PyPI - arthexis - Versions diffs - 0.1.8__py3-none-any.whl → 0.1.10__py3-none-any.whl - Mend

arthexis 0.1.8py3-none-any.whl → 0.1.10py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of arthexis might be problematic. Click here for more details.

Files changed (84) hide show

{arthexis-0.1.8.dist-info → arthexis-0.1.10.dist-info}/METADATA +87 -6
arthexis-0.1.10.dist-info/RECORD +95 -0
arthexis-0.1.10.dist-info/licenses/LICENSE +674 -0
config/__init__.py +0 -1
config/auth_app.py +0 -1
config/celery.py +1 -2
config/context_processors.py +1 -1
config/offline.py +2 -0
config/settings.py +352 -37
config/urls.py +71 -6
core/admin.py +1601 -200
core/admin_history.py +50 -0
core/admindocs.py +108 -1
core/apps.py +161 -3
core/auto_upgrade.py +57 -0
core/backends.py +123 -7
core/entity.py +62 -48
core/fields.py +98 -0
core/github_helper.py +25 -0
core/github_issues.py +172 -0
core/lcd_screen.py +1 -0
core/liveupdate.py +25 -0
core/log_paths.py +100 -0
core/mailer.py +83 -0
core/middleware.py +57 -0
core/models.py +1279 -267
core/notifications.py +11 -1
core/public_wifi.py +227 -0
core/reference_utils.py +97 -0
core/release.py +27 -20
core/sigil_builder.py +144 -0
core/sigil_context.py +20 -0
core/sigil_resolver.py +284 -0
core/system.py +162 -29
core/tasks.py +269 -27
core/test_system_info.py +59 -1
core/tests.py +644 -73
core/tests_liveupdate.py +17 -0
core/urls.py +2 -2
core/user_data.py +425 -168
core/views.py +627 -59
core/widgets.py +51 -0
core/workgroup_urls.py +7 -3
core/workgroup_views.py +43 -6
nodes/actions.py +0 -2
nodes/admin.py +168 -285
nodes/apps.py +9 -15
nodes/backends.py +145 -0
nodes/lcd.py +24 -10
nodes/models.py +579 -179
nodes/tasks.py +1 -5
nodes/tests.py +894 -130
nodes/utils.py +13 -2
nodes/views.py +204 -28
ocpp/admin.py +212 -63
ocpp/apps.py +1 -1
ocpp/consumers.py +642 -68
ocpp/evcs.py +30 -10
ocpp/models.py +452 -70
ocpp/simulator.py +75 -11
ocpp/store.py +288 -30
ocpp/tasks.py +11 -7
ocpp/test_export_import.py +8 -7
ocpp/test_rfid.py +211 -16
ocpp/tests.py +1576 -137
ocpp/transactions_io.py +68 -22
ocpp/urls.py +35 -2
ocpp/views.py +701 -123
pages/admin.py +173 -13
pages/checks.py +0 -1
pages/context_processors.py +39 -6
pages/forms.py +131 -0
pages/middleware.py +153 -0
pages/models.py +37 -9
pages/tests.py +1182 -42
pages/urls.py +4 -0
pages/utils.py +0 -1
pages/views.py +844 -51
arthexis-0.1.8.dist-info/RECORD +0 -80
arthexis-0.1.8.dist-info/licenses/LICENSE +0 -21
config/workgroup_app.py +0 -7
core/checks.py +0 -29
{arthexis-0.1.8.dist-info → arthexis-0.1.10.dist-info}/WHEEL +0 -0
{arthexis-0.1.8.dist-info → arthexis-0.1.10.dist-info}/top_level.txt +0 -0

pages/views.py CHANGED Viewed

@@ -1,33 +1,373 @@
+import base64
 import logging
 from pathlib import Path
+import datetime
+import calendar
+import io
+import shutil
+import re
+from html import escape
 from django.conf import settings
+from django.contrib import admin
+from django.contrib import messages
+from django.contrib.admin.views.decorators import staff_member_required
 from django.contrib.auth import get_user_model, login
 from django.contrib.auth.tokens import default_token_generator
 from django.contrib.auth.views import LoginView
 from django import forms
+from django.apps import apps as django_apps
 from utils.sites import get_site
-from django.http import HttpResponse
+from django.http import Http404, HttpResponse
 from django.shortcuts import redirect, render
 from nodes.models import Node
-from django.urls import reverse
-from django.utils import translation
+from django.template.response import TemplateResponse
+from django.urls import NoReverseMatch, reverse
+from django.utils import timezone
 from django.utils.encoding import force_bytes, force_str
 from django.utils.http import urlsafe_base64_decode, urlsafe_base64_encode
-from django.core.mail import send_mail
+from core import mailer, public_wifi
+from core.backends import TOTP_DEVICE_NAME
 from django.utils.translation import gettext as _
 from django.views.decorators.csrf import csrf_exempt, ensure_csrf_cookie
-from core.models import InviteLead
+from django.core.cache import cache
+from django.views.decorators.cache import never_cache
+from django.utils.cache import patch_vary_headers
+from django.core.exceptions import PermissionDenied
+from django.utils.text import slugify
+from django.core.validators import EmailValidator
+from django.db.models import Q
+from core.models import InviteLead, ClientReport, ClientReportSchedule
+try:  # pragma: no cover - optional dependency guard
+    from graphviz import Digraph
+    from graphviz.backend import CalledProcessError, ExecutableNotFound
+except ImportError:  # pragma: no cover - handled gracefully in views
+    Digraph = None
+    CalledProcessError = ExecutableNotFound = None
 import markdown
 from pages.utils import landing
+from core.liveupdate import live_update
+from django_otp import login as otp_login
+from django_otp.plugins.otp_totp.models import TOTPDevice
+import qrcode
+from .forms import AuthenticatorEnrollmentForm, AuthenticatorLoginForm
 from .models import Module
 logger = logging.getLogger(__name__)
+def _get_registered_models(app_label: str):
+    """Return admin-registered models for the given app label."""
