From e2527630744f97b18021db0ea7df0cbc8be576b4 Mon Sep 17 00:00:00 2001 From: Kai Schlamp Date: Mon, 28 Aug 2023 14:02:44 +0000 Subject: [PATCH 01/13] Move registration templates to shared folder --- adit/settings/base.py | 2 +- adit/shared/README.md | 3 +++ adit/shared/__init__.py | 0 adit/{accounts => shared}/templates/registration/README.md | 0 adit/{accounts => shared}/templates/registration/activate.html | 0 .../templates/registration/activation_complete.html | 0 .../registration/activation_complete_admin_pending.html | 0 .../templates/registration/activation_email.html | 0 .../templates/registration/activation_email.txt | 0 .../templates/registration/activation_email_subject.txt | 0 .../templates/registration/admin_approve.html | 0 .../templates/registration/admin_approve_complete.html | 0 .../templates/registration/admin_approve_complete_email.html | 0 .../templates/registration/admin_approve_complete_email.txt | 0 .../registration/admin_approve_complete_email_subject.txt | 0 .../templates/registration/admin_approve_email.html | 0 .../templates/registration/admin_approve_email.txt | 0 .../templates/registration/admin_approve_email_subject.txt | 0 adit/{accounts => shared}/templates/registration/login.html | 0 adit/{accounts => shared}/templates/registration/logout.html | 0 .../templates/registration/password_change_done.html | 0 .../templates/registration/password_change_form.html | 0 .../templates/registration/password_reset_complete.html | 0 .../templates/registration/password_reset_confirm.html | 0 .../templates/registration/password_reset_done.html | 0 .../templates/registration/password_reset_email.html | 0 .../templates/registration/password_reset_form.html | 0 .../templates/registration/registration_base.html | 0 .../templates/registration/registration_closed.html | 0 .../templates/registration/registration_complete.html | 0 .../templates/registration/registration_form.html | 0 .../templates/registration/resend_activation_complete.html | 0 .../templates/registration/resend_activation_form.html | 0 33 files changed, 4 insertions(+), 1 deletion(-) create mode 100644 adit/shared/README.md create mode 100644 adit/shared/__init__.py rename adit/{accounts => shared}/templates/registration/README.md (100%) rename adit/{accounts => shared}/templates/registration/activate.html (100%) rename adit/{accounts => shared}/templates/registration/activation_complete.html (100%) rename adit/{accounts => shared}/templates/registration/activation_complete_admin_pending.html (100%) rename adit/{accounts => shared}/templates/registration/activation_email.html (100%) rename adit/{accounts => shared}/templates/registration/activation_email.txt (100%) rename adit/{accounts => shared}/templates/registration/activation_email_subject.txt (100%) rename adit/{accounts => shared}/templates/registration/admin_approve.html (100%) rename adit/{accounts => shared}/templates/registration/admin_approve_complete.html (100%) rename adit/{accounts => shared}/templates/registration/admin_approve_complete_email.html (100%) rename adit/{accounts => shared}/templates/registration/admin_approve_complete_email.txt (100%) rename adit/{accounts => shared}/templates/registration/admin_approve_complete_email_subject.txt (100%) rename adit/{accounts => shared}/templates/registration/admin_approve_email.html (100%) rename adit/{accounts => shared}/templates/registration/admin_approve_email.txt (100%) rename adit/{accounts => shared}/templates/registration/admin_approve_email_subject.txt (100%) rename adit/{accounts => shared}/templates/registration/login.html (100%) rename adit/{accounts => shared}/templates/registration/logout.html (100%) rename adit/{accounts => shared}/templates/registration/password_change_done.html (100%) rename adit/{accounts => shared}/templates/registration/password_change_form.html (100%) rename adit/{accounts => shared}/templates/registration/password_reset_complete.html (100%) rename adit/{accounts => shared}/templates/registration/password_reset_confirm.html (100%) rename adit/{accounts => shared}/templates/registration/password_reset_done.html (100%) rename adit/{accounts => shared}/templates/registration/password_reset_email.html (100%) rename adit/{accounts => shared}/templates/registration/password_reset_form.html (100%) rename adit/{accounts => shared}/templates/registration/registration_base.html (100%) rename adit/{accounts => shared}/templates/registration/registration_closed.html (100%) rename adit/{accounts => shared}/templates/registration/registration_complete.html (100%) rename adit/{accounts => shared}/templates/registration/registration_form.html (100%) rename adit/{accounts => shared}/templates/registration/resend_activation_complete.html (100%) rename adit/{accounts => shared}/templates/registration/resend_activation_form.html (100%) diff --git a/adit/settings/base.py b/adit/settings/base.py index a0528a9f..4e844da2 100644 --- a/adit/settings/base.py +++ b/adit/settings/base.py @@ -93,7 +93,7 @@ TEMPLATES = [ { "BACKEND": "django.template.backends.django.DjangoTemplates", - "DIRS": [], + "DIRS": [BASE_DIR / "adit" / "shared" / "templates"], "APP_DIRS": True, "OPTIONS": { "context_processors": [ diff --git a/adit/shared/README.md b/adit/shared/README.md new file mode 100644 index 00000000..7d3c05cf --- /dev/null +++ b/adit/shared/README.md @@ -0,0 +1,3 @@ +# Shared code + +This folder contains shared code between ADIT and RADIS, mainly account and authentication stuff. diff --git a/adit/shared/__init__.py b/adit/shared/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/adit/accounts/templates/registration/README.md b/adit/shared/templates/registration/README.md similarity index 100% rename from adit/accounts/templates/registration/README.md rename to adit/shared/templates/registration/README.md diff --git a/adit/accounts/templates/registration/activate.html b/adit/shared/templates/registration/activate.html similarity index 100% rename from adit/accounts/templates/registration/activate.html rename to adit/shared/templates/registration/activate.html diff --git a/adit/accounts/templates/registration/activation_complete.html b/adit/shared/templates/registration/activation_complete.html similarity index 100% rename from adit/accounts/templates/registration/activation_complete.html rename to adit/shared/templates/registration/activation_complete.html diff --git a/adit/accounts/templates/registration/activation_complete_admin_pending.html b/adit/shared/templates/registration/activation_complete_admin_pending.html similarity index 100% rename from adit/accounts/templates/registration/activation_complete_admin_pending.html rename to adit/shared/templates/registration/activation_complete_admin_pending.html diff --git a/adit/accounts/templates/registration/activation_email.html b/adit/shared/templates/registration/activation_email.html similarity index 100% rename from adit/accounts/templates/registration/activation_email.html rename to adit/shared/templates/registration/activation_email.html diff --git a/adit/accounts/templates/registration/activation_email.txt b/adit/shared/templates/registration/activation_email.txt similarity index 100% rename from adit/accounts/templates/registration/activation_email.txt rename to adit/shared/templates/registration/activation_email.txt diff --git a/adit/accounts/templates/registration/activation_email_subject.txt b/adit/shared/templates/registration/activation_email_subject.txt similarity index 100% rename from adit/accounts/templates/registration/activation_email_subject.txt rename to adit/shared/templates/registration/activation_email_subject.txt diff --git a/adit/accounts/templates/registration/admin_approve.html b/adit/shared/templates/registration/admin_approve.html similarity index 100% rename from adit/accounts/templates/registration/admin_approve.html rename to adit/shared/templates/registration/admin_approve.html diff --git a/adit/accounts/templates/registration/admin_approve_complete.html b/adit/shared/templates/registration/admin_approve_complete.html similarity index 100% rename from adit/accounts/templates/registration/admin_approve_complete.html rename to adit/shared/templates/registration/admin_approve_complete.html diff --git a/adit/accounts/templates/registration/admin_approve_complete_email.html b/adit/shared/templates/registration/admin_approve_complete_email.html similarity index 100% rename from adit/accounts/templates/registration/admin_approve_complete_email.html rename to adit/shared/templates/registration/admin_approve_complete_email.html diff --git a/adit/accounts/templates/registration/admin_approve_complete_email.txt b/adit/shared/templates/registration/admin_approve_complete_email.txt similarity index 100% rename from adit/accounts/templates/registration/admin_approve_complete_email.txt rename to adit/shared/templates/registration/admin_approve_complete_email.txt diff --git a/adit/accounts/templates/registration/admin_approve_complete_email_subject.txt b/adit/shared/templates/registration/admin_approve_complete_email_subject.txt similarity index 100% rename from adit/accounts/templates/registration/admin_approve_complete_email_subject.txt rename to adit/shared/templates/registration/admin_approve_complete_email_subject.txt diff --git a/adit/accounts/templates/registration/admin_approve_email.html b/adit/shared/templates/registration/admin_approve_email.html similarity index 100% rename from adit/accounts/templates/registration/admin_approve_email.html rename to adit/shared/templates/registration/admin_approve_email.html diff --git a/adit/accounts/templates/registration/admin_approve_email.txt b/adit/shared/templates/registration/admin_approve_email.txt similarity index 100% rename from adit/accounts/templates/registration/admin_approve_email.txt rename to adit/shared/templates/registration/admin_approve_email.txt diff --git a/adit/accounts/templates/registration/admin_approve_email_subject.txt b/adit/shared/templates/registration/admin_approve_email_subject.txt similarity index 100% rename from adit/accounts/templates/registration/admin_approve_email_subject.txt rename to adit/shared/templates/registration/admin_approve_email_subject.txt diff --git a/adit/accounts/templates/registration/login.html b/adit/shared/templates/registration/login.html similarity index 100% rename from adit/accounts/templates/registration/login.html rename to adit/shared/templates/registration/login.html diff --git a/adit/accounts/templates/registration/logout.html b/adit/shared/templates/registration/logout.html similarity index 100% rename from adit/accounts/templates/registration/logout.html rename to adit/shared/templates/registration/logout.html diff --git a/adit/accounts/templates/registration/password_change_done.html b/adit/shared/templates/registration/password_change_done.html similarity index 100% rename from adit/accounts/templates/registration/password_change_done.html rename to adit/shared/templates/registration/password_change_done.html diff --git a/adit/accounts/templates/registration/password_change_form.html b/adit/shared/templates/registration/password_change_form.html similarity index 100% rename from adit/accounts/templates/registration/password_change_form.html rename to adit/shared/templates/registration/password_change_form.html diff --git a/adit/accounts/templates/registration/password_reset_complete.html b/adit/shared/templates/registration/password_reset_complete.html similarity index 100% rename from adit/accounts/templates/registration/password_reset_complete.html rename to adit/shared/templates/registration/password_reset_complete.html diff --git a/adit/accounts/templates/registration/password_reset_confirm.html b/adit/shared/templates/registration/password_reset_confirm.html similarity index 100% rename from adit/accounts/templates/registration/password_reset_confirm.html rename to adit/shared/templates/registration/password_reset_confirm.html diff --git a/adit/accounts/templates/registration/password_reset_done.html b/adit/shared/templates/registration/password_reset_done.html similarity index 100% rename from adit/accounts/templates/registration/password_reset_done.html rename to adit/shared/templates/registration/password_reset_done.html diff --git a/adit/accounts/templates/registration/password_reset_email.html b/adit/shared/templates/registration/password_reset_email.html similarity index 100% rename from adit/accounts/templates/registration/password_reset_email.html rename to adit/shared/templates/registration/password_reset_email.html diff --git a/adit/accounts/templates/registration/password_reset_form.html b/adit/shared/templates/registration/password_reset_form.html similarity index 100% rename from adit/accounts/templates/registration/password_reset_form.html rename to adit/shared/templates/registration/password_reset_form.html diff --git a/adit/accounts/templates/registration/registration_base.html b/adit/shared/templates/registration/registration_base.html similarity index 100% rename from adit/accounts/templates/registration/registration_base.html rename to adit/shared/templates/registration/registration_base.html diff --git a/adit/accounts/templates/registration/registration_closed.html b/adit/shared/templates/registration/registration_closed.html similarity index 100% rename from adit/accounts/templates/registration/registration_closed.html rename to adit/shared/templates/registration/registration_closed.html diff --git a/adit/accounts/templates/registration/registration_complete.html b/adit/shared/templates/registration/registration_complete.html similarity index 100% rename from adit/accounts/templates/registration/registration_complete.html rename to adit/shared/templates/registration/registration_complete.html diff --git a/adit/accounts/templates/registration/registration_form.html b/adit/shared/templates/registration/registration_form.html similarity index 100% rename from adit/accounts/templates/registration/registration_form.html rename to adit/shared/templates/registration/registration_form.html diff --git a/adit/accounts/templates/registration/resend_activation_complete.html b/adit/shared/templates/registration/resend_activation_complete.html similarity index 100% rename from adit/accounts/templates/registration/resend_activation_complete.html rename to adit/shared/templates/registration/resend_activation_complete.html diff --git a/adit/accounts/templates/registration/resend_activation_form.html b/adit/shared/templates/registration/resend_activation_form.html similarity index 100% rename from adit/accounts/templates/registration/resend_activation_form.html rename to adit/shared/templates/registration/resend_activation_form.html From 4b434b6f4ee89d071fd4a0d9e4d10438415a9ecf Mon Sep 17 00:00:00 2001 From: Kai Schlamp Date: Mon, 28 Aug 2023 14:20:59 +0000 Subject: [PATCH 02/13] Move accounts and token authentication app to shared folder --- adit/batch_query/apps.py | 2 +- adit/batch_transfer/apps.py | 2 +- adit/batch_transfer/forms.py | 2 +- adit/batch_transfer/tests/test_forms.py | 4 ++-- adit/batch_transfer/tests/test_views.py | 2 +- adit/conftest.py | 4 ++-- adit/core/factories.py | 2 +- adit/core/fields.py | 2 +- adit/core/management/commands/create_admin.py | 2 +- adit/core/management/commands/populate_dev_db.py | 4 ++-- adit/core/models.py | 2 +- adit/core/tasks.py | 2 +- adit/core/tests/utils/test_transfer_utils.py | 2 +- adit/core/types.py | 2 +- adit/core/utils/auth_utils.py | 2 +- adit/core/utils/mail.py | 2 +- adit/dicom_explorer/apps.py | 2 +- adit/dicom_web/tests/integration/conftest.py | 4 ++-- adit/selective_transfer/apps.py | 2 +- adit/selective_transfer/consumers.py | 2 +- adit/selective_transfer/mixins.py | 2 +- adit/settings/base.py | 8 ++++---- adit/{ => shared}/accounts/__init__.py | 0 adit/{ => shared}/accounts/admin.py | 0 adit/{ => shared}/accounts/apps.py | 2 +- adit/{ => shared}/accounts/factories.py | 0 adit/{ => shared}/accounts/forms.py | 0 adit/{ => shared}/accounts/migrations/0001_initial.py | 0 .../accounts/migrations/0002_alter_user_id.py | 0 .../0003_rename_misc_settings_user_preferences.py | 0 .../accounts/migrations/0004_alter_user_preferences.py | 0 adit/{ => shared}/accounts/migrations/0005_institute.py | 0 adit/{ => shared}/accounts/migrations/__init__.py | 0 adit/{ => shared}/accounts/models.py | 0 .../accounts/templates/accounts/accounts_layout.html | 0 .../{ => shared}/accounts/templates/accounts/profile.html | 0 adit/{ => shared}/accounts/tests/integration/conftest.py | 0 .../{ => shared}/accounts/tests/integration/test_login.py | 0 adit/{ => shared}/accounts/urls.py | 0 adit/{ => shared}/accounts/utils.py | 0 adit/{ => shared}/accounts/views.py | 0 adit/{ => shared}/token_authentication/__init__.py | 0 adit/{ => shared}/token_authentication/admin.py | 0 adit/{ => shared}/token_authentication/apps.py | 4 ++-- adit/{ => shared}/token_authentication/auth.py | 2 +- adit/{ => shared}/token_authentication/factories.py | 2 +- adit/{ => shared}/token_authentication/forms.py | 2 +- .../token_authentication/migrations/0001_initial.py | 0 .../0002_token_fraction_alter_token_token_string.py | 0 .../migrations/0003_alter_token_client.py | 0 .../0004_rename_token_string_token_token_hashed.py | 0 ...5_alter_token_options_remove_token_expires_and_more.py | 0 .../migrations/0006_rename_expiry_time_token_expires.py | 0 .../migrations/0007_alter_token_last_used.py | 0 .../migrations/0008_alter_token_token_hashed.py | 0 ...name_author_token_owner_alter_token_client_and_more.py | 0 .../0010_alter_token_unique_together_and_more.py | 0 ...11_delete_tokensettings_alter_token_client_and_more.py | 0 .../0012_remove_token_unique_client_per_user_and_more.py | 0 .../migrations/0013_alter_token_description.py | 0 .../token_authentication/migrations/__init__.py | 0 adit/{ => shared}/token_authentication/models.py | 2 +- .../static/token_authentication/token_authentication.js | 0 .../token_authentication/_generate_token_help_modal.html | 0 .../token_authentication/token_authentication_layout.html | 0 .../templates/token_authentication/token_dashboard.html | 0 adit/{ => shared}/token_authentication/tests/__init__.py | 0 .../token_authentication/tests/integration/conftest.py | 0 .../tests/integration/test_token_authentication.py | 0 adit/{ => shared}/token_authentication/urls.py | 0 adit/{ => shared}/token_authentication/utils/__init__.py | 0 adit/{ => shared}/token_authentication/utils/crypto.py | 0 adit/{ => shared}/token_authentication/views.py | 0 adit/urls.py | 4 ++-- 74 files changed, 38 insertions(+), 38 deletions(-) rename adit/{ => shared}/accounts/__init__.py (100%) rename adit/{ => shared}/accounts/admin.py (100%) rename adit/{ => shared}/accounts/apps.py (66%) rename adit/{ => shared}/accounts/factories.py (100%) rename adit/{ => shared}/accounts/forms.py (100%) rename adit/{ => shared}/accounts/migrations/0001_initial.py (100%) rename adit/{ => shared}/accounts/migrations/0002_alter_user_id.py (100%) rename adit/{ => shared}/accounts/migrations/0003_rename_misc_settings_user_preferences.py (100%) rename adit/{ => shared}/accounts/migrations/0004_alter_user_preferences.py (100%) rename adit/{ => shared}/accounts/migrations/0005_institute.py (100%) rename adit/{ => shared}/accounts/migrations/__init__.py (100%) rename adit/{ => shared}/accounts/models.py (100%) rename adit/{ => shared}/accounts/templates/accounts/accounts_layout.html (100%) rename adit/{ => shared}/accounts/templates/accounts/profile.html (100%) rename adit/{ => shared}/accounts/tests/integration/conftest.py (100%) rename adit/{ => shared}/accounts/tests/integration/test_login.py (100%) rename adit/{ => shared}/accounts/urls.py (100%) rename adit/{ => shared}/accounts/utils.py (100%) rename adit/{ => shared}/accounts/views.py (100%) rename adit/{ => shared}/token_authentication/__init__.py (100%) rename adit/{ => shared}/token_authentication/admin.py (100%) rename adit/{ => shared}/token_authentication/apps.py (82%) rename adit/{ => shared}/token_authentication/auth.py (98%) rename adit/{ => shared}/token_authentication/factories.py (92%) rename adit/{ => shared}/token_authentication/forms.py (97%) rename adit/{ => shared}/token_authentication/migrations/0001_initial.py (100%) rename adit/{ => shared}/token_authentication/migrations/0002_token_fraction_alter_token_token_string.py (100%) rename adit/{ => shared}/token_authentication/migrations/0003_alter_token_client.py (100%) rename adit/{ => shared}/token_authentication/migrations/0004_rename_token_string_token_token_hashed.py (100%) rename adit/{ => shared}/token_authentication/migrations/0005_alter_token_options_remove_token_expires_and_more.py (100%) rename adit/{ => shared}/token_authentication/migrations/0006_rename_expiry_time_token_expires.py (100%) rename adit/{ => shared}/token_authentication/migrations/0007_alter_token_last_used.py (100%) rename adit/{ => shared}/token_authentication/migrations/0008_alter_token_token_hashed.py (100%) rename adit/{ => shared}/token_authentication/migrations/0009_rename_author_token_owner_alter_token_client_and_more.py (100%) rename adit/{ => shared}/token_authentication/migrations/0010_alter_token_unique_together_and_more.py (100%) rename adit/{ => shared}/token_authentication/migrations/0011_delete_tokensettings_alter_token_client_and_more.py (100%) rename adit/{ => shared}/token_authentication/migrations/0012_remove_token_unique_client_per_user_and_more.py (100%) rename adit/{ => shared}/token_authentication/migrations/0013_alter_token_description.py (100%) rename adit/{ => shared}/token_authentication/migrations/__init__.py (100%) rename adit/{ => shared}/token_authentication/models.py (97%) rename adit/{ => shared}/token_authentication/static/token_authentication/token_authentication.js (100%) rename adit/{ => shared}/token_authentication/templates/token_authentication/_generate_token_help_modal.html (100%) rename adit/{ => shared}/token_authentication/templates/token_authentication/token_authentication_layout.html (100%) rename adit/{ => shared}/token_authentication/templates/token_authentication/token_dashboard.html (100%) rename adit/{ => shared}/token_authentication/tests/__init__.py (100%) rename adit/{ => shared}/token_authentication/tests/integration/conftest.py (100%) rename adit/{ => shared}/token_authentication/tests/integration/test_token_authentication.py (100%) rename adit/{ => shared}/token_authentication/urls.py (100%) rename adit/{ => shared}/token_authentication/utils/__init__.py (100%) rename adit/{ => shared}/token_authentication/utils/crypto.py (100%) rename adit/{ => shared}/token_authentication/views.py (100%) diff --git a/adit/batch_query/apps.py b/adit/batch_query/apps.py index ffef9a1f..388d0b99 100644 --- a/adit/batch_query/apps.py +++ b/adit/batch_query/apps.py @@ -45,7 +45,7 @@ def init_db(**kwargs): def create_group(): - from adit.accounts.utils import create_group_with_permissions + from adit.shared.accounts.utils import create_group_with_permissions create_group_with_permissions( "batch_query_group", diff --git a/adit/batch_transfer/apps.py b/adit/batch_transfer/apps.py index 37cb9c1b..0fcd01ec 100644 --- a/adit/batch_transfer/apps.py +++ b/adit/batch_transfer/apps.py @@ -45,7 +45,7 @@ def init_db(**kwargs): def create_group(): - from adit.accounts.utils import create_group_with_permissions + from adit.shared.accounts.utils import create_group_with_permissions create_group_with_permissions( "batch_transfer_group", diff --git a/adit/batch_transfer/forms.py b/adit/batch_transfer/forms.py index 3c768fff..742b5962 100644 --- a/adit/batch_transfer/forms.py +++ b/adit/batch_transfer/forms.py @@ -6,9 +6,9 @@ from django.db import transaction from django.utils.safestring import mark_safe -from adit.accounts.models import User from adit.core.errors import BatchFileContentError, BatchFileFormatError, BatchFileSizeError from adit.core.fields import DicomNodeChoiceField, RestrictedFileField +from adit.shared.accounts.models import User from .models import BatchTransferJob, BatchTransferTask from .parsers import BatchTransferFileParser diff --git a/adit/batch_transfer/tests/test_forms.py b/adit/batch_transfer/tests/test_forms.py index 384dc049..17a62c1d 100644 --- a/adit/batch_transfer/tests/test_forms.py +++ b/adit/batch_transfer/tests/test_forms.py @@ -3,9 +3,9 @@ import pytest from django.core.files import File -from adit.accounts.factories import UserFactory -from adit.accounts.models import User from adit.core.factories import DicomServerFactory +from adit.shared.accounts.factories import UserFactory +from adit.shared.accounts.models import User from ..forms import BatchTransferJobForm diff --git a/adit/batch_transfer/tests/test_views.py b/adit/batch_transfer/tests/test_views.py index b4b7fd5c..fca39150 100644 --- a/adit/batch_transfer/tests/test_views.py +++ b/adit/batch_transfer/tests/test_views.py @@ -8,9 +8,9 @@ from django.urls import reverse from pytest_django.asserts import assertTemplateUsed -from adit.accounts.factories import UserFactory from adit.core.factories import DicomServerFactory from adit.core.models import DicomServer +from adit.shared.accounts.factories import UserFactory from ..models import BatchTransferJob diff --git a/adit/conftest.py b/adit/conftest.py index 34d93630..29316f08 100644 --- a/adit/conftest.py +++ b/adit/conftest.py @@ -12,14 +12,14 @@ from faker import Faker from playwright.sync_api import Locator, Page, Response -from adit.accounts.factories import InstituteFactory, UserFactory -from adit.accounts.models import Institute, User from adit.core.factories import ( DicomNodeInstituteAccessFactory, DicomServerFactory, DicomWebServerFactory, ) from adit.core.models import DicomNode, DicomServer +from adit.shared.accounts.factories import InstituteFactory, UserFactory +from adit.shared.accounts.models import Institute, User from adit.testing import ChannelsLiveServer fake = Faker() diff --git a/adit/core/factories.py b/adit/core/factories.py index bfedb90a..ed418628 100644 --- a/adit/core/factories.py +++ b/adit/core/factories.py @@ -4,7 +4,7 @@ from faker import Faker from pydicom.uid import generate_uid -from adit.accounts.factories import UserFactory +from adit.shared.accounts.factories import UserFactory from .models import ( DicomFolder, diff --git a/adit/core/fields.py b/adit/core/fields.py index 0d7e4811..09c4d86e 100644 --- a/adit/core/fields.py +++ b/adit/core/fields.py @@ -3,7 +3,7 @@ from django.forms import ModelChoiceField, fields, forms from django.template.defaultfilters import filesizeformat -from adit.accounts.models import User +from adit.shared.accounts.models import User from .models import DicomNode from .widgets import DicomNodeSelect diff --git a/adit/core/management/commands/create_admin.py b/adit/core/management/commands/create_admin.py index 59afa397..d2e4d8fb 100644 --- a/adit/core/management/commands/create_admin.py +++ b/adit/core/management/commands/create_admin.py @@ -4,7 +4,7 @@ from django.contrib.auth.models import UserManager from django.core.management.base import BaseCommand -from adit.accounts.models import User +from adit.shared.accounts.models import User class Command(BaseCommand): diff --git a/adit/core/management/commands/populate_dev_db.py b/adit/core/management/commands/populate_dev_db.py index 3ad0d517..cd7b00e5 100644 --- a/adit/core/management/commands/populate_dev_db.py +++ b/adit/core/management/commands/populate_dev_db.py @@ -6,8 +6,6 @@ from django.core.management.base import BaseCommand from faker import Faker -from adit.accounts.factories import AdminUserFactory, InstituteFactory, UserFactory -from adit.accounts.models import Institute, User from adit.batch_query.factories import ( BatchQueryJobFactory, BatchQueryResultFactory, @@ -27,6 +25,8 @@ SelectiveTransferJobFactory, SelectiveTransferTaskFactory, ) +from adit.shared.accounts.factories import AdminUserFactory, InstituteFactory, UserFactory +from adit.shared.accounts.models import Institute, User USER_COUNT = 20 INSTITUTE_COUNT = 3 diff --git a/adit/core/models.py b/adit/core/models.py index 1d80155a..94dbe178 100644 --- a/adit/core/models.py +++ b/adit/core/models.py @@ -7,7 +7,7 @@ from django.db import models from django.db.models.constraints import UniqueConstraint -from adit.accounts.models import Institute, User +from adit.shared.accounts.models import Institute, User from .validators import ( no_backslash_char_validator, diff --git a/adit/core/tasks.py b/adit/core/tasks.py index ef3655ac..95968d8f 100644 --- a/adit/core/tasks.py +++ b/adit/core/tasks.py @@ -15,7 +15,7 @@ from django.utils import timezone from sherlock import Lock -from adit.accounts.models import User +from adit.shared.accounts.models import User from .errors import RetriableError from .models import AppSettings, DicomFolder, DicomJob, DicomTask diff --git a/adit/core/tests/utils/test_transfer_utils.py b/adit/core/tests/utils/test_transfer_utils.py index ace70dd3..2e708acc 100644 --- a/adit/core/tests/utils/test_transfer_utils.py +++ b/adit/core/tests/utils/test_transfer_utils.py @@ -5,8 +5,8 @@ from celery import Task as CeleryTask from pydicom import Dataset -from adit.accounts.factories import UserFactory from adit.core.utils.dicom_dataset import ResultDataset +from adit.shared.accounts.factories import UserFactory from ...factories import ( DicomFolderFactory, diff --git a/adit/core/types.py b/adit/core/types.py index ff1fe26a..fb4cc7e0 100644 --- a/adit/core/types.py +++ b/adit/core/types.py @@ -1,7 +1,7 @@ from django.http import HttpRequest from rest_framework.request import Request -from adit.accounts.models import User +from adit.shared.accounts.models import User class AuthenticatedHttpRequest(HttpRequest): diff --git a/adit/core/utils/auth_utils.py b/adit/core/utils/auth_utils.py index e23696d5..e61e47c0 100644 --- a/adit/core/utils/auth_utils.py +++ b/adit/core/utils/auth_utils.py @@ -2,7 +2,7 @@ from django.contrib.auth.models import AbstractBaseUser, AnonymousUser -from adit.accounts.models import User +from adit.shared.accounts.models import User def is_logged_in_user(user: AbstractBaseUser | AnonymousUser) -> TypeGuard[User]: diff --git a/adit/core/utils/mail.py b/adit/core/utils/mail.py index a9312f09..9feeb845 100644 --- a/adit/core/utils/mail.py +++ b/adit/core/utils/mail.py @@ -3,7 +3,7 @@ from django.template.loader import render_to_string from django.utils.html import strip_tags -from adit.accounts.models import User +from adit.shared.accounts.models import User def send_mail_to_admins( diff --git a/adit/dicom_explorer/apps.py b/adit/dicom_explorer/apps.py index 5fabaeef..746e637a 100644 --- a/adit/dicom_explorer/apps.py +++ b/adit/dicom_explorer/apps.py @@ -24,7 +24,7 @@ def register_app(): def init_db(**kwargs): - from adit.accounts.utils import create_group_with_permissions + from adit.shared.accounts.utils import create_group_with_permissions create_group_with_permissions( "dicom_explorer_group", diff --git a/adit/dicom_web/tests/integration/conftest.py b/adit/dicom_web/tests/integration/conftest.py index 0b09a6d4..8f4c68e9 100644 --- a/adit/dicom_web/tests/integration/conftest.py +++ b/adit/dicom_web/tests/integration/conftest.py @@ -6,9 +6,9 @@ from django.conf import settings from django.contrib.auth.models import Group -from adit.accounts.factories import UserFactory from adit.core.utils.dicom_utils import read_dataset -from adit.token_authentication.factories import TokenFactory +from adit.shared.accounts.factories import UserFactory +from adit.shared.token_authentication.factories import TokenFactory # Workaround to make playwright work with Django # see https://github.com/microsoft/playwright-pytest/issues/29#issuecomment-731515676 diff --git a/adit/selective_transfer/apps.py b/adit/selective_transfer/apps.py index b5ea33f3..22dd1fca 100644 --- a/adit/selective_transfer/apps.py +++ b/adit/selective_transfer/apps.py @@ -45,7 +45,7 @@ def init_db(**kwargs): def create_group(): - from adit.accounts.utils import create_group_with_permissions + from adit.shared.accounts.utils import create_group_with_permissions create_group_with_permissions( "selective_transfer_group", diff --git a/adit/selective_transfer/consumers.py b/adit/selective_transfer/consumers.py index fff7261c..17cb48b6 100644 --- a/adit/selective_transfer/consumers.py +++ b/adit/selective_transfer/consumers.py @@ -12,9 +12,9 @@ from django.conf import settings from django.template.loader import render_to_string -from adit.accounts.models import User from adit.core.utils.dicom_dataset import ResultDataset from adit.core.utils.dicom_operator import DicomOperator +from adit.shared.accounts.models import User from .forms import SelectiveTransferJobForm from .mixins import SelectiveTransferJobCreateMixin diff --git a/adit/selective_transfer/mixins.py b/adit/selective_transfer/mixins.py index fc04f88e..9d959837 100644 --- a/adit/selective_transfer/mixins.py +++ b/adit/selective_transfer/mixins.py @@ -3,10 +3,10 @@ from django.conf import settings -from adit.accounts.models import User from adit.core.mixins import LockedMixin from adit.core.utils.dicom_dataset import QueryDataset, ResultDataset from adit.core.utils.dicom_operator import DicomOperator +from adit.shared.accounts.models import User from .apps import SECTION_NAME from .forms import SelectiveTransferJobForm diff --git a/adit/settings/base.py b/adit/settings/base.py index 4e844da2..3e20e217 100644 --- a/adit/settings/base.py +++ b/adit/settings/base.py @@ -44,7 +44,7 @@ INSTALLED_APPS = [ "daphne", "whitenoise.runserver_nostatic", - "adit.accounts.apps.AccountsConfig", + "adit.shared.accounts.apps.AccountsConfig", "registration", "django.contrib.admin", "django.contrib.auth", @@ -68,7 +68,7 @@ "adit.batch_query.apps.BatchQueryConfig", "adit.batch_transfer.apps.BatchTransferConfig", "adit.dicom_explorer.apps.DicomExplorerConfig", - "adit.token_authentication.apps.TokenAuthenticationConfig", + "adit.shared.token_authentication.apps.TokenAuthenticationConfig", "adit.dicom_web.apps.DicomWebConfig", "channels", ] @@ -224,7 +224,7 @@ "rest_framework.permissions.IsAuthenticated", ], "DEFAULT_AUTHENTICATION_CLASSES": [ - "adit.token_authentication.auth.RestTokenAuthentication", + "adit.shared.token_authentication.auth.RestTokenAuthentication", ], "EXCEPTION_HANDLER": "adit.dicom_web.exceptions.dicom_web_exception_handler", } @@ -280,7 +280,7 @@ ] # Settings for django-registration-redux -REGISTRATION_FORM = "adit.accounts.forms.RegistrationForm" +REGISTRATION_FORM = "adit.shared.accounts.forms.RegistrationForm" ACCOUNT_ACTIVATION_DAYS = 14 REGISTRATION_OPEN = True diff --git a/adit/accounts/__init__.py b/adit/shared/accounts/__init__.py similarity index 100% rename from adit/accounts/__init__.py rename to adit/shared/accounts/__init__.py diff --git a/adit/accounts/admin.py b/adit/shared/accounts/admin.py similarity index 100% rename from adit/accounts/admin.py rename to adit/shared/accounts/admin.py diff --git a/adit/accounts/apps.py b/adit/shared/accounts/apps.py similarity index 66% rename from adit/accounts/apps.py rename to adit/shared/accounts/apps.py index 8f58dbc6..24ee61fd 100644 --- a/adit/accounts/apps.py +++ b/adit/shared/accounts/apps.py @@ -2,4 +2,4 @@ class AccountsConfig(AppConfig): - name = "adit.accounts" + name = "adit.shared.accounts" diff --git a/adit/accounts/factories.py b/adit/shared/accounts/factories.py similarity index 100% rename from adit/accounts/factories.py rename to adit/shared/accounts/factories.py diff --git a/adit/accounts/forms.py b/adit/shared/accounts/forms.py similarity index 100% rename from adit/accounts/forms.py rename to adit/shared/accounts/forms.py diff --git a/adit/accounts/migrations/0001_initial.py b/adit/shared/accounts/migrations/0001_initial.py similarity index 100% rename from adit/accounts/migrations/0001_initial.py rename to adit/shared/accounts/migrations/0001_initial.py diff --git a/adit/accounts/migrations/0002_alter_user_id.py b/adit/shared/accounts/migrations/0002_alter_user_id.py similarity index 100% rename from adit/accounts/migrations/0002_alter_user_id.py rename to adit/shared/accounts/migrations/0002_alter_user_id.py diff --git a/adit/accounts/migrations/0003_rename_misc_settings_user_preferences.py b/adit/shared/accounts/migrations/0003_rename_misc_settings_user_preferences.py similarity index 100% rename from adit/accounts/migrations/0003_rename_misc_settings_user_preferences.py rename to adit/shared/accounts/migrations/0003_rename_misc_settings_user_preferences.py diff --git a/adit/accounts/migrations/0004_alter_user_preferences.py b/adit/shared/accounts/migrations/0004_alter_user_preferences.py similarity index 100% rename from adit/accounts/migrations/0004_alter_user_preferences.py rename to adit/shared/accounts/migrations/0004_alter_user_preferences.py diff --git a/adit/accounts/migrations/0005_institute.py b/adit/shared/accounts/migrations/0005_institute.py similarity index 100% rename from adit/accounts/migrations/0005_institute.py rename to adit/shared/accounts/migrations/0005_institute.py diff --git a/adit/accounts/migrations/__init__.py b/adit/shared/accounts/migrations/__init__.py similarity index 100% rename from adit/accounts/migrations/__init__.py rename to adit/shared/accounts/migrations/__init__.py diff --git a/adit/accounts/models.py b/adit/shared/accounts/models.py similarity index 