cst1/kpsul
1
0
Fork 0
forked from DGNum/gestioCOF
Code Pull requests Activity

core -- Apply black + isort to all files

Browse source
This commit is contained in:
Aurélien Delobelle 2018-10-06 12:35:49 +02:00
parent 104e71dcf6
commit fdd2b35289
196 changed files with 10727 additions and 8365 deletions
Download patch file Download diff file Expand all files Collapse all files

6
kfet/auth/__init__.py
View file

@ -1,4 +1,4 @@
default_app_config = 'kfet.auth.apps.KFetAuthConfig'
default_app_config = "kfet.auth.apps.KFetAuthConfig"
KFET_GENERIC_USERNAME = 'kfet_genericteam'
KFET_GENERIC_TRIGRAMME = 'GNR'
KFET_GENERIC_USERNAME = "kfet_genericteam"
KFET_GENERIC_TRIGRAMME = "GNR"

5
kfet/auth/apps.py
View file

@ -4,11 +4,12 @@ from django.utils.translation import ugettext_lazy as _
class KFetAuthConfig(AppConfig):
name = 'kfet.auth'
label = 'kfetauth'
name = "kfet.auth"
label = "kfetauth"
verbose_name = _("K-Fêt - Authentification et Autorisation")
def ready(self):
from . import signals # noqa
from .utils import setup_kfet_generic_user
post_migrate.connect(setup_kfet_generic_user, sender=self)

7
kfet/auth/backends.py
View file

@ -1,4 +1,5 @@
from django.contrib.auth import get_user_model
from kfet.models import Account, GenericTeamToken
from .utils import get_kfet_generic_user
@ -12,11 +13,7 @@ class BaseKFetBackend:
Add extra select related up to Account.
"""
try:
return (
User.objects
.select_related('profile__account_kfet')
.get(pk=user_id)
)
return User.objects.select_related("profile__account_kfet").get(pk=user_id)
except User.DoesNotExist:
return None

7
kfet/auth/context_processors.py
View file

@ -2,9 +2,6 @@ from django.contrib.auth.context_processors import PermWrapper
def temporary_auth(request):
if hasattr(request, 'real_user'):
return {
'user': request.real_user,
'perms': PermWrapper(request.real_user),
}
if hasattr(request, "real_user"):
return {"user": request.real_user, "perms": PermWrapper(request.real_user)}
return {}

7
kfet/auth/fields.py
View file

@ -5,15 +5,12 @@ from django.forms import widgets
class KFetPermissionsField(forms.ModelMultipleChoiceField):
def __init__(self, *args, **kwargs):
queryset = Permission.objects.filter(
content_type__in=ContentType.objects.filter(app_label="kfet"),
content_type__in=ContentType.objects.filter(app_label="kfet")
)
super().__init__(
queryset=queryset,
widget=widgets.CheckboxSelectMultiple,
*args, **kwargs
queryset=queryset, widget=widgets.CheckboxSelectMultiple, *args, **kwargs
)
def label_from_instance(self, obj):

23
kfet/auth/forms.py
View file

@ -8,11 +8,11 @@ class GroupForm(forms.ModelForm):
permissions = KFetPermissionsField()
def clean_name(self):
name = self.cleaned_data['name']
return 'K-Fêt %s' % name
name = self.cleaned_data["name"]
return "K-Fêt %s" % name
def clean_permissions(self):
kfet_perms = self.cleaned_data['permissions']
kfet_perms = self.cleaned_data["permissions"]
# TODO: With Django >=1.11, the QuerySet method 'difference' can be
# used.
# other_groups = self.instance.permissions.difference(
@ -21,28 +21,29 @@ class GroupForm(forms.ModelForm):
if self.instance.pk is None:
return kfet_perms
other_perms = self.instance.permissions.exclude(
pk__in=[p.pk for p in self.fields['permissions'].queryset],
pk__in=[p.pk for p in self.fields["permissions"].queryset]
)
return list(kfet_perms) + list(other_perms)
class Meta:
model = Group
fields = ['name', 'permissions']
fields = ["name", "permissions"]
class UserGroupForm(forms.ModelForm):
groups = forms.ModelMultipleChoiceField(
Group.objects.filter(name__icontains='K-Fêt'),
label='Statut équipe',
required=False)
Group.objects.filter(name__icontains="K-Fêt"),
label="Statut équipe",
required=False,
)
def clean_groups(self):
kfet_groups = self.cleaned_data.get('groups')
kfet_groups = self.cleaned_data.get("groups")
if self.instance.pk is None:
return kfet_groups
other_groups = self.instance.groups.exclude(name__icontains='K-Fêt')
other_groups = self.instance.groups.exclude(name__icontains="K-Fêt")
return list(kfet_groups) + list(other_groups)
class Meta:
model = User
fields = ['groups']
fields = ["groups"]

