klmp200/Sith
1
0
Fork 0
mirror of https://github.com/ae-utbm/sith.git synced 2026-03-22 03:25:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: klmp200:club-role
Branches Tags
klmp200:master klmp200:club-role klmp200:user-whitelist klmp200:club-list klmp200:gh-pages klmp200:taiste klmp200:cgu klmp200:price klmp200:rgpd klmp200:discord-auth klmp200:photos klmp200:room-reservation klmp200:galaxy klmp200:subscription-from-counter klmp200:ia-explanation klmp200:docker klmp200:windows-update klmp200:trombi klmp200:counter-activity-stats
..
compare: klmp200:discord-auth
Branches Tags
klmp200:club-role klmp200:user-whitelist klmp200:club-list klmp200:gh-pages klmp200:taiste klmp200:cgu klmp200:price klmp200:rgpd klmp200:discord-auth klmp200:master klmp200:photos klmp200:room-reservation klmp200:galaxy klmp200:subscription-from-counter klmp200:ia-explanation klmp200:docker klmp200:windows-update klmp200:trombi klmp200:counter-activity-stats

11 Commits
club-role ... discord-au

Author SHA1 Message Date
imperosol
f3c67fd38b doc: third-party auth 2026-03-12 19:03:47 +01:00
imperosol
338bb5300f translation: third-party authentication 2026-03-12 19:03:47 +01:00
imperosol
0e2ed2f102 write tests 2026-03-12 19:03:47 +01:00
imperosol
22b83692a7 third-party authentication views 2026-03-12 19:01:58 +01:00
imperosol
86f51066c2 add CGU/EULA to populate command 2026-03-11 16:23:03 +01:00
imperosol
494ee518b6 test populate_more command 2026-03-11 16:23:03 +01:00
imperosol
39fd5525cd hmac_hexdigest util function 2026-03-11 16:23:03 +01:00
imperosol
a18178c4a8 compact notifications jinja 
C'est pas la branche la plus appropriée, mais ça gène mon debug de devoir scroller plus longtemps dans l'html des réponses à cause de la place que prennent les notifs.
 2026-03-11 16:23:03 +01:00
imperosol
b363a5f259 add hmac_key to ApiClient 2026-03-11 16:23:03 +01:00
imperosol
72bc35bac8 move ResultConverter to core app 2026-03-11 16:23:03 +01:00
imperosol
f0b55e3fe3 feat: api route to get api client infos 2026-03-11 16:23:03 +01:00
79 changed files with 3179 additions and 2508 deletions
Expand all files Collapse all files

3
.gitignore vendored
View File

@@ -24,9 +24,6 @@ node_modules/
# compiled documentation # compiled documentation
site/ site/
# rollup-bundle-visualizer report
.bundle-size-report.html
### Redis ### ### Redis ###
# Ignore redis binary dump (dump.rdb) files # Ignore redis binary dump (dump.rdb) files

4
.pre-commit-config.yaml
View File

@@ -1,7 +1,7 @@
repos: repos:
- repo: https://github.com/astral-sh/ruff-pre-commit - repo: https://github.com/astral-sh/ruff-pre-commit
# Ruff version. # Ruff version.
rev: v0.15.5 rev: v0.15.0
hooks: hooks:
- id: ruff-check # just check the code, and print the errors - id: ruff-check # just check the code, and print the errors
- id: ruff-check # actually fix the fixable errors, but print nothing - id: ruff-check # actually fix the fixable errors, but print nothing
@@ -12,7 +12,7 @@ repos:
rev: v0.6.1 rev: v0.6.1
hooks: hooks:
- id: biome-check - id: biome-check
additional_dependencies: ["@biomejs/biome@2.4.6"] additional_dependencies: ["@biomejs/biome@2.3.14"]
- repo: https://github.com/rtts/djhtml - repo: https://github.com/rtts/djhtml
rev: 3.0.10 rev: 3.0.10
hooks: hooks:

9
api/admin.py
View File

@@ -17,6 +17,15 @@ class ApiClientAdmin(admin.ModelAdmin):
"owner__nick_name", "owner__nick_name",
) )
autocomplete_fields = ("owner", "groups", "client_permissions") autocomplete_fields = ("owner", "groups", "client_permissions")
readonly_fields = ("hmac_key",)
actions = ("reset_hmac_key",)
@admin.action(permissions=["change"], description=_("Reset HMAC key"))
def reset_hmac_key(self, _request: HttpRequest, queryset: QuerySet[ApiClient]):
objs = list(queryset)
for obj in objs:
obj.reset_hmac(commit=False)
ApiClient.objects.bulk_update(objs, fields=["hmac_key"])
@admin.register(ApiKey) @admin.register(ApiKey)

16
api/api.py Normal file
View File

@@ -0,0 +1,16 @@
from ninja_extra import ControllerBase, api_controller, route
from api.auth import ApiKeyAuth
from api.schemas import ApiClientSchema
@api_controller("/client")
class ApiClientController(ControllerBase):
@route.get(
"/me",
auth=[ApiKeyAuth()],
response=ApiClientSchema,
url_name="api-client-infos",
)
def get_client_info(self):
return self.context.request.auth

35
api/forms.py Normal file
View File

@@ -0,0 +1,35 @@
from django import forms
from django.forms import HiddenInput
from django.utils.translation import gettext_lazy as _
class ThirdPartyAuthForm(forms.Form):
"""Form to complete to authenticate on the sith from a third-party app.
For the form to be valid, the user approve the EULA (french: CGU)
and give its username from the third-party app.
"""
cgu_accepted = forms.BooleanField(
required=True,
label=_("I have read and I accept the terms and conditions of use"),
error_messages={
"required": _("You must approve the terms and conditions of use.")
},
)
is_username_valid = forms.BooleanField(
required=True,
error_messages={"required": _("You must confirm that this is your username.")},
)
client_id = forms.IntegerField(widget=HiddenInput())
third_party_app = forms.CharField(widget=HiddenInput())
privacy_link = forms.URLField(widget=HiddenInput())
username = forms.CharField(widget=HiddenInput())
callback_url = forms.URLField(widget=HiddenInput())
signature = forms.CharField(widget=HiddenInput())
def __init__(self, *args, label_suffix: str = "", initial, **kwargs):
super().__init__(*args, label_suffix=label_suffix, initial=initial, **kwargs)
self.fields["is_username_valid"].label = _(
"I confirm that %(username)s is my username on %(app)s"
) % {"username": initial.get("username"), "app": initial.get("third_party_app")}

19
api/migrations/0002_apiclient_hmac_key.py Normal file
View File

@@ -0,0 +1,19 @@
# Generated by Django 5.2.3 on 2025-10-26 10:15
from django.db import migrations, models
import api.models
class Migration(migrations.Migration):
dependencies = [("api", "0001_initial")]
operations = [
migrations.AddField(
model_name="apiclient",
name="hmac_key",
field=models.CharField(
default=api.models.get_hmac_key, max_length=128, verbose_name="HMAC Key"
),
),
]

55
api/models.py
View File

@@ -1,13 +1,20 @@
import secrets
from typing import Iterable from typing import Iterable
from django.contrib.auth.models import Permission from django.contrib.auth.models import Permission
from django.db import models from django.db import models
from django.db.models import Q
from django.utils.functional import cached_property
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from django.utils.translation import pgettext_lazy from django.utils.translation import pgettext_lazy
from core.models import Group, User from core.models import Group, User
def get_hmac_key():
return secrets.token_hex(64)
class ApiClient(models.Model): class ApiClient(models.Model):
name = models.CharField(_("name"), max_length=64) name = models.CharField(_("name"), max_length=64)
owner = models.ForeignKey( owner = models.ForeignKey(
@@ -26,11 +33,10 @@ class ApiClient(models.Model):
help_text=_("Specific permissions for this api client."), help_text=_("Specific permissions for this api client."),
related_name="clients", related_name="clients",
) )
hmac_key = models.CharField(_("HMAC Key"), max_length=128, default=get_hmac_key)
created_at = models.DateTimeField(auto_now_add=True) created_at = models.DateTimeField(auto_now_add=True)
updated_at = models.DateTimeField(auto_now=True) updated_at = models.DateTimeField(auto_now=True)
_perm_cache: set[str] | None = None
class Meta: class Meta:
verbose_name = _("api client") verbose_name = _("api client")
verbose_name_plural = _("api clients") verbose_name_plural = _("api clients")
@@ -38,33 +44,38 @@ class ApiClient(models.Model):
def __str__(self): def __str__(self):
return self.name return self.name
@cached_property
def all_permissions(self) -> set[str]:
permissions = (
Permission.objects.filter(
Q(group__group__in=self.groups.all()) | Q(clients=self)
)
.values_list("content_type__app_label", "codename")
.order_by()
)
return {f"{content_type}.{name}" for content_type, name in permissions}
def has_perm(self, perm: str): def has_perm(self, perm: str):
"""Return True if the client has the specified permission.""" """Return True if the client has the specified permission."""
return perm in self.all_permissions
if self._perm_cache is None: def has_perms(self, perm_list: Iterable[str]) -> bool:
group_permissions = ( """Return True if the client has each of the specified permissions."""
Permission.objects.filter(group__group__in=self.groups.all())
.values_list("content_type__app_label", "codename")
.order_by()
)
client_permissions = self.client_permissions.values_list(
"content_type__app_label", "codename"
).order_by()
self._perm_cache = {
f"{content_type}.{name}"
for content_type, name in (*group_permissions, *client_permissions)
}
return perm in self._perm_cache
def has_perms(self, perm_list):
"""
Return True if the client has each of the specified permissions. If
object is passed, check if the client has all required perms for it.
"""
if not isinstance(perm_list, Iterable) or isinstance(perm_list, str): if not isinstance(perm_list, Iterable) or isinstance(perm_list, str):
raise ValueError("perm_list must be an iterable of permissions.") raise ValueError("perm_list must be an iterable of permissions.")
return all(self.has_perm(perm) for perm in perm_list) return all(self.has_perm(perm) for perm in perm_list)
def reset_hmac(self, *, commit: bool = True) -> str:
"""Reset and return the HMAC key for this client.
Args:
commit: if True (the default), persist the new hmac in db.
"""
self.hmac_key = get_hmac_key()
if commit:
self.save()
return self.hmac_key
class ApiKey(models.Model): class ApiKey(models.Model):
PREFIX_LENGTH = 5 PREFIX_LENGTH = 5

23
api/schemas.py Normal file
View File

@@ -0,0 +1,23 @@
from ninja import ModelSchema, Schema
from pydantic import Field, HttpUrl
from api.models import ApiClient
from core.schemas import SimpleUserSchema
class ApiClientSchema(ModelSchema):
class Meta:
model = ApiClient
fields = ["id", "name"]
owner: SimpleUserSchema
permissions: list[str] = Field(alias="all_permissions")
class ThirdPartyAuthParamsSchema(Schema):
client_id: int
third_party_app: str
privacy_link: HttpUrl
username: str
callback_url: HttpUrl
signature: str

32
api/templates/api/third_party/auth.jinja vendored Normal file
View File

@@ -0,0 +1,32 @@
{% extends "core/base.jinja" %}
{% block content %}
<form method="post">
{% csrf_token %}
<h3>{% trans %}Confidentiality{% endtrans %}</h3>
<p>
{% trans trimmed app=third_party_app %}
By ticking this box and clicking on the send button, you
acknowledge and agree to provide {{ app }} with your
first name, last name, nickname and any other information
that was the third party app was explicitly authorized to fetch
and that it must have acknowledged to you, in a complete and accurate manner.
{% endtrans %}
</p>
<p class="margin-bottom">
{% trans trimmed app=third_party_app, privacy_link=third_party_cgu, sith_cgu_link=sith_cgu %}
The privacy policies of <a href="{{ privacy_link }}">{{ app }}</a>
and of <a href="{{ sith_cgu_link }}">the Students' Association</a>
applies as soon as the form is submitted.
{% endtrans %}
</p>
<div class="row">{{ form.cgu_accepted }} {{ form.cgu_accepted.label_tag() }}</div>
<br>
<h3 class="margin-bottom">{% trans %}Confirmation of identity{% endtrans %}</h3>
<div class="row margin-bottom">
{{ form.is_username_valid }} {{ form.is_username_valid.label_tag() }}
</div>
{% for field in form.hidden_fields() %}{{ field }}{% endfor %}
<input type="submit" class="btn btn-blue">
</form>
{% endblock %}

24
api/tests/test_admin.py Normal file
View File

@@ -0,0 +1,24 @@
import pytest
from django.contrib.admin import AdminSite
from django.http import HttpRequest
from model_bakery import baker
from pytest_django.asserts import assertNumQueries
from api.admin import ApiClientAdmin
from api.models import ApiClient
@pytest.mark.django_db
def test_reset_hmac_action():
client_admin = ApiClientAdmin(ApiClient, AdminSite())
api_clients = baker.make(ApiClient, _quantity=4, _bulk_create=True)
old_hmac_keys = [c.hmac_key for c in api_clients]
with assertNumQueries(2):
qs = ApiClient.objects.filter(id__in=[c.id for c in api_clients[2:4]])
client_admin.reset_hmac_key(HttpRequest(), qs)
for c in api_clients:
c.refresh_from_db()
assert api_clients[0].hmac_key == old_hmac_keys[0]
assert api_clients[1].hmac_key == old_hmac_keys[1]
assert api_clients[2].hmac_key != old_hmac_keys[2]
assert api_clients[3].hmac_key != old_hmac_keys[3]

18
api/tests/test_api_client_controller.py Normal file
View File

@@ -0,0 +1,18 @@
import pytest
from django.test import Client
from django.urls import reverse
from model_bakery import baker
from api.hashers import generate_key
from api.models import ApiClient, ApiKey
from api.schemas import ApiClientSchema
@pytest.mark.django_db
def test_api_client_controller(client: Client):
key, hashed = generate_key()
api_client = baker.make(ApiClient)
baker.make(ApiKey, client=api_client, hashed_key=hashed)
res = client.get(reverse("api:api-client-infos"), headers={"X-APIKey": key})
assert res.status_code == 200
assert res.json() == ApiClientSchema.from_orm(api_client).model_dump()

59
api/tests/test_client.py Normal file
View File

@@ -0,0 +1,59 @@
import pytest
from django.contrib.auth.models import Permission
from django.test import TestCase
from model_bakery import baker
from api.models import ApiClient
from core.models import Group
class TestClientPermissions(TestCase):
@classmethod
def setUpTestData(cls):
cls.api_client = baker.make(ApiClient)
cls.perms = baker.make(Permission, _quantity=10, _bulk_create=True)
cls.api_client.groups.set(
[
baker.make(Group, permissions=cls.perms[0:3]),
baker.make(Group, permissions=cls.perms[3:5]),
]
)
cls.api_client.client_permissions.set(
[cls.perms[3], cls.perms[5], cls.perms[6], cls.perms[7]]
)
def test_all_permissions(self):
assert self.api_client.all_permissions == {
f"{p.content_type.app_label}.{p.codename}" for p in self.perms[0:8]
}
def test_has_perm(self):
assert self.api_client.has_perm(
f"{self.perms[1].content_type.app_label}.{self.perms[1].codename}"
)
assert not self.api_client.has_perm(
f"{self.perms[9].content_type.app_label}.{self.perms[9].codename}"
)
def test_has_perms(self):
assert self.api_client.has_perms(
[
f"{self.perms[1].content_type.app_label}.{self.perms[1].codename}",
f"{self.perms[2].content_type.app_label}.{self.perms[2].codename}",
]
)
assert not self.api_client.has_perms(
[
f"{self.perms[1].content_type.app_label}.{self.perms[1].codename}",
f"{self.perms[9].content_type.app_label}.{self.perms[9].codename}",
],
)
@pytest.mark.django_db
def test_reset_hmac_key():
client = baker.make(ApiClient)
original_key = client.hmac_key
client.reset_hmac(commit=True)
assert len(client.hmac_key) == len(original_key)
assert client.hmac_key != original_key

114
api/tests/test_third_party_auth.py Normal file
View File

@@ -0,0 +1,114 @@
from unittest import mock
from unittest.mock import Mock
from django.db.models import Max
from django.test import TestCase
from django.urls import reverse
from model_bakery import baker
from pytest_django.asserts import assertRedirects
from api.models import ApiClient, get_hmac_key
from core.baker_recipes import subscriber_user
from core.schemas import UserProfileSchema
from core.utils import hmac_hexdigest
def mocked_post(*, ok: bool):
class MockedResponse(Mock):
@property
def ok(self):
return ok
def mocked():
return MockedResponse()
return mocked
class TestThirdPartyAuth(TestCase):
@classmethod
def setUpTestData(cls):
cls.user = subscriber_user.make()
cls.api_client = baker.make(ApiClient)
def setUp(self):
self.query = {
"client_id": self.api_client.id,
"third_party_app": "app",
"privacy_link": "https://foobar.fr/",
"username": "bibou",
"callback_url": "https://callback.fr/",
}
self.query["signature"] = hmac_hexdigest(self.api_client.hmac_key, self.query)
self.callback_data = {
"user": UserProfileSchema.from_orm(self.user).model_dump()
}
self.callback_data["signature"] = hmac_hexdigest(
self.api_client.hmac_key, self.callback_data["user"]
)
def test_auth_ok(self):
self.client.force_login(self.user)
res = self.client.get(reverse("api-link:third-party-auth", query=self.query))
assert res.status_code == 200
with mock.patch("requests.post", new_callable=mocked_post(ok=True)) as mocked:
res = self.client.post(
reverse("api-link:third-party-auth"),
data={"cgu_accepted": True, "is_username_valid": True, **self.query},
)
mocked.assert_called_once_with(
self.query["callback_url"], json=self.callback_data
)
assertRedirects(
res,
reverse("api-link:third-party-auth-result", kwargs={"result": "success"}),
)
def test_callback_error(self):
"""Test that the user see the failure page if the callback request failed."""
self.client.force_login(self.user)
with mock.patch("requests.post", new_callable=mocked_post(ok=False)) as mocked:
res = self.client.post(
reverse("api-link:third-party-auth"),
data={"cgu_accepted": True, "is_username_valid": True, **self.query},
)
mocked.assert_called_once_with(
self.query["callback_url"], json=self.callback_data
)
assertRedirects(
res,
reverse("api-link:third-party-auth-result", kwargs={"result": "failure"}),
)
def test_wrong_signature(self):
"""Test that a 403 is raised if the signature of the query is wrong."""
self.client.force_login(subscriber_user.make())
new_key = get_hmac_key()
del self.query["signature"]
self.query["signature"] = hmac_hexdigest(new_key, self.query)
res = self.client.get(reverse("api-link:third-party-auth", query=self.query))
assert res.status_code == 403
def test_cgu_not_accepted(self):
self.client.force_login(self.user)
res = self.client.get(reverse("api-link:third-party-auth", query=self.query))
assert res.status_code == 200
res = self.client.post(reverse("api-link:third-party-auth"), data=self.query)
assert res.status_code == 200 # no redirect means invalid form
res = self.client.post(
reverse("api-link:third-party-auth"),
data={"cgu_accepted": False, "is_username_valid": False, **self.query},
)
assert res.status_code == 200
def test_invalid_client(self):
self.query["client_id"] = ApiClient.objects.aggregate(res=Max("id"))["res"] + 1
res = self.client.get(reverse("api-link:third-party-auth", query=self.query))
assert res.status_code == 403
def test_missing_parameter(self):
"""Test that a 403 is raised if there is a missing parameter."""
del self.query["username"]
self.query["signature"] = hmac_hexdigest(self.api_client.hmac_key, self.query)
res = self.client.get(reverse("api-link:third-party-auth", query=self.query))
assert res.status_code == 403

15
api/urls.py
View File

@@ -1,6 +1,10 @@
from django.urls import path, register_converter
from ninja.security import SessionAuth from ninja.security import SessionAuth
from ninja_extra import NinjaExtraAPI from ninja_extra import NinjaExtraAPI
from api.views import ThirdPartyAuthResultView, ThirdPartyAuthView
from core.converters import ResultConverter
api = NinjaExtraAPI( api = NinjaExtraAPI(
title="PICON", title="PICON",
description="Portail Interactif de Communication avec les Outils Numériques", description="Portail Interactif de Communication avec les Outils Numériques",
@@ -9,3 +13,14 @@ api = NinjaExtraAPI(
auth=[SessionAuth()], auth=[SessionAuth()],
) )
api.auto_discover_controllers() api.auto_discover_controllers()
register_converter(ResultConverter, "res")
urlpatterns = [
path("auth/", ThirdPartyAuthView.as_view(), name="third-party-auth"),
path(
"auth/<res:result>/",
ThirdPartyAuthResultView.as_view(),
name="third-party-auth-result",
),
]

119
api/views.py Normal file
View File

@@ -0,0 +1,119 @@
import hmac
from urllib.parse import unquote
import pydantic
import requests
from django.conf import settings
from django.contrib import messages
from django.contrib.auth.mixins import LoginRequiredMixin
from django.core.exceptions import PermissionDenied
from django.urls import reverse, reverse_lazy
from django.utils.translation import gettext as _
from django.views.generic import FormView, TemplateView
from ninja_extra.shortcuts import get_object_or_none
from api.forms import ThirdPartyAuthForm
from api.models import ApiClient
from api.schemas import ThirdPartyAuthParamsSchema
from core.models import SithFile
from core.schemas import UserProfileSchema
from core.utils import hmac_hexdigest
class ThirdPartyAuthView(LoginRequiredMixin, FormView):
form_class = ThirdPartyAuthForm
template_name = "api/third_party/auth.jinja"
success_url = reverse_lazy("core:index")
def parse_params(self) -> ThirdPartyAuthParamsSchema:
"""Parse and check the authentication parameters.
Raises:
PermissionDenied: if the verification failed.
"""
# This is here rather than in ThirdPartyAuthForm because
# the given parameters and their signature are checked during both
# POST (for obvious reasons) and GET (in order not to make
# the user fill a form just to get an error he won't understand)
params = self.request.GET or self.request.POST
params = {key: unquote(val) for key, val in params.items()}
try:
params = ThirdPartyAuthParamsSchema(**params)
except pydantic.ValidationError as e:
raise PermissionDenied("Wrong data format") from e
client: ApiClient = get_object_or_none(ApiClient, id=params.client_id)
if not client:
raise PermissionDenied
if not hmac.compare_digest(
hmac_hexdigest(client.hmac_key, params.model_dump(exclude={"signature"})),
params.signature,
):
raise PermissionDenied("Bad signature")
return params
def dispatch(self, request, *args, **kwargs):
self.params = self.parse_params()
return super().dispatch(request, *args, **kwargs)
def get(self, *args, **kwargs):
messages.warning(
self.request,
_(
"You are going to link your AE account and your %(app)s account. "
"Continue only if this page was opened from %(app)s."
)
% {"app": self.params.third_party_app},
)
return super().get(*args, **kwargs)
def get_initial(self):
return self.params.model_dump()
def form_valid(self, form):
client = ApiClient.objects.get(id=form.cleaned_data["client_id"])
user = UserProfileSchema.from_orm(self.request.user).model_dump()
data = {"user": user, "signature": hmac_hexdigest(client.hmac_key, user)}
response = requests.post(form.cleaned_data["callback_url"], json=data)
self.success_url = reverse(
"api-link:third-party-auth-result",
kwargs={"result": "success" if response.ok else "failure"},
)
return super().form_valid(form)
def get_context_data(self, **kwargs):
return super().get_context_data(**kwargs) | {
"third_party_app": self.params.third_party_app,
"third_party_cgu": self.params.privacy_link,
"sith_cgu": SithFile.objects.get(id=settings.SITH_CGU_FILE_ID),
}
class ThirdPartyAuthResultView(LoginRequiredMixin, TemplateView):
"""View that the user will see if its authentication on sith was successful.
This can show either a success or a failure message :
- success : everything is good, the user is successfully authenticated
and can close the page
- failure : the authentication has been processed on the sith side,
but the request to the callback url received an error.
In such a case, there is nothing much we can do but to advice
the user to contact the developers of the third-party app.
"""
template_name = "core/base.jinja"
success_message = _(
"You have been successfully authenticated. You can now close this page."
)
error_message = _(
"Your authentication on the AE website was successful, "
"but an error happened during the interaction "
"with the third-party application. "
"Please contact the managers of the latter."
)
def get(self, request, *args, **kwargs):
if self.kwargs.get("result") == "success":
messages.success(request, self.success_message)
else:
messages.error(request, self.error_message)
return super().get(request, *args, **kwargs)