100% rename from adit/accounts/models.py rename to adit/shared/accounts/models.py diff --git a/adit/accounts/templates/accounts/accounts_layout.html b/adit/shared/accounts/templates/accounts/accounts_layout.html similarity index 100% rename from adit/accounts/templates/accounts/accounts_layout.html rename to adit/shared/accounts/templates/accounts/accounts_layout.html diff --git a/adit/accounts/templates/accounts/profile.html b/adit/shared/accounts/templates/accounts/profile.html similarity index 100% rename from adit/accounts/templates/accounts/profile.html rename to adit/shared/accounts/templates/accounts/profile.html diff --git a/adit/accounts/tests/integration/conftest.py b/adit/shared/accounts/tests/integration/conftest.py similarity index 100% rename from adit/accounts/tests/integration/conftest.py rename to adit/shared/accounts/tests/integration/conftest.py diff --git a/adit/accounts/tests/integration/test_login.py b/adit/shared/accounts/tests/integration/test_login.py similarity index 100% rename from adit/accounts/tests/integration/test_login.py rename to adit/shared/accounts/tests/integration/test_login.py diff --git a/adit/accounts/urls.py b/adit/shared/accounts/urls.py similarity index 100% rename from adit/accounts/urls.py rename to adit/shared/accounts/urls.py diff --git a/adit/accounts/utils.py b/adit/shared/accounts/utils.py similarity index 100% rename from adit/accounts/utils.py rename to adit/shared/accounts/utils.py diff --git a/adit/accounts/views.py b/adit/shared/accounts/views.py similarity index 100% rename from adit/accounts/views.py rename to adit/shared/accounts/views.py diff --git a/adit/token_authentication/__init__.py b/adit/shared/token_authentication/__init__.py similarity index 100% rename from adit/token_authentication/__init__.py rename to adit/shared/token_authentication/__init__.py diff --git a/adit/token_authentication/admin.py b/adit/shared/token_authentication/admin.py similarity index 100% rename from adit/token_authentication/admin.py rename to adit/shared/token_authentication/admin.py diff --git a/adit/token_authentication/apps.py b/adit/shared/token_authentication/apps.py similarity index 82% rename from adit/token_authentication/apps.py rename to adit/shared/token_authentication/apps.py index 603e5bfc..3d4d87b7 100644 --- a/adit/token_authentication/apps.py +++ b/adit/shared/token_authentication/apps.py @@ -4,7 +4,7 @@ class TokenAuthenticationConfig(AppConfig): default_auto_field = "django.db.models.BigAutoField" - name = "adit.token_authentication" + name = "adit.shared.token_authentication" def ready(self): post_migrate.connect(init_db, sender=self) @@ -15,7 +15,7 @@ def init_db(**kwargs): def create_group(): - from adit.accounts.utils import create_group_with_permissions + from adit.shared.accounts.utils import create_group_with_permissions create_group_with_permissions( "token_authentication_group", diff --git a/adit/token_authentication/auth.py b/adit/shared/token_authentication/auth.py similarity index 98% rename from adit/token_authentication/auth.py rename to adit/shared/token_authentication/auth.py index 32d7e0b7..9368bfef 100644 --- a/adit/token_authentication/auth.py +++ b/adit/shared/token_authentication/auth.py @@ -5,7 +5,7 @@ from rest_framework.exceptions import AuthenticationFailed from rest_framework.request import Request -from adit.accounts.models import User +from adit.shared.accounts.models import User from .models import Token from .utils.crypto import hash_token, verify_token diff --git a/adit/token_authentication/factories.py b/adit/shared/token_authentication/factories.py similarity index 92% rename from adit/token_authentication/factories.py rename to adit/shared/token_authentication/factories.py index e549b16f..2544173e 100644 --- a/adit/token_authentication/factories.py +++ b/adit/shared/token_authentication/factories.py @@ -3,8 +3,8 @@ import factory from django.utils import timezone -from adit.accounts.factories import UserFactory from adit.core.factories import BaseDjangoModelFactory +from adit.shared.accounts.factories import UserFactory from .models import Token from .utils.crypto import hash_token diff --git a/adit/token_authentication/forms.py b/adit/shared/token_authentication/forms.py similarity index 97% rename from adit/token_authentication/forms.py rename to adit/shared/token_authentication/forms.py index 453f4321..4c3e0b6d 100644 --- a/adit/token_authentication/forms.py +++ b/adit/shared/token_authentication/forms.py @@ -2,7 +2,7 @@ from crispy_forms.layout import Div, Field, Layout, Submit from django import forms -from adit.accounts.models import User +from adit.shared.accounts.models import User from .models import Token diff --git a/adit/token_authentication/migrations/0001_initial.py b/adit/shared/token_authentication/migrations/0001_initial.py similarity index 100% rename from adit/token_authentication/migrations/0001_initial.py rename to adit/shared/token_authentication/migrations/0001_initial.py diff --git a/adit/token_authentication/migrations/0002_token_fraction_alter_token_token_string.py b/adit/shared/token_authentication/migrations/0002_token_fraction_alter_token_token_string.py similarity index 100% rename from adit/token_authentication/migrations/0002_token_fraction_alter_token_token_string.py rename to adit/shared/token_authentication/migrations/0002_token_fraction_alter_token_token_string.py diff --git a/adit/token_authentication/migrations/0003_alter_token_client.py b/adit/shared/token_authentication/migrations/0003_alter_token_client.py similarity index 100% rename from adit/token_authentication/migrations/0003_alter_token_client.py rename to adit/shared/token_authentication/migrations/0003_alter_token_client.py diff --git a/adit/token_authentication/migrations/0004_rename_token_string_token_token_hashed.py b/adit/shared/token_authentication/migrations/0004_rename_token_string_token_token_hashed.py similarity index 100% rename from adit/token_authentication/migrations/0004_rename_token_string_token_token_hashed.py rename to adit/shared/token_authentication/migrations/0004_rename_token_string_token_token_hashed.py diff --git a/adit/token_authentication/migrations/0005_alter_token_options_remove_token_expires_and_more.py b/adit/shared/token_authentication/migrations/0005_alter_token_options_remove_token_expires_and_more.py similarity index 100% rename from adit/token_authentication/migrations/0005_alter_token_options_remove_token_expires_and_more.py rename to adit/shared/token_authentication/migrations/0005_alter_token_options_remove_token_expires_and_more.py diff --git a/adit/token_authentication/migrations/0006_rename_expiry_time_token_expires.py b/adit/shared/token_authentication/migrations/0006_rename_expiry_time_token_expires.py similarity index 100% rename from adit/token_authentication/migrations/0006_rename_expiry_time_token_expires.py rename to adit/shared/token_authentication/migrations/0006_rename_expiry_time_token_expires.py diff --git a/adit/token_authentication/migrations/0007_alter_token_last_used.py b/adit/shared/token_authentication/migrations/0007_alter_token_last_used.py similarity index 100% rename from adit/token_authentication/migrations/0007_alter_token_last_used.py rename to adit/shared/token_authentication/migrations/0007_alter_token_last_used.py diff --git a/adit/token_authentication/migrations/0008_alter_token_token_hashed.py b/adit/shared/token_authentication/migrations/0008_alter_token_token_hashed.py similarity index 100% rename from adit/token_authentication/migrations/0008_alter_token_token_hashed.py rename to adit/shared/token_authentication/migrations/0008_alter_token_token_hashed.py diff --git a/adit/token_authentication/migrations/0009_rename_author_token_owner_alter_token_client_and_more.py b/adit/shared/token_authentication/migrations/0009_rename_author_token_owner_alter_token_client_and_more.py similarity index 100% rename from adit/token_authentication/migrations/0009_rename_author_token_owner_alter_token_client_and_more.py rename to adit/shared/token_authentication/migrations/0009_rename_author_token_owner_alter_token_client_and_more.py diff --git a/adit/token_authentication/migrations/0010_alter_token_unique_together_and_more.py b/adit/shared/token_authentication/migrations/0010_alter_token_unique_together_and_more.py similarity index 100% rename from adit/token_authentication/migrations/0010_alter_token_unique_together_and_more.py rename to adit/shared/token_authentication/migrations/0010_alter_token_unique_together_and_more.py diff --git a/adit/token_authentication/migrations/0011_delete_tokensettings_alter_token_client_and_more.py b/adit/shared/token_authentication/migrations/0011_delete_tokensettings_alter_token_client_and_more.py similarity index 100% rename from adit/token_authentication/migrations/0011_delete_tokensettings_alter_token_client_and_more.py rename to adit/shared/token_authentication/migrations/0011_delete_tokensettings_alter_token_client_and_more.py diff --git a/adit/token_authentication/migrations/0012_remove_token_unique_client_per_user_and_more.py b/adit/shared/token_authentication/migrations/0012_remove_token_unique_client_per_user_and_more.py similarity index 100% rename from adit/token_authentication/migrations/0012_remove_token_unique_client_per_user_and_more.py rename to adit/shared/token_authentication/migrations/0012_remove_token_unique_client_per_user_and_more.py diff --git a/adit/token_authentication/migrations/0013_alter_token_description.py b/adit/shared/token_authentication/migrations/0013_alter_token_description.py similarity index 100% rename from adit/token_authentication/migrations/0013_alter_token_description.py rename to adit/shared/token_authentication/migrations/0013_alter_token_description.py diff --git a/adit/token_authentication/migrations/__init__.py b/adit/shared/token_authentication/migrations/__init__.py similarity index 100% rename from adit/token_authentication/migrations/__init__.py rename to adit/shared/token_authentication/migrations/__init__.py diff --git a/adit/token_authentication/models.py b/adit/shared/token_authentication/models.py similarity index 97% rename from adit/token_authentication/models.py rename to adit/shared/token_authentication/models.py index 189fb5dd..4dffe289 100644 --- a/adit/token_authentication/models.py +++ b/adit/shared/token_authentication/models.py @@ -6,7 +6,7 @@ from django.contrib.auth.models import AbstractBaseUser, AnonymousUser from django.db import models -from adit.accounts.models import User +from adit.shared.accounts.models import User from .utils.crypto import hash_token diff --git a/adit/token_authentication/static/token_authentication/token_authentication.js b/adit/shared/token_authentication/static/token_authentication/token_authentication.js similarity index 100% rename from adit/token_authentication/static/token_authentication/token_authentication.js rename to adit/shared/token_authentication/static/token_authentication/token_authentication.js diff --git a/adit/token_authentication/templates/token_authentication/_generate_token_help_modal.html b/adit/shared/token_authentication/templates/token_authentication/_generate_token_help_modal.html similarity index 100% rename from adit/token_authentication/templates/token_authentication/_generate_token_help_modal.html rename to adit/shared/token_authentication/templates/token_authentication/_generate_token_help_modal.html diff --git a/adit/token_authentication/templates/token_authentication/token_authentication_layout.html b/adit/shared/token_authentication/templates/token_authentication/token_authentication_layout.html similarity index 100% rename from adit/token_authentication/templates/token_authentication/token_authentication_layout.html rename to adit/shared/token_authentication/templates/token_authentication/token_authentication_layout.html diff --git a/adit/token_authentication/templates/token_authentication/token_dashboard.html b/adit/shared/token_authentication/templates/token_authentication/token_dashboard.html similarity index 100% rename from adit/token_authentication/templates/token_authentication/token_dashboard.html rename to adit/shared/token_authentication/templates/token_authentication/token_dashboard.html diff --git a/adit/token_authentication/tests/__init__.py b/adit/shared/token_authentication/tests/__init__.py similarity index 100% rename from adit/token_authentication/tests/__init__.py rename to adit/shared/token_authentication/tests/__init__.py diff --git a/adit/token_authentication/tests/integration/conftest.py b/adit/shared/token_authentication/tests/integration/conftest.py similarity index 100% rename from adit/token_authentication/tests/integration/conftest.py rename to adit/shared/token_authentication/tests/integration/conftest.py diff --git a/adit/token_authentication/tests/integration/test_token_authentication.py b/adit/shared/token_authentication/tests/integration/test_token_authentication.py similarity index 100% rename from adit/token_authentication/tests/integration/test_token_authentication.py rename to adit/shared/token_authentication/tests/integration/test_token_authentication.py diff --git a/adit/token_authentication/urls.py b/adit/shared/token_authentication/urls.py similarity index 100% rename from adit/token_authentication/urls.py rename to adit/shared/token_authentication/urls.py diff --git a/adit/token_authentication/utils/__init__.py b/adit/shared/token_authentication/utils/__init__.py similarity index 100% rename from adit/token_authentication/utils/__init__.py rename to adit/shared/token_authentication/utils/__init__.py diff --git a/adit/token_authentication/utils/crypto.py b/adit/shared/token_authentication/utils/crypto.py similarity index 100% rename from adit/token_authentication/utils/crypto.py rename to adit/shared/token_authentication/utils/crypto.py diff --git a/adit/token_authentication/views.py b/adit/shared/token_authentication/views.py similarity index 100% rename from adit/token_authentication/views.py rename to adit/shared/token_authentication/views.py diff --git a/adit/urls.py b/adit/urls.py index 111f974e..fc88f4da 100644 --- a/adit/urls.py +++ b/adit/urls.py @@ -20,14 +20,14 @@ urlpatterns = [ path("admin-the-great/", admin.site.urls), path("api-auth/", include("rest_framework.urls")), - path("accounts/", include("adit.accounts.urls")), + path("accounts/", include("adit.shared.accounts.urls")), path("api/", include("adit.api.urls")), path("", include("adit.core.urls")), path("selective-transfer/", include("adit.selective_transfer.urls")), path("batch-transfer/", include("adit.batch_transfer.urls")), path("batch-query/", include("adit.batch_query.urls")), path("dicom-explorer/", include("adit.dicom_explorer.urls")), - path("token-authentication/", include("adit.token_authentication.urls")), + path("token-authentication/", include("adit.shared.token_authentication.urls")), path("dicom-web/", include("adit.dicom_web.urls")), path("sandbox/", include("adit.sandbox.urls")), ] From 37ae48910610a78c520a583147f05ce49774632f Mon Sep 17 00:00:00 2001 From: Kai Schlamp Date: Mon, 28 Aug 2023 14:22:56 +0000 Subject: [PATCH 03/13] Add license to shared folder --- adit/shared/LICENSE | 674 ++++++++++++++++++++++++++++++++++++++++++ adit/shared/README.md | 4 + 2 files changed, 678 insertions(+) create mode 100644 adit/shared/LICENSE diff --git a/adit/shared/LICENSE b/adit/shared/LICENSE new file mode 100644 index 00000000..4123b4cc --- /dev/null +++ b/adit/shared/LICENSE @@ -0,0 +1,674 @@ + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2020 Kai Schlamp, Heidelberg + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +Also add information on how to contact you by electronic and paper mail. + + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: + + Copyright (C) + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +. \ No newline at end of file diff --git a/adit/shared/README.md b/adit/shared/README.md index 7d3c05cf..08bb02d9 100644 --- a/adit/shared/README.md +++ b/adit/shared/README.md @@ -1,3 +1,7 @@ # Shared code This folder contains shared code between ADIT and RADIS, mainly account and authentication stuff. + +## License + +- GPL 3.0 or later From 54e3b087cc0be0d7c872790f4f634874629d0147 Mon Sep 17 00:00:00 2001 From: Kai Schlamp Date: Mon, 28 Aug 2023 15:56:32 +0000 Subject: [PATCH 04/13] Give permissions to access django-shared on GitHub https://docs.github.com/en/codespaces/managing-your-codespaces/managing-repository-access-for-your-codespaces --- .devcontainer/devcontainer.json | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index bb9a899e..9c5ca17e 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -15,6 +15,15 @@ "postCreateCommand": "poetry install && npm install", "postStartCommand": "poetry run invoke init-workspace --type codespaces", "customizations": { + "codespaces": { + "repositories": { + "radexperts/django-shared": { + "permissions": { + "permissions": "write-all" + } + } + } + }, "vscode": { "extensions": [ "batisteo.vscode-django", From 54622ff666defe6b5a14285408f3772ab31d8aca Mon Sep 17 00:00:00 2001 From: Kai Schlamp Date: Mon, 28 Aug 2023 20:24:24 +0200 Subject: [PATCH 05/13] Update devcontainer.json --- .devcontainer/devcontainer.json | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 9c5ca17e..018b55a4 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -18,9 +18,7 @@ "codespaces": { "repositories": { "radexperts/django-shared": { - "permissions": { - "permissions": "write-all" - } + "permissions": "write-all" } } }, From da99bc8571730d67b26b7e6396b23bd613311310 Mon Sep 17 00:00:00 2001 From: Kai Schlamp Date: Mon, 28 Aug 2023 18:41:07 +0000 Subject: [PATCH 06/13] Make git subtree available --- .devcontainer/Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 0374fd32..908fe470 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -7,6 +7,9 @@ RUN apt-get update && \ apt-get clean && \ rm -rf /var/lib/apt/lists/* +# Make git subtree available +RUN sudo cp -a /usr/lib/git-core/git-subtree /usr/local/bin/ + USER vscode # pipx is already installed in the base devcontainers Python image From 61b980105d4e776642c66992401feeb19e609d3c Mon Sep 17 00:00:00 2001 From: Kai Schlamp Date: Mon, 28 Aug 2023 18:45:37 +0000 Subject: [PATCH 07/13] Delete shared folder --- adit/shared/LICENSE | 674 ------------------ adit/shared/README.md | 7 - adit/shared/__init__.py | 0 adit/shared/accounts/__init__.py | 0 adit/shared/accounts/admin.py | 38 - adit/shared/accounts/apps.py | 5 - adit/shared/accounts/factories.py | 45 -- adit/shared/accounts/forms.py | 42 -- .../accounts/migrations/0001_initial.py | 47 -- .../accounts/migrations/0002_alter_user_id.py | 18 - ...3_rename_misc_settings_user_preferences.py | 17 - .../migrations/0004_alter_user_preferences.py | 17 - .../accounts/migrations/0005_institute.py | 32 - adit/shared/accounts/migrations/__init__.py | 0 adit/shared/accounts/models.py | 51 -- .../templates/accounts/accounts_layout.html | 1 - .../accounts/templates/accounts/profile.html | 42 -- .../accounts/tests/integration/conftest.py | 5 - .../accounts/tests/integration/test_login.py | 9 - adit/shared/accounts/urls.py | 8 - adit/shared/accounts/utils.py | 44 -- adit/shared/accounts/views.py | 31 - adit/shared/templates/registration/README.md | 2 - .../templates/registration/activate.html | 11 - .../registration/activation_complete.html | 16 - .../activation_complete_admin_pending.html | 19 - .../registration/activation_email.html | 43 -- .../registration/activation_email.txt | 24 - .../registration/activation_email_subject.txt | 1 - .../templates/registration/admin_approve.html | 8 - .../registration/admin_approve_complete.html | 11 - .../admin_approve_complete_email.html | 17 - .../admin_approve_complete_email.txt | 5 - .../admin_approve_complete_email_subject.txt | 1 - .../registration/admin_approve_email.html | 57 -- .../registration/admin_approve_email.txt | 16 - .../admin_approve_email_subject.txt | 1 - adit/shared/templates/registration/login.html | 39 - .../shared/templates/registration/logout.html | 12 - .../registration/password_change_done.html | 11 - .../registration/password_change_form.html | 20 - .../registration/password_reset_complete.html | 14 - .../registration/password_reset_confirm.html | 25 - .../registration/password_reset_done.html | 17 - .../registration/password_reset_email.html | 25 - .../registration/password_reset_form.html | 24 - .../registration/registration_base.html | 1 - .../registration/registration_closed.html | 11 - .../registration/registration_complete.html | 19 - .../registration/registration_form.html | 12 - .../resend_activation_complete.html | 23 - .../registration/resend_activation_form.html | 16 - adit/shared/token_authentication/__init__.py | 0 adit/shared/token_authentication/admin.py | 20 - adit/shared/token_authentication/apps.py | 27 - adit/shared/token_authentication/auth.py | 74 -- adit/shared/token_authentication/factories.py | 23 - adit/shared/token_authentication/forms.py | 60 -- .../migrations/0001_initial.py | 72 -- ...token_fraction_alter_token_token_string.py | 23 - .../migrations/0003_alter_token_client.py | 17 - ..._rename_token_string_token_token_hashed.py | 17 - ...n_options_remove_token_expires_and_more.py | 29 - .../0006_rename_expiry_time_token_expires.py | 17 - .../migrations/0007_alter_token_last_used.py | 17 - .../0008_alter_token_token_hashed.py | 17 - ...token_owner_alter_token_client_and_more.py | 28 - ...10_alter_token_unique_together_and_more.py | 22 - ...kensettings_alter_token_client_and_more.py | 30 - ...e_token_unique_client_per_user_and_more.py | 21 - .../0013_alter_token_description.py | 17 - .../migrations/__init__.py | 0 adit/shared/token_authentication/models.py | 60 -- .../token_authentication.js | 19 - .../_generate_token_help_modal.html | 15 - .../token_authentication_layout.html | 5 - .../token_authentication/token_dashboard.html | 85 --- .../token_authentication/tests/__init__.py | 0 .../tests/integration/conftest.py | 5 - .../integration/test_token_authentication.py | 48 -- adit/shared/token_authentication/urls.py | 17 - .../token_authentication/utils/__init__.py | 0 .../token_authentication/utils/crypto.py | 12 - adit/shared/token_authentication/views.py | 79 -- 84 files changed, 2510 deletions(-) delete mode 100644 adit/shared/LICENSE delete mode 100644 adit/shared/README.md delete mode 100644 adit/shared/__init__.py delete mode 100644 adit/shared/accounts/__init__.py delete mode 100644 adit/shared/accounts/admin.py delete mode 100644 adit/shared/accounts/apps.py delete mode 100644 adit/shared/accounts/factories.py delete mode 100644 adit/shared/accounts/forms.py delete mode 100644 adit/shared/accounts/migrations/0001_initial.py delete mode 100644 adit/shared/accounts/migrations/0002_alter_user_id.py delete mode 100644 adit/shared/accounts/migrations/0003_rename_misc_settings_user_preferences.py delete mode 100644 adit/shared/accounts/migrations/0004_alter_user_preferences.py delete mode 100644 adit/shared/accounts/migrations/0005_institute.py delete mode 100644 adit/shared/accounts/migrations/__init__.py delete mode 100644 adit/shared/accounts/models.py delete mode 100644 adit/shared/accounts/templates/accounts/accounts_layout.html delete mode 100644 adit/shared/accounts/templates/accounts/profile.html delete mode 100644 adit/shared/accounts/tests/integration/conftest.py delete mode 100644 adit/shared/accounts/tests/integration/test_login.py delete mode 100644 adit/shared/accounts/urls.py delete mode 100644 adit/shared/accounts/utils.py delete mode 100644 adit/shared/accounts/views.py delete mode 100644 adit/shared/templates/registration/README.md delete mode 100755 adit/shared/templates/registration/activate.html delete mode 100755 adit/shared/templates/registration/activation_complete.html delete mode 100644 adit/shared/templates/registration/activation_complete_admin_pending.html delete mode 100644 adit/shared/templates/registration/activation_email.html delete mode 100644 adit/shared/templates/registration/activation_email.txt delete mode 100644 adit/shared/templates/registration/activation_email_subject.txt delete mode 100644 adit/shared/templates/registration/admin_approve.html delete mode 100644 adit/shared/templates/registration/admin_approve_complete.html delete mode 100644 adit/shared/templates/registration/admin_approve_complete_email.html delete mode 100644 adit/shared/templates/registration/admin_approve_complete_email.txt delete mode 100644 adit/shared/templates/registration/admin_approve_complete_email_subject.txt delete mode 100644 adit/shared/templates/registration/admin_approve_email.html delete mode 100644 adit/shared/templates/registration/admin_approve_email.txt delete mode 100644 adit/shared/templates/registration/admin_approve_email_subject.txt delete mode 100755 adit/shared/templates/registration/login.html delete mode 100755 adit/shared/templates/registration/logout.html delete mode 100755 adit/shared/templates/registration/password_change_done.html delete mode 100755 adit/shared/templates/registration/password_change_form.html delete mode 100755 adit/shared/templates/registration/password_reset_complete.html delete mode 100755 adit/shared/templates/registration/password_reset_confirm.html delete mode 100755 adit/shared/templates/registration/password_reset_done.html delete mode 100755 adit/shared/templates/registration/password_reset_email.html delete mode 100755 adit/shared/templates/registration/password_reset_form.html delete mode 100755 adit/shared/templates/registration/registration_base.html delete mode 100755 adit/shared/templates/registration/registration_closed.html delete mode 100755 adit/shared/templates/registration/registration_complete.html delete mode 100755 adit/shared/templates/registration/registration_form.html delete mode 100644 adit/shared/templates/registration/resend_activation_complete.html delete mode 100644 adit/shared/templates/registration/resend_activation_form.html delete mode 100644 adit/shared/token_authentication/__init__.py delete mode 100644 adit/shared/token_authentication/admin.py delete mode 100644 adit/shared/token_authentication/apps.py delete mode 100644 adit/shared/token_authentication/auth.py delete mode 100644 adit/shared/token_authentication/factories.py delete mode 100644 adit/shared/token_authentication/forms.py delete mode 100644 adit/shared/token_authentication/migrations/0001_initial.py delete mode 100644 adit/shared/token_authentication/migrations/0002_token_fraction_alter_token_token_string.py delete mode 100644 adit/shared/token_authentication/migrations/0003_alter_token_client.py delete mode 100644 adit/shared/token_authentication/migrations/0004_rename_token_string_token_token_hashed.py delete mode 100644 adit/shared/token_authentication/migrations/0005_alter_token_options_remove_token_expires_and_more.py delete mode 100644 adit/shared/token_authentication/migrations/0006_rename_expiry_time_token_expires.py delete mode 100644 adit/shared/token_authentication/migrations/0007_alter_token_last_used.py delete mode 100644 adit/shared/token_authentication/migrations/0008_alter_token_token_hashed.py delete mode 100644 adit/shared/token_authentication/migrations/0009_rename_author_token_owner_alter_token_client_and_more.py delete mode 100644 adit/shared/token_authentication/migrations/0010_alter_token_unique_together_and_more.py delete mode 100644 adit/shared/token_authentication/migrations/0011_delete_tokensettings_alter_token_client_and_more.py delete mode 100644 adit/shared/token_authentication/migrations/0012_remove_token_unique_client_per_user_and_more.py delete mode 100644 adit/shared/token_authentication/migrations/0013_alter_token_description.py delete mode 100644 adit/shared/token_authentication/migrations/__init__.py delete mode 100644 adit/shared/token_authentication/models.py delete mode 100644 adit/shared/token_authentication/static/token_authentication/token_authentication.js delete mode 100644 adit/shared/token_authentication/templates/token_authentication/_generate_token_help_modal.html delete mode 100644 adit/shared/token_authentication/templates/token_authentication/token_authentication_layout.html delete mode 100644 adit/shared/token_authentication/templates/token_authentication/token_dashboard.html delete mode 100644 adit/shared/token_authentication/tests/__init__.py delete mode 100644 adit/shared/token_authentication/tests/integration/conftest.py delete mode 100644 adit/shared/token_authentication/tests/integration/test_token_authentication.py delete mode 100644 adit/shared/token_authentication/urls.py delete mode 100644 adit/shared/token_authentication/utils/__init__.py delete mode 100644 adit/shared/token_authentication/utils/crypto.py delete mode 100644 adit/shared/token_authentication/views.py diff --git a/adit/shared/LICENSE b/adit/shared/LICENSE deleted file mode 100644 index 4123b4cc..00000000 --- a/adit/shared/LICENSE +++ /dev/null @@ -1,674 +0,0 @@ - GNU GENERAL PUBLIC LICENSE - Version 3, 29 June 2007 - - Copyright (C) 2020 Kai Schlamp, Heidelberg - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The GNU General Public License is a free, copyleft license for -software and other kinds of works. - - The licenses for most software and other practical works are designed -to take away your freedom to share and change the works. By contrast, -the GNU General Public License is intended to guarantee your freedom to -share and change all versions of a program--to make sure it remains free -software for all its users. We, the Free Software Foundation, use the -GNU General Public License for most of our software; it applies also to -any other work released this way by its authors. You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -them if you wish), that you receive source code or can get it if you -want it, that you can change the software or use pieces of it in new -free programs, and that you know you can do these things. - - To protect your rights, we need to prevent others from denying you -these rights or asking you to surrender the rights. Therefore, you have -certain responsibilities if you distribute copies of the software, or if -you modify it: responsibilities to respect the freedom of others. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must pass on to the recipients the same -freedoms that you received. You must make sure that they, too, receive -or can get the source code. And you must show them these terms so they -know their rights. - - Developers that use the GNU GPL protect your rights with two steps: -(1) assert copyright on the software, and (2) offer you this License -giving you legal permission to copy, distribute and/or modify it. - - For the developers' and authors' protection, the GPL clearly explains -that there is no warranty for this free software. For both users' and -authors' sake, the GPL requires that modified versions be marked as -changed, so that their problems will not be attributed erroneously to -authors of previous versions. - - Some devices are designed to deny users access to install or run -modified versions of the software inside them, although the manufacturer -can do so. This is fundamentally incompatible with the aim of -protecting users' freedom to change the software. The systematic -pattern of such abuse occurs in the area of products for individuals to -use, which is precisely where it is most unacceptable. Therefore, we -have designed this version of the GPL to prohibit the practice for those -products. If such problems arise substantially in other domains, we -stand ready to extend this provision to those domains in future versions -of the GPL, as needed to protect the freedom of users. - - Finally, every program is threatened constantly by software patents. -States should not allow patents to restrict development and use of -software on general-purpose computers, but in those that do, we wish to -avoid the special danger that patents applied to a free program could -make it effectively proprietary. To prevent this, the GPL assures that -patents cannot be used to render the program non-free. - - The precise terms and conditions for copying, distribution and -modification follow. - - TERMS AND CONDITIONS - - 0. Definitions. - - "This License" refers to version 3 of the GNU General Public License. - - "Copyright" also means copyright-like laws that apply to other kinds of -works, such as semiconductor masks. - - "The Program" refers to any copyrightable work licensed under this -License. Each licensee is addressed as "you". "Licensees" and -"recipients" may be individuals or organizations. - - To "modify" a work means to copy from or adapt all or part of the work -in a fashion requiring copyright permission, other than the making of an -exact copy. The resulting work is called a "modified version" of the -earlier work or a work "based on" the earlier work. - - A "covered work" means either the unmodified Program or a work based -on the Program. - - To "propagate" a work means to do anything with it that, without -permission, would make you directly or secondarily liable for -infringement under applicable copyright law, except executing it on a -computer or modifying a private copy. Propagation includes copying, -distribution (with or without modification), making available to the -public, and in some countries other activities as well. - - To "convey" a work means any kind of propagation that enables other -parties to make or receive copies. Mere interaction with a user through -a computer network, with no transfer of a copy, is not conveying. - - An interactive user interface displays "Appropriate Legal Notices" -to the extent that it includes a convenient and prominently visible -feature that (1) displays an appropriate copyright notice, and (2) -tells the user that there is no warranty for the work (except to the -extent that warranties are provided), that licensees may convey the -work under this License, and how to view a copy of this License. If -the interface presents a list of user commands or options, such as a -menu, a prominent item in the list meets this criterion. - - 1. Source Code. - - The "source code" for a work means the preferred form of the work -for making modifications to it. "Object code" means any non-source -form of a work. - - A "Standard Interface" means an interface that either is an official -standard defined by a recognized standards body, or, in the case of -interfaces specified for a particular programming language, one that -is widely used among developers working in that language. - - The "System Libraries" of an executable work include anything, other -than the work as a whole, that (a) is included in the normal form of -packaging a Major Component, but which is not part of that Major -Component, and (b) serves only to enable use of the work with that -Major Component, or to implement a Standard Interface for which an -implementation is available to the public in source code form. A -"Major Component", in this context, means a major essential component -(kernel, window system, and so on) of the specific operating system -(if any) on which the executable work runs, or a compiler used to -produce the work, or an object code interpreter used to run it. - - The "Corresponding Source" for a work in object code form means all -the source code needed to generate, install, and (for an executable -work) run the object code and to modify the work, including scripts to -control those activities. However, it does not include the work's -System Libraries, or general-purpose tools or generally available free -programs which are used unmodified in performing those activities but -which are not part of the work. For example, Corresponding Source -includes interface definition files associated with source files for -the work, and the source code for shared libraries and dynamically -linked subprograms that the work is specifically designed to require, -such as by intimate data communication or control flow between those -subprograms and other parts of the work. - - The Corresponding Source need not include anything that users -can regenerate automatically from other parts of the Corresponding -Source. - - The Corresponding Source for a work in source code form is that -same work. - - 2. Basic Permissions. - - All rights granted under this License are granted for the term of -copyright on the Program, and are irrevocable provided the stated -conditions are met. This License explicitly affirms your unlimited -permission to run the unmodified Program. The output from running a -covered work is covered by this License only if the output, given its -content, constitutes a covered work. This License acknowledges your -rights of fair use or other equivalent, as provided by copyright law. - - You may make, run and propagate covered works that you do not -convey, without conditions so long as your license otherwise remains -in force. You may convey covered works to others for the sole purpose -of having them make modifications exclusively for you, or provide you -with facilities for running those works, provided that you comply with -the terms of this License in conveying all material for which you do -not control copyright. Those thus making or running the covered works -for you must