mirror of
https://gitlab.crans.org/bde/nk20
synced 2025-06-21 01:48:21 +02:00
Compare commits
1 Commits
de7b91db2a
...
migration-
| Author | SHA1 | Date | |
|---|---|---|---|
| bb9f58e497 |
@ -7,25 +7,10 @@ stages:
|
||||
variables:
|
||||
GIT_SUBMODULE_STRATEGY: recursive
|
||||
|
||||
# Debian Buster
|
||||
# py37-django22:
|
||||
# stage: test
|
||||
# image: debian:buster-backports
|
||||
# before_script:
|
||||
# - >
|
||||
# apt-get update &&
|
||||
# apt-get install --no-install-recommends -t buster-backports -y
|
||||
# python3-django python3-django-crispy-forms
|
||||
# python3-django-extensions python3-django-filters python3-django-polymorphic
|
||||
# python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil
|
||||
# python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache
|
||||
# python3-bs4 python3-setuptools tox texlive-xetex
|
||||
# script: tox -e py37-django22
|
||||
|
||||
# Ubuntu 20.04
|
||||
py38-django22:
|
||||
# Ubuntu 22.04
|
||||
py310-django50:
|
||||
stage: test
|
||||
image: ubuntu:20.04
|
||||
image: ubuntu:22.04
|
||||
before_script:
|
||||
# Fix tzdata prompt
|
||||
- ln -sf /usr/share/zoneinfo/Europe/Paris /etc/localtime && echo Europe/Paris > /etc/timezone
|
||||
@ -37,12 +22,12 @@ py38-django22:
|
||||
python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil
|
||||
python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache
|
||||
python3-bs4 python3-setuptools tox texlive-xetex
|
||||
script: tox -e py38-django22
|
||||
script: tox -e py310-django50
|
||||
|
||||
# Debian Bullseye
|
||||
py39-django22:
|
||||
# Debian Bookworm
|
||||
py311-django50:
|
||||
stage: test
|
||||
image: debian:bullseye
|
||||
image: debian:bookworm
|
||||
before_script:
|
||||
- >
|
||||
apt-get update &&
|
||||
@ -52,7 +37,7 @@ py39-django22:
|
||||
python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil
|
||||
python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache
|
||||
python3-bs4 python3-setuptools tox texlive-xetex
|
||||
script: tox -e py39-django22
|
||||
script: tox -e py311-django50
|
||||
|
||||
linters:
|
||||
stage: quality-assurance
|
||||
|
||||
@ -1,9 +1,9 @@
|
||||
# Copyright (C) 2018-2024 by BDE ENS Paris-Saclay
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
from django_filters.rest_framework import DjangoFilterBackend
|
||||
from api.filters import RegexSafeSearchFilter
|
||||
from api.viewsets import ReadProtectedModelViewSet
|
||||
from django_filters.rest_framework import DjangoFilterBackend
|
||||
from rest_framework.filters import SearchFilter
|
||||
|
||||
from .serializers import ActivitySerializer, ActivityTypeSerializer, EntrySerializer, GuestSerializer
|
||||
from ..models import Activity, ActivityType, Entry, Guest
|
||||
@ -29,7 +29,7 @@ class ActivityViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = Activity.objects.order_by('id')
|
||||
serializer_class = ActivitySerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter]
|
||||
filterset_fields = ['name', 'description', 'activity_type', 'location', 'creater', 'organizer', 'attendees_club',
|
||||
'date_start', 'date_end', 'valid', 'open', ]
|
||||
search_fields = ['$name', '$description', '$location', '$creater__last_name', '$creater__first_name',
|
||||
@ -47,7 +47,7 @@ class GuestViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = Guest.objects.order_by('id')
|
||||
serializer_class = GuestSerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter]
|
||||
filterset_fields = ['activity', 'activity__name', 'last_name', 'first_name', 'inviter', 'inviter__alias__name',
|
||||
'inviter__alias__normalized_name', ]
|
||||
search_fields = ['$activity__name', '$last_name', '$first_name', '$inviter__user__email', '$inviter__alias__name',
|
||||
@ -62,7 +62,7 @@ class EntryViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = Entry.objects.order_by('id')
|
||||
serializer_class = EntrySerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter]
|
||||
filterset_fields = ['activity', 'time', 'note', 'guest', ]
|
||||
search_fields = ['$activity__name', '$note__user__email', '$note__alias__name', '$note__alias__normalized_name',
|
||||
'$guest__last_name', '$guest__first_name', ]
|
||||
|
||||
@ -1,6 +1,8 @@
|
||||
# Copyright (C) 2018-2024 by BDE ENS Paris-Saclay
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
from bootstrap_datepicker_plus.widgets import DateTimePickerInput
|
||||
|
||||
from datetime import timedelta
|
||||
from random import shuffle
|
||||
|
||||
@ -10,7 +12,7 @@ from django.utils import timezone
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
from member.models import Club
|
||||
from note.models import Note, NoteUser
|
||||
from note_kfet.inputs import Autocomplete, DateTimePickerInput
|
||||
from note_kfet.inputs import Autocomplete
|
||||
from note_kfet.middlewares import get_current_request
|
||||
from permission.backends import PermissionBackend
|
||||
|
||||
|
||||
@ -18,7 +18,6 @@ from django.views import View
|
||||
from django.views.decorators.cache import cache_page
|
||||
from django.views.generic import DetailView, TemplateView, UpdateView
|
||||
from django_tables2.views import SingleTableView
|
||||
from api.viewsets import is_regex
|
||||
from note.models import Alias, NoteSpecial, NoteUser
|
||||
from permission.backends import PermissionBackend
|
||||
from permission.views import ProtectQuerysetMixin, ProtectedCreateView
|
||||
@ -199,16 +198,13 @@ class ActivityEntryView(LoginRequiredMixin, TemplateView):
|
||||
|
||||
if "search" in self.request.GET and self.request.GET["search"]:
|
||||
pattern = self.request.GET["search"]
|
||||
|
||||
# Check if this is a valid regex. If not, we won't check regex
|
||||
valid_regex = is_regex(pattern)
|
||||
suffix = "__iregex" if valid_regex else "__istartswith"
|
||||
pattern = "^" + pattern if valid_regex and pattern[0] != "^" else pattern
|
||||
if pattern[0] != "^":
|
||||
pattern = "^" + pattern
|
||||
guest_qs = guest_qs.filter(
|
||||
Q(**{f"first_name{suffix}": pattern})
|
||||
| Q(**{f"last_name{suffix}": pattern})
|
||||
| Q(**{f"inviter__alias__name{suffix}": pattern})
|
||||
| Q(**{f"inviter__alias__normalized_name{suffix}": Alias.normalize(pattern)})
|
||||
Q(first_name__iregex=pattern)
|
||||
| Q(last_name__iregex=pattern)
|
||||
| Q(inviter__alias__name__iregex=pattern)
|
||||
| Q(inviter__alias__normalized_name__iregex=Alias.normalize(pattern))
|
||||
)
|
||||
else:
|
||||
guest_qs = guest_qs.none()
|
||||
@ -240,15 +236,11 @@ class ActivityEntryView(LoginRequiredMixin, TemplateView):
|
||||
|
||||
if "search" in self.request.GET and self.request.GET["search"]:
|
||||
pattern = self.request.GET["search"]
|
||||
|
||||
# Check if this is a valid regex. If not, we won't check regex
|
||||
valid_regex = is_regex(pattern)
|
||||
suffix = "__iregex" if valid_regex else "__icontains"
|
||||
note_qs = note_qs.filter(
|
||||
Q(**{f"note__noteuser__user__first_name{suffix}": pattern})
|
||||
| Q(**{f"note__noteuser__user__last_name{suffix}": pattern})
|
||||
| Q(**{f"name{suffix}": pattern})
|
||||
| Q(**{f"normalized_name{suffix}": Alias.normalize(pattern)})
|
||||
Q(note__noteuser__user__first_name__iregex=pattern)
|
||||
| Q(note__noteuser__user__last_name__iregex=pattern)
|
||||
| Q(name__iregex=pattern)
|
||||
| Q(normalized_name__iregex=Alias.normalize(pattern))
|
||||
)
|
||||
else:
|
||||
note_qs = note_qs.none()
|
||||
|
||||
@ -1,42 +0,0 @@
|
||||
import re
|
||||
from functools import lru_cache
|
||||
|
||||
from rest_framework.filters import SearchFilter
|
||||
|
||||
|
||||
class RegexSafeSearchFilter(SearchFilter):
|
||||
@lru_cache
|
||||
def validate_regex(self, search_term) -> bool:
|
||||
try:
|
||||
re.compile(search_term)
|
||||
return True
|
||||
except re.error:
|
||||
return False
|
||||
|
||||
def get_search_fields(self, view, request):
|
||||
"""
|
||||
Ensure that given regex are valid.
