klmp200/Sith
1
0
Fork 0
mirror of https://github.com/ae-utbm/sith.git synced 2025-11-22 12:46:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: klmp200:discord-auth
Branches Tags
klmp200:master klmp200:fix/product-action klmp200:remove-is_validated klmp200:gh-pages klmp200:taiste klmp200:dependabot/npm_and_yarn/glob-11.1.0 klmp200:dependabot/pip/taiste/faker-gte-37.12.0-and-lt-39.0.0 klmp200:dependabot/pip/taiste/ical-gte-11.1.0-and-lt-13 klmp200:dependabot/npm_and_yarn/js-yaml-4.1.1 klmp200:galaxy klmp200:dependabot/pip/taiste/pytest-gte-8.4.2-and-lt-10.0.0 klmp200:discord-auth klmp200:dependabot/pip/taiste/redis-hiredis--gte-5.3.0-and-lt-8 klmp200:room-reservation klmp200:subscription-from-counter klmp200:ia-explanation klmp200:photos klmp200:docker klmp200:windows-update klmp200:trombi klmp200:counter-activity-stats
..
compare: klmp200:subscription-from-counter
Branches Tags
klmp200:fix/product-action klmp200:remove-is_validated klmp200:master klmp200:gh-pages klmp200:taiste klmp200:dependabot/npm_and_yarn/glob-11.1.0 klmp200:dependabot/pip/taiste/faker-gte-37.12.0-and-lt-39.0.0 klmp200:dependabot/pip/taiste/ical-gte-11.1.0-and-lt-13 klmp200:dependabot/npm_and_yarn/js-yaml-4.1.1 klmp200:galaxy klmp200:dependabot/pip/taiste/pytest-gte-8.4.2-and-lt-10.0.0 klmp200:discord-auth klmp200:dependabot/pip/taiste/redis-hiredis--gte-5.3.0-and-lt-8 klmp200:room-reservation klmp200:subscription-from-counter klmp200:ia-explanation klmp200:photos klmp200:docker klmp200:windows-update klmp200:trombi klmp200:counter-activity-stats

1 Commits
discord-au ... subscripti

Author SHA1 Message Date
NaNoMelo
500af2f73a add condition for EBOUTIC counter type in subscription creation 2025-10-01 14:37:41 +02:00
111 changed files with 2148 additions and 4632 deletions
Expand all files Collapse all files

4
.pre-commit-config.yaml
View File

@@ -1,7 +1,7 @@
repos: repos:
- repo: https://github.com/astral-sh/ruff-pre-commit - repo: https://github.com/astral-sh/ruff-pre-commit
# Ruff version. # Ruff version.
rev: v0.14.4 rev: v0.11.13
hooks: hooks:
- id: ruff-check # just check the code, and print the errors - id: ruff-check # just check the code, and print the errors
- id: ruff-check # actually fix the fixable errors, but print nothing - id: ruff-check # actually fix the fixable errors, but print nothing
@@ -14,7 +14,7 @@ repos:
- id: biome-check - id: biome-check
additional_dependencies: ["@biomejs/biome@1.9.4"] additional_dependencies: ["@biomejs/biome@1.9.4"]
- repo: https://github.com/rtts/djhtml - repo: https://github.com/rtts/djhtml
rev: 3.0.10 rev: 3.0.7
hooks: hooks:
- id: djhtml - id: djhtml
name: format templates name: format templates

9
api/admin.py
View File

@@ -17,15 +17,6 @@ class ApiClientAdmin(admin.ModelAdmin):
"owner__nick_name", "owner__nick_name",
) )
autocomplete_fields = ("owner", "groups", "client_permissions") autocomplete_fields = ("owner", "groups", "client_permissions")
readonly_fields = ("hmac_key",)
actions = ("reset_hmac_key",)
@admin.action(permissions=["change"], description=_("Reset HMAC key"))
def reset_hmac_key(self, _request: HttpRequest, queryset: QuerySet[ApiClient]):
objs = list(queryset)
for obj in objs:
obj.reset_hmac(commit=False)
ApiClient.objects.bulk_update(objs, fields=["hmac_key"])
@admin.register(ApiKey) @admin.register(ApiKey)

16
api/api.py
View File

@@ -1,16 +0,0 @@
from ninja_extra import ControllerBase, api_controller, route
from api.auth import ApiKeyAuth
from api.schemas import ApiClientSchema
@api_controller("/client")
class ApiClientController(ControllerBase):
@route.get(
"/me",
auth=[ApiKeyAuth()],
response=ApiClientSchema,
url_name="api-client-infos",
)
def get_client_info(self):
return self.context.request.auth

35
api/forms.py
View File

@@ -1,35 +0,0 @@
from django import forms
from django.forms import HiddenInput
from django.utils.translation import gettext_lazy as _
class ThirdPartyAuthForm(forms.Form):
"""Form to complete to authenticate on the sith from a third-party app.
For the form to be valid, the user approve the EULA (french: CGU)
and give its username from the third-party app.
"""
cgu_accepted = forms.BooleanField(
required=True,
label=_("I have read and I accept the terms and conditions of use"),
error_messages={
"required": _("You must approve the terms and conditions of use.")
},
)
is_username_valid = forms.BooleanField(
required=True,
error_messages={"required": _("You must confirm that this is your username.")},
)
client_id = forms.IntegerField(widget=HiddenInput())
third_party_app = forms.CharField(widget=HiddenInput())
privacy_link = forms.URLField(widget=HiddenInput())
username = forms.CharField(widget=HiddenInput())
callback_url = forms.URLField(widget=HiddenInput())
signature = forms.CharField(widget=HiddenInput())
def __init__(self, *args, label_suffix: str = "", initial, **kwargs):
super().__init__(*args, label_suffix=label_suffix, initial=initial, **kwargs)
self.fields["is_username_valid"].label = _(
"I confirm that %(username)s is my username on %(app)s"
) % {"username": initial.get("username"), "app": initial.get("third_party_app")}

19
api/migrations/0002_apiclient_hmac_key.py
View File

@@ -1,19 +0,0 @@
# Generated by Django 5.2.3 on 2025-10-26 10:15
from django.db import migrations, models
import api.models
class Migration(migrations.Migration):
dependencies = [("api", "0001_initial")]
operations = [
migrations.AddField(
model_name="apiclient",
name="hmac_key",
field=models.CharField(
default=api.models.get_hmac_key, max_length=128, verbose_name="HMAC Key"
),
),
]

53
api/models.py
View File

@@ -1,20 +1,13 @@
import secrets
from typing import Iterable from typing import Iterable
from django.contrib.auth.models import Permission from django.contrib.auth.models import Permission
from django.db import models from django.db import models
from django.db.models import Q
from django.utils.functional import cached_property
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from django.utils.translation import pgettext_lazy from django.utils.translation import pgettext_lazy
from core.models import Group, User from core.models import Group, User
def get_hmac_key():
return secrets.token_hex(64)
class ApiClient(models.Model): class ApiClient(models.Model):
name = models.CharField(_("name"), max_length=64) name = models.CharField(_("name"), max_length=64)
owner = models.ForeignKey( owner = models.ForeignKey(
@@ -33,10 +26,11 @@ class ApiClient(models.Model):
help_text=_("Specific permissions for this api client."), help_text=_("Specific permissions for this api client."),
related_name="clients", related_name="clients",
) )
hmac_key = models.CharField(_("HMAC Key"), max_length=128, default=get_hmac_key)
created_at = models.DateTimeField(auto_now_add=True) created_at = models.DateTimeField(auto_now_add=True)
updated_at = models.DateTimeField(auto_now=True) updated_at = models.DateTimeField(auto_now=True)
_perm_cache: set[str] | None = None
class Meta: class Meta:
verbose_name = _("api client") verbose_name = _("api client")
verbose_name_plural = _("api clients") verbose_name_plural = _("api clients")
@@ -44,38 +38,33 @@ class ApiClient(models.Model):
def __str__(self): def __str__(self):
return self.name return self.name
@cached_property def has_perm(self, perm: str):
def all_permissions(self) -> set[str]: """Return True if the client has the specified permission."""
permissions = (
Permission.objects.filter( if self._perm_cache is None:
Q(group__group__in=self.groups.all()) | Q(clients=self) group_permissions = (
) Permission.objects.filter(group__group__in=self.groups.all())
.values_list("content_type__app_label", "codename") .values_list("content_type__app_label", "codename")
.order_by() .order_by()
) )
return {f"{content_type}.{name}" for content_type, name in permissions} client_permissions = self.client_permissions.values_list(
"content_type__app_label", "codename"
).order_by()
self._perm_cache = {
f"{content_type}.{name}"
for content_type, name in (*group_permissions, *client_permissions)
}
return perm in self._perm_cache
def has_perm(self, perm: str): def has_perms(self, perm_list):
"""Return True if the client has the specified permission.""" """
return perm in self.all_permissions Return True if the client has each of the specified permissions. If
object is passed, check if the client has all required perms for it.
def has_perms(self, perm_list: Iterable[str]) -> bool: """
"""Return True if the client has each of the specified permissions."""
if not isinstance(perm_list, Iterable) or isinstance(perm_list, str): if not isinstance(perm_list, Iterable) or isinstance(perm_list, str):
raise ValueError("perm_list must be an iterable of permissions.") raise ValueError("perm_list must be an iterable of permissions.")
return all(self.has_perm(perm) for perm in perm_list) return all(self.has_perm(perm) for perm in perm_list)
def reset_hmac(self, *, commit: bool = True) -> str:
"""Reset and return the HMAC key for this client.
Args:
commit: if True (the default), persist the new hmac in db.
"""
self.hmac_key = get_hmac_key()
if commit:
self.save()
return self.hmac_key
class ApiKey(models.Model): class ApiKey(models.Model):
PREFIX_LENGTH = 5 PREFIX_LENGTH = 5

23
api/schemas.py
View File

@@ -1,23 +0,0 @@
from ninja import ModelSchema, Schema
from pydantic import Field, HttpUrl
from api.models import ApiClient
from core.schemas import SimpleUserSchema
class ApiClientSchema(ModelSchema):
class Meta:
model = ApiClient
fields = ["id", "name"]
owner: SimpleUserSchema
permissions: list[str] = Field(alias="all_permissions")
class ThirdPartyAuthParamsSchema(Schema):
client_id: int
third_party_app: str
privacy_link: HttpUrl
username: str
callback_url: HttpUrl
signature: str

32
api/templates/api/third_party/auth.jinja vendored
View File

@@ -1,32 +0,0 @@
{% extends "core/base.jinja" %}
{% block content %}
<form method="post">
{% csrf_token %}
<h3>{% trans %}Confidentiality{% endtrans %}</h3>
<p>
{% trans trimmed app=third_party_app %}
By ticking this box and clicking on the send button, you
acknowledge and agree to provide {{ app }} with your
first name, last name, nickname and any other information
that was the third party app was explicitly authorized to fetch
and that it must have acknowledged to you, in a complete and accurate manner.
{% endtrans %}
</p>
<p class="margin-bottom">
{% trans trimmed app=third_party_app, privacy_link=third_party_cgu, sith_cgu_link=sith_cgu %}
The privacy policies of <a href="{{ privacy_link }}">{{ app }}</a>
and of <a href="{{ sith_cgu_link }}">the Students' Association</a>
applies as soon as the form is submitted.
{% endtrans %}
</p>
<div class="row">{{ form.cgu_accepted }} {{ form.cgu_accepted.label_tag() }}</div>
<br>
<h3 class="margin-bottom">{% trans %}Confirmation of identity{% endtrans %}</h3>
<div class="row margin-bottom">
{{ form.is_username_valid }} {{ form.is_username_valid.label_tag() }}
</div>
{% for field in form.hidden_fields() %}{{ field }}{% endfor %}
<input type="submit" class="btn btn-blue">
</form>
{% endblock %}

24
api/tests/test_admin.py
View File

@@ -1,24 +0,0 @@
import pytest
from django.contrib.admin import AdminSite
from django.http import HttpRequest
from model_bakery import baker
from pytest_django.asserts import assertNumQueries
from api.admin import ApiClientAdmin
from api.models import ApiClient
@pytest.mark.django_db
def test_reset_hmac_action():
client_admin = ApiClientAdmin(ApiClient, AdminSite())
api_clients = baker.make(ApiClient, _quantity=4, _bulk_create=True)
old_hmac_keys = [c.hmac_key for c in api_clients]
with assertNumQueries(2):
qs = ApiClient.objects.filter(id__in=[c.id for c in api_clients[2:4]])
client_admin.reset_hmac_key(HttpRequest(), qs)
for c in api_clients:
c.refresh_from_db()
assert api_clients[0].hmac_key == old_hmac_keys[0]
assert api_clients[1].hmac_key == old_hmac_keys[1]
assert api_clients[2].hmac_key != old_hmac_keys[2]
assert api_clients[3].hmac_key != old_hmac_keys[3]

18
api/tests/test_api_client_controller.py
View File

@@ -1,18 +0,0 @@
import pytest
from django.test import Client
from django.urls import reverse
from model_bakery import baker
from api.hashers import generate_key
from api.models import ApiClient, ApiKey
from api.schemas import ApiClientSchema
@pytest.mark.django_db
def test_api_client_controller(client: Client):
key, hashed = generate_key()
api_client = baker.make(ApiClient)
baker.make(ApiKey, client=api_client, hashed_key=hashed)
res = client.get(reverse("api:api-client-infos"), headers={"X-APIKey": key})
assert res.status_code == 200
assert res.json() == ApiClientSchema.from_orm(api_client).model_dump()

59
api/tests/test_client.py
View File

@@ -1,59 +0,0 @@
import pytest
from django.contrib.auth.models import Permission
from django.test import TestCase
from model_bakery import baker
from api.models import ApiClient
from core.models import Group
class TestClientPermissions(TestCase):
@classmethod
def setUpTestData(cls):
cls.api_client = baker.make(ApiClient)
cls.perms = baker.make(Permission, _quantity=10, _bulk_create=True)
cls.api_client.groups.set(
[
baker.make(Group, permissions=cls.perms[0:3]),
baker.make(Group, permissions=cls.perms[3:5]),
]
)
cls.api_client.client_permissions.set(
[cls.perms[3], cls.perms[5], cls.perms[6], cls.perms[7]]
)
def test_all_permissions(self):
assert self.api_client.all_permissions == {
f"{p.content_type.app_label}.{p.codename}" for p in self.perms[0:8]
}
def test_has_perm(self):
assert self.api_client.has_perm(
f"{self.perms[1].content_type.app_label}.{self.perms[1].codename}"
)
assert not self.api_client.has_perm(
f"{self.perms[9].content_type.app_label}.{self.perms[9].codename}"
)
def test_has_perms(self):
assert self.api_client.has_perms(
[
f"{self.perms[1].content_type.app_label}.{self.perms[1].codename}",
f"{self.perms[2].content_type.app_label}.{self.perms[2].codename}",
]
)
assert not self.api_client.has_perms(
[
f"{self.perms[1].content_type.app_label}.{self.perms[1].codename}",
f"{self.perms[9].content_type.app_label}.{self.perms[9].codename}",
],
)
@pytest.mark.django_db
def test_reset_hmac_key():
client = baker.make(ApiClient)
original_key = client.hmac_key
client.reset_hmac(commit=True)
assert len(client.hmac_key) == len(original_key)
assert client.hmac_key != original_key

114
api/tests/test_third_party_auth.py
View File

@@ -1,114 +0,0 @@
from unittest import mock
from unittest.mock import Mock
from django.db.models import Max
from django.test import TestCase
from django.urls import reverse
from model_bakery import baker
from pytest_django.asserts import assertRedirects
from api.models import ApiClient, get_hmac_key
from core.baker_recipes import subscriber_user
from core.schemas import UserProfileSchema
from core.utils import hmac_hexdigest
def mocked_post(*, ok: bool):
class MockedResponse(Mock):
@property
def ok(self):
return ok
def mocked():
return MockedResponse()
return mocked
class TestThirdPartyAuth(TestCase):
@classmethod
def setUpTestData(cls):
cls.user = subscriber_user.make()
cls.api_client = baker.make(ApiClient)
def setUp(self):
self.query = {
"client_id": self.api_client.id,
"third_party_app": "app",
"privacy_link": "https://foobar.fr/",
"username": "bibou",
"callback_url": "https://callback.fr/",
}
self.query["signature"] = hmac_hexdigest(self.api_client.hmac_key, self.query)
self.callback_data = {
"user": UserProfileSchema.from_orm(self.user).model_dump()
}
self.callback_data["signature"] = hmac_hexdigest(
self.api_client.hmac_key, self.callback_data["user"]
)
def test_auth_ok(self):
self.client.force_login(self.user)
res = self.client.get(reverse("api-link:third-party-auth", query=self.query))
assert res.status_code == 200
with mock.patch("requests.post", new_callable=mocked_post(ok=True)) as mocked:
res = self.client.post(
reverse("api-link:third-party-auth"),
data={"cgu_accepted": True, "is_username_valid": True, **self.query},
)
mocked.assert_called_once_with(
self.query["callback_url"], data=self.callback_data
)
assertRedirects(
res,
reverse("api-link:third-party-auth-result", kwargs={"result": "success"}),
)
def test_callback_error(self):
"""Test that the user see the failure page if the callback request failed."""
self.client.force_login(self.user)
with mock.patch("requests.post", new_callable=mocked_post(ok=False)) as mocked:
res = self.client.post(
reverse("api-link:third-party-auth"),
data={"cgu_accepted": True, "is_username_valid": True, **self.query},
)
mocked.assert_called_once_with(
self.query["callback_url"], data=self.callback_data
)
assertRedirects(
res,
reverse("api-link:third-party-auth-result", kwargs={"result": "failure"}),
)
def test_wrong_signature(self):
"""Test that a 403 is raised if the signature of the query is wrong."""
self.client.force_login(subscriber_user.make())
new_key = get_hmac_key()
del self.query["signature"]
self.query["signature"] = hmac_hexdigest(new_key, self.query)
res = self.client.get(reverse("api-link:third-party-auth", query=self.query))
assert res.status_code == 403
def test_cgu_not_accepted(self):
self.client.force_login(self.user)
res = self.client.get(reverse("api-link:third-party-auth", query=self.query))
assert res.status_code == 200
res = self.client.post(reverse("api-link:third-party-auth"), data=self.query)
assert res.status_code == 200 # no redirect means invalid form
res = self.client.post(
reverse("api-link:third-party-auth"),
data={"cgu_accepted": False, "is_username_valid": False, **self.query},
)
assert res.status_code == 200
def test_invalid_client(self):
self.query["client_id"] = ApiClient.objects.aggregate(res=Max("id"))["res"] + 1
res = self.client.get(reverse("api-link:third-party-auth", query=self.query))
assert res.status_code == 403
def test_missing_parameter(self):
"""Test that a 403 is raised if there is a missing parameter."""
del self.query["username"]
self.query["signature"] = hmac_hexdigest(self.api_client.hmac_key, self.query)
res = self.client.get(reverse("api-link:third-party-auth", query=self.query))
assert res.status_code == 403

15
api/urls.py
View File

@@ -1,9 +1,5 @@
from django.urls import path, register_converter
from ninja_extra import NinjaExtraAPI from ninja_extra import NinjaExtraAPI
from api.views import ThirdPartyAuthResultView, ThirdPartyAuthView
from core.converters import ResultConverter
api = NinjaExtraAPI( api = NinjaExtraAPI(
title="PICON", title="PICON",
description="Portail Interactif de Communication avec les Outils Numériques", description="Portail Interactif de Communication avec les Outils Numériques",
@@ -12,14 +8,3 @@ api = NinjaExtraAPI(
csrf=True, csrf=True,
) )
api.auto_discover_controllers() api.auto_discover_controllers()
register_converter(ResultConverter, "res")
urlpatterns = [
path("auth/", ThirdPartyAuthView.as_view(), name="third-party-auth"),
path(
"auth/<res:result>/",
ThirdPartyAuthResultView.as_view(),
name="third-party-auth-result",
),
]

119
api/views.py
View File

@@ -1,119 +0,0 @@
import hmac
from urllib.parse import unquote
import pydantic
import requests
from django.conf import settings
from django.contrib import messages
from django.contrib.auth.mixins import LoginRequiredMixin
from django.core.exceptions import PermissionDenied
from django.urls import reverse, reverse_lazy
from django.utils.translation import gettext as _
from django.views.generic import FormView, TemplateView
from ninja_extra.shortcuts import get_object_or_none
from api.forms import ThirdPartyAuthForm
from api.models import ApiClient
from api.schemas import ThirdPartyAuthParamsSchema
from core.models import SithFile
from core.schemas import UserProfileSchema
from core.utils import hmac_hexdigest
class ThirdPartyAuthView(LoginRequiredMixin, FormView):
form_class = ThirdPartyAuthForm
template_name = "api/third_party/auth.jinja"
success_url = reverse_lazy("core:index")
def parse_params(self) -> ThirdPartyAuthParamsSchema:
"""Parse and check the authentication parameters.
Raises:
PermissionDenied: if the verification failed.
"""
# This is here rather than in ThirdPartyAuthForm because
# the given parameters and their signature are checked during both
# POST (for obvious reasons) and GET (in order not to make
# the user fill a form just to get an error he won't understand)
params = self.request.GET or self.request.POST
params = {key: unquote(val) for key, val in params.items()}
try:
params = ThirdPartyAuthParamsSchema(**params)
except pydantic.ValidationError as e:
raise PermissionDenied("Wrong data format") from e
client: ApiClient = get_object_or_none(ApiClient, id=params.client_id)
if not client:
raise PermissionDenied
if not hmac.compare_digest(
hmac_hexdigest(client.hmac_key, params.model_dump(exclude={"signature"})),
params.signature,
):
raise PermissionDenied("Bad signature")
return params
def dispatch(self, request, *args, **kwargs):
self.params = self.parse_params()
return super().dispatch(request, *args, **kwargs)
def get(self, *args, **kwargs):
messages.warning(
self.request,
_(
"You are going to link your AE account and your %(app)s account. "
"Continue only if this page was opened from %(app)s."
)
% {"app": self.params.third_party_app},
)
return super().get(*args, **kwargs)
def get_initial(self):
return self.params.model_dump()
def form_valid(self, form):
client = ApiClient.objects.get(id=form.cleaned_data["client_id"])
user = UserProfileSchema.from_orm(self.request.user).model_dump()
data = {"user": user, "signature": hmac_hexdigest(client.hmac_key, user)}
response = requests.post(form.cleaned_data["callback_url"], data=data)
self.success_url = reverse(
"api-link:third-party-auth-result",
kwargs={"result": "success" if response.ok else "failure"},
)
return super().form_valid(form)
def get_context_data(self, **kwargs):
return super().get_context_data(**kwargs) | {
"third_party_app": self.params.third_party_app,
"third_party_cgu": self.params.privacy_link,
"sith_cgu": SithFile.objects.get(id=settings.SITH_CGU_FILE_ID),
}
class ThirdPartyAuthResultView(LoginRequiredMixin, TemplateView):
"""View that the user will see if its authentication on sith was successful.
This can show either a success or a failure message :
- success : everything is good, the user is successfully authenticated
and can close the page
- failure : the authentication has been processed on the sith side,
but the request to the callback url received an error.
In such a case, there is nothing much we can do but to advice
the user to contact the developers of the third-party app.
"""
template_name = "core/base.jinja"
success_message = _(
"You have been successfully authenticated. You can now close this page."
)
error_message = _(
"Your authentication on the AE website was successful, "
"but an error happened during the interaction "
"with the third-party application. "
"Please contact the managers of the latter."
)
def get(self, request, *args, **kwargs):
if self.kwargs.get("result") == "success":
messages.success(request, self.success_message)
else:
messages.error(request, self.error_message)
return super().get(request, *args, **kwargs)

10
club/api.py
View File

@@ -1,5 +1,7 @@
from typing import Annotated
from annotated_types import MinLen
from django.db.models import Prefetch from django.db.models import Prefetch
from ninja import Query
from ninja.security import SessionAuth from ninja.security import SessionAuth
from ninja_extra import ControllerBase, api_controller, paginate, route from ninja_extra import ControllerBase, api_controller, paginate, route
from ninja_extra.pagination import PageNumberPaginationExtra from ninja_extra.pagination import PageNumberPaginationExtra
@@ -8,7 +10,7 @@ from ninja_extra.schemas import PaginatedResponseSchema
from api.auth import ApiKeyAuth from api.auth import ApiKeyAuth
from api.permissions import CanAccessLookup, HasPerm from api.permissions import CanAccessLookup, HasPerm
from club.models import Club, Membership from club.models import Club, Membership
from club.schemas import ClubSchema, ClubSearchFilterSchema, SimpleClubSchema from club.schemas import ClubSchema, SimpleClubSchema
@api_controller("/club") @api_controller("/club")
@@ -21,8 +23,8 @@ class ClubController(ControllerBase):
url_name="search_club", url_name="search_club",
) )
@paginate(PageNumberPaginationExtra, page_size=50) @paginate(PageNumberPaginationExtra, page_size=50)
def search_club(self, filters: Query[ClubSearchFilterSchema]): def search_club(self, search: Annotated[str, MinLen(1)]):
return filters.filter(Club.objects.all()) return Club.objects.filter(name__icontains=search).values()
@route.get( @route.get(
"/{int:club_id}", "/{int:club_id}",

2
club/forms.py
View File

@@ -252,7 +252,7 @@ class ClubAddMemberForm(ClubMemberForm):
Board members can attribute roles lower than their own. Board members can attribute roles lower than their own.
Other users cannot attribute roles with this form Other users cannot attribute roles with this form
""" """
if self.request_user.has_perm("club.add_membership"): if self.request_user.has_perm("club.add_subscription"):
return settings.SITH_CLUB_ROLES_ID["President"] return settings.SITH_CLUB_ROLES_ID["President"]
membership = self.request_user_membership membership = self.request_user_membership
if membership is None or membership.role <= settings.SITH_MAXIMUM_FREE_ROLE: if membership is None or membership.role <= settings.SITH_MAXIMUM_FREE_ROLE:

19
club/schemas.py
View File

@@ -1,26 +1,9 @@
from typing import Annotated from ninja import ModelSchema
from annotated_types import MinLen
from django.db.models import Q
from ninja import Field, FilterSchema, ModelSchema
from club.models import Club, Membership from club.models import Club, Membership
from core.schemas import SimpleUserSchema from core.schemas import SimpleUserSchema
class ClubSearchFilterSchema(FilterSchema):
search: Annotated[str, MinLen(1)] | None = Field(None, q="name__icontains")
is_active: bool | None = None
parent_id: int | None = None
parent_name: str | None = Field(None, q="parent__name__icontains")
exclude_ids: set[int] | None = None
def filter_exclude_ids(self, value: set[int] | None):
if value is None:
return Q()
return ~Q(id__in=value)
class SimpleClubSchema(ModelSchema): class SimpleClubSchema(ModelSchema):
class Meta: class Meta:
model = Club model = Club

15
club/templates/club/club_sellings.jinja
View File

@@ -6,11 +6,11 @@ because it works with a somewhat dynamic form,
but was written before Alpine was introduced in the project. but was written before Alpine was introduced in the project.
TODO : rewrite the pagination used in this template an Alpine one TODO : rewrite the pagination used in this template an Alpine one
#} #}
{% macro paginate(page_obj, paginator) %} {% macro paginate(page_obj, paginator, js_action) %}
{% set js = "formPagination(this)" %} {% set js = js_action|default('') %}
{% if page_obj.has_previous() or page_obj.has_next() %} {% if page_obj.has_previous() or page_obj.has_next() %}
{% if page_obj.has_previous() %} {% if page_obj.has_previous() %}
<a type="submit" onclick="{{ js }}" href="?page={{ page_obj.previous_page_number() }}">{% trans %}Previous{% endtrans %}</a> <a {% if js %} type="submit" onclick="{{ js }}" {% endif %} href="?page={{ page_obj.previous_page_number() }}">{% trans %}Previous{% endtrans %}</a>
{% else %} {% else %}
<span class="disabled">{% trans %}Previous{% endtrans %}</span> <span class="disabled">{% trans %}Previous{% endtrans %}</span>
{% endif %} {% endif %}
@@ -18,11 +18,11 @@ TODO : rewrite the pagination used in this template an Alpine one
{% if page_obj.number == i %} {% if page_obj.number == i %}
<span class="active">{{ i }} <span class="sr-only">({% trans %}current{% endtrans %})</span></span> <span class="active">{{ i }} <span class="sr-only">({% trans %}current{% endtrans %})</span></span>
{% else %} {% else %}
<a type="submit" onclick="{{ js }}" href="?page={{ i }}">{{ i }}</a> <a {% if js %} type="submit" onclick="{{ js }}" {% endif %} href="?page={{ i }}">{{ i }}</a>
{% endif %} {% endif %}
{% endfor %} {% endfor %}
{% if page_obj.has_next() %} {% if page_obj.has_next() %}
<a type="submit" onclick="{{ js }}" href="?page={{ page_obj.next_page_number() }}">{% trans %}Next{% endtrans %}</a> <a {% if js %} type="submit" onclick="{{ js }}" {% endif %} href="?page={{ page_obj.next_page_number() }}">{% trans %}Next{% endtrans %}</a>
{% else %} {% else %}
<span class="disabled">{% trans %}Next{% endtrans %}</span> <span class="disabled">{% trans %}Next{% endtrans %}</span>
{% endif %} {% endif %}
@@ -81,10 +81,6 @@ TODO : rewrite the pagination used in this template an Alpine one
{% endfor %} {% endfor %}
</tbody> </tbody>
</table> </table>
{{ paginate(paginated_result, paginator) }}
{% endblock %}
{% block script %}
<script type="text/javascript"> <script type="text/javascript">
function formPagination(link){ function formPagination(link){
const form = document.getElementById("form") const form = document.getElementById("form")
@@ -93,6 +89,7 @@ TODO : rewrite the pagination used in this template an Alpine one
form.submit(); form.submit();
} }
</script> </script>
{{ paginate(paginated_result, paginator, "formPagination(this)") }}
{% endblock %} {% endblock %}

51
club/tests/test_club_controller.py
View File

@@ -1,8 +1,7 @@
from datetime import date, timedelta from datetime import date, timedelta
import pytest import pytest
from django.contrib.auth.models import Permission from django.test import Client
from django.test import Client, TestCase
from django.urls import reverse from django.urls import reverse
from model_bakery import baker from model_bakery import baker
from model_bakery.recipe import Recipe from model_bakery.recipe import Recipe
@@ -10,54 +9,6 @@ from pytest_django.asserts import assertNumQueries
from club.models import Club, Membership from club.models import Club, Membership
from core.baker_recipes import subscriber_user from core.baker_recipes import subscriber_user
from core.models import Group, Page, User
class TestClubSearch(TestCase):
@classmethod
def setUpTestData(cls):
cls.url = reverse("api:search_club")
cls.user = baker.make(
User, user_permissions=[Permission.objects.get(codename="access_lookup")]
)
# delete existing clubs to avoid side effect
groups = list(
Group.objects.exclude(club=None, club_board=None).values_list(
"id", flat=True
)
)
Page.objects.exclude(club=None).delete()
Club.objects.all().delete()
Group.objects.filter(id__in=groups).delete()
cls.clubs = baker.make(
Club,
_quantity=5,
name=iter(["AE", "ae 1", "Troll", "Dev AE", "pdf"]),
is_active=True,
)
def test_inactive_club(self):
self.client.force_login(self.user)
inactive_ids = {self.clubs[0].id, self.clubs[2].id}
Club.objects.filter(id__in=inactive_ids).update(is_active=False)
response = self.client.get(self.url, {"is_active": False})
assert response.status_code == 200
assert {d["id"] for d in response.json()["results"]} == inactive_ids
def test_excluded_id(self):
self.client.force_login(self.user)
response = self.client.get(self.url, {"exclude_ids": [self.clubs[1].id]})
assert response.status_code == 200
ids = {d["id"] for d in response.json()["results"]}
assert ids == {c.id for c in [self.clubs[0], *self.clubs[2:]]}
def test_club_search(self):
self.client.force_login(self.user)
response = self.client.get(self.url, {"search": "AE"})
assert response.status_code == 200
ids = {d["id"] for d in response.json()["results"]}
assert ids == {c.id for c in [self.clubs[0], self.clubs[1], self.clubs[3]]}
@pytest.mark.django_db @pytest.mark.django_db