2
biome.json
View File

@@ -7,7 +7,7 @@
}, },
"files": { "files": {
"ignoreUnknown": false, "ignoreUnknown": false,
"includes": ["**/static/**", "vite.config.mts"] "includes": ["**/static/**"]
}, },
"formatter": { "formatter": {
"enabled": true, "enabled": true,

16
club/admin.py
View File

@@ -14,7 +14,7 @@
# #
from django.contrib import admin from django.contrib import admin
from club.models import Club, ClubRole, Membership from club.models import Club, Membership
@admin.register(Club) @admin.register(Club)
@@ -30,20 +30,6 @@ class ClubAdmin(admin.ModelAdmin):
) )
@admin.register(ClubRole)
class ClubRoleAdmin(admin.ModelAdmin):
list_display = ("name", "club", "is_board", "is_presidency")
search_fields = ("name",)
autocomplete_fields = ("club",)
list_select_related = ("club",)
list_filter = (
"is_board",
"is_presidency",
("club", admin.RelatedOnlyFieldListFilter),
)
show_facets = admin.ModelAdmin.show_facets.ALWAYS
@admin.register(Membership) @admin.register(Membership)
class MembershipAdmin(admin.ModelAdmin): class MembershipAdmin(admin.ModelAdmin):
list_display = ("user", "club", "role", "start_date", "end_date") list_display = ("user", "club", "role", "start_date", "end_date")

5
club/api.py
View File

@@ -39,8 +39,7 @@ class ClubController(ControllerBase):
) )
def fetch_club(self, club_id: int): def fetch_club(self, club_id: int):
prefetch = Prefetch( prefetch = Prefetch(
"members", "members", queryset=Membership.objects.ongoing().select_related("user")
queryset=Membership.objects.ongoing().select_related("user", "role"),
) )
return self.get_object_or_exception( return self.get_object_or_exception(
Club.objects.prefetch_related(prefetch), id=club_id Club.objects.prefetch_related(prefetch), id=club_id
@@ -62,5 +61,5 @@ class UserClubController(ControllerBase):
return ( return (
Membership.objects.ongoing() Membership.objects.ongoing()
.filter(user=user) .filter(user=user)
.select_related("club", "user", "role") .select_related("club", "user")
) )

40
club/forms.py
View File

@@ -23,12 +23,13 @@
# #
from django import forms from django import forms
from django.db.models import Exists, OuterRef, Q, QuerySet from django.conf import settings
from django.db.models import Exists, OuterRef, Q
from django.db.models.functions import Lower from django.db.models.functions import Lower
from django.utils.functional import cached_property from django.utils.functional import cached_property
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from club.models import Club, ClubRole, Mailing, MailingSubscription, Membership from club.models import Club, Mailing, MailingSubscription, Membership
from core.models import User from core.models import User
from core.views.forms import SelectDateTime from core.views.forms import SelectDateTime
from core.views.widgets.ajax_select import ( from core.views.widgets.ajax_select import (
@@ -214,7 +215,9 @@ class ClubOldMemberForm(forms.Form):
def __init__(self, *args, user: User, club: Club, **kwargs): def __init__(self, *args, user: User, club: Club, **kwargs):
super().__init__(*args, **kwargs) super().__init__(*args, **kwargs)
self.fields["members_old"].queryset = club.members.ongoing().editable_by(user) self.fields["members_old"].queryset = (
Membership.objects.ongoing().filter(club=club).editable_by(user)
)
class ClubMemberForm(forms.ModelForm): class ClubMemberForm(forms.ModelForm):
@@ -232,14 +235,19 @@ class ClubMemberForm(forms.ModelForm):
self.request_user = request_user self.request_user = request_user
self.request_user_membership = self.club.get_membership_for(self.request_user) self.request_user_membership = self.club.get_membership_for(self.request_user)
super().__init__(*args, **kwargs) super().__init__(*args, **kwargs)
self.fields["role"].queryset = self.available_roles self.fields["role"].required = True
self.fields["role"].choices = [
(value, name)
for value, name in settings.SITH_CLUB_ROLES.items()
if value <= self.max_available_role
]
self.instance.club = club self.instance.club = club
@property @property
def available_roles(self) -> QuerySet[ClubRole]: def max_available_role(self):
"""The greatest role that will be obtainable with this form.""" """The greatest role that will be obtainable with this form."""
# this is unreachable, because it will be overridden by subclasses # this is unreachable, because it will be overridden by subclasses
return ClubRole.objects.none() # pragma: no cover return -1 # pragma: no cover
class ClubAddMemberForm(ClubMemberForm): class ClubAddMemberForm(ClubMemberForm):
@@ -250,7 +258,7 @@ class ClubAddMemberForm(ClubMemberForm):
widgets = {"user": AutoCompleteSelectUser} widgets = {"user": AutoCompleteSelectUser}
@cached_property @cached_property
def available_roles(self): def max_available_role(self):
"""The greatest role that will be obtainable with this form. """The greatest role that will be obtainable with this form.
Admins and the club president can attribute any role. Admins and the club president can attribute any role.
@@ -258,13 +266,13 @@ class ClubAddMemberForm(ClubMemberForm):
Other users cannot attribute roles with this form Other users cannot attribute roles with this form
""" """
if self.request_user.has_perm("club.add_membership"): if self.request_user.has_perm("club.add_membership"):
return self.club.roles.all() return settings.SITH_CLUB_ROLES_ID["President"]
membership = self.request_user_membership membership = self.request_user_membership
if membership is None or not membership.role.is_board: if membership is None or membership.role <= settings.SITH_MAXIMUM_FREE_ROLE:
return ClubRole.objects.none() return -1
if membership.role.is_presidency: if membership.role == settings.SITH_CLUB_ROLES_ID["President"]:
return self.club.roles.all() return membership.role
return self.club.roles.above_instance(membership.role) return membership.role - 1
def clean_user(self): def clean_user(self):
"""Check that the user is not trying to add a user already in the club. """Check that the user is not trying to add a user already in the club.
@@ -288,11 +296,13 @@ class JoinClubForm(ClubMemberForm):
def __init__(self, *args, club: Club, request_user: User, **kwargs): def __init__(self, *args, club: Club, request_user: User, **kwargs):
super().__init__(*args, club=club, request_user=request_user, **kwargs) super().__init__(*args, club=club, request_user=request_user, **kwargs)
# this form doesn't manage the user who will join the club,
# so we must set this here to avoid errors
self.instance.user = self.request_user self.instance.user = self.request_user
@cached_property @cached_property
def available_roles(self): def max_available_role(self):
return self.club.roles.filter(is_board=False) return settings.SITH_MAXIMUM_FREE_ROLE
def clean(self): def clean(self):
"""Check that the user is subscribed and isn't already in the club.""" """Check that the user is subscribed and isn't already in the club."""

10
club/migrations/0012_club_board_group_club_members_group.py
View File

@@ -2,15 +2,12 @@
import django.db.models.deletion import django.db.models.deletion
import django.db.models.functions.datetime import django.db.models.functions.datetime
from django.conf import settings
from django.db import migrations, models from django.db import migrations, models
from django.db.migrations.state import StateApps from django.db.migrations.state import StateApps
from django.db.models import Q from django.db.models import Q
from django.utils.timezone import localdate from django.utils.timezone import localdate
# Before the club role rework, the maximum free role
# was the hardcoded highest non-board role
MAXIMUM_FREE_ROLE = 1
def migrate_meta_groups(apps: StateApps, schema_editor): def migrate_meta_groups(apps: StateApps, schema_editor):
"""Attach the existing meta groups to the clubs. """Attach the existing meta groups to the clubs.
@@ -49,7 +46,10 @@ def migrate_meta_groups(apps: StateApps, schema_editor):
).select_related("user") ).select_related("user")
club.members_group.users.set([m.user for m in memberships]) club.members_group.users.set([m.user for m in memberships])
club.board_group.users.set( club.board_group.users.set(
[m.user for m in memberships.filter(role__gt=MAXIMUM_FREE_ROLE)] [
m.user
for m in memberships.filter(role__gt=settings.SITH_MAXIMUM_FREE_ROLE)
]
) )

138
club/migrations/0015_clubrole_alter_membership_role.py
View File

@@ -1,138 +0,0 @@
# Generated by Django 5.2.3 on 2025-06-21 21:59
import django.db.models.deletion
from django.db import migrations, models
from django.db.migrations.state import StateApps
from django.db.models import Case, When
PRESIDENT_ROLE = 10
MAXIMUM_FREE_ROLE = 1
SITH_CLUB_ROLES = {
10: "Président⸱e",
9: "Vice-Président⸱e",
7: "Trésorier⸱e",
5: "Responsable communication",
4: "Secrétaire",
3: "Responsable info",
2: "Membre du bureau",
1: "Membre actif⸱ve",
0: "Curieux⸱euse",
}
def migrate_roles(apps: StateApps, schema_editor):
ClubRole = apps.get_model("club", "ClubRole")
Membership = apps.get_model("club", "Membership")
updates = []
for club_id, role in Membership.objects.values_list("club", "role").distinct():
new_role = ClubRole.objects.create(
name=SITH_CLUB_ROLES[role],
is_board=role > MAXIMUM_FREE_ROLE,
is_presidency=role == PRESIDENT_ROLE,
club_id=club_id,
order=PRESIDENT_ROLE - role,
)
updates.append(When(role=role, then=new_role.id))
# all updates must happen at the same time
# otherwise, the 10 first created ClubRole would be
# re-modified after their initial creation, and it would
# result in an incoherent state.
# To avoid that, all updates are wrapped in a single giant Case(When) statement
# cf. https://docs.djangoproject.com/fr/stable/ref/models/conditional-expressions/#conditional-update
Membership.objects.update(role=Case(*updates))
class Migration(migrations.Migration):
dependencies = [
("club", "0014_alter_club_options_rename_unix_name_club_slug_name_and_more"),
("core", "0047_alter_notification_date_alter_notification_type"),
]
operations = [
migrations.AlterField(
model_name="club",
name="page",
field=models.OneToOneField(
blank=True,
on_delete=django.db.models.deletion.PROTECT,
related_name="club",
to="core.page",
),
),
migrations.CreateModel(
name="ClubRole",
fields=[
(
"id",
models.AutoField(
auto_created=True,
primary_key=True,
serialize=False,
verbose_name="ID",
),
),
(
"order",
models.PositiveIntegerField(
db_index=True, editable=False, verbose_name="order"
),
),
(
"club",
models.ForeignKey(
help_text="The club in which this role exists",
on_delete=django.db.models.deletion.CASCADE,
related_name="roles",
to="club.club",
verbose_name="club",
),
),
("name", models.CharField(max_length=50, verbose_name="name")),
(
"description",
models.TextField(
default="", blank=True, verbose_name="description"
),
),
(
"is_board",
models.BooleanField(default=False, verbose_name="Board role"),
),
(
"is_presidency",
models.BooleanField(default=False, verbose_name="Presidency role"),
),
(
"is_active",
models.BooleanField(
default=True,
help_text=(
"If the role is inactive, people joining the club "
"won't be able to get it."
),
verbose_name="is active",
),
),
],
options={
"ordering": ("order",),
"verbose_name": "club role",
"verbose_name_plural": "club roles",
},
),
migrations.AddConstraint(
model_name="clubrole",
constraint=models.CheckConstraint(
condition=models.Q(
("is_presidency", False), ("is_board", True), _connector="OR"
),
name="clubrole_presidency_implies_board",
),
),
migrations.RunPython(migrate_roles, migrations.RunPython.noop),
# because Postgres migrations run in a single transaction,
# we cannot change the actual values of Membership.role
# and apply the FOREIGN KEY constraint in the same migration.
# The constraint is created in the next migration
]

25
club/migrations/0016_clubrole_alter_membership_role.py
View File

@@ -1,25 +0,0 @@
# Generated by Django 5.2.3 on 2025-09-27 09:57
import django.db.models.deletion
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [("club", "0015_clubrole_alter_membership_role")]
operations = [
# because Postgres migrations run in a single transaction,
# we cannot change the actual values of Membership.role
# and apply the FOREIGN KEY constraint in the same migration.
# The data migration was made in the previous migration.
migrations.AlterField(
model_name="membership",
name="role",
field=models.ForeignKey(
on_delete=django.db.models.deletion.PROTECT,
related_name="members",
to="club.clubrole",
verbose_name="role",
),
),
]

124
club/models.py
View File

@@ -29,14 +29,14 @@ from django.conf import settings
from django.core.exceptions import ObjectDoesNotExist, ValidationError from django.core.exceptions import ObjectDoesNotExist, ValidationError
from django.core.validators import RegexValidator, validate_email from django.core.validators import RegexValidator, validate_email
from django.db import models, transaction from django.db import models, transaction
from django.db.models import Exists, F, OuterRef, Q from django.db.models import Exists, F, OuterRef, Q, Value
from django.db.models.functions import Greatest
from django.urls import reverse from django.urls import reverse
from django.utils import timezone from django.utils import timezone
from django.utils.functional import cached_property from django.utils.functional import cached_property
from django.utils.text import slugify from django.utils.text import slugify
from django.utils.timezone import localdate from django.utils.timezone import localdate
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from ordered_model.models import OrderedModel
from core.fields import ResizedImageField from core.fields import ResizedImageField
from core.models import Group, Notification, Page, SithFile, User from core.models import Group, Notification, Page, SithFile, User
@@ -89,7 +89,7 @@ class Club(models.Model):
on_delete=models.SET_NULL, on_delete=models.SET_NULL,
) )
page = models.OneToOneField( page = models.OneToOneField(
Page, related_name="club", blank=True, on_delete=models.PROTECT Page, related_name="club", blank=True, on_delete=models.CASCADE
) )
members_group = models.OneToOneField( members_group = models.OneToOneField(
Group, related_name="club", on_delete=models.PROTECT Group, related_name="club", on_delete=models.PROTECT
@@ -138,7 +138,9 @@ class Club(models.Model):
@cached_property @cached_property
def president(self) -> Membership | None: def president(self) -> Membership | None:
"""Fetch the membership of the current president of this club.""" """Fetch the membership of the current president of this club."""
return self.members.filter(end_date=None).order_by("role__order").first() return self.members.filter(
role=settings.SITH_CLUB_ROLES_ID["President"], end_date=None
).first()
def check_loop(self): def check_loop(self):
"""Raise a validation error when a loop is found within the parent list.""" """Raise a validation error when a loop is found within the parent list."""
@@ -206,9 +208,7 @@ class Club(models.Model):
@cached_property @cached_property
def current_members(self) -> list[Membership]: def current_members(self) -> list[Membership]:
return list( return list(self.members.ongoing().select_related("user").order_by("-role"))
self.members.ongoing().select_related("user", "role").order_by("-role")
)
def get_membership_for(self, user: User) -> Membership | None: def get_membership_for(self, user: User) -> Membership | None:
"""Return the current membership of the given user.""" """Return the current membership of the given user."""
@@ -220,77 +220,6 @@ class Club(models.Model):
return user.is_in_group(pk=self.board_group_id) return user.is_in_group(pk=self.board_group_id)
class ClubRole(OrderedModel):
club = models.ForeignKey(
Club,
verbose_name=_("club"),
help_text=_("The club in which this role exists"),
related_name="roles",
on_delete=models.CASCADE,
)
name = models.CharField(_("name"), max_length=50)
description = models.TextField(_("description"), blank=True, default="")
is_board = models.BooleanField(_("Board role"), default=False)
is_presidency = models.BooleanField(_("Presidency role"), default=False)
is_active = models.BooleanField(
_("is active"),
default=True,
help_text=_(
"If the role is inactive, people joining the club won't be able to get it."
),
)
order_with_respect_to = "club"
class Meta(OrderedModel.Meta):
verbose_name = _("club role")
verbose_name_plural = _("club roles")
abstract = False
constraints = [
# presidency IMPLIES board <=> NOT presidency OR board
# cf. MT1 :)
models.CheckConstraint(
condition=Q(is_presidency=False) | Q(is_board=True),
name="clubrole_presidency_implies_board",
)
]
def __str__(self):
return self.name
def get_display_name(self):
return f"{self.name} - {self.club.name}"
def get_absolute_url(self):
return reverse("club:club_roles", kwargs={"club_id": self.club_id})
def clean(self):
errors = []
if self.is_presidency and not self.is_board:
errors.append(
ValidationError(
_(
"Role %(name)s was declared as a presidency role "
"without being a board role"
)
% {"name": self.name}
)
)
if (
self.is_board
and self.club.roles.filter(is_board=False, order__lt=self.order).exists()
):
errors.append(
ValidationError(
_("Board role %(role)s cannot be placed below a member role")
% {"role": self.name}
)
)
if errors:
raise ValidationError(errors)
return super().clean()
class MembershipQuerySet(models.QuerySet): class MembershipQuerySet(models.QuerySet):
def ongoing(self) -> Self: def ongoing(self) -> Self:
"""Filter all memberships which are not finished yet.""" """Filter all memberships which are not finished yet."""
@@ -303,10 +232,9 @@ class MembershipQuerySet(models.QuerySet):
are included, even if there are no more members. are included, even if there are no more members.
If you want to get the users who are currently in the board, If you want to get the users who are currently in the board,
mind combining this with the [MembershipQuerySet.ongoing][] mind combining this with the `ongoing` queryset method
queryset method
""" """
return self.filter(role__is_board=True) return self.filter(role__gt=settings.SITH_MAXIMUM_FREE_ROLE)
def editable_by(self, user: User) -> Self: def editable_by(self, user: User) -> Self:
"""Filter Memberships that this user can edit. """Filter Memberships that this user can edit.
@@ -329,16 +257,21 @@ class MembershipQuerySet(models.QuerySet):
""" """
if user.has_perm("club.change_membership"): if user.has_perm("club.change_membership"):
return self.all() return self.all()
return self.ongoing().filter( return self.filter(
Q(user=user) Q(user=user)
| Exists( | Exists(
Membership.objects.ongoing().filter( Membership.objects.filter(
Q(
role__gt=Greatest(
OuterRef("role"), Value(settings.SITH_MAXIMUM_FREE_ROLE)
)
),
user=user, user=user,
end_date=None,
club=OuterRef("club"), club=OuterRef("club"),
role__is_board=True,
role__order__lt=OuterRef("role__order"),
) )
) ),
end_date=None,
) )
def update(self, **kwargs) -> int: def update(self, **kwargs) -> int:
@@ -408,11 +341,10 @@ class Membership(models.Model):
) )
start_date = models.DateField(_("start date"), default=timezone.now) start_date = models.DateField(_("start date"), default=timezone.now)
end_date = models.DateField(_("end date"), null=True, blank=True) end_date = models.DateField(_("end date"), null=True, blank=True)
role = models.ForeignKey( role = models.IntegerField(
ClubRole, _("role"),
verbose_name=_("role"), choices=sorted(settings.SITH_CLUB_ROLES.items()),
related_name="members", default=sorted(settings.SITH_CLUB_ROLES.items())[0][0],
on_delete=models.PROTECT,
) )
description = models.CharField( description = models.CharField(
_("description"), max_length=128, null=False, blank=True _("description"), max_length=128, null=False, blank=True
@@ -430,7 +362,7 @@ class Membership(models.Model):
def __str__(self): def __str__(self):
return ( return (
f"{self.club.name} - {self.user.username} " f"{self.club.name} - {self.user.username} "
f"- {self.role.name} " f"- {settings.SITH_CLUB_ROLES[self.role]} "
f"- {str(_('past member')) if self.end_date is not None else ''}" f"- {str(_('past member')) if self.end_date is not None else ''}"
) )
@@ -459,11 +391,7 @@ class Membership(models.Model):
if user.is_root or user.is_board_member: if user.is_root or user.is_board_member:
return True return True
membership = self.club.get_membership_for(user) membership = self.club.get_membership_for(user)
if not membership: return membership is not None and membership.role >= self.role
return False
return membership.user_id == user.id or (
membership.is_board and membership.role.order < self.role.order
)
def delete(self, *args, **kwargs): def delete(self, *args, **kwargs):
self._remove_club_groups([self]) self._remove_club_groups([self])
@@ -539,7 +467,7 @@ class Membership(models.Model):
group_id=membership.club.members_group_id, group_id=membership.club.members_group_id,
) )
) )
if membership.role.is_board: if membership.role > settings.SITH_MAXIMUM_FREE_ROLE:
club_groups.append( club_groups.append(
User.groups.through( User.groups.through(
user_id=membership.user_id, user_id=membership.user_id,

14
club/schemas.py
View File

@@ -3,7 +3,7 @@ from typing import Annotated
from django.db.models import Q from django.db.models import Q
from ninja import FilterLookup, FilterSchema, ModelSchema from ninja import FilterLookup, FilterSchema, ModelSchema
from club.models import Club, ClubRole, Membership from club.models import Club, Membership
from core.schemas import NonEmptyStr, SimpleUserSchema from core.schemas import NonEmptyStr, SimpleUserSchema
@@ -39,21 +39,14 @@ class ClubProfileSchema(ModelSchema):
return obj.get_absolute_url() return obj.get_absolute_url()
class ClubRoleSchema(ModelSchema):
class Meta:
model = ClubRole
fields = ["id", "name", "is_presidency", "is_board"]
class ClubMemberSchema(ModelSchema): class ClubMemberSchema(ModelSchema):
"""A schema to represent all memberships in a club.""" """A schema to represent all memberships in a club."""
class Meta: class Meta:
model = Membership model = Membership
fields = ["start_date", "end_date", "description"] fields = ["start_date", "end_date", "role", "description"]
user: SimpleUserSchema user: SimpleUserSchema
role: ClubRoleSchema
class ClubSchema(ModelSchema): class ClubSchema(ModelSchema):
@@ -69,7 +62,6 @@ class UserMembershipSchema(ModelSchema):
class Meta: class Meta:
model = Membership model = Membership
fields = ["id", "start_date", "description"] fields = ["id", "start_date", "role", "description"]
club: SimpleClubSchema club: SimpleClubSchema
role: ClubRoleSchema

2
club/templates/club/club_members.jinja
View File

@@ -45,7 +45,7 @@
{% for m in members %} {% for m in members %}
<tr> <tr>
<td>{{ user_profile_link(m.user) }}</td> <td>{{ user_profile_link(m.user) }}</td>
<td>{{ m.role.name }}</td> <td>{{ settings.SITH_CLUB_ROLES[m.role] }}</td>
<td>{{ m.description }}</td> <td>{{ m.description }}</td>
<td>{{ m.start_date }}</td> <td>{{ m.start_date }}</td>
{%- if can_end_membership -%} {%- if can_end_membership -%}

2
club/templates/club/club_old_members.jinja
View File

@@ -17,7 +17,7 @@
{% for member in old_members %} {% for member in old_members %}
<tr> <tr>
<td>{{ user_profile_link(member.user) }}</td> <td>{{ user_profile_link(member.user) }}</td>
<td>{{ member.role.name }}</td> <td>{{ settings.SITH_CLUB_ROLES[member.role] }}</td>
<td>{{ member.description }}</td> <td>{{ member.description }}</td>
<td>{{ member.start_date }}</td> <td>{{ member.start_date }}</td>
<td>{{ member.end_date }}</td> <td>{{ member.end_date }}</td>