+    registered = [
+        model for model in admin.site._registry if model._meta.app_label == app_label
+    ]
+    return sorted(registered, key=lambda model: str(model._meta.verbose_name))
+def _filter_models_for_request(models, request):
+    """Filter ``models`` to only those viewable by ``request.user``."""
+    allowed = []
+    for model in models:
+        model_admin = admin.site._registry.get(model)
+        if model_admin is None:
+            continue
+        if not model_admin.has_module_permission(request) and not getattr(
+            request.user, "is_staff", False
+        ):
+            continue
+        if not model_admin.has_view_permission(request, obj=None) and not getattr(
+            request.user, "is_staff", False
+        ):
+            continue
+        allowed.append(model)
+    return allowed
+def _admin_has_app_permission(request, app_label: str) -> bool:
+    """Return whether the admin user can access the given app."""
+    has_app_permission = getattr(admin.site, "has_app_permission", None)
+    if callable(has_app_permission):
+        allowed = has_app_permission(request, app_label)
+    else:
+        allowed = bool(admin.site.get_app_list(request, app_label))
+    if not allowed and getattr(request.user, "is_staff", False):
+        return True
+    return allowed
+def _resolve_related_model(field, default_app_label: str):
+    """Resolve the Django model class referenced by ``field``."""
+    remote = getattr(getattr(field, "remote_field", None), "model", None)
+    if remote is None:
+        return None
+    if isinstance(remote, str):
+        if "." in remote:
+            app_label, model_name = remote.split(".", 1)
+        else:
+            app_label, model_name = default_app_label, remote
+        try:
+            remote = django_apps.get_model(app_label, model_name)
+        except LookupError:
+            return None
+    return remote
+def _graph_field_type(field, default_app_label: str) -> str:
+    """Format a field description for node labels."""
+    base = field.get_internal_type()
+    related = _resolve_related_model(field, default_app_label)
+    if related is not None:
+        base = f"{base} → {related._meta.object_name}"
+    return base
+def _build_model_graph(models):
+    """Generate a GraphViz ``Digraph`` for the provided ``models``."""
+    if Digraph is None:
+        raise RuntimeError("Graphviz is not installed")
+    graph = Digraph(
+        "admin_app_models",
+        graph_attr={
+            "rankdir": "LR",
+            "splines": "ortho",
+            "nodesep": "0.8",
+            "ranksep": "1.0",
+        },
+        node_attr={
+            "shape": "plaintext",
+            "fontname": "Helvetica",
+        },
+        edge_attr={"fontname": "Helvetica"},
+    )
+    node_ids = {}
+    for model in models:
+        node_id = f"{model._meta.app_label}.{model._meta.model_name}"
+        node_ids[model] = node_id
+        rows = [
+            '<tr><td bgcolor="#1f2933" colspan="2"><font color="white"><b>'
+            f"{escape(model._meta.object_name)}"
+            "</b></font></td></tr>"
+        ]
+        verbose_name = str(model._meta.verbose_name)
+        if verbose_name and verbose_name != model._meta.object_name:
+            rows.append(
+                '<tr><td colspan="2"><i>' f"{escape(verbose_name)}" "</i></td></tr>"
+            )
+        for field in model._meta.concrete_fields:
+            if field.auto_created and not field.concrete:
+                continue
+            name = escape(field.name)
+            if field.primary_key:
+                name = f"<u>{name}</u>"
+            type_label = escape(_graph_field_type(field, model._meta.app_label))
+            rows.append(
+                '<tr><td align="left">'
+                f"{name}"
+                '</td><td align="left">'
+                f"{type_label}"
+                "</td></tr>"
+            )
+        for field in model._meta.local_many_to_many:
+            name = escape(field.name)
+            type_label = _graph_field_type(field, model._meta.app_label)
+            rows.append(
+                '<tr><td align="left">'
+                f"{name}"
+                '</td><td align="left">'
+                f"{escape(type_label)}"
+                "</td></tr>"
+            )
+        label = '<\n  <table BORDER="0" CELLBORDER="1" CELLSPACING="0" CELLPADDING="4">\n    '
+        label += "\n    ".join(rows)
+        label += "\n  </table>\n>"
+        graph.node(node_id, label=label)
+    edges = set()
+    for model in models:
+        source_id = node_ids[model]
+        for field in model._meta.concrete_fields:
+            related = _resolve_related_model(field, model._meta.app_label)
+            if related not in node_ids:
+                continue