15
kfet/auth/middleware.py
View file

@ -12,21 +12,19 @@ class TemporaryAuthMiddleware:
values from CofProfile and Account of this user.
"""
def __init__(self, get_response):
self.get_response = get_response
def __call__(self, request):
if request.user.is_authenticated:
# avoid multiple db accesses in views and templates
request.user = (
User.objects
.select_related('profile__account_kfet')
.get(pk=request.user.pk)
request.user = User.objects.select_related("profile__account_kfet").get(
pk=request.user.pk
)
temp_request_user = AccountBackend().authenticate(
request,
kfet_password=self.get_kfet_password(request),
request, kfet_password=self.get_kfet_password(request)
)
if temp_request_user:
@ -36,7 +34,4 @@ class TemporaryAuthMiddleware:
return self.get_response(request)
def get_kfet_password(self, request):
return (
request.META.get('HTTP_KFETPASSWORD') or
request.POST.get('KFETPASSWORD')
)
return request.META.get("HTTP_KFETPASSWORD") or request.POST.get("KFETPASSWORD")

20
kfet/auth/migrations/0001_initial.py
View file

@ -7,18 +7,26 @@ from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('auth', '0006_require_contenttypes_0002'),
("auth", "0006_require_contenttypes_0002"),
# Following dependency allows using Account model to set up the kfet
# generic user in post_migrate receiver.
('kfet', '0058_delete_genericteamtoken'),
("kfet", "0058_delete_genericteamtoken"),
]
operations = [
migrations.CreateModel(
name='GenericTeamToken',
name="GenericTeamToken",
fields=[
('id', models.AutoField(verbose_name='ID', auto_created=True, serialize=False, primary_key=True)),
('token', models.CharField(unique=True, max_length=50)),
(
"id",
models.AutoField(
verbose_name="ID",
auto_created=True,
serialize=False,
primary_key=True,
),
),
("token", models.CharField(unique=True, max_length=50)),
],
),
)
]

1
kfet/auth/models.py
View file

@ -3,7 +3,6 @@ from django.utils.crypto import get_random_string
class GenericTeamTokenManager(models.Manager):
def create_token(self):
token = get_random_string(50)
while self.filter(token=token).exists():

22
kfet/auth/signals.py
View file

@ -19,22 +19,26 @@ def suggest_auth_generic(sender, request, user, **kwargs):
- logged in user is a kfet staff member (except the generic user).
"""
# Filter against the next page.
if not(hasattr(request, 'GET') and 'next' in request.GET):
if not (hasattr(request, "GET") and "next" in request.GET):
return
next_page = request.GET['next']
generic_url = reverse('kfet.login.generic')
next_page = request.GET["next"]
generic_url = reverse("kfet.login.generic")
if not('k-fet' in next_page and not next_page.startswith(generic_url)):
if not ("k-fet" in next_page and not next_page.startswith(generic_url)):
return
# Filter against the logged in user.
if not(user.has_perm('kfet.is_team') and user != get_kfet_generic_user()):
if not (user.has_perm("kfet.is_team") and user != get_kfet_generic_user()):
return
# Seems legit to add message.
text = _("K-Fêt — Ouvrir une session partagée ?")
messages.info(request, mark_safe(
'<a href="#" data-url="{}" onclick="submit_url(this)">{}</a>'
.format(generic_url, text)
))
messages.info(
request,
mark_safe(
'<a href="#" data-url="{}" onclick="submit_url(this)">{}</a>'.format(
generic_url, text
)
),
)

