These permissions concern pages, images, documents and access to the
wagtail admin site. Only appropriate elements can be selected: only the
kfet root page and its descendants, same for the kfet root collection
(for images and documents), and kfet snippets (MemberTeam).
Add django-formset-js as dependency to help manipulate formsets.
K-Fêt groups created from "devdata" commands get suitable permissions
for the CMS.
- Define default permissions of kfet models.
- Unused default permissions are deleted.
- `kfet.manage_perms` is now splitted as `kfetauth.(view|add|change)_group` permissions.
Import in `ready` method of kfet app config of `kfet.forms` may be
annoying because it starts executing `__init__` methods of fields.
Causing failures if these methods does DB calls, as `ready` may be
called before applying migrations.
KFetGroup model
- Provides a distinction from non-kfet Groups.
- Convert code appropriately.
- Initially filled from Groups containing K-Fêt (this was the previous
distinction) in the kfetauth.0002 migration.
Permission proxy model (kfetauth app)
- Proxy of the django.contrib.auth Permission model.
- Adds the 'kfet' manager which returns only kfet-related permissions.
KeepUnselectableModelFormMixin
- Helps to keep the unselectable items of many-to-many field for
ModelForm.
- 'kfetauth' forms (related to KFetGroup) use this mixin.
Using KFetGroup allows to simplify the 'kfet/account_group_form.html' template.
A bug is also fixed in 'kfet/form_field_snippet.html', which could lead to
prevent field displays if they used CheckboxSelectMultiple widget.
AccountBackend
- Should now work if used in AUTHENTICATION_BACKENDS settings.
- It does not retieve itself the password, as it should not be used
this way.
GenericBackend
- Delete useless 'username' arg of its 'authenticate()' method.
- Now delete the token in DB.
TemporaryAuthMiddleware
- New name of the middleware is more meaningful.
- Is now responsible to retrieve the password from the request, instead
of the AccountBackend.
GenericTeamToken model
- Add a manager' method to create token, avoiding possible error due to
unicity constraint.
GenericLoginView (authentication with the kfet generic user)
- Replace obscure system with a 100% HTTP handling.
- See comments for more information.
Misc
- More docstrings!
- More tests!
- Add some i18n.
- Add kfet/confirm_form.html template:
Ask user to confirm sth via a form (which will send a POST request).
Context variables:
* title: the page title
* confirm_url: action attribute for <form>
* text: displayed confirmation text
- kfet.js : Add functions allowing to emit POST request from <a> tag.
- Non-link nav items from kfet navbar also get a 'title'.
- A utility has been found for the 'sunglasses' glyphicon!
Setup de développement local
Développement sans Vagrant
- Ajoute un fichier de settings pour développer en local sans vagrant :
'cof/settings/local.py'. Il s'agit du fichier utilisé par défaut
si 'DJANGO_SETTINGS_MODULE' n'est pas dans l'environnement.
- Simplifie le README en conséquence.
Vagrant
La conf de production étant en cours de modification, on répercute ici
certaines de ces modifications.
- Front server: passe à nginx (à la place de apache).
- DB: passe à postgresql (à la place de mysql).
- La conf nginx sert le site (port 8080) derrière '/gestion/', à
l'exception des fichiers 'static' et 'media'.
- Ajout de `SERVER_EMAIL` dans les secrets pour pouvoir l'éditer en
production.
- Changement de `STATIC_ROOT` en production.
See merge request !242
