mirror of
https://github.com/ae-utbm/sith.git
synced 2026-07-17 03:58:35 +00:00
Compare commits
2
Commits
discord-auth
..
ts
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
ac8a79468e | ||
|
|
448e67738e |
@@ -17,15 +17,6 @@ class ApiClientAdmin(admin.ModelAdmin):
|
||||
"owner__nick_name",
|
||||
)
|
||||
autocomplete_fields = ("owner", "groups", "client_permissions")
|
||||
readonly_fields = ("hmac_key",)
|
||||
actions = ("reset_hmac_key",)
|
||||
|
||||
@admin.action(permissions=["change"], description=_("Reset HMAC key"))
|
||||
def reset_hmac_key(self, _request: HttpRequest, queryset: QuerySet[ApiClient]):
|
||||
objs = list(queryset)
|
||||
for obj in objs:
|
||||
obj.reset_hmac(commit=False)
|
||||
ApiClient.objects.bulk_update(objs, fields=["hmac_key"])
|
||||
|
||||
|
||||
@admin.register(ApiKey)
|
||||
|
||||
-16
@@ -1,16 +0,0 @@
|
||||
from ninja_extra import ControllerBase, api_controller, route
|
||||
|
||||
from api.auth import ApiKeyAuth
|
||||
from api.schemas import ApiClientSchema
|
||||
|
||||
|
||||
@api_controller("/client")
|
||||
class ApiClientController(ControllerBase):
|
||||
@route.get(
|
||||
"/me",
|
||||
auth=[ApiKeyAuth()],
|
||||
response=ApiClientSchema,
|
||||
url_name="api-client-infos",
|
||||
)
|
||||
def get_client_info(self):
|
||||
return self.context.request.auth
|
||||
@@ -1,35 +0,0 @@
|
||||
from django import forms
|
||||
from django.forms import HiddenInput
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
|
||||
|
||||
class ThirdPartyAuthForm(forms.Form):
|
||||
"""Form to complete to authenticate on the sith from a third-party app.
|
||||
|
||||
For the form to be valid, the user approve the EULA (french: CGU)
|
||||
and give its username from the third-party app.
|
||||
"""
|
||||
|
||||
cgu_accepted = forms.BooleanField(
|
||||
required=True,
|
||||
label=_("I have read and I accept the terms and conditions of use"),
|
||||
error_messages={
|
||||
"required": _("You must approve the terms and conditions of use.")
|
||||
},
|
||||
)
|
||||
is_username_valid = forms.BooleanField(
|
||||
required=True,
|
||||
error_messages={"required": _("You must confirm that this is your username.")},
|
||||
)
|
||||
client_id = forms.IntegerField(widget=HiddenInput())
|
||||
third_party_app = forms.CharField(widget=HiddenInput())
|
||||
privacy_link = forms.URLField(widget=HiddenInput())
|
||||
username = forms.CharField(widget=HiddenInput())
|
||||
callback_url = forms.URLField(widget=HiddenInput())
|
||||
signature = forms.CharField(widget=HiddenInput())
|
||||
|
||||
def __init__(self, *args, label_suffix: str = "", initial, **kwargs):
|
||||
super().__init__(*args, label_suffix=label_suffix, initial=initial, **kwargs)
|
||||
self.fields["is_username_valid"].label = _(
|
||||
"I confirm that %(username)s is my username on %(app)s"
|
||||
) % {"username": initial.get("username"), "app": initial.get("third_party_app")}
|
||||
@@ -1,19 +0,0 @@
|
||||
# Generated by Django 5.2.3 on 2025-10-26 10:15
|
||||
|
||||
from django.db import migrations, models
|
||||
|
||||
import api.models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
dependencies = [("api", "0001_initial")]
|
||||
|
||||
operations = [
|
||||
migrations.AddField(
|
||||
model_name="apiclient",
|
||||
name="hmac_key",
|
||||
field=models.CharField(
|
||||
default=api.models.get_hmac_key, max_length=128, verbose_name="HMAC Key"
|
||||
),
|
||||
),
|
||||
]
|
||||
+21
-32
@@ -1,20 +1,13 @@
|
||||
import secrets
|
||||
from typing import Iterable
|
||||
|
||||
from django.contrib.auth.models import Permission
|
||||
from django.db import models
|
||||
from django.db.models import Q
|
||||
from django.utils.functional import cached_property
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
from django.utils.translation import pgettext_lazy
|
||||
|
||||
from core.models import Group, User
|
||||
|
||||
|
||||
def get_hmac_key():
|
||||
return secrets.token_hex(64)
|
||||
|
||||
|
||||
class ApiClient(models.Model):
|
||||
name = models.CharField(_("name"), max_length=64)
|
||||
owner = models.ForeignKey(
|
||||
@@ -33,10 +26,11 @@ class ApiClient(models.Model):
|
||||
help_text=_("Specific permissions for this api client."),
|
||||
related_name="clients",
|
||||
)
|
||||
hmac_key = models.CharField(_("HMAC Key"), max_length=128, default=get_hmac_key)
|
||||
created_at = models.DateTimeField(auto_now_add=True)
|
||||
updated_at = models.DateTimeField(auto_now=True)
|
||||
|
||||
_perm_cache: set[str] | None = None
|
||||
|
||||
class Meta:
|
||||
verbose_name = _("api client")
|
||||
verbose_name_plural = _("api clients")
|
||||
@@ -44,38 +38,33 @@ class ApiClient(models.Model):
|
||||
def __str__(self):
|
||||
return self.name
|
||||
|
||||
@cached_property
|
||||
def all_permissions(self) -> set[str]:
|
||||
permissions = (
|
||||
Permission.objects.filter(
|
||||
Q(group__group__in=self.groups.all()) | Q(clients=self)
|
||||
)
|
||||
def has_perm(self, perm: str):
|
||||
"""Return True if the client has the specified permission."""
|
||||
|
||||
if self._perm_cache is None:
|
||||
group_permissions = (
|
||||
Permission.objects.filter(group__group__in=self.groups.all())
|
||||
.values_list("content_type__app_label", "codename")
|
||||
.order_by()
|
||||
)
|
||||
return {f"{content_type}.{name}" for content_type, name in permissions}
|
||||
client_permissions = self.client_permissions.values_list(
|
||||
"content_type__app_label", "codename"
|
||||
).order_by()
|
||||
self._perm_cache = {
|
||||
f"{content_type}.{name}"
|
||||
for content_type, name in (*group_permissions, *client_permissions)
|
||||
}
|
||||
return perm in self._perm_cache
|
||||
|
||||
def has_perm(self, perm: str):
|
||||
"""Return True if the client has the specified permission."""
|
||||
return perm in self.all_permissions
|
||||
|
||||
def has_perms(self, perm_list: Iterable[str]) -> bool:
|
||||
"""Return True if the client has each of the specified permissions."""
|
||||
def has_perms(self, perm_list):
|
||||
"""
|
||||
Return True if the client has each of the specified permissions. If
|
||||
object is passed, check if the client has all required perms for it.
|
||||
"""
|
||||
if not isinstance(perm_list, Iterable) or isinstance(perm_list, str):
|
||||
raise ValueError("perm_list must be an iterable of permissions.")
|
||||
return all(self.has_perm(perm) for perm in perm_list)
|
||||
|
||||
def reset_hmac(self, *, commit: bool = True) -> str:
|
||||
"""Reset and return the HMAC key for this client.
|
||||
|
||||
Args:
|
||||
commit: if True (the default), persist the new hmac in db.
|
||||
"""
|
||||
self.hmac_key = get_hmac_key()
|
||||
if commit:
|
||||
self.save()
|
||||
return self.hmac_key
|
||||
|
||||
|
||||
class ApiKey(models.Model):
|
||||
PREFIX_LENGTH = 5
|
||||
|
||||
@@ -1,23 +0,0 @@
|
||||
from ninja import ModelSchema, Schema
|
||||
from pydantic import Field, HttpUrl
|
||||
|
||||
from api.models import ApiClient
|
||||
from core.schemas import SimpleUserSchema
|
||||
|
||||
|
||||
class ApiClientSchema(ModelSchema):
|
||||
class Meta:
|
||||
model = ApiClient
|
||||
fields = ["id", "name"]
|
||||
|
||||
owner: SimpleUserSchema
|
||||
permissions: list[str] = Field(alias="all_permissions")
|
||||
|
||||
|
||||
class ThirdPartyAuthParamsSchema(Schema):
|
||||
client_id: int
|
||||
third_party_app: str
|
||||
privacy_link: HttpUrl
|
||||
username: str
|
||||
callback_url: HttpUrl
|
||||
signature: str
|
||||
-32
@@ -1,32 +0,0 @@
|
||||
{% extends "core/base.jinja" %}
|
||||
|
||||
{% block content %}
|
||||
<form method="post">
|
||||
{% csrf_token %}
|
||||
<h3>{% trans %}Confidentiality{% endtrans %}</h3>
|
||||
<p>
|
||||
{% trans trimmed app=third_party_app %}
|
||||
By ticking this box and clicking on the send button, you
|
||||
acknowledge and agree to provide {{ app }} with your
|
||||
first name, last name, nickname and any other information
|
||||
that was the third party app was explicitly authorized to fetch
|
||||
and that it must have acknowledged to you, in a complete and accurate manner.
|
||||
{% endtrans %}
|
||||
</p>
|
||||
<p class="margin-bottom">
|
||||
{% trans trimmed app=third_party_app, privacy_link=third_party_cgu, sith_cgu_link=sith_cgu %}
|
||||
The privacy policies of <a href="{{ privacy_link }}">{{ app }}</a>
|
||||
and of <a href="{{ sith_cgu_link }}">the Students' Association</a>
|
||||
applies as soon as the form is submitted.
|
||||
{% endtrans %}
|
||||
</p>
|
||||
<div class="row">{{ form.cgu_accepted }} {{ form.cgu_accepted.label_tag() }}</div>
|
||||
<br>
|
||||
<h3 class="margin-bottom">{% trans %}Confirmation of identity{% endtrans %}</h3>
|
||||
<div class="row margin-bottom">
|
||||
{{ form.is_username_valid }} {{ form.is_username_valid.label_tag() }}
|
||||
</div>
|
||||
{% for field in form.hidden_fields() %}{{ field }}{% endfor %}
|
||||
<input type="submit" class="btn btn-blue">
|
||||
</form>
|
||||
{% endblock %}
|
||||
@@ -1,24 +0,0 @@
|
||||
import pytest
|
||||
from django.contrib.admin import AdminSite
|
||||
from django.http import HttpRequest
|
||||
from model_bakery import baker
|
||||
from pytest_django.asserts import assertNumQueries
|
||||
|
||||
from api.admin import ApiClientAdmin
|
||||
from api.models import ApiClient
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_reset_hmac_action():
|
||||
client_admin = ApiClientAdmin(ApiClient, AdminSite())
|
||||
api_clients = baker.make(ApiClient, _quantity=4, _bulk_create=True)
|
||||
old_hmac_keys = [c.hmac_key for c in api_clients]
|
||||
with assertNumQueries(2):
|
||||
qs = ApiClient.objects.filter(id__in=[c.id for c in api_clients[2:4]])
|
||||
client_admin.reset_hmac_key(HttpRequest(), qs)
|
||||
for c in api_clients:
|
||||
c.refresh_from_db()
|
||||
assert api_clients[0].hmac_key == old_hmac_keys[0]
|
||||
assert api_clients[1].hmac_key == old_hmac_keys[1]
|
||||
assert api_clients[2].hmac_key != old_hmac_keys[2]
|
||||
assert api_clients[3].hmac_key != old_hmac_keys[3]
|
||||
@@ -1,18 +0,0 @@
|
||||
import pytest
|
||||
from django.test import Client
|
||||
from django.urls import reverse
|
||||
from model_bakery import baker
|
||||
|
||||
from api.hashers import generate_key
|
||||
from api.models import ApiClient, ApiKey
|
||||
from api.schemas import ApiClientSchema
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_api_client_controller(client: Client):
|
||||
key, hashed = generate_key()
|
||||
api_client = baker.make(ApiClient)
|
||||
baker.make(ApiKey, client=api_client, hashed_key=hashed)
|
||||
res = client.get(reverse("api:api-client-infos"), headers={"X-APIKey": key})
|
||||
assert res.status_code == 200
|
||||
assert res.json() == ApiClientSchema.from_orm(api_client).model_dump()
|
||||
@@ -1,59 +0,0 @@
|
||||
import pytest
|
||||
from django.contrib.auth.models import Permission
|
||||
from django.test import TestCase
|
||||
from model_bakery import baker
|
||||
|
||||
from api.models import ApiClient
|
||||
from core.models import Group
|
||||
|
||||
|
||||
class TestClientPermissions(TestCase):
|
||||
@classmethod
|
||||
def setUpTestData(cls):
|
||||
cls.api_client = baker.make(ApiClient)
|
||||
cls.perms = baker.make(Permission, _quantity=10, _bulk_create=True)
|
||||
cls.api_client.groups.set(
|
||||
[
|
||||
baker.make(Group, permissions=cls.perms[0:3]),
|
||||
baker.make(Group, permissions=cls.perms[3:5]),
|
||||
]
|
||||
)
|
||||
cls.api_client.client_permissions.set(
|
||||
[cls.perms[3], cls.perms[5], cls.perms[6], cls.perms[7]]
|
||||
)
|
||||
|
||||
def test_all_permissions(self):
|
||||
assert self.api_client.all_permissions == {
|
||||
f"{p.content_type.app_label}.{p.codename}" for p in self.perms[0:8]
|
||||
}
|
||||
|
||||
def test_has_perm(self):
|
||||
assert self.api_client.has_perm(
|
||||
f"{self.perms[1].content_type.app_label}.{self.perms[1].codename}"
|
||||
)
|
||||
assert not self.api_client.has_perm(
|
||||
f"{self.perms[9].content_type.app_label}.{self.perms[9].codename}"
|
||||
)
|
||||
|
||||
def test_has_perms(self):
|
||||
assert self.api_client.has_perms(
|
||||
[
|
||||
f"{self.perms[1].content_type.app_label}.{self.perms[1].codename}",
|
||||
f"{self.perms[2].content_type.app_label}.{self.perms[2].codename}",
|
||||
]
|
||||
)
|
||||
assert not self.api_client.has_perms(
|
||||
[
|
||||
f"{self.perms[1].content_type.app_label}.{self.perms[1].codename}",
|
||||
f"{self.perms[9].content_type.app_label}.{self.perms[9].codename}",
|
||||
],
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_reset_hmac_key():
|
||||
client = baker.make(ApiClient)
|
||||
original_key = client.hmac_key
|
||||
client.reset_hmac(commit=True)
|
||||
assert len(client.hmac_key) == len(original_key)
|
||||
assert client.hmac_key != original_key
|
||||
@@ -1,140 +0,0 @@
|
||||
from unittest import mock
|
||||
from unittest.mock import Mock
|
||||
|
||||
from django.contrib.messages import Message, get_messages
|
||||
from django.db.models import Max
|
||||
from django.test import TestCase
|
||||
from django.urls import reverse
|
||||
from model_bakery import baker
|
||||
from pytest_django.asserts import assertRedirects
|
||||
|
||||
from api.models import ApiClient, get_hmac_key
|
||||
from core.baker_recipes import subscriber_user
|
||||
from core.schemas import UserProfileSchema
|
||||
from core.utils import hmac_hexdigest
|
||||
|
||||
|
||||
def mocked_post(*, ok: bool):
|
||||
class MockedResponse(Mock):
|
||||
@property
|
||||
def ok(self):
|
||||
return ok
|
||||
|
||||
def mocked():
|
||||
return MockedResponse()
|
||||
|
||||
return mocked
|
||||
|
||||
|
||||
class TestThirdPartyAuth(TestCase):
|
||||
@classmethod
|
||||
def setUpTestData(cls):
|
||||
cls.user = subscriber_user.make()
|
||||
cls.api_client = baker.make(ApiClient)
|
||||
|
||||
def setUp(self):
|
||||
self.query = {
|
||||
"client_id": self.api_client.id,
|
||||
"third_party_app": "app",
|
||||
"privacy_link": "https://foobar.fr/",
|
||||
"username": "bibou",
|
||||
"callback_url": "https://callback.fr/",
|
||||
}
|
||||
self.query["signature"] = hmac_hexdigest(self.api_client.hmac_key, self.query)
|
||||
self.callback_data = {
|
||||
"user": UserProfileSchema.from_orm(self.user).model_dump()
|
||||
}
|
||||
self.callback_data["signature"] = hmac_hexdigest(
|
||||
self.api_client.hmac_key, self.callback_data["user"]
|
||||
)
|
||||
self.url = reverse("api-link:third-party-auth", query=self.query)
|
||||
|
||||
def test_auth_ok(self):
|
||||
self.client.force_login(self.user)
|
||||
res = self.client.get(self.url)
|
||||
assert res.status_code == 200
|
||||
with mock.patch("requests.post", new_callable=mocked_post(ok=True)) as mocked:
|
||||
res = self.client.post(
|
||||
self.url,
|
||||
data={"cgu_accepted": True, "is_username_valid": True, **self.query},
|
||||
)
|
||||
mocked.assert_called_once_with(
|
||||
self.query["callback_url"], json=self.callback_data
|
||||
)
|
||||
assertRedirects(
|
||||
res,
|
||||
reverse("api-link:third-party-auth-result", kwargs={"result": "success"}),
|
||||
)
|
||||
|
||||
def test_callback_error(self):
|
||||
"""Test that the user see the failure page if the callback request failed."""
|
||||
self.client.force_login(self.user)
|
||||
with mock.patch("requests.post", new_callable=mocked_post(ok=False)) as mocked:
|
||||
res = self.client.post(
|
||||
self.url,
|
||||
data={"cgu_accepted": True, "is_username_valid": True, **self.query},
|
||||
)
|
||||
mocked.assert_called_once_with(
|
||||
self.query["callback_url"], json=self.callback_data
|
||||
)
|
||||
assertRedirects(
|
||||
res,
|
||||
reverse("api-link:third-party-auth-result", kwargs={"result": "failure"}),
|
||||
)
|
||||
|
||||
def test_wrong_signature(self):
|
||||
"""Test that a 403 is raised if the signature of the query is wrong."""
|
||||
self.client.force_login(subscriber_user.make())
|
||||
new_key = get_hmac_key()
|
||||
del self.query["signature"]
|
||||
self.query["signature"] = hmac_hexdigest(new_key, self.query)
|
||||
res = self.client.get(reverse("api-link:third-party-auth", query=self.query))
|
||||
assert list(get_messages(res.wsgi_request)) == [
|
||||
Message(
|
||||
level=40,
|
||||
message=(
|
||||
"La signature est incorrecte. "
|
||||
"Nous ne pouvons pas garantir l'authenticité de la requête."