|
||||
If not, we consider that the user is trying to search by substring.
|
||||
"""
|
||||
search_fields = super().get_search_fields(view, request)
|
||||
search_terms = self.get_search_terms(request)
|
||||
|
||||
for search_term in search_terms:
|
||||
if not self.validate_regex(search_term):
|
||||
# Invalid regex. We assume we don't query by regex but by substring.
|
||||
search_fields = [f.replace('$', '') for f in search_fields]
|
||||
break
|
||||
|
||||
return search_fields
|
||||
|
||||
def get_search_terms(self, request):
|
||||
"""
|
||||
Ensure that search field is a valid regex query. If not, we remove extra characters.
|
||||
"""
|
||||
terms = super().get_search_terms(request)
|
||||
if not all(self.validate_regex(term) for term in terms):
|
||||
# Invalid regex. If a ^ is prefixed to the search term, we remove it.
|
||||
terms = [term[1:] if term[0] == '^' else term for term in terms]
|
||||
# Same for dollars.
|
||||
terms = [term[:-1] if term[-1] == '$' else term for term in terms]
|
||||
return terms
|
||||
@ -12,12 +12,11 @@ from django.contrib.contenttypes.models import ContentType
|
||||
from django.db.models.fields.files import ImageFieldFile
|
||||
from django.test import TestCase
|
||||
from django_filters.rest_framework import DjangoFilterBackend
|
||||
from phonenumbers import PhoneNumber
|
||||
from rest_framework.filters import OrderingFilter
|
||||
from api.filters import RegexSafeSearchFilter
|
||||
from member.models import Membership, Club
|
||||
from note.models import NoteClub, NoteUser, Alias, Note
|
||||
from permission.models import PermissionMask, Permission, Role
|
||||
from phonenumbers import PhoneNumber
|
||||
from rest_framework.filters import SearchFilter, OrderingFilter
|
||||
|
||||
from .viewsets import ContentTypeViewSet, UserViewSet
|
||||
|
||||
@ -88,7 +87,7 @@ class TestAPI(TestCase):
|
||||
resp = self.client.get(url + f"?ordering=-{field}")
|
||||
self.assertEqual(resp.status_code, 200)
|
||||
|
||||
if RegexSafeSearchFilter in backends:
|
||||
if SearchFilter in backends:
|
||||
# Basic search
|
||||
for field in viewset.search_fields:
|
||||
obj = self.fix_note_object(obj, field)
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
from django.conf import settings
|
||||
from django.conf.urls import url, include
|
||||
from django.urls import include, re_path
|
||||
from rest_framework import routers
|
||||
|
||||
from .views import UserInformationView
|
||||
@ -47,7 +47,7 @@ app_name = 'api'
|
||||
# Wire up our API using automatic URL routing.
|
||||
# Additionally, we include login URLs for the browsable API.
|
||||
urlpatterns = [
|
||||
url('^', include(router.urls)),
|
||||
url('^me/', UserInformationView.as_view()),
|
||||
url('^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
|
||||
re_path('^', include(router.urls)),
|
||||
re_path('^me/', UserInformationView.as_view()),
|
||||
re_path('^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
|
||||
]
|
||||
|
||||
@ -1,29 +1,19 @@
|
||||
# Copyright (C) 2018-2024 by BDE ENS Paris-Saclay
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
import re
|
||||
|
||||
from django.contrib.contenttypes.models import ContentType
|
||||
from django_filters.rest_framework import DjangoFilterBackend
|
||||
from django.db.models import Q
|
||||
from django.conf import settings
|
||||
from django.contrib.auth.models import User
|
||||
from rest_framework.filters import SearchFilter
|
||||
from rest_framework.viewsets import ReadOnlyModelViewSet, ModelViewSet
|
||||
from permission.backends import PermissionBackend
|
||||
from note.models import Alias
|
||||
|
||||
from .filters import RegexSafeSearchFilter
|
||||
from .serializers import UserSerializer, ContentTypeSerializer
|
||||
|
||||
|
||||
def is_regex(pattern):
|
||||
try:
|
||||
re.compile(pattern)
|
||||
return True
|
||||
except (re.error, TypeError):
|
||||
return False
|
||||
|
||||
|
||||
class ReadProtectedModelViewSet(ModelViewSet):
|
||||
"""
|
||||
Protect a ModelViewSet by filtering the objects that the user cannot see.
|
||||
@ -70,38 +60,34 @@ class UserViewSet(ReadProtectedModelViewSet):
|
||||
|
||||
if "search" in self.request.GET:
|
||||
pattern = self.request.GET["search"]
|
||||
# Check if this is a valid regex. If not, we won't check regex
|
||||
valid_regex = is_regex(pattern)
|
||||
suffix = "__iregex" if valid_regex else "__istartswith"
|
||||
prefix = "^" if valid_regex else ""
|
||||
|
||||
# Filter with different rules
|
||||
# We use union-all to keep each filter rule sorted in result
|
||||
queryset = queryset.filter(
|
||||
# Match without normalization
|
||||
Q(**{f"note__alias__name{suffix}": prefix + pattern})
|
||||
note__alias__name__iregex="^" + pattern
|
||||
).union(
|
||||
queryset.filter(
|
||||
# Match with normalization
|
||||
Q(**{f"note__alias__normalized_name{suffix}": prefix + Alias.normalize(pattern)})
|
||||
& ~Q(**{f"note__alias__name{suffix}": prefix + pattern})
|
||||
Q(note__alias__normalized_name__iregex="^" + Alias.normalize(pattern))
|
||||
& ~Q(note__alias__name__iregex="^" + pattern)
|
||||
),
|
||||
all=True,
|
||||
).union(
|
||||
queryset.filter(
|
||||
# Match on lower pattern
|
||||
Q(**{f"note__alias__normalized_name{suffix}": prefix + pattern.lower()})
|
||||
& ~Q(**{f"note__alias__normalized_name{suffix}": prefix + Alias.normalize(pattern)})
|
||||
& ~Q(**{f"note__alias__name{suffix}": prefix + pattern})
|
||||
Q(note__alias__normalized_name__iregex="^" + pattern.lower())
|
||||
& ~Q(note__alias__normalized_name__iregex="^" + Alias.normalize(pattern))
|
||||
& ~Q(note__alias__name__iregex="^" + pattern)
|
||||
),
|
||||
all=True,
|
||||
).union(
|
||||
queryset.filter(
|
||||
# Match on firstname or lastname
|
||||
(Q(**{f"last_name{suffix}": prefix + pattern}) | Q(**{f"first_name{suffix}": prefix + pattern}))
|
||||
& ~Q(**{f"note__alias__normalized_name{suffix}": prefix + pattern.lower()})
|
||||
& ~Q(**{f"note__alias__normalized_name{suffix}": prefix + Alias.normalize(pattern)})
|
||||
& ~Q(**{f"note__alias__name{suffix}": prefix + pattern})
|
||||
(Q(last_name__iregex="^" + pattern) | Q(first_name__iregex="^" + pattern))
|
||||
& ~Q(note__alias__normalized_name__iregex="^" + pattern.lower())
|
||||
& ~Q(note__alias__normalized_name__iregex="^" + Alias.normalize(pattern))
|
||||
& ~Q(note__alias__name__iregex="^" + pattern)
|
||||
),
|
||||
all=True,
|
||||
)
|
||||
@ -121,6 +107,6 @@ class ContentTypeViewSet(ReadOnlyModelViewSet):
|
||||
"""
|
||||
queryset = ContentType.objects.order_by('id')
|
||||
serializer_class = ContentTypeSerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter]
|
||||
filterset_fields = ['id', 'app_label', 'model', ]
|
||||
search_fields = ['$app_label', '$model', ]
|
||||
|
||||
@ -2,8 +2,7 @@
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
from django_filters.rest_framework import DjangoFilterBackend
|
||||
from rest_framework.filters import OrderingFilter
|
||||
