arthexis 0.1.11__py3-none-any.whl → 0.1.13__py3-none-any.whl

core/admin.py

@@ -16,6 +16,7 @@ from django.contrib.auth.admin import (
     GroupAdmin as DjangoGroupAdmin,
     UserAdmin as DjangoUserAdmin,
 )
+import logging
 from import_export import resources, fields
 from import_export.admin import ImportExportModelAdmin
 from import_export.widgets import ForeignKeyWidget
@@ -34,6 +35,7 @@ import calendar
 import re
 from django_object_actions import DjangoObjectActions
 from ocpp.models import Transaction
+from ocpp.rfid.utils import build_mode_toggle
 from nodes.models import EmailOutbox
 from .models import (
     User,
@@ -76,6 +78,9 @@ from .user_data import (
 )
 from .widgets import OdooProductWidget
 from .mcp import process as mcp_process
+from .mcp.server import resolve_base_urls
+
+logger = logging.getLogger(__name__)
 
 
 admin.site.unregister(Group)
@@ -371,6 +376,29 @@ class ReleaseManagerAdminForm(forms.ModelForm):
             "github_token": forms.Textarea(attrs={"rows": 3, "style": "width: 40em;"}),
         }
 
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.fields["pypi_token"].help_text = format_html(
+            "{} <a href=\"{}\" target=\"_blank\" rel=\"noopener noreferrer\">{}</a>{}",
+            "Generate an API token from your PyPI account settings.",
+            "https://pypi.org/manage/account/token/",
+            "pypi.org/manage/account/token/",
+            (
+                " by clicking “Add API token”, optionally scoping it to the package, "
+                "and paste the full `pypi-***` value here."
+            ),
+        )
+        self.fields["github_token"].help_text = format_html(
+            "{} <a href=\"{}\" target=\"_blank\" rel=\"noopener noreferrer\">{}</a>{}",
+            "Create a personal access token at GitHub → Settings → Developer settings →",
+            "https://github.com/settings/tokens",
+            "github.com/settings/tokens",
+            (
+                " with the repository access needed for releases (repo scope for classic tokens "
+                "or an equivalent fine-grained token) and paste it here."
+            ),
+        )
+
 
 @admin.register(ReleaseManager)
 class ReleaseManagerAdmin(ProfileAdminMixin, SaveBeforeChangeAction, EntityModelAdmin):
@@ -690,28 +718,30 @@ class OdooProfileAdminForm(forms.ModelForm):
         )
 
 
-class EmailInboxAdminForm(forms.ModelForm):
-    """Admin form for :class:`core.models.EmailInbox` with hidden password."""
+class MaskedPasswordFormMixin:
+    """Mixin that hides stored passwords while allowing updates."""
 
-    password = forms.CharField(
-        widget=forms.PasswordInput(render_value=True),
-        required=False,
-        help_text="Leave blank to keep the current password.",
-    )
-
-    class Meta:
-        model = EmailInbox
-        fields = "__all__"
+    password_sigil_fields: tuple[str, ...] = ()
 
     def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
+        field = self.fields.get("password")
+        if field is None:
+            return
+        if not isinstance(field.widget, forms.PasswordInput):
+            field.widget = forms.PasswordInput()
+        field.widget.attrs.setdefault("autocomplete", "new-password")
+        field.help_text = field.help_text or "Leave blank to keep the current password."
         if self.instance.pk:
-            self.fields["password"].initial = ""
+            field.initial = ""
             self.initial["password"] = ""
         else:
-            self.fields["password"].required = True
+            field.required = True
 
     def clean_password(self):
+        field = self.fields.get("password")
+        if field is None:
+            return self.cleaned_data.get("password")
         pwd = self.cleaned_data.get("password")
         if not pwd and self.instance.pk:
             return keep_existing("password")
@@ -719,10 +749,23 @@ class EmailInboxAdminForm(forms.ModelForm):
 
