arthexis 0.1.19__py3-none-any.whl → 0.1.20__py3-none-any.whl

core/models.py

@@ -5,7 +5,7 @@ from django.contrib.auth.models import (
 )
 from django.db import DatabaseError, IntegrityError, connections, models, transaction
 from django.db.models import Q
-from django.db.models.functions import Lower
+from django.db.models.functions import Lower, Length
 from django.conf import settings
 from django.contrib.auth import get_user_model
 from django.utils.translation import gettext_lazy as _
@@ -1764,6 +1764,7 @@ class RFID(Entity):
     """RFID tag that may be assigned to one account."""
 
     label_id = models.AutoField(primary_key=True, db_column="label_id")
+    MATCH_PREFIX_LENGTH = 8
     rfid = models.CharField(
         max_length=255,
         unique=True,
@@ -1939,6 +1940,108 @@ class RFID(Entity):
     def __str__(self):  # pragma: no cover - simple representation
         return str(self.label_id)
 
+    @classmethod
+    def normalize_code(cls, value: str) -> str:
+        """Return ``value`` normalized for comparisons."""
+
+        return "".join((value or "").split()).upper()
+
+    def adopt_rfid(self, candidate: str) -> bool:
+        """Adopt ``candidate`` as the stored RFID if it is a better match."""
+
+        normalized = type(self).normalize_code(candidate)
+        if not normalized:
+            return False
+        current = type(self).normalize_code(self.rfid)
+        if current == normalized:
+            return False
+        if not current:
+            self.rfid = normalized
+            return True
+        reversed_current = type(self).reverse_uid(current)
+        if reversed_current and reversed_current == normalized:
+            self.rfid = normalized
+            return True
+        if len(normalized) < len(current):
+            self.rfid = normalized
+            return True
+        if len(normalized) == len(current) and normalized < current:
+            self.rfid = normalized
+            return True
+        return False
+
+    @classmethod
+    def matching_queryset(cls, value: str) -> models.QuerySet["RFID"]:
+        """Return RFID records matching ``value`` using prefix comparison."""
+
+        normalized = cls.normalize_code(value)
+        if not normalized:
+            return cls.objects.none()
+
+        conditions: list[Q] = []
+        candidate = normalized
+        if candidate:
+            conditions.append(Q(rfid=candidate))
+        alternate = cls.reverse_uid(candidate)
+        if alternate and alternate != candidate:
+            conditions.append(Q(rfid=alternate))
+
+        prefix_length = min(len(candidate), cls.MATCH_PREFIX_LENGTH)
+        if prefix_length:
+            prefix = candidate[:prefix_length]
+            conditions.append(Q(rfid__startswith=prefix))
+            if alternate and alternate != candidate:
+                alt_prefix = alternate[:prefix_length]
+                if alt_prefix:
+                    conditions.append(Q(rfid__startswith=alt_prefix))
+
+        query: Q | None = None
+        for condition in conditions:
+            query = condition if query is None else query | condition
+
+        if query is None:
+            return cls.objects.none()
+
+        queryset = cls.objects.filter(query).distinct()
+        return queryset.annotate(rfid_length=Length("rfid")).order_by(
+            "rfid_length", "rfid", "pk"
+        )
+
+    @classmethod
+    def find_match(cls, value: str) -> "RFID | None":
+        """Return the best matching RFID for ``value`` if it exists."""
+
+        return cls.matching_queryset(value).first()
+
+    @classmethod
+    def update_or_create_from_code(
+        cls, value: str, defaults: dict[str, Any] | None = None
+    ) -> tuple["RFID", bool]:
+        """Update or create an RFID using relaxed matching rules."""
+
+        normalized = cls.normalize_code(value)
+        if not normalized:
+            raise ValueError("RFID value is required")
+
+        defaults_map = defaults.copy() if defaults else {}
+        existing = cls.find_match(normalized)
+        if existing:
+            update_fields: set[str] = set()
+            if existing.adopt_rfid(normalized):
+                update_fields.add("rfid")
+            for field_name, new_value in defaults_map.items():
+                if getattr(existing, field_name) != new_value:
+                    setattr(existing, field_name, new_value)
+                    update_fields.add(field_name)
+            if update_fields:
+                existing.save(update_fields=sorted(update_fields))
+            return existing, False
+
+        create_kwargs = defaults_map
+        create_kwargs["rfid"] = normalized
+        tag = cls.objects.create(**create_kwargs)
+        return tag, True
+
     @classmethod
     def normalize_endianness(cls, value: object) -> str:
         """Return a valid endianness value, defaulting to BIG."""
@@ -2033,25 +2136,12 @@ class RFID(Entity):
     ) -> tuple["RFID", bool]:
         """Return or create an RFID that was detected via scanning."""
 
