Compare commits

...

10 commits

Author SHA1 Message Date
Víðir Valberg Guðmundsson 3dd7352d90 Services (#25)
Dette PR handler om at få en måde hvorpå medlemmer kan få adgang til de forskellige services vi udbyder.

Co-authored-by: Halfdan Mouritzen <halfdan@robothangarskib.dk>
Reviewed-on: data.coop/membersystem#25
Reviewed-by: benjaoming <benjaoming@data.coop>
Co-authored-by: Víðir Valberg Guðmundsson <valberg@orn.li>
Co-committed-by: Víðir Valberg Guðmundsson <valberg@orn.li>
2024-12-22 23:46:13 +00:00
Benjamin Bach 43d5dcbd52 Set FROM field on emails (#55)
All checks were successful
continuous-integration/drone/push Build is passing
Fixes #54

Reviewed-on: data.coop/membersystem#55
Co-authored-by: Benjamin Bach <benjamin@overtag.dk>
Co-committed-by: Benjamin Bach <benjamin@overtag.dk>
2024-08-14 20:44:11 +00:00
Benjamin Bach f5feda3414 Fix invite text and add accounting context to translation messages (#53)
All checks were successful
continuous-integration/drone/push Build is passing
Reviewed-on: data.coop/membersystem#53
Co-authored-by: Benjamin Bach <benjamin@overtag.dk>
Co-committed-by: Benjamin Bach <benjamin@overtag.dk>
2024-08-14 19:52:09 +00:00
Benjamin Bach 3659cf40df Add more precision to the order email (#51)
All checks were successful
continuous-integration/drone/push Build is passing
Reviewed-on: data.coop/membersystem#51
Co-authored-by: Benjamin Bach <benjamin@overtag.dk>
Co-committed-by: Benjamin Bach <benjamin@overtag.dk>
2024-08-14 10:08:01 +00:00
Benjamin Bach 8f3e8f06f0 Remove unique constraint from initial field (#50)
All checks were successful
continuous-integration/drone/push Build is passing
Reviewed-on: data.coop/membersystem#50
Reviewed-by: valberg <valberg@orn.li>
Co-authored-by: Benjamin Bach <benjamin@overtag.dk>
Co-committed-by: Benjamin Bach <benjamin@overtag.dk>
2024-08-14 09:37:13 +00:00
Benjamin Bach b3795977ed Membership invitations and order emails (#47)
All checks were successful
continuous-integration/drone/push Build is passing
* [x] Create invite emails from admin
* [x] Sign up on special invite form (create password and username)
* [x] Create email with unpaid orders and payment links
* [x] Lodge unpaid orders somewhere in UI for visibility

Reviewed-on: data.coop/membersystem#47
Reviewed-by: valberg <valberg@orn.li>
Co-authored-by: Benjamin Bach <benjamin@overtag.dk>
Co-committed-by: Benjamin Bach <benjamin@overtag.dk>
2024-08-14 09:17:29 +00:00
Benjamin Bach c81481747f Add a footer link to the git repo (#49)
All checks were successful
continuous-integration/drone/push Build is passing
Reviewed-on: data.coop/membersystem#49
Reviewed-by: valberg <valberg@orn.li>
Co-authored-by: Benjamin Bach <benjamin@overtag.dk>
Co-committed-by: Benjamin Bach <benjamin@overtag.dk>
2024-08-14 05:08:02 +00:00
Víðir Valberg Guðmundsson 52b38abf2a chore: cleanup and fix Dockerfile for development
All checks were successful
continuous-integration/drone/push Build is passing
2024-08-09 08:33:14 +02:00
Benjamin Bach 00c615f318 More admin controls + Fix pay/success error 500 (#45)
All checks were successful
continuous-integration/drone/push Build is passing
Reviewed-on: data.coop/membersystem#45
Reviewed-by: valberg <valberg@orn.li>
Co-authored-by: Benjamin Bach <benjamin@overtag.dk>
Co-committed-by: Benjamin Bach <benjamin@overtag.dk>
2024-08-04 17:12:02 +00:00
Benjamin Bach 1070e93885 Divide the amount received from Stripe by 100.0 (#40)
All checks were successful
continuous-integration/drone/push Build is passing
Reviewed-on: data.coop/membersystem#40
Reviewed-by: valberg <valberg@orn.li>
Co-authored-by: Benjamin Bach <benjamin@overtag.dk>
Co-committed-by: Benjamin Bach <benjamin@overtag.dk>
2024-08-04 07:34:50 +00:00
42 changed files with 947 additions and 109 deletions

View file

@ -21,7 +21,8 @@ WORKDIR /app
RUN groupadd -g 1000 www && useradd -u 1000 -ms /bin/bash -g www www
# Only copy the requirements file first to leverage Docker cache
COPY $REQUIREMENTS_FILE .
RUN mkdir requirements/
COPY $REQUIREMENTS_FILE $REQUIREMENTS_FILE
RUN mkdir -p /app/src/static && \
chown www:www /app/src/static && \

View file

@ -98,3 +98,8 @@ make requirements
# Build Docker image with new Python requirements
make build
```
## Important notes
* This project uses [django-zen-queries](https://github.com/dabapps/django-zen-queries), which will sometimes raise a `QueriesDisabledError` in your templates. You can find a difference of opinion about that, but you can find a difference of opinion about many things, right?
* If a linting error annoys you, please feel free to strike back by adding a `noqa` to the line that has displeased the linter and move on with life.

