From 430862b24d14800805ca50d3a2059213cdc48528 Mon Sep 17 00:00:00 2001 From: Tom Price Date: Tue, 11 Apr 2017 15:52:38 +0100 Subject: [PATCH] Add tracking of who sent the link --- .../0029_eventauthorisation_sent_by.py | 21 +++++++++++++++++++ RIGS/models.py | 1 + RIGS/rigboard.py | 7 +++++-- RIGS/templates/RIGS/event_detail.html | 3 +++ RIGS/templates/RIGS/invoice_detail.html | 3 +++ RIGS/test_functional.py | 12 +++++++++-- 6 files changed, 43 insertions(+), 4 deletions(-) create mode 100644 RIGS/migrations/0029_eventauthorisation_sent_by.py diff --git a/RIGS/migrations/0029_eventauthorisation_sent_by.py b/RIGS/migrations/0029_eventauthorisation_sent_by.py new file mode 100644 index 00000000..80c86299 --- /dev/null +++ b/RIGS/migrations/0029_eventauthorisation_sent_by.py @@ -0,0 +1,21 @@ +# -*- coding: utf-8 -*- +from __future__ import unicode_literals + +from django.db import models, migrations +from django.conf import settings + + +class Migration(migrations.Migration): + + dependencies = [ + ('RIGS', '0028_migrate_purchase_order'), + ] + + operations = [ + migrations.AddField( + model_name='eventauthorisation', + name='sent_by', + field=models.ForeignKey(default=1, to=settings.AUTH_USER_MODEL), + preserve_default=False, + ), + ] diff --git a/RIGS/models.py b/RIGS/models.py index 9b73a1ab..31496ed0 100644 --- a/RIGS/models.py +++ b/RIGS/models.py @@ -513,6 +513,7 @@ class EventAuthorisation(models.Model, RevisionMixin): account_code = models.CharField(max_length=50, blank=True, null=True) po = models.CharField(max_length=255, blank=True, null=True, verbose_name="purchase order") amount = models.DecimalField(max_digits=10, decimal_places=2, verbose_name="authorisation amount") + sent_by = models.ForeignKey('RIGS.Profile') @python_2_unicode_compatible diff --git a/RIGS/rigboard.py b/RIGS/rigboard.py index ecd15842..9213e900 100644 --- a/RIGS/rigboard.py +++ b/RIGS/rigboard.py @@ -272,6 +272,7 @@ class EventAuthorise(generic.UpdateView): form = super(EventAuthorise, self).get_form(**kwargs) form.instance.event = self.event form.instance.email = self.request.email + form.instance.sent_by = self.request.sent_by return form def dispatch(self, request, *args, **kwargs): @@ -280,7 +281,8 @@ class EventAuthorise(generic.UpdateView): data = signing.loads(kwargs.get('hmac')) assert int(kwargs.get('pk')) == int(data.get('pk')) request.email = data['email'] - except (signing.BadSignature, AssertionError, KeyError): + request.sent_by = models.Profile.objects.get(pk=data['sent_by']) + except (signing.BadSignature, AssertionError, KeyError, models.Profile.DoesNotExist): raise SuspiciousOperation( "This URL is invalid. Please ask your TEC contact for a new URL") return super(EventAuthorise, self).dispatch(request, *args, **kwargs) @@ -314,7 +316,8 @@ class EventAuthorisationRequest(generic.FormView, generic.detail.SingleObjectMix 'request': self.request, 'hmac': signing.dumps({ 'pk': self.object.pk, - 'email': email + 'email': email, + 'sent_by': self.request.user.pk, }), } diff --git a/RIGS/templates/RIGS/event_detail.html b/RIGS/templates/RIGS/event_detail.html index 3493a421..4a803e1a 100644 --- a/RIGS/templates/RIGS/event_detail.html +++ b/RIGS/templates/RIGS/event_detail.html @@ -170,6 +170,9 @@ £ {{ object.authorisation.amount|floatformat:"2" }} {% endif %} + +
Authorsation request sent by
+
{{ object.authorisation.sent_by }}
{% endif %} diff --git a/RIGS/templates/RIGS/invoice_detail.html b/RIGS/templates/RIGS/invoice_detail.html index d8da9182..a55927f8 100644 --- a/RIGS/templates/RIGS/invoice_detail.html +++ b/RIGS/templates/RIGS/invoice_detail.html @@ -110,6 +110,9 @@ £ {{ object.event.authorisation.amount|floatformat:"2" }} {% endif %} + +
Authorsation request sent by
+
{{ object.authorisation.sent_by }}
diff --git a/RIGS/test_functional.py b/RIGS/test_functional.py index 5d3bf245..c854a91b 100644 --- a/RIGS/test_functional.py +++ b/RIGS/test_functional.py @@ -952,6 +952,13 @@ class ClientEventAuthorisationTest(TestCase): } def setUp(self): + self.profile = models.Profile.objects.get_or_create( + first_name='Test', + last_name='TEC User', + username='eventauthtest', + email='teccie@functional.test', + is_superuser=True # lazily grant all permissions + )[0] venue = models.Venue.objects.create(name='Authorisation Test Venue') client = models.Person.objects.create(name='Authorisation Test Person', email='authorisation@functional.test') organisation = models.Organisation.objects.create(name='Authorisation Test Organisation', union_account=False) @@ -962,7 +969,8 @@ class ClientEventAuthorisationTest(TestCase): person=client, organisation=organisation, ) - self.hmac = signing.dumps({'pk': self.event.pk, 'email': 'authemail@function.test'}) + self.hmac = signing.dumps({'pk': self.event.pk, 'email': 'authemail@function.test', + 'sent_by': self.profile.pk}) self.url = reverse('event_authorise', kwargs={'pk': self.event.pk, 'hmac': self.hmac}) def test_requires_valid_hmac(self): @@ -1015,7 +1023,7 @@ class ClientEventAuthorisationTest(TestCase): def test_duplicate_warning(self): auth = models.EventAuthorisation.objects.create(event=self.event, name='Test ABC', email='dupe@functional.test', - po='ABC12345', amount=self.event.total) + po='ABC12345', amount=self.event.total, sent_by=self.profile) response = self.client.get(self.url) self.assertContains(response, 'This event has already been authorised.')