Merge pull request #381 from rdmorganiser/dev

merge RDMO 1.6

AUTHORS

@@ -30,6 +30,7 @@ The development of RDMO was supported by the following institutions:
         Universität Duisburg Essen (https://www.uni-due.de/en/index.php)
     Technische Universität Darmstadt (https://www.tu-darmstadt.de)
     HeFDI - Hessische Forschungsdateninfrastrukturen (https://www.uni-marburg.de/de/hefdi)
+    Robert Koch-Institut (https://rki.de)
 
 Funding for RDMO was received from:
 

CHANGELOG.md

@@ -1,5 +1,38 @@
 # Changelog
 
+## RDMO 1.6
+
+* Improve management interface, refactor filters and fetch lists on model opening
+* Improve interview and save only changed values
+* Improve error output for imports
+* Add nested questionsets to catalogs and set_prefix to values
+* Add default values for questions (as part of the catalog)
+* Add optional flag to questions (which excludes them from progress computation)
+* Add width to questions to enable table-like input
+* Add autocomplete widget incl. server-side search for optionset plugins
+* Add conditions for single questions and refactor condition handling
+* Add PROJECT_QUESTIONS_AUTOSAVE settings to automatically save on user interaction
+* Add tooltips to markdown help texts using the special `[text]{tooltip}` syntax
+* Add issues/views block to projects even when empty and add PROJECT_ISSUES and PROJECT_VIEWS settings
+* Add autofocus to project title in the create project form
+* Add overlay tutorials to projects and project pages
+* Add check_condition tag to check conditions in project_answers and views
+* Add checkboxed to hide questions, questionsets and options in the management interface
+* Add export form to questions sidebar in order to save vertical space
+* Add snapshot information to view
+* Add is_empty to values and view_tags
+* Add manage.py upgrade script to combine migrate, download_vendor_files and collectstatic
+* Add GitLab provider and refactor GitHub provider
+* Make questionset id attribute explicit and migrate existing questionsets accordingly
+* Refactor theme creation
+* Remove caching for project questionsets, since the api is now project specific
+* Replace package csv by defusedcsv to prevent csv vulnerabilities
+* Fix title warning for questions modal
+* Fix continuation for catalog switch
+* Split project_detail_header template and add catalogs to project page
+* Allow for custom user models (in fresh instances)
+* Optimize database access and increase overall performance
+
 ## RDMO 1.5.5 (Mar 25, 2021)
 
 * Fix signup url on home page

NOTICE

@@ -79,6 +79,33 @@ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 
+Django REST Swagger <https://github.com/marcgibbons/django-rest-swagger>
+-------------------------------------------------------
+
+Copyright (c) 2013-2016, Marc Gibbons
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
 Twitter bootstrap <http://twitter.github.io/bootstrap/>
 -------------------------------------------------------
 

rdmo/__init__.py

@@ -1,5 +1,5 @@
 __title__ = 'rdmo'
-__version__ = '1.5.5'
+__version__ = '1.6-rc.1'
 __author__ = 'RDMO Arbeitsgemeinschaft'
 __email__ = 'rdmo-team@listserv.dfn.de'
 __license__ = 'Apache-2.0'

rdmo/accounts/__init__.py

@@ -1 +0,0 @@
-default_app_config = 'rdmo.accounts.apps.AccountsConfig'

rdmo/accounts/apps.py

@@ -1,5 +1,5 @@
 from django.apps import AppConfig
-from django.utils.translation import ugettext_lazy as _
+from django.utils.translation import gettext_lazy as _
 
 
 class AccountsConfig(AppConfig):

rdmo/accounts/forms.py

@@ -2,8 +2,8 @@
 
 from django import forms
 from django.conf import settings
-from django.contrib.auth.models import User
-from django.utils.translation import ugettext_lazy as _
+from django.contrib.auth import get_user_model
+from django.utils.translation import gettext_lazy as _
 
 from .models import AdditionalField, AdditionalFieldValue, ConsentFieldValue
 
@@ -15,7 +15,7 @@ class ProfileForm(forms.ModelForm):
     use_required_attribute = False
 
     class Meta:
-        model = User
+        model = get_user_model()
         if settings.ACCOUNT:
             fields = ('first_name', 'last_name')
         else:

rdmo/accounts/migrations/0009_proxyuser.py

@@ -3,6 +3,7 @@
 from __future__ import unicode_literals
 
 import django.contrib.auth.models
+from django.conf import settings
 from django.db import migrations
 