do so exclusively on your behalf, under your direction -and control, on terms that prohibit them from making any copies of -your copyrighted material outside their relationship with you. - - Conveying under any other circumstances is permitted solely under -the conditions stated below. Sublicensing is not allowed; section 10 -makes it unnecessary. - - 3. Protecting Users' Legal Rights From Anti-Circumvention Law. - - No covered work shall be deemed part of an effective technological -measure under any applicable law fulfilling obligations under article -11 of the WIPO copyright treaty adopted on 20 December 1996, or -similar laws prohibiting or restricting circumvention of such -measures. - - When you convey a covered work, you waive any legal power to forbid -circumvention of technological measures to the extent such circumvention -is effected by exercising rights under this License with respect to -the covered work, and you disclaim any intention to limit operation or -modification of the work as a means of enforcing, against the work's -users, your or third parties' legal rights to forbid circumvention of -technological measures. - - 4. Conveying Verbatim Copies. - - You may convey verbatim copies of the Program's source code as you -receive it, in any medium, provided that you conspicuously and -appropriately publish on each copy an appropriate copyright notice; -keep intact all notices stating that this License and any -non-permissive terms added in accord with section 7 apply to the code; -keep intact all notices of the absence of any warranty; and give all -recipients a copy of this License along with the Program. - - You may charge any price or no price for each copy that you convey, -and you may offer support or warranty protection for a fee. - - 5. Conveying Modified Source Versions. - - You may convey a work based on the Program, or the modifications to -produce it from the Program, in the form of source code under the -terms of section 4, provided that you also meet all of these conditions: - - a) The work must carry prominent notices stating that you modified - it, and giving a relevant date. - - b) The work must carry prominent notices stating that it is - released under this License and any conditions added under section - 7. This requirement modifies the requirement in section 4 to - "keep intact all notices". - - c) You must license the entire work, as a whole, under this - License to anyone who comes into possession of a copy. This - License will therefore apply, along with any applicable section 7 - additional terms, to the whole of the work, and all its parts, - regardless of how they are packaged. This License gives no - permission to license the work in any other way, but it does not - invalidate such permission if you have separately received it. - - d) If the work has interactive user interfaces, each must display - Appropriate Legal Notices; however, if the Program has interactive - interfaces that do not display Appropriate Legal Notices, your - work need not make them do so. - - A compilation of a covered work with other separate and independent -works, which are not by their nature extensions of the covered work, -and which are not combined with it such as to form a larger program, -in or on a volume of a storage or distribution medium, is called an -"aggregate" if the compilation and its resulting copyright are not -used to limit the access or legal rights of the compilation's users -beyond what the individual works permit. Inclusion of a covered work -in an aggregate does not cause this License to apply to the other -parts of the aggregate. - - 6. Conveying Non-Source Forms. - - You may convey a covered work in object code form under the terms -of sections 4 and 5, provided that you also convey the -machine-readable Corresponding Source under the terms of this License, -in one of these ways: - - a) Convey the object code in, or embodied in, a physical product - (including a physical distribution medium), accompanied by the - Corresponding Source fixed on a durable physical medium - customarily used for software interchange. - - b) Convey the object code in, or embodied in, a physical product - (including a physical distribution medium), accompanied by a - written offer, valid for at least three years and valid for as - long as you offer spare parts or customer support for that product - model, to give anyone who possesses the object code either (1) a - copy of the Corresponding Source for all the software in the - product that is covered by this License, on a durable physical - medium customarily used for software interchange, for a price no - more than your reasonable cost of physically performing this - conveying of source, or (2) access to copy the - Corresponding Source from a network server at no charge. - - c) Convey individual copies of the object code with a copy of the - written offer to provide the Corresponding Source. This - alternative is allowed only occasionally and noncommercially, and - only if you received the object code with such an offer, in accord - with subsection 6b. - - d) Convey the object code by offering access from a designated - place (gratis or for a charge), and offer equivalent access to the - Corresponding Source in the same way through the same place at no - further charge. You need not require recipients to copy the - Corresponding Source along with the object code. If the place to - copy the object code is a network server, the Corresponding Source - may be on a different server (operated by you or a third party) - that supports equivalent copying facilities, provided you maintain - clear directions next to the object code saying where to find the - Corresponding Source. Regardless of what server hosts the - Corresponding Source, you remain obligated to ensure that it is - available for as long as needed to satisfy these requirements. - - e) Convey the object code using peer-to-peer transmission, provided - you inform other peers where the object code and Corresponding - Source of the work are being offered to the general public at no - charge under subsection 6d. - - A separable portion of the object code, whose source code is excluded -from the Corresponding Source as a System Library, need not be -included in conveying the object code work. - - A "User Product" is either (1) a "consumer product", which means any -tangible personal property which is normally used for personal, family, -or household purposes, or (2) anything designed or sold for incorporation -into a dwelling. In determining whether a product is a consumer product, -doubtful cases shall be resolved in favor of coverage. For a particular -product received by a particular user, "normally used" refers to a -typical or common use of that class of product, regardless of the status -of the particular user or of the way in which the particular user -actually uses, or expects or is expected to use, the product. A product -is a consumer product regardless of whether the product has substantial -commercial, industrial or non-consumer uses, unless such uses represent -the only significant mode of use of the product. - - "Installation Information" for a User Product means any methods, -procedures, authorization keys, or other information required to install -and execute modified versions of a covered work in that User Product from -a modified version of its Corresponding Source. The information must -suffice to ensure that the continued functioning of the modified object -code is in no case prevented or interfered with solely because -modification has been made. - - If you convey an object code work under this section in, or with, or -specifically for use in, a User Product, and the conveying occurs as -part of a transaction in which the right of possession and use of the -User Product is transferred to the recipient in perpetuity or for a -fixed term (regardless of how the transaction is characterized), the -Corresponding Source conveyed under this section must be accompanied -by the Installation Information. But this requirement does not apply -if neither you nor any third party retains the ability to install -modified object code on the User Product (for example, the work has -been installed in ROM). - - The requirement to provide Installation Information does not include a -requirement to continue to provide support service, warranty, or updates -for a work that has been modified or installed by the recipient, or for -the User Product in which it has been modified or installed. Access to a -network may be denied when the modification itself materially and -adversely affects the operation of the network or violates the rules and -protocols for communication across the network. - - Corresponding Source conveyed, and Installation Information provided, -in accord with this section must be in a format that is publicly -documented (and with an implementation available to the public in -source code form), and must require no special password or key for -unpacking, reading or copying. - - 7. Additional Terms. - - "Additional permissions" are terms that supplement the terms of this -License by making exceptions from one or more of its conditions. -Additional permissions that are applicable to the entire Program shall -be treated as though they were included in this License, to the extent -that they are valid under applicable law. If additional permissions -apply only to part of the Program, that part may be used separately -under those permissions, but the entire Program remains governed by -this License without regard to the additional permissions. - - When you convey a copy of a covered work, you may at your option -remove any additional permissions from that copy, or from any part of -it. (Additional permissions may be written to require their own -removal in certain cases when you modify the work.) You may place -additional permissions on material, added by you to a covered work, -for which you have or can give appropriate copyright permission. - - Notwithstanding any other provision of this License, for material you -add to a covered work, you may (if authorized by the copyright holders of -that material) supplement the terms of this License with terms: - - a) Disclaiming warranty or limiting liability differently from the - terms of sections 15 and 16 of this License; or - - b) Requiring preservation of specified reasonable legal notices or - author attributions in that material or in the Appropriate Legal - Notices displayed by works containing it; or - - c) Prohibiting misrepresentation of the origin of that material, or - requiring that modified versions of such material be marked in - reasonable ways as different from the original version; or - - d) Limiting the use for publicity purposes of names of licensors or - authors of the material; or - - e) Declining to grant rights under trademark law for use of some - trade names, trademarks, or service marks; or - - f) Requiring indemnification of licensors and authors of that - material by anyone who conveys the material (or modified versions of - it) with contractual assumptions of liability to the recipient, for - any liability that these contractual assumptions directly impose on - those licensors and authors. - - All other non-permissive additional terms are considered "further -restrictions" within the meaning of section 10. If the Program as you -received it, or any part of it, contains a notice stating that it is -governed by this License along with a term that is a further -restriction, you may remove that term. If a license document contains -a further restriction but permits relicensing or conveying under this -License, you may add to a covered work material governed by the terms -of that license document, provided that the further restriction does -not survive such relicensing or conveying. - - If you add terms to a covered work in accord with this section, you -must place, in the relevant source files, a statement of the -additional terms that apply to those files, or a notice indicating -where to find the applicable terms. - - Additional terms, permissive or non-permissive, may be stated in the -form of a separately written license, or stated as exceptions; -the above requirements apply either way. - - 8. Termination. - - You may not propagate or modify a covered work except as expressly -provided under this License. Any attempt otherwise to propagate or -modify it is void, and will automatically terminate your rights under -this License (including any patent licenses granted under the third -paragraph of section 11). - - However, if you cease all violation of this License, then your -license from a particular copyright holder is reinstated (a) -provisionally, unless and until the copyright holder explicitly and -finally terminates your license, and (b) permanently, if the copyright -holder fails to notify you of the violation by some reasonable means -prior to 60 days after the cessation. - - Moreover, your license from a particular copyright holder is -reinstated permanently if the copyright holder notifies you of the -violation by some reasonable means, this is the first time you have -received notice of violation of this License (for any work) from that -copyright holder, and you cure the violation prior to 30 days after -your receipt of the notice. - - Termination of your rights under this section does not terminate the -licenses of parties who have received copies or rights from you under -this License. If your rights have been terminated and not permanently -reinstated, you do not qualify to receive new licenses for the same -material under section 10. - - 9. Acceptance Not Required for Having Copies. - - You are not required to accept this License in order to receive or -run a copy of the Program. Ancillary propagation of a covered work -occurring solely as a consequence of using peer-to-peer transmission -to receive a copy likewise does not require acceptance. However, -nothing other than this License grants you permission to propagate or -modify any covered work. These actions infringe copyright if you do -not accept this License. Therefore, by modifying or propagating a -covered work, you indicate your acceptance of this License to do so. - - 10. Automatic Licensing of Downstream Recipients. - - Each time you convey a covered work, the recipient automatically -receives a license from the original licensors, to run, modify and -propagate that work, subject to this License. You are not responsible -for enforcing compliance by third parties with this License. - - An "entity transaction" is a transaction transferring control of an -organization, or substantially all assets of one, or subdividing an -organization, or merging organizations. If propagation of a covered -work results from an entity transaction, each party to that -transaction who receives a copy of the work also receives whatever -licenses to the work the party's predecessor in interest had or could -give under the previous paragraph, plus a right to possession of the -Corresponding Source of the work from the predecessor in interest, if -the predecessor has it or can get it with reasonable efforts. - - You may not impose any further restrictions on the exercise of the -rights granted or affirmed under this License. For example, you may -not impose a license fee, royalty, or other charge for exercise of -rights granted under this License, and you may not initiate litigation -(including a cross-claim or counterclaim in a lawsuit) alleging that -any patent claim is infringed by making, using, selling, offering for -sale, or importing the Program or any portion of it. - - 11. Patents. - - A "contributor" is a copyright holder who authorizes use under this -License of the Program or a work on which the Program is based. The -work thus licensed is called the contributor's "contributor version". - - A contributor's "essential patent claims" are all patent claims -owned or controlled by the contributor, whether already acquired or -hereafter acquired, that would be infringed by some manner, permitted -by this License, of making, using, or selling its contributor version, -but do not include claims that would be infringed only as a -consequence of further modification of the contributor version. For -purposes of this definition, "control" includes the right to grant -patent sublicenses in a manner consistent with the requirements of -this License. - - Each contributor grants you a non-exclusive, worldwide, royalty-free -patent license under the contributor's essential patent claims, to -make, use, sell, offer for sale, import and otherwise run, modify and -propagate the contents of its contributor version. - - In the following three paragraphs, a "patent license" is any express -agreement or commitment, however denominated, not to enforce a patent -(such as an express permission to practice a patent or covenant not to -sue for patent infringement). To "grant" such a patent license to a -party means to make such an agreement or commitment not to enforce a -patent against the party. - - If you convey a covered work, knowingly relying on a patent license, -and the Corresponding Source of the work is not available for anyone -to copy, free of charge and under the terms of this License, through a -publicly available network server or other readily accessible means, -then you must either (1) cause the Corresponding Source to be so -available, or (2) arrange to deprive yourself of the benefit of the -patent license for this particular work, or (3) arrange, in a manner -consistent with the requirements of this License, to extend the patent -license to downstream recipients. "Knowingly relying" means you have -actual knowledge that, but for the patent license, your conveying the -covered work in a country, or your recipient's use of the covered work -in a country, would infringe one or more identifiable patents in that -country that you have reason to believe are valid. - - If, pursuant to or in connection with a single transaction or -arrangement, you convey, or propagate by procuring conveyance of, a -covered work, and grant a patent license to some of the parties -receiving the covered work authorizing them to use, propagate, modify -or convey a specific copy of the covered work, then the patent license -you grant is automatically extended to all recipients of the covered -work and works based on it. - - A patent license is "discriminatory" if it does not include within -the scope of its coverage, prohibits the exercise of, or is -conditioned on the non-exercise of one or more of the rights that are -specifically granted under this License. You may not convey a covered -work if you are a party to an arrangement with a third party that is -in the business of distributing software, under which you make payment -to the third party based on the extent of your activity of conveying -the work, and under which the third party grants, to any of the -parties who would receive the covered work from you, a discriminatory -patent license (a) in connection with copies of the covered work -conveyed by you (or copies made from those copies), or (b) primarily -for and in connection with specific products or compilations that -contain the covered work, unless you entered into that arrangement, -or that patent license was granted, prior to 28 March 2007. - - Nothing in this License shall be construed as excluding or limiting -any implied license or other defenses to infringement that may -otherwise be available to you under applicable patent law. - - 12. No Surrender of Others' Freedom. - - If conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot convey a -covered work so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you may -not convey it at all. For example, if you agree to terms that obligate you -to collect a royalty for further conveying from those to whom you convey -the Program, the only way you could satisfy both those terms and this -License would be to refrain entirely from conveying the Program. - - 13. Use with the GNU Affero General Public License. - - Notwithstanding any other provision of this License, you have -permission to link or combine any covered work with a work licensed -under version 3 of the GNU Affero General Public License into a single -combined work, and to convey the resulting work. The terms of this -License will continue to apply to the part which is the covered work, -but the special requirements of the GNU Affero General Public License, -section 13, concerning interaction through a network will apply to the -combination as such. - - 14. Revised Versions of this License. - - The Free Software Foundation may publish revised and/or new versions of -the GNU General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - - Each version is given a distinguishing version number. If the -Program specifies that a certain numbered version of the GNU General -Public License "or any later version" applies to it, you have the -option of following the terms and conditions either of that numbered -version or of any later version published by the Free Software -Foundation. If the Program does not specify a version number of the -GNU General Public License, you may choose any version ever published -by the Free Software Foundation. - - If the Program specifies that a proxy can decide which future -versions of the GNU General Public License can be used, that proxy's -public statement of acceptance of a version permanently authorizes you -to choose that version for the Program. - - Later license versions may give you additional or different -permissions. However, no additional obligations are imposed on any -author or copyright holder as a result of your choosing to follow a -later version. - - 15. Disclaimer of Warranty. - - THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY -APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT -HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY -OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, -THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM -IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF -ALL NECESSARY SERVICING, REPAIR OR CORRECTION. - - 16. Limitation of Liability. - - IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS -THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY -GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE -USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF -DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD -PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), -EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF -SUCH DAMAGES. - - 17. Interpretation of Sections 15 and 16. - - If the disclaimer of warranty and limitation of liability provided -above cannot be given local legal effect according to their terms, -reviewing courts shall apply local law that most closely approximates -an absolute waiver of all civil liability in connection with the -Program, unless a warranty or assumption of liability accompanies a -copy of the Program in return for a fee. - - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -state the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - - Copyright (C) - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation, either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see . - -Also add information on how to contact you by electronic and paper mail. - - If the program does terminal interaction, make it output a short -notice like this when it starts in an interactive mode: - - Copyright (C) - This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, your program's commands -might be different; for a GUI interface, you would use an "about box". - - You should also get your employer (if you work as a programmer) or school, -if any, to sign a "copyright disclaimer" for the program, if necessary. -For more information on this, and how to apply and follow the GNU GPL, see -. - - The GNU General Public License does not permit incorporating your program -into proprietary programs. If your program is a subroutine library, you -may consider it more useful to permit linking proprietary applications with -the library. If this is what you want to do, use the GNU Lesser General -Public License instead of this License. But first, please read -. \ No newline at end of file diff --git a/adit/shared/README.md b/adit/shared/README.md deleted file mode 100644 index 08bb02d9..00000000 --- a/adit/shared/README.md +++ /dev/null @@ -1,7 +0,0 @@ -# Shared code - -This folder contains shared code between ADIT and RADIS, mainly account and authentication stuff. - -## License - -- GPL 3.0 or later diff --git a/adit/shared/__init__.py b/adit/shared/__init__.py deleted file mode 100644 index e69de29b..00000000 diff --git a/adit/shared/accounts/__init__.py b/adit/shared/accounts/__init__.py deleted file mode 100644 index e69de29b..00000000 diff --git a/adit/shared/accounts/admin.py b/adit/shared/accounts/admin.py deleted file mode 100644 index db96d751..00000000 --- a/adit/shared/accounts/admin.py +++ /dev/null @@ -1,38 +0,0 @@ -from django.contrib import admin -from django.contrib.auth.admin import UserAdmin - -from adit.core.models import DicomNodeInstituteAccess - -from .models import Institute, User - - -class MyUserAdmin(UserAdmin): - ordering = ("date_joined",) - list_display = ( - "username", - "email", - "date_joined", - "first_name", - "last_name", - "is_staff", - ) - change_form_template = "loginas/change_form.html" - - -admin.site.register(User, MyUserAdmin) - - -class DicomNodeInstituteAccessInline(admin.TabularInline): - model = DicomNodeInstituteAccess - extra = 1 - ordering = ("institute__name",) - - -class InstituteAdmin(admin.ModelAdmin): - list_display = ("name", "description") - ordering = ("name",) - filter_horizontal = ("users",) - inlines = (DicomNodeInstituteAccessInline,) - - -admin.site.register(Institute, InstituteAdmin) diff --git a/adit/shared/accounts/apps.py b/adit/shared/accounts/apps.py deleted file mode 100644 index 24ee61fd..00000000 --- a/adit/shared/accounts/apps.py +++ /dev/null @@ -1,5 +0,0 @@ -from django.apps import AppConfig - - -class AccountsConfig(AppConfig): - name = "adit.shared.accounts" diff --git a/adit/shared/accounts/factories.py b/adit/shared/accounts/factories.py deleted file mode 100644 index 702f15e3..00000000 --- a/adit/shared/accounts/factories.py +++ /dev/null @@ -1,45 +0,0 @@ -from typing import Generic, TypeVar - -import factory - -from .models import Institute, User - -T = TypeVar("T") - - -# We can't use BaseDjangoModelFactory of adit.core.factories because of circular imports -class BaseDjangoModelFactory(Generic[T], factory.django.DjangoModelFactory): - @classmethod - def create(cls, *args, **kwargs) -> T: - return super().create(*args, **kwargs) - - -class UserFactory(BaseDjangoModelFactory[User]): - class Meta: - model = User - django_get_or_create = ("username",) - - username = factory.Sequence(lambda n: f"user_{n}") - email = factory.Faker("email") - password = factory.PostGenerationMethodCall("set_password", "userpass") - first_name = factory.Faker("first_name") - last_name = factory.Faker("last_name") - phone_number = factory.Faker("phone_number") - department = factory.Faker("company") - - -class AdminUserFactory(UserFactory): - username = "admin" - email = "admin@adit.test" - password = factory.PostGenerationMethodCall("set_password", "admin") - is_superuser = True - is_staff = True - - -class InstituteFactory(BaseDjangoModelFactory[Institute]): - class Meta: - model = Institute - django_get_or_create = ("name",) - - name = factory.Sequence(lambda n: f"Institute {n}") - description = factory.Faker("text", max_nb_chars=200) diff --git a/adit/shared/accounts/forms.py b/adit/shared/accounts/forms.py deleted file mode 100644 index d071ef66..00000000 --- a/adit/shared/accounts/forms.py +++ /dev/null @@ -1,42 +0,0 @@ -from typing import Any - -from crispy_forms.helper import FormHelper -from crispy_forms.layout import Submit -from django.contrib.auth.forms import AuthenticationForm, UserCreationForm - -from .models import User - - -class CrispyAuthentificationForm(AuthenticationForm): - def __init__(self, *args: Any, **kwargs: Any) -> None: - super().__init__(*args, **kwargs) - self.helper = FormHelper(self) - self.helper.form_class = "form-horizontal" - self.helper.label_class = "col-lg-2" - self.helper.field_class = "col-lg-8" - self.helper.add_input(Submit("login", "Login")) - - -class RegistrationForm(UserCreationForm): - class Meta: - model = User - fields = ( - "username", - "password1", - "password2", - "email", - "first_name", - "last_name", - "phone_number", - "department", - ) - - def __init__(self, *args: Any, **kwargs: Any) -> None: - super().__init__(*args, **kwargs) - - self.fields["email"].required = True - self.fields["first_name"].required = True - self.fields["last_name"].required = True - - self.helper = FormHelper(self) - self.helper.add_input(Submit("register", "Register")) diff --git a/adit/shared/accounts/migrations/0001_initial.py b/adit/shared/accounts/migrations/0001_initial.py deleted file mode 100644 index 0a2e6321..00000000 --- a/adit/shared/accounts/migrations/0001_initial.py +++ /dev/null @@ -1,47 +0,0 @@ -# Generated by Django 3.1.3 on 2021-01-18 15:48 - -import django.contrib.auth.models -import django.contrib.auth.validators -from django.db import migrations, models -import django.utils.timezone - - -class Migration(migrations.Migration): - - initial = True - - dependencies = [ - ('auth', '0012_alter_user_first_name_max_length'), - ] - - operations = [ - migrations.CreateModel( - name='User', - fields=[ - ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), - ('password', models.CharField(max_length=128, verbose_name='password')), - ('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')), - ('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')), - ('username', models.CharField(error_messages={'unique': 'A user with that username already exists.'}, help_text='Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.', max_length=150, unique=True, validators=[django.contrib.auth.validators.UnicodeUsernameValidator()], verbose_name='username')), - ('first_name', models.CharField(blank=True, max_length=150, verbose_name='first name')), - ('last_name', models.CharField(blank=True, max_length=150, verbose_name='last name')), - ('email', models.EmailField(blank=True, max_length=254, verbose_name='email address')), - ('is_staff', models.BooleanField(default=False, help_text='Designates whether the user can log into this admin site.', verbose_name='staff status')), - ('is_active', models.BooleanField(default=True, help_text='Designates whether this user should be treated as active. Unselect this instead of deleting accounts.', verbose_name='active')), - ('date_joined', models.DateTimeField(default=django.utils.timezone.now, verbose_name='date joined')), - ('phone_number', models.CharField(max_length=64)), - ('department', models.CharField(max_length=128)), - ('misc_settings', models.JSONField(blank=True, null=True)), - ('groups', models.ManyToManyField(blank=True, help_text='The groups this user belongs to. A user will get all permissions granted to each of their groups.', related_name='user_set', related_query_name='user', to='auth.Group', verbose_name='groups')), - ('user_permissions', models.ManyToManyField(blank=True, help_text='Specific permissions for this user.', related_name='user_set', related_query_name='user', to='auth.Permission', verbose_name='user permissions')), - ], - options={ - 'verbose_name': 'user', - 'verbose_name_plural': 'users', - 'abstract': False, - }, - managers=[ - ('objects', django.contrib.auth.models.UserManager()), - ], - ), - ] diff --git a/adit/shared/accounts/migrations/0002_alter_user_id.py b/adit/shared/accounts/migrations/0002_alter_user_id.py deleted file mode 100644 index 166ef81c..00000000 --- a/adit/shared/accounts/migrations/0002_alter_user_id.py +++ /dev/null @@ -1,18 +0,0 @@ -# Generated by Django 3.2.2 on 2021-05-10 16:45 - -from django.db import migrations, models - - -class Migration(migrations.Migration): - - dependencies = [ - ('accounts', '0001_initial'), - ] - - operations = [ - migrations.AlterField( - model_name='user', - name='id', - field=models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'), - ), - ] diff --git a/adit/shared/accounts/migrations/0003_rename_misc_settings_user_preferences.py b/adit/shared/accounts/migrations/0003_rename_misc_settings_user_preferences.py deleted file mode 100644 index 22bc9ab2..00000000 --- a/adit/shared/accounts/migrations/0003_rename_misc_settings_user_preferences.py +++ /dev/null @@ -1,17 +0,0 @@ -# Generated by Django 4.2.3 on 2023-08-06 08:20 - -from django.db import migrations - - -class Migration(migrations.Migration): - dependencies = [ - ("accounts", "0002_alter_user_id"), - ] - - operations = [ - migrations.RenameField( - model_name="user", - old_name="misc_settings", - new_name="preferences", - ), - ] diff --git a/adit/shared/accounts/migrations/0004_alter_user_preferences.py b/adit/shared/accounts/migrations/0004_alter_user_preferences.py deleted file mode 100644 index 26682897..00000000 --- a/adit/shared/accounts/migrations/0004_alter_user_preferences.py +++ /dev/null @@ -1,17 +0,0 @@ -# Generated by Django 4.2.3 on 2023-08-06 08:23 - -from django.db import migrations, models - - -class Migration(migrations.Migration): - dependencies = [ - ("accounts", "0003_rename_misc_settings_user_preferences"), - ] - - operations = [ - migrations.AlterField( - model_name="user", - name="preferences", - field=models.JSONField(default=dict), - ), - ] diff --git a/adit/shared/accounts/migrations/0005_institute.py b/adit/shared/accounts/migrations/0005_institute.py deleted file mode 100644 index 909cb37d..00000000 --- a/adit/shared/accounts/migrations/0005_institute.py +++ /dev/null @@ -1,32 +0,0 @@ -# Generated by Django 4.2.4 on 2023-08-20 17:21 - -from django.conf import settings -from django.db import migrations, models - - -class Migration(migrations.Migration): - dependencies = [ - ("accounts", "0004_alter_user_preferences"), - ] - - operations = [ - migrations.CreateModel( - name="Institute", - fields=[ - ( - "id", - models.BigAutoField( - auto_created=True, primary_key=True, serialize=False, verbose_name="ID" - ), - ), - ("name", models.CharField(max_length=128, unique=True)), - ("description", models.TextField(blank=True, max_length=1024)), - ( - "users", - models.ManyToManyField( - blank=True, related_name="institutes", to=settings.AUTH_USER_MODEL - ), - ), - ], - ), - ] diff --git a/adit/shared/accounts/migrations/__init__.py b/adit/shared/accounts/migrations/__init__.py deleted file mode 100644 index e69de29b..00000000 diff --git a/adit/shared/accounts/models.py b/adit/shared/accounts/models.py deleted file mode 100644 index 365a411a..00000000 --- a/adit/shared/accounts/models.py +++ /dev/null @@ -1,51 +0,0 @@ -from typing import TYPE_CHECKING - -from django.contrib.auth.models import AbstractUser, Group, Permission -from django.contrib.contenttypes.models import ContentType -from django.core.exceptions import ObjectDoesNotExist -from django.db import models - -if TYPE_CHECKING: - from django.db.models.manager import RelatedManager - - -class User(AbstractUser): - id: int - phone_number = models.CharField(max_length=64) - department = models.CharField(max_length=128) - preferences = models.JSONField(default=dict) - - if TYPE_CHECKING: - institutes = RelatedManager["Institute"]() - - def is_group_member(self, group_name: str): - return self.groups.filter(name=group_name).exists() - - def join_group(self, group_name: str): - group = Group.objects.get(name=group_name) - self.groups.add(group) - - def add_permission(self, permission_codename: str, model: models.Model | None = None): - if model: - content_type = ContentType.objects.get_for_model(model) - permission = Permission.objects.get( - codename=permission_codename, content_type=content_type - ) - self.user_permissions.add(permission) - else: - permissions = Permission.objects.filter(codename=permission_codename) - - if len(permissions) == 0: - raise ObjectDoesNotExist(f'Permission "{permission_codename}" does not exist.') - - self.user_permissions.add(permissions) - - -class Institute(models.Model): - id: int - name = models.CharField(max_length=128, unique=True) - description = models.TextField(blank=True, max_length=1024) - users = models.ManyToManyField(User, related_name="institutes", blank=True) - - def __str__(self): - return self.name diff --git a/adit/shared/accounts/templates/accounts/accounts_layout.html b/adit/shared/accounts/templates/accounts/accounts_layout.html deleted file mode 100644 index 0ff45696..00000000 --- a/adit/shared/accounts/templates/accounts/accounts_layout.html +++ /dev/null @@ -1 +0,0 @@ -{% extends "core/core_layout.html" %} diff --git a/adit/shared/accounts/templates/accounts/profile.html b/adit/shared/accounts/templates/accounts/profile.html deleted file mode 100644 index ae694da7..00000000 --- a/adit/shared/accounts/templates/accounts/profile.html +++ /dev/null @@ -1,42 +0,0 @@ -{% extends "accounts/accounts_layout.html" %} -{% block heading %} -

