diff options
author | Andrea Lepori <alepori@student.ethz.ch> | 2022-03-23 19:24:09 +0100 |
---|---|---|
committer | Andrea Lepori <alepori@student.ethz.ch> | 2022-03-23 19:24:21 +0100 |
commit | 7dfc0383561cb9f13282e7779b919f5b17859f86 (patch) | |
tree | d2f3ed554dfd259025845c7f93e02254e1a8beb3 | |
parent | initial support of user switcher (diff) | |
parent | in case of error redirect to home page (diff) | |
download | scout-subs-7dfc0383561cb9f13282e7779b919f5b17859f86.tar.gz scout-subs-7dfc0383561cb9f13282e7779b919f5b17859f86.zip |
Merge branch 'master' into dev
-rw-r--r-- | CHANGELOG.md | 8 | ||||
-rw-r--r-- | accounts/templates/accounts/index.html | 15 | ||||
-rw-r--r-- | accounts/templates/accounts/terms.html | 6 | ||||
-rw-r--r-- | accounts/views.py | 18 | ||||
-rw-r--r-- | client/migrations/0014_auto_20220111_1503.py | 38 | ||||
-rw-r--r-- | client/models.py | 10 | ||||
-rw-r--r-- | client/templates/client/approve_doc_pdf.html | 5 | ||||
-rw-r--r-- | client/templates/client/doc_create.html | 18 | ||||
-rw-r--r-- | client/templates/client/doc_edit.html | 14 | ||||
-rw-r--r-- | client/templates/client/index.html | 2 | ||||
-rw-r--r-- | client/views.py | 16 | ||||
-rw-r--r-- | requirements.txt | 1 | ||||
-rw-r--r-- | server/templates/server/doc_list.html | 2 | ||||
-rw-r--r-- | server/templates/server/doc_type.html | 2 | ||||
-rw-r--r-- | server/views.py | 6 | ||||
-rw-r--r-- | templates/registration/base_client.html | 9 | ||||
-rw-r--r-- | version.txt | 4 |
17 files changed, 137 insertions, 37 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index eae250a..4a59998 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,11 @@ +# 0.5 (21 jan 2022) +- Bug: users of other groups also visible in user list +- Show warning if some account fields are empty +- Implementation of oauth login using midata/hitobito +- New settings tab in profile page +- Password change +- Multiple choice for custom parameters + # 0.4 (23 set 2021) - Bug: emergency document list visible also to non "capi" - Overall performance improvements leveraging SQL queries diff --git a/accounts/templates/accounts/index.html b/accounts/templates/accounts/index.html index 2a21cbe..563de89 100644 --- a/accounts/templates/accounts/index.html +++ b/accounts/templates/accounts/index.html @@ -17,7 +17,14 @@ {% endblock%} {% block content %} -<form action="{% url 'personal'%}" method="post" id="form1" enctype="multipart/form-data"> +<div class="tap-target {{color}}" data-target="home_btn"> + <div class="tap-target-content"> + <h5 style="color:white">Continua l'attivazione</h5> + <p style="color:white">Usa questo pulsante per tornare alla home e continuare il processo d'attivazione</p> + </div> +</div> + +<form action="{% url 'personal'%}?saved=true" method="post" id="form1" enctype="multipart/form-data"> <div id="personal" class="row"> <div class="col l8 offset-l2 s12"> <div class="card-panel"> @@ -54,7 +61,7 @@ <option value="posto" {{branca_pionieri}}>Pionieri</option> <option value="clan" {{branca_rover}}>Rover</option> </select> - <label>Branca</label> + <label>Branca (campo non modificabile)</label> </div> <div class="input-field col l4 s12"> <input value="{{parent_name}}" name="parent_name" id="parent_name" type="text" {{validation_dic.parent_name|safe}}> @@ -456,12 +463,16 @@ $(document).ready(function() { $('.datepicker').datepicker(options); $('.tabs').tabs(); $('select').formSelect(); + $('.tap-target').tapTarget(); {% for error in errors %} M.toast({html: '{{ error }}', classes: 'orange'}) {% endfor %} {% if ok_message %} M.toast({html: '{{ ok_message }}', classes: 'green'}) {% endif %} + {% if home_tooltip %} + $('.tap-target').tapTarget('open'); + {% endif %} document.getElementById("vac_certificate").onchange = function() { for (i=0; i < this.files.length; i++) { if(this.files[i].size > 1048576*10) { diff --git a/accounts/templates/accounts/terms.html b/accounts/templates/accounts/terms.html index 8b4443b..e7de26b 100644 --- a/accounts/templates/accounts/terms.html +++ b/accounts/templates/accounts/terms.html @@ -12,9 +12,11 @@ <div class="card"> <div class="card-content"> <h5>Termini e condizioni</h5> + <h6>Trattamento dei dati</h6> <blockquote> - Creando un account accetti e comprendi i seguenti termini: <br> - Tutti i dati inseriti all'interno del sistema verranno condivisi con la persona a capo del gruppo di cui fai parte. + Tutti i dati inseriti verranno trattati in maniera confidenziale + e condivisi con i responsabili della sezione scout. I quali + li useranno per scopi organizzativi e non li condivideranno con terze parti. </blockquote> </div> </div> diff --git a/accounts/views.py b/accounts/views.py index e9d2bfe..9f7c9b3 100644 --- a/accounts/views.py +++ b/accounts/views.py @@ -29,6 +29,13 @@ from pdf2image.exceptions import ( PDFSyntaxError ) +# suppress warning about dateparser deprecated dependencies +import warnings +warnings.filterwarnings( + "ignore", + message="The localize method is no longer necessary, as this time zone supports the fold attribute", +) + oauth = OAuth() hitobito = oauth.register(name="hitobito") api_url = settings.AUTHLIB_OAUTH_CLIENTS["hitobito"]["api_url"] @@ -578,7 +585,7 @@ def personal_wrapper(request, errors): # if there wasn't any error redirect to clear POST if len(errors) == 0: - return HttpResponseRedirect("") + return HttpResponseRedirect(request.get_full_path()) else: # no post, create empty validation @@ -636,10 +643,16 @@ def personal_wrapper(request, errors): if midata_user: midata_disable = " readonly disabled" if not copy_from_midata(request, usercode): - return HttpResponseRedirect(request.path_info) + return HttpResponseRedirect(request.get_full_path()) usable_password = request.user.has_usable_password() + # check if user has saved the form + home_tooltip = False + if "saved" in request.GET: + # show tooltip only if user is not approved and there are no errors + home_tooltip = (not request.user.has_perm("client.approved")) and (len(errors) == 0) + # fill context context = { 'validation_dic': validation_dic, @@ -693,6 +706,7 @@ def personal_wrapper(request, errors): 'settings_active': settings_active, 'personal_active': personal_active, 'midata_enabled': MIDATA_ENABLED, + 'home_tooltip': home_tooltip, } return render(request, 'accounts/index.html', context) diff --git a/client/migrations/0014_auto_20220111_1503.py b/client/migrations/0014_auto_20220111_1503.py new file mode 100644 index 0000000..99c7c18 --- /dev/null +++ b/client/migrations/0014_auto_20220111_1503.py @@ -0,0 +1,38 @@ +# Generated by Django 3.1.4 on 2022-01-11 14:03 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('client', '0013_keys_key_extra'), + ] + + operations = [ + migrations.AlterField( + model_name='documenttype', + name='custom_message_text', + field=models.CharField(default='', max_length=2048), + ), + migrations.AlterField( + model_name='keys', + name='key', + field=models.CharField(db_index=True, max_length=2048), + ), + migrations.AlterField( + model_name='keys', + name='key_extra', + field=models.CharField(default='', max_length=2048), + ), + migrations.AlterField( + model_name='keyval', + name='key', + field=models.CharField(db_index=True, max_length=2048), + ), + migrations.AlterField( + model_name='keyval', + name='value', + field=models.CharField(db_index=True, max_length=2048), + ), + ] diff --git a/client/models.py b/client/models.py index cd3cf88..e01fe1f 100644 --- a/client/models.py +++ b/client/models.py @@ -15,7 +15,7 @@ class DocumentType(models.Model): medical_data = models.BooleanField(default=False)
custom_data = models.BooleanField(default=False)
custom_message = models.BooleanField(default=False)
- custom_message_text = models.CharField(default="", max_length=250)
+ custom_message_text = models.CharField(default="", max_length=2048)
staff_only = models.BooleanField(default=False)
max_instances = models.IntegerField(default=0)
name = models.CharField(default="", max_length=250)
@@ -88,15 +88,15 @@ class Document(models.Model): class KeyVal(models.Model):
container = models.ForeignKey(
Document, db_index=True, on_delete=models.CASCADE)
- key = models.CharField(max_length=240, db_index=True)
- value = models.CharField(max_length=240, db_index=True)
+ key = models.CharField(max_length=2048, db_index=True)
+ value = models.CharField(max_length=2048, db_index=True)
class Keys(models.Model):
container = models.ForeignKey(
DocumentType, db_index=True, on_delete=models.CASCADE)
- key = models.CharField(max_length=240, db_index=True)