161
kfet/auth/tests.py
View file

@ -1,8 +1,8 @@
from unittest import mock
from django.contrib.auth.models import AnonymousUser, Group, Permission, User
from django.core import signing
from django.core.urlresolvers import reverse
from django.contrib.auth.models import AnonymousUser, Group, Permission, User
from django.test import RequestFactory, TestCase
from kfet.forms import UserGroupForm
@ -15,11 +15,11 @@ from .models import GenericTeamToken
from .utils import get_kfet_generic_user
from .views import GenericLoginView
##
# Forms
##
class UserGroupFormTests(TestCase):
"""Test suite for UserGroupForm."""
@ -31,8 +31,7 @@ class UserGroupFormTests(TestCase):
prefix_name = "K-Fêt "
names = ["Group 1", "Group 2", "Group 3"]
self.kfet_groups = [
Group.objects.create(name=prefix_name+name)
for name in names
Group.objects.create(name=prefix_name + name) for name in names
]
# create a non-K-Fêt group
@ -41,11 +40,9 @@ class UserGroupFormTests(TestCase):
def test_choices(self):
"""Only K-Fêt groups are selectable."""
form = UserGroupForm(instance=self.user)
groups_field = form.fields['groups']
groups_field = form.fields["groups"]
self.assertQuerysetEqual(
groups_field.queryset,
[repr(g) for g in self.kfet_groups],
ordered=False,
groups_field.queryset, [repr(g) for g in self.kfet_groups], ordered=False
)
def test_keep_others(self):
@ -56,9 +53,7 @@ class UserGroupFormTests(TestCase):
user.groups.add(self.other_group)
# add user to some K-Fêt groups through UserGroupForm
data = {
'groups': [group.pk for group in self.kfet_groups],
}
data = {"groups": [group.pk for group in self.kfet_groups]}
form = UserGroupForm(data, instance=user)
form.is_valid()
@ -71,7 +66,6 @@ class UserGroupFormTests(TestCase):
class KFetGenericUserTests(TestCase):
def test_exists(self):
"""
The account is set up when app is ready, so it should exist.
@ -86,44 +80,39 @@ class KFetGenericUserTests(TestCase):
# Backends
##
class AccountBackendTests(TestCase):
class AccountBackendTests(TestCase):
def setUp(self):
self.request = RequestFactory().get('/')
self.request = RequestFactory().get("/")
def test_valid(self):
acc = Account(trigramme='000')
acc.change_pwd('valid')
acc.save({'username': 'user'})
acc = Account(trigramme="000")
acc.change_pwd("valid")
acc.save({"username": "user"})
auth = AccountBackend().authenticate(
self.request, kfet_password='valid')
auth = AccountBackend().authenticate(self.request, kfet_password="valid")
self.assertEqual(auth, acc.user)
def test_invalid(self):
auth = AccountBackend().authenticate(
self.request, kfet_password='invalid')
auth = AccountBackend().authenticate(self.request, kfet_password="invalid")
self.assertIsNone(auth)
class GenericBackendTests(TestCase):
def setUp(self):
self.request = RequestFactory().get('/')
self.request = RequestFactory().get("/")
def test_valid(self):
token = GenericTeamToken.objects.create_token()
auth = GenericBackend().authenticate(
self.request, kfet_token=token.token)
auth = GenericBackend().authenticate(self.request, kfet_token=token.token)
self.assertEqual(auth, get_kfet_generic_user())
self.assertEqual(GenericTeamToken.objects.all().count(), 0)
def test_invalid(self):
auth = GenericBackend().authenticate(
self.request, kfet_token='invalid')
auth = GenericBackend().authenticate(self.request, kfet_token="invalid")
self.assertIsNone(auth)
@ -131,78 +120,74 @@ class GenericBackendTests(TestCase):
# Views
##
class GenericLoginViewTests(TestCase):
class GenericLoginViewTests(TestCase):
def setUp(self):
patcher_messages = mock.patch('gestioncof.signals.messages')
patcher_messages = mock.patch("gestioncof.signals.messages")
patcher_messages.start()
self.addCleanup(patcher_messages.stop)
user_acc = Account(trigramme='000')
user_acc.save({'username': 'user'})
user_acc = Account(trigramme="000")
user_acc.save({"username": "user"})
self.user = user_acc.user
self.user.set_password('user')
self.user.set_password("user")
self.user.save()
team_acc = Account(trigramme='100')
team_acc.save({'username': 'team'})