     def _post_clean(self):
         super()._post_clean()
-        _restore_sigil_values(
-            self,
-            ["username", "host", "password", "protocol"],
-        )
+        if self.password_sigil_fields:
+            _restore_sigil_values(self, self.password_sigil_fields)
+
+
+class EmailInboxAdminForm(MaskedPasswordFormMixin, forms.ModelForm):
+    """Admin form for :class:`core.models.EmailInbox` with hidden password."""
+
+    password = forms.CharField(
+        widget=forms.PasswordInput(attrs={"autocomplete": "new-password"}),
+        required=False,
+        help_text="Leave blank to keep the current password.",
+    )
+    password_sigil_fields = ("username", "host", "password", "protocol")
+
+    class Meta:
+        model = EmailInbox
+        fields = "__all__"
 
 
 class ProfileInlineFormSet(BaseInlineFormSet):
@@ -880,16 +923,25 @@ class SocialProfileInlineForm(ProfileFormMixin, forms.ModelForm):
         fields = ("network", "handle", "domain", "did")
 
 
-class EmailOutboxInlineForm(ProfileFormMixin, forms.ModelForm):
-    profile_fields = EmailOutbox.profile_fields
+class EmailOutboxAdminForm(MaskedPasswordFormMixin, forms.ModelForm):
+    """Admin form for :class:`nodes.models.EmailOutbox` with hidden password."""
+
     password = forms.CharField(
-        widget=forms.PasswordInput(render_value=True),
+        widget=forms.PasswordInput(attrs={"autocomplete": "new-password"}),
         required=False,
         help_text="Leave blank to keep the current password.",
     )
+    password_sigil_fields = ("password", "host", "username", "from_email")
 
     class Meta:
         model = EmailOutbox
+        fields = "__all__"
+
+
+class EmailOutboxInlineForm(ProfileFormMixin, EmailOutboxAdminForm):
+    profile_fields = EmailOutbox.profile_fields
+
+    class Meta(EmailOutboxAdminForm.Meta):
         fields = (
             "password",
             "host",
@@ -901,27 +953,6 @@ class EmailOutboxInlineForm(ProfileFormMixin, forms.ModelForm):
             "is_enabled",
         )
 
-    def __init__(self, *args, **kwargs):
-        super().__init__(*args, **kwargs)
-        if self.instance.pk:
-            self.fields["password"].initial = ""
-            self.initial["password"] = ""
-        else:
-            self.fields["password"].required = True
-
-    def clean_password(self):
-        pwd = self.cleaned_data.get("password")
-        if not pwd and self.instance.pk:
-            return keep_existing("password")
-        return pwd
-
-    def _post_clean(self):
-        super()._post_clean()
-        _restore_sigil_values(
-            self,
-            ["password", "host", "username", "from_email"],
-        )
-
 
 class ReleaseManagerInlineForm(ProfileFormMixin, forms.ModelForm):
     profile_fields = ReleaseManager.profile_fields
@@ -1324,10 +1355,8 @@ class OdooProfileAdmin(ProfileAdminMixin, SaveBeforeChangeAction, EntityModelAdm
     changelist_actions = ["my_profile"]
     fieldsets = (
         ("Owner", {"fields": ("user", "group")}),
-        (
-            "Configuration",
-            {"fields": ("host", "database", "username", "password")},
-        ),
+        ("Configuration", {"fields": ("host", "database")}),
+        ("Credentials", {"fields": ("username", "password")}),
         (
             "Odoo Employee",
             {"fields": ("verified_on", "odoo_uid", "name", "email")},
@@ -1417,18 +1446,10 @@ class EmailInboxAdmin(ProfileAdminMixin, SaveBeforeChangeAction, EntityModelAdmi
 
     fieldsets = (
         ("Owner", {"fields": ("user", "group")}),
+        ("Credentials", {"fields": ("username", "password")}),
         (
-            None,
-            {
-                "fields": (
-                    "username",
-                    "host",
-                    "port",
-                    "password",
-                    "protocol",
-                    "use_ssl",
-                )
-            },
+            "Configuration",
+            {"fields": ("host", "port", "protocol", "use_ssl")},
         ),
     )
 
