Bump js-yaml from 4.1.0 to 4.1.1

Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 4.1.0 to 4.1.1.
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1)

---
updated-dependencies:
- dependency-name: js-yaml
  dependency-version: 4.1.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

club/forms.py

@@ -37,7 +37,6 @@ from core.views.widgets.ajax_select import (
     AutoCompleteSelectUser,
 )
 from counter.models import Counter, Selling
-from counter.schemas import SaleFilterSchema
 
 
 class ClubEditForm(forms.ModelForm):
@@ -192,18 +191,6 @@ class SellingsForm(forms.Form):
             required=False,
         )
 
-    def to_filter_schema(self) -> SaleFilterSchema:
-        products = (
-            *self.cleaned_data["products"],
-            *self.cleaned_data["archived_products"],
-        )
-        return SaleFilterSchema(
-            after=self.cleaned_data["begin_date"],
-            before=self.cleaned_data["end_date"],
-            counters={c.id for c in self.cleaned_data["counters"]} or None,
-            products={p.id for p in products} or None,
-        )
-
 
 class ClubOldMemberForm(forms.Form):
     members_old = forms.ModelMultipleChoiceField(

club/templates/club/page_history.jinja

@@ -1,8 +1,12 @@
 {% extends "core/base.jinja" %}
-{% from 'core/page/macros.jinja' import page_history %}
+{% from 'core/macros_pages.jinja' import page_history %}
 
 {% block content %}
-  {{ page_history(club.page) }}
+  {% if club.page %}
+    {{ page_history(club.page) }}
+  {% else %}
+    {% trans %}No page existing for this club{% endtrans %}
+  {% endif %}
 {% endblock %}
 
 

club/templates/club/pagerev_edit.jinja

@@ -1,12 +1,8 @@
 {% extends "core/base.jinja" %}
+{% from 'core/macros_pages.jinja' import page_edit_form %}
 
 {% block content %}
-  <h2>{% trans %}Edit page{% endtrans %}</h2>
-  <form action="{{ url('club:club_edit_page', club_id=page.club.id) }}" method="post">
-    {% csrf_token %}
-    {{ form.as_p() }}
-    <p><input type="submit" value="{% trans %}Save{% endtrans %}" /></p>
-  </form>
+  {{ page_edit_form(page, form, url('club:club_edit_page', club_id=page.club.id), csrf_token) }}
 {% endblock %}
 
 

club/tests/test_page.py

@@ -3,10 +3,9 @@ from bs4 import BeautifulSoup
 from django.test import Client
 from django.urls import reverse
 from model_bakery import baker
-from pytest_django.asserts import assertHTMLEqual, assertRedirects
+from pytest_django.asserts import assertHTMLEqual
 
-from club.models import Club, Membership
-from core.baker_recipes import subscriber_user
+from club.models import Club
 from core.markdown import markdown
 from core.models import PageRev, User
 
@@ -17,6 +16,7 @@ def test_page_display_on_club_main_page(client: Client):
     club = baker.make(Club)
     content = "# foo\nLorem ipsum dolor sit amet"
     baker.make(PageRev, page=club.page, revision=1, content=content)
+    client.force_login(baker.make(User))
     res = client.get(reverse("club:club_view", kwargs={"club_id": club.id}))
 
     assert res.status_code == 200
@@ -30,42 +30,10 @@ def test_club_main_page_without_content(client: Client):
     """Test the club view works, even if the club page is empty"""
     club = baker.make(Club)
     club.page.revisions.all().delete()
+    client.force_login(baker.make(User))
     res = client.get(reverse("club:club_view", kwargs={"club_id": club.id}))
 
     assert res.status_code == 200
     soup = BeautifulSoup(res.text, "lxml")
     detail_html = soup.find(id="club_detail")
     assert detail_html.find_all("markdown") == []
-
-
-@pytest.mark.django_db
-def test_page_revision(client: Client):
-    club = baker.make(Club)
-    revisions = baker.make(
-        PageRev, page=club.page, _quantity=3, content=iter(["foo", "bar", "baz"])
-    )
-    client.force_login(baker.make(User))
-    url = reverse(
-        "club:club_view_rev", kwargs={"club_id": club.id, "rev_id": revisions[1].id}
-    )
-    res = client.get(url)
-    assert res.status_code == 200
-    soup = BeautifulSoup(res.text, "lxml")
-    detail_html = soup.find(class_="markdown")
-    assertHTMLEqual(detail_html.decode_contents(), markdown(revisions[1].content))
-
-
-@pytest.mark.django_db
-def test_edit_page(client: Client):
-    club = baker.make(Club)
-    user = subscriber_user.make()
-    baker.make(Membership, user=user, club=club, role=3)
-    client.force_login(user)
-    url = reverse("club:club_edit_page", kwargs={"club_id": club.id})
-    content = "# foo\nLorem ipsum dolor sit amet"
-
-    res = client.get(url)
-    assert res.status_code == 200
-    res = client.post(url, data={"content": content})
-    assertRedirects(res, reverse("club:club_view", kwargs={"club_id": club.id}))
-    assert club.page.revisions.last().content == content

club/tests/test_sales.py

@@ -1,6 +1,3 @@
-import csv
-import itertools
-
 import pytest
 from django.test import Client
 from django.urls import reverse
@@ -10,20 +7,16 @@ from club.forms import SellingsForm
 from club.models import Club
 from core.models import User
 from counter.baker_recipes import product_recipe, sale_recipe
-from counter.models import Counter, Customer, Product, Selling
+from counter.models import Counter, Customer
 
 
 @pytest.mark.django_db
 def test_sales_page_doesnt_crash(client: Client):
-    """Basic crashtest on club sales view."""
     club = baker.make(Club)
-    product = baker.make(Product, club=club)
     admin = baker.make(User, is_superuser=True)
     client.force_login(admin)
-    url = reverse("club:club_sellings", kwargs={"club_id": club.id})
-    assert client.get(url).status_code == 200
-    assert client.post(url).status_code == 200
-    assert client.post(url, data={"products": [product.id]}).status_code == 200
+    response = client.get(reverse("club:club_sellings", kwargs={"club_id": club.id}))
+    assert response.status_code == 200
 
 
 @pytest.mark.django_db
@@ -43,62 +36,3 @@ def test_sales_form_counter_filter():
     form = SellingsForm(club)
     form_counters = list(form.fields["counters"].queryset)
     assert form_counters == [counters[1], counters[2], counters[0]]
-
-
-@pytest.mark.django_db
-def test_club_sales_csv(client: Client):
-    client.force_login(baker.make(User, is_superuser=True))
-    club = baker.make(Club)
-    counter = baker.make(Counter, club=club)
-    product = product_recipe.make(club=club, counters=[counter], purchase_price=0.5)
-    customers = baker.make(Customer, amount=100, _quantity=2, _bulk_create=True)
-    sales: list[Selling] = sale_recipe.make(
-        club=club,
-        counter=counter,
-        quantity=2,
-        unit_price=1.5,
-        product=iter([product, product, None]),
-        customer=itertools.cycle(customers),
-        _quantity=3,
-    )
-    url = reverse("club:sellings_csv", kwargs={"club_id": club.id})
-    response = client.post(url, data={"counters": [counter.id]})
-    assert response.status_code == 200
-    reader = csv.reader(s.decode() for s in response.streaming_content)
-    data = list(reader)
-    sale_rows = [
-        [
-            str(s.date),
-            str(counter),
-            str(s.seller),
-            s.customer.user.get_display_name(),
-            s.label,
-            "2",
-            "1.50",
-            "3.00",
-            "Compte utilisateur",
-        ]
-        for s in sales[::-1]
-    ]
-    sale_rows[2].extend(["0.50", "1.00"])
-    sale_rows[1].extend(["0.50", "1.00"])
-    sale_rows[0].extend(["", ""])
-    assert data == [
-        ["Quantité", "6"],
-        ["Total", "9"],
-        ["Bénéfice", "1"],
-        [
-            "Date",
-            "Comptoir",
-            "Barman",
-            "Client",
-            "Étiquette",
-            "Quantité",
-            "Prix unitaire",
-            "Total",
-            "Méthode de paiement",
-            "Prix d'achat",
-            "Bénéfice",
-        ],
-        *sale_rows,
-    ]

club/views.py

@@ -22,14 +22,12 @@
 #
 #
 
-from __future__ import annotations
-
 import csv
 import itertools
-from typing import TYPE_CHECKING, Any
+from typing import Any
 
 from django.conf import settings
-from django.contrib.auth.mixins import LoginRequiredMixin, PermissionRequiredMixin
+from django.contrib.auth.mixins import PermissionRequiredMixin
 from django.contrib.messages.views import SuccessMessageMixin
 from django.core.exceptions import NON_FIELD_ERRORS, PermissionDenied, ValidationError
 from django.core.paginator import InvalidPage, Paginator
@@ -38,7 +36,7 @@ from django.http import Http404, HttpResponseRedirect, StreamingHttpResponse
 from django.shortcuts import get_object_or_404, redirect
 from django.urls import reverse, reverse_lazy
 from django.utils import timezone
-from django.utils.functional import cached_property
+from django.utils.safestring import SafeString
 from django.utils.timezone import now
 from django.utils.translation import gettext
 from django.utils.translation import gettext_lazy as _
@@ -63,14 +61,11 @@ from com.views import (
     PosterListBaseView,
 )
 from core.auth.mixins import CanEditMixin, PermissionOrClubBoardRequiredMixin
-from core.models import Page, PageRev
-from core.views import BasePageEditView, DetailFormView, UseFragmentsMixin
+from core.models import PageRev
+from core.views import DetailFormView, PageEditViewBase, UseFragmentsMixin
 from core.views.mixins import FragmentMixin, FragmentRenderer, TabedViewMixin
 from counter.models import Selling
 
-if TYPE_CHECKING:
-    from django.utils.safestring import SafeString
-
 
 class ClubTabsMixin(TabedViewMixin):
     def get_tabs_title(self):
@@ -80,8 +75,6 @@ class ClubTabsMixin(TabedViewMixin):
             self.object = self.object.page.club
         elif isinstance(self.object, Poster):
             self.object = self.object.club
-        elif hasattr(self, "club"):
-            self.object = self.club
         return self.object.get_display_name()
 
     def get_list_of_tabs(self):
@@ -209,7 +202,7 @@ class ClubView(ClubTabsMixin, DetailView):
         return kwargs
 
 
-class ClubRevView(LoginRequiredMixin, ClubView):
+class ClubRevView(ClubView):
     """Display a specific page revision."""
 