View file

@ -12,19 +12,21 @@ authors = [
{ name = "Víðir Valberg Guðmundsson", email = "valberg@orn.li" },
]
dependencies = [
"Django>=5.1b1,<5.2",
"django-money~=3.5",
"Django~=5.1",
"django-allauth~=0.63",
"psycopg[binary]~=3.2",
"environs[django]>=11,<12",
"uvicorn~=0.30",
"whitenoise~=6.7",
"django-zen-queries~=2.1",
"django-money~=3.5",
"django-oauth-toolkit~=2.4",
"django-registries==0.0.3",
"django-view-decorator==0.0.4",
"django-oauth-toolkit~=2.4",
"django-ratelimit~=4.1",
"django-zen-queries~=2.1",
"django_stubs_ext~=5.0",
"environs[django]>=11,<12",
"psycopg[binary]~=3.2",
"stripe~=10.5",
"uvicorn~=0.30",
"whitenoise~=6.7",
]
version = "0.0.1"
@ -56,15 +58,12 @@ dependencies = [
[[tool.hatch.envs.tests.matrix]]
python = ["3.12"]
django = ["5.1b1"]
django = ["5.1"]
[tool.hatch.envs.tests.overrides]
matrix.django.dependencies = [
{ value = "django~={matrix:django}" },
]
matrix.python.dependencies = [
{ value = "typing_extensions==4.5.0", if = ["3.10"]},
]
[tool.hatch.envs.default.scripts]
cov = "pytest --cov-report=term-missing --cov-config=pyproject.toml --cov=src --cov=tests --cov=append {args}"
@ -140,12 +139,19 @@ ignore = [
"EM102", # Exception must not use a f-string literal, assign to variable first
"COM812", # missing-trailing-comma (https://docs.astral.sh/ruff/formatter/#conflicting-lint-rules)
"ISC001", # single-line-implicit-string-concatenation (https://docs.astral.sh/ruff/formatter/#conflicting-lint-rules)
"D100", # Missing docstring in public module
"D101", # Missing docstring in public class
"D102", # Missing docstring in public method
"D105", # Missing docstring in magic method
"D106", # Missing docstring in public nested class
"D107", # Missing docstring in `__init__`
"FIX", # TODO, FIXME, XXX
"TD", # TODO, FIXME, XXX
"ANN002", # Missing type annotation for `*args`
"ANN003", # Missing type annotation for `**kwargs`
"FBT001", # Misbehaves: Boolean-typed positional argument in function definition
"FBT002", # Misbehaves: Boolean-typed positional argument in function definition
"TRY003", # Avoid specifying long messages outside the exception class
]
[tool.ruff.lint.isort]

View file

@ -4,6 +4,7 @@
# - django-allauth~=0.63
# - django-money~=3.5
# - django-oauth-toolkit~=2.4
# - django-ratelimit~=4.1
# - django-registries==0.0.3
# - django-stubs-ext~=5.0
# - django-view-decorator==0.0.4
@ -53,6 +54,8 @@ django-money==3.5.3
# via hatch.envs.default
django-oauth-toolkit==2.4.0
# via hatch.envs.default
django-ratelimit==4.1.0
# via hatch.envs.default
django-registries==0.0.3
# via hatch.envs.default
django-stubs-ext==5.0.4

0
requirements/base.txt Normal file
View file

View file

@ -14,6 +14,7 @@
# - django-allauth~=0.63
# - django-money~=3.5
# - django-oauth-toolkit~=2.4
# - django-ratelimit~=4.1
# - django-registries==0.0.3
# - django-stubs-ext~=5.0
# - django-view-decorator==0.0.4
@ -81,6 +82,8 @@ django-money==3.5.3
# via hatch.envs.dev
django-oauth-toolkit==2.4.0
# via hatch.envs.dev
django-ratelimit==4.1.0
# via hatch.envs.dev
django-registries==0.0.3
# via hatch.envs.dev
django-stubs==1.16.0

View file

@ -2,7 +2,11 @@
from django import forms
from django.contrib import admin
from django.contrib import messages
from django.db.models import QuerySet
from django.http import HttpRequest
from django.utils.translation import gettext_lazy as _
from membership.emails import OrderEmail
from . import models
@ -26,7 +30,7 @@ class OrderAdminForm(forms.ModelForm):
model = models.Order
exclude = () # noqa: DJ006
def clean(self): # noqa: D102, ANN201
def clean(self): # noqa: ANN201
cd = super().clean()
if not cd["account"] and cd["member"]:
try:
@ -43,7 +47,24 @@ class OrderAdmin(admin.ModelAdmin):
inlines = (OrderProductInline,)
form = OrderAdminForm
list_display = ("member", "description", "created", "is_paid")
actions = ("send_order",)
list_display = ("member", "description", "created", "is_paid", "total_with_vat")
search_fields = ("member__email", "membership__membership_type__name", "description")
list_filter = ("is_paid", "membership__membership_type")
@admin.action(description="Send order link to selected unpaid orders")
def send_order(self, request: HttpRequest, queryset: QuerySet[models.Order]) -> None:
for order in queryset:
if order.is_paid:
messages.error(
request,
f"Order pk={order.id} is already marked paid, not sending email to: {order.member.email}",
)
continue
email = OrderEmail(order, request)
email.send()
messages.success(request, f"Sent an order for order pk={order.id} link to: {order.member.email}")
@admin.register(models.Payment)
@ -59,15 +80,15 @@ class PaymentAdmin(admin.ModelAdmin):
@admin.register(models.Product)
class ProductAdmin(admin.ModelAdmin): # noqa: D101
class ProductAdmin(admin.ModelAdmin):
list_display = ("name", "price", "vat")
class TransactionInline(admin.TabularInline): # noqa: D101
class TransactionInline(admin.TabularInline):
model = models.Transaction
@admin.register(models.Account)
class AccountAdmin(admin.ModelAdmin): # noqa: D101
class AccountAdmin(admin.ModelAdmin):
list_display = ("owner", "balance")
inlines = (TransactionInline,)

View file

@ -4,6 +4,7 @@ from hashlib import md5
from typing import Self
from django.conf import settings
from django.contrib import admin
from django.db import models
from django.db.models.aggregates import Sum
from django.utils.translation import gettext as _
@ -79,8 +80,8 @@ class Order(CreatedModifiedAbstract):
is_paid = models.BooleanField(default=False, verbose_name=_("is paid"))
class Meta:
verbose_name = pgettext_lazy("accounting term", "Order")
verbose_name_plural = pgettext_lazy("accounting term", "Orders")
verbose_name = pgettext_lazy("accounting", "Order")
verbose_name_plural = pgettext_lazy("accounting", "Orders")
def __str__(self) -> str:
return f"Order ID {self.display_id}"
@ -96,6 +97,11 @@ class Order(CreatedModifiedAbstract):
return sum(item.vat * item.quantity for item in self.items.all())
@property
@admin.display(
ordering=None,
description="Total (incl. VAT)",
boolean=False,
)
def total_with_vat(self) -> Money:
"""Return the TOTAL amount WITH VAT."""
