arthexis 0.1.15__py3-none-any.whl → 0.1.16__py3-none-any.whl

core/views.py

@@ -1,3 +1,5 @@
+import base64
+import binascii
 import json
 import logging
 import os
@@ -16,6 +18,7 @@ from django.http import Http404, JsonResponse, HttpResponse
 from django.shortcuts import get_object_or_404, redirect, render, resolve_url
 from django.template.response import TemplateResponse
 from django.utils import timezone
+from django.utils.html import strip_tags
 from django.utils.text import slugify
 from django.utils.translation import gettext as _
 from django.urls import NoReverseMatch, reverse
@@ -32,6 +35,7 @@ from django.template.loader import get_template
 from django.test import signals
 
 from utils import revision
+from nodes.utils import save_screenshot
 from utils.api import api_login_required
 
 logger = logging.getLogger(__name__)
@@ -633,6 +637,8 @@ def _write_todo_fixture(todo: Todo) -> Path:
                 "request": todo.request,
                 "url": todo.url,
                 "request_details": todo.request_details,
+                "generated_for_version": todo.generated_for_version,
+                "generated_for_revision": todo.generated_for_revision,
             },
         }
     ]
@@ -666,9 +672,16 @@ def _ensure_release_todo(
     previous_version = (previous_version or "").strip()
     target_version = _next_patch_version(release.version)
     if previous_version:
-        incremented_previous = _next_patch_version(previous_version)
-        if incremented_previous == release.version:
-            target_version = release.version
+        try:
+            from packaging.version import InvalidVersion, Version
+
+            parsed_previous = Version(previous_version)
+            parsed_target = Version(target_version)
+        except InvalidVersion:
+            pass
+        else:
+            if parsed_target <= parsed_previous:
+                target_version = _next_patch_version(previous_version)
     request = f"Create release {release.package.name} {target_version}"
     try:
         url = reverse("admin:core_packagerelease_changelist")
@@ -680,6 +693,8 @@ def _ensure_release_todo(
             "request": request,
             "url": url,
             "request_details": "",
+            "generated_for_version": release.version or "",
+            "generated_for_revision": release.revision or "",
             "is_seed_data": True,
             "is_deleted": False,
             "is_user_data": False,
@@ -815,14 +830,77 @@ def _get_return_url(request) -> str:
     return resolve_url("admin:index")
 
 
+def _refresh_changelog_once(ctx, log_path: Path) -> None:
+    """Regenerate the changelog a single time per release run."""
+
+    if ctx.get("changelog_refreshed"):
+        return
+
+    _append_log(log_path, "Refreshing changelog before TODO review")
+    try:
+        subprocess.run(["scripts/generate-changelog.sh"], check=True)
+    except OSError as exc:
+        if _should_use_python_changelog(exc):
+            _append_log(
+                log_path,
+                f"scripts/generate-changelog.sh failed: {exc}",
+            )
+            _generate_changelog_with_python(log_path)
+        else:  # pragma: no cover - unexpected OSError
+            raise
+    else:
+        _append_log(
+            log_path,
+            "Regenerated CHANGELOG.rst using scripts/generate-changelog.sh",
+        )
+
+    staged_paths: list[str] = []
+    changelog_path = Path("CHANGELOG.rst")
+    if changelog_path.exists():
+        staged_paths.append(str(changelog_path))
+
+    release_fixtures = sorted(Path("core/fixtures").glob("releases__*.json"))
+    staged_paths.extend(str(path) for path in release_fixtures)
+
+    if staged_paths:
+        subprocess.run(["git", "add", *staged_paths], check=True)
+
+    diff = subprocess.run(
+        ["git", "diff", "--cached", "--name-only"],
+        check=True,
+        capture_output=True,
+        text=True,
+    )
+    changed_paths = [line.strip() for line in diff.stdout.splitlines() if line.strip()]
+
+    if changed_paths:
+        changelog_dirty = "CHANGELOG.rst" in changed_paths
+        fixtures_dirty = any(path.startswith("core/fixtures/") for path in changed_paths)
+        if changelog_dirty and fixtures_dirty:
+            message = "chore: sync release fixtures and changelog"
+        elif changelog_dirty:
+            message = "docs: refresh changelog"
+        else:
+            message = "chore: update release fixtures"
+        subprocess.run(["git", "commit", "-m", message], check=True)
+        _append_log(log_path, f"Committed changelog refresh ({message})")
+    else:
+        _append_log(log_path, "Changelog already up to date")
+
+    ctx["changelog_refreshed"] = True
+
+
 def _step_check_todos(release, ctx, log_path: Path) -> None:
+    _refresh_changelog_once(ctx, log_path)
+
     pending_qs = Todo.objects.filter(is_deleted=False, done_on__isnull=True)
-    if pending_qs.exists():
-        ctx["todos"] = list(
-            pending_qs.values("id", "request", "url", "request_details")
-        )
-        if not ctx.get("todos_ack"):
-            raise PendingTodos()
+    pending_values = list(
+        pending_qs.values("id", "request", "url", "request_details")
+    )
+    if not ctx.get("todos_ack"):
+        ctx["todos"] = pending_values
+        ctx["todos_required"] = True
+        raise PendingTodos()
     todos = list(Todo.objects.filter(is_deleted=False))
     for todo in todos:
         todo.delete()
@@ -837,6 +915,7 @@ def _step_check_todos(release, ctx, log_path: Path) -> None:
             check=False,
         )
     ctx.pop("todos", None)
+    ctx.pop("todos_required", None)
     ctx["todos_ack"] = True
 