|
||||
),
|
||||
)
|
||||
]
|
||||
|
||||
res = self.client.post(self.url, data=self.query)
|
||||
assert res.status_code == 200
|
||||
|
||||
def test_cgu_not_accepted(self):
|
||||
self.client.force_login(self.user)
|
||||
res = self.client.get(self.url)
|
||||
assert res.status_code == 200
|
||||
res = self.client.post(self.url, data=self.query)
|
||||
assert res.status_code == 200 # no redirect means invalid form
|
||||
res = self.client.post(
|
||||
self.url,
|
||||
data={"cgu_accepted": False, "is_username_valid": False, **self.query},
|
||||
)
|
||||
assert res.status_code == 200
|
||||
|
||||
def test_invalid_client(self):
|
||||
self.client.force_login(self.user)
|
||||
self.query["client_id"] = ApiClient.objects.aggregate(res=Max("id"))["res"] + 1
|
||||
res = self.client.get(reverse("api-link:third-party-auth", query=self.query))
|
||||
assert list(get_messages(res.wsgi_request)) == [
|
||||
Message(
|
||||
level=40,
|
||||
message="Les données fournies pour l'authentification sont incorrectes.",
|
||||
)
|
||||
]
|
||||
|
||||
def test_missing_parameter(self):
|
||||
self.client.force_login(self.user)
|
||||
del self.query["username"]
|
||||
self.query["signature"] = hmac_hexdigest(self.api_client.hmac_key, self.query)
|
||||
res = self.client.get(reverse("api-link:third-party-auth", query=self.query))
|
||||
assert list(get_messages(res.wsgi_request)) == [
|
||||
Message(
|
||||
level=40,
|
||||
message="Les données fournies pour l'authentification sont incorrectes.",
|
||||
)
|
||||
]
|
||||
res = self.client.post(self.url, data=self.query)
|
||||
assert res.status_code == 200
|
||||
-15
@@ -1,10 +1,6 @@
|
||||
from django.urls import path, register_converter
|
||||
from ninja.security import SessionAuth
|
||||
from ninja_extra import NinjaExtraAPI
|
||||
|
||||
from api.views import ThirdPartyAuthResultView, ThirdPartyAuthView
|
||||
from core.converters import ResultConverter
|
||||
|
||||
api = NinjaExtraAPI(
|
||||
title="PICON",
|
||||
description="Portail Interactif de Communication avec les Outils Numériques",
|
||||
@@ -13,14 +9,3 @@ api = NinjaExtraAPI(
|
||||
auth=[SessionAuth()],
|
||||
)
|
||||
api.auto_discover_controllers()
|
||||
|
||||
register_converter(ResultConverter, "res")
|
||||
|
||||
urlpatterns = [
|
||||
path("auth/", ThirdPartyAuthView.as_view(), name="third-party-auth"),
|
||||
path(
|
||||
"auth/<res:result>/",
|
||||
ThirdPartyAuthResultView.as_view(),
|
||||
name="third-party-auth-result",
|
||||
),
|
||||
]
|
||||
|
||||
-146
@@ -1,146 +0,0 @@
|
||||
import hmac
|
||||
from urllib.parse import unquote
|
||||
|
||||
import pydantic
|
||||
import requests
|
||||
import sentry_sdk
|
||||
from django.conf import settings
|
||||
from django.contrib import messages
|
||||
from django.contrib.auth.mixins import AccessMixin, LoginRequiredMixin
|
||||
from django.shortcuts import render
|
||||
from django.urls import reverse, reverse_lazy
|
||||
from django.utils.translation import gettext as _
|
||||
from django.views.generic import FormView, TemplateView
|
||||
from ninja_extra.shortcuts import get_object_or_none
|
||||
|
||||
from api.forms import ThirdPartyAuthForm
|
||||
from api.models import ApiClient
|
||||
from api.schemas import ThirdPartyAuthParamsSchema
|
||||
from core.models import SithFile
|
||||
from core.schemas import UserProfileSchema
|
||||
from core.utils import hmac_hexdigest
|
||||
|
||||
|
||||
class ThirdPartyAuthView(AccessMixin, FormView):
|
||||
form_class = ThirdPartyAuthForm
|
||||
template_name = "api/third_party/auth.jinja"
|
||||
success_url = reverse_lazy("core:index")
|
||||
|
||||
def parse_params(self) -> ThirdPartyAuthParamsSchema | None:
|
||||
"""Parse and check the authentication parameters.
|
||||
|
||||
If parsing fails, messages will be created using the django message
|
||||
infrastructure.
|
||||
|
||||
Returns:
|
||||
The parses parameters, or None if the parsing failed.
|
||||
"""
|
||||
# This is here rather than in ThirdPartyAuthForm because
|
||||
# the given parameters and their signature are checked during both
|
||||
# POST (for obvious reasons) and GET (in order not to make
|
||||
# the user fill a form just to get an error he won't understand)
|
||||
params = self.request.GET if self.request.method == "GET" else self.request.POST
|
||||
params = {key: unquote(val) for key, val in params.dict().items()}
|
||||
try:
|
||||
params = ThirdPartyAuthParamsSchema(**params)
|
||||
except pydantic.ValidationError:
|
||||
messages.error(
|
||||
self.request, _("The data provided for authentication is incorrect")
|
||||
)
|
||||
return None
|
||||
client: ApiClient | None = get_object_or_none(ApiClient, id=params.client_id)
|
||||
if not client:
|
||||
messages.error(
|
||||
self.request, _("The data provided for authentication is incorrect")
|
||||
)
|
||||
return None
|
||||
if not hmac.compare_digest(
|
||||
hmac_hexdigest(client.hmac_key, params.model_dump(exclude={"signature"})),
|
||||
params.signature,
|
||||
):
|
||||
messages.error(
|
||||
self.request,
|
||||
_(
|
||||
"The signature is incorrect. "
|
||||
"We cannot ensure the provenance of the request."
|
||||
),
|
||||
)
|
||||
return None
|
||||
return params
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
if not request.user.is_authenticated:
|
||||
return self.handle_no_permission()
|
||||
if (params := self.parse_params()) is None:
|
||||
# if parameters parsing failed, shortcut the operation and display
|
||||
# an empty page with just the error messages.
|
||||
return render(request, "core/base.jinja")
|
||||
self.params = params
|
||||
return super().dispatch(request, *args, **kwargs)
|
||||
|
||||
def get(self, *args, **kwargs):
|
||||
messages.warning(
|
||||
self.request,
|
||||
_(
|
||||
"You are going to link your AE account and your %(app)s account. "
|
||||
"Continue only if this page was opened from %(app)s."
|
||||
)
|
||||
% {"app": self.params.third_party_app},
|
||||
)
|
||||
return super().get(*args, **kwargs)
|
||||
|
||||
def get_initial(self):
|
||||
return self.params.model_dump()
|
||||
|
||||
def form_valid(self, form):
|
||||
client = ApiClient.objects.get(id=form.cleaned_data["client_id"])
|
||||
user = UserProfileSchema.from_orm(self.request.user).model_dump()
|
||||
data = {"user": user, "signature": hmac_hexdigest(client.hmac_key, user)}
|
||||
try:
|
||||
ok = requests.post(form.cleaned_data["callback_url"], json=data).ok
|
||||
except requests.RequestException as e:
|
||||
sentry_sdk.capture_exception(e)
|
||||
ok = False
|
||||
self.success_url = reverse(
|
||||
"api-link:third-party-auth-result",
|
||||
kwargs={"result": "success" if ok else "failure"},
|
||||
)
|
||||
return super().form_valid(form)
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
return super().get_context_data(**kwargs) | {
|
||||
"third_party_app": self.params.third_party_app,
|
||||
"third_party_cgu": self.params.privacy_link,
|
||||
"sith_cgu": SithFile.objects.get(id=settings.SITH_CGU_FILE_ID),
|
||||
}
|
||||
|
||||
|
||||
class ThirdPartyAuthResultView(LoginRequiredMixin, TemplateView):
|
||||
"""View that the user will see if its authentication on sith was successful.
|
||||
|
||||
This can show either a success or a failure message :
|
||||
- success : everything is good, the user is successfully authenticated
|
||||
and can close the page
|
||||
- failure : the authentication has been processed on the sith side,
|
||||
but the request to the callback url received an error.
|
||||
In such a case, there is nothing much we can do but to advice
|
||||
the user to contact the developers of the third-party app.
|
||||
"""
|
||||
|
||||
template_name = "core/base.jinja"
|
||||
success_message = _(
|
||||
"You have been successfully authenticated. You can now close this page."
|
||||
)
|
||||
error_message = _(
|
||||
"Your authentication on the AE website was successful, "
|
||||
"but an error happened during the interaction "
|
||||
"with the third-party application. "
|
||||
"Please contact the managers of the latter."
|
||||
)
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
if self.kwargs.get("result") == "success":
|
||||
messages.success(request, self.success_message)
|
||||
else:
|
||||
messages.error(request, self.error_message)
|
||||
return super().get(request, *args, **kwargs)
|
||||
@@ -1,7 +1,6 @@
|
||||
import type { TomOption } from "tom-select/dist/types/types";
|
||||
import type { escape_html } from "tom-select/dist/types/utils";
|
||||
import { AjaxSelect } from "#core:core/components/ajax-select-base.ts";
|
||||
import { registerComponent } from "#core:utils/web-components.ts";
|
||||
import type { escape_html } from "tom-select/src/utils";
|
||||
import { AjaxSelect } from "#core:core/components/ajax-select-base";
|
||||
import { registerComponent } from "#core:utils/web-components";
|
||||
import { type ClubSchema, clubSearchClub } from "#openapi";
|
||||
|
||||
@registerComponent("club-ajax-select")
|
||||
@@ -10,7 +9,7 @@ export class ClubAjaxSelect extends AjaxSelect {
|
||||
protected labelField = "name";
|
||||
protected searchField = ["code", "name"];
|
||||
|
||||
protected async search(query: string): Promise<TomOption[]> {
|
||||
protected async search(query: string) {
|
||||
const resp = await clubSearchClub({ query: { search: query } });
|
||||
if (resp.data) {
|
||||
return resp.data.results;
|
||||
|
||||
@@ -1,4 +1,9 @@
|
||||
import { Calendar, type EventClickArg, type EventContentArg } from "@fullcalendar/core";
|
||||
import {
|
||||
Calendar,
|
||||
type EventClickArg,
|
||||
type EventContentArg,
|
||||
type EventInput,
|
||||
} from "@fullcalendar/core";
|
||||
import type { EventImpl } from "@fullcalendar/core/internal";
|
||||
import enLocale from "@fullcalendar/core/locales/en-gb";
|
||||
import frLocale from "@fullcalendar/core/locales/fr";
|
||||
@@ -6,8 +11,8 @@ import dayGridPlugin from "@fullcalendar/daygrid";
|
||||
import iCalendarPlugin from "@fullcalendar/icalendar";
|
||||
import listPlugin from "@fullcalendar/list";
|
||||
import { type HTMLTemplateResult, html, render } from "lit-html";
|
||||
import { makeUrl } from "#core:utils/api.ts";
|
||||
import { inheritHtmlElement, registerComponent } from "#core:utils/web-components.ts";
|
||||
import { type GenericEndpoint, makeUrl } from "#core:utils/api";
|
||||
import { inheritHtmlElement, registerComponent } from "#core:utils/web-components";
|
||||
import {
|
||||
calendarCalendarInternal,
|
||||
calendarCalendarUnpublished,
|
||||
@@ -19,11 +24,11 @@ import {
|
||||
@registerComponent("ics-calendar")
|
||||
export class IcsCalendar extends inheritHtmlElement("div") {
|
||||
static observedAttributes = ["locale", "can_moderate", "can_delete", "ics-help-url"];
|
||||
private calendar: Calendar;
|
||||
private locale = "en";
|
||||
private canModerate = false;
|
||||
private canDelete = false;
|
||||
private helpUrl = "";
|
||||
private calendar!: Calendar;
|
||||
private locale? = "en";
|
||||
private canModerate? = false;
|
||||
private canDelete? = false;
|
||||
private helpUrl? = "";
|
||||
|
||||
// Hack variable to detect recurring events
|
||||
// The underlying ics library doesn't include any info about rrules
|
||||
@@ -35,10 +40,12 @@ export class IcsCalendar extends inheritHtmlElement("div") {
|
||||
this.locale = newValue;
|
||||
}
|
||||
if (name === "can_moderate") {
|
||||
this.canModerate = newValue.toLowerCase() === "true";
|
||||
this.canModerate =
|
||||
typeof newValue === "string" && newValue.toLowerCase() === "true";
|
||||
}
|
||||
if (name === "can_delete") {
|
||||
this.canDelete = newValue.toLowerCase() === "true";
|
||||
this.canDelete =
|
||||
typeof newValue === "string" && newValue.toLowerCase() === "true";
|
||||
}
|
||||
|
||||
if (name === "ics-help-url") {
|
||||
@@ -94,7 +101,7 @@ export class IcsCalendar extends inheritHtmlElement("div") {
|
||||
.toString()
|
||||
.split("/")
|
||||
.filter((s) => s) // Remove blank characters
|
||||
.pop(),
|
||||
.pop() as string,
|
||||
10,
|
||||
);
|
||||
}
|
||||
@@ -159,7 +166,7 @@ export class IcsCalendar extends inheritHtmlElement("div") {
|
||||
this.refreshEvents();
|
||||
}
|
||||
|
||||
async getEventSources() {
|
||||
async getEventSources(): Promise<EventInput[]> {
|
||||
const tagRecurringEvents = (eventData: EventImpl) => {
|
||||
// This functions tags events with a similar event url
|
||||
// We rely on the fact that the event url is always the same
|
||||
@@ -173,14 +180,14 @@ export class IcsCalendar extends inheritHtmlElement("div") {
|
||||
};
|
||||
return [
|
||||
{
|
||||
url: `${await makeUrl(calendarCalendarInternal)}`,
|
||||
url: `${await makeUrl(calendarCalendarInternal as GenericEndpoint)}`,
|
||||
format: "ics",
|
||||
className: "internal",
|
||||
cache: false,
|
||||
eventDataTransform: tagRecurringEvents,
|
||||
},
|
||||
{
|
||||
url: `${await makeUrl(calendarCalendarUnpublished)}`,
|
||||
url: `${await makeUrl(calendarCalendarUnpublished as GenericEndpoint)}`,
|
||||
format: "ics",
|
||||
color: "red",
|
||||
className: "unpublished",
|
||||
@@ -213,7 +220,7 @@ export class IcsCalendar extends inheritHtmlElement("div") {
|
||||
${event.title}
|
||||
</h4>
|
||||
<span class="event-details-row-content">
|
||||
${this.formatDate(event.start)} - ${this.formatDate(event.end)}
|
||||
${this.formatDate(event.start as Date)} - ${this.formatDate(event.end as Date)}
|
||||
</span>
|
||||
</div>
|
||||
`;
|
||||
@@ -251,7 +258,7 @@ export class IcsCalendar extends inheritHtmlElement("div") {
|
||||
const buttons = [] as HTMLTemplateResult[];
|
||||
|
||||
if (this.canModerate) {
|
||||
if (event.source.internalEventSource.ui.classNames.includes("unpublished")) {
|
||||
if (event.source?.internalEventSource.ui.classNames.includes("unpublished")) {
|
||||
const button = html`
|
||||
<button class="btn btn-green" @click="${() => this.publishNews(newsId)}">
|
||||
<i class="fa fa-check"></i>${gettext("Publish")}
|
||||
@@ -338,9 +345,9 @@ export class IcsCalendar extends inheritHtmlElement("div") {
|
||||
button.classList.remove("text-copied");
|
||||
}
|
||||
button.setAttribute("tooltip", gettext("Link copied"));
|
||||
navigator.clipboard.writeText(
|
||||
await navigator.clipboard.writeText(
|
||||
new URL(
|
||||
await makeUrl(calendarCalendarInternal),
|
||||
await makeUrl(calendarCalendarInternal as GenericEndpoint),
|
||||
window.location.origin,
|
||||
).toString(),
|
||||
);
|
||||
|
||||
@@ -1,4 +1,9 @@
|
||||
import { newsDeleteNews, newsFetchNewsDates, newsPublishNews } from "#openapi";
|
||||
import {
|
||||
newsDeleteNews,
|
||||
newsFetchNewsDates,
|
||||
newsPublishNews,
|
||||
type PaginatedResponseSchemaNewsDateSchema,
|
||||
} from "#openapi";
|
||||
|
||||
// This will be used in jinja templates,
|
||||
// so we cannot use real enums as those are purely an abstraction of Typescript
|
||||
@@ -64,7 +69,8 @@ document.addEventListener("alpine:init", () => {
|
||||
// biome-ignore lint/style/useNamingConvention: api is snake-case
|
||||
query: { news_id: this.newsId, page: 1, page_size: 1 },
|
||||
});
|
||||
return response.data.count;
|
||||
|
||||
return (response.data as PaginatedResponseSchemaNewsDateSchema).count;
|
||||
},
|
||||
|
||||
weeklyEventWarningMessage(nbEvents: number): string {
|
||||
|
||||
@@ -1,11 +1,11 @@
|
||||
import { type NewsDateSchema, newsFetchNewsDates } from "#openapi";
|
||||
|
||||
interface ParsedNewsDateSchema extends Omit<NewsDateSchema, "start_date" | "end_date"> {
|
||||
type ParsedNewsDateSchema = Omit<NewsDateSchema, "start_date" | "end_date"> & {
|
||||
// biome-ignore lint/style/useNamingConvention: api is snake_case
|
||||
start_date: Date;
|
||||
// biome-ignore lint/style/useNamingConvention: api is snake_case
|
||||
end_date: Date;
|
||||
}
|
||||
};
|
||||
|
||||
document.addEventListener("alpine:init", () => {
|
||||
Alpine.data("upcomingNewsLoader", (startDate: Date, locale: string) => ({
|
||||
@@ -32,6 +32,11 @@ document.addEventListener("alpine:init", () => {
|
||||
page_size: this.pageSize,
|
||||
},
|
||||
});
|
||||
if (response.response === undefined || response.data === undefined) {
|
||||
// response may be undefined, because error may be
|
||||
// from building the request object itself or from a network error
|
||||
return;
|
||||
}
|
||||
if (response.response.status === 404) {
|
||||
this.hasNext = false;
|
||||
} else if (response.data.next === null) {
|
||||
@@ -44,7 +49,7 @@ document.addEventListener("alpine:init", () => {
|
||||
this.loading = false;
|
||||
},
|
||||
|
||||
groupedDates(): Record<string, NewsDateSchema[]> {
|
||||
groupedDates(): Record<string, ParsedNewsDateSchema[]> {
|
||||
return this.newsDates
|
||||
.map(
|
||||
(date: NewsDateSchema): ParsedNewsDateSchema => ({
|
||||
|
||||
+3
-2
@@ -1,4 +1,4 @@
|
||||
from typing import Annotated, Any, Literal
|
||||
from typing import Annotated, Literal
|
||||
|
||||
from annotated_types import Ge, Le, MinLen
|
||||
from django.conf import settings
|
||||
@@ -26,6 +26,7 @@ from core.schemas import (
|
||||
UserFilterSchema,
|
||||
UserProfileSchema,
|
||||
UserSchema,
|
||||
ValidationErrorSchema,
|
||||
)
|
||||
from core.templatetags.renderer import markdown
|
||||
from counter.utils import is_logged_in_counter
|
||||
@@ -45,7 +46,7 @@ class UploadController(ControllerBase):
|
||||
"/image",
|
||||
response={
|
||||
200: UploadedFileSchema,
|
||||
422: dict[Literal["detail"], list[dict[str, Any]]],
|
||||
422: ValidationErrorSchema,
|
||||
403: dict[Literal["detail"], str],
|
||||
},
|
||||
permissions=[HasPerm("core.add_quickuploadimage")],
|
||||
|
||||
+8
-11
@@ -1,16 +1,19 @@
|
||||
from django.urls.converters import IntConverter, StringConverter
|
||||
|
||||
|
||||
class FourDigitYearConverter(IntConverter):
|
||||
class FourDigitYearConverter:
|
||||
regex = "[0-9]{4}"
|
||||
|
||||
def to_python(self, value):
|
||||
return int(value)
|
||||
|
||||
def to_url(self, value):
|
||||
return str(value).zfill(4)
|
||||
|
||||
|
||||
class TwoDigitMonthConverter(IntConverter):
|
||||
class TwoDigitMonthConverter:
|
||||
regex = "[0-9]{2}"
|
||||
|
||||
def to_python(self, value):
|
||||
return int(value)
|
||||
|
||||
def to_url(self, value):
|
||||
return str(value).zfill(2)
|
||||
|
||||
@@ -25,9 +28,3 @@ class BooleanStringConverter:
|
||||
|
||||
def to_url(self, value):
|
||||
return str(value)
|
||||
|
||||
|
||||
class ResultConverter(StringConverter):
|
||||
"""Converter whose regex match either "success" or "failure"."""
