arona/PyRIGS
1
0
Fork 0
mirror of https://github.com/nottinghamtec/PyRIGS.git synced 2026-01-19 14:32:16 +00:00
Code Issues Projects Releases Wiki Activity

Merge branch 'master' into search

Browse Source 
# Conflicts:
#	RIGS/templates/RIGS/index.html
This commit is contained in:
FreneticScribbler
2020-02-29 11:47:35 +00:00
parent 3a7dc061bb 4a4d4a5cf3
commit 4f088fb426
19 changed files with 194 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
RIGS/admin.py
View File

@@ -22,13 +22,22 @@ admin.site.register(models.Invoice)
admin.site.register(models.Payment)
def approve_user(modeladmin, request, queryset):
queryset.update(is_approved=True)
approve_user.short_description = "Approve selected users"
@admin.register(models.Profile)
class ProfileAdmin(UserAdmin):
# Don't know how to add 'is_approved' whilst preserving the default list...
list_filter = ('is_approved', 'is_active', 'is_staff', 'is_superuser', 'groups')
fieldsets = (
(None, {'fields': ('username', 'password')}),
(_('Personal info'), {
'fields': ('first_name', 'last_name', 'email', 'initials', 'phone')}),
(_('Permissions'), {'fields': ('is_active', 'is_staff', 'is_superuser',
(_('Permissions'), {'fields': ('is_approved', 'is_active', 'is_staff', 'is_superuser',
'groups', 'user_permissions')}),
(_('Important dates'), {
'fields': ('last_login', 'date_joined')}),
@@ -41,6 +50,7 @@ class ProfileAdmin(UserAdmin):
)
form = forms.ProfileChangeForm
add_form = forms.ProfileCreationForm
actions = [approve_user]
class AssociateAdmin(VersionAdmin):

12
RIGS/forms.py
View File

@@ -2,8 +2,10 @@ from django import forms
from django.utils import formats
from django.conf import settings
from django.core import serializers
from django.core.mail import EmailMessage, EmailMultiAlternatives
from django.contrib.auth.forms import UserCreationForm, UserChangeForm, AuthenticationForm, PasswordResetForm
from registration.forms import RegistrationFormUniqueEmail
from django.contrib.auth.forms import AuthenticationForm
from captcha.fields import ReCaptchaField
import simplejson
@@ -33,8 +35,16 @@ class ProfileRegistrationFormUniqueEmail(RegistrationFormUniqueEmail):
return self.cleaned_data['initials']
class CheckApprovedForm(AuthenticationForm):
def confirm_login_allowed(self, user):
if user.is_approved or user.is_superuser:
return AuthenticationForm.confirm_login_allowed(self, user)
else:
raise forms.ValidationError("Your account hasn't been approved by an administrator yet. Please check back in a few minutes!")
# Embedded Login form - remove the autofocus
class EmbeddedAuthenticationForm(AuthenticationForm):
class EmbeddedAuthenticationForm(CheckApprovedForm):
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
self.fields['username'].widget.attrs.pop('autofocus', None)

23
RIGS/migrations/0036_profile_is_approved.py Normal file
View File

@@ -0,0 +1,23 @@
# Generated by Django 2.0.13 on 2020-01-10 14:52
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('RIGS', '0035_auto_20191124_1319'),
]
operations = [
migrations.AddField(
model_name='profile',
name='is_approved',
field=models.BooleanField(default=False),
),
migrations.AddField(
model_name='profile',
name='last_emailed',
field=models.DateTimeField(blank=True, null=True),
),
]

19
RIGS/migrations/0037_approve_legacy.py Normal file
View File

@@ -0,0 +1,19 @@
# Generated by Django 2.0.13 on 2020-01-11 18:29
# This migration ensures that legacy Profiles from before approvals were implemented are automatically approved
from django.db import migrations
def approve_legacy(apps, schema_editor):
Profile = apps.get_model('RIGS', 'Profile')
for person in Profile.objects.all():
person.is_approved = True
person.save()
class Migration(migrations.Migration):
dependencies = [
('RIGS', '0036_profile_is_approved'),
]
operations = [
migrations.RunPython(approve_legacy)
]

