Merge pull request #357 from CasualGaming/hon95/2021-sep-updates

2021 September Updates

.github/dependabot.yml

@@ -0,0 +1,8 @@
+version: 2
+updates:
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    # Disable pull requests
+    open-pull-requests-limit: 0

CHANGELOG.md

@@ -20,11 +20,32 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Security
 
 
+## [v1.9.0] - 2021-09-20
+
+### Added
+
+- Added required checkboxes on the ticket checkout page for accepting the LAN rules and confirming that the user information is correct.
+- Added separate page for tickets, including a navbar entry.
+
+### Changed
+
+- Changed which news labels are shown on front page and archive page.
+- Updated default seatmap colors.
+
+### Fixed
+
+- Replaced the outdated pychal library with pychallonge (pychal was a fork of pychallonge but was since merged back into it).
+- Fixed ugly percentage formatting in statistics and remove percentage from competition statistics.
+
+### Security
+
+- Upgraded vulnerable dependencies.
+
 ## [v1.8.1] - 2020-12-09
 
 ### Security
 
-- Upgraded dependencies to vulnerabilities.
+- Upgraded vulnerable dependencies.
 
 ## [v1.8.0] - 2020-09-09
 
@@ -56,7 +77,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Fixed after-login and after-logout redirect, including unsafe redirecting.
 
-
 ## [v1.7.0] - 2020-02-21
 
 ### Added
@@ -90,15 +110,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Fixed logout CSRF vulnerability.
 - Fixed LAN attendance CSRF vulnerability.
 
-
 ## [v1.6.1] - 2019-10-17
 
 ### Fixed
 
 - Fixed server error when viewing team competition page when not logged in.
 - Fixed sponsor title text wrapping.
 
-
 ## [v1.6.0] - 2019-10-16
 
 ### Added
@@ -154,7 +172,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Fixed lottery CSRF vulnerability.
 
-
 ## [1.5.1] - 2019-08-01
 
 ### Changed
@@ -166,7 +183,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Fixed missing LAN translations on LAN admin page.
 - Fixed reversed order for sponsor priority.
 
-
 ## [1.5.0] - 2019-07-31
 
 ### Added
@@ -238,14 +254,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Fixed team join/leave/etc. CSRF vulnerability.
 - Fixed ticket release date not being properly enforced.
 
-
 ## [1.4.3] - 2019-04-03
 
 ### Fixed
 
 - Fixed internal error when accessing `/profile`.
 
-
 ## [1.4.2] - 2019-04-01
 
 ### Added
@@ -265,7 +279,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Fixed internal errors when viewing non-existing lotteries.
 - Fixed wrong font for username in top bar.
 
-
 ## [1.4.1] - 2019-03-10
 
 ### Added
@@ -285,7 +298,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Fix broken auth for the downloadable PDF files for the seating.
 - Replace the drop-down list with all usernames in the team invite section with a text field.
 
-
 ## [1.4.0] - 2019-03-10
 
 ### Added

apps/authentication/forms.py

@@ -33,7 +33,7 @@ def clean(self):
     def login(self, request):
         try:
             User.objects.get(username=request.POST['username'])
-        except Exception:
+        except Exception:  # noqa: B902: Blind Exception
             return False
         if self.is_valid():
             auth.login(request, self.user)

apps/competition/views.py

@@ -431,7 +431,7 @@ def start_compo(request, competition_id):
             competition.status = 3
             competition.save()
             messages.success(request, _(u'Tournament has started.'))
-        except Exception:
+        except Exception:  # noqa: B902: Blind Exception
             messages.error(request, _(u'Something went wrong.'))
 
     return redirect(competition)

apps/lan/urls.py

@@ -2,12 +2,15 @@
 
 from django.conf.urls import url
 
-from .views import attend, details_id, home, list_paid, listing, unattend
+from .views import attend, details_id, home, list_paid, listing, ticket_list, ticket_list_home, ticket_list_lan_list, unattend
 
 urlpatterns = [
     url(r'^$', home, name='lan_home'),
     url(r'^list/$', listing, name='lan_listing'),
+    url(r'^tickets/$', ticket_list_home, name='lan_tickets_home'),
+    url(r'^tickets/list/$', ticket_list_lan_list, name='lan_tickets_lan_list'),
     url(r'^(?P<lan_id>\d+)/$', details_id, name='lan_details'),
+    url(r'^(?P<lan_id>\d+)/tickets/$', ticket_list, name='lan_tickets'),
     url(r'^(?P<lan_id>\d+)/attend/$', attend, name='lan_attend'),
     url(r'^(?P<lan_id>\d+)/unattend/$', unattend, name='lan_unattend'),
     url(r'^(?P<lan_id>\d+)/list_paid/$', list_paid, name='lan_list_paid'),

apps/lan/views.py

@@ -51,12 +51,42 @@ def details(request, lan):
     else:
         active = False
 
