Merge branch 'EuroPython:ep2021' into issue-823-improve-textcha-for-registration

Author: ethancarlsson

Makefile

@@ -13,6 +13,7 @@ help:
 	@echo "update-requirements - run pip compile and rebuild the requirements files"
 	@echo "migrations - generate migrations in a clean container"
 	@echo "shell - start a django shell"
+	@echo "bash - start a bash shell in a running container"
 	@echo "urls - print url routes"
 
 	@echo "\n[TEST]"
@@ -80,6 +81,9 @@ migrations: build
 shell:
 	docker-compose run --rm epcon "./manage.py shell_plus"
 
+bash:
+	docker-compose exec epcon /bin/bash
+
 urls:
 	docker-compose run --rm epcon "./manage.py show_urls"
 

assets/css/europython-customizations.css

@@ -87,6 +87,10 @@ a.navbar-brand:hover{
     flex-wrap: wrap;
 }
 
+#days-navbar {
+    background-image: none;
+}
+
 #content_page {
     min-height: 500px;
     margin: 40px 0;

cms_utils/cms_plugins.py

@@ -1,14 +1,19 @@
-# -*- coding: utf-8 -*-
-from django.utils.translation import ugettext_lazy as _
 from cms.plugin_base import CMSPluginBase
 from cms.plugin_pool import plugin_pool
-from .models import MarkitUpPluginModel
+from django.utils.translation import ugettext_lazy as _
+
+from .models import MarkitUpPluginModel, TemplatePluginModel
 
 
+@plugin_pool.register_plugin
 class MarkItUpPlugin(CMSPluginBase):
     name = _('MarkItUp')
     model = MarkitUpPluginModel
     render_template = 'djangocms_markitup/markitup.html'
 
 
-plugin_pool.register_plugin(MarkItUpPlugin)
+@plugin_pool.register_plugin
+class TemplatePlugin(CMSPluginBase):
+    name = _('Template Plugin')
+    model = TemplatePluginModel
+    render_template = 'djangocms_template/template_plugin.html'

cms_utils/migrations/0002_templatepluginmodel.py

@@ -0,0 +1,26 @@
+# Generated by Django 2.2.23 on 2021-05-23 14:06
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('cms', '0022_auto_20180620_1551'),
+        ('cms_utils', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='TemplatePluginModel',
+            fields=[
+                ('cmsplugin_ptr', models.OneToOneField(auto_created=True, on_delete=django.db.models.deletion.CASCADE, parent_link=True, primary_key=True, related_name='cms_utils_templatepluginmodel', serialize=False, to='cms.CMSPlugin')),
+                ('body', models.TextField()),
+            ],
+            options={
+                'abstract': False,
+            },
+            bases=('cms.cmsplugin',),
+        ),
+    ]

cms_utils/models.py

@@ -1,7 +1,11 @@
-# -*- coding: utf-8 -*-
-from markitup.fields import MarkupField
 from cms.models import CMSPlugin
+from django.db import models
+from markitup.fields import MarkupField
 
 
 class MarkitUpPluginModel(CMSPlugin):
     body = MarkupField()
+
+
+class TemplatePluginModel(CMSPlugin):
+    body = models.TextField()

cms_utils/templates/djangocms_template/template_plugin.html

@@ -0,0 +1 @@
+{{ instance.body|safe }}

conference/accounts.py

@@ -23,6 +23,7 @@
 from assopy.models import AssopyUser, Token
 from conference.models import CaptchaQuestion, AttendeeProfile
 from p3.models import P3Profile
+from conference.forms import CustomPasswordResetForm
 
 
 LOGIN_TEMPLATE = "conference/accounts/login.html"
@@ -304,6 +305,7 @@ def clean(self):
             success_url=reverse_lazy("accounts:password_reset_done"),
             email_template_name="conference/emails/password_reset_email.txt",
             subject_template_name="conference/emails/password_reset_subject.txt",
+            form_class=CustomPasswordResetForm,
         ),
         name="password_reset",
     ),

conference/admin.py

@@ -1264,6 +1264,32 @@ class NewsAdmin(admin.ModelAdmin):
     readonly_fields = ('uuid',)
 
