aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrea Lepori <alepori@student.ethz.ch>2022-03-23 19:24:09 +0100
committerAndrea Lepori <alepori@student.ethz.ch>2022-03-23 19:24:21 +0100
commit7dfc0383561cb9f13282e7779b919f5b17859f86 (patch)
treed2f3ed554dfd259025845c7f93e02254e1a8beb3
parentinitial support of user switcher (diff)
parentin case of error redirect to home page (diff)
downloadscout-subs-7dfc0383561cb9f13282e7779b919f5b17859f86.tar.gz
scout-subs-7dfc0383561cb9f13282e7779b919f5b17859f86.zip
Merge branch 'master' into dev
-rw-r--r--CHANGELOG.md8
-rw-r--r--accounts/templates/accounts/index.html15
-rw-r--r--accounts/templates/accounts/terms.html6
-rw-r--r--accounts/views.py18
-rw-r--r--client/migrations/0014_auto_20220111_1503.py38
-rw-r--r--client/models.py10
-rw-r--r--client/templates/client/approve_doc_pdf.html5
-rw-r--r--client/templates/client/doc_create.html18
-rw-r--r--client/templates/client/doc_edit.html14
-rw-r--r--client/templates/client/index.html2
-rw-r--r--client/views.py16
-rw-r--r--requirements.txt1
-rw-r--r--server/templates/server/doc_list.html2
-rw-r--r--server/templates/server/doc_type.html2
-rw-r--r--server/views.py6
-rw-r--r--templates/registration/base_client.html9
-rw-r--r--version.txt4
17 files changed, 137 insertions, 37 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index eae250a..4a59998 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,11 @@
+# 0.5 (21 jan 2022)
+- Bug: users of other groups also visible in user list
+- Show warning if some account fields are empty
+- Implementation of oauth login using midata/hitobito
+- New settings tab in profile page
+- Password change
+- Multiple choice for custom parameters
+
# 0.4 (23 set 2021)
- Bug: emergency document list visible also to non "capi"
- Overall performance improvements leveraging SQL queries
diff --git a/accounts/templates/accounts/index.html b/accounts/templates/accounts/index.html
index 2a21cbe..563de89 100644
--- a/accounts/templates/accounts/index.html
+++ b/accounts/templates/accounts/index.html
@@ -17,7 +17,14 @@
{% endblock%}
{% block content %}
-<form action="{% url 'personal'%}" method="post" id="form1" enctype="multipart/form-data">
+<div class="tap-target {{color}}" data-target="home_btn">
+ <div class="tap-target-content">
+ <h5 style="color:white">Continua l'attivazione</h5>
+ <p style="color:white">Usa questo pulsante per tornare alla home e continuare il processo d'attivazione</p>
+ </div>
+</div>
+
+<form action="{% url 'personal'%}?saved=true" method="post" id="form1" enctype="multipart/form-data">
<div id="personal" class="row">
<div class="col l8 offset-l2 s12">
<div class="card-panel">
@@ -54,7 +61,7 @@
<option value="posto" {{branca_pionieri}}>Pionieri</option>
<option value="clan" {{branca_rover}}>Rover</option>
</select>
- <label>Branca</label>
+ <label>Branca (campo non modificabile)</label>
</div>
<div class="input-field col l4 s12">
<input value="{{parent_name}}" name="parent_name" id="parent_name" type="text" {{validation_dic.parent_name|safe}}>
@@ -456,12 +463,16 @@ $(document).ready(function() {
$('.datepicker').datepicker(options);
$('.tabs').tabs();
$('select').formSelect();
+ $('.tap-target').tapTarget();
{% for error in errors %}
M.toast({html: '{{ error }}', classes: 'orange'})
{% endfor %}
{% if ok_message %}
M.toast({html: '{{ ok_message }}', classes: 'green'})
{% endif %}
+ {% if home_tooltip %}
+ $('.tap-target').tapTarget('open');
+ {% endif %}
document.getElementById("vac_certificate").onchange = function() {
for (i=0; i < this.files.length; i++) {
if(this.files[i].size > 1048576*10) {
diff --git a/accounts/templates/accounts/terms.html b/accounts/templates/accounts/terms.html
index 8b4443b..e7de26b 100644
--- a/accounts/templates/accounts/terms.html
+++ b/accounts/templates/accounts/terms.html
@@ -12,9 +12,11 @@
<div class="card">
<div class="card-content">
<h5>Termini e condizioni</h5>
+ <h6>Trattamento dei dati</h6>
<blockquote>
- Creando un account accetti e comprendi i seguenti termini: <br>
- Tutti i dati inseriti all'interno del sistema verranno condivisi con la persona a capo del gruppo di cui fai parte.