team_acc = Account(trigramme="100")
team_acc.save({"username": "team"})
self.team = team_acc.user
self.team.set_password('team')
self.team.set_password("team")
self.team.save()
self.team.user_permissions.add(
Permission.objects.get(
content_type__app_label='kfet', codename='is_team'),
Permission.objects.get(content_type__app_label="kfet", codename="is_team")
)
self.url = reverse('kfet.login.generic')
self.url = reverse("kfet.login.generic")
self.generic_user = get_kfet_generic_user()
def test_url(self):
self.assertEqual(self.url, '/k-fet/login/generic')
self.assertEqual(self.url, "/k-fet/login/generic")
def test_notoken_get(self):
"""
Send confirmation for user to emit POST request, instead of GET.
"""
self.client.login(username='team', password='team')
self.client.login(username="team", password="team")
r = self.client.get(self.url)
self.assertEqual(r.status_code, 200)
self.assertTemplateUsed(r, 'kfet/confirm_form.html')
self.assertTemplateUsed(r, "kfet/confirm_form.html")
def test_notoken_post(self):
"""
POST request without token in COOKIES sets a token and redirects to
logout url.
"""
self.client.login(username='team', password='team')
self.client.login(username="team", password="team")
r = self.client.post(self.url)
self.assertRedirects(
r, '/logout?next={}'.format(self.url),
fetch_redirect_response=False,
r, "/logout?next={}".format(self.url), fetch_redirect_response=False
)
def test_notoken_not_team(self):
"""
Logged in user must be a team user to initiate login as generic user.
"""
self.client.login(username='user', password='user')
self.client.login(username="user", password="user")
# With GET.
r = self.client.get(self.url)
self.assertRedirects(
r, '/login?next={}'.format(self.url),
fetch_redirect_response=False,
r, "/login?next={}".format(self.url), fetch_redirect_response=False
)
# Also with POST.
r = self.client.post(self.url)
self.assertRedirects(
r, '/login?next={}'.format(self.url),
fetch_redirect_response=False,
r, "/login?next={}".format(self.url), fetch_redirect_response=False
)
def _set_signed_cookie(self, client, key, value):
@ -216,10 +201,9 @@ class GenericLoginViewTests(TestCase):
try:
cookie = client.cookies[key]
# It also can be emptied.
self.assertEqual(cookie.value, '')
self.assertEqual(
cookie['expires'], 'Thu, 01-Jan-1970 00:00:00 GMT')
self.assertEqual(cookie['max-age'], 0)
self.assertEqual(cookie.value, "")
self.assertEqual(cookie["expires"], "Thu, 01-Jan-1970 00:00:00 GMT")
self.assertEqual(cookie["max-age"], 0)
except AssertionError:
raise AssertionError("The cookie '%s' still exists." % key)
@ -227,16 +211,16 @@ class GenericLoginViewTests(TestCase):
"""
The kfet generic user is logged in.
"""
token = GenericTeamToken.objects.create(token='valid')
token = GenericTeamToken.objects.create(token="valid")
self._set_signed_cookie(
self.client, GenericLoginView.TOKEN_COOKIE_NAME, 'valid')
self.client, GenericLoginView.TOKEN_COOKIE_NAME, "valid"
)
r = self.client.get(self.url)
self.assertRedirects(r, reverse('kfet.kpsul'))
self.assertRedirects(r, reverse("kfet.kpsul"))
self.assertEqual(r.wsgi_request.user, self.generic_user)
self._is_cookie_deleted(
self.client, GenericLoginView.TOKEN_COOKIE_NAME)
self._is_cookie_deleted(self.client, GenericLoginView.TOKEN_COOKIE_NAME)
with self.assertRaises(GenericTeamToken.DoesNotExist):
token.refresh_from_db()
@ -245,27 +229,26 @@ class GenericLoginViewTests(TestCase):
If token is invalid, delete it and try again.
"""
self._set_signed_cookie(
self.client, GenericLoginView.TOKEN_COOKIE_NAME, 'invalid')
self.client, GenericLoginView.TOKEN_COOKIE_NAME, "invalid"
)
r = self.client.get(self.url)
self.assertRedirects(r, self.url, fetch_redirect_response=False)
self.assertEqual(r.wsgi_request.user, AnonymousUser())
self._is_cookie_deleted(
self.client, GenericLoginView.TOKEN_COOKIE_NAME)
self._is_cookie_deleted(self.client, GenericLoginView.TOKEN_COOKIE_NAME)
def test_flow_ok(self):
"""
A team user is logged in as the kfet generic user.
"""
self.client.login(username='team', password='team')
