* [requires.io] dependency update
* Server starts...
Various things are broken, but it runs!
* [requires.io] dependency update
* [requires.io] dependency update
* [requires.io] dependency update
* FIX: Broken migrations
* FIX: Update auth framework
* FIX: Correct static use in templates
* FIX: Fix supplier sort
* FIX: Remaining tests
* Revert "Disable password reset as temporary fix to vulnerability (#396)"
This reverts commit e0c6a56263.
# Conflicts:
# RIGS/urls.py
* FIX: Fix broken newlining in PDFs
Introduced by a change in Django 2.1 'HTML rendered by form widgets no longer includes a closing slash on void elements, e.g. <br>. This is incompatible within XHTML, although some widgets already used aspects of HTML5 such as boolean attributes.'
* FIX: Fix some Django4 deprecation warnings
Why not...
* Refactor dependency file
Should now only include dependencies we actually use, not dependencies of dependencies and unused things
* Add newlines to the paperwork print test event
This will catch the error encountered in 79ec9214f9
* Swap to pycodestyle rather than pep8 in Travis
And eliminate W605 errors
* Bit too heavy handed with the dep purge there...
* Whoops, helps if one installs pycodestyle...
* FIX: Re-add overridden login view
* Better fix for previous commit
* FIX: Bloody smartquotes
Co-authored-by: requires.io <support@requires.io>
* Added search to person, venue, organisation and event archive
* Added search to invoice archive
* Added event search to homepage
* Tidy up event search logic and optimise
* Fixed merge issues
* Stopped 404 on failed search
* Set default ordering of people, organisations & venues to alphabetical (rather than order of addition to database)
* Added invoice search to home page (if you have permissions)
* Made invoice archive sort by reverse invoice date (rather than order added to database)
* Added search help page (very pretty)
* Made single search box for all search types
* FIX: Missing date field breaking archive view
* FEAT: Add omnisearch to header
Tis a bit broken on mobile at the moment...
* CHORE: Conform old code to pep8
* FIX: Select the event form, not the search one in tests!
* Revert "FEAT: Add omnisearch to header"
This reverts commit 6bcb242d6b because it caused MANY more problems than anticipated...
* FIX: Stop 404 on failed search, again
* FEAT: Basic testing of search
* Use a tooltip to help explain the UX
Obviously since it needs a tooltip it isn't brilliant UX but the best I can think of for now...
Co-authored-by: Tom Price <tom@codedinternet.com>
Co-authored-by: David Taylor <david@taylorhq.com>
Co-authored-by: Arona Jones <aj@aronajones.com>
* CHANGE: First pass at opening up RIGS #233
Whilst it makes it something of a misnomer, the intent is to make the 'view_event' perm a permission to view event details like client/price. I don't see the point in giving everyone 'view_event' and adding a new 'view_event_detail'...Open to arguments the other way.
* CHANGE: New user signups now require admin approval
Given that I intend to reveal much more data to new users this seems necessary...
* CHORE: Fix CI
* FIX: Legacy Profiles are now auto-approved correctly
* Add testing of approval mechanism
This fixes the other functional tests failing because the user cannot login without being approved.
* Superusers bypass approval check
This should fix the remainder of the tests
* Prevent unapproved users logging in through embeds
Test suite doing its job...!
* FIX: Require login on events and event embeds again
Little too far to the open side there Arona... Whooooooops!
* FIX: Use has_oembed decorator for events
* FIX: Re-prevent basic seeing reversion
This is to prevent financials/client data leaking when changed. Hopefully can show them a filtered version in future.
* FIX: Remove mitigation for #264
Someone quietly fixed it, it appears
* FEAT: Add admin email notif when an account is activated and awaiting approval
No async or time-since shenanigans yet!
* FIX: Whoops, undo accidental whitespace change
* FEAT: Add a fifteen min cooldown between emails to admins
Probably not the right way to go about it...but it does work!
TODO: How to handle cooldown-emailing shared mailbox addresses?
* FIX: Remove event modal history deadlink for basic users
Also removes some links on the RIGS homepage that will deadlink for them
* FIX: Wrong perms syntax for history pages
* CHORE: Squash migrations
* FIX: Use a setting for cooldown
* FIX: Minor code improvements
* Started POM and assets test
* FEAT: Adapt unit tests from RIGS to assets
* CHORE: pep8...
* Added Asset Create and Edit forms
* Add non-cable asset creation test
* CHORE: Frickin pep8...
* Add cable asset creation test
* Basic asset create validation testing
* Asset edit tests are here
A bit dodgy in places but par for the course for me :P
* Add access level tests
* Delete unused code
Much less effort way to increase coverage stats :D
* Add delete sample data test for completeness
Chasing that sweet 100% coverage...
* Add supplier list page + tests
Also fix the supplier page not being ordered alphabetically
* Helps if I add the migration...
* Add supplier create/edit tests
* Asset duplicate tests
Also fixed some random bugs
* Asset search tests
* 404 tests and test that everything requires authentication
* Test visibility of form errors
And fix supplier form not displaying errors correctly!
* Fix broken search test
Co-authored-by: Matthew Smith <mattysmith22@googlemail.com>
* FEAT: Initial work on revision history for assets
The revision history for individual items mostly works, though it shows database ID where it should show asset ID. Recent changes feed isn't yet done.
* FEAT: Initial implementation of asset activity stream
* CHORE: Fix pep8
* FIX: Asset history table 'branding'
* FIX: Individual asset version history is now correctly filtered
* FEAT: Make revision history for suppliers accessible
* CHORE: *sings* And a pep8 in a broken tree...
* Refactored out duplicated code from `AssetVersionHistory
* CHORE: pep8
And another random bit of wierd whitespace I found
Co-authored-by: Matthew Smith <mattysmith22@googlemail.com>
Closes#358
