arthexis 0.1.9__py3-none-any.whl → 0.1.26__py3-none-any.whl

pages/apps.py

@@ -1,10 +1,45 @@
-from django.apps import AppConfig
-
-
-class PagesConfig(AppConfig):
-    default_auto_field = "django.db.models.BigAutoField"
-    name = "pages"
-    verbose_name = "7. Experience"
-
-    def ready(self):  # pragma: no cover - import for side effects
-        from . import checks  # noqa: F401
+import logging
+
+from django.apps import AppConfig
+from django.db import DatabaseError
+from django.db.backends.signals import connection_created
+
+
+logger = logging.getLogger(__name__)
+
+
+class PagesConfig(AppConfig):
+    default_auto_field = "django.db.models.BigAutoField"
+    name = "pages"
+    verbose_name = "7. Experience"
+    _view_history_purged = False
+
+    def ready(self):  # pragma: no cover - import for side effects
+        from . import checks  # noqa: F401
+        from . import site_config
+
+        site_config.ready()
+        connection_created.connect(
+            self._handle_connection_created,
+            dispatch_uid="pages_view_history_connection_created",
+            weak=False,
+        )
+
+    def _handle_connection_created(self, sender, connection, **kwargs):
+        if self._view_history_purged:
+            return
+        self._view_history_purged = True
+        self._purge_view_history()
+
+    def _purge_view_history(self, days: int = 15) -> None:
+        """Remove stale :class:`pages.models.ViewHistory` entries."""
+
+        from .models import ViewHistory
+
+        try:
+            deleted = ViewHistory.purge_older_than(days=days)
+        except DatabaseError:
+            logger.debug("Skipping view history purge; database unavailable", exc_info=True)
+        else:
+            if deleted:
+                logger.info("Purged %s view history entries older than %s days", deleted, days)

pages/checks.py

@@ -1,40 +1,40 @@
-import inspect
-
-from django.core.checks import Warning, register
-from django.urls.resolvers import URLPattern, URLResolver
-
-from config import urls as project_urls
-
-
-def _collect_checks(resolver: URLResolver, errors: list, prefix: str = ""):
-    for pattern in resolver.url_patterns:
-        if isinstance(pattern, URLResolver):
-            _collect_checks(pattern, errors, prefix + pattern.pattern._route)
-        elif isinstance(pattern, URLPattern):
-            view = pattern.callback
-            if getattr(view, "landing", False):
-                sig = inspect.signature(view)
-                params = list(sig.parameters.values())
-                if params and params[0].name == "request":
-                    params = params[1:]
-                has_required = any(
-                    p.default is inspect._empty
-                    and p.kind in (p.POSITIONAL_ONLY, p.POSITIONAL_OR_KEYWORD)
-                    for p in params
-                )
-                if has_required:
-                    errors.append(
-                        Warning(
-                            f'Landing view "{view.__module__}.{view.__name__}" requires URL parameters and cannot be a landing page.',
-                            id="pages.W001",
-                        )
-                    )
-
-
-@register()
-def landing_views_have_no_args(app_configs, **kwargs):
-    errors: list = []
-    for p in project_urls.urlpatterns:
-        if isinstance(p, URLResolver):
-            _collect_checks(p, errors, p.pattern._route)
-    return errors
+import inspect
+
+from django.core.checks import Warning, register
+from django.urls.resolvers import URLPattern, URLResolver
+
+from config import urls as project_urls
+
+
+def _collect_checks(resolver: URLResolver, errors: list, prefix: str = ""):
+    for pattern in resolver.url_patterns:
+        if isinstance(pattern, URLResolver):
+            _collect_checks(pattern, errors, prefix + pattern.pattern._route)
+        elif isinstance(pattern, URLPattern):
+            view = pattern.callback
+            if getattr(view, "landing", False):
+                sig = inspect.signature(view)
+                params = list(sig.parameters.values())
+                if params and params[0].name == "request":
+                    params = params[1:]
+                has_required = any(
+                    p.default is inspect._empty
+                    and p.kind in (p.POSITIONAL_ONLY, p.POSITIONAL_OR_KEYWORD)
+                    for p in params
+                )
+                if has_required:
+                    errors.append(
+                        Warning(
+                            f'Landing view "{view.__module__}.{view.__name__}" requires URL parameters and cannot be a landing page.',
+                            id="pages.W001",
+                        )
+                    )
+
+
+@register()
+def landing_views_have_no_args(app_configs, **kwargs):
+    errors: list = []
+    for p in project_urls.urlpatterns:
+        if isinstance(p, URLResolver):
+            _collect_checks(p, errors, p.pattern._route)
+    return errors