from api.filters import RegexSafeSearchFilter
|
||||
from rest_framework.filters import OrderingFilter, SearchFilter
|
||||
from api.viewsets import ReadProtectedModelViewSet
|
||||
|
||||
from .serializers import ProfileSerializer, ClubSerializer, MembershipSerializer
|
||||
@ -18,7 +17,7 @@ class ProfileViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = Profile.objects.order_by('id')
|
||||
serializer_class = ProfileSerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter]
|
||||
filterset_fields = ['user', 'user__first_name', 'user__last_name', 'user__username', 'user__email',
|
||||
'user__note__alias__name', 'user__note__alias__normalized_name', 'phone_number', "section",
|
||||
'department', 'promotion', 'address', 'paid', 'ml_events_registration', 'ml_sport_registration',
|
||||
@ -35,7 +34,7 @@ class ClubViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = Club.objects.order_by('id')
|
||||
serializer_class = ClubSerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter]
|
||||
filterset_fields = ['name', 'email', 'note__alias__name', 'note__alias__normalized_name', 'parent_club',
|
||||
'parent_club__name', 'require_memberships', 'membership_fee_paid', 'membership_fee_unpaid',
|
||||
'membership_duration', 'membership_start', 'membership_end', ]
|
||||
@ -50,7 +49,7 @@ class MembershipViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = Membership.objects.order_by('id')
|
||||
serializer_class = MembershipSerializer
|
||||
filter_backends = [DjangoFilterBackend, OrderingFilter, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, OrderingFilter, SearchFilter]
|
||||
filterset_fields = ['club__name', 'club__email', 'club__note__alias__name', 'club__note__alias__normalized_name',
|
||||
'user__username', 'user__last_name', 'user__first_name', 'user__email',
|
||||
'user__note__alias__name', 'user__note__alias__normalized_name',
|
||||
|
||||
@ -3,6 +3,7 @@
|
||||
|
||||
import io
|
||||
|
||||
from bootstrap_datepicker_plus.widgets import DatePickerInput
|
||||
from PIL import Image, ImageSequence
|
||||
from django import forms
|
||||
from django.conf import settings
|
||||
@ -13,7 +14,7 @@ from django.forms import CheckboxSelectMultiple
|
||||
from django.utils import timezone
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
from note.models import NoteSpecial, Alias
|
||||
from note_kfet.inputs import Autocomplete, AmountInput, DatePickerInput
|
||||
from note_kfet.inputs import Autocomplete, AmountInput
|
||||
from permission.models import PermissionMask, Role
|
||||
|
||||
from .models import Profile, Club, Membership
|
||||
@ -32,7 +33,7 @@ class UserForm(forms.ModelForm):
|
||||
# Django usernames can only contain letters, numbers, @, ., +, - and _.
|
||||
# We want to allow users to have uncommon and unpractical usernames:
|
||||
# That is their problem, and we have normalized aliases for us.
|
||||
return super()._get_validation_exclusions() + ["username"]
|
||||
return super()._get_validation_exclusions() | {"username"}
|
||||
|
||||
class Meta:
|
||||
model = User
|
||||
|
||||
@ -44,7 +44,7 @@ class TemplateLoggedInTests(TestCase):
|
||||
self.assertRedirects(response, settings.LOGIN_REDIRECT_URL, 302, 302)
|
||||
|
||||
def test_logout(self):
|
||||
response = self.client.get(reverse("logout"))
|
||||
response = self.client.post(reverse("logout"))
|
||||
self.assertEqual(response.status_code, 200)
|
||||
|
||||
def test_admin_index(self):
|
||||
|
||||
@ -18,7 +18,6 @@ from django.views.generic import DetailView, UpdateView, TemplateView
|
||||
from django.views.generic.edit import FormMixin
|
||||
from django_tables2.views import SingleTableView
|
||||
from rest_framework.authtoken.models import Token
|
||||
from api.viewsets import is_regex
|
||||
from note.models import Alias, NoteClub, NoteUser, Trust
|
||||
from note.models.transactions import Transaction, SpecialTransaction
|
||||
from note.tables import HistoryTable, AliasTable, TrustTable, TrustedTable
|
||||
@ -220,20 +219,16 @@ class UserListView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTableView):
|
||||
if "search" in self.request.GET and self.request.GET["search"]:
|
||||
pattern = self.request.GET["search"]
|
||||
|
||||
# Check if this is a valid regex. If not, we won't check regex
|
||||
valid_regex = is_regex(pattern)
|
||||
suffix = "__iregex" if valid_regex else "__istartswith"
|
||||
prefix = "^" if valid_regex else ""
|
||||
qs = qs.filter(
|
||||
Q(**{f"username{suffix}": prefix + pattern})
|
||||
username__iregex="^" + pattern
|
||||
).union(
|
||||
qs.filter(
|
||||
(Q(**{f"alias{suffix}": prefix + pattern})
|
||||
| Q(**{f"normalized_alias{suffix}": prefix + Alias.normalize(pattern)})
|
||||
| Q(**{f"last_name{suffix}": prefix + pattern})
|
||||
| Q(**{f"first_name{suffix}": prefix + pattern})
|
||||
(Q(alias__iregex="^" + pattern)
|
||||
| Q(normalized_alias__iregex="^" + Alias.normalize(pattern))
|
||||
| Q(last_name__iregex="^" + pattern)
|
||||
| Q(first_name__iregex="^" + pattern)
|
||||
| Q(email__istartswith=pattern))
|
||||
& ~Q(**{f"username{suffix}": prefix + pattern})
|
||||
& ~Q(username__iregex="^" + pattern)
|
||||
), all=True)
|
||||
else:
|
||||
qs = qs.none()
|
||||
@ -412,15 +407,10 @@ class ClubListView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTableView):
|
||||
if "search" in self.request.GET:
|
||||
pattern = self.request.GET["search"]
|
||||
|
||||
# Check if this is a valid regex. If not, we won't check regex
|
||||
valid_regex = is_regex(pattern)
|
||||
suffix = "__iregex" if valid_regex else "__istartswith"
|
||||
prefix = "^" if valid_regex else ""
|
||||
|
||||
qs = qs.filter(
|
||||
Q(**{f"name{suffix}": prefix + pattern})
|
||||
| Q(**{f"note__alias__name{suffix}": prefix + pattern})
|
||||
| Q(**{f"note__alias__normalized_name{suffix}": prefix + Alias.normalize(pattern)})
|
||||
Q(name__iregex=pattern)
|
||||
| Q(note__alias__name__iregex=pattern)
|
||||
| Q(note__alias__normalized_name__iregex=Alias.normalize(pattern))
|
||||
)
|
||||
|
||||
return qs
|
||||
@ -919,15 +909,10 @@ class ClubMembersListView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTableV
|
||||
|
||||
if 'search' in self.request.GET:
|
||||
pattern = self.request.GET['search']
|
||||
|
||||
# Check if this is a valid regex. If not, we won't check regex
|
||||
valid_regex = is_regex(pattern)
|
||||
suffix = "__iregex" if valid_regex else "__istartswith"
|
||||
prefix = "^" if valid_regex else ""
|
||||
qs = qs.filter(
|
||||
Q(**{f"user__first_name{suffix}": prefix + pattern})
|
||||
| Q(**{f"user__last_name{suffix}": prefix + pattern})
|
||||
| Q(**{f"user__note__alias__normalized_name{suffix}": prefix + Alias.normalize(pattern)})
|
||||
Q(user__first_name__iregex='^' + pattern)
|
||||
| Q(user__last_name__iregex='^' + pattern)
|
||||
| Q(user__note__alias__normalized_name__iregex='^' + Alias.normalize(pattern))
|
||||
)
|
||||
|
||||
only_active = "only_active" not in self.request.GET or self.request.GET["only_active"] != '0'