     def dispatch(self, request, *args, **kwargs):
@@ -223,26 +216,26 @@ class ClubRevView(LoginRequiredMixin, ClubView):
         return kwargs
 
 
-class ClubPageEditView(ClubTabsMixin, BasePageEditView):
+class ClubPageEditView(ClubTabsMixin, PageEditViewBase):
     template_name = "club/pagerev_edit.jinja"
     current_tab = "page_edit"
 
-    @cached_property
-    def club(self):
-        return get_object_or_404(Club, pk=self.kwargs["club_id"])
+    def dispatch(self, request, *args, **kwargs):
+        self.club = get_object_or_404(Club, pk=kwargs["club_id"])
+        if not self.club.page:
+            raise Http404
+        return super().dispatch(request, *args, **kwargs)
 
-    @cached_property
-    def page(self) -> Page:
-        page = self.club.page
-        page.set_lock(self.request.user)
-        return page
+    def get_object(self):
+        self.page = self.club.page
+        return self._get_revision()
 
     def get_success_url(self, **kwargs):
         return reverse_lazy("club:club_view", kwargs={"club_id": self.club.id})
 
 
 class ClubPageHistView(ClubTabsMixin, PermissionRequiredMixin, DetailView):
-    """Modification history of the page."""
+    """Modification hostory of the page."""
 
     model = Club
     pk_url_kwarg = "club_id"
@@ -406,14 +399,33 @@ class ClubSellingView(ClubTabsMixin, CanEditMixin, DetailFormView):
         kwargs = super().get_context_data(**kwargs)
 
         kwargs["result"] = Selling.objects.none()
+        kwargs["paginated_result"] = kwargs["result"]
         kwargs["total"] = 0
         kwargs["total_quantity"] = 0
         kwargs["benefit"] = 0
 
-        form: SellingsForm = self.get_form()
-        if form.is_valid() and any(v for v in form.cleaned_data.values()):
-            filters = form.to_filter_schema()
-            qs = filters.filter(Selling.objects.filter(club=self.object))
+        form = self.get_form()
+        if form.is_valid():
+            qs = Selling.objects.filter(club=self.object)
+            if not len([v for v in form.cleaned_data.values() if v is not None]):
+                qs = Selling.objects.none()
+            if form.cleaned_data["begin_date"]:
+                qs = qs.filter(date__gte=form.cleaned_data["begin_date"])
+            if form.cleaned_data["end_date"]:
+                qs = qs.filter(date__lte=form.cleaned_data["end_date"])
+
+            if form.cleaned_data["counters"]:
+                qs = qs.filter(counter__in=form.cleaned_data["counters"])
+
+            selected_products = []
+            if form.cleaned_data["products"]:
+                selected_products.extend(form.cleaned_data["products"])
+            if form.cleaned_data["archived_products"]:
+                selected_products.extend(form.cleaned_data["archived_products"])
+
+            if len(selected_products) > 0:
+                qs = qs.filter(product__in=selected_products)
+
             kwargs["total"] = qs.annotate(
                 price=F("quantity") * F("unit_price")
             ).aggregate(total=Sum("price", default=0))["total"]
@@ -460,15 +472,15 @@ class ClubSellingCSVView(ClubSellingView):
             *row,
             selling.label,
             selling.quantity,
-            selling.unit_price,
             selling.quantity * selling.unit_price,
             selling.get_payment_method_display(),
         ]
         if selling.product:
+            row.append(selling.product.selling_price)
             row.append(selling.product.purchase_price)
-            row.append(selling.unit_price - selling.product.purchase_price)
+            row.append(selling.product.selling_price - selling.product.purchase_price)
         else:
-            row = [*row, "", ""]
+            row = [*row, "", "", ""]
         return row
 
     def get(self, request, *args, **kwargs):
@@ -489,9 +501,9 @@ class ClubSellingCSVView(ClubSellingView):
                 gettext("Customer"),
                 gettext("Label"),
                 gettext("Quantity"),
-                gettext("Unit price"),
                 gettext("Total"),
                 gettext("Payment method"),
+                gettext("Selling price"),
                 gettext("Purchase price"),
                 gettext("Benefit"),
             ],

com/views.py

@@ -240,11 +240,10 @@ class NewsListView(TemplateView):
         if not self.request.user.has_perm("core.view_user"):
             return []
         return itertools.groupby(
-            User.objects.viewable_by(self.request.user)
-            .filter(
+            User.objects.filter(
                 date_of_birth__month=localdate().month,
                 date_of_birth__day=localdate().day,
-                is_viewable=True,
+                is_subscriber_viewable=True,
             )
             .filter(role__in=["STUDENT", "FORMER STUDENT"])
             .order_by("-date_of_birth"),

core/admin.py

@@ -74,19 +74,9 @@ class UserBanAdmin(admin.ModelAdmin):
     autocomplete_fields = ("user", "ban_group")
 
 
-class GroupInline(admin.TabularInline):
-    model = Group.permissions.through
-    readonly_fields = ("group",)
-    extra = 0
-
-    def has_add_permission(self, request, obj):
-        return False
-
-
 @admin.register(Permission)
 class PermissionAdmin(admin.ModelAdmin):
     search_fields = ("codename",)
-    inlines = (GroupInline,)
 
 
 @admin.register(Page)

core/api.py

@@ -74,7 +74,7 @@ class MailingListController(ControllerBase):
 class UserController(ControllerBase):
     @route.get("", response=list[UserProfileSchema], permissions=[CanAccessLookup])
     def fetch_profiles(self, pks: Query[set[int]]):
-        return User.objects.viewable_by(self.context.request.user).filter(pk__in=pks)
+        return User.objects.filter(pk__in=pks)
 
     @route.get("/{int:user_id}", response=UserSchema, permissions=[CanView])
     def fetch_user(self, user_id: int):
@@ -90,9 +90,7 @@ class UserController(ControllerBase):
     @paginate(PageNumberPaginationExtra, page_size=20)
     def search_users(self, filters: Query[UserFilterSchema]):
         return filters.filter(
-            User.objects.viewable_by(self.context.request.user).order_by(
-                F("last_login").desc(nulls_last=True)
-            )
+            User.objects.order_by(F("last_login").desc(nulls_last=True))
         )
 
 

core/management/commands/populate.py

@@ -150,8 +150,7 @@ class Command(BaseCommand):
 
         Weekmail().save()
 
-        # Here we add a lot of test datas, that are not necessary for the Sith,
-        # but that provide a basic development environment
+        # Here we add a lot of test datas, that are not necessary for the Sith, but that provide a basic development environment
         self.now = timezone.now().replace(hour=12, second=0)
 
         skia = User.objects.create_user(

core/migrations/0048_alter_user_options.py

@@ -1,33 +0,0 @@
-# Generated by Django 5.2.8 on 2025-11-09 15:20
-
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-    dependencies = [("core", "0047_alter_notification_date_alter_notification_type")]
-
-    operations = [
-        migrations.AlterModelOptions(
-            name="user",
-            options={
-                "permissions": [("view_hidden_user", "Can view hidden users")],
-                "verbose_name": "user",
-                "verbose_name_plural": "users",
-            },
-        ),
-        migrations.RenameField(
-            model_name="user", old_name="is_subscriber_viewable", new_name="is_viewable"
-        ),
-        migrations.AlterField(
-            model_name="user",
-            name="is_viewable",
-            field=models.BooleanField(
-                default=True,
-                verbose_name="Profile visible by subscribers",
-                help_text=(
-                    "If you disable this option, only admin users "
-                    "will be able to see your profile."
-                ),
-            ),
-        ),
-    ]

core/models.py

@@ -54,8 +54,6 @@ from django.utils.translation import gettext_lazy as _
 from phonenumber_field.modelfields import PhoneNumberField
 from PIL import Image, ImageOps
 
-from core.utils import get_last_promo
-
 if TYPE_CHECKING:
     from django.core.files.uploadedfile import UploadedFile
     from pydantic import NonNegativeInt
@@ -88,11 +86,12 @@ class Group(AuthGroup):
 
 
 def validate_promo(value: int) -> None:
-    last_promo = get_last_promo()
-    if not 0 < value <= last_promo:
+    start_year = settings.SITH_SCHOOL_START_YEAR
+    delta = (localdate() + timedelta(days=180)).year - start_year
+    if value < 0 or delta < value:
         raise ValidationError(
             _("%(value)s is not a valid promo (between 0 and %(end)s)"),
-            params={"value": value, "end": last_promo},
+            params={"value": value, "end": delta},
         )
 
 
@@ -137,15 +136,6 @@ class UserQuerySet(models.QuerySet):
             Q(Exists(subscriptions)) | Q(Exists(refills)) | Q(Exists(purchases))
         )
 
-    def viewable_by(self, user: User) -> Self:
-        if user.has_perm("core.view_hidden_user"):
-            return self
-        if user.has_perm("core.view_user"):
-            return self.filter(is_viewable=True)
-        if user.is_anonymous:
-            return self.none()
-        return self.filter(id=user.id)
-
 
 class CustomUserManager(UserManager.from_queryset(UserQuerySet)):
     # see https://docs.djangoproject.com/fr/stable/topics/migrations/#model-managers
@@ -281,24 +271,13 @@ class User(AbstractUser):
     parent_address = models.CharField(
         _("parent address"), max_length=128, blank=True, default=""
     )
-    is_viewable = models.BooleanField(
-        _("Profile visible by subscribers"),
-        help_text=_(
-            "If you disable this option, only admin users "
-            "will be able to see your profile."
-        ),
-        default=True,
+    is_subscriber_viewable = models.BooleanField(
+        _("is subscriber viewable"), default=True
     )
     godfathers = models.ManyToManyField("User", related_name="godchildren", blank=True)
 
     objects = CustomUserManager()
 
-    class Meta(AbstractUser.Meta):
-        abstract = False
-        permissions = [
-            ("view_hidden_user", "Can view hidden users"),
-        ]
-
     def __str__(self):
         return self.get_display_name()
 
@@ -572,12 +551,8 @@ class User(AbstractUser):
     def can_be_edited_by(self, user):
         return user.is_root or user.is_board_member
 