|
||||
|
||||
regex = "(success|failure)"
|
||||
|
||||
@@ -28,7 +28,6 @@ from typing import ClassVar, NamedTuple
|
||||
from django.conf import settings
|
||||
from django.contrib.auth.models import Permission
|
||||
from django.contrib.sites.models import Site
|
||||
from django.core.files.base import ContentFile
|
||||
from django.core.management import call_command
|
||||
from django.core.management.base import BaseCommand
|
||||
from django.db import connection
|
||||
@@ -121,21 +120,15 @@ class Command(BaseCommand):
|
||||
)
|
||||
self.profiles_root = SithFile.objects.create(name="profiles", owner=root)
|
||||
home_root = SithFile.objects.create(name="users", owner=root)
|
||||
|
||||
# Page needed for club creation
|
||||
p = Page(name=settings.SITH_CLUB_ROOT_PAGE)
|
||||
p.save(force_lock=True)
|
||||
|
||||
club_root = SithFile.objects.create(name="clubs", owner=root)
|
||||
sas = SithFile.objects.create(
|
||||
name="SAS", owner=root, id=settings.SITH_SAS_ROOT_DIR_ID
|
||||
)
|
||||
SithFile.objects.create(
|
||||
name="CGU",
|
||||
is_folder=False,
|
||||
file=ContentFile(
|
||||
content="Conditions générales d'utilisation", name="cgu.txt"
|
||||
),
|
||||
owner=root,
|
||||
)
|
||||
# Page needed for club creation
|
||||
p = Page(name=settings.SITH_CLUB_ROOT_PAGE)
|
||||
p.save(force_lock=True)
|
||||
clubs = self._create_clubs()
|
||||
|
||||
self.reset_index("club")
|
||||
|
||||
@@ -1,4 +1,3 @@
|
||||
import math
|
||||
import random
|
||||
from datetime import date, timedelta
|
||||
from datetime import timezone as tz
|
||||
@@ -36,17 +35,12 @@ class Command(BaseCommand):
|
||||
super().__init__(*args, **kwargs)
|
||||
self.faker = Faker("fr_FR")
|
||||
|
||||
def add_arguments(self, parser):
|
||||
parser.add_argument(
|
||||
"-n", "--nb-users", help="Number of users to create", type=int, default=600
|
||||
)
|
||||
|
||||
def handle(self, *args, **options):
|
||||
if not settings.DEBUG:
|
||||
raise Exception("Never call this command in prod. Never.")
|
||||
|
||||
self.stdout.write("Creating users...")
|
||||
users = self.create_users(options["nb_users"])
|
||||
users = self.create_users()
|
||||
self.create_bans(random.sample(users, k=len(users) // 200)) # 0.5% of users
|
||||
subscribers = random.sample(users, k=int(0.8 * len(users)))
|
||||
self.stdout.write("Creating subscriptions...")
|
||||
@@ -86,7 +80,7 @@ class Command(BaseCommand):
|
||||
self.stdout.write("Creating products...")
|
||||
self.create_products()
|
||||
self.stdout.write("Creating sales and refills...")
|
||||
sellers = random.sample(users, len(users) // 10)
|
||||
sellers = random.sample(list(User.objects.all()), 100)
|
||||
self.create_sales(sellers)
|
||||
self.stdout.write("Creating permanences...")
|
||||
self.create_permanences(sellers)
|
||||
@@ -95,7 +89,7 @@ class Command(BaseCommand):
|
||||
|
||||
self.stdout.write("Done")
|
||||
|
||||
def create_users(self, nb_users: int = 600) -> list[User]:
|
||||
def create_users(self) -> list[User]:
|
||||
# Create a single password hash for all users to make it faster.
|
||||
# It's insecure as hell, but it's ok since it's only for dev purposes.
|
||||
password = make_password("plop")
|
||||
@@ -114,7 +108,7 @@ class Command(BaseCommand):
|
||||
address=self.faker.address(),
|
||||
password=password,
|
||||
)
|
||||
for _ in range(nb_users)
|
||||
for _ in range(600)
|
||||
]
|
||||
# there may a duplicate or two
|
||||
# Not a problem, we will just have 599 users instead of 600
|
||||
@@ -421,9 +415,8 @@ class Command(BaseCommand):
|
||||
Permanency.objects.bulk_create(perms)
|
||||
|
||||
def create_forums(self):
|
||||
users = list(User.objects.all())
|
||||
forumers = random.sample(users, math.ceil(len(users) / 10))
|
||||
most_actives = random.sample(forumers, math.ceil(len(forumers) / 6))
|
||||
forumers = random.sample(list(User.objects.all()), 100)
|
||||
most_actives = random.sample(forumers, 10)
|
||||
categories = list(Forum.objects.filter(is_category=True))
|
||||
new_forums = [
|
||||
Forum(name=self.faker.text(20), parent=random.choice(categories))
|
||||
|
||||
@@ -19,6 +19,16 @@ from core.utils import get_last_promo, is_image
|
||||
NonEmptyStr = Annotated[str, MinLen(1)]
|
||||
|
||||
|
||||
class ValidationErrorSchema(Schema):
|
||||
class ValidationErrorItem(Schema):
|
||||
loc: list[str | int]
|
||||
msg: str
|
||||
type: str
|
||||
ctx: dict[str, str]
|
||||
|
||||
detail: list[ValidationErrorItem]
|
||||
|
||||
|
||||
class UploadedImage(UploadedFile):
|
||||
@classmethod
|
||||
def _validate(cls, v: Any, info: ValidationInfo) -> Any:
|
||||
|
||||
@@ -25,7 +25,7 @@ export function limitedChoices(Alpine: AlpineType) {
|
||||
Alpine.directive(
|
||||
"limited-choices",
|
||||
(el, { expression }, { evaluateLater, effect }) => {
|
||||
const getMaxChoices = evaluateLater(expression);
|
||||
const getMaxChoices = evaluateLater<string>(expression);
|
||||
let maxChoices: number;
|
||||
const inputs: HTMLInputElement[] = Array.from(
|
||||
el.querySelectorAll("input[type='checkbox']"),
|
||||
@@ -54,7 +54,7 @@ export function limitedChoices(Alpine: AlpineType) {
|
||||
});
|
||||
}
|
||||
effect(() => {
|
||||
getMaxChoices((value: string) => {
|
||||
getMaxChoices((value) => {
|
||||
const previousValue = maxChoices;
|
||||
maxChoices = Number.parseInt(value, 10);
|
||||
if (maxChoices < previousValue) {
|
||||
|
||||
@@ -43,13 +43,19 @@ polyfillCountryFlagEmojis();
|
||||
/**
|
||||
* HTMX
|
||||
*/
|
||||
document.body.addEventListener("htmx:beforeRequest", (event: CustomEvent) => {
|
||||
event.detail.target.ariaBusy = true;
|
||||
});
|
||||
document.body.addEventListener(
|
||||
"htmx:beforeRequest" as keyof HTMLElementEventMap,
|
||||
(event) => {
|
||||
(event as CustomEvent).detail.target.ariaBusy = true;
|
||||
},
|
||||
);
|
||||
|
||||
document.body.addEventListener("htmx:beforeSwap", (event: CustomEvent) => {
|
||||
event.detail.target.ariaBusy = null;
|
||||
});
|
||||
document.body.addEventListener(
|
||||
"htmx:beforeSwap" as keyof HTMLElementEventMap,
|
||||
(event) => {
|
||||
(event as CustomEvent).detail.target.ariaBusy = null;
|
||||
},
|
||||
);
|
||||
|
||||
Object.assign(window, { htmx });
|
||||
|
||||
|
||||
@@ -4,9 +4,9 @@ import type {
|
||||
TomLoadCallback,
|
||||
TomOption,
|
||||
TomSettings,
|
||||
} from "tom-select/dist/types/types";
|
||||
import type { escape_html } from "tom-select/dist/types/utils";
|
||||
import { inheritHtmlElement } from "#core:utils/web-components.ts";
|
||||
} from "tom-select/src/types";
|
||||
import type { escape_html } from "tom-select/src/utils";
|
||||
import { inheritHtmlElement } from "#core:utils/web-components";
|
||||
|
||||
export class AutoCompleteSelectBase extends inheritHtmlElement("select") {
|
||||
static observedAttributes = [
|
||||
@@ -15,7 +15,7 @@ export class AutoCompleteSelectBase extends inheritHtmlElement("select") {
|
||||
"max",
|
||||
"min-characters-for-search",
|
||||
];
|
||||
public widget: TomSelect;
|
||||
public widget!: TomSelect;
|
||||
|
||||
protected minCharNumberForSearch = 0;
|
||||
protected delay: number | null = null;
|
||||
@@ -24,8 +24,8 @@ export class AutoCompleteSelectBase extends inheritHtmlElement("select") {
|
||||
|
||||
protected attributeChangedCallback(
|
||||
name: string,
|
||||
_oldValue?: string,
|
||||
newValue?: string,
|
||||
_oldValue: string,
|
||||
newValue: string,
|
||||
) {
|
||||
switch (name) {
|
||||
case "delay": {
|
||||
@@ -73,7 +73,7 @@ export class AutoCompleteSelectBase extends inheritHtmlElement("select") {
|
||||
persist: false,
|
||||
maxItems: this.node.multiple ? this.max : 1,
|
||||
closeAfterSelect: true,
|
||||
loadThrottle: this.delay,
|
||||
loadThrottle: this.delay ?? undefined,
|
||||
placeholder: this.placeholder,
|
||||
shouldLoad: (query: string) => this.shouldLoad(query), // wraps the method to avoid shadowing `this` by the one from tom-select
|
||||
render: {
|
||||
@@ -103,7 +103,7 @@ export class AutoCompleteSelectBase extends inheritHtmlElement("select") {
|
||||
}
|
||||
|
||||
export abstract class AjaxSelect extends AutoCompleteSelectBase {
|
||||
protected filter?: (items: TomOption[]) => TomOption[] = null;
|
||||
protected filter?: (items: TomOption[]) => TomOption[];
|
||||
protected minCharNumberForSearch = 2;
|
||||
/**
|
||||
* A cache of researches that have been made using this input.
|
||||
|
||||
@@ -1,11 +1,12 @@
|
||||
// @ts-expect-error TS2882
|
||||
import "tom-select/dist/css/tom-select.default.css";
|
||||
import type { TomOption } from "tom-select/dist/types/types";
|
||||
import type { escape_html } from "tom-select/dist/types/utils";
|
||||
import type { TomOption } from "tom-select/src/types";
|
||||
import type { escape_html } from "tom-select/src/utils";
|
||||
import {
|
||||
AjaxSelect,
|
||||
AutoCompleteSelectBase,
|
||||
} from "#core:core/components/ajax-select-base.ts";
|
||||
import { registerComponent } from "#core:utils/web-components.ts";
|
||||
} from "#core:core/components/ajax-select-base";
|
||||
import { registerComponent } from "#core:utils/web-components";
|
||||
import {
|
||||
type GroupSchema,
|
||||
groupSearchGroup,
|
||||
|
||||
@@ -1,11 +1,13 @@
|
||||
// @ts-expect-error 2307
|
||||
// biome-ignore lint/correctness/noUndeclaredDependencies: shipped by easymde
|
||||
import "codemirror/lib/codemirror.css";
|
||||
// @ts-expect-error 2307
|
||||
import "easymde/src/css/easymde.css";
|
||||
// biome-ignore lint/correctness/noUndeclaredDependencies: Imported by EasyMDE
|
||||
import type CodeMirror from "codemirror";
|
||||
// biome-ignore lint/style/useNamingConvention: This is how they called their namespace
|
||||
import EasyMDE from "easymde";
|
||||
import { inheritHtmlElement, registerComponent } from "#core:utils/web-components.ts";
|
||||
import { inheritHtmlElement, registerComponent } from "#core:utils/web-components";
|
||||
import {
|
||||
markdownRenderMarkdown,
|
||||
type UploadUploadImageErrors,
|
||||
@@ -25,11 +27,11 @@ const loadEasyMde = (textarea: HTMLTextAreaElement) => {
|
||||
file: file,
|
||||
},
|
||||
});
|
||||
if (!response.response.ok) {
|
||||
if (response.response.status === 422) {
|
||||
if (response.response !== undefined && !response.response.ok) {
|
||||
if (response?.response.status === 422) {
|
||||
onError(
|
||||
(response.error as UploadUploadImageErrors[422]).detail
|
||||
.map((err: Record<"ctx", Record<"error", string>>) => err.ctx.error)
|
||||
.map((err) => err.ctx.error)
|
||||
.join(" ; "),
|
||||
);
|
||||
} else if (response.response.status === 403) {
|
||||
@@ -39,6 +41,10 @@ const loadEasyMde = (textarea: HTMLTextAreaElement) => {
|
||||
}
|
||||
return;
|
||||
}
|
||||
if (response.data === undefined) {
|
||||
// this can't happen, it's just for the type checker to know
|
||||
return;
|
||||
}
|
||||
onSuccess(response.data.href);
|
||||
// Workaround function to add an image name to uploaded image
|
||||
// Without this, you get  instead of 
|
||||
@@ -58,21 +64,18 @@ const loadEasyMde = (textarea: HTMLTextAreaElement) => {
|
||||
});
|
||||
easymde.codemirror.replaceSelection("\n");
|
||||
},
|
||||
previewRender: (plainText: string, preview: MarkdownInput) => {
|
||||
previewRender: (plainText, preview) => {
|
||||
/* This is wrapped this way to allow time for Alpine to be loaded on the page */
|
||||
return Alpine.debounce((plainText: string, preview: MarkdownInput) => {
|
||||
const func = async (
|
||||
plainText: string,
|
||||
preview: MarkdownInput,
|
||||
): Promise<null> => {
|
||||
return Alpine.debounce(() => {
|
||||
const func = async () => {
|
||||
preview.innerHTML = (
|
||||
await markdownRenderMarkdown({ body: { text: plainText } })
|
||||
).data as string;
|
||||
return null;
|
||||
};
|
||||
func(plainText, preview);
|
||||
func().then();
|
||||
return null;
|
||||
}, 300)(plainText, preview);
|
||||
}, 300)();
|
||||
},
|
||||
forceSync: true, // Avoid validation error on generic create view
|
||||
imageTexts: {
|
||||
@@ -222,9 +225,11 @@ const loadEasyMde = (textarea: HTMLTextAreaElement) => {
|
||||
});
|
||||
|
||||
const submits: HTMLInputElement[] = Array.from(
|
||||
textarea.closest("form").querySelectorAll('input[type="submit"]'),
|
||||
(textarea.closest("form") as HTMLFormElement).querySelectorAll(
|
||||
'input[type="submit"]',
|
||||
),
|
||||
);
|
||||
const parentDiv = textarea.parentElement.parentElement;
|
||||
const parentDiv = textarea.parentElement?.parentElement as HTMLElement;
|
||||
|
||||
function checkMarkdownInput(event: Event) {
|
||||
// an attribute is null if it does not exist, else a string
|
||||
@@ -249,6 +254,7 @@ const loadEasyMde = (textarea: HTMLTextAreaElement) => {
|
||||
};
|
||||
|
||||
@registerComponent("markdown-input")
|
||||
// biome-ignore lint/correctness/noUnusedVariables: it is used in jinja
|
||||
class MarkdownInput extends inheritHtmlElement("textarea") {
|
||||
connectedCallback() {
|
||||
super.connectedCallback();
|
||||
|
||||
@@ -2,7 +2,7 @@ import {
|
||||
type InheritedHtmlElement,
|
||||
inheritHtmlElement,
|
||||
registerComponent,
|
||||
} from "#core:utils/web-components.ts";
|
||||
} from "#core:utils/web-components";
|
||||
|
||||
/**
|
||||
* ElementOnce web components
|
||||
@@ -28,7 +28,7 @@ export function elementOnce<K extends keyof HTMLElementTagNameMap>(tagName: K) {
|
||||
|
||||
clearNode() {
|
||||
while (this.firstChild) {
|
||||
this.removeChild(this.lastChild);
|
||||
this.removeChild(this.lastChild as ChildNode);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -130,7 +130,7 @@ startObserver(observer);
|
||||
export class LinkOnce extends elementOnce("link") {
|
||||
getElementQuerySelector(): string {
|
||||
// We get href from node.attributes instead of node.href to avoid getting the domain part
|
||||
return `link[href='${this.node.attributes.getNamedItem("href").nodeValue}']`;
|
||||
return `link[href='${this.node.attributes.getNamedItem("href")?.nodeValue}']`;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -142,6 +142,6 @@ export class LinkOnce extends elementOnce("link") {
|
||||
export class ScriptOnce extends inheritHtmlElement("script") {
|
||||
getElementQuerySelector(): string {
|
||||
// We get href from node.attributes instead of node.src to avoid getting the domain part
|
||||
return `script[src='${this.node.attributes.getNamedItem("src").nodeValue}']`;
|
||||
return `script[src='${this.node.attributes.getNamedItem("src")?.nodeValue}']`;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import { inheritHtmlElement, registerComponent } from "#core:utils/web-components.ts";
|
||||
import { inheritHtmlElement, registerComponent } from "#core:utils/web-components";
|
||||
|
||||
@registerComponent("nfc-input")
|
||||
export class NfcInput extends inheritHtmlElement("input") {
|
||||
@@ -26,9 +26,11 @@ export class NfcInput extends inheritHtmlElement("input") {
|
||||
window.alert(gettext("Unsupported NFC card"));
|
||||
});
|
||||
|
||||
ndef.addEventListener("reading", (event: NDEFReadingEvent) => {
|
||||
ndef.addEventListener("reading", (event) => {
|
||||
this.removeAttribute("scan");
|
||||
this.node.value = event.serialNumber.replace(/:/g, "").toUpperCase();
|
||||
this.node.value = (event as NDEFReadingEvent).serialNumber
|
||||
.replace(/:/g, "")
|
||||
.toUpperCase();
|
||||
/* Auto submit form, we need another button to not trigger our previously defined click event */
|
||||
const submit = document.createElement("button");
|
||||
this.node.appendChild(submit);
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
import { html, render } from "lit-html";
|
||||
import { unsafeHTML } from "lit-html/directives/unsafe-html.js";
|
||||
import { registerComponent } from "#core:utils/web-components.ts";
|
||||
import { registerComponent } from "#core:utils/web-components";
|
||||
|
||||
@registerComponent("ui-tab")
|
||||
export class Tab extends HTMLElement {
|
||||
@@ -19,7 +19,7 @@ export class Tab extends HTMLElement {
|
||||
}
|
||||
|
||||
if (name === "title") {
|
||||
this.description = newValue;
|
||||
this.description = newValue ?? "";
|
||||
}
|
||||
this.dispatchEvent(new CustomEvent("ui-tab-updated", { bubbles: true }));
|
||||
}
|
||||
@@ -79,15 +79,15 @@ export class Tab extends HTMLElement {
|
||||
|
||||
@registerComponent("ui-tab-group")
|
||||
export class TabGroup extends HTMLElement {
|
||||