|
||||
|
||||
@ -13,7 +13,7 @@ def register_note_urls(router, path):
|
||||
router.register(path + '/note', NotePolymorphicViewSet)
|
||||
router.register(path + '/alias', AliasViewSet)
|
||||
router.register(path + '/trust', TrustViewSet)
|
||||
router.register(path + '/consumer', ConsumerViewSet)
|
||||
router.register(path + '/consumer', ConsumerViewSet, basename="consumer")
|
||||
|
||||
router.register(path + '/transaction/category', TemplateCategoryViewSet)
|
||||
router.register(path + '/transaction/transaction', TransactionViewSet)
|
||||
|
||||
@ -1,16 +1,16 @@
|
||||
# Copyright (C) 2018-2024 by BDE ENS Paris-Saclay
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
import re
|
||||
|
||||
from django.conf import settings
|
||||
from django.db.models import Q
|
||||
from django.core.exceptions import ValidationError
|
||||
from django_filters.rest_framework import DjangoFilterBackend
|
||||
from rest_framework.filters import OrderingFilter
|
||||
from rest_framework import status, viewsets
|
||||
from rest_framework.filters import OrderingFilter, SearchFilter
|
||||
from rest_framework import viewsets
|
||||
from rest_framework.response import Response
|
||||
from api.filters import RegexSafeSearchFilter
|
||||
from api.viewsets import ReadProtectedModelViewSet, ReadOnlyProtectedModelViewSet, \
|
||||
is_regex
|
||||
from rest_framework import status
|
||||
from api.viewsets import ReadProtectedModelViewSet, ReadOnlyProtectedModelViewSet
|
||||
from permission.backends import PermissionBackend
|
||||
|
||||
from .serializers import NotePolymorphicSerializer, AliasSerializer, ConsumerSerializer, \
|
||||
@ -29,7 +29,7 @@ class NotePolymorphicViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = Note.objects.order_by('id')
|
||||
serializer_class = NotePolymorphicSerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter, OrderingFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter, OrderingFilter]
|
||||
filterset_fields = ['alias__name', 'polymorphic_ctype', 'is_active', 'balance', 'last_negative', 'created_at', ]
|
||||
search_fields = ['$alias__normalized_name', '$alias__name', '$polymorphic_ctype__model',
|
||||
'$noteuser__user__last_name', '$noteuser__user__first_name', '$noteuser__user__email',
|
||||
@ -48,14 +48,10 @@ class NotePolymorphicViewSet(ReadProtectedModelViewSet):
|
||||
.distinct()
|
||||
|
||||
alias = self.request.query_params.get("alias", ".*")
|
||||
# Check if this is a valid regex. If not, we won't check regex
|
||||
valid_regex = is_regex(alias)
|
||||
suffix = '__iregex' if valid_regex else '__istartswith'
|
||||
alias_prefix = '^' if valid_regex else ''
|
||||
queryset = queryset.filter(
|
||||
Q(**{f"alias__name{suffix}": alias_prefix + alias})
|
||||
| Q(**{f"alias__normalized_name{suffix}": alias_prefix + Alias.normalize(alias)})
|
||||
| Q(**{f"alias__normalized_name{suffix}": alias_prefix + alias.lower()})
|
||||
Q(alias__name__iregex="^" + alias)
|
||||
| Q(alias__normalized_name__iregex="^" + Alias.normalize(alias))
|
||||
| Q(alias__normalized_name__iregex="^" + alias.lower())
|
||||
)
|
||||
|
||||
return queryset.order_by("id")
|
||||
@ -69,7 +65,7 @@ class TrustViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = Trust.objects
|
||||
serializer_class = TrustSerializer
|
||||
filter_backends = [RegexSafeSearchFilter, DjangoFilterBackend, OrderingFilter]
|
||||
filter_backends = [SearchFilter, DjangoFilterBackend, OrderingFilter]
|
||||
search_fields = ['$trusting__alias__name', '$trusting__alias__normalized_name',
|
||||
'$trusted__alias__name', '$trusted__alias__normalized_name']
|
||||
filterset_fields = ['trusting', 'trusting__noteuser__user', 'trusted', 'trusted__noteuser__user']
|
||||
@ -95,11 +91,11 @@ class AliasViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
REST API View set.
|
||||
The djangorestframework plugin will get all `Alias` objects, serialize it to JSON with the given serializer,
|
||||
then render it on /api/note/alias/
|
||||
then render it on /api/note/aliases/
|
||||
"""
|
||||
queryset = Alias.objects
|
||||
serializer_class = AliasSerializer
|
||||
filter_backends = [RegexSafeSearchFilter, DjangoFilterBackend, OrderingFilter]
|
||||
filter_backends = [SearchFilter, DjangoFilterBackend, OrderingFilter]
|
||||
search_fields = ['$normalized_name', '$name', '$note__polymorphic_ctype__model', ]
|
||||
filterset_fields = ['name', 'normalized_name', 'note', 'note__noteuser__user',
|
||||
'note__noteclub__club', 'note__polymorphic_ctype__model', ]
|
||||
@ -130,22 +126,18 @@ class AliasViewSet(ReadProtectedModelViewSet):
|
||||
|
||||
alias = self.request.query_params.get("alias", None)
|
||||
if alias:
|
||||
# Check if this is a valid regex. If not, we won't check regex
|
||||
valid_regex = is_regex(alias)
|
||||
suffix = '__iregex' if valid_regex else '__istartswith'
|
||||
alias_prefix = '^' if valid_regex else ''
|
||||
queryset = queryset.filter(
|
||||
**{f"name{suffix}": alias_prefix + alias}
|
||||
name__iregex="^" + alias
|
||||
).union(
|
||||
queryset.filter(
|
||||
Q(**{f"normalized_name{suffix}": alias_prefix + Alias.normalize(alias)})
|
||||
& ~Q(**{f"name{suffix}": alias_prefix + alias})
|
||||
Q(normalized_name__iregex="^" + Alias.normalize(alias))
|
||||
& ~Q(name__iregex="^" + alias)
|
||||
),
|
||||
all=True).union(
|
||||
queryset.filter(
|
||||
Q(**{f"normalized_name{suffix}": "^" + alias.lower()})
|
||||
& ~Q(**{f"normalized_name{suffix}": "^" + Alias.normalize(alias)})
|
||||
& ~Q(**{f"name{suffix}": "^" + alias})
|
||||
Q(normalized_name__iregex="^" + alias.lower())
|
||||
& ~Q(normalized_name__iregex="^" + Alias.normalize(alias))
|
||||
& ~Q(name__iregex="^" + alias)
|
||||
),
|
||||
all=True)
|
||||
|
||||
@ -155,7 +147,7 @@ class AliasViewSet(ReadProtectedModelViewSet):
|
||||
class ConsumerViewSet(ReadOnlyProtectedModelViewSet):
|
||||
queryset = Alias.objects
|
||||
serializer_class = ConsumerSerializer
|
||||
filter_backends = [RegexSafeSearchFilter, OrderingFilter, DjangoFilterBackend]
|
||||
filter_backends = [SearchFilter, OrderingFilter, DjangoFilterBackend]
|
||||
search_fields = ['$normalized_name', '$name', '$note__polymorphic_ctype__model', ]
|
||||
filterset_fields = ['name', 'normalized_name', 'note', 'note__noteuser__user',
|
||||
'note__noteclub__club', 'note__polymorphic_ctype__model', ]
|
||||
@ -174,7 +166,11 @@ class ConsumerViewSet(ReadOnlyProtectedModelViewSet):
|
||||
|
||||
alias = self.request.query_params.get("alias", None)
|
||||
# Check if this is a valid regex. If not, we won't check regex
|
||||
valid_regex = is_regex(alias)
|
||||
try:
|
||||
re.compile(alias)
|
||||
valid_regex = True
|
||||
except (re.error, TypeError):
|
||||
valid_regex = False
|
||||
suffix = '__iregex' if valid_regex else '__istartswith'
|
||||
alias_prefix = '^' if valid_regex else ''
|
||||
queryset = queryset.prefetch_related('note')
|
||||
@ -183,19 +179,10 @@ class ConsumerViewSet(ReadOnlyProtectedModelViewSet):