-    def can_be_viewed_by(self, user: User) -> bool:
-        return (
-            user.id == self.id
-            or user.has_perm("core.view_hidden_user")
-            or (user.has_perm("core.view_user") and self.is_viewable)
-        )
+    def can_be_viewed_by(self, user):
+        return (user.was_subscribed and self.is_subscriber_viewable) or user.is_root
 
     def get_mini_item(self):
         return """

core/static/core/footer.scss

@@ -65,7 +65,7 @@ footer.bottom-links {
       flex-wrap: wrap;
       align-items: center;
       background-color: $primary-neutral-dark-color;
-      box-shadow: $shadow-color 0 0 15px;
+      box-shadow: black 0 8px 15px;
 
       a {
         color: $white-color;

core/static/core/header.scss

@@ -11,7 +11,8 @@ $hovered-red-text-color: #ff4d4d;
 .header {
   box-sizing: border-box;
   background-color: $deepblue;
-  box-shadow: 3px 3px 3px 0 #dfdfdf;
+  box-shadow: black 0 1px 3px 0,
+              black 0 4px 8px 3px;
   border-radius: 0;
   width: 100%;
   display: flex;
@@ -99,7 +100,7 @@ $hovered-red-text-color: #ff4d4d;
         border-radius: 0;
         margin: 0;
         box-sizing: border-box;
-        background-color: $deepblue;
+        background-color: transparent;
         width: 45px;
         height: 25px;
         padding: 0;
@@ -331,7 +332,7 @@ $hovered-red-text-color: #ff4d4d;
           padding: 10px;
           z-index: 100;
           border-radius: 10px;
-          box-shadow: 3px 3px 3px 0 #767676;
+          @include shadow;
 
           >ul {
             list-style-type: none;

core/static/core/style.scss

@@ -271,8 +271,9 @@ body {
 
   /*--------------------------------CONTENT------------------------------*/
   #content {
-    padding: 1em 1%;
-    box-shadow: $shadow-color 0 5px 10px;
+    padding: 1.5em 2%;
+    border-radius: 5px;
+    box-shadow: black 0 8px 15px;
     background: $white-color;
     overflow: auto;
   }

core/static/user/user_edit.scss

@@ -7,13 +7,10 @@
 .profile {
   &-visible {
     display: flex;
-    flex-direction: column;
+    justify-content: center;
     align-items: center;
     gap: 5px;
     padding-top: 10px;
-    input[type="checkbox"]+label {
-      max-width: unset;
-    }
   }
 
   &-pictures {
@@ -119,19 +116,23 @@
     display: flex;
     flex-direction: row;
     flex-wrap: wrap;
-    gap: var(--nf-input-size) 10px;
+    gap: 10px;
     justify-content: center;
   }
 
   &-field {
     display: flex;
+    flex-direction: row;
+    align-items: center;
     flex-wrap: wrap;
     justify-content: center;
+    gap: 10px;
     width: 100%;
     max-width: 330px;
     min-width: 300px;
 
     @media (max-width: 750px) {
+      gap: 4px;
       max-width: 100%;
     }
 
@@ -144,6 +145,22 @@
       }
     }
 
+    &-label {
+      text-align: left !important;
+    }
+
+    &-content {
+      > * {
+        box-sizing: border-box;
+        text-align: left !important;
+        margin: 0;
+
+        > * {
+          text-align: left !important;
+        }
+      }
+    }
+
     textarea {
       height: 7rem;
     }

core/templates/core/base.jinja

@@ -44,6 +44,18 @@
 
       {% block additional_css %}{% endblock %}
       {% block additional_js %}{% endblock %}
+      <style>
+        {# background image must be declared here, because the static names are
+           changed during the static collection step,
+           which means we must gather them with the `static` template function #}
+        .header {
+          background-image: url("{{ static("core/img/gala25_background.webp") }}");
+          background-position-y: 80%;  {# There are more stars in this part of the picture #}
+        }
+        body {
+          background-image: url("{{ static("core/img/gala25_background.webp") }}");
+        }
+      </style>
     {% endblock %}
   </head>
 

core/templates/core/base/header.jinja

@@ -1,6 +1,6 @@
 <header class="header">
   <div class="header-logo">
-    <a class="header-logo-picture" href="{{ url('core:index') }}" style="background-image: url('{{ static('core/img/logo_no_text.png') }}')">
+    <a class="header-logo-picture" href="{{ url('core:index') }}" style="background-image: url('{{ static("core/img/gala25_logo.webp") }}')">
       &nbsp;
     </a>
     <a class="header-logo-text" href="{{ url('core:index') }}">

core/templates/core/macros_pages.jinja

@@ -17,3 +17,12 @@
     {%- endfor -%}
   </ul>
 {% endmacro %}
+
+{% macro page_edit_form(page, form, url, token) %}
+  <h2>{% trans %}Edit page{% endtrans %}</h2>
+  <form action="{{ url }}" method="post">
+    <input type="hidden" name="csrfmiddlewaretoken" value="{{ token }}">
+    {{ form.as_p() }}
+    <p><input type="submit" value="{% trans %}Save{% endtrans %}" /></p>
+  </form>
+{% endmacro %}

core/templates/core/page.jinja

@@ -0,0 +1,64 @@
+{% extends "core/base.jinja" %}
+
+{% block title %}
+  {% if page %}
+    {{ page.get_display_name() }}
+  {% elif page_list %}
+    {% trans %}Page list{% endtrans %}
+  {% elif new_page %}
+    {% trans %}Create page{% endtrans %}
+  {% else %}
+    {% trans %}Not found{% endtrans %}
+  {% endif %}
+{% endblock %}
+
+{% block metatags %}
+  {% if page %}
+    <meta property="og:url" content="{{ request.build_absolute_uri(page.get_absolute_url()) }}" />
+    <meta property="og:type" content="article" />
+    <meta property="article:section" content="{% trans %}Page{% endtrans %}" />
+    <meta property="og:title" content="{{ page.get_display_name() }}" />
+    <meta property="og:image" content="{{ request.build_absolute_uri(static("core/img/logo_no_text.png")) }}" />
+  {% else %}
+    {{ super() }}
+  {% endif %}
+{% endblock %}
+
+{%- macro print_page_name(page) -%}
+  {%- if page -%}
+    {{ print_page_name(page.parent) }} >
+    <a href="{{ url('core:page', page_name=page.get_full_name()) }}">{{ page.get_display_name() }}</a>
+  {%- endif -%}
+{%- endmacro -%}
+
+{% block content %}
+  {{ print_page_name(page) }}
+  <div class="tool_bar">
+    <div class="tools">
+      {% if page %}
+        {% if page.club %}
+          <a href="{{ url('club:club_view', club_id=page.club.id) }}">{% trans %}Return to club management{% endtrans %}</a>
+        {% else %}
+          <a href="{{ url('core:page', page.get_full_name()) }}">{% trans %}View{% endtrans %}</a>
+        {% endif %}
+        <a href="{{ url('core:page_hist', page_name=page.get_full_name()) }}">{% trans %}History{% endtrans %}</a>
+        {% if can_edit(page, user) %}
+          <a href="{{ url('core:page_edit', page_name=page.get_full_name()) }}">{% trans %}Edit{% endtrans %}</a>
+        {% endif %}
+        {% if can_edit_prop(page, user) and not page.is_club_page %}
+          <a href="{{ url('core:page_prop', page_name=page.get_full_name()) }}">{% trans %}Prop{% endtrans %}</a>
+        {% endif %}
+      {% endif %}
+    </div>
+  </div>
+  <hr>
+
+  {% if page %}
+    {% block page %}
+    {% endblock %}
+  {% else %}
+    <h2>{% trans %}Page does not exist{% endtrans %}</h2>
+    <p><a href="{{ url('core:page_new') }}?page={{ request.resolver_match.kwargs['page_name'] }}">
+      {% trans %}Create it?{% endtrans %}</a></p>
+  {% endif %}
+{% endblock %}

core/templates/core/page/base.jinja

@@ -1,44 +0,0 @@
-{% extends "core/base.jinja" %}
-
-{% block title %}
-  {{ page.get_display_name() }}
-{% endblock %}
-
-{% block metatags %}
-  <meta property="og:url" content="{{ request.build_absolute_uri(page.get_absolute_url()) }}" />
-  <meta property="og:type" content="article" />
-  <meta property="article:section" content="{% trans %}Page{% endtrans %}" />
-  <meta property="og:title" content="{{ page.get_display_name() }}" />
-  <meta property="og:image" content="{{ request.build_absolute_uri(static("core/img/logo_no_text.png")) }}" />
-{% endblock %}
-
-{%- macro print_page_name(page) -%}
-  {%- if page -%}
-    {{ print_page_name(page.parent) }} >
-    <a href="{{ url('core:page', page_name=page.get_full_name()) }}">{{ page.get_display_name() }}</a>
-  {%- endif -%}
-{%- endmacro -%}
-
-{% block content %}
-  {{ print_page_name(page) }}
-  <div class="tool_bar">
-    <div class="tools">
-      {% if page.club %}
-        <a href="{{ url('club:club_view', club_id=page.club.id) }}">{% trans %}Return to club management{% endtrans %}</a>
-      {% else %}
-        <a href="{{ url('core:page', page.get_full_name()) }}">{% trans %}View{% endtrans %}</a>
-      {% endif %}
-      <a href="{{ url('core:page_hist', page_name=page.get_full_name()) }}">{% trans %}History{% endtrans %}</a>
-      {% if can_edit(page, user) %}
-        <a href="{{ url('core:page_edit', page_name=page.get_full_name()) }}">{% trans %}Edit{% endtrans %}</a>
-      {% endif %}
-      {% if can_edit_prop(page, user) and not page.is_club_page %}
-        <a href="{{ url('core:page_prop', page_name=page.get_full_name()) }}">{% trans %}Prop{% endtrans %}</a>
-      {% endif %}
-    </div>
-  </div>
-  <hr>
-
-  {% block page %}
-  {% endblock %}
-{% endblock %}

core/templates/core/page/detail.jinja

@@ -1,17 +0,0 @@
-{% extends "core/page/base.jinja" %}
-
-{% block page %}
-  {% if revision and revision.id != last_revision.id %}
-    <h4>
-      {% trans trimmed rev_id=revision.revision %}
-        This may not be the last update, you are seeing revision {{ rev_id }}!
-      {% endtrans %}
-    </h4>
-  {% endif %}
-  {% set current_revision = revision or last_revision %}
-  <h3>{{ current_revision.title }}</h3>
-  <div class="page_content">{{ current_revision.content|markdown }}</div>
-{% endblock %}
-
-
-