107
club/views.py
View File

@@ -23,7 +23,6 @@
# #
import csv import csv
import itertools
from typing import Any from typing import Any
from django.conf import settings from django.conf import settings
@@ -31,14 +30,18 @@ from django.contrib.auth.mixins import PermissionRequiredMixin
from django.contrib.messages.views import SuccessMessageMixin from django.contrib.messages.views import SuccessMessageMixin
from django.core.exceptions import NON_FIELD_ERRORS, PermissionDenied, ValidationError from django.core.exceptions import NON_FIELD_ERRORS, PermissionDenied, ValidationError
from django.core.paginator import InvalidPage, Paginator from django.core.paginator import InvalidPage, Paginator
from django.db.models import F, Q, Sum from django.db.models import Q, Sum
from django.http import Http404, HttpResponseRedirect, StreamingHttpResponse from django.http import (
Http404,
HttpResponseRedirect,
StreamingHttpResponse,
)
from django.shortcuts import get_object_or_404, redirect from django.shortcuts import get_object_or_404, redirect
from django.urls import reverse, reverse_lazy from django.urls import reverse, reverse_lazy
from django.utils import timezone from django.utils import timezone
from django.utils.safestring import SafeString from django.utils.safestring import SafeString
from django.utils.timezone import now from django.utils.timezone import now
from django.utils.translation import gettext from django.utils.translation import gettext as _t
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from django.views.generic import DetailView, ListView, View from django.views.generic import DetailView, ListView, View
from django.views.generic.edit import CreateView, DeleteView, UpdateView from django.views.generic.edit import CreateView, DeleteView, UpdateView
@@ -52,7 +55,12 @@ from club.forms import (
MailingForm, MailingForm,
SellingsForm, SellingsForm,
) )
from club.models import Club, Mailing, MailingSubscription, Membership from club.models import (
Club,
Mailing,
MailingSubscription,
Membership,
)
from com.models import Poster from com.models import Poster
from com.views import ( from com.views import (
PosterCreateBaseView, PosterCreateBaseView,
@@ -60,7 +68,9 @@ from com.views import (
PosterEditBaseView, PosterEditBaseView,
PosterListBaseView, PosterListBaseView,
) )
from core.auth.mixins import CanEditMixin, PermissionOrClubBoardRequiredMixin from core.auth.mixins import (
CanEditMixin,
)
from core.models import PageRev from core.models import PageRev
from core.views import DetailFormView, PageEditViewBase, UseFragmentsMixin from core.views import DetailFormView, PageEditViewBase, UseFragmentsMixin
from core.views.mixins import FragmentMixin, FragmentRenderer, TabedViewMixin from core.views.mixins import FragmentMixin, FragmentRenderer, TabedViewMixin
@@ -371,7 +381,7 @@ class ClubOldMembersView(ClubTabsMixin, PermissionRequiredMixin, DetailView):
class ClubSellingView(ClubTabsMixin, CanEditMixin, DetailFormView): class ClubSellingView(ClubTabsMixin, CanEditMixin, DetailFormView):
"""Sales of a club.""" """Sellings of a club."""
model = Club model = Club
pk_url_kwarg = "club_id" pk_url_kwarg = "club_id"
@@ -397,8 +407,9 @@ class ClubSellingView(ClubTabsMixin, CanEditMixin, DetailFormView):
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
kwargs = super().get_context_data(**kwargs) kwargs = super().get_context_data(**kwargs)
qs = Selling.objects.filter(club=self.object)
kwargs["result"] = Selling.objects.none() kwargs["result"] = qs[:0]
kwargs["paginated_result"] = kwargs["result"] kwargs["paginated_result"] = kwargs["result"]
kwargs["total"] = 0 kwargs["total"] = 0
kwargs["total_quantity"] = 0 kwargs["total_quantity"] = 0
@@ -406,7 +417,6 @@ class ClubSellingView(ClubTabsMixin, CanEditMixin, DetailFormView):
form = self.get_form() form = self.get_form()
if form.is_valid(): if form.is_valid():
qs = Selling.objects.filter(club=self.object)
if not len([v for v in form.cleaned_data.values() if v is not None]): if not len([v for v in form.cleaned_data.values() if v is not None]):
qs = Selling.objects.none() qs = Selling.objects.none()
if form.cleaned_data["begin_date"]: if form.cleaned_data["begin_date"]:
@@ -426,18 +436,18 @@ class ClubSellingView(ClubTabsMixin, CanEditMixin, DetailFormView):
if len(selected_products) > 0: if len(selected_products) > 0:
qs = qs.filter(product__in=selected_products) qs = qs.filter(product__in=selected_products)
kwargs["total"] = qs.annotate(
price=F("quantity") * F("unit_price")
).aggregate(total=Sum("price", default=0))["total"]
kwargs["result"] = qs.select_related( kwargs["result"] = qs.select_related(
"counter", "counter__club", "customer", "customer__user", "seller" "counter", "counter__club", "customer", "customer__user", "seller"
).order_by("-id") ).order_by("-id")
kwargs["total_quantity"] = qs.aggregate(total=Sum("quantity", default=0))[ kwargs["total"] = sum([s.quantity * s.unit_price for s in kwargs["result"]])
"total" total_quantity = qs.all().aggregate(Sum("quantity"))
] if total_quantity["quantity__sum"]:
kwargs["benefit"] = qs.exclude(product=None).aggregate( kwargs["total_quantity"] = total_quantity["quantity__sum"]
res=Sum("product__purchase_price", default=0) benefit = (
)["res"] qs.exclude(product=None).all().aggregate(Sum("product__purchase_price"))
)
if benefit["product__purchase_price__sum"]:
kwargs["benefit"] = benefit["product__purchase_price__sum"]
kwargs["paginator"] = Paginator(kwargs["result"], self.paginate_by) kwargs["paginator"] = Paginator(kwargs["result"], self.paginate_by)
try: try:
@@ -488,40 +498,40 @@ class ClubSellingCSVView(ClubSellingView):
kwargs = self.get_context_data(**kwargs) kwargs = self.get_context_data(**kwargs)
# Use the StreamWriter class instead of request for streaming # Use the StreamWriter class instead of request for streaming
writer = csv.writer(self.StreamWriter()) pseudo_buffer = self.StreamWriter()
writer = csv.writer(
pseudo_buffer, delimiter=";", lineterminator="\n", quoting=csv.QUOTE_ALL
)
first_rows = [ writer.writerow([_t("Quantity"), kwargs["total_quantity"]])
[gettext("Quantity"), kwargs["total_quantity"]], writer.writerow([_t("Total"), kwargs["total"]])
[gettext("Total"), kwargs["total"]], writer.writerow([_t("Benefit"), kwargs["benefit"]])
[gettext("Benefit"), kwargs["benefit"]], writer.writerow(
[ [
gettext("Date"), _t("Date"),
gettext("Counter"), _t("Counter"),
gettext("Barman"), _t("Barman"),
gettext("Customer"), _t("Customer"),
gettext("Label"), _t("Label"),
gettext("Quantity"), _t("Quantity"),
gettext("Total"), _t("Total"),
gettext("Payment method"), _t("Payment method"),
gettext("Selling price"), _t("Selling price"),
gettext("Purchase price"), _t("Purchase price"),
gettext("Benefit"), _t("Benefit"),
],
] ]
)
# Stream response # Stream response
response = StreamingHttpResponse( response = StreamingHttpResponse(
itertools.chain(
(writer.writerow(r) for r in first_rows),
( (
writer.writerow(self.write_selling(selling)) writer.writerow(self.write_selling(selling))
for selling in kwargs["result"] for selling in kwargs["result"]
), ),
),
content_type="text/csv", content_type="text/csv",
) )
name = f"{gettext('Sellings')}_{self.object.name}.csv" name = _("Sellings") + "_" + self.object.name + ".csv"
response["Content-Disposition"] = f"attachment; filename={name}" response["Content-Disposition"] = "filename=" + name
return response return response
@@ -759,13 +769,11 @@ class MailingAutoGenerationView(View):
return redirect("club:mailing", club_id=club.id) return redirect("club:mailing", club_id=club.id)
class PosterListView( class PosterListView(ClubTabsMixin, PosterListBaseView):
PermissionOrClubBoardRequiredMixin, ClubTabsMixin, PosterListBaseView
):
"""List communication posters.""" """List communication posters."""
current_tab = "posters" current_tab = "posters"
permission_required = "com.view_poster" extra_context = {"app": "club"}
def get_queryset(self): def get_queryset(self):
return super().get_queryset().filter(club=self.club.id) return super().get_queryset().filter(club=self.club.id)
@@ -773,17 +781,6 @@ class PosterListView(
def get_object(self): def get_object(self):
return self.club return self.club
def get_context_data(self, **kwargs):
return super().get_context_data(**kwargs) | {
"create_url": reverse_lazy(
"club:poster_create", kwargs={"club_id": self.club.id}
),
"get_edit_url": lambda poster: reverse(
"club:poster_edit",
kwargs={"club_id": self.club.id, "poster_id": poster.id},
),
}
class PosterCreateView(ClubTabsMixin, PosterCreateBaseView): class PosterCreateView(ClubTabsMixin, PosterCreateBaseView):
"""Create communication poster.""" """Create communication poster."""

6
com/models.py
View File

@@ -144,7 +144,7 @@ class News(models.Model):
), ),
groups__id=settings.SITH_GROUP_COM_ADMIN_ID, groups__id=settings.SITH_GROUP_COM_ADMIN_ID,
) )
notif_url = reverse("com:news_admin_list", fragment="moderation") notif_url = reverse("com:news_admin_list")
new_notifs = [ new_notifs = [
Notification(user=user, url=notif_url, type="NEWS_MODERATION") Notification(user=user, url=notif_url, type="NEWS_MODERATION")
for user in admins_without_notif for user in admins_without_notif
@@ -402,7 +402,9 @@ class Poster(models.Model):
groups__id__in=[settings.SITH_GROUP_COM_ADMIN_ID] groups__id__in=[settings.SITH_GROUP_COM_ADMIN_ID]
): ):
Notification.objects.create( Notification.objects.create(
user=user, url=reverse("com:poster_list"), type="POSTER_MODERATION" user=user,
url=reverse("com:poster_moderate_list"),
type="POSTER_MODERATION",
) )
return super().save(*args, **kwargs) return super().save(*args, **kwargs)

3
com/static/com/css/news-list.scss
View File

@@ -83,8 +83,7 @@
#links_content { #links_content {
overflow: auto; overflow: auto;
box-shadow: $shadow-color 1px 1px 1px; box-shadow: $shadow-color 1px 1px 1px;
min-height: 20em; height: 20em;
padding-bottom: 1em;
h4 { h4 {
margin-left: 5px; margin-left: 5px;

72
com/static/com/css/posters.scss
View File

@@ -20,8 +20,34 @@
position: absolute; position: absolute;
display: flex; display: flex;
bottom: 5px; bottom: 5px;
&.left {
left: 0; left: 0;
} }
&.right {
right: 0;
}
.link {
padding: 5px;
padding-left: 20px;
padding-right: 20px;
margin-left: 5px;
border-radius: 20px;
background-color: hsl(40, 100%, 50%);
color: black;
&:hover {
color: black;
background-color: hsl(40, 58%, 50%);
}
&.delete {
background-color: hsl(0, 100%, 40%);
}
}
}
} }
#posters, #posters,
@@ -117,15 +143,43 @@
} }
} }
.actions { .edit,
display: flex; .moderate,
flex-direction: column; .slideshow {
align-items: stretch; padding: 5px;
form { border-radius: 20px;
margin: unset; background-color: hsl(40, 100%, 50%);
padding: unset; color: black;
button {
width: 100%; &:hover {
color: black;
background-color: hsl(40, 58%, 50%);
}
&:nth-child(2n) {
margin-top: 5px;
margin-bottom: 5px;
}
}
.tooltip {
visibility: hidden;
width: 120px;
background-color: hsl(210, 20%, 98%);
color: hsl(0, 0%, 0%);
text-align: center;
padding: 5px 0;
border-radius: 6px;
position: absolute;
z-index: 10;
ul {
margin-left: 0;
display: inline-block;
li {
display: list-item;
list-style-type: none;
} }
} }
} }

12
com/templates/com/macros.jinja
View File

@@ -76,20 +76,18 @@
It will stay hidden for other users until it has been published. It will stay hidden for other users until it has been published.
{% endtrans %} {% endtrans %}
</p> </p>
{%- if user.has_perm("com.moderate_news") -%} {% if user.has_perm("com.moderate_news") %}
{# This is an additional query for each non-moderated news, {# This is an additional query for each non-moderated news,
but it will be executed only for admin users, and only one time but it will be executed only for admin users, and only one time
(if they do their job and moderate news as soon as they see them), (if they do their job and moderated news as soon as they see them),
so it's still reasonable #} so it's still reasonable #}
<div <div
{% if news is integer or news is string -%} {% if news is integer or news is string %}
x-data="{ nbEvents: 0 }" x-data="{ nbEvents: 0 }"
x-init="nbEvents = await nbToPublish()" x-init="nbEvents = await nbToPublish()"
{%- elif news.is_published -%} {% else %}
x-data="{ nbEvents: 0 }"
{%- else -%}
x-data="{ nbEvents: {{ news.dates.count() }} }" x-data="{ nbEvents: {{ news.dates.count() }} }"
{%- endif -%} {% endif %}
> >
<template x-if="nbEvents > 1"> <template x-if="nbEvents > 1">
<div> <div>

5
com/templates/com/news_admin_list.jinja
View File

@@ -131,7 +131,7 @@
{% endfor %} {% endfor %}
</tbody> </tbody>
</table> </table>
<h5 id="moderation">{% trans %}Events to moderate{% endtrans %}</h5> <h5>{% trans %}Events to moderate{% endtrans %}</h5>
<table> <table>
<thead> <thead>
<tr> <tr>
@@ -165,3 +165,6 @@
</tbody> </tbody>
</table> </table>
{% endblock %} {% endblock %}

4
com/templates/com/news_list.jinja
View File

@@ -205,10 +205,6 @@
<i class="fa-solid fa-graduation-cap fa-xl"></i> <i class="fa-solid fa-graduation-cap fa-xl"></i>
<a href="{{ url("pedagogy:guide") }}">{% trans %}UV Guide{% endtrans %}</a> <a href="{{ url("pedagogy:guide") }}">{% trans %}UV Guide{% endtrans %}</a>
</li> </li>
<li>
<i class="fa-solid fa-calendar-days fa-xl"></i>
<a href="{{ url("timetable:generator") }}">{% trans %}Timetable{% endtrans %}</a>
</li>
<li> <li>
<i class="fa-solid fa-magnifying-glass fa-xl"></i> <i class="fa-solid fa-magnifying-glass fa-xl"></i>
<a href="{{ url("matmat:search_clear") }}">{% trans %}Matmatronch{% endtrans %}</a> <a href="{{ url("matmat:search_clear") }}">{% trans %}Matmatronch{% endtrans %}</a>

60
com/templates/com/poster_list.jinja
View File

@@ -13,15 +13,22 @@
<div id="title"> <div id="title">
<h3>{% trans %}Posters{% endtrans %}</h3> <h3>{% trans %}Posters{% endtrans %}</h3>
<div id="links"> <div id="links" class="right">
<a id="create" class="btn btn-blue" href="{{ create_url }}"> {% if app == "com" %}
<i class="fa fa-plus"></i> <a id="create" class="link" href="{{ url(app + ":poster_create") }}">{% trans %}Create{% endtrans %}</a>
{% trans %}Create{% endtrans %} <a id="moderation" class="link" href="{{ url("com:poster_moderate_list") }}">{% trans %}Moderation{% endtrans %}</a>
</a> {% elif app == "club" %}
<a id="create" class="link" href="{{ url(app + ":poster_create", club.id) }}">{% trans %}Create{% endtrans %}</a>
{% endif %}
</div> </div>
</div> </div>
<div id="posters"> <div id="posters">
{% if poster_list.count() == 0 %}
<div id="no-posters">{% trans %}No posters{% endtrans %}</div>
{% else %}
{% for poster in poster_list %} {% for poster in poster_list %}
<div class="poster{% if not poster.is_moderated %} not_moderated{% endif %}"> <div class="poster{% if not poster.is_moderated %} not_moderated{% endif %}">
<div class="name">{{ poster.name }}</div> <div class="name">{{ poster.name }}</div>
@@ -29,37 +36,30 @@
class="image" class="image"
hover="{% trans %}Click to expand{% endtrans %}" hover="{% trans %}Click to expand{% endtrans %}"
@click="active = $el.firstElementChild" @click="active = $el.firstElementChild"
tooltip="{%- for screen in poster.screens.all() -%}
{{ screen }}
{% endfor %}"
> >
<img src="{{ poster.file.url }}" alt="{{ poster.name }}"> <img src="{{ poster.file.url }}"></img>
</div> </div>
<div class="dates"> <div class="dates">
<div class="begin">{{ poster.date_begin | localtime | date("d/M/Y H:m") }}</div> <div class="begin">{{ poster.date_begin | localtime | date("d/M/Y H:m") }}</div>
<div class="end">{{ poster.date_end | localtime | date("d/M/Y H:m") }}</div> <div class="end">{{ poster.date_end | localtime | date("d/M/Y H:m") }}</div>
</div> </div>
<div class="actions"> {% if app == "com" %}
{% if poster.is_editable %} <a class="edit" href="{{ url(app + ":poster_edit", poster.id) }}">{% trans %}Edit{% endtrans %}</a>
<a class="btn btn-blue" href="{{ get_edit_url(poster) }}"> {% elif app == "club" %}
<i class="fa fa-pen-to-square"></i> <a class="edit" href="{{ url(app + ":poster_edit", club.id, poster.id) }}">{% trans %}Edit{% endtrans %}</a>
{% trans %}Edit{% endtrans %}
</a>
{% endif %} {% endif %}
{% if not poster.is_moderated and user.has_perm("com.moderate_poster") %} <div class="tooltip">
<form action="{{ url("com:poster_moderate", object_id=poster.id) }}" method="post"> <ul>
{% csrf_token %} {% for screen in poster.screens.all() %}
<button type="submit" class="btn btn-green"> <li>{{ screen }}</li>
<i class="fa fa-check"></i>
{% trans %}Moderate{% endtrans %}
</button>
</form>
{% endif %}
</div>
</div>
{% else %}
<div id="no-posters">{% trans %}No posters{% endtrans %}</div>
{% endfor %} {% endfor %}
</ul>
</div>
</div>
{% endfor %}
{% endif %}
</div> </div>
<div <div
@@ -68,9 +68,7 @@
@click="active = null" @click="active = null"
:class="{active: active !== null}" :class="{active: active !== null}"
> >
<div id="placeholder"> <div id="placeholder"><img :src="active?.src"></div>
<img :src="active?.src" :alt="active?.name">
</div>
</div> </div>
</div> </div>

43
com/templates/com/poster_moderate.jinja Normal file
View File

@@ -0,0 +1,43 @@
{% extends "core/base.jinja" %}
{% block script %}
{{ super() }}
<script src="{{ static('com/js/poster_list.js') }}"></script>
{% endblock %}
{% block additional_css %}
<link rel="stylesheet" href="{{ static('com/css/posters.scss') }}">
{% endblock %}
{% block content %}
<div id="poster_list">
<div id="title">
<div id="links" class="left">
<a id="list" class="link" href="{{ url("com:poster_list") }}">{% trans %}List{% endtrans %}</a>
</div>
<h3>{% trans %}Posters - moderation{% endtrans %}</h3>
</div>
<div id="posters">
{% if object_list.count == 0 %}
<div id="no-posters">{% trans %}No objects{% endtrans %}</div>
{% else %}
{% for poster in object_list %}
<div class="poster{% if not poster.is_moderated %} not_moderated{% endif %}">
<div class="name"> {{ poster.name }} </div>
<div class="image"> <img src="{{ poster.file.url }}"></img> </div>
<a class="moderate" href="{{ url("com:poster_moderate", object_id=poster.id) }}">Moderate</a>
</div>
{% endfor %}
{% endif %}
</div>
<div id="view"><div id="placeholder"></div></div>
</div>
{% endblock %}

40
com/tests/test_views.py
View File

@@ -17,9 +17,7 @@ from unittest.mock import patch
import pytest import pytest
from django.conf import settings from django.conf import settings
from django.contrib.auth.models import Permission
from django.contrib.sites.models import Site from django.contrib.sites.models import Site
from django.core.files.uploadedfile import SimpleUploadedFile
from django.test import Client, TestCase from django.test import Client, TestCase
from django.urls import reverse from django.urls import reverse
from django.utils import html from django.utils import html
@@ -29,10 +27,9 @@ from model_bakery import baker
from pytest_django.asserts import assertNumQueries, assertRedirects from pytest_django.asserts import assertNumQueries, assertRedirects
from club.models import Club, Membership from club.models import Club, Membership
from com.models import News, NewsDate, Poster, Sith, Weekmail, WeekmailArticle from com.models import News, NewsDate, Sith, Weekmail, WeekmailArticle
from core.baker_recipes import subscriber_user from core.baker_recipes import subscriber_user
from core.models import AnonymousUser, Group, User from core.models import AnonymousUser, Group, User
from core.utils import RED_PIXEL_PNG
@pytest.fixture() @pytest.fixture()
@@ -317,6 +314,7 @@ def test_feed(client: Client):
[ [
reverse("com:poster_list"), reverse("com:poster_list"),
reverse("com:poster_create"), reverse("com:poster_create"),
reverse("com:poster_moderate_list"),
], ],
) )
def test_poster_management_views_crash_test(client: Client, url: str): def test_poster_management_views_crash_test(client: Client, url: str):
@@ -327,37 +325,3 @@ def test_poster_management_views_crash_test(client: Client, url: str):
client.force_login(user) client.force_login(user)
res = client.get(url) res = client.get(url)
assert res.status_code == 200 assert res.status_code == 200
@pytest.mark.django_db
@pytest.mark.parametrize(
"referer",
[
None,
reverse("com:poster_list"),
reverse("club:poster_list", kwargs={"club_id": settings.SITH_MAIN_CLUB_ID}),
],
)
def test_moderate_poster(client: Client, referer: str | None):
poster = baker.make(
Poster,
is_moderated=False,
file=SimpleUploadedFile("test.png", content=RED_PIXEL_PNG),
club_id=settings.SITH_MAIN_CLUB_ID,
)
user = baker.make(
User,
user_permissions=Permission.objects.filter(
codename__in=["view_poster", "moderate_poster"]
),
)
client.force_login(user)
headers = {"REFERER": f"https://{settings.SITH_URL}{referer}"} if referer else {}
response = client.post(
reverse("com:poster_moderate", kwargs={"object_id": poster.id}), headers=headers
)
result_url = referer or reverse("com:poster_list")
assertRedirects(response, result_url)
poster.refresh_from_db()
assert poster.is_moderated
assert poster.moderator == user

6
com/urls.py
View File

@@ -33,6 +33,7 @@ from com.views import (
PosterDeleteView, PosterDeleteView,
PosterEditView, PosterEditView,
PosterListView, PosterListView,
PosterModerateListView,
PosterModerateView, PosterModerateView,
ScreenCreateView, ScreenCreateView,
ScreenDeleteView, ScreenDeleteView,
@@ -101,6 +102,11 @@ urlpatterns = [
PosterDeleteView.as_view(), PosterDeleteView.as_view(),
name="poster_delete", name="poster_delete",
), ),
path(
"poster/moderate/",
PosterModerateListView.as_view(),
name="poster_moderate_list",
),
path( path(
"poster/<int:object_id>/moderate/", "poster/<int:object_id>/moderate/",
PosterModerateView.as_view(), PosterModerateView.as_view(),

67
com/views.py
View File

@@ -25,7 +25,6 @@ import itertools
from datetime import date, timedelta from datetime import date, timedelta
from smtplib import SMTPRecipientsRefused from smtplib import SMTPRecipientsRefused
from typing import Any from typing import Any
from urllib.parse import urlparse
from dateutil.relativedelta import relativedelta from dateutil.relativedelta import relativedelta
from django.conf import settings from django.conf import settings
@@ -35,7 +34,7 @@ from django.contrib.auth.mixins import (
) )
from django.contrib.syndication.views import Feed from django.contrib.syndication.views import Feed
from django.core.exceptions import PermissionDenied, ValidationError from django.core.exceptions import PermissionDenied, ValidationError
from django.db.models import Exists, Max, OuterRef, Value from django.db.models import Max
from django.forms.models import modelform_factory from django.forms.models import modelform_factory
from django.http import HttpResponseRedirect from django.http import HttpResponseRedirect
from django.shortcuts import get_object_or_404, redirect from django.shortcuts import get_object_or_404, redirect
@@ -46,7 +45,7 @@ from django.utils.translation import gettext_lazy as _
from django.views.generic import DetailView, ListView, TemplateView, View from django.views.generic import DetailView, ListView, TemplateView, View
from django.views.generic.edit import CreateView, DeleteView, UpdateView from django.views.generic.edit import CreateView, DeleteView, UpdateView
from club.models import Club, Mailing, Membership from club.models import Club, Mailing
from com.forms import NewsDateForm, NewsForm, PosterForm from com.forms import NewsDateForm, NewsForm, PosterForm
from com.ics_calendar import IcsCalendar from com.ics_calendar import IcsCalendar
from com.models import News, NewsDate, Poster, Screen, Sith, Weekmail, WeekmailArticle from com.models import News, NewsDate, Poster, Screen, Sith, Weekmail, WeekmailArticle
@@ -562,26 +561,16 @@ class MailingModerateView(View):
raise PermissionDenied raise PermissionDenied
class PosterListBaseView(ListView): class PosterListBaseView(PermissionOrClubBoardRequiredMixin, ListView):
"""List communication posters.""" """List communication posters."""
model = Poster model = Poster
template_name = "com/poster_list.jinja" template_name = "com/poster_list.jinja"
permission_required = "com.view_poster" permission_required = "com.view_poster"
ordering = ["-date_begin"]
def get_queryset(self): def get_context_data(self, **kwargs):
qs = Poster.objects.prefetch_related("screens") return super().get_context_data(**kwargs) | {"club": self.club}
if self.request.user.has_perm("com.edit_poster"):
qs = qs.annotate(is_editable=Value(value=True))
else:
qs = qs.annotate(
is_editable=Exists(
Membership.objects.ongoing()
.board()
.filter(user=self.request.user, club=OuterRef("club_id"))
)
)
return qs.order_by("-date_begin")
class PosterCreateBaseView(PermissionOrClubBoardRequiredMixin, CreateView): class PosterCreateBaseView(PermissionOrClubBoardRequiredMixin, CreateView):
@@ -644,17 +633,21 @@ class PosterDeleteBaseView(
permission_required = "com.delete_poster" permission_required = "com.delete_poster"
class PosterListView(PermissionRequiredMixin, ComTabsMixin, PosterListBaseView): class PosterListView(ComTabsMixin, PosterListBaseView):
"""List communication posters.""" """List communication posters."""
current_tab = "posters" current_tab = "posters"
extra_context = {
"create_url": reverse_lazy("com:poster_create"), def get_queryset(self):
"get_edit_url": lambda poster: reverse( qs = super().get_queryset()
"com:poster_edit", kwargs={"poster_id": poster.id} if self.request.user.has_perm("com.view_poster"):
), return qs
} return qs.filter(club=self.club.id)
permission_required = "com.view_poster"
def get_context_data(self, **kwargs):
kwargs = super().get_context_data(**kwargs)
kwargs["app"] = "com"
return kwargs
class PosterCreateView(ComTabsMixin, PosterCreateBaseView): class PosterCreateView(ComTabsMixin, PosterCreateBaseView):
@@ -679,6 +672,17 @@ class PosterDeleteView(PosterDeleteBaseView):
success_url = reverse_lazy("com:poster_list") success_url = reverse_lazy("com:poster_list")
class PosterModerateListView(PermissionRequiredMixin, ComTabsMixin, ListView):
"""Moderate list communication poster."""
current_tab = "posters"
model = Poster
template_name = "com/poster_moderate.jinja"
queryset = Poster.objects.filter(is_moderated=False).all()
permission_required = "com.moderate_poster"
extra_context = {"app": "com"}
class PosterModerateView(PermissionRequiredMixin, ComTabsMixin, View): class PosterModerateView(PermissionRequiredMixin, ComTabsMixin, View):
"""Moderate communication poster.""" """Moderate communication poster."""
@@ -686,21 +690,12 @@ class PosterModerateView(PermissionRequiredMixin, ComTabsMixin, View):
permission_required = "com.moderate_poster" permission_required = "com.moderate_poster"
extra_context = {"app": "com"} extra_context = {"app": "com"}
def post(self, request, *args, **kwargs): def get(self, request, *args, **kwargs):
obj = get_object_or_404(Poster, pk=kwargs["object_id"]) obj = get_object_or_404(Poster, pk=kwargs["object_id"])
obj.is_moderated = True obj.is_moderated = True
obj.moderator = request.user obj.moderator = request.user
obj.save() obj.save()
# The moderation request may be originated from a club context (/club/poster) return redirect("com:poster_moderate_list")
# or a global context (/com/poster),
# so the redirection URL will be the URL of the page that called this view,
# as long as the latter belongs to the sith.
referer = self.request.META.get("HTTP_REFERER")
if referer:
parsed = urlparse(referer)
if parsed.netloc == settings.SITH_URL:
return redirect(parsed.path)
return redirect(reverse("com:poster_list"))
class ScreenListView(PermissionRequiredMixin, ComTabsMixin, ListView): class ScreenListView(PermissionRequiredMixin, ComTabsMixin, ListView):

19
core/converters.py
View File

@@ -1,16 +1,19 @@
from django.urls.converters import IntConverter, StringConverter class FourDigitYearConverter:
class FourDigitYearConverter(IntConverter):
regex = "[0-9]{4}" regex = "[0-9]{4}"
def to_python(self, value):
return int(value)
def to_url(self, value): def to_url(self, value):
return str(value).zfill(4) return str(value).zfill(4)
class TwoDigitMonthConverter(IntConverter): class TwoDigitMonthConverter:
regex = "[0-9]{2}" regex = "[0-9]{2}"
def to_python(self, value):
return int(value)
def to_url(self, value): def to_url(self, value):
return str(value).zfill(2) return str(value).zfill(2)
@@ -25,9 +28,3 @@ class BooleanStringConverter:
def to_url(self, value): def to_url(self, value):
return str(value) return str(value)
class ResultConverter(StringConverter):
"""Converter whose regex match either "success" or "failure"."""
regex = "(success|failure)"

13
core/management/commands/populate.py
View File

@@ -28,7 +28,6 @@ from typing import ClassVar, NamedTuple
from django.conf import settings from django.conf import settings
from django.contrib.auth.models import Permission from django.contrib.auth.models import Permission
from django.contrib.sites.models import Site from django.contrib.sites.models import Site
from django.core.files.base import ContentFile
from django.core.management import call_command from django.core.management import call_command
from django.core.management.base import BaseCommand from django.core.management.base import BaseCommand
from django.db import connection from django.db import connection
@@ -105,21 +104,13 @@ class Command(BaseCommand):
) )
self.profiles_root = SithFile.objects.create(name="profiles", owner=root) self.profiles_root = SithFile.objects.create(name="profiles", owner=root)
home_root = SithFile.objects.create(name="users", owner=root) home_root = SithFile.objects.create(name="users", owner=root)
club_root = SithFile.objects.create(name="clubs", owner=root)
sas = SithFile.objects.create(name="SAS", owner=root)
SithFile.objects.create(
name="CGU",
is_folder=False,
file=ContentFile(
content="Conditions générales d'utilisation", name="cgu.txt"
),
owner=root,
)
# Page needed for club creation # Page needed for club creation
p = Page(name=settings.SITH_CLUB_ROOT_PAGE) p = Page(name=settings.SITH_CLUB_ROOT_PAGE)
p.save(force_lock=True) p.save(force_lock=True)
club_root = SithFile.objects.create(name="clubs", owner=root)
sas = SithFile.objects.create(name="SAS", owner=root)
main_club = Club.objects.create( main_club = Club.objects.create(
id=1, name="AE", address="6 Boulevard Anatole France, 90000 Belfort" id=1, name="AE", address="6 Boulevard Anatole France, 90000 Belfort"
) )

