||
)
|
||||
assert self.subscriber.groups.contains(self.club.members_group)
|
||||
assert self.subscriber.groups.contains(self.club.board_group)
|
||||
membership.role = self.member_role
|
||||
membership.role = 1
|
||||
membership.save()
|
||||
assert self.subscriber.groups.contains(self.club.members_group)
|
||||
assert not self.subscriber.groups.contains(self.club.board_group)
|
||||
@@ -475,11 +471,7 @@ class TestMembership(TestClub):
|
||||
|
||||
# make sli a board member
|
||||
self.sli.memberships.all().delete()
|
||||
Membership(
|
||||
club=self.ae,
|
||||
user=self.sli,
|
||||
role=baker.make(ClubRole, club=self.ae, is_board=True),
|
||||
).save()
|
||||
Membership(club=self.ae, user=self.sli, role=3).save()
|
||||
assert self.club.is_owned_by(self.sli)
|
||||
|
||||
def test_change_club_name(self):
|
||||
@@ -505,7 +497,7 @@ class TestMembership(TestClub):
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_membership_set_old(client: Client):
|
||||
membership = baker.make(Membership, end_date=None, user=subscriber_user.make())
|
||||
membership = baker.make(Membership, end_date=None, user=(subscriber_user.make()))
|
||||
client.force_login(membership.user)
|
||||
response = client.post(
|
||||
reverse("club:membership_set_old", kwargs={"membership_id": membership.id})
|
||||
@@ -532,50 +524,6 @@ def test_membership_delete(client: Client):
|
||||
assert not Membership.objects.filter(id=membership.id).exists()
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
class TestAddMemberForm(TestCase):
|
||||
@classmethod
|
||||
def setUpTestData(cls):
|
||||
cls.club = baker.make(Club)
|
||||
cls.roles = baker.make(
|
||||
ClubRole,
|
||||
club=cls.club,
|
||||
is_board=iter([True, True, True, True, False, False]),
|
||||
is_presidency=iter([True, True, False, False, False, False]),
|
||||
order=seq(0),
|
||||
_quantity=6,
|
||||
_bulk_create=True,
|
||||
)
|
||||
cls.roles[-1].is_active = False
|
||||
cls.roles[-1].save()
|
||||
|
||||
def test_admin(self):
|
||||
"""Test that admin users can give any active role."""
|
||||
user = baker.make(
|
||||
User, user_permissions=[Permission.objects.get(codename="add_membership")]
|
||||
)
|
||||
form = ClubAddMemberForm(request_user=user, club=self.club)
|
||||
assert list(form.fields["role"].queryset) == self.roles[:-1]
|
||||
|
||||
def test_president(self):
|
||||
"""Test that someone with a presidency role can give any active role."""
|
||||
user = baker.make(Membership, club=self.club, role=self.roles[0]).user
|
||||
form = ClubAddMemberForm(request_user=user, club=self.club)
|
||||
assert list(form.fields["role"].queryset) == self.roles[:-1]
|
||||
|
||||
def test_board_member(self):
|
||||
"""Test that someone with a board role can give lower active role."""
|
||||
user = baker.make(Membership, club=self.club, role=self.roles[2]).user
|
||||
form = ClubAddMemberForm(request_user=user, club=self.club)
|
||||
assert list(form.fields["role"].queryset) == self.roles[3:-1]
|
||||
|
||||
def test_simple_member(self):
|
||||
"""Test that someone with a non-board role cannot give roles."""
|
||||
user = baker.make(Membership, club=self.club, role=self.roles[4]).user
|
||||
form = ClubAddMemberForm(request_user=user, club=self.club)
|
||||
assert list(form.fields["role"].queryset) == []
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
class TestJoinClub:
|
||||
@pytest.fixture(autouse=True)
|
||||
@@ -583,64 +531,55 @@ class TestJoinClub:
|
||||
cache.clear()
|
||||
|
||||
@pytest.mark.parametrize(
|
||||
("user_factory", "board_role", "errors"),
|
||||
("user_factory", "role", "errors"),
|
||||
[
|
||||
(
|
||||
subscriber_user.make,
|
||||
True,
|
||||
2,
|
||||
{
|
||||
"role": [
|
||||
"Sélectionnez un choix valide. "
|
||||
"Ce choix ne fait pas partie de ceux disponibles."
|
||||
"Sélectionnez un choix valide. 2 n\u2019en fait pas partie."
|
||||
]
|
||||
},
|
||||
),
|
||||
(
|
||||
lambda: baker.make(User),
|
||||
False,
|
||||
1,
|
||||
{"__all__": ["Vous devez être cotisant pour faire partie d'un club"]},
|
||||
),
|
||||
],
|
||||
)
|
||||
def test_join_club_errors(
|
||||
self, user_factory: Callable[[], User], board_role, errors: dict
|
||||
self, user_factory: Callable[[], User], role: int, errors: dict
|
||||
):
|
||||
club = baker.make(Club)
|
||||
user = user_factory()
|
||||
role = baker.make(ClubRole, club=club, is_board=board_role)
|
||||
form = JoinClubForm(club=club, request_user=user, data={"role": role.id})
|
||||
form = JoinClubForm(club=club, request_user=user, data={"role": role})
|
||||
assert not form.is_valid()
|
||||
assert form.errors == errors
|
||||
|
||||
def test_user_already_in_club(self):
|
||||
club = baker.make(Club)
|
||||
user = subscriber_user.make()
|
||||
role = baker.make(ClubRole, is_board=False)
|
||||
baker.make(Membership, user=user, club=role.club)
|
||||
form = JoinClubForm(club=role.club, request_user=user, data={"role": role.id})
|
||||
baker.make(Membership, user=user, club=club)
|
||||
form = JoinClubForm(club=club, request_user=user, data={"role": 1})
|
||||
assert not form.is_valid()
|
||||
assert form.errors == {"__all__": ["Vous êtes déjà membre de ce club."]}
|
||||
|
||||
def test_ok(self):
|
||||
club = baker.make(Club)
|
||||
user = subscriber_user.make()
|
||||
role = baker.make(ClubRole, is_board=False)
|
||||
form = JoinClubForm(club=role.club, request_user=user, data={"role": role.id})
|
||||
form = JoinClubForm(club=club, request_user=user, data={"role": 1})
|
||||
assert form.is_valid()
|
||||
form.save()
|
||||
assert Membership.objects.ongoing().filter(user=user, club=role.club).exists()
|
||||
assert Membership.objects.ongoing().filter(user=user, club=club).exists()
|
||||
|
||||
|
||||
class TestOldMembersView(TestCase):
|
||||
@classmethod
|
||||
def setUpTestData(cls):
|
||||
club = baker.make(Club)
|
||||
roles = baker.make(
|
||||
ClubRole,
|
||||
club=club,
|
||||
is_board=itertools.cycle([True, True, False]),
|
||||
order=seq(0),
|
||||
_quantity=10,
|
||||
_bulk_create=True,
|
||||
)
|
||||
roles = [1, 1, 1, 2, 2, 4, 4, 5, 7, 9, 10]
|
||||
cls.memberships = baker.make(
|
||||
Membership,
|
||||
role=iter(roles),
|
||||
@@ -665,11 +604,3 @@ class TestOldMembersView(TestCase):
|
||||
self.client.force_login(baker.make(User))
|
||||
res = self.client.get(self.url)
|
||||
assert res.status_code == 403
|
||||
|
||||
def test_context_data(self):
|
||||
# mark a membership as not ended, to make sure it is excluded from the result
|
||||
self.memberships[0].end_date = None
|
||||
self.memberships[0].save()
|
||||
self.client.force_login(subscriber_user.make())
|
||||
res = self.client.get(self.url)
|
||||
assert list(res.context_data.get("old_members")) == self.memberships[1:]
|
||||
|
||||
@@ -5,7 +5,7 @@ from django.urls import reverse
|
||||
from model_bakery import baker
|
||||
from pytest_django.asserts import assertHTMLEqual, assertRedirects
|
||||
|
||||
from club.models import Club, ClubRole, Membership
|
||||
from club.models import Club, Membership
|
||||
from core.baker_recipes import subscriber_user
|
||||
from core.markdown import markdown
|
||||
from core.models import PageRev, User
|
||||
@@ -59,12 +59,7 @@ def test_page_revision(client: Client):
|
||||
def test_edit_page(client: Client):
|
||||
club = baker.make(Club)
|
||||
user = subscriber_user.make()
|
||||
baker.make(
|
||||
Membership,
|
||||
user=user,
|
||||
club=club,
|
||||
role=baker.make(ClubRole, club=club, is_board=True),
|
||||
)
|
||||
baker.make(Membership, user=user, club=club, role=3)
|
||||
client.force_login(user)
|
||||
url = reverse("club:club_edit_page", kwargs={"club_id": club.id})
|
||||
content = "# foo\nLorem ipsum dolor sit amet"
|
||||
|
||||
@@ -6,7 +6,7 @@ from django.utils.timezone import localdate
|
||||
from model_bakery import baker
|
||||
from model_bakery.recipe import Recipe
|
||||
|
||||
from club.models import Club, ClubRole, Membership
|
||||
from club.models import Club, Membership
|
||||
from club.schemas import UserMembershipSchema
|
||||
from core.baker_recipes import subscriber_user
|
||||
from core.models import Page
|
||||
@@ -19,10 +19,7 @@ class TestFetchClub(TestCase):
|
||||
pages = baker.make(Page, _quantity=3, _bulk_create=True)
|
||||
clubs = baker.make(Club, page=iter(pages), _quantity=3, _bulk_create=True)
|
||||
recipe = Recipe(
|
||||
Membership,
|
||||
user=cls.user,
|
||||
start_date=localdate() - timedelta(days=2),
|
||||
role=baker.make(ClubRole),
|
||||
Membership, user=cls.user, start_date=localdate() - timedelta(days=2)
|
||||
)
|
||||
cls.members = Membership.objects.bulk_create(
|
||||
[
|
||||
|
||||
@@ -35,10 +35,6 @@ from club.views import (
|
||||
ClubPageEditView,
|
||||
ClubPageHistView,
|
||||
ClubRevView,
|
||||
ClubRoleBoardCreateView,
|
||||
ClubRoleMemberCreateView,
|
||||
ClubRolePresidencyCreateView,
|
||||
ClubRoleUpdateView,
|
||||
ClubSellingCSVView,
|
||||
ClubSellingView,
|
||||
ClubToolsView,
|
||||
@@ -75,22 +71,6 @@ urlpatterns = [
|
||||
ClubOldMembersView.as_view(),
|
||||
name="club_old_members",
|
||||
),
|
||||
path("<int:club_id>/role/", ClubRoleUpdateView.as_view(), name="club_roles"),
|
||||
path(
|
||||
"<int:club_id>/role/new/president/",
|
||||
ClubRolePresidencyCreateView.as_view(),
|
||||
name="new_role_president",
|
||||
),
|
||||
path(
|
||||
"<int:club_id>/role/new/board/",
|
||||
ClubRoleBoardCreateView.as_view(),
|
||||
name="new_role_board",
|
||||
),
|
||||
path(
|
||||
"<int:club_id>/role/new/member/",
|
||||
ClubRoleMemberCreateView.as_view(),
|
||||
name="new_role_member",
|
||||
),
|
||||
path("<int:club_id>/sellings/", ClubSellingView.as_view(), name="club_sellings"),
|
||||
path(
|
||||
"<int:club_id>/sellings/csv/", ClubSellingCSVView.as_view(), name="sellings_csv"
|
||||
|
||||
+11
-132
@@ -28,11 +28,8 @@ import csv
|
||||
import itertools
|
||||
from typing import TYPE_CHECKING, Any
|
||||
|
||||
from django.contrib.auth.mixins import (
|
||||
LoginRequiredMixin,
|
||||
PermissionRequiredMixin,
|
||||
UserPassesTestMixin,
|
||||
)
|
||||
from django.conf import settings
|
||||
from django.contrib.auth.mixins import LoginRequiredMixin, PermissionRequiredMixin
|
||||
from django.contrib.messages.views import SuccessMessageMixin
|
||||
from django.core.exceptions import NON_FIELD_ERRORS, PermissionDenied, ValidationError
|
||||
from django.core.paginator import InvalidPage, Paginator
|
||||
@@ -59,14 +56,12 @@ from club.forms import (
|
||||
ClubAdminEditForm,
|
||||
ClubEditForm,
|
||||
ClubOldMemberForm,
|
||||
ClubRoleCreateForm,
|
||||
ClubRoleFormSet,
|
||||
ClubSearchForm,
|
||||
JoinClubForm,
|
||||
MailingForm,
|
||||
SellingsForm,
|
||||
)
|
||||
from club.models import Club, ClubRole, Mailing, MailingSubscription, Membership
|
||||
from club.models import Club, Mailing, MailingSubscription, Membership
|
||||
from com.models import Poster
|
||||
from com.views import (
|
||||
PosterCreateBaseView,
|
||||
@@ -360,7 +355,7 @@ class ClubMembersView(
|
||||
membership = self.object.get_membership_for(self.request.user)
|
||||
if (
|
||||
membership
|
||||
and not membership.role.is_board
|
||||
and membership.role <= settings.SITH_MAXIMUM_FREE_ROLE
|
||||
and not self.request.user.has_perm("club.add_membership")
|
||||
):
|
||||
# Simple club members won't see the form anymore.
|
||||
@@ -385,8 +380,8 @@ class ClubMembersView(
|
||||
kwargs["members"] = list(
|
||||
self.object.members.ongoing()
|
||||
.annotate(is_editable=Q(id__in=editable))
|
||||
.order_by("role__order")
|
||||
.select_related("user", "role")
|
||||
.order_by("-role")
|
||||
.select_related("user")
|
||||
)
|
||||
kwargs["can_end_membership"] = len(editable) > 0
|
||||
return kwargs
|
||||
@@ -414,125 +409,12 @@ class ClubOldMembersView(ClubTabsMixin, PermissionRequiredMixin, DetailView):
|
||||
return super().get_context_data(**kwargs) | {
|
||||
"old_members": (
|
||||
self.object.members.exclude(end_date=None)
|
||||
.order_by("role__order", "description", "-end_date")
|
||||
.select_related("user", "role")
|
||||
.order_by("-role", "description", "-end_date")
|
||||
.select_related("user")
|
||||
)
|
||||
}
|
||||
|
||||
|
||||
class ClubRoleUpdateView(
|
||||
ClubTabsMixin, UserPassesTestMixin, SuccessMessageMixin, UpdateView
|
||||
):
|
||||
form_class = ClubRoleFormSet
|
||||
model = Club
|
||||
template_name = "club/club_roles.jinja"
|
||||
pk_url_kwarg = "club_id"
|
||||
current_tab = "members"
|
||||
success_message = _("Club roles updated")
|
||||
|
||||
@cached_property
|
||||
def club(self) -> Club:
|
||||
return self.get_object()
|
||||
|
||||
def test_func(self):
|
||||
return self.club.can_roles_be_edited_by(self.request.user)
|
||||
|
||||
def get_form_kwargs(self):
|
||||
return super().get_form_kwargs() | {"form_kwargs": {"label_suffix": ""}}
|
||||
|
||||
def get_success_url(self):
|
||||
return reverse("club:club_members", kwargs={"club_id": self.club.id})
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
return super().get_context_data(**kwargs) | {
|
||||
"user_role": ClubRole.objects.filter(
|
||||
club=self.club,
|
||||
members__user=self.request.user,
|
||||
members__end_date=None,
|
||||
)
|
||||
.values_list("id", flat=True)
|
||||
.first()
|
||||
}
|
||||
|
||||
|
||||
class ClubRoleBaseCreateView(UserPassesTestMixin, SuccessMessageMixin, CreateView):
|
||||
"""View to create a new Club Role, using [][club.forms.ClubRoleCreateForm].