core/templates/core/page/edit.jinja

@@ -1,13 +0,0 @@
-{% extends "core/page/base.jinja" %}
-
-{% block page %}
-  <h2>{% trans %}Edit page{% endtrans %}</h2>
-  <form action="{{ url('core:page_edit', page_name=page.get_full_name()) }}" method="post">
-    {% csrf_token %}
-    {{ form.as_p() }}
-    <p><input type="submit" value="{% trans %}Save{% endtrans %}" /></p>
-  </form>
-{% endblock %}
-
-
-

core/templates/core/page/not_found.jinja

@@ -1,12 +0,0 @@
-{% extends "core/base.jinja" %}
-
-{% block content %}
-  <h2>{% trans %}Page does not exist{% endtrans %}</h2>
-  <p>
-    {# This template is rendered when a PageNotFound error is raised,
-       so the `exception` context variable should always have a page_name attribute #}
-    <a href="{{ url('core:page_new') }}?page={{ exception.page_name }}">
-      {% trans %}Create it?{% endtrans %}
-    </a>
-  </p>
-{% endblock %}

core/templates/core/page_detail.jinja

@@ -0,0 +1,17 @@
+{% extends "core/page.jinja" %}
+
+{% block page %}
+  {% if rev %}
+    <h4>{% trans rev_id=rev.revision %}This may not be the last update, you are seeing revision {{ rev_id }}!{% endtrans %}</h4>
+    <h3>{{ rev.title }}</h3>
+    <div class="page_content">{{ rev.content|markdown }}</div>
+  {% else %}
+    {% if page.revisions.last() %}
+      <h3>{{ page.revisions.last().title }}</h3>
+      <div class="page_content">{{ page.revisions.last().content|markdown }}</div>
+    {% endif %}
+  {% endif %}
+{% endblock %}
+
+
+

core/templates/core/page_hist.jinja

@@ -1,6 +1,6 @@
-{% extends "core/page/base.jinja" %}
+{% extends "core/page.jinja" %}
 
-{% from "core/page/macros.jinja" import page_history %}
+{% from "core/macros_pages.jinja" import page_history %}
 
 {% block page %}
   <h3>{% trans %}Page history{% endtrans %}</h3>

core/templates/core/page_prop.jinja

@@ -1,13 +1,18 @@
-{% extends "core/page/base.jinja" %}
+{% extends "core/page.jinja" %}
 
-{% block page %}
+{% block content %}
+  {% if page %}
+    {{ super() }}
+  {% endif %}
   <h2>{% trans %}Page properties{% endtrans %}</h2>
   <form action="" method="post">
     {% csrf_token %}
     {{ form.as_p() }}
     <p><input type="submit" value="{% trans %}Save{% endtrans %}" /></p>
   </form>
-  <a href="{{ url('core:page_delete', page_id=page.id)}}">{% trans %}Delete{% endtrans %}</a>
+  {% if page %}
+    <a href="{{ url('core:page_delete', page_id=page.id)}}">{% trans %}Delete{% endtrans %}</a>
+  {% endif %}
 {% endblock %}
 
 

core/templates/core/pagerev_edit.jinja

@@ -0,0 +1,9 @@
+{% extends "core/page.jinja" %}
+{% from 'core/macros_pages.jinja' import page_edit_form %}
+
+{% block page %}
+  {{ page_edit_form(page, form, url('core:page_edit', page_name=page.get_full_name()), csrf_token) }}
+{% endblock %}
+
+
+

core/templates/core/user_edit.jinja

@@ -116,12 +116,12 @@
     {# All fields #}
     <div class="profile-fields">
       {%- for field in form -%}
-        {%- if field.name in ["quote","profile_pict","avatar_pict","scrub_pict","is_viewable","forum_signature"] -%}
+        {%- if field.name in ["quote","profile_pict","avatar_pict","scrub_pict","is_subscriber_viewable","forum_signature"] -%}
           {%- continue -%}
         {%- endif -%}
 
         <div class="profile-field">
-          {{ field.label_tag() }}
+          <div class="profile-field-label">{{ field.label }}</div>
           <div class="profile-field-content">
             {{ field }}
             {%- if field.errors -%}
@@ -136,7 +136,7 @@
     <div class="profile-fields">
       {%- for field in [form.quote, form.forum_signature] -%}
         <div class="profile-field">
-          {{ field.label_tag() }}
+          <div class="profile-field-label">{{ field.label }}</div>
           <div class="profile-field-content">
             {{ field }}
             {%- if field.errors -%}
@@ -149,13 +149,8 @@
 
     {# Checkboxes #}
     <div class="profile-visible">
-      <div class="row">
-        {{ form.is_viewable }}
-        {{ form.is_viewable.label_tag() }}
-      </div>
-      <span class="helptext">
-        {{ form.is_viewable.help_text }}
-      </span>
+      {{ form.is_subscriber_viewable }}
+      {{ form.is_subscriber_viewable.label }}
     </div>
     <div class="final-actions">
 

core/tests/test_core.py

@@ -23,7 +23,6 @@ from django.contrib.auth.hashers import make_password
 from django.contrib.auth.models import Permission
 from django.core import mail
 from django.core.cache import cache
-from django.core.exceptions import ValidationError
 from django.core.mail import EmailMessage
 from django.test import Client, RequestFactory, TestCase
 from django.urls import reverse
@@ -36,8 +35,8 @@ from pytest_django.asserts import assertInHTML, assertRedirects
 from antispam.models import ToxicDomain
 from club.models import Club, Membership
 from core.markdown import markdown
-from core.models import AnonymousUser, Group, Page, User, validate_promo
-from core.utils import get_last_promo, get_semester_code, get_start_of_semester
+from core.models import AnonymousUser, Group, Page, User
+from core.utils import get_semester_code, get_start_of_semester
 from core.views import AllowFragment
 from counter.models import Customer
 from sith import settings
@@ -319,8 +318,9 @@ class TestPageHandling(TestCase):
     def test_access_page_not_found(self):
         """Should not display a page correctly."""
         response = self.client.get(reverse("core:page", kwargs={"page_name": "swagg"}))
-        assert response.status_code == 404
-        assert '<a href="/page/create/?page=swagg">' in response.text
+        assert response.status_code == 200
+        html = response.text
+        self.assertIn('<a href="/page/create/?page=swagg">', html)
 
     def test_create_page_markdown_safe(self):
         """Should format the markdown and escape html correctly."""
@@ -523,21 +523,6 @@ class TestDateUtils(TestCase):
             assert get_start_of_semester() == autumn_2023
 
 
-@pytest.mark.parametrize(
-    ("current_date", "promo"),
-    [("2020-10-01", 22), ("2025-03-01", 26), ("2000-11-11", 2)],
-)
-def test_get_last_promo(current_date: str, promo: int):
-    with freezegun.freeze_time(current_date):
-        assert get_last_promo() == promo
-
-
-@pytest.mark.parametrize("promo", [0, 24])
-def test_promo_validator(promo: int):
-    with freezegun.freeze_time("2021-10-01"), pytest.raises(ValidationError):
-        validate_promo(promo)
-
-
 def test_allow_fragment_mixin():
     class TestAllowFragmentView(AllowFragment, ContextMixin, View):
         def get(self, *args, **kwargs):

core/tests/test_family.py

@@ -55,7 +55,7 @@ class TestFetchFamilyApi(TestCase):
         assert response.status_code == 403
 
     def test_fetch_family_hidden_user(self):
-        self.main_user.is_viewable = False
+        self.main_user.is_subscriber_viewable = False
         self.main_user.save()
         for user_to_login, error_code in [
             (self.main_user, 200),

core/tests/test_page.py

@@ -1,122 +1,32 @@
-from datetime import timedelta
-
-import freezegun
 import pytest
-from bs4 import BeautifulSoup
 from django.conf import settings
 from django.contrib.auth.models import Permission
 from django.test import Client
 from django.urls import reverse
-from django.utils.timezone import now
 from model_bakery import baker
-from pytest_django.asserts import assertHTMLEqual, assertRedirects
+from pytest_django.asserts import assertRedirects
 
-from club.models import Club
 from core.baker_recipes import board_user, subscriber_user
-from core.markdown import markdown
-from core.models import AnonymousUser, Page, PageRev, User
+from core.models import AnonymousUser, Page, User
+from sith.settings import SITH_GROUP_OLD_SUBSCRIBERS_ID, SITH_GROUP_SUBSCRIBERS_ID
 
 
 @pytest.mark.django_db
-class TestEditPage:
-    def test_edit_page(self, client: Client):
-        user = board_user.make()
-        page = baker.prepare(Page)
-        page.save(force_lock=True)
-        page.view_groups.add(user.groups.first())
-        page.edit_groups.add(user.groups.first())
-        client.force_login(user)
-
-        url = reverse("core:page_edit", kwargs={"page_name": page._full_name})
-        res = client.get(url)
-        assert res.status_code == 200
-
-        res = client.post(url, data={"content": "Hello World"})
-        assertRedirects(
-            res, reverse("core:page", kwargs={"page_name": page._full_name})
-        )
-        revision = page.revisions.last()
-        assert revision.content == "Hello World"
-
-    def test_pagerev_reused(self, client):
-        """Test that the previous revision is edited, if same author and small time diff"""
-        user = baker.make(User, is_superuser=True)
-        page = baker.prepare(Page)
-        page.save(force_lock=True)
-        first_rev = baker.make(
-            PageRev, author=user, page=page, date=now(), content="Hello World"
-        )
-        client.force_login(user)
-        url = reverse("core:page_edit", kwargs={"page_name": page._full_name})
-        client.post(url, data={"content": "Hello World!"})
-        assert page.revisions.count() == 1
-        assert page.revisions.last() == first_rev
-        first_rev.refresh_from_db()
-        assert first_rev.author == user
-        assert first_rev.content == "Hello World!"
-
-    def test_pagerev_not_reused(self, client):
-        """Test that a new revision is created if too much time
-        passed since the last one.
-        """
-        user = baker.make(User, is_superuser=True)
-        page = baker.prepare(Page)
-        page.save(force_lock=True)
-        first_rev = baker.make(PageRev, author=user, page=page, date=now())
-        client.force_login(user)
-        url = reverse("core:page_edit", kwargs={"page_name": page._full_name})
-        with freezegun.freeze_time(now() + timedelta(minutes=30)):
-            client.post(url, data={"content": "Hello World"})
-        assert page.revisions.count() == 2
-        assert page.revisions.last() != first_rev
-
-
-@pytest.mark.django_db
-def test_page_revision(client: Client):
-    """Test the GET to request to a specific revision page."""
+def test_edit_page(client: Client):
+    user = board_user.make()
     page = baker.prepare(Page)
     page.save(force_lock=True)
-    page.view_groups.add(settings.SITH_GROUP_SUBSCRIBERS_ID)
-    revisions = baker.make(
-        PageRev, page=page, _quantity=3, content=iter(["foo", "bar", "baz"])
-    )
-    client.force_login(subscriber_user.make())
-    url = reverse(
-        "core:page_rev",
-        kwargs={"page_name": page._full_name, "rev": revisions[1].id},
-    )
+    page.view_groups.add(user.groups.first())
+    client.force_login(user)
+
+    url = reverse("core:page_edit", kwargs={"page_name": page._full_name})
     res = client.get(url)
     assert res.status_code == 200
-    soup = BeautifulSoup(res.text, "lxml")
-    detail_html = soup.find(class_="markdown")
-    assertHTMLEqual(detail_html.decode_contents(), markdown(revisions[1].content))
 