@@ -1526,17 +1547,10 @@ class AssistantProfileAdmin(
     changelist_actions = ["my_profile"]
     fieldsets = (
         ("Owner", {"fields": ("user", "group")}),
+        ("Credentials", {"fields": ("user_key_hash",)}),
         (
-            None,
-            {
-                "fields": (
-                    "scopes",
-                    "is_active",
-                    "user_key_hash",
-                    "created_at",
-                    "last_used_at",
-                )
-            },
+            "Configuration",
+            {"fields": ("scopes", "is_active", "created_at", "last_used_at")},
         ),
     )
 
@@ -1627,14 +1641,19 @@ class AssistantProfileAdmin(
         config = dict(getattr(settings, "MCP_SIGIL_SERVER", {}))
         host = config.get("host") or "127.0.0.1"
         port = config.get("port", 8800)
+        base_url, issuer_url = resolve_base_urls(config)
         if isinstance(response, dict):
             response.setdefault("mcp_server_host", host)
             response.setdefault("mcp_server_port", port)
+            response.setdefault("mcp_server_base_url", base_url)
+            response.setdefault("mcp_server_issuer_url", issuer_url)
         else:
             context_data = getattr(response, "context_data", None)
             if context_data is not None:
                 context_data.setdefault("mcp_server_host", host)
                 context_data.setdefault("mcp_server_port", port)
+                context_data.setdefault("mcp_server_base_url", base_url)
+                context_data.setdefault("mcp_server_issuer_url", issuer_url)
         return response
 
     def start_server(self, request):
@@ -1922,7 +1941,7 @@ class ProductFetchWizardForm(forms.Form):
 @admin.register(Product)
 class ProductAdmin(EntityModelAdmin):
     form = ProductAdminForm
-    actions = ["fetch_odoo_product"]
+    actions = ["fetch_odoo_product", "register_from_odoo"]
 
     def _odoo_profile_admin(self):
         return self.admin_site._registry.get(OdooProfile)
@@ -1932,7 +1951,7 @@ class ProductAdmin(EntityModelAdmin):
         return profile.execute(
             "product.product",
             "search_read",
-            domain,
+            [domain],
             {
                 "fields": [
                     "name",
@@ -1983,6 +2002,13 @@ class ProductAdmin(EntityModelAdmin):
             try:
                 results = self._search_odoo_products(profile, form)
             except Exception:
+                logger.exception(
+                    "Failed to fetch Odoo products for user %s (profile_id=%s, host=%s, database=%s)",
+                    getattr(getattr(request, "user", None), "pk", None),
+                    getattr(profile, "pk", None),
+                    getattr(profile, "host", None),
+                    getattr(profile, "database", None),
+                )
                 form.add_error(None, _("Unable to fetch products from Odoo."))
                 results = []
             else:
@@ -2072,6 +2098,169 @@ class ProductAdmin(EntityModelAdmin):
         context["media"] = self.media + form.media
         return TemplateResponse(request, "admin/core/product/fetch_odoo.html", context)
 
