arthexis 0.1.8__py3-none-any.whl → 0.1.9__py3-none-any.whl

core/models.py

@@ -4,13 +4,15 @@ from django.contrib.auth.models import (
     UserManager as DjangoUserManager,
 )
 from django.db import models
+from django.db.models import Q
+from django.db.models.functions import Lower
 from django.conf import settings
 from django.contrib.auth import get_user_model
 from django.utils.translation import gettext_lazy as _
 from django.core.validators import RegexValidator
 from django.core.exceptions import ValidationError
 from django.apps import apps
-from django.db.models.signals import m2m_changed
+from django.db.models.signals import m2m_changed, post_delete, post_save
 from django.dispatch import receiver
 from datetime import timedelta
 from django.contrib.contenttypes.models import ContentType
@@ -18,19 +20,25 @@ import hashlib
 import os
 import subprocess
 import secrets
+import re
 from io import BytesIO
 from django.core.files.base import ContentFile
 import qrcode
-import xmlrpc.client
 from django.utils import timezone
 import uuid
 from pathlib import Path
 from django.core import serializers
+from urllib.parse import urlparse
 from utils import revision as revision_utils
+from typing import Type
+from defusedxml import xmlrpc as defused_xmlrpc
 
-from .entity import Entity, EntityUserManager
+defused_xmlrpc.monkey_patch()
+xmlrpc_client = defused_xmlrpc.xmlrpc_client
+
+from .entity import Entity, EntityUserManager, EntityManager
 from .release import Package as ReleasePackage, Credentials, DEFAULT_PACKAGE
-from .user_data import UserDatum  # noqa: F401 - ensure model registration
+from . import user_data  # noqa: F401 - ensure signal registration
 from .fields import SigilShortAutoField
 
 
@@ -48,6 +56,111 @@ class SecurityGroup(Group):
         verbose_name_plural = "Security Groups"
 
 
+class Profile(Entity):
+    """Abstract base class for user or group scoped configuration."""
+
+    user = models.OneToOneField(
+        settings.AUTH_USER_MODEL,
+        null=True,
+        blank=True,
+        on_delete=models.CASCADE,
+        related_name="+",
+    )
+    group = models.OneToOneField(
+        "core.SecurityGroup",
+        null=True,
+        blank=True,
+        on_delete=models.CASCADE,
+        related_name="+",
+    )
+
+    class Meta:
+        abstract = True
+
+    def clean(self):
+        super().clean()
+        if self.user_id and self.group_id:
+            raise ValidationError(
+                {
+                    "user": _("Select either a user or a security group, not both."),
+                    "group": _("Select either a user or a security group, not both."),
+                }
+            )
+        if not self.user_id and not self.group_id:
+            raise ValidationError(
+                _("Profiles must be assigned to a user or a security group."),
+            )
+        if self.user_id:
+            user_model = get_user_model()
+            username_cache = {"value": None}
+
+            def _resolve_username():
+                if username_cache["value"] is not None:
+                    return username_cache["value"]
+                user_obj = getattr(self, "user", None)
+                username = getattr(user_obj, "username", None)
+                if not username:
+                    manager = getattr(
+                        user_model, "all_objects", user_model._default_manager
+                    )
+                    username = (
+                        manager.filter(pk=self.user_id)
+                        .values_list("username", flat=True)
+                        .first()
+                    )
+                username_cache["value"] = username
+                return username
+
+            is_restricted = getattr(user_model, "is_profile_restricted_username", None)
+            if callable(is_restricted):
+                username = _resolve_username()
+                if is_restricted(username):
+                    raise ValidationError(
+                        {
+                            "user": _(
+                                "The %(username)s account cannot have profiles attached."
+                            )
+                            % {"username": username}
+                        }
+                    )
+            else:
+                system_username = getattr(user_model, "SYSTEM_USERNAME", None)
+                if system_username:
+                    username = _resolve_username()
+                    if user_model.is_system_username(username):
+                        raise ValidationError(
+                            {
+                                "user": _(
+                                    "The %(username)s account cannot have profiles attached."
+                                )
+                                % {"username": username}
+                            }
+                        )
+
+    @property
+    def owner(self):
+        """Return the assigned user or group."""
+
+        return self.user if self.user_id else self.group
+
+    def owner_display(self) -> str:
+        """Return a human readable owner label."""
+
+        owner = self.owner
+        if owner is None:  # pragma: no cover - guarded by ``clean``
+            return ""
+        if hasattr(owner, "get_username"):
+            return owner.get_username()
+        if hasattr(owner, "name"):
+            return owner.name
+        return str(owner)
+
+
+class SigilRootManager(EntityManager):
+    def get_by_natural_key(self, prefix: str):
+        return self.get(prefix=prefix)
+
+
 class SigilRoot(Entity):
     class Context(models.TextChoices):
         CONFIG = "config", "Configuration"
@@ -55,16 +168,32 @@ class SigilRoot(Entity):
 
     prefix = models.CharField(max_length=50, unique=True)
     context_type = models.CharField(max_length=20, choices=Context.choices)
+    content_type = models.ForeignKey(
+        ContentType, null=True, blank=True, on_delete=models.CASCADE
+    )
+
+    objects = SigilRootManager()
 
     def __str__(self) -> str:  # pragma: no cover - simple representation
         return self.prefix
 
+    def natural_key(self):  # pragma: no cover - simple representation
+        return (self.prefix,)
+
     class Meta:
         verbose_name = "Sigil Root"
         verbose_name_plural = "Sigil Roots"
 
 
-class Lead(models.Model):
+class CustomSigil(SigilRoot):
+    class Meta:
+        proxy = True
+        app_label = "pages"
+        verbose_name = _("Custom Sigil")
+        verbose_name_plural = _("Custom Sigils")
+
+
+class Lead(Entity):
     """Common request lead information."""
 
     user = models.ForeignKey(
@@ -83,6 +212,9 @@ class Lead(models.Model):
 class InviteLead(Lead):
     email = models.EmailField()
     comment = models.TextField(blank=True)
+    sent_on = models.DateTimeField(null=True, blank=True)
+    error = models.TextField(blank=True)
+    mac_address = models.CharField(max_length=17, blank=True)
 
     class Meta:
         verbose_name = "Invite Lead"
@@ -92,156 +224,66 @@ class InviteLead(Lead):
         return self.email
 
 
-class Address(Entity):
-    """Physical location information for a user."""
-
-    class State(models.TextChoices):
-        COAHUILA = "CO", "Coahuila"
-        NUEVO_LEON = "NL", "Nuevo León"
-
-    COAHUILA_MUNICIPALITIES = [
-        "Abasolo",
-        "Acuña",
-        "Allende",
-        "Arteaga",
-        "Candela",
-        "Castaños",
-        "Cuatro Ciénegas",
-        "Escobedo",
-        "Francisco I. Madero",
-        "Frontera",
-        "General Cepeda",
-        "Guerrero",
-        "Hidalgo",
-        "Jiménez",
-        "Juárez",
-        "Lamadrid",
-        "Matamoros",
-        "Monclova",
-        "Morelos",
-        "Múzquiz",
-        "Nadadores",
-        "Nava",
-        "Ocampo",
-        "Parras",
-        "Piedras Negras",
-        "Progreso",
-        "Ramos Arizpe",
-        "Sabinas",
-        "Sacramento",
-        "Saltillo",
-        "San Buenaventura",
-        "San Juan de Sabinas",
-        "San Pedro",
-        "Sierra Mojada",
-        "Torreón",
-        "Viesca",
-        "Villa Unión",
-        "Zaragoza",
-    ]
+class PublicWifiAccess(Entity):
+    """Allow public Wi-Fi clients onto the wider internet."""
 
-    NUEVO_LEON_MUNICIPALITIES = [
-        "Abasolo",
-        "Agualeguas",
-        "Los Aldamas",
-        "Allende",
-        "Anáhuac",
-        "Apodaca",
-        "Aramberri",
-        "Bustamante",
-        "Cadereyta Jiménez",
-        "El Carmen",
-        "Cerralvo",
-        "Ciénega de Flores",
-        "China",
-        "Doctor Arroyo",
-        "Doctor Coss",
-        "Doctor González",
-        "Galeana",
-        "García",
-        "General Bravo",
-        "General Escobedo",
-        "General Terán",
-        "General Treviño",
-        "General Zaragoza",
-        "General Zuazua",
-        "Guadalupe",
-        "Los Herreras",
-        "Higueras",
-        "Hualahuises",
-        "Iturbide",
-        "Juárez",
-        "Lampazos de Naranjo",
-        "Linares",
-        "Marín",
-        "Melchor Ocampo",
-        "Mier y Noriega",
-        "Mina",
-        "Montemorelos",
-        "Monterrey",
-        "Parás",
-        "Pesquería",
-        "Los Ramones",
-        "Rayones",
-        "Sabinas Hidalgo",
-        "Salinas Victoria",
-        "San Nicolás de los Garza",
-        "San Pedro Garza García",
-        "Santa Catarina",
-        "Santiago",
-        "Vallecillo",
-        "Villaldama",
-        "Hidalgo",
-    ]
+    user = models.ForeignKey(
+        settings.AUTH_USER_MODEL,
+        on_delete=models.CASCADE,
+        related_name="public_wifi_accesses",
+    )
+    mac_address = models.CharField(max_length=17)
+    created_on = models.DateTimeField(auto_now_add=True)
+    updated_on = models.DateTimeField(auto_now=True)
+    revoked_on = models.DateTimeField(null=True, blank=True)
 
-    MUNICIPALITIES_BY_STATE = {
-        State.COAHUILA: COAHUILA_MUNICIPALITIES,
-        State.NUEVO_LEON: NUEVO_LEON_MUNICIPALITIES,
-    }
+    class Meta:
+        unique_together = ("user", "mac_address")
+        verbose_name = "Public Wi-Fi Access"
+        verbose_name_plural = "Public Wi-Fi Access"
 
-    MUNICIPALITY_CHOICES = [
-        (name, name) for name in COAHUILA_MUNICIPALITIES + NUEVO_LEON_MUNICIPALITIES
-    ]
+    def __str__(self) -> str:  # pragma: no cover - simple representation
+        return f"{self.user} -> {self.mac_address}"
 
-    street = models.CharField(max_length=255)
-    number = models.CharField(max_length=20)
-    municipality = models.CharField(max_length=100, choices=MUNICIPALITY_CHOICES)
-    state = models.CharField(max_length=2, choices=State.choices)
-    postal_code = models.CharField(max_length=10)
 
-    class Meta:
-        verbose_name_plural = _("Addresses")
+@receiver(post_save, sender=settings.AUTH_USER_MODEL)
+def _revoke_public_wifi_when_inactive(sender, instance, **kwargs):
+    if instance.is_active:
+        return
+    from core import public_wifi
 
-    def clean(self):
-        from django.core.exceptions import ValidationError
+    public_wifi.revoke_public_access_for_user(instance)
 
-        allowed = self.MUNICIPALITIES_BY_STATE.get(self.state, [])
-        if self.municipality not in allowed:
-            raise ValidationError(
-                {"municipality": _("Invalid municipality for the selected state")}
-            )
 
-    def __str__(self):  # pragma: no cover - simple representation
-        return f"{self.street} {self.number}, {self.municipality}, {self.state}"
+@receiver(post_delete, sender=settings.AUTH_USER_MODEL)
+def _cleanup_public_wifi_on_delete(sender, instance, **kwargs):
+    from core import public_wifi
+
+    public_wifi.revoke_public_access_for_user(instance)
 
 
 class User(Entity, AbstractUser):
+    SYSTEM_USERNAME = "arthexis"
+    ADMIN_USERNAME = "admin"
+    PROFILE_RESTRICTED_USERNAMES = frozenset({SYSTEM_USERNAME, ADMIN_USERNAME})
+
     objects = EntityUserManager()
     all_objects = DjangoUserManager()
     """Custom user model."""
-
-    phone_number = models.CharField(
-        max_length=20,
-        blank=True,
-        help_text="Optional contact phone number",
-    )
-    address = models.ForeignKey(
-        Address,
+    birthday = models.DateField(null=True, blank=True)
+    data_path = models.CharField(max_length=255, blank=True)
+    last_visit_ip_address = models.GenericIPAddressField(null=True, blank=True)
+    operate_as = models.ForeignKey(
+        "self",
         null=True,
         blank=True,
         on_delete=models.SET_NULL,
+        related_name="operated_users",
+        help_text=(
+            "Operate using another user's permissions when additional authority is "
+            "required."
+        ),
     )
-    has_charger = models.BooleanField(default=False)
     is_active = models.BooleanField(
         _("active"),
         default=True,
@@ -253,15 +295,173 @@ class User(Entity, AbstractUser):
     def __str__(self):
         return self.username
 
+    @classmethod
+    def is_system_username(cls, username):
+        return bool(username) and username == cls.SYSTEM_USERNAME
 
-class OdooProfile(Entity):
-    """Store Odoo API credentials for a user."""
+    @classmethod
+    def is_profile_restricted_username(cls, username):
+        return bool(username) and username in cls.PROFILE_RESTRICTED_USERNAMES
 
-    user = models.OneToOneField(
+    @property
+    def is_system_user(self) -> bool:
+        return self.is_system_username(self.username)
+
+    @property
+    def is_profile_restricted(self) -> bool:
+        return self.is_profile_restricted_username(self.username)
+
+    def clean(self):
+        super().clean()
+        if not self.operate_as_id:
+            return
+        try:
+            delegate = self.operate_as
+        except type(self).DoesNotExist:
+            raise ValidationError({"operate_as": _("Selected user is not available.")})
+        errors = []
+        if delegate.pk == self.pk:
+            errors.append(_("Cannot operate as yourself."))
+        if getattr(delegate, "is_deleted", False):
+            errors.append(_("Cannot operate as a deleted user."))
+        if not self.is_staff:
+            errors.append(_("Only staff members may operate as another user."))
+        if delegate.is_staff and not self.is_superuser:
+            errors.append(_("Only superusers may operate as staff members."))
+        if errors:
+            raise ValidationError({"operate_as": errors})
+
+    def _delegate_for_permissions(self):
+        if not self.is_staff or not self.operate_as_id:
+            return None
+        try:
+            delegate = self.operate_as
+        except type(self).DoesNotExist:
+            return None
+        if delegate.pk == self.pk:
+            return None
+        if getattr(delegate, "is_deleted", False):
+            return None
+        if delegate.is_staff and not self.is_superuser:
+            return None
+        return delegate
+
+    def _check_operate_as_chain(self, predicate, visited=None):
+        if visited is None:
+            visited = set()
+        identifier = self.pk or id(self)
+        if identifier in visited:
+            return False
+        visited.add(identifier)
+        if predicate(self):
+            return True
+        delegate = self._delegate_for_permissions()
+        if not delegate:
+            return False
+        return delegate._check_operate_as_chain(predicate, visited)
+
+    def has_perm(self, perm, obj=None):
+        return self._check_operate_as_chain(
+            lambda user: super(User, user).has_perm(perm, obj)
+        )
+
+    def has_module_perms(self, app_label):
+        return self._check_operate_as_chain(
+            lambda user: super(User, user).has_module_perms(app_label)
+        )
+
+    def _profile_for(self, profile_cls: Type[Profile], user: "User"):
+        profile = profile_cls.objects.filter(user=user).first()
+        if profile:
+            return profile
+        group_ids = list(user.groups.values_list("id", flat=True))
+        if group_ids:
+            return profile_cls.objects.filter(group_id__in=group_ids).first()
+        return None
+
+    def get_profile(self, profile_cls: Type[Profile]):
+        """Return the first matching profile for the user or their delegate chain."""
+
+        if not isinstance(profile_cls, type) or not issubclass(profile_cls, Profile):
+            raise TypeError("profile_cls must be a Profile subclass")
+
+        result = None
+
+        def predicate(user: "User"):
+            nonlocal result
+            result = self._profile_for(profile_cls, user)
+            return result is not None
+
+        self._check_operate_as_chain(predicate)
+        return result
+
+    def has_profile(self, profile_cls: Type[Profile]) -> bool:
+        """Return ``True`` when a profile is available for the user or delegate chain."""
+
+        return self.get_profile(profile_cls) is not None
+
+    def _direct_profile(self, model_label: str):
+        model = apps.get_model("core", model_label)
+        try:
+            return self.get_profile(model)
+        except TypeError:
+            return None
+
+    def get_phones_by_priority(self):
+        """Return a list of ``UserPhoneNumber`` instances ordered by priority."""
+
+        ordered_numbers = self.phone_numbers.order_by("priority", "pk")
+        return list(ordered_numbers)
+
+    def get_phone_numbers_by_priority(self):
+        """Backward-compatible alias for :meth:`get_phones_by_priority`."""
+
+        return self.get_phones_by_priority()
+
+    @property
+    def release_manager(self):
+        return self._direct_profile("ReleaseManager")
+
+    @property
+    def odoo_profile(self):
+        return self._direct_profile("OdooProfile")
+
+    @property
+    def assistant_profile(self):
+        return self._direct_profile("AssistantProfile")
+
+    @property
+    def chat_profile(self):
+        return self.assistant_profile
+
+
+class UserPhoneNumber(Entity):
+    """Store phone numbers associated with a user."""
+
+    user = models.ForeignKey(
         settings.AUTH_USER_MODEL,
-        related_name="odoo_profile",
         on_delete=models.CASCADE,
+        related_name="phone_numbers",
+    )
+    number = models.CharField(
+        max_length=20,
+        help_text="Contact phone number",
     )
+    priority = models.PositiveIntegerField(default=0)
+
+    class Meta:
+        ordering = ("priority", "id")
+        verbose_name = "Phone Number"
+        verbose_name_plural = "Phone Numbers"
+
+    def __str__(self):  # pragma: no cover - simple representation
+        return f"{self.number} ({self.priority})"
+
+
+class OdooProfile(Profile):
+    """Store Odoo API credentials for a user."""
+
+    profile_fields = ("host", "database", "username", "password")
     host = SigilShortAutoField(max_length=255)
     database = SigilShortAutoField(max_length=255)
     username = SigilShortAutoField(max_length=255)
@@ -295,12 +495,12 @@ class OdooProfile(Entity):
 
     def verify(self):
         """Check credentials against Odoo and pull user info."""
-        common = xmlrpc.client.ServerProxy(f"{self.host}/xmlrpc/2/common")
+        common = xmlrpc_client.ServerProxy(f"{self.host}/xmlrpc/2/common")
         uid = common.authenticate(self.database, self.username, self.password, {})
         if not uid:
             self._clear_verification()
             raise ValidationError(_("Invalid Odoo credentials"))
-        models_proxy = xmlrpc.client.ServerProxy(f"{self.host}/xmlrpc/2/object")
+        models_proxy = xmlrpc_client.ServerProxy(f"{self.host}/xmlrpc/2/object")
         info = models_proxy.execute_kw(
             self.database,
             uid,
@@ -320,7 +520,7 @@ class OdooProfile(Entity):
     def execute(self, model, method, *args, **kwargs):
         """Execute an Odoo RPC call, invalidating credentials on failure."""
         try:
-            client = xmlrpc.client.ServerProxy(f"{self.host}/xmlrpc/2/object")
+            client = xmlrpc_client.ServerProxy(f"{self.host}/xmlrpc/2/object")
             return client.execute_kw(
                 self.database,
                 self.odoo_uid,
@@ -336,14 +536,24 @@ class OdooProfile(Entity):
             raise
 
     def __str__(self):  # pragma: no cover - simple representation
-        return f"{self.user} @ {self.host}"
+        owner = self.owner_display()
+        return f"{owner} @ {self.host}" if owner else self.host
 
     class Meta:
-        verbose_name = _("Odoo Profile")
-        verbose_name_plural = _("Odoo Profiles")
+        verbose_name = _("Odoo Employee")
+        verbose_name_plural = _("Odoo Employees")
+        constraints = [
+            models.CheckConstraint(
+                check=(
+                    (Q(user__isnull=False) & Q(group__isnull=True))
+                    | (Q(user__isnull=True) & Q(group__isnull=False))
+                ),
+                name="odooprofile_requires_owner",
+            )
+        ]
 
 
-class EmailInbox(Entity):
+class EmailInbox(Profile):
     """Credentials and configuration for connecting to an email mailbox."""
 
     IMAP = "imap"
@@ -353,10 +563,13 @@ class EmailInbox(Entity):
         (POP3, "POP3"),
     ]
 
-    user = models.ForeignKey(
-        settings.AUTH_USER_MODEL,
-        related_name="email_inboxes",
-        on_delete=models.CASCADE,
+    profile_fields = (
+        "username",
+        "host",
+        "port",
+        "password",
+        "protocol",
+        "use_ssl",
     )
     username = SigilShortAutoField(
         max_length=255,
@@ -430,9 +643,14 @@ class EmailInbox(Entity):
         def _get_body(msg):
             if msg.is_multipart():
                 for part in msg.walk():
-                    if part.get_content_type() == "text/plain" and not part.get_filename():
+                    if (
+                        part.get_content_type() == "text/plain"
+                        and not part.get_filename()
+                    ):
                         charset = part.get_content_charset() or "utf-8"
-                        return part.get_payload(decode=True).decode(charset, errors="ignore")
+                        return part.get_payload(decode=True).decode(
+                            charset, errors="ignore"
+                        )
                 return ""
             charset = msg.get_content_charset() or "utf-8"
             return msg.get_payload(decode=True).decode(charset, errors="ignore")
@@ -556,9 +774,7 @@ class EmailCollector(Entity):
             fp = EmailArtifact.fingerprint_for(
                 msg.get("subject", ""), msg.get("from", ""), msg.get("body", "")
             )
-            if EmailArtifact.objects.filter(
-                collector=self, fingerprint=fp
-            ).exists():
+            if EmailArtifact.objects.filter(collector=self, fingerprint=fp).exists():
                 break
             EmailArtifact.objects.create(
                 collector=self,
@@ -591,65 +807,19 @@ class EmailArtifact(Entity):
         import hashlib
 
         data = (subject or "") + (sender or "") + (body or "")
-        return hashlib.md5(data.encode("utf-8")).hexdigest()
+        hasher = hashlib.md5(data.encode("utf-8"), usedforsecurity=False)
+        return hasher.hexdigest()
 
     class Meta:
         unique_together = ("collector", "fingerprint")
         verbose_name = "Email Artifact"
         verbose_name_plural = "Email Artifacts"
+        ordering = ["-id"]
 
 
-class FediverseProfile(Entity):
-    """Configuration for connecting to fediverse services."""
-
-    MASTODON = "mastodon"
-    BLUESKY = "bluesky"
-    SERVICE_CHOICES = [
-        (MASTODON, "Mastodon"),
-        (BLUESKY, "Bluesky"),
-    ]
-
-    user = models.OneToOneField(
-        settings.AUTH_USER_MODEL,
-        related_name="fediverse_profile",
-        on_delete=models.CASCADE,
-    )
-    service = models.CharField(max_length=20, choices=SERVICE_CHOICES)
-    host = models.CharField(max_length=255)
-    handle = models.CharField(max_length=255)
-    access_token = models.CharField(max_length=255, blank=True)
-    verified_on = models.DateTimeField(null=True, blank=True)
-
-    def test_connection(self):
-        """Attempt to verify credentials against the configured service."""
-        import requests
-
-        try:
-            headers = {}
-            if self.access_token:
-                headers["Authorization"] = f"Bearer {self.access_token}"
-            if self.service == self.MASTODON:
-                url = f"https://{self.host}/api/v1/accounts/verify_credentials"
-                resp = requests.get(url, headers=headers, timeout=10)
-            else:  # BLUESKY
-                url = f"https://{self.host}/xrpc/app.bsky.actor.getProfile"
-                params = {"actor": self.handle}
-                resp = requests.get(url, params=params, headers=headers, timeout=10)
-            resp.raise_for_status()
-            self.verified_on = timezone.now()
-            self.save(update_fields=["verified_on"])
-            return True
-        except Exception as exc:
-            self.verified_on = None
-            self.save(update_fields=["verified_on"])
-            raise ValidationError(str(exc))
-
-    def __str__(self):  # pragma: no cover - simple representation
-        return f"{self.user} @ {self.host}"
-
-    class Meta:
-        verbose_name = _("Fediverse Profile")
-        verbose_name_plural = _("Fediverse Profiles")
+class ReferenceManager(EntityManager):
+    def get_by_natural_key(self, alt_text: str):
+        return self.get(alt_text=alt_text)
 
 
 class Reference(Entity):
@@ -702,12 +872,31 @@ class Reference(Entity):
         null=True,
         blank=True,
     )
+    sites = models.ManyToManyField(
+        "sites.Site",
+        blank=True,
+        related_name="references",
+    )
+    roles = models.ManyToManyField(
+        "nodes.NodeRole",
+        blank=True,
+        related_name="references",
+    )
+    features = models.ManyToManyField(
+        "nodes.NodeFeature",
+        blank=True,
+        related_name="references",
+    )
+
+    objects = ReferenceManager()
 
     def save(self, *args, **kwargs):
         if self.pk:
             original = type(self).all_objects.get(pk=self.pk)
             if original.transaction_uuid != self.transaction_uuid:
-                raise ValidationError({"transaction_uuid": "Cannot modify transaction UUID"})
+                raise ValidationError(
+                    {"transaction_uuid": "Cannot modify transaction UUID"}
+                )
         if not self.image and self.value:
             qr = qrcode.QRCode(box_size=10, border=4)
             qr.add_data(self.value)
@@ -722,6 +911,10 @@ class Reference(Entity):
     def __str__(self) -> str:  # pragma: no cover - simple representation
         return self.alt_text
 
+    def natural_key(self):  # pragma: no cover - simple representation
+        return (self.alt_text,)
+
+
 class RFID(Entity):
     """RFID tag that may be assigned to one account."""
 
@@ -737,6 +930,12 @@ class RFID(Entity):
             )
         ],
     )
+    custom_label = models.CharField(
+        max_length=32,
+        blank=True,
+        verbose_name="Custom Label",
+        help_text="Optional custom label for this RFID.",
+    )
     key_a = models.CharField(
         max_length=12,
         default="FFFFFFFFFFFF",
@@ -869,6 +1068,15 @@ class EnergyAccount(Entity):
         default=False,
         help_text="Allow transactions even when the balance is zero or negative",
     )
+    live_subscription_product = models.ForeignKey(
+        "Product",
+        null=True,
+        blank=True,
+        on_delete=models.SET_NULL,
+        related_name="live_subscription_accounts",
+    )
+    live_subscription_start_date = models.DateField(null=True, blank=True)
+    live_subscription_next_renewal = models.DateField(null=True, blank=True)
 
     def can_authorize(self) -> bool:
         """Return True if this account should be authorized for charging."""
@@ -907,6 +1115,17 @@ class EnergyAccount(Entity):
     def save(self, *args, **kwargs):
         if self.name:
             self.name = self.name.upper()
+        if self.live_subscription_product and not self.live_subscription_start_date:
+            self.live_subscription_start_date = timezone.now().date()
+        if (
+            self.live_subscription_product
+            and self.live_subscription_start_date
+            and not self.live_subscription_next_renewal
+        ):
+            self.live_subscription_next_renewal = (
+                self.live_subscription_start_date
+                + timedelta(days=self.live_subscription_product.renewal_period)
+            )
         super().save(*args, **kwargs)
 
     def __str__(self):  # pragma: no cover - simple representation
@@ -950,11 +1169,433 @@ class EnergyCredit(Entity):
         db_table = "core_credit"
 
 
+class ClientReportSchedule(Entity):
+    """Configuration for recurring :class:`ClientReport` generation."""
+
+    PERIODICITY_NONE = "none"
+    PERIODICITY_DAILY = "daily"
+    PERIODICITY_WEEKLY = "weekly"
+    PERIODICITY_MONTHLY = "monthly"
+    PERIODICITY_CHOICES = [
+        (PERIODICITY_NONE, "One-time"),
+        (PERIODICITY_DAILY, "Daily"),
+        (PERIODICITY_WEEKLY, "Weekly"),
+        (PERIODICITY_MONTHLY, "Monthly"),
+    ]
+
+    owner = models.ForeignKey(
+        settings.AUTH_USER_MODEL,
+        on_delete=models.SET_NULL,
+        null=True,
+        blank=True,
+        related_name="client_report_schedules",
+    )
+    created_by = models.ForeignKey(
+        settings.AUTH_USER_MODEL,
+        on_delete=models.SET_NULL,
+        null=True,
+        blank=True,
+        related_name="created_client_report_schedules",
+    )
+    periodicity = models.CharField(
+        max_length=12, choices=PERIODICITY_CHOICES, default=PERIODICITY_NONE
+    )
+    email_recipients = models.JSONField(default=list, blank=True)
+    disable_emails = models.BooleanField(default=False)
+    periodic_task = models.OneToOneField(
+        "django_celery_beat.PeriodicTask",
+        on_delete=models.SET_NULL,
+        null=True,
+        blank=True,
+        related_name="client_report_schedule",
+    )
+    last_generated_on = models.DateTimeField(null=True, blank=True)
+
+    class Meta:
+        verbose_name = "Client Report Schedule"
+        verbose_name_plural = "Client Report Schedules"
+
+    def __str__(self) -> str:  # pragma: no cover - simple representation
+        owner = self.owner.get_username() if self.owner else "Unassigned"
+        return f"Client Report Schedule ({owner})"
+
+    def save(self, *args, **kwargs):
+        sync = kwargs.pop("sync_task", True)
+        super().save(*args, **kwargs)
+        if sync and self.pk:
+            self.sync_periodic_task()
+
+    def delete(self, using=None, keep_parents=False):
+        task_id = self.periodic_task_id
+        super().delete(using=using, keep_parents=keep_parents)
+        if task_id:
+            from django_celery_beat.models import PeriodicTask
+
+            PeriodicTask.objects.filter(pk=task_id).delete()
+
+    def sync_periodic_task(self):
+        """Ensure the Celery beat schedule matches the configured periodicity."""
+
+        from django_celery_beat.models import CrontabSchedule, PeriodicTask
+        from django.db import transaction
+        import json as _json
+
+        if self.periodicity == self.PERIODICITY_NONE:
+            if self.periodic_task_id:
+                PeriodicTask.objects.filter(pk=self.periodic_task_id).delete()
+                type(self).objects.filter(pk=self.pk).update(periodic_task=None)
+            return
+
+        if self.periodicity == self.PERIODICITY_DAILY:
+            schedule, _ = CrontabSchedule.objects.get_or_create(
+                minute="0",
+                hour="2",
+                day_of_week="*",
+                day_of_month="*",
+                month_of_year="*",
+            )
+        elif self.periodicity == self.PERIODICITY_WEEKLY:
+            schedule, _ = CrontabSchedule.objects.get_or_create(
+                minute="0",
+                hour="3",
+                day_of_week="1",
+                day_of_month="*",
+                month_of_year="*",
+            )
+        else:
+            schedule, _ = CrontabSchedule.objects.get_or_create(
+                minute="0",
+                hour="4",
+                day_of_week="*",
+                day_of_month="1",
+                month_of_year="*",
+            )
+
+        name = f"client_report_schedule_{self.pk}"
+        defaults = {
+            "crontab": schedule,
+            "task": "core.tasks.run_client_report_schedule",
+            "kwargs": _json.dumps({"schedule_id": self.pk}),
+            "enabled": True,
+        }
+        with transaction.atomic():
+            periodic_task, _ = PeriodicTask.objects.update_or_create(
+                name=name, defaults=defaults
+            )
+            if self.periodic_task_id != periodic_task.pk:
+                type(self).objects.filter(pk=self.pk).update(
+                    periodic_task=periodic_task
+                )
+
+    def calculate_period(self, reference=None):
+        """Return the date range covered for the next execution."""
+
+        from django.utils import timezone
+        import datetime as _datetime
+
+        ref_date = reference or timezone.localdate()
+
+        if self.periodicity == self.PERIODICITY_DAILY:
+            end = ref_date - _datetime.timedelta(days=1)
+            start = end
+        elif self.periodicity == self.PERIODICITY_WEEKLY:
+            start_of_week = ref_date - _datetime.timedelta(days=ref_date.weekday())
+            end = start_of_week - _datetime.timedelta(days=1)
+            start = end - _datetime.timedelta(days=6)
+        elif self.periodicity == self.PERIODICITY_MONTHLY:
+            first_of_month = ref_date.replace(day=1)
+            end = first_of_month - _datetime.timedelta(days=1)
+            start = end.replace(day=1)
+        else:
+            raise ValueError("calculate_period called for non-recurring schedule")
+
+        return start, end
+
+    def resolve_recipients(self):
+        """Return (to, cc) email lists respecting owner fallbacks."""
+
+        from django.contrib.auth import get_user_model
+
+        to: list[str] = []
+        cc: list[str] = []
+        seen: set[str] = set()
+
+        for email in self.email_recipients:
+            normalized = (email or "").strip()
+            if not normalized:
+                continue
+            if normalized.lower() in seen:
+                continue
+            to.append(normalized)
+            seen.add(normalized.lower())
+
+        owner_email = None
+        if self.owner and self.owner.email:
+            candidate = self.owner.email.strip()
+            if candidate:
+                owner_email = candidate
+
+        if to:
+            if owner_email and owner_email.lower() not in seen:
+                cc.append(owner_email)
+        else:
+            if owner_email:
+                to.append(owner_email)
+                seen.add(owner_email.lower())
+            else:
+                admin_email = (
+                    get_user_model()
+                    .objects.filter(is_superuser=True, is_active=True)
+                    .exclude(email="")
+                    .values_list("email", flat=True)
+                    .first()
+                )
+                if admin_email:
+                    to.append(admin_email)
+                    seen.add(admin_email.lower())
+                elif settings.DEFAULT_FROM_EMAIL:
+                    to.append(settings.DEFAULT_FROM_EMAIL)
+
+        return to, cc
+
+    def get_outbox(self):
+        """Return the preferred :class:`nodes.models.EmailOutbox` instance."""
+
+        from nodes.models import EmailOutbox, Node
+
+        if self.owner:
+            try:
+                outbox = self.owner.get_profile(EmailOutbox)
+            except Exception:  # pragma: no cover - defensive catch
+                outbox = None
+            if outbox:
+                return outbox
+
+        node = Node.get_local()
+        if node:
+            return getattr(node, "email_outbox", None)
+        return None
+
+    def notify_failure(self, message: str):
+        from nodes.models import NetMessage
+
+        NetMessage.broadcast("Client report delivery issue", message)
+
+    def run(self):
+        """Generate the report, persist it and deliver notifications."""
+
+        from core import mailer
+
+        try:
+            start, end = self.calculate_period()
+        except ValueError:
+            return None
+
+        try:
+            report = ClientReport.generate(
+                start,
+                end,
+                owner=self.owner,
+                schedule=self,
+                recipients=self.email_recipients,
+                disable_emails=self.disable_emails,
+            )
+            export, html_content = report.store_local_copy()
+        except Exception as exc:
+            self.notify_failure(str(exc))
+            raise
+
+        if not self.disable_emails:
+            to, cc = self.resolve_recipients()
+            if not to:
+                self.notify_failure("No recipients available for client report")
+                raise RuntimeError("No recipients available for client report")
+            else:
+                try:
+                    attachments = []
+                    html_name = Path(export["html_path"]).name
+                    attachments.append((html_name, html_content, "text/html"))
+                    json_file = Path(settings.BASE_DIR) / export["json_path"]
+                    if json_file.exists():
+                        attachments.append(
+                            (
+                                json_file.name,
+                                json_file.read_text(encoding="utf-8"),
+                                "application/json",
+                            )
+                        )
+                    subject = f"Client report {report.start_date} to {report.end_date}"
+                    body = (
+                        "Attached is the client report generated for the period "
+                        f"{report.start_date} to {report.end_date}."
+                    )
+                    mailer.send(
+                        subject,
+                        body,
+                        to,
+                        outbox=self.get_outbox(),
+                        cc=cc,
+                        attachments=attachments,
+                    )
+                    delivered = list(dict.fromkeys(to + (cc or [])))
+                    if delivered:
+                        type(report).objects.filter(pk=report.pk).update(
+                            recipients=delivered
+                        )
+                        report.recipients = delivered
+                except Exception as exc:
+                    self.notify_failure(str(exc))
+                    raise
+
+        now = timezone.now()
+        type(self).objects.filter(pk=self.pk).update(last_generated_on=now)
+        self.last_generated_on = now
+        return report
+
+
+class ClientReport(Entity):
+    """Snapshot of energy usage over a period."""
+
+    start_date = models.DateField()
+    end_date = models.DateField()
+    created_on = models.DateTimeField(auto_now_add=True)
+    data = models.JSONField(default=dict)
+    owner = models.ForeignKey(
+        settings.AUTH_USER_MODEL,
+        on_delete=models.SET_NULL,
+        null=True,
+        blank=True,
+        related_name="client_reports",
+    )
+    schedule = models.ForeignKey(
+        "ClientReportSchedule",
+        on_delete=models.SET_NULL,
+        null=True,
+        blank=True,
+        related_name="reports",
+    )
+    recipients = models.JSONField(default=list, blank=True)
+    disable_emails = models.BooleanField(default=False)
+
+    class Meta:
+        verbose_name = "Client Report"
+        verbose_name_plural = "Client Reports"
+        db_table = "core_client_report"
+        ordering = ["-created_on"]
+
+    @classmethod
+    def generate(
+        cls,
+        start_date,
+        end_date,
+        *,
+        owner=None,
+        schedule=None,
+        recipients: list[str] | None = None,
+        disable_emails: bool = False,
+    ):
+        rows = cls.build_rows(start_date, end_date)
+        return cls.objects.create(
+            start_date=start_date,
+            end_date=end_date,
+            data={"rows": rows},
+            owner=owner,
+            schedule=schedule,
+            recipients=list(recipients or []),
+            disable_emails=disable_emails,
+        )
+
+    def store_local_copy(self, html: str | None = None):
+        """Persist the report data and optional HTML rendering to disk."""
+
+        import json as _json
+        from django.template.loader import render_to_string
+
+        base_dir = Path(settings.BASE_DIR)
+        report_dir = base_dir / "work" / "reports"
+        report_dir.mkdir(parents=True, exist_ok=True)
+        timestamp = timezone.now().strftime("%Y%m%d%H%M%S")
+        identifier = f"client_report_{self.pk}_{timestamp}"
+
+        html_content = html or render_to_string(
+            "core/reports/client_report_email.html", {"report": self}
+        )
+        html_path = report_dir / f"{identifier}.html"
+        html_path.write_text(html_content, encoding="utf-8")
+
+        json_path = report_dir / f"{identifier}.json"
+        json_path.write_text(
+            _json.dumps(self.data, indent=2, default=str), encoding="utf-8"
+        )
+
+        def _relative(path: Path) -> str:
+            try:
+                return str(path.relative_to(base_dir))
+            except ValueError:
+                return str(path)
+
+        export = {
+            "html_path": _relative(html_path),
+            "json_path": _relative(json_path),
+        }
+
+        updated = dict(self.data)
+        updated["export"] = export
+        type(self).objects.filter(pk=self.pk).update(data=updated)
+        self.data = updated
+        return export, html_content
+
+    @staticmethod
+    def build_rows(start_date=None, end_date=None):
+        from collections import defaultdict
+        from ocpp.models import Transaction
+
+        qs = Transaction.objects.exclude(rfid="")
+        if start_date:
+            from datetime import datetime, time, timedelta, timezone as pytimezone
+
+            start_dt = datetime.combine(start_date, time.min, tzinfo=pytimezone.utc)
+            qs = qs.filter(start_time__gte=start_dt)
+        if end_date:
+            from datetime import datetime, time, timedelta, timezone as pytimezone
+
+            end_dt = datetime.combine(
+                end_date + timedelta(days=1), time.min, tzinfo=pytimezone.utc
+            )
+            qs = qs.filter(start_time__lt=end_dt)
+        data = defaultdict(lambda: {"kw": 0.0, "count": 0})
+        for tx in qs:
+            data[tx.rfid]["kw"] += tx.kw
+            data[tx.rfid]["count"] += 1
+        rows = []
+        for rfid_uid, stats in sorted(data.items()):
+            tag = RFID.objects.filter(rfid=rfid_uid).first()
+            if tag:
+                account = tag.energy_accounts.first()
+                if account:
+                    subject = account.name
+                else:
+                    subject = str(tag.label_id)
+            else:
+                subject = rfid_uid
+            rows.append(
+                {"subject": subject, "kw": stats["kw"], "count": stats["count"]}
+            )
+        return rows
+
+
+class BrandManager(EntityManager):
+    def get_by_natural_key(self, name: str):
+        return self.get(name=name)
+
+
 class Brand(Entity):
     """Vehicle manufacturer or brand."""
 
     name = models.CharField(max_length=100, unique=True)
 
+    objects = BrandManager()
+
     class Meta:
         verbose_name = _("EV Brand")
         verbose_name_plural = _("EV Brands")
@@ -962,6 +1603,9 @@ class Brand(Entity):
     def __str__(self) -> str:  # pragma: no cover - simple representation
         return self.name
 
+    def natural_key(self):  # pragma: no cover - simple representation
+        return (self.name,)
+
     @classmethod
     def from_vin(cls, vin: str) -> "Brand | None":
         """Return the brand matching the VIN's WMI prefix."""
@@ -990,6 +1634,48 @@ class EVModel(Entity):
 
     brand = models.ForeignKey(Brand, on_delete=models.CASCADE, related_name="ev_models")
     name = models.CharField(max_length=100)
+    battery_capacity_kwh = models.DecimalField(
+        max_digits=6,
+        decimal_places=2,
+        null=True,
+        blank=True,
+        verbose_name="Battery Capacity (kWh)",
+    )
+    est_battery_kwh = models.DecimalField(
+        max_digits=6,
+        decimal_places=2,
+        null=True,
+        blank=True,
+        verbose_name="Estimated Battery (kWh)",
+    )
+    ac_110v_power_kw = models.DecimalField(
+        max_digits=5,
+        decimal_places=2,
+        null=True,
+        blank=True,
+        verbose_name="110V AC (kW)",
+    )
+    ac_220v_power_kw = models.DecimalField(
+        max_digits=5,
+        decimal_places=2,
+        null=True,
+        blank=True,
+        verbose_name="220V AC (kW)",
+    )
+    dc_60_power_kw = models.DecimalField(
+        max_digits=5,
+        decimal_places=2,
+        null=True,
+        blank=True,
+        verbose_name="60kW DC (kW)",
+    )
+    dc_100_power_kw = models.DecimalField(
+        max_digits=5,
+        decimal_places=2,
+        null=True,
+        blank=True,
+        verbose_name="100kW DC (kW)",
+    )
 
     class Meta:
         unique_together = ("brand", "name")
@@ -1021,9 +1707,7 @@ class ElectricVehicle(Entity):
         related_name="vehicles",
     )
     vin = models.CharField(max_length=17, unique=True, verbose_name="VIN")
-    license_plate = models.CharField(
-        _("License Plate"), max_length=20, blank=True
-    )
+    license_plate = models.CharField(_("License Plate"), max_length=20, blank=True)
 
     def save(self, *args, **kwargs):
         if self.model and not self.brand:
@@ -1047,30 +1731,16 @@ class Product(Entity):
     name = models.CharField(max_length=100)
     description = models.TextField(blank=True)
     renewal_period = models.PositiveIntegerField(help_text="Renewal period in days")
+    odoo_product = models.JSONField(
+        null=True,
+        blank=True,
+        help_text="Selected product from Odoo (id and name)",
+    )
 
     def __str__(self) -> str:  # pragma: no cover - simple representation
         return self.name
 
 
-class Subscription(Entity):
-    """An energy account's subscription to a product."""
-
-    account = models.ForeignKey(EnergyAccount, on_delete=models.CASCADE)
-    product = models.ForeignKey(Product, on_delete=models.CASCADE)
-    start_date = models.DateField(auto_now_add=True)
-    next_renewal = models.DateField(blank=True)
-
-    def save(self, *args, **kwargs):
-        if not self.next_renewal:
-            self.next_renewal = self.start_date + timedelta(
-                days=self.product.renewal_period
-            )
-        super().save(*args, **kwargs)
-
-    def __str__(self) -> str:  # pragma: no cover - simple representation
-        return f"{self.account.user} -> {self.product}"
-
-
 class AdminHistory(Entity):
     """Record of recently visited admin changelists for a user."""
 
@@ -1093,11 +1763,48 @@ class AdminHistory(Entity):
         return model._meta.verbose_name_plural if model else self.content_type.name
 
 
-class ReleaseManager(Entity):
+class ReleaseManagerManager(EntityManager):
+    def get_by_natural_key(self, owner, package=None):
+        owner = owner or ""
+        if owner.startswith("group:"):
+            group_name = owner.split(":", 1)[1]
+            return self.get(group__name=group_name)
+        return self.get(user__username=owner)
+
+
+class PackageManager(EntityManager):
+    def get_by_natural_key(self, name):
+        return self.get(name=name)
+
+
+class PackageReleaseManager(EntityManager):
+    def get_by_natural_key(self, package, version):
+        return self.get(package__name=package, version=version)
+
+
+class ReleaseManager(Profile):
     """Store credentials for publishing packages."""
 
-    user = models.OneToOneField(
-        settings.AUTH_USER_MODEL, on_delete=models.CASCADE, related_name="release_manager"
+    objects = ReleaseManagerManager()
+
+    def natural_key(self):
+        owner = self.owner_display()
+        if self.group_id and owner:
+            owner = f"group:{owner}"
+
+        pkg_name = ""
+        if self.pk:
+            pkg = self.package_set.first()
+            pkg_name = pkg.name if pkg else ""
+
+        return (owner or "", pkg_name)
+
+    profile_fields = (
+        "pypi_username",
+        "pypi_token",
+        "github_token",
+        "pypi_password",
+        "pypi_url",
     )
     pypi_username = SigilShortAutoField("PyPI username", max_length=100, blank=True)
     pypi_token = SigilShortAutoField("PyPI token", max_length=200, blank=True)
@@ -1115,34 +1822,43 @@ class ReleaseManager(Entity):
     class Meta:
         verbose_name = "Release Manager"
         verbose_name_plural = "Release Managers"
+        constraints = [
+            models.CheckConstraint(
+                check=(
+                    (Q(user__isnull=False) & Q(group__isnull=True))
+                    | (Q(user__isnull=True) & Q(group__isnull=False))
+                ),
+                name="releasemanager_requires_owner",
+            )
+        ]
 
     def __str__(self) -> str:  # pragma: no cover - trivial
         return self.name
 
     @property
     def name(self) -> str:  # pragma: no cover - simple proxy
-        return self.user.get_username()
+        owner = self.owner_display()
+        return owner or ""
 
     def to_credentials(self) -> Credentials | None:
         """Return credentials for this release manager."""
         if self.pypi_token:
             return Credentials(token=self.pypi_token)
         if self.pypi_username and self.pypi_password:
-            return Credentials(
-                username=self.pypi_username, password=self.pypi_password
-            )
+            return Credentials(username=self.pypi_username, password=self.pypi_password)
         return None
 
 
 class Package(Entity):
     """Package details shared across releases."""
 
-    name = models.CharField(
-        max_length=100, default=DEFAULT_PACKAGE.name, unique=True
-    )
-    description = models.CharField(
-        max_length=255, default=DEFAULT_PACKAGE.description
-    )
+    objects = PackageManager()
+
+    def natural_key(self):
+        return (self.name,)
+
+    name = models.CharField(max_length=100, default=DEFAULT_PACKAGE.name, unique=True)
+    description = models.CharField(max_length=255, default=DEFAULT_PACKAGE.description)
     author = models.CharField(max_length=100, default=DEFAULT_PACKAGE.author)
     email = models.EmailField(default=DEFAULT_PACKAGE.email)
     python_requires = models.CharField(
@@ -1191,9 +1907,15 @@ class Package(Entity):
             homepage_url=self.homepage_url,
         )
 
+
 class PackageRelease(Entity):
     """Store metadata for a specific package version."""
 
+    objects = PackageReleaseManager()
+
+    def natural_key(self):
+        return (self.package.name, self.version)
+
     package = models.ForeignKey(
         Package, on_delete=models.CASCADE, related_name="releases"
     )
@@ -1218,10 +1940,15 @@ class PackageRelease(Entity):
 
     @classmethod
     def dump_fixture(cls) -> None:
-        path = Path("core/fixtures/releases.json")
-        path.parent.mkdir(parents=True, exist_ok=True)
-        data = serializers.serialize("json", cls.objects.all())
-        path.write_text(data)
+        base = Path("core/fixtures")
+        base.mkdir(parents=True, exist_ok=True)
+        for old in base.glob("releases__*.json"):
+            old.unlink()
+        for release in cls.objects.all():
+            name = f"releases__packagerelease_{release.version.replace('.', '_')}.json"
+            path = base / name
+            data = serializers.serialize("json", [release])
+            path.write_text(data)
 
     def __str__(self) -> str:  # pragma: no cover - trivial
         return f"{self.package.name} {self.version}"
@@ -1300,13 +2027,16 @@ class PackageRelease(Entity):
         self.save(update_fields=["revision"])
         PackageRelease.dump_fixture()
         if kwargs.get("git"):
+            from glob import glob
+
+            paths = sorted(glob("core/fixtures/releases__*.json"))
             diff = subprocess.run(
-                ["git", "status", "--porcelain", "core/fixtures/releases.json"],
+                ["git", "status", "--porcelain", *paths],
                 capture_output=True,
                 text=True,
             )
             if diff.stdout.strip():
-                release_utils._run(["git", "add", "core/fixtures/releases.json"])
+                release_utils._run(["git", "add", *paths])
                 release_utils._run(
                     [
                         "git",
@@ -1321,20 +2051,27 @@ class PackageRelease(Entity):
     def revision_short(self) -> str:
         return self.revision[-6:] if self.revision else ""
 
+
 # Ensure each RFID can only be linked to one energy account
 @receiver(m2m_changed, sender=EnergyAccount.rfids.through)
-def _rfid_unique_energy_account(sender, instance, action, reverse, model, pk_set, **kwargs):
+def _rfid_unique_energy_account(
+    sender, instance, action, reverse, model, pk_set, **kwargs
+):
     """Prevent associating an RFID with more than one energy account."""
     if action == "pre_add":
         if reverse:  # adding energy accounts to an RFID
             if instance.energy_accounts.exclude(pk__in=pk_set).exists():
-                raise ValidationError("RFID tags may only be assigned to one energy account.")
+                raise ValidationError(
+                    "RFID tags may only be assigned to one energy account."
+                )
         else:  # adding RFIDs to an energy account
             conflict = model.objects.filter(
                 pk__in=pk_set, energy_accounts__isnull=False
             ).exclude(energy_accounts=instance)
             if conflict.exists():
-                raise ValidationError("RFID tags may only be assigned to one energy account.")
+                raise ValidationError(
+                    "RFID tags may only be assigned to one energy account."
+                )
 
 
 def hash_key(key: str) -> str:
@@ -1343,7 +2080,7 @@ def hash_key(key: str) -> str:
     return hashlib.sha256(key.encode()).hexdigest()
 
 
-class ChatProfile(models.Model):
+class AssistantProfile(Profile):
     """Stores a hashed user key used by the assistant for authentication.
 
     The plain-text ``user_key`` is generated server-side and shown only once.
@@ -1352,9 +2089,7 @@ class ChatProfile(models.Model):
     """
 
     id = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)
-    user = models.OneToOneField(
-        settings.AUTH_USER_MODEL, on_delete=models.CASCADE, related_name="chat_profile"
-    )
+    profile_fields = ("user_key_hash", "scopes", "is_active")
     user_key_hash = models.CharField(max_length=64, unique=True)
     scopes = models.JSONField(default=list, blank=True)
     created_at = models.DateTimeField(auto_now_add=True)
@@ -1362,19 +2097,35 @@ class ChatProfile(models.Model):
     is_active = models.BooleanField(default=True)
 
     class Meta:
-        db_table = "workgroup_chatprofile"
-        verbose_name = "Chat Profile"
-        verbose_name_plural = "Chat Profiles"
+        db_table = "workgroup_assistantprofile"
+        verbose_name = "Assistant Profile"
+        verbose_name_plural = "Assistant Profiles"
+        constraints = [
+            models.CheckConstraint(
+                check=(
+                    (Q(user__isnull=False) & Q(group__isnull=True))
+                    | (Q(user__isnull=True) & Q(group__isnull=False))
+                ),
+                name="assistantprofile_requires_owner",
+            )
+        ]
 
     @classmethod
-    def issue_key(cls, user) -> tuple["ChatProfile", str]:
+    def issue_key(cls, user) -> tuple["AssistantProfile", str]:
         """Create or update a profile and return it with a new plain key."""
 
         key = secrets.token_hex(32)
         key_hash = hash_key(key)
+        if user is None:
+            raise ValueError("Assistant profiles require a user instance")
+
         profile, _ = cls.objects.update_or_create(
             user=user,
-            defaults={"user_key_hash": key_hash, "last_used_at": None, "is_active": True},
+            defaults={
+                "user_key_hash": key_hash,
+                "last_used_at": None,
+                "is_active": True,
+            },
         )
         return profile, key
 
@@ -1385,4 +2136,60 @@ class ChatProfile(models.Model):
         self.save(update_fields=["last_used_at"])
 
     def __str__(self) -> str:  # pragma: no cover - simple representation
-        return f"ChatProfile for {self.user}"
+        owner = self.owner_display()
+        return f"AssistantProfile for {owner}" if owner else "AssistantProfile"
+
+
+def validate_relative_url(value: str) -> None:
+    if not value:
+        return
+    parsed = urlparse(value)
+    if parsed.scheme or parsed.netloc or not value.startswith("/"):
+        raise ValidationError("URL must be relative")
+
+
+class TodoManager(EntityManager):
+    def get_by_natural_key(self, request: str):
+        return self.get(request=request)
+
+
+class Todo(Entity):
+    """Tasks requested for the Release Manager."""
+
+    request = models.CharField(max_length=255)
+    url = models.CharField(
+        max_length=200, blank=True, default="", validators=[validate_relative_url]
+    )
+    request_details = models.TextField(blank=True, default="")
+    done_on = models.DateTimeField(null=True, blank=True)
+
+    objects = TodoManager()
+
+    class Meta:
+        verbose_name = "TODO"
+        verbose_name_plural = "TODOs"
+        constraints = [
+            models.UniqueConstraint(
+                Lower("request"),
+                condition=Q(is_deleted=False),
+                name="unique_active_todo_request",
+            )
+        ]
+
+    def clean(self):
+        super().clean()
+        if (
+            Todo.objects.filter(request__iexact=self.request, is_deleted=False)
+            .exclude(pk=self.pk)
+            .exists()
+        ):
+            raise ValidationError({"request": "Similar TODO already exists."})
+
+    def __str__(self) -> str:  # pragma: no cover - simple representation
+        return self.request
+
+    def natural_key(self):
+        """Use the request field as the natural key."""
+        return (self.request,)
+
+    natural_key.dependencies = []