20
club/tests/base.py
View File

@@ -8,7 +8,7 @@ from django.utils.timezone import now
from model_bakery import baker from model_bakery import baker
from model_bakery.recipe import Recipe from model_bakery.recipe import Recipe
from club.models import Club, ClubRole, Membership from club.models import Club, Membership
from core.baker_recipes import old_subscriber_user, subscriber_user from core.baker_recipes import old_subscriber_user, subscriber_user
from core.models import User from core.models import User
@@ -43,11 +43,6 @@ class TestClub(TestCase):
cls.ae = Club.objects.get(pk=settings.SITH_MAIN_CLUB_ID) cls.ae = Club.objects.get(pk=settings.SITH_MAIN_CLUB_ID)
cls.club = baker.make(Club) cls.club = baker.make(Club)
cls.president_role = baker.make(
ClubRole, club=cls.club, is_board=True, is_presidency=True, order=0
)
cls.board_role = baker.make(ClubRole, club=cls.club, is_board=True, order=1)
cls.member_role = baker.make(ClubRole, club=cls.club, order=2)
cls.new_members_url = reverse( cls.new_members_url = reverse(
"club:club_new_members", kwargs={"club_id": cls.club.id} "club:club_new_members", kwargs={"club_id": cls.club.id}
) )
@@ -56,17 +51,12 @@ class TestClub(TestCase):
yesterday = now() - timedelta(days=1) yesterday = now() - timedelta(days=1)
membership_recipe = Recipe(Membership, club=cls.club) membership_recipe = Recipe(Membership, club=cls.club)
membership_recipe.make( membership_recipe.make(
user=cls.simple_board_member, start_date=a_month_ago, role=cls.board_role user=cls.simple_board_member, start_date=a_month_ago, role=3
)
membership_recipe.make(user=cls.richard, role=cls.member_role)
membership_recipe.make(
user=cls.president, start_date=a_month_ago, role=cls.president_role
) )
membership_recipe.make(user=cls.richard, role=1)
membership_recipe.make(user=cls.president, start_date=a_month_ago, role=10)
membership_recipe.make( # sli was a member but isn't anymore membership_recipe.make( # sli was a member but isn't anymore
user=cls.sli, user=cls.sli, start_date=a_month_ago, end_date=yesterday, role=2
start_date=a_month_ago,
end_date=yesterday,
role=cls.board_role,
) )
def setUp(self): def setUp(self):

18
club/tests/test_club.py
View File

@@ -5,7 +5,7 @@ from django.utils.timezone import localdate
from model_bakery import baker from model_bakery import baker
from model_bakery.recipe import Recipe from model_bakery.recipe import Recipe
from club.models import Club, ClubRole, Membership from club.models import Club, Membership
from core.baker_recipes import subscriber_user from core.baker_recipes import subscriber_user
@@ -16,19 +16,11 @@ def test_club_queryset_having_board_member():
membership_recipe = Recipe( membership_recipe = Recipe(
Membership, user=user, start_date=localdate() - timedelta(days=3) Membership, user=user, start_date=localdate() - timedelta(days=3)
) )
membership_recipe.make(club=clubs[0], role=1)
membership_recipe.make(club=clubs[1], role=3)
membership_recipe.make(club=clubs[2], role=7)
membership_recipe.make( membership_recipe.make(
club=clubs[0], role=baker.make(ClubRole, club=clubs[0], is_board=False) club=clubs[3], role=3, end_date=localdate() - timedelta(days=1)
)
membership_recipe.make(
club=clubs[1], role=baker.make(ClubRole, club=clubs[1], is_board=True)
)
membership_recipe.make(
club=clubs[2], role=baker.make(ClubRole, club=clubs[2], is_board=True)
)
membership_recipe.make(
club=clubs[3],
role=baker.make(ClubRole, club=clubs[3], is_board=True),
end_date=localdate() - timedelta(days=1),
) )
club_ids = Club.objects.having_board_member(user).values_list("id", flat=True) club_ids = Club.objects.having_board_member(user).values_list("id", flat=True)

7
club/tests/test_club_controller.py
View File

@@ -1,7 +1,6 @@
from datetime import date, timedelta from datetime import date, timedelta
import pytest import pytest
from django.conf import settings
from django.contrib.auth.models import Permission from django.contrib.auth.models import Permission
from django.test import Client, TestCase from django.test import Client, TestCase
from django.urls import reverse from django.urls import reverse
@@ -9,7 +8,7 @@ from model_bakery import baker
from model_bakery.recipe import Recipe from model_bakery.recipe import Recipe
from pytest_django.asserts import assertNumQueries from pytest_django.asserts import assertNumQueries
from club.models import Club, ClubRole, Membership from club.models import Club, Membership
from core.baker_recipes import subscriber_user from core.baker_recipes import subscriber_user
from core.models import Group, Page, User from core.models import Group, Page, User
@@ -27,10 +26,8 @@ class TestClubSearch(TestCase):
"id", flat=True "id", flat=True
) )
) )
Membership.objects.all().delete() Page.objects.exclude(club=None).delete()
ClubRole.objects.all().delete()
Club.objects.all().delete() Club.objects.all().delete()
Page.objects.exclude(name=settings.SITH_CLUB_ROOT_PAGE).delete()
Group.objects.filter(id__in=groups).delete() Group.objects.filter(id__in=groups).delete()
cls.clubs = baker.make( cls.clubs = baker.make(

16
club/tests/test_edit.py
View File

@@ -4,7 +4,7 @@ from django.urls import reverse
from model_bakery import baker from model_bakery import baker
from pytest_django.asserts import assertRedirects from pytest_django.asserts import assertRedirects
from club.models import Club, ClubRole, Membership from club.models import Club, Membership
from core.baker_recipes import subscriber_user from core.baker_recipes import subscriber_user
@@ -12,12 +12,7 @@ from core.baker_recipes import subscriber_user
def test_club_board_member_cannot_edit_club_properties(client: Client): def test_club_board_member_cannot_edit_club_properties(client: Client):
user = subscriber_user.make() user = subscriber_user.make()
club = baker.make(Club, name="old name", is_active=True, address="old address") club = baker.make(Club, name="old name", is_active=True, address="old address")
baker.make( baker.make(Membership, club=club, user=user, role=7)
Membership,
club=club,
user=user,
role=baker.make(ClubRole, club=club, is_board=True),
)
client.force_login(user) client.force_login(user)
res = client.post( res = client.post(
reverse("club:club_edit", kwargs={"club_id": club.id}), reverse("club:club_edit", kwargs={"club_id": club.id}),
@@ -37,12 +32,7 @@ def test_edit_club_page_doesnt_crash(client: Client):
"""crash test for club:club_edit""" """crash test for club:club_edit"""
club = baker.make(Club) club = baker.make(Club)
user = subscriber_user.make() user = subscriber_user.make()
baker.make( baker.make(Membership, club=club, user=user, role=3)
Membership,
club=club,
user=user,
role=baker.make(ClubRole, club=club, is_board=True),
)
client.force_login(user) client.force_login(user)
res = client.get(reverse("club:club_edit", kwargs={"club_id": club.id})) res = client.get(reverse("club:club_edit", kwargs={"club_id": club.id}))
assert res.status_code == 200 assert res.status_code == 200

5
club/tests/test_mailing.py
View File

@@ -3,10 +3,9 @@ from django.test import TestCase
from django.urls import reverse from django.urls import reverse
from django.utils import timezone from django.utils import timezone
from django.utils.translation import gettext as _ from django.utils.translation import gettext as _
from model_bakery import baker
from club.forms import MailingForm from club.forms import MailingForm
from club.models import Club, ClubRole, Mailing, Membership from club.models import Club, Mailing, Membership
from core.models import User from core.models import User
@@ -26,7 +25,7 @@ class TestMailingForm(TestCase):
user=cls.rbatsbak, user=cls.rbatsbak,
club=cls.club, club=cls.club,
start_date=timezone.now(), start_date=timezone.now(),
role=baker.make(ClubRole, club=cls.club, is_board=True), role=settings.SITH_CLUB_ROLES_ID["Board member"],
).save() ).save()
def test_mailing_list_add_no_moderation(self): def test_mailing_list_add_no_moderation(self):

173
club/tests/test_membership.py
View File

@@ -1,9 +1,9 @@
import itertools
from collections.abc import Callable from collections.abc import Callable
from datetime import timedelta from datetime import timedelta
import pytest import pytest
from bs4 import BeautifulSoup from bs4 import BeautifulSoup
from django.conf import settings
from django.contrib.auth.models import Permission from django.contrib.auth.models import Permission
from django.core.cache import cache from django.core.cache import cache
from django.db.models import Max from django.db.models import Max
@@ -14,7 +14,7 @@ from model_bakery import baker
from pytest_django.asserts import assertRedirects from pytest_django.asserts import assertRedirects
from club.forms import ClubAddMemberForm, JoinClubForm from club.forms import ClubAddMemberForm, JoinClubForm
from club.models import Club, ClubRole, Membership from club.models import Club, Membership
from club.tests.base import TestClub from club.tests.base import TestClub
from core.baker_recipes import subscriber_user from core.baker_recipes import subscriber_user
from core.models import AnonymousUser, User from core.models import AnonymousUser, User
@@ -75,22 +75,17 @@ class TestMembershipQuerySet(TestClub):
def test_update_change_club_groups(self): def test_update_change_club_groups(self):
"""Test that `update` set the user groups accordingly.""" """Test that `update` set the user groups accordingly."""
user = baker.make(User) user = baker.make(User)
board_role, member_role = baker.make( membership = baker.make(Membership, end_date=None, user=user, role=5)
ClubRole, is_board=iter([True, False]), _quantity=2, _bulk_create=True
)
membership = baker.make(
Membership, end_date=None, user=user, role=board_role, club=board_role.club
)
members_group = membership.club.members_group members_group = membership.club.members_group
board_group = membership.club.board_group board_group = membership.club.board_group
assert user.groups.contains(members_group) assert user.groups.contains(members_group)
assert user.groups.contains(board_group) assert user.groups.contains(board_group)
user.memberships.update(role=member_role) # from board to simple member user.memberships.update(role=1) # from board to simple member
assert user.groups.contains(members_group) assert user.groups.contains(members_group)
assert not user.groups.contains(board_group) assert not user.groups.contains(board_group)
user.memberships.update(role=board_role) # from member to board user.memberships.update(role=5) # from member to board
assert user.groups.contains(members_group) assert user.groups.contains(members_group)
assert user.groups.contains(board_group) assert user.groups.contains(board_group)
@@ -101,17 +96,7 @@ class TestMembershipQuerySet(TestClub):
def test_delete_remove_from_groups(self): def test_delete_remove_from_groups(self):
"""Test that `delete` removes from club groups""" """Test that `delete` removes from club groups"""
user = baker.make(User) user = baker.make(User)
club = baker.make(Club) memberships = baker.make(Membership, role=iter([1, 5]), user=user, _quantity=2)
roles = baker.make(
ClubRole,
is_board=iter([False, True]),
club=club,
_quantity=2,
_bulk_create=True,
)
memberships = baker.make(
Membership, club=club, role=iter(roles), user=user, _quantity=2
)
club_groups = { club_groups = {
memberships[0].club.members_group, memberships[0].club.members_group,
memberships[1].club.members_group, memberships[1].club.members_group,
@@ -127,20 +112,13 @@ class TestMembershipEditableBy(TestCase):
def setUpTestData(cls): def setUpTestData(cls):
Membership.objects.all().delete() Membership.objects.all().delete()
cls.club_a, cls.club_b = baker.make(Club, _quantity=2) cls.club_a, cls.club_b = baker.make(Club, _quantity=2)
roles = baker.make(
ClubRole,
is_presidency=itertools.cycle([True, False, False, False]),
is_board=itertools.cycle([True, True, True, False]),
order=itertools.cycle(range(4)),
club=iter(
[*itertools.repeat(cls.club_a, 4), *itertools.repeat(cls.club_b, 4)]
),
_quantity=8,
_bulk_create=True,
)
cls.memberships = [ cls.memberships = [
*baker.make(Membership, role=iter(roles[:4]), club=cls.club_a, _quantity=4), *baker.make(
*baker.make(Membership, role=iter(roles[4:]), club=cls.club_b, _quantity=4), Membership, role=iter([7, 3, 3, 1]), club=cls.club_a, _quantity=4
),
*baker.make(
Membership, role=iter([7, 3, 3, 1]), club=cls.club_b, _quantity=4
),
] ]
def test_admin_user(self): def test_admin_user(self):
@@ -162,7 +140,7 @@ class TestMembershipEditableBy(TestCase):
class TestMembership(TestClub): class TestMembership(TestClub):
def assert_membership_started_today(self, user: User, role: ClubRole): def assert_membership_started_today(self, user: User, role: int):
"""Assert that the given membership is active and started today.""" """Assert that the given membership is active and started today."""
membership = user.memberships.ongoing().filter(club=self.club).first() membership = user.memberships.ongoing().filter(club=self.club).first()
assert membership is not None assert membership is not None
@@ -211,27 +189,21 @@ class TestMembership(TestClub):
"Marquer comme ancien", "Marquer comme ancien",
] ]
rows = table.find("tbody").find_all("tr") rows = table.find("tbody").find_all("tr")
memberships = ( memberships = self.club.members.ongoing().order_by("-role")
self.club.members.ongoing() for row, membership in zip(
.order_by("role__order") rows, memberships.select_related("user"), strict=False
.select_related("user", "role") ):
)
user_role = ClubRole.objects.get(members__user=self.simple_board_member)
for row, membership in zip(rows, memberships, strict=False):
user = membership.user user = membership.user
user_url = reverse("core:user_profile", args=[user.id]) user_url = reverse("core:user_profile", args=[user.id])
cols = row.find_all("td") cols = row.find_all("td")
user_link = cols[0].find("a") user_link = cols[0].find("a")
assert user_link.attrs["href"] == user_url assert user_link.attrs["href"] == user_url
assert user_link.text == user.get_display_name() assert user_link.text == user.get_display_name()
assert cols[1].text == membership.role.name assert cols[1].text == settings.SITH_CLUB_ROLES[membership.role]
assert cols[2].text == membership.description assert cols[2].text == membership.description
assert cols[3].text == str(membership.start_date) assert cols[3].text == str(membership.start_date)
if ( if membership.role < 3 or membership.user_id == self.simple_board_member.id:
membership.role.order > user_role.order
or membership.user_id == self.simple_board_member.id
):
# 3 is the role of simple_board_member # 3 is the role of simple_board_member
form_input = cols[4].find("input") form_input = cols[4].find("input")
expected_attrs = { expected_attrs = {
@@ -247,15 +219,14 @@ class TestMembership(TestClub):
"""Test that root users can add members to clubs""" """Test that root users can add members to clubs"""
self.client.force_login(self.root) self.client.force_login(self.root)
response = self.client.post( response = self.client.post(
self.new_members_url, self.new_members_url, {"user": self.subscriber.id, "role": 3}
{"user": self.subscriber.id, "role": self.board_role.id},
) )
assert response.status_code == 200 assert response.status_code == 200
assert response.headers.get("HX-Redirect", "") == reverse( assert response.headers.get("HX-Redirect", "") == reverse(
"club:club_members", kwargs={"club_id": self.club.id} "club:club_members", kwargs={"club_id": self.club.id}
) )
self.subscriber.refresh_from_db() self.subscriber.refresh_from_db()
self.assert_membership_started_today(self.subscriber, role=self.board_role) self.assert_membership_started_today(self.subscriber, role=3)
def test_add_unauthorized_members(self): def test_add_unauthorized_members(self):
"""Test that users who are not currently subscribed """Test that users who are not currently subscribed
@@ -263,7 +234,7 @@ class TestMembership(TestClub):
""" """
for user in self.public, self.old_subscriber: for user in self.public, self.old_subscriber:
form = ClubAddMemberForm( form = ClubAddMemberForm(
data={"user": user.id, "role": self.member_role}, data={"user": user.id, "role": 1},
request_user=self.root, request_user=self.root,
club=self.club, club=self.club,
) )
@@ -284,7 +255,7 @@ class TestMembership(TestClub):
nb_memberships = self.simple_board_member.memberships.count() nb_memberships = self.simple_board_member.memberships.count()
self.client.post( self.client.post(
self.members_url, self.members_url,
{"users": self.simple_board_member.id, "role": self.member_role}, {"users": self.simple_board_member.id, "role": current_membership.role + 1},
) )
self.simple_board_member.refresh_from_db() self.simple_board_member.refresh_from_db()
assert nb_memberships == self.simple_board_member.memberships.count() assert nb_memberships == self.simple_board_member.memberships.count()
@@ -303,7 +274,7 @@ class TestMembership(TestClub):
max_id = User.objects.aggregate(id=Max("id"))["id"] max_id = User.objects.aggregate(id=Max("id"))["id"]
for members in [max_id + 1], [max_id + 1, self.subscriber.id]: for members in [max_id + 1], [max_id + 1, self.subscriber.id]:
form = ClubAddMemberForm( form = ClubAddMemberForm(
data={"user": members, "role": self.member_role}, data={"user": members, "role": 1},
request_user=self.root, request_user=self.root,
club=self.club, club=self.club,
) )
@@ -319,13 +290,12 @@ class TestMembership(TestClub):
def test_president_add_members(self): def test_president_add_members(self):
"""Test that the president of the club can add members.""" """Test that the president of the club can add members."""
president = self.club.members.get(role=self.president_role).user president = self.club.members.get(role=10).user
nb_club_membership = self.club.members.count() nb_club_membership = self.club.members.count()
nb_subscriber_memberships = self.subscriber.memberships.count() nb_subscriber_memberships = self.subscriber.memberships.count()
self.client.force_login(president) self.client.force_login(president)
response = self.client.post( response = self.client.post(
self.new_members_url, self.new_members_url, {"user": self.subscriber.id, "role": 9}
{"user": self.subscriber.id, "role": self.president_role.id},
) )
assert response.status_code == 200 assert response.status_code == 200
assert response.headers.get("HX-Redirect", "") == reverse( assert response.headers.get("HX-Redirect", "") == reverse(
@@ -335,17 +305,14 @@ class TestMembership(TestClub):
self.subscriber.refresh_from_db() self.subscriber.refresh_from_db()
assert self.club.members.count() == nb_club_membership + 1 assert self.club.members.count() == nb_club_membership + 1
assert self.subscriber.memberships.count() == nb_subscriber_memberships + 1 assert self.subscriber.memberships.count() == nb_subscriber_memberships + 1
self.assert_membership_started_today(self.subscriber, role=self.president_role) self.assert_membership_started_today(self.subscriber, role=9)
def test_add_member_greater_role(self): def test_add_member_greater_role(self):
"""Test that a member of the club member cannot create """Test that a member of the club member cannot create
a membership with a greater role than its own. a membership with a greater role than its own.
""" """
user_role = self.simple_board_member.memberships.first().role
other_role = baker.make(ClubRole, club=user_role.club, is_board=True)
other_role.above(user_role)
form = ClubAddMemberForm( form = ClubAddMemberForm(
data={"user": self.subscriber.id, "role": other_role.id}, data={"user": self.subscriber.id, "role": 10},
request_user=self.simple_board_member, request_user=self.simple_board_member,
club=self.club, club=self.club,
) )
@@ -353,10 +320,7 @@ class TestMembership(TestClub):
assert not form.is_valid() assert not form.is_valid()
assert form.errors == { assert form.errors == {
"role": [ "role": ["Sélectionnez un choix valide. 10 n\u2019en fait pas partie."]
"Sélectionnez un choix valide. "
"Ce choix ne fait pas partie de ceux disponibles."
]
} }
self.club.refresh_from_db() self.club.refresh_from_db()
assert nb_memberships == self.club.members.count() assert nb_memberships == self.club.members.count()
@@ -372,9 +336,8 @@ class TestMembership(TestClub):
assert form.errors == {"role": ["Ce champ est obligatoire."]} assert form.errors == {"role": ["Ce champ est obligatoire."]}
def test_add_member_already_there(self): def test_add_member_already_there(self):
role = ClubRole.objects.get(members__user=self.simple_board_member)
form = ClubAddMemberForm( form = ClubAddMemberForm(
data={"user": self.simple_board_member, "role": role.id}, data={"user": self.simple_board_member, "role": 3},
request_user=self.root, request_user=self.root,
club=self.club, club=self.club,
) )
@@ -385,27 +348,22 @@ class TestMembership(TestClub):
def test_add_other_member_forbidden(self): def test_add_other_member_forbidden(self):
non_member = subscriber_user.make() non_member = subscriber_user.make()
simple_member = baker.make( simple_member = baker.make(Membership, club=self.club, role=1).user
Membership, club=self.club, role=self.member_role
).user
for user in non_member, simple_member: for user in non_member, simple_member:
form = ClubAddMemberForm( form = ClubAddMemberForm(
data={"user": subscriber_user.make(), "role": self.member_role.id}, data={"user": subscriber_user.make(), "role": 1},
request_user=user, request_user=user,
club=self.club, club=self.club,
) )
assert not form.is_valid() assert not form.is_valid()
assert form.errors == { assert form.errors == {
"role": [ "role": ["Sélectionnez un choix valide. 1 n\u2019en fait pas partie."]
"Sélectionnez un choix valide. "
"Ce choix ne fait pas partie de ceux disponibles."
]
} }
def test_simple_members_dont_see_form_anymore(self): def test_simple_members_dont_see_form_anymore(self):
"""Test that simple club members don't see the form to add members""" """Test that simple club members don't see the form to add members"""
user = subscriber_user.make() user = subscriber_user.make()
baker.make(Membership, club=self.club, user=user, role=self.member_role) baker.make(Membership, club=self.club, user=user, role=1)
self.client.force_login(user) self.client.force_login(user)
res = self.client.get(self.members_url) res = self.client.get(self.members_url)
assert res.status_code == 200 assert res.status_code == 200
@@ -424,10 +382,9 @@ class TestMembership(TestClub):
"""Test that board members of the club can end memberships """Test that board members of the club can end memberships
of users with lower roles. of users with lower roles.
""" """
# reminder : simple_board_member has role 3
self.client.force_login(self.simple_board_member) self.client.force_login(self.simple_board_member)
role = baker.make(ClubRole, club=self.club, is_board=True) membership = baker.make(Membership, club=self.club, role=2, end_date=None)
role.below(self.board_role)
membership = baker.make(Membership, club=self.club, role=role)
response = self.client.post(self.members_url, {"members_old": [membership.id]}) response = self.client.post(self.members_url, {"members_old": [membership.id]})
self.assertRedirects(response, self.members_url) self.assertRedirects(response, self.members_url)
self.club.refresh_from_db() self.club.refresh_from_db()
@@ -437,9 +394,7 @@ class TestMembership(TestClub):
"""Test that board members of the club cannot end memberships """Test that board members of the club cannot end memberships
of users with higher roles. of users with higher roles.
""" """
membership = self.president.memberships.filter( membership = self.president.memberships.filter(club=self.club).first()
club=self.club, end_date=None
).first()
self.client.force_login(self.simple_board_member) self.client.force_login(self.simple_board_member)
self.client.post(self.members_url, {"members_old": [membership.id]}) self.client.post(self.members_url, {"members_old": [membership.id]})
self.club.refresh_from_db() self.club.refresh_from_db()
@@ -481,9 +436,7 @@ class TestMembership(TestClub):
def test_remove_from_club_group(self): def test_remove_from_club_group(self):
"""Test that when a membership ends, the user is removed from club groups.""" """Test that when a membership ends, the user is removed from club groups."""
user = baker.make(User) user = baker.make(User)
baker.make( baker.make(Membership, user=user, club=self.club, end_date=None, role=3)
Membership, user=user, club=self.club, end_date=None, role=self.board_role
)
assert user.groups.contains(self.club.members_group) assert user.groups.contains(self.club.members_group)
assert user.groups.contains(self.club.board_group) assert user.groups.contains(self.club.board_group)
user.memberships.update(end_date=localdate()) user.memberships.update(end_date=localdate())
@@ -494,20 +447,18 @@ class TestMembership(TestClub):
"""Test that when a membership begins, the user is added to the club group.""" """Test that when a membership begins, the user is added to the club group."""
assert not self.subscriber.groups.contains(self.club.members_group) assert not self.subscriber.groups.contains(self.club.members_group)
assert not self.subscriber.groups.contains(self.club.board_group) assert not self.subscriber.groups.contains(self.club.board_group)
baker.make( baker.make(Membership, club=self.club, user=self.subscriber, role=3)
Membership, club=self.club, user=self.subscriber, role=self.board_role
)
assert self.subscriber.groups.contains(self.club.members_group) assert self.subscriber.groups.contains(self.club.members_group)
assert self.subscriber.groups.contains(self.club.board_group) assert self.subscriber.groups.contains(self.club.board_group)
def test_change_position_in_club(self): def test_change_position_in_club(self):
"""Test that when moving from board to members, club group change""" """Test that when moving from board to members, club group change"""
membership = baker.make( membership = baker.make(
Membership, club=self.club, user=self.subscriber, role=self.board_role Membership, club=self.club, user=self.subscriber, role=3
) )
assert self.subscriber.groups.contains(self.club.members_group) assert self.subscriber.groups.contains(self.club.members_group)
assert self.subscriber.groups.contains(self.club.board_group) assert self.subscriber.groups.contains(self.club.board_group)
membership.role = self.member_role membership.role = 1
membership.save() membership.save()
assert self.subscriber.groups.contains(self.club.members_group) assert self.subscriber.groups.contains(self.club.members_group)
assert not self.subscriber.groups.contains(self.club.board_group) assert not self.subscriber.groups.contains(self.club.board_group)
@@ -520,11 +471,7 @@ class TestMembership(TestClub):
# make sli a board member # make sli a board member
self.sli.memberships.all().delete() self.sli.memberships.all().delete()
Membership( Membership(club=self.ae, user=self.sli, role=3).save()
club=self.ae,
user=self.sli,
role=baker.make(ClubRole, club=self.ae, is_board=True),
).save()
assert self.club.is_owned_by(self.sli) assert self.club.is_owned_by(self.sli)
def test_change_club_name(self): def test_change_club_name(self):
@@ -550,7 +497,7 @@ class TestMembership(TestClub):
@pytest.mark.django_db @pytest.mark.django_db
def test_membership_set_old(client: Client): def test_membership_set_old(client: Client):
membership = baker.make(Membership, end_date=None, user=subscriber_user.make()) membership = baker.make(Membership, end_date=None, user=(subscriber_user.make()))
client.force_login(membership.user) client.force_login(membership.user)
response = client.post( response = client.post(
reverse("club:membership_set_old", kwargs={"membership_id": membership.id}) reverse("club:membership_set_old", kwargs={"membership_id": membership.id})
@@ -584,63 +531,55 @@ class TestJoinClub:
cache.clear() cache.clear()
@pytest.mark.parametrize( @pytest.mark.parametrize(
("user_factory", "board_role", "errors"), ("user_factory", "role", "errors"),
[ [
( (
subscriber_user.make, subscriber_user.make,
True, 2,
{ {
"role": [ "role": [
"Sélectionnez un choix valide. " "Sélectionnez un choix valide. 2 n\u2019en fait pas partie."
"Ce choix ne fait pas partie de ceux disponibles."
] ]
}, },
), ),
( (
lambda: baker.make(User), lambda: baker.make(User),
False, 1,
{"__all__": ["Vous devez être cotisant pour faire partie d'un club"]}, {"__all__": ["Vous devez être cotisant pour faire partie d'un club"]},
), ),
], ],
) )
def test_join_club_errors( def test_join_club_errors(
self, user_factory: Callable[[], User], board_role, errors: dict self, user_factory: Callable[[], User], role: int, errors: dict
): ):
club = baker.make(Club) club = baker.make(Club)
user = user_factory() user = user_factory()
role = baker.make(ClubRole, club=club, is_board=board_role) form = JoinClubForm(club=club, request_user=user, data={"role": role})
form = JoinClubForm(club=club, request_user=user, data={"role": role.id})
assert not form.is_valid() assert not form.is_valid()
assert form.errors == errors assert form.errors == errors
def test_user_already_in_club(self): def test_user_already_in_club(self):
club = baker.make(Club)
user = subscriber_user.make() user = subscriber_user.make()
role = baker.make(ClubRole, is_board=False) baker.make(Membership, user=user, club=club)
baker.make(Membership, user=user, club=role.club) form = JoinClubForm(club=club, request_user=user, data={"role": 1})
form = JoinClubForm(club=role.club, request_user=user, data={"role": role.id})
assert not form.is_valid() assert not form.is_valid()
assert form.errors == {"__all__": ["Vous êtes déjà membre de ce club."]} assert form.errors == {"__all__": ["Vous êtes déjà membre de ce club."]}
def test_ok(self): def test_ok(self):
club = baker.make(Club)
user = subscriber_user.make() user = subscriber_user.make()
role = baker.make(ClubRole, is_board=False) form = JoinClubForm(club=club, request_user=user, data={"role": 1})
form = JoinClubForm(club=role.club, request_user=user, data={"role": role.id})
assert form.is_valid() assert form.is_valid()
form.save() form.save()
assert Membership.objects.ongoing().filter(user=user, club=role.club).exists() assert Membership.objects.ongoing().filter(user=user, club=club).exists()
class TestOldMembersView(TestCase): class TestOldMembersView(TestCase):
@classmethod @classmethod
def setUpTestData(cls): def setUpTestData(cls):
club = baker.make(Club) club = baker.make(Club)
roles = baker.make( roles = [1, 1, 1, 2, 2, 4, 4, 5, 7, 9, 10]
ClubRole,
club=club,
is_board=itertools.cycle([True, True, False]),
_quantity=10,
_bulk_create=True,
)
cls.memberships = baker.make( cls.memberships = baker.make(
Membership, Membership,
role=iter(roles), role=iter(roles),