+    directions = Directions.objects.filter(lan=lan)
+
+    return render(request, 'lan/details.html', {'lan': lan, 'active': active, 'directions': directions})
+
+
+@require_safe
+def ticket_list_home(request):
+    lans = LAN.objects.filter(end_date__gte=datetime.now())
+    if lans.count() == 1:
+        next_lan = lans[0]
+        return redirect('lan_tickets', lan_id=next_lan.id)
+    else:
+        return redirect('lan_tickets_lan_list')
+
+
+@require_safe
+def ticket_list_lan_list(request):
+    context = {}
+    context['upcoming_lans'] = LAN.objects.filter(end_date__gte=datetime.now()).order_by('start_date')
+    context['previous_lans'] = LAN.objects.filter(end_date__lt=datetime.now()).order_by('-start_date')
+
+    return render(request, 'lan/tickets_lan_list.html', context)
+
+
+@require_safe
+def ticket_list(request, lan_id):
+    lan = get_object_or_404(LAN, pk=lan_id)
+    if lan.end_date > datetime.now():
+        active = True
+    else:
+        active = False
+
     ticket_types = lan.tickettype_set.all().order_by('-priority', '-price')
 
     user_tickets = Ticket.objects.filter(user=request.user.id, ticket_type__in=ticket_types)
 
-    directions = Directions.objects.filter(lan=lan)
-
     if request.user in lan.attendees:
         if request.user in lan.paid_attendees or user_tickets:
             status = 'paid'
@@ -65,7 +95,12 @@ def details(request, lan):
     else:
         status = 'open'
 
-    return render(request, 'lan/details.html', {'lan': lan, 'status': status, 'active': active, 'ticket_types': ticket_types, 'ticket': user_tickets, 'directions': directions})
+    breadcrumbs = (
+        (lan, lan.get_absolute_url()),
+        (_(u'Tickets'), ''),
+    )
+
+    return render(request, 'lan/tickets.html', {'breadcrumbs': breadcrumbs, 'lan': lan, 'status': status, 'active': active, 'ticket_types': ticket_types, 'ticket': user_tickets})
 
 
 @require_POST
@@ -75,7 +110,7 @@ def attend(request, lan_id):
 
     if lan.end_date < datetime.now():
         messages.error(request, _(u'This LAN has finished and can no longer be attended.'))
-        return redirect(lan)
+        return redirect('lan_tickets', lan_id=lan.id)
 
     if not request.user.profile.has_address():
         messages.error(request, _(u'You need to fill in your address and postal code in order to sign up for a LAN.'))
@@ -88,7 +123,7 @@ def attend(request, lan_id):
 
             messages.success(request, _(u'Successfully added you to attendee list for {lan}.').format(lan=lan))
 
-    return redirect(lan)
+    return redirect('lan_tickets', lan_id=lan.id)
 
 
 @require_POST
@@ -98,25 +133,25 @@ def unattend(request, lan_id):
 
     if lan.start_date < datetime.now():
         messages.error(request, _(u'This LAN has already started, you can\'t retract your signup.'))
-        return redirect(lan)
+        return redirect('lan_tickets', lan_id=lan.id)
 
     if request.user not in lan.attendees:
         messages.error(request, _(u'You are not in the attendee list for the LAN.'))
-        return redirect(lan)
+        return redirect('lan_tickets', lan_id=lan.id)
 
     ticket_types = lan.tickettype_set.all().order_by('-priority', '-price')
     user_tickets = Ticket.objects.filter(user=request.user.id, ticket_type__in=ticket_types)
 
     if request.user in lan.paid_attendees or user_tickets:
         messages.error(request, _(u'You cannot remove attendance since you have paid for a ticket to the LAN.'))
-        return redirect(lan)
+        return redirect('lan_tickets', lan_id=lan.id)
     else:
         attendee = Attendee.objects.get(lan=lan, user=request.user)
         attendee.delete()
 
         messages.success(request, _(u'Successfully removed you from attendee list for {lan}.').format(lan=lan))
 
-    return redirect(lan)
+    return redirect('lan_tickets', lan_id=lan.id)
 