next_url = '/k-fet/'
self.client.login(username="team", password="team")
next_url = "/k-fet/"
r = self.client.post(
'{}?next={}'.format(self.url, next_url), follow=True)
r = self.client.post("{}?next={}".format(self.url, next_url), follow=True)
self.assertEqual(r.wsgi_request.user, self.generic_user)
self.assertEqual(r.wsgi_request.path, '/k-fet/')
self.assertEqual(r.wsgi_request.path, "/k-fet/")
##
@ -276,10 +259,10 @@ class GenericLoginViewTests(TestCase):
# - temporary_auth context processor
##
class TemporaryAuthTests(TestCase):
class TemporaryAuthTests(TestCase):
def setUp(self):
patcher_messages = mock.patch('gestioncof.signals.messages')
patcher_messages = mock.patch("gestioncof.signals.messages")
patcher_messages.start()
self.addCleanup(patcher_messages.stop)
@ -287,22 +270,23 @@ class TemporaryAuthTests(TestCase):
self.middleware = TemporaryAuthMiddleware(mock.Mock())
user1_acc = Account(trigramme='000')
user1_acc.change_pwd('kfet_user1')
user1_acc.save({'username': 'user1'})
user1_acc = Account(trigramme="000")
user1_acc.change_pwd("kfet_user1")
user1_acc.save({"username": "user1"})
self.user1 = user1_acc.user
self.user1.set_password('user1')
self.user1.set_password("user1")
self.user1.save()
user2_acc = Account(trigramme='100')
user2_acc.change_pwd('kfet_user2')
user2_acc.save({'username': 'user2'})
user2_acc = Account(trigramme="100")
user2_acc.change_pwd("kfet_user2")
user2_acc.save({"username": "user2"})
self.user2 = user2_acc.user
self.user2.set_password('user2')
self.user2.set_password("user2")
self.user2.save()
self.perm = Permission.objects.get(
content_type__app_label='kfet', codename='is_team')
content_type__app_label="kfet", codename="is_team"
)
self.user2.user_permissions.add(self.perm)
def test_middleware_header(self):
@ -310,7 +294,7 @@ class TemporaryAuthTests(TestCase):
A user can be authenticated if ``HTTP_KFETPASSWORD`` header of a
request contains a valid kfet password.
"""
request = self.factory.get('/', HTTP_KFETPASSWORD='kfet_user2')
request = self.factory.get("/", HTTP_KFETPASSWORD="kfet_user2")
request.user = self.user1
self.middleware(request)
@ -323,7 +307,7 @@ class TemporaryAuthTests(TestCase):
A user can be authenticated if ``KFETPASSWORD`` of POST data contains
a valid kfet password.
"""
request = self.factory.post('/', {'KFETPASSWORD': 'kfet_user2'})
request = self.factory.post("/", {"KFETPASSWORD": "kfet_user2"})
request.user = self.user1
self.middleware(request)
@ -335,34 +319,33 @@ class TemporaryAuthTests(TestCase):
"""
The given password must be a password of an Account.
"""
request = self.factory.post('/', {'KFETPASSWORD': 'invalid'})
request = self.factory.post("/", {"KFETPASSWORD": "invalid"})
request.user = self.user1
self.middleware(request)
self.assertEqual(request.user, self.user1)
self.assertFalse(hasattr(request, 'real_user'))
self.assertFalse(hasattr(request, "real_user"))
def test_context_processor(self):
"""
Context variables give the real authenticated user and his permissions.
"""
self.client.login(username='user1', password='user1')
self.client.login(username="user1", password="user1")
r = self.client.get('/k-fet/accounts/', HTTP_KFETPASSWORD='kfet_user2')
r = self.client.get("/k-fet/accounts/", HTTP_KFETPASSWORD="kfet_user2")
self.assertEqual(r.context['user'], self.user1)
self.assertNotIn('kfet.is_team', r.context['perms'])
self.assertEqual(r.context["user"], self.user1)
self.assertNotIn("kfet.is_team", r.context["perms"])
def test_auth_not_persistent(self):
"""
The authentication is temporary, i.e. for one request.
"""
self.client.login(username='user1', password='user1')
self.client.login(username="user1", password="user1")
r1 = self.client.get(
'/k-fet/accounts/', HTTP_KFETPASSWORD='kfet_user2')
r1 = self.client.get("/k-fet/accounts/", HTTP_KFETPASSWORD="kfet_user2")
self.assertEqual(r1.wsgi_request.user, self.user2)
r2 = self.client.get('/k-fet/accounts/')
r2 = self.client.get("/k-fet/accounts/")
self.assertEqual(r2.wsgi_request.user, self.user1)