+            attrs = {"label": field.name}
+            if getattr(field, "one_to_one", False):
+                attrs.update({"arrowhead": "onormal", "arrowtail": "none"})
+            key = (source_id, node_ids[related], tuple(sorted(attrs.items())))
+            if key not in edges:
+                edges.add(key)
+                graph.edge(source_id, node_ids[related], **attrs)
+        for field in model._meta.local_many_to_many:
+            related = _resolve_related_model(field, model._meta.app_label)
+            if related not in node_ids:
+                continue
+            attrs = {
+                "label": f"{field.name} (M2M)",
+                "dir": "both",
+                "arrowhead": "normal",
+                "arrowtail": "normal",
+            }
+            key = (source_id, node_ids[related], tuple(sorted(attrs.items())))
+            if key not in edges:
+                edges.add(key)
+                graph.edge(source_id, node_ids[related], **attrs)
+    return graph
+@staff_member_required
+def admin_model_graph(request, app_label: str):
+    """Render a GraphViz-powered diagram for the admin app grouping."""
+    try:
+        app_config = django_apps.get_app_config(app_label)
+    except LookupError as exc:  # pragma: no cover - invalid app label
+        raise Http404("Unknown application") from exc
+    models = _get_registered_models(app_label)
+    if not models:
+        raise Http404("No admin models registered for this application")
+    if not _admin_has_app_permission(request, app_label):
+        raise PermissionDenied
+    models = _filter_models_for_request(models, request)
+    if not models:
+        raise PermissionDenied
+    if Digraph is None:  # pragma: no cover - dependency missing is unexpected
+        raise Http404("Graph visualization support is unavailable")
+    graph = _build_model_graph(models)
+    graph_source = graph.source
+    graph_svg = ""
+    graph_error = ""
+    graph_engine = getattr(graph, "engine", "dot")
+    engine_path = shutil.which(str(graph_engine))
+    download_format = request.GET.get("format")
+    if download_format == "pdf":
+        if engine_path is None:
+            messages.error(
+                request,
+                _(
+                    "Graphviz executables are required to download the diagram as a PDF. Install Graphviz on the server and try again."
+                ),
+            )
+        else:
+            try:
+                pdf_output = graph.pipe(format="pdf")
+            except (ExecutableNotFound, CalledProcessError) as exc:
+                logger.warning(
+                    "Graphviz PDF rendering failed for admin model graph (engine=%s)",
+                    graph_engine,
+                    exc_info=exc,
+                )
+                messages.error(
+                    request,
+                    _(
+                        "An error occurred while generating the PDF diagram. Check the server logs for details."
+                    ),
+                )
+            else:
+                filename = slugify(app_config.verbose_name) or app_label
+                response = HttpResponse(pdf_output, content_type="application/pdf")
+                response["Content-Disposition"] = (
+                    f'attachment; filename="{filename}-model-graph.pdf"'
+                )
+                return response
+        params = request.GET.copy()
+        if "format" in params:
+            del params["format"]
+        query_string = params.urlencode()
+        redirect_url = request.path
+        if query_string:
+            redirect_url = f"{request.path}?{query_string}"
+        return redirect(redirect_url)
+    if engine_path is None:
+        graph_error = _(
+            "Graphviz executables are required to render this diagram. Install Graphviz on the server and try again."
+        )
+    else:
+        try:
+            svg_output = graph.pipe(format="svg", encoding="utf-8")
+        except (ExecutableNotFound, CalledProcessError) as exc:
+            logger.warning(
+                "Graphviz rendering failed for admin model graph (engine=%s)",
+                graph_engine,
+                exc_info=exc,
+            )
+            graph_error = _(
+                "An error occurred while rendering the diagram. Check the server logs for details."
+            )
+        else:
+            svg_start = svg_output.find("<svg")
+            if svg_start != -1:
+                svg_output = svg_output[svg_start:]
+            label = _("%(app)s model diagram") % {"app": app_config.verbose_name}
+            graph_svg = svg_output.replace(
+                "<svg", f'<svg role="img" aria-label="{escape(label)}"', 1
+            )
+            if not graph_svg:
+                graph_error = _("Graphviz did not return any diagram output.")