+ Tutti i dati inseriti verranno trattati in maniera confidenziale
+ e condivisi con i responsabili della sezione scout. I quali
+ li useranno per scopi organizzativi e non li condivideranno con terze parti.
</blockquote>
</div>
</div>
diff --git a/accounts/views.py b/accounts/views.py
index e9d2bfe..9f7c9b3 100644
--- a/accounts/views.py
+++ b/accounts/views.py
@@ -29,6 +29,13 @@ from pdf2image.exceptions import (
PDFSyntaxError
)
+# suppress warning about dateparser deprecated dependencies
+import warnings
+warnings.filterwarnings(
+ "ignore",
+ message="The localize method is no longer necessary, as this time zone supports the fold attribute",
+)
+
oauth = OAuth()
hitobito = oauth.register(name="hitobito")
api_url = settings.AUTHLIB_OAUTH_CLIENTS["hitobito"]["api_url"]
@@ -578,7 +585,7 @@ def personal_wrapper(request, errors):
# if there wasn't any error redirect to clear POST
if len(errors) == 0:
- return HttpResponseRedirect("")
+ return HttpResponseRedirect(request.get_full_path())
else:
# no post, create empty validation
@@ -636,10 +643,16 @@ def personal_wrapper(request, errors):
if midata_user:
midata_disable = " readonly disabled"
if not copy_from_midata(request, usercode):
- return HttpResponseRedirect(request.path_info)
+ return HttpResponseRedirect(request.get_full_path())
usable_password = request.user.has_usable_password()
+ # check if user has saved the form
+ home_tooltip = False
+ if "saved" in request.GET:
+ # show tooltip only if user is not approved and there are no errors
+ home_tooltip = (not request.user.has_perm("client.approved")) and (len(errors) == 0)
+
# fill context
context = {
'validation_dic': validation_dic,
@@ -693,6 +706,7 @@ def personal_wrapper(request, errors):
'settings_active': settings_active,
'personal_active': personal_active,
'midata_enabled': MIDATA_ENABLED,
+ 'home_tooltip': home_tooltip,
}
return render(request, 'accounts/index.html', context)
diff --git a/client/migrations/0014_auto_20220111_1503.py b/client/migrations/0014_auto_20220111_1503.py
new file mode 100644
index 0000000..99c7c18
--- /dev/null
+++ b/client/migrations/0014_auto_20220111_1503.py
@@ -0,0 +1,38 @@
+# Generated by Django 3.1.4 on 2022-01-11 14:03
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+ dependencies = [
+ ('client', '0013_keys_key_extra'),
+ ]
+
+ operations = [
+ migrations.AlterField(
+ model_name='documenttype',
+ name='custom_message_text',
+ field=models.CharField(default='', max_length=2048),
+ ),
+ migrations.AlterField(
+ model_name='keys',
+ name='key',
+ field=models.CharField(db_index=True, max_length=2048),
+ ),
+ migrations.AlterField(
+ model_name='keys',
+ name='key_extra',
+ field=models.CharField(default='', max_length=2048),
+ ),
+ migrations.AlterField(
+ model_name='keyval',
+ name='key',
+ field=models.CharField(db_index=True, max_length=2048),
+ ),
+ migrations.AlterField(
+ model_name='keyval',
+ name='value',
+ field=models.CharField(db_index=True, max_length=2048),
+ ),
+ ]
diff --git a/client/models.py b/client/models.py
index cd3cf88..e01fe1f 100644
--- a/client/models.py
+++ b/client/models.py
@@ -15,7 +15,7 @@ class DocumentType(models.Model):
medical_data = models.BooleanField(default=False)
custom_data = models.BooleanField(default=False)
custom_message = models.BooleanField(default=False)
- custom_message_text = models.CharField(default="", max_length=250)
+ custom_message_text = models.CharField(default="", max_length=2048)
staff_only = models.BooleanField(default=False)
max_instances = models.IntegerField(default=0)
name = models.CharField(default="", max_length=250)
@@ -88,15 +88,15 @@ class Document(models.Model):
class KeyVal(models.Model):
container = models.ForeignKey(
Document, db_index=True, on_delete=models.CASCADE)
- key = models.CharField(max_length=240, db_index=True)
- value = models.CharField(max_length=240, db_index=True)
+ key = models.CharField(max_length=2048, db_index=True)
+ value = models.CharField(max_length=2048, db_index=True)
class Keys(models.Model):
container = models.ForeignKey(
DocumentType, db_index=True, on_delete=models.CASCADE)
- key = models.CharField(max_length=240, db_index=True)
- key_extra = models.CharField(max_length=1024, default="")