pages/context_processors.py

@@ -1,85 +1,151 @@
-from utils.sites import get_site
-from django.urls import Resolver404, resolve
-from django.conf import settings
-from pathlib import Path
-from types import SimpleNamespace
-from nodes.models import Node
-from .models import Module
-
-_favicon_path = Path(settings.BASE_DIR) / "pages" / "fixtures" / "data" / "favicon.txt"
-try:
-    _DEFAULT_FAVICON = f"data:image/png;base64,{_favicon_path.read_text().strip()}"
-except OSError:
-    _DEFAULT_FAVICON = ""
-
-
-def nav_links(request):
-    """Provide navigation links for the current site."""
-    site = get_site(request)
-    node = Node.get_local()
-    role = node.role if node else None
-    if role:
-        modules = (
-            Module.objects.filter(node_role=role, is_deleted=False)
-            .select_related("application")
-            .prefetch_related("landings")
-        )
-    else:
-        modules = []
-
-    valid_modules = []
-    current_module = None
-    for module in modules:
-        landings = []
-        for landing in module.landings.filter(enabled=True):
-            try:
-                match = resolve(landing.path)
-            except Resolver404:
-                continue
-            view_func = match.func
-            requires_login = getattr(view_func, "login_required", False) or hasattr(
-                view_func, "login_url"
-            )
-            staff_only = getattr(view_func, "staff_required", False)
-            if requires_login and not request.user.is_authenticated:
-                continue
-            if staff_only and not request.user.is_staff:
-                continue
-            landings.append(landing)
-        if landings:
-            module.enabled_landings = landings
-            valid_modules.append(module)
-            if request.path.startswith(module.path):
-                if current_module is None or len(module.path) > len(
-                    current_module.path
-                ):
-                    current_module = module
-
-    datasette_lock = Path(settings.BASE_DIR) / "locks" / "datasette.lck"
-    if datasette_lock.exists():
-        datasette_module = SimpleNamespace(
-            menu_label="Data",
-            path="/data/",
-            enabled_landings=[SimpleNamespace(path="/data/", label="Datasette")],
-        )
-        valid_modules.append(datasette_module)
-
-    valid_modules.sort(key=lambda m: m.menu_label.lower())
-
-    if current_module and current_module.favicon:
-        favicon_url = current_module.favicon.url
-    else:
-        favicon_url = None
-        if site:
-            try:
-                if site.badge.favicon:
-                    favicon_url = site.badge.favicon.url
-            except Exception:
-                pass
-        if not favicon_url:
-            favicon_url = _DEFAULT_FAVICON
-
-    return {
-        "nav_modules": valid_modules,
-        "favicon_url": favicon_url,
-    }
+from utils.sites import get_site
+from django.urls import Resolver404, resolve
+from django.conf import settings
+from pathlib import Path
+from nodes.models import Node
+from core.models import Reference
+from core.reference_utils import filter_visible_references
+from .models import Module
+
+_FAVICON_DIR = Path(settings.BASE_DIR) / "pages" / "fixtures" / "data"
+_FAVICON_FILENAMES = {
+    "default": "favicon.txt",
+    "Watchtower": "favicon_watchtower.txt",
+    "Constellation": "favicon_watchtower.txt",
+    "Control": "favicon_control.txt",
+    "Satellite": "favicon_satellite.txt",
+}
+
+
+def _load_favicon(filename: str) -> str:
+    path = _FAVICON_DIR / filename
+    try:
+        return f"data:image/png;base64,{path.read_text().strip()}"
+    except OSError:
+        return ""
+
+
+_DEFAULT_FAVICON = _load_favicon(_FAVICON_FILENAMES["default"])
+_ROLE_FAVICONS = {
+    role: (_load_favicon(filename) or _DEFAULT_FAVICON)
+    for role, filename in _FAVICON_FILENAMES.items()
+    if role != "default"
+}
+
+
+def nav_links(request):
+    """Provide navigation links for the current site."""
+    site = get_site(request)
+    node = Node.get_local()
+    role = node.role if node else None
+    if role:
+        modules = (