- key_extra = models.CharField(max_length=1024, default="")
+ key = models.CharField(max_length=2048, db_index=True)
+ key_extra = models.CharField(max_length=2048, default="")
class UserCode(models.Model):
diff --git a/client/templates/client/approve_doc_pdf.html b/client/templates/client/approve_doc_pdf.html index 3ed4d86..db1478e 100644 --- a/client/templates/client/approve_doc_pdf.html +++ b/client/templates/client/approve_doc_pdf.html @@ -29,15 +29,12 @@ <br> <br> Inoltre accetto e prendo nota della seguente clausula aggiuntiva: <br> - {{doc.document_type.custom_message_text}} + {{doc.document_type.custom_message_text | linebreaksbr}} {% endif %} </p> </div> </div> <br><br><br><br> - <br><br><br><br> - <br><br><br><br> - <br><br><br><br> <div class="row"> <div class="col s4 offset-s1"> <div class="input-field"> diff --git a/client/templates/client/doc_create.html b/client/templates/client/doc_create.html index ce5f39d..71bdbbe 100644 --- a/client/templates/client/doc_create.html +++ b/client/templates/client/doc_create.html @@ -98,9 +98,9 @@ <div class="row"> <div class="col s12"> <div class="card {{color}}"> - <div class="card-content"> - <p style="color:white"><b> - {{custom_message_text}} + <div class="card-content" style="color:white"> + <p><b> + {{custom_message_text | linebreaksbr}} </b></p> </div> </div> @@ -135,6 +135,18 @@ {% endif %} <div class="row"> <div class="col s12"> + <div class="card red"> + <div class="card-content"> + <p style="color:white"><b> + Attenzione: il documento non sarĂ valido fino a quando non viene approvato. Selezionare + il documento dalla pagina principale per approvarlo. + </b></p> + </div> + </div> + </div> + </div> + <div class="row"> + <div class="col s12"> <br> <a class="btn waves-effect waves-light {{color}}" onclick="window.history.back();" > <i class="material-icons left">navigate_before</i>Indietro diff --git a/client/templates/client/doc_edit.html b/client/templates/client/doc_edit.html index a9cc056..40deb26 100644 --- a/client/templates/client/doc_edit.html +++ b/client/templates/client/doc_edit.html @@ -56,7 +56,7 @@ <div class="card {{color}}"> <div class="card-content"> <p style="color:white"><b> - {{custom_message_text}} + {{custom_message_text | linebreaksbr}} </b></p> </div> </div> @@ -98,6 +98,18 @@ {% endif %} <div class="row"> <div class="col s12"> + <div class="card red"> + <div class="card-content"> + <p style="color:white"><b> + Attenzione: il documento non sarĂ valido fino a quando non viene approvato. Selezionare + il documento dalla pagina principale per approvarlo. + </b></p> + </div> + </div> + </div> + </div> + <div class="row"> + <div class="col s12"> <br> <a class="btn waves-effect waves-light {{color}}" onclick="window.history.back();" > <i class="material-icons left">navigate_before</i>Indietro diff --git a/client/templates/client/index.html b/client/templates/client/index.html index e31ce34..1885dd1 100644 --- a/client/templates/client/index.html +++ b/client/templates/client/index.html @@ -76,7 +76,7 @@ <br> <br> Inoltre accetto e prendo nota della seguente clausula aggiuntiva: <br> - {{doc.document_type.custom_message_text}} + {{doc.document_type.custom_message_text | linebreaksbr}} {% endif %} <br> <br> diff --git a/client/views.py b/client/views.py index 04ebaf9..086c1ba 100644 --- a/client/views.py +++ b/client/views.py @@ -61,10 +61,10 @@ def index(request): # check if document is valid to modify if document.user != request.user: - return + return HttpResponseRedirect("/") if document.status == "ok" or document.status == "archive": - return + return HttpResponseRedirect("/") # execute action if request.POST["action"][0] == 'f': @@ -184,22 +184,22 @@ def create(request): if document_type.max_instances != 0: if len(Document.objects.filter(document_type=document_type)) - len(Document.objects.filter(document_type=document_type, status="archive")) >= document_type.max_instances: # there aren't user is cheating - return + return HttpResponseRedirect("/") # check if user has permission to use that type if document_type.staff_only and not request.user.is_staff and "capi" not in request.user.groups.values_list('name', flat = True): # user is cheating abort - return + return HttpResponseRedirect("/") if not