|
||||
|
||||
This view isn't meant to be called directly, but rather subclassed for each
|
||||
type of role that can exist :
|
||||
|
||||
- `[ClubRolePresidencyCreateView][club.views.ClubRolePresidencyCreateView]`
|
||||
to create a presidency role
|
||||
- `[ClubRoleBoardCreateView][club.views.ClubRoleBoardCreateView]`
|
||||
to create a board role
|
||||
- `[ClubRoleMemberCreateView][club.views.ClubRoleMemberCreateView]`
|
||||
to create a member role
|
||||
|
||||
Each subclass have to override the following variables :
|
||||
|
||||
- `is_presidency` and `is_board`, indicating what type of role
|
||||
the view creates.
|
||||
- `role_description`, which is the title of the page, indication
|
||||
the user what kind of role is being created.
|
||||
|
||||
This way, we are making sure the correct type of role will
|
||||
be created, without bothering the user with the implementation details.
|
||||
"""
|
||||
|
||||
form_class = ClubRoleCreateForm
|
||||
model = ClubRole
|
||||
template_name = "core/create.jinja"
|
||||
success_message = _("Role %(name)s created")
|
||||
role_description = ""
|
||||
is_presidency: bool
|
||||
is_board: bool
|
||||
|
||||
@cached_property
|
||||
def club(self):
|
||||
return get_object_or_404(Club, id=self.kwargs["club_id"])
|
||||
|
||||
def test_func(self):
|
||||
return self.request.user.is_authenticated and (
|
||||
self.request.user.has_perm("club.add_clubrole")
|
||||
or self.club.members.filter(
|
||||
user=self.request.user, role__is_presidency=True
|
||||
).exists()
|
||||
)
|
||||
|
||||
def get_form_kwargs(self):
|
||||
return super().get_form_kwargs() | {
|
||||
"club": self.club,
|
||||
"is_presidency": self.is_presidency,
|
||||
"is_board": self.is_board,
|
||||
}
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
return super().get_context_data(**kwargs) | {
|
||||
"object_name": self.role_description
|
||||
}
|
||||
|
||||
def get_success_url(self):
|
||||
return reverse("club:club_roles", kwargs={"club_id": self.club.id})
|
||||
|
||||
|
||||
class ClubRolePresidencyCreateView(ClubRoleBaseCreateView):
|
||||
is_presidency = True
|
||||
is_board = True
|
||||
role_description = _("club role \u2013 presidency")
|
||||
|
||||
|
||||
class ClubRoleBoardCreateView(ClubRoleBaseCreateView):
|
||||
is_presidency = False
|
||||
is_board = True
|
||||
role_description = _("club role \u2013 board")
|
||||
|
||||
|
||||
class ClubRoleMemberCreateView(ClubRoleBaseCreateView):
|
||||
is_presidency = False
|
||||
is_board = False
|
||||
role_description = _("club role \u2013 member")
|
||||
|
||||
|
||||
class ClubSellingView(ClubTabsMixin, CanEditMixin, DetailFormView):
|
||||
"""Sales of a club."""
|
||||
|
||||
@@ -699,11 +581,6 @@ class ClubCreateView(PermissionRequiredMixin, CreateView):
|
||||
template_name = "core/create.jinja"
|
||||
permission_required = "club.add_club"
|
||||
|
||||
def form_valid(self, form):
|
||||
res = super().form_valid(form)
|
||||
self.object.create_default_roles()
|
||||
return res
|
||||
|
||||
|
||||
class MembershipSetOldView(CanEditMixin, SingleObjectMixin, View):
|
||||
"""Set a membership as being old."""
|
||||
@@ -884,7 +761,9 @@ class MailingAutoGenerationView(View):
|
||||
def get(self, request, *args, **kwargs):
|
||||
club = self.mailing.club
|
||||
self.mailing.subscriptions.all().delete()
|
||||
members = club.members.ongoing().filter(role__is_board=True)
|
||||
members = club.members.filter(
|
||||
role__gte=settings.SITH_CLUB_ROLES_ID["Board member"]
|
||||
).exclude(end_date__lte=timezone.now())
|
||||
for member in members.all():
|
||||
MailingSubscription(user=member.user, mailing=self.mailing).save()
|
||||
return redirect("club:mailing", club_id=club.id)
|
||||
|
||||
@@ -28,7 +28,7 @@ from django.utils.translation import gettext as _
|
||||
from model_bakery import baker
|
||||
from pytest_django.asserts import assertNumQueries, assertRedirects
|
||||
|
||||
from club.models import Club, ClubRole, Membership
|
||||
from club.models import Club, Membership
|
||||
from com.models import News, NewsDate, Poster, Sith, Weekmail, WeekmailArticle
|
||||
from core.baker_recipes import subscriber_user
|
||||
from core.models import AnonymousUser, Group, User
|
||||
@@ -214,8 +214,7 @@ class TestNewsCreation(TestCase):
|
||||
def setUpTestData(cls):
|
||||
cls.club = baker.make(Club)
|
||||
cls.user = subscriber_user.make()
|
||||
role = baker.make(ClubRole, club=cls.club, is_board=True)
|
||||
baker.make(Membership, user=cls.user, club=cls.club, role=role)
|
||||
baker.make(Membership, user=cls.user, club=cls.club, role=5)
|
||||
|
||||
def setUp(self):
|
||||
self.client.force_login(self.user)
|
||||
|
||||
+1
-1
@@ -503,7 +503,7 @@ class WeekmailArticleCreateView(CreateView):
|
||||
self.object = form.instance
|
||||
form.is_valid() # Valid a first time to populate club field
|
||||
m = form.instance.club.get_membership_for(request.user)
|
||||
if m is None or not m.role.is_board:
|
||||
if m is None or m.role <= settings.SITH_MAXIMUM_FREE_ROLE:
|
||||
form.add_error(
|
||||
"club",
|
||||
ValidationError(
|
||||
|
||||
@@ -4,9 +4,9 @@ from dateutil.relativedelta import relativedelta
|
||||
from django.conf import settings
|
||||
from django.utils.timezone import localdate, now
|
||||
from model_bakery import seq
|
||||
from model_bakery.recipe import Recipe, foreign_key, related
|
||||
from model_bakery.recipe import Recipe, related
|
||||
|
||||
from club.models import ClubRole, Membership
|
||||
from club.models import Membership
|
||||
from core.models import Group, User
|
||||
from subscription.models import Subscription
|
||||
|
||||
@@ -52,9 +52,7 @@ ae_board_membership = Recipe(
|
||||
Membership,
|
||||
start_date=now() - timedelta(days=30),
|
||||
club_id=settings.SITH_MAIN_CLUB_ID,
|
||||
role=foreign_key(
|
||||
Recipe(ClubRole, club_id=settings.SITH_MAIN_CLUB_ID, is_board=True)
|
||||
),
|
||||
role=settings.SITH_CLUB_ROLES_ID["Board member"],
|
||||
)
|
||||
|
||||
board_user = Recipe(
|
||||
|
||||
+11
-8
@@ -1,19 +1,16 @@
|
||||
class FourDigitYearConverter:
|
||||
regex = "[0-9]{4}"
|
||||
from django.urls.converters import IntConverter, StringConverter
|
||||
|
||||
def to_python(self, value):
|
||||
return int(value)
|
||||
|
||||
class FourDigitYearConverter(IntConverter):
|
||||
regex = "[0-9]{4}"
|
||||
|
||||
def to_url(self, value):
|
||||
return str(value).zfill(4)
|
||||
|
||||
|
||||
class TwoDigitMonthConverter:
|
||||
class TwoDigitMonthConverter(IntConverter):
|
||||
regex = "[0-9]{2}"
|
||||
|
||||
def to_python(self, value):
|
||||
return int(value)
|
||||
|
||||
def to_url(self, value):
|
||||
return str(value).zfill(2)
|
||||
|
||||
@@ -28,3 +25,9 @@ class BooleanStringConverter:
|
||||
|
||||
def to_url(self, value):
|
||||
return str(value)
|
||||
|
||||
|
||||
class ResultConverter(StringConverter):
|
||||
"""Converter whose regex match either "success" or "failure"."""
|
||||
|
||||
regex = "(success|failure)"
|
||||
|
||||
@@ -28,6 +28,7 @@ from typing import ClassVar, NamedTuple
|
||||
from django.conf import settings
|
||||
from django.contrib.auth.models import Permission
|
||||
from django.contrib.sites.models import Site
|
||||
from django.core.files.base import ContentFile
|
||||
from django.core.management import call_command
|
||||
from django.core.management.base import BaseCommand
|
||||
from django.db import connection
|
||||
@@ -36,7 +37,7 @@ from django.utils import timezone
|
||||
from django.utils.timezone import localdate
|
||||
from PIL import Image
|
||||
|
||||
from club.models import Club, ClubRole, Membership
|
||||
from club.models import Club, Membership
|
||||
from com.ics_calendar import IcsCalendar
|
||||
from com.models import News, NewsDate, Sith, Weekmail
|
||||
from core.models import BanGroup, Group, Page, PageRev, SithFile, User
|
||||
@@ -62,13 +63,6 @@ class PopulatedGroups(NamedTuple):
|
||||
campus_admin: Group
|
||||
|
||||
|
||||
class PopulatedClubs(NamedTuple):
|
||||
ae: Club
|
||||
troll: Club
|
||||
pdf: Club
|
||||
refound: Club
|
||||
|
||||
|
||||
class Command(BaseCommand):
|
||||
ROOT_PATH: ClassVar[Path] = Path(__file__).parent.parent.parent.parent
|
||||
SAS_FIXTURE_PATH: ClassVar[Path] = (
|
||||
@@ -111,23 +105,47 @@ class Command(BaseCommand):
|
||||
)
|
||||
self.profiles_root = SithFile.objects.create(name="profiles", owner=root)
|
||||
home_root = SithFile.objects.create(name="users", owner=root)
|
||||
club_root = SithFile.objects.create(name="clubs", owner=root)
|
||||
sas = SithFile.objects.create(name="SAS", owner=root, is_in_sas=True)
|
||||
SithFile.objects.create(
|
||||
name="CGU",
|
||||
is_folder=False,
|
||||
file=ContentFile(
|
||||
content="Conditions générales d'utilisation", name="cgu.txt"
|
||||
),
|
||||
owner=root,
|
||||
)
|
||||
|
||||
# Page needed for club creation
|
||||
p = Page(name=settings.SITH_CLUB_ROOT_PAGE)
|
||||
p.save(force_lock=True)
|
||||
|
||||
club_root = SithFile.objects.create(name="clubs", owner=root)
|
||||
sas = SithFile.objects.create(name="SAS", owner=root, is_in_sas=True)
|
||||
clubs = self._create_clubs()
|
||||
main_club = Club.objects.create(
|
||||
id=1, name="AE", address="6 Boulevard Anatole France, 90000 Belfort"
|
||||
)
|
||||
main_club.board_group.permissions.add(
|
||||
*Permission.objects.filter(
|
||||
codename__in=[
|
||||
"view_subscription",
|
||||
"add_subscription",
|
||||
"view_hidden_user",
|
||||
]
|
||||
)
|
||||
)
|
||||
bar_club = Club.objects.create(
|
||||
id=settings.SITH_PDF_CLUB_ID,
|
||||
name="PdF",
|
||||
address="6 Boulevard Anatole France, 90000 Belfort",
|
||||
)
|
||||
|
||||
self.reset_index("club")
|
||||
for bar_id, bar_name in settings.SITH_COUNTER_BARS:
|
||||
Counter(id=bar_id, name=bar_name, club=clubs.pdf, type="BAR").save()
|
||||
Counter(id=bar_id, name=bar_name, club=bar_club, type="BAR").save()
|
||||
self.reset_index("counter")
|
||||
counters = [
|
||||
Counter(name="Eboutic", club=clubs.ae, type="EBOUTIC"),
|
||||
Counter(name="AE", club=clubs.ae, type="OFFICE"),
|
||||
Counter(name="Vidage comptes AE", club=clubs.ae, type="OFFICE"),
|
||||
Counter(name="Eboutic", club=main_club, type="EBOUTIC"),
|
||||
Counter(name="AE", club=main_club, type="OFFICE"),
|
||||
Counter(name="Vidage comptes AE", club=main_club, type="OFFICE"),
|
||||
]
|
||||
Counter.objects.bulk_create(counters)
|
||||
bar_groups = []
|
||||
@@ -310,41 +328,54 @@ class Command(BaseCommand):
|
||||
self._create_subscription(tutu)
|
||||
StudentCard(uid="9A89B82018B0A0", customer=sli.customer).save()
|
||||
|
||||
Membership.objects.create(
|
||||
user=skia, club=clubs.ae, role=clubs.ae.roles.get(name="Respo Info")
|
||||
# Clubs
|
||||
Club.objects.create(
|
||||
name="Bibo'UT", address="46 de la Boustifaille", parent=main_club
|
||||
)
|
||||
guyut = Club.objects.create(
|
||||