-
-@pytest.mark.django_db
-def test_page_club_redirection(client: Client):
-    club = baker.make(Club)
-    url = reverse("core:page", kwargs={"page_name": club.page._full_name})
-    res = client.get(url)
-    redirection_url = reverse("club:club_view", kwargs={"club_id": club.id})
-    assertRedirects(res, redirection_url)
-
-
-@pytest.mark.django_db
-def test_page_revision_club_redirection(client: Client):
-    client.force_login(subscriber_user.make())
-    club = baker.make(Club)
-    revisions = baker.make(
-        PageRev, page=club.page, _quantity=3, content=iter(["foo", "bar", "baz"])
-    )
-    url = reverse(
-        "core:page_rev",
-        kwargs={"page_name": club.page._full_name, "rev": revisions[1].id},
-    )
-    res = client.get(url)
-    redirection_url = reverse(
-        "club:club_view_rev", kwargs={"club_id": club.id, "rev_id": revisions[1].id}
-    )
-    assertRedirects(res, redirection_url)
+    res = client.post(url, data={"content": "Hello World"})
+    assertRedirects(res, reverse("core:page", kwargs={"page_name": page._full_name}))
+    revision = page.revisions.last()
+    assert revision.content == "Hello World"
 
 
 @pytest.mark.django_db
@@ -125,9 +35,9 @@ def test_viewable_by():
     Page.objects.all().delete()
     view_groups = [
         [settings.SITH_GROUP_PUBLIC_ID],
-        [settings.SITH_GROUP_PUBLIC_ID, settings.SITH_GROUP_SUBSCRIBERS_ID],
-        [settings.SITH_GROUP_SUBSCRIBERS_ID],
-        [settings.SITH_GROUP_SUBSCRIBERS_ID, settings.SITH_GROUP_OLD_SUBSCRIBERS_ID],
+        [settings.SITH_GROUP_PUBLIC_ID, SITH_GROUP_SUBSCRIBERS_ID],
+        [SITH_GROUP_SUBSCRIBERS_ID],
+        [SITH_GROUP_SUBSCRIBERS_ID, SITH_GROUP_OLD_SUBSCRIBERS_ID],
         [],
     ]
     pages = baker.make(Page, _quantity=len(view_groups), _bulk_create=True)
@@ -146,11 +56,3 @@ def test_viewable_by():
     )
     viewable = Page.objects.viewable_by(root_user).values_list("id", flat=True)
     assert set(viewable) == {p.id for p in pages}
-
-
-@pytest.mark.django_db
-def test_page_list_view(client: Client):
-    baker.make(Page, _quantity=10, _bulk_create=True)
-    client.force_login(subscriber_user.make())
-    res = client.get(reverse("core:page_list"))
-    assert res.status_code == 200

core/tests/test_user.py

@@ -3,7 +3,6 @@ from datetime import timedelta
 import pytest
 from django.conf import settings
 from django.contrib import auth
-from django.contrib.auth.models import Permission
 from django.core.management import call_command
 from django.test import Client, RequestFactory, TestCase
 from django.urls import reverse
@@ -19,7 +18,7 @@ from core.baker_recipes import (
     subscriber_user,
     very_old_subscriber_user,
 )
-from core.models import AnonymousUser, Group, User
+from core.models import Group, User
 from core.views import UserTabsMixin
 from counter.baker_recipes import sale_recipe
 from counter.models import Counter, Customer, Refilling, Selling
@@ -369,38 +368,3 @@ class TestRedirectMe:
 def test_promo_has_logo(promo):
     user = baker.make(User, promo=promo)
     assert user.promo_has_logo()
-
-
-@pytest.mark.django_db
-class TestUserQuerySetViewableBy:
-    @pytest.fixture
-    def users(self) -> list[User]:
-        return [
-            baker.make(User),
-            subscriber_user.make(),
-            subscriber_user.make(is_viewable=False),
-        ]
-
-    def test_admin_user(self, users: list[User]):
-        user = baker.make(
-            User,
-            user_permissions=[Permission.objects.get(codename="view_hidden_user")],
-        )
-        viewable = User.objects.filter(id__in=[u.id for u in users]).viewable_by(user)
-        assert set(viewable) == set(users)
-
-    @pytest.mark.parametrize(
-        "user_factory", [old_subscriber_user.make, subscriber_user.make]
-    )
-    def test_subscriber(self, users: list[User], user_factory):
-        user = user_factory()
-        viewable = User.objects.filter(id__in=[u.id for u in users]).viewable_by(user)
-        assert set(viewable) == {users[0], users[1]}
-
-    @pytest.mark.parametrize(
-        "user_factory", [lambda: baker.make(User), lambda: AnonymousUser()]
-    )
-    def test_not_subscriber(self, users: list[User], user_factory):
-        user = user_factory()
-        viewable = User.objects.filter(id__in=[u.id for u in users]).viewable_by(user)
-        assert not viewable.exists()

core/utils.py

@@ -112,16 +112,6 @@ def get_semester_code(d: date | None = None) -> str:
     return "P" + str(start.year)[-2:]
 
 
-def get_last_promo() -> int:
-    """Get the latest promo at the time the function is called.
-
-    For example, if called in october 2022 return 24,
-    if called in march 2026 return 27, etc.
-    """
-    start_year = settings.SITH_SCHOOL_START_YEAR
-    return (localdate() + timedelta(days=180)).year - start_year
-
-
 def is_image(file: UploadedFile):
     try:
         im = PIL.Image.open(file.file)
@@ -196,7 +186,7 @@ def exif_auto_rotate(image):
 
 def get_client_ip(request: HttpRequest) -> str | None:
     headers = (
-        "X_FORWARDED_FOR",  # Common header for proxies
+        "X_FORWARDED_FOR",  # Common header for proixes
         "FORWARDED",  # Standard header defined by RFC 7239.
         "REMOTE_ADDR",  # Default IP Address (direct connection)
     )

core/views/__init__.py

@@ -21,10 +21,10 @@
 # Place - Suite 330, Boston, MA 02111-1307, USA.
 #
 #
+
 from django.http import (
-    Http404,
-    HttpRequest,
     HttpResponseForbidden,
+    HttpResponseNotFound,
     HttpResponseServerError,
 )
 from django.shortcuts import render
@@ -33,20 +33,17 @@ from django.views.generic.edit import FormView
 from sentry_sdk import last_event_id
 
 from core.views.forms import LoginForm
-from core.views.page import PageNotFound
 
 
-def forbidden(request: HttpRequest, exception):
+def forbidden(request, exception):
     context = {"next": request.path, "form": LoginForm()}
     return HttpResponseForbidden(render(request, "core/403.jinja", context=context))
 
 
-def not_found(request: HttpRequest, exception: Http404):
-    if isinstance(exception, PageNotFound):
-        template_name = "core/page/not_found.jinja"
-    else:
-        template_name = "core/404.jinja"
-    return render(request, template_name, context={"exception": exception}, status=404)
+def not_found(request, exception):
+    return HttpResponseNotFound(
+        render(request, "core/404.jinja", context={"exception": exception})
+    )
 
 
 def internal_servor_error(request):

core/views/forms.py

@@ -20,9 +20,8 @@
 # Place - Suite 330, Boston, MA 02111-1307, USA.
 #
 #
-import difflib
 import re
-from datetime import date, datetime, timedelta
+from datetime import date, datetime
 from io import BytesIO
 
 from captcha.fields import CaptchaField
@@ -43,12 +42,13 @@ from django.forms import (
     Widget,
 )
 from django.utils.timezone import now
+from django.utils.translation import gettext
 from django.utils.translation import gettext_lazy as _
 from phonenumber_field.widgets import RegionalPhoneNumberWidget
 from PIL import Image
 
 from antispam.forms import AntiSpamEmailField
-from core.models import Gift, Group, Page, PageRev, SithFile, User
+from core.models import Gift, Group, Page, SithFile, User
 from core.utils import resize_image
 from core.views.widgets.ajax_select import (
     AutoCompleteSelect,
@@ -56,7 +56,6 @@ from core.views.widgets.ajax_select import (
     AutoCompleteSelectMultipleGroup,
     AutoCompleteSelectUser,
 )
-from core.views.widgets.markdown import MarkdownInput
 
 # Widgets
 
@@ -87,6 +86,30 @@ class NFCTextInput(TextInput):
         return context
 
 
+class SelectUser(TextInput):
+    def render(self, name, value, attrs=None, renderer=None):
+        if attrs:
+            attrs["class"] = "select_user"
+        else:
+            attrs = {"class": "select_user"}
+        output = (
+            '%(content)s<div name="%(name)s" class="choose_user_widget" title="%(title)s"></div>'
+            % {
+                "content": super().render(name, value, attrs, renderer),
+                "title": _("Choose user"),
+                "name": name,
+            }
+        )
+        output += (
+            '<span name="'
+            + name
+            + '" class="choose_user_button">'
+            + gettext("Choose user")
+            + "</span>"
+        )
+        return output
+
+
 # Fields
 
 
@@ -179,7 +202,7 @@ class UserProfileForm(forms.ModelForm):
             "school",
             "promo",
             "forum_signature",
-            "is_viewable",
+            "is_subscriber_viewable",
         ]
         widgets = {
             "date_of_birth": SelectDate,
@@ -188,8 +211,8 @@ class UserProfileForm(forms.ModelForm):
             "quote": forms.Textarea,
         }
 
-    def __init__(self, *args, label_suffix: str = "", **kwargs):
-        super().__init__(*args, label_suffix=label_suffix, **kwargs)
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
 