 
@@ -23,7 +24,7 @@ class Migration(migrations.Migration):
                 'proxy': True,
                 'permissions': (('view_user', 'Can view user'),),
             },
-            bases=('auth.user',),
+            bases=(settings.AUTH_USER_MODEL,),
             managers=[
                 ('objects', django.contrib.auth.models.UserManager()),
             ],

rdmo/accounts/models.py

@@ -1,9 +1,9 @@
-from django.contrib.auth.models import User
+from django.conf import settings
 from django.contrib.sites.models import Site
 from django.db import models
 from django.db.models.signals import post_save
 from django.dispatch import receiver
-from django.utils.translation import ugettext_lazy as _
+from django.utils.translation import gettext_lazy as _
 from rdmo.core.models import TranslationMixin
 
 
@@ -91,7 +91,7 @@ def help(self):
 
 class AdditionalFieldValue(models.Model):
 
-    user = models.ForeignKey(User, on_delete=models.CASCADE, related_name='additional_values')
+    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE, related_name='additional_values')
     field = models.ForeignKey(AdditionalField, on_delete=models.CASCADE, related_name='+')
     value = models.CharField(max_length=256)
 
@@ -107,7 +107,7 @@ def __str__(self):
 
 class ConsentFieldValue(models.Model):
 
-    user = models.OneToOneField(User, on_delete=models.CASCADE)
+    user = models.OneToOneField(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
     consent = models.BooleanField(
         default=False,
         help_text='Designates whether the user has agreed to the terms of use.',
@@ -125,7 +125,7 @@ def __str__(self):
 
 class Role(models.Model):
 
-    user = models.OneToOneField(User, on_delete=models.CASCADE)
+    user = models.OneToOneField(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
 
     member = models.ManyToManyField(
         Site, related_name='members', blank=True,
@@ -147,7 +147,7 @@ def __str__(self):
         return self.user.username
 
 
-@receiver(post_save, sender=User)
+@receiver(post_save, sender=settings.AUTH_USER_MODEL)
 def post_save_user(sender, **kwargs):
     if not kwargs.get('raw', False):
         user = kwargs['instance']

rdmo/accounts/serializers/v1.py

@@ -1,5 +1,6 @@
 from django.conf import settings
-from django.contrib.auth.models import Group, User
+from django.contrib.auth import get_user_model
+from django.contrib.auth.models import Group
 from django.contrib.sites.models import Site
 from rest_framework import serializers
 
@@ -61,7 +62,7 @@ class UserSerializer(serializers.ModelSerializer):
     memberships = MembershipSerializer(many=True)
 
     class Meta:
-        model = User
+        model = get_user_model()
         fields = [
             'id',
             'groups',

rdmo/accounts/settings.py

@@ -1,3 +1,13 @@
+from django.conf import settings
+
+auth_app, auth_model = settings.AUTH_USER_MODEL.lower().split('.')
+
+user_view_permission = (
+  auth_app,
+  auth_model,
+  'view_{}'.format(auth_model)
+)
+
 GROUPS = (
   ('editor', (
       ('domain', 'attribute', 'add_attribute'),
@@ -58,7 +68,7 @@
       ('auth', 'group', 'view_group'),
   )),
   ('api', (
-      ('auth', 'user', 'view_user'),
+      user_view_permission,
       ('domain', 'attribute', 'add_attribute'),
       ('domain', 'attribute', 'change_attribute'),
       ('domain', 'attribute', 'delete_attribute'),

rdmo/accounts/templates/socialaccount/snippets/provider_list.html

@@ -1,5 +1,5 @@
 {% load socialaccount %}
-{% load staticfiles %}
+{% load static %}
 
 {% get_providers as socialaccount_providers %}
 

rdmo/accounts/templatetags/accounts_tags.py

@@ -1,5 +1,5 @@
 from django import template
-from django.utils.translation import ugettext_lazy as _
+from django.utils.translation import gettext_lazy as _
 from django.utils.safestring import mark_safe
 
 from ..utils import get_full_name

rdmo/accounts/tests/test_views.py

@@ -4,7 +4,7 @@
 from django.core import mail
 from django.urls import reverse
 
-from ..models import User
+from django.contrib.auth import get_user_model
 
 users = (
     ('editor', 'editor'),
@@ -225,7 +225,7 @@ def test_password_reset_post_valid(db, client):
         assert len(mail.outbox) == 1
 
         # get the link from the mail
-        urls = re.findall('http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+', mail.outbox[0].body)
+        urls = re.findall(r'http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+', mail.outbox[0].body)
         assert len(urls) == 1
 