name="Guy'UT", address="42 de la Boustifaille", parent=main_club
|
||||
)
|
||||
Club.objects.create(name="Woenzel'UT", address="Woenzel", parent=guyut)
|
||||
troll = Club.objects.create(
|
||||
name="Troll Penché", address="Terre Du Milieu", parent=main_club
|
||||
)
|
||||
refound = Club.objects.create(
|
||||
name="Carte AE", address="Jamais imprimée", parent=main_club
|
||||
)
|
||||
|
||||
Membership.objects.create(user=skia, club=main_club, role=3)
|
||||
Membership.objects.create(
|
||||
user=comunity,
|
||||
club=clubs.pdf,
|
||||
club=bar_club,
|
||||
start_date=localdate(),
|
||||
role=clubs.pdf.roles.get(name="Membre du bureau"),
|
||||
role=settings.SITH_CLUB_ROLES_ID["Board member"],
|
||||
)
|
||||
Membership.objects.create(
|
||||
user=sli,
|
||||
club=clubs.troll,
|
||||
role=clubs.troll.roles.get(name="Vice-Président⸱e"),
|
||||
club=troll,
|
||||
role=9,
|
||||
description="Padawan Troll",
|
||||
start_date=localdate() - timedelta(days=17),
|
||||
)
|
||||
Membership.objects.create(
|
||||
user=krophil,
|
||||
club=clubs.troll,
|
||||
role=clubs.troll.roles.get(name="Président⸱e"),
|
||||
club=troll,
|
||||
role=10,
|
||||
description="Maitre Troll",
|
||||
start_date=localdate() - timedelta(days=200),
|
||||
)
|
||||
Membership.objects.create(
|
||||
user=skia,
|
||||
club=clubs.troll,
|
||||
role=clubs.troll.roles.get(name="Membre du bureau"),
|
||||
club=troll,
|
||||
role=2,
|
||||
description="Grand Ancien Troll",
|
||||
start_date=localdate() - timedelta(days=400),
|
||||
end_date=localdate() - timedelta(days=86),
|
||||
)
|
||||
Membership.objects.create(
|
||||
user=richard,
|
||||
club=clubs.troll,
|
||||
role=clubs.troll.roles.get(name="Membre du bureau"),
|
||||
club=troll,
|
||||
role=2,
|
||||
description="",
|
||||
start_date=localdate() - timedelta(days=200),
|
||||
end_date=localdate() - timedelta(days=100),
|
||||
@@ -361,7 +392,7 @@ class Command(BaseCommand):
|
||||
purchase_price="15",
|
||||
selling_price="15",
|
||||
special_selling_price="15",
|
||||
club=clubs.ae,
|
||||
club=main_club,
|
||||
)
|
||||
cotis2 = Product.objects.create(
|
||||
name="Cotis 2 semestres",
|
||||
@@ -370,7 +401,7 @@ class Command(BaseCommand):
|
||||
purchase_price="28",
|
||||
selling_price="28",
|
||||
special_selling_price="28",
|
||||
club=clubs.ae,
|
||||
club=main_club,
|
||||
)
|
||||
refill = Product.objects.create(
|
||||
name="Rechargement 15 €",
|
||||
@@ -379,7 +410,7 @@ class Command(BaseCommand):
|
||||
purchase_price="15",
|
||||
selling_price="15",
|
||||
special_selling_price="15",
|
||||
club=clubs.ae,
|
||||
club=main_club,
|
||||
)
|
||||
barb = Product.objects.create(
|
||||
name="Barbar",
|
||||
@@ -388,7 +419,7 @@ class Command(BaseCommand):
|
||||
purchase_price="1.50",
|
||||
selling_price="1.7",
|
||||
special_selling_price="1.6",
|
||||
club=clubs.ae,
|
||||
club=main_club,
|
||||
limit_age=18,
|
||||
)
|
||||
cble = Product.objects.create(
|
||||
@@ -398,7 +429,7 @@ class Command(BaseCommand):
|
||||
purchase_price="1.50",
|
||||
selling_price="1.7",
|
||||
special_selling_price="1.6",
|
||||
club=clubs.ae,
|
||||
club=main_club,
|
||||
limit_age=18,
|
||||
)
|
||||
cons = Product.objects.create(
|
||||
@@ -408,7 +439,7 @@ class Command(BaseCommand):
|
||||
purchase_price="1",
|
||||
selling_price="1",
|
||||
special_selling_price="1",
|
||||
club=clubs.ae,
|
||||
club=main_club,
|
||||
)
|
||||
dcons = Product.objects.create(
|
||||
name="Déconsigne Eco-cup",
|
||||
@@ -417,7 +448,7 @@ class Command(BaseCommand):
|
||||
purchase_price="-1",
|
||||
selling_price="-1",
|
||||
special_selling_price="-1",
|
||||
club=clubs.ae,
|
||||
club=main_club,
|
||||
)
|
||||
cors = Product.objects.create(
|
||||
name="Corsendonk",
|
||||
@@ -426,7 +457,7 @@ class Command(BaseCommand):
|
||||
purchase_price="1.50",
|
||||
selling_price="1.7",
|
||||
special_selling_price="1.6",
|
||||
club=clubs.ae,
|
||||
club=main_club,
|
||||
limit_age=18,
|
||||
)
|
||||
carolus = Product.objects.create(
|
||||
@@ -436,7 +467,7 @@ class Command(BaseCommand):
|
||||
purchase_price="1.50",
|
||||
selling_price="1.7",
|
||||
special_selling_price="1.6",
|
||||
club=clubs.ae,
|
||||
club=main_club,
|
||||
limit_age=18,
|
||||
)
|
||||
Product.objects.create(
|
||||
@@ -445,7 +476,7 @@ class Command(BaseCommand):
|
||||
purchase_price="0",
|
||||
selling_price="0",
|
||||
special_selling_price="0",
|
||||
club=clubs.refound,
|
||||
club=refound,
|
||||
)
|
||||
groups.subscribers.products.add(
|
||||
cotis, cotis2, refill, barb, cble, cors, carolus
|
||||
@@ -458,7 +489,7 @@ class Command(BaseCommand):
|
||||
eboutic = Counter.objects.get(name="Eboutic")
|
||||
eboutic.products.add(barb, cotis, cotis2, refill)
|
||||
|
||||
Counter.objects.create(name="Carte AE", club=clubs.refound, type="OFFICE")
|
||||
Counter.objects.create(name="Carte AE", club=refound, type="OFFICE")
|
||||
|
||||
ReturnableProduct.objects.create(
|
||||
product=cons, returned_product=dcons, max_return=3
|
||||
@@ -482,7 +513,7 @@ class Command(BaseCommand):
|
||||
end_date="7942-06-12 10:28:45+01",
|
||||
)
|
||||
el.view_groups.add(groups.public)
|
||||
el.edit_groups.add(clubs.ae.board_group)
|
||||
el.edit_groups.add(main_club.board_group)
|
||||
el.candidature_groups.add(groups.subscribers)
|
||||
el.vote_groups.add(groups.subscribers)
|
||||
liste = ElectionList.objects.create(title="Candidature Libre", election=el)
|
||||
@@ -555,7 +586,7 @@ class Command(BaseCommand):
|
||||
title="Apero barman",
|
||||
summary="Viens boire un coup avec les barmans",
|
||||
content="Glou glou glou glou glou glou glou",
|
||||
club=clubs.pdf,
|
||||
club=bar_club,
|
||||
author=subscriber,
|
||||
is_published=True,
|
||||
moderator=skia,
|
||||
@@ -573,7 +604,7 @@ class Command(BaseCommand):
|
||||
content=(
|
||||
"Viens donc t'enjailler avec les autres barmans aux frais du BdF! \\o/"
|
||||
),
|
||||
club=clubs.pdf,
|
||||
club=bar_club,
|
||||
author=subscriber,
|
||||
is_published=True,
|
||||
moderator=skia,
|
||||
@@ -589,7 +620,7 @@ class Command(BaseCommand):
|
||||
title="Repas fromager",
|
||||
summary="Wien manger du l'bon fromeug'",
|
||||
content="Fô viendre mangey d'la bonne fondue!",
|
||||
club=clubs.pdf,
|
||||
club=bar_club,
|
||||
author=subscriber,
|
||||
is_published=True,
|
||||
moderator=skia,
|
||||
@@ -605,7 +636,7 @@ class Command(BaseCommand):
|
||||
title="SdF",
|
||||
summary="Enjoy la fin des finaux!",
|
||||
content="Viens faire la fête avec tout plein de gens!",
|
||||
club=clubs.pdf,
|
||||
club=bar_club,
|
||||
author=subscriber,
|
||||
is_published=True,
|
||||
moderator=skia,
|
||||
@@ -623,7 +654,7 @@ class Command(BaseCommand):
|
||||
summary="Viens jouer!",
|
||||
content="Rejoins la fine équipe du Troll Penché et viens "
|
||||
"t'amuser le Vendredi soir!",
|
||||
club=clubs.troll,
|
||||
club=troll,
|
||||
author=subscriber,
|
||||
is_published=True,
|
||||
moderator=skia,
|
||||
@@ -760,57 +791,6 @@ class Command(BaseCommand):
|
||||
)
|
||||
s.save()
|
||||
|
||||
def _create_clubs(self) -> PopulatedClubs:
|
||||
ae = Club.objects.create(
|
||||
id=1, name="AE", address="6 Boulevard Anatole France, 90000 Belfort"
|
||||
)
|
||||
ae.board_group.permissions.add(
|
||||
*Permission.objects.filter(
|
||||
codename__in=[
|
||||
"view_subscription",
|
||||
"add_subscription",
|
||||
"add_membership",
|
||||
"view_hidden_user",
|
||||
]
|
||||
)
|
||||
)
|
||||
pdf = Club.objects.create(
|
||||
id=settings.SITH_PDF_CLUB_ID,
|
||||
name="PdF",
|
||||
address="6 Boulevard Anatole France, 90000 Belfort",
|
||||
)
|
||||
troll = Club.objects.create(
|
||||
name="Troll Penché", address="Terre Du Milieu", parent=ae
|
||||
)
|
||||
refound = Club.objects.create(
|
||||
name="Carte AE", address="Jamais imprimée", parent=ae
|
||||
)
|
||||
roles = []
|
||||
presidency_roles = ["Président⸱e", "Vice-Président⸱e"]
|
||||
board_roles = [
|
||||
"Trésorier⸱e",
|
||||
"Secrétaire",
|
||||
"Respo Info",
|
||||
"Respo Com",
|
||||
"Membre du bureau",
|
||||
]
|
||||
simple_roles = ["Membre actif⸱ve", "Curieux⸱euse"]
|
||||
for club in ae, pdf, troll, refound:
|
||||
for i, role in enumerate(presidency_roles):
|
||||
roles.append(
|
||||
ClubRole(
|
||||
club=club, order=i, name=role, is_presidency=True, is_board=True
|
||||
)
|
||||
)
|
||||
for i, role in enumerate(board_roles, start=len(presidency_roles)):
|
||||
roles.append(ClubRole(club=club, order=i, name=role, is_board=True))
|
||||
for i, role in enumerate(
|
||||
simple_roles, start=len(presidency_roles) + len(board_roles)
|
||||
):
|
||||
roles.append(ClubRole(club=club, order=i, name=role))
|
||||
ClubRole.objects.bulk_create(roles)
|
||||
return PopulatedClubs(ae=ae, troll=troll, pdf=pdf, refound=refound)
|
||||
|
||||
def _create_groups(self) -> PopulatedGroups:
|
||||
perms = Permission.objects.all()
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
import math
|
||||
import random
|
||||
from datetime import date, timedelta
|
||||
from datetime import timezone as tz
|
||||
@@ -11,7 +12,7 @@ from django.db.models import Count, Exists, Min, OuterRef, Subquery
|
||||
from django.utils.timezone import localdate, make_aware, now
|
||||
from faker import Faker
|
||||
|
||||
from club.models import Club, ClubRole, Membership
|
||||
from club.models import Club, Membership
|
||||
from core.models import Group, User, UserBan
|
||||
from counter.models import (
|
||||
Counter,
|
||||
@@ -34,12 +35,17 @@ class Command(BaseCommand):
|
||||
super().__init__(*args, **kwargs)
|
||||
self.faker = Faker("fr_FR")
|
||||
|
||||
def add_arguments(self, parser):
|
||||
parser.add_argument(
|
||||
"-n", "--nb-users", help="Number of users to create", type=int, default=600
|
||||
)
|
||||
|
||||
def handle(self, *args, **options):
|
||||
if not settings.DEBUG:
|
||||
raise Exception("Never call this command in prod. Never.")
|
||||
|
||||
self.stdout.write("Creating users...")
|
||||
users = self.create_users()
|
||||
users = self.create_users(options["nb_users"])
|
||||
self.create_bans(random.sample(users, k=len(users) // 200)) # 0.5% of users
|
||||
subscribers = random.sample(users, k=int(0.8 * len(users)))
|
||||
self.stdout.write("Creating subscriptions...")
|
||||
@@ -79,7 +85,7 @@ class Command(BaseCommand):
|
||||
self.stdout.write("Creating products...")
|
||||
self.create_products()
|
||||
self.stdout.write("Creating sales and refills...")
|
||||
sellers = random.sample(list(User.objects.all()), 100)
|
||||
sellers = random.sample(users, len(users) // 10)
|
||||
self.create_sales(sellers)
|
||||
self.stdout.write("Creating permanences...")
|
||||
self.create_permanences(sellers)
|
||||
@@ -88,7 +94,7 @@ class Command(BaseCommand):
|
||||
|
||||
self.stdout.write("Done")
|
||||
|
||||
def create_users(self) -> list[User]:
|
||||
def create_users(self, nb_users: int = 600) -> list[User]:
|
||||
# Create a single password hash for all users to make it faster.
|
||||
# It's insecure as hell, but it's ok since it's only for dev purposes.
|
||||
password = make_password("plop")
|
||||
@@ -107,7 +113,7 @@ class Command(BaseCommand):
|
||||
address=self.faker.address(),
|
||||
password=password,
|
||||
)
|
||||
for _ in range(600)
|
||||
for _ in range(nb_users)
|
||||
]
|
||||
# there may a duplicate or two
|
||||
# Not a problem, we will just have 599 users instead of 600
|
||||
@@ -172,25 +178,20 @@ class Command(BaseCommand):
|
||||
Customer.objects.bulk_create(customers, ignore_conflicts=True)
|
||||
|
||||
def make_club(self, club: Club, members: list[User], old_members: list[User]):
|
||||
roles: list[ClubRole] = list(club.roles.all())
|
||||
|
||||
def zip_roles(users: list[User]) -> Iterator[tuple[User, ClubRole]]:
|
||||
important_roles = [r for r in roles if r.is_board]
|
||||
important_roles.sort(key=lambda r: r.order)
|
||||
simple_board_role = important_roles.pop()
|
||||
member_roles = [r for r in roles if not r.is_board]
|
||||
def zip_roles(users: list[User]) -> Iterator[tuple[User, int]]:
|
||||
roles = iter(sorted(settings.SITH_CLUB_ROLES.keys(), reverse=True))
|
||||
user_idx = 0
|
||||
for _role in important_roles:
|
||||
while (role := next(roles)) > 2:
|
||||
# one member for each major role
|
||||
yield users[user_idx], _role
|
||||
yield users[user_idx], role
|
||||
user_idx += 1
|
||||
for _ in range(int(0.3 * (len(users) - user_idx))):
|
||||
# 30% of the remaining in the board
|
||||
yield users[user_idx], simple_board_role
|
||||
yield users[user_idx], 2
|
||||
user_idx += 1
|
||||
for remaining in users[user_idx + 1 :]:
|
||||
# everything else is a simple member
|
||||
yield remaining, random.choices(member_roles, weights=(0.8, 0.2))[0]
|
||||
yield remaining, 1
|
||||
|
||||
memberships = []
|
||||
old_members = old_members.copy()
|
||||
@@ -202,14 +203,19 @@ class Command(BaseCommand):
|
||||
start_date=start,
|
||||
end_date=self.faker.past_date(start),
|
||||
user=old,
|
||||
role=random.choice(roles),
|
||||
role=random.choice(list(settings.SITH_CLUB_ROLES.keys())),
|
||||
club=club,
|
||||
)
|
||||
)
|
||||
for member, role in zip_roles(members):
|
||||
start = self.faker.past_date("-1y")
|
||||
memberships.append(
|
||||
Membership(start_date=start, user=member, role=role, club=club)
|
||||
Membership(
|
||||
start_date=start,
|
||||
user=member,
|
||||
role=role,
|
||||
club=club,
|
||||
)
|
||||
)
|
||||
memberships = Membership.objects.bulk_create(memberships)
|
||||
Membership._add_club_groups(memberships)
|
||||
@@ -410,8 +416,9 @@ class Command(BaseCommand):
|
||||
Permanency.objects.bulk_create(perms)
|
||||
|
||||
def create_forums(self):
|
||||
forumers = random.sample(list(User.objects.all()), 100)
|
||||
most_actives = random.sample(forumers, 10)
|
||||
users = list(User.objects.all())
|
||||
forumers = random.sample(users, math.ceil(len(users) / 10))
|
||||
most_actives = random.sample(forumers, math.ceil(len(forumers) / 6))
|
||||
categories = list(Forum.objects.filter(is_category=True))
|
||||
new_forums = [
|
||||
Forum(name=self.faker.text(20), parent=random.choice(categories))
|
||||
|
||||
+3
-1
@@ -131,7 +131,9 @@ class UserQuerySet(models.QuerySet):
|
||||
if user.has_perm("core.view_hidden_user"):
|
||||
return self
|
||||
if user.has_perm("core.view_user"):
|
||||
return self.filter(Q(is_viewable=True) | Q(whitelisted_users=user))
|
||||
return self.filter(
|
||||
Q(is_viewable=True) | Q(whitelisted_users=user) | Q(pk=user.pk)
|
||||
)
|
||||
if user.is_anonymous:
|
||||
return self.none()
|
||||
return self.filter(id=user.id)
|
||||
|
||||
@@ -53,7 +53,7 @@ details.accordion>.accordion-content {
|
||||
opacity: 0;
|
||||
|
||||
@supports (max-height: calc-size(max-content, size)) {
|
||||
max-height: 0;
|
||||
max-height: 0px;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -71,12 +71,11 @@ details.accordion>.accordion-content {
|
||||
}
|
||||
}
|
||||
|
||||
// ::details-content is available on firefox only since september 2025
|
||||
// (and wasn't available when this code was initially written)
|
||||
// ::details-content isn't available on firefox yet
|
||||
// we use .accordion-content as a workaround
|
||||
// But we need to use ::details-content for chrome because it's
|
||||
// not working correctly otherwise
|
||||
// it only happens in chrome, not safari or firefox
|
||||
// it only happen in chrome, not safari or firefox
|
||||
// Note: `selector` is not supported by scss so we comment it out to
|
||||
// avoid compiling it and sending it straight to the css
|
||||
// This is a trick that comes from here :
|
||||
|
||||
@@ -141,7 +141,6 @@ form {
|
||||
display: block;
|
||||
margin: calc(var(--nf-input-size) * 1.5) auto 10px;
|
||||
line-height: 1;
|
||||
white-space: nowrap;
|
||||
|
||||
.fields-centered {
|
||||
padding: 10px 10px 0;
|
||||
|
||||
@@ -1,18 +1,11 @@
|
||||
{% extends "core/base.jinja" %}
|
||||
|
||||
{# if the template context has the `object_name` variable,
|
||||
then this one will be used in the page title,
|
||||
instead of the result of `str(object)` #}
|
||||
{% if not object_name %}
|
||||
{% set object_name=form.instance.__class__._meta.verbose_name %}
|
||||
{% endif %}
|
||||
|
||||
{% block title %}
|
||||
{% trans name=object_name %}Create {{ name }}{% endtrans %}
|
||||
{% trans name=form.instance.__class__._meta.verbose_name %}Create {{ name }}{% endtrans %}
|
||||
{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
<h2>{% trans name=object_name %}Create {{ name }}{% endtrans %}</h2>
|
||||
<h2>{% trans name=form.instance.__class__._meta.verbose_name %}Create {{ name }}{% endtrans %}</h2>
|
||||
<form action="" method="post" enctype="multipart/form-data">
|
||||
{% csrf_token %}
|
||||
{{ form.as_p() }}
|
||||
|
||||
@@ -23,10 +23,10 @@
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
{% for m in profile.memberships.ongoing().select_related("role") %}
|
||||
{% for m in profile.memberships.filter(end_date=None).all() %}
|
||||
<tr>
|
||||
<td><a href="{{ url('club:club_members', club_id=m.club.id) }}">{{ m.club }}</a></td>
|
||||
<td>{{ m.role.name }}</td>
|
||||
<td>{{ settings.SITH_CLUB_ROLES[m.role] }}</td>
|
||||
<td>{{ m.description }}</td>
|
||||
<td>{{ m.start_date }}</td>
|
||||
{% if m.can_be_edited_by(user) %}
|
||||
@@ -65,10 +65,10 @@
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
{% for m in profile.memberships.exclude(end_date=None).select_related("role") %}
|
||||
{% for m in profile.memberships.exclude(end_date=None).all() %}
|
||||
<tr>
|
||||
<td><a href="{{ url('club:club_members', club_id=m.club.id) }}">{{ m.club }}</a></td>
|
||||
<td>{{ m.role.name }}</td>
|
||||
<td>{{ settings.SITH_CLUB_ROLES[m.role] }}</td>
|
||||
<td>{{ m.description }}</td>
|
||||
<td>{{ m.start_date }}</td>
|
||||
<td>{{ m.end_date }}</td>
|
||||
|
||||
@@ -0,0 +1,13 @@
|
||||
import contextlib
|
||||
import os
|
||||
|
||||
import pytest
|
||||
from django.core.management import call_command
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_populate_more(settings):
|
||||
"""Just check that populate more doesn't crash"""
|
||||
settings.DEBUG = True
|
||||
with open(os.devnull, "w") as devnull, contextlib.redirect_stdout(devnull):
|
||||
call_command("populate_more", "--nb-users", "50")
|
||||
@@ -11,7 +11,7 @@ from django.utils.timezone import now
|
||||
from model_bakery import baker
|
||||
from pytest_django.asserts import assertHTMLEqual, assertRedirects
|
||||
|
||||
from club.models import Club, Membership
|
||||
from club.models import Club
|
||||
from core.baker_recipes import board_user, subscriber_user
|
||||
from core.markdown import markdown
|
||||
from core.models import AnonymousUser, Page, PageRev, User
|
||||
@@ -122,9 +122,6 @@ def test_page_revision_club_redirection(client: Client):
|
||||
@pytest.mark.django_db
|
||||
def test_viewable_by():
|
||||
# remove existing pages to prevent side effect
|
||||
# club pages are protected, so we must delete clubs first
|
||||
Membership.objects.all().delete()
|
||||
Club.objects.all().delete()
|
||||
Page.objects.all().delete()
|
||||
view_groups = [
|
||||
[settings.SITH_GROUP_PUBLIC_ID],
|
||||
|
||||
+12
-4
@@ -410,12 +410,20 @@ class TestUserQuerySetViewableBy:
|
||||
assert set(viewable) == set(users)
|
||||
|
||||
@pytest.mark.parametrize(
|
||||
"user_factory", [old_subscriber_user.make, subscriber_user.make]
|
||||
"user_factory",
|
||||
[
|
||||
old_subscriber_user.make,
|
||||
lambda: old_subscriber_user.make(is_viewable=False),
|
||||
subscriber_user.make,
|
||||
lambda: subscriber_user.make(is_viewable=False),
|
||||
],
|
||||
)
|
||||
def test_subscriber(self, users: list[User], user_factory):
|
||||
def test_can_search(self, users: list[User], user_factory):
|
||||
user = user_factory()
|
||||
viewable = User.objects.filter(id__in=[u.id for u in users]).viewable_by(user)
|
||||
assert set(viewable) == {users[0], users[1]}
|
||||
viewable = User.objects.filter(
|
||||
id__in=[u.id for u in [*users, user]]
|
||||
).viewable_by(user)
|
||||
assert set(viewable) == {user, users[0], users[1]}
|
||||
|
||||
def test_whitelist(self, users: list[User]):
|
||||
user = subscriber_user.make()
|
||||
|
||||
+40
-3
@@ -12,22 +12,32 @@
|
||||
# OR WITHIN THE LOCAL FILE "LICENSE"
|
||||
#
|
||||
#
|
||||
from __future__ import annotations
|
||||
|
||||
import hmac
|
||||
from datetime import date, timedelta
|
||||
|
||||
# Image utils
|
||||
from io import BytesIO
|
||||
from typing import Final
|
||||
from typing import TYPE_CHECKING
|
||||
from urllib.parse import urlencode
|
||||
|
||||
import PIL
|
||||
from django.conf import settings
|
||||
from django.core.files.base import ContentFile
|
||||
from django.core.files.uploadedfile import UploadedFile
|
||||
from django.http import HttpRequest
|
||||
from django.utils.timezone import localdate
|
||||
from PIL import ExifTags
|
||||
from PIL.Image import Image, Resampling
|
||||
|
||||
if TYPE_CHECKING:
|
||||
from _hashlib import HASH
|
||||
from collections.abc import Buffer, Mapping, Sequence
|
||||
from typing import Any, Callable, Final
|
||||
|
||||
from django.core.files.uploadedfile import UploadedFile
|
||||
from django.http import HttpRequest
|
||||
|
||||
|
||||
RED_PIXEL_PNG: Final[bytes] = (
|
||||
b"\x89\x50\x4e\x47\x0d\x0a\x1a\x0a\x00\x00\x00\x0d\x49\x48\x44\x52"
|
||||
b"\x00\x00\x00\x01\x00\x00\x00\x01\x08\x02\x00\x00\x00\x90\x77\x53"
|
||||
@@ -205,3 +215,30 @@ def get_client_ip(request: HttpRequest) -> str | None:
|
||||
return ip
|
||||
|
||||
return None
|
||||
|
||||
|
||||
def hmac_hexdigest(
|
||||
key: str | bytes,
|
||||
data: Mapping[str, Any] | Sequence[tuple[str, Any]],
|
||||
digest: str | Callable[[Buffer], HASH] = "sha512",
|
||||
) -> str:
|
||||
"""Return the hexdigest of the signature of the given data.
|
||||
|
||||
Args:
|
||||
key: the HMAC key used for the signature
|
||||
data: the data to sign
|
||||
digest: a PEP247 hashing algorithm (by default, sha512)
|
||||
|
||||
Examples:
|
||||
```python
|
||||
data = {
|
||||
"foo": 5,
|
||||
"bar": "somevalue",
|
||||
}
|
||||
hmac_key = secrets.token_hex(64)
|
||||
signature = hmac_hexdigest(hmac_key, data, "sha256")
|
||||
```
|
||||
"""
|
||||
if isinstance(key, str):
|
||||
key = key.encode()
|
||||
return hmac.digest(key, urlencode(data).encode(), digest).hex()
|
||||
|
||||
+1
-1
@@ -583,7 +583,7 @@ class Counter(models.Model):
|
||||
if user.is_anonymous:
|
||||
return False
|
||||
mem = self.club.get_membership_for(user)
|
||||
if mem and mem.role.is_presidency:
|
||||
if mem and mem.role >= settings.SITH_CLUB_ROLES_ID["Treasurer"]:
|
||||
return True
|
||||
return user.is_in_group(pk=settings.SITH_GROUP_COUNTER_ADMIN_ID)
|
||||
|
||||
|
||||
@@ -32,7 +32,7 @@ from model_bakery import baker
|
||||
from model_bakery.recipe import Recipe
|
||||
from pytest_django.asserts import assertRedirects
|
||||
|
||||
from club.models import ClubRole, Membership
|
||||
from club.models import Membership
|
||||
from core.baker_recipes import board_user, subscriber_user, very_old_subscriber_user
|
||||
from core.models import BanGroup, User
|
||||
from counter.baker_recipes import product_recipe, sale_recipe
|
||||
@@ -88,7 +88,7 @@ class TestFullClickBase(TestCase):
|
||||
Membership,
|
||||
start_date=now() - timedelta(days=30),
|
||||
club=cls.club_counter.club,
|
||||
role=baker.make(ClubRole, club=cls.club_counter.club, is_board=True),
|
||||
role=settings.SITH_CLUB_ROLES_ID["Board member"],
|
||||
user=cls.club_admin,
|
||||
)
|
||||
|
||||
@@ -782,13 +782,7 @@ class TestClubCounterClickAccess(TestCase):
|
||||
"counter:click",
|
||||
kwargs={"counter_id": cls.counter.id, "user_id": cls.customer.id},
|
||||
)
|
||||
cls.board_role, cls.member_role = baker.make(
|
||||
ClubRole,
|
||||
club=cls.counter.club,
|
||||
is_board=iter([True, False]),
|
||||
_quantity=2,
|
||||
_bulk_create=True,
|
||||
)
|
||||
|
||||
cls.user = subscriber_user.make()
|
||||
|
||||
def setUp(self):
|
||||
@@ -803,17 +797,13 @@ class TestClubCounterClickAccess(TestCase):
|
||||
res = self.client.get(self.click_url)
|
||||
assert res.status_code == 403
|
||||
# being a member of the club, without being in the board, isn't enough
|
||||
baker.make(
|
||||
Membership, club=self.counter.club, user=self.user, role=self.member_role
|
||||
)
|
||||
baker.make(Membership, club=self.counter.club, user=self.user, role=1)
|
||||
res = self.client.get(self.click_url)
|
||||
assert res.status_code == 403
|
||||
|
||||
def test_board_member(self):
|
||||
"""By default, board members should be able to click on office counters"""
|
||||
baker.make(
|
||||
Membership, club=self.counter.club, user=self.user, role=self.board_role
|
||||
)
|
||||
baker.make(Membership, club=self.counter.club, user=self.user, role=3)
|
||||
self.client.force_login(self.user)
|
||||
res = self.client.get(self.click_url)
|
||||
assert res.status_code == 200
|
||||
@@ -828,9 +818,7 @@ class TestClubCounterClickAccess(TestCase):
|
||||
def test_both_barman_and_board_member(self):
|
||||
"""If the user is barman and board member, he should be authorized as well."""
|
||||
self.counter.sellers.add(self.user)
|
||||
baker.make(
|
||||
Membership, club=self.counter.club, user=self.user, role=self.board_role
|
||||
)
|
||||
baker.make(Membership, club=self.counter.club, user=self.user, role=3)
|
||||
self.client.force_login(self.user)
|
||||
res = self.client.get(self.click_url)
|
||||
assert res.status_code == 200
|
||||
|
||||
@@ -3,13 +3,14 @@ import string
|
||||
from datetime import timedelta
|
||||
|
||||
import pytest
|
||||
from django.conf import settings
|
||||
from django.contrib.auth.base_user import make_password
|
||||
from django.test import Client, TestCase
|
||||
from django.urls import reverse
|
||||
from django.utils.timezone import now
|
||||
from model_bakery import baker
|
||||
|
||||
from club.models import ClubRole, Membership
|
||||
from club.models import Membership
|
||||
from core.baker_recipes import board_user, subscriber_user
|
||||
from core.models import User
|
||||
from counter.baker_recipes import product_recipe, refill_recipe, sale_recipe
|
||||
@@ -41,12 +42,11 @@ class TestStudentCard(TestCase):
|
||||
cls.counter.sellers.add(cls.barmen)
|
||||
|
||||
cls.club_counter = baker.make(Counter)
|
||||
role = baker.make(ClubRole, club=cls.club_counter.club, is_board=True)
|
||||
baker.make(
|
||||
Membership,
|
||||
start_date=now() - timedelta(days=30),
|
||||
club=cls.club_counter.club,
|
||||
role=role,
|
||||
role=settings.SITH_CLUB_ROLES_ID["Board member"],
|
||||
user=cls.club_admin,
|
||||
)
|
||||
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
::: api.schemas
|
||||
@@ -0,0 +1 @@
|
||||
::: api.views
|
||||
@@ -0,0 +1,368 @@
|
||||
Le site AE offre des mécanismes permettant aux applications tierces
|
||||
de récupérer les informations sur un utilisateur du site AE.