         # Image fields are injected here to override the file field provided by the model
         # This would be better if we could have a SithImage sort of model input instead of a generic SithFile
@@ -381,55 +404,6 @@ class PageForm(forms.ModelForm):
         )
 
 
-class PageRevisionForm(forms.ModelForm):
-    """Form to add a new revision to a page.
-
-    Notes:
-        Saving this form won't always result in a new revision.
-        If the previous revision on the same page was made :
-
-        - less than 20 minutes ago
-        - by the same author
-        - with a diff ratio higher than 20%
-
-        then the latter will be edited and the new revision won't be created.
-    """
-
-    TIME_THRESHOLD = timedelta(minutes=20)
-    DIFF_THRESHOLD = 0.2
-
-    class Meta:
-        model = PageRev
-        fields = ["title", "content"]
-        widgets = {"content": MarkdownInput}
-
-    def __init__(
-        self, *args, author: User, page: Page, instance: PageRev | None = None, **kwargs
-    ):
-        super().__init__(*args, instance=instance, **kwargs)
-        self.author = author
-        self.page = page
-        self.initial_content = instance.content if instance else ""
-
-    def diff_ratio(self, new_str: str) -> float:
-        return difflib.SequenceMatcher(
-            None, self.initial_content, new_str
-        ).quick_ratio()
-
-    def save(self, commit=True):  # noqa FBT002
-        revision: PageRev = self.instance
-        if (
-            revision._state.adding
-            or revision.author != self.author
-            or revision.date + self.TIME_THRESHOLD < now()
-            or self.diff_ratio(revision.content) < (1 - self.DIFF_THRESHOLD)
-        ):
-            revision.author = self.author
-            revision.page = self.page
-            revision.id = None  # if id is None, Django will create a new record
-        return super().save(commit=commit)
-
-
 class GiftForm(forms.ModelForm):
     class Meta:
         model = Gift

core/views/page.py

@@ -13,39 +13,39 @@
 #
 #
 
-from django.contrib.auth.mixins import PermissionRequiredMixin, UserPassesTestMixin
+from django.contrib.auth.mixins import PermissionRequiredMixin
 from django.db.models import F, OuterRef, Subquery
 from django.db.models.functions import Coalesce
+
+# This file contains all the views that concern the page model
+from django.forms.models import modelform_factory
 from django.http import Http404
-from django.shortcuts import get_object_or_404, redirect
+from django.shortcuts import redirect
 from django.urls import reverse_lazy
-from django.utils.functional import cached_property
 from django.views.generic import DetailView, ListView
 from django.views.generic.edit import CreateView, DeleteView, UpdateView
 
-from core.auth.mixins import CanEditPropMixin, CanViewMixin
-from core.models import Page, PageRev
-from core.views.forms import PageForm, PagePropForm, PageRevisionForm
+from core.auth.mixins import (
+    CanEditMixin,
+    CanEditPropMixin,
+    CanViewMixin,
+)
+from core.models import LockError, Page, PageRev
+from core.views.forms import PageForm, PagePropForm
+from core.views.widgets.markdown import MarkdownInput
 
 
-class PageNotFound(Http404):
-    """Http404 Exception, but specifically for when the not found object is a Page."""
-
-    def __init__(self, page_name: str):
-        self.page_name = page_name
-
-
-def get_page_or_404(full_name: str) -> Page:
-    """Like Django's get_object_or_404, but for Page, and with a custom 404 exception."""
-    page = Page.objects.filter(_full_name=full_name).first()
-    if not page:
-        raise PageNotFound(full_name)
-    return page
+class CanEditPagePropMixin(CanEditPropMixin):
+    def dispatch(self, request, *args, **kwargs):
+        res = super().dispatch(request, *args, **kwargs)
+        if self.object.is_club_page:
+            raise Http404
+        return res
 
 
 class PageListView(ListView):
     model = Page
-    template_name = "core/page/list.jinja"
+    template_name = "core/page_list.jinja"
 
     def get_queryset(self):
         return (
@@ -64,57 +64,80 @@ class PageListView(ListView):
         )
 
 
-class BasePageDetailView(CanViewMixin, DetailView):
+class PageView(CanViewMixin, DetailView):
     model = Page
+    template_name = "core/page_detail.jinja"
+
+    def dispatch(self, request, *args, **kwargs):
+        res = super().dispatch(request, *args, **kwargs)
+        if self.object and self.object.need_club_redirection:
+            return redirect("club:club_view", club_id=self.object.club.id)
+        return res
+
+    def get_object(self):
+        self.page = Page.get_page_by_full_name(self.kwargs["page_name"])
+        return self.page
+
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        if "page" not in context:
+            context["new_page"] = self.kwargs["page_name"]
+        return context
+
+
+class PageHistView(CanViewMixin, DetailView):
+    model = Page
+    template_name = "core/page_hist.jinja"
+    slug_field = "_full_name"
     slug_url_kwarg = "page_name"
     _cached_object: Page | None = None
 
     def dispatch(self, request, *args, **kwargs):
         page = self.get_object()
         if page.need_club_redirection:
-            return redirect("club:club_view", club_id=page.club.id)
+            return redirect("club:club_hist", club_id=page.club.id)
         return super().dispatch(request, *args, **kwargs)
 
     def get_object(self, *args, **kwargs):
         if not self._cached_object:
-            full_name = self.kwargs.get(self.slug_url_kwarg)
-            self._cached_object = get_page_or_404(full_name)
+            self._cached_object = super().get_object()
         return self._cached_object
 
-    def get_context_data(self, **kwargs):
-        return super().get_context_data(**kwargs) | {
-            "last_revision": self.object.revisions.last()
-        }
 
-
-class PageView(BasePageDetailView):
-    template_name = "core/page/detail.jinja"
-
-
-class PageHistView(BasePageDetailView):
-    template_name = "core/page/history.jinja"
-
-
-class PageRevView(BasePageDetailView):
-    template_name = "core/page/detail.jinja"
+class PageRevView(CanViewMixin, DetailView):
+    model = Page
+    template_name = "core/page_detail.jinja"
 
     def dispatch(self, request, *args, **kwargs):
-        page = self.get_object()
-        if page.need_club_redirection:
+        res = super().dispatch(request, *args, **kwargs)
+        self.object = self.get_object()
+
+        if self.object is None:
+            return redirect("core:page_create", page_name=self.kwargs["page_name"])
+
+        if self.object.need_club_redirection:
             return redirect(
-                "club:club_view_rev", club_id=page.club.id, rev_id=kwargs["rev"]
+                "club:club_view_rev", club_id=self.object.club.id, rev_id=kwargs["rev"]
             )
-        self.revision = get_object_or_404(page.revisions, id=self.kwargs["rev"])
-        return super().dispatch(request, *args, **kwargs)
+        return res
+
+    def get_object(self, *args, **kwargs):
+        self.page = Page.get_page_by_full_name(self.kwargs["page_name"])
+        return self.page
 
     def get_context_data(self, **kwargs):
-        return super().get_context_data(**kwargs) | {"revision": self.revision}
+        context = super().get_context_data(**kwargs)
+        if not self.page:
+            return context | {"new_page": self.kwargs["page_name"]}
+        context["page"] = self.page
+        context["rev"] = self.page.revisions.filter(id=self.kwargs["rev"]).first()
+        return context
 
 
 class PageCreateView(PermissionRequiredMixin, CreateView):
     model = Page
     form_class = PageForm
-    template_name = "core/create.jinja"
+    template_name = "core/page_prop.jinja"
     permission_required = "core.add_page"
 
     def get_initial(self):
@@ -129,67 +152,88 @@ class PageCreateView(PermissionRequiredMixin, CreateView):
         init["name"] = page_name[-1]
         return init
 
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        context["new_page"] = True
+        return context
+
     def form_valid(self, form):
         form.instance.set_lock(self.request.user)
         ret = super().form_valid(form)
         return ret
 
 
-class CanEditPagePropMixin(CanEditPropMixin):
-    def dispatch(self, request, *args, **kwargs):
-        res = super().dispatch(request, *args, **kwargs)
-        if self.object.is_club_page:
-            raise Http404
-        return res
-
-
 class PagePropView(CanEditPagePropMixin, UpdateView):
     model = Page
     form_class = PagePropForm
-    template_name = "core/page/prop.jinja"
+    template_name = "core/page_prop.jinja"
+    slug_field = "_full_name"
+    slug_url_kwarg = "page_name"
 
     def get_object(self, queryset=None):
-        self.page = get_page_or_404(full_name=self.kwargs["page_name"])
-        self.page.set_lock_recursive(self.request.user)
+        self.page = super().get_object()
+        try:
+            self.page.set_lock_recursive(self.request.user)
+        except LockError as e:
+            raise e
         return self.page
 
 
-class BasePageEditView(UserPassesTestMixin, UpdateView):
+class PageEditViewBase(CanEditMixin, UpdateView):
     model = PageRev
-    form_class = PageRevisionForm
-    template_name = "core/page/edit.jinja"
-
-    def test_func(self):
-        return self.request.user.can_edit(self.page)
-
-    @cached_property
-    def page(self) -> Page:
-        page = get_page_or_404(full_name=self.kwargs["page_name"])
-        page.set_lock(self.request.user)
-        return page
+    form_class = modelform_factory(
+        model=PageRev, fields=["title", "content"], widgets={"content": MarkdownInput}
+    )
+    template_name = "core/pagerev_edit.jinja"
 
     def get_object(self, *args, **kwargs):
-        return self.page.revisions.last()
+        self.page = Page.get_page_by_full_name(self.kwargs["page_name"])
+        return self._get_revision()
+
+    def _get_revision(self):
+        if self.page is not None:
+            # First edit
+            if self.page.revisions.all() is None:
+                rev = PageRev(author=self.request.user)
+                rev.save()
+                self.page.revisions.add(rev)
+            try:
+                self.page.set_lock(self.request.user)
+            except LockError as e:
+                raise e
+            return self.page.revisions.last()
+        return None
 
     def get_context_data(self, **kwargs):
-        return super().get_context_data(**kwargs) | {"page": self.page}
+        context = super().get_context_data(**kwargs)
+        if self.page is not None:
+            context["page"] = self.page
+        else:
+            context["new_page"] = self.kwargs["page_name"]
+        return context
 
-    def get_form_kwargs(self):
-        return super().get_form_kwargs() | {
-            "author": self.request.user,
-            "page": self.page,
-        }
+    def form_valid(self, form):
+        # TODO : factor that, but first make some tests
+        rev = form.instance
+        new_rev = PageRev(title=rev.title, content=rev.content)
+        new_rev.author = self.request.user
+        new_rev.page = self.page
+        form.instance = new_rev
+        return super().form_valid(form)
 