 
@@ -860,9 +939,12 @@ def _step_check_version(release, ctx, log_path: Path) -> None:
             if "fixtures" in Path(f).parts and Path(f).suffix == ".json"
         ]
         changelog_dirty = "CHANGELOG.rst" in files
+        version_dirty = "VERSION" in files
         allowed_dirty_files = set(fixture_files)
         if changelog_dirty:
             allowed_dirty_files.add("CHANGELOG.rst")
+        if version_dirty:
+            allowed_dirty_files.add("VERSION")
 
         if files and len(allowed_dirty_files) == len(files):
             summary = []
@@ -895,6 +977,8 @@ def _step_check_version(release, ctx, log_path: Path) -> None:
             commit_paths = [*fixture_files]
             if changelog_dirty:
                 commit_paths.append("CHANGELOG.rst")
+            if version_dirty:
+                commit_paths.append("VERSION")
 
             log_fragments = []
             if fixture_files:
@@ -903,6 +987,8 @@ def _step_check_version(release, ctx, log_path: Path) -> None:
                 )
             if changelog_dirty:
                 log_fragments.append("CHANGELOG.rst")
+            if version_dirty:
+                log_fragments.append("VERSION")
             details = ", ".join(log_fragments) if log_fragments else "changes"
             _append_log(
                 log_path,
@@ -910,8 +996,16 @@ def _step_check_version(release, ctx, log_path: Path) -> None:
             )
             subprocess.run(["git", "add", *commit_paths], check=True)
 
-            if changelog_dirty and fixture_files:
+            if changelog_dirty and version_dirty and fixture_files:
+                commit_message = "chore: sync release metadata"
+            elif changelog_dirty and version_dirty:
+                commit_message = "chore: update version and changelog"
+            elif version_dirty and fixture_files:
+                commit_message = "chore: update version and fixtures"
+            elif changelog_dirty and fixture_files:
                 commit_message = "chore: sync release fixtures and changelog"
+            elif version_dirty:
+                commit_message = "chore: update version"
             elif changelog_dirty:
                 commit_message = "docs: refresh changelog"
             else:
@@ -1023,6 +1117,36 @@ def _step_changelog_docs(release, ctx, log_path: Path) -> None:
     _append_log(log_path, "CHANGELOG and documentation review recorded")
 