19
core/management/commands/populate_more.py
View File

@@ -1,4 +1,3 @@
import math
import random import random
from datetime import date, timedelta from datetime import date, timedelta
from datetime import timezone as tz from datetime import timezone as tz
@@ -35,17 +34,12 @@ class Command(BaseCommand):
super().__init__(*args, **kwargs) super().__init__(*args, **kwargs)
self.faker = Faker("fr_FR") self.faker = Faker("fr_FR")
def add_arguments(self, parser):
parser.add_argument(
"-n", "--nb-users", help="Number of users to create", type=int, default=600
)
def handle(self, *args, **options): def handle(self, *args, **options):
if not settings.DEBUG: if not settings.DEBUG:
raise Exception("Never call this command in prod. Never.") raise Exception("Never call this command in prod. Never.")
self.stdout.write("Creating users...") self.stdout.write("Creating users...")
users = self.create_users(options["nb_users"]) users = self.create_users()
subscribers = random.sample(users, k=int(0.8 * len(users))) subscribers = random.sample(users, k=int(0.8 * len(users)))
self.stdout.write("Creating subscriptions...") self.stdout.write("Creating subscriptions...")
self.create_subscriptions(subscribers) self.create_subscriptions(subscribers)
@@ -84,7 +78,7 @@ class Command(BaseCommand):
self.stdout.write("Creating products...") self.stdout.write("Creating products...")
self.create_products() self.create_products()
self.stdout.write("Creating sales and refills...") self.stdout.write("Creating sales and refills...")
sellers = random.sample(users, len(users) // 10) sellers = random.sample(list(User.objects.all()), 100)
self.create_sales(sellers) self.create_sales(sellers)
self.stdout.write("Creating permanences...") self.stdout.write("Creating permanences...")
self.create_permanences(sellers) self.create_permanences(sellers)
@@ -93,7 +87,7 @@ class Command(BaseCommand):
self.stdout.write("Done") self.stdout.write("Done")
def create_users(self, nb_users: int = 600) -> list[User]: def create_users(self) -> list[User]:
password = make_password("plop") password = make_password("plop")
users = [ users = [
User( User(
@@ -110,7 +104,7 @@ class Command(BaseCommand):
address=self.faker.address(), address=self.faker.address(),
password=password, password=password,
) )
for _ in range(nb_users) for _ in range(600)
] ]
# there may a duplicate or two # there may a duplicate or two
# Not a problem, we will just have 599 users instead of 600 # Not a problem, we will just have 599 users instead of 600
@@ -395,9 +389,8 @@ class Command(BaseCommand):
Permanency.objects.bulk_create(perms) Permanency.objects.bulk_create(perms)
def create_forums(self): def create_forums(self):
users = list(User.objects.all()) forumers = random.sample(list(User.objects.all()), 100)
forumers = random.sample(users, math.ceil(len(users) / 10)) most_actives = random.sample(forumers, 10)
most_actives = random.sample(forumers, math.ceil(len(forumers) / 6))
categories = list(Forum.objects.filter(is_category=True)) categories = list(Forum.objects.filter(is_category=True))
new_forums = [ new_forums = [
Forum(name=self.faker.text(20), parent=random.choice(categories)) Forum(name=self.faker.text(20), parent=random.choice(categories))

9
core/models.py
View File

@@ -651,6 +651,9 @@ class User(AbstractUser):
class AnonymousUser(AuthAnonymousUser): class AnonymousUser(AuthAnonymousUser):
def __init__(self):
super().__init__()
@property @property
def was_subscribed(self): def was_subscribed(self):
return False return False
@@ -659,6 +662,10 @@ class AnonymousUser(AuthAnonymousUser):
def is_subscribed(self): def is_subscribed(self):
return False return False
@property
def subscribed(self):
return False
@property @property
def is_root(self): def is_root(self):
return False return False
@@ -1157,6 +1164,8 @@ class QuickUploadImage(models.Model):
identifier = str(uuid4()) identifier = str(uuid4())
name = Path(image.name).stem[: cls.IMAGE_NAME_SIZE - 1] name = Path(image.name).stem[: cls.IMAGE_NAME_SIZE - 1]
file = File(convert_image(image), name=f"{identifier}.webp") file = File(convert_image(image), name=f"{identifier}.webp")
width, height = Image.open(file).size
return cls.objects.create( return cls.objects.create(
uuid=identifier, uuid=identifier,
name=name, name=name,

7
core/static/bundled/alpine-index.js
View File

@@ -1,10 +1,9 @@
import { limitedChoices } from "#core:alpine/limited-choices"; import { alpinePlugin } from "#core:utils/notifications";
import { alpinePlugin as notificationPlugin } from "#core:utils/notifications";
import sort from "@alpinejs/sort"; import sort from "@alpinejs/sort";
import Alpine from "alpinejs"; import Alpine from "alpinejs";
Alpine.plugin([sort, limitedChoices]); Alpine.plugin(sort);
Alpine.magic("notifications", notificationPlugin); Alpine.magic("notifications", alpinePlugin);
window.Alpine = Alpine; window.Alpine = Alpine;
window.addEventListener("DOMContentLoaded", () => { window.addEventListener("DOMContentLoaded", () => {

69
core/static/bundled/alpine/limited-choices.ts
View File

@@ -1,69 +0,0 @@
import type { Alpine as AlpineType } from "alpinejs";
export function limitedChoices(Alpine: AlpineType) {
/**
* Directive to limit the number of elements
* that can be selected in a group of checkboxes.
*
* When the max numbers of selectable elements is reached,
* new elements will still be inserted, but oldest ones will be deselected.
* For example, if checkboxes A, B and C have been selected and the max
* number of selections is 3, then selecting D will result in having
* B, C and D selected.
*
* # Example in template
* ```html
* <div x-data="{nbMax: 2}", x-limited-choices="nbMax">
* <button @click="nbMax += 1">Click me to increase the limit</button>
* <input type="checkbox" value="A" name="foo">
* <input type="checkbox" value="B" name="foo">
* <input type="checkbox" value="C" name="foo">
* <input type="checkbox" value="D" name="foo">
* </div>
* ```
*/
Alpine.directive(
"limited-choices",
(el, { expression }, { evaluateLater, effect }) => {
const getMaxChoices = evaluateLater(expression);
let maxChoices: number;
const inputs: HTMLInputElement[] = Array.from(
el.querySelectorAll("input[type='checkbox']"),
);
const checked = [] as HTMLInputElement[];
const manageDequeue = () => {
if (checked.length <= maxChoices) {
// There isn't too many checkboxes selected. Nothing to do
return;
}
const popped = checked.splice(0, checked.length - maxChoices);
for (const p of popped) {
p.checked = false;
}
};
for (const input of inputs) {
input.addEventListener("change", (_e) => {
if (input.checked) {
checked.push(input);
} else {
checked.splice(checked.indexOf(input), 1);
}
manageDequeue();
});
}
effect(() => {
getMaxChoices((value: string) => {
const previousValue = maxChoices;
maxChoices = Number.parseInt(value);
if (maxChoices < previousValue) {
// The maximum number of selectable items has been lowered.
// Some currently selected elements may need to be removed
manageDequeue();
}
});
});
},
);
}

5
core/static/core/forms.scss
View File

@@ -141,6 +141,7 @@ form {
display: block; display: block;
margin: calc(var(--nf-input-size) * 1.5) auto 10px; margin: calc(var(--nf-input-size) * 1.5) auto 10px;
line-height: 1; line-height: 1;
white-space: nowrap;
.helptext { .helptext {
margin-top: .25rem; margin-top: .25rem;
@@ -153,9 +154,11 @@ form {
margin-bottom: 1rem; margin-bottom: 1rem;
} }
.row > label { .row {
label {
margin: unset; margin: unset;
} }
}
// ------------- LABEL // ------------- LABEL
label, legend { label, legend {

4
core/static/core/style.scss
View File

@@ -503,10 +503,6 @@ th {
text-align: center; text-align: center;
padding: 5px 10px; padding: 5px 10px;
>input[type="checkbox"] {
padding: unset;
}
>ul { >ul {
margin-top: 0; margin-top: 0;
} }

24
core/templates/core/base/header.jinja
View File

@@ -77,22 +77,22 @@
<div class="notification" x-data="{display: false}" :class="{white: display}"> <div class="notification" x-data="{display: false}" :class="{white: display}">
<a href="#" @click.prevent="display = !display"> <a href="#" @click.prevent="display = !display">
<i :class="`fa-${display ? 'solid': 'regular'} fa-bell`" x-transition></i> <i :class="`fa-${display ? 'solid': 'regular'} fa-bell`" x-transition></i>
{% set notifications = user.notifications.filter(viewed=False).order_by("-date")|list %} {% set notification_count = user.notifications.filter(viewed=False).count() %}
{%- if notifications|length > 0 -%} {% if notification_count > 0 %}
<span> <span>
{% if notifications|length < 100 %} {% if notification_count < 100 %}
{{ notifications|length }} {{ notification_count }}
{%- else -%} {% else %}
99+ &nbsp;
{%- endif -%} {% endif %}
</span> </span>
{% endif %} {% endif %}
</a> </a>
<div id="header_notif" x-show="display" x-cloak x-transition @click.outside="display = false"> <div id="header_notif" x-show="display" x-cloak x-transition @click.outside="display = false">
<ul> <ul>
{%- if notifications|length > 0 -%} {% if user.notifications.filter(viewed=False).count() > 0 %}
{%- for n in notifications -%} {% for n in user.notifications.filter(viewed=False).order_by('-date') %}
<li> <li>
<a href="{{ url("core:notification", notif_id=n.id) }}"> <a href="{{ url("core:notification", notif_id=n.id) }}">
<div class="datetime"> <div class="datetime">
@@ -108,10 +108,10 @@
</div> </div>
</a> </a>
</li> </li>
{%- endfor -%} {% endfor %}
{%- else -%} {% else %}
<li class="empty-notification">{% trans %}You do not have any unread notification{% endtrans %}</li> <li class="empty-notification">{% trans %}You do not have any unread notification{% endtrans %}</li>
{%- endif -%} {% endif %}
</ul> </ul>
<div class="options"> <div class="options">
<a href="{{ url('core:notification_list') }}"> <a href="{{ url('core:notification_list') }}">

19
core/templates/core/base/notifications.jinja
View File

@@ -1,19 +1,22 @@
<div id="quick-notifications" <div id="quick-notifications"
x-data="{ x-data="{
messages: [ messages: [
{%- if messages -%} {% if messages %}
{%- for message in messages -%} {% for message in messages %}
{ tag: '{{ message.tags }}', text: '{{ message }}' }, {
{%- endfor -%} tag: '{{ message.tags }}',
{%- endif -%} text: '{{ message }}',
},
{% endfor %}
{% endif %}
] ]
}" }"
@quick-notification-add="(e) => messages.push(e?.detail)" @quick-notification-add="(e) => messages.push(e?.detail)"
@quick-notification-delete="messages = []"> @quick-notification-delete="messages = []">
<template x-for="(message, index) in messages"> <template x-for="message in messages">
<div class="alert" :class="`alert-${message.tag}`" x-transition> <div x-data="{show: true}" class="alert" :class="`alert-${message.tag}`" x-show="show" x-transition>
<span class="alert-main" x-text="message.text"></span> <span class="alert-main" x-text="message.text"></span>
<span class="clickable" @click="messages = messages.filter((item, i) => i !== index)"> <span class="clickable" @click="show = false">
<i class="fa fa-close"></i> <i class="fa fa-close"></i>
</span> </span>
</div> </div>

23
core/templates/core/macros.jinja
View File

@@ -245,26 +245,3 @@
<button type="button" onclick="checkbox_{{form_id}}(true);">{% trans %}Select All{% endtrans %}</button> <button type="button" onclick="checkbox_{{form_id}}(true);">{% trans %}Select All{% endtrans %}</button>
<button type="button" onclick="checkbox_{{form_id}}(false);">{% trans %}Unselect All{% endtrans %}</button> <button type="button" onclick="checkbox_{{form_id}}(false);">{% trans %}Unselect All{% endtrans %}</button>
{% endmacro %} {% endmacro %}
{% macro update_notifications(messages, clear) %}
{# Update notification area from new messages sent by django backend
This is useful when performing fragment swaps to keep messages up to date
Without this, the fragment would need to take control of the notification area and
this would be an issue when having more than one fragment
Parameters:
messages: messages from django.contrib
clear : optional boolean that controls if notifications should be cleared first. True is the default
#}
{% set clear = clear|default(true) %}
{% if messages %}
<div x-init="() => {
{% if clear %}
$notifications.clear()
{% endif %}
{% for message in messages %}
$notifications.{{ message.tags }}('{{ message }}')
{% endfor %}
}"></div>
{% endif %}
{% endmacro %}

22
core/templates/core/widgets/autocomplete_select.jinja
View File

@@ -1,13 +1,12 @@
{% spaceless %} {% for js in statics.js %}
{% for js in statics.js %}
<script-once type="module" src="{{ js }}"></script-once> <script-once type="module" src="{{ js }}"></script-once>
{% endfor %} {% endfor %}
{% for css in statics.css %} {% for css in statics.css %}
<link-once rel="stylesheet" type="text/css" href="{{ css }}" defer></link-once> <link-once rel="stylesheet" type="text/css" href="{{ css }}" defer></link-once>
{% endfor %} {% endfor %}
<{{ component }} name="{{ widget.name }}" {% include "django/forms/widgets/attrs.html" %}> <{{ component }} name="{{ widget.name }}" {% include "django/forms/widgets/attrs.html" %}>
{% for group_name, group_choices, group_index in widget.optgroups %} {% for group_name, group_choices, group_index in widget.optgroups %}
{% if group_name %} {% if group_name %}
<optgroup label="{{ group_name }}"> <optgroup label="{{ group_name }}">
{% endif %} {% endif %}
@@ -17,9 +16,8 @@
{% if group_name %} {% if group_name %}
</optgroup> </optgroup>
{% endif %} {% endif %}
{% endfor %} {% endfor %}
{% if initial %} {% if initial %}
<slot style="display:none" name="initial">{{ initial }}</slot> <slot style="display:none" name="initial">{{ initial }}</slot>
{% endif %} {% endif %}
</{{ component }}> </{{ component }}>
{% endspaceless %}

13
core/tests/test_commands.py
View File

@@ -1,13 +0,0 @@
import contextlib
import os
import pytest
from django.core.management import call_command
@pytest.mark.django_db
def test_populate_more(settings):
"""Just check that populate more doesn't crash"""
settings.DEBUG = True
with open(os.devnull, "w") as devnull, contextlib.redirect_stdout(devnull):
call_command("populate_more", "--nb-users", "50")

45
core/utils.py
View File

@@ -12,32 +12,22 @@
# OR WITHIN THE LOCAL FILE "LICENSE" # OR WITHIN THE LOCAL FILE "LICENSE"
# #
# #
from __future__ import annotations
import hmac
from datetime import date, timedelta from datetime import date, timedelta
# Image utils # Image utils
from io import BytesIO from io import BytesIO
from typing import TYPE_CHECKING from typing import Final
from urllib.parse import urlencode
import PIL import PIL
from django.conf import settings from django.conf import settings
from django.core.files.base import ContentFile from django.core.files.base import ContentFile
from django.core.files.uploadedfile import UploadedFile
from django.http import HttpRequest
from django.utils.timezone import localdate from django.utils.timezone import localdate
from PIL import ExifTags from PIL import ExifTags
from PIL.Image import Image, Resampling from PIL.Image import Image, Resampling
if TYPE_CHECKING:
from _hashlib import HASH
from collections.abc import Buffer, Mapping, Sequence
from typing import Any, Callable, Final
from django.core.files.uploadedfile import UploadedFile
from django.http import HttpRequest
RED_PIXEL_PNG: Final[bytes] = ( RED_PIXEL_PNG: Final[bytes] = (
b"\x89\x50\x4e\x47\x0d\x0a\x1a\x0a\x00\x00\x00\x0d\x49\x48\x44\x52" b"\x89\x50\x4e\x47\x0d\x0a\x1a\x0a\x00\x00\x00\x0d\x49\x48\x44\x52"
b"\x00\x00\x00\x01\x00\x00\x00\x01\x08\x02\x00\x00\x00\x90\x77\x53" b"\x00\x00\x00\x01\x00\x00\x00\x01\x08\x02\x00\x00\x00\x90\x77\x53"
@@ -196,7 +186,7 @@ def exif_auto_rotate(image):
def get_client_ip(request: HttpRequest) -> str | None: def get_client_ip(request: HttpRequest) -> str | None:
headers = ( headers = (
"X_FORWARDED_FOR", # Common header for proxies "X_FORWARDED_FOR", # Common header for proixes
"FORWARDED", # Standard header defined by RFC 7239. "FORWARDED", # Standard header defined by RFC 7239.
"REMOTE_ADDR", # Default IP Address (direct connection) "REMOTE_ADDR", # Default IP Address (direct connection)
) )
@@ -205,30 +195,3 @@ def get_client_ip(request: HttpRequest) -> str | None:
return ip return ip
return None return None
def hmac_hexdigest(
key: str | bytes,
data: Mapping[str, Any] | Sequence[tuple[str, Any]],
digest: str | Callable[[Buffer], HASH] = "sha512",
) -> str:
"""Return the hexdigest of the signature of the given data.
Args:
key: the HMAC key used for the signature
data: the data to sign
digest: a PEP247 hashing algorithm (by default, sha512)
Examples:
```python
data = {
"foo": 5,
"bar": "somevalue",
}
hmac_key = secrets.token_hex(64)
signature = hmac_hexdigest(hmac_key, data, "sha256")
```
"""
if isinstance(key, str):
key = key.encode()
return hmac.digest(key, urlencode(data).encode(), digest).hex()

2
core/views/forms.py
View File

@@ -115,7 +115,7 @@ class SelectUser(TextInput):
def validate_future_timestamp(value: date | datetime): def validate_future_timestamp(value: date | datetime):
if value <= now(): if value <= now():
raise ValidationError(_("Ensure this timestamp is set in the future")) raise ValueError(_("Ensure this timestamp is set in the future"))
class FutureDateTimeField(forms.DateTimeField): class FutureDateTimeField(forms.DateTimeField):

9
counter/admin.py
View File

@@ -22,7 +22,6 @@ from counter.models import (
Counter, Counter,
Customer, Customer,
Eticket, Eticket,
InvoiceCall,
Permanency, Permanency,
Product, Product,
ProductType, ProductType,
@@ -161,11 +160,3 @@ class CashRegisterSummaryAdmin(SearchModelAdmin):
class EticketAdmin(SearchModelAdmin): class EticketAdmin(SearchModelAdmin):
list_display = ("product", "event_date", "event_title") list_display = ("product", "event_date", "event_title")
search_fields = ("product__name", "event_title") search_fields = ("product__name", "event_title")
@admin.register(InvoiceCall)
class InvoiceCallAdmin(SearchModelAdmin):
list_display = ("club", "month", "is_validated")
search_fields = ("club__name",)
list_filter = (("club", admin.RelatedOnlyFieldListFilter),)
date_hierarchy = "month"

187
counter/forms.py
View File

@@ -1,26 +1,13 @@
import json
import math import math
import uuid
from datetime import date
from dateutil.relativedelta import relativedelta
from django import forms from django import forms
from django.db.models import Exists, OuterRef, Q from django.db.models import Q
from django.forms import BaseModelFormSet
from django.utils.timezone import now
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from django_celery_beat.models import ClockedSchedule
from phonenumber_field.widgets import RegionalPhoneNumberWidget from phonenumber_field.widgets import RegionalPhoneNumberWidget
from club.models import Club
from club.widgets.ajax_select import AutoCompleteSelectClub from club.widgets.ajax_select import AutoCompleteSelectClub
from core.models import User from core.models import User
from core.views.forms import ( from core.views.forms import NFCTextInput, SelectDate, SelectDateTime
FutureDateTimeField,
NFCTextInput,
SelectDate,
SelectDateTime,
)
from core.views.widgets.ajax_select import ( from core.views.widgets.ajax_select import (
AutoCompleteSelect, AutoCompleteSelect,
AutoCompleteSelectMultipleGroup, AutoCompleteSelectMultipleGroup,
@@ -32,14 +19,10 @@ from counter.models import (
Counter, Counter,
Customer, Customer,
Eticket, Eticket,
InvoiceCall,
Product, Product,
Refilling, Refilling,
ReturnableProduct, ReturnableProduct,
ScheduledProductAction,
Selling,
StudentCard, StudentCard,
get_product_actions,
) )
from counter.widgets.ajax_select import ( from counter.widgets.ajax_select import (
AutoCompleteSelectMultipleCounter, AutoCompleteSelectMultipleCounter,
@@ -175,101 +158,7 @@ class CounterEditForm(forms.ModelForm):
} }
class ScheduledProductActionForm(forms.ModelForm): class ProductEditForm(forms.ModelForm):
"""Form for automatic product archiving.
The `save` method will update or create tasks using celery-beat.
"""
required_css_class = "required"
prefix = "scheduled"
class Meta:
model = ScheduledProductAction
fields = ["task"]
widgets = {"task": forms.RadioSelect(choices=get_product_actions)}
labels = {"task": _("Action")}
help_texts = {"task": ""}
trigger_at = FutureDateTimeField(
label=_("Date and time of action"), widget=SelectDateTime
)
counters = forms.ModelMultipleChoiceField(
label=_("New counters"),
help_text=_("The selected counters will replace the current ones"),
required=False,
widget=AutoCompleteSelectMultipleCounter,
queryset=Counter.objects.all(),
)
def __init__(self, *args, product: Product, **kwargs):
self.product = product
super().__init__(*args, **kwargs)
if not self.instance._state.adding:
self.fields["trigger_at"].initial = self.instance.clocked.clocked_time
self.fields["counters"].initial = json.loads(self.instance.kwargs).get(
"counters"
)
def clean(self):
if not self.changed_data or "trigger_at" in self.errors:
return super().clean()
if "trigger_at" in self.changed_data:
if not self.instance.clocked_id:
self.instance.clocked = ClockedSchedule(
clocked_time=self.cleaned_data["trigger_at"]
)
else:
self.instance.clocked.clocked_time = self.cleaned_data["trigger_at"]
self.instance.clocked.save()
task_kwargs = {"product_id": self.product.id}
if (
self.cleaned_data["task"] == "counter.tasks.change_counters"
and "counters" in self.changed_data
):
task_kwargs["counters"] = [c.id for c in self.cleaned_data["counters"]]
self.instance.product = self.product
self.instance.kwargs = json.dumps(task_kwargs)
self.instance.name = (
f"{self.cleaned_data['task']} - {self.product} - {uuid.uuid4()}"
)
return super().clean()
class BaseScheduledProductActionFormSet(BaseModelFormSet):
def __init__(self, *args, product: Product, **kwargs):
if product.id:
queryset = (
product.scheduled_actions.filter(
enabled=True, clocked__clocked_time__gt=now()
)
.order_by("clocked__clocked_time")
.select_related("clocked")
)
else:
queryset = ScheduledProductAction.objects.none()
form_kwargs = {"product": product}
super().__init__(*args, queryset=queryset, form_kwargs=form_kwargs, **kwargs)
def delete_existing(self, obj: ScheduledProductAction, commit: bool = True): # noqa FBT001
clocked = obj.clocked
super().delete_existing(obj, commit=commit)
if commit:
clocked.delete()
ScheduledProductActionFormSet = forms.modelformset_factory(
ScheduledProductAction,
ScheduledProductActionForm,
formset=BaseScheduledProductActionFormSet,
absolute_max=None,
can_delete=True,
can_delete_extra=False,
extra=2,
)
class ProductForm(forms.ModelForm):
error_css_class = "error" error_css_class = "error"
required_css_class = "required" required_css_class = "required"
@@ -310,21 +199,22 @@ class ProductForm(forms.ModelForm):
queryset=Counter.objects.all(), queryset=Counter.objects.all(),
) )
def __init__(self, *args, instance=None, **kwargs): def __init__(self, *args, **kwargs):
super().__init__(*args, instance=instance, **kwargs) super().__init__(*args, **kwargs)
if self.instance.id: if self.instance.id:
self.fields["counters"].initial = self.instance.counters.all() self.fields["counters"].initial = self.instance.counters.all()
self.action_formset = ScheduledProductActionFormSet(
*args, product=self.instance, **kwargs
)
def is_valid(self):
return super().is_valid() and self.action_formset.is_valid()
def save(self, *args, **kwargs): def save(self, *args, **kwargs):
ret = super().save(*args, **kwargs) ret = super().save(*args, **kwargs)
self.instance.counters.set(self.cleaned_data["counters"]) if self.fields["counters"].initial:
self.action_formset.save() # Remove the product from all counter it was added to
# It will then only be added to selected counters
for counter in self.fields["counters"].initial:
counter.products.remove(self.instance)
counter.save()
for counter in self.cleaned_data["counters"]:
counter.products.add(self.instance)
counter.save()
return ret return ret
@@ -376,7 +266,7 @@ class CloseCustomerAccountForm(forms.Form):
) )
class BasketProductForm(forms.Form): class ProductForm(forms.Form):
quantity = forms.IntegerField(min_value=1, required=True) quantity = forms.IntegerField(min_value=1, required=True)
id = forms.IntegerField(min_value=0, required=True) id = forms.IntegerField(min_value=0, required=True)
@@ -481,50 +371,5 @@ class BaseBasketForm(forms.BaseFormSet):
BasketForm = forms.formset_factory( BasketForm = forms.formset_factory(
BasketProductForm, formset=BaseBasketForm, absolute_max=None, min_num=1 ProductForm, formset=BaseBasketForm, absolute_max=None, min_num=1
) )
class InvoiceCallForm(forms.Form):
def __init__(self, *args, month: date, **kwargs):
super().__init__(*args, **kwargs)
self.month = month
self.clubs = list(
Club.objects.filter(
Exists(
Selling.objects.filter(
club=OuterRef("pk"),
date__gte=month,
date__lte=month + relativedelta(months=1),
)
)
).annotate(
validated_invoice=Exists(
InvoiceCall.objects.filter(
club=OuterRef("pk"), month=month, is_validated=True
)
)
)
)
self.fields = {
str(club.id): forms.BooleanField(
required=False, initial=club.validated_invoice
)
for club in self.clubs
}
def save(self):
invoice_calls = [
InvoiceCall(
month=self.month,
club_id=club.id,
is_validated=self.cleaned_data.get(str(club.id), False),
)
for club in self.clubs
]
InvoiceCall.objects.bulk_create(
invoice_calls,
update_conflicts=True,
update_fields=["is_validated"],
unique_fields=["month", "club"],
)

40
counter/migrations/0032_scheduledproductaction.py
View File

@@ -1,40 +0,0 @@
# Generated by Django 5.2.3 on 2025-09-14 11:29
import django.db.models.deletion
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("counter", "0031_alter_counter_options"),
("django_celery_beat", "0019_alter_periodictasks_options"),
]
operations = [
migrations.CreateModel(
name="ScheduledProductAction",
fields=[
(
"periodictask_ptr",
models.OneToOneField(
auto_created=True,
on_delete=django.db.models.deletion.CASCADE,
parent_link=True,
primary_key=True,
serialize=False,
to="django_celery_beat.periodictask",
),
),
(
"product",
models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE,
related_name="scheduled_actions",
to="counter.product",
),
),
],
options={"verbose_name": "Product scheduled action"},
bases=("django_celery_beat.periodictask",),
),
]

51
counter/migrations/0033_invoicecall.py
View File

@@ -1,51 +0,0 @@
# Generated by Django 5.2.3 on 2025-10-15 21:54
import django.db.models.deletion
from django.db import migrations, models
import counter.models
class Migration(migrations.Migration):
dependencies = [
("club", "0014_alter_club_options_rename_unix_name_club_slug_name_and_more"),
("counter", "0032_scheduledproductaction"),
]
operations = [
migrations.CreateModel(
name="InvoiceCall",
fields=[
(
"id",
models.AutoField(
auto_created=True,
primary_key=True,
serialize=False,
verbose_name="ID",
),
),
(
"is_validated",
models.BooleanField(default=False, verbose_name="is validated"),
),
("month", counter.models.MonthField(verbose_name="invoice date")),
(
"club",
models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE, to="club.club"
),
),
],
options={
"verbose_name": "Invoice call",
"verbose_name_plural": "Invoice calls",
"constraints": [
models.UniqueConstraint(
fields=("club", "month"),
name="counter_invoicecall_unique_club_month",
)
],
},
),
]

15
counter/migrations/0034_alter_selling_date_selling_date_month_idx.py
View File

@@ -1,15 +0,0 @@
# Generated by Django 5.2.3 on 2025-11-05 08:47
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [("counter", "0033_invoicecall")]
operations = [
migrations.AlterField(
model_name="selling",
name="date",
field=models.DateTimeField(db_index=True, verbose_name="date"),
),
]

95
counter/models.py
View File

@@ -15,7 +15,6 @@
from __future__ import annotations from __future__ import annotations
import base64 import base64
import contextlib
import os import os
import random import random
import string import string
@@ -35,7 +34,6 @@ from django.urls import reverse
from django.utils import timezone from django.utils import timezone
from django.utils.functional import cached_property from django.utils.functional import cached_property
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from django_celery_beat.models import PeriodicTask
from django_countries.fields import CountryField from django_countries.fields import CountryField
from ordered_model.models import OrderedModel from ordered_model.models import OrderedModel
from phonenumber_field.modelfields import PhoneNumberField from phonenumber_field.modelfields import PhoneNumberField
@@ -86,7 +84,7 @@ class CustomerQuerySet(models.QuerySet):
.annotate(res=Sum(F("unit_price") * F("quantity"), default=0)) .annotate(res=Sum(F("unit_price") * F("quantity"), default=0))
.values("res") .values("res")
) )
return self.update(amount=Coalesce(money_in - money_out, Decimal(0))) return self.update(amount=Coalesce(money_in - money_out, Decimal("0")))
class Customer(models.Model): class Customer(models.Model):
@@ -447,8 +445,7 @@ class Product(models.Model):
buying_groups = list(self.buying_groups.all()) buying_groups = list(self.buying_groups.all())
if not buying_groups: if not buying_groups:
return True return True
res = any(user.is_in_group(pk=group.id) for group in buying_groups) return any(user.is_in_group(pk=group.id) for group in buying_groups)
return res
@property @property
def profit(self): def profit(self):
@@ -482,7 +479,7 @@ class CounterQuerySet(models.QuerySet):
return self.annotate(has_annotated_barman=Exists(subquery)) return self.annotate(has_annotated_barman=Exists(subquery))
def annotate_is_open(self) -> Self: def annotate_is_open(self) -> Self:
"""Annotate the queryset with the `is_open` field. """Annotate tue queryset with the `is_open` field.
For each counter, if `is_open=True`, then the counter is currently opened. For each counter, if `is_open=True`, then the counter is currently opened.
Else the counter is closed. Else the counter is closed.
@@ -849,7 +846,7 @@ class Selling(models.Model):
blank=False, blank=False,
on_delete=models.SET_NULL, on_delete=models.SET_NULL,
) )
date = models.DateTimeField(_("date"), db_index=True) date = models.DateTimeField(_("date"))
payment_method = models.CharField( payment_method = models.CharField(
_("payment method"), _("payment method"),
max_length=255, max_length=255,
@@ -884,6 +881,7 @@ class Selling(models.Model):
if ( if (
self.product self.product
and self.product.id == settings.SITH_PRODUCT_SUBSCRIPTION_ONE_SEMESTER and self.product.id == settings.SITH_PRODUCT_SUBSCRIPTION_ONE_SEMESTER
and self.counter.type == "EBOUTIC"
): ):
sub = Subscription( sub = Subscription(
member=user, member=user,
@@ -907,6 +905,7 @@ class Selling(models.Model):
elif ( elif (
self.product self.product
and self.product.id == settings.SITH_PRODUCT_SUBSCRIPTION_TWO_SEMESTERS and self.product.id == settings.SITH_PRODUCT_SUBSCRIPTION_TWO_SEMESTERS
and self.counter.type == "EBOUTIC"
): ):
sub = Subscription( sub = Subscription(
member=user, member=user,
@@ -1360,85 +1359,3 @@ class ReturnableProductBalance(models.Model):
f"return balance of {self.customer} " f"return balance of {self.customer} "
f"for {self.returnable.product_id} : {self.balance}" f"for {self.returnable.product_id} : {self.balance}"
) )
def get_product_actions():
return [
("counter.tasks.archive_product", _("Archiving")),
("counter.tasks.change_counters", _("Counters change")),
]
class ScheduledProductAction(PeriodicTask):
"""Extension of celery-beat tasks dedicated to perform actions on Product."""
product = models.ForeignKey(
Product, related_name="scheduled_actions", on_delete=models.CASCADE
)
class Meta:
verbose_name = _("Product scheduled action")
def __init__(self, *args, **kwargs):
self._meta.get_field("task").choices = get_product_actions()
super().__init__(*args, **kwargs)
def full_clean(self, *args, **kwargs):
self.one_off = True # A product action should occur one time only
return super().full_clean(*args, **kwargs)
def clean_clocked(self):
if not self.clocked:
raise ValidationError(_("Product actions must declare a clocked schedule."))
def validate_unique(self, *args, **kwargs):
# The checks done in PeriodicTask.validate_unique aren't
# adapted in the case of scheduled product action,
# so we skip it and execute directly Model.validate_unique
return super(PeriodicTask, self).validate_unique(*args, **kwargs)
class MonthField(models.DateField):
description = _("Year + month field (day forced to 1)")
default_error_messages = {
"invalid": _(
"%(value)s” value has an invalid date format. It must be "
"in YYYY-MM format."
),
"invalid_date": _(
"%(value)s” value has the correct format (YYYY-MM) "
"but it is an invalid date."
),
}
def to_python(self, value):
if isinstance(value, str):
with contextlib.suppress(ValueError):
# If the string is given as YYYY-mm, try to parse it.
# If it fails, it means that the string may be in the form YYYY-mm-dd
# or in an invalid format.
# Whatever the case, we let Django deal with it
# and raise an error if needed
value = datetime.strptime(value, "%Y-%m")
value = super().to_python(value)
if value is None:
return None
return value.replace(day=1)
class InvoiceCall(models.Model):
is_validated = models.BooleanField(verbose_name=_("is validated"), default=False)
club = models.ForeignKey(Club, on_delete=models.CASCADE)
month = MonthField(verbose_name=_("invoice date"))
class Meta:
verbose_name = _("Invoice call")
verbose_name_plural = _("Invoice calls")
constraints = [
models.UniqueConstraint(
fields=["club", "month"], name="counter_invoicecall_unique_club_month"
)
]
def __str__(self):
return f"invoice call of {self.month} made by {self.club}"