+    def get_urls(self):
+        urls = super().get_urls()
+        custom = [
+            path(
+                "register-from-odoo/",
+                self.admin_site.admin_view(self.register_from_odoo_view),
+                name=f"{self.opts.app_label}_{self.opts.model_name}_register_from_odoo",
+            )
+        ]
+        return custom + urls
+
+    @admin.action(description="Register from Odoo")
+    def register_from_odoo(self, request, queryset=None):  # pragma: no cover - simple redirect
+        return HttpResponseRedirect(
+            reverse(
+                f"admin:{self.opts.app_label}_{self.opts.model_name}_register_from_odoo"
+            )
+        )
+
+    def _build_register_context(self, request):
+        opts = self.model._meta
+        context = self.admin_site.each_context(request)
+        context.update(
+            {
+                "opts": opts,
+                "title": _("Register from Odoo"),
+                "has_credentials": False,
+                "profile_url": None,
+                "products": [],
+                "selected_product_id": request.POST.get("product_id", ""),
+            }
+        )
+
+        profile_admin = self._odoo_profile_admin()
+        if profile_admin is not None:
+            context["profile_url"] = profile_admin.get_my_profile_url(request)
+
+        profile = getattr(request.user, "odoo_profile", None)
+        if not profile or not profile.is_verified:
+            context["credential_error"] = _(
+                "Configure your Odoo employee credentials before registering products."
+            )
+            return context, None
+
+        try:
+            products = profile.execute(
+                "product.product",
+                "search_read",
+                [[]],
+                {
+                    "fields": [
+                        "name",
+                        "description_sale",
+                        "list_price",
+                        "standard_price",
+                    ],
+                    "limit": 0,
+                },
+            )
+        except Exception:
+            context["error"] = _("Unable to fetch products from Odoo.")
+            return context, []
+
+        context["has_credentials"] = True
+        simplified = []
+        for product in products:
+            simplified.append(
+                {
+                    "id": product.get("id"),
+                    "name": product.get("name", ""),
+                    "description_sale": product.get("description_sale", ""),
+                    "list_price": product.get("list_price"),
+                    "standard_price": product.get("standard_price"),
+                }
+            )
+        context["products"] = simplified
+        return context, simplified
+
+    def register_from_odoo_view(self, request):
+        context, products = self._build_register_context(request)
+        if products is None:
+            return TemplateResponse(
+                request, "admin/core/product/register_from_odoo.html", context
+            )
+
+        if request.method == "POST" and context.get("has_credentials"):
+            if not self.has_add_permission(request):
+                context["form_error"] = _(
+                    "You do not have permission to add products."
+                )
+            else:
+                product_id = request.POST.get("product_id")
+                if not product_id:
+                    context["form_error"] = _("Select a product to register.")
+                else:
+                    try:
+                        odoo_id = int(product_id)
+                    except (TypeError, ValueError):
+                        context["form_error"] = _("Invalid product selection.")
+                    else:
+                        match = next(
+                            (item for item in products if item.get("id") == odoo_id),
+                            None,
+                        )
+                        if not match:
+                            context["form_error"] = _(
+                                "The selected product was not found. Reload the page and try again."
+                            )
+                        else:
+                            existing = self.model.objects.filter(
+                                odoo_product__id=odoo_id
+                            ).first()
+                            if existing:
+                                self.message_user(
+                                    request,
+                                    _(
+                                        "Product %(name)s already imported; opening existing record."
+                                    )
+                                    % {"name": existing.name},
+                                    level=messages.WARNING,
+                                )
+                                return HttpResponseRedirect(
+                                    reverse(
+                                        "admin:%s_%s_change"
+                                        % (
+                                            existing._meta.app_label,
+                                            existing._meta.model_name,
+                                        ),
+                                        args=[existing.pk],
+                                    )
+                                )
+                            product = self.model.objects.create(
+                                name=match.get("name") or f"Odoo Product {odoo_id}",
+                                description=match.get("description_sale", "") or "",
+                                renewal_period=30,
+                                odoo_product={
+                                    "id": odoo_id,
+                                    "name": match.get("name", ""),
+                                },
+                            )
+                            self.log_addition(
+                                request, product, "Registered product from Odoo"
+                            )
+                            self.message_user(
+                                request,
+                                _("Imported %(name)s from Odoo.")
+                                % {"name": product.name},
+                            )
+                            return HttpResponseRedirect(
+                                reverse(
+                                    "admin:%s_%s_change"
+                                    % (
+                                        product._meta.app_label,
+                                        product._meta.model_name,
+                                    ),
+                                    args=[product.pk],
+                                )
+                            )
+
+        return TemplateResponse(
+            request, "admin/core/product/register_from_odoo.html", context
+        )
+
 