Profile information

-{% endblock heading %} -{% block content %} -
-
Username
-
- {{ user.get_username }} -
-
Email
-
- {{ user.email }} -
-
Full name
-
- {{ user.get_full_name }} -
-
Phone number
-
- {{ user.phone_number }} -
-
Department
-
- {{ user.department }} -
-
Last login
-
- {{ user.last_login }} -
-
Date joined
-
- {{ user.date_joined }} -
-
-
-
Actions
- Change Password - Manage API Tokens - Logout -
-{% endblock content %} diff --git a/adit/shared/accounts/tests/integration/conftest.py b/adit/shared/accounts/tests/integration/conftest.py deleted file mode 100644 index 92e96652..00000000 --- a/adit/shared/accounts/tests/integration/conftest.py +++ /dev/null @@ -1,5 +0,0 @@ -import os - -# Workaround to make playwright work with Django -# see https://github.com/microsoft/playwright-pytest/issues/29#issuecomment-731515676 -os.environ.setdefault("DJANGO_ALLOW_ASYNC_UNSAFE", "true") diff --git a/adit/shared/accounts/tests/integration/test_login.py b/adit/shared/accounts/tests/integration/test_login.py deleted file mode 100644 index a74aadbe..00000000 --- a/adit/shared/accounts/tests/integration/test_login.py +++ /dev/null @@ -1,9 +0,0 @@ -import pytest -from playwright.sync_api import Page, expect - - -@pytest.mark.integration -@pytest.mark.django_db(transaction=True) -def test_login(page: Page, live_server, create_and_login_user): - user = create_and_login_user(live_server.url) - expect(page.locator("#logged_in_username")).to_have_text(user.username) diff --git a/adit/shared/accounts/urls.py b/adit/shared/accounts/urls.py deleted file mode 100644 index 4d64e915..00000000 --- a/adit/shared/accounts/urls.py +++ /dev/null @@ -1,8 +0,0 @@ -from django.urls import include, path - -from . import views - -urlpatterns = [ - path("", include("registration.backends.admin_approval.urls")), - path("profile/", views.UserProfileView.as_view(), name="profile"), -] diff --git a/adit/shared/accounts/utils.py b/adit/shared/accounts/utils.py deleted file mode 100644 index abc1e79f..00000000 --- a/adit/shared/accounts/utils.py +++ /dev/null @@ -1,44 +0,0 @@ -import logging - -from django.contrib.auth.models import Group, Permission - -logger = logging.getLogger(__name__) - - -def _permission_names_to_objects(names: tuple[str, ...]) -> list[Permission]: - """ - Given an iterable of permission names (e.g. 'app_label.add_model'), - return an iterable of Permission objects for them. The permission - must already exist, because a permission name is not enough information - to create a new permission. - """ - result: list[Permission] = [] - for name in names: - app_label, codename = name.split(".", 1) - try: - result.append( - Permission.objects.get(content_type__app_label=app_label, codename=codename) - ) - except Permission.DoesNotExist as err: - logger.exception("NO SUCH PERMISSION: %s, %s", app_label, codename) - raise err - - return result - - -def create_group_with_permissions(group_name: str, permission_names: tuple[str, ...]) -> None: - """Create a group with added permissions programmatically. - - Inspired by https://cheat.readthedocs.io/en/latest/django/permissions.html - """ - group, created = Group.objects.get_or_create(name=group_name) - if created: - logger.info("Created group %s.", group_name) - - perms_to_add = _permission_names_to_objects(permission_names) - group.permissions.add(*perms_to_add) - if not created: - # Group already existed - make sure it doesn't have any perms we didn't want - perms_to_remove = set(group.permissions.all()) - set(perms_to_add) - if perms_to_remove: - group.permissions.remove(*perms_to_remove) diff --git a/adit/shared/accounts/views.py b/adit/shared/accounts/views.py deleted file mode 100644 index 39491eb1..00000000 --- a/adit/shared/accounts/views.py +++ /dev/null @@ -1,31 +0,0 @@ -from typing import Any - -from django.contrib.auth.mixins import AccessMixin, LoginRequiredMixin -from django.http import HttpResponse -from django.views.generic import TemplateView -from django.views.generic.edit import CreateView - -from adit.core.types import AuthenticatedHttpRequest - -from .forms import RegistrationForm -from .models import User - - -class UserProfileView(LoginRequiredMixin, AccessMixin, TemplateView): - template_name = "accounts/profile.html" - request: AuthenticatedHttpRequest - - def get_context_data(self, **kwargs: Any) -> dict[str, Any]: - context = super().get_context_data(**kwargs) - context["user"] = self.request.user - return context - - -class RegistrationView(CreateView): - model = User - form_class = RegistrationForm - template_name = "accounts/registration.html" - - def form_valid(self, form: RegistrationForm) -> HttpResponse: - form.instance.is_active = False - return super().form_valid(form) diff --git a/adit/shared/templates/registration/README.md b/adit/shared/templates/registration/README.md deleted file mode 100644 index 8007c18e..00000000 --- a/adit/shared/templates/registration/README.md +++ /dev/null @@ -1,2 +0,0 @@ -All templates in the registation folder are copied from the "django-registation-redux" app and customized for ADIT. -See https://github.com/macropin/django-registration/tree/master/registration/templates/registration \ No newline at end of file diff --git a/adit/shared/templates/registration/activate.html b/adit/shared/templates/registration/activate.html deleted file mode 100755 index be15d830..00000000 --- a/adit/shared/templates/registration/activate.html +++ /dev/null @@ -1,11 +0,0 @@ -{% extends "registration/registration_base.html" %} -{% load trans from i18n %} -{% block title %} - {% trans "Account Activation Failure - ADIT" %} -{% endblock title %} -{% block heading %} -

{% trans "Account activation failed" %}

-{% endblock heading %} -{% block content %} -

{% trans "Please contact the support if the problem persists." %}

-{% endblock content %} diff --git a/adit/shared/templates/registration/activation_complete.html b/adit/shared/templates/registration/activation_complete.html deleted file mode 100755 index 36b47c6c..00000000 --- a/adit/shared/templates/registration/activation_complete.html +++ /dev/null @@ -1,16 +0,0 @@ -{% extends "registration/registration_base.html" %} -{% load trans from i18n %} -{% block title %} - {% trans "Account Activated - ADIT" %} -{% endblock title %} -{% block heading %} -

{% trans "Account activated" %}

-{% endblock heading %} -{% block content %} -

- {% trans "Your account is now activated." %} - {% if not user.is_authenticated %} - {% trans "You can log in." %} - {% endif %} -

-{% endblock content %} diff --git a/adit/shared/templates/registration/activation_complete_admin_pending.html b/adit/shared/templates/registration/activation_complete_admin_pending.html deleted file mode 100644 index fbfa2fc8..00000000 --- a/adit/shared/templates/registration/activation_complete_admin_pending.html +++ /dev/null @@ -1,19 +0,0 @@ -{% extends "registration/registration_base.html" %} -{% load trans blocktrans from i18n %} -{% block title %} - {% trans "Account Activated - ADIT" %} -{% endblock title %} -{% block heading %} -

{% trans "Account activated" %}

-{% endblock heading %} -{% block content %} -

- {% trans "You activated your account." %} - {% if not user.is_authenticated %} - {% blocktrans %} - To log in and use ADIT the account must be activated also by an administrator. - {% endblocktrans %} - {% trans "Once an administrator activates your account you can login." %} - {% endif %} -

-{% endblock content %} diff --git a/adit/shared/templates/registration/activation_email.html b/adit/shared/templates/registration/activation_email.html deleted file mode 100644 index ddf27dd6..00000000 --- a/adit/shared/templates/registration/activation_email.html +++ /dev/null @@ -1,43 +0,0 @@ -{% load trans blocktrans from i18n %} - - - - {% trans "ADIT registration" %} - - - - -

- Dear colleagues, -
-
- ADIT is the result of well over a hundred hours of development work, most of which took place - in my spare time. I developed it with the intention to simplify our work regarding the processing - of radiological images, so that we can focus again on the actual scientific activity. Vice versa I ask you to - consider me on publications for which ADIT was used. -
-

-

- {% blocktrans %} - To activate your account on ADIT, please click the following link within the next - {{ expiration_days }} days: - {% endblocktrans %} -

-

- - {{ site.domain }}{% url 'registration_activate' activation_key %} - -

-

- Please view the landing page of ADIT and - write me or call me - (Phone 396-8503) what permissions you need. -

-

- {% blocktrans %} - Sincerely,
- Kai Schlamp - {% endblocktrans %} -

- - diff --git a/adit/shared/templates/registration/activation_email.txt b/adit/shared/templates/registration/activation_email.txt deleted file mode 100644 index d054a15d..00000000 --- a/adit/shared/templates/registration/activation_email.txt +++ /dev/null @@ -1,24 +0,0 @@ -{% load blocktrans from i18n %} -{% blocktrans %} -Dear colleagues - -ADIT is the result of well over a hundred hours of development work, most of which took place -in my spare time. I developed it with the intention to simplify our work regarding the processing -of radiological images, so that we can focus again on the actual scientific activity. -Vice versa I ask you to consider me on publications for which ADIT was used. - -To activate your account on ADIT, please click the following link within the next -{{ expiration_days }} days: -{% endblocktrans %} - -http://{{site.domain}}{% url 'registration_activate' activation_key %} - -{% blocktrans %} -Please view the landing page of ADIT (http://{{site.domain}}) and write me -(Email: kai.schlamp@med.uni-heidelberg.de) write me or call me (Phone: 396-8503) what permissions you need. -{% endblocktrans %} - -{% blocktrans %} -Sincerely, -Kai Schlamp -{% endblocktrans %} diff --git a/adit/shared/templates/registration/activation_email_subject.txt b/adit/shared/templates/registration/activation_email_subject.txt deleted file mode 100644 index 09776327..00000000 --- a/adit/shared/templates/registration/activation_email_subject.txt +++ /dev/null @@ -1 +0,0 @@ -{% load i18n %}{% trans "Account activation on ADIT" %} diff --git a/adit/shared/templates/registration/admin_approve.html b/adit/shared/templates/registration/admin_approve.html deleted file mode 100644 index 2164156e..00000000 --- a/adit/shared/templates/registration/admin_approve.html +++ /dev/null @@ -1,8 +0,0 @@ -{% extends "registration/registration_base.html" %} -{% load trans from i18n %} -{% block title %} - {% trans "Approval Failure - ADIT" %} -{% endblock title %} -{% block content %} -

{% trans "Account approval failed." %}

-{% endblock content %} diff --git a/adit/shared/templates/registration/admin_approve_complete.html b/adit/shared/templates/registration/admin_approve_complete.html deleted file mode 100644 index cc09f2fe..00000000 --- a/adit/shared/templates/registration/admin_approve_complete.html +++ /dev/null @@ -1,11 +0,0 @@ -{% extends "registration/registration_base.html" %} -{% load trans from i18n %} -{% block title %} - {% trans "Account Approved - ADIT" %} -{% endblock title %} -{% block heading %} -

User account approved.

-{% endblock heading %} -{% block content %} -

{% trans "The user's account is now approved." %}

-{% endblock content %} diff --git a/adit/shared/templates/registration/admin_approve_complete_email.html b/adit/shared/templates/registration/admin_approve_complete_email.html deleted file mode 100644 index 2e544066..00000000 --- a/adit/shared/templates/registration/admin_approve_complete_email.html +++ /dev/null @@ -1,17 +0,0 @@ -{% load trans blocktrans from i18n %} - - - - {% trans "ADIT admin approval" %} - - - - -

- {% blocktrans %} - Your account is now approved. You can - {% endblocktrans %} - {% trans "log in." %} -

- - diff --git a/adit/shared/templates/registration/admin_approve_complete_email.txt b/adit/shared/templates/registration/admin_approve_complete_email.txt deleted file mode 100644 index 1414e85c..00000000 --- a/adit/shared/templates/registration/admin_approve_complete_email.txt +++ /dev/null @@ -1,5 +0,0 @@ -{% load blocktrans from i18n %} -{% blocktrans %} - Your account is now approved. You can log in using the following link -{% endblocktrans %} -http://{{site.domain}}{% url 'auth_login' %} diff --git a/adit/shared/templates/registration/admin_approve_complete_email_subject.txt b/adit/shared/templates/registration/admin_approve_complete_email_subject.txt deleted file mode 100644 index 2aaa12bd..00000000 --- a/adit/shared/templates/registration/admin_approve_complete_email_subject.txt +++ /dev/null @@ -1 +0,0 @@ -{% load i18n %}{% trans "Account activation on ADIT" %} \ No newline at end of file diff --git a/adit/shared/templates/registration/admin_approve_email.html b/adit/shared/templates/registration/admin_approve_email.html deleted file mode 100644 index 4e56e02b..00000000 --- a/adit/shared/templates/registration/admin_approve_email.html +++ /dev/null @@ -1,57 +0,0 @@ -{% load trans blocktrans from i18n %} - - - - {% trans "ADIT registration" %} - - - - -

- {% blocktrans %} - The user ({{ user }}) has asked to register an account at ADIT. - {% endblocktrans %} -

-

- {% blocktrans %} - To approve this, please - {% endblocktrans %} - {% trans "click here" %}. -

-

-

User Details:

-
-
- Username -
-
- {{ user.username }} -
-
- Email -
-
- {{ user.email }} -
-
- Full Name -
-
- {{ user.get_full_name }} -
-
- Phone Number -
-
- {{ user.phone_number }} -
-
- Department -
-
- {{ user.department }} -
-
-

- - diff --git a/adit/shared/templates/registration/admin_approve_email.txt b/adit/shared/templates/registration/admin_approve_email.txt deleted file mode 100644 index d47e1de4..00000000 --- a/adit/shared/templates/registration/admin_approve_email.txt +++ /dev/null @@ -1,16 +0,0 @@ -{% load blocktrans from i18n %} -{% blocktrans %} - The user ({{ user }}) has asked to register an account at ADIT. - To approve the account, please click the following link. -{% endblocktrans %} - -http://{{site.domain}}{% url 'registration_admin_approve' profile_id %} - - -User Details: - -Username: {{ user.username }} -Email: {{ user.email }} -Full Name: {{ user.get_full_name }} -Phone Number: {{ user.phone_number }} -Department: {{ user.department}} \ No newline at end of file diff --git a/adit/shared/templates/registration/admin_approve_email_subject.txt b/adit/shared/templates/registration/admin_approve_email_subject.txt deleted file mode 100644 index 085d4480..00000000 --- a/adit/shared/templates/registration/admin_approve_email_subject.txt +++ /dev/null @@ -1 +0,0 @@ -{% load i18n %}{% trans "Account approval on ADIT" %} diff --git a/adit/shared/templates/registration/login.html b/adit/shared/templates/registration/login.html deleted file mode 100755 index 8b953425..00000000 --- a/adit/shared/templates/registration/login.html +++ /dev/null @@ -1,39 +0,0 @@ -{% extends "registration/registration_base.html" %} -{% load trans from i18n %} -{% load crispy from crispy_forms_tags %} -{% block title %} - {% trans "Log in - ADIT" %} -{% endblock title %} -{% block heading %} -

Login

-{% endblock heading %} -{% block content %} - {% if form.errors %}

Your username or password is incorrect. Try again?

{% endif %} - {% if next %} - {% if user.is_authenticated %} -

- Your account doesn't have access to this page. To proceed, - please login with an account that has access. -

- {% else %} -

You muss login to access this page.