return self.total + self.total_vat

View file

@ -2,7 +2,7 @@
{% load i18n %}
{% block head_title %}
{% trans "Order" %}
{% trans "Order" context "accounting" %}
{% endblock %}
{% block content %}
@ -11,14 +11,14 @@
<h2>Order: {{ order.id }}</h2>
<p>
{% trans "Ordered" %}: {{ order.created }}<br>
{% trans "Status" %}: {{ order.is_paid|yesno:_("paid,unpaid") }}
{% trans "Ordered" context "accounting" %}: {{ order.created }}<br>
{% trans "Status" context "accounting" %}: {{ order.is_paid|yesno:_("paid,unpaid") }}
</p>
<table class="table">
<thead>
<tr>
<th>{% trans "Item" %}</th>
<th>{% trans "Item" context "accounting" %}</th>
<th>{% trans "Quantity" %}</th>
<th>{% trans "Price" %}</th>
<th>{% trans "VAT" %}</th>

View file

@ -102,7 +102,7 @@ def success(request: HttpRequest, order_id: int) -> HttpResponse:
quickly as possible.
"""
user = request.user # People just need to login to pay something, not necessarily be a member
order = models.Order.objects.get(pk=order_id, member=user)
order = get_object_or_404(models.Order, pk=order_id, member=user)
context = {
"order": order,
@ -168,7 +168,7 @@ def stripe_webhook(request: HttpRequest) -> HttpResponse:
if not models.Payment.objects.filter(order=order).exists():
models.Payment.objects.create(
order=order,
amount=Money(event["data"]["object"]["amount_total"], event["data"]["object"]["currency"]),
amount=Money(event["data"]["object"]["amount_total"] / 100.0, event["data"]["object"]["currency"]),
description="Paid via Stripe",
payment_type=models.PaymentType.objects.get_or_create(name="Stripe")[0],
external_transaction_id=event["id"],

View file

@ -14,10 +14,13 @@ from django.db import transaction
from django.db.models import QuerySet
from django.http import HttpRequest
from django.http import HttpResponse
from django.utils.text import slugify
from .emails import InviteEmail
from .models import Member
from .models import Membership
from .models import MembershipType
from .models import ServiceAccess
from .models import SubscriptionPeriod
from .models import WaitingListEntry
@ -29,6 +32,10 @@ admin.site.unregister(User)
class MembershipAdmin(admin.ModelAdmin):
"""Admin for Membership model."""
list_display = ("user", "period", "membership_type", "activated", "revoked")
list_filter = ("period", "membership_type", "activated", "revoked")
search_fields = ("membership_type__name", "user__email", "user__first_name", "user__last_name")
@admin.register(MembershipType)
class MembershipTypeAdmin(admin.ModelAdmin):
@ -40,6 +47,12 @@ class SubscriptionPeriodAdmin(admin.ModelAdmin):
"""Admin for SubscriptionPeriod model."""
@admin.register(ServiceAccess)
class ServiceAccessAdmin(admin.ModelAdmin):
"""Admin for ServiceAccess model."""
pass
class MembershipInlineAdmin(admin.TabularInline):
"""Inline admin."""
@ -59,7 +72,7 @@ def decorate_ensure_membership_type_exists(membership_type: MembershipType, labe
@transaction.atomic
def ensure_membership_type_exists(
request: HttpRequest,
queryset: QuerySet,
queryset: QuerySet[Member],
membership_type: MembershipType,
) -> HttpResponse:
"""Inner function that ensures that a membership exists for a given queryset of Member objects."""
@ -91,7 +104,12 @@ class MemberAdmin(UserAdmin):
"""Member admin is actually an admin for User objects."""
inlines = (MembershipInlineAdmin,)
actions: list[Callable] = [] # noqa: RUF012
actions: list[str | Callable] = ["send_invite"] # noqa: RUF012
list_display = ("email", "current_membership", "username", "is_staff", "is_active", "date_joined")
@admin.display(description="membership")
def current_membership(self, instance: Member) -> Membership | None:
return instance.memberships.current()
def get_actions(self, request: HttpRequest) -> dict:
"""Populate actions with dynamic data (MembershipType)."""
@ -109,7 +127,49 @@ class MemberAdmin(UserAdmin):
return super_dict
@admin.action(description="Send invite email to selected inactive accounts")
def send_invite(self, request: HttpRequest, queryset: QuerySet[Member]) -> None:
for member in queryset:
if member.is_active:
messages.error(
request,
f"Computer says no! This member will not receive an invite because the account is marked "
f"as active: {member.email}. That means the member has probably created a password and a username "
f"already, please tell them to use the password reminder function.",
)
continue
if not member.memberships.current():
messages.error(
request,
f"Computer says no! This member will not receive an invite because it has no current "
f"membership: {member.email}. You need to create a current membership before sending the invite.",
)
continue
membership = member.memberships.current()
email = InviteEmail(membership, request)
email.send()
messages.success(request, f"Sent an invitation to: {member.email}")
@admin.register(WaitingListEntry)
class WaitingListEntryAdmin(admin.ModelAdmin):
"""Admin for WaitingList model."""
list_display = ("email", "member")
actions = ("create_member",)
@admin.action(description="Create member account for entries")
def create_member(self, request: HttpRequest, queryset: QuerySet[WaitingListEntry]) -> None:
"""Create a user account for this entry.