+ key = models.CharField(max_length=2048, db_index=True)
+ key_extra = models.CharField(max_length=2048, default="")
class UserCode(models.Model):
diff --git a/client/templates/client/approve_doc_pdf.html b/client/templates/client/approve_doc_pdf.html
index 3ed4d86..db1478e 100644
--- a/client/templates/client/approve_doc_pdf.html
+++ b/client/templates/client/approve_doc_pdf.html
@@ -29,15 +29,12 @@
<br>
<br>
Inoltre accetto e prendo nota della seguente clausula aggiuntiva: <br>
- {{doc.document_type.custom_message_text}}
+ {{doc.document_type.custom_message_text | linebreaksbr}}
{% endif %}
</p>
</div>
</div>
<br><br><br><br>
- <br><br><br><br>
- <br><br><br><br>
- <br><br><br><br>
<div class="row">
<div class="col s4 offset-s1">
<div class="input-field">
diff --git a/client/templates/client/doc_create.html b/client/templates/client/doc_create.html
index ce5f39d..71bdbbe 100644
--- a/client/templates/client/doc_create.html
+++ b/client/templates/client/doc_create.html
@@ -98,9 +98,9 @@
<div class="row">
<div class="col s12">
<div class="card {{color}}">
- <div class="card-content">
- <p style="color:white"><b>
- {{custom_message_text}}
+ <div class="card-content" style="color:white">
+ <p><b>
+ {{custom_message_text | linebreaksbr}}
</b></p>
</div>
</div>
@@ -135,6 +135,18 @@
{% endif %}
<div class="row">
<div class="col s12">
+ <div class="card red">
+ <div class="card-content">
+ <p style="color:white"><b>
+ Attenzione: il documento non sarĂ  valido fino a quando non viene approvato. Selezionare
+ il documento dalla pagina principale per approvarlo.
+ </b></p>
+ </div>
+ </div>
+ </div>
+ </div>
+ <div class="row">
+ <div class="col s12">
<br>
<a class="btn waves-effect waves-light {{color}}" onclick="window.history.back();" >
<i class="material-icons left">navigate_before</i>Indietro
diff --git a/client/templates/client/doc_edit.html b/client/templates/client/doc_edit.html
index a9cc056..40deb26 100644
--- a/client/templates/client/doc_edit.html
+++ b/client/templates/client/doc_edit.html
@@ -56,7 +56,7 @@
<div class="card {{color}}">
<div class="card-content">
<p style="color:white"><b>
- {{custom_message_text}}
+ {{custom_message_text | linebreaksbr}}
</b></p>
</div>
</div>
@@ -98,6 +98,18 @@
{% endif %}
<div class="row">
<div class="col s12">
+ <div class="card red">
+ <div class="card-content">
+ <p style="color:white"><b>
+ Attenzione: il documento non sarĂ  valido fino a quando non viene approvato. Selezionare
+ il documento dalla pagina principale per approvarlo.
+ </b></p>
+ </div>
+ </div>
+ </div>
+ </div>
+ <div class="row">
+ <div class="col s12">
<br>
<a class="btn waves-effect waves-light {{color}}" onclick="window.history.back();" >
<i class="material-icons left">navigate_before</i>Indietro
diff --git a/client/templates/client/index.html b/client/templates/client/index.html
index e31ce34..1885dd1 100644
--- a/client/templates/client/index.html
+++ b/client/templates/client/index.html
@@ -76,7 +76,7 @@
<br>
<br>
Inoltre accetto e prendo nota della seguente clausula aggiuntiva: <br>
- {{doc.document_type.custom_message_text}}
+ {{doc.document_type.custom_message_text | linebreaksbr}}
{% endif %}
<br>
<br>
diff --git a/client/views.py b/client/views.py
index 04ebaf9..086c1ba 100644
--- a/client/views.py
+++ b/client/views.py
@@ -61,10 +61,10 @@ def index(request):
# check if document is valid to modify
if document.user != request.user:
- return
+ return HttpResponseRedirect("/")
if document.status == "ok" or document.status == "archive":
- return
+ return HttpResponseRedirect("/")
# execute action
if request.POST["action"][0] == 'f':
@@ -184,22 +184,22 @@ def create(request):
if document_type.max_instances != 0:
if len(Document.objects.filter(document_type=document_type)) - len(Document.objects.filter(document_type=document_type, status="archive")) >= document_type.max_instances:
# there aren't user is cheating
- return
+ return HttpResponseRedirect("/")
# check if user has permission to use that type
if document_type.staff_only and not request.user.is_staff and "capi" not in request.user.groups.values_list('name', flat = True):
# user is cheating abort
- return
+ return HttpResponseRedirect("/")