- {% endif %} - {% endif %} -

-

- {% csrf_token %} - {{ form|crispy }} - - -
-

-
-

- {% trans "Forgot your password?" %} - {% trans "Reset it" %} -

-

- {% trans "No account yet?" %} - {% trans "Register" %} -

-{% endblock content %} diff --git a/adit/shared/templates/registration/logout.html b/adit/shared/templates/registration/logout.html deleted file mode 100755 index b1c37a7d..00000000 --- a/adit/shared/templates/registration/logout.html +++ /dev/null @@ -1,12 +0,0 @@ -{% extends "registration/registration_base.html" %} -{% load trans from i18n %} -{% block title %} - {% trans "Logged out - ADIT" %} -{% endblock title %} -{% block heading %} -

{% trans "Logged out" %}

-{% endblock heading %} -{% block content %} -

{% trans "You were successfully logged out." %}

- {% trans "Log in again" %} -{% endblock content %} diff --git a/adit/shared/templates/registration/password_change_done.html b/adit/shared/templates/registration/password_change_done.html deleted file mode 100755 index 03d425fa..00000000 --- a/adit/shared/templates/registration/password_change_done.html +++ /dev/null @@ -1,11 +0,0 @@ -{% extends "registration/registration_base.html" %} -{% load trans from i18n %} -{% block title %} - {% trans "Password changed - ADIT" %} -{% endblock title %} -{% block heading %} -

{% trans "Password changed" %}

-{% endblock heading %} -{% block content %} -

{% trans "Password successfully changed!" %}

-{% endblock content %} diff --git a/adit/shared/templates/registration/password_change_form.html b/adit/shared/templates/registration/password_change_form.html deleted file mode 100755 index 5c470954..00000000 --- a/adit/shared/templates/registration/password_change_form.html +++ /dev/null @@ -1,20 +0,0 @@ -{% extends "registration/registration_base.html" %} -{% load trans from i18n %} -{% load crispy from crispy_forms_tags %} -{% block title %} - {% trans "Change password - ADIT" %} -{% endblock title %} -{% block heading %} -

{% trans "Passwort reset" %}

-{% endblock heading %} -{% block content %} -

-

- {% csrf_token %} - {{ form|crispy }} - -
-

-{% endblock content %} diff --git a/adit/shared/templates/registration/password_reset_complete.html b/adit/shared/templates/registration/password_reset_complete.html deleted file mode 100755 index 88a819d0..00000000 --- a/adit/shared/templates/registration/password_reset_complete.html +++ /dev/null @@ -1,14 +0,0 @@ -{% extends "registration/registration_base.html" %} -{% load trans blocktrans from i18n %} -{% block title %} - {% trans "Password reset complete - ADIT" %} -{% endblock title %} -{% block heading %} -

{% trans "Passwort reset" %}

-{% endblock heading %} -{% block content %} -

- {% trans "Your password has been reset!" %} - {% blocktrans %}You may now log in{% endblocktrans %}. -

-{% endblock content %} diff --git a/adit/shared/templates/registration/password_reset_confirm.html b/adit/shared/templates/registration/password_reset_confirm.html deleted file mode 100755 index a54ecd95..00000000 --- a/adit/shared/templates/registration/password_reset_confirm.html +++ /dev/null @@ -1,25 +0,0 @@ -{% extends "registration/registration_base.html" %} -{% load trans from i18n %} -{% block meta %} - - -{% endblock meta %} -{% block title %} - {% trans "Confirm password reset- ADIT" %} -{% endblock title %} -{% block heading %} -

{% trans "Reset password" %}

-{% endblock heading %} -{% block content %} - {% if validlink %} -

{% trans "Enter your new password below to reset your password:" %}

-
- {% csrf_token %} - {{ form.as_p }} - -
- {% else %} - Password reset unsuccessful. Please try again. - {% endif %} -{% endblock content %} diff --git a/adit/shared/templates/registration/password_reset_done.html b/adit/shared/templates/registration/password_reset_done.html deleted file mode 100755 index 6db12552..00000000 --- a/adit/shared/templates/registration/password_reset_done.html +++ /dev/null @@ -1,17 +0,0 @@ -{% extends "registration/registration_base.html" %} -{% load trans blocktrans from i18n %} -{% block title %} - {% trans "Password reset - ADIT" %} -{% endblock title %} -{% block heading %} -

{% trans "Reset password" %}

-{% endblock heading %} -{% block content %} -

- {% blocktrans %} - We have sent you an email with a link to reset your password. Please check - your email and click the link to continue. - {% endblocktrans %} -

-{% endblock content %} -{# This is used by django.contrib.auth #} diff --git a/adit/shared/templates/registration/password_reset_email.html b/adit/shared/templates/registration/password_reset_email.html deleted file mode 100755 index ef41a9f1..00000000 --- a/adit/shared/templates/registration/password_reset_email.html +++ /dev/null @@ -1,25 +0,0 @@ -{% load trans blocktrans from i18n %} -{% blocktrans %}Greetings{% endblocktrans %} -{% if user.get_full_name %} - {{ user.get_full_name }} -{% else %} - {{ user }} -{% endif %} -, -{% blocktrans %} -You are receiving this email because you (or someone pretending to be you) -requested that your password be reset on the {{ domain }} site. If you do not -wish to reset your password, please ignore this message. -{% endblocktrans %} -{% blocktrans %} -To reset your password, please click the following link, or copy and paste it -into your web browser: -{% endblocktrans %} - - {{ protocol }}://{{ domain }}{% url 'auth_password_reset_confirm' uid token %} - -{% blocktrans %}Your username, in case you've forgotten:{% endblocktrans %} {{ user.get_username }} -{% blocktrans %}Best regards{% endblocktrans %}, -{{ site_name }} {% blocktrans %}Management{% endblocktrans %} -{# This is used by django.contrib.auth #} diff --git a/adit/shared/templates/registration/password_reset_form.html b/adit/shared/templates/registration/password_reset_form.html deleted file mode 100755 index d076fb39..00000000 --- a/adit/shared/templates/registration/password_reset_form.html +++ /dev/null @@ -1,24 +0,0 @@ -{% extends "registration/registration_base.html" %} -{% load trans blocktrans from i18n %} -{% load crispy from crispy_forms_tags %} -{% block title %} - {% trans "ADIT - Reset password" %} -{% endblock title %} -{% block heading %} -

{% trans "Forgot your password?" %}

-{% endblock heading %} -{% block content %} -

- {% blocktrans %} - Enter your email in the form below and we'll send you instructions for creating a new one. - {% endblocktrans %} -

-
- {% csrf_token %} - {{ form|crispy }} - -
-{% endblock content %} -{# This is used by django.contrib.auth #} diff --git a/adit/shared/templates/registration/registration_base.html b/adit/shared/templates/registration/registration_base.html deleted file mode 100755 index ea500082..00000000 --- a/adit/shared/templates/registration/registration_base.html +++ /dev/null @@ -1 +0,0 @@ -{% extends "accounts/accounts_layout.html" %} diff --git a/adit/shared/templates/registration/registration_closed.html b/adit/shared/templates/registration/registration_closed.html deleted file mode 100755 index 38effe70..00000000 --- a/adit/shared/templates/registration/registration_closed.html +++ /dev/null @@ -1,11 +0,0 @@ -{% extends "registration/registration_base.html" %} -{% load trans from i18n %} -{% block title %} - {% trans "Registration is closed - ADIT" %} -{% endblock title %} -{% block heading %} -

{% trans "Registration closed" %}

-{% endblock heading %} -{% block content %} -

{% trans "Sorry, but registration is closed at this moment. Come back later." %}

-{% endblock content %} diff --git a/adit/shared/templates/registration/registration_complete.html b/adit/shared/templates/registration/registration_complete.html deleted file mode 100755 index 0da375fe..00000000 --- a/adit/shared/templates/registration/registration_complete.html +++ /dev/null @@ -1,19 +0,0 @@ -{% extends "registration/registration_base.html" %} -{% load trans from i18n %} -{% block title %} - {% trans "Activation email sent - ADIT" %} -{% endblock title %} -{% block heading %} -

{% trans "Registration complete" %}

-{% endblock heading %} -{% block content %} -

{% trans "Please check your email to complete the registration process." %}

-{% endblock content %} -{% comment %} -**registration/registration_complete.html** - -Used after successful completion of the registration form. This -template has no context variables of its own, and should simply inform -the user that an email containing account-activation information has -been sent. -{% endcomment %} diff --git a/adit/shared/templates/registration/registration_form.html b/adit/shared/templates/registration/registration_form.html deleted file mode 100755 index 284dbfb1..00000000 --- a/adit/shared/templates/registration/registration_form.html +++ /dev/null @@ -1,12 +0,0 @@ -{% extends "registration/registration_base.html" %} -{% load trans from i18n %} -{% load crispy from crispy_forms_tags %} -{% block title %} - {% trans "Register for an account - ADIT" %} -{% endblock title %} -{% block heading %} -

{% trans "User registration" %}

-{% endblock heading %} -{% block content %} -

{% crispy form %}

-{% endblock content %} diff --git a/adit/shared/templates/registration/resend_activation_complete.html b/adit/shared/templates/registration/resend_activation_complete.html deleted file mode 100644 index 9bd4571c..00000000 --- a/adit/shared/templates/registration/resend_activation_complete.html +++ /dev/null @@ -1,23 +0,0 @@ -{% extends "registration/registration_base.html" %} -{% load trans blocktrans from i18n %} -{% block title %} - {% trans "Account Activation Resent - ADIT" %} -{% endblock title %} -{% block heading %} -

{% trans "Account activation resent" %}

-{% endblock heading %} -{% block content %} -

- {% blocktrans %} - We have sent an email to {{ email }} with further instructions. - {% endblocktrans %} -

-{% endblock content %} -{% comment %} -**registration/resend_activation_complete.html** -Used after form for resending account activation is submitted. By default has -the following context: - -``email`` - The email address submitted in the resend activation form. -{% endcomment %} diff --git a/adit/shared/templates/registration/resend_activation_form.html b/adit/shared/templates/registration/resend_activation_form.html deleted file mode 100644 index f262a656..00000000 --- a/adit/shared/templates/registration/resend_activation_form.html +++ /dev/null @@ -1,16 +0,0 @@ -{% extends "registration/registration_base.html" %} -{% load trans from i18n %} -{% load crispy from crispy_forms_tags %} -{% block title %} - {% trans "Resend Activation Email - ADIT" %} -{% endblock title %} -{% block heading %} -

{% trans "Resend activation mail" %}

-{% endblock heading %} -{% block content %} -
- {% csrf_token %} - {{ form|crispy }} - -
-{% endblock content %} diff --git a/adit/shared/token_authentication/__init__.py b/adit/shared/token_authentication/__init__.py deleted file mode 100644 index e69de29b..00000000 diff --git a/adit/shared/token_authentication/admin.py b/adit/shared/token_authentication/admin.py deleted file mode 100644 index 3c77bedc..00000000 --- a/adit/shared/token_authentication/admin.py +++ /dev/null @@ -1,20 +0,0 @@ -from django.contrib import admin - -from .models import Token - - -class TokenAdmin(admin.ModelAdmin): - list_display = ( - "fraction", - "description", - "owner", - "created_time", - "expires", - "last_used", - ) - - list_filter = ("owner", "created_time", "last_used", "expires") - search_fields = ("owner",) - - -admin.site.register(Token, TokenAdmin) diff --git a/adit/shared/token_authentication/apps.py b/adit/shared/token_authentication/apps.py deleted file mode 100644 index 3d4d87b7..00000000 --- a/adit/shared/token_authentication/apps.py +++ /dev/null @@ -1,27 +0,0 @@ -from django.apps import AppConfig -from django.db.models.signals import post_migrate - - -class TokenAuthenticationConfig(AppConfig): - default_auto_field = "django.db.models.BigAutoField" - name = "adit.shared.token_authentication" - - def ready(self): - post_migrate.connect(init_db, sender=self) - - -def init_db(**kwargs): - create_group() - - -def create_group(): - from adit.shared.accounts.utils import create_group_with_permissions - - create_group_with_permissions( - "token_authentication_group", - ( - "token_authentication.add_token", - "token_authentication.delete_token", - "token_authentication.view_token", - ), - ) diff --git a/adit/shared/token_authentication/auth.py b/adit/shared/token_authentication/auth.py deleted file mode 100644 index 9368bfef..00000000 --- a/adit/shared/token_authentication/auth.py +++ /dev/null @@ -1,74 +0,0 @@ -import logging - -from django.utils import timezone -from rest_framework.authentication import BaseAuthentication -from rest_framework.exceptions import AuthenticationFailed -from rest_framework.request import Request - -from adit.shared.accounts.models import User - -from .models import Token -from .utils.crypto import hash_token, verify_token - -logger = logging.getLogger(__name__) - - -class RestTokenAuthentication(BaseAuthentication): - """ - This class is used to authenticate users via a json web token. - The token is expected to be provided in the request header as follows: - Authorization: Token - """ - - def authenticate_header(self, request: Request): - return "Authentication failed." - - def authenticate(self, request: Request): - try: - auth = request.META.get("HTTP_AUTHORIZATION", None) - if auth is None: - auth = request.META["headers"].get("Authorization", None) - protocol, token_string = auth.split(" ") - except Exception: - message = "Invalid token header. Please provide credentials in the request header." - raise AuthenticationFailed(message) - - if not protocol == "Token": - message = "Please use the token authentication protocol to access the REST API." - raise AuthenticationFailed(message) - - message, user, token = self.verify_token(token_string) - if token is None: - raise AuthenticationFailed(message) - - token.last_used = timezone.now() - token.save() - - return (user, token) - - def verify_token(self, token_string: str) -> tuple[str, User | None, Token | None]: - """ - This method verifies the token string by checking if the token - exists in the database and if the token is not expired. - - :param token_string: The token string to be verified. - :return: A tuple containing a message describing the result of the - verification, the user associated with the token, and the token - object itself. If the token is invalid, the user and token objects - are None. - """ - token_hashed = hash_token(token_string) - - try: - token = Token.objects.get(token_hashed=token_hashed) - except Token.DoesNotExist: - return "Invalid token. Token does not exist.", None, None - - # Double check that the token hash is correct. - if not verify_token(token_string, token.token_hashed): - raise AssertionError(f"Internal token error. Invalid token hash {token_hashed}.") - - if token.is_expired(): - return "Invalid Token. Token is expired.", None, None - - return "", token.owner, token diff --git a/adit/shared/token_authentication/factories.py b/adit/shared/token_authentication/factories.py deleted file mode 100644 index 2544173e..00000000 --- a/adit/shared/token_authentication/factories.py +++ /dev/null @@ -1,23 +0,0 @@ -from datetime import timedelta - -import factory -from django.utils import timezone - -from adit.core.factories import BaseDjangoModelFactory -from adit.shared.accounts.factories import UserFactory - -from .models import Token -from .utils.crypto import hash_token - - -class TokenFactory(BaseDjangoModelFactory[Token]): - class Meta: - model = Token - django_get_or_create = ("token_hashed",) - - token_hashed = factory.LazyFunction(lambda: hash_token("test_token_string")) - description = factory.Faker("sentence", nb_words=3) - owner = factory.SubFactory(UserFactory) - created_time = timezone.now() - expires = timezone.now() + timedelta(hours=24) - last_used = timezone.now() diff --git a/adit/shared/token_authentication/forms.py b/adit/shared/token_authentication/forms.py deleted file mode 100644 index 4c3e0b6d..00000000 --- a/adit/shared/token_authentication/forms.py +++ /dev/null @@ -1,60 +0,0 @@ -from crispy_forms.helper import FormHelper -from crispy_forms.layout import Div, Field, Layout, Submit -from django import forms - -from adit.shared.accounts.models import User - -from .models import Token - -EXPIRY_TIMES = ( - (24, "1 Day"), - (7 * 24, "7 Days"), - (30 * 24, "30 Days"), - (90 * 24, "90 Days"), -) - - -class GenerateTokenForm(forms.ModelForm): - class Meta: - model = Token - fields = ["description"] - - def __init__(self, *args, **kwargs): - self.user: User = kwargs.pop("user") - - super().__init__(*args, **kwargs) - - expiry_times = EXPIRY_TIMES - if self.user.has_perm("token_authentication.can_generate_never_expiring_token"): - expiry_times = expiry_times + ((0, "Never"),) - - self.fields["expiry_time"] = forms.ChoiceField(choices=expiry_times, label="Expiry Time") - - self.fields["description"].widget.attrs["placeholder"] = "Optional" - - self.helper = FormHelper(self) - self.helper.form_id = "generate_token_form" - self.helper.add_input(Submit("save", "Generate Token")) - self.helper.layout = Layout( - Div( - Div( - Field("expiry_time"), - css_class="col-3", - ), - Div( - Field("description"), - css_class="col-9", - ), - css_class="row", - ), - ) - - def clean_expiry_time(self): - expiry_time = self.cleaned_data["expiry_time"] - if not self.user.has_perm("token_authentication.can_generate_never_expiring_token"): - if expiry_time == "0": - raise forms.ValidationError( - "You do not have permission to generate never expiring tokens." - ) - - return expiry_time diff --git a/adit/shared/token_authentication/migrations/0001_initial.py b/adit/shared/token_authentication/migrations/0001_initial.py deleted file mode 100644 index a49e6140..00000000 --- a/adit/shared/token_authentication/migrations/0001_initial.py +++ /dev/null @@ -1,72 +0,0 @@ -# Generated by Django 4.2.2 on 2023-06-15 12:59 - -import datetime -from django.conf import settings -from django.db import migrations, models -import django.db.models.deletion - - -class Migration(migrations.Migration): - initial = True - - dependencies = [ - migrations.swappable_dependency(settings.AUTH_USER_MODEL), - ] - - operations = [ - migrations.CreateModel( - name="TokenSettings", - fields=[ - ( - "id", - models.BigAutoField( - auto_created=True, primary_key=True, serialize=False, verbose_name="ID" - ), - ), - ("locked", models.BooleanField(default=False)), - ("suspended", models.BooleanField(default=False)), - ( - "slot_begin_time", - models.TimeField( - default=datetime.time(22, 0), help_text="Must be set in UTC time zone." - ), - ), - ( - "slot_end_time", - models.TimeField( - default=datetime.time(8, 0), help_text="Must be set in UTC time zone." - ), - ), - ("transfer_timeout", models.IntegerField(default=3)), - ], - options={ - "verbose_name_plural": "Token settings", - }, - ), - migrations.CreateModel( - name="Token", - fields=[ - ( - "id", - models.BigAutoField( - auto_created=True, primary_key=True, serialize=False, verbose_name="ID" - ), - ), - ("token_string", models.TextField(max_length=30)), - ("created_time", models.DateTimeField(auto_now_add=True)), - ("client", models.TextField(max_length=100)), - ("expiry_time", models.DateTimeField()), - ("expires", models.BooleanField(default=True)), - ("last_used", models.DateTimeField(auto_now=True)), - ( - "author", - models.ForeignKey( - on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL - ), - ), - ], - options={ - "permissions": [("manage_auth_tokens", "Can manage REST authentication tokens")], - }, - ), - ] diff --git a/adit/shared/token_authentication/migrations/0002_token_fraction_alter_token_token_string.py b/adit/shared/token_authentication/migrations/0002_token_fraction_alter_token_token_string.py deleted file mode 100644 index 813d4f32..00000000 --- a/adit/shared/token_authentication/migrations/0002_token_fraction_alter_token_token_string.py +++ /dev/null @@ -1,23 +0,0 @@ -# Generated by Django 4.2.3 on 2023-07-20 13:30 - -from django.db import migrations, models - - -class Migration(migrations.Migration): - dependencies = [ - ("token_authentication", "0001_initial"), - ] - - operations = [ - migrations.AddField( - model_name="token", - name="fraction", - field=models.TextField(default="toke", max_length=4), - preserve_default=False, - ), - migrations.AlterField( - model_name="token", - name="token_string", - field=models.TextField(max_length=128), - ), - ] diff --git a/adit/shared/token_authentication/migrations/0003_alter_token_client.py b/adit/shared/token_authentication/migrations/0003_alter_token_client.py deleted file mode 100644 index 0d64787a..00000000 --- a/adit/shared/token_authentication/migrations/0003_alter_token_client.py +++ /dev/null @@ -1,17 +0,0 @@ -# Generated by Django 4.2.3 on 2023-07-20 16:24 - -from django.db import migrations, models - - -class Migration(migrations.Migration): - dependencies = [ - ("token_authentication", "0002_token_fraction_alter_token_token_string"), - ] - - operations = [ - migrations.AlterField( - model_name="token", - name="client", - field=models.TextField(max_length=100, unique=True), - ), - ] diff --git a/adit/shared/token_authentication/migrations/0004_rename_token_string_token_token_hashed.py b/adit/shared/token_authentication/migrations/0004_rename_token_string_token_token_hashed.py deleted file mode 100644 index c94348a4..00000000 --- a/adit/shared/token_authentication/migrations/0004_rename_token_string_token_token_hashed.py +++ /dev/null @@ -1,17 +0,0 @@ -# Generated by Django 4.2.3 on 2023-07-23 13:53 - -from django.db import migrations - - -class Migration(migrations.Migration): - dependencies = [ - ("token_authentication", "0003_alter_token_client"), - ] - - operations = [ - migrations.RenameField( - model_name="token", - old_name="token_string", - new_name="token_hashed", - ), - ] diff --git a/adit/shared/token_authentication/migrations/0005_alter_token_options_remove_token_expires_and_more.py b/adit/shared/token_authentication/migrations/0005_alter_token_options_remove_token_expires_and_more.py deleted file mode 100644 index c8cf5a37..00000000 --- a/adit/shared/token_authentication/migrations/0005_alter_token_options_remove_token_expires_and_more.py +++ /dev/null @@ -1,29 +0,0 @@ -# Generated by Django 4.2.3 on 2023-07-23 23:16 - -from django.db import migrations, models - - -class Migration(migrations.Migration): - dependencies = [ - ("token_authentication", "0004_rename_token_string_token_token_hashed"), - ] - - operations = [ - migrations.AlterModelOptions( - name="token", - options={ - "permissions": [ - ("can_generate_never_expiring_token", "Can generate never expiring token") - ] - }, - ), - migrations.RemoveField( - model_name="token", - name="expires", - ), - migrations.AlterField( - model_name="token", - name="expiry_time", - field=models.DateTimeField(blank=True, null=True), - ), - ] diff --git a/adit/shared/token_authentication/migrations/0006_rename_expiry_time_token_expires.py b/adit/shared/token_authentication/migrations/0006_rename_expiry_time_token_expires.py deleted file mode 100644 index 80b16758..00000000 --- a/adit/shared/token_authentication/migrations/0006_rename_expiry_time_token_expires.py +++ /dev/null @@ -1,17 +0,0 @@ -# Generated by Django 4.2.3 on 2023-07-23 23:21 - -from django.db import migrations - - -class Migration(migrations.Migration): - dependencies = [ - ("token_authentication", "0005_alter_token_options_remove_token_expires_and_more"), - ] - - operations = [ - migrations.RenameField( - model_name="token", - old_name="expiry_time", - new_name="expires", - ), - ] diff --git a/adit/shared/token_authentication/migrations/0007_alter_token_last_used.py b/adit/shared/token_authentication/migrations/0007_alter_token_last_used.py deleted file mode 100644 index a9d1d172..00000000 --- a/adit/shared/token_authentication/migrations/0007_alter_token_last_used.py +++ /dev/null @@ -1,17 +0,0 @@ -# Generated by Django 4.2.3 on 2023-07-23 23:45 - -from django.db import migrations, models - - -class Migration(migrations.Migration): - dependencies = [ - ("token_authentication", "0006_rename_expiry_time_token_expires"), - ] - - operations = [ - migrations.AlterField( - model_name="token", - name="last_used", - field=models.DateTimeField(blank=True, null=True), - ), - ] diff --git a/adit/shared/token_authentication/migrations/0008_alter_token_token_hashed.py b/adit/shared/token_authentication/migrations/0008_alter_token_token_hashed.py deleted file mode 100644 index 607ff11e..00000000 --- a/adit/shared/token_authentication/migrations/0008_alter_token_token_hashed.py +++ /dev/null @@ -1,17 +0,0 @@ -# Generated by Django 4.2.3 on 2023-07-25 08:47 - -from django.db import migrations, models - - -class Migration(migrations.Migration): - dependencies = [ - ("token_authentication", "0007_alter_token_last_used"), - ] - - operations = [ - migrations.AlterField( - model_name="token", - name="token_hashed", - field=models.TextField(max_length=128, unique=True), - ), - ] diff --git a/adit/shared/token_authentication/migrations/0009_rename_author_token_owner_alter_token_client_and_more.py b/adit/shared/token_authentication/migrations/0009_rename_author_token_owner_alter_token_client_and_more.py deleted file mode 100644 index c6863540..00000000 --- a/adit/shared/token_authentication/migrations/0009_rename_author_token_owner_alter_token_client_and_more.py +++ /dev/null @@ -1,28 +0,0 @@ -# Generated by Django 4.2.3 on 2023-07-27 13:04 - -from django.conf import settings -from django.db import migrations, models - - -class Migration(migrations.Migration): - dependencies = [ - migrations.swappable_dependency(settings.AUTH_USER_MODEL), - ("token_authentication", "0008_alter_token_token_hashed"), - ] - - operations = [ - migrations.RenameField( - model_name="token", - old_name="author", - new_name="owner", - ), - migrations.AlterField( - model_name="token", - name="client", - field=models.TextField(max_length=100), - ), - migrations.AlterUniqueTogether( - name="token", - unique_together={("owner", "client")}, - ), - ] diff --git a/adit/shared/token_authentication/migrations/0010_alter_token_unique_together_and_more.py b/adit/shared/token_authentication/migrations/0010_alter_token_unique_together_and_more.py deleted file mode 100644 index 69f7c69e..00000000 --- a/adit/shared/token_authentication/migrations/0010_alter_token_unique_together_and_more.py +++ /dev/null @@ -1,22 +0,0 @@ -# Generated by Django 4.2.3 on 2023-07-27 14:48 - -from django.db import migrations, models - - -class Migration(migrations.Migration): - dependencies = [ - ("token_authentication", "0009_rename_author_token_owner_alter_token_client_and_more"), - ] - - operations = [ - migrations.AlterUniqueTogether( - name="token", - unique_together=set(), - ), - migrations.AddConstraint( - model_name="token", - constraint=models.UniqueConstraint( - fields=("client", "owner"), name="unique_client_per_user" - ), - ), - ] diff --git a/adit/shared/token_authentication/migrations/0011_delete_tokensettings_alter_token_client_and_more.py b/adit/shared/token_authentication/migrations/0011_delete_tokensettings_alter_token_client_and_more.py deleted file mode 100644 index a10c0a53..00000000 --- a/adit/shared/token_authentication/migrations/0011_delete_tokensettings_alter_token_client_and_more.py +++ /dev/null @@ -1,30 +0,0 @@ -# Generated by Django 4.2.4 on 2023-08-28 11:39 - -from django.db import migrations, models - - -class Migration(migrations.Migration): - dependencies = [ - ("token_authentication", "0010_alter_token_unique_together_and_more"), - ] - - operations = [ - migrations.DeleteModel( - name="TokenSettings", - ), - migrations.AlterField( - model_name="token", - name="client", - field=models.CharField(max_length=100), - ), - migrations.AlterField( - model_name="token", - name="fraction", - field=models.CharField(max_length=4), - ), - migrations.AlterField( - model_name="token", - name="token_hashed", - field=models.CharField(max_length=128, unique=True), - ), - ] diff --git a/adit/shared/token_authentication/migrations/0012_remove_token_unique_client_per_user_and_more.py b/adit/shared/token_authentication/migrations/0012_remove_token_unique_client_per_user_and_more.py deleted file mode 100644 index 3876215d..00000000 --- a/adit/shared/token_authentication/migrations/0012_remove_token_unique_client_per_user_and_more.py +++ /dev/null @@ -1,21 +0,0 @@ -# Generated by Django 4.2.4 on 2023-08-28 12:10 - -from django.db import migrations - - -class Migration(migrations.Migration): - dependencies = [ - ("token_authentication", "0011_delete_tokensettings_alter_token_client_and_more"), - ] - - operations = [ - migrations.RemoveConstraint( - model_name="token", - name="unique_client_per_user", - ), - migrations.RenameField( - model_name="token", - old_name="client", - new_name="description", - ), - ] diff --git a/adit/shared/token_authentication/migrations/0013_alter_token_description.py b/adit/shared/token_authentication/migrations/0013_alter_token_description.py deleted file mode 100644 index 95247f0b..00000000 --- a/adit/shared/token_authentication/migrations/0013_alter_token_description.py +++ /dev/null @@ -1,17 +0,0 @@ -# Generated by Django 4.2.4 on 2023-08-28 12:26 - -from django.db import migrations, models - - -class Migration(migrations.Migration): - dependencies = [ - ("token_authentication", "0012_remove_token_unique_client_per_user_and_more"), - ] - - operations = [ - migrations.AlterField( - model_name="token", - name="description", - field=models.CharField(blank=True, max_length=120), - ), - ] diff --git a/adit/shared/token_authentication/migrations/__init__.py b/adit/shared/token_authentication/migrations/__init__.py deleted file mode 100644 index e69de29b..00000000 diff --git a/adit/shared/token_authentication/models.py b/adit/shared/token_authentication/models.py deleted file mode 100644 index 4dffe289..00000000 --- a/adit/shared/token_authentication/models.py +++ /dev/null @@ -1,60 +0,0 @@ -import binascii -from datetime import datetime -from os import urandom - -import pytz -from django.contrib.auth.models import AbstractBaseUser, AnonymousUser -from django.db import models - -from adit.shared.accounts.models import User - -from .utils.crypto import hash_token - -TOKEN_LENGTH = 20 # Length of the unhashed token -FRACTION_LENGTH = 4 # Length of the token hint visible to the user in the table - - -class TokenManager(models.Manager["Token"]): - def create_token( - self, - user: AbstractBaseUser | AnonymousUser, - description: str, - expires: datetime | None, - ): - token_string = binascii.hexlify(urandom(TOKEN_LENGTH)).decode() - token_hashed = hash_token(token_string) - token = self.create( - owner=user, - token_hashed=token_hashed, - fraction=token_string[:FRACTION_LENGTH], - description=description, - expires=expires, - ) - return token, token_string - - -class Token(models.Model): - owner = models.ForeignKey(User, on_delete=models.CASCADE) - token_hashed = models.CharField(max_length=128, unique=True) - fraction = models.CharField(max_length=FRACTION_LENGTH) - description = models.CharField(blank=True, max_length=120) - expires = models.DateTimeField(blank=True, null=True) - created_time = models.DateTimeField(auto_now_add=True) - last_used = models.DateTimeField(blank=True, null=True) - - objects = TokenManager() - - class Meta: - permissions = [ - ( - "can_generate_never_expiring_token", - "Can generate never expiring token", - ) - ] - - def __str__(self): - return self.token_hashed - - def is_expired(self): - utc = pytz.UTC - return self.expires and self.expires < utc.localize(datetime.now()) diff --git a/adit/shared/token_authentication/static/token_authentication/token_authentication.js b/adit/shared/token_authentication/static/token_authentication/token_authentication.js deleted file mode 100644 index 77339d6c..00000000 --- a/adit/shared/token_authentication/static/token_authentication/token_authentication.js +++ /dev/null @@ -1,19 +0,0 @@ -"use strict"; - -/** - * Alpine data model for token authentication - * @returns {object} Alpine data model - */ -function newToken() { - return { - /** - * Copy the token to the clipboard. - * @param {string} token - * @returns {void} - */ - copyTokenToClipboard: function (token) { - navigator.clipboard.writeText(token); - showToast("success", "Clipboard", "Copied token to clipboard!"); - }, - }; -} diff --git a/adit/shared/token_authentication/templates/token_authentication/_generate_token_help_modal.html b/adit/shared/token_authentication/templates/token_authentication/_generate_token_help_modal.html deleted file mode 100644 index 77d508b8..00000000 --- a/adit/shared/token_authentication/templates/token_authentication/_generate_token_help_modal.html +++ /dev/null @@ -1,15 +0,0 @@ -{% extends "core/_message_modal.html" %} -{% block modal_title %} - REST Authentication Token Help -{% endblock modal_title %} -{% block modal_body %} -