+    model_links = []
+    for model in models:
+        opts = model._meta
+        try:
+            url = reverse(f"admin:{opts.app_label}_{opts.model_name}_changelist")
+        except NoReverseMatch:
+            url = ""
+        model_links.append(
+            {
+                "label": str(opts.verbose_name_plural),
+                "url": url,
+            }
+        )
+    download_params = request.GET.copy()
+    download_params["format"] = "pdf"
+    download_url = f"{request.path}?{download_params.urlencode()}"
+    context = admin.site.each_context(request)
+    context.update(
+        {
+            "app_label": app_label,
+            "app_verbose_name": app_config.verbose_name,
+            "graph_source": graph_source,
+            "graph_svg": graph_svg,
+            "graph_error": graph_error,
+            "models": model_links,
+            "title": _("%(app)s model graph") % {"app": app_config.verbose_name},
+            "download_url": download_url,
+        }
+    )
+    return TemplateResponse(request, "admin/model_graph.html", context)
 @landing("Home")
+@never_cache
 def index(request):
     site = get_site(request)
     if site:
@@ -45,18 +385,27 @@ def index(request):
         .first()
     )
     app_slug = app.path.strip("/") if app else ""
-    readme_base = Path(settings.BASE_DIR) / app_slug if app_slug else Path(settings.BASE_DIR)
-    lang = translation.get_language() or ""
-    readme_file = readme_base / "README.md"
+    readme_base = (
+        Path(settings.BASE_DIR) / app_slug if app_slug else Path(settings.BASE_DIR)
+    )
+    lang = getattr(request, "LANGUAGE_CODE", "")
+    lang = lang.replace("_", "-").lower()
+    root_base = Path(settings.BASE_DIR)
+    candidates = []
     if lang:
-        localized = readme_base / f"README.{lang}.md"
-        if not localized.exists():
+        candidates.append(readme_base / f"README.{lang}.md")
+        short = lang.split("-")[0]
+        if short != lang:
+            candidates.append(readme_base / f"README.{short}.md")
+    candidates.append(readme_base / "README.md")
+    if readme_base != root_base:
+        if lang:
+            candidates.append(root_base / f"README.{lang}.md")
             short = lang.split("-")[0]
-            localized = readme_base / f"README.{short}.md"
-        if localized.exists():
-            readme_file = localized
-    if not readme_file.exists():
-        readme_file = Path(settings.BASE_DIR) / "README.md"
+            if short != lang:
+                candidates.append(root_base / f"README.{short}.md")
+        candidates.append(root_base / "README.md")
+    readme_file = next((p for p in candidates if p.exists()), root_base / "README.md")
     text = readme_file.read_text(encoding="utf-8")
     md = markdown.Markdown(extensions=["toc", "tables"])
     html = md.convert(text)
@@ -68,7 +417,9 @@ def index(request):
         toc_html = toc_html.strip()
     title = "README" if readme_file.name.startswith("README") else readme_file.stem
     context = {"content": html, "title": title, "toc": toc_html}
-    return render(request, "pages/readme.html", context)
+    response = render(request, "pages/readme.html", context)
+    patch_vary_headers(response, ["Accept-Language", "Cookie"])
+    return response
 def sitemap(request):
@@ -91,17 +442,56 @@ def sitemap(request):
     return HttpResponse("\n".join(lines), content_type="application/xml")
+def release_checklist(request):
+    file_path = Path(settings.BASE_DIR) / "releases" / "release-checklist.md"
+    if not file_path.exists():
+        raise Http404("Release checklist not found")
+    text = file_path.read_text(encoding="utf-8")
+    md = markdown.Markdown(extensions=["toc", "tables"])
+    html = md.convert(text)
+    toc_html = md.toc
+    if toc_html.strip().startswith('<div class="toc">'):
+        toc_html = toc_html.strip()[len('<div class="toc">') :]
+        if toc_html.endswith("</div>"):
+            toc_html = toc_html[: -len("</div>")]
+        toc_html = toc_html.strip()
+    context = {"content": html, "title": "Release Checklist", "toc": toc_html}
+    response = render(request, "pages/readme.html", context)
+    patch_vary_headers(response, ["Accept-Language", "Cookie"])
+    return response
+@csrf_exempt
+def datasette_auth(request):
+    if request.user.is_authenticated:
+        return HttpResponse("OK")
+    return HttpResponse(status=401)
 class CustomLoginView(LoginView):
     """Login view that redirects staff to the admin."""