|
||||
# We match first an alias if it is matched without normalization,
|
||||
# then if the normalized pattern matches a normalized alias.
|
||||
queryset = queryset.filter(
|
||||
**{f'name{suffix}': alias_prefix + alias}
|
||||
).union(
|
||||
queryset.filter(
|
||||
Q(**{f'normalized_name{suffix}': alias_prefix + Alias.normalize(alias)})
|
||||
& ~Q(**{f'name{suffix}': alias_prefix + alias})
|
||||
),
|
||||
all=True).union(
|
||||
queryset.filter(
|
||||
Q(**{f'normalized_name{suffix}': alias_prefix + alias.lower()})
|
||||
& ~Q(**{f'normalized_name{suffix}': alias_prefix + Alias.normalize(alias)})
|
||||
& ~Q(**{f'name{suffix}': alias_prefix + alias})
|
||||
),
|
||||
all=True)
|
||||
Q(**{f'name{suffix}': alias_prefix + alias})
|
||||
| Q(**{f'normalized_name{suffix}': alias_prefix + Alias.normalize(alias)})
|
||||
| Q(**{f'normalized_name{suffix}': alias_prefix + alias.lower()})
|
||||
)
|
||||
|
||||
queryset = queryset if settings.DATABASES[queryset.db]["ENGINE"] == 'django.db.backends.postgresql' \
|
||||
else queryset.order_by("name")
|
||||
@ -211,7 +198,7 @@ class TemplateCategoryViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = TemplateCategory.objects.order_by('name')
|
||||
serializer_class = TemplateCategorySerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter]
|
||||
filterset_fields = ['name', 'templates', 'templates__name']
|
||||
search_fields = ['$name', '$templates__name', ]
|
||||
|
||||
@ -224,7 +211,7 @@ class TransactionTemplateViewSet(viewsets.ModelViewSet):
|
||||
"""
|
||||
queryset = TransactionTemplate.objects.order_by('name')
|
||||
serializer_class = TransactionTemplateSerializer
|
||||
filter_backends = [RegexSafeSearchFilter, DjangoFilterBackend, OrderingFilter]
|
||||
filter_backends = [SearchFilter, DjangoFilterBackend, OrderingFilter]
|
||||
filterset_fields = ['name', 'amount', 'display', 'category', 'category__name', ]
|
||||
search_fields = ['$name', '$category__name', ]
|
||||
ordering_fields = ['amount', ]
|
||||
@ -238,7 +225,7 @@ class TransactionViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = Transaction.objects.order_by('-created_at')
|
||||
serializer_class = TransactionPolymorphicSerializer
|
||||
filter_backends = [RegexSafeSearchFilter, DjangoFilterBackend, OrderingFilter]
|
||||
filter_backends = [SearchFilter, DjangoFilterBackend, OrderingFilter]
|
||||
filterset_fields = ['source', 'source_alias', 'source__alias__name', 'source__alias__normalized_name',
|
||||
'destination', 'destination_alias', 'destination__alias__name',
|
||||
'destination__alias__normalized_name', 'quantity', 'polymorphic_ctype', 'amount',
|
||||
|
||||
@ -1,13 +1,15 @@
|
||||
# Copyright (C) 2018-2024 by BDE ENS Paris-Saclay
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
from datetime import datetime
|
||||
|
||||
from bootstrap_datepicker_plus.widgets import DateTimePickerInput
|
||||
from django import forms
|
||||
from django.contrib.contenttypes.models import ContentType
|
||||
from django.forms import CheckboxSelectMultiple
|
||||
from django.utils.timezone import make_aware
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
from note_kfet.inputs import Autocomplete, AmountInput, DateTimePickerInput
|
||||
from note_kfet.inputs import Autocomplete, AmountInput
|
||||
|
||||
from .models import TransactionTemplate, NoteClub, Alias
|
||||
|
||||
|
||||
@ -18,6 +18,7 @@ def create_special_notes(apps, schema_editor):
|
||||
class Migration(migrations.Migration):
|
||||
dependencies = [
|
||||
('note', '0001_initial'),
|
||||
('logs', '0001_initial'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
|
||||
@ -0,0 +1,25 @@
|
||||
# Generated by Django 5.0.7 on 2024-07-11 09:24
|
||||
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('contenttypes', '0002_remove_content_type_name'),
|
||||
('note', '0006_trust'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AlterField(
|
||||
model_name='note',
|
||||
name='polymorphic_ctype',
|
||||
field=models.ForeignKey(editable=False, null=True, on_delete=django.db.models.deletion.CASCADE, related_name='polymorphic_%(app_label)s.%(class)s_set+', to='contenttypes.contenttype'),
|
||||
),
|
||||
migrations.AlterField(
|
||||
model_name='transaction',
|
||||
name='polymorphic_ctype',
|
||||
field=models.ForeignKey(editable=False, null=True, on_delete=django.db.models.deletion.CASCADE, related_name='polymorphic_%(app_label)s.%(class)s_set+', to='contenttypes.contenttype'),
|
||||
),
|
||||
]
|
||||
@ -9,7 +9,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
|
||||
name="{{ widget.name }}"
|
||||
{# Other attributes are loaded #}
|
||||
{% for name, value in widget.attrs.items %}
|
||||
{% ifnotequal value False %}{{ name }}{% ifnotequal value True %}="{{ value|stringformat:'s' }}"{% endifnotequal %}{% endifnotequal %}
|
||||
{% if value != False %}{{ name }}{% if value != True %}="{{ value|stringformat:'s' }}"{% endif %}{% endif %}
|
||||
{% endfor %}>
|
||||
<div class="input-group-append">
|
||||
<span class="input-group-text">€</span>
|
||||
|
||||
@ -13,7 +13,6 @@ from django.views.generic import CreateView, UpdateView, DetailView
|
||||
from django.urls import reverse_lazy
|
||||
from django_tables2 import SingleTableView
|
||||
from activity.models import Entry
|
||||
from api.viewsets import is_regex
|
||||
from permission.backends import PermissionBackend
|
||||
from permission.views import ProtectQuerysetMixin
|
||||
from note_kfet.inputs import AmountInput
|
||||
@ -90,15 +89,11 @@ class TransactionTemplateListView(ProtectQuerysetMixin, LoginRequiredMixin, Sing
|
||||
qs = super().get_queryset().distinct()
|
||||
if "search" in self.request.GET:
|
||||
pattern = self.request.GET["search"]
|
||||
|
||||
# Check if this is a valid regex. If not, we won't check regex
|
||||
valid_regex = is_regex(pattern)
|
||||
suffix = "__iregex" if valid_regex else "__icontains"
|
||||
qs = qs.filter(
|
||||
Q(**{f"name{suffix}": pattern})
|
||||
| Q(**{f"destination__club__name{suffix}": pattern})
|
||||
| Q(**{f"category__name{suffix}": pattern})
|
||||
| Q(**{f"description{suffix}": pattern})
|
||||
Q(name__iregex=pattern)
|
||||
| Q(destination__club__name__iregex=pattern)
|
||||
| Q(category__name__iregex=pattern)
|
||||
| Q(description__iregex=pattern)
|
||||
)
|
||||
|
||||
qs = qs.order_by('-display', 'category__name', 'destination__club__name', 'name')
|
||||
@ -228,10 +223,7 @@ class TransactionSearchView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView
|
||||
if "type" in data and data["type"]:
|
||||
transactions = transactions.filter(polymorphic_ctype__in=data["type"])
|
||||
if "reason" in data and data["reason"]:
|
||||
# Check if this is a valid regex. If not, we won't check regex
|
||||
valid_regex = is_regex(data["reason"])
|
||||
suffix = "__iregex" if valid_regex else "__istartswith"
|
||||
transactions = transactions.filter(Q(**{f"reason{suffix}": data["reason"]}))
|
||||
transactions = transactions.filter(reason__iregex=data["reason"])
|
||||
if "valid" in data and data["valid"]:
|
||||
transactions = transactions.filter(valid=data["valid"])
