1. 06 Dec, 2018 11 commits
    • BAIRE Anthony's avatar
    • BAIRE Anthony's avatar
      Manage ToS validation in the user_need_validation page · 5491ff41
      BAIRE Anthony authored
      - remove the HasSignedTosMixin and to the verifications in
        AllgoAccessMixin instead (along with email verification)
      - add Tos.get_latest() and User.has_agreed_tos
      - ignore ToS agreement if the db has no ToS entries
    • BAIRE Anthony's avatar
      remove Tos.content · 72f60afb
      BAIRE Anthony authored
      (this is a legal document, we should avoid juggling with multiple
    • BERJON Matthieu's avatar
      Adding a mixin and view for the ToS validation · 5c12d3c5
      BERJON Matthieu authored and BAIRE Anthony's avatar BAIRE Anthony committed
      I added a mixin that checks if the user has accepted the latest ToS
      version. If not the user is redirected to the ToS validation view. Once
      accepted the user is redirected to the page he asked first.
      I updated all the `login required` views by adding this new mixin.
      One major issue of this code that the redirection argument passed to the
      ToS validation view is the url name which is not a good practice I
      think. A better case would to use the path but I wasn't able to write
      the right regex in the url dispatcher.
      Another issue is that the user won't be redirected at login or sign up
      to the ToS validation view. This should be handled in the `adapter.py`
      Signed-off-by: BERJON Matthieu's avatarMatthieu Berjon <matthieu.berjon@inria.fr>
    • BERJON Matthieu's avatar
      Adding the ToS view · f1425cc9
      BERJON Matthieu authored and BAIRE Anthony's avatar BAIRE Anthony committed
      I added a view to display the latest version of the ToS. This include a
      specific url, its related view and template. I edited the footer as well
      to add a link to the ToS.
      Signed-off-by: BERJON Matthieu's avatarMatthieu Berjon <matthieu.berjon@inria.fr>
    • BERJON Matthieu's avatar
      Adding the Terms of Service model · 72b7c6bc
      BERJON Matthieu authored and BAIRE Anthony's avatar BAIRE Anthony committed
      I added two models for ToS system. A first model called `Tos` that
      stores the data itself of the policy using a version number and a link
      to a PDF version if necessary. The content of the policy should be
      written in markdown.
      Another model just stores the user and its related ToS version in order
      for the user to be able to sign several versions.
      I updated the admin to display the information related to the ToS
      Signed-off-by: BERJON Matthieu's avatarMatthieu Berjon <matthieu.berjon@inria.fr>
    • BAIRE Anthony's avatar
      remove the django auth backend · 308d66cb
      BAIRE Anthony authored
      (not used at all)
    • BAIRE Anthony's avatar
      do not allow updating User.email directly · 3bedb86d
      BAIRE Anthony authored
      (and use the /accounts/email/ page (provided by allauth) instead)
      'User.email' should never be updated directly
      The rationale is that we rely on allauth for verifying e-mail addresses.
      Allauth manages user's email addresses independently (one to many), and
      updates User.email when one of these addresses is promoted to the
      'primary' status. We will have less friction if we embrace the allauth
      way of managing e-mails.
      The good point is that allauth will never mark as primary an email
      addresse that has not been verified.
    • BAIRE Anthony's avatar
      add an intermediate 'user_need_validation' page for email validation · 4e2e61d1
      BAIRE Anthony authored
      There are multiple reasons:
      - we can use the same page for validating the 'Terms of Use'
      - the user may already have received the message
      - we should do the same validation on the API too (but API should not
        send any email but just display the error message)
    • BAIRE Anthony's avatar
      replace User.provider_addresses with User.email_addresses · 3778463e
      BAIRE Anthony authored
      email.addresses lists all email addresses belonging to the user
      thus we can make more generic queries
      also adds EmailAddress.is_provider
    • BAIRE Anthony's avatar
      refactor the permission mixins · 0f544778
      BAIRE Anthony authored
      remove the IsProviderMixin and introduce 3 new mixins:
      - UserAccessMixin     -> must be a registered user
      - ProviderAccessMixin -> user must be a provider
      - AllAccessMixin      -> may or may not be a registered user
      All these 3 mixins will also ensure that the user email is validated.
      The purpose of the AllAccessMixin is to force the validation of the
      email when the user is registered, thus the validation will be
      requested when landing on the webapp_detail page rather than when
      submitting the first job (which would be discarded)
  2. 05 Nov, 2018 1 commit
  3. 24 Oct, 2018 2 commits
  4. 23 Oct, 2018 1 commit
    • BAIRE Anthony's avatar
      fix privacy issues in TagList and TagWebappList · aedd3283
      BAIRE Anthony authored
      webapp lists should never display apps not visible by the request.user
      TagWebappList did not implement such a filter. I added the
      query_webapps_for_user() helper and use it for TagWebappList, TagList
      and WebappList (the list returned by this function is the superset of
      webapps that these views are allowed to display).
  5. 22 Oct, 2018 4 commits
  6. 19 Oct, 2018 2 commits
  7. 18 Oct, 2018 4 commits
    • BAIRE Anthony's avatar
      add links for importing webapp versions on the webapp import page · a2756a09
      BAIRE Anthony authored
      (for convenience)
    • BAIRE Anthony's avatar
    • BAIRE Anthony's avatar
      fix user email validation when importing webapp · 1083d987
      BAIRE Anthony authored
      Checking user.email is not ok because allauth allows multiple
      addresses per user but grants access if any of them is verified.
      -> we need to ensure that the matched address is verified
      Thus a (non-admin) user can import a webapp only if the two
      conditions are met:
      - the user is allowed to create webapps (verified by IsProviderMixin)
      - the user has a verified email address that matches the owner
        address of the imported webapp
    • BAIRE Anthony's avatar
      fix the validation of allauth emails · 6b4fa212
      BAIRE Anthony authored
      Allauth supports multiple email addresses per user. While this is
      not intended in allgo, it is still possible to configure multiple
      addresses using the /accounts/email/ endpoint.
      Problem: even with ACCOUNT_EMAIL_VERIFICATION="mandatory", allauth
      does not ensure that all addresses are verified. It only ensure
      that *any* address is verified.
      --> even if the user is validted by all auth, we still need to ensure
      that the relevant address is verified before granting access
  8. 16 Oct, 2018 2 commits
  9. 15 Oct, 2018 4 commits
  10. 10 Oct, 2018 1 commit
    • BERJON Matthieu's avatar
      Bug fix on job version testing · d9df98f7
      BERJON Matthieu authored
      This patch suggests two bug fixes. The first one return an empty string
      in the case of the user doesn't send any parameters for the application.
      The second bug fix is related to the test of an existing commited app version.
      The test of the existing version wasn't done before requesting the app
      version itself. This patch corrects it.
      Signed-off-by: BERJON Matthieu's avatarMatthieu Berjon <matthieu.berjon@inria.fr>
  11. 09 Oct, 2018 3 commits
  12. 08 Oct, 2018 2 commits
  13. 28 Sep, 2018 3 commits