9
club/tests/test_page.py
View File

@@ -5,7 +5,7 @@ from django.urls import reverse
from model_bakery import baker from model_bakery import baker
from pytest_django.asserts import assertHTMLEqual, assertRedirects from pytest_django.asserts import assertHTMLEqual, assertRedirects
from club.models import Club, ClubRole, Membership from club.models import Club, Membership
from core.baker_recipes import subscriber_user from core.baker_recipes import subscriber_user
from core.markdown import markdown from core.markdown import markdown
from core.models import PageRev, User from core.models import PageRev, User
@@ -59,12 +59,7 @@ def test_page_revision(client: Client):
def test_edit_page(client: Client): def test_edit_page(client: Client):
club = baker.make(Club) club = baker.make(Club)
user = subscriber_user.make() user = subscriber_user.make()
baker.make( baker.make(Membership, user=user, club=club, role=3)
Membership,
user=user,
club=club,
role=baker.make(ClubRole, club=club, is_board=True),
)
client.force_login(user) client.force_login(user)
url = reverse("club:club_edit_page", kwargs={"club_id": club.id}) url = reverse("club:club_edit_page", kwargs={"club_id": club.id})
content = "# foo\nLorem ipsum dolor sit amet" content = "# foo\nLorem ipsum dolor sit amet"

7
club/tests/test_user_club_controller.py
View File

@@ -6,7 +6,7 @@ from django.utils.timezone import localdate
from model_bakery import baker from model_bakery import baker
from model_bakery.recipe import Recipe from model_bakery.recipe import Recipe
from club.models import Club, ClubRole, Membership from club.models import Club, Membership
from club.schemas import UserMembershipSchema from club.schemas import UserMembershipSchema
from core.baker_recipes import subscriber_user from core.baker_recipes import subscriber_user
from core.models import Page from core.models import Page
@@ -19,10 +19,7 @@ class TestFetchClub(TestCase):
pages = baker.make(Page, _quantity=3, _bulk_create=True) pages = baker.make(Page, _quantity=3, _bulk_create=True)
clubs = baker.make(Club, page=iter(pages), _quantity=3, _bulk_create=True) clubs = baker.make(Club, page=iter(pages), _quantity=3, _bulk_create=True)
recipe = Recipe( recipe = Recipe(
Membership, Membership, user=cls.user, start_date=localdate() - timedelta(days=2)
user=cls.user,
start_date=localdate() - timedelta(days=2),
role=baker.make(ClubRole),
) )
cls.members = Membership.objects.bulk_create( cls.members = Membership.objects.bulk_create(
[ [

15
club/views.py
View File

@@ -28,6 +28,7 @@ import csv
import itertools import itertools
from typing import TYPE_CHECKING, Any from typing import TYPE_CHECKING, Any
from django.conf import settings
from django.contrib.auth.mixins import LoginRequiredMixin, PermissionRequiredMixin from django.contrib.auth.mixins import LoginRequiredMixin, PermissionRequiredMixin
from django.contrib.messages.views import SuccessMessageMixin from django.contrib.messages.views import SuccessMessageMixin
from django.core.exceptions import NON_FIELD_ERRORS, PermissionDenied, ValidationError from django.core.exceptions import NON_FIELD_ERRORS, PermissionDenied, ValidationError
@@ -317,7 +318,7 @@ class ClubMembersView(
membership = self.object.get_membership_for(self.request.user) membership = self.object.get_membership_for(self.request.user)
if ( if (
membership membership
and not membership.role.is_board and membership.role <= settings.SITH_MAXIMUM_FREE_ROLE
and not self.request.user.has_perm("club.add_membership") and not self.request.user.has_perm("club.add_membership")
): ):
# Simple club members won't see the form anymore. # Simple club members won't see the form anymore.
@@ -342,8 +343,8 @@ class ClubMembersView(
kwargs["members"] = list( kwargs["members"] = list(
self.object.members.ongoing() self.object.members.ongoing()
.annotate(is_editable=Q(id__in=editable)) .annotate(is_editable=Q(id__in=editable))
.order_by("role__order") .order_by("-role")
.select_related("user", "role") .select_related("user")
) )
kwargs["can_end_membership"] = len(editable) > 0 kwargs["can_end_membership"] = len(editable) > 0
return kwargs return kwargs
@@ -371,8 +372,8 @@ class ClubOldMembersView(ClubTabsMixin, PermissionRequiredMixin, DetailView):
return super().get_context_data(**kwargs) | { return super().get_context_data(**kwargs) | {
"old_members": ( "old_members": (
self.object.members.exclude(end_date=None) self.object.members.exclude(end_date=None)
.order_by("role__order", "description", "-end_date") .order_by("-role", "description", "-end_date")
.select_related("user", "role") .select_related("user")
) )
} }
@@ -723,7 +724,9 @@ class MailingAutoGenerationView(View):
def get(self, request, *args, **kwargs): def get(self, request, *args, **kwargs):
club = self.mailing.club club = self.mailing.club
self.mailing.subscriptions.all().delete() self.mailing.subscriptions.all().delete()
members = club.members.ongoing().filter(role__is_board=True) members = club.members.filter(
role__gte=settings.SITH_CLUB_ROLES_ID["Board member"]
).exclude(end_date__lte=timezone.now())
for member in members.all(): for member in members.all():
MailingSubscription(user=member.user, mailing=self.mailing).save() MailingSubscription(user=member.user, mailing=self.mailing).save()
return redirect("club:mailing", club_id=club.id) return redirect("club:mailing", club_id=club.id)

5
com/tests/test_views.py
View File

@@ -28,7 +28,7 @@ from django.utils.translation import gettext as _
from model_bakery import baker from model_bakery import baker
from pytest_django.asserts import assertNumQueries, assertRedirects from pytest_django.asserts import assertNumQueries, assertRedirects
from club.models import Club, ClubRole, Membership from club.models import Club, Membership
from com.models import News, NewsDate, Poster, Sith, Weekmail, WeekmailArticle from com.models import News, NewsDate, Poster, Sith, Weekmail, WeekmailArticle
from core.baker_recipes import subscriber_user from core.baker_recipes import subscriber_user
from core.models import AnonymousUser, Group, User from core.models import AnonymousUser, Group, User
@@ -214,8 +214,7 @@ class TestNewsCreation(TestCase):
def setUpTestData(cls): def setUpTestData(cls):
cls.club = baker.make(Club) cls.club = baker.make(Club)
cls.user = subscriber_user.make() cls.user = subscriber_user.make()
role = baker.make(ClubRole, club=cls.club, is_board=True) baker.make(Membership, user=cls.user, club=cls.club, role=5)
baker.make(Membership, user=cls.user, club=cls.club, role=role)
def setUp(self): def setUp(self):
self.client.force_login(self.user) self.client.force_login(self.user)

2
com/views.py
View File

@@ -504,7 +504,7 @@ class WeekmailArticleCreateView(CreateView):
self.object = form.instance self.object = form.instance
form.is_valid() # Valid a first time to populate club field form.is_valid() # Valid a first time to populate club field
m = form.instance.club.get_membership_for(request.user) m = form.instance.club.get_membership_for(request.user)
if m is None or not m.role.is_board: if m is None or m.role <= settings.SITH_MAXIMUM_FREE_ROLE:
form.add_error( form.add_error(
"club", "club",
ValidationError( ValidationError(

8
core/baker_recipes.py
View File

@@ -4,9 +4,9 @@ from dateutil.relativedelta import relativedelta
from django.conf import settings from django.conf import settings
from django.utils.timezone import localdate, now from django.utils.timezone import localdate, now
from model_bakery import seq from model_bakery import seq
from model_bakery.recipe import Recipe, foreign_key, related from model_bakery.recipe import Recipe, related
from club.models import ClubRole, Membership from club.models import Membership
from core.models import Group, User from core.models import Group, User
from subscription.models import Subscription from subscription.models import Subscription
@@ -52,9 +52,7 @@ ae_board_membership = Recipe(
Membership, Membership,
start_date=now() - timedelta(days=30), start_date=now() - timedelta(days=30),
club_id=settings.SITH_MAIN_CLUB_ID, club_id=settings.SITH_MAIN_CLUB_ID,
role=foreign_key( role=settings.SITH_CLUB_ROLES_ID["Board member"],
Recipe(ClubRole, club_id=settings.SITH_MAIN_CLUB_ID, is_board=True)
),
) )
board_user = Recipe( board_user = Recipe(

19
core/converters.py
View File

@@ -1,19 +1,16 @@
class FourDigitYearConverter: from django.urls.converters import IntConverter, StringConverter
regex = "[0-9]{4}"
def to_python(self, value):
return int(value) class FourDigitYearConverter(IntConverter):
regex = "[0-9]{4}"
def to_url(self, value): def to_url(self, value):
return str(value).zfill(4) return str(value).zfill(4)
class TwoDigitMonthConverter: class TwoDigitMonthConverter(IntConverter):
regex = "[0-9]{2}" regex = "[0-9]{2}"
def to_python(self, value):
return int(value)
def to_url(self, value): def to_url(self, value):
return str(value).zfill(2) return str(value).zfill(2)
@@ -28,3 +25,9 @@ class BooleanStringConverter:
def to_url(self, value): def to_url(self, value):
return str(value) return str(value)
class ResultConverter(StringConverter):
"""Converter whose regex match either "success" or "failure"."""
regex = "(success|failure)"

161
core/management/commands/populate.py
View File

@@ -28,6 +28,7 @@ from typing import ClassVar, NamedTuple
from django.conf import settings from django.conf import settings
from django.contrib.auth.models import Permission from django.contrib.auth.models import Permission
from django.contrib.sites.models import Site from django.contrib.sites.models import Site
from django.core.files.base import ContentFile
from django.core.management import call_command from django.core.management import call_command
from django.core.management.base import BaseCommand from django.core.management.base import BaseCommand
from django.db import connection from django.db import connection
@@ -36,7 +37,7 @@ from django.utils import timezone
from django.utils.timezone import localdate from django.utils.timezone import localdate
from PIL import Image from PIL import Image
from club.models import Club, ClubRole, Membership from club.models import Club, Membership
from com.ics_calendar import IcsCalendar from com.ics_calendar import IcsCalendar
from com.models import News, NewsDate, Sith, Weekmail from com.models import News, NewsDate, Sith, Weekmail
from core.models import BanGroup, Group, Page, PageRev, SithFile, User from core.models import BanGroup, Group, Page, PageRev, SithFile, User
@@ -62,13 +63,6 @@ class PopulatedGroups(NamedTuple):
campus_admin: Group campus_admin: Group
class PopulatedClubs(NamedTuple):
ae: Club
troll: Club
pdf: Club
refound: Club
class Command(BaseCommand): class Command(BaseCommand):
ROOT_PATH: ClassVar[Path] = Path(__file__).parent.parent.parent.parent ROOT_PATH: ClassVar[Path] = Path(__file__).parent.parent.parent.parent
SAS_FIXTURE_PATH: ClassVar[Path] = ( SAS_FIXTURE_PATH: ClassVar[Path] = (
@@ -111,23 +105,43 @@ class Command(BaseCommand):
) )
self.profiles_root = SithFile.objects.create(name="profiles", owner=root) self.profiles_root = SithFile.objects.create(name="profiles", owner=root)
home_root = SithFile.objects.create(name="users", owner=root) home_root = SithFile.objects.create(name="users", owner=root)
club_root = SithFile.objects.create(name="clubs", owner=root)
sas = SithFile.objects.create(name="SAS", owner=root)
SithFile.objects.create(
name="CGU",
is_folder=False,
file=ContentFile(
content="Conditions générales d'utilisation", name="cgu.txt"
),
owner=root,
)
# Page needed for club creation # Page needed for club creation
p = Page(name=settings.SITH_CLUB_ROOT_PAGE) p = Page(name=settings.SITH_CLUB_ROOT_PAGE)
p.save(force_lock=True) p.save(force_lock=True)
club_root = SithFile.objects.create(name="clubs", owner=root) main_club = Club.objects.create(
sas = SithFile.objects.create(name="SAS", owner=root) id=1, name="AE", address="6 Boulevard Anatole France, 90000 Belfort"
clubs = self._create_clubs() )
main_club.board_group.permissions.add(
*Permission.objects.filter(
codename__in=["view_subscription", "add_subscription"]
)
)
bar_club = Club.objects.create(
id=settings.SITH_PDF_CLUB_ID,
name="PdF",
address="6 Boulevard Anatole France, 90000 Belfort",
)
self.reset_index("club") self.reset_index("club")
for bar_id, bar_name in settings.SITH_COUNTER_BARS: for bar_id, bar_name in settings.SITH_COUNTER_BARS:
Counter(id=bar_id, name=bar_name, club=clubs.pdf, type="BAR").save() Counter(id=bar_id, name=bar_name, club=bar_club, type="BAR").save()
self.reset_index("counter") self.reset_index("counter")
counters = [ counters = [
Counter(name="Eboutic", club=clubs.ae, type="EBOUTIC"), Counter(name="Eboutic", club=main_club, type="EBOUTIC"),
Counter(name="AE", club=clubs.ae, type="OFFICE"), Counter(name="AE", club=main_club, type="OFFICE"),
Counter(name="Vidage comptes AE", club=clubs.ae, type="OFFICE"), Counter(name="Vidage comptes AE", club=main_club, type="OFFICE"),
] ]
Counter.objects.bulk_create(counters) Counter.objects.bulk_create(counters)
bar_groups = [] bar_groups = []
@@ -310,41 +324,54 @@ class Command(BaseCommand):
self._create_subscription(tutu) self._create_subscription(tutu)
StudentCard(uid="9A89B82018B0A0", customer=sli.customer).save() StudentCard(uid="9A89B82018B0A0", customer=sli.customer).save()
Membership.objects.create( # Clubs
user=skia, club=clubs.ae, role=clubs.ae.roles.get(name="Respo Info") Club.objects.create(
name="Bibo'UT", address="46 de la Boustifaille", parent=main_club
) )
guyut = Club.objects.create(
name="Guy'UT", address="42 de la Boustifaille", parent=main_club
)
Club.objects.create(name="Woenzel'UT", address="Woenzel", parent=guyut)
troll = Club.objects.create(
name="Troll Penché", address="Terre Du Milieu", parent=main_club
)
refound = Club.objects.create(
name="Carte AE", address="Jamais imprimée", parent=main_club
)
Membership.objects.create(user=skia, club=main_club, role=3)
Membership.objects.create( Membership.objects.create(
user=comunity, user=comunity,
club=clubs.pdf, club=bar_club,
start_date=localdate(), start_date=localdate(),
role=clubs.pdf.roles.get(name="Membre du bureau"), role=settings.SITH_CLUB_ROLES_ID["Board member"],
) )
Membership.objects.create( Membership.objects.create(
user=sli, user=sli,
club=clubs.troll, club=troll,
role=clubs.troll.roles.get(name="Vice-Président⸱e"), role=9,
description="Padawan Troll", description="Padawan Troll",
start_date=localdate() - timedelta(days=17), start_date=localdate() - timedelta(days=17),
) )
Membership.objects.create( Membership.objects.create(
user=krophil, user=krophil,
club=clubs.troll, club=troll,
role=clubs.troll.roles.get(name="Président⸱e"), role=10,
description="Maitre Troll", description="Maitre Troll",
start_date=localdate() - timedelta(days=200), start_date=localdate() - timedelta(days=200),
) )
Membership.objects.create( Membership.objects.create(
user=skia, user=skia,
club=clubs.troll, club=troll,
role=clubs.troll.roles.get(name="Membre du bureau"), role=2,
description="Grand Ancien Troll", description="Grand Ancien Troll",
start_date=localdate() - timedelta(days=400), start_date=localdate() - timedelta(days=400),
end_date=localdate() - timedelta(days=86), end_date=localdate() - timedelta(days=86),
) )
Membership.objects.create( Membership.objects.create(
user=richard, user=richard,
club=clubs.troll, club=troll,
role=clubs.troll.roles.get(name="Membre du bureau"), role=2,
description="", description="",
start_date=localdate() - timedelta(days=200), start_date=localdate() - timedelta(days=200),
end_date=localdate() - timedelta(days=100), end_date=localdate() - timedelta(days=100),
@@ -361,7 +388,7 @@ class Command(BaseCommand):
purchase_price="15", purchase_price="15",
selling_price="15", selling_price="15",
special_selling_price="15", special_selling_price="15",
club=clubs.ae, club=main_club,
) )
cotis2 = Product.objects.create( cotis2 = Product.objects.create(
name="Cotis 2 semestres", name="Cotis 2 semestres",
@@ -370,7 +397,7 @@ class Command(BaseCommand):
purchase_price="28", purchase_price="28",
selling_price="28", selling_price="28",
special_selling_price="28", special_selling_price="28",
club=clubs.ae, club=main_club,
) )
refill = Product.objects.create( refill = Product.objects.create(
name="Rechargement 15 €", name="Rechargement 15 €",
@@ -379,7 +406,7 @@ class Command(BaseCommand):
purchase_price="15", purchase_price="15",
selling_price="15", selling_price="15",
special_selling_price="15", special_selling_price="15",
club=clubs.ae, club=main_club,
) )
barb = Product.objects.create( barb = Product.objects.create(
name="Barbar", name="Barbar",
@@ -388,7 +415,7 @@ class Command(BaseCommand):
purchase_price="1.50", purchase_price="1.50",
selling_price="1.7", selling_price="1.7",
special_selling_price="1.6", special_selling_price="1.6",
club=clubs.ae, club=main_club,
limit_age=18, limit_age=18,
) )
cble = Product.objects.create( cble = Product.objects.create(
@@ -398,7 +425,7 @@ class Command(BaseCommand):
purchase_price="1.50", purchase_price="1.50",
selling_price="1.7", selling_price="1.7",
special_selling_price="1.6", special_selling_price="1.6",
club=clubs.ae, club=main_club,
limit_age=18, limit_age=18,
) )
cons = Product.objects.create( cons = Product.objects.create(
@@ -408,7 +435,7 @@ class Command(BaseCommand):
purchase_price="1", purchase_price="1",
selling_price="1", selling_price="1",
special_selling_price="1", special_selling_price="1",
club=clubs.ae, club=main_club,
) )
dcons = Product.objects.create( dcons = Product.objects.create(
name="Déconsigne Eco-cup", name="Déconsigne Eco-cup",
@@ -417,7 +444,7 @@ class Command(BaseCommand):
purchase_price="-1", purchase_price="-1",
selling_price="-1", selling_price="-1",
special_selling_price="-1", special_selling_price="-1",
club=clubs.ae, club=main_club,
) )
cors = Product.objects.create( cors = Product.objects.create(
name="Corsendonk", name="Corsendonk",
@@ -426,7 +453,7 @@ class Command(BaseCommand):
purchase_price="1.50", purchase_price="1.50",
selling_price="1.7", selling_price="1.7",
special_selling_price="1.6", special_selling_price="1.6",
club=clubs.ae, club=main_club,
limit_age=18, limit_age=18,
) )
carolus = Product.objects.create( carolus = Product.objects.create(
@@ -436,7 +463,7 @@ class Command(BaseCommand):
purchase_price="1.50", purchase_price="1.50",
selling_price="1.7", selling_price="1.7",
special_selling_price="1.6", special_selling_price="1.6",
club=clubs.ae, club=main_club,
limit_age=18, limit_age=18,
) )
Product.objects.create( Product.objects.create(
@@ -445,7 +472,7 @@ class Command(BaseCommand):
purchase_price="0", purchase_price="0",
selling_price="0", selling_price="0",
special_selling_price="0", special_selling_price="0",
club=clubs.refound, club=refound,
) )
groups.subscribers.products.add( groups.subscribers.products.add(
cotis, cotis2, refill, barb, cble, cors, carolus cotis, cotis2, refill, barb, cble, cors, carolus
@@ -458,7 +485,7 @@ class Command(BaseCommand):
eboutic = Counter.objects.get(name="Eboutic") eboutic = Counter.objects.get(name="Eboutic")
eboutic.products.add(barb, cotis, cotis2, refill) eboutic.products.add(barb, cotis, cotis2, refill)
Counter.objects.create(name="Carte AE", club=clubs.refound, type="OFFICE") Counter.objects.create(name="Carte AE", club=refound, type="OFFICE")
ReturnableProduct.objects.create( ReturnableProduct.objects.create(
product=cons, returned_product=dcons, max_return=3 product=cons, returned_product=dcons, max_return=3
@@ -482,7 +509,7 @@ class Command(BaseCommand):
end_date="7942-06-12 10:28:45+01", end_date="7942-06-12 10:28:45+01",
) )
el.view_groups.add(groups.public) el.view_groups.add(groups.public)
el.edit_groups.add(clubs.ae.board_group) el.edit_groups.add(main_club.board_group)
el.candidature_groups.add(groups.subscribers) el.candidature_groups.add(groups.subscribers)
el.vote_groups.add(groups.subscribers) el.vote_groups.add(groups.subscribers)
liste = ElectionList.objects.create(title="Candidature Libre", election=el) liste = ElectionList.objects.create(title="Candidature Libre", election=el)
@@ -555,7 +582,7 @@ class Command(BaseCommand):
title="Apero barman", title="Apero barman",
summary="Viens boire un coup avec les barmans", summary="Viens boire un coup avec les barmans",
content="Glou glou glou glou glou glou glou", content="Glou glou glou glou glou glou glou",
club=clubs.pdf, club=bar_club,
author=subscriber, author=subscriber,
is_published=True, is_published=True,
moderator=skia, moderator=skia,
@@ -573,7 +600,7 @@ class Command(BaseCommand):
content=( content=(
"Viens donc t'enjailler avec les autres barmans aux frais du BdF! \\o/" "Viens donc t'enjailler avec les autres barmans aux frais du BdF! \\o/"
), ),
club=clubs.pdf, club=bar_club,
author=subscriber, author=subscriber,
is_published=True, is_published=True,
moderator=skia, moderator=skia,
@@ -589,7 +616,7 @@ class Command(BaseCommand):
title="Repas fromager", title="Repas fromager",
summary="Wien manger du l'bon fromeug'", summary="Wien manger du l'bon fromeug'",
content="Fô viendre mangey d'la bonne fondue!", content="Fô viendre mangey d'la bonne fondue!",
club=clubs.pdf, club=bar_club,
author=subscriber, author=subscriber,
is_published=True, is_published=True,
moderator=skia, moderator=skia,
@@ -605,7 +632,7 @@ class Command(BaseCommand):
title="SdF", title="SdF",
summary="Enjoy la fin des finaux!", summary="Enjoy la fin des finaux!",
content="Viens faire la fête avec tout plein de gens!", content="Viens faire la fête avec tout plein de gens!",
club=clubs.pdf, club=bar_club,
author=subscriber, author=subscriber,
is_published=True, is_published=True,
moderator=skia, moderator=skia,
@@ -623,7 +650,7 @@ class Command(BaseCommand):
summary="Viens jouer!", summary="Viens jouer!",
content="Rejoins la fine équipe du Troll Penché et viens " content="Rejoins la fine équipe du Troll Penché et viens "
"t'amuser le Vendredi soir!", "t'amuser le Vendredi soir!",
club=clubs.troll, club=troll,
author=subscriber, author=subscriber,
is_published=True, is_published=True,
moderator=skia, moderator=skia,
@@ -760,52 +787,6 @@ class Command(BaseCommand):
) )
s.save() s.save()
def _create_clubs(self) -> PopulatedClubs:
ae = Club.objects.create(
id=1, name="AE", address="6 Boulevard Anatole France, 90000 Belfort"
)
ae.board_group.permissions.add(
*Permission.objects.filter(
codename__in=["view_subscription", "add_subscription", "add_membership"]
)
)
pdf = Club.objects.create(
id=settings.SITH_PDF_CLUB_ID,
name="PdF",
address="6 Boulevard Anatole France, 90000 Belfort",
)
troll = Club.objects.create(
name="Troll Penché", address="Terre Du Milieu", parent=ae
)
refound = Club.objects.create(
name="Carte AE", address="Jamais imprimée", parent=ae
)
roles = []
presidency_roles = ["Président⸱e", "Vice-Président⸱e"]
board_roles = [
"Trésorier⸱e",
"Secrétaire",
"Respo Info",
"Respo Com",
"Membre du bureau",
]
simple_roles = ["Membre actif⸱ve", "Curieux⸱euse"]
for club in ae, pdf, troll, refound:
for i, role in enumerate(presidency_roles):
roles.append(
ClubRole(
club=club, order=i, name=role, is_presidency=True, is_board=True
)
)
for i, role in enumerate(board_roles, start=len(presidency_roles)):
roles.append(ClubRole(club=club, order=i, name=role, is_board=True))
for i, role in enumerate(
simple_roles, start=len(presidency_roles) + len(board_roles)
):
roles.append(ClubRole(club=club, order=i, name=role))
ClubRole.objects.bulk_create(roles)
return PopulatedClubs(ae=ae, troll=troll, pdf=pdf, refound=refound)
def _create_groups(self) -> PopulatedGroups: def _create_groups(self) -> PopulatedGroups:
perms = Permission.objects.all() perms = Permission.objects.all()