1
counter/static/counter/css/counter-click.scss
View File

@@ -39,7 +39,6 @@
flex: auto; flex: auto;
margin: 0.2em; margin: 0.2em;
width: 20%; width: 20%;
min-width: 350px;
ul { ul {
list-style-type: none; list-style-type: none;

19
counter/tasks.py
View File

@@ -1,19 +0,0 @@
# Create your tasks here
from celery import shared_task
from counter.models import Counter, Product
@shared_task
def archive_product(*, product_id: int, **kwargs):
product = Product.objects.get(id=product_id)
product.archived = True
product.save()
@shared_task
def change_counters(*, product_id: int, counters: list[int], **kwargs):
product = Product.objects.get(id=product_id)
counters = Counter.objects.filter(id__in=counters)
product.counters.set(counters)

8
counter/templates/counter/counter_click.jinja
View File

@@ -67,13 +67,13 @@
<option value="FIN">{% trans %}Confirm (FIN){% endtrans %}</option> <option value="FIN">{% trans %}Confirm (FIN){% endtrans %}</option>
<option value="ANN">{% trans %}Cancel (ANN){% endtrans %}</option> <option value="ANN">{% trans %}Cancel (ANN){% endtrans %}</option>
</optgroup> </optgroup>
{%- for category in categories.keys() -%} {% for category in categories.keys() %}
<optgroup label="{{ category }}"> <optgroup label="{{ category }}">
{%- for product in categories[category] -%} {% for product in categories[category] %}
<option value="{{ product.id }}">{{ product }}</option> <option value="{{ product.id }}">{{ product }}</option>
{%- endfor -%} {% endfor %}
</optgroup> </optgroup>
{%- endfor -%} {% endfor %}
</counter-product-select> </counter-product-select>
<input type="submit" value="{% trans %}Go{% endtrans %}"/> <input type="submit" value="{% trans %}Go{% endtrans %}"/>

30
counter/templates/counter/invoices_call.jinja
View File

@@ -4,49 +4,35 @@
{% trans %}Invoices call{% endtrans %} {% trans %}Invoices call{% endtrans %}
{% endblock %} {% endblock %}
{% block notifications %}{# Notifications are moved below #}{% endblock %}
{% block content %} {% block content %}
<h3>{% trans date=start_date|date("F Y") %}Invoices call for {{ date }}{% endtrans %}</h3> <h3>{% trans date=start_date|date("F Y") %}Invoices call for {{ date }}{% endtrans %}</h3>
<p>{% trans %}Choose another month: {% endtrans %}</p>
<form method="get" action=""> <form method="get" action="">
<label for="id_form_other_month">{% trans %}Choose another month: {% endtrans %}</label> <select name="month">
<select name="month" id="id_form_other_month">
{% for m in months %} {% for m in months %}
<option value="{{ m|date("Y-m") }}">{{ m|date("Y-m") }}</option> <option value="{{ m|date("Y-m") }}">{{ m|date("Y-m") }}</option>
{% endfor %} {% endfor %}
</select> </select>
<input type="submit" value="{% trans %}Go{% endtrans %}" /> <input type="submit" value="{% trans %}Go{% endtrans %}" />
</form> </form>
<br> <br>
<p>{% trans %}CB Payments{% endtrans %} : {{ sum_cb }} €</p> <p>{% trans %}CB Payments{% endtrans %} : {{ sum_cb }} €</p>
<br> <br>
{% include "core/base/notifications.jinja" %}
<form method="post" action="">
{% csrf_token %}
<table> <table>
<thead> <thead>
<tr>
<td>{% trans %}Club{% endtrans %}</td> <td>{% trans %}Club{% endtrans %}</td>
<td>{% trans %}Sum{% endtrans %}</td> <td>{% trans %}Sum{% endtrans %}</td>
<td>{% trans %}Validated{% endtrans %}</td>
</tr>
</thead> </thead>
<tbody> <tbody>
{% for invoice in invoices %} {% for i in sums %}
<tr> <tr>
<td>{{ invoice.club__name }}</td> <td>{{ i['club__name'] }}</td>
<td>{{ "%.2f"|format(invoice.selling_sum) }} €</td> <td>{{ i['selling_sum'] }} €</td>
<td>
{{ form[invoice.club_id|string] }}
</td>
</tr> </tr>
{% endfor %} {% endfor %}
</tbody> </tbody>
</table> </table>
<input type="hidden" name="month" value="{{ start_date|date('Y-m') }}">
<button type="submit">{% trans %}Save{% endtrans %}</button>
</form>
{% endblock %} {% endblock %}

56
counter/templates/counter/product_form.jinja
View File

@@ -1,56 +0,0 @@
{% extends "core/base.jinja" %}
{% block content %}
{% if object %}
<h2>{% trans name=object %}Edit product {{ name }}{% endtrans %}</h2>
{% else %}
<h2>{% trans %}Product creation{% endtrans %}</h2>
{% endif %}
<form method="post" enctype="multipart/form-data">
{% csrf_token %}
{{ form.as_p() }}
<br />
<h3>{% trans %}Automatic actions{% endtrans %}</h3>
<p class="margin-bottom">
<em>
{%- trans trimmed -%}
Automatic actions allows to schedule product changes
ahead of time.
{%- endtrans -%}
</em>
</p>
{{ form.action_formset.management_form }}
{%- for action_form in form.action_formset.forms -%}
<fieldset x-data="{action: '{{ action_form.task.initial }}'}">
{{ action_form.non_field_errors() }}
<div class="row gap-2x margin-bottom">
<div>
{{ action_form.task.errors }}
{{ action_form.task.label_tag() }}
{{ action_form.task|add_attr("x-model=action") }}
</div>
<div>{{ action_form.trigger_at.as_field_group() }}</div>
</div>
<div x-show="action==='counter.tasks.change_counters'" class="margin-bottom">
{{ action_form.counters.as_field_group() }}
</div>
{%- if action_form.DELETE -%}
<div class="row gap">
{{ action_form.DELETE.as_field_group() }}
</div>
{%- endif -%}
{%- for field in action_form.hidden_fields() -%}
{{ field }}
{%- endfor -%}
</fieldset>
{%- if not loop.last -%}
<hr class="margin-bottom">
{%- endif -%}
{%- endfor -%}
<p><input type="submit" value="{% trans %}Save{% endtrans %}" /></p>
</form>
{% endblock %}

116
counter/tests/test_auto_actions.py
View File

@@ -1,116 +0,0 @@
import json
from datetime import timedelta
import pytest
from django.conf import settings
from django.test import Client
from django.urls import reverse
from django.utils.timezone import now
from django_celery_beat.models import ClockedSchedule
from model_bakery import baker
from core.models import Group, User
from counter.baker_recipes import counter_recipe, product_recipe
from counter.forms import ScheduledProductActionForm, ScheduledProductActionFormSet
from counter.models import ScheduledProductAction
@pytest.mark.django_db
def test_edit_product(client: Client):
client.force_login(
baker.make(
User, groups=[Group.objects.get(id=settings.SITH_GROUP_COUNTER_ADMIN_ID)]
)
)
product = product_recipe.make()
url = reverse("counter:product_edit", kwargs={"product_id": product.id})
res = client.get(url)
assert res.status_code == 200
res = client.post(url, data={})
# This is actually a failure, but we just want to check that
# we don't have a 403 or a 500.
# The actual behaviour will be tested directly on the form.
assert res.status_code == 200
@pytest.mark.django_db
class TestProductActionForm:
def test_single_form_archive(self):
product = product_recipe.make()
trigger_at = now() + timedelta(minutes=10)
form = ScheduledProductActionForm(
product=product,
data={
"scheduled-task": "counter.tasks.archive_product",
"scheduled-trigger_at": trigger_at,
},
)
assert form.is_valid()
instance = form.save()
assert instance.clocked.clocked_time == trigger_at
assert instance.enabled is True
assert instance.one_off is True
assert instance.task == "counter.tasks.archive_product"
assert instance.kwargs == json.dumps({"product_id": product.id})
def test_single_form_change_counters(self):
product = product_recipe.make()
counter = counter_recipe.make()
trigger_at = now() + timedelta(minutes=10)
form = ScheduledProductActionForm(
product=product,
data={
"scheduled-task": "counter.tasks.change_counters",
"scheduled-trigger_at": trigger_at,
"scheduled-counters": [counter.id],
},
)
assert form.is_valid()
instance = form.save()
instance.refresh_from_db()
assert instance.clocked.clocked_time == trigger_at
assert instance.enabled is True
assert instance.one_off is True
assert instance.task == "counter.tasks.change_counters"
assert instance.kwargs == json.dumps(
{"product_id": product.id, "counters": [counter.id]}
)
def test_delete(self):
product = product_recipe.make()
clocked = baker.make(ClockedSchedule, clocked_time=now() + timedelta(minutes=2))
task = baker.make(
ScheduledProductAction,
product=product,
one_off=True,
clocked=clocked,
task="counter.tasks.archive_product",
)
formset = ScheduledProductActionFormSet(product=product)
formset.delete_existing(task)
assert not ScheduledProductAction.objects.filter(id=task.id).exists()
assert not ClockedSchedule.objects.filter(id=clocked.id).exists()
@pytest.mark.django_db
class TestProductActionFormSet:
def test_ok(self):
product = product_recipe.make()
counter = counter_recipe.make()
trigger_at = now() + timedelta(minutes=10)
formset = ScheduledProductActionFormSet(
product=product,
data={
"form-TOTAL_FORMS": "2",
"form-INITIAL_FORMS": "0",
"form-0-task": "counter.tasks.archive_product",
"form-0-trigger_at": trigger_at,
"form-1-task": "counter.tasks.change_counters",
"form-1-trigger_at": trigger_at,
"form-1-counters": [counter.id],
},
)
assert formset.is_valid()
formset.save()
assert ScheduledProductAction.objects.filter(product=product).count() == 2

26
counter/tests/test_counter.py
View File

@@ -355,7 +355,7 @@ class TestCounterClick(TestFullClickBase):
self.submit_basket(self.barmen, [BasketItem(self.beer.id, 1)]) self.submit_basket(self.barmen, [BasketItem(self.beer.id, 1)])
).status_code == 302 ).status_code == 302
assert self.updated_amount(self.barmen) == Decimal(9) assert self.updated_amount(self.barmen) == Decimal("9")
def test_click_tray_price(self): def test_click_tray_price(self):
force_refill_user(self.customer, 20) force_refill_user(self.customer, 20)
@@ -364,12 +364,12 @@ class TestCounterClick(TestFullClickBase):
# Not applying tray price # Not applying tray price
res = self.submit_basket(self.customer, [BasketItem(self.beer_tap.id, 2)]) res = self.submit_basket(self.customer, [BasketItem(self.beer_tap.id, 2)])
assert res.status_code == 302 assert res.status_code == 302
assert self.updated_amount(self.customer) == Decimal(17) assert self.updated_amount(self.customer) == Decimal("17")
# Applying tray price # Applying tray price
res = self.submit_basket(self.customer, [BasketItem(self.beer_tap.id, 7)]) res = self.submit_basket(self.customer, [BasketItem(self.beer_tap.id, 7)])
assert res.status_code == 302 assert res.status_code == 302
assert self.updated_amount(self.customer) == Decimal(8) assert self.updated_amount(self.customer) == Decimal("8")
def test_click_alcool_unauthorized(self): def test_click_alcool_unauthorized(self):
self.login_in_bar() self.login_in_bar()
@@ -381,13 +381,13 @@ class TestCounterClick(TestFullClickBase):
res = self.submit_basket(user, [BasketItem(self.snack.id, 2)]) res = self.submit_basket(user, [BasketItem(self.snack.id, 2)])
assert res.status_code == 302 assert res.status_code == 302
assert self.updated_amount(user) == Decimal(7) assert self.updated_amount(user) == Decimal("7")
# Buy product without age limit # Buy product without age limit
res = self.submit_basket(user, [BasketItem(self.beer.id, 2)]) res = self.submit_basket(user, [BasketItem(self.beer.id, 2)])
assert res.status_code == 200 assert res.status_code == 200
assert self.updated_amount(user) == Decimal(7) assert self.updated_amount(user) == Decimal("7")
def test_click_unauthorized_customer(self): def test_click_unauthorized_customer(self):
self.login_in_bar() self.login_in_bar()
@@ -401,7 +401,7 @@ class TestCounterClick(TestFullClickBase):
assert resp.status_code == 302 assert resp.status_code == 302
assert resp.url == resolve_url(self.counter) assert resp.url == resolve_url(self.counter)
assert self.updated_amount(user) == Decimal(10) assert self.updated_amount(user) == Decimal("10")
def test_click_user_without_customer(self): def test_click_user_without_customer(self):
self.login_in_bar() self.login_in_bar()
@@ -418,7 +418,7 @@ class TestCounterClick(TestFullClickBase):
) )
assert res.status_code == 302 assert res.status_code == 302
assert self.updated_amount(self.customer_old_can_buy) == Decimal(7) assert self.updated_amount(self.customer_old_can_buy) == Decimal("7")
def test_click_wrong_counter(self): def test_click_wrong_counter(self):
self.login_in_bar() self.login_in_bar()
@@ -443,7 +443,7 @@ class TestCounterClick(TestFullClickBase):
) )
assertRedirects(res, self.counter.get_absolute_url()) assertRedirects(res, self.counter.get_absolute_url())
assert self.updated_amount(self.customer) == Decimal(10) assert self.updated_amount(self.customer) == Decimal("10")
def test_click_not_connected(self): def test_click_not_connected(self):
force_refill_user(self.customer, 10) force_refill_user(self.customer, 10)
@@ -455,7 +455,7 @@ class TestCounterClick(TestFullClickBase):
) )
assert res.status_code == 403 assert res.status_code == 403
assert self.updated_amount(self.customer) == Decimal(10) assert self.updated_amount(self.customer) == Decimal("10")
def test_click_product_not_in_counter(self): def test_click_product_not_in_counter(self):
force_refill_user(self.customer, 10) force_refill_user(self.customer, 10)
@@ -463,7 +463,7 @@ class TestCounterClick(TestFullClickBase):
res = self.submit_basket(self.customer, [BasketItem(self.stamps.id, 2)]) res = self.submit_basket(self.customer, [BasketItem(self.stamps.id, 2)])
assert res.status_code == 200 assert res.status_code == 200
assert self.updated_amount(self.customer) == Decimal(10) assert self.updated_amount(self.customer) == Decimal("10")
def test_basket_empty(self): def test_basket_empty(self):
force_refill_user(self.customer, 10) force_refill_user(self.customer, 10)
@@ -477,7 +477,7 @@ class TestCounterClick(TestFullClickBase):
self.submit_basket(self.customer, basket), self.submit_basket(self.customer, basket),
self.counter.get_absolute_url(), self.counter.get_absolute_url(),
) )
assert self.updated_amount(self.customer) == Decimal(10) assert self.updated_amount(self.customer) == Decimal("10")
def test_click_product_invalid(self): def test_click_product_invalid(self):
force_refill_user(self.customer, 10) force_refill_user(self.customer, 10)
@@ -490,7 +490,7 @@ class TestCounterClick(TestFullClickBase):
BasketItem(self.beer.id, None), BasketItem(self.beer.id, None),
]: ]:
assert self.submit_basket(self.customer, [item]).status_code == 200 assert self.submit_basket(self.customer, [item]).status_code == 200
assert self.updated_amount(self.customer) == Decimal(10) assert self.updated_amount(self.customer) == Decimal("10")
def test_click_not_enough_money(self): def test_click_not_enough_money(self):
force_refill_user(self.customer, 10) force_refill_user(self.customer, 10)
@@ -501,7 +501,7 @@ class TestCounterClick(TestFullClickBase):
) )
assert res.status_code == 200 assert res.status_code == 200
assert self.updated_amount(self.customer) == Decimal(10) assert self.updated_amount(self.customer) == Decimal("10")
def test_annotate_has_barman_queryset(self): def test_annotate_has_barman_queryset(self):
"""Test if the custom queryset method `annotate_has_barman` works as intended.""" """Test if the custom queryset method `annotate_has_barman` works as intended."""

76
counter/tests/test_invoices.py
View File

@@ -1,76 +0,0 @@
from datetime import date, datetime
import pytest
from dateutil.relativedelta import relativedelta
from django.contrib.auth.models import Permission
from django.core.exceptions import ValidationError
from django.test import Client
from django.urls import reverse
from django.utils.timezone import localdate
from model_bakery import baker
from pytest_django.asserts import assertRedirects
from club.models import Club
from core.models import User
from counter.baker_recipes import sale_recipe
from counter.forms import InvoiceCallForm
from counter.models import Customer, InvoiceCall, Selling
@pytest.mark.django_db
@pytest.mark.parametrize(
"month", [date(2025, 10, 20), "2025-10", datetime(2025, 10, 15, 12, 30)]
)
def test_invoice_date_with_date(month: date | datetime | str):
club = baker.make(Club)
invoice = InvoiceCall.objects.create(club=club, month=month)
invoice.refresh_from_db()
assert not invoice.is_validated
assert invoice.month == date(2025, 10, 1)
@pytest.mark.django_db
def test_invoice_call_invalid_month_string():
club = baker.make(Club)
with pytest.raises(ValidationError):
InvoiceCall.objects.create(club=club, month="2025-13")
@pytest.mark.django_db
@pytest.mark.parametrize("query", [None, {"month": "2025-08"}])
def test_invoice_call_view(client: Client, query: dict | None):
user = baker.make(
User,
user_permissions=[
*Permission.objects.filter(
codename__in=["view_invoicecall", "change_invoicecall"]
)
],
)
client.force_login(user)
url = reverse("counter:invoices_call", query=query)
assert client.get(url).status_code == 200
assertRedirects(client.post(url), url)
@pytest.mark.django_db
def test_invoice_call_form():
Selling.objects.all().delete()
month = localdate() - relativedelta(months=1)
clubs = baker.make(Club, _quantity=2)
recipe = sale_recipe.extend(date=month, customer=baker.make(Customer, amount=10000))
recipe.make(club=clubs[0], quantity=2, unit_price=200)
recipe.make(club=clubs[0], quantity=3, unit_price=5)
recipe.make(club=clubs[1], quantity=20, unit_price=10)
form = InvoiceCallForm(
month=month, data={str(clubs[0].id): True, str(clubs[1].id): False}
)
assert form.is_valid()
form.save()
assert InvoiceCall.objects.filter(
club=clubs[0], month=month, is_validated=True
).exists()
assert InvoiceCall.objects.filter(
club=clubs[1], month=month, is_validated=False
).exists()

52
counter/tests/test_product.py
View File

@@ -6,16 +6,14 @@ import pytest
from django.conf import settings from django.conf import settings
from django.core.cache import cache from django.core.cache import cache
from django.core.files.uploadedfile import SimpleUploadedFile from django.core.files.uploadedfile import SimpleUploadedFile
from django.test import Client, TestCase from django.test import Client
from django.urls import reverse from django.urls import reverse
from model_bakery import baker from model_bakery import baker
from PIL import Image from PIL import Image
from pytest_django.asserts import assertNumQueries, assertRedirects from pytest_django.asserts import assertNumQueries
from club.models import Club
from core.baker_recipes import board_user, subscriber_user from core.baker_recipes import board_user, subscriber_user
from core.models import Group, User from core.models import Group, User
from counter.forms import ProductForm
from counter.models import Product, ProductType from counter.models import Product, ProductType
@@ -86,49 +84,3 @@ def test_fetch_product_nb_queries(client: Client):
# - 1 for the actual request # - 1 for the actual request
# - 1 to prefetch the related buying_groups # - 1 to prefetch the related buying_groups
client.get(reverse("api:search_products_detailed")) client.get(reverse("api:search_products_detailed"))
class TestCreateProduct(TestCase):
@classmethod
def setUpTestData(cls):
cls.product_type = baker.make(ProductType)
cls.club = baker.make(Club)
cls.data = {
"name": "foo",
"description": "bar",
"product_type": cls.product_type.id,
"club": cls.club.id,
"code": "FOO",
"purchase_price": 1.0,
"selling_price": 1.0,
"special_selling_price": 1.0,
"limit_age": 0,
"form-TOTAL_FORMS": 0,
"form-INITIAL_FORMS": 0,
}
def test_form(self):
form = ProductForm(data=self.data)
assert form.is_valid()
instance = form.save()
assert instance.club == self.club
assert instance.product_type == self.product_type
assert instance.name == "foo"
assert instance.selling_price == 1.0
def test_view(self):
self.client.force_login(
baker.make(
User,
groups=[Group.objects.get(id=settings.SITH_GROUP_COUNTER_ADMIN_ID)],
)
)
url = reverse("counter:new_product")
response = self.client.get(url)
assert response.status_code == 200
response = self.client.post(url, data=self.data)
assertRedirects(response, reverse("counter:product_list"))
product = Product.objects.last()
assert product.name == "foo"
assert product.club == self.club
assert product.product_type == self.product_type

10
counter/views/admin.py
View File

@@ -32,7 +32,7 @@ from core.utils import get_semester_code, get_start_of_semester
from counter.forms import ( from counter.forms import (
CloseCustomerAccountForm, CloseCustomerAccountForm,
CounterEditForm, CounterEditForm,
ProductForm, ProductEditForm,
ReturnableProductForm, ReturnableProductForm,
) )
from counter.models import ( from counter.models import (
@@ -146,8 +146,8 @@ class ProductCreateView(CounterAdminTabsMixin, CounterAdminMixin, CreateView):
"""A create view for the admins.""" """A create view for the admins."""
model = Product model = Product
form_class = ProductForm form_class = ProductEditForm
template_name = "counter/product_form.jinja" template_name = "core/create.jinja"
current_tab = "products" current_tab = "products"
@@ -155,9 +155,9 @@ class ProductEditView(CounterAdminTabsMixin, CounterAdminMixin, UpdateView):
"""An edit view for the admins.""" """An edit view for the admins."""
model = Product model = Product
form_class = ProductForm form_class = ProductEditForm
pk_url_kwarg = "product_id" pk_url_kwarg = "product_id"
template_name = "counter/product_form.jinja" template_name = "core/edit.jinja"
current_tab = "products" current_tab = "products"

106
counter/views/invoice.py
View File

@@ -12,81 +12,77 @@
# OR WITHIN THE LOCAL FILE "LICENSE" # OR WITHIN THE LOCAL FILE "LICENSE"
# #
# #
from datetime import datetime from datetime import datetime, timedelta
from urllib.parse import urlencode from datetime import timezone as tz
from dateutil.relativedelta import relativedelta from django.db.models import F
from django.contrib.auth.mixins import PermissionRequiredMixin from django.utils import timezone
from django.contrib.messages.views import SuccessMessageMixin from django.views.generic import TemplateView
from django.db.models import F, Sum
from django.utils.timezone import localdate, make_aware
from django.utils.translation import gettext_lazy as _
from django.views.generic import FormView
from counter.forms import InvoiceCallForm from counter.fields import CurrencyField
from counter.models import Refilling, Selling from counter.models import Refilling, Selling
from counter.views.mixins import CounterAdminTabsMixin from counter.views.mixins import CounterAdminMixin, CounterAdminTabsMixin
class InvoiceCallView( class InvoiceCallView(CounterAdminTabsMixin, CounterAdminMixin, TemplateView):
CounterAdminTabsMixin, PermissionRequiredMixin, SuccessMessageMixin, FormView
):
template_name = "counter/invoices_call.jinja" template_name = "counter/invoices_call.jinja"
current_tab = "invoices_call" current_tab = "invoices_call"
permission_required = ["counter.view_invoicecall", "counter.change_invoicecall"]
form_class = InvoiceCallForm
success_message = _("Invoice calls status has been updated.")
def get_month(self):
kwargs = self.request.GET or self.request.POST
if "month" in kwargs:
return make_aware(datetime.strptime(kwargs["month"], "%Y-%m"))
return localdate().replace(day=1) - relativedelta(months=1)
def get_form_kwargs(self):
return super().get_form_kwargs() | {"month": self.get_month()}
def form_valid(self, form):
form.save()
return super().form_valid(form)
def get_success_url(self):
# redirect to the month from which the request is originated
url = self.request.path
kwargs = self.request.GET or self.request.POST
if "month" in kwargs:
query = urlencode({"month": kwargs["month"]})
url += f"?{query}"
return url
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
"""Add sums to the context.""" """Add sums to the context."""
kwargs = super().get_context_data(**kwargs) kwargs = super().get_context_data(**kwargs)
kwargs["months"] = Selling.objects.datetimes("date", "month", order="DESC") kwargs["months"] = Selling.objects.datetimes("date", "month", order="DESC")
start_date = self.get_month() if "month" in self.request.GET:
end_date = start_date + relativedelta(months=1) start_date = datetime.strptime(self.request.GET["month"], "%Y-%m")
else:
start_date = datetime(
year=timezone.now().year,
month=(timezone.now().month + 10) % 12 + 1,
day=1,
)
start_date = start_date.replace(tzinfo=tz.utc)
end_date = (start_date + timedelta(days=32)).replace(
day=1, hour=0, minute=0, microsecond=0
)
from django.db.models import Case, Sum, When
kwargs["sum_cb"] = Refilling.objects.filter( kwargs["sum_cb"] = sum(
payment_method="CARD", [
is_validated=True, r.amount
date__gte=start_date, for r in Refilling.objects.filter(
date__lte=end_date,
).aggregate(res=Sum("amount", default=0))["res"]
kwargs["sum_cb"] += (
Selling.objects.filter(
payment_method="CARD", payment_method="CARD",
is_validated=True, is_validated=True,
date__gte=start_date, date__gte=start_date,
date__lte=end_date, date__lte=end_date,
) )
.annotate(amount=F("unit_price") * F("quantity")) ]
.aggregate(res=Sum("amount", default=0))["res"] )
kwargs["sum_cb"] += sum(
[
s.quantity * s.unit_price
for s in Selling.objects.filter(
payment_method="CARD",
is_validated=True,
date__gte=start_date,
date__lte=end_date,
)
]
) )
kwargs["start_date"] = start_date kwargs["start_date"] = start_date
kwargs["invoices"] = ( kwargs["sums"] = (
Selling.objects.filter(date__gte=start_date, date__lt=end_date) Selling.objects.values("club__name")
.values("club_id", "club__name") .annotate(
.annotate(selling_sum=Sum(F("unit_price") * F("quantity"))) selling_sum=Sum(
Case(
When(
date__gte=start_date,
date__lt=end_date,
then=F("unit_price") * F("quantity"),
),
output_field=CurrencyField(),
)
)
)
.exclude(selling_sum=None) .exclude(selling_sum=None)
.order_by("-selling_sum") .order_by("-selling_sum")
) )