|
||||
De cette manière, il devient possible de synchroniser les informations
|
||||
qu possède l'application tierce sur l'utilisateur, directement depuis
|
||||
le site AE.
|
||||
|
||||
## Fonctionnement général
|
||||
|
||||
Pour authentifier vos utilisateurs, vous aurez besoin d'un serveur web
|
||||
et d'un client d'API (celui auquel est liée votre
|
||||
[clef d'API](./connect.md#obtenir-une-clef-dapi)).
|
||||
Deux informations vous sont nécessaires, en plus de votre clef d'API :
|
||||
|
||||
- l'id du client : vous pouvez l'obtenir soit en le demandant à l'équipe info,
|
||||
soit en appelant la route `GET /api/client/me` avec votre clef d'API
|
||||
renseignée dans le header [X-APIKey](./connect.md#x-apikey)
|
||||
- la clef HMAC du client : vous devez la demander à l'équipe info.
|
||||
|
||||
Grâce à ces informations, vous allez pouvoir fournir le contexte nécessaire
|
||||
au site AE pour qu'il authentifie vos utilisateurs.
|
||||
|
||||
En effet, la démarche d'authentification s'effectue presque entièrement
|
||||
sur le site : le travail de l'application tierce consiste uniquement
|
||||
à fournir à l'utilisateur une url avec les bons paramètres, puis
|
||||
à recevoir la réponse du serveur si tout s'est bien passé.
|
||||
|
||||
Comme un dessin vaut parfois mieux que mille mots,
|
||||
voici les diagrammes décrivant le processus.
|
||||
L'un montre l'entièreté de la démarche ;
|
||||
l'autre dans un souci de simplicité, ne montre que ce qui est visible
|
||||
directement par l'application tierce.
|
||||
|
||||
=== "Intégralité du processus"
|
||||
|
||||
```mermaid
|
||||
sequenceDiagram
|
||||
actor User
|
||||
participant App
|
||||
User->>+App: Authentifie-moi, stp
|
||||
App-->>-User: url de connexion<br/>avec signature
|
||||
User->>+Sith: GET url
|
||||
opt Utilisateur non-connecté
|
||||
Sith->>+User: Formulaire de connexion
|
||||
User-->>-Sith: Connexion
|
||||
end
|
||||
Sith->>Sith: vérification de la signature
|
||||
Sith->>+User: Formulaire<br/>des conditions<br/>d'utilisation
|
||||
User-->>-Sith: Validation
|
||||
Sith->>+App: URL de retour<br/>avec données utilisateur
|
||||
App->>App: Traitement des <br/>données utilisateur
|
||||
App-->>-Sith: 204 OK, No content
|
||||
Sith-->>-User: Message de succès
|
||||
App--)User: Message de succès
|
||||
```
|
||||
|
||||
=== "Point de vue de l'application tierce"
|
||||
|
||||
```mermaid
|
||||
sequenceDiagram
|
||||
actor User
|
||||
participant App
|
||||
User->>+App: Authentifie-moi, stp
|
||||
App-->>-User: url de connexion<br/>avec signature
|
||||
opt
|
||||
Sith->>+App: URL de retour<br/>avec données utilisateur
|
||||
App->>App: Traitement des <br/>données utilisateur
|
||||
App-->>-Sith: 204 OK, No content
|
||||
App--)User: Message de succès
|
||||
end
|
||||
```
|
||||
|
||||
## Données attendues
|
||||
|
||||
### URL de connexion
|
||||
|
||||
L'URL de connexion que vous allez fournir à l'utilisateur doit
|
||||
être `https://ae.utbm.fr/api-link/auth/`
|
||||
et doit contenir les données décrites dans
|
||||
[`ThirdPartyAuthParamsSchema`][api.schemas.ThirdPartyAuthParamsSchema] :
|
||||
|
||||
- `client_id` (integer) : l'id de votre client, que vous pouvez obtenir
|
||||
de la manière décrite plus haut
|
||||
- `third_party_app`(string) : le nom de la plateforme pour laquelle
|
||||
l'authentification va être réalisée (si votre application est un bot
|
||||
discord, mettez la valeur "discord")
|
||||
- `privacy_link`(URL) : l'URL vers la page de politique de confidentialité
|
||||
qui s'appliquera dans le cadre de l'application
|
||||
(s'il s'agit d'un bot discord, donnez le lien vers celles de Discord)
|
||||
- `username`(string) : le pseudonyme que l'utilisateur possède sur
|
||||
votre application
|
||||
- `callback_url`(URL) : l'URL que le site AE appellera si l'authentification
|
||||
réussit
|
||||
- `signature`(string) : la signature des données de la requête.
|
||||
Il s'agit d'une signature par clef HMAC dont le fonctionnement
|
||||
est détaillé plus bas.
|
||||
|
||||
Ces données doivent être url-encodées et passées dans les paramètres GET.
|
||||
|
||||
!!!warning "URL de retour"
|
||||
|
||||
Les URLs fournies doivent être des URLs HTTP valides.
|
||||
En outre, elles doivent obligatoirement inclure la barre oblique finale.
|
||||
|
||||
=== "URL correcte ✔️"
|
||||
|
||||
`https://exemple.ae.utbm.fr/foo/`
|
||||
|
||||
=== "URL incorrecte ❌"
|
||||
|
||||
`https://exemple.ae.utbm.fr/foo`
|
||||
|
||||
!!!tip
|
||||
|
||||
Inclure l'id de votre utilisateur dans l'URL de retour
|
||||
peut être un bon moyen de l'identifier lors du callback.
|
||||
Par exemple : `GET /callback/{int:user_id}/`.
|
||||
|
||||
???Example
|
||||
|
||||
Supposons que votre client d'API soit utilisé dans le cadre d'un bot Discord,
|
||||
avec les données suivantes :
|
||||
|
||||
- l'id du client est 15
|
||||
- sa clef HMAC est "beb99dd53"
|
||||
(c'est pour l'exemple, une vraie clef sera beaucoup plus longue)
|
||||
- le pseudonyme discord de votre utilisateur est Brian
|
||||
- son id sur discord est 123456789
|
||||
- votre route de callback est `GET /callback/{int:user_id}/`,
|
||||
accessible au domaine `https://bot.ae.utbm.fr`
|
||||
|
||||
Alors les paramètres de votre URL seront :
|
||||
|
||||
| Paramètre | valeur |
|
||||
|-----------------|-----------------------------------------------------------------------|
|
||||
| client_id | 15 |
|
||||
| third_party_app | discord |
|
||||
| privacy_link | `https://discord.com/privacy` |
|
||||
| username | Brian |
|
||||
| callback_url | `https://bot.ae.utbm.fr/callback/123456789/` |
|
||||
| signature | 1a383c51060be64f07772aa42e07<br/>18ae096b8f21f2cdb4061c0834a416d12101 |
|
||||
|
||||
Et l'url fournie à l'utilisateur sera :
|
||||
|
||||
`https://ae.utbm.fr/api-link/auth/?client_id=15&third_party_app=discord
|
||||
&privacy_link=https%3A%2F%2Fdiscord.com%2Fprivacy&username=Brian
|
||||
&callback_url=https%3A%2F%2Fbot.ae.utbm.fr%2Fcallback%2F123456789%2F
|
||||
&signature=1a383c51060be64f07772aa42e0718ae096b8f21f2cdb4061c0834a416d12101`
|
||||
|
||||
### Données de retour
|
||||
|
||||
Si l'authentification réussit, le site AE enverra une requête HTTP POST
|
||||
à l'URL de retour fournie dans l'URL de connexion.
|
||||
|
||||
Le corps de la requête de callback et au format JSON
|
||||
et contient deux paires clef-valeur :
|
||||
|
||||
- `user` : les données utilisateur, telles que décrites
|
||||
par [UserProfileSchema][core.schemas.UserProfileSchema]
|
||||
- `signature` : la signature des données utilisateur
|
||||
|
||||
???Example
|
||||
|
||||
En reprenant les mêmes paramètres que dans l'exemple précédent,
|
||||
le site AE pourra renvoyer à l'application la requête suivante :
|
||||
|
||||
```http
|
||||
POST https://bot.ae.utbm.fr/callback/123456789/
|
||||
content-type: application/json
|
||||
body: {
|
||||
"user": {
|
||||
"id": 144131,
|
||||
"nick_name": "inzekitchen",
|
||||
"first_name": "Brian",
|
||||
...
|
||||
},
|
||||
"signature": "f16955bab6b805f6e1abbb98a86dfee53fed0bf812aa6513ca46cfd461b70020"
|
||||
}
|
||||
```
|
||||
|
||||
L'application doit répondre avec un des codes HTTP suivants :
|
||||
|
||||
| Code | Raison |
|
||||
|------|--------------------------------------------------------------------------------|
|
||||
| 204 | Tout s'est bien passé |
|
||||
| 403 | Les données de retour ne sont <br>pas signées ou sont mal signées |
|
||||
| 404 | L'URL de retour ne permet pas <br>d'identifier un utilisateur de l'application |
|
||||
|
||||
!!!note "Code d'erreur par défaut"
|
||||
|
||||
Si l'appel de la route fait face à plusieurs problèmes en même temps
|
||||
(par exemple, l'URL ne permet pas de retrouver votre utilisateur,
|
||||
et en plus les données sont mal signées),
|
||||
le 403 prime et doit être retourné par défaut.
|
||||
|
||||
## Signature des données
|
||||
|
||||
Les données de l'URL de connexion doivent être signées,
|
||||
et la signature de l'URL de retour doit être vérifiée.
|
||||
|
||||
Dans le deux cas, la signature est le digest HMAC-SHA512
|
||||
des données url-encodées, en utilisant la clef HMAC du client d'API.
|
||||
L'ordre dans lequel ces données sont placées dans l'encodage URL
|
||||
doit être strictement le même que celui donné plus haut.
|
||||
|
||||
???Example "Signature de l'URL de connexion"
|
||||
|
||||
En reprenant le même exemple que les fois précédentes,
|
||||
l'url-encodage des données est :
|
||||
|
||||
`client_id=15&third_party_app=discord
|
||||
&privacy_link=https%3A%2F%2Fdiscord.com%2Fprivacy%2F&username=Brian
|
||||
&callback_url=https%3A%2F%2Fbot.ae.utbm.fr%2Fcallback%2F123456789%2F`
|
||||
|
||||
Notez que la signature n'est pas (encore) dedans.
|
||||
Cette dernière peut-être obtenue avec le code suivant :
|
||||
|
||||
=== ":simple-python: Python"
|
||||
|
||||
Dépendances :
|
||||
|
||||
- `environs` (>=14.1)
|
||||
|
||||
```python
|
||||
import hmac
|
||||
from urllib.parse import urlencode
|
||||
|
||||
from environs import Env
|
||||
|
||||
env = Env()
|
||||
env.read_env()
|
||||
|
||||
key = env.str("HMAC_KEY").encode()
|
||||
data = {
|
||||
"client_id": 15,
|
||||
"third_party_app": "discord",
|
||||
"privacy_link": "https://discord.com/privacy/",
|
||||
"username": "Brian",
|
||||
"callback_url": "https://bot.ae.utbm.fr/callback/123456789/",
|
||||
}
|
||||
urlencoded = urlencode(data)
|
||||
data["signature"] = hmac.digest(key, urlencoded.encode(), "sha512").hex()
|
||||
|
||||
# URL a fournir à l'utilisateur pour son authentification
|
||||
user_url = f"https://ae.ubtm.fr/api-link/auth/?{urlencode(data)}"
|
||||
```
|
||||
|
||||
=== ":simple-rust: Rust"
|
||||
|
||||
Dépendances :
|
||||
|
||||
- `hmac` (>=0.12.1)
|
||||
- `url` (>=2.5.7, features `serde`)
|
||||
- `serde` (>=1.0.228, features `derive`)
|
||||
- `serde_urlencoded` (>="0.7.1)
|
||||
- `sha2` (>=0.10.9)
|
||||
- `dotenvy` (>= 0.15)
|
||||
|
||||
```rust
|
||||
use hmac::{Mac, SimpleHmac};
|
||||
use serde::Serialize;
|
||||
use sha2::Sha512;
|
||||
use url::Url;
|
||||
|
||||
#[derive(Serialize, Debug)]
|
||||
struct UrlData<'a> {
|
||||
client_id: u32,
|
||||
third_party_app: &'a str,
|
||||
privacy_link: Url,
|
||||
username: &'a str,
|
||||
callback_url: Url,
|
||||
}
|
||||
|
||||
impl<'a> UrlData<'a> {
|
||||
pub fn signature(&self, key: &[u8]) -> CtOutput<SimpleHmac<Sha512>> {
|
||||
let urlencoded = serde_urlencoded::to_string(self).unwrap();
|
||||
SimpleHmac::<Sha512>::new_from_slice(key)
|
||||
.unwrap()
|
||||
.chain_update(urlencoded.as_bytes())
|
||||
.finalize()
|
||||
}
|
||||
}
|
||||
|
||||
impl Into<Url> for UrlData<'_> {
|
||||
fn into(self) -> Url {
|
||||
let key = std::env::var("HMAC_KEY").unwrap();
|
||||
let mut url = Url::parse("http://ae.utbm.fr/api-link/auth/").unwrap();
|
||||
url.set_query(Some(
|
||||
format!(
|
||||
"{}&signature={:x}",
|
||||
serde_urlencoded::to_string(&self).unwrap(),
|
||||
self.signature(key.as_bytes()).into_bytes()
|
||||
)
|
||||
.as_str(),
|
||||
));
|
||||
url
|
||||
}
|
||||
}
|
||||
|
||||
fn main() {
|
||||
dotenvy::dotenv().expect("Couldn't load env");
|
||||
let data = UrlData {
|
||||
client_id: 1,
|
||||
third_party_app: "discord",
|
||||
privacy_link: "https://discord.com/privacy/".parse().unwrap(),
|
||||
username: "Brian",
|
||||
callback_url: "https://bot.ae.utbm.fr/callback/123456789/"
|
||||
.parse()
|
||||
.unwrap(),
|
||||
};
|
||||
let url: Url = data.into();
|
||||
println!("{:?}", url);
|
||||
}
|
||||
```
|
||||
|
||||
???Example "Vérification de la signature de la réponse"
|
||||
|
||||
Les données utilisateur peuvent ressembler à :
|
||||
|
||||
```json
|
||||
{
|
||||
"user": {
|
||||
"display_name": "Matthieu Vincent",
|
||||
"profile_url": "/user/380/",
|
||||
"profile_pict": "/static/core/img/unknown.jpg",
|
||||
"id": 380,
|
||||
"nick_name": None,
|
||||
"first_name": "Matthieu",
|
||||
"last_name": "Vincent",
|
||||
},
|
||||
"signature": "3802a280fbb01bd9fetc."