47
core/management/commands/populate_more.py
View File

@@ -1,3 +1,4 @@
import math
import random import random
from datetime import date, timedelta from datetime import date, timedelta
from datetime import timezone as tz from datetime import timezone as tz
@@ -11,7 +12,7 @@ from django.db.models import Count, Exists, Min, OuterRef, Subquery
from django.utils.timezone import localdate, make_aware, now from django.utils.timezone import localdate, make_aware, now
from faker import Faker from faker import Faker
from club.models import Club, ClubRole, Membership from club.models import Club, Membership
from core.models import Group, User, UserBan from core.models import Group, User, UserBan
from counter.models import ( from counter.models import (
Counter, Counter,
@@ -34,12 +35,17 @@ class Command(BaseCommand):
super().__init__(*args, **kwargs) super().__init__(*args, **kwargs)
self.faker = Faker("fr_FR") self.faker = Faker("fr_FR")
def add_arguments(self, parser):
parser.add_argument(
"-n", "--nb-users", help="Number of users to create", type=int, default=600
)
def handle(self, *args, **options): def handle(self, *args, **options):
if not settings.DEBUG: if not settings.DEBUG:
raise Exception("Never call this command in prod. Never.") raise Exception("Never call this command in prod. Never.")
self.stdout.write("Creating users...") self.stdout.write("Creating users...")
users = self.create_users() users = self.create_users(options["nb_users"])
self.create_bans(random.sample(users, k=len(users) // 200)) # 0.5% of users self.create_bans(random.sample(users, k=len(users) // 200)) # 0.5% of users
subscribers = random.sample(users, k=int(0.8 * len(users))) subscribers = random.sample(users, k=int(0.8 * len(users)))
self.stdout.write("Creating subscriptions...") self.stdout.write("Creating subscriptions...")
@@ -79,7 +85,7 @@ class Command(BaseCommand):
self.stdout.write("Creating products...") self.stdout.write("Creating products...")
self.create_products() self.create_products()
self.stdout.write("Creating sales and refills...") self.stdout.write("Creating sales and refills...")
sellers = random.sample(list(User.objects.all()), 100) sellers = random.sample(users, len(users) // 10)
self.create_sales(sellers) self.create_sales(sellers)
self.stdout.write("Creating permanences...") self.stdout.write("Creating permanences...")
self.create_permanences(sellers) self.create_permanences(sellers)
@@ -88,7 +94,7 @@ class Command(BaseCommand):
self.stdout.write("Done") self.stdout.write("Done")
def create_users(self) -> list[User]: def create_users(self, nb_users: int = 600) -> list[User]:
# Create a single password hash for all users to make it faster. # Create a single password hash for all users to make it faster.
# It's insecure as hell, but it's ok since it's only for dev purposes. # It's insecure as hell, but it's ok since it's only for dev purposes.
password = make_password("plop") password = make_password("plop")
@@ -107,7 +113,7 @@ class Command(BaseCommand):
address=self.faker.address(), address=self.faker.address(),
password=password, password=password,
) )
for _ in range(600) for _ in range(nb_users)
] ]
# there may a duplicate or two # there may a duplicate or two
# Not a problem, we will just have 599 users instead of 600 # Not a problem, we will just have 599 users instead of 600
@@ -172,25 +178,20 @@ class Command(BaseCommand):
Customer.objects.bulk_create(customers, ignore_conflicts=True) Customer.objects.bulk_create(customers, ignore_conflicts=True)
def make_club(self, club: Club, members: list[User], old_members: list[User]): def make_club(self, club: Club, members: list[User], old_members: list[User]):
roles: list[ClubRole] = list(club.roles.all()) def zip_roles(users: list[User]) -> Iterator[tuple[User, int]]:
roles = iter(sorted(settings.SITH_CLUB_ROLES.keys(), reverse=True))
def zip_roles(users: list[User]) -> Iterator[tuple[User, ClubRole]]:
important_roles = [r for r in roles if r.is_board]
important_roles.sort(key=lambda r: r.order)
simple_board_role = important_roles.pop()
member_roles = [r for r in roles if not r.is_board]
user_idx = 0 user_idx = 0
for _role in important_roles: while (role := next(roles)) > 2:
# one member for each major role # one member for each major role
yield users[user_idx], _role yield users[user_idx], role
user_idx += 1 user_idx += 1
for _ in range(int(0.3 * (len(users) - user_idx))): for _ in range(int(0.3 * (len(users) - user_idx))):
# 30% of the remaining in the board # 30% of the remaining in the board
yield users[user_idx], simple_board_role yield users[user_idx], 2
user_idx += 1 user_idx += 1
for remaining in users[user_idx + 1 :]: for remaining in users[user_idx + 1 :]:
# everything else is a simple member # everything else is a simple member
yield remaining, random.choices(member_roles, weights=(0.8, 0.2))[0] yield remaining, 1
memberships = [] memberships = []
old_members = old_members.copy() old_members = old_members.copy()
@@ -202,14 +203,19 @@ class Command(BaseCommand):
start_date=start, start_date=start,
end_date=self.faker.past_date(start), end_date=self.faker.past_date(start),
user=old, user=old,
role=random.choice(roles), role=random.choice(list(settings.SITH_CLUB_ROLES.keys())),
club=club, club=club,
) )
) )
for member, role in zip_roles(members): for member, role in zip_roles(members):
start = self.faker.past_date("-1y") start = self.faker.past_date("-1y")
memberships.append( memberships.append(
Membership(start_date=start, user=member, role=role, club=club) Membership(
start_date=start,
user=member,
role=role,
club=club,
)
) )
memberships = Membership.objects.bulk_create(memberships) memberships = Membership.objects.bulk_create(memberships)
Membership._add_club_groups(memberships) Membership._add_club_groups(memberships)
@@ -410,8 +416,9 @@ class Command(BaseCommand):
Permanency.objects.bulk_create(perms) Permanency.objects.bulk_create(perms)
def create_forums(self): def create_forums(self):
forumers = random.sample(list(User.objects.all()), 100) users = list(User.objects.all())
most_actives = random.sample(forumers, 10) forumers = random.sample(users, math.ceil(len(users) / 10))
most_actives = random.sample(forumers, math.ceil(len(forumers) / 6))
categories = list(Forum.objects.filter(is_category=True)) categories = list(Forum.objects.filter(is_category=True))
new_forums = [ new_forums = [
Forum(name=self.faker.text(20), parent=random.choice(categories)) Forum(name=self.faker.text(20), parent=random.choice(categories))

1
core/static/bundled/core/components/nfc-input-index.ts
View File

@@ -26,6 +26,7 @@ export class NfcInput extends inheritHtmlElement("input") {
window.alert(gettext("Unsupported NFC card")); window.alert(gettext("Unsupported NFC card"));
}); });
// biome-ignore lint/correctness/noUndeclaredVariables: browser API
ndef.addEventListener("reading", (event: NDEFReadingEvent) => { ndef.addEventListener("reading", (event: NDEFReadingEvent) => {
this.removeAttribute("scan"); this.removeAttribute("scan");
this.node.value = event.serialNumber.replace(/:/g, "").toUpperCase(); this.node.value = event.serialNumber.replace(/:/g, "").toUpperCase();

1
core/static/core/base.css
View File

@@ -115,6 +115,7 @@ blockquote:before,
blockquote:after, blockquote:after,
q:before, q:before,
q:after { q:after {
content: "";
content: none; content: none;
} }
table { table {

1
core/static/core/forms.scss
View File

@@ -141,7 +141,6 @@ form {
display: block; display: block;
margin: calc(var(--nf-input-size) * 1.5) auto 10px; margin: calc(var(--nf-input-size) * 1.5) auto 10px;
line-height: 1; line-height: 1;
white-space: nowrap;
.fields-centered { .fields-centered {
padding: 10px 10px 0; padding: 10px 10px 0;

13
core/templates/core/base/notifications.jinja
View File

@@ -1,14 +1,11 @@
<div id="quick-notifications" <div id="quick-notifications"
x-data="{ x-data="{
messages: [ messages: [
{% if messages %} {%- if messages -%}
{% for message in messages %} {%- for message in messages -%}
{ { tag: '{{ message.tags }}', text: '{{ message }}' },
tag: '{{ message.tags }}', {%- endfor -%}
text: '{{ message }}', {%- endif -%}
},
{% endfor %}
{% endif %}
] ]
}" }"
@quick-notification-add="(e) => messages.push(e?.detail)" @quick-notification-add="(e) => messages.push(e?.detail)"

8
core/templates/core/user_clubs.jinja
View File

@@ -23,10 +23,10 @@
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
{% for m in profile.memberships.ongoing().select_related("role") %} {% for m in profile.memberships.filter(end_date=None).all() %}
<tr> <tr>
<td><a href="{{ url('club:club_members', club_id=m.club.id) }}">{{ m.club }}</a></td> <td><a href="{{ url('club:club_members', club_id=m.club.id) }}">{{ m.club }}</a></td>
<td>{{ m.role.name }}</td> <td>{{ settings.SITH_CLUB_ROLES[m.role] }}</td>
<td>{{ m.description }}</td> <td>{{ m.description }}</td>
<td>{{ m.start_date }}</td> <td>{{ m.start_date }}</td>
{% if m.can_be_edited_by(user) %} {% if m.can_be_edited_by(user) %}
@@ -65,10 +65,10 @@
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
{% for m in profile.memberships.ongoing().select_related("role") %} {% for m in profile.memberships.exclude(end_date=None).all() %}
<tr> <tr>
<td><a href="{{ url('club:club_members', club_id=m.club.id) }}">{{ m.club }}</a></td> <td><a href="{{ url('club:club_members', club_id=m.club.id) }}">{{ m.club }}</a></td>
<td>{{ m.role.name }}</td> <td>{{ settings.SITH_CLUB_ROLES[m.role] }}</td>
<td>{{ m.description }}</td> <td>{{ m.description }}</td>
<td>{{ m.start_date }}</td> <td>{{ m.start_date }}</td>
<td>{{ m.end_date }}</td> <td>{{ m.end_date }}</td>

13
core/tests/test_commands.py Normal file
View File

@@ -0,0 +1,13 @@
import contextlib
import os
import pytest
from django.core.management import call_command
@pytest.mark.django_db
def test_populate_more(settings):
"""Just check that populate more doesn't crash"""
settings.DEBUG = True
with open(os.devnull, "w") as devnull, contextlib.redirect_stdout(devnull):
call_command("populate_more", "--nb-users", "50")

5
core/tests/test_page.py
View File

@@ -11,7 +11,7 @@ from django.utils.timezone import now
from model_bakery import baker from model_bakery import baker
from pytest_django.asserts import assertHTMLEqual, assertRedirects from pytest_django.asserts import assertHTMLEqual, assertRedirects
from club.models import Club, Membership from club.models import Club
from core.baker_recipes import board_user, subscriber_user from core.baker_recipes import board_user, subscriber_user
from core.markdown import markdown from core.markdown import markdown
from core.models import AnonymousUser, Page, PageRev, User from core.models import AnonymousUser, Page, PageRev, User
@@ -122,9 +122,6 @@ def test_page_revision_club_redirection(client: Client):
@pytest.mark.django_db @pytest.mark.django_db
def test_viewable_by(): def test_viewable_by():
# remove existing pages to prevent side effect # remove existing pages to prevent side effect
# club pages are protected, so we must delete clubs first
Membership.objects.all().delete()
Club.objects.all().delete()
Page.objects.all().delete() Page.objects.all().delete()
view_groups = [ view_groups = [
[settings.SITH_GROUP_PUBLIC_ID], [settings.SITH_GROUP_PUBLIC_ID],

43
core/utils.py
View File

@@ -12,22 +12,32 @@
# OR WITHIN THE LOCAL FILE "LICENSE" # OR WITHIN THE LOCAL FILE "LICENSE"
# #
# #
from __future__ import annotations
import hmac
from datetime import date, timedelta from datetime import date, timedelta
# Image utils # Image utils
from io import BytesIO from io import BytesIO
from typing import Final from typing import TYPE_CHECKING
from urllib.parse import urlencode
import PIL import PIL
from django.conf import settings from django.conf import settings
from django.core.files.base import ContentFile from django.core.files.base import ContentFile
from django.core.files.uploadedfile import UploadedFile
from django.http import HttpRequest
from django.utils.timezone import localdate from django.utils.timezone import localdate
from PIL import ExifTags from PIL import ExifTags
from PIL.Image import Image, Resampling from PIL.Image import Image, Resampling
if TYPE_CHECKING:
from _hashlib import HASH
from collections.abc import Buffer, Mapping, Sequence
from typing import Any, Callable, Final
from django.core.files.uploadedfile import UploadedFile
from django.http import HttpRequest
RED_PIXEL_PNG: Final[bytes] = ( RED_PIXEL_PNG: Final[bytes] = (
b"\x89\x50\x4e\x47\x0d\x0a\x1a\x0a\x00\x00\x00\x0d\x49\x48\x44\x52" b"\x89\x50\x4e\x47\x0d\x0a\x1a\x0a\x00\x00\x00\x0d\x49\x48\x44\x52"
b"\x00\x00\x00\x01\x00\x00\x00\x01\x08\x02\x00\x00\x00\x90\x77\x53" b"\x00\x00\x00\x01\x00\x00\x00\x01\x08\x02\x00\x00\x00\x90\x77\x53"
@@ -205,3 +215,30 @@ def get_client_ip(request: HttpRequest) -> str | None:
return ip return ip
return None return None
def hmac_hexdigest(
key: str | bytes,
data: Mapping[str, Any] | Sequence[tuple[str, Any]],
digest: str | Callable[[Buffer], HASH] = "sha512",
) -> str:
"""Return the hexdigest of the signature of the given data.
Args:
key: the HMAC key used for the signature
data: the data to sign
digest: a PEP247 hashing algorithm (by default, sha512)
Examples:
```python
data = {
"foo": 5,
"bar": "somevalue",
}
hmac_key = secrets.token_hex(64)
signature = hmac_hexdigest(hmac_key, data, "sha256")
```
"""
if isinstance(key, str):
key = key.encode()
return hmac.digest(key, urlencode(data).encode(), digest).hex()

29
core/views/user.py
View File

@@ -248,15 +248,14 @@ class UserTabsMixin(TabedViewMixin):
"name": _("Groups"), "name": _("Groups"),
} }
) )
can_view_account = ( if (
hasattr(user, "customer") hasattr(user, "customer")
and user.customer and user.customer
and ( and (
user == self.request.user user == self.request.user
or self.request.user.has_perm("counter.view_customer") or self.request.user.has_perm("counter.view_customer")
) )
) ):
if can_view_account or user.preferences.show_my_stats:
tab_list.append( tab_list.append(
{ {
"url": reverse("core:user_stats", kwargs={"user_id": user.id}), "url": reverse("core:user_stats", kwargs={"user_id": user.id}),
@@ -264,7 +263,6 @@ class UserTabsMixin(TabedViewMixin):
"name": _("Stats"), "name": _("Stats"),
} }
) )
if can_view_account:
tab_list.append( tab_list.append(
{ {
"url": reverse("core:user_account", kwargs={"user_id": user.id}), "url": reverse("core:user_account", kwargs={"user_id": user.id}),
@@ -351,7 +349,7 @@ class UserGodfathersTreeView(UserTabsMixin, CanViewMixin, DetailView):
return kwargs return kwargs
class UserStatsView(UserTabsMixin, UserPassesTestMixin, DetailView): class UserStatsView(UserTabsMixin, CanViewMixin, DetailView):
"""Display a user's stats.""" """Display a user's stats."""
model = User model = User
@@ -359,20 +357,15 @@ class UserStatsView(UserTabsMixin, UserPassesTestMixin, DetailView):
context_object_name = "profile" context_object_name = "profile"
template_name = "core/user_stats.jinja" template_name = "core/user_stats.jinja"
current_tab = "stats" current_tab = "stats"
queryset = User.objects.exclude(customer=None).select_related( queryset = User.objects.exclude(customer=None).select_related("customer")
"customer", "_preferences"
)
def test_func(self): def dispatch(self, request, *arg, **kwargs):
profile: User = self.get_object() profile = self.get_object()
return ( if not (
profile == self.request.user profile == request.user or request.user.has_perm("counter.view_customer")
or self.request.user.has_perm("counter.view_customer") ):
or ( raise PermissionDenied
self.request.user.can_view(profile) return super().dispatch(request, *arg, **kwargs)
and profile.preferences.show_my_stats
)
)
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
kwargs = super().get_context_data(**kwargs) kwargs = super().get_context_data(**kwargs)