private node: HTMLDivElement;
|
||||
private node!: HTMLDivElement;
|
||||
|
||||
connectedCallback() {
|
||||
this.node = document.createElement("div");
|
||||
this.node.classList.add("tabs", "shadow");
|
||||
this.appendChild(this.node);
|
||||
|
||||
this.addEventListener("ui-tab-activated", (event: CustomEvent) => {
|
||||
const target = event.detail as Tab;
|
||||
this.addEventListener("ui-tab-activated", (event) => {
|
||||
const target = (event as CustomEvent).detail as Tab;
|
||||
for (const tab of this.getElementsByTagName("ui-tab") as HTMLCollectionOf<Tab>) {
|
||||
if (tab !== target) {
|
||||
tab.setActive(false);
|
||||
|
||||
@@ -26,19 +26,23 @@ document.addEventListener("alpine:init", () => {
|
||||
* `counter/templates/counter/product_form.jinja`
|
||||
*/
|
||||
Alpine.data("dynamicFormSet", (config?: Config) => ({
|
||||
formContainer: undefined as unknown as HTMLElement,
|
||||
nbForms: 0,
|
||||
template: undefined as unknown as HTMLTemplateElement,
|
||||
|
||||
init() {
|
||||
this.formContainer = this.$refs.formContainer as HTMLElement;
|
||||
this.nbForms = this.formContainer.children.length as number;
|
||||
this.template = this.$refs.formTemplate as HTMLTemplateElement;
|
||||
const prefix = config?.prefix ?? "form";
|
||||
this.$root
|
||||
.querySelector(`#id_${prefix}-TOTAL_FORMS`)
|
||||
.setAttribute(":value", "nbForms");
|
||||
(
|
||||
this.$root.querySelector(`#id_${prefix}-TOTAL_FORMS`) as HTMLFormElement
|
||||
).setAttribute(":value", "nbForms");
|
||||
},
|
||||
|
||||
addForm() {
|
||||
this.formContainer.appendChild(document.importNode(this.template.content, true));
|
||||
const newForm = this.formContainer.lastElementChild;
|
||||
const newForm = this.formContainer.lastElementChild as Element;
|
||||
const inputs: NodeListOf<HTMLFormInputElement> = newForm.querySelectorAll(
|
||||
"input, select, textarea",
|
||||
);
|
||||
@@ -59,7 +63,7 @@ document.addEventListener("alpine:init", () => {
|
||||
this.nbForms -= 1;
|
||||
// adjust the id of remaining forms
|
||||
for (let i = 0; i < this.nbForms; i++) {
|
||||
const form: HTMLDivElement = this.formContainer.children[i];
|
||||
const form = this.formContainer.children[i];
|
||||
const inputs: NodeListOf<HTMLFormInputElement> = form.querySelectorAll(
|
||||
"input, select, textarea",
|
||||
);
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
function showMenu() {
|
||||
const navbar = document.getElementById("navbar-content");
|
||||
const navbar = document.getElementById("navbar-content") as HTMLElement;
|
||||
const current = navbar.getAttribute("mobile-display");
|
||||
navbar.setAttribute("mobile-display", current === "hidden" ? "revealed" : "hidden");
|
||||
}
|
||||
@@ -20,9 +20,12 @@ function navbarInit() {
|
||||
item.removeAttribute("open");
|
||||
}
|
||||
});
|
||||
item.addEventListener("click", (event: MouseEvent) => {
|
||||
item.addEventListener("click", (event) => {
|
||||
// Don't close when clicking on desktop mode
|
||||
if ((event.target as HTMLElement).nodeName !== "SUMMARY" || event.detail === 0) {
|
||||
if (
|
||||
(event.target as HTMLElement).nodeName !== "SUMMARY" ||
|
||||
(event as MouseEvent).detail === 0
|
||||
) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
// @ts-expect-error 2307 this dependency does exist, but it's a little bit wacky
|
||||
import clip from "@arendjr/text-clipper";
|
||||
|
||||
/*
|
||||
|
||||
@@ -70,15 +70,16 @@ function createTooltip(element: HTMLElement) {
|
||||
function updateTooltip(element: HTMLElement, tooltip: HTMLElement, status: Status) {
|
||||
// Update tooltip status and set it's attributes and content
|
||||
tooltip.setAttribute("tooltip-status", status);
|
||||
tooltip.innerText = element.getAttribute("tooltip");
|
||||
tooltip.innerText = element.getAttribute("tooltip") as string;
|
||||
|
||||
for (const attributes of [
|
||||
{ src: "tooltip-class", dst: "class", default: ["tooltip"] },
|
||||
{ src: "tooltip-id", dst: "id", default: [] },
|
||||
]) {
|
||||
const populated = attributes.default;
|
||||
if (element.hasAttribute(attributes.src)) {
|
||||
populated.push(...element.getAttribute(attributes.src).split(" "));
|
||||
const attr = element.getAttribute(attributes.src);
|
||||
if (attr !== null) {
|
||||
populated.push(...attr.split(" "));
|
||||
}
|
||||
tooltip.setAttribute(attributes.dst, populated.join(" "));
|
||||
}
|
||||
@@ -93,7 +94,7 @@ function getTooltip(element: HTMLElement) {
|
||||
return tooltip;
|
||||
}
|
||||
|
||||
function tooltipMouseover(event: MouseEvent) {
|
||||
function tooltipMouseover(event: Event) {
|
||||
// We get the closest tooltip to have a consistent behavior
|
||||
// when hovering over a child element of a tooltip marked element
|
||||
const target = (event.target as HTMLElement).closest("[tooltip]") as HTMLElement;
|
||||
@@ -111,7 +112,7 @@ function tooltipMouseover(event: MouseEvent) {
|
||||
});
|
||||
}
|
||||
|
||||
function tooltipMouseout(event: MouseEvent) {
|
||||
function tooltipMouseout(event: Event) {
|
||||
// We get the closest tooltip to have a consistent behavior
|
||||
// when hovering over a child element of a tooltip marked element
|
||||
const target = (event.target as HTMLElement).closest("[tooltip]") as HTMLElement;
|
||||
@@ -141,7 +142,7 @@ new MutationObserver((mutations: MutationRecord[]) => {
|
||||
}
|
||||
} else if (tooltips.has(target)) {
|
||||
// Remove corresponding tooltip
|
||||
tooltips.get(target).remove();
|
||||
tooltips.get(target)?.remove();
|
||||
tooltips.delete(target);
|
||||
}
|
||||
}
|
||||
@@ -163,7 +164,7 @@ new MutationObserver((mutations: MutationRecord[]) => {
|
||||
continue;
|
||||
}
|
||||
if (tooltips.has(target)) {
|
||||
tooltips.get(target).remove();
|
||||
tooltips.get(target)?.remove();
|
||||
tooltips.delete(target);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,20 +1,13 @@
|
||||
import cytoscape, {
|
||||
type ElementDefinition,
|
||||
type NodeSingular,
|
||||
type Singular,
|
||||
} from "cytoscape";
|
||||
import cytoscape, { type ElementDefinition, type Singular } from "cytoscape";
|
||||
import cxtmenu from "cytoscape-cxtmenu";
|
||||
import klay, { type KlayLayoutOptions } from "cytoscape-klay";
|
||||
import { History, initialUrlParams, updateQueryString } from "#core:utils/history.ts";
|
||||
import { History, initialUrlParams, updateQueryString } from "#core:utils/history";
|
||||
import { familyGetFamilyGraph, type UserProfileSchema } from "#openapi";
|
||||
|
||||
cytoscape.use(klay);
|
||||
cytoscape.use(cxtmenu);
|
||||
|
||||
type GraphData = (
|
||||
| { data: UserProfileSchema }
|
||||
| { data: { source: number; target: number } }
|
||||
)[];
|
||||
type GraphData = { data: UserProfileSchema | { source: number; target: number } }[];
|
||||
|
||||
function isMobile() {
|
||||
return window.innerWidth < 500;
|
||||
@@ -27,10 +20,8 @@ async function getGraphData(
|
||||
): Promise<GraphData> {
|
||||
const data = (
|
||||
await familyGetFamilyGraph({
|
||||
path: {
|
||||
// biome-ignore lint/style/useNamingConvention: api is snake_case
|
||||
user_id: userId,
|
||||
},
|
||||
path: { user_id: userId },
|
||||
query: {
|
||||
// biome-ignore lint/style/useNamingConvention: api is snake_case
|
||||
godfathers_depth: godfathersDepth,
|
||||
@@ -39,6 +30,10 @@ async function getGraphData(
|
||||
},
|
||||
})
|
||||
).data;
|
||||
if (data === undefined) {
|
||||
console.error("Family graph request failed");
|
||||
return [];
|
||||
}
|
||||
return [
|
||||
...data.users.map((user) => {
|
||||
return { data: user };
|
||||
@@ -155,7 +150,7 @@ function createGraph(container: HTMLDivElement, data: GraphData, activeUserId: n
|
||||
{
|
||||
content: '<i class="fa fa-external-link fa-2x"></i>',
|
||||
select: (el) => {
|
||||
window.open(el.data().profile_url, "_blank").focus();
|
||||
window.open(el.data().profile_url, "_blank")?.focus();
|
||||
},
|
||||
},
|
||||
|
||||
@@ -195,12 +190,12 @@ document.addEventListener("alpine:init", () => {
|
||||
godfathersDepth: 0,
|
||||
godchildrenDepth: 0,
|
||||
reverse: initialUrlParams.get("reverse")?.toLowerCase?.() === "true",
|
||||
graph: undefined as cytoscape.Core,
|
||||
graphData: {},
|
||||
graph: undefined as unknown as cytoscape.Core,
|
||||
graphData: {} as GraphData,
|
||||
isZoomEnabled: !isMobile(),
|
||||
|
||||
getInitialDepth(prop: string) {
|
||||
const value = Number.parseInt(initialUrlParams.get(prop), 10);
|
||||
const value = Number.parseInt(initialUrlParams.get(prop) as string, 10);
|
||||
if (Number.isNaN(value) || value < config.depthMin || value > config.depthMax) {
|
||||
return defaultDepth;
|
||||
}
|
||||
@@ -223,8 +218,8 @@ document.addEventListener("alpine:init", () => {
|
||||
await delayedFetch();
|
||||
});
|
||||
}
|
||||
this.$watch("reverse", async (value: number) => {
|
||||
updateQueryString("reverse", value.toString(), History.Replace);
|
||||
this.$watch("reverse", async (newValue, _oldValue) => {
|
||||
updateQueryString("reverse", newValue.toString(), History.Replace);
|
||||
await this.reverseGraph();
|
||||
});
|
||||
this.$watch("graphData", async () => {
|
||||
@@ -259,9 +254,9 @@ document.addEventListener("alpine:init", () => {
|
||||
},
|
||||
|
||||
async reverseGraph() {
|
||||
this.graph.elements((el: NodeSingular) => {
|
||||
el.position({ x: -el.position().x, y: -el.position().y });
|
||||
});
|
||||
this.graph
|
||||
.elements()
|
||||
.positions((el, _) => ({ x: -el.position().x, y: -el.position().y }));
|
||||
this.graph.center(this.graph.elements());
|
||||
},
|
||||
|
||||
|
||||
@@ -5,9 +5,9 @@ interface AlertParams {
|
||||
|
||||
export class AlertMessage {
|
||||
public open: boolean;
|
||||
public success: boolean;
|
||||
public success!: boolean;
|
||||
public content: string;
|
||||
private timeoutId?: number;
|
||||
private timeoutId: number | null;
|
||||
private readonly defaultDuration: number;
|
||||
|
||||
constructor(params?: { defaultDuration: number }) {
|
||||
|
||||
@@ -37,6 +37,10 @@ export const paginated = async <T>(
|
||||
queryParams.query.page = 1;
|
||||
|
||||
const firstPage = (await endpoint(queryParams)).data;
|
||||
if (firstPage === undefined) {
|
||||
console.error(`Request to "${options?.url}" failed`);
|
||||
return [];
|
||||
}
|
||||
const results = firstPage.results;
|
||||
|
||||
const nbElements = firstPage.count;
|
||||
@@ -45,9 +49,9 @@ export const paginated = async <T>(
|
||||
if (nbPages > 1) {
|
||||
const promises: Promise<T[]>[] = [];
|
||||
for (let i = 2; i <= nbPages; i++) {
|
||||
const nextPage = structuredClone(queryParams);
|
||||
const nextPage = structuredClone(queryParams) as Required<PaginatedRequest>;
|
||||
nextPage.query.page = i;
|
||||
promises.push(endpoint(nextPage).then((res) => res.data.results));
|
||||
promises.push(endpoint(nextPage).then((res) => res.data?.results ?? []));
|
||||
}
|
||||
results.push(...(await Promise.all(promises)).flat());
|
||||
}
|
||||
@@ -61,8 +65,7 @@ interface Request extends TDataShape {
|
||||
interface InterceptorOptions {
|
||||
url: string;
|
||||
}
|
||||
|
||||
type GenericEndpoint = <ThrowOnError extends boolean = false>(
|
||||
export type GenericEndpoint = <ThrowOnError extends boolean = false>(
|
||||
options?: Options<Request, ThrowOnError>,
|
||||
) => RequestResult<unknown, unknown, ThrowOnError>;
|
||||
|
||||
@@ -71,7 +74,7 @@ type GenericEndpoint = <ThrowOnError extends boolean = false>(
|
||||
**/
|
||||
export const makeUrl = async (endpoint: GenericEndpoint) => {
|
||||
let url = "";
|
||||
const interceptor = (_request: undefined, options: InterceptorOptions) => {
|
||||
const interceptor = (_request: Request, options: InterceptorOptions) => {
|
||||
url = options.url;
|
||||
throw new Error("We don't want to send the request");
|
||||
};
|
||||
|
||||
@@ -7,14 +7,14 @@ interface StringifyOptions<T extends object> {
|
||||
titleRow?: readonly string[];
|
||||
}
|
||||
|
||||
function getNested<T extends object>(obj: T, key: NestedKeyOf<T>) {
|
||||
const path: (keyof object)[] = key.split(".") as (keyof unknown)[];
|
||||
let res = obj[path.shift() as keyof T];
|
||||
function getNested<T extends { [key: string]: unknown }>(obj: T, key: NestedKeyOf<T>) {
|
||||
const path = key.split(".");
|
||||
let res = obj[path.shift() as string] as { [key: string]: unknown } | undefined;
|
||||
for (const node of path) {
|
||||
if (res === null) {
|
||||
if (res === undefined) {
|
||||
break;
|
||||
}
|
||||
res = res[node];
|
||||
res = res[node] as { [key: string]: unknown } | undefined;
|
||||
}
|
||||
return res;
|
||||
}
|
||||
@@ -29,18 +29,21 @@ function sanitizeCell(content: string): string {
|
||||
}
|
||||
|
||||
export const csv = {
|
||||
stringify: <T extends object>(objs: T[], options?: StringifyOptions<T>) => {
|
||||
const columns = options.columns;
|
||||
stringify: <T extends { [key: string]: unknown }>(
|
||||
objs: T[],
|
||||
options?: StringifyOptions<T>,
|
||||
) => {
|
||||
const columns = options?.columns;
|
||||
const content = objs
|
||||
.map((obj) => {
|
||||
return columns
|
||||
return (columns ?? [])
|
||||
.map((col) => {
|
||||
return sanitizeCell((getNested(obj, col) ?? "").toString());
|
||||
})
|
||||
.join(",");
|
||||
})
|
||||
.join("\n");
|
||||
if (!options.titleRow) {
|
||||
if (!options?.titleRow) {
|
||||
return content;
|
||||
}
|
||||
const firstRow = options.titleRow.map(sanitizeCell).join(",");
|
||||
|
||||
@@ -29,6 +29,7 @@ export function registerComponent(name: string, options?: ElementDefinitionOptio
|
||||
export interface InheritedHtmlElement<K extends keyof HTMLElementTagNameMap>
|
||||
extends HTMLElement {
|
||||
readonly inheritedTagName: K;
|
||||
// readonly initializedAttribute: "component-initialized";
|
||||
node: HTMLElementTagNameMap[K];
|
||||
}
|
||||
|
||||
@@ -47,8 +48,8 @@ export function inheritHtmlElement<K extends keyof HTMLElementTagNameMap>(tagNam
|
||||
implements InheritedHtmlElement<K>
|
||||
{
|
||||
readonly inheritedTagName = tagName;
|
||||
private readonly initializedAttribute = "component-initialized";
|
||||
node: HTMLElementTagNameMap[K];
|
||||
readonly initializedAttribute = "component-initialized";
|
||||
node!: HTMLElementTagNameMap[K];
|
||||
|
||||
connectedCallback(autoAddNode?: boolean) {
|
||||
// When nesting inherited elements, we might trigger the wrapping twice
|
||||
|
||||
@@ -1,13 +0,0 @@
|
||||
import contextlib
|
||||
import os
|
||||
|
||||
import pytest
|
||||
from django.core.management import call_command
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_populate_more(settings):
|
||||
"""Just check that populate more doesn't crash"""
|
||||
settings.DEBUG = True
|
||||
with open(os.devnull, "w") as devnull, contextlib.redirect_stdout(devnull):
|
||||
call_command("populate_more", "--nb-users", "50")
|
||||
+3
-40
@@ -12,31 +12,21 @@
|
||||
# OR WITHIN THE LOCAL FILE "LICENSE"
|
||||
#
|
||||
#
|
||||
from __future__ import annotations
|
||||
|
||||
import hmac
|
||||
from datetime import date, timedelta
|
||||
|
||||
# Image utils
|
||||
from io import BytesIO
|
||||
from typing import TYPE_CHECKING
|
||||
from urllib.parse import urlencode
|
||||
from typing import Final
|
||||
|
||||
import PIL
|
||||
from django.conf import settings
|
||||
from django.core.files.base import ContentFile
|
||||
from django.core.files.uploadedfile import UploadedFile
|
||||
from django.http import HttpRequest
|
||||
from django.utils.timezone import localdate
|
||||
from PIL.Image import Image, Resampling
|
||||
|
||||
if TYPE_CHECKING:
|
||||
from _hashlib import HASH
|
||||
from collections.abc import Buffer, Mapping, Sequence
|
||||
from typing import Any, Callable, Final
|
||||
|
||||
from django.core.files.uploadedfile import UploadedFile
|
||||
from django.http import HttpRequest
|
||||
|
||||
|
||||
RED_PIXEL_PNG: Final[bytes] = (
|
||||
b"\x89\x50\x4e\x47\x0d\x0a\x1a\x0a\x00\x00\x00\x0d\x49\x48\x44\x52"
|
||||
b"\x00\x00\x00\x01\x00\x00\x00\x01\x08\x02\x00\x00\x00\x90\x77\x53"
|
||||
@@ -198,30 +188,3 @@ def get_client_ip(request: HttpRequest) -> str | None:
|
||||
return ip
|
||||
|
||||
return None
|
||||
|
||||
|
||||
def hmac_hexdigest(
|
||||
key: str | bytes,
|
||||
data: Mapping[str, Any] | Sequence[tuple[str, Any]],
|
||||
digest: str | Callable[[Buffer], HASH] = "sha512",
|
||||
) -> str:
|
||||
"""Return the hexdigest of the signature of the given data.