 
 @require_safe

apps/misc/templatetags/misc.py

@@ -54,7 +54,7 @@ def divide(dividend, divisor):
 def divide_percent(dividend, divisor):
     if divisor == 0:
         return '0%'
-    return '{val}%'.format(val=(dividend / float(divisor) * 100))
+    return '{val:.2f}%'.format(val=(dividend / float(divisor) * 100))
 
 
 @register.simple_tag

apps/news/views.py

@@ -27,9 +27,6 @@ def main(request, page):
     except EmptyPage:
         # If page is out of range (e.g. 9999), deliver last page of results.
         articles = paginator.page(paginator.num_pages)
-    except Exception:
-        # If no page is given, show the first
-        articles = paginator.page(1)
 
     if len(streams) > 0:
         return render(request, 'news/news.html', {'lans': active_lans, 'articles': articles, 'page': page, 'stream': streams[0],
@@ -58,7 +55,4 @@ def archive(request, page):
     except EmptyPage:
         # If page is out of range (e.g. 9999), deliver last page of results.
         articles = paginator.page(paginator.num_pages)
-    except Exception:
-        # If no page is given, show the first
-        articles = paginator.page(1)
     return render(request, 'news/archive.html', {'articles': articles, 'page': page, 'languages': settings.LANGUAGES})

apps/sendmail/views.py

@@ -1,5 +1,7 @@
 # -*- coding: utf-8 -*-
 
+from smtplib import SMTPException
+
 from django.conf import settings
 from django.contrib import messages
 from django.contrib.auth.decorators import login_required, permission_required
@@ -148,7 +150,7 @@ def handle_submitted_form(request, old_form, template_context):
             try:
                 email_message.send()
                 message.successful_mails += 1
-            except Exception:
+            except SMTPException:
                 message.failed_mails += 1
                 continue
 

docker-entrypoint.sh

@@ -12,16 +12,17 @@ IMPORT_FILE="$IMPORT_EXPORT_DIR/import.json.gz"
 EXPORT_FILE="$IMPORT_EXPORT_DIR/export.json.gz"
 
 # Optional env vars
-STUDLAN_UID=${STUDLAN_UID:=}
-STUDLAN_GID=${STUDLAN_GID:=}
-SUPERUSER_USERNAME=${SUPERUSER_USERNAME:=}
-SUPERUSER_EMAIL=${SUPERUSER_EMAIL:=}
-SUPERUSER_PASSWORD=${SUPERUSER_PASSWORD:=}
-SUPERUSER_INACTIVE=${SUPERUSER_INACTIVE:=}
-FLUSH_DATABASE=${FLUSH_DATABASE:=}
-IMPORT_DATABASE=${IMPORT_DATABASE:=}
-EXPORT_DATABASE=${EXPORT_DATABASE:=}
-NO_START=${NO_START:=}
+STUDLAN_UID=${STUDLAN_UID:-}
+STUDLAN_GID=${STUDLAN_GID:-}
+SUPERUSER_USERNAME=${SUPERUSER_USERNAME:-}
+SUPERUSER_EMAIL=${SUPERUSER_EMAIL:-}
+SUPERUSER_PASSWORD=${SUPERUSER_PASSWORD:-}
+SUPERUSER_INACTIVE=${SUPERUSER_INACTIVE:-}
+FLUSH_DATABASE=${FLUSH_DATABASE:-}
+IMPORT_DATABASE=${IMPORT_DATABASE:-}
+EXPORT_DATABASE=${EXPORT_DATABASE:-}
+NO_START=${NO_START:-}
+DJANGO_DEV_SERVER=${DJANGO_DEV_SERVER:-}
 
 echo "Starting studlan v$(cat VERSION)"
 echo
@@ -138,10 +139,18 @@ echo "Chowning all files ..."
 chown -R $STUDLAN_USER:$STUDLAN_GROUP .
 set -e
 
-# Run uWSGI server
+# Maybe don't start
 if [[ $NO_START == "true" ]]; then
     echo "No-start enabled, stopping instead"
     exit 0
 fi
-echo "Done. Starting server ..."
-exec uwsgi --ini uwsgi.ini
+
+# Run prod or dev server
+if [[ $DJANGO_DEV_SERVER != "true" ]]; then
+    echo "Starting uWSGI server ..."
+    exec uwsgi --ini uwsgi.ini
+else
+    echo "Starting Django dev server ..."
+    echo "WARNING: Never use this in prod!"
+    $MANAGE runserver 0.0.0.0:8080
+fi