Fix for events with no access time

FIX: Prevent setting access time after start time
Will close #405
2026-01-29 19:32:14 +00:00 · 2020-03-07 15:16:58 +00:00 · 2020-03-03 20:04:02 +00:00 · 2020-03-03 19:40:27 +00:00 · 2020-03-02 17:59:10 +00:00 · 2020-03-02 17:53:39 +00:00
329 changed files with 23016 additions and 4121 deletions
--- a/.bowerrc
+++ b/.bowerrc
@@ -1,4 +0,0 @@
-{
-  "directory": "bower_components",
-  "analytics": false
-}
--- a/.editorconfig
+++ b/.editorconfig
@@ -1,20 +0,0 @@
-# EditorConfig helps developers define and maintain consistent
-# coding styles between different editors and IDEs
-# editorconfig.org
-
-root = true
-
-
-[*]
-end_of_line = lf
-charset = utf-8
-trim_trailing_whitespace = true
-insert_final_newline = true
-indent_style = space
-indent_size = 2
-
-[*.hbs]
-insert_final_newline = false
-
-[*.{diff,md}]
-trim_trailing_whitespace = false
--- a/.ember-cli
+++ b/.ember-cli
@@ -1,9 +0,0 @@
-{
-  /**
-    Ember CLI sends analytics information by default. The data is completely
-    anonymous, but there are times when you might want to disable this behavior.
-
-    Setting `disableAnalytics` to true will prevent any data from being sent.
-  */
-  "disableAnalytics": false
-}
--- a/.gitignore
+++ b/.gitignore
@@ -4,8 +4,6 @@ db.sqlite3
 # Byte-compiled / optimized / DLL files
 __pycache__/
 *.py[cod]
-/dist
-/tmp

 # C extensions
 *.so
@@ -28,10 +26,6 @@ var/
 .installed.cfg
 *.egg

-# Dependancies
-/node_modules
-/bower_components
-
 # Continer extras
 .vagrant

@@ -50,6 +44,7 @@ htmlcov/
 .tox/
 .coverage
 .cache
+.pytest_cache
 nosetests.xml
 coverage.xml

@@ -59,6 +54,7 @@ coverage.xml

 # Django stuff:
 *.log
+db.sqlite3

 # Sphinx documentation
 docs/_build/
@@ -112,11 +108,4 @@ atlassian-ide-plugin.xml
 com_crashlytics_export_strings.xml
 crashlytics.properties
 crashlytics-build.properties
-
-# misc
-/.sass-cache
-/connect.lock
-/coverage/*
-/libpeerconnection.log
-npm-debug.log
-testem.log
+.vscode/
--- a/.idea/modules.xml
+++ b/.idea/modules.xml
@@ -2,7 +2,7 @@
 <project version="4">
  <component name="ProjectModuleManager">
    <modules>
-      <module fileurl="file://$PROJECT_DIR$/.idea/PyRIGS.iml" filepath="$PROJECT_DIR$/.idea/PyRIGS.iml" />
+      <module fileurl="file://$PROJECT_DIR$/.idea/pyrigs.iml" filepath="$PROJECT_DIR$/.idea/pyrigs.iml" />
    </modules>
  </component>
 </project>
--- a/.jshintrc
+++ b/.jshintrc
@@ -1,32 +0,0 @@
-{
-  "predef": [
-    "document",
-    "window",
-    "-Promise"
-  ],
-  "browser": true,
-  "boss": true,
-  "curly": true,
-  "debug": false,
-  "devel": true,
-  "eqeqeq": true,
-  "evil": true,
-  "forin": false,
-  "immed": false,
-  "laxbreak": false,
-  "newcap": true,
-  "noarg": true,
-  "noempty": false,
-  "nonew": false,
-  "nomen": false,
-  "onevar": false,
-  "plusplus": false,
-  "regexp": false,
-  "undef": true,
-  "sub": true,
-  "strict": false,
-  "white": false,
-  "eqnull": true,
-  "esversion": 6,
-  "unused": true
-}
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,33 +1,32 @@
 language: python
 python:
-  "2.7"
+  "3.6"
+cache: pip

 addons:
-  apt:
-    packages:
-    - nodejs
-
-before_install:
-  - "export DISPLAY=:99.0"
-  - "/sbin/start-stop-daemon --start --quiet --pidfile /tmp/custom_xvfb_99.pid --make-pidfile --background --exec /usr/bin/Xvfb -- :99 -ac -screen 0 1280x1024x16"
-  - npm config set spin false
-  - npm install bower
-  - bower --version
-  - npm install phantomjs-prebuilt
-  - phantomjs --version
+  chrome: stable

 install:
+  - wget https://chromedriver.storage.googleapis.com/2.36/chromedriver_linux64.zip
+  - unzip chromedriver_linux64.zip
+  - export PATH=$PATH:$(pwd)
+  - chmod +x chromedriver
  - pip install -r requirements.txt
-  - pip install coveralls codeclimate-test-reporter
-  - npm install
-  - bower install
+  - pip install coveralls codeclimate-test-reporter pep8

 before_script:
+  - export PATH=$PATH:/usr/lib/chromium-browser/
  - python manage.py collectstatic --noinput

 script:
-  - coverage run manage.py test RIGS
+  - pep8 . --exclude=migrations,importer*
+  - python manage.py check
+  - python manage.py makemigrations --check --dry-run
+  - coverage run manage.py test --verbosity=2

 after_success:
  - coveralls
  - codeclimate-test-reporter
+
+notifications:
+  webhooks: https://fathomless-fjord-24024.herokuapp.com/notify
--- a/.watchmanconfig
+++ b/.watchmanconfig
@@ -1,3 +0,0 @@
-{
-  "ignore_dirs": ["tmp", "dist"]
-}
--- a/12
+++ b/12
@@ -0,0 +1,12 @@
+FROM python:3.6
+
+WORKDIR /app
+
+ADD . /app
+
+RUN pip install -r requirements.txt && \
+        python manage.py collectstatic --noinput
+
+EXPOSE 8000
+
+CMD ["python", "manage.py", "runserver", "0.0.0.0:8000"]
--- a/1
+++ b/1
@@ -1 +1,2 @@
+release: python manage.py migrate
 web: gunicorn PyRIGS.wsgi --log-file -
--- a/PyRIGS/decorators.py
+++ b/PyRIGS/decorators.py
@@ -1,26 +1,63 @@
 from django.contrib.auth import REDIRECT_FIELD_NAME
-from django.shortcuts import render_to_response
-from django.template import RequestContext
+from django.shortcuts import render
 from django.http import HttpResponseRedirect
+from django.urls import reverse

-def user_passes_test_with_403(test_func, login_url=None):
+from RIGS import models
+
+
+def get_oembed(login_url, request, oembed_view, kwargs):
+    context = {}
+    context['oembed_url'] = "{0}://{1}{2}".format(request.scheme, request.META['HTTP_HOST'], reverse(oembed_view, kwargs=kwargs))
+    context['login_url'] = "{0}?{1}={2}".format(login_url, REDIRECT_FIELD_NAME, request.get_full_path())
+    resp = render(request, 'login_redirect.html', context=context)
+    return resp
+
+
+def has_oembed(oembed_view, login_url=None):
+    if not login_url:
+        from django.conf import settings
+        login_url = settings.LOGIN_URL
+
+    def _dec(view_func):
+        def _checklogin(request, *args, **kwargs):
+            if request.user.is_authenticated:
+                return view_func(request, *args, **kwargs)
+            else:
+                if oembed_view is not None:
+                    return get_oembed(login_url, request, oembed_view, kwargs)
+                else:
+                    return HttpResponseRedirect('%s?%s=%s' % (login_url, REDIRECT_FIELD_NAME, request.get_full_path()))
+        _checklogin.__doc__ = view_func.__doc__
+        _checklogin.__dict__ = view_func.__dict__
+        return _checklogin
+    return _dec
+
+
+def user_passes_test_with_403(test_func, login_url=None, oembed_view=None):
    """
    Decorator for views that checks that the user passes the given test.
-    
    Anonymous users will be redirected to login_url, while users that fail
    the test will be given a 403 error.
+    If embed_view is set, then a JS redirect will be used, and a application/json+oembed
+    meta tag set with the url of oembed_view
+    (oembed_view will be passed the kwargs from the main function)
    """
    if not login_url:
        from django.conf import settings
        login_url = settings.LOGIN_URL
+
    def _dec(view_func):
        def _checklogin(request, *args, **kwargs):
            if test_func(request.user):
                return view_func(request, *args, **kwargs)
-            elif not request.user.is_authenticated():
-                return HttpResponseRedirect('%s?%s=%s' % (login_url, REDIRECT_FIELD_NAME, request.get_full_path()))
+            elif not request.user.is_authenticated:
+                if oembed_view is not None:
+                    return get_oembed(login_url, request, oembed_view, kwargs)
+                else:
+                    return HttpResponseRedirect('%s?%s=%s' % (login_url, REDIRECT_FIELD_NAME, request.get_full_path()))
            else:
-                resp = render_to_response('403.html', context_instance=RequestContext(request))
+                resp = render(request, '403.html')
                resp.status_code = 403
                return resp
        _checklogin.__doc__ = view_func.__doc__
@@ -28,14 +65,14 @@ def user_passes_test_with_403(test_func, login_url=None):
        return _checklogin
    return _dec

-def permission_required_with_403(perm, login_url=None):
+
+def permission_required_with_403(perm, login_url=None, oembed_view=None):
    """
    Decorator for views that checks whether a user has a particular permission
    enabled, redirecting to the log-in page or rendering a 403 as necessary.
    """
-    return user_passes_test_with_403(lambda u: u.has_perm(perm), login_url=login_url)
+    return user_passes_test_with_403(lambda u: u.has_perm(perm), login_url=login_url, oembed_view=oembed_view)

-from RIGS import models

 def api_key_required(function):
    """
@@ -48,7 +85,7 @@ def api_key_required(function):
        userid = kwargs.get('api_pk')
        key = kwargs.get('api_key')

-        error_resp = render_to_response('403.html', context_instance=RequestContext(request))
+        error_resp = render(request, '403.html')
        error_resp.status_code = 403

        if key is None:
@@ -64,4 +101,18 @@ def api_key_required(function):
        if user_object.api_key != key:
            return error_resp
        return function(request, *args, **kwargs)
-    return wrap
+    return wrap
+
+
+def nottinghamtec_address_required(function):
+    """
+    Checks that the current user has an email address ending @nottinghamtec.co.uk
+    """
+    def wrap(request, *args, **kwargs):
+        # Fail if current user's email address isn't @nottinghamtec.co.uk
+        if not request.user.email.endswith('@nottinghamtec.co.uk'):
+            error_resp = render(request, 'RIGS/eventauthorisation_request_error.html')
+            return error_resp
+
+        return function(request, *args, **kwargs)
+    return wrap
--- a/PyRIGS/formats/en/formats.py
+++ b/PyRIGS/formats/en/formats.py
@@ -1,5 +1,5 @@
-from __future__ import unicode_literals
+

 DATETIME_FORMAT = ('d/m/Y H:i')
 DATE_FORMAT = ('d/m/Y')
-TIME_FORMAT = ('H:i')
+TIME_FORMAT = ('H:i')
--- a/PyRIGS/settings.py
+++ b/PyRIGS/settings.py
@@ -10,8 +10,9 @@ https://docs.djangoproject.com/en/1.7/ref/settings/

 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 import os
-
 import raven
+import secrets
+import datetime

 BASE_DIR = os.path.dirname(os.path.dirname(__file__))

@@ -20,60 +21,65 @@ BASE_DIR = os.path.dirname(os.path.dirname(__file__))

 # SECURITY WARNING: keep the secret key used in production secret!
 SECRET_KEY = os.environ.get('SECRET_KEY') if os.environ.get(
-  'SECRET_KEY') else 'gxhy(a#5mhp289_=6xx$7jh=eh$ymxg^ymc+di*0c*geiu3p_e'
+    'SECRET_KEY') else 'gxhy(a#5mhp289_=6xx$7jh=eh$ymxg^ymc+di*0c*geiu3p_e'

 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = bool(int(os.environ.get('DEBUG'))) if os.environ.get('DEBUG') else True

-STAGING = bool(int(os.environ.get('STAGING'))) if os.environ.get('STAGING') else False

-TEMPLATE_DEBUG = True
+STAGING = bool(int(os.environ.get('STAGING'))) if os.environ.get('STAGING') else False

 ALLOWED_HOSTS = ['pyrigs.nottinghamtec.co.uk', 'rigs.nottinghamtec.co.uk', 'pyrigs.herokuapp.com']

 if STAGING:
-  ALLOWED_HOSTS.append('.herokuapp.com')
+    ALLOWED_HOSTS.append('.herokuapp.com')
+
+if DEBUG:
+    ALLOWED_HOSTS.append('localhost')
+    ALLOWED_HOSTS.append('example.com')
+    ALLOWED_HOSTS.append('127.0.0.1')

 SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
 if not DEBUG:
-  SECURE_SSL_REDIRECT = True  # Redirect all http requests to https
+    SECURE_SSL_REDIRECT = True  # Redirect all http requests to https

 INTERNAL_IPS = ['127.0.0.1']

-ADMINS = (
-  ('Tom Price', 'tomtom5152@gmail.com')
-)
+ADMINS = [('Tom Price', 'tomtom5152@gmail.com'), ('IT Manager', 'it@nottinghamtec.co.uk'), ('Arona Jones', 'arona.jones@nottinghamtec.co.uk')]
+if DEBUG:
+    ADMINS.append(('Testing Superuser', 'superuser@example.com'))

 # Application definition

 INSTALLED_APPS = (
-  'django.contrib.admin',
-  'django.contrib.auth',
-  'django.contrib.contenttypes',
-  'django.contrib.sessions',
-  'django.contrib.messages',
-  'django.contrib.staticfiles',
-  'RIGS',
+    'django.contrib.admin',
+    'django.contrib.auth',
+    'django.contrib.contenttypes',
+    'django.contrib.sessions',
+    'django.contrib.messages',
+    'django.contrib.staticfiles',
+    'RIGS',
+    'assets',

-  'debug_toolbar',
-  'registration',
-  'reversion',
-  'captcha',
-  'widget_tweaks',
-  'raven.contrib.django.raven_compat',
+    'debug_toolbar',
+    'registration',
+    'reversion',
+    'captcha',
+    'widget_tweaks',
+    'raven.contrib.django.raven_compat',
 )

-MIDDLEWARE_CLASSES = (
-  'raven.contrib.django.raven_compat.middleware.SentryResponseErrorIdMiddleware',
-  'django.middleware.security.SecurityMiddleware',
-  'reversion.middleware.RevisionMiddleware',
-  'django.contrib.sessions.middleware.SessionMiddleware',
-  'django.middleware.common.CommonMiddleware',
-  'django.middleware.csrf.CsrfViewMiddleware',
-  'django.contrib.auth.middleware.AuthenticationMiddleware',
-  'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
-  'django.contrib.messages.middleware.MessageMiddleware',
-  'django.middleware.clickjacking.XFrameOptionsMiddleware',
+MIDDLEWARE = (
+    'raven.contrib.django.raven_compat.middleware.SentryResponseErrorIdMiddleware',
+    'django.middleware.security.SecurityMiddleware',
+    'debug_toolbar.middleware.DebugToolbarMiddleware',
+    'reversion.middleware.RevisionMiddleware',
+    'django.contrib.sessions.middleware.SessionMiddleware',
+    'django.middleware.common.CommonMiddleware',
+    'django.middleware.csrf.CsrfViewMiddleware',
+    'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'django.contrib.messages.middleware.MessageMiddleware',
+    'django.middleware.clickjacking.XFrameOptionsMiddleware',
 )

 ROOT_URLCONF = 'PyRIGS.urls'
@@ -83,100 +89,101 @@ WSGI_APPLICATION = 'PyRIGS.wsgi.application'
 # Database
 # https://docs.djangoproject.com/en/1.7/ref/settings/#databases
 DATABASES = {
-  'default': {
-    'ENGINE': 'django.db.backends.sqlite3',
-    'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
-  }
+    'default': {
+        'ENGINE': 'django.db.backends.sqlite3',
+        'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
+    }
 }

 if not DEBUG:
-  import dj_database_url
+    import dj_database_url

-  DATABASES['default'] = dj_database_url.config()
+    DATABASES['default'] = dj_database_url.config()

 # Logging
 LOGGING = {
-  'version': 1,
-  'disable_existing_loggers': False,
-  'formatters': {
-    'verbose': {
-      'format': ('%(asctime)s [%(process)d] [%(levelname)s] ' +
-                 'pathname=%(pathname)s lineno=%(lineno)s ' +
-                 'funcname=%(funcName)s %(message)s'),
-      'datefmt': '%Y-%m-%d %H:%M:%S'
+    'version': 1,
+    'disable_existing_loggers': False,
+    'formatters': {
+        'verbose': {
+            'format': ('%(asctime)s [%(process)d] [%(levelname)s] ' +
+                       'pathname=%(pathname)s lineno=%(lineno)s ' +
+                       'funcname=%(funcName)s %(message)s'),
+            'datefmt': '%Y-%m-%d %H:%M:%S'
+        },
+        'simple': {
+            'format': '%(levelname)s %(message)s'
+        }
    },
-    'simple': {
-      'format': '%(levelname)s %(message)s'
+    'handlers': {
+        'null': {
+            'level': 'DEBUG',
+            'class': 'logging.NullHandler',
+        },
+        'console': {
+            'level': 'DEBUG',
+            'class': 'logging.StreamHandler',
+            'formatter': 'verbose'
+        },
+        'mail_admins': {
+            'class': 'django.utils.log.AdminEmailHandler',
+            'level': 'ERROR',
+            # But the emails are plain text by default - HTML is nicer
+            'include_html': True,
+        },
+    },
+    'loggers': {
+        # Again, default Django configuration to email unhandled exceptions
+        'django.request': {
+            'handlers': ['mail_admins'],
+            'level': 'ERROR',
+            'propagate': True,
+        },
+        # Might as well log any errors anywhere else in Django
+        'django': {
+            'handlers': ['console'],
+            'level': 'ERROR',
+            'propagate': False,
+        },
    }
-  },
-  'handlers': {
-    'null': {
-      'level': 'DEBUG',
-      'class': 'logging.NullHandler',
-    },
-    'console': {
-      'level': 'DEBUG',
-      'class': 'logging.StreamHandler',
-      'formatter': 'verbose'
-    },
-    'mail_admins': {
-      'class': 'django.utils.log.AdminEmailHandler',
-      'level': 'ERROR',
-      # But the emails are plain text by default - HTML is nicer
-      'include_html': True,
-    },
-  },
-  'loggers': {
-    # Again, default Django configuration to email unhandled exceptions
-    'django.request': {
-      'handlers': ['mail_admins'],
-      'level': 'ERROR',
-      'propagate': True,
-    },
-    # Might as well log any errors anywhere else in Django
-    'django': {
-      'handlers': ['console'],
-      'level': 'ERROR',
-      'propagate': False,
-    },
-  }
 }

 RAVEN_CONFIG = {
-  'dsn': os.environ.get('RAVEN_DSN'),
-  # If you are using git, you can also automatically configure the
-  # release based on the git info.
-  # 'release': raven.fetch_git_sha(os.path.dirname(os.path.dirname(__file__))),
-  'debug': DEBUG,
+    'dsn': os.environ.get('RAVEN_DSN'),
+    # If you are using git, you can also automatically configure the
+    # release based on the git info.
+    # 'release': raven.fetch_git_sha(os.path.dirname(os.path.dirname(__file__))),
 }

 # User system
 AUTH_USER_MODEL = 'RIGS.Profile'

 LOGIN_REDIRECT_URL = '/'
-LOGIN_URL = '/user/login'
-LOGOUT_URL = '/user/logout'
+LOGIN_URL = '/user/login/'
+LOGOUT_URL = '/user/logout/'

 ACCOUNT_ACTIVATION_DAYS = 7

 # reCAPTCHA settings
-RECAPTCHA_PUBLIC_KEY = os.environ.get('RECAPTCHA_PUBLIC_KEY', None)
-RECAPTCHA_PRIVATE_KEY = os.environ.get('RECAPTCHA_PRIVATE_KEY', None)
+RECAPTCHA_PUBLIC_KEY = os.environ.get('RECAPTCHA_PUBLIC_KEY', "6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI")  # If not set, use development key
+RECAPTCHA_PRIVATE_KEY = os.environ.get('RECAPTCHA_PRIVATE_KEY', "6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe")  # If not set, use development key
 NOCAPTCHA = True

 # Email
 EMAILER_TEST = False
 if not DEBUG or EMAILER_TEST:
-  EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
-  EMAIL_HOST = os.environ.get('EMAIL_HOST')
-  EMAIL_PORT = int(os.environ.get('EMAIL_PORT'))
-  EMAIL_HOST_USER = os.environ.get('EMAIL_HOST_USER')
-  EMAIL_HOST_PASSWORD = os.environ.get('EMAIL_HOST_PASSWORD')
-  EMAIL_USE_TLS = bool(int(os.environ.get('EMAIL_USE_TLS', 0)))
-  EMAIL_USE_SSL = bool(int(os.environ.get('EMAIL_USE_SSL', 0)))
-  DEFAULT_FROM_EMAIL = os.environ.get('EMAIL_FROM')
+    EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
+    EMAIL_HOST = os.environ.get('EMAIL_HOST')
+    EMAIL_PORT = int(os.environ.get('EMAIL_PORT', 25))
+    EMAIL_HOST_USER = os.environ.get('EMAIL_HOST_USER')
+    EMAIL_HOST_PASSWORD = os.environ.get('EMAIL_HOST_PASSWORD')
+    EMAIL_USE_TLS = bool(int(os.environ.get('EMAIL_USE_TLS', 0)))
+    EMAIL_USE_SSL = bool(int(os.environ.get('EMAIL_USE_SSL', 0)))
+    DEFAULT_FROM_EMAIL = os.environ.get('EMAIL_FROM')
 else:
-  EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
+    EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
+
+EMAIL_COOLDOWN = datetime.timedelta(minutes=15)

 # Internationalization
 # https://docs.djangoproject.com/en/1.7/topics/i18n/
@@ -195,30 +202,43 @@ USE_TZ = True

 DATETIME_INPUT_FORMATS = ('%Y-%m-%dT%H:%M', '%Y-%m-%dT%H:%M:%S')

-TEMPLATE_CONTEXT_PROCESSORS = (
-  "django.contrib.auth.context_processors.auth",
-  "django.core.context_processors.debug",
-  "django.core.context_processors.i18n",
-  "django.core.context_processors.media",
-  "django.core.context_processors.static",
-  "django.core.context_processors.tz",
-  "django.core.context_processors.request",
-  "django.contrib.messages.context_processors.messages",
-)
-
 # Static files (CSS, JavaScript, Images)
 # https://docs.djangoproject.com/en/1.7/howto/static-files/
 STATICFILES_STORAGE = 'django.contrib.staticfiles.storage.ManifestStaticFilesStorage'
 STATIC_URL = '/static/'
 STATIC_ROOT = os.path.join(BASE_DIR, 'static/')
-STATICFILES_DIRS = (
-  os.path.join(BASE_DIR, 'dist/'),  # Import from ember build
+STATIC_DIRS = (
+    os.path.join(BASE_DIR, 'static/')
 )

-TEMPLATE_DIRS = (
-  os.path.join(BASE_DIR, 'templates'),
-)
+TEMPLATES = [
+    {
+        'BACKEND': 'django.template.backends.django.DjangoTemplates',
+        'DIRS': [
+            os.path.join(BASE_DIR, 'templates'),
+        ],
+        'APP_DIRS': True,
+        'OPTIONS': {
+            'context_processors': [
+                "django.contrib.auth.context_processors.auth",
+                "django.template.context_processors.debug",
+                "django.template.context_processors.i18n",
+                "django.template.context_processors.media",
+                "django.template.context_processors.static",
+                "django.template.context_processors.tz",
+                "django.template.context_processors.request",
+                "django.contrib.messages.context_processors.messages",
+            ],
+            'debug': DEBUG
+        },
+    },
+]

 USE_GRAVATAR = True

 TERMS_OF_HIRE_URL = "http://www.nottinghamtec.co.uk/terms.pdf"
+AUTHORISATION_NOTIFICATION_ADDRESS = 'productions@nottinghamtec.co.uk'
+RISK_ASSESSMENT_URL = os.environ.get('RISK_ASSESSMENT_URL') if os.environ.get(
+    'RISK_ASSESSMENT_URL') else "http://example.com"
+RISK_ASSESSMENT_SECRET = os.environ.get('RISK_ASSESSMENT_SECRET') if os.environ.get(
+    'RISK_ASSESSMENT_SECRET') else secrets.token_hex(15)
--- a/PyRIGS/tests/base.py
+++ b/PyRIGS/tests/base.py
@@ -0,0 +1,36 @@
+from django.test import LiveServerTestCase
+from selenium import webdriver
+from RIGS import models as rigsmodels
+from . import pages
+import os
+
+
+def create_browser():
+    options = webdriver.ChromeOptions()
+    options.add_argument("--window-size=1920,1080")
+    if os.environ.get('CI', False):
+        options.add_argument("--headless")
+        options.add_argument("--no-sandbox")
+    driver = webdriver.Chrome(chrome_options=options)
+    return driver
+
+
+class BaseTest(LiveServerTestCase):
+    def setUp(self):
+        super().setUpClass()
+        self.driver = create_browser()
+
+    def tearDown(self):
+        super().tearDown()
+        self.driver.quit()
+
+
+class AutoLoginTest(BaseTest):
+    def setUp(self):
+        super().setUp()
+        self.profile = rigsmodels.Profile(
+            username="EventTest", first_name="Event", last_name="Test", initials="ETU", is_superuser=True)
+        self.profile.set_password("EventTestPassword")
+        self.profile.save()
+        loginPage = pages.LoginPage(self.driver, self.live_server_url).open()
+        loginPage.login("EventTest", "EventTestPassword")
--- a/PyRIGS/tests/pages.py
+++ b/PyRIGS/tests/pages.py
@@ -0,0 +1,86 @@
+from pypom import Page, Region
+from selenium.webdriver.common.by import By
+from selenium.webdriver import Chrome
+from selenium.common.exceptions import NoSuchElementException
+
+
+class BasePage(Page):
+    form_items = {}
+
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+
+    def __getattr__(self, name):
+        if name in self.form_items:
+            element = self.form_items[name]
+            form_element = element[0](self, self.find_element(*element[1]))
+            return form_element.value
+        else:
+            return super().__getattribute__(name)
+
+    def __setattr__(self, name, value):
+        if name in self.form_items:
+            element = self.form_items[name]
+            form_element = element[0](self, self.find_element(*element[1]))
+            form_element.set_value(value)
+        else:
+            self.__dict__[name] = value
+
+
+class FormPage(BasePage):
+    _errors_selector = (By.CLASS_NAME, "alert-danger")
+
+    def remove_all_required(self):
+        self.driver.execute_script("Array.from(document.getElementsByTagName(\"input\")).forEach(function (el, ind, arr) { el.removeAttribute(\"required\")});")
+        self.driver.execute_script("Array.from(document.getElementsByTagName(\"select\")).forEach(function (el, ind, arr) { el.removeAttribute(\"required\")});")
+
+    @property
+    def errors(self):
+        try:
+            error_page = self.ErrorPage(self, self.find_element(*self._errors_selector))
+            return error_page.errors
+        except NoSuchElementException:
+            return None
+
+    class ErrorPage(Region):
+        _error_item_selector = (By.CSS_SELECTOR, "dl>span")
+
+        class ErrorItem(Region):
+            _field_selector = (By.CSS_SELECTOR, "dt")
+            _error_selector = (By.CSS_SELECTOR, "dd>ul>li")
+
+            @property
+            def field_name(self):
+                return self.find_element(*self._field_selector).text
+
+            @property
+            def errors(self):
+                return [x.text for x in self.find_elements(*self._error_selector)]
+
+        @property
+        def errors(self):
+            error_items = [self.ErrorItem(self, x) for x in self.find_elements(*self._error_item_selector)]
+            errors = {}
+            for error in error_items:
+                errors[error.field_name] = error.errors
+            return errors
+
+
+class LoginPage(BasePage):
+    URL_TEMPLATE = '/user/login'
+
+    _username_locator = (By.ID, 'id_username')
+    _password_locator = (By.ID, 'id_password')
+    _submit_locator = (By.ID, 'id_submit')
+    _error_locator = (By.CSS_SELECTOR, '.errorlist>li')
+
+    def login(self, username, password):
+        username_element = self.find_element(*self._username_locator)
+        username_element.clear()
+        username_element.send_keys(username)
+
+        password_element = self.find_element(*self._password_locator)
+        password_element.clear()
+        password_element.send_keys(password)
+
+        self.find_element(*self._submit_locator).click()
--- a/PyRIGS/tests/regions.py
+++ b/PyRIGS/tests/regions.py
@@ -0,0 +1,133 @@
+from pypom import Region
+from selenium.webdriver.common.by import By
+from selenium.webdriver.support import expected_conditions
+from selenium.webdriver.remote.webelement import WebElement
+from selenium.webdriver.support.ui import WebDriverWait
+from selenium.webdriver.support.select import Select
+import datetime
+
+
+def parse_bool_from_string(string):
+    # Used to convert from attribute strings to boolean values, written after I found this:
+    # >>> bool("false")
+    # True
+    if string == "true":
+        return True
+    else:
+        return False
+
+
+class BootstrapSelectElement(Region):
+    _main_button_locator = (By.CSS_SELECTOR, 'button.dropdown-toggle')
+    _option_box_locator = (By.CSS_SELECTOR, 'ul.dropdown-menu')
+    _option_locator = (By.CSS_SELECTOR, 'ul.dropdown-menu.inner>li>a[role=option]')
+    _select_all_locator = (By.CLASS_NAME, 'bs-select-all')
+    _deselect_all_locator = (By.CLASS_NAME, 'bs-deselect-all')
+    _search_locator = (By.CSS_SELECTOR, '.bs-searchbox>input')
+    _status_locator = (By.CLASS_NAME, 'status')
+
+    @property
+    def is_open(self):
+        return parse_bool_from_string(self.find_element(*self._main_button_locator).get_attribute("aria-expanded"))
+
+    def toggle(self):
+        original_state = self.is_open
+        return self.find_element(*self._main_button_locator).click()
+        option_box = self.find_element(*self._option_box_locator)
+        if original_state:
+            self.wait.until(expected_conditions.invisibility_of_element_located(option_box))
+        else:
+            self.wait.until(expected_conditions.visibility_of_element_located(option_box))
+
+    def open(self):
+        if not self.is_open:
+            self.toggle()
+
+    def close(self):
+        if self.is_open:
+            self.toggle()
+
+    def select_all(self):
+        self.find_element(*self._select_all_locator).click()
+
+    def deselect_all(self):
+        self.find_element(*self._deselect_all_locator).click()
+
+    def search(self, query):
+        search_box = self.find_element(*self._search_locator)
+        search_box.clear()
+        search_box.send_keys(query)
+        status_text = self.find_element(*self._status_locator)
+        self.wait.until(expected_conditions.invisibility_of_element_located(self._status_locator))
+
+    @property
+    def options(self):
+        options = list(self.find_elements(*self._option_locator))
+        return [self.BootstrapSelectOption(self, i) for i in options]
+
+    def set_option(self, name, selected):
+        options = list((x for x in self.options if x.name == name))
+        assert len(options) == 1
+        options[0].set_selected(selected)
+
+    class BootstrapSelectOption(Region):
+        _text_locator = (By.CLASS_NAME, 'text')
+
+        @property
+        def selected(self):
+            return parse_bool_from_string(self.root.get_attribute("aria-selected"))
+
+        def toggle(self):
+            self.root.click()
+
+        def set_selected(self, selected):
+            if self.selected != selected:
+                self.toggle()
+
+        @property
+        def name(self):
+            return self.find_element(*self._text_locator).text
+
+
+class TextBox(Region):
+    @property
+    def value(self):
+        return self.root.get_attribute("value")
+
+    def set_value(self, value):
+        self.root.clear()
+        self.root.send_keys(value)
+
+
+class CheckBox(Region):
+    def toggle(self):
+        self.root.click()
+
+    @property
+    def value(self):
+        return parse_bool_from_string(self.root.get_attribute("checked"))
+
+    def set_value(self, value):
+        if value != self.value:
+            self.toggle()
+
+
+class DatePicker(Region):
+    @property
+    def value(self):
+        return datetime.datetime.strptime(self.root.get_attribute("value"), "%Y-%m-%d")
+
+    def set_value(self, value):
+        self.root.clear()
+        self.root.send_keys(value.strftime("%d%m%Y"))
+
+
+class SingleSelectPicker(Region):
+    @property
+    def value(self):
+        picker = Select(self.root)
+        return picker.first_selected_option.text
+
+    def set_value(self, value):
+        picker = Select(self.root)
+        picker.select_by_visible_text(value)
--- a/PyRIGS/urls.py
+++ b/PyRIGS/urls.py
@@ -1,4 +1,4 @@
-from django.conf.urls import patterns, include, url
+from django.conf.urls import include, url
 from django.contrib import admin
 from django.contrib.staticfiles.urls import staticfiles_urlpatterns
 from django.conf import settings
@@ -6,19 +6,25 @@ from registration.backends.default.views import RegistrationView
 import RIGS
 from RIGS import regbackend

-urlpatterns = patterns('',
+urlpatterns = [
    # Examples:
    # url(r'^$', 'PyRIGS.views.home', name='home'),
    # url(r'^blog/', include('blog.urls')),

    url(r'^', include('RIGS.urls')),
-    url('^user/register/$', RegistrationView.as_view(form_class=RIGS.forms.ProfileRegistrationFormUniqueEmail), 
+    url('^assets/', include('assets.urls')),
+    url('^user/register/$', RegistrationView.as_view(form_class=RIGS.forms.ProfileRegistrationFormUniqueEmail),
        name="registration_register"),
    url('^user/', include('django.contrib.auth.urls')),
    url('^user/', include('registration.backends.default.urls')),

-    url(r'^admin/', include(admin.site.urls)),
-)
+    url(r'^admin/', admin.site.urls),
+]

 if settings.DEBUG:
-    urlpatterns += staticfiles_urlpatterns()
+    urlpatterns += staticfiles_urlpatterns()
+
+    import debug_toolbar
+    urlpatterns = [
+        url(r'^__debug__/', include(debug_toolbar.urls)),
+    ] + urlpatterns
--- a/PyRIGS/wsgi.py
+++ b/PyRIGS/wsgi.py
@@ -9,7 +9,7 @@ https://docs.djangoproject.com/en/1.7/howto/deployment/wsgi/
 import os
 os.environ.setdefault("DJANGO_SETTINGS_MODULE", "PyRIGS.settings")

-from django.core.wsgi import get_wsgi_application
-from dj_static import Cling
+from django.core.wsgi import get_wsgi_application  # noqa
+from dj_static import Cling  # noqa

 application = Cling(get_wsgi_application())
--- a/README.md
+++ b/README.md
@@ -1,18 +1,13 @@
 # TEC PA & Lighting - PyRIGS #
 [![Build Status](https://travis-ci.org/nottinghamtec/PyRIGS.svg?branch=develop)](https://travis-ci.org/nottinghamtec/PyRIGS)
-[![Coverage Status](https://coveralls.io/repos/github/nottinghamtec/PyRIGS/badge.svg?branch=develop)](https://coveralls.io/github/nottinghamtec/PyRIGS?branch=develop)
+[![Coverage Status](https://coveralls.io/repos/github/nottinghamtec/PyRIGS/badge.svg)](https://coveralls.io/github/nottinghamtec/PyRIGS)

 Welcome to TEC PA & Lightings PyRIGS program. This is a reimplementation of the existing Rig Information Gathering System (RIGS) that was developed using Ruby on Rails.

 The purpose of this project is to make the system more compatible and easier to understand such that should future changes be needed they can be made without having to understand the intricacies of Rails.

-At this stage the project is very early on, and the main focus has been on getting a working system that can be tested and put into use ASAP due to the imminent failure of the existing system. Because of this, the documentation is still quite weak, but this should be fixed as time goes on.
-
-This document is intended to get you up and running, but if don't care about what I have to say, just clone the sodding repository and have a poke around with what's in it, but for GODS SAKE DO NOT PUSH WITHOUT TESTING.
-
 ### What is this repository for? ###
-For the rapid development of the application for medium term deployment, the main branch is being used.
-Once the application is deployed in a production environment, other branches should be used to properly stage edits and pushes of new features. When a significant feature is developed on a branch, raise a pull request and it can be reviewed before being put into production.
+When a significant feature is developed on a branch, raise a pull request and it can be reviewed before being put into production.

 Most of the documents here assume a basic knowledge of how Python and Django work (hint, if I don't say something, Google it, you will find 10000's of answers). The documentation is purely to be specific to TEC's application of the framework.

@@ -24,7 +19,7 @@ For the more experienced developer/somebody who doesn't want a full IDE and want
 Please contact TJP for details on how to acquire these.

 ### Python Environment ###
-Whilst the Python version used is not critical to the running of the application, using the same version usually helps avoid a lot of issues. Mainly the C implementation of Python 2 (CPython 2) has been used (specifically the Python 2.7 standard). Most of the application has been written with Python 3 in mind however, and should run without issue. Some level of testing on Python 3 has been done, but there is no guarantee it will work (for more information on this please see [[Python Version]] on the wiki)
+Whilst the Python version used is not critical to the running of the application, using the same version usually helps avoid a lot of issues. Orginally written with the C implementation of Python 2 (CPython 2, specifically the Python 2.7 standard), the application now runs in Python 3.

 Once you have your Python distribution installed, go ahead an follow the steps to set up a virtualenv, which will isolate the project from the system environment.

@@ -75,6 +70,13 @@ python manage.py runserver
 ```
 Please refer to Django documentation for a full list of options available here.

+### Development using docker
+
+```
+docker build . -t pyrigs
+docker run -it --rm -p=8000:8000 -v $(pwd):/app pyrigs
+```
+
 ### Sample Data ###
 Sample data is available to aid local development and user acceptance testing. To load this data into your local database, first ensure the database is empty:
 ```
@@ -85,6 +87,7 @@ Then load the sample data using the command:
 python manage.py generateSampleData
 ```
 4 user accounts are created for convenience:
+
 |Username |Password |
 |---------|---------|
 |superuser|superuser|
@@ -92,5 +95,17 @@ python manage.py generateSampleData
 |keyholder|keyholder|
 |basic    |basic    |

-### Committing, pushing and testing ###
-Feel free to commit as you wish, on your own branch. On my branch (master for development) do not commit code that you either know doesn't work or don't know works. If you must commit this code, please make sure you say in the commit message that it isn't working, and if you can why it isn't working. If and only if you absolutely must push, then please don't leave it as the HEAD for too long, it's not much to ask but when you are done just make sure you haven't broken the HEAD for the next person.
+### Testing ###
+Tests are contained in 3 files. `RIGS/test_models.py` contains tests for logic within the data models. `RIGS/test_unit.py` contains "Live server" tests, using raw web requests. `RIGS/test_integration.py` contains user interface tests which take control of a web browser. For automated Travis tests, we use [Sauce Labs](https://saucelabs.com). When debugging locally, ensure that you have the latest version of Google Chrome installed, then install [chromedriver](https://sites.google.com/a/chromium.org/chromedriver/) and ensure it is on the `PATH`.
+
+You can run the entire test suite, or you can run specific sections individually. For example, in order of specificity:
+
+```
+python manage.py test
+python manage.py test RIGS.test_models
+python manage.py test RIGS.test_models.EventTestCase
+python manage.py test RIGS.test_models.EventTestCase.test_current_events
+
+```
+
+[![forthebadge](https://forthebadge.com/images/badges/built-with-resentment.svg)](https://forthebadge.com) [![forthebadge](https://forthebadge.com/images/badges/contains-technical-debt.svg)](https://forthebadge.com)
--- a/RIGS/init.py
+++ b/RIGS/init.py
@@ -0,0 +1 @@
+default_app_config = 'RIGS.apps.RIGSAppConfig'
--- a/RIGS/admin.py
+++ b/RIGS/admin.py
@@ -2,7 +2,7 @@ from django.contrib import admin
 from RIGS import models, forms
 from django.contrib.auth.admin import UserAdmin
 from django.utils.translation import ugettext_lazy as _
-import reversion
+from reversion.admin import VersionAdmin

 from django.contrib.admin import helpers
 from django.template.response import TemplateResponse
@@ -12,21 +12,32 @@ from django.core.exceptions import ObjectDoesNotExist
 from django.db.models import Count
 from django.forms import ModelForm

+from reversion import revisions as reversion
+
 # Register your models here.
-admin.site.register(models.VatRate, reversion.VersionAdmin)
-admin.site.register(models.Event, reversion.VersionAdmin)
-admin.site.register(models.EventItem, reversion.VersionAdmin)
+admin.site.register(models.VatRate, VersionAdmin)
+admin.site.register(models.Event, VersionAdmin)
+admin.site.register(models.EventItem, VersionAdmin)
 admin.site.register(models.Invoice)
 admin.site.register(models.Payment)


+def approve_user(modeladmin, request, queryset):
+    queryset.update(is_approved=True)
+
+
+approve_user.short_description = "Approve selected users"
+
+
@admin.register(models.Profile)
 class ProfileAdmin(UserAdmin):
+    # Don't know how to add 'is_approved' whilst preserving the default list...
+    list_filter = ('is_approved', 'is_active', 'is_staff', 'is_superuser', 'groups')
    fieldsets = (
        (None, {'fields': ('username', 'password')}),
        (_('Personal info'), {
            'fields': ('first_name', 'last_name', 'email', 'initials', 'phone')}),
-        (_('Permissions'), {'fields': ('is_active', 'is_staff', 'is_superuser',
+        (_('Permissions'), {'fields': ('is_approved', 'is_active', 'is_staff', 'is_superuser',
                                       'groups', 'user_permissions')}),
        (_('Important dates'), {
            'fields': ('last_login', 'date_joined')}),
@@ -39,9 +50,10 @@ class ProfileAdmin(UserAdmin):
    )
    form = forms.ProfileChangeForm
    add_form = forms.ProfileCreationForm
+    actions = [approve_user]


-class AssociateAdmin(reversion.VersionAdmin):
+class AssociateAdmin(VersionAdmin):
    list_display = ('id', 'name', 'number_of_events')
    search_fields = ['id', 'name']
    list_display_links = ['id', 'name']
@@ -93,8 +105,7 @@ class AssociateAdmin(reversion.VersionAdmin):
                'action_checkbox_name': helpers.ACTION_CHECKBOX_NAME,
                'forms': forms
            }
-            return TemplateResponse(request, 'RIGS/admin_associate_merge.html', context,
-                                    current_app=self.admin_site.name)
+            return TemplateResponse(request, 'RIGS/admin_associate_merge.html', context)


@admin.register(models.Person)
--- a/RIGS/apps.py
+++ b/RIGS/apps.py
@@ -0,0 +1,8 @@
+from django.apps import AppConfig
+
+
+class RIGSAppConfig(AppConfig):
+    name = 'RIGS'
+
+    def ready(self):
+        import RIGS.signals
--- a/RIGS/finance.py
+++ b/RIGS/finance.py
@@ -1,9 +1,8 @@
-import cStringIO as StringIO
 import datetime
 import re

 from django.contrib import messages
-from django.core.urlresolvers import reverse_lazy
+from django.urls import reverse_lazy
 from django.http import Http404, HttpResponseRedirect
 from django.http import HttpResponse
 from django.shortcuts import get_object_or_404
@@ -15,6 +14,9 @@ from z3c.rml import rml2pdf

 from RIGS import models

+from django import forms
+forms.DateField.widget = forms.DateInput(attrs={'type': 'date'})
+

 class InvoiceIndex(generic.ListView):
    model = models.Invoice
@@ -55,8 +57,8 @@ class InvoicePrint(generic.View):
        invoice = get_object_or_404(models.Invoice, pk=pk)
        object = invoice.event
        template = get_template('RIGS/event_print.xml')
-        copies = ('TEC', 'Client')
-        context = RequestContext(request, {
+
+        context = {
            'object': object,
            'fonts': {
                'opensans': {
@@ -66,10 +68,9 @@ class InvoicePrint(generic.View):
            },
            'invoice': invoice,
            'current_user': request.user,
-        })
+        }

        rml = template.render(context)
-        buffer = StringIO.StringIO()

        buffer = rml2pdf.parseString(rml)

@@ -78,7 +79,7 @@ class InvoicePrint(generic.View):
        escapedEventName = re.sub('[^a-zA-Z0-9 \n\.]', '', object.name)

        response = HttpResponse(content_type='application/pdf')
-        response['Content-Disposition'] = "filename=Invoice %05d | %s.pdf" % (invoice.pk, escapedEventName)
+        response['Content-Disposition'] = "filename=Invoice %05d - N%05d | %s.pdf" % (invoice.pk, invoice.event.pk, escapedEventName)
        response.write(pdfData)
        return response

@@ -94,6 +95,7 @@ class InvoiceVoid(generic.View):
            return HttpResponseRedirect(reverse_lazy('invoice_list'))
        return HttpResponseRedirect(reverse_lazy('invoice_detail', kwargs={'pk': object.pk}))

+
 class InvoiceDelete(generic.DeleteView):
    model = models.Invoice

@@ -114,6 +116,7 @@ class InvoiceDelete(generic.DeleteView):
    def get_success_url(self):
        return self.request.POST.get('next')

+
 class InvoiceArchive(generic.ListView):
    model = models.Invoice
    template_name = 'RIGS/invoice_list_archive.html'
@@ -122,7 +125,7 @@ class InvoiceArchive(generic.ListView):

 class InvoiceWaiting(generic.ListView):
    model = models.Event
-    # paginate_by = 25
+    paginate_by = 25
    template_name = 'RIGS/event_invoice.html'

    def get_context_data(self, **kwargs):
@@ -142,11 +145,11 @@ class InvoiceWaiting(generic.ListView):
        events = self.model.objects.filter(
            (
                Q(start_date__lte=datetime.date.today(), end_date__isnull=True) |  # Starts before with no end
-                Q(end_date__lte=datetime.date.today()) # Has end date, finishes before
-            ) & Q(invoice__isnull=True) # Has not already been invoiced
-            & Q(is_rig=True) # Is a rig (not non-rig)
-            
-            ).order_by('start_date') \
+                Q(end_date__lte=datetime.date.today())  # Has end date, finishes before
+            ) & Q(invoice__isnull=True) &  # Has not already been invoiced
+            Q(is_rig=True)  # Is a rig (not non-rig)
+
+        ).order_by('start_date') \
            .select_related('person',
                            'organisation',
                            'venue', 'mic') \
@@ -175,7 +178,7 @@ class PaymentCreate(generic.CreateView):
    def get_initial(self):
        initial = super(generic.CreateView, self).get_initial()
        invoicepk = self.request.GET.get('invoice', self.request.POST.get('invoice', None))
-        if invoicepk == None:
+        if invoicepk is None:
            raise Http404()
        invoice = get_object_or_404(models.Invoice, pk=invoicepk)
        initial.update({'invoice': invoice})
--- a/RIGS/forms.py
+++ b/RIGS/forms.py
@@ -1,23 +1,30 @@
-__author__ = 'Ghost'
 from django import forms
 from django.utils import formats
 from django.conf import settings
 from django.core import serializers
+from django.core.mail import EmailMessage, EmailMultiAlternatives
 from django.contrib.auth.forms import UserCreationForm, UserChangeForm, AuthenticationForm, PasswordResetForm
 from registration.forms import RegistrationFormUniqueEmail
+from django.contrib.auth.forms import AuthenticationForm
 from captcha.fields import ReCaptchaField
 import simplejson

 from RIGS import models

+# Override the django form defaults to use the HTML date/time/datetime UI elements
+forms.DateField.widget = forms.DateInput(attrs={'type': 'date'})
+forms.TimeField.widget = forms.TextInput(attrs={'type': 'time'})
+forms.DateTimeField.widget = forms.DateTimeInput(attrs={'type': 'datetime-local'})

 # Registration
+
+
 class ProfileRegistrationFormUniqueEmail(RegistrationFormUniqueEmail):
    captcha = ReCaptchaField()

    class Meta:
        model = models.Profile
-        fields = ('username', 'email', 'first_name', 'last_name', 'initials', 'phone')
+        fields = ('username', 'email', 'first_name', 'last_name', 'initials')

    def clean_initials(self):
        """
@@ -28,7 +35,21 @@ class ProfileRegistrationFormUniqueEmail(RegistrationFormUniqueEmail):
        return self.cleaned_data['initials']


-# Login form
+class CheckApprovedForm(AuthenticationForm):
+    def confirm_login_allowed(self, user):
+        if user.is_approved or user.is_superuser:
+            return AuthenticationForm.confirm_login_allowed(self, user)
+        else:
+            raise forms.ValidationError("Your account hasn't been approved by an administrator yet. Please check back in a few minutes!")
+
+
+# Embedded Login form - remove the autofocus
+class EmbeddedAuthenticationForm(CheckApprovedForm):
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.fields['username'].widget.attrs.pop('autofocus', None)
+
+
 class PasswordReset(PasswordResetForm):
    captcha = ReCaptchaField(label='Captcha')

@@ -45,7 +66,7 @@ class ProfileChangeForm(UserChangeForm):

 # Events Shit
 class EventForm(forms.ModelForm):
-    datetime_input_formats = formats.get_format_lazy("DATETIME_INPUT_FORMATS") + settings.DATETIME_INPUT_FORMATS
+    datetime_input_formats = formats.get_format_lazy("DATETIME_INPUT_FORMATS") + list(settings.DATETIME_INPUT_FORMATS)
    meet_at = forms.DateTimeField(input_formats=datetime_input_formats, required=False)
    access_at = forms.DateTimeField(input_formats=datetime_input_formats, required=False)

@@ -118,6 +139,11 @@ class EventForm(forms.ModelForm):

        return item

+    def clean(self):
+        if self.cleaned_data.get("is_rig") and not (self.cleaned_data.get('person') or self.cleaned_data.get('organisation')):
+            raise forms.ValidationError('You haven\'t provided any client contact details. Please add a person or organisation.', code='contact')
+        return super(EventForm, self).clean()
+
    def save(self, commit=True):
        m = super(EventForm, self).save(commit=False)

@@ -140,4 +166,32 @@ class EventForm(forms.ModelForm):
        fields = ['is_rig', 'name', 'venue', 'start_time', 'end_date', 'start_date',
                  'end_time', 'meet_at', 'access_at', 'description', 'notes', 'mic',
                  'person', 'organisation', 'dry_hire', 'checked_in_by', 'status',
-                  'collector', 'purchase_order']
+                  'purchase_order', 'collector']
+
+
+class BaseClientEventAuthorisationForm(forms.ModelForm):
+    tos = forms.BooleanField(required=True, label="Terms of hire")
+    name = forms.CharField(label="Your Name")
+
+    def clean(self):
+        if self.cleaned_data.get('amount') != self.instance.event.total:
+            self.add_error('amount', 'The amount authorised must equal the total for the event (inc VAT).')
+        return super(BaseClientEventAuthorisationForm, self).clean()
+
+    class Meta:
+        abstract = True
+
+
+class InternalClientEventAuthorisationForm(BaseClientEventAuthorisationForm):
+    def __init__(self, **kwargs):
+        super(InternalClientEventAuthorisationForm, self).__init__(**kwargs)
+        self.fields['uni_id'].required = True
+        self.fields['account_code'].required = True
+
+    class Meta:
+        model = models.EventAuthorisation
+        fields = ('tos', 'name', 'amount', 'uni_id', 'account_code')
+
+
+class EventAuthorisationRequestForm(forms.Form):
+    email = forms.EmailField(required=True, label='Authoriser Email')
--- a/RIGS/ical.py
+++ b/RIGS/ical.py
@@ -1,17 +1,19 @@
 from RIGS import models, forms
 from django_ical.views import ICalFeed
 from django.db.models import Q
-from django.core.urlresolvers import reverse_lazy, reverse, NoReverseMatch
+from django.urls import reverse_lazy, reverse, NoReverseMatch
 from django.utils import timezone
 from django.conf import settings

-import datetime, pytz
+import datetime
+import pytz
+

 class CalendarICS(ICalFeed):
    """
    A simple event calender
    """
-    #Metadata which is passed on to clients
+    # Metadata which is passed on to clients
    product_id = 'RIGS'
    title = 'RIGS Calendar'
    timezone = settings.TIME_ZONE
@@ -27,39 +29,39 @@ class CalendarICS(ICalFeed):
    def get_object(self, request, *args, **kwargs):
        params = {}

-        params['dry-hire'] = request.GET.get('dry-hire','true') == 'true'
-        params['non-rig'] = request.GET.get('non-rig','true') == 'true'
-        params['rig'] = request.GET.get('rig','true') == 'true'
+        params['dry-hire'] = request.GET.get('dry-hire', 'true') == 'true'
+        params['non-rig'] = request.GET.get('non-rig', 'true') == 'true'
+        params['rig'] = request.GET.get('rig', 'true') == 'true'

-        params['cancelled'] = request.GET.get('cancelled','false') == 'true'
-        params['provisional'] = request.GET.get('provisional','true') == 'true'
-        params['confirmed'] = request.GET.get('confirmed','true') == 'true'
+        params['cancelled'] = request.GET.get('cancelled', 'false') == 'true'
+        params['provisional'] = request.GET.get('provisional', 'true') == 'true'
+        params['confirmed'] = request.GET.get('confirmed', 'true') == 'true'

        return params

-    def description(self,params):
+    def description(self, params):
        desc = "Calendar generated by RIGS system. This includes event types: " + ('Rig, ' if params['rig'] else '') + ('Non-rig, ' if params['non-rig'] else '') + ('Dry Hire ' if params['dry-hire'] else '') + '\n'
        desc = desc + "Includes events with status: " + ('Cancelled, ' if params['cancelled'] else '') + ('Provisional, ' if params['provisional'] else '') + ('Confirmed/Booked, ' if params['confirmed'] else '')

        return desc

    def items(self, params):
-        #include events from up to 1 year ago
+        # include events from up to 1 year ago
        start = datetime.datetime.now() - datetime.timedelta(days=365)
        filter = Q(start_date__gte=start)

-        typeFilters = Q(pk=None) #Need something that is false for every entry
+        typeFilters = Q(pk=None)  # Need something that is false for every entry

        if params['dry-hire']:
            typeFilters = typeFilters | Q(dry_hire=True, is_rig=True)

        if params['non-rig']:
            typeFilters = typeFilters | Q(is_rig=False)
-        
+
        if params['rig']:
            typeFilters = typeFilters | Q(is_rig=True, dry_hire=False)
-        
-        statusFilters = Q(pk=None) #Need something that is false for every entry
+
+        statusFilters = Q(pk=None)  # Need something that is false for every entry

        if params['cancelled']:
            statusFilters = statusFilters | Q(status=models.Event.CANCELLED)
@@ -87,9 +89,9 @@ class CalendarICS(ICalFeed):

        # Add the rig name
        title += item.name
-        
+
        # Add the status
-        title += ' ('+str(item.get_status_display())+')'
+        title += ' (' + str(item.get_status_display()) + ')'

        return title

@@ -97,12 +99,12 @@ class CalendarICS(ICalFeed):
        return item.earliest_time

    def item_end_datetime(self, item):
-        if type(item.latest_time) is datetime.date: # Ical end_datetime is non-inclusive, so add a day
+        if type(item.latest_time) == datetime.date:  # Ical end_datetime is non-inclusive, so add a day
            return item.latest_time + datetime.timedelta(days=1)

        return item.latest_time

-    def item_location(self,item):
+    def item_location(self, item):
        return item.venue

    def item_description(self, item):
@@ -111,34 +113,33 @@ class CalendarICS(ICalFeed):

        tz = pytz.timezone(self.timezone)

-        desc = 'Rig ID = '+str(item.pk)+'\n'
+        desc = 'Rig ID = ' + str(item.pk) + '\n'
        desc += 'Event = ' + item.name + '\n'
        desc += 'Venue = ' + (item.venue.name if item.venue else '---') + '\n'
        if item.is_rig and item.person:
-            desc += 'Client = ' + item.person.name + ( (' for '+item.organisation.name) if item.organisation else '') + '\n'
+            desc += 'Client = ' + item.person.name + ((' for ' + item.organisation.name) if item.organisation else '') + '\n'
        desc += 'Status = ' + str(item.get_status_display()) + '\n'
        desc += 'MIC = ' + (item.mic.name if item.mic else '---') + '\n'
-        
-        
+
        desc += '\n'
        if item.meet_at:
            desc += 'Crew Meet = ' + (item.meet_at.astimezone(tz).strftime('%Y-%m-%d %H:%M') if item.meet_at else '---') + '\n'
        if item.access_at:
            desc += 'Access At = ' + (item.access_at.astimezone(tz).strftime('%Y-%m-%d %H:%M') if item.access_at else '---') + '\n'
        if item.start_date:
-            desc += 'Event Start = ' + item.start_date.strftime('%Y-%m-%d') + ((' '+item.start_time.strftime('%H:%M')) if item.has_start_time else '') + '\n'
+            desc += 'Event Start = ' + item.start_date.strftime('%Y-%m-%d') + ((' ' + item.start_time.strftime('%H:%M')) if item.has_start_time else '') + '\n'
        if item.end_date:
-            desc += 'Event End = ' + item.end_date.strftime('%Y-%m-%d') + ((' '+item.end_time.strftime('%H:%M')) if item.has_end_time else '') + '\n'
+            desc += 'Event End = ' + item.end_date.strftime('%Y-%m-%d') + ((' ' + item.end_time.strftime('%H:%M')) if item.has_end_time else '') + '\n'

        desc += '\n'
        if item.description:
-            desc += 'Event Description:\n'+item.description+'\n\n'
+            desc += 'Event Description:\n' + item.description + '\n\n'
        # if item.notes:  // Need to add proper keyholder checks before this gets put back
-        #     desc += 'Notes:\n'+item.notes+'\n\n'  
+        #     desc += 'Notes:\n'+item.notes+'\n\n'
+
+        base_url = "https://rigs.nottinghamtec.co.uk"
+        desc += 'URL = ' + base_url + str(item.get_absolute_url())

-        base_url = "http://rigs.nottinghamtec.co.uk"
-        desc += 'URL = '+base_url+str(item.get_absolute_url())
-        
        return desc

    def item_link(self, item):
@@ -149,8 +150,8 @@ class CalendarICS(ICalFeed):
    # def item_created(self, item):  #TODO - Implement created date-time (using django-reversion?) - not really necessary though
    #     return ''

-    def item_updated(self, item): # some ical clients will display this
+    def item_updated(self, item):  # some ical clients will display this
        return item.last_edited_at

-    def item_guid(self, item): # use the rig-id as the ical unique event identifier
-        return item.pk
+    def item_guid(self, item):  # use the rig-id as the ical unique event identifier
+        return item.pk
--- a/RIGS/management/commands/generateSampleData.py
+++ b/RIGS/management/commands/generateSampleData.py
@@ -1,248 +1,11 @@
 from django.core.management.base import BaseCommand, CommandError
-from django.contrib.auth.models import Group, Permission
-from django.db import transaction
-import reversion
+from django.core.management import call_command

-import datetime
-import random

-from RIGS import models
 class Command(BaseCommand):
    help = 'Adds sample data to use for testing'
    can_import_settings = True

-    people = []
-    organisations = []
-    venues = []
-    profiles = []
-
-    keyholder_group = None
-    finance_group = None
-
-
    def handle(self, *args, **options):
-        from django.conf import settings
-
-        if not (settings.DEBUG or settings.STAGING):
-            raise CommandError('You cannot run this command in production')
-
-        random.seed('Some object to seed the random number generator') # otherwise it is done by time, which could lead to inconsistant tests
-
-        with transaction.atomic():
-            models.VatRate.objects.create(start_at='2014-03-05',rate=0.20,comment='test1')
-
-            self.setupGenericProfiles()
-
-            self.setupPeople()
-            self.setupOrganisations()
-            self.setupVenues()
-            
-            self.setupGroups()
-            
-            self.setupEvents()
-
-            self.setupUsefulProfiles()
-
-    def setupPeople(self):
-        names = ["Regulus Black","Sirius Black","Lavender Brown","Cho Chang","Vincent Crabbe","Vincent Crabbe","Bartemius Crouch","Fleur Delacour","Cedric Diggory","Alberforth Dumbledore","Albus Dumbledore","Dudley Dursley","Petunia Dursley","Vernon Dursley","Argus Filch","Seamus Finnigan","Nicolas Flamel","Cornelius Fudge","Goyle","Gregory Goyle","Hermione Granger","Rubeus Hagrid","Igor Karkaroff","Viktor Krum","Bellatrix Lestrange","Alice Longbottom","Frank Longbottom","Neville Longbottom","Luna Lovegood","Xenophilius Lovegood","Remus Lupin","Draco Malfoy","Lucius Malfoy","Narcissa Malfoy","Olympe Maxime","Minerva McGonagall","Mad-Eye Moody","Peter Pettigrew","Harry Potter","James Potter","Lily Potter","Quirinus Quirrell","Tom Riddle","Mary Riddle","Lord Voldemort","Rita Skeeter","Severus Snape","Nymphadora Tonks","Dolores Janes Umbridge","Arthur Weasley","Bill Weasley","Charlie Weasley","Fred Weasley","George Weasley","Ginny Weasley","Molly Weasley","Percy Weasley","Ron Weasley","Dobby","Fluffy","Hedwig","Moaning Myrtle","Aragog","Grawp"]
-        for i, name in enumerate(names):
-            with reversion.create_revision():
-                reversion.set_user(random.choice(self.profiles))
-
-                newPerson = models.Person.objects.create(name=name)
-                if i % 3 == 0:
-                    newPerson.email = "address@person.com"
-
-                if i % 5 == 0:
-                    newPerson.notes = "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua"
-
-                if i % 7 == 0:
-                    newPerson.address = "1 Person Test Street \n Demoton \n United States of TEC \n RMRF 567"
-
-                if i % 9 == 0:
-                    newPerson.phone = "01234 567894"
-
-                newPerson.save()
-                self.people.append(newPerson)
-
-    def setupOrganisations(self):
-        names = ["Acme, inc.","Widget Corp","123 Warehousing","Demo Company","Smith and Co.","Foo Bars","ABC Telecom","Fake Brothers","QWERTY Logistics","Demo, inc.","Sample Company","Sample, inc","Acme Corp","Allied Biscuit","Ankh-Sto Associates","Extensive Enterprise","Galaxy Corp","Globo-Chem","Mr. Sparkle","Globex Corporation","LexCorp","LuthorCorp","North Central Positronics","Omni Consimer Products","Praxis Corporation","Sombra Corporation","Sto Plains Holdings","Tessier-Ashpool","Wayne Enterprises","Wentworth Industries","ZiffCorp","Bluth Company","Strickland Propane","Thatherton Fuels","Three Waters","Water and Power","Western Gas & Electric","Mammoth Pictures","Mooby Corp","Gringotts","Thrift Bank","Flowers By Irene","The Legitimate Businessmens Club","Osato Chemicals","Transworld Consortium","Universal Export","United Fried Chicken","Virtucon","Kumatsu Motors","Keedsler Motors","Powell Motors","Industrial Automation","Sirius Cybernetics Corporation","U.S. Robotics and Mechanical Men","Colonial Movers","Corellian Engineering Corporation","Incom Corporation","General Products","Leeding Engines Ltd.","Blammo","Input, Inc.","Mainway Toys","Videlectrix","Zevo Toys","Ajax","Axis Chemical Co.","Barrytron","Carrys Candles","Cogswell Cogs","Spacely Sprockets","General Forge and Foundry","Duff Brewing Company","Dunder Mifflin","General Services Corporation","Monarch Playing Card Co.","Krustyco","Initech","Roboto Industries","Primatech","Sonky Rubber Goods","St. Anky Beer","Stay Puft Corporation","Vandelay Industries","Wernham Hogg","Gadgetron","Burleigh and Stronginthearm","BLAND Corporation","Nordyne Defense Dynamics","Petrox Oil Company","Roxxon","McMahon and Tate","Sixty Second Avenue","Charles Townsend Agency","Spade and Archer","Megadodo Publications","Rouster and Sideways","C.H. Lavatory and Sons","Globo Gym American Corp","The New Firm","SpringShield","Compuglobalhypermeganet","Data Systems","Gizmonic Institute","Initrode","Taggart Transcontinental","Atlantic Northern","Niagular","Plow King","Big Kahuna Burger","Big T Burgers and Fries","Chez Quis","Chotchkies","The Frying Dutchman","Klimpys","The Krusty Krab","Monks Diner","Milliways","Minuteman Cafe","Taco Grande","Tip Top Cafe","Moes Tavern","Central Perk","Chasers"]
-        for i, name in enumerate(names):
-            with reversion.create_revision():
-                reversion.set_user(random.choice(self.profiles))
-                newOrganisation = models.Organisation.objects.create(name=name)
-                if i % 2 == 0:
-                    newOrganisation.has_su_account = True
-
-                if i % 3 == 0:
-                    newOrganisation.email = "address@organisation.com"
-
-                if i % 5 == 0:
-                    newOrganisation.notes = "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua"
-
-                if i % 7 == 0:
-                    newOrganisation.address = "1 Organisation Test Street \n Demoton \n United States of TEC \n RMRF 567"
-
-                if i % 9 == 0:
-                    newOrganisation.phone = "01234 567894"
-
-                newOrganisation.save()
-                self.organisations.append(newOrganisation)
-
-    def setupVenues(self):
-        names = ["Bear Island","Crossroads Inn","Deepwood Motte","The Dreadfort","The Eyrie","Greywater Watch","The Iron Islands","Karhold","Moat Cailin","Oldstones","Raventree Hall","Riverlands","The Ruby Ford","Saltpans","Seagard","Torrhen's Square","The Trident","The Twins","The Vale of Arryn","The Whispering Wood","White Harbor","Winterfell","The Arbor","Ashemark","Brightwater Keep","Casterly Rock","Clegane's Keep","Dragonstone","Dorne","God's Eye","The Golden Tooth","Harrenhal","Highgarden","Horn Hill","Fingers","King's Landing","Lannisport","Oldtown","Rainswood","Storm's End","Summerhall","Sunspear","Tarth","Castle Black","Craster's Keep","Fist of the First Men","The Frostfangs","The Gift","The Skirling Pass","The Wall","Asshai","Astapor","Braavos","The Dothraki Sea","Lys","Meereen","Myr","Norvos","Pentos","Qarth","Qohor","The Red Waste","Tyrosh","Vaes Dothrak","Valyria","Village of the Lhazareen","Volantis","Yunkai"]
-        for i, name in enumerate(names):
-            with reversion.create_revision():
-                reversion.set_user(random.choice(self.profiles))
-                newVenue = models.Venue.objects.create(name=name)
-                if i % 2 == 0:
-                    newVenue.three_phase_available = True
-
-                if i % 3 == 0:
-                    newVenue.email = "address@venue.com"
-
-                if i % 5 == 0:
-                    newVenue.notes = "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua"
-
-                if i % 7 == 0:
-                    newVenue.address = "1 Venue Test Street \n Demoton \n United States of TEC \n RMRF 567"
-
-                if i % 9 == 0:
-                    newVenue.phone = "01234 567894"
-
-                newVenue.save()
-                self.venues.append(newVenue)
-
-    def setupGroups(self):
-        self.keyholder_group = Group.objects.create(name='Keyholders')
-        self.finance_group = Group.objects.create(name='Finance')
-
-        keyholderPerms = ["add_event","change_event","view_event","add_eventitem","change_eventitem","delete_eventitem","add_organisation","change_organisation","view_organisation","add_person","change_person","view_person","view_profile","add_venue","change_venue","view_venue"]
-        financePerms = ["change_event","view_event","add_eventitem","change_eventitem","add_invoice","change_invoice","view_invoice","add_organisation","change_organisation","view_organisation","add_payment","change_payment","delete_payment","add_person","change_person","view_person"]
-
-        for permId in keyholderPerms:
-            self.keyholder_group.permissions.add(Permission.objects.get(codename=permId))
-
-        for permId in financePerms:
-            self.finance_group.permissions.add(Permission.objects.get(codename=permId))
-
-    def setupGenericProfiles(self):
-        names = ["Clara Oswin Oswald","Rory Williams","Amy Pond","River Song","Martha Jones","Donna Noble","Jack Harkness","Mickey Smith","Rose Tyler"]
-        for i, name in enumerate(names):
-            newProfile = models.Profile.objects.create(username=name.replace(" ",""), first_name=name.split(" ")[0], last_name=name.split(" ")[-1],
-                                                         email=name.replace(" ","")+"@example.com",
-                                                        initials="".join([ j[0].upper() for j in name.split() ]))
-            if i % 2 == 0:
-                newProfile.phone = "01234 567894"
-
-            newProfile.save()
-            self.profiles.append(newProfile)
-
-    def setupUsefulProfiles(self):
-        superUser = models.Profile.objects.create(username="superuser", first_name="Super", last_name="User", initials="SU", 
-                                                email="superuser@example.com", is_superuser=True, is_active=True, is_staff=True)
-        superUser.set_password('superuser')
-        superUser.save()
-
-        financeUser = models.Profile.objects.create(username="finance", first_name="Finance", last_name="User", initials="FU", 
-                                                email="financeuser@example.com", is_active=True)
-        financeUser.groups.add(self.finance_group)
-        financeUser.groups.add(self.keyholder_group)
-        financeUser.set_password('finance')
-        financeUser.save()
-
-        keyholderUser = models.Profile.objects.create(username="keyholder", first_name="Keyholder", last_name="User", initials="KU", 
-                                                email="keyholderuser@example.com", is_active=True)
-        keyholderUser.groups.add(self.keyholder_group)
-        keyholderUser.set_password('keyholder')
-        keyholderUser.save()
-
-        basicUser = models.Profile.objects.create(username="basic", first_name="Basic", last_name="User", initials="BU", 
-                                                email="basicuser@example.com", is_active=True)
-        basicUser.set_password('basic')
-        basicUser.save()
-
-    def setupEvents(self):
-        names = ["Outdoor Concert","Hall Open Mic Night","Festival","Weekend Event","Magic Show","Society Ball","Evening Show","Talent Show","Acoustic Evening","Hire of Things","SU Event","End of Term Show","Theatre Show","Outdoor Fun Day","Summer Carnival","Open Days","Magic Show","Awards Ceremony","Debating Event","Club Night","DJ Evening","Building Projection","Choir Concert"]
-        descriptions = ["A brief desciption of the event","This event is boring","Probably wont happen","Warning: this has lots of kit"]
-        notes = ["The client came into the office at some point","Who knows if this will happen", "Probably should check this event", "Maybe not happening", "Run away!"]
-
-        itemOptions = [{'name': 'Speakers', 'description': 'Some really really big speakers \n these are very loud', 'quantity': 2, 'cost': 200.00},
-                        {'name': 'Projector', 'description': 'Some kind of video thinamejig, probably with unnecessary processing for free', 'quantity': 1, 'cost': 500.00},
-                        {'name': 'Lighting Desk', 'description': 'Cannot provide guarentee that it will work', 'quantity': 1, 'cost': 200.52},
-                        {'name': 'Moving lights', 'description': 'Flashy lights, with the copper', 'quantity': 8, 'cost': 50.00},
-                        {'name': 'Microphones', 'description': 'Make loud noise \n you will want speakers with this', 'quantity': 5, 'cost': 0.50},
-                        {'name': 'Sound Mixer Thing', 'description': 'Might be analogue, might be digital', 'quantity': 1, 'cost': 100.00},
-                        {'name': 'Electricity', 'description': 'You need this', 'quantity': 1, 'cost': 200.00},
-                        {'name': 'Crew', 'description': 'Costs nothing, because reasons', 'quantity': 1, 'cost': 0.00},
-                        {'name': 'Loyalty Discount', 'description': 'Have some negative moneys', 'quantity': 1, 'cost': -50.00}]
-
-        dayDelta = -120 # start adding events from 4 months ago
-
-        for i in range(150): # Let's add 100 events
-            with reversion.create_revision():
-                reversion.set_user(random.choice(self.profiles))
-
-                name = names[i%len(names)]
-
-                startDate = datetime.date.today() + datetime.timedelta(days=dayDelta)
-                dayDelta = dayDelta + random.randint(0,3)
-
-                newEvent = models.Event.objects.create(name=name, start_date=startDate)
-
-                if random.randint(0,2) > 1: # 1 in 3 have a start time
-                    newEvent.start_time = datetime.time(random.randint(15,20))
-                    if random.randint(0,2) > 1: # of those, 1 in 3 have an end time on the same day
-                        newEvent.end_time = datetime.time(random.randint(21,23))
-                    elif random.randint(0,1)>0: # half of the others finish early the next day
-                        newEvent.end_date = newEvent.start_date + datetime.timedelta(days=1)
-                        newEvent.end_time = datetime.time(random.randint(0,5))
-                elif random.randint(0,2)>1: # 1 in 3 of the others finish a few days ahead
-                    newEvent.end_date = newEvent.start_date + datetime.timedelta(days=random.randint(1,4))
-
-
-                if random.randint(0,6) > 0: # 5 in 6 have MIC
-                    newEvent.mic = random.choice(self.profiles)
-
-                if random.randint(0,6) > 0: # 5 in 6 have organisation
-                    newEvent.organisation = random.choice(self.organisations)
-
-                if random.randint(0,6) > 0: # 5 in 6 have person
-                    newEvent.person = random.choice(self.people)
-
-                if random.randint(0,6) > 0: # 5 in 6 have venue
-                    newEvent.venue = random.choice(self.venues)
-
-                # Could have any status, equally weighted
-                newEvent.status = random.choice([models.Event.BOOKED,models.Event.CONFIRMED,models.Event.PROVISIONAL, models.Event.CANCELLED])
-
-                newEvent.dry_hire = (random.randint(0,7)==0) # 1 in 7 are dry hire
-
-                if random.randint(0,1) > 0: # 1 in 2 have description
-                    newEvent.description = random.choice(descriptions)
-
-                if random.randint(0,1) > 0: # 1 in 2 have notes
-                    newEvent.notes = random.choice(notes)
-
-                newEvent.save()
-
-                # Now add some items
-                for j in range(random.randint(1,5)):
-                    itemData = itemOptions[random.randint(0,len(itemOptions)-1)]
-                    newItem = models.EventItem.objects.create(event=newEvent, order=j, **itemData)
-                    newItem.save()
-
-                while newEvent.sum_total < 0:
-                    itemData = itemOptions[random.randint(0,len(itemOptions)-1)]
-                    newItem = models.EventItem.objects.create(event=newEvent, order=j, **itemData)
-                    newItem.save()
-
-            with reversion.create_revision():
-                reversion.set_user(random.choice(self.profiles))
-                if newEvent.start_date < datetime.date.today(): # think about adding an invoice
-                    if random.randint(0,2) > 0: # 2 in 3 have had paperwork sent to treasury
-                        newInvoice = models.Invoice.objects.create(event=newEvent)
-                        if newEvent.status is models.Event.CANCELLED: # void cancelled events
-                            newInvoice.void = True
-                        elif random.randint(0,2)>1: # 1 in 3 have been paid
-                            models.Payment.objects.create(invoice=newInvoice, amount=newInvoice.balance, date=datetime.date.today())
+        call_command('generateSampleRIGSData')
+        call_command('generateSampleAssetsData')
--- a/RIGS/management/commands/generateSampleRIGSData.py
+++ b/RIGS/management/commands/generateSampleRIGSData.py
@@ -0,0 +1,260 @@
+from django.core.management.base import BaseCommand, CommandError
+from django.contrib.auth.models import Group, Permission
+from django.db import transaction
+from reversion import revisions as reversion
+
+import datetime
+import random
+
+from RIGS import models
+
+
+class Command(BaseCommand):
+    help = 'Adds sample data to use for testing'
+    can_import_settings = True
+
+    people = []
+    organisations = []
+    venues = []
+    profiles = []
+
+    keyholder_group = None
+    finance_group = None
+
+    def handle(self, *args, **options):
+        from django.conf import settings
+
+        if not (settings.DEBUG or settings.STAGING):
+            raise CommandError('You cannot run this command in production')
+
+        random.seed('Some object to seed the random number generator')  # otherwise it is done by time, which could lead to inconsistant tests
+
+        with transaction.atomic():
+            models.VatRate.objects.create(start_at='2014-03-05', rate=0.20, comment='test1')
+
+            self.setupGenericProfiles()
+
+            self.setupPeople()
+            self.setupOrganisations()
+            self.setupVenues()
+
+            self.setupGroups()
+
+            self.setupEvents()
+
+            self.setupUsefulProfiles()
+
+    def setupPeople(self):
+        names = ["Regulus Black", "Sirius Black", "Lavender Brown", "Cho Chang", "Vincent Crabbe", "Vincent Crabbe", "Bartemius Crouch", "Fleur Delacour", "Cedric Diggory", "Alberforth Dumbledore", "Albus Dumbledore", "Dudley Dursley", "Petunia Dursley", "Vernon Dursley", "Argus Filch", "Seamus Finnigan", "Nicolas Flamel", "Cornelius Fudge", "Goyle", "Gregory Goyle", "Hermione Granger", "Rubeus Hagrid", "Igor Karkaroff", "Viktor Krum", "Bellatrix Lestrange", "Alice Longbottom", "Frank Longbottom", "Neville Longbottom", "Luna Lovegood", "Xenophilius Lovegood",  # noqa
+                 "Remus Lupin", "Draco Malfoy", "Lucius Malfoy", "Narcissa Malfoy", "Olympe Maxime", "Minerva McGonagall", "Mad-Eye Moody", "Peter Pettigrew", "Harry Potter", "James Potter", "Lily Potter", "Quirinus Quirrell", "Tom Riddle", "Mary Riddle", "Lord Voldemort", "Rita Skeeter", "Severus Snape", "Nymphadora Tonks", "Dolores Janes Umbridge", "Arthur Weasley", "Bill Weasley", "Charlie Weasley", "Fred Weasley", "George Weasley", "Ginny Weasley", "Molly Weasley", "Percy Weasley", "Ron Weasley", "Dobby", "Fluffy", "Hedwig", "Moaning Myrtle", "Aragog", "Grawp"]  # noqa
+        for i, name in enumerate(names):
+            with reversion.create_revision():
+                reversion.set_user(random.choice(self.profiles))
+
+                newPerson = models.Person.objects.create(name=name)
+                if i % 3 == 0:
+                    newPerson.email = "address@person.com"
+
+                if i % 5 == 0:
+                    newPerson.notes = "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua"
+
+                if i % 7 == 0:
+                    newPerson.address = "1 Person Test Street \n Demoton \n United States of TEC \n RMRF 567"
+
+                if i % 9 == 0:
+                    newPerson.phone = "01234 567894"
+
+                newPerson.save()
+                self.people.append(newPerson)
+
+    def setupOrganisations(self):
+        names = ["Acme, inc.", "Widget Corp", "123 Warehousing", "Demo Company", "Smith and Co.", "Foo Bars", "ABC Telecom", "Fake Brothers", "QWERTY Logistics", "Demo, inc.", "Sample Company", "Sample, inc", "Acme Corp", "Allied Biscuit", "Ankh-Sto Associates", "Extensive Enterprise", "Galaxy Corp", "Globo-Chem", "Mr. Sparkle", "Globex Corporation", "LexCorp", "LuthorCorp", "North Central Positronics", "Omni Consimer Products", "Praxis Corporation", "Sombra Corporation", "Sto Plains Holdings", "Tessier-Ashpool", "Wayne Enterprises", "Wentworth Industries", "ZiffCorp", "Bluth Company", "Strickland Propane", "Thatherton Fuels", "Three Waters", "Water and Power", "Western Gas & Electric", "Mammoth Pictures", "Mooby Corp", "Gringotts", "Thrift Bank", "Flowers By Irene", "The Legitimate Businessmens Club", "Osato Chemicals", "Transworld Consortium", "Universal Export", "United Fried Chicken", "Virtucon", "Kumatsu Motors", "Keedsler Motors", "Powell Motors", "Industrial Automation", "Sirius Cybernetics Corporation", "U.S. Robotics and Mechanical Men", "Colonial Movers", "Corellian Engineering Corporation", "Incom Corporation", "General Products", "Leeding Engines Ltd.", "Blammo",  # noqa
+                 "Input, Inc.", "Mainway Toys", "Videlectrix", "Zevo Toys", "Ajax", "Axis Chemical Co.", "Barrytron", "Carrys Candles", "Cogswell Cogs", "Spacely Sprockets", "General Forge and Foundry", "Duff Brewing Company", "Dunder Mifflin", "General Services Corporation", "Monarch Playing Card Co.", "Krustyco", "Initech", "Roboto Industries", "Primatech", "Sonky Rubber Goods", "St. Anky Beer", "Stay Puft Corporation", "Vandelay Industries", "Wernham Hogg", "Gadgetron", "Burleigh and Stronginthearm", "BLAND Corporation", "Nordyne Defense Dynamics", "Petrox Oil Company", "Roxxon", "McMahon and Tate", "Sixty Second Avenue", "Charles Townsend Agency", "Spade and Archer", "Megadodo Publications", "Rouster and Sideways", "C.H. Lavatory and Sons", "Globo Gym American Corp", "The New Firm", "SpringShield", "Compuglobalhypermeganet", "Data Systems", "Gizmonic Institute", "Initrode", "Taggart Transcontinental", "Atlantic Northern", "Niagular", "Plow King", "Big Kahuna Burger", "Big T Burgers and Fries", "Chez Quis", "Chotchkies", "The Frying Dutchman", "Klimpys", "The Krusty Krab", "Monks Diner", "Milliways", "Minuteman Cafe", "Taco Grande", "Tip Top Cafe", "Moes Tavern", "Central Perk", "Chasers"]  # noqa
+        for i, name in enumerate(names):
+            with reversion.create_revision():
+                reversion.set_user(random.choice(self.profiles))
+                newOrganisation = models.Organisation.objects.create(name=name)
+                if i % 2 == 0:
+                    newOrganisation.has_su_account = True
+
+                if i % 3 == 0:
+                    newOrganisation.email = "address@organisation.com"
+
+                if i % 5 == 0:
+                    newOrganisation.notes = "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua"
+
+                if i % 7 == 0:
+                    newOrganisation.address = "1 Organisation Test Street \n Demoton \n United States of TEC \n RMRF 567"
+
+                if i % 9 == 0:
+                    newOrganisation.phone = "01234 567894"
+
+                newOrganisation.save()
+                self.organisations.append(newOrganisation)
+
+    def setupVenues(self):
+        names = ["Bear Island", "Crossroads Inn", "Deepwood Motte", "The Dreadfort", "The Eyrie", "Greywater Watch", "The Iron Islands", "Karhold", "Moat Cailin", "Oldstones", "Raventree Hall", "Riverlands", "The Ruby Ford", "Saltpans", "Seagard", "Torrhen's Square", "The Trident", "The Twins", "The Vale of Arryn", "The Whispering Wood", "White Harbor", "Winterfell", "The Arbor", "Ashemark", "Brightwater Keep", "Casterly Rock", "Clegane's Keep", "Dragonstone", "Dorne", "God's Eye", "The Golden Tooth",  # noqa
+                 "Harrenhal", "Highgarden", "Horn Hill", "Fingers", "King's Landing", "Lannisport", "Oldtown", "Rainswood", "Storm's End", "Summerhall", "Sunspear", "Tarth", "Castle Black", "Craster's Keep", "Fist of the First Men", "The Frostfangs", "The Gift", "The Skirling Pass", "The Wall", "Asshai", "Astapor", "Braavos", "The Dothraki Sea", "Lys", "Meereen", "Myr", "Norvos", "Pentos", "Qarth", "Qohor", "The Red Waste", "Tyrosh", "Vaes Dothrak", "Valyria", "Village of the Lhazareen", "Volantis", "Yunkai"]  # noqa