Note that actions can soon be made available from the edit page, too:
https://github.com/django/django/pull/16012
"""
for entry in queryset:
member = Member.objects.create_user(email=entry.email, username=slugify(entry.email), is_active=False)
entry.member = member
entry.save()
messages.info(
request,
f"Added user for {entry.email} - ensure they have a membership and send an invite email.",
)

128
src/membership/emails.py Normal file
View file

@ -0,0 +1,128 @@
"""Send email to members, using templates and contexts for the emails.
* We keep everything as plain text for now.
* Notice that emails can be multilingual
* Generally, an email consists of templates (for body and subject) and a get_context() method.
"""
from accounting.models import Order
from django.contrib import messages
from django.contrib.auth.tokens import default_token_generator
from django.contrib.sites.shortcuts import get_current_site
from django.core.mail.message import EmailMessage
from django.http import HttpRequest
from django.template import loader
from django.utils import translation
from django.utils.translation import gettext_lazy as _
from .models import Membership
class BaseEmail(EmailMessage):
"""Send emails via templated body and subjects.
This base class is extended for all email functionality.
Because all emails are sent to the Member object, we can keep them gathered here, even when they are generated by
other apps (like the accounting app).
"""
template = "membership/email/base.txt"
# Optional: Set to a template path for subject
template_subject = None
default_subject = "SET SUBJECT HERE"
def __init__(self, request: HttpRequest, *args, **kwargs) -> None:
self.context = kwargs.pop("context", {})
self.user = kwargs.pop("user", None)
if self.user:
kwargs["to"] = [self.user.email]
self.context["user"] = self.user
self.context["recipient_name"] = self.user.get_display_name()
# Necessary to set request before instantiating body and subject
self.request = request
kwargs.setdefault("subject", self.get_subject())
kwargs.setdefault("body", self.get_body())
super().__init__(*args, **kwargs)
def get_context_data(self) -> dict:
"""Resolve common context for sending emails.
When overwriting, remember to call this via super().
"""
c = self.context
site = get_current_site(self.request)
c["request"] = self.request
c["domain"] = site.domain
c["site_name"] = site.name
c["protocol"] = "https" # if self.request and not self.request.is_secure() else "https"
return c
def get_body(self) -> str:
"""Build the email body from template and context."""
if self.user and self.user.language_code:
with translation.override(self.user.language_code):
body = loader.render_to_string(self.template, self.get_context_data())
else:
body = loader.render_to_string(self.template, self.get_context_data())
return body
def get_subject(self) -> str:
"""Build the email subject from template or self.default_subject."""
if self.user and self.user.language_code:
with translation.override(self.user.language_code):
if self.template_subject:
subject = loader.render_to_string(self.template_subject, self.get_context_data()).strip()
else:
subject = str(self.default_subject)
elif self.template_subject:
subject = loader.render_to_string(self.template_subject, self.get_context_data()).strip()
else:
subject = str(self.default_subject)
return subject
def send_with_feedback(self, *, success_msg: str | None = None, no_message: bool = False) -> None:
"""Send email, possibly adding feedback via django.contrib.messages."""
if not success_msg:
success_msg = _("Email successfully sent to {}").format(", ".join(self.to))
try:
self.send(fail_silently=False)
if not no_message:
messages.success(self.request, success_msg)
except RuntimeError:
messages.error(self.request, _("Not sent, something wrong with the mail server."))
class InviteEmail(BaseEmail):
template = "membership/emails/invite.txt"
default_subject = _("Invite to data.coop membership")
def __init__(self, membership: Membership, request: HttpRequest, *args, **kwargs) -> None:
self.membership = membership
kwargs["user"] = membership.user
kwargs["from_email"] = "kasserer@data.coop"
super().__init__(request, *args, **kwargs)
def get_context_data(self) -> dict:
c = super().get_context_data()
c["membership"] = self.membership
c["token"] = default_token_generator.make_token(self.membership.user)
c["referral_code"] = self.membership.referral_code
return c
class OrderEmail(BaseEmail):
template = "membership/emails/order.txt"
default_subject = _("Your data.coop order and payment")
def __init__(self, order: Order, request: HttpRequest, *args, **kwargs) -> None:
self.order = order
kwargs["user"] = order.member
kwargs["from_email"] = "kasserer@data.coop"
super().__init__(request, *args, **kwargs)
def get_context_data(self) -> dict:
c = super().get_context_data()
c["order"] = self.order
return c

39
src/membership/forms.py Normal file
View file

@ -0,0 +1,39 @@
from allauth.account.adapter import get_adapter as get_allauth_adapter
from allauth.account.forms import SetPasswordForm
from django import forms
from django.utils.translation import gettext_lazy as _
class InviteForm(SetPasswordForm):
"""Create a new password for a user account that is created through an invite."""
username = forms.CharField(
label=_("Username"),
widget=forms.TextInput(attrs={"placeholder": _("Username"), "autocomplete": "username"}),
)
def __init__(self, *args, **kwargs) -> None:
self.membership = kwargs.pop("membership")
kwargs["user"] = self.membership.user
super().__init__(*args, **kwargs)
def clean_username(self) -> str:
"""Clean the username value.
Taken from the allauth Signup form - we should consider that data can be leaked here.
"""
value = self.cleaned_data["username"]
# The allauth adapter ensures the username is unique.
return get_allauth_adapter().clean_username(value)
def save(self) -> None:
"""Save instance to db.
Note: You can hack a re-activation of a deactivated account
by getting a valid token before deactivation (from the reset password form).
We can block this by also setting Membership.revoked=False when deactivating someone's account.