|
||||
|
||||
Args:
|
||||
key: the HMAC key used for the signature
|
||||
data: the data to sign
|
||||
digest: a PEP247 hashing algorithm (by default, sha512)
|
||||
|
||||
Examples:
|
||||
```python
|
||||
data = {
|
||||
"foo": 5,
|
||||
"bar": "somevalue",
|
||||
}
|
||||
hmac_key = secrets.token_hex(64)
|
||||
signature = hmac_hexdigest(hmac_key, data, "sha256")
|
||||
```
|
||||
"""
|
||||
if isinstance(key, str):
|
||||
key = key.encode()
|
||||
return hmac.digest(key, urlencode(data).encode(), digest).hex()
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
import type { TomOption } from "tom-select/dist/types/types";
|
||||
import type { escape_html } from "tom-select/dist/types/utils";
|
||||
import { AjaxSelect } from "#core:core/components/ajax-select-base.ts";
|
||||
import { registerComponent } from "#core:utils/web-components.ts";
|
||||
import type { TomOption } from "tom-select/src/types";
|
||||
import type { escape_html } from "tom-select/src/utils";
|
||||
import { AjaxSelect } from "#core:core/components/ajax-select-base";
|
||||
import { registerComponent } from "#core:utils/web-components";
|
||||
import {
|
||||
type CounterSchema,
|
||||
counterSearchCounter,
|
||||
@@ -28,14 +28,18 @@ export class ProductAjaxSelect extends AjaxSelect {
|
||||
return [];
|
||||
}
|
||||
|
||||
private getName(item: SimpleProductSchema, sanitize: typeof escape_html): string {
|
||||
return item.code ? `${sanitize(item.code)} - ${sanitize(item.name)}` : item.name;
|
||||
}
|
||||
|
||||
protected renderOption(item: SimpleProductSchema, sanitize: typeof escape_html) {
|
||||
return `<div class="select-item">
|
||||
<span class="select-item-text">${sanitize(item.code)} - ${sanitize(item.name)}</span>
|
||||
<span class="select-item-text">${this.getName(item, sanitize)}</span>
|
||||
</div>`;
|
||||
}
|
||||
|
||||
protected renderItem(item: SimpleProductSchema, sanitize: typeof escape_html) {
|
||||
return `<span>${sanitize(item.code)} - ${sanitize(item.name)}</span>`;
|
||||
return `<span>${this.getName(item, sanitize)}</span>`;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -44,7 +48,7 @@ export class ProductTypeAjaxSelect extends AjaxSelect {
|
||||
protected valueField = "id";
|
||||
protected labelField = "name";
|
||||
protected searchField = ["name"];
|
||||
private productTypes = null as ProductTypeSchema[];
|
||||
private productTypes = null as ProductTypeSchema[] | null;
|
||||
|
||||
protected async search(query: string): Promise<TomOption[]> {
|
||||
// The production database has a grand total of 26 product types
|
||||
@@ -52,7 +56,7 @@ export class ProductTypeAjaxSelect extends AjaxSelect {
|
||||
// Thus, it's appropriate to fetch all product types during first use,
|
||||
// then to reuse the result again and again.
|
||||
if (this.productTypes === null) {
|
||||
this.productTypes = (await producttypeFetchAll()).data || null;
|
||||
this.productTypes = (await producttypeFetchAll()).data || [];
|
||||
}
|
||||
return this.productTypes.filter((t) =>
|
||||
t.name.toLowerCase().includes(query.toLowerCase()),
|
||||
|
||||
@@ -59,7 +59,7 @@ export class CounterProductSelect extends AutoCompleteSelectBase {
|
||||
return onOptionSelect.call(
|
||||
this.widget,
|
||||
evt,
|
||||
this.widget.getOption(value, true),
|
||||
this.widget.getOption(value, true) as HTMLElement,
|
||||
);
|
||||
},
|
||||
);
|
||||
@@ -70,12 +70,15 @@ export class CounterProductSelect extends AutoCompleteSelectBase {
|
||||
...super.tomSelectSettings(),
|
||||
openOnFocus: false,
|
||||
// We make searching on exact code matching a higher priority
|
||||
// We need to manually set weights or it results on an inconsistent
|
||||
// We need to manually set weights, or it results on an inconsistent
|
||||
// behavior between production and development environment
|
||||
//
|
||||
// SearchField can be an object array (according to the docs),
|
||||
// but it is unproperly typed, so we must force-cast to trick TS
|
||||
searchField: [
|
||||
{ field: "code", weight: 2 },
|
||||
{ field: "text", weight: 0.5 },
|
||||
],
|
||||
] as unknown as string[],
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,9 +1,14 @@
|
||||
import { showSaveFilePicker } from "native-file-system-adapter";
|
||||
import type TomSelect from "tom-select";
|
||||
import type { ClubAjaxSelect } from "#club:club/components/ajax-select-index";
|
||||
import type { NestedKeyOf } from "#core:types/nested-key";
|
||||
import { paginated } from "#core:utils/api";
|
||||
import { type PaginatedRequest, paginated } from "#core:utils/api";
|
||||
import { csv } from "#core:utils/csv";
|
||||
import { getCurrentUrlParams, History, updateQueryString } from "#core:utils/history";
|
||||
import type {
|
||||
CounterAjaxSelect,
|
||||
ProductTypeAjaxSelect,
|
||||
} from "#counter:counter/components/ajax-select-index";
|
||||
import {
|
||||
type ProductSchema,
|
||||
type ProductSearchProductsDetailedData,
|
||||
@@ -51,6 +56,8 @@ const csvColumnTitles = [
|
||||
gettext("archived"),
|
||||
];
|
||||
|
||||
type ProductStatus = "active" | "archived" | "both";
|
||||
|
||||
document.addEventListener("alpine:init", () => {
|
||||
Alpine.data("productList", () => ({
|
||||
loading: false,
|
||||
@@ -59,8 +66,7 @@ document.addEventListener("alpine:init", () => {
|
||||
|
||||
/** Total number of elements corresponding to the current query. */
|
||||
nbPages: 0,
|
||||
|
||||
productStatus: "" as "active" | "archived" | "both",
|
||||
productStatus: "" as ProductStatus,
|
||||
search: "",
|
||||
productTypes: [] as string[],
|
||||
clubs: [] as string[],
|
||||
@@ -71,16 +77,18 @@ document.addEventListener("alpine:init", () => {
|
||||
async init() {
|
||||
const url = getCurrentUrlParams();
|
||||
this.search = url.get("search") || "";
|
||||
this.productStatus = url.get("productStatus") ?? "active";
|
||||
const productTypesWidget = this.$refs.productTypesInput.widget as TomSelect;
|
||||
this.productStatus = (url.get("productStatus") ?? "active") as ProductStatus;
|
||||
const productTypesWidget = (this.$refs.productTypesInput as ProductTypeAjaxSelect)
|
||||
.widget as TomSelect;
|
||||
productTypesWidget.on("change", (items: string[]) => {
|
||||
this.productTypes = [...items];
|
||||
});
|
||||
const clubsWidget = this.$refs.clubsInput.widget as TomSelect;
|
||||
const clubsWidget = (this.$refs.clubsInput as ClubAjaxSelect).widget as TomSelect;
|
||||
clubsWidget.on("change", (items: string[]) => {
|
||||
this.clubs = [...items];
|
||||
});
|
||||
const countersWidget = this.$refs.countersInput.widget as TomSelect;
|
||||
const countersWidget = (this.$refs.countersInput as CounterAjaxSelect)
|
||||
.widget as TomSelect;
|
||||
countersWidget.on("change", (items: string[]) => {
|
||||
this.counters = [...items];
|
||||
});
|
||||
@@ -127,9 +135,9 @@ document.addEventListener("alpine:init", () => {
|
||||
// biome-ignore lint/style/useNamingConvention: api is in snake_case
|
||||
is_archived: isArchived,
|
||||
// biome-ignore lint/style/useNamingConvention: api is in snake_case
|
||||
product_type: [...this.productTypes],
|
||||
club: [...this.clubs],
|
||||
counter: [...this.counters],
|
||||
product_type: [...this.productTypes.map(Number.parseInt)],
|
||||
club: [...this.clubs.map(Number.parseInt)],
|
||||
counter: [...this.counters.map(Number.parseInt)],
|
||||
},
|
||||
};
|
||||
},
|
||||
@@ -141,6 +149,10 @@ document.addEventListener("alpine:init", () => {
|
||||
this.loading = true;
|
||||
const options = this.getQueryParams();
|
||||
const resp = await productSearchProductsDetailed(options);
|
||||
if (resp.data === undefined) {
|
||||
console.error("Product search request failed");
|
||||
return;
|
||||
}
|
||||
this.nbPages = Math.ceil(resp.data.count / defaultPageSize);
|
||||
this.products = resp.data.results.reduce<GroupedProducts>(
|
||||
(acc: GroupedProducts, curr: ProductSchema) => {
|
||||
@@ -172,7 +184,10 @@ document.addEventListener("alpine:init", () => {
|
||||
// If not, fetch them.
|
||||
const products: ProductSchema[] =
|
||||
this.nbPages > 1
|
||||
? await paginated(productSearchProductsDetailed, this.getQueryParams())
|
||||
? await paginated(
|
||||
productSearchProductsDetailed,
|
||||
this.getQueryParams() as PaginatedRequest,
|
||||
)
|
||||
: Object.values<ProductSchema[]>(this.products).flat();
|
||||
// CSV cannot represent nested data
|
||||
// so we create a row for each price of each product.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
import Alpine from "alpinejs";
|
||||
import { AlertMessage } from "#core:utils/alert-message.ts";
|
||||
import { AlertMessage } from "#core:utils/alert-message";
|
||||
import { producttypeReorder } from "#openapi";
|
||||
|
||||
document.addEventListener("alpine:init", () => {
|
||||
@@ -22,7 +22,7 @@ document.addEventListener("alpine:init", () => {
|
||||
const productTypes = this.$refs.productTypes
|
||||
.childNodes as NodeListOf<HTMLLIElement>;
|
||||
const getId = (elem: HTMLLIElement) =>
|
||||
Number.parseInt(elem.getAttribute("x-sort:item"), 10);
|
||||
Number.parseInt(elem.getAttribute("x-sort:item") as string, 10);
|
||||
const query =
|
||||
newPosition === 0
|
||||
? { above: getId(productTypes.item(1)) }
|
||||
@@ -32,6 +32,10 @@ document.addEventListener("alpine:init", () => {
|
||||
path: { type_id: itemId },
|
||||
query: query,
|
||||
});
|
||||
if (response.response === undefined) {
|
||||
console.error("Product type reordering request failed");
|
||||
return;
|
||||
}
|
||||
this.openAlertMessage(response.response);
|
||||
this.loading = false;
|
||||
},
|
||||
|
||||
@@ -1 +0,0 @@
|
||||
::: api.schemas
|
||||
@@ -1 +0,0 @@
|
||||
::: api.views
|
||||
@@ -1,378 +0,0 @@
|
||||
Le site AE offre des mécanismes permettant aux applications tierces
|
||||
de récupérer les informations sur un utilisateur du site AE.
|
||||
De cette manière, il devient possible de synchroniser les informations
|
||||
qu possède l'application tierce sur l'utilisateur, directement depuis
|
||||
le site AE.
|
||||
|
||||
## Fonctionnement général
|
||||
|
||||
Pour authentifier vos utilisateurs, vous aurez besoin d'un serveur web
|
||||
et d'un client d'API (celui auquel est liée votre
|
||||
[clef d'API](./connect.md#obtenir-une-clef-dapi)).
|
||||
Deux informations vous sont nécessaires, en plus de votre clef d'API :
|
||||
|
||||
- l'id du client : vous pouvez l'obtenir soit en le demandant à l'équipe info,
|
||||
soit en appelant la route `GET /api/client/me` avec votre clef d'API
|
||||
renseignée dans le header [X-APIKey](./connect.md#x-apikey)
|
||||
- la clef HMAC du client : vous devez la demander à l'équipe info.
|
||||
|
||||
Ces deux éléments ont une fonction différente : l'id du client permet
|
||||
de dire au serveur quelle est l'application qui s'adresse à lui,
|
||||
tandis que la [clef HMAC](https://fr.wikipedia.org/wiki/HMAC)
|
||||
servira à créer une signature unique permettant de s'assurer
|
||||
que les données transmises n'ont pas été falsifiées.
|
||||
|
||||
Grâce à ces informations, vous allez pouvoir fournir le contexte nécessaire
|
||||
au site AE pour qu'il authentifie vos utilisateurs.
|
||||
|
||||
En effet, la démarche d'authentification s'effectue presque entièrement
|
||||
sur le site : le travail de l'application tierce consiste uniquement
|
||||
à fournir à l'utilisateur une url avec les bons paramètres, puis
|
||||
à recevoir la réponse du serveur si tout s'est bien passé.
|
||||
|
||||
Comme un dessin vaut parfois mieux que mille mots,
|
||||
voici les diagrammes décrivant le processus.
|
||||
L'un montre l'entièreté de la démarche ;
|
||||
l'autre dans un souci de simplicité, ne montre que ce qui est visible
|
||||
directement par l'application tierce.
|
||||
|
||||
=== "Intégralité du processus"
|
||||
|
||||
```mermaid
|
||||
sequenceDiagram
|
||||
actor User
|
||||
participant App
|
||||
User->>+App: Authentifie-moi, stp
|
||||
App-->>-User: url de connexion<br/>avec signature
|
||||
User->>+Sith: GET url
|
||||
opt Utilisateur non-connecté
|
||||
Sith->>+User: Formulaire de connexion
|
||||
User-->>-Sith: Connexion
|
||||
end
|
||||
Sith->>Sith: vérification de la signature
|
||||
Sith->>+User: Formulaire<br/>des conditions<br/>d'utilisation
|
||||
User-->>-Sith: Validation
|
||||
Sith->>+App: URL de retour<br/>avec données utilisateur
|
||||
App->>App: Traitement des <br/>données utilisateur
|
||||
App-->>-Sith: 204 OK, No content
|
||||
Sith-->>-User: Message de succès
|
||||
App--)User: Message de succès
|
||||
```
|
||||
|
||||
=== "Point de vue de l'application tierce"
|
||||
|
||||
```mermaid
|
||||
sequenceDiagram
|
||||
actor User
|
||||
participant App
|
||||
User->>+App: Authentifie-moi, stp
|
||||
App-->>-User: url de connexion<br/>avec signature
|
||||
opt
|
||||
Sith->>+App: URL de retour<br/>avec données utilisateur
|
||||
App->>App: Traitement des <br/>données utilisateur
|
||||
App-->>-Sith: 204 OK, No content
|
||||
App--)User: Message de succès
|
||||
end
|
||||
```
|
||||
|
||||
## Données attendues
|
||||
|
||||
### URL de connexion
|
||||
|
||||
L'URL de connexion que vous allez fournir à l'utilisateur doit
|
||||
être `https://ae.utbm.fr/api-link/auth/`
|
||||
et doit contenir les données décrites dans
|
||||
[`ThirdPartyAuthParamsSchema`][api.schemas.ThirdPartyAuthParamsSchema] :
|
||||
|
||||
- `client_id` (integer) : l'id de votre client, que vous pouvez obtenir
|
||||
de la manière décrite plus haut
|
||||
- `third_party_app`(string) : le nom de la plateforme pour laquelle
|
||||
l'authentification va être réalisée (si votre application est un bot
|
||||
discord, mettez la valeur "discord")
|
||||
- `privacy_link`(URL) : l'URL vers la page de politique de confidentialité
|
||||
qui s'appliquera dans le cadre de l'application
|
||||
(s'il s'agit d'un bot discord, donnez le lien vers celles de Discord)
|
||||
- `username`(string) : le pseudonyme que l'utilisateur possède sur
|
||||
votre application
|
||||
- `callback_url`(URL) : l'URL que le site AE appellera si l'authentification
|
||||
réussit
|
||||
- `signature`(string) : la signature des données de la requête.
|
||||
Il s'agit d'une signature par clef HMAC dont le fonctionnement
|
||||
est détaillé plus bas.
|
||||
|
||||
Ces données doivent être url-encodées et passées dans les paramètres GET.
|
||||
|
||||
!!!warning "URL de retour"
|
||||
|
||||
Les URLs fournies doivent être des URLs HTTP valides.
|
||||
En outre, elles doivent obligatoirement inclure la barre oblique finale.
|
||||
|
||||
=== "URL correcte ✔️"
|
||||
|
||||
`https://exemple.ae.utbm.fr/foo/`
|
||||
|
||||
=== "URL incorrecte ❌"
|
||||
|
||||
`https://exemple.ae.utbm.fr/foo`
|
||||
|
||||
!!!tip
|
||||
|
||||
Inclure l'id de votre utilisateur dans l'URL de retour
|
||||
peut être un bon moyen de l'identifier lors du callback.
|
||||
Par exemple : `GET /callback/{int:user_id}/`.
|
||||
|
||||
???Example
|
||||
|
||||
Supposons que votre client d'API soit utilisé dans le cadre d'un bot Discord,
|
||||
avec les données suivantes :
|
||||
|
||||
- l'id du client est 15
|
||||
- sa clef HMAC est "beb99dd53"
|
||||
(c'est pour l'exemple, une vraie clef sera beaucoup plus longue)
|
||||
- le pseudonyme discord de votre utilisateur est Brian
|
||||
- son id sur discord est 123456789
|
||||
- votre route de callback est `GET /callback/{int:user_id}/`,
|
||||
accessible au domaine `https://bot.ae.utbm.fr`
|
||||
|
||||
Alors les paramètres de votre URL seront :
|
||||
|
||||
| Paramètre | valeur |
|
||||
|-----------------|-----------------------------------------------------------------------|
|
||||
| client_id | 15 |
|
||||
| third_party_app | discord |
|
||||
| privacy_link | `https://discord.com/privacy` |
|
||||
| username | Brian |
|
||||
| callback_url | `https://bot.ae.utbm.fr/callback/123456789/` |
|
||||
| signature | 1a383c51060be64f07772aa42e07<br/>18ae096b8f21f2cdb4061c0834a416d12101 |
|
||||
|
||||
Et l'url fournie à l'utilisateur sera :
|
||||
|
||||
`https://ae.utbm.fr/api-link/auth/?client_id=15&third_party_app=discord
|
||||
&privacy_link=https%3A%2F%2Fdiscord.com%2Fprivacy&username=Brian
|
||||
&callback_url=https%3A%2F%2Fbot.ae.utbm.fr%2Fcallback%2F123456789%2F
|
||||
&signature=1a383c51060be64f07772aa42e0718ae096b8f21f2cdb4061c0834a416d12101`
|
||||
|
||||
### Données de retour
|
||||
|
||||
Si l'authentification réussit, le site AE enverra une requête HTTP POST
|
||||
à l'URL de retour fournie dans l'URL de connexion.