 
-class PageEditView(BasePageEditView):
+class PageEditView(PageEditViewBase):
     def dispatch(self, request, *args, **kwargs):
-        if self.page.need_club_redirection:
-            return redirect("club:club_edit_page", club_id=self.page.club.id)
-        return super().dispatch(request, *args, **kwargs)
+        res = super().dispatch(request, *args, **kwargs)
+        if self.object and self.object.page.need_club_redirection:
+            return redirect("club:club_edit_page", club_id=self.object.page.club.id)
+        return res
 
 
 class PageDeleteView(CanEditPagePropMixin, DeleteView):
     model = Page
     template_name = "core/delete_confirm.jinja"
     pk_url_kwarg = "page_id"
-    success_url = reverse_lazy("core:page_list")
+
+    def get_success_url(self, **kwargs):
+        return reverse_lazy("core:page_list")

core/views/user.py

@@ -103,7 +103,9 @@ def password_root_change(request, user_id):
     """Allows a root user to change someone's password."""
     if not request.user.is_root:
         raise PermissionDenied
-    user = get_object_or_404(User, id=user_id)
+    user = User.objects.filter(id=user_id).first()
+    if not user:
+        raise Http404("User not found")
     if request.method == "POST":
         form = views.SetPasswordForm(user=user, data=request.POST)
         if form.is_valid():

counter/schemas.py

@@ -1,4 +1,3 @@
-from datetime import datetime
 from typing import Annotated, Self
 
 from annotated_types import MinLen
@@ -101,10 +100,3 @@ class ProductFilterSchema(FilterSchema):
     product_type: set[int] | None = Field(None, q="product_type__in")
     club: set[int] | None = Field(None, q="club__in")
     counter: set[int] | None = Field(None, q="counters__in")
-
-
-class SaleFilterSchema(FilterSchema):
-    before: datetime | None = Field(None, q="date__lt")
-    after: datetime | None = Field(None, q="date__gt")
-    counters: set[int] | None = Field(None, q="counter__in")
-    products: set[int] | None = Field(None, q="product__in")

election/templates/election/election_detail.jinja

@@ -141,7 +141,7 @@
                           <label for="{{ input_id }}">
                         {%- endif %}
                         <figure>
-                          {%- if user.is_viewable %}
+                          {%- if user.is_subscriber_viewable %}
                             {% if candidature.user.profile_pict %}
                               <img class="candidate__picture" src="{{ candidature.user.profile_pict.get_download_url() }}" alt="{% trans %}Profile{% endtrans %}">
                             {% else %}

galaxy/models.py

@@ -199,7 +199,7 @@ class Galaxy(models.Model):
         cls, picture_count_threshold: int = DEFAULT_PICTURE_COUNT_THRESHOLD
     ) -> QuerySet[User]:
         return (
-            User.objects.filter(is_viewable=True)
+            User.objects.filter(is_subscriber_viewable=True)
             .exclude(subscriptions=None)
             .annotate(
                 pictures_count=Count("pictures"),

locale/fr/LC_MESSAGES/django.po

@@ -6,7 +6,7 @@
 msgid ""
 msgstr ""
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2025-11-12 21:44+0100\n"
+"POT-Creation-Date: 2025-11-07 14:50+0100\n"
 "PO-Revision-Date: 2016-07-18\n"
 "Last-Translator: Maréchal <thomas.girod@utbm.fr\n"
 "Language-Team: AE info <ae.info@utbm.fr>\n"
@@ -247,7 +247,8 @@ msgstr "description"
 msgid "past member"
 msgstr "ancien membre"
 
-#: club/models.py com/templates/com/mailing_admin.jinja
+#: club/models.py club/templates/club/club_detail.jinja
+#: com/templates/com/mailing_admin.jinja
 #: com/templates/com/news_admin_list.jinja com/templates/com/weekmail.jinja
 #: core/templates/core/user_clubs.jinja
 #: counter/templates/counter/invoices_call.jinja
@@ -470,7 +471,7 @@ msgstr "Méthode de paiement"
 #: core/templates/core/file_detail.jinja
 #: core/templates/core/file_moderation.jinja
 #: core/templates/core/group_detail.jinja core/templates/core/group_list.jinja
-#: core/templates/core/macros.jinja core/templates/core/page/prop.jinja
+#: core/templates/core/macros.jinja core/templates/core/page_prop.jinja
 #: core/templates/core/user_account_detail.jinja
 #: core/templates/core/user_clubs.jinja core/templates/core/user_edit.jinja
 #: counter/templates/counter/fragments/create_student_card.jinja
@@ -546,12 +547,11 @@ msgstr ""
 "Les champs de formulaire suivants sont liées à la description basique d'un "
 "club. Tous les membres du bureau du club peuvent voir et modifier ceux-ci."
 
-#: club/templates/club/edit_club.jinja club/templates/club/pagerev_edit.jinja
-#: com/templates/com/news_edit.jinja com/templates/com/poster_edit.jinja
-#: com/templates/com/screen_edit.jinja com/templates/com/weekmail.jinja
-#: core/templates/core/create.jinja core/templates/core/edit.jinja
-#: core/templates/core/file_edit.jinja core/templates/core/page/edit.jinja
-#: core/templates/core/page/prop.jinja
+#: club/templates/club/edit_club.jinja com/templates/com/news_edit.jinja
+#: com/templates/com/poster_edit.jinja com/templates/com/screen_edit.jinja
+#: com/templates/com/weekmail.jinja core/templates/core/create.jinja
+#: core/templates/core/edit.jinja core/templates/core/file_edit.jinja
+#: core/templates/core/macros_pages.jinja core/templates/core/page_prop.jinja
 #: core/templates/core/user_godfathers.jinja
 #: core/templates/core/user_godfathers_tree.jinja
 #: core/templates/core/user_preferences.jinja
@@ -638,9 +638,9 @@ msgstr "Nouvelle liste de diffusion"
 msgid "Create mailing list"
 msgstr "Créer une liste de diffusion"
 
-#: club/templates/club/pagerev_edit.jinja core/templates/core/page/edit.jinja
-msgid "Edit page"
-msgstr "Éditer la page"
+#: club/templates/club/page_history.jinja
+msgid "No page existing for this club"
+msgstr "Aucune page n'existe pour ce club"
 
 #: club/views.py core/views/user.py sas/templates/sas/picture.jinja
 msgid "Infos"
@@ -654,7 +654,7 @@ msgstr "Membres"
 msgid "Old members"
 msgstr "Anciens membres"
 
-#: club/views.py core/templates/core/page/base.jinja
+#: club/views.py core/templates/core/page.jinja
 msgid "History"
 msgstr "Historique"
 
@@ -666,7 +666,7 @@ msgstr "Outils"
 #: club/views.py com/templates/com/news_admin_list.jinja
 #: com/templates/com/poster_list.jinja com/templates/com/screen_list.jinja
 #: com/templates/com/weekmail.jinja core/templates/core/file.jinja
-#: core/templates/core/group_list.jinja core/templates/core/page/base.jinja
+#: core/templates/core/group_list.jinja core/templates/core/page.jinja
 #: core/templates/core/user_tools.jinja core/views/user.py
 #: counter/templates/counter/cash_summary_list.jinja
 #: counter/templates/counter/counter_list.jinja
@@ -704,8 +704,8 @@ msgid "Benefit"
 msgstr "Bénéfice"
 
 #: club/views.py
-msgid "Unit price"
-msgstr "Prix unitaire"
+msgid "Selling price"
+msgstr "Prix de vente"
 
 #: club/views.py
 msgid "Purchase price"
@@ -980,7 +980,7 @@ msgid "Dates"
 msgstr "Dates"
 
 #: com/templates/com/news_admin_list.jinja core/templates/core/file.jinja
-#: core/templates/core/page/base.jinja
+#: core/templates/core/page.jinja
 msgid "View"
 msgstr "Voir"
 
@@ -1017,10 +1017,6 @@ msgstr "Événements à modérer"
 msgid "Back to news"
 msgstr "Retour aux nouvelles"
 
-#: com/templates/com/news_detail.jinja
-msgid "Share on Facebook"
-msgstr "Partager sur Facebook"
-
 #: com/templates/com/news_detail.jinja
 msgid "Author: "
 msgstr "Auteur : "
@@ -1536,15 +1532,8 @@ msgid "parent address"
 msgstr "adresse des parents"
 
 #: core/models.py
-msgid "Profile visible by subscribers"
-msgstr "Profil visible par les cotisants"
-
-#: core/models.py
-msgid ""
-"If you disable this option, only admin users will be able to see your "
-"profile."
-msgstr ""
-"Si vous désactivez cette option, seuls les admins pourront voir votre profil."
+msgid "is subscriber viewable"
+msgstr "profil visible par les cotisants"
 
 #: core/models.py
 msgid "A user with that username already exists"
@@ -1960,7 +1949,7 @@ msgstr "Liste de fichiers"
 msgid "New file"
 msgstr "Nouveau fichier"
 
-#: core/templates/core/file.jinja
+#: core/templates/core/file.jinja core/templates/core/page.jinja
 msgid "Not found"
 msgstr "Non trouvé"
 
@@ -1968,7 +1957,7 @@ msgstr "Non trouvé"
 msgid "My files"
 msgstr "Mes fichiers"
 
-#: core/templates/core/file.jinja core/templates/core/page/base.jinja
+#: core/templates/core/file.jinja core/templates/core/page.jinja
 msgid "Prop"
 msgstr "Propriétés"
 
@@ -2106,6 +2095,14 @@ msgstr "Mot de passe perdu ?"
 msgid "Create account"
 msgstr "Créer un compte"
 
+#: core/templates/core/macros.jinja
+msgid "Share on Facebook"
+msgstr "Partager sur Facebook"
+
+#: core/templates/core/macros.jinja
+msgid "Tweet"
+msgstr "Tweeter"
+
 #: core/templates/core/macros.jinja
 #, python-format
 msgid "Subscribed until %(subscription_end)s"
@@ -2127,6 +2124,19 @@ msgstr "Tout sélectionner"
 msgid "Unselect All"
 msgstr "Tout désélectionner"
 