         # get the password_reset page
@@ -255,7 +255,7 @@ def test_remove_user_post(db, client):
         }
         response = client.post(url, data)
         assert response.status_code == 200
-        assert not User.objects.filter(username='user').exists()
+        assert not get_user_model().objects.filter(username='user').exists()
 
 
 def test_remove_user_post_invalid_email(db, client):
@@ -270,7 +270,7 @@ def test_remove_user_post_invalid_email(db, client):
         }
         response = client.post(url, data)
         assert response.status_code == 200
-        assert User.objects.filter(username='user').exists()
+        assert get_user_model().objects.filter(username='user').exists()
 
 
 def test_remove_user_post_invalid_password(db, client):
@@ -285,7 +285,7 @@ def test_remove_user_post_invalid_password(db, client):
         }
         response = client.post(url, data)
         assert response.status_code == 200
-        assert User.objects.filter(username='user').exists()
+        assert get_user_model().objects.filter(username='user').exists()
 
 
 def test_remove_user_post_invalid_consent(db, client):
@@ -301,7 +301,7 @@ def test_remove_user_post_invalid_consent(db, client):
 
         response = client.post(url, data)
         assert response.status_code == 200
-        assert User.objects.filter(username='user').exists()
+        assert get_user_model().objects.filter(username='user').exists()
 
 
 def test_signup(db, client):

rdmo/accounts/tests/test_viewsets.py

@@ -1,5 +1,5 @@
 import pytest
-from django.contrib.auth.models import User
+from django.contrib.auth import get_user_model
 from django.urls import reverse
 
 users = (
@@ -53,7 +53,7 @@ def test_list(db, client, username, password):
 @pytest.mark.parametrize('username,password', users)
 def test_detail(db, client, username, password):
     client.login(username=username, password=password)
-    instances = User.objects.all()
+    instances = get_user_model().objects.all()
 
     for instance in instances:
         url = reverse(urlnames['detail'], args=[instance.pk])
@@ -77,7 +77,7 @@ def test_create(db, client, username, password):
 @pytest.mark.parametrize('username,password', users)
 def test_update(db, client, username, password):
     client.login(username=username, password=password)
-    instances = User.objects.all()
+    instances = get_user_model().objects.all()
 
     for instance in instances:
         url = reverse(urlnames['detail'], args=[instance.pk])
@@ -88,7 +88,7 @@ def test_update(db, client, username, password):
 @pytest.mark.parametrize('username,password', users)
 def test_delete(db, client, username, password):
     client.login(username=username, password=password)
-    instances = User.objects.all()
+    instances = get_user_model().objects.all()
 
     for instance in instances:
         url = reverse(urlnames['detail'], args=[instance.pk])

rdmo/accounts/utils.py

@@ -1,7 +1,8 @@
 import logging
 
 from django.conf import settings
-from django.contrib.auth.models import Group, Permission, User
+from django.contrib.auth import get_user_model
+from django.contrib.auth.models import Group, Permission
 from django.contrib.contenttypes.models import ContentType
 
 from .models import Role
@@ -43,8 +44,8 @@ def delete_user(user, email, password):
     username = user.username
 
     try:
-        database_user = User.objects.get(email=email)
-    except User.DoesNotExist:
+        database_user = get_user_model().objects.get(email=email)
+    except get_user_model().DoesNotExist:
         log.debug('User with email "%s" requested for deletion does not exist', email)
         return False
 

rdmo/accounts/viewsets.py

@@ -1,4 +1,4 @@
-from django.contrib.auth.models import User
+from django.contrib.auth import get_user_model
 from django.contrib.sites.models import Site
 from django_filters.rest_framework import DjangoFilterBackend
 from rest_framework.viewsets import ReadOnlyModelViewSet
@@ -14,11 +14,11 @@ class UserViewSetMixin(object):
     def get_users_for_user(self, user):
         if user.is_authenticated:
             if user.has_perm('auth.view_user'):
-                return User.objects.all()
+                return get_user_model().objects.all()
             elif is_site_manager(user):
                 current_site = Site.objects.get_current()
-                return User.objects.filter(role__member=current_site)
-        return User.objects.none()
+                return get_user_model().objects.filter(role__member=current_site)
+        return get_user_model().objects.none()
 
 
 class UserViewSet(UserViewSetMixin, ReadOnlyModelViewSet):

rdmo/conditions/__init__.py

@@ -1 +0,0 @@
-default_app_config = 'rdmo.conditions.apps.ConditionsConfig'

rdmo/conditions/apps.py

@@ -1,5 +1,5 @@
 from django.apps import AppConfig
-from django.utils.translation import ugettext_lazy as _
+from django.utils.translation import gettext_lazy as _
 
 
 class ConditionsConfig(AppConfig):