-        normalized = "".join((rfid or "").split()).upper()
+        normalized = cls.normalize_code(rfid)
         desired_endianness = cls.normalize_endianness(endianness)
-        alternate = None
-        if normalized and len(normalized) % 2 == 0:
-            bytes_list = [normalized[i : i + 2] for i in range(0, len(normalized), 2)]
-            bytes_list.reverse()
-            alternate_candidate = "".join(bytes_list)
-            if alternate_candidate != normalized:
-                alternate = alternate_candidate
-
-        existing = None
-        if normalized:
-            existing = cls.objects.filter(rfid=normalized).first()
-        if not existing and alternate:
-            existing = cls.objects.filter(rfid=alternate).first()
+        existing = cls.find_match(normalized)
         if existing:
             update_fields: list[str] = []
-            if normalized and existing.rfid != normalized:
-                existing.rfid = normalized
+            if existing.adopt_rfid(normalized):
                 update_fields.append("rfid")
             if existing.endianness != desired_endianness:
                 existing.endianness = desired_endianness
@@ -2079,23 +2169,28 @@ class RFID(Entity):
                     tag = cls.objects.create(**create_kwargs)
                     cls._reset_label_sequence()
             except IntegrityError:
-                existing = cls.objects.filter(rfid=normalized).first()
+                existing = cls.find_match(normalized)
                 if existing:
                     return existing, False
             else:
                 return tag, True
         raise IntegrityError("Unable to allocate label id for scanned RFID")
 
-    @staticmethod
-    def get_account_by_rfid(value):
+    @classmethod
+    def get_account_by_rfid(cls, value):
         """Return the energy account associated with an RFID code if it exists."""
         try:
             EnergyAccount = apps.get_model("core", "EnergyAccount")
         except LookupError:  # pragma: no cover - energy accounts app optional
             return None
-        return EnergyAccount.objects.filter(
-            rfids__rfid=value.upper(), rfids__allowed=True
-        ).first()
+        matches = cls.matching_queryset(value).filter(allowed=True)
+        if not matches.exists():
+            return None
+        return (
+            EnergyAccount.objects.filter(rfids__in=matches)
+            .distinct()
+            .first()
+        )
 
     class Meta:
         verbose_name = "RFID"
@@ -2795,7 +2890,10 @@ class ClientReport(Entity):
     def build_rows(start_date=None, end_date=None, *, for_display: bool = False):
         from ocpp.models import Transaction
 
-        qs = Transaction.objects.exclude(rfid="")
+        qs = Transaction.objects.filter(
+            (Q(rfid__isnull=False) & ~Q(rfid=""))
+            | (Q(vid__isnull=False) & ~Q(vid=""))
+        )
         if start_date:
             from datetime import datetime, time, timedelta, timezone as pytimezone
 
@@ -2841,7 +2939,7 @@ class ClientReport(Entity):
                         subject = str(tag.label_id)
 
             if subject is None:
-                subject = tx.rfid
+                subject = tx.rfid or tx.vid
 
             start_value = tx.start_time
             end_value = tx.stop_time
@@ -2853,6 +2951,7 @@ class ClientReport(Entity):
                 {
                     "subject": subject,
                     "rfid": tx.rfid,
+                    "vid": tx.vid,
                     "kw": energy,
                     "start": start_value,
                     "end": end_value,

core/notifications.py

@@ -39,7 +39,7 @@ class NotificationManager:
         self.lock_file.parent.mkdir(parents=True, exist_ok=True)
         # ``plyer`` is only available on Windows and can fail when used in
         # a non-interactive environment (e.g. service or CI).
-        # Any failure will fallback to logging quietly.
+        # Any failure will fall back to logging quietly.
 
     def _write_lock_file(self, subject: str, body: str) -> None:
         self.lock_file.write_text(f"{subject}\n{body}\n", encoding="utf-8")

core/reference_utils.py

@@ -70,17 +70,16 @@ def filter_visible_references(
         required_sites = {current_site.pk for current_site in ref.sites.all()}
 
         if required_roles or required_features or required_sites:
-            allowed = False
-            if required_roles and node_role_id and node_role_id in required_roles:
-                allowed = True
-            elif (
-                required_features
-                and node_active_feature_ids
-                and node_active_feature_ids.intersection(required_features)
-            ):
-                allowed = True
-            elif required_sites and site_id and site_id in required_sites:
-                allowed = True
+            allowed = True
+            if required_roles:
+                allowed = bool(node_role_id and node_role_id in required_roles)
+            if allowed and required_features:
+                allowed = bool(
+                    node_active_feature_ids
+                    and node_active_feature_ids.intersection(required_features)
+                )
+            if allowed and required_sites:
+                allowed = bool(site_id and site_id in required_sites)
 