|
||||
|
||||
Le corps de la requête de callback et au format JSON
|
||||
et contient deux paires clef-valeur :
|
||||
|
||||
- `user` : les données utilisateur, telles que décrites
|
||||
par [UserProfileSchema][core.schemas.UserProfileSchema]
|
||||
- `signature` : la signature des données utilisateur
|
||||
|
||||
???Example
|
||||
|
||||
En reprenant les mêmes paramètres que dans l'exemple précédent,
|
||||
le site AE pourra renvoyer à l'application la requête suivante :
|
||||
|
||||
```http
|
||||
POST https://bot.ae.utbm.fr/callback/123456789/
|
||||
content-type: application/json
|
||||
body: {
|
||||
"user": {
|
||||
"id": 144131,
|
||||
"nick_name": "inzekitchen",
|
||||
"first_name": "Brian",
|
||||
...
|
||||
},
|
||||
"signature": "f16955bab6b805f6e1abbb98a86dfee53fed0bf812aa6513ca46cfd461b70020"
|
||||
}
|
||||
```
|
||||
|
||||
L'application doit répondre avec un des codes HTTP suivants :
|
||||
|
||||
| Code | Raison |
|
||||
|------|--------------------------------------------------------------------------------|
|
||||
| 204 | Tout s'est bien passé |
|
||||
| 403 | Les données de retour ne sont <br>pas signées ou sont mal signées |
|
||||
| 404 | L'URL de retour ne permet pas <br>d'identifier un utilisateur de l'application |
|
||||
|
||||
!!!note "Code d'erreur par défaut"
|
||||
|
||||
Si l'appel de la route fait face à plusieurs problèmes en même temps
|
||||
(par exemple, l'URL ne permet pas de retrouver votre utilisateur,
|
||||
et en plus les données sont mal signées),
|
||||
le 403 prime et doit être retourné par défaut.
|
||||
|
||||
## Signature des données
|
||||
|
||||
Les données de l'URL de connexion doivent être signées,
|
||||
et la signature de l'URL de retour doit être vérifiée.
|
||||
|
||||
Dans le deux cas, la signature est le digest HMAC-SHA512
|
||||
des données url-encodées, en utilisant la clef HMAC du client d'API.
|
||||
L'ordre dans lequel ces données sont placées dans l'encodage URL
|
||||
doit être strictement le même que celui donné plus haut.
|
||||
|
||||
???Example "Signature de l'URL de connexion"
|
||||
|
||||
En reprenant le même exemple que les fois précédentes,
|
||||
l'url-encodage des données est :
|
||||
|
||||
`client_id=15&third_party_app=discord
|
||||
&privacy_link=https%3A%2F%2Fdiscord.com%2Fprivacy%2F&username=Brian
|
||||
&callback_url=https%3A%2F%2Fbot.ae.utbm.fr%2Fcallback%2F123456789%2F`
|
||||
|
||||
Notez que la signature n'est pas (encore) dedans.
|
||||
Cette dernière peut-être obtenue avec le code suivant :
|
||||
|
||||
=== ":simple-python: Python"
|
||||
|
||||
Dépendances :
|
||||
|
||||
- `environs` (>=14.1)
|
||||
|
||||
```python
|
||||
import hmac
|
||||
from urllib.parse import urlencode
|
||||
|
||||
from environs import Env
|
||||
|
||||
env = Env()
|
||||
env.read_env()
|
||||
|
||||
key = env.str("HMAC_KEY").encode()
|
||||
data = {
|
||||
"client_id": 15,
|
||||
"third_party_app": "discord",
|
||||
"privacy_link": "https://discord.com/privacy/",
|
||||
"username": "Brian",
|
||||
"callback_url": "https://bot.ae.utbm.fr/callback/123456789/",
|
||||
}
|
||||
urlencoded = urlencode(data)
|
||||
data["signature"] = hmac.digest(key, urlencoded.encode(), "sha512").hex()
|
||||
|
||||
# URL a fournir à l'utilisateur pour son authentification
|
||||
user_url = f"https://ae.ubtm.fr/api-link/auth/?{urlencode(data)}"
|
||||
```
|
||||
|
||||
=== ":simple-rust: Rust"
|
||||
|
||||
Dépendances :
|
||||
|
||||
- `hmac` (>=0.12.1)
|
||||
- `url` (>=2.5.7, features `serde`)
|
||||
- `serde` (>=1.0.228, features `derive`)
|
||||
- `serde_urlencoded` (>=0.7.1)
|
||||
- `sha2` (>=0.10.9)
|
||||
- `dotenvy` (>= 0.15)
|
||||
|
||||
```rust
|
||||
use hmac::{Mac, SimpleHmac};
|
||||
use serde::Serialize;
|
||||
use sha2::Sha512;
|
||||
use url::Url;
|
||||
|
||||
#[derive(Serialize, Debug)]
|
||||
struct UrlData<'a> {
|
||||
client_id: u32,
|
||||
third_party_app: &'a str,
|
||||
privacy_link: Url,
|
||||
username: &'a str,
|
||||
callback_url: Url,
|
||||
}
|
||||
|
||||
impl<'a> UrlData<'a> {
|
||||
pub fn signature(&self, key: &[u8]) -> CtOutput<SimpleHmac<Sha512>> {
|
||||
let urlencoded = serde_urlencoded::to_string(self).unwrap();
|
||||
SimpleHmac::<Sha512>::new_from_slice(key)
|
||||
.unwrap()
|
||||
.chain_update(urlencoded.as_bytes())
|
||||
.finalize()
|
||||
}
|
||||
}
|
||||
|
||||
impl Into<Url> for UrlData<'_> {
|
||||
fn into(self) -> Url {
|
||||
let key = std::env::var("HMAC_KEY").unwrap();
|
||||
let mut url = Url::parse("http://ae.utbm.fr/api-link/auth/").unwrap();
|
||||
url.set_query(Some(
|
||||
format!(
|
||||
"{}&signature={:x}",
|
||||
serde_urlencoded::to_string(&self).unwrap(),
|
||||
self.signature(key.as_bytes()).into_bytes()
|
||||
)
|
||||
.as_str(),
|
||||
));
|
||||
url
|
||||
}
|
||||
}
|
||||
|
||||
fn main() {
|
||||
dotenvy::dotenv().expect("Couldn't load env");
|
||||
let data = UrlData {
|
||||
client_id: 1,
|
||||
third_party_app: "discord",
|
||||
privacy_link: "https://discord.com/privacy/".parse().unwrap(),
|
||||
username: "Brian",
|
||||
callback_url: "https://bot.ae.utbm.fr/callback/123456789/"
|
||||
.parse()
|
||||
.unwrap(),
|
||||
};
|
||||
let url: Url = data.into();
|
||||
println!("{:?}", url);
|
||||
}
|
||||
```
|
||||
|
||||
???Example "Vérification de la signature de la réponse"
|
||||
|
||||
Les données utilisateur peuvent ressembler à :
|
||||
|
||||
```json
|
||||
{
|
||||
"user": {
|
||||
"display_name": "Matthieu Vincent",
|
||||
"profile_url": "/user/380/",
|
||||
"profile_pict": "/static/core/img/unknown.jpg",
|
||||
"id": 380,
|
||||
"nick_name": None,
|
||||
"first_name": "Matthieu",
|
||||
"last_name": "Vincent",
|
||||
},
|
||||
"signature": "3802a280fbb01bd9fetc."
|
||||
}
|
||||
```
|
||||
|
||||
Vous pouvez vérifier la signature ainsi :
|
||||
|
||||
```python
|
||||
import hmac
|
||||
from urllib.parse import urlencode
|
||||
|
||||
from environs import Env
|
||||
|
||||
env = Env()
|
||||
env.read_env()
|
||||
|
||||
def is_signature_valid(user_data: dict, signature: str) -> bool:
|
||||
key = env.str("HMAC_KEY").encode()
|
||||
urlencoded = urlencode(user_data)
|
||||
return hmac.compare_digest(
|
||||
hmac.digest(key, urlencoded.encode(), "sha512").hex(),
|
||||
signature,
|
||||
)
|
||||
|
||||
|
||||
post_data = <récupération des données POST>
|
||||
print(
|
||||
"signature valide :",
|
||||
is_signature_valid(post_data["user"], post_data["signature"])
|
||||
)
|
||||
```
|
||||
|
||||
!!!Warning
|
||||
|
||||
Vous devez impérativement vérifier la signature
|
||||
des données de la requête de callback !
|
||||
|
||||
Ne pas vérifier la signature permet à n'importe quel acteur
|
||||
tierce malveillant de vous appeler sur votre callback.
|
||||
Ce serait une faille de sécurité majeure de votre côté.
|
||||
|
||||
Si l'équipe informatique se rend compte que vous ne le faites pas,
|
||||
elle se réserve le droit de suspendre votre application,
|
||||
immédiatement et sans préavis.
|
||||
@@ -112,7 +112,7 @@ cf. [HTTP persistant connection (wikipedia)](https://en.wikipedia.org/wiki/HTTP_
|
||||
|
||||
Voici quelques exemples :
|
||||
|
||||
=== ":simple-python: Python (requests)"
|
||||
=== "Python (requests)"
|
||||
|
||||
Dépendances :
|
||||
|
||||
@@ -132,7 +132,7 @@ Voici quelques exemples :
|
||||
print(response.json())
|
||||
```
|
||||
|
||||
=== ":simple-python: Python (aiohttp)"
|
||||
=== "Python (aiohttp)"
|
||||
|
||||
Dépendances :
|
||||
|
||||
@@ -158,7 +158,7 @@ Voici quelques exemples :
|
||||
asyncio.run(main())
|
||||
```
|
||||
|
||||
=== ":simple-javascript: Javascript (axios)"
|
||||
=== "Javascript (axios)"
|
||||
|
||||
Dépendances :
|
||||
|
||||
@@ -178,7 +178,7 @@ Voici quelques exemples :
|
||||
console.log(await instance.get("club/1").json());
|
||||
```
|
||||
|
||||
=== ":simple-rust: Rust (reqwest)"
|
||||
=== "Rust (reqwest)"
|
||||
|
||||
Dépendances :
|
||||
|
||||
|
||||
@@ -0,0 +1,37 @@
|
||||
#
|
||||
# Copyright 2022
|
||||
# - Maréchal <thgirod@hotmail.com
|
||||
#
|
||||
# Ce fichier fait partie du site de l'Association des Étudiants de l'UTBM,
|
||||
# http://ae.utbm.fr.
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify it under
|
||||
# the terms of the GNU General Public License a published by the Free Software
|
||||
# Foundation; either version 3 of the License, or (at your option) any later
|
||||
# version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful, but WITHOUT
|
||||
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
|
||||
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
|
||||
# details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License along with
|
||||
# this program; if not, write to the Free Sofware Foundation, Inc., 59 Temple
|
||||
# Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
|
||||
|
||||
class PaymentResultConverter:
|
||||
"""Converter used for url mapping of the `eboutic.views.payment_result` view.
|
||||
|
||||
It's meant to build an url that can match
|
||||
either `/eboutic/pay/success/` or `/eboutic/pay/failure/`
|
||||
but nothing else.
|
||||
"""
|
||||
|
||||
regex = "(success|failure)"
|
||||
|
||||
def to_python(self, value):
|
||||
return str(value)
|
||||
|
||||
def to_url(self, value):
|
||||
return str(value)
|
||||
@@ -61,10 +61,10 @@ document.addEventListener("alpine:init", () => {
|
||||
// biome-ignore lint/style/useNamingConvention: api is in snake_case
|
||||
path: { basket_id: basket.id },
|
||||
});
|
||||
if (res.response.ok) {
|
||||
if (res.response?.ok) {
|
||||
this.data = res.data as Record<string, string>;
|
||||
this.isCbAvailable = true;
|
||||
} else if (res.response.status === 410) {
|
||||
} else if (res.response?.status === 410) {
|
||||
// The basket is expired, so no payment method should be available at all.
|
||||
// This shouldn't happen, because we don't send the request
|
||||
// when the timeout is passed, but we are better safe than sorry
|
||||
|
||||
@@ -148,6 +148,56 @@
|
||||
</span>
|
||||
</div>
|
||||
{% endif %}
|
||||
<section>
|
||||
<div class="category-header">
|
||||
<h3 class="margin-bottom">{% trans %}Eurockéennes 2025 partnership{% endtrans %}</h3>
|
||||
{% if user.is_subscribed %}
|
||||
<div id="eurock-partner" style="
|
||||
min-height: 600px;
|
||||
background-color: lightgrey;
|
||||
display: flex;
|
||||
justify-content: center;
|
||||
align-items: center;
|
||||
flex-direction: column;
|
||||
gap: 10px;
|
||||
">
|
||||
<p style="text-align: center;">
|
||||
{% trans trimmed %}
|
||||
Our partner uses Weezevent to sell tickets.
|
||||
Weezevent may collect user info according to
|
||||
its own privacy policy.
|
||||
By clicking the accept button you consent to
|
||||
their terms of services.
|
||||
{% endtrans %}
|
||||
</p>
|
||||
|
||||
<a href="https://weezevent.com/fr/politique-de-confidentialite/">{% trans %}Privacy policy{% endtrans %}</a>
|
||||
|
||||
<button
|
||||
hx-get="{{ url("eboutic:eurock") }}"
|
||||
hx-target="#eurock-partner"
|
||||
hx-swap="outerHTML"
|
||||
hx-trigger="click, load[document.cookie.includes('weezevent_accept=true')]"
|
||||
@htmx:after-request="document.cookie = 'weezevent_accept=true'"
|
||||
>{% trans %}Accept{% endtrans %}
|
||||
</button>
|
||||
</div>
|
||||
{% else %}
|
||||
<p>
|
||||
{%- trans trimmed %}
|
||||
You must be subscribed to benefit from the partnership with the Eurockéennes.
|
||||
{% endtrans -%}
|
||||
</p>
|
||||
<p>
|
||||
{%- trans trimmed %}
|
||||
This partnership offers a discount of up to 33%
|
||||
on tickets for Friday, Saturday and Sunday,
|
||||
as well as the 3-day package from Friday to Sunday.
|
||||
{% endtrans -%}
|
||||
</p>
|
||||
{% endif %}
|
||||
</div>
|
||||
</section>
|
||||
{% for prices in categories %}
|
||||
{% set category = prices[0].product.product_type %}
|
||||
<section>
|
||||
|
||||
@@ -0,0 +1,16 @@
|
||||
<a title="Logiciel billetterie en ligne"
|
||||
href="https://www.weezevent.com?c=sys_widget"
|
||||
class="weezevent-widget-integration"
|
||||
target="_blank"
|
||||
data-src="https://widget.weezevent.com/ticket/8aaba226-f7a3-4192-a64e-72ff8f5b35b7?id_evenement=1419869&locale=fr-FR&code=28747"
|
||||
data-width="650"
|
||||
data-height="600"
|
||||
data-resize="1"
|
||||
data-nopb="0"
|
||||
data-type="neo"
|
||||
data-width_auto="1"
|
||||
data-noscroll="0"
|
||||
data-id="1419869">
|
||||
Billetterie Weezevent
|
||||
</a>
|
||||
<script type="text/javascript" src="https://widget.weezevent.com/weez.js" async defer></script>
|
||||
+4
-2
@@ -24,17 +24,18 @@
|
||||
|
||||
from django.urls import path, register_converter
|
||||
|
||||
from core.converters import ResultConverter
|
||||
from eboutic.converters import PaymentResultConverter
|
||||
from eboutic.views import (
|
||||
BillingInfoFormFragment,
|
||||
EbouticCheckout,
|
||||
EbouticMainView,
|
||||
EbouticPayWithSith,
|
||||
EtransactionAutoAnswer,
|
||||
EurockPartnerFragment,
|
||||
payment_result,
|
||||
)
|
||||
|
||||
register_converter(ResultConverter, "res")
|
||||
register_converter(PaymentResultConverter, "res")
|
||||
|
||||
urlpatterns = [
|
||||
# Subscription views
|
||||
@@ -50,4 +51,5 @@ urlpatterns = [
|
||||
EtransactionAutoAnswer.as_view(),
|
||||
name="etransation_autoanswer",
|
||||
),
|
||||
path("eurock/", EurockPartnerFragment.as_view(), name="eurock"),
|
||||
]
|
||||
|
||||
+6
-2
@@ -43,11 +43,11 @@ from django.utils.formats import localize
|
||||
from django.utils.timezone import localtime
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
from django.views.decorators.http import require_GET
|
||||
from django.views.generic import DetailView, FormView, UpdateView, View
|
||||
from django.views.generic import DetailView, FormView, TemplateView, UpdateView, View
|
||||
from django.views.generic.edit import SingleObjectMixin
|
||||
from django_countries.fields import Country
|
||||
|
||||
from core.auth.mixins import CanViewMixin
|
||||
from core.auth.mixins import CanViewMixin, IsSubscriberMixin
|
||||
from core.views.mixins import FragmentMixin, UseFragmentsMixin
|
||||
from counter.forms import BaseBasketForm, BasketItemForm, BillingInfoForm
|
||||
from counter.models import (
|
||||
@@ -359,3 +359,7 @@ class EtransactionAutoAnswer(View):
|
||||
return HttpResponse(
|
||||
"Payment failed with error: " + request.GET["Error"], status=202
|
||||
)
|
||||
|
||||
|
||||
class EurockPartnerFragment(IsSubscriberMixin, TemplateView):
|
||||
template_name = "eboutic/eurock_fragment.jinja"
|
||||
|
||||
@@ -35,10 +35,6 @@ msgstr ""
|
||||
"True si gardé à jour par le biais d'un fournisseur externe de domains "
|
||||
"toxics, False sinon"
|
||||
|
||||
#: api/admin.py
|
||||
msgid "Reset HMAC key"
|
||||
msgstr "Réinitialiser la clef HMAC"
|
||||
|
||||
#: api/admin.py
|
||||
#, python-format
|
||||
msgid ""
|
||||
@@ -52,23 +48,6 @@ msgstr ""
|
||||
msgid "Revoke selected API keys"
|
||||
msgstr "Révoquer les clefs d'API sélectionnées"
|
||||
|
||||
#: api/forms.py
|
||||
msgid "I have read and I accept the terms and conditions of use"
|
||||
msgstr "J'ai lu et j'accepte les conditions générales d'utilisation."
|
||||
|
||||
#: api/forms.py
|
||||
msgid "You must approve the terms and conditions of use."
|
||||
msgstr "Vous devez approuver les conditions générales d'utilisation."