 
+def _record_release_todo(
+    release, ctx, log_path: Path, *, previous_version: str | None = None
+) -> None:
+    previous_version = previous_version or ctx.pop(
+        "release_todo_previous_version",
+        getattr(release, "_repo_version_before_sync", ""),
+    )
+    todo, fixture_path = _ensure_release_todo(
+        release, previous_version=previous_version
+    )
+    fixture_display = _format_path(fixture_path)
+    _append_log(log_path, f"Added TODO: {todo.request}")
+    _append_log(log_path, f"Wrote TODO fixture {fixture_display}")
+    subprocess.run(["git", "add", str(fixture_path)], check=True)
+    _append_log(log_path, f"Staged TODO fixture {fixture_display}")
+    fixture_diff = subprocess.run(
+        ["git", "diff", "--cached", "--quiet", "--", str(fixture_path)],
+        check=False,
+    )
+    if fixture_diff.returncode != 0:
+        commit_message = f"chore: add release TODO for {release.package.name}"
+        subprocess.run(["git", "commit", "-m", commit_message], check=True)
+        _append_log(log_path, f"Committed TODO fixture {fixture_display}")
+    else:
+        _append_log(
+            log_path,
+            f"No changes detected for TODO fixture {fixture_display}; skipping commit",
+        )
+
+
 def _step_pre_release_actions(release, ctx, log_path: Path) -> None:
     _append_log(log_path, "Execute pre-release actions")
     if ctx.get("dry_run"):
@@ -1096,27 +1220,7 @@ def _step_pre_release_actions(release, ctx, log_path: Path) -> None:
         for path in staged_release_fixtures:
             subprocess.run(["git", "reset", "HEAD", str(path)], check=False)
             _append_log(log_path, f"Unstaged release fixture {_format_path(path)}")
-    todo, fixture_path = _ensure_release_todo(
-        release, previous_version=repo_version_before_sync
-    )
-    fixture_display = _format_path(fixture_path)
-    _append_log(log_path, f"Added TODO: {todo.request}")
-    _append_log(log_path, f"Wrote TODO fixture {fixture_display}")
-    subprocess.run(["git", "add", str(fixture_path)], check=True)
-    _append_log(log_path, f"Staged TODO fixture {fixture_display}")
-    fixture_diff = subprocess.run(
-        ["git", "diff", "--cached", "--quiet", "--", str(fixture_path)],
-        check=False,
-    )
-    if fixture_diff.returncode != 0:
-        commit_message = f"chore: add release TODO for {release.package.name}"
-        subprocess.run(["git", "commit", "-m", commit_message], check=True)
-        _append_log(log_path, f"Committed TODO fixture {fixture_display}")
-    else:
-        _append_log(
-            log_path,
-            f"No changes detected for TODO fixture {fixture_display}; skipping commit",
-        )
+    ctx["release_todo_previous_version"] = repo_version_before_sync
     _append_log(log_path, "Pre-release actions complete")
 
 
@@ -1200,6 +1304,7 @@ def _step_promote_build(release, ctx, log_path: Path) -> None:
             )
         PackageRelease.dump_fixture()
         _append_log(log_path, "Updated release fixtures")
+        _record_release_todo(release, ctx, log_path)
     except Exception:
         _clean_repo()
         raise
@@ -1521,6 +1626,7 @@ def rfid_batch(request):
                 "custom_label": t.custom_label,
                 "energy_accounts": list(t.energy_accounts.values_list("id", flat=True)),
                 "external_command": t.external_command,
+                "post_auth_command": t.post_auth_command,
                 "allowed": t.allowed,
                 "color": t.color,
                 "released": t.released,
@@ -1556,6 +1662,11 @@ def rfid_batch(request):
                 external_command = ""
             else:
                 external_command = external_command.strip()
+            post_auth_command = row.get("post_auth_command")
+            if not isinstance(post_auth_command, str):
+                post_auth_command = ""
+            else:
+                post_auth_command = post_auth_command.strip()
 
             tag, _ = RFID.objects.update_or_create(
                 rfid=rfid.upper(),
@@ -1565,6 +1676,7 @@ def rfid_batch(request):
                     "released": released,
                     "custom_label": custom_label,
                     "external_command": external_command,
+                    "post_auth_command": post_auth_command,
                 },
             )
             if energy_accounts:
@@ -1648,6 +1760,12 @@ def release_progress(request, pk: int, action: str):
     else:
         log_dir_warning_message = ctx.get("log_dir_warning_message")
 
+    if "changelog_report_url" not in ctx:
+        try:
+            ctx["changelog_report_url"] = reverse("admin:system-changelog-report")
+        except NoReverseMatch:
+            ctx["changelog_report_url"] = ""
+
     steps = PUBLISH_STEPS
     total_steps = len(steps)
     step_count = ctx.get("step", 0)
@@ -1715,7 +1833,7 @@ def release_progress(request, pk: int, action: str):
         else:
             ctx["todos_ack"] = True
 