1
docs/reference/api/schemas.md
View File

@@ -1 +0,0 @@
::: api.schemas

1
docs/reference/api/views.md
View File

@@ -1 +0,0 @@
::: api.views

353
docs/tutorial/api/account-link.md
View File

@@ -1,353 +0,0 @@
Le site AE offre des mécanismes permettant aux applications tierces
de récupérer les informations sur un utilisateur du site AE.
De cette manière, il devient possible de synchroniser les informations
qu possède l'application tierce sur l'utilisateur, directement depuis
le site AE.
## Fonctionnement général
Pour authentifier vos utilisateurs, vous aurez besoin d'un serveur web
et d'un client d'API (celui auquel est liée votre
[clef d'API](./connect.md#obtenir-une-clef-dapi)).
Deux informations vous sont nécessaires, en plus de votre clef d'API :
- l'id du client : vous pouvez l'obtenir soit en le demandant à l'équipe info,
soit en appelant la route `GET /client/me` avec votre clef d'API
renseignée dans le header [X-APIKey](./connect.md#x-apikey)
- la clef HMAC du client : vous devez la demander à l'équipe info.
Grâce à ces informations, vous allez pouvoir fournir le contexte nécessaire
au site AE pour qu'il authentifie vos utilisateurs.
En effet, la démarche d'authentification s'effectue presque entièrement
sur le site : le travail de l'application tierce consiste uniquement
à fournir à l'utilisateur une url avec les bons paramètres, puis
à recevoir la réponse du serveur si tout s'est bien passé.
Comme un dessin vaut parfois mieux que mille mots,
voici les diagrammes décrivant le processus.
L'un montre l'entièreté de la démarche ;
l'autre dans un souci de simplicité, ne montre que ce qui est visible
directement par l'application tierce.
=== "Intégralité du processus"
```mermaid
sequenceDiagram
actor User
participant App
User->>+App: Authentifie-moi, stp
App-->>-User: url de connexion<br/>avec signature
User->>+Sith: GET url
opt Utilisateur non-connecté
Sith->>+User: Formulaire de connexion
User-->>-Sith: Connexion
end
Sith->>Sith: vérification de la signature
Sith->>+User: Formulaire<br/>des conditions<br/>d'utilisation
User-->>-Sith: Validation
Sith->>+App: URL de retour<br/>avec données utilisateur
App->>App: Traitement des <br/>données utilisateur
App-->>-Sith: 204 OK, No content
Sith-->>-User: Message de succès
App--)User: Message de succès
```
=== "Point de vue de l'application tierce"
```mermaid
sequenceDiagram
actor User
participant App
User->>+App: Authentifie-moi, stp
App-->>-User: url de connexion<br/>avec signature
opt
Sith->>+App: URL de retour<br/>avec données utilisateur
App->>App: Traitement des <br/>données utilisateur
App-->>-Sith: 204 OK, No content
App--)User: Message de succès
end
```
## Données attendues
### URL de connexion
L'URL de connexion que vous allez fournir à l'utilisateur doit
être `https://ae.utbm.fr/api-link/auth/`
et doit contenir les données décrites dans
[`ThirdPartyAuthParamsSchema`][api.schemas.ThirdPartyAuthParamsSchema] :
- `client_id` (integer) : l'id de votre client, que vous pouvez obtenir
de la manière décrite plus haut
- `third_party_app`(string) : le nom de la plateforme pour laquelle
l'authentification va être réalisée (si votre application est un bot
discord, mettez la valeur "discord")
- `privacy_link`(URL) : l'URL vers la page de politique de confidentialité
qui s'appliquera dans le cadre de l'application
(s'il s'agit d'un bot discord, donnez le lien vers celles de Discord)
- `username`(string) : le pseudonyme que l'utilisateur possède sur
votre application
- `callback_url`(URL) : l'URL que le site AE appellera si l'authentification
réussit
- `signature`(string) : la signature des données de la requête.
Ces données doivent être url-encodées et passées dans les paramètres GET.
!!!tip "URL de retour"
Notre système n'impose aucune contrainte quant à la manière
de construire votre URL (hormis le fait que ce doit être une URL HTTPS valide),
mais il est tout de même conseillé d'utiliser l'identifiant de votre
utilisateur comme paramètre dans l'URL
(par exemple `GET /callback/{int:user_id}/`).
???Example
Supposons que votre client d'API soit utilisé dans le cadre d'un bot Discord,
avec les données suivantes :
- l'id du client est 15
- sa clef HMAC est "beb99dd53"
(c'est pour l'exemple, une vraie clef sera beaucoup plus longue)
- le pseudonyme discord de votre utilisateur est Brian
- son id sur discord est 123456789
- votre route de callback est `GET /callback/{int:user_id}/`,
accessible au domaine `https://bot.ae.utbm.fr`
Alors les paramètres de votre URL seront :
| Paramètre | valeur |
|-----------------|-----------------------------------------------------------------------|
| client_id | 15 |
| third_party_app | discord |
| privacy_link | `https://discord.com/privacy` |
| username | Brian |
| callback_url | `https://bot.ae.utbm.fr/callback/123456789/` |
| signature | 1a383c51060be64f07772aa42e07<br/>18ae096b8f21f2cdb4061c0834a416d12101 |
Et l'url fournie à l'utilisateur sera :
`https://ae.utbm.fr/api-link/auth/?client_id=15&third_party_app=discord
&privacy_link=https%3A%2F%2Fdiscord.com%2Fprivacy&username=Brian
&callback_url=https%3A%2F%2Fbot.ae.utbm.fr%2Fcallback%2F123456789%2F
&signature=1a383c51060be64f07772aa42e0718ae096b8f21f2cdb4061c0834a416d12101`
### Données de retour
Si l'authentification réussit, le site AE enverra une requête HTTP POST
à l'URL de retour fournie dans l'URL de connexion.
Le corps de la requête de callback et au format JSON
et contient deux paires clef-valeur :
- `user` : les données utilisateur, telles que décrites
par [UserProfileSchema][core.schemas.UserProfileSchema]
- `signature` : la signature des données utilisateur
???Example
En reprenant les mêmes paramètres que dans l'exemple précédent,
le site AE pourra renvoyer à l'application la requête suivante :
```http
POST https://bot.ae.utbm.fr/callback/123456789/
content-type: application/json
body: {
"user": {
"id": 144131,
"nick_name": "inzekitchen",
"first_name": "Brian",
...
},
"signature": "f16955bab6b805f6e1abbb98a86dfee53fed0bf812aa6513ca46cfd461b70020"
}
```
L'application doit répondre avec un des codes HTTP suivants :
| Code | Raison |
|------|--------------------------------------------------------------------------------|
| 204 | Tout s'est bien passé |
| 403 | Les données de retour ne sont <br>pas signées ou sont mal signées |
| 404 | L'URL de retour ne permet pas <br>d'identifier un utilisateur de l'application |
!!!note "Code d'erreur par défaut"
Si l'appel de la route fait face à plusieurs problèmes en même temps
(par exemple, l'URL ne permet pas de retrouver votre utilisateur,
et en plus les données sont mal signées),
le 403 prime et doit être retourné par défaut.
## Signature des données
Les données de l'URL de connexion doivent être signées,
et la signature de l'URL de retour doit être vérifiée.
Dans le deux cas, la signature est le digest HMAC-SHA512
des données url-encodées, en utilisant la clef HMAC du client d'API.
???Example "Signature de l'URL de connexion"
En reprenant le même exemple que les fois précédentes,
l'url-encodage des données est :
`client_id=15&third_party_app=discord
&privacy_link=https%3A%2F%2Fdiscord.com%2Fprivacy%2F&username=Brian
&callback_url=https%3A%2F%2Fbot.ae.utbm.fr%2Fcallback%2F123456789%2F`
Notez que la signature n'est pas (encore) dedans.
Cette dernière peut-être obtenue avec le code suivant :
=== ":simple-python: Python"
Dépendances :
- `environs` (>=14.1)
```python
import hmac
from urllib.parse import urlencode
from environs import Env
env = Env()
env.read_env()
key = env.str("HMAC_KEY").encode()
data = {
"client_id": 15,
"third_party_app": "discord",
"privacy_link": "https://discord.com/privacy/",
"username": "Brian",
"callback_url": "https://bot.ae.utbm.fr/callback/123456789/",
}
urlencoded = urlencode(data)
data["signature"] = hmac.digest(key, urlencoded.encode(), "sha512").hex()
# URL a fournir à l'utilisateur pour son authentification
user_url = f"https://ae.ubtm.fr/api-link/auth/?{urlencode(data)}"
```
=== ":simple-rust: Rust"
Dépendances :
- `hmac` (>=0.12.1)
- `url` (>=2.5.7, features `serde`)
- `serde` (>=1.0.228, features `derive`)
- `serde_urlencoded` (>="0.7.1)
- `sha2` (>=0.10.9)
- `dotenvy` (>= 0.15)
```rust
use hmac::{Mac, SimpleHmac};
use serde::Serialize;
use sha2::Sha512;
use url::Url;
#[derive(Serialize, Debug)]
struct UrlData<'a> {
client_id: u32,
third_party_app: &'a str,
privacy_link: Url,
username: &'a str,
callback_url: Url,
}
impl<'a> UrlData<'a> {
pub fn signature(&self, key: &[u8]) -> CtOutput<SimpleHmac<Sha512>> {
let urlencoded = serde_urlencoded::to_string(self).unwrap();
SimpleHmac::<Sha512>::new_from_slice(key)
.unwrap()
.chain_update(urlencoded.as_bytes())
.finalize()
}
}
impl Into<Url> for UrlData<'_> {
fn into(self) -> Url {
let key = std::env::var("HMAC_KEY").unwrap();
let mut url = Url::parse("http://ae.utbm.fr/api-link/auth/").unwrap();
url.set_query(Some(
format!(
"{}&signature={:x}",
serde_urlencoded::to_string(&self).unwrap(),
self.signature(key.as_bytes()).into_bytes()
)
.as_str(),
));
url
}
}
fn main() {
dotenvy::dotenv().expect("Couldn't load env");
let data = UrlData {
client_id: 1,
third_party_app: "discord",
privacy_link: "https://discord.com/privacy/".parse().unwrap(),
username: "Brian",
callback_url: "https://bot.ae.utbm.fr/callback/123456789/"
.parse()
.unwrap(),
};
let url: Url = data.into();
println!("{:?}", url);
}
```
???Example "Vérification de la signature de la réponse"
Les données utilisateur peuvent ressembler à :
```json
{
"user": {
"display_name": "Matthieu Vincent",
"profile_url": "/user/380/",
"profile_pict": "/static/core/img/unknown.jpg",
"id": 380,
"nick_name": None,
"first_name": "Matthieu",
"last_name": "Vincent",
},
"signature": "3802a280fbb01bd9fetc."
}
```
Vous pouvez vérifier la signature ainsi :
```python
import hmac
from urllib.parse import urlencode
from environs import Env
env = Env()
env.read_env()
def is_signature_valid(user_data: dict, signature: str) -> bool:
key = env.str("HMAC_KEY").encode()
urlencoded = urlencode(user_data)
return hmac.compare_digest(
hmac.digest(key, urlencoded.encode(), "sha512").hex(),
signature,
)
post_data = <récupération des données POST>
print(
"signature valide :",
is_signature_valid(post_data["user"], post_data["signature"]
)
```
!!!Warning
Vous devez impérativement vérifier la signature
des données de la requête de callback !
Si l'équipe informatique se rend compte que vous ne le faites pas,
elle se réserve le droit de suspendre votre application,
immédiatement et sans préavis.