+        for i, name in enumerate(names):
+            with reversion.create_revision():
+                reversion.set_user(random.choice(self.profiles))
+                newVenue = models.Venue.objects.create(name=name)
+                if i % 2 == 0:
+                    newVenue.three_phase_available = True
+
+                if i % 3 == 0:
+                    newVenue.email = "address@venue.com"
+
+                if i % 5 == 0:
+                    newVenue.notes = "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua"
+
+                if i % 7 == 0:
+                    newVenue.address = "1 Venue Test Street \n Demoton \n United States of TEC \n RMRF 567"
+
+                if i % 9 == 0:
+                    newVenue.phone = "01234 567894"
+
+                newVenue.save()
+                self.venues.append(newVenue)
+
+    def setupGroups(self):
+        self.keyholder_group = Group.objects.create(name='Keyholders')
+        self.finance_group = Group.objects.create(name='Finance')
+
+        keyholderPerms = ["add_event", "change_event", "view_event",
+                          "add_eventitem", "change_eventitem", "delete_eventitem",
+                          "add_organisation", "change_organisation", "view_organisation",
+                          "add_person", "change_person", "view_person", "view_profile",
+                          "add_venue", "change_venue", "view_venue",
+                          "add_asset", "change_asset", "delete_asset",
+                          "asset_finance", "view_asset", "view_supplier", "asset_finance",
+                          "add_supplier"]
+        financePerms = keyholderPerms + ["add_invoice", "change_invoice", "view_invoice",
+                                         "add_payment", "change_payment", "delete_payment"]
+
+        for permId in keyholderPerms:
+            self.keyholder_group.permissions.add(Permission.objects.get(codename=permId))
+
+        for permId in financePerms:
+            self.finance_group.permissions.add(Permission.objects.get(codename=permId))
+
+    def setupGenericProfiles(self):
+        names = ["Clara Oswin Oswald", "Rory Williams", "Amy Pond", "River Song", "Martha Jones", "Donna Noble", "Jack Harkness", "Mickey Smith", "Rose Tyler"]
+        for i, name in enumerate(names):
+            newProfile = models.Profile.objects.create(username=name.replace(" ", ""), first_name=name.split(" ")[0], last_name=name.split(" ")[-1],
+                                                       email=name.replace(" ", "") + "@example.com",
+                                                       initials="".join([j[0].upper() for j in name.split()]))
+            if i % 2 == 0:
+                newProfile.phone = "01234 567894"
+
+            newProfile.save()
+            self.profiles.append(newProfile)
+
+    def setupUsefulProfiles(self):
+        superUser = models.Profile.objects.create(username="superuser", first_name="Super", last_name="User", initials="SU",
+                                                  email="superuser@example.com", is_superuser=True, is_active=True, is_staff=True)
+        superUser.set_password('superuser')
+        superUser.save()
+
+        financeUser = models.Profile.objects.create(username="finance", first_name="Finance", last_name="User", initials="FU",
+                                                    email="financeuser@example.com", is_active=True)
+        financeUser.groups.add(self.finance_group)
+        financeUser.groups.add(self.keyholder_group)
+        financeUser.set_password('finance')
+        financeUser.save()
+
+        keyholderUser = models.Profile.objects.create(username="keyholder", first_name="Keyholder", last_name="User", initials="KU",
+                                                      email="keyholderuser@example.com", is_active=True)
+        keyholderUser.groups.add(self.keyholder_group)
+        keyholderUser.set_password('keyholder')
+        keyholderUser.save()
+
+        basicUser = models.Profile.objects.create(username="basic", first_name="Basic", last_name="User", initials="BU",
+                                                  email="basicuser@example.com", is_active=True)
+        basicUser.set_password('basic')
+        basicUser.save()
+
+    def setupEvents(self):
+        names = ["Outdoor Concert", "Hall Open Mic Night", "Festival", "Weekend Event", "Magic Show", "Society Ball", "Evening Show", "Talent Show", "Acoustic Evening", "Hire of Things", "SU Event",
+                 "End of Term Show", "Theatre Show", "Outdoor Fun Day", "Summer Carnival", "Open Days", "Magic Show", "Awards Ceremony", "Debating Event", "Club Night", "DJ Evening", "Building Projection", "Choir Concert"]
+        descriptions = ["A brief desciption of the event", "This event is boring", "Probably wont happen", "Warning: this has lots of kit"]
+        notes = ["The client came into the office at some point", "Who knows if this will happen", "Probably should check this event", "Maybe not happening", "Run away!"]
+
+        itemOptions = [{'name': 'Speakers', 'description': 'Some really really big speakers \n these are very loud', 'quantity': 2, 'cost': 200.00},
+                       {'name': 'Projector', 'description': 'Some kind of video thinamejig, probably with unnecessary processing for free', 'quantity': 1, 'cost': 500.00},
+                       {'name': 'Lighting Desk', 'description': 'Cannot provide guarentee that it will work', 'quantity': 1, 'cost': 200.52},
+                       {'name': 'Moving lights', 'description': 'Flashy lights, with the copper', 'quantity': 8, 'cost': 50.00},
+                       {'name': 'Microphones', 'description': 'Make loud noise \n you will want speakers with this', 'quantity': 5, 'cost': 0.50},
+                       {'name': 'Sound Mixer Thing', 'description': 'Might be analogue, might be digital', 'quantity': 1, 'cost': 100.00},
+                       {'name': 'Electricity', 'description': 'You need this', 'quantity': 1, 'cost': 200.00},
+                       {'name': 'Crew', 'description': 'Costs nothing, because reasons', 'quantity': 1, 'cost': 0.00},
+                       {'name': 'Loyalty Discount', 'description': 'Have some negative moneys', 'quantity': 1, 'cost': -50.00}]
+
+        dayDelta = -120  # start adding events from 4 months ago
+
+        for i in range(150):  # Let's add 100 events
+            with reversion.create_revision():
+                reversion.set_user(random.choice(self.profiles))
+
+                name = names[i % len(names)]
+
+                startDate = datetime.date.today() + datetime.timedelta(days=dayDelta)
+                dayDelta = dayDelta + random.randint(0, 3)
+
+                newEvent = models.Event.objects.create(name=name, start_date=startDate)
+
+                if random.randint(0, 2) > 1:  # 1 in 3 have a start time
+                    newEvent.start_time = datetime.time(random.randint(15, 20))
+                    if random.randint(0, 2) > 1:  # of those, 1 in 3 have an end time on the same day
+                        newEvent.end_time = datetime.time(random.randint(21, 23))
+                    elif random.randint(0, 1) > 0:  # half of the others finish early the next day
+                        newEvent.end_date = newEvent.start_date + datetime.timedelta(days=1)
+                        newEvent.end_time = datetime.time(random.randint(0, 5))
+                elif random.randint(0, 2) > 1:  # 1 in 3 of the others finish a few days ahead
+                    newEvent.end_date = newEvent.start_date + datetime.timedelta(days=random.randint(1, 4))
+
+                if random.randint(0, 6) > 0:  # 5 in 6 have MIC
+                    newEvent.mic = random.choice(self.profiles)
+
+                if random.randint(0, 6) > 0:  # 5 in 6 have organisation
+                    newEvent.organisation = random.choice(self.organisations)
+
+                if random.randint(0, 6) > 0:  # 5 in 6 have person
+                    newEvent.person = random.choice(self.people)
+
+                if random.randint(0, 6) > 0:  # 5 in 6 have venue
+                    newEvent.venue = random.choice(self.venues)
+
+                # Could have any status, equally weighted
+                newEvent.status = random.choice([models.Event.BOOKED, models.Event.CONFIRMED, models.Event.PROVISIONAL, models.Event.CANCELLED])
+
+                newEvent.dry_hire = (random.randint(0, 7) == 0)  # 1 in 7 are dry hire
+
+                if random.randint(0, 1) > 0:  # 1 in 2 have description
+                    newEvent.description = random.choice(descriptions)
+
+                if random.randint(0, 1) > 0:  # 1 in 2 have notes
+                    newEvent.notes = random.choice(notes)
+
+                newEvent.save()
+
+                # Now add some items
+                for j in range(random.randint(1, 5)):
+                    itemData = itemOptions[random.randint(0, len(itemOptions) - 1)]
+                    newItem = models.EventItem.objects.create(event=newEvent, order=j, **itemData)
+                    newItem.save()
+
+                while newEvent.sum_total < 0:
+                    itemData = itemOptions[random.randint(0, len(itemOptions) - 1)]
+                    newItem = models.EventItem.objects.create(event=newEvent, order=j, **itemData)
+                    newItem.save()
+
+            with reversion.create_revision():
+                reversion.set_user(random.choice(self.profiles))
+                if newEvent.start_date < datetime.date.today():  # think about adding an invoice
+                    if random.randint(0, 2) > 0:  # 2 in 3 have had paperwork sent to treasury
+                        newInvoice = models.Invoice.objects.create(event=newEvent)
+                        if newEvent.status is models.Event.CANCELLED:  # void cancelled events
+                            newInvoice.void = True
+                        elif random.randint(0, 2) > 1:  # 1 in 3 have been paid
+                            models.Payment.objects.create(invoice=newInvoice, amount=newInvoice.balance, date=datetime.date.today())
--- a/RIGS/migrations/0001_initial.py
+++ b/RIGS/migrations/0001_initial.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations
 import django.core.validators
--- a/RIGS/migrations/0002_modelcomment_person.py
+++ b/RIGS/migrations/0002_modelcomment_person.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations
 from django.conf import settings
@@ -18,7 +18,7 @@ class Migration(migrations.Migration):
                ('id', models.AutoField(verbose_name='ID', serialize=False, auto_created=True, primary_key=True)),
                ('postedAt', models.DateTimeField(auto_now=True)),
                ('message', models.TextField()),
-                ('user', models.ForeignKey(to=settings.AUTH_USER_MODEL)),
+                ('user', models.ForeignKey(to=settings.AUTH_USER_MODEL, on_delete=models.CASCADE)),
            ],
            options={
            },
--- a/RIGS/migrations/0003_auto_20141031_0219.py
+++ b/RIGS/migrations/0003_auto_20141031_0219.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations

--- a/RIGS/migrations/0004_organisation.py
+++ b/RIGS/migrations/0004_organisation.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations
 import RIGS.models
--- a/RIGS/migrations/0005_auto_20141104_1619.py
+++ b/RIGS/migrations/0005_auto_20141104_1619.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations

--- a/RIGS/migrations/0006_auto_20141105_1553.py
+++ b/RIGS/migrations/0006_auto_20141105_1553.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations

--- a/RIGS/migrations/0007_vatrate.py
+++ b/RIGS/migrations/0007_vatrate.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations
 import RIGS.models
--- a/RIGS/migrations/0008_auto_20141105_1908.py
+++ b/RIGS/migrations/0008_auto_20141105_1908.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations
 from django.conf import settings
@@ -33,11 +33,11 @@ class Migration(migrations.Migration):
                ('payment_method', models.CharField(blank=True, null=True, max_length=255)),
                ('payment_received', models.CharField(blank=True, null=True, max_length=255)),
                ('purchase_order', models.CharField(blank=True, null=True, max_length=255)),
-                ('based_on', models.ForeignKey(to='RIGS.Event', related_name='future_events')),
-                ('checked_in_by', models.ForeignKey(to=settings.AUTH_USER_MODEL, related_name='event_checked_in')),
-                ('mic', models.ForeignKey(to=settings.AUTH_USER_MODEL, related_name='event_mic')),
-                ('organisation', models.ForeignKey(to='RIGS.Organisation')),
-                ('person', models.ForeignKey(to='RIGS.Person')),
+                ('based_on', models.ForeignKey(to='RIGS.Event', related_name='future_events', on_delete=models.CASCADE)),
+                ('checked_in_by', models.ForeignKey(to=settings.AUTH_USER_MODEL, related_name='event_checked_in', on_delete=models.CASCADE)),
+                ('mic', models.ForeignKey(to=settings.AUTH_USER_MODEL, related_name='event_mic', on_delete=models.CASCADE)),
+                ('organisation', models.ForeignKey(to='RIGS.Organisation', on_delete=models.CASCADE)),
+                ('person', models.ForeignKey(to='RIGS.Person', on_delete=models.CASCADE)),
            ],
            options={
            },
@@ -52,7 +52,7 @@ class Migration(migrations.Migration):
                ('quantity', models.IntegerField()),
                ('cost', models.DecimalField(max_digits=10, decimal_places=2)),
                ('order', models.IntegerField()),
-                ('event', models.ForeignKey(to='RIGS.Event', related_name='item')),
+                ('event', models.ForeignKey(to='RIGS.Event', related_name='item', on_delete=models.CASCADE)),
            ],
            options={
            },
@@ -75,7 +75,7 @@ class Migration(migrations.Migration):
        migrations.AddField(
            model_name='event',
            name='venue',
-            field=models.ForeignKey(to='RIGS.Venue'),
+            field=models.ForeignKey(to='RIGS.Venue', on_delete=models.CASCADE),
            preserve_default=True,
        ),
    ]
--- a/RIGS/migrations/0009_auto_20141105_1916.py
+++ b/RIGS/migrations/0009_auto_20141105_1916.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations
 from django.conf import settings
@@ -14,26 +14,26 @@ class Migration(migrations.Migration):
        migrations.AlterField(
            model_name='event',
            name='based_on',
-            field=models.ForeignKey(to='RIGS.Event', related_name='future_events', blank=True, null=True),
+            field=models.ForeignKey(to='RIGS.Event', related_name='future_events', blank=True, null=True, on_delete=models.CASCADE),
            preserve_default=True,
        ),
        migrations.AlterField(
            model_name='event',
            name='checked_in_by',
            field=models.ForeignKey(to=settings.AUTH_USER_MODEL, related_name='event_checked_in', blank=True,
-                                    null=True),
+                                    null=True, on_delete=models.CASCADE),
            preserve_default=True,
        ),
        migrations.AlterField(
            model_name='event',
            name='mic',
-            field=models.ForeignKey(to=settings.AUTH_USER_MODEL, related_name='event_mic', blank=True, null=True),
+            field=models.ForeignKey(to=settings.AUTH_USER_MODEL, related_name='event_mic', blank=True, null=True, on_delete=models.CASCADE),
            preserve_default=True,
        ),
        migrations.AlterField(
            model_name='event',
            name='organisation',
-            field=models.ForeignKey(to='RIGS.Organisation', blank=True, null=True),
+            field=models.ForeignKey(to='RIGS.Organisation', blank=True, null=True, on_delete=models.CASCADE),
            preserve_default=True,
        ),
        migrations.AlterField(
--- a/RIGS/migrations/0010_auto_20141105_2219.py
+++ b/RIGS/migrations/0010_auto_20141105_2219.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations
 from django.conf import settings
@@ -19,8 +19,8 @@ class Migration(migrations.Migration):
                ('run', models.BooleanField(default=False)),
                ('derig', models.BooleanField(default=False)),
                ('notes', models.TextField(blank=True, null=True)),
-                ('event', models.ForeignKey(related_name='crew', to='RIGS.Event')),
-                ('user', models.ForeignKey(to=settings.AUTH_USER_MODEL)),
+                ('event', models.ForeignKey(related_name='crew', to='RIGS.Event', on_delete=models.CASCADE)),
+                ('user', models.ForeignKey(to=settings.AUTH_USER_MODEL, on_delete=models.CASCADE)),
            ],
            options={
            },
@@ -35,7 +35,7 @@ class Migration(migrations.Migration):
        migrations.AlterField(
            model_name='eventitem',
            name='event',
-            field=models.ForeignKey(related_name='items', to='RIGS.Event'),
+            field=models.ForeignKey(related_name='items', to='RIGS.Event', on_delete=models.CASCADE),
            preserve_default=True,
        ),
    ]
--- a/RIGS/migrations/0011_venue_address.py
+++ b/RIGS/migrations/0011_venue_address.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations

--- a/RIGS/migrations/0012_auto_20141106_0253.py
+++ b/RIGS/migrations/0012_auto_20141106_0253.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations

--- a/RIGS/migrations/0013_auto_20141202_0041.py
+++ b/RIGS/migrations/0013_auto_20141202_0041.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations

@@ -14,7 +14,7 @@ class Migration(migrations.Migration):
        migrations.AlterField(
            model_name='event',
            name='person',
-            field=models.ForeignKey(blank=True, null=True, to='RIGS.Person'),
+            field=models.ForeignKey(blank=True, null=True, to='RIGS.Person', on_delete=models.CASCADE),
            preserve_default=True,
        ),
    ]
--- a/RIGS/migrations/0014_auto_20141208_0220.py
+++ b/RIGS/migrations/0014_auto_20141208_0220.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations

@@ -14,13 +14,13 @@ class Migration(migrations.Migration):
        migrations.AlterField(
            model_name='event',
            name='venue',
-            field=models.ForeignKey(blank=True, to='RIGS.Venue', null=True),
+            field=models.ForeignKey(blank=True, to='RIGS.Venue', null=True, on_delete=models.CASCADE),
            preserve_default=True,
        ),
        migrations.AlterField(
            model_name='eventitem',
            name='event',
-            field=models.ForeignKey(related_name='items', blank=True, to='RIGS.Event'),
+            field=models.ForeignKey(related_name='items', blank=True, to='RIGS.Event', on_delete=models.CASCADE),
            preserve_default=True,
        ),
    ]
--- a/RIGS/migrations/0015_auto_20141208_0233.py
+++ b/RIGS/migrations/0015_auto_20141208_0233.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations

--- a/RIGS/migrations/0016_auto_20150127_1905.py
+++ b/RIGS/migrations/0016_auto_20150127_1905.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations
 from django.conf import settings
@@ -18,7 +18,7 @@ class Migration(migrations.Migration):
                ('id', models.AutoField(verbose_name='ID', serialize=False, auto_created=True, primary_key=True)),
                ('invoice_date', models.DateField(auto_now_add=True)),
                ('void', models.BooleanField()),
-                ('event', models.OneToOneField(to='RIGS.Event')),
+                ('event', models.OneToOneField(to='RIGS.Event', on_delete=models.CASCADE)),
            ],
            options={
            },
@@ -31,7 +31,7 @@ class Migration(migrations.Migration):
                ('date', models.DateField()),
                ('amount', models.DecimalField(help_text=b'Please use ex. VAT', max_digits=10, decimal_places=2)),
                ('method', models.CharField(max_length=2, choices=[(b'C', b'Cash'), (b'I', b'Internal'), (b'E', b'External'), (b'SU', b'SU Core'), (b'M', b'Members')])),
-                ('invoice', models.ForeignKey(to='RIGS.Invoice')),
+                ('invoice', models.ForeignKey(to='RIGS.Invoice', on_delete=models.CASCADE)),
            ],
            options={
            },
@@ -40,7 +40,7 @@ class Migration(migrations.Migration):
        migrations.AlterField(
            model_name='event',
            name='mic',
-            field=models.ForeignKey(related_name='event_mic', verbose_name=b'MIC', blank=True, to=settings.AUTH_USER_MODEL, null=True),
+            field=models.ForeignKey(related_name='event_mic', verbose_name=b'MIC', blank=True, to=settings.AUTH_USER_MODEL, null=True, on_delete=models.CASCADE),
            preserve_default=True,
        ),
    ]
--- a/RIGS/migrations/0017_auto_20150129_2041.py
+++ b/RIGS/migrations/0017_auto_20150129_2041.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations

--- a/RIGS/migrations/0018_auto_20150130_0016.py
+++ b/RIGS/migrations/0018_auto_20150130_0016.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations

--- a/RIGS/migrations/0019_auto_20150131_1919.py
+++ b/RIGS/migrations/0019_auto_20150131_1919.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations

--- a/RIGS/migrations/0020_auto_20150303_0243.py
+++ b/RIGS/migrations/0020_auto_20150303_0243.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations

--- a/RIGS/migrations/0021_auto_20150420_1155.py
+++ b/RIGS/migrations/0021_auto_20150420_1155.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations

--- a/RIGS/migrations/0022_auto_20150424_2104.py
+++ b/RIGS/migrations/0022_auto_20150424_2104.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations

--- a/RIGS/migrations/0023_auto_20150529_0048.py
+++ b/RIGS/migrations/0023_auto_20150529_0048.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations
 import django.core.validators
--- a/RIGS/migrations/0024_auto_20160229_2042.py
+++ b/RIGS/migrations/0024_auto_20160229_2042.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from __future__ import unicode_literals
+

 from django.db import models, migrations
 import django.db.models.deletion
--- a/RIGS/migrations/0025_auto_20160331_1302.py
+++ b/RIGS/migrations/0025_auto_20160331_1302.py
@@ -0,0 +1,26 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.9.4 on 2016-03-31 12:02
+
+
+import django.core.validators
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('RIGS', '0024_auto_20160229_2042'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='profile',
+            name='username',
+            field=models.CharField(error_messages={'unique': 'A user with that username already exists.'}, help_text='Required. 30 characters or fewer. Letters, digits and @/./+/-/_ only.', max_length=30, unique=True, validators=[django.core.validators.RegexValidator('^[\\w.@+-]+$', 'Enter a valid username. This value may contain only letters, numbers and @/./+/-/_ characters.')], verbose_name='username'),