     template_name = "pages/login.html"
+    form_class = AuthenticatorLoginForm
     def dispatch(self, request, *args, **kwargs):
         if request.user.is_authenticated:
             return redirect(self.get_success_url())
         return super().dispatch(request, *args, **kwargs)
+    def get_context_data(self, **kwargs):
+        context = super(LoginView, self).get_context_data(**kwargs)
+        current_site = get_site(self.request)
+        context.update(
+            {
+                "site": current_site,
+                "site_name": getattr(current_site, "name", ""),
+                "next": self.get_success_url(),
+                "can_request_invite": mailer.can_send_email(),
+            }
+        )
+        return context
     def get_success_url(self):
         redirect_url = self.get_redirect_url()
         if redirect_url:
@@ -110,13 +500,166 @@ class CustomLoginView(LoginView):
             return reverse("admin:index")
         return "/"
+    def form_valid(self, form):
+        response = super().form_valid(form)
+        device = form.get_verified_device()
+        if device is not None:
+            otp_login(self.request, device)
+        return response
 login_view = CustomLoginView.as_view()
+@staff_member_required
+def authenticator_setup(request):
+    """Allow staff to enroll an authenticator app for TOTP logins."""
+    user = request.user
+    device_qs = TOTPDevice.objects.filter(user=user)
+    if TOTP_DEVICE_NAME:
+        device_qs = device_qs.filter(name=TOTP_DEVICE_NAME)
+    pending_device = device_qs.filter(confirmed=False).order_by("-id").first()
+    confirmed_device = device_qs.filter(confirmed=True).order_by("-id").first()
+    enrollment_form = AuthenticatorEnrollmentForm(device=pending_device)
+    if request.method == "POST":
+        action = request.POST.get("action")
+        if action == "generate":
+            device = pending_device or confirmed_device or TOTPDevice(user=user)
+            if TOTP_DEVICE_NAME:
+                device.name = TOTP_DEVICE_NAME
+            if device.pk is None:
+                device.save()
+            device.key = TOTPDevice._meta.get_field("key").get_default()
+            device.confirmed = False
+            device.drift = 0
+            device.last_t = -1
+            device.throttling_failure_count = 0
+            device.throttling_failure_timestamp = None
+            device.throttle_reset(commit=False)
+            device.save()
+            messages.success(
+                request,
+                _(
+                    "Scan the QR code with your authenticator app, then "
+                    "enter a code below to confirm enrollment."
+                ),
+            )
+            return redirect("pages:authenticator-setup")
+        if action == "confirm" and pending_device is not None:
+            enrollment_form = AuthenticatorEnrollmentForm(
+                request.POST, device=pending_device
+            )
+            if enrollment_form.is_valid():
+                pending_device.confirmed = True
+                pending_device.save(update_fields=["confirmed"])
+                messages.success(
+                    request,
+                    _(
+                        "Authenticator app confirmed. You can now log in "
+                        "with codes from your device."
+                    ),
+                )
+                return redirect("pages:authenticator-setup")
+        if action == "remove":
+            if device_qs.exists():
+                device_qs.delete()
+                messages.success(
+                    request,
+                    _(
+                        "Authenticator enrollment removed. Password logins "
+                        "remain available."
+                    ),
+                )
+            return redirect("pages:authenticator-setup")
+    pending_device = device_qs.filter(confirmed=False).order_by("-id").first()
+    confirmed_device = device_qs.filter(confirmed=True).order_by("-id").first()
+    qr_data_uri = None
+    manual_key = None
+    if pending_device is not None:
+        config_url = pending_device.config_url
+        qr = qrcode.QRCode(box_size=10, border=4)
+        qr.add_data(config_url)
+        qr.make(fit=True)
+        image = qr.make_image(fill_color="black", back_color="white")
+        buffer = io.BytesIO()
+        image.save(buffer, format="PNG")
+        qr_data_uri = "data:image/png;base64," + base64.b64encode(buffer.getvalue()).decode(
+            "ascii"
+        )
+        secret = pending_device.key or ""
+        manual_key = " ".join(secret[i : i + 4] for i in range(0, len(secret), 4))
+    context = {
+        "pending_device": pending_device,
+        "confirmed_device": confirmed_device,
+        "qr_data_uri": qr_data_uri,
+        "manual_key": manual_key,
+        "enrollment_form": enrollment_form,
+    }
+    return TemplateResponse(request, "pages/authenticator_setup.html", context)
+INVITATION_REQUEST_MIN_SUBMISSION_INTERVAL = datetime.timedelta(seconds=3)
+INVITATION_REQUEST_THROTTLE_LIMIT = 3
+INVITATION_REQUEST_THROTTLE_WINDOW = datetime.timedelta(hours=1)
+INVITATION_REQUEST_HONEYPOT_MESSAGE = _(
+    "We could not process your request. Please try again."
+)
+INVITATION_REQUEST_TOO_FAST_MESSAGE = _(
+    "That was a little too fast. Please wait a moment and try again."
+)
+INVITATION_REQUEST_TIMESTAMP_ERROR = _(
+    "We could not verify your submission. Please reload the page and try again."