 
+### Streaming
+
+@admin.register(models.StreamSet)
+class StreamSetAdmin(admin.ModelAdmin):
+    list_display = (
+        'conference',
+        'enabled',
+        'name',
+        'start_date',
+        'end_date',
+    )
+    list_display_links = (
+        'name',
+        )
+    list_filter = (
+        'conference',
+        'enabled',
+    )
+    ordering = (
+        'start_date',
+        'name',
+        'enabled',
+    )
+
+### Old school registrations:
+
 admin.site.register(models.CaptchaQuestion, CaptchaQuestionAdmin)
 admin.site.register(models.Conference, ConferenceAdmin)
 admin.site.register(models.ConferenceTag, ConferenceTagAdmin)
@@ -1274,3 +1300,4 @@ class NewsAdmin(admin.ModelAdmin):
 admin.site.register(models.Sponsor, SponsorAdmin)
 admin.site.register(models.Ticket, TicketAdmin)
 admin.site.register(models.News, NewsAdmin)
+

conference/api.py

@@ -15,8 +15,10 @@
 from enum import Enum
 import json
 from functools import wraps
+from hashlib import md5
 from django.conf.urls import url as re_path
-from django.contrib.auth.hashers import check_password
+from django.contrib.auth.hashers import check_password as django_check_password
+from django.contrib.auth.hashers import is_password_usable
 from django.db.models import Q
 from django.http import JsonResponse
 from django.views.decorators.csrf import csrf_exempt
@@ -29,6 +31,7 @@
 )
 from pycon.settings import MATRIX_AUTH_API_DEBUG as DEBUG
 from pycon.settings import MATRIX_AUTH_API_ALLOWED_IPS as ALLOWED_IPS
+from pycon.settings import SECRET_KEY
 
 
 # Error Codes
@@ -113,6 +116,57 @@ def wrapper(request, *args, **kwargs):
     return wrapper
 
 
+def check_user_password(user, password):
+    # Two options: either our User has a valid password, in which case we do
+    # check it, or not, in which case we check it against the generated passwd.
+    if not is_password_usable(user.password):
+        return password == generate_matrix_password(user)
+    return django_check_password(password, user.password)
+
+
+def get_assigned_tickets(user, conference):
+    return Ticket.objects.filter(
+        Q(fare__conference=conference.code)
+        & Q(frozen=False)                   # i.e. the ticket was not cancelled
+        & Q(orderitem__order___complete=True)       # i.e. they paid
+        & Q(user=user)                              # i.e. assigned to user
+    )
+
+
+def is_speaker(user, conference):
+    # A speaker is a user with at least one accepted talk in the current
+    # conference.
+    try:
+        speaker = user.speaker
+    except Speaker.DoesNotExist:
+        return False
+    return TalkSpeaker.objects.filter(
+        speaker=speaker,
+        talk__conference=conference.code,
+        talk__status='accepted'
+    ).count() > 0
+
+
+def generate_matrix_password(user):
+    """
+    Create a temporary password for `user` to that they can login into our
+    matrix chat server using their email address and that password. This is
+    only needed for social auth users since they do not have a valid password
+    in our database.
+
+    The generated passowrd is not stored anywhere.
+    """
+    def n_base_b(n, b, nums='0123456789abcdefghijklmnopqrstuvwxyz'):
+        """Return `n` in base `b`."""
+
+        return ((n == 0) and nums[0]) or \
+            (n_base_b(n // b, b, nums).lstrip(nums[0]) + nums[n % b])
+
+    encoded = md5(str(user.email + SECRET_KEY).encode()).hexdigest()
+    n = int(encoded, 16)
+    return n_base_b(n, 36)
+
+
 @csrf_exempt
 @ensure_post
 @ensure_https_in_ops
@@ -130,6 +184,13 @@ def isauth(request):
         "password": str (not encrypted)
     }
 
+    or
+
+    {
+        "username": str,
+        "password": str (not encrypted)
+    }
+
     Output (JSON)
     {
         "username": str,
@@ -153,62 +214,55 @@ def isauth(request):
         "error": int
     }
     """
-    required_fields = {'email', 'password'}
-
     try:
         data = json.loads(request.body)
     except json.decoder.JSONDecodeError as ex:
         return _error(ApiError.INPUT_ERROR, ex.msg)
 
-    if not isinstance(data, dict) or not required_fields.issubset(data.keys()):
+    if not isinstance(data, dict):
         return _error(ApiError.INPUT_ERROR,
                       'please provide credentials in JSON format')
-
-    # First, let's find the user/account profile given the email address
-    try:
-        profile = AttendeeProfile.objects.get(user__email=data['email'])
-    except AttendeeProfile.DoesNotExist:
-        return _error(ApiError.AUTH_ERROR, 'unknown user')
+    if 'password' not in data:
+        return _error(ApiError.INPUT_ERROR,
+                      'please provide user password in JSON payload')
+    if 'username' not in data and 'email' not in data:
+        return _error(ApiError.INPUT_ERROR,
+                      'please provide username or email in JSON payload')
+
+    # First, let's find the user/account profile given the email/username as
+    # appropriate.
+    if 'email' in data:
+        try:
+            profile = AttendeeProfile.objects.get(user__email=data['email'])
+        except AttendeeProfile.DoesNotExist:
+            return _error(ApiError.AUTH_ERROR, 'unknown user')
+    elif 'username' in data:
+        try:
+            profile = AttendeeProfile.objects.get(
+                user__username=data['username']
+            )
+        except AttendeeProfile.DoesNotExist:
+            return _error(ApiError.AUTH_ERROR, 'unknown user')
+    else:
+        return _error(ApiError.INPUT_ERROR, 'no email/username provided')
 