88
counter/forms.py
View File

@@ -5,7 +5,6 @@ from datetime import date, datetime, timezone
from dateutil.relativedelta import relativedelta from dateutil.relativedelta import relativedelta
from django import forms from django import forms
from django.core.exceptions import ValidationError
from django.core.validators import MaxValueValidator from django.core.validators import MaxValueValidator
from django.db.models import Exists, OuterRef, Q from django.db.models import Exists, OuterRef, Q
from django.forms import BaseModelFormSet from django.forms import BaseModelFormSet
@@ -16,7 +15,7 @@ from phonenumber_field.widgets import RegionalPhoneNumberWidget
from club.models import Club from club.models import Club
from club.widgets.ajax_select import AutoCompleteSelectClub from club.widgets.ajax_select import AutoCompleteSelectClub
from core.models import User, UserQuerySet from core.models import User
from core.views.forms import ( from core.views.forms import (
FutureDateTimeField, FutureDateTimeField,
NFCTextInput, NFCTextInput,
@@ -33,7 +32,6 @@ from core.views.widgets.ajax_select import (
from counter.models import ( from counter.models import (
BillingInfo, BillingInfo,
Counter, Counter,
CounterSellers,
Customer, Customer,
Eticket, Eticket,
InvoiceCall, InvoiceCall,
@@ -172,39 +170,14 @@ class RefillForm(forms.ModelForm):
class CounterEditForm(forms.ModelForm): class CounterEditForm(forms.ModelForm):
class Meta: class Meta:
model = Counter model = Counter
fields = ["products"] fields = ["sellers", "products"]
widgets = {"sellers": AutoCompleteSelectMultipleUser}
sellers_regular = forms.ModelMultipleChoiceField(
label=_("Regular barmen"),
help_text=_(
"Barmen having regular permanences "
"or frequently giving a hand throughout the semester."
),
queryset=User.objects.all(),
widget=AutoCompleteSelectMultipleUser,
required=False,
)
sellers_temporary = forms.ModelMultipleChoiceField(
label=_("Temporary barmen"),
help_text=_(
"Barmen who will be there only for a limited period (e.g. for one evening)"
),
queryset=User.objects.all(),
widget=AutoCompleteSelectMultipleUser,
required=False,
)
field_order = ["sellers_regular", "sellers_temporary", "products"]
def __init__(self, *args, user: User, instance: Counter, **kwargs): def __init__(self, *args, user: User, instance: Counter, **kwargs):
super().__init__(*args, instance=instance, **kwargs) super().__init__(*args, instance=instance, **kwargs)
# if the user is an admin, he will have access to all products,
# else only to active products owned by the counter's club
# or already on the counter
if user.has_perm("counter.change_counter"): if user.has_perm("counter.change_counter"):
self.fields["products"].widget = AutoCompleteSelectMultipleProduct() self.fields["products"].widget = AutoCompleteSelectMultipleProduct()
else: else:
# updating the queryset of the field also updates the choices of
# the widget, so it's important to set the queryset after the widget
self.fields["products"].widget = AutoCompleteSelectMultiple() self.fields["products"].widget = AutoCompleteSelectMultiple()
self.fields["products"].queryset = Product.objects.filter( self.fields["products"].queryset = Product.objects.filter(
Q(club_id=instance.club_id) | Q(counters=instance), archived=False Q(club_id=instance.club_id) | Q(counters=instance), archived=False
@@ -213,61 +186,6 @@ class CounterEditForm(forms.ModelForm):
"If you want to add a product that is not owned by " "If you want to add a product that is not owned by "
"your club to this counter, you should ask an admin." "your club to this counter, you should ask an admin."
) )
self.fields["sellers_regular"].initial = self.instance.sellers.filter(
countersellers__is_regular=True
).all()
self.fields["sellers_temporary"].initial = self.instance.sellers.filter(
countersellers__is_regular=False
).all()
def clean(self):
regular: UserQuerySet = self.cleaned_data["sellers_regular"]
temporary: UserQuerySet = self.cleaned_data["sellers_temporary"]
duplicates = list(regular.intersection(temporary))
if duplicates:
raise ValidationError(
_(
"A user cannot be a regular and a temporary barman "
"at the same time, "
"but the following users have been defined as both : %(users)s"
)
% {"users": ", ".join([u.get_display_name() for u in duplicates])}
)
return self.cleaned_data
def save_sellers(self):
sellers = []
for users, is_regular in (
(self.cleaned_data["sellers_regular"], True),
(self.cleaned_data["sellers_temporary"], False),
):
sellers.extend(
[
CounterSellers(counter=self.instance, user=u, is_regular=is_regular)
for u in users
]
)
# start by deleting removed CounterSellers objects
user_ids = [seller.user.id for seller in sellers]
CounterSellers.objects.filter(
~Q(user_id__in=user_ids), counter=self.instance
).delete()
# then create or update the new barmen
CounterSellers.objects.bulk_create(
sellers,
update_conflicts=True,
update_fields=["is_regular"],
unique_fields=["user", "counter"],
)
def save(self, commit=True): # noqa: FBT002
self.instance = super().save(commit=commit)
if commit and any(
key in self.changed_data for key in ("sellers_regular", "sellers_temporary")
):
self.save_sellers()
return self.instance
class ScheduledProductActionForm(forms.ModelForm): class ScheduledProductActionForm(forms.ModelForm):

88
counter/migrations/0038_countersellers.py
View File

@@ -1,88 +0,0 @@
# Generated by Django 5.2.11 on 2026-03-04 15:26
import django.db.models.deletion
from django.conf import settings
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("counter", "0037_productformula"),
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
]
operations = [
# cf. https://docs.djangoproject.com/fr/stable/howto/writing-migrations/#changing-a-manytomanyfield-to-use-a-through-model
migrations.SeparateDatabaseAndState(
database_operations=[
migrations.RunSQL(
sql="ALTER TABLE counter_counter_sellers RENAME TO counter_countersellers",
reverse_sql="ALTER TABLE counter_countersellers RENAME TO counter_counter_sellers",
),
],
state_operations=[
migrations.CreateModel(
name="CounterSellers",
fields=[
(
"id",
models.AutoField(
auto_created=True,
primary_key=True,
serialize=False,
verbose_name="ID",
),
),
(
"counter",
models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE,
to="counter.counter",
),
),
(
"user",
models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE,
to=settings.AUTH_USER_MODEL,
),
),
],
options={
"constraints": [
models.UniqueConstraint(
fields=("counter", "user"),
name="counter_counter_sellers_counter_id_subscriber_id_key",
)
],
},
),
migrations.AlterField(
model_name="counter",
name="sellers",
field=models.ManyToManyField(
blank=True,
related_name="counters",
through="counter.CounterSellers",
to=settings.AUTH_USER_MODEL,
verbose_name="sellers",
),
),
],
),
migrations.AddField(
model_name="countersellers",
name="created_at",
field=models.DateTimeField(
auto_now_add=True,
default=django.utils.timezone.now,
verbose_name="created at",
),
preserve_default=False,
),
migrations.AddField(
model_name="countersellers",
name="is_regular",
field=models.BooleanField(default=False, verbose_name="regular barman"),
),
]

28
counter/models.py
View File

@@ -551,11 +551,7 @@ class Counter(models.Model):
choices=[("BAR", _("Bar")), ("OFFICE", _("Office")), ("EBOUTIC", _("Eboutic"))], choices=[("BAR", _("Bar")), ("OFFICE", _("Office")), ("EBOUTIC", _("Eboutic"))],
) )
sellers = models.ManyToManyField( sellers = models.ManyToManyField(
User, User, verbose_name=_("sellers"), related_name="counters", blank=True
verbose_name=_("sellers"),
related_name="counters",
blank=True,
through="CounterSellers",
) )
edit_groups = models.ManyToManyField( edit_groups = models.ManyToManyField(
Group, related_name="editable_counters", blank=True Group, related_name="editable_counters", blank=True
@@ -583,7 +579,7 @@ class Counter(models.Model):
if user.is_anonymous: if user.is_anonymous:
return False return False
mem = self.club.get_membership_for(user) mem = self.club.get_membership_for(user)
if mem and mem.role.is_presidency: if mem and mem.role >= settings.SITH_CLUB_ROLES_ID["Treasurer"]:
return True return True
return user.is_in_group(pk=settings.SITH_GROUP_COUNTER_ADMIN_ID) return user.is_in_group(pk=settings.SITH_GROUP_COUNTER_ADMIN_ID)
@@ -747,26 +743,6 @@ class Counter(models.Model):
] ]
class CounterSellers(models.Model):
"""Custom through model for the counter-sellers M2M relationship."""
counter = models.ForeignKey(Counter, on_delete=models.CASCADE)
user = models.ForeignKey(User, on_delete=models.CASCADE)
is_regular = models.BooleanField(_("regular barman"), default=False)
created_at = models.DateTimeField(_("created at"), auto_now_add=True)
class Meta:
constraints = [
models.UniqueConstraint(
fields=["counter", "user"],
name="counter_counter_sellers_counter_id_subscriber_id_key",
)
]
def __str__(self):
return f"counter {self.counter_id} - user {self.user_id}"
class RefillingQuerySet(models.QuerySet): class RefillingQuerySet(models.QuerySet):
def annotate_total(self) -> Self: def annotate_total(self) -> Self:
"""Annotate the Queryset with the total amount. """Annotate the Queryset with the total amount.

2
counter/static/bundled/counter/counter-click-index.ts
View File

@@ -64,7 +64,7 @@ document.addEventListener("alpine:init", () => {
checkFormulas() { checkFormulas() {
const products = new Set( const products = new Set(
Object.keys(this.basket).map((i: string) => Number.parseInt(i, 10)), Object.keys(this.basket).map((i: string) => Number.parseInt(i)),
); );
const formula: ProductFormula = config.formulas.find((f: ProductFormula) => { const formula: ProductFormula = config.formulas.find((f: ProductFormula) => {
return f.products.every((p: number) => products.has(p)); return f.products.every((p: number) => products.has(p));

24
counter/tests/test_counter.py
View File

@@ -32,7 +32,7 @@ from model_bakery import baker
from model_bakery.recipe import Recipe from model_bakery.recipe import Recipe
from pytest_django.asserts import assertRedirects from pytest_django.asserts import assertRedirects
from club.models import ClubRole, Membership from club.models import Membership
from core.baker_recipes import board_user, subscriber_user, very_old_subscriber_user from core.baker_recipes import board_user, subscriber_user, very_old_subscriber_user
from core.models import BanGroup, User from core.models import BanGroup, User
from counter.baker_recipes import product_recipe, sale_recipe from counter.baker_recipes import product_recipe, sale_recipe
@@ -88,7 +88,7 @@ class TestFullClickBase(TestCase):
Membership, Membership,
start_date=now() - timedelta(days=30), start_date=now() - timedelta(days=30),
club=cls.club_counter.club, club=cls.club_counter.club,
role=baker.make(ClubRole, club=cls.club_counter.club, is_board=True), role=settings.SITH_CLUB_ROLES_ID["Board member"],
user=cls.club_admin, user=cls.club_admin,
) )
@@ -782,13 +782,7 @@ class TestClubCounterClickAccess(TestCase):
"counter:click", "counter:click",
kwargs={"counter_id": cls.counter.id, "user_id": cls.customer.id}, kwargs={"counter_id": cls.counter.id, "user_id": cls.customer.id},
) )
cls.board_role, cls.member_role = baker.make(
ClubRole,
club=cls.counter.club,
is_board=iter([True, False]),
_quantity=2,
_bulk_create=True,
)
cls.user = subscriber_user.make() cls.user = subscriber_user.make()
def setUp(self): def setUp(self):
@@ -803,17 +797,13 @@ class TestClubCounterClickAccess(TestCase):
res = self.client.get(self.click_url) res = self.client.get(self.click_url)
assert res.status_code == 403 assert res.status_code == 403
# being a member of the club, without being in the board, isn't enough # being a member of the club, without being in the board, isn't enough
baker.make( baker.make(Membership, club=self.counter.club, user=self.user, role=1)
Membership, club=self.counter.club, user=self.user, role=self.member_role
)
res = self.client.get(self.click_url) res = self.client.get(self.click_url)
assert res.status_code == 403 assert res.status_code == 403
def test_board_member(self): def test_board_member(self):
"""By default, board members should be able to click on office counters""" """By default, board members should be able to click on office counters"""
baker.make( baker.make(Membership, club=self.counter.club, user=self.user, role=3)
Membership, club=self.counter.club, user=self.user, role=self.board_role
)
self.client.force_login(self.user) self.client.force_login(self.user)
res = self.client.get(self.click_url) res = self.client.get(self.click_url)
assert res.status_code == 200 assert res.status_code == 200
@@ -828,9 +818,7 @@ class TestClubCounterClickAccess(TestCase):
def test_both_barman_and_board_member(self): def test_both_barman_and_board_member(self):
"""If the user is barman and board member, he should be authorized as well.""" """If the user is barman and board member, he should be authorized as well."""
self.counter.sellers.add(self.user) self.counter.sellers.add(self.user)
baker.make( baker.make(Membership, club=self.counter.club, user=self.user, role=3)
Membership, club=self.counter.club, user=self.user, role=self.board_role
)
self.client.force_login(self.user) self.client.force_login(self.user)
res = self.client.get(self.click_url) res = self.client.get(self.click_url)
assert res.status_code == 200 assert res.status_code == 200

123
counter/tests/test_counter_admin.py
View File

@@ -1,132 +1,13 @@
from django.conf import settings
from django.contrib.auth.models import Permission from django.contrib.auth.models import Permission
from django.test import TestCase from django.test import TestCase
from django.urls import reverse
from model_bakery import baker from model_bakery import baker
from club.models import Membership from club.models import Membership
from core.baker_recipes import subscriber_user from core.baker_recipes import subscriber_user
from core.models import Group, User from core.models import User
from counter.baker_recipes import product_recipe from counter.baker_recipes import product_recipe
from counter.forms import CounterEditForm from counter.forms import CounterEditForm
from counter.models import Counter, CounterSellers from counter.models import Counter
class TestEditCounterSellers(TestCase):
@classmethod
def setUpTestData(cls):
cls.counter = baker.make(Counter, type="BAR")
cls.products = product_recipe.make(_quantity=2, _bulk_create=True)
cls.counter.products.add(*cls.products)
users = subscriber_user.make(_quantity=6, _bulk_create=True)
cls.regular_barmen = users[:2]
cls.tmp_barmen = users[2:4]
cls.not_barmen = users[4:]
CounterSellers.objects.bulk_create(
[
*baker.prepare(
CounterSellers,
counter=cls.counter,
user=iter(cls.regular_barmen),
is_regular=True,
_quantity=len(cls.regular_barmen),
),
*baker.prepare(
CounterSellers,
counter=cls.counter,
user=iter(cls.tmp_barmen),
is_regular=False,
_quantity=len(cls.tmp_barmen),
),
]
)
cls.operator = baker.make(
User, groups=[Group.objects.get(id=settings.SITH_GROUP_COUNTER_ADMIN_ID)]
)
def test_view_ok(self):
url = reverse("counter:admin", kwargs={"counter_id": self.counter.id})
self.client.force_login(self.operator)
res = self.client.get(url)
assert res.status_code == 200
res = self.client.post(
url,
data={
"sellers_regular": [u.id for u in self.regular_barmen],
"sellers_temporary": [u.id for u in self.tmp_barmen],
"products": [p.id for p in self.products],
},
)
self.assertRedirects(res, url)
def test_add_barmen(self):
form = CounterEditForm(
data={
"sellers_regular": [*self.regular_barmen, self.not_barmen[0]],
"sellers_temporary": [*self.tmp_barmen, self.not_barmen[1]],
"products": self.products,
},
instance=self.counter,
user=self.operator,
)
assert form.is_valid()
form.save()
assert set(self.counter.sellers.filter(countersellers__is_regular=True)) == {
*self.regular_barmen,
self.not_barmen[0],
}
assert set(self.counter.sellers.filter(countersellers__is_regular=False)) == {
*self.tmp_barmen,
self.not_barmen[1],
}
def test_barman_change_status(self):
"""Test when a barman goes from temporary to regular"""
form = CounterEditForm(
data={
"sellers_regular": [*self.regular_barmen, self.tmp_barmen[0]],
"sellers_temporary": [*self.tmp_barmen[1:]],
"products": self.products,
},
instance=self.counter,
user=self.operator,
)
assert form.is_valid()
form.save()
assert set(self.counter.sellers.filter(countersellers__is_regular=True)) == {
*self.regular_barmen,
self.tmp_barmen[0],
}
assert set(
self.counter.sellers.filter(countersellers__is_regular=False)
) == set(self.tmp_barmen[1:])
def test_barman_duplicate(self):
"""Test that a barman cannot be regular and temporary at the same time."""
form = CounterEditForm(
data={
"sellers_regular": [*self.regular_barmen, self.not_barmen[0]],
"sellers_temporary": [*self.tmp_barmen, self.not_barmen[0]],
"products": self.products,
},
instance=self.counter,
user=self.operator,
)
assert not form.is_valid()
assert form.errors == {
"__all__": [
"Un utilisateur ne peut pas être un barman "
"régulier et temporaire en même temps, "
"mais les utilisateurs suivants ont été définis "
f"comme les deux : {self.not_barmen[0].get_display_name()}"
],
}
assert set(self.counter.sellers.filter(countersellers__is_regular=True)) == set(
self.regular_barmen
)
assert set(
self.counter.sellers.filter(countersellers__is_regular=False)
) == set(self.tmp_barmen)
class TestEditCounterProducts(TestCase): class TestEditCounterProducts(TestCase):

6
counter/tests/test_customer.py
View File

@@ -3,13 +3,14 @@ import string
from datetime import timedelta from datetime import timedelta
import pytest import pytest
from django.conf import settings
from django.contrib.auth.base_user import make_password from django.contrib.auth.base_user import make_password
from django.test import Client, TestCase from django.test import Client, TestCase
from django.urls import reverse from django.urls import reverse
from django.utils.timezone import now from django.utils.timezone import now
from model_bakery import baker from model_bakery import baker
from club.models import ClubRole, Membership from club.models import Membership
from core.baker_recipes import board_user, subscriber_user from core.baker_recipes import board_user, subscriber_user
from core.models import User from core.models import User
from counter.baker_recipes import product_recipe, refill_recipe, sale_recipe from counter.baker_recipes import product_recipe, refill_recipe, sale_recipe
@@ -41,12 +42,11 @@ class TestStudentCard(TestCase):
cls.counter.sellers.add(cls.barmen) cls.counter.sellers.add(cls.barmen)
cls.club_counter = baker.make(Counter) cls.club_counter = baker.make(Counter)
role = baker.make(ClubRole, club=cls.club_counter.club, is_board=True)
baker.make( baker.make(
Membership, Membership,
start_date=now() - timedelta(days=30), start_date=now() - timedelta(days=30),
club=cls.club_counter.club, club=cls.club_counter.club,
role=role, role=settings.SITH_CLUB_ROLES_ID["Board member"],
user=cls.club_admin, user=cls.club_admin,
) )

6
counter/views/admin.py
View File

@@ -16,7 +16,6 @@ from datetime import datetime, timedelta
from django.conf import settings from django.conf import settings
from django.contrib.auth.mixins import PermissionRequiredMixin, UserPassesTestMixin from django.contrib.auth.mixins import PermissionRequiredMixin, UserPassesTestMixin
from django.contrib.messages.views import SuccessMessageMixin
from django.core.exceptions import PermissionDenied from django.core.exceptions import PermissionDenied
from django.db import transaction from django.db import transaction
from django.forms import CheckboxSelectMultiple from django.forms import CheckboxSelectMultiple
@@ -59,9 +58,7 @@ class CounterListView(CounterAdminTabsMixin, CanViewMixin, ListView):
current_tab = "counters" current_tab = "counters"
class CounterEditView( class CounterEditView(CounterAdminTabsMixin, UserPassesTestMixin, UpdateView):
CounterAdminTabsMixin, UserPassesTestMixin, SuccessMessageMixin, UpdateView
):
"""Edit a counter's main informations (for the counter's manager).""" """Edit a counter's main informations (for the counter's manager)."""
model = Counter model = Counter
@@ -69,7 +66,6 @@ class CounterEditView(
pk_url_kwarg = "counter_id" pk_url_kwarg = "counter_id"
template_name = "core/edit.jinja" template_name = "core/edit.jinja"
current_tab = "counters" current_tab = "counters"
success_message = _("Counter update done")
def test_func(self): def test_func(self):
if self.request.user.has_perm("counter.change_counter"): if self.request.user.has_perm("counter.change_counter"):