+)
+INVITATION_REQUEST_THROTTLE_MESSAGE = _(
+    "We've already received a few requests. Please try again later."
+)
 class InvitationRequestForm(forms.Form):
     email = forms.EmailField()
-    comment = forms.CharField(required=False, widget=forms.Textarea, label=_("Comment"))
+    comment = forms.CharField(
+        required=False, widget=forms.Textarea, label=_("Comment")
+    )
+    honeypot = forms.CharField(
+        required=False,
+        label=_("Leave blank"),
+        widget=forms.TextInput(attrs={"autocomplete": "off"}),
+    )
+    timestamp = forms.DateTimeField(required=False, widget=forms.HiddenInput())
+    min_submission_interval = INVITATION_REQUEST_MIN_SUBMISSION_INTERVAL
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        if not self.is_bound:
+            self.fields["timestamp"].initial = timezone.now()
+        self.fields["honeypot"].widget.attrs.setdefault("aria-hidden", "true")
+        self.fields["honeypot"].widget.attrs.setdefault("tabindex", "-1")
+    def clean(self):
+        cleaned = super().clean()
+        honeypot_value = cleaned.get("honeypot", "")
+        if honeypot_value:
+            raise forms.ValidationError(INVITATION_REQUEST_HONEYPOT_MESSAGE)
+        timestamp = cleaned.get("timestamp")
+        if timestamp is None:
+            cleaned["timestamp"] = timezone.now()
+            return cleaned
+        now = timezone.now()
+        if timestamp > now or (now - timestamp) < self.min_submission_interval:
+            raise forms.ValidationError(INVITATION_REQUEST_TOO_FAST_MESSAGE)
+        return cleaned
 @csrf_exempt
 @ensure_csrf_cookie
@@ -126,42 +669,79 @@ def request_invite(request):
     if request.method == "POST" and form.is_valid():
         email = form.cleaned_data["email"]
         comment = form.cleaned_data.get("comment", "")
-        InviteLead.objects.create(
-            email=email,
-            comment=comment,
-            user=request.user if request.user.is_authenticated else None,
-            path=request.path,
-            referer=request.META.get("HTTP_REFERER", ""),
-            user_agent=request.META.get("HTTP_USER_AGENT", ""),
-            ip_address=request.META.get("REMOTE_ADDR"),
+        ip_address = request.META.get("REMOTE_ADDR")
+        throttle_filters = Q(email__iexact=email)
+        if ip_address:
+            throttle_filters |= Q(ip_address=ip_address)
+        window_start = timezone.now() - INVITATION_REQUEST_THROTTLE_WINDOW
+        recent_requests = InviteLead.objects.filter(
+            throttle_filters, created_on__gte=window_start
         )
-        logger.info("Invitation requested for %s", email)
-        User = get_user_model()
-        users = list(User.objects.filter(email__iexact=email))
-        if not users:
-            logger.warning("Invitation requested for unknown email %s", email)
-        for user in users:
-            uid = urlsafe_base64_encode(force_bytes(user.pk))
-            token = default_token_generator.make_token(user)
-            link = request.build_absolute_uri(
-                reverse("pages:invitation-login", args=[uid, token])
+        if recent_requests.count() >= INVITATION_REQUEST_THROTTLE_LIMIT:
+            form.add_error(None, INVITATION_REQUEST_THROTTLE_MESSAGE)
+        else:
+            mac_address = public_wifi.resolve_mac_address(ip_address)
+            lead = InviteLead.objects.create(
+                email=email,
+                comment=comment,
+                user=request.user if request.user.is_authenticated else None,
+                path=request.path,
+                referer=request.META.get("HTTP_REFERER", ""),
+                user_agent=request.META.get("HTTP_USER_AGENT", ""),
+                ip_address=ip_address,
+                mac_address=mac_address or "",
             )
-            subject = _("Your invitation link")
-            body = _(
-                "Use the following link to access your account: %(link)s"
-            ) % {"link": link}
-            try:
-                node = Node.get_local()
-                if node:
-                    result = node.send_mail(subject, body, [email])
-                else:
-                    result = send_mail(subject, body, settings.DEFAULT_FROM_EMAIL, [email])
-                logger.info(
-                    "Invitation email sent to %s (user %s): %s", email, user.pk, result
+            logger.info("Invitation requested for %s", email)
+            User = get_user_model()
+            users = list(User.objects.filter(email__iexact=email))
+            if not users:
+                logger.warning("Invitation requested for unknown email %s", email)
+            for user in users:
+                uid = urlsafe_base64_encode(force_bytes(user.pk))
+                token = default_token_generator.make_token(user)
+                link = request.build_absolute_uri(
+                    reverse("pages:invitation-login", args=[uid, token])
                 )
-            except Exception:
-                logger.exception("Failed to send invitation email to %s", email)
-        sent = True
+                subject = _("Your invitation link")
+                body = _("Use the following link to access your account: %(link)s") % {
+                    "link": link
+                }
+                try:
+                    node_error = None
+                    node = Node.get_local()
+                    if node:
+                        try:
+                            result = node.send_mail(subject, body, [email])
+                        except Exception as exc:
+                            node_error = exc
+                            logger.exception(
+                                "Node send_mail failed, falling back to default backend"
+                            )
+                            result = mailer.send(
+                                subject, body, [email], settings.DEFAULT_FROM_EMAIL
+                            )
+                    else:
+                        result = mailer.send(
+                            subject, body, [email], settings.DEFAULT_FROM_EMAIL
+                        )
+                    lead.sent_on = timezone.now()
+                    if node_error:
+                        lead.error = (
+                            f"Node email send failed: {node_error}. "
+                            "Invite was sent using default mail backend; ensure the "
+                            "node's email service is running or check its configuration."