- With this feature you can generate an authentication token to authenticate - your third party REST application. -

-

- The token should be included in the request header like this: -
- Authorization: Token 9944b09199c62bcf9418ad846dd0e4bbdfc6ee4b -

-{% endblock modal_body %} diff --git a/adit/shared/token_authentication/templates/token_authentication/token_authentication_layout.html b/adit/shared/token_authentication/templates/token_authentication/token_authentication_layout.html deleted file mode 100644 index 6040c0ad..00000000 --- a/adit/shared/token_authentication/templates/token_authentication/token_authentication_layout.html +++ /dev/null @@ -1,5 +0,0 @@ -{% extends "core/core_layout.html" %} -{% load static from static %} -{% block script %} - -{% endblock script %} diff --git a/adit/shared/token_authentication/templates/token_authentication/token_dashboard.html b/adit/shared/token_authentication/templates/token_authentication/token_dashboard.html deleted file mode 100644 index 680e7f8f..00000000 --- a/adit/shared/token_authentication/templates/token_authentication/token_dashboard.html +++ /dev/null @@ -1,85 +0,0 @@ -{% extends "token_authentication/token_authentication_layout.html" %} -{% load render_table from django_tables2 %} -{% load crispy from crispy_forms_tags %} -{% block heading %} -
-

- REST Authentication Tokens - {% include "core/_help_button.html" with target="#generate_token_help_modal" only %} -

-
-{% endblock heading %} -{% block content %} - - {% if new_token %} -
-
-
Sucessfully generated a REST authentication token.
- This token will only be visible once, so make sure to copy it - now and store it in a safe place. As you will not be able to - see it again, you will have to generate a new token if you lose - it. -
-
-

- {{ new_token }} - -

-
-
- {% endif %} - -
- {% if tokens %} -
Existing tokens
- - - - - - - - - - - - - {% for token in tokens reversed %} - - - - - - - - - {% endfor %} - -
TokenDescriptionCreatedExpiresLast UsedActions
{{ token.fraction }}...{{ token.description|default:"—" }}{{ token.created_time }}{{ token.expires|default_if_none:"Never" }}{{ token.last_used|default_if_none:"Never" }} -
- {% csrf_token %} - -
-
- {% else %} -
No generated tokens
- {% endif %} -
- -
-
Generate a new token
-
- {% csrf_token %} - {% crispy form %} -
-
-{% endblock content %} -{% block bottom %} - {% include 'token_authentication/_generate_token_help_modal.html' with modal_id="generate_token_help_modal" %} -{% endblock bottom %} diff --git a/adit/shared/token_authentication/tests/__init__.py b/adit/shared/token_authentication/tests/__init__.py deleted file mode 100644 index e69de29b..00000000 diff --git a/adit/shared/token_authentication/tests/integration/conftest.py b/adit/shared/token_authentication/tests/integration/conftest.py deleted file mode 100644 index 92e96652..00000000 --- a/adit/shared/token_authentication/tests/integration/conftest.py +++ /dev/null @@ -1,5 +0,0 @@ -import os - -# Workaround to make playwright work with Django -# see https://github.com/microsoft/playwright-pytest/issues/29#issuecomment-731515676 -os.environ.setdefault("DJANGO_ALLOW_ASYNC_UNSAFE", "true") diff --git a/adit/shared/token_authentication/tests/integration/test_token_authentication.py b/adit/shared/token_authentication/tests/integration/test_token_authentication.py deleted file mode 100644 index b53e1abd..00000000 --- a/adit/shared/token_authentication/tests/integration/test_token_authentication.py +++ /dev/null @@ -1,48 +0,0 @@ -import pytest -import requests -from playwright.sync_api import Page, expect - - -@pytest.mark.integration -@pytest.mark.django_db(transaction=True) -def test_create_and_delete_authentication_token( - page: Page, - channels_live_server, - create_and_login_user, -): - user = create_and_login_user(channels_live_server.url) - user.join_group("token_authentication_group") - page.goto(channels_live_server.url + "/token-authentication/") - - page.get_by_label("Description").fill("Just a test token") - page.get_by_text("Generate Token").click() - expect(page.locator("#unhashed-token-string")).to_be_visible() - token = page.locator("#unhashed-token-string").inner_text() - - response = requests.get( - channels_live_server.url + "/token-authentication/test", - headers={"Authorization": f"Token {token}"}, - ) - assert response.status_code == 200 - - expect(page.locator("table").get_by_text("Just a test token")).to_be_visible() - page.get_by_label("Delete token").click() - expect(page.locator("table").get_by_text("Just a test token")).not_to_be_visible() - - response = requests.get( - channels_live_server.url + "/token-authentication/test", - headers={"Authorization": f"Token {token}"}, - ) - assert response.status_code == 401 - - -@pytest.mark.integration -@pytest.mark.django_db(transaction=True) -def test_invalid_authentication_token( - channels_live_server, -): - response = requests.get( - channels_live_server.url + "/token-authentication/test", - headers={"Authorization": "Token invalid_token"}, - ) - assert response.status_code == 401 diff --git a/adit/shared/token_authentication/urls.py b/adit/shared/token_authentication/urls.py deleted file mode 100644 index 9be66efb..00000000 --- a/adit/shared/token_authentication/urls.py +++ /dev/null @@ -1,17 +0,0 @@ -from django.urls import path - -from .views import DeleteTokenView, TestView, TokenDashboardView - -urlpatterns = [ - path( - "", - TokenDashboardView.as_view(), - name="token_dashboard", - ), - path( - "/delete-token", - DeleteTokenView.as_view(), - name="delete_token", - ), - path("test", TestView.as_view(), name="test_view"), -] diff --git a/adit/shared/token_authentication/utils/__init__.py b/adit/shared/token_authentication/utils/__init__.py deleted file mode 100644 index e69de29b..00000000 diff --git a/adit/shared/token_authentication/utils/crypto.py b/adit/shared/token_authentication/utils/crypto.py deleted file mode 100644 index a7ad780b..00000000 --- a/adit/shared/token_authentication/utils/crypto.py +++ /dev/null @@ -1,12 +0,0 @@ -from django.conf import settings -from django.contrib.auth.hashers import check_password, make_password - - -def hash_token(token_string: str) -> str: - # We use a fixed salt to always generate the same hash for the same token string. - # Rainbow attacks doesn't matter here as the token string itself is random. - return make_password(token_string, settings.TOKEN_AUTHENTICATION_SALT) - - -def verify_token(token_string: str, token_hashed: str) -> bool: - return check_password(token_string, token_hashed) diff --git a/adit/shared/token_authentication/views.py b/adit/shared/token_authentication/views.py deleted file mode 100644 index b0fa9ce2..00000000 --- a/adit/shared/token_authentication/views.py +++ /dev/null @@ -1,79 +0,0 @@ -import datetime -from typing import Any - -from django.contrib.auth.mixins import LoginRequiredMixin, PermissionRequiredMixin -from django.urls import reverse_lazy -from django.views.generic import DeleteView, FormView -from rest_framework.request import Request -from rest_framework.response import Response -from rest_framework.views import APIView - -from adit.core.mixins import OwnerRequiredMixin - -from .forms import GenerateTokenForm -from .models import Token - - -class TokenDashboardView( - LoginRequiredMixin, - PermissionRequiredMixin, - FormView, -): - template_name = "token_authentication/token_dashboard.html" - form_class = GenerateTokenForm - success_url = reverse_lazy("token_dashboard") - permission_required = ( - "token_authentication.view_token", - "token_authentication.add_token", - ) - - def get_form_kwargs(self) -> dict[str, Any]: - kwargs = super().get_form_kwargs() - kwargs.update({"user": self.request.user}) - return kwargs - - def form_valid(self, form): - data = form.cleaned_data - expiry_time = int(data["expiry_time"]) - expires = None - if expiry_time > 0: - expires = datetime.datetime.now() + datetime.timedelta(hours=expiry_time) - try: - description: str = data["description"] - _, token_string = Token.objects.create_token( - user=self.request.user, - description=description, - expires=expires, - ) - except Exception as err: - form.add_error(None, str(err)) - return super().form_invalid(form) - - self.request.session["new_token"] = token_string - return super().form_valid(form) - - def get_context_data(self, **kwargs): - context = super().get_context_data(**kwargs) - - new_token = self.request.session.pop("new_token", None) - tokens = Token.objects.filter(owner=self.request.user) - - context.update({"new_token": new_token, "tokens": tokens}) - - return context - - -class DeleteTokenView( - LoginRequiredMixin, - PermissionRequiredMixin, - OwnerRequiredMixin, - DeleteView, -): - permission_required = "token_authentication.delete_token" - model = Token - success_url = reverse_lazy("token_dashboard") - - -class TestView(APIView): - def get(self, request: Request): - return Response({"message": "OK"}) From 59c7ba81c1b71c14baffb20072051ff23da6adf4 Mon Sep 17 00:00:00 2001 From: Kai Schlamp Date: Mon, 28 Aug 2023 18:45:46 +0000 Subject: [PATCH 08/13] Squashed 'adit/shared/' content from commit f87f71a3 git-subtree-dir: adit/shared git-subtree-split: f87f71a37df85c54f0ed510c964c1bf52afc54b1 --- .gitignore | 157 ++++ LICENSE | 674 ++++++++++++++++++ README.md | 7 + __init__.py | 0 accounts/__init__.py | 0 accounts/admin.py | 38 + accounts/apps.py | 5 + accounts/factories.py | 45 ++ accounts/forms.py | 42 ++ accounts/migrations/0001_initial.py | 47 ++ accounts/migrations/0002_alter_user_id.py | 18 + ...3_rename_misc_settings_user_preferences.py | 17 + .../migrations/0004_alter_user_preferences.py | 17 + accounts/migrations/0005_institute.py | 32 + accounts/migrations/__init__.py | 0 accounts/models.py | 51 ++ .../templates/accounts/accounts_layout.html | 1 + accounts/templates/accounts/profile.html | 42 ++ accounts/tests/integration/conftest.py | 5 + accounts/tests/integration/test_login.py | 9 + accounts/urls.py | 8 + accounts/utils.py | 44 ++ accounts/views.py | 31 + templates/registration/README.md | 2 + templates/registration/activate.html | 11 + .../registration/activation_complete.html | 16 + .../activation_complete_admin_pending.html | 19 + templates/registration/activation_email.html | 43 ++ templates/registration/activation_email.txt | 24 + .../registration/activation_email_subject.txt | 1 + templates/registration/admin_approve.html | 8 + .../registration/admin_approve_complete.html | 11 + .../admin_approve_complete_email.html | 17 + .../admin_approve_complete_email.txt | 5 + .../admin_approve_complete_email_subject.txt | 1 + .../registration/admin_approve_email.html | 57 ++ .../registration/admin_approve_email.txt | 16 + .../admin_approve_email_subject.txt | 1 + templates/registration/login.html | 39 + templates/registration/logout.html | 12 + .../registration/password_change_done.html | 11 + .../registration/password_change_form.html | 20 + .../registration/password_reset_complete.html | 14 + .../registration/password_reset_confirm.html | 25 + .../registration/password_reset_done.html | 17 + .../registration/password_reset_email.html | 25 + .../registration/password_reset_form.html | 24 + templates/registration/registration_base.html | 1 + .../registration/registration_closed.html | 11 + .../registration/registration_complete.html | 19 + templates/registration/registration_form.html | 12 + .../resend_activation_complete.html | 23 + .../registration/resend_activation_form.html | 16 + token_authentication/__init__.py | 0 token_authentication/admin.py | 20 + token_authentication/apps.py | 27 + token_authentication/auth.py | 74 ++ token_authentication/factories.py | 23 + token_authentication/forms.py | 60 ++ .../migrations/0001_initial.py | 72 ++ ...token_fraction_alter_token_token_string.py | 23 + .../migrations/0003_alter_token_client.py | 17 + ..._rename_token_string_token_token_hashed.py | 17 + ...n_options_remove_token_expires_and_more.py | 29 + .../0006_rename_expiry_time_token_expires.py | 17 + .../migrations/0007_alter_token_last_used.py | 17 + .../0008_alter_token_token_hashed.py | 17 + ...token_owner_alter_token_client_and_more.py | 28 + ...10_alter_token_unique_together_and_more.py | 22 + ...kensettings_alter_token_client_and_more.py | 30 + ...e_token_unique_client_per_user_and_more.py | 21 + .../0013_alter_token_description.py | 17 + token_authentication/migrations/__init__.py | 0 token_authentication/models.py | 60 ++ .../token_authentication.js | 19 + .../_generate_token_help_modal.html | 15 + .../token_authentication_layout.html | 5 + .../token_authentication/token_dashboard.html | 85 +++ token_authentication/tests/__init__.py | 0 .../tests/integration/conftest.py | 5 + .../integration/test_token_authentication.py | 48 ++ token_authentication/urls.py | 17 + token_authentication/utils/__init__.py | 0 token_authentication/utils/crypto.py | 12 + token_authentication/views.py | 79 ++ 85 files changed, 2667 insertions(+) create mode 100644 .gitignore create mode 100644 LICENSE create mode 100644 README.md create mode 100644 __init__.py create mode 100644 accounts/__init__.py create mode 100644 accounts/admin.py create mode 100644 accounts/apps.py create mode 100644 accounts/factories.py create mode 100644 accounts/forms.py create mode 100644 accounts/migrations/0001_initial.py create mode 100644 accounts/migrations/0002_alter_user_id.py create mode 100644 accounts/migrations/0003_rename_misc_settings_user_preferences.py create mode 100644 accounts/migrations/0004_alter_user_preferences.py create mode 100644 accounts/migrations/0005_institute.py create mode 100644 accounts/migrations/__init__.py create mode 100644 accounts/models.py create mode 100644 accounts/templates/accounts/accounts_layout.html create mode 100644 accounts/templates/accounts/profile.html create mode 100644 accounts/tests/integration/conftest.py create mode 100644 accounts/tests/integration/test_login.py create mode 100644 accounts/urls.py create mode 100644 accounts/utils.py create mode 100644 accounts/views.py create mode 100644 templates/registration/README.md create mode 100755 templates/registration/activate.html create mode 100755 templates/registration/activation_complete.html create mode 100644 templates/registration/activation_complete_admin_pending.html create mode 100644 templates/registration/activation_email.html create mode 100644 templates/registration/activation_email.txt create mode 100644 templates/registration/activation_email_subject.txt create mode 100644 templates/registration/admin_approve.html create mode 100644 templates/registration/admin_approve_complete.html create mode 100644 templates/registration/admin_approve_complete_email.html create mode 100644 templates/registration/admin_approve_complete_email.txt create mode 100644 templates/registration/admin_approve_complete_email_subject.txt create mode 100644 templates/registration/admin_approve_email.html create mode 100644 templates/registration/admin_approve_email.txt create mode 100644 templates/registration/admin_approve_email_subject.txt create mode 100755 templates/registration/login.html create mode 100755 templates/registration/logout.html create mode 100755 templates/registration/password_change_done.html create mode 100755 templates/registration/password_change_form.html create mode 100755 templates/registration/password_reset_complete.html create mode 100755 templates/registration/password_reset_confirm.html create mode 100755 templates/registration/password_reset_done.html create mode 100755 templates/registration/password_reset_email.html create mode 100755 templates/registration/password_reset_form.html create mode 100755 templates/registration/registration_base.html create mode 100755 templates/registration/registration_closed.html create mode 100755 templates/registration/registration_complete.html create mode 100755 templates/registration/registration_form.html create mode 100644 templates/registration/resend_activation_complete.html create mode 100644 templates/registration/resend_activation_form.html create mode 100644 token_authentication/__init__.py create mode 100644 token_authentication/admin.py create mode 100644 token_authentication/apps.py create mode 100644 token_authentication/auth.py create mode 100644 token_authentication/factories.py create mode 100644 token_authentication/forms.py create mode 100644 token_authentication/migrations/0001_initial.py create mode 100644 token_authentication/migrations/0002_token_fraction_alter_token_token_string.py create mode 100644 token_authentication/migrations/0003_alter_token_client.py create mode 100644 token_authentication/migrations/0004_rename_token_string_token_token_hashed.py create mode 100644 token_authentication/migrations/0005_alter_token_options_remove_token_expires_and_more.py create mode 100644 token_authentication/migrations/0006_rename_expiry_time_token_expires.py create mode 100644 token_authentication/migrations/0007_alter_token_last_used.py create mode 100644 token_authentication/migrations/0008_alter_token_token_hashed.py create mode 100644 token_authentication/migrations/0009_rename_author_token_owner_alter_token_client_and_more.py create mode 100644 token_authentication/migrations/0010_alter_token_unique_together_and_more.py create mode 100644 token_authentication/migrations/0011_delete_tokensettings_alter_token_client_and_more.py create mode 100644 token_authentication/migrations/0012_remove_token_unique_client_per_user_and_more.py create mode 100644 token_authentication/migrations/0013_alter_token_description.py create mode 100644 token_authentication/migrations/__init__.py create mode 100644 token_authentication/models.py create mode 100644 token_authentication/static/token_authentication/token_authentication.js create mode 100644 token_authentication/templates/token_authentication/_generate_token_help_modal.html create mode 100644 token_authentication/templates/token_authentication/token_authentication_layout.html create mode 100644 token_authentication/templates/token_authentication/token_dashboard.html create mode 100644 token_authentication/tests/__init__.py create mode 100644 token_authentication/tests/integration/conftest.py create mode 100644 token_authentication/tests/integration/test_token_authentication.py create mode 100644 token_authentication/urls.py create mode 100644 token_authentication/utils/__init__.py create mode 100644 token_authentication/utils/crypto.py create mode 100644 token_authentication/views.py diff --git a/.gitignore b/.gitignore new file mode 100644 index 00000000..489019ff --- /dev/null +++ b/.gitignore @@ -0,0 +1,157 @@ +# Byte-compiled / optimized / DLL files +__pycache__/ +*.py[cod] +*$py.class + +# C extensions +*.so + +# Distribution / packaging +.Python +build/ +develop-eggs/ +dist/ +downloads/ +eggs/ +.eggs/ +lib/ +lib64/ +parts/ +sdist/ +var/ +wheels/ +pip-wheel-metadata/ +share/python-wheels/ +*.egg-info/ +.installed.cfg +*.egg +MANIFEST + +# PyInstaller +# Usually these files are written by a python script from a template +# before PyInstaller builds the exe, so as to inject date/other infos into it. +*.manifest +*.spec + +# Installer logs +pip-log.txt +pip-delete-this-directory.txt + +# Unit test / coverage reports +htmlcov/ +.tox/ +.nox/ +.coverage +.coverage.* +.cache +nosetests.xml +coverage.xml +*.cover +*.py,cover +.hypothesis/ +.pytest_cache/ +test-results/ + +# Translations +*.mo +*.pot + +# Django stuff: +*.log +local_settings.py +db.sqlite3 +db.sqlite3-journal + +# Flask stuff: +instance/ +.webassets-cache + +# Scrapy stuff: +.scrapy + +# Sphinx documentation +docs/_build/ + +# PyBuilder +target/ + +# Jupyter Notebook +.ipynb_checkpoints + +# IPython +profile_default/ +ipython_config.py + +# pyenv +.python-version + +# pipenv +# According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. +# However, in case of collaboration, if having platform-specific dependencies or dependencies +# having no cross-platform support, pipenv may install dependencies that don't work, or not +# install all needed dependencies. +#Pipfile.lock + +# PEP 582; used by e.g. github.com/David-OConnor/pyflow +__pypackages__/ + +# Celery stuff +celerybeat-schedule +celerybeat.pid + +# SageMath parsed files +*.sage.py + +# Environments +.env +.env.* +.venv +env/ +venv/ +ENV/ +env.bak/ +venv.bak/ + +# Spyder project settings +.spyderproject +.spyproject + +# Rope project settings +.ropeproject + +# mkdocs documentation +/site + +# mypy +.mypy_cache/ +.dmypy.json +dmypy.json + +# Pyre type checker +.pyre/ + +# Javascript dev dependencies +node_modules/ + +# Database of pytest-testmon +.testmondata + +# The Orthanc storage folders +OrthancStorage* + +# Redis DB dump +dump.rdb + +# SQLite databases +*.db + +#PyCharm +.idea/ + +#virtualenv +bin/ +share/ +pyvenv.cfg + +# ADIT specific +.dicoms diff --git a/LICENSE b/LICENSE new file mode 100644 index 00000000..4123b4cc --- /dev/null +++ b/LICENSE @@ -0,0 +1,674 @@ + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2020 Kai Schlamp, Heidelberg + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +Also add information on how to contact you by electronic and paper mail. + + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: + + Copyright (C) + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +. \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 00000000..08bb02d9 --- /dev/null +++ b/README.md @@ -0,0 +1,7 @@ +# Shared code + +This folder contains shared code between ADIT and RADIS, mainly account and authentication stuff. + +## License + +- GPL 3.0 or later diff --git a/__init__.py b/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/accounts/__init__.py b/accounts/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/accounts/admin.py b/accounts/admin.py new file mode 100644 index 00000000..db96d751 --- /dev/null +++ b/accounts/admin.py @@ -0,0 +1,38 @@ +from django.contrib import admin +from django.contrib.auth.admin import UserAdmin + +from adit.core.models import DicomNodeInstituteAccess + +from .models import Institute, User + + +class MyUserAdmin(UserAdmin): + ordering = ("date_joined",) + list_display = ( + "username", + "email", + "date_joined", + "first_name", + "last_name", + "is_staff", + ) + change_form_template = "loginas/change_form.html" + + +admin.site.register(User, MyUserAdmin) + + +class DicomNodeInstituteAccessInline(admin.TabularInline): + model = DicomNodeInstituteAccess + extra = 1 + ordering = ("institute__name",) + + +class InstituteAdmin(admin.ModelAdmin): + list_display = ("name", "description") + ordering = ("name",) + filter_horizontal = ("users",) + inlines = (DicomNodeInstituteAccessInline,) + + +admin.site.register(Institute, InstituteAdmin) diff --git a/accounts/apps.py b/accounts/apps.py new file mode 100644 index 00000000..24ee61fd --- /dev/null +++ b/accounts/apps.py @@ -0,0 +1,5 @@ +from django.apps import AppConfig + + +class AccountsConfig(AppConfig): + name = "adit.shared.accounts" diff --git a/accounts/factories.py b/accounts/factories.py new file mode 100644 index 00000000..702f15e3 --- /dev/null +++ b/accounts/factories.py @@ -0,0 +1,45 @@ +from typing import Generic, TypeVar + +import factory + +from .models import Institute, User + +T = TypeVar("T") + + +# We can't use BaseDjangoModelFactory of adit.core.factories because of circular imports +class BaseDjangoModelFactory(Generic[T], factory.django.DjangoModelFactory): + @classmethod + def create(cls, *args, **kwargs) -> T: + return super().create(*args, **kwargs) + + +class UserFactory(BaseDjangoModelFactory[User]): + class Meta: + model = User + django_get_or_create = ("username",) + + username = factory.Sequence(lambda n: f"user_{n}") + email = factory.Faker("email") + password = factory.PostGenerationMethodCall("set_password", "userpass") + first_name = factory.Faker("first_name") + last_name = factory.Faker("last_name") + phone_number = factory.Faker("phone_number") + department = factory.Faker("company") + + +class AdminUserFactory(UserFactory): + username = "admin" + email = "admin@adit.test" + password = factory.PostGenerationMethodCall("set_password", "admin") + is_superuser = True + is_staff = True + + +class InstituteFactory(BaseDjangoModelFactory[Institute]): + class Meta: + model = Institute + django_get_or_create = ("name",) + + name = factory.Sequence(lambda n: f"Institute {n}") + description = factory.Faker("text", max_nb_chars=200) diff --git a/accounts/forms.py b/accounts/forms.py new file mode 100644 index 00000000..d071ef66 --- /dev/null +++ b/accounts/forms.py @@ -0,0 +1,42 @@ +from typing import Any + +from crispy_forms.helper import FormHelper +from crispy_forms.layout import Submit +from django.contrib.auth.forms import AuthenticationForm, UserCreationForm + +from .models import User + + +class CrispyAuthentificationForm(AuthenticationForm): + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + self.helper = FormHelper(self) + self.helper.form_class = "form-horizontal" + self.helper.label_class = "col-lg-2" + self.helper.field_class = "col-lg-8" + self.helper.add_input(Submit("login", "Login")) + + +class RegistrationForm(UserCreationForm): + class Meta: + model = User + fields = ( + "username", + "password1", + "password2", + "email", + "first_name", + "last_name", + "phone_number", + "department", + ) + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + self.fields["email"].required = True + self.fields["first_name"].required = True + self.fields["last_name"].required = True + + self.helper = FormHelper(self) + self.helper.add_input(Submit("register", "Register")) diff --git a/accounts/migrations/0001_initial.py b/accounts/migrations/0001_initial.py new file mode 100644 index 00000000..0a2e6321 --- /dev/null +++ b/accounts/migrations/0001_initial.py @@ -0,0 +1,47 @@ +# Generated by Django 3.1.3 on 2021-01-18 15:48 + +import django.contrib.auth.models +import django.contrib.auth.validators +from django.db import migrations, models +import django.utils.timezone + + +class Migration(migrations.Migration): + + initial = True + + dependencies = [ + ('auth', '0012_alter_user_first_name_max_length'), + ] + + operations = [ + migrations.CreateModel( + name='User', + fields=[ + ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), + ('password', models.CharField(max_length=128, verbose_name='password')), + ('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')), + ('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')), + ('username', models.CharField(error_messages={'unique': 'A user with that username already exists.'}, help_text='Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.', max_length=150, unique=True, validators=[django.contrib.auth.validators.UnicodeUsernameValidator()], verbose_name='username')), + ('first_name', models.CharField(blank=True, max_length=150, verbose_name='first name')), + ('last_name', models.CharField(blank=True, max_length=150, verbose_name='last name')), + ('email', models.EmailField(blank=True, max_length=254, verbose_name='email address')), + ('is_staff', models.BooleanField(default=False, help_text='Designates whether the user can log into this admin site.', verbose_name='staff status')), + ('is_active', models.BooleanField(default=True, help_text='Designates whether this user should be treated as active. Unselect this instead of deleting accounts.', verbose_name='active')), + ('date_joined', models.DateTimeField(default=django.utils.timezone.now, verbose_name='date joined')), + ('phone_number', models.CharField(max_length=64)), + ('department', models.CharField(max_length=128)), + ('misc_settings', models.JSONField(blank=True, null=True)), + ('groups', models.ManyToManyField(blank=True, help_text='The groups this user belongs to. A user will get all permissions granted to each of their groups.', related_name='user_set', related_query_name='user', to='auth.Group', verbose_name='groups')), + ('user_permissions', models.ManyToManyField(blank=True, help_text='Specific permissions for this user.', related_name='user_set', related_query_name='user', to='auth.Permission', verbose_name='user permissions')), + ], + options={ + 'verbose_name': 'user', + 'verbose_name_plural': 'users', + 'abstract': False, + }, + managers=[ + ('objects', django.contrib.auth.models.UserManager()), + ], + ), + ] diff --git a/accounts/migrations/0002_alter_user_id.py b/accounts/migrations/0002_alter_user_id.py new file mode 100644 index 00000000..166ef81c --- /dev/null +++ b/accounts/migrations/0002_alter_user_id.py @@ -0,0 +1,18 @@ +# Generated by Django 3.2.2 on 2021-05-10 16:45 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('accounts', '0001_initial'), + ] + + operations = [ + migrations.AlterField( + model_name='user', + name='id', + field=models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'), + ), + ] diff --git a/accounts/migrations/0003_rename_misc_settings_user_preferences.py b/accounts/migrations/0003_rename_misc_settings_user_preferences.py new file mode 100644 index 00000000..22bc9ab2 --- /dev/null +++ b/accounts/migrations/0003_rename_misc_settings_user_preferences.py @@ -0,0 +1,17 @@ +# Generated by Django 4.2.3 on 2023-08-06 08:20 + +from django.db import migrations + + +class Migration(migrations.Migration): + dependencies = [ + ("accounts", "0002_alter_user_id"), + ] + + operations = [ + migrations.RenameField( + model_name="user", + old_name="misc_settings", + new_name="preferences", + ), + ] diff --git a/accounts/migrations/0004_alter_user_preferences.py b/accounts/migrations/0004_alter_user_preferences.py new file mode 100644 index 00000000..26682897 --- /dev/null +++ b/accounts/migrations/0004_alter_user_preferences.py @@ -0,0 +1,17 @@ +# Generated by Django 4.2.3 on 2023-08-06 08:23 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("accounts", "0003_rename_misc_settings_user_preferences"), + ] + + operations = [ + migrations.AlterField( + model_name="user", + name="preferences", + field=models.JSONField(default=dict), + ), + ] diff --git a/accounts/migrations/0005_institute.py b/accounts/migrations/0005_institute.py new file mode 100644 index 00000000..909cb37d --- /dev/null +++ b/accounts/migrations/0005_institute.py @@ -0,0 +1,32 @@ +# Generated by Django 4.2.4 on 2023-08-20 17:21 + +from django.conf import settings +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("accounts", "0004_alter_user_preferences"), + ] + + operations = [ + migrations.CreateModel( + name="Institute", + fields=[ + ( + "id", + models.BigAutoField( + auto_created=True, primary_key=True, serialize=False, verbose_name="ID" + ), + ), + ("name", models.CharField(max_length=128, unique=True)), + ("description", models.TextField(blank=True, max_length=1024)), + ( + "users", + models.ManyToManyField( + blank=True, related_name="institutes", to=settings.AUTH_USER_MODEL + ), + ), + ], + ), + ] diff --git a/accounts/migrations/__init__.py b/accounts/migrations/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/accounts/models.py b/accounts/models.py new file mode 100644 index 00000000..365a411a --- /dev/null +++ b/accounts/models.py @@ -0,0 +1,51 @@ +from typing import TYPE_CHECKING + +from django.contrib.auth.models import AbstractUser, Group, Permission +from django.contrib.contenttypes.models import ContentType +from django.core.exceptions import ObjectDoesNotExist +from django.db import models + +if TYPE_CHECKING: + from django.db.models.manager import RelatedManager + + +class User(AbstractUser): + id: int + phone_number = models.CharField(max_length=64) + department = models.CharField(max_length=128) + preferences = models.JSONField(default=dict) + + if TYPE_CHECKING: + institutes = RelatedManager["Institute"]() + + def is_group_member(self, group_name: str): + return self.groups.filter(name=group_name).exists() + + def join_group(self, group_name: str): + group = Group.objects.get(name=group_name) + self.groups.add(group) + + def add_permission(self, permission_codename: str, model: models.Model | None = None): + if model: + content_type = ContentType.objects.get_for_model(model) + permission = Permission.objects.get( + codename=permission_codename, content_type=content_type + ) + self.user_permissions.add(permission) + else: + permissions = Permission.objects.filter(codename=permission_codename) + + if len(permissions) == 0: + raise ObjectDoesNotExist(f'Permission "{permission_codename}" does not exist.') + + self.user_permissions.add(permissions) + + +class Institute(models.Model): + id: int + name = models.CharField(max_length=128, unique=True) + description = models.TextField(blank=True, max_length=1024) + users = models.ManyToManyField(User, related_name="institutes", blank=True) + + def __str__(self): + return self.name diff --git a/accounts/templates/accounts/accounts_layout.html b/accounts/templates/accounts/accounts_layout.html new file mode 100644 index 00000000..0ff45696 --- /dev/null +++ b/accounts/templates/accounts/accounts_layout.html @@ -0,0 +1 @@ +{% extends "core/core_layout.html" %} diff --git a/accounts/templates/accounts/profile.html b/accounts/templates/accounts/profile.html new file mode 100644 index 00000000..ae694da7 --- /dev/null +++ b/accounts/templates/accounts/profile.html @@ -0,0 +1,42 @@ +{% extends "accounts/accounts_layout.html" %} +{% block heading %} +

Profile information

+{% endblock heading %} +{% block content %} +
+
Username
+
+ {{ user.get_username }} +
+
Email
+
+ {{ user.email }} +
+
Full name
+
+ {{ user.get_full_name }} +
+
Phone number
+
+ {{ user.phone_number }} +
+
Department
+
+ {{ user.department }} +
+
Last login
+
+ {{ user.last_login }} +
+
Date joined
+
+ {{ user.date_joined }} +
+
+
+
Actions
+ Change Password + Manage API Tokens + Logout +
+{% endblock content %} diff --git a/accounts/tests/integration/conftest.py b/accounts/tests/integration/conftest.py new file mode 100644 index 00000000..92e96652 --- /dev/null +++ b/accounts/tests/integration/conftest.py @@ -0,0 +1,5 @@ +import os + +# Workaround to make playwright work with Django +# see https://github.com/microsoft/playwright-pytest/issues/29#issuecomment-731515676 +os.environ.setdefault("DJANGO_ALLOW_ASYNC_UNSAFE", "true") diff --git a/accounts/tests/integration/test_login.py b/accounts/tests/integration/test_login.py new file mode 100644 index 00000000..a74aadbe --- /dev/null +++ b/accounts/tests/integration/test_login.py @@ -0,0 +1,9 @@ +import pytest +from playwright.sync_api import Page, expect + + +@pytest.mark.integration +@pytest.mark.django_db(transaction=True) +def test_login(page: Page, live_server, create_and_login_user): + user = create_and_login_user(live_server.url) + expect(page.locator("#logged_in_username")).to_have_text(user.username) diff --git a/accounts/urls.py b/accounts/urls.py new file mode 100644 index 00000000..4d64e915 --- /dev/null +++ b/accounts/urls.py @@ -0,0 +1,8 @@ +from django.urls import include, path + +from . import views + +urlpatterns = [ + path("", include("registration.backends.admin_approval.urls")), + path("profile/", views.UserProfileView.as_view(), name="profile"), +] diff --git a/accounts/utils.py b/accounts/utils.py new file mode 100644 index 00000000..abc1e79f --- /dev/null +++ b/accounts/utils.py @@ -0,0 +1,44 @@ +import logging + +from django.contrib.auth.models import Group, Permission + +logger = logging.getLogger(__name__) + + +def _permission_names_to_objects(names: tuple[str, ...]) -> list[Permission]: + """ + Given an iterable of permission names (e.g. 'app_label.add_model'), + return an iterable of Permission objects for them. The permission + must already exist, because a permission name is not enough information + to create a new permission. + """ + result: list[Permission] = [] + for name in names: + app_label, codename = name.split(".", 1) + try: + result.append( + Permission.objects.get(content_type__app_label=app_label, codename=codename) + ) + except Permission.DoesNotExist as err: + logger.exception("NO SUCH PERMISSION: %s, %s", app_label, codename) + raise err + + return result + + +def create_group_with_permissions(group_name: str, permission_names: tuple[str, ...]) -> None: + """Create a group with added permissions programmatically. + + Inspired by https://cheat.readthedocs.io/en/latest/django/permissions.html + """ + group, created = Group.objects.get_or_create(name=group_name) + if created: + logger.info("Created group %s.", group_name) + + perms_to_add = _permission_names_to_objects(permission_names) + group.permissions.add(*perms_to_add) + if not created: + # Group already existed - make sure it doesn't have any perms we didn't want + perms_to_remove = set(group.permissions.all()) - set(perms_to_add) + if perms_to_remove: + group.permissions.remove(*perms_to_remove) diff --git a/accounts/views.py b/accounts/views.py new file mode 100644 index 00000000..39491eb1 --- /dev/null +++ b/accounts/views.py @@ -0,0 +1,31 @@ +from typing import Any + +from django.contrib.auth.mixins import AccessMixin, LoginRequiredMixin +from django.http import HttpResponse +from django.views.generic import TemplateView +from django.views.generic.edit import CreateView + +from adit.core.types import AuthenticatedHttpRequest + +from .forms import RegistrationForm +from .models import User + + +class UserProfileView(LoginRequiredMixin, AccessMixin, TemplateView): + template_name = "accounts/profile.html" + request: AuthenticatedHttpRequest + + def get_context_data(self, **kwargs: Any) -> dict[str, Any]: + context = super().get_context_data(**kwargs) + context["user"] = self.request.user + return context + + +class RegistrationView(CreateView): + model = User + form_class = RegistrationForm + template_name = "accounts/registration.html" + + def form_valid(self, form: RegistrationForm) -> HttpResponse: + form.instance.is_active = False + return super().form_valid(form) diff --git a/templates/registration/README.md b/templates/registration/README.md new file mode 100644 index 00000000..8007c18e --- /dev/null +++ b/templates/registration/README.md @@ -0,0 +1,2 @@ +All templates in the registation folder are copied from the "django-registation-redux" app and customized for ADIT. +See https://github.com/macropin/django-registration/tree/master/registration/templates/registration \ No newline at end of file diff --git a/templates/registration/activate.html b/templates/registration/activate.html new file mode 100755 index 00000000..be15d830 --- /dev/null +++ b/templates/registration/activate.html @@ -0,0 +1,11 @@ +{% extends "registration/registration_base.html" %} +{% load trans from i18n %} +{% block title %} + {% trans "Account Activation Failure - ADIT" %} +{% endblock title %} +{% block heading %} +

{% trans "Account activation failed" %}

+{% endblock heading %} +{% block content %} +

{% trans "Please contact the support if the problem persists." %}

+{% endblock content %} diff --git a/templates/registration/activation_complete.html b/templates/registration/activation_complete.html new file mode 100755 index 00000000..36b47c6c --- /dev/null +++ b/templates/registration/activation_complete.html @@ -0,0 +1,16 @@ +{% extends "registration/registration_base.html" %} +{% load trans from i18n %} +{% block title %} + {% trans "Account Activated - ADIT" %} +{% endblock title %} +{% block heading %} +

{% trans "Account activated" %}

+{% endblock heading %} +{% block content %} +

+ {% trans "Your account is now activated." %} + {% if not user.is_authenticated %} + {% trans "You can log in." %} + {% endif %} +

+{% endblock content %} diff --git a/templates/registration/activation_complete_admin_pending.html b/templates/registration/activation_complete_admin_pending.html new file mode 100644 index 00000000..fbfa2fc8 --- /dev/null +++ b/templates/registration/activation_complete_admin_pending.html @@ -0,0 +1,19 @@ +{% extends "registration/registration_base.html" %} +{% load trans blocktrans from i18n %} +{% block title %} + {% trans "Account Activated - ADIT" %} +{% endblock title %} +{% block heading %} +

{% trans "Account activated" %}

+{% endblock heading %} +{% block content %} +

+ {% trans "You activated your account." %} + {% if not user.is_authenticated %} + {% blocktrans %} + To log in and use ADIT the account must be activated also by an administrator. + {% endblocktrans %} + {% trans "Once an administrator activates your account you can login." %} + {% endif %} +

+{% endblock content %} diff --git a/templates/registration/activation_email.html b/templates/registration/activation_email.html new file mode 100644 index 00000000..ddf27dd6 --- /dev/null +++ b/templates/registration/activation_email.html @@ -0,0 +1,43 @@ +{% load trans blocktrans from i18n %} + + + + {% trans "ADIT registration" %} + + + + +

+ Dear colleagues, +
+
+ ADIT is the result of well over a hundred hours of development work, most of which took place + in my spare time. I developed it with the intention to simplify our work regarding the processing + of radiological images, so that we can focus again on the actual scientific activity. Vice versa I ask you to + consider me on publications for which ADIT was used. +
+

+

+ {% blocktrans %} + To activate your account on ADIT, please click the following link within the next + {{ expiration_days }} days: + {% endblocktrans %} +

+

+ + {{ site.domain }}{% url 'registration_activate' activation_key %} + +

+

+ Please view the landing page of ADIT and + write me or call me + (Phone 396-8503) what permissions you need. +

+

+ {% blocktrans %} + Sincerely,
+ Kai Schlamp + {% endblocktrans %} +

+ + diff --git a/templates/registration/activation_email.txt b/templates/registration/activation_email.txt new file mode 100644 index 00000000..d054a15d --- /dev/null +++ b/templates/registration/activation_email.txt @@ -0,0 +1,24 @@ +{% load blocktrans from i18n %} +{% blocktrans %} +Dear colleagues + +ADIT is the result of well over a hundred hours of development work, most of which took place +in my spare time. I developed it with the intention to simplify our work regarding the processing +of radiological images, so that we can focus again on the actual scientific activity. +Vice versa I ask you to consider me on publications for which ADIT was used. + +To activate your account on ADIT, please click the following link within the next +{{ expiration_days }} days: +{% endblocktrans %} + +http://{{site.domain}}{% url 'registration_activate' activation_key %} + +{% blocktrans %} +Please view the landing page of ADIT (http://{{site.domain}}) and write me +(Email: kai.schlamp@med.uni-heidelberg.de) write me or call me (Phone: 396-8503) what permissions you need. +{% endblocktrans %} + +{% blocktrans %} +Sincerely, +Kai Schlamp +{% endblocktrans %} diff --git a/templates/registration/activation_email_subject.txt b/templates/registration/activation_email_subject.txt new file mode 100644 index 00000000..09776327 --- /dev/null +++ b/templates/registration/activation_email_subject.txt @@ -0,0 +1 @@ +{% load i18n %}{% trans "Account activation on ADIT" %} diff --git a/templates/registration/admin_approve.html b/templates/registration/admin_approve.html new file mode 100644 index 00000000..2164156e --- /dev/null +++ b/templates/registration/admin_approve.html @@ -0,0 +1,8 @@ +{% extends "registration/registration_base.html" %} +{% load trans from i18n %} +{% block title %} + {% trans "Approval Failure - ADIT" %} +{% endblock title %} +{% block content %} +

{% trans "Account approval failed." %}

+{% endblock content %} diff --git a/templates/registration/admin_approve_complete.html b/templates/registration/admin_approve_complete.html new file mode 100644 index 00000000..cc09f2fe --- /dev/null +++ b/templates/registration/admin_approve_complete.html @@ -0,0 +1,11 @@ +{% extends "registration/registration_base.html" %} +{% load trans from i18n %} +{% block title %} + {% trans "Account Approved - ADIT" %} +{% endblock title %} +{% block heading %} +

User account approved.

+{% endblock heading %} +{% block content %} +

{% trans "The user's account is now approved." %}

+{% endblock content %} diff --git a/templates/registration/admin_approve_complete_email.html b/templates/registration/admin_approve_complete_email.html new file mode 100644 index 00000000..2e544066 --- /dev/null +++ b/templates/registration/admin_approve_complete_email.html @@ -0,0 +1,17 @@ +{% load trans blocktrans from i18n %} + + + + {% trans "ADIT admin approval" %} + + + + +

+ {% blocktrans %} + Your account is now approved. You can + {% endblocktrans %} + {% trans "log in." %} +

+ + diff --git a/templates/registration/admin_approve_complete_email.txt b/templates/registration/admin_approve_complete_email.txt new file mode 100644 index 00000000..1414e85c --- /dev/null +++ b/templates/registration/admin_approve_complete_email.txt @@ -0,0 +1,5 @@ +{% load blocktrans from i18n %} +{% blocktrans %} + Your account is now approved. You can log in using the following link +{% endblocktrans %} +http://{{site.domain}}{% url 'auth_login' %} diff --git a/templates/registration/admin_approve_complete_email_subject.txt b/templates/registration/admin_approve_complete_email_subject.txt new file mode 100644 index 00000000..2aaa12bd --- /dev/null +++ b/templates/registration/admin_approve_complete_email_subject.txt @@ -0,0 +1 @@ +{% load i18n %}{% trans "Account activation on ADIT" %} \ No newline at end of file diff --git a/templates/registration/admin_approve_email.html b/templates/registration/admin_approve_email.html new file mode 100644 index 00000000..4e56e02b --- /dev/null +++ b/templates/registration/admin_approve_email.html @@ -0,0 +1,57 @@ +{% load trans blocktrans from i18n %} + + + + {% trans "ADIT registration" %} + + + + +

+ {% blocktrans %} + The user ({{ user }}) has asked to register an account at ADIT. + {% endblocktrans %} +

+

+ {% blocktrans %} + To approve this, please + {% endblocktrans %} + {% trans "click here" %}. +

+

+

User Details:

+
+
+ Username +
+
+ {{ user.username }} +
+
+ Email +
+
+ {{ user.email }} +
+
+ Full Name +
+
+ {{ user.get_full_name }} +
+
+ Phone Number +
+
+ {{ user.phone_number }} +
+
+ Department +
+
+ {{ user.department }} +
+
+

+ + diff --git a/templates/registration/admin_approve_email.txt b/templates/registration/admin_approve_email.txt new file mode 100644 index 00000000..d47e1de4 --- /dev/null +++ b/templates/registration/admin_approve_email.txt @@ -0,0 +1,16 @@ +{% load blocktrans from i18n %} +{% blocktrans %} + The user ({{ user }}) has asked to register an account at ADIT. + To approve the account, please click the following link. +{% endblocktrans %} + +http://{{site.domain}}{% url 'registration_admin_approve' profile_id %} + + +User Details: + +Username: {{ user.username }} +Email: {{ user.email }} +Full Name: {{ user.get_full_name }} +Phone Number: {{ user.phone_number }} +Department: {{ user.department}} \ No newline at end of file diff --git a/templates/registration/admin_approve_email_subject.txt b/templates/registration/admin_approve_email_subject.txt new file mode 100644 index 00000000..085d4480 --- /dev/null +++ b/templates/registration/admin_approve_email_subject.txt @@ -0,0 +1 @@ +{% load i18n %}{% trans "Account approval on ADIT" %} diff --git a/templates/registration/login.html b/templates/registration/login.html new file mode 100755 index 00000000..8b953425 --- /dev/null +++ b/templates/registration/login.html @@ -0,0 +1,39 @@ +{% extends "registration/registration_base.html" %} +{% load trans from i18n %} +{% load crispy from crispy_forms_tags %} +{% block title %} + {% trans "Log in - ADIT" %} +{% endblock title %} +{% block heading %} +

Login

+{% endblock heading %} +{% block content %} + {% if form.errors %}

Your username or password is incorrect. Try again?

{% endif %} + {% if next %} + {% if user.is_authenticated %} +

+ Your account doesn't have access to this page. To proceed, + please login with an account that has access. +

+ {% else %} +

You muss login to access this page.

+ {% endif %} + {% endif %} +

+

+ {% csrf_token %} + {{ form|crispy }} + + +
+

+
+

+ {% trans "Forgot your password?" %} + {% trans "Reset it" %} +

+

+ {% trans "No account yet?" %} + {% trans "Register" %} +

+{% endblock content %} diff --git a/templates/registration/logout.html b/templates/registration/logout.html new file mode 100755 index 00000000..b1c37a7d --- /dev/null +++ b/templates/registration/logout.html @@ -0,0 +1,12 @@ +{% extends "registration/registration_base.html" %} +{% load trans from i18n %} +{% block title %} + {% trans "Logged out - ADIT" %} +{% endblock title %} +{% block heading %} +

{% trans "Logged out" %}

+{% endblock heading %} +{% block content %} +

{% trans "You were successfully logged out." %}

+ {% trans "Log in again" %} +{% endblock content %} diff --git a/templates/registration/password_change_done.html b/templates/registration/password_change_done.html new file mode 100755 index 00000000..03d425fa --- /dev/null +++ b/templates/registration/password_change_done.html @@ -0,0 +1,11 @@ +{% extends "registration/registration_base.html" %} +{% load trans from i18n %} +{% block title %} + {% trans "Password changed - ADIT" %} +{% endblock title %} +{% block heading %} +

{% trans "Password changed" %}

+{% endblock heading %} +{% block content %} +

{% trans "Password successfully changed!" %}

+{% endblock content %} diff --git a/templates/registration/password_change_form.html b/templates/registration/password_change_form.html new file mode 100755 index 00000000..5c470954 --- /dev/null +++ b/templates/registration/password_change_form.html @@ -0,0 +1,20 @@ +{% extends "registration/registration_base.html" %} +{% load trans from i18n %} +{% load crispy from crispy_forms_tags %} +{% block title %} + {% trans "Change password - ADIT" %} +{% endblock title %} +{% block heading %} +

{% trans "Passwort reset" %}

+{% endblock heading %} +{% block content %} +

+

+ {% csrf_token %} + {{ form|crispy }} + +
+

+{% endblock content %} diff --git a/templates/registration/password_reset_complete.html b/templates/registration/password_reset_complete.html new file mode 100755 index 00000000..88a819d0 --- /dev/null +++ b/templates/registration/password_reset_complete.html @@ -0,0 +1,14 @@ +{% extends "registration/registration_base.html" %} +{% load trans blocktrans from i18n %} +{% block title %} + {% trans "Password reset complete - ADIT" %} +{% endblock title %} +{% block heading %} +

{% trans "Passwort reset" %}

+{% endblock heading %} +{% block content %} +

+ {% trans "Your password has been reset!" %} + {% blocktrans %}You may now log in{% endblocktrans %}. +

+{% endblock content %} diff --git a/templates/registration/password_reset_confirm.html b/templates/registration/password_reset_confirm.html new file mode 100755 index 00000000..a54ecd95 --- /dev/null +++ b/templates/registration/password_reset_confirm.html @@ -0,0 +1,25 @@ +{% extends "registration/registration_base.html" %} +{% load trans from i18n %} +{% block meta %} + + +{% endblock meta %} +{% block title %} + {% trans "Confirm password reset- ADIT" %} +{% endblock title %} +{% block heading %} +

{% trans "Reset password" %}

+{% endblock heading %} +{% block content %} + {% if validlink %} +

{% trans "Enter your new password below to reset your password:" %}

+
+ {% csrf_token %} + {{ form.as_p }} + +
+ {% else %} + Password reset unsuccessful. Please try again. + {% endif %} +{% endblock content %} diff --git a/templates/registration/password_reset_done.html b/templates/registration/password_reset_done.html new file mode 100755 index 00000000..6db12552 --- /dev/null +++ b/templates/registration/password_reset_done.html @@ -0,0 +1,17 @@ +{% extends "registration/registration_base.html" %} +{% load trans blocktrans from i18n %} +{% block title %} + {% trans "Password reset - ADIT" %} +{% endblock title %} +{% block heading %} +

{% trans "Reset password" %}

+{% endblock heading %} +{% block content %} +

+ {% blocktrans %} + We have sent you an email with a link to reset your password. Please check + your email and click the link to continue. + {% endblocktrans %} +

+{% endblock content %} +{# This is used by django.contrib.auth #} diff --git a/templates/registration/password_reset_email.html b/templates/registration/password_reset_email.html new file mode 100755 index 00000000..ef41a9f1 --- /dev/null +++ b/templates/registration/password_reset_email.html @@ -0,0 +1,25 @@ +{% load trans blocktrans from i18n %} +{% blocktrans %}Greetings{% endblocktrans %} +{% if user.get_full_name %} + {{ user.get_full_name }} +{% else %} + {{ user }} +{% endif %} +, +{% blocktrans %} +You are receiving this email because you (or someone pretending to be you) +requested that your password be reset on the {{ domain }} site. If you do not +wish to reset your password, please ignore this message. +{% endblocktrans %} +{% blocktrans %} +To reset your password, please click the following link, or copy and paste it +into your web browser: +{% endblocktrans %} + + {{ protocol }}://{{ domain }}{% url 'auth_password_reset_confirm' uid token %} + +{% blocktrans %}Your username, in case you've forgotten:{% endblocktrans %} {{ user.get_username }} +{% blocktrans %}Best regards{% endblocktrans %}, +{{ site_name }} {% blocktrans %}Management{% endblocktrans %} +{# This is used by django.contrib.auth #} diff --git a/templates/registration/password_reset_form.html b/templates/registration/password_reset_form.html new file mode 100755 index 00000000..d076fb39 --- /dev/null +++ b/templates/registration/password_reset_form.html @@ -0,0 +1,24 @@ +{% extends "registration/registration_base.html" %} +{% load trans blocktrans from i18n %} +{% load crispy from crispy_forms_tags %} +{% block title %} + {% trans "ADIT - Reset password" %} +{% endblock title %} +{% block heading %} +

{% trans "Forgot your password?" %}

+{% endblock heading %} +{% block content %} +

+ {% blocktrans %} + Enter your email in the form below and we'll send you instructions for creating a new one. + {% endblocktrans %} +

+
+ {% csrf_token %} + {{ form|crispy }} + +
+{% endblock content %} +{# This is used by django.contrib.auth #} diff --git a/templates/registration/registration_base.html b/templates/registration/registration_base.html new file mode 100755 index 00000000..ea500082 --- /dev/null +++ b/templates/registration/registration_base.html @@ -0,0 +1 @@ +{% extends "accounts/accounts_layout.html" %} diff --git a/templates/registration/registration_closed.html b/templates/registration/registration_closed.html new file mode 100755 index 00000000..38effe70 --- /dev/null +++ b/templates/registration/registration_closed.html @@ -0,0 +1,11 @@ +{% extends "registration/registration_base.html" %} +{% load trans from i18n %} +{% block title %} + {% trans "Registration is closed - ADIT" %} +{% endblock title %} +{% block heading %} +

{% trans "Registration closed" %}

+{% endblock heading %} +{% block content %} +

{% trans "Sorry, but registration is closed at this moment. Come back later." %}

+{% endblock content %} diff --git a/templates/registration/registration_complete.html b/templates/registration/registration_complete.html new file mode 100755 index 00000000..0da375fe --- /dev/null +++ b/templates/registration/registration_complete.html @@ -0,0 +1,19 @@ +{% extends "registration/registration_base.html" %} +{% load trans from i18n %} +{% block title %} + {% trans "Activation email sent - ADIT" %} +{% endblock title %} +{% block heading %} +

{% trans "Registration complete" %}

+{% endblock heading %} +{% block content %} +

{% trans "Please check your email to complete the registration process." %}

+{% endblock content %} +{% comment %} +**registration/registration_complete.html** + +Used after successful completion of the registration form. This +template has no context variables of its own, and should simply inform +the user that an email containing account-activation information has +been sent. +{% endcomment %} diff --git a/templates/registration/registration_form.html b/templates/registration/registration_form.html new file mode 100755 index 00000000..284dbfb1 --- /dev/null +++ b/templates/registration/registration_form.html @@ -0,0 +1,12 @@ +{% extends "registration/registration_base.html" %} +{% load trans from i18n %} +{% load crispy from crispy_forms_tags %} +{% block title %} + {% trans "Register for an account - ADIT" %} +{% endblock title %} +{% block heading %} +

{% trans "User registration" %}

+{% endblock heading %} +{% block content %} +

{% crispy form %}

+{% endblock content %} diff --git a/templates/registration/resend_activation_complete.html b/templates/registration/resend_activation_complete.html new file mode 100644 index 00000000..9bd4571c --- /dev/null +++ b/templates/registration/resend_activation_complete.html @@ -0,0 +1,23 @@ +{% extends "registration/registration_base.html" %} +{% load trans blocktrans from i18n %} +{% block title %} + {% trans "Account Activation Resent - ADIT" %} +{% endblock title %} +{% block heading %} +

{% trans "Account activation resent" %}

+{% endblock heading %} +{% block content %} +

+ {% blocktrans %} + We have sent an email to {{ email }} with further instructions. + {% endblocktrans %} +

+{% endblock content %} +{% comment %} +**registration/resend_activation_complete.html** +Used after form for resending account activation is submitted. By default has +the following context: + +``email`` + The email address submitted in the resend activation form. +{% endcomment %} diff --git a/templates/registration/resend_activation_form.html b/templates/registration/resend_activation_form.html new file mode 100644 index 00000000..f262a656 --- /dev/null +++ b/templates/registration/resend_activation_form.html @@ -0,0 +1,16 @@ +{% extends "registration/registration_base.html" %} +{% load trans from i18n %} +{% load crispy from crispy_forms_tags %} +{% block title %} + {% trans "Resend Activation Email - ADIT" %} +{% endblock title %} +{% block heading %} +

{% trans "Resend activation mail" %}

+{% endblock heading %} +{% block content %} +
+ {% csrf_token %} + {{ form|crispy }} + +
+{% endblock content %} diff --git a/token_authentication/__init__.py b/token_authentication/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/token_authentication/admin.py b/token_authentication/admin.py new file mode 100644 index 00000000..3c77bedc --- /dev/null +++ b/token_authentication/admin.py @@ -0,0 +1,20 @@ +from django.contrib import admin + +from .models import Token + + +class TokenAdmin(admin.ModelAdmin): + list_display = ( + "fraction", + "description", + "owner", + "created_time", + "expires", + "last_used", + ) + + list_filter = ("owner", "created_time", "last_used", "expires") + search_fields = ("owner",) + + +admin.site.register(Token, TokenAdmin) diff --git a/token_authentication/apps.py b/token_authentication/apps.py new file mode 100644 index 00000000..3d4d87b7 --- /dev/null +++ b/token_authentication/apps.py @@ -0,0 +1,27 @@ +from django.apps import AppConfig +from django.db.models.signals import post_migrate + + +class TokenAuthenticationConfig(AppConfig): + default_auto_field = "django.db.models.BigAutoField" + name = "adit.shared.token_authentication" + + def ready(self): + post_migrate.connect(init_db, sender=self) + + +def init_db(**kwargs): + create_group() + + +def create_group(): + from adit.shared.accounts.utils import create_group_with_permissions + + create_group_with_permissions( + "token_authentication_group", + ( + "token_authentication.add_token", + "token_authentication.delete_token", + "token_authentication.view_token", + ), + ) diff --git a/token_authentication/auth.py b/token_authentication/auth.py new file mode 100644 index 00000000..9368bfef --- /dev/null +++ b/token_authentication/auth.py @@ -0,0 +1,74 @@ +import logging + +from django.utils import timezone +from rest_framework.authentication import BaseAuthentication +from rest_framework.exceptions import AuthenticationFailed +from rest_framework.request import Request + +from adit.shared.accounts.models import User + +from .models import Token +from .utils.crypto import hash_token, verify_token + +logger = logging.getLogger(__name__) + + +class RestTokenAuthentication(BaseAuthentication): + """ + This class is used to authenticate users via a json web token. + The token is expected to be provided in the request header as follows: + Authorization: Token + """ + + def authenticate_header(self, request: Request): + return "Authentication failed." + + def authenticate(self, request: Request): + try: + auth = request.META.get("HTTP_AUTHORIZATION", None) + if auth is None: + auth = request.META["headers"].get("Authorization", None) + protocol, token_string = auth.split(" ") + except Exception: + message = "Invalid token header. Please provide credentials in the request header." + raise AuthenticationFailed(message) + + if not protocol == "Token": + message = "Please use the token authentication protocol to access the REST API." + raise AuthenticationFailed(message) + + message, user, token = self.verify_token(token_string) + if token is None: + raise AuthenticationFailed(message) + + token.last_used = timezone.now() + token.save() + + return (user, token) + + def verify_token(self, token_string: str) -> tuple[str, User | None, Token | None]: + """ + This method verifies the token string by checking if the token + exists in the database and if the token is not expired. + + :param token_string: The token string to be verified. + :return: A tuple containing a message describing the result of the + verification, the user associated with the token, and the token + object itself. If the token is invalid, the user and token objects + are None. + """ + token_hashed = hash_token(token_string) + + try: + token = Token.objects.get(token_hashed=token_hashed) + except Token.DoesNotExist: + return "Invalid token. Token does not exist.", None, None + + # Double check that the token hash is correct. + if not verify_token(token_string, token.token_hashed): + raise AssertionError(f"Internal token error. Invalid token hash {token_hashed}.") + + if token.is_expired(): + return "Invalid Token. Token is expired.", None, None + + return "", token.owner, token diff --git a/token_authentication/factories.py b/token_authentication/factories.py new file mode 100644 index 00000000..2544173e --- /dev/null +++ b/token_authentication/factories.py @@ -0,0 +1,23 @@ +from datetime import timedelta + +import factory +from django.utils import timezone + +from adit.core.factories import BaseDjangoModelFactory +from adit.shared.accounts.factories import UserFactory + +from .models import Token +from .utils.crypto import hash_token + + +class TokenFactory(BaseDjangoModelFactory[Token]): + class Meta: + model = Token + django_get_or_create = ("token_hashed",) + + token_hashed = factory.LazyFunction(lambda: hash_token("test_token_string")) + description = factory.Faker("sentence", nb_words=3) + owner = factory.SubFactory(UserFactory) + created_time = timezone.now() + expires = timezone.now() + timedelta(hours=24) + last_used = timezone.now() diff --git a/token_authentication/forms.py b/token_authentication/forms.py new file mode 100644 index 00000000..4c3e0b6d --- /dev/null +++ b/token_authentication/forms.py @@ -0,0 +1,60 @@ +from crispy_forms.helper import FormHelper +from crispy_forms.layout import Div, Field, Layout, Submit +from django import forms + +from adit.shared.accounts.models import User + +from .models import Token + +EXPIRY_TIMES = ( + (24, "1 Day"), + (7 * 24, "7 Days"), + (30 * 24, "30 Days"), + (90 * 24, "90 Days"), +) + + +class GenerateTokenForm(forms.ModelForm): + class Meta: + model = Token + fields = ["description"] + + def __init__(self, *args, **kwargs): + self.user: User = kwargs.pop("user") + + super().__init__(*args, **kwargs) + + expiry_times = EXPIRY_TIMES + if self.user.has_perm("token_authentication.can_generate_never_expiring_token"): + expiry_times = expiry_times + ((0, "Never"),) + + self.fields["expiry_time"] = forms.ChoiceField(choices=expiry_times, label="Expiry Time") + + self.fields["description"].widget.attrs["placeholder"] = "Optional" + + self.helper = FormHelper(self) + self.helper.form_id = "generate_token_form" + self.helper.add_input(Submit("save", "Generate Token")) + self.helper.layout = Layout( + Div( + Div( + Field("expiry_time"), + css_class="col-3", + ), + Div( + Field("description"), + css_class="col-9", + ), + css_class="row", + ), + ) + + def clean_expiry_time(self): + expiry_time = self.cleaned_data["expiry_time"] + if not self.user.has_perm("token_authentication.can_generate_never_expiring_token"): + if expiry_time == "0": + raise forms.ValidationError( + "You do not have permission to generate never expiring tokens." + ) + + return expiry_time diff --git a/token_authentication/migrations/0001_initial.py b/token_authentication/migrations/0001_initial.py new file mode 100644 index 00000000..a49e6140 --- /dev/null +++ b/token_authentication/migrations/0001_initial.py @@ -0,0 +1,72 @@ +# Generated by Django 4.2.2 on 2023-06-15 12:59 + +import datetime +from django.conf import settings +from django.db import migrations, models +import django.db.models.deletion + + +class Migration(migrations.Migration): + initial = True + + dependencies = [ + migrations.swappable_dependency(settings.AUTH_USER_MODEL), + ] + + operations = [ + migrations.CreateModel( + name="TokenSettings", + fields=[ + ( + "id", + models.BigAutoField( + auto_created=True, primary_key=True, serialize=False, verbose_name="ID" + ), + ), + ("locked", models.BooleanField(default=False)), + ("suspended", models.BooleanField(default=False)), + ( + "slot_begin_time", + models.TimeField( + default=datetime.time(22, 0), help_text="Must be set in UTC time zone." + ), + ), + ( + "slot_end_time", + models.TimeField( + default=datetime.time(8, 0), help_text="Must be set in UTC time zone." + ), + ), + ("transfer_timeout", models.IntegerField(default=3)), + ], + options={ + "verbose_name_plural": "Token settings", + }, + ), + migrations.CreateModel( + name="Token", + fields=[ + ( + "id", + models.BigAutoField( + auto_created=True, primary_key=True, serialize=False, verbose_name="ID" + ), + ), + ("token_string", models.TextField(max_length=30)), + ("created_time", models.DateTimeField(auto_now_add=True)), + ("client", models.TextField(max_length=100)), + ("expiry_time", models.DateTimeField()), + ("expires", models.BooleanField(default=True)), + ("last_used", models.DateTimeField(auto_now=True)), + ( + "author", + models.ForeignKey( + on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL + ), + ), + ], + options={ + "permissions": [("manage_auth_tokens", "Can manage REST authentication tokens")], + }, + ), + ] diff --git a/token_authentication/migrations/0002_token_fraction_alter_token_token_string.py b/token_authentication/migrations/0002_token_fraction_alter_token_token_string.py new file mode 100644 index 00000000..813d4f32 --- /dev/null +++ b/token_authentication/migrations/0002_token_fraction_alter_token_token_string.py @@ -0,0 +1,23 @@ +# Generated by Django 4.2.3 on 2023-07-20 13:30 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("token_authentication", "0001_initial"), + ] + + operations = [ + migrations.AddField( + model_name="token", + name="fraction", + field=models.TextField(default="toke", max_length=4), + preserve_default=False, + ), + migrations.AlterField( + model_name="token", + name="token_string", + field=models.TextField(max_length=128), + ), + ] diff --git a/token_authentication/migrations/0003_alter_token_client.py b/token_authentication/migrations/0003_alter_token_client.py new file mode 100644 index 00000000..0d64787a --- /dev/null +++ b/token_authentication/migrations/0003_alter_token_client.py @@ -0,0 +1,17 @@ +# Generated by Django 4.2.3 on 2023-07-20 16:24 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("token_authentication", "0002_token_fraction_alter_token_token_string"), + ] + + operations = [ + migrations.AlterField( + model_name="token", + name="client", + field=models.TextField(max_length=100, unique=True), + ), + ] diff --git a/token_authentication/migrations/0004_rename_token_string_token_token_hashed.py b/token_authentication/migrations/0004_rename_token_string_token_token_hashed.py new file mode 100644 index 00000000..c94348a4 --- /dev/null +++ b/token_authentication/migrations/0004_rename_token_string_token_token_hashed.py @@ -0,0 +1,17 @@ +# Generated by Django 4.2.3 on 2023-07-23 13:53 + +from django.db import migrations + + +class Migration(migrations.Migration): + dependencies = [ + ("token_authentication", "0003_alter_token_client"), + ] + + operations = [ + migrations.RenameField( + model_name="token", + old_name="token_string", + new_name="token_hashed", + ), + ] diff --git a/token_authentication/migrations/0005_alter_token_options_remove_token_expires_and_more.py b/token_authentication/migrations/0005_alter_token_options_remove_token_expires_and_more.py new file mode 100644 index 00000000..c8cf5a37 --- /dev/null +++ b/token_authentication/migrations/0005_alter_token_options_remove_token_expires_and_more.py @@ -0,0 +1,29 @@ +# Generated by Django 4.2.3 on 2023-07-23 23:16 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("token_authentication", "0004_rename_token_string_token_token_hashed"), + ] + + operations = [ + migrations.AlterModelOptions( + name="token", + options={ + "permissions": [ + ("can_generate_never_expiring_token", "Can generate never expiring token") + ] + }, + ), + migrations.RemoveField( + model_name="token", + name="expires", + ), + migrations.AlterField( + model_name="token", + name="expiry_time", + field=models.DateTimeField(blank=True, null=True), + ), + ] diff --git a/token_authentication/migrations/0006_rename_expiry_time_token_expires.py b/token_authentication/migrations/0006_rename_expiry_time_token_expires.py new file mode 100644 index 00000000..80b16758 --- /dev/null +++ b/token_authentication/migrations/0006_rename_expiry_time_token_expires.py @@ -0,0 +1,17 @@ +# Generated by Django 4.2.3 on 2023-07-23 23:21 + +from django.db import migrations + + +class Migration(migrations.Migration): + dependencies = [ + ("token_authentication", "0005_alter_token_options_remove_token_expires_and_more"), + ] + + operations = [ + migrations.RenameField( + model_name="token", + old_name="expiry_time", + new_name="expires", + ), + ] diff --git a/token_authentication/migrations/0007_alter_token_last_used.py b/token_authentication/migrations/0007_alter_token_last_used.py new file mode 100644 index 00000000..a9d1d172 --- /dev/null +++ b/token_authentication/migrations/0007_alter_token_last_used.py @@ -0,0 +1,17 @@ +# Generated by Django 4.2.3 on 2023-07-23 23:45 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("token_authentication", "0006_rename_expiry_time_token_expires"), + ] + + operations = [ + migrations.AlterField( + model_name="token", + name="last_used", + field=models.DateTimeField(blank=True, null=True), + ), + ] diff --git a/token_authentication/migrations/0008_alter_token_token_hashed.py b/token_authentication/migrations/0008_alter_token_token_hashed.py new file mode 100644 index 00000000..607ff11e --- /dev/null +++ b/token_authentication/migrations/0008_alter_token_token_hashed.py @@ -0,0 +1,17 @@ +# Generated by Django 4.2.3 on 2023-07-25 08:47 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("token_authentication", "0007_alter_token_last_used"), + ] + + operations = [ + migrations.AlterField( + model_name="token", + name="token_hashed", + field=models.TextField(max_length=128, unique=True), + ), + ] diff --git a/token_authentication/migrations/0009_rename_author_token_owner_alter_token_client_and_more.py b/token_authentication/migrations/0009_rename_author_token_owner_alter_token_client_and_more.py new file mode 100644 index 00000000..c6863540 --- /dev/null +++ b/token_authentication/migrations/0009_rename_author_token_owner_alter_token_client_and_more.py @@ -0,0 +1,28 @@ +# Generated by Django 4.2.3 on 2023-07-27 13:04 + +from django.conf import settings +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + migrations.swappable_dependency(settings.AUTH_USER_MODEL), + ("token_authentication", "0008_alter_token_token_hashed"), + ] + + operations = [ + migrations.RenameField( + model_name="token", + old_name="author", + new_name="owner", + ), + migrations.AlterField( + model_name="token", + name="client", + field=models.TextField(max_length=100), + ), + migrations.AlterUniqueTogether( + name="token", + unique_together={("owner", "client")}, + ), + ] diff --git a/token_authentication/migrations/0010_alter_token_unique_together_and_more.py b/token_authentication/migrations/0010_alter_token_unique_together_and_more.py new file mode 100644 index 00000000..69f7c69e --- /dev/null +++ b/token_authentication/migrations/0010_alter_token_unique_together_and_more.py @@ -0,0 +1,22 @@ +# Generated by Django 4.2.3 on 2023-07-27 14:48 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("token_authentication", "0009_rename_author_token_owner_alter_token_client_and_more"), + ] + + operations = [ + migrations.AlterUniqueTogether( + name="token", + unique_together=set(), + ), + migrations.AddConstraint( + model_name="token", + constraint=models.UniqueConstraint( + fields=("client", "owner"), name="unique_client_per_user" + ), + ), + ] diff --git a/token_authentication/migrations/0011_delete_tokensettings_alter_token_client_and_more.py b/token_authentication/migrations/0011_delete_tokensettings_alter_token_client_and_more.py new file mode 100644 index 00000000..a10c0a53 --- /dev/null +++ b/token_authentication/migrations/0011_delete_tokensettings_alter_token_client_and_more.py @@ -0,0 +1,30 @@ +# Generated by Django 4.2.4 on 2023-08-28 11:39 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("token_authentication", "0010_alter_token_unique_together_and_more"), + ] + + operations = [ + migrations.DeleteModel( + name="TokenSettings", + ), + migrations.AlterField( + model_name="token", + name="client", + field=models.CharField(max_length=100), + ), + migrations.AlterField( + model_name="token", + name="fraction", + field=models.CharField(max_length=4), + ), + migrations.AlterField( + model_name="token", + name="token_hashed", + field=models.CharField(max_length=128, unique=True), + ), + ] diff --git a/token_authentication/migrations/0012_remove_token_unique_client_per_user_and_more.py b/token_authentication/migrations/0012_remove_token_unique_client_per_user_and_more.py new file mode 100644 index 00000000..3876215d --- /dev/null +++ b/token_authentication/migrations/0012_remove_token_unique_client_per_user_and_more.py @@ -0,0 +1,21 @@ +# Generated by Django 4.2.4 on 2023-08-28 12:10 + +from django.db import migrations + + +class Migration(migrations.Migration): + dependencies = [ + ("token_authentication", "0011_delete_tokensettings_alter_token_client_and_more"), + ] + + operations = [ + migrations.RemoveConstraint( + model_name="token", + name="unique_client_per_user", + ), + migrations.RenameField( + model_name="token", + old_name="client", + new_name="description", + ), + ] diff --git a/token_authentication/migrations/0013_alter_token_description.py b/token_authentication/migrations/0013_alter_token_description.py new file mode 100644 index 00000000..95247f0b --- /dev/null +++ b/token_authentication/migrations/0013_alter_token_description.py @@ -0,0 +1,17 @@ +# Generated by Django 4.2.4 on 2023-08-28 12:26 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("token_authentication", "0012_remove_token_unique_client_per_user_and_more"), + ] + + operations = [ + migrations.AlterField( + model_name="token", + name="description", + field=models.CharField(blank=True, max_length=120), + ), + ] diff --git a/token_authentication/migrations/__init__.py b/token_authentication/migrations/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/token_authentication/models.py b/token_authentication/models.py new file mode 100644 index 00000000..4dffe289 --- /dev/null +++ b/token_authentication/models.py @@ -0,0 +1,60 @@ +import binascii +from datetime import datetime +from os import urandom + +import pytz +from django.contrib.auth.models import AbstractBaseUser, AnonymousUser +from django.db import models + +from adit.shared.accounts.models import User + +from .utils.crypto import hash_token + +TOKEN_LENGTH = 20 # Length of the unhashed token +FRACTION_LENGTH = 4 # Length of the token hint visible to the user in the table + + +class TokenManager(models.Manager["Token"]): + def create_token( + self, + user: AbstractBaseUser | AnonymousUser, + description: str, + expires: datetime | None, + ): + token_string = binascii.hexlify(urandom(TOKEN_LENGTH)).decode() + token_hashed = hash_token(token_string) + token = self.create( + owner=user, + token_hashed=token_hashed, + fraction=token_string[:FRACTION_LENGTH], + description=description, + expires=expires, + ) + return token, token_string + + +class Token(models.Model): + owner = models.ForeignKey(User, on_delete=models.CASCADE) + token_hashed = models.CharField(max_length=128, unique=True) + fraction = models.CharField(max_length=FRACTION_LENGTH) + description = models.CharField(blank=True, max_length=120) + expires = models.DateTimeField(blank=True, null=True) + created_time = models.DateTimeField(auto_now_add=True) + last_used = models.DateTimeField(blank=True, null=True) + + objects = TokenManager() + + class Meta: + permissions = [ + ( + "can_generate_never_expiring_token", + "Can generate never expiring token", + ) + ] + + def __str__(self): + return self.token_hashed + + def is_expired(self): + utc = pytz.UTC + return self.expires and self.expires < utc.localize(datetime.now()) diff --git a/token_authentication/static/token_authentication/token_authentication.js b/token_authentication/static/token_authentication/token_authentication.js new file mode 100644 index 00000000..77339d6c --- /dev/null +++ b/token_authentication/static/token_authentication/token_authentication.js @@ -0,0 +1,19 @@ +"use strict"; + +/** + * Alpine data model for token authentication + * @returns {object} Alpine data model + */ +function newToken() { + return { + /** + * Copy the token to the clipboard. + * @param {string} token + * @returns {void} + */ + copyTokenToClipboard: function (token) { + navigator.clipboard.writeText(token); + showToast("success", "Clipboard", "Copied token to clipboard!"); + }, + }; +} diff --git a/token_authentication/templates/token_authentication/_generate_token_help_modal.html b/token_authentication/templates/token_authentication/_generate_token_help_modal.html new file mode 100644 index 00000000..77d508b8 --- /dev/null +++ b/token_authentication/templates/token_authentication/_generate_token_help_modal.html @@ -0,0 +1,15 @@ +{% extends "core/_message_modal.html" %} +{% block modal_title %} + REST Authentication Token Help +{% endblock modal_title %} +{% block modal_body %} +

+ With this feature you can generate an authentication token to authenticate + your third party REST application. +

+

+ The token should be included in the request header like this: +
+ Authorization: Token 9944b09199c62bcf9418ad846dd0e4bbdfc6ee4b +

+{% endblock modal_body %} diff --git a/token_authentication/templates/token_authentication/token_authentication_layout.html b/token_authentication/templates/token_authentication/token_authentication_layout.html new file mode 100644 index 00000000..6040c0ad --- /dev/null +++ b/token_authentication/templates/token_authentication/token_authentication_layout.html @@ -0,0 +1,5 @@ +{% extends "core/core_layout.html" %} +{% load static from static %} +{% block script %} + +{% endblock script %} diff --git a/token_authentication/templates/token_authentication/token_dashboard.html b/token_authentication/templates/token_authentication/token_dashboard.html new file mode 100644 index 00000000..680e7f8f --- /dev/null +++ b/token_authentication/templates/token_authentication/token_dashboard.html @@ -0,0 +1,85 @@ +{% extends "token_authentication/token_authentication_layout.html" %} +{% load render_table from django_tables2 %} +{% load crispy from crispy_forms_tags %} +{% block heading %} +
+

+ REST Authentication Tokens + {% include "core/_help_button.html" with target="#generate_token_help_modal" only %} +

+
+{% endblock heading %} +{% block content %} + + {% if new_token %} +
+
+
Sucessfully generated a REST authentication token.
+ This token will only be visible once, so make sure to copy it + now and store it in a safe place. As you will not be able to + see it again, you will have to generate a new token if you lose + it. +
+
+

+ {{ new_token }} + +

+
+
+ {% endif %} + +
+ {% if tokens %} +
Existing tokens
+ + + + + + + + + + + + + {% for token in tokens reversed %} + + + + + + + + + {% endfor %} + +
TokenDescriptionCreatedExpiresLast UsedActions
{{ token.fraction }}...{{ token.description|default:"—" }}{{ token.created_time }}{{ token.expires|default_if_none:"Never" }}{{ token.last_used|default_if_none:"Never" }} +
+ {% csrf_token %} + +
+
+ {% else %} +
No generated tokens
+ {% endif %} +
+ +
+
Generate a new token
+
+ {% csrf_token %} + {% crispy form %} +
+
+{% endblock content %} +{% block bottom %} + {% include 'token_authentication/_generate_token_help_modal.html' with modal_id="generate_token_help_modal" %} +{% endblock bottom %} diff --git a/token_authentication/tests/__init__.py b/token_authentication/tests/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/token_authentication/tests/integration/conftest.py b/token_authentication/tests/integration/conftest.py new file mode 100644 index 00000000..92e96652 --- /dev/null +++ b/token_authentication/tests/integration/conftest.py @@ -0,0 +1,5 @@ +import os + +# Workaround to make playwright work with Django +# see https://github.com/microsoft/playwright-pytest/issues/29#issuecomment-731515676 +os.environ.setdefault("DJANGO_ALLOW_ASYNC_UNSAFE", "true") diff --git a/token_authentication/tests/integration/test_token_authentication.py b/token_authentication/tests/integration/test_token_authentication.py new file mode 100644 index 00000000..b53e1abd --- /dev/null +++ b/token_authentication/tests/integration/test_token_authentication.py @@ -0,0 +1,48 @@ +import pytest +import requests +from playwright.sync_api import Page, expect + + +@pytest.mark.integration +@pytest.mark.django_db(transaction=True) +def test_create_and_delete_authentication_token( + page: Page, + channels_live_server, + create_and_login_user, +): + user = create_and_login_user(channels_live_server.url) + user.join_group("token_authentication_group") + page.goto(channels_live_server.url + "/token-authentication/") + + page.get_by_label("Description").fill("Just a test token") + page.get_by_text("Generate Token").click() + expect(page.locator("#unhashed-token-string")).to_be_visible() + token = page.locator("#unhashed-token-string").inner_text() + + response = requests.get( + channels_live_server.url + "/token-authentication/test", + headers={"Authorization": f"Token {token}"}, + ) + assert response.status_code == 200 + + expect(page.locator("table").get_by_text("Just a test token")).to_be_visible() + page.get_by_label("Delete token").click() + expect(page.locator("table").get_by_text("Just a test token")).not_to_be_visible() + + response = requests.get( + channels_live_server.url + "/token-authentication/test", + headers={"Authorization": f"Token {token}"}, + ) + assert response.status_code == 401 + + +@pytest.mark.integration +@pytest.mark.django_db(transaction=True) +def test_invalid_authentication_token( + channels_live_server, +): + response = requests.get( + channels_live_server.url + "/token-authentication/test", + headers={"Authorization": "Token invalid_token"}, + ) + assert response.status_code == 401 diff --git a/token_authentication/urls.py b/token_authentication/urls.py new file mode 100644 index 00000000..9be66efb --- /dev/null +++ b/token_authentication/urls.py @@ -0,0 +1,17 @@ +from django.urls import path + +from .views import DeleteTokenView, TestView, TokenDashboardView + +urlpatterns = [ + path( + "", + TokenDashboardView.as_view(), + name="token_dashboard", + ), + path( + "/delete-token", + DeleteTokenView.as_view(), + name="delete_token", + ), + path("test", TestView.as_view(), name="test_view"), +] diff --git a/token_authentication/utils/__init__.py b/token_authentication/utils/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/token_authentication/utils/crypto.py b/token_authentication/utils/crypto.py new file mode 100644 index 00000000..a7ad780b --- /dev/null +++ b/token_authentication/utils/crypto.py @@ -0,0 +1,12 @@ +from django.conf import settings +from django.contrib.auth.hashers import check_password, make_password + + +def hash_token(token_string: str) -> str: + # We use a fixed salt to always generate the same hash for the same token string. + # Rainbow attacks doesn't matter here as the token string itself is random. + return make_password(token_string, settings.TOKEN_AUTHENTICATION_SALT) + + +def verify_token(token_string: str, token_hashed: str) -> bool: + return check_password(token_string, token_hashed) diff --git a/token_authentication/views.py b/token_authentication/views.py new file mode 100644 index 00000000..b0fa9ce2 --- /dev/null +++ b/token_authentication/views.py @@ -0,0 +1,79 @@ +import datetime +from typing import Any + +from django.contrib.auth.mixins import LoginRequiredMixin, PermissionRequiredMixin +from django.urls import reverse_lazy +from django.views.generic import DeleteView, FormView +from rest_framework.request import Request +from rest_framework.response import Response +from rest_framework.views import APIView + +from adit.core.mixins import OwnerRequiredMixin + +from .forms import GenerateTokenForm +from .models import Token + + +class TokenDashboardView( + LoginRequiredMixin, + PermissionRequiredMixin, + FormView, +): + template_name = "token_authentication/token_dashboard.html" + form_class = GenerateTokenForm + success_url = reverse_lazy("token_dashboard") + permission_required = ( + "token_authentication.view_token", + "token_authentication.add_token", + ) + + def get_form_kwargs(self) -> dict[str, Any]: + kwargs = super().get_form_kwargs() + kwargs.update({"user": self.request.user}) + return kwargs + + def form_valid(self, form): + data = form.cleaned_data + expiry_time = int(data["expiry_time"]) + expires = None + if expiry_time > 0: + expires = datetime.datetime.now() + datetime.timedelta(hours=expiry_time) + try: + description: str = data["description"] + _, token_string = Token.objects.create_token( + user=self.request.user, + description=description, + expires=expires, + ) + except Exception as err: + form.add_error(None, str(err)) + return super().form_invalid(form) + + self.request.session["new_token"] = token_string + return super().form_valid(form) + + def get_context_data(self, **kwargs): + context = super().get_context_data(**kwargs) + + new_token = self.request.session.pop("new_token", None) + tokens = Token.objects.filter(owner=self.request.user) + + context.update({"new_token": new_token, "tokens": tokens}) + + return context + + +class DeleteTokenView( + LoginRequiredMixin, + PermissionRequiredMixin, + OwnerRequiredMixin, + DeleteView, +): + permission_required = "token_authentication.delete_token" + model = Token + success_url = reverse_lazy("token_dashboard") + + +class TestView(APIView): + def get(self, request: Request): + return Response({"message": "OK"}) From 80877c3cc8368f181d285ddf95dc8f24b782a568 Mon Sep 17 00:00:00 2001 From: Kai Schlamp Date: Mon, 28 Aug 2023 18:48:22 +0000 Subject: [PATCH 09/13] Update README of shared --- adit/shared/README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/adit/shared/README.md b/adit/shared/README.md index 08bb02d9..f8efb53b 100644 --- a/adit/shared/README.md +++ b/adit/shared/README.md @@ -2,6 +2,9 @@ This folder contains shared code between ADIT and RADIS, mainly account and authentication stuff. +The code is added to ADIT and RADIS as a git subtree: +`git subtree add --prefix adit/shared shared main --squash` + ## License - GPL 3.0 or later From ee6a8efc78cbb9351945c683e2600514f75520ae Mon Sep 17 00:00:00 2001 From: Kai Schlamp Date: Mon, 28 Aug 2023 18:53:32 +0000 Subject: [PATCH 10/13] Document more command in README of shared --- adit/shared/README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/adit/shared/README.md b/adit/shared/README.md index f8efb53b..d8a0818f 100644 --- a/adit/shared/README.md +++ b/adit/shared/README.md @@ -5,6 +5,12 @@ This folder contains shared code between ADIT and RADIS, mainly account and auth The code is added to ADIT and RADIS as a git subtree: `git subtree add --prefix adit/shared shared main --squash` +Push updates to shared: +`git subtree push --prefix adit/shared shared main` + +Pull updates from shared: +`git subtree pull --prefix adit/shared shared main --squash` + ## License - GPL 3.0 or later From 4e38a7ee2bff8b17cc6c1138fdd07b4f13f02f67 Mon Sep 17 00:00:00 2001 From: Kai Schlamp Date: Mon, 28 Aug 2023 21:22:25 +0000 Subject: [PATCH 11/13] Test commit --- README.md | 2 ++ adit/shared/README.md | 2 ++ 2 files changed, 4 insertions(+) diff --git a/README.md b/README.md index 1b5a77dd..78c1b964 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # ADIT +Test + ## About ADIT (Automated DICOM Transfer) is a Swiss army knife to exchange DICOM data between various systems by using a convenient web frontend. diff --git a/adit/shared/README.md b/adit/shared/README.md index d8a0818f..e3fd89da 100644 --- a/adit/shared/README.md +++ b/adit/shared/README.md @@ -11,6 +11,8 @@ Push updates to shared: Pull updates from shared: `git subtree pull --prefix adit/shared shared main --squash` +Test + ## License - GPL 3.0 or later From d12738a8e39de60a8428c3f575bc44acdeb4ed52 Mon Sep 17 00:00:00 2001 From: Kai Schlamp Date: Mon, 28 Aug 2023 21:25:37 +0000 Subject: [PATCH 12/13] Undo stuff from test commit --- README.md | 2 -- adit/shared/README.md | 2 -- 2 files changed, 4 deletions(-) diff --git a/README.md b/README.md index 78c1b964..1b5a77dd 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,5 @@ # ADIT -Test - ## About ADIT (Automated DICOM Transfer) is a Swiss army knife to exchange DICOM data between various systems by using a convenient web frontend. diff --git a/adit/shared/README.md b/adit/shared/README.md index e3fd89da..d8a0818f 100644 --- a/adit/shared/README.md +++ b/adit/shared/README.md @@ -11,8 +11,6 @@ Push updates to shared: Pull updates from shared: `git subtree pull --prefix adit/shared shared main --squash` -Test - ## License - GPL 3.0 or later From d88646072991e6b6846c6bcbc49fbbcd215e9a29 Mon Sep 17 00:00:00 2001 From: Kai Schlamp Date: Mon, 28 Aug 2023 21:35:11 +0000 Subject: [PATCH 13/13] Add shared as a git remote --- tasks.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tasks.py b/tasks.py index f3819532..136f6947 100644 --- a/tasks.py +++ b/tasks.py @@ -287,6 +287,8 @@ def init_workspace(ctx: Context, type: Literal["codespaces", "gitpod"]): env_dev_file = f"{project_dir}/.env.dev" copy(f"{project_dir}/example.env", env_dev_file) + run_cmd(ctx, "git remote add shared https://github.com/radexperts/django-shared.git") + if type == "codespaces": base_url = f"https://{environ['CODESPACE_NAME']}-8000.preview.app.github.dev" elif type == "gitpod":