1
docs/reference/api/schemas.md Normal file
View File

@@ -0,0 +1 @@
::: api.schemas

1
docs/reference/api/views.md Normal file
View File

@@ -0,0 +1 @@
::: api.views

353
docs/tutorial/api/account-link.md Normal file
View File

@@ -0,0 +1,353 @@
Le site AE offre des mécanismes permettant aux applications tierces
de récupérer les informations sur un utilisateur du site AE.
De cette manière, il devient possible de synchroniser les informations
qu possède l'application tierce sur l'utilisateur, directement depuis
le site AE.
## Fonctionnement général
Pour authentifier vos utilisateurs, vous aurez besoin d'un serveur web
et d'un client d'API (celui auquel est liée votre
[clef d'API](./connect.md#obtenir-une-clef-dapi)).
Deux informations vous sont nécessaires, en plus de votre clef d'API :
- l'id du client : vous pouvez l'obtenir soit en le demandant à l'équipe info,
soit en appelant la route `GET /client/me` avec votre clef d'API
renseignée dans le header [X-APIKey](./connect.md#x-apikey)
- la clef HMAC du client : vous devez la demander à l'équipe info.
Grâce à ces informations, vous allez pouvoir fournir le contexte nécessaire
au site AE pour qu'il authentifie vos utilisateurs.
En effet, la démarche d'authentification s'effectue presque entièrement
sur le site : le travail de l'application tierce consiste uniquement
à fournir à l'utilisateur une url avec les bons paramètres, puis
à recevoir la réponse du serveur si tout s'est bien passé.
Comme un dessin vaut parfois mieux que mille mots,
voici les diagrammes décrivant le processus.
L'un montre l'entièreté de la démarche ;
l'autre dans un souci de simplicité, ne montre que ce qui est visible
directement par l'application tierce.
=== "Intégralité du processus"
```mermaid
sequenceDiagram
actor User
participant App
User->>+App: Authentifie-moi, stp
App-->>-User: url de connexion<br/>avec signature
User->>+Sith: GET url
opt Utilisateur non-connecté
Sith->>+User: Formulaire de connexion
User-->>-Sith: Connexion
end
Sith->>Sith: vérification de la signature
Sith->>+User: Formulaire<br/>des conditions<br/>d'utilisation
User-->>-Sith: Validation
Sith->>+App: URL de retour<br/>avec données utilisateur
App->>App: Traitement des <br/>données utilisateur
App-->>-Sith: 204 OK, No content
Sith-->>-User: Message de succès
App--)User: Message de succès
```
=== "Point de vue de l'application tierce"
```mermaid
sequenceDiagram
actor User
participant App
User->>+App: Authentifie-moi, stp
App-->>-User: url de connexion<br/>avec signature
opt
Sith->>+App: URL de retour<br/>avec données utilisateur
App->>App: Traitement des <br/>données utilisateur
App-->>-Sith: 204 OK, No content
App--)User: Message de succès
end
```
## Données attendues
### URL de connexion
L'URL de connexion que vous allez fournir à l'utilisateur doit
être `https://ae.utbm.fr/api-link/auth/`
et doit contenir les données décrites dans
[`ThirdPartyAuthParamsSchema`][api.schemas.ThirdPartyAuthParamsSchema] :
- `client_id` (integer) : l'id de votre client, que vous pouvez obtenir
de la manière décrite plus haut
- `third_party_app`(string) : le nom de la plateforme pour laquelle
l'authentification va être réalisée (si votre application est un bot
discord, mettez la valeur "discord")
- `privacy_link`(URL) : l'URL vers la page de politique de confidentialité
qui s'appliquera dans le cadre de l'application
(s'il s'agit d'un bot discord, donnez le lien vers celles de Discord)
- `username`(string) : le pseudonyme que l'utilisateur possède sur
votre application
- `callback_url`(URL) : l'URL que le site AE appellera si l'authentification
réussit
- `signature`(string) : la signature des données de la requête.
Ces données doivent être url-encodées et passées dans les paramètres GET.
!!!tip "URL de retour"
Notre système n'impose aucune contrainte quant à la manière
de construire votre URL (hormis le fait que ce doit être une URL HTTPS valide),
mais il est tout de même conseillé d'utiliser l'identifiant de votre
utilisateur comme paramètre dans l'URL
(par exemple `GET /callback/{int:user_id}/`).
???Example
Supposons que votre client d'API soit utilisé dans le cadre d'un bot Discord,
avec les données suivantes :
- l'id du client est 15
- sa clef HMAC est "beb99dd53"
(c'est pour l'exemple, une vraie clef sera beaucoup plus longue)
- le pseudonyme discord de votre utilisateur est Brian
- son id sur discord est 123456789
- votre route de callback est `GET /callback/{int:user_id}/`,
accessible au domaine `https://bot.ae.utbm.fr`
Alors les paramètres de votre URL seront :
| Paramètre | valeur |
|-----------------|-----------------------------------------------------------------------|
| client_id | 15 |
| third_party_app | discord |
| privacy_link | `https://discord.com/privacy` |
| username | Brian |
| callback_url | `https://bot.ae.utbm.fr/callback/123456789/` |
| signature | 1a383c51060be64f07772aa42e07<br/>18ae096b8f21f2cdb4061c0834a416d12101 |
Et l'url fournie à l'utilisateur sera :
`https://ae.utbm.fr/api-link/auth/?client_id=15&third_party_app=discord
&privacy_link=https%3A%2F%2Fdiscord.com%2Fprivacy&username=Brian
&callback_url=https%3A%2F%2Fbot.ae.utbm.fr%2Fcallback%2F123456789%2F
&signature=1a383c51060be64f07772aa42e0718ae096b8f21f2cdb4061c0834a416d12101`
### Données de retour
Si l'authentification réussit, le site AE enverra une requête HTTP POST
à l'URL de retour fournie dans l'URL de connexion.
Le corps de la requête de callback et au format JSON
et contient deux paires clef-valeur :
- `user` : les données utilisateur, telles que décrites
par [UserProfileSchema][core.schemas.UserProfileSchema]
- `signature` : la signature des données utilisateur
???Example
En reprenant les mêmes paramètres que dans l'exemple précédent,
le site AE pourra renvoyer à l'application la requête suivante :
```http
POST https://bot.ae.utbm.fr/callback/123456789/
content-type: application/json
body: {
"user": {
"id": 144131,
"nick_name": "inzekitchen",
"first_name": "Brian",
...
},
"signature": "f16955bab6b805f6e1abbb98a86dfee53fed0bf812aa6513ca46cfd461b70020"
}
```
L'application doit répondre avec un des codes HTTP suivants :
| Code | Raison |
|------|--------------------------------------------------------------------------------|
| 204 | Tout s'est bien passé |
| 403 | Les données de retour ne sont <br>pas signées ou sont mal signées |
| 404 | L'URL de retour ne permet pas <br>d'identifier un utilisateur de l'application |
!!!note "Code d'erreur par défaut"
Si l'appel de la route fait face à plusieurs problèmes en même temps
(par exemple, l'URL ne permet pas de retrouver votre utilisateur,
et en plus les données sont mal signées),
le 403 prime et doit être retourné par défaut.
## Signature des données
Les données de l'URL de connexion doivent être signées,
et la signature de l'URL de retour doit être vérifiée.
Dans le deux cas, la signature est le digest HMAC-SHA512
des données url-encodées, en utilisant la clef HMAC du client d'API.
???Example "Signature de l'URL de connexion"
En reprenant le même exemple que les fois précédentes,
l'url-encodage des données est :
`client_id=15&third_party_app=discord
&privacy_link=https%3A%2F%2Fdiscord.com%2Fprivacy%2F&username=Brian
&callback_url=https%3A%2F%2Fbot.ae.utbm.fr%2Fcallback%2F123456789%2F`
Notez que la signature n'est pas (encore) dedans.
Cette dernière peut-être obtenue avec le code suivant :
=== ":simple-python: Python"
Dépendances :
- `environs` (>=14.1)
```python
import hmac
from urllib.parse import urlencode
from environs import Env
env = Env()
env.read_env()
key = env.str("HMAC_KEY").encode()
data = {
"client_id": 15,
"third_party_app": "discord",
"privacy_link": "https://discord.com/privacy/",
"username": "Brian",
"callback_url": "https://bot.ae.utbm.fr/callback/123456789/",
}
urlencoded = urlencode(data)
data["signature"] = hmac.digest(key, urlencoded.encode(), "sha512").hex()
# URL a fournir à l'utilisateur pour son authentification
user_url = f"https://ae.ubtm.fr/api-link/auth/?{urlencode(data)}"
```
=== ":simple-rust: Rust"
Dépendances :
- `hmac` (>=0.12.1)
- `url` (>=2.5.7, features `serde`)
- `serde` (>=1.0.228, features `derive`)
- `serde_urlencoded` (>="0.7.1)
- `sha2` (>=0.10.9)
- `dotenvy` (>= 0.15)
```rust
use hmac::{Mac, SimpleHmac};
use serde::Serialize;
use sha2::Sha512;
use url::Url;
#[derive(Serialize, Debug)]
struct UrlData<'a> {
client_id: u32,
third_party_app: &'a str,
privacy_link: Url,
username: &'a str,
callback_url: Url,
}
impl<'a> UrlData<'a> {
pub fn signature(&self, key: &[u8]) -> CtOutput<SimpleHmac<Sha512>> {
let urlencoded = serde_urlencoded::to_string(self).unwrap();
SimpleHmac::<Sha512>::new_from_slice(key)
.unwrap()
.chain_update(urlencoded.as_bytes())
.finalize()
}
}
impl Into<Url> for UrlData<'_> {
fn into(self) -> Url {
let key = std::env::var("HMAC_KEY").unwrap();
let mut url = Url::parse("http://ae.utbm.fr/api-link/auth/").unwrap();
url.set_query(Some(
format!(
"{}&signature={:x}",
serde_urlencoded::to_string(&self).unwrap(),
self.signature(key.as_bytes()).into_bytes()
)
.as_str(),
));
url
}
}
fn main() {
dotenvy::dotenv().expect("Couldn't load env");
let data = UrlData {
client_id: 1,
third_party_app: "discord",
privacy_link: "https://discord.com/privacy/".parse().unwrap(),
username: "Brian",
callback_url: "https://bot.ae.utbm.fr/callback/123456789/"
.parse()
.unwrap(),
};
let url: Url = data.into();
println!("{:?}", url);
}
```
???Example "Vérification de la signature de la réponse"
Les données utilisateur peuvent ressembler à :
```json
{
"user": {
"display_name": "Matthieu Vincent",
"profile_url": "/user/380/",
"profile_pict": "/static/core/img/unknown.jpg",
"id": 380,
"nick_name": None,
"first_name": "Matthieu",
"last_name": "Vincent",
},
"signature": "3802a280fbb01bd9fetc."
}
```
Vous pouvez vérifier la signature ainsi :
```python
import hmac
from urllib.parse import urlencode
from environs import Env
env = Env()
env.read_env()
def is_signature_valid(user_data: dict, signature: str) -> bool:
key = env.str("HMAC_KEY").encode()
urlencoded = urlencode(user_data)
return hmac.compare_digest(
hmac.digest(key, urlencoded.encode(), "sha512").hex(),
signature,
)
post_data = <récupération des données POST>
print(
"signature valide :",
is_signature_valid(post_data["user"], post_data["signature"]
)
```
!!!Warning
Vous devez impérativement vérifier la signature
des données de la requête de callback !
Si l'équipe informatique se rend compte que vous ne le faites pas,
elle se réserve le droit de suspendre votre application,
immédiatement et sans préavis.