 class RFIDResource(resources.ModelResource):
     reference = fields.Field(
@@ -2124,15 +2313,13 @@ class RFIDAdmin(EntityModelAdmin, ImportExportModelAdmin):
     change_list_template = "admin/core/rfid/change_list.html"
     resource_class = RFIDResource
     list_display = (
-        "label_id",
+        "label",
         "rfid",
         "custom_label",
         "color",
         "kind",
         "released",
-        "energy_accounts_display",
         "allowed",
-        "added_on",
         "last_seen_on",
     )
     list_filter = ("color", "released", "allowed")
@@ -2143,10 +2330,11 @@ class RFIDAdmin(EntityModelAdmin, ImportExportModelAdmin):
     readonly_fields = ("added_on", "last_seen_on")
     form = RFIDForm
 
-    def energy_accounts_display(self, obj):
-        return ", ".join(str(a) for a in obj.energy_accounts.all())
+    def label(self, obj):
+        return obj.label_id
 
-    energy_accounts_display.short_description = "Energy Accounts"
+    label.admin_order_field = "label_id"
+    label.short_description = "Label"
 
     def scan_rfids(self, request, queryset):
         return redirect("admin:core_rfid_scan")
@@ -2181,16 +2369,43 @@ class RFIDAdmin(EntityModelAdmin, ImportExportModelAdmin):
 
     def scan_view(self, request):
         context = self.admin_site.each_context(request)
-        context["scan_url"] = reverse("admin:core_rfid_scan_next")
-        context["admin_change_url_template"] = reverse(
-            "admin:core_rfid_change", args=[0]
+        table_mode, toggle_url, toggle_label = build_mode_toggle(request)
+        public_view_url = reverse("rfid-reader")
+        if table_mode:
+            public_view_url = f"{public_view_url}?mode=table"
+        context.update(
+            {
+                "scan_url": reverse("admin:core_rfid_scan_next"),
+                "admin_change_url_template": reverse(
+                    "admin:core_rfid_change", args=[0]
+                ),
+                "title": _("Scan RFIDs"),
+                "opts": self.model._meta,
+                "table_mode": table_mode,
+                "toggle_url": toggle_url,
+                "toggle_label": toggle_label,
+                "public_view_url": public_view_url,
+            }
         )
+        context["title"] = _("Scan RFIDs")
+        context["opts"] = self.model._meta
+        context["show_release_info"] = True
         return render(request, "admin/core/rfid/scan.html", context)
 
     def scan_next(self, request):
         from ocpp.rfid.scanner import scan_sources
+        from ocpp.rfid.reader import validate_rfid_value
 
-        result = scan_sources(request)
+        if request.method == "POST":
+            try:
+                payload = json.loads(request.body.decode("utf-8") or "{}")
+            except (json.JSONDecodeError, UnicodeDecodeError):
+                return JsonResponse({"error": "Invalid JSON payload"}, status=400)
+            rfid = payload.get("rfid") or payload.get("value")
+            kind = payload.get("kind")
+            result = validate_rfid_value(rfid, kind=kind)
+        else:
+            result = scan_sources(request)
         status = 500 if result.get("error") else 200
         return JsonResponse(result, status=status)
 

core/apps.py

@@ -21,6 +21,7 @@ class CoreConfig(AppConfig):
         from pathlib import Path
 
         from django.conf import settings
+        from django.core.exceptions import ObjectDoesNotExist
         from django.contrib.auth import get_user_model
         from django.db.models.signals import post_migrate
         from django.core.signals import got_request_exception
@@ -39,6 +40,26 @@ class CoreConfig(AppConfig):
         )
         from .admin_history import patch_admin_history
 