-    if pending_items and not ctx.get("todos_ack"):
+    if not ctx.get("todos_ack"):
         ctx["todos"] = [
             {
                 "id": todo.pk,
@@ -1725,8 +1843,10 @@ def release_progress(request, pk: int, action: str):
             }
             for todo in pending_items
         ]
+        ctx["todos_required"] = True
     else:
         ctx.pop("todos", None)
+        ctx.pop("todos_required", None)
 
     log_name = _release_log_name(release.package.name, release.version)
     if ctx.get("log") != log_name:
@@ -1847,7 +1967,9 @@ def release_progress(request, pk: int, action: str):
         and not ctx.get("error")
         else None
     )
-    has_pending_todos = bool(ctx.get("todos") and not ctx.get("todos_ack"))
+    has_pending_todos = bool(
+        ctx.get("todos_required") and not ctx.get("todos_ack")
+    )
     if has_pending_todos:
         next_step = None
     dirty_files = ctx.get("dirty_files")
@@ -1964,6 +2086,7 @@ def release_progress(request, pk: int, action: str):
         "cert_log": ctx.get("cert_log"),
         "fixtures": fixtures_summary,
         "todos": todos_display,
+        "changelog_report_url": ctx.get("changelog_report_url", ""),
         "dirty_files": dirty_files,
         "dirty_commit_message": ctx.get("dirty_commit_message", DIRTY_COMMIT_DEFAULT_MESSAGE),
         "dirty_commit_error": ctx.get("dirty_commit_error"),
@@ -2180,6 +2303,7 @@ def todo_focus(request, pk: int):
         "focus_auth": focus_auth,
         "next_url": _get_return_url(request),
         "done_url": reverse("todo-done", args=[todo.pk]),
+        "snapshot_url": reverse("todo-snapshot", args=[todo.pk]),
     }
     return render(request, "core/todo_focus.html", context)
 
@@ -2199,3 +2323,67 @@ def todo_done(request, pk: int):
     todo.done_on = timezone.now()
     todo.save(update_fields=["done_on"])
     return redirect(redirect_to)
+
+
+@staff_member_required
+@require_POST
+def todo_snapshot(request, pk: int):
+    todo = get_object_or_404(Todo, pk=pk, is_deleted=False)
+    if todo.done_on:
+        return JsonResponse({"detail": _("This TODO has already been completed.")}, status=400)
+
+    try:
+        payload = json.loads(request.body.decode("utf-8") or "{}")
+    except json.JSONDecodeError:
+        return JsonResponse({"detail": _("Invalid JSON payload.")}, status=400)
+
+    image_data = payload.get("image", "") if isinstance(payload, dict) else ""
+    if not isinstance(image_data, str) or not image_data.startswith("data:image/png;base64,"):
+        return JsonResponse({"detail": _("A PNG data URL is required.")}, status=400)
+
+    try:
+        encoded = image_data.split(",", 1)[1]
+    except IndexError:
+        return JsonResponse({"detail": _("Screenshot data is incomplete.")}, status=400)
+
+    try:
+        image_bytes = base64.b64decode(encoded, validate=True)
+    except (ValueError, binascii.Error):
+        return JsonResponse({"detail": _("Unable to decode screenshot data.")}, status=400)
+
+    if not image_bytes:
+        return JsonResponse({"detail": _("Screenshot data is empty.")}, status=400)
+
+    max_size = 5 * 1024 * 1024
+    if len(image_bytes) > max_size:
+        return JsonResponse({"detail": _("Screenshot is too large to store.")}, status=400)
+
+    relative_path = Path("screenshots") / f"todo-{todo.pk}-{uuid.uuid4().hex}.png"
+    full_path = settings.LOG_DIR / relative_path
+    full_path.parent.mkdir(parents=True, exist_ok=True)
+    with full_path.open("wb") as fh:
+        fh.write(image_bytes)
+
+    primary_text = strip_tags(todo.request or "").strip()
+    details_text = strip_tags(todo.request_details or "").strip()
+    alt_parts = [part for part in (primary_text, details_text) if part]
+    if alt_parts:
+        alt_text = " — ".join(alt_parts)
+    else:
+        alt_text = _("TODO %(id)s snapshot") % {"id": todo.pk}
+
+    sample = save_screenshot(
+        relative_path,
+        method="TODO_QA",
+        content=alt_text,
+        user=request.user if request.user.is_authenticated else None,
+    )
+
+    if sample is None:
+        try:
+            full_path.unlink()
+        except FileNotFoundError:
+            pass
+        return JsonResponse({"detail": _("Duplicate snapshot ignored.")})
+
+    return JsonResponse({"detail": _("Snapshot saved."), "sample": str(sample.pk)})

nodes/admin.py

@@ -1217,6 +1217,11 @@ class NodeFeatureAdmin(EntityModelAdmin):
                 self.admin_site.admin_view(self.celery_report),
                 name="nodes_nodefeature_celery_report",
             ),
+            path(
+                "view-waveform/",
+                self.admin_site.admin_view(self.view_waveform),
+                name="nodes_nodefeature_view_waveform",
+            ),
             path(
                 "take-screenshot/",
                 self.admin_site.admin_view(self.take_screenshot),
@@ -1291,6 +1296,24 @@ class NodeFeatureAdmin(EntityModelAdmin):
             return None
         return feature
 