document_type.custom_group and document_type.group.name not in request.user.groups.values_list('name', flat=True): # user is cheating abort - return + return HttpResponseRedirect("/") # get list of docs with that type current_docs = Document.objects.filter(user=request.user).filter(document_type=document_type) if len(current_docs) > 0: # if there is already a document with that type abort (user is cheating) - return + return HttpResponseRedirect("/") # set default values code = 0 @@ -267,12 +267,12 @@ def edit_wrapper(request, context): # check if user has permission if document.user != request.user: - return + return HttpResponseRedirect("/") # check if document is editable if document.status != "wait" and document.status != "autosign": # user is cheating - return + return HttpResponseRedirect("/") # update compilation date document.compilation_date = pytz.timezone('Europe/Zurich').localize(datetime.now()) diff --git a/requirements.txt b/requirements.txt index e442da7..62c7159 100644 --- a/requirements.txt +++ b/requirements.txt @@ -6,3 +6,4 @@ pytz pdf2image django-debug-toolbar requests +authlib diff --git a/server/templates/server/doc_list.html b/server/templates/server/doc_list.html index 736fdd4..5b898ec 100644 --- a/server/templates/server/doc_list.html +++ b/server/templates/server/doc_list.html @@ -508,7 +508,7 @@ $('#chips_owner').chips({ autocompleteOptions: { data: { {% for user in users %} - '{{user.username}} ({{user.first_name}} {{user.last_name}})': null, + '{{user.user__username}} ({{user.user__first_name}} {{user.user__last_name}})': null, {% endfor %} }, limit: Infinity, diff --git a/server/templates/server/doc_type.html b/server/templates/server/doc_type.html index 8b2131d..4f8fe6f 100644 --- a/server/templates/server/doc_type.html +++ b/server/templates/server/doc_type.html @@ -213,7 +213,7 @@ <i class="material-icons">message</i>Messaggio aggiuntivo </div> <div class="collapsible-body"><span> - {{doctype.custom_message_text}} + {{doctype.custom_message_text | linebreaksbr}} </span></div> </li> {% endif %} diff --git a/server/views.py b/server/views.py index 0e032f0..c91db1e 100644 --- a/server/views.py +++ b/server/views.py @@ -1472,11 +1472,13 @@ def data_request(request): if "request" not in request.POST.keys():
context["error"] = "Selezionare una richesta"
elif request.POST["request"] == "email_all":
- users_email = User.objects.filter(groups__name=parent_group).values_list("email", flat=True)
+ perm = Permission.objects.get(codename="approved")
+ users_email = User.objects.filter(groups__name=parent_group, user_permissions=perm).values_list("email", flat=True)
data = ", ".join(users_email)
context["data"] = data
elif request.POST["request"] == "email_non_staff":
- users_email = User.objects.filter(groups__name=parent_group).exclude(groups__name="capi").values_list("email", flat=True)
+ perm = Permission.objects.get(codename="approved")
+ users_email = User.objects.filter(groups__name=parent_group, user_permission=perm).exclude(groups__name="capi").values_list("email", flat=True)
data = ", ".join(users_email)
context["data"] = data
elif request.POST["request"] == "data_user":
diff --git a/templates/registration/base_client.html b/templates/registration/base_client.html index 8543852..b14ffcd 100644 --- a/templates/registration/base_client.html +++ b/templates/registration/base_client.html @@ -88,6 +88,10 @@ border-bottom: none; box-shadow: 0 1px 0 0 #9e9e9e; } + + .breadcrumb:last-child { + color: {{hexcolor}} + } </style> <meta name="viewport" content="width=device-width, initial-scale=1.0"/> <meta charset="utf-8"> @@ -99,9 +103,8 @@ {% csrf_token %} <input type="hidden" name="metadata" id="metadata"> <div class="nav-wrapper {{color}}"> - <a style="margin-left: 10px;" href="{% url 'index' %}" class="breadcrumb hide-on-small-only">Home</a> - <ul class="left hide-on-med-and-up"> - <li><a href="{% url 'index' %}"><i class="material-icons">home</i></a></li> + <ul class="left"> + <li><a id="home_btn" href="{% url 'index' %}"><i class="material-icons">home</i></a></li> </ul> {% block breadcrumb %} {% endblock %} diff --git a/version.txt b/version.txt index 4df8563..d689165 100644 --- a/version.txt +++ b/version.txt @@ -1,2 +1,2 @@ -version=0.4
-rev=23 +version=0.4 +rev=24 |