|
||||
}
|
||||
```
|
||||
|
||||
Vous pouvez vérifier la signature ainsi :
|
||||
|
||||
```python
|
||||
import hmac
|
||||
from urllib.parse import urlencode
|
||||
|
||||
from environs import Env
|
||||
|
||||
env = Env()
|
||||
env.read_env()
|
||||
|
||||
def is_signature_valid(user_data: dict, signature: str) -> bool:
|
||||
key = env.str("HMAC_KEY").encode()
|
||||
urlencoded = urlencode(user_data)
|
||||
return hmac.compare_digest(
|
||||
hmac.digest(key, urlencoded.encode(), "sha512").hex(),
|
||||
signature,
|
||||
)
|
||||
|
||||
|
||||
post_data = <récupération des données POST>
|
||||
print(
|
||||
"signature valide :",
|
||||
is_signature_valid(post_data["user"], post_data["signature"]
|
||||
)
|
||||
```
|
||||
|
||||
!!!Warning
|
||||
|
||||
Vous devez impérativement vérifier la signature
|
||||
des données de la requête de callback !
|
||||
|
||||
Si l'équipe informatique se rend compte que vous ne le faites pas,
|
||||
elle se réserve le droit de suspendre votre application,
|
||||
immédiatement et sans préavis.
|
||||
@@ -112,7 +112,7 @@ cf. [HTTP persistant connection (wikipedia)](https://en.wikipedia.org/wiki/HTTP_
|
||||
|
||||
Voici quelques exemples :
|
||||
|
||||
=== "Python (requests)"
|
||||
=== ":simple-python: Python (requests)"
|
||||
|
||||
Dépendances :
|
||||
|
||||
@@ -132,7 +132,7 @@ Voici quelques exemples :
|
||||
print(response.json())
|
||||
```
|
||||
|
||||
=== "Python (aiohttp)"
|
||||
=== ":simple-python: Python (aiohttp)"
|
||||
|
||||
Dépendances :
|
||||
|
||||
@@ -158,7 +158,7 @@ Voici quelques exemples :
|
||||
asyncio.run(main())
|
||||
```
|
||||
|
||||
=== "Javascript (axios)"
|
||||
=== ":simple-javascript: Javascript (axios)"
|
||||
|
||||
Dépendances :
|
||||
|
||||
@@ -178,7 +178,7 @@ Voici quelques exemples :
|
||||
console.log(await instance.get("club/1").json());
|
||||
```
|
||||
|
||||
=== "Rust (reqwest)"
|
||||
=== ":simple-rust: Rust (reqwest)"
|
||||
|
||||
Dépendances :
|
||||
|
||||
|
||||
@@ -1,37 +0,0 @@
|
||||
#
|
||||
# Copyright 2022
|
||||
# - Maréchal <thgirod@hotmail.com
|
||||
#
|
||||
# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
|
||||
# http://ae.utbm.fr.
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify it under
|
||||
# the terms of the GNU General Public License a published by the Free Software
|
||||
# Foundation; either version 3 of the License, or (at your option) any later
|
||||
# version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful, but WITHOUT
|
||||
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
|
||||
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
|
||||
# details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License along with
|
||||
# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
|
||||
# Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
|
||||
|
||||
class PaymentResultConverter:
|
||||
"""Converter used for url mapping of the `eboutic.views.payment_result` view.
|
||||
|
||||
It's meant to build an url that can match
|
||||
either `/eboutic/pay/success/` or `/eboutic/pay/failure/`
|
||||
but nothing else.
|
||||
"""
|
||||
|
||||
regex = "(success|failure)"
|
||||
|
||||
def to_python(self, value):
|
||||
return str(value)
|
||||
|
||||
def to_url(self, value):
|
||||
return str(value)
|
||||
+2
-2
@@ -24,7 +24,7 @@
|
||||
|
||||
from django.urls import path, register_converter
|
||||
|
||||
from eboutic.converters import PaymentResultConverter
|
||||
from core.converters import ResultConverter
|
||||
from eboutic.views import (
|
||||
BillingInfoFormFragment,
|
||||
EbouticCheckout,
|
||||
@@ -35,7 +35,7 @@ from eboutic.views import (
|
||||
payment_result,
|
||||
)
|
||||
|
||||
register_converter(PaymentResultConverter, "res")
|
||||
register_converter(ResultConverter, "res")
|
||||
|
||||
urlpatterns = [
|
||||
# Subscription views
|
||||
|
||||
+1
-1
@@ -183,7 +183,7 @@ class Forum(models.Model):
|
||||
Forum._club_memberships[self.id] = {}
|
||||
Forum._club_memberships[self.id][user.id] = m
|
||||
if m:
|
||||
return m.role.is_board
|
||||
return m.role > settings.SITH_MAXIMUM_FREE_ROLE
|
||||
return False
|
||||
|
||||
def check_loop(self):
|
||||
|
||||
@@ -29,9 +29,8 @@ from django.conf import settings
|
||||
from django.core.files.base import ContentFile
|
||||
from django.core.management.base import BaseCommand
|
||||
from django.utils import timezone
|
||||
from model_bakery import baker
|
||||
|
||||
from club.models import Club, ClubRole, Membership
|
||||
from club.models import Club, Membership
|
||||
from core.models import Group, Page, SithFile, User
|
||||
from core.utils import RED_PIXEL_PNG
|
||||
from sas.models import Album, PeoplePictureRelation, Picture
|
||||
@@ -218,19 +217,11 @@ class Command(BaseCommand):
|
||||
"The `make_clubs()` method must be called before `make_club_memberships()`"
|
||||
)
|
||||
memberships = []
|
||||
roles = {
|
||||
r.club_id: r.id
|
||||
for r in baker.make(
|
||||
ClubRole,
|
||||
club=iter(self.clubs),
|
||||
_quantity=len(self.clubs),
|
||||
_bulk_create=True,
|
||||
)
|
||||
}
|
||||
for i in range(1, 11): # users can be in up to 20 clubs
|
||||
self.logger.info(f"Club membership, pass {i}")
|
||||
for uid in range(i, self.NB_USERS, i):
|
||||
# Pass #1 will make sure every user is at least in one club
|
||||
for uid in range(
|
||||
i, self.NB_USERS, i
|
||||
): # Pass #1 will make sure every user is at least in one club
|
||||
user = self.users[uid]
|
||||
club = self.clubs[(uid + i**2) % self.NB_CLUBS]
|
||||
|
||||
@@ -245,7 +236,7 @@ class Command(BaseCommand):
|
||||
Membership(
|
||||
user=user,
|
||||
club=club,
|
||||
role_id=roles[club.id],
|
||||
role=(uid + i) % 10 + 1, # spread the different roles
|
||||
start_date=start,
|
||||
end_date=end,
|
||||
)
|
||||
@@ -268,7 +259,7 @@ class Command(BaseCommand):
|
||||
Membership(
|
||||
user=user,
|
||||
club=club,
|
||||
role_id=roles[club.id],
|
||||
role=((uid // 10) + i) % 10 + 1, # spread the different roles
|
||||
start_date=start,
|
||||
end_date=end,
|
||||
)
|
||||
|
||||
+226
-260
@@ -6,7 +6,7 @@
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2026-04-18 11:38+0200\n"
|
||||
"POT-Creation-Date: 2026-03-23 22:21+0100\n"
|
||||
"PO-Revision-Date: 2016-07-18\n"
|
||||
"Last-Translator: Maréchal <thomas.girod@utbm.fr\n"
|
||||
"Language-Team: AE info <ae.info@utbm.fr>\n"
|
||||
@@ -35,6 +35,10 @@ msgstr ""
|
||||
"True si gardé à jour par le biais d'un fournisseur externe de domains "
|
||||
"toxics, False sinon"
|
||||
|
||||
#: api/admin.py
|
||||
msgid "Reset HMAC key"
|
||||
msgstr "Réinitialiser la clef HMAC"
|
||||
|
||||
#: api/admin.py
|
||||
#, python-format
|
||||
msgid ""
|
||||
@@ -48,6 +52,23 @@ msgstr ""
|
||||
msgid "Revoke selected API keys"
|
||||
msgstr "Révoquer les clefs d'API sélectionnées"
|
||||
|
||||
#: api/forms.py
|
||||
msgid "I have read and I accept the terms and conditions of use"
|
||||
msgstr "J'ai lu et j'accepte les conditions générales d'utilisation."
|
||||
|
||||
#: api/forms.py
|
||||
msgid "You must approve the terms and conditions of use."
|
||||
msgstr "Vous devez approuver les conditions générales d'utilisation."
|
||||
|
||||
#: api/forms.py
|
||||
msgid "You must confirm that this is your username."
|
||||
msgstr "Vous devez confirmer que c'est bien votre nom d'utilisateur."
|
||||
|
||||
#: api/forms.py
|
||||
#, python-format
|
||||
msgid "I confirm that %(username)s is my username on %(app)s"
|
||||
msgstr "Je confirme que %(username)s est mon nom d'utilisateur sur %(app)s"
|
||||
|
||||
#: api/models.py club/models.py com/models.py counter/models.py forum/models.py
|
||||
msgid "name"
|
||||
msgstr "nom"
|
||||
@@ -68,6 +89,10 @@ msgstr "permissions du client"
|
||||
msgid "Specific permissions for this api client."
|
||||
msgstr "Permissions spécifiques pour ce client d'API"
|
||||
|
||||
#: api/models.py
|
||||
msgid "HMAC Key"
|
||||
msgstr "Clef HMAC"
|
||||
|
||||
#: api/models.py
|
||||
msgid "api client"
|
||||
msgstr "client d'api"
|
||||
@@ -97,6 +122,63 @@ msgstr "clef d'api"
|
||||
msgid "api keys"
|
||||
msgstr "clefs d'api"
|
||||
|
||||
#: api/templates/api/third_party/auth.jinja
|
||||
msgid "Confidentiality"
|
||||
msgstr "Confidentialité"
|
||||
|
||||
#: api/templates/api/third_party/auth.jinja
|
||||
#, python-format
|
||||
msgid ""
|
||||
"By ticking this box and clicking on the send button, you acknowledge and "
|
||||
"agree to provide %(app)s with your first name, last name, nickname and any "
|
||||
"other information that was the third party app was explicitly authorized to "
|
||||
"fetch and that it must have acknowledged to you, in a complete and accurate "
|
||||
"manner."
|
||||
msgstr ""
|
||||
"En cochant cette case et en cliquant sur le bouton « Envoyer », vous "
|
||||
"reconnaissez et acceptez de fournir à %(app)s votre prénom, nom, pseudonyme "
|
||||
"et toute autre information que l'application tierce a été explicitement "
|
||||
"autorisée à récupérer et qu'elle doit vous avoir communiqué de manière "
|
||||
"complète et exacte."
|
||||
|
||||
#: api/templates/api/third_party/auth.jinja
|
||||
#, python-format
|
||||
msgid ""
|
||||
"The privacy policies of <a href=\"%(privacy_link)s\">%(app)s</a> and of <a "
|
||||
"href=\"%(sith_cgu_link)s\">the Students' Association</a> applies as soon as "
|
||||
"the form is submitted."
|
||||
msgstr ""
|
||||
"Les politiques de confidentialité de <a href=\"%(privacy_link)s\">%(app)s</a> et de <a "
|
||||
"href=\"%(sith_cgu_link)s\">l'Association des Etudiants</a> s'appliquent dès la soumission "
|
||||
"du formulaire."
|
||||
|
||||
#: api/templates/api/third_party/auth.jinja
|
||||
msgid "Confirmation of identity"
|
||||
msgstr "Confirmation d'identité"
|
||||
|
||||
#: api/views.py
|
||||
#, python-format
|
||||
msgid ""
|
||||
"You are going to link your AE account and your %(app)s account. Continue "
|
||||
"only if this page was opened from %(app)s."
|
||||
msgstr ""
|
||||
"Vous allez lier votre compte AE et votre compte %(app)s. Poursuivez "
|
||||
"uniquement si cette page a été ouverte depuis %(app)s."
|
||||
|
||||
#: api/views.py
|
||||
msgid "You have been successfully authenticated. You can now close this page."
|
||||
msgstr "Vous avez été authentifié avec succès. Vous pouvez maintenant fermer cette page."
|
||||
|
||||
#: api/views.py
|
||||
msgid ""
|
||||
"Your authentication on the AE website was successful, but an error happened "
|
||||
"during the interaction with the third-party application. Please contact the "
|
||||
"managers of the latter."
|
||||
msgstr ""
|
||||
"Votre authentification sur le site AE a fonctionné, mais une erreur est arrivée "
|
||||
"durant l'interaction avec l'application tierce. Veuillez contacter les responsables "
|
||||
"de cette dernière."
|
||||
|
||||
#: club/forms.py
|
||||
msgid "Users to add"
|
||||
msgstr "Utilisateurs à ajouter"
|
||||
@@ -181,22 +263,6 @@ msgstr "Vous devez être cotisant pour faire partie d'un club"
|
||||
msgid "You are already a member of this club"
|
||||
msgstr "Vous êtes déjà membre de ce club."
|
||||
|
||||
#: club/forms.py
|
||||
msgid "Club status"
|
||||
msgstr "État du club"
|
||||
|
||||
#: club/forms.py
|
||||
msgid "Active"
|
||||
msgstr "Actif"
|
||||
|
||||
#: club/forms.py
|
||||
msgid "Inactive"
|
||||
msgstr "Inactif"
|
||||
|
||||
#: club/forms.py
|
||||
msgid "All clubs"
|
||||
msgstr "Tous les clubs"
|
||||
|
||||
#: club/models.py
|
||||
msgid "slug name"
|
||||
msgstr "nom slug"
|
||||
@@ -233,65 +299,15 @@ msgstr "home"
|
||||
msgid "You can not make loops in clubs"
|
||||
msgstr "Vous ne pouvez pas faire de boucles dans les clubs"
|
||||
|
||||
#: club/models.py com/models.py counter/models.py trombi/models.py
|
||||
msgid "club"
|
||||
msgstr "club"
|
||||
|
||||
#: club/models.py
|
||||
msgid "The club with which this role is associated"
|
||||
msgstr "Le club auquel ce rôle est attaché."
|
||||
|
||||
#: club/models.py core/models.py counter/models.py election/models.py
|
||||
#: forum/models.py
|
||||
msgid "description"
|
||||
msgstr "description"
|
||||
|
||||
#: club/models.py
|
||||
msgid "Board role"
|
||||
msgstr "Rôle du bureau"
|
||||
|
||||
#: club/models.py
|
||||
msgid "Presidency role"
|
||||
msgstr "Rôle de la présidence"
|
||||
|
||||
#: club/models.py
|
||||
msgid ""
|
||||
"If the role is inactive, people joining the club won't be able to get it."
|
||||
msgstr ""
|
||||
"Si ce rôle est inactif, il ne pourra pas être attribué aux gens qui "
|
||||
"rejoignent le club."