10
RIGS/models.py
View File

@@ -27,6 +27,8 @@ class Profile(AbstractUser):
initials = models.CharField(max_length=5, unique=True, null=True, blank=False)
phone = models.CharField(max_length=13, null=True, blank=True)
api_key = models.CharField(max_length=40, blank=True, editable=False, null=True)
is_approved = models.BooleanField(default=False)
last_emailed = models.DateTimeField(blank=True, null=True) # Currently only populated by the admin approval email. TODO: Populate it each time we send any email, might need that...
@classmethod
def make_api_key(cls):
@@ -53,6 +55,14 @@ class Profile(AbstractUser):
def latest_events(self):
return self.event_mic.order_by('-start_date').select_related('person', 'organisation', 'venue', 'mic')
@classmethod
def admins(cls):
return Profile.objects.filter(email__in=[y for x in settings.ADMINS for y in x])
@classmethod
def users_awaiting_approval_count(cls):
return Profile.objects.filter(models.Q(is_approved=False)).count()
def __str__(self):
return self.name

36
RIGS/signals.py
View File

@@ -1,3 +1,4 @@
import datetime
import re
import urllib.request
import urllib.error
@@ -10,6 +11,9 @@ from django.conf import settings
from django.contrib.staticfiles.storage import staticfiles_storage
from django.core.mail import EmailMessage, EmailMultiAlternatives
from django.template.loader import get_template
from django.urls import reverse
from django.utils import timezone
from registration.signals import user_activated
from premailer import Premailer
from z3c.rml import rml2pdf
@@ -102,3 +106,35 @@ def on_revision_commit(sender, instance, created, **kwargs):
post_save.connect(on_revision_commit, sender=models.EventAuthorisation)
def send_admin_awaiting_approval_email(user, request, **kwargs):
# Bit more controlled than just emailing all superusers
for admin in models.Profile.admins():
# Check we've ever emailed them before and if so, if cooldown has passed.
if admin.last_emailed is None or admin.last_emailed + settings.EMAIL_COOLDOWN <= timezone.now():
context = {
'request': request,
'link_suffix': reverse("admin:RIGS_profile_changelist") + '?is_approved__exact=0',
'number_of_users': models.Profile.users_awaiting_approval_count(),
'to_name': admin.first_name
}
email = EmailMultiAlternatives(
"%s new users awaiting approval on RIGS" % (context['number_of_users']),
get_template("RIGS/admin_awaiting_approval.txt").render(context),
to=[admin.email],
reply_to=[user.email],
)
css = staticfiles_storage.path('css/email.css')
html = Premailer(get_template("RIGS/admin_awaiting_approval.html").render(context),
external_styles=css).transform()
email.attach_alternative(html, 'text/html')
email.send()
# Update last sent
admin.last_emailed = timezone.now()
admin.save()
user_activated.connect(send_admin_awaiting_approval_email)

9
RIGS/templates/RIGS/admin_awaiting_approval.html Normal file
View File

@@ -0,0 +1,9 @@
{% extends 'base_client_email.html' %}
{% block content %}
<p>Hi {{ to_name|default_if_none:"Administrator" }},</p>
<p>{{ number_of_users|default_if_none:"Some" }} new users are awaiting administrator approval on RIGS. Click <a href="{{ request.scheme }}://{{ request.get_host }}{{ link_suffix }}">here</a> to approve them.</p>
<p>TEC PA &amp; Lighting</p>
{% endblock %}