+        ),
+        migrations.AlterField(
+            model_name='vatrate',
+            name='start_at',
+            field=models.DateField(),
+        ),
+    ]
--- a/RIGS/migrations/0025_eventauthorisation.py
+++ b/RIGS/migrations/0025_eventauthorisation.py
@@ -0,0 +1,27 @@
+# -*- coding: utf-8 -*-
+
+
+from django.db import models, migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('RIGS', '0024_auto_20160229_2042'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='EventAuthorisation',
+            fields=[
+                ('id', models.AutoField(verbose_name='ID', serialize=False, auto_created=True, primary_key=True)),
+                ('email', models.EmailField(max_length=254)),
+                ('name', models.CharField(max_length=255)),
+                ('uni_id', models.CharField(max_length=10, null=True, verbose_name=b'University ID', blank=True)),
+                ('account_code', models.CharField(max_length=50, null=True, blank=True)),
+                ('amount', models.DecimalField(verbose_name=b'authorisation amount', max_digits=10, decimal_places=2)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('event', models.ForeignKey(related_name='authroisations', to='RIGS.Event', on_delete=models.CASCADE)),
+            ],
+        ),
+    ]
--- a/RIGS/migrations/0026_auto_20170510_1846.py
+++ b/RIGS/migrations/0026_auto_20170510_1846.py
@@ -0,0 +1,21 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.11.1 on 2017-05-10 17:46
+
+
+import django.contrib.auth.validators
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('RIGS', '0025_auto_20160331_1302'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='profile',
+            name='username',
+            field=models.CharField(error_messages={'unique': 'A user with that username already exists.'}, help_text='Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.', max_length=150, unique=True, validators=[django.contrib.auth.validators.ASCIIUsernameValidator()], verbose_name='username'),
+        ),
+    ]
--- a/RIGS/migrations/0026_remove_eventauthorisation_created_at.py
+++ b/RIGS/migrations/0026_remove_eventauthorisation_created_at.py
@@ -0,0 +1,18 @@
+# -*- coding: utf-8 -*-
+
+
+from django.db import models, migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('RIGS', '0025_eventauthorisation'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='eventauthorisation',
+            name='created_at',
+        ),
+    ]
--- a/RIGS/migrations/0027_eventauthorisation_event_singular.py
+++ b/RIGS/migrations/0027_eventauthorisation_event_singular.py
@@ -0,0 +1,19 @@
+# -*- coding: utf-8 -*-
+
+
+from django.db import models, migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('RIGS', '0026_remove_eventauthorisation_created_at'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='eventauthorisation',
+            name='event',
+            field=models.OneToOneField(related_name='authorisation', to='RIGS.Event', on_delete=models.CASCADE),
+        ),
+    ]
--- a/RIGS/migrations/0029_eventauthorisation_sent_by.py
+++ b/RIGS/migrations/0029_eventauthorisation_sent_by.py
@@ -0,0 +1,21 @@
+# -*- coding: utf-8 -*-
+
+
+from django.db import models, migrations
+from django.conf import settings
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('RIGS', '0027_eventauthorisation_event_singular'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='eventauthorisation',
+            name='sent_by',
+            field=models.ForeignKey(default=1, to=settings.AUTH_USER_MODEL, on_delete=models.CASCADE),
+            preserve_default=False,
+        ),
+    ]
--- a/RIGS/migrations/0030_auth_request_sending.py
+++ b/RIGS/migrations/0030_auth_request_sending.py
@@ -0,0 +1,30 @@
+# -*- coding: utf-8 -*-
+
+
+from django.db import models, migrations
+from django.conf import settings
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('RIGS', '0029_eventauthorisation_sent_by'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='event',
+            name='auth_request_at',
+            field=models.DateTimeField(null=True, blank=True),
+        ),
+        migrations.AddField(
+            model_name='event',
+            name='auth_request_by',
+            field=models.ForeignKey(blank=True, to=settings.AUTH_USER_MODEL, null=True, on_delete=models.CASCADE),
+        ),
+        migrations.AddField(
+            model_name='event',
+            name='auth_request_to',
+            field=models.EmailField(max_length=254, null=True, blank=True),
+        ),
+    ]
--- a/RIGS/migrations/0031_merge_20170512_2102.py
+++ b/RIGS/migrations/0031_merge_20170512_2102.py
@@ -0,0 +1,16 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.11.1 on 2017-05-12 20:02
+
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('RIGS', '0030_auth_request_sending'),
+        ('RIGS', '0026_auto_20170510_1846'),
+    ]
+
+    operations = [
+    ]
--- a/RIGS/migrations/0032_auto_20170904_2355.py
+++ b/RIGS/migrations/0032_auto_20170904_2355.py
@@ -0,0 +1,69 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.11.4 on 2017-09-04 22:55
+from __future__ import unicode_literals
+
+from django.conf import settings
+import django.contrib.auth.validators
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('reversion', '0001_squashed_0004_auto_20160611_1202'),
+        ('RIGS', '0031_merge_20170512_2102'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='RIGSVersion',
+            fields=[
+            ],
+            options={
+                'indexes': [],
+                'proxy': True,
+            },
+            bases=('reversion.version',),
+        ),
+        migrations.AlterField(
+            model_name='event',
+            name='collector',
+            field=models.CharField(blank=True, max_length=255, null=True, verbose_name='collected by'),
+        ),
+        migrations.AlterField(
+            model_name='event',
+            name='mic',
+            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, related_name='event_mic', to=settings.AUTH_USER_MODEL, verbose_name='MIC'),
+        ),
+        migrations.AlterField(
+            model_name='event',
+            name='purchase_order',
+            field=models.CharField(blank=True, max_length=255, null=True, verbose_name='PO'),
+        ),
+        migrations.AlterField(
+            model_name='eventauthorisation',
+            name='amount',
+            field=models.DecimalField(decimal_places=2, max_digits=10, verbose_name='authorisation amount'),
+        ),
+        migrations.AlterField(
+            model_name='eventauthorisation',
+            name='uni_id',
+            field=models.CharField(blank=True, max_length=10, null=True, verbose_name='University ID'),
+        ),
+        migrations.AlterField(
+            model_name='payment',
+            name='amount',
+            field=models.DecimalField(decimal_places=2, help_text='Please use ex. VAT', max_digits=10),
+        ),
+        migrations.AlterField(
+            model_name='payment',
+            name='method',
+            field=models.CharField(blank=True, choices=[('C', 'Cash'), ('I', 'Internal'), ('E', 'External'), ('SU', 'SU Core'), ('T', 'TEC Adjustment')], max_length=2, null=True),
+        ),
+        migrations.AlterField(
+            model_name='profile',
+            name='username',
+            field=models.CharField(error_messages={'unique': 'A user with that username already exists.'}, help_text='Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.', max_length=150, unique=True, validators=[django.contrib.auth.validators.UnicodeUsernameValidator()], verbose_name='username'),
+        ),
+    ]
--- a/RIGS/migrations/0033_auto_20180325_0016.py
+++ b/RIGS/migrations/0033_auto_20180325_0016.py
@@ -0,0 +1,18 @@
+# Generated by Django 2.0.3 on 2018-03-25 00:16
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('RIGS', '0032_auto_20170904_2355'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='profile',
+            name='last_name',
+            field=models.CharField(blank=True, max_length=150, verbose_name='last name'),
+        ),
+    ]
--- a/RIGS/migrations/0034_event_risk_assessment_edit_url.py
+++ b/RIGS/migrations/0034_event_risk_assessment_edit_url.py
@@ -0,0 +1,18 @@
+# Generated by Django 2.0.5 on 2019-07-28 21:28
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('RIGS', '0033_auto_20180325_0016'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='event',
+            name='risk_assessment_edit_url',
+            field=models.CharField(blank=True, max_length=255, null=True),
+        ),
+    ]
--- a/RIGS/migrations/0035_auto_20191124_1319.py
+++ b/RIGS/migrations/0035_auto_20191124_1319.py
@@ -0,0 +1,18 @@
+# Generated by Django 2.0.13 on 2019-11-24 13:19
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('RIGS', '0034_event_risk_assessment_edit_url'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='event',
+            name='risk_assessment_edit_url',
+            field=models.CharField(blank=True, max_length=255, null=True, verbose_name='risk assessment'),
+        ),
+    ]
--- a/RIGS/migrations/0036_profile_is_approved.py
+++ b/RIGS/migrations/0036_profile_is_approved.py
@@ -0,0 +1,23 @@
+# Generated by Django 2.0.13 on 2020-01-10 14:52
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('RIGS', '0035_auto_20191124_1319'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='profile',
+            name='is_approved',
+            field=models.BooleanField(default=False),
+        ),
+        migrations.AddField(
+            model_name='profile',
+            name='last_emailed',
+            field=models.DateTimeField(blank=True, null=True),
+        ),
+    ]
--- a/RIGS/migrations/0037_approve_legacy.py
+++ b/RIGS/migrations/0037_approve_legacy.py
@@ -0,0 +1,19 @@
+# Generated by Django 2.0.13 on 2020-01-11 18:29
+# This migration ensures that legacy Profiles from before approvals were implemented are automatically approved 
+from django.db import migrations
+
+def approve_legacy(apps, schema_editor):
+    Profile = apps.get_model('RIGS', 'Profile')
+    for person in Profile.objects.all():
+        person.is_approved = True
+        person.save()
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('RIGS', '0036_profile_is_approved'),
+    ]
+
+    operations = [
+        migrations.RunPython(approve_legacy)
+    ]
--- a/RIGS/models.py
+++ b/RIGS/models.py
@@ -1,19 +1,24 @@
 import datetime
 import hashlib
+import datetime
 import pytz
-import random
+
+from django.db import models
+from django.contrib.auth.models import AbstractUser
+from django.conf import settings
+from django.utils import timezone
+from django.utils.functional import cached_property
+from django.utils.encoding import python_2_unicode_compatible
+from reversion import revisions as reversion
+from reversion.models import Version
 import string
+
+import random
 from collections import Counter
 from decimal import Decimal

-import reversion
-from django.conf import settings
-from django.contrib.auth.models import AbstractUser
 from django.core.exceptions import ValidationError
-from django.core.urlresolvers import reverse_lazy
-from django.db import models
-from django.utils.encoding import python_2_unicode_compatible
-from django.utils.functional import cached_property
+from django.urls import reverse_lazy


 # Create your models here.
@@ -22,19 +27,21 @@ class Profile(AbstractUser):
    initials = models.CharField(max_length=5, unique=True, null=True, blank=False)
    phone = models.CharField(max_length=13, null=True, blank=True)
    api_key = models.CharField(max_length=40, blank=True, editable=False, null=True)
+    is_approved = models.BooleanField(default=False)
+    last_emailed = models.DateTimeField(blank=True, null=True)  # Currently only populated by the admin approval email. TODO: Populate it each time we send any email, might need that...

    @classmethod
    def make_api_key(cls):
        size = 20
        chars = string.ascii_letters + string.digits
        new_api_key = ''.join(random.choice(chars) for x in range(size))
-        return new_api_key;
+        return new_api_key

    @property
    def profile_picture(self):
        url = ""
        if settings.USE_GRAVATAR or settings.USE_GRAVATAR is None:
-            url = "https://www.gravatar.com/avatar/" + hashlib.md5(self.email).hexdigest() + "?d=wavatar&s=500"
+            url = "https://www.gravatar.com/avatar/" + hashlib.md5(self.email.encode('utf-8')).hexdigest() + "?d=wavatar&s=500"
        return url

    @property
@@ -48,6 +55,14 @@ class Profile(AbstractUser):
    def latest_events(self):
        return self.event_mic.order_by('-start_date').select_related('person', 'organisation', 'venue', 'mic')

+    @classmethod
+    def admins(cls):
+        return Profile.objects.filter(email__in=[y for x in settings.ADMINS for y in x])
+
+    @classmethod
+    def users_awaiting_approval_count(cls):
+        return Profile.objects.filter(models.Q(is_approved=False)).count()
+
    def __str__(self):
        return self.name

@@ -58,32 +73,31 @@ class Profile(AbstractUser):


 class RevisionMixin(object):
+    @property
+    def current_version(self):
+        version = Version.objects.get_for_object(self).select_related('revision').first()
+        return version
+
    @property
    def last_edited_at(self):
-        versions = reversion.get_for_object(self)
-        if versions:
-            version = reversion.get_for_object(self)[0]
-            return version.revision.date_created
-        else:
+        version = self.current_version
+        if version is None:
            return None
+        return version.revision.date_created

    @property
    def last_edited_by(self):
-        versions = reversion.get_for_object(self)
-        if versions:
-            version = reversion.get_for_object(self)[0]
-            return version.revision.user
-        else:
+        version = self.current_version
+        if version is None:
            return None
+        return version.revision.user

    @property
    def current_version_id(self):
-        versions = reversion.get_for_object(self)
-        if versions:
-            version = reversion.get_for_object(self)[0]
-            return "V{0} | R{1}".format(version.pk, version.revision.pk)
-        else:
+        version = self.current_version
+        if version is None:
            return None
+        return "V{0} | R{1}".format(version.pk, version.revision.pk)


@reversion.register
@@ -175,7 +189,7 @@ class Organisation(models.Model, RevisionMixin):

 class VatManager(models.Manager):
    def current_rate(self):
-        return self.find_rate(datetime.datetime.now())
+        return self.find_rate(timezone.now())

    def find_rate(self, date):
        # return self.filter(startAt__lte=date).latest()
@@ -190,7 +204,7 @@ class VatManager(models.Manager):
@reversion.register
@python_2_unicode_compatible
 class VatRate(models.Model, RevisionMixin):
-    start_at = models.DateTimeField()
+    start_at = models.DateField()
    rate = models.DecimalField(max_digits=6, decimal_places=6)
    comment = models.CharField(max_length=255)

@@ -241,18 +255,12 @@ class Venue(models.Model, RevisionMixin):
 class EventManager(models.Manager):
    def current_events(self):
        events = self.filter(
-            (models.Q(start_date__gte=datetime.date.today(), end_date__isnull=True, dry_hire=False) & ~models.Q(
-                status=Event.CANCELLED)) |  # Starts after with no end
-            (models.Q(end_date__gte=datetime.date.today(), dry_hire=False) & ~models.Q(
-                status=Event.CANCELLED)) |  # Ends after
-            (models.Q(dry_hire=True, start_date__gte=datetime.date.today()) & ~models.Q(
-                status=Event.CANCELLED)) |  # Active dry hire
-            (models.Q(dry_hire=True, checked_in_by__isnull=True) & (
-                models.Q(status=Event.BOOKED) | models.Q(status=Event.CONFIRMED))) |  # Active dry hire GT
-            models.Q(status=Event.CANCELLED, start_date__gte=datetime.date.today())  # Canceled but not started
-        ).order_by('start_date', 'end_date', 'start_time', 'end_time', 'meet_at').select_related('person',
-                                                                                                 'organisation',
-                                                                                                 'venue', 'mic')
+            (models.Q(start_date__gte=timezone.now().date(), end_date__isnull=True, dry_hire=False) & ~models.Q(status=Event.CANCELLED)) |  # Starts after with no end
+            (models.Q(end_date__gte=timezone.now().date(), dry_hire=False) & ~models.Q(status=Event.CANCELLED)) |  # Ends after
+            (models.Q(dry_hire=True, start_date__gte=timezone.now().date()) & ~models.Q(status=Event.CANCELLED)) |  # Active dry hire
+            (models.Q(dry_hire=True, checked_in_by__isnull=True) & (models.Q(status=Event.BOOKED) | models.Q(status=Event.CONFIRMED))) |  # Active dry hire GT
+            models.Q(status=Event.CANCELLED, start_date__gte=timezone.now().date())  # Canceled but not started
+        ).order_by('start_date', 'end_date', 'start_time', 'end_time', 'meet_at').select_related('person', 'organisation', 'venue', 'mic')
        return events

    def events_in_bounds(self, start, end):
@@ -275,12 +283,12 @@ class EventManager(models.Manager):

    def rig_count(self):
        event_count = self.filter(
-            (models.Q(start_date__gte=datetime.date.today(), end_date__isnull=True, dry_hire=False,
+            (models.Q(start_date__gte=timezone.now().date(), end_date__isnull=True, dry_hire=False,
                      is_rig=True) & ~models.Q(
                status=Event.CANCELLED)) |  # Starts after with no end
-            (models.Q(end_date__gte=datetime.date.today(), dry_hire=False, is_rig=True) & ~models.Q(
+            (models.Q(end_date__gte=timezone.now().date(), dry_hire=False, is_rig=True) & ~models.Q(
                status=Event.CANCELLED)) |  # Ends after
-            (models.Q(dry_hire=True, start_date__gte=datetime.date.today(), is_rig=True) & ~models.Q(
+            (models.Q(dry_hire=True, start_date__gte=timezone.now().date(), is_rig=True) & ~models.Q(
                status=Event.CANCELLED)) |  # Active dry hire
            (models.Q(dry_hire=True, checked_in_by__isnull=True, is_rig=True) & (
                models.Q(status=Event.BOOKED) | models.Q(status=Event.CONFIRMED)))  # Active dry hire GT
@@ -304,9 +312,9 @@ class Event(models.Model, RevisionMixin):
    )

    name = models.CharField(max_length=255)
-    person = models.ForeignKey('Person', null=True, blank=True)
-    organisation = models.ForeignKey('Organisation', blank=True, null=True)
-    venue = models.ForeignKey('Venue', blank=True, null=True)
+    person = models.ForeignKey('Person', null=True, blank=True, on_delete=models.CASCADE)
+    organisation = models.ForeignKey('Organisation', blank=True, null=True, on_delete=models.CASCADE)
+    venue = models.ForeignKey('Venue', blank=True, null=True, on_delete=models.CASCADE)
    description = models.TextField(blank=True, null=True)
    notes = models.TextField(blank=True, null=True)
    status = models.IntegerField(choices=EVENT_STATUS_CHOICES, default=PROVISIONAL)
@@ -325,9 +333,9 @@ class Event(models.Model, RevisionMixin):
    meet_info = models.CharField(max_length=255, blank=True, null=True)

    # Crew management
-    checked_in_by = models.ForeignKey(settings.AUTH_USER_MODEL, related_name='event_checked_in', blank=True, null=True)
+    checked_in_by = models.ForeignKey(settings.AUTH_USER_MODEL, related_name='event_checked_in', blank=True, null=True, on_delete=models.CASCADE)
    mic = models.ForeignKey(settings.AUTH_USER_MODEL, related_name='event_mic', blank=True, null=True,
-                            verbose_name="MIC")
+                            verbose_name="MIC", on_delete=models.CASCADE)

    # Monies
    payment_method = models.CharField(max_length=255, blank=True, null=True)
@@ -335,6 +343,14 @@ class Event(models.Model, RevisionMixin):
    purchase_order = models.CharField(max_length=255, blank=True, null=True, verbose_name='PO')
    collector = models.CharField(max_length=255, blank=True, null=True, verbose_name='collected by')

+    # Authorisation request details
+    auth_request_by = models.ForeignKey('Profile', null=True, blank=True, on_delete=models.CASCADE)
+    auth_request_at = models.DateTimeField(null=True, blank=True)
+    auth_request_to = models.EmailField(null=True, blank=True)
+
+    # Risk assessment info
+    risk_assessment_edit_url = models.CharField(verbose_name="risk assessment", max_length=255, blank=True, null=True)
+
    # Calculated values
    """
    EX Vat
@@ -367,7 +383,7 @@ class Event(models.Model, RevisionMixin):

    @property
    def vat(self):
-        return self.sum_total * self.vat_rate.rate
+        return Decimal(self.sum_total * self.vat_rate.rate).quantize(Decimal('.01'))

    """
    Inc VAT
@@ -375,7 +391,7 @@ class Event(models.Model, RevisionMixin):

    @property
    def total(self):
-        return self.sum_total + self.vat
+        return Decimal(self.sum_total + self.vat).quantize(Decimal('.01'))

    @property
    def cancelled(self):
@@ -385,6 +401,10 @@ class Event(models.Model, RevisionMixin):
    def confirmed(self):
        return (self.status == self.BOOKED or self.status == self.CONFIRMED)

+    @property
+    def authorised(self):
+        return not self.internal and self.purchase_order or self.authorisation.amount == self.total
+
    @property
    def has_start_time(self):
        return self.start_time is not None
@@ -445,13 +465,17 @@ class Event(models.Model, RevisionMixin):
        else:
            return endDate

+    @property
+    def internal(self):
+        return self.organisation and self.organisation.union_account
+
    objects = EventManager()

    def get_absolute_url(self):
        return reverse_lazy('event_detail', kwargs={'pk': self.pk})

    def __str__(self):
-        return unicode(self.pk) + ": " + self.name
+        return str(self.pk) + ": " + self.name

    def clean(self):
        if self.end_date and self.start_date > self.end_date:
@@ -462,6 +486,10 @@ class Event(models.Model, RevisionMixin):
        if startEndSameDay and hasStartAndEnd and self.start_time > self.end_time:
            raise ValidationError('Unless you\'ve invented time travel, the event can\'t finish before it has started.')

+        accessAndStartSameDay = self.access_at is not None and self.start_date == self.access_at.date()
+        if self.access_at.date() > self.start_date or (accessAndStartSameDay and self.access_at.time() > self.start_time):
+            raise ValidationError('Regardless of what some clients might think, access time cannot be after the event has started.')
+
    def save(self, *args, **kwargs):
        """Call :meth:`full_clean` before saving."""
        self.full_clean()
@@ -474,7 +502,7 @@ class Event(models.Model, RevisionMixin):