+    def view_waveform(self, request):
+        feature = self._ensure_feature_enabled(
+            request, "audio-capture", "View Waveform"
+        )
+        if not feature:
+            return redirect("..")
+
+        context = {
+            **self.admin_site.each_context(request),
+            "title": _("Audio Capture Waveform"),
+            "feature": feature,
+        }
+        return TemplateResponse(
+            request,
+            "admin/nodes/nodefeature/view_waveform.html",
+            context,
+        )
+
     def take_screenshot(self, request):
         feature = self._ensure_feature_enabled(
             request, "screenshot-poll", "Take Screenshot"
@@ -1542,7 +1565,7 @@ class NetMessageAdmin(EntityModelAdmin):
     search_fields = ("subject", "body")
     list_filter = ("complete", "filter_node_role", "filter_current_relation")
     ordering = ("-created",)
-    readonly_fields = ("complete",)
+    readonly_fields = ("complete", "confirmed_peers")
     actions = ["send_messages"]
     fieldsets = (
         (None, {"fields": ("subject", "body")}),
@@ -1567,6 +1590,7 @@ class NetMessageAdmin(EntityModelAdmin):
                     "node_origin",
                     "target_limit",
                     "propagated_to",
+                    "confirmed_peers",
                     "complete",
                 )
             },

nodes/models.py

@@ -98,6 +98,12 @@ class NodeFeature(Entity):
                 url_name="admin:nodes_nodefeature_celery_report",
             ),
         ),
+        "audio-capture": (
+            NodeFeatureDefaultAction(
+                label="View Waveform",
+                url_name="admin:nodes_nodefeature_view_waveform",
+            ),
+        ),
         "screenshot-poll": (
             NodeFeatureDefaultAction(
                 label="Take Screenshot",
@@ -244,7 +250,7 @@ class Node(Entity):
         "ap-router",
         "gway-runner",
     }
-    MANUAL_FEATURE_SLUGS = {"clipboard-poll", "screenshot-poll"}
+    MANUAL_FEATURE_SLUGS = {"clipboard-poll", "screenshot-poll", "audio-capture"}
 
     def __str__(self) -> str:  # pragma: no cover - simple representation
         return f"{self.hostname}:{self.port}"
@@ -747,6 +753,7 @@ class Node(Entity):
         self._sync_clipboard_task(clipboard_enabled)
         self._sync_screenshot_task(screenshot_enabled)
         self._sync_landing_lead_task(celery_enabled)
+        self._sync_ocpp_session_report_task(celery_enabled)
 
     def _sync_clipboard_task(self, enabled: bool):
         from django_celery_beat.models import IntervalSchedule, PeriodicTask
@@ -819,6 +826,39 @@ class Node(Entity):
         else:
             PeriodicTask.objects.filter(name=task_name).delete()
 
