Merge branch 'beta' into sortable_tables

apps/wei/api/views.py

@@ -2,7 +2,8 @@
 # SPDX-License-Identifier: GPL-3.0-or-later
 
 from django_filters.rest_framework import DjangoFilterBackend
-from rest_framework.filters import OrderingFilter, SearchFilter
+from rest_framework.filters import OrderingFilter
+from api.filters import RegexSafeSearchFilter
 from api.viewsets import ReadProtectedModelViewSet
 
 from .serializers import WEIClubSerializer, BusSerializer, BusTeamSerializer, WEIRoleSerializer, \
@@ -18,7 +19,7 @@ class WEIClubViewSet(ReadProtectedModelViewSet):
     """
     queryset = WEIClub.objects.order_by('id')
     serializer_class = WEIClubSerializer
-    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
     filterset_fields = ['name', 'year', 'date_start', 'date_end', 'email', 'note__alias__name',
                         'note__alias__normalized_name', 'parent_club', 'parent_club__name', 'require_memberships',
                         'membership_fee_paid', 'membership_fee_unpaid', 'membership_duration', 'membership_start',
@@ -34,7 +35,7 @@ class BusViewSet(ReadProtectedModelViewSet):
     """
     queryset = Bus.objects.order_by('id')
     serializer_class = BusSerializer
-    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
     filterset_fields = ['name', 'wei', 'description', ]
     search_fields = ['$name', '$wei__name', '$description', ]
 
@@ -47,7 +48,7 @@ class BusTeamViewSet(ReadProtectedModelViewSet):
     """
     queryset = BusTeam.objects.order_by('id')
     serializer_class = BusTeamSerializer
-    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
     filterset_fields = ['name', 'bus', 'color', 'description', 'bus__wei', ]
     search_fields = ['$name', '$bus__name', '$bus__wei__name', '$description', ]
 
@@ -60,7 +61,7 @@ class WEIRoleViewSet(ReadProtectedModelViewSet):
     """
     queryset = WEIRole.objects.order_by('id')
     serializer_class = WEIRoleSerializer
-    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
     filterset_fields = ['name', 'permissions', 'memberships', ]
     search_fields = ['$name', ]
 
@@ -73,7 +74,7 @@ class WEIRegistrationViewSet(ReadProtectedModelViewSet):
     """
     queryset = WEIRegistration.objects.order_by('id')
     serializer_class = WEIRegistrationSerializer
-    filter_backends = [DjangoFilterBackend, SearchFilter]
+    filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
     filterset_fields = ['user', 'user__username', 'user__first_name', 'user__last_name', 'user__email',
                         'user__note__alias__name', 'user__note__alias__normalized_name', 'wei', 'wei__name',
                         'wei__email', 'wei__year', 'soge_credit', 'caution_check', 'birth_date', 'gender',
@@ -92,7 +93,7 @@ class WEIMembershipViewSet(ReadProtectedModelViewSet):
     """
     queryset = WEIMembership.objects.order_by('id')
     serializer_class = WEIMembershipSerializer
-    filter_backends = [DjangoFilterBackend, OrderingFilter, SearchFilter]
+    filter_backends = [DjangoFilterBackend, OrderingFilter, RegexSafeSearchFilter]
     filterset_fields = ['club__name', 'club__email', 'club__note__alias__name',
                         'club__note__alias__normalized_name', 'user__username', 'user__last_name',
                         'user__first_name', 'user__email', 'user__note__alias__name',

apps/wei/forms/registration.py

@@ -74,7 +74,7 @@ class WEIChooseBusForm(forms.Form):
         queryset=WEIRole.objects.filter(~Q(name="1A")),
         label=_("WEI Roles"),
         help_text=_("Select the roles that you are interested in."),
-        initial=WEIRole.objects.filter(name="Adhérent WEI").all(),
+        initial=WEIRole.objects.filter(name="Adhérent⋅e WEI").all(),
         widget=CheckboxSelectMultiple(),
     )
 

apps/wei/management/commands/export_wei_registrations.py

@@ -84,5 +84,5 @@ class Command(BaseCommand):
             s += sep + user.profile.section_generated
             s += sep + bus.name
             s += sep + (team.name if team else "--")
-            s += sep + ", ".join(role.name for role in membership.roles.filter(~Q(name="Adhérent WEI")).all())
+            s += sep + ", ".join(role.name for role in membership.roles.filter(~Q(name="Adhérent⋅e WEI")).all())
             self.stdout.write(s)