7
kfet/auth/utils.py
View file

@ -23,12 +23,9 @@ def setup_kfet_generic_user(**kwargs):
"""
generic = get_kfet_generic_user()
generic.user_permissions.add(
Permission.objects.get(
content_type__app_label='kfet',
codename='is_team',
)
Permission.objects.get(content_type__app_label="kfet", codename="is_team")
)
def hash_password(password):
return hashlib.sha256(password.encode('utf-8')).hexdigest()
return hashlib.sha256(password.encode("utf-8")).hexdigest()

83
kfet/auth/views.py
View file

@ -1,17 +1,17 @@
from django.contrib import messages
from django.contrib.messages.views import SuccessMessageMixin
from django.contrib.auth import authenticate, login
from django.contrib.auth.decorators import permission_required
from django.contrib.auth.models import Group, User
from django.contrib.auth.views import redirect_to_login
from django.contrib.messages.views import SuccessMessageMixin
from django.core.urlresolvers import reverse, reverse_lazy
from django.db.models import Prefetch
from django.http import QueryDict
from django.shortcuts import redirect, render
from django.utils.decorators import method_decorator
from django.utils.translation import ugettext_lazy as _
from django.views.generic import View
from django.views.decorators.http import require_http_methods
from django.views.generic import View
from django.views.generic.edit import CreateView, UpdateView
from .forms import GroupForm
@ -30,28 +30,33 @@ class GenericLoginView(View):
provider, which can be external. Session is unusable as it will be cleared
on logout.
"""
TOKEN_COOKIE_NAME = 'kfettoken'
@method_decorator(require_http_methods(['GET', 'POST']))
TOKEN_COOKIE_NAME = "kfettoken"
@method_decorator(require_http_methods(["GET", "POST"]))
def dispatch(self, request, *args, **kwargs):
token = request.get_signed_cookie(self.TOKEN_COOKIE_NAME, None)
if not token:
if not request.user.has_perm('kfet.is_team'):
if not request.user.has_perm("kfet.is_team"):
return redirect_to_login(request.get_full_path())
if request.method == 'POST':
if request.method == "POST":
# Step 1: set token and logout user.
return self.prepare_auth()
else:
# GET request should not change server/client states. Send a
# confirmation template to emit a POST request.
return render(request, 'kfet/confirm_form.html', {
'title': _("Ouvrir une session partagée"),
'text': _(
"Êtes-vous sûr·e de vouloir ouvrir une session "
"partagée ?"
),
})
return render(
request,
"kfet/confirm_form.html",
{
"title": _("Ouvrir une session partagée"),
"text": _(
"Êtes-vous sûr·e de vouloir ouvrir une session "
"partagée ?"
),
},
)
else:
# Step 2: validate token.
return self.validate_auth(token)
@ -62,20 +67,19 @@ class GenericLoginView(View):
# Prepare callback of logout.
here_url = reverse(login_generic)
if 'next' in self.request.GET:
if "next" in self.request.GET:
# Keep given next page.
here_qd = QueryDict(mutable=True)
here_qd['next'] = self.request.GET['next']
here_url += '?{}'.format(here_qd.urlencode())
here_qd["next"] = self.request.GET["next"]
here_url += "?{}".format(here_qd.urlencode())
logout_url = reverse('cof-logout')
logout_url = reverse("cof-logout")
logout_qd = QueryDict(mutable=True)
logout_qd['next'] = here_url
logout_url += '?{}'.format(logout_qd.urlencode(safe='/'))
logout_qd["next"] = here_url
logout_url += "?{}".format(logout_qd.urlencode(safe="/"))
resp = redirect(logout_url)
resp.set_signed_cookie(
self.TOKEN_COOKIE_NAME, token.token, httponly=True)
resp.set_signed_cookie(self.TOKEN_COOKIE_NAME, token.token, httponly=True)
return resp
def validate_auth(self, token):
@ -85,9 +89,9 @@ class GenericLoginView(View):
if user:
# Log in generic user.
login(self.request, user)
messages.success(self.request, _(
"K-Fêt — Ouverture d'une session partagée."
))
messages.success(
self.request, _("K-Fêt — Ouverture d'une session partagée.")
)
resp = redirect(self.get_next_url())
else:
# Try again.
@ -98,39 +102,34 @@ class GenericLoginView(View):
return resp
def get_next_url(self):
return self.request.GET.get('next', reverse('kfet.kpsul'))
return self.request.GET.get("next", reverse("kfet.kpsul"))
login_generic = GenericLoginView.as_view()
@permission_required('kfet.manage_perms')
@permission_required("kfet.manage_perms")
def account_group(request):
user_pre = Prefetch(
'user_set',
queryset=User.objects.select_related('profile__account_kfet'),
"user_set", queryset=User.objects.select_related("profile__account_kfet")
)
groups = (
Group.objects
.filter(name__icontains='K-Fêt')
.prefetch_related('permissions', user_pre)
groups = Group.objects.filter(name__icontains="K-Fêt").prefetch_related(
"permissions", user_pre
)
return render(request, 'kfet/account_group.html', {
'groups': groups,
})
return render(request, "kfet/account_group.html", {"groups": groups})
class AccountGroupCreate(SuccessMessageMixin, CreateView):
model = Group
template_name = 'kfet/account_group_form.html'
template_name = "kfet/account_group_form.html"
form_class = GroupForm
success_message = 'Nouveau groupe : %(name)s'
success_url = reverse_lazy('kfet.account.group')
success_message = "Nouveau groupe : %(name)s"
success_url = reverse_lazy("kfet.account.group")
class AccountGroupUpdate(SuccessMessageMixin, UpdateView):
queryset = Group.objects.filter(name__icontains='K-Fêt')
template_name = 'kfet/account_group_form.html'
queryset = Group.objects.filter(name__icontains="K-Fêt")
template_name = "kfet/account_group_form.html"
form_class = GroupForm
success_message = 'Groupe modifié : %(name)s'
success_url = reverse_lazy('kfet.account.group')
success_message = "Groupe modifié : %(name)s"
success_url = reverse_lazy("kfet.account.group")