+    def _sync_ocpp_session_report_task(self, celery_enabled: bool):
+        from django_celery_beat.models import CrontabSchedule, PeriodicTask
+        from django.db.utils import OperationalError, ProgrammingError
+
+        task_name = "ocpp_send_daily_session_report"
+
+        if not self.is_local:
+            return
+
+        if not celery_enabled or not mailer.can_send_email():
+            PeriodicTask.objects.filter(name=task_name).delete()
+            return
+
+        try:
+            schedule, _ = CrontabSchedule.objects.get_or_create(
+                minute="0",
+                hour="18",
+                day_of_week="*",
+                day_of_month="*",
+                month_of_year="*",
+            )
+            PeriodicTask.objects.update_or_create(
+                name=task_name,
+                defaults={
+                    "crontab": schedule,
+                    "interval": None,
+                    "task": "ocpp.tasks.send_daily_session_report",
+                    "enabled": True,
+                },
+            )
+        except (OperationalError, ProgrammingError):
+            logger.debug("Skipping OCPP session report task sync; tables not ready")
+
     def send_mail(
         self,
         subject: str,
@@ -955,15 +995,18 @@ class NodeManager(Profile):
     )
     api_key = SigilShortAutoField(
         max_length=255,
+        verbose_name="API key",
         help_text="API key issued by the DNS provider.",
     )
     api_secret = SigilShortAutoField(
         max_length=255,
+        verbose_name="API secret",
         help_text="API secret issued by the DNS provider.",
     )
     customer_id = SigilShortAutoField(
         max_length=100,
         blank=True,
+        verbose_name="Customer ID",
         help_text="Optional GoDaddy customer identifier for the account.",
     )
     default_domain = SigilShortAutoField(
@@ -1367,6 +1410,7 @@ class NetMessage(Entity):
     propagated_to = models.ManyToManyField(
         Node, blank=True, related_name="received_net_messages"
     )
+    confirmed_peers = models.JSONField(default=dict, blank=True)
     created = models.DateTimeField(auto_now_add=True)
     complete = models.BooleanField(default=False, editable=False)
 
@@ -1596,7 +1640,10 @@ class NetMessage(Entity):
         seen_list = seen.copy()
         selected_ids = [str(n.uuid) for n in selected]
         payload_seen = seen_list + selected_ids
+        confirmed_peers = dict(self.confirmed_peers or {})
+
         for node in selected:
+            now = timezone.now().isoformat()
             payload = {
                 "uuid": str(self.uuid),
                 "subject": self.subject,
@@ -1632,20 +1679,39 @@ class NetMessage(Entity):
                     headers["X-Signature"] = base64.b64encode(signature).decode()
                 except Exception:
                     pass
+            status_entry = {
+                "status": "pending",
+                "status_code": None,
+                "updated": now,
+            }
             try:
-                requests.post(
+                response = requests.post(
                     f"http://{node.address}:{node.port}/nodes/net-message/",
                     data=payload_json,
                     headers=headers,
                     timeout=1,
                 )
+                status_entry["status_code"] = getattr(response, "status_code", None)
+                if getattr(response, "ok", False):
+                    status_entry["status"] = "acknowledged"
+                else:
+                    status_entry["status"] = "failed"
             except Exception:
-                pass
+                status_entry["status"] = "error"
             self.propagated_to.add(node)
+            confirmed_peers[str(node.uuid)] = status_entry
+
+        save_fields: list[str] = []
+        if confirmed_peers != (self.confirmed_peers or {}):
+            self.confirmed_peers = confirmed_peers
+            save_fields.append("confirmed_peers")
 
         if total_known and self.propagated_to.count() >= total_known:
             self.complete = True
-        self.save(update_fields=["complete"] if self.complete else [])
+            save_fields.append("complete")
+
+        if save_fields:
+            self.save(update_fields=save_fields)
 
 
 class ContentSample(Entity):

nodes/rfid_sync.py

@@ -45,6 +45,8 @@ def serialize_rfid(tag: RFID) -> dict[str, Any]:
         "color": tag.color,
         "kind": tag.kind,
         "released": tag.released,
+        "external_command": tag.external_command,
+        "post_auth_command": tag.post_auth_command,
         "last_seen_on": tag.last_seen_on.isoformat() if tag.last_seen_on else None,
         "energy_accounts": [account.id for account in accounts],
         "energy_account_names": [
@@ -64,6 +66,17 @@ def apply_rfid_payload(
         outcome.error = "Missing RFID value"
         return outcome
 
+    external_command = entry.get("external_command")
+    if not isinstance(external_command, str):
+        external_command = ""
+    else:
+        external_command = external_command.strip()
+    post_auth_command = entry.get("post_auth_command")
+    if not isinstance(post_auth_command, str):
+        post_auth_command = ""
+    else:
+        post_auth_command = post_auth_command.strip()
+
     defaults: dict[str, Any] = {
         "custom_label": entry.get("custom_label", ""),
         "key_a": entry.get("key_a", RFID._meta.get_field("key_a").default),
@@ -75,6 +88,8 @@ def apply_rfid_payload(
         "color": entry.get("color", RFID.BLACK),
         "kind": entry.get("kind", RFID.CLASSIC),
         "released": bool(entry.get("released", False)),
+        "external_command": external_command,
+        "post_auth_command": post_auth_command,
     }
 
     if origin_node is not None: