GitLab

Checking user.email is not ok because allauth allows multiple
addresses per user but grants access if any of them is verified.

-> we need to ensure that the matched address is verified


Thus a (non-admin) user can import a webapp only if the two
conditions are met:
- the user is allowed to create webapps (verified by IsProviderMixin)
- the user has a verified email address that matches the owner
  address of the imported webapp

Allauth supports multiple email addresses per user. While this is
not intended in allgo, it is still possible to configure multiple
addresses using the /accounts/email/ endpoint.

Problem: even with ACCOUNT_EMAIL_VERIFICATION="mandatory", allauth
does not ensure that all addresses are verified. It only ensure
that *any* address is verified.

--> even if the user is validted by all auth, we still need to ensure
that the relevant address is verified before granting access

add configurable helpdesk/issues/contact links

Closes #275

See merge request !144

Resolve "Document form fields"

Closes #274

See merge request !141

Resolve "API errors should be returned in json format"

Closes #225

See merge request !142

close #275

return API django-generated http errors in the JSON format

See merge request !139

This patch suggests two bug fixes. The first one return an empty string
in the case of the user doesn't send any parameters for the application.
The second bug fix is related to the test of an existing commited app version.
The test of the existing version wasn't done before requesting the app
version itself. This patch corrects it.
Signed-off-by: Matthieu Berjon <matthieu.berjon@inria.fr>

I updated the SSH form in order to create the `help_text` argument in
the form class and call it directly in the template.
Signed-off-by: Matthieu Berjon <matthieu.berjon@inria.fr>

I updated all the necessary `help_text` arguments on the form. I
performed few changes in the template to have a better rendering such
as:

- add a margin between the form and the sandbox box
- remove the floating button for the submit button (prevent an overflow
  of the footer on top of the button)
- add a "no preset available" text in the drop down menu
Signed-off-by: Matthieu Berjon <matthieu.berjon@inria.fr>

I added a help text just on the owner to keep a trace for the future
fusion between both webapp creation and update forms.

See also: #273

Signed-off-by: Matthieu Berjon <matthieu.berjon@inria.fr>

I added the argument `help_text` directly in the form class in order to
use it in the template.
Signed-off-by: Matthieu Berjon <matthieu.berjon@inria.fr>

Resolve "email address not validated when the user changes it"

Closes #126

See merge request !134

Merge branch '126-email-address-not-validated-when-the-user-changes-it' of gitlab.inria.fr:allgo/allgo into 126-email-address-not-validated-when-the-user-changes-it
Signed-off-by: Matthieu Berjon <matthieu.berjon@inria.fr>

Merge branch 'django' of gitlab.inria.fr:allgo/allgo into 126-email-address-not-validated-when-the-user-changes-it

this is for development purpose because:
- setting-up gitlab auth is tedious
- developer needs access to multiple accounts

Resolve "implement access control in job views"

Closes #250

See merge request !116

I added the SVG source of the visual.
Signed-off-by: Matthieu Berjon <matthieu.berjon@inria.fr>

I deleted the local login form on the homepage and replaced it by a
visual. I updated the CSS stylesheet accordingly.
Signed-off-by: Matthieu Berjon <matthieu.berjon@inria.fr>

There were a missing closing tag that had an impact on the footer
display.
Signed-off-by: Matthieu Berjon <matthieu.berjon@inria.fr>

I cleaned a bit the template and CSS code. I modified as well the data
displayed on the home page to be more coherent with the rest of the
design and a bit easier to read.
Signed-off-by: Matthieu Berjon <matthieu.berjon@inria.fr>

- use the same mixin for the api and the UI (so that the authorization
  code is not duplicated)
- renamed JobAuthorizationMixin as JobAuthMixin (because it is easier
  to type ;-)
- LoginRequiredMixin is no longer required because authentication
  (and redirection to the login page) is handled by UserPassesTestMixin

- supports authentication by cookie and by token
- checks the syntax of the Authorization error and handle errors
- returns a User object (instead of AllgoUser, because it is more
  useful)

Note: /auth was broken because it misused a AllgoUser as a User

I removed the paddings on both sides of the header in order to have the
blocks aligned.
Signed-off-by: Matthieu Berjon <matthieu.berjon@inria.fr>

I replaced the comment tags because they were wrongly used.
Signed-off-by: Matthieu Berjon <matthieu.berjon@inria.fr>

Resolve "feature: import projects from the previous allgo instance"

Closes #253

See merge request !136

This adds two views:

- WebappImport for importing the webapp (but without the versions).
  The import is allowed if the requesting user has the same email
  as the owner of the imported app. The webapp is created with
  imported=True, which enables the WebappVersionImport view

- WebappVersionImport for requisting the import of webapp version.
  This only creates the WebappVersion entry with state=IMPORT
  (the actual import is performed by the controller)

A version may be imported multiple times. In that case, the newly
imported version overwrite the local version with the same number.

This features requires:
- that the rails server implements !138
- that the docker daemon hosting the sandboxes is configured with
  credentials for pulling from the legacy registry

I changed the header in order to show only the gitlab sign-in/login
button when the user isn't authenticated and logout button when he is.
Signed-off-by: Matthieu Berjon <matthieu.berjon@inria.fr>

fix memory exhaustion on webapp creation

See merge request !135

Webapp<->WebappParameter is a one-to-many relationship

webapp should always be created with sandbox_state=idle

fix consistency of webapp breadcrumbs

See merge request !131

UI fixes for job queues

See merge request !129

- WebappCreate -> select the queue that has is_default==True
- JobCreate -> select Webapp.job_queue