+#: core/templates/core/macros_pages.jinja
+#, python-format
+msgid "You're seeing the history of page \"%(page_name)s\""
+msgstr "Vous consultez l'historique de la page \"%(page_name)s\""
+
+#: core/templates/core/macros_pages.jinja
+msgid "last"
+msgstr "actuel"
+
+#: core/templates/core/macros_pages.jinja
+msgid "Edit page"
+msgstr "Éditer la page"
+
 #: core/templates/core/new_user_email.jinja
 msgid ""
 "You're receiving this email because you subscribed to the UTBM student "
@@ -2177,47 +2187,38 @@ msgstr "Nouvelle cotisation à l'Association des Étudiants de l'UTBM"
 msgid "Notification list"
 msgstr "Liste des notifications"
 
-#: core/templates/core/page/base.jinja
-msgid "Page"
-msgstr "Page"
+#: core/templates/core/page.jinja core/templates/core/page_list.jinja
+msgid "Page list"
+msgstr "Liste des pages"
 
-#: core/templates/core/page/base.jinja
+#: core/templates/core/page.jinja
+msgid "Create page"
+msgstr "Créer une page"
+
+#: core/templates/core/page.jinja
 msgid "Return to club management"
 msgstr "Retourner à la gestion du club"
 
-#: core/templates/core/page/detail.jinja
+#: core/templates/core/page.jinja
+msgid "Page does not exist"
+msgstr "La page n'existe pas"
+
+#: core/templates/core/page.jinja
+msgid "Create it?"
+msgstr "La créer ?"
+
+#: core/templates/core/page_detail.jinja
 #, python-format
 msgid "This may not be the last update, you are seeing revision %(rev_id)s!"
 msgstr ""
 "Ceci n'est peut-être pas la dernière version de la page. Vous consultez la "
 "version %(rev_id)s."
 
-#: core/templates/core/page/history.jinja
+#: core/templates/core/page_hist.jinja
 msgid "Page history"
 msgstr "Historique de la page"
 
-#: core/templates/core/page/list.jinja
-msgid "Page list"
-msgstr "Liste des pages"
-
-#: core/templates/core/page/macros.jinja
-#, python-format
-msgid "You're seeing the history of page \"%(page_name)s\""
-msgstr "Vous consultez l'historique de la page \"%(page_name)s\""
-
-#: core/templates/core/page/macros.jinja
-msgid "last"
-msgstr "actuel"
-
-#: core/templates/core/page/not_found.jinja
-msgid "Page does not exist"
-msgstr "La page n'existe pas"
-
-#: core/templates/core/page/not_found.jinja
-msgid "Create it?"
-msgstr "La créer ?"
-
-#: core/templates/core/page/prop.jinja
+#: core/templates/core/page_prop.jinja
 msgid "Page properties"
 msgstr "Propriétés de la page"
 
@@ -2840,6 +2841,10 @@ msgstr "Erreur d'envoi du fichier %(file_name)s : %(msg)s"
 msgid "Apply rights recursively"
 msgstr "Appliquer les droits récursivement"
 
+#: core/views/forms.py
+msgid "Choose user"
+msgstr "Choisir un utilisateur"
+
 #: core/views/forms.py
 msgid "Ensure this timestamp is set in the future"
 msgstr "Assurez-vous que cet horodatage est dans le futur"
@@ -5107,6 +5112,14 @@ msgstr "Membre de Sbarro ou de l'ESTA"
 msgid "One semester Welcome Week"
 msgstr "Un semestre Welcome Week"
 
+#: sith/settings.py
+msgid "One month for free"
+msgstr "Un mois gratuit"
+
+#: sith/settings.py
+msgid "Two months for free"
+msgstr "Deux mois gratuits"
+
 #: sith/settings.py
 msgid "Eurok's volunteer"
 msgstr "Bénévole Eurockéennes"
@@ -5120,10 +5133,8 @@ msgid "One day"
 msgstr "Un jour"
 
 #: sith/settings.py
-#, fuzzy
-#| msgid "GA staff member"
-msgid "GA staff member"
-msgstr "Membre staff GA"
+msgid "GA staff member (2 weeks)"
+msgstr "Membre staff GA (2 semaines)"
 
 #: sith/settings.py
 msgid "One semester (-20%)"

matmat/views.py

@@ -105,7 +105,7 @@ class SearchFormListView(FormerSubscriberMixin, SingleObjectMixin, ListView):
         self.can_see_hidden = True
         if not (request.user.is_board_member or request.user.is_root):
             self.can_see_hidden = False
-            self.init_query = self.init_query.filter(is_viewable=True)
+            self.init_query = self.init_query.exclude(is_subscriber_viewable=False)
 
         return super().dispatch(request, *args, **kwargs)
 
@@ -130,7 +130,7 @@ class SearchFormListView(FormerSubscriberMixin, SingleObjectMixin, ListView):
                 else:
                     q = []
                 if not self.can_see_hidden and len(q) > 0:
-                    q = [user for user in q if user.is_viewable]
+                    q = [user for user in q if user.is_subscriber_viewable]
             else:
                 search_dict = {}
                 for key, value in self.valid_form.items():

package-lock.json

@@ -4421,9 +4421,9 @@
       "license": "MIT"
     },
     "node_modules/js-yaml": {
-      "version": "4.1.0",
-      "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz",
-      "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==",
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz",
+      "integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==",
       "dev": true,
       "license": "MIT",
       "dependencies": {

sas/api.py

@@ -136,14 +136,11 @@ class PicturesController(ControllerBase):
         "/{picture_id}/identified",
         permissions=[CanView],
         response=list[IdentifiedUserSchema],
-        url_name="picture_identifications",
     )
     def fetch_identifications(self, picture_id: int):
         """Fetch the users that have been identified on the given picture."""
         picture = self.get_object_or_exception(Picture, pk=picture_id)
-        return picture.people.viewable_by(self.context.request.user).select_related(
-            "user"
-        )
+        return picture.people.select_related("user")
 
     @route.put("/{picture_id}/identified", permissions=[CanView])
     def identify_users(self, picture_id: NonNegativeInt, users: set[NonNegativeInt]):

sas/models.py

@@ -265,15 +265,6 @@ def sas_notification_callback(notif: Notification):
     notif.param = str(count)
 
 
-class PeoplePictureRelationQuerySet(models.QuerySet):
-    def viewable_by(self, user: User) -> Self:
-        if user.is_root or user.is_in_group(pk=settings.SITH_GROUP_SAS_ADMIN_ID):
-            return self
-        if user.was_subscribed:
-            return self.filter(Q(user_id=user.id) | Q(user__is_viewable=True))
-        return self.filter(user_id=user.id)
-
-
 class PeoplePictureRelation(models.Model):
     """The PeoplePictureRelation class makes the connection between User and Picture."""
 
@@ -290,8 +281,6 @@ class PeoplePictureRelation(models.Model):
         on_delete=models.CASCADE,
     )
 
-    objects = PeoplePictureRelationQuerySet.as_manager()
-
     class Meta:
         unique_together = ["user", "picture"]
 

sas/tests/test_api.py

@@ -186,29 +186,6 @@ class TestPictureRelation(TestSas):
         assert res.status_code == 404
         assert PeoplePictureRelation.objects.count() == relation_count
 
-    def test_fetch_relations_including_hidden_users(self):
-        """Test that normal subscribers users cannot see hidden profiles"""
-        picture = self.album_a.children_pictures.last()
-        self.user_a.is_viewable = False
-        self.user_a.save()
-        url = reverse("api:picture_identifications", kwargs={"picture_id": picture.id})
-
-        # a normal subscriber user shouldn't see user_a as identified
-        self.client.force_login(subscriber_user.make())
-        response = self.client.get(url)
-        data = {user["user"]["id"] for user in response.json()}
-        assert data == {self.user_b.id, self.user_c.id}
-
-        # an admin should see everyone
-        self.client.force_login(
-            baker.make(
-                User, groups=[Group.objects.get(id=settings.SITH_GROUP_SAS_ADMIN_ID)]
-            )
-        )
-        response = self.client.get(url)
-        data = {user["user"]["id"] for user in response.json()}
-        assert data == {self.user_a.id, self.user_b.id, self.user_c.id}
-
 
 class TestPictureModeration(TestSas):
     @classmethod

sas/tests/test_model.py

@@ -1,11 +1,10 @@
-import pytest
 from django.test import TestCase
 from model_bakery import baker
 
 from core.baker_recipes import old_subscriber_user, subscriber_user
 from core.models import User
 from sas.baker_recipes import picture_recipe
-from sas.models import PeoplePictureRelation, Picture
+from sas.models import Picture
 
 
 class TestPictureQuerySet(TestCase):
@@ -45,25 +44,3 @@ class TestPictureQuerySet(TestCase):
         user.pictures.create(picture=self.pictures[1])  # moderated
         pictures = list(Picture.objects.viewable_by(user))
         assert pictures == [self.pictures[1]]
-
-
-@pytest.mark.django_db
-def test_identifications_viewable_by_user():
-    picture = baker.make(Picture)
-    identifications = baker.make(
-        PeoplePictureRelation, picture=picture, _quantity=10, _bulk_create=True
-    )
-    identifications[0].user.is_viewable = False
-    identifications[0].user.save()
-
-    assert (
-        list(picture.people.viewable_by(old_subscriber_user.make()))
-        == identifications[1:]
-    )
-    assert (
-        list(picture.people.viewable_by(baker.make(User, is_superuser=True)))
-        == identifications
-    )
-    assert list(picture.people.viewable_by(identifications[1].user)) == [
-        identifications[1]
-    ]

subscription/forms.py

@@ -7,7 +7,6 @@ from django.core.exceptions import ValidationError
 from django.utils.translation import gettext_lazy as _
 
 from core.models import User
-from core.utils import get_last_promo
 from core.views.forms import SelectDate, SelectDateTime
 from core.views.widgets.ajax_select import AutoCompleteSelectUser
 from subscription.models import Subscription
@@ -126,17 +125,8 @@ class SubscriptionNewUserForm(SubscriptionForm):
             "deux-semestres",
             "cursus-tronc-commun",
             "cursus-branche",
-            "cursus-alternant",
         ]:
             member.role = "STUDENT"
-            member.school = "UTBM"
-        if self.cleaned_data.get("subscription_type") == "cursus-tronc-commun":
-            member.promo = get_last_promo()
-        if self.cleaned_data.get("subscription_type") in [
-            "cursus-branche",
-            "cursus-alternant",
-        ]:
-            member.promo = get_last_promo() - 2
         member.generate_username()
         member.set_password(secrets.token_urlsafe(nbytes=10))
         self.instance.member = member