             if not allowed:
                 continue

core/sigil_builder.py

@@ -40,12 +40,12 @@ def _sigil_builder_view(request):
         {
             "prefix": "ENV",
             "url": reverse("admin:environment"),
-            "label": _("Environ"),
+            "label": _("Environment"),
         },
         {
             "prefix": "CONF",
             "url": reverse("admin:config"),
-            "label": _("Config"),
+            "label": _("Django Settings"),
         },
         {
             "prefix": "SYS",

core/tasks.py

@@ -2,6 +2,7 @@ from __future__ import annotations
 
 import logging
 import shutil
+import re
 import subprocess
 from pathlib import Path
 import urllib.error
@@ -102,6 +103,21 @@ def _resolve_service_url(base_dir: Path) -> str:
     return f"http://127.0.0.1:{port}/"
 
 
+def _parse_major_minor(version: str) -> tuple[int, int] | None:
+    match = re.match(r"^\s*(\d+)\.(\d+)", version)
+    if not match:
+        return None
+    return int(match.group(1)), int(match.group(2))
+
+
+def _shares_stable_series(local: str, remote: str) -> bool:
+    local_parts = _parse_major_minor(local)
+    remote_parts = _parse_major_minor(remote)
+    if not local_parts or not remote_parts:
+        return False
+    return local_parts == remote_parts
+
+
 @shared_task
 def check_github_updates() -> None:
     """Check the GitHub repo for updates and upgrade if needed."""
@@ -196,9 +212,16 @@ def check_github_updates() -> None:
             if startup:
                 startup()
             return
+        if mode == "stable" and _shares_stable_series(local, remote):
+            if startup:
+                startup()
+            return
         if notify:
             notify("Upgrading...", upgrade_stamp)
-        args = ["./upgrade.sh", "--no-restart"]
+        if mode == "stable":
+            args = ["./upgrade.sh", "--stable", "--no-restart"]
+        else:
+            args = ["./upgrade.sh", "--no-restart"]
         upgrade_was_applied = True
 
     with log_file.open("a") as fh:

core/tests.py

@@ -8,6 +8,7 @@ django.setup()
 from django.test import Client, TestCase, RequestFactory, override_settings
 from django.urls import reverse
 from django.http import HttpRequest
+from django.contrib import messages
 import csv
 import json
 import importlib.util

core/views.py

@@ -448,8 +448,11 @@ def _resolve_release_log_dir(preferred: Path) -> tuple[Path, str | None]:
 
     env_override = os.environ.pop("ARTHEXIS_LOG_DIR", None)
     fallback = select_log_dir(Path(settings.BASE_DIR))
-    if env_override and Path(env_override) != fallback:
-        os.environ["ARTHEXIS_LOG_DIR"] = str(fallback)
+    if env_override is not None:
+        if Path(env_override) == fallback:
+            os.environ["ARTHEXIS_LOG_DIR"] = env_override
+        else:
+            os.environ["ARTHEXIS_LOG_DIR"] = str(fallback)
 
     if fallback == preferred:
         if error:
@@ -608,6 +611,43 @@ def _git_authentication_missing(exc: subprocess.CalledProcessError) -> bool:
     return any(marker in message for marker in auth_markers)
 
 
+def _push_release_changes(log_path: Path) -> bool:
+    """Push release commits to ``origin`` and log the outcome."""
+
+    if not _has_remote("origin"):
+        _append_log(
+            log_path, "No git remote configured; skipping push of release changes"
+        )
+        return False
+
+    try:
+        branch = _current_branch()
+        if branch is None:
+            push_cmd = ["git", "push", "origin", "HEAD"]
+        elif _has_upstream(branch):
+            push_cmd = ["git", "push"]
+        else:
+            push_cmd = ["git", "push", "--set-upstream", "origin", branch]
+        subprocess.run(push_cmd, check=True, capture_output=True, text=True)
+    except subprocess.CalledProcessError as exc:
+        details = _format_subprocess_error(exc)
+        if _git_authentication_missing(exc):
+            _append_log(
+                log_path,
+                "Authentication is required to push release changes to origin; skipping push",
+            )
+            if details:
+                _append_log(log_path, details)
+            return False
+        _append_log(
+            log_path, f"Failed to push release changes to origin: {details}"
+        )
+        raise Exception("Failed to push release changes") from exc
+
+    _append_log(log_path, "Pushed release changes to origin")
+    return True
+
+
 def _ensure_origin_main_unchanged(log_path: Path) -> None:
     """Verify that ``origin/main`` has not advanced during the release."""
 