 class EventItem(models.Model):
-    event = models.ForeignKey('Event', related_name='items', blank=True)
+    event = models.ForeignKey('Event', related_name='items', blank=True, on_delete=models.CASCADE)
    name = models.CharField(max_length=255)
    description = models.TextField(blank=True, null=True)
    quantity = models.IntegerField()
@@ -493,17 +521,35 @@ class EventItem(models.Model):


 class EventCrew(models.Model):
-    event = models.ForeignKey('Event', related_name='crew')
-    user = models.ForeignKey(settings.AUTH_USER_MODEL)
+    event = models.ForeignKey('Event', related_name='crew', on_delete=models.CASCADE)
+    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
    rig = models.BooleanField(default=False)
    run = models.BooleanField(default=False)
    derig = models.BooleanField(default=False)
    notes = models.TextField(blank=True, null=True)


+@reversion.register
+class EventAuthorisation(models.Model, RevisionMixin):
+    event = models.OneToOneField('Event', related_name='authorisation', on_delete=models.CASCADE)
+    email = models.EmailField()
+    name = models.CharField(max_length=255)
+    uni_id = models.CharField(max_length=10, blank=True, null=True, verbose_name="University ID")
+    account_code = models.CharField(max_length=50, blank=True, null=True)
+    amount = models.DecimalField(max_digits=10, decimal_places=2, verbose_name="authorisation amount")
+    sent_by = models.ForeignKey('RIGS.Profile', on_delete=models.CASCADE)
+
+    def get_absolute_url(self):
+        return reverse_lazy('event_detail', kwargs={'pk': self.event.pk})
+
+    @property
+    def activity_feed_string(self):
+        return str("N%05d" % self.event.pk + ' (requested by ' + self.sent_by.initials + ')')
+
+
@python_2_unicode_compatible
 class Invoice(models.Model):
-    event = models.OneToOneField('Event')
+    event = models.OneToOneField('Event', on_delete=models.CASCADE)
    invoice_date = models.DateField(auto_now_add=True)
    void = models.BooleanField(default=False)

@@ -555,7 +601,7 @@ class Payment(models.Model):
        (ADJUSTMENT, 'TEC Adjustment'),
    )

-    invoice = models.ForeignKey('Invoice')
+    invoice = models.ForeignKey('Invoice', on_delete=models.CASCADE)
    date = models.DateField()
    amount = models.DecimalField(max_digits=10, decimal_places=2, help_text='Please use ex. VAT')
    method = models.CharField(max_length=2, choices=METHODS, null=True, blank=True)
--- a/RIGS/regbackend.py
+++ b/RIGS/regbackend.py
@@ -1,13 +1,15 @@
 from RIGS.models import Profile
 from RIGS.forms import ProfileRegistrationFormUniqueEmail
+from registration.signals import user_registered
+

 def user_created(sender, user, request, **kwargs):
-	form = ProfileRegistrationFormUniqueEmail(request.POST)
-	user.first_name = form.data['first_name']
-	user.last_name = form.data['last_name']
-	user.initials = form.data['initials']
-	user.phone = form.data['phone']
-	user.save()
+    form = ProfileRegistrationFormUniqueEmail(request.POST)
+    user.first_name = form.data['first_name']
+    user.last_name = form.data['last_name']
+    user.initials = form.data['initials']
+    # user.phone = form.data['phone']
+    user.save()

-from registration.signals import user_registered
-user_registered.connect(user_created)
+
+user_registered.connect(user_created)
--- a/RIGS/rigboard.py
+++ b/RIGS/rigboard.py
@@ -1,21 +1,31 @@
-import os
-import cStringIO as StringIO
 from io import BytesIO
-import urllib2
+import urllib.request
+import urllib.error
+import urllib.parse

+from django.contrib.staticfiles.storage import staticfiles_storage
+from django.core.mail import EmailMessage, EmailMultiAlternatives
 from django.views import generic
-from django.core.urlresolvers import reverse_lazy
+from django.urls import reverse_lazy
 from django.shortcuts import get_object_or_404
 from django.template import RequestContext
 from django.template.loader import get_template
 from django.conf import settings
+from django.urls import reverse
+from django.core import signing
 from django.http import HttpResponse
+from django.core.exceptions import SuspiciousOperation
 from django.db.models import Q
 from django.contrib import messages
+from django.utils.decorators import method_decorator
+from django.views.decorators.csrf import csrf_exempt
 from z3c.rml import rml2pdf
 from PyPDF2 import PdfFileMerger, PdfFileReader
+import simplejson
+import premailer

 from RIGS import models, forms
+from PyRIGS import decorators
 import datetime
 import re
 import copy
@@ -34,19 +44,62 @@ class RigboardIndex(generic.TemplateView):
        context['events'] = models.Event.objects.current_events()
        return context

+
 class WebCalendar(generic.TemplateView):
    template_name = 'RIGS/calendar.html'

    def get_context_data(self, **kwargs):
        context = super(WebCalendar, self).get_context_data(**kwargs)
-        context['view'] = kwargs.get('view','')
-        context['date'] = kwargs.get('date','')
+        context['view'] = kwargs.get('view', '')
+        context['date'] = kwargs.get('date', '')
        return context

+
 class EventDetail(generic.DetailView):
    model = models.Event


+class EventOembed(generic.View):
+    model = models.Event
+
+    def get(self, request, pk=None):
+        embed_url = reverse('event_embed', args=[pk])
+        full_url = "{0}://{1}{2}".format(request.scheme, request.META['HTTP_HOST'], embed_url)
+
+        data = {
+            'html': '<iframe src="{0}" frameborder="0" width="100%" height="250"></iframe>'.format(full_url),
+            'version': '1.0',
+            'type': 'rich',
+            'height': '250'
+        }
+
+        json = simplejson.JSONEncoderForHTML().encode(data)
+        return HttpResponse(json, content_type="application/json")
+
+
+class EventEmbed(EventDetail):
+    template_name = 'RIGS/event_embed.html'
+
+
+class EventRA(generic.base.RedirectView):
+    permanent = False
+
+    def get_redirect_url(self, *args, **kwargs):
+        event = get_object_or_404(models.Event, pk=kwargs['pk'])
+
+        if event.risk_assessment_edit_url:
+            return event.risk_assessment_edit_url
+
+        params = {
+            'entry.708610078': f'N{event.pk:05}',
+            'entry.905899507': event.name,
+            'entry.139491562': event.venue.name if event.venue else '',
+            'entry.1689826056': event.start_date.strftime('%Y-%m-%d') + ((' - ' + event.end_date.strftime('%Y-%m-%d')) if event.end_date else ''),
+            'entry.902421165': event.mic.name if event.mic else ''
+        }
+        return settings.RISK_ASSESSMENT_URL + "?" + urllib.parse.urlencode(params)
+
+
 class EventCreate(generic.CreateView):
    model = models.Event
    form_class = forms.EventForm
@@ -59,10 +112,9 @@ class EventCreate(generic.CreateView):
        form = context['form']
        if re.search('"-\d+"', form['items_json'].value()):
            messages.info(self.request, "Your item changes have been saved. Please fix the errors and save the event.")
-        

        # Get some other objects to include in the form. Used when there are errors but also nice and quick.
-        for field, model in form.related_models.iteritems():
+        for field, model in form.related_models.items():
            value = form[field].value()
            if value is not None and value != '':
                context[field] = model.objects.get(pk=value)
@@ -83,25 +135,49 @@ class EventUpdate(generic.UpdateView):
        form = context['form']

        # Get some other objects to include in the form. Used when there are errors but also nice and quick.
-        for field, model in form.related_models.iteritems():
+        for field, model in form.related_models.items():
            value = form[field].value()
            if value is not None and value != '':
                context[field] = model.objects.get(pk=value)
+
        return context

+    def render_to_response(self, context, **response_kwargs):
+        if not hasattr(context, 'duplicate'):
+            # If this event has already been emailed to a client, show a warning
+            if self.object.auth_request_at is not None:
+                messages.info(self.request, 'This event has already been sent to the client for authorisation, any changes you make will be visible to them immediately.')
+
+            if hasattr(self.object, 'authorised'):
+                messages.warning(self.request, 'This event has already been authorised by client, any changes to price will require reauthorisation.')
+        return super(EventUpdate, self).render_to_response(context, **response_kwargs)
+
    def get_success_url(self):
        return reverse_lazy('event_detail', kwargs={'pk': self.object.pk})

+
 class EventDuplicate(EventUpdate):
    def get_object(self, queryset=None):
-        old = super(EventDuplicate, self).get_object(queryset) # Get the object (the event you're duplicating)
-        new = copy.copy(old) # Make a copy of the object in memory
-        new.based_on = old # Make the new event based on the old event
+        old = super(EventDuplicate, self).get_object(queryset)  # Get the object (the event you're duplicating)
+        new = copy.copy(old)  # Make a copy of the object in memory
+        new.based_on = old  # Make the new event based on the old event
+        new.purchase_order = None  # Remove old PO
+        new.status = new.PROVISIONAL  # Return status to provisional

-        if self.request.method in ('POST', 'PUT'): # This only happens on save (otherwise items won't display in editor)
-            new.pk = None # This means a new event will be created on save, and all items will be re-created
+        # Clear checked in by if it's a dry hire
+        if new.dry_hire is True:
+            new.checked_in_by = None

-        messages.info(self.request, 'Event data duplicated but not yet saved. Click save to complete operation.')
+        # Remove all the authorisation information from the new event
+        new.auth_request_to = None
+        new.auth_request_by = None
+        new.auth_request_at = None
+
+        if self.request.method in (
+                'POST', 'PUT'):  # This only happens on save (otherwise items won't display in editor)
+            new.pk = None  # This means a new event will be created on save, and all items will be re-created
+        else:
+            messages.info(self.request, 'Event data duplicated but not yet saved. Click save to complete operation.')

        return new

@@ -110,41 +186,34 @@ class EventDuplicate(EventUpdate):
        context["duplicate"] = True
        return context

+
 class EventPrint(generic.View):
    def get(self, request, pk):
        object = get_object_or_404(models.Event, pk=pk)
        template = get_template('RIGS/event_print.xml')
-        copies = ('TEC', 'Client')

        merger = PdfFileMerger()

-        for copy in copies:
+        context = {
+            'object': object,
+            'fonts': {
+                'opensans': {
+                    'regular': 'RIGS/static/fonts/OPENSANS-REGULAR.TTF',
+                    'bold': 'RIGS/static/fonts/OPENSANS-BOLD.TTF',
+                }
+            },
+            'quote': True,
+            'current_user': request.user,
+        }

-            context = RequestContext(request, { # this should be outside the loop, but bug in 1.8.2 prevents this
-                'object': object,
-                'fonts': {
-                    'opensans': {
-                        'regular': 'RIGS/static/fonts/OPENSANS-REGULAR.TTF',
-                        'bold': 'RIGS/static/fonts/OPENSANS-BOLD.TTF',
-                    }
-                },
-                'copy':copy,
-                'current_user':request.user,
-            })
+        rml = template.render(context)

-            # context['copy'] = copy # this is the way to do it once we upgrade to Django 1.8.3
+        buffer = rml2pdf.parseString(rml)
+        merger.append(PdfFileReader(buffer))
+        buffer.close()

-            rml = template.render(context)
-            buffer = StringIO.StringIO()
-
-            buffer = rml2pdf.parseString(rml)
-
-            merger.append(PdfFileReader(buffer))
-
-            buffer.close()
-
-        terms = urllib2.urlopen(settings.TERMS_OF_HIRE_URL)
-        merger.append(StringIO.StringIO(terms.read()))
+        terms = urllib.request.urlopen(settings.TERMS_OF_HIRE_URL)
+        merger.append(BytesIO(terms.read()))

        merged = BytesIO()
        merger.write(merged)
@@ -157,6 +226,7 @@ class EventPrint(generic.View):
        response.write(merged.getvalue())
        return response

+
 class EventArchive(generic.ArchiveIndexView):
    model = models.Event
    date_field = "start_date"
@@ -192,4 +262,175 @@ class EventArchive(generic.ArchiveIndexView):
        if len(qs) == 0:
            messages.add_message(self.request, messages.WARNING, "No events have been found matching those criteria.")

-        return qs
+        return qs
+
+
+class EventAuthorise(generic.UpdateView):
+    template_name = 'RIGS/eventauthorisation_form.html'
+    success_template = 'RIGS/eventauthorisation_success.html'
+
+    def form_valid(self, form):
+        self.object = form.save()
+
+        self.template_name = self.success_template
+        messages.add_message(self.request, messages.SUCCESS,
+                             'Success! Your event has been authorised. ' +
+                             'You will also receive email confirmation to %s.' % (self.object.email))
+        return self.render_to_response(self.get_context_data())
+
+    @property
+    def event(self):
+        return models.Event.objects.select_related('organisation', 'person', 'venue').get(pk=self.kwargs['pk'])
+
+    def get_object(self, queryset=None):
+        return getattr(self.event, 'authorisation', None)
+
+    def get_form_class(self):
+        return forms.InternalClientEventAuthorisationForm
+
+    def get_context_data(self, **kwargs):
+        context = super(EventAuthorise, self).get_context_data(**kwargs)
+        context['event'] = self.event
+
+        context['tos_url'] = settings.TERMS_OF_HIRE_URL
+        return context
+
+    def get(self, request, *args, **kwargs):
+        if self.get_object() is not None and self.get_object().pk is not None:
+            if self.event.authorised:
+                messages.add_message(self.request, messages.WARNING,
+                                     "This event has already been authorised. "
+                                     "Reauthorising is not necessary at this time.")
+            else:
+                messages.add_message(self.request, messages.WARNING,
+                                     "This event has already been authorised, but the amount has changed. " +
+                                     "Please check the amount and reauthorise.")
+        return super(EventAuthorise, self).get(request, *args, **kwargs)
+
+    def get_form(self, **kwargs):
+        form = super(EventAuthorise, self).get_form(**kwargs)
+        form.instance.event = self.event
+        form.instance.email = self.request.email
+        form.instance.sent_by = self.request.sent_by
+        return form
+
+    def dispatch(self, request, *args, **kwargs):
+        # Verify our signature matches up and all is well with the integrity of the URL
+        try:
+            data = signing.loads(kwargs.get('hmac'))
+            assert int(kwargs.get('pk')) == int(data.get('pk'))
+            request.email = data['email']
+            request.sent_by = models.Profile.objects.get(pk=data['sent_by'])
+        except (signing.BadSignature, AssertionError, KeyError, models.Profile.DoesNotExist):
+            raise SuspiciousOperation(
+                "This URL is invalid. Please ask your TEC contact for a new URL")
+        return super(EventAuthorise, self).dispatch(request, *args, **kwargs)
+
+
+class EventAuthorisationRequest(generic.FormView, generic.detail.SingleObjectMixin):
+    model = models.Event
+    form_class = forms.EventAuthorisationRequestForm
+    template_name = 'RIGS/eventauthorisation_request.html'
+
+    @method_decorator(decorators.nottinghamtec_address_required)
+    def dispatch(self, *args, **kwargs):
+        return super(EventAuthorisationRequest, self).dispatch(*args, **kwargs)
+
+    @property
+    def object(self):
+        return self.get_object()
+
+    def get_success_url(self):
+        if self.request.is_ajax():
+            url = reverse_lazy('closemodal')
+            messages.info(self.request, "location.reload()")
+        else:
+            url = reverse_lazy('event_detail', kwargs={
+                'pk': self.object.pk,
+            })
+            messages.add_message(self.request, messages.SUCCESS, "Authorisation request successfully sent.")
+        return url
+
+    def form_valid(self, form):
+        email = form.cleaned_data['email']
+        event = self.object
+        event.auth_request_by = self.request.user
+        event.auth_request_at = datetime.datetime.now()
+        event.auth_request_to = email
+        event.save()
+
+        context = {
+            'object': self.object,
+            'request': self.request,
+            'hmac': signing.dumps({
+                'pk': self.object.pk,
+                'email': email,
+                'sent_by': self.request.user.pk,
+            }),
+        }
+        if event.person is not None and email == event.person.email:
+            context['to_name'] = event.person.name
+        elif event.organisation is not None and email == event.organisation.email:
+            context['to_name'] = event.organisation.name
+
+        msg = EmailMultiAlternatives(
+            "N%05d | %s - Event Authorisation Request" % (self.object.pk, self.object.name),
+            get_template("RIGS/eventauthorisation_client_request.txt").render(context),
+            to=[email],
+            reply_to=[self.request.user.email],
+        )
+        css = staticfiles_storage.path('css/email.css')
+        html = premailer.Premailer(get_template("RIGS/eventauthorisation_client_request.html").render(context),
+                                   external_styles=css).transform()
+        msg.attach_alternative(html, 'text/html')
+
+        msg.send()
+
+        return super(EventAuthorisationRequest, self).form_valid(form)
+
+
+class EventAuthoriseRequestEmailPreview(generic.DetailView):
+    template_name = "RIGS/eventauthorisation_client_request.html"
+    model = models.Event
+
+    def render_to_response(self, context, **response_kwargs):
+        from django.contrib.staticfiles.storage import staticfiles_storage
+        css = staticfiles_storage.path('css/email.css')
+        response = super(EventAuthoriseRequestEmailPreview, self).render_to_response(context, **response_kwargs)
+        assert isinstance(response, HttpResponse)
+        response.content = premailer.Premailer(response.rendered_content, external_styles=css).transform()
+        return response
+
+    def get_context_data(self, **kwargs):
+        context = super(EventAuthoriseRequestEmailPreview, self).get_context_data(**kwargs)
+        context['hmac'] = signing.dumps({
+            'pk': self.object.pk,
+            'email': self.request.GET.get('email', 'hello@world.test'),
+            'sent_by': self.request.user.pk,
+        })
+        context['to_name'] = self.request.GET.get('to_name', None)
+        return context
+
+
+@method_decorator(csrf_exempt, name='dispatch')
+class LogRiskAssessment(generic.View):
+    http_method_names = ["post"]
+
+    def post(self, request, **kwargs):
+        data = request.POST
+        shared_secret = data.get("secret")
+        edit_url = data.get("editUrl")
+        rig_number = data.get("rigNum")
+        if shared_secret is None or edit_url is None or rig_number is None:
+            return HttpResponse(status=422)
+
+        if shared_secret != settings.RISK_ASSESSMENT_SECRET:
+            return HttpResponse(status=403)
+
+        rig_number = int(re.sub("[^0-9]", "", rig_number))
+
+        event = get_object_or_404(models.Event, pk=rig_number)
+        event.risk_assessment_edit_url = edit_url
+        event.save()
+
+        return HttpResponse(status=200)
--- a/RIGS/signals.py
+++ b/RIGS/signals.py
@@ -0,0 +1,140 @@
+import datetime
+import re
+import urllib.request
+import urllib.error
+import urllib.parse
+from io import BytesIO
+
+from django.db.models.signals import post_save
+from PyPDF2 import PdfFileReader, PdfFileMerger
+from django.conf import settings
+from django.contrib.staticfiles.storage import staticfiles_storage
+from django.core.mail import EmailMessage, EmailMultiAlternatives
+from django.template.loader import get_template
+from django.urls import reverse
+from django.utils import timezone
+from registration.signals import user_activated
+from premailer import Premailer
+from z3c.rml import rml2pdf
+
+from RIGS import models
+
+
+def send_eventauthorisation_success_email(instance):
+    # Generate PDF first to prevent context conflicts
+    context = {
+        'object': instance.event,
+        'fonts': {
+            'opensans': {
+                'regular': 'RIGS/static/fonts/OPENSANS-REGULAR.TTF',
+                'bold': 'RIGS/static/fonts/OPENSANS-BOLD.TTF',
+            }
+        },
+        'receipt': True,
+        'current_user': False,
+    }
+
+    template = get_template('RIGS/event_print.xml')
+    merger = PdfFileMerger()
+
+    rml = template.render(context)
+
+    buffer = rml2pdf.parseString(rml)
+    merger.append(PdfFileReader(buffer))
+    buffer.close()
+
+    terms = urllib.request.urlopen(settings.TERMS_OF_HIRE_URL)
+    merger.append(BytesIO(terms.read()))
+
+    merged = BytesIO()
+    merger.write(merged)
+
+    # Produce email content
+    context = {
+        'object': instance,
+    }
+
+    if instance.event.person is not None and instance.email == instance.event.person.email:
+        context['to_name'] = instance.event.person.name
+    elif instance.event.organisation is not None and instance.email == instance.event.organisation.email:
+        context['to_name'] = instance.event.organisation.name
+
+    subject = "N%05d | %s - Event Authorised" % (instance.event.pk, instance.event.name)
+
+    client_email = EmailMultiAlternatives(
+        subject,
+        get_template("RIGS/eventauthorisation_client_success.txt").render(context),
+        to=[instance.email],
+        reply_to=[settings.AUTHORISATION_NOTIFICATION_ADDRESS],
+    )
+
+    css = staticfiles_storage.path('css/email.css')
+    html = Premailer(get_template("RIGS/eventauthorisation_client_success.html").render(context),
+                     external_styles=css).transform()
+    client_email.attach_alternative(html, 'text/html')
+
+    escapedEventName = re.sub('[^a-zA-Z0-9 \n\.]', '', instance.event.name)
+
+    client_email.attach('N%05d - %s - CONFIRMATION.pdf' % (instance.event.pk, escapedEventName),
+                        merged.getvalue(),
+                        'application/pdf'
+                        )
+
+    if instance.event.mic:
+        mic_email_address = instance.event.mic.email
+    else:
+        mic_email_address = settings.AUTHORISATION_NOTIFICATION_ADDRESS
+
+    mic_email = EmailMessage(
+        subject,
+        get_template("RIGS/eventauthorisation_mic_success.txt").render(context),
+        to=[mic_email_address]
+    )
+
+    # Now we have both emails successfully generated, send them out
+    client_email.send(fail_silently=True)
+    mic_email.send(fail_silently=True)
+
+    # Set event to booked now that it's authorised
+    instance.event.status = models.Event.BOOKED
+    instance.event.save()
+
+
+def on_revision_commit(sender, instance, created, **kwargs):
+    if created:
+        send_eventauthorisation_success_email(instance)
+
+
+post_save.connect(on_revision_commit, sender=models.EventAuthorisation)
+
+
+def send_admin_awaiting_approval_email(user, request, **kwargs):
+    # Bit more controlled than just emailing all superusers
+    for admin in models.Profile.admins():
+        # Check we've ever emailed them before and if so, if cooldown has passed.
+        if admin.last_emailed is None or admin.last_emailed + settings.EMAIL_COOLDOWN <= timezone.now():
+            context = {
+                'request': request,
+                'link_suffix': reverse("admin:RIGS_profile_changelist") + '?is_approved__exact=0',
+                'number_of_users': models.Profile.users_awaiting_approval_count(),
+                'to_name': admin.first_name
+            }
+
+            email = EmailMultiAlternatives(
+                "%s new users awaiting approval on RIGS" % (context['number_of_users']),
+                get_template("RIGS/admin_awaiting_approval.txt").render(context),
+                to=[admin.email],
+                reply_to=[user.email],
+            )
+            css = staticfiles_storage.path('css/email.css')
+            html = Premailer(get_template("RIGS/admin_awaiting_approval.html").render(context),
+                             external_styles=css).transform()
+            email.attach_alternative(html, 'text/html')
+            email.send()
+
+            # Update last sent
+            admin.last_emailed = timezone.now()
+            admin.save()
+
+
+user_activated.connect(send_admin_awaiting_approval_email)
--- a/RIGS/static/config.rb
+++ b/RIGS/static/config.rb
@@ -0,0 +1,27 @@
+# Require any additional compass plugins here.
+require 'bootstrap-sass'
+
+# Set this to the root of your project when deployed:
+http_path = "/static/"
+css_dir = "css"
+sass_dir = "scss"
+images_dir = "img"
+javascripts_dir = "js"
+fonts_dir = "fonts"
+
+# You can select your preferred output style here (can be overridden via the command line):
+# output_style = :expanded or :nested or :compact or :compressed
+output_style = :compressed
+
+# To enable relative paths to assets via compass helper functions. Uncomment:
+# relative_assets = true
+
+# To disable debugging comments that display the original location of your selectors. Uncomment:
+# line_comments = false
+
+
+# If you prefer the indented syntax, you might want to regenerate this
+# project again passing --syntax sass, or you can uncomment this:
+# preferred_syntax = :sass
+# and then run:
+# sass-convert -R --from scss --to sass sass scss && rm -rf sass && mv scss sass
--- a/RIGS/static/css/ajax-bootstrap-select.css
+++ b/RIGS/static/css/ajax-bootstrap-select.css
@@ -0,0 +1,27 @@
+/*!
+ * Ajax Bootstrap Select
+ *
+ * Extends existing [Bootstrap Select] implementations by adding the ability to search via AJAX requests as you type. Originally for CROSCON.
+ *
+ * @version 1.3.1
+ * @author Adam Heim - https://github.com/truckingsim
+ * @link https://github.com/truckingsim/Ajax-Bootstrap-Select
+ * @copyright 2015 Adam Heim
+ * @license Released under the MIT license.
+ *
+ * Contributors:
+ *   Mark Carver - https://github.com/markcarver
+ *
+ * Last build: 2015-01-06 8:43:11 PM EST
+ */
+.bootstrap-select .status {
+  background: #f0f0f0;
+  clear: both;
+  color: #999;
+  font-size: 11px;
+  font-style: italic;
+  font-weight: 500;
+  line-height: 1;
+  margin-bottom: -5px;
+  padding: 10px 20px;
+}
--- a/RIGS/static/css/bootstrap-datetimepicker.min.css
+++ b/RIGS/static/css/bootstrap-datetimepicker.min.css
@@ -0,0 +1,366 @@
+/*!
+ * Datetimepicker for Bootstrap 3
+ * ! version : 4.7.14
+ * https://github.com/Eonasdan/bootstrap-datetimepicker/
+ */
+.bootstrap-datetimepicker-widget {
+  list-style: none;
+}
+.bootstrap-datetimepicker-widget.dropdown-menu {
+  margin: 2px 0;
+  padding: 4px;
+  width: 19em;
+}
+@media (min-width: 768px) {
+  .bootstrap-datetimepicker-widget.dropdown-menu.timepicker-sbs {
+    width: 38em;
+  }
+}
+@media (min-width: 992px) {
+  .bootstrap-datetimepicker-widget.dropdown-menu.timepicker-sbs {
+    width: 38em;
+  }
+}
+@media (min-width: 1200px) {
+  .bootstrap-datetimepicker-widget.dropdown-menu.timepicker-sbs {
+    width: 38em;
+  }
+}
+.bootstrap-datetimepicker-widget.dropdown-menu:before,
+.bootstrap-datetimepicker-widget.dropdown-menu:after {
+  content: '';
+  display: inline-block;
+  position: absolute;
+}
+.bootstrap-datetimepicker-widget.dropdown-menu.bottom:before {
+  border-left: 7px solid transparent;
+  border-right: 7px solid transparent;
+  border-bottom: 7px solid #cccccc;
+  border-bottom-color: rgba(0, 0, 0, 0.2);
+  top: -7px;
+  left: 7px;
+}
+.bootstrap-datetimepicker-widget.dropdown-menu.bottom:after {
+  border-left: 6px solid transparent;
+  border-right: 6px solid transparent;
+  border-bottom: 6px solid white;
+  top: -6px;
+  left: 8px;
+}
+.bootstrap-datetimepicker-widget.dropdown-menu.top:before {
+  border-left: 7px solid transparent;
+  border-right: 7px solid transparent;
+  border-top: 7px solid #cccccc;
+  border-top-color: rgba(0, 0, 0, 0.2);
+  bottom: -7px;
+  left: 6px;
+}
+.bootstrap-datetimepicker-widget.dropdown-menu.top:after {
+  border-left: 6px solid transparent;
+  border-right: 6px solid transparent;
+  border-top: 6px solid white;
+  bottom: -6px;
+  left: 7px;
+}
+.bootstrap-datetimepicker-widget.dropdown-menu.pull-right:before {
+  left: auto;
+  right: 6px;
+}
+.bootstrap-datetimepicker-widget.dropdown-menu.pull-right:after {
+  left: auto;
+  right: 7px;
+}
+.bootstrap-datetimepicker-widget .list-unstyled {
+  margin: 0;
+}
+.bootstrap-datetimepicker-widget a[data-action] {
+  padding: 6px 0;
+}
+.bootstrap-datetimepicker-widget a[data-action]:active {
+  box-shadow: none;
+}
+.bootstrap-datetimepicker-widget .timepicker-hour,
+.bootstrap-datetimepicker-widget .timepicker-minute,
+.bootstrap-datetimepicker-widget .timepicker-second {
+  width: 54px;
+  font-weight: bold;
+  font-size: 1.2em;
+  margin: 0;
+}
+.bootstrap-datetimepicker-widget button[data-action] {
+  padding: 6px;
+}
+.bootstrap-datetimepicker-widget .btn[data-action="incrementHours"]::after {
+  position: absolute;
+  width: 1px;
+  height: 1px;
+  margin: -1px;
+  padding: 0;
+  overflow: hidden;
+  clip: rect(0, 0, 0, 0);
+  border: 0;
+  content: "Increment Hours";
+}
+.bootstrap-datetimepicker-widget .btn[data-action="incrementMinutes"]::after {
+  position: absolute;
+  width: 1px;
+  height: 1px;
+  margin: -1px;
+  padding: 0;
+  overflow: hidden;
+  clip: rect(0, 0, 0, 0);
+  border: 0;
+  content: "Increment Minutes";
+}
+.bootstrap-datetimepicker-widget .btn[data-action="decrementHours"]::after {
+  position: absolute;
+  width: 1px;
+  height: 1px;
+  margin: -1px;
+  padding: 0;
+  overflow: hidden;
+  clip: rect(0, 0, 0, 0);
+  border: 0;
+  content: "Decrement Hours";
+}
+.bootstrap-datetimepicker-widget .btn[data-action="decrementMinutes"]::after {
+  position: absolute;
+  width: 1px;
+  height: 1px;
+  margin: -1px;
+  padding: 0;
+  overflow: hidden;
+  clip: rect(0, 0, 0, 0);
+  border: 0;
+  content: "Decrement Minutes";
+}
+.bootstrap-datetimepicker-widget .btn[data-action="showHours"]::after {
+  position: absolute;
+  width: 1px;
+  height: 1px;
+  margin: -1px;
+  padding: 0;
+  overflow: hidden;
+  clip: rect(0, 0, 0, 0);
+  border: 0;
+  content: "Show Hours";
+}
+.bootstrap-datetimepicker-widget .btn[data-action="showMinutes"]::after {
+  position: absolute;
+  width: 1px;
+  height: 1px;
+  margin: -1px;
+  padding: 0;
+  overflow: hidden;
+  clip: rect(0, 0, 0, 0);
+  border: 0;
+  content: "Show Minutes";
+}
+.bootstrap-datetimepicker-widget .btn[data-action="togglePeriod"]::after {
+  position: absolute;
+  width: 1px;
+  height: 1px;
+  margin: -1px;
+  padding: 0;
+  overflow: hidden;
+  clip: rect(0, 0, 0, 0);
+  border: 0;
+  content: "Toggle AM/PM";
+}
+.bootstrap-datetimepicker-widget .btn[data-action="clear"]::after {
+  position: absolute;
+  width: 1px;
+  height: 1px;
+  margin: -1px;
+  padding: 0;
+  overflow: hidden;
+  clip: rect(0, 0, 0, 0);
+  border: 0;
+  content: "Clear the picker";
+}
+.bootstrap-datetimepicker-widget .btn[data-action="today"]::after {
+  position: absolute;
+  width: 1px;
+  height: 1px;
+  margin: -1px;
+  padding: 0;
+  overflow: hidden;
+  clip: rect(0, 0, 0, 0);
+  border: 0;
+  content: "Set the date to today";
+}
+.bootstrap-datetimepicker-widget .picker-switch {
+  text-align: center;
+}
+.bootstrap-datetimepicker-widget .picker-switch::after {
+  position: absolute;
+  width: 1px;
+  height: 1px;
+  margin: -1px;
+  padding: 0;
+  overflow: hidden;
+  clip: rect(0, 0, 0, 0);
+  border: 0;
+  content: "Toggle Date and Time Screens";
+}
+.bootstrap-datetimepicker-widget .picker-switch td {
+  padding: 0;
+  margin: 0;
+  height: auto;
+  width: auto;
+  line-height: inherit;
+}
+.bootstrap-datetimepicker-widget .picker-switch td span {
+  line-height: 2.5;
+  height: 2.5em;
+  width: 100%;
+}
+.bootstrap-datetimepicker-widget table {
+  width: 100%;
+  margin: 0;
+}
+.bootstrap-datetimepicker-widget table td,
+.bootstrap-datetimepicker-widget table th {
+  text-align: center;
+  border-radius: 4px;
+}
+.bootstrap-datetimepicker-widget table th {
+  height: 20px;
+  line-height: 20px;
+  width: 20px;
+}
+.bootstrap-datetimepicker-widget table th.picker-switch {
+  width: 145px;
+}
+.bootstrap-datetimepicker-widget table th.disabled,
+.bootstrap-datetimepicker-widget table th.disabled:hover {
+  background: none;
+  color: #777777;
+  cursor: not-allowed;
+}
+.bootstrap-datetimepicker-widget table th.prev::after {
+  position: absolute;
+  width: 1px;
+  height: 1px;
+  margin: -1px;
+  padding: 0;
+  overflow: hidden;
+  clip: rect(0, 0, 0, 0);
+  border: 0;
+  content: "Previous Month";
+}
+.bootstrap-datetimepicker-widget table th.next::after {
+  position: absolute;
+  width: 1px;
+  height: 1px;
+  margin: -1px;
+  padding: 0;
+  overflow: hidden;
+  clip: rect(0, 0, 0, 0);
+  border: 0;
+  content: "Next Month";
+}
+.bootstrap-datetimepicker-widget table thead tr:first-child th {
+  cursor: pointer;
+}
+.bootstrap-datetimepicker-widget table thead tr:first-child th:hover {
+  background: #eeeeee;
+}
+.bootstrap-datetimepicker-widget table td {
+  height: 54px;
+  line-height: 54px;
+  width: 54px;
+}
+.bootstrap-datetimepicker-widget table td.cw {
+  font-size: .8em;
+  height: 20px;
+  line-height: 20px;
+  color: #777777;
+}
+.bootstrap-datetimepicker-widget table td.day {
+  height: 20px;
+  line-height: 20px;
+  width: 20px;
+}
+.bootstrap-datetimepicker-widget table td.day:hover,
+.bootstrap-datetimepicker-widget table td.hour:hover,
+.bootstrap-datetimepicker-widget table td.minute:hover,
+.bootstrap-datetimepicker-widget table td.second:hover {
+  background: #eeeeee;
+  cursor: pointer;
+}
+.bootstrap-datetimepicker-widget table td.old,
+.bootstrap-datetimepicker-widget table td.new {
+  color: #777777;
+}
+.bootstrap-datetimepicker-widget table td.today {
+  position: relative;
+}
+.bootstrap-datetimepicker-widget table td.today:before {
+  content: '';
+  display: inline-block;
+  border: 0 0 7px 7px solid transparent;
+  border-bottom-color: #337ab7;
+  border-top-color: rgba(0, 0, 0, 0.2);
+  position: absolute;
+  bottom: 4px;
+  right: 4px;
+}
+.bootstrap-datetimepicker-widget table td.active,
+.bootstrap-datetimepicker-widget table td.active:hover {
+  background-color: #337ab7;
+  color: #ffffff;
+  text-shadow: 0 -1px 0 rgba(0, 0, 0, 0.25);
+}
+.bootstrap-datetimepicker-widget table td.active.today:before {
+  border-bottom-color: #fff;
+}
+.bootstrap-datetimepicker-widget table td.disabled,
+.bootstrap-datetimepicker-widget table td.disabled:hover {
+  background: none;
+  color: #777777;
+  cursor: not-allowed;
+}
+.bootstrap-datetimepicker-widget table td span {
+  display: inline-block;
+  width: 54px;
+  height: 54px;
+  line-height: 54px;
+  margin: 2px 1.5px;
+  cursor: pointer;
+  border-radius: 4px;
+}
+.bootstrap-datetimepicker-widget table td span:hover {
+  background: #eeeeee;
+}
+.bootstrap-datetimepicker-widget table td span.active {
+  background-color: #337ab7;
+  color: #ffffff;
+  text-shadow: 0 -1px 0 rgba(0, 0, 0, 0.25);
+}
+.bootstrap-datetimepicker-widget table td span.old {
+  color: #777777;
+}
+.bootstrap-datetimepicker-widget table td span.disabled,
+.bootstrap-datetimepicker-widget table td span.disabled:hover {
+  background: none;
+  color: #777777;
+  cursor: not-allowed;
+}
+.bootstrap-datetimepicker-widget.usetwentyfour td.hour {
+  height: 27px;
+  line-height: 27px;
+}
+.input-group.date .input-group-addon {
+  cursor: pointer;
+}
+.sr-only {
+  position: absolute;
+  width: 1px;
+  height: 1px;
+  margin: -1px;
+  padding: 0;
+  overflow: hidden;
+  clip: rect(0, 0, 0, 0);
+  border: 0;
+}
--- a/RIGS/static/css/bootstrap-select.min.css
+++ b/RIGS/static/css/bootstrap-select.min.css
--- a/RIGS/static/css/email.css
+++ b/RIGS/static/css/email.css
@@ -0,0 +1 @@
+body{margin:0px}.main-table{width:100%;border-collapse:collapse}.client-header{background-image:url("https://www.nottinghamtec.co.uk/imgs/wof2014-1.jpg");background-color:#222;background-repeat:no-repeat;background-position:center;width:100%;margin-bottom:28px}.client-header .logos{width:100%;max-width:640px}.client-header img{height:110px}.content-container{width:100%}.content-container .content{font-family:"Open Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;width:100%;max-width:600px;padding:10px;text-align:left}.content-container .content .button-container{width:100%}.content-container .content .button-container .button{padding:6px 12px;background-color:#357ebf;border-radius:4px}.content-container .content .button-container .button a{color:#fff;text-decoration:none}
--- a/RIGS/static/css/fullcalendar.css
+++ b/RIGS/static/css/fullcalendar.css
--- a/RIGS/static/css/fullcalendar.print.css
+++ b/RIGS/static/css/fullcalendar.print.css
@@ -0,0 +1,202 @@
+/*!
+ * FullCalendar v2.3.1 Print Stylesheet
+ * Docs & License: http://fullcalendar.io/
+ * (c) 2015 Adam Shaw
+ */
+
+/*
+ * Include this stylesheet on your page to get a more printer-friendly calendar.
+ * When including this stylesheet, use the media='print' attribute of the <link> tag.
+ * Make sure to include this stylesheet IN ADDITION to the regular fullcalendar.css.
+ */
+
+.fc {
+	max-width: 100% !important;
+}
+
+
+/* Global Event Restyling
+--------------------------------------------------------------------------------------------------*/
+
+.fc-event {
+	background: #fff !important;
+	color: #000 !important;
+	page-break-inside: avoid;
+}
+
+.fc-event .fc-resizer {
+	display: none;
+}
+
+
+/* Table & Day-Row Restyling
+--------------------------------------------------------------------------------------------------*/
+
+th,
+td,
+hr,
+thead,
+tbody,
+.fc-row {
+	border-color: #ccc !important;
+	background: #fff !important;
+}
+
+/* kill the overlaid, absolutely-positioned common components */
+.fc-bg,
+.fc-bgevent-skeleton,
+.fc-highlight-skeleton,
+.fc-helper-skeleton {
+	display: none;
+}
+
+/* don't force a min-height on rows (for DayGrid) */
+.fc tbody .fc-row {
+	height: auto !important; /* undo height that JS set in distributeHeight */
+	min-height: 0 !important; /* undo the min-height from each view's specific stylesheet */
+}
+
+.fc tbody .fc-row .fc-content-skeleton {
+	position: static; /* undo .fc-rigid */
+	padding-bottom: 0 !important; /* use a more border-friendly method for this... */
+}
+
+.fc tbody .fc-row .fc-content-skeleton tbody tr:last-child td { /* only works in newer browsers */
+	padding-bottom: 1em; /* ...gives space within the skeleton. also ensures min height in a way */
+}
+
+.fc tbody .fc-row .fc-content-skeleton table {
+	/* provides a min-height for the row, but only effective for IE, which exaggerates this value,
+	   making it look more like 3em. for other browers, it will already be this tall */
+	height: 1em;
+}
+
+
+/* Undo month-view event limiting. Display all events and hide the "more" links
+--------------------------------------------------------------------------------------------------*/
+
+.fc-more-cell,
+.fc-more {
+	display: none !important;
+}
+
+.fc tr.fc-limited {
+	display: table-row !important;
+}
+
+.fc td.fc-limited {
+	display: table-cell !important;
+}
+
+.fc-popover {
+	display: none; /* never display the "more.." popover in print mode */
+}
+
+
+/* TimeGrid Restyling
+--------------------------------------------------------------------------------------------------*/
+
+/* undo the min-height 100% trick used to fill the container's height */
+.fc-time-grid {
+	min-height: 0 !important;
+}
+
+/* don't display the side axis at all ("all-day" and time cells) */
+.fc-agenda-view .fc-axis {
+	display: none;
+}
+
+/* don't display the horizontal lines */
+.fc-slats,
+.fc-time-grid hr { /* this hr is used when height is underused and needs to be filled */
+	display: none !important; /* important overrides inline declaration */
+}
+
+/* let the container that holds the events be naturally positioned and create real height */
+.fc-time-grid .fc-content-skeleton {
+	position: static;
+}
+
+/* in case there are no events, we still want some height */
+.fc-time-grid .fc-content-skeleton table {
+	height: 4em;
+}
+
+/* kill the horizontal spacing made by the event container. event margins will be done below */
+.fc-time-grid .fc-event-container {
+	margin: 0 !important;
+}
+
+
+/* TimeGrid *Event* Restyling
+--------------------------------------------------------------------------------------------------*/
+
+/* naturally position events, vertically stacking them */
+.fc-time-grid .fc-event {
+	position: static !important;
+	margin: 3px 2px !important;
+}
+
+/* for events that continue to a future day, give the bottom border back */
+.fc-time-grid .fc-event.fc-not-end {
+	border-bottom-width: 1px !important;
+}
+
+/* indicate the event continues via "..." text */
+.fc-time-grid .fc-event.fc-not-end:after {
+	content: "...";
+}
+
+/* for events that are continuations from previous days, give the top border back */
+.fc-time-grid .fc-event.fc-not-start {
+	border-top-width: 1px !important;
+}
+
+/* indicate the event is a continuation via "..." text */
+.fc-time-grid .fc-event.fc-not-start:before {
+	content: "...";
+}
+
+/* time */
+
+/* undo a previous declaration and let the time text span to a second line */
+.fc-time-grid .fc-event .fc-time {
+	white-space: normal !important;
+}
+
+/* hide the the time that is normally displayed... */
+.fc-time-grid .fc-event .fc-time span {
+	display: none;
+}
+
+/* ...replace it with a more verbose version (includes AM/PM) stored in an html attribute */
+.fc-time-grid .fc-event .fc-time:after {
+	content: attr(data-full);
+}
+
+
+/* Vertical Scroller & Containers
+--------------------------------------------------------------------------------------------------*/
+
+/* kill the scrollbars and allow natural height */
+.fc-scroller,
+.fc-day-grid-container,    /* these divs might be assigned height, which we need to cleared */
+.fc-time-grid-container {  /* */
+	overflow: visible !important;
+	height: auto !important;
+}
+
+/* kill the horizontal border/padding used to compensate for scrollbars */
+.fc-row {
+	border: 0 !important;
+	margin: 0 !important;
+}
+
+
+/* Button Controls
+--------------------------------------------------------------------------------------------------*/
+
+.fc-button-group,
+.fc button {
+	display: none; /* don't display any button-related controls */
+}
--- a/app/components/.gitkeep
+++ b/app/components/.gitkeep
--- a/RIGS/static/css/print.css
+++ b/RIGS/static/css/print.css
--- a/RIGS/static/css/screen.css
+++ b/RIGS/static/css/screen.css
--- a/RIGS/static/fonts/GEORGIA.TTF
+++ b/RIGS/static/fonts/GEORGIA.TTF
--- a/RIGS/static/fonts/GEORGIAB.TTF
+++ b/RIGS/static/fonts/GEORGIAB.TTF
--- a/RIGS/static/fonts/GEORGIAI.TTF
+++ b/RIGS/static/fonts/GEORGIAI.TTF
--- a/RIGS/static/fonts/GEORGIAZ.TTF
+++ b/RIGS/static/fonts/GEORGIAZ.TTF
--- a/RIGS/static/fonts/OPENSANS-BOLD.TTF
+++ b/RIGS/static/fonts/OPENSANS-BOLD.TTF
--- a/RIGS/static/fonts/OPENSANS-BOLDITALIC.TTF
+++ b/RIGS/static/fonts/OPENSANS-BOLDITALIC.TTF
--- a/RIGS/static/fonts/OPENSANS-ITALIC.TTF
+++ b/RIGS/static/fonts/OPENSANS-ITALIC.TTF
--- a/RIGS/static/fonts/OPENSANS-REGULAR.TTF
+++ b/RIGS/static/fonts/OPENSANS-REGULAR.TTF
--- a/RIGS/static/fonts/glyphicons-halflings-regular.eot
+++ b/RIGS/static/fonts/glyphicons-halflings-regular.eot
--- a/RIGS/static/fonts/glyphicons-halflings-regular.svg
+++ b/RIGS/static/fonts/glyphicons-halflings-regular.svg
--- a/RIGS/static/fonts/glyphicons-halflings-regular.ttf
+++ b/RIGS/static/fonts/glyphicons-halflings-regular.ttf
--- a/RIGS/static/fonts/glyphicons-halflings-regular.woff
+++ b/RIGS/static/fonts/glyphicons-halflings-regular.woff
--- a/RIGS/static/fonts/glyphicons-halflings-regular.woff2
+++ b/RIGS/static/fonts/glyphicons-halflings-regular.woff2
--- a/RIGS/static/imgs/400.jpg
+++ b/RIGS/static/imgs/400.jpg
--- a/RIGS/static/imgs/401.jpg
+++ b/RIGS/static/imgs/401.jpg
--- a/RIGS/static/imgs/403.jpg
+++ b/RIGS/static/imgs/403.jpg
--- a/RIGS/static/imgs/404.jpg
+++ b/RIGS/static/imgs/404.jpg
--- a/RIGS/static/imgs/500.jpg
+++ b/RIGS/static/imgs/500.jpg
--- a/RIGS/static/imgs/paperwork/corner-tr-su.jpg
+++ b/RIGS/static/imgs/paperwork/corner-tr-su.jpg
--- a/RIGS/static/imgs/paperwork/tec-logo.jpg
+++ b/RIGS/static/imgs/paperwork/tec-logo.jpg
--- a/RIGS/static/imgs/pyrigs-avatar.png
+++ b/RIGS/static/imgs/pyrigs-avatar.png
--- a/Show More
+++ b/Show More
				`@@ -0,0 +1 @@`
				`default_app_config = 'RIGS.apps.RIGSAppConfig'`
				`@@ -0,0 +1 @@`
				body{margin:0px}.main-table{width:100%;border-collapse:collapse}.client-header{background-image:url("https://www.nottinghamtec.co.uk/imgs/wof2014-1.jpg");background-color:#222;background-repeat:no-repeat;background-position:center;width:100%;margin-bottom:28px}.client-header .logos{width:100%;max-width:640px}.client-header img{height:110px}.content-container{width:100%}.content-container .content{font-family:"Open Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;width:100%;max-width:600px;padding:10px;text-align:left}.content-container .content .button-container{width:100%}.content-container .content .button-container .button{padding:6px 12px;background-color:#357ebf;border-radius:4px}.content-container .content .button-container .button a{color:#fff;text-decoration:none}