+        from django_otp.plugins.otp_totp.models import TOTPDevice as OTP_TOTPDevice
+
+        if not hasattr(
+            OTP_TOTPDevice._read_str_from_settings, "_core_totp_issuer_patch"
+        ):
+            original_read_str = OTP_TOTPDevice._read_str_from_settings
+
+            def _core_totp_read_str(self, key):
+                if key == "OTP_TOTP_ISSUER":
+                    try:
+                        settings_obj = self.custom_settings
+                    except ObjectDoesNotExist:
+                        settings_obj = None
+                    if settings_obj and settings_obj.issuer:
+                        return settings_obj.issuer
+                return original_read_str(self, key)
+
+            _core_totp_read_str._core_totp_issuer_patch = True
+            OTP_TOTPDevice._read_str_from_settings = _core_totp_read_str
+
         def create_default_arthexis(**kwargs):
             User = get_user_model()
             if not User.all_objects.exists():

core/auto_upgrade.py

@@ -39,8 +39,8 @@ def ensure_auto_upgrade_periodic_task(
     except Exception:
         return
 
-    mode = mode_file.read_text().strip() or "version"
-    interval_minutes = 5 if mode == "latest" else 10
+    _mode = mode_file.read_text().strip() or "version"
+    interval_minutes = 5
 
     try:
         schedule, _ = IntervalSchedule.objects.get_or_create(

core/form_fields.py

@@ -0,0 +1,75 @@
+"""Custom form fields for the Arthexis admin."""
+
+from __future__ import annotations
+
+import base64
+from typing import Any
+
+from django.core.exceptions import ValidationError
+from django.forms.fields import FileField
+from django.forms.widgets import FILE_INPUT_CONTRADICTION
+from django.utils.translation import gettext_lazy as _
+
+from .widgets import AdminBase64FileWidget
+
+
+class Base64FileField(FileField):
+    """Form field storing uploaded files as base64 encoded strings.
+
+    The field behaves like :class:`~django.forms.FileField` from the user's
+    perspective. Uploaded files are converted to base64 and returned as text so
+    they can be stored in ``TextField`` columns. When no new file is uploaded the
+    initial base64 value is preserved, while clearing the field stores an empty
+    string.
+    """
+
+    widget = AdminBase64FileWidget
+    default_error_messages = {
+        **FileField.default_error_messages,
+        "contradiction": _(
+            "Please either submit a file or check the clear checkbox, not both."
+        ),
+    }
+
+    def __init__(
+        self,
+        *,
+        download_name: str | None = None,
+        content_type: str = "application/octet-stream",
+        **kwargs: Any,
+    ) -> None:
+        widget = kwargs.pop("widget", None) or self.widget()
+        if download_name:
+            widget.download_name = download_name
+        if content_type:
+            widget.content_type = content_type
+        super().__init__(widget=widget, **kwargs)
+
+    def to_python(self, data: Any) -> str | None:
+        """Convert uploaded data to a base64 string."""
+
+        if isinstance(data, str):
+            return data
+        uploaded = super().to_python(data)
+        if uploaded is None:
+            return None
+        content = uploaded.read()
+        if hasattr(uploaded, "seek"):
+            uploaded.seek(0)
+        return base64.b64encode(content).decode("ascii")
+
+    def clean(self, data: Any, initial: str | None = None) -> str:
+        if data is FILE_INPUT_CONTRADICTION:
+            raise ValidationError(
+                self.error_messages["contradiction"], code="contradiction"
+            )
+        cleaned = super().clean(data, initial)
+        if cleaned in {None, False}:
+            return ""
+        return cleaned
+
+    def bound_data(self, data: Any, initial: str | None) -> str | None:
+        return initial
+
+    def has_changed(self, initial: str | None, data: Any) -> bool:
+        return not self.disabled and data is not None