if not document_type.custom_group and document_type.group.name not in request.user.groups.values_list('name', flat=True):
# user is cheating abort
- return
+ return HttpResponseRedirect("/")
# get list of docs with that type
current_docs = Document.objects.filter(user=request.user).filter(document_type=document_type)
if len(current_docs) > 0:
# if there is already a document with that type abort (user is cheating)
- return
+ return HttpResponseRedirect("/")
# set default values
code = 0
@@ -267,12 +267,12 @@ def edit_wrapper(request, context):
# check if user has permission
if document.user != request.user:
- return
+ return HttpResponseRedirect("/")
# check if document is editable
if document.status != "wait" and document.status != "autosign":
# user is cheating
- return
+ return HttpResponseRedirect("/")
# update compilation date
document.compilation_date = pytz.timezone('Europe/Zurich').localize(datetime.now())
diff --git a/requirements.txt b/requirements.txt
index e442da7..62c7159 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -6,3 +6,4 @@ pytz
pdf2image
django-debug-toolbar
requests
+authlib
diff --git a/server/templates/server/doc_list.html b/server/templates/server/doc_list.html
index 736fdd4..5b898ec 100644
--- a/server/templates/server/doc_list.html
+++ b/server/templates/server/doc_list.html
@@ -508,7 +508,7 @@ $('#chips_owner').chips({
autocompleteOptions: {
data: {
{% for user in users %}
- '{{user.username}} ({{user.first_name}} {{user.last_name}})': null,
+ '{{user.user__username}} ({{user.user__first_name}} {{user.user__last_name}})': null,
{% endfor %}
},
limit: Infinity,
diff --git a/server/templates/server/doc_type.html b/server/templates/server/doc_type.html
index 8b2131d..4f8fe6f 100644
--- a/server/templates/server/doc_type.html
+++ b/server/templates/server/doc_type.html
@@ -213,7 +213,7 @@
<i class="material-icons">message</i>Messaggio aggiuntivo
</div>
<div class="collapsible-body"><span>
- {{doctype.custom_message_text}}
+ {{doctype.custom_message_text | linebreaksbr}}
</span></div>
</li>
{% endif %}
diff --git a/server/views.py b/server/views.py
index 0e032f0..c91db1e 100644
--- a/server/views.py
+++ b/server/views.py
@@ -1472,11 +1472,13 @@ def data_request(request):
if "request" not in request.POST.keys():
context["error"] = "Selezionare una richesta"
elif request.POST["request"] == "email_all":
- users_email = User.objects.filter(groups__name=parent_group).values_list("email", flat=True)
+ perm = Permission.objects.get(codename="approved")
+ users_email = User.objects.filter(groups__name=parent_group, user_permissions=perm).values_list("email", flat=True)
data = ", ".join(users_email)
context["data"] = data
elif request.POST["request"] == "email_non_staff":
- users_email = User.objects.filter(groups__name=parent_group).exclude(groups__name="capi").values_list("email", flat=True)
+ perm = Permission.objects.get(codename="approved")
+ users_email = User.objects.filter(groups__name=parent_group, user_permission=perm).exclude(groups__name="capi").values_list("email", flat=True)
data = ", ".join(users_email)
context["data"] = data
elif request.POST["request"] == "data_user":
diff --git a/templates/registration/base_client.html b/templates/registration/base_client.html
index 8543852..b14ffcd 100644
--- a/templates/registration/base_client.html
+++ b/templates/registration/base_client.html
@@ -88,6 +88,10 @@
border-bottom: none;
box-shadow: 0 1px 0 0 #9e9e9e;
}
+
+ .breadcrumb:last-child {
+ color: {{hexcolor}}
+ }
</style>
<meta name="viewport" content="width=device-width, initial-scale=1.0"/>
<meta charset="utf-8">
@@ -99,9 +103,8 @@
{% csrf_token %}
<input type="hidden" name="metadata" id="metadata">
<div class="nav-wrapper {{color}}">
- <a style="margin-left: 10px;" href="{% url 'index' %}" class="breadcrumb hide-on-small-only">Home</a>
- <ul class="left hide-on-med-and-up">
- <li><a href="{% url 'index' %}"><i class="material-icons">home</i></a></li>
+ <ul class="left">
+ <li><a id="home_btn" href="{% url 'index' %}"><i class="material-icons">home</i></a></li>
</ul>
{% block breadcrumb %}
{% endblock %}
diff --git a/version.txt b/version.txt
index 4df8563..d689165 100644
--- a/version.txt
+++ b/version.txt
@@ -1,2 +1,2 @@
-version=0.4
-rev=23
+version=0.4
+rev=24