8
docs/tutorial/api/connect.md
View File

@@ -112,7 +112,7 @@ cf. [HTTP persistant connection (wikipedia)](https://en.wikipedia.org/wiki/HTTP_
Voici quelques exemples : Voici quelques exemples :
=== "Python (requests)" === ":simple-python: Python (requests)"
Dépendances : Dépendances :
@@ -132,7 +132,7 @@ Voici quelques exemples :
print(response.json()) print(response.json())
``` ```
=== "Python (aiohttp)" === ":simple-python: Python (aiohttp)"
Dépendances : Dépendances :
@@ -158,7 +158,7 @@ Voici quelques exemples :
asyncio.run(main()) asyncio.run(main())
``` ```
=== "Javascript (axios)" === ":simple-javascript: Javascript (axios)"
Dépendances : Dépendances :
@@ -178,7 +178,7 @@ Voici quelques exemples :
console.log(await instance.get("club/1").json()); console.log(await instance.get("club/1").json());
``` ```
=== "Rust (reqwest)" === ":simple-rust: Rust (reqwest)"
Dépendances : Dépendances :

37
eboutic/converters.py
View File

@@ -1,37 +0,0 @@
#
# Copyright 2022
# - Maréchal <thgirod@hotmail.com
#
# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
# http://ae.utbm.fr.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License a published by the Free Software
# Foundation; either version 3 of the License, or (at your option) any later
# version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details.
#
# You should have received a copy of the GNU General Public License along with
# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
# Place - Suite 330, Boston, MA 02111-1307, USA.
class PaymentResultConverter:
"""Converter used for url mapping of the `eboutic.views.payment_result` view.
It's meant to build an url that can match
either `/eboutic/pay/success/` or `/eboutic/pay/failure/`
but nothing else.
"""
regex = "(success|failure)"
def to_python(self, value):
return str(value)
def to_url(self, value):
return str(value)

4
eboutic/urls.py
View File

@@ -24,7 +24,7 @@
from django.urls import path, register_converter from django.urls import path, register_converter
from eboutic.converters import PaymentResultConverter from core.converters import ResultConverter
from eboutic.views import ( from eboutic.views import (
BillingInfoFormFragment, BillingInfoFormFragment,
EbouticCheckout, EbouticCheckout,
@@ -34,7 +34,7 @@ from eboutic.views import (
payment_result, payment_result,
) )
register_converter(PaymentResultConverter, "res") register_converter(ResultConverter, "res")
urlpatterns = [ urlpatterns = [
# Subscription views # Subscription views

98
election/tests.py
View File

@@ -6,8 +6,6 @@ from django.test import Client, TestCase
from django.urls import reverse from django.urls import reverse
from django.utils.timezone import now from django.utils.timezone import now
from model_bakery import baker from model_bakery import baker
from model_bakery.recipe import Recipe
from pytest_django.asserts import assertRedirects
from core.baker_recipes import subscriber_user from core.baker_recipes import subscriber_user
from core.models import Group, User from core.models import Group, User
@@ -54,102 +52,6 @@ class TestElectionUpdateView(TestElection):
assert response.status_code == 403 assert response.status_code == 403
class TestElectionForm(TestCase):
@classmethod
def setUpTestData(cls):
cls.election = baker.make(Election, end_date=now() + timedelta(days=1))
cls.group = baker.make(Group)
cls.election.vote_groups.add(cls.group)
cls.election.edit_groups.add(cls.group)
lists = baker.make(
ElectionList, election=cls.election, _quantity=2, _bulk_create=True
)
cls.roles = baker.make(
Role, election=cls.election, _quantity=2, _bulk_create=True
)
users = baker.make(User, _quantity=4, _bulk_create=True)
recipe = Recipe(Candidature)
cls.cand = [
recipe.prepare(role=cls.roles[0], user=users[0], election_list=lists[0]),
recipe.prepare(role=cls.roles[0], user=users[1], election_list=lists[1]),
recipe.prepare(role=cls.roles[1], user=users[2], election_list=lists[0]),
recipe.prepare(role=cls.roles[1], user=users[3], election_list=lists[1]),
]
Candidature.objects.bulk_create(cls.cand)
cls.vote_url = reverse("election:vote", kwargs={"election_id": cls.election.id})
cls.detail_url = reverse(
"election:detail", kwargs={"election_id": cls.election.id}
)
def test_election_good_form(self):
postes = (self.roles[0].title, self.roles[1].title)
votes = [
{postes[0]: "", postes[1]: str(self.cand[2].id)},
{postes[0]: "", postes[1]: ""},
{postes[0]: str(self.cand[0].id), postes[1]: str(self.cand[2].id)},
{postes[0]: str(self.cand[0].id), postes[1]: str(self.cand[3].id)},
]
voters = subscriber_user.make(_quantity=len(votes), _bulk_create=True)
self.group.users.set(voters)
for voter, vote in zip(voters, votes, strict=True):
assert self.election.can_vote(voter)
self.client.force_login(voter)
response = self.client.post(self.vote_url, data=vote)
assertRedirects(response, self.detail_url)
assert set(self.election.voters.all()) == set(voters)
assert self.election.results == {
postes[0]: {
self.cand[0].user.username: {"percent": 50.0, "vote": 2},
self.cand[1].user.username: {"percent": 0.0, "vote": 0},
"blank vote": {"percent": 50.0, "vote": 2},
"total vote": 4,
},
postes[1]: {
self.cand[2].user.username: {"percent": 50.0, "vote": 2},
self.cand[3].user.username: {"percent": 25.0, "vote": 1},
"blank vote": {"percent": 25.0, "vote": 1},
"total vote": 4,
},
}
def test_election_bad_form(self):
postes = (self.roles[0].title, self.roles[1].title)
votes = [
{postes[0]: "", postes[1]: str(self.cand[0].id)}, # wrong candidate
{postes[0]: ""},
{
postes[0]: "0123456789", # unknow users
postes[1]: str(subscriber_user.make().id), # not a candidate
},
{},
]
voters = subscriber_user.make(_quantity=len(votes), _bulk_create=True)
self.group.users.set(voters)
for voter, vote in zip(voters, votes, strict=True):
self.client.force_login(voter)
response = self.client.post(self.vote_url, data=vote)
assertRedirects(response, self.detail_url)
assert self.election.results == {
postes[0]: {
self.cand[0].user.username: {"percent": 0.0, "vote": 0},
self.cand[1].user.username: {"percent": 0.0, "vote": 0},
"blank vote": {"percent": 100.0, "vote": 2},
"total vote": 2,
},
postes[1]: {
self.cand[2].user.username: {"percent": 0.0, "vote": 0},
self.cand[3].user.username: {"percent": 0.0, "vote": 0},
"blank vote": {"percent": 100.0, "vote": 2},
"total vote": 2,
},
}
@pytest.mark.django_db @pytest.mark.django_db
def test_election_create_list_permission(client: Client): def test_election_create_list_permission(client: Client):
election = baker.make(Election, end_candidature=now() + timedelta(hours=1)) election = baker.make(Election, end_candidature=now() + timedelta(hours=1))

2
forum/models.py
View File

@@ -183,7 +183,7 @@ class Forum(models.Model):
Forum._club_memberships[self.id] = {} Forum._club_memberships[self.id] = {}
Forum._club_memberships[self.id][user.id] = m Forum._club_memberships[self.id][user.id] = m
if m: if m:
return m.role.is_board return m.role > settings.SITH_MAXIMUM_FREE_ROLE
return False return False
def check_loop(self): def check_loop(self):

21
galaxy/management/commands/generate_galaxy_test_data.py
View File

@@ -29,9 +29,8 @@ from django.conf import settings
from django.core.files.base import ContentFile from django.core.files.base import ContentFile
from django.core.management.base import BaseCommand from django.core.management.base import BaseCommand
from django.utils import timezone from django.utils import timezone
from model_bakery import baker
from club.models import Club, ClubRole, Membership from club.models import Club, Membership
from core.models import Group, Page, SithFile, User from core.models import Group, Page, SithFile, User
from core.utils import RED_PIXEL_PNG from core.utils import RED_PIXEL_PNG
from sas.models import Album, PeoplePictureRelation, Picture from sas.models import Album, PeoplePictureRelation, Picture
@@ -218,19 +217,11 @@ class Command(BaseCommand):
"The `make_clubs()` method must be called before `make_club_memberships()`" "The `make_clubs()` method must be called before `make_club_memberships()`"
) )
memberships = [] memberships = []
roles = {
r.club_id: r.id
for r in baker.make(
ClubRole,
club=iter(self.clubs),
_quantity=len(self.clubs),
_bulk_create=True,
)
}
for i in range(1, 11): # users can be in up to 20 clubs for i in range(1, 11): # users can be in up to 20 clubs
self.logger.info(f"Club membership, pass {i}") self.logger.info(f"Club membership, pass {i}")
for uid in range(i, self.NB_USERS, i): for uid in range(
# Pass #1 will make sure every user is at least in one club i, self.NB_USERS, i
): # Pass #1 will make sure every user is at least in one club
user = self.users[uid] user = self.users[uid]
club = self.clubs[(uid + i**2) % self.NB_CLUBS] club = self.clubs[(uid + i**2) % self.NB_CLUBS]
@@ -245,7 +236,7 @@ class Command(BaseCommand):
Membership( Membership(
user=user, user=user,
club=club, club=club,
role_id=roles[club.id], role=(uid + i) % 10 + 1, # spread the different roles
start_date=start, start_date=start,
end_date=end, end_date=end,
) )
@@ -268,7 +259,7 @@ class Command(BaseCommand):
Membership( Membership(
user=user, user=user,
club=club, club=club,
role_id=roles[club.id], role=((uid // 10) + i) % 10 + 1, # spread the different roles
start_date=start, start_date=start,
end_date=end, end_date=end,
) )

127
locale/fr/LC_MESSAGES/django.po
View File

@@ -6,7 +6,7 @@
msgid "" msgid ""
msgstr "" msgstr ""
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2026-03-10 10:28+0100\n" "POT-Creation-Date: 2026-03-07 15:47+0100\n"
"PO-Revision-Date: 2016-07-18\n" "PO-Revision-Date: 2016-07-18\n"
"Last-Translator: Maréchal <thomas.girod@utbm.fr\n" "Last-Translator: Maréchal <thomas.girod@utbm.fr\n"
"Language-Team: AE info <ae.info@utbm.fr>\n" "Language-Team: AE info <ae.info@utbm.fr>\n"
@@ -35,6 +35,10 @@ msgstr ""
"True si gardé à jour par le biais d'un fournisseur externe de domains " "True si gardé à jour par le biais d'un fournisseur externe de domains "
"toxics, False sinon" "toxics, False sinon"
#: api/admin.py
msgid "Reset HMAC key"
msgstr "Réinitialiser la clef HMAC"
#: api/admin.py #: api/admin.py
#, python-format #, python-format
msgid "" msgid ""
@@ -48,6 +52,23 @@ msgstr ""
msgid "Revoke selected API keys" msgid "Revoke selected API keys"
msgstr "Révoquer les clefs d'API sélectionnées" msgstr "Révoquer les clefs d'API sélectionnées"
#: api/forms.py
msgid "I have read and I accept the terms and conditions of use"
msgstr "J'ai lu et j'accepte les conditions générales d'utilisation."
#: api/forms.py
msgid "You must approve the terms and conditions of use."
msgstr "Vous devez approuver les conditions générales d'utilisation."
#: api/forms.py
msgid "You must confirm that this is your username."
msgstr "Vous devez confirmer que c'est bien votre nom d'utilisateur."
#: api/forms.py
#, python-format
msgid "I confirm that %(username)s is my username on %(app)s"
msgstr "Je confirme que %(username)s est mon nom d'utilisateur sur %(app)s"
#: api/models.py club/models.py com/models.py counter/models.py forum/models.py #: api/models.py club/models.py com/models.py counter/models.py forum/models.py
msgid "name" msgid "name"
msgstr "nom" msgstr "nom"
@@ -68,6 +89,10 @@ msgstr "permissions du client"
msgid "Specific permissions for this api client." msgid "Specific permissions for this api client."
msgstr "Permissions spécifiques pour ce client d'API" msgstr "Permissions spécifiques pour ce client d'API"
#: api/models.py
msgid "HMAC Key"
msgstr "Clef HMAC"
#: api/models.py #: api/models.py
msgid "api client" msgid "api client"
msgstr "client d'api" msgstr "client d'api"
@@ -97,6 +122,63 @@ msgstr "clef d'api"
msgid "api keys" msgid "api keys"
msgstr "clefs d'api" msgstr "clefs d'api"
#: api/templates/api/third_party/auth.jinja
msgid "Confidentiality"
msgstr "Confidentialité"
#: api/templates/api/third_party/auth.jinja
#, python-format
msgid ""
"By ticking this box and clicking on the send button, you acknowledge and "
"agree to provide %(app)s with your first name, last name, nickname and any "
"other information that was the third party app was explicitly authorized to "
"fetch and that it must have acknowledged to you, in a complete and accurate "
"manner."
msgstr ""
"En cochant cette case et en cliquant sur le bouton « Envoyer », vous "
"reconnaissez et acceptez de fournir à %(app)s votre prénom, nom, pseudonyme "
"et toute autre information que l'application tierce a été explicitement "
"autorisée à récupérer et qu'elle doit vous avoir communiqué de manière "
"complète et exacte."
#: api/templates/api/third_party/auth.jinja
#, python-format
msgid ""
"The privacy policies of <a href=\"%(privacy_link)s\">%(app)s</a> and of <a "
"href=\"%(sith_cgu_link)s\">the Students' Association</a> applies as soon as "
"the form is submitted."
msgstr ""
"Les politiques de confidentialité de <a href=\"%(privacy_link)s\">%(app)s</a> et de <a "
"href=\"%(sith_cgu_link)s\">l'Association des Etudiants</a> s'appliquent dès la soumission "
"du formulaire."
#: api/templates/api/third_party/auth.jinja
msgid "Confirmation of identity"
msgstr "Confirmation d'identité"
#: api/views.py
#, python-format
msgid ""
"You are going to link your AE account and your %(app)s account. Continue "
"only if this page was opened from %(app)s."
msgstr ""
"Vous allez lier votre compte AE et votre compte %(app)s. Poursuivez "
"uniquement si cette page a été ouverte depuis %(app)s."
#: api/views.py
msgid "You have been successfully authenticated. You can now close this page."
msgstr "Vous avez été authentifié avec succès. Vous pouvez maintenant fermer cette page."
#: api/views.py
msgid ""
"Your authentication on the AE website was successful, but an error happened "
"during the interaction with the third-party application. Please contact the "
"managers of the latter."
msgstr ""
"Votre authentification sur le site AE a fonctionné, mais une erreur est arrivée "
"durant l'interaction avec l'application tierce. Veuillez contacter les responsables "
"de cette dernière."
#: club/forms.py #: club/forms.py
msgid "Users to add" msgid "Users to add"
msgstr "Utilisateurs à ajouter" msgstr "Utilisateurs à ajouter"
@@ -2937,29 +3019,6 @@ msgstr "Cet UID est invalide"
msgid "User not found" msgid "User not found"
msgstr "Utilisateur non trouvé" msgstr "Utilisateur non trouvé"
#: counter/forms.py
msgid "Regular barmen"
msgstr "Barmen réguliers"
#: counter/forms.py
msgid ""
"Barmen having regular permanences or frequently giving a hand throughout the "
"semester."
msgstr ""
"Les barmen assurant des permanences régulières ou donnant régulièrement un "
"coup de main au cours du semestre."
#: counter/forms.py
msgid "Temporary barmen"
msgstr "Barmen temporaires"
#: counter/forms.py
msgid ""
"Barmen who will be there only for a limited period (e.g. for one evening)"
msgstr ""
"Les barmen qui seront là uniquement pour une durée limitée (par exemple, le "
"temps d'une soirée)"
#: counter/forms.py #: counter/forms.py
msgid "" msgid ""
"If you want to add a product that is not owned by your club to this counter, " "If you want to add a product that is not owned by your club to this counter, "
@@ -2968,16 +3027,6 @@ msgstr ""
"Si vous souhaitez ajouter sur ce comptoir un produit qui n'appartient pas à " "Si vous souhaitez ajouter sur ce comptoir un produit qui n'appartient pas à "
"votre club, vous devriez demander à un admin." "votre club, vous devriez demander à un admin."
#: counter/forms.py
#, python-format
msgid ""
"A user cannot be a regular and a temporary barman at the same time, but the "
"following users have been defined as both : %(users)s"
msgstr ""
"Un utilisateur ne peut pas être un barman régulier et temporaire en même "
"temps, mais les utilisateurs suivants ont été définis comme les deux : "
"%(users)s"
#: counter/forms.py #: counter/forms.py
msgid "Date and time of action" msgid "Date and time of action"
msgstr "Date et heure de l'action" msgstr "Date et heure de l'action"
@@ -3226,10 +3275,6 @@ msgstr "vendeurs"
msgid "token" msgid "token"
msgstr "jeton" msgstr "jeton"
#: counter/models.py
msgid "regular barman"
msgstr "barman régulier"
#: counter/models.py sith/settings.py #: counter/models.py sith/settings.py
msgid "Credit card" msgid "Credit card"
msgstr "Carte bancaire" msgstr "Carte bancaire"
@@ -3942,10 +3987,6 @@ msgstr "Temps"
msgid "Top 100 barman %(counter_name)s (all semesters)" msgid "Top 100 barman %(counter_name)s (all semesters)"
msgstr "Top 100 barman %(counter_name)s (tous les semestres)" msgstr "Top 100 barman %(counter_name)s (tous les semestres)"
#: counter/views/admin.py
msgid "Counter update done"
msgstr "Mise à jour du comptoir effectuée"
#: counter/views/admin.py #: counter/views/admin.py
#, python-format #, python-format
msgid "%(formula)s (formula)" msgid "%(formula)s (formula)"
@@ -5294,6 +5335,8 @@ msgid "One day"
msgstr "Un jour" msgstr "Un jour"
#: sith/settings.py #: sith/settings.py
#, fuzzy
#| msgid "GA staff member"
msgid "GA staff member" msgid "GA staff member"
msgstr "Membre staff GA" msgstr "Membre staff GA"

3
mkdocs.yml
View File

@@ -69,6 +69,7 @@ nav:
- API: - API:
- Développement: tutorial/api/dev.md - Développement: tutorial/api/dev.md
- Connexion à l'API: tutorial/api/connect.md - Connexion à l'API: tutorial/api/connect.md
- Liaison avec le compte AE: tutorial/api/account-link.md
- Etransactions: tutorial/etransaction.md - Etransactions: tutorial/etransaction.md
- How-to: - How-to:
- L'ORM de Django: howto/querysets.md - L'ORM de Django: howto/querysets.md
@@ -91,6 +92,8 @@ nav:
- reference/api/hashers.md - reference/api/hashers.md
- reference/api/models.md - reference/api/models.md
- reference/api/perms.md - reference/api/perms.md
- reference/api/schemas.md
- reference/api/views.md
- club: - club:
- reference/club/models.md - reference/club/models.md
- reference/club/views.md - reference/club/views.md

2369
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

23
package.json
View File

@@ -8,6 +8,8 @@
"compile-dev": "vite build --mode development", "compile-dev": "vite build --mode development",
"serve": "vite build --mode development --watch --minify false", "serve": "vite build --mode development --watch --minify false",
"openapi": "openapi-ts", "openapi": "openapi-ts",
"analyse-dev": "vite-bundle-visualizer --mode development",
"analyse-prod": "vite-bundle-visualizer --mode production",
"check": "tsc && biome check --write" "check": "tsc && biome check --write"
}, },
"keywords": [], "keywords": [],
@@ -26,28 +28,29 @@
"devDependencies": { "devDependencies": {
"@babel/core": "^7.29.0", "@babel/core": "^7.29.0",
"@babel/preset-env": "^7.29.0", "@babel/preset-env": "^7.29.0",
"@biomejs/biome": "^2.4.6", "@biomejs/biome": "^2.3.14",
"@hey-api/openapi-ts": "^0.94.0", "@hey-api/openapi-ts": "^0.92.4",
"@rollup/plugin-inject": "^5.0.5", "@rollup/plugin-inject": "^5.0.5",
"@types/alpinejs": "^3.13.11", "@types/alpinejs": "^3.13.11",
"@types/cytoscape-cxtmenu": "^3.4.5", "@types/cytoscape-cxtmenu": "^3.4.5",
"@types/cytoscape-klay": "^3.1.5", "@types/cytoscape-klay": "^3.1.5",
"@types/js-cookie": "^3.0.6", "@types/js-cookie": "^3.0.6",
"rollup-plugin-visualizer": "^7.0.1",
"typescript": "^5.9.3", "typescript": "^5.9.3",
"vite": "^8.0.0" "vite": "^7.3.1",
"vite-bundle-visualizer": "^1.2.1",
"vite-plugin-static-copy": "^3.2.0"
}, },
"dependencies": { "dependencies": {
"@alpinejs/sort": "^3.15.8", "@alpinejs/sort": "^3.15.8",
"@arendjr/text-clipper": "npm:@jsr/arendjr__text-clipper@^3.0.0", "@arendjr/text-clipper": "npm:@jsr/arendjr__text-clipper@^3.0.0",
"@floating-ui/dom": "^1.7.6", "@floating-ui/dom": "^1.7.5",
"@fortawesome/fontawesome-free": "^7.2.0", "@fortawesome/fontawesome-free": "^7.2.0",
"@fullcalendar/core": "^6.1.20", "@fullcalendar/core": "^6.1.20",
"@fullcalendar/daygrid": "^6.1.20", "@fullcalendar/daygrid": "^6.1.20",
"@fullcalendar/icalendar": "^6.1.20", "@fullcalendar/icalendar": "^6.1.20",
"@fullcalendar/list": "^6.1.20", "@fullcalendar/list": "^6.1.20",
"@sentry/browser": "^10.43.0", "@sentry/browser": "^10.38.0",
"@zip.js/zip.js": "^2.8.23", "@zip.js/zip.js": "^2.8.20",
"3d-force-graph": "^1.79.1", "3d-force-graph": "^1.79.1",
"alpinejs": "^3.15.8", "alpinejs": "^3.15.8",
"chart.js": "^4.5.1", "chart.js": "^4.5.1",
@@ -57,14 +60,14 @@
"cytoscape-klay": "^3.1.4", "cytoscape-klay": "^3.1.4",
"d3-force-3d": "^3.0.6", "d3-force-3d": "^3.0.6",
"easymde": "^2.20.0", "easymde": "^2.20.0",
"glob": "^13.0.6", "glob": "^13.0.2",
"html2canvas": "^1.4.1", "html2canvas": "^1.4.1",
"htmx.org": "^2.0.8", "htmx.org": "^2.0.8",
"js-cookie": "^3.0.5", "js-cookie": "^3.0.5",
"lit-html": "^3.3.2", "lit-html": "^3.3.2",
"native-file-system-adapter": "^3.0.1", "native-file-system-adapter": "^3.0.1",
"three": "^0.183.2", "three": "^0.182.0",
"three-spritetext": "^1.10.0", "three-spritetext": "^1.10.0",
"tom-select": "^2.5.2" "tom-select": "^2.5.1"
} }
} }

26
pyproject.toml
View File

@@ -19,7 +19,7 @@ authors = [
license = { text = "GPL-3.0-only" } license = { text = "GPL-3.0-only" }
requires-python = "<4.0,>=3.12" requires-python = "<4.0,>=3.12"
dependencies = [ dependencies = [
"django>=5.2.12,<6.0.0", "django>=5.2.11,<6.0.0",
"django-ninja>=1.5.3,<6.0.0", "django-ninja>=1.5.3,<6.0.0",
"django-ninja-extra>=0.31.0", "django-ninja-extra>=0.31.0",
"Pillow>=12.1.1,<13.0.0", "Pillow>=12.1.1,<13.0.0",
@@ -27,15 +27,15 @@ dependencies = [
"django-jinja<3.0.0,>=2.11.0", "django-jinja<3.0.0,>=2.11.0",
"cryptography>=46.0.5,<47.0.0", "cryptography>=46.0.5,<47.0.0",
"django-phonenumber-field>=8.4.0,<9.0.0", "django-phonenumber-field>=8.4.0,<9.0.0",
"phonenumbers>=9.0.25,<10.0.0", "phonenumbers>=9.0.23,<10.0.0",
"reportlab>=4.4.10,<5.0.0", "reportlab>=4.4.9,<5.0.0",
"django-haystack<4.0.0,>=3.3.0", "django-haystack<4.0.0,>=3.3.0",
"xapian-haystack<4.0.0,>=3.1.0", "xapian-haystack<4.0.0,>=3.1.0",
"libsass<1.0.0,>=0.23.0", "libsass<1.0.0,>=0.23.0",
"django-ordered-model<4.0.0,>=3.7.4", "django-ordered-model<4.0.0,>=3.7.4",
"django-simple-captcha<1.0.0,>=0.6.3", "django-simple-captcha<1.0.0,>=0.6.3",
"python-dateutil<3.0.0.0,>=2.9.0.post0", "python-dateutil<3.0.0.0,>=2.9.0.post0",
"sentry-sdk>=2.54.0,<3.0.0", "sentry-sdk>=2.52.0,<3.0.0",
"jinja2<4.0.0,>=3.1.6", "jinja2<4.0.0,>=3.1.6",
"django-countries>=8.2.0,<9.0.0", "django-countries>=8.2.0,<9.0.0",
"dict2xml>=1.7.8,<2.0.0", "dict2xml>=1.7.8,<2.0.0",
@@ -51,7 +51,7 @@ dependencies = [
"psutil>=7.2.2,<8.0.0", "psutil>=7.2.2,<8.0.0",
"celery[redis]>=5.6.2,<7", "celery[redis]>=5.6.2,<7",
"django-celery-results>=2.5.1", "django-celery-results>=2.5.1",
"django-celery-beat>=2.9.0", "django-celery-beat>=2.7.0",
] ]
[project.urls] [project.urls]
@@ -60,31 +60,31 @@ documentation = "https://sith-ae.readthedocs.io/"
[dependency-groups] [dependency-groups]
prod = [ prod = [
"psycopg[c]>=3.3.3,<4.0.0", "psycopg[c]>=3.3.2,<4.0.0",
] ]
dev = [ dev = [
"django-debug-toolbar>=6.2.0,<7", "django-debug-toolbar>=6.2.0,<7",
"ipython>=9.11.0,<10.0.0", "ipython>=9.10.0,<10.0.0",
"pre-commit>=4.5.1,<5.0.0", "pre-commit>=4.5.1,<5.0.0",
"ruff>=0.15.5,<1.0.0", "ruff>=0.15.0,<1.0.0",
"djhtml>=3.0.10,<4.0.0", "djhtml>=3.0.10,<4.0.0",
"faker>=40.8.0,<41.0.0", "faker>=40.4.0,<41.0.0",
"rjsmin>=1.2.5,<2.0.0", "rjsmin>=1.2.5,<2.0.0",
] ]
tests = [ tests = [
"freezegun>=1.5.5,<2.0.0", "freezegun>=1.5.5,<2.0.0",
"pytest>=9.0.2,<10.0.0", "pytest>=9.0.2,<10.0.0",
"pytest-cov>=7.0.0,<8.0.0", "pytest-cov>=7.0.0,<8.0.0",
"pytest-django<5.0.0,>=4.12.0", "pytest-django<5.0.0,>=4.10.0",
"model-bakery<2.0.0,>=1.23.3", "model-bakery<2.0.0,>=1.23.2",
"beautifulsoup4>=4.14.3,<5", "beautifulsoup4>=4.14.3,<5",
"lxml>=6.0.2,<7", "lxml>=6.0.2,<7",
] ]
docs = [ docs = [
"mkdocs<2.0.0,>=1.6.1", "mkdocs<2.0.0,>=1.6.1",
"mkdocs-material>=9.7.5,<10.0.0", "mkdocs-material>=9.7.1,<10.0.0",
"mkdocstrings>=1.0.3,<2.0.0", "mkdocstrings>=1.0.3,<2.0.0",
"mkdocstrings-python>=2.0.3,<3.0.0", "mkdocstrings-python>=2.0.2,<3.0.0",
"mkdocs-include-markdown-plugin>=7.2.1,<8.0.0", "mkdocs-include-markdown-plugin>=7.2.1,<8.0.0",
] ]

1
sas/static/bundled/sas/viewer-index.ts
View File

@@ -1,6 +1,7 @@
import type TomSelect from "tom-select"; import type TomSelect from "tom-select";
import type { UserAjaxSelect } from "#core:core/components/ajax-select-index.ts"; import type { UserAjaxSelect } from "#core:core/components/ajax-select-index.ts";
import { paginated } from "#core:utils/api.ts"; import { paginated } from "#core:utils/api.ts";
import { exportToHtml } from "#core:utils/globals.ts";
import { History } from "#core:utils/history.ts"; import { History } from "#core:utils/history.ts";
import { import {
type IdentifiedUserSchema, type IdentifiedUserSchema,

40
sith/settings.py
View File

@@ -355,6 +355,7 @@ SITH_TWITTER = "@ae_utbm"
# AE configuration # AE configuration
SITH_MAIN_CLUB_ID = env.int("SITH_MAIN_CLUB_ID", default=1) SITH_MAIN_CLUB_ID = env.int("SITH_MAIN_CLUB_ID", default=1)
SITH_PDF_CLUB_ID = env.int("SITH_PDF_CLUB_ID", default=2) SITH_PDF_CLUB_ID = env.int("SITH_PDF_CLUB_ID", default=2)
SITH_LAUNDERETTE_CLUB_ID = env.int("SITH_LAUNDERETTE_CLUB_ID", default=84)
# Main root for club pages # Main root for club pages
SITH_CLUB_ROOT_PAGE = "clubs" SITH_CLUB_ROOT_PAGE = "clubs"
@@ -404,6 +405,8 @@ SITH_FORUM_PAGE_LENGTH = 30
SITH_SAS_ROOT_DIR_ID = env.int("SITH_SAS_ROOT_DIR_ID", default=4) SITH_SAS_ROOT_DIR_ID = env.int("SITH_SAS_ROOT_DIR_ID", default=4)
SITH_SAS_IMAGES_PER_PAGE = 60 SITH_SAS_IMAGES_PER_PAGE = 60
SITH_CGU_FILE_ID = env.int("SITH_CGU_FILE_ID", default=5)
SITH_PROFILE_DEPARTMENTS = [ SITH_PROFILE_DEPARTMENTS = [
("TC", _("TC")), ("TC", _("TC")),
("IMSI", _("IMSI")), ("IMSI", _("IMSI")),
@@ -482,6 +485,13 @@ SITH_LOG_OPERATION_TYPE = [
SITH_PEDAGOGY_UTBM_API = "https://extranet1.utbm.fr/gpedago/api/guide" SITH_PEDAGOGY_UTBM_API = "https://extranet1.utbm.fr/gpedago/api/guide"
SITH_ECOCUP_CONS = env.int("SITH_ECOCUP_CONS", default=1151)
SITH_ECOCUP_DECO = env.int("SITH_ECOCUP_DECO", default=1152)
# The limit is the maximum difference between cons and deco possible for a customer
SITH_ECOCUP_LIMIT = 3
# Defines pagination for cash summary # Defines pagination for cash summary
SITH_COUNTER_CASH_SUMMARY_LENGTH = 50 SITH_COUNTER_CASH_SUMMARY_LENGTH = 50
@@ -504,6 +514,7 @@ SITH_PRODUCT_SUBSCRIPTION_ONE_SEMESTER = env.int(
SITH_PRODUCT_SUBSCRIPTION_TWO_SEMESTERS = env.int( SITH_PRODUCT_SUBSCRIPTION_TWO_SEMESTERS = env.int(
"SITH_PRODUCT_SUBSCRIPTION_TWO_SEMESTERS", default=2 "SITH_PRODUCT_SUBSCRIPTION_TWO_SEMESTERS", default=2
) )
SITH_PRODUCTTYPE_SUBSCRIPTION = env.int("SITH_PRODUCTTYPE_SUBSCRIPTION", default=2)
# Number of weeks before the end of a subscription when the subscriber can resubscribe # Number of weeks before the end of a subscription when the subscriber can resubscribe
SITH_SUBSCRIPTION_END = 10 SITH_SUBSCRIPTION_END = 10
@@ -574,6 +585,35 @@ SITH_SUBSCRIPTIONS = {
# To be completed.... # To be completed....
} }
SITH_CLUB_ROLES_ID = {
"President": 10,
"Vice-President": 9,
"Treasurer": 7,
"Communication supervisor": 5,
"Secretary": 4,
"IT supervisor": 3,
"Board member": 2,
"Active member": 1,
"Curious": 0,
}
SITH_CLUB_ROLES = {
10: _("President"),
9: _("Vice-President"),
7: _("Treasurer"),
5: _("Communication supervisor"),
4: _("Secretary"),
3: _("IT supervisor"),
2: _("Board member"),
1: _("Active member"),
0: _("Curious"),
}
# This corresponds to the maximum role a user can freely subscribe to
# In this case, SITH_MAXIMUM_FREE_ROLE=1 means that a user can
# set himself as "Membre actif" or "Curieux", but not higher
SITH_MAXIMUM_FREE_ROLE = 1
# Minutes to timeout the logged barmen # Minutes to timeout the logged barmen
SITH_BARMAN_TIMEOUT = 30 SITH_BARMAN_TIMEOUT = 30

1
sith/urls.py
View File

@@ -34,6 +34,7 @@ urlpatterns = [
path("", include(("core.urls", "core"), namespace="core")), path("", include(("core.urls", "core"), namespace="core")),
path("sitemap.xml", cache_page(86400)(sitemap), {"sitemaps": sitemaps}), path("sitemap.xml", cache_page(86400)(sitemap), {"sitemaps": sitemaps}),
path("api/", api.urls), path("api/", api.urls),
path("api-link/", include(("api.urls", "api-link"), namespace="api-link")),
path("rootplace/", include(("rootplace.urls", "rootplace"), namespace="rootplace")), path("rootplace/", include(("rootplace.urls", "rootplace"), namespace="rootplace")),
path( path(
"subscription/", "subscription/",

5
subscription/tests/test_permissions.py
View File

@@ -4,7 +4,7 @@ from django.urls import reverse
from model_bakery import baker from model_bakery import baker
from pytest_django.asserts import assertRedirects from pytest_django.asserts import assertRedirects
from club.models import Club, ClubRole, Membership from club.models import Club, Membership
from core.baker_recipes import subscriber_user from core.baker_recipes import subscriber_user
from core.models import User from core.models import User
@@ -15,8 +15,7 @@ class TestSubscriptionPermission(TestCase):
cls.user: User = subscriber_user.make() cls.user: User = subscriber_user.make()
cls.admin = baker.make(User, is_superuser=True) cls.admin = baker.make(User, is_superuser=True)
cls.club = baker.make(Club) cls.club = baker.make(Club)
role = baker.make(ClubRole, club=cls.club, is_board=True) baker.make(Membership, user=cls.user, club=cls.club, role=7)
baker.make(Membership, user=cls.user, club=cls.club, role=role)
def test_give_permission(self): def test_give_permission(self):
self.client.force_login(self.admin) self.client.force_login(self.admin)

11
trombi/models.py
View File

@@ -23,6 +23,7 @@
from datetime import date from datetime import date
from django.conf import settings
from django.core.exceptions import ValidationError from django.core.exceptions import ValidationError
from django.db import models from django.db import models
from django.urls import reverse from django.urls import reverse
@@ -151,12 +152,10 @@ class TrombiUser(models.Model):
def make_memberships(self): def make_memberships(self):
self.memberships.all().delete() self.memberships.all().delete()
for m in ( for m in self.user.memberships.filter(
self.user.memberships.filter(role__is_board=True) role__gt=settings.SITH_MAXIMUM_FREE_ROLE
.select_related("role") ).order_by("end_date"):
.order_by("end_date") role = str(settings.SITH_CLUB_ROLES[m.role])
):
role = m.role.name
if m.description: if m.description:
role += " (%s)" % m.description role += " (%s)" % m.description
end_date = get_semester_code(m.end_date) if m.end_date else "" end_date = get_semester_code(m.end_date) if m.end_date else ""

625
uv.lock generated
View File

File diff suppressed because it is too large Load Diff

15
vite.config.mts
View File

@@ -1,17 +1,14 @@
// biome-ignore lint/correctness/noNodejsModules: this is backend side
import { parse, resolve } from "node:path"; import { parse, resolve } from "node:path";
import inject from "@rollup/plugin-inject"; import inject from "@rollup/plugin-inject";
import { glob } from "glob"; import { glob } from "glob";
import { visualizer } from "rollup-plugin-visualizer"; import type { Rollup } from "vite";
import { import { type AliasOptions, defineConfig, type UserConfig } from "vite";
type AliasOptions,
defineConfig,
type PluginOption,
type Rollup,
type UserConfig,
} from "vite";
import tsconfig from "./tsconfig.json"; import tsconfig from "./tsconfig.json";
const outDir = resolve(__dirname, "./staticfiles/generated/bundled"); const outDir = resolve(__dirname, "./staticfiles/generated/bundled");
const vendored = resolve(outDir, "vendored");
const nodeModules = resolve(__dirname, "node_modules");
const collectedFiles = glob.sync( const collectedFiles = glob.sync(
"./!(static)/static/bundled/**/*?(-)index.?(m)[j|t]s?(x)", "./!(static)/static/bundled/**/*?(-)index.?(m)[j|t]s?(x)",
); );
@@ -45,6 +42,7 @@ function getRelativeAssetPath(path: string): string {
return relativePath.join("/"); return relativePath.join("/");
} }
// biome-ignore lint/style/noDefaultExport: this is recommended by documentation
export default defineConfig((config: UserConfig) => { export default defineConfig((config: UserConfig) => {
return { return {
base: "/static/bundled/", base: "/static/bundled/",
@@ -88,7 +86,6 @@ export default defineConfig((config: UserConfig) => {
Alpine: "alpinejs", Alpine: "alpinejs",
htmx: "htmx.org", htmx: "htmx.org",
}), }),
visualizer({ filename: ".bundle-size-report.html" }) as PluginOption,
], ],
} satisfies UserConfig; } satisfies UserConfig;
}); });