@@ -1340,37 +1380,7 @@ def _step_promote_build(release, ctx, log_path: Path) -> None:
                 log_path,
                 f"Committed release metadata for v{release.version}",
             )
-        if _has_remote("origin"):
-            try:
-                branch = _current_branch()
-                if branch is None:
-                    push_cmd = ["git", "push", "origin", "HEAD"]
-                elif _has_upstream(branch):
-                    push_cmd = ["git", "push"]
-                else:
-                    push_cmd = ["git", "push", "--set-upstream", "origin", branch]
-                subprocess.run(push_cmd, check=True, capture_output=True, text=True)
-            except subprocess.CalledProcessError as exc:
-                details = _format_subprocess_error(exc)
-                if _git_authentication_missing(exc):
-                    _append_log(
-                        log_path,
-                        "Authentication is required to push release changes to origin; skipping push",
-                    )
-                    if details:
-                        _append_log(log_path, details)
-                else:
-                    _append_log(
-                        log_path, f"Failed to push release changes to origin: {details}"
-                    )
-                    raise Exception("Failed to push release changes") from exc
-            else:
-                _append_log(log_path, "Pushed release changes to origin")
-        else:
-            _append_log(
-                log_path,
-                "No git remote configured; skipping push of release changes",
-            )
+        _push_release_changes(log_path)
         PackageRelease.dump_fixture()
         _append_log(log_path, "Updated release fixtures")
         _record_release_todo(release, ctx, log_path)
@@ -1561,6 +1571,30 @@ def _step_publish(release, ctx, log_path: Path) -> None:
     _append_log(log_path, f"Recorded PyPI URL: {release.pypi_url}")
     if release.github_url:
         _append_log(log_path, f"Recorded GitHub URL: {release.github_url}")
+    fixture_paths = [
+        str(path) for path in Path("core/fixtures").glob("releases__*.json")
+    ]
+    if fixture_paths:
+        status = subprocess.run(
+            ["git", "status", "--porcelain", "--", *fixture_paths],
+            capture_output=True,
+            text=True,
+            check=True,
+        )
+        if status.stdout.strip():
+            subprocess.run(["git", "add", *fixture_paths], check=True)
+            _append_log(log_path, "Staged publish metadata updates")
+            commit_message = f"chore: record publish metadata for v{release.version}"
+            subprocess.run(["git", "commit", "-m", commit_message], check=True)
+            _append_log(
+                log_path, f"Committed publish metadata for v{release.version}"
+            )
+            _push_release_changes(log_path)
+        else:
+            _append_log(
+                log_path,
+                "No release metadata updates detected after publish; skipping commit",
+            )
     _append_log(log_path, "Upload complete")
 
 
@@ -1754,9 +1788,9 @@ def rfid_batch(request):
             else:
                 post_auth_command = post_auth_command.strip()
 
-            tag, _ = RFID.objects.update_or_create(
-                rfid=rfid.upper(),
-                defaults={
+            tag, _ = RFID.update_or_create_from_code(
+                rfid,
+                {
                     "allowed": allowed,
                     "color": color,
                     "released": released,

nodes/admin.py

@@ -8,7 +8,7 @@ from django.contrib.admin import helpers
 from django.contrib.admin.widgets import FilteredSelectMultiple
 from django.core.exceptions import PermissionDenied
 from django.db.models import Count
-from django.http import HttpResponse, JsonResponse
+from django.http import Http404, HttpResponse, JsonResponse
 from django.shortcuts import redirect, render
 from django.template.response import TemplateResponse
 from django.urls import NoReverseMatch, path, reverse
@@ -233,6 +233,7 @@ class NodeAdmin(EntityModelAdmin):
         "role",
         "relation",
         "last_seen",
+        "proxy_link",
     )
     search_fields = ("hostname", "address", "mac_address")
     change_list_template = "admin/nodes/node/change_list.html"
@@ -247,6 +248,7 @@ class NodeAdmin(EntityModelAdmin):
                     "address",
                     "mac_address",
                     "port",
+                    "message_queue_length",
                     "role",
                     "current_relation",
                 )
@@ -290,6 +292,16 @@ class NodeAdmin(EntityModelAdmin):
     def relation(self, obj):
         return obj.get_current_relation_display()
 