+                        )
+                    else:
+                        lead.error = ""
+                    logger.info(
+                        "Invitation email sent to %s (user %s): %s", email, user.pk, result
+                    )
+                except Exception as exc:
+                    lead.error = f"{exc}. Ensure the email service is reachable and settings are correct."
+                    logger.exception("Failed to send invitation email to %s", email)
+            if lead.sent_on or lead.error:
+                lead.save(update_fields=["sent_on", "error"])
+            sent = True
     return render(request, "pages/request_invite.html", {"form": form, "sent": sent})
@@ -199,13 +779,226 @@ def invitation_login(request, uidb64, token):
             user.set_password(password)
         user.is_active = True
         user.save()
+        node = Node.get_local()
+        if node and node.has_feature("ap-public-wifi"):
+            mac_address = public_wifi.resolve_mac_address(
+                request.META.get("REMOTE_ADDR")
+            )
+            if not mac_address:
+                mac_address = (
+                    InviteLead.objects.filter(email__iexact=user.email)
+                    .exclude(mac_address="")
+                    .order_by("-created_on")
+                    .values_list("mac_address", flat=True)
+                    .first()
+                )
+            if mac_address:
+                public_wifi.grant_public_access(user, mac_address)
         login(request, user, backend="core.backends.LocalhostAdminBackend")
         return redirect(reverse("admin:index") if user.is_staff else "/")
     return render(request, "pages/invitation_login.html", {"form": form})
+class ClientReportForm(forms.Form):
+    PERIOD_CHOICES = [
+        ("range", _("Date range")),
+        ("week", _("Week")),
+        ("month", _("Month")),
+    ]
+    RECURRENCE_CHOICES = ClientReportSchedule.PERIODICITY_CHOICES
+    period = forms.ChoiceField(
+        choices=PERIOD_CHOICES,
+        widget=forms.RadioSelect,
+        initial="range",
+        help_text=_("Choose how the reporting window will be calculated."),
+    )
+    start = forms.DateField(
+        label=_("Start date"),
+        required=False,
+        widget=forms.DateInput(attrs={"type": "date"}),
+        help_text=_("First day included when using a custom date range."),
+    )
+    end = forms.DateField(
+        label=_("End date"),
+        required=False,
+        widget=forms.DateInput(attrs={"type": "date"}),
+        help_text=_("Last day included when using a custom date range."),
+    )
+    week = forms.CharField(
+        label=_("Week"),
+        required=False,
+        widget=forms.TextInput(attrs={"type": "week"}),
+        help_text=_("Generates the report for the ISO week that you select."),
+    )
+    month = forms.DateField(
+        label=_("Month"),
+        required=False,
+        widget=forms.DateInput(attrs={"type": "month"}),
+        help_text=_("Generates the report for the calendar month that you select."),
+    )
+    owner = forms.ModelChoiceField(
+        queryset=get_user_model().objects.all(),
+        required=False,
+        help_text=_(
+            "Sets who owns the report schedule and is listed as the requestor."
+        ),
+    )
+    destinations = forms.CharField(
+        label=_("Email destinations"),
+        required=False,
+        widget=forms.Textarea(attrs={"rows": 2}),
+        help_text=_("Separate addresses with commas or new lines."),
+    )
+    recurrence = forms.ChoiceField(
+        label=_("Recurrency"),
+        choices=RECURRENCE_CHOICES,
+        initial=ClientReportSchedule.PERIODICITY_NONE,
+        help_text=_("Defines how often the report should be generated automatically."),
+    )
+    disable_emails = forms.BooleanField(
+        label=_("Disable email delivery"),
+        required=False,
+        help_text=_("Generate files without sending emails."),
+    )
+    def __init__(self, *args, request=None, **kwargs):
+        self.request = request
+        super().__init__(*args, **kwargs)
+        if request and getattr(request, "user", None) and request.user.is_authenticated:
+            self.fields["owner"].initial = request.user.pk
+    def clean(self):
+        cleaned = super().clean()
+        period = cleaned.get("period")
+        if period == "range":
+            if not cleaned.get("start") or not cleaned.get("end"):
+                raise forms.ValidationError(_("Please provide start and end dates."))