|
||||
|
||||
#: api/forms.py
|
||||
msgid "You must confirm that this is your username."
|
||||
msgstr "Vous devez confirmer que c'est bien votre nom d'utilisateur."
|
||||
|
||||
#: api/forms.py
|
||||
#, python-format
|
||||
msgid "I confirm that %(username)s is my username on %(app)s"
|
||||
msgstr "Je confirme que %(username)s est mon nom d'utilisateur sur %(app)s"
|
||||
|
||||
#: api/models.py club/models.py com/models.py counter/models.py forum/models.py
|
||||
msgid "name"
|
||||
msgstr "nom"
|
||||
@@ -89,10 +68,6 @@ msgstr "permissions du client"
|
||||
msgid "Specific permissions for this api client."
|
||||
msgstr "Permissions spécifiques pour ce client d'API"
|
||||
|
||||
#: api/models.py
|
||||
msgid "HMAC Key"
|
||||
msgstr "Clef HMAC"
|
||||
|
||||
#: api/models.py
|
||||
msgid "api client"
|
||||
msgstr "client d'api"
|
||||
@@ -122,76 +97,6 @@ msgstr "clef d'api"
|
||||
msgid "api keys"
|
||||
msgstr "clefs d'api"
|
||||
|
||||
#: api/templates/api/third_party/auth.jinja
|
||||
msgid "Confidentiality"
|
||||
msgstr "Confidentialité"
|
||||
|
||||
#: api/templates/api/third_party/auth.jinja
|
||||
#, python-format
|
||||
msgid ""
|
||||
"By ticking this box and clicking on the send button, you acknowledge and "
|
||||
"agree to provide %(app)s with your first name, last name, nickname and any "
|
||||
"other information that was the third party app was explicitly authorized to "
|
||||
"fetch and that it must have acknowledged to you, in a complete and accurate "
|
||||
"manner."
|
||||
msgstr ""
|
||||
"En cochant cette case et en cliquant sur le bouton « Envoyer », vous "
|
||||
"reconnaissez et acceptez de fournir à %(app)s votre prénom, nom, pseudonyme "
|
||||
"et toute autre information que l'application tierce a été explicitement "
|
||||
"autorisée à récupérer et qu'elle doit vous avoir communiqué de manière "
|
||||
"complète et exacte."
|
||||
|
||||
#: api/templates/api/third_party/auth.jinja
|
||||
#, python-format
|
||||
msgid ""
|
||||
"The privacy policies of <a href=\"%(privacy_link)s\">%(app)s</a> and of <a "
|
||||
"href=\"%(sith_cgu_link)s\">the Students' Association</a> applies as soon as "
|
||||
"the form is submitted."
|
||||
msgstr ""
|
||||
"Les politiques de confidentialité de <a href=\"%(privacy_link)s\">%(app)s</"
|
||||
"a> et de <a href=\"%(sith_cgu_link)s\">l'Association des Etudiants</a> "
|
||||
"s'appliquent dès la soumission du formulaire."
|
||||
|
||||
#: api/templates/api/third_party/auth.jinja
|
||||
msgid "Confirmation of identity"
|
||||
msgstr "Confirmation d'identité"
|
||||
|
||||
#: api/views.py
|
||||
msgid "The data provided for authentication is incorrect"
|
||||
msgstr "Les données fournies pour l'authentification sont incorrectes."
|
||||
|
||||
#: api/views.py
|
||||
msgid ""
|
||||
"The signature is incorrect. We cannot ensure the provenance of the request."
|
||||
msgstr ""
|
||||
"La signature est incorrecte. Nous ne pouvons pas garantir l'authenticité de "
|
||||
"la requête."
|
||||
|
||||
#: api/views.py
|
||||
#, python-format
|
||||
msgid ""
|
||||
"You are going to link your AE account and your %(app)s account. Continue "
|
||||
"only if this page was opened from %(app)s."
|
||||
msgstr ""
|
||||
"Vous allez lier votre compte AE et votre compte %(app)s. Poursuivez "
|
||||
"uniquement si cette page a été ouverte depuis %(app)s."
|
||||
|
||||
#: api/views.py
|
||||
msgid "You have been successfully authenticated. You can now close this page."
|
||||
msgstr ""
|
||||
"Vous avez été authentifié avec succès. Vous pouvez maintenant fermer cette "
|
||||
"page."
|
||||
|
||||
#: api/views.py
|
||||
msgid ""
|
||||
"Your authentication on the AE website was successful, but an error happened "
|
||||
"during the interaction with the third-party application. Please contact the "
|
||||
"managers of the latter."
|
||||
msgstr ""
|
||||
"Votre authentification sur le site AE a fonctionné, mais une erreur est "
|
||||
"arrivée durant l'interaction avec l'application tierce. Veuillez contacter "
|
||||
"les responsables de cette dernière."
|
||||
|
||||
#: club/forms.py
|
||||
msgid "Users to add"
|
||||
msgstr "Utilisateurs à ajouter"
|
||||
@@ -4560,6 +4465,47 @@ msgstr ""
|
||||
msgid "this page"
|
||||
msgstr "cette page"
|
||||
|
||||
#: eboutic/templates/eboutic/eboutic_main.jinja
|
||||
msgid "Eurockéennes 2025 partnership"
|
||||
msgstr "Partenariat Eurockéennes 2025"
|
||||
|
||||
#: eboutic/templates/eboutic/eboutic_main.jinja
|
||||
msgid ""
|
||||
"Our partner uses Weezevent to sell tickets. Weezevent may collect user info "
|
||||
"according to its own privacy policy. By clicking the accept button you "
|
||||
"consent to their terms of services."
|
||||
msgstr ""
|
||||
"Notre partenaire utilises Wezevent pour vendre ses billets. Weezevent peut "
|
||||
"collecter des informations utilisateur conformément à sa propre politique de "
|
||||
"confidentialité. En cliquant sur le bouton d'acceptation vous consentez à "
|
||||
"leurs termes de service."
|
||||
|
||||
#: eboutic/templates/eboutic/eboutic_main.jinja
|
||||
msgid "Privacy policy"
|
||||
msgstr "Politique de confidentialité"
|
||||
|
||||
#: eboutic/templates/eboutic/eboutic_main.jinja
|
||||
#: trombi/templates/trombi/comment_moderation.jinja
|
||||
msgid "Accept"
|
||||
msgstr "Accepter"
|
||||
|
||||
#: eboutic/templates/eboutic/eboutic_main.jinja
|
||||
msgid ""
|
||||
"You must be subscribed to benefit from the partnership with the Eurockéennes."
|
||||
msgstr ""
|
||||
"Vous devez être cotisant pour bénéficier du partenariat avec les "
|
||||
"Eurockéennes."
|
||||
|
||||
#: eboutic/templates/eboutic/eboutic_main.jinja
|
||||
#, python-format
|
||||
msgid ""
|
||||
"This partnership offers a discount of up to 33%% on tickets for Friday, "
|
||||
"Saturday and Sunday, as well as the 3-day package from Friday to Sunday."
|
||||
msgstr ""
|
||||
"Ce partenariat permet de profiter d'une réduction jusqu'à 33%% sur les "
|
||||
"billets du vendredi, du samedi et du dimanche, ainsi qu'au forfait 3 jours, "
|
||||
"du vendredi au dimanche."
|
||||
|
||||
#: eboutic/templates/eboutic/eboutic_main.jinja
|
||||
msgid "Product sold out"
|
||||
msgstr "Produit épuisé"
|
||||
@@ -6003,10 +5949,6 @@ msgstr "fin"
|
||||
msgid "Moderate Trombi comments"
|
||||
msgstr "Modérer les commentaires du Trombi"
|
||||
|
||||
#: trombi/templates/trombi/comment_moderation.jinja
|
||||
msgid "Accept"
|
||||
msgstr "Accepter"
|
||||
|
||||
#: trombi/templates/trombi/comment_moderation.jinja
|
||||
msgid "Reject"
|
||||
msgstr "Refuser"
|
||||
|
||||
@@ -71,7 +71,6 @@ nav:
|
||||
- API:
|
||||
- Développement: tutorial/api/dev.md
|
||||
- Connexion à l'API: tutorial/api/connect.md
|
||||
- Liaison avec le compte AE: tutorial/api/account-link.md
|
||||
- Etransactions: tutorial/etransaction.md
|
||||
- How-to:
|
||||
- L'ORM de Django: howto/querysets.md
|
||||
@@ -95,8 +94,6 @@ nav:
|
||||
- reference/api/hashers.md
|
||||
- reference/api/models.md
|
||||
- reference/api/perms.md
|
||||
- reference/api/schemas.md
|
||||
- reference/api/views.md
|
||||
- club:
|
||||
- reference/club/models.md
|
||||
- reference/club/views.md
|
||||
|
||||
Generated
+18
@@ -48,6 +48,7 @@
|
||||
"@types/cytoscape-cxtmenu": "^3.4.5",
|
||||
"@types/cytoscape-klay": "^3.1.5",
|
||||
"@types/js-cookie": "^3.0.6",
|
||||
"@types/node": "^26.1.1",
|
||||
"rollup-plugin-visualizer": "^7.0.1",
|
||||
"typescript": "^6.0.3",
|
||||
"vite": "^8.1.0"
|
||||
@@ -2511,6 +2512,16 @@
|
||||
"integrity": "sha512-a79Yc3TOk6dGdituy8hmTTJXjOkZ7zsFYV10L337ttq/rec8lRMDBpV7fL3uLx6TgbFCa5DU/h8FmIBQPSbU0w==",
|
||||
"license": "MIT"
|
||||
},
|
||||
"node_modules/@types/node": {
|
||||
"version": "26.1.1",
|
||||
"resolved": "https://registry.npmjs.org/@types/node/-/node-26.1.1.tgz",
|
||||
"integrity": "sha512-nxAkRSVkN1Y0JC1W8ky/fTfkGsMmcrRsbx+3XoZE+rMOX71kLYTV7fLXpqud1GpbpP5TuffXFqfX7fH2GgZREw==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"undici-types": "~8.3.0"
|
||||
}
|
||||
},
|
||||
"node_modules/@types/tern": {
|
||||
"version": "0.23.9",
|
||||
"resolved": "https://registry.npmjs.org/@types/tern/-/tern-0.23.9.tgz",
|
||||
@@ -4654,6 +4665,13 @@
|
||||
"integrity": "sha512-Z1YkJ7IIYNrFeOxAlHUercY4Q2I+PhYD/3VkWpJGy/Oqudy3bFpNcQxnv6Oa9fTSXCHPGz1eDoX1bZYm2Z891A==",
|
||||
"license": "BSD-3-Clause"
|
||||
},
|
||||
"node_modules/undici-types": {
|
||||
"version": "8.3.0",
|
||||
"resolved": "https://registry.npmjs.org/undici-types/-/undici-types-8.3.0.tgz",
|
||||
"integrity": "sha512-j375ScV60dom+YkPFIfTLcOiPxkN/buHz5GobjLhixFuANaNs3C9l4GmrWqejgXWJ7BbJcFYpTEUkS1Ge8bpZQ==",
|
||||
"dev": true,
|
||||
"license": "MIT"
|
||||
},
|
||||
"node_modules/unicode-canonical-property-names-ecmascript": {
|
||||
"version": "2.0.1",
|
||||
"resolved": "https://registry.npmjs.org/unicode-canonical-property-names-ecmascript/-/unicode-canonical-property-names-ecmascript-2.0.1.tgz",
|
||||
|
||||
@@ -33,6 +33,7 @@
|
||||
"@types/cytoscape-cxtmenu": "^3.4.5",
|
||||
"@types/cytoscape-klay": "^3.1.5",
|
||||
"@types/js-cookie": "^3.0.6",
|
||||
"@types/node": "^26.1.1",
|
||||
"rollup-plugin-visualizer": "^7.0.1",
|
||||
"typescript": "^6.0.3",
|
||||
"vite": "^8.1.0"
|
||||
|
||||
+3
-3
@@ -1,4 +1,4 @@
|
||||
from typing import Any, Literal
|
||||
from typing import Literal
|
||||
|
||||
from django.conf import settings
|
||||
from django.core.exceptions import ValidationError
|
||||
@@ -20,7 +20,7 @@ from api.permissions import (
|
||||
IsRoot,
|
||||
)
|
||||
from core.models import Notification, User
|
||||
from core.schemas import UploadedImage
|
||||
from core.schemas import UploadedImage, ValidationErrorSchema
|
||||
from sas.models import Album, PeoplePictureRelation, Picture
|
||||
from sas.schemas import (
|
||||
AlbumAutocompleteSchema,
|
||||
@@ -106,7 +106,7 @@ class PicturesController(ControllerBase):
|
||||
response={
|
||||
200: None,
|
||||
409: dict[Literal["detail"], dict[str, list[str]]],
|
||||
422: dict[Literal["detail"], list[dict[str, Any]]],
|
||||
422: ValidationErrorSchema,
|
||||
},
|
||||
url_name="upload_picture",
|
||||
)
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
import type { TomOption } from "tom-select/dist/types/types";
|
||||
import type { escape_html } from "tom-select/dist/types/utils";
|
||||
import { AjaxSelect } from "#core:core/components/ajax-select-base.ts";
|
||||
import { registerComponent } from "#core:utils/web-components.ts";
|
||||
import type { TomOption } from "tom-select/src/types";
|
||||
import type { escape_html } from "tom-select/src/utils";
|
||||
import { AjaxSelect } from "#core:core/components/ajax-select-base";
|
||||
import { registerComponent } from "#core:utils/web-components";
|
||||
import { type AlbumAutocompleteSchema, albumAutocompleteAlbum } from "#openapi";
|
||||
|
||||
@registerComponent("album-ajax-select")
|
||||
|
||||
@@ -9,7 +9,7 @@ document.addEventListener("alpine:init", () => {
|
||||
|
||||
async downloadZip() {
|
||||
this.isDownloading = true;
|
||||
const bar = this.$refs.progress;
|
||||
const bar = this.$refs.progress as HTMLProgressElement;
|
||||
bar.value = 0;
|
||||
bar.max = this.downloadPictures.length;
|
||||
|
||||
@@ -31,10 +31,11 @@ document.addEventListener("alpine:init", () => {
|
||||
|
||||
await Promise.all(
|
||||
this.downloadPictures.map((p: PictureSchema) => {
|
||||
const imgName = `${p.album.name}/IMG_${p.id}_${p.date.replace(/[:-]/g, "_")}${p.name.slice(p.name.lastIndexOf("."))}`;
|
||||
const dateStr = (p.date as string).replace(/[:-]/g, "_");
|
||||
const imgName = `${p.album.name}/IMG_${p.id}_${dateStr}${p.name.slice(p.name.lastIndexOf("."))}`;
|
||||
return zipWriter.add(imgName, new HttpReader(p.full_size_url), {
|
||||
level: 9,
|
||||
lastModDate: new Date(p.date),
|
||||
lastModDate: new Date(p.date as string),
|
||||
onstart: incrementProgressBar,
|
||||
});
|
||||
}),
|
||||
|
||||
@@ -57,14 +57,16 @@ document.addEventListener("alpine:init", () => {
|
||||
|
||||
async init() {
|
||||
const pictures = await this.fetchPictures();
|
||||
const groupedAlbums = Object.groupBy(pictures, (i: PictureSchema) => i.album.id);
|
||||
this.albums = Object.values(groupedAlbums).map((pictures: PictureSchema[]) => {
|
||||
const groupedAlbums = Object.groupBy(pictures, (i) => i.album.id as number);
|
||||
this.albums = Object.values(groupedAlbums as Record<number, PictureSchema[]>).map(
|
||||
(pictures) => {
|
||||
return {
|
||||
id: pictures[0].album.id,
|
||||
id: pictures[0].album.id as number,
|
||||
name: pictures[0].album.name,
|
||||
pictures: pictures,
|
||||
};
|
||||
});
|
||||
},
|
||||
);
|
||||
this.albums.sort((a: Album, b: Album) => b.id - a.id);
|
||||
const hash = document.location.hash.replace("#", "");
|
||||
if (hash.startsWith("album-")) {
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
import type TomSelect from "tom-select";
|
||||
import type { TomOption } from "tom-select/src/types";
|
||||
import type { UserAjaxSelect } from "#core:core/components/ajax-select-index";
|
||||
import { paginated } from "#core:utils/api";
|
||||
import { History } from "#core:utils/history";
|
||||
@@ -6,7 +7,6 @@ import {
|
||||
type IdentifiedUserSchema,
|
||||
type ModerationRequestSchema,
|
||||
type PictureSchema,
|
||||
type PicturesFetchIdentificationsResponse,
|
||||
type PicturesFetchPicturesData,
|
||||
picturesDeletePicture,
|
||||
picturesFetchIdentifications,
|
||||
@@ -15,6 +15,7 @@ import {
|
||||
picturesIdentifyUsers,
|
||||
picturesModeratePicture,
|
||||
picturesRotatePicture,
|
||||
type SimpleAlbumSchema,
|
||||
type UserProfileSchema,
|
||||
usersidentifiedDeleteRelation,
|
||||
} from "#openapi";
|
||||
@@ -23,8 +24,8 @@ import {
|
||||
* A container for a picture with the users identified on it
|
||||
* able to prefetch its data.