|
||||
if "amount_gte" in data and data["amount_gte"]:
|
||||
|
||||
@ -1,9 +1,9 @@
|
||||
# Copyright (C) 2018-2024 by BDE ENS Paris-Saclay
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
from django_filters.rest_framework import DjangoFilterBackend
|
||||
from api.filters import RegexSafeSearchFilter
|
||||
from api.viewsets import ReadOnlyProtectedModelViewSet
|
||||
from django_filters.rest_framework import DjangoFilterBackend
|
||||
from rest_framework.filters import SearchFilter
|
||||
|
||||
from .serializers import PermissionSerializer, RoleSerializer
|
||||
from ..models import Permission, Role
|
||||
@ -17,9 +17,9 @@ class PermissionViewSet(ReadOnlyProtectedModelViewSet):
|
||||
"""
|
||||
queryset = Permission.objects.order_by('id')
|
||||
serializer_class = PermissionSerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter]
|
||||
filterset_fields = ['model', 'type', 'query', 'mask', 'field', 'permanent', ]
|
||||
search_fields = ['$model__model', '$query', '$description', ]
|
||||
search_fields = ['$model__name', '$query', '$description', ]
|
||||
|
||||
|
||||
class RoleViewSet(ReadOnlyProtectedModelViewSet):
|
||||
@ -30,6 +30,6 @@ class RoleViewSet(ReadOnlyProtectedModelViewSet):
|
||||
"""
|
||||
queryset = Role.objects.order_by('id')
|
||||
serializer_class = RoleSerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter]
|
||||
filterset_fields = ['name', 'permissions', 'for_club', 'memberships__user', ]
|
||||
search_fields = ['$name', '$for_club__name', ]
|
||||
|
||||
@ -15,7 +15,6 @@ from django.views import View
|
||||
from django.views.generic import CreateView, TemplateView, DetailView
|
||||
from django.views.generic.edit import FormMixin
|
||||
from django_tables2 import SingleTableView
|
||||
from api.viewsets import is_regex
|
||||
from member.forms import ProfileForm
|
||||
from member.models import Membership, Club
|
||||
from note.models import SpecialTransaction, Alias
|
||||
@ -192,16 +191,11 @@ class FutureUserListView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTableVi
|
||||
if "search" in self.request.GET and self.request.GET["search"]:
|
||||
pattern = self.request.GET["search"]
|
||||
|
||||
# Check if this is a valid regex. If not, we won't check regex
|
||||
valid_regex = is_regex(pattern)
|
||||
suffix_username = "__iregex" if valid_regex else "__icontains"
|
||||
suffix = "__iregex" if valid_regex else "__istartswith"
|
||||
prefix = "^" if valid_regex else ""
|
||||
qs = qs.filter(
|
||||
Q(**{f"first_name{suffix}": pattern})
|
||||
| Q(**{f"last_name{suffix}": pattern})
|
||||
| Q(**{f"profile__section{suffix}": pattern})
|
||||
| Q(**{f"username{suffix_username}": prefix + pattern})
|
||||
Q(first_name__iregex=pattern)
|
||||
| Q(last_name__iregex=pattern)
|
||||
| Q(profile__section__iregex=pattern)
|
||||
| Q(username__iregex="^" + pattern)
|
||||
)
|
||||
|
||||
return qs
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
from django_filters.rest_framework import DjangoFilterBackend
|
||||
from api.filters import RegexSafeSearchFilter
|
||||
from rest_framework.filters import SearchFilter
|
||||
from api.viewsets import ReadProtectedModelViewSet
|
||||
|
||||
from .serializers import InvoiceSerializer, ProductSerializer, RemittanceTypeSerializer, RemittanceSerializer, \
|
||||
@ -18,7 +18,7 @@ class InvoiceViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = Invoice.objects.order_by('id')
|
||||
serializer_class = InvoiceSerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter]
|
||||
filterset_fields = ['bde', 'object', 'description', 'name', 'address', 'date', 'acquitted', 'locked', ]
|
||||
search_fields = ['$object', '$description', '$name', '$address', ]
|
||||
|
||||
@ -31,7 +31,7 @@ class ProductViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = Product.objects.order_by('invoice_id', 'id')
|
||||
serializer_class = ProductSerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter]
|
||||
filterset_fields = ['invoice', 'designation', 'quantity', 'amount', ]
|
||||
search_fields = ['$designation', '$invoice__object', ]
|
||||
|
||||
@ -44,7 +44,7 @@ class RemittanceTypeViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = RemittanceType.objects.order_by('id')
|
||||
serializer_class = RemittanceTypeSerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter]
|
||||
filterset_fields = ['note', ]
|
||||
search_fields = ['$note__special_type', ]
|
||||
|
||||
@ -57,7 +57,7 @@ class RemittanceViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = Remittance.objects.order_by('id')
|
||||
serializer_class = RemittanceSerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter]
|
||||
filterset_fields = ['date', 'remittance_type', 'comment', 'closed', 'transaction_proxies__transaction', ]
|
||||
search_fields = ['$remittance_type__note__special_type', '$comment', ]
|
||||
|
||||
@ -70,7 +70,7 @@ class SogeCreditViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = SogeCredit.objects.order_by('id')
|
||||
serializer_class = SogeCreditSerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter]
|
||||
filterset_fields = ['user', 'user__last_name', 'user__first_name', 'user__email', 'user__note__alias__name',
|
||||
'user__note__alias__normalized_name', 'transactions', 'credit_transaction', ]
|
||||
search_fields = ['$user__last_name', '$user__first_name', '$user__email', '$user__note__alias__name',
|
||||
|
||||
@ -0,0 +1,19 @@
|
||||
# Generated by Django 5.0.7 on 2024-07-11 09:24
|
||||
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('note', '0007_alter_note_polymorphic_ctype_and_more'),
|
||||
('treasury', '0008_auto_20240322_0045'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AlterField(
|
||||
model_name='sogecredit',
|
||||
name='transactions',
|
||||
field=models.ManyToManyField(blank=True, related_name='+', to='note.membershiptransaction', verbose_name='membership transactions'),
|
||||
),
|
||||
]
|
||||
@ -20,7 +20,6 @@ from django.views.generic import UpdateView, DetailView
|
||||
from django.views.generic.base import View, TemplateView
|
||||
from django.views.generic.edit import BaseFormView, DeleteView
|
||||
from django_tables2 import SingleTableView
|
||||
from api.viewsets import is_regex
|
||||
from note.models import SpecialTransaction, NoteSpecial, Alias
|
||||
from note_kfet.settings.base import BASE_DIR
|
||||
from permission.backends import PermissionBackend
|
||||
@ -412,16 +411,11 @@ class SogeCreditListView(LoginRequiredMixin, ProtectQuerysetMixin, SingleTableVi
|
||||
if "search" in self.request.GET:
|
||||
pattern = self.request.GET["search"]
|
||||
if pattern:
|
||||
# Check if this is a valid regex. If not, we won't check regex
|
||||
valid_regex = is_regex(pattern)
|
||||
suffix_alias = "__iregex" if valid_regex else "__icontains"
|
||||
suffix = "__iregex" if valid_regex else "__istartswith"
|
||||
prefix = "^" if valid_regex else ""
|
||||
qs = qs.filter(
|
||||
Q(**{f"user__first_name{suffix}": pattern})
|
||||
| Q(**{f"user__last_name{suffix}": pattern})
|
||||