"""
self.user.username = self.cleaned_data["username"]
self.user.is_active = True
self.user.save()
super().save()

View file

@ -0,0 +1,19 @@
# Generated by Django 5.1b1 on 2024-08-04 10:26
import django.db.models.deletion
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('membership', '0007_membership_activated_membership_activated_on_and_more'),
]
operations = [
migrations.AlterField(
model_name='membership',
name='membership_type',
field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='memberships', to='membership.membershiptype', verbose_name='membership type'),
),
]

View file

@ -0,0 +1,32 @@
# Generated by Django 5.1rc1 on 2024-08-07 22:32
import uuid
from django.db import migrations, models
def create_uuid(apps, schema_editor):
Membership = apps.get_model('membership', 'Membership')
for membership in Membership.objects.all():
membership.referral_code = uuid.uuid4()
membership.save()
class Migration(migrations.Migration):
dependencies = [
('membership', '0008_alter_membership_membership_type'),
]
operations = [
migrations.AddField(
model_name='membership',
name='referral_code',
field=models.UUIDField(blank=True, null=True, default=uuid.uuid4, editable=False),
),
migrations.RunPython(create_uuid),
migrations.AlterField(
model_name='membership',
name='referral_code',
field=models.UUIDField(unique=True, default=uuid.uuid4, editable=False),
),
]

View file

@ -0,0 +1,19 @@
# Generated by Django 5.1rc1 on 2024-08-14 08:05
import django.db.models.deletion
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('membership', '0009_membership_referral_code'),
]
operations = [
migrations.AddField(
model_name='waitinglistentry',
name='member',
field=models.ForeignKey(help_text='Once a member account is generated (use the admin action), this field will be marked.', null=True, blank=True, on_delete=django.db.models.deletion.CASCADE, to='membership.member', verbose_name='has member'),
),
]

View file

@ -0,0 +1,49 @@
# Generated by Django 5.1rc1 on 2024-12-22 23:20
import django.db.models.deletion
import django_registries.registry
import services.registry
from django.conf import settings
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('membership', '0010_waitinglistentry_member'),
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
]
operations = [
migrations.CreateModel(
name='ServiceAccess',
fields=[
('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('modified', models.DateTimeField(auto_now=True, verbose_name='modified')),
('created', models.DateTimeField(auto_now_add=True, verbose_name='created')),
('service', django_registries.registry.ChoicesField(choices=[('hedgedoc', 'hedgedoc'), ('mail', 'mail'), ('mastodon', 'mastodon'), ('matrix', 'matrix'), ('nextcloud', 'nextcloud'), ('rallly', 'rallly')], registry=services.registry.ServiceRegistry, verbose_name='service')),
('subscription_data', models.JSONField(blank=True, null=True, verbose_name='subscription data')),
],
options={
'verbose_name': 'service access',
'verbose_name_plural': 'service accesses',
},
),
migrations.AlterModelOptions(
name='membership',
options={'verbose_name': 'membership', 'verbose_name_plural': 'memberships'},
),
migrations.RemoveConstraint(
model_name='subscriptionperiod',
name='exclude_overlapping_periods',
),
migrations.AddField(
model_name='serviceaccess',
name='user',
field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, to=settings.AUTH_USER_MODEL),
),
migrations.AddConstraint(
model_name='serviceaccess',
constraint=models.UniqueConstraint(fields=('user', 'service'), name='unique_user_service'),
),
]

View file

@ -1,15 +1,18 @@
"""Models for the membership app."""
import uuid
from typing import ClassVar
from typing import Self
from django.contrib.auth.models import User
from django.contrib.auth.models import UserManager
from django.contrib.postgres.constraints import ExclusionConstraint
from django.contrib.postgres.fields import DateRangeField
from django.contrib.postgres.fields import RangeOperators
from django.db import models
from django.utils import timezone
from django.utils.translation import gettext as _
from services.registry import ServiceRegistry
from djmoney.money import Money
from utils.mixins import CreatedModifiedAbstract
@ -42,7 +45,23 @@ class Member(User):
),
)
objects = QuerySet.as_manager()
objects = UserManager.from_queryset(QuerySet)()
def get_display_name(self) -> str:
"""Choose how to display the user in emails and UI and ultimately to other users.
It's crucial that we currently don't have a good solution for this.
We should allow the user to define their own nick.
"""
return self.username
@property
def language_code(self) -> str:
"""Returns the user's preferred language code.
We don't have an actual setting for this... because this is a proxy table.
"""
return "da-dk"
class Meta:
proxy = True
@ -73,14 +92,14 @@ class SubscriptionPeriod(CreatedModifiedAbstract):
period = DateRangeField(verbose_name=_("period"))
class Meta:
constraints: ClassVar = [
constraints: (
ExclusionConstraint(
name="exclude_overlapping_periods",
expressions=[
("period", RangeOperators.OVERLAPS),
],
),
]
)
def __str__(self) -> str:
return f"{self.period.lower} - {self.period.upper or _('next general assembly')}"
@ -122,10 +141,13 @@ class Membership(CreatedModifiedAbstract):
user = models.ForeignKey("auth.User", on_delete=models.PROTECT, related_name="memberships")
# This code is used for inviting a user to create an account for this membership.
referral_code = models.UUIDField(unique=True, default=uuid.uuid4, editable=False)
membership_type = models.ForeignKey(
"membership.MembershipType",
related_name="memberships",
verbose_name=_("subscription type"),
verbose_name=_("membership type"),
on_delete=models.PROTECT,
)
@ -209,6 +231,14 @@ class WaitingListEntry(CreatedModifiedAbstract):
email = models.EmailField()
geography = models.CharField(verbose_name=_("geography"), blank=True, default="")
comment = models.TextField(blank=True)
member = models.ForeignKey(
Member,
null=True,
blank=True,
verbose_name=_("has member"),
help_text=_("Once a member account is generated (use the admin action), this field will be marked."),
on_delete=models.CASCADE,
)
def __str__(self) -> str:
return self.email
@ -216,3 +246,30 @@ class WaitingListEntry(CreatedModifiedAbstract):
class Meta:
verbose_name = _("waiting list entry")
verbose_name_plural = _("waiting list entries")
class ServiceAccess(CreatedModifiedAbstract):
"""Access to a service for a user."""
class Meta:
verbose_name = _("service access")
verbose_name_plural = _("service accesses")
constraints = (
models.UniqueConstraint(
fields=["user", "service"],
name="unique_user_service",
),
)
user = models.ForeignKey("auth.User", on_delete=models.PROTECT)
service = ServiceRegistry.choices_field(verbose_name=_("service"))
subscription_data = models.JSONField(
verbose_name=_("subscription data"),
null=True,
blank=True,
)
def __str__(self) -> str:
return f"{self.user} - {self.service}"

View file

@ -0,0 +1,9 @@
{% load i18n %}{% block greeting %}{% blocktrans %}Dear {{ recipient_name }},{% endblocktrans %}{% endblock %}
{% block content %}{% endblock %}
{% trans "Cooperatively yours," %}
{{ site_name }}
{{ protocol }}://{{ domain }}

View file

@ -0,0 +1,7 @@
{% extends "membership/emails/base.txt" %}{% load i18n %}
{% block content %}{% url 'member:membership-invite' token=token referral_code=referral_code as invite_url %}{% blocktrans %}Here is your secret URL for creating an account with us:
{{ protocol }}://{{ domain }}{{ invite_url }}
If you did not request this account, get in touch with us.{% endblocktrans %}{% endblock %}

View file

@ -0,0 +1,17 @@
{% extends "membership/emails/base.txt" %}{% load i18n %}
{% block content %}{% url 'order:detail' order_id=order.id as order_url %}{% blocktrans %}You have an order in our system, which you can pay here:
{{ protocol }}://{{ domain }}{{ order_url }}
We used to handle membership stuff in a spreadsheet and via bank transfers. This is now all handled with our custom-made membership system. We hope you like it.
If you received this email and no longer want a membership, you can ignore it. But please let us know by writing board@data.coop, so we can erase any personal data we have about your previous membership.
Dansk:
Hej! Så kører medlemsystemet endeligt! Det er mega-fedt, fordi vi længe har haft besvær med manuelle procedurer. Nu har vi flyttet medlemsdata over på member.data.coop, og betalingen fungerer. Vi kan dermed fremover arbejde stille og roligt på at integrere systemet, så man kan styre sine services via medlemssystemet.
Hvis du ikke længere vil være medlem, kan du ignorere mailen her; men du må meget gerne informere os via board@data.coop, så vi kan slette evt. personlige data og services, du har kørende på dit tidligere medlemskab.
{% endblocktrans %}{% endblock %}

View file

@ -0,0 +1,21 @@
{% extends "base.html" %}
{% load i18n %}
{% block head_title %}
{% trans "Membership" %}
{% endblock %}
{% block content %}
<div class="content-view">
<h2>{% trans "Create account" %}</h2>
<p>{% trans "Congratulations! You've been invited to create an account with us:" %}</p>
<p>Email: <strong>{{ membership.user.email }}</strong></p>
<form method="POST">
{% csrf_token %}
{{ form.as_p }}
<button type="submit" class="btn">{% trans "Create account" %}</button>
</form>
</div>
{% endblock %}

View file

@ -4,12 +4,20 @@ from __future__ import annotations
from typing import TYPE_CHECKING
from django.contrib import messages
from django.contrib.auth.tokens import default_token_generator
from django.http import HttpResponseForbidden
from django.shortcuts import get_object_or_404
from django.shortcuts import redirect
from django.utils.translation import gettext_lazy as _
from django_ratelimit.decorators import ratelimit
from django_view_decorator import namespaced_decorator_factory
from utils.view_utils import RenderConfig
from utils.view_utils import RowAction
from utils.view_utils import render
from .forms import InviteForm
from .models import Membership
from .permissions import ADMINISTRATE_MEMBERS
from .selectors import get_member
from .selectors import get_members
@ -113,3 +121,49 @@ def members_admin_detail(request: HttpRequest, member_id: int) -> HttpResponse:
template_name="membership/members_admin_detail.html",
context=context,
)
@ratelimit(group="membership", key="ip", rate="10/d", method="ALL", block=True)
@member_view(
paths="invite/<str:referral_code>/<str:token>/",
name="membership-invite",
login_required=False,
)
def invite(request: HttpRequest, referral_code: str, token: str) -> HttpResponse:
"""View to invite a member to create a membership.
The token belongs to a non-active Member object. If the token is valid,
the caller is allowed to create a membership.
We ratelimit this view so it's not possible to brute-force tokens.
"""
if request.user.is_authenticated:
return HttpResponseForbidden("You're already logged in. So you cannot receive an invite.")
# Firstly, we get the membership by the referral code.
membership = get_object_or_404(Membership, referral_code=referral_code, user__is_active=False, revoked=False)
token_valid = default_token_generator.check_token(membership.user, token)
if not token_valid:
raise HttpResponseForbidden("Token not valid - maybe it expired?")
if request.method == "POST":
form = InviteForm(membership=membership, data=request.POST)
if form.is_valid():
form.save()
messages.info(request, _("Password is set for your account and you can now login."))
return redirect("account_login")
else:
form = InviteForm(membership=membership)
context = {
"token": token,
"membership": membership,
"form": form,
}
return render(
request=request,
template_name="membership/invite.html",
context=context,
)

View file

@ -46,12 +46,15 @@ THIRD_PARTY_APPS = [
"allauth",
"allauth.account",
"django_view_decorator",
"django_registries",
"oauth2_provider",
]
LOCAL_APPS = [
"utils",
"accounting",
"membership",
"services",
]
INSTALLED_APPS = [
@ -160,6 +163,16 @@ ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_SIGNUP_PASSWORD_ENTER_TWICE = False
ACCOUNT_USERNAME_REQUIRED = False
# OAuth2 configuration
OAUTH2_PROVIDER = {
"OIDC_ENABLED": True,
"SCOPES": {
"openid": "OpenID Connect scope",
"profile": "Profile Information",
},
"PKCE_REQUIRED": False, # this can be a callable - https://github.com/jazzband/django-oauth-toolkit/issues/711#issuecomment-497073038
}
# Logging
# We want to log everything to stdout in docker
LOGGING = {
@ -182,6 +195,10 @@ LOGGING = {
STRIPE_API_KEY = env.str("STRIPE_API_KEY")
STRIPE_ENDPOINT_SECRET = env.str("STRIPE_ENDPOINT_SECRET")
# The number of seconds a password reset link is valid for (default: 3 days).
# We've extended this to 7 days because invites then last for 1 week.
PASSWORD_RESET_TIMEOUT = 60 * 60 * 24 * 7
if DEBUG:
INSTALLED_APPS += ["debug_toolbar", "django_browser_reload"]
MIDDLEWARE += [

View file

@ -51,6 +51,7 @@ h6 {
--light-dust: #fefef9;
--dust: #f4f1ef;
--medium-dust: #dadada;
--medium-dust : #dadada;
--dark-dust: #bfbfbf;
--fade: #878787;
--twilight: #4a4a4a;
@ -256,7 +257,7 @@ div.content-view>h2 {
div.services {
display: flex;
justify-content: space-between;
justify-content: start;
gap: var(--double-space);
flex-wrap: wrap;
}
@ -504,6 +505,11 @@ footer {
opacity: 0.8;
}
footer a, footer a:visited, footer a:active {
color: var(--dust);
text-decoration: underline;
}
span.time_remaining {
color: var(--fade);
}

View file

@ -78,13 +78,13 @@
</a>
</li>
{% comment %}
{% if user.is_superuser %}
<li>
<a href="/services" class="{% active_path "services" "current" %}">
<a href="{% url "services:list" %}" class="{% active_path "services:list" "current" %}">
Services
</a>
</li>
{% endcomment %}
{% endif %}
<li>
<a href="{% url "account_email" %}" class="{% active_path "account_email" "current" %}">
@ -102,11 +102,21 @@
</ol>
</nav>
<article>
{% if messages %}
<div class="content-view">
{% for message in messages %}
<p>📨</p>
<p><strong>{{ message }}</strong></p>
{% endfor %}
</div>
{% endif %}
{% block content %}{% endblock %}
</article>
</main>
<footer>
data.coop membersystem version 0.0.1
data.coop membersystem alpha - report issues on <a href="https://git.data.coop/data.coop/membersystem/">git</a>
</footer>
<script>
const themeSwitcher = document.getElementById('theme-switcher');

View file

@ -14,6 +14,10 @@
It is very much under construction.
</p>
{% for order in unpaid_orders %}
<p>You have an unpaid order: <a href="{% url "order:detail" order_id=order.id %}">View Order ID {{ order.id }}</a></p>
{% endfor %}
{% comment %}
<hr>
<br>

View file

@ -1,62 +0,0 @@
{% extends "base.html" %}
{% block content %}
<div class="content-view">
Coming soon!
</div>
{% comment %}
<div class="content-view">
<h2>Services you subscribe to</h2>
<div class="services">
<div>
<div class="description">
<h3>Passit</h3>
<p>Passit is a service that blabla</p>
<a href="#">Read more &hellip;</a>
</div>
<a>Unsubscribe</a>
</div>
</div>
</div>
<div class="content-view">
<h2>Available services</h2>
<div class="services">
<div>
<div class="description">
<h3>Forgejo</h3>
<p>Forgejo is a service that blabla</p>
<a href="#">Read more &hellip;</a>
</div>
<a>Subscribe</a>
</div>
<div>
<div class="description">
<h3>Mastodon</h3>
<p>Mastodon is a service where you can write things to people around the world.</p>
<a href="#">Read more &hellip;</a>
</div>
<a>Subscribe</a>
</div>
<div>
<div class="description">
<h3>Matrix</h3>
<p>Matrix is a service that blabla</p>
<a href="#">Read more &hellip;</a>
</div>
<a>Subscribe</a>
</div>
<div>
<div class="description">
<h3>NextCloud</h3>
<p>NextCloud is a service that blabla</p>
<a href="#">Read more &hellip;</a>
</div>
<a>Subscribe</a>
</div>
</div>
</div>
{% endcomment %}
{% endblock %}

View file

@ -8,6 +8,7 @@ from django_view_decorator import include_view_urls
urlpatterns = [
path("", include_view_urls(extra_modules=["project.views"])),
path("o/", include("oauth2_provider.urls", namespace="oauth2_provider")),
path("accounts/", include("allauth.urls")),
path("_admin/", admin.site.urls),
]

View file

@ -1,11 +1,13 @@
"""Project views."""
from __future__ import annotations
from membership.models import ServiceAccess
from services.registry import ServiceRegistry
from utils.view_utils import render
from typing import TYPE_CHECKING
from accounting.models import Order
from django_view_decorator import view
from utils.view_utils import render
if TYPE_CHECKING:
from django.http import HttpRequest
@ -19,14 +21,8 @@ if TYPE_CHECKING:
)
def index(request: HttpRequest) -> HttpResponse:
"""View to show the index page."""
return render(request, "index.html")
unpaid_orders = Order.objects.filter(member=request.user, is_paid=False)
context = {"unpaid_orders": list(unpaid_orders)}
@view(
paths="services/",
name="services",
login_required=True,
)
def services_overview(request: HttpRequest) -> HttpResponse:
"""View to show the services overview."""
return render(request, "services_overview.html")
return render(request, "index.html", context=context)

0
src/services/__init__.py Normal file
View file

1
src/services/admin.py Normal file
View file

@ -0,0 +1 @@
# Register your models here.

6
src/services/apps.py Normal file
View file

@ -0,0 +1,6 @@
from django.apps import AppConfig
class ServicesConfig(AppConfig):
default_auto_field = "django.db.models.BigAutoField"
name = "services"

View file

1
src/services/models.py Normal file
View file

@ -0,0 +1 @@
# Create your models here.

38
src/services/registry.py Normal file
View file

@ -0,0 +1,38 @@
"""Registry for services."""
from django import forms
from django_registries.registry import Interface
from django_registries.registry import Registry
class ServiceRegistry(Registry):
"""Registry for services."""
implementations_module = "services"
class ServiceInterface(Interface):
"""Interface for services."""
registry = ServiceRegistry
name: str
description: str
url: str
public: bool = False
# TODO: add a way to add a something which defines the required fields for a service
# - maybe a list of tuples with the field name and the type of the field
# this could be used to generate a form for the service, and also to validate
# the data saved in a JSONField on the ServiceAccess model
subscribe_fields: tuple[tuple[str, forms.Field]] = []
def get_form_class(self) -> type:
"""Get the form class for the service."""
return type(
"ServiceForm",
(forms.Form,),
dict(self.subscribe_fields),
)

76
src/services/services.py Normal file
View file

@ -0,0 +1,76 @@
"""Service classes for data.coop."""
from django import forms
from .registry import ServiceInterface
class MailService(ServiceInterface):
"""Mail service."""
slug = "mail"
name = "Mail"
url = "https://mail.data.coop"
description = "Mail service for data.coop"
subscribe_fields = (("username", forms.CharField()),)
class MatrixService(ServiceInterface):
"""Matrix service."""
slug = "matrix"
name = "Matrix"
url = "https://matrix.data.coop"
description = "Matrix service for data.coop"
subscribe_fields = (("username", forms.CharField()),)
class MastodonService(ServiceInterface):
"""Mastodon service."""
slug = "mastodon"
name = "Mastodon"
url = "https://social.data.coop"
description = "Mastodon service for data.coop"
subscribe_fields = (("username", forms.CharField()),)
class NextcloudService(ServiceInterface):
"""Nextcloud service."""
slug = "nextcloud"
name = "Nextcloud"
url = "https://cloud.data.coop"
description = "Nextcloud service for data.coop"
class HedgeDocService(ServiceInterface):
"""HedgeDoc service."""
slug = "hedgedoc"
name = "HedgeDoc"
url = "https://pad.data.coop"
public = True
description = "HedgeDoc service for data.coop"
class ForgejoService(ServiceInterface):
"""Forgejo service."""
slug = "forgejo"
name = "Forgejo"
url = "https://git.data.coop"
description = "Git service for data.coop"
class RalllyService(ServiceInterface):
"""Rallly service."""
slug = "rallly"
name = "Rallly"
url = "https://when.data.coop"
public = True
description = "Rallly service for data.coop"

View file

@ -0,0 +1,9 @@
{% extends "base.html" %}
{% block content %}
<div class="content-view">
<h2>{{ service.name }}</h2>
</div>
{% endblock %}

View file

@ -0,0 +1,19 @@
{% extends "base.html" %}
{% block content %}
<div class="content-view">
<h2>Subscribe to {{ service.name }}</h2>
<form method="POST">
{% csrf_token %}
{{ form }}
<button type="submit">
Subscribe
</button>
</form>
</div>
{% endblock %}

View file

@ -0,0 +1,45 @@
{% extends "base.html" %}
{% block content %}
<div class="content-view">
<h2>Services you subscribe to</h2>
<div class="services">
{% for service in active_services %}
<div>
<div class="description">
<h3>{{ service.name }}</h3>
<p>...</p>
<a href="#">Read more &hellip;</a>
</div>
<a>Unsubscribe</a>
</div>
{% empty %}
<p>You are not subscribed to any service.</p>
{% endfor %}
</div>
</div>
<div class="content-view">
<h2>Available services</h2>
<div class="services">
{% for service in non_active_services %}
<div>
<div class="description">
<h3>{{ service.name }}</h3>
<p>{{ service.description }}</p>
<a href="{% url "services:detail" service_slug=service.slug %}">
Read more
</a>
|
<a href="{{ service.url }}" target="_blank">
Visit
</a>
</div>
<a href="{% url "services:subscribe" service_slug=service.slug %}">Subscribe</a>
</div>
{% endfor %}
</div>
</div>
{% endblock %}

1
src/services/tests.py Normal file
View file

@ -0,0 +1 @@
# Create your tests here.

114
src/services/views.py Normal file
View file

@ -0,0 +1,114 @@
"""Views for the services app."""
from __future__ import annotations
from typing import TYPE_CHECKING
from django.shortcuts import redirect
from django_view_decorator import namespaced_decorator_factory
from membership.models import ServiceAccess
from utils.view_utils import render
from services.registry import ServiceInterface
from services.registry import ServiceRegistry
if TYPE_CHECKING:
from django.contrib.auth.models import User
from django.http import HttpRequest
from django.http import HttpResponse
services_view = namespaced_decorator_factory(
namespace="services",
base_path="services",
)
@services_view(
paths="",
name="list",
login_required=True,
)
def services_overview(request: HttpRequest) -> HttpResponse:
"""View all services."""
active_services = get_services(user=request.user)
active_service_classes = [service.__class__ for service in active_services]
services = [service for _, service in ServiceRegistry.get_items() if service not in active_service_classes]
context = {
"non_active_services": services,
"active_services": active_services,
}
return render(
request=request,
template_name="services/services_overview.html",
context=context,
)
@services_view(
paths="<str:service_slug>/",
name="detail",
login_required=True,
)
def service_detail(request: HttpRequest, service_slug: str) -> HttpResponse:
"""View a service."""
service = ServiceRegistry.get(slug=service_slug)
context = {
"service": service,
}
return render(
request=request,
template_name="services/service_detail.html",
context=context,
)
@services_view(
paths="<str:service_slug>/subscribe/",
name="subscribe",
login_required=True,
)
def service_subscribe(request: HttpRequest, service_slug: str) -> HttpResponse:
"""Subscribe to a service."""
service = ServiceRegistry.get(slug=service_slug)
form_class = service.get_form_class()
if request.method == "POST":
form = form_class(request.POST)
if form.is_valid():
data = form.cleaned_data
service_access = ServiceAccess(
user=request.user,
service=service.slug,
subscription_data=data,
)
service_access.save()
return redirect("services:list")
context = {
"service": service,
"base_path": "services:list",
"form": form_class(),
}
return render(
request=request,
template_name="services/service_subscribe.html",
context=context,
)
def get_services(*, user: User) -> list[ServiceInterface]:
"""Get services for the user."""
return [
access.service_implementation
for access in ServiceAccess.objects.filter(
user=user,
)
]