|
||||
|
||||
#: club/models.py
|
||||
msgid "club role"
|
||||
msgstr "rôle de club"
|
||||
|
||||
#: club/models.py
|
||||
msgid "club roles"
|
||||
msgstr "rôles de club"
|
||||
|
||||
#: club/models.py
|
||||
msgid "A role cannot be in the presidency while not being in the board"
|
||||
msgstr ""
|
||||
"Un rôle ne peut pas appartenir à la présidence sans être dans le bureau"
|
||||
|
||||
#: club/models.py
|
||||
#, python-format
|
||||
msgid "Role %(role)s cannot be placed below a member role"
|
||||
msgstr ""
|
||||
"Le rôle %(role)s ne peut pas être placé en-dessous d'un rôle de membre."
|
||||
|
||||
#: club/models.py
|
||||
#, python-format
|
||||
msgid "Role %(role)s cannot be placed below a non-presidency role"
|
||||
msgstr ""
|
||||
"Le rôle %(role)s ne peut pas être placé en-dessous d'un rôle qui n'est pas "
|
||||
"de la présidence."
|
||||
|
||||
#: club/models.py core/models.py counter/models.py eboutic/models.py
|
||||
#: election/models.py pedagogy/models.py sas/models.py trombi/models.py
|
||||
msgid "user"
|
||||
msgstr "utilisateur"
|
||||
|
||||
#: club/models.py com/models.py counter/models.py trombi/models.py
|
||||
msgid "club"
|
||||
msgstr "club"
|
||||
|
||||
#: club/models.py counter/models.py election/models.py
|
||||
msgid "start date"
|
||||
msgstr "date de début"
|
||||
@@ -304,6 +320,11 @@ msgstr "date de fin"
|
||||
msgid "role"
|
||||
msgstr "rôle"
|
||||
|
||||
#: club/models.py core/models.py counter/models.py election/models.py
|
||||
#: forum/models.py
|
||||
msgid "description"
|
||||
msgstr "description"
|
||||
|
||||
#: club/models.py
|
||||
msgid "past member"
|
||||
msgstr "ancien membre"
|
||||
@@ -362,28 +383,43 @@ msgstr "Cet email est déjà abonné à cette mailing"
|
||||
msgid "Unregistered user"
|
||||
msgstr "Utilisateur non enregistré"
|
||||
|
||||
#: club/templates/club/club_list.jinja
|
||||
msgid "The list of all clubs existing at UTBM."
|
||||
msgstr "La liste de tous les clubs existants à l'UTBM"
|
||||
|
||||
#: club/templates/club/club_list.jinja
|
||||
msgid "Club list"
|
||||
msgstr "Liste des clubs"
|
||||
|
||||
#: club/templates/club/club_list.jinja
|
||||
msgid "The list of all clubs existing at UTBM."
|
||||
msgstr "La liste de tous les clubs existants à l'UTBM"
|
||||
|
||||
#: club/templates/club/club_list.jinja
|
||||
msgid "Filters"
|
||||
msgstr "Filtres"
|
||||
|
||||
#: club/templates/club/club_list.jinja core/templates/core/base/header.jinja
|
||||
#: forum/templates/forum/macros.jinja matmat/templates/matmat/search_form.jinja
|
||||
msgid "Search"
|
||||
msgstr "Recherche"
|
||||
#: club/templates/club/club_list.jinja
|
||||
msgid "Name"
|
||||
msgstr "Nom"
|
||||
|
||||
#: club/templates/club/club_list.jinja
|
||||
msgid "Club state"
|
||||
msgstr "Etat du club"
|
||||
|
||||
#: club/templates/club/club_list.jinja
|
||||
msgid "Active"
|
||||
msgstr "Actif"
|
||||
|
||||
#: club/templates/club/club_list.jinja
|
||||
msgid "Inactive"
|
||||
msgstr "Inactif"
|
||||
|
||||
#: club/templates/club/club_list.jinja
|
||||
msgid "All clubs"
|
||||
msgstr "Tous les clubs"
|
||||
|
||||
#: club/templates/club/club_list.jinja core/templates/core/user_tools.jinja
|
||||
msgid "New club"
|
||||
msgstr "Nouveau club"
|
||||
|
||||
#: club/templates/club/club_list.jinja club/templates/club/club_roles.jinja
|
||||
#: club/templates/club/club_list.jinja
|
||||
msgid "inactive"
|
||||
msgstr "inactif"
|
||||
|
||||
@@ -391,10 +427,6 @@ msgstr "inactif"
|
||||
msgid "Club members"
|
||||
msgstr "Membres du club"
|
||||
|
||||
#: club/templates/club/club_members.jinja
|
||||
msgid "Manage roles"
|
||||
msgstr "Gérer les rôles"
|
||||
|
||||
#: club/templates/club/club_members.jinja
|
||||
#: club/templates/club/club_old_members.jinja
|
||||
#: core/templates/core/user_clubs.jinja
|
||||
@@ -433,120 +465,6 @@ msgstr "Du"
|
||||
msgid "To"
|
||||
msgstr "Au"
|
||||
|
||||
#: club/templates/club/club_roles.jinja
|
||||
msgid ""
|
||||
"Roles give rights on the club. Higher roles grant more rights, and the "
|
||||
"members having them are displayed higher in the club members list."
|
||||
msgstr ""
|
||||
"Les rôles donnent des droits sur le club. Les rôles plus élevés donnent plus "
|
||||
"de droit, et les membres qui les possèdent sont affichés plus haut dans la "
|
||||
"liste des membres."
|
||||
|
||||
#: club/templates/club/club_roles.jinja
|
||||
msgid ""
|
||||
"On this page, you can edit their name and description, as well as their "
|
||||
"order. You can also drag roles from a category to another (e.g. a board role "
|
||||
"can be made into a presidency role)."
|
||||
msgstr ""
|
||||
"Sur cette page, vous pouvez éditer leur nom et leur description, ainsi que "
|
||||
"leur ordre. Vous pouvez également déplacer des rôles d'une catégorie à "
|
||||
"l'autre (par exemple, un rôle du bureau peut devenir un rôle de présidence)."
|
||||
|
||||
#: club/templates/club/club_roles.jinja
|
||||
msgid "Presidency"
|
||||
msgstr "Présidence"
|
||||
|
||||
#: club/templates/club/club_roles.jinja
|
||||
msgid "add role"
|
||||
msgstr "ajouter un rôle"
|
||||
|
||||
#: club/templates/club/club_roles.jinja core/templates/core/base/navbar.jinja
|
||||
msgid "Help"
|
||||
msgstr "Aide"
|
||||
|
||||
#: club/templates/club/club_roles.jinja
|
||||
msgid "Users with a presidency role can :"
|
||||
msgstr "Les utilisateurs avec un rôle de présidence peuvent :"
|
||||
|
||||
#: club/templates/club/club_roles.jinja
|
||||
msgid "create new club roles and edit existing ones"
|
||||
msgstr "créer de nouveaux rôles et modifier ceux qui existent"
|
||||
|
||||
#: club/templates/club/club_roles.jinja
|
||||
msgid "manage the club counters"
|
||||
msgstr "gérer les comptoirs du club"
|
||||
|
||||
#: club/templates/club/club_roles.jinja
|
||||
msgid "add new members with any active role and end any membership"
|
||||
msgstr ""
|
||||
"ajouter de nouveaux membres avec n'importe quel rôle et mettre fin à "
|
||||
"n'importe quelle adhésion au club."
|
||||
|
||||
#: club/templates/club/club_roles.jinja
|
||||
msgid "They also have all the rights of the club board."
|
||||
msgstr "Ils possèdent également tous les droits du bureau."
|
||||
|
||||
#: club/templates/club/club_roles.jinja
|
||||
msgid "Board"
|
||||
msgstr "Bureau"
|
||||
|
||||
#: club/templates/club/club_roles.jinja
|
||||
msgid ""
|
||||
"Board members can do most administrative actions in the club, including :"
|
||||
msgstr ""
|
||||
"Les membres du bureau peuvent effectuer la plupart des actions "
|
||||
"administratives dans le club, incluant :"
|
||||
|
||||
#: club/templates/club/club_roles.jinja
|
||||
msgid "manage the club posters"
|
||||
msgstr "gérer les affiches du club"
|
||||
|
||||
#: club/templates/club/club_roles.jinja
|
||||
msgid "create news for the club"
|
||||
msgstr "créer des nouvelles pour le club"
|
||||
|
||||
#: club/templates/club/club_roles.jinja
|
||||
msgid "click users on the club's counters"
|
||||
msgstr "cliquer des utilisateurs sur les comptoirs du club"
|
||||
|
||||
#: club/templates/club/club_roles.jinja
|
||||
msgid ""
|
||||
"add new members and end active memberships for roles that are lower than "
|
||||
"their own."
|
||||
msgstr ""
|
||||
"ajouter de nouveaux membres et mettre fin à des adhésions en cours, pour des "
|
||||
"rôles plus bas que le leur."
|
||||
|
||||
#: club/templates/club/club_roles.jinja club/views.py
|
||||
msgid "Members"
|
||||
msgstr "Membres"
|
||||
|
||||
#: club/templates/club/club_roles.jinja
|
||||
msgid "Simple members cannot perform administrative actions."
|
||||
msgstr ""
|
||||
"Les simples membres ne peuvent pas effectuer d'actions administratives."
|
||||
|
||||
#: club/templates/club/club_roles.jinja club/templates/club/edit_club.jinja
|
||||
#: club/templates/club/pagerev_edit.jinja com/templates/com/news_edit.jinja
|
||||
#: com/templates/com/poster_edit.jinja com/templates/com/screen_edit.jinja
|
||||
#: com/templates/com/weekmail.jinja core/templates/core/create.jinja
|
||||
#: core/templates/core/edit.jinja core/templates/core/file_edit.jinja
|
||||
#: core/templates/core/fragment/user_visibility.jinja
|
||||
#: core/templates/core/page/edit.jinja core/templates/core/page/prop.jinja
|
||||
#: core/templates/core/user_godfathers.jinja
|
||||
#: core/templates/core/user_godfathers_tree.jinja
|
||||
#: core/templates/core/user_preferences.jinja
|
||||
#: counter/templates/counter/cash_register_summary.jinja
|
||||
#: counter/templates/counter/invoices_call.jinja
|
||||
#: counter/templates/counter/product_form.jinja
|
||||
#: forum/templates/forum/reply.jinja
|
||||
#: subscription/templates/subscription/fragments/creation_form.jinja
|
||||
#: trombi/templates/trombi/comment.jinja
|
||||
#: trombi/templates/trombi/edit_profile.jinja
|
||||
#: trombi/templates/trombi/user_tools.jinja
|
||||
msgid "Save"
|
||||
msgstr "Sauver"
|
||||
|
||||
#: club/templates/club/club_sellings.jinja
|
||||
msgid "Previous"
|
||||
msgstr "Précédent"
|
||||
@@ -731,6 +649,27 @@ msgstr ""
|
||||
"Les champs de formulaire suivants sont liées à la description basique d'un "
|
||||
"club. Tous les membres du bureau du club peuvent voir et modifier ceux-ci."
|
||||
|
||||
#: club/templates/club/edit_club.jinja club/templates/club/pagerev_edit.jinja
|
||||
#: com/templates/com/news_edit.jinja com/templates/com/poster_edit.jinja
|
||||
#: com/templates/com/screen_edit.jinja com/templates/com/weekmail.jinja
|
||||
#: core/templates/core/create.jinja core/templates/core/edit.jinja
|
||||
#: core/templates/core/file_edit.jinja
|
||||
#: core/templates/core/fragment/user_visibility.jinja
|
||||
#: core/templates/core/page/edit.jinja core/templates/core/page/prop.jinja
|
||||
#: core/templates/core/user_godfathers.jinja
|
||||
#: core/templates/core/user_godfathers_tree.jinja
|
||||
#: core/templates/core/user_preferences.jinja
|
||||
#: counter/templates/counter/cash_register_summary.jinja
|
||||
#: counter/templates/counter/invoices_call.jinja
|
||||
#: counter/templates/counter/product_form.jinja
|
||||
#: forum/templates/forum/reply.jinja
|
||||
#: subscription/templates/subscription/fragments/creation_form.jinja
|
||||
#: trombi/templates/trombi/comment.jinja
|
||||
#: trombi/templates/trombi/edit_profile.jinja
|
||||
#: trombi/templates/trombi/user_tools.jinja
|
||||
msgid "Save"
|
||||
msgstr "Sauver"
|
||||
|
||||
#: club/templates/club/fragments/add_member.jinja
|
||||
msgid "Add a new member"
|
||||
msgstr "Ajouter un nouveau membre"
|
||||
@@ -811,6 +750,10 @@ msgstr "Éditer la page"
|
||||
msgid "Infos"
|
||||
msgstr "Infos"
|
||||
|
||||
#: club/views.py
|
||||
msgid "Members"
|
||||
msgstr "Membres"
|
||||
|
||||
#: club/views.py
|
||||
msgid "Old members"
|
||||
msgstr "Anciens membres"
|
||||
@@ -860,27 +803,6 @@ msgstr "Vous êtes maintenant membre de ce club."
|
||||
msgid "%(user)s has been added to club."
|
||||
msgstr "%(user)s a été ajouté au club."
|
||||
|
||||
#: club/views.py
|
||||
msgid "Club roles updated"
|
||||
msgstr "Rôles de club mis à jour"
|
||||
|
||||
#: club/views.py
|
||||
#, python-format
|
||||
msgid "Role %(name)s created"
|
||||
msgstr "Rôle %(name)s créé"
|
||||
|
||||
#: club/views.py
|
||||
msgid "club role – presidency"
|
||||
msgstr "rôle de club – présidence"
|
||||
|
||||
#: club/views.py
|
||||
msgid "club role – board"
|
||||
msgstr "rôle de club – bureau"
|
||||
|
||||
#: club/views.py
|
||||
msgid "club role – member"
|
||||
msgstr "rôle de club – membre"
|
||||
|
||||
#: club/views.py
|
||||
msgid "Benefit"
|
||||
msgstr "Bénéfice"
|
||||
@@ -2023,6 +1945,11 @@ msgstr "Connexion"
|
||||
msgid "Register"
|
||||
msgstr "Inscription"
|
||||
|
||||
#: core/templates/core/base/header.jinja forum/templates/forum/macros.jinja
|
||||
#: matmat/templates/matmat/search_form.jinja
|
||||
msgid "Search"
|
||||
msgstr "Recherche"
|
||||
|
||||
#: core/templates/core/base/header.jinja
|
||||
msgid "Logout"
|
||||
msgstr "Déconnexion"
|
||||
@@ -2104,6 +2031,10 @@ msgstr "Partenaires"
|
||||
msgid "Subscriber benefits"
|
||||
msgstr "Les avantages cotisants"
|
||||
|
||||
#: core/templates/core/base/navbar.jinja
|
||||
msgid "Help"
|
||||
msgstr "Aide"
|
||||
|
||||
#: core/templates/core/base/navbar.jinja
|
||||
msgid "FAQ"
|
||||
msgstr "FAQ"
|
||||
@@ -4363,47 +4294,6 @@ msgstr ""
|
||||
msgid "this page"
|
||||
msgstr "cette page"
|
||||
|
||||
#: eboutic/templates/eboutic/eboutic_main.jinja
|
||||
msgid "Eurockéennes 2025 partnership"
|
||||
msgstr "Partenariat Eurockéennes 2025"
|
||||
|
||||
#: eboutic/templates/eboutic/eboutic_main.jinja
|
||||
msgid ""
|
||||
"Our partner uses Weezevent to sell tickets. Weezevent may collect user info "
|
||||
"according to its own privacy policy. By clicking the accept button you "
|
||||
"consent to their terms of services."