|
||||
*/
|
||||
class PictureWithIdentifications {
|
||||
identifications: PicturesFetchIdentificationsResponse = null;
|
||||
class PictureWithIdentifications implements PictureSchema {
|
||||
identifications?: IdentifiedUserSchema[];
|
||||
imageLoading = false;
|
||||
identificationsLoading = false;
|
||||
moderationLoading = false;
|
||||
@@ -32,10 +33,43 @@ class PictureWithIdentifications {
|
||||
compressedUrl: string = "";
|
||||
thumbUrl: string = "";
|
||||
fullSizeUrl: string = "";
|
||||
moderationRequests: ModerationRequestSchema[] = null;
|
||||
moderationRequests: ModerationRequestSchema[] = [];
|
||||
owner: UserProfileSchema;
|
||||
// biome-ignore-start lint/style/useNamingConvention: PictureSchema has CamelCase properties
|
||||
sas_url: string;
|
||||
full_size_url: string;
|
||||
compressed_url: string;
|
||||
thumb_url: string;
|
||||
album: SimpleAlbumSchema;
|
||||
report_url: string;
|
||||
edit_url: string;
|
||||
name: string;
|
||||
date?: string | undefined;
|
||||
updated_at: string;
|
||||
size?: number | undefined;
|
||||
is_moderated?: boolean | undefined;
|
||||
asked_for_removal?: boolean | undefined;
|
||||
// biome-ignore-end lint/style/useNamingConvention: PictureSchema has CamelCase properties
|
||||
|
||||
constructor(picture: PictureSchema) {
|
||||
Object.assign(this, picture);
|
||||
if (picture.id === null || picture.id === undefined) {
|
||||
throw new Error("picture id expected a value");
|
||||
}
|
||||
this.owner = picture.owner;
|
||||
this.sas_url = picture.sas_url;
|
||||
this.full_size_url = picture.full_size_url;
|
||||
this.compressed_url = picture.compressed_url;
|
||||
this.thumb_url = picture.thumb_url;
|
||||
this.album = picture.album;
|
||||
this.report_url = picture.report_url;
|
||||
this.edit_url = picture.edit_url;
|
||||
this.name = picture.name;
|
||||
this.date = picture.date;
|
||||
this.updated_at = picture.updated_at;
|
||||
this.size = picture.size;
|
||||
this.is_moderated = picture.is_moderated;
|
||||
this.asked_for_removal = picture.asked_for_removal;
|
||||
this.id = picture.id;
|
||||
this.compressedUrl = picture.compressed_url;
|
||||
this.thumbUrl = picture.thumb_url;
|
||||
this.fullSizeUrl = picture.full_size_url;
|
||||
@@ -69,12 +103,13 @@ class PictureWithIdentifications {
|
||||
return;
|
||||
}
|
||||
this.identificationsLoading = true;
|
||||
this.identifications = (
|
||||
this.identifications =
|
||||
(
|
||||
await picturesFetchIdentifications({
|
||||
// biome-ignore lint/style/useNamingConvention: api is in snake_case
|
||||
path: { picture_id: this.id },
|
||||
})
|
||||
).data;
|
||||
).data ?? [];
|
||||
this.identificationsLoading = false;
|
||||
}
|
||||
|
||||
@@ -88,12 +123,13 @@ class PictureWithIdentifications {
|
||||
return;
|
||||
}
|
||||
this.moderationLoading = true;
|
||||
this.moderationRequests = (
|
||||
this.moderationRequests =
|
||||
(
|
||||
await picturesFetchModerationRequests({
|
||||
// biome-ignore lint/style/useNamingConvention: api is in snake_case
|
||||
path: { picture_id: this.id },
|
||||
})
|
||||
).data;
|
||||
).data ?? [];
|
||||
this.moderationLoading = false;
|
||||
}
|
||||
|
||||
@@ -103,6 +139,10 @@ class PictureWithIdentifications {
|
||||
// biome-ignore lint/style/useNamingConvention: api is snake case
|
||||
path: { picture_id: this.id, direction: direction },
|
||||
});
|
||||
if (!res.data) {
|
||||
console.error("The data o the rotated were expected, but nothing was returned");
|
||||
return;
|
||||
}
|
||||
// urls returned by the api include a timestamp for cache busting
|
||||
this.fullSizeUrl = res.data.full_size_url;
|
||||
this.compressedUrl = res.data.compressed_url;
|
||||
@@ -157,7 +197,7 @@ document.addEventListener("alpine:init", () => {
|
||||
currentPicture: {
|
||||
// biome-ignore lint/style/useNamingConvention: api is in snake_case
|
||||
is_moderated: true,
|
||||
id: null as number,
|
||||
id: null as number | null,
|
||||
name: "",
|
||||
// biome-ignore lint/style/useNamingConvention: api is in snake_case
|
||||
display_name: "",
|
||||
@@ -171,19 +211,19 @@ document.addEventListener("alpine:init", () => {
|
||||
// biome-ignore lint/style/useNamingConvention: api is in snake_case
|
||||
created_at: new Date(),
|
||||
identifications: [] as IdentifiedUserSchema[],
|
||||
},
|
||||
} as unknown as PictureWithIdentifications,
|
||||
/**
|
||||
* The picture which will be displayed next if the user press the "next" button
|
||||
**/
|
||||
nextPicture: null as PictureWithIdentifications,
|
||||
nextPicture: null as PictureWithIdentifications | null,
|
||||
/**
|
||||
* The picture which will be displayed next if the user press the "previous" button
|
||||
**/
|
||||
previousPicture: null as PictureWithIdentifications,
|
||||
previousPicture: null as PictureWithIdentifications | null,
|
||||
/**
|
||||
* The select2 component used to identify users
|
||||
**/
|
||||
selector: undefined as UserAjaxSelect,
|
||||
selector: undefined as UserAjaxSelect | undefined,
|
||||
/**
|
||||
* Error message when a moderation operation fails
|
||||
**/
|
||||
@@ -201,24 +241,18 @@ document.addEventListener("alpine:init", () => {
|
||||
query: { album_id: config.albumId },
|
||||
} as PicturesFetchPicturesData)
|
||||
).map(PictureWithIdentifications.fromPicture);
|
||||
this.selector = this.$refs.search;
|
||||
this.selector.setFilter((users: UserProfileSchema[]) => {
|
||||
const resp: UserProfileSchema[] = [];
|
||||
this.selector = this.$refs.search as UserAjaxSelect;
|
||||
this.selector.setFilter((users: TomOption[]) => {
|
||||
const ids = [
|
||||
...(this.currentPicture.identifications || []).map(
|
||||
(i: IdentifiedUserSchema) => i.user.id,
|
||||
),
|
||||
];
|
||||
for (const user of users) {
|
||||
if (!ids.includes(user.id)) {
|
||||
resp.push(user);
|
||||
}
|
||||
}
|
||||
return resp;
|
||||
return users.filter((user) => !ids.includes(user.id));
|
||||
});
|
||||
this.currentPicture = this.pictures.find(
|
||||
(i: PictureSchema) => i.id === config.firstPictureId,
|
||||
);
|
||||
(i) => i.id === config.firstPictureId,
|
||||
) as PictureWithIdentifications;
|
||||
this.$watch(
|
||||
"currentPicture",
|
||||
(current: PictureSchema, previous: PictureSchema) => {
|
||||
@@ -236,7 +270,7 @@ document.addEventListener("alpine:init", () => {
|
||||
this.pushstate = History.Replace;
|
||||
this.currentPicture = this.pictures.find(
|
||||
(i: PictureSchema) => i.id === Number.parseInt(event.state.sasPictureId, 10),
|
||||
);
|
||||
) as PictureWithIdentifications;
|
||||
});
|
||||
this.pushstate = History.Replace; /* Avoid first url push */
|
||||
await this.updatePicture();
|
||||
@@ -311,14 +345,15 @@ document.addEventListener("alpine:init", () => {
|
||||
// As the album is now empty, go back to the parent page
|
||||
document.location.href = config.albumUrl;
|
||||
}
|
||||
this.currentPicture = this.nextPicture || this.previousPicture;
|
||||
this.currentPicture = (this.nextPicture ||
|
||||
this.previousPicture) as PictureWithIdentifications;
|
||||
},
|
||||
|
||||
/**
|
||||
* Send the identification request and update the list of identified users.
|
||||
*/
|
||||
async submitIdentification(): Promise<void> {
|
||||
const widget: TomSelect = this.selector.widget;
|
||||
const widget: TomSelect = (this.selector as UserAjaxSelect).widget;
|
||||
await picturesIdentifyUsers({
|
||||
// biome-ignore lint/style/useNamingConvention: api is in snake_case
|
||||
path: { picture_id: this.currentPicture.id },
|
||||
|
||||
@@ -417,8 +417,6 @@ SITH_FORUM_PAGE_LENGTH = 30
|
||||
SITH_SAS_ROOT_DIR_ID = env.int("SITH_SAS_ROOT_DIR_ID", default=4)
|
||||
SITH_SAS_IMAGES_PER_PAGE = 60
|
||||
|
||||
SITH_CGU_FILE_ID = env.int("SITH_CGU_FILE_ID", default=5)
|
||||
|
||||
SITH_PROFILE_DEPARTMENTS = [
|
||||
("TC", _("TC")),
|
||||
("IMSI", _("IMSI")),
|
||||
|
||||
@@ -34,7 +34,6 @@ urlpatterns = [
|
||||
path("", include(("core.urls", "core"), namespace="core")),
|
||||
path("sitemap.xml", cache_page(86400)(sitemap), {"sitemaps": sitemaps}),
|
||||
path("api/", api.urls),
|
||||
path("api-link/", include(("api.urls", "api-link"), namespace="api-link")),
|
||||
path("rootplace/", include(("rootplace.urls", "rootplace"), namespace="rootplace")),
|
||||
path(
|
||||
"subscription/",
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
import type { UserAjaxSelect } from "#core:core/components/ajax-select-index";
|
||||
import { userFetchUser } from "#openapi";
|
||||
|
||||
Alpine.data("existing_user_subscription_form", () => ({
|
||||
loading: false,
|
||||
selectedUser: "",
|
||||
profileFragment: "",
|
||||
dateOfBirth: "",
|
||||
dateOfBirth: "" as string | null,
|
||||
dateOfBirthHidden: true,
|
||||
|
||||
init() {
|
||||
@@ -14,7 +15,9 @@ Alpine.data("existing_user_subscription_form", () => ({
|
||||
|
||||
this.$nextTick(() => {
|
||||
// Force to detect the initial value
|
||||
this.selectedUser = this.$refs.userSelect.widget.getValue();
|
||||
this.selectedUser = (
|
||||
this.$refs.userSelect as UserAjaxSelect
|
||||
).widget.getValue() as string;
|
||||
});
|
||||
},
|
||||
|
||||
@@ -31,11 +34,15 @@ Alpine.data("existing_user_subscription_form", () => ({
|
||||
// biome-ignore lint/style/useNamingConvention: api is snake_case
|
||||
userFetchUser({ path: { user_id: userId } }),
|
||||
]);
|
||||
if (userInfos.data === undefined) {
|
||||
console.error("User infos request failed");
|
||||
return;
|
||||
}
|
||||
this.profileFragment = await miniProfile.text();
|
||||
// If the user has no birthdate yet, show the form input
|
||||
// to fill this info.
|
||||
// Else keep the input hidden and change its value to the user birthdate
|
||||
this.dateOfBirth = userInfos.data.date_of_birth;
|
||||
this.dateOfBirth = userInfos.data.date_of_birth ?? null;
|
||||
this.dateOfBirthHidden = userInfos.data.date_of_birth !== null;
|
||||
this.loading = false;
|
||||
},
|
||||
|
||||
@@ -17,7 +17,10 @@ function getRandomColorUniq(list: string[]) {
|
||||
}
|
||||
return color;
|
||||
}
|
||||
function hexToRgb(hex: string) {
|
||||
|
||||
type Rgb = { r: number; g: number; b: number };
|
||||
|
||||
function hexToRgb(hex: string): Rgb | null {
|
||||
// Expand shorthand form (e.g. "03F") to full form (e.g. "0033FF")
|
||||
const shorthandRegex = /^#?([a-f\d])([a-f\d])([a-f\d])$/i;
|
||||
const hexrgb = hex.replace(shorthandRegex, (_m, r, g, b) => {
|
||||
@@ -37,32 +40,29 @@ function hexToRgb(hex: string) {
|
||||
document.addEventListener("DOMContentLoaded", () => {
|
||||
const ctx = (document.getElementById("statsChart") as HTMLCanvasElement).getContext(
|
||||
"2d",
|
||||
);
|
||||
) as CanvasRenderingContext2D;
|
||||
const labels: string[] = [];
|
||||
const total: string[] = [];
|
||||
const colors: string[] = [];
|
||||
const colorStrings: string[] = [];
|
||||
const colorsDimmed: string[] = [];
|
||||
for (const element of Array.from(document.getElementsByClassName("types"))) {
|
||||
labels.push(element.childNodes[0].textContent);
|
||||
labels.push(element.childNodes[0].textContent as string);
|
||||
}
|
||||
for (const element of Array.from(document.getElementsByClassName("total"))) {
|
||||
total.push(element.childNodes[0].childNodes[0].textContent);
|
||||
total.push(element.childNodes[0].childNodes[0].textContent as string);
|
||||
}
|
||||
|
||||
for (const _ of labels) {
|
||||
colors.push(getRandomColorUniq(colors));
|
||||
colorStrings.push(getRandomColorUniq(colorStrings));
|
||||
}
|
||||
const colors = colorStrings.map(hexToRgb) as Rgb[];
|
||||
|
||||
for (const color of colors) {
|
||||
colorsDimmed.push(`rgba(${color.r}, ${color.g}, ${color.b}, 0.2)`);
|
||||
}
|
||||
|
||||
for (const element of colors) {
|
||||
const rgbColor = hexToRgb(element);
|
||||
colorsDimmed.push(`rgba(${rgbColor.r}, ${rgbColor.g}, ${rgbColor.b}, 0.2)`);
|
||||
}
|
||||
|
||||
for (const element of colors) {
|
||||
const rgbColorDimmed = hexToRgb(element);
|
||||
colorsDimmed.push(
|
||||
`rgba(${rgbColorDimmed.r}, ${rgbColorDimmed.g}, ${rgbColorDimmed.b}, 0.2)`,
|
||||
);
|
||||
for (const color of colors) {
|
||||
colorsDimmed.push(`rgba(${color.r}, ${color.g}, ${color.b}, 0.2)`);
|
||||
}
|
||||
|
||||
new Chart(ctx, {
|
||||
@@ -71,10 +71,11 @@ document.addEventListener("DOMContentLoaded", () => {
|
||||
labels: labels,
|
||||
datasets: [
|
||||
{
|
||||
label: document.getElementById("graphLabel").childNodes[0].textContent,
|
||||
label: document.getElementById("graphLabel")?.childNodes[0]
|
||||
.textContent as string,
|
||||
data: total,
|
||||
backgroundColor: colorsDimmed,
|
||||
borderColor: colors,
|
||||
borderColor: colorStrings,
|
||||
borderWidth: 1,
|
||||
},
|
||||
],
|
||||
|
||||
@@ -58,7 +58,7 @@ function parseSlots(s: string): TimetableSlot[] {
|
||||
.filter((s: string) => s.length > 0)
|
||||
.map((row: string) => {
|
||||
const parsed = TIMETABLE_ROW_RE.exec(row);
|
||||
if (!parsed) {
|
||||
if (!parsed?.groups) {
|
||||
throw new Error(`Couldn't parse row ${row}`);
|
||||
}
|
||||
const [startHour, startMin] = parsed.groups.startHour
|
||||
@@ -173,7 +173,7 @@ document.addEventListener("alpine:init", () => {
|
||||
|
||||
async savePng() {
|
||||
const elem = document.getElementById("timetable");
|
||||
const img = (await html2canvas(elem)).toDataURL();
|
||||
const img = (await html2canvas(elem as HTMLElement)).toDataURL();
|
||||
const downloadLink = document.createElement("a");
|
||||
downloadLink.href = img;
|
||||
downloadLink.download = "edt.png";
|
||||
|
||||
@@ -0,0 +1,27 @@
|
||||
{
|
||||
"exclude": ["staticfiles/generated/**/*", "*.mts", "node_modules/**/*"],
|
||||
"compilerOptions": {
|
||||
"outDir": "./staticfiles/generated/bundled/",
|
||||
"sourceMap": true,
|
||||
"noImplicitAny": true,
|
||||
"module": "esnext",
|
||||
"target": "es2024",
|
||||
"allowJs": true,
|
||||
"moduleResolution": "node",
|
||||
"experimentalDecorators": true,
|
||||
"allowSyntheticDefaultImports": true,
|
||||
"esModuleInterop": true,
|
||||
"resolveJsonModule": true,
|
||||
"composite": true,
|
||||
"types": ["alpinejs"],
|
||||
"paths": {
|
||||
"#openapi": ["./staticfiles/generated/openapi/client/index.ts"],
|
||||
"#openapi:*": ["./staticfiles/generated/openapi/client/*"],
|
||||
"#core:*": ["./core/static/bundled/*"],
|
||||
"#pedagogy:*": ["./pedagogy/static/bundled/*"],
|
||||
"#counter:*": ["./counter/static/bundled/*"],
|
||||
"#com:*": ["./com/static/bundled/*"],
|
||||
"#club:*": ["./club/static/bundled/*"]
|
||||
}
|
||||
}
|
||||
}
|
||||
+4
-22
@@ -1,24 +1,6 @@
|
||||
{
|
||||
"compilerOptions": {
|
||||
"outDir": "./staticfiles/generated/bundled/",
|
||||
"sourceMap": true,
|
||||
"noImplicitAny": true,
|
||||
"module": "esnext",
|
||||
"target": "es2024",
|
||||
"allowJs": true,
|
||||
"moduleResolution": "node",
|
||||
"experimentalDecorators": true,
|
||||
"allowSyntheticDefaultImports": true,
|
||||
"esModuleInterop": true,
|
||||
"resolveJsonModule": true,
|
||||
"types": ["alpinejs"],
|
||||
"paths": {
|
||||
"#openapi": ["./staticfiles/generated/openapi/client/index.ts"],
|
||||
"#openapi:*": ["./staticfiles/generated/openapi/client/*"],
|
||||
"#core:*": ["./core/static/bundled/*"],
|
||||
"#pedagogy:*": ["./pedagogy/static/bundled/*"],
|
||||
"#counter:*": ["./counter/static/bundled/*"],
|
||||
"#com:*": ["./com/static/bundled/*"]
|
||||
}
|
||||
}
|
||||
"references": [
|
||||
{"path": "tsconfig.bundled.json"},
|
||||
{"path": "tsconfig.node.json"}
|
||||
],
|
||||
}
|
||||
|
||||
@@ -0,0 +1,10 @@
|
||||
{
|
||||
"include": ["vite.config.*"],
|
||||
"compilerOptions": {
|
||||
"module": "preserve",
|
||||
"moduleResolution": "bundler",
|
||||
"types": ["node"],
|
||||
"emitDeclarationOnly": true,
|
||||
"composite": true
|
||||
}
|
||||
}
|
||||
+3
-5
@@ -8,7 +8,7 @@ import {
|
||||
type Rollup,
|
||||
type UserConfig,
|
||||
} from "vite";
|
||||
import tsconfig from "./tsconfig.json";
|
||||
import { compilerOptions } from "./tsconfig.bundled.json";
|
||||
|
||||
const outDir = resolve(__dirname, "./staticfiles/generated/bundled");
|
||||
const collectedFiles = glob.sync(
|
||||
@@ -20,7 +20,7 @@ const collectedFiles = glob.sync(
|
||||
**/
|
||||
function getAliases(): AliasOptions {
|
||||
const aliases: AliasOptions = {};
|
||||
for (const [key, value] of Object.entries(tsconfig.compilerOptions.paths)) {
|
||||
for (const [key, value] of Object.entries(compilerOptions.paths)) {
|
||||
aliases[key] = resolve(__dirname, value[0]);
|
||||
}
|
||||
return aliases;
|
||||
@@ -59,7 +59,7 @@ export default defineConfig((config: UserConfig) => {
|
||||
// Mirror architecture of static folders in generated .js and .css
|
||||
entryFileNames: (chunkInfo: Rollup.PreRenderedChunk) => {
|
||||
if (chunkInfo.facadeModuleId !== null) {
|
||||
return `${getRelativeAssetPath(chunkInfo.facadeModuleId)}.[hash].js`;
|
||||
return `${getRelativeAssetPath(chunkInfo.facadeModuleId as string)}.[hash].js`;
|
||||
}
|
||||
return "[name].[hash].js";
|
||||
},
|
||||
@@ -80,8 +80,6 @@ export default defineConfig((config: UserConfig) => {
|
||||
resolve: {
|
||||
alias: getAliases(),
|
||||
},
|
||||
// biome-ignore lint/style/useNamingConvention: that's how it's called
|
||||
inject: { Alpine: "alpinejs", htmx: "htmx.org" },
|
||||
plugins: [visualizer({ filename: ".bundle-size-report.html" }) as PluginOption],
|
||||
} satisfies UserConfig;
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user