+            Module.objects.filter(node_role=role, is_deleted=False)
+            .select_related("application")
+            .prefetch_related("landings")
+        )
+    else:
+        modules = []
+
+    valid_modules = []
+    current_module = None
+    user = getattr(request, "user", None)
+    user_is_authenticated = getattr(user, "is_authenticated", False)
+    user_is_superuser = getattr(user, "is_superuser", False)
+    if user_is_authenticated:
+        user_group_names = set(user.groups.values_list("name", flat=True))
+    else:
+        user_group_names = set()
+    for module in modules:
+        landings = []
+        for landing in module.landings.filter(enabled=True):
+            try:
+                match = resolve(landing.path)
+            except Resolver404:
+                continue
+            view_func = match.func
+            requires_login = bool(getattr(view_func, "login_required", False))
+            if not requires_login and hasattr(view_func, "login_url"):
+                requires_login = True
+            staff_only = getattr(view_func, "staff_required", False)
+            required_groups = getattr(
+                view_func, "required_security_groups", frozenset()
+            )
+            blocked_reason = None
+            if required_groups:
+                requires_login = True
+                if not user_is_authenticated:
+                    blocked_reason = "login"
+                elif not user_is_superuser and not (
+                    user_group_names & set(required_groups)
+                ):
+                    blocked_reason = "permission"
+            elif requires_login and not user_is_authenticated:
+                blocked_reason = "login"
+
+            if staff_only and not getattr(request.user, "is_staff", False):
+                if blocked_reason != "login":
+                    blocked_reason = "permission"
+
+            landing.nav_is_locked = bool(blocked_reason)
+            landing.nav_lock_reason = blocked_reason
+            landings.append(landing)
+        if landings:
+            normalized_module_path = module.path.rstrip("/") or "/"
+            if normalized_module_path == "/read":
+                primary_landings = [
+                    landing
+                    for landing in landings
+                    if landing.path.rstrip("/") == normalized_module_path
+                ]
+                if primary_landings:
+                    landings = primary_landings
+                else:
+                    landings = [landings[0]]
+            app_name = getattr(module.application, "name", "").lower()
+            if app_name == "awg":
+                module.menu = "Calculators"
+            elif module.path.rstrip("/").lower() == "/man":
+                module.menu = "Manual"
+            module.enabled_landings = landings
+            valid_modules.append(module)
+            if request.path.startswith(module.path):
+                if current_module is None or len(module.path) > len(
+                    current_module.path
+                ):
+                    current_module = module
+
+
+    valid_modules.sort(key=lambda m: m.menu_label.lower())
+
+    if current_module and current_module.favicon:
+        favicon_url = current_module.favicon.url
+    else:
+        favicon_url = None
+        if site:
+            try:
+                if site.badge.favicon:
+                    favicon_url = site.badge.favicon.url
+            except Exception:
+                pass
+        if not favicon_url:
+            role_name = getattr(getattr(node, "role", None), "name", "")
+            favicon_url = _ROLE_FAVICONS.get(role_name, _DEFAULT_FAVICON) or _DEFAULT_FAVICON
+
+    header_refs_qs = (
+        Reference.objects.filter(show_in_header=True)
+        .exclude(value="")
+        .prefetch_related("roles", "features", "sites")
+    )
+    header_references = filter_visible_references(
+        header_refs_qs,
+        request=request,
+        site=site,
+        node=node,
+    )
+
+    return {
+        "nav_modules": valid_modules,
+        "favicon_url": favicon_url,
+        "header_references": header_references,
+    }

pages/defaults.py

@@ -0,0 +1,13 @@
+"""Default configuration for the pages application."""
+from __future__ import annotations
+
+from typing import Dict
+
+DEFAULT_APPLICATION_DESCRIPTIONS: Dict[str, str] = {
+    "awg": "Power, Energy and Cost calculations.",
+    "core": "Support for Business Processes and monetization.",
+    "ocpp": "Compatibility with Standards and Good Practices.",
+    "nodes": "System and Node-level operations.",
+    "pages": "User QA, Continuity Design and Chaos Testing.",
+    "teams": "Identity, Entitlements and Access Controls.",
+}

pages/forms.py

@@ -0,0 +1,221 @@
+"""Forms for the pages app."""
+
+from __future__ import annotations
+
+from django import forms
+from django.contrib.auth import authenticate
+from django.contrib.auth.forms import AuthenticationForm
+from django.core.exceptions import ValidationError
+from django.utils.translation import gettext_lazy as _
+from django.views.decorators.debug import sensitive_variables
+
+from core.form_fields import Base64FileField
+
+from .models import UserManual, UserStory
+
+
+class AuthenticatorLoginForm(AuthenticationForm):
+    """Authentication form that supports password or authenticator codes."""
+
+    otp_token = forms.CharField(
+        label=_("Authenticator code"),
+        required=False,
+        widget=forms.TextInput(
+            attrs={
+                "autocomplete": "one-time-code",
+                "inputmode": "numeric",
+                "pattern": "[0-9]*",
+            }
+        ),
+    )
+    auth_method = forms.CharField(required=False, widget=forms.HiddenInput(), initial="password")
+
+    error_messages = {
+        **AuthenticationForm.error_messages,
+        "invalid_token": _("The authenticator code is invalid or has expired."),
+        "token_required": _("Enter the code from your authenticator app."),
+        "password_required": _("Enter your password."),
+    }
+
+    def __init__(self, request=None, *args, **kwargs):
+        super().__init__(request=request, *args, **kwargs)
+        self.fields["password"].required = False
+        self.fields["otp_token"].strip = True
+        self.fields["auth_method"].initial = "password"
+        self.verified_device = None
+
+    def get_invalid_token_error(self) -> ValidationError:
+        return ValidationError(self.error_messages["invalid_token"], code="invalid_token")
+
+    def get_token_required_error(self) -> ValidationError:
+        return ValidationError(self.error_messages["token_required"], code="token_required")
+
+    def get_password_required_error(self) -> ValidationError:
+        return ValidationError(self.error_messages["password_required"], code="password_required")
+
+    @sensitive_variables()
+    def clean(self):
+        username = self.cleaned_data.get("username")
+        method = (self.cleaned_data.get("auth_method") or "password").lower()
+        if method not in {"password", "otp"}:
+            method = "password"
+        self.cleaned_data["auth_method"] = method
+
+        if username is not None:
+            if method == "otp":
+                token = (self.cleaned_data.get("otp_token") or "").strip().replace(" ", "")
+                if not token:
+                    raise self.get_token_required_error()
+                self.user_cache = authenticate(
+                    self.request,
+                    username=username,
+                    otp_token=token,
+                )
+                if self.user_cache is None:
+                    raise self.get_invalid_token_error()
+                self.cleaned_data["otp_token"] = token
+                self.verified_device = getattr(self.user_cache, "otp_device", None)
+            else:
+                password = self.cleaned_data.get("password")
+                if not password:
+                    raise self.get_password_required_error()
+                self.user_cache = authenticate(
+                    self.request, username=username, password=password
+                )
+                if self.user_cache is None:
+                    raise self.get_invalid_login_error()
+            self.confirm_login_allowed(self.user_cache)
+
+        return self.cleaned_data
+
+    def get_verified_device(self):
+        return self.verified_device
+
+
+class AuthenticatorEnrollmentForm(forms.Form):
+    """Form used to confirm a pending authenticator enrollment."""
+
+    token = forms.CharField(
+        label=_("Authenticator code"),
+        min_length=6,
+        max_length=8,
+        widget=forms.TextInput(
+            attrs={
+                "autocomplete": "one-time-code",
+                "inputmode": "numeric",
+                "pattern": "[0-9]*",
+            }
+        ),
+    )
+
+    error_messages = {
+        "invalid_token": _("The provided code is invalid or has expired."),
+        "missing_device": _("Generate a new authenticator secret before confirming it."),
+    }
+
+    def __init__(self, *args, device=None, **kwargs):
+        self.device = device
+        super().__init__(*args, **kwargs)
+
+    def clean_token(self):
+        token = (self.cleaned_data.get("token") or "").strip().replace(" ", "")
+        if not token:
+            raise forms.ValidationError(self.error_messages["invalid_token"], code="invalid_token")
+        if self.device is None:
+            raise forms.ValidationError(self.error_messages["missing_device"], code="missing_device")
+        try:
+            verified = self.device.verify_token(token)
+        except Exception:
+            verified = False
+        if not verified:
+            raise forms.ValidationError(self.error_messages["invalid_token"], code="invalid_token")
+        return token
+
+    def get_verified_device(self):
+        return self.device
+
+
+_manual_pdf_field = UserManual._meta.get_field("content_pdf")
+
+
+class UserManualAdminForm(forms.ModelForm):
+    content_pdf = Base64FileField(
+        label=_manual_pdf_field.verbose_name,
+        help_text=_manual_pdf_field.help_text,
+        required=not _manual_pdf_field.blank,
+        content_type="application/pdf",
+        download_name="manual.pdf",
+    )
+
+    class Meta:
+        model = UserManual
+        fields = "__all__"
+
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        instance = getattr(self, "instance", None)
+        slug = getattr(instance, "slug", "")
+        if slug:
+            self.fields["content_pdf"].widget.download_name = f"{slug}.pdf"
+        self.fields["content_pdf"].widget.attrs.setdefault(
+            "accept", "application/pdf"
+        )
+
+
+class UserStoryForm(forms.ModelForm):
+    class Meta:
+        model = UserStory
+        fields = ("name", "rating", "comments", "take_screenshot", "path")
+        widgets = {
+            "path": forms.HiddenInput(),
+            "comments": forms.Textarea(attrs={"rows": 4, "maxlength": 400}),
+        }
+
+    def __init__(self, *args, user=None, **kwargs):
+        self.user = user
+        super().__init__(*args, **kwargs)
+
+        if user is not None and user.is_authenticated:
+            name_field = self.fields["name"]
+            name_field.required = False
+            name_field.label = _("Username")
+            name_field.initial = (user.get_username() or "")[:40]
+            name_field.widget.attrs.update(
+                {
+                    "maxlength": 40,
+                    "readonly": "readonly",
+                }
+            )
+        else:
+            self.fields["name"] = forms.EmailField(
+                label=_("Email address"),
+                max_length=40,
+                required=True,
+                widget=forms.EmailInput(
+                    attrs={
+                        "maxlength": 40,
+                        "placeholder": _("name@example.com"),
+                        "autocomplete": "email",
+                        "inputmode": "email",
+                    }
+                ),
+            )
+        self.fields["take_screenshot"].initial = True
+        self.fields["rating"].widget = forms.RadioSelect(
+            choices=[(i, str(i)) for i in range(1, 6)]
+        )
+
+    def clean_comments(self):
+        comments = (self.cleaned_data.get("comments") or "").strip()
+        if len(comments) > 400:
+            raise forms.ValidationError(
+                _("Feedback must be 400 characters or fewer."), code="max_length"
+            )
+        return comments
+
+    def clean_name(self):
+        if self.user is not None and self.user.is_authenticated:
+            return (self.user.get_username() or "")[:40]
+
+        name = (self.cleaned_data.get("name") or "").strip()
+        return name[:40]