|
||||
msgstr ""
|
||||
"Notre partenaire utilises Wezevent pour vendre ses billets. Weezevent peut "
|
||||
"collecter des informations utilisateur conformément à sa propre politique de "
|
||||
"confidentialité. En cliquant sur le bouton d'acceptation vous consentez à "
|
||||
"leurs termes de service."
|
||||
|
||||
#: eboutic/templates/eboutic/eboutic_main.jinja
|
||||
msgid "Privacy policy"
|
||||
msgstr "Politique de confidentialité"
|
||||
|
||||
#: eboutic/templates/eboutic/eboutic_main.jinja
|
||||
#: trombi/templates/trombi/comment_moderation.jinja
|
||||
msgid "Accept"
|
||||
msgstr "Accepter"
|
||||
|
||||
#: eboutic/templates/eboutic/eboutic_main.jinja
|
||||
msgid ""
|
||||
"You must be subscribed to benefit from the partnership with the Eurockéennes."
|
||||
msgstr ""
|
||||
"Vous devez être cotisant pour bénéficier du partenariat avec les "
|
||||
"Eurockéennes."
|
||||
|
||||
#: eboutic/templates/eboutic/eboutic_main.jinja
|
||||
#, python-format
|
||||
msgid ""
|
||||
"This partnership offers a discount of up to 33%% on tickets for Friday, "
|
||||
"Saturday and Sunday, as well as the 3-day package from Friday to Sunday."
|
||||
msgstr ""
|
||||
"Ce partenariat permet de profiter d'une réduction jusqu'à 33%% sur les "
|
||||
"billets du vendredi, du samedi et du dimanche, ainsi qu'au forfait 3 jours, "
|
||||
"du vendredi au dimanche."
|
||||
|
||||
#: eboutic/templates/eboutic/eboutic_main.jinja
|
||||
msgid "There are no items available for sale"
|
||||
msgstr "Aucun article n'est disponible à la vente"
|
||||
@@ -5558,6 +5448,42 @@ msgstr "Cursus alternant (-20%)"
|
||||
msgid "One year for free(CA offer)"
|
||||
msgstr "Une année offerte (Offre CA)"
|
||||
|
||||
#: sith/settings.py
|
||||
msgid "President"
|
||||
msgstr "Président⸱e"
|
||||
|
||||
#: sith/settings.py
|
||||
msgid "Vice-President"
|
||||
msgstr "Vice-Président⸱e"
|
||||
|
||||
#: sith/settings.py
|
||||
msgid "Treasurer"
|
||||
msgstr "Trésorier⸱e"
|
||||
|
||||
#: sith/settings.py
|
||||
msgid "Communication supervisor"
|
||||
msgstr "Responsable communication"
|
||||
|
||||
#: sith/settings.py
|
||||
msgid "Secretary"
|
||||
msgstr "Secrétaire"
|
||||
|
||||
#: sith/settings.py
|
||||
msgid "IT supervisor"
|
||||
msgstr "Responsable info"
|
||||
|
||||
#: sith/settings.py
|
||||
msgid "Board member"
|
||||
msgstr "Membre du bureau"
|
||||
|
||||
#: sith/settings.py
|
||||
msgid "Active member"
|
||||
msgstr "Membre actif⸱ve"
|
||||
|
||||
#: sith/settings.py
|
||||
msgid "Curious"
|
||||
msgstr "Curieux⸱euse"
|
||||
|
||||
#: sith/settings.py
|
||||
msgid "A new poster needs to be moderated"
|
||||
msgstr "Une nouvelle affiche a besoin d'être modérée"
|
||||
@@ -5794,6 +5720,10 @@ msgstr "fin"
|
||||
msgid "Moderate Trombi comments"
|
||||
msgstr "Modérer les commentaires du Trombi"
|
||||
|
||||
#: trombi/templates/trombi/comment_moderation.jinja
|
||||
msgid "Accept"
|
||||
msgstr "Accepter"
|
||||
|
||||
#: trombi/templates/trombi/comment_moderation.jinja
|
||||
msgid "Reject"
|
||||
msgstr "Refuser"
|
||||
@@ -6035,3 +5965,39 @@ msgstr "Vous ne pouvez plus écrire de commentaires, la date est passée."
|
||||
#, python-format
|
||||
msgid "Maximum characters: %(max_length)s"
|
||||
msgstr "Nombre de caractères max: %(max_length)s"
|
||||
|
||||
#: eboutic/templates/eboutic/eboutic_main.jinja
|
||||
msgid "Eurockéennes 2025 partnership"
|
||||
msgstr "Partenariat Eurockéennes 2025"
|
||||
|
||||
#: eboutic/templates/eboutic/eboutic_main.jinja
|
||||
msgid ""
|
||||
"Our partner uses Weezevent to sell tickets. Weezevent may collect user info "
|
||||
"according to its own privacy policy. By clicking the accept button you "
|
||||
"consent to their terms of services."
|
||||
msgstr ""
|
||||
"Notre partenaire utilises Wezevent pour vendre ses billets. Weezevent peut "
|
||||
"collecter des informations utilisateur conformément à sa propre politique de "
|
||||
"confidentialité. En cliquant sur le bouton d'acceptation vous consentez à "
|
||||
"leurs termes de service."
|
||||
|
||||
#: eboutic/templates/eboutic/eboutic_main.jinja
|
||||
msgid "Privacy policy"
|
||||
msgstr "Politique de confidentialité"
|
||||
|
||||
#: eboutic/templates/eboutic/eboutic_main.jinja
|
||||
msgid ""
|
||||
"You must be subscribed to benefit from the partnership with the Eurockéennes."
|
||||
msgstr ""
|
||||
"Vous devez être cotisant pour bénéficier du partenariat avec les "
|
||||
"Eurockéennes."
|
||||
|
||||
#: eboutic/templates/eboutic/eboutic_main.jinja
|
||||
#, python-format
|
||||
msgid ""
|
||||
"This partnership offers a discount of up to 33%% on tickets for Friday, "
|
||||
"Saturday and Sunday, as well as the 3-day package from Friday to Sunday."
|
||||
msgstr ""
|
||||
"Ce partenariat permet de profiter d'une réduction jusqu'à 33%% sur les "
|
||||
"billets du vendredi, du samedi et du dimanche, ainsi qu'au forfait 3 jours, "
|
||||
"du vendredi au dimanche."
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2026-04-17 22:42+0200\n"
|
||||
"POT-Creation-Date: 2025-11-26 15:45+0100\n"
|
||||
"PO-Revision-Date: 2024-09-17 11:54+0200\n"
|
||||
"Last-Translator: Sli <antoine@bartuccio.fr>\n"
|
||||
"Language-Team: AE info <ae.info@utbm.fr>\n"
|
||||
@@ -17,14 +17,6 @@ msgstr ""
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
|
||||
|
||||
#: club/static/bundled/club/role-list-index.ts
|
||||
msgid ""
|
||||
"You're going to remove your own role from the presidency. You may lock "
|
||||
"yourself out of this page. Do you want to continue ? "
|
||||
msgstr ""
|
||||
"Vous vous apprêtez à retirer votre propre rôle de la présidence. Vous risquez "
|
||||
"de perdre l'accès à cette page. Voulez-vous continuer ?"
|
||||
|
||||
#: com/static/bundled/com/components/ics-calendar-index.ts
|
||||
msgid "More info"
|
||||
msgstr "Plus d'informations"
|
||||
@@ -279,5 +271,4 @@ msgstr "Il n'a pas été possible de supprimer l'image"
|
||||
msgid ""
|
||||
"Wrong timetable format. Make sure you copied if from your student folder."
|
||||
msgstr ""
|
||||
"Mauvais format d'emploi du temps. Assurez-vous que vous l'avez copié depuis "
|
||||
"votre dossier étudiant."
|
||||
"Mauvais format d'emploi du temps. Assurez-vous que vous l'avez copié depuis votre dossier étudiants."
|
||||
|
||||
@@ -69,6 +69,7 @@ nav:
|
||||
- API:
|
||||
- Développement: tutorial/api/dev.md
|
||||
- Connexion à l'API: tutorial/api/connect.md
|
||||
- Liaison avec le compte AE: tutorial/api/account-link.md
|
||||
- Etransactions: tutorial/etransaction.md
|
||||
- How-to:
|
||||
- L'ORM de Django: howto/querysets.md
|
||||
@@ -92,6 +93,8 @@ nav:
|
||||
- reference/api/hashers.md
|
||||
- reference/api/models.md
|
||||
- reference/api/perms.md
|
||||
- reference/api/schemas.md
|
||||
- reference/api/views.md
|
||||
- club:
|
||||
- reference/club/models.md
|
||||
- reference/club/views.md
|
||||
|
||||
@@ -404,6 +404,8 @@ SITH_FORUM_PAGE_LENGTH = 30
|
||||
SITH_SAS_ROOT_DIR_ID = env.int("SITH_SAS_ROOT_DIR_ID", default=4)
|
||||
SITH_SAS_IMAGES_PER_PAGE = 60
|
||||
|
||||
SITH_CGU_FILE_ID = env.int("SITH_CGU_FILE_ID", default=5)
|
||||
|
||||
SITH_PROFILE_DEPARTMENTS = [
|
||||
("TC", _("TC")),
|
||||
("IMSI", _("IMSI")),
|
||||
@@ -574,6 +576,35 @@ SITH_SUBSCRIPTIONS = {
|
||||
# To be completed....
|
||||
}
|
||||
|
||||
SITH_CLUB_ROLES_ID = {
|
||||
"President": 10,
|
||||
"Vice-President": 9,
|
||||
"Treasurer": 7,
|
||||
"Communication supervisor": 5,
|
||||
"Secretary": 4,
|
||||
"IT supervisor": 3,
|
||||
"Board member": 2,
|
||||
"Active member": 1,
|
||||
"Curious": 0,
|
||||
}
|
||||
|
||||
SITH_CLUB_ROLES = {
|
||||
10: _("President"),
|
||||
9: _("Vice-President"),
|
||||
7: _("Treasurer"),
|
||||
5: _("Communication supervisor"),
|
||||
4: _("Secretary"),
|
||||
3: _("IT supervisor"),
|
||||
2: _("Board member"),
|
||||
1: _("Active member"),
|
||||
0: _("Curious"),
|
||||
}
|
||||
|
||||
# This corresponds to the maximum role a user can freely subscribe to
|
||||
# In this case, SITH_MAXIMUM_FREE_ROLE=1 means that a user can
|
||||
# set himself as "Membre actif" or "Curieux", but not higher
|
||||
SITH_MAXIMUM_FREE_ROLE = 1
|
||||
|
||||
# Minutes to timeout the logged barmen
|
||||
SITH_BARMAN_TIMEOUT = 30
|
||||
|
||||
|
||||
@@ -34,6 +34,7 @@ urlpatterns = [
|
||||
path("", include(("core.urls", "core"), namespace="core")),
|
||||
path("sitemap.xml", cache_page(86400)(sitemap), {"sitemaps": sitemaps}),
|
||||
path("api/", api.urls),
|
||||
path("api-link/", include(("api.urls", "api-link"), namespace="api-link")),
|
||||
path("rootplace/", include(("rootplace.urls", "rootplace"), namespace="rootplace")),
|
||||
path(
|
||||
"subscription/",
|
||||
|
||||
@@ -4,7 +4,7 @@ from django.urls import reverse
|
||||
from model_bakery import baker
|
||||
from pytest_django.asserts import assertRedirects
|
||||
|
||||
from club.models import Club, ClubRole, Membership
|
||||
from club.models import Club, Membership
|
||||
from core.baker_recipes import subscriber_user
|
||||
from core.models import User
|
||||
|
||||
@@ -15,8 +15,7 @@ class TestSubscriptionPermission(TestCase):
|
||||
cls.user: User = subscriber_user.make()
|
||||
cls.admin = baker.make(User, is_superuser=True)
|
||||
cls.club = baker.make(Club)
|
||||
role = baker.make(ClubRole, club=cls.club, is_board=True)
|
||||
baker.make(Membership, user=cls.user, club=cls.club, role=role)
|
||||
baker.make(Membership, user=cls.user, club=cls.club, role=7)
|
||||
|
||||
def test_give_permission(self):
|
||||
self.client.force_login(self.admin)
|
||||
|
||||
+5
-6
@@ -23,6 +23,7 @@
|
||||
|
||||
from datetime import date
|
||||
|
||||
from django.conf import settings
|
||||
from django.core.exceptions import ValidationError
|
||||
from django.db import models
|
||||
from django.urls import reverse
|
||||
@@ -151,12 +152,10 @@ class TrombiUser(models.Model):
|
||||
|
||||
def make_memberships(self):
|
||||
self.memberships.all().delete()
|
||||
for m in (
|
||||
self.user.memberships.filter(role__is_board=True)
|
||||
.select_related("role")
|
||||
.order_by("end_date")
|
||||
):
|
||||
role = m.role.name
|
||||
for m in self.user.memberships.filter(
|
||||
role__gt=settings.SITH_MAXIMUM_FREE_ROLE
|
||||
).order_by("end_date"):
|
||||
role = str(settings.SITH_CLUB_ROLES[m.role])
|
||||
if m.description:
|
||||
role += " (%s)" % m.description
|
||||
end_date = get_semester_code(m.end_date) if m.end_date else ""
|
||||
|
||||
@@ -815,10 +815,11 @@ wheels = [
|
||||
|
||||
[[package]]
|
||||
name = "griffelib"
|
||||
version = "2.0.0"
|
||||
version = "2.0.2"
|
||||
source = { registry = "https://pypi.org/simple" }
|
||||
sdist = { url = "https://files.pythonhosted.org/packages/9d/82/74f4a3310cdabfbb10da554c3a672847f1ed33c6f61dd472681ce7f1fe67/griffelib-2.0.2.tar.gz", hash = "sha256:3cf20b3bc470e83763ffbf236e0076b1211bac1bc67de13daf494640f2de707e", size = 166461, upload-time = "2026-03-27T11:34:51.091Z" }
|
||||
wheels = [
|
||||
{ url = "https://files.pythonhosted.org/packages/4d/51/c936033e16d12b627ea334aaaaf42229c37620d0f15593456ab69ab48161/griffelib-2.0.0-py3-none-any.whl", hash = "sha256:01284878c966508b6d6f1dbff9b6fa607bc062d8261c5c7253cb285b06422a7f", size = 142004, upload-time = "2026-02-09T19:09:40.561Z" },
|
||||
{ url = "https://files.pythonhosted.org/packages/11/8c/c9138d881c79aa0ea9ed83cbd58d5ca75624378b38cee225dcf5c42cc91f/griffelib-2.0.2-py3-none-any.whl", hash = "sha256:925c857658fb1ba40c0772c37acbc2ab650bd794d9c1b9726922e36ea4117ea1", size = 142357, upload-time = "2026-03-27T11:34:46.275Z" },
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
||||
Reference in New Issue
Block a user