5
RIGS/templates/RIGS/admin_awaiting_approval.txt Normal file
View File

@@ -0,0 +1,5 @@
Hi {{ to_name|default_if_none:"Administrator" }},
{{ number_of_users|default_if_none:"Some" }} new users are awaiting administrator approval on RIGS. Use this link to approve them: {{ request.scheme }}://{{ request.get_host }}/{{ link_suffix }}
TEC PA & Lighting

22
RIGS/templates/RIGS/event_detail.html
View File

@@ -10,12 +10,14 @@
| {{ object.name }} {% if event.dry_hire %}<span class="badge">Dry Hire</span>{% endif %}
</h1>
</div>
{% if perms.RIGS.view_event %}
<div class="col-sm-12 text-right">
{% include 'RIGS/event_detail_buttons.html' %}
</div>
{% endif %}
{% endif %}
{% if object.is_rig %}
{% if object.is_rig and perms.RIGS.view_event %}
{# only need contact details for a rig #}
<div class="col-sm-12 col-md-6 col-lg-5">
<div class="panel panel-default">
@@ -72,7 +74,7 @@
{% endif %}
</div>
{% endif %}
<div class="col-sm-12 {% if event.is_rig %}col-md-6 col-lg-7{% endif %}">
<div class="col-sm-12 {% if event.is_rig and perms.RIGS.view_event %}col-md-6 col-lg-7{% endif %}">
<div class="panel panel-info">
<div class="panel-heading">Event Info</div>
<div class="panel-body">
@@ -147,7 +149,7 @@
<dd>{{ object.collector }}</dd>
{% endif %}
{% if event.is_rig and not event.internal %}
{% if event.is_rig and not event.internal and perms.RIGS.view_event %}
<dd>&nbsp;</dd>
<dt>PO</dt>
<dd>{{ object.purchase_order }}</dd>
@@ -156,7 +158,7 @@
</div>
</div>
</div>
{% if event.is_rig and event.internal %}
{% if event.is_rig and event.internal and perms.RIGS.view_event %}
<div class="col-sm-12">
<div class="panel panel-default
{% if object.authorised %}
@@ -212,7 +214,7 @@
</div>
<div>
{% endif %}
{% if not request.is_ajax %}
{% if not request.is_ajax and perms.RIGS.view_event %}
<div class="col-sm-12 text-right">
{% include 'RIGS/event_detail_buttons.html' %}
</div>
@@ -222,21 +224,23 @@
<div class="panel panel-default">
<div class="panel-heading">Event Details</div>
<div class="panel-body">
{% if perms.RIGS.view_event %}
<div class="well well-sm">
<h4>Notes</h4>
<div class="dont-break-out">{{ event.notes|linebreaksbr }}</div>
</div>
{% endif %}
{% include 'RIGS/item_table.html' %}
</div>
</div>
</div>
{% if not request.is_ajax %}
{% if not request.is_ajax and perms.RIGS.view_event %}
<div class="col-sm-12 text-right">
{% include 'RIGS/event_detail_buttons.html' %}
</div>
{% endif %}
{% endif %}
{% if not request.is_ajax %}
{% if not request.is_ajax and perms.RIGS.view_event %}
<div class="col-sm-12 text-right">
<div>
<a href="{% url 'event_history' object.pk %}" title="View Revision History">
@@ -251,12 +255,16 @@
{% if request.is_ajax %}
{% block footer %}
<div class="row">
{% if perms.RIGS.view_event %}
<div class="col-sm-10 align-left">
<a href="{% url 'event_history' object.pk %}" title="View Revision History">
Last edited at {{ object.last_edited_at|default:'never' }} by {{ object.last_edited_by.name|default:'nobody' }}
</a>
</div>
<div class="col-sm-2">
{% else %}
<div class="col-sm-12">
{% endif %}
<div class="pull-right">
<a href="{% url 'event_detail' object.pk %}" class="btn btn-primary">Open Event Page <span
class="glyphicon glyphicon-eye"></span></a>

10
RIGS/templates/RIGS/event_embed.html
View File

@@ -6,7 +6,7 @@
<div class="row">
<div class="col-sm-12">
<a href="/">
<span class="source"> R<small>ig</small> I<small>nformation</small> G<small>athering</small> S<small>ystem</small></span>
<span class="source"> R<small>ig</small> I<small>nformation</small> G<small>athering</small> S<small>ystem</small></span>
</a>
</div>
@@ -20,9 +20,9 @@
<span class="glyphicon glyphicon-exclamation-sign"></span>
{% endif %}
</span>
<h3>
<a {% if perms.RIGS.view_event %}href="{% url 'event_detail' object.pk %}"{% endif %}>
<a href="{% url 'event_detail' object.pk %}">
{% if object.is_rig %}N{{ object.pk|stringformat:"05d" }}{% else %}{{ object.pk }}{% endif %}
| {{ object.name }} </a>
{% if object.venue %}
@@ -72,7 +72,7 @@
</p>
</div>
<div class="col-xs-6">
{% if object.meet_at %}
<p>
<strong>Crew meet:</strong>
@@ -97,7 +97,7 @@
{{ object.description|linebreaksbr }}
</p>
{% endif %}
</table>
</div>
</div>

2
RIGS/templates/RIGS/event_table.html
View File

@@ -33,7 +33,7 @@
</td>
<td>
<h4>
<a {% if perms.RIGS.view_event %}href="{% url 'event_detail' event.pk %}" {% endif %}>
<a href="{% url 'event_detail' event.pk %}">
{{ event.name }}
</a>
{% if event.venue %}

3
RIGS/templates/RIGS/index.html
View File

@@ -34,10 +34,11 @@
<a class="list-group-item" href="https://forum.nottinghamtec.co.uk" target="_blank"><span class="glyphicon glyphicon-link"></span> TEC Forum</a>
<a class="list-group-item" href="//members.nottinghamtec.co.uk/wiki" target="_blank"><span class="glyphicon glyphicon-link"></span> TEC Wiki</a>
{% if perms.RIGS.view_event %}
<a class="list-group-item" href="http://members.nottinghamtec.co.uk/wiki/images/2/22/Event_Risk_Assesment.pdf" target="_blank"><span class="glyphicon glyphicon-link"></span> Pre-Event Risk Assessment</a>
<a class="list-group-item" href="//members.nottinghamtec.co.uk/price" target="_blank"><span class="glyphicon glyphicon-link"></span> Price List</a>
<a class="list-group-item" href="https://goo.gl/forms/jdPWov8PCNPoXtbn2" target="_blank"><span class="glyphicon glyphicon-link"></span> Subhire Insurance Form</a>
{% endif %}
</div>
</div>

8
RIGS/templates/RIGS/item_row.html
View File

@@ -6,17 +6,21 @@
<em class="description">{{item.description|linebreaksbr}}</em>
</div>
</td>
{% if perms.RIGS.view_event %}
<td>£&nbsp;<span class="cost">{{item.cost|floatformat:2}}</span></td>
{% endif %}
<td class="quantity">{{item.quantity}}</td>
{% if perms.RIGS.view_event %}
<td>£&nbsp;<span class="sub-total" data-subtotal="{{item.total_cost}}">{{item.total_cost|floatformat:2}}</span></td>
{% endif %}
{% if edit %}
<td class="vert-align text-right">
<button type="button" class="item-edit btn btn-xs btn-default"
<button type="button" class="item-edit btn btn-xs btn-default"
data-pk="{{item.pk}}"
data-toggle="modal" data-target="#itemModal">
<span class="glyphicon glyphicon-edit"></span>
</button>
<button type="button" class="item-delete btn btn-xs btn-danger"
<button type="button" class="item-delete btn btn-xs btn-danger"
data-pk="{{item.pk}}">
<span class="glyphicon glyphicon-remove"></span>
</button>