+        elif period == "week":
+            week_str = cleaned.get("week")
+            if not week_str:
+                raise forms.ValidationError(_("Please select a week."))
+            year, week_num = week_str.split("-W")
+            start = datetime.date.fromisocalendar(int(year), int(week_num), 1)
+            cleaned["start"] = start
+            cleaned["end"] = start + datetime.timedelta(days=6)
+        elif period == "month":
+            month_dt = cleaned.get("month")
+            if not month_dt:
+                raise forms.ValidationError(_("Please select a month."))
+            start = month_dt.replace(day=1)
+            last_day = calendar.monthrange(month_dt.year, month_dt.month)[1]
+            cleaned["start"] = start
+            cleaned["end"] = month_dt.replace(day=last_day)
+        return cleaned
+    def clean_destinations(self):
+        raw = self.cleaned_data.get("destinations", "")
+        if not raw:
+            return []
+        validator = EmailValidator()
+        seen: set[str] = set()
+        emails: list[str] = []
+        for part in re.split(r"[\s,]+", raw):
+            candidate = part.strip()
+            if not candidate:
+                continue
+            validator(candidate)
+            key = candidate.lower()
+            if key in seen:
+                continue
+            seen.add(key)
+            emails.append(candidate)
+        return emails
+@live_update()
+def client_report(request):
+    form = ClientReportForm(request.POST or None, request=request)
+    report = None
+    schedule = None
+    if request.method == "POST":
+        if not request.user.is_authenticated:
+            form.is_valid()  # Run validation to surface field errors alongside auth error.
+            form.add_error(
+                None, _("You must log in to generate client reports."),
+            )
+        elif form.is_valid():
+            throttle_seconds = getattr(settings, "CLIENT_REPORT_THROTTLE_SECONDS", 60)
+            throttle_keys = []
+            if request.user.is_authenticated:
+                throttle_keys.append(f"client-report:user:{request.user.pk}")
+            remote_addr = request.META.get("HTTP_X_FORWARDED_FOR")
+            if remote_addr:
+                remote_addr = remote_addr.split(",")[0].strip()
+            remote_addr = remote_addr or request.META.get("REMOTE_ADDR")
+            if remote_addr:
+                throttle_keys.append(f"client-report:ip:{remote_addr}")
+            added_keys = []
+            blocked = False
+            for key in throttle_keys:
+                if cache.add(key, timezone.now(), throttle_seconds):
+                    added_keys.append(key)
+                else:
+                    blocked = True
+                    break
+            if blocked:
+                for key in added_keys:
+                    cache.delete(key)
+                form.add_error(
+                    None,
+                    _(
+                        "Client reports can only be generated periodically. Please wait before trying again."
+                    ),
+                )
+            else:
+                owner = form.cleaned_data.get("owner")
+                if not owner and request.user.is_authenticated:
+                    owner = request.user
+                report = ClientReport.generate(
+                    form.cleaned_data["start"],
+                    form.cleaned_data["end"],
+                    owner=owner,
+                    recipients=form.cleaned_data.get("destinations"),
+                    disable_emails=form.cleaned_data.get("disable_emails", False),
+                )
+                report.store_local_copy()
+                recurrence = form.cleaned_data.get("recurrence")
+                if recurrence and recurrence != ClientReportSchedule.PERIODICITY_NONE:
+                    schedule = ClientReportSchedule.objects.create(
+                        owner=owner,
+                        created_by=request.user if request.user.is_authenticated else None,
+                        periodicity=recurrence,
+                        email_recipients=form.cleaned_data.get("destinations", []),
+                        disable_emails=form.cleaned_data.get("disable_emails", False),
+                    )
+                    report.schedule = schedule
+                    report.save(update_fields=["schedule"])
+                    messages.success(
+                        request,
+                        _(
+                            "Client report schedule created; future reports will be generated automatically."
+                        ),
+                    )
+    try:
+        login_url = reverse("pages:login")
+    except NoReverseMatch:
+        try:
+            login_url = reverse("login")
+        except NoReverseMatch:
+            login_url = getattr(settings, "LOGIN_URL", None)
+    context = {
+        "form": form,
+        "report": report,
+        "schedule": schedule,
+        "login_url": login_url,
+    }
+    return render(request, "pages/client_report.html", context)
 def csrf_failure(request, reason=""):
     """Custom CSRF failure view with a friendly message."""
     logger.warning("CSRF failure on %s: %s", request.path, reason)
     return render(request, "pages/csrf_failure.html", status=403)

arthexis 0.1.8__py3-none-any.whl → 0.1.10__py3-none-any.whl

Potentially problematic release.

arthexis 0.1.8py3-none-any.whl → 0.1.10py3-none-any.whl