+    @admin.display(description=_("Proxy"))
+    def proxy_link(self, obj):
+        if not obj or obj.is_local:
+            return ""
+        try:
+            url = reverse("admin:nodes_node_proxy", args=[obj.pk])
+        except NoReverseMatch:
+            return ""
+        return format_html('<a class="button" href="{}">{}</a>', url, _("Proxy"))
+
     def get_urls(self):
         urls = super().get_urls()
         custom = [
@@ -313,6 +325,11 @@ class NodeAdmin(EntityModelAdmin):
                 self.admin_site.admin_view(self.update_selected_progress),
                 name="nodes_node_update_selected_progress",
             ),
+            path(
+                "<int:node_id>/proxy/",
+                self.admin_site.admin_view(self.proxy_node),
+                name="nodes_node_proxy",
+            ),
         ]
         return custom + urls
 
@@ -332,6 +349,121 @@ class NodeAdmin(EntityModelAdmin):
         }
         return render(request, "admin/nodes/node/register_remote.html", context)
 
+    def _load_local_private_key(self, node):
+        security_dir = Path(node.base_path or settings.BASE_DIR) / "security"
+        priv_path = security_dir / f"{node.public_endpoint}"
+        if not priv_path.exists():
+            return None, _("Local node private key not found.")
+        try:
+            return (
+                serialization.load_pem_private_key(
+                    priv_path.read_bytes(), password=None
+                ),
+                "",
+            )
+        except Exception as exc:  # pragma: no cover - unexpected errors
+            return None, str(exc)
+
+    def _build_proxy_payload(self, request, local_node):
+        user = request.user
+        payload = {
+            "requester": str(local_node.uuid),
+            "user": {
+                "username": user.get_username(),
+                "email": user.email or "",
+                "first_name": user.first_name or "",
+                "last_name": user.last_name or "",
+                "is_staff": user.is_staff,
+                "is_superuser": user.is_superuser,
+                "groups": list(user.groups.values_list("name", flat=True)),
+                "permissions": sorted(user.get_all_permissions()),
+            },
+            "target": reverse("admin:index"),
+        }
+        return payload
+
+    def _start_proxy_session(self, request, node):
+        if node.is_local:
+            return {"ok": False, "message": _("Local node cannot be proxied.")}
+
+        local_node = Node.get_local()
+        if local_node is None:
+            try:
+                local_node, _ = Node.register_current()
+            except Exception as exc:  # pragma: no cover - unexpected errors
+                return {"ok": False, "message": str(exc)}
+
+        private_key, error = self._load_local_private_key(local_node)
+        if private_key is None:
+            return {"ok": False, "message": error}
+
+        payload = self._build_proxy_payload(request, local_node)
+        body = json.dumps(payload, separators=(",", ":"), sort_keys=True)
+        try:
+            signature = private_key.sign(
+                body.encode(),
+                padding.PKCS1v15(),
+                hashes.SHA256(),
+            )
+        except Exception as exc:  # pragma: no cover - unexpected errors
+            return {"ok": False, "message": str(exc)}
+
+        headers = {
+            "Content-Type": "application/json",
+            "X-Signature": base64.b64encode(signature).decode(),
+        }
+
+        last_error = ""
+        for url in self._iter_remote_urls(node, "/nodes/proxy/session/"):
+            try:
+                response = requests.post(url, data=body, headers=headers, timeout=5)
+            except RequestException as exc:
+                last_error = str(exc)
+                continue
+            if not response.ok:
+                last_error = f"{response.status_code} {response.text}"
+                continue
+            try:
+                data = response.json()
+            except ValueError:
+                last_error = "Invalid JSON response"
+                continue
+            login_url = data.get("login_url")
+            if not login_url:
+                last_error = "login_url missing"
+                continue
+            return {
+                "ok": True,
+                "login_url": login_url,
+                "expires": data.get("expires"),
+            }
+
+        return {
+            "ok": False,
+            "message": last_error or "Unable to initiate proxy.",
+        }
+
+    def proxy_node(self, request, node_id):
+        node = self.get_queryset(request).filter(pk=node_id).first()
+        if not node:
+            raise Http404
+        if not self.has_view_permission(request):
+            raise PermissionDenied
+        result = self._start_proxy_session(request, node)
+        if not result.get("ok"):
+            message = result.get("message") or _("Unable to proxy node.")
+            self.message_user(request, message, messages.ERROR)
+            return redirect("admin:nodes_node_changelist")
+
+        context = {
+            **self.admin_site.each_context(request),
+            "opts": self.model._meta,
+            "node": node,
+            "frame_url": result.get("login_url"),
+            "expires": result.get("expires"),
+        }
+        return TemplateResponse(request, "admin/nodes/node/proxy.html", context)
+
     @admin.action(description="Register Visitor")
     def register_visitor(self, request, queryset=None):
         return self.register_visitor_view(request)