     # Is the password OK?
-    if not check_password(data['password'], profile.user.password):
+    if not check_user_password(profile.user, data['password']):
         return _error(ApiError.AUTH_ERROR, 'authentication error')
 
-    # Get the tickets **assigned** to the user
     conference = Conference.objects.current()
-
-    tickets = Ticket.objects.filter(
-        Q(fare__conference=conference.code)
-        & Q(frozen=False)                   # i.e. the ticket was not cancelled
-        & Q(orderitem__order___complete=True)       # i.e. they paid
-        & Q(user=profile.user)                      # i.e. assigned to user
-    )
-
-    # A speaker is a user with at least one accepted talk in the current
-    # conference.
-    try:
-        speaker = profile.user.speaker
-    except Speaker.DoesNotExist:
-        is_speaker = False
-    else:
-        is_speaker = TalkSpeaker.objects.filter(
-            speaker=speaker,
-            talk__conference=conference.code,
-            talk__status='accepted'
-        ).count() > 0
-
     payload = {
         "username": profile.user.username,
         "first_name": profile.user.first_name,
         "last_name": profile.user.last_name,
         "email": profile.user.email,
         "is_staff": profile.user.is_staff,
-        "is_speaker": is_speaker,
+        "is_speaker": is_speaker(profile.user, conference),
         "is_active": profile.user.is_active,
         "is_minor": profile.is_minor,
         "tickets": [
             {"fare_name": t.fare.name, "fare_code": t.fare.code}
-            for t in tickets
+            for t in get_assigned_tickets(profile.user, conference)
         ]
     }
 

conference/cfp.py

@@ -14,7 +14,7 @@
 
 from phonenumber_field.formfields import PhoneNumberField
 
-from .forms import ProposalForm
+from .forms import ProposalForm, TalkBaseForm
 from .models import (
     Conference,
     AttendeeProfile,
@@ -280,8 +280,8 @@ def add_speaker_to_talk(speaker, talk):
 
 
 class AddSpeakerToTalkForm(forms.ModelForm):
-    users_given_name = forms.CharField(label="Given name of the speaker")
-    users_family_name = forms.CharField(label="Family name of the speaker")
+    users_given_name = forms.CharField(label="Given name")
+    users_family_name = forms.CharField(label="Family name")
     is_minor = forms.BooleanField(
         label="Are you a minor?",
         help_text=(
@@ -322,6 +322,9 @@ class AddSpeakerToTalkForm(forms.ModelForm):
         ),
         widget=forms.Textarea(),
     )
+    i_accept_speaker_release  = TalkBaseForm.base_fields[
+        'i_accept_speaker_release'
+    ]
 
     class Meta:
         model = AttendeeProfile

conference/forms/__init__.py

@@ -1,2 +1,3 @@
+from .auth import *   # noqa
 from .forms import *  # noqa
 from .talks import *  # noqa

conference/forms/auth.py

@@ -0,0 +1,19 @@
+from django.contrib.auth import get_user_model
+from django.contrib.auth.forms import PasswordResetForm
+
+
+class CustomPasswordResetForm(PasswordResetForm):
+    def get_users(self, email):
+        """Given an email, return matching user(s) who should receive a reset.
+
+        This allows subclasses to more easily customize the default policies
+        that prevent inactive users and users with unusable passwords from
+        resetting their password.
+        """
+        user_model = get_user_model()
+        active_users = user_model._default_manager.filter(**{
+            'email__iexact': email,
+            'is_active': True,
+        })
+        d = (u for u in active_users)
+        return d

conference/forms/talks.py

@@ -22,9 +22,6 @@ class TalkUpdateForm(forms.ModelForm):
     domain_level = TalkBaseForm.base_fields["domain_level"]
     if 'availability' in TalkBaseForm.base_fields:
         availability = TalkBaseForm.base_fields["availability"]
-    i_accept_speaker_release  = TalkBaseForm.base_fields[
-        'i_accept_speaker_release'
-    ]
 
     class Meta:
         model = Talk