apps/wei/tests/test_wei_registration.py

@@ -504,7 +504,7 @@ class TestWEIRegistration(TestCase):
                 emergency_contact_phone='+33600000000',
                 bus=[self.bus.id],
                 team=[self.team.id],
-                roles=[role.id for role in WEIRole.objects.filter(name="Adhérent WEI").all()],
+                roles=[role.id for role in WEIRole.objects.filter(name="Adhérent⋅e WEI").all()],
                 information_json=self.registration.information_json,
             )
         )
@@ -558,7 +558,7 @@ class TestWEIRegistration(TestCase):
                 emergency_contact_phone='+33600000000',
                 bus=[self.bus.id],
                 team=[self.team.id],
-                roles=[role.id for role in WEIRole.objects.filter(name="Adhérent WEI").all()],
+                roles=[role.id for role in WEIRole.objects.filter(name="Adhérent⋅e WEI").all()],
                 information_json=self.registration.information_json,
             )
         )

apps/wei/views.py

@@ -23,6 +23,7 @@ from django.views.generic import DetailView, UpdateView, RedirectView, TemplateV
 from django.utils.translation import gettext_lazy as _
 from django.views.generic.edit import BaseFormView, DeleteView
 from django_tables2 import SingleTableView, MultiTableMixin
+from api.viewsets import is_regex
 from member.models import Membership, Club
 from note.models import Transaction, NoteClub, Alias, SpecialTransaction, NoteSpecial
 from note.tables import HistoryTable
@@ -220,13 +221,18 @@ class WEIMembershipsView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTableVi
         if not pattern:
             return qs.none()
 
+        # Check if this is a valid regex. If not, we won't check regex
+        valid_regex = is_regex(pattern)
+        suffix_alias = "__iregex" if valid_regex else "__istartswith"
+        suffix = "__iregex" if valid_regex else "__icontains"
+        prefix = "^" if valid_regex else ""
         qs = qs.filter(
-            Q(user__first_name__iregex=pattern)
-            | Q(user__last_name__iregex=pattern)
-            | Q(user__note__alias__name__iregex="^" + pattern)
-            | Q(user__note__alias__normalized_name__iregex="^" + Alias.normalize(pattern))
-            | Q(bus__name__iregex=pattern)
-            | Q(team__name__iregex=pattern)
+            Q(**{f"user__first_name{suffix}": pattern})
+            | Q(**{f"user__last_name{suffix}": pattern})
+            | Q(**{f"user__note__alias__name{suffix_alias}": prefix + pattern})
+            | Q(**{f"user__note__alias__normalized_name{suffix_alias}": prefix + Alias.normalize(pattern)})
+            | Q(**{f"bus__name{suffix}": pattern})
+            | Q(**{f"team__name{suffix}": pattern})
         )
 
         return qs
@@ -256,11 +262,16 @@ class WEIRegistrationsView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTable
         pattern = self.request.GET.get("search", "")
 
         if pattern:
+            # Check if this is a valid regex. If not, we won't check regex
+            valid_regex = is_regex(pattern)
+            suffix_alias = "__iregex" if valid_regex else "__istartswith"
+            suffix = "__iregex" if valid_regex else "__icontains"
+            prefix = "^" if valid_regex else ""
             qs = qs.filter(
-                Q(user__first_name__iregex=pattern)
-                | Q(user__last_name__iregex=pattern)
-                | Q(user__note__alias__name__iregex="^" + pattern)
-                | Q(user__note__alias__normalized_name__iregex="^" + Alias.normalize(pattern))
+                Q(**{f"user__first_name{suffix}": pattern})
+                | Q(**{f"user__last_name{suffix}": pattern})
+                | Q(**{f"user__note__alias__name{suffix_alias}": prefix + pattern})
+                | Q(**{f"user__note__alias__normalized_name{suffix_alias}": prefix + Alias.normalize(pattern)})
             )
 
         return qs
@@ -917,7 +928,7 @@ class WEIValidateRegistrationView(ProtectQuerysetMixin, ProtectedCreateView):
                     form["team"].initial = BusTeam.objects.get(pk=information["preferred_team_pk"][0])
                 if "preferred_roles_pk" in information:
                     form["roles"].initial = WEIRole.objects.filter(
-                        Q(pk__in=information["preferred_roles_pk"]) | Q(name="Adhérent WEI")
+                        Q(pk__in=information["preferred_roles_pk"]) | Q(name="Adhérent⋅e WEI")
                     ).all()
         return form
 
@@ -1009,7 +1020,7 @@ class WEIValidateRegistrationView(ProtectQuerysetMixin, ProtectedCreateView):
 
         membership.save()
         membership.refresh_from_db()
-        membership.roles.add(WEIRole.objects.get(name="Adhérent WEI"))
+        membership.roles.add(WEIRole.objects.get(name="Adhérent⋅e WEI"))
 
         return super().form_valid(form)