| Q(**{f"user__note__alias__name{suffix_alias}": prefix + pattern})
|
||||
| Q(**{f"user__note__alias__normalized_name{suffix_alias}": prefix + Alias.normalize(pattern)})
|
||||
Q(user__first_name__iregex=pattern)
|
||||
| Q(user__last_name__iregex=pattern)
|
||||
| Q(user__note__alias__name__iregex="^" + pattern)
|
||||
| Q(user__note__alias__normalized_name__iregex="^" + Alias.normalize(pattern))
|
||||
)
|
||||
|
||||
if "valid" not in self.request.GET or not self.request.GET["valid"]:
|
||||
|
||||
@ -2,8 +2,7 @@
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
from django_filters.rest_framework import DjangoFilterBackend
|
||||
from rest_framework.filters import OrderingFilter
|
||||
from api.filters import RegexSafeSearchFilter
|
||||
from rest_framework.filters import OrderingFilter, SearchFilter
|
||||
from api.viewsets import ReadProtectedModelViewSet
|
||||
|
||||
from .serializers import WEIClubSerializer, BusSerializer, BusTeamSerializer, WEIRoleSerializer, \
|
||||
@ -19,7 +18,7 @@ class WEIClubViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = WEIClub.objects.order_by('id')
|
||||
serializer_class = WEIClubSerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter]
|
||||
filterset_fields = ['name', 'year', 'date_start', 'date_end', 'email', 'note__alias__name',
|
||||
'note__alias__normalized_name', 'parent_club', 'parent_club__name', 'require_memberships',
|
||||
'membership_fee_paid', 'membership_fee_unpaid', 'membership_duration', 'membership_start',
|
||||
@ -35,7 +34,7 @@ class BusViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = Bus.objects.order_by('id')
|
||||
serializer_class = BusSerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter]
|
||||
filterset_fields = ['name', 'wei', 'description', ]
|
||||
search_fields = ['$name', '$wei__name', '$description', ]
|
||||
|
||||
@ -48,7 +47,7 @@ class BusTeamViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = BusTeam.objects.order_by('id')
|
||||
serializer_class = BusTeamSerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter]
|
||||
filterset_fields = ['name', 'bus', 'color', 'description', 'bus__wei', ]
|
||||
search_fields = ['$name', '$bus__name', '$bus__wei__name', '$description', ]
|
||||
|
||||
@ -61,7 +60,7 @@ class WEIRoleViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = WEIRole.objects.order_by('id')
|
||||
serializer_class = WEIRoleSerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter]
|
||||
filterset_fields = ['name', 'permissions', 'memberships', ]
|
||||
search_fields = ['$name', ]
|
||||
|
||||
@ -74,7 +73,7 @@ class WEIRegistrationViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = WEIRegistration.objects.order_by('id')
|
||||
serializer_class = WEIRegistrationSerializer
|
||||
filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, SearchFilter]
|
||||
filterset_fields = ['user', 'user__username', 'user__first_name', 'user__last_name', 'user__email',
|
||||
'user__note__alias__name', 'user__note__alias__normalized_name', 'wei', 'wei__name',
|
||||
'wei__email', 'wei__year', 'soge_credit', 'caution_check', 'birth_date', 'gender',
|
||||
@ -93,7 +92,7 @@ class WEIMembershipViewSet(ReadProtectedModelViewSet):
|
||||
"""
|
||||
queryset = WEIMembership.objects.order_by('id')
|
||||
serializer_class = WEIMembershipSerializer
|
||||
filter_backends = [DjangoFilterBackend, OrderingFilter, RegexSafeSearchFilter]
|
||||
filter_backends = [DjangoFilterBackend, OrderingFilter, SearchFilter]
|
||||
filterset_fields = ['club__name', 'club__email', 'club__note__alias__name',
|
||||
'club__note__alias__normalized_name', 'user__username', 'user__last_name',
|
||||
'user__first_name', 'user__email', 'user__note__alias__name',
|
||||
|
||||
@ -1,13 +1,14 @@
|
||||
# Copyright (C) 2018-2024 by BDE ENS Paris-Saclay
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
from bootstrap_datepicker_plus.widgets import DatePickerInput
|
||||
from django import forms
|
||||
from django.contrib.auth.models import User
|
||||
from django.db.models import Q
|
||||
from django.forms import CheckboxSelectMultiple
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
from note.models import NoteSpecial, NoteUser
|
||||
from note_kfet.inputs import AmountInput, DatePickerInput, Autocomplete, ColorWidget
|
||||
from note_kfet.inputs import AmountInput, Autocomplete, ColorWidget
|
||||
|
||||
from ..models import WEIClub, WEIRegistration, Bus, BusTeam, WEIMembership, WEIRole
|
||||
|
||||
|
||||
@ -439,7 +439,7 @@ class TestWEIRegistration(TestCase):
|
||||
emergency_contact_phone='+33123456789',
|
||||
))
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertTrue("This user can't be in her/his first year since he/she has already participated to a WEI."
|
||||
self.assertTrue("This user can't be in her/his first year since he/she has already participated to a WEI."
|
||||
in str(response.context["form"].errors))
|
||||
|
||||
# Check that if the WEI is started, we can't register anyone
|
||||
@ -635,7 +635,7 @@ class TestWEIRegistration(TestCase):
|
||||
))
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertFalse(response.context["form"].is_valid())
|
||||
self.assertTrue("This team doesn't belong to the given bus." in str(response.context["form"].errors))
|
||||
self.assertTrue("This team doesn't belong to the given bus." in str(response.context["form"].errors))
|
||||
|
||||
response = self.client.post(reverse("wei:validate_registration", kwargs=dict(pk=self.registration.pk)), dict(
|
||||
roles=[WEIRole.objects.get(name="GC WEI").id],
|
||||
|
||||
@ -23,7 +23,6 @@ from django.views.generic import DetailView, UpdateView, RedirectView, TemplateV
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
from django.views.generic.edit import BaseFormView, DeleteView
|
||||
from django_tables2 import SingleTableView
|
||||
from api.viewsets import is_regex
|
||||
from member.models import Membership, Club
|
||||
from note.models import Transaction, NoteClub, Alias, SpecialTransaction, NoteSpecial
|
||||
from note.tables import HistoryTable
|
||||
@ -220,18 +219,13 @@ class WEIMembershipsView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTableVi
|
||||
if not pattern:
|
||||
return qs.none()
|
||||
|
||||
# Check if this is a valid regex. If not, we won't check regex
|
||||
valid_regex = is_regex(pattern)
|
||||
suffix_alias = "__iregex" if valid_regex else "__istartswith"
|
||||
suffix = "__iregex" if valid_regex else "__icontains"
|
||||
prefix = "^" if valid_regex else ""
|
||||
qs = qs.filter(
|
||||
Q(**{f"user__first_name{suffix}": pattern})
|
||||
| Q(**{f"user__last_name{suffix}": pattern})
|
||||
| Q(**{f"user__note__alias__name{suffix_alias}": prefix + pattern})
|
||||
| Q(**{f"user__note__alias__normalized_name{suffix_alias}": prefix + Alias.normalize(pattern)})
|
||||
| Q(**{f"bus__name{suffix}": pattern})
|
||||
| Q(**{f"team__name{suffix}": pattern})
|
||||
Q(user__first_name__iregex=pattern)
|
||||
| Q(user__last_name__iregex=pattern)
|
||||
| Q(user__note__alias__name__iregex="^" + pattern)
|
||||
| Q(user__note__alias__normalized_name__iregex="^" + Alias.normalize(pattern))
