Commit graph

1530 commits

Author SHA1 Message Date
Martin Pepin
ae38b5d1e7 Merge branch 'hotfix/prevent_ldap_injection' into 'master'
Hotfix/prevent ldap injection

Closes #150

See merge request !188
2017-03-20 23:06:59 +01:00
Martin Pépin
59f57793ba typo 2017-03-20 22:05:48 +00:00
Martin Pépin
0aed975615 Fix the empty-query test in autocomplete
If there is no valid word to search in the LDAP database, no query is
performed. Since 74f0b63e, that behaviour was broken because of a typo
2017-03-20 08:14:20 +00:00
Ludovic Stephan
6d36d50e9a Fix 'at' property for transfergroups 2017-03-20 01:56:59 -03:00
Ludovic Stephan
2c63e6b667 Use django.contrib.auth decorators 2017-03-20 00:11:50 -03:00
Ludovic Stephan
36dc6439a8 Plug createopes into loadkfetdevdata 2017-03-19 16:03:39 -03:00
Ludovic Stephan
0356ec34ae Add createopes command 2017-03-19 16:03:19 -03:00
Martin Pépin
74f0b63e96 Change ldap query behaviour if multiple inputs
It is now consistent with the other lookups over the User database
2017-03-19 15:10:08 +00:00
Martin Pépin
dc50a23b10 Escape the content of the regex in highligh_text 2017-03-19 14:48:04 +00:00
Martin Pepin
a057869d77 Merge branch 'Aufinal/fix_kfet_devdata' into 'master'
Données de test K-Fêt

See merge request !191
2017-03-19 15:15:02 +01:00
Martin Pépin
4899bba1f7 Replace list comprehensions by iterators in dal 2017-03-19 14:05:25 +00:00
Ludovic Stephan
51fba4da21 Log messages 2017-03-18 19:02:08 -03:00
Ludovic Stephan
47b7d934e0 PEP8 on imports 2017-03-18 19:01:51 -03:00
Ludovic Stephan
29d7654052 Root kfet account 2017-03-18 18:02:33 -03:00
Ludovic Stephan
f512c1bdd7 Add better checkout creation 2017-03-18 18:02:23 -03:00
Qwann
de724a2c0d PEP8 for perform_operation 2017-03-17 19:53:23 +01:00
Qwann
a107fa0309 migration renamed 2017-03-17 19:23:44 +01:00
Qwann
fcc2ab8810 frontend working 2017-03-17 19:17:36 +01:00
Martin Pépin
55b67f38c8 Notice the users about the α-numeric restriction
Add a help text above the two autocompletion inputs letting the users
know that non-alphanumeric characters will not be used.
2017-03-16 23:16:56 +00:00
Martin Pépin
741f0183e6 Prevent ldap injections in autocompletion views
We only allow alphanumeric characters in the query in order to avoid
injections
2017-03-16 22:43:43 +00:00
Hugo Roussille
a8428f1b41 Précision des tirages qui doivent apparaître dans le catalogue 2017-03-16 06:34:49 +01:00
Hugo Roussille
7ecea0e391 Meilleure gestion des dates et timezones 2017-03-16 06:22:01 +01:00
Hugo Roussille
68334e15d7 Gestion des citations 2017-03-16 05:50:02 +01:00
Ludovic Stephan
3793863bab Merge remote-tracking branch 'origin/k-fet' into Aufinal/merge_k-fet 2017-03-15 22:58:54 -03:00
Martin Pépin
3acc8bca75 s/username/clipper in highlight_clipper
There was typo, the `Clipper` object has no `username` attribute. We
want to use the `clipper` attribute
2017-03-15 19:11:38 +00:00
Martin Pépin
e98a407982 Rename bits -> search_words in kfet.autocomplete
This is typo, this variable has not the same name in
`gestioncof.autocomplete` and `kfet.autocomplete`
2017-03-15 19:02:31 +00:00
Martin Pépin
84a39b41f2 Fix wrong email generation in _traitement_post (2)
I forgot to fix an email in commit c51379447. Now there are all
well-formed
2017-03-15 18:35:42 +00:00
Martin Pépin
c4edff717d Disable the fail_silently option for emails
It is obviously a bad idea to fail silently if something go wrong
when the connection with the mail server is being established. This was
enabled in the `_traitement_post` method.
2017-03-15 18:21:26 +00:00
Martin Pépin
c513794474 Fix wrong email generation in _traitement_post
The list `proposed_mails` is a list of elements of the kind
`(User, (mail_object, mail_body))` but it was handled as if it were
`(User, mail_body)` in the function `_traitement_post`.
2017-03-15 18:17:08 +00:00
Martin Pépin
98abe71681 Handle errors=None in _finalize_traitement
Sometimes the `errors` variable is `None` in `_finalize_traitement`.
It was not an issue when it was just used in the templates but now we
have to handle this in the view. Basically, we shall consider it is an
empty list when it occurs.
2017-03-15 11:59:41 +00:00
Martin Pépin
c37754376b Move registration_form to gestioncof/
The `registration` view was referencing this file using
`"gestioncof/registration_form.html"` whereas the `registration_post`
templated was referencing it in the global namespace
`"registration_form.html"`.

We choose the `gestioncof/` folder in order to avoid further conflicts
with other apps.
2017-03-15 11:40:52 +00:00
Hugo Roussille
f64a865de1 Côté serveur du catalogue des spectacles BdA 2017-03-15 07:37:24 +01:00
Qwann
d0938dfae7 Merge branch 'k-fet' into qwann/k-fet/category_addcost 2017-03-11 15:10:04 +01:00
Aurélien Delobelle
e6f0369874 Merge branch 'qwann/k-fet/home' into 'k-fet'
Qwann/k fet/home

### new features
Adding the menu on the K-Fêt home page.  Adding `hidden` attribute to Article for articles people don't want to have on the menu. The menu only show items with `is_sold = True` and `hidden = True`. 


See merge request !164
2017-03-11 13:26:56 +01:00
Qwann
b0643c0928 typo 2017-03-11 02:04:30 +01:00
Qwann
ee6de35627 category addcost added 2017-03-10 18:29:15 +01:00
Qwann
52dda7be9a Merge branch 'qwann/k-fet/home' into qwann/k-fet/kfet_open 2017-03-10 16:58:46 +01:00
Qwann
5ddcd2f1ff Merge branch 'k-fet' into qwann/k-fet/home 2017-03-10 16:58:10 +01:00
Qwann
cd31c55254 permission working 2017-03-10 16:40:36 +01:00
Qwann
f18bb9f336 permission added 2017-03-09 17:27:58 +01:00
Qwann
8e7b9e2fd3 force close working 2017-03-09 15:05:47 +01:00
Qwann
5694e4b9bc migrations merged 2017-03-09 11:11:31 +01:00
Qwann
ce96bc4b67 Status added on home page 2017-03-07 17:31:43 +01:00
Qwann
f8e09cf257 unknow status updated every 30s 2017-03-07 14:12:23 +01:00
Qwann
0f96d3bc46 moving kfet_open url 2017-03-07 14:02:08 +01:00
Qwann
392338eddd indent 2017-03-06 09:30:58 +01:00
Qwann
b7040d5867 adding KFET_FORCE_CLOSE in cache 2017-03-06 02:25:18 +01:00
Qwann
8e462134c7 home base html 2017-03-06 02:08:33 +01:00
Qwann
964dd716c6 Merge branch 'qwann/k-fet/home' into qwann/k-fet/kfet_open 2017-03-06 02:04:11 +01:00
Qwann
ca17e36b5a clean display for is_sold 2017-03-06 02:03:19 +01:00