6
RIGS/templates/RIGS/item_table.html
View File

@@ -3,9 +3,13 @@
<thead>
<tr>
<td>Item</td>
{% if perms.RIGS.view_event %}
<td>Price</td>
{% endif %}
<td>Quantity</td>
{% if perms.RIGS.view_event %}
<td>Sub-total</td>
{% endif %}
{% if edit %}
<td class="text-right">
<button type="button" class="btn btn-default btn-xs item-add"
@@ -22,6 +26,7 @@
{% include 'RIGS/item_row.html' %}
{% endfor %}
</tbody>
{% if perms.RIGS.view_event %}
<tfoot>
<tr>
<td rowspan="3" colspan="2"></td>
@@ -43,6 +48,7 @@
<td colspan="2">£ <span id="total">{{object.total|default:0|floatformat:2}}</span></td>
</tr>
</tfoot>
{% endif %}
</table>
</div>
<table class="hidden invisible">

25
RIGS/test_functional.py
View File

@@ -141,18 +141,41 @@ class UserRegistrationTest(LiveServerTestCase):
self.assertEqual(password.get_attribute('placeholder'), 'Password')
self.assertEqual(password.get_attribute('type'), 'password')
# Expected to fail as not approved
username.send_keys('TestUsername')
password.send_keys('correcthorsebatterystaple')
self.browser.execute_script(
"return function() {jQuery('#g-recaptcha-response').val('PASSED'); return 0}()")
password.send_keys(Keys.ENTER)
# Test approval
profileObject = models.Profile.objects.all()[0]
self.assertFalse(profileObject.is_approved)
# Read what the error is
alert = self.browser.find_element_by_css_selector(
'div.alert-danger').text
self.assertIn("approved", alert)
# Approve the user so we can proceed
profileObject.is_approved = True
profileObject.save()
# Retry login
self.browser.get(self.live_server_url + '/user/login')
username = self.browser.find_element_by_id('id_username')
username.send_keys('TestUsername')
password = self.browser.find_element_by_id('id_password')
password.send_keys('correcthorsebatterystaple')
self.browser.execute_script(
"return function() {jQuery('#g-recaptcha-response').val('PASSED'); return 0}()")
password.send_keys(Keys.ENTER)
# Check we are logged in
udd = self.browser.find_element_by_class_name('navbar').text
self.assertIn('Hi John', udd)
# Check all the data actually got saved
profileObject = models.Profile.objects.all()[0]
self.assertEqual(profileObject.username, 'TestUsername')
self.assertEqual(profileObject.first_name, 'John')
self.assertEqual(profileObject.last_name, 'Smith')

5
RIGS/urls.py
View File

@@ -6,7 +6,7 @@ from RIGS import models, views, rigboard, finance, ical, versioning, forms
from django.views.generic import RedirectView
from django.views.decorators.clickjacking import xframe_options_exempt
from PyRIGS.decorators import permission_required_with_403
from PyRIGS.decorators import permission_required_with_403, has_oembed
from PyRIGS.decorators import api_key_required
urlpatterns = [
@@ -89,8 +89,7 @@ urlpatterns = [
permission_required_with_403('RIGS.view_event')(versioning.ActivityFeed.as_view()),
name='activity_feed'),
url(r'^event/(?P<pk>\d+)/$',
permission_required_with_403('RIGS.view_event', oembed_view="event_oembed")(
url(r'^event/(?P<pk>\d+)/$', has_oembed(oembed_view="event_oembed")(
rigboard.EventDetail.as_view()),
name='event_detail'),
url(r'^event/(?P<pk>\d+)/embed/$',

2
RIGS/views.py
View File

@@ -41,7 +41,7 @@ def login(request, **kwargs):
else:
from django.contrib.auth.views import login
return login(request)
return login(request, authentication_form=forms.CheckApprovedForm)
class SearchHelp(generic.TemplateView):