|
||||
| Q(bus__name__iregex=pattern)
|
||||
| Q(team__name__iregex=pattern)
|
||||
)
|
||||
|
||||
return qs
|
||||
@ -261,16 +255,11 @@ class WEIRegistrationsView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTable
|
||||
pattern = self.request.GET.get("search", "")
|
||||
|
||||
if pattern:
|
||||
# Check if this is a valid regex. If not, we won't check regex
|
||||
valid_regex = is_regex(pattern)
|
||||
suffix_alias = "__iregex" if valid_regex else "__istartswith"
|
||||
suffix = "__iregex" if valid_regex else "__icontains"
|
||||
prefix = "^" if valid_regex else ""
|
||||
qs = qs.filter(
|
||||
Q(**{f"user__first_name{suffix}": pattern})
|
||||
| Q(**{f"user__last_name{suffix}": pattern})
|
||||
| Q(**{f"user__note__alias__name{suffix_alias}": prefix + pattern})
|
||||
| Q(**{f"user__note__alias__normalized_name{suffix_alias}": prefix + Alias.normalize(pattern)})
|
||||
Q(user__first_name__iregex=pattern)
|
||||
| Q(user__last_name__iregex=pattern)
|
||||
| Q(user__note__alias__name__iregex="^" + pattern)
|
||||
| Q(user__note__alias__normalized_name__iregex="^" + Alias.normalize(pattern))
|
||||
)
|
||||
|
||||
return qs
|
||||
|
||||
@ -25,19 +25,13 @@ admin_site.register(Site, SiteAdmin)
|
||||
|
||||
# Add external apps model
|
||||
if "oauth2_provider" in settings.INSTALLED_APPS:
|
||||
from oauth2_provider.admin import Application, ApplicationAdmin, Grant, \
|
||||
GrantAdmin, AccessToken, AccessTokenAdmin, RefreshToken, RefreshTokenAdmin
|
||||
from oauth2_provider.admin import ApplicationAdmin, GrantAdmin, AccessTokenAdmin, RefreshTokenAdmin
|
||||
from oauth2_provider.models import Application, Grant, AccessToken, RefreshToken
|
||||
admin_site.register(Application, ApplicationAdmin)
|
||||
admin_site.register(Grant, GrantAdmin)
|
||||
admin_site.register(AccessToken, AccessTokenAdmin)
|
||||
admin_site.register(RefreshToken, RefreshTokenAdmin)
|
||||
|
||||
if "django_htcpcp_tea" in settings.INSTALLED_APPS:
|
||||
from django_htcpcp_tea.admin import *
|
||||
from django_htcpcp_tea.models import *
|
||||
admin_site.register(Pot, PotAdmin)
|
||||
admin_site.register(TeaType, TeaTypeAdmin)
|
||||
admin_site.register(Addition, AdditionAdmin)
|
||||
|
||||
if "mailer" in settings.INSTALLED_APPS:
|
||||
from mailer.admin import *
|
||||
@ -50,9 +44,3 @@ if "rest_framework" in settings.INSTALLED_APPS:
|
||||
from rest_framework.authtoken.admin import *
|
||||
from rest_framework.authtoken.models import *
|
||||
admin_site.register(Token, TokenAdmin)
|
||||
|
||||
if "cas_server" in settings.INSTALLED_APPS:
|
||||
from cas_server.admin import *
|
||||
from cas_server.models import *
|
||||
admin_site.register(ServicePattern, ServicePatternAdmin)
|
||||
admin_site.register(FederatedIendityProvider, FederatedIendityProviderAdmin)
|
||||
|
||||
@ -41,7 +41,7 @@ INSTALLED_APPS = [
|
||||
'bootstrap_datepicker_plus',
|
||||
'colorfield',
|
||||
'crispy_forms',
|
||||
'django_htcpcp_tea',
|
||||
'crispy_bootstrap4',
|
||||
'django_tables2',
|
||||
'mailer',
|
||||
'phonenumber_field',
|
||||
@ -90,7 +90,6 @@ MIDDLEWARE = [
|
||||
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
||||
'django.middleware.locale.LocaleMiddleware',
|
||||
'django.contrib.sites.middleware.CurrentSiteMiddleware',
|
||||
'django_htcpcp_tea.middleware.HTCPCPTeaMiddleware',
|
||||
'note_kfet.middlewares.SessionMiddleware',
|
||||
'note_kfet.middlewares.LoginByIPMiddleware',
|
||||
'note_kfet.middlewares.TurbolinksMiddleware',
|
||||
@ -295,3 +294,6 @@ PHONENUMBER_DEFAULT_REGION = 'FR'
|
||||
|
||||
# We add custom information to CAS, in order to give a normalized name to other services
|
||||
CAS_AUTH_CLASS = 'member.auth.CustomAuthUser'
|
||||
|
||||
# Default field for primary key
|
||||
DEFAULT_AUTO_FIELD = "django.db.models.AutoField"
|
||||
|
||||
@ -8,7 +8,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
|
||||
{% if widget.value != None and widget.value != "" %}value="{{ widget.value }}"{% endif %}
|
||||
name="{{ widget.name }}_name" autocomplete="off"
|
||||
{% for name, value in widget.attrs.items %}
|
||||
{% ifnotequal value False %}{{ name }}{% ifnotequal value True %}="{{ value|stringformat:'s' }}"{% endifnotequal %}{% endifnotequal %}
|
||||
{% if value != False %}{{ name }}{% if value != True %}="{{ value|stringformat:'s' }}"{% endif %}{% endif %}
|
||||
{% endfor %}
|
||||
aria-describedby="{{widget.attrs.id}}_tooltip">
|
||||
{% if widget.resetable %}
|
||||
|
||||
@ -126,9 +126,12 @@ SPDX-License-Identifier: GPL-3.0-or-later
|
||||
<a class="dropdown-item" href="{% url 'member:user_detail' pk=request.user.pk %}">
|
||||
<i class="fa fa-user"></i> {% trans "My account" %}
|
||||
</a>
|
||||
<a class="dropdown-item" href="{% url 'logout' %}">
|
||||
<form method="post" action="{% url 'logout' %}">
|
||||
{% csrf_token %}
|
||||
<button class="dropdown-item" type="submit">
|
||||
<i class="fa fa-sign-out"></i> {% trans "Log out" %}
|
||||
</a>
|
||||
</button>
|
||||
</form>
|
||||
</div>
|
||||
</li>
|
||||
{% else %}
|
||||
|
||||
@ -30,9 +30,6 @@ urlpatterns = [
|
||||
path('accounts/', include('django.contrib.auth.urls')),
|
||||
path('api/', include('api.urls')),
|
||||
path('permission/', include('permission.urls')),
|
||||
|
||||
# Make coffee
|
||||
path('coffee/', include('django_htcpcp_tea.urls')),
|
||||
]
|
||||
|
||||
# During development, serve static and media files
|
||||
@ -46,11 +43,6 @@ if "oauth2_provider" in settings.INSTALLED_APPS:
|
||||
path('o/', include('oauth2_provider.urls', namespace='oauth2_provider'))
|
||||
)
|
||||
|
||||
if "cas_server" in settings.INSTALLED_APPS:
|
||||
urlpatterns.append(
|
||||
path('cas/', include('cas_server.urls', namespace='cas_server'))
|
||||
)
|
||||
|
||||
if "debug_toolbar" in settings.INSTALLED_APPS:
|
||||
import debug_toolbar
|
||||
urlpatterns = [
|
||||
|
||||
@ -1,19 +1,17 @@
|
||||
beautifulsoup4~=4.7.1
|
||||
Django~=2.2.15
|
||||
django-bootstrap-datepicker-plus~=3.0.5
|
||||
django-cas-server~=1.2.0
|
||||
django-colorfield~=0.3.2
|
||||
django-crispy-forms~=1.7.2
|
||||
django-extensions>=2.1.4
|
||||
django-filter~=2.1
|
||||
django-htcpcp-tea~=0.3.1
|
||||
django-mailer~=2.0.1
|
||||
django-oauth-toolkit~=1.3.3
|
||||
django-phonenumber-field~=5.0.0
|
||||
django-polymorphic>=2.0.3,<3.0.0
|
||||
djangorestframework>=3.9.0,<3.13.0
|
||||
django-rest-polymorphic~=0.1.9
|
||||
django-tables2~=2.3.1
|
||||
python-memcached~=1.59
|
||||
phonenumbers~=8.9.10
|
||||
beautifulsoup4~=4.12.3
|
||||
crispy-bootstrap4~=2024.1
|
||||
Django~=5.0.7
|
||||
django-bootstrap-datepicker-plus~=5.0.5
|
||||
django-colorfield~=0.11.0
|
||||
django-crispy-forms~=2.2
|
||||
django-extensions~=3.2.3
|
||||
django-filter~=24.2
|
||||
django-mailer~=2.3.2
|
||||
django-oauth-toolkit~=2.4.0
|
||||
django-phonenumber-field~=8.0.0
|
||||
django-polymorphic~=3.1.0
|
||||
django-rest-polymorphic~=0.1.10
|
||||
django-tables2~=2.7.0
|
||||
djangorestframework~=3.15.2
|
||||
phonenumbers~=8.13.40
|
||||
Pillow>=5.4.1
|
||||
|
||||
Reference in New Issue
Block a user