1. 08 Jan, 2019 5 commits
  2. 20 Dec, 2018 7 commits
  3. 19 Dec, 2018 2 commits
  4. 13 Dec, 2018 1 commit
  5. 12 Dec, 2018 3 commits
  6. 10 Dec, 2018 2 commits
  7. 06 Dec, 2018 14 commits
    • BAIRE Anthony's avatar
      Change Tos.version into a string · 254fab6f
      BAIRE Anthony authored
      because the decimal format is kind of messy, especially we have:
      1.01 != 1.1 and 1.1 == 1.10
      Tos.version is now a CharField. For ordering, we use Tos.id instead
      (the latest tos is the one with highest id).
    • BAIRE Anthony's avatar
    • BAIRE Anthony's avatar
      Add timestamp to user agreements · e6805e9a
      BAIRE Anthony authored
    • BAIRE Anthony's avatar
    • BAIRE Anthony's avatar
      Manage ToS validation in the user_need_validation page · 5491ff41
      BAIRE Anthony authored
      - remove the HasSignedTosMixin and to the verifications in
        AllgoAccessMixin instead (along with email verification)
      - add Tos.get_latest() and User.has_agreed_tos
      - ignore ToS agreement if the db has no ToS entries
    • BAIRE Anthony's avatar
      remove Tos.content · 72f60afb
      BAIRE Anthony authored
      (this is a legal document, we should avoid juggling with multiple
    • BERJON Matthieu's avatar
      Adding a mixin and view for the ToS validation · 5c12d3c5
      BERJON Matthieu authored and BAIRE Anthony's avatar BAIRE Anthony committed
      I added a mixin that checks if the user has accepted the latest ToS
      version. If not the user is redirected to the ToS validation view. Once
      accepted the user is redirected to the page he asked first.
      I updated all the `login required` views by adding this new mixin.
      One major issue of this code that the redirection argument passed to the
      ToS validation view is the url name which is not a good practice I
      think. A better case would to use the path but I wasn't able to write
      the right regex in the url dispatcher.
      Another issue is that the user won't be redirected at login or sign up
      to the ToS validation view. This should be handled in the `adapter.py`
      Signed-off-by: BERJON Matthieu's avatarMatthieu Berjon <matthieu.berjon@inria.fr>
    • BERJON Matthieu's avatar
      Adding the ToS view · f1425cc9
      BERJON Matthieu authored and BAIRE Anthony's avatar BAIRE Anthony committed
      I added a view to display the latest version of the ToS. This include a
      specific url, its related view and template. I edited the footer as well
      to add a link to the ToS.
      Signed-off-by: BERJON Matthieu's avatarMatthieu Berjon <matthieu.berjon@inria.fr>
    • BERJON Matthieu's avatar
      Adding the Terms of Service model · 72b7c6bc
      BERJON Matthieu authored and BAIRE Anthony's avatar BAIRE Anthony committed
      I added two models for ToS system. A first model called `Tos` that
      stores the data itself of the policy using a version number and a link
      to a PDF version if necessary. The content of the policy should be
      written in markdown.
      Another model just stores the user and its related ToS version in order
      for the user to be able to sign several versions.
      I updated the admin to display the information related to the ToS
      Signed-off-by: BERJON Matthieu's avatarMatthieu Berjon <matthieu.berjon@inria.fr>
    • BAIRE Anthony's avatar
      remove the django auth backend · 308d66cb
      BAIRE Anthony authored
      (not used at all)
    • BAIRE Anthony's avatar
      do not allow updating User.email directly · 3bedb86d
      BAIRE Anthony authored
      (and use the /accounts/email/ page (provided by allauth) instead)
      'User.email' should never be updated directly
      The rationale is that we rely on allauth for verifying e-mail addresses.
      Allauth manages user's email addresses independently (one to many), and
      updates User.email when one of these addresses is promoted to the
      'primary' status. We will have less friction if we embrace the allauth
      way of managing e-mails.
      The good point is that allauth will never mark as primary an email
      addresse that has not been verified.
    • BAIRE Anthony's avatar
      add an intermediate 'user_need_validation' page for email validation · 4e2e61d1
      BAIRE Anthony authored
      There are multiple reasons:
      - we can use the same page for validating the 'Terms of Use'
      - the user may already have received the message
      - we should do the same validation on the API too (but API should not
        send any email but just display the error message)
    • BAIRE Anthony's avatar
      replace User.provider_addresses with User.email_addresses · 3778463e
      BAIRE Anthony authored
      email.addresses lists all email addresses belonging to the user
      thus we can make more generic queries
      also adds EmailAddress.is_provider
    • BAIRE Anthony's avatar
      refactor the permission mixins · 0f544778
      BAIRE Anthony authored
      remove the IsProviderMixin and introduce 3 new mixins:
      - UserAccessMixin     -> must be a registered user
      - ProviderAccessMixin -> user must be a provider
      - AllAccessMixin      -> may or may not be a registered user
      All these 3 mixins will also ensure that the user email is validated.
      The purpose of the AllAccessMixin is to force the validation of the
      email when the user is registered, thus the validation will be
      requested when landing on the webapp_detail page rather than when
      submitting the first job (which would be discarded)
  8. 04 Dec, 2018 6 commits