8
docs/tutorial/api/connect.md
View File

@@ -112,7 +112,7 @@ cf. [HTTP persistant connection (wikipedia)](https://en.wikipedia.org/wiki/HTTP_
Voici quelques exemples : Voici quelques exemples :
=== ":simple-python: Python (requests)" === "Python (requests)"
Dépendances : Dépendances :
@@ -132,7 +132,7 @@ Voici quelques exemples :
print(response.json()) print(response.json())
``` ```
=== ":simple-python: Python (aiohttp)" === "Python (aiohttp)"
Dépendances : Dépendances :
@@ -158,7 +158,7 @@ Voici quelques exemples :
asyncio.run(main()) asyncio.run(main())
``` ```
=== ":simple-javascript: Javascript (axios)" === "Javascript (axios)"
Dépendances : Dépendances :
@@ -178,7 +178,7 @@ Voici quelques exemples :
console.log(await instance.get("club/1").json()); console.log(await instance.get("club/1").json());
``` ```
=== ":simple-rust: Rust (reqwest)" === "Rust (reqwest)"
Dépendances : Dépendances :

37
eboutic/converters.py Normal file
View File

@@ -0,0 +1,37 @@
#
# Copyright 2022
# - Maréchal <thgirod@hotmail.com
#
# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
# http://ae.utbm.fr.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License a published by the Free Software
# Foundation; either version 3 of the License, or (at your option) any later
# version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details.
#
# You should have received a copy of the GNU General Public License along with
# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
# Place - Suite 330, Boston, MA 02111-1307, USA.
class PaymentResultConverter:
"""Converter used for url mapping of the `eboutic.views.payment_result` view.
It's meant to build an url that can match
either `/eboutic/pay/success/` or `/eboutic/pay/failure/`
but nothing else.
"""
regex = "(success|failure)"
def to_python(self, value):
return str(value)
def to_url(self, value):
return str(value)

2
eboutic/models.py
View File

@@ -242,7 +242,7 @@ class Invoice(models.Model):
def validate(self): def validate(self):
if self.validated: if self.validated:
raise DataError(_("Invoice already validated")) raise DataError(_("Invoice already validated"))
customer, _created = Customer.get_or_create(user=self.user) customer, created = Customer.get_or_create(user=self.user)
eboutic = Counter.objects.filter(type="EBOUTIC").first() eboutic = Counter.objects.filter(type="EBOUTIC").first()
for i in self.items.all(): for i in self.items.all():
if i.type_id == settings.SITH_COUNTER_PRODUCTTYPE_REFILLING: if i.type_id == settings.SITH_COUNTER_PRODUCTTYPE_REFILLING:

5
eboutic/templates/eboutic/eboutic_billing_info.jinja
View File

@@ -1,5 +1,3 @@
{% from 'core/macros.jinja' import update_notifications %}
<div id=billing-infos-fragment> <div id=billing-infos-fragment>
<div <div
class="collapse" class="collapse"
@@ -31,6 +29,7 @@
> >
</form> </form>
</div> </div>
<br> <br>
{{ update_notifications(messages) }} {% include "core/base/notifications.jinja" %}
</div> </div>

3
eboutic/templates/eboutic/eboutic_checkout.jinja
View File

@@ -1,7 +1,7 @@
{% extends "core/base.jinja" %} {% extends "core/base.jinja" %}
{% block notifications %} {% block notifications %}
{# Notifications are moved under the billing form #} {# Notifications are moved inside the billing info fragment #}
{% endblock %} {% endblock %}
{% block title %} {% block title %}
@@ -60,7 +60,6 @@
<div @htmx:after-request="fill"> <div @htmx:after-request="fill">
{{ billing_infos_form }} {{ billing_infos_form }}
</div> </div>
{% include "core/base/notifications.jinja" %}
<form <form
method="post" method="post"
action="{{ settings.SITH_EBOUTIC_ET_URL }}" action="{{ settings.SITH_EBOUTIC_ET_URL }}"

2
eboutic/tests/test_payment.py
View File

@@ -108,7 +108,7 @@ class TestPaymentSith(TestPaymentBase):
) )
assert Basket.objects.filter(id=self.basket.id).first() is None assert Basket.objects.filter(id=self.basket.id).first() is None
self.customer.customer.refresh_from_db() self.customer.customer.refresh_from_db()
assert self.customer.customer.amount == Decimal(1) assert self.customer.customer.amount == Decimal("1")
sellings = Selling.objects.filter(customer=self.customer.customer).order_by( sellings = Selling.objects.filter(customer=self.customer.customer).order_by(
"quantity" "quantity"

4
eboutic/urls.py
View File

@@ -24,7 +24,7 @@
from django.urls import path, register_converter from django.urls import path, register_converter
from core.converters import ResultConverter from eboutic.converters import PaymentResultConverter
from eboutic.views import ( from eboutic.views import (
BillingInfoFormFragment, BillingInfoFormFragment,
EbouticCheckout, EbouticCheckout,
@@ -34,7 +34,7 @@ from eboutic.views import (
payment_result, payment_result,
) )
register_converter(ResultConverter, "res") register_converter(PaymentResultConverter, "res")
urlpatterns = [ urlpatterns = [
# Subscription views # Subscription views

4
eboutic/views.py
View File

@@ -48,7 +48,7 @@ from django_countries.fields import Country
from core.auth.mixins import CanViewMixin from core.auth.mixins import CanViewMixin
from core.views.mixins import FragmentMixin, UseFragmentsMixin from core.views.mixins import FragmentMixin, UseFragmentsMixin
from counter.forms import BaseBasketForm, BasketProductForm, BillingInfoForm from counter.forms import BaseBasketForm, BillingInfoForm, ProductForm
from counter.models import ( from counter.models import (
BillingInfo, BillingInfo,
Customer, Customer,
@@ -78,7 +78,7 @@ class BaseEbouticBasketForm(BaseBasketForm):
EbouticBasketForm = forms.formset_factory( EbouticBasketForm = forms.formset_factory(
BasketProductForm, formset=BaseEbouticBasketForm, absolute_max=None, min_num=1 ProductForm, formset=BaseEbouticBasketForm, absolute_max=None, min_num=1
) )

155
election/forms.py
View File

@@ -1,155 +0,0 @@
from django import forms
from django.utils.translation import gettext_lazy as _
from core.models import User
from core.views.forms import SelectDateTime
from core.views.widgets.ajax_select import (
AutoCompleteSelect,
AutoCompleteSelectMultipleGroup,
AutoCompleteSelectUser,
)
from core.views.widgets.markdown import MarkdownInput
from election.models import Candidature, Election, ElectionList, Role
class LimitedCheckboxField(forms.ModelMultipleChoiceField):
"""A `ModelMultipleChoiceField`, with a max limit of selectable inputs."""
def __init__(self, queryset, max_choice, **kwargs):
self.max_choice = max_choice
super().__init__(queryset, **kwargs)
def clean(self, value):
qs = super().clean(value)
self.validate(qs)
return qs
def validate(self, qs):
if qs.count() > self.max_choice:
raise forms.ValidationError(
_("You have selected too many candidates."), code="invalid"
)
class CandidateForm(forms.ModelForm):
"""Form to candidate."""
required_css_class = "required"
class Meta:
model = Candidature
fields = ["user", "role", "program", "election_list"]
labels = {
"user": _("User to candidate"),
}
widgets = {
"program": MarkdownInput,
"user": AutoCompleteSelectUser,
"role": AutoCompleteSelect,
"election_list": AutoCompleteSelect,
}
def __init__(self, *args, election: Election, can_edit: bool = False, **kwargs):
super().__init__(*args, **kwargs)
self.fields["role"].queryset = election.roles.select_related("election")
self.fields["election_list"].queryset = election.election_lists.all()
if not can_edit:
self.fields["user"].widget = forms.HiddenInput()
class VoteForm(forms.Form):
def __init__(self, election: Election, user: User, *args, **kwargs):
super().__init__(*args, **kwargs)
if not election.can_vote(user):
return
for role in election.roles.all():
cand = role.candidatures
if role.max_choice > 1:
self.fields[role.title] = LimitedCheckboxField(
cand, role.max_choice, required=False
)
else:
self.fields[role.title] = forms.ModelChoiceField(
cand,
required=False,
widget=forms.RadioSelect(),
empty_label=_("Blank vote"),
)
class RoleForm(forms.ModelForm):
"""Form for creating a role."""
class Meta:
model = Role
fields = ["title", "election", "description", "max_choice"]
widgets = {"election": AutoCompleteSelect}
def __init__(self, *args, **kwargs):
election_id = kwargs.pop("election_id", None)
super().__init__(*args, **kwargs)
if election_id:
self.fields["election"].queryset = Election.objects.filter(
id=election_id
).all()
def clean(self):
cleaned_data = super().clean()
title = cleaned_data.get("title")
election = cleaned_data.get("election")
if Role.objects.filter(title=title, election=election).exists():
raise forms.ValidationError(
_("This role already exists for this election"), code="invalid"
)
class ElectionListForm(forms.ModelForm):
class Meta:
model = ElectionList
fields = ("title", "election")
widgets = {"election": AutoCompleteSelect}
def __init__(self, *args, **kwargs):
election_id = kwargs.pop("election_id", None)
super().__init__(*args, **kwargs)
if election_id:
self.fields["election"].queryset = Election.objects.filter(
id=election_id
).all()
class ElectionForm(forms.ModelForm):
class Meta:
model = Election
fields = [
"title",
"description",
"archived",
"start_candidature",
"end_candidature",
"start_date",
"end_date",
"edit_groups",
"view_groups",
"vote_groups",
"candidature_groups",
]
widgets = {
"edit_groups": AutoCompleteSelectMultipleGroup,
"view_groups": AutoCompleteSelectMultipleGroup,
"vote_groups": AutoCompleteSelectMultipleGroup,
"candidature_groups": AutoCompleteSelectMultipleGroup,
}
start_date = forms.DateTimeField(
label=_("Start date"), widget=SelectDateTime, required=True
)
end_date = forms.DateTimeField(
label=_("End date"), widget=SelectDateTime, required=True
)
start_candidature = forms.DateTimeField(
label=_("Start candidature"), widget=SelectDateTime, required=True
)
end_candidature = forms.DateTimeField(
label=_("End candidature"), widget=SelectDateTime, required=True
)

30
election/migrations/0005_alter_candidature_program_alter_candidature_user.py
View File

@@ -1,30 +0,0 @@
# Generated by Django 4.2.20 on 2025-03-14 18:18
import django.db.models.deletion
from django.conf import settings
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
("election", "0004_auto_20191006_0049"),
]
operations = [
migrations.AlterField(
model_name="candidature",
name="program",
field=models.TextField(blank=True, default="", verbose_name="description"),
),
migrations.AlterField(
model_name="candidature",
name="user",
field=models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE,
related_name="candidates",
to=settings.AUTH_USER_MODEL,
verbose_name="user",
),
),
]

77
election/models.py
View File

@@ -1,7 +1,5 @@
from django.db import models from django.db import models
from django.db.models import Count
from django.utils import timezone from django.utils import timezone
from django.utils.functional import cached_property
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from ordered_model.models import OrderedModel from ordered_model.models import OrderedModel
@@ -24,18 +22,21 @@ class Election(models.Model):
verbose_name=_("edit groups"), verbose_name=_("edit groups"),
blank=True, blank=True,
) )
view_groups = models.ManyToManyField( view_groups = models.ManyToManyField(
Group, Group,
related_name="viewable_elections", related_name="viewable_elections",
verbose_name=_("view groups"), verbose_name=_("view groups"),
blank=True, blank=True,
) )
vote_groups = models.ManyToManyField( vote_groups = models.ManyToManyField(
Group, Group,
related_name="votable_elections", related_name="votable_elections",
verbose_name=_("vote groups"), verbose_name=_("vote groups"),
blank=True, blank=True,
) )
candidature_groups = models.ManyToManyField( candidature_groups = models.ManyToManyField(
Group, Group,
related_name="candidate_elections", related_name="candidate_elections",
@@ -44,7 +45,7 @@ class Election(models.Model):
) )
voters = models.ManyToManyField( voters = models.ManyToManyField(
User, verbose_name=_("voters"), related_name="voted_elections" User, verbose_name=("voters"), related_name="voted_elections"
) )
archived = models.BooleanField(_("archived"), default=False) archived = models.BooleanField(_("archived"), default=False)
@@ -54,20 +55,20 @@ class Election(models.Model):
@property @property
def is_vote_active(self): def is_vote_active(self):
now = timezone.now() now = timezone.now()
return self.start_date <= now <= self.end_date return bool(now <= self.end_date and now >= self.start_date)
@property @property
def is_vote_finished(self): def is_vote_finished(self):
return timezone.now() > self.end_date return bool(timezone.now() > self.end_date)
@property @property
def is_candidature_active(self): def is_candidature_active(self):
now = timezone.now() now = timezone.now()
return self.start_candidature <= now <= self.end_candidature return bool(now <= self.end_candidature and now >= self.start_candidature)
@property @property
def is_vote_editable(self): def is_vote_editable(self):
return timezone.now() <= self.end_candidature return bool(timezone.now() <= self.end_candidature)
def can_candidate(self, user): def can_candidate(self, user):
for group_id in self.candidature_groups.values_list("pk", flat=True): for group_id in self.candidature_groups.values_list("pk", flat=True):
@@ -86,7 +87,7 @@ class Election(models.Model):
def has_voted(self, user): def has_voted(self, user):
return self.voters.filter(id=user.id).exists() return self.voters.filter(id=user.id).exists()
@cached_property @property
def results(self): def results(self):
results = {} results = {}
total_vote = self.voters.count() total_vote = self.voters.count()
@@ -94,6 +95,12 @@ class Election(models.Model):
results[role.title] = role.results(total_vote) results[role.title] = role.results(total_vote)
return results return results
def delete(self, *args, **kwargs):
self.election_lists.all().delete()
super().delete(*args, **kwargs)
# Permissions
class Role(OrderedModel): class Role(OrderedModel):
"""This class allows to create a new role avaliable for a candidature.""" """This class allows to create a new role avaliable for a candidature."""
@@ -108,27 +115,23 @@ class Role(OrderedModel):
description = models.TextField(_("description"), null=True, blank=True) description = models.TextField(_("description"), null=True, blank=True)
max_choice = models.IntegerField(_("max choice"), default=1) max_choice = models.IntegerField(_("max choice"), default=1)
def __str__(self): def results(self, total_vote):
return f"{self.title} - {self.election.title}" results = {}
def results(self, total_vote: int) -> dict[str, dict[str, int | float]]:
if total_vote == 0:
candidates = self.candidatures.values_list("user__username")
return {
key: {"vote": 0, "percent": 0} for key in ["blank_votes", *candidates]
}
total_vote *= self.max_choice total_vote *= self.max_choice
results = {"total vote": total_vote}
non_blank = 0 non_blank = 0
candidatures = self.candidatures.annotate(nb_votes=Count("votes")).values( for candidature in self.candidatures.all():
"nb_votes", "user__username" cand_results = {}
) cand_results["vote"] = self.votes.filter(candidature=candidature).count()
for candidature in candidatures: if total_vote == 0:
non_blank += candidature["nb_votes"] cand_results["percent"] = 0
results[candidature["user__username"]] = { else:
"vote": candidature["nb_votes"], cand_results["percent"] = cand_results["vote"] * 100 / total_vote
"percent": candidature["nb_votes"] * 100 / total_vote, non_blank += cand_results["vote"]
} results[candidature.user.username] = cand_results
results["total vote"] = total_vote
if total_vote == 0:
results["blank vote"] = {"vote": 0, "percent": 0}
else:
results["blank vote"] = { results["blank vote"] = {
"vote": total_vote - non_blank, "vote": total_vote - non_blank,
"percent": (total_vote - non_blank) * 100 / total_vote, "percent": (total_vote - non_blank) * 100 / total_vote,
@@ -139,6 +142,9 @@ class Role(OrderedModel):
def edit_groups(self): def edit_groups(self):
return self.election.edit_groups return self.election.edit_groups
def __str__(self):
return ("%s : %s") % (self.election.title, self.title)
class ElectionList(models.Model): class ElectionList(models.Model):
"""To allow per list vote.""" """To allow per list vote."""
@@ -157,6 +163,11 @@ class ElectionList(models.Model):
def can_be_edited_by(self, user): def can_be_edited_by(self, user):
return user.can_edit(self.election) return user.can_edit(self.election)
def delete(self, *args, **kwargs):
for candidature in self.candidatures.all():
candidature.delete()
super().delete(*args, **kwargs)
class Candidature(models.Model): class Candidature(models.Model):
"""This class is a component of responsability.""" """This class is a component of responsability."""
@@ -171,9 +182,10 @@ class Candidature(models.Model):
User, User,
verbose_name=_("user"), verbose_name=_("user"),
related_name="candidates", related_name="candidates",
blank=True,
on_delete=models.CASCADE, on_delete=models.CASCADE,
) )
program = models.TextField(_("description"), default="", blank=True) program = models.TextField(_("description"), null=True, blank=True)
election_list = models.ForeignKey( election_list = models.ForeignKey(
ElectionList, ElectionList,
related_name="candidatures", related_name="candidatures",
@@ -184,10 +196,13 @@ class Candidature(models.Model):
def __str__(self): def __str__(self):
return f"{self.role.title} : {self.user.username}" return f"{self.role.title} : {self.user.username}"
def delete(self):
for vote in self.votes.all():
vote.delete()
super().delete()
def can_be_edited_by(self, user): def can_be_edited_by(self, user):
return ( return (user == self.user) or user.can_edit(self.role.election)
(user == self.user) or user.can_edit(self.role.election)
) and self.role.election.is_vote_editable
class Vote(models.Model): class Vote(models.Model):

102
election/templates/election/election_detail.jinja
View File

@@ -31,7 +31,7 @@
<time datetime="{{ election.end_date }}">{{ election.end_date|localtime|date(DATETIME_FORMAT)}}</time> <time datetime="{{ election.end_date }}">{{ election.end_date|localtime|date(DATETIME_FORMAT)}}</time>
{% trans %} at {% endtrans %}<time>{{ election.end_date|localtime|time(DATETIME_FORMAT)}}</time> {% trans %} at {% endtrans %}<time>{{ election.end_date|localtime|time(DATETIME_FORMAT)}}</time>
</p> </p>
{%- if user_has_voted %} {%- if election.has_voted(user) %}
<p class="election__elector-infos"> <p class="election__elector-infos">
{%- if election.is_vote_active %} {%- if election.is_vote_active %}
<span>{% trans %}You already have submitted your vote.{% endtrans %}</span> <span>{% trans %}You already have submitted your vote.{% endtrans %}</span>
@@ -45,11 +45,12 @@
<form action="{{ url('election:vote', election.id) }}" method="post" class="election__vote-form" name="vote-form" id="vote-form"> <form action="{{ url('election:vote', election.id) }}" method="post" class="election__vote-form" name="vote-form" id="vote-form">
{% csrf_token %} {% csrf_token %}
<table class="election_table"> <table class="election_table">
{%- set election_lists = election.election_lists.all() -%}
<thead class="lists"> <thead class="lists">
<tr> <tr>
<th class="column" style="width: {{ 100 / (election_lists|length + 1) }}%">{% trans %}Blank vote{% endtrans %}</th> <th class="column" style="width: {{ 100 / (election_lists.count() + 1) }}%">{% trans %}Blank vote{% endtrans %}</th>
{%- for election_list in election_lists %} {%- for election_list in election_lists %}
<th class="column" style="width: {{ 100 / (election_lists|length + 1) }}%"> <th class="column" style="width: {{ 100 / (election_lists.count() + 1) }}%">
<span>{{ election_list.title }}</span> <span>{{ election_list.title }}</span>
{% if user.can_edit(election_list) and election.is_vote_editable -%} {% if user.can_edit(election_list) and election.is_vote_editable -%}
<a href="{{ url('election:delete_list', list_id=election_list.id) }}"><i class="fa-regular fa-trash-can delete-action"></i></a> <a href="{{ url('election:delete_list', list_id=election_list.id) }}"><i class="fa-regular fa-trash-can delete-action"></i></a>
@@ -58,26 +59,18 @@
{%- endfor %} {%- endfor %}
</tr> </tr>
</thead> </thead>
{%- for role in election_roles %} {%- set role_list = election.roles.order_by('order').all() %}
{%- for role in role_list %}
{%- set count = [0] %}
{%- set role_data = election_form.data.getlist(role.title) if role.title in election_form.data else [] %} {%- set role_data = election_form.data.getlist(role.title) if role.title in election_form.data else [] %}
<tbody data-max-choice="{{role.max_choice}}" class="role{{ ' role_error' if role.title in election_form.errors else '' }}{{ ' role__multiple-choices' if role.max_choice > 1 else ''}}">
<tbody
{% if role.max_choice > 1 -%}
x-data x-limited-choices="{{ role.max_choice }}"
{%- endif %}
class="role {% if role.title in election_form.errors %}role_error{% endif %}"
>
<tr> <tr>
<td class="role_title"> <td class="role_title">
<div class="role_text"> <div class="role_text">
<h4>{{ role.title }}</h4> <h4>{{ role.title }}</h4>
<p class="role_description" show-more="300">{{ role.description }}</p> <p class="role_description" show-more="300">{{ role.description }}</p>
{%- if role.max_choice > 1 and show_vote_buttons %} {%- if role.max_choice > 1 and not election.has_voted(user) and election.can_vote(user) %}
<strong> <strong>{% trans %}You may choose up to{% endtrans %} {{ role.max_choice }} {% trans %}people.{% endtrans %}</strong>
{% trans trimmed nb_choices=role.max_choice %}
You may choose up to {{ nb_choices }} people.
{% endtrans %}
</strong>
{%- endif %} {%- endif %}
{%- if election_form.errors[role.title] is defined %} {%- if election_form.errors[role.title] is defined %}
@@ -88,40 +81,36 @@
</div> </div>
{% if user.can_edit(role) and election.is_vote_editable -%} {% if user.can_edit(role) and election.is_vote_editable -%}
<div class="role_buttons"> <div class="role_buttons">
<a href="{{ url('election:update_role', role_id=role.id) }}"> <a href="{{url('election:update_role', role_id=role.id)}}"><i class="fa-regular fa-pen-to-square edit-action"></i></a>
<i class="fa-regular fa-pen-to-square edit-action"></i> <a href="{{url('election:delete_role', role_id=role.id)}}"><i class="fa-regular fa-trash-can delete-action"></i></a>
</a> {%- if role == role_list.last() %}
<a href="{{ url('election:delete_role', role_id=role.id) }}">
<i class="fa-regular fa-trash-can delete-action"></i>
</a>
{%- if loop.last -%}
<button disabled><i class="fa fa-arrow-down"></i></button> <button disabled><i class="fa fa-arrow-down"></i></button>
<button disabled><i class="fa fa-caret-down"></i></button> <button disabled><i class="fa fa-caret-down"></i></button>
{%- else -%} {%- else %}
<button type="button" onclick="window.location.replace('?role={{ role.id }}&action=bottom');"><i class="fa fa-arrow-down"></i></button> <button type="button" onclick="window.location.replace('?role={{ role.id }}&action=bottom');"><i class="fa fa-arrow-down"></i></button>
<button type="button" onclick="window.location.replace('?role={{ role.id }}&action=down');"><i class="fa fa-caret-down"></i></button> <button type="button" onclick="window.location.replace('?role={{ role.id }}&action=down');"><i class="fa fa-caret-down"></i></button>
{%- endif -%} {%- endif %}
{%- if loop.first -%} {% if role == role_list.first() %}
<button disabled><i class="fa fa-caret-up"></i></button> <button disabled><i class="fa fa-caret-up"></i></button>
<button disabled><i class="fa fa-arrow-up"></i></button> <button disabled><i class="fa fa-arrow-up"></i></button>
{%- else -%} {% else %}
<button type="button" onclick="window.location.replace('?role={{ role.id }}&action=up');"><i class="fa fa-caret-up"></i></button> <button type="button" onclick="window.location.replace('?role={{ role.id }}&action=up');"><i class="fa fa-caret-up"></i></button>
<button type="button" onclick="window.location.replace('?role={{ role.id }}&action=top');"><i class="fa fa-arrow-up"></i></button> <button type="button" onclick="window.location.replace('?role={{ role.id }}&action=top');"><i class="fa fa-arrow-up"></i></button>
{%- endif -%} {% endif %}
</div> </div>
{%- endif -%} {%- endif -%}
</td> </td>
</tr> </tr>
<tr class="role_candidates"> <tr class="role_candidates">
<td class="list_per_role" style="width: 100%; max-width: {{ 100 / (election_lists|length + 1) }}%"> <td class="list_per_role" style="width: 100%; max-width: {{ 100 / (election_lists.count() + 1) }}%">
{%- if role.max_choice == 1 and show_vote_buttons %} {%- if role.max_choice == 1 and election.can_vote(user) %}
<div class="radio-btn"> <div class="radio-btn">
{% set input_id = "blank_vote_" + role.id|string %} <input id="id_{{ role.title }}_{{ count[0] }}" type="radio" name="{{ role.title }}" value {{ '' if role_data in election_form else 'checked' }} {{ 'disabled' if election.has_voted(user) else '' }}>
<input id="{{ input_id }}" type="radio" name="{{ role.title }}"> <label for="id_{{ role.title }}_{{ count[0] }}">
<label for="{{ input_id }}">
<span>{% trans %}Choose blank vote{% endtrans %}</span> <span>{% trans %}Choose blank vote{% endtrans %}</span>
</label> </label>
</div> </div>
{%- set _ = count.append(count.pop() + 1) %}
{%- endif %} {%- endif %}
{%- if election.is_vote_finished %} {%- if election.is_vote_finished %}
{%- set results = election_results[role.title]['blank vote'] %} {%- set results = election_results[role.title]['blank vote'] %}
@@ -131,14 +120,13 @@
{%- endif %} {%- endif %}
</td> </td>
{%- for election_list in election_lists %} {%- for election_list in election_lists %}
<td class="list_per_role" style="width: 100%; max-width: {{ 100 / (election_lists|length + 1) }}%"> <td class="list_per_role" style="width: 100%; max-width: {{ 100 / (election_lists.count() + 1) }}%">
<ul class="candidates"> <ul class="candidates">
{%- for candidature in election_list.candidatures.select_related("user", "user__profile_pict").filter(role=role) %} {%- for candidature in election_list.candidatures.filter(role=role) %}
<li class="candidate"> <li class="candidate">
{%- if show_vote_buttons %} {%- if election.can_vote(user) %}
{% set input_id = "candidature_" + candidature.id|string %} <input id="id_{{ role.title }}_{{ count[0] }}" type="{{ 'checkbox' if role.max_choice > 1 else 'radio' }}" {{ 'checked' if candidature.id|string in role_data else '' }} {{ 'disabled' if election.has_voted(user) else '' }} name="{{ role.title }}" value="{{ candidature.id }}">
<input id="{{ input_id }}" type="{{ 'checkbox' if role.max_choice > 1 else 'radio' }}" {{ 'checked' if candidature.id|string in role_data else '' }} {{ 'disabled' if user_has_voted else '' }} name="{{ role.title }}" value="{{ candidature.id }}"> <label for="id_{{ role.title }}_{{ count[0] }}">
<label for="{{ input_id }}">
{%- endif %} {%- endif %}
<figure> <figure>
{%- if user.is_subscriber_viewable %} {%- if user.is_subscriber_viewable %}
@@ -152,7 +140,7 @@
<h5>{{ candidature.user.first_name }} <em>{{candidature.user.nick_name or ''}} </em>{{ candidature.user.last_name }}</h5> <h5>{{ candidature.user.first_name }} <em>{{candidature.user.nick_name or ''}} </em>{{ candidature.user.last_name }}</h5>
{%- if not election.is_vote_finished %} {%- if not election.is_vote_finished %}
<q class="candidate_program" show-more="200"> <q class="candidate_program" show-more="200">
{{ candidature.program|markdown }} {{ candidature.program|markdown or '' }}
</q> </q>
{%- endif %} {%- endif %}
</figcaption> </figcaption>
@@ -165,8 +153,9 @@
{%- endif -%} {%- endif -%}
{%- endif -%} {%- endif -%}
</figure> </figure>
{%- if show_vote_buttons %} {%- if election.can_vote(user) %}
</label> </label>
{%- set _ = count.append(count.pop() + 1) %}
{%- endif %} {%- endif %}
{%- if election.is_vote_finished %} {%- if election.is_vote_finished %}
{%- set results = election_results[role.title][candidature.user.username] %} {%- set results = election_results[role.title][candidature.user.username] %}
@@ -202,9 +191,36 @@
<a class="button" href="{{ url('election:delete', election_id=object.id) }}">{% trans %}Delete{% endtrans %}</a> <a class="button" href="{{ url('election:delete', election_id=object.id) }}">{% trans %}Delete{% endtrans %}</a>
{%- endif %} {%- endif %}
</section> </section>
{%- if show_vote_buttons %} {%- if not election.has_voted(user) and election.can_vote(user) %}
<section class="buttons"> <section class="buttons">
<button class="button button_send" form="vote-form">{% trans %}Submit the vote !{% endtrans %}</button> <button class="button button_send" form="vote-form">{% trans %}Submit the vote !{% endtrans %}</button>
</section> </section>
{%- endif %} {%- endif %}
{% endblock %} {% endblock %}
{% block script %}
{{ super() }}
<script type="text/javascript">
document.querySelectorAll('.role__multiple-choices').forEach(setupRestrictions);
function setupRestrictions(role) {
var selectedChoices = [];
role.querySelectorAll('input').forEach(setupRestriction);
function setupRestriction(choice) {
if (choice.checked)
selectedChoices.push(choice);
choice.addEventListener('change', onChange);
function onChange() {
if (choice.checked)
selectedChoices.push(choice);
else
selectedChoices.splice(selectedChoices.indexOf(choice), 1);
while (selectedChoices.length > role.dataset.maxChoice)
selectedChoices.shift().checked = false;
}
}
}
</script>
{% endblock %}

80
election/tests.py
View File

@@ -1,15 +1,9 @@
from datetime import timedelta
import pytest
from django.conf import settings from django.conf import settings
from django.test import Client, TestCase from django.test import TestCase
from django.urls import reverse from django.urls import reverse
from django.utils.timezone import now
from model_bakery import baker
from core.baker_recipes import subscriber_user
from core.models import Group, User from core.models import Group, User
from election.models import Candidature, Election, ElectionList, Role, Vote from election.models import Election
class TestElection(TestCase): class TestElection(TestCase):
@@ -18,7 +12,8 @@ class TestElection(TestCase):
cls.election = Election.objects.first() cls.election = Election.objects.first()
cls.public_group = Group.objects.get(id=settings.SITH_GROUP_PUBLIC_ID) cls.public_group = Group.objects.get(id=settings.SITH_GROUP_PUBLIC_ID)
cls.sli = User.objects.get(username="sli") cls.sli = User.objects.get(username="sli")
cls.public = baker.make(User) cls.subscriber = User.objects.get(username="subscriber")
cls.public = User.objects.get(username="public")
class TestElectionDetail(TestElection): class TestElectionDetail(TestElection):
@@ -41,7 +36,7 @@ class TestElectionDetail(TestElection):
class TestElectionUpdateView(TestElection): class TestElectionUpdateView(TestElection):
def test_permission_denied(self): def test_permission_denied(self):
self.client.force_login(subscriber_user.make()) self.client.force_login(self.subscriber)
response = self.client.get( response = self.client.get(
reverse("election:update", args=str(self.election.id)) reverse("election:update", args=str(self.election.id))
) )
@@ -50,68 +45,3 @@ class TestElectionUpdateView(TestElection):
reverse("election:update", args=str(self.election.id)) reverse("election:update", args=str(self.election.id))
) )
assert response.status_code == 403 assert response.status_code == 403
@pytest.mark.django_db
def test_election_create_list_permission(client: Client):
election = baker.make(Election, end_candidature=now() + timedelta(hours=1))
groups = [
Group.objects.get(pk=settings.SITH_GROUP_SUBSCRIBERS_ID),
baker.make(Group),
]
election.candidature_groups.add(groups[0])
election.edit_groups.add(groups[1])
url = reverse("election:create_list", kwargs={"election_id": election.id})
for user in subscriber_user.make(), baker.make(User, groups=[groups[1]]):
client.force_login(user)
assert client.get(url).status_code == 200
# the post is a 200 instead of a 302, because we don't give form data,
# but we don't care as we only test permissions here
assert client.post(url).status_code == 200
client.force_login(baker.make(User))
assert client.get(url).status_code == 403
assert client.post(url).status_code == 403
@pytest.mark.django_db
def test_election_results():
election = baker.make(
Election, voters=baker.make(User, _quantity=50, _bulk_create=True)
)
lists = baker.make(ElectionList, election=election, _quantity=2, _bulk_create=True)
roles = baker.make(
Role, election=election, max_choice=iter([1, 2]), _quantity=2, _bulk_create=True
)
users = baker.make(User, _quantity=4, _bulk_create=True)
cand = [
baker.make(Candidature, role=roles[0], user=users[0], election_list=lists[0]),
baker.make(Candidature, role=roles[0], user=users[1], election_list=lists[1]),
baker.make(Candidature, role=roles[1], user=users[2], election_list=lists[0]),
baker.make(Candidature, role=roles[1], user=users[3], election_list=lists[1]),
]
votes = [
baker.make(Vote, role=roles[0], _quantity=20, _bulk_create=True),
baker.make(Vote, role=roles[0], _quantity=25, _bulk_create=True),
baker.make(Vote, role=roles[1], _quantity=20, _bulk_create=True),
baker.make(Vote, role=roles[1], _quantity=35, _bulk_create=True),
baker.make(Vote, role=roles[1], _quantity=10, _bulk_create=True),
]
cand[0].votes.set(votes[0])
cand[1].votes.set(votes[1])
cand[2].votes.set([*votes[2], *votes[4]])
cand[3].votes.set([*votes[3], *votes[4]])
assert election.results == {
roles[0].title: {
cand[0].user.username: {"percent": 40.0, "vote": 20},
cand[1].user.username: {"percent": 50.0, "vote": 25},
"blank vote": {"percent": 10.0, "vote": 5},
"total vote": 50,
},
roles[1].title: {
cand[2].user.username: {"percent": 30.0, "vote": 30},
cand[3].user.username: {"percent": 45.0, "vote": 45},
"blank vote": {"percent": 25.0, "vote": 25},
"total vote": 100,
},
}

445
election/views.py
View File

@@ -1,34 +1,183 @@
from typing import TYPE_CHECKING from typing import TYPE_CHECKING
from cryptography.utils import cached_property from django import forms
from django.conf import settings from django.contrib.auth.mixins import LoginRequiredMixin, PermissionRequiredMixin
from django.contrib.auth.mixins import (
LoginRequiredMixin,
PermissionRequiredMixin,
UserPassesTestMixin,
)
from django.core.exceptions import PermissionDenied from django.core.exceptions import PermissionDenied
from django.db import transaction from django.db import transaction
from django.db.models import QuerySet from django.db.models.query import QuerySet
from django.shortcuts import get_object_or_404 from django.shortcuts import get_object_or_404, redirect
from django.urls import reverse, reverse_lazy from django.urls import reverse, reverse_lazy
from django.utils.translation import gettext_lazy as _
from django.views.generic import DetailView, ListView from django.views.generic import DetailView, ListView
from django.views.generic.edit import CreateView, DeleteView, FormView, UpdateView from django.views.generic.edit import CreateView, DeleteView, FormView, UpdateView
from core.auth.mixins import CanEditMixin, CanViewMixin from core.auth.mixins import CanCreateMixin, CanEditMixin, CanViewMixin
from election.forms import ( from core.views.forms import SelectDateTime
CandidateForm, from core.views.widgets.ajax_select import (
ElectionForm, AutoCompleteSelect,
ElectionListForm, AutoCompleteSelectMultipleGroup,
RoleForm, AutoCompleteSelectUser,
VoteForm,
) )
from core.views.widgets.markdown import MarkdownInput
from election.models import Candidature, Election, ElectionList, Role, Vote from election.models import Candidature, Election, ElectionList, Role, Vote
if TYPE_CHECKING: if TYPE_CHECKING:
from core.models import User from core.models import User
# Custom form field
class LimitedCheckboxField(forms.ModelMultipleChoiceField):
"""A `ModelMultipleChoiceField`, with a max limit of selectable inputs."""
def __init__(self, queryset, max_choice, **kwargs):
self.max_choice = max_choice
super().__init__(queryset, **kwargs)
def clean(self, value):
qs = super().clean(value)
self.validate(qs)
return qs
def validate(self, qs):
if qs.count() > self.max_choice:
raise forms.ValidationError(
_("You have selected too much candidates."), code="invalid"
)
# Forms
class CandidateForm(forms.ModelForm):
"""Form to candidate."""
class Meta:
model = Candidature
fields = ["user", "role", "program", "election_list"]
labels = {
"user": _("User to candidate"),
}
widgets = {
"program": MarkdownInput,
"user": AutoCompleteSelectUser,
"role": AutoCompleteSelect,
"election_list": AutoCompleteSelect,
}
def __init__(self, *args, **kwargs):
election_id = kwargs.pop("election_id", None)
can_edit = kwargs.pop("can_edit", False)
super().__init__(*args, **kwargs)
if election_id:
self.fields["role"].queryset = Role.objects.filter(
election__id=election_id
).all()
self.fields["election_list"].queryset = ElectionList.objects.filter(
election__id=election_id
).all()
if not can_edit:
self.fields["user"].widget = forms.HiddenInput()
class VoteForm(forms.Form):
def __init__(self, election, user, *args, **kwargs):
super().__init__(*args, **kwargs)
if not election.has_voted(user):
for role in election.roles.all():
cand = role.candidatures
if role.max_choice > 1:
self.fields[role.title] = LimitedCheckboxField(
cand, role.max_choice, required=False
)
else:
self.fields[role.title] = forms.ModelChoiceField(
cand,
required=False,
widget=forms.RadioSelect(),
empty_label=_("Blank vote"),
)
class RoleForm(forms.ModelForm):
"""Form for creating a role."""
class Meta:
model = Role
fields = ["title", "election", "description", "max_choice"]
widgets = {"election": AutoCompleteSelect}
def __init__(self, *args, **kwargs):
election_id = kwargs.pop("election_id", None)
super().__init__(*args, **kwargs)
if election_id:
self.fields["election"].queryset = Election.objects.filter(
id=election_id
).all()
def clean(self):
cleaned_data = super().clean()
title = cleaned_data.get("title")
election = cleaned_data.get("election")
if Role.objects.filter(title=title, election=election).exists():
raise forms.ValidationError(
_("This role already exists for this election"), code="invalid"
)
class ElectionListForm(forms.ModelForm):
class Meta:
model = ElectionList
fields = ("title", "election")
widgets = {"election": AutoCompleteSelect}
def __init__(self, *args, **kwargs):
election_id = kwargs.pop("election_id", None)
super().__init__(*args, **kwargs)
if election_id:
self.fields["election"].queryset = Election.objects.filter(
id=election_id
).all()
class ElectionForm(forms.ModelForm):
class Meta:
model = Election
fields = [
"title",
"description",
"archived",
"start_candidature",
"end_candidature",
"start_date",
"end_date",
"edit_groups",
"view_groups",
"vote_groups",
"candidature_groups",
]
widgets = {
"edit_groups": AutoCompleteSelectMultipleGroup,
"view_groups": AutoCompleteSelectMultipleGroup,
"vote_groups": AutoCompleteSelectMultipleGroup,
"candidature_groups": AutoCompleteSelectMultipleGroup,
}
start_date = forms.DateTimeField(
label=_("Start date"), widget=SelectDateTime, required=True
)
end_date = forms.DateTimeField(
label=_("End date"), widget=SelectDateTime, required=True
)
start_candidature = forms.DateTimeField(
label=_("Start candidature"), widget=SelectDateTime, required=True
)
end_candidature = forms.DateTimeField(
label=_("End candidature"), widget=SelectDateTime, required=True
)
# Display elections # Display elections
@@ -36,21 +185,25 @@ class ElectionsListView(CanViewMixin, ListView):
"""A list of all non archived elections visible.""" """A list of all non archived elections visible."""
model = Election model = Election
queryset = model.objects.filter(archived=False)
ordering = ["-id"] ordering = ["-id"]
paginate_by = 10 paginate_by = 10
template_name = "election/election_list.jinja" template_name = "election/election_list.jinja"
def get_queryset(self):
return super().get_queryset().filter(archived=False).all()
class ElectionListArchivedView(CanViewMixin, ListView): class ElectionListArchivedView(CanViewMixin, ListView):
"""A list of all archived elections visible.""" """A list of all archived elections visible."""
model = Election model = Election
queryset = model.objects.filter(archived=True)
ordering = ["-id"] ordering = ["-id"]
paginate_by = 10 paginate_by = 10
template_name = "election/election_list.jinja" template_name = "election/election_list.jinja"
def get_queryset(self):
return super().get_queryset().filter(archived=True).all()
class ElectionDetailView(CanViewMixin, DetailView): class ElectionDetailView(CanViewMixin, DetailView):
"""Details an election responsability by responsability.""" """Details an election responsability by responsability."""
@@ -59,67 +212,46 @@ class ElectionDetailView(CanViewMixin, DetailView):
template_name = "election/election_detail.jinja" template_name = "election/election_detail.jinja"
pk_url_kwarg = "election_id" pk_url_kwarg = "election_id"
@staticmethod
def _reorder_votes(action: str, role: int):
role = Role.objects.filter(id=role).first()
if not role:
return
if action == "up":
role.up()
elif action == "down":
role.down()
elif action == "bottom":
role.bottom()
elif action == "top":
role.top()
def get(self, request, *arg, **kwargs): def get(self, request, *arg, **kwargs):
response = super().get(request, *arg, **kwargs)
election: Election = self.get_object() election: Election = self.get_object()
if election.is_vote_editable and request.user.can_edit(election): if request.user.can_edit(election) and election.is_vote_editable:
action = request.GET.get("action", None) action = request.GET.get("action", None)
role = request.GET.get("role", None) role = request.GET.get("role", None)
if action and role and role.isdigit(): if action and role and Role.objects.filter(id=role).exists():
self._reorder_votes(action, int(role)) if action == "up":
return super().get(request, *arg, **kwargs) Role.objects.get(id=role).up()
elif action == "down":
Role.objects.get(id=role).down()
elif action == "bottom":
Role.objects.get(id=role).bottom()
elif action == "top":
Role.objects.get(id=role).top()
return redirect(
reverse("election:detail", kwargs={"election_id": election.id})
)
return response
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
"""Add additionnal data to the template.""" """Add additionnal data to the template."""
user: User = self.request.user kwargs = super().get_context_data(**kwargs)
return super().get_context_data(**kwargs) | { kwargs["election_form"] = VoteForm(self.object, self.request.user)
"election_form": VoteForm(self.object, user), kwargs["election_results"] = self.object.results
"show_vote_buttons": self.object.can_vote(user), return kwargs
"user_has_voted": self.object.has_voted(user),
"election_results": (
self.object.results if self.object.is_vote_finished else None
),
"election_lists": list(self.object.election_lists.all()),
"election_roles": list(self.object.roles.order_by("order")),
}
# Form view # Form view
class VoteFormView(LoginRequiredMixin, UserPassesTestMixin, FormView): class VoteFormView(CanCreateMixin, FormView):
"""Alows users to vote.""" """Alows users to vote."""
form_class = VoteForm form_class = VoteForm
template_name = "election/election_detail.jinja" template_name = "election/election_detail.jinja"
@cached_property def dispatch(self, request, *arg, **kwargs):
def election(self): self.election = get_object_or_404(Election, pk=kwargs["election_id"])
return get_object_or_404(Election, pk=self.kwargs["election_id"]) return super().dispatch(request, *arg, **kwargs)
def test_func(self):
groups = set(self.election.vote_groups.values_list("id", flat=True))
if (
settings.SITH_GROUP_SUBSCRIBERS_ID in groups
and self.request.user.is_subscribed
):
# the subscriber group isn't truly attached to users,
# so it must be dealt with separately
return True
return self.request.user.groups.filter(id__in=groups).exists()
def vote(self, election_data): def vote(self, election_data):
with transaction.atomic(): with transaction.atomic():
@@ -139,16 +271,20 @@ class VoteFormView(LoginRequiredMixin, UserPassesTestMixin, FormView):
self.election.voters.add(self.request.user) self.election.voters.add(self.request.user)
def get_form_kwargs(self): def get_form_kwargs(self):
return super().get_form_kwargs() | { kwargs = super().get_form_kwargs()
"election": self.election, kwargs["election"] = self.election
"user": self.request.user, kwargs["user"] = self.request.user
} return kwargs
def form_valid(self, form): def form_valid(self, form):
"""Verify that the user is part in a vote group.""" """Verify that the user is part in a vote group."""
data = form.clean() data = form.clean()
res = super(FormView, self).form_valid(form)
for grp_id in self.election.vote_groups.values_list("pk", flat=True):
if self.request.user.is_in_group(pk=grp_id):
self.vote(data) self.vote(data)
return super().form_valid(form) return res
return res
def get_success_url(self, **kwargs): def get_success_url(self, **kwargs):
return reverse_lazy("election:detail", kwargs={"election_id": self.election.id}) return reverse_lazy("election:detail", kwargs={"election_id": self.election.id})
@@ -174,22 +310,26 @@ class CandidatureCreateView(LoginRequiredMixin, CreateView):
def dispatch(self, request, *arg, **kwargs): def dispatch(self, request, *arg, **kwargs):
self.election = get_object_or_404(Election, pk=kwargs["election_id"]) self.election = get_object_or_404(Election, pk=kwargs["election_id"])
self.can_edit = self.request.user.can_edit(self.election)
return super().dispatch(request, *arg, **kwargs) return super().dispatch(request, *arg, **kwargs)
def get_initial(self): def get_initial(self):
return {"user": self.request.user.id} init = {}
self.can_edit = self.request.user.can_edit(self.election)
init["user"] = self.request.user.id
return init
def get_form_kwargs(self): def get_form_kwargs(self):
return super().get_form_kwargs() | { kwargs = super().get_form_kwargs()
"election": self.election, kwargs["election_id"] = self.election.id
"can_edit": self.can_edit, kwargs["can_edit"] = self.can_edit
} return kwargs
def form_valid(self, form: CandidateForm): def form_valid(self, form):
"""Verify that the selected user is in candidate group.""" """Verify that the selected user is in candidate group."""
obj = form.instance obj = form.instance
obj.election = self.election obj.election = self.election
if not hasattr(obj, "user"):
obj.user = self.request.user
if (obj.election.can_candidate(obj.user)) and ( if (obj.election.can_candidate(obj.user)) and (
obj.user == self.request.user or self.can_edit obj.user == self.request.user or self.can_edit
): ):
@@ -197,7 +337,9 @@ class CandidatureCreateView(LoginRequiredMixin, CreateView):
raise PermissionDenied raise PermissionDenied
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
return super().get_context_data(**kwargs) | {"election": self.election} kwargs = super().get_context_data(**kwargs)
kwargs["election"] = self.election
return kwargs
def get_success_url(self, **kwargs): def get_success_url(self, **kwargs):
return reverse_lazy("election:detail", kwargs={"election_id": self.election.id}) return reverse_lazy("election:detail", kwargs={"election_id": self.election.id})
@@ -213,79 +355,80 @@ class ElectionCreateView(PermissionRequiredMixin, CreateView):
return reverse("election:detail", kwargs={"election_id": self.object.id}) return reverse("election:detail", kwargs={"election_id": self.object.id})
class RoleCreateView(LoginRequiredMixin, UserPassesTestMixin, CreateView): class RoleCreateView(CanCreateMixin, CreateView):
model = Role model = Role
form_class = RoleForm form_class = RoleForm
template_name = "core/create.jinja" template_name = "core/create.jinja"
@cached_property def dispatch(self, request, *arg, **kwargs):
def election(self): self.election = get_object_or_404(Election, pk=kwargs["election_id"])
return get_object_or_404(Election, pk=self.kwargs["election_id"])
def test_func(self):
if not self.election.is_vote_editable: if not self.election.is_vote_editable:
return False raise PermissionDenied
if self.request.user.has_perm("election.add_role"): return super().dispatch(request, *arg, **kwargs)
return True
groups = set(self.election.edit_groups.values_list("id", flat=True))
if (
settings.SITH_GROUP_SUBSCRIBERS_ID in groups
and self.request.user.is_subscribed
):
# the subscriber group isn't truly attached to users,
# so it must be dealt with separately
return True
return self.request.user.groups.filter(id__in=groups).exists()
def get_initial(self): def get_initial(self):
return {"election": self.election} init = {}
init["election"] = self.election
return init
def form_valid(self, form):
"""Verify that the user can edit properly."""
obj: Role = form.instance
user: User = self.request.user
if obj.election:
for grp_id in obj.election.edit_groups.values_list("pk", flat=True):
if user.is_in_group(pk=grp_id):
return super(CreateView, self).form_valid(form)
raise PermissionDenied
def get_form_kwargs(self): def get_form_kwargs(self):
return super().get_form_kwargs() | {"election_id": self.election.id} kwargs = super().get_form_kwargs()
kwargs["election_id"] = self.election.id
return kwargs
def get_success_url(self, **kwargs): def get_success_url(self, **kwargs):
return reverse( return reverse_lazy(
"election:detail", kwargs={"election_id": self.object.election_id} "election:detail", kwargs={"election_id": self.object.election.id}
) )
class ElectionListCreateView(LoginRequiredMixin, UserPassesTestMixin, CreateView): class ElectionListCreateView(CanCreateMixin, CreateView):
model = ElectionList model = ElectionList
form_class = ElectionListForm form_class = ElectionListForm
template_name = "core/create.jinja" template_name = "core/create.jinja"
@cached_property def dispatch(self, request, *arg, **kwargs):
def election(self): self.election = get_object_or_404(Election, pk=kwargs["election_id"])
return get_object_or_404(Election, pk=self.kwargs["election_id"])
def test_func(self):
if not self.election.is_vote_editable: if not self.election.is_vote_editable:
return False raise PermissionDenied
if self.request.user.has_perm("election.add_electionlist"): return super().dispatch(request, *arg, **kwargs)
return True
groups = set(
self.election.candidature_groups.values("id")
.union(self.election.edit_groups.values("id"))
.values_list("id", flat=True)
)
if (
settings.SITH_GROUP_SUBSCRIBERS_ID in groups
and self.request.user.is_subscribed
):
# the subscriber group isn't truly attached to users,
# so it must be dealt with separately
return True
return self.request.user.groups.filter(id__in=groups).exists()
def get_initial(self): def get_initial(self):
return {"election": self.election} init = {}
init["election"] = self.election
return init
def get_form_kwargs(self): def get_form_kwargs(self):
return super().get_form_kwargs() | {"election_id": self.election.id} kwargs = super().get_form_kwargs()
kwargs["election_id"] = self.election.id
return kwargs
def form_valid(self, form):
"""Verify that the user can vote on this election."""
obj: ElectionList = form.instance
user: User = self.request.user
if obj.election:
for grp_id in obj.election.candidature_groups.values_list("pk", flat=True):
if user.is_in_group(pk=grp_id):
return super(CreateView, self).form_valid(form)
for grp_id in obj.election.edit_groups.values_list("pk", flat=True):
if user.is_in_group(pk=grp_id):
return super(CreateView, self).form_valid(form)
raise PermissionDenied
def get_success_url(self, **kwargs): def get_success_url(self, **kwargs):
return reverse( return reverse_lazy(
"election:detail", kwargs={"election_id": self.object.election_id} "election:detail", kwargs={"election_id": self.object.election.id}
) )
@@ -314,23 +457,45 @@ class ElectionUpdateView(CanEditMixin, UpdateView):
return reverse_lazy("election:detail", kwargs={"election_id": self.object.id}) return reverse_lazy("election:detail", kwargs={"election_id": self.object.id})
class CandidatureUpdateView(LoginRequiredMixin, CanEditMixin, UpdateView): class CandidatureUpdateView(CanEditMixin, UpdateView):
model = Candidature model = Candidature
form_class = CandidateForm form_class = CandidateForm
template_name = "core/edit.jinja" template_name = "core/edit.jinja"
pk_url_kwarg = "candidature_id" pk_url_kwarg = "candidature_id"
def get_form(self, *args, **kwargs): def dispatch(self, request, *arg, **kwargs):
form = super().get_form(*args, **kwargs) self.object = self.get_object()
form.fields.pop("role", None) if not self.object.role.election.is_vote_editable:
return form raise PermissionDenied
return super().dispatch(request, *arg, **kwargs)
def remove_fields(self):
self.form.fields.pop("role", None)
def get(self, request, *args, **kwargs):
self.form = self.get_form()
self.remove_fields()
return self.render_to_response(self.get_context_data(form=self.form))
def post(self, request, *args, **kwargs):
self.form = self.get_form()
self.remove_fields()
if (
request.user.is_authenticated
and request.user.can_edit(self.object)
and self.form.is_valid()
):
return super().form_valid(self.form)
return self.form_invalid(self.form)
def get_form_kwargs(self): def get_form_kwargs(self):
return super().get_form_kwargs() | {"election": self.object.role.election} kwargs = super().get_form_kwargs()
kwargs["election_id"] = self.object.role.election.id
return kwargs
def get_success_url(self, **kwargs): def get_success_url(self, **kwargs):
return reverse( return reverse_lazy(
"election:detail", kwargs={"election_id": self.object.role.election_id} "election:detail", kwargs={"election_id": self.object.role.election.id}
) )
@@ -381,12 +546,18 @@ class RoleUpdateView(CanEditMixin, UpdateView):
# Delete Views # Delete Views
class ElectionDeleteView(PermissionRequiredMixin, DeleteView): class ElectionDeleteView(DeleteView):
model = Election model = Election
template_name = "core/delete_confirm.jinja" template_name = "core/delete_confirm.jinja"
pk_url_kwarg = "election_id" pk_url_kwarg = "election_id"
permission_required = "election.delete_election"
success_url = reverse_lazy("election:list") def dispatch(self, request, *args, **kwargs):
if request.user.is_root:
return super().dispatch(request, *args, **kwargs)
raise PermissionDenied
def get_success_url(self, **kwargs):
return reverse_lazy("election:list")
class CandidatureDeleteView(CanEditMixin, DeleteView): class CandidatureDeleteView(CanEditMixin, DeleteView):
@@ -402,7 +573,7 @@ class CandidatureDeleteView(CanEditMixin, DeleteView):
return super().dispatch(request, *arg, **kwargs) return super().dispatch(request, *arg, **kwargs)
def get_success_url(self, **kwargs): def get_success_url(self, **kwargs):
return reverse("election:detail", kwargs={"election_id": self.election.id}) return reverse_lazy("election:detail", kwargs={"election_id": self.election.id})
class RoleDeleteView(CanEditMixin, DeleteView): class RoleDeleteView(CanEditMixin, DeleteView):
@@ -418,7 +589,7 @@ class RoleDeleteView(CanEditMixin, DeleteView):
return super().dispatch(request, *arg, **kwargs) return super().dispatch(request, *arg, **kwargs)
def get_success_url(self, **kwargs): def get_success_url(self, **kwargs):
return reverse("election:detail", kwargs={"election_id": self.election.id}) return reverse_lazy("election:detail", kwargs={"election_id": self.election.id})
class ElectionListDeleteView(CanEditMixin, DeleteView): class ElectionListDeleteView(CanEditMixin, DeleteView):
@@ -434,4 +605,4 @@ class ElectionListDeleteView(CanEditMixin, DeleteView):
return super().dispatch(request, *args, **kwargs) return super().dispatch(request, *args, **kwargs)
def get_success_url(self, **kwargs): def get_success_url(self, **kwargs):
return reverse("election:detail", kwargs={"election_id": self.election.id}) return reverse_lazy("election:detail", kwargs={"election_id": self.election.id})

6
galaxy/management/commands/rule_galaxy.py
View File

@@ -45,9 +45,8 @@ class Command(BaseCommand):
"verbosity level should be between 0 and 2 included", stacklevel=2 "verbosity level should be between 0 and 2 included", stacklevel=2
) )
if options["verbosity"] >= 2: if options["verbosity"] == 2:
logger.setLevel(logging.DEBUG) logger.setLevel(logging.DEBUG)
logging.getLogger("django.db.backends").setLevel(logging.DEBUG)
elif options["verbosity"] == 1: elif options["verbosity"] == 1:
logger.setLevel(logging.INFO) logger.setLevel(logging.INFO)
else: else:
@@ -60,3 +59,6 @@ class Command(BaseCommand):
Galaxy.objects.filter(state__isnull=True).delete() Galaxy.objects.filter(state__isnull=True).delete()
logger.info("Ruled the galaxy in {} queries.".format(len(connection.queries))) logger.info("Ruled the galaxy in {} queries.".format(len(connection.queries)))
if options["verbosity"] > 2:
for q in connection.queries:
logger.debug(q)

64
galaxy/models.py
View File

@@ -31,14 +31,13 @@ from collections import defaultdict
from typing import NamedTuple, TypedDict from typing import NamedTuple, TypedDict
from django.db import models from django.db import models
from django.db.models import Count, Exists, F, OuterRef, Q, QuerySet from django.db.models import Count, F, Q, QuerySet
from django.utils.timezone import localdate, now from django.utils.timezone import localdate
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from club.models import Membership from club.models import Membership
from core.models import User from core.models import User
from sas.models import PeoplePictureRelation, Picture from sas.models import PeoplePictureRelation, Picture
from subscription.models import Subscription
class GalaxyStar(models.Model): class GalaxyStar(models.Model):
@@ -199,16 +198,8 @@ class Galaxy(models.Model):
cls, picture_count_threshold: int = DEFAULT_PICTURE_COUNT_THRESHOLD cls, picture_count_threshold: int = DEFAULT_PICTURE_COUNT_THRESHOLD
) -> QuerySet[User]: ) -> QuerySet[User]:
return ( return (
User.objects.filter(is_subscriber_viewable=True) User.objects.exclude(subscriptions=None)
.exclude(subscriptions=None) .annotate(pictures_count=Count("pictures"))
.annotate(
pictures_count=Count("pictures"),
is_active_in_galaxy=Exists(
Subscription.objects.filter(
member=OuterRef("id"), subscription_end__gt=now()
)
),
)
.filter(pictures_count__gt=picture_count_threshold) .filter(pictures_count__gt=picture_count_threshold)
.distinct() .distinct()
) )
@@ -299,9 +290,9 @@ class Galaxy(models.Model):
31/12/2022 (also two years, but with an offset of one year), then their 31/12/2022 (also two years, but with an offset of one year), then their
club score is 365. club score is 365.
""" """
memberships = user.memberships.values("start_date", "end_date", "club_id") memberships = user.memberships.only("start_date", "end_date", "club_id")
result = defaultdict(int) result = defaultdict(int)
today = localdate() now = localdate()
for membership in memberships: for membership in memberships:
# This is a N+1 query, but 92% of galaxy users have less than 10 memberships. # This is a N+1 query, but 92% of galaxy users have less than 10 memberships.
# Only 5 users have more than 30 memberships. # Only 5 users have more than 30 memberships.
@@ -309,23 +300,23 @@ class Galaxy(models.Model):
Membership.objects.exclude(user=user) Membership.objects.exclude(user=user)
.filter( .filter(
Q( # start2 <= start1 <= end2 Q( # start2 <= start1 <= end2
start_date__lte=membership["start_date"], start_date__lte=membership.start_date,
end_date__gte=membership["start_date"], end_date__gte=membership.start_date,
) )
| Q( # start2 <= start1 <= today | Q( # start2 <= start1 <= now
start_date__lte=membership["start_date"], end_date=None start_date__lte=membership.start_date, end_date=None
) )
| Q( # start1 <= start2 <= end2 | Q( # start1 <= start2 <= end2
start_date__gte=membership["start_date"], start_date__gte=membership.start_date,
start_date__lte=membership["end_date"] or today, start_date__lte=membership.end_date or now,
), ),
club_id=membership["club_id"], club_id=membership.club_id,
) )
.only("start_date", "end_date", "user_id") .only("start_date", "end_date", "user_id")
) )
for other in common_memberships: for other in common_memberships:
start = max(membership["start_date"], other.start_date) start = max(membership.start_date, other.start_date)
end = min(membership["end_date"] or today, other.end_date or today) end = min(membership.end_date or now, other.end_date or now)
result[other.user_id] += (end - start).days * cls.CLUBS_POINTS result[other.user_id] += (end - start).days * cls.CLUBS_POINTS
return result return result
@@ -391,22 +382,18 @@ class Galaxy(models.Model):
# this is memory expensive but prevents a lot of db hits, therefore # this is memory expensive but prevents a lot of db hits, therefore
# is far more time efficient # is far more time efficient
rulable_users_qs = self.get_rulable_users(picture_count_threshold) rulable_users = list(self.get_rulable_users(picture_count_threshold))
active_users_count = rulable_users_qs.filter(is_active_in_galaxy=True).count() rulable_users_count = len(rulable_users)
rulable_users = list(rulable_users_qs)
user1_count = 0 user1_count = 0
self.logger.info( self.logger.info(
f" {len(rulable_users)} citizens (with {active_users_count} active ones) " f"{rulable_users_count} citizen have been listed. Starting to rule."
f"have been listed. Starting to rule."
) )
self.logger.info("Creating stars for all citizen") self.logger.info("Creating stars for all citizen")
individual_scores = self.compute_individual_scores() individual_scores = self.compute_individual_scores()
GalaxyStar.objects.bulk_create( GalaxyStar.objects.bulk_create(
[ [
GalaxyStar( GalaxyStar(owner=user, galaxy=self, mass=individual_scores[user.id])
owner_id=user.id, galaxy=self, mass=individual_scores[user.id]
)
for user in rulable_users for user in rulable_users
] ]
) )
@@ -418,9 +405,9 @@ class Galaxy(models.Model):
t_global_start = time.time() t_global_start = time.time()
while len(rulable_users) > 0: while len(rulable_users) > 0:
user1 = rulable_users.pop() user1 = rulable_users.pop()
if not user1.is_active_in_galaxy:
continue
user1_count += 1 user1_count += 1
rulable_users_count2 = len(rulable_users)
star1 = stars[user1.id] star1 = stars[user1.id]
lanes = [] lanes = []
@@ -461,20 +448,17 @@ class Galaxy(models.Model):
self.logger.info("") self.logger.info("")
self.logger.info(f" Ruling of {self} ".center(60, "#")) self.logger.info(f" Ruling of {self} ".center(60, "#"))
self.logger.info( self.logger.info(
f"Progression: {user1_count}/{active_users_count} " f"Progression: {user1_count}/{rulable_users_count} "
f"citizen -- {active_users_count - user1_count} remaining" f"citizen -- {rulable_users_count - user1_count} remaining"
) )
self.logger.info(f"Speed: {global_avg_speed:.2f} citizen per second") self.logger.info(f"Speed: {global_avg_speed:.2f} citizen per second")
eta = len(rulable_users) // global_avg_speed eta = rulable_users_count2 // global_avg_speed
self.logger.info( self.logger.info(
f"ETA: {int(eta // 60 % 60)} minutes {int(eta % 60)} seconds" f"ETA: {int(eta // 60 % 60)} minutes {int(eta % 60)} seconds"
) )
self.logger.info("#" * 60) self.logger.info("#" * 60)
t_global_start = time.time() t_global_start = time.time()
count, _ = self.stars.filter(Q(lanes1=None) & Q(lanes2=None)).delete()
self.logger.info(f"{count} orphan stars have been trimmed.")
# Here, we get the IDs of the old galaxies that we'll need to delete. In normal operation, only one galaxy # Here, we get the IDs of the old galaxies that we'll need to delete. In normal operation, only one galaxy
# should be returned, and we can't delete it yet, as it's the one still displayed by the Sith. # should be returned, and we can't delete it yet, as it's the one still displayed by the Sith.
old_galaxies_pks = list( old_galaxies_pks = list(

4
galaxy/tests.py
View File

@@ -122,7 +122,7 @@ class TestGalaxyModel(TestCase):
self.com, self.com,
] ]
with self.assertNumQueries(38): with self.assertNumQueries(44):
while len(users) > 0: while len(users) > 0:
user1 = users.pop(0) user1 = users.pop(0)
family_scores = Galaxy.compute_user_family_score(user1) family_scores = Galaxy.compute_user_family_score(user1)
@@ -150,7 +150,7 @@ class TestGalaxyModel(TestCase):
that the number of queries to rule the galaxy is stable. that the number of queries to rule the galaxy is stable.
""" """
galaxy = Galaxy.objects.create() galaxy = Galaxy.objects.create()
with self.assertNumQueries(36): with self.assertNumQueries(39):
galaxy.rule(0) # We want everybody here galaxy.rule(0) # We want everybody here

348
locale/fr/LC_MESSAGES/django.po
View File

@@ -6,7 +6,7 @@
msgid "" msgid ""
msgstr "" msgstr ""
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2025-11-07 14:50+0100\n" "POT-Creation-Date: 2025-09-26 17:36+0200\n"
"PO-Revision-Date: 2016-07-18\n" "PO-Revision-Date: 2016-07-18\n"
"Last-Translator: Maréchal <thomas.girod@utbm.fr\n" "Last-Translator: Maréchal <thomas.girod@utbm.fr\n"
"Language-Team: AE info <ae.info@utbm.fr>\n" "Language-Team: AE info <ae.info@utbm.fr>\n"
@@ -35,10 +35,6 @@ msgstr ""
"True si gardé à jour par le biais d'un fournisseur externe de domains " "True si gardé à jour par le biais d'un fournisseur externe de domains "
"toxics, False sinon" "toxics, False sinon"
#: api/admin.py
msgid "Reset HMAC key"
msgstr "Réinitialiser la clef HMAC"
#: api/admin.py #: api/admin.py
#, python-format #, python-format
msgid "" msgid ""
@@ -52,23 +48,6 @@ msgstr ""
msgid "Revoke selected API keys" msgid "Revoke selected API keys"
msgstr "Révoquer les clefs d'API sélectionnées" msgstr "Révoquer les clefs d'API sélectionnées"
#: api/forms.py
msgid "I have read and I accept the terms and conditions of use"
msgstr "J'ai lu et j'accepte les conditions générales d'utilisation."
#: api/forms.py
msgid "You must approve the terms and conditions of use."
msgstr "Vous devez approuver les conditions générales d'utilisation."
#: api/forms.py
msgid "You must confirm that this is your username."
msgstr "Vous devez confirmer que c'est bien votre nom d'utilisateur."
#: api/forms.py
#, python-format
msgid "I confirm that %(username)s is my username on %(app)s"
msgstr "Je confirme que %(username)s est mon nom d'utilisateur sur %(app)s"
#: api/models.py club/models.py com/models.py counter/models.py forum/models.py #: api/models.py club/models.py com/models.py counter/models.py forum/models.py
msgid "name" msgid "name"
msgstr "nom" msgstr "nom"
@@ -89,10 +68,6 @@ msgstr "permissions du client"
msgid "Specific permissions for this api client." msgid "Specific permissions for this api client."
msgstr "Permissions spécifiques pour ce client d'API" msgstr "Permissions spécifiques pour ce client d'API"
#: api/models.py
msgid "HMAC Key"
msgstr "Clef HMAC"
#: api/models.py #: api/models.py
msgid "api client" msgid "api client"
msgstr "client d'api" msgstr "client d'api"
@@ -122,63 +97,6 @@ msgstr "clef d'api"
msgid "api keys" msgid "api keys"
msgstr "clefs d'api" msgstr "clefs d'api"
#: api/templates/api/third_party/auth.jinja
msgid "Confidentiality"
msgstr "Confidentialité"
#: api/templates/api/third_party/auth.jinja
#, python-format
msgid ""
"By ticking this box and clicking on the send button, you acknowledge and "
"agree to provide %(app)s with your first name, last name, nickname and any "
"other information that was the third party app was explicitly authorized to "
"fetch and that it must have acknowledged to you, in a complete and accurate "
"manner."
msgstr ""
"En cochant cette case et en cliquant sur le bouton « Envoyer », vous "
"reconnaissez et acceptez de fournir à %(app)s votre prénom, nom, pseudonyme "
"et toute autre information que l'application tierce a été explicitement "
"autorisée à récupérer et qu'elle doit vous avoir communiqué de manière "
"complète et exacte."
#: api/templates/api/third_party/auth.jinja
#, python-format
msgid ""
"The privacy policies of <a href=\"%(privacy_link)s\">%(app)s</a> and of <a "
"href=\"%(sith_cgu_link)s\">the Students' Association</a> applies as soon as "
"the form is submitted."
msgstr ""
"Les politiques de confidentialité de <a href=\"%(privacy_link)s\">%(app)s</a> et de <a "
"href=\"%(sith_cgu_link)s\">l'Association des Etudiants</a> s'appliquent dès la soumission "
"du formulaire."
#: api/templates/api/third_party/auth.jinja
msgid "Confirmation of identity"
msgstr "Confirmation d'identité"
#: api/views.py
#, python-format
msgid ""
"You are going to link your AE account and your %(app)s account. Continue "
"only if this page was opened from %(app)s."
msgstr ""
"Vous allez lier votre compte AE et votre compte %(app)s. Poursuivez "
"uniquement si cette page a été ouverte depuis %(app)s."
#: api/views.py
msgid "You have been successfully authenticated. You can now close this page."
msgstr "Vous avez été authentifié avec succès. Vous pouvez maintenant fermer cette page."
#: api/views.py
msgid ""
"Your authentication on the AE website was successful, but an error happened "
"during the interaction with the third-party application. Please contact the "
"managers of the latter."
msgstr ""
"Votre authentification sur le site AE a fonctionné, mais une erreur est arrivée "
"durant l'interaction avec l'application tierce. Veuillez contacter les responsables "
"de cette dernière."
#: club/forms.py #: club/forms.py
msgid "Users to add" msgid "Users to add"
msgstr "Utilisateurs à ajouter" msgstr "Utilisateurs à ajouter"
@@ -199,7 +117,7 @@ msgstr "S'abonner"
msgid "Remove" msgid "Remove"
msgstr "Retirer" msgstr "Retirer"
#: club/forms.py counter/forms.py pedagogy/templates/pedagogy/moderation.jinja #: club/forms.py pedagogy/templates/pedagogy/moderation.jinja
msgid "Action" msgid "Action"
msgstr "Action" msgstr "Action"
@@ -223,12 +141,12 @@ msgstr "vous devez spécifier au moins un utilisateur ou une adresse email"
msgid "Begin date" msgid "Begin date"
msgstr "Date de début" msgstr "Date de début"
#: club/forms.py com/forms.py counter/forms.py election/forms.py #: club/forms.py com/forms.py counter/forms.py election/views.py
#: subscription/forms.py #: subscription/forms.py
msgid "End date" msgid "End date"
msgstr "Date de fin" msgstr "Date de fin"
#: club/forms.py club/templates/club/club_sellings.jinja club/views.py #: club/forms.py club/templates/club/club_sellings.jinja
#: core/templates/core/user_account_detail.jinja #: core/templates/core/user_account_detail.jinja
#: counter/templates/counter/cash_summary_list.jinja counter/views/mixins.py #: counter/templates/counter/cash_summary_list.jinja counter/views/mixins.py
msgid "Counter" msgid "Counter"
@@ -491,7 +409,7 @@ msgstr "Total : "
msgid "Benefit: " msgid "Benefit: "
msgstr "Bénéfice : " msgstr "Bénéfice : "
#: club/templates/club/club_sellings.jinja club/views.py #: club/templates/club/club_sellings.jinja
#: core/templates/core/user_account_detail.jinja #: core/templates/core/user_account_detail.jinja
#: counter/templates/counter/cash_summary_list.jinja #: counter/templates/counter/cash_summary_list.jinja
#: counter/templates/counter/last_ops.jinja #: counter/templates/counter/last_ops.jinja
@@ -501,34 +419,34 @@ msgstr "Bénéfice : "
msgid "Date" msgid "Date"
msgstr "Date" msgstr "Date"
#: club/templates/club/club_sellings.jinja club/views.py #: club/templates/club/club_sellings.jinja
#: core/templates/core/user_account_detail.jinja #: core/templates/core/user_account_detail.jinja
#: counter/templates/counter/last_ops.jinja #: counter/templates/counter/last_ops.jinja
msgid "Barman" msgid "Barman"
msgstr "Barman" msgstr "Barman"
#: club/templates/club/club_sellings.jinja club/views.py #: club/templates/club/club_sellings.jinja
#: counter/templates/counter/counter_click.jinja #: counter/templates/counter/counter_click.jinja
#: counter/templates/counter/last_ops.jinja #: counter/templates/counter/last_ops.jinja
#: counter/templates/counter/refilling_list.jinja #: counter/templates/counter/refilling_list.jinja
msgid "Customer" msgid "Customer"
msgstr "Client" msgstr "Client"
#: club/templates/club/club_sellings.jinja club/views.py #: club/templates/club/club_sellings.jinja
#: core/templates/core/user_account_detail.jinja #: core/templates/core/user_account_detail.jinja
#: counter/templates/counter/last_ops.jinja #: counter/templates/counter/last_ops.jinja
#: rootplace/templates/rootplace/logs.jinja #: rootplace/templates/rootplace/logs.jinja
msgid "Label" msgid "Label"
msgstr "Étiquette" msgstr "Étiquette"
#: club/templates/club/club_sellings.jinja club/views.py #: club/templates/club/club_sellings.jinja
#: core/templates/core/user_account_detail.jinja #: core/templates/core/user_account_detail.jinja
#: core/templates/core/user_stats.jinja #: core/templates/core/user_stats.jinja
#: counter/templates/counter/last_ops.jinja #: counter/templates/counter/last_ops.jinja
msgid "Quantity" msgid "Quantity"
msgstr "Quantité" msgstr "Quantité"
#: club/templates/club/club_sellings.jinja club/views.py #: club/templates/club/club_sellings.jinja
#: core/templates/core/user_account.jinja #: core/templates/core/user_account.jinja
#: core/templates/core/user_account_detail.jinja #: core/templates/core/user_account_detail.jinja
#: counter/templates/counter/cash_summary_list.jinja #: counter/templates/counter/cash_summary_list.jinja
@@ -538,7 +456,7 @@ msgstr "Quantité"
msgid "Total" msgid "Total"
msgstr "Total" msgstr "Total"
#: club/templates/club/club_sellings.jinja club/views.py #: club/templates/club/club_sellings.jinja
#: core/templates/core/user_account_detail.jinja #: core/templates/core/user_account_detail.jinja
#: core/templates/core/user_detail.jinja #: core/templates/core/user_detail.jinja
#: counter/templates/counter/last_ops.jinja #: counter/templates/counter/last_ops.jinja
@@ -638,8 +556,6 @@ msgstr ""
#: core/templates/core/user_godfathers_tree.jinja #: core/templates/core/user_godfathers_tree.jinja
#: core/templates/core/user_preferences.jinja #: core/templates/core/user_preferences.jinja
#: counter/templates/counter/cash_register_summary.jinja #: counter/templates/counter/cash_register_summary.jinja
#: counter/templates/counter/invoices_call.jinja
#: counter/templates/counter/product_form.jinja
#: forum/templates/forum/reply.jinja #: forum/templates/forum/reply.jinja
#: subscription/templates/subscription/fragments/creation_form.jinja #: subscription/templates/subscription/fragments/creation_form.jinja
#: trombi/templates/trombi/comment.jinja #: trombi/templates/trombi/comment.jinja
@@ -772,32 +688,20 @@ msgstr "Vente"
msgid "Mailing list" msgid "Mailing list"
msgstr "Listes de diffusion" msgstr "Listes de diffusion"
#: club/views.py
msgid "You are now a member of this club."
msgstr "Vous êtes maintenant membre de ce club."
#: club/views.py #: club/views.py
#, python-format #, python-format
msgid "%(user)s has been added to club." msgid "%(user)s has been added to club."
msgstr "%(user)s a été ajouté au club." msgstr "%(user)s a été ajouté au club."
#: club/views.py #: club/views.py
msgid "Benefit" msgid "You are now a member of this club."
msgstr "Bénéfice" msgstr "Vous êtes maintenant membre de ce club."
#: club/views.py
msgid "Selling price"
msgstr "Prix de vente"
#: club/views.py
msgid "Purchase price"
msgstr "Prix d'achat"
#: com/forms.py #: com/forms.py
msgid "Format: 16:9 | Resolution: 1920x1080" msgid "Format: 16:9 | Resolution: 1920x1080"
msgstr "Format : 16:9 | Résolution : 1920x1080" msgstr "Format : 16:9 | Résolution : 1920x1080"
#: com/forms.py election/forms.py subscription/forms.py #: com/forms.py election/views.py subscription/forms.py
msgid "Start date" msgid "Start date"
msgstr "Date de début" msgstr "Date de début"
@@ -987,8 +891,7 @@ msgstr "Administration des mailing listes"
msgid "Actions" msgid "Actions"
msgstr "Actions" msgstr "Actions"
#: com/templates/com/mailing_admin.jinja com/templates/com/poster_list.jinja #: com/templates/com/mailing_admin.jinja core/templates/core/file_detail.jinja
#: core/templates/core/file_detail.jinja
#: core/templates/core/file_moderation.jinja sas/templates/sas/moderation.jinja #: core/templates/core/file_moderation.jinja sas/templates/sas/moderation.jinja
#: sas/templates/sas/picture.jinja #: sas/templates/sas/picture.jinja
msgid "Moderate" msgid "Moderate"
@@ -1125,7 +1028,7 @@ msgstr "Événements aujourd'hui et dans les prochains jours"
#: com/templates/com/news_list.jinja #: com/templates/com/news_list.jinja
msgid "Administrate news" msgid "Administrate news"
msgstr "Administrer les nouvelles" msgstr "Administrer les news"
#: com/templates/com/news_list.jinja #: com/templates/com/news_list.jinja
msgid "Nothing to come..." msgid "Nothing to come..."
@@ -1158,10 +1061,6 @@ msgstr "Nos services"
msgid "UV Guide" msgid "UV Guide"
msgstr "Guide des UVs" msgstr "Guide des UVs"
#: com/templates/com/news_list.jinja
msgid "Timetable"
msgstr "Emploi du temps"
#: com/templates/com/news_list.jinja core/templates/core/base/navbar.jinja #: com/templates/com/news_list.jinja core/templates/core/base/navbar.jinja
msgid "Matmatronch" msgid "Matmatronch"
msgstr "Matmatronch" msgstr "Matmatronch"
@@ -1204,7 +1103,8 @@ msgstr "Vous n'avez pas accès à ce contenu"
msgid "Poster" msgid "Poster"
msgstr "Affiche" msgstr "Affiche"
#: com/templates/com/poster_edit.jinja com/templates/com/screen_edit.jinja #: com/templates/com/poster_edit.jinja com/templates/com/poster_moderate.jinja
#: com/templates/com/screen_edit.jinja
msgid "List" msgid "List"
msgstr "Liste" msgstr "Liste"
@@ -1217,14 +1117,26 @@ msgstr "Affiche - modifier"
msgid "Create" msgid "Create"
msgstr "Créer" msgstr "Créer"
#: com/templates/com/poster_list.jinja com/templates/com/screen_slideshow.jinja #: com/templates/com/poster_list.jinja
msgid "Click to expand" msgid "Moderation"
msgstr "Cliquez pour agrandir" msgstr "Modération"
#: com/templates/com/poster_list.jinja #: com/templates/com/poster_list.jinja
msgid "No posters" msgid "No posters"
msgstr "Aucune affiche" msgstr "Aucune affiche"
#: com/templates/com/poster_list.jinja com/templates/com/screen_slideshow.jinja
msgid "Click to expand"
msgstr "Cliquez pour agrandir"
#: com/templates/com/poster_moderate.jinja
msgid "Posters - moderation"
msgstr "Affiches - modération"
#: com/templates/com/poster_moderate.jinja
msgid "No objects"
msgstr "Aucun éléments"
#: com/templates/com/screen_edit.jinja #: com/templates/com/screen_edit.jinja
msgid "Screen" msgid "Screen"
msgstr "Écran" msgstr "Écran"
@@ -3039,18 +2951,6 @@ msgstr "Cet UID est invalide"
msgid "User not found" msgid "User not found"
msgstr "Utilisateur non trouvé" msgstr "Utilisateur non trouvé"
#: counter/forms.py
msgid "Date and time of action"
msgstr "Date et heure de l'action"
#: counter/forms.py
msgid "New counters"
msgstr "Nouveaux comptoirs"
#: counter/forms.py
msgid "The selected counters will replace the current ones"
msgstr "Les comptoirs sélectionnés remplaceront les comptoirs actuels"
#: counter/forms.py #: counter/forms.py
msgid "" msgid ""
"Describe the product. If it's an event's click, give some insights about it, " "Describe the product. If it's an event's click, give some insights about it, "
@@ -3385,52 +3285,6 @@ msgid "The returnable product cannot be the same as the returned one"
msgstr "" msgstr ""
"Le produit consigné ne peut pas être le même que le produit de déconsigne" "Le produit consigné ne peut pas être le même que le produit de déconsigne"
#: counter/models.py
msgid "Archiving"
msgstr "Archivage"
#: counter/models.py
msgid "Counters change"
msgstr "Changement des comptoirs"
#: counter/models.py
msgid "Product scheduled action"
msgstr "Actions sur produit planifiées"
#: counter/models.py
msgid "Product actions must declare a clocked schedule."
msgstr "Les actions sur les produits doivent avoir un horaire planifié."
#: counter/models.py
msgid "Year + month field (day forced to 1)"
msgstr "Champ Année + mois (jour forcé à 1)"
#: counter/models.py
#, python-format
msgid ""
"%(value)s” value has an invalid date format. It must be in YYYY-MM format."
msgstr ""
"La valeur « %(value)s » a un format de date invalide. Ce doit être au format "
"YYYY-MM."
#: counter/models.py
#, python-format
msgid ""
"%(value)s” value has the correct format (YYYY-MM) but it is an invalid date."
msgstr "La valeur « %(value)s » a le bon format, mais est une date invalide."
#: counter/models.py
msgid "invoice date"
msgstr "date de la facture"
#: counter/models.py
msgid "Invoice call"
msgstr "Appel à facture"
#: counter/models.py
msgid "Invoice calls"
msgstr "Appels à facture"
#: counter/templates/counter/activity.jinja #: counter/templates/counter/activity.jinja
#, python-format #, python-format
msgid "%(counter_name)s activity" msgid "%(counter_name)s activity"
@@ -3661,10 +3515,6 @@ msgstr "Payements en Carte Bancaire"
msgid "Sum" msgid "Sum"
msgstr "Somme" msgstr "Somme"
#: counter/templates/counter/invoices_call.jinja
msgid "Validated"
msgstr "Validé"
#: counter/templates/counter/last_ops.jinja #: counter/templates/counter/last_ops.jinja
#, python-format #, python-format
msgid "%(counter_name)s last operations" msgid "%(counter_name)s last operations"
@@ -3753,25 +3603,6 @@ msgstr ""
"votre cotisation. Si vous ne renouvelez pas votre cotisation, il n'y aura " "votre cotisation. Si vous ne renouvelez pas votre cotisation, il n'y aura "
"aucune conséquence autre que le retrait de l'argent de votre compte." "aucune conséquence autre que le retrait de l'argent de votre compte."
#: counter/templates/counter/product_form.jinja
#, python-format
msgid "Edit product %(name)s"
msgstr "Édition du produit %(name)s"
#: counter/templates/counter/product_form.jinja
msgid "Product creation"
msgstr "Création de produit"
#: counter/templates/counter/product_form.jinja
msgid "Automatic actions"
msgstr "Actions automatiques"
#: counter/templates/counter/product_form.jinja
msgid "Automatic actions allows to schedule product changes ahead of time."
msgstr ""
"Les actions automatiques vous permettent de planifier des modifications du "
"produit à l'avance."
#: counter/templates/counter/product_list.jinja #: counter/templates/counter/product_list.jinja
msgid "Product list" msgid "Product list"
msgstr "Liste des produits" msgstr "Liste des produits"
@@ -3954,10 +3785,6 @@ msgstr "L'utilisateur n'est pas barman."
msgid "Bad location, someone is already logged in somewhere else" msgid "Bad location, someone is already logged in somewhere else"
msgstr "Mauvais comptoir, quelqu'un est déjà connecté ailleurs" msgstr "Mauvais comptoir, quelqu'un est déjà connecté ailleurs"
#: counter/views/invoice.py
msgid "Invoice calls status has been updated."
msgstr "Le statut des appels à facture a été mis à jour."
#: counter/views/mixins.py #: counter/views/mixins.py
msgid "Cash summary" msgid "Cash summary"
msgstr "Relevé de caisse" msgstr "Relevé de caisse"
@@ -4125,30 +3952,6 @@ msgstr ""
msgid "You can't buy a refilling with sith money" msgid "You can't buy a refilling with sith money"
msgstr "Vous ne pouvez pas acheter un rechargement avec de l'argent du sith" msgstr "Vous ne pouvez pas acheter un rechargement avec de l'argent du sith"
#: election/forms.py
msgid "You have selected too many candidates."
msgstr "Vous avez sélectionné trop de candidats."
#: election/forms.py
msgid "User to candidate"
msgstr "Utilisateur se présentant"
#: election/forms.py election/templates/election/election_detail.jinja
msgid "Blank vote"
msgstr "Vote blanc"
#: election/forms.py
msgid "This role already exists for this election"
msgstr "Ce rôle existe déjà pour cette élection"
#: election/forms.py
msgid "Start candidature"
msgstr "Début des candidatures"
#: election/forms.py
msgid "End candidature"
msgstr "Fin des candidatures"
#: election/models.py #: election/models.py
msgid "start candidature" msgid "start candidature"
msgstr "début des candidatures" msgstr "début des candidatures"
@@ -4173,10 +3976,6 @@ msgstr "groupe de vote"
msgid "candidature groups" msgid "candidature groups"
msgstr "groupe de candidature" msgstr "groupe de candidature"
#: election/models.py
msgid "voters"
msgstr "électeurs"
#: election/models.py #: election/models.py
msgid "election" msgid "election"
msgstr "élection" msgstr "élection"
@@ -4232,10 +4031,17 @@ msgstr "Vous avez déjà soumis votre vote."
msgid "You have voted in this election." msgid "You have voted in this election."
msgstr "Vous avez déjà voté pour cette élection." msgstr "Vous avez déjà voté pour cette élection."
#: election/templates/election/election_detail.jinja election/views.py
msgid "Blank vote"
msgstr "Vote blanc"
#: election/templates/election/election_detail.jinja #: election/templates/election/election_detail.jinja
#, python-format msgid "You may choose up to"
msgid "You may choose up to %(nb_choices)s people." msgstr "Vous pouvez choisir jusqu'à"
msgstr "Vous pouvez choisir jusqu'à %(nb_choices)s personnes."
#: election/templates/election/election_detail.jinja
msgid "people."
msgstr "personne(s)"
#: election/templates/election/election_detail.jinja #: election/templates/election/election_detail.jinja
msgid "Choose blank vote" msgid "Choose blank vote"
@@ -4277,6 +4083,26 @@ msgstr "au"
msgid "Polls open from" msgid "Polls open from"
msgstr "Votes ouverts du" msgstr "Votes ouverts du"
#: election/views.py
msgid "You have selected too much candidates."
msgstr "Vous avez sélectionné trop de candidats."
#: election/views.py
msgid "User to candidate"
msgstr "Utilisateur se présentant"
#: election/views.py
msgid "This role already exists for this election"
msgstr "Ce rôle existe déjà pour cette élection"
#: election/views.py
msgid "Start candidature"
msgstr "Début des candidatures"
#: election/views.py
msgid "End candidature"
msgstr "Fin des candidatures"
#: forum/models.py #: forum/models.py
msgid "is a category" msgid "is a category"
msgstr "est une catégorie" msgstr "est une catégorie"
@@ -5148,47 +4974,47 @@ msgstr "Suppression de rechargement"
#: sith/settings.py #: sith/settings.py
msgid "One semester" msgid "One semester"
msgstr "Un semestre" msgstr "Un semestre, 20 €"
#: sith/settings.py #: sith/settings.py
msgid "Two semesters" msgid "Two semesters"
msgstr "Deux semestres" msgstr "Deux semestres, 35 €"
#: sith/settings.py #: sith/settings.py
msgid "Common core cursus" msgid "Common core cursus"
msgstr "Cursus tronc commun" msgstr "Cursus tronc commun, 60 €"
#: sith/settings.py #: sith/settings.py
msgid "Branch cursus" msgid "Branch cursus"
msgstr "Cursus branche" msgstr "Cursus branche, 60 €"
#: sith/settings.py #: sith/settings.py
msgid "Alternating cursus" msgid "Alternating cursus"
msgstr "Cursus alternant" msgstr "Cursus alternant, 30 €"
#: sith/settings.py #: sith/settings.py
msgid "Honorary member" msgid "Honorary member"
msgstr "Membre honoraire" msgstr "Membre honoraire, 0 €"
#: sith/settings.py #: sith/settings.py
msgid "Assidu member" msgid "Assidu member"
msgstr "Membre d'Assidu" msgstr "Membre d'Assidu, 0 €"
#: sith/settings.py #: sith/settings.py
msgid "Amicale/DOCEO member" msgid "Amicale/DOCEO member"
msgstr "Membre de l'Amicale/DOCEO" msgstr "Membre de l'Amicale/DOCEO, 0 €"
#: sith/settings.py #: sith/settings.py
msgid "UT network member" msgid "UT network member"
msgstr "Cotisant du réseau UT" msgstr "Cotisant du réseau UT, 0 €"
#: sith/settings.py #: sith/settings.py
msgid "CROUS member" msgid "CROUS member"
msgstr "Membres du CROUS" msgstr "Membres du CROUS, 0 €"
#: sith/settings.py #: sith/settings.py
msgid "Sbarro/ESTA member" msgid "Sbarro/ESTA member"
msgstr "Membre de Sbarro ou de l'ESTA" msgstr "Membre de Sbarro ou de l'ESTA, 20 €"
#: sith/settings.py #: sith/settings.py
msgid "One semester Welcome Week" msgid "One semester Welcome Week"
@@ -5215,28 +5041,28 @@ msgid "One day"
msgstr "Un jour" msgstr "Un jour"
#: sith/settings.py #: sith/settings.py
msgid "GA staff member (2 weeks)" msgid "GA staff member"
msgstr "Membre staff GA (2 semaines)" msgstr "Membre staff GA (2 semaines), 1 €"
#: sith/settings.py #: sith/settings.py
msgid "One semester (-20%)" msgid "One semester (-20%)"
msgstr "Un semestre (-20%)" msgstr "Un semestre (-20%), 12 €"
#: sith/settings.py #: sith/settings.py
msgid "Two semesters (-20%)" msgid "Two semesters (-20%)"
msgstr "Deux semestres (-20%)" msgstr "Deux semestres (-20%), 22 €"
#: sith/settings.py #: sith/settings.py
msgid "Common core cursus (-20%)" msgid "Common core cursus (-20%)"
msgstr "Cursus tronc commun (-20%)" msgstr "Cursus tronc commun (-20%), 36 €"
#: sith/settings.py #: sith/settings.py
msgid "Branch cursus (-20%)" msgid "Branch cursus (-20%)"
msgstr "Cursus branche (-20%)" msgstr "Cursus branche (-20%), 36 €"
#: sith/settings.py #: sith/settings.py
msgid "Alternating cursus (-20%)" msgid "Alternating cursus (-20%)"
msgstr "Cursus alternant (-20%)" msgstr "Cursus alternant (-20%), 24 €"
#: sith/settings.py #: sith/settings.py
msgid "One year for free(CA offer)" msgid "One year for free(CA offer)"
@@ -5410,18 +5236,6 @@ msgstr "Membre existant"
msgid "the groups that can create subscriptions" msgid "the groups that can create subscriptions"
msgstr "les groupes pouvant créer des cotisations" msgstr "les groupes pouvant créer des cotisations"
#: timetable/templates/timetable/generator.jinja
msgid "Timetable generator"
msgstr "Générateur d'emploi du temps"
#: timetable/templates/timetable/generator.jinja
msgid "Generate"
msgstr "Générer"
#: timetable/templates/timetable/generator.jinja
msgid "Save to PNG"
msgstr "Sauver en PNG"
#: trombi/models.py #: trombi/models.py
msgid "subscription deadline" msgid "subscription deadline"
msgstr "fin des inscriptions" msgstr "fin des inscriptions"

3
mkdocs.yml
View File

@@ -69,7 +69,6 @@ nav:
- API: - API:
- Développement: tutorial/api/dev.md - Développement: tutorial/api/dev.md
- Connexion à l'API: tutorial/api/connect.md - Connexion à l'API: tutorial/api/connect.md
- Liaison avec le compte AE: tutorial/api/account-link.md
- Etransactions: tutorial/etransaction.md - Etransactions: tutorial/etransaction.md
- How-to: - How-to:
- L'ORM de Django: howto/querysets.md - L'ORM de Django: howto/querysets.md
@@ -92,8 +91,6 @@ nav:
- reference/api/hashers.md - reference/api/hashers.md
- reference/api/models.md - reference/api/models.md
- reference/api/perms.md - reference/api/perms.md
- reference/api/schemas.md
- reference/api/views.md
- club: - club:
- reference/club/models.md - reference/club/models.md
- reference/club/views.md - reference/club/views.md

1104
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

59
package.json
View File

@@ -24,48 +24,47 @@
"#com:*": "./com/static/bundled/*" "#com:*": "./com/static/bundled/*"
}, },
"devDependencies": { "devDependencies": {
"@babel/core": "^7.28.5", "@babel/core": "^7.25.2",
"@babel/preset-env": "^7.28.5", "@babel/preset-env": "^7.25.4",
"@biomejs/biome": "^1.9.4", "@biomejs/biome": "1.9.4",
"@hey-api/openapi-ts": "^0.73.0", "@hey-api/openapi-ts": "^0.73.0",
"@rollup/plugin-inject": "^5.0.5", "@rollup/plugin-inject": "^5.0.5",
"@types/alpinejs": "^3.13.11", "@types/alpinejs": "^3.13.10",
"@types/cytoscape-cxtmenu": "^3.4.5", "@types/cytoscape-cxtmenu": "^3.4.4",
"@types/cytoscape-klay": "^3.1.5", "@types/cytoscape-klay": "^3.1.4",
"@types/js-cookie": "^3.0.6", "@types/js-cookie": "^3.0.6",
"typescript": "^5.9.3", "typescript": "^5.8.3",
"vite": "^6.4.1", "vite": "^6.3.6",
"vite-bundle-visualizer": "^1.2.1", "vite-bundle-visualizer": "^1.2.1",
"vite-plugin-static-copy": "^3.1.4" "vite-plugin-static-copy": "^3.1.2"
}, },
"dependencies": { "dependencies": {
"@alpinejs/sort": "^3.15.1", "@alpinejs/sort": "^3.14.7",
"@arendjr/text-clipper": "npm:@jsr/arendjr__text-clipper@^3.0.0", "@arendjr/text-clipper": "npm:@jsr/arendjr__text-clipper@^3.0.0",
"@floating-ui/dom": "^1.7.4", "@floating-ui/dom": "^1.6.13",
"@fortawesome/fontawesome-free": "^6.7.2", "@fortawesome/fontawesome-free": "^6.6.0",
"@fullcalendar/core": "^6.1.19", "@fullcalendar/core": "^6.1.15",
"@fullcalendar/daygrid": "^6.1.19", "@fullcalendar/daygrid": "^6.1.15",
"@fullcalendar/icalendar": "^6.1.19", "@fullcalendar/icalendar": "^6.1.15",
"@fullcalendar/list": "^6.1.19", "@fullcalendar/list": "^6.1.15",
"@sentry/browser": "^9.46.0", "@sentry/browser": "^9.29.0",
"@zip.js/zip.js": "^2.8.9", "@zip.js/zip.js": "^2.7.52",
"3d-force-graph": "^1.79.0", "3d-force-graph": "^1.73.4",
"alpinejs": "^3.15.1", "alpinejs": "^3.14.7",
"chart.js": "^4.5.1", "chart.js": "^4.4.4",
"country-flag-emoji-polyfill": "^0.1.8", "country-flag-emoji-polyfill": "^0.1.8",
"cytoscape": "^3.33.1", "cytoscape": "^3.30.2",
"cytoscape-cxtmenu": "^3.5.0", "cytoscape-cxtmenu": "^3.5.0",
"cytoscape-klay": "^3.1.4", "cytoscape-klay": "^3.1.4",
"d3-force-3d": "^3.0.6", "d3-force-3d": "^3.0.5",
"easymde": "^2.20.0", "easymde": "^2.19.0",
"glob": "^11.0.3", "glob": "^11.0.0",
"html2canvas": "^1.4.1", "htmx.org": "^2.0.3",
"htmx.org": "^2.0.8",
"js-cookie": "^3.0.5", "js-cookie": "^3.0.5",
"lit-html": "^3.3.1", "lit-html": "^3.3.0",
"native-file-system-adapter": "^3.0.1", "native-file-system-adapter": "^3.0.1",
"three": "^0.177.0", "three": "^0.177.0",
"three-spritetext": "^1.10.0", "three-spritetext": "^1.9.0",
"tom-select": "^2.4.3" "tom-select": "^2.3.1"
} }
} }

70
pyproject.toml
View File

@@ -19,36 +19,36 @@ authors = [
license = { text = "GPL-3.0-only" } license = { text = "GPL-3.0-only" }
requires-python = "<4.0,>=3.12" requires-python = "<4.0,>=3.12"
dependencies = [ dependencies = [
"django>=5.2.8,<6.0.0", "django>=5.2.1,<6.0.0",
"django-ninja>=1.4.5,<2.0.0", "django-ninja<2.0.0,>=1.4.0",
"django-ninja-extra>=0.30.2,<1.0.0", "django-ninja-extra<1.0.0,>=0.22.9",
"Pillow>=12.0.0,<13.0.0", "Pillow<12.0.0,>=11.1.0",
"mistune>=3.1.4,<4.0.0", "mistune<4.0.0,>=3.1.3",
"django-jinja<3.0.0,>=2.11.0", "django-jinja<3.0.0,>=2.11.0",
"cryptography>=46.0.3,<47.0.0", "cryptography>=45.0.3,<46.0.0",
"django-phonenumber-field>=8.3.0,<9.0.0", "django-phonenumber-field<9.0.0,>=8.1.0",
"phonenumbers>=9.0.18,<10.0.0", "phonenumbers>=9.0.2,<10.0.0",
"reportlab>=4.4.4,<5.0.0", "reportlab<5.0.0,>=4.3.1",
"django-haystack<4.0.0,>=3.3.0", "django-haystack<4.0.0,>=3.3.0",
"xapian-haystack<4.0.0,>=3.1.0", "xapian-haystack<4.0.0,>=3.1.0",
"libsass<1.0.0,>=0.23.0", "libsass<1.0.0,>=0.23.0",
"django-ordered-model<4.0.0,>=3.7.4", "django-ordered-model<4.0.0,>=3.7.4",
"django-simple-captcha<1.0.0,>=0.6.2", "django-simple-captcha<1.0.0,>=0.6.2",
"python-dateutil<3.0.0.0,>=2.9.0.post0", "python-dateutil<3.0.0.0,>=2.9.0.post0",
"sentry-sdk>=2.43.0,<3.0.0", "sentry-sdk<3.0.0,>=2.25.1",
"jinja2<4.0.0,>=3.1.6", "jinja2<4.0.0,>=3.1.6",
"django-countries>=8.0.0,<9.0.0", "django-countries<8.0.0,>=7.6.1",
"dict2xml>=1.7.7,<2.0.0", "dict2xml<2.0.0,>=1.7.6",
"Sphinx<6,>=5", "Sphinx<6,>=5",
"tomli>=2.3.0,<3.0.0", "tomli<3.0.0,>=2.2.1",
"django-honeypot>=1.3.0,<2", "django-honeypot>=1.3.0,<2",
"pydantic-extra-types>=2.10.6,<3.0.0", "pydantic-extra-types<3.0.0,>=2.10.3",
"ical>=11.1.0,<12", "ical>=11,<12",
"redis[hiredis]<7,>=5.3.0", "redis[hiredis]<7,>=5.3.0",
"environs[django]>=14.5.0,<15.0.0", "environs[django]<15.0.0,>=14.1.1",
"requests>=2.32.5,<3.0.0", "requests>=2.32.3",
"honcho>=2.0.0", "honcho>=2.0.0",
"psutil>=7.1.3,<8.0.0", "psutil>=7.0.0",
"celery[redis]>=5.5.2", "celery[redis]>=5.5.2",
"django-celery-results>=2.5.1", "django-celery-results>=2.5.1",
"django-celery-beat>=2.7.0", "django-celery-beat>=2.7.0",
@@ -60,32 +60,32 @@ documentation = "https://sith-ae.readthedocs.io/"
[dependency-groups] [dependency-groups]
prod = [ prod = [
"psycopg[c]>=3.2.12,<4.0.0", "psycopg[c]>=3.2.9,<4.0.0",
] ]
dev = [ dev = [
"django-debug-toolbar>=6.1.0,<7", "django-debug-toolbar>=6,<7",
"ipython>=9.7.0,<10.0.0", "ipython<10.0.0,>=9.0.2",
"pre-commit>=4.3.0,<5.0.0", "pre-commit<5.0.0,>=4.1.0",
"ruff>=0.14.4,<1.0.0", "ruff>=0.11.13,<1.0.0",
"djhtml>=3.0.10,<4.0.0", "djhtml<4.0.0,>=3.0.7",
"faker>=37.12.0,<38.0.0", "faker<38.0.0,>=37.0.0",
"rjsmin>=1.2.5,<2.0.0", "rjsmin<2.0.0,>=1.2.4",
] ]
tests = [ tests = [
"freezegun>=1.5.5,<2.0.0", "freezegun<2.0.0,>=1.5.1",
"pytest>=8.4.2,<9.0.0", "pytest<9.0.0,>=8.3.5",
"pytest-cov>=7.0.0,<8.0.0", "pytest-cov<7.0.0,>=6.0.0",
"pytest-django<5.0.0,>=4.10.0", "pytest-django<5.0.0,>=4.10.0",
"model-bakery<2.0.0,>=1.20.4", "model-bakery<2.0.0,>=1.20.4",
"beautifulsoup4>=4.14.2,<5", "beautifulsoup4>=4.13.3,<5",
"lxml>=6.0.2,<7", "lxml>=6,<7",
] ]
docs = [ docs = [
"mkdocs<2.0.0,>=1.6.1", "mkdocs<2.0.0,>=1.6.1",
"mkdocs-material>=9.6.23,<10.0.0", "mkdocs-material<10.0.0,>=9.6.7",
"mkdocstrings>=0.30.1,<1.0.0", "mkdocstrings<1.0.0,>=0.28.3",
"mkdocstrings-python>=1.18.2,<2.0.0", "mkdocstrings-python<2.0.0,>=1.16.3",
"mkdocs-include-markdown-plugin>=7.2.0,<8.0.0", "mkdocs-include-markdown-plugin<8.0.0,>=7.1.5",
] ]
[tool.uv] [tool.uv]

5
sas/static/bundled/sas/pictures-download-index.ts
View File

@@ -5,13 +5,12 @@ import type { PictureSchema } from "#openapi";
document.addEventListener("alpine:init", () => { document.addEventListener("alpine:init", () => {
Alpine.data("pictures_download", () => ({ Alpine.data("pictures_download", () => ({
isDownloading: false, isDownloading: false,
downloadPictures: [] as PictureSchema[],
async downloadZip() { async downloadZip() {
this.isDownloading = true; this.isDownloading = true;
const bar = this.$refs.progress; const bar = this.$refs.progress;
bar.value = 0; bar.value = 0;
bar.max = this.downloadPictures.length; bar.max = this.pictures.length;
const incrementProgressBar = (_total: number): undefined => { const incrementProgressBar = (_total: number): undefined => {
bar.value++; bar.value++;
@@ -30,7 +29,7 @@ document.addEventListener("alpine:init", () => {
const zipWriter = new ZipWriter(await fileHandle.createWritable()); const zipWriter = new ZipWriter(await fileHandle.createWritable());
await Promise.all( await Promise.all(
this.downloadPictures.map(async (p: PictureSchema) => { this.pictures.map((p: PictureSchema) => {
const imgName = `${p.album}/IMG_${p.date.replace(/[:\-]/g, "_")}${p.name.slice(p.name.lastIndexOf("."))}`; const imgName = `${p.album}/IMG_${p.date.replace(/[:\-]/g, "_")}${p.name.slice(p.name.lastIndexOf("."))}`;
return zipWriter.add(imgName, new HttpReader(p.full_size_url), { return zipWriter.add(imgName, new HttpReader(p.full_size_url), {
level: 9, level: 9,

23
sas/static/bundled/sas/user/pictures-index.ts
View File

@@ -7,7 +7,6 @@ import {
interface PagePictureConfig { interface PagePictureConfig {
userId: number; userId: number;
nbPictures?: number;
} }
interface Album { interface Album {
@@ -21,27 +20,11 @@ document.addEventListener("alpine:init", () => {
loading: true, loading: true,
albums: [] as Album[], albums: [] as Album[],
async fetchPictures(): Promise<PictureSchema[]> { async init() {
const localStorageKey = `user${config.userId}Pictures`;
const localStorageInvalidationKey = `user${config.userId}PicturesNumber`;
const lastCachedNumber = localStorage.getItem(localStorageInvalidationKey);
if (
lastCachedNumber !== null &&
Number.parseInt(lastCachedNumber) === config.nbPictures
) {
return JSON.parse(localStorage.getItem(localStorageKey));
}
const pictures = await paginated(picturesFetchPictures, { const pictures = await paginated(picturesFetchPictures, {
// biome-ignore lint/style/useNamingConvention: from python api // biome-ignore lint/style/useNamingConvention: from python api
query: { users_identified: [config.userId] }, query: { users_identified: [config.userId] },
} as PicturesFetchPicturesData); } as PicturesFetchPicturesData);
localStorage.setItem(localStorageInvalidationKey, config.nbPictures.toString());
localStorage.setItem(localStorageKey, JSON.stringify(pictures));
return pictures;
},
async init() {
const pictures = await this.fetchPictures();
const groupedAlbums = Object.groupBy(pictures, (i: PictureSchema) => i.album.id); const groupedAlbums = Object.groupBy(pictures, (i: PictureSchema) => i.album.id);
this.albums = Object.values(groupedAlbums).map((pictures: PictureSchema[]) => { this.albums = Object.values(groupedAlbums).map((pictures: PictureSchema[]) => {
return { return {
@@ -57,9 +40,5 @@ document.addEventListener("alpine:init", () => {
} }
this.loading = false; this.loading = false;
}, },
allPictures(): PictureSchema[] {
return this.albums.flatMap((album: Album) => album.pictures);
},
})); }));
}); });

2
sas/templates/sas/album.jinja
View File

@@ -85,7 +85,7 @@
<div x-data="pictures({ albumId: {{ album.id }}, maxPageSize: {{ settings.SITH_SAS_IMAGES_PER_PAGE }} })"> <div x-data="pictures({ albumId: {{ album.id }}, maxPageSize: {{ settings.SITH_SAS_IMAGES_PER_PAGE }} })">
<h4>{% trans %}Pictures{% endtrans %}</h4> <h4>{% trans %}Pictures{% endtrans %}</h4>
<br> <br>
{{ download_button(_("Download album"), "pictures") }} {{ download_button(_("Download album")) }}
<div class="photos" :aria-busy="loading" @pictures-upload-done.window="fetchPictures"> <div class="photos" :aria-busy="loading" @pictures-upload-done.window="fetchPictures">
<template x-for="picture in getPage(page)"> <template x-for="picture in getPage(page)">
<a :href="picture.sas_url"> <a :href="picture.sas_url">

15
sas/templates/sas/macros.jinja
View File

@@ -36,20 +36,21 @@
{% endmacro %} {% endmacro %}
{# Helper macro to create a download button for a {# Helper macro to create a download button for a
record of albums with alpine. record of albums with alpine
This needs to be used inside an alpine environment.
Downloaded pictures will be `pictures` from the
parent data store.
Note: Note:
This requires importing `bundled/sas/pictures-download-index.ts` This requires importing `bundled/sas/pictures-download-index.ts`
Parameters: Parameters:
name (str): name displayed on the button name (str): name displayed on the button
pictures (str): an alpine variable or function
which holds the images this button should download.
It must be different from "downloadPictures", or it won't work.
#} #}
{% macro download_button(name, pictures) %} {% macro download_button(name) %}
<div x-data="pictures_download()" x-modelable="downloadPictures" x-model="{{ pictures }}"> <div x-data="pictures_download">
<div x-show="downloadPictures.length > 0" x-cloak> <div x-show="albums.length > 0" x-cloak>
<button <button
:disabled="isDownloading" :disabled="isDownloading"
class="btn btn-blue {% if name == "" %}btn-no-text{% endif %}" class="btn btn-blue {% if name == "" %}btn-no-text{% endif %}"

8
sas/templates/sas/user_pictures.jinja
View File

@@ -15,18 +15,18 @@
{% endblock %} {% endblock %}
{% block content %} {% block content %}
<main x-data="user_pictures({ userId: {{ object.id }}, nbPictures: {{ object.nb_pictures }} })"> <main x-data="user_pictures({ userId: {{ object.id }} })">
{% if user.id == object.id %} {% if user.id == object.id %}
{{ download_button(_("Download all my pictures"), "allPictures()") }} {{ download_button(_("Download all my pictures")) }}
{% endif %} {% endif %}
<template x-for="album in albums" x-cloak> <template x-for="album in albums" x-cloak>
<section> <section>
<br /> <br />
<div class="row gap"> <div class="row">
<h4 x-text="album.name" :id="`album-${album.id}`"></h4> <h4 x-text="album.name" :id="`album-${album.id}`"></h4>
{% if user.id == object.id %} {% if user.id == object.id %}
{{ download_button("", "album.pictures") }} &nbsp;{{ download_button("") }}
{% endif %} {% endif %}
</div> </div>
<div class="photos"> <div class="photos">

10
sas/views.py
View File

@@ -16,7 +16,6 @@ from typing import Any
from django.conf import settings from django.conf import settings
from django.core.exceptions import PermissionDenied from django.core.exceptions import PermissionDenied
from django.db.models import Count, OuterRef, Subquery
from django.http import Http404, HttpResponseRedirect from django.http import Http404, HttpResponseRedirect
from django.shortcuts import get_object_or_404 from django.shortcuts import get_object_or_404
from django.urls import reverse from django.urls import reverse
@@ -37,7 +36,7 @@ from sas.forms import (
PictureModerationRequestForm, PictureModerationRequestForm,
PictureUploadForm, PictureUploadForm,
) )
from sas.models import Album, PeoplePictureRelation, Picture from sas.models import Album, Picture
class AlbumCreateFragment(FragmentMixin, CreateView): class AlbumCreateFragment(FragmentMixin, CreateView):
@@ -179,13 +178,6 @@ class UserPicturesView(UserTabsMixin, CanViewMixin, DetailView):
context_object_name = "profile" context_object_name = "profile"
template_name = "sas/user_pictures.jinja" template_name = "sas/user_pictures.jinja"
current_tab = "pictures" current_tab = "pictures"
queryset = User.objects.annotate(
nb_pictures=Subquery(
PeoplePictureRelation.objects.filter(user=OuterRef("id"))
.values("user_id")
.values(count=Count("*"))
)
).all()
# Admin views # Admin views

7
sith/settings.py
View File

@@ -125,7 +125,6 @@ INSTALLED_APPS = (
"pedagogy", "pedagogy",
"galaxy", "galaxy",
"antispam", "antispam",
"timetable",
"api", "api",
) )
@@ -406,8 +405,6 @@ SITH_FORUM_PAGE_LENGTH = 30
SITH_SAS_ROOT_DIR_ID = env.int("SITH_SAS_ROOT_DIR_ID", default=4) SITH_SAS_ROOT_DIR_ID = env.int("SITH_SAS_ROOT_DIR_ID", default=4)
SITH_SAS_IMAGES_PER_PAGE = 60 SITH_SAS_IMAGES_PER_PAGE = 60
SITH_CGU_FILE_ID = env.int("SITH_CGU_FILE_ID", default=5)
SITH_PROFILE_DEPARTMENTS = [ SITH_PROFILE_DEPARTMENTS = [
("TC", _("TC")), ("TC", _("TC")),
("IMSI", _("IMSI")), ("IMSI", _("IMSI")),
@@ -544,7 +541,7 @@ SITH_SUBSCRIPTIONS = {
"duration": 4, "duration": 4,
}, },
"cursus-branche": {"name": _("Branch cursus"), "price": 60, "duration": 6}, "cursus-branche": {"name": _("Branch cursus"), "price": 60, "duration": 6},
"cursus-alternant": {"name": _("Alternating cursus"), "price": 35, "duration": 6}, "cursus-alternant": {"name": _("Alternating cursus"), "price": 30, "duration": 6},
"membre-honoraire": {"name": _("Honorary member"), "price": 0, "duration": 666}, "membre-honoraire": {"name": _("Honorary member"), "price": 0, "duration": 666},
"assidu": {"name": _("Assidu member"), "price": 0, "duration": 2}, "assidu": {"name": _("Assidu member"), "price": 0, "duration": 2},
"amicale/doceo": {"name": _("Amicale/DOCEO member"), "price": 0, "duration": 2}, "amicale/doceo": {"name": _("Amicale/DOCEO member"), "price": 0, "duration": 2},
@@ -556,6 +553,8 @@ SITH_SUBSCRIPTIONS = {
"price": 0, "price": 0,
"duration": 1, "duration": 1,
}, },
"un-mois-essai": {"name": _("One month for free"), "price": 0, "duration": 0.166},
"deux-mois-essai": {"name": _("Two months for free"), "price": 0, "duration": 0.33},
"benevoles-euroks": {"name": _("Eurok's volunteer"), "price": 5, "duration": 0.1}, "benevoles-euroks": {"name": _("Eurok's volunteer"), "price": 5, "duration": 0.1},
"six-semaines-essai": { "six-semaines-essai": {
"name": _("Six weeks for free"), "name": _("Six weeks for free"),

2
sith/urls.py
View File

@@ -34,7 +34,6 @@ urlpatterns = [
path("", include(("core.urls", "core"), namespace="core")), path("", include(("core.urls", "core"), namespace="core")),
path("sitemap.xml", cache_page(86400)(sitemap), {"sitemaps": sitemaps}), path("sitemap.xml", cache_page(86400)(sitemap), {"sitemaps": sitemaps}),
path("api/", api.urls), path("api/", api.urls),
path("api-link/", include(("api.urls", "api-link"), namespace="api-link")),
path("rootplace/", include(("rootplace.urls", "rootplace"), namespace="rootplace")), path("rootplace/", include(("rootplace.urls", "rootplace"), namespace="rootplace")),
path( path(
"subscription/", "subscription/",
@@ -54,7 +53,6 @@ urlpatterns = [
path("i18n/", include("django.conf.urls.i18n")), path("i18n/", include("django.conf.urls.i18n")),
path("jsi18n/", JavaScriptCatalog.as_view(), name="javascript-catalog"), path("jsi18n/", JavaScriptCatalog.as_view(), name="javascript-catalog"),
path("captcha/", include("captcha.urls")), path("captcha/", include("captcha.urls")),
path("edt/", include(("timetable.urls", "timetable"), namespace="timetable")),
] ]
if settings.DEBUG: if settings.DEBUG:

21
subscription/migrations/0016_alter_subscription_subscription_type.py
View File

@@ -1,21 +0,0 @@
# Generated by Django 5.2.3 on 2025-10-06 11:24
from django.db import migrations, models
import subscription.models
class Migration(migrations.Migration):
dependencies = [("subscription", "0015_alter_subscription_location_and_more")]
operations = [
migrations.AlterField(
model_name="subscription",
name="subscription_type",
field=models.CharField(
choices=subscription.models.get_subscription_types,
max_length=255,
verbose_name="subscription type",
),
)
]

15
subscription/models.py
View File

@@ -38,19 +38,16 @@ def validate_payment(value):
raise ValidationError(_("Bad payment method")) raise ValidationError(_("Bad payment method"))
def get_subscription_types():
return (
(k, f"{v['name']}, {v['price']}")
for k, v in sorted(settings.SITH_SUBSCRIPTIONS.items())
)
class Subscription(models.Model): class Subscription(models.Model):
member = models.ForeignKey( member = models.ForeignKey(
User, related_name="subscriptions", on_delete=models.CASCADE User, related_name="subscriptions", on_delete=models.CASCADE
) )
subscription_type = models.CharField( subscription_type = models.CharField(
_("subscription type"), max_length=255, choices=get_subscription_types _("subscription type"),
max_length=255,
choices=(
(k, v["name"]) for k, v in sorted(settings.SITH_SUBSCRIPTIONS.items())
),
) )
subscription_start = models.DateField(_("subscription start")) subscription_start = models.DateField(_("subscription start"))
subscription_end = models.DateField(_("subscription end")) subscription_end = models.DateField(_("subscription end"))
@@ -81,7 +78,7 @@ class Subscription(models.Model):
from counter.models import Customer from counter.models import Customer
Customer.get_or_create(self.member) customer, _ = Customer.get_or_create(self.member)
# Someone who subscribed once will be considered forever # Someone who subscribed once will be considered forever
# as an old subscriber. # as an old subscriber.
self.member.groups.add(settings.SITH_GROUP_OLD_SUBSCRIBERS_ID) self.member.groups.add(settings.SITH_GROUP_OLD_SUBSCRIBERS_ID)

42
subscription/tests/test_dates.py
View File

@@ -175,3 +175,45 @@ class TestSubscriptionIntegration(TestCase):
user=user, user=user,
) )
assert d == date(2017, 8, 29) assert d == date(2017, 8, 29)
def test_dates_renewal_sliding_during_two_free_monthes(self):
user = self.user
s = Subscription(
member=user,
subscription_type="deux-mois-essai",
payment_method=settings.SITH_SUBSCRIPTION_PAYMENT_METHOD[1],
)
s.subscription_start = date(2015, 8, 29)
s.subscription_end = s.compute_end(
duration=settings.SITH_SUBSCRIPTIONS[s.subscription_type]["duration"],
start=s.subscription_start,
)
s.save()
assert s.subscription_end == date(2015, 10, 29)
with freezegun.freeze_time("2015-09-25"):
d = Subscription.compute_end(
duration=settings.SITH_SUBSCRIPTIONS["deux-semestres"]["duration"],
user=user,
)
assert d == date(2016, 10, 29)
def test_dates_renewal_sliding_after_two_free_monthes(self):
user = self.user
s = Subscription(
member=user,
subscription_type="deux-mois-essai",
payment_method=settings.SITH_SUBSCRIPTION_PAYMENT_METHOD[1],
)
s.subscription_start = date(2015, 8, 29)
s.subscription_end = s.compute_end(
duration=settings.SITH_SUBSCRIPTIONS[s.subscription_type]["duration"],
start=s.subscription_start,
)
s.save()
assert s.subscription_end == date(2015, 10, 29)
with freezegun.freeze_time("2015-11-05"):
d = Subscription.compute_end(
duration=settings.SITH_SUBSCRIPTIONS["deux-semestres"]["duration"],
user=user,
)
assert d == date(2016, 11, 5)

0
timetable/__init__.py
View File

Some files were not shown because too many files have changed in this diff Show More